@synnaxlabs/client 0.47.0 → 0.49.0

package/src/ontology/group/access.spec.ts

@@ -0,0 +1,77 @@
+// Copyright 2025 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { id } from "@synnaxlabs/x";
+import { describe, expect, it } from "vitest";
+
+import { AuthError } from "@/errors";
+import { ontology } from "@/ontology";
+import { group } from "@/ontology/group";
+import { createTestClientWithPolicy } from "@/testutil/access";
+import { createTestClient } from "@/testutil/client";
+
+const client = createTestClient();
+
+describe("group", () => {
+  describe("access control", () => {
+    it("should allow the caller to create groups with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [group.ontologyID("")],
+        actions: ["create"],
+      });
+      await userClient.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: `test-${id.create()}`,
+      });
+    });
+
+    it("should deny access when no create policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [group.ontologyID("")],
+        actions: [],
+      });
+      await expect(
+        userClient.ontology.groups.create({
+          parent: ontology.ROOT_ID,
+          name: `test-${id.create()}`,
+        }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to delete groups with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [group.ontologyID("")],
+        actions: ["delete", "retrieve"],
+      });
+      const randomGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: `test-${id.create()}`,
+      });
+      await userClient.ontology.groups.delete(randomGroup.key);
+    });
+
+    it("should deny access when no delete policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [group.ontologyID("")],
+        actions: [],
+      });
+      const randomGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: `test-${id.create()}`,
+      });
+      await expect(userClient.ontology.groups.delete(randomGroup.key)).rejects.toThrow(
+        AuthError,
+      );
+    });
+  });
+});

package/src/ontology/group/client.ts

@@ -29,10 +29,6 @@ const renameReqZ = z.object({ key: keyZ, name: z.string() });
 
 const deleteReqZ = z.object({ keys: z.array(keyZ) });
 
-const CREATE_ENDPOINT = "/ontology/create-group";
-const RENAME_ENDPOINT = "/ontology/rename-group";
-const DELETE_ENDPOINT = "/ontology/delete-group";
-
 export interface CreateArgs extends z.infer<typeof createReqZ> {}
 
 export class Client {
@@ -45,7 +41,7 @@ export class Client {
   async create(args: CreateArgs): Promise<Group> {
     const res = await sendRequired(
       this.client,
-      CREATE_ENDPOINT,
+      "/ontology/create-group",
       args,
       createReqZ,
       resZ,
@@ -56,7 +52,7 @@ export class Client {
   async rename(key: Key, name: string): Promise<void> {
     await sendRequired(
       this.client,
-      RENAME_ENDPOINT,
+      "/ontology/rename-group",
       { key, name },
       renameReqZ,
       z.object({}),
@@ -66,7 +62,7 @@ export class Client {
   async delete(keys: Key | Key[]): Promise<void> {
     await sendRequired(
       this.client,
-      DELETE_ENDPOINT,
+      "/ontology/delete-group",
       { keys: array.toArray(keys) },
       deleteReqZ,
       z.object({}),

package/src/ontology/group/group.spec.ts

@@ -7,6 +7,7 @@
 // License, use of this software will be governed by the Apache License, Version 2.0,
 // included in the file licenses/APL.txt.
 
+import { id } from "@synnaxlabs/x";
 import { describe, expect, it } from "vitest";
 
 import { NotFoundError } from "@/errors";
@@ -23,6 +24,23 @@ describe("Group", () => {
       const g = await client.ontology.groups.create({ parent: ontology.ROOT_ID, name });
       expect(g.name).toEqual(name);
     });
+    it("should update an existing group", async () => {
+      const parent = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: `test-parent-key${id.create()}`,
+      });
+      const g = await client.ontology.groups.create({
+        parent: group.ontologyID(parent.key),
+        name: `original-name-${id.create()}`,
+      });
+      await client.ontology.groups.create({
+        parent: group.ontologyID(parent.key),
+        key: g.key,
+        name: "updated-name",
+      });
+      const g2 = await client.ontology.retrieve(group.ontologyID(g.key));
+      expect(g2.name).toEqual("updated-name");
+    });
   });
   describe("rename", () => {
     it("should correctly rename a group", async () => {

package/src/ontology/group/payload.ts

@@ -9,7 +9,7 @@
 
 import { z } from "zod";
 
