@synnaxlabs/client 0.48.0 → 0.49.0

package/src/workspace/log/client.ts

@@ -11,7 +11,7 @@ import { sendRequired, type UnaryClient } from "@synnaxlabs/freighter";
 import { array, type record } from "@synnaxlabs/x";
 import { z } from "zod";
 
-import { type ontology } from "@/ontology";
+import { ontology } from "@/ontology";
 import { checkForMultipleOrNoResults } from "@/util/retrieve";
 import {
   type Key,
@@ -24,12 +24,6 @@ import {
 } from "@/workspace/log/payload";
 import { type Key as WorkspaceKey, keyZ as workspaceKeyZ } from "@/workspace/payload";
 
-const RETRIEVE_ENDPOINT = "/workspace/log/retrieve";
-const CREATE_ENDPOINT = "/workspace/log/create";
-const RENAME_ENDPOINT = "/workspace/log/rename";
-const SET_DATA_ENDPOINT = "/workspace/log/set-data";
-const DELETE_ENDPOINT = "/workspace/log/delete";
-
 const renameReqZ = z.object({ key: keyZ, name: z.string() });
 
 const setDataReqZ = z.object({ key: keyZ, data: z.string() });
@@ -65,7 +59,7 @@ export class Client {
     const isMany = Array.isArray(logs);
     const res = await sendRequired(
       this.client,
-      CREATE_ENDPOINT,
+      "/workspace/log/create",
       { workspace, logs: array.toArray(logs) },
       createReqZ,
       createResZ,
@@ -76,7 +70,7 @@ export class Client {
   async rename(key: Key, name: string): Promise<void> {
     await sendRequired(
       this.client,
-      RENAME_ENDPOINT,
+      "/workspace/log/rename",
       { key, name },
       renameReqZ,
       emptyResZ,
@@ -86,7 +80,7 @@ export class Client {
   async setData(key: Key, data: record.Unknown): Promise<void> {
     await sendRequired(
       this.client,
-      SET_DATA_ENDPOINT,
+      "/workspace/log/set-data",
       { key, data: JSON.stringify(data) },
       setDataReqZ,
       emptyResZ,
@@ -101,7 +95,7 @@ export class Client {
     const isSingle = singleRetrieveArgsZ.safeParse(args).success;
     const res = await sendRequired(
       this.client,
-      RETRIEVE_ENDPOINT,
+      "/workspace/log/retrieve",
       args,
       retrieveArgsZ,
       retrieveResZ,
@@ -113,7 +107,7 @@ export class Client {
   async delete(keys: Params): Promise<void> {
     await sendRequired(
       this.client,
-      DELETE_ENDPOINT,
+      "/workspace/log/delete",
       { keys: array.toArray(keys) },
       deleteReqZ,
       emptyResZ,
@@ -121,4 +115,5 @@ export class Client {
   }
 }
 
-export const ontologyID = (key: Key): ontology.ID => ({ type: "log", key });
+export const ontologyID = ontology.createIDFactory<Key>("log");
+export const TYPE_ONTOLOGY_ID = ontologyID("");

package/src/workspace/schematic/access.spec.ts

@@ -0,0 +1,134 @@
+// Copyright 2025 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { describe, expect, it } from "vitest";
+
+import { AuthError, NotFoundError } from "@/errors";
+import { createTestClientWithPolicy } from "@/testutil/access";
+import { createTestClient } from "@/testutil/client";
+import { schematic } from "@/workspace/schematic";
+
+const client = createTestClient();
+
+describe("schematic", () => {
+  describe("access control", () => {
+    it("should deny access when no retrieve policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [],
+        actions: [],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomSchematic = await client.workspaces.schematics.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      await expect(
+        userClient.workspaces.schematics.retrieve({ key: randomSchematic.key }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to retrieve schematics with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [schematic.ontologyID("")],
+        actions: ["retrieve"],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomSchematic = await client.workspaces.schematics.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      const retrieved = await userClient.workspaces.schematics.retrieve({
+        key: randomSchematic.key,
+      });
+      expect(retrieved.key).toBe(randomSchematic.key);
+      expect(retrieved.name).toBe(randomSchematic.name);
+    });
+
+    it("should allow the caller to create schematics with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [schematic.ontologyID("")],
+        actions: ["create"],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      await userClient.workspaces.schematics.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+    });
+
+    it("should deny access when no create policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [schematic.ontologyID("")],
+        actions: [],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      await expect(
+        userClient.workspaces.schematics.create(ws.key, {
+          name: "test",
+          data: {},
+        }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to delete schematics with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [schematic.ontologyID("")],
+        actions: ["delete", "retrieve"],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomSchematic = await client.workspaces.schematics.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      await userClient.workspaces.schematics.delete(randomSchematic.key);
+      await expect(
+        userClient.workspaces.schematics.retrieve({ key: randomSchematic.key }),
+      ).rejects.toThrow(NotFoundError);
+    });
+
+    it("should deny access when no delete policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [schematic.ontologyID("")],
+        actions: [],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomSchematic = await client.workspaces.schematics.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      await expect(
+        userClient.workspaces.schematics.delete(randomSchematic.key),
+      ).rejects.toThrow(AuthError);
+    });
+  });
+});

