8000 Merge dev into feature/stack-companion · stack-auth/stack-auth@c5859c4 · GitHub
[go: up one dir, main page]
Skip to content

Commit c5859c4

Browse files
N2D4N2D4
authored
Merge dev into feature/stack-companion
2 parents 318e9b6 + 34a4658 commit c5859c4

File tree

54 files changed

+842
-181
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

54 files changed

+842
-181
lines changed

apps/backend/CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,13 @@
11
# @stackframe/stack-backend
22

3+
## 2.8.29
4+
5+
### Patch Changes
6+
7+
- Various changes
8+
- Updated dependencies
9+
- @stackframe/stack-shared@2.8.29
10+
311
## 2.8.28
412

513
### Patch Changes

apps/backend/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@stackframe/stack-backend",
3-
"version": "2.8.28",
3+
"version": "2.8.29",
44
"private": true,
55
"scripts": {
66
"clean": "rimraf src/generated && rimraf .next && rimraf node_modules",

apps/backend/src/lib/config.tsx

Lines changed: 17 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import { Prisma } from "@prisma/client";
22
import { Config, getInvalidConfigReason, normalize, override } from "@stackframe/stack-shared/dist/config/format";
3-
import { BranchConfigOverride, BranchConfigOverrideOverride, BranchIncompleteConfig, BranchRenderedConfig, EnvironmentConfigOverride, EnvironmentConfigOverrideOverride, EnvironmentIncompleteConfig, EnvironmentRenderedConfig, OrganizationConfigOverride, OrganizationConfigOverrideOverride, OrganizationIncompleteConfig, OrganizationRenderedConfig, ProjectConfigOverride, ProjectConfigOverrideOverride, ProjectIncompleteConfig, ProjectRenderedConfig, applyBranchDefaults, applyEnvironmentDefaults, applyOrganizationDefaults, applyProjectDefaults, assertNoConfigOverrideErrors, branchConfigSchema, environmentConfigSchema, getConfigOverrideErrors, getIncompleteConfigWarnings, migrateConfigOverride, organizationConfigSchema, projectConfigSchema, sanitizeBranchConfig, sanitizeEnvironmentConfig, sanitizeOrganizationConfig, sanitizeProjectConfig } from "@stackframe/stack-shared/dist/config/schema";
3+
import { BranchConfigOverride, BranchConfigOverrideOverride, BranchIncompleteConfig, BranchRenderedConfig, CompleteConfig, EnvironmentConfigOverride, EnvironmentConfigOverrideOverride, EnvironmentIncompleteConfig, EnvironmentRenderedConfig, OrganizationConfigOverride, OrganizationConfigOverrideOverride, OrganizationIncompleteConfig, ProjectConfigOverride, ProjectConfigOverrideOverride, ProjectIncompleteConfig, ProjectRenderedConfig, applyBranchDefaults, applyEnvironmentDefaults, applyOrganizationDefaults, applyProjectDefaults, assertNoConfigOverrideErrors, branchConfigSchema, environmentConfigSchema, getConfigOverrideErrors, getIncompleteConfigWarnings, migrateConfigOverride, organizationConfigSchema, projectConfigSchema, sanitizeBranchConfig, sanitizeEnvironmentConfig, sanitizeOrganizationConfig, sanitizeProjectConfig } from "@stackframe/stack-shared/dist/config/schema";
44
import { ProjectsCrud } from "@stackframe/stack-shared/dist/interface/crud/projects";
55
import { yupBoolean, yupMixed, yupObject, yupRecord, yupString, yupUnion } from "@stackframe/stack-shared/dist/schema-fields";
66
import { isTruthy } from "@stackframe/stack-shared/dist/utils/booleans";
@@ -9,7 +9,8 @@ import { filterUndefined, typedEntries } from "@stackframe/stack-shared/dist/uti
99
import { Result } from "@stackframe/stack-shared/dist/utils/results";
1010
import { deindent, stringCompare } from "@stackframe/stack-shared/dist/utils/strings";
1111
import * as yup from "yup";
12-
import { PrismaClientTransaction, RawQuery, globalPrismaClient, rawQuery } from "../prisma-client";
12+
import { RawQuery, globalPrismaClient, rawQuery } from "../prisma-client";
13+
import { listPermissionDefinitionsFromConfig } from "./permissions";
1314
import { DEFAULT_BRANCH_ID } from "./tenancies";
1415

1516
type ProjectOptions = { projectId: string };
@@ -46,7 +47,7 @@ export function getRenderedEnvironmentConfigQuery(options: EnvironmentOptions):
4647
);
4748
}
4849

