npm - @fuzdev/fuz_app - Versions diffs - 0.55.0 → 0.56.0 - Mend

@fuzdev/fuz_app 0.55.0 → 0.56.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (331) hide show

package/dist/actions/CLAUDE.md +211 -155
package/dist/actions/action_bridge.d.ts +8 -5
package/dist/actions/action_bridge.d.ts.map +1 -1
package/dist/actions/action_bridge.js +1 -11
package/dist/actions/action_codegen.d.ts +19 -0
package/dist/actions/action_codegen.d.ts.map +1 -1
package/dist/actions/action_codegen.js +20 -14
package/dist/actions/action_registry.d.ts.map +1 -1
package/dist/actions/action_registry.js +5 -2
package/dist/actions/action_rpc.d.ts +110 -44
package/dist/actions/action_rpc.d.ts.map +1 -1
package/dist/actions/action_rpc.js +92 -287
package/dist/actions/action_spec.d.ts +55 -16
package/dist/actions/action_spec.d.ts.map +1 -1
package/dist/actions/action_spec.js +16 -11
package/dist/actions/action_types.d.ts +28 -60
package/dist/actions/action_types.d.ts.map +1 -1
package/dist/actions/action_types.js +13 -5
package/dist/actions/broadcast_api.d.ts +2 -2
package/dist/actions/broadcast_api.js +2 -2
package/dist/actions/compile_action_registry.d.ts +50 -0
package/dist/actions/compile_action_registry.d.ts.map +1 -0
package/dist/actions/compile_action_registry.js +69 -0
package/dist/actions/heartbeat.d.ts +8 -4
package/dist/actions/heartbeat.d.ts.map +1 -1
package/dist/actions/heartbeat.js +5 -4
package/dist/actions/perform_action.d.ts +145 -0
package/dist/actions/perform_action.d.ts.map +1 -0
package/dist/actions/perform_action.js +258 -0
package/dist/actions/register_action_ws.d.ts +44 -38
package/dist/actions/register_action_ws.d.ts.map +1 -1
package/dist/actions/register_action_ws.js +101 -159
package/dist/actions/register_ws_endpoint.d.ts +2 -10
package/dist/actions/register_ws_endpoint.d.ts.map +1 -1
package/dist/actions/register_ws_endpoint.js +32 -10
package/dist/actions/transports_ws_auth_guard.d.ts +1 -1
package/dist/actions/transports_ws_auth_guard.js +1 -1
package/dist/actions/transports_ws_backend.d.ts +1 -1
package/dist/actions/transports_ws_backend.js +1 -1
package/dist/auth/CLAUDE.md +673 -442
package/dist/auth/account_action_specs.d.ts +28 -7
package/dist/auth/account_action_specs.d.ts.map +1 -1
package/dist/auth/account_action_specs.js +7 -7
package/dist/auth/account_actions.d.ts +8 -14
package/dist/auth/account_actions.d.ts.map +1 -1
package/dist/auth/account_actions.js +26 -32
package/dist/auth/account_queries.d.ts +46 -13
package/dist/auth/account_queries.d.ts.map +1 -1
package/dist/auth/account_queries.js +73 -33
package/dist/auth/account_routes.d.ts +4 -3
package/dist/auth/account_routes.d.ts.map +1 -1
package/dist/auth/account_routes.js +58 -33
package/dist/auth/account_schema.d.ts +46 -54
package/dist/auth/account_schema.d.ts.map +1 -1
package/dist/auth/account_schema.js +21 -48
package/dist/auth/admin_action_specs.d.ts +55 -21
package/dist/auth/admin_action_specs.d.ts.map +1 -1
package/dist/auth/admin_action_specs.js +42 -26
package/dist/auth/admin_actions.d.ts +14 -21
package/dist/auth/admin_actions.d.ts.map +1 -1
package/dist/auth/admin_actions.js +47 -44
package/dist/auth/audit_emitter.d.ts +160 -0
package/dist/auth/audit_emitter.d.ts.map +1 -0
package/dist/auth/audit_emitter.js +83 -0
package/dist/auth/audit_log_queries.d.ts +17 -87
package/dist/auth/audit_log_queries.d.ts.map +1 -1
package/dist/auth/audit_log_queries.js +17 -96
package/dist/auth/audit_log_routes.d.ts +1 -1
package/dist/auth/audit_log_routes.d.ts.map +1 -1
package/dist/auth/audit_log_routes.js +7 -3
package/dist/auth/audit_log_schema.d.ts +48 -42
package/dist/auth/audit_log_schema.d.ts.map +1 -1
package/dist/auth/audit_log_schema.js +56 -43
package/dist/auth/auth_guard_resolver.d.ts +44 -0
package/dist/auth/auth_guard_resolver.d.ts.map +1 -0
package/dist/auth/auth_guard_resolver.js +56 -0
package/dist/auth/bootstrap_account.d.ts +7 -7
package/dist/auth/bootstrap_account.d.ts.map +1 -1
package/dist/auth/bootstrap_account.js +7 -7
package/dist/auth/bootstrap_routes.d.ts.map +1 -1
package/dist/auth/bootstrap_routes.js +11 -10
package/dist/auth/cleanup.d.ts +20 -26
package/dist/auth/cleanup.d.ts.map +1 -1
package/dist/auth/cleanup.js +33 -47
package/dist/auth/credential_type_schema.d.ts +115 -0
package/dist/auth/credential_type_schema.d.ts.map +1 -0
package/dist/auth/credential_type_schema.js +127 -0
package/dist/auth/daemon_token_middleware.d.ts +1 -1
package/dist/auth/daemon_token_middleware.js +3 -3
package/dist/auth/ddl.d.ts +2 -2
package/dist/auth/ddl.d.ts.map +1 -1
package/dist/auth/ddl.js +6 -6
package/dist/auth/deps.d.ts +7 -32
package/dist/auth/deps.d.ts.map +1 -1
package/dist/auth/grant_path_schema.d.ts +117 -0
package/dist/auth/grant_path_schema.d.ts.map +1 -0
package/dist/auth/grant_path_schema.js +137 -0
package/dist/auth/invite_queries.d.ts +12 -1
package/dist/auth/invite_queries.d.ts.map +1 -1
package/dist/auth/invite_queries.js +12 -1
package/dist/auth/invite_schema.d.ts +1 -1
package/dist/auth/invite_schema.d.ts.map +1 -1
package/dist/auth/invite_schema.js +1 -1
package/dist/auth/middleware.d.ts.map +1 -1
package/dist/auth/middleware.js +5 -2
package/dist/auth/migrations.d.ts +22 -7
package/dist/auth/migrations.d.ts.map +1 -1
package/dist/auth/migrations.js +64 -25
package/dist/auth/request_context.d.ts +157 -170
package/dist/auth/request_context.d.ts.map +1 -1
package/dist/auth/request_context.js +224 -268
package/dist/auth/{permit_offer_action_specs.d.ts → role_grant_offer_action_specs.d.ts} +130 -100
