librechat-data-provider 0.8.402 → 0.8.404
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.es.js +1 -1
- package/dist/index.es.js.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/react-query/index.es.js +1 -1
- package/dist/react-query/index.es.js.map +1 -1
- package/dist/types/accessPermissions.d.ts +744 -0
- package/dist/types/actions.d.ts +118 -0
- package/dist/types/api-endpoints.d.ts +150 -0
- package/dist/types/artifacts.d.ts +97 -0
- package/dist/types/azure.d.ts +22 -0
- package/dist/types/bedrock.d.ts +1220 -0
- package/dist/types/config.d.ts +14849 -0
- package/dist/types/config.spec.d.ts +1 -0
- package/dist/types/createPayload.d.ts +5 -0
- package/dist/types/data-service.d.ts +287 -0
- package/dist/types/feedback.d.ts +36 -0
- package/dist/types/file-config.d.ts +263 -0
- package/dist/types/file-config.spec.d.ts +1 -0
- package/dist/types/generate.d.ts +597 -0
- package/dist/types/headers-helpers.d.ts +2 -0
- package/{src/index.ts → dist/types/index.d.ts} +0 -15
- package/dist/types/keys.d.ts +92 -0
- package/dist/types/mcp.d.ts +2760 -0
- package/dist/types/messages.d.ts +10 -0
- package/dist/types/models.d.ts +1547 -0
- package/dist/types/parameterSettings.d.ts +69 -0
- package/dist/types/parsers.d.ts +110 -0
- package/dist/types/permissions.d.ts +522 -0
- package/dist/types/react-query/react-query-service.d.ts +85 -0
- package/dist/types/request.d.ts +25 -0
- package/dist/types/roles.d.ts +554 -0
- package/dist/types/roles.spec.d.ts +1 -0
- package/dist/types/schemas.d.ts +5110 -0
- package/dist/types/schemas.spec.d.ts +1 -0
- package/dist/types/types/agents.d.ts +433 -0
- package/dist/types/types/assistants.d.ts +547 -0
- package/dist/types/types/files.d.ts +172 -0
- package/dist/types/types/graph.d.ts +135 -0
- package/{src/types/mcpServers.ts → dist/types/types/mcpServers.d.ts} +12 -18
- package/dist/types/types/mutations.d.ts +209 -0
- package/dist/types/types/queries.d.ts +169 -0
- package/dist/types/types/runs.d.ts +36 -0
- package/dist/types/types/web.d.ts +520 -0
- package/dist/types/types.d.ts +503 -0
- package/dist/types/utils.d.ts +12 -0
- package/package.json +5 -1
- package/babel.config.js +0 -4
- package/check_updates.sh +0 -52
- package/jest.config.js +0 -19
- package/react-query/package-lock.json +0 -292
- package/react-query/package.json +0 -10
- package/rollup.config.js +0 -74
- package/server-rollup.config.js +0 -40
- package/specs/actions.spec.ts +0 -2533
- package/specs/api-endpoints-subdir.spec.ts +0 -140
- package/specs/api-endpoints.spec.ts +0 -74
- package/specs/azure.spec.ts +0 -844
- package/specs/bedrock.spec.ts +0 -862
- package/specs/filetypes.spec.ts +0 -175
- package/specs/generate.spec.ts +0 -770
- package/specs/headers-helpers.spec.ts +0 -24
- package/specs/mcp.spec.ts +0 -147
- package/specs/openapiSpecs.ts +0 -524
- package/specs/parsers.spec.ts +0 -601
- package/specs/request-interceptor.spec.ts +0 -304
- package/specs/utils.spec.ts +0 -196
- package/src/accessPermissions.ts +0 -346
- package/src/actions.ts +0 -813
- package/src/api-endpoints.ts +0 -440
- package/src/artifacts.ts +0 -3104
- package/src/azure.ts +0 -328
- package/src/bedrock.ts +0 -425
- package/src/config.spec.ts +0 -315
- package/src/config.ts +0 -2006
- package/src/createPayload.ts +0 -46
- package/src/data-service.ts +0 -1087
- package/src/feedback.ts +0 -141
- package/src/file-config.spec.ts +0 -1248
- package/src/file-config.ts +0 -764
- package/src/generate.ts +0 -634
- package/src/headers-helpers.ts +0 -13
- package/src/keys.ts +0 -99
- package/src/mcp.ts +0 -271
- package/src/messages.ts +0 -50
- package/src/models.ts +0 -69
- package/src/parameterSettings.ts +0 -1111
- package/src/parsers.ts +0 -563
- package/src/permissions.ts +0 -188
- package/src/react-query/react-query-service.ts +0 -566
- package/src/request.ts +0 -171
- package/src/roles.spec.ts +0 -132
- package/src/roles.ts +0 -225
- package/src/schemas.spec.ts +0 -355
- package/src/schemas.ts +0 -1234
- package/src/types/agents.ts +0 -470
- package/src/types/assistants.ts +0 -654
- package/src/types/files.ts +0 -191
- package/src/types/graph.ts +0 -145
- package/src/types/mutations.ts +0 -422
- package/src/types/queries.ts +0 -208
- package/src/types/runs.ts +0 -40
- package/src/types/web.ts +0 -588
- package/src/types.ts +0 -676
- package/src/utils.ts +0 -85
- package/tsconfig.json +0 -28
- package/tsconfig.spec.json +0 -10
- /package/{src/react-query/index.ts → dist/types/react-query/index.d.ts} +0 -0
- /package/{src/types/index.ts → dist/types/types/index.d.ts} +0 -0
|
@@ -0,0 +1,744 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
/**
|
|
3
|
+
* Granular Permission System Types for Agent Sharing
|
|
4
|
+
*
|
|
5
|
+
* This file contains TypeScript interfaces and Zod schemas for the enhanced
|
|
6
|
+
* agent permission system that supports sharing with specific users/groups
|
|
7
|
+
* and Entra ID integration.
