@classytic/arc 2.3.0 → 2.4.2

package/dist/migrations/index.mjs

@@ -1,6 +1,42 @@
-import mongoose from "mongoose";
-
 //#region src/migrations/index.ts
+/** Default logger that writes to stdout/stderr */
+const defaultLogger = {
+	info: (msg) => process.stdout.write(`${msg}\n`),
+	error: (msg) => process.stderr.write(`${msg}\n`)
+};
+/**
+* MongoDB-backed migration store.
+*
+* Uses a `_migrations` collection in the same database.
+* The `db` parameter accepts any object with a `.collection()` method
+* (Mongoose db, native MongoDB Db, etc.)
+*/
+var MongoMigrationStore = class {
+	collectionName;
+	db;
+	constructor(db, opts) {
+		this.db = db;
+		this.collectionName = opts?.collectionName ?? "_migrations";
+	}
+	async getApplied() {
+		return await this.db.collection(this.collectionName).find({}).sort({ appliedAt: 1 }).toArray();
+	}
+	async record(migration, executionTime) {
+		await this.db.collection(this.collectionName).insertOne({
+			version: migration.version,
+			resource: migration.resource,
+			description: migration.description,
+			appliedAt: /* @__PURE__ */ new Date(),
+			executionTime
+		});
+	}
+	async remove(migration) {
+		await this.db.collection(this.collectionName).deleteOne({
+			version: migration.version,
+			resource: migration.resource
+		});
+	}
+};
 /**
 * Define a migration
 */
@@ -10,77 +46,97 @@ function defineMigration(migration) {
 /**
 * Migration Runner
 *
-* Manages execution of migrations with tracking and rollback support.
+* DB-agnostic. Manages execution of migrations with tracking and rollback.
+* The `db` parameter is passed through to migration `up`/`down` functions
+* as-is — the runner never touches it directly.
+*
+* @example
+* ```typescript
+* // MongoDB
+* const runner = new MigrationRunner(mongoose.connection.db, {
+*   store: new MongoMigrationStore(mongoose.connection.db),
+* });
+*
+* // Prisma
+* const runner = new MigrationRunner(prisma, {
+*   store: new PrismaMigrationStore(prisma), // user-implemented
+* });
+*
+* await runner.up(migrations);
+* ```
 */
 var MigrationRunner = class {
-	collectionName = "_migrations";
 	db;
-	constructor(db) {
+	store;
+	log;
+	constructor(db, opts) {
 		this.db = db;
+		this.store = opts.store;
+		this.log = opts.logger ?? defaultLogger;
 	}
 	/**
 	* Run all pending migrations
 	*/
 	async up(migrations) {
-		const applied = await this.getAppliedMigrations();
+		const applied = await this.store.getApplied();
 		const appliedVersions = new Set(applied.map((m) => `${m.resource}:${m.version}`));
 		const pending = migrations.filter((m) => !appliedVersions.has(`${m.resource}:${m.version}`)).sort((a, b) => a.version - b.version);
 		if (pending.length === 0) {
-			console.log("No pending migrations");
+			this.log.info("No pending migrations");
 			return;
 		}
-		console.log(`Running ${pending.length} migration(s)...\n`);
+		this.log.info(`Running ${pending.length} migration(s)...`);
 		for (const migration of pending) await this.runMigration(migration, "up");
-		console.log("\nAll migrations completed successfully");
+		this.log.info("All migrations completed successfully");
 	}
 	/**
 	* Rollback last migration
 	*/
 	async down(migrations) {
-		const applied = await this.getAppliedMigrations();
+		const applied = await this.store.getApplied();
 		if (applied.length === 0) {
-			console.log("No migrations to rollback");
+			this.log.info("No migrations to rollback");
 			return;
 		}
 		const last = applied[applied.length - 1];
 		if (!last) {
-			console.log("No migrations to rollback");
+			this.log.info("No migrations to rollback");
 			return;
 		}
 		const migration = migrations.find((m) => m.resource === last.resource && m.version === last.version);
 		if (!migration) throw new Error(`Migration ${last.resource}:${last.version} not found in migration files`);
-		console.log(`Rolling back ${migration.resource} v${migration.version}...`);
+		this.log.info(`Rolling back ${migration.resource} v${migration.version}...`);
 		await this.runMigration(migration, "down", true);
-		console.log("Rollback completed");
+		this.log.info("Rollback completed");
 	}
 	/**
 	* Rollback to specific version
 	*/
 	async downTo(migrations, targetVersion) {
-		const toRollback = (await this.getAppliedMigrations()).filter((m) => m.version > targetVersion).reverse();
+		const toRollback = (await this.store.getApplied()).filter((m) => m.version > targetVersion).reverse();
 		if (toRollback.length === 0) {
-			console.log(`Already at or below version ${targetVersion}`);
+			this.log.info(`Already at or below version ${targetVersion}`);
 			return;
 		}
-		console.log(`Rolling back ${toRollback.length} migration(s)...\n`);
+		this.log.info(`Rolling back ${toRollback.length} migration(s)...`);
 		for (const record of toRollback) {
 			const migration = migrations.find((m) => m.resource === record.resource && m.version === record.version);
 			if (!migration) throw new Error(`Migration ${record.resource}:${record.version} not found`);
 			await this.runMigration(migration, "down", true);
 		}
-		console.log("\nRollback completed");
+		this.log.info("Rollback completed");
 	}
 	/**
 	* Get all applied migrations
 	*/
 	async getAppliedMigrations() {
-		return await this.db.collection(this.collectionName).find({}).sort({ appliedAt: 1 }).toArray();
+		return this.store.getApplied();
 	}
 	/**
 	* Get pending migrations
 	*/
 	async getPendingMigrations(migrations) {
-		const applied = await this.getAppliedMigrations();
+		const applied = await this.store.getApplied();
 		const appliedVersions = new Set(applied.map((m) => `${m.resource}:${m.version}`));
 		return migrations.filter((m) => !appliedVersions.has(`${m.resource}:${m.version}`));
 	}
@@ -96,46 +152,27 @@ var MigrationRunner = class {
 	async runMigration(migration, direction, isRollback = false) {
 		const start = Date.now();
 		const action = direction === "up" ? "Applying" : "Rolling back";
-		console.log(`${action} ${migration.resource} v${migration.version}${migration.description ? `: ${migration.description}` : ""}...`);
+		const label = `${migration.resource} v${migration.version}`;
+		const desc = migration.description ? `: ${migration.description}` : "";
+		this.log.info(`${action} ${label}${desc}...`);
 		try {
 			if (direction === "up") {
 				await migration.up(this.db);
 				if (migration.validate) {
 					if (!await migration.validate(this.db)) throw new Error("Migration validation failed");
 				}
-				await this.recordMigration(migration, Date.now() - start);
+				await this.store.record(migration, Date.now() - start);
 			} else {
