<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/99619123-6be5-4788-aebe-5fc2a9a36245"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/660677bf-f19a-4673-94c8-59ac50eb6ae5"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/11ae63c4-5813-4fd8-aa01-fa580d2103be"
/>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduces API key management for users and teams, integrating with
existing project configurations and permissions, and adds comprehensive
tests and examples.
>
> - **API Key Management**:
> - Introduces `ProjectApiKey` model in `schema.prisma` for managing API
keys.
> - Adds `createApiKeyHandlers` in `handlers.tsx` to handle API key CRUD
operations.
> - Implements API key creation, revocation, and validation logic.
> - **Permissions and Configurations**:
> - Adds `allowUserApiKeys` and `allowTeamApiKeys` to `ProjectConfig` in
`schema.prisma`.
> - Updates `TeamSystemPermission` enum to include `MANAGE_API_KEYS`.
> - Ensures API key operations respect project configurations and
user/team permissions.
> - **Testing and Examples**:
> - Adds extensive tests in `api-keys.test.ts` to cover various API key
scenarios.
> - Updates example projects to demonstrate API key usage.
> - **Miscellaneous**:
> - Refactors existing code to integrate API key functionalities.
> - Updates documentation and type definitions to reflect new API key
features.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 96f60c57f0. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Enhance permission management by adding unique constraints, handling
duplicate ID errors, and updating frontend and backend logic with
comprehensive tests.
>
> - **Database**:
> - Add unique constraint on `Permission` table for `[tenancyId,
queryableId]` in `migration.sql`.
> - Update `schema.prisma` to reflect new unique constraints.
> - **Backend**:
> - Update `crud.tsx` files to handle `PERMISSION_ID_ALREADY_EXISTS`
error using `isErrorForNonUniquePermission()`.
> - Add `isPrismaUniqueConstraintViolation()` in `prisma-client.tsx` to
identify unique constraint violations.
> - Add `PermissionIdAlreadyExists` error in `known-errors.tsx`.
> - **Frontend**:
> - Update `page-client.tsx` and `permission-table.tsx` to check for
duplicate permission IDs before creation.
> - **Tests**:
> - Add tests in `project-permission-definitions.test.ts` and
`team-permission-definitions.test.ts` to verify duplicate ID handling.
> - Ensure permissions cannot be created with duplicate IDs across
project and team contexts.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b3ccd15bca. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: Zai Shi <zaishi00@outlook.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Renamed user-related permissions to project-related permissions across
the codebase, affecting enums, schemas, APIs, models, and tests.
>
> - **Behavior**:
> - Renamed `USER` to `PROJECT` in `PermissionScope` enum in
`schema.prisma` and `migration.sql`.
> - Updated `isDefaultUserPermission` to `isDefaultProjectPermission` in
`schema.prisma` and `migration.sql`.
> - Removed `jwks.json/route.ts` file.
> - **API Changes**:
> - Renamed `user-permission-definitions` and `user-permissions`
endpoints to `project-permission-definitions` and `project-permissions`
in `route.tsx` files.
> - Updated CRUD handlers in `crud.tsx` files to reflect new naming.
> - **Models**:
> - Updated models in `permissions.tsx` to use `ProjectPermission` and
`AdminProjectPermission`.
> - Updated `KnownErrors` to use `ProjectPermissionRequired`.
> - **Tests**:
> - Renamed test files and updated test cases in
`e2e/tests/backend/endpoints/api/v1` to reflect new naming.
> - **Misc**:
> - Updated `admin-app-impl.ts`, `client-app-impl.ts`, and
`server-app-impl.ts` to use new project permission naming.
> - Updated `schema-fields.ts` to reflect new permission ID schema.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 08924f5241. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Adds user permissions management, including models, API endpoints, and
tests, alongside existing team permissions.
>
> - **Behavior**:
> - Adds user permissions alongside team permissions, allowing for
user-specific permission management.
> - Introduces `ProjectUserDirectPermission` model in `schema.prisma`
for direct user permissions.
> - Updates `PermissionScope` enum from `GLOBAL` to `USER`.
> - **API**:
> - Adds CRUD endpoints for user permissions in `user-permissions` and
`user-permission-definitions`.
> - Updates existing team permission endpoints to support user
permissions.
> - **Tests**:
> - Adds e2e tests for user permissions in `user-permissions.test.ts`
and `user-permission-definitions.test.ts`.
> - Updates existing tests to include user permissions where applicable.
> - **Misc**:
> - Updates `adminInterface.ts` and `server-app-impl.ts` to handle user
permissions.
> - Modifies `known-errors.tsx` to include `UserPermissionRequired`
error.
> - Adjusts `project-configs` and `projects` to include user default
permissions.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 8b73e668e2. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<img width="1443" alt="image"
src="https://github.com/user-attachments/assets/611ede72-4d46-41dc-adea-9546c04b199a"
/>
Adds new active sessions page to settings
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds an active sessions page to settings, enabling users to view and
manage their sessions, with backend support for session listing and
deletion.
>
> - **Active Sessions Page**:
> - Adds `ActiveSessionsPage` component in `account-settings.tsx` to
display active sessions.
