@classytic/arc 1.0.0

package/dist/presets/multiTenant.d.ts

@@ -0,0 +1,39 @@
+import { R as RequestWithExtras, C as CrudRouteKey, P as PresetResult } from '../index-DkAW8BXh.js';
+import 'mongoose';
+import 'fastify';
+import '../types-B99TBmFV.js';
+
+/**
+ * Multi-Tenant Preset
+ *
+ * Adds tenant (organization) filtering and injection middlewares.
+ */
+
+interface MultiTenantOptions {
+    /** Field name in database (default: 'organizationId') */
+    tenantField?: string;
+    /** Roles that bypass tenant isolation (default: ['superadmin']) */
+    bypassRoles?: string[];
+    /**
+     * Custom function to extract organizationId from request
+     * If not provided, tries in order:
+     * 1. request.context.organizationId
+     * 2. request.user.organizationId
+     * 3. request.user.organization
+     */
+    extractOrganizationId?: (request: RequestWithExtras) => string | null | undefined;
+    /**
+     * Routes that allow public access (no auth required)
+     * When a route is in this array:
+     * - If no org context: allow through without filtering (public data)
+     * - If org context present: require auth and apply filter
+     *
+     * @default [] (strict mode - all routes require auth)
+     * @example
+     * multiTenantPreset({ allowPublic: ['list', 'get'] })
+     */
+    allowPublic?: CrudRouteKey[];
+}
+declare function multiTenantPreset(options?: MultiTenantOptions): PresetResult;
+
+export { type MultiTenantOptions, multiTenantPreset as default, multiTenantPreset };

package/dist/presets/multiTenant.js

@@ -0,0 +1,112 @@
+// src/presets/multiTenant.ts
+function defaultExtractOrganizationId(request) {
+  const context = request.context;
+  if (context?.organizationId) {
+    return context.organizationId;
+  }
+  const user = request.user;
+  if (user?.organizationId) {
+    return user.organizationId;
+  }
+  if (user?.organization) {
+    const org = user.organization;
+    return org._id || org.id || org;
+  }
+  return null;
+}
+function createTenantFilter(tenantField, bypassRoles, extractOrganizationId) {
+  return async (request, reply) => {
+    const user = request.user;
+    if (!user) {
+      reply.code(401).send({
+        success: false,
+        error: "Unauthorized",
+        message: "Authentication required for multi-tenant resources"
+      });
+      return;
+    }
+    const userWithRoles = user;
+    if (userWithRoles.roles && bypassRoles.some((r) => userWithRoles.roles.includes(r))) return;
+    const orgId = extractOrganizationId(request);
+    if (!orgId) {
+      reply.code(403).send({
+        success: false,
+        error: "Forbidden",
+        message: "Organization context required for this operation"
+      });
+      return;
+    }
+    request.query = request.query ?? {};
+    request.query._policyFilters = {
+      ...request.query._policyFilters ?? {},
+      [tenantField]: orgId
+    };
+  };
+}
+function createFlexibleTenantFilter(tenantField, bypassRoles, extractOrganizationId) {
+  return async (request, reply) => {
+    const user = request.user;
+    const orgId = extractOrganizationId(request);
+    if (!orgId) {
+      return;
+    }
+    if (!user) {
+      reply.code(401).send({
+        success: false,
+        error: "Unauthorized",
+        message: "Authentication required for organization-scoped data"
+      });
+      return;
+    }
+    const userWithRoles = user;
+    if (userWithRoles.roles && bypassRoles.some((r) => userWithRoles.roles.includes(r))) {
+      return;
+    }
+    request.query = request.query ?? {};
+    request.query._policyFilters = {
+      ...request.query._policyFilters ?? {},
+      [tenantField]: orgId
+    };
+  };
+}
+function createTenantInjection(tenantField, extractOrganizationId) {
+  return async (request, reply) => {
+    const orgId = extractOrganizationId(request);
+    if (!orgId) {
+      reply.code(403).send({
+        success: false,
+        error: "Forbidden",
+        message: "Organization context required to create resources"
+      });
+      return;
+    }
+    if (request.body) {
+      request.body[tenantField] = orgId;
+    }
+  };
+}
+function multiTenantPreset(options = {}) {
+  const {
+    tenantField = "organizationId",
+    bypassRoles = ["superadmin"],
+    extractOrganizationId = defaultExtractOrganizationId,
+    allowPublic = []
+  } = options;
+  const strictTenantFilter = createTenantFilter(tenantField, bypassRoles, extractOrganizationId);
+  const flexibleTenantFilter = createFlexibleTenantFilter(tenantField, bypassRoles, extractOrganizationId);
+  const tenantInjection = createTenantInjection(tenantField, extractOrganizationId);
+  const getFilter = (route) => allowPublic.includes(route) ? flexibleTenantFilter : strictTenantFilter;
+  return {
+    name: "multiTenant",
+    middlewares: {
+      list: [getFilter("list")],
+      get: [getFilter("get")],
+      create: [tenantInjection],
+      update: [getFilter("update")],
+      delete: [getFilter("delete")]
+    }
+  };
+}
+var multiTenant_default = multiTenantPreset;
+
+export { multiTenant_default as default, multiTenantPreset };

