@classytic/arc 2.10.3 → 2.11.0

package/dist/fields-bxkeltzz.mjs

@@ -1,126 +0,0 @@
-//#region src/permissions/fields.ts
-/**
-* Field-Level Permissions
-*
-* Control field visibility and writability per role.
-* Integrated into the response path (read) and sanitization path (write).
-*
-* @example
-* ```typescript
-* import { fields, defineResource } from '@classytic/arc';
-*
-* const userResource = defineResource({
-*   name: 'user',
-*   adapter: userAdapter,
-*   fields: {
-*     salary: fields.visibleTo(['admin', 'hr']),
-*     internalNotes: fields.writableBy(['admin']),
-*     email: fields.redactFor(['viewer']),
-*     password: fields.hidden(),
-*   },
-* });
-* ```
-*/
-/** Type guard for Mongoose-like documents with toObject() */
-function isMongooseDoc(obj) {
-	return !!obj && typeof obj === "object" && "toObject" in obj && typeof obj.toObject === "function";
-}
-const fields = {
-	hidden() {
-		return { _type: "hidden" };
-	},
-	visibleTo(roles) {
-		return {
-			_type: "visibleTo",
-			roles
-		};
-	},
-	writableBy(roles) {
-		return {
-			_type: "writableBy",
-			roles
-		};
-	},
-	redactFor(roles, redactValue = "***") {
-		return {
-			_type: "redactFor",
-			roles,
-			redactValue
-		};
-	}
-};
-/**
-* Apply field-level READ permissions to a response object.
-* Strips hidden fields, enforces visibility, and applies redaction.
-*
-* @param data - The response object (mutated in place for performance)
-* @param fieldPermissions - Field permission map from resource config
-* @param userRoles - Current user's roles (empty array for unauthenticated)
-* @returns The filtered object
-*/
-function applyFieldReadPermissions(data, fieldPermissions, userRoles) {
-	if (!data || typeof data !== "object") return data;
-	const result = { ...isMongooseDoc(data) ? data.toObject() : data };
-	for (const [field, perm] of Object.entries(fieldPermissions)) switch (perm._type) {
-		case "hidden":
-			delete result[field];
-			break;
-		case "visibleTo":
-			if (!perm.roles?.some((r) => userRoles.includes(r))) delete result[field];
-			break;
-		case "redactFor":
-			if (perm.roles?.some((r) => userRoles.includes(r))) result[field] = perm.redactValue ?? "***";
-			break;
-		case "writableBy": break;
-	}
-	return result;
-}
-/**
-* Apply field-level WRITE permissions to request body.
-*
-* Returns both the filtered body and the list of denied fields. Callers are
-* expected to reject the request when `deniedFields.length > 0` — silently
-* stripping fields hides misconfigurations and real attacks. See
-* `BodySanitizer` for the default policy.
-*
-* @param body - The request body (returns a new filtered copy)
-* @param fieldPermissions - Field permission map from resource config
-* @param userRoles - Current user's roles
-*/
-function applyFieldWritePermissions(body, fieldPermissions, userRoles) {
-	const result = { ...body };
-	const deniedFields = [];
-	for (const [field, perm] of Object.entries(fieldPermissions)) switch (perm._type) {
-		case "hidden":
-			if (field in result) {
-				deniedFields.push(field);
-				delete result[field];
-			}
-			break;
-		case "writableBy":
-			if (field in result && !perm.roles?.some((r) => userRoles.includes(r))) {
-				deniedFields.push(field);
-				delete result[field];
-			}
-			break;
-	}
-	return {
-		body: result,
-		deniedFields
-	};
-}
-/**
-* Resolve effective roles by merging global user roles with org-level roles.
-*
-* Global roles come from `req.user.role` (normalized via getUserRoles()).
-* Org roles come from `req.context.orgRoles` (set by BA adapter's org bridge).
-*
-* When no org context exists, returns global roles only — backward compatible.
