@swiss-ai-hub/web 0.303.1 → 0.304.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -28,6 +28,42 @@ export type Access = {
28
28
  processes?: Array<UserAccess>;
29
29
  };
30
30
 
31
+ /**
32
+ * AccessCapabilitiesRequest
33
+ */
34
+ export type AccessCapabilitiesRequest = {
35
+ /**
36
+ * Access Rules
37
+ *
38
+ * Draft access rules to evaluate the capability catalog against.
39
+ */
40
+ access_rules: Array<string>;
41
+ /**
42
+ * Restrict To Tenant
43
+ *
44
+ * Hide capabilities the acting tenant's ceiling cannot grant (role editor). Set false when editing the tenant ceiling itself (sysadmin).
45
+ */
46
+ restrict_to_tenant?: boolean;
47
+ /**
48
+ * Is Sys Admin
49
+ *
50
+ * Evaluate the catalog as a platform sysadmin (AIHubSysAdmin), who holds admin on every resource regardless of rules — the user page passes the viewed user's flag. False for rule editing.
51
+ */
52
+ is_sys_admin?: boolean;
53
+ };
54
+
55
+ /**
56
+ * AccessCapabilitiesResponse
57
+ */
58
+ export type AccessCapabilitiesResponse = {
59
+ /**
60
+ * Groups
61
+ *
62
+ * Top-level groups, one per controller/service.
63
+ */
64
+ groups: Array<CapabilityGroup>;
65
+ };
66
+
31
67
  /**
32
68
  * AccessLevel
33
69
  *
@@ -46,6 +82,36 @@ export const AccessLevel = {
46
82
  */
47
83
  export type AccessLevel = (typeof AccessLevel)[keyof typeof AccessLevel];
48
84
 
85
+ /**
86
+ * AccessPresetDTO
87
+ */
88
+ export type AccessPresetDto = {
89
+ /**
90
+ * Rule
91
+ *
92
+ * The access rule string this preset adds.
93
+ */
94
+ rule: string;
95
+ /**
96
+ * Name
97
+ *
98
+ * Short, human-readable name for the preset.
99
+ */
100
+ name: string;
101
+ /**
102
+ * Description
103
+ *
104
+ * What this preset grants.
105
+ */
106
+ description: string;
107
+ /**
108
+ * Category
109
+ *
110
+ * Stable category key for grouping in the UI.
111
+ */
112
+ category: string;
113
+ };
114
+
49
115
  /**
50
116
  * ActiveTenantDTO
51
117
  *
@@ -1858,6 +1924,90 @@ export type CachePoint = {
1858
1924
  cache_control: CacheControl;
1859
1925
  };
1860
1926
 
