@camstack/core 0.1.37 → 0.1.39

package/dist/index.js

@@ -37,7 +37,7 @@ let node_vm = require("node:vm");
 node_vm = require_chunk.__toESM(node_vm);
 let node_os = require("node:os");
 node_os = require_chunk.__toESM(node_os);
-//#region ../types/dist/index-Ce7RZWP4.mjs
+//#region ../types/dist/index-CgPd35k5.mjs
 var MODEL_FORMATS = [
 	"onnx",
 	"coreml",
@@ -112,6 +112,12 @@ Object.fromEntries([
 		icon: "video",
 		order: 35
 	},
+	{
+		id: "ptz",
+		label: "PTZ",
+		icon: "move",
+		order: 40
+	},
 	{
 		id: "pipeline",
 		label: "Detection Pipeline",
@@ -238,7 +244,19 @@ var DecoderSessionConfigSchema = zod.z.object({
 	* on every line so `grep tag=broker:5/high` filters one camera
 	* profile cleanly.
 	*/
-	tag: zod.z.string().optional()
+	tag: zod.z.string().optional(),
+	/**
+	* Where the session delivers decoded frames (Phase 5 / D9):
+	*
+	* - `'callback'` (default) — the legacy pixel path: decoded frames are
+	*   buffered as `DecodedFrame`s and drained via `pullFrames`.
+	* - `'shm'` — the shared-memory frame plane: decoded frames are written
+	*   into an OS shared-memory ring and drained as zero-pixel
+	*   `FrameHandle`s via `pullHandles`. A session is one mode or the
+	*   other — `pullFrames` returns nothing for an `'shm'` session and
+	*   `pullHandles` returns nothing for a `'callback'` session.
+	*/
+	frameSink: zod.z.enum(["callback", "shm"]).default("callback")
 });
 function errMsg$2(err) {
 	if (err instanceof Error) return err.message;
@@ -898,6 +916,63 @@ var DecodedFrameSchema = zod.z.object({
 	]),
 	timestamp: zod.z.number()
 });
+var FrameHandleSchema = zod.z.object({
+	shmId: zod.z.string(),
+	slot: zod.z.number().int().nonnegative(),
+	seq: zod.z.number().int().nonnegative(),
+	width: zod.z.number().int().positive(),
+	height: zod.z.number().int().positive(),
+	format: zod.z.enum([
+		"jpeg",
+		"rgb",
+		"bgr",
+		"yuv420",
+		"gray"
+	]),
+	pts: zod.z.number(),
+	byteLength: zod.z.number().int().nonnegative(),
+	nodeId: zod.z.string(),
+	slotCount: zod.z.number().int().positive()
+});
+var FrameHandleFormatSchema = zod.z.enum([
+	"rgb",
+	"bgr",
+	"yuv420",
+	"gray"
+]);
+var SubscribeFramesInputSchema = zod.z.object({
+	brokerId: zod.z.string(),
+	format: FrameHandleFormatSchema,
+	/**
+	* Optional reader-side cadence hint in frames per second. The broker does
+	* NOT throttle — latest-wins ring reads drop frames implicitly for a slow
+	* consumer. The value is echoed back in `SubscribeFramesResult.maxFps` so
+	* the consumer can pace its own `pullFrameHandles` polling.
+	*/
+	maxFps: zod.z.number().positive().optional(),
+	/** Short caller-identity tag (`motion`, `detection`, …) for diagnostics. */
+	tag: zod.z.string().optional()
+});
+var SubscribeFramesResultSchema = zod.z.object({
+	/** Opaque id the consumer passes to `pullFrameHandles` / `unsubscribeFrames`. */
+	subscriptionId: zod.z.string(),
+	/** Reader-side cadence hint (frames/s) — echoes `SubscribeFramesInput.maxFps`. */
+	maxFps: zod.z.number().nonnegative()
+});
+var DecodedAudioChunkSchema = zod.z.object({
+	data: zod.z.instanceof(Uint8Array),
+	sampleRate: zod.z.number().int().positive(),
+	channels: zod.z.number().int().positive(),
+	timestamp: zod.z.number()
+});
+var SubscribeAudioChunksInputSchema = zod.z.object({
+	brokerId: zod.z.string(),
+	/** Short caller-identity tag (`audio-analyzer`, …) for `listClients`. */
+	tag: zod.z.string().optional()
+});
+var SubscribeAudioChunksResultSchema = zod.z.object({ 
+/** Opaque id passed to `pullAudioChunks` / `unsubscribeAudioChunks`. */
+subscriptionId: zod.z.string() });
 var BrokerStatusSchema$1 = zod.z.enum([
 	"idle",
 	"connecting",
@@ -1100,7 +1175,13 @@ method(zod.z.object({
 }), {
 	kind: "mutation",
 	auth: "admin"
-}), method(zod.z.object({ brokerId: zod.z.string() }), zod.z.custom()), method(zod.z.object({
+}), method(SubscribeAudioChunksInputSchema, SubscribeAudioChunksResultSchema, { kind: "mutation" }), method(zod.z.object({
+	subscriptionId: zod.z.string(),
+	maxCount: zod.z.number().int().positive().default(8)
