@camstack/server 0.2.2 → 1.0.1

package/dist/api/core/capabilities.router.js

@@ -0,0 +1,138 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createCapabilitiesRouter = createCapabilitiesRouter;
+/**
+ * Capability admin router — fixed core API (not a capability).
+ *
+ * Lets admins inspect the capability registry and set system/device
+ * overrides. Wraps `CapabilityRegistry` directly (kernel primitive).
+ */
+const zod_1 = require("zod");
+const trpc_middleware_js_1 = require("../trpc/trpc.middleware.js");
+function createCapabilitiesRouter(registry, config) {
+    return (0, trpc_middleware_js_1.trpcRouter)({
+        listCapabilities: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.void())
+            .query(() => registry?.listCapabilities() ?? []),
+        getCapability: trpc_middleware_js_1.adminProcedure.input(zod_1.z.object({ name: zod_1.z.string() })).query(({ input }) => {
+            if (!registry)
+                return null;
+            return (registry.listCapabilities().find((c) => c.name === input.name) ?? null);
+        }),
+        setActiveSingleton: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({
+            capability: zod_1.z.string(),
+            addonId: zod_1.z.string(),
+            nodeId: zod_1.z.string().optional(),
+        }))
+            .output(zod_1.z.void())
+            .mutation(async ({ input }) => {
+            if (!registry)
+                throw new Error('Capability registry unavailable');
+            await registry.setActiveSingleton(input.capability, input.addonId, input.nodeId);
+            if (input.nodeId !== undefined) {
+                // Per-node override: persist under the node-qualified key so the boot
+                // restorer (`setNodeConfigReader`) replays it on restart.
+                config.set(`capabilities.singletonNode.${input.capability}.${input.nodeId}`, input.addonId);
+            }
+            else {
+                // Cluster-global default: persist to the SAME key the boot restorer reads
+                // (addon-registry `setConfigReader` → `capabilities.singleton.<cap>`).
+                config.set(`capabilities.singleton.${input.capability}`, input.addonId);
+            }
+        }),
+        clearSingletonNodeOverride: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ capability: zod_1.z.string(), nodeId: zod_1.z.string() }))
+            .output(zod_1.z.void())
+            .mutation(({ input }) => {
+            if (!registry)
+                throw new Error('Capability registry unavailable');
+            registry.clearSingletonNodeOverride(input.capability, input.nodeId);
+            // Persist the cleared state as null so the boot restorer doesn't re-apply
+            // a stale override on restart.
+            config.set(`capabilities.singletonNode.${input.capability}.${input.nodeId}`, null);
+        }),
+        /**
+         * Set the enabled set of providers for a collection capability in
+         * one shot. Providers already registered on the capability that are
+         * NOT in `enabledAddonIds` get disabled; the ones in the list are
+         * re-enabled. Other collections are untouched. Intended as the
+         * save endpoint for a bulk multi-select UI.
+         */
+        setCollectionEnabledProviders: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({
+            capability: zod_1.z.string(),
+            enabledAddonIds: zod_1.z.array(zod_1.z.string()),
+        }))
+            .output(zod_1.z.void())
+            .mutation(({ input }) => {
+            if (!registry)
+                throw new Error('Capability registry unavailable');
+            const caps = registry.listCapabilities();
+            const entry = caps.find((c) => c.name === input.capability);
+            if (!entry)
+                throw new Error(`Capability "${input.capability}" not declared`);
+            if (entry.mode !== 'collection') {
+                throw new Error(`Capability "${input.capability}" is not a collection`);
+            }
+            const wanted = new Set(input.enabledAddonIds);
+            for (const providerId of entry.providers) {
+                if (wanted.has(providerId)) {
+                    registry.enableCollectionProvider(input.capability, providerId);
+                }
+                else {
+                    registry.disableCollectionProvider(input.capability, providerId);
+                }
+            }
+        }),
+        setDeviceCapability: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ deviceId: zod_1.z.string(), capability: zod_1.z.string(), addonId: zod_1.z.string() }))
+            .output(zod_1.z.void())
+            .mutation(({ input }) => {
+            if (!registry)
+                throw new Error('Capability registry unavailable');
+            registry.setDeviceOverride(input.deviceId, input.capability, input.addonId);
+        }),
+        clearDeviceCapability: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ deviceId: zod_1.z.string(), capability: zod_1.z.string() }))
+            .output(zod_1.z.void())
+            .mutation(({ input }) => {
+            if (!registry)
+                throw new Error('Capability registry unavailable');
+            registry.clearDeviceOverride(input.deviceId, input.capability);
+        }),
+        getDeviceCapabilities: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ deviceId: zod_1.z.string() }))
+            .output(zod_1.z.record(zod_1.z.string(), zod_1.z.string()))
+            .query(({ input }) => {
+            if (!registry)
+                return {};
+            const overrides = registry.getDeviceOverrides(input.deviceId);
+            const result = {};
+            for (const [cap, addonId] of overrides) {
+                result[cap] = addonId;
+            }
+            return result;
+        }),
+        setDeviceCollectionFilter: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({
+            deviceId: zod_1.z.string(),
+            capability: zod_1.z.string(),
+            addonIds: zod_1.z.array(zod_1.z.string()),
+        }))
+            .output(zod_1.z.void())
+            .mutation(({ input }) => {
+            if (!registry)
+                throw new Error('Capability registry unavailable');
+            registry.setDeviceCollectionFilter(input.deviceId, input.capability, input.addonIds);
+        }),
+        clearDeviceCollectionFilter: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ deviceId: zod_1.z.string(), capability: zod_1.z.string() }))
+            .output(zod_1.z.void())
+            .mutation(({ input }) => {
+            if (!registry)
+                throw new Error('Capability registry unavailable');
+            registry.clearDeviceCollectionFilter(input.deviceId, input.capability);
+        }),
+    });
+}

