@api-client/core 0.18.57 → 0.18.58

package/build/src/modeling/actions/UpdateAction.js

@@ -0,0 +1,47 @@
+import { __esDecorate, __runInitializers } from "tslib";
+import { Action } from './Action.js';
+import { observed, toRaw } from '../../decorators/observed.js';
+/**
+ * Enables modifying an existing resource.
+ * Endpoints: PUT or PATCH /[entity-collection-name]/{id}
+ */
+let UpdateAction = (() => {
+    let _classSuper = Action;
+    let _kind_decorators;
+    let _kind_initializers = [];
+    let _kind_extraInitializers = [];
+    let _allowedMethods_decorators;
+    let _allowedMethods_initializers = [];
+    let _allowedMethods_extraInitializers = [];
+    return class UpdateAction extends _classSuper {
+        static {
+            const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
+            _kind_decorators = [observed()];
+            _allowedMethods_decorators = [observed({ deep: true })];
+            __esDecorate(this, null, _kind_decorators, { kind: "accessor", name: "kind", static: false, private: false, access: { has: obj => "kind" in obj, get: obj => obj.kind, set: (obj, value) => { obj.kind = value; } }, metadata: _metadata }, _kind_initializers, _kind_extraInitializers);
+            __esDecorate(this, null, _allowedMethods_decorators, { kind: "accessor", name: "allowedMethods", static: false, private: false, access: { has: obj => "allowedMethods" in obj, get: obj => obj.allowedMethods, set: (obj, value) => { obj.allowedMethods = value; } }, metadata: _metadata }, _allowedMethods_initializers, _allowedMethods_extraInitializers);
+            if (_metadata) Object.defineProperty(this, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
+        }
+        #kind_accessor_storage = __runInitializers(this, _kind_initializers, void 0);
+        get kind() { return this.#kind_accessor_storage; }
+        set kind(value) { this.#kind_accessor_storage = value; }
+        #allowedMethods_accessor_storage = (__runInitializers(this, _kind_extraInitializers), __runInitializers(this, _allowedMethods_initializers, void 0));
+        get allowedMethods() { return this.#allowedMethods_accessor_storage; }
+        set allowedMethods(value) { this.#allowedMethods_accessor_storage = value; }
+        constructor(state = {}) {
+            super(state);
+            __runInitializers(this, _allowedMethods_extraInitializers);
+            this.kind = 'update';
+            this.allowedMethods = state.allowedMethods ? [...state.allowedMethods] : ['PATCH'];
+        }
+        toJSON() {
+            return {
+                ...super.toJSON(),
+                kind: 'update',
+                allowedMethods: structuredClone(toRaw(this, this.allowedMethods)),
+            };
+        }
+    };
+})();
+export { UpdateAction };
+//# sourceMappingURL=UpdateAction.js.map

package/build/src/modeling/actions/UpdateAction.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UpdateAction.js","sourceRoot":"","sources":["../../../../src/modeling/actions/UpdateAction.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,MAAM,EAAqB,MAAM,aAAa,CAAA;AACvD,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,8BAA8B,CAAA;AAkB9D;;;GAGG;IACU,YAAY;sBAAS,MAAM;;;;;;;iBAA3B,YAAa,SAAQ,WAAM;;;gCACrC,QAAQ,EAAE;0CACV,QAAQ,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;YADb,iKAAkB,IAAI,6BAAJ,IAAI,mFAAU;YAClB,+LAAS,cAAc,6BAAd,cAAc,uGAAqB;;;QAD1D,6EAAgC;QAAhC,IAAkB,IAAI,0CAAU;QAAhC,IAAkB,IAAI,gDAAU;QAClB,qJAA4C;QAA5C,IAAS,cAAc,oDAAqB;QAA5C,IAAS,cAAc,0DAAqB;QAEtE,YAAY,QAAqC,EAAE;YACjD,KAAK,CAAC,KAAK,CAAC,CAAA;;YACZ,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAA;YACpB,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;SACnF;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAyB;gBACzC,IAAI,EAAE,QAAQ;gBACd,cAAc,EAAE,eAAe,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,cAAc,CAAC,CAAwB;aACzF,CAAA;QACH,CAAC;;;SAhBU,YAAY","sourcesContent":["import { Action, type ActionSchema } from './Action.js'\nimport { observed, toRaw } from '../../decorators/observed.js'\n\n/**\n * Enables modifying an existing resource.\n * Endpoints: PUT or PATCH /[entity-collection-name]/{id}\n */\nexport interface UpdateActionSchema extends ActionSchema {\n  kind: 'update'\n  /**\n   * The allowed HTTP methods for updates. Default: PATCH only.\n   *\n   * These two methods represent the two common ways to update a resource:\n   * - PUT: Replaces the entire resource with the provided data.\n   * - PATCH: Applies a partial update to the resource, allowing for specific fields to be modified.\n   */\n  allowedMethods: ('PUT' | 'PATCH')[]\n}\n\n/**\n * Enables modifying an existing resource.\n * Endpoints: PUT or PATCH /[entity-collection-name]/{id}\n */\nexport class UpdateAction extends Action implements UpdateActionSchema {\n  @observed() override accessor kind: 'update'\n  @observed({ deep: true }) accessor allowedMethods: ('PUT' | 'PATCH')[]\n\n  constructor(state: Partial<UpdateActionSchema> = {}) {\n    super(state)\n    this.kind = 'update'\n    this.allowedMethods = state.allowedMethods ? [...state.allowedMethods] : ['PATCH']\n  }\n\n  override toJSON(): UpdateActionSchema {\n    return {\n      ...(super.toJSON() as UpdateActionSchema),\n      kind: 'update',\n      allowedMethods: structuredClone(toRaw(this, this.allowedMethods)) as ('PUT' | 'PATCH')[],\n    }\n  }\n}\n"]}

