while-basic
diff --git a/‎…9_project_user_permissions/migration.sql‎ ‎…3_project_user_permissions/migration.sql‎apps/backend/prisma/migrations/20250324204959_project_user_permissions/migration.sql renamed to apps/backend/prisma/migrations/20250325235813_project_user_permissions/migration.sql
Lines changed: 16 additions & 1 deletion b/‎…9_project_user_permissions/migration.sql‎ ‎…3_project_user_permissions/migration.sql‎apps/backend/prisma/migrations/20250324204959_project_user_permissions/migration.sql renamed to apps/backend/prisma/migrations/20250325235813_project_user_permissions/migration.sql
Lines changed: 16 additions & 1 deletion
diff --git a/‎apps/backend/prisma/schema.prisma‎
Lines changed: 2 additions & 2 deletions b/‎apps/backend/prisma/schema.prisma‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎apps/backend/src/app/.well-known/jwks.json/route.ts‎
Lines changed: 0 additions & 32 deletions b/‎apps/backend/src/app/.well-known/jwks.json/route.ts‎
Lines changed: 0 additions & 32 deletions
diff --git a/‎apps/backend/src/app/api/latest/project-permission-definitions/[permission_id]/route.tsx‎
Lines changed: 4 additions & 0 deletions b/‎apps/backend/src/app/api/latest/project-permission-definitions/[permission_id]/route.tsx‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎…est/user-permission-definitions/crud.tsx‎ ‎…/project-permission-definitions/crud.tsx‎apps/backend/src/app/api/latest/user-permission-definitions/crud.tsx renamed to apps/backend/src/app/api/latest/project-permission-definitions/crud.tsx
Lines changed: 7 additions & 7 deletions b/‎…est/user-permission-definitions/crud.tsx‎ ‎…/project-permission-definitions/crud.tsx‎apps/backend/src/app/api/latest/user-permission-definitions/crud.tsx renamed to apps/backend/src/app/api/latest/project-permission-definitions/crud.tsx
Lines changed: 7 additions & 7 deletions
diff --git a/‎apps/backend/src/app/api/latest/project-permission-definitions/route.tsx‎
Lines changed: 4 additions & 0 deletions b/‎apps/backend/src/app/api/latest/project-permission-definitions/route.tsx‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎apps/backend/src/app/api/latest/project-permissions/[user_id]/[permission_id]/route.tsx‎
Lines changed: 4 additions & 0 deletions b/‎apps/backend/src/app/api/latest/project-permissions/[user_id]/[permission_id]/route.tsx‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎…app/api/latest/user-permissions/crud.tsx‎ ‎…/api/latest/project-permissions/crud.tsx‎apps/backend/src/app/api/latest/user-permissions/crud.tsx renamed to apps/backend/src/app/api/latest/project-permissions/crud.tsx
Lines changed: 14 additions & 14 deletions b/‎…app/api/latest/user-permissions/crud.tsx‎ ‎…/api/latest/project-permissions/crud.tsx‎apps/backend/src/app/api/latest/user-permissions/crud.tsx renamed to apps/backend/src/app/api/latest/project-permissions/crud.tsx
Lines changed: 14 additions & 14 deletions
diff --git a/‎apps/backend/src/app/api/latest/project-permissions/route.tsx‎
Lines changed: 3 additions & 0 deletions b/‎apps/backend/src/app/api/latest/project-permissions/route.tsx‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎apps/backend/src/app/api/latest/projects/current/crud.tsx‎
Lines changed: 7 additions & 7 deletions b/‎apps/backend/src/app/api/latest/projects/current/crud.tsx‎
Lines changed: 7 additions & 7 deletions
@@ -1,5 +1,20 @@
+/*
+  Warnings:
+
+  - The values [USER] on the enum `PermissionScope` will be removed. If these variants are still used in the database, this will fail.
+
+*/
+-- AlterEnum
+BEGIN;
+CREATE TYPE "PermissionScope_new" AS ENUM ('PROJECT', 'TEAM');
+ALTER TABLE "Permission" ALTER COLUMN "scope" TYPE "PermissionScope_new" USING ("scope"::text::"PermissionScope_new");
+ALTER TYPE "PermissionScope" RENAME TO "PermissionScope_old";
+ALTER TYPE "PermissionScope_new" RENAME TO "PermissionScope";
+DROP TYPE "PermissionScope_old";
+COMMIT;
+
 -- AlterTable
-ALTER TABLE "Permission" ADD COLUMN     "isDefaultUserPermission" BOOLEAN NOT NULL DEFAULT false;
+ALTER TABLE "Permission" ADD COLUMN     "isDefaultProjectPermission" BOOLEAN NOT NULL DEFAULT false;
 
