@fuzdev/fuz_app 0.68.0 → 0.69.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/actions/perform_action.d.ts.map +1 -1
- package/dist/actions/perform_action.js +10 -3
- package/dist/auth/admin_action_specs.d.ts +2 -3
- package/dist/auth/admin_action_specs.d.ts.map +1 -1
- package/dist/auth/admin_action_specs.js +2 -3
- package/dist/auth/admin_actions.d.ts +4 -14
- package/dist/auth/admin_actions.d.ts.map +1 -1
- package/dist/auth/admin_actions.js +28 -36
- package/dist/auth/signup_routes.d.ts +0 -3
- package/dist/auth/signup_routes.d.ts.map +1 -1
- package/dist/auth/signup_routes.js +9 -3
- package/dist/auth/standard_rpc_actions.d.ts +5 -5
- package/dist/auth/standard_rpc_actions.js +4 -4
- package/dist/server/app_server.d.ts +1 -7
- package/dist/server/app_server.d.ts.map +1 -1
- package/dist/server/app_server.js +1 -5
- package/dist/testing/CLAUDE.md +85 -2
- package/dist/testing/app_server.d.ts +34 -0
- package/dist/testing/app_server.d.ts.map +1 -1
- package/dist/testing/app_server.js +31 -6
- package/dist/testing/cross_backend/account_lifecycle.d.ts.map +1 -1
- package/dist/testing/cross_backend/account_lifecycle.js +69 -1
- package/dist/testing/cross_backend/actor_lookup.d.ts +10 -0
- package/dist/testing/cross_backend/actor_lookup.d.ts.map +1 -0
- package/dist/testing/cross_backend/actor_lookup.js +83 -0
- package/dist/testing/cross_backend/actor_search.d.ts +6 -0
- package/dist/testing/cross_backend/actor_search.d.ts.map +1 -0
- package/dist/testing/cross_backend/actor_search.js +92 -0
- package/dist/testing/cross_backend/app_settings.d.ts +6 -0
- package/dist/testing/cross_backend/app_settings.d.ts.map +1 -0
- package/dist/testing/cross_backend/app_settings.js +95 -0
- package/dist/testing/cross_backend/backend_config.d.ts +1 -1
- package/dist/testing/cross_backend/capabilities.d.ts +0 -9
- package/dist/testing/cross_backend/capabilities.d.ts.map +1 -1
- package/dist/testing/cross_backend/capabilities.js +0 -1
- package/dist/testing/cross_backend/cell_grant_role.d.ts +8 -0
- package/dist/testing/cross_backend/cell_grant_role.d.ts.map +1 -0
- package/dist/testing/cross_backend/cell_grant_role.js +102 -0
- package/dist/testing/cross_backend/conformance_case.d.ts +144 -0
- package/dist/testing/cross_backend/conformance_case.d.ts.map +1 -0
- package/dist/testing/cross_backend/conformance_case.js +132 -0
- package/dist/testing/cross_backend/conformance_table.d.ts +46 -0
- package/dist/testing/cross_backend/conformance_table.d.ts.map +1 -0
- package/dist/testing/cross_backend/conformance_table.js +199 -0
- package/dist/testing/cross_backend/default_backend_configs.d.ts.map +1 -1
- package/dist/testing/cross_backend/default_backend_configs.js +0 -2
- package/dist/testing/cross_backend/default_spine_surface.d.ts +17 -9
- package/dist/testing/cross_backend/default_spine_surface.d.ts.map +1 -1
- package/dist/testing/cross_backend/default_spine_surface.js +20 -12
- package/dist/testing/cross_backend/origin.d.ts +10 -0
- package/dist/testing/cross_backend/origin.d.ts.map +1 -0
- package/dist/testing/cross_backend/origin.js +73 -0
- package/dist/testing/cross_backend/setup.d.ts +22 -40
- package/dist/testing/cross_backend/setup.d.ts.map +1 -1
- package/dist/testing/cross_backend/setup.js +34 -5
- package/dist/testing/cross_backend/testing_reset_actions.d.ts +90 -2
- package/dist/testing/cross_backend/testing_reset_actions.d.ts.map +1 -1
- package/dist/testing/cross_backend/testing_reset_actions.js +91 -3
- package/dist/testing/cross_backend/xfail.d.ts +15 -0
- package/dist/testing/cross_backend/xfail.d.ts.map +1 -0
- package/dist/testing/cross_backend/xfail.js +37 -0
- package/dist/testing/integration.d.ts +2 -3
- package/dist/testing/integration.d.ts.map +1 -1
- package/dist/testing/integration.js +20 -85
- package/dist/testing/rate_limiting.d.ts +1 -1
- package/dist/testing/rpc_helpers.d.ts +3 -3
- package/dist/testing/sse_round_trip.d.ts +1 -1
- package/dist/testing/stubs.d.ts.map +1 -1
- package/dist/testing/stubs.js +0 -1
- package/dist/ui/AdminAccounts.svelte +74 -83
- package/dist/ui/AdminAccounts.svelte.d.ts.map +1 -1
- package/dist/ui/AdminSessions.svelte +21 -23
- package/dist/ui/AdminSessions.svelte.d.ts.map +1 -1
- package/dist/ui/CLAUDE.md +17 -26
- package/dist/ui/OpenSignupToggle.svelte +2 -5
- package/dist/ui/OpenSignupToggle.svelte.d.ts.map +1 -1
- package/dist/ui/account_sessions_state.svelte.d.ts +9 -10
- package/dist/ui/account_sessions_state.svelte.d.ts.map +1 -1
- package/dist/ui/account_sessions_state.svelte.js +7 -17
- package/dist/ui/admin_accounts_state.svelte.d.ts +12 -19
- package/dist/ui/admin_accounts_state.svelte.d.ts.map +1 -1
- package/dist/ui/admin_accounts_state.svelte.js +10 -24
- package/dist/ui/admin_invites_state.svelte.d.ts +8 -11
- package/dist/ui/admin_invites_state.svelte.d.ts.map +1 -1
- package/dist/ui/admin_invites_state.svelte.js +7 -16
- package/dist/ui/admin_sessions_state.svelte.d.ts +6 -10
- package/dist/ui/admin_sessions_state.svelte.d.ts.map +1 -1
- package/dist/ui/admin_sessions_state.svelte.js +4 -14
- package/dist/ui/app_settings_state.svelte.d.ts +8 -12
- package/dist/ui/app_settings_state.svelte.d.ts.map +1 -1
- package/dist/ui/app_settings_state.svelte.js +6 -16
- package/dist/ui/audit_log_state.svelte.d.ts +9 -8
- package/dist/ui/audit_log_state.svelte.d.ts.map +1 -1
- package/dist/ui/audit_log_state.svelte.js +8 -20
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"perform_action.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/actions/perform_action.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AAGH,OAAO,KAAK,EAAC,MAAM,EAAC,MAAM,yBAAyB,CAAC;AACpD,OAAO,KAAK,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAEjD,OAAO,EAGN,KAAK,cAAc,EACnB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAC,KAAK,cAAc,EAAC,MAAM,oBAAoB,CAAC;AACvD,OAAO,KAAK,EAAC,EAAE,EAAC,MAAM,aAAa,CAAC;AAEpC,OAAO,EAEN,KAAK,gBAAgB,EAErB,KAAK,kBAAkB,EACvB,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"perform_action.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/actions/perform_action.