@fuzdev/fuz_app 0.33.0 → 0.35.0

package/dist/testing/rpc_helpers.d.ts

@@ -11,7 +11,7 @@ import type { SessionOptions } from '../auth/session_cookie.js';
  * a factory that takes an `AppServerContext` and returns endpoint specs. The
  * factory form is required when action handlers must close over the
  * per-test `ctx.app_settings` / `ctx.deps` (e.g. the canonical
- * `create_admin_rpc_actions(ctx.deps, {app_settings: ctx.app_settings})`
+ * `create_standard_rpc_actions(ctx.deps, {app_settings: ctx.app_settings})`
  * pattern). `create_app_server` resolves either shape natively; test helpers
  * forward the raw value to `app_options.rpc_endpoints` for live dispatch.
  */
@@ -28,9 +28,9 @@ export type RpcEndpointsSuiteOption = Array<RpcEndpointSpec> | ((ctx: AppServerC
  *
  * Safe as long as the factory is pure with respect to the endpoint `path`
  * and the action `spec.method` list — the canonical helpers
- * (`create_admin_rpc_actions`, `create_account_actions`, etc.) are. Factories
- * that return a different `path` based on `ctx` will produce a setup/runtime
- * mismatch; don't do that.
+ * (`create_standard_rpc_actions`, `create_admin_actions`, `create_account_actions`,
+ * etc.) are. Factories that return a different `path` based on `ctx` will
+ * produce a setup/runtime mismatch; don't do that.
  */
 export declare const resolve_rpc_endpoints_for_setup: (rpc_endpoints: RpcEndpointsSuiteOption, session_options: SessionOptions<string>) => Array<RpcEndpointSpec>;
 /**

package/dist/testing/rpc_helpers.js

@@ -24,9 +24,9 @@ import { create_stub_app_server_context } from './stubs.js';
  *
  * Safe as long as the factory is pure with respect to the endpoint `path`
  * and the action `spec.method` list — the canonical helpers
- * (`create_admin_rpc_actions`, `create_account_actions`, etc.) are. Factories
- * that return a different `path` based on `ctx` will produce a setup/runtime
- * mismatch; don't do that.
+ * (`create_standard_rpc_actions`, `create_admin_actions`, `create_account_actions`,
+ * etc.) are. Factories that return a different `path` based on `ctx` will
+ * produce a setup/runtime mismatch; don't do that.
  */
 export const resolve_rpc_endpoints_for_setup = (rpc_endpoints, session_options) => typeof rpc_endpoints === 'function'
     ? rpc_endpoints(create_stub_app_server_context(session_options))

package/dist/testing/schema_generators.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema_generators.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/schema_generators.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAE7B;;;;;;;;GAQG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AACtB,OAAO,EAKN,KAAK,YAAY,EACjB,MAAM,yBAAyB,CAAC;AAIjC;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAI,cAAc,CAAC,CAAC,OAAO,KAAG,MAAM,GAAG,IAShE,CAAC;AA+BF,qEAAqE;AACrE,eAAO,MAAM,oBAAoB,GAAI,OAAO,YAAY,EAAE,cAAc,CAAC,CAAC,OAAO,KAAG,OAkDnF,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,GAAI,MAAM,MAAM,EAAE,gBAAgB,CAAC,CAAC,SAAS,KAAG,MAa9E,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB,GAC/B,cAAc,CAAC,CAAC,OAAO,KACrB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAkB5B,CAAC"}
+{"version":3,"file":"schema_generators.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/schema_generators.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAE7B;;;;;;;;GAQG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AACtB,OAAO,EAKN,KAAK,YAAY,EACjB,MAAM,yBAAyB,CAAC;AAIjC;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAI,cAAc,CAAC,CAAC,OAAO,KAAG,MAAM,GAAG,IAShE,CAAC;AA+FF,qEAAqE;AACrE,eAAO,MAAM,oBAAoB,GAAI,OAAO,YAAY,EAAE,cAAc,CAAC,CAAC,OAAO,KAAG,OAkDnF,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,GAAI,MAAM,MAAM,EAAE,gBAAgB,CAAC,CAAC,SAAS,KAAG,MAa9E,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB,GAC/B,cAAc,CAAC,CAAC,OAAO,KACrB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAkB5B,CAAC"}