package/src/workspace/schematic/client.ts

@@ -11,7 +11,7 @@ import { sendRequired, type UnaryClient } from "@synnaxlabs/freighter";
 import { array, type record } from "@synnaxlabs/x";
 import { z } from "zod";
 
-import { type ontology } from "@/ontology";
+import { ontology } from "@/ontology";
 import { checkForMultipleOrNoResults } from "@/util/retrieve";
 import { type Key as WorkspaceKey, keyZ as workspaceKeyZ } from "@/workspace/payload";
 import {
@@ -26,13 +26,6 @@ import {
 } from "@/workspace/schematic/payload";
 import { symbol } from "@/workspace/schematic/symbol";
 
-const RETRIEVE_ENDPOINT = "/workspace/schematic/retrieve";
-const CREATE_ENDPOINT = "/workspace/schematic/create";
-const RENAME_ENDPOINT = "/workspace/schematic/rename";
-const SET_DATA_ENDPOINT = "/workspace/schematic/set-data";
-const DELETE_ENDPOINT = "/workspace/schematic/delete";
-const COPY_ENDPOINT = "/workspace/schematic/copy";
-
 const renameReqZ = z.object({ key: keyZ, name: z.string() });
 
 const setDataReqZ = z.object({ key: keyZ, data: z.string() });
@@ -84,7 +77,7 @@ export class Client {
     const isMany = Array.isArray(schematics);
     const res = await sendRequired(
       this.client,
-      CREATE_ENDPOINT,
+      "/workspace/schematic/create",
       { workspace, schematics: array.toArray(schematics) },
       createReqZ,
       createResZ,
@@ -95,7 +88,7 @@ export class Client {
   async rename(key: Key, name: string): Promise<void> {
     await sendRequired(
       this.client,
-      RENAME_ENDPOINT,
+      "/workspace/schematic/rename",
       { key, name },
       renameReqZ,
       emptyResZ,
@@ -105,7 +98,7 @@ export class Client {
   async setData(key: Key, data: record.Unknown): Promise<void> {
     await sendRequired(
       this.client,
-      SET_DATA_ENDPOINT,
+      "/workspace/schematic/set-data",
       { key, data: JSON.stringify(data) },
       setDataReqZ,
       emptyResZ,
@@ -120,7 +113,7 @@ export class Client {
     const isSingle = singleRetrieveArgsZ.safeParse(args).success;
     const res = await sendRequired(
       this.client,
-      RETRIEVE_ENDPOINT,
+      "/workspace/schematic/retrieve",
       args,
       retrieveArgsZ,
       retrieveResZ,
@@ -132,7 +125,7 @@ export class Client {
   async delete(keys: Params): Promise<void> {
     await sendRequired(
       this.client,
-      DELETE_ENDPOINT,
+      "/workspace/schematic/delete",
       { keys: array.toArray(keys) },
       deleteReqZ,
       emptyResZ,
@@ -142,7 +135,7 @@ export class Client {
   async copy(args: CopyArgs): Promise<Schematic> {
     const res = await sendRequired(
       this.client,
-      COPY_ENDPOINT,
+      "/workspace/schematic/copy",
       args,
       copyReqZ,
       copyResZ,
@@ -151,7 +144,5 @@ export class Client {
   }
 }
 
-export const ontologyID = (key: Key): ontology.ID => ({
-  type: "schematic",
-  key,
-});
+export const ontologyID = ontology.createIDFactory<Key>("schematic");
+export const TYPE_ONTOLOGY_ID = ontologyID("");