package/build/src/modeling/actions/index.d.ts

@@ -0,0 +1,24 @@
+export { Action, type ActionSchema } from './Action.js';
+import { CreateAction, type CreateActionSchema } from './CreateAction.js';
+import { DeleteAction, type DeleteActionSchema } from './DeleteAction.js';
+import { ListAction, type ListActionSchema } from './ListAction.js';
+import { ReadAction, type ReadActionSchema } from './ReadAction.js';
+import { SearchAction, type SearchActionSchema } from './SearchAction.js';
+import { UpdateAction, type UpdateActionSchema } from './UpdateAction.js';
+export { CreateAction, DeleteAction, ListAction, ReadAction, SearchAction, UpdateAction };
+export type { CreateActionSchema, DeleteActionSchema, ListActionSchema, ReadActionSchema, SearchActionSchema, UpdateActionSchema, };
+/**
+ * Represents a specific, configurable API operation applied to a Data Entity.
+ * Corresponds to common RESTful interactions.
+ */
+export type ApiAction = CreateAction | DeleteAction | ListAction | ReadAction | SearchAction | UpdateAction;
+/**
+ * Schema representation of a specific, configurable API operation applied to a Data Entity.
+ * Corresponds to common RESTful interactions.
+ */
+export type ApiActionSchema = CreateActionSchema | DeleteActionSchema | ListActionSchema | ReadActionSchema | SearchActionSchema | UpdateActionSchema;
+/**
+ * The kind of action to perform.
+ */
+export type ActionKind = 'list' | 'read' | 'create' | 'update' | 'delete' | 'search';
+//# sourceMappingURL=index.d.ts.map

package/build/src/modeling/actions/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/modeling/actions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,KAAK,YAAY,EAAE,MAAM,aAAa,CAAA;AACvD,OAAO,EAAE,YAAY,EAAE,KAAK,kBAAkB,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,KAAK,kBAAkB,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,YAAY,EAAE,KAAK,kBAAkB,EAAE,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,KAAK,kBAAkB,EAAE,MAAM,mBAAmB,CAAA;AAEzE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAE,CAAA;AACzF,YAAY,EACV,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,GACnB,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,SAAS,GAAG,YAAY,GAAG,YAAY,GAAG,UAAU,GAAG,UAAU,GAAG,YAAY,GAAG,YAAY,CAAA;AAE3G;;;GAGG;AACH,MAAM,MAAM,eAAe,GACvB,kBAAkB,GAClB,kBAAkB,GAClB,gBAAgB,GAChB,gBAAgB,GAChB,kBAAkB,GAClB,kBAAkB,CAAA;AAEtB;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAA"}

package/build/src/modeling/actions/index.js

@@ -0,0 +1,9 @@
+export { Action } from './Action.js';
+import { CreateAction } from './CreateAction.js';
+import { DeleteAction } from './DeleteAction.js';
+import { ListAction } from './ListAction.js';
+import { ReadAction } from './ReadAction.js';
+import { SearchAction } from './SearchAction.js';
+import { UpdateAction } from './UpdateAction.js';
+export { CreateAction, DeleteAction, ListAction, ReadAction, SearchAction, UpdateAction };
+//# sourceMappingURL=index.js.map

package/build/src/modeling/actions/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modeling/actions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAqB,MAAM,aAAa,CAAA;AACvD,OAAO,EAAE,YAAY,EAA2B,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAA2B,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,YAAY,EAA2B,MAAM,mBAAmB,CAAA;AACzE,OAAO,EAAE,YAAY,EAA2B,MAAM,mBAAmB,CAAA;AAEzE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAE,CAAA","sourcesContent":["export { Action, type ActionSchema } from './Action.js'\nimport { CreateAction, type CreateActionSchema } from './CreateAction.js'\nimport { DeleteAction, type DeleteActionSchema } from './DeleteAction.js'\nimport { ListAction, type ListActionSchema } from './ListAction.js'\nimport { ReadAction, type ReadActionSchema } from './ReadAction.js'\nimport { SearchAction, type SearchActionSchema } from './SearchAction.js'\nimport { UpdateAction, type UpdateActionSchema } from './UpdateAction.js'\n\nexport { CreateAction, DeleteAction, ListAction, ReadAction, SearchAction, UpdateAction }\nexport type {\n  CreateActionSchema,\n  DeleteActionSchema,\n  ListActionSchema,\n  ReadActionSchema,\n  SearchActionSchema,\n  UpdateActionSchema,\n}\n\n/**\n * Represents a specific, configurable API operation applied to a Data Entity.\n * Corresponds to common RESTful interactions.\n */\nexport type ApiAction = CreateAction | DeleteAction | ListAction | ReadAction | SearchAction | UpdateAction\n\n/**\n * Schema representation of a specific, configurable API operation applied to a Data Entity.\n * Corresponds to common RESTful interactions.\n */\nexport type ApiActionSchema =\n  | CreateActionSchema\n  | DeleteActionSchema\n  | ListActionSchema\n  | ReadActionSchema\n  | SearchActionSchema\n  | UpdateActionSchema\n\n/**\n * The kind of action to perform.\n */\nexport type ActionKind = 'list' | 'read' | 'create' | 'update' | 'delete' | 'search'\n"]}

package/build/src/modeling/index.d.ts

@@ -0,0 +1,12 @@
+export * from './actions/index.js';
+export * from './rules/index.js';
+export * from './types.js';
+export { ApiModel, type ApiModelSchema, type ApiContact, type ApiLicense } from './ApiModel.js';
+export { DataDomain, type DataDomainSchema } from './DataDomain.js';
+export { DomainAssociation, type DomainAssociationSchema, type OnDeleteRule } from './DomainAssociation.js';
+export { DomainEntity, type DomainEntitySchema, type EntityOrderedItem } from './DomainEntity.js';
+export { DomainModel, type DomainModelSchema, type ModelOrderedItem } from './DomainModel.js';
+export { DomainNamespace, type DomainNamespaceSchema, type NamespaceOrderedItem } from './DomainNamespace.js';
+export { DomainProperty, type DomainPropertySchema } from './DomainProperty.js';
+export { ExposedEntity } from './ExposedEntity.js';
+//# sourceMappingURL=index.d.ts.map