package/dist/auth/role_grant_offer_action_specs.d.ts.map +1 -0
package/dist/auth/role_grant_offer_action_specs.js +262 -0
package/dist/auth/role_grant_offer_actions.d.ts +104 -0
package/dist/auth/role_grant_offer_actions.d.ts.map +1 -0
package/dist/auth/{permit_offer_actions.js → role_grant_offer_actions.js} +153 -140
package/dist/auth/{permit_offer_notifications.d.ts → role_grant_offer_notifications.d.ts} +80 -70
package/dist/auth/role_grant_offer_notifications.d.ts.map +1 -0
package/dist/auth/role_grant_offer_notifications.js +182 -0
package/dist/auth/{permit_offer_queries.d.ts → role_grant_offer_queries.d.ts} +64 -64
package/dist/auth/role_grant_offer_queries.d.ts.map +1 -0
package/dist/auth/{permit_offer_queries.js → role_grant_offer_queries.js} +136 -123
package/dist/auth/role_grant_offer_schema.d.ts +150 -0
package/dist/auth/role_grant_offer_schema.d.ts.map +1 -0
package/dist/auth/{permit_offer_schema.js → role_grant_offer_schema.js} +55 -36
package/dist/auth/role_grant_queries.d.ts +231 -0
package/dist/auth/role_grant_queries.d.ts.map +1 -0
package/dist/auth/role_grant_queries.js +320 -0
package/dist/auth/role_schema.d.ts +150 -40
package/dist/auth/role_schema.d.ts.map +1 -1
package/dist/auth/role_schema.js +144 -45
package/dist/auth/scope_kind_schema.d.ts +96 -0
package/dist/auth/scope_kind_schema.d.ts.map +1 -0
package/dist/auth/scope_kind_schema.js +94 -0
package/dist/auth/self_service_role_action_specs.d.ts +4 -1
package/dist/auth/self_service_role_action_specs.d.ts.map +1 -1
package/dist/auth/self_service_role_action_specs.js +2 -2
package/dist/auth/self_service_role_actions.d.ts +35 -29
package/dist/auth/self_service_role_actions.d.ts.map +1 -1
package/dist/auth/self_service_role_actions.js +58 -48
package/dist/auth/session_cookie.d.ts +43 -6
package/dist/auth/session_cookie.d.ts.map +1 -1
package/dist/auth/session_cookie.js +31 -5
package/dist/auth/session_middleware.d.ts +37 -3
package/dist/auth/session_middleware.d.ts.map +1 -1
package/dist/auth/session_middleware.js +33 -7
package/dist/auth/signup_routes.d.ts.map +1 -1
package/dist/auth/signup_routes.js +48 -19
package/dist/auth/standard_action_specs.d.ts +2 -2
package/dist/auth/standard_action_specs.js +4 -4
package/dist/auth/standard_rpc_actions.d.ts +23 -19
package/dist/auth/standard_rpc_actions.d.ts.map +1 -1
package/dist/auth/standard_rpc_actions.js +12 -12
package/dist/db/migrate.d.ts +1 -1
package/dist/db/migrate.js +1 -1
package/dist/dev/setup.d.ts +2 -2
package/dist/dev/setup.d.ts.map +1 -1
package/dist/dev/setup.js +4 -4
package/dist/env/load.d.ts +1 -1
package/dist/env/load.js +1 -1
package/dist/hono_context.d.ts +27 -45
package/dist/hono_context.d.ts.map +1 -1
package/dist/hono_context.js +14 -28
package/dist/http/CLAUDE.md +235 -121
package/dist/http/auth_shape.d.ts +191 -0
package/dist/http/auth_shape.d.ts.map +1 -0
package/dist/http/auth_shape.js +237 -0
package/dist/http/common_routes.js +3 -3
package/dist/http/db_routes.d.ts +4 -0
package/dist/http/db_routes.d.ts.map +1 -1
package/dist/http/db_routes.js +44 -7
package/dist/http/error_schemas.d.ts +56 -34
package/dist/http/error_schemas.d.ts.map +1 -1
package/dist/http/error_schemas.js +63 -28
package/dist/http/pending_effects.d.ts +71 -18
package/dist/http/pending_effects.d.ts.map +1 -1
package/dist/http/pending_effects.js +87 -18
package/dist/http/proxy.d.ts +52 -5
package/dist/http/proxy.d.ts.map +1 -1
package/dist/http/proxy.js +92 -14
package/dist/http/route_spec.d.ts +89 -75
package/dist/http/route_spec.d.ts.map +1 -1
package/dist/http/route_spec.js +54 -72
package/dist/http/schema_helpers.d.ts +3 -14
package/dist/http/schema_helpers.d.ts.map +1 -1
package/dist/http/schema_helpers.js +2 -14
package/dist/http/surface.d.ts +2 -10
package/dist/http/surface.d.ts.map +1 -1
package/dist/http/surface.js +3 -4
package/dist/http/surface_query.d.ts +39 -35
package/dist/http/surface_query.d.ts.map +1 -1
package/dist/http/surface_query.js +79 -36
package/dist/primitive_schemas.d.ts +39 -0
package/dist/primitive_schemas.d.ts.map +1 -0
package/dist/primitive_schemas.js +40 -0
package/dist/realtime/sse_auth_guard.d.ts +5 -5
package/dist/realtime/sse_auth_guard.js +9 -9
package/dist/runtime/mock.d.ts +1 -1
package/dist/runtime/mock.js +1 -1
package/dist/server/app_backend.d.ts +14 -11
package/dist/server/app_backend.d.ts.map +1 -1
package/dist/server/app_backend.js +12 -8
package/dist/server/app_server.d.ts +7 -7
package/dist/server/app_server.d.ts.map +1 -1
package/dist/server/app_server.js +35 -40
package/dist/server/validate_nginx.d.ts +1 -1
package/dist/server/validate_nginx.js +1 -1
package/dist/testing/CLAUDE.md +50 -38
package/dist/testing/admin_integration.d.ts +5 -6
package/dist/testing/admin_integration.d.ts.map +1 -1
package/dist/testing/admin_integration.js +87 -85
package/dist/testing/app_server.d.ts +11 -14
package/dist/testing/app_server.d.ts.map +1 -1
package/dist/testing/app_server.js +16 -15
package/dist/testing/assertions.d.ts.map +1 -1
package/dist/testing/assertions.js +2 -1
package/dist/testing/attack_surface.d.ts.map +1 -1
package/dist/testing/attack_surface.js +15 -9
package/dist/testing/audit_completeness.d.ts +2 -2
package/dist/testing/audit_completeness.d.ts.map +1 -1
package/dist/testing/audit_completeness.js +36 -36
package/dist/testing/auth_apps.d.ts +5 -4
package/dist/testing/auth_apps.d.ts.map +1 -1
package/dist/testing/auth_apps.js +22 -19
package/dist/testing/data_exposure.d.ts.map +1 -1
package/dist/testing/data_exposure.js +5 -5
package/dist/testing/db.d.ts +1 -1