-import { type ID as OntologyID } from "@/ontology/payload";
+import { createIDFactory } from "@/ontology/payload";
 
 export const keyZ = z.uuid();
 export type Key = z.infer<typeof keyZ>;
@@ -21,4 +21,4 @@ export type Params = Key | Name | Keys | Names;
 export const groupZ = z.object({ key: keyZ, name: nameZ });
 export interface Group extends z.infer<typeof groupZ> {}
 
-export const ontologyID = (key: Key): OntologyID => ({ type: "group", key });
+export const ontologyID = createIDFactory("group");

package/src/ontology/ontology.spec.ts

@@ -202,11 +202,13 @@ describe("Ontology", () => {
       });
       const oldRootLength = (await client.ontology.retrieveChildren(ontology.ROOT_ID))
         .length;
+
       await client.ontology.moveChildren(
         ontology.ROOT_ID,
         group.ontologyID(g.key),
         group.ontologyID(g2.key),
       );
+
       const children = await client.ontology.retrieveChildren(group.ontologyID(g.key));
       expect(children.length).toEqual(1);
       const newRootLength = (await client.ontology.retrieveChildren(ontology.ROOT_ID))

package/src/ontology/payload.ts

@@ -7,7 +7,7 @@
 // License, use of this software will be governed by the Apache License, Version 2.0,
 // included in the file licenses/APL.txt.
 
-import { array, type change, record } from "@synnaxlabs/x";
+import { array, type change, primitive, record } from "@synnaxlabs/x";
 import { z } from "zod";
 
 export type ResourceChange = change.Change<ID, Resource>;
@@ -22,7 +22,6 @@ export interface RelationshipDelete extends change.Delete<Relationship, undefine
 export const resourceTypeZ = z.enum([
   "label",
   "log",
-  "allow_all",
   "builtin",
   "cluster",
   "channel",
@@ -39,6 +38,7 @@ export const resourceTypeZ = z.enum([
   "device",
   "task",
   "policy",
+  "role",
   "table",
   "arc",
   "schematic_symbol",
@@ -57,6 +57,22 @@ export type ID = z.infer<typeof idZ>;
 
 export const ROOT_ID: ID = { type: "builtin", key: "root" };
 
+export interface CreateID<K extends record.Key> {
+  (key: K): ID;
+  (keys: K[]): ID[];
+  (keys: K | K[]): ID | ID[];
+}
+
+export const createIDFactory = <K extends record.Key>(
+  type: ResourceType,
+): CreateID<K> => {
+  const id = (key: K) => ({ type, key: primitive.isZero(key) ? "" : key.toString() });
+  return ((key: K | K[]) => {
+    if (Array.isArray(key)) return key.map(id);
+    return id(key);
+  }) as CreateID<K>;
+};
+
 export interface IDToString {
   (id: ID | string): string;
   (ids: (ID | string)[]): string[];

package/src/ontology/writer.ts

@@ -12,10 +12,6 @@ import { z } from "zod";
 
 import { type ID, idZ } from "@/ontology/payload";
 
-const ADD_CHILDREN_ENDPOINT = "/ontology/add-children";
-const REMOVE_CHILDREN_ENDPOINT = "/ontology/remove-children";
-const MOVE_CHILDREN_ENDPOINT = "/ontology/move-children";
-
 export const addRemoveChildrenReqZ = z.object({ id: idZ, children: idZ.array() });
 export const moveChildrenReqZ = z.object({ from: idZ, to: idZ, children: idZ.array() });
 export const emptyResZ = z.object({});
@@ -30,7 +26,7 @@ export class Writer {
   async addChildren(id: ID, ...children: ID[]): Promise<void> {
     await sendRequired<typeof addRemoveChildrenReqZ, typeof emptyResZ>(
       this.client,
-      ADD_CHILDREN_ENDPOINT,
+      "/ontology/add-children",
       { id, children },
       addRemoveChildrenReqZ,
       emptyResZ,
@@ -40,7 +36,7 @@ export class Writer {
   async removeChildren(id: ID, ...children: ID[]): Promise<void> {
     await sendRequired<typeof addRemoveChildrenReqZ, typeof emptyResZ>(
       this.client,
-      REMOVE_CHILDREN_ENDPOINT,
+      "/ontology/remove-children",
       { id, children },
       addRemoveChildrenReqZ,
       emptyResZ,
@@ -50,7 +46,7 @@ export class Writer {
   async moveChildren(from: ID, to: ID, ...children: ID[]): Promise<void> {
     await sendRequired<typeof moveChildrenReqZ, typeof emptyResZ>(
       this.client,
-      MOVE_CHILDREN_ENDPOINT,
+      "/ontology/move-children",
       { from, to, children },
       moveChildrenReqZ,
       emptyResZ,

