@tokenbuddy/tb-admin 1.0.35 → 1.0.37

package/src/client.ts

@@ -1,179 +0,0 @@
-/**
- * admin CLI 调 wallet-bootstrap / seller 服务的轻量 HTTP 客户端。
- * 内部封装 Bearer Token 鉴权、JSON 序列化、非 2xx 抛错的统一行为。
- */
-export class AdminClient {
-  protected baseUrl: string;
-  protected token: string;
-
-  constructor(baseUrl: string, token: string) {
-    this.baseUrl = baseUrl.replace(/\/+$/, "");
-    this.token = token;
-  }
-
-  private async request(path: string, method: string, body?: any, extraHeaders: { [key: string]: string } = {}): Promise<any> {
-    const url = `${this.baseUrl}${path}`;
-    const headers: { [key: string]: string } = {
-      "Content-Type": "application/json",
-      "Authorization": `Bearer ${this.token}`,
-      ...extraHeaders
-    };
-
-    const options: RequestInit = {
-      method,
-      headers
-    };
-
-    if (body) {
-      options.body = JSON.stringify(body);
-    }
-
-    try {
-      const response = await fetch(url, options);
-      if (!response.ok) {
-        const errorText = await response.text();
-        throw new Error(`HTTP Error ${response.status}: ${errorText || response.statusText}`);
-      }
-      const text = await response.text();
-      return text ? JSON.parse(text) : {};
-    } catch (err: any) {
-      throw new Error(`Connection failed: ${err.message}`);
-    }
-  }
-
-  public async get(path: string): Promise<any> {
-    return this.request(path, "GET");
-  }
-
-  public async put(path: string, body?: any, headers?: { [key: string]: string }): Promise<any> {
-    return this.request(path, "PUT", body, headers);
-  }
-
-  public async post(path: string, body?: any, headers?: { [key: string]: string }): Promise<any> {
-    return this.request(path, "POST", body, headers);
-  }
-
-  public async patch(path: string, body?: any, headers?: { [key: string]: string }): Promise<any> {
-    return this.request(path, "PATCH", body, headers);
-  }
-
-  public async delete(path: string, body?: any, headers?: { [key: string]: string }): Promise<any> {
-    return this.request(path, "DELETE", body, headers);
-  }
-}
-
-/**
- * Vendor domain client. Step 5 of the registry redesign: vendor
- * tokens call `/platform/*` (Bearer auth). The old `bootstrap
- * config*`, `bootstrap registry publish`, and `bootstrap default-
- * seller set` commands have been removed; vendors stage sellers and
- * submit release requests instead.
- */
-export class RegistryVendorClient extends AdminClient {
-  public async me(): Promise<{ vendor: { id: string; name: string; status: string } }> {
-    return this.get("/platform/me");
-  }
-
-  public async listSellers(): Promise<{ sellers: unknown[] }> {
-    return this.get("/platform/sellers");
-  }
-
-  /**
-   * Step 14 (v1.1): vendor-scoped seller status mutation.
-   * Replaces the old `tb-admin bootstrap sellers status` path which called
-   * /operator/registry/sellers/:id/status (operator-level, super-admin scope).
-   * Vendor can only mutate sellers in its own scope; the platform vendor
-   * (DEFAULT_PLATFORM_VENDOR_ID) can mutate any.
-   */
-  public async setSellerStatus(
-    id: string,
-    status: "active" | "draining" | "offline",
-    options: { expectedVersion?: number; idempotencyKey?: string } = {}
-  ): Promise<{ registry: { version: number; sellers: unknown[] } }> {
-    const headers: { [key: string]: string } = {};
-    if (options.idempotencyKey) {
-      headers["Idempotency-Key"] = options.idempotencyKey;
-    }
-    return this.put(
-      `/platform/sellers/${encodeURIComponent(id)}/status`,
-      {
-        status,
-        ...(options.expectedVersion !== undefined ? { expectedVersion: options.expectedVersion } : {})
-      },
-      headers
-    );
-  }
-
-  public async stageSeller(seller: unknown): Promise<{ pendingSeller: unknown }> {
-    return this.post("/platform/sellers/stage", { seller });
-  }
-
-  public async listPendingSellers(status?: string): Promise<{ pendingSellers: unknown[] }> {
-    const path = status ? `/platform/sellers/pending?status=${encodeURIComponent(status)}` : "/platform/sellers/pending";
-    return this.get(path);
-  }
-
-  public async submitRelease(input: { stagedSellerIds: string[]; note?: string }): Promise<{ releaseRequest: unknown }> {
-    return this.post("/platform/release-requests", input);
-  }
-
-  public async listReleaseRequests(limit = 20): Promise<{ releaseRequests: unknown[] }> {
-    return this.get(`/platform/release-requests?limit=${limit}`);
-  }
-
-  public async getReleaseRequest(id: number): Promise<{ releaseRequest: unknown }> {
-    return this.get(`/platform/release-requests/${id}`);
-  }
-}
-
-/**
- * Super-admin client. Used by automated scripts / CI to drive the
- * admin web endpoints (force-publish, registry versions, audit).
