weave-typescript 0.42.8 → 0.43.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/weaveapi/auth/v1/auth.pb.d.ts +34 -0
  2. package/dist/weaveapi/auth/v1/auth.pb.js +486 -1
  3. package/dist/weaveapi/auth/v1/service.pb.d.ts +31 -1
  4. package/dist/weaveapi/auth/v1/service.pb.js +351 -1
  5. package/dist/weavesql/weavedb/auth_identity_sql.d.ts +81 -0
  6. package/dist/weavesql/weavedb/auth_identity_sql.js +181 -2
  7. package/package.json +1 -1
package/dist/weaveapi/auth/v1/auth.pb.d.ts CHANGED
@@ -110,6 +110,14 @@ export declare enum InviteRecoveryStatus {
110
110
  }
111
111
  export declare function inviteRecoveryStatusFromJSON(object: any): InviteRecoveryStatus;
112
112
  export declare function inviteRecoveryStatusToJSON(object: InviteRecoveryStatus): string;
113
+ export declare enum AuthorizationDecision {
114
+ AUTHORIZATION_DECISION_UNSPECIFIED = 0,
115
+ AUTHORIZATION_DECISION_ALLOWED = 1,
116
+ AUTHORIZATION_DECISION_DENIED = 2,
117
+ UNRECOGNIZED = -1
118
+ }
119
+ export declare function authorizationDecisionFromJSON(object: any): AuthorizationDecision;
120
+ export declare function authorizationDecisionToJSON(object: AuthorizationDecision): string;
113
121
  export interface AuthSession {
114
122
  sessionId: string;
115
123
  user: AuthUser | undefined;
@@ -368,6 +376,31 @@ export interface SupportAccessSession {
368
376
  startedAt: Date | undefined;
369
377
  endedAt: Date | undefined;
370
378
  }
379
+ export interface AuthorizationDecisionEvent {
380
+ id: string;
381
+ organizationId: string;
382
+ actingUserId: string;
383
+ actorOrganizationMembershipId: string;
384
+ actorIdentityLinkId: string;
385
+ rbacRoleIds: string[];
386
+ orgTeamIds: string[];
387
+ platformGrantIds: string[];
388
+ supportAccessSessionId: string;
389
+ featureFlagKey: string;
390
+ featureFlagProvider: string;
391
+ featureFlagVariant: string;
392
+ resourceId: string;
393
+ resourceInstanceId: string;
394
+ action: string;
395
+ decision: AuthorizationDecision;
396
+ reasonCode: string;
397
+ safeMessage: string;
398
+ usedSupportElevation: boolean;
399
+ metadata: {
400
+ [key: string]: any;
401
+ } | undefined;
402
+ createdAt: Date | undefined;
403
+ }
371
404
  export declare const AuthSession: MessageFns<AuthSession>;
372
405
  export declare const AuthUser: MessageFns<AuthUser>;
373
406
  export declare const AuthUser_OrganizationPagePositionsEntry: MessageFns<AuthUser_OrganizationPagePositionsEntry>;
@@ -391,6 +424,7 @@ export declare const ScimConnection: MessageFns<ScimConnection>;
391
424
  export declare const ScimTokenRotation: MessageFns<ScimTokenRotation>;
392
425
  export declare const ScimGroupMapping: MessageFns<ScimGroupMapping>;
393
426
  export declare const SupportAccessSession: MessageFns<SupportAccessSession>;
427
+ export declare const AuthorizationDecisionEvent: MessageFns<AuthorizationDecisionEvent>;
394
428
  type Builtin = Date | Function | Uint8Array | string | number | boolean | undefined;
395
429
  export type DeepPartial<T> = T extends Builtin ? T : T extends globalThis.Array<infer U> ? globalThis.Array<DeepPartial<U>> : T extends ReadonlyArray<infer U> ? ReadonlyArray<DeepPartial<U>> : T extends {} ? {
396
430
  [K in keyof T]?: DeepPartial<T[K]>;
package/dist/weaveapi/auth/v1/auth.pb.js CHANGED
@@ -5,7 +5,7 @@
5
5
  // protoc unknown
6
6
  // source: weaveapi/auth/v1/auth.proto
7
7
  Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.SupportAccessSession = exports.ScimGroupMapping = exports.ScimTokenRotation = exports.ScimConnection = exports.SsoConnection = exports.RbacPermission = exports.RbacRole = exports.RbacResource = exports.RbacPolicySummary = exports.OrganizationTeamMember = exports.OrganizationTeam = exports.OrganizationMember = exports.OrganizationAuthSettings = exports.UserPreferences_OrganizationPagePositionsEntry = exports.UserPreferences = exports.UserOrganizationPagePosition = exports.UserProfile = exports.InviteOnboardingState = exports.DiscoveryOrganization = exports.AuthOrganization = exports.AuthUser_OrganizationPagePositionsEntry = exports.AuthUser = exports.AuthSession = exports.InviteRecoveryStatus = exports.InviteRecoveryReason = exports.InviteOnboardingStatus = exports.AuthProvider = exports.ScimConnectionStatus = exports.SsoConnectionStatus = exports.SsoConnectionType = exports.OrganizationKind = exports.MembershipStatus = exports.DiscoveryOrganizationStatus = exports.AuthMethod = exports.protobufPackage = void 0;
8
+ exports.AuthorizationDecisionEvent = exports.SupportAccessSession = exports.ScimGroupMapping = exports.ScimTokenRotation = exports.ScimConnection = exports.SsoConnection = exports.RbacPermission = exports.RbacRole = exports.RbacResource = exports.RbacPolicySummary = exports.OrganizationTeamMember = exports.OrganizationTeam = exports.OrganizationMember = exports.OrganizationAuthSettings = exports.UserPreferences_OrganizationPagePositionsEntry = exports.UserPreferences = exports.UserOrganizationPagePosition = exports.UserProfile = exports.InviteOnboardingState = exports.DiscoveryOrganization = exports.AuthOrganization = exports.AuthUser_OrganizationPagePositionsEntry = exports.AuthUser = exports.AuthSession = exports.AuthorizationDecision = exports.InviteRecoveryStatus = exports.InviteRecoveryReason = exports.InviteOnboardingStatus = exports.AuthProvider = exports.ScimConnectionStatus = exports.SsoConnectionStatus = exports.SsoConnectionType = exports.OrganizationKind = exports.MembershipStatus = exports.DiscoveryOrganizationStatus = exports.AuthMethod = exports.protobufPackage = void 0;
9
9
  exports.authMethodFromJSON = authMethodFromJSON;
10
10
  exports.authMethodToJSON = authMethodToJSON;
11
11
  exports.discoveryOrganizationStatusFromJSON = discoveryOrganizationStatusFromJSON;
@@ -28,6 +28,8 @@ exports.inviteRecoveryReasonFromJSON = inviteRecoveryReasonFromJSON;
28
28
  exports.inviteRecoveryReasonToJSON = inviteRecoveryReasonToJSON;
29
29
  exports.inviteRecoveryStatusFromJSON = inviteRecoveryStatusFromJSON;
30
30
  exports.inviteRecoveryStatusToJSON = inviteRecoveryStatusToJSON;
31
+ exports.authorizationDecisionFromJSON = authorizationDecisionFromJSON;
32
+ exports.authorizationDecisionToJSON = authorizationDecisionToJSON;
31
33
  /* eslint-disable */
32
34
  const wire_1 = require("@bufbuild/protobuf/wire");
33
35
  const struct_pb_1 = require("../../../google/protobuf/struct.pb");
@@ -572,6 +574,43 @@ function inviteRecoveryStatusToJSON(object) {
572
574
  return "UNRECOGNIZED";
573
575
  }
574
576
  }
577
+ var AuthorizationDecision;
578
+ (function (AuthorizationDecision) {
579
+ AuthorizationDecision[AuthorizationDecision["AUTHORIZATION_DECISION_UNSPECIFIED"] = 0] = "AUTHORIZATION_DECISION_UNSPECIFIED";
580
+ AuthorizationDecision[AuthorizationDecision["AUTHORIZATION_DECISION_ALLOWED"] = 1] = "AUTHORIZATION_DECISION_ALLOWED";
581
+ AuthorizationDecision[AuthorizationDecision["AUTHORIZATION_DECISION_DENIED"] = 2] = "AUTHORIZATION_DECISION_DENIED";
582
+ AuthorizationDecision[AuthorizationDecision["UNRECOGNIZED"] = -1] = "UNRECOGNIZED";
583
+ })(AuthorizationDecision || (exports.AuthorizationDecision = AuthorizationDecision = {}));
584
+ function authorizationDecisionFromJSON(object) {
585
+ switch (object) {
586
+ case 0:
587
+ case "AUTHORIZATION_DECISION_UNSPECIFIED":
588
+ return AuthorizationDecision.AUTHORIZATION_DECISION_UNSPECIFIED;
589
+ case 1:
590
+ case "AUTHORIZATION_DECISION_ALLOWED":
591
+ return AuthorizationDecision.AUTHORIZATION_DECISION_ALLOWED;
592
+ case 2:
593
+ case "AUTHORIZATION_DECISION_DENIED":
594
+ return AuthorizationDecision.AUTHORIZATION_DECISION_DENIED;
595
+ case -1:
596
+ case "UNRECOGNIZED":
597
+ default:
598
+ return AuthorizationDecision.UNRECOGNIZED;
599
+ }
600
+ }
601
+ function authorizationDecisionToJSON(object) {
602
+ switch (object) {
603
+ case AuthorizationDecision.AUTHORIZATION_DECISION_UNSPECIFIED:
604
+ return "AUTHORIZATION_DECISION_UNSPECIFIED";
605
+ case AuthorizationDecision.AUTHORIZATION_DECISION_ALLOWED:
606
+ return "AUTHORIZATION_DECISION_ALLOWED";
607
+ case AuthorizationDecision.AUTHORIZATION_DECISION_DENIED:
608
+ return "AUTHORIZATION_DECISION_DENIED";
609
+ case AuthorizationDecision.UNRECOGNIZED:
610
+ default:
611
+ return "UNRECOGNIZED";