+}), zod.z.array(DecodedAudioChunkSchema).readonly()), method(zod.z.object({ subscriptionId: zod.z.string() }), zod.z.object({ released: zod.z.boolean() }), { kind: "mutation" }), method(SubscribeFramesInputSchema, SubscribeFramesResultSchema, { kind: "mutation" }), method(zod.z.object({
+	subscriptionId: zod.z.string(),
+	maxCount: zod.z.number().int().positive().default(4)
+}), zod.z.array(FrameHandleSchema).readonly()), method(zod.z.object({ subscriptionId: zod.z.string() }), zod.z.object({ released: zod.z.boolean() }), { kind: "mutation" }), method(zod.z.object({
 	brokerId: zod.z.string(),
 	seconds: zod.z.number().min(0).max(30)
 }), zod.z.void(), {
@@ -1793,6 +1874,34 @@ DeviceType.Light, DeviceType.Siren, DeviceType.Switch, method(zod.z.object({
 	enabled: zod.z.boolean(),
 	lastChangedAt: zod.z.number()
 });
+zod.z.object({
+	enabled: zod.z.boolean(),
+	sensitivity: zod.z.number(),
+	/** Row-major active-cell grid. Length = gridWidth*gridHeight (see getOptions). */
+	cells: zod.z.array(zod.z.boolean()),
+	lastFetchedAt: zod.z.number()
+});
+var MotionZoneOptionsSchema = zod.z.object({
+	gridWidth: zod.z.number(),
+	gridHeight: zod.z.number(),
+	sensitivity: zod.z.object({
+		min: zod.z.number(),
+		max: zod.z.number(),
+		step: zod.z.number()
+	})
+});
+var MotionZonePatchSchema = zod.z.object({
+	enabled: zod.z.boolean().optional(),
+	sensitivity: zod.z.number().optional(),
+	cells: zod.z.array(zod.z.boolean()).optional()
+});
+DeviceType.Camera, method(zod.z.object({ deviceId: zod.z.number() }), MotionZoneOptionsSchema), method(zod.z.object({
+	deviceId: zod.z.number(),
+	patch: MotionZonePatchSchema
+}), zod.z.void(), {
+	kind: "mutation",
+	auth: "admin"
+});
 var AutotrackTargetTypeSchema = zod.z.string().describe("Vendor target string (people/vehicle/pet); empty = camera default");
 var PtzAutotrackSettingsSchema = zod.z.object({
 	targetType: AutotrackTargetTypeSchema,
@@ -1835,6 +1944,85 @@ DeviceType.Camera, method(zod.z.object({ deviceId: zod.z.number() }), PtzAutotra
 	deviceId: zod.z.number(),
 	status: PtzAutotrackStatusSchema
 });
+var StreamProfileSchema = zod.z.enum([
+	"main",
+	"sub",
+	"ext"
+]);
+var StreamProfileConfigSchema = zod.z.object({
+	width: zod.z.number(),
+	height: zod.z.number(),
+	codec: zod.z.enum(["h264", "h265"]),
+	framerate: zod.z.number(),
+	bitrate: zod.z.number(),
+	bitrateMode: zod.z.enum(["vbr", "cbr"]).optional(),
+	encoderProfile: zod.z.enum([
+		"high",
+		"main",
+		"baseline"
+	]).optional(),
+	gop: zod.z.number().optional(),
+	audio: zod.z.boolean().optional()
+});
+zod.z.object({
+	/** Per-profile current config. A profile absent = the camera doesn't have it. */
+	main: StreamProfileConfigSchema.optional(),
+	sub: StreamProfileConfigSchema.optional(),
+	ext: StreamProfileConfigSchema.optional(),
+	lastFetchedAt: zod.z.number()
+});
+var StreamProfileOptionsSchema = zod.z.object({
+	resolutions: zod.z.array(zod.z.object({
+		width: zod.z.number(),
+		height: zod.z.number()
+	})),
+	codecs: zod.z.array(zod.z.enum(["h264", "h265"])),
+	framerates: zod.z.array(zod.z.number()),
+	/** Allowed bitrate values (kbps). Empty if the camera takes a free range. */
+	bitrates: zod.z.array(zod.z.number()),
+	/** Optional [min,max] kbps when the camera accepts a continuous range. */
+	bitrateRange: zod.z.tuple([zod.z.number(), zod.z.number()]).optional(),
+	supportsBitrateMode: zod.z.boolean(),
+	supportsEncoderProfile: zod.z.boolean(),
+	supportsGop: zod.z.boolean(),
+	/** Allowed GOP / keyframe-interval range, in seconds — drives the
+	*  I-frame-interval selector. Absent when the camera advertises GOP
+	*  support but no concrete range (callers then fall back to a free
+	*  numeric input). `{ min, max, step }` per the getOptions convention. */
+	gop: zod.z.object({
+		min: zod.z.number(),
+		max: zod.z.number(),
+		step: zod.z.number()
+	}).optional()
+});
+var StreamParamsOptionsSchema = zod.z.object({
+	main: StreamProfileOptionsSchema.optional(),
+	sub: StreamProfileOptionsSchema.optional(),
+	ext: StreamProfileOptionsSchema.optional()
+});
+var StreamProfilePatchSchema = zod.z.object({
