Skip to content

feat: add organization-scoped org sub-client (connections, rules, connect)#45

Merged
guyb1 merged 1 commit into
mainfrom
feat/org-client
Jul 4, 2026
Merged

feat: add organization-scoped org sub-client (connections, rules, connect)#45
guyb1 merged 1 commit into
mainfrom
feat/org-client

Conversation

@guyb1

@guyb1 guyb1 commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

What

A new organization-scoped sub-client, exposed as onecli.org:

  • connectApp(provider, { fields, connectionId?, label?, method? })POST /v1/org/apps/{provider}/connect
  • getAuthorizeUrl(provider, { connectionId? }) → captures the authorize redirect Location (redirect: "manual"; server-side runtimes only, documented)
  • listConnections(provider?) / renameConnection(id, label) / deleteConnection(id)/v1/org/connections
  • listRules() / getRule(id) / createRule(input) / updateRule(id, input) / deleteRule(id)/v1/org/rules

Unlike the project-scoped clients, org requests carry no X-Project-Id — the organization is derived from the API key itself (oc_org_…), and every operation requires the admin or owner role. A 404 from a server without the org surface is mapped to a descriptive OneCLIError ("requires OneCLI Cloud or a self-hosted Enterprise instance"), while id-addressed resource 404s (not_found_error) stay OneCLIRequestErrors with the server's message. Rule inputs/outputs use literal-union types matching the server's enums, enabled is required on create (as the server requires), and UpdateOrgRuleInput supports explicit null to clear nullable fields.

Purely additive — no existing export changes shape (feat: minor).

Verification

  • tsc --noEmit, vitest (87 tests, 13 new fetch-spy tests incl. bearer-present / no-X-Project-Id header assertions, manual-redirect capture, 404-type discrimination, server-message surfacing), tsup build (CJS + ESM + DTS) all green.
  • Types and paths verified against the live server implementation.

Review

Reviewed through the TypeScript skill lenses (typescript-pro, typescript-advanced-types, both read in full) plus a hunk-by-hunk self-review and adversarial pass. 8 findings fixed, the notable ones: enabled was optional where the server requires it (would 400 at runtime), the blanket 404 mapping misfired on resource-level 404s (now discriminated by error type), bare string fields replaced with the server's literal unions, and Partial-based update type replaced with an explicit null-clearable one.

Related PRs (merge order)

Server-side surface: https://github.com/onecli/onecli-cloud/pull/625 (must be deployed first). CLI sibling: onecli/onecli-cli#88. Docs: https://github.com/onecli/onecli-docs/pull/6 (lands last).

🤖 Generated with Claude Code

…nect)

New onecli.org surface: connect apps org-wide with direct credentials,
capture org OAuth authorize URLs, and manage org connections and rules.
Bearer-only auth (no X-Project-Id) — the organization comes from the
oc_org_ API key. Additive; no existing exports change shape.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@guyb1 guyb1 merged commit a057ec8 into main Jul 4, 2026
3 checks passed
@guyb1 guyb1 deleted the feat/org-client branch July 4, 2026 22:12
@guyb1 guyb1 mentioned this pull request Jul 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant