Compare commits

..

39 Commits

Author SHA1 Message Date
Owen b726f3be3c Move to legacy 2026-07-10 17:46:03 -04:00
Owen 78a3d84f69 Add missing endpoints to api 2026-07-10 17:13:47 -04:00
Owen 35960f94fc Update tags 2026-07-10 17:09:56 -04:00
Owen f03d1d3793 More route cleanup 2026-07-10 16:54:00 -04:00
Owen 5b47c21347 Order more api routes 2026-07-10 16:46:16 -04:00
Owen 1af486ac48 Just add ordering 2026-07-10 16:01:22 -04:00
Owen 0149984e85 Recategorize 2026-07-10 15:52:37 -04:00
Owen a2c96ea2f7 Add aliaes for public/private resources 2026-07-09 20:23:19 -04:00
Owen dc7eb630c3 Add missing action 2026-07-09 11:16:15 -04:00
Owen Schwartz bbcd352817 Merge pull request #3420 from fosrl/crowdin_dev
New Crowdin updates
2026-07-09 10:35:21 -04:00
Owen Schwartz 21d9199978 New translations en-us.json (French)
[ci skip]
2026-07-09 10:34:31 -04:00
Owen Schwartz 3e7b9d7bff New translations en-us.json (Norwegian Bokmal)
[ci skip]
2026-07-09 10:34:29 -04:00
Owen Schwartz 54acdbe282 New translations en-us.json (Chinese Simplified)
[ci skip]
2026-07-09 10:34:27 -04:00
Owen Schwartz 11bbd028fc New translations en-us.json (Turkish)
[ci skip]
2026-07-09 10:34:24 -04:00
Owen Schwartz 7ae99731f4 New translations en-us.json (Russian)
[ci skip]
2026-07-09 10:34:22 -04:00
Owen Schwartz 17b4fd9a44 New translations en-us.json (Portuguese)
[ci skip]
2026-07-09 10:34:20 -04:00
Owen Schwartz caa398ae54 New translations en-us.json (Polish)
[ci skip]
2026-07-09 10:34:18 -04:00
Owen Schwartz 035e324e5a New translations en-us.json (Dutch)
[ci skip]
2026-07-09 10:34:16 -04:00
Owen Schwartz 272a5737b0 New translations en-us.json (Korean)
[ci skip]
2026-07-09 10:34:14 -04:00
Owen Schwartz be50fd4586 New translations en-us.json (Italian)
[ci skip]
2026-07-09 10:34:12 -04:00
Owen Schwartz 8301511efe New translations en-us.json (German)
[ci skip]
2026-07-09 10:34:10 -04:00
Owen Schwartz c527ce6562 New translations en-us.json (Danish)
[ci skip]
2026-07-09 10:34:08 -04:00
Owen Schwartz 80bee900aa New translations en-us.json (Czech)
[ci skip]
2026-07-09 10:34:06 -04:00
Owen Schwartz 54209c2390 New translations en-us.json (Bulgarian)
[ci skip]
2026-07-09 10:34:04 -04:00
Owen Schwartz 3b0ee8d9d4 New translations en-us.json (Spanish)
[ci skip]
2026-07-09 10:34:02 -04:00
miloschwartz 7a0a877dc0 fix create private resource ports default to blocked 2026-07-09 10:28:06 -04:00
Owen b6ed762724 Sort before inserting 2026-07-09 10:18:41 -04:00
Owen Schwartz d1d58cf455 Merge pull request #3418 from fosrl/crowdin_dev
New Crowdin updates
2026-07-09 10:00:30 -04:00
Owen Schwartz e22f30c694 New translations en-us.json (Norwegian Bokmal)
[ci skip]
2026-07-09 09:59:33 -04:00
Owen Schwartz d71c112959 New translations en-us.json (Turkish)
[ci skip]
2026-07-09 09:59:30 -04:00
Owen Schwartz 199e960f6d New translations en-us.json (Portuguese)
[ci skip]
2026-07-09 09:59:26 -04:00
Owen Schwartz 843b9a0b16 New translations en-us.json (Dutch)
[ci skip]
2026-07-09 09:59:23 -04:00
Owen Schwartz b9aedc65fe New translations en-us.json (Italian)
[ci skip]
2026-07-09 09:59:20 -04:00
Owen Schwartz 11f5cfd4f8 New translations en-us.json (German)
[ci skip]
2026-07-09 09:59:18 -04:00
Owen Schwartz 2ff2e32e9c New translations en-us.json (Danish)
[ci skip]
2026-07-09 09:59:16 -04:00
Owen Schwartz facb1e4cdf New translations en-us.json (Spanish)
[ci skip]
2026-07-09 09:59:11 -04:00
Owen 6d129c0738 Fix #3099 2026-07-08 21:44:20 -04:00
Owen 67a3d226f5 Add session creation 2026-07-08 21:17:40 -04:00
Owen 19a3773880 Update ironrdp
Ref #3272
2026-07-08 16:23:53 -04:00
107 changed files with 2254 additions and 145 deletions
+1 -1
View File
@@ -41,7 +41,7 @@ services:
- 80:80 # Port for traefik because of the network_mode - 80:80 # Port for traefik because of the network_mode
traefik: traefik:
image: traefik:v3.7 image: traefik:v3.6
container_name: traefik container_name: traefik
restart: unless-stopped restart: unless-stopped
network_mode: service:gerbil # Ports appear on the gerbil service network_mode: service:gerbil # Ports appear on the gerbil service
+1 -1
View File
@@ -50,7 +50,7 @@ services:
- 80:80{{end}} - 80:80{{end}}
traefik: traefik:
image: docker.io/traefik:v3.7 image: docker.io/traefik:v3.6
container_name: traefik container_name: traefik
restart: unless-stopped restart: unless-stopped
{{if .InstallGerbil}}network_mode: service:gerbil # Ports appear on the gerbil service{{end}}{{if not .InstallGerbil}} {{if .InstallGerbil}}network_mode: service:gerbil # Ports appear on the gerbil service{{end}}{{if not .InstallGerbil}}
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Генериране на токен за достъп", "actionGenerateAccessToken": "Генериране на токен за достъп",
"actionDeleteAccessToken": "Изтриване на токен за достъп", "actionDeleteAccessToken": "Изтриване на токен за достъп",
"actionListAccessTokens": "Изброяване на токени за достъп", "actionListAccessTokens": "Изброяване на токени за достъп",
"actionCreateResourceSessionToken": "Създаване на токен за сесия на ресурс",
"actionCreateResourceRule": "Създаване на правило за ресурс", "actionCreateResourceRule": "Създаване на правило за ресурс",
"actionDeleteResourceRule": "Изтрийте правило за ресурс", "actionDeleteResourceRule": "Изтрийте правило за ресурс",
"actionListResourceRules": "Изброяване на правила за ресурс", "actionListResourceRules": "Изброяване на правила за ресурс",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Затвори", "createInternalResourceDialogClose": "Затвори",
"createInternalResourceDialogCreateClientResource": "Създаване на частен ресурс", "createInternalResourceDialogCreateClientResource": "Създаване на частен ресурс",
"createInternalResourceDialogCreateClientResourceDescription": "Създайте нов ресурс, който ще бъде достъпен само за клиенти, свързани към организацията", "createInternalResourceDialogCreateClientResourceDescription": "Създайте нов ресурс, който ще бъде достъпен само за клиенти, свързани към организацията",
"privateResourceGeneralDescription": "Конфигурирайте името, идентификатора и другите общи настройки на ресурса.",
"privateResourceCreatePageSeeAll": "Вижте всички частни ресурси", "privateResourceCreatePageSeeAll": "Вижте всички частни ресурси",
"privateResourceAllowIcmpPing": "Разрешете ICMP Ping", "privateResourceAllowIcmpPing": "Разрешете ICMP Ping",
"privateResourceNetworkAccess": "Достъп до мрежата", "privateResourceNetworkAccess": "Достъп до мрежата",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Добавяне на потребители.", "editInternalResourceDialogAddUsers": "Добавяне на потребители.",
"editInternalResourceDialogAddClients": "Добавяне на клиенти.", "editInternalResourceDialogAddClients": "Добавяне на клиенти.",
"editInternalResourceDialogDestinationLabel": "Дестинация.", "editInternalResourceDialogDestinationLabel": "Дестинация.",
"editInternalResourceDialogDestinationDescription": "Изберете къде работи този ресурс и как клиентите го достигат", "editInternalResourceDialogDestinationDescription": "Конфигурирайте как клиентите да достигнат до този ресурс.",
"internalResourceFormMultiSiteRoutingHelp": "Избирайки няколко сайта, се осигурява сигурен път и пренасочване при висока достъпност.", "internalResourceFormMultiSiteRoutingHelp": "Избирайки няколко сайта, се осигурява сигурен път и пренасочване при висока достъпност.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Научете повече", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Научете повече",
"editInternalResourceDialogPortRestrictionsDescription": "Ограничете достъпа до конкретни TCP/UDP портове или позволете/блокирайте всички портове.", "editInternalResourceDialogPortRestrictionsDescription": "Ограничете достъпа до конкретни TCP/UDP портове или позволете/блокирайте всички портове.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Generovat přístupový token", "actionGenerateAccessToken": "Generovat přístupový token",
"actionDeleteAccessToken": "Odstranit přístupový token", "actionDeleteAccessToken": "Odstranit přístupový token",
"actionListAccessTokens": "Seznam přístupových tokenů", "actionListAccessTokens": "Seznam přístupových tokenů",
"actionCreateResourceSessionToken": "Vytvořit token relace prostředku",
"actionCreateResourceRule": "Vytvořit pravidlo pro zdroj", "actionCreateResourceRule": "Vytvořit pravidlo pro zdroj",
"actionDeleteResourceRule": "Odstranit pravidlo pro dokument", "actionDeleteResourceRule": "Odstranit pravidlo pro dokument",
"actionListResourceRules": "Seznam pravidel zdrojů", "actionListResourceRules": "Seznam pravidel zdrojů",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Zavřít", "createInternalResourceDialogClose": "Zavřít",
"createInternalResourceDialogCreateClientResource": "Vytvořit soukromý zdroj", "createInternalResourceDialogCreateClientResource": "Vytvořit soukromý zdroj",
"createInternalResourceDialogCreateClientResourceDescription": "Vytvořte nový zdroj, který bude přístupný pouze klientům připojeným k organizaci", "createInternalResourceDialogCreateClientResourceDescription": "Vytvořte nový zdroj, který bude přístupný pouze klientům připojeným k organizaci",
"privateResourceGeneralDescription": "Nastavte název, identifikátor a další obecná nastavení zdroje.",
"privateResourceCreatePageSeeAll": "Zobrazit všechny privátní zdroje", "privateResourceCreatePageSeeAll": "Zobrazit všechny privátní zdroje",
"privateResourceAllowIcmpPing": "Povolit ICMP ping", "privateResourceAllowIcmpPing": "Povolit ICMP ping",
"privateResourceNetworkAccess": "Přístup k síti", "privateResourceNetworkAccess": "Přístup k síti",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Přidat uživatele", "editInternalResourceDialogAddUsers": "Přidat uživatele",
"editInternalResourceDialogAddClients": "Přidat klienty", "editInternalResourceDialogAddClients": "Přidat klienty",
"editInternalResourceDialogDestinationLabel": "Cíl", "editInternalResourceDialogDestinationLabel": "Cíl",
"editInternalResourceDialogDestinationDescription": "Vyberte, kde bude tento zdroj spuštěn a jak ho klienti dosáhnou", "editInternalResourceDialogDestinationDescription": "Nakonfigurujte, jak klienti dosáhnou tohoto zdroje.",
"internalResourceFormMultiSiteRoutingHelp": "Výběrem více webů se povolí odolné směrování a přepojení pro vysokou dostupnost.", "internalResourceFormMultiSiteRoutingHelp": "Výběrem více webů se povolí odolné směrování a přepojení pro vysokou dostupnost.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Zjistit více", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Zjistit více",
"editInternalResourceDialogPortRestrictionsDescription": "Omezte přístup na specifické TCP/UDP porty nebo povolte/blokujte všechny porty.", "editInternalResourceDialogPortRestrictionsDescription": "Omezte přístup na specifické TCP/UDP porty nebo povolte/blokujte všechny porty.",
+4 -2
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Generer adgangstoken", "actionGenerateAccessToken": "Generer adgangstoken",
"actionDeleteAccessToken": "Slet adgangstoken", "actionDeleteAccessToken": "Slet adgangstoken",
"actionListAccessTokens": "Vis adgangstokens", "actionListAccessTokens": "Vis adgangstokens",
"actionCreateResourceSessionToken": "Opret ressourcessession token",
"actionCreateResourceRule": "Opret ressourceregel", "actionCreateResourceRule": "Opret ressourceregel",
"actionDeleteResourceRule": "Slet ressourceregel", "actionDeleteResourceRule": "Slet ressourceregel",
"actionListResourceRules": "Vis ressourceregler", "actionListResourceRules": "Vis ressourceregler",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Luk", "createInternalResourceDialogClose": "Luk",
"createInternalResourceDialogCreateClientResource": "Opret privat ressource", "createInternalResourceDialogCreateClientResource": "Opret privat ressource",
"createInternalResourceDialogCreateClientResourceDescription": "Opret en ny ressource som kun vil være tilgængelig for kunder som er forbundet til organisationen", "createInternalResourceDialogCreateClientResourceDescription": "Opret en ny ressource som kun vil være tilgængelig for kunder som er forbundet til organisationen",
"privateResourceGeneralDescription": "Konfigurer navnet, identifikatoren, og andre generelle indstillinger for ressourcen.",
"privateResourceCreatePageSeeAll": "Se alle private ressourcer", "privateResourceCreatePageSeeAll": "Se alle private ressourcer",
"privateResourceAllowIcmpPing": "Tillad ICMP-ping", "privateResourceAllowIcmpPing": "Tillad ICMP-ping",
"privateResourceNetworkAccess": "Netværksadgang", "privateResourceNetworkAccess": "Netværksadgang",
@@ -2546,7 +2548,7 @@
"noRemoteExitNodesAvailableDescription": "Ingen noder er tilgængelige for denne organisation. Opret en node først for at bruge lokale sites.", "noRemoteExitNodesAvailableDescription": "Ingen noder er tilgængelige for denne organisation. Opret en node først for at bruge lokale sites.",
"exitNode": "Exitnode", "exitNode": "Exitnode",
"country": "Land", "country": "Land",
"countryIsNot": "Country Is Not", "countryIsNot": "Land er ikke",
"rulesMatchCountry": "I øjeblikket baseret på kilde-IP", "rulesMatchCountry": "I øjeblikket baseret på kilde-IP",
"region": "Fylke", "region": "Fylke",
"selectRegion": "Vælg region", "selectRegion": "Vælg region",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Tilføj brugere", "editInternalResourceDialogAddUsers": "Tilføj brugere",
"editInternalResourceDialogAddClients": "Tilføj klienter", "editInternalResourceDialogAddClients": "Tilføj klienter",
"editInternalResourceDialogDestinationLabel": "Destination", "editInternalResourceDialogDestinationLabel": "Destination",
"editInternalResourceDialogDestinationDescription": "Choose where this resource runs and how clients reach it", "editInternalResourceDialogDestinationDescription": "Konfigurer hvordan klienter får adgang til denne ressource.",
"internalResourceFormMultiSiteRoutingHelp": "Valg af flere sites muliggør robust routing og failover for høj tilgængelighed.", "internalResourceFormMultiSiteRoutingHelp": "Valg af flere sites muliggør robust routing og failover for høj tilgængelighed.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Læs mere", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Læs mere",
"editInternalResourceDialogPortRestrictionsDescription": "Begrens adgang til specifikke TCP/UDP-porte eller tillade/blokere alle porte.", "editInternalResourceDialogPortRestrictionsDescription": "Begrens adgang til specifikke TCP/UDP-porte eller tillade/blokere alle porte.",
+4 -2
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Zugriffstoken generieren", "actionGenerateAccessToken": "Zugriffstoken generieren",
"actionDeleteAccessToken": "Zugriffstoken löschen", "actionDeleteAccessToken": "Zugriffstoken löschen",
"actionListAccessTokens": "Zugriffstoken auflisten", "actionListAccessTokens": "Zugriffstoken auflisten",
"actionCreateResourceSessionToken": "Ressourcensitzungstoken erstellen",
"actionCreateResourceRule": "Ressourcenregel erstellen", "actionCreateResourceRule": "Ressourcenregel erstellen",
"actionDeleteResourceRule": "Ressourcenregel löschen", "actionDeleteResourceRule": "Ressourcenregel löschen",
