npm - @sylphx/sdk - Versions diffs - 0.3.6 → 0.4.0 - Mend

@sylphx/sdk 0.3.6 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/dist/index.js CHANGED Viewed

@@ -49,6 +49,7 @@ __export(index_exports, {
   WorkersClient: () => WorkersClient,
   acceptAllConsents: () => acceptAllConsents,
   acceptOrganizationInvitation: () => acceptOrganizationInvitation,
+  assignMemberRole: () => assignMemberRole,
   batchIndex: () => batchIndex,
   canDeleteOrganization: () => canDeleteOrganization,
   canManageMembers: () => canManageMembers,
@@ -67,8 +68,10 @@ __export(index_exports, {
   createCron: () => createCron,
   createDynamicRestClient: () => createDynamicRestClient,
   createOrganization: () => createOrganization,
+  createPermission: () => createPermission,
   createPortalSession: () => createPortalSession,
   createRestClient: () => createRestClient,
+  createRole: () => createRole,
   createServiceWorkerScript: () => createServiceWorkerScript,
   createStepContext: () => createStepContext,
   createTasksHandler: () => createTasksHandler,
@@ -83,6 +86,8 @@ __export(index_exports, {
   deleteEnvVar: () => deleteEnvVar,
   deleteFile: () => deleteFile,
   deleteOrganization: () => deleteOrganization,
+  deletePermission: () => deletePermission,
+  deleteRole: () => deleteRole,
   deleteUser: () => deleteUser,
   disableDebug: () => disableDebug,
   embed: () => embed,
@@ -116,6 +121,7 @@ __export(index_exports, {
   getFlagPayload: () => getFlagPayload,
   getFlags: () => getFlags,
   getLeaderboard: () => getLeaderboard,
+  getMemberPermissions: () => getMemberPermissions,
   getMyReferralCode: () => getMyReferralCode,
   getOrganization: () => getOrganization,
   getOrganizationInvitations: () => getOrganizationInvitations,
@@ -127,6 +133,7 @@ __export(index_exports, {
   getReferralLeaderboard: () => getReferralLeaderboard,
   getReferralStats: () => getReferralStats,
   getRestErrorMessage: () => getRestErrorMessage,
+  getRole: () => getRole,
   getScheduledEmail: () => getScheduledEmail,
   getScheduledEmailStats: () => getScheduledEmailStats,
   getSearchStats: () => getSearchStats,
@@ -146,8 +153,11 @@ __export(index_exports, {
   getWebhookDeliveries: () => getWebhookDeliveries,
   getWebhookDelivery: () => getWebhookDelivery,
   getWebhookStats: () => getWebhookStats,
+  hasAllPermissions: () => hasAllPermissions,
+  hasAnyPermission: () => hasAnyPermission,
   hasConsent: () => hasConsent,
   hasError: () => hasError,
+  hasPermission: () => hasPermission,
   hasRole: () => hasRole,
   hasSecret: () => hasSecret,
   identify: () => identify,
@@ -184,6 +194,8 @@ __export(index_exports, {
   leaveOrganization: () => leaveOrganization,
   linkAnonymousConsents: () => linkAnonymousConsents,
   listEnvVars: () => listEnvVars,
+  listPermissions: () => listPermissions,
+  listRoles: () => listRoles,
   listScheduledEmails: () => listScheduledEmails,
   listSecretKeys: () => listSecretKeys,
   listTasks: () => listTasks,
@@ -225,6 +237,7 @@ __export(index_exports, {
   streamToString: () => streamToString,
   submitScore: () => submitScore,
   suspendUser: () => suspendUser,
+  switchOrg: () => switchOrg,
   toSylphxError: () => toSylphxError,
   track: () => track,
   trackBatch: () => trackBatch,
@@ -235,6 +248,7 @@ __export(index_exports, {
   updateOrganization: () => updateOrganization,
   updateOrganizationMemberRole: () => updateOrganizationMemberRole,
   updatePushPreferences: () => updatePushPreferences,
+  updateRole: () => updateRole,
   updateUser: () => updateUser,
   updateUserMetadata: () => updateUserMetadata,
   updateWebhookConfig: () => updateWebhookConfig,
@@ -353,6 +367,13 @@ var SylphxError = class _SylphxError extends Error {
   static isRateLimited(err) {
     return err instanceof _SylphxError && err.code === "TOO_MANY_REQUESTS";
   }
+  /**
+   * Check if error is an account lockout error (too many failed login attempts).
+   * When true, `error.data?.lockoutUntil` contains the ISO 8601 timestamp when the lockout expires.
