@flusys/nestjs-shared 1.1.0-beta → 2.0.0

package/classes/api-service.class.d.ts

@@ -1,11 +1,11 @@
-import { DeleteDto, FilterAndPaginationDto } from '@flusys/nestjs-shared/dtos';
-import { Identity } from '@flusys/nestjs-shared/entities';
-import { ILoggedUserInfo, IService } from '@flusys/nestjs-shared/interfaces';
-import { UtilsService } from '@flusys/nestjs-shared/modules';
+import { DeleteDto, FilterAndPaginationDto } from '../dtos';
+import { Identity } from '../entities';
+import { ILoggedUserInfo, IService } from '../interfaces';
+import { UtilsService } from '../modules/utils/utils.service';
 import { Logger } from '@nestjs/common';
 import { QueryRunner, Repository, SelectQueryBuilder } from 'typeorm';
 import { HybridCache } from './hybrid-cache.class';
-export declare abstract class ApiService<CreateDtoT extends Record<string, unknown>, UpdateDtoT extends {
+export declare abstract class ApiService<CreateDtoT extends object, UpdateDtoT extends {
     id: string;
 }, InterfaceT extends Identity, EntityT extends Identity, RepositoryT extends Repository<EntityT>> implements IService<CreateDtoT, UpdateDtoT, InterfaceT> {
     protected entityName: string;
@@ -30,6 +30,8 @@ export declare abstract class ApiService<CreateDtoT extends Record<string, unkno
     clearCacheForAll(): Promise<void>;
     clearCacheForId(entities: EntityT[]): Promise<void>;
     private handleError;
+    private ensureArray;
+    private executeInTransaction;
     protected ensureRepositoryInitialized(): Promise<void>;
     protected beforeInsertOperation(_dto: CreateDtoT | Array<CreateDtoT>, _user: ILoggedUserInfo | null, _queryRunner: QueryRunner): Promise<void>;
     protected afterInsertOperation(_entity: EntityT[], _user: ILoggedUserInfo | null, _queryRunner: QueryRunner): Promise<void>;

package/classes/index.d.ts

@@ -4,3 +4,4 @@ export * from './request-scoped-api.service';
 export * from './hybrid-cache.class';
 export * from './winston-logger-adapter.class';
 export * from './winston.logger.class';
+export * from '../constants/permissions';

package/classes/request-scoped-api.service.d.ts

@@ -1,12 +1,13 @@
 import { DataSource, EntityTarget, Repository } from 'typeorm';
 import { Identity } from '../entities';
+import { IDataSourceProvider } from '../interfaces';
 import { ApiService } from './api-service.class';
-export declare abstract class RequestScopedApiService<CreateDtoT extends Record<string, unknown>, UpdateDtoT extends {
+export declare abstract class RequestScopedApiService<CreateDtoT extends object, UpdateDtoT extends {
     id: string;
 }, InterfaceT extends Identity, EntityT extends Identity, RepositoryT extends Repository<EntityT>> extends ApiService<CreateDtoT, UpdateDtoT, InterfaceT, EntityT, RepositoryT> {
     private repositoryInitialized;
     protected abstract resolveEntity(): EntityTarget<EntityT>;
-    protected abstract getDataSourceProvider(): any;
+    protected abstract getDataSourceProvider(): IDataSourceProvider;
     protected ensureRepositoryInitialized(): Promise<void>;
     protected initializeAdditionalRepositories(entities: EntityTarget<any>[]): Promise<Repository<any>[]>;
     protected getDataSourceForService(): Promise<DataSource>;

package/classes/winston-logger-adapter.class.d.ts

@@ -3,6 +3,7 @@ import { ILogger } from '../interfaces/logger.interface';
 export declare class WinstonLoggerAdapter implements ILogger {
     private readonly context?;
     constructor(context?: string);
+    private buildLogMeta;
     log(message: string, context?: string, ...args: any[]): void;
     error(message: string, trace?: string, context?: string, ...args: any[]): void;
     warn(message: string, context?: string, ...args: any[]): void;
@@ -12,6 +13,7 @@ export declare class WinstonLoggerAdapter implements ILogger {
 export declare class NestLoggerAdapter implements ILogger {
     private readonly logger;
     constructor(logger: Logger);
+    private formatMessage;
     log(message: string, context?: string, ...args: any[]): void;
     error(message: string, trace?: string, context?: string, ...args: any[]): void;
     warn(message: string, context?: string, ...args: any[]): void;