-*/
-function resolveEffectiveRoles(userRoles, orgRoles) {
-	if (orgRoles.length === 0) return [...userRoles];
-	if (userRoles.length === 0) return [...orgRoles];
-	return [...new Set([...userRoles, ...orgRoles])];
-}
-//#endregion
-export { resolveEffectiveRoles as i, applyFieldWritePermissions as n, fields as r, applyFieldReadPermissions as t };

package/dist/filesUpload-t21LS-py.mjs

@@ -1,377 +0,0 @@
-import { o as getOrgId, p as getUserId } from "./types-AOD8fxIw.mjs";
-import { i as NotFoundError, u as ValidationError } from "./errors-D5c-5BJL.mjs";
-import { C as requireAuth, y as allowPublic } from "./permissions-Dk6mshja.mjs";
-//#region src/middleware/multipartBody.ts
-const DEFAULT_MAX_FILE_SIZE$1 = 10 * 1024 * 1024;
-const DEFAULT_MAX_FILES = 5;
-const DEFAULT_FILES_KEY = "_files";
-/**
-* Build a matcher for MIME allow-lists that supports exact (e.g. `image/png`),
-* subtype wildcards (e.g. `image/\*`), and total wildcards (`\*` or `\*\/\*`).
-*
-* Returns `undefined` when no filter is needed — either because the option
-* was omitted or because a total wildcard was present.
-*/
-function buildMimeMatcher(allowed) {
-	if (!allowed || allowed.length === 0) return void 0;
-	const exact = /* @__PURE__ */ new Set();
-	const prefixes = [];
-	for (const entry of allowed) {
-		const value = entry.trim().toLowerCase();
-		if (!value) continue;
-		if (value === "*" || value === "*/*") return void 0;
-		if (value.endsWith("/*")) prefixes.push(value.slice(0, -1));
-		else exact.add(value);
-	}
-	if (exact.size === 0 && prefixes.length === 0) return void 0;
-	return {
-		matches(mime) {
-			const m = mime.toLowerCase();
-			if (exact.has(m)) return true;
-			for (const p of prefixes) if (m.startsWith(p)) return true;
-			return false;
-		},
-		describe() {
-			return [...exact, ...prefixes.map((p) => `${p}*`)].join(", ");
-		}
-	};
-}
-/**
-* Create a multipart body parsing middleware.
-*
-* When a request has `content-type: multipart/form-data`, this middleware:
-* 1. Reads all parts (fields + files)
-* 2. Sets text fields on `req.body` as a plain object
-* 3. Attaches file buffers to `req.body[filesKey]` (default: `req.body._files`)
-*
-* For non-multipart requests (regular JSON), this is a no-op — the request
-* passes through unchanged. This makes it safe to add to create/update
-* middlewares without breaking JSON clients.
-*/
-function multipartBody(options = {}) {
-	const maxFileSize = options.maxFileSize ?? DEFAULT_MAX_FILE_SIZE$1;
-	const maxFiles = options.maxFiles ?? DEFAULT_MAX_FILES;
-	const mimeMatcher = buildMimeMatcher(options.allowedMimeTypes);
-	const filesKey = options.filesKey ?? DEFAULT_FILES_KEY;
-	const requiredFields = options.requiredFields && options.requiredFields.length > 0 ? options.requiredFields : void 0;
-	return async function parseMultipartBody(request, reply) {
-		if (!(request.headers["content-type"] ?? "").includes("multipart/form-data")) return;
-		if (typeof request.parts !== "function") {
-			request.log.warn("multipartBody middleware: @fastify/multipart not registered. Ensure createApp() has multipart enabled (default) or install @fastify/multipart.");
-			return;
-		}
-		const body = {};
-		const files = {};
-		let fileCount = 0;
-		try {
-			const parts = request.parts();
-			for await (const part of parts) if (part.type === "file") {
-				if (fileCount >= maxFiles) continue;
-				if (mimeMatcher && !mimeMatcher.matches(part.mimetype)) return reply.code(415).send({
-					success: false,
-					error: `File type '${part.mimetype}' not allowed. Accepted: ${mimeMatcher.describe()}`
-				});
-				const buffer = await part.toBuffer();
-				if (buffer.length > maxFileSize) return reply.code(413).send({
-					success: false,
