@digitaldefiance/node-express-suite-mongo 4.23.0

package/src/services/mongoose-document-store.js

@@ -0,0 +1,265 @@
+"use strict";
+/**
+ * @fileoverview Mongoose implementation of the IDocumentStore interface.
+ * Wraps existing mongoose logic previously embedded in BaseApplication.
+ * @module services/mongoose-document-store
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MongooseDocumentStore = void 0;
+const tslib_1 = require("tslib");
+const mongoose_types_1 = tslib_1.__importDefault(require("@digitaldefiance/mongoose-types"));
+const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
+const mongodb_memory_server_1 = require("mongodb-memory-server");
+const node_express_suite_1 = require("@digitaldefiance/node-express-suite");
+const model_registry_1 = require("../model-registry");
+const default_mongo_uri_validator_1 = require("../utils/default-mongo-uri-validator");
+/**
+ * Mongoose implementation of IDocumentStore.
+ * Extracts and preserves the existing mongoose logic from BaseApplication.
+ * @template TID - Platform-specific ID type extending PlatformID
+ * @template TModelDocs - Record mapping model names to their document types
+ * @template TInitResults - Type of database initialization results
+ * @template TConstants - Application constants type
+ */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+class MongooseDocumentStore {
+    /**
+     * Mongoose database instance
+     */
+    _db;
+    /**
+     * Schema map for all models
+     */
+    _schemaMap;
+    /**
+     * In-memory MongoDB instance for development
+     */
+    _devDatabase;
+    /**
+     * Function to create the schema map given a Mongoose connection
+     */
+    _schemaMapFactory;
+    /**
+     * Function to initialize the database with default data
+     */
+    _databaseInitFunction;
+    /**
+     * Function to create a hash from the database initialization results (for logging purposes)
+     */
+    _initResultHashFunction;
+    /**
+     * Application environment
+     */
+    _environment;
+    /**
+     * Application constants
+     */
+    _constants;
+    constructor(schemaMapFactory, databaseInitFunction, initResultHashFunction, environment, constants = suite_core_lib_1.Constants) {
+        this._schemaMapFactory = schemaMapFactory;
+        this._databaseInitFunction = databaseInitFunction;
+        this._initResultHashFunction = initResultHashFunction;
+        this._environment = environment;
+        this._constants = constants;
+    }
+    /**
+     * Get the underlying mongoose instance (for backward compatibility).
+     */
+    get db() {
+        if (!this._db) {
+            throw new suite_core_lib_1.TranslatableSuiteError(suite_core_lib_1.SuiteCoreStringKey.Admin_Error_DatabaseNotConnectedYet);
+        }
+        return this._db;
+    }
+    /** @inheritdoc */
+    get schemaMap() {
+        return this._schemaMap;
+    }
+    /** @inheritdoc */
+    get devDatabase() {
+        return this._devDatabase;
+    }
+    /**
+     * Validate MongoDB URI to prevent SSRF attacks.
+     * Delegates to the standalone defaultMongoUriValidator for reuse
+     * across both IDatabase and IDocumentStore paths.
+     */
+    validateMongoUri(uri) {
+        (0, default_mongo_uri_validator_1.defaultMongoUriValidator)(uri, this._environment.production);
+    }
+    /**
+     * Connect to MongoDB and initialize schemas.
+     * Extracted from BaseApplication.connectDatabase.
+     * @inheritdoc
+     */
+    async connect(uri) {
+        const mongoUri = uri ?? this._environment.requireMongo.uri;
+        const debug = this._environment.debug;
+        this.validateMongoUri(mongoUri);
+        (0, node_express_suite_1.debugLog)(debug, 'log', `[ ${(0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_Connecting, undefined, undefined, { constants: this._constants })} ] ${(0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_MongoDB, undefined, undefined, { constants: this._constants })}: ${mongoUri}`);
+        // Always disconnect first to ensure clean state
+        if (mongoose_types_1.default.connection.readyState !== 0) {
+            await mongoose_types_1.default.disconnect();
+        }
+        // amazonq-ignore-next-line solved above with validateMongoUri call
+        const mongoConfig = this._environment.mongo;
+        await mongoose_types_1.default.connect(mongoUri, {
+            maxPoolSize: mongoConfig.maxPoolSize,
+            minPoolSize: mongoConfig.minPoolSize,
+            maxIdleTimeMS: mongoConfig.maxIdleTimeMS,
+            serverSelectionTimeoutMS: mongoConfig.serverSelectionTimeoutMS,
+            socketTimeoutMS: mongoConfig.socketTimeoutMS,
+            retryWrites: mongoConfig.retryWrites,
+            retryReads: mongoConfig.retryReads,
+            readConcern: mongoConfig.readConcern,
+            writeConcern: mongoConfig.writeConcern,
+        });
+        this._db = mongoose_types_1.default;
+        await new Promise((resolve) => {
+            if (mongoose_types_1.default.connection.readyState === 1) {
+                resolve();
+            }
+            else {
+                mongoose_types_1.default.connection.once('connected', resolve);
+            }
+        });
+        const engine = (0, suite_core_lib_1.getSuiteCoreI18nEngine)({ constants: this._constants });
+        (0, node_express_suite_1.debugLog)(debug, 'log', engine.t('[ {{SuiteCoreStringKey.Common_Connected}} ] {{SuiteCoreStringKey.Common_MongoDB}}'));
+        (0, node_express_suite_1.debugLog)(debug, 'log', engine.t('[ {{SuiteCoreStringKey.Common_Loading}} ] {{SuiteCoreStringKey.Common_Schemas}}'));
+        this._schemaMap = this._schemaMapFactory(this.db.connection);
+        // Register all base models in ModelRegistry for extensibility
+        if (this._schemaMap) {
+            Object.values(this._schemaMap).forEach((schema) => {
+                model_registry_1.ModelRegistry.instance.register({
+                    modelName: schema.modelName,
+                    schema: schema.schema,
+                    model: schema.model,
+                    collection: schema.collection,
+                    discriminators: schema.discriminators,
+                });