1927
+ /**
1928
+ * Capability
1929
+ */
1930
+ export type Capability = {
1931
+ /**
1932
+ * Key
1933
+ *
1934
+ * Stable identifier for this capability.
1935
+ */
1936
+ key: string;
1937
+ /**
1938
+ * Label
1939
+ *
1940
+ * Short human-readable action label.
1941
+ */
1942
+ label: string;
1943
+ /**
1944
+ * Description
1945
+ *
1946
+ * What holding this capability lets the user do.
1947
+ */
1948
+ description: string;
1949
+ /**
1950
+ * Rule
1951
+ *
1952
+ * Exact access rule that grants this capability, or null for read-only capabilities.
1953
+ */
1954
+ rule: string | null;
1955
+ /**
1956
+ * Granted
1957
+ *
1958
+ * Whether the draft rules grant this capability.
1959
+ */
1960
+ granted: boolean;
1961
+ /**
1962
+ * Locked
1963
+ *
1964
+ * Granted via a broader rule (e.g. a wildcard preset) and so cannot be toggled off here.
1965
+ */
1966
+ locked: boolean;
1967
+ /**
1968
+ * Toggleable
1969
+ *
1970
+ * Whether ticking the box can add a rule. False for ?-wildcard guards with no concrete grant.
1971
+ */
1972
+ toggleable: boolean;
1973
+ };
1974
+
1975
+ /**
1976
+ * CapabilityGroup
1977
+ */
1978
+ export type CapabilityGroup = {
1979
+ /**
1980
+ * Key
1981
+ *
1982
+ * Stable identifier (a controller/service, a class, an instance, ...).
1983
+ */
1984
+ key: string;
1985
+ /**
1986
+ * Label
1987
+ *
1988
+ * Display title for the group.
1989
+ */
1990
+ label: string;
1991
+ /**
1992
+ * Icon
1993
+ *
1994
+ * Iconify icon for the group (service or class), if any.
1995
+ */
1996
+ icon?: string | null;
1997
+ /**
1998
+ * Capabilities
1999
+ *
2000
+ * Capabilities directly on this group.
2001
+ */
2002
+ capabilities?: Array<Capability>;
2003
+ /**
2004
+ * Groups
2005
+ *
2006
+ * Nested groups (e.g. classes, then instances).
2007
+ */
2008
+ groups?: Array<CapabilityGroup>;
2009
+ };
2010
+
1861
2011
  /**
1862
2012
  * CascadeSelect
1863
2013
  *
@@ -15244,11 +15394,11 @@ export type UserAccess = {
15244
15394
  /**
15245
15395
  * Name
15246
15396
  *
15247
- * Name of the service/agent/process to which user has access to
15397
+ * Name of the service/agent/process to which access is evaluated
15248
15398
  */
15249
15399
  name: string;
15250
15400
  /**
15251
- * Users access level to service/agent/process
15401
+ * Access level to the service/agent/process
15252
15402
  */
15253
15403
  level: AccessLevel;
15254
15404
  };
@@ -15501,6 +15651,12 @@ export type UserWithAccessDto = {
15501
15651
  * User access levels
15502
15652
  */
15503
15653
  access: Access;
15654
+ /**
15655
+ * Access Rules
15656
+ *
15657
+ * The user's resolved access rules (union of their roles), to drive the capability view.
15658
+ */
15659
+ access_rules: Array<string>;
15504
15660
  };
15505
15661
 
15506
15662
  /**
@@ -26717,6 +26873,66 @@ export type CreateRoleResponses = {
26717
26873
 
26718
26874
  export type CreateRoleResponse = CreateRoleResponses[keyof CreateRoleResponses];
26719
26875
 
26876
+ export type GetAccessCapabilitiesData = {
26877
+ body: AccessCapabilitiesRequest;
26878
+ path: {
26879
+ /**
26880
+ * Tenant Id
26881
+ *
26882
+ * Tenant identifier: a name, ObjectId, or 'active'
26883
+ */
26884
+ tenant_id: string;
26885
+ };
26886
+ query?: never;
26887
+ url: "/{tenant_id}/access/capabilities";
26888
+ };
26889
+
26890
+ export type GetAccessCapabilitiesErrors = {
26891
+ /**
26892
+ * Validation Error
26893
+ */
26894
+ 422: HttpValidationError;
26895
+ };
26896
+
26897
+ export type GetAccessCapabilitiesError =
26898
+ GetAccessCapabilitiesErrors[keyof GetAccessCapabilitiesErrors];
26899
+
26900
+ export type GetAccessCapabilitiesResponses = {
26901
+ /**
26902
+ * Successful Response
26903
+ */
26904
+ 200: AccessCapabilitiesResponse;
26905
+ };
26906
+
26907
+ export type GetAccessCapabilitiesResponse =
26908
+ GetAccessCapabilitiesResponses[keyof GetAccessCapabilitiesResponses];
26909
+
26910
+ export type GetAccessPresetsData = {
26911
+ body?: never;
26912
+ path: {
26913
+ /**
26914
+ * Tenant Id
26915
+ *
26916
+ * Tenant identifier: a name, ObjectId, or 'active'
26917
+ */
26918
+ tenant_id: string;
26919
+ };
26920
+ query?: never;
26921
+ url: "/{tenant_id}/access/presets";
26922
+ };
26923
+
26924
+ export type GetAccessPresetsResponses = {
26925
+ /**
26926
+ * Response Get Access Presets Tenant Id Access Presets Get
26927
+ *
26928
+ * Successful Response
26929
+ */
26930
+ 200: Array<AccessPresetDto>;
26931
+ };
26932
+
26933
+ export type GetAccessPresetsResponse =
26934
+ GetAccessPresetsResponses[keyof GetAccessPresetsResponses];
26935
+
26720
26936
  export type GetModelsData = {
26721
26937
  body?: never;
26722
26938
  path: {