npm - @webstudio-is/trpc-interface - Versions diffs - 0.90.0 → 0.260.2 - Mend

@webstudio-is/trpc-interface 0.90.0 → 0.260.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/package.json +26 -25
package/src/authorize/project.server.test.ts +443 -0
package/src/authorize/project.server.ts +309 -121
package/src/authorize/role.ts +18 -0
package/src/context/context.server.ts +59 -24
package/src/context/errors.server.ts +16 -0
package/src/context/router.server.ts +19 -0
package/src/index.server.ts +15 -3
package/src/shared/client.ts +0 -2
package/src/shared/deployment.ts +23 -6
package/src/shared/domain.ts +3 -3
package/src/shared/plan-client.server.ts +7 -0
package/src/shared/plan-features.ts +7 -0
package/src/shared/shared-router.ts +0 -2
package/src/shared/trpc.ts +5 -1
package/src/trpc-caller-link.test.ts +1 -1
package/src/trpc-caller-link.ts +1 -2
package/tsconfig.json +3 -0
package/lib/authorize/authorization-token.server.js +0 -72
package/lib/authorize/project.server.js +0 -103
package/lib/cjs/authorize/authorization-token.server.js +0 -92
package/lib/cjs/authorize/project.server.js +0 -123
package/lib/cjs/context/context.server.js +0 -16
package/lib/cjs/context/errors.server.js +0 -29
package/lib/cjs/index.js +0 -18
package/lib/cjs/index.server.js +0 -40
package/lib/cjs/package.json +0 -1
package/lib/cjs/shared/authorization-router.js +0 -184
package/lib/cjs/shared/client.js +0 -63
package/lib/cjs/shared/deployment.js +0 -51
package/lib/cjs/shared/domain.js +0 -98
package/lib/cjs/shared/shared-router.js +0 -32
package/lib/cjs/shared/trpc.js +0 -31
package/lib/cjs/trpc-caller-link.js +0 -46
package/lib/context/context.server.js +0 -0
package/lib/context/errors.server.js +0 -9
package/lib/index.js +0 -1
package/lib/index.server.js +0 -10
package/lib/shared/authorization-router.js +0 -164
package/lib/shared/client.js +0 -35
package/lib/shared/deployment.js +0 -31
package/lib/shared/domain.js +0 -78
package/lib/shared/shared-router.js +0 -12
package/lib/shared/trpc.js +0 -11
package/lib/trpc-caller-link.js +0 -26
package/lib/types/authorize/authorization-token.server.d.ts +0 -21
package/lib/types/authorize/project.server.d.ts +0 -25
package/lib/types/context/context.server.d.ts +0 -53
package/lib/types/context/errors.server.d.ts +0 -1
package/lib/types/index.d.ts +0 -1
package/lib/types/index.server.d.ts +0 -7
package/lib/types/shared/authorization-router.d.ts +0 -276
package/lib/types/shared/client.d.ts +0 -8
package/lib/types/shared/deployment.d.ts +0 -45
package/lib/types/shared/domain.d.ts +0 -119
package/lib/types/shared/shared-router.d.ts +0 -415
package/lib/types/shared/trpc.d.ts +0 -48
package/lib/types/trpc-caller-link.d.ts +0 -16
package/lib/types/trpc-caller-link.test.d.ts +0 -49
package/src/authorize/authorization-token.server.ts +0 -106
package/src/shared/authorization-router.ts +0 -198

