npm - nobalmako - Versions diffs - 1.0.0 - Mend

nobalmako 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

package/README.md +112 -0
package/components.json +22 -0
package/dist/nobalmako.js +272 -0
package/drizzle/0000_pink_spiral.sql +126 -0
package/drizzle/meta/0000_snapshot.json +1027 -0
package/drizzle/meta/_journal.json +13 -0
package/drizzle.config.ts +10 -0
package/eslint.config.mjs +18 -0
package/next.config.ts +7 -0
package/package.json +80 -0
package/postcss.config.mjs +7 -0
package/public/file.svg +1 -0
package/public/globe.svg +1 -0
package/public/next.svg +1 -0
package/public/vercel.svg +1 -0
package/public/window.svg +1 -0
package/server/index.ts +118 -0
package/src/app/api/api-keys/[id]/route.ts +147 -0
package/src/app/api/api-keys/route.ts +151 -0
package/src/app/api/audit-logs/route.ts +84 -0
package/src/app/api/auth/forgot-password/route.ts +47 -0
package/src/app/api/auth/login/route.ts +99 -0
package/src/app/api/auth/logout/route.ts +15 -0
package/src/app/api/auth/me/route.ts +23 -0
package/src/app/api/auth/mfa/setup/route.ts +33 -0
package/src/app/api/auth/mfa/verify/route.ts +45 -0
package/src/app/api/auth/register/route.ts +140 -0
package/src/app/api/auth/reset-password/route.ts +52 -0
package/src/app/api/auth/update/route.ts +71 -0
package/src/app/api/auth/verify/route.ts +39 -0
package/src/app/api/environments/route.ts +227 -0
package/src/app/api/team-members/route.ts +385 -0
package/src/app/api/teams/route.ts +217 -0
package/src/app/api/variable-history/route.ts +218 -0
package/src/app/api/variables/route.ts +476 -0
package/src/app/api/webhooks/route.ts +77 -0
package/src/app/api-keys/APIKeysClient.tsx +316 -0
package/src/app/api-keys/page.tsx +10 -0
package/src/app/api-reference/page.tsx +324 -0
package/src/app/audit-log/AuditLogClient.tsx +229 -0
package/src/app/audit-log/page.tsx +10 -0
package/src/app/auth/forgot-password/page.tsx +121 -0
package/src/app/auth/login/LoginForm.tsx +145 -0
package/src/app/auth/login/page.tsx +11 -0
package/src/app/auth/register/RegisterForm.tsx +156 -0
package/src/app/auth/register/page.tsx +16 -0
package/src/app/auth/reset-password/page.tsx +160 -0
package/src/app/dashboard/DashboardClient.tsx +219 -0
package/src/app/dashboard/page.tsx +11 -0
package/src/app/docs/page.tsx +251 -0
package/src/app/favicon.ico +0 -0
package/src/app/globals.css +123 -0
package/src/app/layout.tsx +35 -0
package/src/app/page.tsx +231 -0
package/src/app/profile/ProfileClient.tsx +230 -0
package/src/app/profile/page.tsx +10 -0
package/src/app/project/[id]/ProjectDetailsClient.tsx +512 -0
package/src/app/project/[id]/page.tsx +17 -0
package/src/bin/nobalmako.ts +341 -0
package/src/components/ApiKeysManager.tsx +529 -0
package/src/components/AppLayout.tsx +193 -0
package/src/components/BulkActions.tsx +138 -0
package/src/components/CreateEnvironmentDialog.tsx +207 -0
package/src/components/CreateTeamDialog.tsx +174 -0
package/src/components/CreateVariableDialog.tsx +311 -0
package/src/components/DeleteEnvironmentDialog.tsx +104 -0
package/src/components/DeleteTeamDialog.tsx +112 -0
package/src/components/DeleteVariableDialog.tsx +103 -0
package/src/components/EditEnvironmentDialog.tsx +202 -0
package/src/components/EditMemberDialog.tsx +143 -0
package/src/components/EditTeamDialog.tsx +178 -0
package/src/components/EditVariableDialog.tsx +231 -0
package/src/components/ImportVariablesDialog.tsx +347 -0
package/src/components/InviteMemberDialog.tsx +191 -0
package/src/components/LeaveProjectDialog.tsx +111 -0
package/src/components/MFASettings.tsx +136 -0
package/src/components/ProjectDiff.tsx +123 -0
package/src/components/Providers.tsx +24 -0
package/src/components/RemoveMemberDialog.tsx +112 -0
package/src/components/SearchDialog.tsx +276 -0
package/src/components/SecurityOverview.tsx +92 -0
package/src/components/TeamMembersManager.tsx +103 -0
package/src/components/VariableHistoryDialog.tsx +265 -0
package/src/components/WebhooksManager.tsx +169 -0
package/src/components/ui/alert-dialog.tsx +160 -0
package/src/components/ui/alert.tsx +59 -0
package/src/components/ui/avatar.tsx +53 -0
package/src/components/ui/badge.tsx +46 -0
package/src/components/ui/button.tsx +62 -0
package/src/components/ui/card.tsx +92 -0
package/src/components/ui/checkbox.tsx +32 -0
