better-auth 1.2.6-beta.7 → 1.2.7-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/drizzle-adapter/index.cjs +186 -249
- package/dist/adapters/drizzle-adapter/index.d.cts +11 -49
- package/dist/adapters/drizzle-adapter/index.d.mts +11 -49
- package/dist/adapters/drizzle-adapter/index.d.ts +11 -49
- package/dist/adapters/drizzle-adapter/index.mjs +186 -249
- package/dist/adapters/index.cjs +26 -0
- package/dist/adapters/index.d.cts +17 -0
- package/dist/adapters/index.d.mts +17 -0
- package/dist/adapters/index.d.ts +17 -0
- package/dist/adapters/index.mjs +20 -0
- package/dist/adapters/kysely-adapter/index.cjs +7 -7
- package/dist/adapters/kysely-adapter/index.d.cts +17 -49
- package/dist/adapters/kysely-adapter/index.d.mts +17 -49
- package/dist/adapters/kysely-adapter/index.d.ts +17 -49
- package/dist/adapters/kysely-adapter/index.mjs +8 -8
- package/dist/adapters/memory-adapter/index.cjs +7 -8
- package/dist/adapters/memory-adapter/index.d.cts +9 -49
- package/dist/adapters/memory-adapter/index.d.mts +9 -49
- package/dist/adapters/memory-adapter/index.d.ts +9 -49
- package/dist/adapters/memory-adapter/index.mjs +8 -9
- package/dist/adapters/mongodb-adapter/index.cjs +2 -2
- package/dist/adapters/mongodb-adapter/index.d.cts +4 -4
- package/dist/adapters/mongodb-adapter/index.d.mts +4 -4
- package/dist/adapters/mongodb-adapter/index.d.ts +4 -4
- package/dist/adapters/mongodb-adapter/index.mjs +3 -3
- package/dist/adapters/prisma-adapter/index.cjs +130 -203
- package/dist/adapters/prisma-adapter/index.d.cts +17 -49
- package/dist/adapters/prisma-adapter/index.d.mts +17 -49
- package/dist/adapters/prisma-adapter/index.d.ts +17 -49
- package/dist/adapters/prisma-adapter/index.mjs +131 -204
- package/dist/adapters/test.cjs +710 -377
- package/dist/adapters/test.d.cts +64 -5
- package/dist/adapters/test.d.mts +64 -5
- package/dist/adapters/test.d.ts +64 -5
- package/dist/adapters/test.mjs +712 -380
- package/dist/api/index.cjs +61 -25
- package/dist/api/index.d.cts +3 -3
- package/dist/api/index.d.mts +3 -3
- package/dist/api/index.d.ts +3 -3
- package/dist/api/index.mjs +63 -27
- package/dist/client/index.d.cts +3 -3
- package/dist/client/index.d.mts +3 -3
- package/dist/client/index.d.ts +3 -3
- package/dist/client/plugins/index.cjs +13 -15
- package/dist/client/plugins/index.d.cts +80 -19
- package/dist/client/plugins/index.d.mts +80 -19
- package/dist/client/plugins/index.d.ts +80 -19
- package/dist/client/plugins/index.mjs +13 -16
- package/dist/client/react/index.cjs +4 -4
- package/dist/client/react/index.d.cts +3 -3
- package/dist/client/react/index.d.mts +3 -3
- package/dist/client/react/index.d.ts +3 -3
- package/dist/client/solid/index.d.cts +3 -3
- package/dist/client/solid/index.d.mts +3 -3
- package/dist/client/solid/index.d.ts +3 -3
- package/dist/client/svelte/index.d.cts +3 -3
- package/dist/client/svelte/index.d.mts +3 -3
- package/dist/client/svelte/index.d.ts +3 -3
- package/dist/client/vue/index.d.cts +3 -3
- package/dist/client/vue/index.d.mts +3 -3
- package/dist/client/vue/index.d.ts +3 -3
- package/dist/cookies/index.cjs +13 -2
- package/dist/cookies/index.d.cts +3 -3
- package/dist/cookies/index.d.mts +3 -3
- package/dist/cookies/index.d.ts +3 -3
- package/dist/cookies/index.mjs +13 -2
- package/dist/db/index.cjs +6 -5
- package/dist/db/index.d.cts +4 -4
- package/dist/db/index.d.mts +4 -4
- package/dist/db/index.d.ts +4 -4
- package/dist/db/index.mjs +7 -6
- package/dist/index.cjs +11 -7
- package/dist/index.d.cts +4 -4
- package/dist/index.d.mts +4 -4
- package/dist/index.d.ts +4 -4
- package/dist/index.mjs +14 -10
- package/dist/integrations/next-js.cjs +4 -5
- package/dist/integrations/next-js.d.cts +3 -3
- package/dist/integrations/next-js.d.mts +3 -3
- package/dist/integrations/next-js.d.ts +3 -3
- package/dist/integrations/next-js.mjs +5 -6
- package/dist/integrations/node.d.cts +3 -3
- package/dist/integrations/node.d.mts +3 -3
- package/dist/integrations/node.d.ts +3 -3
- package/dist/integrations/react-start.cjs +5 -6
- package/dist/integrations/react-start.d.cts +3 -3
- package/dist/integrations/react-start.d.mts +3 -3
- package/dist/integrations/react-start.d.ts +3 -3
- package/dist/integrations/react-start.mjs +6 -7
- package/dist/integrations/svelte-kit.d.cts +3 -3
- package/dist/integrations/svelte-kit.d.mts +3 -3
- package/dist/integrations/svelte-kit.d.ts +3 -3
- package/dist/oauth2/index.d.cts +5 -5
- package/dist/oauth2/index.d.mts +5 -5
- package/dist/oauth2/index.d.ts +5 -5
- package/dist/plugins/access/index.d.cts +1 -1
- package/dist/plugins/access/index.d.mts +1 -1
- package/dist/plugins/access/index.d.ts +1 -1
- package/dist/plugins/admin/access/index.d.cts +1 -1
- package/dist/plugins/admin/access/index.d.mts +1 -1
- package/dist/plugins/admin/access/index.d.ts +1 -1
- package/dist/plugins/admin/index.cjs +4 -4
- package/dist/plugins/admin/index.d.cts +74 -14
- package/dist/plugins/admin/index.d.mts +74 -14
- package/dist/plugins/admin/index.d.ts +74 -14