package/src/rack/access.spec.ts

@@ -0,0 +1,102 @@
+// Copyright 2025 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { describe, expect, it } from "vitest";
+
+import { AuthError, NotFoundError } from "@/errors";
+import { rack } from "@/rack";
+import { createTestClientWithPolicy } from "@/testutil/access";
+import { createTestClient } from "@/testutil/client";
+
+const client = createTestClient();
+
+describe("rack", () => {
+  describe("access control", () => {
+    it("should deny access when no retrieve policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [],
+        actions: [],
+      });
+      const randomRack = await client.racks.create({
+        name: "test",
+      });
+      await expect(userClient.racks.retrieve({ key: randomRack.key })).rejects.toThrow(
+        AuthError,
+      );
+    });
+
+    it("should allow the caller to retrieve racks with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [rack.ontologyID(0)],
+        actions: ["retrieve"],
+      });
+      const randomRack = await client.racks.create({
+        name: "test",
+      });
+      const retrieved = await userClient.racks.retrieve({
+        key: randomRack.key,
+      });
+      expect(retrieved.key).toBe(randomRack.key);
+      expect(retrieved.name).toBe(randomRack.name);
+    });
+
+    it("should allow the caller to create racks with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [rack.ontologyID(0)],
+        actions: ["create"],
+      });
+      await userClient.racks.create({
+        name: "test",
+      });
+    });
+
+    it("should deny access when no create policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [rack.ontologyID(0)],
+        actions: [],
+      });
+      await expect(
+        userClient.racks.create({
+          name: "test",
+        }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to delete racks with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [rack.ontologyID(0)],
+        actions: ["delete", "retrieve"],
+      });
+      const randomRack = await client.racks.create({
+        name: "test",
+      });
+      await userClient.racks.delete(randomRack.key);
+      await expect(userClient.racks.retrieve({ key: randomRack.key })).rejects.toThrow(
+        NotFoundError,
+      );
+    });
+
+    it("should deny access when no delete policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [rack.ontologyID(0)],
+        actions: [],
+      });
+      const randomRack = await client.racks.create({
+        name: "test",
+      });
+      await expect(userClient.racks.delete(randomRack.key)).rejects.toThrow(AuthError);
+    });
+  });
+});

package/src/{hardware/rack → rack}/client.ts

@@ -11,6 +11,7 @@ import { sendRequired, type UnaryClient } from "@synnaxlabs/freighter";
 import { array } from "@synnaxlabs/x";
 import { z } from "zod";
 
+import { ontology } from "@/ontology";
 import {
   type Key,
   keyZ,
@@ -19,16 +20,10 @@ import {
   type Payload,
   rackZ,
   type Status,
-} from "@/hardware/rack/payload";
-import { type task } from "@/hardware/task";
-import { type ontology } from "@/ontology";
+} from "@/rack/payload";
+import { type task } from "@/task";
 import { checkForMultipleOrNoResults } from "@/util/retrieve";
 
-const RETRIEVE_ENDPOINT = "/hardware/rack/retrieve";
-const CREATE_ENDPOINT = "/hardware/rack/create";
-const DELETE_ENDPOINT = "/hardware/rack/delete";
-
-export const STATUS_CHANNEL_NAME = "sy_rack_status";
 export const SET_CHANNEL_NAME = "sy_rack_set";
 export const DELETE_CHANNEL_NAME = "sy_rack_delete";
 
