@fuzdev/fuz_app 0.55.0 → 0.57.0

package/dist/ui/{PermitOfferForm.svelte.d.ts → RoleGrantOfferForm.svelte.d.ts}

@@ -1,4 +1,4 @@
-import { type PermitOfferJson } from '../auth/permit_offer_schema.js';
+import { type RoleGrantOfferJson } from '../auth/role_grant_offer_schema.js';
 type $$ComponentProps = {
     to_account_id: string;
     /**
@@ -7,14 +7,14 @@ type $$ComponentProps = {
      * actor on the recipient account may accept.
      */
     to_actor_id?: string | null;
-    /** Roles the caller may offer — caller filters by `web_grantable` upstream. */
+    /** Roles the caller may offer — caller filters upstream (default: admin-grant-path). */
     roles: Array<string>;
     /** Resource scope for the offer; `null` (default) yields a global offer. */
     scope_id?: string | null;
-    on_created?: (offer: PermitOfferJson) => void;
+    on_created?: (offer: RoleGrantOfferJson) => void;
     format_role?: (role: string) => string;
 };
-declare const PermitOfferForm: import("svelte").Component<$$ComponentProps, {}, "">;
-type PermitOfferForm = ReturnType<typeof PermitOfferForm>;
-export default PermitOfferForm;
-//# sourceMappingURL=PermitOfferForm.svelte.d.ts.map
+declare const RoleGrantOfferForm: import("svelte").Component<$$ComponentProps, {}, "">;
+type RoleGrantOfferForm = ReturnType<typeof RoleGrantOfferForm>;
+export default RoleGrantOfferForm;
+//# sourceMappingURL=RoleGrantOfferForm.svelte.d.ts.map

package/dist/ui/RoleGrantOfferForm.svelte.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RoleGrantOfferForm.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/RoleGrantOfferForm.svelte"],"names":[],"mappings":"AAkBA,OAAO,EAEL,KAAK,kBAAkB,EACvB,MAAM,oCAAoC,CAAC;AAS5C,KAAK,gBAAgB,GAAI;IACxB,aAAa,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,wFAAwF;IACxF,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACrB,4EAA4E;IAC5E,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,UAAU,CAAC,EAAE,CAAC,KAAK,EAAE,kBAAkB,KAAK,IAAI,CAAC;IACjD,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;CACvC,CAAC;AA4GH,QAAA,MAAM,kBAAkB,sDAAwC,CAAC;AACjE,KAAK,kBAAkB,GAAG,UAAU,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAChE,eAAe,kBAAkB,CAAC"}

package/dist/ui/{PermitOfferHistory.svelte → RoleGrantOfferHistory.svelte}

@@ -1,21 +1,21 @@
 <script lang="ts">
 	/**
-	 * Both-directions permit offer history table.
+	 * Both-directions role_grant offer history table.
 	 *
 	 * Shows every offer involving the current account — recipient or grantor
 	 * — including terminal rows (accepted, declined, retracted, superseded,
-	 * expired). Backed by `permit_offer_history` (new RPC action); seeded
-	 * via `PermitOffersState.fetch_history()`.
+	 * expired). Backed by `role_grant_offer_history` (new RPC action); seeded
+	 * via `RoleGrantOffersState.fetch_history()`.
 	 *
 	 * Consumers plug in optional `format_actor` / `format_scope` callbacks
 	 * for display names.
 	 */
 
-	import {permit_offers_state_context} from './permit_offers_state.svelte.js';
+	import {role_grant_offers_state_context} from './role_grant_offers_state.svelte.js';
 	import Datatable from './Datatable.svelte';
 	import type {DatatableColumn} from './datatable.js';
 	import {format_relative_time, format_datetime_local, truncate_uuid} from './ui_format.js';
-	import type {PermitOfferJson} from '../auth/permit_offer_schema.js';
+	import type {RoleGrantOfferJson} from '../auth/role_grant_offer_schema.js';
 	import {format_scope_context, resolve_scope_label, type FormatScope} from './format_scope.js';
 
 	const {
@@ -36,13 +36,13 @@
 		format_role?: (role: string) => string;
 	} = $props();
 
-	const permit_offers = permit_offers_state_context.get();
+	const role_grant_offers = role_grant_offers_state_context.get();
 	const get_format_scope = format_scope_context.get();
 	const format_scope_from_context = $derived(get_format_scope());
 
 	const now = $state.raw(Date.now());
 
-	const status_of = (offer: PermitOfferJson): string => {
+	const status_of = (offer: RoleGrantOfferJson): string => {
 		if (offer.accepted_at) return 'accepted';
 		if (offer.declined_at) return 'declined';
 		if (offer.retracted_at) return 'retracted';
@@ -70,7 +70,7 @@
 	const scope_label = (scope_id: string | null, role: string): string =>
 		resolve_scope_label(scope_id, role, format_scope ?? format_scope_from_context, 'global');
 