package/constants/index.d.ts

@@ -8,3 +8,4 @@ export declare const REQUEST_ID_HEADER = "x-request-id";
 export declare const CLIENT_TYPE_HEADER = "x-client-type";
 export declare const PERMISSIONS_CACHE_PREFIX = "permissions";
 export declare const IDEMPOTENCY_CACHE_PREFIX = "idempotency";
+export * from './permissions';

package/constants/permissions.d.ts

@@ -0,0 +1,179 @@
+export declare const USER_PERMISSIONS: {
+    readonly CREATE: "user.create";
+    readonly READ: "user.read";
+    readonly UPDATE: "user.update";
+    readonly DELETE: "user.delete";
+};
+export declare const COMPANY_PERMISSIONS: {
+    readonly CREATE: "company.create";
+    readonly READ: "company.read";
+    readonly UPDATE: "company.update";
+    readonly DELETE: "company.delete";
+};
+export declare const BRANCH_PERMISSIONS: {
+    readonly CREATE: "branch.create";
+    readonly READ: "branch.read";
+    readonly UPDATE: "branch.update";
+    readonly DELETE: "branch.delete";
+};
+export declare const ACTION_PERMISSIONS: {
+    readonly CREATE: "action.create";
+    readonly READ: "action.read";
+    readonly UPDATE: "action.update";
+    readonly DELETE: "action.delete";
+};
+export declare const ROLE_PERMISSIONS: {
+    readonly CREATE: "role.create";
+    readonly READ: "role.read";
+    readonly UPDATE: "role.update";
+    readonly DELETE: "role.delete";
+};
+export declare const ROLE_ACTION_PERMISSIONS: {
+    readonly READ: "role-action.read";
+    readonly ASSIGN: "role-action.assign";
+};
+export declare const USER_ROLE_PERMISSIONS: {
+    readonly READ: "user-role.read";
+    readonly ASSIGN: "user-role.assign";
+};
+export declare const USER_ACTION_PERMISSIONS: {
+    readonly READ: "user-action.read";
+    readonly ASSIGN: "user-action.assign";
+};
+export declare const COMPANY_ACTION_PERMISSIONS: {
+    readonly READ: "company-action.read";
+    readonly ASSIGN: "company-action.assign";
+};
+export declare const FILE_PERMISSIONS: {
+    readonly CREATE: "file.create";
+    readonly READ: "file.read";
+    readonly UPDATE: "file.update";
+    readonly DELETE: "file.delete";
+};
+export declare const FOLDER_PERMISSIONS: {
+    readonly CREATE: "folder.create";
+    readonly READ: "folder.read";
+    readonly UPDATE: "folder.update";
+    readonly DELETE: "folder.delete";
+};
+export declare const STORAGE_CONFIG_PERMISSIONS: {
+    readonly CREATE: "storage-config.create";
+    readonly READ: "storage-config.read";
+    readonly UPDATE: "storage-config.update";
+    readonly DELETE: "storage-config.delete";
+};
+export declare const EMAIL_CONFIG_PERMISSIONS: {
+    readonly CREATE: "email-config.create";
+    readonly READ: "email-config.read";
+    readonly UPDATE: "email-config.update";
+    readonly DELETE: "email-config.delete";
+};
+export declare const EMAIL_TEMPLATE_PERMISSIONS: {
+    readonly CREATE: "email-template.create";
+    readonly READ: "email-template.read";
+    readonly UPDATE: "email-template.update";
+    readonly DELETE: "email-template.delete";
+};
+export declare const FORM_PERMISSIONS: {
+    readonly CREATE: "form.create";
+    readonly READ: "form.read";
+    readonly UPDATE: "form.update";
+    readonly DELETE: "form.delete";
+};
+export declare const FORM_RESULT_PERMISSIONS: {
+    readonly CREATE: "form-result.create";