612
+ }
613
+ }
575
614
  function createBaseAuthSession() {
576
615
  return {
577
616
  sessionId: "",
@@ -4635,6 +4674,452 @@ exports.SupportAccessSession = {
4635
4674
  return message;
4636
4675
  },
4637
4676
  };
4677
+ function createBaseAuthorizationDecisionEvent() {
4678
+ return {
4679
+ id: "",
4680
+ organizationId: "",
4681
+ actingUserId: "",
4682
+ actorOrganizationMembershipId: "",
4683
+ actorIdentityLinkId: "",
4684
+ rbacRoleIds: [],
4685
+ orgTeamIds: [],
4686
+ platformGrantIds: [],
4687
+ supportAccessSessionId: "",
4688
+ featureFlagKey: "",
4689
+ featureFlagProvider: "",
4690
+ featureFlagVariant: "",
4691
+ resourceId: "",
4692
+ resourceInstanceId: "",
4693
+ action: "",
4694
+ decision: 0,
4695
+ reasonCode: "",
4696
+ safeMessage: "",
4697
+ usedSupportElevation: false,
4698
+ metadata: undefined,
4699
+ createdAt: undefined,
4700
+ };
4701
+ }
4702
+ exports.AuthorizationDecisionEvent = {
4703
+ encode(message, writer = new wire_1.BinaryWriter()) {
4704
+ if (message.id !== "") {
4705
+ writer.uint32(10).string(message.id);
4706
+ }
4707
+ if (message.organizationId !== "") {
4708
+ writer.uint32(18).string(message.organizationId);
4709
+ }
4710
+ if (message.actingUserId !== "") {
4711
+ writer.uint32(26).string(message.actingUserId);
4712
+ }
4713
+ if (message.actorOrganizationMembershipId !== "") {
4714
+ writer.uint32(34).string(message.actorOrganizationMembershipId);
4715
+ }
4716
+ if (message.actorIdentityLinkId !== "") {
4717
+ writer.uint32(42).string(message.actorIdentityLinkId);
4718
+ }
4719
+ for (const v of message.rbacRoleIds) {
4720
+ writer.uint32(50).string(v);
4721
+ }
4722
+ for (const v of message.orgTeamIds) {
4723
+ writer.uint32(58).string(v);
4724
+ }
4725
+ for (const v of message.platformGrantIds) {
4726
+ writer.uint32(66).string(v);
4727
+ }
4728
+ if (message.supportAccessSessionId !== "") {
4729
+ writer.uint32(74).string(message.supportAccessSessionId);
4730
+ }
4731
+ if (message.featureFlagKey !== "") {
4732
+ writer.uint32(82).string(message.featureFlagKey);
4733
+ }
4734
+ if (message.featureFlagProvider !== "") {
4735
+ writer.uint32(90).string(message.featureFlagProvider);
4736
+ }
4737
+ if (message.featureFlagVariant !== "") {
4738
+ writer.uint32(98).string(message.featureFlagVariant);
4739
+ }
4740
+ if (message.resourceId !== "") {
4741
+ writer.uint32(106).string(message.resourceId);
4742
+ }
4743
+ if (message.resourceInstanceId !== "") {
4744
+ writer.uint32(114).string(message.resourceInstanceId);
4745
+ }
4746
+ if (message.action !== "") {
4747
+ writer.uint32(122).string(message.action);
4748
+ }
4749
+ if (message.decision !== 0) {
4750
+ writer.uint32(128).int32(message.decision);
4751
+ }
4752
+ if (message.reasonCode !== "") {
4753
+ writer.uint32(138).string(message.reasonCode);
4754
+ }
4755
+ if (message.safeMessage !== "") {
4756
+ writer.uint32(146).string(message.safeMessage);
4757
+ }
4758
+ if (message.usedSupportElevation !== false) {
4759
+ writer.uint32(152).bool(message.usedSupportElevation);
4760
+ }
4761
+ if (message.metadata !== undefined) {
4762
+ struct_pb_1.Struct.encode(struct_pb_1.Struct.wrap(message.metadata), writer.uint32(162).fork()).join();
4763
+ }
4764
+ if (message.createdAt !== undefined) {
4765
+ timestamp_pb_1.Timestamp.encode(toTimestamp(message.createdAt), writer.uint32(170).fork()).join();
4766
+ }
4767
+ return writer;
4768
+ },
4769
+ decode(input, length) {
4770
+ const reader = input instanceof wire_1.BinaryReader ? input : new wire_1.BinaryReader(input);
4771
+ const end = length === undefined ? reader.len : reader.pos + length;
4772
+ const message = createBaseAuthorizationDecisionEvent();
4773
+ while (reader.pos < end) {
4774
+ const tag = reader.uint32();
4775
+ switch (tag >>> 3) {
4776
+ case 1: {
4777
+ if (tag !== 10) {
4778
+ break;
4779
+ }
4780
+ message.id = reader.string();
4781
+ continue;
4782
+ }
4783
+ case 2: {
4784
+ if (tag !== 18) {
4785
+ break;
4786
+ }
4787
+ message.organizationId = reader.string();
4788
+ continue;
4789
+ }
4790
+ case 3: {
4791
+ if (tag !== 26) {
4792
+ break;
4793
+ }
4794
+ message.actingUserId = reader.string();
4795
+ continue;
4796
+ }
4797
+ case 4: {
4798
+ if (tag !== 34) {
4799
+ break;
4800
+ }
4801
+ message.actorOrganizationMembershipId = reader.string();
4802
+ continue;
4803
+ }
4804
+ case 5: {
4805
+ if (tag !== 42) {
4806
+ break;
4807
+ }
4808
+ message.actorIdentityLinkId = reader.string();
4809
+ continue;
4810
+ }
4811
+ case 6: {
4812
+ if (tag !== 50) {
4813
+ break;
4814
+ }
4815
+ message.rbacRoleIds.push(reader.string());
4816
+ continue;
4817
+ }
4818
+ case 7: {
4819
+ if (tag !== 58) {
4820
+ break;
4821
+ }
4822
+ message.orgTeamIds.push(reader.string());
4823
+ continue;
4824
+ }
4825
+ case 8: {
4826
+ if (tag !== 66) {
4827
+ break;
4828
+ }
4829
+ message.platformGrantIds.push(reader.string());
4830
+ continue;
4831
+ }
4832
+ case 9: {
4833
+ if (tag !== 74) {
4834
+ break;
4835
+ }
4836
+ message.supportAccessSessionId = reader.string();
4837
+ continue;
4838
+ }
4839
+ case 10: {
4840
+ if (tag !== 82) {
4841
+ break;
4842
+ }
4843
+ message.featureFlagKey = reader.string();
4844
+ continue;
4845
+ }
4846
+ case 11: {
4847
+ if (tag !== 90) {
4848
+ break;
4849
+ }
4850
+ message.featureFlagProvider = reader.string();
4851
+ continue;
4852
+ }
4853
+ case 12: {
4854
+ if (tag !== 98) {
4855
+ break;
4856
+ }
4857
+ message.featureFlagVariant = reader.string();
4858
+ continue;
4859
+ }
4860
+ case 13: {
4861
+ if (tag !== 106) {
4862
+ break;
4863
+ }
4864
+ message.resourceId = reader.string();
4865
+ continue;
4866
+ }
4867
+ case 14: {
4868
+ if (tag !== 114) {
4869
+ break;
4870
+ }
4871
+ message.resourceInstanceId = reader.string();
4872
+ continue;
4873
+ }
4874
+ case 15: {
4875
+ if (tag !== 122) {
4876
+ break;
4877
+ }
4878
+ message.action = reader.string();
4879
+ continue;
4880
+ }
4881
+ case 16: {
4882
+ if (tag !== 128) {
4883
+ break;
4884
+ }
4885
+ message.decision = reader.int32();
4886
+ continue;
4887
+ }
4888
+ case 17: {
4889
+ if (tag !== 138) {
4890
+ break;
4891
+ }
4892
+ message.reasonCode = reader.string();
4893
+ continue;
4894
+ }
4895
+ case 18: {
4896
+ if (tag !== 146) {
4897
+ break;
4898
+ }
4899
+ message.safeMessage = reader.string();
4900
+ continue;
4901
+ }
4902
+ case 19: {
4903
+ if (tag !== 152) {
4904
+ break;
4905
+ }
4906
+ message.usedSupportElevation = reader.bool();
4907
+ continue;
4908
+ }
4909
+ case 20: {
4910
+ if (tag !== 162) {
4911
+ break;
4912
+ }
4913
+ message.metadata = struct_pb_1.Struct.unwrap(struct_pb_1.Struct.decode(reader, reader.uint32()));
4914
+ continue;
4915
+ }
4916
+ case 21: {
4917
+ if (tag !== 170) {
4918
+ break;
4919
+ }
4920
+ message.createdAt = fromTimestamp(timestamp_pb_1.Timestamp.decode(reader, reader.uint32()));
4921
+ continue;
4922
+ }
4923
+ }
4924
+ if ((tag & 7) === 4 || tag === 0) {
4925
+ break;
4926
+ }
4927
+ reader.skip(tag & 7);
4928
+ }
4929
+ return message;
4930
+ },
4931
+ fromJSON(object) {
4932
+ return {
4933
+ id: isSet(object.id) ? globalThis.String(object.id) : "",
4934
+ organizationId: isSet(object.organizationId)
4935
+ ? globalThis.String(object.organizationId)
4936
+ : isSet(object.organization_id)
4937
+ ? globalThis.String(object.organization_id)
4938
+ : "",
4939
+ actingUserId: isSet(object.actingUserId)
4940
+ ? globalThis.String(object.actingUserId)
4941
+ : isSet(object.acting_user_id)
4942
+ ? globalThis.String(object.acting_user_id)
4943
+ : "",
4944
+ actorOrganizationMembershipId: isSet(object.actorOrganizationMembershipId)
4945
+ ? globalThis.String(object.actorOrganizationMembershipId)
4946
+ : isSet(object.actor_organization_membership_id)
4947
+ ? globalThis.String(object.actor_organization_membership_id)
4948
+ : "",
4949
+ actorIdentityLinkId: isSet(object.actorIdentityLinkId)
4950
+ ? globalThis.String(object.actorIdentityLinkId)
4951
+ : isSet(object.actor_identity_link_id)
4952
+ ? globalThis.String(object.actor_identity_link_id)
4953
+ : "",
4954
+ rbacRoleIds: globalThis.Array.isArray(object === null || object === void 0 ? void 0 : object.rbacRoleIds)
4955
+ ? object.rbacRoleIds.map((e) => globalThis.String(e))
4956