package/dist/testing/db.d.ts.map +1 -1
package/dist/testing/db.js +4 -4
package/dist/testing/db_entities.d.ts +22 -0
package/dist/testing/db_entities.d.ts.map +1 -0
package/dist/testing/db_entities.js +28 -0
package/dist/testing/entities.d.ts +8 -7
package/dist/testing/entities.d.ts.map +1 -1
package/dist/testing/entities.js +21 -18
package/dist/testing/integration.d.ts.map +1 -1
package/dist/testing/integration.js +13 -14
package/dist/testing/integration_helpers.d.ts +4 -4
package/dist/testing/integration_helpers.d.ts.map +1 -1
package/dist/testing/integration_helpers.js +20 -18
package/dist/testing/middleware.d.ts +4 -4
package/dist/testing/middleware.d.ts.map +1 -1
package/dist/testing/middleware.js +12 -11
package/dist/testing/rpc_attack_surface.d.ts.map +1 -1
package/dist/testing/rpc_attack_surface.js +40 -24
package/dist/testing/rpc_round_trip.d.ts +1 -1
package/dist/testing/rpc_round_trip.d.ts.map +1 -1
package/dist/testing/rpc_round_trip.js +14 -13
package/dist/testing/sse_round_trip.d.ts +3 -4
package/dist/testing/sse_round_trip.d.ts.map +1 -1
package/dist/testing/sse_round_trip.js +7 -11
package/dist/testing/standard.d.ts +1 -1
package/dist/testing/stubs.d.ts +25 -0
package/dist/testing/stubs.d.ts.map +1 -1
package/dist/testing/stubs.js +43 -2
package/dist/testing/surface_invariants.d.ts +2 -2
package/dist/testing/ws_round_trip.d.ts +12 -13
package/dist/testing/ws_round_trip.d.ts.map +1 -1
package/dist/testing/ws_round_trip.js +19 -11
package/dist/ui/AdminAccounts.svelte +23 -20
package/dist/ui/AdminOverview.svelte +15 -13
package/dist/ui/AdminOverview.svelte.d.ts.map +1 -1
package/dist/ui/{AdminPermitHistory.svelte → AdminRoleGrantHistory.svelte} +12 -12
package/dist/ui/AdminRoleGrantHistory.svelte.d.ts +4 -0
package/dist/ui/AdminRoleGrantHistory.svelte.d.ts.map +1 -0
package/dist/ui/BootstrapForm.svelte +1 -1
package/dist/ui/CLAUDE.md +60 -60
package/dist/ui/{PermitOfferForm.svelte → RoleGrantOfferForm.svelte} +27 -26
package/dist/ui/{PermitOfferForm.svelte.d.ts → RoleGrantOfferForm.svelte.d.ts} +7 -7
package/dist/ui/RoleGrantOfferForm.svelte.d.ts.map +1 -0
package/dist/ui/{PermitOfferHistory.svelte → RoleGrantOfferHistory.svelte} +12 -12
package/dist/ui/{PermitOfferHistory.svelte.d.ts → RoleGrantOfferHistory.svelte.d.ts} +4 -4
package/dist/ui/RoleGrantOfferHistory.svelte.d.ts.map +1 -0
package/dist/ui/{PermitOfferInbox.svelte → RoleGrantOfferInbox.svelte} +14 -14
package/dist/ui/{PermitOfferInbox.svelte.d.ts → RoleGrantOfferInbox.svelte.d.ts} +4 -4
package/dist/ui/RoleGrantOfferInbox.svelte.d.ts.map +1 -0
package/dist/ui/SignupForm.svelte +1 -1
package/dist/ui/SurfaceExplorer.svelte +35 -15
package/dist/ui/SurfaceExplorer.svelte.d.ts.map +1 -1
package/dist/ui/account_sessions_state.svelte.d.ts +2 -3
package/dist/ui/account_sessions_state.svelte.d.ts.map +1 -1
package/dist/ui/account_sessions_state.svelte.js +2 -3
package/dist/ui/admin_accounts_state.svelte.d.ts +18 -18
package/dist/ui/admin_accounts_state.svelte.d.ts.map +1 -1
package/dist/ui/admin_accounts_state.svelte.js +16 -16
package/dist/ui/admin_rpc_adapters.d.ts +20 -20
package/dist/ui/admin_rpc_adapters.d.ts.map +1 -1
package/dist/ui/admin_rpc_adapters.js +17 -17
package/dist/ui/admin_sessions_state.svelte.d.ts +2 -2
package/dist/ui/admin_sessions_state.svelte.js +2 -2
package/dist/ui/audit_log_state.svelte.d.ts +7 -7
package/dist/ui/audit_log_state.svelte.d.ts.map +1 -1
package/dist/ui/audit_log_state.svelte.js +6 -6
package/dist/ui/auth_state.svelte.d.ts +3 -3
package/dist/ui/auth_state.svelte.d.ts.map +1 -1
package/dist/ui/auth_state.svelte.js +6 -6
package/dist/ui/format_scope.d.ts +2 -2
package/dist/ui/format_scope.js +2 -2
package/dist/ui/{permit_offers_state.svelte.d.ts → role_grant_offers_state.svelte.d.ts} +30 -30
package/dist/ui/role_grant_offers_state.svelte.d.ts.map +1 -0
package/dist/ui/{permit_offers_state.svelte.js → role_grant_offers_state.svelte.js} +18 -18
package/dist/ui/ui_format.js +2 -2
package/package.json +3 -3
package/dist/auth/permit_offer_action_specs.d.ts.map +0 -1
package/dist/auth/permit_offer_action_specs.js +0 -258
package/dist/auth/permit_offer_actions.d.ts +0 -110
package/dist/auth/permit_offer_actions.d.ts.map +0 -1
package/dist/auth/permit_offer_notifications.d.ts.map +0 -1
package/dist/auth/permit_offer_notifications.js +0 -182
package/dist/auth/permit_offer_queries.d.ts.map +0 -1
package/dist/auth/permit_offer_schema.d.ts +0 -125
package/dist/auth/permit_offer_schema.d.ts.map +0 -1
package/dist/auth/permit_queries.d.ts +0 -222
package/dist/auth/permit_queries.d.ts.map +0 -1
package/dist/auth/permit_queries.js +0 -305
package/dist/auth/require_keeper.d.ts +0 -20
package/dist/auth/require_keeper.d.ts.map +0 -1
package/dist/auth/require_keeper.js +0 -35
package/dist/auth/route_guards.d.ts +0 -27
package/dist/auth/route_guards.d.ts.map +0 -1
package/dist/auth/route_guards.js +0 -38
package/dist/auth/session_lifecycle.d.ts +0 -37
package/dist/auth/session_lifecycle.d.ts.map +0 -1
package/dist/auth/session_lifecycle.js +0 -29
package/dist/ui/AdminPermitHistory.svelte.d.ts +0 -4
package/dist/ui/AdminPermitHistory.svelte.d.ts.map +0 -1
package/dist/ui/PermitOfferForm.svelte.d.ts.map +0 -1
package/dist/ui/PermitOfferHistory.svelte.d.ts.map +0 -1
package/dist/ui/PermitOfferInbox.svelte.d.ts.map +0 -1
package/dist/ui/permit_offers_state.svelte.d.ts.map +0 -1

package/dist/auth/permit_offer_actions.d.ts DELETED Viewed

@@ -1,110 +0,0 @@
-/**
- * Permit offer RPC action handlers — the consentful-permits action surface.
