@classytic/arc 2.8.0 → 2.8.1

package/dist/{openapi-AYLVjqVe.mjs → openapi-q6rNKfZy.mjs}

@@ -1,5 +1,6 @@
 import { t as getUserRoles } from "./types-ZUu_h0jp.mjs";
-import { n as convertRouteSchema } from "./schemaConverter-Y5EejTnJ.mjs";
+import { n as convertRouteSchema } from "./schemaConverter-OxfCshus.mjs";
+import { t as buildActionBodySchema } from "./createActionRouter-Df1BuawX.mjs";
 import fp from "fastify-plugin";
 //#region src/docs/openapi.ts
 const openApiPlugin = async (fastify, opts = {}) => {
@@ -158,7 +159,7 @@ const DEFAULT_LIST_PARAMS = [
 function generateResourcePaths(resource, apiPrefix = "", additionalSecurity = []) {
 	const paths = {};
 	const basePath = `${apiPrefix}${resource.prefix}`;
-	if (resource.disableDefaultRoutes && (!resource.additionalRoutes || resource.additionalRoutes.length === 0)) return paths;
+	if (resource.disableDefaultRoutes && (!resource.additionalRoutes || resource.additionalRoutes.length === 0) && (!resource.actions || resource.actions.length === 0)) return paths;
 	if (!resource.disableDefaultRoutes) {
 		const disabledSet = new Set(resource.disabledRoutes ?? []);
 		const updateMethod = resource.updateMethod ?? "PATCH";
@@ -309,6 +310,52 @@ function generateResourcePaths(resource, apiPrefix = "", additionalSecurity = []
 		}
 		paths[fullPath][method] = createOperation(resource, handlerName, route.summary ?? handlerName, extras, requiresAuthForRoute, additionalSecurity);
 	}
+	if (resource.actions && resource.actions.length > 0) {
+		const actionPath = toOpenApiPath(`${basePath}/:id/action`);
+		const actionEnum = resource.actions.map((a) => a.name);
+		const actionSchemas = {};
+		for (const a of resource.actions) if (a.schema) actionSchemas[a.name] = a.schema;
+		const bodySchema = buildActionBodySchema(actionEnum, actionSchemas);
+		const descLines = [
+			"Unified action endpoint for state transitions.",
+			"",
+			"**Available actions:**"
+		];
+		for (const a of resource.actions) {
+			const roles = a.permissions?._roles;
+			const roleStr = roles?.length ? ` — requires: ${roles.join(" or ")}` : "";
+			const descStr = a.description ? ` — ${a.description}` : "";
+			descLines.push(`- \`${a.name}\`${roleStr}${descStr}`);
+		}
+		const fallbackPerm = resource.actionPermissions;
+		const fallbackRequiresAuth = typeof fallbackPerm === "function" && !fallbackPerm._isPublic;
+		const anyAuthRequired = resource.actions.some((a) => {
+			const p = a.permissions;
+			if (typeof p === "function") return !p._isPublic;
+			return fallbackRequiresAuth;
+		});
+		if (!paths[actionPath]) paths[actionPath] = {};
+		paths[actionPath].post = createOperation(resource, "action", `Perform action (${actionEnum.join(" / ")})`, {
+			parameters: [{
+				name: "id",
+				in: "path",
+				required: true,
+				schema: { type: "string" },
+				description: "Resource ID"
+			}],
+			description: descLines.join("\n"),
+			requestBody: {
+				required: true,
+				content: { "application/json": { schema: bodySchema } }
+			},
+			responses: {
+				"200": { description: "Action executed successfully" },
+				"400": { description: "Invalid action or missing required fields" },
+				"401": { description: "Authentication required" },
+				"403": { description: "Permission denied" }
+			}
+		}, anyAuthRequired, additionalSecurity);
+	}
 	return paths;
 }
 /**

package/dist/org/index.d.mts

@@ -1,4 +1,4 @@
-import { Wt as RouteHandler } from "../interface-IJqN3pXK.mjs";
+import { Wt as RouteHandler } from "../interface-CS6d7HiB.mjs";
 import { i as UserBase } from "../types-BoaZHr-2.mjs";
 import { InvitationAdapter, InvitationDoc, MemberDoc, OrgAdapter, OrgDoc, OrgPermissionStatement, OrgRole, OrganizationPluginOptions } from "./types.mjs";
 import { FastifyPluginAsync, RouteHandlerMethod } from "fastify";

package/dist/plugins/index.d.mts

@@ -1,6 +1,6 @@
-import { K as MiddlewareConfig, Kt as ResourceRegistry, et as PresetHook, m as AnyRecord, mn as HookSystem, p as AdditionalRoute, vt as RouteSchemaOptions } from "../interface-IJqN3pXK.mjs";
+import { K as MiddlewareConfig, Kt as ResourceRegistry, Tn as HookSystem, et as PresetHook, m as AnyRecord, p as AdditionalRoute, vt as RouteSchemaOptions } from "../interface-CS6d7HiB.mjs";
 import { t as ExternalOpenApiPaths } from "../externalPaths-BQ8QijNH.mjs";
-import { _ as cachingPlugin, a as versioningPlugin, c as MetricsOptions, d as SSEOptions, f as _default$6, g as _default$1, h as CachingRule, i as _default$7, l as _default$4, m as CachingOptions, n as errorHandlerPlugin, o as MetricEntry, p as ssePlugin, r as VersioningOptions, s as MetricsCollector, t as ErrorHandlerOptions, u as metricsPlugin } from "../errorHandler-BeN-ERN7.mjs";
+import { _ as cachingPlugin, a as versioningPlugin, c as MetricsOptions, d as SSEOptions, f as _default$6, g as _default$1, h as CachingRule, i as _default$7, l as _default$4, m as CachingOptions, n as errorHandlerPlugin, o as MetricEntry, p as ssePlugin, r as VersioningOptions, s as MetricsCollector, t as ErrorHandlerOptions, u as metricsPlugin } from "../errorHandler-DJ7OAB2V.mjs";
 import { t as TracingOptions } from "../tracing-xqXzWeaf.mjs";
 import { FastifyInstance, FastifyPluginAsync } from "fastify";
 import * as _$node_stream0 from "node:stream";

