@camstack/core 0.1.33 → 0.1.34

package/dist/index.mjs

@@ -31,7 +31,7 @@ import { promisify } from "node:util";
 import { errMsg, parseJsonObject } from "@camstack/types";
 import * as vm from "node:vm";
 import * as os from "node:os";
-//#region ../types/dist/index-DVKPWMwv.mjs
+//#region ../types/dist/index-BKnvgAep.mjs
 var MODEL_FORMATS = [
 	"onnx",
 	"coreml",
@@ -2372,7 +2372,8 @@ var CollectionColumnSchema = z.object({
 		"TEXT",
 		"INTEGER",
 		"REAL",
-		"JSON"
+		"JSON",
+		"BOOLEAN"
 	]),
 	primaryKey: z.boolean().optional(),
 	notNull: z.boolean().optional(),
@@ -2445,6 +2446,233 @@ method(LogEntrySchema, z.void(), { kind: "mutation" }), method(z.object({
 	tags: z.record(z.string(), z.string()).optional()
 }), z.array(LogEntrySchema).readonly());
 method(z.void(), z.string()), method(z.void(), z.string());
+var SsoBridgeClaimsSchema = z.object({
+	userId: z.string(),
+	username: z.string(),
+	isAdmin: z.boolean(),
+	provider: z.string(),
+	email: z.string().optional(),
+	displayName: z.string().optional()
+});
+method(z.object({
+	claims: SsoBridgeClaimsSchema,
+	ttlSec: z.number().int().positive().optional()
+}), z.object({ token: z.string() })), method(z.object({ token: z.string() }), SsoBridgeClaimsSchema.nullable());
+var PasskeySummarySchema = z.object({
+	credentialId: z.string(),
+	label: z.string(),
+	createdAt: z.number(),
+	lastUsedAt: z.number().nullable(),
+	transports: z.array(z.string()).default([])
+});
+method(z.object({
+	userId: z.string(),
+	username: z.string()
+}), z.object({ optionsJSON: z.record(z.string(), z.unknown()) }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(z.object({
+	userId: z.string(),
+	/** RegistrationResponseJSON from the browser. */
+	response: z.record(z.string(), z.unknown()),
+	/** Operator-visible label (e.g. "MacBook Touch ID"). */
+	label: z.string()
+}), z.object({
+	success: z.literal(true),
+	credentialId: z.string()
+}), {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(z.object({ userId: z.string().optional() }), z.object({ optionsJSON: z.record(z.string(), z.unknown()) }), {
+	kind: "mutation",
+	access: "view"
+}), method(z.object({
+	/** Required — the user the assertion belongs to (verified). */
+	userId: z.string(),
+	/** AuthenticationResponseJSON from the browser. */
+	response: z.record(z.string(), z.unknown())
+}), z.object({ verified: z.boolean() }), {
+	kind: "mutation",
+	access: "view"
+}), method(z.object({ userId: z.string() }), z.array(PasskeySummarySchema), { auth: "admin" }), method(z.object({
+	userId: z.string(),
+	credentialId: z.string()
+}), z.object({ success: z.literal(true) }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "delete"
+});
+var EmailAddressSchema = z.string().email();
+var SendEmailInputSchema = z.object({
+	to: z.union([EmailAddressSchema, z.array(EmailAddressSchema).min(1)]),
+	cc: z.array(EmailAddressSchema).optional(),
+	bcc: z.array(EmailAddressSchema).optional(),
+	/** RFC 5322 `From` field. Most relays will reject if the domain
+	*  isn't authorised — the addon is responsible for substituting a
+	*  sane default when omitted. */
+	from: z.string().optional(),
+	/** Optional `Reply-To` override. */
+	replyTo: z.string().optional(),
+	subject: z.string(),
+	/** Plain-text body. Required even when `html` is present (fallback
+	*  for clients that strip HTML — including most spam filters). */
+	text: z.string(),
+	/** Optional HTML body. Renders alongside `text` as multi-part. */
+	html: z.string().optional()
+});
+var SendEmailResultSchema = z.object({
+	messageId: z.string(),
+	accepted: z.array(EmailAddressSchema).default([]),
+	rejected: z.array(EmailAddressSchema).default([])
+});
+var SmtpStatusSchema = z.object({
+	/** True iff the addon has successfully verified the relay. */
+	ready: z.boolean(),
+	/** Operator-visible host string (no credentials). */
+	host: z.string(),
+	/** Last error message reported by the relay, when not ready. */
+	error: z.string().optional(),
+	/** Last successful verify timestamp (unix ms). */
+	lastVerifiedAt: z.number().optional()
+});
+method(SendEmailInputSchema, SendEmailResultSchema, {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(z.void(), SmtpStatusSchema, {
+	kind: "mutation",
+	auth: "admin",
+	access: "view"
+}), method(z.void(), SmtpStatusSchema, { auth: "admin" });
+var QosSchema = z.union([
+	z.literal(0),
+	z.literal(1),
+	z.literal(2)
+]);
+var PublishInputSchema = z.object({
+	topic: z.string(),
+	/** UTF-8 payload. Binary payloads must be base64-encoded by the caller. */
+	payload: z.string(),
+	qos: QosSchema.default(0),
+	retain: z.boolean().default(false)
+});
+var SubscribeInputSchema = z.object({
+	/** MQTT topic filter (supports `+` single-level and `#` multi-level wildcards). */
+	topic: z.string(),
+	qos: QosSchema.default(0),
+	/**
+	* Caller-supplied owner tag. Useful for debugging + the
+	* `listSubscriptions` admin view ("which consumer owns this?").
