@fuzdev/fuz_app 0.30.0 → 0.31.0

package/dist/ui/admin_invites_state.svelte.js

@@ -1,45 +1,56 @@
 /**
  * Reactive state for admin invite management.
  *
+ * Flows every operation through an injected `AdminInvitesRpc` adapter — the
+ * class stays decoupled from the concrete RPC client so tests can inject
+ * plain-function stubs. Mirrors `AdminAccountsRpc` / `AuditLogRpc`.
+ *
  * @module
  */
 import { SvelteSet } from 'svelte/reactivity';
+import { create_context } from '@fuzdev/fuz_ui/context_helpers.js';
 import { Loadable } from './loadable.svelte.js';
-import { parse_response_error, ui_fetch } from './ui_fetch.js';
+/**
+ * Svelte context carrying the reactive `AdminInvitesRpc` accessor. Mirrors
+ * `admin_accounts_rpc_context`. Unset context falls back to `() => null`.
+ */
+export const admin_invites_rpc_context = create_context(() => () => null);
 export class AdminInvitesState extends Loadable {
+    #get_rpc;
     invites = $state.raw([]);
     creating = $state.raw(false);
     deleting_ids = new SvelteSet();
     invite_count = $derived(this.invites.length);
     unclaimed_count = $derived(this.invites.filter((i) => !i.claimed_at).length);
+    constructor(options) {
+        super();
+        this.#get_rpc = options?.get_rpc ?? (() => null);
+    }
+    /** True when an RPC adapter is wired. All ops require it. */
+    get has_rpc() {
+        return this.#get_rpc() !== null;
+    }
     async fetch() {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         await this.run(async () => {
-            const response = await ui_fetch('/api/admin/invites');
-            if (!response.ok) {
-                throw new Error(await parse_response_error(response, 'Failed to fetch invites'));
-            }
-            const data = await response.json();
-            this.invites = data.invites ?? [];
+            const { invites } = await rpc.list();
+            this.invites = invites;
         });
     }
     async create_invite(email, username) {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return false;
+        }
         this.creating = true;
         this.error = null;
         try {
-            const body = {};
-            if (email)
-                body.email = email;
-            if (username)
-                body.username = username;
-            const response = await ui_fetch('/api/admin/invites', {
-                method: 'POST',
-                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify(body),
-            });
-            if (!response.ok) {
-                this.error = await parse_response_error(response);
-                return false;
-            }
+            await rpc.create({ email: email ?? null, username: username ?? null });
             await this.fetch();
             return true;
         }
@@ -52,13 +63,14 @@ export class AdminInvitesState extends Loadable {
         }
     }
     async delete_invite(id) {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         this.deleting_ids.add(id);
         try {
-            const response = await ui_fetch(`/api/admin/invites/${id}`, { method: 'DELETE' });
-            if (!response.ok) {
-                this.error = await parse_response_error(response);
-                return;
-            }
+            await rpc.delete({ invite_id: id });
             await this.fetch();
         }
         catch (e) {

package/dist/ui/admin_sessions_state.svelte.d.ts

@@ -1,16 +1,42 @@
 /**
  * Reactive state for admin session overview.
  *
+ * Both the listing and the two revoke-all mutations flow through the shared
+ * `AdminAccountsRpc` adapter (`list_sessions`, `session_revoke_all`,
+ * `token_revoke_all`). The former REST `GET /api/admin/sessions` route moved
+ * to the `admin_session_list` RPC method in the 2026-04-23 migration.
+ *
  * @module
  */
 import { SvelteSet } from 'svelte/reactivity';
 import { Loadable } from './loadable.svelte.js';
+import type { AdminAccountsRpc } from './admin_accounts_state.svelte.js';
 import type { AdminSessionJson } from '../auth/audit_log_schema.js';
+/**
+ * Options for `AdminSessionsState`.
+ *
+ * The RPC adapter drives every operation (listing + the two revoke-all
+ * mutations). Without it, `fetch` and the revoke controls no-op with
+ * `'rpc adapter not wired'` on `error`.
+ */
+export interface AdminSessionsStateOptions {
+    /**
+     * Reactive accessor for the RPC adapter; returns `null` when unwired.
+     * Mirrors `AdminAccountsStateOptions.get_rpc` so a single adapter
+     * instance backs both states without tripping Svelte's
+     * `state_referenced_locally` warning.
+     */
+    get_rpc?: () => AdminAccountsRpc | null;
+}
 export declare class AdminSessionsState extends Loadable {
+    #private;
     sessions: Array<AdminSessionJson>;
     readonly revoking_account_ids: SvelteSet<string>;
     readonly revoking_token_account_ids: SvelteSet<string>;
     readonly active_count: number;
+    constructor(options?: AdminSessionsStateOptions);
+    /** True when an RPC adapter is wired. `fetch` and the revoke controls no-op without it. */
+    get has_rpc(): boolean;
     fetch(): Promise<void>;
     revoke_all_for_account(account_id: string): Promise<void>;
     revoke_all_tokens_for_account(account_id: string): Promise<void>;