-	const columns: Array<DatatableColumn<PermitOfferJson>> = [
+	const columns: Array<DatatableColumn<RoleGrantOfferJson>> = [
 		{key: 'from_actor_id', label: 'direction', width: 110},
 		{key: 'role', label: 'role', width: 140},
 		{key: 'scope_id', label: 'scope', width: 160},
@@ -82,12 +82,12 @@
 <section>
 	<h2>offer history</h2>
 
-	{#if permit_offers.loading}
+	{#if role_grant_offers.loading}
 		<p class="text_50">loading history...</p>
-	{:else if permit_offers.error}
-		<p class="color_c_50">{permit_offers.error}</p>
+	{:else if role_grant_offers.error}
+		<p class="color_c_50">{role_grant_offers.error}</p>
 	{:else}
-		<Datatable {columns} rows={permit_offers.history} height="400px" row_key="id">
+		<Datatable {columns} rows={role_grant_offers.history} height="400px" row_key="id">
 			{#snippet cell(column, row)}
 				{#if column.key === 'from_actor_id'}
 					{#if current_actor_id && row.from_actor_id === current_actor_id}

package/dist/ui/{PermitOfferHistory.svelte.d.ts → RoleGrantOfferHistory.svelte.d.ts}

@@ -11,7 +11,7 @@ type $$ComponentProps = {
     format_scope?: FormatScope;
     format_role?: (role: string) => string;
 };
-declare const PermitOfferHistory: import("svelte").Component<$$ComponentProps, {}, "">;
-type PermitOfferHistory = ReturnType<typeof PermitOfferHistory>;
-export default PermitOfferHistory;
-//# sourceMappingURL=PermitOfferHistory.svelte.d.ts.map
+declare const RoleGrantOfferHistory: import("svelte").Component<$$ComponentProps, {}, "">;
+type RoleGrantOfferHistory = ReturnType<typeof RoleGrantOfferHistory>;
+export default RoleGrantOfferHistory;
+//# sourceMappingURL=RoleGrantOfferHistory.svelte.d.ts.map

package/dist/ui/RoleGrantOfferHistory.svelte.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RoleGrantOfferHistory.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/RoleGrantOfferHistory.svelte"],"names":[],"mappings":"AAmBA,OAAO,EAA4C,KAAK,WAAW,EAAC,MAAM,mBAAmB,CAAC;AAE7F,KAAK,gBAAgB,GAAI;IACxB,oFAAoF;IACpF,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,YAAY,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,KAAK,MAAM,CAAC;IACjD;;;;OAIG;IACH,YAAY,CAAC,EAAE,WAAW,CAAC;IAC3B,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;CACvC,CAAC;AAkGH,QAAA,MAAM,qBAAqB,sDAAwC,CAAC;AACpE,KAAK,qBAAqB,GAAG,UAAU,CAAC,OAAO,qBAAqB,CAAC,CAAC;AACtE,eAAe,qBAAqB,CAAC"}

package/dist/ui/{PermitOfferInbox.svelte → RoleGrantOfferInbox.svelte}

@@ -2,7 +2,7 @@
 	/**
 	 * Recipient-side pending offer inbox.
 	 *
-	 * Renders `PermitOffersState.incoming` (pending, soonest-expiry first)
+	 * Renders `RoleGrantOffersState.incoming` (pending, soonest-expiry first)
 	 * with accept + decline-with-reason controls. Grantor and scope rendering
 	 * are delegated via optional callback props — consumers plug in display
 	 * names once they know what a `from_actor_id` / `scope_id` represents
@@ -12,10 +12,10 @@
 	import PendingButton from '@fuzdev/fuz_ui/PendingButton.svelte';
 	import {SvelteMap} from 'svelte/reactivity';
 
-	import {permit_offers_state_context} from './permit_offers_state.svelte.js';
+	import {role_grant_offers_state_context} from './role_grant_offers_state.svelte.js';
 	import ConfirmButton from './ConfirmButton.svelte';
 	import {format_relative_time, format_datetime_local, truncate_uuid} from './ui_format.js';
-	import {PERMIT_OFFER_MESSAGE_LENGTH_MAX} from '../auth/permit_offer_schema.js';
+	import {ROLE_GRANT_OFFER_MESSAGE_LENGTH_MAX} from '../auth/role_grant_offer_schema.js';
 	import {format_scope_context, resolve_scope_label, type FormatScope} from './format_scope.js';
 
 	const {
@@ -35,7 +35,7 @@
 		format_role?: (role: string) => string;
 	} = $props();
 
-	const permit_offers = permit_offers_state_context.get();
+	const role_grant_offers = role_grant_offers_state_context.get();
 	const get_format_scope = format_scope_context.get();
 	const format_scope_from_context = $derived(get_format_scope());
 
@@ -45,18 +45,18 @@
 	const decline_reasons: SvelteMap<string, string> = new SvelteMap();
 </script>
 
-<section class="permit-offer-inbox">
+<section class="role-grant-offer-inbox">
 	<h2>pending offers</h2>
 
-	{#if permit_offers.error}
-		<p class="color_c_50">{permit_offers.error}</p>
+	{#if role_grant_offers.error}
+		<p class="color_c_50">{role_grant_offers.error}</p>
 	{/if}
 