package/build/src/modeling/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/modeling/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,kBAAkB,CAAA;AAChC,cAAc,YAAY,CAAA;AAC1B,OAAO,EAAE,QAAQ,EAAE,KAAK,cAAc,EAAE,KAAK,UAAU,EAAE,KAAK,UAAU,EAAE,MAAM,eAAe,CAAA;AAC/F,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,iBAAiB,EAAE,KAAK,uBAAuB,EAAE,KAAK,YAAY,EAAE,MAAM,wBAAwB,CAAA;AAC3G,OAAO,EAAE,YAAY,EAAE,KAAK,kBAAkB,EAAE,KAAK,iBAAiB,EAAE,MAAM,mBAAmB,CAAA;AACjG,OAAO,EAAE,WAAW,EAAE,KAAK,iBAAiB,EAAE,KAAK,gBAAgB,EAAE,MAAM,kBAAkB,CAAA;AAC7F,OAAO,EAAE,eAAe,EAAE,KAAK,qBAAqB,EAAE,KAAK,oBAAoB,EAAE,MAAM,sBAAsB,CAAA;AAC7G,OAAO,EAAE,cAAc,EAAE,KAAK,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA"}

package/build/src/modeling/index.js

@@ -0,0 +1,12 @@
+export * from './actions/index.js';
+export * from './rules/index.js';
+export * from './types.js';
+export { ApiModel } from './ApiModel.js';
+export { DataDomain } from './DataDomain.js';
+export { DomainAssociation } from './DomainAssociation.js';
+export { DomainEntity } from './DomainEntity.js';
+export { DomainModel } from './DomainModel.js';
+export { DomainNamespace } from './DomainNamespace.js';
+export { DomainProperty } from './DomainProperty.js';
+export { ExposedEntity } from './ExposedEntity.js';
+//# sourceMappingURL=index.js.map

package/build/src/modeling/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/modeling/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,kBAAkB,CAAA;AAChC,cAAc,YAAY,CAAA;AAC1B,OAAO,EAAE,QAAQ,EAAyD,MAAM,eAAe,CAAA;AAC/F,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,iBAAiB,EAAmD,MAAM,wBAAwB,CAAA;AAC3G,OAAO,EAAE,YAAY,EAAmD,MAAM,mBAAmB,CAAA;AACjG,OAAO,EAAE,WAAW,EAAiD,MAAM,kBAAkB,CAAA;AAC7F,OAAO,EAAE,eAAe,EAAyD,MAAM,sBAAsB,CAAA;AAC7G,OAAO,EAAE,cAAc,EAA6B,MAAM,qBAAqB,CAAA;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA","sourcesContent":["export * from './actions/index.js'\nexport * from './rules/index.js'\nexport * from './types.js'\nexport { ApiModel, type ApiModelSchema, type ApiContact, type ApiLicense } from './ApiModel.js'\nexport { DataDomain, type DataDomainSchema } from './DataDomain.js'\nexport { DomainAssociation, type DomainAssociationSchema, type OnDeleteRule } from './DomainAssociation.js'\nexport { DomainEntity, type DomainEntitySchema, type EntityOrderedItem } from './DomainEntity.js'\nexport { DomainModel, type DomainModelSchema, type ModelOrderedItem } from './DomainModel.js'\nexport { DomainNamespace, type DomainNamespaceSchema, type NamespaceOrderedItem } from './DomainNamespace.js'\nexport { DomainProperty, type DomainPropertySchema } from './DomainProperty.js'\nexport { ExposedEntity } from './ExposedEntity.js'\n"]}

package/build/src/modeling/rules/AccessRule.d.ts

@@ -0,0 +1,17 @@
+export interface AccessRuleSchema {
+    /**
+     * The unique identifier for the access rule.
+     * This is used to reference the rule in the API configuration.
+     */
+    type: string;
+}
+/**
+ * Base class for all access rules.
+ */
+export declare class AccessRule extends EventTarget implements AccessRuleSchema {
+    readonly type: string;
+    constructor(state?: Partial<AccessRuleSchema>);
+    toJSON(): AccessRuleSchema;
+    notifyChange(): void;
+}
+//# sourceMappingURL=AccessRule.d.ts.map

package/build/src/modeling/rules/AccessRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccessRule.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/AccessRule.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,gBAAgB;IAC/B;;;OAGG;IACH,IAAI,EAAE,MAAM,CAAA;CACb;AAED;;GAEG;AACH,qBAAa,UAAW,SAAQ,WAAY,YAAW,gBAAgB;IACrE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;gBAET,KAAK,GAAE,OAAO,CAAC,gBAAgB,CAAM;IAKjD,MAAM,IAAI,gBAAgB;IAM1B,YAAY;CAGb"}

package/build/src/modeling/rules/AccessRule.js

@@ -0,0 +1,19 @@
+/**
+ * Base class for all access rules.
+ */
+export class AccessRule extends EventTarget {
+    type;
+    constructor(state = {}) {
+        super();
+        this.type = state.type ?? '';
+    }
+    toJSON() {
+        return {
+            type: this.type,
+        };
+    }
+    notifyChange() {
+        this.dispatchEvent(new Event('change'));
+    }
+}
+//# sourceMappingURL=AccessRule.js.map

package/build/src/modeling/rules/AccessRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccessRule.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AccessRule.ts"],"names":[],"mappings":"AAQA;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,WAAW;IAChC,IAAI,CAAQ;IAErB,YAAY,QAAmC,EAAE;QAC/C,KAAK,EAAE,CAAA;QACP,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,EAAE,CAAA;IAC9B,CAAC;IAED,MAAM;QACJ,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAA;IACH,CAAC;IAED,YAAY;QACV,IAAI,CAAC,aAAa,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAA;IACzC,CAAC;CACF","sourcesContent":["export interface AccessRuleSchema {\n  /**\n   * The unique identifier for the access rule.\n   * This is used to reference the rule in the API configuration.\n   */\n  type: string\n}\n\n/**\n * Base class for all access rules.\n */\nexport class AccessRule extends EventTarget implements AccessRuleSchema {\n  readonly type: string\n\n  constructor(state: Partial<AccessRuleSchema> = {}) {\n    super()\n    this.type = state.type ?? ''\n  }\n\n  toJSON(): AccessRuleSchema {\n    return {\n      type: this.type,\n    }\n  }\n\n  notifyChange() {\n    this.dispatchEvent(new Event('change'))\n  }\n}\n"]}

