tyler.fun / prototypey
prototypey.org - atproto lexicon typescript toolkit - mirror https://github.com/tylersayshi/prototypey
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Clearer argument defs + simplifying type helper

This type function lets us carry the JSDoc across from the options to entry definitions, and simplifies our maintenance too 💪

authored by

JP Hastings-Spital and committed by
Tyler Lawson af651daa 59305872

+28 -61
+28 -61
packages/prototypey/core/lib.ts
··· 381 381 * @see https://atproto.com/specs/permission#repo 382 382 */ 383 383 type RepoPermissionOptions = { 384 - /** Collections this permission applies to (lexicon schemas or NSID strings) */ 384 + /** NSID of record types (lexicon schemas or NSID strings). Wildcard (*) grants access to all records. Partial wildcards are not supported. Wildcards are not supported in permissions within a permission set */ 385 385 collection: NsidResolvable[]; 386 - /** Allowed actions on the collections */ 386 + /** defines the set of record operations allowed. If not defined, all operations are allowed */ 387 387 action?: readonly ("create" | "update" | "delete")[]; 388 388 }; 389 389 ··· 392 392 * @see https://atproto.com/specs/permission#rpc 393 393 */ 394 394 type RpcPermissionOptions = { 395 - /** API endpoints this permission applies to (lexicon schemas or NSID strings) */ 396 - lxm?: NsidResolvable[]; 397 - /** DID of the target service */ 395 + /** NSID of API endpoints (lexicon schemas or NSID strings). Wildcard (*) gives access to all endpoints. Partial wildcards are not supported. Wildcards are not supported in permissions within a permission set */ 396 + lxm: NsidResolvable[]; 397 + /** audience of API requests, as a DID service reference: DID followed by required service type fragment (e.g. did:web:api.example.com#srvtype). Supports wildcard (*), though aud and lxm cannot both be wildcard. DID references are not allowed in permission set context. Always required in granular string representation; contingent on `inheritAud` in permission sets */ 398 398 aud?: string; 399 - /** Whether to inherit the audience from a parent include permission */ 399 + /** only used inside permission sets. If true, an `aud` value will be inherited from the `include:` invocation, and the `aud` field is not required on the permission */ 400 400 inheritAud?: boolean; 401 401 }; 402 402 ··· 405 405 * @see https://atproto.com/specs/permission#blob 406 406 */ 407 407 type BlobPermissionOptions = { 408 - /** Accepted MIME types or patterns (e.g. "image/*") */ 408 + /** MIME types or partial MIME type glob patterns. Same syntax as the `accept` field in the `blob` lexicon type */ 409 409 accept: string[]; 410 410 }; 411 411 ··· 414 414 * @see https://atproto.com/specs/permission#account 415 415 */ 416 416 type AccountPermissionOptions = { 417 - /** Account attribute: "email" or "repo" */ 417 + /** a component of account configuration. Wildcard is not supported. "email": account email address — `read` makes email and verification status visible, `manage` includes `read` and allows changing the email. "repo": ability to update entire public repository using a CAR file — `manage` allows importing CAR files (e.g. during account migration), `read` does nothing */ 418 418 attr: "email" | "repo"; 419 - /** Allowed action on the attribute */ 419 + /** degree of control. If not specified, default is `read` */ 420 420 action?: "read" | "manage"; 421 421 }; 422 422 ··· 425 425 * @see https://atproto.com/specs/permission#identity 426 426 */ 427 427 type IdentityPermissionOptions = { 428 - /** Identity attribute: "handle" or "*" for all */ 428 + /** an aspect or component of identity. Wildcard (*) indicates full control of DID document and handle. "handle": ability to update handle, including registration in the DID document and any domain names controlled by the PDS */ 429 429 attr: "handle" | "*"; 430 430 }; 431 431 432 - /** 433 - * Permission granting access to records in specified collections. 434 - * @see https://atproto.com/specs/permission#repo 435 - */ 436 - type RepoPermissionEntry = { 432 + /** Resolves an Options type into a permission entry, converting NsidResolvable fields to strings */ 433 + type PermissionEntryOf<Resource extends string, Opts> = { 437 434 type: "permission"; 438 - resource: "repo"; 439 - collection: string[]; 440 - action?: readonly ("create" | "update" | "delete")[]; 435 + resource: Resource; 436 + } & { 437 + [K in keyof Opts]: Opts[K] extends readonly NsidResolvable[] 438 + ? string[] 439 + : Opts[K]; 441 440 }; 442 441 443 - /** 444 - * Permission granting access to call API endpoints on a specified service. 445 - * @see https://atproto.com/specs/permission#rpc 446 - */ 447 - type RpcPermissionEntry = { 448 - type: "permission"; 449 - resource: "rpc"; 450 - lxm?: string[]; 451 - aud?: string; 452 - inheritAud?: boolean; 453 - }; 454 - 455 - /** 456 - * Permission granting access to upload blobs with specified MIME types. 457 - * @see https://atproto.com/specs/permission#blob 458 - */ 459 - type BlobPermissionEntry = { 460 - type: "permission"; 461 - resource: "blob"; 462 - accept: string[]; 463 - }; 464 - 465 - /** 466 - * Permission granting access to account-level attributes; read/update the associated email address, or replacing the entire repo (with a CAR file). 467 - * @see https://atproto.com/specs/permission#account 468 - */ 469 - type AccountPermissionEntry = { 470 - type: "permission"; 471 - resource: "account"; 472 - attr: "email" | "repo"; 473 - action?: "read" | "manage"; 474 - }; 475 - 476 - /** 477 - * Permission granting access to identity attributes like handle management. 478 - * @see https://atproto.com/specs/permission#identity 479 - */ 480 - type IdentityPermissionEntry = { 481 - type: "permission"; 482 - resource: "identity"; 483 - attr: "handle" | "*"; 484 - }; 442 + /** @see https://atproto.com/specs/permission#repo */ 443 + type RepoPermissionEntry = PermissionEntryOf<"repo", RepoPermissionOptions>; 444 + /** @see https://atproto.com/specs/permission#rpc */ 445 + type RpcPermissionEntry = PermissionEntryOf<"rpc", RpcPermissionOptions>; 446 + /** @see https://atproto.com/specs/permission#blob */ 447 + type BlobPermissionEntry = PermissionEntryOf<"blob", BlobPermissionOptions>; 448 + /** @see https://atproto.com/specs/permission#account */ 449 + type AccountPermissionEntry = PermissionEntryOf<"account", AccountPermissionOptions>; 450 + /** @see https://atproto.com/specs/permission#identity */ 451 + type IdentityPermissionEntry = PermissionEntryOf<"identity", IdentityPermissionOptions>; 485 452 486 453 /** 487 454 * Union of all permission entry types. ··· 800 767 return { 801 768 type: "permission", 802 769 resource: "rpc", 803 - ...(options.lxm ? { lxm: options.lxm.map(resolveNsid) } : {}), 770 + lxm: options.lxm.map(resolveNsid), 804 771 ...(options.aud !== undefined ? { aud: options.aud } : {}), 805 772 ...(options.inheritAud !== undefined 806 773 ? { inheritAud: options.inheritAud }