 				await migration.down(this.db);
-				if (isRollback) await this.removeMigration(migration);
+				if (isRollback) await this.store.remove(migration);
 			}
 			const duration = Date.now() - start;
-			console.log(`✅ ${migration.resource} v${migration.version} (${duration}ms)`);
+			this.log.info(`${label} completed (${duration}ms)`);
 		} catch (error) {
-			console.error(`❌ ${migration.resource} v${migration.version} failed:`, error.message);
+			this.log.error(`${label} failed: ${error.message}`);
 			throw error;
 		}
 	}
-	/**
-	* Record a completed migration
-	*/
-	async recordMigration(migration, executionTime) {
-		await this.db.collection(this.collectionName).insertOne({
-			version: migration.version,
-			resource: migration.resource,
-			description: migration.description,
-			appliedAt: /* @__PURE__ */ new Date(),
-			executionTime
-		});
-	}
-	/**
-	* Remove a migration record
-	*/
-	async removeMigration(migration) {
-		await this.db.collection(this.collectionName).deleteOne({
-			version: migration.version,
-			resource: migration.resource
-		});
-	}
 };
 /**
 * Add versioning to resource definition
@@ -201,60 +238,5 @@ var MigrationRegistry = class {
 		this.migrations.clear();
 	}
 };
-/**
-* Global migration registry instance
-*/
-const migrationRegistry = new MigrationRegistry();
-/**
-* Common migration helpers
-*/
-const migrationHelpers = {
-	renameField: (collection, oldName, newName) => defineMigration({
-		version: 0,
-		resource: collection,
-		description: `Rename ${oldName} to ${newName}`,
-		up: async (db) => {
-			await db.collection(collection).updateMany({}, { $rename: { [oldName]: newName } });
-		},
-		down: async (db) => {
-			await db.collection(collection).updateMany({}, { $rename: { [newName]: oldName } });
-		}
-	}),
-	addField: (collection, fieldName, defaultValue) => defineMigration({
-		version: 0,
-		resource: collection,
-		description: `Add ${fieldName} field`,
-		up: async (db) => {
-			await db.collection(collection).updateMany({ [fieldName]: { $exists: false } }, { $set: { [fieldName]: defaultValue } });
-		},
-		down: async (db) => {
-			await db.collection(collection).updateMany({}, { $unset: { [fieldName]: "" } });
-		}
-	}),
-	removeField: (collection, fieldName) => defineMigration({
-		version: 0,
-		resource: collection,
-		description: `Remove ${fieldName} field`,
-		up: async (db) => {
-			await db.collection(collection).updateMany({}, { $unset: { [fieldName]: "" } });
-		},
-		down: async (db) => {
-			console.warn(`Cannot restore ${fieldName} field - data was deleted`);
-		}
-	}),
-	createIndex: (collection, fields, options) => defineMigration({
-		version: 0,
-		resource: collection,
-		description: `Create index on ${Object.keys(fields).join(", ")}`,
-		up: async (db) => {
-			await db.collection(collection).createIndex(fields, options);
-		},
-		down: async (db) => {
-			const indexName = typeof options?.name === "string" ? options.name : Object.keys(fields).join("_");
-			await db.collection(collection).dropIndex(indexName);
-		}
-	})
-};
-
 //#endregion
-export { MigrationRegistry, MigrationRunner, defineMigration, migrationHelpers, migrationRegistry, withSchemaVersion };
+export { MigrationRegistry, MigrationRunner, MongoMigrationStore, defineMigration, withSchemaVersion };