package/dist/plugins/index.mjs

@@ -1,11 +1,11 @@
 import { p as MUTATION_OPERATIONS } from "../constants-Cxde4rpC.mjs";
 import { o as getOrgId } from "../types-AOD8fxIw.mjs";
-import { t as requestContext } from "../requestContext-xHIKedG6.mjs";
+import { t as requestContext } from "../requestContext-DYvHl113.mjs";
 import { t as hasEvents } from "../typeGuards-CcFZXgU7.mjs";
 import { t as HookSystem } from "../HookSystem-BjFu7zf1.mjs";
-import { t as ResourceRegistry } from "../ResourceRegistry-BOtJuRCs.mjs";
+import { t as ResourceRegistry } from "../ResourceRegistry-Dtcojmu8.mjs";
 import { n as caching_default, t as cachingPlugin } from "../caching-CHH-iHs3.mjs";
-import { t as errorHandlerPlugin } from "../errorHandler-BW08lEiy.mjs";
+import { t as errorHandlerPlugin } from "../errorHandler-Cw34h_om.mjs";
 import { n as metrics_default, t as metricsPlugin } from "../metrics-DuhiSEZI.mjs";
 import { t as replyHelpersPlugin } from "../replyHelpers-CXtJDAZ0.mjs";
 import { n as sse_default, t as ssePlugin } from "../sse-CD5Hghpu.mjs";

package/dist/plugins/tracing-entry.mjs

@@ -44,7 +44,7 @@ try {
 function createTracerProvider(options) {
 	if (!isAvailable) return null;
 	const { serviceName = "@classytic/arc", serviceVersion, exporterUrl = "http://localhost:4318/v1/traces" } = options;
-	const resolvedVersion = serviceVersion ?? "2.8.0";
+	const resolvedVersion = serviceVersion ?? "2.8.1";
 	const exporter = new OTLPTraceExporter({ url: exporterUrl });
 	const provider = new NodeTracerProvider({ resource: { attributes: {
 		"service.name": serviceName,

package/dist/presets/index.d.mts

@@ -1,4 +1,4 @@
-import { Ht as IControllerResponse, Ut as IRequestContext, Zt as PaginatedResult, m as AnyRecord, tt as PresetResult, ut as ResourceConfig } from "../interface-IJqN3pXK.mjs";
+import { Ht as IControllerResponse, Ut as IRequestContext, m as AnyRecord, on as PaginationResult, tt as PresetResult, ut as ResourceConfig } from "../interface-CS6d7HiB.mjs";
 import { MultiTenantOptions, TenantFieldSpec, multiTenantPreset } from "./multiTenant.mjs";
 
 //#region src/presets/ownedByUser.d.ts
@@ -57,7 +57,7 @@ declare function treePreset(options?: TreeOptions): PresetResult;
  *
  * **Repository Requirements:**
  * Your repository must implement:
- * - `getDeleted(options): Promise<PaginatedResult<T> | T[]>`
+ * - `getDeleted(params?, options?): Promise<PaginationResult<T> | T[]>`
  * - `restore(id): Promise<T | null>`
  *
  * @example
@@ -77,7 +77,7 @@ interface ISoftDeleteController<TDoc = unknown> {
    * Get all soft-deleted items
    * Called by: GET /deleted
    */
-  getDeleted(req: IRequestContext): Promise<IControllerResponse<PaginatedResult<TDoc>>>;
+  getDeleted(req: IRequestContext): Promise<IControllerResponse<PaginationResult<TDoc>>>;
   /**
    * Restore a soft-deleted item by ID
    * Called by: POST /:id/restore

package/dist/presets/multiTenant.d.mts

@@ -1,4 +1,4 @@
-import { E as CrudRouteKey, tt as PresetResult } from "../interface-IJqN3pXK.mjs";
+import { E as CrudRouteKey, tt as PresetResult } from "../interface-CS6d7HiB.mjs";
 
 //#region src/presets/multiTenant.d.ts
 /**

package/dist/{redis-stream-CF1lrKVk.d.mts → redis-stream-BgrYzpeq.d.mts}

@@ -1,4 +1,4 @@
-import { i as EventTransport, n as EventHandler, r as EventLogger, t as DomainEvent } from "./EventTransport-n1KBxC_N.mjs";
+import { i as EventTransport, n as EventHandler, r as EventLogger, t as DomainEvent } from "./EventTransport-CLXJUzyT.mjs";
 
 //#region src/events/transports/redis-stream.d.ts
 interface RedisStreamLike {

package/dist/registry/index.d.mts

@@ -1,4 +1,4 @@
-import { Gt as RegisterOptions, H as IntrospectionPluginOptions, Kt as ResourceRegistry } from "../interface-IJqN3pXK.mjs";
+import { Gt as RegisterOptions, H as IntrospectionPluginOptions, Kt as ResourceRegistry } from "../interface-CS6d7HiB.mjs";
 import { FastifyPluginAsync } from "fastify";
 
