@classytic/arc 2.8.4 → 2.8.5

package/dist/filesUpload-C7r7HIeA.mjs

@@ -0,0 +1,319 @@
+import { o as getOrgId, p as getUserId } from "./types-AOD8fxIw.mjs";
+import { i as NotFoundError, u as ValidationError } from "./errors-BF2bIOIS.mjs";
+import { n as allowPublic, s as requireAuth } from "./permissions-CH4cNwJi.mjs";
+//#region src/middleware/multipartBody.ts
+const DEFAULT_MAX_FILE_SIZE$1 = 10 * 1024 * 1024;
+const DEFAULT_MAX_FILES = 5;
+const DEFAULT_FILES_KEY = "_files";
+/**
+* Create a multipart body parsing middleware.
+*
+* When a request has `content-type: multipart/form-data`, this middleware:
+* 1. Reads all parts (fields + files)
+* 2. Sets text fields on `req.body` as a plain object
+* 3. Attaches file buffers to `req.body[filesKey]` (default: `req.body._files`)
+*
+* For non-multipart requests (regular JSON), this is a no-op — the request
+* passes through unchanged. This makes it safe to add to create/update
+* middlewares without breaking JSON clients.
+*/
+function multipartBody(options = {}) {
+	const maxFileSize = options.maxFileSize ?? DEFAULT_MAX_FILE_SIZE$1;
+	const maxFiles = options.maxFiles ?? DEFAULT_MAX_FILES;
+	const allowedMimeTypes = options.allowedMimeTypes ? new Set(options.allowedMimeTypes) : void 0;
+	const filesKey = options.filesKey ?? DEFAULT_FILES_KEY;
+	const requiredFields = options.requiredFields && options.requiredFields.length > 0 ? options.requiredFields : void 0;
+	return async function parseMultipartBody(request, reply) {
+		if (!(request.headers["content-type"] ?? "").includes("multipart/form-data")) return;
+		if (typeof request.parts !== "function") {
+			request.log.warn("multipartBody middleware: @fastify/multipart not registered. Ensure createApp() has multipart enabled (default) or install @fastify/multipart.");
+			return;
+		}
+		const body = {};
+		const files = {};
+		let fileCount = 0;
+		try {
+			const parts = request.parts();
+			for await (const part of parts) if (part.type === "file") {
+				if (fileCount >= maxFiles) continue;
+				if (allowedMimeTypes && !allowedMimeTypes.has(part.mimetype)) return reply.code(415).send({
+					success: false,
+					error: `File type '${part.mimetype}' not allowed. Accepted: ${[...allowedMimeTypes].join(", ")}`
+				});
+				const buffer = await part.toBuffer();
+				if (buffer.length > maxFileSize) return reply.code(413).send({
+					success: false,
+					error: `File '${part.filename}' exceeds maximum size of ${Math.round(maxFileSize / 1024 / 1024)}MB`
+				});
+				files[part.fieldname] = {
+					filename: part.filename,
+					mimetype: part.mimetype,
+					buffer,
+					size: buffer.length,
+					fieldname: part.fieldname
+				};
+				fileCount++;
+			} else body[part.fieldname] = tryParseValue(part.value);
+		} catch (err) {
+			request.log.error({ err }, "multipartBody: failed to parse multipart form");
+			return reply.code(400).send({
+				success: false,
+				error: "Failed to parse multipart form data"
+			});
+		}
+		if (requiredFields) {
+			const missing = requiredFields.filter((name) => !(name in files));
+			if (missing.length > 0) return reply.code(400).send({
+				success: false,
+				error: `Missing required file field${missing.length > 1 ? "s" : ""}: ${missing.join(", ")}`,
+				code: "MISSING_FILE_FIELDS",
+				details: { missing }
+			});
+		}
+		if (fileCount > 0) body[filesKey] = files;
+		request.body = body;
+	};
+}
+/**
+* Try to parse a form field value as JSON, number, or boolean.
+* Falls back to the raw string if parsing fails.
+*/
+function tryParseValue(value) {
+	if (value === "true") return true;
+	if (value === "false") return false;
+	if (value === "null") return null;
+	if (/^-?\d+(\.\d+)?$/.test(value) && value.length < 16) {
+		const num = Number(value);
+		if (Number.isFinite(num)) return num;
+	}
+	if (value.startsWith("{") && value.endsWith("}") || value.startsWith("[") && value.endsWith("]")) try {
+		return JSON.parse(value);
+	} catch {}
+	return value;
+}
+//#endregion
+//#region src/presets/filesUpload.ts
+const DEFAULT_FIELD_NAME = "file";
+const DEFAULT_MAX_FILE_SIZE = 10 * 1024 * 1024;
+function defaultContextFrom(scope) {
+	if (!scope) return {};
+	const userId = getUserId(scope);
+	const organizationId = getOrgId(scope);
+	const ctx = {};
+	if (userId !== void 0) ctx.userId = userId;
+	if (organizationId !== void 0) ctx.organizationId = organizationId;
+	return ctx;
+}
+function buildStorageContext(request, contextFrom) {
+	const scope = request.scope;
+	return {
+		scope: contextFrom(scope),
+		requestId: request.id
+	};
+}
+/**
+* Parse a single-range `Range: bytes=start-end` header.
+*
+* Returns `undefined` when the header is missing or unparseable. Only
+* satisfiable single ranges are supported — multi-range requests fall through
+* to the full-object response (per RFC 7233 §4.1 a server MAY ignore ranges).
+*/
+function parseRangeHeader(header, totalSize) {
+	if (!header || !header.startsWith("bytes=")) return void 0;
+	const spec = header.slice(6).split(",")[0]?.trim();
+	if (!spec) return void 0;
+	const dashIndex = spec.indexOf("-");
+	if (dashIndex === -1) return void 0;
+	const startRaw = spec.slice(0, dashIndex);
+	const endRaw = spec.slice(dashIndex + 1);
+	if (startRaw === "") {
+		if (totalSize === void 0) return void 0;
+		const suffix = Number(endRaw);
+		if (!Number.isFinite(suffix) || suffix <= 0) return void 0;
+		return {
+			start: Math.max(0, totalSize - suffix),
+			end: totalSize - 1
+		};
+	}
+	const start = Number(startRaw);
+	if (!Number.isFinite(start) || start < 0) return void 0;
+	if (endRaw === "") {
+		if (totalSize === void 0) return void 0;
+		return {
+			start,
+			end: totalSize - 1
+		};
+	}
+	const end = Number(endRaw);
+	if (!Number.isFinite(end) || end < start) return void 0;
+	if (totalSize !== void 0 && end >= totalSize) return {
+		start,
+		end: totalSize - 1
+	};
+	return {
+		start,
+		end
+	};
+}
+function makeUploadHandler(deps) {
