@kyro-cms/core 0.8.0 → 0.9.1

package/dist/chunk-CJONKRHJ.js

@@ -0,0 +1,162 @@
+import { timingSafeEqual } from 'crypto';
+
+// src/access/types.ts
+async function evaluateAccess(access, args) {
+  if (typeof access === "boolean") {
+    return access;
+  }
+  if (typeof access === "function") {
+    return await access(args);
+  }
+  return true;
+}
+function mergeWhereClauses(...whereClauses) {
+  const result = {};
+  for (const clause of whereClauses) {
+    if (clause && typeof clause === "object") {
+      Object.assign(result, clause);
+    }
+  }
+  return result;
+}
+function getWhereClause(access, args) {
+  return evaluateAccess(access, args).then((result) => {
+    if (result === true) return void 0;
+    if (result === false) return { _id: { $eq: null } };
+    return result;
+  });
+}
+var API_KEY_COLLECTION = "_api_keys";
+function generateKeyPrefix(key) {
+  return key.substring(0, 8);
+}
+function constantTimeCompare(a, b) {
+  if (a.length !== b.length) {
+    return false;
+  }
+  try {
+    return timingSafeEqual(Buffer.from(a), Buffer.from(b));
+  } catch {
+    return false;
+  }
+}
+async function validateApiKey(rawKey, db, userLookup) {
+  if (!rawKey || typeof rawKey !== "string") {
+    return { valid: false, error: "No API key provided" };
+  }
+  if (!rawKey.startsWith("kyro_")) {
+    return { valid: false, error: "Invalid API key format" };
+  }
+  const keyPrefix = generateKeyPrefix(rawKey);
+  try {
+    const result = await db.find({
+      collection: API_KEY_COLLECTION,
+      where: { keyPrefix: { equals: keyPrefix } },
+      limit: 100,
+      page: 1
+    });
+    if (!result.docs || result.docs.length === 0) {
+      return { valid: false, error: "Invalid API key" };
+    }
+    let matchedKey = null;
+    for (const doc of result.docs) {
+      const record = doc;
+      if (constantTimeCompare(record.key, rawKey)) {
+        matchedKey = record;
+        break;
+      }
+    }
+    if (!matchedKey) {
+      return { valid: false, error: "Invalid API key" };
+    }
+    if (matchedKey.expiresAt) {
+      const expiresAt = new Date(matchedKey.expiresAt);
+      if (expiresAt < /* @__PURE__ */ new Date()) {
+        return { valid: false, error: "API key has expired" };
+      }
+    }
+    try {
+      await db.update({
+        collection: API_KEY_COLLECTION,
+        id: matchedKey.id,
+        data: { lastUsedAt: (/* @__PURE__ */ new Date()).toISOString() }
+      });
+    } catch {
+    }
+    const user = {
+      id: matchedKey.userId,
+      role: matchedKey.role || "author",
+      tenantId: matchedKey.tenantId
+    };
+    if (userLookup) {
+      const dbUser = await userLookup(matchedKey.userId);
+      if (dbUser) {
+        Object.assign(user, dbUser);
+      }
+    }
+    return {
+      valid: true,
+      userId: matchedKey.userId,
+      user,
+      permissions: matchedKey.permissions || [],
+      apiKeyId: matchedKey.id,
+      tenantId: user.tenantId,
+      role: user.role
+    };
+  } catch (error) {
+    console.error("[ApiKey] Validation error:", error);
+    return { valid: false, error: "Failed to validate API key" };
+  }
+}
+function extractApiKeyFromRequest(request) {
+  const authHeader = request.headers.get("Authorization");
+  if (authHeader) {
+    if (authHeader.startsWith("ApiKey ")) {
+      return authHeader.slice(7).trim();
+    }
+    if (authHeader.startsWith("Bearer ")) {
+      return null;
+    }
+  }
+  const xApiKey = request.headers.get("X-API-Key");
+  if (xApiKey) {
+    return xApiKey.trim();
+  }
+  return null;
+}
+function createApiKeyContext(result) {
+  if (!result.valid || !result.userId) {
+    return null;
+  }
+  return {
+    userId: result.userId,
+    user: result.user || {},
+    permissions: result.permissions || [],
+    apiKeyId: result.apiKeyId || "",
+    tenantId: result.tenantId,
+    role: result.role
+  };
+}
+function hasApiKeyPermission(permissions, required) {
+  if (permissions.length === 0) return false;
+  if (permissions.includes("*")) return true;
+  if (permissions.includes(required)) return true;
+  const [resource, action] = required.split(":");
+  if (permissions.includes(`${resource}:*`)) return true;
+  return false;
+}
+function generateApiKey() {
+  const chars = "abcdefghijklmnopqrstuvwxyz0123456789";
+  let suffix = "";
+  for (let i = 0; i < 32; i++) {
+    suffix += chars[Math.floor(Math.random() * chars.length)];
+  }
+  return `kyro_${suffix}`;
+}
+function generateApiKeyPrefix(key) {
+  return key.substring(0, 8);
+}
+
+export { API_KEY_COLLECTION, createApiKeyContext, evaluateAccess, extractApiKeyFromRequest, generateApiKey, generateApiKeyPrefix, getWhereClause, hasApiKeyPermission, mergeWhereClauses, validateApiKey };
+//# sourceMappingURL=chunk-CJONKRHJ.js.map
+//# sourceMappingURL=chunk-CJONKRHJ.js.map

