@sudobility/entity_service 1.0.7 → 1.0.8

package/dist/helpers/InvitationHelper.cjs

@@ -1,256 +0,0 @@
-"use strict";
-/**
- * @fileoverview Entity Invitation Helper Class
- * @description Operations for managing entity invitations
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.InvitationHelper = void 0;
-const drizzle_orm_1 = require("drizzle-orm");
-const types_1 = require("../types");
-const utils_1 = require("../utils");
-/**
- * Helper class for entity invitation operations.
- */
-class InvitationHelper {
-    constructor(config) {
-        this.config = config;
-    }
-    /**
-     * Create an invitation to join an entity.
-     */
-    async createInvitation(entityId, invitedByUserId, request) {
-        // Check if user is already an active member
-        // Note: We only check active members so previously removed users can be re-invited
-        const existingMember = await this.config.db
-            .select()
-            .from(this.config.membersTable)
-            .innerJoin(this.config.usersTable, (0, drizzle_orm_1.eq)(this.config.membersTable.user_id, this.config.usersTable.firebase_uid))
-            .where((0, drizzle_orm_1.and)((0, drizzle_orm_1.eq)(this.config.membersTable.entity_id, entityId), (0, drizzle_orm_1.eq)(this.config.usersTable.email, request.email), (0, drizzle_orm_1.eq)(this.config.membersTable.is_active, true)))
-            .limit(1);
-        if (existingMember.length > 0) {
-            throw new Error('User is already an active member of this entity');
-        }
-        // Check for existing pending invitation
-        const existingInvite = await this.config.db
-            .select()
-            .from(this.config.invitationsTable)
-            .where((0, drizzle_orm_1.and)((0, drizzle_orm_1.eq)(this.config.invitationsTable.entity_id, entityId), (0, drizzle_orm_1.eq)(this.config.invitationsTable.email, request.email), (0, drizzle_orm_1.eq)(this.config.invitationsTable.status, types_1.InvitationStatus.PENDING)))
-            .limit(1);
-        if (existingInvite.length > 0) {
-            throw new Error('An invitation is already pending for this email');
-        }
-        const token = (0, utils_1.generateInvitationToken)();
-        const expiresAt = (0, utils_1.calculateInvitationExpiry)();
-        const [invitation] = await this.config.db
-            .insert(this.config.invitationsTable)
-            .values({
-            entity_id: entityId,
-            email: request.email,
-            role: request.role,
-            status: types_1.InvitationStatus.PENDING,
-            invited_by_user_id: invitedByUserId,
-            token,
-            expires_at: new Date(expiresAt),
-        })
-            .returning();
-        return this.mapRecordToInvitation(invitation);
-    }
-    /**
-     * Get an invitation by token.
-     */
-    async getInvitationByToken(token) {
-        const results = await this.config.db
-            .select()
-            .from(this.config.invitationsTable)
-            .where((0, drizzle_orm_1.eq)(this.config.invitationsTable.token, token))
-            .limit(1);
-        if (results.length === 0) {
-            return null;
-        }
-        return this.mapRecordToInvitation(results[0]);
-    }
-    /**
-     * Get an invitation by ID.
-     */
-    async getInvitation(invitationId) {
-        const results = await this.config.db
-            .select()
-            .from(this.config.invitationsTable)
-            .where((0, drizzle_orm_1.eq)(this.config.invitationsTable.id, invitationId))
-            .limit(1);
-        if (results.length === 0) {
-            return null;
-        }
-        return this.mapRecordToInvitation(results[0]);
-    }
-    /**
-     * Get all invitations for an entity.