+	return async function uploadHandler(request, reply) {
+		const file = (request.body?._files)?.[deps.fieldName];
+		if (!file) throw new ValidationError(`Missing file field '${deps.fieldName}' in multipart body`);
+		const ctx = buildStorageContext(request, deps.contextFrom);
+		const result = await deps.storage.upload({
+			buffer: file.buffer,
+			filename: file.filename,
+			mimeType: file.mimetype,
+			size: file.size
+		}, ctx);
+		return reply.code(201).send({
+			success: true,
+			data: toResponseFile(result)
+		});
+	};
+}
+function toResponseFile(file) {
+	const payload = {
+		id: file.id,
+		url: file.url,
+		pathname: file.pathname,
+		contentType: file.contentType,
+		bytes: file.bytes
+	};
+	if (file.metadata !== void 0) payload.metadata = file.metadata;
+	return payload;
+}
+function makeReadHandler(deps) {
+	return async function readHandler(request, reply) {
+		const { id } = request.params;
+		const ctx = buildStorageContext(request, deps.contextFrom);
+		reply.header("Accept-Ranges", "bytes");
+		const rangeHeader = request.headers.range;
+		let result;
+		try {
+			const parsed = rangeHeader ? parseRangeHeader(rangeHeader, void 0) : void 0;
+			result = await deps.storage.read(id, ctx, parsed);
+		} catch (err) {
+			throw toNotFound(err, "File", id);
+		}
+		if (result.kind === "buffer") return sendBuffer(reply, result, rangeHeader);
+		return sendStream(reply, result, rangeHeader);
+	};
+}
+function sendBuffer(reply, result, rangeHeader) {
+	reply.type(result.contentType);
+	const total = result.totalBytes ?? result.buffer.length;
+	if (result.range) {
+		const { start, end } = result.range;
+		reply.code(206);
+		reply.header("Content-Range", `bytes ${start}-${end}/${total}`);
+		reply.header("Content-Length", String(result.buffer.length));
+		return reply.send(result.buffer);
+	}
+	if (rangeHeader) {
+		const parsed = parseRangeHeader(rangeHeader, total);
+		if (parsed) {
+			const slice = result.buffer.subarray(parsed.start, parsed.end + 1);
+			reply.code(206);
+			reply.header("Content-Range", `bytes ${parsed.start}-${parsed.end}/${total}`);
+			reply.header("Content-Length", String(slice.length));
+			return reply.send(slice);
+		}
+	}
+	reply.header("Content-Length", String(result.buffer.length));
+	return reply.send(result.buffer);
+}
+function sendStream(reply, result, rangeHeader) {
+	reply.type(result.contentType);
+	if (result.range && result.bytes !== void 0) {
+		const { start, end } = result.range;
+		reply.code(206);
+		reply.header("Content-Range", `bytes ${start}-${end}/${result.bytes}`);
+		reply.header("Content-Length", String(end - start + 1));
+	} else if (result.bytes !== void 0) {
+		reply.header("Content-Length", String(result.bytes));
+		if (rangeHeader) reply.request.log.debug({ url: reply.request.url }, "filesUploadPreset: adapter returned unsliced stream for a range request — sending full object");
+	}
+	return reply.send(result.stream);
+}
+function makeDeleteHandler(deps) {
+	return async function deleteHandler(request, reply) {
+		const { id } = request.params;
+		const ctx = buildStorageContext(request, deps.contextFrom);
+		if (!await deps.storage.delete(id, ctx)) throw new NotFoundError("File", id);
+		return reply.code(204).send();
+	};
+}
+function toNotFound(err, resource, id) {
+	if (err instanceof NotFoundError) return err;
+	const maybe = err;
+	if (maybe?.statusCode === 404 || maybe?.code === "NOT_FOUND") return new NotFoundError(resource, id);
+	if (typeof maybe?.message === "string" && /not\s*found/i.test(maybe.message)) return new NotFoundError(resource, id);
+	return err;
+}
+/**
+* Create a files-upload preset bound to a `Storage` adapter.
+*
+* The preset uses `raw: true` routes so binary responses bypass arc's JSON
+* envelope. Upload still returns the standard `{ success: true, data }`
+* envelope manually because the response is structured metadata, not bytes.
+*/
+function filesUploadPreset(options) {
+	if (!options?.storage) throw new Error("filesUploadPreset: `storage` is required");
+	const deps = {
+		storage: options.storage,
+		fieldName: options.fieldName ?? DEFAULT_FIELD_NAME,
+		contextFrom: options.contextFrom ?? defaultContextFrom
+	};
+	const maxFileSize = options.maxFileSize ?? DEFAULT_MAX_FILE_SIZE;
+	const allowedMimeTypes = options.allowedMimeTypes;
+	const includeRoutes = {
+		upload: options.includeRoutes?.upload ?? true,
+		read: options.includeRoutes?.read ?? true,
+		delete: options.includeRoutes?.delete ?? true
+	};
+	return {
+		name: "filesUpload",
+		routes: (permissions) => {
+			const routes = [];
+			if (includeRoutes.upload) routes.push({
+				method: "POST",
+				path: "/upload",
+				operation: "filesUpload.upload",
+				summary: "Upload a file",
+				description: "Accepts a multipart/form-data request and persists the bytes via the configured Storage adapter.",
+				permissions: options.permissions?.upload ?? permissions.create ?? requireAuth(),
+				preHandler: [multipartBody({
+					maxFileSize,
+					allowedMimeTypes,
+					requiredFields: [deps.fieldName]
+				})],
+				raw: true,
+				handler: makeUploadHandler(deps)
+			});
+			if (includeRoutes.read) routes.push({
+				method: "GET",
+				path: "/:id",
+				operation: "filesUpload.read",
+				summary: "Download a file",
+				description: "Streams the stored bytes. Supports single-range `Range: bytes=start-end`.",
+				permissions: options.permissions?.read ?? permissions.get ?? allowPublic(),
+				raw: true,
+				handler: makeReadHandler(deps),
+				mcp: false
+			});
+			if (includeRoutes.delete) routes.push({
+				method: "DELETE",
+				path: "/:id",
+				operation: "filesUpload.delete",
+				summary: "Delete a file",
+				permissions: options.permissions?.delete ?? permissions.delete ?? requireAuth(),
+				raw: true,
+				handler: makeDeleteHandler(deps)
+			});
+			return routes;
+		}
+	};
+}
+//#endregion
+export { filesUploadPreset as t };

