@contractspec/lib.identity-rbac 1.56.1 → 1.58.0

package/dist/entities/rbac.js

@@ -1,138 +1,125 @@
+// @bun
+// src/entities/rbac.ts
 import { defineEntity, field, index } from "@contractspec/lib.schema";
-
-//#region src/entities/rbac.ts
-/**
-* Role entity - named set of permissions.
-*/
-const RoleEntity = defineEntity({
-	name: "Role",
-	description: "A role defines a named set of permissions.",
-	schema: "lssm_sigil",
-	map: "role",
-	fields: {
-		id: field.id(),
-		name: field.string({
-			isUnique: true,
-			description: "Unique role name"
-		}),
-		description: field.string({
-			isOptional: true,
-			description: "Role description"
-		}),
-		permissions: field.string({
-			isArray: true,
-			description: "Array of permission names"
-		}),
-		createdAt: field.createdAt(),
-		updatedAt: field.updatedAt(),
-		policyBindings: field.hasMany("PolicyBinding")
-	}
+var RoleEntity = defineEntity({
+  name: "Role",
+  description: "A role defines a named set of permissions.",
+  schema: "lssm_sigil",
+  map: "role",
+  fields: {
+    id: field.id(),
+    name: field.string({ isUnique: true, description: "Unique role name" }),
+    description: field.string({
+      isOptional: true,
+      description: "Role description"
+    }),
+    permissions: field.string({
+      isArray: true,
+      description: "Array of permission names"
+    }),
+    createdAt: field.createdAt(),
+    updatedAt: field.updatedAt(),
+    policyBindings: field.hasMany("PolicyBinding")
+  }
 });
-/**
-* Permission entity - atomic access right.
-*/
-const PermissionEntity = defineEntity({
-	name: "Permission",
-	description: "A permission represents an atomic access right.",
-	schema: "lssm_sigil",
-	map: "permission",
-	fields: {
-		id: field.id(),
-		name: field.string({
-			isUnique: true,
-			description: "Unique permission name"
-		}),
-		description: field.string({
-			isOptional: true,
-			description: "Permission description"
-		}),
-		createdAt: field.createdAt(),
-		updatedAt: field.updatedAt()
-	}
+var PermissionEntity = defineEntity({
+  name: "Permission",
+  description: "A permission represents an atomic access right.",
+  schema: "lssm_sigil",
+  map: "permission",
+  fields: {
+    id: field.id(),
+    name: field.string({
+      isUnique: true,
+      description: "Unique permission name"
+    }),
+    description: field.string({
+      isOptional: true,
+      description: "Permission description"
+    }),
+    createdAt: field.createdAt(),
+    updatedAt: field.updatedAt()
+  }
 });
-/**
-* PolicyBinding entity - binds roles to principals.
-*/
-const PolicyBindingEntity = defineEntity({
-	name: "PolicyBinding",
-	description: "Binds roles to principals (users or organizations).",
-	schema: "lssm_sigil",
-	map: "policy_binding",
-	fields: {
-		id: field.id(),
-		roleId: field.foreignKey(),
-		targetType: field.string({ description: "\"user\" or \"organization\"" }),
-		targetId: field.string({ description: "ID of User or Organization" }),
-		expiresAt: field.dateTime({
-			isOptional: true,
-			description: "When binding expires"
-		}),
-		createdAt: field.createdAt(),
-		userId: field.string({ isOptional: true }),
-		organizationId: field.string({ isOptional: true }),
-		role: field.belongsTo("Role", ["roleId"], ["id"], { onDelete: "Cascade" }),
-		user: field.belongsTo("User", ["userId"], ["id"]),
-		organization: field.belongsTo("Organization", ["organizationId"], ["id"])
-	},
-	indexes: [index.on(["targetType", "targetId"])]
+var PolicyBindingEntity = defineEntity({
+  name: "PolicyBinding",
+  description: "Binds roles to principals (users or organizations).",
+  schema: "lssm_sigil",
+  map: "policy_binding",
+  fields: {
+    id: field.id(),
+    roleId: field.foreignKey(),
+    targetType: field.string({ description: '"user" or "organization"' }),
+    targetId: field.string({ description: "ID of User or Organization" }),
+    expiresAt: field.dateTime({
+      isOptional: true,
+      description: "When binding expires"
+    }),
+    createdAt: field.createdAt(),
+    userId: field.string({ isOptional: true }),
+    organizationId: field.string({ isOptional: true }),
+    role: field.belongsTo("Role", ["roleId"], ["id"], { onDelete: "Cascade" }),
+    user: field.belongsTo("User", ["userId"], ["id"]),
+    organization: field.belongsTo("Organization", ["organizationId"], ["id"])
+  },
+  indexes: [index.on(["targetType", "targetId"])]
 });
-/**
-* ApiKey entity - API keys for programmatic access.