- *
- * Seven actions: six offer-lifecycle methods (create / accept / decline /
- * retract / list / history) plus `permit_revoke` (admin-only). All mount
- * on a consumer's JSON-RPC endpoint via `create_rpc_endpoint`. The action
- * specs themselves live in `auth/permit_offer_action_specs.ts`. Mutations
- * declare `side_effects: true` so the RPC dispatcher wraps the handler in
- * a DB transaction; `permit_offer_list` and `permit_offer_history` declare
- * `side_effects: false` so they are addressable via GET.
- *
- * Authorization:
- * - `permit_offer_create` — the grantor must hold an active permit for the
- *   role being offered, and that role must be `web_grantable`. Consumers
- *   needing a richer policy (e.g., "teacher may offer student in *their*
- *   classroom") pass an `authorize` callback that overrides the default.
- * - `permit_offer_accept` / `permit_offer_decline` — keyed to the caller's
- *   account; `query_*` helpers enforce the IDOR guard.
- * - `permit_offer_retract` — keyed to the caller's actor.
- * - `permit_offer_list` / `permit_offer_history` — self by default;
- *   `{account_id}` is admin-only.
- * - `permit_revoke` — spec-level `auth: {role: 'admin'}`; the RPC
- *   dispatcher rejects non-admin callers before the handler runs.
- *   `web_grantable` gate prevents revoking keeper/daemon-scoped roles
- *   via this surface. Keys on `actor_id` to survive multi-actor accounts.
- *
- * Audit events are emitted in-transaction by the query layer (atomic with
- * the permit write on accept/revoke) or by the handler via
- * `audit_log_fire_and_forget` for single-event lifecycle transitions.
- * `on_audit_event` (SSE broadcast) fires post-commit in both paths.
- *
- * WS notifications fan out post-commit via `emit_after_commit` when a
- * `notification_sender` is wired: offer lifecycle transitions notify the
- * counterparty, `permit_revoke` notifies the revokee plus each superseded
- * pending offer's grantor.
- *
- * @module
- */
-import { type ActionContext, type RpcAction } from '../actions/action_rpc.js';
-import { type RoleSchemaResult } from './role_schema.js';
-import { type RequestContext } from './request_context.js';
-import type { AuditEmitDeps, RouteFactoryDeps } from './deps.js';
-import { type NotificationSender } from './permit_offer_notifications.js';
-/**
- * Authorization callback for `permit_offer_create`. Returns `true` to allow,
- * `false` to reject (handler converts to `forbidden`).
- *
- * Provided with the fully-resolved request context and the parsed input
- * (pre-TTL, pre-normalization). Consumers override the default to implement
- * policies like "teacher may offer classroom_student only in classrooms they
- * teach".
- */
-export type PermitOfferCreateAuthorize = (auth: RequestContext, input: {
-    to_account_id: string;
-    role: string;
-    scope_id: string | null;
-}, deps: Pick<RouteFactoryDeps, 'log'>, ctx: ActionContext) => boolean | Promise<boolean>;
-/** Options for `create_permit_offer_actions`. */
-export interface PermitOfferActionOptions {
-    /**
-     * Role schema result from `create_role_schema()`. Defaults to builtin roles only.
-     * The `role_options` map is read for `web_grantable` lookups.
-     */
-    roles?: RoleSchemaResult;
-    /** TTL applied to newly-created offers. Defaults to `PERMIT_OFFER_DEFAULT_TTL_MS`. */
-    default_ttl_ms?: number;
-    /**
-     * Custom authorization for `permit_offer_create`. The default requires the
-     * caller to hold an active permit for the offered role *and* the role to
-     * be `web_grantable`. Consumers with richer policies (scope-aware, chained
-     * roles) override this.
-     */
-    authorize?: PermitOfferCreateAuthorize;
-}
-/**
- * Authorization callback that admits any admin and otherwise falls back to
- * the symmetric default (caller must hold the offered role globally).
- *
- * The `web_grantable` filter in `create_handler` runs **before** the
- * `authorize` callback, so this never sees non-web-grantable roles. Drop
- * into `create_permit_offer_actions({authorize: authorize_admin_or_holder})`
- * (or any factory that forwards `authorize`, e.g. `create_standard_rpc_actions`)
- * for the common "admins offer anything; users offer what they hold"
- * pattern. Scope-aware policies (e.g. classroom_teacher offering
- * classroom_student in their own scope) wrap this and short-circuit `true`
- * before delegating.
- */
-export declare const authorize_admin_or_holder: PermitOfferCreateAuthorize;
-/**
- * Dependencies for `create_permit_offer_actions`.
- *
- * `notification_sender` is optional — when absent, WS fan-out is silently
- * skipped. Consumers wiring `BackendWebsocketTransport` assign its instance
- * directly (the transport's `send_to_account` signature accepts the broader
- * `JsonrpcMessageFromServerToClient`, which is contravariantly compatible).
- */
-export interface PermitOfferActionDeps extends AuditEmitDeps {
-    /** Optional WS fan-out primitive. `null` or absent → notifications skipped. */
-    notification_sender?: NotificationSender | null;
-}
-/**
- * Create the seven permit-offer RPC actions (six offer-lifecycle methods
- * plus `permit_revoke`).