+ : globalThis.Array.isArray(object === null || object === void 0 ? void 0 : object.rbac_role_ids)
4957
+ ? object.rbac_role_ids.map((e) => globalThis.String(e))
4958
+ : [],
4959
+ orgTeamIds: globalThis.Array.isArray(object === null || object === void 0 ? void 0 : object.orgTeamIds)
4960
+ ? object.orgTeamIds.map((e) => globalThis.String(e))
4961
+ : globalThis.Array.isArray(object === null || object === void 0 ? void 0 : object.org_team_ids)
4962
+ ? object.org_team_ids.map((e) => globalThis.String(e))
4963
+ : [],
4964
+ platformGrantIds: globalThis.Array.isArray(object === null || object === void 0 ? void 0 : object.platformGrantIds)
4965
+ ? object.platformGrantIds.map((e) => globalThis.String(e))
4966
+ : globalThis.Array.isArray(object === null || object === void 0 ? void 0 : object.platform_grant_ids)
4967
+ ? object.platform_grant_ids.map((e) => globalThis.String(e))
4968
+ : [],
4969
+ supportAccessSessionId: isSet(object.supportAccessSessionId)
4970
+ ? globalThis.String(object.supportAccessSessionId)
4971
+ : isSet(object.support_access_session_id)
4972
+ ? globalThis.String(object.support_access_session_id)
4973
+ : "",
4974
+ featureFlagKey: isSet(object.featureFlagKey)
4975
+ ? globalThis.String(object.featureFlagKey)
4976
+ : isSet(object.feature_flag_key)
4977
+ ? globalThis.String(object.feature_flag_key)
4978
+ : "",
4979
+ featureFlagProvider: isSet(object.featureFlagProvider)
4980
+ ? globalThis.String(object.featureFlagProvider)
4981
+ : isSet(object.feature_flag_provider)
4982
+ ? globalThis.String(object.feature_flag_provider)
4983
+ : "",
4984
+ featureFlagVariant: isSet(object.featureFlagVariant)
4985
+ ? globalThis.String(object.featureFlagVariant)
4986
+ : isSet(object.feature_flag_variant)
4987
+ ? globalThis.String(object.feature_flag_variant)
4988
+ : "",
4989
+ resourceId: isSet(object.resourceId)
4990
+ ? globalThis.String(object.resourceId)
4991
+ : isSet(object.resource_id)
4992
+ ? globalThis.String(object.resource_id)
4993
+ : "",
4994
+ resourceInstanceId: isSet(object.resourceInstanceId)
4995
+ ? globalThis.String(object.resourceInstanceId)
4996
+ : isSet(object.resource_instance_id)
4997
+ ? globalThis.String(object.resource_instance_id)
4998
+ : "",
4999
+ action: isSet(object.action) ? globalThis.String(object.action) : "",
5000
+ decision: isSet(object.decision) ? authorizationDecisionFromJSON(object.decision) : 0,
5001
+ reasonCode: isSet(object.reasonCode)
5002
+ ? globalThis.String(object.reasonCode)
5003
+ : isSet(object.reason_code)
5004
+ ? globalThis.String(object.reason_code)
5005
+ : "",
5006
+ safeMessage: isSet(object.safeMessage)
5007
+ ? globalThis.String(object.safeMessage)
5008
+ : isSet(object.safe_message)
5009
+ ? globalThis.String(object.safe_message)
5010
+ : "",
5011
+ usedSupportElevation: isSet(object.usedSupportElevation)
5012
+ ? globalThis.Boolean(object.usedSupportElevation)
5013
+ : isSet(object.used_support_elevation)
5014
+ ? globalThis.Boolean(object.used_support_elevation)
5015
+ : false,
5016
+ metadata: isObject(object.metadata) ? object.metadata : undefined,
5017
+ createdAt: isSet(object.createdAt)
5018
+ ? fromJsonTimestamp(object.createdAt)
5019
+ : isSet(object.created_at)
5020
+ ? fromJsonTimestamp(object.created_at)
5021
+ : undefined,
5022
+ };
5023
+ },
5024
+ toJSON(message) {
5025
+ var _a, _b, _c;
5026
+ const obj = {};
5027
+ if (message.id !== "") {
5028
+ obj.id = message.id;
5029
+ }
5030
+ if (message.organizationId !== "") {
5031
+ obj.organizationId = message.organizationId;
5032
+ }
5033
+ if (message.actingUserId !== "") {
5034
+ obj.actingUserId = message.actingUserId;
5035
+ }
5036
+ if (message.actorOrganizationMembershipId !== "") {
5037
+ obj.actorOrganizationMembershipId = message.actorOrganizationMembershipId;
5038
+ }
5039
+ if (message.actorIdentityLinkId !== "") {
5040
+ obj.actorIdentityLinkId = message.actorIdentityLinkId;
5041
+ }
5042
+ if ((_a = message.rbacRoleIds) === null || _a === void 0 ? void 0 : _a.length) {
5043
+ obj.rbacRoleIds = message.rbacRoleIds;
5044
+ }
5045
+ if ((_b = message.orgTeamIds) === null || _b === void 0 ? void 0 : _b.length) {
5046
+ obj.orgTeamIds = message.orgTeamIds;
5047
+ }
5048
+ if ((_c = message.platformGrantIds) === null || _c === void 0 ? void 0 : _c.length) {
5049
+ obj.platformGrantIds = message.platformGrantIds;
5050
+ }
5051
+ if (message.supportAccessSessionId !== "") {
5052
+ obj.supportAccessSessionId = message.supportAccessSessionId;
5053
+ }
5054
+ if (message.featureFlagKey !== "") {
5055
+ obj.featureFlagKey = message.featureFlagKey;
5056
+ }
5057
+ if (message.featureFlagProvider !== "") {
5058
+ obj.featureFlagProvider = message.featureFlagProvider;
5059
+ }
5060
+ if (message.featureFlagVariant !== "") {
5061
+ obj.featureFlagVariant = message.featureFlagVariant;
5062
+ }
5063
+ if (message.resourceId !== "") {
5064
+ obj.resourceId = message.resourceId;
5065
+ }
5066
+ if (message.resourceInstanceId !== "") {
5067
+ obj.resourceInstanceId = message.resourceInstanceId;
5068
+ }
5069
+ if (message.action !== "") {
5070
+ obj.action = message.action;
5071
+ }
5072
+ if (message.decision !== 0) {
5073
+ obj.decision = authorizationDecisionToJSON(message.decision);
5074
+ }
5075
+ if (message.reasonCode !== "") {
5076
+ obj.reasonCode = message.reasonCode;
5077
+ }
5078
+ if (message.safeMessage !== "") {
5079
+ obj.safeMessage = message.safeMessage;
5080
+ }
5081
+ if (message.usedSupportElevation !== false) {
5082
+ obj.usedSupportElevation = message.usedSupportElevation;
5083
+ }
5084
+ if (message.metadata !== undefined) {
5085
+ obj.metadata = message.metadata;
5086
+ }
5087
+ if (message.createdAt !== undefined) {
5088
+ obj.createdAt = message.createdAt.toISOString();
5089
+ }
5090
+ return obj;
5091
+ },
5092
+ create(base) {
5093
+ return exports.AuthorizationDecisionEvent.fromPartial(base !== null && base !== void 0 ? base : {});
5094
+ },
5095
+ fromPartial(object) {
5096
+ var _a, _b, _c;
5097
+ var _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u, _v, _w;
5098
+ const message = createBaseAuthorizationDecisionEvent();
5099
+ message.id = (_d = object.id) !== null && _d !== void 0 ? _d : "";
5100
+ message.organizationId = (_e = object.organizationId) !== null && _e !== void 0 ? _e : "";
5101
+ message.actingUserId = (_f = object.actingUserId) !== null && _f !== void 0 ? _f : "";
5102
+ message.actorOrganizationMembershipId = (_g = object.actorOrganizationMembershipId) !== null && _g !== void 0 ? _g : "";
5103
+ message.actorIdentityLinkId = (_h = object.actorIdentityLinkId) !== null && _h !== void 0 ? _h : "";
5104
+ message.rbacRoleIds = ((_a = object.rbacRoleIds) === null || _a === void 0 ? void 0 : _a.map((e) => e)) || [];
5105
+ message.orgTeamIds = ((_b = object.orgTeamIds) === null || _b === void 0 ? void 0 : _b.map((e) => e)) || [];
5106
+ message.platformGrantIds = ((_c = object.platformGrantIds) === null || _c === void 0 ? void 0 : _c.map((e) => e)) || [];
5107
+ message.supportAccessSessionId = (_j = object.supportAccessSessionId) !== null && _j !== void 0 ? _j : "";
5108
+ message.featureFlagKey = (_k = object.featureFlagKey) !== null && _k !== void 0 ? _k : "";
5109
+ message.featureFlagProvider = (_l = object.featureFlagProvider) !== null && _l !== void 0 ? _l : "";
5110
+ message.featureFlagVariant = (_m = object.featureFlagVariant) !== null && _m !== void 0 ? _m : "";
5111
+ message.resourceId = (_o = object.resourceId) !== null && _o !== void 0 ? _o : "";
5112
+ message.resourceInstanceId = (_p = object.resourceInstanceId) !== null && _p !== void 0 ? _p : "";
5113
+ message.action = (_q = object.action) !== null && _q !== void 0 ? _q : "";
5114
+ message.decision = (_r = object.decision) !== null && _r !== void 0 ? _r : 0;
5115
+ message.reasonCode = (_s = object.reasonCode) !== null && _s !== void 0 ? _s : "";
5116
+ message.safeMessage = (_t = object.safeMessage) !== null && _t !== void 0 ? _t : "";
5117
+ message.usedSupportElevation = (_u = object.usedSupportElevation) !== null && _u !== void 0 ? _u : false;
5118
+ message.metadata = (_v = object.metadata) !== null && _v !== void 0 ? _v : undefined;
5119
+ message.createdAt = (_w = object.createdAt) !== null && _w !== void 0 ? _w : undefined;
5120
+ return message;
