npm - @classytic/arc - Versions diffs - 2.9.1 → 2.10.8 - Mend

@classytic/arc 2.9.1 → 2.10.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (132) hide show

package/README.md +20 -91
package/dist/{BaseController-Vu2yc56T.mjs → BaseController-DVNKvoX4.mjs} +154 -170
package/dist/{ResourceRegistry-Dq3_zBQP.mjs → ResourceRegistry-CcN2LVrc.mjs} +1 -1
package/dist/actionPermissions-TUVR3uiZ.mjs +22 -0
package/dist/adapters/index.d.mts +3 -3
package/dist/adapters/index.mjs +2 -2
package/dist/{adapters-BBqAVvPK.mjs → adapters-BXY4i-hw.mjs} +210 -41
package/dist/audit/index.d.mts +38 -3
package/dist/audit/index.mjs +54 -22
package/dist/auth/index.d.mts +2 -2
package/dist/auth/index.mjs +3 -3
package/dist/cache/index.d.mts +17 -15
package/dist/cache/index.mjs +16 -15
package/dist/{caching-CjybdRwx.mjs → caching-3h93rkJM.mjs} +8 -3
package/dist/cli/commands/describe.mjs +1 -1
package/dist/cli/commands/docs.mjs +2 -2
package/dist/cli/commands/init.mjs +1 -1
package/dist/cli/commands/introspect.mjs +1 -1
package/dist/context/index.d.mts +58 -0
package/dist/context/index.mjs +2 -0
package/dist/core/index.d.mts +2 -2
package/dist/core/index.mjs +3 -4
package/dist/{defineResource-C__jkwvs.mjs → core-3MWJosCH.mjs} +174 -94
package/dist/{createActionRouter-DH1YFL9m.mjs → createActionRouter-C8UUB3Px.mjs} +1 -1
package/dist/{createApp-CBJUJKGP.mjs → createApp-BwnEAO2h.mjs} +53 -19
package/dist/docs/index.d.mts +1 -1
package/dist/docs/index.mjs +2 -2
package/dist/{elevation-DxQ6ACbt.mjs → elevation-Dci0AYLT.mjs} +2 -2
package/dist/errorHandler-2ii4RIYr.d.mts +114 -0
package/dist/{errorHandler-CZDW4EXS.mjs → errorHandler-CSxe7KIM.mjs} +1 -1
package/dist/{eventPlugin-Dl7MoVWH.mjs → eventPlugin-ByU4Cv0e.mjs} +1 -1
package/dist/{eventPlugin-BxvaCIZF.d.mts → eventPlugin-D1ThQ1Pp.d.mts} +1 -1
package/dist/events/index.d.mts +8 -5
package/dist/events/index.mjs +87 -52
package/dist/events/transports/redis-stream-entry.d.mts +1 -1
package/dist/events/transports/redis.d.mts +1 -1
package/dist/factory/index.d.mts +1 -1
package/dist/factory/index.mjs +1 -1
package/dist/{types-DZi1aYhm.d.mts → fields-C8Y0XLAu.d.mts} +122 -2
package/dist/hooks/index.d.mts +1 -1
package/dist/idempotency/index.d.mts +5 -2
package/dist/idempotency/index.mjs +46 -37
package/dist/{interface-YrWsmKqE.d.mts → index-BGbpGVyM.d.mts} +2107 -2756
package/dist/{index-CtGKT0lf.d.mts → index-BziRPS4H.d.mts} +81 -7
package/dist/{index-C-xjcA6F.d.mts → index-C_Noptz-.d.mts} +284 -409
package/dist/{index-Cibkchnx.d.mts → index-EqQN6p0W.d.mts} +3 -3
package/dist/index.d.mts +6 -219
package/dist/index.mjs +10 -131
package/dist/integrations/event-gateway.d.mts +1 -1
package/dist/integrations/event-gateway.mjs +1 -1
package/dist/integrations/index.d.mts +1 -1
package/dist/integrations/mcp/index.d.mts +2 -2
package/dist/integrations/mcp/index.mjs +1 -1
package/dist/integrations/mcp/testing.d.mts +1 -1
package/dist/integrations/mcp/testing.mjs +1 -1
package/dist/interface-yhyb_pLY.d.mts +77 -0
package/dist/logger/index.d.mts +81 -0
package/dist/{logger-CDjpjySd.mjs → logger/index.mjs} +1 -6
package/dist/{memory-BFAYkf8H.mjs → memory-DqI-449b.mjs} +23 -8
package/dist/middleware/index.d.mts +109 -0
package/dist/middleware/index.mjs +70 -0
package/dist/multipartBody-CUQGVlM_.mjs +123 -0
package/dist/{openapi-CXuTG1M9.mjs → openapi-DpNpqBmo.mjs} +9 -7
package/dist/org/index.d.mts +2 -2
package/dist/permissions/index.d.mts +3 -4
