sh3-server 0.13.0 → 0.13.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. package/app/assets/index-B1K1agdD.css +1 -0
  2. package/app/assets/index-eXElR_9t.js +21 -0
  3. package/app/assets/index-eXElR_9t.js.map +1 -0
  4. package/app/assets/workspace-rekey-DRgvbNY-.js +2 -0
  5. package/app/assets/workspace-rekey-DRgvbNY-.js.map +1 -0
  6. package/app/index.html +2 -2
  7. package/dist/caller.d.ts +9 -2
  8. package/dist/caller.js +16 -6
  9. package/dist/doc-store/index.d.ts +11 -2
  10. package/dist/doc-store/index.js +4 -2
  11. package/dist/index.js +20 -11
  12. package/dist/keys.d.ts +14 -8
  13. package/dist/keys.js +66 -40
  14. package/dist/middleware/project-allowlist.d.ts +30 -0
  15. package/dist/middleware/project-allowlist.js +49 -0
  16. package/dist/packages.d.ts +13 -0
  17. package/dist/packages.js +28 -0
  18. package/dist/projects.d.ts +39 -0
  19. package/dist/projects.js +128 -0
  20. package/dist/routes/admin.js +1 -1
  21. package/dist/routes/docs.d.ts +23 -9
  22. package/dist/routes/docs.js +57 -48
  23. package/dist/routes/keys.d.ts +4 -4
  24. package/dist/routes/keys.js +12 -12
  25. package/dist/routes/projects.d.ts +13 -0
  26. package/dist/routes/projects.js +101 -0
  27. package/dist/scope.d.ts +9 -4
  28. package/dist/scope.js +17 -15
  29. package/dist/shard-router.js +2 -2
  30. package/package.json +1 -1
  31. package/app/assets/index-BPTrm0uN.js +0 -19
  32. package/app/assets/index-BPTrm0uN.js.map +0 -1
  33. package/app/assets/index-J_irM21j.css +0 -1
package/dist/scope.d.ts CHANGED
@@ -1,11 +1,16 @@
1
1
  /**
2
2
  * Scope-based route guards. Operate on the `caller` set by resolveCaller.
3
3
  *
4
- * scopeRequired(scope) — 403 unless caller has that scope or admin:*.
5
- * tenantRequired — 401 unless caller.tenantId is non-null.
4
+ * scopeRequired(scope) — 403 unless caller has that permission scope or admin:*.
5
+ * requireCallerScope — 401 unless caller.scopeId is non-null.
6
+ * scopeAccessMatch(param) — 403 unless the URL's :scope is in caller.accessibleScopes.
7
+ *
8
+ * Cross-scope access is no longer grantable via admin:*. Admin keys are
9
+ * management-only — they pass scopeRequired but fail scopeAccessMatch
10
+ * unless their accessibleScopes list includes the requested scope.
6
11
  */
7
12
  import type { MiddlewareHandler } from 'hono';
8
13
  import type { SettingsStore } from './settings.js';
9
14
  export declare function scopeRequired(scope: string): MiddlewareHandler;
10
- export declare const tenantRequired: MiddlewareHandler;
11
- export declare function tenantParamMatch(paramName: string, settings?: SettingsStore): MiddlewareHandler;
15
+ export declare const requireCallerScope: MiddlewareHandler;
16
+ export declare function scopeAccessMatch(paramName: string, settings?: SettingsStore): MiddlewareHandler;
package/dist/scope.js CHANGED
@@ -1,8 +1,13 @@
1
1
  /**
2
2
  * Scope-based route guards. Operate on the `caller` set by resolveCaller.
3
3
  *
4
- * scopeRequired(scope) — 403 unless caller has that scope or admin:*.
5
- * tenantRequired — 401 unless caller.tenantId is non-null.
4
+ * scopeRequired(scope) — 403 unless caller has that permission scope or admin:*.