package/src/components/ui/dialog.tsx +143 -0
package/src/components/ui/dropdown-menu.tsx +257 -0
package/src/components/ui/input.tsx +21 -0
package/src/components/ui/label.tsx +24 -0
package/src/components/ui/select.tsx +190 -0
package/src/components/ui/separator.tsx +28 -0
package/src/components/ui/sonner.tsx +37 -0
package/src/components/ui/switch.tsx +31 -0
package/src/components/ui/table.tsx +117 -0
package/src/components/ui/tabs.tsx +66 -0
package/src/components/ui/textarea.tsx +18 -0
package/src/hooks/use-api-keys.ts +95 -0
package/src/hooks/use-audit-logs.ts +58 -0
package/src/hooks/use-auth.tsx +121 -0
package/src/hooks/use-environments.ts +33 -0
package/src/hooks/use-project-permissions.ts +49 -0
package/src/hooks/use-team-members.ts +30 -0
package/src/hooks/use-teams.ts +33 -0
package/src/hooks/use-variables.ts +38 -0
package/src/lib/audit.ts +36 -0
package/src/lib/auth.ts +108 -0
package/src/lib/crypto.ts +39 -0
package/src/lib/db.ts +15 -0
package/src/lib/dynamic-providers.ts +19 -0
package/src/lib/email.ts +110 -0
package/src/lib/mail.ts +51 -0
package/src/lib/permissions.ts +51 -0
package/src/lib/schema.ts +240 -0
package/src/lib/seed.ts +107 -0
package/src/lib/utils.ts +6 -0
package/src/lib/webhooks.ts +42 -0
package/tsconfig.json +34 -0

package/src/app/api/teams/route.ts ADDED Viewed

@@ -0,0 +1,217 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { getUserFromToken } from '@/lib/auth';
+import { db } from '@/lib/db';
+import { teams, teamMembers } from '@/lib/schema';
+import { createAuditLog } from '@/lib/audit';
+import { eq, or, exists, and } from 'drizzle-orm';
+export async function GET() {
+  try {
+    const user = await getUserFromToken();
+    if (!user) {
+      return NextResponse.json(
+        { error: 'Not authenticated' },
+        { status: 401 }
+      );
+    }
+    // Get teams where user is owner or member
+    const userTeams = await db
+      .select()
+      .from(teams)
+      .where(
+        or(
+          eq(teams.ownerId, user.id),
+          exists(
+            db.select()
+              .from(teamMembers)
+              .where(and(eq(teamMembers.teamId, teams.id), eq(teamMembers.userId, user.id)))
+          )
+        )
+      );
+    return NextResponse.json({ teams: userTeams });
+  } catch (error) {
+    console.error('Get teams error:', error);
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}
+export async function POST(request: NextRequest) {
+  try {
+    const user = await getUserFromToken();
+    if (!user) {
+      return NextResponse.json(
+        { error: 'Not authenticated' },
+        { status: 401 }
+      );
+    }
+    const { name, description, color } = await request.json();
+    if (!name) {
+      return NextResponse.json(
+        { error: 'Name is required' },
+        { status: 400 }
+      );
+    }
+    const [newTeam] = await db.insert(teams).values({
+      name,
+      description,
+      color: color || '#3b82f6',
+      ownerId: user.id,
+    }).returning();
+    // Audit log
+    await createAuditLog({
+      userId: user.id,
+      teamId: newTeam.id,
+      action: 'create',
+      resourceType: 'team',
+      resourceId: newTeam.id,
+      newValue: { name, description, color: color || '#3b82f6' },
+    });
+    return NextResponse.json({ team: newTeam });
+  } catch (error) {
+    console.error('Create team error:', error);
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}
+export async function PUT(request: NextRequest) {
+  try {
+    const user = await getUserFromToken();
+    if (!user) {
+      return NextResponse.json(
+        { error: 'Not authenticated' },
+        { status: 401 }
+      );
+    }
+    const { id, name, description, color } = await request.json();
+    if (!id) {
+      return NextResponse.json(
+        { error: 'Team ID is required' },
+        { status: 400 }
+      );
+    }
+    if (!name) {
+      return NextResponse.json(
+        { error: 'Name is required' },
+        { status: 400 }
+      );
+    }
+    // Check if user owns the team
+    const existingTeam = await db
+      .select()
+      .from(teams)
+      .where(eq(teams.id, id))
+      .limit(1);
+    if (!existingTeam.length || existingTeam[0].ownerId !== user.id) {