-					error: `File '${part.filename}' exceeds maximum size of ${Math.round(maxFileSize / 1024 / 1024)}MB`
-				});
-				files[part.fieldname] = {
-					filename: part.filename,
-					mimetype: part.mimetype,
-					buffer,
-					size: buffer.length,
-					fieldname: part.fieldname
-				};
-				fileCount++;
-			} else body[part.fieldname] = tryParseValue(part.value);
-		} catch (err) {
-			request.log.error({ err }, "multipartBody: failed to parse multipart form");
-			return reply.code(400).send({
-				success: false,
-				error: "Failed to parse multipart form data"
-			});
-		}
-		if (requiredFields) {
-			const missing = requiredFields.filter((name) => !(name in files));
-			if (missing.length > 0) return reply.code(400).send({
-				success: false,
-				error: `Missing required file field${missing.length > 1 ? "s" : ""}: ${missing.join(", ")}`,
-				code: "MISSING_FILE_FIELDS",
-				details: { missing }
-			});
-		}
-		if (fileCount > 0) body[filesKey] = files;
-		request.body = body;
-	};
-}
-/**
-* Try to parse a form field value as JSON, number, or boolean.
-* Falls back to the raw string if parsing fails.
-*/
-function tryParseValue(value) {
-	if (value === "true") return true;
-	if (value === "false") return false;
-	if (value === "null") return null;
-	if (/^-?\d+(\.\d+)?$/.test(value) && value.length < 16) {
-		const num = Number(value);
-		if (Number.isFinite(num)) return num;
-	}
-	if (value.startsWith("{") && value.endsWith("}") || value.startsWith("[") && value.endsWith("]")) try {
-		return JSON.parse(value);
-	} catch {}
-	return value;
-}
-//#endregion
-//#region src/presets/filesUpload.ts
-const DEFAULT_FIELD_NAME = "file";
-const DEFAULT_MAX_FILE_SIZE = 10 * 1024 * 1024;
-function defaultContextFrom(scope) {
-	if (!scope) return {};
-	const userId = getUserId(scope);
-	const organizationId = getOrgId(scope);
-	const ctx = {};
-	if (userId !== void 0) ctx.userId = userId;
-	if (organizationId !== void 0) ctx.organizationId = organizationId;
-	return ctx;
-}
-function buildStorageContext(request, contextFrom) {
-	const scope = request.scope;
-	return {
-		scope: contextFrom(scope),
-		requestId: request.id
-	};
-}
-/**
-* Parse a single-range `Range: bytes=start-end` header.
-*
-* Returns `undefined` when the header is missing or unparseable. Only
-* satisfiable single ranges are supported — multi-range requests fall through
-* to the full-object response (per RFC 7233 §4.1 a server MAY ignore ranges).
-*/
-function parseRangeHeader(header, totalSize) {
-	if (!header || !header.startsWith("bytes=")) return void 0;
-	const spec = header.slice(6).split(",")[0]?.trim();
-	if (!spec) return void 0;
-	const dashIndex = spec.indexOf("-");
-	if (dashIndex === -1) return void 0;
-	const startRaw = spec.slice(0, dashIndex);
-	const endRaw = spec.slice(dashIndex + 1);
-	if (startRaw === "") {
-		if (totalSize === void 0) return void 0;
-		const suffix = Number(endRaw);
-		if (!Number.isFinite(suffix) || suffix <= 0) return void 0;
-		return {
-			start: Math.max(0, totalSize - suffix),
-			end: totalSize - 1
-		};
-	}
-	const start = Number(startRaw);
-	if (!Number.isFinite(start) || start < 0) return void 0;
-	if (endRaw === "") {
-		if (totalSize === void 0) return void 0;
-		return {
-			start,
-			end: totalSize - 1
-		};
-	}
-	const end = Number(endRaw);
-	if (!Number.isFinite(end) || end < start) return void 0;
-	if (totalSize !== void 0 && end >= totalSize) return {
-		start,
-		end: totalSize - 1
-	};
-	return {
-		start,
-		end
-	};
-}
-/**
-* Strict policy — rejects filenames that could escape a storage root or
-* confuse a filesystem. Safe default for disk/S3 adapters that compose
-* `${prefix}/${filename}` or `path.join(root, filename)`.