package/dist/chunk-CJONKRHJ.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/access/types.ts","../src/auth/api-key.ts"],"names":[],"mappings":";;;AA+CA,eAAsB,cAAA,CACpB,QACA,IAAA,EACgC;AAChC,EAAA,IAAI,OAAO,WAAW,SAAA,EAAW;AAC/B,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,OAAO,WAAW,UAAA,EAAY;AAChC,IAAA,OAAO,MAAM,OAAO,IAAI,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,qBACX,YAAA,EACU;AACb,EAAA,MAAM,SAAsB,EAAC;AAC7B,EAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACxC,MAAA,MAAA,CAAO,MAAA,CAAO,QAAQ,MAAM,CAAA;AAAA,IAC9B;AAAA,EACF;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,cAAA,CACd,QACA,IAAA,EACkC;AAClC,EAAA,OAAO,cAAA,CAAe,MAAA,EAAQ,IAAI,CAAA,CAAE,KAAK,CAAA,MAAA,KAAU;AACjD,IAAA,IAAI,MAAA,KAAW,MAAM,OAAO,MAAA;AAC5B,IAAA,IAAI,MAAA,KAAW,OAAO,OAAO,EAAE,KAAK,EAAE,GAAA,EAAK,MAAK,EAAE;AAClD,IAAA,OAAO,MAAA;AAAA,EACT,CAAC,CAAA;AACH;AC7CO,IAAM,kBAAA,GAAqB;AAElC,SAAS,kBAAkB,GAAA,EAAqB;AAC9C,EAAA,OAAO,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAA;AAC3B;AAEA,SAAS,mBAAA,CAAoB,GAAW,CAAA,EAAoB;AAC1D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ;AACzB,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,OAAO,eAAA,CAAgB,OAAO,IAAA,CAAK,CAAC,GAAG,MAAA,CAAO,IAAA,CAAK,CAAC,CAAC,CAAA;AAAA,EACvD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,eAAsB,cAAA,CACpB,MAAA,EACA,EAAA,EACA,UAAA,EACiC;AACjC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,EACtD;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,UAAA,CAAW,OAAO,CAAA,EAAG;AAC/B,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,wBAAA,EAAyB;AAAA,EACzD;AAEA,EAAA,MAAM,SAAA,GAAY,kBAAkB,MAAM,CAAA;AAE1C,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,IAAA,CAAK;AAAA,MAC3B,UAAA,EAAY,kBAAA;AAAA,MACZ,OAAO,EAAE,SAAA,EAAW,EAAE,MAAA,EAAQ,WAAU,EAAE;AAAA,MAC1C,KAAA,EAAO,GAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,IAAI,CAAC,MAAA,CAAO,IAAA,IAAQ,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA,EAAG;AAC5C,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,UAAA,GAAkC,IAAA;AACtC,IAAA,KAAA,MAAW,GAAA,IAAO,OAAO,IAAA,EAAM;AAC7B,MAAA,MAAM,MAAA,GAAS,GAAA;AACf,MAAA,IAAI,mBAAA,CAAoB,MAAA,CAAO,GAAA,EAAK,MAAM,CAAA,EAAG;AAC3C,QAAA,UAAA,GAAa,MAAA;AACb,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,UAAA,EAAY;AACf,MAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,iBAAA,EAAkB;AAAA,IAClD;AAEA,IAAA,IAAI,WAAW,SAAA,EAAW;AACxB,MAAA,MAAM,SAAA,GAAY,IAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAA;AAC/C,MAAA,IAAI,SAAA,mBAAY,IAAI,IAAA,EAAK,EAAG;AAC1B,QAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,qBAAA,EAAsB;AAAA,MACtD;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,GAAG,MAAA,CAAO;AAAA,QACd,UAAA,EAAY,kBAAA;AAAA,QACZ,IAAI,UAAA,CAAW,EAAA;AAAA,QACf,MAAM,EAAE,UAAA,EAAA,qBAAgB,IAAA,EAAK,EAAE,aAAY;AAAE,OAC9C,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,MAAM,IAAA,GAA0B;AAAA,MAC9B,IAAI,UAAA,CAAW,MAAA;AAAA,MACf,IAAA,EAAO,WAAmB,IAAA,IAAQ,QAAA;AAAA,MAClC,UAAW,UAAA,CAAmB;AAAA,KAChC;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA;AACjD,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAA,CAAO,MAAA,CAAO,MAAM,MAAM,CAAA;AAAA,MAC5B;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,IAAA;AAAA,MACP,QAAQ,UAAA,CAAW,MAAA;AAAA,MACnB,IAAA;AAAA,MACA,WAAA,EAAa,UAAA,CAAW,WAAA,IAAe,EAAC;AAAA,MACxC,UAAU,UAAA,CAAW,EAAA;AAAA,MACrB,UAAU,IAAA,CAAK,QAAA;AAAA,MACf,MAAM,IAAA,CAAK;AAAA,KACb;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,IAAA,OAAO,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,4BAAA,EAA6B;AAAA,EAC7D;AACF;AAEO,SAAS,yBAAyB,OAAA,EAAiC;AACxE,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,eAAe,CAAA;AACtD,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,UAAA,CAAW,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,IAClC;AACA,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AACpC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,WAAW,CAAA;AAC/C,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO,QAAQ,IAAA,EAAK;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAEO,SAAS,oBACd,MAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAA,CAAO,KAAA,IAAS,CAAC,OAAO,MAAA,EAAQ;AACnC,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO;AAAA,IACL,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,IAAA,EAAM,MAAA,CAAO,IAAA,IAAQ,EAAC;AAAA,IACtB,WAAA,EAAa,MAAA,CAAO,WAAA,IAAe,EAAC;AAAA,IACpC,QAAA,EAAU,OAAO,QAAA,IAAY,EAAA;AAAA,IAC7B,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,MAAM,MAAA,CAAO;AAAA,GACf;AACF;AAEO,SAAS,mBAAA,CACd,aACA,QAAA,EACS;AACT,EAAA,IAAI,WAAA,CAAY,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AACrC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,GAAG,CAAA,EAAG,OAAO,IAAA;AACtC,EAAA,IAAI,WAAA,CAAY,QAAA,CAAS,QAAQ,CAAA,EAAG,OAAO,IAAA;AAE3C,EAAA,MAAM,CAAC,QAAA,EAAU,MAAM,CAAA,GAAI,QAAA,CAAS,MAAM,GAAG,CAAA;AAC7C,EAAA,IAAI,YAAY,QAAA,CAAS,CAAA,EAAG,QAAQ,CAAA,EAAA,CAAI,GAAG,OAAO,IAAA;AAElD,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,cAAA,GAAyB;AACvC,EAAA,MAAM,KAAA,GAAQ,sCAAA;AACd,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,EAAA,EAAI,CAAA,EAAA,EAAK;AAC3B,IAAA,MAAA,IAAU,KAAA,CAAM,KAAK,KAAA,CAAM,IAAA,CAAK,QAAO,GAAI,KAAA,CAAM,MAAM,CAAC,CAAA;AAAA,EAC1D;AACA,EAAA,OAAO,QAAQ,MAAM,CAAA,CAAA;AACvB;AAEO,SAAS,qBAAqB,GAAA,EAAqB;AACxD,EAAA,OAAO,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAA;AAC3B","file":"chunk-CJONKRHJ.js","sourcesContent":["import