- package/dist/plugins/admin/index.mjs +5 -5
- package/dist/plugins/anonymous/index.cjs +4 -5
- package/dist/plugins/anonymous/index.d.cts +3 -3
- package/dist/plugins/anonymous/index.d.mts +3 -3
- package/dist/plugins/anonymous/index.d.ts +3 -3
- package/dist/plugins/anonymous/index.mjs +5 -6
- package/dist/plugins/bearer/index.cjs +2 -2
- package/dist/plugins/bearer/index.d.cts +3 -3
- package/dist/plugins/bearer/index.d.mts +3 -3
- package/dist/plugins/bearer/index.d.ts +3 -3
- package/dist/plugins/bearer/index.mjs +3 -3
- package/dist/plugins/captcha/index.cjs +110 -45
- package/dist/plugins/captcha/index.d.cts +26 -6
- package/dist/plugins/captcha/index.d.mts +26 -6
- package/dist/plugins/captcha/index.d.ts +26 -6
- package/dist/plugins/captcha/index.mjs +110 -45
- package/dist/plugins/custom-session/index.cjs +24 -5
- package/dist/plugins/custom-session/index.d.cts +25 -6
- package/dist/plugins/custom-session/index.d.mts +25 -6
- package/dist/plugins/custom-session/index.d.ts +25 -6
- package/dist/plugins/custom-session/index.mjs +25 -6
- package/dist/plugins/email-otp/index.cjs +96 -30
- package/dist/plugins/email-otp/index.d.cts +33 -10
- package/dist/plugins/email-otp/index.d.mts +33 -10
- package/dist/plugins/email-otp/index.d.ts +33 -10
- package/dist/plugins/email-otp/index.mjs +97 -31
- package/dist/plugins/generic-oauth/index.cjs +81 -20
- package/dist/plugins/generic-oauth/index.d.cts +46 -3
- package/dist/plugins/generic-oauth/index.d.mts +46 -3
- package/dist/plugins/generic-oauth/index.d.ts +46 -3
- package/dist/plugins/generic-oauth/index.mjs +82 -21
- package/dist/plugins/haveibeenpwned/index.cjs +98 -0
- package/dist/plugins/haveibeenpwned/index.d.cts +36 -0
- package/dist/plugins/haveibeenpwned/index.d.mts +36 -0
- package/dist/plugins/haveibeenpwned/index.d.ts +36 -0
- package/dist/plugins/haveibeenpwned/index.mjs +96 -0
- package/dist/plugins/index.cjs +583 -19
- package/dist/plugins/index.d.cts +7 -5
- package/dist/plugins/index.d.mts +7 -5
- package/dist/plugins/index.d.ts +7 -5
- package/dist/plugins/index.mjs +583 -21
- package/dist/plugins/jwt/index.cjs +45 -21
- package/dist/plugins/jwt/index.d.cts +52 -6
- package/dist/plugins/jwt/index.d.mts +52 -6
- package/dist/plugins/jwt/index.d.ts +52 -6
- package/dist/plugins/jwt/index.mjs +46 -22
- package/dist/plugins/magic-link/index.cjs +3 -3
- package/dist/plugins/magic-link/index.mjs +4 -4
- package/dist/plugins/multi-session/index.cjs +3 -3
- package/dist/plugins/multi-session/index.d.cts +3 -3
- package/dist/plugins/multi-session/index.d.mts +3 -3
- package/dist/plugins/multi-session/index.d.ts +3 -3
- package/dist/plugins/multi-session/index.mjs +4 -4
- package/dist/plugins/oauth-proxy/index.cjs +4 -4
- package/dist/plugins/oauth-proxy/index.d.cts +3 -3
- package/dist/plugins/oauth-proxy/index.d.mts +3 -3
- package/dist/plugins/oauth-proxy/index.d.ts +3 -3
- package/dist/plugins/oauth-proxy/index.mjs +5 -5
- package/dist/plugins/oidc-provider/index.cjs +227 -8
- package/dist/plugins/oidc-provider/index.d.cts +215 -3
- package/dist/plugins/oidc-provider/index.d.mts +215 -3
- package/dist/plugins/oidc-provider/index.d.ts +215 -3
- package/dist/plugins/oidc-provider/index.mjs +228 -9
- package/dist/plugins/one-tap/index.cjs +5 -5
- package/dist/plugins/one-tap/index.mjs +6 -6
- package/dist/plugins/one-time-token/index.cjs +119 -0
- package/dist/plugins/one-time-token/index.d.cts +134 -0
- package/dist/plugins/one-time-token/index.d.mts +134 -0
- package/dist/plugins/one-time-token/index.d.ts +134 -0
- package/dist/plugins/one-time-token/index.mjs +117 -0
- package/dist/plugins/open-api/index.cjs +3 -3
- package/dist/plugins/open-api/index.d.cts +3 -3
- package/dist/plugins/open-api/index.d.mts +3 -3
- package/dist/plugins/open-api/index.d.ts +3 -3
- package/dist/plugins/open-api/index.mjs +4 -4
- package/dist/plugins/organization/access/index.d.cts +1 -1
- package/dist/plugins/organization/access/index.d.mts +1 -1
- package/dist/plugins/organization/access/index.d.ts +1 -1
- package/dist/plugins/organization/index.cjs +4 -4
- package/dist/plugins/organization/index.d.cts +708 -55
- package/dist/plugins/organization/index.d.mts +708 -55
- package/dist/plugins/organization/index.d.ts +708 -55
- package/dist/plugins/organization/index.mjs +5 -5
- package/dist/plugins/passkey/index.cjs +82 -8
- package/dist/plugins/passkey/index.d.cts +72 -3
- package/dist/plugins/passkey/index.d.mts +72 -3
- package/dist/plugins/passkey/index.d.ts +72 -3
- package/dist/plugins/passkey/index.mjs +83 -9
- package/dist/plugins/phone-number/index.cjs +194 -26
- package/dist/plugins/phone-number/index.d.cts +132 -8
- package/dist/plugins/phone-number/index.d.mts +132 -8
- package/dist/plugins/phone-number/index.d.ts +132 -8
- package/dist/plugins/phone-number/index.mjs +195 -27
- package/dist/plugins/sso/index.cjs +190 -7
- package/dist/plugins/sso/index.d.cts +181 -15
- package/dist/plugins/sso/index.d.mts +181 -15
- package/dist/plugins/sso/index.d.ts +181 -15