+    readonly READ: "form-result.read";
+    readonly UPDATE: "form-result.update";
+    readonly DELETE: "form-result.delete";
+};
+export declare const PERMISSIONS: {
+    readonly USER: {
+        readonly CREATE: "user.create";
+        readonly READ: "user.read";
+        readonly UPDATE: "user.update";
+        readonly DELETE: "user.delete";
+    };
+    readonly COMPANY: {
+        readonly CREATE: "company.create";
+        readonly READ: "company.read";
+        readonly UPDATE: "company.update";
+        readonly DELETE: "company.delete";
+    };
+    readonly BRANCH: {
+        readonly CREATE: "branch.create";
+        readonly READ: "branch.read";
+        readonly UPDATE: "branch.update";
+        readonly DELETE: "branch.delete";
+    };
+    readonly ACTION: {
+        readonly CREATE: "action.create";
+        readonly READ: "action.read";
+        readonly UPDATE: "action.update";
+        readonly DELETE: "action.delete";
+    };
+    readonly ROLE: {
+        readonly CREATE: "role.create";
+        readonly READ: "role.read";
+        readonly UPDATE: "role.update";
+        readonly DELETE: "role.delete";
+    };
+    readonly ROLE_ACTION: {
+        readonly READ: "role-action.read";
+        readonly ASSIGN: "role-action.assign";
+    };
+    readonly USER_ROLE: {
+        readonly READ: "user-role.read";
+        readonly ASSIGN: "user-role.assign";
+    };
+    readonly USER_ACTION: {
+        readonly READ: "user-action.read";
+        readonly ASSIGN: "user-action.assign";
+    };
+    readonly COMPANY_ACTION: {
+        readonly READ: "company-action.read";
+        readonly ASSIGN: "company-action.assign";
+    };
+    readonly FILE: {
+        readonly CREATE: "file.create";
+        readonly READ: "file.read";
+        readonly UPDATE: "file.update";
+        readonly DELETE: "file.delete";
+    };
+    readonly FOLDER: {
+        readonly CREATE: "folder.create";
+        readonly READ: "folder.read";
+        readonly UPDATE: "folder.update";
+        readonly DELETE: "folder.delete";
+    };
+    readonly STORAGE_CONFIG: {
+        readonly CREATE: "storage-config.create";
+        readonly READ: "storage-config.read";
+        readonly UPDATE: "storage-config.update";
+        readonly DELETE: "storage-config.delete";
+    };
+    readonly EMAIL_CONFIG: {
+        readonly CREATE: "email-config.create";
+        readonly READ: "email-config.read";
+        readonly UPDATE: "email-config.update";
+        readonly DELETE: "email-config.delete";
+    };
+    readonly EMAIL_TEMPLATE: {
+        readonly CREATE: "email-template.create";
+        readonly READ: "email-template.read";
+        readonly UPDATE: "email-template.update";
+        readonly DELETE: "email-template.delete";
+    };
+    readonly FORM: {
+        readonly CREATE: "form.create";
+        readonly READ: "form.read";
+        readonly UPDATE: "form.update";
+        readonly DELETE: "form.delete";
+    };
+    readonly FORM_RESULT: {
+        readonly CREATE: "form-result.create";
+        readonly READ: "form-result.read";
+        readonly UPDATE: "form-result.update";
+        readonly DELETE: "form-result.delete";
+    };
+};
+export type PermissionCode = (typeof PERMISSIONS)[keyof typeof PERMISSIONS][keyof (typeof PERMISSIONS)[keyof typeof PERMISSIONS]];