type { User, Request } from '../hooks/types.js';\n\n// ============================================================================\n// Access Control Types\n// ============================================================================\n\nexport interface WhereClause {\n  [field: string]: any;\n}\n\nexport interface AccessArgs {\n  req: Request;\n  user?: User;\n  data?: any;\n  doc?: any;\n  id?: string;\n  tenantID?: string;\n  context?: Record<string, any>;\n}\n\nexport type AccessControl = boolean | ((args: AccessArgs) => Promise<boolean | WhereClause> | boolean | WhereClause);\n\nexport interface CollectionAccess {\n  create?: AccessControl;\n  read?: AccessControl;\n  update?: AccessControl;\n  delete?: AccessControl;\n  admin?: AccessControl;\n  unlock?: AccessControl;\n  readVersions?: AccessControl;\n}\n\nexport interface GlobalAccess {\n  read?: AccessControl;\n  update?: AccessControl;\n}\n\nexport interface FieldAccess {\n  create?: AccessControl;\n  read?: AccessControl;\n  update?: AccessControl;\n}\n\n// ============================================================================\n// Access Control Evaluation\n// ============================================================================\n\nexport async function evaluateAccess(\n  access: AccessControl,\n  args: AccessArgs\n): Promise<boolean | WhereClause> {\n  if (typeof access === 'boolean') {\n    return access;\n  }\n  if (typeof access === 'function') {\n    return await access(args);\n  }\n  return true;\n}\n\nexport function mergeWhereClauses(\n  ...whereClauses: (WhereClause | boolean | undefined)[]\n): WhereClause {\n  const result: WhereClause = {};\n  for (const clause of whereClauses) {\n    if (clause && typeof clause === 'object') {\n      Object.assign(result, clause);\n    }\n  }\n  return result;\n}\n\nexport function getWhereClause(\n  access: AccessControl,\n  args: AccessArgs\n): Promise<WhereClause | undefined> {\n  return evaluateAccess(access, args).then(result => {\n    if (result === true) return undefined;\n    if (result === false) return { _id: { $eq: null } };\n    return result;\n  });\n}\n","import { timingSafeEqual } from \"crypto\";\nimport type { BaseAdapter } from \"../registry/types.js\";\nimport type { AuthUser, UserRole } from \"./types.js\";\n\nexport interface ApiKeyRecord {\n  id: string;\n  userId: string;\n  name: string;\n  key: string;\n  keyPrefix: string;\n  permissions: string[];\n  lastUsedAt?: string;\n  expiresAt?: string;\n  createdAt: string;\n}\n\nexport interface ApiKeyValidationResult {\n  valid: boolean;\n  userId?: string;\n  user?: Partial<AuthUser>;\n  permissions?: string[];\n  apiKeyId?: string;\n  error?: string;\n  tenantId?: string;\n  role?: UserRole;\n}\n\nexport interface ApiKeyContext {\n  userId: string;\n  user: Partial<AuthUser>;\n  permissions: string[];\n  apiKeyId: string;\n  tenantId?: string;\n  role?: UserRole;\n}\n\nexport const API_KEY_COLLECTION = \"_api_keys\";\n\nfunction generateKeyPrefix(key: string): string {\n  return key.substring(0, 8);\n}\n\nfunction constantTimeCompare(a: string, b: string): boolean {\n  if (a.length !== b.length) {\n    return false;\n  }\n  try {\n    return timingSafeEqual(Buffer.from(a), Buffer.from(b));\n  } catch {\n    return false;\n  }\n}\n\nexport async function validateApiKey(\n  rawKey: string,\n  db: BaseAdapter,\n  userLookup?: (userId: string) => Promise<Partial<AuthUser> | null>,\n): Promise<ApiKeyValidationResult> {\n  if (!rawKey || typeof rawKey !== \"string\") {\n    return { valid: false, error: \"No API key provided\" };\n  }\n\n  if (!rawKey.startsWith(\"kyro_\")) {\n    return { valid: false, error: \"Invalid API key format\" };\n  }\n\n  const keyPrefix = generateKeyPrefix(rawKey);\n\n  try {\n    const result = await db.find({\n      collection: API_KEY_COLLECTION,\n      where: { keyPrefix: { equals: keyPrefix } },\n      limit: 100,\n      page: 1,\n    });\n\n    if (!result.docs || result.docs.length === 0) {\n      return { valid: false, error: \"Invalid API key\" };\n    }\n\n    let matchedKey: ApiKeyRecord | null = null;\n    for (const doc of result.docs) {\n      const record = doc as unknown as ApiKeyRecord;\n      if (constantTimeCompare(record.key, rawKey)) {\n        matchedKey = record;\n        break;\n      }\n    }\n\n    if (!matchedKey) {\n      return { valid: false, error: \"Invalid API key\" };\n    }\n\n    if (matchedKey.expiresAt) {\n      const expiresAt = new Date(matchedKey.expiresAt);\n      if (expiresAt < new Date()) {\n        return { valid: false, error: \"API key has expired\" };\n      }\n    }\n\n    try {\n      await db.update({\n        