+   */
+  static isAccountLocked(err) {
+    return err instanceof _SylphxError && err.code === "TOO_MANY_REQUESTS" && err.data?.code === "ACCOUNT_LOCKED";
+  }
   /**
    * Check if error is a quota exceeded error (plan limit reached)
    */
@@ -1564,11 +1585,14 @@ async function verifyTwoFactor(config, userId, code) {
 async function introspectToken(config, token, tokenTypeHint) {
   const response = await fetch(buildApiUrl(config, "/auth/introspect"), {
     method: "POST",
-    headers: { "Content-Type": "application/json" },
+    headers: {
+      "Content-Type": "application/json",
+      // RFC 7662 §2: server-to-server call — authenticate with secret key
+      "x-app-secret": config.secretKey ?? ""
+    },
     body: JSON.stringify({
       token,
-      token_type_hint: tokenTypeHint,
-      client_secret: config.secretKey
+      token_type_hint: tokenTypeHint
     })
   });
   if (!response.ok) {
@@ -1603,6 +1627,12 @@ async function inviteUser(config, input) {
     body: input
   });
 }
+async function switchOrg(config, orgId) {
+  return callApi(config, "/auth/switch-org", {
+    method: "POST",
+    body: JSON.stringify({ orgId })
+  });
+}
 // src/admin.ts
 async function listUsers(config, opts) {
@@ -2926,6 +2956,86 @@ function canDeleteOrganization(membership) {
   return hasRole(membership, "super_admin");
 }
+// src/permissions.ts
+async function listPermissions(config) {
+  return callApi(config, "/permissions");
+}
+async function createPermission(config, input) {
+  return callApi(config, "/permissions", {
+    method: "POST",
+    body: input
+  });
+}
+async function deletePermission(config, permissionKey) {
+  return callApi(config, `/permissions/${permissionKey}`, {
+    method: "DELETE"
+  });
+}
+async function getMemberPermissions(config, orgIdOrSlug, memberId) {
+  return callApi(
+    config,
+    `/orgs/${orgIdOrSlug}/members/${memberId}/permissions`
+  );
+}
+function hasPermission(permissions, required) {
+  return permissions.includes(required);
+}
+function hasAnyPermission(permissions, required) {
+  return required.some((perm) => permissions.includes(perm));
+}
+function hasAllPermissions(permissions, required) {
+  return required.every((perm) => permissions.includes(perm));
+}
+// src/roles.ts
+async function listRoles(config) {
+  return callApi(config, "/roles");
+}
+async function getRole(config, roleKey) {
+  return callApi(config, `/roles/${roleKey}`);
+}
+async function createRole(config, input) {
+  const body = {
+    key: input.key,
+    name: input.name
+  };
+  if (input.description !== void 0) body.description = input.description;
+  if (input.permissions !== void 0) body.permissionKeys = input.permissions;
+  if (input.isDefault !== void 0) body.isDefault = input.isDefault;
+  if (input.sortOrder !== void 0) body.sortOrder = input.sortOrder;
+  return callApi(config, "/roles", {
+    method: "POST",
+    body
+  });
+}
+async function updateRole(config, roleKey, input) {
+  const body = {};
+  if (input.name !== void 0) body.name = input.name;
+  if (input.description !== void 0) body.description = input.description;
+  if (input.permissions !== void 0) body.permissionKeys = input.permissions;
+  if (input.isDefault !== void 0) body.isDefault = input.isDefault;
+  if (input.sortOrder !== void 0) body.sortOrder = input.sortOrder;
+  return callApi(config, `/roles/${roleKey}`, {
+    method: "PUT",
+    body
+  });
+}
+async function deleteRole(config, roleKey) {
+  return callApi(config, `/roles/${roleKey}`, {
+    method: "DELETE"
+  });
+}
+async function assignMemberRole(config, orgIdOrSlug, memberId, roleKey) {
+  return callApi(
+    config,
+    `/orgs/${orgIdOrSlug}/members/${memberId}/assign-role`,
+    {
+      method: "PUT",
+      body: { roleKey }
+    }
+  );
+}
 // src/secrets.ts
 async function getSecret(config, input) {
   return callApi(config, "/secrets/get", {
@@ -3774,6 +3884,7 @@ function sleep2(ms) {
   WorkersClient,
   acceptAllConsents,
   acceptOrganizationInvitation,
+  assignMemberRole,
   batchIndex,
   canDeleteOrganization,
   canManageMembers,
@@ -3792,8 +3903,10 @@ function sleep2(ms) {
   createCron,
   createDynamicRestClient,
   createOrganization,
+  createPermission,
   createPortalSession,
   createRestClient,
+  createRole,
   createServiceWorkerScript,
   createStepContext,
   createTasksHandler,
@@ -3808,6 +3921,8 @@ function sleep2(ms) {
   deleteEnvVar,
   deleteFile,
   deleteOrganization,
+  deletePermission,
+  deleteRole,
   deleteUser,
   disableDebug,
   embed,
@@ -3841,6 +3956,7 @@ function sleep2(ms) {
   getFlagPayload,
   getFlags,
   getLeaderboard,
+  getMemberPermissions,
   getMyReferralCode,
   getOrganization,
   getOrganizationInvitations,
@@ -3852,6 +3968,7 @@ function sleep2(ms) {
   getReferralLeaderboard,
   getReferralStats,
   getRestErrorMessage,
+  getRole,
   getScheduledEmail,
   getScheduledEmailStats,
   getSearchStats,
@@ -3871,8 +3988,11 @@ function sleep2(ms) {
   getWebhookDeliveries,
   getWebhookDelivery,
   getWebhookStats,
+  hasAllPermissions,
+  hasAnyPermission,
   hasConsent,
   hasError,
+  hasPermission,
   hasRole,
   hasSecret,
   identify,
@@ -3909,6 +4029,8 @@ function sleep2(ms) {
   leaveOrganization,
   linkAnonymousConsents,
   listEnvVars,
+  listPermissions,
+  listRoles,
   listScheduledEmails,
   listSecretKeys,
   listTasks,
@@ -3950,6 +4072,7 @@ function sleep2(ms) {
   streamToString,
   submitScore,
   suspendUser,
+  switchOrg,
   toSylphxError,
   track,
   trackBatch,
@@ -3960,6 +4083,7 @@ function sleep2(ms) {
   updateOrganization,
   updateOrganizationMemberRole,
   updatePushPreferences,
+  updateRole,
   updateUser,
   updateUserMetadata,
   updateWebhookConfig,