49-
export function getRenderedOrganizationConfigQuery(options: OrganizationOptions): RawQuery<Promise<OrganizationRenderedConfig>> {
50+
export function getRenderedOrganizationConfigQuery(options: OrganizationOptions): RawQuery<Promise<CompleteConfig>> {
5051
return RawQuery.then(
5152
getIncompleteOrganizationConfigQuery(options),
5253
async (incompleteConfig) => await sanitizeOrganizationConfig(normalize(applyOrganizationDefaults(await incompleteConfig), { onDotIntoNonObject: "ignore" }) as any),
@@ -469,7 +470,7 @@ import.meta.vitest?.test('_validateConfigOverrideSchemaImpl(...)', async ({ expe
469470
// ---------------------------------------------------------------------------------------------------------------------
470471

471472
// C -> A
472-
export const renderedOrganizationConfigToProjectCrud = (renderedConfig: OrganizationRenderedConfig): ProjectsCrud["Admin"]["Read"]['config'] => {
473+
export const renderedOrganizationConfigToProjectCrud = (renderedConfig: CompleteConfig): ProjectsCrud["Admin"]["Read"]['config'] => {
473474
const oauthProviders = typedEntries(renderedConfig.auth.oauth.providers)
474475
.map(([oauthProviderId, oauthProvider]) => {
475476
if (!oauthProvider.type) {
@@ -491,6 +492,15 @@ export const renderedOrganizationConfigToProjectCrud = (renderedConfig: Organiza
491492
.filter(isTruthy)
492493
.sort((a, b) => stringCompare(a.id, b.id));
493494

495+
const teamPermissionDefinitions = listPermissionDefinitionsFromConfig({
496+
config: renderedConfig,
497+
scope: "team",
498+
});
499+
const projectPermissionDefinitions = listPermissionDefinitionsFromConfig({
500+
config: renderedConfig,
501+
scope: "project",
502+
});
503+
494504
return {
495505
allow_localhost: renderedConfig.domains.allowLocalhost,
496506
client_team_creation_enabled: renderedConfig.teams.allowClientTeamCreation,
@@ -527,15 +537,15 @@ export const renderedOrganizationConfigToProjectCrud = (renderedConfig: Organiza
527537
email_theme: renderedConfig.emails.selectedThemeId,
528538

529539
team_creator_default_permissions: typedEntries(renderedConfig.rbac.defaultPermissions.teamCreator)
530-
.filter(([_, perm]) => perm)
540+
.filter(([id, perm]) => perm && teamPermissionDefinitions.some((p) => p.id === id))
531541
.map(([id, perm]) => ({ id }))
532542
.sort((a, b) => stringCompare(a.id, b.id)),
533543
team_member_default_permissions: typedEntries(renderedConfig.rbac.defaultPermissions.teamMember)
534-
.filter(([_, perm]) => perm)
544+
.filter(([id, perm]) => perm && teamPermissionDefinitions.some((p) => p.id === id))
535545
.map(([id, perm]) => ({ id }))
536546
.sort((a, b) => stringCompare(a.id, b.id)),
537547
user_default_permissions: typedEntries(renderedConfig.rbac.defaultPermissions.signUp)
538-
.filter(([_, perm]) => perm)
548+
.filter(([id, perm]) => perm && projectPermissionDefinitions.some((p) => p.id === id))
539549
.map(([id, perm]) => ({ id }))
540550
.sort((a, b) => stringCompare(a.id, b.id)),
541551

apps/backend/src/lib/permissions.tsx

Lines changed: 21 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
import { KnownErrors } from "@stackframe/stack-shared";
2-
import { OrganizationRenderedConfig } from "@stackframe/stack-shared/dist/config/schema";
2+
import { CompleteConfig } from "@stackframe/stack-shared/dist/config/schema";
33
import { ProjectPermissionsCrud } from "@stackframe/stack-shared/dist/interface/crud/project-permissions";
44
import { TeamPermissionDefinitionsCrud, TeamPermissionsCrud } from "@stackframe/stack-shared/dist/interface/crud/team-permissions";
55
import { groupBy } from "@stackframe/stack-shared/dist/utils/arrays";
@@ -158,15 +158,13 @@ export async function revokeTeamPermission(
158158
});
159159
}
160160

161-
export async function listPermissionDefinitions(
161+
export function listPermissionDefinitionsFromConfig(
162162
options: {
163+
config: CompleteConfig,
163164
scope: "team" | "project",
164-
tenancy: Tenancy,
165-
}
166-
): Promise<(TeamPermissionDefinitionsCrud["Admin"]["Read"])[]> {
167-
const renderedConfig = options.tenancy.config;
168-
169-
const permissions = typedEntries(renderedConfig.rbac.permissions).filter(([_, p]) => p.scope === options.scope);
165+
},
166+
) {
167+
const permissions = typedEntries(options.config.rbac.permissions).filter(([_, p]) => p.scope === options.scope);
170168