 //#region src/registry/introspectionPlugin.d.ts

package/dist/registry/index.mjs

@@ -1,3 +1,3 @@
 import { n as introspectionPlugin_default, t as introspectionPlugin } from "../registry-B0Wl7uVV.mjs";
-import { t as ResourceRegistry } from "../ResourceRegistry-BOtJuRCs.mjs";
+import { t as ResourceRegistry } from "../ResourceRegistry-Dtcojmu8.mjs";
 export { ResourceRegistry, introspectionPlugin_default as introspectionPlugin, introspectionPlugin as introspectionPluginFn };

package/dist/{resourceToTools-C_1SMiCz.mjs → resourceToTools-DNNWnZtx.mjs}

@@ -1,4 +1,4 @@
-import { t as BaseController } from "./BaseController-CpMfCXdn.mjs";
+import { t as BaseController } from "./BaseController-DAGGc5Xn.mjs";
 import { n as normalizePermissionResult } from "./applyPermissionResult-D6GPMsvh.mjs";
 import { t as pluralize } from "./pluralize-BneOJkpi.mjs";
 import { z } from "zod";
@@ -274,6 +274,15 @@ function buildRequestContext(input, auth, operation, policyFilters, scopeOverrid
 			query: {},
 			body: void 0
 		};
+		case "action": {
+			const { id: _actionId, ...actionBody } = input;
+			return {
+				...base,
+				params: { id: String(_actionId ?? "") },
+				query: {},
+				body: actionBody
+			};
+		}
 	}
 }
 /**
@@ -548,7 +557,6 @@ const ANNOTATIONS = {
 */
 function resourceToTools(resource, config = {}) {
 	const controller = resource.controller ?? (resource.adapter ? createMcpController(resource) : void 0);
-	if (!controller) return [];
 	const explicitFieldRules = resource.schemaOptions?.fieldRules;
 	const hiddenFields = resource.schemaOptions?.hiddenFields;
 	const readonlyFields = resource.schemaOptions?.readonlyFields;
@@ -558,72 +566,101 @@ function resourceToTools(resource, config = {}) {
 	const sortableFields = resource.queryParser?.allowedSortFields;
 	const allowedOperators = resource.queryParser?.allowedOperators;
 	const hasSoftDelete = resource._appliedPresets?.includes("softDelete") ?? false;
-	let ops = ALL_CRUD_OPS.filter((op) => {
-		if (resource.disabledRoutes?.includes(op)) return false;
-		return true;
-	});
-	if (config.operations) ops = ops.filter((op) => config.operations?.includes(op));
 	const tools = [];
 	const prefix = config.toolNamePrefix;
-	for (const op of ops) {
-		const name = config.names?.[op] ?? (op === "list" ? `${prefix ? `${prefix}_` : ""}list_${pluralize(resource.name)}` : `${prefix ? `${prefix}_` : ""}${op}_${resource.name}`);
-		tools.push({
-			name,
-			description: config.descriptions?.[op] ?? defaultDescription(op, resource.displayName, hasSoftDelete, {
-				filterableFields,
-				allowedOperators,
-				sortableFields
-			}),
-			annotations: ANNOTATIONS[op],
-			inputSchema: buildInputSchema(op, fieldRules, {
-				hiddenFields,
-				readonlyFields,
-				extraHideFields: config.hideFields,
-				filterableFields,
-				allowedOperators,
-				adapterBodies
-			}),
-			handler: createHandler(op, controller, resource.name, resource.permissions)
+	if (!controller) {} else {
+		let ops = ALL_CRUD_OPS.filter((op) => {
+			if (resource.disabledRoutes?.includes(op)) return false;
+			return true;
 		});
-	}
-	for (const route of resource.additionalRoutes ?? []) {
-		const mcpHandler = route.mcpHandler;
-		if (!route.wrapHandler && !mcpHandler) continue;
-		if (!mcpHandler && ![
-			"POST",
-			"PUT",
-			"PATCH",
-			"DELETE"
-		].includes(route.method)) continue;
-		const opName = route.operation ?? slugifyRoute(route.method, route.path);
-		const hasId = route.path.includes(":id");
-		const inputShape = {};
-		if (hasId) inputShape.id = z.string().describe("Resource ID");
-		if (mcpHandler) tools.push({
-			name: prefix ? `${prefix}_${opName}_${resource.name}` : `${opName}_${resource.name}`,
-			description: route.summary ?? route.description ?? `${opName} on ${resource.displayName}`,
-			annotations: { openWorldHint: true },
-			inputSchema: inputShape,
-			handler: async (input, _ctx) => {
-				try {
-					return await mcpHandler(input);
-				} catch (err) {
-					return {
-						content: [{
-							type: "text",
-							text: `Error: ${err instanceof Error ? err.message : String(err)}`
-						}],
-						isError: true
-					};
+		if (config.operations) ops = ops.filter((op) => config.operations?.includes(op));
+		for (const op of ops) {
+			const name = config.names?.[op] ?? (op === "list" ? `${prefix ? `${prefix}_` : ""}list_${pluralize(resource.name)}` : `${prefix ? `${prefix}_` : ""}${op}_${resource.name}`);
+			tools.push({
+				name,
+				description: config.descriptions?.[op] ?? defaultDescription(op, resource.displayName, hasSoftDelete, {
+					filterableFields,
+					allowedOperators,
+					sortableFields
+				}),
+				annotations: ANNOTATIONS[op],
+				inputSchema: buildInputSchema(op, fieldRules, {
+					hiddenFields,
+					readonlyFields,
+					extraHideFields: config.hideFields,
+					filterableFields,
+					allowedOperators,
+					adapterBodies
+				}),
+				handler: createHandler(op, controller, resource.name, resource.permissions)
+			});
+		}
+		for (const route of resource.additionalRoutes ?? []) {
+			if (route.mcp === false) continue;
+			const mcpHandler = route.mcpHandler;
+			if (!route.wrapHandler && !mcpHandler) continue;
+			if (!mcpHandler && ![
+				"POST",
+				"PUT",
+				"PATCH",
+				"DELETE"
+			].includes(route.method)) continue;
+			const opName = route.operation ?? slugifyRoute(route.method, route.path);
+			const hasId = route.path.includes(":id");
+			const mcpConfig = typeof route.mcp === "object" && route.mcp !== null ? route.mcp : void 0;
+			const toolDescription = mcpConfig?.description ?? route.summary ?? route.description ?? `${opName} on ${resource.displayName}`;
+			const toolAnnotations = mcpConfig?.annotations ? { ...mcpConfig.annotations } : { openWorldHint: true };
+			const inputShape = {};
+			if (hasId) inputShape.id = z.string().describe("Resource ID");
+			if (mcpHandler) tools.push({
+				name: prefix ? `${prefix}_${opName}_${resource.name}` : `${opName}_${resource.name}`,
+				description: toolDescription,
+				annotations: toolAnnotations,
+				inputSchema: inputShape,
+				handler: async (input, _ctx) => {
+					try {
