Skip to content

Commit 0646326

Browse files
agviegasclaude
andcommitted
docs(cloud): template context gets project-scoped listing examples
Follow-up to b108648, which added projectId filters to listFiles / listFolders / listApps / listComponents / listExecutions plus checkPermission / checkPermissionBatch. The cloud component template didn't mention any of this, so new scaffolds had no signal that project-scoped listing was available. src/cli/templates/cloud/CONTEXT.md gains two "Common patterns" subsections: - Listing resources inside a project: shows listFiles({ projectId }) and siblings, notes the STORAGE:READ requirement and the backend's 403 on missing permission, and mentions a missing projectId still works (personal scope). - Gating an action with a permission check: shows checkPermission usage with the new { hasPermission, scope } shape, explains scope values (global / project / entity / none), and points to checkPermissionBatch for batching. No template code changes — these are pure doc additions. Root CONTEXT.md was already updated by b108648 itself. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent ccd58fb commit 0646326

1 file changed

Lines changed: 33 additions & 0 deletions

File tree

src/cli/templates/cloud/CONTEXT.md

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -161,6 +161,39 @@ const { executionId } = await thatOpenServices.executeComponent(otherComponentId
161161
const result = await thatOpenServices.getExecution(executionId);
162162
```
163163

164+
### Listing resources inside a project
165+
166+
Pass `projectId` to the list methods to enumerate a specific project's
167+
resources. The backend enforces project-scoped permissions — the token
168+
running your component must have `STORAGE:READ` (or the relevant role)
169+
on that project; otherwise the call is rejected with `403`. A missing
170+
`projectId` still works and lists items in the caller's personal scope.
171+
172+
```ts
173+
const projectId = executionContext?.projectId;
174+
if (projectId) {
175+
const files = await thatOpenServices.listFiles({ projectId });
176+
const folders = await thatOpenServices.listFolders({ projectId });
177+
// listApps / listComponents / listExecutions all accept projectId too
178+
}
179+
```
180+
181+
### Gating an action with a permission check
182+
183+
```ts
184+
const { hasPermission, scope } = await thatOpenServices.checkPermission({
185+
resourceType: "STORAGE",
186+
action: "WRITE",
187+
projectId: executionContext?.projectId,
188+
});
189+
if (!hasPermission) {
190+
return { type: "FAIL", message: "Caller cannot write to this project" };
191+
}
192+
// scope is 'global' | 'project' | 'entity' | 'none' — useful when you
193+
// want the UI to know *why* a permission was granted. checkPermissionBatch
194+
// accepts a list of checks in a single round-trip.
195+
```
196+
164197
## Build configuration
165198

166199
- `vite.config.js` builds to IIFE format.

0 commit comments

Comments
 (0)