collection: API_KEY_COLLECTION,\n        id: matchedKey.id,\n        data: { lastUsedAt: new Date().toISOString() },\n      });\n    } catch {\n      // Non-critical: don't fail if lastUsedAt update fails\n    }\n\n    const user: Partial<AuthUser> = {\n      id: matchedKey.userId,\n      role: (matchedKey as any).role || \"author\",\n      tenantId: (matchedKey as any).tenantId,\n    };\n\n    if (userLookup) {\n      const dbUser = await userLookup(matchedKey.userId);\n      if (dbUser) {\n        Object.assign(user, dbUser);\n      }\n    }\n\n    return {\n      valid: true,\n      userId: matchedKey.userId,\n      user,\n      permissions: matchedKey.permissions || [],\n      apiKeyId: matchedKey.id,\n      tenantId: user.tenantId,\n      role: user.role,\n    };\n  } catch (error) {\n    console.error(\"[ApiKey] Validation error:\", error);\n    return { valid: false, error: \"Failed to validate API key\" };\n  }\n}\n\nexport function extractApiKeyFromRequest(request: Request): string | null {\n  const authHeader = request.headers.get(\"Authorization\");\n  if (authHeader) {\n    if (authHeader.startsWith(\"ApiKey \")) {\n      return authHeader.slice(7).trim();\n    }\n    if (authHeader.startsWith(\"Bearer \")) {\n      return null;\n    }\n  }\n\n  const xApiKey = request.headers.get(\"X-API-Key\");\n  if (xApiKey) {\n    return xApiKey.trim();\n  }\n\n  return null;\n}\n\nexport function createApiKeyContext(\n  result: ApiKeyValidationResult,\n): ApiKeyContext | null {\n  if (!result.valid || !result.userId) {\n    return null;\n  }\n  return {\n    userId: result.userId,\n    user: result.user || {},\n    permissions: result.permissions || [],\n    apiKeyId: result.apiKeyId || \"\",\n    tenantId: result.tenantId,\n    role: result.role,\n  };\n}\n\nexport function hasApiKeyPermission(\n  permissions: string[],\n  required: string,\n): boolean {\n  if (permissions.length === 0) return false;\n  if (permissions.includes(\"*\")) return true;\n  if (permissions.includes(required)) return true;\n\n  const [resource, action] = required.split(\":\");\n  if (permissions.includes(`${resource}:*`)) return true;\n\n  return false;\n}\n\nexport function generateApiKey(): string {\n  const chars = \"abcdefghijklmnopqrstuvwxyz0123456789\";\n  let suffix = \"\";\n  for (let i = 0; i < 32; i++) {\n    suffix += chars[Math.floor(Math.random() * chars.length)];\n  }\n  return `kyro_${suffix}`;\n}\n\nexport function generateApiKeyPrefix(key: string): string {\n  return key.substring(0, 8);\n}\n"]}

package/dist/{chunk-2KVHZE6O.cjs → chunk-COIASRDK.cjs}

@@ -1,6 +1,6 @@
 'use strict';
 
-var chunkSA7NSSIQ_cjs = require('./chunk-SA7NSSIQ.cjs');
+var chunkPI73NNOK_cjs = require('./chunk-PI73NNOK.cjs');
 var drizzleOrm = require('drizzle-orm');
 var pgCore = require('drizzle-orm/pg-core');
 var sqliteCore = require('drizzle-orm/sqlite-core');
@@ -22,11 +22,13 @@ function fieldToDrizzleType(field, dialect = "postgres") {
     case "text":
     case "email":
     case "password":
-    case "textarea":
     case "color":
+      return dialect === "sqlite" ? "text" : "varchar";
+    case "textarea":
     case "code":
     case "markdown":
-      return dialect === "sqlite" ? "text" : "varchar";
+    case "secret":
+      return "text";
     case "number":
       return field.integer ? "integer" : "decimal";
     case "checkbox":
@@ -48,7 +50,7 @@ function fieldToDrizzleType(field, dialect = "postgres") {
     case "relationship":
       return dialect === "sqlite" ? "text" : "varchar";
     case "upload":
-      return dialect === "sqlite" ? "text" : "varchar";
+      return "jsonb";
     default:
       return "jsonb";
   }
@@ -81,25 +83,18 @@ function collectionToDrizzleSchema(collection, dialect = "postgres") {
     lines.push(`  createdAt: pg.timestamp('created_at').defaultNow(),`);
     lines.push(`  updatedAt: pg.timestamp('updated_at').defaultNow(),`);
   }
-  lines.push(`  _status: ${dialect === "sqlite" ? "sqlite" : "pg"}.varchar('_status').default('published'),`);
-  lines.push(`  _has_draft: ${dialect === "sqlite" ? "sqlite" : "pg"}.boolean('_has_draft').default(false),`);
+  lines.push(`  publishStatus: ${dialect === "sqlite" ? "sqlite" : "pg"}.varchar('publishStatus').default('draft'),`);
+  lines.push(`  hasDraft: ${dialect === "sqlite" ? "sqlite" : "pg"}.boolean('hasDraft').default(false),`);
   lines.push("});");
   return lines.join("\n");
 }
-var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
+var DrizzleAdapter = class extends chunkPI73NNOK_cjs.AbstractBaseAdapter {
   client;
   schema;
   dialect;
   connectionString;
   draftsTableReady = false;
   versionsTableReady = false;
-  tenantContext;
-  setTenantContext(context) {
-    this.tenantContext = context;
-  }
-  getTenantContext() {
-    return this.tenantContext;
-  }
   constructor(options) {
     super();
     this.schema = options.schema || {};