-     */
-    async getEntityInvitations(entityId, options) {
-        // Build conditions
-        const conditions = [(0, drizzle_orm_1.eq)(this.config.invitationsTable.entity_id, entityId)];
-        if (options?.status) {
-            conditions.push((0, drizzle_orm_1.eq)(this.config.invitationsTable.status, options.status));
-        }
-        let query = this.config.db
-            .select()
-            .from(this.config.invitationsTable)
-            .where((0, drizzle_orm_1.and)(...conditions))
-            .$dynamic();
-        if (options?.limit) {
-            query = query.limit(options.limit);
-        }
-        if (options?.offset) {
-            query = query.offset(options.offset);
-        }
-        const results = await query;
-        return results.map((r) => this.mapRecordToInvitation(r));
-    }
-    /**
-     * Get all pending invitations for a user email.
-     */
-    async getUserPendingInvitations(email) {
-        const results = await this.config.db
-            .select({
-            invitation: this.config.invitationsTable,
-            entity: this.config.entitiesTable,
-        })
-            .from(this.config.invitationsTable)
-            .innerJoin(this.config.entitiesTable, (0, drizzle_orm_1.eq)(this.config.invitationsTable.entity_id, this.config.entitiesTable.id))
-            .where((0, drizzle_orm_1.and)((0, drizzle_orm_1.eq)(this.config.invitationsTable.email, email), (0, drizzle_orm_1.eq)(this.config.invitationsTable.status, types_1.InvitationStatus.PENDING)));
-        return results.map(({ invitation, entity }) => ({
-            ...this.mapRecordToInvitation(invitation),
-            entity: {
-                id: entity.id,
-                entitySlug: entity.entity_slug,
-                entityType: entity.entity_type,
-                displayName: entity.display_name,
-                description: entity.description,
-                avatarUrl: entity.avatar_url,
-                createdAt: entity.created_at?.toISOString() ?? new Date().toISOString(),
-                updatedAt: entity.updated_at?.toISOString() ?? new Date().toISOString(),
-            },
-        }));
-    }
-    /**
-     * Accept an invitation.
-     * @param token - The invitation token
-     * @param firebaseUid - The Firebase UID of the user accepting
-     */
-    async acceptInvitation(token, firebaseUid) {
-        const invitation = await this.getInvitationByToken(token);
-        if (!invitation) {
-            throw new Error('Invitation not found');
-        }
-        if (invitation.status !== types_1.InvitationStatus.PENDING) {
-            throw new Error('Invitation is no longer pending');
-        }
-        if (new Date(invitation.expiresAt) < new Date()) {
-            // Mark as expired
-            await this.config.db
-                .update(this.config.invitationsTable)
-                .set({
-                status: types_1.InvitationStatus.EXPIRED,
-                updated_at: new Date(),
-            })
-                .where((0, drizzle_orm_1.eq)(this.config.invitationsTable.id, invitation.id));
-            throw new Error('Invitation has expired');
-        }
-        // Add user as member with active status
-        await this.config.db.insert(this.config.membersTable).values({
-            entity_id: invitation.entityId,
-            user_id: firebaseUid,
-            role: invitation.role,
-            is_active: true,
-        });
-        // Mark invitation as accepted
-        await this.config.db
-            .update(this.config.invitationsTable)
-            .set({
-            status: types_1.InvitationStatus.ACCEPTED,
-            accepted_at: new Date(),
-            updated_at: new Date(),
-        })
-            .where((0, drizzle_orm_1.eq)(this.config.invitationsTable.id, invitation.id));
-    }
-    /**
-     * Decline an invitation.
-     */
-    async declineInvitation(token) {
-        const invitation = await this.getInvitationByToken(token);
-        if (!invitation) {
-            throw new Error('Invitation not found');
-        }
-        if (invitation.status !== types_1.InvitationStatus.PENDING) {
-            throw new Error('Invitation is no longer pending');
-        }
-        await this.config.db
-            .update(this.config.invitationsTable)
-            .set({
-            status: types_1.InvitationStatus.DECLINED,
-            updated_at: new Date(),
-        })
-            .where((0, drizzle_orm_1.eq)(this.config.invitationsTable.id, invitation.id));
-    }
-    /**
-     * Cancel an invitation (by entity admin).