- *
- * @param deps - `PermitOfferActionDeps` — `log`, `on_audit_event`, optional `audit_log_config` (slice of `AppDeps`); optional `notification_sender` for WS fan-out
- * @param options - role schema, default TTL, authorization override
- * @returns the `RpcAction` array to spread into a `create_rpc_endpoint` call
- */
-export declare const create_permit_offer_actions: (deps: PermitOfferActionDeps, options?: PermitOfferActionOptions) => Array<RpcAction>;
-//# sourceMappingURL=permit_offer_actions.d.ts.map

package/dist/auth/permit_offer_actions.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"permit_offer_actions.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/permit_offer_actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAEH,OAAO,EAGN,KAAK,aAAa,EAClB,KAAK,SAAS,EACd,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAmC,KAAK,gBAAgB,EAAC,MAAM,kBAAkB,CAAC;AAoBzF,OAAO,EAIN,KAAK,cAAc,EACnB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,EAAC,aAAa,EAAE,gBAAgB,EAAC,MAAM,WAAW,CAAC;AAC/D,OAAO,EAON,KAAK,kBAAkB,EACvB,MAAM,iCAAiC,CAAC;AAiCzC;;;;;;;;GAQG;AACH,MAAM,MAAM,0BAA0B,GAAG,CACxC,IAAI,EAAE,cAAc,EACpB,KAAK,EAAE;IAAC,aAAa,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;CAAC,EACrE,IAAI,EAAE,IAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,EACnC,GAAG,EAAE,aAAa,KACd,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;AAEhC,iDAAiD;AACjD,MAAM,WAAW,wBAAwB;IACxC;;;OAGG;IACH,KAAK,CAAC,EAAE,gBAAgB,CAAC;IACzB,sFAAsF;IACtF,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,0BAA0B,CAAC;CACvC;AA4BD;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,yBAAyB,EAAE,0BASvC,CAAC;AAIF;;;;;;;GAOG;AACH,MAAM,WAAW,qBAAsB,SAAQ,aAAa;IAC3D,+EAA+E;IAC/E,mBAAmB,CAAC,EAAE,kBAAkB,GAAG,IAAI,CAAC;CAChD;AAED;;;;;;;GAOG;AACH,eAAO,MAAM,2BAA2B,GACvC,MAAM,qBAAqB,EAC3B,UAAS,wBAA6B,KACpC,KAAK,CAAC,SAAS,CA4cjB,CAAC"}

package/dist/auth/permit_offer_notifications.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"permit_offer_notifications.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/permit_offer_notifications.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AACtB,OAAO,EAAqB,KAAK,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAIrE,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,oBAAoB,CAAC;AAClD,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,oBAAoB,CAAC;AAM5D;;;;;;;;;;;;;GAaG;AACH,MAAM,WAAW,kBAAkB;IAClC,eAAe,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,KAAK,MAAM,CAAC;CAC5E;AAID,eAAO,MAAM,yCAAyC,0BAA0B,CAAC;AACjF,eAAO,MAAM,0CAA0C,2BAA2B,CAAC;AACnF,eAAO,MAAM,yCAAyC,0BAA0B,CAAC;AACjF,eAAO,MAAM,yCAAyC,0BAA0B,CAAC;AACjF,eAAO,MAAM,0CAA0C,2BAA2B,CAAC;AACnF,eAAO,MAAM,iCAAiC,kBAAkB,CAAC;AAIjE,6EAA6E;AAC7E,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;kBAEpC,CAAC;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAElF,qEAAqE;AACrE,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;kBAErC,CAAC;AACH,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAEpF,yEAAyE;AACzE,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;kBAEpC,CAAC;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAElF;;;;GAIG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;kBAEpC,CAAC;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAElF;;;;;;;;GAQG;AACH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;kBAIrC,CAAC;AACH,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAEpF;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB;;;;;kBAK7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAIpE,eAAO,MAAM,uCAAuC;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAUZ,CAAC;AAEzC,eAAO,MAAM,wCAAwC;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAUb,CAAC;AAEzC,eAAO,MAAM,uCAAuC;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAUZ,CAAC;AAEzC,eAAO,MAAM,uCAAuC;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAUZ,CAAC;AAEzC,eAAO,MAAM,wCAAwC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWb,CAAC;AAEzC,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;CAUJ,CAAC;AAIzC;;;;;GAKG;AACH,eAAO,MAAM,+BAA+B,EAAE,KAAK,CAAC,SAAS,CAO5D,CAAC;AAIF,eAAO,MAAM,wCAAwC,GACpD,QAAQ,yBAAyB,KAC/B,mBAC4E,CAAC;AAEhF,eAAO,MAAM,yCAAyC,GACrD,QAAQ,0BAA0B,KAChC,mBAC6E,CAAC;AAEjF,eAAO,MAAM,wCAAwC,GACpD,QAAQ,yBAAyB,KAC/B,mBAC4E,CAAC;AAEhF,eAAO,MAAM,wCAAwC,GACpD,QAAQ,yBAAyB,KAC/B,mBAC4E,CAAC;AAEhF,eAAO,MAAM,yCAAyC,GACrD,QAAQ,0BAA0B,KAChC,mBAC6E,CAAC;AAEjF,eAAO,MAAM,gCAAgC,GAAI,QAAQ,kBAAkB,KAAG,mBACP,CAAC"}

package/dist/auth/permit_offer_notifications.js DELETED Viewed

@@ -1,182 +0,0 @@
-/**
- * Permit offer WebSocket notification specs, builders, and the narrow
- * `NotificationSender` interface that decouples offer/revoke send sites
- * from `BackendWebsocketTransport`.
- *
- * Six `RemoteNotificationActionSpec`s cover the consentful-permits
- * lifecycle events the server pushes to affected accounts:
- *
- * - `permit_offer_received` → recipient's sockets when an offer is created
- * - `permit_offer_retracted` → recipient's sockets when a grantor retracts
- * - `permit_offer_accepted` → grantor's sockets when the recipient accepts
- * - `permit_offer_declined` → grantor's sockets when the recipient declines
- * - `permit_offer_supersede` → grantor's sockets when a sibling accept,
- *   a revoke of the resulting permit, or destruction of the parent scope
- *   row obsoletes their pending offer
- * - `permit_revoke` → revokee's sockets when one of their active permits
- *   is revoked (companion to the `permit_revoke` audit event)
- *
- * Payloads are flat and normalized — `PermitOfferJson` for the offer-lifecycle
- * notifications (decline reason rides on `offer.decline_reason`, not a
- * sibling field), and `{permit_id, role, scope_id, reason?}` for `permit_revoke`. The
- * revokee/grantor/recipient account id travels via the send target (the
- * `NotificationSender.send_to_account` argument), not in the payload.
- *
- * The specs surface as `EventSpec`s via `create_action_event_spec` — callers
- * append `PERMIT_OFFER_NOTIFICATION_SPECS` to their `event_specs` on
- * `create_app_server` so the surface reflects them and DEV-mode broadcast
- * validation catches payload drift.
- *
- * @module
- */
-import { z } from 'zod';
-import { Uuid as UuidSchema } from '@fuzdev/fuz_util/id.js';
-import { create_action_event_spec } from '../actions/action_bridge.js';
-import { create_jsonrpc_notification } from '../http/jsonrpc_helpers.js';
-import { RoleName } from './role_schema.js';
-import { PermitOfferJson } from './permit_offer_schema.js';
-import { PERMIT_REVOKED_REASON_LENGTH_MAX } from './account_schema.js';
-// -- Method constants -------------------------------------------------------
-export const PERMIT_OFFER_RECEIVED_NOTIFICATION_METHOD = 'permit_offer_received';
-export const PERMIT_OFFER_RETRACTED_NOTIFICATION_METHOD = 'permit_offer_retracted';
-export const PERMIT_OFFER_ACCEPTED_NOTIFICATION_METHOD = 'permit_offer_accepted';
-export const PERMIT_OFFER_DECLINED_NOTIFICATION_METHOD = 'permit_offer_declined';
-export const PERMIT_OFFER_SUPERSEDE_NOTIFICATION_METHOD = 'permit_offer_supersede';
-export const PERMIT_REVOKE_NOTIFICATION_METHOD = 'permit_revoke';
-// -- Params schemas ---------------------------------------------------------
-/** Params for `permit_offer_received` — offer delivered to its recipient. */
-export const PermitOfferReceivedParams = z.strictObject({
-    offer: PermitOfferJson,
-});
-/** Params for `permit_offer_retracted` — grantor-side retraction. */
-export const PermitOfferRetractedParams = z.strictObject({
-    offer: PermitOfferJson,
-});
-/** Params for `permit_offer_accepted` — recipient accepted the offer. */
-export const PermitOfferAcceptedParams = z.strictObject({
-    offer: PermitOfferJson,
-});
-/**
- * Params for `permit_offer_declined`. The decline reason (if any) rides along
- * inside `offer.decline_reason` — the DB stamps it on the offer row during
- * decline, so a sibling `reason` field would just duplicate it.