@@ -38,8 +33,8 @@ const retrieveReqZ = z.object({
   searchTerm: z.string().optional(),
   embedded: z.boolean().optional(),
   hostIsNode: z.boolean().optional(),
-  limit: z.number().optional(),
-  offset: z.number().optional(),
+  limit: z.int().optional(),
+  offset: z.int().optional(),
   includeStatus: z.boolean().optional(),
 });
 const retrieveResZ = z.object({ racks: array.nullableZ(rackZ) });
@@ -86,7 +81,7 @@ export class Client {
   async delete(keys: Key | Key[]): Promise<void> {
     await sendRequired<typeof deleteReqZ, typeof deleteResZ>(
       this.client,
-      DELETE_ENDPOINT,
+      "/rack/delete",
       { keys: array.toArray(keys) },
       deleteReqZ,
       deleteResZ,
@@ -99,7 +94,7 @@ export class Client {
     const isSingle = !Array.isArray(rack);
     const res = await sendRequired<typeof createReqZ, typeof createResZ>(
       this.client,
-      CREATE_ENDPOINT,
+      "/rack/create",
       { racks: array.toArray(rack) },
       createReqZ,
       createResZ,
@@ -114,7 +109,7 @@ export class Client {
     const isSingle = "key" in args || "name" in args;
     const res = await sendRequired(
       this.client,
-      RETRIEVE_ENDPOINT,
+      "/rack/retrieve",
       args,
       retrieveArgsZ,
       retrieveResZ,
@@ -158,7 +153,7 @@ export class Rack {
     Config extends z.ZodType = z.ZodType,
     StatusData extends z.ZodType = z.ZodType,
   >(
-    task: task.New<Type, Config>,
+    task: task.New<Type, Config, StatusData>,
     schemas: task.Schemas<Type, Config, StatusData>,
   ): Promise<task.Task<Type, Config, StatusData>>;
 
@@ -167,7 +162,7 @@ export class Rack {
     Config extends z.ZodType = z.ZodType,
     StatusData extends z.ZodType = z.ZodType,
   >(
-    task: task.New<Type, Config>,
+    task: task.New<Type, Config, StatusData>,
     schemas?: task.Schemas<Type, Config, StatusData>,
   ): Promise<task.Task<Type, Config, StatusData>> {
     task.key = (
@@ -189,7 +184,7 @@ export class Rack {
   }
 }
 
-export const ontologyID = (key: Key): ontology.ID => ({
-  type: "rack",
-  key: key.toString(),
-});
+export const ontologyID = ontology.createIDFactory<Key>("rack");
+export const TYPE_ONTOLOGY_ID = ontologyID(0);
+
+export const statusKey = (key: Key): string => ontology.idToString(ontologyID(key));

package/src/{hardware/device/index.ts → rack/external.ts}

@@ -7,4 +7,5 @@
 // License, use of this software will be governed by the Apache License, Version 2.0,
 // included in the file licenses/APL.txt.
 
-export * as device from "@/hardware/device/external";
+export * from "@/rack/client";
+export * from "@/rack/payload";

package/src/{hardware/external.ts → rack/index.ts}

@@ -7,4 +7,4 @@
 // License, use of this software will be governed by the Apache License, Version 2.0,
 // included in the file licenses/APL.txt.
 
-export * from "@/hardware/client";
+export * as rack from "@/rack/external";

package/src/{hardware/rack → rack}/payload.ts

@@ -13,8 +13,8 @@ import { z } from "zod";
 export const keyZ = z.uint32();
 export type Key = z.infer<typeof keyZ>;
 
-export const statusDetailsSchema = z.object({ rack: keyZ });
-export const statusZ = status.statusZ(statusDetailsSchema);
+export const statusDetailsZ = z.object({ rack: keyZ });
+export const statusZ = status.statusZ(statusDetailsZ);
 
 export interface Status extends z.infer<typeof statusZ> {}
 

package/src/{hardware/rack → rack}/rack.spec.ts

@@ -7,10 +7,11 @@
 // License, use of this software will be governed by the Apache License, Version 2.0,
 // included in the file licenses/APL.txt.
 