 -- CreateTable
 CREATE TABLE "ProjectUserDirectPermission" (
 
@@ -224,14 +224,14 @@ model Permission {
 
   isDefaultTeamCreatorPermission Boolean @default(false)
   isDefaultTeamMemberPermission  Boolean @default(false)
-  isDefaultUserPermission        Boolean @default(false)
+  isDefaultProjectPermission Boolean @default(false)
 
@@unique([projectConfigId, queryableId])
@@unique([tenancyId, teamId, queryableId])
 }
 
 enum PermissionScope {
-  USER
+  PROJECT
   TEAM
 }
 
 
@@ -0,0 +1,4 @@
+import { projectPermissionDefinitionsCrudHandlers } from "../crud";
+
+export const PATCH = projectPermissionDefinitionsCrudHandlers.updateHandler;
+export const DELETE = projectPermissionDefinitionsCrudHandlers.deleteHandler;
@@ -1,18 +1,18 @@
 import { createPermissionDefinition, deletePermissionDefinition, listPermissionDefinitions, updatePermissionDefinitions } from "@/lib/permissions";
 import { retryTransaction } from "@/prisma-client";
 import { createCrudHandlers } from "@/route-handlers/crud-handler";
-import { userPermissionDefinitionsCrud } from '@stackframe/stack-shared/dist/interface/crud/user-permissions';
-import { teamPermissionDefinitionIdSchema, yupObject } from "@stackframe/stack-shared/dist/schema-fields";
+import { projectPermissionDefinitionsCrud } from '@stackframe/stack-shared/dist/interface/crud/project-permissions';
+import { permissionDefinitionIdSchema, yupObject } from "@stackframe/stack-shared/dist/schema-fields";
 import { createLazyProxy } from "@stackframe/stack-shared/dist/utils/proxies";
 
-export const userPermissionDefinitionsCrudHandlers = createLazyProxy(() => createCrudHandlers(userPermissionDefinitionsCrud, {
+export const projectPermissionDefinitionsCrudHandlers = createLazyProxy(() => createCrudHandlers(projectPermissionDefinitionsCrud, {
   paramsSchema: yupObject({
-    permission_id: teamPermissionDefinitionIdSchema.defined(),
+    permission_id: permissionDefinitionIdSchema.defined(),
   }),
   async onCreate({ auth, data }) {
     return await retryTransaction(async (tx) => {
       return await createPermissionDefinition(tx, {
-        scope: "USER",
+        scope: "PROJECT",
         tenancy: auth.tenancy,
         data,
       });
@@ -21,7 +21,7 @@ export const userPermissionDefinitionsCrudHandlers = createLazyProxy(() => creat
   async onUpdate({ auth, data, params }) {
     return await retryTransaction(async (tx) => {
       return await updatePermissionDefinitions(tx, {
-        scope: "USER",
+        scope: "PROJECT",
         tenancy: auth.tenancy,
         permissionId: params.permission_id,
         data,
@@ -39,7 +39,7 @@ export const userPermissionDefinitionsCrudHandlers = createLazyProxy(() => creat
   async onList({ auth }) {
     return await retryTransaction(async (tx) => {
       return {
-        items: await listPermissionDefinitions(tx, "USER", auth.tenancy),
+        items: await listPermissionDefinitions(tx, "PROJECT", auth.tenancy),
         is_paginated: false,
       };
     });
 
