weave-typescript 0.29.0 → 0.31.0

package/dist/weavesql/weavedb/auth_identity_sql.js

@@ -0,0 +1,690 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.insertAuthAuditEventQuery = exports.endSupportAccessSessionQuery = exports.createSupportAccessSessionQuery = exports.createPlatformAdminGrantQuery = exports.listActivePlatformAdminGrantsForUserQuery = exports.listOrganizationMembersQuery = exports.listOrganizationMembershipsForUserQuery = exports.getOrganizationMembershipQuery = exports.upsertOrganizationMembershipQuery = exports.upsertOrganizationAuthLinkQuery = exports.getOrganizationAuthLinkByOrganizationIDQuery = exports.getOrganizationAuthLinkByStytchIDQuery = exports.upsertIdentityLinkQuery = exports.getIdentityLinkByStytchMemberQuery = exports.getUserProfileQuery = exports.upsertUserProfileQuery = exports.getUserByIDQuery = exports.createUserQuery = void 0;
+exports.createUser = createUser;
+exports.getUserByID = getUserByID;
+exports.upsertUserProfile = upsertUserProfile;
+exports.getUserProfile = getUserProfile;
+exports.getIdentityLinkByStytchMember = getIdentityLinkByStytchMember;
+exports.upsertIdentityLink = upsertIdentityLink;
+exports.getOrganizationAuthLinkByStytchID = getOrganizationAuthLinkByStytchID;
+exports.getOrganizationAuthLinkByOrganizationID = getOrganizationAuthLinkByOrganizationID;
+exports.upsertOrganizationAuthLink = upsertOrganizationAuthLink;
+exports.upsertOrganizationMembership = upsertOrganizationMembership;
+exports.getOrganizationMembership = getOrganizationMembership;
+exports.listOrganizationMembershipsForUser = listOrganizationMembershipsForUser;
+exports.listOrganizationMembers = listOrganizationMembers;
+exports.listActivePlatformAdminGrantsForUser = listActivePlatformAdminGrantsForUser;
+exports.createPlatformAdminGrant = createPlatformAdminGrant;
+exports.createSupportAccessSession = createSupportAccessSession;
+exports.insertAuthAuditEvent = insertAuthAuditEvent;
+exports.createUserQuery = `-- name: CreateUser :one
+INSERT INTO weave.users (status)
+VALUES ($1)
+RETURNING id, status, created_at, updated_at`;
+async function createUser(client, args) {
+    const result = await client.query({
+        text: exports.createUserQuery,
+        values: [args.status],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        status: row[1],
+        createdAt: row[2],
+        updatedAt: row[3]
+    };
+}
+exports.getUserByIDQuery = `-- name: GetUserByID :one
+SELECT id, status, created_at, updated_at
+FROM weave.users
+WHERE id = $1`;
+async function getUserByID(client, args) {
+    const result = await client.query({
+        text: exports.getUserByIDQuery,
+        values: [args.id],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        status: row[1],
+        createdAt: row[2],
+        updatedAt: row[3]
+    };
+}
+exports.upsertUserProfileQuery = `-- name: UpsertUserProfile :one
+INSERT INTO weave.user_profiles (
+    user_id,
+    display_name,
+    job_title,
+    email,
+    avatar_url,
+    theme
+) VALUES (
+    $1,
+    $2,
+    $3,
+    $4,
+    $5,
+    $6
+)
+ON CONFLICT (user_id) DO UPDATE
+SET
+    display_name = EXCLUDED.display_name,
+    job_title = EXCLUDED.job_title,
+    email = EXCLUDED.email,
+    avatar_url = EXCLUDED.avatar_url,
+    theme = EXCLUDED.theme,
+    updated_at = now()
+RETURNING
+    user_id,
+    display_name,
+    job_title,
+    email,
+    avatar_url,
+    theme,
+    created_at,
+    updated_at`;
+async function upsertUserProfile(client, args) {
+    const result = await client.query({
+        text: exports.upsertUserProfileQuery,
+        values: [args.userId, args.displayName, args.jobTitle, args.email, args.avatarUrl, args.theme],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        userId: row[0],