+	width: zod.z.number().optional(),
+	height: zod.z.number().optional(),
+	codec: zod.z.enum(["h264", "h265"]).optional(),
+	framerate: zod.z.number().optional(),
+	bitrate: zod.z.number().optional(),
+	bitrateMode: zod.z.enum(["vbr", "cbr"]).optional(),
+	encoderProfile: zod.z.enum([
+		"high",
+		"main",
+		"baseline"
+	]).optional(),
+	gop: zod.z.number().optional(),
+	audio: zod.z.boolean().optional()
+});
+DeviceType.Camera, method(zod.z.object({ deviceId: zod.z.number() }), StreamParamsOptionsSchema), method(zod.z.object({
+	deviceId: zod.z.number(),
+	profile: StreamProfileSchema,
+	patch: StreamProfilePatchSchema
+}), zod.z.void(), {
+	kind: "mutation",
+	auth: "admin"
+}), method(zod.z.object({ deviceId: zod.z.number() }), zod.z.unknown().nullable());
 zod.z.object({
 	on: zod.z.boolean(),
 	/** Ms epoch of the last state change. Useful for UI "X minutes ago". */
@@ -2474,6 +2662,85 @@ method(LogEntrySchema, zod.z.void(), { kind: "mutation" }), method(zod.z.object(
 var StaticDirOutputSchema = zod.z.object({ staticDir: zod.z.string() });
 var VersionOutputSchema = zod.z.object({ version: zod.z.string() });
 method(zod.z.void(), StaticDirOutputSchema), method(zod.z.void(), VersionOutputSchema);
+var MethodAccessSchema = zod.z.enum([
+	"view",
+	"create",
+	"delete"
+]);
+var AllowedProviderSchema = zod.z.union([zod.z.literal("*"), zod.z.array(zod.z.string())]);
+var AllowedDevicesSchema = zod.z.record(zod.z.string(), zod.z.union([zod.z.literal("*"), zod.z.array(zod.z.string())]));
+var CapScopeSchema = zod.z.enum(["device", "system"]);
+var TokenScopeSchema = zod.z.discriminatedUnion("type", [
+	zod.z.object({
+		type: zod.z.literal("category"),
+		target: CapScopeSchema,
+		access: zod.z.array(MethodAccessSchema).min(1)
+	}),
+	zod.z.object({
+		type: zod.z.literal("capability"),
+		target: zod.z.string(),
+		access: zod.z.array(MethodAccessSchema).min(1)
+	}),
+	zod.z.object({
+		type: zod.z.literal("addon"),
+		target: zod.z.string(),
+		access: zod.z.array(MethodAccessSchema).min(1)
+	}),
+	zod.z.object({
+		type: zod.z.literal("device"),
+		/**
+		* One or more deviceIds (serialised as strings for wire-format
+		* consistency with the rest of the union). Matcher accepts if
+		* `input.deviceId` ∈ `targets`. Array shape avoids the row-explosion
+		* of one scope-per-device when granting access to a set of cameras.
+		*/
+		targets: zod.z.array(zod.z.string()).min(1),
+		access: zod.z.array(MethodAccessSchema).min(1)
+	})
+]);
+zod.z.object({
+	id: zod.z.string(),
+	username: zod.z.string(),
+	passwordHash: zod.z.string(),
+	/**
+	* Admin bypass. When true, the middleware skips the scope-access
+	* check entirely. There is no other axis of privilege; the legacy
+	* role enum collapsed onto this boolean in v2.
+	*/
+	isAdmin: zod.z.boolean().default(false),
+	allowedProviders: AllowedProviderSchema,
+	allowedDevices: AllowedDevicesSchema,
+	/**
+	* Scopes granted to this user. Admins bypass; their `scopes` is
+	* ignored. Non-admins without scopes are locked out of every
+	* protected call.
+	*/
+	scopes: zod.z.array(TokenScopeSchema).default([]),
+	createdAt: zod.z.number(),
+	updatedAt: zod.z.number()
+});
+zod.z.object({
+	id: zod.z.string(),
+	label: zod.z.string(),
+	isAdmin: zod.z.boolean().default(false),
+	allowedProviders: AllowedProviderSchema,
+	allowedDevices: AllowedDevicesSchema,
+	tokenHash: zod.z.string(),
+	tokenPrefix: zod.z.string(),
+	createdAt: zod.z.number(),
+	lastUsedAt: zod.z.number().optional()
+});
+zod.z.object({
+	id: zod.z.string(),
+	userId: zod.z.string(),
+	name: zod.z.string(),
+	tokenHash: zod.z.string(),
+	tokenPrefix: zod.z.string(),
+	scopes: zod.z.array(TokenScopeSchema),
+	expiresAt: zod.z.number().nullish(),
+	lastUsedAt: zod.z.number().nullish(),
+	createdAt: zod.z.number()
+});
 var SsoBridgeClaimsSchema = zod.z.object({
 	userId: zod.z.string(),
 	username: zod.z.string(),
@@ -2489,12 +2756,36 @@ var SsoBridgeClaimsSchema = zod.z.object({
 	* JWT WITHOUT verifying the signature — the hub re-verifies on every
 	* inbound call so trust still rests with the signing hub.