+						return await mcpHandler(input);
+					} catch (err) {
+						return {
+							content: [{
+								type: "text",
+								text: `Error: ${err instanceof Error ? err.message : String(err)}`
+							}],
+							isError: true
+						};
+					}
 				}
-			}
-		});
-		else tools.push({
-			name: prefix ? `${prefix}_${opName}_${resource.name}` : `${opName}_${resource.name}`,
-			description: route.summary ?? route.description ?? `${opName} on ${resource.displayName}`,
-			annotations: { openWorldHint: true },
+			});
+			else tools.push({
+				name: prefix ? `${prefix}_${opName}_${resource.name}` : `${opName}_${resource.name}`,
+				description: toolDescription,
+				annotations: toolAnnotations,
+				inputSchema: inputShape,
+				handler: createAdditionalRouteHandler(route, controller, hasId)
+			});
+		}
+	}
+	if (resource.actions) for (const [actionName, entry] of Object.entries(resource.actions)) {
+		const def = typeof entry === "function" ? { handler: entry } : entry;
+		if (typeof def !== "function" && "mcp" in def && def.mcp === false) continue;
+		const mcpCfg = typeof def !== "function" && typeof def.mcp === "object" ? def.mcp : void 0;
+		const description = mcpCfg?.description ?? (typeof def !== "function" ? def.description : void 0) ?? `${actionName} action on ${resource.displayName}`;
+		const annotations = mcpCfg?.annotations ? { ...mcpCfg.annotations } : { destructiveHint: true };
+		const inputShape = { id: z.string().describe("Resource ID") };
+		const rawSchema = typeof def !== "function" ? def.schema : void 0;
+		if (rawSchema && typeof rawSchema === "object") {
+			const converted = convertActionSchemaToZod(rawSchema);
+			for (const [key, val] of Object.entries(converted)) inputShape[key] = val;
+		}
+		const toolName = prefix ? `${prefix}_${actionName}_${resource.name}` : `${actionName}_${resource.name}`;
+		const handler = typeof entry === "function" ? entry : def.handler;
+		const actionPerms = (typeof def !== "function" ? def.permissions : void 0) ?? resource.actionPermissions;
+		tools.push({
+			name: toolName,
+			description: String(description),
+			annotations,
 			inputSchema: inputShape,
-			handler: createAdditionalRouteHandler(route, controller, hasId)
+			handler: createActionToolHandler(actionName, handler, actionPerms, resource.name, resource.permissions)
 		});
 	}
 	return tools;
@@ -889,5 +926,98 @@ function createMcpController(resource) {
 		matchesFilter: resource.adapter?.matchesFilter
 	});
 }
+/**
+* Convert an action schema (JSON Schema, Zod, or legacy field map) to a Zod
+* shape for MCP tool input. This mirrors `normalizeActionSchema` in
+* `createActionRouter.ts` but produces Zod types for the MCP SDK.
+*/
+function convertActionSchemaToZod(raw) {
+	if ("_zod" in raw && typeof raw.shape === "object") return { ...raw.shape };
+	if ((raw.type === "object" || "properties" in raw) && typeof raw.properties === "object" && raw.properties !== null) {
+		const props = raw.properties;
+		return jsonSchemaPropsToZod(props, new Set(Array.isArray(raw.required) ? raw.required : []));
+	}
+	const result = {};
+	for (const [fieldName, fieldSchema] of Object.entries(raw)) {
+		if (fieldName === "type" || fieldName === "properties" || fieldName === "required") continue;
+		if (!fieldSchema || typeof fieldSchema !== "object") continue;
+		const fs = fieldSchema;
+		const desc = typeof fs.description === "string" ? fs.description : `${fieldName} field`;
+		const isOptional = fs.required === false;
+		const base = jsonSchemaTypeToZod(fs);
+		result[fieldName] = isOptional ? base.optional().describe(desc) : base.describe(desc);
+	}
+	return result;
+}
+function jsonSchemaPropsToZod(props, requiredSet) {
+	const result = {};
+	for (const [name, schema] of Object.entries(props)) {
+		const desc = typeof schema.description === "string" ? schema.description : name;
+		const base = jsonSchemaTypeToZod(schema);
+		result[name] = requiredSet.has(name) ? base.describe(desc) : base.optional().describe(desc);
+	}
+	return result;
+}
+function jsonSchemaTypeToZod(schema) {
+	const type = typeof schema.type === "string" ? schema.type : "string";
+	if (Array.isArray(schema.enum) && schema.enum.length > 0) return z.enum(schema.enum);
+	switch (type) {
+		case "number":
+		case "integer": return z.number();
+		case "boolean": return z.boolean();
+		case "array": return z.array(z.unknown());
+		case "object": return z.record(z.string(), z.unknown());
+		default: return z.string();
+	}
+}
+/**
+* Create an MCP tool handler for a declarative action.
+*
+* Uses the SAME `evaluatePermission()` and `buildRequestContext()` as
+* CRUD tools — single code path for permission side effects, scope
+* construction, and request context assembly. This eliminates the
+* DRY/drift risk flagged in the review: REST and MCP action tools now
+* share identical context-building machinery.
+*/
+function createActionToolHandler(actionName, handler, permissions, resourceName, _resourcePermissions) {
+	return async (input, ctx) => {
+		const session = ctx.session;
+		const permResult = await evaluatePermission(permissions, session, resourceName, actionName, input);
+		if (permResult && !permResult.granted) return {
+			content: [{
+				type: "text",
+				text: JSON.stringify({
+					success: false,
+					error: permResult.reason ?? `Permission denied for action '${actionName}'`
+				})
+			}],
+			isError: true
+		};
+		const reqCtx = buildRequestContext({
+			...input,
+			action: actionName
+		}, session, "action", permResult?.filters, permResult?.scope);
+		const id = typeof input.id === "string" ? input.id : "";
+		const { id: _discardId, ...data } = input;
+		try {
+			const result = await handler(id, data, reqCtx);
+			return { content: [{
+				type: "text",
+				text: JSON.stringify({
+					success: true,
+					data: result
+				})
+			}] };
+		} catch (err) {
+			return {
+				content: [{
+					type: "text",
+					text: `Error: ${err instanceof Error ? err.message : String(err)}`
+				}],
+				isError: true
+			};
+		}
+	};
+}
 //#endregion
 export { fieldRulesToZod as n, createMcpServer as r, resourceToTools as t };