package/dist/{mongodb-DNKEExbf.mjs → mongodb-BuQ7fNTg.mjs}

@@ -4,9 +4,7 @@ var MongoAuditStore = class {
 	collection;
 	initialized = false;
 	ttlDays;
-	options;
 	constructor(options) {
-		this.options = options;
 		const collectionName = options.collection ?? "audit_logs";
 		this.collection = options.connection.collection(collectionName);
 		this.ttlDays = options.ttlDays ?? 90;
@@ -88,6 +86,5 @@ var MongoAuditStore = class {
 		}));
 	}
 };
-
 //#endregion
-export { MongoAuditStore as t };
+export { MongoAuditStore as t };

package/dist/{mongodb-ClykrfGo.d.mts → mongodb-CUpYfxfD.d.mts}

@@ -1,7 +1,7 @@
-import { i as UserBase } from "./types-RLkFVgaw.mjs";
+import { i as UserBase } from "./types-BNUccdcf.mjs";
 
 //#region src/audit/stores/interface.d.ts
-type AuditAction = 'create' | 'update' | 'delete' | 'restore' | 'custom';
+type AuditAction = "create" | "update" | "delete" | "restore" | "custom";
 interface AuditEntry {
   /** Unique audit log ID */
   id: string;
@@ -108,7 +108,6 @@ declare class MongoAuditStore implements AuditStore {
   private collection;
   private initialized;
   private ttlDays;
-  private options;
   constructor(options: MongoAuditStoreOptions);
   private ensureIndexes;
   log(entry: AuditEntry): Promise<void>;

package/dist/{mongodb-Dg8O_gvd.d.mts → mongodb-bga9AbkD.d.mts}

@@ -1,4 +1,4 @@
-import { n as IdempotencyResult, r as IdempotencyStore } from "./interface-CSNjltAc.mjs";
+import { n as IdempotencyResult, r as IdempotencyStore } from "./interface-B4awm1RJ.mjs";
 
 //#region src/idempotency/stores/mongodb.d.ts
 interface MongoConnection {
@@ -58,7 +58,7 @@ declare class MongoIdempotencyStore implements IdempotencyStore {
   private get collection();
   private ensureIndex;
   get(key: string): Promise<IdempotencyResult | undefined>;
-  set(key: string, result: Omit<IdempotencyResult, 'key'>): Promise<void>;
+  set(key: string, result: Omit<IdempotencyResult, "key">): Promise<void>;
   tryLock(key: string, requestId: string, ttlMs: number): Promise<boolean>;
   unlock(key: string, requestId: string): Promise<void>;
   isLocked(key: string): Promise<boolean>;

package/dist/{openapi-9nB_kiuR.mjs → openapi-CBmZ6EQN.mjs}

@@ -1,23 +1,7 @@
-import { t as getUserRoles } from "./types-DelU6kln.mjs";
-import { n as convertRouteSchema } from "./schemaConverter-Dtg0Kt9T.mjs";
+import { t as getUserRoles } from "./types-ZUu_h0jp.mjs";
+import { n as convertRouteSchema } from "./schemaConverter-DjzHpFam.mjs";
 import fp from "fastify-plugin";
-
 //#region src/docs/openapi.ts
-/**
-* OpenAPI Spec Generator
-*
-* Auto-generates OpenAPI 3.0 specification from Arc resource registry.
-*
-* @example
-* import { openApiPlugin } from '@classytic/arc/docs';
-*
-* await fastify.register(openApiPlugin, {
-*   title: 'My API',
-*   version: '1.0.0',
-* });
-*
-* // Spec available at /_docs/openapi.json
-*/
 const openApiPlugin = async (fastify, opts = {}) => {
 	const { title = "Arc API", version = "1.0.0", description, serverUrl, prefix = "/_docs", apiPrefix = "", authRoles = [] } = opts;
 	const buildSpec = () => {
@@ -481,7 +465,7 @@ function generateSchemas(resources) {
 		if (fieldPerms && schemas[resource.name]?.properties) {
 			const props = schemas[resource.name].properties;
 			for (const [field, perm] of Object.entries(fieldPerms)) if (props[field]) {
-				const desc = props[field].description ?? "";
+				const desc = props[field]?.description ?? "";
 				const permDesc = formatFieldPermDescription(perm);
 				props[field].description = desc ? `${desc} (${permDesc})` : permDesc;
 			} else if (perm.type === "hidden") {}
@@ -520,6 +504,5 @@ var openapi_default = fp(openApiPlugin, {
 	name: "arc-openapi",
 	fastify: "5.x"
 });
-
 //#endregion
-export { openApiPlugin as n, openapi_default as r, buildOpenApiSpec as t };
+export { openApiPlugin as n, openapi_default as r, buildOpenApiSpec as t };

package/dist/org/index.d.mts

@@ -1,10 +1,18 @@
-import "../elevation-DGo5shaX.mjs";
-import { S as RouteHandler } from "../interface-BtdYtQUA.mjs";
-import { i as UserBase } from "../types-RLkFVgaw.mjs";
-import "../types/index.mjs";
+import { Pt as RouteHandler } from "../interface-DGmPxakH.mjs";
+import { i as UserBase } from "../types-BNUccdcf.mjs";
 import { InvitationAdapter, InvitationDoc, MemberDoc, OrgAdapter, OrgDoc, OrgPermissionStatement, OrgRole, OrganizationPluginOptions } from "./types.mjs";
 import { FastifyPluginAsync, RouteHandlerMethod } from "fastify";
 
