npm - @ackplus/nest-auth - Versions diffs - 1.1.28 → 1.1.30 - Mend

@ackplus/nest-auth 1.1.28 → 1.1.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (982) hide show

package/dist/lib/admin-console/controllers/admin-users.controller.js ADDED Viewed

@@ -0,0 +1,398 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminUsersController = void 0;
+const common_1 = require("@nestjs/common");
+const common_2 = require("@nestjs/common");
+const typeorm_1 = require("@nestjs/typeorm");
+const typeorm_2 = require("typeorm");
+const admin_session_guard_1 = require("../guards/admin-session.guard");
+const admin_user_dto_1 = require("../dto/admin-user.dto");
+const user_service_1 = require("../../user/services/user.service");
+const tenant_service_1 = require("../../tenant/services/tenant.service");
+const mfa_secret_entity_1 = require("../../auth/entities/mfa-secret.entity");
+const auth_constants_1 = require("../../auth.constants");
+const typeorm_3 = require("typeorm");
+const mfa_service_1 = require("../../auth/services/mfa.service");
+const session_manager_service_1 = require("../../session/services/session-manager.service");
+let AdminUsersController = class AdminUsersController {
+    users;
+    tenantService;
+    mfaService;
+    sessionManager;
+    mfaSecretRepository;
+    constructor(users, tenantService, mfaService, sessionManager, mfaSecretRepository) {
+        this.users = users;
+        this.tenantService = tenantService;
+        this.mfaService = mfaService;
+        this.sessionManager = sessionManager;
+        this.mfaSecretRepository = mfaSecretRepository;
+    }
+    async ensureUserExists(id) {
+        const user = await this.users.getUserById(id);
+        if (!user) {
+            throw new common_2.NotFoundException('User not found');
+        }
+        return user;
+    }
+    toSessionResponse(session) {
+        return {
+            id: session.id,
+            deviceName: session.deviceName || 'Unknown device',
+            userAgent: session.userAgent,
+            ipAddress: session.ipAddress,
+            lastActive: session.lastActive,
+            createdAt: session.createdAt,
+            expiresAt: session.expiresAt,
+        };
+    }
+    buildStatusFilter(status) {
+        if (!status)
+            return {};
+        switch (status) {
+            case 'active':
+                return { isActive: true };
+            case 'inactive':
+                return { isActive: false };
+            case 'verified':
+                return { isVerified: true };
+            case 'unverified':
+                return { isVerified: false };
+            default:
+                return {};
+        }
+    }
+    escapeLikePattern(value) {
+        return value.replace(/[%_\\]/g, '\\$&');
+    }
+    async listUsers(page, limit, search, status) {
+        let pageNum = parseInt(page || '1', 10);
+        let limitNum = parseInt(limit || '10', 10);
+        if (isNaN(pageNum) || pageNum < 1) {
+            pageNum = 1;
+        }
+        if (isNaN(limitNum) || limitNum <= 0) {
+            limitNum = 10;
+        }
+        if (limitNum > 100) {
+            limitNum = 100;
+        }
+        const skip = (pageNum - 1) * limitNum;
+        let where = {};
+        if (search && search.trim()) {
+            const escapedSearch = this.escapeLikePattern(search.trim());
+            const searchPattern = `%${escapedSearch}%`;
+            const baseFilter = {
+                ...this.buildStatusFilter(status),
+            };
+            where = [
+                { ...baseFilter, email: (0, typeorm_3.Like)(searchPattern) },
+                { ...baseFilter, phone: (0, typeorm_3.Like)(searchPattern) },
+                { ...baseFilter, tenantId: (0, typeorm_3.Like)(searchPattern) },
+            ];
+        }
+        else {
+            Object.assign(where, this.buildStatusFilter(status));
+        }
+        const [users, total] = await this.users.getUsersAndCount({
+            where,
+            relations: ['roles'],
+            order: { createdAt: 'DESC' },
+            skip,
+            take: limitNum,
+        });
+        return {
+            data: users.map((user) => this.toSafeUser(user)),
+            meta: {
+                page: pageNum,
+                limit: limitNum,
+                total,
+                totalPages: Math.ceil(total / limitNum),
+            },
+        };
+    }
+    async createUser(dto) {
+        const tenantId = await this.tenantService.resolveTenantId(dto.tenantId);
+        const user = await this.users.createUser({
+            email: dto.email,
+            phone: dto.phone,
+            tenantId,
+            metadata: dto.metadata ?? {},
+            isActive: dto.isActive ?? true,
+            isVerified: dto.isVerified ?? false,
+        });
+        if (dto.password) {
+            await user.setPassword(dto.password);
+            await user.save();
+        }
+        if (dto.roles?.length) {
+            await user.assignRoles(dto.roles, auth_constants_1.DEFAULT_GUARD_NAME);
+            await user.save();
+        }
+        return { user: this.toSafeUser(user) };
+    }
+    async getUser(id) {
+        const user = await this.users.getUserById(id, {
+            relations: ['roles', 'mfaSecrets', 'identities']
+        });
+        if (!user) {
+            throw new common_2.NotFoundException('User not found');
+        }
+        const availableMethods = this.mfaService.getAvailableMethods();
+        const [enabledMethods, sessions] = await Promise.all([
+            this.mfaService.getEnabledMethods(user.id),
+            this.sessionManager.getUserSessions(user.id),
+        ]);
+        const sortedSessions = sessions
+            .sort((a, b) => {
+            const aTime = a.lastActive?.getTime() ?? a.updatedAt?.getTime() ?? 0;
+            const bTime = b.lastActive?.getTime() ?? b.updatedAt?.getTime() ?? 0;
+            return bTime - aTime;
+        })
+            .map((session) => this.toSessionResponse(session));
+        return {
+            user: this.toSafeUser(user),
+            loginMethods: {
+                emailEnabled: !!user.email && !!user.emailVerifiedAt,
+                phoneEnabled: !!user.phone && !!user.phoneVerifiedAt,
+                hasPassword: !!user.passwordHash,
+            },
+            mfa: {
+                isEnabled: user.isMfaEnabled,
+                allowUserToggle: this.mfaService.mfaConfig?.allowUserToggle ?? false,
+                availableMethods,
+                enabledMethods,
+                hasRecoveryCode: !!user.mfaRecoveryCode,
+                totpDevices: user.mfaSecrets?.map((device) => ({
+                    id: device.id,
+                    deviceName: device.deviceName || 'Authenticator',
+                    verified: device.verified,
+                    lastUsedAt: device.lastUsedAt,
+                    createdAt: device.createdAt,
+                })) || [],
+            },
+            sessions: sortedSessions,
+        };
+    }
+    async updateUser(id, dto) {
+        let user = await this.users.getUserById(id, { relations: ['roles', 'identities'] });
+        if (!user) {
+            throw new common_2.NotFoundException('User not found');
+        }
+        if (dto.isActive !== undefined || dto.isVerified !== undefined || dto.metadata !== undefined ||
+            dto.isMfaEnabled !== undefined) {
+            const updates = {};
+            if (dto.isActive !== undefined)
+                updates.isActive = dto.isActive;
+            if (dto.isVerified !== undefined)
+                updates.isVerified = dto.isVerified;
+            if (dto.metadata !== undefined)
+                updates.metadata = dto.metadata;
+            if (dto.isMfaEnabled !== undefined)
+                updates.isMfaEnabled = dto.isMfaEnabled;
+            user = await this.users.updateUser(id, updates);
+        }
+        if (dto.emailLoginEnabled !== undefined) {
+            if (dto.emailLoginEnabled) {
+                if (!user.email) {
+                    throw new common_2.NotFoundException('User has no email address');
+                }
+                user.emailVerifiedAt = user.emailVerifiedAt || new Date();
+                await user.findOrCreateIdentity(auth_constants_1.EMAIL_AUTH_PROVIDER, user.email);
+            }
+            else {
+                user.emailVerifiedAt = null;
+                const emailIdentity = user.identities?.find(i => i.provider === auth_constants_1.EMAIL_AUTH_PROVIDER);
+                if (emailIdentity) {
+                    await emailIdentity.remove();
+                }
+            }
+        }
+        if (dto.phoneLoginEnabled !== undefined) {
+            if (dto.phoneLoginEnabled) {
+                if (!user.phone) {
+                    throw new common_2.NotFoundException('User has no phone number');
+                }
+                user.phoneVerifiedAt = user.phoneVerifiedAt || new Date();
+                await user.findOrCreateIdentity(auth_constants_1.PHONE_AUTH_PROVIDER, user.phone);
+            }
+            else {
+                user.phoneVerifiedAt = null;
+                const phoneIdentity = user.identities?.find(i => i.provider === auth_constants_1.PHONE_AUTH_PROVIDER);
+                if (phoneIdentity) {
+                    await phoneIdentity.remove();
+                }
+            }
+        }
+        if (dto.password) {
+            await user.setPassword(dto.password);
+        }
+        if (dto.roles) {
+            await user.assignRoles(dto.roles, auth_constants_1.DEFAULT_GUARD_NAME);
+        }
+        await user.save();
+        return { user: this.toSafeUser(user) };
+    }
+    async deleteTotpDevice(id, deviceId) {
+        const user = await this.users.getUserById(id);
+        if (!user) {
+            throw new common_2.NotFoundException('User not found');
+        }
+        const device = await this.mfaSecretRepository.findOne({
+            where: { id: deviceId, userId: user.id },
+        });
+        if (!device) {
+            throw new common_2.NotFoundException('TOTP device not found');
+        }
+        await this.mfaSecretRepository.remove(device);
+        return { message: 'TOTP device deleted successfully' };
+    }
+    async listSessions(id) {
+        const user = await this.ensureUserExists(id);
+        const sessions = await this.sessionManager.getUserSessions(user.id);
+        return {
+            data: sessions
+                .sort((a, b) => {
+                const aTime = a.lastActive?.getTime() ?? a.updatedAt?.getTime() ?? 0;
+                const bTime = b.lastActive?.getTime() ?? b.updatedAt?.getTime() ?? 0;
+                return bTime - aTime;
+            })
+                .map((session) => this.toSessionResponse(session)),
+        };
+    }
+    async revokeSession(id, sessionId) {
+        const user = await this.ensureUserExists(id);
+        try {
+            const session = await this.sessionManager.getSession(sessionId, false);
+            if (session.userId !== user.id) {
+                throw new common_2.NotFoundException('Session not found for this user');
+            }
+        }
+        catch {
+            throw new common_2.NotFoundException('Session not found for this user');
+        }
+        await this.sessionManager.revokeSession(sessionId);
+        return { message: 'Session revoked successfully' };
+    }
+    async revokeAllSessions(id) {
+        const user = await this.ensureUserExists(id);
+        await this.sessionManager.revokeAllUserSessions(user.id);
+        return { message: 'All sessions revoked successfully' };
+    }
+    async deleteUser(id) {
+        await this.users.deleteUser(id);
+        return { message: 'User removed' };
+    }
+    toSafeUser(user) {
+        if (!user) {
+            return null;
+        }
+        return {
+            id: user.id,
+            email: user.email,
+            phone: user.phone,
+            tenantId: user.tenantId,
+            isActive: user.isActive,
+            isVerified: user.isVerified,
+            metadata: user.metadata ?? {},
+            roles: user.roles?.map((role) => role.name) ?? [],
+            createdAt: user.createdAt,
+            updatedAt: user.updatedAt,
+            emailVerifiedAt: user.emailVerifiedAt,
+            phoneVerifiedAt: user.phoneVerifiedAt,
+            isMfaEnabled: user.isMfaEnabled,
+        };
+    }
+};
+exports.AdminUsersController = AdminUsersController;
+__decorate([
+    (0, common_1.Get)(),
+    __param(0, (0, common_1.Query)('page')),
+    __param(1, (0, common_1.Query)('limit')),
+    __param(2, (0, common_1.Query)('search')),
+    __param(3, (0, common_1.Query)('status')),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, String, String, String]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "listUsers", null);
+__decorate([
+    (0, common_1.Post)(),
+    __param(0, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [admin_user_dto_1.AdminCreateUserDto]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "createUser", null);
+__decorate([
+    (0, common_1.Get)(':id'),
+    __param(0, (0, common_1.Param)('id')),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "getUser", null);
+__decorate([
+    (0, common_1.Patch)(':id'),
+    __param(0, (0, common_1.Param)('id')),
+    __param(1, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, admin_user_dto_1.AdminUpdateUserDto]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "updateUser", null);
+__decorate([
+    (0, common_1.Delete)(':id/totp-devices/:deviceId'),
+    __param(0, (0, common_1.Param)('id')),
+    __param(1, (0, common_1.Param)('deviceId')),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, String]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "deleteTotpDevice", null);
+__decorate([
+    (0, common_1.Get)(':id/sessions'),
+    __param(0, (0, common_1.Param)('id')),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "listSessions", null);
+__decorate([
+    (0, common_1.Delete)(':id/sessions/:sessionId'),
+    __param(0, (0, common_1.Param)('id')),
+    __param(1, (0, common_1.Param)('sessionId')),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String, String]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "revokeSession", null);
+__decorate([
+    (0, common_1.Delete)(':id/sessions'),
+    __param(0, (0, common_1.Param)('id')),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "revokeAllSessions", null);
+__decorate([
+    (0, common_1.Delete)(':id'),
+    __param(0, (0, common_1.Param)('id')),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String]),
+    __metadata("design:returntype", Promise)
+], AdminUsersController.prototype, "deleteUser", null);
+exports.AdminUsersController = AdminUsersController = __decorate([
+    (0, common_1.Controller)('auth/admin/api/users'),
+    (0, common_1.UseGuards)(admin_session_guard_1.AdminSessionGuard),
+    __param(4, (0, typeorm_1.InjectRepository)(mfa_secret_entity_1.NestAuthMFASecret)),
+    __metadata("design:paramtypes", [user_service_1.UserService,
+        tenant_service_1.TenantService,
+        mfa_service_1.MfaService,
+        session_manager_service_1.SessionManagerService,
+        typeorm_2.Repository])
+], AdminUsersController);
+//# sourceMappingURL=admin-users.controller.js.map

package/dist/lib/admin-console/controllers/admin-users.controller.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-users.controller.js","sourceRoot":"","sources":["../../../../src/lib/admin-console/controllers/admin-users.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,2CAAmD;AACnD,6CAAmD;AACnD,qCAAqC;AACrC,uEAAkE;AAClE,0DAA+E;AAC/E,mEAA+D;AAC/D,yEAAqE;AAErE,6EAA0E;AAC1E,yDAAoG;AACpG,qCAAiD;AACjD,iEAA6D;AAC7D,4FAAuF;AAKhF,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAEZ;IACA;IACA;IACA;IAEA;IANnB,YACmB,KAAkB,EAClB,aAA4B,EAC5B,UAAsB,EACtB,cAAqC,EAErC,mBAAkD;QALlD,UAAK,GAAL,KAAK,CAAa;QAClB,kBAAa,GAAb,aAAa,CAAe;QAC5B,eAAU,GAAV,UAAU,CAAY;QACtB,mBAAc,GAAd,cAAc,CAAuB;QAErC,wBAAmB,GAAnB,mBAAmB,CAA+B;IACjE,CAAC;IAEG,KAAK,CAAC,gBAAgB,CAAC,EAAU;QACvC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAC9C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,0BAAiB,CAAC,gBAAgB,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,iBAAiB,CAAC,OAAwB;QAChD,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,gBAAgB;YAClD,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;IACJ,CAAC;IAEO,iBAAiB,CAAC,MAAe;QACvC,IAAI,CAAC,MAAM;YAAE,OAAO,EAAE,CAAC;QACvB,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,QAAQ;gBACX,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;YAC5B,KAAK,UAAU;gBACb,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;YAC7B,KAAK,UAAU;gBACb,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;YAC9B,KAAK,YAAY;gBACf,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC;YAC/B;gBACE,OAAO,EAAE,CAAC;QACd,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,KAAa;QACrC,OAAO,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAGK,AAAN,KAAK,CAAC,SAAS,CACE,IAAa,EACZ,KAAc,EACb,MAAe,EACf,MAAe;QAGhC,IAAI,OAAO,GAAG,QAAQ,CAAC,IAAI,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QACxC,IAAI,QAAQ,GAAG,QAAQ,CAAC,KAAK,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;QAG3C,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAClC,OAAO,GAAG,CAAC,CAAC;QACd,CAAC;QAGD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,QAAQ,IAAI,CAAC,EAAE,CAAC;YACrC,QAAQ,GAAG,EAAE,CAAC;QAChB,CAAC;QACD,IAAI,QAAQ,GAAG,GAAG,EAAE,CAAC;YACnB,QAAQ,GAAG,GAAG,CAAC;QACjB,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,OAAO,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC;QAGtC,IAAI,KAAK,GAAsE,EAAE,CAAC;QAGlF,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YAC5B,MAAM,aAAa,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5D,MAAM,aAAa,GAAG,IAAI,aAAa,GAAG,CAAC;YAG3C,MAAM,UAAU,GAAmC;gBACjD,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC;aAClC,CAAC;YAGF,KAAK,GAAG;gBACN,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,IAAA,cAAI,EAAC,aAAa,CAAC,EAAE;gBAC7C,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,IAAA,cAAI,EAAC,aAAa,CAAC,EAAE;gBAC7C,EAAE,GAAG,UAAU,EAAE,QAAQ,EAAE,IAAA,cAAI,EAAC,aAAa,CAAC,EAAE;aACjD,CAAC;QACJ,CAAC;aAAM,CAAC;YAEN,MAAM,CAAC,MAAM,CAAC,KAAuC,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;QACzF,CAAC;QAGD,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;YACvD,KAAK;YACL,SAAS,EAAE,CAAC,OAAO,CAAC;YACpB,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE;YAC5B,IAAI;YACJ,IAAI,EAAE,QAAQ;SACf,CAAC,CAAC;QAEH,OAAO;YACL,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YAChD,IAAI,EAAE;gBACJ,IAAI,EAAE,OAAO;gBACb,KAAK,EAAE,QAAQ;gBACf,KAAK;gBACL,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC;aACxC;SACF,CAAC;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU,CAAS,GAAuB;QAC9C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACxE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC;YACvC,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,QAAQ;YACR,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,EAAE;YAC5B,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,IAAI;YAC9B,UAAU,EAAE,GAAG,CAAC,UAAU,IAAI,KAAK;SACpC,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACrC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACpB,CAAC;QAED,IAAI,