 	*/
-	hubUrl: zod.z.string().optional()
+	hubUrl: zod.z.string().optional(),
+	/** Permission scopes baked into the token. Set by the OAuth
+	*  account-linking grant; absent on ordinary SSO-login tokens. */
+	scopes: zod.z.array(TokenScopeSchema).optional(),
+	/** OAuth authorization-code binding — set only on `oauth-code` tokens. */
+	redirectUri: zod.z.string().optional(),
+	integrationId: zod.z.string().optional(),
+	/** JWT ID — unique per issued code; consumed-set enforces single-use. */
+	jti: zod.z.string().optional(),
+	/** OAuth session registry id — set on `oauth-access`/`oauth-refresh`
+	*  tokens so the verify path can check the session is not revoked. */
+	sessionId: zod.z.string().optional()
 });
 method(zod.z.object({
 	claims: SsoBridgeClaimsSchema,
 	ttlSec: zod.z.number().int().positive().optional()
 }), zod.z.object({ token: zod.z.string() })), method(zod.z.object({ token: zod.z.string() }), SsoBridgeClaimsSchema.nullable());
+var OauthIntegrationDescriptorSchema = zod.z.object({
+	/** Stable id used as the `integration=` query param, e.g. 'export-alexa'. */
+	integrationId: zod.z.string(),
+	/** Human label rendered on the consent page. */
+	displayName: zod.z.string(),
+	/** Scopes baked into every token issued for this integration. */
+	requestedScopes: zod.z.array(TokenScopeSchema),
+	/** Allowed redirect_uri prefixes. /api/oauth2/authorize rejects any
+	*  redirect_uri that does not start with one of these. Required —
+	*  an empty list means the integration can never complete linking. */
+	allowedRedirectPrefixes: zod.z.array(zod.z.string()).min(1)
+});
+method(zod.z.void(), OauthIntegrationDescriptorSchema);
 var PasskeySummarySchema = zod.z.object({
 	credentialId: zod.z.string(),
 	label: zod.z.string(),
@@ -2740,22 +3031,29 @@ var WidgetSizeEnum = zod.z.enum([
 	"lg",
 	"xl"
 ]);
+var WidgetRemoteSchema = zod.z.object({
+	remoteName: zod.z.string(),
+	exposedModule: zod.z.string(),
+	componentKey: zod.z.string().optional()
+});
 var WidgetMetadataSchema = zod.z.object({
-	/** Stable id within the addon — kebab-case. */
-	stableId: zod.z.string(),
+	/** Primary host tab — `'dashboard'`, `'device-tab'`, or a device-detail tab id. */
+	tab: zod.z.string(),
+	/** Optional sub-tab within `tab`. */
+	subTab: zod.z.string().optional(),
 	/** Operator-facing label. */
 	label: zod.z.string(),
+	/** Ordering within `(tab, subTab)`, ascending. */
+	order: zod.z.number().optional(),
+	/** Always `'remote'` — a widget is a Module Federation remote. */
+	kind: zod.z.literal("remote"),
+	/** MF remote descriptor. */
+	remote: WidgetRemoteSchema,
+	/** Stable id within the addon — kebab-case. Equals `remote.componentKey`. */
+	stableId: zod.z.string(),
 	description: zod.z.string().optional(),
 	icon: zod.z.string().optional(),
 	/**
-	* Module Federation remote name — must match the `name` field on the
-	* widget addon's `federation()` plugin config. Used by the host's
-	* `<WidgetRegistryProvider>` to call `loadRemote('<remoteName>/widgets')`.
-	* Conventionally `addon_<addonid>_widgets` (snake_case; MF names
-	* cannot contain hyphens).
-	*/
-	remoteName: zod.z.string(),
-	/**
 	* Bundle filename inside the addon's `dist/` dir served at
 	* `/api/addon-widgets/<addonId>/<bundle>`. With Module Federation
 	* this is always `'remoteEntry.js'` — the value is kept on the
@@ -2763,9 +3061,9 @@ var WidgetMetadataSchema = zod.z.object({
 	* cache-buster URL without a separate filesystem stat.
 	*/
 	bundle: zod.z.string(),
-	/** Where the widget makes sense to render. */
+	/** Every host the widget supports. The picker filters on this set. */
 	hosts: zod.z.array(WidgetHostEnum).readonly(),
-	/** Required props the host must supply. Validated at <WidgetSlot> mount. */
+	/** Required props the host must supply. Validated at `<WidgetSlot>` mount. */
 	requires: zod.z.object({
 		deviceContext: zod.z.boolean().default(false),
 		integrationContext: zod.z.boolean().default(false)
@@ -2829,6 +3127,16 @@ var InvokeReplyEnvelopeSchema = zod.z.object({
 	contentType: zod.z.string().optional()
 });
 method(zod.z.void(), zod.z.array(AddonHttpRouteSchema)), method(InvokeRequestSchema, InvokeReplyEnvelopeSchema, { kind: "mutation" });
+var ShmRingStatsSchema = zod.z.object({
+	sessionId: zod.z.string(),
+	slotCount: zod.z.number().int(),
+	slotByteLength: zod.z.number().int(),
+	segmentBytes: zod.z.number().int(),
+	budgetMb: zod.z.number().int(),
+	framesWritten: zod.z.number().int(),
+	getFrameHits: zod.z.number().int(),
+	getFrameMisses: zod.z.number().int()
+});
 method(zod.z.object({ codec: zod.z.string() }), zod.z.boolean()), method(zod.z.void(), zod.z.object({
 	id: zod.z.string(),
 	name: zod.z.string(),
@@ -2847,6 +3155,9 @@ method(zod.z.object({ codec: zod.z.string() }), zod.z.boolean()), method(zod.z.v
 	sessionId: zod.z.string(),
 	maxCount: zod.z.number().default(1)
 }), zod.z.array(DecodedFrameSchema)), method(zod.z.object({
+	sessionId: zod.z.string(),
+	maxCount: zod.z.number().default(1)
+}), zod.z.array(FrameHandleSchema)), method(zod.z.object({ handle: FrameHandleSchema }), DecodedFrameSchema.nullable()), method(zod.z.object({ sessionId: zod.z.string() }), ShmRingStatsSchema.nullable()), method(zod.z.object({
 	sessionId: zod.z.string(),
 	config: DecoderSessionConfigSchema.partial()
 }), zod.z.void()), method(zod.z.object({ sessionId: zod.z.string() }), DecoderStatsSchema), method(zod.z.void(), zod.z.array(zod.z.object({
@@ -3591,42 +3902,6 @@ method(zod.z.object({
 	username: zod.z.string(),
 	password: zod.z.string()
 }), AuthResultSchema.nullable(), { kind: "mutation" }), method(zod.z.object({ state: zod.z.string() }), zod.z.string()), method(zod.z.record(zod.z.string(), zod.z.string()), AuthResultSchema, { kind: "mutation" }), method(zod.z.object({ token: zod.z.string() }), AuthResultSchema.nullable());
-var AuthProviderInfoSchema = zod.z.object({
-	/** Stable id matching the addon id (used for `getLoginUrl({addonId,…})`). */
-	addonId: zod.z.string(),
-	/**
-	* Per-instance id when one addon registers multiple "logical"
-	* providers (e.g. OIDC with Google + Microsoft + custom). The login
-	* URL becomes `/addon/${addonId}/${instanceId}/start` — handler reads
-	* `:instanceId` from the route. Empty/unset means the addon is a
-	* single-instance provider; the URL is `/addon/${addonId}/start`.