package/dist/ui/admin_sessions_state.svelte.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"admin_sessions_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_sessions_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAC,SAAS,EAAC,MAAM,mBAAmB,CAAC;AAE5C,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAE9C,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,6BAA6B,CAAC;AAElE,qBAAa,kBAAmB,SAAQ,QAAQ;IAC/C,QAAQ,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAkB;IACnD,QAAQ,CAAC,oBAAoB,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IACnE,QAAQ,CAAC,0BAA0B,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAEzE,QAAQ,CAAC,YAAY,SAAkC;IAEjD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAWtB,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBzD,6BAA6B,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAiBtE"}
+{"version":3,"file":"admin_sessions_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_sessions_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAC,SAAS,EAAC,MAAM,mBAAmB,CAAC;AAE5C,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,kCAAkC,CAAC;AACvE,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,6BAA6B,CAAC;AAElE;;;;;;GAMG;AACH,MAAM,WAAW,yBAAyB;IACzC;;;;;OAKG;IACH,OAAO,CAAC,EAAE,MAAM,gBAAgB,GAAG,IAAI,CAAC;CACxC;AAED,qBAAa,kBAAmB,SAAQ,QAAQ;;IAG/C,QAAQ,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAkB;IACnD,QAAQ,CAAC,oBAAoB,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IACnE,QAAQ,CAAC,0BAA0B,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAEzE,QAAQ,CAAC,YAAY,SAAkC;gBAE3C,OAAO,CAAC,EAAE,yBAAyB;IAK/C,2FAA2F;IAC3F,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAYtB,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBzD,6BAA6B,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAiBtE"}

package/dist/ui/admin_sessions_state.svelte.js

@@ -1,36 +1,50 @@
 /**
  * Reactive state for admin session overview.
  *
+ * Both the listing and the two revoke-all mutations flow through the shared
+ * `AdminAccountsRpc` adapter (`list_sessions`, `session_revoke_all`,
+ * `token_revoke_all`). The former REST `GET /api/admin/sessions` route moved
+ * to the `admin_session_list` RPC method in the 2026-04-23 migration.
+ *
  * @module
  */
 import { SvelteSet } from 'svelte/reactivity';
 import { Loadable } from './loadable.svelte.js';
-import { parse_response_error, ui_fetch } from './ui_fetch.js';
 export class AdminSessionsState extends Loadable {
+    #get_rpc;
     sessions = $state.raw([]);
     revoking_account_ids = new SvelteSet();
     revoking_token_account_ids = new SvelteSet();
     active_count = $derived(this.sessions.length);
+    constructor(options) {
+        super();
+        this.#get_rpc = options?.get_rpc ?? (() => null);
+    }
+    /** True when an RPC adapter is wired. `fetch` and the revoke controls no-op without it. */
+    get has_rpc() {
+        return this.#get_rpc() !== null;
+    }
     async fetch() {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         await this.run(async () => {
-            const response = await ui_fetch('/api/admin/sessions');
-            if (!response.ok) {
-                throw new Error(await parse_response_error(response, 'Failed to fetch sessions'));
-            }
-            const data = await response.json();
-            this.sessions = data.sessions ?? [];
+            const { sessions } = await rpc.list_sessions();
+            this.sessions = sessions;
         });
     }
     async revoke_all_for_account(account_id) {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         this.revoking_account_ids.add(account_id);
         try {
-            const response = await ui_fetch(`/api/admin/accounts/${account_id}/sessions/revoke-all`, {
-                method: 'POST',
-            });
-            if (!response.ok) {
-                this.error = await parse_response_error(response);
-                return;
-            }
+            await rpc.session_revoke_all({ account_id });
+            this.error = null;
             await this.fetch();
         }
         catch (e) {
@@ -41,15 +55,15 @@ export class AdminSessionsState extends Loadable {
         }
     }
     async revoke_all_tokens_for_account(account_id) {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         this.revoking_token_account_ids.add(account_id);
         try {
-            const response = await ui_fetch(`/api/admin/accounts/${account_id}/tokens/revoke-all`, {
-                method: 'POST',
-            });
-            if (!response.ok) {
-                this.error = await parse_response_error(response);
-                return;
-            }
+            await rpc.token_revoke_all({ account_id });
+            this.error = null;
             await this.fetch();
         }
         catch (e) {