5121
+ },
5122
+ };
4638
5123
  function toTimestamp(date) {
4639
5124
  const seconds = Math.trunc(date.getTime() / 1000);
4640
5125
  const nanos = (date.getTime() % 1000) * 1000000;
package/dist/weaveapi/auth/v1/service.pb.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import { BinaryReader, BinaryWriter } from "@bufbuild/protobuf/wire";
2
- import { AuthMethod, AuthProvider, AuthSession, DiscoveryOrganization, InviteOnboardingState, InviteRecoveryReason, InviteRecoveryStatus, MembershipStatus, OrganizationAuthSettings, OrganizationMember, OrganizationTeam, RbacPolicySummary, ScimConnection, ScimGroupMapping, ScimTokenRotation, SsoConnection, SsoConnectionStatus, SsoConnectionType, UserOrganizationPagePosition, UserPreferences, UserProfile } from "./auth.pb";
2
+ import { AuthMethod, AuthorizationDecision, AuthorizationDecisionEvent, AuthProvider, AuthSession, DiscoveryOrganization, InviteOnboardingState, InviteRecoveryReason, InviteRecoveryStatus, MembershipStatus, OrganizationAuthSettings, OrganizationMember, OrganizationTeam, RbacPolicySummary, ScimConnection, ScimGroupMapping, ScimTokenRotation, SsoConnection, SsoConnectionStatus, SsoConnectionType, UserOrganizationPagePosition, UserPreferences, UserProfile } from "./auth.pb";
3
3
  export declare const protobufPackage = "weaveapi.auth.v1";
4
4
  export interface GetSessionRequest {
5
5
  }
@@ -298,6 +298,20 @@ export interface UpdateRbacPolicyRequest {
298
298
  export interface UpdateRbacPolicyResponse {
299
299
  policy: RbacPolicySummary | undefined;
300
300
  }
301
+ export interface ListAuthorizationDecisionEventsRequest {
302
+ organizationSlug: string;
303
+ actingUserId: string;
304
+ featureFlagKey: string;
305
+ resourceId: string;
306
+ action: string;
307
+ decision: AuthorizationDecision;
308
+ pageSize: number;
309
+ pageToken: string;
310
+ }
311
+ export interface ListAuthorizationDecisionEventsResponse {
312
+ events: AuthorizationDecisionEvent[];
313
+ nextPageToken: string;
314
+ }
301
315
  export interface ListSsoConnectionsRequest {
302
316
  organizationSlug: string;
303
317
  }
@@ -462,6 +476,8 @@ export declare const GetRbacPolicyRequest: MessageFns<GetRbacPolicyRequest>;
462
476
  export declare const GetRbacPolicyResponse: MessageFns<GetRbacPolicyResponse>;
463
477
  export declare const UpdateRbacPolicyRequest: MessageFns<UpdateRbacPolicyRequest>;
464
478
  export declare const UpdateRbacPolicyResponse: MessageFns<UpdateRbacPolicyResponse>;
479
+ export declare const ListAuthorizationDecisionEventsRequest: MessageFns<ListAuthorizationDecisionEventsRequest>;
480
+ export declare const ListAuthorizationDecisionEventsResponse: MessageFns<ListAuthorizationDecisionEventsResponse>;
465
481
  export declare const ListSsoConnectionsRequest: MessageFns<ListSsoConnectionsRequest>;
466
482
  export declare const ListSsoConnectionsResponse: MessageFns<ListSsoConnectionsResponse>;
467
483
  export declare const CreateSsoConnectionRequest: MessageFns<CreateSsoConnectionRequest>;
@@ -787,6 +803,7 @@ export interface OrganizationAuthAdminService {
787
803
  DeleteOrganizationTeam(request: DeleteOrganizationTeamRequest): Promise<DeleteOrganizationTeamResponse>;
788
804
  GetRbacPolicy(request: GetRbacPolicyRequest): Promise<GetRbacPolicyResponse>;
789
805
  UpdateRbacPolicy(request: UpdateRbacPolicyRequest): Promise<UpdateRbacPolicyResponse>;
806
+ ListAuthorizationDecisionEvents(request: ListAuthorizationDecisionEventsRequest): Promise<ListAuthorizationDecisionEventsResponse>;
790
807
  ListSsoConnections(request: ListSsoConnectionsRequest): Promise<ListSsoConnectionsResponse>;
791
808
  CreateSsoConnection(request: CreateSsoConnectionRequest): Promise<CreateSsoConnectionResponse>;
792
809
  UpdateSsoConnection(request: UpdateSsoConnectionRequest): Promise<UpdateSsoConnectionResponse>;
@@ -821,6 +838,7 @@ export declare class OrganizationAuthAdminServiceClientImpl implements Organizat
821
838
  DeleteOrganizationTeam(request: DeleteOrganizationTeamRequest): Promise<DeleteOrganizationTeamResponse>;
822
839
  GetRbacPolicy(request: GetRbacPolicyRequest): Promise<GetRbacPolicyResponse>;
823
840
  UpdateRbacPolicy(request: UpdateRbacPolicyRequest): Promise<UpdateRbacPolicyResponse>;
841
+ ListAuthorizationDecisionEvents(request: ListAuthorizationDecisionEventsRequest): Promise<ListAuthorizationDecisionEventsResponse>;
824
842
  ListSsoConnections(request: ListSsoConnectionsRequest): Promise<ListSsoConnectionsResponse>;
825
843
  CreateSsoConnection(request: CreateSsoConnectionRequest): Promise<CreateSsoConnectionResponse>;
826
844
  UpdateSsoConnection(request: UpdateSsoConnectionRequest): Promise<UpdateSsoConnectionResponse>;
@@ -1018,6 +1036,18 @@ export declare const OrganizationAuthAdminServiceDefinition: {
1018
1036
  };
1019
1037
  };
1020
1038
  };
1039
+ readonly listAuthorizationDecisionEvents: {
1040
+ readonly name: "ListAuthorizationDecisionEvents";
1041
+ readonly requestType: typeof ListAuthorizationDecisionEventsRequest;
1042
+ readonly requestStream: false;
1043
+ readonly responseType: typeof ListAuthorizationDecisionEventsResponse;
1044
+ readonly responseStream: false;
1045
+ readonly options: {
1046
+ readonly _unknownFields: {
1047
+ readonly 578365826: readonly [Uint8Array];
1048
+ };
1049
+ };
1050
+ };
1021
1051
  readonly listSsoConnections: {
1022
1052
  readonly name: "ListSsoConnections";
1023
1053
  readonly requestType: typeof ListSsoConnectionsRequest;
package/dist/weaveapi/auth/v1/service.pb.js CHANGED
@@ -6,7 +6,8 @@
6
6
  // source: weaveapi/auth/v1/service.proto
7
7
  Object.defineProperty(exports, "__esModule", { value: true });
8
8
  exports.ResendOrganizationMemberInviteRequest = exports.RemoveOrganizationMemberResponse = exports.RemoveOrganizationMemberRequest = exports.UpdateOrganizationMemberResponse = exports.UpdateOrganizationMemberRequest = exports.CreateOrganizationMemberResponse = exports.CreateOrganizationMemberRequest = exports.ListOrganizationMembersResponse = exports.ListOrganizationMembersRequest = exports.UpdateOrganizationAuthSettingsResponse = exports.UpdateOrganizationAuthSettingsRequest = exports.GetOrganizationAuthSettingsResponse = exports.GetOrganizationAuthSettingsRequest = exports.UpdateAvatarResponse = exports.UpdateAvatarRequest = exports.UpdateUserPreferencesResponse = exports.UpdateUserPreferencesRequest = exports.GetUserPreferencesResponse = exports.GetUserPreferencesRequest = exports.UpdateProfileResponse = exports.UpdateProfileRequest = exports.GetProfileResponse = exports.GetProfileRequest = exports.LogoutResponse = exports.LogoutRequest = exports.ExchangeDiscoveryOrganizationResponse = exports.ExchangeDiscoveryOrganizationRequest = exports.RequestInviteRecoveryResponse = exports.RequestInviteRecoveryRequest = exports.CompleteInviteOAuthResponse = exports.CompleteInviteOAuthRequest = exports.StartInviteOAuthResponse = exports.StartInviteOAuthRequest = exports.CompleteInvitePasswordResponse = exports.CompleteInvitePasswordRequest = exports.CompleteInviteMagicLinkResponse = exports.CompleteInviteMagicLinkRequest = exports.CompleteDiscoverySSOResponse = exports.CompleteDiscoverySSORequest = exports.StartDiscoverySSOResponse = exports.StartDiscoverySSORequest = exports.CompleteDiscoveryOAuthResponse = exports.CompleteDiscoveryOAuthRequest = exports.StartDiscoveryOAuthResponse = exports.StartDiscoveryOAuthRequest = exports.StartDiscoveryPasswordResponse = exports.StartDiscoveryPasswordRequest = exports.GetSessionResponse = exports.GetSessionRequest = exports.protobufPackage = void 0;
9