-*/
-function strictFilenamePolicy(filename) {
-	if (filename.length === 0) throw new ValidationError("Upload filename is empty");
-	if (filename.length > 255) throw new ValidationError("Upload filename exceeds 255 characters");
-	if (filename.includes("\0")) throw new ValidationError("Upload filename contains a NUL byte");
-	if (filename.includes("/") || filename.includes("\\")) throw new ValidationError("Upload filename contains a path separator");
-	if (filename === "." || filename === "..") throw new ValidationError("Upload filename is a path traversal component");
-	return filename;
-}
-/** Resolve the user-supplied policy option into a concrete validator. */
-function resolveFilenamePolicy(policy) {
-	if (policy === void 0 || policy === true) return strictFilenamePolicy;
-	if (policy === false || policy === "*") return (f) => f;
-	if (typeof policy === "function") return (filename) => {
-		const result = policy(filename);
-		if (result === false) throw new ValidationError(`Upload filename rejected: ${filename}`);
-		if (typeof result === "string") return result;
-		return filename;
-	};
-	return strictFilenamePolicy;
-}
-function makeUploadHandler(deps) {
-	return async function uploadHandler(request, reply) {
-		const file = (request.body?._files)?.[deps.fieldName];
-		if (!file) throw new ValidationError(`Missing file field '${deps.fieldName}' in multipart body`);
-		const filename = deps.applyFilenamePolicy(file.filename);
-		const ctx = buildStorageContext(request, deps.contextFrom);
-		const result = await deps.storage.upload({
-			buffer: file.buffer,
-			filename,
-			mimeType: file.mimetype,
-			size: file.size
-		}, ctx);
-		return reply.code(201).send({
-			success: true,
-			data: toResponseFile(result)
-		});
-	};
-}
-function toResponseFile(file) {
-	const payload = {
-		id: file.id,
-		url: file.url,
-		pathname: file.pathname,
-		contentType: file.contentType,
-		bytes: file.bytes
-	};
-	if (file.metadata !== void 0) payload.metadata = file.metadata;
-	return payload;
-}
-function makeReadHandler(deps) {
-	return async function readHandler(request, reply) {
-		const { id } = request.params;
-		const ctx = buildStorageContext(request, deps.contextFrom);
-		reply.header("Accept-Ranges", "bytes");
-		const rangeHeader = request.headers.range;
-		let result;
-		try {
-			const parsed = rangeHeader ? parseRangeHeader(rangeHeader, void 0) : void 0;
-			result = await deps.storage.read(id, ctx, parsed);
-		} catch (err) {
-			throw toNotFound(err, "File", id);
-		}
-		if (result.kind === "buffer") return sendBuffer(reply, result, rangeHeader);
-		return sendStream(reply, result, rangeHeader);
-	};
-}
-function sendBuffer(reply, result, rangeHeader) {
-	reply.type(result.contentType);
-	const total = result.totalBytes ?? result.buffer.length;
-	if (result.range) {
-		const { start, end } = result.range;
-		reply.code(206);
-		reply.header("Content-Range", `bytes ${start}-${end}/${total}`);
-		reply.header("Content-Length", String(result.buffer.length));
-		return reply.send(result.buffer);
-	}
-	if (rangeHeader) {
-		const parsed = parseRangeHeader(rangeHeader, total);
-		if (parsed) {
-			const slice = result.buffer.subarray(parsed.start, parsed.end + 1);
-			reply.code(206);
-			reply.header("Content-Range", `bytes ${parsed.start}-${parsed.end}/${total}`);
-			reply.header("Content-Length", String(slice.length));
-			return reply.send(slice);
-		}
-	}
-	reply.header("Content-Length", String(result.buffer.length));
-	return reply.send(result.buffer);
-}
-function sendStream(reply, result, rangeHeader) {
-	reply.type(result.contentType);
