@blimu/backend 0.7.0 → 1.1.0

package/dist/index.js

@@ -1,88 +1,1042 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
 };
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __reExport = (target, mod, secondTarget) => (__copyProps(target, mod, "default"), secondTarget && __copyProps(secondTarget, mod, "default"));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  Blimu: () => Blimu,
+  BlimuError: () => BlimuError,
+  BulkResourcesService: () => BulkResourcesService,
+  BulkRolesService: () => BulkRolesService,
+  CoreClient: () => CoreClient,
+  EntitlementsService: () => EntitlementsService,
+  FetchError: () => import_fetch.FetchError,
+  PlansService: () => PlansService,
+  ResourceMembersService: () => ResourceMembersService,
+  ResourcesService: () => ResourcesService,
+  RolesService: () => RolesService,
+  Schema: () => schema_exports,
+  UsageService: () => UsageService,
+  UsersService: () => UsersService,
+  ZodSchema: () => schema_zod_exports,
+  listAll: () => listAll,
+  paginate: () => paginate,
+  parseNDJSONStream: () => import_fetch2.parseNDJSONStream,
+  parseSSEStream: () => import_fetch2.parseSSEStream
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/client.ts
+var import_fetch = require("@blimu/fetch");
+var CoreClient = class extends import_fetch.FetchClient {
+  constructor(cfg = {}) {
+    const authStrategies = [];
+    const { auth: _existingAuth, apiKey, ...restCfg } = cfg;
+    if (cfg?.apiKey) {
+      const apiKeyValue = cfg.apiKey;
+      authStrategies.push({
+        type: "apiKey",
+        key: () => apiKeyValue,
+        location: "header",
+        name: "X-API-KEY"
+      });
+    }
+    const finalAuthStrategies = [
+      ..._existingAuth?.strategies || [],
+      ...authStrategies
+    ];
+    const fetchConfig = {
+      ...restCfg,
+      baseURL: cfg.baseURL ?? "https://api.blimu.dev",
+      // Explicitly set auth after restCfg to ensure it's not overwritten
+      // (restCfg might have an auth property that we want to replace)
+      ...finalAuthStrategies.length > 0 ? {
+        auth: {
+          strategies: finalAuthStrategies
+        }
+      } : {}
+      // Hooks are passed through directly from FetchClientConfig (no mapping needed)
     };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.UsersService = exports.UsageService = exports.RolesService = exports.ResourcesService = exports.ResourceMembersService = exports.PlansService = exports.EntitlementsService = exports.BulkRolesService = exports.BulkResourcesService = exports.Schema = exports.BlimuError = exports.FetchError = exports.Blimu = void 0;
-const client_1 = require("./client");
-Object.defineProperty(exports, "FetchError", { enumerable: true, get: function () { return client_1.FetchError; } });
-const bulk_resources_1 = require("./services/bulk_resources");
-const bulk_roles_1 = require("./services/bulk_roles");
-const entitlements_1 = require("./services/entitlements");
-const plans_1 = require("./services/plans");
-const resource_members_1 = require("./services/resource_members");
-const resources_1 = require("./services/resources");
-const roles_1 = require("./services/roles");
-const usage_1 = require("./services/usage");
-const users_1 = require("./services/users");
-class Blimu {
-    constructor(options) {
-        const core = new client_1.CoreClient(options);
-        this.bulkResources = new bulk_resources_1.BulkResourcesService(core);
-        this.bulkRoles = new bulk_roles_1.BulkRolesService(core);
-        this.entitlements = new entitlements_1.EntitlementsService(core);
-        this.plans = new plans_1.PlansService(core);
-        this.resourceMembers = new resource_members_1.ResourceMembersService(core);
-        this.resources = new resources_1.ResourcesService(core);
-        this.roles = new roles_1.RolesService(core);
-        this.usage = new usage_1.UsageService(core);
-        this.users = new users_1.UsersService(core);
+    super(fetchConfig);
+  }
+  async request(init) {
+    return await super.request(init);
+  }
+  async *requestStream(init) {
+    yield* super.requestStream(init);
+  }
+};
+
+// src/services/bulk_resources.ts
+var BulkResourcesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/resources/{resourceType}/bulk*
+   * @summary Bulk create resources*
+   * @description Creates multiple resources of the specified type in a single request. This operation supports partial success - some resources may be created while others fail. The response includes details about successful creations and any errors encountered. Resources can have parent relationships and initial role assignments.*/
+  create(resourceType, body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/bulk`,
+      body,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/bulk_roles.ts
+var BulkRolesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/users/roles/bulk*
+   * @summary Bulk create roles*
+   * @description Assigns multiple roles to users on resources in a single request. This operation supports partial success - some role assignments may succeed while others fail. The response includes details about successful assignments and any errors encountered. All roles must be valid according to your resource definitions.*/
