fastmode-mcp 1.0.3 → 1.1.0

package/README.md

@@ -138,27 +138,55 @@ The MCP server automatically downloads prebuilt binaries for your platform durin
 
 Add to `~/.claude/settings.json`:
 
+**macOS/Linux:**
 ```json
 {
   "mcpServers": {
     "fastmode": {
-      "command": "npx",
-      "args": ["-y", "fastmode-mcp"]
+      "command": "/bin/zsh",
+      "args": ["-l", "-c", "npx -y fastmode-mcp"]
+    }
+  }
+}
+```
+
+**Windows:**
+```json
+{
+  "mcpServers": {
+    "fastmode": {
+      "command": "cmd",
+      "args": ["/c", "npx -y fastmode-mcp"]
     }
   }
 }
 ```
 
+> **Why the shell wrapper?** VS Code extensions don't inherit your shell's PATH, so if you use nvm, volta, or homebrew for Node.js, the simple `npx` command won't be found. The shell wrapper loads your profile first.
+
 ### For Cursor
 
 Add to your Cursor MCP settings (`~/.cursor/mcp.json` or project-level `.cursor/mcp.json`):
 
+**macOS/Linux:**
 ```json
 {
   "mcpServers": {
     "fastmode": {
-      "command": "npx",
-      "args": ["-y", "fastmode-mcp"]
+      "command": "/bin/zsh",
+      "args": ["-l", "-c", "npx -y fastmode-mcp"]
+    }
+  }
+}
+```
+
+**Windows:**
+```json
+{
+  "mcpServers": {
+    "fastmode": {
+      "command": "cmd",
+      "args": ["/c", "npx -y fastmode-mcp"]
     }
   }
 }

package/dist/index.js

@@ -51,6 +51,7 @@ const sync_schema_1 = require("./tools/sync-schema");
 const generate_samples_1 = require("./tools/generate-samples");
 const get_started_1 = require("./tools/get-started");
 const cms_items_1 = require("./tools/cms-items");
+const portal_clients_1 = require("./tools/portal-clients");
 // Server instructions - embedded in tool descriptions since MCP SDK doesn't have a dedicated field
 // The get_started tool description acts as the primary entry point guidance for agents
 const server = new index_js_1.Server({
@@ -73,8 +74,8 @@ const TOOLS = [
             properties: {
                 intent: {
                     type: 'string',
-                    enum: ['explore', 'add_content', 'update_schema', 'convert', 'deploy'],
-                    description: 'What you want to do: explore (see projects), add_content (create/edit items), update_schema (add collections/fields), convert (new website), deploy (push changes)',
+                    enum: ['explore', 'add_content', 'update_schema', 'convert', 'deploy', 'manage_clients'],
+                    description: 'What you want to do: explore (see projects), add_content (create/edit items), update_schema (add collections/fields), convert (new website), deploy (push changes), manage_clients (invite/manage portal clients)',
                 },
                 projectId: {
                     type: 'string',
@@ -540,6 +541,129 @@ const TOOLS = [
             required: ['projectId', 'collectionSlug'],
         },
     },
+    // Portal Client Management
+    {
+        name: 'invite_client',
+        description: 'Invite a client to the project portal. Sends an invitation with a unique link. The client creates a password and gets access to manage content. Portal is auto-enabled on the project if not already active. Default permissions: cms.read, cms.write, editor, forms.read.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                projectId: {
+                    type: 'string',
+                    description: 'Project ID (UUID) or project name.',
+                },
+                email: {
+                    type: 'string',
+                    description: 'Client email address to invite.',
+                },
+                name: {
+                    type: 'string',
+                    description: 'Optional: Client name for the invitation.',
+                },
+                permissions: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'Optional: Array of permissions. Available: cms.read, cms.write, editor, forms.read, dns, api, notifications, billing. Defaults to [cms.read, cms.write, editor, forms.read] if not specified.',
+                },
+            },
+            required: ['projectId', 'email'],
+        },
+    },
+    {
+        name: 'list_clients',
+        description: 'List all portal clients (users) who have access to this project. Shows their email, name, permissions, and last login.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                projectId: {
+                    type: 'string',