5
+ * requireCallerScope — 401 unless caller.scopeId is non-null.
6
+ * scopeAccessMatch(param) — 403 unless the URL's :scope is in caller.accessibleScopes.
7
+ *
8
+ * Cross-scope access is no longer grantable via admin:*. Admin keys are
9
+ * management-only — they pass scopeRequired but fail scopeAccessMatch
10
+ * unless their accessibleScopes list includes the requested scope.
6
11
  */
7
12
  export function scopeRequired(scope) {
8
13
  return async (c, next) => {
@@ -15,31 +20,28 @@ export function scopeRequired(scope) {
15
20
  return c.json({ error: `Missing required scope: ${scope}` }, 403);
16
21
  };
17
22
  }
18
- export const tenantRequired = async (c, next) => {
23
+ export const requireCallerScope = async (c, next) => {
19
24
  const caller = c.get('caller');
20
25
  if (!caller)
21
26
  return c.json({ error: 'Caller not resolved' }, 500);
22
- if (!caller.tenantId)
23
- return c.json({ error: 'Tenant-scoped credentials required' }, 401);
27
+ if (!caller.scopeId)
28
+ return c.json({ error: 'Scope-bound credentials required' }, 401);
24
29
  return next();
25
30
  };
26
- export function tenantParamMatch(paramName, settings) {
31
+ export function scopeAccessMatch(paramName, settings) {
27
32
  return async (c, next) => {
28
- // Open / no-auth mode: admin has explicitly disabled tenant isolation.
33
+ // Open / no-auth mode: admin has explicitly disabled scope isolation.
29
34
  // Mirrors sessionAuth's open-mode bypass; required for Tauri sidecar mode.
30
35
  if (settings && !settings.get().auth.required)
31
36
  return next();
32
37
  const caller = c.get('caller');
33
38
  if (!caller)
34
39
  return c.json({ error: 'Caller not resolved' }, 500);
35
- if (caller.scopes.includes('admin:*'))
36
- return next();
37
- if (!caller.tenantId)
38
- return c.json({ error: 'Tenant-scoped credentials required' }, 401);
39
40
  const requested = c.req.param(paramName);
40
- if (caller.tenantId !== requested) {
41
- return c.json({ error: `Caller tenant does not match :${paramName}` }, 403);
42
- }
43
- return next();
41
+ if (!requested)
42
+ return c.json({ error: `Missing :${paramName} param` }, 400);
43
+ if (caller.accessibleScopes.includes(requested))
44
+ return next();
45
+ return c.json({ error: `Caller is not a member of scope "${requested}"` }, 403);
44
46
  };
45
47
  }
package/dist/shard-router.js CHANGED
@@ -2,7 +2,7 @@
2
2
  import { Hono } from 'hono';
3
3
  import { mkdirSync, readFileSync } from 'node:fs';
4
4
  import { join } from 'node:path';
5
- import { scopeRequired, tenantRequired } from './scope.js';
5
+ import { scopeRequired, requireCallerScope } from './scope.js';
6
6
  import { pathToFileURL } from 'node:url';
7
7
  /** Middleware requiring the caller's scope set to include admin:*. */
8
8
  export function adminOnly(_keys, settings) {
@@ -151,7 +151,7 @@ export class ShardRouter {
151
151
  permissions,
152
152
  adminOnly: adminOnly(ctx.keys, ctx.settings),
153
153
  scopeRequired,
154
- tenantRequired,
154
+ tenantRequired: requireCallerScope,
155
155
  wsRegister: ctx.wsRegister,
156
156
  tenants: () => docStore.listTenantsSync(),
157
157
  documents: (tenant) => makeTenantDocumentAPI(docStore, tenant, shardId, permissions),
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "sh3-server",
3
- "version": "0.13.0",
3
+ "version": "0.13.2",
4
4
  "type": "module",
5
5
  "bin": {
6
6
  "sh3-server": "dist/cli.js"