package/build/src/modeling/rules/AllowAuthenticated.d.ts

@@ -0,0 +1,19 @@
+import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
+/**
+ * The action is allowed for any authenticated user.
+ * This rule does not impose any additional restrictions based on user properties or resource ownership.
+ * It is used for resources that should be accessible to all logged-in users.
+ */
+export interface AllowAuthenticatedAccessRuleSchema extends AccessRuleSchema {
+    type: 'authenticated';
+}
+/**
+ * The action is allowed for any authenticated user.
+ * This rule does not impose any additional restrictions based on user properties or resource ownership.
+ * It is used for resources that should be accessible to all logged-in users.
+ */
+export declare class AllowAuthenticatedAccessRule extends AccessRule implements AllowAuthenticatedAccessRuleSchema {
+    readonly type: 'authenticated';
+    constructor(state?: Partial<AllowAuthenticatedAccessRuleSchema>);
+}
+//# sourceMappingURL=AllowAuthenticated.d.ts.map

package/build/src/modeling/rules/AllowAuthenticated.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AllowAuthenticated.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowAuthenticated.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAEnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,eAAe,CAAA;CACtB;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,eAAe,CAAA;gBAE3B,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;CAIpE"}

package/build/src/modeling/rules/AllowAuthenticated.js

@@ -0,0 +1,14 @@
+import { AccessRule } from './AccessRule.js';
+/**
+ * The action is allowed for any authenticated user.
+ * This rule does not impose any additional restrictions based on user properties or resource ownership.
+ * It is used for resources that should be accessible to all logged-in users.
+ */
+export class AllowAuthenticatedAccessRule extends AccessRule {
+    type;
+    constructor(state = {}) {
+        super(state);
+        this.type = 'authenticated';
+    }
+}
+//# sourceMappingURL=AllowAuthenticated.js.map

package/build/src/modeling/rules/AllowAuthenticated.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AllowAuthenticated.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowAuthenticated.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AAWnE;;;;GAIG;AACH,MAAM,OAAO,4BAA6B,SAAQ,UAAU;IACxC,IAAI,CAAiB;IAEvC,YAAY,QAAqD,EAAE;QACjE,KAAK,CAAC,KAAK,CAAC,CAAA;QACZ,IAAI,CAAC,IAAI,GAAG,eAAe,CAAA;IAC7B,CAAC;CACF","sourcesContent":["import { AccessRule, type AccessRuleSchema } from './AccessRule.js'\n\n/**\n * The action is allowed for any authenticated user.\n * This rule does not impose any additional restrictions based on user properties or resource ownership.\n * It is used for resources that should be accessible to all logged-in users.\n */\nexport interface AllowAuthenticatedAccessRuleSchema extends AccessRuleSchema {\n  type: 'authenticated'\n}\n\n/**\n * The action is allowed for any authenticated user.\n * This rule does not impose any additional restrictions based on user properties or resource ownership.\n * It is used for resources that should be accessible to all logged-in users.\n */\nexport class AllowAuthenticatedAccessRule extends AccessRule implements AllowAuthenticatedAccessRuleSchema {\n  override readonly type: 'authenticated'\n\n  constructor(state: Partial<AllowAuthenticatedAccessRuleSchema> = {}) {\n    super(state)\n    this.type = 'authenticated'\n  }\n}\n"]}

package/build/src/modeling/rules/AllowPublic.d.ts

@@ -0,0 +1,19 @@
+import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
+/**
+ * The action is allowed for all users, including unauthenticated ones.
+ * This is typically used for public APIs or resources that do not require authentication.
+ * It is the most permissive rule and should be used with caution.
+ */
+export interface AllowPublicAccessRuleSchema extends AccessRuleSchema {
+    type: 'public';
+}
+/**
+ * The action is allowed for all users, including unauthenticated ones.
+ * This is typically used for public APIs or resources that do not require authentication.
+ * It is the most permissive rule and should be used with caution.
+ */
+export declare class AllowPublicAccessRule extends AccessRule implements AllowPublicAccessRuleSchema {
+    readonly type: 'public';
+    constructor(state?: Partial<AllowPublicAccessRuleSchema>);
+}
+//# sourceMappingURL=AllowPublic.d.ts.map

package/build/src/modeling/rules/AllowPublic.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AllowPublic.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowPublic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAEnE;;;;GAIG;AACH,MAAM,WAAW,2BAA4B,SAAQ,gBAAgB;IACnE,IAAI,EAAE,QAAQ,CAAA;CACf;AAED;;;;GAIG;AACH,qBAAa,qBAAsB,SAAQ,UAAW,YAAW,2BAA2B;IAC1F,SAAkB,IAAI,EAAE,QAAQ,CAAA;gBAEpB,KAAK,GAAE,OAAO,CAAC,2BAA2B,CAAM;CAI7D"}

package/build/src/modeling/rules/AllowPublic.js

@@ -0,0 +1,14 @@
+import { AccessRule } from './AccessRule.js';
+/**
+ * The action is allowed for all users, including unauthenticated ones.
+ * This is typically used for public APIs or resources that do not require authentication.
+ * It is the most permissive rule and should be used with caution.
+ */
+export class AllowPublicAccessRule extends AccessRule {
+    type;
+    constructor(state = {}) {
+        super(state);
+        this.type = 'public';
+    }
+}
+//# sourceMappingURL=AllowPublic.js.map