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AAGH,OAAO,KAAK,EAAC,MAAM,EAAC,MAAM,yBAAyB,CAAC;AACpD,OAAO,KAAK,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAEjD,OAAO,EAGN,KAAK,cAAc,EACnB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAC,KAAK,cAAc,EAAC,MAAM,oBAAoB,CAAC;AACvD,OAAO,KAAK,EAAC,EAAE,EAAC,MAAM,aAAa,CAAC;AAEpC,OAAO,EAEN,KAAK,gBAAgB,EAErB,KAAK,kBAAkB,EACvB,MAAM,oBAAoB,CAAC;AAY5B,OAAO,KAAK,EAAC,WAAW,EAAC,MAAM,oBAAoB,CAAC;AAEpD,OAAO,KAAK,EAA+B,SAAS,EAAC,MAAM,iBAAiB,CAAC;AAE7E;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IAClC,kEAAkE;IAClE,MAAM,EAAE,SAAS,CAAC;IAClB,mGAAmG;IACnG,UAAU,EAAE,OAAO,CAAC;IACpB,sDAAsD;IACtD,UAAU,EAAE,gBAAgB,CAAC;IAC7B,yDAAyD;IACzD,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,uEAAuE;IACvE,eAAe,EAAE,cAAc,GAAG,IAAI,CAAC;IACvC,qEAAqE;IACrE,SAAS,EAAE,MAAM,CAAC;IAClB,oGAAoG;IACpG,MAAM,EAAE,WAAW,CAAC;IACpB,sFAAsF;IACtF,MAAM,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,KAAK,IAAI,CAAC;IAClD,uDAAuD;IACvD,aAAa,CAAC,EAAE,IAAI,CAAC;IACrB;;;;OAIG;IACH,MAAM,CAAC,EAAE;QAAC,eAAe,EAAE,cAAc,GAAG,IAAI,CAAA;KAAC,CAAC;CAClD;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,iBAAiB;IACjC,gGAAgG;IAChG,EAAE,EAAE,EAAE,CAAC;IACP;;;OAGG;IACH,eAAe,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IACtC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IACvD,gDAAgD;IAChD,GAAG,EAAE,MAAM,CAAC;IACZ,kEAAkE;IAClE,sBAAsB,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,uEAAuE;IACvE,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;CAChD;AAED;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,GAC5B;IAAC,IAAI,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,OAAO,CAAA;CAAC,GAC7B;IAAC,IAAI,EAAE,OAAO,CAAC;IAAC,KAAK,EAAE,kBAAkB,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAC,CAAC;AAE9D;;;;;;;;;GASG;AACH,eAAO,MAAM,cAAc,GAC1B,OAAO,kBAAkB,EACzB,MAAM,iBAAiB,KACrB,OAAO,CAAC,mBAAmB,CAwJ7B,CAAC;AAoFF;;;GAGG;AACH,eAAO,MAAM,iCAAiC,GAC7C,IAAI,gBAAgB,EACpB,QAAQ,mBAAmB,KACzB;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,gBAAgB,CAAA;CAAC,GAAG,CAAC;IAAC,MAAM,EAAE,OAAO,CAAA;CAAC,GAAG;IAAC,KAAK,EAAE,kBAAkB,CAAA;CAAC,CAK5F,CAAC"}
|
|
@@ -43,7 +43,7 @@ import {} from '../hono_context.js';
|
|
|
43
43
|
import { is_void_schema } from '../http/schema_helpers.js';
|
|
44
44
|
import { JSONRPC_VERSION, } from '../http/jsonrpc.js';
|
|
45
45
|
import { jsonrpc_error_messages, jsonrpc_error_code_to_http_status, http_status_to_jsonrpc_error_code, JSONRPC_ERROR_CODES, } from '../http/jsonrpc_errors.js';
|
|
46
|
-
import { ERROR_INSUFFICIENT_PERMISSIONS, ERROR_CREDENTIAL_TYPE_REQUIRED, } from '../http/error_schemas.js';
|
|
46
|
+
import { ERROR_AUTHENTICATION_REQUIRED, ERROR_INSUFFICIENT_PERMISSIONS, ERROR_CREDENTIAL_TYPE_REQUIRED, } from '../http/error_schemas.js';
|
|
47
47
|
import { is_public_auth } from '../http/auth_shape.js';
|
|
48
48
|
/**
|
|
49
49
|
* The shared dispatch core. Pure data — no Hono context, no socket. Each
|
|
@@ -208,8 +208,15 @@ const rate_limited_result = (retry_after) => {
|
|
|
208
208
|
*/
|
|
209
209
|
const check_action_auth_pre_validation = (auth, account_id) => {
|
|
210
210
|
if (auth.account === 'required' || auth.actor === 'required') {
|
|
211
|
-
if (account_id == null)
|
|
212
|
-
|
|
211
|
+
if (account_id == null) {
|
|
212
|
+
// Carry the reason on `error.data.reason` (symmetric with the 403
|
|
213
|
+
// credential / role gates) so a 401 can be asserted on reason, not
|
|
214
|
+
// just status. The reason is generic — it leaks nothing about
|
|
215
|
+
// whether a credential was present or what the route demanded.
|
|
216
|
+
return jsonrpc_error_messages.unauthenticated('unauthenticated', {
|
|
217
|
+
reason: ERROR_AUTHENTICATION_REQUIRED,
|
|
218
|
+
});
|
|
219
|
+
}
|
|
213
220
|
}
|
|
214
221
|
return null;
|
|
215
222
|
};
|
|
@@ -810,9 +810,8 @@ export declare const app_settings_update_action_spec: {
|
|
|
810
810
|
/**
|
|
811
811
|
* All admin action specs — a codegen-ready registry. Consumers spread this
|
|
812
812
|
* into their own action-spec array to include admin methods in a typed
|
|
813
|
-
* client surface.
|
|
814
|
-
* factory
|
|
815
|
-
* is provided.
|
|
813
|
+
* client surface. Includes the two app-settings specs, whose handlers the
|
|
814
|
+
* runtime factory always wires.
|
|
816
815
|
*/
|
|
817
816
|
export declare const all_admin_action_specs: Array<RequestResponseActionSpec>;
|
|
818
817
|
//# sourceMappingURL=admin_action_specs.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"admin_action_specs.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/admin_action_specs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAGtB,OAAO,KAAK,EAAC,yBAAyB,EAAC,MAAM,2BAA2B,CAAC;AAiBzE,+BAA+B;AAC/B,eAAO,MAAM,wBAAwB,MAAM,CAAC;AAE5C,8CAA8C;AAC9C,eAAO,MAAM,gCAAgC,KAAK,CAAC;AACnD,0CAA0C;AAC1C,eAAO,MAAM,4BAA4B,MAAM,CAAC;AAIhD,sCAAsC;AACtC,eAAO,MAAM,qBAAqB;;;;;mBAkBrB,CAAC;AACd,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAE1E,uCAAuC;AACvC,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAGjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,sCAAsC;AACtC,eAAO,MAAM,qBAAqB;;mBAIrB,CAAC;AACd,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAE1E,mGAAmG;AACnG,eAAO,MAAM,sBAAsB;;;;;;;;;kBAEjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,4CAA4C;AAC5C,eAAO,MAAM,0BAA0B;;;kBAGrC,CAAC;AACH,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAEpF,6CAA6C;AAC7C,eAAO,MAAM,2BAA2B;;;kBAGtC,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,2BAA2B,CAAC,CAAC;AAEtF,0CAA0C;AAC1C,eAAO,MAAM,wBAAwB;;;kBAGnC,CAAC;AACH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAEhF,2CAA2C;AAC3C,eAAO,MAAM,yBAAyB;;;kBAGpC,CAAC;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAElF;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;mBAyBjB,CAAC;AACd,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,mCAAmC;AACnC,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;kBAE7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,gDAAgD;AAChD,eAAO,MAAM,6BAA6B;;;;mBAc7B,CAAC;AACd,MAAM,MAAM,6BAA6B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,6BAA6B,CAAC,CAAC;AAE1F,iDAAiD;AACjD,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;kBAEzC,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AAE5F,wFAAwF;AACxF,eAAO,MAAM,iBAAiB;;;;kBAS3B,CAAC;AACJ,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,kCAAkC;AAClC,eAAO,MAAM,kBAAkB;;;;;;;;;;;kBAG7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,+BAA+B;AAC/B,eAAO,MAAM,eAAe;;mBAIf,CAAC;AACd,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAE9D,2FAA2F;AAC3F,eAAO,MAAM,gBAAgB;;;;;;;;;;;;kBAE3B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAEhE,iCAAiC;AACjC,eAAO,MAAM,iBAAiB;;;kBAG5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,kCAAkC;AAClC,eAAO,MAAM,kBAAkB;;kBAE7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,oCAAoC;AACpC,eAAO,MAAM,mBAAmB;;mBAInB,CAAC;AACd,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEtE,qCAAqC;AACrC,eAAO,MAAM,oBAAoB;;;;;;;kBAE/B,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAExE,uCAAuC;AACvC,eAAO,MAAM,sBAAsB;;;kBAGjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,wCAAwC;AACxC,eAAO,MAAM,uBAAuB;;;;;;;;kBAGlC,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAE9E;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,EAAG,qBAA8B,CAAC;AAExE;;;;;;;;;GASG;AACH,eAAO,MAAM,0BAA0B,EAAG,sBAA+B,CAAC;AAE1E;;;;;;;;;GASG;AACH,eAAO,MAAM,8BAA8B,EAAG,0BAAmC,CAAC;AAElF;;;;;GAKG;AACH,eAAO,MAAM,kBAAkB;;;mBAOlB,CAAC;AACd,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,mCAAmC;AACnC,eAAO,MAAM,mBAAmB;;;kBAG9B,CAAC;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEtE,0EAA0E;AAC1E,eAAO,MAAM,iBAAiB;;;;kBAM5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,kCAAkC;AAClC,eAAO,MAAM,kBAAkB;;;kBAG7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB;;;kBAG/B,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAExE,qCAAqC;AACrC,eAAO,MAAM,qBAAqB;;;kBAGhC,CAAC;AACH,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAI1E;;;;;GAKG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWN,CAAC;AAEtC;;;;GAIG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;;;CAWN,CAAC;AAEtC,eAAO,MAAM,oCAAoC;;;;;;;;;;;;;;;;;;;;;CAWZ,CAAC;AAEtC,eAAO,MAAM,kCAAkC;;;;;;;;;;;;;;;;;;;;;CAWV,CAAC;AAEtC;;;;;;;GAOG;AACH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWF,CAAC;AAEtC;;;;GAIG;AACH,eAAO,MAAM,wCAAwC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWhB,CAAC;AAEtC,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWD,CAAC;AAEtC;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWC,CAAC;AAEtC,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;CAWD,CAAC;AAEtC;;;;;;GAMG;AACH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;CAYF,CAAC;AAEtC;;;;;;GAMG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;CAiBD,CAAC;AAEtC;;;;;;;GAOG;AACH,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;;;CAYJ,CAAC;AAEtC,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;;;;;CAUJ,CAAC;AAEtC,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;CAWP,CAAC;AAEtC