+                    description: 'Project ID (UUID) or project name.',
+                },
+            },
+            required: ['projectId'],
+        },
+    },
+    {
+        name: 'list_invitations',
+        description: 'List pending portal invitations for this project. Shows invitations that have been sent but not yet accepted.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                projectId: {
+                    type: 'string',
+                    description: 'Project ID (UUID) or project name.',
+                },
+            },
+            required: ['projectId'],
+        },
+    },
+    {
+        name: 'update_client_permissions',
+        description: 'Update the permissions for an existing portal client. Use list_clients to get the access ID. Available permissions: cms.read, cms.write, editor, forms.read, dns, api, notifications, billing.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                projectId: {
+                    type: 'string',
+                    description: 'Project ID (UUID) or project name.',
+                },
+                accessId: {
+                    type: 'string',
+                    description: 'The access ID of the client (from list_clients).',
+                },
+                permissions: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'The new set of permissions to assign. This replaces ALL existing permissions.',
+                },
+            },
+            required: ['projectId', 'accessId', 'permissions'],
+        },
+    },
+    {
+        name: 'revoke_client_access',
+        description: 'Revoke a client\'s portal access. REQUIRES explicit user confirmation before calling. Ask the user to confirm first. The client will no longer be able to access the portal.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                projectId: {
+                    type: 'string',
+                    description: 'Project ID (UUID) or project name.',
+                },
+                accessId: {
+                    type: 'string',
+                    description: 'The access ID of the client to revoke (from list_clients).',
+                },
+                confirmRevoke: {
+                    type: 'boolean',
+                    description: 'Must be true. Only set this after the user has explicitly confirmed they want to revoke access.',
+                },
+            },
+            required: ['projectId', 'accessId', 'confirmRevoke'],
+        },
+    },
+    {
+        name: 'cancel_invitation',
+        description: 'Cancel a pending portal invitation. REQUIRES explicit user confirmation before calling. The invitation link will no longer work.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                projectId: {
+                    type: 'string',
+                    description: 'Project ID (UUID) or project name.',
+                },
+                invitationId: {
+                    type: 'string',
+                    description: 'The invitation ID to cancel (from list_invitations).',
+                },
+                confirmCancel: {
+                    type: 'boolean',
+                    description: 'Must be true. Only set this after the user has explicitly confirmed they want to cancel the invitation.',
+                },
+            },
+            required: ['projectId', 'invitationId', 'confirmCancel'],
+        },
+    },
 ];
 // Handle list tools request
 server.setRequestHandler(types_js_1.ListToolsRequestSchema, async () => {
@@ -662,6 +786,45 @@ server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
                     fieldSlug: params.fieldSlug,
                 });
                 break;
+            case 'invite_client':
+                result = await (0, portal_clients_1.inviteClient)({
+                    projectId: params.projectId,
+                    email: params.email,
+                    name: params.name,
+                    permissions: params.permissions,
+                });
+                break;
+            case 'list_clients':
+                result = await (0, portal_clients_1.listClients)({
+                    projectId: params.projectId,
+                });
+                break;
+            case 'list_invitations':
+                result = await (0, portal_clients_1.listInvitations)({
+                    projectId: params.projectId,
+                });
+                break;