+        displayName: row[1],
+        jobTitle: row[2],
+        email: row[3],
+        avatarUrl: row[4],
+        theme: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.getUserProfileQuery = `-- name: GetUserProfile :one
+SELECT
+    user_id,
+    display_name,
+    job_title,
+    email,
+    avatar_url,
+    theme,
+    created_at,
+    updated_at
+FROM weave.user_profiles
+WHERE user_id = $1`;
+async function getUserProfile(client, args) {
+    const result = await client.query({
+        text: exports.getUserProfileQuery,
+        values: [args.userId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        userId: row[0],
+        displayName: row[1],
+        jobTitle: row[2],
+        email: row[3],
+        avatarUrl: row[4],
+        theme: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.getIdentityLinkByStytchMemberQuery = `-- name: GetIdentityLinkByStytchMember :one
+SELECT
+    id,
+    user_id,
+    organization_id,
+    provider,
+    stytch_organization_id,
+    stytch_member_id,
+    stytch_member_email,
+    last_seen_at,
+    created_at,
+    updated_at
+FROM weave.identity_links
+WHERE provider = 'stytch_b2b'
+  AND stytch_organization_id = $1
+  AND stytch_member_id = $2`;
+async function getIdentityLinkByStytchMember(client, args) {
+    const result = await client.query({
+        text: exports.getIdentityLinkByStytchMemberQuery,
+        values: [args.stytchOrganizationId, args.stytchMemberId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        organizationId: row[2],
+        provider: row[3],
+        stytchOrganizationId: row[4],
+        stytchMemberId: row[5],
+        stytchMemberEmail: row[6],
+        lastSeenAt: row[7],
+        createdAt: row[8],
+        updatedAt: row[9]
+    };
+}
+exports.upsertIdentityLinkQuery = `-- name: UpsertIdentityLink :one
+INSERT INTO weave.identity_links (
+    user_id,
+    organization_id,
+    provider,
+    stytch_organization_id,
+    stytch_member_id,
+    stytch_member_email,
+    last_seen_at
+) VALUES (
+    $1,
+    $2,
+    'stytch_b2b',
+    $3,
+    $4,
+    $5,
+    now()
+)
+ON CONFLICT (provider, stytch_organization_id, stytch_member_id) DO UPDATE
+SET
+    user_id = EXCLUDED.user_id,
+    organization_id = EXCLUDED.organization_id,
+    stytch_member_email = EXCLUDED.stytch_member_email,
+    last_seen_at = now(),
+    updated_at = now()
+RETURNING
+    id,
+    user_id,
+    organization_id,
+    provider,
+    stytch_organization_id,
+    stytch_member_id,
+    stytch_member_email,
+    last_seen_at,
+    created_at,
+    updated_at`;
+async function upsertIdentityLink(client, args) {
+    const result = await client.query({
+        text: exports.upsertIdentityLinkQuery,
+        values: [args.userId, args.organizationId, args.stytchOrganizationId, args.stytchMemberId, args.stytchMemberEmail],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        organizationId: row[2],
+        provider: row[3],
+        stytchOrganizationId: row[4],
+        stytchMemberId: row[5],
+        stytchMemberEmail: row[6],
+        lastSeenAt: row[7],
+        createdAt: row[8],
+        updatedAt: row[9]
+    };
+}
+exports.getOrganizationAuthLinkByStytchIDQuery = `-- name: GetOrganizationAuthLinkByStytchID :one
+SELECT
+    organization_id,
+    stytch_organization_id,
+    stytch_organization_slug,
+    stytch_organization_kind,
+    allowed_domains,
+    auth_policy_summary,
+    created_at,
+    updated_at
+FROM weave.organization_auth_links
+WHERE stytch_organization_id = $1`;
+async function getOrganizationAuthLinkByStytchID(client, args) {
