@classytic/arc 1.0.0 → 1.0.8

package/dist/index.js

@@ -2286,30 +2286,30 @@ var BaseController = class _BaseController {
   /**
    * Build service context from IRequestContext
    */
-  _buildContext(context2) {
-    const parsed = this.queryParser.parse(context2.query);
-    const arcContext = context2.context;
-    const selectString = this._selectToString(parsed.select) ?? context2.query?.select;
+  _buildContext(req) {
+    const parsed = this.queryParser.parse(req.query);
+    const arcContext = req.metadata;
+    const selectString = this._selectToString(parsed.select) ?? req.query?.select;
     const sanitizedSelect = this._sanitizeSelect(selectString, this.schemaOptions);
     return {
-      user: context2.user,
-      organizationId: arcContext?.organizationId ?? void 0,
+      user: req.user,
+      organizationId: arcContext?.organizationId ?? req.organizationId ?? void 0,
       select: sanitizedSelect ? sanitizedSelect.split(/\s+/) : void 0,
       populate: this._sanitizePopulate(parsed.populate, this.schemaOptions),
-      lean: this._parseLean(context2.query?.lean)
+      lean: this._parseLean(req.query?.lean)
     };
   }
   /**
    * Parse query into QueryOptions using queryParser
    */
-  _parseQueryOptions(context2) {
-    const parsed = this.queryParser.parse(context2.query);
-    const arcContext = context2.context;
+  _parseQueryOptions(req) {
+    const parsed = this.queryParser.parse(req.query);
+    const arcContext = req.metadata;
     delete parsed.filters._policyFilters;
     const limit = Math.min(Math.max(1, parsed.limit || this.defaultLimit), this.maxLimit);
     const page = parsed.after ? void 0 : parsed.page ? Math.max(1, parsed.page) : 1;
     const sortString = parsed.sort ? Object.entries(parsed.sort).map(([k, v]) => v === -1 ? `-${k}` : k).join(",") : this.defaultSort;
-    const selectString = this._selectToString(parsed.select) ?? context2.query?.select;
+    const selectString = this._selectToString(parsed.select) ?? req.query?.select;
     return {
       page,
       limit,
@@ -2320,23 +2320,24 @@ var BaseController = class _BaseController {
       // MongoKit features
       search: parsed.search,
       after: parsed.after,
-      user: context2.user,
-      organizationId: arcContext?.organizationId,
+      user: req.user,
+      organizationId: arcContext?.organizationId ?? req.organizationId,
       context: arcContext
     };
   }
   /**
    * Apply org and policy filters
    */
-  _applyFilters(options, context2) {
+  _applyFilters(options, req) {
     const filters = { ...options.filters };
-    const arcContext = context2.context;
+    const arcContext = req.metadata;
     const policyFilters = arcContext?._policyFilters;
     if (policyFilters) {
       Object.assign(filters, policyFilters);
     }
-    if (arcContext?.organizationId) {
-      filters.organizationId = arcContext.organizationId;
+    const orgId = arcContext?.organizationId ?? req.organizationId;
+    if (orgId) {
+      filters.organizationId = orgId;
     }
     return { ...options, filters };
   }
@@ -2344,15 +2345,16 @@ var BaseController = class _BaseController {
    * Build filter for single-item operations (get/update/delete)
    * Combines ID filter with policy/org filters for proper security enforcement
    */
-  _buildIdFilter(id, context2) {
+  _buildIdFilter(id, req) {
     const filter = { _id: id };
-    const arcContext = context2.context;
+    const arcContext = req.metadata;
     const policyFilters = arcContext?._policyFilters;
     if (policyFilters) {
       Object.assign(filter, policyFilters);
     }
-    if (arcContext?.organizationId) {
-      filter.organizationId = arcContext.organizationId;
+    const orgId = arcContext?.organizationId ?? req.organizationId;
+    if (orgId) {
+      filter.organizationId = orgId;
     }
     return filter;
   }
@@ -2436,8 +2438,8 @@ var BaseController = class _BaseController {
    * Validates that fetched item satisfies all policy constraints
    * Supports MongoDB query operators: $eq, $ne, $gt, $gte, $lt, $lte, $in, $nin, $exists, $regex, $and, $or
    */
-  _checkPolicyFilters(item, context2) {
