@classytic/arc 2.10.8 → 2.11.0

package/dist/routerShared-DeESFp4a.mjs

@@ -0,0 +1,515 @@
+import { _ as isElevated, n as PUBLIC_SCOPE, o as getOrgId, p as getUserId, v as isMember } from "./types-AOD8fxIw.mjs";
+import { P as resolveEffectiveRoles, j as applyFieldReadPermissions, k as evaluateAndApplyPermission } from "./permissions-B4vU9L0Q.mjs";
+import { t as getUserRoles } from "./types-DV9WDfeg.mjs";
+import { t as requestContext } from "./requestContext-CfRkaxwf.mjs";
+import { t as executePipeline } from "./pipe-DVoIheVC.mjs";
+//#region src/scope/projection.ts
+/**
+* Compute the request-scope projection. Returns `undefined` when no
+* scope is attached (public / unscoped routes) so hosts can idiomatically
+* write `ctx.scope?.organizationId` without a double-null check.
+*/
+function buildRequestScopeProjection(scope) {
+	if (!scope) return void 0;
+	return {
+		organizationId: getOrgId(scope),
+		userId: getUserId(scope),
+		orgRoles: isMember(scope) ? scope.orgRoles : void 0
+	};
+}
+//#endregion
+//#region src/core/fastifyAdapter.ts
+/** Type guard for Mongoose-like documents with toObject() */
+function isMongooseDoc(obj) {
+	return !!obj && typeof obj === "object" && "toObject" in obj && typeof obj.toObject === "function";
+}
+/**
+* Apply field mask to a single object
+* Filters fields based on include/exclude rules
+*/
+function applyFieldMaskToObject(obj, fieldMask) {
+	if (!obj || typeof obj !== "object") return obj;
+	const plain = isMongooseDoc(obj) ? obj.toObject() : obj;
+	const { include, exclude } = fieldMask;
+	if (include && include.length > 0) {
+		const filtered = {};
+		for (const field of include) if (field in plain) filtered[field] = plain[field];
+		return filtered;
+	}
+	if (exclude && exclude.length > 0) {
+		const filtered = { ...plain };
+		for (const field of exclude) delete filtered[field];
+		return filtered;
+	}
+	return plain;
+}
+/**
+* Apply field mask to response data (handles both objects and arrays)
+*/
+function applyFieldMask(data, fieldMask) {
+	if (!fieldMask) return data;
+	if (Array.isArray(data)) return data.map((item) => applyFieldMaskToObject(item, fieldMask));
+	if (data && typeof data === "object") return applyFieldMaskToObject(data, fieldMask);
+	return data;
+}
+/**
+* Create IRequestContext from Fastify request
+*
+* Extracts framework-agnostic context from Fastify-specific request object
+*/
+function createRequestContext(req) {
+	const reqWithExtras = req;
+	const requestContext = reqWithExtras.context ?? {};
+	const srv = req.server;
+	const serverAccessor = {
+		events: srv && "events" in srv ? srv.events : void 0,
+		audit: srv && "audit" in srv ? srv.audit : void 0,
+		queryCache: srv && "queryCache" in srv ? srv.queryCache : void 0,
+		log: req.log
+	};
+	const rawScope = reqWithExtras.scope;
+	const scopeProjection = buildRequestScopeProjection(rawScope);
+	return {
+		query: reqWithExtras.query ?? {},
+		body: reqWithExtras.body ?? {},
+		params: reqWithExtras.params ?? {},
+		headers: reqWithExtras.headers,
+		user: reqWithExtras.user ? (() => {
+			const user = reqWithExtras.user;
+			const rawId = user._id ?? user.id;
+			const normalizedId = rawId ? String(rawId) : void 0;
+			return {
+				...user,
+				id: normalizedId,
+				_id: normalizedId
+			};
+		})() : null,
+		context: requestContext,
+		scope: scopeProjection,
+		metadata: {
+			...reqWithExtras.context,
+			arc: reqWithExtras.arc,
+			_scope: rawScope,
+			_ownershipCheck: reqWithExtras._ownershipCheck,
+			_policyFilters: reqWithExtras._policyFilters ?? {},
+			log: reqWithExtras.log
+		},
+		server: serverAccessor
+	};
+}
+/**
+* Get typed auth context from an IRequestContext.