package/dist/testing/schema_generators.js

@@ -28,16 +28,71 @@ export const detect_format = (field_schema) => {
     }
     return null;
 };
-/** Generate a string that satisfies minLength/maxLength constraints via JSON Schema. */
+/**
+ * Extract a candidate value from a JSON Schema `pattern` when the shape is
+ * a fixed-length hex character class — covers blake3 (64-char lowercase hex),
+ * sha256, md5, and similar digest refinements. Returns `null` when the
+ * pattern doesn't match the expected shape.
+ */
+const generate_hex_pattern_value = (pattern) => {
+    const match = /^\^\[0-9a-f(?:A-F)?\]\{(\d+)\}\$$/.exec(pattern);
+    if (!match)
+        return null;
+    const n = Number(match[1]);
+    if (!Number.isInteger(n) || n <= 0)
+        return null;
+    return '0'.repeat(n);
+};
+/**
+ * Extract a candidate value from a JSON Schema `pattern` when the shape is a
+ * prefix-lengthed slug — a fixed literal prefix followed by `_` and a
+ * base64url-style character class of fixed length. Covers `ApiTokenId`
+ * (`tok_[A-Za-z0-9_-]{12}`) and any similarly-shaped branded id.
+ *
+ * Returns the prefix followed by the right number of `x` characters (which
+ * satisfy every base64url-style character class). Returns `null` when the
+ * pattern doesn't match the expected shape.
+ *
+ * Coverage today:
+ * - Prefix must start with a letter and be alphanumeric (e.g. `tok_`, `ses_`).
+ * - Character class must be exactly `[A-Za-z0-9_-]` (Zod passes the regex
+ *   source through verbatim — no character-class reordering).
+ * - Fixed-length quantifier `{N}`.
+ *
+ * Known gaps (will fall through to the absolute-path / URL candidates or
+ * the base `xxxxxxxxxx` string — may or may not satisfy the refinement):
+ * - Digit-only classes (e.g. `^ord_\d{8}$`) — `x`-fill fails.
+ * - Base64 with `+/=` (e.g. `^b64_[A-Za-z0-9+/=]{N}$`) — character class
+ *   doesn't match the detection regex. `x`-fill would still satisfy the
+ *   refinement if the detection were widened.
+ * - No-prefix fixed-length slugs (e.g. `^[A-Za-z0-9_-]{43}$` — daemon
+ *   token shape) are not matched here; see `generate_hex_pattern_value`
+ *   for the hex variant.
+ * Widen the detection regex when a new branded shape surfaces.
+ */
+const generate_prefix_slug_pattern_value = (pattern) => {
+    const match = /^\^([A-Za-z][A-Za-z0-9]*)_\[A-Za-z0-9_-\]\{(\d+)\}\$$/.exec(pattern);
+    if (!match)
+        return null;
+    const prefix = match[1];
+    const n = Number(match[2]);
+    if (!Number.isInteger(n) || n <= 0)
+        return null;
+    return `${prefix}_${'x'.repeat(n)}`;
+};
+/** Generate a string that satisfies minLength/maxLength/pattern constraints via JSON Schema. */
 const generate_valid_string = (field_schema) => {
     let min_length = 0;
     let max_length = Infinity;
+    let pattern = null;
     try {
         const json = z.toJSONSchema(field_schema);
         if (typeof json.minLength === 'number')
             min_length = json.minLength;
         if (typeof json.maxLength === 'number')
             max_length = json.maxLength;
+        if (typeof json.pattern === 'string')
+            pattern = json.pattern;
     }
     catch {
         // no constraints
@@ -48,6 +103,18 @@ const generate_valid_string = (field_schema) => {
     // If the base string fails, try common patterns before giving up.
     if (field_schema.safeParse(base).success)
         return base;
+    // Fixed-length hex refinement (blake3, sha256, etc.)
+    if (pattern) {
+        const hex = generate_hex_pattern_value(pattern);
+        if (hex !== null && field_schema.safeParse(hex).success)
+            return hex;
+    }
+    // Prefix-lengthed slug refinement (e.g. ApiTokenId: tok_[A-Za-z0-9_-]{12})
+    if (pattern) {
+        const slug = generate_prefix_slug_pattern_value(pattern);
+        if (slug !== null && field_schema.safeParse(slug).success)
+            return slug;
+    }
     // Absolute path refinement (e.g. DiskfilePath)
     const with_slash = '/' + base;
     if (field_schema.safeParse(with_slash).success)