|
|
8
|
+
*/
|
|
9
|
+
/**
|
|
10
|
+
* Principal types for permission system
|
|
11
|
+
*/
|
|
12
|
+
export declare enum PrincipalType {
|
|
13
|
+
USER = "user",
|
|
14
|
+
GROUP = "group",
|
|
15
|
+
PUBLIC = "public",
|
|
16
|
+
ROLE = "role"
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Principal model types for MongoDB references
|
|
20
|
+
*/
|
|
21
|
+
export declare enum PrincipalModel {
|
|
22
|
+
USER = "User",
|
|
23
|
+
GROUP = "Group",
|
|
24
|
+
ROLE = "Role"
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* Source of the principal (local LibreChat or external Entra ID)
|
|
28
|
+
*/
|
|
29
|
+
export type TPrincipalSource = 'local' | 'entra';
|
|
30
|
+
/**
|
|
31
|
+
* Access levels for agents
|
|
32
|
+
*/
|
|
33
|
+
export type TAccessLevel = 'none' | 'viewer' | 'editor' | 'owner';
|
|
34
|
+
/**
|
|
35
|
+
* Resource types for permission system
|
|
36
|
+
*/
|
|
37
|
+
export declare enum ResourceType {
|
|
38
|
+
AGENT = "agent",
|
|
39
|
+
PROMPTGROUP = "promptGroup",
|
|
40
|
+
MCPSERVER = "mcpServer",
|
|
41
|
+
REMOTE_AGENT = "remoteAgent"
|
|
42
|
+
}
|
|
43
|
+
/**
|
|
44
|
+
* Permission bit constants for bitwise operations
|
|
45
|
+
*/
|
|
46
|
+
export declare enum PermissionBits {
|
|
47
|
+
/** 001 - Can view and use agent */
|
|
48
|
+
VIEW = 1,
|
|
49
|
+
/** 010 - Can modify agent settings */
|
|
50
|
+
EDIT = 2,
|
|
51
|
+
/** 100 - Can delete agent */
|
|
52
|
+
DELETE = 4,
|
|
53
|
+
/** 1000 - Can share agent with others (future) */
|
|
54
|
+
SHARE = 8
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* Standard access role IDs
|
|
58
|
+
*/
|
|
59
|
+
export declare enum AccessRoleIds {
|
|
60
|
+
AGENT_VIEWER = "agent_viewer",
|
|
61
|
+
AGENT_EDITOR = "agent_editor",
|
|
62
|
+
AGENT_OWNER = "agent_owner",
|
|
63
|
+
PROMPTGROUP_VIEWER = "promptGroup_viewer",
|
|
64
|
+
PROMPTGROUP_EDITOR = "promptGroup_editor",
|
|
65
|
+
PROMPTGROUP_OWNER = "promptGroup_owner",
|
|
66
|
+
MCPSERVER_VIEWER = "mcpServer_viewer",
|
|
67
|
+
MCPSERVER_EDITOR = "mcpServer_editor",
|
|
68
|
+
MCPSERVER_OWNER = "mcpServer_owner",
|
|
69
|
+
REMOTE_AGENT_VIEWER = "remoteAgent_viewer",
|
|
70
|
+
REMOTE_AGENT_EDITOR = "remoteAgent_editor",
|
|
71
|
+
REMOTE_AGENT_OWNER = "remoteAgent_owner"
|
|
72
|
+
}
|
|
73
|
+
/**
|
|
74
|
+
* Principal schema - represents a user, group, role, or public access
|
|
75
|
+
*/
|
|
76
|
+
export declare const principalSchema: z.ZodObject<{
|
|
77
|
+
type: z.ZodNativeEnum<typeof PrincipalType>;
|
|
78
|
+
id: z.ZodOptional<z.ZodString>;
|
|
79
|
+
name: z.ZodOptional<z.ZodString>;
|
|
80
|
+
email: z.ZodOptional<z.ZodString>;
|
|
81
|
+
source: z.ZodOptional<z.ZodEnum<["local", "entra"]>>;
|
|
82
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
83
|
+
description: z.ZodOptional<z.ZodString>;
|
|
84
|
+
idOnTheSource: z.ZodOptional<z.ZodString>;
|
|
85
|
+
accessRoleId: z.ZodOptional<z.ZodNativeEnum<typeof AccessRoleIds>>;
|
|
86
|
+
memberCount: z.ZodOptional<z.ZodNumber>;
|
|
87
|
+
}, "strip", z.ZodTypeAny, {
|
|
88
|
+
type: PrincipalType;
|
|
89
|
+
id?: string | undefined;
|
|
90
|
+
name?: string | undefined;
|
|
91
|
+
email?: string | undefined;
|
|
92
|
+
source?: "local" | "entra" | undefined;
|
|
93
|
+
avatar?: string | undefined;
|
|
94
|
+
description?: string | undefined;
|
|
95
|
+
idOnTheSource?: string | undefined;
|
|
96
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
97
|
+
memberCount?: number | undefined;
|
|
98
|
+
}, {
|
|
99
|
+
type: PrincipalType;
|
|
100
|
+
id?: string | undefined;
|
|
101
|
+
name?: string | undefined;
|
|
102
|
+
email?: string | undefined;
|
|
103
|
+
source?: "local" | "entra" | undefined;
|
|
104
|
+
avatar?: string | undefined;
|
|
105
|
+
description?: string | undefined;
|
|
106
|
+
idOnTheSource?: string | undefined;
|
|
107
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
108
|
+
memberCount?: number | undefined;
|
|
109
|
+
}>;
|
|
110
|
+
/**
|
|
111
|
+
* Access role schema - defines named permission sets
|
|
112
|
+
*/
|
|
113
|
+
export declare const accessRoleSchema: z.ZodObject<{
|
|
114
|
+
accessRoleId: z.ZodNativeEnum<typeof AccessRoleIds>;
|
|
115
|
+
name: z.ZodString;
|
|
116
|
+
description: z.ZodOptional<z.ZodString>;
|
|
117
|
+