package/decorators/index.d.ts

@@ -2,3 +2,4 @@ export * from './api-response.decorator';
 export * from './current-user.decorator';
 export * from './public.decorator';
 export * from './require-permission.decorator';
+export * from './sanitize-html.decorator';

package/decorators/sanitize-html.decorator.d.ts

@@ -0,0 +1,2 @@
+export declare function SanitizeHtml(): PropertyDecorator;
+export declare function SanitizeAndTrim(): PropertyDecorator;

package/dtos/delete.dto.d.ts

@@ -1,4 +1,5 @@
 export declare class DeleteDto {
     id: string | string[];
     type: 'delete' | 'restore' | 'permanent';
+    deletedById?: string;
 }

package/dtos/filter-and-pagination.dto.d.ts

@@ -5,9 +5,7 @@ export declare class FilterAndPaginationDto {
     sort?: Record<string, 'ASC' | 'DESC'>;
     select?: string[];
     withDeleted?: boolean;
-    extraKey?: string[];
 }
 export declare class GetByIdBodyDto {
     select?: string[];
-    extraKey?: string[];
 }

package/dtos/response-payload.dto.d.ts

@@ -41,23 +41,3 @@ export declare class MessageResponseDto {
     message: string;
     _meta?: RequestMetaDto;
 }
-export declare class ValidationErrorDto {
-    field: string;
-    message: string;
-    constraint?: string;
-}
-export declare class ErrorResponseDto {
-    success: false;
-    message: string;
-    code?: string;
-    errors?: ValidationErrorDto[];
-    _meta?: RequestMetaDto;
-}
-export declare class ResponsePayloadDto<T> {
-    success: boolean;
-    message: string;
-    data?: T;
-    meta?: PaginationMetaDto | BulkMetaDto;
-    _meta?: RequestMetaDto;
-}
-export type ApiResponse<T> = SingleResponseDto<T> | ListResponseDto<T> | BulkResponseDto<T> | MessageResponseDto | ErrorResponseDto;

package/fesm/classes/api-controller.class.js

@@ -25,10 +25,10 @@ function _ts_param(paramIndex, decorator) {
         decorator(target, key, paramIndex);
     };
 }
-import { CurrentUser, Public, RequirePermission, RequireAnyPermission, RequirePermissionCondition } from '@flusys/nestjs-shared/decorators';
-import { DeleteDto, FilterAndPaginationDto, GetByIdBodyDto } from '@flusys/nestjs-shared/dtos';
-import { JwtAuthGuard, PermissionGuard } from '@flusys/nestjs-shared/guards';
-import { IdempotencyInterceptor, SetCreatedByOnBody, SetDeletedByOnBody, SetUpdateByOnBody, Slug } from '@flusys/nestjs-shared/interceptors';
+import { CurrentUser, Public, RequirePermission, RequireAnyPermission, RequirePermissionCondition } from '../decorators';
+import { DeleteDto, FilterAndPaginationDto, GetByIdBodyDto } from '../dtos';
+import { JwtAuthGuard, PermissionGuard } from '../guards';
+import { IdempotencyInterceptor, SetCreatedByOnBody, SetDeletedByOnBody, SetUpdateByOnBody, Slug } from '../interceptors';
 import { applyDecorators, Body, HttpCode, HttpStatus, Param, Post, Query, UseGuards, UseInterceptors, Version, VERSION_NEUTRAL } from '@nestjs/common';
 import { ApiBearerAuth, ApiBody, ApiHeader, ApiOperation, ApiParam, ApiQuery, ApiResponse } from '@nestjs/swagger';
 import { plainToInstance } from 'class-transformer';
@@ -94,8 +94,10 @@ import { ApiResponseDto } from '../decorators/api-response.decorator';
     // 2. It's an object with 'level' property but no endpoint keys
     const isGlobalSecurity = typeof securityConfig === 'string' || securityConfig && typeof securityConfig === 'object' && 'level' in securityConfig && !endpointKeys.some((key)=>key in securityConfig);
     // Normalize security config for each endpoint
+    // IMPORTANT: When per-endpoint security is specified, default to 'jwt' for unconfigured endpoints
+    // to prevent accidentally exposing endpoints without authentication
     const defaultSecurity = isGlobalSecurity ? normalizeSecurity(securityConfig) : {
-        level: 'public'
+        level: 'jwt'
     };
     const security = {
         insert: isGlobalSecurity ? defaultSecurity : normalizeSecurity(securityConfig?.insert),
@@ -337,16 +339,7 @@ import { ApiResponseDto } from '../decorators/api-response.decorator';
         HttpCode(HttpStatus.OK),
         ApiOperation({
             summary: 'Get all items with filters and pagination',
-            description: `
-Retrieves items with support for:
-- **filter**: Apply field-based filters (e.g., \`{ "isActive": true }\`)
-- **pagination**: Control page and page size
-- **sort**: Order by any field (e.g., \`{ "createdAt": "DESC" }\`)
-- **select**: Choose specific fields to return
-- **withDeleted**: Include soft-deleted items
-- **extraKey**: Include additional relations
-- **q** (query param): Global text search
-      `
+            description: 'Supports filter, pagination, sort, select, withDeleted, and q (search) params'
         }),
         ApiQuery({
             name: 'q',
@@ -375,15 +368,7 @@ Retrieves items with support for:
         HttpCode(HttpStatus.OK),
         ApiOperation({
             summary: 'Delete, restore, or permanently remove items',
-            description: `
-Performs one of three actions:
-
-- **"delete"** (soft delete): Marks items as deleted but keeps in database
-- **"restore"**: Reverts soft-deleted items to active
-- **"permanent"**: Completely removes items from database
-
-Supports single ID or array of IDs for batch operations.
-      `
+            description: 'Types: delete (soft), restore, permanent. Supports batch IDs.'
         }),
         ApiResponse({
             status: 200,