- * Step 5 keeps this narrow; the human-facing flow is the browser.
- */
-export class RegistryAdminClient extends AdminClient {
-  constructor(baseUrl: string, superAdminKey: string) {
-    // We pass the super-admin key as the "token" but override the
-    // Authorization header below — super-admin uses the
-    // `X-Registry-Admin-Key` header, not Bearer.
-    super(baseUrl, superAdminKey);
-  }
-
-  protected overrideHeaders(headers: Record<string, string>): Record<string, string> {
-    return { ...headers, "X-Registry-Admin-Key": this.token };
-  }
-
-  private async requestAdmin(path: string, method: string, body?: any): Promise<any> {
-    const url = `${this.baseUrl}${path}`;
-    const headers = this.overrideHeaders({ "Content-Type": "application/json" });
-    const options: RequestInit = { method, headers };
-    if (body) options.body = JSON.stringify(body);
-    const response = await fetch(url, options);
-    if (!response.ok) {
-      const text = await response.text();
-      throw new Error(`HTTP Error ${response.status}: ${text || response.statusText}`);
-    }
-    const text = await response.text();
-    return text ? JSON.parse(text) : {};
-  }
-
-  public async listVendors(): Promise<{ vendors: unknown[] }> {
-    return this.requestAdmin("/platform/vendors", "GET");
-  }
-
-  public async createVendor(name: string): Promise<{ vendor: unknown; token: string }> {
-    return this.requestAdmin("/platform/vendors", "POST", { name });
-  }
-
-  public async forcePublish(releaseId: number): Promise<{ releaseRequest: unknown; publishedVersion: number | null }> {
-    return this.requestAdmin(`/admin/api/release-requests/${releaseId}/force-publish`, "POST");
-  }
-
-  public async listVersions(): Promise<{ versions: unknown[] }> {
-    return this.requestAdmin("/admin/api/registry-versions", "GET");
-  }
-
-  public async listAudit(): Promise<{ records: unknown[] }> {
-    return this.requestAdmin("/admin/api/audit", "GET");
-  }
-}

package/src/config.ts

@@ -1,194 +0,0 @@
-import * as fs from "fs";
-import * as path from "path";
-import * as os from "os";
-import TOML from "@iarna/toml";
-
-/**
- * admin CLI 单个 profile：远程 wallet-bootstrap / seller 服务的 URL + 鉴权 token。
- */
-export interface AdminProfile {
-  /** 服务 base URL（如 `https://bootstrap.example.com`） */
-  url: string;
-  /** 鉴权 token（脱敏写入配置文件） */
-  token: string;
-}
-
-/**
- * seller provider（如 Fly.io）的配置。
- * 字段命名采用 snake_case 匹配 TOML 习惯。
- */
-export interface SellerProviderConfig {
-  /** Fly.io API token */
-  token?: string;
-  /** flyctl 可执行路径（默认从 PATH 解析） */
-  flyctl_path?: string;
-  /** 默认 seller app 名称（创建新 seller 时复用） */
-  default_app?: string;
-  /** 默认部署 region（如 `sin` / `nrt`） */
-  default_region?: string;
-  /** 默认 Docker 镜像 */
-  default_image?: string;
-  /** 默认 seller config YAML 路径 */
-  default_config?: string;
-  /** seller operator 接口的 secret（写盘 / 重启用） */
-  operator_secret?: string;
-  /** 持久化 volume 名 */
-  volume_name?: string;
-  /** volume 容量（GB） */
-  volume_size_gb?: number;
-  /** 已存在的 volume ID（attach 用） */
-  volume_id?: string;
-  /** volume snapshot 保留天数 */
-  volume_snapshot_retention_days?: number;
-}
-
-/**
- * admin CLI 配置根结构。
- * `default_profile` 缺省时使用第一个 profile。
- */
-export interface AdminConfig {
-  default_profile?: string;
-  profiles: { [name: string]: AdminProfile };
-  seller_providers?: { [name: string]: SellerProviderConfig };
-}
-
-/**
- * 解析 admin CLI 的默认配置路径：`~/.config/tokenbuddy/admin.toml`。
- * 兼容旧版 `~/.tokenbuddy/admin.json`（legacy JSON），由 `ConfigManager` 自动识别。
- *
- * @returns 配置文件绝对路径
- */
-export function getDefaultConfigPath(): string {
-  const home = os.homedir();
-  return path.join(home, ".config", "tokenbuddy", "admin.toml");
-}
-
-/**
- * admin CLI 配置的读写管理器（TOML 优先，legacy JSON 兼容）。