resourceType: z.ZodDefault<z.ZodNativeEnum<typeof ResourceType>>;
|
|
118
|
+
permBits: z.ZodNumber;
|
|
119
|
+
}, "strip", z.ZodTypeAny, {
|
|
120
|
+
name: string;
|
|
121
|
+
accessRoleId: AccessRoleIds;
|
|
122
|
+
resourceType: ResourceType;
|
|
123
|
+
permBits: number;
|
|
124
|
+
description?: string | undefined;
|
|
125
|
+
}, {
|
|
126
|
+
name: string;
|
|
127
|
+
accessRoleId: AccessRoleIds;
|
|
128
|
+
permBits: number;
|
|
129
|
+
description?: string | undefined;
|
|
130
|
+
resourceType?: ResourceType | undefined;
|
|
131
|
+
}>;
|
|
132
|
+
/**
|
|
133
|
+
* Permission entry schema - represents a single ACL entry
|
|
134
|
+
*/
|
|
135
|
+
export declare const permissionEntrySchema: z.ZodObject<{
|
|
136
|
+
id: z.ZodString;
|
|
137
|
+
principalType: z.ZodNativeEnum<typeof PrincipalType>;
|
|
138
|
+
principalId: z.ZodOptional<z.ZodString>;
|
|
139
|
+
principalName: z.ZodOptional<z.ZodString>;
|
|
140
|
+
role: z.ZodObject<{
|
|
141
|
+
accessRoleId: z.ZodNativeEnum<typeof AccessRoleIds>;
|
|
142
|
+
name: z.ZodString;
|
|
143
|
+
description: z.ZodOptional<z.ZodString>;
|
|
144
|
+
resourceType: z.ZodDefault<z.ZodNativeEnum<typeof ResourceType>>;
|
|
145
|
+
permBits: z.ZodNumber;
|
|
146
|
+
}, "strip", z.ZodTypeAny, {
|
|
147
|
+
name: string;
|
|
148
|
+
accessRoleId: AccessRoleIds;
|
|
149
|
+
resourceType: ResourceType;
|
|
150
|
+
permBits: number;
|
|
151
|
+
description?: string | undefined;
|
|
152
|
+
}, {
|
|
153
|
+
name: string;
|
|
154
|
+
accessRoleId: AccessRoleIds;
|
|
155
|
+
permBits: number;
|
|
156
|
+
description?: string | undefined;
|
|
157
|
+
resourceType?: ResourceType | undefined;
|
|
158
|
+
}>;
|
|
159
|
+
grantedBy: z.ZodString;
|
|
160
|
+
grantedAt: z.ZodString;
|
|
161
|
+
inheritedFrom: z.ZodOptional<z.ZodString>;
|
|
162
|
+
source: z.ZodOptional<z.ZodEnum<["local", "entra"]>>;
|
|
163
|
+
}, "strip", z.ZodTypeAny, {
|
|
164
|
+
role: {
|
|
165
|
+
name: string;
|
|
166
|
+
accessRoleId: AccessRoleIds;
|
|
167
|
+
resourceType: ResourceType;
|
|
168
|
+
permBits: number;
|
|
169
|
+
description?: string | undefined;
|
|
170
|
+
};
|
|
171
|
+
id: string;
|
|
172
|
+
principalType: PrincipalType;
|
|
173
|
+
grantedBy: string;
|
|
174
|
+
grantedAt: string;
|
|
175
|
+
source?: "local" | "entra" | undefined;
|
|
176
|
+
principalId?: string | undefined;
|
|
177
|
+
principalName?: string | undefined;
|
|
178
|
+
inheritedFrom?: string | undefined;
|
|
179
|
+
}, {
|
|
180
|
+
role: {
|
|
181
|
+
name: string;
|
|
182
|
+
accessRoleId: AccessRoleIds;
|
|
183
|
+
permBits: number;
|
|
184
|
+
description?: string | undefined;
|
|
185
|
+
resourceType?: ResourceType | undefined;
|
|
186
|
+
};
|
|
187
|
+
id: string;
|
|
188
|
+
principalType: PrincipalType;
|
|
189
|
+
grantedBy: string;
|
|
190
|
+
grantedAt: string;
|
|
191
|
+
source?: "local" | "entra" | undefined;
|
|
192
|
+
principalId?: string | undefined;
|
|
193
|
+
principalName?: string | undefined;
|
|
194
|
+
inheritedFrom?: string | undefined;
|
|
195
|
+
}>;
|
|
196
|
+
/**
|
|
197
|
+
* Resource permissions response schema
|
|
198
|
+
*/
|
|
199
|
+
export declare const resourcePermissionsResponseSchema: z.ZodObject<{
|
|
200
|
+
resourceType: z.ZodNativeEnum<typeof ResourceType>;
|
|
201
|
+
resourceId: z.ZodString;
|
|
202
|
+
permissions: z.ZodArray<z.ZodObject<{
|
|
203
|
+
id: z.ZodString;
|
|
204
|
+
principalType: z.ZodNativeEnum<typeof PrincipalType>;
|
|
205
|
+
principalId: z.ZodOptional<z.ZodString>;
|
|
206
|
+
principalName: z.ZodOptional<z.ZodString>;
|
|
207
|
+
role: z.ZodObject<{
|
|
208
|
+
accessRoleId: z.ZodNativeEnum<typeof AccessRoleIds>;
|
|
209
|
+
name: z.ZodString;
|
|
210
|
+
description: z.ZodOptional<z.ZodString>;
|
|
211
|
+
resourceType: z.ZodDefault<z.ZodNativeEnum<typeof ResourceType>>;
|
|
212
|
+
permBits: z.ZodNumber;
|
|
213
|
+
}, "strip", z.ZodTypeAny, {
|
|
214
|
+
name: string;
|
|
215
|
+
accessRoleId: AccessRoleIds;
|
|
216
|
+
resourceType: ResourceType;
|
|
217
|
+
permBits: number;
|
|
218
|
+
description?: string | undefined;
|
|
219
|
+
}, {
|
|
220
|
+
name: string;
|
|
221
|
+
accessRoleId: AccessRoleIds;
|
|
222
|
+
permBits: number;
|
|
223
|
+
description?: string | undefined;
|
|
224
|
+
resourceType?: ResourceType | undefined;
|
|
225
|
+
}>;