-	if (result.range && result.bytes !== void 0) {
-		const { start, end } = result.range;
-		reply.code(206);
-		reply.header("Content-Range", `bytes ${start}-${end}/${result.bytes}`);
-		reply.header("Content-Length", String(end - start + 1));
-	} else if (result.bytes !== void 0) {
-		reply.header("Content-Length", String(result.bytes));
-		if (rangeHeader) reply.request.log.debug({ url: reply.request.url }, "filesUploadPreset: adapter returned unsliced stream for a range request — sending full object");
-	}
-	return reply.send(result.stream);
-}
-function makeDeleteHandler(deps) {
-	return async function deleteHandler(request, reply) {
-		const { id } = request.params;
-		const ctx = buildStorageContext(request, deps.contextFrom);
-		if (!await deps.storage.delete(id, ctx)) throw new NotFoundError("File", id);
-		return reply.code(204).send();
-	};
-}
-function toNotFound(err, resource, id) {
-	if (err instanceof NotFoundError) return err;
-	const maybe = err;
-	if (maybe?.statusCode === 404 || maybe?.code === "NOT_FOUND") return new NotFoundError(resource, id);
-	if (typeof maybe?.message === "string" && /not\s*found/i.test(maybe.message)) return new NotFoundError(resource, id);
-	return err;
-}
-/**
-* Create a files-upload preset bound to a `Storage` adapter.
-*
-* The preset uses `raw: true` routes so binary responses bypass arc's JSON
-* envelope. Upload still returns the standard `{ success: true, data }`
-* envelope manually because the response is structured metadata, not bytes.
-*/
-function filesUploadPreset(options) {
-	if (!options?.storage) throw new Error("filesUploadPreset: `storage` is required");
-	const deps = {
-		storage: options.storage,
-		fieldName: options.fieldName ?? DEFAULT_FIELD_NAME,
-		contextFrom: options.contextFrom ?? defaultContextFrom,
-		applyFilenamePolicy: resolveFilenamePolicy(options.sanitizeFilename)
-	};
-	const maxFileSize = options.maxFileSize ?? DEFAULT_MAX_FILE_SIZE;
-	const allowedMimeTypes = options.allowedMimeTypes;
-	const includeRoutes = {
-		upload: options.includeRoutes?.upload ?? true,
-		read: options.includeRoutes?.read ?? true,
-		delete: options.includeRoutes?.delete ?? true
-	};
-	return {
-		name: "filesUpload",
-		routes: (permissions) => {
-			const routes = [];
-			if (includeRoutes.upload) routes.push({
-				method: "POST",
-				path: "/upload",
-				operation: "filesUpload.upload",
-				summary: "Upload a file",
-				description: "Accepts a multipart/form-data request and persists the bytes via the configured Storage adapter.",
-				permissions: options.permissions?.upload ?? permissions.create ?? requireAuth(),
-				preHandler: [multipartBody({
-					maxFileSize,
-					allowedMimeTypes,
-					requiredFields: [deps.fieldName]
-				})],
-				raw: true,
-				handler: makeUploadHandler(deps)
-			});
-			if (includeRoutes.read) routes.push({
-				method: "GET",
-				path: "/:id",
-				operation: "filesUpload.read",
-				summary: "Download a file",
-				description: "Streams the stored bytes. Supports single-range `Range: bytes=start-end`.",
-				permissions: options.permissions?.read ?? permissions.get ?? allowPublic(),
-				raw: true,
-				handler: makeReadHandler(deps),
-				mcp: false
-			});
-			if (includeRoutes.delete) routes.push({
-				method: "DELETE",
-				path: "/:id",
-				operation: "filesUpload.delete",
-				summary: "Delete a file",
-				permissions: options.permissions?.delete ?? permissions.delete ?? requireAuth(),
-				raw: true,
-				handler: makeDeleteHandler(deps)
-			});
-			return routes;
-		}
-	};
-}
-//#endregion
-export { filesUploadPreset as t };