package/build/src/modeling/rules/AllowPublic.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AllowPublic.js","sourceRoot":"","sources":["../../../../src/modeling/rules/AllowPublic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AAWnE;;;;GAIG;AACH,MAAM,OAAO,qBAAsB,SAAQ,UAAU;IACjC,IAAI,CAAU;IAEhC,YAAY,QAA8C,EAAE;QAC1D,KAAK,CAAC,KAAK,CAAC,CAAA;QACZ,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAA;IACtB,CAAC;CACF","sourcesContent":["import { AccessRule, type AccessRuleSchema } from './AccessRule.js'\n\n/**\n * The action is allowed for all users, including unauthenticated ones.\n * This is typically used for public APIs or resources that do not require authentication.\n * It is the most permissive rule and should be used with caution.\n */\nexport interface AllowPublicAccessRuleSchema extends AccessRuleSchema {\n  type: 'public'\n}\n\n/**\n * The action is allowed for all users, including unauthenticated ones.\n * This is typically used for public APIs or resources that do not require authentication.\n * It is the most permissive rule and should be used with caution.\n */\nexport class AllowPublicAccessRule extends AccessRule implements AllowPublicAccessRuleSchema {\n  override readonly type: 'public'\n\n  constructor(state: Partial<AllowPublicAccessRuleSchema> = {}) {\n    super(state)\n    this.type = 'public'\n  }\n}\n"]}

package/build/src/modeling/rules/MatchEmailDomain.d.ts

@@ -0,0 +1,25 @@
+import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
+/**
+ * The action is allowed if the authenticated user's email domain matches a specific domain.
+ * This is used to restrict access based on the user's email address.
+ * For example, only users with an email address from "my-company.com" can access certain resources.
+ */
+export interface MatchEmailDomainAccessRuleSchema extends AccessRuleSchema {
+    type: 'matchEmailDomain';
+    /**
+     * The email domains that the authenticated user's email must match.
+     */
+    domains: string[];
+}
+/**
+ * The action is allowed if the authenticated user's email domain matches a specific domain.
+ * This is used to restrict access based on the user's email address.
+ * For example, only users with an email address from "my-company.com" can access certain resources.
+ */
+export declare class MatchEmailDomainAccessRule extends AccessRule implements MatchEmailDomainAccessRuleSchema {
+    readonly type: 'matchEmailDomain';
+    accessor domains: string[];
+    constructor(state?: Partial<MatchEmailDomainAccessRuleSchema>);
+    toJSON(): MatchEmailDomainAccessRuleSchema;
+}
+//# sourceMappingURL=MatchEmailDomain.d.ts.map

package/build/src/modeling/rules/MatchEmailDomain.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"MatchEmailDomain.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchEmailDomain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,gCAAiC,SAAQ,gBAAgB;IACxE,IAAI,EAAE,kBAAkB,CAAA;IACxB;;OAEG;IACH,OAAO,EAAE,MAAM,EAAE,CAAA;CAClB;AAED;;;;GAIG;AACH,qBAAa,0BAA2B,SAAQ,UAAW,YAAW,gCAAgC;IACpG,SAAkB,IAAI,EAAE,kBAAkB,CAAA;IAEhB,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,CAAA;gBAExC,KAAK,GAAE,OAAO,CAAC,gCAAgC,CAAM;IAMxD,MAAM,IAAI,gCAAgC;CAMpD"}

package/build/src/modeling/rules/MatchEmailDomain.js

@@ -0,0 +1,40 @@
+import { __esDecorate, __runInitializers } from "tslib";
+import { AccessRule } from './AccessRule.js';
+import { observed, toRaw } from '../../decorators/observed.js';
+/**
+ * The action is allowed if the authenticated user's email domain matches a specific domain.
+ * This is used to restrict access based on the user's email address.
+ * For example, only users with an email address from "my-company.com" can access certain resources.
+ */
+let MatchEmailDomainAccessRule = (() => {
+    let _classSuper = AccessRule;
+    let _domains_decorators;
+    let _domains_initializers = [];
+    let _domains_extraInitializers = [];
+    return class MatchEmailDomainAccessRule extends _classSuper {
+        static {
+            const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
+            _domains_decorators = [observed({ deep: true })];
+            __esDecorate(this, null, _domains_decorators, { kind: "accessor", name: "domains", static: false, private: false, access: { has: obj => "domains" in obj, get: obj => obj.domains, set: (obj, value) => { obj.domains = value; } }, metadata: _metadata }, _domains_initializers, _domains_extraInitializers);
+            if (_metadata) Object.defineProperty(this, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
+        }
+        type;
+        #domains_accessor_storage = __runInitializers(this, _domains_initializers, void 0);
+        get domains() { return this.#domains_accessor_storage; }
+        set domains(value) { this.#domains_accessor_storage = value; }
+        constructor(state = {}) {
+            super(state);
+            __runInitializers(this, _domains_extraInitializers);
+            this.type = 'matchEmailDomain';
+            this.domains = state.domains ? [...state.domains] : [];
+        }
+        toJSON() {
+            return {
+                ...super.toJSON(),
+                domains: structuredClone(toRaw(this, this.domains)),
+            };
+        }
+    };
+})();
+export { MatchEmailDomainAccessRule };
+//# sourceMappingURL=MatchEmailDomain.js.map

package/build/src/modeling/rules/MatchEmailDomain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"MatchEmailDomain.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchEmailDomain.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,8BAA8B,CAAA;AAe9D;;;;GAIG;IACU,0BAA0B;sBAAS,UAAU;;;;iBAA7C,0BAA2B,SAAQ,WAAU;;;mCAGvD,QAAQ,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;YAAC,0KAAS,OAAO,6BAAP,OAAO,yFAAU;;;QAFlC,IAAI,CAAoB;QAEhB,mFAA0B;QAA1B,IAAS,OAAO,6CAAU;QAA1B,IAAS,OAAO,mDAAU;QAEpD,YAAY,QAAmD,EAAE;YAC/D,KAAK,CAAC,KAAK,CAAC,CAAA;;YACZ,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAA;YAC9B,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;SACvD;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAuC;gBACvD,OAAO,EAAE,eAAe,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAa;aAChE,CAAA;QACH,CAAC;;;SAhBU,0BAA0B","sourcesContent":["import { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed, toRaw } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if the authenticated user's email domain matches a specific domain.\n * This is used to restrict access based on the user's email address.\n * For example, only users with an email address from \"my-company.com\" can access certain resources.\n */\nexport interface MatchEmailDomainAccessRuleSchema extends AccessRuleSchema {\n  type: 'matchEmailDomain'\n  /**\n   * The email domains that the authenticated user's email must match.\n   */\n  domains: string[]\n}\n\n/**\n * The action is allowed if the authenticated user's email domain matches a specific domain.\n * This is used to restrict access based on the user's email address.\n * For example, only users with an email address from \"my-company.com\" can access certain resources.\n */\nexport class MatchEmailDomainAccessRule extends AccessRule implements MatchEmailDomainAccessRuleSchema {\n  override readonly type: 'matchEmailDomain'\n\n  @observed({ deep: true }) accessor domains: string[]\n\n  constructor(state: Partial<MatchEmailDomainAccessRuleSchema> = {}) {\n    super(state)\n    this.type = 'matchEmailDomain'\n    this.domains = state.domains ? [...state.domains] : []\n  }\n\n  override toJSON(): MatchEmailDomainAccessRuleSchema {\n    return {\n      ...(super.toJSON() as MatchEmailDomainAccessRuleSchema),\n      domains: structuredClone(toRaw(this, this.domains)) as string[],\n    }\n  }\n}\n"]}