"actionListResourceRules": "Ressourcenregeln auflisten", "actionListResourceRules": "Ressourcenregeln auflisten",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Schließen", "createInternalResourceDialogClose": "Schließen",
"createInternalResourceDialogCreateClientResource": "Private Ressource erstellen", "createInternalResourceDialogCreateClientResource": "Private Ressource erstellen",
"createInternalResourceDialogCreateClientResourceDescription": "Erstelle eine neue Ressource, die nur für Clients zugänglich ist, die mit der Organisation verbunden sind", "createInternalResourceDialogCreateClientResourceDescription": "Erstelle eine neue Ressource, die nur für Clients zugänglich ist, die mit der Organisation verbunden sind",
"privateResourceGeneralDescription": "Konfigurieren Sie den Namen, die Kennung und andere allgemeine Ressourceneinstellungen.",
"privateResourceCreatePageSeeAll": "Alle privaten Ressourcen anzeigen", "privateResourceCreatePageSeeAll": "Alle privaten Ressourcen anzeigen",
"privateResourceAllowIcmpPing": "ICMP-Ping zulassen", "privateResourceAllowIcmpPing": "ICMP-Ping zulassen",
"privateResourceNetworkAccess": "Netzwerkzugriff", "privateResourceNetworkAccess": "Netzwerkzugriff",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Nutzer hinzufügen", "editInternalResourceDialogAddUsers": "Nutzer hinzufügen",
"editInternalResourceDialogAddClients": "Clients hinzufügen", "editInternalResourceDialogAddClients": "Clients hinzufügen",
"editInternalResourceDialogDestinationLabel": "Ziel", "editInternalResourceDialogDestinationLabel": "Ziel",
"editInternalResourceDialogDestinationDescription": "Wählen Sie aus, wo diese Ressource läuft und wie Clients darauf zugreifen können", "editInternalResourceDialogDestinationDescription": "Konfigurieren Sie, wie Clients diese Ressource erreichen.",
"internalResourceFormMultiSiteRoutingHelp": "Durch die Auswahl mehrerer Seiten wird ein ausfallsicheres Routing und Failover für hohe Verfügbarkeit ermöglicht.", "internalResourceFormMultiSiteRoutingHelp": "Durch die Auswahl mehrerer Seiten wird ein ausfallsicheres Routing und Failover für hohe Verfügbarkeit ermöglicht.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Mehr erfahren", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Mehr erfahren",
"editInternalResourceDialogPortRestrictionsDescription": "Den Zugriff auf bestimmte TCP/UDP-Ports beschränken oder alle Ports erlauben/blockieren.", "editInternalResourceDialogPortRestrictionsDescription": "Den Zugriff auf bestimmte TCP/UDP-Ports beschränken oder alle Ports erlauben/blockieren.",
@@ -3679,7 +3681,7 @@
"resourceLauncherSaveForEveryoneDescription": "Teilen Sie diese Ansicht mit allen Organisationsmitgliedern. Wenn nicht aktiviert, ist die Ansicht nur für Sie sichtbar.", "resourceLauncherSaveForEveryoneDescription": "Teilen Sie diese Ansicht mit allen Organisationsmitgliedern. Wenn nicht aktiviert, ist die Ansicht nur für Sie sichtbar.",
"resourceLauncherMakePersonal": "Persönlich machen", "resourceLauncherMakePersonal": "Persönlich machen",
"resourceLauncherFilter": "Filter", "resourceLauncherFilter": "Filter",
"resourceLauncherFilterWithCount": "Filter, {count} applied", "resourceLauncherFilterWithCount": "Filter, {count} angewendet",
"resourceLauncherSort": "Sortieren", "resourceLauncherSort": "Sortieren",
"resourceLauncherSortAscending": "Aufsteigend sortieren", "resourceLauncherSortAscending": "Aufsteigend sortieren",
"resourceLauncherSortDescending": "Absteigend sortieren", "resourceLauncherSortDescending": "Absteigend sortieren",
+4 -1
View File
@@ -1397,6 +1397,7 @@
"createOrgUser": "Create Org User", "createOrgUser": "Create Org User",
"actionUpdateOrg": "Update Organization", "actionUpdateOrg": "Update Organization",
"actionRemoveInvitation": "Remove Invitation", "actionRemoveInvitation": "Remove Invitation",
"actionRemoveUserRole": "Remove User Role",
"actionUpdateUser": "Update User", "actionUpdateUser": "Update User",
"actionGetUser": "Get User", "actionGetUser": "Get User",
"actionGetOrgUser": "Get Organization User", "actionGetOrgUser": "Get Organization User",
@@ -1462,6 +1463,7 @@
"actionGenerateAccessToken": "Generate Access Token", "actionGenerateAccessToken": "Generate Access Token",
"actionDeleteAccessToken": "Delete Access Token", "actionDeleteAccessToken": "Delete Access Token",
"actionListAccessTokens": "List Access Tokens", "actionListAccessTokens": "List Access Tokens",
"actionCreateResourceSessionToken": "Create Resource Session Token",
"actionCreateResourceRule": "Create Resource Rule", "actionCreateResourceRule": "Create Resource Rule",
"actionDeleteResourceRule": "Delete Resource Rule", "actionDeleteResourceRule": "Delete Resource Rule",
"actionListResourceRules": "List Resource Rules", "actionListResourceRules": "List Resource Rules",
@@ -2392,6 +2394,7 @@
"createInternalResourceDialogClose": "Close", "createInternalResourceDialogClose": "Close",
"createInternalResourceDialogCreateClientResource": "Create Private Resource", "createInternalResourceDialogCreateClientResource": "Create Private Resource",
"createInternalResourceDialogCreateClientResourceDescription": "Create a new resource that will only be accessible to clients connected to the organization", "createInternalResourceDialogCreateClientResourceDescription": "Create a new resource that will only be accessible to clients connected to the organization",
"privateResourceGeneralDescription": "Configure the name, identifier, and other general resource settings.",
"privateResourceCreatePageSeeAll": "See All Private Resources", "privateResourceCreatePageSeeAll": "See All Private Resources",
"privateResourceAllowIcmpPing": "Allow ICMP Ping", "privateResourceAllowIcmpPing": "Allow ICMP Ping",
"privateResourceNetworkAccess": "Network Access", "privateResourceNetworkAccess": "Network Access",
@@ -3268,7 +3271,7 @@
"editInternalResourceDialogAddUsers": "Add Users", "editInternalResourceDialogAddUsers": "Add Users",
"editInternalResourceDialogAddClients": "Add Clients", "editInternalResourceDialogAddClients": "Add Clients",
"editInternalResourceDialogDestinationLabel": "Destination", "editInternalResourceDialogDestinationLabel": "Destination",
"editInternalResourceDialogDestinationDescription": "Choose where this resource runs and how clients reach it", "editInternalResourceDialogDestinationDescription": "Configure how clients reach this resource.",
"internalResourceFormMultiSiteRoutingHelp": "Selecting multiple sites enables resilient routing and failover for high availability.", "internalResourceFormMultiSiteRoutingHelp": "Selecting multiple sites enables resilient routing and failover for high availability.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Learn more", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Learn more",
"editInternalResourceDialogPortRestrictionsDescription": "Restrict access to specific TCP/UDP ports or allow/block all ports.", "editInternalResourceDialogPortRestrictionsDescription": "Restrict access to specific TCP/UDP ports or allow/block all ports.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Generar token de acceso", "actionGenerateAccessToken": "Generar token de acceso",
"actionDeleteAccessToken": "Eliminar token de acceso", "actionDeleteAccessToken": "Eliminar token de acceso",
"actionListAccessTokens": "Lista de Tokens de Acceso", "actionListAccessTokens": "Lista de Tokens de Acceso",
"actionCreateResourceSessionToken": "Crear Token de Sesión de Recurso",
"actionCreateResourceRule": "Crear Regla de Recursos", "actionCreateResourceRule": "Crear Regla de Recursos",
"actionDeleteResourceRule": "Eliminar Regla de Recurso", "actionDeleteResourceRule": "Eliminar Regla de Recurso",
"actionListResourceRules": "Lista de Reglas de Recursos", "actionListResourceRules": "Lista de Reglas de Recursos",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Cerrar", "createInternalResourceDialogClose": "Cerrar",
"createInternalResourceDialogCreateClientResource": "Crear recurso privado", "createInternalResourceDialogCreateClientResource": "Crear recurso privado",
"createInternalResourceDialogCreateClientResourceDescription": "Crear un nuevo recurso que sólo será accesible a los clientes conectados a la organización", "createInternalResourceDialogCreateClientResourceDescription": "Crear un nuevo recurso que sólo será accesible a los clientes conectados a la organización",
"privateResourceGeneralDescription": "Configura el nombre, identificador y otros ajustes generales del recurso.",
"privateResourceCreatePageSeeAll": "Ver todos los recursos privados", "privateResourceCreatePageSeeAll": "Ver todos los recursos privados",
"privateResourceAllowIcmpPing": "Permitir ping ICMP", "privateResourceAllowIcmpPing": "Permitir ping ICMP",
"privateResourceNetworkAccess": "Acceso de red", "privateResourceNetworkAccess": "Acceso de red",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Agregar usuarios", "editInternalResourceDialogAddUsers": "Agregar usuarios",
"editInternalResourceDialogAddClients": "Agregar clientes", "editInternalResourceDialogAddClients": "Agregar clientes",
"editInternalResourceDialogDestinationLabel": "Destino", "editInternalResourceDialogDestinationLabel": "Destino",
"editInternalResourceDialogDestinationDescription": "Elija dónde se ejecuta este recurso y cómo lo alcanzan los clientes", "editInternalResourceDialogDestinationDescription": "Configura cómo los clientes acceden a este recurso.",
"internalResourceFormMultiSiteRoutingHelp": "Seleccionar múltiples sitios habilita el enrutamiento resistente y la conmutación por error para alta disponibilidad.", "internalResourceFormMultiSiteRoutingHelp": "Seleccionar múltiples sitios habilita el enrutamiento resistente y la conmutación por error para alta disponibilidad.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Más información", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Más información",
"editInternalResourceDialogPortRestrictionsDescription": "Restringir el acceso a puertos TCP/UDP específicos o permitir/bloquear todos los puertos.", "editInternalResourceDialogPortRestrictionsDescription": "Restringir el acceso a puertos TCP/UDP específicos o permitir/bloquear todos los puertos.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Générer un jeton d'accès", "actionGenerateAccessToken": "Générer un jeton d'accès",
"actionDeleteAccessToken": "Supprimer un jeton d'accès", "actionDeleteAccessToken": "Supprimer un jeton d'accès",
"actionListAccessTokens": "Lister les jetons d'accès", "actionListAccessTokens": "Lister les jetons d'accès",
"actionCreateResourceSessionToken": "Créer un jeton de session de ressource",
"actionCreateResourceRule": "Créer une règle de ressource", "actionCreateResourceRule": "Créer une règle de ressource",
"actionDeleteResourceRule": "Supprimer une règle de ressource", "actionDeleteResourceRule": "Supprimer une règle de ressource",
"actionListResourceRules": "Lister les règles de ressource", "actionListResourceRules": "Lister les règles de ressource",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Fermer", "createInternalResourceDialogClose": "Fermer",
"createInternalResourceDialogCreateClientResource": "Créer une ressource privée", "createInternalResourceDialogCreateClientResource": "Créer une ressource privée",
"createInternalResourceDialogCreateClientResourceDescription": "Créer une nouvelle ressource qui ne sera accessible qu'aux clients connectés à l'organisation", "createInternalResourceDialogCreateClientResourceDescription": "Créer une nouvelle ressource qui ne sera accessible qu'aux clients connectés à l'organisation",
"privateResourceGeneralDescription": "Configurez le nom, l'identifiant et d'autres paramètres généraux de la ressource.",
"privateResourceCreatePageSeeAll": "Voir toutes les ressources privées", "privateResourceCreatePageSeeAll": "Voir toutes les ressources privées",
"privateResourceAllowIcmpPing": "Autoriser le ping ICMP", "privateResourceAllowIcmpPing": "Autoriser le ping ICMP",
"privateResourceNetworkAccess": "Accès au réseau", "privateResourceNetworkAccess": "Accès au réseau",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Ajouter des utilisateurs", "editInternalResourceDialogAddUsers": "Ajouter des utilisateurs",
"editInternalResourceDialogAddClients": "Ajouter des clients", "editInternalResourceDialogAddClients": "Ajouter des clients",
"editInternalResourceDialogDestinationLabel": "Destination", "editInternalResourceDialogDestinationLabel": "Destination",
"editInternalResourceDialogDestinationDescription": "Choisissez où cette ressource fonctionne et comment les clients l'atteignent", "editInternalResourceDialogDestinationDescription": "Configurez comment les clients accèdent à cette ressource.",
"internalResourceFormMultiSiteRoutingHelp": "La sélection de plusieurs sites permet un routage résilient et un basculement pour une haute disponibilité.", "internalResourceFormMultiSiteRoutingHelp": "La sélection de plusieurs sites permet un routage résilient et un basculement pour une haute disponibilité.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "En savoir plus", "internalResourceFormMultiSiteRoutingHelpLearnMore": "En savoir plus",
"editInternalResourceDialogPortRestrictionsDescription": "Restreindre l'accès à des ports TCP/UDP spécifiques ou autoriser/bloquer tous les ports.", "editInternalResourceDialogPortRestrictionsDescription": "Restreindre l'accès à des ports TCP/UDP spécifiques ou autoriser/bloquer tous les ports.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Genera Token di Accesso", "actionGenerateAccessToken": "Genera Token di Accesso",
"actionDeleteAccessToken": "Elimina Token di Accesso", "actionDeleteAccessToken": "Elimina Token di Accesso",
"actionListAccessTokens": "Elenca Token di Accesso", "actionListAccessTokens": "Elenca Token di Accesso",
"actionCreateResourceSessionToken": "Crea Token di Sessione della Risorsa",
"actionCreateResourceRule": "Crea Regola Risorsa", "actionCreateResourceRule": "Crea Regola Risorsa",
"actionDeleteResourceRule": "Elimina Regola Risorsa", "actionDeleteResourceRule": "Elimina Regola Risorsa",
"actionListResourceRules": "Elenca Regole Risorsa", "actionListResourceRules": "Elenca Regole Risorsa",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Chiudi", "createInternalResourceDialogClose": "Chiudi",
"createInternalResourceDialogCreateClientResource": "Crea Risorsa Privata", "createInternalResourceDialogCreateClientResource": "Crea Risorsa Privata",
"createInternalResourceDialogCreateClientResourceDescription": "Crea una nuova risorsa che sarà accessibile solo ai client connessi all'organizzazione", "createInternalResourceDialogCreateClientResourceDescription": "Crea una nuova risorsa che sarà accessibile solo ai client connessi all'organizzazione",
"privateResourceGeneralDescription": "Configura il nome, l'identificativo e altre impostazioni generali delle risorse.",
"privateResourceCreatePageSeeAll": "Vedi Tutte le Risorse Private", "privateResourceCreatePageSeeAll": "Vedi Tutte le Risorse Private",
"privateResourceAllowIcmpPing": "Consenti ICMP Ping", "privateResourceAllowIcmpPing": "Consenti ICMP Ping",