package/dist/permissions/index.mjs +5 -5
package/dist/{permissions-oNZawnkR.mjs → permissions-wkqRwicB.mjs} +315 -397
package/dist/pipe-CGJxqDGx.mjs +62 -0
package/dist/pipeline/index.d.mts +62 -0
package/dist/pipeline/index.mjs +53 -0
package/dist/plugins/index.d.mts +23 -3
package/dist/plugins/index.mjs +9 -11
package/dist/plugins/response-cache.mjs +1 -1
package/dist/plugins/tracing-entry.mjs +1 -1
package/dist/presets/filesUpload.d.mts +3 -3
package/dist/presets/filesUpload.mjs +255 -1
package/dist/presets/index.d.mts +1 -1
package/dist/presets/index.mjs +2 -2
package/dist/presets/multiTenant.d.mts +1 -1
package/dist/presets/multiTenant.mjs +43 -9
package/dist/presets/search.d.mts +91 -4
package/dist/presets/search.mjs +1 -1
package/dist/{presets-hM4WhNWY.mjs → presets-CrwOvuXI.mjs} +1 -1
package/dist/{queryCachePlugin-DbUVroUG.mjs → queryCachePlugin-ChLNZvFT.mjs} +9 -9
package/dist/{queryCachePlugin-CnTZZTC5.d.mts → queryCachePlugin-Dumka73q.d.mts} +1 -1
package/dist/{queryParser-Cs-6SHQK.mjs → queryParser-NR__Qiju.mjs} +69 -2
package/dist/{redis-stream-Bz-4q96t.d.mts → redis-stream-bkO88VHx.d.mts} +1 -1
package/dist/registry/index.d.mts +1 -1
package/dist/registry/index.mjs +1 -1
package/dist/{requestContext-DYtmNpm5.mjs → requestContext-C38GskNt.mjs} +1 -1
package/dist/{resourceToTools-C3cWymnW.mjs → resourceToTools-BhF3JV5p.mjs} +8 -3
package/dist/scope/index.d.mts +2 -2
package/dist/scope/index.mjs +2 -2
package/dist/{sse-CJpt7LGI.mjs → sse-D8UeDwis.mjs} +1 -1
package/dist/{store-helpers-DFiZl5TL.mjs → store-helpers-DYYUQbQN.mjs} +4 -0
package/dist/testing/index.d.mts +6 -5
package/dist/testing/index.mjs +17 -10
package/dist/types/index.d.mts +5 -5
package/dist/types/index.mjs +1 -31
package/dist/types-CDnTEpga.mjs +27 -0
package/dist/{types-CoSzA-s-.d.mts → types-CVKBssX5.d.mts} +1 -1
package/dist/{types-CunEX4UX.d.mts → types-CVdgPXBW.d.mts} +20 -7
package/dist/utils/index.d.mts +277 -3
package/dist/utils/index.mjs +4 -5
package/dist/{utils-B7FuRr9w.mjs → utils-LMwVidKy.mjs} +303 -2
package/dist/{versioning-Cm8qoFDg.mjs → versioning-B6mimogM.mjs} +3 -5
package/dist/versioning-CeUXHfjw.d.mts +117 -0
package/package.json +31 -18
package/skills/arc/SKILL.md +8 -12
package/skills/arc/references/production.md +0 -41
package/dist/circuitBreaker-CvXkjfrW.d.mts +0 -206
package/dist/circuitBreaker-l18oRgL5.mjs +0 -284
package/dist/core-DNncu0xF.mjs +0 -34
package/dist/dynamic/index.d.mts +0 -93
package/dist/dynamic/index.mjs +0 -122
package/dist/errorHandler-DixGcttC.d.mts +0 -218
package/dist/fields-BC7zcmI9.d.mts +0 -121
package/dist/filesUpload-q8oHt--L.mjs +0 -377
package/dist/interface-DplgQO2e.d.mts +0 -54
package/dist/policies/index.d.mts +0 -425
package/dist/policies/index.mjs +0 -318
package/dist/rpc/index.d.mts +0 -90
package/dist/rpc/index.mjs +0 -248
/package/dist/{EventTransport-CqZ8FyM_.d.mts → EventTransport-CfVEGaEl.d.mts} +0 -0
/package/dist/{applyPermissionResult-bqGpo9ML.mjs → applyPermissionResult-QhV1Pa-g.mjs} +0 -0
/package/dist/{constants-Cxde4rpC.mjs → constants-BhY1OHoH.mjs} +0 -0
/package/dist/{elevation-B6S5csVA.d.mts → elevation-s5ykdNHr.d.mts} +0 -0
/package/dist/{errors-CqWnSqM-.mjs → errors-BqdUDja_.mjs} +0 -0
/package/dist/{fields-CU6FlaDV.mjs → fields-CTMWOUDt.mjs} +0 -0
/package/dist/{keys-qcD-TVJl.mjs → keys-nWQGUTu1.mjs} +0 -0
/package/dist/{types-ZUu_h0jp.mjs → types-D57iXYb8.mjs} +0 -0
/package/dist/{types-BD85MlEK.d.mts → types-tgR4Pt8F.d.mts} +0 -0