package/build/src/modeling/rules/MatchResourceOwner.d.ts

@@ -0,0 +1,29 @@
+import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
+/**
+ * The action is allowed if the authenticated user's ID matches a specific property on the resource.
+ * This is typically used to restrict access to resources owned by the user.
+ * For example, a user can only access their own profile or documents.
+ */
+export interface MatchResourceOwnerAccessRuleSchema extends AccessRuleSchema {
+    type: 'resourceOwner';
+    /**
+     * The property on the resource that should match the authenticated user's ID.
+     * This is typically the ID of the user who owns the resource.
+     *
+     * The domain model should annotate this property with the "ResourceOwnerIdentifier" semantic
+     * to indicate that it is used for ownership checks.
+     */
+    property: string;
+}
+/**
+ * The action is allowed if the authenticated user's ID matches a specific property on the resource.
+ * This is typically used to restrict access to resources owned by the user.
+ * For example, a user can only access their own profile or documents.
+ */
+export declare class MatchResourceOwnerAccessRule extends AccessRule implements MatchResourceOwnerAccessRuleSchema {
+    readonly type: 'resourceOwner';
+    accessor property: string;
+    constructor(state?: Partial<MatchResourceOwnerAccessRuleSchema>);
+    toJSON(): MatchResourceOwnerAccessRuleSchema;
+}
+//# sourceMappingURL=MatchResourceOwner.d.ts.map

package/build/src/modeling/rules/MatchResourceOwner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"MatchResourceOwner.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;IAC1E,IAAI,EAAE,eAAe,CAAA;IACrB;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAA;CACjB;AAED;;;;GAIG;AACH,qBAAa,4BAA6B,SAAQ,UAAW,YAAW,kCAAkC;IACxG,SAAkB,IAAI,EAAE,eAAe,CAAA;IAE3B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;gBAEzB,KAAK,GAAE,OAAO,CAAC,kCAAkC,CAAM;IAM1D,MAAM,IAAI,kCAAkC;CAMtD"}

package/build/src/modeling/rules/MatchResourceOwner.js

@@ -0,0 +1,40 @@
+import { __esDecorate, __runInitializers } from "tslib";
+import { AccessRule } from './AccessRule.js';
+import { observed } from '../../decorators/observed.js';
+/**
+ * The action is allowed if the authenticated user's ID matches a specific property on the resource.
+ * This is typically used to restrict access to resources owned by the user.
+ * For example, a user can only access their own profile or documents.
+ */
+let MatchResourceOwnerAccessRule = (() => {
+    let _classSuper = AccessRule;
+    let _property_decorators;
+    let _property_initializers = [];
+    let _property_extraInitializers = [];
+    return class MatchResourceOwnerAccessRule extends _classSuper {
+        static {
+            const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
+            _property_decorators = [observed()];
+            __esDecorate(this, null, _property_decorators, { kind: "accessor", name: "property", static: false, private: false, access: { has: obj => "property" in obj, get: obj => obj.property, set: (obj, value) => { obj.property = value; } }, metadata: _metadata }, _property_initializers, _property_extraInitializers);
+            if (_metadata) Object.defineProperty(this, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
+        }
+        type;
+        #property_accessor_storage = __runInitializers(this, _property_initializers, void 0);
+        get property() { return this.#property_accessor_storage; }
+        set property(value) { this.#property_accessor_storage = value; }
+        constructor(state = {}) {
+            super(state);
+            __runInitializers(this, _property_extraInitializers);
+            this.type = 'resourceOwner';
+            this.property = state.property ?? '';
+        }
+        toJSON() {
+            return {
+                ...super.toJSON(),
+                property: this.property,
+            };
+        }
+    };
+})();
+export { MatchResourceOwnerAccessRule };
+//# sourceMappingURL=MatchResourceOwner.js.map

package/build/src/modeling/rules/MatchResourceOwner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"MatchResourceOwner.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchResourceOwner.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AAmBvD;;;;GAIG;IACU,4BAA4B;sBAAS,UAAU;;;;iBAA/C,4BAA6B,SAAQ,WAAU;;;oCAGzD,QAAQ,EAAE;YAAC,6KAAS,QAAQ,6BAAR,QAAQ,2FAAQ;;;QAFnB,IAAI,CAAiB;QAE3B,qFAAyB;QAAzB,IAAS,QAAQ,8CAAQ;QAAzB,IAAS,QAAQ,oDAAQ;QAErC,YAAY,QAAqD,EAAE;YACjE,KAAK,CAAC,KAAK,CAAC,CAAA;;YACZ,IAAI,CAAC,IAAI,GAAG,eAAe,CAAA;YAC3B,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAA;SACrC;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAyC;gBACzD,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAA;QACH,CAAC;;;SAhBU,4BAA4B","sourcesContent":["import { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport interface MatchResourceOwnerAccessRuleSchema extends AccessRuleSchema {\n  type: 'resourceOwner'\n  /**\n   * The property on the resource that should match the authenticated user's ID.\n   * This is typically the ID of the user who owns the resource.\n   *\n   * The domain model should annotate this property with the \"ResourceOwnerIdentifier\" semantic\n   * to indicate that it is used for ownership checks.\n   */\n  property: string\n}\n\n/**\n * The action is allowed if the authenticated user's ID matches a specific property on the resource.\n * This is typically used to restrict access to resources owned by the user.\n * For example, a user can only access their own profile or documents.\n */\nexport class MatchResourceOwnerAccessRule extends AccessRule implements MatchResourceOwnerAccessRuleSchema {\n  override readonly type: 'resourceOwner'\n\n  @observed() accessor property: string\n\n  constructor(state: Partial<MatchResourceOwnerAccessRuleSchema> = {}) {\n    super(state)\n    this.type = 'resourceOwner'\n    this.property = state.property ?? ''\n  }\n\n  override toJSON(): MatchResourceOwnerAccessRuleSchema {\n    return {\n      ...(super.toJSON() as MatchResourceOwnerAccessRuleSchema),\n      property: this.property,\n    }\n  }\n}\n"]}