package/dist/rpc/index.mjs

@@ -1,4 +1,4 @@
-import { t as CircuitBreaker } from "../circuitBreaker-l18oRgL5.mjs";
+import { t as CircuitBreaker } from "../circuitBreaker-cmi5XDv5.mjs";
 //#region src/rpc/serviceClient.ts
 /**
 * Service Client — Resource-Oriented RPC

package/dist/testing/index.d.mts

@@ -1,5 +1,5 @@
-import { Yt as CrudRepository, m as AnyRecord, qt as ResourceDefinition } from "../interface-IJqN3pXK.mjs";
-import { d as ResourceLike, r as CreateAppOptions } from "../types-gUxAIZHp.mjs";
+import { Zt as CrudRepository, m as AnyRecord, qt as ResourceDefinition } from "../interface-CS6d7HiB.mjs";
+import { d as ResourceLike, r as CreateAppOptions } from "../types-BlOuKTPw.mjs";
 import Fastify, { FastifyInstance, FastifyServerOptions } from "fastify";
 import { Connection } from "mongoose";
 import { Mock } from "vitest";

package/dist/testing/index.mjs

@@ -1796,7 +1796,7 @@ function runEventTests(resourceName, displayName, events) {
 * ```
 */
 async function createTestApp(options = {}) {
-	const { createApp } = await import("../createApp-Cy8eUNKQ.mjs").then((n) => n.r);
+	const { createApp } = await import("../createApp-p2OThysU.mjs").then((n) => n.r);
 	const { useInMemoryDb = true, mongoUri: providedMongoUri, ...appOptions } = options;
 	const defaultAuth = {
 		type: "jwt",

package/dist/types/index.d.mts

@@ -1,5 +1,5 @@
 import { _ as isAuthenticated, c as getOrgRoles, g as hasOrgAccess, n as PUBLIC_SCOPE, p as getTeamId, r as RequestScope, s as getOrgId, t as AUTHENTICATED_SCOPE, v as isElevated, y as isMember } from "../types-CN6JvmYz.mjs";
-import { $ as PresetFunction, $t as QueryOptions, A as EventsDecorator, B as InferResourceDoc, Bt as FastifyHandler, C as ConfigError, Ct as TypedResourceConfig, D as CrudRouterOptions, Dt as ValidationResult, E as CrudRouteKey, Et as ValidateOptions, F as GracefulShutdownOptions, G as LookupOption, H as IntrospectionPluginOptions, Ht as IControllerResponse, I as HealthCheck, J as ObjectId, K as MiddlewareConfig, L as HealthOptions, M as FastifyWithAuth, N as FastifyWithDecorators, O as CrudSchemas, Ot as envelope, P as FieldRule, Q as PopulateOption, Qt as PaginationParams, R as InferAdapterDoc, Rt as ControllerHandler, S as AuthenticatorContext, St as TypedRepository, T as CrudController, Tt as UserOrganization, U as JWTPayload, Ut as IRequestContext, V as IntrospectionData, Vt as IController, W as JwtContext, Wt as RouteHandler, X as OwnershipCheck, Xt as InferDoc, Y as OpenApiSchemas, Yt as CrudRepository, Z as ParsedQuery, Zt as PaginatedResult, _ as ArcInternalMetadata, _t as RouteMcpConfig, at as RegistryStats, b as AuthPluginOptions, bt as TokenPair, ct as RequestWithExtras, d as ActionHandlerFn, dt as ResourceHookContext, et as PresetHook, f as ActionsMap, ft as ResourceHooks, g as ArcDecorator, gt as RouteHandlerMethod, h as ApiResponse, ht as RouteDefinition, it as RegistryEntry, j as FastifyRequestExtras, jt as BaseControllerOptions, k as EventDefinition, kt as getUserId, l as ActionDefinition, lt as ResourceCacheConfig, m as AnyRecord, mt as ResourcePermissions, nt as QueryParserInterface, ot as RequestContext, p as AdditionalRoute, pt as ResourceMetadata, q as MiddlewareHandler, rt as RateLimitConfig, st as RequestIdOptions, tt as PresetResult, u as ActionEntry, ut as ResourceConfig, v as ArcRequest, vt as RouteSchemaOptions, w as ControllerQueryOptions, wt as UserLike, x as Authenticator, xt as TypedController, y as AuthHelpers, yt as ServiceContext, z as InferDocType, zt as ControllerLike } from "../interface-IJqN3pXK.mjs";
+import { $ as PresetFunction, $t as DeleteOptions, A as EventsDecorator, B as InferResourceDoc, Bt as FastifyHandler, C as ConfigError, Ct as TypedResourceConfig, D as CrudRouterOptions, Dt as ValidationResult, E as CrudRouteKey, Et as ValidateOptions, F as GracefulShutdownOptions, G as LookupOption, H as IntrospectionPluginOptions, Ht as IControllerResponse, I as HealthCheck, J as ObjectId, K as MiddlewareConfig, L as HealthOptions, M as FastifyWithAuth, N as FastifyWithDecorators, O as CrudSchemas, Ot as envelope, P as FieldRule, Q as PopulateOption, Qt as DeleteManyResult, R as InferAdapterDoc, Rt as ControllerHandler, S as AuthenticatorContext, St as TypedRepository, T as CrudController, Tt as UserOrganization, U as JWTPayload, Ut as IRequestContext, V as IntrospectionData, Vt as IController, W as JwtContext, Wt as RouteHandler, X as OwnershipCheck, Xt as BulkWriteResult, Y as OpenApiSchemas, Yt as BulkWriteOperation, Z as ParsedQuery, Zt as CrudRepository, _ as ArcInternalMetadata, _t as RouteMcpConfig, an as PaginationParams, at as RegistryStats, b as AuthPluginOptions, bt as TokenPair, cn as RepositorySession, ct as RequestWithExtras, d as ActionHandlerFn, dt as ResourceHookContext, en as DeleteResult, et as PresetHook, f as ActionsMap, ft as