@xcitedbs/client 0.3.8 → 0.3.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client.d.ts +6 -0
- package/dist/client.js +8 -0
- package/dist/types.d.ts +8 -0
- package/dist/user-isolation.test.js +12 -1
- package/package.json +1 -1
package/dist/client.d.ts
CHANGED
|
@@ -541,6 +541,12 @@ export declare class XCiteDBClient {
|
|
|
541
541
|
getGroup(id: string): Promise<AppUserGroup>;
|
|
542
542
|
/** Delete a group (`DELETE /api/v1/security/user-isolation/groups/{id}`). Owner or admin only. */
|
|
543
543
|
deleteGroup(id: string): Promise<void>;
|
|
544
|
+
/**
|
|
545
|
+
* Rename a group (`PATCH /api/v1/security/user-isolation/groups/{id}`). Owner or admin only.
|
|
546
|
+
* Returns the updated group record. The `group_id` is stable across renames, so existing shares
|
|
547
|
+
* targeted at this group continue to work.
|
|
548
|
+
*/
|
|
549
|
+
renameGroup(id: string, name: string): Promise<AppUserGroup>;
|
|
544
550
|
/**
|
|
545
551
|
* Add an app user to a group (`POST /api/v1/security/user-isolation/groups/{id}/members`).
|
|
546
552
|
* Owner or admin only. Returns the updated group record.
|
package/dist/client.js
CHANGED
|
@@ -1773,6 +1773,14 @@ class XCiteDBClient {
|
|
|
1773
1773
|
async deleteGroup(id) {
|
|
1774
1774
|
await this.request('DELETE', `/api/v1/security/user-isolation/groups/${encodeURIComponent(id)}`);
|
|
1775
1775
|
}
|
|
1776
|
+
/**
|
|
1777
|
+
* Rename a group (`PATCH /api/v1/security/user-isolation/groups/{id}`). Owner or admin only.
|
|
1778
|
+
* Returns the updated group record. The `group_id` is stable across renames, so existing shares
|
|
1779
|
+
* targeted at this group continue to work.
|
|
1780
|
+
*/
|
|
1781
|
+
async renameGroup(id, name) {
|
|
1782
|
+
return this.request('PATCH', `/api/v1/security/user-isolation/groups/${encodeURIComponent(id)}`, { name });
|
|
1783
|
+
}
|
|
1776
1784
|
/**
|
|
1777
1785
|
* Add an app user to a group (`POST /api/v1/security/user-isolation/groups/{id}/members`).
|
|
1778
1786
|
* Owner or admin only. Returns the updated group record.
|
package/dist/types.d.ts
CHANGED
|
@@ -699,6 +699,14 @@ export interface UserIsolationShareResult {
|
|
|
699
699
|
export interface UserIsolationShareListEntry {
|
|
700
700
|
identifier: string;
|
|
701
701
|
mode: UserIsolationShareMode;
|
|
702
|
+
/** App user id of the user who created this share, parsed from the alias path. */
|
|
703
|
+
granter_user_id?: string;
|
|
704
|
+
/** Display name of the granter, looked up at list time. */
|
|
705
|
+
granter_display_name?: string;
|
|
706
|
+
/** Email of the granter, looked up at list time. */
|
|
707
|
+
granter_email?: string;
|
|
708
|
+
/** Epoch seconds. Omitted for shares created before share-meta storage existed. */
|
|
709
|
+
created_at?: number;
|
|
702
710
|
}
|
|
703
711
|
/** Response from `GET /api/v1/security/user-isolation/shares?direction=…`. */
|
|
704
712
|
export interface UserIsolationShareListResponse {
|
|
@@ -310,6 +310,13 @@ wd('app-user groups + group-aware shares (wet)', () => {
|
|
|
310
310
|
const status = err.status;
|
|
311
311
|
return status === 403;
|
|
312
312
|
}, 'non-owner deleteGroup must be rejected with 403');
|
|
313
|
+
// Rename: owner can; non-owner cannot.
|
|
314
|
+
const newName = `g-${suffix}-renamed`;
|
|
315
|
+
const renamed = await ownerClient.renameGroup(groupId, newName);
|
|
316
|
+
strict_1.default.equal(renamed.name, newName);
|
|
317
|
+
strict_1.default.equal(renamed.group_id, groupId, 'group_id must be stable across rename');
|
|
318
|
+
strict_1.default.ok(renamed.updated_at >= created.updated_at, 'updated_at should advance on rename');
|
|
319
|
+
await strict_1.default.rejects(() => memberClient.renameGroup(groupId, `g-${suffix}-hijack`), (err) => err.status === 403, 'non-owner renameGroup must be rejected with 403');
|
|
313
320
|
await ownerClient.removeGroupMember(groupId, member.user_id);
|
|
314
321
|
const afterRemove = await ownerClient.getGroup(groupId);
|
|
315
322
|
strict_1.default.ok(!afterRemove.member_ids.includes(member.user_id), 'member_ids should not include removed user');
|
|
@@ -378,7 +385,11 @@ wd('app-user groups + group-aware shares (wet)', () => {
|
|
|
378
385
|
});
|
|
379
386
|
await memberClient.loginAppUser(memberEmail, password);
|
|
380
387
|
const incoming = await memberClient.listUserIsolationShares({ direction: 'incoming' });
|
|
381
|
-
|
|
388
|
+
const matched = incoming.identifiers.find((row) => row.identifier === share.alias);
|
|
389
|
+
strict_1.default.ok(matched, `incoming list should include alias ${share.alias}; got ${JSON.stringify(incoming.identifiers)}`);
|
|
390
|
+
strict_1.default.equal(matched.granter_user_id, owner.user_id, 'granter_user_id should match the sharer');
|
|
391
|
+
strict_1.default.equal(matched.granter_email, ownerEmail, 'granter_email should be the sharer email');
|
|
392
|
+
strict_1.default.ok(typeof matched.created_at === 'number' && matched.created_at > 0, `created_at should be a positive number; got ${matched.created_at}`);
|
|
382
393
|
const doc = await memberClient.readJsonDocument(share.alias);
|
|
383
394
|
strict_1.default.equal(doc.who, 'owner');
|
|
384
395
|
strict_1.default.equal(doc.v, 1);
|