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC;YACtB,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,mCAAkB,CAAC,CAAC;YACtD,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACpB,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;IACzC,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAc,EAAU;QACnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE;YAC5C,SAAS,EAAE,CAAC,OAAO,EAAE,YAAY,EAAE,YAAY,CAAC;SACjD,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,0BAAiB,CAAC,gBAAgB,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,EAAE,CAAC;QAC/D,MAAM,CAAC,cAAc,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACnD,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1C,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;SAC7C,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,QAAQ;aAC5B,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACb,MAAM,KAAK,GAAG,CAAC,CAAC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YACrE,MAAM,KAAK,GAAG,CAAC,CAAC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YACrE,OAAO,KAAK,GAAG,KAAK,CAAC;QACvB,CAAC,CAAC;aACD,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;QAErD,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;YAC3B,YAAY,EAAE;gBACZ,YAAY,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,eAAe;gBACpD,YAAY,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,eAAe;gBACpD,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,YAAY;aACjC;YACD,GAAG,EAAE;gBACH,SAAS,EAAE,IAAI,CAAC,YAAY;gBAC5B,eAAe,EAAE,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,eAAe,IAAI,KAAK;gBACpE,gBAAgB;gBAChB,cAAc;gBACd,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,eAAe;gBACvC,WAAW,EAAE,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;oBAC7C,EAAE,EAAE,MAAM,CAAC,EAAE;oBACb,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,eAAe;oBAChD,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,UAAU,EAAE,MAAM,CAAC,UAAU;oBAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;iBAC5B,CAAC,CAAC,IAAI,EAAE;aACV;YACD,QAAQ,EAAE,cAAc;SACzB,CAAC;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU,CAAc,EAAU,EAAU,GAAuB;QACvE,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;QACpF,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,0BAAiB,CAAC,gBAAgB,CAAC,CAAC;QAChD,CAAC;QAGD,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS;YAC1F,GAAG,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACjC,MAAM,OAAO,GAA0B,EAAE,CAAC;YAC1C,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS;gBAAE,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;YAChE,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS;gBAAE,OAAO,CAAC,UAAU,GAAG,GAAG,CAAC,UAAU,CAAC;YACtE,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS;gBAAE,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;YAChE,IAAI,GAAG,CAAC,YAAY,KAAK,SAAS;gBAAE,OAAO,CAAC,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC;YAE5E,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAClD,CAAC;QAGD,IAAI,GAAG,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;gBAC1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;oBAChB,MAAM,IAAI,0BAAiB,CAAC,2BAA2B,CAAC,CAAC;gBAC3D,CAAC;gBACD,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,IAAI,IAAI,EAAE,CAAC;gBAE1D,MAAM,IAAI,CAAC,oBAAoB,CAAC,oCAAmB,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;YACnE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC;gBAE5B,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,oCAAmB,CAAC,CAAC;gBACrF,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,aAAa,CAAC,MAAM,EAAE,CAAC;gBAC/B,CAAC;YACH,CAAC;QACH,CAAC;QAGD,IAAI,GAAG,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;gBAC1B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;oBAChB,MAAM,IAAI,0BAAiB,CAAC,0BAA0B,CAAC,CAAC;gBAC1D,CAAC;gBACD,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,IAAI,IAAI,EAAE,CAAC;gBAE1D,MAAM,IAAI,CAAC,oBAAoB,CAAC,oCAAmB,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;YACnE,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC;gBAE5B,