> - Allows revoking individual sessions or all sessions except the
current one.
> - **Backend Changes**:
> - Adds `sessionsCrudHandlers` in `crud.tsx` for session management
(list, delete).
> - Updates `ProjectUserRefreshToken` model in `schema.prisma` to
include `id` and `isImpersonation` fields.
> - Implements session listing and deletion in `serverInterface.ts` and
`client-app-impl.ts`.
> - **Error Handling**:
> - Introduces `CannotDeleteCurrentSession` error in `known-errors.tsx`.
> - **Testing**:
> - Adds tests for session management in
`endpoints/api/v1/auth/sessions` tests.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ba78df0928. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: TheCactusBlue <thecactusblue@gmail.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* Add in-source unit tests to stack-shared utilities
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix type checking and linting issues
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix lint errors in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix remaining lint errors in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix lint warnings in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix wait function mocking in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix retry function test in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix React.forwardRef mock in react.tsx test
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix trailing spaces in react.tsx and results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Revert to DependenciesMap and wrap rejected promise in ignoreUnhandledRejection
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix
* Revert changes to known-errors.tsx constructor
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Make rotateRight call rotateLeft per review feedback
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Remove redundant @ts-expect-error directive in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix import order in promises.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix
* Fix CI failures: add back @ts-expect-error in known-errors.tsx and revert mapResult implementation in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Remove unused @ts-expect-error directive in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Add back @ts-expect-error directive with explanation in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Change @ts-expect-error to @ts-ignore in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* be honest
* vocabulary
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
* Added entity checks to provide better errors in API for 'server' access type
* Removed 'ensureUserTeamPermissionExist', changed permissionId type to string in 'ensureUserHasTeamPermission'
* added different error types for user team permission
---------
Co-authored-by: Fahad Khan <fahad.khan@net-mon.net>
Co-authored-by: Zai Shi <zaishi00@outlook.com>
* removed standard providers and shared providers
* added more types
* updated all providers imports
* fixed circular dependency
* updated dashboard for different shared keys
* fixed old dashboard
* added migration file
* added transactions
* added client team update and delete
* added client side remove member
* allow user remove them selves from team
* fixed bug, fixed tests
* added client update test, fixed bugs
* added tests for team delete
* added more tests, fixed bugs
* added organizations route
* added orgganizations/[orgId] and orgganizations/[orgId]/users routes
* added more routes
* restructured dashboard pages, added organization page
* fixed redirect bug
* updated sidebar
* added mock orgnizations
* fixed breadcrumbs
* added edit org modal
* added memeber table
* added permission table
* Orgs & perms backend
* Fix build errors
* updated permission ui
* org -> team for frontend
* added enable team UI
* Stack App for teams
* formatted schema
* renamed all orgs to teams
* fixed docusaurus bug
* disabled docusaurus build progress bar
* added member profile and direct permission to profile
* removed dead code, memberProfile -> member
* removed teams attribute from the user object
* added /teams endpoint
* added create team endpoint
* added add-user endpoint
* moved add-user
* added server side get teams
* updated schema formatting
* added team enabled endpoints
* fixed type error
* moved get current teams to current-user/teams
* improved interface
* added create team
* hooked up team to frontend
* added hooked up team name with team member page
* added list team users
* added useUsers to team object
* fixed list team user bug
* added team update
* added list permissions and use permission on app
* added create permission
* list permission
* added permission list
* added inherited permission list
* add edit permission model
* restructured permission graph
* updated style
* added delete permission
* fixed delete permission bug
* added inheritence update
* fixed await bug
* fixed selection bug
* added permission update
* fixed update bug
* fixed team update refresh
* added remove user from team
* restructured permission and permission definition
* updated permission definition structure
* updated list permissions and grant permissions
* fixed list user permissions
* added grant permission
* fixed list permission
* added direct option to list team use permission
* fixed bugs
* fixed bugs
* added revoke permission
* inherited from -> contains
* added client list permission
* restructured stack-app teams and permissions
* fixed server teams and permissions
* fixed bug
* fixed bugs
* added teams pages to demo
* added styled component compiler
* added list teams
* added join and leave teams
* fixed prisma onDelete
* fixed type bugs
* removed on permission change for now
* added member
* fixed user and server user
* fixed imports
* added create team
* added more content to demo
* fixed recursion bug
* fixed recursion stack out of bound bug
* removed teamsEnabled
* added create team on sign-up options
* added create team on signup
* queriable -> queryable, fixed migration file
* fixed migration file
* fixed demo build error
* fixed license accidental change
* fixed tab styling
* added required to create permission id
* added more ui error hints
* fixed seed wrong setting
* default team name
* improved permission list ui
* improved demo display
* Update README.md
---------
Co-authored-by: Zai Shi <zaishi00@outlook.com>
* added magic link email, updated email template
* added magic link ui and db schema
* restructured sign in sign up page
* updated example custom button
* added joy tabs
* fixed bugs, added magic link errors, abstracted token creation
* added magic link callback
* fixed token bugs
* added more auth information to user object
* added changeset