+    const result = await client.query({
+        text: exports.getOrganizationAuthLinkByStytchIDQuery,
+        values: [args.stytchOrganizationId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        organizationId: row[0],
+        stytchOrganizationId: row[1],
+        stytchOrganizationSlug: row[2],
+        stytchOrganizationKind: row[3],
+        allowedDomains: row[4],
+        authPolicySummary: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.getOrganizationAuthLinkByOrganizationIDQuery = `-- name: GetOrganizationAuthLinkByOrganizationID :one
+SELECT
+    organization_id,
+    stytch_organization_id,
+    stytch_organization_slug,
+    stytch_organization_kind,
+    allowed_domains,
+    auth_policy_summary,
+    created_at,
+    updated_at
+FROM weave.organization_auth_links
+WHERE organization_id = $1`;
+async function getOrganizationAuthLinkByOrganizationID(client, args) {
+    const result = await client.query({
+        text: exports.getOrganizationAuthLinkByOrganizationIDQuery,
+        values: [args.organizationId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        organizationId: row[0],
+        stytchOrganizationId: row[1],
+        stytchOrganizationSlug: row[2],
+        stytchOrganizationKind: row[3],
+        allowedDomains: row[4],
+        authPolicySummary: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.upsertOrganizationAuthLinkQuery = `-- name: UpsertOrganizationAuthLink :one
+INSERT INTO weave.organization_auth_links (
+    organization_id,
+    stytch_organization_id,
+    stytch_organization_slug,
+    stytch_organization_kind,
+    allowed_domains,
+    auth_policy_summary
+) VALUES (
+    $1,
+    $2,
+    $3,
+    $4,
+    $5,
+    $6
+)
+ON CONFLICT (organization_id) DO UPDATE
+SET
+    stytch_organization_id = EXCLUDED.stytch_organization_id,
+    stytch_organization_slug = EXCLUDED.stytch_organization_slug,
+    stytch_organization_kind = EXCLUDED.stytch_organization_kind,
+    allowed_domains = EXCLUDED.allowed_domains,
+    auth_policy_summary = EXCLUDED.auth_policy_summary,
+    updated_at = now()
+RETURNING
+    organization_id,
+    stytch_organization_id,
+    stytch_organization_slug,
+    stytch_organization_kind,
+    allowed_domains,
+    auth_policy_summary,
+    created_at,
+    updated_at`;
+async function upsertOrganizationAuthLink(client, args) {
+    const result = await client.query({
+        text: exports.upsertOrganizationAuthLinkQuery,
+        values: [args.organizationId, args.stytchOrganizationId, args.stytchOrganizationSlug, args.stytchOrganizationKind, args.allowedDomains, args.authPolicySummary],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        organizationId: row[0],
+        stytchOrganizationId: row[1],
+        stytchOrganizationSlug: row[2],
+        stytchOrganizationKind: row[3],
+        allowedDomains: row[4],
+        authPolicySummary: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.upsertOrganizationMembershipQuery = `-- name: UpsertOrganizationMembership :one
+INSERT INTO weave.organization_memberships (
+    user_id,
+    organization_id,
+    identity_link_id,
+    status,
+    role_ids
+) VALUES (
+    $1,
+    $2,
+    $3,
+    $4,
+    $5
+)
+ON CONFLICT (user_id, organization_id) DO UPDATE
+SET
+    identity_link_id = EXCLUDED.identity_link_id,
+    status = EXCLUDED.status,
+    role_ids = EXCLUDED.role_ids,
+    updated_at = now()
+RETURNING
+    id,
+    user_id,
+    organization_id,
+    identity_link_id,
+    status,
+    role_ids,
+    created_at,
+    updated_at`;
+async function upsertOrganizationMembership(client, args) {
+    const result = await client.query({
