fix(sds): align organization and collaborator operations with SDS API contracts

- Add creatorDid parameter to organization.create endpoint
- Change organization.list response parsing from repositories to organizations field
- Update accessType values from owner|collaborator to owner|shared|none
- Add permission string array parser for collaborator.list endpoint
- Update type definitions to match actual SDS API response formats

Author: bitbeckers

packages/lexicon/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hypercerts-org/lexicon",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "ATProto lexicon definitions and TypeScript types for the Hypercerts protocol",
   "type": "module",
   "main": "dist/index.cjs",

packages/sdk-core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hypercerts-org/sdk-core",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "Framework-agnostic ATProto SDK core for authentication, repository operations, and lexicon management",
   "main": "dist/index.cjs",
   "repository": {

packages/sdk-core/src/core/types.ts

@@ -185,9 +185,10 @@ export const OrganizationSchema = z.object({
   /**
    * How the current user relates to this organization.
    * - `"owner"`: User created or owns the organization
-   * - `"collaborator"`: User was invited to collaborate
+   * - `"shared"`: User was invited to collaborate (has permissions)
+   * - `"none"`: User has no access to this organization
    */
-  accessType: z.enum(["owner", "collaborator"]),
+  accessType: z.enum(["owner", "shared", "none"]),
 });
 
 /**

packages/sdk-core/src/repository/CollaboratorOperationsImpl.ts

@@ -107,6 +107,27 @@ export class CollaboratorOperationsImpl implements CollaboratorOperations {
     return "viewer";
   }
 
+  /**
+   * Converts a permission string array to a permissions object.
+   *
+   * The SDS API returns permissions as an array of strings (e.g., ["read", "create"]).
+   * This method converts them to the boolean flag format used by the SDK.
+   *
+   * @param permissionArray - Array of permission strings from SDS API
+   * @returns Permission flags object
+   * @internal
+   */
+  private parsePermissions(permissionArray: string[]): CollaboratorPermissions {
+    return {
+      read: permissionArray.includes("read"),
+      create: permissionArray.includes("create"),
+      update: permissionArray.includes("update"),
+      delete: permissionArray.includes("delete"),
+      admin: permissionArray.includes("admin"),
+      owner: permissionArray.includes("owner"),
+    };
+  }
+
   /**
    * Grants repository access to a user.
    *
@@ -225,18 +246,21 @@ export class CollaboratorOperationsImpl implements CollaboratorOperations {
     return (data.collaborators || []).map(
       (c: {
         userDid: string;
-        permissions: CollaboratorPermissions;
+        permissions: string[]; // SDS API returns string array
         grantedBy: string;
         grantedAt: string;
         revokedAt?: string;
-      }) => ({
-        userDid: c.userDid,
-        role: this.permissionsToRole(c.permissions),
-        permissions: c.permissions,
-        grantedBy: c.grantedBy,
-        grantedAt: c.grantedAt,
-        revokedAt: c.revokedAt,
-      }),
+      }) => {
+        const permissions = this.parsePermissions(c.permissions);
+        return {
+          userDid: c.userDid,
+          role: this.permissionsToRole(permissions),
+          permissions: permissions,
+          grantedBy: c.grantedBy,
+          grantedAt: c.grantedAt,
+          revokedAt: c.revokedAt,
+        };
+      },
     );
   }
 

packages/sdk-core/src/repository/OrganizationOperationsImpl.ts

@@ -109,10 +109,18 @@ export class OrganizationOperationsImpl implements OrganizationOperations {
    * ```
    */
   async create(params: { name: string; description?: string; handle?: string }): Promise<OrganizationInfo> {
+    const userDid = this.session.did || this.session.sub;
+    if (!userDid) {
+      throw new NetworkError("No authenticated user found");
+    }
+
     const response = await this.session.fetchHandler(`${this.serverUrl}/xrpc/com.sds.organization.create`, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
-      body: JSON.stringify(params),
+      body: JSON.stringify({
+        ...params,
+        creatorDid: userDid,
+      }),
     });
 
     if (!response.ok) {
@@ -126,8 +134,15 @@ export class OrganizationOperationsImpl implements OrganizationOperations {
       name: data.name,
       description: data.description,
       createdAt: data.createdAt || new Date().toISOString(),
-      accessType: "owner",
-      permissions: { read: true, create: true, update: true, delete: true, admin: true, owner: true },
+      accessType: data.accessType || "owner",
+      permissions: data.permissions || {
+        read: true,
+        create: true,
+        update: true,
+        delete: true,
+        admin: true,
+        owner: true,
+      },
     };
   }
 