- exports.OrganizationAuthAdminServiceDefinition = exports.OrganizationAuthAdminServiceClientImpl = exports.OrganizationAuthAdminServiceServiceName = exports.ProfileServiceDefinition = exports.ProfileServiceClientImpl = exports.ProfileServiceServiceName = exports.AuthServiceDefinition = exports.AuthServiceClientImpl = exports.AuthServiceServiceName = exports.AuthError = exports.UpdateScimGroupMappingResponse = exports.UpdateScimGroupMappingRequest = exports.ListScimGroupMappingsResponse = exports.ListScimGroupMappingsRequest = exports.CancelScimTokenRotationResponse = exports.CancelScimTokenRotationRequest = exports.CompleteScimTokenRotationResponse = exports.CompleteScimTokenRotationRequest = exports.StartScimTokenRotationResponse = exports.StartScimTokenRotationRequest = exports.CreateScimConnectionResponse = exports.CreateScimConnectionRequest = exports.GetScimConnectionResponse = exports.GetScimConnectionRequest = exports.DeleteSsoConnectionResponse = exports.DeleteSsoConnectionRequest = exports.UpdateSsoConnectionResponse = exports.UpdateSsoConnectionRequest = exports.CreateSsoConnectionResponse = exports.CreateSsoConnectionRequest = exports.ListSsoConnectionsResponse = exports.ListSsoConnectionsRequest = exports.UpdateRbacPolicyResponse = exports.UpdateRbacPolicyRequest = exports.GetRbacPolicyResponse = exports.GetRbacPolicyRequest = exports.DeleteOrganizationTeamResponse = exports.DeleteOrganizationTeamRequest = exports.UpdateOrganizationTeamResponse = exports.UpdateOrganizationTeamRequest = exports.GetOrganizationTeamResponse = exports.GetOrganizationTeamRequest = exports.CreateOrganizationTeamResponse = exports.CreateOrganizationTeamRequest = exports.ListOrganizationTeamsResponse = exports.ListOrganizationTeamsRequest = exports.RevokeOrganizationMemberInviteResponse = exports.RevokeOrganizationMemberInviteRequest = exports.ResendOrganizationMemberInviteResponse = void 0;
9
+ exports.OrganizationAuthAdminServiceClientImpl = exports.OrganizationAuthAdminServiceServiceName = exports.ProfileServiceDefinition = exports.ProfileServiceClientImpl = exports.ProfileServiceServiceName = exports.AuthServiceDefinition = exports.AuthServiceClientImpl = exports.AuthServiceServiceName = exports.AuthError = exports.UpdateScimGroupMappingResponse = exports.UpdateScimGroupMappingRequest = exports.ListScimGroupMappingsResponse = exports.ListScimGroupMappingsRequest = exports.CancelScimTokenRotationResponse = exports.CancelScimTokenRotationRequest = exports.CompleteScimTokenRotationResponse = exports.CompleteScimTokenRotationRequest = exports.StartScimTokenRotationResponse = exports.StartScimTokenRotationRequest = exports.CreateScimConnectionResponse = exports.CreateScimConnectionRequest = exports.GetScimConnectionResponse = exports.GetScimConnectionRequest = exports.DeleteSsoConnectionResponse = exports.DeleteSsoConnectionRequest = exports.UpdateSsoConnectionResponse = exports.UpdateSsoConnectionRequest = exports.CreateSsoConnectionResponse = exports.CreateSsoConnectionRequest = exports.ListSsoConnectionsResponse = exports.ListSsoConnectionsRequest = exports.ListAuthorizationDecisionEventsResponse = exports.ListAuthorizationDecisionEventsRequest = exports.UpdateRbacPolicyResponse = exports.UpdateRbacPolicyRequest = exports.GetRbacPolicyResponse = exports.GetRbacPolicyRequest = exports.DeleteOrganizationTeamResponse = exports.DeleteOrganizationTeamRequest = exports.UpdateOrganizationTeamResponse = exports.UpdateOrganizationTeamRequest = exports.GetOrganizationTeamResponse = exports.GetOrganizationTeamRequest = exports.CreateOrganizationTeamResponse = exports.CreateOrganizationTeamRequest = exports.ListOrganizationTeamsResponse = exports.ListOrganizationTeamsRequest = exports.RevokeOrganizationMemberInviteResponse = exports.RevokeOrganizationMemberInviteRequest = exports.ResendOrganizationMemberInviteResponse = void 0;
10
+ exports.OrganizationAuthAdminServiceDefinition = void 0;
10
11
  /* eslint-disable */
11
12
  const wire_1 = require("@bufbuild/protobuf/wire");
12
13
  const struct_pb_1 = require("../../../google/protobuf/struct.pb");
@@ -5094,6 +5095,275 @@ exports.UpdateRbacPolicyResponse = {
5094
5095
  return message;
5095
5096
  },
5096
5097
  };
5098
+ function createBaseListAuthorizationDecisionEventsRequest() {
5099
+ return {
5100
+ organizationSlug: "",
5101
+ actingUserId: "",
5102
+ featureFlagKey: "",
5103
+ resourceId: "",
5104
+ action: "",
5105
+ decision: 0,
5106
+ pageSize: 0,
5107
+ pageToken: "",
5108
+ };
5109
+ }
5110
+ exports.ListAuthorizationDecisionEventsRequest = {
5111
+ encode(message, writer = new wire_1.BinaryWriter()) {
5112
+ if (message.organizationSlug !== "") {
5113
+ writer.uint32(10).string(message.organizationSlug);
5114
+ }
5115
+ if (message.actingUserId !== "") {
5116
+ writer.uint32(18).string(message.actingUserId);
5117
+ }
5118
+ if (message.featureFlagKey !== "") {
5119
+ writer.uint32(26).string(message.featureFlagKey);
5120
+ }
5121
+ if (message.resourceId !== "") {
5122
+ writer.uint32(34).string(message.resourceId);
5123
+ }
5124
+ if (message.action !== "") {
5125
+ writer.uint32(42).string(message.action);
5126
+ }
5127
+ if (message.decision !== 0) {
5128
+ writer.uint32(48).int32(message.decision);
5129
+ }
5130
+ if (message.pageSize !== 0) {
5131
+ writer.uint32(56).int32(message.pageSize);
5132
+ }
5133
+ if (message.pageToken !== "") {
5134
+ writer.uint32(66).string(message.pageToken);
5135
+ }
5136
+ return writer;
5137
+ },
5138
+ decode(input, length) {
5139
+ const reader = input instanceof wire_1.BinaryReader ? input : new wire_1.BinaryReader(input);
5140
+ const end = length === undefined ? reader.len : reader.pos + length;
5141
+ const message = createBaseListAuthorizationDecisionEventsRequest();
5142
+ while (reader.pos < end) {
5143
+ const tag = reader.uint32();
5144
+ switch (tag >>> 3) {
5145
+ case 1: {
5146
+ if (tag !== 10) {
5147
+ break;
5148
+ }
5149
+ message.organizationSlug = reader.string();
5150
+ continue;
5151
+ }
5152
+ case 2: {
5153
+ if (tag !== 18) {
5154
+ break;
5155
+ }
5156
+ message.actingUserId = reader.string();
5157
+ continue;
5158
+ }
5159
+ case 3: {
5160
+ if (tag !== 26) {
5161
+ break;
5162
+ }
5163
+ message.featureFlagKey = reader.string();
5164
+ continue;
5165
+ }
5166
+ case 4: {
5167
+ if (tag !== 34) {
5168
+ break;
5169
+ }
5170
+ message.resourceId = reader.string();
5171
+ continue;
5172
+ }
5173
+ case 5: {
5174
+ if (tag !== 42) {
5175
+ break;
5176
+ }
5177
+ message.action = reader.string();
5178
+ continue;
5179
+ }
5180
+ case 6: {
5181
+ if (tag !== 48) {
5182
+ break;
5183
+ }
5184
+ message.decision = reader.int32();
5185
+ continue;
5186
+ }
5187
+ case 7: {
5188
+ if (tag !== 56) {
5189
+ break;
5190
+ }
5191
+ message.pageSize = reader.int32();
5192
+ continue;
5193
+ }
5194
+ case 8: {
5195
+ if (tag !== 66) {
5196
+ break;
5197
+ }
5198
+ message.pageToken = reader.string();
5199
+ continue;
5200
+ }
5201
+ }
5202
+ if ((tag & 7) === 4 || tag === 0) {
5203
+ break;
5204
+ }
5205
+ reader.skip(tag & 7);
5206
+ }
5207
+ return message;
5208
+ },
5209
+ fromJSON(object) {
5210
+ return {
5211
+ organizationSlug: isSet(object.organizationSlug)
5212
+ ? globalThis.String(object.organizationSlug)
5213
+ : isSet(object.organization_slug)
5214
+ ? globalThis.String(object.organization_slug)
5215
+ : "",
5216
+ actingUserId: isSet(object.actingUserId)
5217
+ ? globalThis.String(object.actingUserId)
5218
+ : isSet(object.acting_user_id)
5219
+ ? globalThis.String(object.acting_user_id)
5220
+ : "",
5221
+ featureFlagKey: isSet(object.featureFlagKey)
5222
+ ? globalThis.String(object.featureFlagKey)
5223
+ : isSet(object.feature_flag_key)
5224
+ ? globalThis.String(object.feature_flag_key)
5225
+ : "",
5226
+ resourceId: isSet(object.resourceId)
5227
+ ? globalThis.String(object.resourceId)
5228
+ : isSet(object.resource_id)
5229
+ ? globalThis.String(object.resource_id)
5230
+ : "",
5231
+ action: isSet(object.action) ? globalThis.String(object.action) : "",
5232
+ decision: isSet(object.decision) ? (0, auth_pb_1.authorizationDecisionFromJSON)(object.decision) : 0,
5233
+ pageSize: isSet(object.pageSize)
5234
+ ? globalThis.Number(object.pageSize)
5235
+ : isSet(object.page_size)
5236
+ ? globalThis.Number(object.page_size)
5237
+ : 0,
5238
+ pageToken: isSet(object.pageToken)
5239
+ ? globalThis.String(object.pageToken)
5240
+ : isSet(object.page_token)
5241
+ ? globalThis.String(object.page_token)
5242
+ : "",
5243
+ };
5244
+ },
5245
+ toJSON(message) {
5246
+ const obj = {};
5247
+ if (message.organizationSlug !== "") {
5248
+ obj.organizationSlug = message.organizationSlug;
5249
+ }
5250
+ if (message.actingUserId !== "") {
5251
+ obj.actingUserId = message.actingUserId;
5252
+ }
5253
+ if (message.featureFlagKey !== "") {
5254
+ obj.featureFlagKey = message.featureFlagKey;
5255
+ }
5256
+ if (message.resourceId !== "") {
5257