+            });
+        }
+        if (debug) {
+            Object.values(this._schemaMap).forEach((schema) => {
+                console.log(engine.t(`[ {{SuiteCoreStringKey.Common_Loaded}} ] {{SuiteCoreStringKey.Common_Schema}} '${schema.modelName.replace(/[\r\n]/g, '')}'`));
+            });
+        }
+        if (!this._db.connection.db) {
+            console.error(engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Admin_Error_FailedToSetTransactionTimeout));
+        }
+        else {
+            const command = {
+                ...(this._environment.mongo.setParameterSupported
+                    ? { setParameter: 1 }
+                    : {}),
+                ...(this._environment.mongo.useTransactions &&
+                    this._environment.mongo.transactionLifetimeLimitSecondsSupported
+                    ? {
+                        transactionLifetimeLimitSeconds: this._environment.mongo.transactionTimeout,
+                    }
+                    : {}),
+                ...(this._environment.mongo.useTransactions &&
+                    this._environment.mongo.maxTransactionLockRequestTimeoutMillisSupported
+                    ? {
+                        maxTransactionLockRequestTimeoutMillis: this._environment.mongo.transactionLockRequestTimeout,
+                    }
+                    : {}),
+            };
+            if (Object.keys(command).length > 0) {
+                await this._db.connection.db
+                    .admin()
+                    .command(command)
+                    .catch(() => undefined);
+            }
+            (0, node_express_suite_1.debugLog)(debug, 'log', engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Admin_SetTransactionTimeoutSuccessfully));
+        }
+    }
+    /**
+     * Disconnect from database.
+     * Extracted from BaseApplication.disconnectDatabase.
+     * @inheritdoc
+     */
+    async disconnect() {
+        const debug = this._environment.debug;
+        if (this._db && mongoose_types_1.default.connection.readyState !== 0) {
+            await this._db.disconnect();
+        }
+        const engine = (0, suite_core_lib_1.getSuiteCoreI18nEngine)({ constants: this._constants });
+        this._db = undefined;
+        (0, node_express_suite_1.debugLog)(debug, 'log', `[ ${engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Common_Disconnected)} ] ${engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Common_MongoDB)}`);
+    }
+    /**
+     * Whether the store is currently connected and ready for operations.
+     * @inheritdoc
+     */
+    isConnected() {
+        return mongoose_types_1.default.connection.readyState === 1;
+    }
+    /**
+     * Retrieve a model/collection handle by name.
+     * Delegates to ModelRegistry.
+     * @inheritdoc
+     */
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    getModel(modelName) {
+        return model_registry_1.ModelRegistry.instance.get(modelName).model;
+    }
+    /**
+     * Set up an in-memory MongoDB instance for development.
+     * Extracted from BaseApplication.setupDevDatabase.
+     * @inheritdoc
+     */
+    async setupDevStore() {
+        this._devDatabase = await mongodb_memory_server_1.MongoMemoryReplSet.create({
+            replSet: { count: 1, storageEngine: 'wiredTiger' },
+        });
+        await this._devDatabase.waitUntilRunning();
+        const mongoUri = this._devDatabase.getUri(this._environment.devDatabase) +
+            '&maxPoolSize=20&minPoolSize=4';
+        this._environment.setEnvironment('mongo.uri', mongoUri);
+        (0, node_express_suite_1.debugLog)(this._environment.debug, 'log', `MongoDB Memory Server with transactions: ${mongoUri}`);
+        return mongoUri;
+    }
+    /**
+     * Initialize the development database with default data.
+     * Extracted from BaseApplication.initializeDevDatabase.
+     * @inheritdoc
+     */
+    async initializeDevStore(app) {
+        const engine = (0, suite_core_lib_1.getSuiteCoreI18nEngine)({ constants: this._constants });
+        (0, node_express_suite_1.debugLog)(this._environment.debug, 'log', `${engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Admin_StartingDatabaseInitialization)}: ${engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Admin_TransactionsEnabledDisabledTemplate, {
+            STATE: this._environment.mongo.useTransactions
+                ? engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Common_Enabled)
+                : engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Common_Disabled),
+        })}`);
+        let initTimeout;
+        const initTimeoutMs = 300000;
+        const accountDataResult = await Promise.race([
+            this._databaseInitFunction(app),
+            new Promise((_, reject) => {
+                initTimeout = setTimeout(() => {
+                    const logMsg = engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Admin_Error_FailedToInitializeUserDatabaseTimeoutTemplate, { timeMs: initTimeoutMs.toString() });
+                    console.error(logMsg);
+                    reject(new Error(logMsg));
+                }, initTimeoutMs);
+            }),
+        ]);
+        if (initTimeout)
+            clearTimeout(initTimeout);
+        if (accountDataResult.success && accountDataResult.data) {
+            if (this._environment.detailedDebug) {
+                const initHash = this._initResultHashFunction(accountDataResult.data);
+                (0, node_express_suite_1.debugLog)(true, 'log', engine.translateStringKey(suite_core_lib_1.SuiteCoreStringKey.Admin_DatabaseInitializedWithOptionsHashTemplate, { hash: initHash }));
+            }
+            return accountDataResult.data;
+        }
+        else {
+            if (this._environment.detailedDebug && accountDataResult.error) {
+                (0, node_express_suite_1.debugLog)(true, 'log', accountDataResult.error);
+            }
+            throw new suite_core_lib_1.TranslatableSuiteError(suite_core_lib_1.SuiteCoreStringKey.Admin_Error_FailedToInitializeUserDatabase);
+        }
+    }
+}
+exports.MongooseDocumentStore = MongooseDocumentStore;
+//# sourceMappingURL=mongoose-document-store.js.map