-     */
-    async cancelInvitation(invitationId) {
-        await this.config.db
-            .delete(this.config.invitationsTable)
-            .where((0, drizzle_orm_1.eq)(this.config.invitationsTable.id, invitationId));
-    }
-    /**
-     * Process pending invitations for a new user.
-     * Called when a user signs up to auto-accept any pending invitations.
-     * @param firebaseUid - The Firebase UID of the new user
-     * @param email - The user's email to match invitations
-     */
-    async processNewUserInvitations(firebaseUid, email) {
-        const pendingInvitations = await this.getUserPendingInvitations(email);
-        for (const invitation of pendingInvitations) {
-            try {
-                await this.acceptInvitation(invitation.token, firebaseUid);
-            }
-            catch (error) {
-                // Log but don't fail - user account creation is more important
-                console.error(`Failed to auto-accept invitation ${invitation.id}:`, error);
-            }
-        }
-    }
-    /**
-     * Expire old invitations.
-     * Should be called periodically (e.g., by a cron job).
-     */
-    async expireOldInvitations() {
-        const result = await this.config.db
-            .update(this.config.invitationsTable)
-            .set({
-            status: types_1.InvitationStatus.EXPIRED,
-            updated_at: new Date(),
-        })
-            .where((0, drizzle_orm_1.and)((0, drizzle_orm_1.eq)(this.config.invitationsTable.status, types_1.InvitationStatus.PENDING), (0, drizzle_orm_1.lt)(this.config.invitationsTable.expires_at, new Date())))
-            .returning();
-        return result.length;
-    }
-    /**
-     * Map database record to EntityInvitation type.
-     */
-    mapRecordToInvitation(record) {
-        return {
-            id: record.id,
-            entityId: record.entity_id,
-            email: record.email,
-            role: record.role,
-            status: record.status,
-            invitedByUserId: record.invited_by_user_id,
-            token: record.token,
-            expiresAt: record.expires_at?.toISOString() ?? new Date().toISOString(),
-            acceptedAt: record.accepted_at?.toISOString() ?? null,
-            createdAt: record.created_at?.toISOString() ?? new Date().toISOString(),
-            updatedAt: record.updated_at?.toISOString() ?? new Date().toISOString(),
-        };
-    }
-}
-exports.InvitationHelper = InvitationHelper;
-//# sourceMappingURL=InvitationHelper.js.map

package/dist/helpers/PermissionHelper.cjs

@@ -1,193 +0,0 @@
-"use strict";
-/**
- * @fileoverview Entity Permission Helper Class
- * @description Permission checking for entity operations
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.PermissionHelper = void 0;
-const drizzle_orm_1 = require("drizzle-orm");
-const types_1 = require("../types");
-/**
- * Helper class for entity permission checks.
- */
-class PermissionHelper {
-    constructor(config) {
-        this.config = config;
-    }
-    /**
-     * Get a user's role in an entity.
-     * Only returns role for active members.
-     */
-    async getUserRole(entityId, userId) {
-        const results = await this.config.db
-            .select({ role: this.config.membersTable.role })
-            .from(this.config.membersTable)
-            .where((0, drizzle_orm_1.and)((0, drizzle_orm_1.eq)(this.config.membersTable.entity_id, entityId), (0, drizzle_orm_1.eq)(this.config.membersTable.user_id, userId), (0, drizzle_orm_1.eq)(this.config.membersTable.is_active, true)))
-            .limit(1);
-        if (results.length === 0) {
-            return null;
-        }
-        return results[0].role;
-    }
-    /**
-     * Get permissions for a role.
-     */
-    getPermissionsForRole(role) {
-        return types_1.ROLE_PERMISSIONS[role];
-    }
-    /**
-     * Get a user's permissions for an entity.
-     */
-    async getUserPermissions(entityId, userId) {
-        const role = await this.getUserRole(entityId, userId);
-        if (!role) {
-            return null;
-        }
-        return this.getPermissionsForRole(role);
-    }
-    /**
-     * Check if user is a member of an entity.