-	{#if permit_offers.incoming.length === 0}
+	{#if role_grant_offers.incoming.length === 0}
 		<p class="text_50">No pending offers.</p>
 	{:else}
 		<ul class="column gap_md">
-			{#each permit_offers.incoming as offer (offer.id)}
+			{#each role_grant_offers.incoming as offer (offer.id)}
 				<li class="box p_md column gap_sm">
 					<div class="row gap_sm align_center">
 						<span class="chip color_a">{format_role(offer.role)}</span>
@@ -76,9 +76,9 @@
 
 					<div class="row gap_sm">
 						<PendingButton
-							pending={permit_offers.loading}
-							disabled={permit_offers.loading}
-							onclick={() => permit_offers.accept(offer.id)}
+							pending={role_grant_offers.loading}
+							disabled={role_grant_offers.loading}
+							onclick={() => role_grant_offers.accept(offer.id)}
 							class="color_b"
 						>
 							accept
@@ -89,7 +89,7 @@
 							position="bottom"
 							onconfirm={() => {
 								const reason = decline_reasons.get(offer.id) ?? '';
-								void permit_offers.decline(offer.id, reason || null);
+								void role_grant_offers.decline(offer.id, reason || null);
 								decline_reasons.delete(offer.id);
 							}}
 						>
@@ -102,7 +102,7 @@
 										<div class="title">reason (optional)</div>
 										<textarea
 											name="decline-reason"
-											maxlength={PERMIT_OFFER_MESSAGE_LENGTH_MAX}
+											maxlength={ROLE_GRANT_OFFER_MESSAGE_LENGTH_MAX}
 											placeholder="optional reason"
 											value={decline_reasons.get(offer.id) ?? ''}
 											oninput={(e) =>

package/dist/ui/{PermitOfferInbox.svelte.d.ts → RoleGrantOfferInbox.svelte.d.ts}

@@ -11,7 +11,7 @@ type $$ComponentProps = {
     /** Display label for a role constant. Defaults to identity. */
     format_role?: (role: string) => string;
 };
-declare const PermitOfferInbox: import("svelte").Component<$$ComponentProps, {}, "">;
-type PermitOfferInbox = ReturnType<typeof PermitOfferInbox>;
-export default PermitOfferInbox;
-//# sourceMappingURL=PermitOfferInbox.svelte.d.ts.map
+declare const RoleGrantOfferInbox: import("svelte").Component<$$ComponentProps, {}, "">;
+type RoleGrantOfferInbox = ReturnType<typeof RoleGrantOfferInbox>;
+export default RoleGrantOfferInbox;
+//# sourceMappingURL=RoleGrantOfferInbox.svelte.d.ts.map

package/dist/ui/RoleGrantOfferInbox.svelte.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RoleGrantOfferInbox.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/RoleGrantOfferInbox.svelte"],"names":[],"mappings":"AAmBA,OAAO,EAA4C,KAAK,WAAW,EAAC,MAAM,mBAAmB,CAAC;AAE7F,KAAK,gBAAgB,GAAI;IACxB,uEAAuE;IACvE,YAAY,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,KAAK,MAAM,CAAC;IACjD;;;;OAIG;IACH,YAAY,CAAC,EAAE,WAAW,CAAC;IAC3B,+DAA+D;IAC/D,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;CACvC,CAAC;AA2FH,QAAA,MAAM,mBAAmB,sDAAwC,CAAC;AAClE,KAAK,mBAAmB,GAAG,UAAU,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAClE,eAAe,mBAAmB,CAAC"}

package/dist/ui/SignupForm.svelte

@@ -16,7 +16,7 @@
 	import PendingButton from '@fuzdev/fuz_ui/PendingButton.svelte';
 	import {autofocus} from '@fuzdev/fuz_ui/autofocus.svelte.js';
 
-	import {Username} from '../auth/account_schema.js';
+	import {Username} from '../primitive_schemas.js';
 	import {PASSWORD_LENGTH_MIN} from '../auth/password.js';
 	import {auth_state_context} from './auth_state.svelte.js';
 	import {FormState} from './form_state.svelte.js';

package/dist/ui/SurfaceExplorer.svelte

@@ -12,6 +12,12 @@
 
 	import type {AppSurface, AppSurfaceRoute, AppSurfaceDiagnostic} from '../http/surface.js';
 	import {surface_auth_summary, format_route_key} from '../http/surface_query.js';
+	import {
+		is_keeper_auth,
+		is_plain_authenticated_auth,
+		is_public_auth,
+		is_role_auth,
+	} from '../http/auth_shape.js';
 
 	const {surface}: {surface: AppSurface} = $props();
 
@@ -22,10 +28,26 @@
 
 	const summary = $derived(surface_auth_summary(surface));
 