+            case 'update_client_permissions':
+                result = await (0, portal_clients_1.updateClientPermissions)({
+                    projectId: params.projectId,
+                    accessId: params.accessId,
+                    permissions: params.permissions,
+                });
+                break;
+            case 'revoke_client_access':
+                result = await (0, portal_clients_1.revokeClientAccess)({
+                    projectId: params.projectId,
+                    accessId: params.accessId,
+                    confirmRevoke: params.confirmRevoke,
+                });
+                break;
+            case 'cancel_invitation':
+                result = await (0, portal_clients_1.cancelInvitation)({
+                    projectId: params.projectId,
+                    invitationId: params.invitationId,
+                    confirmCancel: params.confirmCancel,
+                });
+                break;
             default:
                 return {
                     content: [{ type: 'text', text: `Unknown tool: ${name}` }],

package/dist/lib/api-client.d.ts

@@ -35,7 +35,7 @@ export declare function getAuthRequiredMessage(): string;
  */
 export interface ApiRequestOptions {
     tenantId?: string;
-    method?: 'GET' | 'POST' | 'PUT' | 'DELETE';
+    method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
     body?: unknown;
 }
 /**

package/dist/lib/api-client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.d.ts","sourceRoot":"","sources":["../../src/lib/api-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED;;GAEG;AACH,wBAAgB,SAAS,IAAI,MAAM,CAElC;AAED;;GAEG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,SAAS,CAAC,CAgB5D;AAED;;GAEG;AACH,wBAAgB,YAAY,IAAI,SAAS,CAKxC;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,OAAO,CAE1C;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC,CAW5D;AAED;;GAEG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAS/C;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,CAAC;IAC3C,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,OAAO,EAAE,KAAK,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,CAAC,EAChC,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,iBAAsB,GAC9B,OAAO,CAAC;IAAE,IAAI,EAAE,CAAC,CAAA;CAAE,GAAG,QAAQ,CAAC,CAoEjC;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,OAAO,GAAG,QAAQ,IAAI,QAAQ,CAOlE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,QAAQ,GAAG,OAAO,CAEvD;AAYD;;;GAGG;AACH,wBAAsB,gBAAgB,CAAC,iBAAiB,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAwCnH;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,CAAC,EACxC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,IAAI,CAAC,iBAAiB,EAAE,UAAU,CAAM,GAChD,OAAO,CAAC;IAAE,IAAI,EAAE,CAAC,CAAA;CAAE,GAAG,QAAQ,CAAC,CAOjC"}
+{"version":3,"file":"api-client.d.ts","sourceRoot":"","sources":["../../src/lib/api-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED;;GAEG;AACH,wBAAgB,SAAS,IAAI,MAAM,CAElC;AAED;;GAEG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,SAAS,CAAC,CAgB5D;AAED;;GAEG;AACH,wBAAgB,YAAY,IAAI,SAAS,CAKxC;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,OAAO,CAE1C;AAED;;GAEG;AACH,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC,CAW5D;AAED;;GAEG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,CAS/C;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAC;IACrD,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,OAAO,EAAE,KAAK,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,CAAC,EAChC,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,iBAAsB,GAC9B,OAAO,CAAC;IAAE,IAAI,EAAE,CAAC,CAAA;CAAE,GAAG,QAAQ,CAAC,CAoEjC;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,OAAO,GAAG,QAAQ,IAAI,QAAQ,CAOlE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,QAAQ,GAAG,OAAO,CAEvD;AAYD;;;GAGG;AACH,wBAAsB,gBAAgB,CAAC,iBAAiB,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAwCnH;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,CAAC,EACxC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,IAAI,CAAC,iBAAiB,EAAE,UAAU,CAAM,GAChD,OAAO,CAAC;IAAE,IAAI,EAAE,CAAC,CAAA;CAAE,GAAG,QAAQ,CAAC,CAOjC"}

package/dist/tools/get-started.d.ts

@@ -6,7 +6,7 @@
  * 2. Intent Inference - Determine what user wants to do
  * 3. Guided Execution - Provide exact tool calls with real values
  */
-export type Intent = 'explore' | 'add_content' | 'update_schema' | 'convert' | 'deploy';
+export type Intent = 'explore' | 'add_content' | 'update_schema' | 'convert' | 'deploy' | 'manage_clients';