"privateResourceNetworkAccess": "Accesso alla Rete", "privateResourceNetworkAccess": "Accesso alla Rete",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Aggiungi Utenti", "editInternalResourceDialogAddUsers": "Aggiungi Utenti",
"editInternalResourceDialogAddClients": "Aggiungi Clienti", "editInternalResourceDialogAddClients": "Aggiungi Clienti",
"editInternalResourceDialogDestinationLabel": "Destinazione", "editInternalResourceDialogDestinationLabel": "Destinazione",
"editInternalResourceDialogDestinationDescription": "Scegli dove eseguire questa risorsa e come i client lo raggiungono", "editInternalResourceDialogDestinationDescription": "Configura come i client raggiungono questa risorsa.",
"internalResourceFormMultiSiteRoutingHelp": "Selezionare più siti consente un routing resiliente e Failover per alta disponibilità.", "internalResourceFormMultiSiteRoutingHelp": "Selezionare più siti consente un routing resiliente e Failover per alta disponibilità.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Scopri di più", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Scopri di più",
"editInternalResourceDialogPortRestrictionsDescription": "Limita l'accesso a porte TCP/UDP specifiche o consenti/blocca tutte le porte.", "editInternalResourceDialogPortRestrictionsDescription": "Limita l'accesso a porte TCP/UDP specifiche o consenti/blocca tutte le porte.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "액세스 토큰 생성", "actionGenerateAccessToken": "액세스 토큰 생성",
"actionDeleteAccessToken": "액세스 토큰 삭제", "actionDeleteAccessToken": "액세스 토큰 삭제",
"actionListAccessTokens": "액세스 토큰 목록", "actionListAccessTokens": "액세스 토큰 목록",
"actionCreateResourceSessionToken": "리소스 세션 토큰 생성",
"actionCreateResourceRule": "리소스 규칙 생성", "actionCreateResourceRule": "리소스 규칙 생성",
"actionDeleteResourceRule": "리소스 규칙 삭제", "actionDeleteResourceRule": "리소스 규칙 삭제",
"actionListResourceRules": "리소스 규칙 목록", "actionListResourceRules": "리소스 규칙 목록",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "닫기", "createInternalResourceDialogClose": "닫기",
"createInternalResourceDialogCreateClientResource": "사이트 리소스 생성", "createInternalResourceDialogCreateClientResource": "사이트 리소스 생성",
"createInternalResourceDialogCreateClientResourceDescription": "선택한 사이트에 연결된 클라이언트에 접근할 새 리소스를 생성합니다", "createInternalResourceDialogCreateClientResourceDescription": "선택한 사이트에 연결된 클라이언트에 접근할 새 리소스를 생성합니다",
"privateResourceGeneralDescription": "이름, 식별자, 기타 일반 리소스 설정을 구성합니다.",
"privateResourceCreatePageSeeAll": "모든 개인 리소스 보기", "privateResourceCreatePageSeeAll": "모든 개인 리소스 보기",
"privateResourceAllowIcmpPing": "ICMP 핑 허용", "privateResourceAllowIcmpPing": "ICMP 핑 허용",
"privateResourceNetworkAccess": "네트워크 접근", "privateResourceNetworkAccess": "네트워크 접근",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "사용자 추가", "editInternalResourceDialogAddUsers": "사용자 추가",
"editInternalResourceDialogAddClients": "클라이언트 추가", "editInternalResourceDialogAddClients": "클라이언트 추가",
"editInternalResourceDialogDestinationLabel": "대상지", "editInternalResourceDialogDestinationLabel": "대상지",
"editInternalResourceDialogDestinationDescription": "이 리소스가 실행되는 위치와 고객이 도달하는 방법 선택", "editInternalResourceDialogDestinationDescription": "클라이언트가 이 리소스에 어떻게 도달하는지 구성합니다.",
"internalResourceFormMultiSiteRoutingHelp": "다중 사이트를 선택하면 높은 가용성을 위해 회복력 있는 라우팅 및 페일오버가 가능해집니다.", "internalResourceFormMultiSiteRoutingHelp": "다중 사이트를 선택하면 높은 가용성을 위해 회복력 있는 라우팅 및 페일오버가 가능해집니다.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "자세히 알아보기", "internalResourceFormMultiSiteRoutingHelpLearnMore": "자세히 알아보기",
"editInternalResourceDialogPortRestrictionsDescription": "특정 TCP/UDP 포트에 대한 접근을 제한하거나 모든 포트를 허용/차단하십시오.", "editInternalResourceDialogPortRestrictionsDescription": "특정 TCP/UDP 포트에 대한 접근을 제한하거나 모든 포트를 허용/차단하십시오.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Generer tilgangstoken", "actionGenerateAccessToken": "Generer tilgangstoken",
"actionDeleteAccessToken": "Slett tilgangstoken", "actionDeleteAccessToken": "Slett tilgangstoken",
"actionListAccessTokens": "List opp tilgangstokener", "actionListAccessTokens": "List opp tilgangstokener",
"actionCreateResourceSessionToken": "Opprett ressurs økt-token",
"actionCreateResourceRule": "Opprett ressursregel", "actionCreateResourceRule": "Opprett ressursregel",
"actionDeleteResourceRule": "Slett ressursregel", "actionDeleteResourceRule": "Slett ressursregel",
"actionListResourceRules": "List opp ressursregler", "actionListResourceRules": "List opp ressursregler",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Lukk", "createInternalResourceDialogClose": "Lukk",
"createInternalResourceDialogCreateClientResource": "Opprett privat ressurs", "createInternalResourceDialogCreateClientResource": "Opprett privat ressurs",
"createInternalResourceDialogCreateClientResourceDescription": "Opprett en ny ressurs som bare vil være tilgjengelig for kunder som er koblet til organisasjonen", "createInternalResourceDialogCreateClientResourceDescription": "Opprett en ny ressurs som bare vil være tilgjengelig for kunder som er koblet til organisasjonen",
"privateResourceGeneralDescription": "Konfigurer navnet, identifikatoren og andre generelle ressursinnstillinger.",
"privateResourceCreatePageSeeAll": "Se alle private ressurser", "privateResourceCreatePageSeeAll": "Se alle private ressurser",
"privateResourceAllowIcmpPing": "Tillat ICMP Ping", "privateResourceAllowIcmpPing": "Tillat ICMP Ping",
"privateResourceNetworkAccess": "Nettverkstilgang", "privateResourceNetworkAccess": "Nettverkstilgang",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Legg til brukere", "editInternalResourceDialogAddUsers": "Legg til brukere",
"editInternalResourceDialogAddClients": "Legg til klienter", "editInternalResourceDialogAddClients": "Legg til klienter",
"editInternalResourceDialogDestinationLabel": "Destinasjon", "editInternalResourceDialogDestinationLabel": "Destinasjon",
"editInternalResourceDialogDestinationDescription": "Velg hvor denne ressursen kjører og hvordan klienter når den", "editInternalResourceDialogDestinationDescription": "Konfigurer hvordan klienter får tilgang til denne ressursen.",
"internalResourceFormMultiSiteRoutingHelp": "Valg av flere nettsteder muliggjør motstandskraftig ruting og failover for høy tilgjengelighet.", "internalResourceFormMultiSiteRoutingHelp": "Valg av flere nettsteder muliggjør motstandskraftig ruting og failover for høy tilgjengelighet.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Lær mer", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Lær mer",
"editInternalResourceDialogPortRestrictionsDescription": "Begrens tilgang til spesifikke TCP/UDP-porter eller tillate/blokkere alle porter.", "editInternalResourceDialogPortRestrictionsDescription": "Begrens tilgang til spesifikke TCP/UDP-porter eller tillate/blokkere alle porter.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Genereer Toegangstoken", "actionGenerateAccessToken": "Genereer Toegangstoken",
"actionDeleteAccessToken": "Verwijder toegangstoken", "actionDeleteAccessToken": "Verwijder toegangstoken",
"actionListAccessTokens": "Lijst toegangstokens", "actionListAccessTokens": "Lijst toegangstokens",
"actionCreateResourceSessionToken": "Maak Resource Sessie Token",
"actionCreateResourceRule": "Bronregel aanmaken", "actionCreateResourceRule": "Bronregel aanmaken",
"actionDeleteResourceRule": "Verwijder Resource Regel", "actionDeleteResourceRule": "Verwijder Resource Regel",
"actionListResourceRules": "Bron regels weergeven", "actionListResourceRules": "Bron regels weergeven",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Sluiten", "createInternalResourceDialogClose": "Sluiten",
"createInternalResourceDialogCreateClientResource": "Privé bron maken", "createInternalResourceDialogCreateClientResource": "Privé bron maken",
"createInternalResourceDialogCreateClientResourceDescription": "Maak een nieuwe bron aan die alleen toegankelijk is voor klanten die verbonden zijn met de organisatie", "createInternalResourceDialogCreateClientResourceDescription": "Maak een nieuwe bron aan die alleen toegankelijk is voor klanten die verbonden zijn met de organisatie",
"privateResourceGeneralDescription": "Configureer de naam, identificatie en andere algemene resource-instellingen.",
"privateResourceCreatePageSeeAll": "Bekijk Alle Privébronnen", "privateResourceCreatePageSeeAll": "Bekijk Alle Privébronnen",
"privateResourceAllowIcmpPing": "Sta ICMP Ping toe", "privateResourceAllowIcmpPing": "Sta ICMP Ping toe",
"privateResourceNetworkAccess": "Netwerktoegang", "privateResourceNetworkAccess": "Netwerktoegang",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Gebruikers toevoegen", "editInternalResourceDialogAddUsers": "Gebruikers toevoegen",
"editInternalResourceDialogAddClients": "Clienten toevoegen", "editInternalResourceDialogAddClients": "Clienten toevoegen",
"editInternalResourceDialogDestinationLabel": "Bestemming", "editInternalResourceDialogDestinationLabel": "Bestemming",
"editInternalResourceDialogDestinationDescription": "Kies waar deze bron draait en hoe clients deze bereiken", "editInternalResourceDialogDestinationDescription": "Configureer hoe klanten toegang krijgen tot deze resource.",
"internalResourceFormMultiSiteRoutingHelp": "Selecteren van meerdere sites maakt veerkrachtige routing en failover mogelijk voor hoge beschikbaarheid.", "internalResourceFormMultiSiteRoutingHelp": "Selecteren van meerdere sites maakt veerkrachtige routing en failover mogelijk voor hoge beschikbaarheid.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Meer informatie", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Meer informatie",
"editInternalResourceDialogPortRestrictionsDescription": "Beperk toegang tot specifieke TCP/UDP-poorten of sta alle poorten toe/blokkeer.", "editInternalResourceDialogPortRestrictionsDescription": "Beperk toegang tot specifieke TCP/UDP-poorten of sta alle poorten toe/blokkeer.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Wygeneruj token dostępu", "actionGenerateAccessToken": "Wygeneruj token dostępu",
"actionDeleteAccessToken": "Usuń token dostępu", "actionDeleteAccessToken": "Usuń token dostępu",
"actionListAccessTokens": "Lista tokenów dostępu", "actionListAccessTokens": "Lista tokenów dostępu",
"actionCreateResourceSessionToken": "Utwórz token sesji zasobu",
"actionCreateResourceRule": "Utwórz regułę zasobu", "actionCreateResourceRule": "Utwórz regułę zasobu",
"actionDeleteResourceRule": "Usuń regułę zasobu", "actionDeleteResourceRule": "Usuń regułę zasobu",
"actionListResourceRules": "Lista reguł zasobu", "actionListResourceRules": "Lista reguł zasobu",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Zamknij", "createInternalResourceDialogClose": "Zamknij",
"createInternalResourceDialogCreateClientResource": "Utwórz zasób prywatny", "createInternalResourceDialogCreateClientResource": "Utwórz zasób prywatny",
"createInternalResourceDialogCreateClientResourceDescription": "Utwórz nowy zasób, który będzie dostępny tylko dla klientów podłączonych do organizacji", "createInternalResourceDialogCreateClientResourceDescription": "Utwórz nowy zasób, który będzie dostępny tylko dla klientów podłączonych do organizacji",
"privateResourceGeneralDescription": "Skonfiguruj nazwę, identyfikator i inne ogólne ustawienia zasobów.",
"privateResourceCreatePageSeeAll": "Zobacz wszystkie zasoby prywatne", "privateResourceCreatePageSeeAll": "Zobacz wszystkie zasoby prywatne",
"privateResourceAllowIcmpPing": "Zezwalaj na ping ICMP", "privateResourceAllowIcmpPing": "Zezwalaj na ping ICMP",
"privateResourceNetworkAccess": "Dostęp do sieci", "privateResourceNetworkAccess": "Dostęp do sieci",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Dodaj użytkowników", "editInternalResourceDialogAddUsers": "Dodaj użytkowników",
"editInternalResourceDialogAddClients": "Dodaj klientów", "editInternalResourceDialogAddClients": "Dodaj klientów",
"editInternalResourceDialogDestinationLabel": "Miejsce docelowe", "editInternalResourceDialogDestinationLabel": "Miejsce docelowe",
"editInternalResourceDialogDestinationDescription": "Wybierz, gdzie ten zasób działa i jak klienci go osiągają", "editInternalResourceDialogDestinationDescription": "Skonfiguruj sposób, w jaki klienci docierają do tego zasobu.",
"internalResourceFormMultiSiteRoutingHelp": "Wybór wielu stron umożliwia odporne trasowanie i awarię dla wysokiej dostępności.", "internalResourceFormMultiSiteRoutingHelp": "Wybór wielu stron umożliwia odporne trasowanie i awarię dla wysokiej dostępności.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Dowiedz się więcej", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Dowiedz się więcej",
"editInternalResourceDialogPortRestrictionsDescription": "Ogranicz dostęp do konkretnych portów TCP/UDP lub zezwól/zablokuj wszystkie porty.", "editInternalResourceDialogPortRestrictionsDescription": "Ogranicz dostęp do konkretnych portów TCP/UDP lub zezwól/zablokuj wszystkie porty.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Gerar Token de Acesso", "actionGenerateAccessToken": "Gerar Token de Acesso",
"actionDeleteAccessToken": "Eliminar Token de Acesso", "actionDeleteAccessToken": "Eliminar Token de Acesso",
"actionListAccessTokens": "Listar Tokens de Acesso", "actionListAccessTokens": "Listar Tokens de Acesso",
"actionCreateResourceSessionToken": "Criar Token de Sessão de Recurso",
"actionCreateResourceRule": "Criar Regra de Recurso", "actionCreateResourceRule": "Criar Regra de Recurso",
"actionDeleteResourceRule": "Eliminar Regra de Recurso", "actionDeleteResourceRule": "Eliminar Regra de Recurso",
"actionListResourceRules": "Listar Regras de Recurso", "actionListResourceRules": "Listar Regras de Recurso",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Fechar", "createInternalResourceDialogClose": "Fechar",
"createInternalResourceDialogCreateClientResource": "Criar Recurso Privado", "createInternalResourceDialogCreateClientResource": "Criar Recurso Privado",
"createInternalResourceDialogCreateClientResourceDescription": "Criar um novo recurso que só será acessível para clientes conectados à organização", "createInternalResourceDialogCreateClientResourceDescription": "Criar um novo recurso que só será acessível para clientes conectados à organização",
"privateResourceGeneralDescription": "Configure o nome, identificador e outras configurações gerais de recursos.",
"privateResourceCreatePageSeeAll": "Ver Todos os Recursos Privados", "privateResourceCreatePageSeeAll": "Ver Todos os Recursos Privados",
"privateResourceAllowIcmpPing": "Permitir ICMP Ping", "privateResourceAllowIcmpPing": "Permitir ICMP Ping",
"privateResourceNetworkAccess": "Acesso à Rede", "privateResourceNetworkAccess": "Acesso à Rede",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Adicionar Usuários", "editInternalResourceDialogAddUsers": "Adicionar Usuários",
"editInternalResourceDialogAddClients": "Adicionar Clientes", "editInternalResourceDialogAddClients": "Adicionar Clientes",
"editInternalResourceDialogDestinationLabel": "Destino", "editInternalResourceDialogDestinationLabel": "Destino",