@@ -126,6 +121,14 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     if (result.updatedAt && typeof result.updatedAt === "string") {
       result.updatedAt = new Date(result.updatedAt);
     }
+    for (const field of config.fields) {
+      if (field.type === "date" && field.name) {
+        const value = result[field.name];
+        if (value && typeof value === "string") {
+          result[field.name] = new Date(value);
+        }
+      }
+    }
     for (const field of config.fields) {
       const dbType = fieldToDrizzleType(field, this.dialect);
       const isJsonb = dbType === "jsonb";
@@ -154,6 +157,14 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
         }
       }
     }
+    for (const field of config.fields) {
+      if (field.name && result[field.name] === "") {
+        const dbType = fieldToDrizzleType(field, this.dialect);
+        if (dbType === "timestamp" || dbType === "jsonb" || dbType === "decimal" || dbType === "integer" || dbType === "numeric" || dbType === "boolean") {
+          result[field.name] = null;
+        }
+      }
+    }
     return result;
   }
   async connect() {
@@ -270,8 +281,8 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     }
     if (!columns.createdAt) columns.createdAt = this.dialect === "sqlite" ? sqliteCore.text("created_at").default((/* @__PURE__ */ new Date()).toISOString()) : pgCore.timestamp("created_at").defaultNow();
     if (!columns.updatedAt) columns.updatedAt = this.dialect === "sqlite" ? sqliteCore.text("updated_at").default((/* @__PURE__ */ new Date()).toISOString()) : pgCore.timestamp("updated_at").defaultNow();
-    columns._status = this.dialect === "sqlite" ? sqliteCore.text("_status").default("published") : pgCore.varchar("_status", { length: 20 }).default("published");
-    columns._has_draft = this.dialect === "sqlite" ? sqliteCore.integer("_has_draft", { mode: "boolean" }).default(false) : pgCore.boolean("_has_draft").default(false);
+    columns.publishStatus = this.dialect === "sqlite" ? sqliteCore.text("publishStatus").default("draft") : pgCore.varchar("publishStatus", { length: 20 }).default("draft");
+    columns.hasDraft = this.dialect === "sqlite" ? sqliteCore.integer("hasDraft", { mode: "boolean" }).default(false) : pgCore.boolean("hasDraft").default(false);
     return this.dialect === "sqlite" ? sqliteCore.sqliteTable(tableName, columns) : pgCore.pgTable(tableName, columns);
   }
   async ensureCollectionTables(collections) {
@@ -290,8 +301,8 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
             ${colDefs}
             ${hasCreated ? "" : '"created_at" TIMESTAMP NOT NULL DEFAULT NOW(),'}
             ${hasUpdated ? "" : '"updated_at" TIMESTAMP NOT NULL DEFAULT NOW(),'}
-            "_status" VARCHAR(20) DEFAULT 'published',
-            "_has_draft" BOOLEAN DEFAULT false
+            "publishStatus" VARCHAR(20) DEFAULT 'draft',
+            "hasDraft" BOOLEAN DEFAULT false
           )
         `);
       } else {
@@ -302,8 +313,8 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
             ${colDefs}
             ${hasCreated ? "" : `"created_at" TEXT NOT NULL DEFAULT (datetime('now')),`}
             ${hasUpdated ? "" : `"updated_at" TEXT NOT NULL DEFAULT (datetime('now')),`}
-            "_status" TEXT DEFAULT 'published',
-            "_has_draft" INTEGER DEFAULT 0
+            "publishStatus" TEXT DEFAULT 'draft',
+            "hasDraft" INTEGER DEFAULT 0
           )
         `);
       }
@@ -317,6 +328,126 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
         }
       }
     }
+    for (const config of collections) {
+      const tableName = this.getTableName(config.slug);
+      if (tableName === "users" || tableName === "audit_logs") continue;
+      await this.syncTableColumns(config, tableName);
+    }
+  }
+  getColumnSqlDefinition(field, dialect) {
+    const dbType = fieldToDrizzleType(field, dialect);
+    const sqlName = field.name.replace(/-/g, "_").replace(/([A-Z])/g, "_$1").toLowerCase();
+    const sqlType = this.columnSqlType(dbType, dialect);
+    return `"${sqlName}" ${sqlType} DEFAULT NULL`;
+  }
+  columnSqlType(dbType, dialect) {
+    if (dialect === "sqlite") {
+      switch (dbType) {
+        case "varchar":
+          return "TEXT";
+        case "text":
+          return "TEXT";
+        case "integer":
+          return "INTEGER";
+        case "decimal":
+        case "numeric":
+          return "NUMERIC";
+        case "boolean":
+          return "INTEGER";
+        case "timestamp":
+          return "TEXT";
+        case "jsonb":
+          return "TEXT";
+        default:
+          return "TEXT";
+      }
+    }
+    switch (dbType) {
+      case "varchar":
+        return "VARCHAR(255)";
+      case "text":
+        return "TEXT";
+      case "integer":
+        return "INTEGER";
+      case "decimal":
+      case "numeric":
+        return "DECIMAL";
+      case "boolean":
+        return "BOOLEAN";