package/build/src/modeling/rules/MatchUserProperty.d.ts

@@ -0,0 +1,28 @@
+import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
+/**
+ * The action is allowed if a specific property on the authenticated user matches an expected value.
+ * This is used to enforce other user-specific restrictions.
+ */
+export interface MatchUserPropertyAccessRuleSchema extends AccessRuleSchema {
+    type: 'matchUserProperty';
+    /**
+     * The property on the authenticated user that should match the expected value.
+     */
+    property: string;
+    /**
+     * The expected value for the user property.
+     */
+    value: string;
+}
+/**
+ * The action is allowed if a specific property on the authenticated user matches an expected value.
+ * This is used to enforce other user-specific restrictions.
+ */
+export declare class MatchUserPropertyAccessRule extends AccessRule implements MatchUserPropertyAccessRuleSchema {
+    readonly type: 'matchUserProperty';
+    accessor property: string;
+    accessor value: string;
+    constructor(state?: Partial<MatchUserPropertyAccessRuleSchema>);
+    toJSON(): MatchUserPropertyAccessRuleSchema;
+}
+//# sourceMappingURL=MatchUserProperty.d.ts.map

package/build/src/modeling/rules/MatchUserProperty.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"MatchUserProperty.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserProperty.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;GAGG;AACH,MAAM,WAAW,iCAAkC,SAAQ,gBAAgB;IACzE,IAAI,EAAE,mBAAmB,CAAA;IACzB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAA;IAChB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAA;CACd;AAED;;;GAGG;AACH,qBAAa,2BAA4B,SAAQ,UAAW,YAAW,iCAAiC;IACtG,SAAkB,IAAI,EAAE,mBAAmB,CAAA;IAE/B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;IACzB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;gBAEtB,KAAK,GAAE,OAAO,CAAC,iCAAiC,CAAM;IAOzD,MAAM,IAAI,iCAAiC;CAOrD"}

package/build/src/modeling/rules/MatchUserProperty.js

@@ -0,0 +1,49 @@
+import { __esDecorate, __runInitializers } from "tslib";
+import { AccessRule } from './AccessRule.js';
+import { observed } from '../../decorators/observed.js';
+/**
+ * The action is allowed if a specific property on the authenticated user matches an expected value.
+ * This is used to enforce other user-specific restrictions.
+ */
+let MatchUserPropertyAccessRule = (() => {
+    let _classSuper = AccessRule;
+    let _property_decorators;
+    let _property_initializers = [];
+    let _property_extraInitializers = [];
+    let _value_decorators;
+    let _value_initializers = [];
+    let _value_extraInitializers = [];
+    return class MatchUserPropertyAccessRule extends _classSuper {
+        static {
+            const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
+            _property_decorators = [observed()];
+            _value_decorators = [observed()];
+            __esDecorate(this, null, _property_decorators, { kind: "accessor", name: "property", static: false, private: false, access: { has: obj => "property" in obj, get: obj => obj.property, set: (obj, value) => { obj.property = value; } }, metadata: _metadata }, _property_initializers, _property_extraInitializers);
+            __esDecorate(this, null, _value_decorators, { kind: "accessor", name: "value", static: false, private: false, access: { has: obj => "value" in obj, get: obj => obj.value, set: (obj, value) => { obj.value = value; } }, metadata: _metadata }, _value_initializers, _value_extraInitializers);
+            if (_metadata) Object.defineProperty(this, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
+        }
+        type;
+        #property_accessor_storage = __runInitializers(this, _property_initializers, void 0);
+        get property() { return this.#property_accessor_storage; }
+        set property(value) { this.#property_accessor_storage = value; }
+        #value_accessor_storage = (__runInitializers(this, _property_extraInitializers), __runInitializers(this, _value_initializers, void 0));
+        get value() { return this.#value_accessor_storage; }
+        set value(value) { this.#value_accessor_storage = value; }
+        constructor(state = {}) {
+            super(state);
+            __runInitializers(this, _value_extraInitializers);
+            this.type = 'matchUserProperty';
+            this.property = state.property ?? '';
+            this.value = state.value ?? '';
+        }
+        toJSON() {
+            return {
+                ...super.toJSON(),
+                property: this.property,
+                value: this.value,
+            };
+        }
+    };
+})();
+export { MatchUserPropertyAccessRule };
+//# sourceMappingURL=MatchUserProperty.js.map