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,oCAAmB,CAAC,CAAC;gBACrF,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,aAAa,CAAC,MAAM,EAAE,CAAC;gBAC/B,CAAC;YACH,CAAC;QACH,CAAC;QAGD,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAGD,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,mCAAkB,CAAC,CAAC;QACxD,CAAC;QAGD,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;IACzC,CAAC;IAGK,AAAN,KAAK,CAAC,gBAAgB,CAAc,EAAU,EAAqB,QAAgB;QACjF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAC9C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,0BAAiB,CAAC,gBAAgB,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACpD,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE;SACzC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,0BAAiB,CAAC,uBAAuB,CAAC,CAAC;QACvD,CAAC;QAED,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC9C,OAAO,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC;IACzD,CAAC;IAGK,AAAN,KAAK,CAAC,YAAY,CAAc,EAAU;QACxC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;QAC7C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACpE,OAAO;YACL,IAAI,EAAE,QAAQ;iBACX,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBACb,MAAM,KAAK,GAAG,CAAC,CAAC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;gBACrE,MAAM,KAAK,GAAG,CAAC,CAAC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;gBACrE,OAAO,KAAK,GAAG,KAAK,CAAC;YACvB,CAAC,CAAC;iBACD,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;SACrD,CAAC;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,aAAa,CAAc,EAAU,EAAsB,SAAiB;QAChF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;QAE7C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YACvE,IAAI,OAAO,CAAC,MAAM,KAAK,IAAI,CAAC,EAAE,EAAE,CAAC;gBAC/B,MAAM,IAAI,0BAAiB,CAAC,iCAAiC,CAAC,CAAC;YACjE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,0BAAiB,CAAC,iCAAiC,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;QACnD,OAAO,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;IACrD,CAAC;IAGK,AAAN,KAAK,CAAC,iBAAiB,CAAc,EAAU;QAC7C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;QAC7C,MAAM,IAAI,CAAC,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzD,OAAO,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;IAC1D,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU,CAAc,EAAU;QACtC,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAChC,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC;IACrC,CAAC;IAEO,UAAU,CAAC,IAAyB;QAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,EAAE;YAC7B,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YACjD,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;IACJ,CAAC;CACF,CAAA;AA9VY,oDAAoB;AAmDzB;IADL,IAAA,YAAG,GAAE;IAEH,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;IACb,WAAA,IAAA,cAAK,EAAC,OAAO,CAAC,CAAA;IACd,WAAA,IAAA,cAAK,EAAC,QAAQ,CAAC,CAAA;IACf,WAAA,IAAA,cAAK,EAAC,QAAQ,CAAC,CAAA;;;;qDA+DjB;AAGK;IADL,IAAA,aAAI,GAAE;IACW,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAM,mCAAkB;;sDAsB/C;AAGK;IADL,IAAA,YAAG,EAAC,KAAK,CAAC;IACI,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;mDA6CzB;AAGK;IADL,IAAA,cAAK,EAAC,KAAK,CAAC;IACK,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAM,mCAAkB;;sDAsExE;AAGK;IADL,IAAA,eAAM,EAAC,4BAA4B,CAAC;IACb,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;IAAc,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;;;;4DAgBjE;AAGK;IADL,IAAA,YAAG,EAAC,cAAc,CAAC;IACA,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;wDAY9B;AAGK;IADL,IAAA,eAAM,EAAC,yBAAyB,CAAC;IACb,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;IAAc,WAAA,IAAA,cAAK,EAAC,WAAW,CAAC,CAAA;;;;yDAc/D;AAGK;IADL,IAAA,eAAM,EAAC,cAAc,CAAC;IACE,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;6DAInC;AAGK;IADL,IAAA,eAAM,EAAC,KAAK,CAAC;IACI,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;sDAG5B;+BAxUU,oBAAoB;IAFhC,IAAA,mBAAU,EAAC,sBAAsB,CAAC;IAClC,IAAA,kBAAS,EAAC,uCAAiB,CAAC;IAOxB,WAAA,IAAA,0BAAgB,EAAC,qCAAiB,CAAC,CAAA;qCAJZ,0BAAW;QACH,8BAAa;QAChB,wBAAU;QACN,+CAAqB;QAEhB,oBAAU;GAPvC,oBAAoB,CA8VhC"}