-*/
-const ApiKeyEntity = defineEntity({
-	name: "ApiKey",
-	description: "API keys for programmatic access.",
-	schema: "lssm_sigil",
-	map: "api_key",
-	fields: {
-		id: field.id(),
-		name: field.string({ description: "API key name" }),
-		start: field.string({ description: "Starting characters for identification" }),
-		prefix: field.string({ description: "API key prefix" }),
-		key: field.string({ description: "Hashed API key" }),
-		userId: field.foreignKey(),
-		refillInterval: field.int({ description: "Refill interval in ms" }),
-		refillAmount: field.int({ description: "Amount to refill" }),
-		lastRefillAt: field.dateTime(),
-		remaining: field.int({ description: "Remaining requests" }),
-		requestCount: field.int({ description: "Total requests made" }),
-		lastRequest: field.dateTime(),
-		enabled: field.boolean({ default: true }),
-		rateLimitEnabled: field.boolean({ default: true }),
-		rateLimitTimeWindow: field.int({ description: "Rate limit window in ms" }),
-		rateLimitMax: field.int({ description: "Max requests in window" }),
-		expiresAt: field.dateTime(),
-		permissions: field.string({ isArray: true }),
-		metadata: field.json({ isOptional: true }),
-		createdAt: field.createdAt(),
-		updatedAt: field.updatedAt(),
-		user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" })
-	}
+var ApiKeyEntity = defineEntity({
+  name: "ApiKey",
+  description: "API keys for programmatic access.",
+  schema: "lssm_sigil",
+  map: "api_key",
+  fields: {
+    id: field.id(),
+    name: field.string({ description: "API key name" }),
+    start: field.string({
+      description: "Starting characters for identification"
+    }),
+    prefix: field.string({ description: "API key prefix" }),
+    key: field.string({ description: "Hashed API key" }),
+    userId: field.foreignKey(),
+    refillInterval: field.int({ description: "Refill interval in ms" }),
+    refillAmount: field.int({ description: "Amount to refill" }),
+    lastRefillAt: field.dateTime(),
+    remaining: field.int({ description: "Remaining requests" }),
+    requestCount: field.int({ description: "Total requests made" }),
+    lastRequest: field.dateTime(),
+    enabled: field.boolean({ default: true }),
+    rateLimitEnabled: field.boolean({ default: true }),
+    rateLimitTimeWindow: field.int({ description: "Rate limit window in ms" }),
+    rateLimitMax: field.int({ description: "Max requests in window" }),
+    expiresAt: field.dateTime(),
+    permissions: field.string({ isArray: true }),
+    metadata: field.json({ isOptional: true }),
+    createdAt: field.createdAt(),
+    updatedAt: field.updatedAt(),
+    user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" })
+  }
 });
-/**
-* Passkey entity - WebAuthn passkeys.
