@wirechunk/cli 0.0.1-rc.3 → 0.0.1

package/build/main.js

@@ -57385,6 +57385,7 @@ const createUser = async (opts, env2) => {
   }
   let platformId = opts.platformId;
   let orgId = opts.orgId;
+  let orgPrimary = false;
   try {
     const user = await db.transaction(async (db2) => {
       if (!platformId) {
@@ -57429,12 +57430,20 @@ const createUser = async (opts, env2) => {
         if (opts.verbose) {
           console.log(`Created org ID ${orgId}`);
         }
+        orgPrimary = true;
       }
       const user2 = await db2.one(
         distExports$1.sql.type(
           insertUserResult
         )`insert into "Users" ("platformId", "email", "emailVerified", "password", "passwordStatus", "orgId", "role", "status", "firstName", "lastName") values (${platformId}, ${email}, ${opts.emailVerified}, ${password}, 'Ok', ${orgId}, ${role}, ${status}, ${firstName}, ${lastName}) returning "id"`
       );
+      if (orgPrimary) {
+        await db2.maybeOne(
+          distExports$1.sql.type(
+            voidSelectSchema
+          )`update "Orgs" set "primaryUserId" = ${user2.id} where "id" = ${orgId}`
+        );
+      }
       return user2;
     });
     console.log(`Created user (ID ${user.id})`);
@@ -57447,13 +57456,107 @@ const createUser = async (opts, env2) => {
     process.exit(1);
   }
 };
-const findUserSchema = z.object({
+const Permission = {
+  /** Create (i.e., add) extensions. */
+  CreateExtension: "CreateExtension",
+  /** Create sites. */
+  CreateSite: "CreateSite",
+  /** Create page and form templates. */
+  CreateTemplate: "CreateTemplate",
+  /** Create a user in any org. */
+  CreateUser: "CreateUser",
+  /** Edit or manage everything else not covered by other permissions. */
+  Edit: "Edit",
+  /** Edit, including creating and deleting, any component. */
+  EditComponent: "EditComponent",
+  /** Edit, including creating and deleting, any course. */
+  EditCourse: "EditCourse",
+  /** Edit, including creating and deleting, any custom component. */
+  EditCustomComponent: "EditCustomComponent",
+  /** Edit, including creating and deleting, any custom field. */
+  EditCustomField: "EditCustomField",
+  /** Edit any customer site, including its pages and forms, but not necessarily domain. */
+  EditCustomerSite: "EditCustomerSite",
+  /** Edit any extension. */
+  EditExtension: "EditExtension",
+  /** Edit any help ticket's status. */
+  EditHelpTicketStatus: "EditHelpTicketStatus",
+  /** Edit any platform site, including its pages and forms, but not necessarily domain. */
+  EditPlatformSite: "EditPlatformSite",
+  /** Edit, including creating and deleting, any sequence. */
+  EditSequence: "EditSequence",
+  /** Edit any user's position in a sequence. */
+  EditSequenceUser: "EditSequenceUser",
+  /** Edit any site's settings, pages, forms, and layouts. */
+  EditSite: "EditSite",
+  /** Edit any site's domain. */
+  EditSiteDomain: "EditSiteDomain",
+  /** Edit any site's TLS certificate, including creating and deleting certificates. Does not including editing TLS certificates. */
+  EditSiteTlsCertificate: "EditSiteTlsCertificate",
+  /** Edit any subscription. */
+  EditSubscription: "EditSubscription",
+  /** Edit any page and form template. */
+  EditTemplate: "EditTemplate",
+  /** Edit any user's email address. */
+  EditUserEmail: "EditUserEmail",
+  /** Edit which org any user is in and whether a user is an org owner. */
+  EditUserOrg: "EditUserOrg",