package/dist/{logger-CDjpjySd.mjs → logger/index.mjs} RENAMED Viewed

@@ -1,9 +1,4 @@
-import { t as __exportAll } from "./chunk-BpYLSNr0.mjs";
 //#region src/logger/index.ts
-var logger_exports = /* @__PURE__ */ __exportAll({
-	arcLog: () => arcLog,
-	configureArcLogger: () => configureArcLogger
-});
 let globalOptions = {};
 /**
 * Configure the Arc logger globally.
@@ -73,4 +68,4 @@ function isSuppressed() {
 	return env === "1" || env === "true";
 }
 //#endregion
-export { configureArcLogger as n, logger_exports as r, arcLog as t };
+export { arcLog, configureArcLogger };

package/dist/{memory-BFAYkf8H.mjs → memory-DqI-449b.mjs} RENAMED Viewed

@@ -11,7 +11,7 @@ var memory_exports = /* @__PURE__ */ __exportAll({ MemoryCacheStore: () => Memor
 var MemoryCacheStore = class {
 	name = "memory-cache";
 	cache = /* @__PURE__ */ new Map();
-	defaultTtlMs;
+	defaultTtlSeconds;
 	maxEntries;
 	maxEntryBytes;
 	maxMemoryBytes;
@@ -23,7 +23,7 @@ var MemoryCacheStore = class {
 	_misses = 0;
 	_evictions = 0;
 	constructor(options = {}) {
-		this.defaultTtlMs = options.defaultTtlMs ?? 6e4;
+		this.defaultTtlSeconds = options.defaultTtlSeconds ?? 60;
 		this.maxEntries = clamp(options.maxEntries ?? 1e3, 1, 1e5);
 		this.maxEntryBytes = clamp(options.maxEntryBytes ?? 256 * 1024, 1024, 10 * 1024 * 1024);
 		this.maxMemoryBytes = options.maxMemoryBytes ?? 50 * 1024 * 1024;
@@ -49,9 +49,10 @@ var MemoryCacheStore = class {
 		this._hits++;
 		return entry.value;
 	}
-	async set(key, value, options = {}) {
-		const ttlMs = options.ttlMs ?? this.defaultTtlMs;
-		if (!Number.isFinite(ttlMs) || ttlMs <= 0) return;
+	async set(key, value, ttlSeconds) {
+		const effectiveTtlSeconds = ttlSeconds ?? this.defaultTtlSeconds;
+		if (!Number.isFinite(effectiveTtlSeconds) || effectiveTtlSeconds <= 0) return;
+		const ttlMs = effectiveTtlSeconds * 1e3;
 		const size = this.estimateSize(value);
 		if (size > this.maxEntryBytes) {
 			this.logger.warn(`[MemoryCacheStore] Skipping oversized entry for key '${key}' (${size} bytes > ${this.maxEntryBytes} bytes)`);
@@ -75,9 +76,14 @@ var MemoryCacheStore = class {
 		const entry = this.cache.get(key);
 		if (entry) this.removeEntry(key, entry);
 	}
-	async clear() {
-		this.cache.clear();
-		this.currentBytes = 0;
+	async clear(pattern) {
+		if (pattern === void 0) {
+			this.cache.clear();
+			this.currentBytes = 0;
+			return;
+		}
+		const regex = globToRegExp(pattern);
+		for (const [key, entry] of this.cache) if (regex.test(key)) this.removeEntry(key, entry);
 	}
 	async close() {
 		clearInterval(this.cleanupTimer);
@@ -134,5 +140,14 @@ var MemoryCacheStore = class {
 function clamp(value, min, max) {
 	return Math.min(max, Math.max(min, value));
 }
+/**
+* Translate a glob pattern (`prefix:*`, `*:tag:v`) into a regex. Only `*`
+* is honoured; other regex metachars are escaped so patterns can't inject
+* alternation/lookahead.
+*/
+function globToRegExp(pattern) {
+	const escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
+	return new RegExp(`^${escaped}$`);
+}
 //#endregion
 export { memory_exports as n, MemoryCacheStore as t };

