@aooth/arbac-moost 0.1.36 → 0.1.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/plugin.mjs +8 -0
  2. package/package.json +14 -14
package/dist/plugin.mjs CHANGED
@@ -54,27 +54,32 @@ function arbacPlugin() {
54
54
  role: new AnnotationSpec({
55
55
  description: "Marks this field as THE source of role identifiers for ARBAC evaluation. Two shapes are supported: inline (string | string[]) or @db.rel.from nav prop. Exactly one @arbac.role field per type — multiple declarations throw at boot.",
56
56
  nodeType: ["prop"],
57
+ passedWhenReferred: false,
57
58
  multiple: false
58
59
  }),
59
60
  attribute: new AnnotationSpec({
60
61
  description: "Marks this field as a user attribute used by ARBAC scope evaluation. The field name becomes the attribute key. Multiple fields are merged.",
61
62
  nodeType: ["prop"],
63
+ passedWhenReferred: false,
62
64
  multiple: false
63
65
  }),
64
66
  userId: new AnnotationSpec({
65
67
  description: "Overrides which field provides the user identifier for ARBAC. Resolution chain: @arbac.userId → @db.table.preferredId.uniqueIndex field → @meta.id.",
66
68
  nodeType: ["prop"],
69
+ passedWhenReferred: false,
67
70
  multiple: false
68
71
  }),
69
72
  attenuate: {
70
73
  role: new AnnotationSpec({
71
74
  description: "Marks the credential field holding the assumed-role SUBSET (string[]) for restrict-only ARBAC attenuation. Intersected with the user's roles (fail-closed). Exactly one @arbac.attenuate.role field per type — multiple declarations throw at boot.",
72
75
  nodeType: ["prop"],
76
+ passedWhenReferred: false,
73
77
  multiple: false
74
78
  }),
75
79
  attr: new AnnotationSpec({
76
80
  description: "Marks a credential field whose value narrows the named USER attribute for restrict-only ARBAC attenuation. The argument is the target key in the user model's @arbac.attribute keyspace (validated to exist at boot). Multiple fields may each carry it, targeting different attrs.",
77
81
  nodeType: ["prop"],
82
+ passedWhenReferred: false,
78
83
  multiple: false,
79
84
  argument: {
80
85
  name: "userAttr",
@@ -89,17 +94,20 @@ function arbacPlugin() {
89
94
  email: new AnnotationSpec({
90
95
  description: "Marks this field as the EMAIL login/recovery handle. The framework resolves the field by this annotation (name-agnostic) for findByHandle / recovery / signup. The field MUST carry @db.index.unique (unique-when-present) — a handle must resolve to at most one row; without a unique index the email handle is DISABLED with a warning. At most one @aooth.user.email field per type — multiple declarations throw at boot.",
91
96
  nodeType: ["prop"],
97
+ passedWhenReferred: false,
92
98
  multiple: false
93
99
  }),
94
100
  phone: new AnnotationSpec({
95
101
  description: "Marks this field as the PHONE login/recovery handle. Same resolution + unique-index contract as @aooth.user.email (disabled with a warning when the field lacks @db.index.unique). At most one @aooth.user.phone field per type — multiple throw at boot.",
96
102
  nodeType: ["prop"],
103
+ passedWhenReferred: false,
97
104
  multiple: false
98
105
  })
99
106
  },
100
107
  auth: { metadata: new AnnotationSpec({
101
108
  description: "Marks the consumer's fully-typed credential-metadata column (@db.json) on their `extends AoothAuthCredential` model — the runtime/validation twin of the `CredentialMetadata` declaration merge. Resolved by `getAoothCredentialMetadataSpec` and threaded to `CredentialStoreAtscriptDb` as `metadataField`. The field MUST carry @db.json (a structured metadata object needs a json column — without it, metadata persistence is DISABLED with a warning). At most one @aooth.auth.metadata field per type — multiple declarations throw at boot. Absent → the atscript-db credential store persists no metadata (non-fatal, warned at boot by the wiring).",
102
109
  nodeType: ["prop"],
110
+ passedWhenReferred: false,
103
111
  multiple: false
104
112
  }) }
105
113
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aooth/arbac-moost",
3
- "version": "0.1.36",
3
+ "version": "0.1.38",
4
4
  "description": "Moost RBAC integration for aoothjs (migrated from @moostjs/arbac)",
5
5
  "keywords": [
6
6
  "abac",
@@ -60,27 +60,27 @@
60
60
  "access": "public"
61
61
  },
62
62
  "dependencies": {
63
- "@aooth/arbac": "0.1.36",
64
- "@aooth/user": "0.1.36",
65
- "@aooth/arbac-core": "0.1.36"
63
+ "@aooth/arbac-core": "0.1.38",
64
+ "@aooth/arbac": "0.1.38",
65
+ "@aooth/user": "0.1.38"
66
66
  },
67
67
  "devDependencies": {
68
- "@atscript/core": "^0.1.78",
69
- "@atscript/db": "^0.1.110",
70
- "@atscript/db-sql-tools": "^0.1.110",
71
- "@atscript/db-sqlite": "^0.1.110",
72
- "@atscript/moost-db": "^0.1.110",
73
- "@atscript/typescript": "^0.1.78",
68
+ "@atscript/core": "^0.1.79",
69
+ "@atscript/db": "^0.1.111",
70
+ "@atscript/db-sql-tools": "^0.1.111",
71
+ "@atscript/db-sqlite": "^0.1.111",
72
+ "@atscript/moost-db": "^0.1.111",
73
+ "@atscript/typescript": "^0.1.79",
74
74
  "@moostjs/event-http": "^0.6.28",
75
75
  "@types/better-sqlite3": "^7.6.13",
76
76
  "@uniqu/core": "^0.1.6",
77
77
  "better-sqlite3": "^12.6.2",
78
- "unplugin-atscript": "^0.1.78"
78
+ "unplugin-atscript": "^0.1.79"
79
79
  },
80
80
  "peerDependencies": {
81
- "@atscript/db": "^0.1.110",
82
- "@atscript/moost-db": "^0.1.110",
83
- "@atscript/typescript": "^0.1.78",
81
+ "@atscript/db": "^0.1.111",
82
+ "@atscript/moost-db": "^0.1.111",
83
+ "@atscript/typescript": "^0.1.79",
84
84
  "@moostjs/event-http": "^0.6.28",
85
85
  "@wooksjs/event-core": "^0.7.19",
86
86
  "@wooksjs/event-http": "^0.7.19",