package/dist/ui/app_settings_state.svelte.d.ts

@@ -1,13 +1,52 @@
 /**
  * Reactive state for admin app settings management.
  *
+ * Flows every operation through an injected `AppSettingsRpc` adapter — mirrors
+ * `AdminInvitesRpc` / `AuditLogRpc`. Tests can inject plain-function stubs
+ * and consumers adapt their typed RPC client to the same shape.
+ *
  * @module
  */
 import { Loadable } from './loadable.svelte.js';
 import type { AppSettingsWithUsernameJson } from '../auth/app_settings_schema.js';
+/**
+ * Narrow RPC surface consumed by `AppSettingsState`. Consumers adapt their
+ * typed RPC client to this shape.
+ */
+export interface AppSettingsRpc {
+    get: () => Promise<{
+        settings: AppSettingsWithUsernameJson;
+    }>;
+    update: (params: {
+        open_signup: boolean;
+    }) => Promise<{
+        ok: true;
+        settings: AppSettingsWithUsernameJson;
+    }>;
+}
+/**
+ * Svelte context carrying the reactive `AppSettingsRpc` accessor. Mirrors
+ * `admin_accounts_rpc_context`. Unset context falls back to `() => null` so
+ * `OpenSignupToggle` mounted outside a provisioner hides gracefully.
+ */
+export declare const app_settings_rpc_context: {
+    get: () => () => AppSettingsRpc | null;
+    set: (value?: (() => AppSettingsRpc | null) | undefined) => () => AppSettingsRpc | null;
+};
+export interface AppSettingsStateOptions {
+    /**
+     * Reactive accessor for the RPC adapter. `null` disables all operations
+     * (the state reports a descriptive error when fetch/update fires).
+     */
+    get_rpc?: () => AppSettingsRpc | null;
+}
 export declare class AppSettingsState extends Loadable {
+    #private;
     settings: AppSettingsWithUsernameJson | null;
     updating: boolean;
+    constructor(options?: AppSettingsStateOptions);
+    /** True when an RPC adapter is wired. All ops require it. */
+    get has_rpc(): boolean;
     fetch(): Promise<void>;
     update_open_signup(value: boolean): Promise<void>;
 }

package/dist/ui/app_settings_state.svelte.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"app_settings_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/app_settings_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAE9C,OAAO,KAAK,EAAC,2BAA2B,EAAC,MAAM,gCAAgC,CAAC;AAEhF,qBAAa,gBAAiB,SAAQ,QAAQ;IAC7C,QAAQ,EAAE,2BAA2B,GAAG,IAAI,CAAoB;IAChE,QAAQ,UAAqB;IAEvB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAWtB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;CAqBvD"}
+{"version":3,"file":"app_settings_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/app_settings_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAAC,2BAA2B,EAAC,MAAM,gCAAgC,CAAC;AAEhF;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC9B,GAAG,EAAE,MAAM,OAAO,CAAC;QAAC,QAAQ,EAAE,2BAA2B,CAAA;KAAC,CAAC,CAAC;IAC5D,MAAM,EAAE,CAAC,MAAM,EAAE;QAChB,WAAW,EAAE,OAAO,CAAC;KACrB,KAAK,OAAO,CAAC;QAAC,EAAE,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,2BAA2B,CAAA;KAAC,CAAC,CAAC;CACjE;AAED;;;;GAIG;AACH,eAAO,MAAM,wBAAwB;qBAAwB,cAAc,GAAG,IAAI;yBAArB,cAAc,GAAG,IAAI,wBAArB,cAAc,GAAG,IAAI;CAEjF,CAAC;AAEF,MAAM,WAAW,uBAAuB;IACvC;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,cAAc,GAAG,IAAI,CAAC;CACtC;AAED,qBAAa,gBAAiB,SAAQ,QAAQ;;IAG7C,QAAQ,EAAE,2BAA2B,GAAG,IAAI,CAAoB;IAChE,QAAQ,UAAqB;gBAEjB,OAAO,CAAC,EAAE,uBAAuB;IAK7C,6DAA6D;IAC7D,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAYtB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;CAiBvD"}