+	* When omitted, the addon synthesizes one from the caller's addon id.
+	*/
+	owner: z.string().optional()
+});
+var SubscribeResultSchema = z.object({
+	success: z.literal(true),
+	/** Server-generated subscription id. Pass to `unsubscribe` to release. */
+	subscriptionId: z.string()
+});
+var UnsubscribeInputSchema = z.object({ 
+/** Subscription id from `subscribe`. */
+subscriptionId: z.string() });
+var MqttStatusSchema = z.object({
+	/** True iff the addon has an active connection to the broker. */
+	connected: z.boolean(),
+	/** Operator-visible host string (e.g. `mqtt://broker.example:1883`). */
+	brokerUrl: z.string(),
+	/** Active subscription count (per-owner, NOT broker-side topic count). */
+	subscriptionCount: z.number().int(),
+	/** Last error reported by the broker. */
+	error: z.string().optional(),
+	/** Last successful connection timestamp (unix ms). */
+	connectedAt: z.number().optional()
+});
+var SubscriptionInfoSchema = z.object({
+	subscriptionId: z.string(),
+	topic: z.string(),
+	qos: QosSchema,
+	owner: z.string(),
+	/** When this individual subscription was created. */
+	createdAt: z.number()
+});
+method(PublishInputSchema, z.object({ success: z.literal(true) }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(SubscribeInputSchema, SubscribeResultSchema, {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(UnsubscribeInputSchema, z.object({ success: z.literal(true) }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "delete"
+}), method(z.void(), z.array(SubscriptionInfoSchema), { auth: "admin" }), method(z.void(), MqttStatusSchema, { auth: "admin" });
+var HaServiceCallSchema = z.object({
+	/** HA domain (e.g. `light`, `switch`, `notify`). */
+	domain: z.string(),
+	/** HA service (e.g. `turn_on`, `toggle`). */
+	service: z.string(),
+	/** Service-specific data payload (e.g. `{entity_id: 'light.kitchen', brightness: 200}`). */
+	serviceData: z.record(z.string(), z.unknown()).optional(),
+	/** Optional target spec (entity_id / device_id / area_id). */
+	target: z.record(z.string(), z.unknown()).optional()
+});
+var HaStateSchema = z.object({
+	entity_id: z.string(),
+	state: z.string(),
+	attributes: z.record(z.string(), z.unknown()).default({}),
+	last_changed: z.string().optional(),
+	last_updated: z.string().optional()
+});
+var HaStatusSchema = z.object({
+	connected: z.boolean(),
+	host: z.string(),
+	/** Active per-owner subscription count. */
+	subscriptionCount: z.number().int(),
+	/** Last error reported by the WebSocket. */
+	error: z.string().optional(),
+	/** HA version reported during the auth handshake, when reachable. */
+	haVersion: z.string().optional(),
+	connectedAt: z.number().optional()
+});
+var HaSubscribeInputSchema = z.object({
+	/**
+	* Specific HA event type to subscribe to (`state_changed`,
+	* `service_called`, etc.). Empty string = all events (firehose —
+	* only for debugging).