-	*/
-	instanceId: zod.z.string().optional(),
-	/** Display label shown on the login button + admin row. */
-	displayName: zod.z.string(),
-	/** Optional iconography hint (lucide-react icon name OR emoji). */
-	icon: zod.z.string().optional(),
-	/** When true, the provider exposes a redirect-based login flow
-	*  (`getLoginUrl` returns a URL the browser navigates to). */
-	hasRedirectFlow: zod.z.boolean(),
-	/** When true, the provider exposes a credential-form login flow
-	*  (`validateCredentials` accepts username + password). */
-	hasCredentialFlow: zod.z.boolean(),
-	/** Provider kind, drives admin-UI hint dispatch (oidc / saml / totp / …). */
-	kind: zod.z.string().optional(),
-	/** Operator-facing status string (e.g. "Connected to https://login.acme.com"). */
-	status: zod.z.string().optional(),
-	/** When false, the provider is registered but disabled by config; the
-	*  UI surfaces it as inactive without enumerating it for login. */
-	enabled: zod.z.boolean()
-});
-method(zod.z.void(), zod.z.array(AuthProviderInfoSchema).readonly()), method(zod.z.object({
-	addonId: zod.z.string(),
-	enabled: zod.z.boolean()
-}), zod.z.object({ success: zod.z.literal(true) }), {
-	kind: "mutation",
-	auth: "admin"
-});
 var NetworkEndpointSchema = zod.z.object({
 	url: zod.z.string(),
 	hostname: zod.z.string(),
@@ -3652,33 +3927,6 @@ var NetworkEndpointEntrySchema = NetworkEndpointSchema.extend({
 	sourcePort: zod.z.number().optional()
 });
 method(zod.z.void(), NetworkEndpointSchema, { kind: "mutation" }), method(zod.z.void(), zod.z.void(), { kind: "mutation" }), method(zod.z.void(), NetworkEndpointSchema.nullable()), method(zod.z.void(), NetworkAccessStatusSchema), method(zod.z.void(), zod.z.array(NetworkEndpointEntrySchema).readonly());
-var RemoteAccessEndpointSchema = zod.z.object({
-	url: zod.z.string(),
-	hostname: zod.z.string(),
-	port: zod.z.number(),
-	protocol: zod.z.enum(["http", "https"])
-});
-var RemoteAccessProviderInfoSchema = zod.z.object({
-	/** Stable id matching the addon id. */
-	addonId: zod.z.string(),
-	/** Display label shown on the admin row — sourced from the addon manifest. */
-	displayName: zod.z.string(),
-	/** When false, the provider is registered but disabled. */
-	enabled: zod.z.boolean(),
-	/** True when the underlying tunnel/connection is up. */
-	connected: zod.z.boolean(),
-	/** Public-facing endpoint, when connected. Null otherwise. */
-	endpoint: RemoteAccessEndpointSchema.nullable(),
-	/** Last error message (when connected=false), if available. */
-	error: zod.z.string().optional()
-});
-method(zod.z.void(), zod.z.array(RemoteAccessProviderInfoSchema).readonly()), method(zod.z.object({ addonId: zod.z.string() }), RemoteAccessEndpointSchema, {
-	kind: "mutation",
-	auth: "admin"
-}), method(zod.z.object({ addonId: zod.z.string() }), zod.z.object({ success: zod.z.literal(true) }), {
-	kind: "mutation",
-	auth: "admin"
-});
 var TurnServerSchema = zod.z.object({
 	/** Single URL or list of URLs (e.g. "turn:turn.example.com:3478?transport=udp"). */
 	urls: zod.z.union([zod.z.string(), zod.z.array(zod.z.string())]),
@@ -3686,33 +3934,6 @@ var TurnServerSchema = zod.z.object({
 	credential: zod.z.string().optional()
 });
 method(zod.z.void(), zod.z.array(TurnServerSchema).readonly());
-var TurnProviderInfoSchema = zod.z.object({
-	/** Stable id matching the addon id. */
-	addonId: zod.z.string(),
-	/** Display label shown on the admin row — sourced from the addon manifest. */
-	displayName: zod.z.string(),
-	/** When false, the provider is registered but disabled. */
-	enabled: zod.z.boolean(),
-	/** Number of servers this provider is currently exposing. */
-	serverCount: zod.z.number(),
-	/**
-	* Flat list of every TURN/STUN URL this provider currently exposes.
-	* One row per URL (multi-URL ICE server entries are flattened). The
-	* admin UI shows this in a compact per-provider list so operators
-	* can verify what's actually being negotiated without having to dig
-	* into the combined `getAllServers` output.