package/dist/ui/app_settings_state.svelte.js

@@ -1,38 +1,54 @@
 /**
  * Reactive state for admin app settings management.
  *
+ * Flows every operation through an injected `AppSettingsRpc` adapter — mirrors
+ * `AdminInvitesRpc` / `AuditLogRpc`. Tests can inject plain-function stubs
+ * and consumers adapt their typed RPC client to the same shape.
+ *
  * @module
  */
+import { create_context } from '@fuzdev/fuz_ui/context_helpers.js';
 import { Loadable } from './loadable.svelte.js';
-import { parse_response_error, ui_fetch } from './ui_fetch.js';
+/**
+ * Svelte context carrying the reactive `AppSettingsRpc` accessor. Mirrors
+ * `admin_accounts_rpc_context`. Unset context falls back to `() => null` so
+ * `OpenSignupToggle` mounted outside a provisioner hides gracefully.
+ */
+export const app_settings_rpc_context = create_context(() => () => null);
 export class AppSettingsState extends Loadable {
+    #get_rpc;
     settings = $state.raw(null);
     updating = $state.raw(false);
+    constructor(options) {
+        super();
+        this.#get_rpc = options?.get_rpc ?? (() => null);
+    }
+    /** True when an RPC adapter is wired. All ops require it. */
+    get has_rpc() {
+        return this.#get_rpc() !== null;
+    }
     async fetch() {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         await this.run(async () => {
-            const response = await ui_fetch('/api/admin/settings');
-            if (!response.ok) {
-                throw new Error(await parse_response_error(response, 'Failed to fetch settings'));
-            }
-            const data = await response.json();
-            this.settings = data.settings ?? null;
+            const { settings } = await rpc.get();
+            this.settings = settings;
         });
     }
     async update_open_signup(value) {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         this.updating = true;
         this.error = null;
         try {
-            const response = await ui_fetch('/api/admin/settings', {
-                method: 'PATCH',
-                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify({ open_signup: value }),
-            });
-            if (!response.ok) {
-                this.error = await parse_response_error(response);
-                return;
-            }
-            const data = await response.json();
-            this.settings = data.settings ?? null;
+            const { settings } = await rpc.update({ open_signup: value });
+            this.settings = settings;
         }
         catch (e) {
             this.error = e instanceof Error ? e.message : 'Failed to update settings';

package/dist/ui/audit_log_state.svelte.d.ts

@@ -1,8 +1,10 @@
 /**
  * Reactive state for the audit log viewer.
  *
- * Supports both fetch-based pagination and realtime SSE streaming.
- * SSE events are prepended to the list; use `fetch()` for initial load and filters.
+ * Two fetch primitives (`fetch` for events, `fetch_permit_history` for the
+ * grant/revoke shortcut) flow through an injected RPC adapter; the SSE
+ * stream continues to use `EventSource` directly — streams aren't an RPC
+ * concern.
  *
  * @module
  */
@@ -14,6 +16,39 @@ export interface AuditLogFetchOptions {
     account_id?: string;
     limit?: number;
     offset?: number;
+    since_seq?: number;
+}
+/**
+ * Narrow RPC surface consumed by `AuditLogState`. Consumers adapt their typed
+ * RPC client to this shape. Mirrors `AdminAccountsRpc` / `AdminInvitesRpc`.
+ */
+export interface AuditLogRpc {
+    list: (options?: AuditLogFetchOptions) => Promise<{
+        events: Array<AuditLogEventWithUsernamesJson>;
+    }>;
+    permit_history: (params?: {
+        limit?: number;
+        offset?: number;
+    }) => Promise<{
+        events: Array<PermitHistoryEventJson>;
+    }>;
+}
+/**
+ * Svelte context carrying the reactive `AuditLogRpc` accessor. Mirrors
+ * `admin_accounts_rpc_context`. Unset context falls back to `() => null`.
+ */
+export declare const audit_log_rpc_context: {
+    get: () => () => AuditLogRpc | null;
+    set: (value?: (() => AuditLogRpc | null) | undefined) => () => AuditLogRpc | null;
+};
+export interface AuditLogStateOptions {
+    /**
+     * Reactive accessor for the RPC adapter. Matches the `get_rpc` pattern on
+     * `AdminAccountsState` — `null` disables fetch operations (SSE still works).
+     */
+    get_rpc?: () => AuditLogRpc | null;
+    /** SSE stream URL. Defaults to the shipped admin audit-log stream route. */
+    stream_url?: string;
 }
 export declare class AuditLogState extends Loadable {
     #private;
@@ -22,7 +57,9 @@ export declare class AuditLogState extends Loadable {
     readonly count: number;
     /** Whether the SSE stream is currently connected. */
     connected: boolean;
-    constructor(stream_url?: string);
+    constructor(options?: AuditLogStateOptions);
+    /** True when an RPC adapter is wired. `fetch`/`fetch_permit_history` no-op without it. */
+    get has_rpc(): boolean;
     fetch(options?: AuditLogFetchOptions): Promise<void>;
     fetch_permit_history(limit?: number, offset?: number): Promise<void>;
     /**

