npm - @latte-macchiat-io/latte-payload - Versions diffs - 1.0.1 - Mend

@latte-macchiat-io/latte-payload 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (253) hide show

package/.claude/settings.local.json +9 -0
package/.env.example +29 -0
package/.github/workflows/ci.yml +160 -0
package/.github/workflows/publish.yml +126 -0
package/.nvmrc +1 -0
package/.prettierignore +2 -0
package/.prettierrc +11 -0
package/CHANGELOG.md +87 -0
package/README.md +364 -0
package/TESTING_AND_DOCUMENTATION_SETUP.md +348 -0
package/dist/access/adminAccessOnly.d.ts +25 -0
package/dist/access/adminAccessOnly.d.ts.map +1 -0
package/dist/access/adminAccessOnly.js +11 -0
package/dist/access/adminAccessOnly.js.map +1 -0
package/dist/access/admins.d.ts +72 -0
package/dist/access/admins.d.ts.map +1 -0
package/dist/access/admins.js +76 -0
package/dist/access/admins.js.map +1 -0
package/dist/access/anyone.d.ts +35 -0
package/dist/access/anyone.d.ts.map +1 -0
package/dist/access/anyone.js +34 -0
package/dist/access/anyone.js.map +1 -0
package/dist/access/authenticated.d.ts +63 -0
package/dist/access/authenticated.d.ts.map +1 -0
package/dist/access/authenticated.js +68 -0
package/dist/access/authenticated.js.map +1 -0
package/dist/access/authenticatedAccessOnly.d.ts +13 -0
package/dist/access/authenticatedAccessOnly.d.ts.map +1 -0
package/dist/access/authenticatedAccessOnly.js +11 -0
package/dist/access/authenticatedAccessOnly.js.map +1 -0
package/dist/access/index.d.ts +7 -0
package/dist/access/index.d.ts.map +1 -0
package/dist/access/index.js +7 -0
package/dist/access/index.js.map +1 -0
package/dist/access/publicReadAuthenticatedAccess.d.ts +13 -0
package/dist/access/publicReadAuthenticatedAccess.d.ts.map +1 -0
package/dist/access/publicReadAuthenticatedAccess.js +12 -0
package/dist/access/publicReadAuthenticatedAccess.js.map +1 -0
package/dist/collections/ContactMessages/hooks/sendEmailNotification.d.ts +31 -0
package/dist/collections/ContactMessages/hooks/sendEmailNotification.d.ts.map +1 -0
package/dist/collections/ContactMessages/hooks/sendEmailNotification.js +29 -0
package/dist/collections/ContactMessages/hooks/sendEmailNotification.js.map +1 -0
package/dist/collections/ContactMessages/index.d.ts +27 -0
package/dist/collections/ContactMessages/index.d.ts.map +1 -0
package/dist/collections/ContactMessages/index.js +81 -0
package/dist/collections/ContactMessages/index.js.map +1 -0
package/dist/collections/EmailTemplates/index.d.ts +26 -0
package/dist/collections/EmailTemplates/index.d.ts.map +1 -0
package/dist/collections/EmailTemplates/index.js +74 -0
package/dist/collections/EmailTemplates/index.js.map +1 -0
package/dist/collections/Media/index.d.ts +3 -0
package/dist/collections/Media/index.d.ts.map +1 -0
package/dist/collections/Media/index.js +22 -0
package/dist/collections/Media/index.js.map +1 -0
package/dist/collections/QueuedEmails/components/HtmlViewer.d.ts +3 -0
package/dist/collections/QueuedEmails/components/HtmlViewer.d.ts.map +1 -0
package/dist/collections/QueuedEmails/components/HtmlViewer.js +11 -0
package/dist/collections/QueuedEmails/components/HtmlViewer.js.map +1 -0
package/dist/collections/QueuedEmails/components/RetryEmailButtons.d.ts +2 -0
package/dist/collections/QueuedEmails/components/RetryEmailButtons.d.ts.map +1 -0
package/dist/collections/QueuedEmails/components/RetryEmailButtons.js +79 -0
package/dist/collections/QueuedEmails/components/RetryEmailButtons.js.map +1 -0
package/dist/collections/QueuedEmails/index.d.ts +3 -0
package/dist/collections/QueuedEmails/index.d.ts.map +1 -0
package/dist/collections/QueuedEmails/index.js +245 -0
package/dist/collections/QueuedEmails/index.js.map +1 -0
package/dist/collections/Users/auth-emails/forgot-password-email.d.ts +51 -0
package/dist/collections/Users/auth-emails/forgot-password-email.d.ts.map +1 -0
package/dist/collections/Users/auth-emails/forgot-password-email.js +90 -0
package/dist/collections/Users/auth-emails/forgot-password-email.js.map +1 -0
package/dist/collections/Users/auth-emails/verify-email.d.ts +51 -0
package/dist/collections/Users/auth-emails/verify-email.d.ts.map +1 -0
package/dist/collections/Users/auth-emails/verify-email.js +80 -0
package/dist/collections/Users/auth-emails/verify-email.js.map +1 -0
package/dist/collections/Users/hooks/ensureFirstUserIsAdmin.d.ts +3 -0
package/dist/collections/Users/hooks/ensureFirstUserIsAdmin.d.ts.map +1 -0
package/dist/collections/Users/hooks/ensureFirstUserIsAdmin.js +19 -0
package/dist/collections/Users/hooks/ensureFirstUserIsAdmin.js.map +1 -0