-    const arcContext = context2.context;
+  _checkPolicyFilters(item, req) {
+    const arcContext = req.metadata;
     const policyFilters = arcContext?._policyFilters;
     if (!policyFilters) return true;
     if (policyFilters.$and && Array.isArray(policyFilters.$and)) {
@@ -2520,8 +2522,8 @@ var BaseController = class _BaseController {
     return String(itemOrgId) === String(arcContext.organizationId);
   }
   /** Check ownership for update/delete (ownedByUser preset) */
-  _checkOwnership(item, context2) {
-    const ownershipCheck = context2.context?._ownershipCheck;
+  _checkOwnership(item, req) {
+    const ownershipCheck = req.metadata?._ownershipCheck;
     if (!item || !ownershipCheck) return true;
     const { field, userId } = ownershipCheck;
     const itemOwnerId = item[field];
@@ -2532,8 +2534,8 @@ var BaseController = class _BaseController {
    * Get hook system from context (instance-scoped) or fall back to global singleton
    * This allows proper isolation when running multiple app instances (e.g., in tests)
    */
-  _getHooks(context2) {
-    const arcMeta = context2.context?.arc;
+  _getHooks(req) {
+    const arcMeta = req.metadata?.arc;
     return arcMeta?.hooks ?? hookSystem;
   }
   // ============================================================================
@@ -2543,9 +2545,9 @@ var BaseController = class _BaseController {
    * List resources with filtering, pagination, sorting
    * Implements IController.list()
    */
-  async list(context2) {
-    const options = this._parseQueryOptions(context2);
-    const filteredOptions = this._applyFilters(options, context2);
+  async list(req) {
+    const options = this._parseQueryOptions(req);
+    const filteredOptions = this._applyFilters(options, req);
     const result = await this.repository.getAll(filteredOptions);
     if (Array.isArray(result)) {
       return {
@@ -2572,8 +2574,8 @@ var BaseController = class _BaseController {
    * Get single resource by ID
    * Implements IController.get()
    */
-  async get(context2) {
-    const id = context2.params.id;
+  async get(req) {
+    const id = req.params.id;
     if (!id) {
       return {
         success: false,
@@ -2581,11 +2583,11 @@ var BaseController = class _BaseController {
         status: 400
       };
     }
-    const options = this._parseQueryOptions(context2);
-    const arcContext = context2.context;
+    const options = this._parseQueryOptions(req);
+    const arcContext = req.metadata;
     try {
       const item = await this.repository.getById(id, options);
-      if (!item || !this._checkOrgScope(item, arcContext) || !this._checkPolicyFilters(item, context2)) {
+      if (!item || !this._checkOrgScope(item, arcContext) || !this._checkPolicyFilters(item, req)) {
         return {
           success: false,
           error: "Resource not found",
@@ -2612,18 +2614,18 @@ var BaseController = class _BaseController {
    * Create new resource
    * Implements IController.create()
    */
-  async create(context2) {
-    const data = { ...context2.body };
-    const arcContext = context2.context;
+  async create(req) {
+    const data = { ...req.body };
+    const arcContext = req.metadata;
     if (arcContext?.organizationId) {
       data.organizationId = arcContext.organizationId;
     }
-    const userId = getUserId(context2.user);
+    const userId = getUserId(req.user);
     if (userId) {
       data.createdBy = userId;
     }
-    const hooks = this._getHooks(context2);
-    const user = context2.user;
+    const hooks = this._getHooks(req);
+    const user = req.user;
     let processedData = data;
     if (this.resourceName) {
       processedData = await hooks.executeBefore(this.resourceName, "create", data, {
@@ -2652,8 +2654,8 @@ var BaseController = class _BaseController {
    * Update existing resource
    * Implements IController.update()
    */
-  async update(context2) {
-    const id = context2.params.id;
+  async update(req) {
+    const id = req.params.id;
     if (!id) {
       return {
         success: false,
@@ -2661,9 +2663,9 @@ var BaseController = class _BaseController {
         status: 400
       };
     }