+//#region src/org/organizationPlugin.d.ts
+declare module "fastify" {
+  interface FastifyInstance {
+    /** Middleware: require the caller to hold one of the listed org roles */
+    requireOrgRole: (roles: string[]) => RouteHandlerMethod;
+  }
+}
+declare const organizationPlugin: FastifyPluginAsync<OrganizationPluginOptions>;
+declare const _default: FastifyPluginAsync<OrganizationPluginOptions>;
+//#endregion
 //#region src/org/orgGuard.d.ts
 interface OrgGuardOptions {
   /** Require organization context (default: true) */
@@ -55,14 +63,4 @@ declare function getUserOrgRoles(user: UserBase | undefined | null, orgId: strin
  */
 declare function hasOrgRole(user: UserBase | undefined | null, orgId: string | undefined | null, roles: string | string[], options?: OrgRolesOptions): boolean;
 //#endregion
-//#region src/org/organizationPlugin.d.ts
-declare module 'fastify' {
-  interface FastifyInstance {
-    /** Middleware: require the caller to hold one of the listed org roles */
-    requireOrgRole: (roles: string[]) => RouteHandlerMethod;
-  }
-}
-declare const organizationPlugin: FastifyPluginAsync<OrganizationPluginOptions>;
-declare const _default: FastifyPluginAsync<OrganizationPluginOptions>;
-//#endregion
 export { type InvitationAdapter, type InvitationDoc, type MemberDoc, type OrgAdapter, type OrgDoc, type OrgGuardOptions, type OrgMembershipOptions, type OrgPermissionStatement, type OrgRole, type OrgRolesOptions, type OrganizationPluginOptions, getUserOrgRoles, hasOrgRole, orgGuard, orgMembershipCheck, _default as organizationPlugin, organizationPlugin as organizationPluginFn, requireOrg, requireOrgRole };