package/src/workspace/schematic/symbol/access.spec.ts

@@ -0,0 +1,172 @@
+// Copyright 2025 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { describe, expect, it } from "vitest";
+
+import { AuthError, NotFoundError } from "@/errors";
+import { ontology } from "@/ontology";
+import { group } from "@/ontology/group";
+import { createTestClientWithPolicy } from "@/testutil/access";
+import { createTestClient } from "@/testutil/client";
+import { symbol } from "@/workspace/schematic/symbol";
+
+const client = createTestClient();
+
+describe("schematic_symbol", () => {
+  describe("access control", () => {
+    it("should deny access when no retrieve policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [],
+        actions: [],
+      });
+      const symbolGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: "Test Symbols",
+      });
+      const randomSymbol = await client.workspaces.schematics.symbols.create({
+        name: "test",
+        data: {
+          svg: "<svg></svg>",
+          states: [],
+          handles: [],
+          variant: "sensor",
+        },
+        parent: group.ontologyID(symbolGroup.key),
+      });
+      await expect(
+        userClient.workspaces.schematics.symbols.retrieve({ key: randomSymbol.key }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to retrieve symbols with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [symbol.ontologyID("")],
+        actions: ["retrieve"],
+      });
+      const symbolGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: "Test Symbols",
+      });
+      const randomSymbol = await client.workspaces.schematics.symbols.create({
+        name: "test",
+        data: {
+          svg: "<svg></svg>",
+          states: [],
+          handles: [],
+          variant: "sensor",
+        },
+        parent: group.ontologyID(symbolGroup.key),
+      });
+      const retrieved = await userClient.workspaces.schematics.symbols.retrieve({
+        key: randomSymbol.key,
+      });
+      expect(retrieved.key).toBe(randomSymbol.key);
+      expect(retrieved.name).toBe(randomSymbol.name);
+    });
+
+    it("should allow the caller to create symbols with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [symbol.ontologyID("")],
+        actions: ["create"],
+      });
+      const symbolGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: "Test Symbols",
+      });
+      await userClient.workspaces.schematics.symbols.create({
+        name: "test",
+        data: {
+          svg: "<svg></svg>",
+          states: [],
+          handles: [],
+          variant: "sensor",
+        },
+        parent: group.ontologyID(symbolGroup.key),
+      });
+    });
+
+    it("should deny access when no create policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [symbol.ontologyID("")],
+        actions: [],
+      });
+      const symbolGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: "Test Symbols",
+      });
+      await expect(
+        userClient.workspaces.schematics.symbols.create({
+          name: "test",
+          data: {
+            svg: "<svg></svg>",
+            states: [],
+            handles: [],
+            variant: "sensor",
+          },
+          parent: group.ontologyID(symbolGroup.key),
+        }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to delete symbols with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [symbol.ontologyID("")],
+        actions: ["delete", "retrieve"],
+      });
+      const symbolGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: "Test Symbols",
+      });
+      const randomSymbol = await client.workspaces.schematics.symbols.create({
+        name: "test",
+        data: {
+          svg: "<svg></svg>",
+          states: [],
+          handles: [],
+          variant: "sensor",
+        },
+        parent: group.ontologyID(symbolGroup.key),
+      });
+      await userClient.workspaces.schematics.symbols.delete(randomSymbol.key);
+      await expect(
+        userClient.workspaces.schematics.symbols.retrieve({ key: randomSymbol.key }),
+      ).rejects.toThrow(NotFoundError);
+    });
+
+    it("should deny access when no delete policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [symbol.ontologyID("")],
+        actions: [],
+      });
+      const symbolGroup = await client.ontology.groups.create({
+        parent: ontology.ROOT_ID,
+        name: "Test Symbols",
+      });
+      const randomSymbol = await client.workspaces.schematics.symbols.create({
+        name: "test",
+        data: {
+          svg: "<svg></svg>",
+          states: [],
+          handles: [],
+          variant: "sensor",
+        },
+        parent: group.ontologyID(symbolGroup.key),
+      });
+      await expect(
+        userClient.workspaces.schematics.symbols.delete(randomSymbol.key),
+      ).rejects.toThrow(AuthError);
+    });
+  });
+});

package/src/workspace/schematic/symbol/client.ts

@@ -23,12 +23,6 @@ import {
   symbolZ,
 } from "@/workspace/schematic/symbol/payload";
 
-const RETRIEVE_ENDPOINT = "/workspace/schematic/symbol/retrieve";
-const CREATE_ENDPOINT = "/workspace/schematic/symbol/create";
-const RENAME_ENDPOINT = "/workspace/schematic/symbol/rename";
-const DELETE_ENDPOINT = "/workspace/schematic/symbol/delete";
-const RETRIEVE_GROUP_ENDPOINT = "/workspace/schematic/symbol/retrieve_group";
-
 const createReqZ = z.object({ symbols: newZ.array(), parent: ontology.idZ });
 const renameReqZ = z.object({ key: keyZ, name: z.string() });
 const deleteReqZ = z.object({ keys: keyZ.array() });
@@ -36,8 +30,6 @@ const deleteReqZ = z.object({ keys: keyZ.array() });
 const retrieveRequestZ = z.object({
   keys: keyZ.array().optional(),
   searchTerm: z.string().optional(),
-  offset: z.number().optional(),
-  limit: z.number().optional(),
 });
 