 export interface GetStartedInput {
     intent?: Intent;
     projectId?: string;

package/dist/tools/get-started.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-started.d.ts","sourceRoot":"","sources":["../../src/tools/get-started.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA8CH,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,aAAa,GAAG,eAAe,GAAG,SAAS,GAAG,QAAQ,CAAC;AAExF,MAAM,WAAW,eAAe;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAgnBD;;;;;GAKG;AACH,wBAAsB,UAAU,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CA4FxE"}
+{"version":3,"file":"get-started.d.ts","sourceRoot":"","sources":["../../src/tools/get-started.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA8CH,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,aAAa,GAAG,eAAe,GAAG,SAAS,GAAG,QAAQ,GAAG,gBAAgB,CAAC;AAE3G,MAAM,WAAW,eAAe;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AA2rBD;;;;;GAKG;AACH,wBAAsB,UAAU,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAgHxE"}

package/dist/tools/get-started.js

@@ -101,6 +101,11 @@ get_started(intent: "deploy", projectId: "${firstProject.id}")
 get_started(intent: "convert")
 \`\`\`
 
+### Manage portal clients
+\`\`\`
+get_started(intent: "manage_clients", projectId: "${firstProject.id}")
+\`\`\`
+
 ## Available Intents
 
 | Intent | Description |
@@ -110,6 +115,7 @@ get_started(intent: "convert")
 | \`update_schema\` | Add collections or fields |
 | \`convert\` | Build a new website from scratch |
 | \`deploy\` | Push changes to an existing site |
+| \`manage_clients\` | Invite/manage client portal users |
 `;
     return output;
 }
@@ -578,6 +584,74 @@ deploy_package(
 `;
     return output;
 }
+/**
+ * Build the manage_clients response
+ */
+function buildManageClientsResponse(project) {
+    return `# Fast Mode MCP - Manage Portal Clients
+
+## Project: ${project.name}
+**URL:** https://${project.subdomain}.fastmode.ai
+
+---
+
+## Workflow: Client Portal Management
+
+### Step 1: See who has access
+\`\`\`
+list_clients(projectId: "${project.id}")
+\`\`\`
+
+### Step 2: See pending invitations
+\`\`\`
+list_invitations(projectId: "${project.id}")
+\`\`\`
+
+### Step 3: Invite a new client
+\`\`\`
+invite_client(
+  projectId: "${project.id}",
+  email: "client@example.com",
+  name: "Client Name"
+)
+\`\`\`
+
+### Step 4: Update permissions
+\`\`\`
+update_client_permissions(
+  projectId: "${project.id}",
+  accessId: "ACCESS_ID_FROM_LIST",
+  permissions: ["cms.read", "cms.write", "editor"]
+)
+\`\`\`
+
+### Step 5: Revoke access (requires user confirmation)
+\`\`\`
+revoke_client_access(
+  projectId: "${project.id}",
+  accessId: "ACCESS_ID",
+  confirmRevoke: true
+)
+\`\`\`
+
+---
+
+## Available Permissions
+
+| Permission | Description |
+|------------|-------------|
+| \`cms.read\` | View collection items |
+| \`cms.write\` | Create/edit/archive/delete items |
+| \`editor\` | Access visual editor |
+| \`forms.read\` | View form submissions |
+| \`dns\` | Manage DNS settings |
+| \`api\` | Access API/integrations |
+| \`notifications\` | Manage notification rules |
+| \`billing\` | View plans and manage billing |
+
+**Default permissions:** cms.read, cms.write, editor, forms.read
+`;
+}
 /**
  * Build unauthenticated response
  */
@@ -689,6 +763,25 @@ Could not find project: "${projectId}"
 Use \`list_projects\` to see available projects.`;
             }
             return buildDeployResponse(context.selectedProject);
+        case 'manage_clients':
+            if (!context.selectedProject) {
+                if (!projectId) {
+                    return `# Project Required
+
+To manage clients, specify which project:
+\`\`\`
+get_started(intent: "manage_clients", projectId: "your-project-id")
+\`\`\`
+
+${buildExploreResponse(context)}`;
+                }
+                return `# Project Not Found
+
+Could not find project: "${projectId}"
+
+Use \`list_projects\` to see available projects.`;
+            }
+            return buildManageClientsResponse(context.selectedProject);
         case 'explore':
         default:
             // If projectId provided, show detailed project info

package/dist/tools/portal-clients.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Portal Client Management Tools
+ *
+ * Tools for inviting clients, managing permissions, and revoking access
+ * to the client portal via the portal-admin API.