|
|
1
|
+
{"version":3,"file":"admin_action_specs.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/admin_action_specs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAGtB,OAAO,KAAK,EAAC,yBAAyB,EAAC,MAAM,2BAA2B,CAAC;AAiBzE,+BAA+B;AAC/B,eAAO,MAAM,wBAAwB,MAAM,CAAC;AAE5C,8CAA8C;AAC9C,eAAO,MAAM,gCAAgC,KAAK,CAAC;AACnD,0CAA0C;AAC1C,eAAO,MAAM,4BAA4B,MAAM,CAAC;AAIhD,sCAAsC;AACtC,eAAO,MAAM,qBAAqB;;;;;mBAkBrB,CAAC;AACd,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAE1E,uCAAuC;AACvC,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAGjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,sCAAsC;AACtC,eAAO,MAAM,qBAAqB;;mBAIrB,CAAC;AACd,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAE1E,mGAAmG;AACnG,eAAO,MAAM,sBAAsB;;;;;;;;;kBAEjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,4CAA4C;AAC5C,eAAO,MAAM,0BAA0B;;;kBAGrC,CAAC;AACH,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAEpF,6CAA6C;AAC7C,eAAO,MAAM,2BAA2B;;;kBAGtC,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,2BAA2B,CAAC,CAAC;AAEtF,0CAA0C;AAC1C,eAAO,MAAM,wBAAwB;;;kBAGnC,CAAC;AACH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAEhF,2CAA2C;AAC3C,eAAO,MAAM,yBAAyB;;;kBAGpC,CAAC;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAElF;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;mBAyBjB,CAAC;AACd,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,mCAAmC;AACnC,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;kBAE7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,gDAAgD;AAChD,eAAO,MAAM,6BAA6B;;;;mBAc7B,CAAC;AACd,MAAM,MAAM,6BAA6B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,6BAA6B,CAAC,CAAC;AAE1F,iDAAiD;AACjD,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;kBAEzC,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AAE5F,wFAAwF;AACxF,eAAO,MAAM,iBAAiB;;;;kBAS3B,CAAC;AACJ,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,kCAAkC;AAClC,eAAO,MAAM,kBAAkB;;;;;;;;;;;kBAG7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,+BAA+B;AAC/B,eAAO,MAAM,eAAe;;mBAIf,CAAC;AACd,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAE9D,2FAA2F;AAC3F,eAAO,MAAM,gBAAgB;;;;;;;;;;;;kBAE3B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAEhE,iCAAiC;AACjC,eAAO,MAAM,iBAAiB;;;kBAG5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,kCAAkC;AAClC,eAAO,MAAM,kBAAkB;;kBAE7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,oCAAoC;AACpC,eAAO,MAAM,mBAAmB;;mBAInB,CAAC;AACd,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEtE,qCAAqC;AACrC,eAAO,MAAM,oBAAoB;;;;;;;kBAE/B,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAExE,uCAAuC;AACvC,eAAO,MAAM,sBAAsB;;;kBAGjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,wCAAwC;AACxC,eAAO,MAAM,uBAAuB;;;;;;;;kBAGlC,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAE9E;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,EAAG,qBAA8B,CAAC;AAExE;;;;;;;;;GASG;AACH,eAAO,MAAM,0BAA0B,EAAG,sBAA+B,CAAC;AAE1E;;;;;;;;;GASG;AACH,eAAO,MAAM,8BAA8B,EAAG,0BAAmC,CAAC;AAElF;;;;;GAKG;AACH,eAAO,MAAM,kBAAkB;;;mBAOlB,CAAC;AACd,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,mCAAmC;AACnC,eAAO,MAAM,mBAAmB;;;kBAG9B,CAAC;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEtE,0EAA0E;AAC1E,eAAO,MAAM,iBAAiB;;;;kBAM5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,kCAAkC;AAClC,eAAO,MAAM,kBAAkB;;;kBAG7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB;;;kBAG/B,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAExE,qCAAqC;AACrC,eAAO,MAAM,qBAAqB;;;kBAGhC,CAAC;AACH,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAI1E;;;;;GAKG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWN,CAAC;AAEtC;;;;GAIG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;;;CAWN,CAAC;AAEtC,eAAO,MAAM,oCAAoC;;;;;;;;;;;;;;;;;;;;;CAWZ,CAAC;AAEtC,eAAO,MAAM,kCAAkC;;;;;;;;;;;;;;;;;;;;;CAWV,CAAC;AAEtC;;;;;;;GAOG;AACH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWF,CAAC;AAEtC;;;;GAIG;AACH,eAAO,MAAM,wCAAwC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWhB,CAAC;AAEtC,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWD,CAAC;AAEtC;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAWC,CAAC;AAEtC,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;CAWD,CAAC;AAEtC;;;;;;GAMG;AACH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;CAYF,CAAC;AAEtC;;;;;;GAMG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;CAiBD,CAAC;AAEtC;;;;;;;GAOG;AACH,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;;;CAYJ,CAAC;AAEtC,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;;;;;CAUJ,CAAC;AAEtC,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;CAWP,CAAC;AAEtC;;;;;GAKG;AACH,eAAO,MAAM,sBAAsB,EAAE,KAAK,CAAC,yBAAyB,CAenE,CAAC"}
|
|
@@ -499,9 +499,8 @@ export const app_settings_update_action_spec = {
|
|
|
499
499
|
/**
|
|
500
500
|
* All admin action specs — a codegen-ready registry. Consumers spread this
|
|
501
501
|
* into their own action-spec array to include admin methods in a typed
|
|
502
|
-
* client surface.
|
|
503
|
-
* factory
|
|
504
|
-
* is provided.
|
|
502
|
+
* client surface. Includes the two app-settings specs, whose handlers the
|
|
503
|
+
* runtime factory always wires.
|
|
505
504
|
*/
|
|
506
505
|
export const all_admin_action_specs = [
|
|
507
506
|
admin_account_list_action_spec,
|
|
@@ -7,9 +7,10 @@
|
|
|
7
7
|
* `admin_session_revoke_all`, `admin_token_revoke_all`.
|
|
8
8
|
* - Audit log reads: `audit_log_list`, `audit_log_role_grant_history`.
|
|
9
9
|
* - Invite CRUD: `invite_create`, `invite_list`, `invite_delete`.
|
|
10
|
-
* - App settings: `app_settings_get`, `app_settings_update
|
|
11
|
-
*
|
|
12
|
-
*
|
|
10
|
+
* - App settings: `app_settings_get`, `app_settings_update`. The update
|
|
11
|
+
* handler writes the `app_settings` row in the database; signup reads the
|
|
12
|
+
* `open_signup` toggle fresh from that row on every request, so no
|
|
13
|
+
* in-memory state is shared between this surface and signup.
|
|
13
14
|
*
|
|
14
15
|
* The action specs themselves live in `auth/admin_action_specs.ts`. Mutations
|
|
15
16
|
* emit matching audit events via `deps.audit.emit`.