+  /** Edit any user's first and last name. */
+  EditUserProfile: "EditUserProfile",
+  /** Edit any user's role. */
+  EditUserRole: "EditUserRole",
+  /** Edit any user's status. */
+  EditUserStatus: "EditUserStatus",
+  /** Sync any form template to forms. */
+  SyncFormTemplateToForms: "SyncFormTemplateToForms",
+  /** Sync any page template to pages. */
+  SyncPageTemplateToPages: "SyncPageTemplateToPages",
+  /** View anything except for sites. */
+  View: "View",
+  /** View any course. */
+  ViewCourse: "ViewCourse",
+  /** View any extension. */
+  ViewExtension: "ViewExtension",
+  /** View any site, including pages, forms, and layouts, and components. */
+  ViewSite: "ViewSite",
+  /** View any page or form template. */
+  ViewTemplate: "ViewTemplate"
+};
+const allPermissions = Object.values(Permission);
+const revokeAllUserPlatformPermissions = async ({
+  platformAdminId
+}, db) => {
+  await db.query(
+    distExports$1.sql.type(
+      voidSelectSchema
+    )`delete from "PlatformAdminPermissions" where "id" = ${platformAdminId}`
+  );
+};
+const grantAllUserPlatformPermissions = async ({
+  platformAdminId
+}, db) => {
+  await db.query(
+    distExports$1.sql.type(
+      voidSelectSchema
+    )`insert into "PlatformAdminPermissions" ("id", "platformAdminId", "permission") values ${distExports$1.sql.join(
+      allPermissions.map(
+        (permission) => distExports$1.sql.fragment`(${cleanSmallId()}, ${platformAdminId}, ${permission})`
+      ),
+      distExports$1.sql.fragment`,`
+    )} on conflict ("platformAdminId", "permission") do nothing`
+  );
+};
+const findPlatformAdminSchema = z.object({
   id: z.string(),
-  platformId: z.string()
+  platformId: z.string(),
+  active: z.boolean()
+});
+const findUserSchema = z.object({
+  id: z.string()
 });
 const editAdmin = async (opts, env2) => {
   const db = await distExports$1.createPool(requireCoreDbUrl(env2));
-  const { platformId, userId, owner, revokeAllPermissions } = opts;
+  const { platformId, userId, owner, active, revokeAllPermissions } = opts;
   if (owner && revokeAllPermissions) {
     console.error(
       "Cannot set a user as a platform owner and revoke all permissions at the same time"
@@ -57462,9 +57565,9 @@ const editAdmin = async (opts, env2) => {
   }
   try {
     await db.transaction(async (db2) => {
-      const platformAdmin = await db2.maybeOne(
+      let platformAdmin = await db2.maybeOne(
         distExports$1.sql.type(
-          findUserSchema
+          findPlatformAdminSchema
         )`select "id" from "PlatformAdmins" where "platformId" = ${platformId} and "userId" = ${userId}`
       );
       if (!platformAdmin) {
@@ -57475,6 +57578,66 @@ const editAdmin = async (opts, env2) => {
           throw new Error(`User with ID ${userId} not found`);
         }
       }
+      if (owner) {
+        if (!platformAdmin) {
+          platformAdmin = await db2.one(
+            distExports$1.sql.type(findPlatformAdminSchema)`
+              insert into "PlatformAdmins" ("id", "platformId", "userId", "owner", "active")
+              values (${cleanSmallId()}, ${platformId}, ${userId}, ${active ?? true}, true)
+              returning "id", "platformId", "active"
+            `
+          );
+        }
+        await grantAllUserPlatformPermissions({ platformAdminId: platformAdmin.id }, db2);
+        if (opts.verbose) {
+          console.log("Set the user as an owner on the platform");