-*/
-const PasskeyEntity = defineEntity({
-	name: "Passkey",
-	description: "WebAuthn passkeys for passwordless authentication.",
-	schema: "lssm_sigil",
-	map: "passkey",
-	fields: {
-		id: field.id(),
-		name: field.string({ description: "Passkey name" }),
-		publicKey: field.string({ description: "Public key" }),
-		userId: field.foreignKey(),
-		credentialID: field.string({ description: "Credential ID" }),
-		counter: field.int({ description: "Counter" }),
-		deviceType: field.string({ description: "Device type" }),
-		backedUp: field.boolean({ description: "Whether passkey is backed up" }),
-		transports: field.string({ description: "Transports" }),
-		aaguid: field.string({ description: "Authenticator GUID" }),
-		createdAt: field.createdAt(),
-		user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" })
-	}
+var PasskeyEntity = defineEntity({
+  name: "Passkey",
+  description: "WebAuthn passkeys for passwordless authentication.",
+  schema: "lssm_sigil",
+  map: "passkey",
+  fields: {
+    id: field.id(),
+    name: field.string({ description: "Passkey name" }),
+    publicKey: field.string({ description: "Public key" }),
+    userId: field.foreignKey(),
+    credentialID: field.string({ description: "Credential ID" }),
+    counter: field.int({ description: "Counter" }),
+    deviceType: field.string({ description: "Device type" }),
+    backedUp: field.boolean({ description: "Whether passkey is backed up" }),
+    transports: field.string({ description: "Transports" }),
+    aaguid: field.string({ description: "Authenticator GUID" }),
+    createdAt: field.createdAt(),
+    user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" })
+  }
 });
-
-//#endregion
-export { ApiKeyEntity, PasskeyEntity, PermissionEntity, PolicyBindingEntity, RoleEntity };
-//# sourceMappingURL=rbac.js.map
+export {
+  RoleEntity,
+  PolicyBindingEntity,
+  PermissionEntity,
+  PasskeyEntity,
+  ApiKeyEntity
+};

package/dist/entities/user.d.ts

@@ -1,88 +1,83 @@
-import * as _contractspec_lib_schema854 from "@contractspec/lib.schema";
-
-//#region src/entities/user.d.ts
 /**
  * User entity - core user profile and authentication.
  */
-declare const UserEntity: _contractspec_lib_schema854.EntitySpec<{
-  id: _contractspec_lib_schema854.EntityScalarField;
-  email: _contractspec_lib_schema854.EntityScalarField;
-  emailVerified: _contractspec_lib_schema854.EntityScalarField;
-  name: _contractspec_lib_schema854.EntityScalarField;
-  firstName: _contractspec_lib_schema854.EntityScalarField;
-  lastName: _contractspec_lib_schema854.EntityScalarField;
-  locale: _contractspec_lib_schema854.EntityScalarField;
-  timezone: _contractspec_lib_schema854.EntityScalarField;
-  imageUrl: _contractspec_lib_schema854.EntityScalarField;
-  image: _contractspec_lib_schema854.EntityScalarField;
-  metadata: _contractspec_lib_schema854.EntityScalarField;
-  onboardingCompleted: _contractspec_lib_schema854.EntityScalarField;
-  onboardingStep: _contractspec_lib_schema854.EntityScalarField;
-  whitelistedAt: _contractspec_lib_schema854.EntityScalarField;
-  role: _contractspec_lib_schema854.EntityScalarField;
-  banned: _contractspec_lib_schema854.EntityScalarField;
-  banReason: _contractspec_lib_schema854.EntityScalarField;
-  banExpires: _contractspec_lib_schema854.EntityScalarField;
-  phoneNumber: _contractspec_lib_schema854.EntityScalarField;
-  phoneNumberVerified: _contractspec_lib_schema854.EntityScalarField;
-  createdAt: _contractspec_lib_schema854.EntityScalarField;
-  updatedAt: _contractspec_lib_schema854.EntityScalarField;
-  sessions: _contractspec_lib_schema854.EntityRelationField;
-  accounts: _contractspec_lib_schema854.EntityRelationField;
-  memberships: _contractspec_lib_schema854.EntityRelationField;
-  invitations: _contractspec_lib_schema854.EntityRelationField;
-  teamMemberships: _contractspec_lib_schema854.EntityRelationField;
-  policyBindings: _contractspec_lib_schema854.EntityRelationField;
-  apiKeys: _contractspec_lib_schema854.EntityRelationField;
-  passkeys: _contractspec_lib_schema854.EntityRelationField;