+ */
+/**
+ * Invite a client to the project portal
+ */
+export declare function inviteClient(params: {
+    projectId: string;
+    email: string;
+    name?: string;
+    permissions?: string[];
+}): Promise<string>;
+/**
+ * List all portal clients with access to this project
+ */
+export declare function listClients(params: {
+    projectId: string;
+}): Promise<string>;
+/**
+ * List pending portal invitations
+ */
+export declare function listInvitations(params: {
+    projectId: string;
+}): Promise<string>;
+/**
+ * Update a portal client's permissions
+ */
+export declare function updateClientPermissions(params: {
+    projectId: string;
+    accessId: string;
+    permissions: string[];
+}): Promise<string>;
+/**
+ * Revoke a client's portal access
+ * REQUIRES confirmRevoke: true to execute
+ */
+export declare function revokeClientAccess(params: {
+    projectId: string;
+    accessId: string;
+    confirmRevoke: boolean;
+}): Promise<string>;
+/**
+ * Cancel a pending portal invitation
+ * REQUIRES confirmCancel: true to execute
+ */
+export declare function cancelInvitation(params: {
+    projectId: string;
+    invitationId: string;
+    confirmCancel: boolean;
+}): Promise<string>;
+//# sourceMappingURL=portal-clients.d.ts.map

package/dist/tools/portal-clients.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"portal-clients.d.ts","sourceRoot":"","sources":["../../src/tools/portal-clients.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAiHH;;GAEG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE;IACzC,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB,GAAG,OAAO,CAAC,MAAM,CAAC,CAkDlB;AAuBD;;GAEG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE;IACxC,SAAS,EAAE,MAAM,CAAC;CACnB,GAAG,OAAO,CAAC,MAAM,CAAC,CA8BlB;AAmDD;;GAEG;AACH,wBAAsB,eAAe,CAAC,MAAM,EAAE;IAC5C,SAAS,EAAE,MAAM,CAAC;CACnB,GAAG,OAAO,CAAC,MAAM,CAAC,CA8BlB;AA4CD;;GAEG;AACH,wBAAsB,uBAAuB,CAAC,MAAM,EAAE;IACpD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,GAAG,OAAO,CAAC,MAAM,CAAC,CA0DlB;AAkBD;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE;IAC/C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,OAAO,CAAC;CACxB,GAAG,OAAO,CAAC,MAAM,CAAC,CAsDlB;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE;IAC7C,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,OAAO,CAAC;CACxB,GAAG,OAAO,CAAC,MAAM,CAAC,CAsDlB"}

package/dist/tools/portal-clients.js

@@ -0,0 +1,388 @@
+"use strict";
+/**
+ * Portal Client Management Tools
+ *
+ * Tools for inviting clients, managing permissions, and revoking access
+ * to the client portal via the portal-admin API.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.inviteClient = inviteClient;
+exports.listClients = listClients;
+exports.listInvitations = listInvitations;
+exports.updateClientPermissions = updateClientPermissions;
+exports.revokeClientAccess = revokeClientAccess;
+exports.cancelInvitation = cancelInvitation;
+const api_client_1 = require("../lib/api-client");
+const device_flow_1 = require("../lib/device-flow");
+// ============ Helpers ============
+const PERMISSION_DESCRIPTIONS = {
+    'cms.read': 'View collection items',
+    'cms.write': 'Create/edit/archive/delete items',
+    'editor': 'Access visual editor',
+    'forms.read': 'View form submissions',
+    'dns': 'Manage DNS settings',
+    'api': 'Access API/integrations',
+    'notifications': 'Manage notification rules',
+    'billing': 'View plans and manage billing',
+};
+const ALL_PERMISSIONS = Object.keys(PERMISSION_DESCRIPTIONS);
+/**
+ * Type guard to check if prepare result failed
+ */
+function prepFailed(prep) {
+    return !prep.success;
+}
+/**
+ * Helper to ensure authentication and resolve project ID
+ */
+async function prepareRequest(projectId) {
+    if (await (0, api_client_1.needsAuthentication)()) {
+        const authResult = await (0, device_flow_1.ensureAuthenticated)();
+        if (!authResult.authenticated) {
+            return { success: false, message: authResult.message };
+        }
+    }
+    const resolved = await (0, api_client_1.resolveProjectId)(projectId);
+    if ('error' in resolved) {
+        return { success: false, message: `# Project Not Found\n\n${resolved.error}` };