- package/dist/plugins/sso/index.mjs +191 -8
- package/dist/plugins/two-factor/index.cjs +443 -92
- package/dist/plugins/two-factor/index.d.cts +230 -396
- package/dist/plugins/two-factor/index.d.mts +230 -396
- package/dist/plugins/two-factor/index.d.ts +230 -396
- package/dist/plugins/two-factor/index.mjs +431 -80
- package/dist/plugins/username/index.cjs +34 -31
- package/dist/plugins/username/index.d.cts +15 -12
- package/dist/plugins/username/index.d.mts +15 -12
- package/dist/plugins/username/index.d.ts +15 -12
- package/dist/plugins/username/index.mjs +35 -32
- package/dist/shared/better-auth.1DR6suCQ.mjs +307 -0
- package/dist/shared/{better-auth.BSsp73pg.cjs → better-auth.B7cZ2juS.cjs} +15 -14
- package/dist/shared/{better-auth.bKwabe3I.d.mts → better-auth.B88xucNq.d.mts} +529 -39
- package/dist/shared/{better-auth.CApEjVDP.cjs → better-auth.BW8BpneG.cjs} +4 -1
- package/dist/shared/{better-auth.BiQsvaIP.d.cts → better-auth.BcU1Kjyq.d.cts} +2051 -518
- package/dist/shared/better-auth.BfG24BjZ.cjs +118 -0
- package/dist/shared/{better-auth.A3TjrU8G.mjs → better-auth.Bk5IMdhM.mjs} +32 -12
- package/dist/shared/{better-auth.D9VnBkRI.mjs → better-auth.Bm9HxIzE.mjs} +47 -24
- package/dist/shared/{better-auth.BRf6Iynu.d.ts → better-auth.Bwc-6kOr.d.ts} +1 -1
- package/dist/shared/{better-auth.D-oLmHIj.d.mts → better-auth.CA2hFK4N.d.ts} +2051 -518
- package/dist/shared/{better-auth.Dmhe30iW.d.mts → better-auth.CGukGrxT.d.cts} +1 -1
- package/dist/shared/{better-auth.CsSpq0zL.cjs → better-auth.CHUzBidy.cjs} +46 -23
- package/dist/shared/{better-auth.DWRligF8.d.cts → better-auth.CT9J6rD-.d.cts} +539 -7
- package/dist/shared/better-auth.CVCo5Z2T.cjs +310 -0
- package/dist/shared/{better-auth.D4jH-sJA.mjs → better-auth.CWwVo_61.mjs} +458 -118
- package/dist/shared/{better-auth.Bi8FQwDD.d.cts → better-auth.CYegVoq1.d.cts} +1 -1
- package/dist/shared/{better-auth.Bi8FQwDD.d.mts → better-auth.CYegVoq1.d.mts} +1 -1
- package/dist/shared/{better-auth.Bi8FQwDD.d.ts → better-auth.CYegVoq1.d.ts} +1 -1
- package/dist/shared/{better-auth.CepcSj5H.mjs → better-auth.Cc72UxUH.mjs} +1 -2
- package/dist/shared/{better-auth.BWp5dztg.d.ts → better-auth.CmN4mlPh.d.ts} +539 -7
- package/dist/shared/{better-auth.DH3YjMQH.mjs → better-auth.Cqykj82J.mjs} +1 -1
- package/dist/shared/{better-auth.wcdMj2cT.d.mts → better-auth.DIt2e3lu.d.mts} +539 -7
- package/dist/shared/{better-auth.BANAxdkL.d.ts → better-auth.DNTAFSt1.d.ts} +529 -39
- package/dist/shared/{better-auth.DU2QNVc_.d.ts → better-auth.DQ7OSJbI.d.mts} +2051 -518
- package/dist/shared/{better-auth.DLTzKoOS.cjs → better-auth.DSVbLSt7.cjs} +4 -1
- package/dist/shared/{better-auth.B2Fw1vhH.d.cts → better-auth.DTiSPWEk.d.cts} +529 -39
- package/dist/shared/better-auth.DURsStt9.mjs +116 -0
- package/dist/shared/{better-auth.BIjcZ_vt.cjs → better-auth.DYoLD99C.cjs} +31 -11
- package/dist/shared/{better-auth.CV1L7TPV.cjs → better-auth.D_ZIX1O8.cjs} +317 -47
- package/dist/shared/{better-auth.C5H9XEzZ.cjs → better-auth.DcWKCjjf.cjs} +1 -2
- package/dist/shared/{better-auth.BDYXUcLv.cjs → better-auth.Dg0siV5C.cjs} +457 -117
- package/dist/shared/better-auth.DjryM8pE.cjs +760 -0
- package/dist/shared/{better-auth.DPBQN9Fs.mjs → better-auth.Dn_Ms1Uf.mjs} +318 -48
- package/dist/shared/{better-auth.DiG4KL2x.mjs → better-auth.OuYYTHC7.mjs} +4 -1
- package/dist/shared/{better-auth.DtC8i3pf.d.cts → better-auth.S1jimRbX.d.mts} +1 -1
- package/dist/shared/better-auth.SPmq4a4z.d.mts +344 -0
- package/dist/shared/{better-auth.cOCrlspr.mjs → better-auth.bkwPl2G4.mjs} +4 -1
- package/dist/shared/better-auth.cp2rC2iM.d.ts +344 -0
- package/dist/shared/better-auth.eVy4DZvP.d.cts +344 -0
- package/dist/shared/{better-auth.BrOpzmqo.mjs → better-auth.iKoUsdFE.mjs} +15 -14
- package/dist/shared/better-auth.rSYJCd3o.mjs +758 -0
- package/dist/social-providers/index.cjs +75 -3
- package/dist/social-providers/index.d.cts +2 -2
- package/dist/social-providers/index.d.mts +2 -2
- package/dist/social-providers/index.d.ts +2 -2
- package/dist/social-providers/index.mjs +77 -6
- package/dist/types/index.d.cts +4 -4
- package/dist/types/index.d.mts +4 -4
- package/dist/types/index.d.ts +4 -4
- package/package.json +42 -5
- package/dist/chunks/server.cjs +0 -905
- package/dist/chunks/server.mjs +0 -895
- package/dist/shared/better-auth.BcoSd9tC.mjs +0 -10
- package/dist/shared/better-auth.BnRFp-t0.mjs +0 -405
- package/dist/shared/better-auth.C1-vpKly.cjs +0 -12
- package/dist/shared/better-auth.ClTSOgiD.mjs +0 -140
- package/dist/shared/better-auth.DC8JQbiE.mjs +0 -173
- package/dist/shared/better-auth.DWHWPllD.cjs +0 -175
- package/dist/shared/better-auth.DqLjzBlO.cjs +0 -408
- package/dist/shared/better-auth.m575EIBC.cjs +0 -144
|
@@ -1,15 +1,17 @@
|
|
|
1
1
|
import { APIError } from 'better-call';
|
|
2
2
|
import { z } from 'zod';
|
|
3
|
-
import { c as createAuthMiddleware, s as sessionMiddleware, a as createAuthEndpoint, g as getSessionFromCtx, B as BASE_ERROR_CODES, N as requestOnlySessionMiddleware } from './better-auth.