+        }
+      } else if (owner === false) {
+        if (platformAdmin) {
+          await db2.query(
+            distExports$1.sql.type(voidSelectSchema)`
+            update "PlatformAdmins"
+            set "owner" = false
+            where "id" = ${platformAdmin.id}
+          `
+          );
+          if (opts.verbose) {
+            console.log("Removed the user’s owner privileges on the platform");
+          }
+        } else {
+          console.log("This user is not an admin on this platform");
+        }
+      }
+      if (typeof active === "boolean") {
+        if (platformAdmin) {
+          await db2.query(
+            distExports$1.sql.type(voidSelectSchema)`
+              update "PlatformAdmins"
+              set "active" = ${active}
+              where "id" = ${platformAdmin.id}
+            `
+          );
+        } else {
+          if (active) {
+            await db2.one(
+              distExports$1.sql.type(voidSelectSchema)`
+                insert into "PlatformAdmins" ("id", "platformId", "userId", "owner", "active")
+                values (${cleanSmallId()}, ${platformId}, ${userId}, false, ${active})
+              `
+            );
+          } else {
+            console.log("This user is not an admin on this platform");
+          }
+        }
+      }
+      if (revokeAllPermissions) {
+        if (platformAdmin) {
+          await revokeAllUserPlatformPermissions({ platformAdminId: platformAdmin.id }, db2);
+          console.log("Revoked all platform permissions of user");
+        } else {
+          console.log("This user is not an admin on this platform");
+        }
+      }
     });
   } catch (e) {
     if (e instanceof distExports$1.UniqueIntegrityConstraintViolationError) {
@@ -57735,5 +57898,5 @@ extDev.command("init-db").description(
   "--extension-id <string>",
   "the ID of the extension, can be set with an EXTENSION_ID environment variable instead"
 ).option("--db-name <string>", "a custom name for the database, applicable only for testing").action(withOptionsAndEnv(initDb));
-program.command("edit-admin").description("edit a platform admin user").requiredOption("--platform-id <string>", "the ID of the platform to edit").requiredOption("--user-id <string>", "the ID of the admin user to edit").option("--owner", "grants the user full permission to manage everything on the platform").option("--revoke-all-permissions", "revokes all permission of the user on their platform").action(withOptionsAndEnv(editAdmin));
+program.command("edit-admin").description("edit a platform admin user or make a user a platform admin").requiredOption("--platform-id <string>", "the ID of the platform to edit").requiredOption("--user-id <string>", "the ID of the admin user to edit").option("--owner", "grants the user full permission to manage everything on the platform").option("--no-owner", "removes owner privileges on the platform").option("--active", "activates or deactivates the user’s admin access on the platform").option("--no-active", "deactivates the user’s admin access on the platform").option("--revoke-all-permissions", "revokes all permission of the user on their platform").action(withOptionsAndEnv(editAdmin));
 await program.parseAsync();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wirechunk/cli",
-  "version": "0.0.1-rc.3",
+  "version": "0.0.1",
   "private": false,
   "type": "module",
   "scripts": {