package/dist/middleware/index.d.mts ADDED Viewed

@@ -0,0 +1,109 @@
+import { I as MiddlewareHandler, L as RequestWithExtras, pt as MiddlewareConfig } from "../index-BGbpGVyM.mjs";
+import { RouteHandlerMethod } from "fastify";
+//#region src/middleware/middleware.d.ts
+interface NamedMiddleware {
+  /** Unique name for debugging/introspection */
+  readonly name: string;
+  /** Operations this middleware applies to (default: all) */
+  readonly operations?: Array<"list" | "get" | "create" | "update" | "delete" | string>;
+  /** Priority — lower numbers run first (default: 10) */
+  readonly priority: number;
+  /** Conditional execution — return true to run, false to skip */
+  readonly when?: (request: RequestWithExtras) => boolean | Promise<boolean>;
+  /** The middleware handler */
+  readonly handler: MiddlewareHandler;
+}
+interface MiddlewareOptions {
+  operations?: NamedMiddleware["operations"];
+  priority?: number;
+  when?: NamedMiddleware["when"];
+  handler: MiddlewareHandler;
+}
+/**
+ * Create a named middleware with priority and conditions.
+ */
+declare function middleware(name: string, options: MiddlewareOptions): NamedMiddleware;
+/**
+ * Sort named middlewares by priority (ascending — lower runs first).
+ * Returns a MiddlewareConfig map keyed by operation, ready to pass to `defineResource()`.
+ */
+declare function sortMiddlewares(middlewares: NamedMiddleware[]): MiddlewareConfig;
+//#endregion
+//#region src/middleware/multipartBody.d.ts
+/** Parsed file from multipart form-data */
+interface ParsedFile {
+  /** Original filename */
+  filename: string;
+  /** MIME type */
+  mimetype: string;
+  /** File contents as Buffer */
+  buffer: Buffer;
+  /** File size in bytes */
+  size: number;
+  /** Form field name */
+  fieldname: string;
+}
+interface MultipartBodyOptions {
+  /**
+   * Maximum file size in bytes (default: 10MB).
+   * Files exceeding this are rejected with 413.
+   */
+  maxFileSize?: number;
+  /**
+   * Maximum number of files (default: 5).
+   * Extra files are silently ignored.
+   */
+  maxFiles?: number;
+  /**
+   * Allowed MIME types (default: all).
+   * Files with disallowed types are rejected with 415.
+   *
+   * Supports three forms in a single list:
+   *   - Exact: `image/png`
+   *   - Subtype wildcard: `image/\*` — any `image/…`
+   *   - Any:   `\*` or `\*\/\*` — equivalent to omitting the option
+   *
+   * @example ['image/jpeg', 'image/png', 'application/pdf']
+   * @example ['image/*', 'application/pdf']
+   * @example ['*']   // accept any type explicitly
+   */
+  allowedMimeTypes?: string[];
+  /**
+   * Key on `req.body` where parsed files are attached (default: '_files').
+   * Set to a custom key if '_files' conflicts with your schema.
+   *
+   * Note: this is the **destination** key — it controls where parsed files
+   * land on `req.body`, not which form fields are required. To enforce that
+   * a specific file field must be present in the request, use `requiredFields`.
+   */
+  filesKey?: string;
+  /**
+   * Multipart form field names that MUST be present in the request.
+   * Returns 400 with `{ success: false, error, code: 'MISSING_FILE_FIELDS' }`
+   * when any listed field is absent from the uploaded files.
+   *
+   * Only enforced when the request IS multipart — JSON requests still pass
+   * through as no-ops so the same middleware stays safe to add to shared
+   * create/update routes that accept both content types.
+   *
+   * @example ['file']                  // single-field upload (OCR, classify)
+   * @example ['avatar', 'cover']       // multi-field upload (profile editor)
+   */
+  requiredFields?: string[];
+}
+/**
+ * Create a multipart body parsing middleware.
+ *
+ * When a request has `content-type: multipart/form-data`, this middleware:
+ * 1. Reads all parts (fields + files)
+ * 2. Sets text fields on `req.body` as a plain object
+ * 3. Attaches file buffers to `req.body[filesKey]` (default: `req.body._files`)
+ *
+ * For non-multipart requests (regular JSON), this is a no-op — the request
+ * passes through unchanged. This makes it safe to add to create/update
+ * middlewares without breaking JSON clients.
+ */
+declare function multipartBody(options?: MultipartBodyOptions): RouteHandlerMethod;
+//#endregion
+export { type MultipartBodyOptions, type NamedMiddleware, type ParsedFile, middleware, multipartBody, sortMiddlewares };