-     */
-    async isMember(entityId, userId) {
-        const role = await this.getUserRole(entityId, userId);
-        return role !== null;
-    }
-    /**
-     * Check if user is an admin of an entity.
-     * Owner also has admin privileges.
-     */
-    async isAdmin(entityId, userId) {
-        const role = await this.getUserRole(entityId, userId);
-        return role === types_1.EntityRole.ADMIN || role === types_1.EntityRole.OWNER;
-    }
-    /**
-     * Check if user is the owner of an entity.
-     * Determined by role = 'owner' in entity_members.
-     */
-    async isOwner(entityId, userId) {
-        const role = await this.getUserRole(entityId, userId);
-        return role === types_1.EntityRole.OWNER;
-    }
-    /**
-     * Check if user can view an entity.
-     */
-    async canViewEntity(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canViewEntity ?? false;
-    }
-    /**
-     * Check if user can edit an entity.
-     */
-    async canEditEntity(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canEditEntity ?? false;
-    }
-    /**
-     * Check if user can delete an entity.
-     */
-    async canDeleteEntity(entityId, userId) {
-        // First check if it's a personal entity (cannot be deleted)
-        const entity = await this.config.db
-            .select({ entityType: this.config.entitiesTable.entity_type })
-            .from(this.config.entitiesTable)
-            .where((0, drizzle_orm_1.eq)(this.config.entitiesTable.id, entityId))
-            .limit(1);
-        if (entity.length === 0) {
-            return false;
-        }
-        if (entity[0].entityType === types_1.EntityType.PERSONAL) {
-            return false;
-        }
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canDeleteEntity ?? false;
-    }
-    /**
-     * Check if user can manage members.
-     */
-    async canManageMembers(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canManageMembers ?? false;
-    }
-    /**
-     * Check if user can invite members.
-     */
-    async canInviteMembers(entityId, userId) {
-        // Check if it's a personal entity (no invitations allowed)
-        const entity = await this.config.db
-            .select({ entityType: this.config.entitiesTable.entity_type })
-            .from(this.config.entitiesTable)
-            .where((0, drizzle_orm_1.eq)(this.config.entitiesTable.id, entityId))
-            .limit(1);
-        if (entity.length === 0) {
-            return false;
-        }
-        if (entity[0].entityType === types_1.EntityType.PERSONAL) {
-            return false;
-        }
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canInviteMembers ?? false;
-    }
-    /**
-     * Check if user can create projects.
-     */
-    async canCreateProjects(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canCreateProjects ?? false;
-    }
-    /**
-     * Check if user can manage projects.
-     */
-    async canManageProjects(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canManageProjects ?? false;
-    }
-    /**
-     * Check if user can view projects.
-     */
-    async canViewProjects(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canViewProjects ?? false;
-    }
-    /**
-     * Check if user can manage API keys.
-     */
-    async canManageApiKeys(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canManageApiKeys ?? false;
-    }
-    /**
-     * Check if user can view API keys.
-     */
-    async canViewApiKeys(entityId, userId) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        return permissions?.canViewApiKeys ?? false;
-    }
-    /**
-     * Assert that a user has a specific permission.
-     * Throws an error if the user lacks the permission.
-     */
-    async assertPermission(entityId, userId, permission, errorMessage) {
-        const permissions = await this.getUserPermissions(entityId, userId);
-        if (!permissions) {
-            throw new Error(errorMessage ?? 'User is not a member of this entity');
-        }
-        if (!permissions[permission]) {
-            throw new Error(errorMessage ?? `User lacks permission: ${String(permission)}`);
-        }
-    }
-    /**
-     * Get the minimum role required for a permission.