package/fesm/classes/api-service.class.js

@@ -16,116 +16,52 @@ import { Logger, NotFoundException } from '@nestjs/common';
 import { In } from 'typeorm';
 /** Generic API service with CRUD operations and caching support */ export class ApiService {
     async insert(dto, user) {
-        await this.ensureRepositoryInitialized();
-        const qr = this.repository.manager.connection.createQueryRunner();
-        await qr.connect();
-        await qr.startTransaction();
-        try {
+        return this.executeInTransaction('insert', async (qr)=>{
             await this.beforeInsertOperation(dto, user, qr);
             const entities = await this.convertRequestDtoToEntity(dto, user);
             const saved = await qr.manager.save(this.repository.target, entities);
-            await this.afterInsertOperation(saved, user, qr);
-            await qr.commitTransaction();
-            if (this.isCacheable) await Promise.all([
-                this.clearCacheForAll(),
-                this.clearCacheForId(Array.isArray(saved) ? saved : [
-                    saved
-                ])
-            ]);
-            const first = Array.isArray(saved) ? saved[0] : saved;
-            return this.convertEntityToResponseDto(first, false);
-        } catch (error) {
-            await qr.rollbackTransaction();
-            this.handleError(error, 'insert');
-        } finally{
-            await qr.release();
-        }
+            await this.afterInsertOperation(this.ensureArray(saved), user, qr);
+            return {
+                saved,
+                returnFirst: true
+            };
+        });
     }
     async insertMany(dtos, user) {
-        await this.ensureRepositoryInitialized();
-        const qr = this.repository.manager.connection.createQueryRunner();
-        await qr.connect();
-        await qr.startTransaction();
-        try {
+        return this.executeInTransaction('insertMany', async (qr)=>{
             await this.beforeInsertOperation(dtos, user, qr);
             const entities = await this.convertRequestDtoToEntity(dtos, user);
             const saved = await qr.manager.save(this.repository.target, entities);
-            await this.afterInsertOperation(Array.isArray(saved) ? saved : [
-                saved
-            ], user, qr);
-            await qr.commitTransaction();
-            if (this.isCacheable) await Promise.all([
-                this.clearCacheForAll(),
-                this.clearCacheForId(Array.isArray(saved) ? saved : [
-                    saved
-                ])
-            ]);
-            const list = (Array.isArray(saved) ? saved : [
-                saved
-            ]).map((e)=>this.convertEntityToResponseDto(e, false));
-            return list;
-        } catch (error) {
-            await qr.rollbackTransaction();
-            this.handleError(error, 'insertMany');
-        } finally{
-            await qr.release();
-        }
+            await this.afterInsertOperation(this.ensureArray(saved), user, qr);
+            return {
+                saved,
+                returnFirst: false
+            };
+        });
     }
     async update(dto, user) {
-        await this.ensureRepositoryInitialized();
-        const qr = this.repository.manager.connection.createQueryRunner();
-        await qr.connect();
-        await qr.startTransaction();
-        try {
+        return this.executeInTransaction('update', async (qr)=>{
             await this.beforeUpdateOperation(dto, user, qr);
             const entities = await this.convertRequestDtoToEntity(dto, user);
             const saved = await qr.manager.save(this.repository.target, entities);
-            await this.afterUpdateOperation(saved, user, qr);
-            await qr.commitTransaction();
-            if (this.isCacheable) await Promise.all([
-                this.clearCacheForAll(),
-                this.clearCacheForId(Array.isArray(saved) ? saved : [
-                    saved
