npm - extractia-sdk - Versions diffs - 1.2.0 → 1.3.0 - Mend

extractia-sdk 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -839,19 +839,19 @@ Available permissions: `"upload"` · `"view"` · `"template"` · `"settings"` ·
 ### Document History
 ```js
-import { getDocumentHistory } from 'extractia-sdk';
+import { getDocumentHistory } from "extractia-sdk";
 const log = await getDocumentHistory({ page: 0, size: 20 });
 log.content.forEach((entry) => {
   console.log(entry.templateName, entry.status, entry.uploadDate);
-  if (entry.status === 'FAILURE') console.error(entry.errorMessage);
+  if (entry.status === "FAILURE") console.error(entry.errorMessage);
 });
 ```
 ### List Sub-Users
 ```js
-import { getSubUsers } from 'extractia-sdk';
+import { getSubUsers } from "extractia-sdk";
 const users = await getSubUsers();
 // [{ username: 'agent_carlos', permissions: ['upload','view'], suspended: false }]
@@ -860,12 +860,12 @@ const users = await getSubUsers();
 ### Create a Sub-User
 ```js
-import { createSubUser } from 'extractia-sdk';
+import { createSubUser } from "extractia-sdk";
 const sub = await createSubUser({
-  username: 'agent_carlos',
-  password: 'SecurePass1',
-  permissions: ['upload', 'view'],
+  username: "agent_carlos",
+  password: "SecurePass1",
+  permissions: ["upload", "view"],
 });
 ```
@@ -881,10 +881,10 @@ const sub = await createSubUser({
 Only the fields you include are changed. Omit `password` to keep it unchanged.
 ```js
-import { updateSubUser } from 'extractia-sdk';
+import { updateSubUser } from "extractia-sdk";
-await updateSubUser('agent_carlos', {
-  permissions: ['upload', 'view', 'export'],
+await updateSubUser("agent_carlos", {
+  permissions: ["upload", "view", "export"],
   // password: 'NewPass99',   ← optional
 });
 ```
@@ -892,9 +892,9 @@ await updateSubUser('agent_carlos', {
 ### Delete a Sub-User
 ```js
-import { deleteSubUser } from 'extractia-sdk';
+import { deleteSubUser } from "extractia-sdk";
-await deleteSubUser('agent_carlos');
+await deleteSubUser("agent_carlos");
 ```
 ### Suspend / Reactivate
@@ -902,9 +902,9 @@ await deleteSubUser('agent_carlos');
 A suspended sub-user cannot log in. Calling the same method again reactivates them.
 ```js
-import { toggleSuspendSubUser } from 'extractia-sdk';
+import { toggleSuspendSubUser } from "extractia-sdk";
-const state = await toggleSuspendSubUser('agent_carlos');
+const state = await toggleSuspendSubUser("agent_carlos");
 console.log(state.suspended); // true | false
 ```

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "extractia-sdk",
-  "version": "1.2.0",
+  "version": "1.3.0",
   "description": "JavaScript SDK for the ExtractIA API — document extraction, OCR tools, AI summaries, templates & more",
   "type": "module",
   "author": "ExtractIA Team",

package/src/subusers.js CHANGED Viewed

@@ -11,6 +11,7 @@ import api from "./apiClient.js";
  * @returns {Promise<Array<{
  *   username: string,
  *   permissions: string[],
+ *   allowedFormIds: string[] | null,
  *   suspended: boolean,
  *   lastKnownLocation?: string,
  *   lastLocationAt?: string
@@ -25,24 +26,40 @@ export async function getSubUsers() {
  * Creates a new sub-user for the authenticated account.
  *
  * Available permissions: `"upload"`, `"view"`, `"template"`, `"settings"`,
- * `"export"`, `"api"`.
+ * `"export"`, `"ocr_tools"`, `"gallery"`, `"smart_scan"`, `"ia_agent"`.
  *
- * @param {Object}   subUser              - Sub-user definition.