package/dist/ui/admin_rpc_adapters.d.ts

@@ -4,7 +4,16 @@
  * Bridges a typed `rpc_call`-shaped function to the four narrow admin RPC
  * interfaces the state classes consume — `AdminAccountsRpc`,
  * `AdminInvitesRpc`, `AuditLogRpc`, `AppSettingsRpc`. Two calls at the
- * admin shell layout wire everything:
+ * admin shell layout wire everything.
+ *
+ * Intentionally admin-only despite the backend-side
+ * `create_standard_rpc_actions` rename (admin + permit-offer + account).
+ * Account-surface methods flow through `account_sessions_rpc_context`
+ * (wired at the self-service layout), and permit-offer methods that
+ * surface in the admin UI (`permit_offer_create`, `permit_revoke`,
+ * `permit_offer_retract`) live inside the `AdminAccountsRpc` interface —
+ * they belong to the admin UX, not a separate wire pairing. The UI side
+ * and backend factory names diverge by design.
  *
  * ```ts
  * import {create_throwing_rpc_call} from '@fuzdev/fuz_app/actions/rpc_client.js';

package/dist/ui/admin_rpc_adapters.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"admin_rpc_adapters.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_rpc_adapters.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAA6B,KAAK,gBAAgB,EAAC,MAAM,kCAAkC,CAAC;AACnG,OAAO,EAA4B,KAAK,eAAe,EAAC,MAAM,iCAAiC,CAAC;AAChG,OAAO,EAAwB,KAAK,WAAW,EAAC,MAAM,6BAA6B,CAAC;AACpF,OAAO,EAA2B,KAAK,cAAc,EAAC,MAAM,gCAAgC,CAAC;AAE7F;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,YAAY,GAAG,eAAe,CAAC;AAE3C,sEAAsE;AACtE,MAAM,WAAW,gBAAgB;IAChC,cAAc,EAAE,gBAAgB,CAAC;IACjC,aAAa,EAAE,eAAe,CAAC;IAC/B,SAAS,EAAE,WAAW,CAAC;IACvB,YAAY,EAAE,cAAc,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,eAAO,MAAM,yBAAyB,GAAI,UAAU,YAAY,KAAG,gBAuBjE,CAAC;AAEH;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,0BAA0B,GAAI,UAAU,gBAAgB,KAAG,IAKvE,CAAC"}
+{"version":3,"file":"admin_rpc_adapters.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_rpc_adapters.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AAEH,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAA6B,KAAK,gBAAgB,EAAC,MAAM,kCAAkC,CAAC;AACnG,OAAO,EAA4B,KAAK,eAAe,EAAC,MAAM,iCAAiC,CAAC;AAChG,OAAO,EAAwB,KAAK,WAAW,EAAC,MAAM,6BAA6B,CAAC;AACpF,OAAO,EAA2B,KAAK,cAAc,EAAC,MAAM,gCAAgC,CAAC;AAE7F;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,YAAY,GAAG,eAAe,CAAC;AAE3C,sEAAsE;AACtE,MAAM,WAAW,gBAAgB;IAChC,cAAc,EAAE,gBAAgB,CAAC;IACjC,aAAa,EAAE,eAAe,CAAC;IAC/B,SAAS,EAAE,WAAW,CAAC;IACvB,YAAY,EAAE,cAAc,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,eAAO,MAAM,yBAAyB,GAAI,UAAU,YAAY,KAAG,gBAuBjE,CAAC;AAEH;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,0BAA0B,GAAI,UAAU,gBAAgB,KAAG,IAKvE,CAAC"}

package/dist/ui/admin_rpc_adapters.js

@@ -4,7 +4,16 @@
  * Bridges a typed `rpc_call`-shaped function to the four narrow admin RPC
  * interfaces the state classes consume — `AdminAccountsRpc`,
  * `AdminInvitesRpc`, `AuditLogRpc`, `AppSettingsRpc`. Two calls at the
- * admin shell layout wire everything:
+ * admin shell layout wire everything.
+ *
+ * Intentionally admin-only despite the backend-side
+ * `create_standard_rpc_actions` rename (admin + permit-offer + account).
+ * Account-surface methods flow through `account_sessions_rpc_context`
+ * (wired at the self-service layout), and permit-offer methods that
+ * surface in the admin UI (`permit_offer_create`, `permit_revoke`,
+ * `permit_offer_retract`) live inside the `AdminAccountsRpc` interface —
+ * they belong to the admin UX, not a separate wire pairing. The UI side
+ * and backend factory names diverge by design.
  *
  * ```ts
  * import {create_throwing_rpc_call} from '@fuzdev/fuz_app/actions/rpc_client.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fuzdev/fuz_app",
-  "version": "0.33.0",
+  "version": "0.35.0",
   "description": "fullstack app library",
   "glyph": "🗝",
   "logo": "logo.svg",