ResourceHooks, g as ArcDecorator, gt as RouteHandlerMethod, h as ApiResponse, ht as RouteDefinition, in as PaginatedResult, it as RegistryEntry, j as FastifyRequestExtras, jt as BaseControllerOptions, k as EventDefinition, kt as getUserId, l as ActionDefinition, ln as UpdateManyResult, lt as ResourceCacheConfig, m as AnyRecord, mt as ResourcePermissions, nn as KeysetPaginatedResult, nt as QueryParserInterface, on as PaginationResult, ot as RequestContext, p as AdditionalRoute, pt as ResourceMetadata, q as MiddlewareHandler, rn as OffsetPaginatedResult, rt as RateLimitConfig, sn as QueryOptions, st as RequestIdOptions, tn as InferDoc, tt as PresetResult, u as ActionEntry, un as WriteOptions, ut as ResourceConfig, v as ArcRequest, vt as RouteSchemaOptions, w as ControllerQueryOptions, wt as UserLike, x as Authenticator, xt as TypedController, y as AuthHelpers, yt as ServiceContext, z as InferDocType, zt as ControllerLike } from "../interface-CS6d7HiB.mjs";
 import { i as UserBase, n as PermissionContext, r as PermissionResult, t as PermissionCheck } from "../types-BoaZHr-2.mjs";
 import { n as ElevationOptions, t as ElevationEvent } from "../elevation-UJO3-NvX.mjs";
-export { AUTHENTICATED_SCOPE, ActionDefinition, ActionEntry, ActionHandlerFn, ActionsMap, AdditionalRoute, AnyRecord, ApiResponse, ArcDecorator, ArcInternalMetadata, ArcRequest, AuthHelpers, AuthPluginOptions, Authenticator, AuthenticatorContext, BaseControllerOptions, ConfigError, ControllerHandler, ControllerLike, ControllerQueryOptions, CrudController, CrudRepository, CrudRouteKey, CrudRouterOptions, CrudSchemas, ElevationEvent, ElevationOptions, EventDefinition, EventsDecorator, FastifyHandler, FastifyRequestExtras, FastifyWithAuth, FastifyWithDecorators, FieldRule, GracefulShutdownOptions, HealthCheck, HealthOptions, IController, IControllerResponse, IRequestContext, InferAdapterDoc, InferDoc, InferDocType, InferResourceDoc, IntrospectionData, IntrospectionPluginOptions, JWTPayload, JwtContext, LookupOption, MiddlewareConfig, MiddlewareHandler, ObjectId, OpenApiSchemas, OwnershipCheck, PUBLIC_SCOPE, PaginatedResult, PaginationParams, ParsedQuery, PermissionCheck, PermissionContext, PermissionResult, PopulateOption, PresetFunction, PresetHook, PresetResult, QueryOptions, QueryParserInterface, RateLimitConfig, RegistryEntry, RegistryStats, RequestContext, RequestIdOptions, RequestScope, RequestWithExtras, ResourceCacheConfig, ResourceConfig, ResourceHookContext, ResourceHooks, ResourceMetadata, ResourcePermissions, RouteDefinition, RouteHandler, RouteHandlerMethod, RouteMcpConfig, RouteSchemaOptions, ServiceContext, TokenPair, TypedController, TypedRepository, TypedResourceConfig, UserBase, UserLike, UserOrganization, ValidateOptions, ValidationResult, envelope, getOrgId, getOrgRoles, getTeamId, getUserId, hasOrgAccess, isAuthenticated, isElevated, isMember };
+export { AUTHENTICATED_SCOPE, ActionDefinition, ActionEntry, ActionHandlerFn, ActionsMap, AdditionalRoute, AnyRecord, ApiResponse, ArcDecorator, ArcInternalMetadata, ArcRequest, AuthHelpers, AuthPluginOptions, Authenticator, AuthenticatorContext, BaseControllerOptions, BulkWriteOperation, BulkWriteResult, ConfigError, ControllerHandler, ControllerLike, ControllerQueryOptions, CrudController, CrudRepository, CrudRouteKey, CrudRouterOptions, CrudSchemas, DeleteManyResult, DeleteOptions, DeleteResult, ElevationEvent, ElevationOptions, EventDefinition, EventsDecorator, FastifyHandler, FastifyRequestExtras, FastifyWithAuth, FastifyWithDecorators, FieldRule, GracefulShutdownOptions, HealthCheck, HealthOptions, IController, IControllerResponse, IRequestContext, InferAdapterDoc, InferDoc, InferDocType, InferResourceDoc, IntrospectionData, IntrospectionPluginOptions, JWTPayload, JwtContext, KeysetPaginatedResult, LookupOption, MiddlewareConfig, MiddlewareHandler, ObjectId, OffsetPaginatedResult, OpenApiSchemas, OwnershipCheck, PUBLIC_SCOPE, PaginatedResult, PaginationParams, PaginationResult, ParsedQuery, PermissionCheck, PermissionContext, PermissionResult, PopulateOption, PresetFunction, PresetHook, PresetResult, QueryOptions, QueryParserInterface, RateLimitConfig, RegistryEntry, RegistryStats, RepositorySession, RequestContext, RequestIdOptions, RequestScope, RequestWithExtras, ResourceCacheConfig, ResourceConfig, ResourceHookContext, ResourceHooks, ResourceMetadata, ResourcePermissions, RouteDefinition, RouteHandler, RouteHandlerMethod, RouteMcpConfig, RouteSchemaOptions, ServiceContext, TokenPair, TypedController, TypedRepository, TypedResourceConfig, UpdateManyResult, UserBase, UserLike, UserOrganization, ValidateOptions, ValidationResult, WriteOptions, envelope, getOrgId, getOrgRoles, getTeamId, getUserId, hasOrgAccess, isAuthenticated, isElevated, isMember };

package/dist/{types-gUxAIZHp.d.mts → types-BlOuKTPw.d.mts}

@@ -1,11 +1,11 @@