package/dist/org/index.mjs

@@ -1,122 +1,6 @@
-import { c as isElevated, i as getOrgRoles, l as isMember, n as PUBLIC_SCOPE, o as hasOrgAccess } from "../types-Beqn1Un7.mjs";
+import { c as hasOrgAccess, d as isMember, i as getOrgRoles, n as PUBLIC_SCOPE, u as isElevated } from "../types-C6TQjtdi.mjs";
 import fp from "fastify-plugin";
-
-//#region src/org/orgGuard.ts
-/**
-* Create org guard middleware.
-* Reads `request.scope` for org context and roles.
-* Elevated scope always passes.
-*/
-function orgGuard(options = {}) {
-	const { requireOrgContext = true, roles = [] } = options;
-	return async function orgGuardMiddleware(request, reply) {
-		const scope = request.scope ?? PUBLIC_SCOPE;
-		if (isElevated(scope)) return;
-		if (requireOrgContext && !hasOrgAccess(scope)) {
-			reply.code(403).send({
-				success: false,
-				error: "Organization context required",
-				code: "ORG_CONTEXT_REQUIRED",
-				message: "This endpoint requires an organization context. Please specify organization via x-organization-id header."
-			});
-			return;
-		}
-		if (roles.length > 0 && isMember(scope)) {
-			const userOrgRoles = getOrgRoles(scope);
-			if (!roles.some((role) => userOrgRoles.includes(role))) {
-				reply.code(403).send({
-					success: false,
-					error: "Insufficient organization permissions",
-					code: "ORG_ROLE_REQUIRED",
-					message: `This action requires one of these organization roles: ${roles.join(", ")}`,
-					required: roles,
-					current: userOrgRoles
-				});
-				return;
-			}
-		}
-	};
-}
-/**
-* Shorthand for requiring org context
-*/
-function requireOrg() {
-	return orgGuard({ requireOrgContext: true });
-}
-/**
-* Require org context with specific roles
-*/
-function requireOrgRole(...roles) {
-	return orgGuard({
-		requireOrgContext: true,
-		roles
-	});
-}
-
-//#endregion
-//#region src/org/orgMembership.ts
-/**
-* Check if user is member of organization.
-* This is a low-level utility for checking membership from user object data.
-* For request-level checks, use `request.scope` (isMember/isElevated guards).
-*/
-async function orgMembershipCheck(user, orgId, options = {}) {
-	const { userOrgsPath = "organizations", validateFromDb } = options;
-	if (!user || !orgId) return false;
-	if ((user[userOrgsPath] ?? []).some((o) => {
-		return (o.organizationId?.toString() ?? String(o)) === orgId.toString();
-	})) return true;
-	if (validateFromDb) {
-		const userId = (user._id ?? user.id)?.toString();
-		if (userId) return validateFromDb(userId, orgId);
-	}
-	return false;
-}
-/**
-* Get user's role in organization from user object data.
-* For request-level role checks, use `request.scope.orgRoles` (when scope is 'member').
-*/
-function getUserOrgRoles(user, orgId, options = {}) {
-	const { userOrgsPath = "organizations" } = options;
-	if (!user || !orgId) return [];
-	return (user[userOrgsPath] ?? []).find((o) => {
-		return (o.organizationId?.toString() ?? String(o)) === orgId.toString();
-	})?.roles ?? [];
-}
-/**
-* Check if user has specific role in organization from user object data.
-* For request-level role checks, use `requireOrgRole()` permission or `request.scope`.
-*/
-function hasOrgRole(user, orgId, roles, options = {}) {
-	const userOrgRoles = getUserOrgRoles(user, orgId, options);
-	return (Array.isArray(roles) ? roles : [roles]).some((role) => userOrgRoles.includes(role));
-}
-
-//#endregion
 //#region src/org/organizationPlugin.ts
-/**
-* Organization Plugin -- Full org management with REST endpoints
-*
-* Creates these routes:
-* - POST   /api/organizations                          -- Create org
-* - GET    /api/organizations                          -- List user's orgs
-* - GET    /api/organizations/:orgId                   -- Get org
-* - PATCH  /api/organizations/:orgId                   -- Update org
-* - DELETE /api/organizations/:orgId                   -- Delete org
-* - GET    /api/organizations/:orgId/members           -- List members
-* - POST   /api/organizations/:orgId/members           -- Add member
-* - PATCH  /api/organizations/:orgId/members/:userId   -- Update role
-* - DELETE /api/organizations/:orgId/members/:userId   -- Remove member
-*
-* @example
-* import { organizationPlugin } from '@classytic/arc/org';
-*
-* await fastify.register(organizationPlugin, {
-*   adapter: myMongooseOrgAdapter,
-*   basePath: '/api/organizations',
-*   enableInvitations: false,
-* });