package/dist/hooks/index.d.mts

@@ -1,2 +1,2 @@
-import { An as beforeCreate, Cn as HookPhase, Dn as afterCreate, En as HookSystemOptions, Mn as beforeUpdate, Nn as createHookSystem, On as afterDelete, Pn as defineHook, Sn as HookOperation, Tn as HookSystem, bn as HookContext, jn as beforeDelete, kn as afterUpdate, wn as HookRegistration, xn as HookHandler, yn as DefineHookOptions } from "../interface-BVuMfeVv.mjs";
+import { An as beforeCreate, Cn as HookPhase, Dn as afterCreate, En as HookSystemOptions, Mn as beforeUpdate, Nn as createHookSystem, On as afterDelete, Pn as defineHook, Sn as HookOperation, Tn as HookSystem, bn as HookContext, jn as beforeDelete, kn as afterUpdate, wn as HookRegistration, xn as HookHandler, yn as DefineHookOptions } from "../interface-CMRutPfe.mjs";
 export { type DefineHookOptions, type HookContext, type HookHandler, type HookOperation, type HookPhase, type HookRegistration, HookSystem, type HookSystemOptions, afterCreate, afterDelete, afterUpdate, beforeCreate, beforeDelete, beforeUpdate, createHookSystem, defineHook };

package/dist/hooks/index.mjs

@@ -1,2 +1,2 @@
-import { a as beforeCreate, c as createHookSystem, i as afterUpdate, l as defineHook, n as afterCreate, o as beforeDelete, r as afterDelete, s as beforeUpdate, t as HookSystem } from "../HookSystem-BjFu7zf1.mjs";
+import { a as beforeCreate, c as createHookSystem, i as afterUpdate, l as defineHook, n as afterCreate, o as beforeDelete, r as afterDelete, s as beforeUpdate, t as HookSystem } from "../HookSystem-HprTmvVY.mjs";
 export { HookSystem, afterCreate, afterDelete, afterUpdate, beforeCreate, beforeDelete, beforeUpdate, createHookSystem, defineHook };

package/dist/idempotency/index.d.mts

@@ -1,6 +1,6 @@
-import { i as createIdempotencyResult, n as IdempotencyResult, r as IdempotencyStore, t as IdempotencyLock } from "../interface-B-pe8fhj.mjs";
-import { n as MongoIdempotencyStoreOptions } from "../mongodb-X7LbEjTN.mjs";
-import { r as RedisIdempotencyStoreOptions, t as RedisClient } from "../redis-z3sFr1UP.mjs";
+import { i as createIdempotencyResult, n as IdempotencyResult, r as IdempotencyStore, t as IdempotencyLock } from "../interface-DfLGcus7.mjs";
+import { n as MongoIdempotencyStoreOptions } from "../mongodb-CTcp0hQZ.mjs";
+import { i as RedisIdempotencyStoreOptions, n as RedisClient } from "../redis-BM00zaPB.mjs";
 import { FastifyPluginAsync } from "fastify";
 