-                ])
-            ]);
-            const first = Array.isArray(saved) ? saved[0] : saved;
-            return this.convertEntityToResponseDto(first, false);
-        } catch (error) {
-            await qr.rollbackTransaction();
-            this.handleError(error, 'update');
-        } finally{
-            await qr.release();
-        }
+            await this.afterUpdateOperation(this.ensureArray(saved), user, qr);
+            return {
+                saved,
+                returnFirst: true
+            };
+        });
     }
     async updateMany(dtos, user) {
-        await this.ensureRepositoryInitialized();
-        const qr = this.repository.manager.connection.createQueryRunner();
-        await qr.connect();
-        await qr.startTransaction();
-        try {
+        return this.executeInTransaction('updateMany', async (qr)=>{
             await this.beforeUpdateOperation(dtos, user, qr);
             const entities = await this.convertRequestDtoToEntity(dtos, user);
             const saved = await qr.manager.save(this.repository.target, entities);
-            await this.afterUpdateOperation(Array.isArray(saved) ? saved : [
-                saved
-            ], user, qr);
-            await qr.commitTransaction();
-            if (this.isCacheable) await Promise.all([
-                this.clearCacheForAll(),
-                this.clearCacheForId(Array.isArray(saved) ? saved : [
-                    saved
-                ])
-            ]);
-            const list = (Array.isArray(saved) ? saved : [
-                saved
-            ]).map((e)=>this.convertEntityToResponseDto(e, false));
-            return list;
-        } catch (error) {
-            await qr.rollbackTransaction();
-            this.handleError(error, 'updateMany');
-        } finally{
-            await qr.release();
-        }
+            await this.afterUpdateOperation(this.ensureArray(saved), user, qr);
+            return {
+                saved,
+                returnFirst: false
+            };
+        });
     }
     async findByIds(ids, user) {
         await this.ensureRepositoryInitialized();
@@ -344,6 +280,37 @@ import { In } from 'typeorm';
         });
         ErrorHandler.rethrowError(error);
     }
+    /** Ensures value is always an array */ ensureArray(value) {
+        return Array.isArray(value) ? value : [
+            value
+        ];
+    }
+    /** Executes operation in transaction with automatic cache clearing */ async executeInTransaction(operation, fn) {
+        await this.ensureRepositoryInitialized();
+        const qr = this.repository.manager.connection.createQueryRunner();
+        await qr.connect();
+        await qr.startTransaction();
+        try {
+            const { saved, returnFirst } = await fn(qr);
+            await qr.commitTransaction();
+            const savedArray = this.ensureArray(saved);
+            if (this.isCacheable) {
+                await Promise.all([
+                    this.clearCacheForAll(),
+                    this.clearCacheForId(savedArray)
+                ]);
+            }
+            if (returnFirst) {
+                return this.convertEntityToResponseDto(savedArray[0], false);
+            }
+            return savedArray.map((e)=>this.convertEntityToResponseDto(e, false));
+        } catch (error) {
+            await qr.rollbackTransaction();
+            this.handleError(error, operation);
+        } finally{
+            await qr.release();
+        }
+    }
     // Hooks (override in child classes)
     async ensureRepositoryInitialized() {}
     async beforeInsertOperation(_dto, _user, _queryRunner) {}

package/fesm/classes/index.js

@@ -4,3 +4,5 @@ export * from './request-scoped-api.service';
 export * from './hybrid-cache.class';
 export * from './winston-logger-adapter.class';
 export * from './winston.logger.class';
+// Re-export permission constants for convenience
+export * from '../constants/permissions';