+  create(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/users/roles/bulk`,
+      body,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/entitlements.ts
+var EntitlementsService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * POST /v1/entitlements/check*
+   * @summary Check if a user has a specific entitlement on a resource*
+   * @description Checks whether a user has permission to perform a specific action (entitlement) on a resource. This endpoint evaluates role-based access, plan gating, and usage limits. The response includes detailed information about why access was granted or denied, including which roles were checked, plan requirements, and usage limit status.*/
+  checkEntitlement(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/entitlements/check`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * GET /v1/entitlements/list-for-resource/{resourceType}/{resourceId}*
+   * @summary List entitlements for a specific resource*
+   * @description Returns entitlements for a specific resource and user. Only evaluates roles and plans (excludes limits). Provides detailed information about why entitlements are allowed or denied, including current roles, allowed roles, current plan, and allowed plans. Results are cached per resource for performance.*/
+  listForResource(resourceType, resourceId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/entitlements/list-for-resource/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,
+      query,
+      ...init || {}
+    });
+  }
+  /**
+   * GET /v1/entitlements/list-for-tenant/{tenantResourceId}*
+   * @summary List entitlements for a tenant and all its sub-resources*
+   * @description Returns entitlements for a tenant resource and all its descendant resources. This endpoint scopes queries to a single tenant, preventing cross-tenant data access. Only evaluates roles and plans (excludes limits). Results are cached per resource for performance. The tenant resource type is automatically determined from the environment definition (resource marked as `is_tenant: true`).*/
+  listForTenant(tenantResourceId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/entitlements/list-for-tenant/${encodeURIComponent(tenantResourceId)}`,
+      query,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/plans.ts
+var PlansService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * DELETE /v1/resources/{resourceType}/{resourceId}/plan*
+   * @summary Remove plan assignment from a tenant resource*
+   * @description Removes the billing plan assignment from a tenant resource. After removal, the resource will have no plan and will be subject to default limits.*/
+  delete(resourceType, resourceId, init) {
+    return this.core.request({
+      method: "DELETE",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}/plan`,
+      ...init || {}
+    });
+  }
+  /**
+   * GET /v1/resources/{resourceType}/{resourceId}/plan*
+   * @summary Get the plan assigned to a tenant resource*
+   * @description Retrieves the billing plan currently assigned to a tenant resource, if any.*/
+  read(resourceType, resourceId, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}/plan`,
+      ...init || {}
+    });
+  }
+  /**
+   * POST /v1/resources/{resourceType}/{resourceId}/plan*
+   * @summary Assign a plan to a tenant resource*
+   * @description Assigns a billing plan to a tenant resource. Plans control feature access and usage limits based on your plan definitions. The resource must be marked as a tenant in your resource definitions.*/
+  assign(resourceType, resourceId, body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}/plan`,
+      body,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/resource_members.ts
+var ResourceMembersService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/resources/{resourceType}/{resourceId}/members*
+   * @summary List members for a resource*
+   * @description Retrieves a paginated list of users who have roles (direct or inherited) on the specified resource. Supports search functionality to filter users by email or name.*/
+  list(resourceType, resourceId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}/members`,
+      query,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/resources.ts
+var ResourcesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/resources/{resourceType}*
+   * @summary List resources*
+   * @description Retrieves a paginated list of resources of the specified type. Supports search and filtering. Resources are returned with their parent relationships and metadata.*/
+  list(resourceType, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}`,
+      query,
+      ...init || {}
+    });
+  }
+  /**
+   * POST /v1/resources/{resourceType}*
+   * @summary Create a resource*
+   * @description Creates a new resource of the specified type. Resources can have parent relationships to form hierarchies. You can optionally assign initial roles to users when creating the resource. Parent resources must already exist.*/