+* Use this in controller overrides to access request context.
+*
+* For org scope, use `getControllerScope(req)` instead.
+*/
+function getControllerContext(req) {
+	return req.context ?? req.metadata ?? {};
+}
+/**
+* Get request scope from an IRequestContext.
+* Returns the RequestScope set by auth adapters.
+*/
+function getControllerScope(req) {
+	return req.metadata?._scope ?? PUBLIC_SCOPE;
+}
+/**
+* Compute per-field capability metadata for the current user.
+* Only includes fields that have restrictions — unrestricted fields
+* are omitted (frontend defaults to { readable: true, writable: true }).
+*/
+function computeFieldCapabilities(fieldPerms, effectiveRoles) {
+	const caps = {};
+	for (const [field, perm] of Object.entries(fieldPerms)) {
+		let readable = true;
+		let writable = true;
+		switch (perm._type) {
+			case "hidden":
+				readable = false;
+				writable = false;
+				break;
+			case "visibleTo":
+				readable = perm.roles?.some((r) => effectiveRoles.includes(r)) ?? false;
+				break;
+			case "writableBy":
+				writable = perm.roles?.some((r) => effectiveRoles.includes(r)) ?? false;
+				break;
+		}
+		caps[field] = {
+			readable,
+			writable
+		};
+	}
+	return caps;
+}
+/**
+* Send IControllerResponse via Fastify reply
+*
+* Converts framework-agnostic response to Fastify response
+* Applies field masking if specified in request
+*/
+function sendControllerResponse(reply, response, request) {
+	const reqWithExtras = request;
+	const fieldMaskConfig = reqWithExtras?.fieldMask;
+	const arcMeta = reqWithExtras?.arc;
+	const scope = reqWithExtras?.scope ?? PUBLIC_SCOPE;
+	const fieldPerms = isElevated(scope) ? void 0 : arcMeta?.fields;
+	const effectiveRoles = fieldPerms ? resolveEffectiveRoles(getUserRoles(reqWithExtras?.user), isMember(scope) ? scope.orgRoles : []) : [];
+	const fieldCaps = fieldPerms ? computeFieldCapabilities(fieldPerms, effectiveRoles) : void 0;
+	const hasFieldRestrictions = !!(fieldMaskConfig || fieldPerms);
+	/** Apply both field mask and field-level permissions to a data item */
+	const applyPermissions = (data) => {
+		let result = fieldMaskConfig ? applyFieldMask(data, fieldMaskConfig) : data;
+		if (fieldPerms && result && typeof result === "object") if (Array.isArray(result)) result = result.map((item) => applyFieldReadPermissions(item, fieldPerms, effectiveRoles));
+		else result = applyFieldReadPermissions(result, fieldPerms, effectiveRoles);
+		return result;
+	};
+	if (response.headers) for (const [key, value] of Object.entries(response.headers)) reply.header(key, value);
+	if (response.success && response.data && typeof response.data === "object" && "docs" in response.data) {
+		const paginatedData = response.data;
+		const filteredDocs = hasFieldRestrictions ? applyPermissions(paginatedData.docs) : paginatedData.docs;
+		reply.code(response.status ?? 200).send({
+			success: true,
+			docs: filteredDocs,
+			page: paginatedData.page,
+			limit: paginatedData.limit,
+			total: paginatedData.total,
+			pages: paginatedData.pages,
+			hasNext: paginatedData.hasNext,
+			hasPrev: paginatedData.hasPrev,
+			...response.meta ?? {},
+			...fieldCaps ? { fieldPermissions: fieldCaps } : {}
+		});
+		return;
+	}
+	const filteredData = hasFieldRestrictions ? applyPermissions(response.data) : response.data;
+	reply.code(response.status ?? (response.success ? 200 : 400)).send({
+		success: response.success,
+		data: filteredData,
+		error: response.error,
+		details: response.details,
+		...response.meta ?? {},
+		...fieldCaps ? { fieldPermissions: fieldCaps } : {}
+	});
+}
+/**
+* Create Fastify route handler from IController method
+*
+* Wraps framework-agnostic controller method in Fastify-specific handler
+*
+* @example
+* ```typescript
+* const controller = new BaseController(repository);
