npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@devx-retailos/employee

v0.0.3

Published

Generic Employee module for retailOS. Employee entity, service, identity resolver that maps Medusa users to employee subjects for RBAC.

Downloads

536

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

jinangvoherajinangvoheranayan-devxnayan-devxkaushal_1717kaushal_1717brijeshagarwalbrijeshagarwalmilanghogharimilanghoghari

Keywords

medusa-plugin

Readme

@devx-retailos/employee

Generic Employee module for Medusa v2: an Employee entity with CRUD service and admin API routes, plus an identity resolver that maps authenticated Medusa users to employee subjects for RBAC.

Part of retailOS, a Medusa v2 SDK for offline-store POS systems. Packages are installed independently and composed in a brand's Medusa backend; this module pairs with @devx-retailos/rbac to give store staff role-based permissions.

Installation

npm install @devx-retailos/employee

Requires a Medusa v2 project (peer dependencies: @medusajs/framework and @medusajs/medusa ^2.15.0). Depends on @devx-retailos/core and @devx-retailos/rbac (installed automatically).

Setup

Register it alongside the RBAC module — on boot a loader syncs this module's permission keys into the RBAC permission table:

// medusa-config.ts
export default defineConfig({
  // ...
  plugins: [
    {
      resolve: "@devx-retailos/rbac",
      options: {},
    },
    {
      resolve: "@devx-retailos/employee",
      options: {},
    },
  ],
})

Then run migrations (npx medusa db:migrate) to create the retailos_employee table.

Data model

Employee (retailos_employee): organization_id, optional store_id, optional medusa_user_id (link to a Medusa admin user), unique employee_code, first_name, last_name, unique email, phone_number, is_active, metadata. Module links connect employees to the RBAC Organization and Store entities.

Usage

Resolve the service with the EMPLOYEE_MODULE key ("employee"):

import { EMPLOYEE_MODULE, type EmployeeModuleService } from "@devx-retailos/employee"

const employees: EmployeeModuleService = req.scope.resolve(EMPLOYEE_MODULE)

const [created] = await employees.createEmployees([
  {
    organization_id: "org_01",
    employee_code: "EMP-001",
    first_name: "Asha",
    last_name: "Rao",
    email: "[email protected]",
  },
])

await employees.linkToMedusaUser(created.id, "user_123")

On top of the standard Medusa-generated CRUD (createEmployees, listEmployees, …):

  • findByEmail(email) / findByEmployeeCode(code) / findByMedusaUserId(id)
  • linkToMedusaUser(employee_id, medusa_user_id | null) — link or unlink an admin user.
  • deactivate(employee_id) — soft-deactivate (is_active: false).

Identity resolver

employeeIdentityResolver turns the authenticated Medusa admin user into an employee subject (SUBJECT_TYPE_EMPLOYEE = "employee"), so roles are assigned to employees rather than raw Medusa users. It looks up the employee by medusa_user_id, returns null if no active linked employee exists, and scopes the check to the employee's own organization_id / store_id (overridable via the x-retailos-organization-id / x-retailos-store-id headers).

// src/api/middlewares.ts
import { defineMiddlewares } from "@medusajs/framework/http"
import { requirePermission } from "@devx-retailos/rbac/middlewares"
import { employeeIdentityResolver } from "@devx-retailos/employee/identity"

export default defineMiddlewares({
  routes: [
    {
      matcher: "/admin/retailos/employees*",
      middlewares: [
        requirePermission("employee.read", {
          identityResolver: employeeIdentityResolver,
        }),
      ],
    },
  ],
})

Permissions

Exported as EMPLOYEE_PERMISSIONS (also via @devx-retailos/employee/permissions) and auto-synced into RBAC at boot:

| Key | Description | | --- | --- | | employee.read | View employees | | employee.create | Create or invite employees | | employee.update | Edit employee profile | | employee.delete | Deactivate employees | | employee.link_user | Link or unlink an Employee with a Medusa admin user |

API routes

Mounted under the Medusa admin API (admin authentication applies). Permission enforcement is left to the consumer — guard them with requirePermission using the keys above.

| Method | Path | Description | | --- | --- | --- | | GET | /admin/retailos/employees | List employees (filterable). | | POST | /admin/retailos/employees | Create an employee. | | GET | /admin/retailos/employees/:id | Retrieve an employee. | | POST | /admin/retailos/employees/:id | Update an employee. | | DELETE | /admin/retailos/employees/:id | Deactivate an employee (soft delete). | | POST | /admin/retailos/employees/:id/link-user | Link/unlink a Medusa user ({ medusa_user_id: string \| null }). |

Related packages

  • @devx-retailos/core — shared Subject, IdentityResolver, errors, registries.
  • @devx-retailos/rbac — roles, permissions, and the requirePermission middleware this module plugs into.
  • @devx-retailos/sdk-client — frontend hooks over the same permission keys.

License

MIT