+  create(resourceType, body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * DELETE /v1/resources/{resourceType}/{resourceId}*
+   * @summary Delete a resource*
+   * @description Deletes a resource by its type and ID. This operation is permanent and cannot be undone. Deleting a resource may affect child resources that depend on it.*/
+  delete(resourceType, resourceId, init) {
+    return this.core.request({
+      method: "DELETE",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,
+      ...init || {}
+    });
+  }
+  /**
+   * GET /v1/resources/{resourceType}/{resourceId}*
+   * @summary Read a resource*
+   * @description Retrieves a single resource by its type and ID. Returns the resource with its parent relationships and metadata.*/
+  read(resourceType, resourceId, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,
+      ...init || {}
+    });
+  }
+  /**
+   * PUT /v1/resources/{resourceType}/{resourceId}*
+   * @summary Update a resource*
+   * @description Updates an existing resource. You can update the resource name and modify parent relationships. Parent resources must already exist.*/
+  update(resourceType, resourceId, body, init) {
+    return this.core.request({
+      method: "PUT",
+      path: `/v1/resources/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,
+      body,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/roles.ts
+var RolesService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/users/{userId}/roles*
+   * @summary List user roles*
+   * @description Retrieves a paginated list of roles assigned to a user. Supports filtering by resource type, resource ID, and role name. Returns both directly assigned roles and inherited roles.*/
+  list(userId, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/users/${encodeURIComponent(userId)}/roles`,
+      query,
+      ...init || {}
+    });
+  }
+  /**
+   * POST /v1/users/{userId}/roles*
+   * @summary Create a role (assign role to user on resource)*
+   * @description Assigns a role to a user on a specific resource. The role must be defined in your resource definitions for the specified resource type. Roles can be inherited from parent resources based on your resource configuration.*/
+  create(userId, body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/users/${encodeURIComponent(userId)}/roles`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * DELETE /v1/users/{userId}/roles/{resourceType}/{resourceId}*
+   * @summary Delete a role*
+   * @description Removes a role assignment from a user on a specific resource. This only removes the direct role assignment and does not affect inherited roles from parent resources.*/
+  delete(userId, resourceType, resourceId, init) {
+    return this.core.request({
+      method: "DELETE",
+      path: `/v1/users/${encodeURIComponent(userId)}/roles/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}`,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/usage.ts
+var UsageService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/usage/balance/{resourceType}/{resourceId}/{limitType}*
+   * @summary Get wallet balance*
+   * @description Retrieves the current balance of a usage wallet for a specific resource and limit type within a given time period. The balance reflects all credits and consumption transactions.*/
+  getBalance(resourceType, resourceId, limitType, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/usage/balance/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}/${encodeURIComponent(limitType)}`,
+      query,
+      ...init || {}
+    });
+  }
+  /**
+   * POST /v1/usage/check*
+   * @summary Check if consumption is allowed*
+   * @description Checks whether a specific amount of consumption is allowed for a resource and limit type within a given time period. Returns the current balance, requested amount, and remaining balance after the consumption.*/
+  checkLimit(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/usage/check`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * POST /v1/usage/consume*
+   * @summary Record consumption (inserts negative amount)*
+   * @description Records consumption from a usage wallet for a specific resource and limit type. This decreases the available balance. Consumption can be tagged for tracking purposes.*/
+  consume(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/usage/consume`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * POST /v1/usage/credit*
+   * @summary Add credits to wallet (inserts positive amount)*
+   * @description Adds credits to a usage wallet for a specific resource and limit type. This increases the available balance for usage-based limits. Credits can be tagged for tracking purposes.*/
+  credit(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/usage/credit`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * GET /v1/usage/transactions/{resourceType}/{resourceId}/{limitType}*
+   * @summary Get transaction history*