"editInternalResourceDialogDestinationDescription": "Escolha onde este recurso é executado e como os clientes o acessam", "editInternalResourceDialogDestinationDescription": "Configure como os clientes acessam este recurso.",
"internalResourceFormMultiSiteRoutingHelp": "Selecionar múltiplos sites permite roteamento resiliente e failover para alta disponibilidade.", "internalResourceFormMultiSiteRoutingHelp": "Selecionar múltiplos sites permite roteamento resiliente e failover para alta disponibilidade.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Saiba mais", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Saiba mais",
"editInternalResourceDialogPortRestrictionsDescription": "Restrinja o acesso a portas TCP/UDP específicas ou permita/bloqueie todas as portas.", "editInternalResourceDialogPortRestrictionsDescription": "Restrinja o acesso a portas TCP/UDP específicas ou permita/bloqueie todas as portas.",
+4 -2
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Сгенерировать токен доступа", "actionGenerateAccessToken": "Сгенерировать токен доступа",
"actionDeleteAccessToken": "Удалить токен доступа", "actionDeleteAccessToken": "Удалить токен доступа",
"actionListAccessTokens": "Список токенов доступа", "actionListAccessTokens": "Список токенов доступа",
"actionCreateResourceSessionToken": "Создать токен сеанса ресурса",
"actionCreateResourceRule": "Создать правило ресурса", "actionCreateResourceRule": "Создать правило ресурса",
"actionDeleteResourceRule": "Удалить правило ресурса", "actionDeleteResourceRule": "Удалить правило ресурса",
"actionListResourceRules": "Список правил ресурса", "actionListResourceRules": "Список правил ресурса",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Закрыть", "createInternalResourceDialogClose": "Закрыть",
"createInternalResourceDialogCreateClientResource": "Создать приватный ресурс", "createInternalResourceDialogCreateClientResource": "Создать приватный ресурс",
"createInternalResourceDialogCreateClientResourceDescription": "Создать новый ресурс, который будет доступен только клиентам, подключенным к организации", "createInternalResourceDialogCreateClientResourceDescription": "Создать новый ресурс, который будет доступен только клиентам, подключенным к организации",
"privateResourceGeneralDescription": "Настройте имя, идентификатор и другие общие параметры ресурса.",
"privateResourceCreatePageSeeAll": "Посмотреть все частные ресурсы", "privateResourceCreatePageSeeAll": "Посмотреть все частные ресурсы",
"privateResourceAllowIcmpPing": "Разрешить ICMP Ping", "privateResourceAllowIcmpPing": "Разрешить ICMP Ping",
"privateResourceNetworkAccess": "Сетевой доступ", "privateResourceNetworkAccess": "Сетевой доступ",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Добавить пользователей", "editInternalResourceDialogAddUsers": "Добавить пользователей",
"editInternalResourceDialogAddClients": "Добавить клиентов", "editInternalResourceDialogAddClients": "Добавить клиентов",
"editInternalResourceDialogDestinationLabel": "Пункт назначения", "editInternalResourceDialogDestinationLabel": "Пункт назначения",
"editInternalResourceDialogDestinationDescription": "Выберите, где этот ресурс работает и как к нему получают доступ клиенты", "editInternalResourceDialogDestinationDescription": "Настройте, как клиенты получают доступ к этому ресурсу.",
"internalResourceFormMultiSiteRoutingHelp": "Выбор нескольких сайтов позволяет обеспечить отказоустойчивую маршрутизацию и фейловер для высокой доступности.", "internalResourceFormMultiSiteRoutingHelp": "Выбор нескольких сайтов позволяет обеспечить отказоустойчивую маршрутизацию и фейловер для высокой доступности.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Узнать больше", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Узнать больше",
"editInternalResourceDialogPortRestrictionsDescription": "Ограничьте доступ к определенным TCP/UDP-портам или разрешите/заблокируйте все порты.", "editInternalResourceDialogPortRestrictionsDescription": "Ограничьте доступ к определенным TCP/UDP-портам или разрешите/заблокируйте все порты.",
@@ -3679,7 +3681,7 @@
"resourceLauncherSaveForEveryoneDescription": "Поделитесь этим видом со всеми членами организации. Если не отмечено, видимость только для вас.", "resourceLauncherSaveForEveryoneDescription": "Поделитесь этим видом со всеми членами организации. Если не отмечено, видимость только для вас.",
"resourceLauncherMakePersonal": "Сделать личным", "resourceLauncherMakePersonal": "Сделать личным",
"resourceLauncherFilter": "Фильтр", "resourceLauncherFilter": "Фильтр",
"resourceLauncherFilterWithCount": "Filter, {count} applied", "resourceLauncherFilterWithCount": "Фильтр, применено {count}",
"resourceLauncherSort": "Сортировать", "resourceLauncherSort": "Сортировать",
"resourceLauncherSortAscending": "Сортировать по возрастанию", "resourceLauncherSortAscending": "Сортировать по возрастанию",
"resourceLauncherSortDescending": "Сортировать по убыванию", "resourceLauncherSortDescending": "Сортировать по убыванию",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "Erişim Jetonu Oluştur", "actionGenerateAccessToken": "Erişim Jetonu Oluştur",
"actionDeleteAccessToken": "Erişim Jetonunu Sil", "actionDeleteAccessToken": "Erişim Jetonunu Sil",
"actionListAccessTokens": "Erişim Jetonlarını Listele", "actionListAccessTokens": "Erişim Jetonlarını Listele",
"actionCreateResourceSessionToken": "Kaynak Oturum Otomasyonu Oluştur",
"actionCreateResourceRule": "Kaynak Kuralı Oluştur", "actionCreateResourceRule": "Kaynak Kuralı Oluştur",
"actionDeleteResourceRule": "Kaynak Kuralını Sil", "actionDeleteResourceRule": "Kaynak Kuralını Sil",
"actionListResourceRules": "Kaynak Kurallarını Listele", "actionListResourceRules": "Kaynak Kurallarını Listele",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "Kapat", "createInternalResourceDialogClose": "Kapat",
"createInternalResourceDialogCreateClientResource": "Özel Kaynak Oluştur", "createInternalResourceDialogCreateClientResource": "Özel Kaynak Oluştur",
"createInternalResourceDialogCreateClientResourceDescription": "Seçilen siteye bağlı istemcilere erişilebilir olacak yeni bir kaynak oluşturun", "createInternalResourceDialogCreateClientResourceDescription": "Seçilen siteye bağlı istemcilere erişilebilir olacak yeni bir kaynak oluşturun",
"privateResourceGeneralDescription": "Kaynağın adı, tanımlayıcı ve diğer genel ayarlarını yapılandırın.",
"privateResourceCreatePageSeeAll": "Tüm Özel Kaynakları Gör", "privateResourceCreatePageSeeAll": "Tüm Özel Kaynakları Gör",
"privateResourceAllowIcmpPing": "ICMP Ping İzne Ver", "privateResourceAllowIcmpPing": "ICMP Ping İzne Ver",
"privateResourceNetworkAccess": "Ağ Erişimi", "privateResourceNetworkAccess": "Ağ Erişimi",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "Kullanıcılar Ekle", "editInternalResourceDialogAddUsers": "Kullanıcılar Ekle",
"editInternalResourceDialogAddClients": "Müşteriler Ekle", "editInternalResourceDialogAddClients": "Müşteriler Ekle",
"editInternalResourceDialogDestinationLabel": "Hedef", "editInternalResourceDialogDestinationLabel": "Hedef",
"editInternalResourceDialogDestinationDescription": "Bu kaynağın nerede çalıştığını ve istemcilerin ona nasıl eriştiğini seçin", "editInternalResourceDialogDestinationDescription": "Bu kaynağa müşterilerin nasıl erişeceğini yapılandırın.",
"internalResourceFormMultiSiteRoutingHelp": "Birden fazla site seçmek, yüksek kullanılabilirlik için dirençli yönlendirme ve yedeklik sağlar.", "internalResourceFormMultiSiteRoutingHelp": "Birden fazla site seçmek, yüksek kullanılabilirlik için dirençli yönlendirme ve yedeklik sağlar.",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "Daha fazla bilgi", "internalResourceFormMultiSiteRoutingHelpLearnMore": "Daha fazla bilgi",
"editInternalResourceDialogPortRestrictionsDescription": "Belirtilen TCP/UDP portlarına erişimi kısıtlayın veya tüm portlara izin/engelleme verin.", "editInternalResourceDialogPortRestrictionsDescription": "Belirtilen TCP/UDP portlarına erişimi kısıtlayın veya tüm portlara izin/engelleme verin.",
+3 -1
View File
@@ -1462,6 +1462,7 @@
"actionGenerateAccessToken": "生成访问令牌", "actionGenerateAccessToken": "生成访问令牌",
"actionDeleteAccessToken": "删除访问令牌", "actionDeleteAccessToken": "删除访问令牌",
"actionListAccessTokens": "访问令牌", "actionListAccessTokens": "访问令牌",
"actionCreateResourceSessionToken": "创建资源会话令牌",
"actionCreateResourceRule": "创建资源规则", "actionCreateResourceRule": "创建资源规则",
"actionDeleteResourceRule": "删除资源规则", "actionDeleteResourceRule": "删除资源规则",
"actionListResourceRules": "列出资源规则", "actionListResourceRules": "列出资源规则",
@@ -2392,6 +2393,7 @@
"createInternalResourceDialogClose": "关闭", "createInternalResourceDialogClose": "关闭",
"createInternalResourceDialogCreateClientResource": "创建私有资源", "createInternalResourceDialogCreateClientResource": "创建私有资源",
"createInternalResourceDialogCreateClientResourceDescription": "创建一个新资源只能为连接到组织的客户端访问", "createInternalResourceDialogCreateClientResourceDescription": "创建一个新资源只能为连接到组织的客户端访问",
"privateResourceGeneralDescription": "配置名称、标识符和其他一般资源设置。",
"privateResourceCreatePageSeeAll": "查看所有私人资源", "privateResourceCreatePageSeeAll": "查看所有私人资源",
"privateResourceAllowIcmpPing": "允许 ICMP Ping", "privateResourceAllowIcmpPing": "允许 ICMP Ping",
"privateResourceNetworkAccess": "网络访问", "privateResourceNetworkAccess": "网络访问",
@@ -3268,7 +3270,7 @@
"editInternalResourceDialogAddUsers": "添加用户", "editInternalResourceDialogAddUsers": "添加用户",
"editInternalResourceDialogAddClients": "添加客户端", "editInternalResourceDialogAddClients": "添加客户端",
"editInternalResourceDialogDestinationLabel": "目标", "editInternalResourceDialogDestinationLabel": "目标",
"editInternalResourceDialogDestinationDescription": "选择该资源运行位置及客户端访问方式", "editInternalResourceDialogDestinationDescription": "配置客户端如何访问此资源。",
"internalResourceFormMultiSiteRoutingHelp": "选择多个站点可以实现高可用性的弹性路由和故障转移。", "internalResourceFormMultiSiteRoutingHelp": "选择多个站点可以实现高可用性的弹性路由和故障转移。",
"internalResourceFormMultiSiteRoutingHelpLearnMore": "了解更多", "internalResourceFormMultiSiteRoutingHelpLearnMore": "了解更多",
"editInternalResourceDialogPortRestrictionsDescription": "限制访问特定的TCP/UDP端口或允许/阻止所有端口。", "editInternalResourceDialogPortRestrictionsDescription": "限制访问特定的TCP/UDP端口或允许/阻止所有端口。",
+1
View File
@@ -1099,6 +1099,7 @@
"actionGenerateAccessToken": "生成訪問令牌", "actionGenerateAccessToken": "生成訪問令牌",
"actionDeleteAccessToken": "刪除訪問令牌", "actionDeleteAccessToken": "刪除訪問令牌",
"actionListAccessTokens": "訪問令牌", "actionListAccessTokens": "訪問令牌",
"actionCreateResourceSessionToken": "建立資源工作階段權杖",
"actionCreateResourceRule": "創建資源規則", "actionCreateResourceRule": "創建資源規則",
"actionDeleteResourceRule": "刪除資源規則", "actionDeleteResourceRule": "刪除資源規則",
"actionListResourceRules": "列出資源規則", "actionListResourceRules": "列出資源規則",
+4 -4
View File
@@ -12,7 +12,7 @@
"@asteasolutions/zod-to-openapi": "8.5.0", "@asteasolutions/zod-to-openapi": "8.5.0",
"@aws-sdk/client-s3": "3.1056.0", "@aws-sdk/client-s3": "3.1056.0",
"@devolutions/iron-remote-desktop": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-0.0.0.tgz", "@devolutions/iron-remote-desktop": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-0.0.0.tgz",
"@devolutions/iron-remote-desktop-rdp": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-rdp-0.0.0.tgz", "@devolutions/iron-remote-desktop-rdp": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-rdp-0.0.1.tgz",
"@headlessui/react": "2.2.10", "@headlessui/react": "2.2.10",
"@hookform/resolvers": "5.4.0", "@hookform/resolvers": "5.4.0",
"@monaco-editor/react": "4.7.0", "@monaco-editor/react": "4.7.0",
@@ -1124,9 +1124,9 @@
"integrity": "sha512-9o7PkCw9fdvGTPs0hgsUJG10QleGgcdsSCw1ekLpUOlVXtWCuiuPH+0bPDFhLWxqbVA+8pyVhwqdOI+t1T3TNA==" "integrity": "sha512-9o7PkCw9fdvGTPs0hgsUJG10QleGgcdsSCw1ekLpUOlVXtWCuiuPH+0bPDFhLWxqbVA+8pyVhwqdOI+t1T3TNA=="
}, },
"node_modules/@devolutions/iron-remote-desktop-rdp": { "node_modules/@devolutions/iron-remote-desktop-rdp": {
"version": "0.0.0", "version": "0.0.1",
"resolved": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-rdp-0.0.0.tgz", "resolved": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-rdp-0.0.1.tgz",
"integrity": "sha512-O0YVpOJDwUzekH3N2QKj+48WP+56wI0sj4VmaJkGoW5XgyAj2ONn2k3i+vk17Eavx+Vg6vAg3lwYRAOK4kKIDQ==" "integrity": "sha512-sIHllJ6rJfAgClsUFjJfVGFjIxm6ZQRyGfinwCzHYgwnHAMFE+Kvm0YzR9tg811Fhjm5F6gNUSLAll+7Eh0Deg=="
}, },
"node_modules/@dotenvx/dotenvx": { "node_modules/@dotenvx/dotenvx": {
"version": "1.69.1", "version": "1.69.1",
+1 -1
View File
@@ -34,7 +34,7 @@
"dependencies": { "dependencies": {
"@asteasolutions/zod-to-openapi": "8.5.0", "@asteasolutions/zod-to-openapi": "8.5.0",
"@devolutions/iron-remote-desktop": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-0.0.0.tgz", "@devolutions/iron-remote-desktop": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-0.0.0.tgz",
"@devolutions/iron-remote-desktop-rdp": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-rdp-0.0.0.tgz", "@devolutions/iron-remote-desktop-rdp": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-rdp-0.0.1.tgz",
"@aws-sdk/client-s3": "3.1056.0", "@aws-sdk/client-s3": "3.1056.0",
"@headlessui/react": "2.2.10", "@headlessui/react": "2.2.10",
"@hookform/resolvers": "5.4.0", "@hookform/resolvers": "5.4.0",
+1
View File
@@ -71,6 +71,7 @@ export enum ActionsEnum {
setResourceWhitelist = "setResourceWhitelist", setResourceWhitelist = "setResourceWhitelist",
getResourceWhitelist = "getResourceWhitelist", getResourceWhitelist = "getResourceWhitelist",
generateAccessToken = "generateAccessToken", generateAccessToken = "generateAccessToken",
createResourceSessionToken = "createResourceSessionToken",
deleteAcessToken = "deleteAcessToken", deleteAcessToken = "deleteAcessToken",
listAccessTokens = "listAccessTokens", listAccessTokens = "listAccessTokens",
createResourceRule = "createResourceRule", createResourceRule = "createResourceRule",
+3 -2
View File
@@ -12,7 +12,7 @@ import { logIncomingMiddleware } from "./middlewares/logIncoming";
import helmet from "helmet"; import helmet from "helmet";
import swaggerUi from "swagger-ui-express"; import swaggerUi from "swagger-ui-express";
import { OpenApiGeneratorV3 } from "@asteasolutions/zod-to-openapi"; import { OpenApiGeneratorV3 } from "@asteasolutions/zod-to-openapi";
import { registry } from "./openApi"; import { registry, openApiTags } from "./openApi";
import fs from "fs"; import fs from "fs";
import path from "path"; import path from "path";
import { APP_PATH } from "./lib/consts"; import { APP_PATH } from "./lib/consts";
@@ -181,7 +181,8 @@ function getOpenApiDocumentation() {
version: "v1", version: "v1",
title: "Pangolin Integration API" title: "Pangolin Integration API"
}, },
servers: [{ url: "/v1" }] servers: [{ url: "/v1" }],
tags: openApiTags
}); });
if (!process.env.DISABLE_GEN_OPENAPI) { if (!process.env.DISABLE_GEN_OPENAPI) {
+18 -7
View File
@@ -4,22 +4,33 @@ export const registry = new OpenAPIRegistry();
export enum OpenAPITags { export enum OpenAPITags {
Site = "Site", Site = "Site",
Org = "Organization",
PublicResource = "Public Resource", PublicResource = "Public Resource",
Target = "Resource Target",