+	*/
+	eventType: z.string().optional(),
+	/** Caller-supplied tag for listSubscriptions debugging. */
+	owner: z.string().optional()
+});
+var HaSubscribeResultSchema = z.object({
+	success: z.literal(true),
+	subscriptionId: z.string()
+});
+var HaUnsubscribeInputSchema = z.object({ subscriptionId: z.string() });
+var HaSubscriptionInfoSchema = z.object({
+	subscriptionId: z.string(),
+	/** Empty string when subscribed to ALL events. */
+	eventType: z.string(),
+	owner: z.string(),
+	createdAt: z.number()
+});
+method(HaSubscribeInputSchema, HaSubscribeResultSchema, {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(HaUnsubscribeInputSchema, z.object({ success: z.literal(true) }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "delete"
+}), method(HaServiceCallSchema, z.object({ result: z.unknown() }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(z.void(), z.array(HaStateSchema).readonly(), { auth: "admin" }), method(z.object({ entityId: z.string() }), HaStateSchema.nullable(), { auth: "admin" }), method(z.void(), z.array(HaSubscriptionInfoSchema).readonly(), { auth: "admin" }), method(z.void(), HaStatusSchema, { auth: "admin" });
 var AddonPageDeclarationSchema$1 = z.object({
 	id: z.string(),
 	label: z.string(),
@@ -2548,9 +2776,41 @@ var AddonHttpRouteSchema = z.object({
 		"DELETE",
 		"PATCH"
 	]),
-	path: z.string()
+	path: z.string(),
+	access: z.enum([
+		"public",
+		"authenticated",
+		"admin"
+	]).optional(),
+	description: z.string().optional()
 });
-method(z.void(), z.array(AddonHttpRouteSchema));
+var InvokeRequestSchema = z.object({
+	method: z.string(),
+	path: z.string(),
+	params: z.record(z.string(), z.string()),
+	query: z.record(z.string(), z.string()),
+	body: z.unknown(),
+	headers: z.record(z.string(), z.string()),
+	user: z.object({
+		id: z.string(),
+		username: z.string(),
+		isAdmin: z.boolean()
+	}).optional(),
+	scopedToken: z.unknown().optional()
+});
+var InvokeReplyEnvelopeSchema = z.object({
+	status: z.number().int(),
+	headers: z.record(z.string(), z.string()),
+	/** When set, the hub MUST `reply.redirect(redirectUrl)` instead of
+	*  sending `body`. Status defaults to 302 when this is set unless
+	*  the handler called `reply.code(...)` explicitly. */
+	redirectUrl: z.string().nullable(),
+	/** JSON-serializable body. `undefined` is treated as "no body". */
+	body: z.unknown().optional(),
+	/** Set when the handler called `reply.type(mime)`. */
+	contentType: z.string().optional()
+});
+method(z.void(), z.array(AddonHttpRouteSchema)), method(InvokeRequestSchema, InvokeReplyEnvelopeSchema, { kind: "mutation" });
 method(z.object({ codec: z.string() }), z.boolean()), method(z.void(), z.object({
 	id: z.string(),
 	name: z.string(),
@@ -3292,7 +3552,14 @@ var AuthResultSchema = z.object({
 	username: z.string(),
 	email: z.string().optional(),
 	displayName: z.string().optional(),
-	roles: z.array(z.string()).optional()
+	/**
+	* Whether the authenticating user is an admin. The auth-provider
+	* surface returns this so the server's login flow can mint a JWT
+	* with the correct bypass flag. Non-admin users authenticated via
+	* an external IdP still need their scopes assigned by an admin via
+	* `setUserScopes` — the SSO flow doesn't carry permissions.
+	*/
+	isAdmin: z.boolean().default(false)
 });
 method(z.object({
 	username: z.string(),
@@ -3301,6 +3568,14 @@ method(z.object({
 var AuthProviderInfoSchema = z.object({
 	/** Stable id matching the addon id (used for `getLoginUrl({addonId,…})`). */
 	addonId: z.string(),
+	/**
+	* Per-instance id when one addon registers multiple "logical"
+	* providers (e.g. OIDC with Google + Microsoft + custom). The login
+	* URL becomes `/addon/${addonId}/${instanceId}/start` — handler reads
+	* `:instanceId` from the route. Empty/unset means the addon is a
+	* single-instance provider; the URL is `/addon/${addonId}/start`.