|
|
226
|
+
grantedBy: z.ZodString;
|
|
227
|
+
grantedAt: z.ZodString;
|
|
228
|
+
inheritedFrom: z.ZodOptional<z.ZodString>;
|
|
229
|
+
source: z.ZodOptional<z.ZodEnum<["local", "entra"]>>;
|
|
230
|
+
}, "strip", z.ZodTypeAny, {
|
|
231
|
+
role: {
|
|
232
|
+
name: string;
|
|
233
|
+
accessRoleId: AccessRoleIds;
|
|
234
|
+
resourceType: ResourceType;
|
|
235
|
+
permBits: number;
|
|
236
|
+
description?: string | undefined;
|
|
237
|
+
};
|
|
238
|
+
id: string;
|
|
239
|
+
principalType: PrincipalType;
|
|
240
|
+
grantedBy: string;
|
|
241
|
+
grantedAt: string;
|
|
242
|
+
source?: "local" | "entra" | undefined;
|
|
243
|
+
principalId?: string | undefined;
|
|
244
|
+
principalName?: string | undefined;
|
|
245
|
+
inheritedFrom?: string | undefined;
|
|
246
|
+
}, {
|
|
247
|
+
role: {
|
|
248
|
+
name: string;
|
|
249
|
+
accessRoleId: AccessRoleIds;
|
|
250
|
+
permBits: number;
|
|
251
|
+
description?: string | undefined;
|
|
252
|
+
resourceType?: ResourceType | undefined;
|
|
253
|
+
};
|
|
254
|
+
id: string;
|
|
255
|
+
principalType: PrincipalType;
|
|
256
|
+
grantedBy: string;
|
|
257
|
+
grantedAt: string;
|
|
258
|
+
source?: "local" | "entra" | undefined;
|
|
259
|
+
principalId?: string | undefined;
|
|
260
|
+
principalName?: string | undefined;
|
|
261
|
+
inheritedFrom?: string | undefined;
|
|
262
|
+
}>, "many">;
|
|
263
|
+
}, "strip", z.ZodTypeAny, {
|
|
264
|
+
resourceType: ResourceType;
|
|
265
|
+
resourceId: string;
|
|
266
|
+
permissions: {
|
|
267
|
+
role: {
|
|
268
|
+
name: string;
|
|
269
|
+
accessRoleId: AccessRoleIds;
|
|
270
|
+
resourceType: ResourceType;
|
|
271
|
+
permBits: number;
|
|
272
|
+
description?: string | undefined;
|
|
273
|
+
};
|
|
274
|
+
id: string;
|
|
275
|
+
principalType: PrincipalType;
|
|
276
|
+
grantedBy: string;
|
|
277
|
+
grantedAt: string;
|
|
278
|
+
source?: "local" | "entra" | undefined;
|
|
279
|
+
principalId?: string | undefined;
|
|
280
|
+
principalName?: string | undefined;
|
|
281
|
+
inheritedFrom?: string | undefined;
|
|
282
|
+
}[];
|
|
283
|
+
}, {
|
|
284
|
+
resourceType: ResourceType;
|
|
285
|
+
resourceId: string;
|
|
286
|
+
permissions: {
|
|
287
|
+
role: {
|
|
288
|
+
name: string;
|
|
289
|
+
accessRoleId: AccessRoleIds;
|
|
290
|
+
permBits: number;
|
|
291
|
+
description?: string | undefined;
|
|
292
|
+
resourceType?: ResourceType | undefined;
|
|
293
|
+
};
|
|
294
|
+
id: string;
|
|
295
|
+
principalType: PrincipalType;
|
|
296
|
+
grantedBy: string;
|
|
297
|
+
grantedAt: string;
|
|
298
|
+
source?: "local" | "entra" | undefined;
|
|
299
|
+
principalId?: string | undefined;
|
|
300
|
+
principalName?: string | undefined;
|
|
301
|
+
inheritedFrom?: string | undefined;
|
|
302
|
+
}[];
|
|
303
|
+
}>;
|
|
304
|
+
/**
|
|
305
|
+
* Update resource permissions request schema
|
|
306
|
+
* This matches the user's requirement for the frontend DTO structure
|
|
307
|
+
*/
|
|
308
|
+
export declare const updateResourcePermissionsRequestSchema: z.ZodObject<{
|
|
309
|
+
updated: z.ZodArray<z.ZodObject<{
|
|
310
|
+
type: z.ZodNativeEnum<typeof PrincipalType>;
|
|
311
|
+
id: z.ZodOptional<z.ZodString>;
|
|
312
|
+
name: z.ZodOptional<z.ZodString>;
|
|
313
|
+
email: z.ZodOptional<z.ZodString>;
|
|
314
|
+
source: z.ZodOptional<z.ZodEnum<["local", "entra"]>>;
|
|
315
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
316
|
+
description: z.ZodOptional<z.ZodString>;
|
|
317
|
+
idOnTheSource: z.ZodOptional<z.ZodString>;
|
|
318
|
+
accessRoleId: z.ZodOptional<z.ZodNativeEnum<typeof AccessRoleIds>>;
|
|
319
|
+
memberCount: z.ZodOptional<z.ZodNumber>;
|
|
320
|
+
}, "strip", z.ZodTypeAny, {
|
|
321
|
+
type: PrincipalType;
|
|
322
|
+
id?: string | undefined;
|
|
323
|
+
name?: string | undefined;
|
|
324
|
+
email?: string | undefined;
|
|
325
|
+
source?: "local" | "entra" | undefined;
|
|
326
|
+
avatar?: string | undefined;
|
|
327
|
+
description?: string | undefined;
|
|
328
|
+
idOnTheSource?: string | undefined;
|
|
329
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
330
|
+
memberCount?: number | undefined;
|
|
331
|
+
}, {
|
|
332
|
+
type: PrincipalType;
|
|
333
|
+
id?: string | undefined;
|
|
334
|
+
name?: string | undefined;
|
|
335
|
+
email?: string | undefined;
|
|