package/dist/ui/audit_log_state.svelte.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit_log_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/audit_log_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAE9C,OAAO,KAAK,EAEX,8BAA8B,EAC9B,sBAAsB,EACtB,MAAM,6BAA6B,CAAC;AAGrC,6CAA6C;AAC7C,MAAM,WAAW,oBAAoB;IACpC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,aAAc,SAAQ,QAAQ;;IAC1C,MAAM,EAAE,KAAK,CAAC,8BAA8B,CAAC,CAAkB;IAC/D,qBAAqB,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAkB;IAEtE,QAAQ,CAAC,KAAK,SAAgC;IAE9C,qDAAqD;IACrD,SAAS,UAAqB;gBAWlB,UAAU,SAAgC;IAKhD,KAAK,CAAC,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBpD,oBAAoB,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgB1E;;;;;;;OAOG;IACH,SAAS,IAAI,MAAM,IAAI;IA0CvB,gCAAgC;IAChC,UAAU,IAAI,IAAI;CAmClB"}
+{"version":3,"file":"audit_log_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/audit_log_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAEX,8BAA8B,EAC9B,sBAAsB,EACtB,MAAM,6BAA6B,CAAC;AAGrC,6CAA6C;AAC7C,MAAM,WAAW,oBAAoB;IACpC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC3B,IAAI,EAAE,CACL,OAAO,CAAC,EAAE,oBAAoB,KAC1B,OAAO,CAAC;QAAC,MAAM,EAAE,KAAK,CAAC,8BAA8B,CAAC,CAAA;KAAC,CAAC,CAAC;IAC9D,cAAc,EAAE,CAAC,MAAM,CAAC,EAAE;QACzB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAC;KAChB,KAAK,OAAO,CAAC;QAAC,MAAM,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;KAAC,CAAC,CAAC;CACvD;AAED;;;GAGG;AACH,eAAO,MAAM,qBAAqB;qBAAwB,WAAW,GAAG,IAAI;yBAAlB,WAAW,GAAG,IAAI,wBAAlB,WAAW,GAAG,IAAI;CAAmB,CAAC;AAEhG,MAAM,WAAW,oBAAoB;IACpC;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,WAAW,GAAG,IAAI,CAAC;IACnC,4EAA4E;IAC5E,UAAU,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,aAAc,SAAQ,QAAQ;;IAG1C,MAAM,EAAE,KAAK,CAAC,8BAA8B,CAAC,CAAkB;IAC/D,qBAAqB,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAkB;IAEtE,QAAQ,CAAC,KAAK,SAAgC;IAE9C,qDAAqD;IACrD,SAAS,UAAqB;gBAWlB,OAAO,CAAC,EAAE,oBAAoB;IAM1C,0FAA0F;IAC1F,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,CAAC,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAapD,oBAAoB,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY1E;;;;;;;OAOG;IACH,SAAS,IAAI,MAAM,IAAI;IA0CvB,gCAAgC;IAChC,UAAU,IAAI,IAAI;CAiClB"}