package/dist/middleware/index.mjs ADDED Viewed

@@ -0,0 +1,70 @@
+import { t as CRUD_OPERATIONS } from "../constants-BhY1OHoH.mjs";
+import { t as multipartBody } from "../multipartBody-CUQGVlM_.mjs";
+//#region src/middleware/middleware.ts
+/**
+* Named Middleware — Priority-based, conditional middleware execution.
+*
+* Named middleware replaces flat arrays with structured, inspectable middleware
+* that runs in priority order and supports conditional execution.
+*
+* @example
+* ```typescript
+* import { middleware } from '@classytic/arc/middleware';
+*
+* const verifyEmail = middleware('verifyEmail', {
+*   operations: ['create', 'update'],
+*   priority: 5,
+*   when: (req) => !req.user?.emailVerified,
+*   handler: async (req, reply) => {
+*     reply.code(403).send({ error: 'Email verification required' });
+*   },
+* });
+*
+* const rateLimit = middleware('rateLimit', {
+*   priority: 1,
+*   handler: async (req, reply) => {
+*     // rate limit logic
+*   },
+* });
+*
+* const productResource = defineResource({
+*   name: 'product',
+*   adapter,
+*   middlewares: sortMiddlewares([verifyEmail, rateLimit]),
+* });
+* ```
+*/
+/**
+* Create a named middleware with priority and conditions.
+*/
+function middleware(name, options) {
+	return {
+		name,
+		operations: options.operations,
+		priority: options.priority ?? 10,
+		when: options.when,
+		handler: options.handler
+	};
+}
+/**
+* Sort named middlewares by priority (ascending — lower runs first).
+* Returns a MiddlewareConfig map keyed by operation, ready to pass to `defineResource()`.
+*/
+function sortMiddlewares(middlewares) {
+	const sorted = [...middlewares].sort((a, b) => a.priority - b.priority);
+	const operations = CRUD_OPERATIONS;
+	const result = {};
+	for (const op of operations) {
+		const applicable = sorted.filter((m) => !m.operations || m.operations.length === 0 || m.operations.includes(op));
+		if (applicable.length > 0) result[op] = applicable.map((m) => {
+			if (!m.when) return m.handler;
+			const wrapped = async (request, reply) => {
+				if (await m.when?.(request)) return m.handler(request, reply);
+			};
+			return wrapped;
+		});
+	}
+	return result;
+}
+//#endregion
+export { middleware, multipartBody, sortMiddlewares };