-	*/
-	urls: zod.z.array(zod.z.string()).readonly(),
-	/** Last fetch error (when serverCount=0 due to API failure), if any. */
-	error: zod.z.string().optional()
-});
-method(zod.z.void(), zod.z.array(TurnProviderInfoSchema).readonly()), method(zod.z.void(), zod.z.array(TurnServerSchema).readonly()), method(zod.z.object({
-	addonId: zod.z.string(),
-	enabled: zod.z.boolean()
-}), zod.z.object({ success: zod.z.literal(true) }), {
-	kind: "mutation",
-	auth: "admin"
-});
 var SnapshotImageSchema = zod.z.object({
 	base64: zod.z.string(),
 	contentType: zod.z.string()
@@ -4315,10 +4536,38 @@ var PtzMoveCommandSchema = zod.z.object({
 	zoom: zod.z.number().optional(),
 	speed: zod.z.number().optional()
 });
+PtzPositionSchema.extend({ autofocus: zod.z.boolean() });
+var PtzOptionsSchema = zod.z.object({
+	hasPan: zod.z.boolean(),
+	hasTilt: zod.z.boolean(),
+	hasZoom: zod.z.boolean(),
+	supportsPresets: zod.z.boolean(),
+	/** Max number of named presets the camera supports, when known. */
+	maxPresets: zod.z.number().optional(),
+	/** Whether the camera exposes a controllable autofocus toggle
+	*  (boolean `hasX` per the getOptions availability convention). */
+	hasAutofocus: zod.z.boolean()
+});
 DeviceType.Camera, method(PtzMoveCommandSchema.extend({ deviceId: zod.z.number() }), zod.z.void(), { kind: "mutation" }), method(PtzMoveCommandSchema.extend({ deviceId: zod.z.number() }), zod.z.void(), { kind: "mutation" }), method(zod.z.object({ deviceId: zod.z.number() }), zod.z.void(), { kind: "mutation" }), method(zod.z.object({ deviceId: zod.z.number() }), zod.z.array(PtzPresetSchema)), method(zod.z.object({
 	deviceId: zod.z.number(),
 	presetId: zod.z.string()
-}), zod.z.void(), { kind: "mutation" }), method(zod.z.object({ deviceId: zod.z.number() }), zod.z.void(), { kind: "mutation" }), method(zod.z.object({ deviceId: zod.z.number() }), PtzPositionSchema);
+}), zod.z.void(), { kind: "mutation" }), method(zod.z.object({
+	deviceId: zod.z.number(),
+	presetId: zod.z.string(),
+	name: zod.z.string()
+}), zod.z.void(), {
+	kind: "mutation",
+	auth: "admin"
+}), method(zod.z.object({
+	deviceId: zod.z.number(),
+	presetId: zod.z.string()
+}), zod.z.void(), {
+	kind: "mutation",
+	auth: "admin"
+}), method(zod.z.object({ deviceId: zod.z.number() }), PtzOptionsSchema), method(zod.z.object({ deviceId: zod.z.number() }), zod.z.void(), { kind: "mutation" }), method(zod.z.object({ deviceId: zod.z.number() }), PtzPositionSchema), method(zod.z.object({
+	deviceId: zod.z.number(),
+	enabled: zod.z.boolean()
+}), zod.z.void(), { kind: "mutation" });
 var EventItemSchema = zod.z.object({
 	id: zod.z.string(),
 	type: zod.z.string(),
@@ -4809,7 +5058,7 @@ method(zod.z.void(), ListResultSchema), method(zod.z.void(), PreferredSchema), m
 	*  tunnel always emits `https://` regardless. */
 	scheme: zod.z.enum(["http", "https"]).optional()
 }), GetConnectionEndpointsResultSchema), method(zod.z.void(), AllowedAddressesSchema), method(AllowedAddressesSchema, zod.z.object({ success: zod.z.literal(true) }), { kind: "mutation" }), method(zod.z.void(), AllowedAddressesSchema, { kind: "mutation" });
-var MeshEndpointSchema$1 = zod.z.object({
+var MeshEndpointSchema = zod.z.object({
 	/** Stable identifier within the provider (e.g. `mesh-ipv4`, `magicdns`, `funnel`). */
 	id: zod.z.string(),
 	/** Operator-facing label (e.g. "Mesh IPv4", "MagicDNS"). */
@@ -4886,7 +5135,7 @@ var MeshStatusSchema = zod.z.object({
 	/** Number of peers visible to this host (excluding self). */
 	peerCount: zod.z.number(),
 	/** Every endpoint this provider exposes for the current host. */
-	endpoints: zod.z.array(MeshEndpointSchema$1).readonly(),
+	endpoints: zod.z.array(MeshEndpointSchema).readonly(),
 	/** Last error from the daemon, when not joined. */
 	error: zod.z.string().optional(),
 	/**
@@ -4961,130 +5210,6 @@ authKey: zod.z.string().optional() }), zod.z.object({
 	/** Human-readable error when `ok: false`. */
 	error: zod.z.string().optional()
 }), { kind: "mutation" });
-var MeshEndpointSchema = zod.z.object({
-	id: zod.z.string(),