+	const auth_matches_filter = (
+		auth: AppSurfaceRoute['auth'],
+		filter: (typeof auth_types)[number],
+	): boolean => {
+		switch (filter) {
+			case 'all':
+				return true;
+			case 'none':
+				return is_public_auth(auth);
+			case 'authenticated':
+				return is_plain_authenticated_auth(auth);
+			case 'role':
+				return is_role_auth(auth);
+			case 'keeper':
+				return is_keeper_auth(auth);
+		}
+	};
+
 	const filtered_routes: Array<AppSurfaceRoute> = $derived(
-		auth_filter === 'all'
-			? surface.routes
-			: surface.routes.filter((r) => r.auth.type === auth_filter),
+		surface.routes.filter((r) => auth_matches_filter(r.auth, auth_filter)),
 	);
 
 	let expanded_event: string | null = $state.raw(null);
@@ -39,21 +61,19 @@
 	};
 
 	const format_auth = (auth: AppSurfaceRoute['auth']): string => {
-		if (auth.type === 'role') return `role:${auth.role}`;
-		return auth.type;
+		if (is_public_auth(auth)) return 'none';
+		if (is_keeper_auth(auth)) return 'keeper';
+		if (is_role_auth(auth)) return `role:${auth.roles!.join('|')}`;
+		if (is_plain_authenticated_auth(auth)) return 'authenticated';
+		return 'other';
 	};
 
 	const auth_chip_class = (auth: AppSurfaceRoute['auth']): string => {
-		switch (auth.type) {
-			case 'none':
-				return 'chip color_b';
-			case 'authenticated':
-				return 'chip color_a';
-			case 'role':
-				return 'chip color_d';
-			case 'keeper':
-				return 'chip color_c';
-		}
+		if (is_public_auth(auth)) return 'chip color_b';
+		if (is_keeper_auth(auth)) return 'chip color_c';
+		if (is_role_auth(auth)) return 'chip color_d';
+		if (is_plain_authenticated_auth(auth)) return 'chip color_a';
+		return 'chip';
 	};
 
 	const role_count = $derived(Array.from(summary.role.values()).reduce((sum, n) => sum + n, 0));

package/dist/ui/SurfaceExplorer.svelte.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SurfaceExplorer.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/SurfaceExplorer.svelte"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAC,UAAU,EAAwC,MAAM,oBAAoB,CAAC;AAGzF,KAAK,gBAAgB,GAAI;IAAC,OAAO,EAAE,UAAU,CAAA;CAAC,CAAC;AAwRhD,QAAA,MAAM,eAAe,sDAAwC,CAAC;AAC9D,KAAK,eAAe,GAAG,UAAU,CAAC,OAAO,eAAe,CAAC,CAAC;AAC1D,eAAe,eAAe,CAAC"}
+{"version":3,"file":"SurfaceExplorer.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/SurfaceExplorer.svelte"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAC,UAAU,EAAwC,MAAM,oBAAoB,CAAC;AASzF,KAAK,gBAAgB,GAAI;IAAC,OAAO,EAAE,UAAU,CAAA;CAAC,CAAC;AAuShD,QAAA,MAAM,eAAe,sDAAwC,CAAC;AAC9D,KAAK,eAAe,GAAG,UAAU,CAAC,OAAO,eAAe,CAAC,CAAC;AAC1D,eAAe,eAAe,CAAC"}

package/dist/ui/account_sessions_state.svelte.d.ts

@@ -1,8 +1,7 @@
 /**
  * Reactive state for managing the authenticated account's auth sessions on a
- * settings page. Reads and mutations flow through a narrow RPC adapter; the
- * REST routes that backed this class moved to `auth/account_actions.ts` in the
- * 2026-04-23 RPC migration.
+ * settings page. Reads and mutations flow through a narrow RPC adapter
+ * backed by `auth/account_actions.ts`.
  *
  * @module
  */