- */
-export const PermitOfferDeclinedParams = z.strictObject({
-    offer: PermitOfferJson,
-});
-/**
- * Params for `permit_offer_supersede`. Fires to the grantor's sockets when
- * their pending offer is obsoleted — either by a sibling accept
- * (`reason: 'sibling_accepted'`), by revoke of the resulting permit
- * (`reason: 'permit_revoked'`), or by deletion of the parent scope row
- * the offer was bound to (`reason: 'scope_destroyed'`). `cause_id` points
- * at the accepted offer id, the revoked permit id, or the destroyed scope
- * row id respectively.
- */
-export const PermitOfferSupersedeParams = z.strictObject({
-    offer: PermitOfferJson,
-    reason: z.enum(['sibling_accepted', 'permit_revoked', 'scope_destroyed']),
-    cause_id: UuidSchema,
-});
-/**
- * Params for `permit_revoke`. Delivered to the revokee's sockets when one
- * of their active permits is revoked. Flat wire shape — `revoked_by` is
- * admin-UI-visible but deliberately omitted here (the revokee doesn't need
- * to learn the admin's identity). Target account is implicit in the send
- * target.
- */
-export const PermitRevokeParams = z.strictObject({
-    permit_id: UuidSchema,
-    role: RoleName,
-    scope_id: UuidSchema.nullable(),
-    reason: z.string().max(PERMIT_REVOKED_REASON_LENGTH_MAX).nullable(),
-});
-// -- Action specs -----------------------------------------------------------
-export const permit_offer_received_notification_spec = {
-    method: PERMIT_OFFER_RECEIVED_NOTIFICATION_METHOD,
-    kind: 'remote_notification',
-    initiator: 'backend',
-    auth: null,
-    side_effects: true,
-    input: PermitOfferReceivedParams,
-    output: z.void(),
-    async: true,
-    description: 'A new permit offer arrived in the recipient’s inbox.',
-};
-export const permit_offer_retracted_notification_spec = {
-    method: PERMIT_OFFER_RETRACTED_NOTIFICATION_METHOD,
-    kind: 'remote_notification',
-    initiator: 'backend',
-    auth: null,
-    side_effects: true,
-    input: PermitOfferRetractedParams,
-    output: z.void(),
-    async: true,
-    description: 'A pending permit offer was retracted by its grantor.',
-};
-export const permit_offer_accepted_notification_spec = {
-    method: PERMIT_OFFER_ACCEPTED_NOTIFICATION_METHOD,
-    kind: 'remote_notification',
-    initiator: 'backend',
-    auth: null,
-    side_effects: true,
-    input: PermitOfferAcceptedParams,
-    output: z.void(),
-    async: true,
-    description: 'A pending permit offer was accepted by its recipient.',
-};
-export const permit_offer_declined_notification_spec = {
-    method: PERMIT_OFFER_DECLINED_NOTIFICATION_METHOD,
-    kind: 'remote_notification',
-    initiator: 'backend',
-    auth: null,
-    side_effects: true,
-    input: PermitOfferDeclinedParams,
-    output: z.void(),
-    async: true,
-    description: 'A pending permit offer was declined by its recipient.',
-};
-export const permit_offer_supersede_notification_spec = {
-    method: PERMIT_OFFER_SUPERSEDE_NOTIFICATION_METHOD,
-    kind: 'remote_notification',
-    initiator: 'backend',
-    auth: null,
-    side_effects: true,
-    input: PermitOfferSupersedeParams,
-    output: z.void(),
-    async: true,
-    description: 'A grantor’s pending permit offer was obsoleted by a sibling accept, by revoke of the resulting permit, or by destruction of the parent scope row.',
-};
-export const permit_revoke_notification_spec = {
-    method: PERMIT_REVOKE_NOTIFICATION_METHOD,
-    kind: 'remote_notification',
-    initiator: 'backend',
-    auth: null,
-    side_effects: true,
-    input: PermitRevokeParams,
-    output: z.void(),
-    async: true,
-    description: 'An active permit on the revokee’s account was revoked.',
-};
-// -- EventSpec surface ------------------------------------------------------
-/**
- * SSE/WS event specs for the consentful-permits notification surface.
- *
- * Pass to `create_app_server`'s `event_specs` so the attack surface reflects
- * them and DEV-mode `create_validated_broadcaster` catches payload drift.
