@classytic/arc 1.0.0

package/dist/types/index.d.ts

@@ -0,0 +1,4 @@
+export { K as AdditionalRoute, d as AnyRecord, u as ApiResponse, ak as ArcDecorator, A as AuthHelpers, a as AuthPluginOptions, ar as Authenticator, aq as AuthenticatorContext, au as BaseControllerOptions, a4 as ConfigError, ax as ControllerHandler, v as ControllerLike, k as ControllerQueryOptions, B as CrudController, f as CrudRepository, C as CrudRouteKey, _ as CrudRouterOptions, G as CrudSchemas, N as EventDefinition, al as EventsDecorator, ay as FastifyHandler, w as FastifyRequestExtras, x as FastifyWithAuth, y as FastifyWithDecorators, E as FieldRule, a9 as GracefulShutdownOptions, a7 as HealthCheck, a8 as HealthOptions, e as IController, m as IControllerResponse, j as IRequestContext, aw as InferDoc, $ as InferDocType, a0 as InferResourceDoc, Y as IntrospectionData, I as IntrospectionPluginOptions, J as JWTPayload, ap as JwtContext, M as MiddlewareConfig, ao as MiddlewareHandler, ah as ObjectId, af as OpenApiSchemas, Z as OrgScopeOptions, O as OwnershipCheck, n as PaginatedResult, av as PaginationParams, ae as ParsedQuery, L as PresetFunction, at as PresetHook, P as PresetResult, Q as QueryOptions, h as QueryParserInterface, W as RegistryEntry, X as RegistryStats, l as RequestContext, aa as RequestIdOptions, R as RequestWithExtras, o as ResourceConfig, an as ResourceHooks, T as ResourceMetadata, am as ResourcePermissions, z as RouteHandler, g as RouteSchemaOptions, S as ServiceContext, as as TokenPair, a2 as TypedController, a3 as TypedRepository, a1 as TypedResourceConfig, ai as UserLike, U as UserOrganization, a6 as ValidateOptions, a5 as ValidationResult, aj as getUserId } from '../index-DkAW8BXh.js';
+export { RouteHandlerMethod } from 'fastify';
+export { Document, Model } from 'mongoose';
+export { P as PermissionCheck, a as PermissionContext, b as PermissionResult, U as UserBase } from '../types-B99TBmFV.js';

package/dist/types/index.js

@@ -0,0 +1,8 @@
+// src/types/index.ts
+function getUserId(user) {
+  if (!user) return void 0;
+  const id = user.id ?? user._id;
+  return id ? String(id) : void 0;
+}
+
+export { getUserId };