package/dist/multipartBody-CUQGVlM_.mjs ADDED Viewed

@@ -0,0 +1,123 @@
+//#region src/middleware/multipartBody.ts
+const DEFAULT_MAX_FILE_SIZE = 10 * 1024 * 1024;
+const DEFAULT_MAX_FILES = 5;
+const DEFAULT_FILES_KEY = "_files";
+/**
+* Build a matcher for MIME allow-lists that supports exact (e.g. `image/png`),
+* subtype wildcards (e.g. `image/\*`), and total wildcards (`\*` or `\*\/\*`).
+*
+* Returns `undefined` when no filter is needed — either because the option
+* was omitted or because a total wildcard was present.
+*/
+function buildMimeMatcher(allowed) {
+	if (!allowed || allowed.length === 0) return void 0;
+	const exact = /* @__PURE__ */ new Set();
+	const prefixes = [];
+	for (const entry of allowed) {
+		const value = entry.trim().toLowerCase();
+		if (!value) continue;
+		if (value === "*" || value === "*/*") return void 0;
+		if (value.endsWith("/*")) prefixes.push(value.slice(0, -1));
+		else exact.add(value);
+	}
+	if (exact.size === 0 && prefixes.length === 0) return void 0;
+	return {
+		matches(mime) {
+			const m = mime.toLowerCase();
+			if (exact.has(m)) return true;
+			for (const p of prefixes) if (m.startsWith(p)) return true;
+			return false;
+		},
+		describe() {
+			return [...exact, ...prefixes.map((p) => `${p}*`)].join(", ");
+		}
+	};
+}
+/**
+* Create a multipart body parsing middleware.
+*
+* When a request has `content-type: multipart/form-data`, this middleware:
+* 1. Reads all parts (fields + files)
+* 2. Sets text fields on `req.body` as a plain object
+* 3. Attaches file buffers to `req.body[filesKey]` (default: `req.body._files`)
+*
+* For non-multipart requests (regular JSON), this is a no-op — the request
+* passes through unchanged. This makes it safe to add to create/update
+* middlewares without breaking JSON clients.
+*/
+function multipartBody(options = {}) {
+	const maxFileSize = options.maxFileSize ?? DEFAULT_MAX_FILE_SIZE;
+	const maxFiles = options.maxFiles ?? DEFAULT_MAX_FILES;
+	const mimeMatcher = buildMimeMatcher(options.allowedMimeTypes);
+	const filesKey = options.filesKey ?? DEFAULT_FILES_KEY;
+	const requiredFields = options.requiredFields && options.requiredFields.length > 0 ? options.requiredFields : void 0;
+	return async function parseMultipartBody(request, reply) {
+		if (!(request.headers["content-type"] ?? "").includes("multipart/form-data")) return;
+		if (typeof request.parts !== "function") {
+			request.log.warn("multipartBody middleware: @fastify/multipart not registered. Ensure createApp() has multipart enabled (default) or install @fastify/multipart.");
+			return;
+		}
+		const body = {};
+		const files = {};
+		let fileCount = 0;
+		try {
+			const parts = request.parts();
+			for await (const part of parts) if (part.type === "file") {
+				if (fileCount >= maxFiles) continue;
+				if (mimeMatcher && !mimeMatcher.matches(part.mimetype)) return reply.code(415).send({
+					success: false,
+					error: `File type '${part.mimetype}' not allowed. Accepted: ${mimeMatcher.describe()}`
+				});
+				const buffer = await part.toBuffer();
+				if (buffer.length > maxFileSize) return reply.code(413).send({
+					success: false,
+					error: `File '${part.filename}' exceeds maximum size of ${Math.round(maxFileSize / 1024 / 1024)}MB`
+				});
+				files[part.fieldname] = {
+					filename: part.filename,
+					mimetype: part.mimetype,
+					buffer,
+					size: buffer.length,
+					fieldname: part.fieldname
+				};
+				fileCount++;
+			} else body[part.fieldname] = tryParseValue(part.value);
+		} catch (err) {
+			request.log.error({ err }, "multipartBody: failed to parse multipart form");
+			return reply.code(400).send({
+				success: false,
+				error: "Failed to parse multipart form data"
+			});
+		}
+		if (requiredFields) {
+			const missing = requiredFields.filter((name) => !(name in files));
+			if (missing.length > 0) return reply.code(400).send({
+				success: false,
+				error: `Missing required file field${missing.length > 1 ? "s" : ""}: ${missing.join(", ")}`,
+				code: "MISSING_FILE_FIELDS",
+				details: { missing }
+			});
+		}
+		if (fileCount > 0) body[filesKey] = files;
+		request.body = body;
+	};
+}
+/**
+* Try to parse a form field value as JSON, number, or boolean.
+* Falls back to the raw string if parsing fails.
+*/
+function tryParseValue(value) {
+	if (value === "true") return true;
+	if (value === "false") return false;
+	if (value === "null") return null;
+	if (/^-?\d+(\.\d+)?$/.test(value) && value.length < 16) {
+		const num = Number(value);
+		if (Number.isFinite(num)) return num;
+	}
+	if (value.startsWith("{") && value.endsWith("}") || value.startsWith("[") && value.endsWith("]")) try {
+		return JSON.parse(value);
+	} catch {}
+	return value;
+}
+//#endregion
+export { multipartBody as t };