PrivateResource = "Private Resource", PrivateResource = "Private Resource",
Policy = "Policy", Client = "Client",
Org = "Organization",
Domain = "Domain",
PublicResourcePolicy = "Public Resource Policy",
Role = "Role", Role = "Role",
User = "User", User = "User",
Invitation = "User Invitation",
Target = "Resource Target",
Rule = "Rule", Rule = "Rule",
Invitation = "User Invitation",
AccessToken = "Access Token", AccessToken = "Access Token",
GlobalIdp = "Identity Provider (Global)", GlobalIdp = "Identity Provider (Global)",
OrgIdp = "Identity Provider (Organization Only)", OrgIdp = "Identity Provider (Organization Only)",
Client = "Client",
ApiKey = "API Key", ApiKey = "API Key",
Domain = "Domain",
Blueprint = "Blueprint", Blueprint = "Blueprint",
Ssh = "SSH", Ssh = "SSH",
Logs = "Logs" Logs = "Logs",
EventStreamingDestination = "Event Streaming Destination",
AlertRule = "Alert Rule",
HealthCheck = "Health Check",
PublicResourcePolicyLegacy = "Public Resource Policy (Legacy)",
PublicResourceLegacy = "Public Resource (Legacy)",
PrivateResourceLegacy = "Private Resource (Legacy)"
} }
// Order here controls the order tags are displayed in Swagger UI
export const openApiTags = Object.values(OpenAPITags).map((name) => ({
name
}));
@@ -191,7 +191,7 @@ registry.registerPath({
method: "put", method: "put",
path: "/org/{orgId}/alert-rule", path: "/org/{orgId}/alert-rule",
description: "Create an alert rule for a specific organization.", description: "Create an alert rule for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.AlertRule],
request: { request: {
params: paramsSchema, params: paramsSchema,
body: { body: {
@@ -34,7 +34,7 @@ registry.registerPath({
method: "delete", method: "delete",
path: "/org/{orgId}/alert-rule/{alertRuleId}", path: "/org/{orgId}/alert-rule/{alertRuleId}",
description: "Delete an alert rule for a specific organization.", description: "Delete an alert rule for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.AlertRule],
request: { request: {
params: paramsSchema params: paramsSchema
}, },
@@ -48,7 +48,7 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/alert-rule/{alertRuleId}", path: "/org/{orgId}/alert-rule/{alertRuleId}",
description: "Get a specific alert rule for an organization.", description: "Get a specific alert rule for an organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.AlertRule],
request: { request: {
params: paramsSchema params: paramsSchema
}, },
@@ -90,7 +90,7 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/alert-rules", path: "/org/{orgId}/alert-rules",
description: "List all alert rules for a specific organization.", description: "List all alert rules for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.AlertRule],
request: { request: {
query: querySchema, query: querySchema,
params: paramsSchema params: paramsSchema
@@ -158,7 +158,7 @@ registry.registerPath({
method: "post", method: "post",
path: "/org/{orgId}/alert-rule/{alertRuleId}", path: "/org/{orgId}/alert-rule/{alertRuleId}",
description: "Update an alert rule for a specific organization.", description: "Update an alert rule for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.AlertRule],
request: { request: {
params: paramsSchema, params: paramsSchema,
body: { body: {
@@ -52,7 +52,7 @@ registry.registerPath({
method: "put", method: "put",
path: "/org/{orgId}/event-streaming-destination", path: "/org/{orgId}/event-streaming-destination",
description: "Create an event streaming destination for a specific organization.", description: "Create an event streaming destination for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.EventStreamingDestination],
request: { request: {
params: paramsSchema, params: paramsSchema,
body: { body: {
@@ -35,7 +35,7 @@ registry.registerPath({
path: "/org/{orgId}/event-streaming-destination/{destinationId}", path: "/org/{orgId}/event-streaming-destination/{destinationId}",
description: description:
"Delete an event streaming destination for a specific organization.", "Delete an event streaming destination for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.EventStreamingDestination],
request: { request: {
params: paramsSchema params: paramsSchema
}, },
@@ -109,7 +109,7 @@ registry.registerPath({
path: "/org/{orgId}/event-streaming-destination", path: "/org/{orgId}/event-streaming-destination",
description: description:
"List all event streaming destinations for a specific organization.", "List all event streaming destinations for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.EventStreamingDestination],
request: { request: {
query: querySchema, query: querySchema,
params: paramsSchema params: paramsSchema
@@ -55,7 +55,7 @@ registry.registerPath({
method: "post", method: "post",
path: "/org/{orgId}/event-streaming-destination/{destinationId}", path: "/org/{orgId}/event-streaming-destination/{destinationId}",
description: "Update an event streaming destination for a specific organization.", description: "Update an event streaming destination for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.EventStreamingDestination],
request: { request: {
params: paramsSchema, params: paramsSchema,
body: { body: {
@@ -75,7 +75,7 @@ registry.registerPath({
method: "put", method: "put",
path: "/org/{orgId}/health-check", path: "/org/{orgId}/health-check",
description: "Create a health check for a specific organization.", description: "Create a health check for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.HealthCheck],
request: { request: {
params: paramsSchema, params: paramsSchema,
body: { body: {
@@ -37,7 +37,7 @@ registry.registerPath({
method: "delete", method: "delete",
path: "/org/{orgId}/health-check/{healthCheckId}", path: "/org/{orgId}/health-check/{healthCheckId}",
description: "Delete a health check for a specific organization.", description: "Delete a health check for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.HealthCheck],
request: { request: {
params: paramsSchema params: paramsSchema
}, },
@@ -63,7 +63,7 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/health-checks", path: "/org/{orgId}/health-checks",
description: "List health checks for an organization.", description: "List health checks for an organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.HealthCheck],
request: { request: {
params: paramsSchema, params: paramsSchema,
query: querySchema query: querySchema
@@ -109,7 +109,7 @@ registry.registerPath({
method: "post", method: "post",
path: "/org/{orgId}/health-check/{healthCheckId}", path: "/org/{orgId}/health-check/{healthCheckId}",
description: "Update a health check for a specific organization.", description: "Update a health check for a specific organization.",
tags: [OpenAPITags.Org], tags: [OpenAPITags.HealthCheck],
request: { request: {
params: paramsSchema, params: paramsSchema,
body: { body: {
+149
View File
@@ -16,6 +16,10 @@ import * as org from "#private/routers/org";
import * as logs from "#private/routers/auditLogs"; import * as logs from "#private/routers/auditLogs";
import * as alertEvents from "#private/routers/alertEvents"; import * as alertEvents from "#private/routers/alertEvents";
import * as certificates from "#private/routers/certificates"; import * as certificates from "#private/routers/certificates";
import * as policy from "#private/routers/policy";
import * as eventStreamingDestination from "#private/routers/eventStreamingDestination";
import * as alertRule from "#private/routers/alertRule";
import * as healthChecks from "#private/routers/healthChecks";
import { import {
verifyApiKeyHasAction, verifyApiKeyHasAction,
@@ -24,6 +28,7 @@ import {
verifyApiKeyIdpAccess, verifyApiKeyIdpAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyApiKeyUserAccess, verifyApiKeyUserAccess,
verifyApiKeyResourcePolicyAccess,
verifyLimits verifyLimits
} from "@server/middlewares"; } from "@server/middlewares";
import * as user from "#private/routers/user"; import * as user from "#private/routers/user";
@@ -215,3 +220,147 @@ authenticated.delete(
logActionAudit(ActionsEnum.removeUserRole), logActionAudit(ActionsEnum.removeUserRole),
user.removeUserRole user.removeUserRole
); );
authenticated.get(
["/org/:orgId/resource-policies", "/org/:orgId/public-resource-policies"],
verifyValidLicense,
verifyValidSubscription(tierMatrix.resourcePolicies),
verifyApiKeyOrgAccess,
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.listResourcePolicies),
logActionAudit(ActionsEnum.listResourcePolicies),
policy.listResourcePolicies
);
authenticated.post(
["/org/:orgId/resource-policy", "/org/:orgId/public-resource-policy"],
verifyValidLicense,
verifyValidSubscription(tierMatrix.resourcePolicies),
verifyApiKeyOrgAccess,
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResourcePolicy),
logActionAudit(ActionsEnum.createResourcePolicy),
policy.createResourcePolicy
);
authenticated.delete(
["/resource-policy/:resourcePolicyId", "/public-resource-policy/:resourcePolicyId"],
verifyApiKeyResourcePolicyAccess,
verifyValidLicense,
verifyValidSubscription(tierMatrix.resourcePolicies),
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.deleteResourcePolicy),
logActionAudit(ActionsEnum.deleteResourcePolicy),
policy.deleteResourcePolicy
);
authenticated.put(
"/org/:orgId/event-streaming-destination",
verifyApiKeyOrgAccess,
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createEventStreamingDestination),
logActionAudit(ActionsEnum.createEventStreamingDestination),
eventStreamingDestination.createEventStreamingDestination
);
authenticated.post(
"/org/:orgId/event-streaming-destination/:destinationId",
verifyApiKeyOrgAccess,
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.updateEventStreamingDestination),
logActionAudit(ActionsEnum.updateEventStreamingDestination),
eventStreamingDestination.updateEventStreamingDestination
);
authenticated.delete(
"/org/:orgId/event-streaming-destination/:destinationId",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.deleteEventStreamingDestination),
logActionAudit(ActionsEnum.deleteEventStreamingDestination),
eventStreamingDestination.deleteEventStreamingDestination
);
authenticated.get(
"/org/:orgId/event-streaming-destinations",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listEventStreamingDestinations),
eventStreamingDestination.listEventStreamingDestinations
);
authenticated.put(
"/org/:orgId/alert-rule",
verifyApiKeyOrgAccess,
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createAlertRule),
logActionAudit(ActionsEnum.createAlertRule),
alertRule.createAlertRule
);
authenticated.post(
"/org/:orgId/alert-rule/:alertRuleId",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.updateAlertRule),
logActionAudit(ActionsEnum.updateAlertRule),
alertRule.updateAlertRule
);
authenticated.delete(
"/org/:orgId/alert-rule/:alertRuleId",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.deleteAlertRule),
logActionAudit(ActionsEnum.deleteAlertRule),
alertRule.deleteAlertRule
);
authenticated.get(
"/org/:orgId/alert-rules",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listAlertRules),
alertRule.listAlertRules
);
authenticated.get(
"/org/:orgId/alert-rule/:alertRuleId",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.getAlertRule),
alertRule.getAlertRule
);
authenticated.get(
"/org/:orgId/health-checks",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listHealthChecks),
healthChecks.listHealthChecks
);
authenticated.put(
"/org/:orgId/health-check",
verifyApiKeyOrgAccess,
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createHealthCheck),
logActionAudit(ActionsEnum.createHealthCheck),
healthChecks.createHealthCheck
);
authenticated.post(
"/org/:orgId/health-check/:healthCheckId",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.updateHealthCheck),
logActionAudit(ActionsEnum.updateHealthCheck),
healthChecks.updateHealthCheck
);
authenticated.delete(
"/org/:orgId/health-check/:healthCheckId",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.deleteHealthCheck),
logActionAudit(ActionsEnum.deleteHealthCheck),
healthChecks.deleteHealthCheck
);
authenticated.get(
"/org/:orgId/health-check/:healthCheckId/status-history",
verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.getTarget),
healthChecks.getHealthCheckStatusHistory
);
@@ -121,7 +121,7 @@ registry.registerPath({
method: "post", method: "post",
path: "/org/{orgId}/resource-policy", path: "/org/{orgId}/resource-policy",
description: "Create a resource policy.", description: "Create a resource policy.",
tags: [OpenAPITags.Org, OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: createResourcePolicyParamsSchema, params: createResourcePolicyParamsSchema,
body: { body: {
@@ -31,7 +31,7 @@ registry.registerPath({
method: "delete", method: "delete",
path: "/resource-policy/{resourcePolicyId}", path: "/resource-policy/{resourcePolicyId}",
description: "Delete a resource policy.", description: "Delete a resource policy.",
tags: [OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: deleteResourcePolicySchema params: deleteResourcePolicySchema
}, },
@@ -79,7 +79,7 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/resource-policies", path: "/org/{orgId}/resource-policies",
description: "List resource policies for an organization.", description: "List resource policies for an organization.",
tags: [OpenAPITags.Org, OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: z.object({ params: z.object({
orgId: z.string() orgId: z.string()
@@ -44,6 +44,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/access-token", path: "/resource/{resourceId}/access-token",
description: "Generate a new access token for a resource.", description: "Generate a new access token for a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: generateAccssTokenParamsSchema,
body: {
content: {
"application/json": {
schema: generateAccessTokenBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/access-token",
description: "Generate a new access token for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.AccessToken], tags: [OpenAPITags.PublicResource, OpenAPITags.AccessToken],
request: { request: {
params: generateAccssTokenParamsSchema, params: generateAccssTokenParamsSchema,
@@ -151,6 +151,35 @@ registry.registerPath({
method: "get", method: "get",
path: "/resource/{resourceId}/access-tokens", path: "/resource/{resourceId}/access-tokens",
description: "List all access tokens for a resource.", description: "List all access tokens for a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: z.object({
resourceId: z.number()
}),
query: listAccessTokensSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/access-tokens",
description: "List all access tokens for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.AccessToken], tags: [OpenAPITags.PublicResource, OpenAPITags.AccessToken],
request: { request: {
params: z.object({ params: z.object({
+5 -2
View File
@@ -736,11 +736,14 @@ export async function verifyResourceSession(
} }
} }
// If headerAuthExtendedCompatibility is activated but no clientHeaderAuth provided, force client to challenge // If headerAuthExtendedCompatibility is activated but no clientHeaderAuth provided, force client to challenge.