@@ -202,8 +217,13 @@ export class OrganizationOperationsImpl implements OrganizationOperations {
    * ```
    */
   async list(): Promise<OrganizationInfo[]> {
+    const userDid = this.session.did || this.session.sub;
+    if (!userDid) {
+      throw new NetworkError("No authenticated user found");
+    }
+
     const response = await this.session.fetchHandler(
-      `${this.serverUrl}/xrpc/com.sds.organization.list?userDid=${encodeURIComponent(this.session.did || this.session.sub)}`,
+      `${this.serverUrl}/xrpc/com.sds.organization.list?userDid=${encodeURIComponent(userDid)}`,
       { method: "GET" },
     );
 
@@ -212,20 +232,21 @@ export class OrganizationOperationsImpl implements OrganizationOperations {
     }
 
     const data = await response.json();
-    return (data.repositories || []).map(
+    return (data.organizations || []).map(
       (r: {
         did: string;
         handle: string;
         name: string;
         description?: string;
-        accessType: "owner" | "collaborator";
+        createdAt?: string;
+        accessType: "owner" | "shared" | "none";
         permissions: CollaboratorPermissions;
       }) => ({
         did: r.did,
         handle: r.handle,
         name: r.name,
         description: r.description,
-        createdAt: new Date().toISOString(), // SDS may not return this
+        createdAt: r.createdAt || new Date().toISOString(),
         accessType: r.accessType,
         permissions: r.permissions,
       }),

packages/sdk-core/src/repository/types.ts

@@ -85,7 +85,7 @@ export interface OrganizationInfo {
   name: string;
   description?: string;
   createdAt: string;
-  accessType: "owner" | "collaborator";
+  accessType: "owner" | "shared" | "none";
   permissions: CollaboratorPermissions;
   collaboratorCount?: number;
   profile?: {

packages/sdk-core/tests/repository/CollaboratorOperationsImpl.test.ts

@@ -131,13 +131,13 @@ describe("CollaboratorOperationsImpl", () => {
           collaborators: [
             {
               userDid: "did:plc:user1",
-              permissions: { read: true, create: true, update: true, delete: false, admin: false, owner: false },
+              permissions: ["read", "create", "update"],
               grantedBy: "did:plc:owner",
               grantedAt: "2024-01-01T00:00:00Z",
             },
             {
               userDid: "did:plc:user2",
-              permissions: { read: true, create: false, update: false, delete: false, admin: false, owner: false },
+              permissions: ["read"],
               grantedBy: "did:plc:owner",
               grantedAt: "2024-01-02T00:00:00Z",
             },
@@ -171,13 +171,13 @@ describe("CollaboratorOperationsImpl", () => {
           collaborators: [
             {
               userDid: "did:plc:owner",
-              permissions: { read: true, create: true, update: true, delete: true, admin: true, owner: true },
+              permissions: ["read", "create", "update", "delete", "admin", "owner"],
               grantedBy: "did:plc:system",
               grantedAt: "2024-01-01T00:00:00Z",
             },
             {
               userDid: "did:plc:admin",
-              permissions: { read: true, create: true, update: true, delete: true, admin: true, owner: false },
+              permissions: ["read", "create", "update", "delete", "admin"],
               grantedBy: "did:plc:owner",
               grantedAt: "2024-01-01T00:00:00Z",
             },
@@ -209,7 +209,7 @@ describe("CollaboratorOperationsImpl", () => {
           collaborators: [
             {
               userDid: "did:plc:activeuser",
-              permissions: { read: true, create: false, update: false, delete: false, admin: false, owner: false },
+              permissions: ["read"],
               grantedBy: "did:plc:owner",
               grantedAt: "2024-01-01T00:00:00Z",
             },
@@ -240,7 +240,7 @@ describe("CollaboratorOperationsImpl", () => {
           collaborators: [
             {
               userDid: "did:plc:revokeduser",
-              permissions: { read: true, create: false, update: false, delete: false, admin: false, owner: false },
+              permissions: ["read"],
               grantedBy: "did:plc:owner",
               grantedAt: "2024-01-01T00:00:00Z",
               revokedAt: "2024-02-01T00:00:00Z",
@@ -271,7 +271,7 @@ describe("CollaboratorOperationsImpl", () => {
           collaborators: [
             {
               userDid: "did:plc:editor",
-              permissions: { read: true, create: true, update: true, delete: false, admin: false, owner: false },
+              permissions: ["read", "create", "update"],
               grantedBy: "did:plc:owner",
               grantedAt: "2024-01-01T00:00:00Z",
             },
@@ -302,7 +302,7 @@ describe("CollaboratorOperationsImpl", () => {
           collaborators: [
             {
               userDid: "did:plc:revoked",
-              permissions: { read: true, create: true, update: true, delete: false, admin: false, owner: false },
+              permissions: ["read", "create", "update"],
               grantedBy: "did:plc:owner",
               grantedAt: "2024-01-01T00:00:00Z",
               revokedAt: "2024-02-01T00:00:00Z",