-	label: zod.z.string(),
-	scope: zod.z.enum(["mesh", "public"]),
-	url: zod.z.string(),
-	hostname: zod.z.string(),
-	port: zod.z.number(),
-	protocol: zod.z.enum(["http", "https"])
-});
-var MeshProviderInfoSchema = zod.z.object({
-	/** Stable id matching the addon id. */
-	addonId: zod.z.string(),
-	/** Display label shown on the admin row — sourced from the addon manifest. */
-	displayName: zod.z.string(),
-	/** True when the host is joined to this provider's mesh. */
-	joined: zod.z.boolean(),
-	/** Local mesh IP (empty when not joined). */
-	meshIp: zod.z.string(),
-	/** MagicDNS / mesh hostname (empty when not configured). */
-	magicDnsHostname: zod.z.string(),
-	/** Peer count (excluding self). */
-	peerCount: zod.z.number(),
-	/** Active endpoints (mesh IP + MagicDNS + optional public Funnel). */
-	endpoints: zod.z.array(MeshEndpointSchema).readonly(),
-	/** Last error reported by the provider. */
-	error: zod.z.string().optional(),
-	/** Tenant / tailnet / network display name. Empty pre-join. */
-	tenantName: zod.z.string(),
-	/** Mesh DNS suffix (e.g. tailXXXX.ts.net). Empty when not configured. */
-	magicDnsSuffix: zod.z.string(),
-	/** Authenticated user / account login. Null for token-only providers. */
-	userLogin: zod.z.string().nullable(),
-	/** Provider control-plane URL. */
-	controlPlaneUrl: zod.z.string(),
-	/** Machine-key expiry (epoch ms). Null when keys don't rotate. */
-	keyExpiry: zod.z.number().nullable()
-});
-method(zod.z.void(), zod.z.array(MeshProviderInfoSchema).readonly()), method(zod.z.object({
-	addonId: zod.z.string(),
-	authKey: zod.z.string().min(8),
-	hostname: zod.z.string().optional()
-}), zod.z.object({ joined: zod.z.literal(true) }), { kind: "mutation" }), method(zod.z.object({ addonId: zod.z.string() }), zod.z.object({ success: zod.z.literal(true) }), { kind: "mutation" }), method(zod.z.object({
-	addonId: zod.z.string(),
-	hostname: zod.z.string().optional()
-}), zod.z.object({ loginUrl: zod.z.string() }), { kind: "mutation" }), method(zod.z.object({ addonId: zod.z.string() }), zod.z.object({ loggedOut: zod.z.literal(true) }), { kind: "mutation" }), method(zod.z.object({ addonId: zod.z.string() }), zod.z.object({ peers: zod.z.array(MeshPeerSchema).readonly() }));
-var MethodAccessSchema = zod.z.enum([
-	"view",
-	"create",
-	"delete"
-]);
-var AllowedProviderSchema = zod.z.union([zod.z.literal("*"), zod.z.array(zod.z.string())]);
-var AllowedDevicesSchema = zod.z.record(zod.z.string(), zod.z.union([zod.z.literal("*"), zod.z.array(zod.z.string())]));
-var CapScopeSchema = zod.z.enum(["device", "system"]);
-var TokenScopeSchema = zod.z.discriminatedUnion("type", [
-	zod.z.object({
-		type: zod.z.literal("category"),
-		target: CapScopeSchema,
-		access: zod.z.array(MethodAccessSchema).min(1)
-	}),
-	zod.z.object({
-		type: zod.z.literal("capability"),
-		target: zod.z.string(),
-		access: zod.z.array(MethodAccessSchema).min(1)
-	}),
-	zod.z.object({
-		type: zod.z.literal("addon"),
-		target: zod.z.string(),
-		access: zod.z.array(MethodAccessSchema).min(1)
-	}),
-	zod.z.object({
-		type: zod.z.literal("device"),
-		/**
-		* One or more deviceIds (serialised as strings for wire-format
-		* consistency with the rest of the union). Matcher accepts if
-		* `input.deviceId` ∈ `targets`. Array shape avoids the row-explosion
-		* of one scope-per-device when granting access to a set of cameras.
-		*/
-		targets: zod.z.array(zod.z.string()).min(1),
-		access: zod.z.array(MethodAccessSchema).min(1)
-	})
-]);
-zod.z.object({
-	id: zod.z.string(),
-	username: zod.z.string(),
-	passwordHash: zod.z.string(),
-	/**
-	* Admin bypass. When true, the middleware skips the scope-access
-	* check entirely. There is no other axis of privilege; the legacy
-	* role enum collapsed onto this boolean in v2.
-	*/
-	isAdmin: zod.z.boolean().default(false),
-	allowedProviders: AllowedProviderSchema,
-	allowedDevices: AllowedDevicesSchema,
-	/**
-	* Scopes granted to this user. Admins bypass; their `scopes` is
-	* ignored. Non-admins without scopes are locked out of every
-	* protected call.