+*
+* // Create Fastify handler
+* const listHandler = createFastifyHandler(controller.list.bind(controller));
+*
+* // Register route
+* fastify.get('/products', listHandler);
+* ```
+*/
+function createFastifyHandler(controllerMethod) {
+	return async (req, reply) => {
+		sendControllerResponse(reply, await controllerMethod(createRequestContext(req)), req);
+	};
+}
+/**
+* Create Fastify adapters for all CRUD methods of an IController
+*
+* Returns Fastify-compatible handlers for each CRUD operation
+*
+* @example
+* ```typescript
+* const controller = new BaseController(repository);
+* const handlers = createCrudHandlers(controller);
+*
+* fastify.get('/', handlers.list);
+* fastify.get('/:id', handlers.get);
+* fastify.post('/', handlers.create);
+* fastify.patch('/:id', handlers.update);
+* fastify.delete('/:id', handlers.delete);
+* ```
+*/
+function createCrudHandlers(controller) {
+	return {
+		list: createFastifyHandler(controller.list.bind(controller)),
+		get: createFastifyHandler(controller.get.bind(controller)),
+		create: createFastifyHandler(controller.create.bind(controller)),
+		update: createFastifyHandler(controller.update.bind(controller)),
+		delete: createFastifyHandler(controller.delete.bind(controller))
+	};
+}
+//#endregion
+//#region src/core/routerShared.ts
+/**
+* Build the `arcDecorator` preHandler for a resource.
+*
+* The decorator is a closure over frozen metadata — allocated once per
+* resource and shared across every request. Stamps `req.arc` with the
+* resource's field permissions, hooks, events bus, and schema options
+* so `sendControllerResponse`, `BaseController.run*`, and custom
+* middleware can read a consistent view.
+*
+* Also populates `requestContext.resourceName` for async-context access
+* in code paths that can't reach `req.arc` directly (e.g. detached logger
+* formatters).
+*/
+function buildArcDecorator(meta) {
+	const frozen = Object.freeze({ ...meta });
+	return async (req, _reply) => {
+		req.arc = frozen;
+		const store = requestContext.get();
+		if (store) store.resourceName = frozen.resourceName;
+	};
+}
+/**
+* A permission requires authentication unless it carries the `_isPublic`
+* marker set by `allowPublic()`. Absence of a permission is treated as
+* public (no auth) — matches historical CRUD behaviour.
+*/
+function requiresAuthentication(permission) {
+	if (!permission) return false;
+	return !permission._isPublic;
+}
+/**
+* Pick the right Fastify auth decorator for a single-permission route:
+*   - protected route → `fastify.authenticate` (401 on missing token)
+*   - public route    → `fastify.optionalAuthenticate` (parses token if present)
+*
+* Public routes still get optional auth so downstream multi-tenant filters
+* can narrow queries when a Bearer token IS supplied.
+*/
+function buildAuthMiddleware(fastify, permission) {
+	if (requiresAuthentication(permission)) return fastify.authenticate ?? null;
+	return fastify.optionalAuthenticate ?? null;
+}
+/**
+* Pick the right auth decorator for a multi-permission route (Action router).
+*
+* The input is the array of resolved per-action permissions — one slot per
+* action, in registration order, already flattened against `globalAuth`
+* fallback by the caller (`actionPermissions[name] ?? globalAuth`). A slot
+* may be `undefined` when the action has no per-action check AND no
+* `globalAuth` fallback — that is "public by omission" and must be honored
+* here the same way `buildActionPermissionMw` honors it (by skipping the
+* permission evaluation entirely). If we filtered undefineds out at this
+* layer, a mixed endpoint like `{ ping: undefined, promote: requireRoles(...) }`
+* would collapse to "all protected" and 401 the public `ping` action at the
+* auth layer before the permission prehandler could let it through.