+   * @description Retrieves the transaction history for a usage wallet, including all credits and consumption records. Supports filtering by time period and date range.*/
+  getTransactionHistory(resourceType, resourceId, limitType, query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/usage/transactions/${encodeURIComponent(resourceType)}/${encodeURIComponent(resourceId)}/${encodeURIComponent(limitType)}`,
+      query,
+      ...init || {}
+    });
+  }
+};
+
+// src/services/users.ts
+var UsersService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * GET /v1/users*
+   * @summary List users*
+   * @description Retrieves a paginated list of users in your environment. Supports search functionality to filter users by email, name, or lookup key.*/
+  list(query, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/users`,
+      query,
+      ...init || {}
+    });
+  }
+  /**
+   * POST /v1/users*
+   * @summary Create a user*
+   * @description Creates a new user in your environment. The lookupKey is a unique identifier that you can use to reference the user in your system. It should be stable and not change over time.*/
+  create(body, init) {
+    return this.core.request({
+      method: "POST",
+      path: `/v1/users`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * DELETE /v1/users/{userId}*
+   * @summary Delete a user*
+   * @description Deletes a user by their ID or lookup key. This operation is permanent and cannot be undone. Deleting a user will also remove all role assignments for that user.*/
+  delete(userId, init) {
+    return this.core.request({
+      method: "DELETE",
+      path: `/v1/users/${encodeURIComponent(userId)}`,
+      ...init || {}
+    });
+  }
+  /**
+   * GET /v1/users/{userId}*
+   * @summary Get a user by ID*
+   * @description Retrieves a single user by their ID or lookup key. Returns user information including email, name, and metadata.*/
+  read(userId, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/users/${encodeURIComponent(userId)}`,
+      ...init || {}
+    });
+  }
+  /**
+   * PUT /v1/users/{userId}*
+   * @summary Update a user*
+   * @description Updates an existing user. You can modify email, name, and other user properties. The lookupKey can be updated but should remain stable.*/
+  update(userId, body, init) {
+    return this.core.request({
+      method: "PUT",
+      path: `/v1/users/${encodeURIComponent(userId)}`,
+      body,
+      ...init || {}
+    });
+  }
+  /**
+   * GET /v1/users/{userId}/effective-user-resources-roles*
+   * @summary List effective user resources roles*
+   * @description Retrieves all resources and roles for a user, including inherited roles from parent resources. The response indicates whether each role is directly assigned or inherited through resource hierarchies.*/
+  listEffectiveUserResourcesRoles(userId, init) {
+    return this.core.request({
+      method: "GET",
+      path: `/v1/users/${encodeURIComponent(userId)}/effective-user-resources-roles`,
+      ...init || {}
+    });
+  }
+};
+
+// src/index.ts
+__reExport(index_exports, require("@blimu/fetch"), module.exports);
+
+// src/utils.ts
+var import_fetch2 = require("@blimu/fetch");
+async function* paginate(fetchPage, initialQuery = {}, pageSize = 100) {
+  let offset = Number(initialQuery.offset ?? 0);
+  const limit = Number(initialQuery.limit ?? pageSize);
+  const baseQuery = { ...initialQuery };
+  while (true) {
+    const page = await fetchPage({ ...baseQuery, limit, offset });
+    const items = page.data ?? [];
+    for (const item of items) {
+      yield item;
     }
+    if (!page.hasMore || items.length < limit) break;
+    offset += limit;
+  }
+}
+async function listAll(fetchPage, query = {}, pageSize = 100) {
+  const out = [];
+  for await (const item of paginate(fetchPage, query, pageSize))
+    out.push(item);
+  return out;
 }
-exports.Blimu = Blimu;
-exports.BlimuError = client_1.FetchError;
-__exportStar(require("./utils"), exports);
-exports.Schema = __importStar(require("./schema"));
-var bulk_resources_2 = require("./services/bulk_resources");
-Object.defineProperty(exports, "BulkResourcesService", { enumerable: true, get: function () { return bulk_resources_2.BulkResourcesService; } });
-var bulk_roles_2 = require("./services/bulk_roles");
-Object.defineProperty(exports, "BulkRolesService", { enumerable: true, get: function () { return bulk_roles_2.BulkRolesService; } });
-var entitlements_2 = require("./services/entitlements");
-Object.defineProperty(exports, "EntitlementsService", { enumerable: true, get: function () { return entitlements_2.EntitlementsService; } });
-var plans_2 = require("./services/plans");
-Object.defineProperty(exports, "PlansService", { enumerable: true, get: function () { return plans_2.PlansService; } });
-var resource_members_2 = require("./services/resource_members");
-Object.defineProperty(exports, "ResourceMembersService", { enumerable: true, get: function () { return resource_members_2.ResourceMembersService; } });
-var resources_2 = require("./services/resources");
-Object.defineProperty(exports, "ResourcesService", { enumerable: true, get: function () { return resources_2.ResourcesService; } });