|
|
3
|
+
import { c as createAuthMiddleware, s as sessionMiddleware, a as createAuthEndpoint, g as getSessionFromCtx, B as BASE_ERROR_CODES, N as requestOnlySessionMiddleware } from './better-auth.CWwVo_61.mjs';
|
|
4
4
|
import './better-auth.8zoxzg-F.mjs';
|
|
5
5
|
import '@better-auth/utils/base64';
|
|
6
6
|
import '@better-auth/utils/hmac';
|
|
7
|
-
import './better-auth.
|
|
7
|
+
import './better-auth.Cc72UxUH.mjs';
|
|
8
8
|
import { g as getDate } from './better-auth.CW6D9eSx.mjs';
|
|
9
9
|
import { B as BetterAuthError } from './better-auth.DdzSJf-n.mjs';
|
|
10
10
|
import { p as parseJSON } from './better-auth.ffWeg50w.mjs';
|
|
11
|
-
import './better-auth.
|
|
11
|
+
import './better-auth.Cqykj82J.mjs';
|
|
12
12
|
import 'defu';
|
|
13
|
+
import { h as hasPermission } from './better-auth.OuYYTHC7.mjs';
|
|
14
|
+
import { setSessionCookie } from '../cookies/index.mjs';
|
|
13
15
|
import { g as generateId } from './better-auth.BUPPRXfK.mjs';
|
|
14
16
|
import '@better-auth/utils/hash';
|
|
15
17
|
import '@noble/ciphers/chacha';
|
|
@@ -21,8 +23,6 @@ import '@better-auth/utils';
|
|
|
21
23
|
import '@better-auth/utils/hex';
|
|
22
24
|
import '@noble/hashes/utils';
|
|
23
25
|
import './better-auth.B4Qoxdgc.mjs';
|
|
24
|
-
import { h as hasPermission } from './better-auth.DiG4KL2x.mjs';
|
|
25
|
-
import { setSessionCookie } from '../cookies/index.mjs';
|
|
26
26
|
import { defaultRoles } from '../plugins/organization/access/index.mjs';
|
|
27
27
|
|
|
28
28
|
const shimContext = (originalObject, newContext) => {
|
|
@@ -574,6 +574,36 @@ const getOrgAdapter = (context, options) => {
|
|
|
574
574
|
(invite) => new Date(invite.expiresAt) > /* @__PURE__ */ new Date()
|
|
575
575
|
);
|
|
576
576
|
},
|
|
577
|
+
findPendingInvitations: async (data) => {
|
|
578
|
+
const invitations = await adapter.findMany({
|
|
579
|
+
model: "invitation",
|
|
580
|
+
where: [
|
|
581
|
+
{
|
|
582
|
+
field: "organizationId",
|
|
583
|
+
value: data.organizationId
|
|
584
|
+
},
|
|
585
|
+
{
|
|
586
|
+
field: "status",
|
|
587
|
+
value: "pending"
|
|
588
|
+
}
|
|
589
|
+
]
|
|
590
|
+
});
|
|
591
|
+
return invitations.filter(
|
|
592
|
+
(invite) => new Date(invite.expiresAt) > /* @__PURE__ */ new Date()
|
|
593
|
+
);
|
|
594
|
+
},
|
|
595
|
+
listInvitations: async (data) => {
|
|
596
|
+
const invitations = await adapter.findMany({
|
|
597
|
+
model: "invitation",
|
|
598
|
+
where: [
|
|
599
|
+
{
|
|
600
|
+
field: "organizationId",
|
|
601
|
+
value: data.organizationId
|
|
602
|
+
}
|
|
603
|
+
]
|
|
604
|
+
});
|
|
605
|
+
return invitations;
|
|
606
|
+
},
|
|
577
607
|
updateInvitation: async (data) => {
|
|
578
608
|
const invitation = await adapter.update({
|
|
579
609
|
model: "invitation",
|
|
@@ -638,7 +668,8 @@ const ORGANIZATION_ERROR_CODES = {
|
|
|
638
668
|
ORGANIZATION_MEMBERSHIP_LIMIT_REACHED: "Organization membership limit reached",
|
|
639
669
|
YOU_ARE_NOT_ALLOWED_TO_CREATE_TEAMS_IN_THIS_ORGANIZATION: "You are not allowed to create teams in this organization",
|
|
640
670
|
YOU_ARE_NOT_ALLOWED_TO_DELETE_TEAMS_IN_THIS_ORGANIZATION: "You are not allowed to delete teams in this organization",
|
|
641
|
-
YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM: "You are not allowed to update this team"
|
|
671
|
+
YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM: "You are not allowed to update this team",
|
|
672
|
+
INVITATION_LIMIT_REACHED: "Invitation limit reached"
|
|
642
673
|
};
|
|
643
674
|
|
|
644
675
|
const createInvitation = (option) => createAuthEndpoint(
|
|
@@ -724,14 +755,6 @@ const createInvitation = (option) => createAuthEndpoint(
|
|
|
724
755
|
}
|
|
725
756
|
},
|
|
726
757
|
async (ctx) => {
|
|
727
|
-
if (!ctx.context.orgOptions.sendInvitationEmail) {
|
|
728
|
-
ctx.context.logger.warn(
|
|
729
|
-
"Invitation email is not enabled. Pass `sendInvitationEmail` to the plugin options to enable it."