+*
+* Rules:
+*   - ALL public (explicit allowPublic OR omission) → `optionalAuthenticate`
+*   - ALL protected                                 → `authenticate` (fail-fast)
+*   - MIXED                                         → `optionalAuthenticate`
+*     (parse token if present; per-action check fails-closed when user=null)
+*
+* The mixed case was previously handled by an in-handler
+* `fastify.authenticate()` call that bypassed the preHandler chain; this
+* helper moves that logic back into the preHandler stack so the request
+* lifecycle is consistent across router types.
+*/
+function buildAuthMiddlewareForPermissions(fastify, permissions) {
+	if (permissions.length === 0) return fastify.optionalAuthenticate ?? null;
+	const hasProtected = permissions.some((p) => requiresAuthentication(p));
+	const hasPublic = permissions.some((p) => p && p._isPublic === true) || permissions.some((p) => !p);
+	if (hasProtected && !hasPublic) return fastify.authenticate ?? null;
+	return fastify.optionalAuthenticate ?? null;
+}
+/**
+* Build a PermissionContext from a Fastify request. Extracted so the CRUD
+* permission middleware and the dynamic action-permission check use the same
+* field layout — divergence here silently broke policy filters for actions.
+*/
+function buildPermissionContext(req, opts) {
+	const reqWithExtras = req;
+	const params = req.params;
+	return {
+		user: reqWithExtras.user ?? null,
+		request: req,
+		resource: opts.resource,
+		action: opts.action,
+		resourceId: opts.resourceId ?? params?.id,
+		params,
+		data: opts.data ?? req.body
+	};
+}
+/**
+* Static per-route CRUD permission gate. The permission and action are known
+* at route-registration time, so the gate is a plain preHandler.
+*
+* Actions use the dynamic counterpart `buildActionPermissionMw` — their
+* permission is resolved from `body.action` at request time.
+*/
+function buildCrudPermissionMw(permissionCheck, resourceName, action) {
+	if (!permissionCheck) return null;
+	return async (req, reply) => {
+		await evaluateAndApplyPermission(permissionCheck, buildPermissionContext(req, {
+			resource: resourceName,
+			action
+		}), req, reply);
+	};
+}
+/**
+* Dynamic per-action permission gate for the action router.
+*
+* Resolves the permission from `body.action` at request time and runs
+* `evaluateAndApplyPermission` from the canonical `permissionMw` slot — so
+* `_policyFilters` and `request.scope` are installed BEFORE `pluginMw`
+* (idempotency) and `routeGuards` run. Previously this check lived inside
+* the main action handler, which meant idempotency recorded unauthorized
+* requests and route guards saw unfiltered scope — the very divergence
+* routerShared exists to prevent.
+*
+* Also acts as a defensive fallback for invalid action names — the
+* `oneOf` body schema normally rejects these at AJV validation, but
+* hosts that disable schema validation still get a 400 here.
+*/
+function buildActionPermissionMw(actionEnum, actionPermissions, globalAuth, resourceName) {
+	const enumSet = new Set(actionEnum);
+	const validActions = [...actionEnum];
+	return async (req, reply) => {
+		const body = req.body ?? {};
+		const action = body.action;
+		if (!action || !enumSet.has(action)) {
+			sendControllerResponse(reply, {
+				success: false,
+				status: 400,
+				error: `Invalid action '${action ?? ""}'. Valid actions: ${validActions.join(", ")}`,
+				meta: { validActions }
+			}, req);
+			return;
+		}
+		const permissionCheck = actionPermissions[action] ?? globalAuth;
+		if (!permissionCheck) return;
+		const { action: _discard, ...data } = body;
+		const params = req.params;
+		await evaluateAndApplyPermission(permissionCheck, buildPermissionContext(req, {
+			resource: resourceName,
+			action,
+			resourceId: params?.id,
+			data
+		}), req, reply, { defaultDenialMessage: (user) => user ? `Permission denied for '${action}'` : "Authentication required" });
+	};
+}
+/**
+* Resolve pipeline steps for a specific operation.
+* Flat-array config applies to every op; map config applies per-op.