package/src/services/mongoose-document-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mongoose-document-store.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite-mongo/src/services/mongoose-document-store.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;AAEH,6FAAkE;AAClE,oEAOyC;AACzC,iEAA2D;AAE3D,4EAA4E;AAC5E,sDAAkD;AAQlD,sFAAgF;AAKhF;;;;;;;GAOG;AACH,8DAA8D;AAC9D,MAAa,qBAAqB;IAMhC;;OAEG;IACK,GAAG,CAAmB;IAE9B;;OAEG;IACK,UAAU,CAA8B;IAEhD;;OAEG;IACK,YAAY,CAAsB;IAE1C;;OAEG;IACc,iBAAiB,CAEF;IAEhC;;OAEG;IACc,qBAAqB,CAEM;IAE5C;;OAEG;IACc,uBAAuB,CAE5B;IAEZ;;OAEG;IACc,YAAY,CAAmB;IAEhD;;OAEG;IACc,UAAU,CAAa;IAExC,YACE,gBAE+B,EAC/B,oBAE2C,EAC3C,sBAA6D,EAC7D,WAA6B,EAC7B,YAAwB,0BAAuB;QAE/C,IAAI,CAAC,iBAAiB,GAAG,gBAAgB,CAAC;QAC1C,IAAI,CAAC,qBAAqB,GAAG,oBAAoB,CAAC;QAClD,IAAI,CAAC,uBAAuB,GAAG,sBAAsB,CAAC;QACtD,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC;QAChC,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,IAAW,EAAE;QACX,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,uCAAsB,CAC9B,mCAAkB,CAAC,mCAAmC,CACvD,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAED,kBAAkB;IAClB,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED,kBAAkB;IAClB,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACK,gBAAgB,CAAC,GAAW;QAClC,IAAA,sDAAwB,EAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;IAC9D,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,OAAO,CAAC,GAAY;QAC/B,MAAM,QAAQ,GAAG,GAAG,IAAI,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,GAAG,CAAC;QAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC;QAEtC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAA,6BAAQ,EACN,KAAK,EACL,KAAK,EACL,KAAK,IAAA,wCAAuB,EAC1B,mCAAkB,CAAC,iBAAiB,EACpC,SAAS,EACT,SAAS,EACT,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,CAC/B,MAAM,IAAA,wCAAuB,EAC5B,mCAAkB,CAAC,cAAc,EACjC,SAAS,EACT,SAAS,EACT,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,CAC/B,KAAK,QAAQ,EAAE,CACjB,CAAC;QAEF,gDAAgD;QAChD,IAAI,wBAAQ,CAAC,UAAU,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;YACzC,MAAM,wBAAQ,CAAC,UAAU,EAAE,CAAC;QAC9B,CAAC;QAED,mEAAmE;QACnE,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,KAAqC,CAAC;QAC5E,MAAM,wBAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE;YAC/B,WAAW,EAAE,WAAW,CAAC,WAAW;YACpC,WAAW,EAAE,WAAW,CAAC,WAAW;YACpC,aAAa,EAAE,WAAW,CAAC,aAAa;YACxC,wBAAwB,EAAE,WAAW,CAAC,wBAAwB;YAC9D,eAAe,EAAE,WAAW,CAAC,eAAe;YAC5C,WAAW,EAAE,WAAW,CAAC,WAAW;YACpC,UAAU,EAAE,WAAW,CAAC,UAAU;YAClC,WAAW,EAAE,WAAW,CAAC,WAAW;YACpC,YAAY,EAAE,WAAW,CAAC,YAAY;SACvC,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,GAAG,wBAAQ,CAAC;QAEpB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;YAClC,IAAI,wBAAQ,CAAC,UAAU,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;gBACzC,OAAO,EAAE,CAAC;YACZ,CAAC;iBAAM,CAAC;gBACN,wBAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;YACjD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,IAAA,uCAAsB,EAAC,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QACtE,IAAA,6BAAQ,EACN,KAAK,EACL,KAAK,EACL,MAAM,CAAC,CAAC,CACN,mFAAmF,CACpF,CACF,CAAC;QAEF,IAAA,6BAAQ,EACN,KAAK,EACL,KAAK,EACL,MAAM,CAAC,CAAC,CACN,iFAAiF,CAClF,CACF,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC;QAC7D,8DAA8D;QAC9D,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;gBAChD,8BAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC;oBAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;oBAC3B,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,UAAU,EAAE,MAAM,CAAC,UAAU;oBAC7B,cAAc,EAAE,MAAM,CAAC,cAAc;iBACtC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YAER,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAC9B,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;gBACnB,OAAO,CAAC,GAAG,CACT,MAAM,CAAC,CAAC,CACN,kFAAkF,MAAM,CAAC,SAAS,CAAC,OAAO,CACxG,SAAS,EACT,EAAE,CACH,GAAG,CACL,CACF,CAAC;YACJ,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;YAC5B,OAAO,CAAC,KAAK,CACX,MAAM,CAAC,kBAAkB,CACvB,mCAAkB,CAAC,yCAAyC,CAC7D,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