packages/sdk-core/tests/repository/OrganizationOperationsImpl.test.ts

@@ -74,9 +74,7 @@ describe("OrganizationOperationsImpl", () => {
         statusText: "Conflict",
       });
 
-      await expect(
-        orgOps.create({ name: "Test Org" }),
-      ).rejects.toThrow(NetworkError);
+      await expect(orgOps.create({ name: "Test Org" })).rejects.toThrow(NetworkError);
     });
   });
 
@@ -85,7 +83,7 @@ describe("OrganizationOperationsImpl", () => {
       mockSession.fetchHandler.mockResolvedValue({
         ok: true,
         json: async () => ({
-          repositories: [
+          organizations: [
             {
               did: "did:plc:org1",
               handle: "org1.example.com",
@@ -98,7 +96,7 @@ describe("OrganizationOperationsImpl", () => {
               did: "did:plc:org2",
               handle: "org2.example.com",
               name: "Organization 2",
-              accessType: "collaborator",
+              accessType: "shared",
               permissions: { read: true, create: true, update: true, delete: false, admin: false, owner: false },
             },
           ],
@@ -116,7 +114,7 @@ describe("OrganizationOperationsImpl", () => {
       mockSession.fetchHandler.mockResolvedValue({
         ok: true,
         json: async () => ({
-          repositories: [],
+          organizations: [],
         }),
       });
 
@@ -139,7 +137,7 @@ describe("OrganizationOperationsImpl", () => {
       mockSession.fetchHandler.mockResolvedValue({
         ok: true,
         json: async () => ({
-          repositories: [
+          organizations: [
             {
               did: "did:plc:org1",
               handle: "org1.example.com",
@@ -152,7 +150,7 @@ describe("OrganizationOperationsImpl", () => {
               handle: "org2.example.com",
               name: "Organization 2",
               description: "Second org",
-              accessType: "collaborator",
+              accessType: "shared",
               permissions: { read: true, create: true, update: false, delete: false, admin: false, owner: false },
             },
           ],
@@ -165,13 +163,13 @@ describe("OrganizationOperationsImpl", () => {
       expect(result[0].did).toBe("did:plc:org1");
       expect(result[0].accessType).toBe("owner");
       expect(result[1].did).toBe("did:plc:org2");
-      expect(result[1].accessType).toBe("collaborator");
+      expect(result[1].accessType).toBe("shared");
     });
 
     it("should handle empty repositories list", async () => {
       mockSession.fetchHandler.mockResolvedValue({
         ok: true,
-        json: async () => ({ repositories: [] }),
+        json: async () => ({ organizations: [] }),
       });
 
       const result = await orgOps.list();
@@ -182,7 +180,7 @@ describe("OrganizationOperationsImpl", () => {
     it("should use session DID in query", async () => {
       mockSession.fetchHandler.mockResolvedValue({
         ok: true,
-        json: async () => ({ repositories: [] }),
+        json: async () => ({ organizations: [] }),
       });
 
       await orgOps.list();
@@ -197,7 +195,7 @@ describe("OrganizationOperationsImpl", () => {
       mockSession.did = undefined;
       mockSession.fetchHandler.mockResolvedValue({
         ok: true,
-        json: async () => ({ repositories: [] }),
+        json: async () => ({ organizations: [] }),
       });
 
       await orgOps.list();
@@ -221,7 +219,7 @@ describe("OrganizationOperationsImpl", () => {
       mockSession.fetchHandler.mockResolvedValue({
         ok: true,
         json: async () => ({
-          repositories: [
+          organizations: [
             {
               did: "did:plc:org",
               handle: "org.example.com",

packages/sdk-react/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hypercerts-org/sdk-react",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "React hooks and components for the Hypercerts ATProto SDK",
   "type": "module",
   "main": "dist/index.cjs",