@@ -0,0 +1,4 @@
+import { projectPermissionDefinitionsCrudHandlers } from "./crud";
+
+export const POST = projectPermissionDefinitionsCrudHandlers.createHandler;
+export const GET = projectPermissionDefinitionsCrudHandlers.listHandler;
@@ -0,0 +1,4 @@
+import { projectPermissionsCrudHandlers } from "../../crud";
+
+export const POST = projectPermissionsCrudHandlers.createHandler;
+export const DELETE = projectPermissionsCrudHandlers.deleteHandler;
@@ -1,37 +1,37 @@
-import { grantUserPermission, listUserPermissions, revokeUserPermission } from "@/lib/permissions";
-import { ensureUserExists, ensureUserPermissionExists } from "@/lib/request-checks";
-import { sendUserPermissionCreatedWebhook, sendUserPermissionDeletedWebhook } from "@/lib/webhooks";
+import { grantProjectPermission, listProjectPermissions, revokeProjectPermission } from "@/lib/permissions";
+import { ensureUserExists, ensureProjectPermissionExists } from "@/lib/request-checks";
+import { sendProjectPermissionCreatedWebhook, sendProjectPermissionDeletedWebhook } from "@/lib/webhooks";
 import { retryTransaction } from "@/prisma-client";
 import { createCrudHandlers } from "@/route-handlers/crud-handler";
 import { runAsynchronouslyAndWaitUntil } from "@/utils/vercel";
 import { KnownErrors } from "@stackframe/stack-shared";
-import { userPermissionsCrud } from '@stackframe/stack-shared/dist/interface/crud/user-permissions';
-import { teamPermissionDefinitionIdSchema, userIdOrMeSchema, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+import { projectPermissionsCrud } from '@stackframe/stack-shared/dist/interface/crud/project-permissions';
+import { permissionDefinitionIdSchema, userIdOrMeSchema, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
 import { StatusError, throwErr } from "@stackframe/stack-shared/dist/utils/errors";
 import { createLazyProxy } from "@stackframe/stack-shared/dist/utils/proxies";
 
-export const userPermissionsCrudHandlers = createLazyProxy(() => createCrudHandlers(userPermissionsCrud, {
+export const projectPermissionsCrudHandlers = createLazyProxy(() => createCrudHandlers(projectPermissionsCrud, {
   querySchema: yupObject({
     user_id: userIdOrMeSchema.optional().meta({ openapiField: { onlyShowInOperations: [ 'List' ], description: 'Filter with the user ID. If set, only the permissions this user has will be returned. Client request must set `user_id=me`', exampleValue: 'me' } }),
-    permission_id: teamPermissionDefinitionIdSchema.optional().meta({ openapiField: { onlyShowInOperations: [ 'List' ], description: 'Filter with the permission ID. If set, only the permissions with this specific ID will be returned', exampleValue: '16399452-c4f3-4554-8e44-c2d67bb60360' } }),
+    permission_id: permissionDefinitionIdSchema.optional().meta({ openapiField: { onlyShowInOperations: [ 'List' ], description: 'Filter with the permission ID. If set, only the permissions with this specific ID will be returned', exampleValue: '16399452-c4f3-4554-8e44-c2d67bb60360' } }),
     recursive: yupString().oneOf(['true', 'false']).optional().meta({ openapiField: { onlyShowInOperations: [ 'List' ], description: 'Whether to list permissions recursively. If set to `false`, only the permission the users directly have will be listed. If set to `true` all the direct and indirect permissions will be listed.', exampleValue: 'true' } }),
   }),
   paramsSchema: yupObject({
     user_id: userIdOrMeSchema.defined(),
-    permission_id: teamPermissionDefinitionIdSchema.defined(),
+    permission_id: permissionDefinitionIdSchema.defined(),
   }),
   async onCreate({ auth, params }) {
     const result = await retryTransaction(async (tx) => {
       await ensureUserExists(tx, { tenancyId: auth.tenancy.id, userId: params.user_id });
 
-      return await grantUserPermission(tx, {
+      return await grantProjectPermission(tx, {
         tenancy: auth.tenancy,
         userId: params.user_id,
         permissionId: params.permission_id
       });
     });
 
-    runAsynchronouslyAndWaitUntil(sendUserPermissionCreatedWebhook({
+    runAsynchronouslyAndWaitUntil(sendProjectPermissionCreatedWebhook({
       projectId: auth.project.id,
       data: {
         id: params.permission_id,
@@ -43,22 +43,22 @@ export const userPermissionsCrudHandlers = createLazyProxy(() => createCrudHandl
   },
   async onDelete({ auth, params }) {
     const result = await retryTransaction(async (tx) => {
-      await ensureUserPermissionExists(tx, {
+      await ensureProjectPermissionExists(tx, {
         tenancy: auth.tenancy,
         userId: params.user_id,
         permissionId: params.permission_id,
         errorType: 'not-exist',
         recursive: false,
       });
 
-      return await revokeUserPermission(tx, {
+      return await revokeProjectPermission(tx, {
         tenancy: auth.tenancy,
         userId: params.user_id,
         permissionId: params.permission_id
       });
     });
 
-    runAsynchronouslyAndWaitUntil(sendUserPermissionDeletedWebhook({
+    runAsynchronouslyAndWaitUntil(sendProjectPermissionDeletedWebhook({
       projectId: auth.project.id,
       data: {
         id: params.permission_id,
@@ -79,7 +79,7 @@ export const userPermissionsCrudHandlers = createLazyProxy(() => createCrudHandl
 
     return await retryTransaction(async (tx) => {
       return {
-        items: await listUserPermissions(tx, {
+        items: await listProjectPermissions(tx, {
           tenancy: auth.tenancy,
           permissionId: query.permission_id,
           userId: query.user_id,
 
@@ -0,0 +1,3 @@
+import { projectPermissionsCrudHandlers } from "./crud";
+
+export const GET = projectPermissionsCrudHandlers.listHandler;
@@ -34,27 +34,27 @@ export const projectsCrudHandlers = createLazyProxy(() => createCrudHandlers(pro
       ] as const;
 
       const teamPermissions = await listPermissionDefinitions(tx, "TEAM", auth.tenancy);
-      const userPermissions = await listPermissionDefinitions(tx, "USER", auth.tenancy);
+      const projectPermissions = await listPermissionDefinitions(tx, "PROJECT", auth.tenancy);
 
       // Handle user default permissions
       const userDefaultPerms = data.config?.user_default_permissions?.map((p) => p.id);
       if (userDefaultPerms) {
-        if (!userDefaultPerms.every((id) => userPermissions.some((perm) => perm.id === id))) {
+        if (!userDefaultPerms.every((id) => projectPermissions.some((perm) => perm.id === id))) {
           throw new StatusError(StatusError.BadRequest,
-            `Invalid user default permission ids: ${userDefaultPerms.filter(id => !userPermissions.some(perm => perm.id === id)).join(', ')}`);
+            `Invalid user default permission ids: ${userDefaultPerms.filter(id => !projectPermissions.some(perm => perm.id === id)).join(', ')}`);
         }
 
-        // Remove existing default user permissions
+        // Remove existing default project permissions
         await tx.permission.updateMany({
           where: {
             projectConfigId: oldProject.config.id,
           },
           data: {
-            isDefaultUserPermission: false,
+            isDefaultProjectPermission: false,
           },
         });
 
-        // Add new default user permissions
+        // Add new default project permissions
         await tx.permission.updateMany({
           where: {
             projectConfigId: oldProject.config.id,
@@ -63,7 +63,7 @@ export const projectsCrudHandlers = createLazyProxy(() => createCrudHandlers(pro
             },
           },
           data: {
-            isDefaultUserPermission: true,
+            isDefaultProjectPermission: true,
           },
         });
       }
Original file line number	Diff line number	Diff line change
`@@ -224,14 +224,14 @@ model Permission {`
`224`	`224`
`225`	`225`	`isDefaultTeamCreatorPermission Boolean @default(false)`
`226`	`226`	`isDefaultTeamMemberPermission Boolean @default(false)`
`227`		`- isDefaultUserPermission Boolean @default(false)`
	`227`	`+ isDefaultProjectPermission Boolean @default(false)`
`228`	`228`
`229`	`229`	`@@unique([projectConfigId, queryableId])`
`230`	`230`	`@@unique([tenancyId, teamId, queryableId])`
`231`	`231`	`}`
`232`	`232`
`233`	`233`	`enum PermissionScope {`
`234`		`- USER`
	`234`	`+ PROJECT`
`235`	`235`	`TEAM`
`236`	`236`	`}`
`237`	`237`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+import { projectPermissionsCrudHandlers } from "./crud";`
	`2`	`+`
	`3`	`+export const GET = projectPermissionsCrudHandlers.listHandler;`