+      return NextResponse.json(
+        { error: 'Team not found or access denied' },
+        { status: 404 }
+      );
+    }
+    const [updatedTeam] = await db
+      .update(teams)
+      .set({
+        name,
+        description,
+        color: color || existingTeam[0].color,
+        updatedAt: new Date(),
+      })
+      .where(eq(teams.id, id))
+      .returning();
+    // Audit log
+    await createAuditLog({
+      userId: user.id,
+      teamId: id,
+      action: 'update',
+      resourceType: 'team',
+      resourceId: id,
+      oldValue: { name: existingTeam[0].name, description: existingTeam[0].description, color: existingTeam[0].color },
+      newValue: { name, description, color: color || existingTeam[0].color },
+    });
+    return NextResponse.json({ team: updatedTeam });
+  } catch (error) {
+    console.error('Update team error:', error);
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}
+export async function DELETE(request: NextRequest) {
+  try {
+    const user = await getUserFromToken();
+    if (!user) {
+      return NextResponse.json(
+        { error: 'Not authenticated' },
+        { status: 401 }
+      );
+    }
+    const { id } = await request.json();
+    if (!id) {
+      return NextResponse.json(
+        { error: 'Team ID is required' },
+        { status: 400 }
+      );
+    }
+    // Check if user owns the team
+    const existingTeam = await db
+      .select()
+      .from(teams)
+      .where(eq(teams.id, id))
+      .limit(1);
+    if (!existingTeam.length || existingTeam[0].ownerId !== user.id) {
+      return NextResponse.json(
+        { error: 'Team not found or access denied' },
+        { status: 404 }
+      );
+    }
+    await db.delete(teams).where(eq(teams.id, id));
+    // Audit log
+    await createAuditLog({
+      userId: user.id,
+      teamId: id,
+      action: 'delete',
+      resourceType: 'team',
+      resourceId: id,
+      oldValue: { name: existingTeam[0].name, description: existingTeam[0].description },
+    });
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error('Delete team error:', error);
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}

package/src/app/api/variable-history/route.ts ADDED Viewed

@@ -0,0 +1,218 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { getUserFromToken } from '@/lib/auth';
+import { db } from '@/lib/db';
+import { variableHistory, teams, environmentVariables, users, teamMembers } from '@/lib/schema';
+import { eq, and, desc, or, exists } from 'drizzle-orm';
+import { decrypt } from '@/lib/crypto';
+import { hasPermission, Permissions } from '@/lib/permissions';
+export async function GET(request: NextRequest) {
+  try {
+    const user = await getUserFromToken();
+    if (!user) {
+      return NextResponse.json(
+        { error: 'Not authenticated' },
+        { status: 401 }
+      );
+    }
+    const { searchParams } = new URL(request.url);
+    const variableId = searchParams.get('variableId');
+    const teamId = searchParams.get('teamId');
+    if (!variableId && !teamId) {
+      return NextResponse.json(
+        { error: 'Variable ID or Team ID is required' },
+        { status: 400 }
+      );
+    }
+    let whereCondition;
+    if (variableId) {
+      // Check if user has access to this variable
+      const variableCheck = await db
+        .select()
+        .from(environmentVariables)
+        .innerJoin(teams, eq(environmentVariables.teamId, teams.id))
+        .where(
+          and(
+            eq(environmentVariables.id, variableId),
+            or(
+              eq(teams.ownerId, user.id),
+              exists(
+                db.select()
+                  .from(teamMembers)
+                  .where(and(eq(teamMembers.teamId, teams.id), eq(teamMembers.userId, user.id)))
+              )
+            )
+          )
+        )
+        .limit(1);
+      if (!variableCheck.length) {
+        return NextResponse.json(
+          { error: 'Variable not found or access denied' },
+          { status: 404 }
+        );
+      }
+      whereCondition = eq(variableHistory.variableId, variableId);
+    } else {
+      // Check if user owns or is a member of the team
+      if (!teamId) {
+        return NextResponse.json(