+ obj.resourceId = message.resourceId;
5258
+ }
5259
+ if (message.action !== "") {
5260
+ obj.action = message.action;
5261
+ }
5262
+ if (message.decision !== 0) {
5263
+ obj.decision = (0, auth_pb_1.authorizationDecisionToJSON)(message.decision);
5264
+ }
5265
+ if (message.pageSize !== 0) {
5266
+ obj.pageSize = Math.round(message.pageSize);
5267
+ }
5268
+ if (message.pageToken !== "") {
5269
+ obj.pageToken = message.pageToken;
5270
+ }
5271
+ return obj;
5272
+ },
5273
+ create(base) {
5274
+ return exports.ListAuthorizationDecisionEventsRequest.fromPartial(base !== null && base !== void 0 ? base : {});
5275
+ },
5276
+ fromPartial(object) {
5277
+ var _a, _b, _c, _d, _e, _f, _g, _h;
5278
+ const message = createBaseListAuthorizationDecisionEventsRequest();
5279
+ message.organizationSlug = (_a = object.organizationSlug) !== null && _a !== void 0 ? _a : "";
5280
+ message.actingUserId = (_b = object.actingUserId) !== null && _b !== void 0 ? _b : "";
5281
+ message.featureFlagKey = (_c = object.featureFlagKey) !== null && _c !== void 0 ? _c : "";
5282
+ message.resourceId = (_d = object.resourceId) !== null && _d !== void 0 ? _d : "";
5283
+ message.action = (_e = object.action) !== null && _e !== void 0 ? _e : "";
5284
+ message.decision = (_f = object.decision) !== null && _f !== void 0 ? _f : 0;
5285
+ message.pageSize = (_g = object.pageSize) !== null && _g !== void 0 ? _g : 0;
5286
+ message.pageToken = (_h = object.pageToken) !== null && _h !== void 0 ? _h : "";
5287
+ return message;
5288
+ },
5289
+ };
5290
+ function createBaseListAuthorizationDecisionEventsResponse() {
5291
+ return { events: [], nextPageToken: "" };
5292
+ }
5293
+ exports.ListAuthorizationDecisionEventsResponse = {
5294
+ encode(message, writer = new wire_1.BinaryWriter()) {
5295
+ for (const v of message.events) {
5296
+ auth_pb_1.AuthorizationDecisionEvent.encode(v, writer.uint32(10).fork()).join();
5297
+ }
5298
+ if (message.nextPageToken !== "") {
5299
+ writer.uint32(18).string(message.nextPageToken);
5300
+ }
5301
+ return writer;
5302
+ },
5303
+ decode(input, length) {
5304
+ const reader = input instanceof wire_1.BinaryReader ? input : new wire_1.BinaryReader(input);
5305
+ const end = length === undefined ? reader.len : reader.pos + length;
5306
+ const message = createBaseListAuthorizationDecisionEventsResponse();
5307
+ while (reader.pos < end) {
5308
+ const tag = reader.uint32();
5309
+ switch (tag >>> 3) {
5310
+ case 1: {
5311
+ if (tag !== 10) {
5312
+ break;
5313
+ }
5314
+ message.events.push(auth_pb_1.AuthorizationDecisionEvent.decode(reader, reader.uint32()));
5315
+ continue;
5316
+ }
5317
+ case 2: {
5318
+ if (tag !== 18) {
5319
+ break;
5320
+ }
5321
+ message.nextPageToken = reader.string();
5322
+ continue;
5323
+ }
5324
+ }
5325
+ if ((tag & 7) === 4 || tag === 0) {
5326
+ break;
5327
+ }
5328
+ reader.skip(tag & 7);
5329
+ }
5330
+ return message;
5331
+ },
5332
+ fromJSON(object) {
5333
+ return {
5334
+ events: globalThis.Array.isArray(object === null || object === void 0 ? void 0 : object.events)
5335
+ ? object.events.map((e) => auth_pb_1.AuthorizationDecisionEvent.fromJSON(e))
5336
+ : [],
5337
+ nextPageToken: isSet(object.nextPageToken)
5338
+ ? globalThis.String(object.nextPageToken)
5339
+ : isSet(object.next_page_token)
5340
+ ? globalThis.String(object.next_page_token)
5341
+ : "",
5342
+ };
5343
+ },
5344
+ toJSON(message) {
5345
+ var _a;
5346
+ const obj = {};
5347
+ if ((_a = message.events) === null || _a === void 0 ? void 0 : _a.length) {
5348
+ obj.events = message.events.map((e) => auth_pb_1.AuthorizationDecisionEvent.toJSON(e));
5349
+ }
5350
+ if (message.nextPageToken !== "") {
5351
+ obj.nextPageToken = message.nextPageToken;
5352
+ }
5353
+ return obj;
5354
+ },
5355
+ create(base) {
5356
+ return exports.ListAuthorizationDecisionEventsResponse.fromPartial(base !== null && base !== void 0 ? base : {});
5357
+ },
5358
+ fromPartial(object) {
5359
+ var _a;
5360
+ var _b;
5361
+ const message = createBaseListAuthorizationDecisionEventsResponse();
5362
+ message.events = ((_a = object.events) === null || _a === void 0 ? void 0 : _a.map((e) => auth_pb_1.AuthorizationDecisionEvent.fromPartial(e))) || [];
5363
+ message.nextPageToken = (_b = object.nextPageToken) !== null && _b !== void 0 ? _b : "";
5364
+ return message;
5365
+ },
5366
+ };
5097
5367
  function createBaseListSsoConnectionsRequest() {
5098
5368
  return { organizationSlug: "" };
5099
5369
  }
@@ -7833,6 +8103,7 @@ class OrganizationAuthAdminServiceClientImpl {
7833
8103
  this.DeleteOrganizationTeam = this.DeleteOrganizationTeam.bind(this);
7834
8104
  this.GetRbacPolicy = this.GetRbacPolicy.bind(this);
7835
8105
  this.UpdateRbacPolicy = this.UpdateRbacPolicy.bind(this);
8106
+ this.ListAuthorizationDecisionEvents = this.ListAuthorizationDecisionEvents.bind(this);
7836
8107
  this.ListSsoConnections = this.ListSsoConnections.bind(this);
7837
8108
  this.CreateSsoConnection = this.CreateSsoConnection.bind(this);
7838
8109
  this.UpdateSsoConnection = this.UpdateSsoConnection.bind(this);
@@ -7920,6 +8191,11 @@ class OrganizationAuthAdminServiceClientImpl {
7920
8191
  const promise = this.rpc.request(this.service, "UpdateRbacPolicy", data);
7921
8192
  return promise.then((data) => exports.UpdateRbacPolicyResponse.decode(new wire_1.BinaryReader(data)));
7922
8193
  }
8194
+ ListAuthorizationDecisionEvents(request) {
8195
+ const data = exports.ListAuthorizationDecisionEventsRequest.encode(request).finish();
8196
+ const promise = this.rpc.request(this.service, "ListAuthorizationDecisionEvents", data);
8197
+ return promise.then((data) => exports.ListAuthorizationDecisionEventsResponse.decode(new wire_1.BinaryReader(data)));
8198
+ }
7923
8199
  ListSsoConnections(request) {
7924
8200
  const data = exports.ListSsoConnectionsRequest.encode(request).finish();
7925
8201
  const promise = this.rpc.request(this.service, "ListSsoConnections", data);
@@ -8981,6 +9257,80 @@ exports.OrganizationAuthAdminServiceDefinition = {
8981
9257
  },
8982
9258
  },
8983
9259
  },
9260
+ listAuthorizationDecisionEvents: {
9261
+ name: "ListAuthorizationDecisionEvents",
9262
+ requestType: exports.ListAuthorizationDecisionEventsRequest,
9263
+ requestStream: false,
9264
+ responseType: exports.ListAuthorizationDecisionEventsResponse,
9265
+ responseStream: false,
9266
+ options: {
9267
+ _unknownFields: {
9268
+ 578365826: [
9269
+ new Uint8Array([
9270
+ 58,
9271
+ 18,
9272
+ 56,
9273
+ 47,
9274
+ 118,
9275
+ 49,
9276
+ 47,
9277
+ 111,
9278
+ 114,
9279
+ 103,
9280
+ 47,
9281
+ 123,
9282
+ 111,
9283
+ 114,
9284
+ 103,
9285
+ 97,
9286
+ 110,
9287
+ 105,
9288
+ 122,
9289
+ 97,
9290
+ 116,
9291
+ 105,
9292
+ 111,
9293
+ 110,
9294
+ 95,
9295
+ 115,
9296
+ 108,
9297
+ 117,
9298
+ 103,
9299
+ 125,
9300
+ 47,
9301
+ 97,
9302
+ 117,
9303
+ 116,
9304
+ 104,
9305
+ 47,
9306
+ 97,
9307
+ 117,
9308
+ 116,
9309
+ 104,
9310
+ 111,
9311
+ 114,
9312
+ 105,
9313
+ 122,
9314
+ 97,
9315
+ 116,
9316
+ 105,
9317
+ 111,
9318
+ 110,
9319
+ 45,
9320
+ 100,
9321
+ 101,
9322
+ 99,
9323
+ 105,
9324
+ 115,
9325
+ 105,
9326
+ 111,
9327
+ 110,
9328
+ 115,
9329
+ ]),
9330
+ ],
9331
+ },
9332
+ },
9333
+ },
8984
9334
  listSsoConnections: {
8985
9335
  name: "ListSsoConnections",
8986
9336
  requestType: exports.ListSsoConnectionsRequest,
package/dist/weavesql/weavedb/auth_identity_sql.d.ts CHANGED
@@ -455,6 +455,87 @@ export interface InsertAuthAuditEventArgs {
455
455
  metadata: any;
456
456
  }
457
457
  export declare function insertAuthAuditEvent(client: Client, args: InsertAuthAuditEventArgs): Promise<void>;
458
+ export declare const insertAuthorizationDecisionEventQuery = "-- name: InsertAuthorizationDecisionEvent :one\nINSERT INTO weave.authorization_decision_events (\n organization_id,\n acting_user_id,\n actor_organization_membership_id,\n actor_identity_link_id,\n rbac_role_ids,\n org_team_ids,\n platform_grant_ids,\n support_access_session_id,\n feature_flag_key,\n feature_flag_provider,\n feature_flag_variant,\n resource_id,\n resource_instance_id,\n action,\n decision,\n reason_code,\n safe_message,\n used_support_elevation,\n metadata\n) VALUES (\n $1,\n $2::uuid,\n $3::uuid,\n $4::uuid,\n $5,\n $6,\n $7,\n $8::uuid,\n $9,\n $10,\n $11,\n $12,\n $13,\n $14,\n $15,\n $16,\n $17,\n $18,\n $19\n)\nRETURNING\n id,\n organization_id,\n acting_user_id,\n actor_organization_membership_id,\n actor_identity_link_id,\n rbac_role_ids,\n org_team_ids,\n platform_grant_ids,\n support_access_session_id,\n feature_flag_key,\n feature_flag_provider,\n feature_flag_variant,\n resource_id,\n resource_instance_id,\n action,\n decision,\n reason_code,\n safe_message,\n used_support_elevation,\n metadata,\n created_at";