package/dist/registry/index.d.ts

@@ -0,0 +1,16 @@
+import { I as IntrospectionPluginOptions } from '../index-DkAW8BXh.js';
+export { c as RegisterOptions, b as ResourceRegistry, r as resourceRegistry } from '../index-DkAW8BXh.js';
+import { FastifyPluginAsync } from 'fastify';
+import 'mongoose';
+import '../types-B99TBmFV.js';
+
+/**
+ * Introspection Plugin
+ *
+ * Exposes resource registry via API endpoints.
+ */
+
+declare const introspectionPlugin: FastifyPluginAsync<IntrospectionPluginOptions>;
+declare const _default: FastifyPluginAsync<IntrospectionPluginOptions>;
+
+export { IntrospectionPluginOptions, _default as introspectionPlugin, introspectionPlugin as introspectionPluginFn };

package/dist/registry/index.js

@@ -0,0 +1,253 @@
+import fp from 'fastify-plugin';
+
+// src/registry/ResourceRegistry.ts
+var ResourceRegistry = class {
+  _resources;
+  _frozen;
+  constructor() {
+    this._resources = /* @__PURE__ */ new Map();
+    this._frozen = false;
+  }
+  /**
+   * Register a resource
+   */
+  register(resource, options = {}) {
+    if (this._frozen) {
+      throw new Error(
+        `Registry frozen. Cannot register '${resource.name}' after startup.`
+      );
+    }
+    if (this._resources.has(resource.name)) {
+      throw new Error(`Resource '${resource.name}' already registered.`);
+    }
+    const entry = {
+      name: resource.name,
+      displayName: resource.displayName,
+      tag: resource.tag,
+      prefix: resource.prefix,
+      module: options.module ?? void 0,
+      adapter: resource.adapter ? {
+        type: resource.adapter.type,
+        name: resource.adapter.name
+      } : null,
+      permissions: resource.permissions,
+      presets: resource._appliedPresets ?? [],
+      routes: [],
+      // Populated later by getIntrospection()
+      additionalRoutes: resource.additionalRoutes.map((r) => ({
+        method: r.method,
+        path: r.path,
+        handler: typeof r.handler === "string" ? r.handler : r.handler.name || "anonymous",
+        summary: r.summary,
+        description: r.description,
+        permissions: r.permissions,
+        wrapHandler: r.wrapHandler,
+        schema: r.schema
+        // Include schema for OpenAPI docs
+      })),
+      events: Object.keys(resource.events ?? {}),
+      registeredAt: (/* @__PURE__ */ new Date()).toISOString(),
+      disableDefaultRoutes: resource.disableDefaultRoutes,
+      openApiSchemas: options.openApiSchemas,
+      plugin: resource.toPlugin()
+      // Store plugin factory
+    };
+    this._resources.set(resource.name, entry);
+    return this;
+  }
+  /**
+   * Get resource by name
+   */
+  get(name) {
+    return this._resources.get(name);
+  }
+  /**
+   * Get all resources
+   */
+  getAll() {
+    return Array.from(this._resources.values());
+  }
+  /**
+   * Get resources by module
+   */
+  getByModule(moduleName) {
+    return this.getAll().filter((r) => r.module === moduleName);
+  }
+  /**
+   * Get resources by preset
+   */
+  getByPreset(presetName) {
+    return this.getAll().filter((r) => r.presets.includes(presetName));
+  }
+  /**
+   * Check if resource exists
+   */
+  has(name) {
+    return this._resources.has(name);
+  }
+  /**
+   * Get registry statistics
+   */
+  getStats() {
+    const resources = this.getAll();
+    const presetCounts = {};
+    for (const r of resources) {
+      for (const preset of r.presets) {
+        presetCounts[preset] = (presetCounts[preset] ?? 0) + 1;
+      }
+    }
+    return {
+      totalResources: resources.length,
+      byModule: this._groupBy(resources, "module"),
+      presetUsage: presetCounts,
+      totalRoutes: resources.reduce((sum, r) => {
+        const defaultRouteCount = r.disableDefaultRoutes ? 0 : 5;
+        return sum + (r.additionalRoutes?.length ?? 0) + defaultRouteCount;
+      }, 0),
+      totalEvents: resources.reduce((sum, r) => sum + (r.events?.length ?? 0), 0)
+    };
+  }
+  /**
+   * Get full introspection data
+   */
+  getIntrospection() {
+    return {
+      resources: this.getAll().map((r) => {