// Skip the challenge when SSO is also enabled so browsers get the SSO redirect instead of a native Basic
// Auth dialog; clients that proactively send Authorization: Basic are still accepted above.
if ( if (
headerAuthExtendedCompatibility && headerAuthExtendedCompatibility &&
headerAuthExtendedCompatibility.extendedCompatibilityIsActivated && headerAuthExtendedCompatibility.extendedCompatibilityIsActivated &&
!clientHeaderAuth !clientHeaderAuth &&
!sso
) { ) {
return headerAuthChallenged(res, redirectPath, resource.orgId); return headerAuthChallenged(res, redirectPath, resource.orgId);
} }
+177 -59
View File
@@ -162,7 +162,7 @@ authenticated.get(
// Site Resource endpoints // Site Resource endpoints
authenticated.put( authenticated.put(
"/org/:orgId/site-resource", ["/org/:orgId/site-resource", "/org/:orgId/private-resource"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createSiteResource), verifyApiKeyHasAction(ActionsEnum.createSiteResource),
@@ -171,7 +171,10 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/org/:orgId/site/:siteId/resources", [
"/org/:orgId/site/:siteId/resources",
"/org/:orgId/site/:siteId/private-resources"
],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeySiteAccess, verifyApiKeySiteAccess,
verifyApiKeyHasAction(ActionsEnum.listSiteResources), verifyApiKeyHasAction(ActionsEnum.listSiteResources),
@@ -179,21 +182,21 @@ authenticated.get(
); );
authenticated.get( authenticated.get(
"/org/:orgId/site-resources", ["/org/:orgId/site-resources", "/org/:orgId/private-resources"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listSiteResources), verifyApiKeyHasAction(ActionsEnum.listSiteResources),
siteResource.listAllSiteResourcesByOrg siteResource.listAllSiteResourcesByOrg
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId", ["/site-resource/:siteResourceId", "/private-resource/:siteResourceId"],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getSiteResource), verifyApiKeyHasAction(ActionsEnum.getSiteResource),
siteResource.getSiteResource siteResource.getSiteResource
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId", ["/site-resource/:siteResourceId", "/private-resource/:siteResourceId"],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.updateSiteResource), verifyApiKeyHasAction(ActionsEnum.updateSiteResource),
@@ -202,7 +205,7 @@ authenticated.post(
); );
authenticated.delete( authenticated.delete(
"/site-resource/:siteResourceId", ["/site-resource/:siteResourceId", "/private-resource/:siteResourceId"],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.deleteSiteResource), verifyApiKeyHasAction(ActionsEnum.deleteSiteResource),
logActionAudit(ActionsEnum.deleteSiteResource), logActionAudit(ActionsEnum.deleteSiteResource),
@@ -210,28 +213,40 @@ authenticated.delete(
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId/roles", [
"/site-resource/:siteResourceId/roles",
"/private-resource/:siteResourceId/roles"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceRoles), verifyApiKeyHasAction(ActionsEnum.listResourceRoles),
siteResource.listSiteResourceRoles siteResource.listSiteResourceRoles
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId/users", [
"/site-resource/:siteResourceId/users",
"/private-resource/:siteResourceId/users"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceUsers), verifyApiKeyHasAction(ActionsEnum.listResourceUsers),
siteResource.listSiteResourceUsers siteResource.listSiteResourceUsers
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId/clients", [
"/site-resource/:siteResourceId/clients",
"/private-resource/:siteResourceId/clients"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceUsers), verifyApiKeyHasAction(ActionsEnum.listResourceUsers),
siteResource.listSiteResourceClients siteResource.listSiteResourceClients
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/roles", [
"/site-resource/:siteResourceId/roles",
"/private-resource/:siteResourceId/roles"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -241,7 +256,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/users", [
"/site-resource/:siteResourceId/users",
"/private-resource/:siteResourceId/users"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -251,7 +269,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/roles/add", [
"/site-resource/:siteResourceId/roles/add",
"/private-resource/:siteResourceId/roles/add"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -261,7 +282,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/roles/remove", [
"/site-resource/:siteResourceId/roles/remove",
"/private-resource/:siteResourceId/roles/remove"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -271,7 +295,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/users/add", [
"/site-resource/:siteResourceId/users/add",
"/private-resource/:siteResourceId/users/add"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -281,7 +308,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/users/remove", [
"/site-resource/:siteResourceId/users/remove",
"/private-resource/:siteResourceId/users/remove"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -291,7 +321,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/clients", [
"/site-resource/:siteResourceId/clients",
"/private-resource/:siteResourceId/clients"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceClients, verifyApiKeySetResourceClients,
verifyLimits, verifyLimits,
@@ -301,7 +334,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/clients/add", [
"/site-resource/:siteResourceId/clients/add",
"/private-resource/:siteResourceId/clients/add"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceClients, verifyApiKeySetResourceClients,
verifyLimits, verifyLimits,
@@ -311,7 +347,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/clients/remove", [
"/site-resource/:siteResourceId/clients/remove",
"/private-resource/:siteResourceId/clients/remove"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceClients, verifyApiKeySetResourceClients,
verifyLimits, verifyLimits,
@@ -321,7 +360,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/client/:clientId/site-resources", ["/client/:clientId/site-resources", "/client/:clientId/private-resources"],
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceUsers), verifyApiKeyHasAction(ActionsEnum.setResourceUsers),
logActionAudit(ActionsEnum.setResourceUsers), logActionAudit(ActionsEnum.setResourceUsers),
@@ -329,7 +368,7 @@ authenticated.post(
); );
authenticated.put( authenticated.put(
"/org/:orgId/resource", ["/org/:orgId/resource", "/org/:orgId/public-resource"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResource), verifyApiKeyHasAction(ActionsEnum.createResource),
@@ -338,7 +377,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/org/:orgId/site/:siteId/resource", [
"/org/:orgId/site/:siteId/resource",
"/org/:orgId/site/:siteId/public-resource"
],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResource), verifyApiKeyHasAction(ActionsEnum.createResource),
@@ -347,14 +389,14 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/site/:siteId/resources", ["/site/:siteId/resources", "/site/:siteId/public-resources"],
verifyApiKeySiteAccess, verifyApiKeySiteAccess,
verifyApiKeyHasAction(ActionsEnum.listResources), verifyApiKeyHasAction(ActionsEnum.listResources),
resource.listResources resource.listResources
); );
authenticated.get( authenticated.get(
"/org/:orgId/resources", ["/org/:orgId/resources", "/org/:orgId/public-resources"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listResources), verifyApiKeyHasAction(ActionsEnum.listResources),
resource.listResources resource.listResources
@@ -442,42 +484,45 @@ authenticated.delete(
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/roles", ["/resource/:resourceId/roles", "/public-resource/:resourceId/roles"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceRoles), verifyApiKeyHasAction(ActionsEnum.listResourceRoles),
resource.listResourceRoles resource.listResourceRoles
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/users", ["/resource/:resourceId/users", "/public-resource/:resourceId/users"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceUsers), verifyApiKeyHasAction(ActionsEnum.listResourceUsers),
resource.listResourceUsers resource.listResourceUsers
); );
authenticated.get( authenticated.get(
"/resource/:resourceId", ["/resource/:resourceId", "/public-resource/:resourceId"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getResource), verifyApiKeyHasAction(ActionsEnum.getResource),
resource.getResource resource.getResource
); );
authenticated.get( authenticated.get(
"/resource-policy/:resourcePolicyId", [
"/resource-policy/:resourcePolicyId",
"/public-resource-policy/:resourcePolicyId"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyApiKeyHasAction(ActionsEnum.getResourcePolicy), verifyApiKeyHasAction(ActionsEnum.getResourcePolicy),
policy.getResourcePolicy policy.getResourcePolicy
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/policies", ["/resource/:resourceId/policies", "/public-resource/:resourceId/policies"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getResourcePolicy), verifyApiKeyHasAction(ActionsEnum.getResourcePolicy),
resource.getResourcePolicies resource.getResourcePolicies
); );
authenticated.post( authenticated.post(
"/resource/:resourceId", ["/resource/:resourceId", "/public-resource/:resourceId"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.updateResource), verifyApiKeyHasAction(ActionsEnum.updateResource),
@@ -486,14 +531,17 @@ authenticated.post(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId", [
"/resource-policy/:resourcePolicyId",
"/public-resource-policy/:resourcePolicyId"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyApiKeyHasAction(ActionsEnum.updateResourcePolicy), verifyApiKeyHasAction(ActionsEnum.updateResourcePolicy),
policy.updateResourcePolicy policy.updateResourcePolicy
); );
authenticated.delete( authenticated.delete(
"/resource/:resourceId", ["/resource/:resourceId", "/public-resource/:resourceId"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.deleteResource), verifyApiKeyHasAction(ActionsEnum.deleteResource),
logActionAudit(ActionsEnum.deleteResource), logActionAudit(ActionsEnum.deleteResource),
@@ -501,7 +549,7 @@ authenticated.delete(
); );
authenticated.put( authenticated.put(
"/resource/:resourceId/target", ["/resource/:resourceId/target", "/public-resource/:resourceId/target"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createTarget), verifyApiKeyHasAction(ActionsEnum.createTarget),
@@ -510,14 +558,14 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/targets", ["/resource/:resourceId/targets", "/public-resource/:resourceId/targets"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listTargets), verifyApiKeyHasAction(ActionsEnum.listTargets),
target.listTargets target.listTargets
); );
authenticated.put( authenticated.put(
"/resource/:resourceId/rule", ["/resource/:resourceId/rule", "/public-resource/:resourceId/rule"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResourceRule), verifyApiKeyHasAction(ActionsEnum.createResourceRule),
@@ -526,14 +574,17 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/rules", ["/resource/:resourceId/rules", "/public-resource/:resourceId/rules"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceRules), verifyApiKeyHasAction(ActionsEnum.listResourceRules),
resource.listResourceRules resource.listResourceRules
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/rule/:ruleId", [
"/resource/:resourceId/rule/:ruleId",
"/public-resource/:resourceId/rule/:ruleId"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.updateResourceRule), verifyApiKeyHasAction(ActionsEnum.updateResourceRule),
@@ -542,7 +593,10 @@ authenticated.post(
); );
authenticated.delete( authenticated.delete(
"/resource/:resourceId/rule/:ruleId", [
"/resource/:resourceId/rule/:ruleId",
"/public-resource/:resourceId/rule/:ruleId"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.deleteResourceRule), verifyApiKeyHasAction(ActionsEnum.deleteResourceRule),
logActionAudit(ActionsEnum.deleteResourceRule), logActionAudit(ActionsEnum.deleteResourceRule),
@@ -624,7 +678,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/roles", ["/resource/:resourceId/roles", "/public-resource/:resourceId/roles"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -634,7 +688,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/users", ["/resource/:resourceId/users", "/public-resource/:resourceId/users"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -644,7 +698,10 @@ authenticated.post(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/access-control", [
"/resource-policy/:resourcePolicyId/access-control",
"/public-resource-policy/:resourcePolicyId/access-control"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -656,7 +713,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/password", [
"/resource-policy/:resourcePolicyId/password",
"/public-resource-policy/:resourcePolicyId/password"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPassword), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPassword),
@@ -665,7 +725,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/pincode", [
"/resource-policy/:resourcePolicyId/pincode",
"/public-resource-policy/:resourcePolicyId/pincode"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPincode), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPincode),
@@ -674,7 +737,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/header-auth", [
"/resource-policy/:resourcePolicyId/header-auth",
"/public-resource-policy/:resourcePolicyId/header-auth"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyHeaderAuth), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyHeaderAuth),
@@ -683,7 +749,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/whitelist", [
"/resource-policy/:resourcePolicyId/whitelist",
"/public-resource-policy/:resourcePolicyId/whitelist"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyWhitelist),
@@ -692,7 +761,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/rules", [
"/resource-policy/:resourcePolicyId/rules",
"/public-resource-policy/:resourcePolicyId/rules"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyRules), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyRules),
@@ -701,7 +773,10 @@ authenticated.put(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/roles/add", [
"/resource/:resourceId/roles/add",
"/public-resource/:resourceId/roles/add"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -711,7 +786,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/roles/remove", [
"/resource/:resourceId/roles/remove",
"/public-resource/:resourceId/roles/remove"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -721,7 +799,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/users/add", [
"/resource/:resourceId/users/add",
"/public-resource/:resourceId/users/add"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -731,7 +812,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/users/remove", [
"/resource/:resourceId/users/remove",
"/public-resource/:resourceId/users/remove"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -741,7 +825,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/password`, [`/resource/:resourceId/password`, `/public-resource/:resourceId/password`],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePassword), verifyApiKeyHasAction(ActionsEnum.setResourcePassword),
@@ -750,7 +834,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/pincode`, [`/resource/:resourceId/pincode`, `/public-resource/:resourceId/pincode`],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePincode), verifyApiKeyHasAction(ActionsEnum.setResourcePincode),
@@ -759,7 +843,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/header-auth`, [
`/resource/:resourceId/header-auth`,
`/public-resource/:resourceId/header-auth`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceHeaderAuth), verifyApiKeyHasAction(ActionsEnum.setResourceHeaderAuth),
@@ -768,7 +855,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/whitelist`, [
`/resource/:resourceId/whitelist`,
`/public-resource/:resourceId/whitelist`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist),
@@ -777,7 +867,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/whitelist/add`, [
`/resource/:resourceId/whitelist/add`,
`/public-resource/:resourceId/whitelist/add`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist),
@@ -785,7 +878,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/whitelist/remove`, [
`/resource/:resourceId/whitelist/remove`,
`/public-resource/:resourceId/whitelist/remove`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist),
@@ -793,14 +889,20 @@ authenticated.post(
); );
authenticated.get( authenticated.get(
`/resource/:resourceId/whitelist`, [
`/resource/:resourceId/whitelist`,
`/public-resource/:resourceId/whitelist`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.getResourceWhitelist),
resource.getResourceWhitelist resource.getResourceWhitelist
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/access-token`, [
`/resource/:resourceId/access-token`,
`/public-resource/:resourceId/access-token`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.generateAccessToken), verifyApiKeyHasAction(ActionsEnum.generateAccessToken),
@@ -808,6 +910,19 @@ authenticated.post(
accessToken.generateAccessToken accessToken.generateAccessToken
); );
authenticated.post(
[
`/resource/:resourceId/session-token`,
`/public-resource/:resourceId/session-token`
],
verifyApiKeyResourceAccess,
verifyApiKeyUserAccess,
verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResourceSessionToken),
logActionAudit(ActionsEnum.createResourceSessionToken),
resource.createResourceSessionToken
);
authenticated.delete( authenticated.delete(
`/access-token/:accessTokenId`, `/access-token/:accessTokenId`,
verifyApiKeyAccessTokenAccess, verifyApiKeyAccessTokenAccess,
@@ -824,7 +939,10 @@ authenticated.get(
); );
authenticated.get( authenticated.get(
`/resource/:resourceId/access-tokens`, [
`/resource/:resourceId/access-tokens`,
`/public-resource/:resourceId/access-tokens`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listAccessTokens), verifyApiKeyHasAction(ActionsEnum.listAccessTokens),
accessToken.listAccessTokens accessToken.listAccessTokens
@@ -1154,7 +1272,7 @@ authenticated.get(
); );
authenticated.get( authenticated.get(
"/org/:orgId/resource-names", ["/org/:orgId/resource-names", "/org/:orgId/public-resource-names"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listResources), verifyApiKeyHasAction(ActionsEnum.listResources),
resource.listAllResourceNames resource.listAllResourceNames
+12 -2
View File
@@ -94,7 +94,13 @@ async function flushSitePingsToDb(): Promise<void> {
const pingsToFlush = new Map(pendingSitePings); const pingsToFlush = new Map(pendingSitePings);
pendingSitePings.clear(); pendingSitePings.clear();
const entries = Array.from(pingsToFlush.entries()); // Sort by id ascending so concurrent writers (other app replicas, or
// unrelated single-row updates elsewhere in the app) always acquire row
// locks in the same order. Without this, overlapping batches/updates
// that touch the same rows in different orders can deadlock each other.
const entries = Array.from(pingsToFlush.entries()).sort(
([a], [b]) => a - b
);
const BATCH_SIZE = 50; const BATCH_SIZE = 50;
for (let i = 0; i < entries.length; i += BATCH_SIZE) { for (let i = 0; i < entries.length; i += BATCH_SIZE) {
@@ -193,7 +199,11 @@ async function flushClientPingsToDb(): Promise<void> {
// ── Flush client pings ───────────────────────────────────────────── // ── Flush client pings ─────────────────────────────────────────────
if (pingsToFlush.size > 0) { if (pingsToFlush.size > 0) {
const entries = Array.from(pingsToFlush.entries()); // Sort ascending for consistent lock ordering (see note in
// flushSitePingsToDb).