package/dist/ui/account_sessions_state.svelte.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account_sessions_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/account_sessions_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,2BAA2B,CAAC;AAE/D;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,kBAAkB;IAClC,IAAI,EAAE,MAAM,OAAO,CAAC;QAAC,QAAQ,EAAE,KAAK,CAAC,eAAe,CAAC,CAAA;KAAC,CAAC,CAAC;IACxD,MAAM,EAAE,CAAC,MAAM,EAAE;QAAC,UAAU,EAAE,MAAM,CAAA;KAAC,KAAK,OAAO,CAAC;QAAC,EAAE,EAAE,IAAI,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAC,CAAC,CAAC;IAChF,UAAU,EAAE,MAAM,OAAO,CAAC;QAAC,EAAE,EAAE,IAAI,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAC,CAAC,CAAC;CACrD;AAED;;;;GAIG;AACH,eAAO,MAAM,4BAA4B;qBAAwB,kBAAkB,GAAG,IAAI;yBAAzB,kBAAkB,GAAG,IAAI,wBAAzB,kBAAkB,GAAG,IAAI;CAEzF,CAAC;AAEF,MAAM,WAAW,2BAA2B;IAC3C;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,kBAAkB,GAAG,IAAI,CAAC;CAC1C;AAED,qBAAa,oBAAqB,SAAQ,QAAQ;;IAGjD,QAAQ,EAAE,KAAK,CAAC,eAAe,CAAC,CAAkB;IAElD,QAAQ,CAAC,YAAY,SAAkC;gBAE3C,OAAO,CAAC,EAAE,2BAA2B;IAKjD,6FAA6F;IAC7F,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAYtB,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAcjC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;CAejC"}
+{"version":3,"file":"account_sessions_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/account_sessions_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,2BAA2B,CAAC;AAE/D;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,kBAAkB;IAClC,IAAI,EAAE,MAAM,OAAO,CAAC;QAAC,QAAQ,EAAE,KAAK,CAAC,eAAe,CAAC,CAAA;KAAC,CAAC,CAAC;IACxD,MAAM,EAAE,CAAC,MAAM,EAAE;QAAC,UAAU,EAAE,MAAM,CAAA;KAAC,KAAK,OAAO,CAAC;QAAC,EAAE,EAAE,IAAI,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAC,CAAC,CAAC;IAChF,UAAU,EAAE,MAAM,OAAO,CAAC;QAAC,EAAE,EAAE,IAAI,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAC,CAAC,CAAC;CACrD;AAED;;;;GAIG;AACH,eAAO,MAAM,4BAA4B;qBAAwB,kBAAkB,GAAG,IAAI;yBAAzB,kBAAkB,GAAG,IAAI,wBAAzB,kBAAkB,GAAG,IAAI;CAEzF,CAAC;AAEF,MAAM,WAAW,2BAA2B;IAC3C;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,kBAAkB,GAAG,IAAI,CAAC;CAC1C;AAED,qBAAa,oBAAqB,SAAQ,QAAQ;;IAGjD,QAAQ,EAAE,KAAK,CAAC,eAAe,CAAC,CAAkB;IAElD,QAAQ,CAAC,YAAY,SAAkC;gBAE3C,OAAO,CAAC,EAAE,2BAA2B;IAKjD,6FAA6F;IAC7F,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAYtB,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAcjC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;CAejC"}

package/dist/ui/account_sessions_state.svelte.js

@@ -1,8 +1,7 @@
 /**
  * Reactive state for managing the authenticated account's auth sessions on a
- * settings page. Reads and mutations flow through a narrow RPC adapter; the
- * REST routes that backed this class moved to `auth/account_actions.ts` in the
- * 2026-04-23 RPC migration.
+ * settings page. Reads and mutations flow through a narrow RPC adapter
+ * backed by `auth/account_actions.ts`.
  *
  * @module
  */