package/src/commands/create-user.ts

@@ -67,8 +67,7 @@ export const createUser = async (
 
   let platformId: string | null | undefined = opts.platformId;
   let orgId: string | null | undefined = opts.orgId;
-  // TODO
-  // let orgPrimary = false;
+  let orgPrimary = false;
 
   try {
     const user = await db.transaction(async (db) => {
@@ -115,7 +114,7 @@ export const createUser = async (
         if (opts.verbose) {
           console.log(`Created org ID ${orgId}`);
         }
-        // orgPrimary = true;
+        orgPrimary = true;
       }
 
       const user = await db.one(
@@ -124,9 +123,13 @@ export const createUser = async (
         )`insert into "Users" ("platformId", "email", "emailVerified", "password", "passwordStatus", "orgId", "role", "status", "firstName", "lastName") values (${platformId}, ${email}, ${opts.emailVerified}, ${password}, 'Ok', ${orgId}, ${role}, ${status}, ${firstName}, ${lastName}) returning "id"`,
       );
 
-      // if (opts.admin) {
-      //   await grantAllUserPlatformPermissions({ userId: user.id, platformId }, db);
-      // }
+      if (orgPrimary) {
+        await db.maybeOne(
+          sql.type(
+            voidSelectSchema,
+          )`update "Orgs" set "primaryUserId" = ${user.id} where "id" = ${orgId}`,
+        );
+      }
 
       return user;
     });

package/src/commands/edit-admin.ts

@@ -1,19 +1,31 @@
+import { cleanSmallId } from '@wirechunk/lib/clean-small-id.ts';
 import { createPool, sql, UniqueIntegrityConstraintViolationError } from 'slonik';
 import { z } from 'zod';
 import type { Env } from '../env.ts';
 import { requireCoreDbUrl } from '../env.ts';
 import { detailedUniqueIntegrityConstraintViolationError } from '../errors.ts';
 import type { WithGlobalOptions } from '../global-options.ts';
+import {
+  grantAllUserPlatformPermissions,
+  revokeAllUserPlatformPermissions,
+} from '../users/permissions.ts';
+import { voidSelectSchema } from '../util.ts';
 
-const findUserSchema = z.object({
+const findPlatformAdminSchema = z.object({
   id: z.string(),
   platformId: z.string(),
+  active: z.boolean(),
+});
+
+const findUserSchema = z.object({
+  id: z.string(),
 });
 
 type EditAdminOptions = {
   platformId: string;
   userId: string;
   owner?: boolean;
+  active?: boolean;
   revokeAllPermissions?: boolean;
 };
 
@@ -22,7 +34,7 @@ export const editAdmin = async (
   env: Env,
 ): Promise<void> => {
   const db = await createPool(requireCoreDbUrl(env));
-  const { platformId, userId, owner, revokeAllPermissions } = opts;
+  const { platformId, userId, owner, active, revokeAllPermissions } = opts;
 
   if (owner && revokeAllPermissions) {
     console.error(
@@ -33,9 +45,9 @@ export const editAdmin = async (
 
   try {
     await db.transaction(async (db) => {
-      const platformAdmin = await db.maybeOne(
+      let platformAdmin = await db.maybeOne(
         sql.type(
-          findUserSchema,
+          findPlatformAdminSchema,
         )`select "id" from "PlatformAdmins" where "platformId" = ${platformId} and "userId" = ${userId}`,
       );
       if (!platformAdmin) {
@@ -46,17 +58,67 @@ export const editAdmin = async (
           throw new Error(`User with ID ${userId} not found`);
         }
       }
-
-      // TODO
-
-      // if (owner) {
-      //   await grantAllUserPlatformPermissions({ userId: id, platformId: user.platformId }, db);
-      //   console.log('Set user as a platform admin');
-      // }
-      // if (revokeAllPermissions) {
-      //   await revokeAllUserPlatformPermissions({ userId: id }, db);
-      //   console.log('Revoked all platform permissions of user');
-      // }
+      if (owner) {
+        if (!platformAdmin) {
+          platformAdmin = await db.one(
+            sql.type(findPlatformAdminSchema)`
+              insert into "PlatformAdmins" ("id", "platformId", "userId", "owner", "active")
+              values (${cleanSmallId()}, ${platformId}, ${userId}, ${active ?? true}, true)
+              returning "id", "platformId", "active"
+            `,
+          );
+        }
+        await grantAllUserPlatformPermissions({ platformAdminId: platformAdmin.id }, db);
+        if (opts.verbose) {
+          console.log('Set the user as an owner on the platform');
+        }
+      } else if (owner === false) {
+        if (platformAdmin) {
+          await db.query(
+            sql.type(voidSelectSchema)`
+            update "PlatformAdmins"
+            set "owner" = false
+            where "id" = ${platformAdmin.id}
+          `,
+          );
+          if (opts.verbose) {
+            console.log('Removed the user’s owner privileges on the platform');
+          }
+        } else {
+          console.log('This user is not an admin on this platform');
+        }
+      }
+      if (typeof active === 'boolean') {
+        if (platformAdmin) {
+          await db.query(
+            sql.type(voidSelectSchema)`
+              update "PlatformAdmins"
+              set "active" = ${active}
+              where "id" = ${platformAdmin.id}
+            `,
+          );
+        } else {
+          if (active) {
+            // Automatically create a platform admin.
+            await db.one(
+              sql.type(voidSelectSchema)`
+                insert into "PlatformAdmins" ("id", "platformId", "userId", "owner", "active")
+                values (${cleanSmallId()}, ${platformId}, ${userId}, false, ${active})
+              `,
+            );
+          } else {
+            console.log('This user is not an admin on this platform');
+          }
+        }
+      }
+      if (revokeAllPermissions) {
+        if (platformAdmin) {
+          await revokeAllUserPlatformPermissions({ platformAdminId: platformAdmin.id }, db);
+          console.log('Revoked all platform permissions of user');
+        } else {
+          console.log('This user is not an admin on this platform');
+        }
+      }
     });
   } catch (e) {
     if (e instanceof UniqueIntegrityConstraintViolationError) {