-    const data = { ...context2.body };
-    const arcContext = context2.context;
-    const user = context2.user;
+    const data = { ...req.body };
+    const arcContext = req.metadata;
+    const user = req.user;
     const userId = getUserId(user);
     if (userId) {
       data.updatedBy = userId;
@@ -2676,14 +2678,14 @@ var BaseController = class _BaseController {
         status: 404
       };
     }
-    if (!this._checkOrgScope(existing, arcContext) || !this._checkPolicyFilters(existing, context2)) {
+    if (!this._checkOrgScope(existing, arcContext) || !this._checkPolicyFilters(existing, req)) {
       return {
         success: false,
         error: "Resource not found",
         status: 404
       };
     }
-    if (!this._checkOwnership(existing, context2)) {
+    if (!this._checkOwnership(existing, req)) {
       return {
         success: false,
         error: "You do not have permission to modify this resource",
@@ -2691,7 +2693,7 @@ var BaseController = class _BaseController {
         status: 403
       };
     }
-    const hooks = this._getHooks(context2);
+    const hooks = this._getHooks(req);
     let processedData = data;
     if (this.resourceName) {
       processedData = await hooks.executeBefore(this.resourceName, "update", data, {
@@ -2729,8 +2731,8 @@ var BaseController = class _BaseController {
    * Delete resource
    * Implements IController.delete()
    */
-  async delete(context2) {
-    const id = context2.params.id;
+  async delete(req) {
+    const id = req.params.id;
     if (!id) {
       return {
         success: false,
@@ -2738,8 +2740,8 @@ var BaseController = class _BaseController {
         status: 400
       };
     }
-    const arcContext = context2.context;
-    const user = context2.user;
+    const arcContext = req.metadata;
+    const user = req.user;
     const existing = await this.repository.getById(id);
     if (!existing) {
       return {
@@ -2748,14 +2750,14 @@ var BaseController = class _BaseController {
         status: 404
       };
     }
-    if (!this._checkOrgScope(existing, arcContext) || !this._checkPolicyFilters(existing, context2)) {
+    if (!this._checkOrgScope(existing, arcContext) || !this._checkPolicyFilters(existing, req)) {
       return {
         success: false,
         error: "Resource not found",
         status: 404
       };
     }
-    if (!this._checkOwnership(existing, context2)) {
+    if (!this._checkOwnership(existing, req)) {
       return {
         success: false,
         error: "You do not have permission to delete this resource",
@@ -2763,7 +2765,7 @@ var BaseController = class _BaseController {
         status: 403
       };
     }
-    const hooks = this._getHooks(context2);
+    const hooks = this._getHooks(req);
     if (this.resourceName) {
       await hooks.executeBefore(this.resourceName, "delete", existing, {
         user,
@@ -2800,8 +2802,9 @@ var BaseController = class _BaseController {
   // Preset Methods (framework-agnostic versions)
   // ============================================================================
   /** Get resource by slug (slugLookup preset) */
-  async getBySlug(context2) {
-    if (!this.repository.getBySlug) {
+  async getBySlug(req) {
+    const repo = this.repository;
+    if (!repo.getBySlug) {
       return {
         success: false,
         error: "Slug lookup not implemented",
@@ -2809,10 +2812,10 @@ var BaseController = class _BaseController {
       };
     }
     const slugField = this._presetFields.slugField ?? "slug";
-    const slug = context2.params[slugField] ?? context2.params.slug;
-    const options = this._parseQueryOptions(context2);
-    const arcContext = context2.context;
-    const item = await this.repository.getBySlug(slug, options);
+    const slug = req.params[slugField] ?? req.params.slug;
+    const options = this._parseQueryOptions(req);
+    const arcContext = req.metadata;
+    const item = await repo.getBySlug(slug, options);
     if (!item || !this._checkOrgScope(item, arcContext)) {
       return {
         success: false,
@@ -2827,17 +2830,18 @@ var BaseController = class _BaseController {
     };
   }