+	*/
+	instanceId: z.string().optional(),
 	/** Display label shown on the login button + admin row. */
 	displayName: z.string(),
 	/** Optional iconography hint (lucide-react icon name OR emoji). */
@@ -3311,6 +3586,8 @@ var AuthProviderInfoSchema = z.object({
 	/** When true, the provider exposes a credential-form login flow
 	*  (`validateCredentials` accepts username + password). */
 	hasCredentialFlow: z.boolean(),
+	/** Provider kind, drives admin-UI hint dispatch (oidc / saml / totp / …). */
+	kind: z.string().optional(),
 	/** Operator-facing status string (e.g. "Connected to https://login.acme.com"). */
 	status: z.string().optional(),
 	/** When false, the provider is registered but disabled by config; the
@@ -4461,7 +4738,20 @@ method(z.void(), MeshStatusSchema), method(z.object({
 	authKey: z.string().min(8),
 	/** Optional hostname override the host should advertise. */
 	hostname: z.string().optional()
-}), z.object({ joined: z.literal(true) }), { kind: "mutation" }), method(z.void(), z.object({ left: z.literal(true) }), { kind: "mutation" }), method(z.void(), z.object({ peers: z.array(MeshPeerSchema).readonly() })), method(PublicIngressConfigSchema, z.object({ success: z.literal(true) }), { kind: "mutation" }), method(MeshIngressConfigSchema, z.object({ success: z.literal(true) }), { kind: "mutation" });
+}), z.object({ joined: z.literal(true) }), { kind: "mutation" }), method(z.void(), z.object({ left: z.literal(true) }), { kind: "mutation" }), method(z.void(), z.object({ peers: z.array(MeshPeerSchema).readonly() })), method(PublicIngressConfigSchema, z.object({ success: z.literal(true) }), { kind: "mutation" }), method(MeshIngressConfigSchema, z.object({ success: z.literal(true) }), { kind: "mutation" }), method(z.object({ 
+/** Optional auth key — when provided, probes the key validity
+*  against the provider's API. Omit when already joined to
+*  just ping the daemon. */
+authKey: z.string().optional() }), z.object({
+	ok: z.boolean(),
+	/** Provider-side identifier resolved by the probe (tailnet
+	*  name for Tailscale, network id for ZeroTier, etc.). */
+	tenant: z.string().optional(),
+	/** Daemon binary version, when reachable. */
+	daemonVersion: z.string().optional(),
+	/** Human-readable error when `ok: false`. */
+	error: z.string().optional()
+}), { kind: "mutation" });
 var MeshEndpointSchema = z.object({
 	id: z.string(),
 	label: z.string(),
@@ -4494,35 +4784,58 @@ method(z.void(), z.array(MeshProviderInfoSchema).readonly()), method(z.object({
 	authKey: z.string().min(8),
 	hostname: z.string().optional()
 }), z.object({ joined: z.literal(true) }), { kind: "mutation" }), method(z.object({ addonId: z.string() }), z.object({ success: z.literal(true) }), { kind: "mutation" });
-var UserRoleSchema = z.enum([
-	"admin",
-	"viewer",
-	"agent",
-	"scoped"
-]);
-var AllowedProviderSchema = z.union([z.literal("*"), z.array(z.string())]);
-var AllowedDevicesSchema = z.record(z.string(), z.union([z.literal("*"), z.array(z.string())]));
 var MethodAccessSchema = z.enum([
 	"view",
 	"create",
 	"delete"
 ]);
-var TokenScopeSchema = z.object({
-	type: z.enum(["addon", "capability"]),
-	target: z.string(),
-	access: z.array(MethodAccessSchema).min(1)
-});
+var AllowedProviderSchema = z.union([z.literal("*"), z.array(z.string())]);
+var AllowedDevicesSchema = z.record(z.string(), z.union([z.literal("*"), z.array(z.string())]));
+var CapScopeSchema = z.enum(["device", "system"]);
+var TokenScopeSchema = z.discriminatedUnion("type", [
+	z.object({
+		type: z.literal("category"),
+		target: CapScopeSchema,
+		access: z.array(MethodAccessSchema).min(1)
+	}),
+	z.object({
+		type: z.literal("capability"),
+		target: z.string(),
+		access: z.array(MethodAccessSchema).min(1)
+	}),
+	z.object({
+		type: z.literal("addon"),
+		target: z.string(),
+		access: z.array(MethodAccessSchema).min(1)
+	}),
+	z.object({
+		type: z.literal("device"),
+		/**
+		* One or more deviceIds (serialised as strings for wire-format
+		* consistency with the rest of the union). Matcher accepts if
+		* `input.deviceId` ∈ `targets`. Array shape avoids the row-explosion
+		* of one scope-per-device when granting access to a set of cameras.