-     */
-    getMinimumRoleForPermission(permission) {
-        // Check from lowest to highest privilege
-        const roles = [types_1.EntityRole.MEMBER, types_1.EntityRole.ADMIN, types_1.EntityRole.OWNER];
-        for (const role of roles) {
-            if (types_1.ROLE_PERMISSIONS[role][permission]) {
-                return role;
-            }
-        }
-        return null;
-    }
-}
-exports.PermissionHelper = PermissionHelper;
-//# sourceMappingURL=PermissionHelper.js.map

package/dist/helpers/index.cjs

@@ -1,15 +0,0 @@
-"use strict";
-/**
- * @fileoverview Helper Exports
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.PermissionHelper = exports.InvitationHelper = exports.EntityMemberHelper = exports.EntityHelper = void 0;
-var EntityHelper_1 = require("./EntityHelper");
-Object.defineProperty(exports, "EntityHelper", { enumerable: true, get: function () { return EntityHelper_1.EntityHelper; } });
-var EntityMemberHelper_1 = require("./EntityMemberHelper");
-Object.defineProperty(exports, "EntityMemberHelper", { enumerable: true, get: function () { return EntityMemberHelper_1.EntityMemberHelper; } });
-var InvitationHelper_1 = require("./InvitationHelper");
-Object.defineProperty(exports, "InvitationHelper", { enumerable: true, get: function () { return InvitationHelper_1.InvitationHelper; } });
-var PermissionHelper_1 = require("./PermissionHelper");
-Object.defineProperty(exports, "PermissionHelper", { enumerable: true, get: function () { return PermissionHelper_1.PermissionHelper; } });
-//# sourceMappingURL=index.js.map

package/dist/index.cjs

@@ -1,76 +0,0 @@
-"use strict";
-/**
- * @fileoverview Entity Service Library
- * @description Shared backend library for multi-tenant entity/organization management
- *
- * @example
- * ```typescript
- * import {
- *   createEntityHelpers,
- *   createEntityContextMiddleware,
- *   entities,
- *   entityMembers,
- *   entityInvitations,
- * } from '@shapeshyft/entity-service';
- *
- * // Create helpers with your database config
- * const helpers = createEntityHelpers({
- *   db: drizzleDb,
- *   entitiesTable: mySchema.entities,
- *   membersTable: mySchema.entityMembers,
- *   invitationsTable: mySchema.entityInvitations,
- *   usersTable: mySchema.users,
- * });
- *
- * // Use in your routes
- * const entity = await helpers.entity.getOrCreatePersonalEntity(userId, email);
- * const members = await helpers.members.getMembers(entityId);
- * ```
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ROLE_PERMISSIONS = exports.InvitationStatus = exports.EntityRole = exports.EntityType = exports.rollbackEntityMigration = exports.runEntityMigration = exports.calculateInvitationExpiry = exports.validateSlug = exports.normalizeSlug = exports.generateInvitationToken = exports.generateEntitySlug = exports.createEntityHelpers = exports.createRequireRoleMiddleware = exports.createRequirePermissionMiddleware = exports.createEntityContextMiddleware = exports.PermissionHelper = exports.InvitationHelper = exports.EntityMemberHelper = exports.EntityHelper = exports.initEntityTables = exports.entityInvitations = exports.entityMembers = exports.entities = exports.createEntityInvitationsTablePublic = exports.createEntityInvitationsTable = exports.createEntityMembersTablePublic = exports.createEntityMembersTable = exports.createEntitiesTablePublic = exports.createEntitiesTable = void 0;
-// Schema exports
-var entities_1 = require("./schema/entities");
-// Table factory functions
-Object.defineProperty(exports, "createEntitiesTable", { enumerable: true, get: function () { return entities_1.createEntitiesTable; } });
-Object.defineProperty(exports, "createEntitiesTablePublic", { enumerable: true, get: function () { return entities_1.createEntitiesTablePublic; } });
-Object.defineProperty(exports, "createEntityMembersTable", { enumerable: true, get: function () { return entities_1.createEntityMembersTable; } });