   /** Get soft-deleted resources (softDelete preset) */
-  async getDeleted(context2) {
-    if (!this.repository.getDeleted) {
+  async getDeleted(req) {
+    const repo = this.repository;
+    if (!repo.getDeleted) {
       return {
         success: false,
         error: "Soft delete not implemented",
         status: 501
       };
     }
-    const options = this._parseQueryOptions(context2);
-    const filteredOptions = this._applyFilters(options, context2);
-    const result = await this.repository.getDeleted(filteredOptions);
+    const options = this._parseQueryOptions(req);
+    const filteredOptions = this._applyFilters(options, req);
+    const result = await repo.getDeleted(filteredOptions);
     if (Array.isArray(result)) {
       return {
         success: true,
@@ -2860,15 +2864,16 @@ var BaseController = class _BaseController {
     };
   }
   /** Restore soft-deleted resource (softDelete preset) */
-  async restore(context2) {
-    if (!this.repository.restore) {
+  async restore(req) {
+    const repo = this.repository;
+    if (!repo.restore) {
       return {
         success: false,
         error: "Restore not implemented",
         status: 501
       };
     }
-    const id = context2.params.id;
+    const id = req.params.id;
     if (!id) {
       return {
         success: false,
@@ -2876,7 +2881,7 @@ var BaseController = class _BaseController {
         status: 400
       };
     }
-    const item = await this.repository.restore(id);
+    const item = await repo.restore(id);
     if (!item) {
       return {
         success: false,
@@ -2892,17 +2897,18 @@ var BaseController = class _BaseController {
     };
   }
   /** Get hierarchical tree (tree preset) */
-  async getTree(context2) {
-    if (!this.repository.getTree) {
+  async getTree(req) {
+    const repo = this.repository;
+    if (!repo.getTree) {
       return {
         success: false,
         error: "Tree structure not implemented",
         status: 501
       };
     }
-    const options = this._parseQueryOptions(context2);
-    const filteredOptions = this._applyFilters(options, context2);
-    const tree = await this.repository.getTree(filteredOptions);
+    const options = this._parseQueryOptions(req);
+    const filteredOptions = this._applyFilters(options, req);
+    const tree = await repo.getTree(filteredOptions);
     return {
       success: true,
       data: tree,
@@ -2910,8 +2916,9 @@ var BaseController = class _BaseController {
     };
   }
   /** Get children of parent (tree preset) */
-  async getChildren(context2) {
-    if (!this.repository.getChildren) {
+  async getChildren(req) {
+    const repo = this.repository;
+    if (!repo.getChildren) {
       return {
         success: false,
         error: "Tree structure not implemented",
@@ -2919,10 +2926,10 @@ var BaseController = class _BaseController {
       };
     }
     const parentField = this._presetFields.parentField ?? "parent";
-    const parentId = context2.params[parentField] ?? context2.params.parent ?? context2.params.id;
-    const options = this._parseQueryOptions(context2);
-    const filteredOptions = this._applyFilters(options, context2);
-    const children = await this.repository.getChildren(parentId, filteredOptions);
+    const parentId = req.params[parentField] ?? req.params.parent ?? req.params.id;
+    const options = this._parseQueryOptions(req);
+    const filteredOptions = this._applyFilters(options, req);
+    const children = await repo.getChildren(parentId, filteredOptions);
     return {
       success: true,
       data: children,
@@ -2974,13 +2981,15 @@ function createRequestContext(req) {
       const user = reqWithExtras.user;
       return {
         ...user,
+        // Normalize ID for MongoDB compatibility
         id: String(user._id ?? user.id),
-        _id: user._id ?? user.id,
-        // Normalize role: handle both string and array formats
-        role: Array.isArray(user.roles) ? user.roles[0] : typeof user.roles === "string" ? user.roles : void 0
+        _id: user._id ?? user.id
+        // Preserve original role/roles/permissions as-is
+        // Devs can define their own authorization structure
       };