 //#region src/idempotency/idempotencyPlugin.d.ts

package/dist/idempotency/mongodb.d.mts

@@ -1,2 +1,2 @@
-import { n as MongoIdempotencyStoreOptions, t as MongoIdempotencyStore } from "../mongodb-X7LbEjTN.mjs";
+import { n as MongoIdempotencyStoreOptions, t as MongoIdempotencyStore } from "../mongodb-CTcp0hQZ.mjs";
 export { MongoIdempotencyStore, type MongoIdempotencyStoreOptions };

package/dist/idempotency/redis.d.mts

@@ -1,2 +1,2 @@
-import { n as RedisIdempotencyStore, r as RedisIdempotencyStoreOptions, t as RedisClient } from "../redis-z3sFr1UP.mjs";
-export { type RedisClient, RedisIdempotencyStore, type RedisIdempotencyStoreOptions };
+import { a as UpstashRedisLike, i as RedisIdempotencyStoreOptions, n as RedisClient, o as ioredisAsIdempotencyClient, r as RedisIdempotencyStore, s as upstashAsIdempotencyClient, t as IoredisLike } from "../redis-BM00zaPB.mjs";
+export { type IoredisLike, type RedisClient, RedisIdempotencyStore, type RedisIdempotencyStoreOptions, type UpstashRedisLike, ioredisAsIdempotencyClient, upstashAsIdempotencyClient };

package/dist/idempotency/redis.mjs

@@ -77,18 +77,24 @@ var RedisIdempotencyStore = class {
 	}
 	async findByPrefix(prefix) {
 		const keys = await this.scanByPrefix(this.resultKey(prefix));
-		for (const key of keys) {
-			const data = await this.client.get(key);
-			if (!data) continue;
-			try {
-				const result = JSON.parse(data);
-				if (new Date(result.expiresAt) < /* @__PURE__ */ new Date()) continue;
-				return {
-					...result,
-					createdAt: new Date(result.createdAt),
-					expiresAt: new Date(result.expiresAt)
-				};
-			} catch {}
+		if (keys.length === 0) return void 0;
+		const BATCH_SIZE = 10;
+		const now = /* @__PURE__ */ new Date();
+		for (let i = 0; i < keys.length; i += BATCH_SIZE) {
+			const batch = keys.slice(i, i + BATCH_SIZE);
+			const values = await Promise.all(batch.map((k) => this.client.get(k)));
+			for (const data of values) {
+				if (!data) continue;
+				try {
+					const result = JSON.parse(data);
+					if (new Date(result.expiresAt) < now) continue;
+					return {
+						...result,
+						createdAt: new Date(result.createdAt),
+						expiresAt: new Date(result.expiresAt)
+					};
+				} catch {}
+			}
 		}
 	}
 	/** Scan Redis keys matching a prefix pattern. Falls back to empty if SCAN unavailable. */
@@ -105,5 +111,120 @@ var RedisIdempotencyStore = class {
 	}
 	async close() {}
 };
+/**
+* Wrap an ioredis instance as the arc idempotency `RedisClient`.
+*
+* Arc's idempotency store expects node-redis-v4 style option objects
+* (`{ EX, NX }`). ioredis uses positional flags. This adapter lets users
+* plug an ioredis instance in without writing the bridge themselves.
+*
+* @example
+* ```typescript
+* import Redis from 'ioredis';
+* import { RedisIdempotencyStore, ioredisAsIdempotencyClient }
+*   from '@classytic/arc/idempotency/redis';
+*
+* const redis = new Redis(process.env.REDIS_URL);
+* const store = new RedisIdempotencyStore({
+*   client: ioredisAsIdempotencyClient(redis),
+* });
+* ```
+*/
+function ioredisAsIdempotencyClient(client) {
+	return {
+		async get(key) {
+			return client.get(key);
+		},
+		async set(key, value, options) {
+			const args = [key, value];
+			if (options?.EX != null) args.push("EX", options.EX);
+			if (options?.NX) args.push("NX");
+			return client.set(...args);
+		},
+		async del(key) {
+			if (Array.isArray(key)) return client.del(...key);
+			return client.del(key);
+		},
+		async exists(key) {
+			if (Array.isArray(key)) return client.exists(...key);
+			return client.exists(key);
+		},
+		async scan(cursor, ...args) {
+			const [next, keys] = await client.scan(cursor, ...args);
+			return [next, keys];
+		},
+		eval: client.eval ? (script, numKeys, ...args) => client.eval(script, numKeys, ...args) : void 0,
+		async quit() {
+			if (client.quit) return client.quit();
+			return "OK";
+		},
+		async disconnect() {
+			if (client.disconnect) client.disconnect();
+		}
+	};
+}
+/**
+* Wrap an `@upstash/redis` REST client as an idempotency `RedisClient`.
+*
+* Enables running arc's idempotency store on Cloudflare Workers, Vercel Edge
+* and Deno Deploy — runtimes that don't support raw TCP (ioredis).
+*
+* @example
+* ```typescript
+* import { Redis } from '@upstash/redis';
+* import { RedisIdempotencyStore, upstashAsIdempotencyClient }
+*   from '@classytic/arc/idempotency/redis';
+*
+* const redis = Redis.fromEnv();
+* const store = new RedisIdempotencyStore({
+*   client: upstashAsIdempotencyClient(redis),
+* });
+* ```
+*/
+function upstashAsIdempotencyClient(client) {
+	return {
+		async get(key) {
+			const raw = await client.get(key);
+			if (raw == null) return null;
+			return typeof raw === "string" ? raw : JSON.stringify(raw);
+		},
+		async set(key, value, options) {
+			const opts = {};
+			if (options?.EX != null) opts.ex = options.EX;
+			if (options?.NX) opts.nx = true;
+			const res = await client.set(key, value, opts);
+			return res == null ? null : String(res);
+		},
+		async del(key) {
+			if (Array.isArray(key)) return client.del(...key);
+			return client.del(key);
+		},
+		async exists(key) {
+			if (Array.isArray(key)) return client.exists(...key);
+			return client.exists(key);
+		},
+		async scan(cursor, ...args) {
+			const opts = {};
+			for (let i = 0; i < args.length; i += 2) {
+				const flag = String(args[i]).toLowerCase();
+				const val = args[i + 1];
+				if (flag === "match" && typeof val === "string") opts.match = val;
+				if (flag === "count") opts.count = Number(val);
+			}
+			const [next, keys] = await client.scan(cursor, opts);
+			return [next, keys];
+		},
+		eval: client.eval ? async (script, _numKeys, ...args) => {
+			const keyCount = _numKeys;
+			const keys = args.slice(0, keyCount).map(String);
+			const rest = args.slice(keyCount);
+			return client.eval(script, keys, rest);
+		} : void 0,
+		async quit() {
+			return "OK";
+		},
+		async disconnect() {}
+	};
+}
 //#endregion
-export { RedisIdempotencyStore };
+export { RedisIdempotencyStore, ioredisAsIdempotencyClient, upstashAsIdempotencyClient };