|
|
@@ -30,7 +31,6 @@
|
|
|
30
31
|
import { type RpcAction } from '../actions/action_rpc.js';
|
|
31
32
|
import type { ConnectionCloser } from '../actions/connection_closer.js';
|
|
32
33
|
import { type RoleSchemaResult } from './role_schema.js';
|
|
33
|
-
import { type AppSettings } from './app_settings_schema.js';
|
|
34
34
|
import type { RouteFactoryDeps } from './deps.js';
|
|
35
35
|
/** Options for `create_admin_actions`. */
|
|
36
36
|
export interface AdminActionOptions {
|
|
@@ -41,15 +41,6 @@ export interface AdminActionOptions {
|
|
|
41
41
|
* `admin_account_list`.
|
|
42
42
|
*/
|
|
43
43
|
roles?: RoleSchemaResult;
|
|
44
|
-
/**
|
|
45
|
-
* Mutable in-memory app settings ref — typically `ctx.app_settings` from
|
|
46
|
-
* `AppServerContext`. When provided, the factory wires the
|
|
47
|
-
* `app_settings_get` and `app_settings_update` handlers; the update
|
|
48
|
-
* handler mutates this ref so signup middleware reads the new value
|
|
49
|
-
* without a DB round trip. When omitted, those two methods have no
|
|
50
|
-
* handler and RPC dispatch returns `method_not_found`.
|
|
51
|
-
*/
|
|
52
|
-
app_settings?: AppSettings;
|
|
53
44
|
/**
|
|
54
45
|
* Live-connection closer — when set, `admin_session_revoke_all` and
|
|
55
46
|
* `admin_token_revoke_all` handlers eagerly close affected WebSocket
|
|
@@ -70,7 +61,6 @@ export interface AdminActionOptions {
|
|
|
70
61
|
* optional `AuditLogConfig`.
|
|
71
62
|
* @param options - role schema for `grantable_roles` derivation
|
|
72
63
|
* @returns the `RpcAction` array to spread into a `create_rpc_endpoint` call
|
|
73
|
-
* @mutates `options.app_settings` ref - `app_settings_update` writes `open_signup`, `updated_at`, and `updated_by` so signup middleware reads without a DB round trip
|
|
74
64
|
*/
|
|
75
65
|
export declare const create_admin_actions: (deps: Pick<RouteFactoryDeps, "log" | "audit">, options?: AdminActionOptions) => Array<RpcAction>;
|
|
76
66
|
//# sourceMappingURL=admin_actions.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"admin_actions.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/admin_actions.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"admin_actions.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/admin_actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,EAAsC,KAAK,SAAS,EAAC,MAAM,0BAA0B,CAAC;AAC7F,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,iCAAiC,CAAC;AAEtE,OAAO,EAKN,KAAK,gBAAgB,EACrB,MAAM,kBAAkB,CAAC;AAyC1B,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,WAAW,CAAC;AA0DhD,0CAA0C;AAC1C,MAAM,WAAW,kBAAkB;IAClC;;;;;OAKG;IACH,KAAK,CAAC,EAAE,gBAAgB,CAAC;IACzB;;;;;;;;OAQG;IACH,iBAAiB,CAAC,EAAE,gBAAgB,GAAG,IAAI,CAAC;CAC5C;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,oBAAoB,GAChC,MAAM,IAAI,CAAC,gBAAgB,EAAE,KAAK,GAAG,OAAO,CAAC,EAC7C,UAAS,kBAAuB,KAC9B,KAAK,CAAC,SAAS,CAqfjB,CAAC"}
|
|
@@ -7,9 +7,10 @@
|
|
|
7
7
|
* `admin_session_revoke_all`, `admin_token_revoke_all`.
|
|
8
8
|
* - Audit log reads: `audit_log_list`, `audit_log_role_grant_history`.
|
|
9
9
|
* - Invite CRUD: `invite_create`, `invite_list`, `invite_delete`.
|
|
10
|
-
* - App settings: `app_settings_get`, `app_settings_update
|
|
11
|
-
*
|
|
12
|
-
*
|
|
10
|
+
* - App settings: `app_settings_get`, `app_settings_update`. The update
|
|
11
|
+
* handler writes the `app_settings` row in the database; signup reads the
|
|
12
|
+
* `open_signup` toggle fresh from that row on every request, so no
|
|
13
|
+
* in-memory state is shared between this surface and signup.
|
|
13
14
|
*
|
|
14
15
|
* The action specs themselves live in `auth/admin_action_specs.ts`. Mutations
|
|
15
16
|
* emit matching audit events via `deps.audit.emit`.
|
|
@@ -39,8 +40,7 @@ import { query_revoke_all_api_tokens_for_account } from './api_token_queries.js'
|
|
|
39
40
|
import { query_audit_log_list_role_grant_history, query_audit_log_list_with_usernames, } from './audit_log_queries.js';
|
|
40
41
|
import { AUDIT_LOG_DEFAULT_LIMIT } from './audit_log_schema.js';
|
|
41
42
|
import { query_create_invite, query_invite_delete_unclaimed, query_invite_list_all_with_usernames, } from './invite_queries.js';
|
|
42
|
-
import {} from './
|
|
43
|
-
import { query_app_settings_load_with_username, query_app_settings_update, } from './app_settings_queries.js';
|
|
43
|
+
import { query_app_settings_load, query_app_settings_load_with_username, query_app_settings_update, } from './app_settings_queries.js';
|
|
44
44
|
import { is_pg_unique_violation } from '../db/pg_error.js';
|
|
45
45
|
import { ERROR_ACCOUNT_NOT_FOUND, ERROR_INSUFFICIENT_PERMISSIONS, ERROR_INVITE_ACCOUNT_EXISTS_EMAIL, ERROR_INVITE_ACCOUNT_EXISTS_USERNAME, ERROR_INVITE_DUPLICATE, ERROR_INVITE_NOT_FOUND, } from '../http/error_schemas.js';
|
|
46
46
|
import { admin_account_list_action_spec, admin_session_list_action_spec, admin_session_revoke_all_action_spec, admin_token_revoke_all_action_spec, audit_log_list_action_spec, audit_log_role_grant_history_action_spec, invite_create_action_spec, invite_list_action_spec, invite_delete_action_spec, account_delete_action_spec, account_purge_action_spec, account_undelete_action_spec, app_settings_get_action_spec, app_settings_update_action_spec, ERROR_PURGE_NOT_CONFIRMED, ERROR_CANNOT_DELETE_KEEPER, ERROR_CANNOT_DELETE_LAST_ADMIN, } from './admin_action_specs.js';
|
|
@@ -53,7 +53,6 @@ import { admin_account_list_action_spec, admin_session_list_action_spec, admin_s
|
|
|
53
53
|
* optional `AuditLogConfig`.
|
|
54
54
|
* @param options - role schema for `grantable_roles` derivation
|
|
55
55
|
* @returns the `RpcAction` array to spread into a `create_rpc_endpoint` call
|
|
56
|
-
* @mutates `options.app_settings` ref - `app_settings_update` writes `open_signup`, `updated_at`, and `updated_by` so signup middleware reads without a DB round trip
|
|
57
56
|
*/
|
|
58
57
|
export const create_admin_actions = (deps, options = {}) => {
|
|
59
58
|
const role_specs = options.roles?.role_specs ?? builtin_role_specs_by_name;
|
|
@@ -453,35 +452,28 @@ export const create_admin_actions = (deps, options = {}) => {
|
|
|
453
452
|
rpc_action(invite_list_action_spec, invite_list_handler),
|
|
454
453
|
rpc_action(invite_delete_action_spec, invite_delete_handler),
|
|
455
454
|
];
|
|
456
|
-
const
|
|
457
|
-
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
475
|
-
|
|
476
|
-
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
},
|
|
480
|
-
});
|
|
481
|
-
const settings = await query_app_settings_load_with_username(ctx);
|
|
482
|
-
return { ok: true, settings };
|
|
483
|
-
};
|
|
484
|
-
actions.push(rpc_action(app_settings_get_action_spec, app_settings_get_handler), rpc_action(app_settings_update_action_spec, app_settings_update_handler));
|
|
485
|
-
}
|
|
455
|
+
const app_settings_get_handler = async (_input, ctx) => {
|
|
456
|
+
const settings = await query_app_settings_load_with_username(ctx);
|
|
457
|
+
return { settings };
|
|
458
|
+
};
|
|
459
|
+
const app_settings_update_handler = async (input, ctx) => {
|
|
460
|
+
const auth = ctx.auth;
|
|
461
|
+
// Read the prior value for the audit row before writing the new one.