|
|
730
|
-
);
|
|
731
|
-
throw new APIError("BAD_REQUEST", {
|
|
732
|
-
message: "Invitation email is not enabled"
|
|
733
|
-
});
|
|
734
|
-
}
|
|
735
758
|
const session = ctx.context.session;
|
|
736
759
|
const organizationId = ctx.body.organizationId || session.session.activeOrganizationId;
|
|
737
760
|
if (!organizationId) {
|
|
@@ -752,7 +775,7 @@ const createInvitation = (option) => createAuthEndpoint(
|
|
|
752
775
|
const canInvite = hasPermission({
|
|
753
776
|
role: member.role,
|
|
754
777
|
options: ctx.context.orgOptions,
|
|
755
|
-
|
|
778
|
+
permissions: {
|
|
756
779
|
invitation: ["create"]
|
|
757
780
|
}
|
|
758
781
|
});
|
|
@@ -786,10 +809,38 @@ const createInvitation = (option) => createAuthEndpoint(
|
|
|
786
809
|
message: ORGANIZATION_ERROR_CODES.USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION
|
|
787
810
|
});
|
|
788
811
|
}
|
|
812
|
+
if (alreadyInvited.length && ctx.context.orgOptions.cancelPendingInvitationsOnReInvite) {
|
|
813
|
+
await adapter.updateInvitation({
|
|
814
|
+
invitationId: alreadyInvited[0].id,
|
|
815
|
+
status: "canceled"
|
|
816
|
+
});
|
|
817
|
+
}
|
|
818
|
+
const organization = await adapter.findOrganizationById(organizationId);
|
|
819
|
+
if (!organization) {
|
|
820
|
+
throw new APIError("BAD_REQUEST", {
|
|
821
|
+
message: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND
|
|
822
|
+
});
|
|
823
|
+
}
|
|
824
|
+
const invitationLimit = typeof ctx.context.orgOptions.invitationLimit === "function" ? await ctx.context.orgOptions.invitationLimit(
|
|
825
|
+
{
|
|
826
|
+
user: session.user,
|
|
827
|
+
organization,
|
|
828
|
+
member
|
|
829
|
+
},
|
|
830
|
+
ctx.context
|
|
831
|
+
) : ctx.context.orgOptions.invitationLimit ?? 100;
|
|
832
|
+
const pendingInvitations = await adapter.findPendingInvitations({
|
|
833
|
+
organizationId
|
|
834
|
+
});
|
|
835
|
+
if (pendingInvitations.length >= invitationLimit) {
|
|
836
|
+
throw new APIError("FORBIDDEN", {
|
|
837
|
+
message: ORGANIZATION_ERROR_CODES.INVITATION_LIMIT_REACHED
|
|
838
|
+
});
|
|
839
|
+
}
|
|
789
840
|
const invitation = await adapter.createInvitation({
|
|
790
841
|
invitation: {
|
|
791
842
|
role: roles,
|
|
792
|
-
email: ctx.body.email,
|
|
843
|
+
email: ctx.body.email.toLowerCase(),
|
|
793
844
|
organizationId,
|
|
794
845
|
..."teamId" in ctx.body ? {
|
|
795
846
|
teamId: ctx.body.teamId
|
|
@@ -797,12 +848,6 @@ const createInvitation = (option) => createAuthEndpoint(
|
|
|
797
848
|
},
|
|
798
849
|
user: session.user
|
|
799
850
|
});
|
|
800
|
-
const organization = await adapter.findOrganizationById(organizationId);
|
|
801
|
-
if (!organization) {
|
|
802
|
-
throw new APIError("BAD_REQUEST", {
|
|
803
|
-
message: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND
|
|
804
|
-
});
|
|
805
|
-
}
|
|
806
851
|
await ctx.context.orgOptions.sendInvitationEmail?.(
|
|
807
852
|
{
|
|
808
853
|
id: invitation.id,
|
|
@@ -865,7 +910,7 @@ const acceptInvitation = createAuthEndpoint(
|
|
|
865
910
|
message: ORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND
|
|
866
911
|
});
|
|
867
912
|
}
|
|
868
|
-
if (invitation.email !== session.user.email) {
|
|
913
|
+
if (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {
|
|
869
914
|
throw new APIError("FORBIDDEN", {
|
|
870
915
|
message: ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION
|
|
871
916
|
});
|
|
@@ -960,7 +1005,7 @@ const rejectInvitation = createAuthEndpoint(
|
|
|
960
1005
|
message: "Invitation not found!"
|
|
961
1006
|
});
|
|
962
1007
|
}
|
|
963
|
-
if (invitation.email !== session.user.email) {
|
|
1008
|
+
if (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {
|
|
964
1009
|
throw new APIError("FORBIDDEN", {
|
|
965
1010
|
message: ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION
|
|
966
1011
|
});
|
|
@@ -1027,7 +1072,7 @@ const cancelInvitation = createAuthEndpoint(
|
|
|
1027
1072
|
const canCancel = hasPermission({
|
|
1028
1073
|
role: member.role,
|
|
1029
1074
|
options: ctx.context.orgOptions,
|
|
1030
|
-
|
|
1075
|
+
permissions: {
|
|
1031
1076
|
invitation: ["cancel"]
|
|
1032
1077
|
}
|
|
1033
1078
|
});
|
|
@@ -1130,7 +1175,7 @@ const getInvitation = createAuthEndpoint(
|
|
|
1130
1175
|
message: "Invitation not found!"
|
|
1131
1176
|
});
|
|
1132
1177
|
}
|
|
1133
|
-
if (invitation.email !== session.user.email) {
|
|
1178
|
+
if (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {
|
|
1134
1179
|
throw new APIError("FORBIDDEN", {
|
|
1135
1180
|
message: ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION
|
|
1136
1181
|
});
|
|
@@ -1160,6 +1205,46 @@ const getInvitation = createAuthEndpoint(
|
|
|
1160
1205
|
});
|
|
1161
1206
|
}
|
|
1162
1207
|
);
|
|
1208
|
+
const listInvitations = createAuthEndpoint(
|
|
1209
|
+
"/organization/list-invitations",
|
|
1210
|
+
{
|
|
1211
|
+
method: "GET",
|
|
1212
|
+