package/dist/ui/admin_accounts_state.svelte.d.ts

@@ -8,18 +8,18 @@ import type { Uuid } from '@fuzdev/fuz_util/id.js';
 import { Loadable } from './loadable.svelte.js';
 import type { AdminAccountEntryJson } from '../auth/account_schema.js';
 import type { RoleName } from '../auth/role_schema.js';
-import type { PermitOfferJson } from '../auth/permit_offer_schema.js';
+import type { RoleGrantOfferJson } from '../auth/role_grant_offer_schema.js';
 import type { AdminAccountListOutput, AdminSessionListOutput, AdminSessionRevokeAllInput, AdminSessionRevokeAllOutput, AdminTokenRevokeAllInput, AdminTokenRevokeAllOutput } from '../auth/admin_action_specs.js';
-import type { PermitOfferCreateInput, PermitOfferCreateOutput, PermitOfferOkOutput, PermitRevokeInput, PermitRevokeOutput } from '../auth/permit_offer_action_specs.js';
+import type { RoleGrantOfferCreateInput, RoleGrantOfferCreateOutput, RoleGrantOfferOkOutput, RoleGrantRevokeInput, RoleGrantRevokeOutput } from '../auth/role_grant_offer_action_specs.js';
 /**
  * Narrow RPC surface consumed by `AdminAccountsState`. Consumers adapt their
  * typed RPC client (e.g. a `create_rpc_client` Proxy) to this shape — the
  * state class stays decoupled from the client's `Result` return type so
- * tests can inject plain-function stubs. Mirrors the `PermitOffersRpc`
+ * tests can inject plain-function stubs. Mirrors the `RoleGrantOffersRpc`
  * pattern.
  *
  * Every operation flows through RPC: the listing reuses `admin_account_list`,
- * grant reuses `permit_offer_create`, revoke and retract have dedicated
+ * grant reuses `role_grant_offer_create`, revoke and retract have dedicated
  * actions, and the session / token revoke-all mutations reuse
  * `admin_session_revoke_all` and `admin_token_revoke_all`. Without the
  * adapter the state class cannot fetch, grant, revoke, retract, or
@@ -33,9 +33,9 @@ import type { PermitOfferCreateInput, PermitOfferCreateOutput, PermitOfferOkOutp
 export interface AdminAccountsRpc {
     list_accounts: () => Promise<AdminAccountListOutput>;
     list_sessions: () => Promise<AdminSessionListOutput>;
-    grant_permit: (params: PermitOfferCreateInput) => Promise<PermitOfferCreateOutput>;
-    revoke_permit: (params: PermitRevokeInput) => Promise<PermitRevokeOutput>;
-    retract_offer: (offer_id: Uuid) => Promise<PermitOfferOkOutput>;
+    create_role_grant: (params: RoleGrantOfferCreateInput) => Promise<RoleGrantOfferCreateOutput>;
+    revoke_role_grant: (params: RoleGrantRevokeInput) => Promise<RoleGrantRevokeOutput>;
+    retract_offer: (offer_id: Uuid) => Promise<RoleGrantOfferOkOutput>;
     session_revoke_all: (params: AdminSessionRevokeAllInput) => Promise<AdminSessionRevokeAllOutput>;
     token_revoke_all: (params: AdminTokenRevokeAllInput) => Promise<AdminTokenRevokeAllOutput>;
 }
@@ -56,7 +56,7 @@ export declare const admin_accounts_rpc_context: {
 export interface AdminAccountsStateOptions {
     /**
      * Reactive accessor for the RPC adapter; returns `null` when unwired.
-     * Matches `PermitOffersStateOptions.account_id` / `actor_id` pattern —
+     * Matches `RoleGrantOffersStateOptions.account_id` / `actor_id` pattern —
      * lets the component pass a `$props()`-sourced rpc without tripping
      * Svelte's `state_referenced_locally` warning.
      */
@@ -78,10 +78,10 @@ export declare class AdminAccountsState extends Loadable {
     get has_rpc(): boolean;
     fetch(): Promise<void>;
     /**
-     * Offer the role to the recipient via the `permit_offer_create` RPC.
+     * Offer the role to the recipient via the `role_grant_offer_create` RPC.
      * Server returns the pending offer; the recipient must accept before
-     * the permit materializes. Returns the offer payload on success so
-     * callers can drive follow-up UX (e.g. seed `PermitOffersState.outgoing`).
+     * the role_grant materializes. Returns the offer payload on success so
+     * callers can drive follow-up UX (e.g. seed `RoleGrantOffersState.outgoing`).
      *
      * A re-offer from the same admin to the same `(account, role)`
      * refreshes the existing pending row — the returned offer id is stable
@@ -97,21 +97,21 @@ export declare class AdminAccountsState extends Loadable {
      * No-op when the rpc adapter is absent; `error` is set to a descriptive
      * message so the UI surfaces the misconfiguration.
      */
-    grant_permit(account_id: Uuid, role: RoleName, to_actor_id?: Uuid | null): Promise<PermitOfferJson | undefined>;
+    create_role_grant(account_id: Uuid, role: RoleName, to_actor_id?: Uuid | null): Promise<RoleGrantOfferJson | undefined>;
     /**
-     * Revoke an active permit via the `permit_revoke` RPC.
+     * Revoke an active role_grant via the `role_grant_revoke` RPC.
      *
-     * `actor_id` is the natural key — permits are actor-scoped, and the
+     * `actor_id` is the natural key — role_grants are actor-scoped, and the
      * admin UI reads `row.actor.id` straight from the listing, so the state
      * class takes it directly rather than deriving it from `account_id`.
-     * The optional `reason` is stamped on `permit.revoked_reason` and
+     * The optional `reason` is stamped on `role_grant.revoked_reason` and
      * surfaced on the revokee's WS notification.
      */
-    revoke_permit(actor_id: Uuid, permit_id: Uuid, reason?: string | null): Promise<void>;
+    revoke_role_grant(actor_id: Uuid, role_grant_id: Uuid, reason?: string | null): Promise<void>;
     /**
-     * Retract a pending offer the admin issued via the `permit_offer_retract`
+     * Retract a pending offer the admin issued via the `role_grant_offer_retract`
      * RPC. The action handles auth, audit, and the
-     * `permit_offer_retracted` WS notification.
+     * `role_grant_offer_retracted` WS notification.
      *
      * After success, refetches the listing so `pending_offers` drops the
      * row and the "+ {role}" button un-hides.