-import { x as Authenticator } from "./interface-IJqN3pXK.mjs";
+import { x as Authenticator } from "./interface-CS6d7HiB.mjs";
 import { n as ElevationOptions } from "./elevation-UJO3-NvX.mjs";
 import { t as ExternalOpenApiPaths } from "./externalPaths-BQ8QijNH.mjs";
 import { i as CacheStore } from "./interface-bpoLKKqx.mjs";
 import { r as QueryCachePluginOptions } from "./queryCachePlugin-BCFVXnxK.mjs";
-import { i as EventTransport } from "./EventTransport-n1KBxC_N.mjs";
-import { t as EventPluginOptions } from "./eventPlugin-CAOWMQS8.mjs";
-import { c as MetricsOptions, d as SSEOptions, m as CachingOptions, r as VersioningOptions, t as ErrorHandlerOptions } from "./errorHandler-BeN-ERN7.mjs";
+import { i as EventTransport } from "./EventTransport-CLXJUzyT.mjs";
+import { t as EventPluginOptions } from "./eventPlugin-Cdjwo0Gv.mjs";
+import { c as MetricsOptions, d as SSEOptions, m as CachingOptions, r as VersioningOptions, t as ErrorHandlerOptions } from "./errorHandler-DJ7OAB2V.mjs";
 import { r as IdempotencyStore } from "./interface-CkkWm5uR.mjs";
 import { FastifyInstance, FastifyPluginAsync, FastifyReply, FastifyRequest, FastifyServerOptions } from "fastify";
 

package/dist/{types-Ct0PUUSp.d.mts → types-D3b7hA00.d.mts}

@@ -1,4 +1,4 @@
-import { qt as ResourceDefinition } from "./interface-IJqN3pXK.mjs";
+import { qt as ResourceDefinition } from "./interface-CS6d7HiB.mjs";
 import { z } from "zod";
 
 //#region src/integrations/mcp/types.d.ts

package/dist/utils/index.d.mts

@@ -1,4 +1,4 @@
-import { Y as OpenApiSchemas, Z as ParsedQuery, m as AnyRecord, nt as QueryParserInterface } from "../interface-IJqN3pXK.mjs";
+import { Y as OpenApiSchemas, Z as ParsedQuery, m as AnyRecord, nt as QueryParserInterface } from "../interface-CS6d7HiB.mjs";
 import { a as NotFoundError, c as RateLimitError, d as ValidationError, i as ForbiddenError, l as ServiceUnavailableError, m as isArcError, n as ConflictError, o as OrgAccessDeniedError, p as createError, r as ErrorDetails, s as OrgRequiredError, t as ArcError, u as UnauthorizedError } from "../errors-BI8kEKsO.mjs";
 import { a as CircuitBreakerStats, c as createCircuitBreakerRegistry, i as CircuitBreakerRegistry, n as CircuitBreakerError, o as CircuitState, r as CircuitBreakerOptions, s as createCircuitBreaker, t as CircuitBreaker } from "../circuitBreaker-BGVoB1hD.mjs";
 import { FastifyInstance } from "fastify";
@@ -235,20 +235,12 @@ declare function wrapResponse(dataSchema: JsonSchema): JsonSchema;
  * Note: Uses 'docs' array (not 'data') with flat pagination fields
  */
 declare function listResponse(itemSchema: JsonSchema): JsonSchema;
-/**
- * Alias for listResponse - matches local responseSchemas.js naming
- */
-declare const paginateWrapper: typeof listResponse;
 /**
  * Create a single item response schema
  *
  * Runtime format: { success, data: {...} }
  */
 declare function itemResponse(itemSchema: JsonSchema): JsonSchema;
-/**
- * Alias for itemResponse - matches local responseSchemas.js naming
- */
-declare const itemWrapper: typeof itemResponse;
 /**
  * Create a create/update response schema
  */
@@ -259,10 +251,6 @@ declare function mutationResponse(itemSchema: JsonSchema): JsonSchema;
  * Runtime format: { success, data: { message, id?, soft? } }
  */
 declare function deleteResponse(): JsonSchema;
-/**
- * Alias for deleteResponse - matches local responseSchemas.js naming
- */
-declare const messageWrapper: typeof deleteResponse;
 declare const responses: {
   200: (schema: JsonSchema) => {
     description: string;
@@ -647,4 +635,4 @@ declare function hasEvents(instance: FastifyInstance): instance is FastifyInstan
   events: EventsDecorator;
 };
 //#endregion
-export { ArcError, ArcQueryParser, type ArcQueryParserOptions, CircuitBreaker, CircuitBreakerError, type CircuitBreakerOptions, CircuitBreakerRegistry, type CircuitBreakerStats, CircuitState, type CompensationDefinition, type CompensationError, type CompensationHooks, type CompensationResult, type CompensationStep, ConflictError, type ErrorDetails, type EventsDecorator, ForbiddenError, type JsonSchema, NotFoundError, OrgAccessDeniedError, OrgRequiredError, RateLimitError, ServiceUnavailableError, type StateMachine, type TransitionConfig, UnauthorizedError, ValidationError, convertOpenApiSchemas, convertRouteSchema, createCircuitBreaker, createCircuitBreakerRegistry, createError, createQueryParser, createStateMachine, defineCompensation, deleteResponse, errorResponseSchema, getDefaultCrudSchemas, getListQueryParams, hasEvents, isArcError, isJsonSchema, isZodSchema, itemResponse, itemWrapper, listResponse, messageWrapper, mutationResponse, paginateWrapper, paginationSchema, queryParams, responses, successResponseSchema, toJsonSchema, withCompensation, wrapResponse };
