@witnium-tech/witniumchain 0.7.0 → 0.8.0

package/dist/index.js

@@ -121,6 +121,8 @@ var WitniumchainClient = class {
   oauth;
   /** MFA self-management. Accessed as `client.mfa.totp.*` and `client.mfa.recoveryCodes.*`. */
   mfa;
+  /** Session-cookie team management (org-admin only). `client.orgUsers.*`. */
+  orgUsers;
   constructor(config) {
     if (!config.baseUrl) {
       throw new Error("WitniumchainClient: baseUrl is required");
@@ -144,6 +146,7 @@ var WitniumchainClient = class {
     this.keys = new SigningKeys(this);
     this.oauth = new OauthNamespace(this);
     this.mfa = new MfaNamespace(this);
+    this.orgUsers = new OrgMembers(this);
   }
   /**
    * Convenience alias for {@link getAccount} — returns the authenticated
@@ -171,6 +174,53 @@ var WitniumchainClient = class {
   createOrg(body) {
     return this.req("POST", "/v1/orgs", { auth: "Public", body });
   }
+  // ── Team management (session-cookie; org-admin only) ──────────────────────
+  // Backing methods for the `orgUsers` namespace. All resolve the caller's
+  // org + org-admin role server-side from the session — no orgId in the path.
+  listMembers() {
+    return this.req("GET", "/v1/orgs/me/members", { auth: "SessionCookie" });
+  }
+  inviteMember(body) {
+    return this.req("POST", "/v1/orgs/me/members/invite", {
+      auth: "SessionCookie",
+      body
+    });
+  }
+  suspendMember(userId) {
+    return this.req(
+      "POST",
+      `/v1/orgs/me/members/${encodeURIComponent(userId)}/suspend`,
+      { auth: "SessionCookie" }
+    );
+  }
+  unsuspendMember(userId) {
+    return this.req(
+      "POST",
+      `/v1/orgs/me/members/${encodeURIComponent(userId)}/unsuspend`,
+      { auth: "SessionCookie" }
+    );
+  }
+  setMemberRole(userId, body) {
+    return this.req(
+      "PUT",
+      `/v1/orgs/me/members/${encodeURIComponent(userId)}/role`,
+      { auth: "SessionCookie", body }
+    );
+  }
+  removeMember(userId) {
+    return this.req(
+      "DELETE",
+      `/v1/orgs/me/members/${encodeURIComponent(userId)}`,
+      { auth: "SessionCookie" }
+    );
+  }
+  resendMemberInvite(userId) {
+    return this.req(
+      "POST",
+      `/v1/orgs/me/members/${encodeURIComponent(userId)}/resend-invite`,
+      { auth: "SessionCookie" }
+    );
+  }
   verifyEmail(token) {
     return this.req("GET", "/v1/auth/verify", {
       auth: "Public",
@@ -1243,6 +1293,40 @@ var MfaNamespace = class {
     this.recoveryCodes = new MfaRecoveryCodes(client);
   }
 };
+var OrgMembers = class {
+  constructor(client) {
+    this.client = client;
+  }
+  client;
+  /** List the caller's org members (role, suspendedAt, isOwner, keys). */
+  list() {
+    return this.client.listMembers();
+  }
+  /** Invite a member by email (default role `member`). */
+  invite(body) {
+    return this.client.inviteMember(body);
+  }
+  /** Suspend a member (reversible). The owner cannot be suspended. */
+  suspend(userId) {
+    return this.client.suspendMember(userId);
+  }
+  /** Lift a member's suspension. */
+  unsuspend(userId) {
+    return this.client.unsuspendMember(userId);
+  }
+  /** Set a member's role. Refuses to demote the owner. */
+  setRole(userId, role) {
+    return this.client.setMemberRole(userId, { role });
+  }
+  /** Remove a member (terminal; revokes their delegated keys). Owner protected. */
+  remove(userId) {
+    return this.client.removeMember(userId);
+  }
+  /** Re-mint an email-verify token for a pending member. */
+  resendInvite(userId) {
+    return this.client.resendMemberInvite(userId);
+  }
+};
 var MfaTotp = class {
   constructor(client) {
     this.client = client;
@@ -1567,6 +1651,7 @@ exports.MfaTotp = MfaTotp;
 exports.OWNER_OP = OWNER_OP;
 exports.OauthNamespace = OauthNamespace;
 exports.OauthSessions = OauthSessions;
+exports.OrgMembers = OrgMembers;
 exports.OrgUsers = OrgUsers;
 exports.SigningKeys = SigningKeys;
 exports.Subscriptions = Subscriptions;