171169
return [
172170
...permissions.map(([id, p]) => ({
@@ -182,6 +180,18 @@ export async function listPermissionDefinitions(
182180
].sort((a, b) => stringCompare(a.id, b.id));
183181
}
184182

183+
export async function listPermissionDefinitions(
184+
options: {
185+
scope: "team" | "project",
186+
tenancy: Tenancy,
187+
}
188+
): Promise<(TeamPermissionDefinitionsCrud["Admin"]["Read"])[]> {
189+
return listPermissionDefinitionsFromConfig({
190+
config: options.tenancy.config,
191+
scope: options.scope,
192+
});
193+
}
194+
185195
export async function createPermissionDefinition(
186196
globalTx: PrismaTransaction,
187197
options: {
@@ -196,7 +206,7 @@ export async function createPermissionDefinition(
196206
) {
197207
const oldConfig = options.tenancy.config;
198208

199-
const existingPermission = oldConfig.rbac.permissions[options.data.id] as OrganizationRenderedConfig['rbac']['permissions'][string] | undefined;
209+
const existingPermission = oldConfig.rbac.permissions[options.data.id] as CompleteConfig['rbac']['permissions'][string] | undefined;
200210
const allIds = Object.keys(oldConfig.rbac.permissions)
201211
.filter(id => oldConfig.rbac.permissions[id].scope === options.scope)
202212
.concat(Object.keys(options.scope === "team" ? teamSystemPermissionMap : {}));
@@ -249,7 +259,7 @@ export async function updatePermissionDefinition(
249259
const newId = options.data.id ?? options.oldId;
250260
const oldConfig = options.tenancy.config;
251261

252-
const existingPermission = oldConfig.rbac.permissions[options.oldId] as OrganizationRenderedConfig['rbac']['permissions'][string] | undefined;
262+
const existingPermission = oldConfig.rbac.permissions[options.oldId] as CompleteConfig['rbac']['permissions'][string] | undefined;
253263

254264
if (!existingPermission) {
255265
throw new KnownErrors.PermissionNotFound(options.oldId);
@@ -335,7 +345,7 @@ export async function deletePermissionDefinition(
335345
) {
336346
const oldConfig = options.tenancy.config;
337347

338-
const existingPermission = oldConfig.rbac.permissions[options.permissionId] as OrganizationRenderedConfig['rbac']['permissions'][string] | undefined;
348+
const existingPermission = oldConfig.rbac.permissions[options.permissionId] as CompleteConfig['rbac']['permissions'][string] | undefined;
339349

340350
if (!existingPermission || existingPermission.scope !== options.scope) {
341351
throw new KnownErrors.PermissionNotFound(options.permissionId);

apps/backend/src/lib/projects.tsx

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import { Prisma } from "@prisma/client";
22
import { KnownErrors } from "@stackframe/stack-shared";
3-
import { EnvironmentConfigOverrideOverride, OrganizationRenderedConfig, ProjectConfigOverrideOverride } from "@stackframe/stack-shared/dist/config/schema";
3+
import { CompleteConfig, EnvironmentConfigOverrideOverride, ProjectConfigOverrideOverride } from "@stackframe/stack-shared/dist/config/schema";
44
import { AdminUserProjectsCrud, ProjectsCrud } from "@stackframe/stack-shared/dist/interface/crud/projects";
55
import { UsersCrud } from "@stackframe/stack-shared/dist/interface/crud/users";
66
import { getEnvVariable } from "@stackframe/stack-shared/dist/utils/env";
@@ -158,7 +158,7 @@ export async function createOrUpdateProjectWithLegacyConfig(
158158
microsoftTenantId: provider.microsoft_tenant_id,
159159
allowSignIn: true,
160160
allowConnectedAccounts: true,
161-
} satisfies OrganizationRenderedConfig['auth']['oauth']['providers'][string]
161+
} satisfies CompleteConfig['auth']['oauth']['providers'][string]
162162
];
163163
})) : undefined,
164164
// ======================= users =======================
@@ -174,7 +174,7 @@ export async function createOrUpdateProjectWithLegacyConfig(
174174
{
175175
baseUrl: domain.domain,
176176
handlerPath: domain.handler_path,
177-
} satisfies OrganizationRenderedConfig['domains']['trustedDomains'][string],
177+
} satisfies CompleteConfig['domains']['trustedDomains'][string],
178178
];
179179
})) : undefined,
180180
// ======================= api keys =======================
@@ -189,7 +189,7 @@ export async function createOrUpdateProjectWithLegacyConfig(
189189
password: dataOptions.email_config.password,
190190
senderName: dataOptions.email_config.sender_name,
191191
senderEmail: dataOptions.email_config.sender_email,
192-
} satisfies OrganizationRenderedConfig['emails']['server'] : undefined,
192+
} satisfies CompleteConfig['emails']['server'] : undefined,
193193
'emails.selectedThemeId': dataOptions.email_theme,
194194
// ======================= rbac =======================
195195
'rbac.defaultPermissions.teamMember': translateDefaultPermissions(dataOptions.team_member_default_permissions),
@@ -205,7 +205,7 @@ export async function createOrUpdateProjectWithLegacyConfig(
205205
'$read_members': true,
206206
'$invite_members': true,
207207
},
208-
} satisfies OrganizationRenderedConfig['rbac']['permissions'][string];
208+
} satisfies CompleteConfig['rbac']['permissions'][string];
209209
configOverrideOverride['rbac.permissions.team_admin'] ??= {
210210
description: "Default permission for team admins",
211211
scope: "team",
@@ -217,7 +217,7 @@ export async function createOrUpdateProjectWithLegacyConfig(
217217
'$invite_members': true,
218218
'$manage_api_keys': true,
219219
},
220-
} satisfies OrganizationRenderedConfig['rbac']['permissions'][string];
220+
} satisfies CompleteConfig['rbac']['permissions'][string];
221221