package/dist/auth/admin_rpc_actions.d.ts

@@ -1,49 +0,0 @@
-/**
- * Combined admin + permit-offer RPC actions for fuz_app consumers.
- *
- * Consumers that want the stock fuz_app admin surface spread into their
- * JSON-RPC endpoint import this helper instead of hand-wiring
- * `create_admin_actions` + `create_permit_offer_actions`. The shared `roles`
- * schema flows to both factories; `app_settings` goes to admin only;
- * `default_ttl_ms` and `authorize` go to permit-offer only;
- * `notification_sender` reaches permit-offer transparently (admin ignores it).
- *
- * Paired with `create_admin_rpc_adapters` on the UI side — same "admin RPC
- * surface" concept expressed on each wire endpoint.
- *
- * @module
- */
-import { type AdminActionOptions } from './admin_actions.js';
-import { type PermitOfferActionDeps, type PermitOfferActionOptions } from './permit_offer_actions.js';
-import type { RpcAction } from '../actions/action_rpc.js';
-/**
- * Options for `create_admin_rpc_actions`.
- *
- * Composes `AdminActionOptions` (`roles`, `app_settings`) with
- * `PermitOfferActionOptions` (`roles`, `default_ttl_ms`, `authorize`). `roles`
- * is shared between both factories — the caller supplies it once and the
- * helper threads the same reference to both.
- */
-export interface AdminRpcActionsOptions extends AdminActionOptions, PermitOfferActionOptions {
-}
-/**
- * Dependencies for `create_admin_rpc_actions`.
- *
- * Same shape as `PermitOfferActionDeps` — `log`, `on_audit_event`, and an
- * optional `notification_sender` for permit-offer WS fan-out. The admin
- * factory only reads `log` + `on_audit_event`; the extra field is harmless.
- */
-export type AdminRpcActionsDeps = PermitOfferActionDeps;
-/**
- * Build the combined admin + permit-offer RPC action set.
- *
- * Spreads `create_admin_actions(deps, {roles, app_settings})` and
- * `create_permit_offer_actions(deps, {roles, default_ttl_ms, authorize})`.
- * The shared `roles` option flows to both.
- *
- * @param deps - stateless capabilities (log, on_audit_event, optional notification_sender)
- * @param options - role schema, optional app-settings ref, permit-offer TTL and authorize
- * @returns RPC actions to pass as `rpc_endpoints` or spread into `create_rpc_endpoint`
- */
-export declare const create_admin_rpc_actions: (deps: AdminRpcActionsDeps, options?: AdminRpcActionsOptions) => Array<RpcAction>;
-//# sourceMappingURL=admin_rpc_actions.d.ts.map

package/dist/auth/admin_rpc_actions.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"admin_rpc_actions.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/admin_rpc_actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAuB,KAAK,kBAAkB,EAAC,MAAM,oBAAoB,CAAC;AACjF,OAAO,EAEN,KAAK,qBAAqB,EAC1B,KAAK,wBAAwB,EAC7B,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,0BAA0B,CAAC;AAExD;;;;;;;GAOG;AACH,MAAM,WAAW,sBAAuB,SAAQ,kBAAkB,EAAE,wBAAwB;CAAG;AAE/F;;;;;;GAMG;AACH,MAAM,MAAM,mBAAmB,GAAG,qBAAqB,CAAC;AAExD;;;;;;;;;;GAUG;AACH,eAAO,MAAM,wBAAwB,GACpC,MAAM,mBAAmB,EACzB,UAAS,sBAA2B,KAClC,KAAK,CAAC,SAAS,CAGjB,CAAC"}

package/dist/auth/admin_rpc_actions.js

@@ -1,32 +0,0 @@
-/**
- * Combined admin + permit-offer RPC actions for fuz_app consumers.
- *
- * Consumers that want the stock fuz_app admin surface spread into their
- * JSON-RPC endpoint import this helper instead of hand-wiring
- * `create_admin_actions` + `create_permit_offer_actions`. The shared `roles`
- * schema flows to both factories; `app_settings` goes to admin only;
- * `default_ttl_ms` and `authorize` go to permit-offer only;
- * `notification_sender` reaches permit-offer transparently (admin ignores it).
- *
- * Paired with `create_admin_rpc_adapters` on the UI side — same "admin RPC
- * surface" concept expressed on each wire endpoint.
- *
- * @module
- */
-import { create_admin_actions } from './admin_actions.js';
-import { create_permit_offer_actions, } from './permit_offer_actions.js';
-/**
- * Build the combined admin + permit-offer RPC action set.
- *
- * Spreads `create_admin_actions(deps, {roles, app_settings})` and
- * `create_permit_offer_actions(deps, {roles, default_ttl_ms, authorize})`.
- * The shared `roles` option flows to both.
- *
- * @param deps - stateless capabilities (log, on_audit_event, optional notification_sender)
- * @param options - role schema, optional app-settings ref, permit-offer TTL and authorize
- * @returns RPC actions to pass as `rpc_endpoints` or spread into `create_rpc_endpoint`
- */
-export const create_admin_rpc_actions = (deps, options = {}) => [
-    ...create_admin_actions(deps, options),
-    ...create_permit_offer_actions(deps, options),
-];