-Object.defineProperty(exports, "createEntityMembersTablePublic", { enumerable: true, get: function () { return entities_1.createEntityMembersTablePublic; } });
-Object.defineProperty(exports, "createEntityInvitationsTable", { enumerable: true, get: function () { return entities_1.createEntityInvitationsTable; } });
-Object.defineProperty(exports, "createEntityInvitationsTablePublic", { enumerable: true, get: function () { return entities_1.createEntityInvitationsTablePublic; } });
-// Default tables (public schema)
-Object.defineProperty(exports, "entities", { enumerable: true, get: function () { return entities_1.entities; } });
-Object.defineProperty(exports, "entityMembers", { enumerable: true, get: function () { return entities_1.entityMembers; } });
-Object.defineProperty(exports, "entityInvitations", { enumerable: true, get: function () { return entities_1.entityInvitations; } });
-// Initialization
-Object.defineProperty(exports, "initEntityTables", { enumerable: true, get: function () { return entities_1.initEntityTables; } });
-// Helper exports
-var helpers_1 = require("./helpers");
-Object.defineProperty(exports, "EntityHelper", { enumerable: true, get: function () { return helpers_1.EntityHelper; } });
-Object.defineProperty(exports, "EntityMemberHelper", { enumerable: true, get: function () { return helpers_1.EntityMemberHelper; } });
-Object.defineProperty(exports, "InvitationHelper", { enumerable: true, get: function () { return helpers_1.InvitationHelper; } });
-Object.defineProperty(exports, "PermissionHelper", { enumerable: true, get: function () { return helpers_1.PermissionHelper; } });
-// Middleware exports
-var middleware_1 = require("./middleware");
-Object.defineProperty(exports, "createEntityContextMiddleware", { enumerable: true, get: function () { return middleware_1.createEntityContextMiddleware; } });
-Object.defineProperty(exports, "createRequirePermissionMiddleware", { enumerable: true, get: function () { return middleware_1.createRequirePermissionMiddleware; } });
-Object.defineProperty(exports, "createRequireRoleMiddleware", { enumerable: true, get: function () { return middleware_1.createRequireRoleMiddleware; } });
-Object.defineProperty(exports, "createEntityHelpers", { enumerable: true, get: function () { return middleware_1.createEntityHelpers; } });
-// Utility exports
-var utils_1 = require("./utils");
-Object.defineProperty(exports, "generateEntitySlug", { enumerable: true, get: function () { return utils_1.generateEntitySlug; } });
-Object.defineProperty(exports, "generateInvitationToken", { enumerable: true, get: function () { return utils_1.generateInvitationToken; } });
-Object.defineProperty(exports, "normalizeSlug", { enumerable: true, get: function () { return utils_1.normalizeSlug; } });
-Object.defineProperty(exports, "validateSlug", { enumerable: true, get: function () { return utils_1.validateSlug; } });
-Object.defineProperty(exports, "calculateInvitationExpiry", { enumerable: true, get: function () { return utils_1.calculateInvitationExpiry; } });
-// Migration exports
-var migrations_1 = require("./migrations");
-Object.defineProperty(exports, "runEntityMigration", { enumerable: true, get: function () { return migrations_1.runEntityMigration; } });
-Object.defineProperty(exports, "rollbackEntityMigration", { enumerable: true, get: function () { return migrations_1.rollbackEntityMigration; } });
-// Type exports (re-exported from @sudobility/types)
-var types_1 = require("./types");
-Object.defineProperty(exports, "EntityType", { enumerable: true, get: function () { return types_1.EntityType; } });
-Object.defineProperty(exports, "EntityRole", { enumerable: true, get: function () { return types_1.EntityRole; } });
-Object.defineProperty(exports, "InvitationStatus", { enumerable: true, get: function () { return types_1.InvitationStatus; } });
-Object.defineProperty(exports, "ROLE_PERMISSIONS", { enumerable: true, get: function () { return types_1.ROLE_PERMISSIONS; } });
-//# sourceMappingURL=index.js.map