459
+ export interface InsertAuthorizationDecisionEventArgs {
460
+ organizationId: string;
461
+ actingUserId: string | null;
462
+ actorOrganizationMembershipId: string | null;
463
+ actorIdentityLinkId: string | null;
464
+ rbacRoleIds: string[];
465
+ orgTeamIds: string[];
466
+ platformGrantIds: string[];
467
+ supportAccessSessionId: string | null;
468
+ featureFlagKey: string;
469
+ featureFlagProvider: string;
470
+ featureFlagVariant: string;
471
+ resourceId: string;
472
+ resourceInstanceId: string;
473
+ action: string;
474
+ decision: string;
475
+ reasonCode: string;
476
+ safeMessage: string;
477
+ usedSupportElevation: boolean;
478
+ metadata: any;
479
+ }
480
+ export interface InsertAuthorizationDecisionEventRow {
481
+ id: string;
482
+ organizationId: string;
483
+ actingUserId: string | null;
484
+ actorOrganizationMembershipId: string | null;
485
+ actorIdentityLinkId: string | null;
486
+ rbacRoleIds: string[];
487
+ orgTeamIds: string[];
488
+ platformGrantIds: string[];
489
+ supportAccessSessionId: string | null;
490
+ featureFlagKey: string;
491
+ featureFlagProvider: string;
492
+ featureFlagVariant: string;
493
+ resourceId: string;
494
+ resourceInstanceId: string;
495
+ action: string;
496
+ decision: string;
497
+ reasonCode: string;
498
+ safeMessage: string;
499
+ usedSupportElevation: boolean;
500
+ metadata: any;
501
+ createdAt: Date;
502
+ }
503
+ export declare function insertAuthorizationDecisionEvent(client: Client, args: InsertAuthorizationDecisionEventArgs): Promise<InsertAuthorizationDecisionEventRow | null>;
504
+ export declare const listAuthorizationDecisionEventsByOrganizationQuery = "-- name: ListAuthorizationDecisionEventsByOrganization :many\nSELECT\n id,\n organization_id,\n acting_user_id,\n actor_organization_membership_id,\n actor_identity_link_id,\n rbac_role_ids,\n org_team_ids,\n platform_grant_ids,\n support_access_session_id,\n feature_flag_key,\n feature_flag_provider,\n feature_flag_variant,\n resource_id,\n resource_instance_id,\n action,\n decision,\n reason_code,\n safe_message,\n used_support_elevation,\n metadata,\n created_at\nFROM weave.authorization_decision_events\nWHERE organization_id = $1\n AND (\n $2::uuid IS NULL\n OR acting_user_id = $2::uuid\n )\n AND (\n $3::text IS NULL\n OR feature_flag_key = $3::text\n )\n AND (\n $4::text IS NULL\n OR resource_id = $4::text\n )\n AND (\n $5::text IS NULL\n OR action = $5::text\n )\n AND (\n $6::text IS NULL\n OR decision = $6::text\n )\nORDER BY created_at DESC, id DESC\nLIMIT $8 OFFSET $7";
505
+ export interface ListAuthorizationDecisionEventsByOrganizationArgs {
506
+ organizationId: string;
507
+ actingUserId: string | null;
508
+ featureFlagKey: string | null;
509
+ resourceId: string | null;
510
+ action: string | null;
511
+ decision: string | null;
512
+ pageOffset: string;
513
+ pageSize: string;
514
+ }
515
+ export interface ListAuthorizationDecisionEventsByOrganizationRow {
516
+ id: string;
517
+ organizationId: string;
518
+ actingUserId: string | null;
519
+ actorOrganizationMembershipId: string | null;
520
+ actorIdentityLinkId: string | null;
521
+ rbacRoleIds: string[];
522
+ orgTeamIds: string[];
523
+ platformGrantIds: string[];
524
+ supportAccessSessionId: string | null;
525
+ featureFlagKey: string;
526
+ featureFlagProvider: string;
527
+ featureFlagVariant: string;
528
+ resourceId: string;
529
+ resourceInstanceId: string;
530
+ action: string;
531
+ decision: string;
532
+ reasonCode: string;
533
+ safeMessage: string;
534
+ usedSupportElevation: boolean;
535
+ metadata: any;
536
+ createdAt: Date;
537
+ }
538
+ export declare function listAuthorizationDecisionEventsByOrganization(client: Client, args: ListAuthorizationDecisionEventsByOrganizationArgs): Promise<ListAuthorizationDecisionEventsByOrganizationRow[]>;
458
539
  export declare const createApplicationSessionQuery = "-- name: CreateApplicationSession :one\nINSERT INTO weave.application_sessions (\n user_id,\n active_organization_id,\n expires_at\n) VALUES (\n $1,\n $2,\n $3\n)\nRETURNING\n id,\n user_id,\n active_organization_id,\n status,\n expires_at,\n revoked_at,\n created_at,\n updated_at";
459
540
  export interface CreateApplicationSessionArgs {
460
541
  userId: string;
package/dist/weavesql/weavedb/auth_identity_sql.js CHANGED
@@ -1,7 +1,7 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.deleteOrgTeamQuery = exports.updateOrgTeamQuery = exports.listOrgTeamsQuery = exports.getOrgTeamQuery = exports.createOrgTeamQuery = exports.deleteExpiredAuthInviteSessionsQuery = exports.revokeAuthInviteSessionsByMemberQuery = exports.markAuthInviteSessionRecoveryRequiredQuery = exports.markAuthInviteSessionCompletedQuery = exports.setAuthInviteSessionOAuthStateQuery = exports.getAuthInviteSessionQuery = exports.createAuthInviteSessionQuery = exports.deleteExpiredApplicationSessionsQuery = exports.markApplicationSessionOrganizationSessionStateQuery = exports.listApplicationSessionOrganizationSessionStatesQuery = exports.getApplicationSessionOrganizationSessionQuery = exports.upsertApplicationSessionOrganizationSessionQuery = exports.revokeApplicationSessionQuery = exports.setApplicationSessionActiveOrganizationQuery = exports.getApplicationSessionQuery = exports.createApplicationSessionQuery = exports.insertAuthAuditEventQuery = exports.endSupportAccessSessionQuery = exports.createSupportAccessSessionQuery = exports.createPlatformAdminGrantQuery = exports.listActivePlatformAdminGrantsForUserQuery = exports.getOrganizationMemberAdminRecordQuery = exports.listOrganizationMembersQuery = exports.listOrganizationMembershipsForUserQuery = exports.getOrganizationMembershipQuery = exports.upsertOrganizationMembershipQuery = exports.upsertOrganizationAuthLinkQuery = exports.getOrganizationAuthLinkByOrganizationIDQuery = exports.getOrganizationAuthLinkByStytchIDQuery = exports.upsertIdentityLinkQuery = exports.getIdentityLinkByStytchMemberQuery = exports.getUserProfileQuery = exports.upsertUserProfileQuery = exports.deleteOrganizationAuthDomainQuery = exports.listOrganizationAuthDomainsQuery = exports.upsertOrganizationAuthDomainQuery = exports.resolvePrimaryOrganizationAuthLinkByDomainQuery = exports.updateUserProfileThemeQuery = exports.setUserOrganizationPagePositionQuery = exports.setUserLastOrganizationQuery = exports.getUserAuthPreferencesQuery = exports.getUserPrimaryOrganizationAuthLinkQuery = exports.setUserPrimaryOrganizationQuery = exports.getUserByIDQuery = exports.createUserQuery = void 0;
4
- exports.deleteOrgTeamMembershipsForOrganizationMemberQuery = exports.listEffectiveOrganizationRoleIDsQuery = exports.listOrgTeamRoleGrantsQuery = exports.listOrgTeamMembersQuery = exports.addOrgTeamRoleGrantQuery = exports.deleteOrgTeamRoleGrantsQuery = exports.addOrgTeamMembershipQuery = exports.deleteOrgTeamMembershipsQuery = void 0;
3
