npm - create-lego-one - Versions diffs - 2.0.9 → 2.0.12 - Mend

create-lego-one 2.0.9 → 2.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (171) hide show

package/template/host/src/lib/pocketbase/collections/audit_logs.ts ADDED Viewed

@@ -0,0 +1,87 @@
+import type { Collection } from '../types';
+export const auditLogs: Collection = {
+  type: 'base',
+  name: 'audit_logs',
+  // Users can see audit logs for their organization
+  listRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  viewRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  // System creates audit logs, users cannot manually create
+  createRule: null,
+  updateRule: null,
+  deleteRule: null,
+  fields: [
+    {
+      name: 'action',
+      type: 'select',
+      required: true,
+      values: [
+        'create',
+        'update',
+        'delete',
+        'login',
+        'logout',
+        'invite_user',
+        'remove_user',
+        'assign_role',
+        'revoke_role',
+      ],
+    },
+    {
+      name: 'entityType',
+      type: 'select',
+      required: true,
+      values: ['user', 'organization', 'role', 'permission', 'plugin'],
+    },
+    {
+      name: 'entityId',
+      type: 'text',
+      required: true,
+    },
+    {
+      name: 'entityName',
+      type: 'text',
+      required: false,
+    },
+    {
+      name: 'organizationId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'organizations',
+      cascadeDelete: true,
+    },
+    {
+      name: 'userId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'users',
+      cascadeDelete: true,
+    },
+    {
+      name: 'ipAddress',
+      type: 'text',
+      required: false,
+    },
+    {
+      name: 'userAgent',
+      type: 'text',
+      required: false,
+    },
+    {
+      name: 'metadata',
+      type: 'json',
+      required: false,
+    },
+  ],
+  indexes: [
+    'CREATE INDEX idx_audit_logs_org ON audit_logs (organizationId)',
+    'CREATE INDEX idx_audit_logs_user ON audit_logs (userId)',
+    'CREATE INDEX idx_audit_logs_entity ON audit_logs (entityType, entityId)',
+    'CREATE INDEX idx_audit_logs_action ON audit_logs (action)',
+    'CREATE INDEX idx_audit_logs_created ON audit_logs (created DESC)',
+  ],
+};

package/template/host/src/lib/pocketbase/collections/index.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import type { Migration } from '../types';
+import { users } from './users';
+import { organizations } from './organizations';
+import { roles } from './roles';
+import { permissions } from './permissions';
+import { userRoles } from './user_roles';
+import { auditLogs } from './audit_logs';
+import { todos } from './todos';
+// Wrap each collection in a migration function
+export const collections: Migration[] = [
+  () => users,
+  () => organizations,
+  () => roles,
+  () => permissions,
+  () => userRoles,
+  () => auditLogs,
+  () => todos,
+];

package/template/host/src/lib/pocketbase/collections/organizations.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import type { Collection } from '../types';
+export const organizations: Collection = {
+  type: 'base',
+  name: 'organizations',
+  // Multi-tenancy: Users can only see their organization
+  listRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  viewRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  // Only org owners/admins can create/update/delete
+  createRule:
+    '@request.auth.id != "" && @request.auth.roles.role.name = "Owner"',
+  updateRule:
+    '@request.auth.id != "" && @request.auth.roles.role.name = "Owner"',
+  deleteRule:
+    '@request.auth.id != "" && @request.auth.roles.role.name = "Owner"',
+  fields: [
+    {
+      name: 'name',
+      type: 'text',
+      required: true,
+      min: 1,
+      max: 100,
+    },
+    {
+      name: 'slug',
+      type: 'text',
+      required: true,
+      unique: true,
+      pattern: '^[a-z0-9-]+$',
+    },
+    {
+      name: 'logo',
+      type: 'url',
+      required: false,
+    },
+    {
+      name: 'ownerId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'users',
+      cascadeDelete: true,
+    },
+    {
+      name: 'settings',
+      type: 'json',
+      required: false,
+    },
+    {
+      name: 'maxUsers',
+      type: 'number',
+      required: true,
+      default: 10,
+      min: 1,
+    },
+  ],
+  indexes: [
+    'CREATE UNIQUE INDEX idx_organizations_slug ON organizations (slug)',
+    'CREATE INDEX idx_organizations_owner ON organizations (ownerId)',
+  ],
+};