package/dist/ui/admin_accounts_state.svelte.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"admin_accounts_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_accounts_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAC,SAAS,EAAC,MAAM,mBAAmB,CAAC;AAE5C,OAAO,KAAK,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAEjD,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAAC,qBAAqB,EAAC,MAAM,2BAA2B,CAAC;AACrE,OAAO,KAAK,EAAC,QAAQ,EAAC,MAAM,wBAAwB,CAAC;AACrD,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,gCAAgC,CAAC;AACpE,OAAO,KAAK,EACX,sBAAsB,EACtB,sBAAsB,EACtB,0BAA0B,EAC1B,2BAA2B,EAC3B,wBAAwB,EACxB,yBAAyB,EACzB,MAAM,+BAA+B,CAAC;AACvC,OAAO,KAAK,EACX,sBAAsB,EACtB,uBAAuB,EACvB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,MAAM,sCAAsC,CAAC;AAE9C;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,WAAW,gBAAgB;IAChC,aAAa,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACrD,aAAa,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACrD,YAAY,EAAE,CAAC,MAAM,EAAE,sBAAsB,KAAK,OAAO,CAAC,uBAAuB,CAAC,CAAC;IACnF,aAAa,EAAE,CAAC,MAAM,EAAE,iBAAiB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC1E,aAAa,EAAE,CAAC,QAAQ,EAAE,IAAI,KAAK,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAChE,kBAAkB,EAAE,CAAC,MAAM,EAAE,0BAA0B,KAAK,OAAO,CAAC,2BAA2B,CAAC,CAAC;IACjG,gBAAgB,EAAE,CAAC,MAAM,EAAE,wBAAwB,KAAK,OAAO,CAAC,yBAAyB,CAAC,CAAC;CAC3F;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,0BAA0B;qBAAwB,gBAAgB,GAAG,IAAI;yBAAvB,gBAAgB,GAAG,IAAI,wBAAvB,gBAAgB,GAAG,IAAI;CAErF,CAAC;AAEF,MAAM,WAAW,yBAAyB;IACzC;;;;;OAKG;IACH,OAAO,CAAC,EAAE,MAAM,gBAAgB,GAAG,IAAI,CAAC;CACxC;AAED,qBAAa,kBAAmB,SAAQ,QAAQ;;IAG/C,QAAQ,EAAE,KAAK,CAAC,qBAAqB,CAAC,CAAkB;IACxD,eAAe,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAkB;IAClD,QAAQ,CAAC,aAAa,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAC5D,QAAQ,CAAC,YAAY,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAC3D,QAAQ,CAAC,cAAc,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAE7D,QAAQ,CAAC,aAAa,SAAkC;gBAE5C,OAAO,CAAC,EAAE,yBAAyB;IAK/C;;;OAGG;IACH,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAa5B;;;;;;;;;;;;;;;;;;;OAmBG;IACG,YAAY,CACjB,UAAU,EAAE,IAAI,EAChB,IAAI,EAAE,QAAQ,EACd,WAAW,CAAC,EAAE,IAAI,GAAG,IAAI,GACvB,OAAO,CAAC,eAAe,GAAG,SAAS,CAAC;IAyBvC;;;;;;;;OAQG;IACG,aAAa,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAkB3F;;;;;;;OAOG;IACG,aAAa,CAAC,QAAQ,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;CAiBlD"}
+{"version":3,"file":"admin_accounts_state.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/admin_accounts_state.svelte.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAC,SAAS,EAAC,MAAM,mBAAmB,CAAC;AAE5C,OAAO,KAAK,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAEjD,OAAO,EAAC,QAAQ,EAAC,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,EAAC,qBAAqB,EAAC,MAAM,2BAA2B,CAAC;AACrE,OAAO,KAAK,EAAC,QAAQ,EAAC,MAAM,wBAAwB,CAAC;AACrD,OAAO,KAAK,EAAC,kBAAkB,EAAC,MAAM,oCAAoC,CAAC;AAC3E,OAAO,KAAK,EACX,sBAAsB,EACtB,sBAAsB,EACtB,0BAA0B,EAC1B,2BAA2B,EAC3B,wBAAwB,EACxB,yBAAyB,EACzB,MAAM,+BAA+B,CAAC;AACvC,OAAO,KAAK,EACX,yBAAyB,EACzB,0BAA0B,EAC1B,sBAAsB,EACtB,oBAAoB,EACpB,qBAAqB,EACrB,MAAM,0CAA0C,CAAC;AAElD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,WAAW,gBAAgB;IAChC,aAAa,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACrD,aAAa,EAAE,MAAM,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACrD,iBAAiB,EAAE,CAAC,MAAM,EAAE,yBAAyB,KAAK,OAAO,CAAC,0BAA0B,CAAC,CAAC;IAC9F,iBAAiB,EAAE,CAAC,MAAM,EAAE,oBAAoB,KAAK,OAAO,CAAC,qBAAqB,CAAC,CAAC;IACpF,aAAa,EAAE,CAAC,QAAQ,EAAE,IAAI,KAAK,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACnE,kBAAkB,EAAE,CAAC,MAAM,EAAE,0BAA0B,KAAK,OAAO,CAAC,2BAA2B,CAAC,CAAC;IACjG,gBAAgB,EAAE,CAAC,MAAM,EAAE,wBAAwB,KAAK,OAAO,CAAC,yBAAyB,CAAC,CAAC;CAC3F;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,0BAA0B;qBAAwB,gBAAgB,GAAG,IAAI;yBAAvB,gBAAgB,GAAG,IAAI,wBAAvB,gBAAgB,GAAG,IAAI;CAErF,CAAC;AAEF,MAAM,WAAW,yBAAyB;IACzC;;;;;OAKG;IACH,OAAO,CAAC,EAAE,MAAM,gBAAgB,GAAG,IAAI,CAAC;CACxC;AAED,qBAAa,kBAAmB,SAAQ,QAAQ;;IAG/C,QAAQ,EAAE,KAAK,CAAC,qBAAqB,CAAC,CAAkB;IACxD,eAAe,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAkB;IAClD,QAAQ,CAAC,aAAa,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAC5D,QAAQ,CAAC,YAAY,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAC3D,QAAQ,CAAC,cAAc,EAAE,SAAS,CAAC,MAAM,CAAC,CAAmB;IAE7D,QAAQ,CAAC,aAAa,SAAkC;gBAE5C,OAAO,CAAC,EAAE,yBAAyB;IAK/C;;;OAGG;IACH,IAAI,OAAO,IAAI,OAAO,CAErB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAa5B;;;;;;;;;;;;;;;;;;;OAmBG;IACG,iBAAiB,CACtB,UAAU,EAAE,IAAI,EAChB,IAAI,EAAE,QAAQ,EACd,WAAW,CAAC,EAAE,IAAI,GAAG,IAAI,GACvB,OAAO,CAAC,kBAAkB,GAAG,SAAS,CAAC;IAyB1C;;;;;;;;OAQG;IACG,iBAAiB,CACtB,QAAQ,EAAE,IAAI,EACd,aAAa,EAAE,IAAI,EACnB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,GACpB,OAAO,CAAC,IAAI,CAAC;IAkBhB;;;;;;;OAOG;IACG,aAAa,CAAC,QAAQ,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;CAiBlD"}