+      case "timestamp":
+        return "TIMESTAMP";
+      case "jsonb":
+        return "JSONB";
+      default:
+        return "TEXT";
+    }
+  }
+  getExpectedColumnDefs(config, tableName) {
+    const defs = {};
+    const isGlobal = config.slug.startsWith("_globals_");
+    const hasCreated = config.fields.some((f) => f.name === "createdAt");
+    const hasUpdated = config.fields.some((f) => f.name === "updatedAt");
+    if (this.dialect === "postgres") {
+      defs["id"] = isGlobal ? '"id" TEXT PRIMARY KEY' : '"id" UUID PRIMARY KEY DEFAULT gen_random_uuid()';
+      if (!hasCreated) defs["created_at"] = '"created_at" TIMESTAMP DEFAULT NULL';
+      if (!hasUpdated) defs["updated_at"] = '"updated_at" TIMESTAMP DEFAULT NULL';
+      defs["publishStatus"] = '"publishStatus" VARCHAR(20) DEFAULT NULL';
+      defs["hasDraft"] = '"hasDraft" BOOLEAN DEFAULT NULL';
+    } else {
+      defs["id"] = '"id" TEXT PRIMARY KEY';
+      if (!hasCreated) defs["created_at"] = '"created_at" TEXT DEFAULT NULL';
+      if (!hasUpdated) defs["updated_at"] = '"updated_at" TEXT DEFAULT NULL';
+      defs["publishStatus"] = '"publishStatus" TEXT DEFAULT NULL';
+      defs["hasDraft"] = '"hasDraft" INTEGER DEFAULT NULL';
+    }
+    for (const field of config.fields) {
+      if (!field.name || field.name === "id") continue;
+      const def = this.getColumnSqlDefinition(field, this.dialect);
+      const sqlName = field.name.replace(/-/g, "_").replace(/([A-Z])/g, "_$1").toLowerCase();
+      defs[sqlName] = def;
+    }
+    return defs;
+  }
+  async syncTableColumns(config, tableName) {
+    let existingCols;
+    try {
+      if (this.dialect === "postgres") {
+        const result = await this.client.execute(
+          drizzleOrm.sql`SELECT column_name, data_type, character_maximum_length FROM information_schema.columns WHERE table_name = ${tableName}`
+        );
+        existingCols = new Map(result.map((r) => [r.column_name, { type: r.data_type, maxLen: r.character_maximum_length }]));
+      } else {
+        const result = await this.client.execute(
+          drizzleOrm.sql`PRAGMA table_info("${drizzleOrm.sql.raw(tableName)}")`
+        );
+        existingCols = new Map(result.map((r) => [r.name, { type: r.type, maxLen: null }]));
+      }
+    } catch {
+      return;
+    }
+    const expected = this.getExpectedColumnDefs(config, tableName);
+    const missing = Object.keys(expected).filter((k) => !existingCols.has(k));
+    if (missing.length > 0) {
+      const alterStmts = missing.map((k) => `ALTER TABLE "${tableName}" ADD COLUMN ${expected[k]}`);
+      await this.executeRaw(drizzleOrm.sql.raw(alterStmts.join(";\n")));
+    }
+    if (this.dialect === "postgres") {
+      for (const field of config.fields) {
+        if (!field.name || field.name === "id") continue;
+        const expectedDbType = fieldToDrizzleType(field, this.dialect);
+        const sqlName = field.name.replace(/-/g, "_").replace(/([A-Z])/g, "_$1").toLowerCase();
+        const info = existingCols.get(sqlName);
+        if (!info || info.type !== "character varying") continue;
+        if (expectedDbType === "text") {
+          await this.executeRaw(drizzleOrm.sql.raw(`ALTER TABLE "${tableName}" ALTER COLUMN "${sqlName}" TYPE TEXT`));
+          console.log(`[DrizzleAdapter] Fixed column type: "${tableName}"."${sqlName}" VARCHAR \u2192 TEXT`);
+        } else if (expectedDbType === "jsonb") {
+          await this.executeRaw(drizzleOrm.sql.raw(`ALTER TABLE "${tableName}" ALTER COLUMN "${sqlName}" DROP DEFAULT`));
+          await this.executeRaw(drizzleOrm.sql.raw(`ALTER TABLE "${tableName}" ALTER COLUMN "${sqlName}" TYPE JSONB USING (CASE WHEN "${sqlName}" IS NULL THEN NULL WHEN "${sqlName}"::text ~ '^\\s*\\{' THEN "${sqlName}"::jsonb ELSE jsonb_build_object('id', "${sqlName}"::text) END)`));
+          console.log(`[DrizzleAdapter] Fixed column type: "${tableName}"."${sqlName}" VARCHAR \u2192 JSONB`);
+        }
+      }
+    }
   }
   generateCreateColumns(config) {
     const cols = [];
@@ -389,12 +520,12 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     const table = this.getTable(slug);
     let effectiveWhere = { ...where };
     if (this.tenantContext && config.tenantScoped) {
-      const rlsQuery = chunkSA7NSSIQ_cjs.applyRLS({ where: effectiveWhere }, slug, this.tenantContext, chunkSA7NSSIQ_cjs.DEFAULT_RLS_CONFIG);
+      const rlsQuery = chunkPI73NNOK_cjs.applyRLS({ where: effectiveWhere }, slug, this.tenantContext, chunkPI73NNOK_cjs.DEFAULT_RLS_CONFIG);
       effectiveWhere = rlsQuery.where || {};
     }
     const filters = this.buildWhereClause(effectiveWhere, config, table, tenantID);
-    if (!draft && table._status) {
-      filters.push(drizzleOrm.eq(table._status, "published"));
+    if (!draft && table.publishStatus) {
+      filters.push(drizzleOrm.eq(table.publishStatus, "published"));
     }
     const sortOption = this.parseSort(sort);