package/dist/api/core/collection-preference.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.collectionPreferenceKey = collectionPreferenceKey;
+exports.persistCollectionDisabled = persistCollectionDisabled;
+/** ConfigService key holding the persisted disabled-set for a collection cap. */
+function collectionPreferenceKey(capability) {
+    return `capabilities.collection.${capability}`;
+}
+/**
+ * Persist the disabled-addonId set for a collection capability. Pass the
+ * authoritative set straight from `registry.listCapabilities()` after the
+ * enable/disable mutation so the stored value always mirrors the live
+ * registry state.
+ */
+function persistCollectionDisabled(configService, capability, disabled) {
+    configService.set(collectionPreferenceKey(capability), JSON.stringify({ disabled: [...disabled] }));
+}

package/dist/api/core/event-bus-proxy.router.js

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createEventBusProxyRouter = createEventBusProxyRouter;
+/**
+ * EventBus proxy router — allows forked workers to emit events to the
+ * hub's EventBus via tRPC.
+ *
+ * Workers call `trpc.eventBusProxy.emit.mutate(event)` from their
+ * `context.eventBus.emit()` implementation. The hub-side router
+ * deserializes the event and emits it on the real EventBus.
+ *
+ * Subscribe/getRecent are routed through the existing `live.onEvent`
+ * subscription and `events` query routers — no duplication needed here.
+ *
+ * Introduced in session 7 (EventBus wiring for forked addons).
+ */
+const zod_1 = require("zod");
+const trpc_middleware_js_1 = require("../trpc/trpc.middleware.js");
+const SystemEventInputSchema = zod_1.z.object({
+    id: zod_1.z.string(),
+    timestamp: zod_1.z.string(), // ISO 8601 — converted to Date on emit
+    source: zod_1.z.object({
+        type: zod_1.z.string(),
+        id: zod_1.z.string(),
+    }),
+    category: zod_1.z.string(),
+    data: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()),
+});
+function createEventBusProxyRouter(eventBus) {
+    return (0, trpc_middleware_js_1.trpcRouter)({
+        emit: trpc_middleware_js_1.protectedProcedure
+            .input(SystemEventInputSchema)
+            .output(zod_1.z.object({ ok: zod_1.z.literal(true) }))
+            .mutation(({ input }) => {
+            eventBus.emit({
+                id: input.id,
+                timestamp: new Date(input.timestamp),
+                source: { type: input.source.type, id: input.source.id },
+                category: input.category,
+                data: input.data,
+            });
+            return { ok: true };
+        }),
+    });
+}