package/dist/{index-CSkeivBx.d.mts → index-BLXBmWud.d.mts}

@@ -1,6 +1,6 @@
-import { r as RequestScope } from "./types-C72d3NDn.mjs";
-import { n as PermissionContext, r as PermissionResult, t as PermissionCheck } from "./types-CVC4HOKi.mjs";
-import { i as CacheStore, t as CacheLogger } from "./interface-DplgQO2e.mjs";
+import { r as RequestScope } from "./types-BD85MlEK.mjs";
+import { n as PermissionContext, r as PermissionResult, t as PermissionCheck } from "./types-DZi1aYhm.mjs";
+import { i as CacheStore, t as CacheLogger } from "./interface-4y979v99.mjs";
 import { FastifyRequest } from "fastify";
 
 //#region src/permissions/applyPermissionResult.d.ts

package/dist/{index-BgmMdpm8.d.mts → index-C1meYuDn.d.mts}

@@ -1,4 +1,4 @@
-import { Y as OpenApiSchemas, Z as ParsedQuery, Zt as CrudRepository, c as ValidationResult, n as AdapterSchemaContext, nt as QueryParserInterface, o as RepositoryLike, r as DataAdapter, s as SchemaMetadata, vt as RouteSchemaOptions } from "./interface-BVuMfeVv.mjs";
+import { Y as OpenApiSchemas, Z as ParsedQuery, Zt as CrudRepository, c as ValidationResult, n as AdapterSchemaContext, nt as QueryParserInterface, o as RepositoryLike, r as DataAdapter, s as SchemaMetadata, vt as RouteSchemaOptions } from "./interface-CMRutPfe.mjs";
 import { Model } from "mongoose";
 
 //#region src/adapters/mongoose.d.ts

package/dist/{index-CpTSDqmD.d.mts → index-DtDzOBn8.d.mts}

@@ -1,6 +1,6 @@
-import { r as RequestScope } from "./types-C72d3NDn.mjs";
-import { D as CrudRouterOptions, Ht as IControllerResponse, N as FastifyWithDecorators, T as CrudController, Ut as IRequestContext, Vt as IController, ct as RequestWithExtras, m as AnyRecord, ot as RequestContext, qt as ResourceDefinition, ut as ResourceConfig } from "./interface-BVuMfeVv.mjs";
-import { t as PermissionCheck } from "./types-CVC4HOKi.mjs";
+import { r as RequestScope } from "./types-BD85MlEK.mjs";
+import { D as CrudRouterOptions, Ht as IControllerResponse, N as FastifyWithDecorators, T as CrudController, Ut as IRequestContext, Vt as IController, ct as RequestWithExtras, m as AnyRecord, ot as RequestContext, qt as ResourceDefinition, ut as ResourceConfig } from "./interface-CMRutPfe.mjs";
+import { t as PermissionCheck } from "./types-DZi1aYhm.mjs";
 import { FastifyInstance, FastifyReply, FastifyRequest, RouteHandlerMethod } from "fastify";
 