     const totalDocs = await this.count({ collection: slug, where: effectiveWhere, tenantID });
@@ -413,11 +544,11 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     }
     let docs = results.map((doc) => this.processResult(doc, config));
     if (this.tenantContext && !this.tenantContext.isSuperAdmin) {
-      docs = docs.filter((doc) => chunkSA7NSSIQ_cjs.canAccessDocument(doc, slug, this.tenantContext, chunkSA7NSSIQ_cjs.DEFAULT_RLS_CONFIG));
+      docs = docs.filter((doc) => chunkPI73NNOK_cjs.canAccessDocument(doc, slug, this.tenantContext, chunkPI73NNOK_cjs.DEFAULT_RLS_CONFIG));
     }
     if (draft) {
       docs = await Promise.all(docs.map(async (doc) => {
-        if (doc._has_draft) {
+        if (doc.hasDraft) {
           const versions = await this.findVersions({
             collection: slug,
             documentId: doc.id,
@@ -425,7 +556,7 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
             sort: "-createdAt"
           });
           if (versions.docs.length > 0 && versions.docs[0].status === "draft") {
-            return { ...doc, ...versions.docs[0].data, _has_draft: true, _status: doc._status };
+            return { ...doc, ...versions.docs[0].data, hasDraft: true, publishStatus: doc.publishStatus };
           }
         }
         return doc;
@@ -442,18 +573,18 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     const table = this.getTable(slug);
     if (this.tenantContext && config.tenantScoped) {
       const tempDoc = { id, tenantId: this.tenantContext.tenantId };
-      if (!chunkSA7NSSIQ_cjs.canAccessDocument(tempDoc, slug, this.tenantContext, chunkSA7NSSIQ_cjs.DEFAULT_RLS_CONFIG)) {
+      if (!chunkPI73NNOK_cjs.canAccessDocument(tempDoc, slug, this.tenantContext, chunkPI73NNOK_cjs.DEFAULT_RLS_CONFIG)) {
         return null;
       }
     }
     const conditions = [drizzleOrm.eq(table.id, id)];
     if (tenantID && table.tenantId) conditions.push(drizzleOrm.eq(table.tenantId, tenantID));
-    if (!draft && table._status) conditions.push(drizzleOrm.eq(table._status, "published"));
+    if (!draft && table.publishStatus) conditions.push(drizzleOrm.eq(table.publishStatus, "published"));
     const whereClause = conditions.length > 1 ? drizzleOrm.and(...conditions) : conditions[0];
     let allRows = await this.client.select().from(table).where(whereClause);
     if (allRows.length === 0) return null;
     let doc = this.processResult(allRows[0], config);
-    if (draft && doc._has_draft) {
+    if (draft && doc.hasDraft) {
       const versions = await this.findVersions({
         collection: slug,
         documentId: doc.id,
@@ -461,7 +592,7 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
         sort: "-createdAt"
       });
       if (versions.docs.length > 0 && versions.docs[0].status === "draft") {
-        doc = { ...doc, ...versions.docs[0].data, _has_draft: true, _status: doc._status };
+        doc = { ...doc, ...versions.docs[0].data, hasDraft: true, publishStatus: doc.publishStatus };
       }
     }
     return doc;
@@ -482,21 +613,27 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     const config = this.getCollection(slug);
     const table = this.getTable(slug);
     const updateData = this.prepareData(data, config);
-    if (tenantID) {
-      updateData.tenantId = tenantID;
+    delete updateData.id;
+    console.log(`[DrizzleAdapter.update] CALLED for ${slug}/${id}`);
+    const conditions = [drizzleOrm.eq(table.id, id)];
+    if (tenantID && table.tenantId) {
+      conditions.push(drizzleOrm.eq(table.tenantId, tenantID));
+    }
+    const result = await this.client.update(table).set(updateData).where(drizzleOrm.and(...conditions)).returning();
+    if (result.length === 0) {
+      throw new Error(`Document not found: ${slug}/${id}`);
     }
-    const result = await this.client.update(table).set(updateData).where(drizzleOrm.eq(table.id, id)).returning();
     return this.processResult(result[0], config);
   }
   async delete(args) {
     const { collection: slug, id, tenantID } = args;
     const config = this.getCollection(slug);
     const table = this.getTable(slug);
-    let query = this.client.delete(table).where(drizzleOrm.eq(table.id, id)).returning();
+    const conditions = [drizzleOrm.eq(table.id, id)];
     if (tenantID && table.tenantId) {
-      query = query.where(drizzleOrm.eq(table.tenantId, tenantID));
+      conditions.push(drizzleOrm.eq(table.tenantId, tenantID));
     }
-    const result = await query;
+    const result = await this.client.delete(table).where(drizzleOrm.and(...conditions)).returning();
     if (result.length === 0) {
       throw new Error(`Document not found: ${slug}/${id}`);
     }
@@ -526,13 +663,13 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
       if (!globalConfig) throw new Error(`Global "${globalSlug}" not found`);
       const table = this.getTable(slug);
       let query = this.client.select().from(table);