|
|
462
|
+
const { open_signup: old_value } = await query_app_settings_load(ctx);
|
|
463
|
+
await query_app_settings_update(ctx, input.open_signup, auth.actor.id);
|
|
464
|
+
deps.audit.emit(ctx, {
|
|
465
|
+
event_type: 'app_settings_update',
|
|
466
|
+
account_id: auth.account.id,
|
|
467
|
+
ip: ctx.client_ip,
|
|
468
|
+
metadata: {
|
|
469
|
+
setting: 'open_signup',
|
|
470
|
+
old_value,
|
|
471
|
+
new_value: input.open_signup,
|
|
472
|
+
},
|
|
473
|
+
});
|
|
474
|
+
const settings = await query_app_settings_load_with_username(ctx);
|
|
475
|
+
return { ok: true, settings };
|
|
476
|
+
};
|
|
477
|
+
actions.push(rpc_action(app_settings_get_action_spec, app_settings_get_handler), rpc_action(app_settings_update_action_spec, app_settings_update_handler));
|
|
486
478
|
return actions;
|
|
487
479
|
};
|
|
@@ -11,7 +11,6 @@ import { z } from 'zod';
|
|
|
11
11
|
import { type RouteSpec } from '../http/route_spec.js';
|
|
12
12
|
import { type RateLimiter } from '../rate_limiter.js';
|
|
13
13
|
import type { RouteFactoryDeps } from './deps.js';
|
|
14
|
-
import type { AppSettings } from './app_settings_schema.js';
|
|
15
14
|
import type { AuthSessionRouteOptions } from './account_routes.js';
|
|
16
15
|
/**
|
|
17
16
|
* Default minimum wall-clock time (ms) for a signup denial (403 / 409) response.
|
|
@@ -40,8 +39,6 @@ export declare const DEFAULT_SIGNUP_FAIL_JITTER_MS = 25;
|
|
|
40
39
|
export interface SignupRouteOptions extends AuthSessionRouteOptions {
|
|
41
40
|
/** Rate limiter for signup attempts, keyed by submitted username. Pass `null` to disable. */
|
|
42
41
|
signup_account_rate_limiter: RateLimiter | null;
|
|
43
|
-
/** Mutable ref to app settings — when `open_signup` is true, invite check is skipped. */
|
|
44
|
-
app_settings: AppSettings;
|
|
45
42
|
/**
|
|
46
43
|
* Minimum wall-clock time (ms) for signup denial responses (403 / 409).
|
|
47
44
|
* Set to `0` or a negative number to disable (e.g., in tests). Default
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signup_routes.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/signup_routes.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"signup_routes.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/signup_routes.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AActB,OAAO,EAAkB,KAAK,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAEtE,OAAO,EAA+B,KAAK,WAAW,EAAC,MAAM,oBAAoB,CAAC;AAClF,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,WAAW,CAAC;AAQhD,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,qBAAqB,CAAC;AAEjE;;;;;;;;;;GAUG;AACH,eAAO,MAAM,4BAA4B,MAAM,CAAC;AAEhD;;;;;;;GAOG;AACH,eAAO,MAAM,6BAA6B,KAAK,CAAC;AAQhD;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,uBAAuB;IAClE,6FAA6F;IAC7F,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAID,0FAA0F;AAC1F,eAAO,MAAM,WAAW;;;;kBAItB,CAAC;AACH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,WAAW,CAAC,CAAC;AAEtD;;;;;;GAMG;AACH,eAAO,MAAM,YAAY;;;;;;;;;kBAIvB,CAAC;AACH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAExD;;;;;;GAMG;AACH,eAAO,MAAM,yBAAyB,GACrC,MAAM,gBAAgB,EACtB,SAAS,kBAAkB,KACzB,KAAK,CAAC,SAAS,CAwLjB,CAAC"}
|
|
@@ -11,6 +11,7 @@ import { z } from 'zod';
|
|
|
11
11
|
import { Uuid } from '@fuzdev/fuz_util/id.js';
|
|
12
12
|
import { create_session_and_set_cookie } from './session_middleware.js';
|
|
13
13
|
import { query_create_account_with_actor } from './account_queries.js';
|
|
14
|
+
import { query_app_settings_load } from './app_settings_queries.js';
|
|
14
15
|
import { query_invite_find_unclaimed_match_for_update, query_invite_claim_unscoped, } from './invite_queries.js';
|
|
15
16
|
import { Username, Email } from '../primitive_schemas.js';
|
|
16
17
|
import { Password } from './password.js';
|
|
@@ -74,7 +75,7 @@ export const SignupOutput = z.strictObject({
|
|
|
74
75
|
*/
|
|
75
76
|
export const create_signup_route_specs = (deps, options) => {
|
|
76
77
|
const { keyring, password } = deps;
|
|
77
|
-
const { session_options, ip_rate_limiter, signup_account_rate_limiter,
|
|
78
|
+
const { session_options, ip_rate_limiter, signup_account_rate_limiter, signup_fail_floor_ms = DEFAULT_SIGNUP_FAIL_FLOOR_MS, signup_fail_jitter_ms = DEFAULT_SIGNUP_FAIL_JITTER_MS, } = options;
|
|
78
79
|
return [
|
|
79
80
|
{
|
|
80
81
|
method: 'POST',
|
|
@@ -111,6 +112,11 @@ export const create_signup_route_specs = (deps, options) => {
|
|
|
111
112
|
return rate_limit_exceeded_response(c, check.retry_after);
|
|
112
113
|
}
|
|
113
114
|
}
|
|
115
|
+
// Load the open-signup toggle fresh from the DB on every
|
|
116
|
+
// request — the authoritative source, so multiple server
|
|
117
|
+
// processes never serve a stale in-memory value. Bounded by
|
|
118
|
+
// the per-IP + per-account rate limiters above.
|
|
119
|
+
const { open_signup } = await query_app_settings_load(route);
|
|
114
120
|
// Start the denial-time floor concurrently with failure work.
|
|
115
121
|
// Observed response time for 403 / 409 is `max(work, delay)`
|
|
116
122
|
// so the cheap `no_match` path (no Argon2, find returns
|
|
@@ -138,7 +144,7 @@ export const create_signup_route_specs = (deps, options) => {
|
|
|
138
144
|
reason,
|
|
139
145
|
...(invite && { invite_id: invite.id }),
|
|
140
146
|
...(email != null && { email }),
|
|
141
|
-
...(
|
|
147
|
+
...(open_signup && { open_signup: true }),
|
|
142
148
|
},
|
|
143
149
|
});
|
|
144
150
|
};
|
|
@@ -153,7 +159,7 @@ export const create_signup_route_specs = (deps, options) => {
|
|
|
153
159
|
// loser's `find_for_update` returns no row (winner
|
|
154
160
|
// flipped `claimed_at`) and falls through to
|
|
155
161
|
// `ERROR_NO_MATCHING_INVITE`. No race window.
|
|
156
|
-
if (!
|
|
162
|
+
if (!open_signup) {
|
|
157
163
|
invite = await query_invite_find_unclaimed_match_for_update(tx_deps, email ?? null, username);
|
|
158
164
|
if (!invite) {
|
|
159
165
|
throw new NoMatchingInviteError();
|
|
@@ -8,8 +8,8 @@
|
|
|
8
8
|
* `create_account_actions`).
|
|
9
9
|
*
|
|
10
10
|
* Option routing: shared `roles` flows to both admin and role-grant-offer;
|
|
11
|
-
* `
|
|
12
|
-
*
|
|
11
|
+
* `default_ttl_ms` and `authorize` go to role-grant-offer only; `max_tokens`
|
|
12
|
+
* goes to account only;
|
|
13
13
|
* shared `connection_closer` flows to admin + account (role-grant-offer ignores);
|
|
14
14
|
* `notification_sender` reaches role-grant-offer transparently (admin + account
|
|
15
15
|
* ignore it).
|
|
@@ -27,7 +27,7 @@ import type { RpcAction } from '../actions/action_rpc.js';
|
|
|
27
27
|
/**
|
|
28
28
|
* Options for `create_standard_rpc_actions`.
|
|
29
29
|
*
|
|
30
|
-
* Composes `AdminActionOptions` (`roles
|
|
30
|
+
* Composes `AdminActionOptions` (`roles`),
|
|
31
31
|
* `RoleGrantOfferActionOptions` (`roles`, `default_ttl_ms`, `authorize`), and
|
|
32
32
|
* `AccountActionOptions` (`max_tokens`). `roles` is shared between admin
|
|
33
33
|
* and role-grant-offer — the caller supplies it once and the helper threads
|
|
@@ -49,13 +49,13 @@ export interface StandardRpcActionsDeps extends Pick<RouteFactoryDeps, 'log' | '
|
|
|
49
49
|
/**
|
|
50
50
|
* Build the combined admin + role-grant-offer + account RPC action set.