package/dist/{openapi-CXuTG1M9.mjs → openapi-DpNpqBmo.mjs} RENAMED Viewed

@@ -1,6 +1,7 @@
-import { t as getUserRoles } from "./types-ZUu_h0jp.mjs";
+import { t as getUserRoles } from "./types-D57iXYb8.mjs";
 import { n as convertRouteSchema } from "./schemaConverter-BxFDdtXu.mjs";
-import { t as buildActionBodySchema } from "./createActionRouter-DH1YFL9m.mjs";
+import { t as resolveActionPermission } from "./actionPermissions-TUVR3uiZ.mjs";
+import { t as buildActionBodySchema } from "./createActionRouter-C8UUB3Px.mjs";
 import fp from "fastify-plugin";
 //#region src/docs/openapi.ts
 const openApiPlugin = async (fastify, opts = {}) => {
@@ -327,12 +328,13 @@ function generateResourcePaths(resource, apiPrefix = "", additionalSecurity = []
 			const descStr = a.description ? ` — ${a.description}` : "";
 			descLines.push(`- \`${a.name}\`${roleStr}${descStr}`);
 		}
-		const fallbackPerm = resource.actionPermissions;
-		const fallbackRequiresAuth = typeof fallbackPerm === "function" && !fallbackPerm._isPublic;
 		const anyAuthRequired = resource.actions.some((a) => {
-			const p = a.permissions;
-			if (typeof p === "function") return !p._isPublic;
-			return fallbackRequiresAuth;
+			const effective = resolveActionPermission({
+				action: { permissions: a.permissions },
+				resourcePermissions: resource.permissions,
+				resourceActionPermissions: resource.actionPermissions
+			});
+			return typeof effective === "function" && !effective._isPublic;
 		});
 		if (!paths[actionPath]) paths[actionPath] = {};
 		paths[actionPath].post = createOperation(resource, "action", `Perform action (${actionEnum.join(" / ")})`, {

package/dist/org/index.d.mts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { Ut as RouteHandler } from "../interface-YrWsmKqE.mjs";
-import { i as UserBase } from "../types-DZi1aYhm.mjs";
+import { Pt as RouteHandler } from "../index-BGbpGVyM.mjs";
+import { d as UserBase } from "../fields-C8Y0XLAu.mjs";
 import { InvitationAdapter, InvitationDoc, MemberDoc, OrgAdapter, OrgDoc, OrgPermissionStatement, OrgRole, OrganizationPluginOptions } from "./types.mjs";
 import { FastifyPluginAsync, RouteHandlerMethod } from "fastify";

package/dist/permissions/index.d.mts CHANGED Viewed

@@ -1,4 +1,3 @@
-import { a as applyFieldWritePermissions, i as applyFieldReadPermissions, n as FieldPermissionMap, o as fields, r as FieldPermissionType, s as resolveEffectiveRoles, t as FieldPermission } from "../fields-BC7zcmI9.mjs";
-import { a as getUserRoles, i as UserBase, n as PermissionContext, o as normalizeRoles, r as PermissionResult, t as PermissionCheck } from "../types-DZi1aYhm.mjs";
-import { A as RoleHierarchy, C as authenticated, D as publicRead, E as presets_d_exports, M as applyPermissionResult, N as normalizePermissionResult, O as publicReadAdminWrite, S as adminOnly, T as ownerWithAdminBypass, _ as requireScopeContext, a as allOf, b as roles, c as createDynamicPermissionMatrix, d as requireAuth, f as requireOrgInScope, g as requireRoles, h as requireOwnership, i as PermissionEventBus, j as createRoleHierarchy, k as readOnly, l as createOrgPermissions, m as requireOrgRole, n as DynamicPermissionMatrix, o as allowPublic, p as requireOrgMembership, r as DynamicPermissionMatrixConfig, s as anyOf, t as ConnectEventsOptions, u as denyAll, v as requireServiceScope, w as fullPublic, x as when, y as requireTeamMembership } from "../index-C-xjcA6F.mjs";
-export { ConnectEventsOptions, DynamicPermissionMatrix, DynamicPermissionMatrixConfig, FieldPermission, FieldPermissionMap, FieldPermissionType, PermissionCheck, PermissionContext, PermissionEventBus, PermissionResult, RoleHierarchy, UserBase, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, applyPermissionResult, authenticated, createDynamicPermissionMatrix, createOrgPermissions, createRoleHierarchy, denyAll, fields, fullPublic, getUserRoles, normalizePermissionResult, normalizeRoles, ownerWithAdminBypass, presets_d_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, resolveEffectiveRoles, roles, when };
+import { a as applyFieldWritePermissions, c as PermissionCheck, d as UserBase, f as getUserRoles, i as applyFieldReadPermissions, l as PermissionContext, n as FieldPermissionMap, o as fields, p as normalizeRoles, r as FieldPermissionType, s as resolveEffectiveRoles, t as FieldPermission, u as PermissionResult } from "../fields-C8Y0XLAu.mjs";
+import { A as requireRoles, C as allOf, D as not, E as denyAll, M as when, N as applyPermissionResult, O as requireAuth, P as normalizePermissionResult, S as createOrgPermissions, T as anyOf, _ as ConnectEventsOptions, a as presets_d_exports, b as PermissionEventBus, c as readOnly, d as requireOrgRole, f as requireScopeContext, g as createRoleHierarchy, h as RoleHierarchy, i as ownerWithAdminBypass, j as roles, k as requireOwnership, l as requireOrgInScope, m as requireTeamMembership, n as authenticated, o as publicRead, p as requireServiceScope, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as requireOrgMembership, v as DynamicPermissionMatrix, w as allowPublic, x as createDynamicPermissionMatrix, y as DynamicPermissionMatrixConfig } from "../index-C_Noptz-.mjs";
+export { ConnectEventsOptions, DynamicPermissionMatrix, DynamicPermissionMatrixConfig, FieldPermission, FieldPermissionMap, FieldPermissionType, PermissionCheck, PermissionContext, PermissionEventBus, PermissionResult, RoleHierarchy, UserBase, adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, applyPermissionResult, authenticated, createDynamicPermissionMatrix, createOrgPermissions, createRoleHierarchy, denyAll, fields, fullPublic, getUserRoles, normalizePermissionResult, normalizeRoles, not, ownerWithAdminBypass, presets_d_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, resolveEffectiveRoles, roles, when };