,GAAG;gBACd,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,qBAAqB;oBAC/C,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE;oBACrB,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,eAAe;oBAC3C,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,wCAAwC;oBAC9D,CAAC,CAAC;wBACE,+BAA+B,EAC7B,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,kBAAkB;qBAC7C;oBACH,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,eAAe;oBAC3C,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,+CAA+C;oBACrE,CAAC,CAAC;wBACE,sCAAsC,EACpC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,6BAA6B;qBACxD;oBACH,CAAC,CAAC,EAAE,CAAC;aACR,CAAC;YACF,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE;qBACzB,KAAK,EAAE;qBACP,OAAO,CAAC,OAAO,CAAC;qBAChB,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;YAC5B,CAAC;YACD,IAAA,6BAAQ,EACN,KAAK,EACL,KAAK,EACL,MAAM,CAAC,kBAAkB,CACvB,mCAAkB,CAAC,uCAAuC,CAC3D,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,UAAU;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC;QACtC,IAAI,IAAI,CAAC,GAAG,IAAI,wBAAQ,CAAC,UAAU,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;QAC9B,CAAC;QACD,MAAM,MAAM,GAAG,IAAA,uCAAsB,EAAC,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,GAAG,GAAG,SAAS,CAAC;QACrB,IAAA,6BAAQ,EACN,KAAK,EACL,KAAK,EACL,KAAK,MAAM,CAAC,kBAAkB,CAC5B,mCAAkB,CAAC,mBAAmB,CACvC,MAAM,MAAM,CAAC,kBAAkB,CAAC,mCAAkB,CAAC,cAAc,CAAC,EAAE,CACtE,CAAC;IACJ,CAAC;IAED;;;OAGG;IACI,WAAW;QAChB,OAAO,wBAAQ,CAAC,UAAU,CAAC,UAAU,KAAK,CAAC,CAAC;IAC9C,CAAC;IAED;;;;OAIG;IACH,8DAA8D;IACvD,QAAQ,CACb,SAAiB;QAEjB,OAAO,8BAAa,CAAC,QAAQ,CAAC,GAAG,CAAS,SAAS,CAAC,CAAC,KAAK,CAAC;IAC7D,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,aAAa;QACxB,IAAI,CAAC,YAAY,GAAG,MAAM,0CAAkB,CAAC,MAAM,CAAC;YAClD,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE;SACnD,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;QAC3C,MAAM,QAAQ,GACZ,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;YACvD,+BAA+B,CAAC;QAClC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QACxD,IAAA,6BAAQ,EACN,IAAI,CAAC,YAAY,CAAC,KAAK,EACvB,KAAK,EACL,4CAA4C,QAAQ,EAAE,CACvD,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,kBAAkB,CAC7B,GAAsB;QAEtB,MAAM,MAAM,GAAG,IAAA,uCAAsB,EAAC,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;QACtE,IAAA,6BAAQ,EACN,IAAI,CAAC,YAAY,CAAC,KAAK,EACvB,KAAK,EACL,GAAG,MAAM,CAAC,kBAAkB,CAC1B,mCAAkB,CAAC,oCAAoC,CACxD,KAAK,MAAM,CAAC,kBAAkB,CAC7B,mCAAkB,CAAC,yCAAyC,EAC5D;YACE,KAAK,EAAE,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,eAAe;gBAC5C,CAAC,CAAC,MAAM,CAAC,kBAAkB,CAAC,mCAAkB,CAAC,cAAc,CAAC;gBAC9D,CAAC,CAAC,MAAM,CAAC,kBAAkB,CAAC,mCAAkB,CAAC,eAAe,CAAC;SAClE,CACF,EAAE,CACJ,CAAC;QACF,IAAI,WAAuC,CAAC;QAC5C,MAAM,aAAa,GAAG,MAAM,CAAC;QAE7B,MAAM,iBAAiB,GAAkC,MAAM,OAAO,CAAC,IAAI,CACzE;YACE,IAAI,CAAC,qBAAqB,CAAC,GAAwC,CAAC;YACpE,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;gBAC/B,WAAW,GAAG,UAAU,CAAC,GAAG,EAAE;oBAC5B,MAAM,MAAM,GAAG,MAAM,CAAC,kBAAkB,CACtC,mCAAkB,CAAC,yDAAyD,EAC5E,EAAE,MAAM,EAAE,aAAa,CAAC,QAAQ,EAAE,EAAE,CACrC,CAAC;oBACF,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBACtB,MAAM,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;gBAC5B,CAAC,EAAE,aAAa,CAAC,CAAC;YACpB,CAAC,CAAC;SACH,CACF,CAAC;QACF,IAAI,WAAW;YAAE,YAAY,CAAC,WAAW,CAAC,CAAC;QAE3C,IAAI,iBAAiB,CAAC,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC;YACxD,IAAI,IAAI,CAAC,YAAY,CAAC,aAAa,EAAE,CAAC;gBACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;gBACtE,IAAA,6BAAQ,EACN,IAAI,EACJ,KAAK,EACL,MAAM,CAAC,kBAAkB,CACvB,mCAAkB,CAAC,gDAAgD,EACnE,EAAE,IAAI,EAAE,QAAQ,EAAE,CACnB,CACF,CAAC;YACJ,CAAC;YACD,OAAO,iBAAiB,CAAC,IAA0B,CAAC;QACtD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,YAAY,CAAC,aAAa,IAAI,iBAAiB,CAAC,KAAK,EAAE,CAAC;gBAC/D,IAAA,6BAAQ,EAAC,IAAI,EAAE,KAAK,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC;YACjD,CAAC;YACD,MAAM,IAAI,uCAAsB,CAC9B,mCAAkB,CAAC,0CAA0C,CAC9D,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAnXD,sDAmXC"}