package/dist/lib/admin-console/decorators/current-admin.decorator.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"current-admin.decorator.d.ts","sourceRoot":"","sources":["../../../../src/lib/admin-console/decorators/current-admin.decorator.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,YAAY,mDAKxB,CAAC"}

package/dist/lib/admin-console/decorators/current-admin.decorator.js ADDED Viewed

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CurrentAdmin = void 0;
+const common_1 = require("@nestjs/common");
+exports.CurrentAdmin = (0, common_1.createParamDecorator)((data, context) => {
+    const request = context.switchToHttp().getRequest();
+    return request.adminUser;
+});
+//# sourceMappingURL=current-admin.decorator.js.map

package/dist/lib/admin-console/decorators/current-admin.decorator.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"current-admin.decorator.js","sourceRoot":"","sources":["../../../../src/lib/admin-console/decorators/current-admin.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAwE;AAG3D,QAAA,YAAY,GAAG,IAAA,6BAAoB,EAC9C,CAAC,IAAa,EAAE,OAAyB,EAAyB,EAAE;IAClE,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;IACpD,OAAO,OAAO,CAAC,SAAkC,CAAC;AACpD,CAAC,CACF,CAAC"}

package/dist/lib/admin-console/dto/admin-permission.dto.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-permission.dto.d.ts","sourceRoot":"","sources":["../../../../src/lib/admin-console/dto/admin-permission.dto.ts"],"names":[],"mappings":"AAGA,qBAAa,wBAAwB;IAWjC,IAAI,EAAE,MAAM,CAAC;IASb,KAAK,CAAC,EAAE,MAAM,CAAC;IASf,WAAW,CAAC,EAAE,MAAM,CAAC;IASrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IASlB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED,qBAAa,wBAAwB;IAUjC,IAAI,CAAC,EAAE,MAAM,CAAC;IASd,KAAK,CAAC,EAAE,MAAM,CAAC;IAQf,aAAa,CAAC,EAAE,OAAO,CAAC;IAQxB,WAAW,CAAC,EAAE,MAAM,CAAC;IAQrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAQlB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC"}

package/dist/lib/admin-console/dto/admin-permission.dto.js ADDED Viewed

@@ -0,0 +1,143 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminUpdatePermissionDto = exports.AdminCreatePermissionDto = void 0;
+const class_validator_1 = require("class-validator");
+const swagger_1 = require("@nestjs/swagger");
+class AdminCreatePermissionDto {
+    name;
+    guard;
+    description;
+    category;
+    metadata;
+}
+exports.AdminCreatePermissionDto = AdminCreatePermissionDto;
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Permission name (must be unique per guard)',
+        example: 'users.create',
+        minLength: 1,
+        maxLength: 255,
+    }),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    (0, class_validator_1.MinLength)(1),
+    (0, class_validator_1.MaxLength)(255),
+    __metadata("design:type", String)
+], AdminCreatePermissionDto.prototype, "name", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Guard name (defaults to "web" if not provided)',
+        required: false,
+        example: 'web',
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminCreatePermissionDto.prototype, "guard", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Optional description of what this permission allows',
+        required: false,
+        example: 'Allows creating new user accounts',
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminCreatePermissionDto.prototype, "description", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Optional category to group permissions (e.g., "users", "posts", "admin")',
+        required: false,
+        example: 'users',
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminCreatePermissionDto.prototype, "category", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Optional metadata for additional permission information',
+        required: false,
+        example: { level: 'write', resource: 'users' },
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsObject)(),
+    __metadata("design:type", Object)
+], AdminCreatePermissionDto.prototype, "metadata", void 0);
+class AdminUpdatePermissionDto {
+    name;
+    guard;
+    updateInRoles;
+    description;
+    category;
+    metadata;
+}
+exports.AdminUpdatePermissionDto = AdminUpdatePermissionDto;
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Permission name (must be unique per guard if changed). If changed, can optionally update in all roles.',
+        required: false,
+        example: 'users.create',
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.MinLength)(1),
+    (0, class_validator_1.MaxLength)(255),
+    __metadata("design:type", String)
+], AdminUpdatePermissionDto.prototype, "name", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Guard name',
+        required: false,
+        example: 'web',
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminUpdatePermissionDto.prototype, "guard", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Whether to update permission name in all roles that use it (only if name is being changed)',
+        required: false,
+        default: false,
+    }),
+    (0, class_validator_1.IsOptional)(),
+    __metadata("design:type", Boolean)
+], AdminUpdatePermissionDto.prototype, "updateInRoles", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Optional description of what this permission allows',
+        required: false,
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminUpdatePermissionDto.prototype, "description", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Optional category to group permissions',
+        required: false,
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminUpdatePermissionDto.prototype, "category", void 0);
+__decorate([
+    (0, swagger_1.ApiProperty)({
+        description: 'Optional metadata',
+        required: false,
+    }),
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsObject)(),
+    __metadata("design:type", Object)
+], AdminUpdatePermissionDto.prototype, "metadata", void 0);
+//# sourceMappingURL=admin-permission.dto.js.map