 //#region src/constants.d.ts

package/dist/index.d.mts

@@ -1,10 +1,10 @@
-import { $ as PresetFunction, $t as DeleteOptions, At as BaseController, B as InferResourceDoc, C as ConfigError, Ct as TypedResourceConfig, D as CrudRouterOptions, Dt as ValidationResult$1, E as CrudRouteKey, Et as ValidateOptions, F as GracefulShutdownOptions, H as IntrospectionPluginOptions, Ht as IControllerResponse, I as HealthCheck, Jt as defineResource, K as MiddlewareConfig, L as HealthOptions, M as FastifyWithAuth, N as FastifyWithDecorators, O as CrudSchemas, Ot as envelope, P as FieldRule, Qt as DeleteManyResult, R as InferAdapterDoc, St as TypedRepository, T as CrudController, Tt as UserOrganization, U as JWTPayload, Ut as IRequestContext, V as IntrospectionData, Vt as IController, Wt as RouteHandler, X as OwnershipCheck, Xt as BulkWriteResult, Yt as BulkWriteOperation, Zt as CrudRepository, _ as ArcInternalMetadata, _n as PipelineStep, a as RelationMetadata, an as PaginationParams, at as RegistryStats, b as AuthPluginOptions, c as ValidationResult, cn as RepositorySession, ct as RequestWithExtras, dn as Guard, en as DeleteResult, fn as Interceptor, gn as PipelineContext, gt as RouteHandlerMethod, h as ApiResponse, hn as PipelineConfig, i as FieldMetadata, in as PaginatedResult, it as RegistryEntry, j as FastifyRequestExtras, jt as BaseControllerOptions, k as EventDefinition, ln as UpdateManyResult, m as AnyRecord, mn as OperationFilter, nn as KeysetPaginatedResult, o as RepositoryLike, on as PaginationResult, ot as RequestContext, p as AdditionalRoute, pn as NextFunction, pt as ResourceMetadata, q as MiddlewareHandler, qt as ResourceDefinition, r as DataAdapter, rn as OffsetPaginatedResult, rt as RateLimitConfig, s as SchemaMetadata, sn as QueryOptions, st as RequestIdOptions, tt as PresetResult, un as WriteOptions, ut as ResourceConfig, v as ArcRequest, vn as Transform, vt as RouteSchemaOptions, xt as TypedController, yt as ServiceContext, z as InferDocType, zt as ControllerLike } from "./interface-BVuMfeVv.mjs";
-import { a as applyFieldWritePermissions, i as applyFieldReadPermissions, n as FieldPermissionMap, o as fields, t as FieldPermission } from "./fields-DC4So2M2.mjs";
-import { i as UserBase, n as PermissionContext, r as PermissionResult, t as PermissionCheck } from "./types-CVC4HOKi.mjs";
-import { l as createMongooseAdapter, o as createPrismaAdapter, s as MongooseAdapter, t as PrismaAdapter } from "./index-BgmMdpm8.mjs";
-import { A as MUTATION_OPERATIONS, C as HOOK_OPERATIONS, D as MAX_FILTER_DEPTH, E as HookPhase, M as RESERVED_QUERY_PARAMS, N as SYSTEM_FIELDS, O as MAX_REGEX_LENGTH, S as DEFAULT_UPDATE_METHOD, T as HookOperation, _ as DEFAULT_ID_FIELD, a as getControllerScope, b as DEFAULT_SORT, g as CrudOperation, h as CRUD_OPERATIONS, j as MutationOperation, k as MAX_SEARCH_LENGTH, s as defineResourceVariants, v as DEFAULT_LIMIT, w as HOOK_PHASES, x as DEFAULT_TENANT_FIELD, y as DEFAULT_MAX_LIMIT } from "./index-CpTSDqmD.mjs";
-import { C as authenticated, D as publicRead, E as presets_d_exports, O as publicReadAdminWrite, S as adminOnly, T as ownerWithAdminBypass, _ as requireScopeContext, a as allOf, c as createDynamicPermissionMatrix, d as requireAuth, f as requireOrgInScope, g as requireRoles, h as requireOwnership, k as readOnly, l as createOrgPermissions, m as requireOrgRole, n as DynamicPermissionMatrix, o as allowPublic, p as requireOrgMembership, r as DynamicPermissionMatrixConfig, s as anyOf, u as denyAll, v as requireServiceScope, w as fullPublic, x as when, y as requireTeamMembership } from "./index-CSkeivBx.mjs";
-import { a as NotFoundError, d as ValidationError, f as createDomainError, i as ForbiddenError, t as ArcError, u as UnauthorizedError } from "./errors-Bmn3eZT6.mjs";