+		*/
+		targets: z.array(z.string()).min(1),
+		access: z.array(MethodAccessSchema).min(1)
+	})
+]);
 z.object({
 	id: z.string(),
 	username: z.string(),
 	passwordHash: z.string(),
-	role: UserRoleSchema,
+	/**
+	* Admin bypass. When true, the middleware skips the scope-access
+	* check entirely. There is no other axis of privilege; the legacy
+	* role enum collapsed onto this boolean in v2.
+	*/
+	isAdmin: z.boolean().default(false),
 	allowedProviders: AllowedProviderSchema,
 	allowedDevices: AllowedDevicesSchema,
 	/**
-	* Scopes granted to this user. Admins bypass; their `scopes` is ignored.
-	* Non-admins (`viewer`, `agent`, `scoped`) without scopes are locked out
-	* of every protected call.
+	* Scopes granted to this user. Admins bypass; their `scopes` is
+	* ignored. Non-admins without scopes are locked out of every
+	* protected call.
 	*/
 	scopes: z.array(TokenScopeSchema).default([]),
 	createdAt: z.number(),
@@ -4531,7 +4844,7 @@ z.object({
 z.object({
 	id: z.string(),
 	label: z.string(),
-	role: UserRoleSchema,
+	isAdmin: z.boolean().default(false),
 	allowedProviders: AllowedProviderSchema,
 	allowedDevices: AllowedDevicesSchema,
 	tokenHash: z.string(),
@@ -4553,7 +4866,7 @@ z.object({
 var UserSummarySchema = z.object({
 	id: z.string(),
 	username: z.string(),
-	role: UserRoleSchema,
+	isAdmin: z.boolean().default(false),
 	allowedProviders: z.union([z.array(z.string()), z.literal("*")]),
 	allowedDevices: z.record(z.string(), z.union([z.array(z.string()), z.literal("*")])),
 	scopes: z.array(TokenScopeSchema).default([]),
@@ -4563,14 +4876,14 @@ var UserSummarySchema = z.object({
 var CreateUserInputSchema = z.object({
 	username: z.string(),
 	password: z.string().min(6),
-	role: UserRoleSchema,
+	isAdmin: z.boolean().default(false),
 	allowedProviders: z.union([z.array(z.string()), z.literal("*")]).optional(),
 	allowedDevices: z.record(z.string(), z.union([z.array(z.string()), z.literal("*")])).optional(),
 	scopes: z.array(TokenScopeSchema).optional()
 });
 var UpdateUserInputSchema = z.object({
 	id: z.string(),
-	role: UserRoleSchema.optional(),
+	isAdmin: z.boolean().optional(),
 	allowedProviders: z.union([z.array(z.string()), z.literal("*")]).optional(),
 	allowedDevices: z.record(z.string(), z.union([z.array(z.string()), z.literal("*")])).optional(),
 	scopes: z.array(TokenScopeSchema).optional()
@@ -4578,7 +4891,7 @@ var UpdateUserInputSchema = z.object({
 var ApiKeySummarySchema = z.object({
 	id: z.string(),
 	label: z.string(),
-	role: UserRoleSchema,
+	isAdmin: z.boolean().default(false),
 	allowedProviders: z.union([z.array(z.string()), z.literal("*")]).optional(),
 	allowedDevices: z.record(z.string(), z.union([z.array(z.string()), z.literal("*")])).optional(),
 	tokenPrefix: z.string(),
@@ -4587,7 +4900,7 @@ var ApiKeySummarySchema = z.object({
 });
 var CreateApiKeyInputSchema = z.object({
 	label: z.string(),
-	role: UserRoleSchema,
+	isAdmin: z.boolean().default(false),
 	allowedProviders: z.union([z.array(z.string()), z.literal("*")]).optional(),
 	allowedDevices: z.record(z.string(), z.union([z.array(z.string()), z.literal("*")])).optional()
 });
@@ -4615,43 +4928,89 @@ var CreateScopedTokenResultSchema = z.object({
 	token: z.string(),
 	record: ScopedTokenSummarySchema
 });
+var TotpSetupResultSchema = z.object({
+	secret: z.string(),
+	otpauthUrl: z.string()
+});
+var TotpStatusSchema = z.object({
+	/** True iff `confirmedAt != null` — a pending half-enrollment is reported as `enabled: false`. */