package/template/host/src/lib/pocketbase/collections/permissions.ts ADDED Viewed

@@ -0,0 +1,57 @@
+import type { Collection } from '../types';
+export const permissions: Collection = {
+  type: 'base',
+  name: 'permissions',
+  // Users can see permissions for their organization
+  listRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  viewRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  // Only org owners/admins can manage permissions
+  createRule:
+    '@request.auth.id != "" && (@request.auth.roles.role.name = "Owner" || @request.auth.roles.role.name = "Admin")',
+  updateRule:
+    '@request.auth.id != "" && (@request.auth.roles.role.name = "Owner" || @request.auth.roles.role.name = "Admin")',
+  deleteRule:
+    '@request.auth.id != "" && @request.auth.roles.role.name = "Owner"',
+  fields: [
+    {
+      name: 'name',
+      type: 'text',
+      required: true,
+    },
+    {
+      name: 'slug',
+      type: 'text',
+      required: true,
+    },
+    {
+      name: 'description',
+      type: 'text',
+      required: false,
+    },
+    {
+      name: 'organizationId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'organizations',
+      cascadeDelete: true,
+    },
+    {
+      name: 'resource',
+      type: 'text',
+      required: true,
+    },
+    {
+      name: 'action',
+      type: 'text',
+      required: true,
+    },
+  ],
+  indexes: [
+    'CREATE UNIQUE INDEX idx_permissions_org_slug ON permissions (organizationId, slug)',
+    'CREATE INDEX idx_permissions_resource_action ON permissions (resource, action)',
+  ],
+};

package/template/host/src/lib/pocketbase/collections/roles.ts ADDED Viewed

@@ -0,0 +1,55 @@
+import type { Collection } from '../types';
+export const roles: Collection = {
+  type: 'base',
+  name: 'roles',
+  // Users can see roles in their organization
+  listRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  viewRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  // Only org owners/admins can manage roles
+  createRule:
+    '@request.auth.id != "" && (@request.auth.roles.role.name = "Owner" || @request.auth.roles.role.name = "Admin")',
+  updateRule:
+    '@request.auth.id != "" && (@request.auth.roles.role.name = "Owner" || @request.auth.roles.role.name = "Admin")',
+  deleteRule:
+    '@request.auth.id != "" && @request.auth.roles.role.name = "Owner"',
+  fields: [
+    {
+      name: 'name',
+      type: 'text',
+      required: true,
+      min: 1,
+      max: 50,
+    },
+    {
+      name: 'slug',
+      type: 'text',
+      required: true,
+    },
+    {
+      name: 'description',
+      type: 'text',
+      required: false,
+    },
+    {
+      name: 'organizationId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'organizations',
+      cascadeDelete: true,
+    },
+    {
+      name: 'isSystem',
+      type: 'bool',
+      required: true,
+      default: false, // System roles (Owner, Admin, Member, Guest) cannot be deleted
+    },
+  ],
+  indexes: [
+    'CREATE UNIQUE INDEX idx_roles_org_slug ON roles (organizationId, slug)',
+    'CREATE INDEX idx_roles_org ON roles (organizationId)',
+  ],
+};

package/template/host/src/lib/pocketbase/collections/todos.ts ADDED Viewed

@@ -0,0 +1,74 @@
+import type { Collection } from '../types';
+export const todos: Collection = {
+  type: 'base',
+  name: 'todos',
+  // Multi-tenancy: Users can only see todos in their organization
+  listRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  viewRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  // Authenticated users can create todos
+  createRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  // Users can update their own todos
+  updateRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations && owner = @request.auth.id',
+  // Users can delete their own todos
+  deleteRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations && owner = @request.auth.id',
+  fields: [
+    {
+      name: 'title',
+      type: 'text',
+      required: true,
+      min: 1,
+      max: 200,
+    },
+    {
+      name: 'description',
+      type: 'text',
+      required: false,
+    },
+    {
+      name: 'completed',
+      type: 'bool',
+      required: true,
+      default: false,
+    },
+    {
+      name: 'priority',
+      type: 'select',
+      required: true,
+      values: ['low', 'medium', 'high'],
+      default: 'medium',
+    },
+    {
+      name: 'dueDate',
+      type: 'date',
+      required: false,
+    },
+    {
+      name: 'owner',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'users',
+      cascadeDelete: true,
+    },
+    {
+      name: 'organizationId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'organizations',
+      cascadeDelete: true,
+    },
+  ],
+  indexes: [
+    'CREATE INDEX idx_todos_org ON todos (organizationId)',
+    'CREATE INDEX idx_todos_owner ON todos (owner)',
+    'CREATE INDEX idx_todos_completed ON todos (completed)',
+    'CREATE INDEX idx_todos_priority ON todos (priority)',
+  ],
+};