package/src/services/mongoose-session-adapter.d.ts

@@ -0,0 +1,39 @@
+/**
+ * @fileoverview Mongoose session adapter implementing IClientSession.
+ * Wraps a mongodb ClientSession to conform to the shared IClientSession interface
+ * from brightchain-lib.
+ * @module services/mongoose-session-adapter
+ */
+import type { IClientSession } from '@digitaldefiance/suite-core-lib';
+import type { ClientSession } from 'mongodb';
+/**
+ * Adapts a mongodb ClientSession to the IClientSession interface.
+ * This allows mongoose-based transaction code to work through the
+ * shared interface contract.
+ */
+export declare class MongooseSessionAdapter implements IClientSession {
+    private readonly _session;
+    constructor(session: ClientSession);
+    /**
+     * Unique session ID as a string.
+     * Falls back to 'unknown' if the session has no server session yet.
+     */
+    get id(): string;
+    /**
+     * Whether a transaction is currently active on this session.
+     */
+    get inTransaction(): boolean;
+    /**
+     * Get the underlying mongodb ClientSession for passing to mongoose operations.
+     */
+    get nativeSession(): ClientSession;
+    /** Start a new transaction on this session. */
+    startTransaction(): void;
+    /** Commit the current transaction. */
+    commitTransaction(): Promise<void>;
+    /** Abort the current transaction. */
+    abortTransaction(): Promise<void>;
+    /** End this session, releasing server resources. */
+    endSession(): void;
+}
+//# sourceMappingURL=mongoose-session-adapter.d.ts.map

package/src/services/mongoose-session-adapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mongoose-session-adapter.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite-mongo/src/services/mongoose-session-adapter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C;;;;GAIG;AACH,qBAAa,sBAAuB,YAAW,cAAc;IAC3D,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAgB;gBAE7B,OAAO,EAAE,aAAa;IAIlC;;;OAGG;IACH,IAAI,EAAE,IAAI,MAAM,CAMf;IAED;;OAEG;IACH,IAAI,aAAa,IAAI,OAAO,CAE3B;IAED;;OAEG;IACH,IAAI,aAAa,IAAI,aAAa,CAEjC;IAED,+CAA+C;IAC/C,gBAAgB,IAAI,IAAI;IAIxB,sCAAsC;IAChC,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAIxC,qCAAqC;IAC/B,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC;IAIvC,oDAAoD;IACpD,UAAU,IAAI,IAAI;CAKnB"}

package/src/services/mongoose-session-adapter.js

@@ -0,0 +1,63 @@
+"use strict";
+/**
+ * @fileoverview Mongoose session adapter implementing IClientSession.
+ * Wraps a mongodb ClientSession to conform to the shared IClientSession interface
+ * from brightchain-lib.
+ * @module services/mongoose-session-adapter
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MongooseSessionAdapter = void 0;
+/**
+ * Adapts a mongodb ClientSession to the IClientSession interface.
+ * This allows mongoose-based transaction code to work through the
+ * shared interface contract.
+ */
+class MongooseSessionAdapter {
+    _session;
+    constructor(session) {
+        this._session = session;
+    }
+    /**
+     * Unique session ID as a string.
+     * Falls back to 'unknown' if the session has no server session yet.
+     */
+    get id() {
+        const sessionId = this._session.id;
+        if (sessionId?.id) {
+            return sessionId.id.toString('hex');
+        }
+        return 'unknown';
+    }
+    /**
+     * Whether a transaction is currently active on this session.
+     */
+    get inTransaction() {
+        return this._session.inTransaction();
+    }
+    /**
+     * Get the underlying mongodb ClientSession for passing to mongoose operations.
+     */
+    get nativeSession() {
+        return this._session;
+    }
+    /** Start a new transaction on this session. */
+    startTransaction() {
+        this._session.startTransaction();
+    }
+    /** Commit the current transaction. */
+    async commitTransaction() {
+        await this._session.commitTransaction();
+    }
+    /** Abort the current transaction. */
+    async abortTransaction() {
+        await this._session.abortTransaction();
+    }
+    /** End this session, releasing server resources. */
+    endSession() {
+        // mongodb's endSession returns Promise<void>, but IClientSession declares void.
+        // Fire and forget — the session cleanup is best-effort.
+        void this._session.endSession();
+    }
+}
+exports.MongooseSessionAdapter = MongooseSessionAdapter;
+//# sourceMappingURL=mongoose-session-adapter.js.map

package/src/services/mongoose-session-adapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mongoose-session-adapter.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite-mongo/src/services/mongoose-session-adapter.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAKH;;;;GAIG;AACH,MAAa,sBAAsB;IAChB,QAAQ,CAAgB;IAEzC,YAAY,OAAsB;QAChC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACH,IAAI,EAAE;QACJ,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,IAAI,SAAS,EAAE,EAAE,EAAE,CAAC;YAClB,OAAO,SAAS,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED,+CAA+C;IAC/C,gBAAgB;QACd,IAAI,CAAC,QAAQ,CAAC,gBAAgB,EAAE,CAAC;IACnC,CAAC;IAED,sCAAsC;IACtC,KAAK,CAAC,iBAAiB;QACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,iBAAiB,EAAE,CAAC;IAC1C,CAAC;IAED,qCAAqC;IACrC,KAAK,CAAC,gBAAgB;QACpB,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,EAAE,CAAC;IACzC,CAAC;IAED,oDAAoD;IACpD,UAAU;QACR,gFAAgF;QAChF,wDAAwD;QACxD,KAAK,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;IAClC,CAAC;CACF;AAtDD,wDAsDC"}