package/dist/types-0IPhH_NR.d.ts

@@ -0,0 +1,143 @@
+import { FastifyServerOptions } from 'fastify';
+import { FastifyCorsOptions } from '@fastify/cors';
+import { FastifyHelmetOptions } from '@fastify/helmet';
+import { RateLimitOptions } from '@fastify/rate-limit';
+import { a as AuthPluginOptions } from './index-DkAW8BXh.js';
+
+/**
+ * Types for createApp factory
+ */
+
+/**
+ * CreateApp Options
+ *
+ * Configuration for creating an Arc application.
+ *
+ * @example
+ * ```typescript
+ * // Minimal setup
+ * const app = await createApp({
+ *   preset: 'development',
+ *   auth: {
+ *     jwt: { secret: process.env.JWT_SECRET },
+ *   },
+ * });
+ *
+ * // With custom authenticator
+ * const app = await createApp({
+ *   preset: 'production',
+ *   auth: {
+ *     jwt: { secret: process.env.JWT_SECRET },
+ *     authenticate: async (request, { jwt }) => {
+ *       // Check API key first
+ *       const apiKey = request.headers['x-api-key'];
+ *       if (apiKey) {
+ *         const result = await apiKeyService.verify(apiKey);
+ *         if (result) return { _id: result.userId, isApiKey: true };
+ *       }
+ *       // Then check JWT
+ *       const token = request.headers.authorization?.split(' ')[1];
+ *       if (token) {
+ *         const decoded = jwt.verify(token);
+ *         return userRepo.findById(decoded.id);
+ *       }
+ *       return null;
+ *     },
+ *   },
+ * });
+ * ```
+ */
+interface CreateAppOptions {
+    /** Environment preset: 'production', 'development', or 'testing' */
+    preset?: 'production' | 'development' | 'testing';
+    /** Fastify logger configuration */
+    logger?: FastifyServerOptions['logger'];
+    /** Trust proxy headers (X-Forwarded-For, etc.) */
+    trustProxy?: boolean;
+    /**
+     * Auth configuration
+     *
+     * Set to false to disable authentication entirely.
+     * Provide AuthPluginOptions for full control.
+     *
+     * @example
+     * ```typescript
+     * // Disable auth
+     * auth: false,
+     *
+     * // Simple JWT (uses default jwtVerify)
+     * auth: {
+     *   jwt: { secret: process.env.JWT_SECRET },
+     * },
+     *
+     * // Custom authenticator
+     * auth: {
+     *   jwt: { secret: process.env.JWT_SECRET },
+     *   authenticate: async (request, { jwt }) => {
+     *     const token = request.headers.authorization?.split(' ')[1];
+     *     if (!token) return null;
+     *     const decoded = jwt.verify(token);
+     *     return userRepo.findById(decoded.id);
+     *   },
+     * },
+     *
+     * // Completely custom auth plugin
+     * auth: {
+     *   plugin: async (fastify) => {
+     *     // Your custom auth setup
+     *   },
+     * },
+     * ```
+     */
+    auth?: false | AuthPluginOptions | {
+        /** Replace Arc auth with your own plugin */
+        plugin?: (fastify: any) => Promise<void>;
+    };
+    /** Helmet security headers. Set to false to disable. */
+    helmet?: FastifyHelmetOptions | false;
+    /** CORS configuration. Set to false to disable. */
+    cors?: FastifyCorsOptions | false;
+    /** Rate limiting. Set to false to disable. */
+    rateLimit?: RateLimitOptions | false;
+    /** Under pressure health monitoring. Set to false to disable. */
+    underPressure?: UnderPressureOptions | false;
+    /** @fastify/sensible (HTTP helpers). Set to false to disable. */
+    sensible?: boolean | false;
+    /** @fastify/multipart (file uploads). Set to false to disable. */
+    multipart?: MultipartOptions | false;
+    /** Raw body parsing (for webhooks). Set to false to disable. */
+    rawBody?: RawBodyOptions | false;
+    /** Enable Arc plugins (requestId, health, gracefulShutdown) */
+    arcPlugins?: {
+        /** Request ID tracking (default: true) */
+        requestId?: boolean;
+        /** Health endpoints (default: true) */
+        health?: boolean;
+        /** Graceful shutdown handling (default: true) */
+        gracefulShutdown?: boolean;
+        /** Emit events for CRUD operations (default: true) */
+        emitEvents?: boolean;
+    };
+    /** Custom plugin registration function */
+    plugins?: (fastify: any) => Promise<void>;
+}
+interface UnderPressureOptions {
+    exposeStatusRoute?: boolean;
+    maxEventLoopDelay?: number;
+    maxHeapUsedBytes?: number;
+    maxRssBytes?: number;
+}
+interface MultipartOptions {
+    limits?: {
+        fileSize?: number;
+        files?: number;
+    };
+}
+interface RawBodyOptions {
+    field?: string;
+    global?: boolean;
+    encoding?: string;
+    runFirst?: boolean;
+}
+
+export type { CreateAppOptions as C, MultipartOptions as M, RawBodyOptions as R, UnderPressureOptions as U };

package/dist/types-B99TBmFV.d.ts

@@ -0,0 +1,76 @@
+import { FastifyRequest } from 'fastify';
+
+/**
+ * Permission Types - Core Type Definitions
+ *
+ * PermissionCheck is THE ONLY way to define permissions in Arc.
+ * No string arrays, no alternative patterns.
+ */
+
+/**
+ * User base interface - minimal shape Arc expects
+ * Your actual User can have any additional fields
+ */
+interface UserBase {
+    id?: string;
+    _id?: string;
+    roles?: string[];
+    [key: string]: unknown;
+}
+/**
+ * Context passed to permission check functions
+ */
+interface PermissionContext {
+    /** Authenticated user or null if unauthenticated */
+    user: UserBase | null;
+    /** Fastify request object */
+    request: FastifyRequest;
+    /** Resource name being accessed */
+    resource: string;
+    /** Action being performed (list, get, create, update, delete) */
+    action: string;
+    /** Resource ID for single-resource operations */
+    resourceId?: string;
+    /** Organization context for multi-tenant apps */
+    organizationId?: string;
+    /** Request body data */
+    data?: Record<string, unknown>;
+}
+/**
+ * Result from permission check
+ */
+interface PermissionResult {
+    /** Whether access is granted */
+    granted: boolean;
+    /** Reason for denial (for error messages) */
+    reason?: string;
+    /** Query filters to apply (for ownership patterns) */
+    filters?: Record<string, unknown>;
+}
+/**
+ * Permission Check Function
+ *
+ * THE ONLY way to define permissions in Arc.
+ * Returns boolean, PermissionResult, or Promise of either.
+ *
+ * @example
+ * ```typescript
+ * // Simple boolean return
+ * const isAdmin: PermissionCheck = (ctx) => ctx.user?.roles?.includes('admin') ?? false;
+ *
+ * // With filters for ownership
+ * const ownedByUser: PermissionCheck = (ctx) => ({
+ *   granted: true,
+ *   filters: { userId: ctx.user?.id }
+ * });
+ *
+ * // Async check
+ * const canAccessOrg: PermissionCheck = async (ctx) => {
+ *   const isMember = await checkMembership(ctx.user?.id, ctx.organizationId);
+ *   return { granted: isMember, reason: isMember ? undefined : 'Not a member' };
+ * };
+ * ```
+ */
+type PermissionCheck = (context: PermissionContext) => boolean | PermissionResult | Promise<boolean | PermissionResult>;
+
+export type { PermissionCheck as P, UserBase as U, PermissionContext as a, PermissionResult as b };