     })() : void 0,
-    context: {
+    organizationId: reqWithExtras.organizationId,
+    metadata: {
       ...reqWithExtras.context,
       // Include Arc metadata for hook execution
       arc: reqWithExtras.arc,
@@ -3028,8 +3037,8 @@ function sendControllerResponse(reply, response, request) {
 }
 function createFastifyHandler(controllerMethod) {
   return async (req, reply) => {
-    const context2 = createRequestContext(req);
-    const response = await controllerMethod(context2);
+    const requestContext = createRequestContext(req);
+    const response = await controllerMethod(requestContext);
     sendControllerResponse(reply, response, req);
   };
 }
@@ -3297,15 +3306,16 @@ function allowPublic() {
   return check;
 }
 function requireAuth() {
-  return (ctx) => {
+  const check = (ctx) => {
     if (!ctx.user) {
       return { granted: false, reason: "Authentication required" };
     }
     return true;
   };
+  return check;
 }
 function requireRoles(roles, options) {
-  return (ctx) => {
+  const check = (ctx) => {
     if (!ctx.user) {
       return { granted: false, reason: "Authentication required" };
     }
@@ -3321,6 +3331,8 @@ function requireRoles(roles, options) {
       reason: `Required roles: ${roles.join(", ")}`
     };
   };
+  check._roles = roles;
+  return check;
 }
 function requireOwnership(ownerField = "userId", options) {
   return (ctx) => {
@@ -4545,9 +4557,7 @@ async function loadPlugin(name, logger) {
     const err = error;
     const isModuleNotFound = err.message.includes("Cannot find module") || err.message.includes("Cannot find package") || err.message.includes("MODULE_NOT_FOUND") || err.message.includes("Could not resolve");
     if (isModuleNotFound && OPTIONAL_PLUGINS.has(name)) {
-      logger?.warn(
-        `ℹ️  Optional plugin '${name}' skipped (${packageName} not installed)`
-      );
+      logger?.warn(`ℹ️  Optional plugin '${name}' skipped (${packageName} not installed)`);
       return null;
     }
     if (isModuleNotFound) {
@@ -4586,10 +4596,7 @@ async function createApp(options) {
   });
   if (config.helmet !== false) {
     const helmet = await loadPlugin("helmet");
-    await fastify.register(
-      helmet,
-      config.helmet ?? {}
-    );
+    await fastify.register(helmet, config.helmet ?? {});
     fastify.log.info("✅ Helmet (security headers) enabled");
   } else {
     fastify.log.warn("⚠️  Helmet disabled - security headers not applied");
@@ -4609,20 +4616,14 @@ async function createApp(options) {
   }
   if (config.rateLimit !== false) {
     const rateLimit = await loadPlugin("rateLimit");
-    await fastify.register(
-      rateLimit,
-      config.rateLimit ?? { max: 100, timeWindow: "1 minute" }
-    );
+    await fastify.register(rateLimit, config.rateLimit ?? { max: 100, timeWindow: "1 minute" });
     fastify.log.info("✅ Rate limiting enabled");
   } else {
     fastify.log.warn("⚠️  Rate limiting disabled");
   }
   if (config.underPressure !== false) {
     const underPressure = await loadPlugin("underPressure");
-    await fastify.register(
-      underPressure,
-      config.underPressure ?? { exposeStatusRoute: true }
-    );
+    await fastify.register(underPressure, config.underPressure ?? { exposeStatusRoute: true });
     fastify.log.info("✅ Health monitoring (under-pressure) enabled");
   } else {
     fastify.log.info("ℹ️  Health monitoring disabled");
@@ -4642,10 +4643,7 @@ async function createApp(options) {
           files: 10
         }
       };
-      await fastify.register(multipart, {
-        ...multipartDefaults,
-        ...config.multipart
-      });
+      await fastify.register(multipart, { ...multipartDefaults, ...config.multipart });
       fastify.log.info("✅ Multipart (file uploads) enabled");
     }
   }
@@ -4658,10 +4656,7 @@ async function createApp(options) {
         encoding: "utf8",
         runFirst: true
       };
-      await fastify.register(rawBody, {
-        ...rawBodyDefaults,
-        ...config.rawBody
-      });
+      await fastify.register(rawBody, { ...rawBodyDefaults, ...config.rawBody });
       fastify.log.info("✅ Raw body parsing enabled");
     }
   }