package/dist/api/core/hwaccel.router.js

@@ -0,0 +1,91 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createHwAccelRouter = createHwAccelRouter;
+/**
+ * Hwaccel router — fixed core API (not a capability).
+ *
+ * Thin wrapper around the per-node `$hwaccel.resolve` Moleculer
+ * service. The hub-local instance (same process) serves the default
+ * `resolve` call; the per-node `resolveForNode` action targets any
+ * node in the cluster — used by the admin UI pipeline / NodeDetail
+ * pages to show the hwaccel backends available on each agent.
+ *
+ * Cross-node behaviour: `resolveForNode({ nodeId })` forwards via
+ * `broker.call('$hwaccel.resolve', params, { nodeID })`. Every node
+ * (hub + forked worker + remote agent) registers `$hwaccel` at
+ * bootstrap, so any reachable nodeId works.
+ */
+const zod_1 = require("zod");
+const trpc_middleware_js_1 = require("../trpc/trpc.middleware.js");
+const HwAccelBackendSchema = zod_1.z.enum([
+    'videotoolbox',
+    'cuda',
+    'nvdec',
+    'vaapi',
+    'qsv',
+    'd3d11va',
+    'dxva2',
+    'amf',
+    'vdpau',
+    'drm',
+]);
+const HwAccelPreferSchema = zod_1.z
+    .union([HwAccelBackendSchema, zod_1.z.literal('none')])
+    .nullable()
+    .optional();
+const HwAccelResolutionSchema = zod_1.z.object({
+    preferred: zod_1.z.array(HwAccelBackendSchema).readonly(),
+    rationale: zod_1.z.string(),
+});
+function createHwAccelRouter(broker) {
+    return (0, trpc_middleware_js_1.trpcRouter)({
+        /** Probe the current hub process. */
+        resolve: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ prefer: HwAccelPreferSchema }).optional())
+            .output(HwAccelResolutionSchema)
+            .query(async ({ input }) => {
+            if (!broker)
+                throw new Error('Moleculer broker not available');
+            const params = { prefer: input?.prefer ?? null };
+            return broker.call('$hwaccel.resolve', params);
+        }),
+        /** Probe a specific node in the cluster — used by per-agent UI cards. */
+        resolveForNode: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ nodeId: zod_1.z.string(), prefer: HwAccelPreferSchema }))
+            .output(HwAccelResolutionSchema)
+            .query(async ({ input }) => {
+            if (!broker)
+                throw new Error('Moleculer broker not available');
+            const params = { prefer: input.prefer ?? null };
+            return broker.call('$hwaccel.resolve', params, {
+                nodeID: input.nodeId,
+            });
+        }),
+        /** List every node currently reachable and the hwaccel each resolves to. */
+        resolveAll: trpc_middleware_js_1.adminProcedure
+            .output(zod_1.z.array(zod_1.z.object({
+            nodeId: zod_1.z.string(),
+            resolution: HwAccelResolutionSchema,
+        })))
+            .query(async () => {
+            if (!broker)
+                throw new Error('Moleculer broker not available');
+            const registry = broker.registry;
+            const nodes = registry.getNodeList({ onlyAvailable: true });
+            const results = await Promise.all(nodes.map(async (n) => {
+                try {
+                    const resolution = (await broker.call('$hwaccel.resolve', { prefer: null }, { nodeID: n.id }));
+                    return { nodeId: n.id, resolution };
+                }
+                catch (err) {
+                    const msg = err instanceof Error ? err.message : String(err);
+                    return {
+                        nodeId: n.id,
+                        resolution: { preferred: [], rationale: `resolve failed: ${msg}` },
+                    };
+                }
+            }));
+            return results;
+        }),
+    });
+}