package/src/services/request-user.d.ts

@@ -0,0 +1,22 @@
+/**
+ * @fileoverview Service for transforming user documents into request user DTOs and backend objects.
+ * Handles serialization and deserialization of user data for API requests and JWT tokens.
+ * @module services/request-user
+ */
+import { IRequestUserDTO, ITokenRole } from '@digitaldefiance/suite-core-lib';
+import { UserDocument } from '../documents';
+import type { IRequestUserBackendObject } from '@digitaldefiance/node-express-suite';
+import { PlatformID } from '@digitaldefiance/node-ecies-lib';
+/**
+ * Service for converting between user documents, DTOs, and backend objects.
+ * Provides transformation methods for user data in different contexts (API, JWT, database).
+ */
+export declare class RequestUserService<TID extends PlatformID, _TTokenRole extends ITokenRole<TID>> {
+    static makeRequestUserDTO<TID extends PlatformID, TLanguage extends string, TTokenRole extends ITokenRole<TID>, TRequestUserDTO extends IRequestUserDTO>(userDoc: UserDocument<TLanguage, TID> | (Pick<UserDocument<TLanguage, TID>, keyof UserDocument<TLanguage, TID>> & {
+        _id: PlatformID;
+    }), roles: TTokenRole[]): TRequestUserDTO;
+    static hydrateRequestUser<TID extends PlatformID, TLanguage extends string, TRequestUserDTO extends IRequestUserDTO & {
+        siteLanguage: TLanguage;
+    }>(requestUser: TRequestUserDTO): IRequestUserBackendObject<TLanguage, TID>;
+}
+//# sourceMappingURL=request-user.d.ts.map

package/src/services/request-user.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-user.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite-mongo/src/services/request-user.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,eAAe,EAEf,UAAU,EACX,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,qCAAqC,CAAC;AAErF,OAAO,EAEL,UAAU,EACX,MAAM,iCAAiC,CAAC;AAEzC;;;GAGG;AACH,qBAAa,kBAAkB,CAC7B,GAAG,SAAS,UAAU,EACtB,WAAW,SAAS,UAAU,CAAC,GAAG,CAAC;WAErB,kBAAkB,CAC9B,GAAG,SAAS,UAAU,EACtB,SAAS,SAAS,MAAM,EACxB,UAAU,SAAS,UAAU,CAAC,GAAG,CAAC,EAClC,eAAe,SAAS,eAAe,EAEvC,OAAO,EACH,YAAY,CAAC,SAAS,EAAE,GAAG,CAAC,GAC5B,CAAC,IAAI,CACH,YAAY,CAAC,SAAS,EAAE,GAAG,CAAC,EAC5B,MAAM,YAAY,CAAC,SAAS,EAAE,GAAG,CAAC,CACnC,GAAG;QACF,GAAG,EAAE,UAAU,CAAC;KACjB,CAAC,EACN,KAAK,EAAE,UAAU,EAAE,GAClB,eAAe;WA6BJ,kBAAkB,CAC9B,GAAG,SAAS,UAAU,EACtB,SAAS,SAAS,MAAM,EACxB,eAAe,SAAS,eAAe,GAAG;QAAE,YAAY,EAAE,SAAS,CAAA;KAAE,EACrE,WAAW,EAAE,eAAe,GAAG,yBAAyB,CAAC,SAAS,EAAE,GAAG,CAAC;CA2B3E"}

package/src/services/request-user.js

@@ -0,0 +1,66 @@
+"use strict";
+/**
+ * @fileoverview Service for transforming user documents into request user DTOs and backend objects.
+ * Handles serialization and deserialization of user data for API requests and JWT tokens.
+ * @module services/request-user
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestUserService = void 0;
+const role_1 = require("./role");
+const node_ecies_lib_1 = require("@digitaldefiance/node-ecies-lib");
+/**
+ * Service for converting between user documents, DTOs, and backend objects.
+ * Provides transformation methods for user data in different contexts (API, JWT, database).
+ */
+class RequestUserService {
+    static makeRequestUserDTO(userDoc, roles) {
+        if (!userDoc._id) {
+            throw new Error('User document is missing _id');
+        }
+        const rolePrivileges = {
+            admin: roles.some((r) => r.admin),
+            member: roles.some((r) => r.member),
+            child: roles.some((r) => r.child),
+            system: roles.some((r) => r.system),
+        };
+        const provider = (0, node_ecies_lib_1.getEnhancedNodeIdProvider)();
+        return {
+            id: provider.idToString(userDoc._id),
+            email: userDoc.email,
+            roles: roles.map((r) => role_1.RoleService.roleToRoleDTO(r)),
+            rolePrivileges,
+            username: userDoc.username,
+            timezone: userDoc.timezone,
+            currency: userDoc.currency,
+            directChallenge: userDoc.directChallenge,
+            emailVerified: userDoc.emailVerified,
+            darkMode: userDoc.darkMode,
+            siteLanguage: userDoc.siteLanguage,
+            ...(userDoc.lastLogin && { lastLogin: userDoc.lastLogin.toString() }),
+        };
+    }
+    static hydrateRequestUser(requestUser) {
+        const provider = (0, node_ecies_lib_1.getEnhancedNodeIdProvider)();
+        const convert = (id) => provider.idFromString(id);
+        const hydratedRoles = requestUser.roles.map((role) => role_1.RoleService.hydrateRoleDTOToBackend(role));
+        const hydratedUser = {
+            id: convert(requestUser.id),
+            email: requestUser.email,
+            roles: hydratedRoles,
+            rolePrivileges: requestUser.rolePrivileges,
+            username: requestUser.username,
+            timezone: requestUser.timezone,
+            currency: requestUser.currency,
+            directChallenge: requestUser.directChallenge,
+            emailVerified: requestUser.emailVerified,
+            darkMode: requestUser.darkMode,
+            siteLanguage: requestUser.siteLanguage,
+        };
+        if (requestUser.lastLogin) {
+            hydratedUser.lastLogin = new Date(requestUser.lastLogin);
+        }
+        return hydratedUser;
+    }
+}
+exports.RequestUserService = RequestUserService;
+//# sourceMappingURL=request-user.js.map