-	*/
-	scopes: zod.z.array(TokenScopeSchema).default([]),
-	createdAt: zod.z.number(),
-	updatedAt: zod.z.number()
-});
-zod.z.object({
-	id: zod.z.string(),
-	label: zod.z.string(),
-	isAdmin: zod.z.boolean().default(false),
-	allowedProviders: AllowedProviderSchema,
-	allowedDevices: AllowedDevicesSchema,
-	tokenHash: zod.z.string(),
-	tokenPrefix: zod.z.string(),
-	createdAt: zod.z.number(),
-	lastUsedAt: zod.z.number().optional()
-});
-zod.z.object({
-	id: zod.z.string(),
-	userId: zod.z.string(),
-	name: zod.z.string(),
-	tokenHash: zod.z.string(),
-	tokenPrefix: zod.z.string(),
-	scopes: zod.z.array(TokenScopeSchema),
-	expiresAt: zod.z.number().nullish(),
-	lastUsedAt: zod.z.number().nullish(),
-	createdAt: zod.z.number()
-});
 var UserSummarySchema = zod.z.object({
 	id: zod.z.string(),
 	username: zod.z.string(),
@@ -5157,6 +5282,16 @@ var CreateScopedTokenResultSchema = zod.z.object({
 	token: zod.z.string(),
 	record: ScopedTokenSummarySchema
 });
+var OauthSessionSummarySchema = zod.z.object({
+	id: zod.z.string(),
+	userId: zod.z.string(),
+	username: zod.z.string(),
+	integrationId: zod.z.string(),
+	scopes: zod.z.array(TokenScopeSchema),
+	createdAt: zod.z.number(),
+	lastUsedAt: zod.z.number(),
+	revokedAt: zod.z.number().nullable()
+});
 var TotpSetupResultSchema = zod.z.object({
 	secret: zod.z.string(),
 	otpauthUrl: zod.z.string()
@@ -5239,6 +5374,41 @@ method(zod.z.void(), zod.z.array(UserSummarySchema), { auth: "admin" }), method(
 }), zod.z.object({ valid: zod.z.boolean() }), {
 	kind: "mutation",
 	access: "view"
+}), method(zod.z.object({
+	integrationId: zod.z.string(),
+	userId: zod.z.string(),
+	username: zod.z.string(),
+	scopes: zod.z.array(TokenScopeSchema),
+	redirectUri: zod.z.string(),
+	hubUrl: zod.z.string()
+}), zod.z.object({ code: zod.z.string() }), {
+	kind: "mutation",
+	access: "create"
+}), method(zod.z.object({
+	code: zod.z.string(),
+	redirectUri: zod.z.string()
+}), zod.z.object({
+	accessToken: zod.z.string(),
+	refreshToken: zod.z.string(),
+	expiresIn: zod.z.number()
+}).nullable(), {
+	kind: "mutation",
+	access: "view"
+}), method(zod.z.object({ refreshToken: zod.z.string() }), zod.z.object({
+	accessToken: zod.z.string(),
+	refreshToken: zod.z.string(),
+	expiresIn: zod.z.number()
+}).nullable(), {
+	kind: "mutation",
+	access: "view"
+}), method(zod.z.object({ token: zod.z.string() }), zod.z.object({
+	userId: zod.z.string(),
+	username: zod.z.string(),
+	scopes: zod.z.array(TokenScopeSchema)
+}).nullable(), { access: "view" }), method(zod.z.void(), zod.z.array(OauthSessionSummarySchema), { auth: "admin" }), method(zod.z.object({ id: zod.z.string() }), zod.z.object({ success: zod.z.boolean() }), {
+	kind: "mutation",
+	auth: "admin",
+	access: "delete"
 });
 var FeatureManifestSchema = zod.z.object({
 	streaming: zod.z.boolean(),
@@ -5407,7 +5577,13 @@ method(zod.z.void(), zod.z.array(TopologyNodeSchema).readonly(), { auth: "admin"
 }), RenameNodeResultSchema, {
 	kind: "mutation",
 	auth: "admin"
-}), method(zod.z.void(), zod.z.record(zod.z.string(), ClusterAddonStatusEntrySchema), { auth: "admin" }), method(zod.z.object({ nodeId: zod.z.string() }), zod.z.array(NodeAddonEntrySchema).readonly(), { auth: "admin" }), method(zod.z.object({
+}), method(zod.z.void(), zod.z.record(zod.z.string(), ClusterAddonStatusEntrySchema), { auth: "admin" }), method(zod.z.object({ windowSeconds: zod.z.number().int().positive().max(300).default(60) }), zod.z.array(zod.z.object({
+	callerAddonId: zod.z.string(),
+	providerAddonId: zod.z.string(),
+	capName: zod.z.string(),
+	callsPerMin: zod.z.number(),
+	lastCallAtMs: zod.z.number()
+})).readonly(), { auth: "admin" }), method(zod.z.object({ nodeId: zod.z.string() }), zod.z.array(NodeAddonEntrySchema).readonly(), { auth: "admin" }), method(zod.z.object({
 	nodeId: zod.z.string(),
 	level: zod.z.string()
 }), SuccessSchema, {
@@ -5695,6 +5871,13 @@ method(zod.z.void(), zod.z.array(AddonListItemSchema).readonly()), method(zod.z.
 	mode: zod.z.enum(["singleton", "collection"]),
 	isActive: zod.z.boolean()
 })).readonly()), method(zod.z.object({
+	capName: zod.z.string().min(1),
+	addonId: zod.z.string().min(1),
+	enabled: zod.z.boolean()
+}), zod.z.object({ success: zod.z.literal(true) }), {
+	kind: "mutation",
+	auth: "admin"
+}), method(zod.z.object({
 	packageName: zod.z.string().min(1),
 	version: zod.z.string().optional()
 }), UpdateFrameworkPackageResultSchema, {
@@ -7638,6 +7821,16 @@ var StorageManager = class {
 	}
 };
 //#endregion
+//#region src/auth/scope-matcher.ts
+/**
+* True if the scope set grants `access` on device-scoped capabilities.
+* A `category:device` grant covers every device cap (the broad grant).
+* Mirrors the OR-semantics of the existing token scope matcher.
+*/
+function scopesAllowDeviceCap(scopes, access) {
+	return scopes.some((s) => s.type === "category" && s.target === "device" && s.access.includes(access));
+}
+//#endregion
 //#region src/notification/notification-service.ts
 /**
 * Central notification service that routes notifications to configured outputs.
@@ -8463,5 +8656,6 @@ exports.installPythonPackages = installPythonPackages;
 exports.installPythonRequirements = installPythonRequirements;
 exports.isModelDownloaded = isModelDownloaded;
 exports.loadTlsCert = loadTlsCert;
+exports.scopesAllowDeviceCap = scopesAllowDeviceCap;
 
 //# sourceMappingURL=index.js.map