+*/
+function resolvePipelineSteps(pipeline, operation) {
+	if (!pipeline) return [];
+	if (Array.isArray(pipeline)) return pipeline;
+	return pipeline[operation] ?? [];
+}
+/**
+* Wrap a controller method (one that takes `IRequestContext` and returns
+* `IControllerResponse<T>`) with pipeline execution. Used by CRUD ops and
+* string-handler custom routes.
+*/
+function buildPipelineHandler(controllerMethod, steps, operation, resourceName) {
+	return async (req, reply) => {
+		sendControllerResponse(reply, await executePipeline(steps, {
+			...createRequestContext(req),
+			resource: resourceName,
+			operation
+		}, (ctx) => controllerMethod(ctx), operation), req);
+	};
+}
+/**
+* Wrap an action handler (one that takes `(id, data, req)` and returns a raw
+* result) with pipeline execution. Returns a function that produces a full
+* `IControllerResponse<unknown>` — the action router feeds this directly into
+* `sendControllerResponse`, so field masking, custom status codes, `meta`,
+* `details`, and structured error codes from pipeline interceptors flow
+* through to the client unchanged.
+*
+* CRUD and actions now share the same parity invariant: a pipeline that
+* returns `{ success: false, status: 422, error, details, meta }` reaches the
+* client with all four fields intact. Previously the action path stringified
+* failures into a generic `Error` and dropped everything except `statusCode`.
+*
+* Handler throws still bubble out — the caller's try/catch handles `onError`
+* shaping and the generic `ACTION_FAILED` fallback.
+*/
+function buildActionPipelineHandler(handler, steps, operation, resourceName) {
+	if (steps.length === 0) return async (id, data, req) => ({
+		success: true,
+		status: 200,
+		data: await handler(id, data, req)
+	});
+	return async (id, data, req) => {
+		return executePipeline(steps, {
+			...createRequestContext(req),
+			resource: resourceName,
+			operation
+		}, async (_ctx) => ({
+			success: true,
+			status: 200,
+			data: await handler(id, data, req)
+		}), operation);
+	};
+}
+/**
+* Build the `config` object for Fastify route options so
+* @fastify/rate-limit picks up per-route overrides.
+*
+*   - `undefined`                 → no override (inherits instance config)
+*   - `false`                     → explicitly disable rate limiting
+*   - `{ max, timeWindow }`       → apply that limit
+*/
+function buildRateLimitConfig(rateLimit) {
+	if (rateLimit === void 0) return void 0;
+	if (rateLimit === false) return { rateLimit: false };
+	return { rateLimit: {
+		max: rateLimit.max,
+		timeWindow: rateLimit.timeWindow
+	} };
+}
+/**
+* Pick the request-lifecycle plugin middleware for an HTTP method:
+*   - GET / HEAD        → response cache (if present)
+*   - POST / PUT / PATCH → idempotency (if present)
+*   - DELETE            → none
+*
+* Either field may be `null` if the corresponding plugin wasn't registered.
+*/
+function selectPluginMw(method, mws) {
+	const upper = method.toUpperCase();
+	if (upper === "GET" || upper === "HEAD") return mws.cacheMw;
+	if (upper === "POST" || upper === "PUT" || upper === "PATCH") return mws.idempotencyMw;
+	return null;
+}
+/**
+* Resolve the default cache/idempotency middlewares for a resource.
+*
+* Skips response-cache when the resource has QueryCache active — QueryCache
+* handles caching at the controller level with SWR, so the HTTP-level
+* response-cache would double-cache.
+*/
+function resolveRouterPluginMw(fastify, resourceHasQueryCache) {
+	return {
+		cacheMw: !resourceHasQueryCache && fastify.hasDecorator("responseCache") ? fastify.responseCache.middleware : null,
+		idempotencyMw: fastify.hasDecorator("idempotency") ? fastify.idempotency.middleware : null
+	};
+}
+/**
+* Compose preHandler[] in the canonical order. Every null/undefined entry is
+* dropped. Keeps CRUD and Action routers from accidentally ordering the same
+* ingredients differently (regression risk: cache before auth → user-scoped
+* cache keys leak across users).