+    }
+    return { success: true, tenantId: resolved.tenantId };
+}
+/**
+ * Format permissions as a readable list
+ */
+function formatPermissions(permissions) {
+    return permissions
+        .map(p => `- \`${p}\` — ${PERMISSION_DESCRIPTIONS[p] || 'Unknown permission'}`)
+        .join('\n');
+}
+// ============ Exported Functions ============
+/**
+ * Invite a client to the project portal
+ */
+async function inviteClient(params) {
+    const prep = await prepareRequest(params.projectId);
+    if (prepFailed(prep))
+        return prep.message;
+    // Validate permissions if provided
+    if (params.permissions) {
+        const invalid = params.permissions.filter(p => !ALL_PERMISSIONS.includes(p));
+        if (invalid.length > 0) {
+            return `# Invalid Permissions\n\nUnknown permissions: ${invalid.map(p => `\`${p}\``).join(', ')}\n\n**Available permissions:**\n${ALL_PERMISSIONS.map(p => `- \`${p}\``).join('\n')}`;
+        }
+    }
+    const body = { email: params.email };
+    if (params.name)
+        body.name = params.name;
+    if (params.permissions)
+        body.permissions = params.permissions;
+    const response = await (0, api_client_1.apiRequest)('/api/portal-admin/invitations', {
+        tenantId: prep.tenantId,
+        method: 'POST',
+        body,
+    });
+    if ((0, api_client_1.isApiError)(response)) {
+        if ((0, api_client_1.needsAuthError)(response)) {
+            const authResult = await (0, device_flow_1.ensureAuthenticated)();
+            if (!authResult.authenticated)
+                return authResult.message;
+            const retry = await (0, api_client_1.apiRequest)('/api/portal-admin/invitations', {
+                tenantId: prep.tenantId,
+                method: 'POST',
+                body,
+            });
+            if ((0, api_client_1.isApiError)(retry)) {
+                return `# Error Inviting Client\n\n${retry.error}\n\n**Status:** ${retry.statusCode}`;
+            }
+            return formatInviteResponse(retry.data);
+        }
+        return `# Error Inviting Client\n\n${response.error}\n\n**Status:** ${response.statusCode}`;
+    }
+    return formatInviteResponse(response.data);
+}
+function formatInviteResponse(invite) {
+    const permissions = invite.permissions;
+    return `# Client Invited Successfully
+
+**Email:** ${invite.email}${invite.name ? `\n**Name:** ${invite.name}` : ''}
+**Expires:** ${new Date(invite.expiresAt).toLocaleDateString()}
+
+## Invite Link
+
+> ${invite.inviteUrl}
+
+**Share this link with the client.** They will create a password and get portal access. The link expires in 7 days.
+
+## Permissions Granted
+${formatPermissions(permissions)}
+
+**Note:** The client portal has been auto-enabled for this project.
+`;
+}
+/**
+ * List all portal clients with access to this project
+ */
+async function listClients(params) {
+    const prep = await prepareRequest(params.projectId);
+    if (prepFailed(prep))
+        return prep.message;
+    const response = await (0, api_client_1.apiRequest)('/api/portal-admin/users', { tenantId: prep.tenantId, method: 'GET' });
+    if ((0, api_client_1.isApiError)(response)) {
+        if ((0, api_client_1.needsAuthError)(response)) {
+            const authResult = await (0, device_flow_1.ensureAuthenticated)();
+            if (!authResult.authenticated)
+                return authResult.message;
+            const retry = await (0, api_client_1.apiRequest)('/api/portal-admin/users', { tenantId: prep.tenantId, method: 'GET' });
+            if ((0, api_client_1.isApiError)(retry)) {
+                return `# Error Listing Clients\n\n${retry.error}\n\n**Status:** ${retry.statusCode}`;
+            }
+            return formatClientsList(retry.data, params.projectId);
+        }
+        return `# Error Listing Clients\n\n${response.error}\n\n**Status:** ${response.statusCode}`;
+    }
+    return formatClientsList(response.data, params.projectId);
+}
+function formatClientsList(clients, projectId) {
+    if (!clients || clients.length === 0) {
+        return `# No Portal Clients
+
+No clients have access to this project's portal yet.