package/dist/org/index.d.ts

@@ -1,5 +1,5 @@
 import { RouteHandlerMethod, FastifyPluginAsync } from 'fastify';
-import { l as RequestContext, Z as OrgScopeOptions, z as RouteHandler } from '../index-DkAW8BXh.js';
+import { b as RequestContext, Z as OrgScopeOptions, z as RouteHandler } from '../index-D5QTob1X.js';
 import { U as UserBase } from '../types-B99TBmFV.js';
 import 'mongoose';
 

package/dist/permissions/index.js

@@ -5,15 +5,16 @@ function allowPublic() {
   return check;
 }
 function requireAuth() {
-  return (ctx) => {
+  const check = (ctx) => {
     if (!ctx.user) {
       return { granted: false, reason: "Authentication required" };
     }
     return true;
   };
+  return check;
 }
 function requireRoles(roles, options) {
-  return (ctx) => {
+  const check = (ctx) => {
     if (!ctx.user) {
       return { granted: false, reason: "Authentication required" };
     }
@@ -29,6 +30,8 @@ function requireRoles(roles, options) {
       reason: `Required roles: ${roles.join(", ")}`
     };
   };
+  check._roles = roles;
+  return check;
 }
 function requireOwnership(ownerField = "userId", options) {
   return (ctx) => {

package/dist/plugins/index.d.ts

@@ -1,6 +1,6 @@
-export { k as ArcCore, A as ArcCorePluginOptions, G as GracefulShutdownOptions, b as HealthCheck, H as HealthOptions, R as RequestIdOptions, T as TracingOptions, f as arcCorePlugin, j as arcCorePluginFn, d as createSpan, e as gracefulShutdownPlugin, g as gracefulShutdownPluginFn, a as healthPlugin, h as healthPluginFn, i as isTracingAvailable, _ as requestIdPlugin, r as requestIdPluginFn, t as traced, c as tracingPlugin } from '../arcCorePlugin-DTPWXcZN.js';
+export { k as ArcCore, A as ArcCorePluginOptions, G as GracefulShutdownOptions, b as HealthCheck, H as HealthOptions, R as RequestIdOptions, T as TracingOptions, f as arcCorePlugin, j as arcCorePluginFn, d as createSpan, e as gracefulShutdownPlugin, g as gracefulShutdownPluginFn, a as healthPlugin, h as healthPluginFn, i as isTracingAvailable, _ as requestIdPlugin, r as requestIdPluginFn, t as traced, c as tracingPlugin } from '../arcCorePlugin-CAjBQtZB.js';
 import { FastifyInstance, FastifyRequest } from 'fastify';
-import '../index-DkAW8BXh.js';
+import '../index-D5QTob1X.js';
 import 'mongoose';
 import '../types-B99TBmFV.js';
 