package/dist/ui/admin_accounts_state.svelte.js

@@ -49,10 +49,10 @@ export class AdminAccountsState extends Loadable {
         });
     }
     /**
-     * Offer the role to the recipient via the `permit_offer_create` RPC.
+     * Offer the role to the recipient via the `role_grant_offer_create` RPC.
      * Server returns the pending offer; the recipient must accept before
-     * the permit materializes. Returns the offer payload on success so
-     * callers can drive follow-up UX (e.g. seed `PermitOffersState.outgoing`).
+     * the role_grant materializes. Returns the offer payload on success so
+     * callers can drive follow-up UX (e.g. seed `RoleGrantOffersState.outgoing`).
      *
      * A re-offer from the same admin to the same `(account, role)`
      * refreshes the existing pending row — the returned offer id is stable
@@ -68,7 +68,7 @@ export class AdminAccountsState extends Loadable {
      * No-op when the rpc adapter is absent; `error` is set to a descriptive
      * message so the UI surfaces the misconfiguration.
      */
-    async grant_permit(account_id, role, to_actor_id) {
+    async create_role_grant(account_id, role, to_actor_id) {
         const rpc = this.#get_rpc();
         if (!rpc) {
             this.error = 'rpc adapter not wired';
@@ -77,7 +77,7 @@ export class AdminAccountsState extends Loadable {
         const key = to_actor_id ? `${account_id}:${role}:${to_actor_id}` : `${account_id}:${role}`;
         this.granting_keys.add(key);
         try {
-            const { offer } = await rpc.grant_permit({
+            const { offer } = await rpc.create_role_grant({
                 to_account_id: account_id,
                 role,
                 ...(to_actor_id ? { to_actor_id } : {}),
@@ -87,7 +87,7 @@ export class AdminAccountsState extends Loadable {
             return offer;
         }
         catch (e) {
-            this.error = e instanceof Error ? e.message : 'Failed to grant permit';
+            this.error = e instanceof Error ? e.message : 'Failed to grant role_grant';
             return undefined;
         }
         finally {
@@ -95,37 +95,37 @@ export class AdminAccountsState extends Loadable {
         }
     }
     /**
-     * Revoke an active permit via the `permit_revoke` RPC.
+     * Revoke an active role_grant via the `role_grant_revoke` RPC.
      *
-     * `actor_id` is the natural key — permits are actor-scoped, and the
+     * `actor_id` is the natural key — role_grants are actor-scoped, and the
      * admin UI reads `row.actor.id` straight from the listing, so the state
      * class takes it directly rather than deriving it from `account_id`.
-     * The optional `reason` is stamped on `permit.revoked_reason` and
+     * The optional `reason` is stamped on `role_grant.revoked_reason` and
      * surfaced on the revokee's WS notification.
      */
-    async revoke_permit(actor_id, permit_id, reason) {
+    async revoke_role_grant(actor_id, role_grant_id, reason) {
         const rpc = this.#get_rpc();
         if (!rpc) {
             this.error = 'rpc adapter not wired';
             return;
         }
-        this.revoking_ids.add(permit_id);
+        this.revoking_ids.add(role_grant_id);
         try {
-            await rpc.revoke_permit({ actor_id, permit_id, reason: reason ?? null });
+            await rpc.revoke_role_grant({ actor_id, role_grant_id, reason: reason ?? null });
             this.error = null;
             await this.fetch();
         }
         catch (e) {
-            this.error = e instanceof Error ? e.message : 'Failed to revoke permit';
+            this.error = e instanceof Error ? e.message : 'Failed to revoke role_grant';
         }
         finally {
-            this.revoking_ids.delete(permit_id);
+            this.revoking_ids.delete(role_grant_id);
         }
     }
     /**
-     * Retract a pending offer the admin issued via the `permit_offer_retract`
+     * Retract a pending offer the admin issued via the `role_grant_offer_retract`
      * RPC. The action handles auth, audit, and the
-     * `permit_offer_retracted` WS notification.
+     * `role_grant_offer_retracted` WS notification.
      *
      * After success, refetches the listing so `pending_offers` drops the
      * row and the "+ {role}" button un-hides.