package/src/services/request-user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-user.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite-mongo/src/services/request-user.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AASH,iCAAqC;AACrC,oEAGyC;AAEzC;;;GAGG;AACH,MAAa,kBAAkB;IAItB,MAAM,CAAC,kBAAkB,CAM9B,OAOM,EACN,KAAmB;QAEnB,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QAED,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;YACjC,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;YACnC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;YACjC,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;SACpC,CAAC;QAEF,MAAM,QAAQ,GAAG,IAAA,0CAAyB,GAAO,CAAC;QAClD,OAAO;YACL,EAAE,EAAE,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC;YACpC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,kBAAW,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;YACrD,cAAc;YACd,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,eAAe,EAAE,OAAO,CAAC,eAAe;YACxC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAsB;YAC5C,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,CAAC;SACnD,CAAC;IACvB,CAAC;IAEM,MAAM,CAAC,kBAAkB,CAI9B,WAA4B;QAC5B,MAAM,QAAQ,GAAG,IAAA,0CAAyB,GAAO,CAAC;QAClD,MAAM,OAAO,GAAG,CAAC,EAAU,EAAE,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QAC1D,MAAM,aAAa,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAc,EAAE,EAAE,CAC7D,kBAAW,CAAC,uBAAuB,CAAM,IAAI,CAAC,CAC/C,CAAC;QAEF,MAAM,YAAY,GAA8C;YAC9D,EAAE,EAAE,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAC3B,KAAK,EAAE,WAAW,CAAC,KAAK;YACxB,KAAK,EAAE,aAAa;YACpB,cAAc,EAAE,WAAW,CAAC,cAAc;YAC1C,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,eAAe,EAAE,WAAW,CAAC,eAAe;YAC5C,aAAa,EAAE,WAAW,CAAC,aAAa;YACxC,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,YAAY,EAAE,WAAW,CAAC,YAAY;SACvC,CAAC;QAEF,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;YAC1B,YAAY,CAAC,SAAS,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC3D,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;CACF;AA/ED,gDA+EC"}

package/src/services/role.d.ts

@@ -0,0 +1,97 @@
+/**
+ * @fileoverview Role-based access control (RBAC) service.
+ * Manages roles, user-role relationships, and permission checks.
+ * @module services/role
+ */
+import { MemberType } from '@digitaldefiance/ecies-lib';
+import { ClientSession } from '@digitaldefiance/mongoose-types';
+import { IRoleBase, ITokenRole, ITokenRoleDTO, Role } from '@digitaldefiance/suite-core-lib';
+import { UserDocument } from '../documents';
+import { RoleDocument } from '../documents/role';
+import { UserRoleDocument } from '../documents/user-role';
+import type { IApplication } from '@digitaldefiance/node-express-suite';
+import type { IRoleBackendObject } from '@digitaldefiance/node-express-suite';
+import { BaseService } from '@digitaldefiance/node-express-suite';
+import { type PlatformID } from '@digitaldefiance/node-ecies-lib';
+/**
+ * Service for managing roles and role-based access control.
+ * Handles role creation, user-role assignments, and permission queries.
+ * @template TID - Platform ID type (defaults to Buffer)
+ * @template TDate - Date type (defaults to Date)
+ * @template TTokenRole - Token role interface type
+ * @extends {BaseService<TID>}
+ */
+export declare class RoleService<TID extends PlatformID = Buffer, TDate extends Date = Date, TTokenRole extends ITokenRole<TID, TDate> = ITokenRole<TID, TDate>> extends BaseService<TID> {
+    /**
+     * Constructor for the role service
+     * @param application The application object
+     */
+    constructor(application: IApplication<TID>);
+    static roleToRoleDTO<TID extends PlatformID = Buffer, TDate extends Date = Date>(role: ITokenRole<TID, TDate> | RoleDocument<TID> | Partial<IRoleBase<TID>>): ITokenRoleDTO;
+    /**
+     * Given a Role DTO, reconstitute ids and dates
+     * @param role The Role DTO
+     * @returns An IRoleBackendObject
+     */
+    static hydrateRoleDTOToBackend<TID extends PlatformID = Buffer>(role: ITokenRoleDTO): IRoleBackendObject<TID>;
+    /**
+     * Gets the role ID by name
+     * @param roleName The name of the role
+     * @returns The role ID or null if not found
+     */
+    getRoleIdByName(roleName: Role, session?: ClientSession): Promise<TID | null>;
+    /**
+     * Creates a new role
+     * @param roleData The role data
+     * @param session Optional mongoose session
+     * @returns The created role document
+     */
+    createRole(roleData: IRoleBase<TID, TDate, Role>, session?: ClientSession | null): Promise<RoleDocument<TID>>;
+    /**
+     * Adds a user to a role
+     * @param roleId - The role id
+     * @param userId - The user id
+     * @param createdBy - The user creating the relationship
+     * @param session Optional mongoose session
+     */
+    addUserToRole(roleId: TID, userId: TID, createdBy: TID, session?: ClientSession, overrideId?: TID): Promise<UserRoleDocument<TID>>;
+    /**
+     * Removes a user from a role
+     * @param roleId - The role id
+     * @param userId - The user id
+     * @param deletedBy - The user removing the relationship
+     * @param session Optional mongoose session
+     * @throws LastAdminError if attempting to remove the last admin
+     */
+    removeUserFromRole(roleId: TID, userId: TID, deletedBy: TID, session?: ClientSession): Promise<void>;
+    /**
+     * Deletes a role by ID
+     * @param roleId The role ID
+     * @param deleter The ID of the user deleting the role
+     * @param hardDelete Whether to hard delete the role
+     * @param session Optional mongoose session
+     */
+    deleteRole(roleId: TID, deleter: TID, hardDelete: boolean, session?: ClientSession): Promise<void>;
+    /**
+     * Gets all roles for a user
+     * @param userId The user ID
+     * @param session Optional mongoose session
+     * @returns The roles the user is a member of
+     */
+    getUserRoles(userId: TID, session?: ClientSession): Promise<RoleDocument<TID>[]>;
+    /**
+     * Gets all users for a role
+     * @param roleId The role ID
+     * @param session Optional mongoose session
+     * @returns The user IDs that are members of the role
+     */
+    getRoleUsers(roleId: TID, session?: ClientSession): Promise<TID[]>;
+    /** Convert roles to translated TokenRoles */
+    rolesToTokenRoles(roles: Array<IRoleBackendObject<TID>>, overrideLanguage?: string): Array<TTokenRole>;
+    isUserAdmin(userDoc: UserDocument<string, TID>, session?: ClientSession, providedRoles?: Array<RoleDocument<TID>>): Promise<boolean>;
+    isUserMember(userDoc: UserDocument<string, TID>, session?: ClientSession, providedRoles?: Array<RoleDocument<TID>>): Promise<boolean>;
+    isUserChild(userDoc: UserDocument<string, TID>, session?: ClientSession, providedRoles?: Array<RoleDocument<TID>>): Promise<boolean>;
+    isSystemUser(userDoc: UserDocument<string, TID>, session?: ClientSession, providedRoles?: Array<RoleDocument<TID>>): Promise<boolean>;
+    getMemberType(userDoc: UserDocument<string, TID>, session?: ClientSession, providedRoles?: Array<RoleDocument<TID>>): Promise<MemberType>;
+}
+//# sourceMappingURL=role.d.ts.map