package/dist/ui/audit_log_state.svelte.js

@@ -1,15 +1,23 @@
 /**
  * Reactive state for the audit log viewer.
  *
- * Supports both fetch-based pagination and realtime SSE streaming.
- * SSE events are prepended to the list; use `fetch()` for initial load and filters.
+ * Two fetch primitives (`fetch` for events, `fetch_permit_history` for the
+ * grant/revoke shortcut) flow through an injected RPC adapter; the SSE
+ * stream continues to use `EventSource` directly — streams aren't an RPC
+ * concern.
  *
  * @module
  */
 import { DEV } from 'esm-env';
+import { create_context } from '@fuzdev/fuz_ui/context_helpers.js';
 import { Loadable } from './loadable.svelte.js';
-import { parse_response_error, ui_fetch } from './ui_fetch.js';
+/**
+ * Svelte context carrying the reactive `AuditLogRpc` accessor. Mirrors
+ * `admin_accounts_rpc_context`. Unset context falls back to `() => null`.
+ */
+export const audit_log_rpc_context = create_context(() => () => null);
 export class AuditLogState extends Loadable {
+    #get_rpc;
     events = $state.raw([]);
     permit_history_events = $state.raw([]);
     count = $derived(this.events.length);
@@ -21,48 +29,36 @@ export class AuditLogState extends Loadable {
     #event_source = null;
     /** Path to the SSE stream endpoint. */
     #stream_url;
-    constructor(stream_url = '/api/admin/audit-log/stream') {
+    constructor(options) {
         super();
-        this.#stream_url = stream_url;
+        this.#get_rpc = options?.get_rpc ?? (() => null);
+        this.#stream_url = options?.stream_url ?? '/api/admin/audit-log/stream';
+    }
+    /** True when an RPC adapter is wired. `fetch`/`fetch_permit_history` no-op without it. */
+    get has_rpc() {
+        return this.#get_rpc() !== null;
     }
     async fetch(options) {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         await this.run(async () => {
-            const params = new URLSearchParams();
-            if (options?.event_type)
-                params.set('event_type', options.event_type);
-            if (options?.account_id)
-                params.set('account_id', options.account_id);
-            if (options?.limit != null)
-                params.set('limit', String(options.limit));
-            if (options?.offset != null)
-                params.set('offset', String(options.offset));
-            const qs = params.toString();
-            const url = `/api/admin/audit-log${qs ? `?${qs}` : ''}`;
-            const response = await ui_fetch(url);
-            if (!response.ok) {
-                throw new Error(await parse_response_error(response, 'Failed to fetch audit log'));
-            }
-            const data = await response.json();
-            this.events = data.events ?? [];
-            // track the highest seq for gap fill
+            const { events } = await rpc.list(options);
+            this.events = events;
             this.#update_last_seq(this.events);
         });
     }
     async fetch_permit_history(limit, offset) {
+        const rpc = this.#get_rpc();
+        if (!rpc) {
+            this.error = 'rpc adapter not wired';
+            return;
+        }
         await this.run(async () => {
-            const params = new URLSearchParams();
-            if (limit != null)
-                params.set('limit', String(limit));
-            if (offset != null)
-                params.set('offset', String(offset));
-            const qs = params.toString();
-            const url = `/api/admin/audit-log/permit-history${qs ? `?${qs}` : ''}`;
-            const response = await ui_fetch(url);
-            if (!response.ok) {
-                throw new Error(await parse_response_error(response, 'Failed to fetch permit history'));
-            }
-            const data = await response.json();
-            this.permit_history_events = data.events ?? [];
+            const { events } = await rpc.permit_history({ limit, offset });
+            this.permit_history_events = events;
         });
     }
     /**
@@ -123,13 +119,11 @@ export class AuditLogState extends Loadable {
     }
     /** Fetch events missed during disconnection, keyed by `since_seq`. */
     async #fill_gap(since_seq) {
+        const rpc = this.#get_rpc();
+        if (!rpc)
+            return;
         try {
-            const url = `/api/admin/audit-log?since_seq=${since_seq}&limit=200`;
-            const response = await ui_fetch(url);
-            if (!response.ok)
-                return;
-            const data = await response.json();
-            const gap_events = data.events ?? [];
+            const { events: gap_events } = await rpc.list({ since_seq, limit: 200 });
             if (gap_events.length === 0)
                 return;
             // merge — deduplicate by id, keep newest-first order