- */
-export const PERMIT_OFFER_NOTIFICATION_SPECS = [
-    create_action_event_spec(permit_offer_received_notification_spec),
-    create_action_event_spec(permit_offer_retracted_notification_spec),
-    create_action_event_spec(permit_offer_accepted_notification_spec),
-    create_action_event_spec(permit_offer_declined_notification_spec),
-    create_action_event_spec(permit_offer_supersede_notification_spec),
-    create_action_event_spec(permit_revoke_notification_spec),
-];
-// -- Notification builders --------------------------------------------------
-export const build_permit_offer_received_notification = (params) => create_jsonrpc_notification(PERMIT_OFFER_RECEIVED_NOTIFICATION_METHOD, params);
-export const build_permit_offer_retracted_notification = (params) => create_jsonrpc_notification(PERMIT_OFFER_RETRACTED_NOTIFICATION_METHOD, params);
-export const build_permit_offer_accepted_notification = (params) => create_jsonrpc_notification(PERMIT_OFFER_ACCEPTED_NOTIFICATION_METHOD, params);
-export const build_permit_offer_declined_notification = (params) => create_jsonrpc_notification(PERMIT_OFFER_DECLINED_NOTIFICATION_METHOD, params);
-export const build_permit_offer_supersede_notification = (params) => create_jsonrpc_notification(PERMIT_OFFER_SUPERSEDE_NOTIFICATION_METHOD, params);
-export const build_permit_revoke_notification = (params) => create_jsonrpc_notification(PERMIT_REVOKE_NOTIFICATION_METHOD, params);

package/dist/auth/permit_offer_queries.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"permit_offer_queries.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/permit_offer_queries.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAEjD,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAEnD,OAAO,KAAK,EAAC,MAAM,EAAC,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAEN,KAAK,sBAAsB,EAC3B,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,MAAM,0BAA0B,CAAC;AAElC,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,uBAAuB,CAAC;AAEzD;;;;;GAKG;AACH,qBAAa,+BAAgC,SAAQ,KAAK;gBAC7C,QAAQ,EAAE,MAAM;CAI5B;AAED;;;;;GAKG;AACH,qBAAa,uBAAwB,SAAQ,KAAK;gBACrC,QAAQ,EAAE,MAAM;CAI5B;AAED;;;;;GAKG;AACH,qBAAa,wBAAyB,SAAQ,KAAK;gBACtC,QAAQ,EAAE,MAAM;CAI5B;AAED;;;;;;;;GAQG;AACH,qBAAa,0BAA2B,SAAQ,KAAK;;CAKpD;AAED;;;;;;;GAOG;AACH,qBAAa,6BAA8B,SAAQ,KAAK;gBAC3C,QAAQ,EAAE,MAAM;CAI5B;AAED;;;;;GAKG;AACH,qBAAa,oCAAqC,SAAQ,KAAK;;CAK9D;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,yBAAyB,GACrC,MAAM,SAAS,EACf,OAAO,sBAAsB,KAC3B,OAAO,CAAC,WAAW,CAgDrB,CAAC;AAEF,mGAAmG;AACnG,MAAM,WAAW,aAAc,SAAQ,WAAW;IACjD;;;;;OAKG;IACH,eAAe,EAAE,IAAI,CAAC;CACtB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,0BAA0B,GACtC,MAAM,SAAS,EACf,UAAU,MAAM,EAChB,eAAe,MAAM,EACrB,QAAQ,MAAM,GAAG,IAAI,KACnB,OAAO,CAAC,aAAa,GAAG,IAAI,CAoB9B,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,0BAA0B,GACtC,MAAM,SAAS,EACf,UAAU,MAAM,EAChB,eAAe,MAAM,KACnB,OAAO,CAAC,WAAW,GAAG,IAAI,CAe5B,CAAC;AA8BF;;;;;;GAMG;AACH,eAAO,MAAM,uBAAuB,GACnC,MAAM,SAAS,EACf,eAAe,MAAM,KACnB,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAY5B,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,sCAAsC,GAClD,MAAM,SAAS,EACf,YAAY,MAAM,EAClB,cAAW,EACX,eAAU,KACR,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAS5B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,+BAA+B,GAC3C,MAAM,SAAS,EACf,UAAU,MAAM,KACd,OAAO,CAAC,WAAW,GAAG,IAAI,CAY5B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,gCAAgC,GAC5C,MAAM,SAAS,KACb,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAU5B,CAAC;AAEF,sCAAsC;AACtC,MAAM,WAAW,gBAAgB;IAChC,QAAQ,EAAE,IAAI,CAAC;IACf,mGAAmG;IACnG,aAAa,EAAE,IAAI,CAAC;IACpB;;;;;;;;;;OAUG;IACH,QAAQ,EAAE,IAAI,CAAC;IACf,gDAAgD;IAChD,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACnB;AAED,yHAAyH;AACzH,MAAM,WAAW,iBAAiB;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,WAAW,CAAC;IACnB,4IAA4I;IAC5I,OAAO,EAAE,OAAO,CAAC;IACjB;;;;;OAKG;IACH,iBAAiB,EAAE,KAAK,CAAC,eAAe,CAAC,CAAC;IAC1C,sLAAsL;IACtL,YAAY,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC;CACnC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,eAAO,MAAM,kBAAkB,GAC9B,MAAM,SAAS,EACf,OAAO,gBAAgB,KACrB,OAAO,CAAC,iBAAiB,CA8N3B,CAAC"}

package/dist/auth/permit_offer_schema.d.ts DELETED Viewed

@@ -1,125 +0,0 @@
-/**
- * Permit offer DDL, types, and client-safe schemas.
- *
- * An offer is a pending grant awaiting recipient consent. Lifecycle states
- * are mutually exclusive via a CHECK constraint (`permit_offer_single_terminal`):
- * at most one of `accepted_at` / `declined_at` / `retracted_at` may be set.
- * On accept, the offer's `resulting_permit_id` links to the permit row
- * produced by `query_accept_offer`.
- *
- * @module
- */
-import { z } from 'zod';
-import { Uuid } from '@fuzdev/fuz_util/id.js';
-/** Sentinel UUID used inside the partial unique indexes to collapse `scope_id IS NULL` into a comparable value. */
-export declare const PERMIT_OFFER_SCOPE_SENTINEL_UUID = "00000000-0000-0000-0000-000000000000";
-/** Maximum length of the optional message attached to an offer. */
-export declare const PERMIT_OFFER_MESSAGE_LENGTH_MAX = 500;
-/** Default TTL for a newly created offer — 30 days. Matches GitHub org-invite expiry. */
-export declare const PERMIT_OFFER_DEFAULT_TTL_MS: number;
-export declare const PERMIT_OFFER_SCHEMA = "\nCREATE TABLE IF NOT EXISTS permit_offer (\n  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),\n  from_actor_id UUID NOT NULL REFERENCES actor(id) ON DELETE CASCADE,\n  to_account_id UUID NOT NULL REFERENCES account(id) ON DELETE CASCADE,\n  to_actor_id UUID NULL REFERENCES actor(id) ON DELETE CASCADE,\n  role TEXT NOT NULL,\n  scope_id UUID NULL,\n  message TEXT NULL,\n  created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),\n  expires_at TIMESTAMPTZ NOT NULL,\n  accepted_at TIMESTAMPTZ NULL,\n  declined_at TIMESTAMPTZ NULL,\n  decline_reason TEXT NULL,\n  retracted_at TIMESTAMPTZ NULL,\n  superseded_at TIMESTAMPTZ NULL,\n  resulting_permit_id UUID NULL REFERENCES permit(id) ON DELETE SET NULL,\n  CONSTRAINT permit_offer_single_terminal CHECK (\n    (accepted_at IS NOT NULL)::int\n    + (declined_at IS NOT NULL)::int\n    + (retracted_at IS NOT NULL)::int\n    + (superseded_at IS NOT NULL)::int\n    <= 1\n  ),\n  CONSTRAINT permit_offer_permit_iff_accepted CHECK (\n    (accepted_at IS NOT NULL) = (resulting_permit_id IS NOT NULL)\n  ),\n  CONSTRAINT permit_offer_reason_iff_declined CHECK (\n    decline_reason IS NULL OR declined_at IS NOT NULL\n  )\n)";
-/**
- * At most one pending offer per (to_account, role, scope, from_actor).
- *
- * Including `from_actor_id` in the tuple lets multiple grantors coexist —
- * teacher A and teacher B can each have a pending `classroom_student` offer
- * for the same student and scope. A same-grantor re-offer upserts the
- * existing pending row. `COALESCE` collapses `NULL` scopes into the
- * sentinel UUID so Postgres's NULL-in-unique-index quirk does not allow
- * duplicate global pending offers. The ON CONFLICT target in
- * `query_permit_offer_create` must match this expression literally.