- * @param {string}   subUser.username     - Unique username (must not be an existing account email).
- * @param {string}   subUser.password     - Initial password (must differ from the owner's password).
- * @param {string[]} subUser.permissions  - List of permission strings to grant.
- * @returns {Promise<{ username: string, permissions: string[] }>} Confirmation object.
+ * @param {Object}    subUser                   - Sub-user definition.
+ * @param {string}    subUser.username           - Unique username (must not be an existing account email).
+ * @param {string}    subUser.password           - Initial password (must differ from the owner's password).
+ * @param {string[]}  subUser.permissions        - List of permission strings to grant.
+ * @param {string[]?} subUser.allowedFormIds     - Optional list of form template IDs this sub-user may access.
+ *                                                 When omitted or null, the sub-user can access all forms.
+ * @returns {Promise<{ username: string, permissions: string[], allowedFormIds?: string[] }>} Confirmation object.
  * @throws {ForbiddenError}   403 if the plan does not allow sub-users or the limit is reached.
  * @throws {ExtractiaError}   409 if the username is already taken.
  */
-export async function createSubUser({ username, password, permissions }) {
-  const res = await api.post("/me/subusers", { username, password, permissions });
+export async function createSubUser({
+  username,
+  password,
+  permissions,
+  allowedFormIds,
+}) {
+  const res = await api.post("/me/subusers", {
+    username,
+    password,
+    permissions,
+    ...(allowedFormIds !== undefined ? { allowedFormIds } : {}),
+  });
   return res.data;
 }
 /**
  * Deletes a sub-user by username.
  *
+ * @note The deleted sub-user's JWT token is immediately rejected by the server
+ *       on every subsequent request — no grace period. Token revocation happens
+ *       automatically via the authentication filter.
+ *
  * @param {string} username - The sub-user's username.
  * @returns {Promise<{ deleted: string }>} Confirmation with the deleted username.
  * @throws {NotFoundError} 404 if the sub-user does not exist.
@@ -53,19 +70,24 @@ export async function deleteSubUser(username) {
 }
 /**
- * Updates the permissions and/or password of a sub-user.
+ * Updates the permissions, allowed forms, and/or password of a sub-user.
  *
- * Pass only the fields you want to change. Omitting `password` leaves it unchanged.
+ * Pass only the fields you want to change. Omitting a field leaves it unchanged.
  *
- * @param {string}    username                  - The sub-user's username.
- * @param {Object}    updates                   - Fields to update.
- * @param {string[]}  [updates.permissions]     - New permission set (replaces existing).
- * @param {string}    [updates.password]        - New password (must differ from owner's password).
+ * @param {string}    username                      - The sub-user's username.
+ * @param {Object}    updates                       - Fields to update.
+ * @param {string[]}  [updates.permissions]         - New permission set (replaces existing).
+ * @param {string[]?} [updates.allowedFormIds]      - New allowed form ID list (replaces existing).
+ *                                                     Pass an empty array to remove all restrictions.
+ * @param {string}    [updates.password]            - New password (must differ from owner's password).
  * @returns {Promise<{ username: string, updated: boolean }>}
  * @throws {NotFoundError} 404 if the sub-user does not exist.
  */
 export async function updateSubUser(username, updates = {}) {
-  const res = await api.put(`/me/subusers/${encodeURIComponent(username)}`, updates);
+  const res = await api.put(
+    `/me/subusers/${encodeURIComponent(username)}`,
+    updates,
+  );
   return res.data;
 }
@@ -80,6 +102,8 @@ export async function updateSubUser(username, updates = {}) {
  * @throws {NotFoundError} 404 if the sub-user does not exist.
  */
 export async function toggleSuspendSubUser(username) {
-  const res = await api.put(`/me/subusers/${encodeURIComponent(username)}/suspend`);
+  const res = await api.put(
+    `/me/subusers/${encodeURIComponent(username)}/suspend`,
+  );
   return res.data;
 }