+ exports.listOrgTeamsQuery = exports.getOrgTeamQuery = exports.createOrgTeamQuery = exports.deleteExpiredAuthInviteSessionsQuery = exports.revokeAuthInviteSessionsByMemberQuery = exports.markAuthInviteSessionRecoveryRequiredQuery = exports.markAuthInviteSessionCompletedQuery = exports.setAuthInviteSessionOAuthStateQuery = exports.getAuthInviteSessionQuery = exports.createAuthInviteSessionQuery = exports.deleteExpiredApplicationSessionsQuery = exports.markApplicationSessionOrganizationSessionStateQuery = exports.listApplicationSessionOrganizationSessionStatesQuery = exports.getApplicationSessionOrganizationSessionQuery = exports.upsertApplicationSessionOrganizationSessionQuery = exports.revokeApplicationSessionQuery = exports.setApplicationSessionActiveOrganizationQuery = exports.getApplicationSessionQuery = exports.createApplicationSessionQuery = exports.listAuthorizationDecisionEventsByOrganizationQuery = exports.insertAuthorizationDecisionEventQuery = exports.insertAuthAuditEventQuery = exports.endSupportAccessSessionQuery = exports.createSupportAccessSessionQuery = exports.createPlatformAdminGrantQuery = exports.listActivePlatformAdminGrantsForUserQuery = exports.getOrganizationMemberAdminRecordQuery = exports.listOrganizationMembersQuery = exports.listOrganizationMembershipsForUserQuery = exports.getOrganizationMembershipQuery = exports.upsertOrganizationMembershipQuery = exports.upsertOrganizationAuthLinkQuery = exports.getOrganizationAuthLinkByOrganizationIDQuery = exports.getOrganizationAuthLinkByStytchIDQuery = exports.upsertIdentityLinkQuery = exports.getIdentityLinkByStytchMemberQuery = exports.getUserProfileQuery = exports.upsertUserProfileQuery = exports.deleteOrganizationAuthDomainQuery = exports.listOrganizationAuthDomainsQuery = exports.upsertOrganizationAuthDomainQuery = exports.resolvePrimaryOrganizationAuthLinkByDomainQuery = exports.updateUserProfileThemeQuery = exports.setUserOrganizationPagePositionQuery = exports.setUserLastOrganizationQuery = exports.getUserAuthPreferencesQuery = exports.getUserPrimaryOrganizationAuthLinkQuery = exports.setUserPrimaryOrganizationQuery = exports.getUserByIDQuery = exports.createUserQuery = void 0;
4
+ exports.deleteOrgTeamMembershipsForOrganizationMemberQuery = exports.listEffectiveOrganizationRoleIDsQuery = exports.listOrgTeamRoleGrantsQuery = exports.listOrgTeamMembersQuery = exports.addOrgTeamRoleGrantQuery = exports.deleteOrgTeamRoleGrantsQuery = exports.addOrgTeamMembershipQuery = exports.deleteOrgTeamMembershipsQuery = exports.deleteOrgTeamQuery = exports.updateOrgTeamQuery = void 0;
5
5
  exports.createUser = createUser;
6
6
  exports.getUserByID = getUserByID;
7
7
  exports.setUserPrimaryOrganization = setUserPrimaryOrganization;
@@ -29,6 +29,8 @@ exports.listActivePlatformAdminGrantsForUser = listActivePlatformAdminGrantsForU
29
29
  exports.createPlatformAdminGrant = createPlatformAdminGrant;
30
30
  exports.createSupportAccessSession = createSupportAccessSession;
31
31
  exports.insertAuthAuditEvent = insertAuthAuditEvent;
32
+ exports.insertAuthorizationDecisionEvent = insertAuthorizationDecisionEvent;
33
+ exports.listAuthorizationDecisionEventsByOrganization = listAuthorizationDecisionEventsByOrganization;
32
34
  exports.createApplicationSession = createApplicationSession;
33
35
  exports.getApplicationSession = getApplicationSession;
34
36
  exports.setApplicationSessionActiveOrganization = setApplicationSessionActiveOrganization;
@@ -1117,6 +1119,183 @@ async function insertAuthAuditEvent(client, args) {
1117
1119
  rowMode: "array"
1118
1120
  });
1119
1121
  }
1122
+ exports.insertAuthorizationDecisionEventQuery = `-- name: InsertAuthorizationDecisionEvent :one
1123
+ INSERT INTO weave.authorization_decision_events (
1124
+ organization_id,
1125
+ acting_user_id,
1126
+ actor_organization_membership_id,
1127
+ actor_identity_link_id,
1128
+ rbac_role_ids,
1129
+ org_team_ids,
1130
+ platform_grant_ids,
1131
+ support_access_session_id,
1132
+ feature_flag_key,
1133
+ feature_flag_provider,
1134
+ feature_flag_variant,
1135
+ resource_id,
1136
+ resource_instance_id,
1137
+ action,
1138
+ decision,
1139
+ reason_code,
1140
+ safe_message,
1141
+ used_support_elevation,
1142
+ metadata
1143
+ ) VALUES (
1144
+ $1,
1145
+ $2::uuid,
1146
+ $3::uuid,
1147
+ $4::uuid,
1148
+ $5,
1149
+ $6,
1150
+ $7,
1151
+ $8::uuid,
1152
+ $9,
1153
+ $10,
1154
+ $11,
1155
+ $12,
1156
+ $13,
1157
+ $14,
1158
+ $15,
1159
+ $16,
1160
+ $17,
1161
+ $18,
1162
+ $19
1163
+ )
1164
+ RETURNING
1165
+ id,
1166
+ organization_id,
1167
+ acting_user_id,
1168
+ actor_organization_membership_id,
1169
+ actor_identity_link_id,
1170
+ rbac_role_ids,
1171
+ org_team_ids,
1172
+ platform_grant_ids,
1173
+ support_access_session_id,
1174
+ feature_flag_key,
1175
+ feature_flag_provider,
1176
+ feature_flag_variant,
1177
+ resource_id,
1178
+ resource_instance_id,
1179
+ action,
1180
+ decision,
1181
+ reason_code,
1182
+ safe_message,
1183
+ used_support_elevation,
1184
+ metadata,
1185
+ created_at`;
1186
+ async function insertAuthorizationDecisionEvent(client, args) {
1187
+ const result = await client.query({
1188
+ text: exports.insertAuthorizationDecisionEventQuery,
1189
+ values: [args.organizationId, args.actingUserId, args.actorOrganizationMembershipId, args.actorIdentityLinkId, args.rbacRoleIds, args.orgTeamIds, args.platformGrantIds, args.supportAccessSessionId, args.featureFlagKey, args.featureFlagProvider, args.featureFlagVariant, args.resourceId, args.resourceInstanceId, args.action, args.decision, args.reasonCode, args.safeMessage, args.usedSupportElevation, args.metadata],
1190
+ rowMode: "array"
1191
+ });
1192
+ if (result.rows.length !== 1) {
1193
+ return null;
1194
+ }
1195
+ const row = result.rows[0];
1196
+ return {
1197
+ id: row[0],
1198
+ organizationId: row[1],
1199
+ actingUserId: row[2],
1200
+ actorOrganizationMembershipId: row[3],
1201
+ actorIdentityLinkId: row[4],
1202
+ rbacRoleIds: row[5],
1203
+ orgTeamIds: row[6],
1204
+ platformGrantIds: row[7],
1205
+ supportAccessSessionId: row[8],
1206
+ featureFlagKey: row[9],
1207
+ featureFlagProvider: row[10],
1208
+ featureFlagVariant: row[11],
1209
+ resourceId: row[12],
1210
+ resourceInstanceId: row[13],
1211
+ action: row[14],
1212
+ decision: row[15],
1213
+ reasonCode: row[16],
1214
+ safeMessage: row[17],
1215
+ usedSupportElevation: row[18],
1216
+ metadata: row[19],
1217
+ createdAt: row[20]
1218
+ };
1219
+ }
1220
+ exports.listAuthorizationDecisionEventsByOrganizationQuery = `-- name: ListAuthorizationDecisionEventsByOrganization :many
1221
+ SELECT
1222
+ id,
1223
+ organization_id,
1224
+ acting_user_id,
1225
+ actor_organization_membership_id,
1226
+ actor_identity_link_id,
1227
+ rbac_role_ids,
1228
+ org_team_ids,
1229
+ platform_grant_ids,
1230
+ support_access_session_id,
1231
+ feature_flag_key,
1232
+ feature_flag_provider,
1233
+ feature_flag_variant,
1234
+ resource_id,
1235
+ resource_instance_id,
1236
+ action,
1237
+ decision,
1238
+ reason_code,
1239
+ safe_message,
1240
+ used_support_elevation,
1241
+ metadata,
1242
+ created_at
1243
+ FROM weave.authorization_decision_events
1244
+ WHERE organization_id = $1
1245
+ AND (
1246
+ $2::uuid IS NULL
1247
+ OR acting_user_id = $2::uuid
1248
+ )
1249
+ AND (
1250
+ $3::text IS NULL
1251
+ OR feature_flag_key = $3::text
1252
+ )
1253
+ AND (
1254
+ $4::text IS NULL
1255
+ OR resource_id = $4::text
1256
+ )
1257
+ AND (
1258
+ $5::text IS NULL
1259
+ OR action = $5::text
1260
+ )
1261
+ AND (
1262
+ $6::text IS NULL
1263
+ OR decision = $6::text
1264
+ )
1265
+ ORDER BY created_at DESC, id DESC
1266
+ LIMIT $8 OFFSET $7`;
1267
+ async function listAuthorizationDecisionEventsByOrganization(client, args) {
1268
+ const result = await client.query({
1269
+ text: exports.listAuthorizationDecisionEventsByOrganizationQuery,
1270
+ values: [args.organizationId, args.actingUserId, args.featureFlagKey, args.resourceId, args.action, args.decision, args.pageOffset, args.pageSize],
1271
+ rowMode: "array"
1272
+ });
1273
+ return result.rows.map(row => {
1274
+ return {
1275
+ id: row[0],
1276
+ organizationId: row[1],
1277
+ actingUserId: row[2],
1278
+ actorOrganizationMembershipId: row[3],
1279
+ actorIdentityLinkId: row[4],
1280
+ rbacRoleIds: row[5],
1281
+ orgTeamIds: row[6],
1282
+ platformGrantIds: row[7],
1283
+ supportAccessSessionId: row[8],
1284
+ featureFlagKey: row[9],
1285
+ featureFlagProvider: row[10],
1286
+ featureFlagVariant: row[11],
1287
+ resourceId: row[12],
1288
+ resourceInstanceId: row[13],
1289
+ action: row[14],
1290
+ decision: row[15],
1291
+ reasonCode: row[16],
1292
+ safeMessage: row[17],
1293
+ usedSupportElevation: row[18],
1294
+ metadata: row[19],
1295
+ createdAt: row[20]
1296
+ };
1297
+ });
1298
+ }
1120
1299
  exports.createApplicationSessionQuery = `-- name: CreateApplicationSession :one
1121
1300
  INSERT INTO weave.application_sessions (
1122
1301
  user_id,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "weave-typescript",
3
- "version": "0.42.8",
3
+ "version": "0.43.0",
4
4
  "main": "dist/index.js",
5
5
  "types": "dist/index.d.ts",
6
6
  "files": [