package/dist/api/core/live-events.router.js

@@ -0,0 +1,61 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createLiveEventsRouter = createLiveEventsRouter;
+/**
+ * Live events router — fixed core API (not a capability).
+ *
+ * Higher-level live-subscription API consumed by the admin UI dashboard.
+ * Wraps `EventBusService` with per-device permission enforcement.
+ */
+const zod_1 = require("zod");
+const trpc_middleware_js_1 = require("../trpc/trpc.middleware.js");
+function createLiveEventsRouter(eb, ar) {
+    return (0, trpc_middleware_js_1.trpcRouter)({
+        recentSystemEvents: trpc_middleware_js_1.protectedProcedure
+            .input(zod_1.z
+            .object({
+            category: zod_1.z.string().optional(),
+            limit: zod_1.z.number().optional(),
+        })
+            .optional())
+            .query(({ input }) => eb.getRecent(input ?? {}, input?.limit ?? 50)),
+        onEvent: trpc_middleware_js_1.protectedProcedure
+            .input(zod_1.z.object({ category: zod_1.z.string().optional() }))
+            .subscription(({ input }) => {
+            return (0, trpc_middleware_js_1.iterableSubscription)((push) => {
+                const filter = {};
+                if (input.category)
+                    filter.category = input.category;
+                return eb.subscribe(filter, push);
+            });
+        }),
+        onDeviceEvent: trpc_middleware_js_1.protectedProcedure
+            .input(zod_1.z.object({ deviceId: zod_1.z.number() }))
+            .subscription(({ input, ctx }) => {
+            return (0, trpc_middleware_js_1.iterableSubscription)((push) => {
+                const deviceRegistry = ar.getDeviceRegistry();
+                const device = deviceRegistry.getById(input.deviceId);
+                if (!device)
+                    throw new Error(`Device id=${input.deviceId} not found`);
+                // Permission check — new IDevice has no providerId; admin bypass only
+                if (!ctx.user.isAdmin) {
+                    const ad = ctx.user.permissions?.allowedDevices;
+                    if (!ad)
+                        throw new Error('Access denied');
+                    // Find which addon owns this device to determine the provider key
+                    const ownerAddonId = deviceRegistry.getAddonId(input.deviceId);
+                    if (!ownerAddonId)
+                        throw new Error('Access denied');
+                    const pd = ad[ownerAddonId];
+                    // Permission lists are still keyed by stableId — that's the
+                    // external admin-facing identifier. Resolve the device's
+                    // stableId for the membership check.
+                    if (!pd || (pd !== '*' && !pd.includes(device.stableId))) {
+                        throw new Error('Access denied');
+                    }
+                }
+                return eb.subscribe({ source: { type: 'device', id: input.deviceId } }, push);
+            });
+        }),
+    });
+}