package/template/host/src/lib/pocketbase/collections/user_roles.ts ADDED Viewed

@@ -0,0 +1,57 @@
+import type { Collection } from '../types';
+export const userRoles: Collection = {
+  type: 'base',
+  name: 'user_roles',
+  // Users can see who has roles in their org
+  listRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  viewRule:
+    '@request.auth.id != "" && organization = @request.auth.membership.organizations',
+  // Only org owners/admins can assign roles
+  createRule:
+    '@request.auth.id != "" && (@request.auth.roles.role.name = "Owner" || @request.auth.roles.role.name = "Admin")',
+  updateRule:
+    '@request.auth.id != "" && (@request.auth.roles.role.name = "Owner" || @request.auth.roles.role.name = "Admin")',
+  deleteRule:
+    '@request.auth.id != "" && (@request.auth.roles.role.name = "Owner" || @request.auth.roles.role.name = "Admin")',
+  fields: [
+    {
+      name: 'userId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'users',
+      cascadeDelete: true,
+    },
+    {
+      name: 'roleId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'roles',
+      cascadeDelete: true,
+    },
+    {
+      name: 'organizationId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'organizations',
+      cascadeDelete: false,
+    },
+    {
+      name: 'assignedBy',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'users',
+      cascadeDelete: true,
+    },
+  ],
+  indexes: [
+    'CREATE UNIQUE INDEX idx_user_roles_user_role ON user_roles (userId, roleId)',
+    'CREATE INDEX idx_user_roles_org ON user_roles (organizationId)',
+    'CREATE INDEX idx_user_roles_user ON user_roles (userId)',
+  ],
+};

package/template/host/src/lib/pocketbase/collections/users.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import type { Collection } from '../types';
+export const users: Collection = {
+  type: 'auth',
+  name: 'users',
+  // Users can view their own profile
+  viewRule: 'id = @request.auth.id',
+  // Users can update their own profile
+  updateRule: 'id = @request.auth.id',
+  // No public list/create/delete - must be done by org admin
+  listRule: null,
+  createRule: null,
+  deleteRule: null,
+  fields: [
+    {
+      name: 'name',
+      type: 'text',
+      required: true,
+      min: 1,
+      max: 100,
+    },
+    {
+      name: 'avatar',
+      type: 'url',
+      required: false,
+    },
+    {
+      name: 'organizationId',
+      type: 'relation',
+      required: true,
+      maxSelect: 1,
+      collectionId: 'organizations',
+      cascadeDelete: false, // Don't delete user when org deleted
+    },
+    {
+      name: 'isActive',
+      type: 'bool',
+      required: true,
+      default: true,
+    },
+  ],
+  indexes: ['CREATE INDEX idx_users_org ON users (organizationId)'],
+};

package/template/host/src/lib/pocketbase/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export * from './client';
+export * from './types';
+export * from './migrations';
+export * from './collections';
+export * from './seed';

package/template/host/src/lib/pocketbase/migrations.ts ADDED Viewed

@@ -0,0 +1,44 @@
+import PocketBase from 'pocketbase';
+import type { Collection, Migration } from './types';
+export async function runMigrations(pb: PocketBase, migrations: Migration[]) {
+  console.log('[Migrations] Starting PocketBase migrations...');
+  for (const migration of migrations) {
+    const result = migration();
+    const collections = Array.isArray(result) ? result : [result];
+    for (const collection of collections) {
+      await ensureCollection(pb, collection);
+    }
+  }
+  console.log('[Migrations] ✅ All migrations complete');
+}
+async function ensureCollection(pb: PocketBase, collection: Collection) {
+  const existing = await pb.collections.getList(1, 50, {
+    filter: `name = "${collection.name}"`,
+  });
+  if (existing.totalItems > 0) {
+    console.log(`[Migrations] ✓ Collection exists: ${collection.name}`);
+    return;
+  }
+  console.log(`[Migrations] → Creating collection: ${collection.name}`);
+  const result = await pb.collections.create({
+    type: collection.type,
+    name: collection.name,
+    listRule: collection.listRule,
+    viewRule: collection.viewRule,
+    createRule: collection.createRule,
+    updateRule: collection.updateRule,
+    deleteRule: collection.deleteRule,
+    fields: collection.fields,
+    indexes: collection.indexes,
+  });
+  console.log(`[Migrations]   ✅ Created: ${result.name} (${result.id})`);
+}