package/dist/presets/index.d.ts

@@ -1,6 +1,6 @@
 import { MultiTenantOptions } from './multiTenant.js';
 export { default as multiTenantPreset } from './multiTenant.js';
-import { P as PresetResult, j as IRequestContext, m as IControllerResponse, n as PaginatedResult, d as AnyRecord, o as ResourceConfig } from '../index-DkAW8BXh.js';
+import { f as PresetResult, a as IRequestContext, c as IControllerResponse, P as PaginatedResult, A as AnyRecord, l as ResourceConfig } from '../index-D5QTob1X.js';
 import 'mongoose';
 import 'fastify';
 import '../types-B99TBmFV.js';
@@ -142,12 +142,12 @@ interface ISoftDeleteController<TDoc = unknown> {
      * Get all soft-deleted items
      * Called by: GET /deleted
      */
-    getDeleted(context: IRequestContext): Promise<IControllerResponse<PaginatedResult<TDoc>>>;
+    getDeleted(req: IRequestContext): Promise<IControllerResponse<PaginatedResult<TDoc>>>;
     /**
      * Restore a soft-deleted item by ID
      * Called by: POST /:id/restore
      */
-    restore(context: IRequestContext): Promise<IControllerResponse<TDoc>>;
+    restore(req: IRequestContext): Promise<IControllerResponse<TDoc>>;
 }
 /**
  * Slug Lookup Preset Interface
@@ -179,7 +179,7 @@ interface ISlugLookupController<TDoc = unknown> {
      * Get a resource by its slug
      * Called by: GET /slug/:slug
      */
-    getBySlug(context: IRequestContext): Promise<IControllerResponse<TDoc>>;
+    getBySlug(req: IRequestContext): Promise<IControllerResponse<TDoc>>;
 }
 /**
  * Tree Preset Interface
@@ -213,12 +213,12 @@ interface ITreeController<TDoc = unknown> {
      * Get the full hierarchical tree
      * Called by: GET /tree
      */
-    getTree(context: IRequestContext): Promise<IControllerResponse<TDoc[]>>;
+    getTree(req: IRequestContext): Promise<IControllerResponse<TDoc[]>>;
     /**
      * Get direct children of a parent node
      * Called by: GET /:parent/children
      */
-    getChildren(context: IRequestContext): Promise<IControllerResponse<TDoc[]>>;
+    getChildren(req: IRequestContext): Promise<IControllerResponse<TDoc[]>>;
 }
 /**
  * Owned By User Preset

package/dist/presets/index.js

@@ -5,7 +5,7 @@ function allowPublic() {
   return check;
 }
 function requireRoles(roles, options) {
-  return (ctx) => {
+  const check = (ctx) => {
     if (!ctx.user) {
       return { granted: false, reason: "Authentication required" };
     }
@@ -18,6 +18,8 @@ function requireRoles(roles, options) {
       reason: `Required roles: ${roles.join(", ")}`
     };
   };
+  check._roles = roles;
+  return check;
 }
 
 // src/presets/softDelete.ts

package/dist/presets/multiTenant.d.ts

@@ -1,4 +1,4 @@
-import { R as RequestWithExtras, C as CrudRouteKey, P as PresetResult } from '../index-DkAW8BXh.js';
+import { d as RequestWithExtras, e as CrudRouteKey, f as PresetResult } from '../index-D5QTob1X.js';
 import 'mongoose';
 import 'fastify';
 import '../types-B99TBmFV.js';

package/dist/registry/index.d.ts

@@ -1,5 +1,5 @@
-import { I as IntrospectionPluginOptions } from '../index-DkAW8BXh.js';
-export { c as RegisterOptions, b as ResourceRegistry, r as resourceRegistry } from '../index-DkAW8BXh.js';
+import { i as IntrospectionPluginOptions } from '../index-D5QTob1X.js';
+export { k as RegisterOptions, j as ResourceRegistry, r as resourceRegistry } from '../index-D5QTob1X.js';
 import { FastifyPluginAsync } from 'fastify';
 import 'mongoose';
 import '../types-B99TBmFV.js';