|
|
51
51
|
*
|
|
52
|
-
* Spreads `create_admin_actions(deps, {roles
|
|
52
|
+
* Spreads `create_admin_actions(deps, {roles})`,
|
|
53
53
|
* `create_role_grant_offer_actions(deps, {roles, default_ttl_ms, authorize})`,
|
|
54
54
|
* and `create_account_actions(deps, {max_tokens})`. The shared `roles`
|
|
55
55
|
* option flows to admin + role-grant-offer.
|
|
56
56
|
*
|
|
57
57
|
* @param deps - `StandardRpcActionsDeps` (`log`, `audit` from `RouteFactoryDeps`; optional `notification_sender` for WS fan-out)
|
|
58
|
-
* @param options - role schema,
|
|
58
|
+
* @param options - role schema, role-grant-offer config, account config
|
|
59
59
|
* @returns RPC actions to pass as `rpc_endpoints` or spread into `create_rpc_endpoint`
|
|
60
60
|
*/
|
|
61
61
|
export declare const create_standard_rpc_actions: (deps: StandardRpcActionsDeps, options?: StandardRpcActionsOptions) => Array<RpcAction>;
|
|
@@ -8,8 +8,8 @@
|
|
|
8
8
|
* `create_account_actions`).
|
|
9
9
|
*
|
|
10
10
|
* Option routing: shared `roles` flows to both admin and role-grant-offer;
|
|
11
|
-
* `
|
|
12
|
-
*
|
|
11
|
+
* `default_ttl_ms` and `authorize` go to role-grant-offer only; `max_tokens`
|
|
12
|
+
* goes to account only;
|
|
13
13
|
* shared `connection_closer` flows to admin + account (role-grant-offer ignores);
|
|
14
14
|
* `notification_sender` reaches role-grant-offer transparently (admin + account
|
|
15
15
|
* ignore it).
|
|
@@ -24,13 +24,13 @@ import { create_account_actions } from './account_actions.js';
|
|
|
24
24
|
/**
|
|
25
25
|
* Build the combined admin + role-grant-offer + account RPC action set.
|
|
26
26
|
*
|
|
27
|
-
* Spreads `create_admin_actions(deps, {roles
|
|
27
|
+
* Spreads `create_admin_actions(deps, {roles})`,
|
|
28
28
|
* `create_role_grant_offer_actions(deps, {roles, default_ttl_ms, authorize})`,
|
|
29
29
|
* and `create_account_actions(deps, {max_tokens})`. The shared `roles`
|
|
30
30
|
* option flows to admin + role-grant-offer.
|
|
31
31
|
*
|
|
32
32
|
* @param deps - `StandardRpcActionsDeps` (`log`, `audit` from `RouteFactoryDeps`; optional `notification_sender` for WS fan-out)
|
|
33
|
-
* @param options - role schema,
|
|
33
|
+
* @param options - role schema, role-grant-offer config, account config
|
|
34
34
|
* @returns RPC actions to pass as `rpc_endpoints` or spread into `create_rpc_endpoint`
|
|
35
35
|
*/
|
|
36
36
|
export const create_standard_rpc_actions = (deps, options = {}) => [
|
|
@@ -14,7 +14,6 @@ import { type SessionOptions } from '../auth/session_cookie.js';
|
|
|
14
14
|
import type { BootstrapAccountSuccess } from '../auth/bootstrap_account.js';
|
|
15
15
|
import type { EventSpec } from '../realtime/sse.js';
|
|
16
16
|
import { type AuditLogSse } from '../realtime/sse_auth_guard.js';
|
|
17
|
-
import type { AppSettings } from '../auth/app_settings_schema.js';
|
|
18
17
|
import { type RateLimiter } from '../rate_limiter.js';
|
|
19
18
|
import type { DaemonTokenState } from '../auth/daemon_token.js';
|
|
20
19
|
import type { MigrationResult } from '../db/migrate.js';
|
|
@@ -193,8 +192,7 @@ export interface AppServerOptions {
|
|
|
193
192
|
* Accepts either an array (evaluated eagerly) or a factory
|
|
194
193
|
* `(ctx: AppServerContext) => Array<RpcEndpointSpec>` (evaluated after the
|
|
195
194
|
* server context is assembled). Use the factory form when action lists
|
|
196
|
-
* depend on `ctx.deps`
|
|
197
|
-
* `create_standard_rpc_actions(ctx.deps, {app_settings: ctx.app_settings})`.
|
|
195
|
+
* depend on `ctx.deps` — e.g. `create_standard_rpc_actions(ctx.deps)`.
|
|
198
196
|
*/
|
|
199
197
|
rpc_endpoints?: Array<RpcEndpointSpec> | ((context: AppServerContext) => Array<RpcEndpointSpec>);
|
|
200
198
|
/**
|
|
@@ -294,8 +292,6 @@ export interface AppServerContext {
|
|
|
294
292
|
action_ip_rate_limiter: RateLimiter | null;
|
|
295
293
|
/** Per-actor action-dispatcher rate limiter — shared across HTTP RPC + WS. `null` when not configured. */
|
|
296
294
|
action_account_rate_limiter: RateLimiter | null;
|
|
297
|
-
/** Global app settings (mutable ref — mutated by settings admin route). */
|
|
298
|
-
app_settings: AppSettings;
|
|
299
295
|
/**
|
|
300
296
|
* Factory-managed audit log SSE. Non-null when the `audit_log_sse`
|
|
301
297
|
* option was passed to `create_app_server`, `null` when omitted.
|
|
@@ -309,8 +305,6 @@ export interface AppServer {
|
|
|
309
305
|
/** Surface spec — serializable surface + raw specs that produced it. */
|
|
310
306
|
surface_spec: AppSurfaceSpec;
|
|
311
307
|
bootstrap_status: BootstrapStatus;
|
|
312
|
-
/** Global app settings (mutable ref — mutated by settings admin route). */
|
|
313
|
-
app_settings: AppSettings;
|
|
314
308
|
/** Migration results from `create_app_backend` (auth + any `migration_namespaces` passed there). */
|
|
315
309
|
migration_results: ReadonlyArray<MigrationResult>;
|
|
316
310
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app_server.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/server/app_server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAC,IAAI,EAAE,KAAK,OAAO,EAAC,MAAM,MAAM,CAAC;AAGxC,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,SAAS,CAAC;AAC9C,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAEN,KAAK,cAAc,EAEnB,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,8BAA8B,CAAC;AAC1E,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAGN,KAAK,WAAW,EAChB,MAAM,+BAA+B,CAAC;AAEvC,OAAO,
|
|
1
|
+
{"version":3,"file":"app_server.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/server/app_server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAC,IAAI,EAAE,KAAK,OAAO,EAAC,MAAM,MAAM,CAAC;AAGxC,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,SAAS,CAAC;AAC9C,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAEN,KAAK,cAAc,EAEnB,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,8BAA8B,CAAC;AAC1E,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAGN,KAAK,WAAW,EAChB,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAKN,KAAK,WAAW,EAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,kBAAkB,CAAC;AACtD,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,iBAAiB,CAAC;AAC7C,OAAO,KAAK,EAAC,UAAU,EAAC,MAAM,kBAAkB,CAAC;AAGjD,OAAO,oBAAoB,CAAC;AAE5B,OAAO,EAA2B,KAAK,kBAAkB,EAAC,MAAM,aAAa,CAAC;AAE9E,OAAO,EAEN,KAAK,cAAc,EAEnB,KAAK,eAAe,EACpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAIN,KAAK,SAAS,EACd,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,4BAA4B,CAAC;AAC/D,OAAO,EAGN,KAAK,eAAe,EACpB,MAAM,6BAA6B,CAAC;AASrC,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,gCAAgC,CAAC;AAKnE,OAAO,EAAC,yBAAyB,EAAC,MAAM,qCAAqC,CAAC;AAE9E;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAClC,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;IACf,uDAAuD;IACvD,IAAI,EAAE,MAAM,CAAC;CACb;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,sBAAsB,GAC/B,wBAAwB,GACxB,2BAA2B,GAC3B,oBAAoB,CAAC;AAExB,MAAM,WAAW,wBAAwB;IACxC,IAAI,EAAE,UAAU,CAAC;CACjB;AAED,MAAM,WAAW,2BAA2B;IAC3C,IAAI,EAAE,cAAc,CAAC;IACrB,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