package/template/host/src/lib/pocketbase/seed/permissions.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { Collection } from '../types';
+export const systemPermissions: Omit<Collection, 'type' | 'indexes'>[] = [
+  {
+    name: 'permissions',
+    fields: [] as any,
+  },
+];

package/template/host/src/lib/pocketbase/seed/roles.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import type { Collection } from '../types';
+// System roles that exist for every organization
+// Note: These are the collection definitions, not the role records themselves
+export const systemRoles: Omit<Collection, 'type' | 'indexes'>[] = [
+  {
+    name: 'roles_owner',
+    fields: [] as any,
+  },
+  {
+    name: 'roles_admin',
+    fields: [] as any,
+  },
+  {
+    name: 'roles_member',
+    fields: [] as any,
+  },
+  {
+    name: 'roles_guest',
+    fields: [] as any,
+  },
+];

package/template/host/src/lib/pocketbase/seed.ts ADDED Viewed

@@ -0,0 +1,113 @@
+import PocketBase from 'pocketbase';
+interface SeedData {
+  adminEmail: string;
+  adminPassword: string;
+  adminName: string;
+  orgName: string;
+}
+export async function seedDatabase(pb: PocketBase, seedData: SeedData) {
+  console.log('[Seed] Starting database seeding...');
+  // Check if already seeded
+  const existingOrgs = await pb.collection('organizations').getList(1, 1);
+  if (existingOrgs.totalItems > 0) {
+    console.log('[Seed] ℹ Database already seeded, skipping...');
+    return;
+  }
+  console.log('[Seed] → Creating admin user...');
+  // Create admin user
+  const admin = await pb.collection('users').create({
+    email: seedData.adminEmail,
+    password: seedData.adminPassword,
+    passwordConfirm: seedData.adminPassword,
+    name: seedData.adminName,
+  });
+  console.log('[Seed] → Creating organization...');
+  // Create organization
+  const organization = await pb.collection('organizations').create({
+    name: seedData.orgName,
+    slug: seedData.orgName.toLowerCase().replace(/\s+/g, '-'),
+    ownerId: admin.id,
+  });
+  // Update admin with organization
+  await pb.collection('users').update(admin.id, {
+    organizationId: organization.id,
+  });
+  console.log('[Seed] → Creating system roles...');
+  // Create system roles
+  const roleMap = new Map<string, string>();
+  const systemRolesData = [
+    { name: 'Owner', slug: 'owner', description: 'Full access to all resources' },
+    { name: 'Admin', slug: 'admin', description: 'Can manage users, roles, and most settings' },
+    { name: 'Member', slug: 'member', description: 'Standard user with basic access' },
+    { name: 'Guest', slug: 'guest', description: 'Limited access, read-only' },
+  ];
+  for (const roleData of systemRolesData) {
+    const role = await pb.collection('roles').create({
+      name: roleData.name,
+      description: roleData.description,
+      organizationId: '', // Empty string for system roles
+      isSystem: true,
+    });
+    roleMap.set(roleData.slug, role.id);
+  }
+  console.log('[Seed] → Creating sample todos...');
+  // Create sample todos
+  await pb.collection('todos').create({
+    title: 'Welcome to Lego-One! 👋',
+    description:
+      'This is your first todo item. Try editing or completing it!',
+    completed: false,
+    priority: 'medium',
+    owner: admin.id,
+    organizationId: organization.id,
+  });
+  await pb.collection('todos').create({
+    title: 'Explore the Dashboard',
+    description:
+      'Check out the Dashboard plugin to see your stats and activity.',
+    completed: false,
+    priority: 'low',
+    owner: admin.id,
+    organizationId: organization.id,
+  });
+  await pb.collection('todos').create({
+    title: 'Manage your Organization',
+    description:
+      'Go to Settings to invite team members and configure roles.',
+    completed: false,
+    priority: 'high',
+    owner: admin.id,
+    organizationId: organization.id,
+  });
+  console.log('[Seed] → Assigning Owner role to admin...');
+  // Assign Owner role to admin
+  await pb.collection('user_roles').create({
+    userId: admin.id,
+    roleId: roleMap.get('owner')!,
+    organizationId: organization.id,
+  });
+  console.log('[Seed] ✅ Database seeded successfully!');
+  console.log('');
+  console.log('📧 Login credentials:');
+  console.log(`   Email: ${seedData.adminEmail}`);
+  console.log(`   Password: ${seedData.adminPassword}`);
+}