+import { $ as PresetFunction, $t as DeleteOptions, At as BaseController, B as InferResourceDoc, C as ConfigError, Ct as TypedResourceConfig, D as CrudRouterOptions, Dt as ValidationResult$1, E as CrudRouteKey, Et as ValidateOptions, F as GracefulShutdownOptions, H as IntrospectionPluginOptions, Ht as IControllerResponse, I as HealthCheck, Jt as defineResource, K as MiddlewareConfig, L as HealthOptions, M as FastifyWithAuth, N as FastifyWithDecorators, O as CrudSchemas, Ot as envelope, P as FieldRule, Qt as DeleteManyResult, R as InferAdapterDoc, St as TypedRepository, T as CrudController, Tt as UserOrganization, U as JWTPayload, Ut as IRequestContext, V as IntrospectionData, Vt as IController, Wt as RouteHandler, X as OwnershipCheck, Xt as BulkWriteResult, Yt as BulkWriteOperation, Zt as CrudRepository, _ as ArcInternalMetadata, _n as PipelineStep, a as RelationMetadata, an as PaginationParams, at as RegistryStats, b as AuthPluginOptions, c as ValidationResult, cn as RepositorySession, ct as RequestWithExtras, dn as Guard, en as DeleteResult, fn as Interceptor, gn as PipelineContext, gt as RouteHandlerMethod, h as ApiResponse, hn as PipelineConfig, i as FieldMetadata, in as PaginatedResult, it as RegistryEntry, j as FastifyRequestExtras, jt as BaseControllerOptions, k as EventDefinition, ln as UpdateManyResult, m as AnyRecord, mn as OperationFilter, nn as KeysetPaginatedResult, o as RepositoryLike, on as PaginationResult, ot as RequestContext, p as AdditionalRoute, pn as NextFunction, pt as ResourceMetadata, q as MiddlewareHandler, qt as ResourceDefinition, r as DataAdapter, rn as OffsetPaginatedResult, rt as RateLimitConfig, s as SchemaMetadata, sn as QueryOptions, st as RequestIdOptions, tt as PresetResult, un as WriteOptions, ut as ResourceConfig, v as ArcRequest, vn as Transform, vt as RouteSchemaOptions, xt as TypedController, yt as ServiceContext, z as InferDocType, zt as ControllerLike } from "./interface-CMRutPfe.mjs";
+import { a as applyFieldWritePermissions, i as applyFieldReadPermissions, n as FieldPermissionMap, o as fields, t as FieldPermission } from "./fields-DpZQa_Q3.mjs";
+import { i as UserBase, n as PermissionContext, r as PermissionResult, t as PermissionCheck } from "./types-DZi1aYhm.mjs";
+import { l as createMongooseAdapter, o as createPrismaAdapter, s as MongooseAdapter, t as PrismaAdapter } from "./index-C1meYuDn.mjs";
+import { A as MUTATION_OPERATIONS, C as HOOK_OPERATIONS, D as MAX_FILTER_DEPTH, E as HookPhase, M as RESERVED_QUERY_PARAMS, N as SYSTEM_FIELDS, O as MAX_REGEX_LENGTH, S as DEFAULT_UPDATE_METHOD, T as HookOperation, _ as DEFAULT_ID_FIELD, a as getControllerScope, b as DEFAULT_SORT, g as CrudOperation, h as CRUD_OPERATIONS, j as MutationOperation, k as MAX_SEARCH_LENGTH, s as defineResourceVariants, v as DEFAULT_LIMIT, w as HOOK_PHASES, x as DEFAULT_TENANT_FIELD, y as DEFAULT_MAX_LIMIT } from "./index-DtDzOBn8.mjs";
+import { C as authenticated, D as publicRead, E as presets_d_exports, O as publicReadAdminWrite, S as adminOnly, T as ownerWithAdminBypass, _ as requireScopeContext, a as allOf, c as createDynamicPermissionMatrix, d as requireAuth, f as requireOrgInScope, g as requireRoles, h as requireOwnership, k as readOnly, l as createOrgPermissions, m as requireOrgRole, n as DynamicPermissionMatrix, o as allowPublic, p as requireOrgMembership, r as DynamicPermissionMatrixConfig, s as anyOf, u as denyAll, v as requireServiceScope, w as fullPublic, x as when, y as requireTeamMembership } from "./index-BLXBmWud.mjs";
+import { a as NotFoundError, d as ValidationError, f as createDomainError, i as ForbiddenError, t as ArcError, u as UnauthorizedError } from "./errors-Ck2h67pm.mjs";
 import { AsyncLocalStorage } from "node:async_hooks";
 import { RouteHandlerMethod as RouteHandlerMethod$1 } from "fastify";
 