-*/
 const DEFAULT_ROLES = [
 	{
 		name: "owner",
@@ -508,6 +392,95 @@ var organizationPlugin_default = fp(organizationPlugin, {
 	name: "arc-organization",
 	fastify: "5.x"
 });
-
 //#endregion
-export { getUserOrgRoles, hasOrgRole, orgGuard, orgMembershipCheck, organizationPlugin_default as organizationPlugin, organizationPlugin as organizationPluginFn, requireOrg, requireOrgRole };
+//#region src/org/orgGuard.ts
+/**
+* Create org guard middleware.
+* Reads `request.scope` for org context and roles.
+* Elevated scope always passes.
+*/
+function orgGuard(options = {}) {
+	const { requireOrgContext = true, roles = [] } = options;
+	return async function orgGuardMiddleware(request, reply) {
+		const scope = request.scope ?? PUBLIC_SCOPE;
+		if (isElevated(scope)) return;
+		if (requireOrgContext && !hasOrgAccess(scope)) {
+			reply.code(403).send({
+				success: false,
+				error: "Organization context required",
+				code: "ORG_CONTEXT_REQUIRED",
+				message: "This endpoint requires an organization context. Please specify organization via x-organization-id header."
+			});
+			return;
+		}
+		if (roles.length > 0 && isMember(scope)) {
+			const userOrgRoles = getOrgRoles(scope);
+			if (!roles.some((role) => userOrgRoles.includes(role))) {
+				reply.code(403).send({
+					success: false,
+					error: "Insufficient organization permissions",
+					code: "ORG_ROLE_REQUIRED",
+					message: `This action requires one of these organization roles: ${roles.join(", ")}`,
+					required: roles,
+					current: userOrgRoles
+				});
+				return;
+			}
+		}
+	};
+}
+/**
+* Shorthand for requiring org context
+*/
+function requireOrg() {
+	return orgGuard({ requireOrgContext: true });
+}
+/**
+* Require org context with specific roles
+*/
+function requireOrgRole(...roles) {
+	return orgGuard({
+		requireOrgContext: true,
+		roles
+	});
+}
+//#endregion
+//#region src/org/orgMembership.ts
+/**
+* Check if user is member of organization.
+* This is a low-level utility for checking membership from user object data.
+* For request-level checks, use `request.scope` (isMember/isElevated guards).
+*/
+async function orgMembershipCheck(user, orgId, options = {}) {
+	const { userOrgsPath = "organizations", validateFromDb } = options;
+	if (!user || !orgId) return false;
+	if ((user[userOrgsPath] ?? []).some((o) => {
+		return (o.organizationId?.toString() ?? String(o)) === orgId.toString();
+	})) return true;
+	if (validateFromDb) {
+		const userId = (user._id ?? user.id)?.toString();
+		if (userId) return validateFromDb(userId, orgId);
+	}
+	return false;
+}
+/**
+* Get user's role in organization from user object data.
+* For request-level role checks, use `request.scope.orgRoles` (when scope is 'member').
+*/
+function getUserOrgRoles(user, orgId, options = {}) {
+	const { userOrgsPath = "organizations" } = options;
+	if (!user || !orgId) return [];
+	return (user[userOrgsPath] ?? []).find((o) => {
+		return (o.organizationId?.toString() ?? String(o)) === orgId.toString();
+	})?.roles ?? [];
+}
+/**
+* Check if user has specific role in organization from user object data.
+* For request-level role checks, use `requireOrgRole()` permission or `request.scope`.
+*/
+function hasOrgRole(user, orgId, roles, options = {}) {
+	const userOrgRoles = getUserOrgRoles(user, orgId, options);
+	return (Array.isArray(roles) ? roles : [roles]).some((role) => userOrgRoles.includes(role));
+}
+//#endregion
+export { getUserOrgRoles, hasOrgRole, orgGuard, orgMembershipCheck, organizationPlugin_default as organizationPlugin, organizationPlugin as organizationPluginFn, requireOrg, requireOrgRole };

package/dist/org/types.d.mts

@@ -28,7 +28,7 @@ interface InvitationDoc {
   email: string;
   role: string;
   invitedBy: string;
-  status: 'pending' | 'accepted' | 'rejected' | 'expired';
+  status: "pending" | "accepted" | "rejected" | "expired";
   expiresAt: Date;
   createdAt?: Date;
 }
@@ -53,7 +53,7 @@ interface OrgAdapter {
   invitations?: InvitationAdapter;
 }
 interface InvitationAdapter {
-  create(data: Omit<InvitationDoc, 'id' | 'createdAt'>): Promise<InvitationDoc>;
+  create(data: Omit<InvitationDoc, "id" | "createdAt">): Promise<InvitationDoc>;
   getByToken(token: string): Promise<InvitationDoc | null>;
   accept(id: string): Promise<void>;
   reject(id: string): Promise<void>;

package/dist/org/types.mjs

@@ -1 +1 @@
-export {  };
+export {};