+import { TimeStamp } from "@synnaxlabs/x";
 import { describe, expect, it } from "vitest";
 import { ZodError } from "zod";
 
-import { type rack } from "@/hardware/rack";
+import { type rack } from "@/rack";
 import { createTestClient } from "@/testutil/client";
 
 const client = createTestClient();
@@ -18,55 +19,80 @@ const client = createTestClient();
 describe("Rack", () => {
   describe("create", () => {
     it("should create a single rack", async () => {
-      const r = await client.hardware.racks.create({ name: "test" });
+      const r = await client.racks.create({ name: "test" });
       expect(r.key).toBeGreaterThan(0n);
     });
     it("should return an error if the rack doesn't have a name", async () => {
       // @ts-expect-error - Testing for error
-      await expect(client.hardware.racks.create({})).rejects.toThrow(ZodError);
+      await expect(client.racks.create({})).rejects.toThrow(ZodError);
+    });
+    it("should create a rack with a custom status", async () => {
+      const customStatus: rack.Status = {
+        key: "",
+        name: "",
+        variant: "success",
+        message: "Custom rack status",
+        description: "Rack is running",
+        time: TimeStamp.now(),
+        details: { rack: 0 },
+      };
+      const r = await client.racks.create({
+        name: "rack-with-status",
+        status: customStatus,
+      });
+      expect(r.key).toBeGreaterThan(0n);
+      const retrieved = await client.racks.retrieve({
+        key: r.key,
+        includeStatus: true,
+      });
+      expect(retrieved.status).toBeDefined();
+      expect(retrieved.status?.variant).toBe("success");
+      expect(retrieved.status?.message).toBe("Custom rack status");
+      expect(retrieved.status?.description).toBe("Rack is running");
+      expect(retrieved.status?.details?.rack).toBe(r.key);
     });
   });
   describe("update", () => {
     it("should update a rack if the key is provided", async () => {
-      const r = await client.hardware.racks.create({ name: "test" });
-      const updated = await client.hardware.racks.create({
+      const r = await client.racks.create({ name: "test" });
+      const updated = await client.racks.create({
         key: r.key,
         name: "updated",
       });
       expect(updated.name).toBe("updated");
-      const retrieved = await client.hardware.racks.retrieve({ key: r.key });
+      const retrieved = await client.racks.retrieve({ key: r.key });
       expect(retrieved.name).toBe("updated");
     });
   });
   describe("retrieve", () => {
     it("should retrieve a rack by its key", async () => {
-      const r = await client.hardware.racks.create({ name: "test" });
-      const retrieved = await client.hardware.racks.retrieve({ key: r.key });
+      const r = await client.racks.create({ name: "test" });
+      const retrieved = await client.racks.retrieve({ key: r.key });
       expect(retrieved.key).toBe(r.key);
       expect(retrieved.name).toBe("test");
     });
     it("should retrieve a rack by its name", async () => {
-      const name = `TimeStamp.now().toString()}-${Math.random()}`;
-      const r = await client.hardware.racks.create({ name });
-      const retrieved = await client.hardware.racks.retrieve({ name });
+      const name = `${TimeStamp.now().toString()}-${Math.random()}`;
+      const r = await client.racks.create({ name });
+      const retrieved = await client.racks.retrieve({ name });
       expect(retrieved.key).toBe(r.key);
       expect(retrieved.name).toEqual(name);
     });
   });
   describe("tasks", () => {
     it("should list the tasks on a rack", async () => {
-      const r = await client.hardware.racks.create({ name: "test" });
+      const r = await client.racks.create({ name: "test" });
       const tasks = await r.listTasks();
       expect(tasks).toHaveLength(0);
     });
   });
   describe("status", () => {
     it("should include the rack's status when includeStatus is true", async () => {
-      const r = await client.hardware.racks.create({ name: "test" });
+      const r = await client.racks.create({ name: "test" });
       let status: rack.Status | undefined;
       await expect
         .poll(async () => {
-          const retrieved = await client.hardware.racks.retrieve({
+          const retrieved = await client.racks.retrieve({
             key: r.key,
             includeStatus: true,
           });
@@ -77,12 +103,12 @@ describe("Rack", () => {
       expect(status?.details?.rack).toBe(r.key);
     });
     it("should include the status for multiple racks", async () => {
-      const r1 = await client.hardware.racks.create({ name: "test1" });
-      const r2 = await client.hardware.racks.create({ name: "test2" });
+      const r1 = await client.racks.create({ name: "test1" });
+      const r2 = await client.racks.create({ name: "test2" });
       let statuses: (rack.Status | undefined)[] = [];
       await expect
         .poll(async () => {
-          const retrieved = await client.hardware.racks.retrieve({
+          const retrieved = await client.racks.retrieve({
             keys: [r1.key, r2.key],
             includeStatus: true,
           });