336
|
+
source?: "local" | "entra" | undefined;
|
|
337
|
+
avatar?: string | undefined;
|
|
338
|
+
description?: string | undefined;
|
|
339
|
+
idOnTheSource?: string | undefined;
|
|
340
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
341
|
+
memberCount?: number | undefined;
|
|
342
|
+
}>, "many">;
|
|
343
|
+
removed: z.ZodArray<z.ZodObject<{
|
|
344
|
+
type: z.ZodNativeEnum<typeof PrincipalType>;
|
|
345
|
+
id: z.ZodOptional<z.ZodString>;
|
|
346
|
+
name: z.ZodOptional<z.ZodString>;
|
|
347
|
+
email: z.ZodOptional<z.ZodString>;
|
|
348
|
+
source: z.ZodOptional<z.ZodEnum<["local", "entra"]>>;
|
|
349
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
350
|
+
description: z.ZodOptional<z.ZodString>;
|
|
351
|
+
idOnTheSource: z.ZodOptional<z.ZodString>;
|
|
352
|
+
accessRoleId: z.ZodOptional<z.ZodNativeEnum<typeof AccessRoleIds>>;
|
|
353
|
+
memberCount: z.ZodOptional<z.ZodNumber>;
|
|
354
|
+
}, "strip", z.ZodTypeAny, {
|
|
355
|
+
type: PrincipalType;
|
|
356
|
+
id?: string | undefined;
|
|
357
|
+
name?: string | undefined;
|
|
358
|
+
email?: string | undefined;
|
|
359
|
+
source?: "local" | "entra" | undefined;
|
|
360
|
+
avatar?: string | undefined;
|
|
361
|
+
description?: string | undefined;
|
|
362
|
+
idOnTheSource?: string | undefined;
|
|
363
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
364
|
+
memberCount?: number | undefined;
|
|
365
|
+
}, {
|
|
366
|
+
type: PrincipalType;
|
|
367
|
+
id?: string | undefined;
|
|
368
|
+
name?: string | undefined;
|
|
369
|
+
email?: string | undefined;
|
|
370
|
+
source?: "local" | "entra" | undefined;
|
|
371
|
+
avatar?: string | undefined;
|
|
372
|
+
description?: string | undefined;
|
|
373
|
+
idOnTheSource?: string | undefined;
|
|
374
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
375
|
+
memberCount?: number | undefined;
|
|
376
|
+
}>, "many">;
|
|
377
|
+
public: z.ZodBoolean;
|
|
378
|
+
publicAccessRoleId: z.ZodOptional<z.ZodString>;
|
|
379
|
+
}, "strip", z.ZodTypeAny, {
|
|
380
|
+
public: boolean;
|
|
381
|
+
updated: {
|
|
382
|
+
type: PrincipalType;
|
|
383
|
+
id?: string | undefined;
|
|
384
|
+
name?: string | undefined;
|
|
385
|
+
email?: string | undefined;
|
|
386
|
+
source?: "local" | "entra" | undefined;
|
|
387
|
+
avatar?: string | undefined;
|
|
388
|
+
description?: string | undefined;
|
|
389
|
+
idOnTheSource?: string | undefined;
|
|
390
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
391
|
+
memberCount?: number | undefined;
|
|
392
|
+
}[];
|
|
393
|
+
removed: {
|
|
394
|
+
type: PrincipalType;
|
|
395
|
+
id?: string | undefined;
|
|
396
|
+
name?: string | undefined;
|
|
397
|
+
email?: string | undefined;
|
|
398
|
+
source?: "local" | "entra" | undefined;
|
|
399
|
+
avatar?: string | undefined;
|
|
400
|
+
description?: string | undefined;
|
|
401
|
+
idOnTheSource?: string | undefined;
|
|
402
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
403
|
+
memberCount?: number | undefined;
|
|
404
|
+
}[];
|
|
405
|
+
publicAccessRoleId?: string | undefined;
|
|
406
|
+
}, {
|
|
407
|
+
public: boolean;
|
|
408
|
+
updated: {
|
|
409
|
+
type: PrincipalType;
|
|
410
|
+
id?: string | undefined;
|
|
411
|
+
name?: string | undefined;
|
|
412
|
+
email?: string | undefined;
|
|
413
|
+
source?: "local" | "entra" | undefined;
|
|
414
|
+
avatar?: string | undefined;
|
|
415
|
+
description?: string | undefined;
|
|
416
|
+
idOnTheSource?: string | undefined;
|
|
417
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
418
|
+
memberCount?: number | undefined;
|
|
419
|
+
}[];
|
|
420
|
+
removed: {
|
|
421
|
+
type: PrincipalType;
|
|
422
|
+
id?: string | undefined;
|
|
423
|
+
name?: string | undefined;
|
|
424
|
+
email?: string | undefined;
|
|
425
|
+
source?: "local" | "entra" | undefined;
|
|
426
|
+
avatar?: string | undefined;
|
|
427
|
+
description?: string | undefined;
|
|
428
|
+
idOnTheSource?: string | undefined;
|
|
429
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
430
|
+
memberCount?: number | undefined;
|
|
431
|
+
}[];
|
|
432
|
+
publicAccessRoleId?: string | undefined;
|
|
433
|
+
}>;
|
|
434
|
+
/**
|
|
435
|
+
* Update resource permissions response schema
|
|
436
|
+
* Returns the updated permissions with accessRoleId included
|
|