use: [orgMiddleware, orgSessionMiddleware],
|
|
1213
|
+
query: z.object({
|
|
1214
|
+
organizationId: z.string({
|
|
1215
|
+
description: "The ID of the organization to list invitations for"
|
|
1216
|
+
}).optional()
|
|
1217
|
+
}).optional()
|
|
1218
|
+
},
|
|
1219
|
+
async (ctx) => {
|
|
1220
|
+
const session = await getSessionFromCtx(ctx);
|
|
1221
|
+
if (!session) {
|
|
1222
|
+
throw new APIError("UNAUTHORIZED", {
|
|
1223
|
+
message: "Not authenticated"
|
|
1224
|
+
});
|
|
1225
|
+
}
|
|
1226
|
+
const orgId = ctx.query?.organizationId || session.session.activeOrganizationId;
|
|
1227
|
+
if (!orgId) {
|
|
1228
|
+
throw new APIError("BAD_REQUEST", {
|
|
1229
|
+
message: "Organization ID is required"
|
|
1230
|
+
});
|
|
1231
|
+
}
|
|
1232
|
+
const adapter = getOrgAdapter(ctx.context, ctx.context.orgOptions);
|
|
1233
|
+
const isMember = await adapter.findMemberByOrgId({
|
|
1234
|
+
userId: session.user.id,
|
|
1235
|
+
organizationId: orgId
|
|
1236
|
+
});
|
|
1237
|
+
if (!isMember) {
|
|
1238
|
+
throw new APIError("FORBIDDEN", {
|
|
1239
|
+
message: "You are not a member of this organization"
|
|
1240
|
+
});
|
|
1241
|
+
}
|
|
1242
|
+
const invitations = await adapter.listInvitations({
|
|
1243
|
+
organizationId: orgId
|
|
1244
|
+
});
|
|
1245
|
+
return ctx.json(invitations);
|
|
1246
|
+
}
|
|
1247
|
+
);
|
|
1163
1248
|
|
|
1164
1249
|
const addMember = () => createAuthEndpoint(
|
|
1165
1250
|
"/organization/add-member",
|
|
@@ -1233,7 +1318,6 @@ const addMember = () => createAuthEndpoint(
|
|
|
1233
1318
|
});
|
|
1234
1319
|
}
|
|
1235
1320
|
const createdMember = await adapter.createMember({
|
|
1236
|
-
id: generateId(),
|
|
1237
1321
|
organizationId: orgId,
|
|
1238
1322
|
userId: user.id,
|
|
1239
1323
|
role: parseRoles(ctx.body.role),
|
|
@@ -1360,7 +1444,7 @@ const removeMember = createAuthEndpoint(
|
|
|
1360
1444
|
const canDeleteMember = hasPermission({
|
|
1361
1445
|
role: member.role,
|
|
1362
1446
|
options: ctx.context.orgOptions,
|
|
1363
|
-
|
|
1447
|
+
permissions: {
|
|
1364
1448
|
member: ["delete"]
|
|
1365
1449
|
}
|
|
1366
1450
|
});
|
|
@@ -1474,7 +1558,7 @@ const updateMemberRole = (option) => createAuthEndpoint(
|
|
|
1474
1558
|
const canUpdateMember = hasPermission({
|
|
1475
1559
|
role: member.role,
|
|
1476
1560
|
options: ctx.context.orgOptions,
|
|
1477
|
-
|
|
1561
|
+
permissions: {
|
|
1478
1562
|
member: ["update"]
|
|
1479
1563
|
}
|
|
1480
1564
|
});
|
|
@@ -1715,7 +1799,6 @@ const createOrganization = createAuthEndpoint(
|
|
|
1715
1799
|
}
|
|
1716
1800
|
const organization = await adapter.createOrganization({
|
|
1717
1801
|
organization: {
|
|
1718
|
-
id: generateId(),
|
|
1719
1802
|
slug: ctx.body.slug,
|
|
1720
1803
|
name: ctx.body.name,
|
|
1721
1804
|
logo: ctx.body.logo,
|
|
@@ -1730,7 +1813,6 @@ const createOrganization = createAuthEndpoint(
|
|
|
1730
1813
|
organization,
|
|
1731
1814
|
ctx.request
|
|
1732
1815
|
) || await adapter.createTeam({
|
|
1733
|
-
id: generateId(),
|
|
1734
1816
|
organizationId: organization.id,
|
|
1735
1817
|
name: `${organization.name}`,
|
|
1736
1818
|
createdAt: /* @__PURE__ */ new Date()
|
|
@@ -1860,7 +1942,7 @@ const updateOrganization = createAuthEndpoint(
|
|
|
1860
1942
|
});
|
|
1861
1943
|
}
|
|
1862
1944
|
const canUpdateOrg = hasPermission({
|
|
1863
|
-
|
|
1945
|
+
permissions: {
|
|
1864
1946
|
organization: ["update"]
|
|
1865
1947
|
},
|
|
1866
1948
|
role: member.role,
|
|
@@ -1939,7 +2021,7 @@ const deleteOrganization = createAuthEndpoint(
|
|
|
1939
2021
|
}
|
|
1940
2022
|
const canDeleteOrg = hasPermission({
|
|
1941
2023
|
role: member.role,
|
|
1942
|
-
|
|
2024
|
+
permissions: {
|
|
1943
2025
|
organization: ["delete"]
|
|
1944
2026
|
},
|
|
1945
2027
|
options: ctx.context.orgOptions
|
|
@@ -2173,8 +2255,8 @@ z.object({
|
|
|
2173
2255
|
id: z.string().default(generateId),
|
|
2174
2256
|
name: z.string(),
|
|
2175
2257
|
slug: z.string(),
|
|
2176
|
-
logo: z.string().nullish(),
|
|
2177
|
-
metadata: z.record(z.string()).or(z.string().transform((v) => JSON.parse(v))).
|
|
2258
|
+
logo: z.string().nullish().optional(),
|
|
2259
|
+
metadata: z.record(z.string()).or(z.string().transform((v) => JSON.parse(v))).optional(),
|
|
2178
2260
|
createdAt: z.date()
|
|
2179
2261
|
});
|
|
2180
2262
|
z.object({
|
|
@@ -2211,7 +2293,55 @@ const createTeam = (options) => createAuthEndpoint(
|
|
|
2211
2293
|
organizationId: z.string().optional(),
|
|
2212
2294
|
name: z.string()
|
|
2213
2295
|
}),
|
|
2214
|
-
use: [orgMiddleware]
|
|
2296
|
+
use: [orgMiddleware],
|
|
2297
|
+
metadata: {
|
|
2298
|
+
openapi: {
|
|
2299
|
+
description: "Create a new team within an organization",
|
|
2300
|
+
responses: {
|
|
2301
|
+
"200": {
|
|
2302
|
+
description: "Team created successfully",
|
|
2303
|
+
content: {
|
|
2304
|
+
"application/json": {
|
|
2305
|
+
schema: {
|
|
2306
|