package/dist/lib/admin-console/dto/admin-permission.dto.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-permission.dto.js","sourceRoot":"","sources":["../../../../src/lib/admin-console/dto/admin-permission.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAmG;AACnG,6CAA8C;AAE9C,MAAa,wBAAwB;IAWjC,IAAI,CAAS;IASb,KAAK,CAAU;IASf,WAAW,CAAU;IASrB,QAAQ,CAAU;IASlB,QAAQ,CAAuB;CAClC;AAhDD,4DAgDC;AArCG;IAVC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE,cAAc;QACvB,SAAS,EAAE,CAAC;QACZ,SAAS,EAAE,GAAG;KACjB,CAAC;IACD,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,CAAC,CAAC;IACZ,IAAA,2BAAS,EAAC,GAAG,CAAC;;sDACF;AASb;IAPC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,gDAAgD;QAC7D,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,KAAK;KACjB,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;uDACI;AASf;IAPC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,qDAAqD;QAClE,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,mCAAmC;KAC/C,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;6DACU;AASrB;IAPC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,0EAA0E;QACvF,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,OAAO;KACnB,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;0DACO;AASlB;IAPC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,yDAAyD;QACtE,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE;KACjD,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;0DACoB;AAGnC,MAAa,wBAAwB;IAUjC,IAAI,CAAU;IASd,KAAK,CAAU;IAQf,aAAa,CAAW;IAQxB,WAAW,CAAU;IAQrB,QAAQ,CAAU;IAQlB,QAAQ,CAAuB;CAClC;AApDD,4DAoDC;AA1CG;IATC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,wGAAwG;QACrH,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,cAAc;KAC1B,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;IACV,IAAA,2BAAS,EAAC,CAAC,CAAC;IACZ,IAAA,2BAAS,EAAC,GAAG,CAAC;;sDACD;AASd;IAPC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,YAAY;QACzB,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,KAAK;KACjB,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;uDACI;AAQf;IANC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,4FAA4F;QACzG,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,KAAK;KACjB,CAAC;IACD,IAAA,4BAAU,GAAE;;+DACW;AAQxB;IANC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,qDAAqD;QAClE,QAAQ,EAAE,KAAK;KAClB,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;6DACU;AAQrB;IANC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,KAAK;KAClB,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;0DACO;AAQlB;IANC,IAAA,qBAAW,EAAC;QACT,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,KAAK;KAClB,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;0DACoB"}

package/dist/lib/admin-console/dto/admin-role.dto.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-role.dto.d.ts","sourceRoot":"","sources":["../../../../src/lib/admin-console/dto/admin-role.dto.ts"],"names":[],"mappings":"AAQA,qBAAa,kBAAkB;IAG7B,IAAI,EAAE,MAAM,CAAC;IAIb,KAAK,EAAE,MAAM,CAAC;IAId,QAAQ,CAAC,EAAE,MAAM,CAAC;IAIlB,QAAQ,CAAC,EAAE,OAAO,CAAC;IAKnB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,qBAAa,kBAAkB;IAG7B,IAAI,CAAC,EAAE,MAAM,CAAC;IAId,KAAK,CAAC,EAAE,MAAM,CAAC;IAKf,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB"}

package/dist/lib/admin-console/dto/admin-role.dto.js ADDED Viewed

@@ -0,0 +1,70 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminUpdateRoleDto = exports.AdminCreateRoleDto = void 0;
+const class_validator_1 = require("class-validator");
+class AdminCreateRoleDto {
+    name;
+    guard;
+    tenantId;
+    isSystem;
+    permissions;
+}
+exports.AdminCreateRoleDto = AdminCreateRoleDto;
+__decorate([
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    __metadata("design:type", String)
+], AdminCreateRoleDto.prototype, "name", void 0);
+__decorate([
+    (0, class_validator_1.IsString)(),
+    (0, class_validator_1.IsNotEmpty)(),
+    __metadata("design:type", String)
+], AdminCreateRoleDto.prototype, "guard", void 0);
+__decorate([
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminCreateRoleDto.prototype, "tenantId", void 0);
+__decorate([
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsBoolean)(),
+    __metadata("design:type", Boolean)
+], AdminCreateRoleDto.prototype, "isSystem", void 0);
+__decorate([
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsArray)(),
+    (0, class_validator_1.IsString)({ each: true }),
+    __metadata("design:type", Array)
+], AdminCreateRoleDto.prototype, "permissions", void 0);
+class AdminUpdateRoleDto {
+    name;
+    guard;
+    permissions;
+}
+exports.AdminUpdateRoleDto = AdminUpdateRoleDto;
+__decorate([
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminUpdateRoleDto.prototype, "name", void 0);
+__decorate([
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsString)(),
+    __metadata("design:type", String)
+], AdminUpdateRoleDto.prototype, "guard", void 0);
+__decorate([
+    (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsArray)(),
+    (0, class_validator_1.IsString)({ each: true }),
+    __metadata("design:type", Array)
+], AdminUpdateRoleDto.prototype, "permissions", void 0);
+//# sourceMappingURL=admin-role.dto.js.map