 const singleRetrieveArgsZ = z
@@ -82,7 +74,7 @@ export class Client {
     const symbols = isMany ? options.symbols : [options];
     const res = await sendRequired(
       this.client,
-      CREATE_ENDPOINT,
+      "/workspace/schematic/symbol/create",
       { symbols, parent: options.parent },
       createReqZ,
       createResZ,
@@ -93,7 +85,7 @@ export class Client {
   async rename(key: Key, name: string): Promise<void> {
     await sendRequired(
       this.client,
-      RENAME_ENDPOINT,
+      "/workspace/schematic/symbol/rename",
       { key, name },
       renameReqZ,
       emptyResZ,
@@ -106,7 +98,7 @@ export class Client {
     const isSingle = "key" in args;
     const res = await sendRequired(
       this.client,
-      RETRIEVE_ENDPOINT,
+      "/workspace/schematic/symbol/retrieve",
       args,
       retrieveArgsZ,
       retrieveResZ,
@@ -118,7 +110,7 @@ export class Client {
   async delete(keys: Key | Key[]): Promise<void> {
     await sendRequired(
       this.client,
-      DELETE_ENDPOINT,
+      "/workspace/schematic/symbol/delete",
       { keys: array.toArray(keys) },
       deleteReqZ,
       emptyResZ,
@@ -128,7 +120,7 @@ export class Client {
   async retrieveGroup(): Promise<group.Group> {
     const res = await sendRequired(
       this.client,
-      RETRIEVE_GROUP_ENDPOINT,
+      "/workspace/schematic/symbol/retrieve_group",
       {},
       retrieveGroupReqZ,
       retrieveGroupResZ,
@@ -137,7 +129,4 @@ export class Client {
   }
 }
 
-export const ontologyID = (key: Key): ontology.ID => ({
-  type: "schematic_symbol",
-  key,
-});
+export const ontologyID = ontology.createIDFactory<Key>("schematic_symbol");

package/src/workspace/schematic/symbol/payload.ts

@@ -59,7 +59,7 @@ export interface Spec extends z.infer<typeof specZ> {}
 
 export const symbolZ = z.object({
   key: keyZ,
-  version: z.literal(1).optional().default(1),
+  version: z.literal(1).default(1),
   name: z.string().min(1, "Name is required"),
   data: specZ,
 });

package/src/workspace/table/access.spec.ts

@@ -0,0 +1,134 @@
+// Copyright 2025 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { describe, expect, it } from "vitest";
+
+import { AuthError, NotFoundError } from "@/errors";
+import { createTestClientWithPolicy } from "@/testutil/access";
+import { createTestClient } from "@/testutil/client";
+import { table } from "@/workspace/table";
+
+const client = createTestClient();
+
+describe("table", () => {
+  describe("access control", () => {
+    it("should deny access when no retrieve policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [],
+        actions: [],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomTable = await client.workspaces.tables.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      await expect(
+        userClient.workspaces.tables.retrieve({ key: randomTable.key }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to retrieve tables with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [table.ontologyID("")],
+        actions: ["retrieve"],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomTable = await client.workspaces.tables.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      const retrieved = await userClient.workspaces.tables.retrieve({
+        key: randomTable.key,
+      });
+      expect(retrieved.key).toBe(randomTable.key);
+      expect(retrieved.name).toBe(randomTable.name);
+    });
+
+    it("should allow the caller to create tables with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [table.ontologyID("")],
+        actions: ["create"],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      await userClient.workspaces.tables.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+    });
+
+    it("should deny access when no create policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [table.ontologyID("")],
+        actions: [],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      await expect(
+        userClient.workspaces.tables.create(ws.key, {
+          name: "test",
+          data: {},
+        }),
+      ).rejects.toThrow(AuthError);
+    });
+
+    it("should allow the caller to delete tables with the correct policy", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [table.ontologyID("")],
+        actions: ["delete", "retrieve"],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomTable = await client.workspaces.tables.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      await userClient.workspaces.tables.delete(randomTable.key);
+      await expect(
+        userClient.workspaces.tables.retrieve({ key: randomTable.key }),
+      ).rejects.toThrow(NotFoundError);
+    });
+
+    it("should deny access when no delete policy exists", async () => {
+      const userClient = await createTestClientWithPolicy(client, {
+        name: "test",
+        objects: [table.ontologyID("")],
+        actions: [],
+      });
+      const ws = await client.workspaces.create({
+        name: "test",
+        layout: {},
+      });
+      const randomTable = await client.workspaces.tables.create(ws.key, {
+        name: "test",
+        data: {},
+      });
+      await expect(
+        userClient.workspaces.tables.delete(randomTable.key),
+      ).rejects.toThrow(AuthError);
+    });
+  });
+});