package/src/shared/authorization-router.ts DELETED Viewed

@@ -1,198 +0,0 @@
-import { z } from "zod";
-import { router, procedure } from "./trpc";
-import { prisma } from "@webstudio-is/prisma-client";
-const Relation = z.enum(["viewers", "editors", "builders", "owners"]);
-const AuthPermit = z.enum(["view", "edit", "build", "own"]);
-export type AuthPermit = z.infer<typeof AuthPermit>;
-const DeleteCreateInput = z.discriminatedUnion("namespace", [
-  z.object({
-    namespace: z.literal("Project"),
-    id: z.string(),
-    relation: Relation,
-    subjectSet: z.discriminatedUnion("namespace", [
-      z.object({
-        namespace: z.literal("User"),
-        id: z.string(),
-      }),
-      z.object({
-        namespace: z.literal("Token"),
-        id: z.string(),
-      }),
-      z.object({
-        namespace: z.literal("Email"),
-        id: z.string(),
-        relation: z.literal("owners"),
-      }),
-    ]),
-  }),
-  z.object({
-    namespace: z.literal("Email"),
-    id: z.string(),
-    relation: z.enum(["owners"]),
-    subjectSet: z.object({
-      namespace: z.literal("User"),
-      id: z.string(),
-    }),
-  }),
-]);
-export const authorizationRouter = router({
-  /**
-   * Relation expansion in authorize looks like a tree
-   *
-   * :#@Project:AliceProjectUUID#viewers
-   *   :#@Email:bob@bob.com#owner
-   *     :#@User:BobUUID️
-   *   :#@Token:LinkRandomSequence️
-   *
-   * We don't need the whole tree in UI and need only the leaf nodes.
-   * i.e. @User:BobUUID️, @Token:LinkRandomSequence️ and the root relation i.e "viewers"
-   */
-  expandLeafNodes: procedure
-    .input(
-      z.object({
-        namespace: z.literal("Project"),
-        id: z.string(),
-      })
-    )
-    .output(
-      z.array(
-        z.object({
-          // top level relation
-          relation: Relation,
-          // subjectSet
-          namespace: z.enum(["Email", "User", "Token"]),
-          id: z.string(),
-        })
-      )
-    )
-    .query(async ({ input }) => {
-      // Implement ory expand, on all relations
-      const { namespace, id } = input;
-      if (namespace !== "Project") {
-        throw new Error("Not implemented");
-      }
-      // At OSS we support only owner relation for the users
-      const ownerRow = await prisma.project.findUnique({
-        where: {
-          id,
-        },
-        select: {
-          userId: true,
-        },
-      });
-      const tokenRows = await prisma.authorizationToken.findMany({
-        where: {
-          projectId: id,
-        },
-      });
-      const leafSubjectSets = [];
-      if (ownerRow !== null && ownerRow.userId !== null) {
-        leafSubjectSets.push({
-          namespace: "User",
-          id: ownerRow.userId,
-          relation: "owners",
-        } as const);
-      }
-      for (const tokenRow of tokenRows) {
-        leafSubjectSets.push({
-          namespace: "Token",
-          id: tokenRow.token,
-          relation: tokenRow.relation,
-        } as const);
-      }
-      return leafSubjectSets;
-    }),
-  /**
-   * Check if subject has permit on the resource
-   */
-  check: procedure
-    .input(
-      z.object({
-        namespace: z.enum(["Project"]),
-        id: z.string(),
-        permit: AuthPermit,
-        subjectSet: z.object({
-          namespace: z.enum(["User", "Token"]),
-          id: z.string(),
-        }),
-      })
-    )
-    .output(z.object({ allowed: z.boolean() }))
-    .query(async ({ input }) => {
-      const { subjectSet } = input;
-      if (subjectSet.namespace === "User") {
-        // We check only if the user is the owner of the project
-        const row = await prisma.project.findFirst({
-          where: {
-            id: input.id,
-            userId: subjectSet.id,
-          },
-          select: {
-            id: true,
-          },
-        });
-        return { allowed: row !== null };
-      }
-      const permitToRelationRewrite = {
-        view: ["viewers", "editors", "builders"],
-        edit: ["editors", "builders"],
-        build: ["builders"],
-      } as const;
-      if (subjectSet.namespace === "Token" && input.permit !== "own") {
-        const row = await prisma.authorizationToken.findFirst({
-          where: {
-            token: subjectSet.id,
-            relation: {
-              in: [...permitToRelationRewrite[input.permit]],
-            },
-          },
-          select: { token: true },
-        });
-        return { allowed: row !== null };
-      }
-      return { allowed: false };
-    }),
-  /**
-   * In OSS we extract owner relation from the Project table, and the rest from the authorizationToken table
-   */
-  create: procedure.input(DeleteCreateInput).mutation(async ({ input }) => {
-    // Do nothing in OSS
-  }),
-  delete: procedure.input(DeleteCreateInput).mutation(async ({ input }) => {
-    // Do nothing in OSS
-  }),
-  patch: procedure
-    .input(
-      z.array(
-        z.object({
-          action: z.enum(["insert", "delete"]),
-          relationTuple: DeleteCreateInput,
-        })
-      )
-    )
-    .mutation(async ({ input }) => {
-      // Do nothing in OSS
-    }),
-});