package/src/services/role.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"role.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite-mongo/src/services/role.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAMxD,OAAO,EAAE,aAAa,EAAY,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EACL,SAAS,EAET,UAAU,EACV,aAAa,EAEb,IAAI,EACL,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qCAAqC,CAAC;AACxE,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAE9E,OAAO,EAAQ,WAAW,EAAE,MAAM,qCAAqC,CAAC;AACxE,OAAO,EAEL,KAAK,UAAU,EAChB,MAAM,iCAAiC,CAAC;AAEzC;;;;;;;GAOG;AACH,qBAAa,WAAW,CACtB,GAAG,SAAS,UAAU,GAAG,MAAM,EAC/B,KAAK,SAAS,IAAI,GAAG,IAAI,EACzB,UAAU,SAAS,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAClE,SAAQ,WAAW,CAAC,GAAG,CAAC;IACxB;;;OAGG;gBACS,WAAW,EAAE,YAAY,CAAC,GAAG,CAAC;WAI5B,aAAa,CACzB,GAAG,SAAS,UAAU,GAAG,MAAM,EAC/B,KAAK,SAAS,IAAI,GAAG,IAAI,EAEzB,IAAI,EAAE,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GACzE,aAAa;IAmChB;;;;OAIG;WACW,uBAAuB,CAAC,GAAG,SAAS,UAAU,GAAG,MAAM,EACnE,IAAI,EAAE,aAAa,GAClB,kBAAkB,CAAC,GAAG,CAAC;IAsB1B;;;;OAIG;IACU,eAAe,CAC1B,QAAQ,EAAE,IAAI,EACd,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC;IAatB;;;;;OAKG;IACU,UAAU,CACrB,QAAQ,EAAE,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,EACrC,OAAO,CAAC,EAAE,aAAa,GAAG,IAAI,GAC7B,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;IAS7B;;;;;;OAMG;IACU,aAAa,CACxB,MAAM,EAAE,GAAG,EACX,MAAM,EAAE,GAAG,EACX,SAAS,EAAE,GAAG,EACd,OAAO,CAAC,EAAE,aAAa,EACvB,UAAU,CAAC,EAAE,GAAG,GACf,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;IA4BjC;;;;;;;OAOG;IACU,kBAAkB,CAC7B,MAAM,EAAE,GAAG,EACX,MAAM,EAAE,GAAG,EACX,SAAS,EAAE,GAAG,EACd,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,IAAI,CAAC;IA0BhB;;;;;;OAMG;IACU,UAAU,CACrB,MAAM,EAAE,GAAG,EACX,OAAO,EAAE,GAAG,EACZ,UAAU,EAAE,OAAO,EACnB,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,IAAI,CAAC;IAchB;;;;;OAKG;IACU,YAAY,CACvB,MAAM,EAAE,GAAG,EACX,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC;IAwB/B;;;;;OAKG;IACU,YAAY,CACvB,MAAM,EAAE,GAAG,EACX,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,GAAG,EAAE,CAAC;IAgBjB,6CAA6C;IACtC,iBAAiB,CACtB,KAAK,EAAE,KAAK,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,EACrC,gBAAgB,CAAC,EAAE,MAAM,GACxB,KAAK,CAAC,UAAU,CAAC;IAkBP,WAAW,CACtB,OAAO,EAAE,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,EAClC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GACvC,OAAO,CAAC,OAAO,CAAC;IASN,YAAY,CACvB,OAAO,EAAE,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,EAClC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GACvC,OAAO,CAAC,OAAO,CAAC;IASN,WAAW,CACtB,OAAO,EAAE,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,EAClC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GACvC,OAAO,CAAC,OAAO,CAAC;IASN,YAAY,CACvB,OAAO,EAAE,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,EAClC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GACvC,OAAO,CAAC,OAAO,CAAC;IAMN,aAAa,CACxB,OAAO,EAAE,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,EAClC,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,CAAC,EAAE,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GACvC,OAAO,CAAC,UAAU,CAAC;CAavB"}