- */
-export declare const PERMIT_OFFER_PENDING_UNIQUE_INDEX = "\nCREATE UNIQUE INDEX IF NOT EXISTS permit_offer_pending_unique\n  ON permit_offer (\n    to_account_id,\n    role,\n    COALESCE(scope_id, '00000000-0000-0000-0000-000000000000'::uuid),\n    from_actor_id\n  )\n  WHERE accepted_at IS NULL\n    AND declined_at IS NULL\n    AND retracted_at IS NULL\n    AND superseded_at IS NULL";
-/** Inbox lookup — pending offers for an account, ordered by soonest expiry. */
-export declare const PERMIT_OFFER_INBOX_INDEX = "\nCREATE INDEX IF NOT EXISTS permit_offer_inbox\n  ON permit_offer (to_account_id, expires_at)\n  WHERE accepted_at IS NULL\n    AND declined_at IS NULL\n    AND retracted_at IS NULL\n    AND superseded_at IS NULL";
-/** Permit offer row as returned by the database. */
-export interface PermitOffer {
-    id: Uuid;
-    from_actor_id: Uuid;
-    to_account_id: Uuid;
-    /**
-     * Optional actor-grain target on the recipient account. When set, accept
-     * is gated to this specific actor — `query_accept_offer` rejects any
-     * other actor with `permit_offer_actor_mismatch` even when they belong
-     * to `to_account_id`. When null the offer is account-grain and any
-     * actor on `to_account_id` may accept (the v1 default).
-     *
-     * Drives the audit envelope's `target_actor_id` on offer-shape events
-     * (`permit_offer_create` / `_expire` / `_retract` / `_supersede`) — when
-     * set, the actor-grain forensic field carries the named actor; when
-     * null the offer-shape events leave it null by design.
-     */
-    to_actor_id: Uuid | null;
-    role: string;
-    scope_id: Uuid | null;
-    message: string | null;
-    created_at: string;
-    expires_at: string;
-    accepted_at: string | null;
-    declined_at: string | null;
-    decline_reason: string | null;
-    retracted_at: string | null;
-    /**
-     * Set when the offer was obsoleted by an external event — a sibling
-     * offer was accepted (yielding the permit this offer's role+scope maps to)
-     * or the resulting permit for this (to_account, role, scope) was revoked.
-     * Closes the "accept a pre-revoke offer to bypass the revoke" path.
-     */
-    superseded_at: string | null;
-    resulting_permit_id: Uuid | null;
-}
-/**
- * A superseded offer row annotated with the grantor's `account_id`.
- *
- * Carried by `superseded_offers` in accept/revoke query results so callers
- * can fan out `permit_offer_supersede` notifications to the grantor's
- * sockets without a second round-trip. Populated via a CTE join on `actor`
- * in the supersede UPDATE.
- */
-export interface SupersededOffer extends PermitOffer {
-    from_account_id: Uuid;
-}
-/**
- * Input for `query_permit_offer_create`.
- *
- * `expires_at` must be supplied — the query layer does not apply a default,
- * so callers can thread their own TTL (typically `PERMIT_OFFER_DEFAULT_TTL_MS`).
- */
-export interface CreatePermitOfferInput {
-    from_actor_id: Uuid;
-    to_account_id: Uuid;
-    /**
-     * Optional actor-grain target on the recipient account. When set,
-     * `query_permit_offer_create` validates that the actor belongs to
-     * `to_account_id` and stamps the column; accept then matches against
-     * this specific actor. Omit (or pass null) for the account-grain
-     * default — any actor on `to_account_id` may accept.
-     */
-    to_actor_id?: Uuid | null;
-    role: string;
-    scope_id?: Uuid | null;
-    message?: string | null;
-    expires_at: Date;
-}
-/** Zod schema for client-safe permit offer data. */
-export declare const PermitOfferJson: z.ZodObject<{
-    id: z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">;
-    from_actor_id: z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">;
-    to_account_id: z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">;
-    to_actor_id: z.ZodNullable<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>;
-    role: z.ZodString;
-    scope_id: z.ZodNullable<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>;
-    message: z.ZodNullable<z.ZodString>;
-    created_at: z.ZodString;
-    expires_at: z.ZodString;
-    accepted_at: z.ZodNullable<z.ZodString>;
-    declined_at: z.ZodNullable<z.ZodString>;
-    decline_reason: z.ZodNullable<z.ZodString>;
-    retracted_at: z.ZodNullable<z.ZodString>;
-    superseded_at: z.ZodNullable<z.ZodString>;
-    resulting_permit_id: z.ZodNullable<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>;
-}, z.core.$strict>;
-export type PermitOfferJson = z.infer<typeof PermitOfferJson>;
-/** Convert a `PermitOffer` row to its JSON payload shape. */
-export declare const to_permit_offer_json: (offer: PermitOffer) => PermitOfferJson;
-//# sourceMappingURL=permit_offer_schema.d.ts.map

package/dist/auth/permit_offer_schema.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"permit_offer_schema.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/permit_offer_schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AACtB,OAAO,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAI5C,mHAAmH;AACnH,eAAO,MAAM,gCAAgC,yCAAyC,CAAC;AAEvF,mEAAmE;AACnE,eAAO,MAAM,+BAA+B,MAAM,CAAC;AAEnD,yFAAyF;AACzF,eAAO,MAAM,2BAA2B,QAA2B,CAAC;AAEpE,eAAO,MAAM,mBAAmB,8oCA8B9B,CAAC;AAEH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,iCAAiC,8UAWhB,CAAC;AAE/B,+EAA+E;AAC/E,eAAO,MAAM,wBAAwB,0NAMP,CAAC;AAQ/B,oDAAoD;AACpD,MAAM,WAAW,WAAW;IAC3B,EAAE,EAAE,IAAI,CAAC;IACT,aAAa,EAAE,IAAI,CAAC;IACpB,aAAa,EAAE,IAAI,CAAC;IACpB;;;;;;;;;;;OAWG;IACH,WAAW,EAAE,IAAI,GAAG,IAAI,CAAC;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,IAAI,GAAG,IAAI,CAAC;IACtB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B;;;;;OAKG;IACH,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,mBAAmB,EAAE,IAAI,GAAG,IAAI,CAAC;CACjC;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,eAAgB,SAAQ,WAAW;IACnD,eAAe,EAAE,IAAI,CAAC;CACtB;AAED;;;;;GAKG;AACH,MAAM,WAAW,sBAAsB;IACtC,aAAa,EAAE,IAAI,CAAC;IACpB,aAAa,EAAE,IAAI,CAAC;IACpB;;;;;;OAMG;IACH,WAAW,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,UAAU,EAAE,IAAI,CAAC;CACjB;AAED,oDAAoD;AACpD,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;kBAgDyD,CAAC;AACtF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAE9D,6DAA6D;AAC7D,eAAO,MAAM,oBAAoB,GAAI,OAAO,WAAW,KAAG,eAgBxD,CAAC"}