const entries = Array.from(pingsToFlush.entries()).sort(
([a], [b]) => a - b
);
const BATCH_SIZE = 50; const BATCH_SIZE = 50;
for (let i = 0; i < entries.length; i += BATCH_SIZE) { for (let i = 0; i < entries.length; i += BATCH_SIZE) {
+15 -2
View File
@@ -168,7 +168,7 @@ registry.registerPath({
path: "/org/{orgId}/resource-policy/{niceId}", path: "/org/{orgId}/resource-policy/{niceId}",
description: description:
"Get a resource policy by orgId and niceId. NiceId is a readable ID for the resource and unique on a per org basis.", "Get a resource policy by orgId and niceId. NiceId is a readable ID for the resource and unique on a per org basis.",
tags: [OpenAPITags.Org, OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: z.object({ params: z.object({
orgId: z.string(), orgId: z.string(),
@@ -182,7 +182,20 @@ registry.registerPath({
method: "get", method: "get",
path: "/resource-policy/{resourcePolicyId}", path: "/resource-policy/{resourcePolicyId}",
description: "Get a resource policy by its resourcePolicyId.", description: "Get a resource policy by its resourcePolicyId.",
tags: [OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicyLegacy],
request: {
params: z.object({
resourcePolicyId: z.number()
})
},
responses: {}
});
registry.registerPath({
method: "get",
path: "/public-resource-policy/{resourcePolicyId}",
description: "Get a resource policy by its resourcePolicyId.",
tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: z.object({ params: z.object({
resourcePolicyId: z.number() resourcePolicyId: z.number()
@@ -40,7 +40,26 @@ registry.registerPath({
path: "/resource-policy/{resourceId}/access-control", path: "/resource-policy/{resourceId}/access-control",
description: description:
"Set access control users for a resource policy, including SSO, users, roles, Identity provider.", "Set access control users for a resource policy, including SSO, users, roles, Identity provider.",
tags: [OpenAPITags.Policy, OpenAPITags.User], tags: [OpenAPITags.PublicResourcePolicyLegacy],
request: {
params: setResourcePolicyAccessControlParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyAcccessControlBodySchema
}
}
}
},
responses: {}
});
registry.registerPath({
method: "post",
path: "/public-resource-policy/{resourceId}/access-control",
description:
"Set access control users for a resource policy, including SSO, users, roles, Identity provider.",
tags: [OpenAPITags.PublicResourcePolicy, OpenAPITags.User],
request: { request: {
params: setResourcePolicyAccessControlParamsSchema, params: setResourcePolicyAccessControlParamsSchema,
body: { body: {
@@ -29,7 +29,26 @@ registry.registerPath({
path: "/resource-policy/{resourcePolicyId}/header-auth", path: "/resource-policy/{resourcePolicyId}/header-auth",
description: description:
"Set or update the header authentication for a resource policy. If user and password is not provided, it will remove the header authentication.", "Set or update the header authentication for a resource policy. If user and password is not provided, it will remove the header authentication.",
tags: [OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicyLegacy],
request: {
params: setResourcePolicyHeaderAuthParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyHeaderAuthBodySchema
}
}
}
},
responses: {}
});
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/header-auth",
description:
"Set or update the header authentication for a resource policy. If user and password is not provided, it will remove the header authentication.",
tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: setResourcePolicyHeaderAuthParamsSchema, params: setResourcePolicyHeaderAuthParamsSchema,
body: { body: {
@@ -24,7 +24,26 @@ registry.registerPath({
path: "/resource-policy/{resourcePolicyId}/password", path: "/resource-policy/{resourcePolicyId}/password",
description: description:
"Set the password for a resource policy. Setting the password to null will remove it.", "Set the password for a resource policy. Setting the password to null will remove it.",
tags: [OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicyLegacy],
request: {
params: setResourcePolicyPasswordParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyPasswordBodySchema
}
}
}
},
responses: {}
});
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/password",
description:
"Set the password for a resource policy. Setting the password to null will remove it.",
tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: setResourcePolicyPasswordParamsSchema, params: setResourcePolicyPasswordParamsSchema,
body: { body: {
@@ -27,7 +27,26 @@ registry.registerPath({
path: "/resource-policy/{resourcePolicyId}/pincode", path: "/resource-policy/{resourcePolicyId}/pincode",
description: description:
"Set the PIN code for a resource policy. Setting the PIN code to null will remove it.", "Set the PIN code for a resource policy. Setting the PIN code to null will remove it.",
tags: [OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicyLegacy],
request: {
params: setResourcePolicyPincodeParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyPincodeBodySchema
}
}
}
},
responses: {}
});
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/pincode",
description:
"Set the PIN code for a resource policy. Setting the PIN code to null will remove it.",
tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: setResourcePolicyPincodeParamsSchema, params: setResourcePolicyPincodeParamsSchema,
body: { body: {
@@ -47,7 +47,26 @@ registry.registerPath({
path: "/resource-policy/{resourcePolicyId}/rules", path: "/resource-policy/{resourcePolicyId}/rules",
description: description:
"Set all rules for a resource policy at once. This will replace all existing rules.", "Set all rules for a resource policy at once. This will replace all existing rules.",
tags: [OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicyLegacy],
request: {
params: setResourcePolicyRulesParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyRulesBodySchema
}
}
}
},
responses: {}
});
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/rules",
description:
"Set all rules for a resource policy at once. This will replace all existing rules.",
tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: setResourcePolicyRulesParamsSchema, params: setResourcePolicyRulesParamsSchema,
body: { body: {
@@ -32,7 +32,26 @@ registry.registerPath({
path: "/resource-policy/{resourcePolicyId}/whitelist", path: "/resource-policy/{resourcePolicyId}/whitelist",
description: description:
"Set email whitelist for a resource policy. This will replace all existing emails.", "Set email whitelist for a resource policy. This will replace all existing emails.",
tags: [OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicyLegacy],
request: {
params: setResourcePolicyWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyWhitelistBodySchema
}
}
}
},
responses: {}
});
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/whitelist",
description:
"Set email whitelist for a resource policy. This will replace all existing emails.",
tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: setResourcePolicyWhitelistParamsSchema, params: setResourcePolicyWhitelistParamsSchema,
body: { body: {
+19 -1
View File
@@ -22,7 +22,25 @@ registry.registerPath({
method: "put", method: "put",
path: "/resource-policy/{resourcePolicyId}", path: "/resource-policy/{resourcePolicyId}",
description: "Update a resource policy.", description: "Update a resource policy.",
tags: [OpenAPITags.Org, OpenAPITags.Policy], tags: [OpenAPITags.PublicResourcePolicy],
request: {
params: updateResourcePolicyParamsSchema,
body: {
content: {
"application/json": {
schema: updateResourcePolicyBodySchema
}
}
}
},
responses: {}
});
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}",
description: "Update a resource policy.",
tags: [OpenAPITags.PublicResourcePolicy],
request: { request: {
params: updateResourcePolicyParamsSchema, params: updateResourcePolicyParamsSchema,
body: { body: {
@@ -34,6 +34,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/whitelist/add", path: "/resource/{resourceId}/whitelist/add",
description: "Add a single email to the resource whitelist.", description: "Add a single email to the resource whitelist.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: addEmailToResourceWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: addEmailToResourceWhitelistBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/whitelist/add",
description: "Add a single email to the resource whitelist.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: addEmailToResourceWhitelistParamsSchema, params: addEmailToResourceWhitelistParamsSchema,
@@ -144,10 +177,7 @@ export async function addEmailToResourceWhitelist(
.from(resourcePolicyWhiteList) .from(resourcePolicyWhiteList)
.where( .where(
and( and(
eq( eq(resourcePolicyWhiteList.resourcePolicyId, policyId),
resourcePolicyWhiteList.resourcePolicyId,
policyId
),
eq(resourcePolicyWhiteList.email, email) eq(resourcePolicyWhiteList.email, email)
) )
); );
@@ -28,6 +28,40 @@ const addRoleToResourceParamsSchema = z
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/roles/add", path: "/resource/{resourceId}/roles/add",
description:
"Add a single role to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the role is added to the inline policy instead of directly to the resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: addRoleToResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addRoleToResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/roles/add",
description: description:
"Add a single role to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the role is added to the inline policy instead of directly to the resource.", "Add a single role to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the role is added to the inline policy instead of directly to the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role], tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
@@ -28,6 +28,40 @@ const addUserToResourceParamsSchema = z
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/users/add", path: "/resource/{resourceId}/users/add",
description:
"Add a single user to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the user is added to the inline policy instead of directly to the resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: addUserToResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addUserToResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/users/add",
description: description:
"Add a single user to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the user is added to the inline policy instead of directly to the resource.", "Add a single user to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the user is added to the inline policy instead of directly to the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User], tags: [OpenAPITags.PublicResource, OpenAPITags.User],
+33
View File
@@ -153,6 +153,39 @@ registry.registerPath({
method: "put", method: "put",
path: "/org/{orgId}/resource", path: "/org/{orgId}/resource",
description: "Create a resource.", description: "Create a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: createResourceParamsSchema,
body: {
content: {
"application/json": {
schema: createHttpResourceSchema.or(createRawResourceSchema)
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "put",
path: "/org/{orgId}/public-resource",
description: "Create a resource.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: createResourceParamsSchema, params: createResourceParamsSchema,
@@ -32,6 +32,39 @@ registry.registerPath({
method: "put", method: "put",
path: "/resource/{resourceId}/rule", path: "/resource/{resourceId}/rule",
description: "Create a resource rule.", description: "Create a resource rule.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: createResourceRuleParamsSchema,
body: {
content: {
"application/json": {
schema: createResourceRuleSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "put",
path: "/public-resource/{resourceId}/rule",
description: "Create a resource rule.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule], tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: { request: {
params: createResourceRuleParamsSchema, params: createResourceRuleParamsSchema,
@@ -0,0 +1,133 @@
import { Request, Response, NextFunction } from "express";
import { z } from "zod";
import { db } from "@server/db";
import { resources, users, userOrgs } from "@server/db";
import { eq, and } from "drizzle-orm";
import { createResourceSession } from "@server/auth/sessions/resource";
import HttpCode from "@server/types/HttpCode";
import createHttpError from "http-errors";
import { fromError } from "zod-validation-error";
import logger from "@server/logger";
import { createSession, generateSessionToken } from "@server/auth/sessions/app";
import { response } from "@server/lib/response";
const createResourceSessionTokenParams = z.strictObject({
resourceId: z.coerce.number().int().positive()
});
const createResourceSessionTokenBody = z.strictObject({
userId: z.string().nonempty(),
idpId: z.coerce.number().int().positive().optional()
});
export type CreateResourceSessionTokenResponse = {
requestToken: string;
};
export async function createResourceSessionToken(
req: Request,
res: Response,
next: NextFunction
): Promise<any> {
try {
const parsedParams = createResourceSessionTokenParams.safeParse(
req.params
);
if (!parsedParams.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedParams.error).toString()
)
);
}
const parsedBody = createResourceSessionTokenBody.safeParse(req.body);
if (!parsedBody.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedBody.error).toString()
)
);
}
const { resourceId } = parsedParams.data;
const { userId, idpId } = parsedBody.data;
const [resource] = await db
.select()
.from(resources)
.where(eq(resources.resourceId, resourceId))
.limit(1);
if (!resource) {
return next(
createHttpError(
HttpCode.NOT_FOUND,
`Resource with ID ${resourceId} not found`
)
);
}
const candidates = await db
.select({ userId: users.userId })
.from(userOrgs)
.innerJoin(users, eq(userOrgs.userId, users.userId))
.where(
and(
eq(users.userId, userId),
eq(userOrgs.orgId, resource.orgId)
)
);
if (candidates.length === 0) {
return next(
createHttpError(
HttpCode.NOT_FOUND,
`User not found in the organization that owns this resource`
)
);
}
if (candidates.length > 1) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Multiple users match this username (external users from different identity providers). Specify idpId to disambiguate."
)
);
}
const targetUserId = candidates[0].userId;
const appSessionToken = generateSessionToken();
const appSession = await createSession(appSessionToken, targetUserId);
const requestToken = generateSessionToken();
await createResourceSession({
resourceId,
token: requestToken,
userSessionId: appSession.sessionId,
isRequestToken: true,
expiresAt: Date.now() + 1000 * 30, // 30 seconds
sessionLength: 1000 * 30,
doNotExtend: true
});
logger.debug("Resource session token created successfully");
return response<CreateResourceSessionTokenResponse>(res, {
data: { requestToken },
success: true,
error: false,
message: "Resource session token created successfully",
status: HttpCode.OK
});
} catch (error) {
logger.error(error);
return next(
createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
);
}
}
+26
View File
@@ -22,6 +22,32 @@ registry.registerPath({
method: "delete", method: "delete",
path: "/resource/{resourceId}", path: "/resource/{resourceId}",
description: "Delete a resource.", description: "Delete a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: deleteResourceSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "delete",
path: "/public-resource/{resourceId}",
description: "Delete a resource.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: deleteResourceSchema params: deleteResourceSchema
@@ -19,6 +19,32 @@ registry.registerPath({
method: "delete", method: "delete",
path: "/resource/{resourceId}/rule/{ruleId}", path: "/resource/{resourceId}/rule/{ruleId}",
description: "Delete a resource rule.", description: "Delete a resource rule.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: deleteResourceRuleSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "delete",
path: "/public-resource/{resourceId}/rule/{ruleId}",
description: "Delete a resource rule.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule], tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: { request: {
params: deleteResourceRuleSchema params: deleteResourceRuleSchema
+29 -1
View File
@@ -63,7 +63,7 @@ registry.registerPath({
path: "/org/{orgId}/resource/{niceId}", path: "/org/{orgId}/resource/{niceId}",
description: description:
"Get a resource by orgId and niceId. NiceId is a readable ID for the resource and unique on a per org basis.", "Get a resource by orgId and niceId. NiceId is a readable ID for the resource and unique on a per org basis.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResourceLegacy],
request: { request: {
params: z.object({ params: z.object({
orgId: z.string(), orgId: z.string(),
@@ -92,6 +92,34 @@ registry.registerPath({
method: "get", method: "get",
path: "/resource/{resourceId}", path: "/resource/{resourceId}",
description: "Get a resource by resourceId.", description: "Get a resource by resourceId.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: z.object({
resourceId: z.number()
})
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}",
description: "Get a resource by resourceId.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: z.object({ params: z.object({
+15 -2
View File
@@ -25,8 +25,21 @@ export type GetResourcePoliciesResponse = {
registry.registerPath({ registry.registerPath({
method: "get", method: "get",
path: "/resource/{resourceId}/policies", path: "/resource/{resourceId}/policies",
description: "Get the inline and shared policies associated with a resource.", description:
tags: [OpenAPITags.PublicResource, OpenAPITags.Policy], "Get the inline and shared policies associated with a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: getResourcePoliciesParamsSchema
},
responses: {}
});
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/policies",
description:
"Get the inline and shared policies associated with a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.PublicResourcePolicy],
request: { request: {
params: getResourcePoliciesParamsSchema params: getResourcePoliciesParamsSchema
}, },
@@ -44,6 +44,32 @@ registry.registerPath({
method: "get", method: "get",
path: "/resource/{resourceId}/whitelist", path: "/resource/{resourceId}/whitelist",
description: "Get the whitelist of emails for a specific resource.", description: "Get the whitelist of emails for a specific resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: getResourceWhitelistSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/whitelist",
description: "Get the whitelist of emails for a specific resource.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: getResourceWhitelistSchema params: getResourceWhitelistSchema
+1
View File
@@ -17,6 +17,7 @@ export * from "./getResourceWhitelist";
export * from "./authWithWhitelist"; export * from "./authWithWhitelist";
export * from "./authWithAccessToken"; export * from "./authWithAccessToken";
export * from "./getExchangeToken"; export * from "./getExchangeToken";
export * from "./createResourceSessionToken";
export * from "./createResourceRule"; export * from "./createResourceRule";
export * from "./deleteResourceRule"; export * from "./deleteResourceRule";
export * from "./listResourceRules"; export * from "./listResourceRules";
@@ -33,6 +33,34 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/resources-names", path: "/org/{orgId}/resources-names",
description: "List all resource names for an organization.", description: "List all resource names for an organization.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: z.object({
orgId: z.string()
})
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/org/{orgId}/public-resource-names",
description: "List all resource names for an organization.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: z.object({ params: z.object({
@@ -48,6 +48,32 @@ registry.registerPath({
method: "get", method: "get",
path: "/resource/{resourceId}/roles", path: "/resource/{resourceId}/roles",
description: "List all roles for a resource.", description: "List all roles for a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: listResourceRolesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/roles",
description: "List all roles for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role], tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
request: { request: {
params: listResourceRolesSchema params: listResourceRolesSchema
@@ -71,6 +71,33 @@ registry.registerPath({
method: "get", method: "get",
path: "/resource/{resourceId}/rules", path: "/resource/{resourceId}/rules",
description: "List rules for a resource.", description: "List rules for a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: listResourceRulesParamsSchema,
query: listResourceRulesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/rules",
description: "List rules for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule], tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: { request: {
params: listResourceRulesParamsSchema, params: listResourceRulesParamsSchema,
@@ -38,6 +38,32 @@ registry.registerPath({
method: "get", method: "get",
path: "/resource/{resourceId}/users", path: "/resource/{resourceId}/users",
description: "List all users for a resource.", description: "List all users for a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: listResourceUsersSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/users",
description: "List all users for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User], tags: [OpenAPITags.PublicResource, OpenAPITags.User],
request: { request: {
params: listResourceUsersSchema params: listResourceUsersSchema
+29
View File
@@ -400,6 +400,35 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/resources", path: "/org/{orgId}/resources",
description: "List resources for an organization.", description: "List resources for an organization.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: z.object({
orgId: z.string()
}),
query: listResourcesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/org/{orgId}/public-resources",
description: "List resources for an organization.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: z.object({ params: z.object({
@@ -34,6 +34,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/whitelist/remove", path: "/resource/{resourceId}/whitelist/remove",