,oBAAoB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,uBAAuB,EAAE,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9E;AAED;;;;;GAKG;AACH,MAAM,WAAW,gBAAgB;IAChC,2DAA2D;IAC3D,OAAO,EAAE,UAAU,CAAC;IACpB,6CAA6C;IAC7C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,sCAAsC;IACtC,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAE/B,6BAA6B;IAC7B,KAAK,EAAE;QACN,eAAe,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/B,iBAAiB,EAAE,CAAC,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,SAAS,CAAC;KACtD,CAAC;IAEF;;;;;OAKG;IACH,eAAe,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACrC;;;;;OAKG;IACH,0BAA0B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD;;;;;OAKG;IACH,2BAA2B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjD;;;;OAIG;IACH,sBAAsB,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC5C;;;;;;;;OAQG;IACH,sBAAsB,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC5C;;;;;;;;OAQG;IACH,2BAA2B,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjD;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,2DAA2D;IAC3D,kBAAkB,CAAC,EAAE,gBAAgB,CAAC;IAEtC,yEAAyE;IACzE,SAAS,CAAC,EAAE,sBAAsB,CAAC;IAEnC;;;OAGG;IACH,aAAa,CAAC,EAAE,KAAK,CAAC;IAEtB;;;OAGG;IACH,kBAAkB,EAAE,CAAC,OAAO,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAEpE,4DAA4D;IAC5D,oBAAoB,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,KAAK,KAAK,CAAC,cAAc,CAAC,CAAC;IAE/E;;;;;;;;;;;;;;OAcG;IACH,aAAa,CAAC,EAAE,IAAI,GAAG;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAC,CAAC;IAEvC,gFAAgF;IAChF,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAE/B;;;;;;;;;;OAUG;IACH,aAAa,CAAC,EAAE,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,gBAAgB,KAAK,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;IAEjG;;;;;;;;;;;OAWG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IAEpC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACH,YAAY,CAAC,EACV,aAAa,CAAC,cAAc,CAAC,GAC7B,CAAC,CAAC,OAAO,EAAE,gBAAgB,KAAK,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC;IAElE;;;;OAIG;IACH,UAAU,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;IAEzB,mFAAmF;IACnF,qBAAqB,CAAC,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IAE9C,6DAA6D;IAC7D,cAAc,CAAC,EAAE;QAChB,YAAY,EAAE,kBAAkB,CAAC;QACjC,4DAA4D;QAC5D,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,gEAAgE;QAChE,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB;;;;WAIG;QACH,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;KACzC,CAAC;IAEF;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAEhC;;;;OAIG;IACH,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,kBAAkB,KAAK,IAAI,CAAC;IAExE,8CAA8C;IAC9C,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED,8CAA8C;AAC9C,MAAM,WAAW,gBAAgB;IAChC,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,UAAU,CAAC;IACpB,gBAAgB,EAAE,eAAe,CAAC;IAClC,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,yEAAyE;IACzE,eAAe,EAAE,WAAW,GAAG,IAAI,CAAC;IACpC,iFAAiF;IACjF,0BAA0B,EAAE,WAAW,GAAG,IAAI,CAAC;IAC/C,kFAAkF;IAClF,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD,uGAAuG;IACvG,sBAAsB,EAAE,WAAW,GAAG,IAAI,CAAC;IAC3C,0GAA0G;IAC1G,2BAA2B,EAAE,WAAW,GAAG,IAAI,CAAC;IAChD;;;;OAIG;IACH,SAAS,EAAE,WAAW,GAAG,IAAI,CAAC;CAC9B;AAED,uCAAuC;AACvC,MAAM,WAAW,SAAS;IACzB,GAAG,EAAE,IAAI,CAAC;IACV,wEAAwE;IACxE,YAAY,EAAE,cAAc,CAAC;IAC7B,gBAAgB,EAAE,eAAe,CAAC;IAClC,oGAAoG;IACpG,iBAAiB,EAAE,aAAa,CAAC,eAAe,CAAC,CAAC;IAClD;;;;OAIG;IACH,SAAS,EAAE,WAAW,GAAG,IAAI,CAAC;IAC9B;;;;;;;;;;;OAWG;IACH,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,yBAAyB,CAAC,CAAC,CAAC;IAClE,mEAAmE;IACnE,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,GAAI,QAAQ;IAAC,SAAS,EAAE,WAAW,GAAG,IAAI,CAAA;CAAC,KAAG,WAO3E,CAAC;AAEF,gDAAgD;AAChD,eAAO,MAAM,qBAAqB,QAAc,CAAC;AAEjD;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,iBAAiB,GAAU,SAAS,gBAAgB,KAAG,OAAO,CAAC,SAAS,CAwXpF,CAAC"}
|
|
@@ -14,7 +14,6 @@ import { z } from 'zod';
|
|
|
14
14
|
import { session_cookie_options, } from '../auth/session_cookie.js';
|
|
15
15
|
import { create_audit_log_sse, audit_log_event_specs, } from '../realtime/sse_auth_guard.js';
|
|
16
16
|
import { BaseServerEnv } from './env.js';
|
|
17
|
-
import { query_app_settings_load } from '../auth/app_settings_queries.js';
|
|
18
17
|
import { create_rate_limiter, default_login_account_rate_limit, default_action_account_rate_limit, default_action_ip_rate_limit, } from '../rate_limiter.js';
|
|
19
18
|
// Side-effect import: augments Hono's ContextVariableMap so consumers
|
|
20
19
|
// that import app_server get type-safe c.get('auth_session_id') etc.
|
|
@@ -123,14 +122,13 @@ export const create_app_server = async (options) => {
|
|
|
123
122
|
if (options.transform_middleware) {
|
|
124
123
|
middleware_specs = options.transform_middleware(middleware_specs);
|
|
125
124
|
}
|
|
126
|
-
// Bootstrap status
|
|
125
|
+
// Bootstrap status
|
|
127
126
|
// - undefined / 'disabled': no route mounted; placeholder status.
|
|
128
127
|
// - 'surface_only': route mounted but permanently unavailable; status placeholder.
|
|
129
128
|
// - 'live': real disk + lock check via `check_bootstrap_status`.
|
|
130
129
|
const bootstrap_status = options.bootstrap?.mode === 'live'
|
|
131
130
|
? await check_bootstrap_status(deps, { token_path: options.bootstrap.token_path })
|
|
132
131
|
: { available: false, token_path: null };
|
|
133
|
-
const app_settings = await query_app_settings_load({ db: deps.db });
|
|
134
132
|
// Surface route ref — factory manages the circular ref
|
|
135
133
|
const surface_ref = {
|
|
136
134
|
surface: {
|
|
@@ -154,7 +152,6 @@ export const create_app_server = async (options) => {
|
|
|
154
152
|
signup_account_rate_limiter,
|
|
155
153
|
action_ip_rate_limiter,
|
|
156
154
|
action_account_rate_limiter,
|
|
157
|
-
app_settings,
|
|
158
155
|
audit_sse,
|
|
159
156
|
};
|
|
160
157
|
const consumer_routes = options.create_route_specs(context);
|
|
@@ -404,7 +401,6 @@ export const create_app_server = async (options) => {
|
|
|
404
401
|
app,
|
|
405
402
|
surface_spec,
|
|
406
403
|
bootstrap_status,
|
|
407
|
-
app_settings,
|
|
408
404
|
migration_results: backend.migration_results,
|
|
409
405
|
audit_sse,
|
|
410
406
|
ws_endpoints: mounted_ws_endpoints,
|
package/dist/testing/CLAUDE.md
CHANGED
|
@@ -846,7 +846,7 @@ source of truth for wire-shape conformance.
|
|
|
846
846
|
|
|
847
847
|
- `testing/cross_backend/capabilities.ts` — `BackendCapabilities` vocabulary
|
|
848
848
|
(`bearer_auth` / `trusted_proxy` / `login_rate_limit` / `ws` / `sse` /
|
|
849
|
-
`cell_crud` / `cell_relations` / `account_lifecycle`
|
|
849
|
+
`cell_crud` / `cell_relations` / `account_lifecycle`),
|
|
850
850
|
`test_if(cond, name, fn)`
|
|
851
851
|
for capability-gated cases, and `in_process_capabilities` preset. `cell_crud`
|
|
852
852
|
gates the CRUD parity suite, `cell_relations` the relation / ACL / audit
|
|
@@ -885,6 +885,50 @@ consumer needs partial opt-out, add the knob then.
|
|
|
885
885
|
`bootstrap`, `rate_limiting_app_options`, `bootstrap_token`) — those drive
|
|
886
886
|
the omitted suites.