package/dist/api/core/logs.router.js

@@ -0,0 +1,172 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createLogsRouter = createLogsRouter;
+/**
+ * Logs router — fixed core API (not a capability).
+ *
+ * Queries and streams log entries via `LoggingService` (thin NestJS DI
+ * wrapper over `LogManager` from `@camstack/core`). Admin can read
+ * everything; viewers/protected users only see entries matching their
+ * allowed providers scope (filtered in `query`).
+ */
+const zod_1 = require("zod");
+const trpc_middleware_js_1 = require("../trpc/trpc.middleware.js");
+const LogLevelSchema = zod_1.z.enum(['debug', 'info', 'warn', 'error']);
+const LogTagsSchema = zod_1.z.object({
+    agentId: zod_1.z.string().optional(),
+    nodeId: zod_1.z.string().optional(),
+    /** Numeric progressive id (or its string form for legacy callers). */
+    deviceId: zod_1.z.union([zod_1.z.string(), zod_1.z.number()]).optional(),
+    /** Parent container id — set on every accessory child's logs (and on the
+     *  container's own logs). Filtering by it returns the whole container subtree
+     *  (container + all children) in one query. */
+    containerDeviceId: zod_1.z.union([zod_1.z.string(), zod_1.z.number()]).optional(),
+    deviceName: zod_1.z.string().optional(),
+    integrationId: zod_1.z.string().optional(),
+    addonId: zod_1.z.string().optional(),
+    streamId: zod_1.z.string().optional(),
+    streamName: zod_1.z.string().optional(),
+    sessionId: zod_1.z.string().optional(),
+    /**
+     * Correlation id used to scope a single short-lived operation
+     * (e.g. a `testCreationField` probe). The Add-Device modal generates
+     * one per dialog open and providers tag their loggers with it so the
+     * modal can stream test logs without a deviceId (the device doesn't
+     * exist yet).
+     */
+    requestId: zod_1.z.string().optional(),
+});
+/** Wire shape of a log entry — timestamp is serialised to ISO string by tRPC. */
+const LogEntrySchema = zod_1.z.object({
+    timestamp: zod_1.z.string(),
+    level: zod_1.z.string(),
+    scope: zod_1.z.string().optional(),
+    message: zod_1.z.string(),
+    tags: zod_1.z.record(zod_1.z.string(), zod_1.z.string().optional()).optional(),
+    /**
+     * Ad-hoc structured payload attached to the log call (e.g.
+     * `{error, brokerId, sourceType, url}` for stream-broker errors).
+     * Tags are filterable structural fields; meta is the per-call
+     * payload operators read in the expanded LogStream row.
+     */
+    meta: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()).optional(),
+});
+const LogEntryArraySchema = zod_1.z.array(LogEntrySchema);
+function createLogsRouter(logging) {
+    return (0, trpc_middleware_js_1.trpcRouter)({
+        query: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({
+            level: LogLevelSchema.optional(),
+            since: zod_1.z.number().optional(),
+            until: zod_1.z.number().optional(),
+            limit: zod_1.z.number().optional(),
+            tags: LogTagsSchema.optional(),
+        }))
+            .output(LogEntryArraySchema)
+            .query(({ input, ctx }) => {
+            const filter = { limit: input.limit ?? 100 };
+            if (input.level)
+                filter.level = input.level;
+            if (input.since !== undefined)
+                filter.since = new Date(input.since);
+            if (input.until !== undefined)
+                filter.until = new Date(input.until);
+            if (input.tags)
+                filter.tags = input.tags;
+            const entries = logging.query(filter);
+            const filtered = (() => {
+                if (!ctx.user.isAdmin) {
+                    const ap = ctx.user.permissions?.allowedProviders;
+                    if (ap && ap !== '*') {
+                        const allowed = ap;
+                        return entries.filter((e) => {
+                            const addonId = e.tags?.addonId;
+                            if (typeof addonId !== 'string')
+                                return false;
+                            return allowed.some((p) => {
+                                const bare = p.startsWith('addon:') ? p.slice('addon:'.length) : p;
+                                return addonId === bare || addonId.startsWith(bare);
+                            });
+                        });
+                    }
+                }
+                return entries;
+            })();
+            return filtered.map((e) => ({
+                timestamp: e.timestamp instanceof Date ? e.timestamp.toISOString() : String(e.timestamp),
+                level: e.level,
+                ...(e.scope !== undefined ? { scope: e.scope } : {}),
+                message: e.message,
+                // Tags carry mixed primitive types (numeric deviceId is common —
+                // see kernel/capability-registry.ts logging calls). The wire
+                // schema is Record<string,string>, so stringify here. Mirrors
+                // the same normalisation applied in `subscribe` below.
+                tags: e.tags
+                    ? Object.fromEntries(Object.entries(e.tags).map(([k, v]) => [
+                        k,
+                        v === undefined ? undefined : String(v),
+                    ]))
+                    : undefined,
+                ...(e.meta !== undefined ? { meta: e.meta } : {}),
+            }));
+        }),
+        /**
+         * Drop matching entries from the in-memory ring buffer. Powers
+         * the UI's "Clear logs" button — without server-side purge, the
+         * cleared rows reappear on the next page open from the historical
+         * `query`. Admin-only so a viewer can't wipe context other ops
+         * are reading.
+         */
+        clear: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({
+            level: LogLevelSchema.optional(),
+            since: zod_1.z.number().optional(),
+            until: zod_1.z.number().optional(),
+            tags: LogTagsSchema.optional(),
+        }))
+            .output(zod_1.z.object({ removed: zod_1.z.number().int().nonnegative() }))
+            .mutation(({ input }) => {
+            const filter = {};
+            if (input.level)
+                filter.level = input.level;
+            if (input.since !== undefined)
+                filter.since = new Date(input.since);
+            if (input.until !== undefined)
+                filter.until = new Date(input.until);
+            if (input.tags)
+                filter.tags = input.tags;
+            const removed = logging.clear(filter);
+            return { removed };
+        }),
+        subscribe: trpc_middleware_js_1.protectedProcedure
+            .input(zod_1.z.object({
+            level: LogLevelSchema.optional(),
+            tags: LogTagsSchema.optional(),
+        }))
+            .subscription(({ input }) => {
+            return (0, trpc_middleware_js_1.iterableSubscription)((push) => {
+                return logging.subscribe({
+                    level: input.level,
+                    tags: input.tags,
+                }, (entry) => {
+                    const stringifiedTags = entry.tags
+                        ? Object.fromEntries(Object.entries(entry.tags).map(([k, v]) => [
+                            k,
+                            v === undefined ? undefined : String(v),
+                        ]))
+                        : undefined;
+                    push({
+                        timestamp: entry.timestamp instanceof Date
+                            ? entry.timestamp.toISOString()
+                            : String(entry.timestamp),
+                        level: entry.level,
+                        message: entry.message,
+                        scope: entry.scope,
+                        tags: stringifiedTags,
+                        meta: entry.meta,
+                    });
+                });
+            });
+        }),
+    });
+}