-var roles_2 = require("./services/roles");
-Object.defineProperty(exports, "RolesService", { enumerable: true, get: function () { return roles_2.RolesService; } });
-var usage_2 = require("./services/usage");
-Object.defineProperty(exports, "UsageService", { enumerable: true, get: function () { return usage_2.UsageService; } });
-var users_2 = require("./services/users");
-Object.defineProperty(exports, "UsersService", { enumerable: true, get: function () { return users_2.UsersService; } });
-__exportStar(require("./token-verifier"), exports);
+
+// src/schema.ts
+var schema_exports = {};
+
+// src/schema.zod.ts
+var schema_zod_exports = {};
+__export(schema_zod_exports, {
+  BalanceResponseSchema: () => BalanceResponseSchema,
+  CheckLimitResponseSchema: () => CheckLimitResponseSchema,
+  EntitlementCheckBodySchema: () => EntitlementCheckBodySchema,
+  EntitlementCheckResultSchema: () => EntitlementCheckResultSchema,
+  EntitlementTypeSchema: () => EntitlementTypeSchema,
+  EntitlementsListForResourceQuerySchema: () => EntitlementsListForResourceQuerySchema,
+  EntitlementsListForTenantQuerySchema: () => EntitlementsListForTenantQuerySchema,
+  EntitlementsListResultSchema: () => EntitlementsListResultSchema,
+  LimitTypeSchema: () => LimitTypeSchema,
+  PlanAssignBodySchema: () => PlanAssignBodySchema,
+  PlanDeleteResponseSchema: () => PlanDeleteResponseSchema,
+  PlanResponseSchema: () => PlanResponseSchema,
+  PlanTypeSchema: () => PlanTypeSchema,
+  ResourceBulkCreateBodySchema: () => ResourceBulkCreateBodySchema,
+  ResourceBulkResultSchema: () => ResourceBulkResultSchema,
+  ResourceCreateBodySchema: () => ResourceCreateBodySchema,
+  ResourceListSchema: () => ResourceListSchema,
+  ResourceMemberListSchema: () => ResourceMemberListSchema,
+  ResourceMembersListQuerySchema: () => ResourceMembersListQuerySchema,
+  ResourceSchema: () => ResourceSchema,
+  ResourceTypeSchema: () => ResourceTypeSchema,
+  ResourceUpdateBodySchema: () => ResourceUpdateBodySchema,
+  ResourcesListQuerySchema: () => ResourcesListQuerySchema,
+  RoleBulkCreateBodySchema: () => RoleBulkCreateBodySchema,
+  RoleBulkResultSchema: () => RoleBulkResultSchema,
+  RoleCreateBodySchema: () => RoleCreateBodySchema,
+  RoleListSchema: () => RoleListSchema,
+  RoleSchema: () => RoleSchema,
+  RolesListQuerySchema: () => RolesListQuerySchema,
+  TransactionHistoryResponseSchema: () => TransactionHistoryResponseSchema,
+  UsageCheckBodySchema: () => UsageCheckBodySchema,
+  UsageConsumeBodySchema: () => UsageConsumeBodySchema,
+  UsageCreditBodySchema: () => UsageCreditBodySchema,
+  UsageGetBalanceQuerySchema: () => UsageGetBalanceQuerySchema,
+  UsageGetTransactionHistoryQuerySchema: () => UsageGetTransactionHistoryQuerySchema,
+  UsageLimitTypeSchema: () => UsageLimitTypeSchema,
+  UsageWalletResponseSchema: () => UsageWalletResponseSchema,
+  UserCreateBodySchema: () => UserCreateBodySchema,
+  UserListSchema: () => UserListSchema,
+  UserResourceListSchema: () => UserResourceListSchema,
+  UserSchema: () => UserSchema,
+  UserUpdateBodySchema: () => UserUpdateBodySchema,
+  UsersListQuerySchema: () => UsersListQuerySchema
+});
+var import_zod = require("zod");
+var EntitlementTypeSchema = import_zod.z.string();
+var LimitTypeSchema = import_zod.z.string();
+var PlanTypeSchema = import_zod.z.string();
+var ResourceTypeSchema = import_zod.z.string();
+var UsageLimitTypeSchema = import_zod.z.string();
+var BalanceResponseSchema = import_zod.z.object({ balance: import_zod.z.number() });
+var CheckLimitResponseSchema = import_zod.z.object({
+  allowed: import_zod.z.boolean(),
+  current: import_zod.z.number(),
+  remaining: import_zod.z.number().optional(),
+  requested: import_zod.z.number()
+});
+var EntitlementCheckBodySchema = import_zod.z.object({
+  amount: import_zod.z.number().int().optional(),
+  entitlement: EntitlementTypeSchema,
+  resourceId: import_zod.z.string(),
+  userId: import_zod.z.string()
+});
+var EntitlementCheckResultSchema = import_zod.z.object({
+  allowed: import_zod.z.boolean(),
+  limit: import_zod.z.object({
+    allowed: import_zod.z.boolean(),
+    current: import_zod.z.number().optional(),
+    limit: import_zod.z.number().optional(),
+    plan: import_zod.z.string().nullable().optional(),
+    reason: import_zod.z.string().optional(),
+    remaining: import_zod.z.number().optional(),
+    scope: import_zod.z.string().optional()
+  }).nullable().optional(),
+  plans: import_zod.z.object({
+    allowed: import_zod.z.boolean(),
+    allowedPlans: import_zod.z.array(import_zod.z.string()).optional(),
+    plan: import_zod.z.string().nullable().optional(),
+    reason: import_zod.z.string().optional()
+  }).nullable().optional(),
+  roles: import_zod.z.object({
+    allowed: import_zod.z.boolean(),
+    allowedRoles: import_zod.z.array(import_zod.z.string()).optional(),
+    reason: import_zod.z.string().optional(),
+    userRoles: import_zod.z.array(import_zod.z.string()).optional()
+  }).nullable().optional()
+});
+var EntitlementsListResultSchema = import_zod.z.object({
+  results: import_zod.z.array(