-      if (!draft && table._status) {
-        query = query.where(drizzleOrm.eq(table._status, "published"));
+      if (!draft && table.publishStatus) {
+        query = query.where(drizzleOrm.eq(table.publishStatus, "published"));
       }
       const results = await query.limit(1);
       if (results.length === 0) return null;
       let doc = this.processResult(results[0], globalConfig);
-      if (draft && doc._has_draft) {
+      if (draft && doc.hasDraft) {
         const versions = await this.findVersions({
           collection: slug,
           documentId: globalSlug,
@@ -540,7 +677,7 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
           sort: "-createdAt"
         });
         if (versions.docs.length > 0 && versions.docs[0].status === "draft") {
-          doc = { ...doc, ...versions.docs[0].data, _has_draft: true, _status: doc._status };
+          doc = { ...doc, ...versions.docs[0].data, hasDraft: true, publishStatus: doc.publishStatus };
         }
       }
       return doc;
@@ -779,6 +916,22 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
       }
       if (field.type === "tabs" && "tabs" in field && field.name) {
         if (typeof result[field.name] === "object" && result[field.name] !== null && !Array.isArray(result[field.name])) {
+          for (const tab of field.tabs) {
+            for (const tabField of tab.fields) {
+              if ((tabField.type === "upload" || tabField.type === "image") && tabField.name) {
+                const val = result[field.name][tabField.name];
+                if (typeof val === "string") {
+                  try {
+                    const parsed = JSON.parse(val);
+                    result[field.name][tabField.name] = Array.isArray(parsed) ? parsed.map((item) => item && typeof item === "object" && typeof item.id === "string" ? item.id : String(item || "")) : typeof parsed.id === "string" ? parsed.id : String(parsed.id || "");
+                  } catch {
+                  }
+                } else if (val && typeof val === "object") {
+                  result[field.name][tabField.name] = Array.isArray(val) ? val.map((item) => item && typeof item === "object" && typeof item.id === "string" ? item.id : String(item || "")) : typeof val.id === "string" ? val.id : String(val.id || "");
+                }
+              }
+            }
+          }
           continue;
         }
         if (typeof result[field.name] === "string") {
@@ -803,6 +956,9 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
                   } catch {
                   }
                 }
+                if ((tabField.type === "upload" || tabField.type === "image") && value && typeof value === "object") {
+                  value = Array.isArray(value) ? value.map((item) => item && typeof item === "object" && typeof item.id === "string" ? item.id : String(item || "")) : typeof value.id === "string" ? value.id : String(value.id || "");
+                }
               }
               tabData[tabField.name] = value;
               delete result[tabField.name];
@@ -821,7 +977,7 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     return result;
   }
   async ensureDraftsTable() {
-    if (_schemaEnsured || this.draftsTableReady) return;
+    if (this.draftsTableReady) return;
     let createTableSQL;
     if (this.dialect === "sqlite") {
       createTableSQL = `
@@ -856,7 +1012,7 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
     this.draftsTableReady = true;
   }
   async ensureVersionsTable() {
-    if (_schemaEnsured || this.versionsTableReady) return;
+    if (this.versionsTableReady) return;
     let createTableSQL;
     if (this.dialect === "sqlite") {
       createTableSQL = `
@@ -925,7 +1081,7 @@ var DrizzleAdapter = class extends chunkSA7NSSIQ_cjs.AbstractBaseAdapter {
 function createDrizzleAdapter(options) {
   return new DrizzleAdapter(options);
 }
-var _require = module$1.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-2KVHZE6O.cjs', document.baseURI).href)));
+var _require = module$1.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-COIASRDK.cjs', document.baseURI).href)));
 var modPath = "node:sqlite";
 var { DatabaseSync } = _require(modPath);
 function getDialect() {
@@ -963,7 +1119,7 @@ async function runMigrations(_db, _dialect) {
   );
 }
 async function seedDefaultRoles(db) {
-  const { roles } = await import('./schema-37SE2F4B.cjs');
+  const { roles } = await import('./schema-TTFE4467.cjs');
   await db.insert(roles).values({
     name: "super_admin",
     level: 100,
@@ -981,5 +1137,5 @@ exports.fieldToDrizzleType = fieldToDrizzleType;
 exports.genId = genId;
 exports.runMigrations = runMigrations;
 exports.seedDefaultRoles = seedDefaultRoles;
-//# sourceMappingURL=chunk-2KVHZE6O.cjs.map
-//# sourceMappingURL=chunk-2KVHZE6O.cjs.map
+//# sourceMappingURL=chunk-COIASRDK.cjs.map
+//# sourceMappingURL=chunk-COIASRDK.cjs.map