437
|
+
*/
|
|
438
|
+
export declare const updateResourcePermissionsResponseSchema: z.ZodObject<{
|
|
439
|
+
message: z.ZodString;
|
|
440
|
+
results: z.ZodObject<{
|
|
441
|
+
principals: z.ZodArray<z.ZodObject<{
|
|
442
|
+
type: z.ZodNativeEnum<typeof PrincipalType>;
|
|
443
|
+
id: z.ZodOptional<z.ZodString>;
|
|
444
|
+
name: z.ZodOptional<z.ZodString>;
|
|
445
|
+
email: z.ZodOptional<z.ZodString>;
|
|
446
|
+
source: z.ZodOptional<z.ZodEnum<["local", "entra"]>>;
|
|
447
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
448
|
+
description: z.ZodOptional<z.ZodString>;
|
|
449
|
+
idOnTheSource: z.ZodOptional<z.ZodString>;
|
|
450
|
+
accessRoleId: z.ZodOptional<z.ZodNativeEnum<typeof AccessRoleIds>>;
|
|
451
|
+
memberCount: z.ZodOptional<z.ZodNumber>;
|
|
452
|
+
}, "strip", z.ZodTypeAny, {
|
|
453
|
+
type: PrincipalType;
|
|
454
|
+
id?: string | undefined;
|
|
455
|
+
name?: string | undefined;
|
|
456
|
+
email?: string | undefined;
|
|
457
|
+
source?: "local" | "entra" | undefined;
|
|
458
|
+
avatar?: string | undefined;
|
|
459
|
+
description?: string | undefined;
|
|
460
|
+
idOnTheSource?: string | undefined;
|
|
461
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
462
|
+
memberCount?: number | undefined;
|
|
463
|
+
}, {
|
|
464
|
+
type: PrincipalType;
|
|
465
|
+
id?: string | undefined;
|
|
466
|
+
name?: string | undefined;
|
|
467
|
+
email?: string | undefined;
|
|
468
|
+
source?: "local" | "entra" | undefined;
|
|
469
|
+
avatar?: string | undefined;
|
|
470
|
+
description?: string | undefined;
|
|
471
|
+
idOnTheSource?: string | undefined;
|
|
472
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
473
|
+
memberCount?: number | undefined;
|
|
474
|
+
}>, "many">;
|
|
475
|
+
public: z.ZodBoolean;
|
|
476
|
+
publicAccessRoleId: z.ZodOptional<z.ZodString>;
|
|
477
|
+
}, "strip", z.ZodTypeAny, {
|
|
478
|
+
public: boolean;
|
|
479
|
+
principals: {
|
|
480
|
+
type: PrincipalType;
|
|
481
|
+
id?: string | undefined;
|
|
482
|
+
name?: string | undefined;
|
|
483
|
+
email?: string | undefined;
|
|
484
|
+
source?: "local" | "entra" | undefined;
|
|
485
|
+
avatar?: string | undefined;
|
|
486
|
+
description?: string | undefined;
|
|
487
|
+
idOnTheSource?: string | undefined;
|
|
488
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
489
|
+
memberCount?: number | undefined;
|
|
490
|
+
}[];
|
|
491
|
+
publicAccessRoleId?: string | undefined;
|
|
492
|
+
}, {
|
|
493
|
+
public: boolean;
|
|
494
|
+
principals: {
|
|
495
|
+
type: PrincipalType;
|
|
496
|
+
id?: string | undefined;
|
|
497
|
+
name?: string | undefined;
|
|
498
|
+
email?: string | undefined;
|
|
499
|
+
source?: "local" | "entra" | undefined;
|
|
500
|
+
avatar?: string | undefined;
|
|
501
|
+
description?: string | undefined;
|
|
502
|
+
idOnTheSource?: string | undefined;
|
|
503
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
504
|
+
memberCount?: number | undefined;
|
|
505
|
+
}[];
|
|
506
|
+
publicAccessRoleId?: string | undefined;
|
|
507
|
+
}>;
|
|
508
|
+
}, "strip", z.ZodTypeAny, {
|
|
509
|
+
message: string;
|
|
510
|
+
results: {
|
|
511
|
+
public: boolean;
|
|
512
|
+
principals: {
|
|
513
|
+
type: PrincipalType;
|
|
514
|
+
id?: string | undefined;
|
|
515
|
+
name?: string | undefined;
|
|
516
|
+
email?: string | undefined;
|
|
517
|
+
source?: "local" | "entra" | undefined;
|
|
518
|
+
avatar?: string | undefined;
|
|
519
|
+
description?: string | undefined;
|
|
520
|
+
idOnTheSource?: string | undefined;
|
|
521
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
522
|
+
memberCount?: number | undefined;
|
|
523
|
+
}[];
|
|
524
|
+
publicAccessRoleId?: string | undefined;
|
|
525
|
+
};
|
|
526
|
+
}, {
|
|
527
|
+
message: string;
|
|
528
|
+
results: {
|
|
529
|
+
public: boolean;
|
|
530
|
+
principals: {
|
|
531
|
+
type: PrincipalType;
|
|
532
|
+
id?: string | undefined;
|
|
533
|
+
name?: string | undefined;
|
|
534
|
+
email?: string | undefined;
|
|
535
|
+
source?: "local" | "entra" | undefined;
|
|
536
|
+
avatar?: string | undefined;
|
|
537
|
+
description?: string | undefined;
|
|
538
|
+
idOnTheSource?: string | undefined;
|
|
539
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
540
|
+
memberCount?: number | undefined;
|
|
541