+*
+* Canonical order:
+*   preAuth → arcDecorator → authMw → permissionMw → pluginMw → routeGuards → customMws
+*/
+function buildPreHandlerChain(parts) {
+	return [
+		...parts.preAuth ?? [],
+		parts.arcDecorator,
+		parts.authMw ?? null,
+		parts.permissionMw ?? null,
+		parts.pluginMw ?? null,
+		...parts.routeGuards ?? [],
+		...parts.customMws ?? []
+	].filter(Boolean);
+}
+//#endregion
+export { getControllerScope as _, buildAuthMiddlewareForPermissions as a, buildPreHandlerChain as c, resolveRouterPluginMw as d, selectPluginMw as f, getControllerContext as g, createRequestContext as h, buildAuthMiddleware as i, buildRateLimitConfig as l, createFastifyHandler as m, buildActionPipelineHandler as n, buildCrudPermissionMw as o, createCrudHandlers as p, buildArcDecorator as r, buildPipelineHandler as s, buildActionPermissionMw as t, resolvePipelineSteps as u, sendControllerResponse as v, buildRequestScopeProjection as y };

package/dist/schemaIR-BlG9bY7v.mjs

@@ -0,0 +1,137 @@
+import { a as toJsonSchema } from "./schemaConverter-B0oKLuqI.mjs";
+import { z } from "zod";
+//#region src/core/schemaIR.ts
+/**
+* Schema IR — one canonical representation, two adapters.
+*
+* arc's action-schema handling used to live in two parallel translators:
+* `normalizeActionSchema()` in [createActionRouter.ts](./createActionRouter.ts)
+* produced JSON Schema for AJV, and `convertActionSchemaToZod()` in
+* [../integrations/mcp/action-tools.ts](../integrations/mcp/action-tools.ts)
+* produced Zod shapes for MCP. Same input shape, two implementations — the
+* exact drift pattern routerShared exists to eliminate.
+*
+* This module is the single source of truth: every caller normalizes to
+* `SchemaIR` first, then emits whichever surface they need. If a future
+* refactor adds a field to the IR (e.g. `propertyOrder`, `examples`),
+* both adapters pick it up automatically.
+*
+* **The IR preserves `additionalProperties`.** The previous implementation
+* dropped the flag during normalization, so `additionalProperties: false`
+* silently no-opped even though [createActionRouter.ts:425-428](./createActionRouter.ts#L425-L428)
+* documented it as the opt-in escape hatch for strict validation. The IR
+* carries the flag verbatim; both adapters honor it.
+*/
+/**
+* Normalize anything the author handed us (Zod schema, plain JSON Schema,
+* or `undefined`) into a canonical `SchemaIR`.
+*
+* Accepts:
+*   - `undefined` / non-object → empty IR (no properties, no required)
+*   - Zod v4 object schema — converted via `toJsonSchema` from the shared utility
+*   - Plain JSON Schema with `type: 'object'` or `properties`
+*
+* Anything that can't be read as an object schema collapses to an empty IR
+* (no throw — the caller decides whether that's a validation error).
+*
+* @example
+* ```ts
+* normalizeSchemaIR({
+*   type: 'object',
+*   properties: { carrier: { type: 'string' } },
+*   required: ['carrier'],
+*   additionalProperties: false,
+* });
+* // → { properties: { carrier: { type: 'string' } }, required: ['carrier'], additionalProperties: false }
+* ```
+*/
+function normalizeSchemaIR(raw) {
+	if (!raw || typeof raw !== "object") return {
+		properties: {},
+		required: []
+	};
+	const converted = toJsonSchema(raw);
+	if (!converted || typeof converted !== "object" || converted.type !== "object" && !("properties" in converted)) return {
+		properties: {},
+		required: []
+	};
+	const properties = converted.properties ?? {};
+	const required = Array.isArray(converted.required) ? converted.required : [];
+	const additionalProperties = converted.additionalProperties;
+	return {
+		properties,
+		required,
+		...additionalProperties !== void 0 ? { additionalProperties } : {}
+	};
+}
+/**
+* Emit a JSON Schema branch from the IR, with optional extra properties
+* merged in (e.g. the `action: { const: 'approve' }` discriminator added
+* by `buildActionBodySchema`).