package/dist/api/core/notifications.router.js

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createNotificationsRouter = createNotificationsRouter;
+/**
+ * Notifications router — fixed core API (not a capability).
+ *
+ * Routes events by category to registered outputs. The NotificationService
+ * is a singleton from @camstack/core; individual outputs are still provided
+ * by addons via the `notification-output` capability collection.
+ */
+const zod_1 = require("zod");
+const trpc_middleware_js_1 = require("../trpc/trpc.middleware.js");
+const NotificationOutputSchema = zod_1.z.object({
+    id: zod_1.z.string(),
+    name: zod_1.z.string(),
+    icon: zod_1.z.string(),
+});
+const SendTestResultSchema = zod_1.z.object({
+    success: zod_1.z.boolean(),
+    error: zod_1.z.string().optional(),
+});
+function createNotificationsRouter(ns) {
+    return (0, trpc_middleware_js_1.trpcRouter)({
+        listOutputs: trpc_middleware_js_1.protectedProcedure
+            .input(zod_1.z.void())
+            .output(zod_1.z.array(NotificationOutputSchema).readonly())
+            .query(() => {
+            if (!ns)
+                return [];
+            return ns.getOutputs();
+        }),
+        getRouting: trpc_middleware_js_1.protectedProcedure
+            .input(zod_1.z.void())
+            .output(zod_1.z.record(zod_1.z.string(), zod_1.z.array(zod_1.z.string())))
+            .query(() => {
+            if (!ns)
+                return {};
+            const routing = ns.getRouting();
+            const result = {};
+            for (const [category, outputIds] of routing) {
+                result[category] = [...outputIds];
+            }
+            return result;
+        }),
+        setRouting: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ category: zod_1.z.string(), outputIds: zod_1.z.array(zod_1.z.string()) }))
+            .output(zod_1.z.void())
+            .mutation(({ input }) => {
+            if (!ns)
+                throw new Error('Notification service unavailable');
+            ns.setRouting(input.category, input.outputIds);
+        }),
+        sendTest: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ outputId: zod_1.z.string() }))
+            .output(SendTestResultSchema)
+            .mutation(async ({ input }) => {
+            if (!ns)
+                return { success: false, error: 'Notification service unavailable' };
+            const output = ns.getOutput(input.outputId);
+            if (!output)
+                return { success: false, error: `Output "${input.outputId}" not found` };
+            if (!output.sendTest)
+                return { success: false, error: 'Output does not support test notifications' };
+            return output.sendTest();
+        }),
+    });
+}

package/dist/api/core/repl.router.js

@@ -0,0 +1,35 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createReplRouter = createReplRouter;
+/**
+ * REPL router — fixed core API (not a capability).
+ *
+ * The REPL engine is a single NestJS-backed service in the backend
+ * (`ReplEngineService` extends `ReplEngine` from `@camstack/core`).
+ * Only super_admin can execute code.
+ */
+const zod_1 = require("zod");
+const trpc_middleware_js_1 = require("../trpc/trpc.middleware.js");
+const ReplScopeSchema = zod_1.z.discriminatedUnion('type', [
+    zod_1.z.object({ type: zod_1.z.literal('system') }),
+    zod_1.z.object({ type: zod_1.z.literal('device'), deviceId: zod_1.z.number() }),
+    zod_1.z.object({ type: zod_1.z.literal('provider'), providerId: zod_1.z.string() }),
+    zod_1.z.object({ type: zod_1.z.literal('addon'), addonId: zod_1.z.string() }),
+]);
+const ReplResultSchema = zod_1.z.object({
+    output: zod_1.z.string(),
+    error: zod_1.z.string().optional(),
+    duration: zod_1.z.number().optional(),
+});
+function createReplRouter(repl) {
+    return (0, trpc_middleware_js_1.trpcRouter)({
+        execute: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ code: zod_1.z.string().max(10000), scope: ReplScopeSchema }))
+            .output(ReplResultSchema)
+            .mutation(({ input }) => repl.execute(input.code, { scope: input.scope, variables: {} })),
+        completions: trpc_middleware_js_1.adminProcedure
+            .input(zod_1.z.object({ partial: zod_1.z.string(), scope: ReplScopeSchema }))
+            .output(zod_1.z.array(zod_1.z.string()).readonly())
+            .query(({ input }) => repl.getCompletions(input.partial, { scope: input.scope, variables: {} })),
+    });
+}