+        const defaultRoutes = r.disableDefaultRoutes ? [] : [
+          { method: "GET", path: r.prefix, operation: "list" },
+          { method: "GET", path: `${r.prefix}/:id`, operation: "get" },
+          { method: "POST", path: r.prefix, operation: "create" },
+          { method: "PATCH", path: `${r.prefix}/:id`, operation: "update" },
+          { method: "DELETE", path: `${r.prefix}/:id`, operation: "delete" }
+        ];
+        return {
+          name: r.name,
+          displayName: r.displayName,
+          prefix: r.prefix,
+          module: r.module,
+          presets: r.presets,
+          permissions: r.permissions,
+          routes: [
+            ...defaultRoutes,
+            ...r.additionalRoutes?.map((ar) => ({
+              method: ar.method,
+              path: `${r.prefix}${ar.path}`,
+              operation: typeof ar.handler === "string" ? ar.handler : "custom",
+              handler: typeof ar.handler === "string" ? ar.handler : void 0,
+              summary: ar.summary
+            })) ?? []
+          ],
+          events: r.events
+        };
+      }),
+      stats: this.getStats(),
+      generatedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+  }
+  /**
+   * Freeze registry (prevent further registrations)
+   */
+  freeze() {
+    this._frozen = true;
+  }
+  /**
+   * Check if frozen
+   */
+  isFrozen() {
+    return this._frozen;
+  }
+  /**
+   * Unfreeze registry (for testing)
+   */
+  _unfreeze() {
+    this._frozen = false;
+  }
+  /**
+   * Clear all resources (for testing)
+   */
+  _clear() {
+    this._resources.clear();
+    this._frozen = false;
+  }
+  /**
+   * Group by key
+   */
+  _groupBy(arr, key) {
+    const result = {};
+    for (const item of arr) {
+      const k = String(item[key] ?? "uncategorized");
+      result[k] = (result[k] ?? 0) + 1;
+    }
+    return result;
+  }
+};
+var registryKey = /* @__PURE__ */ Symbol.for("arc.resourceRegistry");
+var globalScope = globalThis;
+var resourceRegistry = globalScope[registryKey] ?? new ResourceRegistry();
+if (!globalScope[registryKey]) {
+  globalScope[registryKey] = resourceRegistry;
+}
+var introspectionPlugin = async (fastify, opts = {}) => {
+  const {
+    prefix = "/_resources",
+    authRoles = ["superadmin"],
+    enabled = process.env.NODE_ENV !== "production" || process.env.ENABLE_INTROSPECTION === "true"
+  } = opts;
+  if (!enabled) {
+    fastify.log?.info?.("Introspection plugin disabled");
+    return;
+  }
+  const typedFastify = fastify;
+  const authMiddleware = authRoles.length > 0 && typedFastify.authenticate ? [
+    typedFastify.authenticate,
+    typedFastify.authorize?.(...authRoles)
+  ].filter(Boolean) : [];
+  await fastify.register(async (instance) => {
+    instance.get(
+      "/",
+      {
+        preHandler: authMiddleware
+      },
+      async (_req, _reply) => {
+        return resourceRegistry.getIntrospection();
+      }
+    );
+    instance.get(
+      "/stats",
+      {
+        preHandler: authMiddleware
+      },
+      async (_req, _reply) => {
+        return resourceRegistry.getStats();
+      }
+    );
+    instance.get(
+      "/:name",
+      {
+        schema: {
+          params: {
+            type: "object",
+            properties: {
+              name: { type: "string" }
+            },
+            required: ["name"]
+          }
+        },
+        preHandler: authMiddleware
+      },
+      async (req, reply) => {
+        const resource = resourceRegistry.get(req.params.name);
+        if (!resource) {
+          return reply.code(404).send({
+            error: `Resource '${req.params.name}' not found`
+          });
+        }
+        return resource;
+      }
+    );
+  }, { prefix });
+  fastify.log?.info?.(`Introspection API at ${prefix}`);
+};
+var introspectionPlugin_default = fp(introspectionPlugin, { name: "arc-introspection" });
+
+export { ResourceRegistry, introspectionPlugin_default as introspectionPlugin, introspectionPlugin as introspectionPluginFn, resourceRegistry };