|
+
}[];
|
|
542
|
+
publicAccessRoleId?: string | undefined;
|
|
543
|
+
};
|
|
544
|
+
}>;
|
|
545
|
+
/**
|
|
546
|
+
* Principal - represents a user, group, or public access
|
|
547
|
+
*/
|
|
548
|
+
export type TPrincipal = z.infer<typeof principalSchema>;
|
|
549
|
+
/**
|
|
550
|
+
* Access role - defines named permission sets
|
|
551
|
+
*/
|
|
552
|
+
export type TAccessRole = z.infer<typeof accessRoleSchema>;
|
|
553
|
+
/**
|
|
554
|
+
* Permission entry - represents a single ACL entry
|
|
555
|
+
*/
|
|
556
|
+
export type TPermissionEntry = z.infer<typeof permissionEntrySchema>;
|
|
557
|
+
/**
|
|
558
|
+
* Resource permissions response
|
|
559
|
+
*/
|
|
560
|
+
export type TResourcePermissionsResponse = z.infer<typeof resourcePermissionsResponseSchema>;
|
|
561
|
+
/**
|
|
562
|
+
* Update resource permissions request
|
|
563
|
+
* This matches the user's requirement for the frontend DTO structure
|
|
564
|
+
*/
|
|
565
|
+
export type TUpdateResourcePermissionsRequest = z.infer<typeof updateResourcePermissionsRequestSchema>;
|
|
566
|
+
/**
|
|
567
|
+
* Update resource permissions response
|
|
568
|
+
* Returns the updated permissions with accessRoleId included
|
|
569
|
+
*/
|
|
570
|
+
export type TUpdateResourcePermissionsResponse = z.infer<typeof updateResourcePermissionsResponseSchema>;
|
|
571
|
+
/**
|
|
572
|
+
* Principal search request parameters
|
|
573
|
+
*/
|
|
574
|
+
export type TPrincipalSearchParams = {
|
|
575
|
+
q: string;
|
|
576
|
+
limit?: number;
|
|
577
|
+
types?: Array<PrincipalType.USER | PrincipalType.GROUP | PrincipalType.ROLE>;
|
|
578
|
+
};
|
|
579
|
+
/**
|
|
580
|
+
* Principal search result item
|
|
581
|
+
*/
|
|
582
|
+
export type TPrincipalSearchResult = {
|
|
583
|
+
id?: string | null;
|
|
584
|
+
type: PrincipalType.USER | PrincipalType.GROUP | PrincipalType.ROLE;
|
|
585
|
+
name: string;
|
|
586
|
+
email?: string;
|
|
587
|
+
username?: string;
|
|
588
|
+
avatar?: string;
|
|
589
|
+
provider?: string;
|
|
590
|
+
source: 'local' | 'entra';
|
|
591
|
+
memberCount?: number;
|
|
592
|
+
description?: string;
|
|
593
|
+
idOnTheSource?: string;
|
|
594
|
+
};
|
|
595
|
+
/**
|
|
596
|
+
* Principal search response
|
|
597
|
+
*/
|
|
598
|
+
export type TPrincipalSearchResponse = {
|
|
599
|
+
query: string;
|
|
600
|
+
limit: number;
|
|
601
|
+
types?: Array<PrincipalType.USER | PrincipalType.GROUP | PrincipalType.ROLE> | null;
|
|
602
|
+
results: TPrincipalSearchResult[];
|
|
603
|
+
count: number;
|
|
604
|
+
sources: {
|
|
605
|
+
local: number;
|
|
606
|
+
entra: number;
|
|
607
|
+
};
|
|
608
|
+
};
|
|
609
|
+
/**
|
|
610
|
+
* Available roles response
|
|
611
|
+
*/
|
|
612
|
+
export type TAvailableRolesResponse = {
|
|
613
|
+
resourceType: ResourceType;
|
|
614
|
+
roles: TAccessRole[];
|
|
615
|
+
};
|
|
616
|
+
/**
|
|
617
|
+
* Get resource permissions response schema
|
|
618
|
+
* This matches the enhanced aggregation-based endpoint response format
|
|
619
|
+
*/
|
|
620
|
+
export declare const getResourcePermissionsResponseSchema: z.ZodObject<{
|
|
621
|
+
resourceType: z.ZodNativeEnum<typeof ResourceType>;
|
|
622
|
+
resourceId: z.ZodNativeEnum<typeof AccessRoleIds>;
|
|
623
|
+
principals: z.ZodArray<z.ZodObject<{
|
|
624
|
+
type: z.ZodNativeEnum<typeof PrincipalType>;
|
|
625
|
+
id: z.ZodOptional<z.ZodString>;
|
|
626
|
+
name: z.ZodOptional<z.ZodString>;
|
|
627
|
+
email: z.ZodOptional<z.ZodString>;
|
|
628
|
+
source: z.ZodOptional<z.ZodEnum<["local", "entra"]>>;
|
|
629
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
630
|
+
description: z.ZodOptional<z.ZodString>;
|
|
631
|
+
idOnTheSource: z.ZodOptional<z.ZodString>;
|
|
632
|
+
accessRoleId: z.ZodOptional<z.ZodNativeEnum<typeof AccessRoleIds>>;
|
|
633
|
+
memberCount: z.ZodOptional<z.ZodNumber>;
|
|
634
|
+
}, "strip", z.ZodTypeAny, {
|
|
635
|
+
type: PrincipalType;
|
|
636
|
+
id?: string | undefined;
|
|
637
|
+
name?: string | undefined;
|
|
638
|
+
email?: string | undefined;
|
|
639
|
+
source?: "local" | "entra" | undefined;
|
|
640
|
+
avatar?: string | undefined;
|
|
641
|
+
description?: string | undefined;
|
|
642
|
+
idOnTheSource?: string | undefined;
|
|
643
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
644
|
+