+        text: exports.upsertOrganizationMembershipQuery,
+        values: [args.userId, args.organizationId, args.identityLinkId, args.status, args.roleIds],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        organizationId: row[2],
+        identityLinkId: row[3],
+        status: row[4],
+        roleIds: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.getOrganizationMembershipQuery = `-- name: GetOrganizationMembership :one
+SELECT
+    id,
+    user_id,
+    organization_id,
+    identity_link_id,
+    status,
+    role_ids,
+    created_at,
+    updated_at
+FROM weave.organization_memberships
+WHERE user_id = $1
+  AND organization_id = $2`;
+async function getOrganizationMembership(client, args) {
+    const result = await client.query({
+        text: exports.getOrganizationMembershipQuery,
+        values: [args.userId, args.organizationId],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        organizationId: row[2],
+        identityLinkId: row[3],
+        status: row[4],
+        roleIds: row[5],
+        createdAt: row[6],
+        updatedAt: row[7]
+    };
+}
+exports.listOrganizationMembershipsForUserQuery = `-- name: ListOrganizationMembershipsForUser :many
+SELECT
+    id,
+    user_id,
+    organization_id,
+    identity_link_id,
+    status,
+    role_ids,
+    created_at,
+    updated_at
+FROM weave.organization_memberships
+WHERE user_id = $1
+ORDER BY created_at ASC`;
+async function listOrganizationMembershipsForUser(client, args) {
+    const result = await client.query({
+        text: exports.listOrganizationMembershipsForUserQuery,
+        values: [args.userId],
+        rowMode: "array"
+    });
+    return result.rows.map(row => {
+        return {
+            id: row[0],
+            userId: row[1],
+            organizationId: row[2],
+            identityLinkId: row[3],
+            status: row[4],
+            roleIds: row[5],
+            createdAt: row[6],
+            updatedAt: row[7]
+        };
+    });
+}
+exports.listOrganizationMembersQuery = `-- name: ListOrganizationMembers :many
+SELECT
+    m.id,
+    m.user_id,
+    m.organization_id,
+    m.identity_link_id,
+    m.status,
+    m.role_ids,
+    p.display_name,
+    p.email,
+    p.avatar_url,
+    m.created_at,
+    m.updated_at
+FROM weave.organization_memberships AS m
+JOIN weave.user_profiles AS p
+  ON p.user_id = m.user_id
+WHERE m.organization_id = $1
+ORDER BY p.display_name ASC, p.email ASC`;
+async function listOrganizationMembers(client, args) {
+    const result = await client.query({
+        text: exports.listOrganizationMembersQuery,
+        values: [args.organizationId],
+        rowMode: "array"
+    });
+    return result.rows.map(row => {
+        return {
+            id: row[0],
+            userId: row[1],
+            organizationId: row[2],
+            identityLinkId: row[3],
+            status: row[4],
+            roleIds: row[5],
+            displayName: row[6],
+            email: row[7],
+            avatarUrl: row[8],
+            createdAt: row[9],
+            updatedAt: row[10]
+        };
+    });
+}
+exports.listActivePlatformAdminGrantsForUserQuery = `-- name: ListActivePlatformAdminGrantsForUser :many
+SELECT
+    id,
+    user_id,
+    platform_role,
+    organization_id,
+    all_organizations,
+    allowed_actions,
+    expires_at,
+    status,
+    created_at,
+    updated_at
+FROM weave.platform_admin_grants
+WHERE user_id = $1
+  AND status = 'active'
+  AND (expires_at IS NULL OR expires_at > now())`;
+async function listActivePlatformAdminGrantsForUser(client, args) {
+    const result = await client.query({
+        text: exports.listActivePlatformAdminGrantsForUserQuery,