package/src/main.ts

@@ -118,10 +118,13 @@ extDev
 
 program
   .command('edit-admin')
-  .description('edit a platform admin user')
+  .description('edit a platform admin user or make a user a platform admin')
   .requiredOption('--platform-id <string>', 'the ID of the platform to edit')
   .requiredOption('--user-id <string>', 'the ID of the admin user to edit')
   .option('--owner', 'grants the user full permission to manage everything on the platform')
+  .option('--no-owner', 'removes owner privileges on the platform')
+  .option('--active', 'activates or deactivates the user’s admin access on the platform')
+  .option('--no-active', 'deactivates the user’s admin access on the platform')
   .option('--revoke-all-permissions', 'revokes all permission of the user on their platform')
   .action(withOptionsAndEnv(editAdmin));
 

package/src/users/permissions.ts

@@ -1,3 +1,4 @@
+import { cleanSmallId } from '@wirechunk/lib/clean-small-id.ts';
 import { Permission } from '@wirechunk/lib/graphql-api-enums.ts';
 import type { CommonQueryMethods } from 'slonik';
 import { sql } from 'slonik';
@@ -7,33 +8,35 @@ export const allPermissions = Object.values(Permission);
 
 export const revokeAllUserPlatformPermissions = async (
   {
-    userId,
+    platformAdminId,
   }: {
-    userId: string;
+    platformAdminId: string;
   },
   db: CommonQueryMethods,
 ): Promise<void> => {
   await db.query(
-    sql.type(voidSelectSchema)`delete from "UserPlatformPermissions" where "userId" = ${userId}`,
+    sql.type(
+      voidSelectSchema,
+    )`delete from "PlatformAdminPermissions" where "id" = ${platformAdminId}`,
   );
 };
 
 export const grantAllUserPlatformPermissions = async (
   {
-    userId,
-    platformId,
+    platformAdminId,
   }: {
-    userId: string;
-    platformId: string;
+    platformAdminId: string;
   },
   db: CommonQueryMethods,
 ): Promise<void> => {
   await db.query(
     sql.type(
       voidSelectSchema,
-    )`insert into "UserPlatformPermissions" ("userId", "platformId", "permission") values ${sql.join(
-      allPermissions.map((permission) => sql.fragment`(${userId}, ${platformId}, ${permission})`),
+    )`insert into "PlatformAdminPermissions" ("id", "platformAdminId", "permission") values ${sql.join(
+      allPermissions.map(
+        (permission) => sql.fragment`(${cleanSmallId()}, ${platformAdminId}, ${permission})`,
+      ),
       sql.fragment`,`,
-    )} on conflict on constraint "UserPlatformPermissions_pkey" do nothing`,
+    )} on conflict ("platformAdminId", "permission") do nothing`,
   );
 };