description: "Remove a single email from the resource whitelist.", description: "Remove a single email from the resource whitelist.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: removeEmailFromResourceWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: removeEmailFromResourceWhitelistBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/whitelist/remove",
description: "Remove a single email from the resource whitelist.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
request: { request: {
params: removeEmailFromResourceWhitelistParamsSchema, params: removeEmailFromResourceWhitelistParamsSchema,
@@ -143,10 +176,7 @@ export async function removeEmailFromResourceWhitelist(
.from(resourcePolicyWhiteList) .from(resourcePolicyWhiteList)
.where( .where(
and( and(
eq( eq(resourcePolicyWhiteList.resourcePolicyId, policyId),
resourcePolicyWhiteList.resourcePolicyId,
policyId
),
eq(resourcePolicyWhiteList.email, email) eq(resourcePolicyWhiteList.email, email)
) )
); );
@@ -164,10 +194,7 @@ export async function removeEmailFromResourceWhitelist(
.delete(resourcePolicyWhiteList) .delete(resourcePolicyWhiteList)
.where( .where(
and( and(
eq( eq(resourcePolicyWhiteList.resourcePolicyId, policyId),
resourcePolicyWhiteList.resourcePolicyId,
policyId
),
eq(resourcePolicyWhiteList.email, email) eq(resourcePolicyWhiteList.email, email)
) )
); );
@@ -29,6 +29,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/roles/remove", path: "/resource/{resourceId}/roles/remove",
description: "Remove a single role from a resource.", description: "Remove a single role from a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: removeRoleFromResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeRoleFromResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/roles/remove",
description: "Remove a single role from a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role], tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
request: { request: {
params: removeRoleFromResourceParamsSchema, params: removeRoleFromResourceParamsSchema,
@@ -29,6 +29,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/users/remove", path: "/resource/{resourceId}/users/remove",
description: "Remove a single user from a resource.", description: "Remove a single user from a resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: removeUserFromResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeUserFromResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/users/remove",
description: "Remove a single user from a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User], tags: [OpenAPITags.PublicResource, OpenAPITags.User],
request: { request: {
params: removeUserFromResourceParamsSchema, params: removeUserFromResourceParamsSchema,
@@ -29,6 +29,40 @@ const setResourceAuthMethodsBodySchema = z.strictObject({
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/header-auth", path: "/resource/{resourceId}/header-auth",
description:
"Set or update the header authentication for a resource. If user and password is not provided, it will remove the header authentication.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: setResourceAuthMethodsParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceAuthMethodsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/header-auth",
description: description:
"Set or update the header authentication for a resource. If user and password is not provided, it will remove the header authentication.", "Set or update the header authentication for a resource. If user and password is not provided, it will remove the header authentication.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
@@ -27,6 +27,40 @@ const setResourceAuthMethodsBodySchema = z.strictObject({
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/password", path: "/resource/{resourceId}/password",
description:
"Set the password for a resource. Setting the password to null will remove it.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: setResourceAuthMethodsParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceAuthMethodsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/password",
description: description:
"Set the password for a resource. Setting the password to null will remove it.", "Set the password for a resource. Setting the password to null will remove it.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
@@ -27,6 +27,40 @@ const setResourceAuthMethodsBodySchema = z.strictObject({
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/pincode", path: "/resource/{resourceId}/pincode",
description:
"Set the PIN code for a resource. Setting the PIN code to null will remove it.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: setResourceAuthMethodsParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceAuthMethodsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/pincode",
description: description:
"Set the PIN code for a resource. Setting the PIN code to null will remove it.", "Set the PIN code for a resource. Setting the PIN code to null will remove it.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
@@ -21,6 +21,40 @@ const setResourceRolesParamsSchema = z.strictObject({
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/roles", path: "/resource/{resourceId}/roles",
description:
"Set roles for a resource. This will replace all existing roles. When the resource has an inline policy defined (no shared resource policy assigned), roles are set on the inline policy instead of directly on the resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: setResourceRolesParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceRolesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/roles",
description: description:
"Set roles for a resource. This will replace all existing roles. When the resource has an inline policy defined (no shared resource policy assigned), roles are set on the inline policy instead of directly on the resource.", "Set roles for a resource. This will replace all existing roles. When the resource has an inline policy defined (no shared resource policy assigned), roles are set on the inline policy instead of directly on the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role], tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
@@ -21,6 +21,40 @@ const setUserResourcesParamsSchema = z.strictObject({
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/users", path: "/resource/{resourceId}/users",
description:
"Set users for a resource. This will replace all existing users. When the resource has an inline policy defined (no shared resource policy assigned), users are set on the inline policy instead of directly on the resource.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: setUserResourcesParamsSchema,
body: {
content: {
"application/json": {
schema: setUserResourcesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/users",
description: description:
"Set users for a resource. This will replace all existing users. When the resource has an inline policy defined (no shared resource policy assigned), users are set on the inline policy instead of directly on the resource.", "Set users for a resource. This will replace all existing users. When the resource has an inline policy defined (no shared resource policy assigned), users are set on the inline policy instead of directly on the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User], tags: [OpenAPITags.PublicResource, OpenAPITags.User],
@@ -35,6 +35,40 @@ const setResourceWhitelistParamsSchema = z.strictObject({
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/whitelist", path: "/resource/{resourceId}/whitelist",
description:
"Set email whitelist for a resource. This will replace all existing emails.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: setResourceWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceWhitelistBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/whitelist",
description: description:
"Set email whitelist for a resource. This will replace all existing emails.", "Set email whitelist for a resource. This will replace all existing emails.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
+36
View File
@@ -240,6 +240,42 @@ const updateRawResourceBodySchema = z
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}", path: "/resource/{resourceId}",
description:
"Update a resource. Policy fields (sso, mfa, pincode, password, whitelist) update the inline policy when no shared resource policy is assigned; when a shared policy is assigned those fields override the shared policy for this resource only.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: updateResourceParamsSchema,
body: {
content: {
"application/json": {
schema: updateHttpResourceBodySchema.and(
updateRawResourceBodySchema
)
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}",
description: description:
"Update a resource. Policy fields (sso, mfa, pincode, password, whitelist) update the inline policy when no shared resource policy is assigned; when a shared policy is assigned those fields override the shared policy for this resource only.", "Update a resource. Policy fields (sso, mfa, pincode, password, whitelist) update the inline policy when no shared resource policy is assigned; when a shared policy is assigned those fields override the shared policy for this resource only.",
tags: [OpenAPITags.PublicResource], tags: [OpenAPITags.PublicResource],
@@ -49,6 +49,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/resource/{resourceId}/rule/{ruleId}", path: "/resource/{resourceId}/rule/{ruleId}",
description: "Update a resource rule.", description: "Update a resource rule.",
tags: [OpenAPITags.PublicResourceLegacy],
request: {
params: updateResourceRuleParamsSchema,
body: {
content: {
"application/json": {
schema: updateResourceRuleSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/rule/{ruleId}",
description: "Update a resource rule.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule], tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: { request: {
params: updateResourceRuleParamsSchema, params: updateResourceRuleParamsSchema,
+1 -1
View File
@@ -177,7 +177,7 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/sites", path: "/org/{orgId}/sites",
description: "List all sites in an organization", description: "List all sites in an organization",
tags: [OpenAPITags.Org, OpenAPITags.Site], tags: [OpenAPITags.Site],
request: { request: {
params: listSitesParamsSchema, params: listSitesParamsSchema,
query: listSitesSchema query: listSitesSchema
@@ -31,6 +31,40 @@ const addClientToSiteResourceParamsSchema = z
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/clients/add", path: "/site-resource/{siteResourceId}/clients/add",
description:
"Add a single client to a site resource. Clients with a userId cannot be added.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: addClientToSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addClientToSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/clients/add",
description: description:
"Add a single client to a site resource. Clients with a userId cannot be added.", "Add a single client to a site resource. Clients with a userId cannot be added.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client], tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
@@ -33,6 +33,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/roles/add", path: "/site-resource/{siteResourceId}/roles/add",
description: "Add a single role to a site resource.", description: "Add a single role to a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: addRoleToSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addRoleToSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/roles/add",
description: "Add a single role to a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role], tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],
request: { request: {
params: addRoleToSiteResourceParamsSchema, params: addRoleToSiteResourceParamsSchema,
@@ -33,6 +33,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/users/add", path: "/site-resource/{siteResourceId}/users/add",
description: "Add a single user to a site resource.", description: "Add a single user to a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: addUserToSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addUserToSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/users/add",
description: "Add a single user to a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.User], tags: [OpenAPITags.PrivateResource, OpenAPITags.User],
request: { request: {
params: addUserToSiteResourceParamsSchema, params: addUserToSiteResourceParamsSchema,
@@ -38,6 +38,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/client/{clientId}/site-resources", path: "/client/{clientId}/site-resources",
description: "Add a machine client to multiple site resources at once.", description: "Add a machine client to multiple site resources at once.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: batchAddClientToSiteResourcesParamsSchema,
body: {
content: {
"application/json": {
schema: batchAddClientToSiteResourcesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/client/{clientId}/private-resources",
description: "Add a machine client to multiple site resources at once.",
tags: [OpenAPITags.Client], tags: [OpenAPITags.Client],
request: { request: {
params: batchAddClientToSiteResourcesParamsSchema, params: batchAddClientToSiteResourcesParamsSchema,
@@ -208,6 +208,39 @@ registry.registerPath({
method: "put", method: "put",
path: "/org/{orgId}/site-resource", path: "/org/{orgId}/site-resource",
description: "Create a new site resource.", description: "Create a new site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: createSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: createSiteResourceSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "put",
path: "/org/{orgId}/private-resource",
description: "Create a new site resource.",
tags: [OpenAPITags.PrivateResource], tags: [OpenAPITags.PrivateResource],
request: { request: {
params: createSiteResourceParamsSchema, params: createSiteResourceParamsSchema,
@@ -27,6 +27,32 @@ registry.registerPath({
method: "delete", method: "delete",
path: "/site-resource/{siteResourceId}", path: "/site-resource/{siteResourceId}",
description: "Delete a site resource.", description: "Delete a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: deleteSiteResourceParamsSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "delete",
path: "/private-resource/{siteResourceId}",
description: "Delete a site resource.",
tags: [OpenAPITags.PrivateResource], tags: [OpenAPITags.PrivateResource],
request: { request: {
params: deleteSiteResourceParamsSchema params: deleteSiteResourceParamsSchema
@@ -57,6 +57,36 @@ registry.registerPath({
method: "get", method: "get",
path: "/site-resource/{siteResourceId}", path: "/site-resource/{siteResourceId}",
description: "Get a specific site resource by siteResourceId.", description: "Get a specific site resource by siteResourceId.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: z.object({
siteResourceId: z.number(),
siteId: z.number(),
orgId: z.string()
})
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}",
description: "Get a specific site resource by siteResourceId.",
tags: [OpenAPITags.PrivateResource], tags: [OpenAPITags.PrivateResource],
request: { request: {
params: z.object({ params: z.object({
@@ -221,6 +221,33 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/site-resources", path: "/org/{orgId}/site-resources",
description: "List all site resources for an organization.", description: "List all site resources for an organization.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: listAllSiteResourcesByOrgParamsSchema,
query: listAllSiteResourcesByOrgQuerySchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/org/{orgId}/private-resources",
description: "List all site resources for an organization.",
tags: [OpenAPITags.PrivateResource], tags: [OpenAPITags.PrivateResource],
request: { request: {
params: listAllSiteResourcesByOrgParamsSchema, params: listAllSiteResourcesByOrgParamsSchema,
@@ -39,6 +39,32 @@ registry.registerPath({
method: "get", method: "get",
path: "/site-resource/{siteResourceId}/clients", path: "/site-resource/{siteResourceId}/clients",
description: "List all clients for a site resource.", description: "List all clients for a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: listSiteResourceClientsSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}/clients",
description: "List all clients for a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client], tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
request: { request: {
params: listSiteResourceClientsSchema params: listSiteResourceClientsSchema
@@ -40,6 +40,32 @@ registry.registerPath({
method: "get", method: "get",
path: "/site-resource/{siteResourceId}/roles", path: "/site-resource/{siteResourceId}/roles",
description: "List all roles for a site resource.", description: "List all roles for a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: listSiteResourceRolesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}/roles",
description: "List all roles for a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role], tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],
request: { request: {
params: listSiteResourceRolesSchema params: listSiteResourceRolesSchema
@@ -43,6 +43,32 @@ registry.registerPath({
method: "get", method: "get",
path: "/site-resource/{siteResourceId}/users", path: "/site-resource/{siteResourceId}/users",
description: "List all users for a site resource.", description: "List all users for a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: listSiteResourceUsersSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}/users",
description: "List all users for a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.User], tags: [OpenAPITags.PrivateResource, OpenAPITags.User],
request: { request: {
params: listSiteResourceUsersSchema params: listSiteResourceUsersSchema
@@ -58,6 +58,33 @@ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/site/{siteId}/resources", path: "/org/{orgId}/site/{siteId}/resources",
description: "List site resources for a site.", description: "List site resources for a site.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: listSiteResourcesParamsSchema,
query: listSiteResourcesQuerySchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "get",
path: "/org/{orgId}/site/{siteId}/private-resources",
description: "List site resources for a site.",
tags: [OpenAPITags.PrivateResource], tags: [OpenAPITags.PrivateResource],
request: { request: {
params: listSiteResourcesParamsSchema, params: listSiteResourcesParamsSchema,
@@ -31,6 +31,40 @@ const removeClientFromSiteResourceParamsSchema = z
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/clients/remove", path: "/site-resource/{siteResourceId}/clients/remove",
description:
"Remove a single client from a site resource. Clients with a userId cannot be removed.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: removeClientFromSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeClientFromSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/clients/remove",
description: description:
"Remove a single client from a site resource. Clients with a userId cannot be removed.", "Remove a single client from a site resource. Clients with a userId cannot be removed.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client], tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
@@ -33,6 +33,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/roles/remove", path: "/site-resource/{siteResourceId}/roles/remove",
description: "Remove a single role from a site resource.", description: "Remove a single role from a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: removeRoleFromSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeRoleFromSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/roles/remove",
description: "Remove a single role from a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role], tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],
request: { request: {
params: removeRoleFromSiteResourceParamsSchema, params: removeRoleFromSiteResourceParamsSchema,
@@ -33,6 +33,39 @@ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/users/remove", path: "/site-resource/{siteResourceId}/users/remove",
description: "Remove a single user from a site resource.", description: "Remove a single user from a site resource.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: removeUserFromSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeUserFromSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/users/remove",
description: "Remove a single user from a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.User], tags: [OpenAPITags.PrivateResource, OpenAPITags.User],
request: { request: {
params: removeUserFromSiteResourceParamsSchema, params: removeUserFromSiteResourceParamsSchema,
@@ -31,6 +31,40 @@ const setSiteResourceClientsParamsSchema = z
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/clients", path: "/site-resource/{siteResourceId}/clients",
description:
"Set clients for a site resource. This will replace all existing clients. Clients with a userId cannot be added.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: setSiteResourceClientsParamsSchema,
body: {
content: {
"application/json": {
schema: setSiteResourceClientsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/clients",
description: description:
"Set clients for a site resource. This will replace all existing clients. Clients with a userId cannot be added.", "Set clients for a site resource. This will replace all existing clients. Clients with a userId cannot be added.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client], tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
@@ -32,6 +32,40 @@ const setSiteResourceRolesParamsSchema = z
registry.registerPath({ registry.registerPath({
method: "post", method: "post",
path: "/site-resource/{siteResourceId}/roles", path: "/site-resource/{siteResourceId}/roles",
description:
"Set roles for a site resource. This will replace all existing roles.",
tags: [OpenAPITags.PrivateResourceLegacy],
request: {
params: setSiteResourceRolesParamsSchema,
body: {
content: {
"application/json": {
schema: setSiteResourceRolesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/roles",
description: description:
"Set roles for a site resource. This will replace all existing roles.", "Set roles for a site resource. This will replace all existing roles.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role], tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],

Some files were not shown because too many files have changed in this diff Show More