+
+To invite a client:
+\`\`\`
+invite_client(projectId: "${projectId}", email: "client@example.com")
+\`\`\`
+`;
+    }
+    let output = `# Portal Clients
+
+Found ${clients.length} client${clients.length !== 1 ? 's' : ''} with access:
+
+| Name | Email | Permissions | Last Login | Access ID |
+|------|-------|-------------|------------|-----------|
+`;
+    for (const client of clients) {
+        const name = client.name || '-';
+        const perms = client.permissions.join(', ');
+        const lastLogin = client.lastLoginAt
+            ? new Date(client.lastLoginAt).toLocaleDateString()
+            : 'Never';
+        output += `| ${name} | ${client.email} | ${perms} | ${lastLogin} | \`${client.id}\` |\n`;
+    }
+    output += `
+---
+
+## Actions
+
+**Update permissions:**
+\`\`\`
+update_client_permissions(projectId: "${projectId}", accessId: "ACCESS_ID", permissions: ["cms.read", "cms.write"])
+\`\`\`
+
+**Revoke access** (requires user confirmation):
+\`\`\`
+revoke_client_access(projectId: "${projectId}", accessId: "ACCESS_ID", confirmRevoke: true)
+\`\`\`
+`;
+    return output;
+}
+/**
+ * List pending portal invitations
+ */
+async function listInvitations(params) {
+    const prep = await prepareRequest(params.projectId);
+    if (prepFailed(prep))
+        return prep.message;
+    const response = await (0, api_client_1.apiRequest)('/api/portal-admin/invitations', { tenantId: prep.tenantId, method: 'GET' });
+    if ((0, api_client_1.isApiError)(response)) {
+        if ((0, api_client_1.needsAuthError)(response)) {
+            const authResult = await (0, device_flow_1.ensureAuthenticated)();
+            if (!authResult.authenticated)
+                return authResult.message;
+            const retry = await (0, api_client_1.apiRequest)('/api/portal-admin/invitations', { tenantId: prep.tenantId, method: 'GET' });
+            if ((0, api_client_1.isApiError)(retry)) {
+                return `# Error Listing Invitations\n\n${retry.error}\n\n**Status:** ${retry.statusCode}`;
+            }
+            return formatInvitationsList(retry.data, params.projectId);
+        }
+        return `# Error Listing Invitations\n\n${response.error}\n\n**Status:** ${response.statusCode}`;
+    }
+    return formatInvitationsList(response.data, params.projectId);
+}
+function formatInvitationsList(invitations, projectId) {
+    if (!invitations || invitations.length === 0) {
+        return `# No Pending Invitations
+
+There are no pending invitations for this project.
+
+To invite a client:
+\`\`\`
+invite_client(projectId: "${projectId}", email: "client@example.com")
+\`\`\`
+`;
+    }
+    let output = `# Pending Invitations
+
+Found ${invitations.length} pending invitation${invitations.length !== 1 ? 's' : ''}:
+
+| Email | Name | Permissions | Expires | ID |
+|-------|------|-------------|---------|----|
+`;
+    for (const inv of invitations) {
+        const name = inv.name || '-';
+        const perms = inv.permissions.join(', ');
+        const expires = new Date(inv.expiresAt).toLocaleDateString();
+        output += `| ${inv.email} | ${name} | ${perms} | ${expires} | \`${inv.id}\` |\n`;
+    }
+    output += `
+---
+
+## Actions
+
+**Cancel an invitation** (requires user confirmation):
+\`\`\`
+cancel_invitation(projectId: "${projectId}", invitationId: "INVITATION_ID", confirmCancel: true)
+\`\`\`
+`;
+    return output;
+}
+/**
+ * Update a portal client's permissions
+ */
+async function updateClientPermissions(params) {
+    const prep = await prepareRequest(params.projectId);
+    if (prepFailed(prep))
+        return prep.message;
+    // Validate permissions
+    const invalid = params.permissions.filter(p => !ALL_PERMISSIONS.includes(p));
+    if (invalid.length > 0) {
+        return `# Invalid Permissions\n\nUnknown permissions: ${invalid.map(p => `\`${p}\``).join(', ')}\n\n**Available permissions:**\n${ALL_PERMISSIONS.map(p => `- \`${p}\``).join('\n')}`;
+    }
+    const response = await (0, api_client_1.apiRequest)(`/api/portal-admin/users/${params.accessId}`, {
+        tenantId: prep.tenantId,
+        method: 'PATCH',
+        body: { permissions: params.permissions },
+    });
+    if ((0, api_client_1.isApiError)(response)) {
+        if ((0, api_client_1.needsAuthError)(response)) {
+            const authResult = await (0, device_flow_1.ensureAuthenticated)();
+            if (!authResult.authenticated)
+                return authResult.message;
+            const retry = await (0, api_client_1.apiRequest)(`/api/portal-admin/users/${params.accessId}`, {
+                tenantId: prep.tenantId,
+                method: 'PATCH',
+                body: { permissions: params.permissions },
+            });
+            if ((0, api_client_1.isApiError)(retry)) {
+                return `# Error Updating Permissions\n\n${retry.error}\n\n**Status:** ${retry.statusCode}`;
+            }
+            return formatPermissionsUpdate(retry.data);
+        }
+        return `# Error Updating Permissions\n\n${response.error}\n\n**Status:** ${response.statusCode}`;
+    }
+    return formatPermissionsUpdate(response.data);
+}
+function formatPermissionsUpdate(client) {
+    return `# Permissions Updated
+
+**Client:** ${client.email}${client.name ? ` (${client.name})` : ''}
+**Access ID:** \`${client.id}\`
+
+## Updated Permissions
+${formatPermissions(client.permissions)}
+`;
+}
+/**
+ * Revoke a client's portal access
+ * REQUIRES confirmRevoke: true to execute
+ */
+async function revokeClientAccess(params) {
+    if (params.confirmRevoke !== true) {
+        return `# Confirmation Required
+
+**You must get explicit permission from the user before revoking client access.**
+
+To revoke access for client with access ID "${params.accessId}":
+
+1. Ask the user: "Are you sure you want to revoke this client's portal access?"