+    import_zod.z.object({
+      entitlements: import_zod.z.array(
+        import_zod.z.object({
+          allowed: import_zod.z.boolean(),
+          allowedByPlan: import_zod.z.boolean(),
+          allowedByRole: import_zod.z.boolean(),
+          allowedPlans: import_zod.z.array(import_zod.z.string()).optional(),
+          allowedRoles: import_zod.z.array(import_zod.z.string()),
+          currentPlan: import_zod.z.string().optional(),
+          currentRole: import_zod.z.string().optional(),
+          entitlement: EntitlementTypeSchema
+        })
+      ),
+      resourceId: import_zod.z.string(),
+      resourceType: ResourceTypeSchema
+    })
+  )
+});
+var PlanAssignBodySchema = import_zod.z.object({ planKey: PlanTypeSchema });
+var PlanDeleteResponseSchema = import_zod.z.object({ success: import_zod.z.boolean() });
+var PlanResponseSchema = import_zod.z.object({
+  createdAt: import_zod.z.string().datetime(),
+  environmentId: import_zod.z.string(),
+  planKey: PlanTypeSchema,
+  resourceId: import_zod.z.string(),
+  resourceType: ResourceTypeSchema,
+  updatedAt: import_zod.z.string().datetime()
+});
+var ResourceSchema = import_zod.z.object({
+  createdAt: import_zod.z.string().datetime(),
+  id: import_zod.z.string(),
+  name: import_zod.z.string().nullable(),
+  parents: import_zod.z.array(
+    import_zod.z.object({
+      id: import_zod.z.string(),
+      type: ResourceTypeSchema
+    })
+  ).optional(),
+  type: ResourceTypeSchema
+});
+var ResourceBulkCreateBodySchema = import_zod.z.object({
+  resources: import_zod.z.array(
+    import_zod.z.object({
+      id: import_zod.z.string().optional(),
+      name: import_zod.z.string().optional(),
+      parents: import_zod.z.array(
+        import_zod.z.object({
+          id: import_zod.z.string(),
+          type: ResourceTypeSchema
+        })
+      ).optional(),
+      roles: import_zod.z.array(
+        import_zod.z.object({
+          role: import_zod.z.string(),
+          userId: import_zod.z.string()
+        })
+      ).optional()
+    })
+  )
+});
+var ResourceBulkResultSchema = import_zod.z.object({
+  created: import_zod.z.array(
+    import_zod.z.object({
+      environmentId: import_zod.z.string(),
+      id: import_zod.z.string(),
+      type: ResourceTypeSchema
+    })
+  ),
+  errors: import_zod.z.array(
+    import_zod.z.object({
+      error: import_zod.z.string(),
+      index: import_zod.z.number(),
+      resource: import_zod.z.object({
+        id: import_zod.z.string().optional(),
+        name: import_zod.z.string().optional(),
+        parents: import_zod.z.array(
+          import_zod.z.object({
+            id: import_zod.z.string(),
+            type: ResourceTypeSchema
+          })
+        ).optional(),
+        roles: import_zod.z.array(
+          import_zod.z.object({
+            role: import_zod.z.string(),
+            userId: import_zod.z.string()
+          })
+        ).optional()
+      })
+    })
+  ),
+  success: import_zod.z.boolean(),
+  summary: import_zod.z.object({
+    failed: import_zod.z.number(),
+    successful: import_zod.z.number(),
+    total: import_zod.z.number()
+  })
+});
+var ResourceCreateBodySchema = import_zod.z.object({
+  id: import_zod.z.string().optional(),
+  name: import_zod.z.string().optional(),
+  parents: import_zod.z.array(
+    import_zod.z.object({
+      id: import_zod.z.string(),
+      type: ResourceTypeSchema
+    })
+  ).optional(),
+  roles: import_zod.z.array(
+    import_zod.z.object({
+      role: import_zod.z.string(),
+      userId: import_zod.z.string()
+    })
+  ).optional()
+});
+var ResourceListSchema = import_zod.z.object({
+  items: import_zod.z.array(
+    import_zod.z.object({
+      createdAt: import_zod.z.string().datetime(),
+      id: import_zod.z.string(),
+      name: import_zod.z.string().nullable(),
+      parents: import_zod.z.array(
+        import_zod.z.object({
+          id: import_zod.z.string(),
+          type: ResourceTypeSchema
+        })
+      ).optional(),
+      type: ResourceTypeSchema
+    })
+  ),
+  limit: import_zod.z.number(),
+  page: import_zod.z.number(),
+  total: import_zod.z.number()
+});
+var ResourceMemberListSchema = import_zod.z.object({
+  items: import_zod.z.array(
+    import_zod.z.object({
+      inherited: import_zod.z.boolean(),
+      role: import_zod.z.string(),
+      user: import_zod.z.object({
+        avatarUrl: import_zod.z.string().nullable(),
+        createdAt: import_zod.z.string().datetime(),
+        email: import_zod.z.string().email(),
+        emailVerified: import_zod.z.boolean(),
+        firstName: import_zod.z.string().nullable(),
+        id: import_zod.z.string(),
+        lastLoginAt: import_zod.z.string().datetime().nullable(),
+        lastName: import_zod.z.string().nullable(),
+        lookupKey: import_zod.z.string().nullable(),
+        updatedAt: import_zod.z.string().datetime()
+      }),
+      userId: import_zod.z.string()
+    })
+  ),
+  limit: import_zod.z.number(),
+  page: import_zod.z.number(),
+  total: import_zod.z.number()
+});
+var ResourceUpdateBodySchema = import_zod.z.object({