- * 写盘时自动 chmod 0600（best effort）保护含 token 的配置文件。
- */
-export class ConfigManager {
-  private configPath: string;
-
-  constructor(customPath?: string) {
-    this.configPath = customPath || getDefaultConfigPath();
-  }
-
-  public getConfigPath(): string {
-    return this.configPath;
-  }
-
-  public load(): AdminConfig {
-    if (!fs.existsSync(this.configPath)) {
-      return { profiles: {} };
-    }
-    try {
-      const content = fs.readFileSync(this.configPath, "utf8");
-
-      // Support legacy JSON format for backward compatibility
-      if (this.configPath.endsWith(".json")) {
-        return JSON.parse(content) as AdminConfig;
-      }
-
-      const parsed = TOML.parse(content) as any;
-      // TOML nested tables [profiles.xxx] are parsed as { profiles: { xxx: { ... } } }
-      return {
-        default_profile: parsed.default_profile,
-        profiles: parsed.profiles || {},
-        seller_providers: parsed.seller_providers || undefined
-      };
-    } catch {
-      return { profiles: {} };
-    }
-  }
-
-  public save(config: AdminConfig): void {
-    const parent = path.dirname(this.configPath);
-    if (!fs.existsSync(parent)) {
-      fs.mkdirSync(parent, { recursive: true });
-    }
-
-    if (this.configPath.endsWith(".json")) {
-      // Legacy JSON format
-      fs.writeFileSync(this.configPath, JSON.stringify(config, null, 2), "utf8");
-    } else {
-      // TOML format (default)
-      const tomlObj: any = {};
-      if (config.default_profile) {
-        tomlObj.default_profile = config.default_profile;
-      }
-      if (config.profiles) {
-        tomlObj.profiles = config.profiles;
-      }
-      if (config.seller_providers) {
-        tomlObj.seller_providers = config.seller_providers;
-      }
-      const content = TOML.stringify(tomlObj);
-      fs.writeFileSync(this.configPath, content, "utf8");
-
-      // chmod 0600 for security (contains tokens) - match Rust behavior
-      try {
-        fs.chmodSync(this.configPath, 0o600);
-      } catch {
-        // Ignore on platforms that don't support chmod
-      }
-    }
-  }
-
-  public getProfile(name?: string): AdminProfile | undefined {
-    const config = this.load();
-    const targetName = name || config.default_profile;
-    if (!targetName) return undefined;
-    return config.profiles[targetName];
-  }
-
-  public setProfile(name: string, profile: AdminProfile): void {
-    const config = this.load();
-    config.profiles[name] = profile;
-    if (!config.default_profile) {
-      config.default_profile = name;
-    }
-    this.save(config);
-  }
-
-  public removeProfile(name: string): void {
-    const config = this.load();
-    if (!config.profiles[name]) {
-      throw new Error(`Profile \`${name}\` does not exist.`);
-    }
-    delete config.profiles[name];
-    if (config.default_profile === name) {
-      const remaining = Object.keys(config.profiles);
-      config.default_profile = remaining.length > 0 ? remaining[0] : undefined;
-    }
-    this.save(config);
-  }
-
-  public useProfile(name: string): void {
-    const config = this.load();
-    if (!config.profiles[name]) {
-      throw new Error(`Profile \`${name}\` does not exist.`);
-    }
-    config.default_profile = name;
-    this.save(config);
-  }
-
-  public listProfiles(): string[] {
-    const config = this.load();
-    return Object.keys(config.profiles);
-  }
-
-  public getSellerProvider(name: string = "fly"): SellerProviderConfig | undefined {
-    const config = this.load();
-    return config.seller_providers?.[name];
-  }
-
-  public setSellerProvider(name: string, provider: SellerProviderConfig): void {
-    const config = this.load();
-    if (!config.seller_providers) {
-      config.seller_providers = {};
-    }
-    config.seller_providers[name] = provider;
-    this.save(config);
-  }
-}