+export { ArcError, ArcQueryParser, type ArcQueryParserOptions, CircuitBreaker, CircuitBreakerError, type CircuitBreakerOptions, CircuitBreakerRegistry, type CircuitBreakerStats, CircuitState, type CompensationDefinition, type CompensationError, type CompensationHooks, type CompensationResult, type CompensationStep, ConflictError, type ErrorDetails, type EventsDecorator, ForbiddenError, type JsonSchema, NotFoundError, OrgAccessDeniedError, OrgRequiredError, RateLimitError, ServiceUnavailableError, type StateMachine, type TransitionConfig, UnauthorizedError, ValidationError, convertOpenApiSchemas, convertRouteSchema, createCircuitBreaker, createCircuitBreakerRegistry, createError, createQueryParser, createStateMachine, defineCompensation, deleteResponse, errorResponseSchema, getDefaultCrudSchemas, getListQueryParams, hasEvents, isArcError, isJsonSchema, isZodSchema, itemResponse, listResponse, mutationResponse, paginationSchema, queryParams, responses, successResponseSchema, toJsonSchema, withCompensation, wrapResponse };

package/dist/utils/index.mjs

@@ -1,7 +1,7 @@
 import { n as createQueryParser, t as ArcQueryParser } from "../queryParser-CgCtsjti.mjs";
-import { a as createCircuitBreaker, i as CircuitState, n as CircuitBreakerError, o as createCircuitBreakerRegistry, r as CircuitBreakerRegistry, t as CircuitBreaker } from "../circuitBreaker-l18oRgL5.mjs";
-import { _ as defineCompensation, a as getListQueryParams, c as listResponse, d as paginateWrapper, f as paginationSchema, g as wrapResponse, h as successResponseSchema, i as getDefaultCrudSchemas, l as messageWrapper, m as responses, n as deleteResponse, o as itemResponse, p as queryParams, r as errorResponseSchema, s as itemWrapper, t as createStateMachine, u as mutationResponse, v as withCompensation } from "../utils-B-l6410F.mjs";
-import { a as OrgAccessDeniedError, c as ServiceUnavailableError, f as createError, i as NotFoundError, l as UnauthorizedError, n as ConflictError, o as OrgRequiredError, p as isArcError, r as ForbiddenError, s as RateLimitError, t as ArcError, u as ValidationError } from "../errors-Cg58SLNi.mjs";
-import { a as toJsonSchema, i as isZodSchema, n as convertRouteSchema, r as isJsonSchema, t as convertOpenApiSchemas } from "../schemaConverter-Y5EejTnJ.mjs";
+import { a as toJsonSchema, i as isZodSchema, n as convertRouteSchema, r as isJsonSchema, t as convertOpenApiSchemas } from "../schemaConverter-OxfCshus.mjs";
+import { a as createCircuitBreaker, i as CircuitState, n as CircuitBreakerError, o as createCircuitBreakerRegistry, r as CircuitBreakerRegistry, t as CircuitBreaker } from "../circuitBreaker-cmi5XDv5.mjs";
+import { a as getListQueryParams, c as mutationResponse, d as responses, f as successResponseSchema, h as withCompensation, i as getDefaultCrudSchemas, l as paginationSchema, m as defineCompensation, n as deleteResponse, o as itemResponse, p as wrapResponse, r as errorResponseSchema, s as listResponse, t as createStateMachine, u as queryParams } from "../utils-7sJ8X83I.mjs";
+import { a as OrgAccessDeniedError, c as ServiceUnavailableError, f as createError, i as NotFoundError, l as UnauthorizedError, n as ConflictError, o as OrgRequiredError, p as isArcError, r as ForbiddenError, s as RateLimitError, t as ArcError, u as ValidationError } from "../errors-BF2bIOIS.mjs";
 import { t as hasEvents } from "../typeGuards-CcFZXgU7.mjs";
-export { ArcError, ArcQueryParser, CircuitBreaker, CircuitBreakerError, CircuitBreakerRegistry, CircuitState, ConflictError, ForbiddenError, NotFoundError, OrgAccessDeniedError, OrgRequiredError, RateLimitError, ServiceUnavailableError, UnauthorizedError, ValidationError, convertOpenApiSchemas, convertRouteSchema, createCircuitBreaker, createCircuitBreakerRegistry, createError, createQueryParser, createStateMachine, defineCompensation, deleteResponse, errorResponseSchema, getDefaultCrudSchemas, getListQueryParams, hasEvents, isArcError, isJsonSchema, isZodSchema, itemResponse, itemWrapper, listResponse, messageWrapper, mutationResponse, paginateWrapper, paginationSchema, queryParams, responses, successResponseSchema, toJsonSchema, withCompensation, wrapResponse };
+export { ArcError, ArcQueryParser, CircuitBreaker, CircuitBreakerError, CircuitBreakerRegistry, CircuitState, ConflictError, ForbiddenError, NotFoundError, OrgAccessDeniedError, OrgRequiredError, RateLimitError, ServiceUnavailableError, UnauthorizedError, ValidationError, convertOpenApiSchemas, convertRouteSchema, createCircuitBreaker, createCircuitBreakerRegistry, createError, createQueryParser, createStateMachine, defineCompensation, deleteResponse, errorResponseSchema, getDefaultCrudSchemas, getListQueryParams, hasEvents, isArcError, isJsonSchema, isZodSchema, itemResponse, listResponse, mutationResponse, paginationSchema, queryParams, responses, successResponseSchema, toJsonSchema, withCompensation, wrapResponse };