+2. Only after the user confirms, call this tool again with \`confirmRevoke: true\`
+
+**Never revoke access without user confirmation.**
+`;
+    }
+    const prep = await prepareRequest(params.projectId);
+    if (prepFailed(prep))
+        return prep.message;
+    const response = await (0, api_client_1.apiRequest)(`/api/portal-admin/users/${params.accessId}`, { tenantId: prep.tenantId, method: 'DELETE' });
+    if ((0, api_client_1.isApiError)(response)) {
+        if ((0, api_client_1.needsAuthError)(response)) {
+            const authResult = await (0, device_flow_1.ensureAuthenticated)();
+            if (!authResult.authenticated)
+                return authResult.message;
+            const retry = await (0, api_client_1.apiRequest)(`/api/portal-admin/users/${params.accessId}`, { tenantId: prep.tenantId, method: 'DELETE' });
+            if ((0, api_client_1.isApiError)(retry)) {
+                return `# Error Revoking Access\n\n${retry.error}\n\n**Status:** ${retry.statusCode}`;
+            }
+            return `# Client Access Revoked
+
+Successfully revoked portal access for access ID \`${params.accessId}\`.
+
+The client can no longer access the portal for this project.
+`;
+        }
+        return `# Error Revoking Access\n\n${response.error}\n\n**Status:** ${response.statusCode}`;
+    }
+    return `# Client Access Revoked
+
+Successfully revoked portal access for access ID \`${params.accessId}\`.
+
+The client can no longer access the portal for this project.
+`;
+}
+/**
+ * Cancel a pending portal invitation
+ * REQUIRES confirmCancel: true to execute
+ */
+async function cancelInvitation(params) {
+    if (params.confirmCancel !== true) {
+        return `# Confirmation Required
+
+**You must get explicit permission from the user before canceling an invitation.**
+
+To cancel invitation "${params.invitationId}":
+
+1. Ask the user: "Are you sure you want to cancel this invitation?"
+2. Only after the user confirms, call this tool again with \`confirmCancel: true\`
+
+**Never cancel invitations without user confirmation.**
+`;
+    }
+    const prep = await prepareRequest(params.projectId);
+    if (prepFailed(prep))
+        return prep.message;
+    const response = await (0, api_client_1.apiRequest)(`/api/portal-admin/invitations/${params.invitationId}`, { tenantId: prep.tenantId, method: 'DELETE' });
+    if ((0, api_client_1.isApiError)(response)) {
+        if ((0, api_client_1.needsAuthError)(response)) {
+            const authResult = await (0, device_flow_1.ensureAuthenticated)();
+            if (!authResult.authenticated)
+                return authResult.message;
+            const retry = await (0, api_client_1.apiRequest)(`/api/portal-admin/invitations/${params.invitationId}`, { tenantId: prep.tenantId, method: 'DELETE' });
+            if ((0, api_client_1.isApiError)(retry)) {
+                return `# Error Canceling Invitation\n\n${retry.error}\n\n**Status:** ${retry.statusCode}`;
+            }
+            return `# Invitation Canceled
+
+Successfully canceled invitation \`${params.invitationId}\`.
+
+The invitation link will no longer work.
+`;
+        }
+        return `# Error Canceling Invitation\n\n${response.error}\n\n**Status:** ${response.statusCode}`;
+    }
+    return `# Invitation Canceled
+
+Successfully canceled invitation \`${params.invitationId}\`.
+
+The invitation link will no longer work.
+`;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fastmode-mcp",
-  "version": "1.0.3",
+  "version": "1.1.0",
   "description": "MCP server for FastMode CMS. Convert websites, validate packages, and deploy directly to FastMode. Includes authentication, project creation, schema sync, and one-click deployment.",
   "main": "dist/index.js",
   "bin": {