package/dist/ui/auth_state.svelte.d.ts

@@ -31,7 +31,7 @@
  *
  * @module
  */
-import { type Permit, type SessionAccount } from '../auth/account_schema.js';
+import { type ActorSummaryJson, type PermitSummaryJson, type SessionAccount } from '../auth/account_schema.js';
 /**
  * Svelte context for `AuthState`.
  * Use `auth_state_context.set(state)` in the provider and `auth_state_context.get()` to access.
@@ -46,8 +46,9 @@ export declare class AuthState {
     verified: boolean;
     verify_error: string | null;
     account: SessionAccount | null;
-    permits: Array<Permit>;
-    readonly active_permits: Array<Permit>;
+    actor: ActorSummaryJson | null;
+    permits: Array<PermitSummaryJson>;
+    readonly active_permits: Array<PermitSummaryJson>;
     readonly roles: Array<string>;
     /** True when bootstrap is available (no accounts exist yet). */
     needs_bootstrap: boolean;

package/dist/ui/auth_state.svelte.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/auth_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAKH,OAAO,EAAC,KAAK,MAAM,EAAoB,KAAK,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAE7F;;;GAGG;AACH,eAAO,MAAM,kBAAkB;;;;CAA8B,CAAC;AAE9D,qBAAa,SAAS;IACrB,SAAS,UAAqB;IAC9B,QAAQ,UAAqB;IAC7B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAoB;IAC/C,OAAO,EAAE,cAAc,GAAG,IAAI,CAAoB;IAClD,OAAO,EAAE,KAAK,CAAC,MAAM,CAAC,CAAkB;IACxC,QAAQ,CAAC,cAAc,EAAE,KAAK,CAAC,MAAM,CAAC,CAEpC;IACF,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAoD;IAEjF,gEAAgE;IAChE,eAAe,UAAqB;IAEpC;;;;;;OAMG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IA4BpC;;;;OAIG;IACG,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAwCjE;;;;OAIG;IACG,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAiCpF;;;;OAIG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4ClF;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAU7B"}
+{"version":3,"file":"auth_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/auth_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAKH,OAAO,EACN,KAAK,gBAAgB,EAErB,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACnB,MAAM,2BAA2B,CAAC;AAEnC;;;GAGG;AACH,eAAO,MAAM,kBAAkB;;;;CAA8B,CAAC;AAE9D,qBAAa,SAAS;IACrB,SAAS,UAAqB;IAC9B,QAAQ,UAAqB;IAC7B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAoB;IAC/C,OAAO,EAAE,cAAc,GAAG,IAAI,CAAoB;IAClD,KAAK,EAAE,gBAAgB,GAAG,IAAI,CAAoB;IAClD,OAAO,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAkB;IACnD,QAAQ,CAAC,cAAc,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAE/C;IACF,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAoD;IAEjF,gEAAgE;IAChE,eAAe,UAAqB;IAEpC;;;;;;OAMG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IA6BpC;;;;OAIG;IACG,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAwCjE;;;;OAIG;IACG,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAiCpF;;;;OAIG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4ClF;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;CAW7B"}

package/dist/ui/auth_state.svelte.js

@@ -33,7 +33,7 @@
  */
 import { create_context } from '@fuzdev/fuz_ui/context_helpers.js';
 import { ui_fetch } from './ui_fetch.js';
-import { is_permit_active } from '../auth/account_schema.js';
+import { is_permit_active, } from '../auth/account_schema.js';
 /**
  * Svelte context for `AuthState`.
  * Use `auth_state_context.set(state)` in the provider and `auth_state_context.get()` to access.
@@ -44,6 +44,7 @@ export class AuthState {
     verified = $state.raw(false);
     verify_error = $state.raw(null);
     account = $state.raw(null);
+    actor = $state.raw(null);
     permits = $state.raw([]);
     active_permits = $derived(this.permits.filter((p) => is_permit_active(p)));
     roles = $derived(this.active_permits.map((p) => p.role));
@@ -64,6 +65,7 @@ export class AuthState {
                 const data = await response.json();
                 this.verified = true;
                 this.account = data.account ?? null;
+                this.actor = data.actor ?? null;
                 this.permits = data.permits ?? [];
                 this.needs_bootstrap = false;
             }
@@ -233,6 +235,7 @@ export class AuthState {
         }
         this.verified = false;
         this.account = null;
+        this.actor = null;
         this.permits = [];
     }
 }