memberCount?: number | undefined;
|
|
645
|
+
}, {
|
|
646
|
+
type: PrincipalType;
|
|
647
|
+
id?: string | undefined;
|
|
648
|
+
name?: string | undefined;
|
|
649
|
+
email?: string | undefined;
|
|
650
|
+
source?: "local" | "entra" | undefined;
|
|
651
|
+
avatar?: string | undefined;
|
|
652
|
+
description?: string | undefined;
|
|
653
|
+
idOnTheSource?: string | undefined;
|
|
654
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
655
|
+
memberCount?: number | undefined;
|
|
656
|
+
}>, "many">;
|
|
657
|
+
public: z.ZodBoolean;
|
|
658
|
+
publicAccessRoleId: z.ZodOptional<z.ZodNativeEnum<typeof AccessRoleIds>>;
|
|
659
|
+
}, "strip", z.ZodTypeAny, {
|
|
660
|
+
public: boolean;
|
|
661
|
+
resourceType: ResourceType;
|
|
662
|
+
resourceId: AccessRoleIds;
|
|
663
|
+
principals: {
|
|
664
|
+
type: PrincipalType;
|
|
665
|
+
id?: string | undefined;
|
|
666
|
+
name?: string | undefined;
|
|
667
|
+
email?: string | undefined;
|
|
668
|
+
source?: "local" | "entra" | undefined;
|
|
669
|
+
avatar?: string | undefined;
|
|
670
|
+
description?: string | undefined;
|
|
671
|
+
idOnTheSource?: string | undefined;
|
|
672
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
673
|
+
memberCount?: number | undefined;
|
|
674
|
+
}[];
|
|
675
|
+
publicAccessRoleId?: AccessRoleIds | undefined;
|
|
676
|
+
}, {
|
|
677
|
+
public: boolean;
|
|
678
|
+
resourceType: ResourceType;
|
|
679
|
+
resourceId: AccessRoleIds;
|
|
680
|
+
principals: {
|
|
681
|
+
type: PrincipalType;
|
|
682
|
+
id?: string | undefined;
|
|
683
|
+
name?: string | undefined;
|
|
684
|
+
email?: string | undefined;
|
|
685
|
+
source?: "local" | "entra" | undefined;
|
|
686
|
+
avatar?: string | undefined;
|
|
687
|
+
description?: string | undefined;
|
|
688
|
+
idOnTheSource?: string | undefined;
|
|
689
|
+
accessRoleId?: AccessRoleIds | undefined;
|
|
690
|
+
memberCount?: number | undefined;
|
|
691
|
+
}[];
|
|
692
|
+
publicAccessRoleId?: AccessRoleIds | undefined;
|
|
693
|
+
}>;
|
|
694
|
+
/**
|
|
695
|
+
* Get resource permissions response type
|
|
696
|
+
* This matches the enhanced aggregation-based endpoint response format
|
|
697
|
+
*/
|
|
698
|
+
export type TGetResourcePermissionsResponse = z.infer<typeof getResourcePermissionsResponseSchema>;
|
|
699
|
+
/**
|
|
700
|
+
* Effective permissions response schema
|
|
701
|
+
* Returns just the permission bitmask for a user on a resource
|
|
702
|
+
*/
|
|
703
|
+
export declare const effectivePermissionsResponseSchema: z.ZodObject<{
|
|
704
|
+
permissionBits: z.ZodNumber;
|
|
705
|
+
}, "strip", z.ZodTypeAny, {
|
|
706
|
+
permissionBits: number;
|
|
707
|
+
}, {
|
|
708
|
+
permissionBits: number;
|
|
709
|
+
}>;
|
|
710
|
+
/**
|
|
711
|
+
* Effective permissions response type
|
|
712
|
+
* Returns just the permission bitmask for a user on a resource
|
|
713
|
+
*/
|
|
714
|
+
export type TEffectivePermissionsResponse = z.infer<typeof effectivePermissionsResponseSchema>;
|
|
715
|
+
/**
|
|
716
|
+
* All effective permissions response type
|
|
717
|
+
* Map of resourceId to permissionBits for all accessible resources
|
|
718
|
+
*/
|
|
719
|
+
export type TAllEffectivePermissionsResponse = Record<string, number>;
|
|
720
|
+
/**
|
|
721
|
+
* Permission check result
|
|
722
|
+
*/
|
|
723
|
+
export interface TPermissionCheck {
|
|
724
|
+
canView: boolean;
|
|
725
|
+
canEdit: boolean;
|
|
726
|
+
canDelete: boolean;
|
|
727
|
+
canShare: boolean;
|
|
728
|
+
accessLevel: TAccessLevel;
|
|
729
|
+
}
|
|
730
|
+
/**
|
|
731
|
+
* Convert permission bits to access level
|
|
732
|
+
*/
|
|
733
|
+
export declare function permBitsToAccessLevel(permBits: number): TAccessLevel;
|
|
734
|
+
/**
|
|
735
|
+
* Convert access role ID to permission bits
|
|
736
|
+
*/
|
|
737
|
+
export declare function accessRoleToPermBits(accessRoleId: string): number;
|
|
738
|
+
/**
|
|
739
|
+
* Check if permission bitmask contains other bitmask
|
|
740
|
+
* @param permissions - The permission bitmask to check
|
|
741
|
+
* @param requiredPermission - The required permission bit(s)
|
|
742
|
+
* @returns {boolean} Whether permissions contains requiredPermission
|
|
743
|
+
*/
|
|
744
|
+
export declare function hasPermissions(permissions: number, requiredPermission: number): boolean;
|