+        values: [args.userId],
+        rowMode: "array"
+    });
+    return result.rows.map(row => {
+        return {
+            id: row[0],
+            userId: row[1],
+            platformRole: row[2],
+            organizationId: row[3],
+            allOrganizations: row[4],
+            allowedActions: row[5],
+            expiresAt: row[6],
+            status: row[7],
+            createdAt: row[8],
+            updatedAt: row[9]
+        };
+    });
+}
+exports.createPlatformAdminGrantQuery = `-- name: CreatePlatformAdminGrant :one
+INSERT INTO weave.platform_admin_grants (
+    user_id,
+    platform_role,
+    organization_id,
+    all_organizations,
+    allowed_actions,
+    expires_at,
+    status
+) VALUES (
+    $1,
+    $2,
+    $3,
+    $4,
+    $5,
+    $6,
+    $7
+)
+RETURNING
+    id,
+    user_id,
+    platform_role,
+    organization_id,
+    all_organizations,
+    allowed_actions,
+    expires_at,
+    status,
+    created_at,
+    updated_at`;
+async function createPlatformAdminGrant(client, args) {
+    const result = await client.query({
+        text: exports.createPlatformAdminGrantQuery,
+        values: [args.userId, args.platformRole, args.organizationId, args.allOrganizations, args.allowedActions, args.expiresAt, args.status],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        userId: row[1],
+        platformRole: row[2],
+        organizationId: row[3],
+        allOrganizations: row[4],
+        allowedActions: row[5],
+        expiresAt: row[6],
+        status: row[7],
+        createdAt: row[8],
+        updatedAt: row[9]
+    };
+}
+exports.createSupportAccessSessionQuery = `-- name: CreateSupportAccessSession :one
+INSERT INTO weave.support_access_sessions (
+    acting_user_id,
+    target_organization_id,
+    reason,
+    allowed_actions
+) VALUES (
+    $1,
+    $2,
+    $3,
+    $4
+)
+RETURNING
+    id,
+    acting_user_id,
+    target_organization_id,
+    reason,
+    allowed_actions,
+    started_at,
+    ended_at,
+    created_at`;
+async function createSupportAccessSession(client, args) {
+    const result = await client.query({
+        text: exports.createSupportAccessSessionQuery,
+        values: [args.actingUserId, args.targetOrganizationId, args.reason, args.allowedActions],
+        rowMode: "array"
+    });
+    if (result.rows.length !== 1) {
+        return null;
+    }
+    const row = result.rows[0];
+    return {
+        id: row[0],
+        actingUserId: row[1],
+        targetOrganizationId: row[2],
+        reason: row[3],
+        allowedActions: row[4],
+        startedAt: row[5],
+        endedAt: row[6],
+        createdAt: row[7]
+    };
+}
+exports.endSupportAccessSessionQuery = `-- name: EndSupportAccessSession :execrows
+UPDATE weave.support_access_sessions
+SET ended_at = now()
+WHERE id = $1
+  AND ended_at IS NULL`;
+exports.insertAuthAuditEventQuery = `-- name: InsertAuthAuditEvent :exec
+INSERT INTO weave.auth_audit_events (
+    organization_id,
+    acting_user_id,
+    target_user_id,
+    event_type,
+    auth_method,
+    stytch_request_id,
+    stytch_organization_id,
+    stytch_member_id,
+    support_access_session_id,
+    metadata
+) VALUES (
+    $1,
+    $2,
+    $3,
+    $4,
+    $5,
+    $6,
+    $7,
+    $8,
+    $9,
+    $10
+)`;
+async function insertAuthAuditEvent(client, args) {
+    await client.query({
+        text: exports.insertAuthAuditEventQuery,
+        values: [args.organizationId, args.actingUserId, args.targetUserId, args.eventType, args.authMethod, args.stytchRequestId, args.stytchOrganizationId, args.stytchMemberId, args.supportAccessSessionId, args.metadata],
+        rowMode: "array"
+    });
+}