package/dist/index.mjs

@@ -5,10 +5,10 @@ import { envelope } from "./types/index.mjs";
 import { n as applyFieldWritePermissions, r as fields, t as applyFieldReadPermissions } from "./fields-ipsbIRPK.mjs";
 import { t as requestContext } from "./requestContext-DYvHl113.mjs";
 import { d as createDomainError, i as NotFoundError, l as UnauthorizedError, r as ForbiddenError, t as ArcError, u as ValidationError } from "./errors-BF2bIOIS.mjs";
-import { a as validateResourceConfig, f as getControllerScope, i as formatValidationErrors, m as pipe, n as defineResource, r as assertValidConfig, t as ResourceDefinition } from "./defineResource-Bb_Bdhtw.mjs";
+import { a as validateResourceConfig, f as getControllerScope, i as formatValidationErrors, m as pipe, n as defineResource, r as assertValidConfig, t as ResourceDefinition } from "./defineResource-tcgySDo1.mjs";
 import { C as publicRead, S as presets_exports, T as readOnly, _ as when, a as createOrgPermissions, b as fullPublic, c as requireOrgInScope, d as requireOwnership, f as requireRoles, h as requireTeamMembership, i as createDynamicPermissionMatrix, l as requireOrgMembership, m as requireServiceScope, n as allowPublic, o as denyAll, p as requireScopeContext, r as anyOf, s as requireAuth, t as allOf, u as requireOrgRole, v as adminOnly, w as publicReadAdminWrite, x as ownerWithAdminBypass, y as authenticated } from "./permissions-CH4cNwJi.mjs";
-import { t as defineResourceVariants } from "./core-DKSwNSXf.mjs";
-import { n as configureArcLogger, t as arcLog } from "./logger-CDjpjySd.mjs";
+import { t as defineResourceVariants } from "./core-F0QoWBt2.mjs";
+import { n as configureArcLogger, t as arcLog } from "./logger-D1YrIImS.mjs";
 //#region src/middleware/middleware.ts
 /**
 * Named Middleware — Priority-based, conditional middleware execution.
@@ -128,6 +128,6 @@ function transform(name, handlerOrOptions) {
 }
 //#endregion
 //#region src/index.ts
-const version = "2.8.4";
+const version = "2.8.5";
 //#endregion
 export { ArcError, BaseController, CRUD_OPERATIONS, DEFAULT_ID_FIELD, DEFAULT_LIMIT, DEFAULT_MAX_LIMIT, DEFAULT_SORT, DEFAULT_TENANT_FIELD, DEFAULT_UPDATE_METHOD, ForbiddenError, HOOK_OPERATIONS, HOOK_PHASES, MAX_FILTER_DEPTH, MAX_REGEX_LENGTH, MAX_SEARCH_LENGTH, MUTATION_OPERATIONS, MongooseAdapter, NotFoundError, PrismaAdapter, RESERVED_QUERY_PARAMS, ResourceDefinition, SYSTEM_FIELDS, UnauthorizedError, ValidationError, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, arcLog, assertValidConfig, authenticated, configureArcLogger, createDomainError, createDynamicPermissionMatrix, createMongooseAdapter, createOrgPermissions, createPrismaAdapter, defineResource, defineResourceVariants, denyAll, envelope, fields, formatValidationErrors, fullPublic, getControllerScope, guard, intercept, middleware, ownerWithAdminBypass, presets_exports as permissions, pipe, publicRead, publicReadAdminWrite, readOnly, requestContext, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, sortMiddlewares, transform, validateResourceConfig, version, when };

package/dist/integrations/event-gateway.d.mts

@@ -1,4 +1,4 @@
-import { t as DomainEvent } from "../EventTransport-CinyO7zQ.mjs";
+import { t as DomainEvent } from "../EventTransport-BXja8NOc.mjs";
 import { WebSocketClient, WebSocketMessage } from "./websocket.mjs";
 import { FastifyPluginAsync, FastifyRequest } from "fastify";
 

package/dist/integrations/event-gateway.mjs

@@ -4,7 +4,7 @@ const eventGatewayPluginImpl = async (fastify, opts = {}) => {
 	const { auth = true, orgScoped = false, roomPolicy, maxMessageBytes, maxSubscriptionsPerClient, authenticate } = opts;
 	if (auth && !authenticate && !fastify.hasDecorator("authenticate")) throw new Error("[arc-event-gateway] auth is true but fastify.authenticate is not registered. Register an auth plugin first, provide a custom authenticate function, or set auth: false.");
 	if (opts.sse !== false) {
-		const { default: ssePlugin } = await import("../sse-CJpt7LGI.mjs").then((n) => n.r);
+		const { default: ssePlugin } = await import("../sse-Ad7ypl9e.mjs").then((n) => n.r);
 		await fastify.register(ssePlugin, {
 			path: opts.sse?.path ?? "/events/stream",
 			requireAuth: auth,

package/dist/integrations/index.d.mts

@@ -1,7 +1,7 @@
 import { WebSocketClient, WebSocketMessage, WebSocketPluginOptions } from "./websocket.mjs";
 import { EventGatewayOptions } from "./event-gateway.mjs";
 import { JobDefinition, JobDispatchOptions, JobDispatcher, JobMeta, JobsPluginOptions, QueueStats } from "./jobs.mjs";
-import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-CcG4avic.mjs";
+import { c as McpResourceConfig, f as ToolAnnotations, i as CrudOperation, l as PromptDefinition, m as ToolDefinition, n as CallToolResult, o as McpAuthResult, p as ToolContext, r as CreateMcpServerConfig, s as McpPluginOptions, t as BetterAuthHandler } from "../types-BsbNMEDR.mjs";
 import { StreamlinePluginOptions, WorkflowLike, WorkflowRunLike } from "./streamline.mjs";
 import { WebhookDeliveryRecord, WebhookManager, WebhookPluginOptions, WebhookStore, WebhookSubscription } from "./webhooks.mjs";
 export { type BetterAuthHandler, type CallToolResult, type CreateMcpServerConfig, type CrudOperation, type EventGatewayOptions, type JobDefinition, type JobDispatchOptions, type JobDispatcher, type JobMeta, type JobsPluginOptions, type McpAuthResult, type McpPluginOptions, type McpResourceConfig, type PromptDefinition, type QueueStats, type StreamlinePluginOptions, type ToolAnnotations, type ToolContext, type ToolDefinition, type WebSocketClient, type WebSocketMessage, type WebSocketPluginOptions, type WebhookDeliveryRecord, type WebhookManager, type WebhookPluginOptions, type WebhookStore, type WebhookSubscription, type WorkflowLike, type WorkflowRunLike };