package/dist/permissions/index.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { i as resolveEffectiveRoles, n as applyFieldWritePermissions, r as fields, t as applyFieldReadPermissions } from "../fields-CU6FlaDV.mjs";
-import { n as normalizeRoles, t as getUserRoles } from "../types-ZUu_h0jp.mjs";
-import { n as normalizePermissionResult, t as applyPermissionResult } from "../applyPermissionResult-bqGpo9ML.mjs";
-import { C as publicRead, E as createRoleHierarchy, S as presets_exports, T as readOnly, _ as when, a as createOrgPermissions, b as fullPublic, c as requireOrgInScope, d as requireOwnership, f as requireRoles, g as roles, h as requireTeamMembership, i as createDynamicPermissionMatrix, l as requireOrgMembership, m as requireServiceScope, n as allowPublic, o as denyAll, p as requireScopeContext, r as anyOf, s as requireAuth, t as allOf, u as requireOrgRole, v as adminOnly, w as publicReadAdminWrite, x as ownerWithAdminBypass, y as authenticated } from "../permissions-oNZawnkR.mjs";
-export { adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, applyPermissionResult, authenticated, createDynamicPermissionMatrix, createOrgPermissions, createRoleHierarchy, denyAll, fields, fullPublic, getUserRoles, normalizePermissionResult, normalizeRoles, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, resolveEffectiveRoles, roles, when };
+import { i as resolveEffectiveRoles, n as applyFieldWritePermissions, r as fields, t as applyFieldReadPermissions } from "../fields-CTMWOUDt.mjs";
+import { n as normalizeRoles, t as getUserRoles } from "../types-D57iXYb8.mjs";
+import { n as normalizePermissionResult, t as applyPermissionResult } from "../applyPermissionResult-QhV1Pa-g.mjs";
+import { C as requireAuth, D as when, E as roles, S as not, T as requireRoles, _ as requireTeamMembership, a as presets_exports, b as anyOf, c as readOnly, d as createOrgPermissions, f as requireOrgInScope, g as requireServiceScope, h as requireScopeContext, i as ownerWithAdminBypass, l as createRoleHierarchy, m as requireOrgRole, n as authenticated, o as publicRead, p as requireOrgMembership, r as fullPublic, s as publicReadAdminWrite, t as adminOnly, u as createDynamicPermissionMatrix, v as allOf, w as requireOwnership, x as denyAll, y as allowPublic } from "../permissions-wkqRwicB.mjs";
+export { adminOnly, allOf, allowPublic, anyOf, applyFieldReadPermissions, applyFieldWritePermissions, applyPermissionResult, authenticated, createDynamicPermissionMatrix, createOrgPermissions, createRoleHierarchy, denyAll, fields, fullPublic, getUserRoles, normalizePermissionResult, normalizeRoles, not, ownerWithAdminBypass, presets_exports as permissions, publicRead, publicReadAdminWrite, readOnly, requireAuth, requireOrgInScope, requireOrgMembership, requireOrgRole, requireOwnership, requireRoles, requireScopeContext, requireServiceScope, requireTeamMembership, resolveEffectiveRoles, roles, when };