+export declare const UserEntity: import("@contractspec/lib.schema").EntitySpec<{
+    id: import("@contractspec/lib.schema").EntityScalarField;
+    email: import("@contractspec/lib.schema").EntityScalarField;
+    emailVerified: import("@contractspec/lib.schema").EntityScalarField;
+    name: import("@contractspec/lib.schema").EntityScalarField;
+    firstName: import("@contractspec/lib.schema").EntityScalarField;
+    lastName: import("@contractspec/lib.schema").EntityScalarField;
+    locale: import("@contractspec/lib.schema").EntityScalarField;
+    timezone: import("@contractspec/lib.schema").EntityScalarField;
+    imageUrl: import("@contractspec/lib.schema").EntityScalarField;
+    image: import("@contractspec/lib.schema").EntityScalarField;
+    metadata: import("@contractspec/lib.schema").EntityScalarField;
+    onboardingCompleted: import("@contractspec/lib.schema").EntityScalarField;
+    onboardingStep: import("@contractspec/lib.schema").EntityScalarField;
+    whitelistedAt: import("@contractspec/lib.schema").EntityScalarField;
+    role: import("@contractspec/lib.schema").EntityScalarField;
+    banned: import("@contractspec/lib.schema").EntityScalarField;
+    banReason: import("@contractspec/lib.schema").EntityScalarField;
+    banExpires: import("@contractspec/lib.schema").EntityScalarField;
+    phoneNumber: import("@contractspec/lib.schema").EntityScalarField;
+    phoneNumberVerified: import("@contractspec/lib.schema").EntityScalarField;
+    createdAt: import("@contractspec/lib.schema").EntityScalarField;
+    updatedAt: import("@contractspec/lib.schema").EntityScalarField;
+    sessions: import("@contractspec/lib.schema").EntityRelationField;
+    accounts: import("@contractspec/lib.schema").EntityRelationField;
+    memberships: import("@contractspec/lib.schema").EntityRelationField;
+    invitations: import("@contractspec/lib.schema").EntityRelationField;
+    teamMemberships: import("@contractspec/lib.schema").EntityRelationField;
+    policyBindings: import("@contractspec/lib.schema").EntityRelationField;
+    apiKeys: import("@contractspec/lib.schema").EntityRelationField;
+    passkeys: import("@contractspec/lib.schema").EntityRelationField;
 }>;
 /**
  * Session entity - login sessions.
  */
-declare const SessionEntity: _contractspec_lib_schema854.EntitySpec<{
-  id: _contractspec_lib_schema854.EntityScalarField;
-  userId: _contractspec_lib_schema854.EntityScalarField;
-  expiresAt: _contractspec_lib_schema854.EntityScalarField;
-  token: _contractspec_lib_schema854.EntityScalarField;
-  ipAddress: _contractspec_lib_schema854.EntityScalarField;
-  userAgent: _contractspec_lib_schema854.EntityScalarField;
-  impersonatedBy: _contractspec_lib_schema854.EntityScalarField;
-  activeOrganizationId: _contractspec_lib_schema854.EntityScalarField;
-  activeTeamId: _contractspec_lib_schema854.EntityScalarField;
-  createdAt: _contractspec_lib_schema854.EntityScalarField;
-  updatedAt: _contractspec_lib_schema854.EntityScalarField;
-  user: _contractspec_lib_schema854.EntityRelationField;
+export declare const SessionEntity: import("@contractspec/lib.schema").EntitySpec<{
+    id: import("@contractspec/lib.schema").EntityScalarField;
+    userId: import("@contractspec/lib.schema").EntityScalarField;
+    expiresAt: import("@contractspec/lib.schema").EntityScalarField;
+    token: import("@contractspec/lib.schema").EntityScalarField;
+    ipAddress: import("@contractspec/lib.schema").EntityScalarField;
+    userAgent: import("@contractspec/lib.schema").EntityScalarField;
+    impersonatedBy: import("@contractspec/lib.schema").EntityScalarField;
+    activeOrganizationId: import("@contractspec/lib.schema").EntityScalarField;
+    activeTeamId: import("@contractspec/lib.schema").EntityScalarField;
+    createdAt: import("@contractspec/lib.schema").EntityScalarField;
+    updatedAt: import("@contractspec/lib.schema").EntityScalarField;
+    user: import("@contractspec/lib.schema").EntityRelationField;
 }>;
 /**
  * Account entity - external authentication accounts.