+	enabled: z.boolean(),
+	/** Null when no row exists OR the row is still pending confirmation. */
+	confirmedAt: z.number().nullable()
+});
 method(z.void(), z.array(UserSummarySchema), { auth: "admin" }), method(CreateUserInputSchema, UserSummarySchema, {
 	kind: "mutation",
-	auth: "admin"
+	auth: "admin",
+	access: "create"
 }), method(UpdateUserInputSchema, z.object({ success: z.literal(true) }), {
 	kind: "mutation",
-	auth: "admin"
+	auth: "admin",
+	access: "create"
 }), method(z.object({ id: z.string() }), z.object({ success: z.literal(true) }), {
 	kind: "mutation",
-	auth: "admin"
+	auth: "admin",
+	access: "delete"
 }), method(z.object({
 	id: z.string(),
 	newPassword: z.string().min(6)
 }), z.object({ success: z.literal(true) }), {
 	kind: "mutation",
-	auth: "admin"
+	auth: "admin",
+	access: "create"
 }), method(z.object({
 	userId: z.string(),
 	scopes: z.array(TokenScopeSchema)
 }), z.object({ success: z.literal(true) }), {
 	kind: "mutation",
-	auth: "admin"
+	auth: "admin",
+	access: "create"
 }), method(z.object({
 	username: z.string(),
 	password: z.string()
-}), UserSummarySchema.extend({ passwordHash: z.string() }).nullable(), { kind: "mutation" }), method(z.void(), z.array(ApiKeySummarySchema), { auth: "admin" }), method(CreateApiKeyInputSchema, CreateApiKeyResultSchema, {
+}), UserSummarySchema.extend({ passwordHash: z.string() }).nullable(), {
 	kind: "mutation",
-	auth: "admin"
+	access: "view"
+}), method(z.void(), z.array(ApiKeySummarySchema), { auth: "admin" }), method(CreateApiKeyInputSchema, CreateApiKeyResultSchema, {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
 }), method(z.object({ id: z.string() }), z.object({ success: z.literal(true) }), {
 	kind: "mutation",
-	auth: "admin"
-}), method(z.object({ token: z.string() }), ApiKeySummarySchema.nullable(), { kind: "mutation" }), method(CreateScopedTokenInputSchema, CreateScopedTokenResultSchema, {
+	auth: "admin",
+	access: "delete"
+}), method(z.object({ token: z.string() }), ApiKeySummarySchema.nullable(), {
 	kind: "mutation",
-	auth: "admin"
+	access: "view"
+}), method(CreateScopedTokenInputSchema, CreateScopedTokenResultSchema, {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
 }), method(z.object({ id: z.string() }), z.object({ success: z.literal(true) }), {
 	kind: "mutation",
-	auth: "admin"
-}), method(z.object({ token: z.string() }), ScopedTokenSummarySchema.nullable()), method(z.object({ userId: z.string() }), z.array(ScopedTokenSummarySchema), { auth: "admin" });
+	auth: "admin",
+	access: "delete"
+}), method(z.object({ token: z.string() }), ScopedTokenSummarySchema.nullable(), { access: "view" }), method(z.object({ userId: z.string() }), z.array(ScopedTokenSummarySchema), { auth: "admin" }), method(z.object({ userId: z.string() }), TotpSetupResultSchema, {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(z.object({
+	userId: z.string(),
+	code: z.string()
+}), z.object({ success: z.literal(true) }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "create"
+}), method(z.object({ userId: z.string() }), z.object({ success: z.literal(true) }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "delete"
+}), method(z.object({ userId: z.string() }), TotpStatusSchema, { auth: "admin" }), method(z.object({
+	userId: z.string(),
+	code: z.string()
+}), z.object({ valid: z.boolean() }), {
+	kind: "mutation",
+	access: "view"
+});
 var FeatureManifestSchema = z.object({
 	streaming: z.boolean(),
 	notifications: z.boolean(),