+          { error: 'Team ID is required' },
+          { status: 400 }
+        );
+      }
+      const teamCheck = await db
+        .select()
+        .from(teams)
+        .where(
+          and(
+            eq(teams.id, teamId),
+            or(
+              eq(teams.ownerId, user.id),
+              exists(
+                db.select()
+                  .from(teamMembers)
+                  .where(and(eq(teamMembers.teamId, teams.id), eq(teamMembers.userId, user.id)))
+              )
+            )
+          )
+        )
+        .limit(1);
+      if (!teamCheck.length) {
+        return NextResponse.json(
+          { error: 'Team not found or access denied' },
+          { status: 403 }
+        );
+      }
+      whereCondition = eq(variableHistory.teamId, teamId);
+    }
+    // Get variable history with user details
+    const history = await db
+      .select({
+        id: variableHistory.id,
+        variableId: variableHistory.variableId,
+        key: variableHistory.key,
+        value: variableHistory.value,
+        description: variableHistory.description,
+        isSecret: variableHistory.isSecret,
+        changeType: variableHistory.changeType,
+        createdAt: variableHistory.createdAt,
+        changer: {
+          id: users.id,
+          name: users.name,
+          email: users.email,
+        },
+      })
+      .from(variableHistory)
+      .innerJoin(users, eq(variableHistory.changedBy, users.id))
+      .where(whereCondition)
+      .orderBy(desc(variableHistory.createdAt))
+      .limit(100); // Limit to last 100 changes
+    // Decrypt history values
+    const decryptedHistory = history.map(h => ({
+      ...h,
+      value: decrypt(h.value)
+    }));
+    return NextResponse.json({ history: decryptedHistory });
+  } catch (error) {
+    console.error('Get variable history error:', error);
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}
+export async function POST(request: NextRequest) {
+  try {
+    const user = await getUserFromToken();
+    if (!user) {
+      return NextResponse.json(
+        { error: 'Not authenticated' },
+        { status: 401 }
+      );
+    }
+    const { historyId } = await request.json();
+    if (!historyId) {
+      return NextResponse.json(
+        { error: 'History ID is required' },
+        { status: 400 }
+      );
+    }
+    // Get the history entry
+    const [historyEntry] = await db
+      .select()
+      .from(variableHistory)
+      .where(eq(variableHistory.id, historyId))
+      .limit(1);
+    if (!historyEntry) {
+      return NextResponse.json(
+        { error: 'History entry not found' },
+        { status: 404 }
+      );
+    }
+    // Verify user has permission to manage secrets in this team
+    const canManage = await hasPermission(user.id, historyEntry.teamId, Permissions.MANAGE_SECRETS);
+    if (!canManage) {
+      return NextResponse.json(
+        { error: 'Forbidden: You do not have permission to manage secrets in this project' },
+        { status: 403 }
+      );
+    }
+    // Roll back the variable
+    const [updatedVariable] = await db
+      .update(environmentVariables)
+      .set({
+        value: historyEntry.value, // It's already encrypted in history
+        description: historyEntry.description,
+        isSecret: historyEntry.isSecret,
+        updatedBy: user.id,
+        updatedAt: new Date(),
+      })
+      .where(eq(environmentVariables.id, historyEntry.variableId))
+      .returning();
+    // Create a new history entry for the rollback
+    await db.insert(variableHistory).values({
+      variableId: historyEntry.variableId,
+      teamId: historyEntry.teamId,
+      environmentId: historyEntry.environmentId,
+      key: historyEntry.key,
+      value: historyEntry.value, // Already encrypted
+      description: historyEntry.description,
+      isSecret: historyEntry.isSecret,
+      changedBy: user.id,
+      changeType: 'update',
+    });
+    return NextResponse.json({
+      message: 'Variable rolled back successfully',
+      variable: {
+        ...updatedVariable,
+        value: decrypt(updatedVariable.value)
+      }
+    });
+  } catch (error) {
+    console.error('Rollback variable error:', error);
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}