222222
configOverrideOverride['rbac.defaultPermissions.teamCreator'] ??= { 'team_admin': true };
223223
configOverrideOverride['rbac.defaultPermissions.teamMember'] ??= { 'team_member': true };

apps/backend/src/prisma-client.tsx

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
import { PrismaNeon } from "@prisma/adapter-neon";
22
import { PrismaPg } from '@prisma/adapter-pg';
33
import { Prisma, PrismaClient } from "@prisma/client";
4-
import { OrganizationRenderedConfig } from "@stackframe/stack-shared/dist/config/schema";
4+
import { CompleteConfig } from "@stackframe/stack-shared/dist/config/schema";
55
import { getEnvVariable, getNodeEnvironment } from '@stackframe/stack-shared/dist/utils/env';
66
import { StackAssertionError } from "@stackframe/stack-shared/dist/utils/errors";
77
import { globalVar } from "@stackframe/stack-shared/dist/utils/globals";
@@ -70,7 +70,7 @@ function getPostgresPrismaClient(connectionString: string) {
7070
return postgresPrismaClient;
7171
}
7272

73-
export async function getPrismaClientForSourceOfTruth(sourceOfTruth: OrganizationRenderedConfig["sourceOfTruth"], branchId: string) {
73+
export async function getPrismaClientForSourceOfTruth(sourceOfTruth: CompleteConfig["sourceOfTruth"], branchId: string) {
7474
switch (sourceOfTruth.type) {
7575
case 'neon': {
7676
if (!(branchId in sourceOfTruth.connectionStrings)) {
@@ -92,7 +92,7 @@ export async function getPrismaClientForSourceOfTruth(sourceOfTruth: Organizatio
9292
}
9393
}
9494

95-
export function getPrismaSchemaForSourceOfTruth(sourceOfTruth: OrganizationRenderedConfig["sourceOfTruth"], branchId: string) {
95+
export function getPrismaSchemaForSourceOfTruth(sourceOfTruth: CompleteConfig["sourceOfTruth"], branchId: string) {
9696
switch (sourceOfTruth.type) {
9797
case 'postgres': {
9898
return getSchemaFromConnectionString(sourceOfTruth.connectionString);

apps/dashboard/CHANGELOG.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,15 @@
11
# @stackframe/stack-dashboard
22

3+
## 2.8.29
4+
5+
### Patch Changes
6+
7+
- Various changes
8+
- Updated dependencies
9+
- @stackframe/stack-shared@2.8.29
10+
- @stackframe/stack@2.8.29
11+
- @stackframe/stack-ui@2.8.29
12+
313
## 2.8.28
414

515
### Patch Changes

apps/dashboard/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@stackframe/stack-dashboard",
3-
"version": "2.8.28",
3+
"version": "2.8.29",
44
"private": true,
55
"scripts": {
66
"clean": "rimraf .next && rimraf node_modules",

apps/dev-launchpad/CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
# @stackframe/dev-launchpad
22

3+
## 2.8.29
4+
35
## 2.8.28
46

57
### Patch Changes

apps/dev-launchpad/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@stackframe/dev-launchpad",
3-
"version": "2.8.28",
3+
"version": "2.8.29",
44
"private": true,
55
"scripts": {
66
"dev": "serve -p 8100 -s public",

0 commit comments

Comments
 (0)
0