+*
+* Preserves `additionalProperties` verbatim — strict schemas (`false`)
+* reach AJV intact, so HTTP validation rejects unknown fields before the
+* handler runs. This closes the bug where the documented strict-mode
+* escape hatch silently no-opped because normalization dropped the flag.
+*/
+function schemaIRToJsonSchemaBranch(ir, extras = {}) {
+	return {
+		type: "object",
+		properties: {
+			...extras.properties ?? {},
+			...ir.properties
+		},
+		required: [...extras.required ?? [], ...ir.required.filter((f) => !(extras.required ?? []).includes(f))],
+		...ir.additionalProperties !== void 0 ? { additionalProperties: ir.additionalProperties } : {}
+	};
+}
+/**
+* Emit a flat Zod shape from the IR. The MCP SDK wraps the returned record
+* in `z.object()` internally, so we return the bare shape (same contract
+* as `ToolDefinition.inputSchema`).
+*
+* `additionalProperties: false` is honored at the MCP handler layer rather
+* than baked into the Zod shape — the SDK's input validation happens before
+* the handler runs, and flat shapes can't express `.strict()` mode.
+* `strictAdditionalProperties(ir)` returns the flag so callers can gate
+* their handler on it.
+*/
+function schemaIRToZodShape(ir) {
+	const requiredSet = new Set(ir.required);
+	const result = {};
+	for (const [name, prop] of Object.entries(ir.properties)) {
+		const desc = typeof prop.description === "string" && prop.description.length > 0 ? prop.description : name;
+		const base = jsonSchemaPropToZod(prop);
+		result[name] = requiredSet.has(name) ? base.describe(desc) : base.optional().describe(desc);
+	}
+	return result;
+}
+/**
+* Returns `true` when the IR declares `additionalProperties: false`. MCP
+* tool handlers should reject inputs with unknown keys when this is true,
+* matching HTTP's AJV-level strict enforcement.
+*/
+function shouldRejectAdditionalProperties(ir) {
+	return ir.additionalProperties === false;
+}
+/**
+* Convert a single JSON Schema property to a Zod type. Understands enum,
+* numeric/integer/boolean/array/object, and falls back to string for
+* unrecognized types (matches MCP's "strings for opaque fields" convention).
+*
+* Internal — use `schemaIRToZodShape` which wires this up with required/optional
+* + description handling.
+*/
+function jsonSchemaPropToZod(schema) {
+	if (Array.isArray(schema.enum) && schema.enum.length > 0) return z.enum(schema.enum);
+	switch (typeof schema.type === "string" ? schema.type : "string") {
+		case "number":
+		case "integer": return z.number();
+		case "boolean": return z.boolean();
+		case "array": return z.array(z.unknown());
+		case "object": return z.record(z.string(), z.unknown());
+		default: return z.string();
+	}
+}
+//#endregion
+export { shouldRejectAdditionalProperties as i, schemaIRToJsonSchemaBranch as n, schemaIRToZodShape as r, normalizeSchemaIR as t };

package/dist/scope/index.mjs

@@ -1,6 +1,6 @@
 import { _ as isElevated, a as getOrgContext, b as isService, c as getRequestScope, d as getServiceScopes, f as getTeamId, g as isAuthenticated, h as hasOrgAccess, i as getClientId, l as getScopeContext, m as getUserRoles, n as PUBLIC_SCOPE, o as getOrgId, p as getUserId, r as getAncestorOrgIds, s as getOrgRoles, t as AUTHENTICATED_SCOPE, u as getScopeContextMap, v as isMember, y as isOrgInScope } from "../types-AOD8fxIw.mjs";
-import { n as normalizeRoles } from "../types-D57iXYb8.mjs";
-import { n as elevation_default, t as elevationPlugin } from "../elevation-Dci0AYLT.mjs";
+import { n as normalizeRoles } from "../types-DV9WDfeg.mjs";
+import { n as elevation_default, t as elevationPlugin } from "../elevation-DOFoxoDs.mjs";
 //#region src/scope/rateLimitKey.ts
 function createTenantKeyGenerator(opts) {
 	if (opts?.strategy) return opts.strategy;