package/build/src/modeling/rules/MatchUserProperty.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"MatchUserProperty.js","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserProperty.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,UAAU,EAAyB,MAAM,iBAAiB,CAAA;AACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AAkBvD;;;GAGG;IACU,2BAA2B;sBAAS,UAAU;;;;;;;iBAA9C,2BAA4B,SAAQ,WAAU;;;oCAGxD,QAAQ,EAAE;iCACV,QAAQ,EAAE;YADC,6KAAS,QAAQ,6BAAR,QAAQ,2FAAQ;YACzB,oKAAS,KAAK,6BAAL,KAAK,qFAAQ;;;QAHhB,IAAI,CAAqB;QAE/B,qFAAyB;QAAzB,IAAS,QAAQ,8CAAQ;QAAzB,IAAS,QAAQ,oDAAQ;QACzB,uIAAsB;QAAtB,IAAS,KAAK,2CAAQ;QAAtB,IAAS,KAAK,iDAAQ;QAElC,YAAY,QAAoD,EAAE;YAChE,KAAK,CAAC,KAAK,CAAC,CAAA;;YACZ,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAA;YAC/B,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAA;YACpC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,EAAE,CAAA;SAC/B;QAEQ,MAAM;YACb,OAAO;gBACL,GAAI,KAAK,CAAC,MAAM,EAAwC;gBACxD,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAA;QACH,CAAC;;;SAnBU,2BAA2B","sourcesContent":["import { AccessRule, type AccessRuleSchema } from './AccessRule.js'\nimport { observed } from '../../decorators/observed.js'\n\n/**\n * The action is allowed if a specific property on the authenticated user matches an expected value.\n * This is used to enforce other user-specific restrictions.\n */\nexport interface MatchUserPropertyAccessRuleSchema extends AccessRuleSchema {\n  type: 'matchUserProperty'\n  /**\n   * The property on the authenticated user that should match the expected value.\n   */\n  property: string\n  /**\n   * The expected value for the user property.\n   */\n  value: string\n}\n\n/**\n * The action is allowed if a specific property on the authenticated user matches an expected value.\n * This is used to enforce other user-specific restrictions.\n */\nexport class MatchUserPropertyAccessRule extends AccessRule implements MatchUserPropertyAccessRuleSchema {\n  override readonly type: 'matchUserProperty'\n\n  @observed() accessor property: string\n  @observed() accessor value: string\n\n  constructor(state: Partial<MatchUserPropertyAccessRuleSchema> = {}) {\n    super(state)\n    this.type = 'matchUserProperty'\n    this.property = state.property ?? ''\n    this.value = state.value ?? ''\n  }\n\n  override toJSON(): MatchUserPropertyAccessRuleSchema {\n    return {\n      ...(super.toJSON() as MatchUserPropertyAccessRuleSchema),\n      property: this.property,\n      value: this.value,\n    }\n  }\n}\n"]}

package/build/src/modeling/rules/MatchUserRole.d.ts

@@ -0,0 +1,29 @@
+import { AccessRule, type AccessRuleSchema } from './AccessRule.js';
+/**
+ * The action is allowed if the authenticated user has a specific role.
+ * This is used to enforce role-based access control (RBAC).
+ * For example, only users with the "admin" role can perform certain actions.
+ */
+export interface MatchUserRoleAccessRuleSchema extends AccessRuleSchema {
+    type: 'matchUserRole';
+    /**
+     * The role that the authenticated user must have to access the resource.
+     * This is typically a property on the user entity that defines their role.
+     *
+     * The domain model should annotate this property with the "UserRole" semantic
+     * to indicate that it is used for role-based access control.
+     */
+    role: string[];
+}
+/**
+ * The action is allowed if the authenticated user has a specific role.
+ * This is used to enforce role-based access control (RBAC).
+ * For example, only users with the "admin" role can perform certain actions.
+ */
+export declare class MatchUserRoleAccessRule extends AccessRule implements MatchUserRoleAccessRuleSchema {
+    readonly type: 'matchUserRole';
+    accessor role: string[];
+    constructor(state?: Partial<MatchUserRoleAccessRuleSchema>);
+    toJSON(): MatchUserRoleAccessRuleSchema;
+}
+//# sourceMappingURL=MatchUserRole.d.ts.map

package/build/src/modeling/rules/MatchUserRole.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"MatchUserRole.d.ts","sourceRoot":"","sources":["../../../../src/modeling/rules/MatchUserRole.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAGnE;;;;GAIG;AACH,MAAM,WAAW,6BAA8B,SAAQ,gBAAgB;IACrE,IAAI,EAAE,eAAe,CAAA;IACrB;;;;;;OAMG;IACH,IAAI,EAAE,MAAM,EAAE,CAAA;CACf;AAED;;;;GAIG;AACH,qBAAa,uBAAwB,SAAQ,UAAW,YAAW,6BAA6B;IAC9F,SAAkB,IAAI,EAAE,eAAe,CAAA;IAEb,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,CAAA;gBAErC,KAAK,GAAE,OAAO,CAAC,6BAA6B,CAAM;IAMrD,MAAM,IAAI,6BAA6B;CAMjD"}

package/build/src/modeling/rules/MatchUserRole.js

@@ -0,0 +1,40 @@
+import { __esDecorate, __runInitializers } from "tslib";
+import { AccessRule } from './AccessRule.js';
+import { observed, toRaw } from '../../decorators/observed.js';
+/**
+ * The action is allowed if the authenticated user has a specific role.
+ * This is used to enforce role-based access control (RBAC).
+ * For example, only users with the "admin" role can perform certain actions.
+ */
+let MatchUserRoleAccessRule = (() => {
+    let _classSuper = AccessRule;
+    let _role_decorators;
+    let _role_initializers = [];
+    let _role_extraInitializers = [];
+    return class MatchUserRoleAccessRule extends _classSuper {
+        static {
+            const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
+            _role_decorators = [observed({ deep: true })];
+            __esDecorate(this, null, _role_decorators, { kind: "accessor", name: "role", static: false, private: false, access: { has: obj => "role" in obj, get: obj => obj.role, set: (obj, value) => { obj.role = value; } }, metadata: _metadata }, _role_initializers, _role_extraInitializers);
+            if (_metadata) Object.defineProperty(this, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
+        }
+        type;
+        #role_accessor_storage = __runInitializers(this, _role_initializers, void 0);
+        get role() { return this.#role_accessor_storage; }
+        set role(value) { this.#role_accessor_storage = value; }
+        constructor(state = {}) {
+            super(state);
+            __runInitializers(this, _role_extraInitializers);
+            this.type = 'matchUserRole';
+            this.role = state.role ? [...state.role] : [];
+        }
+        toJSON() {
+            return {
+                ...super.toJSON(),
+                role: structuredClone(toRaw(this, this.role)),
+            };
+        }
+    };
+})();
+export { MatchUserRoleAccessRule };
+//# sourceMappingURL=MatchUserRole.js.map