  */
-declare const AccountEntity: _contractspec_lib_schema854.EntitySpec<{
-  id: _contractspec_lib_schema854.EntityScalarField;
-  accountId: _contractspec_lib_schema854.EntityScalarField;
-  providerId: _contractspec_lib_schema854.EntityScalarField;
-  userId: _contractspec_lib_schema854.EntityScalarField;
-  accessToken: _contractspec_lib_schema854.EntityScalarField;
-  refreshToken: _contractspec_lib_schema854.EntityScalarField;
-  idToken: _contractspec_lib_schema854.EntityScalarField;
-  accessTokenExpiresAt: _contractspec_lib_schema854.EntityScalarField;
-  refreshTokenExpiresAt: _contractspec_lib_schema854.EntityScalarField;
-  scope: _contractspec_lib_schema854.EntityScalarField;
-  password: _contractspec_lib_schema854.EntityScalarField;
-  createdAt: _contractspec_lib_schema854.EntityScalarField;
-  updatedAt: _contractspec_lib_schema854.EntityScalarField;
-  user: _contractspec_lib_schema854.EntityRelationField;
+export declare const AccountEntity: import("@contractspec/lib.schema").EntitySpec<{
+    id: import("@contractspec/lib.schema").EntityScalarField;
+    accountId: import("@contractspec/lib.schema").EntityScalarField;
+    providerId: import("@contractspec/lib.schema").EntityScalarField;
+    userId: import("@contractspec/lib.schema").EntityScalarField;
+    accessToken: import("@contractspec/lib.schema").EntityScalarField;
+    refreshToken: import("@contractspec/lib.schema").EntityScalarField;
+    idToken: import("@contractspec/lib.schema").EntityScalarField;
+    accessTokenExpiresAt: import("@contractspec/lib.schema").EntityScalarField;
+    refreshTokenExpiresAt: import("@contractspec/lib.schema").EntityScalarField;
+    scope: import("@contractspec/lib.schema").EntityScalarField;
+    password: import("@contractspec/lib.schema").EntityScalarField;
+    createdAt: import("@contractspec/lib.schema").EntityScalarField;
+    updatedAt: import("@contractspec/lib.schema").EntityScalarField;
+    user: import("@contractspec/lib.schema").EntityRelationField;
 }>;
 /**
  * Verification entity - email/phone verification tokens.
  */
-declare const VerificationEntity: _contractspec_lib_schema854.EntitySpec<{
-  id: _contractspec_lib_schema854.EntityScalarField;
-  identifier: _contractspec_lib_schema854.EntityScalarField;
-  value: _contractspec_lib_schema854.EntityScalarField;
-  expiresAt: _contractspec_lib_schema854.EntityScalarField;
-  createdAt: _contractspec_lib_schema854.EntityScalarField;
-  updatedAt: _contractspec_lib_schema854.EntityScalarField;
+export declare const VerificationEntity: import("@contractspec/lib.schema").EntitySpec<{
+    id: import("@contractspec/lib.schema").EntityScalarField;
+    identifier: import("@contractspec/lib.schema").EntityScalarField;
+    value: import("@contractspec/lib.schema").EntityScalarField;
+    expiresAt: import("@contractspec/lib.schema").EntityScalarField;
+    createdAt: import("@contractspec/lib.schema").EntityScalarField;
+    updatedAt: import("@contractspec/lib.schema").EntityScalarField;
 }>;
-//#endregion
-export { AccountEntity, SessionEntity, UserEntity, VerificationEntity };
 //# sourceMappingURL=user.d.ts.map

package/dist/entities/user.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"user.d.ts","names":[],"sources":["../../src/entities/user.ts"],"sourcesContent":[],"mappings":";;;;;;AAKa,cAAA,UA+FX,8BA/FqB,UA+FrB,CAAA;EAAA,EAAA,EAAA,2BAAA,CAAA,iBAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKF;;cAAa,2CAAa;MAoCxB,2BAAA,CAAA;;;;;;;;;;0DApCwB;EAAA,IAAA,iDAAA;AAyC1B,CAAA,CAAA;;;;cAAa,2CAAa;MA2BxB,2BAAA,CAAA;;;;;;;;;;yDA3BwB;EAAA,SAAA,+CAAA;EAgCb,SAAA,+CAaX;EAAA,IAAA,iDAAA;;;;;cAbW,gDAAkB;MAa7B,2BAAA,CAAA,iBAb6B;EAAA,UAAA,+CAAA"}
+{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../src/entities/user.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+FrB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;EAoCxB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;EA2BxB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,kBAAkB;;;;;;;EAa7B,CAAC"}