+  name: import_zod.z.string().optional(),
+  /** Creates relationships with other resources. Parent resources must already exist. */
+  parents: import_zod.z.array(
+    import_zod.z.object({
+      id: import_zod.z.string(),
+      type: ResourceTypeSchema
+    })
+  ).optional()
+});
+var RoleSchema = import_zod.z.object({
+  createdAt: import_zod.z.string(),
+  environmentId: import_zod.z.string(),
+  resourceId: import_zod.z.string(),
+  resourceType: ResourceTypeSchema,
+  role: import_zod.z.string(),
+  userId: import_zod.z.string()
+});
+var RoleBulkCreateBodySchema = import_zod.z.object({
+  roles: import_zod.z.array(
+    import_zod.z.object({
+      resourceId: import_zod.z.string(),
+      resourceType: ResourceTypeSchema,
+      role: import_zod.z.string(),
+      userId: import_zod.z.string()
+    })
+  )
+});
+var RoleBulkResultSchema = import_zod.z.object({
+  created: import_zod.z.array(
+    import_zod.z.object({
+      createdAt: import_zod.z.string(),
+      environmentId: import_zod.z.string(),
+      resourceId: import_zod.z.string(),
+      resourceType: ResourceTypeSchema,
+      role: import_zod.z.string(),
+      userId: import_zod.z.string()
+    })
+  ),
+  errors: import_zod.z.array(
+    import_zod.z.object({
+      error: import_zod.z.string(),
+      index: import_zod.z.number(),
+      role: import_zod.z.object({
+        resourceId: import_zod.z.string(),
+        resourceType: ResourceTypeSchema,
+        role: import_zod.z.string(),
+        userId: import_zod.z.string()
+      })
+    })
+  ),
+  success: import_zod.z.boolean(),
+  summary: import_zod.z.object({
+    failed: import_zod.z.number(),
+    successful: import_zod.z.number(),
+    total: import_zod.z.number()
+  })
+});
+var RoleCreateBodySchema = import_zod.z.object({
+  resourceId: import_zod.z.string(),
+  resourceType: ResourceTypeSchema,
+  role: import_zod.z.string()
+});
+var RoleListSchema = import_zod.z.object({
+  limit: import_zod.z.number(),
+  page: import_zod.z.number(),
+  roles: import_zod.z.array(
+    import_zod.z.object({
+      createdAt: import_zod.z.string(),
+      environmentId: import_zod.z.string(),
+      resourceId: import_zod.z.string(),
+      resourceType: ResourceTypeSchema,
+      role: import_zod.z.string(),
+      userId: import_zod.z.string()
+    })
+  ),
+  total: import_zod.z.number()
+});
+var TransactionHistoryResponseSchema = import_zod.z.object({
+  items: import_zod.z.array(
+    import_zod.z.object({
+      amount: import_zod.z.number().int(),
+      createdAt: import_zod.z.string().datetime(),
+      environmentId: import_zod.z.string(),
+      id: import_zod.z.string(),
+      limitType: LimitTypeSchema,
+      resourceId: import_zod.z.string(),
+      resourceType: ResourceTypeSchema,
+      tags: import_zod.z.record(import_zod.z.string(), import_zod.z.unknown()).nullable()
+    })
+  )
+});
+var UsageCheckBodySchema = import_zod.z.object({
+  amount: import_zod.z.number().int(),
+  limitType: UsageLimitTypeSchema,
+  period: import_zod.z.enum(["monthly", "yearly", "lifetime"]),
+  resourceId: import_zod.z.string(),
+  resourceType: ResourceTypeSchema
+});
+var UsageConsumeBodySchema = import_zod.z.object({
+  amount: import_zod.z.number().int(),
+  limitType: UsageLimitTypeSchema,
+  resourceId: import_zod.z.string(),
+  resourceType: ResourceTypeSchema,
+  tags: import_zod.z.record(import_zod.z.string(), import_zod.z.unknown()).optional()
+});
+var UsageCreditBodySchema = import_zod.z.object({
+  amount: import_zod.z.number().int(),
+  limitType: UsageLimitTypeSchema,
+  resourceId: import_zod.z.string(),
+  resourceType: ResourceTypeSchema,
+  tags: import_zod.z.record(import_zod.z.string(), import_zod.z.unknown()).optional()
+});
+var UsageWalletResponseSchema = import_zod.z.object({
+  amount: import_zod.z.number().int(),
+  createdAt: import_zod.z.string().datetime(),
+  environmentId: import_zod.z.string(),
+  id: import_zod.z.string(),
+  limitType: UsageLimitTypeSchema,
+  resourceId: import_zod.z.string(),
+  resourceType: ResourceTypeSchema,
+  tags: import_zod.z.record(import_zod.z.string(), import_zod.z.unknown()).nullable()
+});
+var UserSchema = import_zod.z.object({
+  avatarUrl: import_zod.z.string().nullable(),
+  createdAt: import_zod.z.string().datetime(),
+  email: import_zod.z.string().email(),
+  emailVerified: import_zod.z.boolean(),
+  firstName: import_zod.z.string().nullable(),
+  id: import_zod.z.string(),
+  lastLoginAt: import_zod.z.string().datetime().nullable(),
+  lastName: import_zod.z.string().nullable(),
+  lookupKey: import_zod.z.string().nullable(),
+  updatedAt: import_zod.z.string().datetime()
+});
+var UserCreateBodySchema = import_zod.z.object({
+  avatarUrl: import_zod.z.string().url().optional(),
+  email: import_zod.z.string().email(),
+  firstName: import_zod.z.string().nullable().optional(),
+  lastName: import_zod.z.string().nullable().optional(),
+  lookupKey: import_zod.z.string(),
+  newUser: import_zod.z.boolean().nullable().optional(),
+  password: import_zod.z.string().nullable().optional()
+});