+
type: "object",
|
|
2307
|
+
properties: {
|
|
2308
|
+
id: {
|
|
2309
|
+
type: "string",
|
|
2310
|
+
description: "Unique identifier of the created team"
|
|
2311
|
+
},
|
|
2312
|
+
name: {
|
|
2313
|
+
type: "string",
|
|
2314
|
+
description: "Name of the team"
|
|
2315
|
+
},
|
|
2316
|
+
organizationId: {
|
|
2317
|
+
type: "string",
|
|
2318
|
+
description: "ID of the organization the team belongs to"
|
|
2319
|
+
},
|
|
2320
|
+
createdAt: {
|
|
2321
|
+
type: "string",
|
|
2322
|
+
format: "date-time",
|
|
2323
|
+
description: "Timestamp when the team was created"
|
|
2324
|
+
},
|
|
2325
|
+
updatedAt: {
|
|
2326
|
+
type: "string",
|
|
2327
|
+
format: "date-time",
|
|
2328
|
+
description: "Timestamp when the team was last updated"
|
|
2329
|
+
}
|
|
2330
|
+
},
|
|
2331
|
+
required: [
|
|
2332
|
+
"id",
|
|
2333
|
+
"name",
|
|
2334
|
+
"organizationId",
|
|
2335
|
+
"createdAt",
|
|
2336
|
+
"updatedAt"
|
|
2337
|
+
]
|
|
2338
|
+
}
|
|
2339
|
+
}
|
|
2340
|
+
}
|
|
2341
|
+
}
|
|
2342
|
+
}
|
|
2343
|
+
}
|
|
2344
|
+
}
|
|
2215
2345
|
},
|
|
2216
2346
|
async (ctx) => {
|
|
2217
2347
|
const session = await getSessionFromCtx(ctx);
|
|
@@ -2238,7 +2368,7 @@ const createTeam = (options) => createAuthEndpoint(
|
|
|
2238
2368
|
const canCreate = hasPermission({
|
|
2239
2369
|
role: member.role,
|
|
2240
2370
|
options: ctx.context.orgOptions,
|
|
2241
|
-
|
|
2371
|
+
permissions: {
|
|
2242
2372
|
team: ["create"]
|
|
2243
2373
|
}
|
|
2244
2374
|
});
|
|
@@ -2263,7 +2393,6 @@ const createTeam = (options) => createAuthEndpoint(
|
|
|
2263
2393
|
});
|
|
2264
2394
|
}
|
|
2265
2395
|
const createdTeam = await adapter.createTeam({
|
|
2266
|
-
id: generateId(),
|
|
2267
2396
|
name: ctx.body.name,
|
|
2268
2397
|
organizationId,
|
|
2269
2398
|
createdAt: /* @__PURE__ */ new Date(),
|
|
@@ -2280,7 +2409,32 @@ const removeTeam = createAuthEndpoint(
|
|
|
2280
2409
|
teamId: z.string(),
|
|
2281
2410
|
organizationId: z.string().optional()
|
|
2282
2411
|
}),
|
|
2283
|
-
use: [orgMiddleware]
|
|
2412
|
+
use: [orgMiddleware],
|
|
2413
|
+
metadata: {
|
|
2414
|
+
openapi: {
|
|
2415
|
+
description: "Remove a team from an organization",
|
|
2416
|
+
responses: {
|
|
2417
|
+
"200": {
|
|
2418
|
+
description: "Team removed successfully",
|
|
2419
|
+
content: {
|
|
2420
|
+
"application/json": {
|
|
2421
|
+
schema: {
|
|
2422
|
+
type: "object",
|
|
2423
|
+
properties: {
|
|
2424
|
+
message: {
|
|
2425
|
+
type: "string",
|
|
2426
|
+
description: "Confirmation message indicating successful removal",
|
|
2427
|
+
enum: ["Team removed successfully."]
|
|
2428
|
+
}
|
|
2429
|
+
},
|
|
2430
|
+
required: ["message"]
|
|
2431
|
+
}
|
|
2432
|
+
}
|
|
2433
|
+
}
|
|
2434
|
+
}
|
|
2435
|
+
}
|
|
2436
|
+
}
|
|
2437
|
+
}
|
|
2284
2438
|
},
|
|
2285
2439
|
async (ctx) => {
|
|
2286
2440
|
const session = await getSessionFromCtx(ctx);
|
|
@@ -2310,7 +2464,7 @@ const removeTeam = createAuthEndpoint(
|
|
|
2310
2464
|
const canRemove = hasPermission({
|
|
2311
2465
|
role: member.role,
|
|
2312
2466
|
options: ctx.context.orgOptions,
|
|
2313
|
-
|
|
2467
|
+
permissions: {
|
|
2314
2468
|
team: ["delete"]
|
|
2315
2469
|
}
|
|
2316
2470
|
});
|
|
@@ -2349,7 +2503,55 @@ const updateTeam = createAuthEndpoint(
|
|
|
2349
2503
|
teamId: z.string(),
|
|
2350
2504
|
data: teamSchema.partial()
|
|
2351
2505
|
}),
|
|
2352
|
-
use: [orgMiddleware, orgSessionMiddleware]
|
|
2506
|
+
use: [orgMiddleware, orgSessionMiddleware],
|
|
2507
|
+
metadata: {
|
|
2508
|
+
openapi: {
|
|
2509
|
+
description: "Update an existing team in an organization",
|
|
2510
|
+
responses: {
|
|
2511
|
+
"200": {
|
|
2512
|
+
description: "Team updated successfully",
|
|
2513
|
+
content: {
|
|
2514
|
+
"application/json": {
|
|
2515
|
+
schema: {
|
|
2516
|
+
type: "object",
|
|
2517
|
+
properties: {
|
|
2518
|
+
id: {
|
|
2519
|
+
type: "string",
|
|
2520
|
+
description: "Unique identifier of the updated team"
|
|
2521
|
+
},
|
|
2522
|
+
name: {
|
|
2523
|
+
type: "string",
|
|
2524
|
+
description: "Updated name of the team"
|
|
2525
|
+
},
|
|
2526
|
+
organizationId: {
|
|
2527
|
+
type: "string",
|
|
2528
|
+
description: "ID of the organization the team belongs to"
|
|
2529
|
+
},
|
|
2530
|
+
createdAt: {
|
|
2531
|
+
type: "string",
|
|
2532
|
+
format: "date-time",
|
|
2533
|
+
description: "Timestamp when the team was created"
|
|
2534
|
+
},
|
|
2535
|
+
updatedAt: {
|
|
2536
|
+
type: "string",
|
|
2537
|
+
format: "date-time",
|
|
2538
|
+
description: "Timestamp when the team was last updated"
|
|
2539
|
+
}
|
|
2540
|
+
},
|
|
2541
|
+
required: [
|
|
2542
|
+
"id",
|
|
2543
|
+
"name",
|
|
2544
|
+
"organizationId",
|
|
2545
|
+
"createdAt",
|
|
2546
|
+
"updatedAt"
|
|
2547
|
+
]
|
|
2548
|
+
}
|
|
2549
|
+
}
|
|
2550
|
+
}
|
|
2551
|
+
}
|
|
2552
|
+
}
|
|
2553
|
+
}
|
|
2554
|
+
}
|
|
2353
2555
|
},