|
|
887
887
|
|
|
888
|
+
### `cross_backend/conformance_table.ts` + `conformance_case.ts` + `xfail.ts` — declarative behavioral/security cases
|
|
889
|
+
|
|
890
|
+
The opinionated behavioral/security layer on top of the spec-derived
|
|
891
|
+
auto-enumeration (`describe_rpc_round_trip_tests` /
|
|
892
|
+
`describe_rpc_attack_surface_tests`). Where those assert wire-shape,
|
|
893
|
+
conformance cases assert _expected behavior_ — the security negatives
|
|
894
|
+
(must be refused / must not leak / found-vs-not-found same shape) a
|
|
895
|
+
wire-shape check passes green on even when behavior is wrong.
|
|
896
|
+
|
|
897
|
+
- `conformance_case.ts` — `ConformanceCase` Zod schema:
|
|
898
|
+
`{name, request: {method, params?, as, verb?}, expect: {status,
|
|
899
|
+
error_reason?, fields?}, note?, xfail?}`. A case is **data** — `method`
|
|
900
|
+
resolves its `input`/`output` from the live registry (RPC) or `RouteSpec`
|
|
901
|
+
(the 6 REST auth routes), so the case never carries a schema. `as` is the
|
|
902
|
+
closed `ConformancePrincipal` enum (`keeper` / `daemon` / `token` /
|
|
903
|
+
`anonymous` / `fresh_non_admin` / `role_holder` / `wrong_role` /
|
|
904
|
+
`expired_session`) — fixture accessors, never inline credential minting.
|
|
905
|
+
`expired_session` is the keeper behind an expired server-side session
|
|
906
|
+
(`fixture.mint_expired_session()`: a backdated `auth_session` row behind a
|
|
907
|
+
still-valid signed cookie, so the DB-row expiry gate is what refuses it).
|
|
908
|
+
`error_reason` is the imported
|
|
909
|
+
`ERROR_*` constant (asserted against the RPC `error.data.reason` or the
|
|
910
|
+
REST flat-body `error`; the bare `unauthenticated()` 401 carries no
|
|
911
|
+
reason, so `status` pins that denial class).
|
|
912
|
+
- `conformance_table.ts` — `describe_conformance_table_tests({cases,
|
|
913
|
+
setup_test, surface_source, capabilities, rpc_endpoints, session_options,
|
|
914
|
+
principals?, suite_name?})`. Same `{setup_test, surface_source,
|
|
915
|
+
capabilities}` protocol every Tier 1 suite uses, so **one case array runs
|
|
916
|
+
both transports** — in-process (`gro test`) and cross-process (the gate,
|
|
917
|
+
each backend's real auth resolution). `resolve_principal` maps the five
|
|
918
|
+
always-available principals to fixture accessors; `role_holder` /
|
|
919
|
+
`wrong_role` read a seeded `extra_accounts` username named via
|
|
920
|
+
`options.principals`.
|
|
921
|
+
- `xfail.ts` — `xfail_until(tracking_id, reason, name, fn)`, a thin
|
|
922
|
+
`test.fails` wrapper for deferred-by-design rows (visible + self-cleaning:
|
|
923
|
+
turns red when the gap closes, forcing marker removal). In-scope gaps fail
|
|
924
|
+
loud as a normal `test`, not via this marker. Sibling to `test_if` in
|
|
925
|
+
`capabilities.ts`.
|
|
926
|
+
|
|
927
|
+
Wire from a `.db.test.ts` (in-process) and a `.cross.test.ts`
|
|
928
|
+
(cross-process) with the same case array — fuz_app's own runner-proof is
|
|
929
|
+
`../../test/cross_backend/conformance.{db,cross}.test.ts` sharing
|
|
930
|
+
`conformance_proof_cases.ts`.
|
|
931
|
+
|
|
888
932
|
### `cross_backend/ws_round_trip.ts` — `describe_cross_process_ws_tests`
|
|
889
933
|
|
|
890
934
|
Real-upgrade WebSocket coverage of a spawned backend — the cross-process
|
|
@@ -933,9 +977,13 @@ _own_ sessions are revoked (`account_session_revoke_all`) so the audit guard
|
|
|
933
977
|
drops the live stream (asserted via `SseTransport.wait_for_close`). The
|
|
934
978
|
data-frame + close cases gate on `rpc_path` (they drive the standard
|
|
935
979
|
account/admin actions); all cases gate on `capabilities.sse`. Cross-process
|
|
936
|
-
only — wire from a `*.cross.test.ts`.
|
|
980
|
+
only — wire from a `*.cross.test.ts`. fuz*app's own wiring is
|
|
937
981
|
`src/test/cross_backend/sse.cross.test.ts`; only the TS spines advertise
|
|
938
982
|
`sse` (they wire `audit_log_sse`), so the Rust `spine_stub` cases `.skip`.
|
|
983
|
+
That file also registers one `xfail_until` (only when `sse: false`) asserting
|
|
984
|
+
the stream \_can't* open on a spine without SSE — a self-cleaning tripwire for
|
|
985
|
+
the spine that should grow it, distinct from the consumer-legit capability
|
|
986
|
+
skip the shared suite emits.
|
|
939
987
|
|
|
940
988
|
### `cross_backend/cell_crud.ts` + `cell_relations.ts` — cell parity suites
|
|
941
989
|
|
|
@@ -1053,6 +1101,41 @@ in-process legs (plain `gro test`) are `src/test/auth/cell_crud_parity.db.test.t
|
|
|
1053
1101
|
`testing_reset_actions.ts` TSDoc for the audit + WS fan-out rationale
|
|
1054
1102
|
that rejected a `_testing_seed_role_grant` shape.
|
|
1055
1103
|
|
|
1104
|
+
Same module also exports `create_testing_drain_effects_action()` — the
|
|
1105
|
+
`_testing_drain_effects` RPC action (daemon-token-gated, like
|
|
1106
|
+
`_testing_reset`). It awaits in-flight fire-and-forget audit writes so a
|
|
1107
|
+
following `audit_log_list` is authoritative — the deterministic barrier a
|
|
1108
|
+
cross-process audit assertion fires before reading (no poll/sleep). On the
|
|
1109
|
+
TS spine it is **satisfied by construction** (the binary runs
|
|
1110
|
+
`await_pending_effects: true`, so each mutation's emits land before its
|
|
1111
|
+
response); the Rust spine does the real await in
|
|
1112
|
+
`AuditEmitter::drain_inflight`. `create_testing_actions` bundles it
|
|
1113
|
+
alongside `_testing_reset`; suites that mount their own endpoint (e.g. the
|
|
1114
|
+
in-process `account_lifecycle_parity.db.test.ts`) add it directly so the
|
|
1115
|
+
shared suite body can call the barrier on every backend uniformly.
|
|
1116
|
+
|
|
1117
|
+
Also bundled: `_testing_mint_session` — mints a backdated-expiry
|
|
1118
|
+
`auth_session` row for an account (via `mint_test_session` in `app_server.ts`)
|
|
1119
|
+
and returns its signed cookie value (future-dated payload). Backs the
|
|
1120
|
+
`expired_session` conformance principal: the backdated DB row + valid cookie
|
|
1121
|
+
payload isolate the authoritative server-side DB-row expiry gate
|
|
1122
|
+
(`query_session_get_valid` — `expires_at > NOW()`), the gate the in-process
|
|
1123
|
+
payload-expiry tests never reached. Daemon-token-gated like its siblings; the
|
|
1124
|
+
Rust mirror is `fuz_testing::create_testing_mint_session_action_spec`.
|
|
1125
|
+
|
|
1126
|
+
### Origin verification parity — `cross_backend/origin.ts`
|
|
1127
|
+
|
|
1128
|
+
`describe_origin_cross_tests({setup_test, capabilities, rpc_path?})` — the
|
|
1129
|
+
imperative Origin-verification suite: disallowed `Origin` → 403 `forbidden_origin` (refused
|
|
1130
|
+
before dispatch), absent `Origin` → request passes (non-browser direct access).
|
|
1131
|
+
Imperative (not a conformance-table row) because origin rejection is
|
|
1132
|
+
middleware-level flat-REST, not the JSON-RPC envelope the table runner expects,
|
|
1133
|
+
and absent-Origin needs `fresh_transport({origin: null})`. Runs both legs (the
|
|
1134
|
+
in-process `auth/origin_parity.db.test.ts` + the cross-process
|
|
1135
|
+
`origin.cross.test.ts`). The promotion surfaced a twin-impl divergence — the
|
|
1136
|
+
Rust spine returned a plain-text body — now converged to the canonical TS
|
|
1137
|
+
`{error: "forbidden_origin"}` via `fuz_http::forbidden_origin_response()`.
|
|
1138
|
+
|
|
1056
1139
|
### Building a TS test-server binary — `testing_server_core.ts` + adapters
|
|
1057
1140
|
|
|
1058
1141
|
The reusable shape for standing up a **spawnable TS** cross-process test
|