+var UserListSchema = import_zod.z.object({
+  items: import_zod.z.array(
+    import_zod.z.object({
+      avatarUrl: import_zod.z.string().nullable(),
+      createdAt: import_zod.z.string().datetime(),
+      email: import_zod.z.string().email(),
+      emailVerified: import_zod.z.boolean(),
+      firstName: import_zod.z.string().nullable(),
+      id: import_zod.z.string(),
+      lastLoginAt: import_zod.z.string().datetime().nullable(),
+      lastName: import_zod.z.string().nullable(),
+      lookupKey: import_zod.z.string().nullable(),
+      updatedAt: import_zod.z.string().datetime()
+    })
+  ),
+  limit: import_zod.z.number(),
+  page: import_zod.z.number(),
+  total: import_zod.z.number()
+});
+var UserResourceListSchema = import_zod.z.array(
+  import_zod.z.object({
+    inherited: import_zod.z.boolean(),
+    resource: import_zod.z.object({
+      id: import_zod.z.string(),
+      name: import_zod.z.string(),
+      parents: import_zod.z.array(
+        import_zod.z.object({
+          id: import_zod.z.string(),
+          type: ResourceTypeSchema
+        })
+      ),
+      type: ResourceTypeSchema
+    }).catchall(import_zod.z.unknown()),
+    role: import_zod.z.string()
+  })
+);
+var UserUpdateBodySchema = import_zod.z.object({
+  avatarUrl: import_zod.z.string().url().nullable().optional(),
+  email: import_zod.z.string().email().optional(),
+  firstName: import_zod.z.string().nullable().optional(),
+  lastName: import_zod.z.string().nullable().optional(),
+  lookupKey: import_zod.z.string().optional(),
+  password: import_zod.z.string().optional()
+});
+var EntitlementsListForResourceQuerySchema = import_zod.z.object({
+  /** The unique identifier of the user */
+  userId: import_zod.z.string()
+});
+var EntitlementsListForTenantQuerySchema = import_zod.z.object({
+  /** The unique identifier of the user */
+  userId: import_zod.z.string()
+});
+var ResourceMembersListQuerySchema = import_zod.z.object({
+  /** Number of items per page (minimum: 1, maximum: 100) */
+  limit: import_zod.z.number().optional(),
+  /** Page number for pagination */
+  page: import_zod.z.number().optional(),
+  /** Search query to filter members by email or name */
+  search: import_zod.z.string().optional()
+});
+var ResourcesListQuerySchema = import_zod.z.object({
+  /** Number of items per page (minimum: 1, maximum: 100) */
+  limit: import_zod.z.number().optional(),
+  /** Page number for pagination */
+  page: import_zod.z.number().optional(),
+  /** Search query to filter resources by name */
+  search: import_zod.z.string().optional()
+});
+var RolesListQuerySchema = import_zod.z.object({
+  /** Number of items per page (minimum: 1, maximum: 100) */
+  limit: import_zod.z.number().optional(),
+  /** Page number for pagination */
+  page: import_zod.z.number().optional(),
+  /** Filter roles by specific resource ID */
+  resourceId: import_zod.z.string().optional(),
+  /** Filter roles by resource type */
+  resourceType: ResourceTypeSchema.optional(),
+  /** Filter by role name */
+  role: import_zod.z.string().optional()
+});
+var UsageGetBalanceQuerySchema = import_zod.z.object({
+  /** Time period for the balance calculation */
+  period: import_zod.z.enum([
+    "monthly",
+    "yearly",
+    "lifetime"
+  ])
+});
+var UsageGetTransactionHistoryQuerySchema = import_zod.z.object({
+  /** End date for filtering transactions (ISO 8601 format) */
+  endDate: import_zod.z.string().optional(),
+  /** Time period for filtering transactions */
+  period: import_zod.z.enum(["monthly", "yearly", "lifetime"]).optional(),
+  /** Start date for filtering transactions (ISO 8601 format) */
+  startDate: import_zod.z.string().optional()
+});
+var UsersListQuerySchema = import_zod.z.object({
+  /** Number of items per page (minimum: 1, maximum: 100) */
+  limit: import_zod.z.number().optional(),
+  /** Page number for pagination */
+  page: import_zod.z.number().optional(),
+  /** Search query to filter users by email, name, or lookup key */
+  search: import_zod.z.string().optional()
+});
+
+// src/index.ts
+var Blimu = class {
+  constructor(options) {
+    const core = new CoreClient(options);
+    this.bulkResources = new BulkResourcesService(core);
+    this.bulkRoles = new BulkRolesService(core);
+    this.entitlements = new EntitlementsService(core);
+    this.plans = new PlansService(core);
+    this.resourceMembers = new ResourceMembersService(core);
+    this.resources = new ResourcesService(core);
+    this.roles = new RolesService(core);
+    this.usage = new UsageService(core);
+    this.users = new UsersService(core);
+  }
+};
+var BlimuError = import_fetch.FetchError;
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  Blimu,
+  BlimuError,
+  BulkResourcesService,
+  BulkRolesService,
+  CoreClient,
+  EntitlementsService,
+  FetchError,
+  PlansService,
+  ResourceMembersService,
+  ResourcesService,
+  RolesService,
+  Schema,
+  UsageService,
+  UsersService,
+  ZodSchema,
+  listAll,
+  paginate,
+  parseNDJSONStream,
+  parseSSEStream,
+  ...require("@blimu/fetch")
+});
 //# sourceMappingURL=index.js.map