|
|
2354
2556
|
async (ctx) => {
|
|
2355
2557
|
const session = ctx.context.session;
|
|
@@ -2375,7 +2577,7 @@ const updateTeam = createAuthEndpoint(
|
|
|
2375
2577
|
const canUpdate = hasPermission({
|
|
2376
2578
|
role: member.role,
|
|
2377
2579
|
options: ctx.context.orgOptions,
|
|
2378
|
-
|
|
2580
|
+
permissions: {
|
|
2379
2581
|
team: ["update"]
|
|
2380
2582
|
}
|
|
2381
2583
|
});
|
|
@@ -2408,6 +2610,58 @@ const listOrganizationTeams = createAuthEndpoint(
|
|
|
2408
2610
|
organizationId: z.string().optional()
|
|
2409
2611
|
})
|
|
2410
2612
|
),
|
|
2613
|
+
metadata: {
|
|
2614
|
+
openapi: {
|
|
2615
|
+
description: "List all teams in an organization",
|
|
2616
|
+
responses: {
|
|
2617
|
+
"200": {
|
|
2618
|
+
description: "Teams retrieved successfully",
|
|
2619
|
+
content: {
|
|
2620
|
+
"application/json": {
|
|
2621
|
+
schema: {
|
|
2622
|
+
type: "array",
|
|
2623
|
+
items: {
|
|
2624
|
+
type: "object",
|
|
2625
|
+
properties: {
|
|
2626
|
+
id: {
|
|
2627
|
+
type: "string",
|
|
2628
|
+
description: "Unique identifier of the team"
|
|
2629
|
+
},
|
|
2630
|
+
name: {
|
|
2631
|
+
type: "string",
|
|
2632
|
+
description: "Name of the team"
|
|
2633
|
+
},
|
|
2634
|
+
organizationId: {
|
|
2635
|
+
type: "string",
|
|
2636
|
+
description: "ID of the organization the team belongs to"
|
|
2637
|
+
},
|
|
2638
|
+
createdAt: {
|
|
2639
|
+
type: "string",
|
|
2640
|
+
format: "date-time",
|
|
2641
|
+
description: "Timestamp when the team was created"
|
|
2642
|
+
},
|
|
2643
|
+
updatedAt: {
|
|
2644
|
+
type: "string",
|
|
2645
|
+
format: "date-time",
|
|
2646
|
+
description: "Timestamp when the team was last updated"
|
|
2647
|
+
}
|
|
2648
|
+
},
|
|
2649
|
+
required: [
|
|
2650
|
+
"id",
|
|
2651
|
+
"name",
|
|
2652
|
+
"organizationId",
|
|
2653
|
+
"createdAt",
|
|
2654
|
+
"updatedAt"
|
|
2655
|
+
]
|
|
2656
|
+
},
|
|
2657
|
+
description: "Array of team objects within the organization"
|
|
2658
|
+
}
|
|
2659
|
+
}
|
|
2660
|
+
}
|
|
2661
|
+
}
|
|
2662
|
+
}
|
|
2663
|
+
}
|
|
2664
|
+
},
|
|
2411
2665
|
use: [orgMiddleware, orgSessionMiddleware]
|
|
2412
2666
|
},
|
|
2413
2667
|
async (ctx) => {
|
|
@@ -2455,7 +2709,8 @@ const organization = (options) => {
|
|
|
2455
2709
|
removeMember,
|
|
2456
2710
|
updateMemberRole: updateMemberRole(),
|
|
2457
2711
|
getActiveMember,
|
|
2458
|
-
leaveOrganization
|
|
2712
|
+
leaveOrganization,
|
|
2713
|
+
listInvitations
|
|
2459
2714
|
};
|
|
2460
2715
|
const teamSupport = options?.teams?.enabled;
|
|
2461
2716
|
const teamEndpoints = {
|
|
@@ -2522,9 +2777,19 @@ const organization = (options) => {
|
|
|
2522
2777
|
method: "POST",
|
|
2523
2778
|
requireHeaders: true,
|
|
2524
2779
|
body: z.object({
|
|
2525
|
-
organizationId: z.string().optional()
|
|
2526
|
-
|
|
2527
|
-
|
|
2780
|
+
organizationId: z.string().optional()
|
|
2781
|
+
}).and(
|
|
2782
|
+
z.union([
|
|
2783
|
+
z.object({
|
|
2784
|
+
permission: z.record(z.string(), z.array(z.string())),
|
|
2785
|
+
permissions: z.undefined()
|
|
2786
|
+
}),
|
|
2787
|
+
z.object({
|
|
2788
|
+
permission: z.undefined(),
|
|
2789
|
+
permissions: z.record(z.string(), z.array(z.string()))
|
|
2790
|
+
})
|
|
2791
|
+
])
|
|
2792
|
+
),
|
|
2528
2793
|
use: [orgSessionMiddleware],
|
|
2529
2794
|
metadata: {
|
|
2530
2795
|
$Infer: {
|
|
@@ -2539,11 +2804,16 @@ const organization = (options) => {
|
|
|
2539
2804
|
type: "object",
|
|
2540
2805
|
properties: {
|
|
2541
2806
|
permission: {
|
|
2807
|
+
type: "object",
|
|
2808
|
+
description: "The permission to check",
|
|
2809
|
+
deprecated: true
|
|
2810
|
+
},
|
|
2811
|
+
permissions: {
|
|
2542
2812
|
type: "object",
|
|
2543
2813
|
description: "The permission to check"
|
|
2544
2814
|
}
|
|
2545
2815
|
},
|
|
2546
|
-
required: ["
|
|
2816
|
+
required: ["permissions"]
|
|
2547
2817
|
}
|
|
2548
2818
|
}
|
|
2549
2819
|
}
|
|
@@ -2592,7 +2862,7 @@ const organization = (options) => {
|
|
|
2592
2862
|
const result = hasPermission({
|
|
2593
2863
|
role: member.role,
|
|
2594
2864
|
options,
|
|
2595
|
-
|
|
2865
|
+
permissions: ctx.body.permissions ?? ctx.body.permission
|
|
2596
2866
|
});
|
|
2597
2867
|
return ctx.json({
|
|
2598
2868
|
error: null,
|
|
@@ -1,11 +1,14 @@
|
|
|
1
1
|
import { defaultRoles } from '../plugins/organization/access/index.mjs';
|
|
2
2
|
|
|
3
3
|
const hasPermission = (input) => {
|
|
4
|
+
if (!input.permissions && !input.permission) {
|
|
5
|
+
return false;
|
|
6
|
+
}
|
|
4
7
|
const roles = input.role.split(",");
|
|
5
8
|
const acRoles = input.options.roles || defaultRoles;
|
|
6
9
|
for (const role of roles) {
|
|
7
10
|
const _role = acRoles[role];
|
|
8
|
-
const result = _role?.authorize(input.permission);
|
|
11
|
+
const result = _role?.authorize(input.permissions ?? input.permission);
|
|
9
12
|
if (result?.success) {
|
|
10
13
|
return true;
|
|
11
14
|
}
|