package/fesm/classes/winston-logger-adapter.class.js

@@ -44,46 +44,31 @@ import { getRequestId, getUserId, getTenantId, getCompanyId } from '../middlewar
  * // Output: { requestId: 'uuid', userId: 'user-id', context: 'MyService', message: 'Operation completed', orderId: '123' }
  * ```
  */ export class WinstonLoggerAdapter {
-    log(message, context, ...args) {
-        const meta = args.length > 0 && typeof args[0] === 'object' ? args[0] : {};
-        winstonLogger.info(message, {
+    buildLogMeta(context, args, extra) {
+        const meta = args?.length && typeof args[0] === 'object' ? args[0] : {};
+        return {
             context: context || this.context,
             ...getCorrelationMeta(),
-            ...meta
-        });
+            ...meta,
+            ...extra
+        };
+    }
+    log(message, context, ...args) {
+        winstonLogger.info(message, this.buildLogMeta(context, args));
     }
     error(message, trace, context, ...args) {
-        const meta = args.length > 0 && typeof args[0] === 'object' ? args[0] : {};
-        winstonLogger.error(message, {
-            context: context || this.context,
-            stack: trace,
-            ...getCorrelationMeta(),
-            ...meta
-        });
+        winstonLogger.error(message, this.buildLogMeta(context, args, {
+            stack: trace
+        }));
     }
     warn(message, context, ...args) {
-        const meta = args.length > 0 && typeof args[0] === 'object' ? args[0] : {};
-        winstonLogger.warn(message, {
-            context: context || this.context,
-            ...getCorrelationMeta(),
-            ...meta
-        });
+        winstonLogger.warn(message, this.buildLogMeta(context, args));
     }
     debug(message, context, ...args) {
-        const meta = args.length > 0 && typeof args[0] === 'object' ? args[0] : {};
-        winstonLogger.debug(message, {
-            context: context || this.context,
-            ...getCorrelationMeta(),
-            ...meta
-        });
+        winstonLogger.debug(message, this.buildLogMeta(context, args));
     }
     verbose(message, context, ...args) {
-        const meta = args.length > 0 && typeof args[0] === 'object' ? args[0] : {};
-        winstonLogger.verbose(message, {
-            context: context || this.context,
-            ...getCorrelationMeta(),
-            ...meta
-        });
+        winstonLogger.verbose(message, this.buildLogMeta(context, args));
     }
     constructor(context){
         _define_property(this, "context", void 0);
@@ -97,25 +82,23 @@ import { getRequestId, getUserId, getTenantId, getCompanyId } from '../middlewar
  * Use this when you need to use NestJS's built-in logger
  * instead of Winston (e.g., for testing)
  */ export class NestLoggerAdapter {
+    formatMessage(message, args) {
+        return args?.length ? `${message} ${JSON.stringify(args)}` : message;
+    }
     log(message, context, ...args) {
-        const logMessage = args.length > 0 ? `${message} ${JSON.stringify(args)}` : message;
-        this.logger.log(logMessage, context);
+        this.logger.log(this.formatMessage(message, args), context);
     }
     error(message, trace, context, ...args) {
-        const logMessage = args.length > 0 ? `${message} ${JSON.stringify(args)}` : message;
-        this.logger.error(logMessage, trace, context);
+        this.logger.error(this.formatMessage(message, args), trace, context);
     }
     warn(message, context, ...args) {
-        const logMessage = args.length > 0 ? `${message} ${JSON.stringify(args)}` : message;
-        this.logger.warn(logMessage, context);
+        this.logger.warn(this.formatMessage(message, args), context);
     }
     debug(message, context, ...args) {
-        const logMessage = args.length > 0 ? `${message} ${JSON.stringify(args)}` : message;
-        this.logger.debug(logMessage, context);
+        this.logger.debug(this.formatMessage(message, args), context);
     }
     verbose(message, context, ...args) {
-        const logMessage = args.length > 0 ? `${message} ${JSON.stringify(args)}` : message;
-        this.logger.verbose(logMessage, context);
+        this.logger.verbose(this.formatMessage(message, args), context);
     }
     constructor(logger){
         _define_property(this, "logger", void 0);

package/fesm/constants/index.js

@@ -12,3 +12,5 @@ export const CLIENT_TYPE_HEADER = 'x-client-type';
 // Cache key prefixes
 export const PERMISSIONS_CACHE_PREFIX = 'permissions';
 export const IDEMPOTENCY_CACHE_PREFIX = 'idempotency';
+// Permission codes
+export * from './permissions';