package/dist/collections/Users/index.d.ts +76 -0
package/dist/collections/Users/index.d.ts.map +1 -0
package/dist/collections/Users/index.js +116 -0
package/dist/collections/Users/index.js.map +1 -0
package/dist/collections/index.d.ts +10 -0
package/dist/collections/index.d.ts.map +1 -0
package/dist/collections/index.js +14 -0
package/dist/collections/index.js.map +1 -0
package/dist/components/index.d.ts +3 -0
package/dist/components/index.d.ts.map +1 -0
package/dist/components/index.js +4 -0
package/dist/components/index.js.map +1 -0
package/dist/forms/states.d.ts +8 -0
package/dist/forms/states.d.ts.map +1 -0
package/dist/forms/states.js +16 -0
package/dist/forms/states.js.map +1 -0
package/dist/forms/translate-errors.d.ts +8 -0
package/dist/forms/translate-errors.d.ts.map +1 -0
package/dist/forms/translate-errors.js +11 -0
package/dist/forms/translate-errors.js.map +1 -0
package/dist/forms/validators.d.ts +10 -0
package/dist/forms/validators.d.ts.map +1 -0
package/dist/forms/validators.js +23 -0
package/dist/forms/validators.js.map +1 -0
package/dist/globals/PrivacyPolicy/hooks/revalidate-cache.d.ts +2 -0
package/dist/globals/PrivacyPolicy/hooks/revalidate-cache.d.ts.map +1 -0
package/dist/globals/PrivacyPolicy/hooks/revalidate-cache.js +5 -0
package/dist/globals/PrivacyPolicy/hooks/revalidate-cache.js.map +1 -0
package/dist/globals/PrivacyPolicy/index.d.ts +3 -0
package/dist/globals/PrivacyPolicy/index.d.ts.map +1 -0
package/dist/globals/PrivacyPolicy/index.js +31 -0
package/dist/globals/PrivacyPolicy/index.js.map +1 -0
package/dist/globals/TermsOfUse/hooks/revalidate-cache.d.ts +2 -0
package/dist/globals/TermsOfUse/hooks/revalidate-cache.d.ts.map +1 -0
package/dist/globals/TermsOfUse/hooks/revalidate-cache.js +5 -0
package/dist/globals/TermsOfUse/hooks/revalidate-cache.js.map +1 -0
package/dist/globals/TermsOfUse/index.d.ts +3 -0
package/dist/globals/TermsOfUse/index.d.ts.map +1 -0
package/dist/globals/TermsOfUse/index.js +31 -0
package/dist/globals/TermsOfUse/index.js.map +1 -0
package/dist/globals/index.d.ts +3 -0
package/dist/globals/index.d.ts.map +1 -0
package/dist/globals/index.js +3 -0
package/dist/globals/index.js.map +1 -0
package/dist/index.d.ts +13 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +20 -0
package/dist/index.js.map +1 -0
package/dist/tasks/index.d.ts +2 -0
package/dist/tasks/index.d.ts.map +1 -0
package/dist/tasks/index.js +2 -0
package/dist/tasks/index.js.map +1 -0
package/dist/tasks/process-email-queue.d.ts +46 -0
package/dist/tasks/process-email-queue.d.ts.map +1 -0
package/dist/tasks/process-email-queue.js +199 -0
package/dist/tasks/process-email-queue.js.map +1 -0
package/dist/types/index.d.ts +14 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +2 -0
package/dist/types/index.js.map +1 -0
package/dist/types/slug.d.ts +2 -0
package/dist/types/slug.d.ts.map +1 -0
package/dist/types/slug.js +11 -0
package/dist/types/slug.js.map +1 -0
package/dist/utils/database-dates.d.ts +3 -0
package/dist/utils/database-dates.d.ts.map +1 -0
package/dist/utils/database-dates.js +6 -0
package/dist/utils/database-dates.js.map +1 -0
package/dist/utils/email/generate-email-html.d.ts +23 -0
package/dist/utils/email/generate-email-html.d.ts.map +1 -0
package/dist/utils/email/generate-email-html.js +42 -0
package/dist/utils/email/generate-email-html.js.map +1 -0
package/dist/utils/email/get-email-template.d.ts +8 -0
package/dist/utils/email/get-email-template.d.ts.map +1 -0
package/dist/utils/email/get-email-template.js +14 -0
package/dist/utils/email/get-email-template.js.map +1 -0
package/dist/utils/email/index.d.ts +4 -0
package/dist/utils/email/index.d.ts.map +1 -0
package/dist/utils/email/index.js +4 -0
package/dist/utils/email/index.js.map +1 -0
package/dist/utils/email/queue-email.d.ts +29 -0
package/dist/utils/email/queue-email.d.ts.map +1 -0
package/dist/utils/email/queue-email.js +79 -0
package/dist/utils/email/queue-email.js.map +1 -0
package/dist/utils/get-global.d.ts +6 -0
package/dist/utils/get-global.d.ts.map +1 -0
package/dist/utils/get-global.js +20 -0
package/dist/utils/get-global.js.map +1 -0
package/dist/utils/id-from-payload.d.ts +4 -0
package/dist/utils/id-from-payload.d.ts.map +1 -0
package/dist/utils/id-from-payload.js +10 -0
package/dist/utils/id-from-payload.js.map +1 -0
package/dist/utils/index.d.ts +4 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +4 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/migrations.d.ts +2 -0
package/dist/utils/migrations.d.ts.map +1 -0
package/dist/utils/migrations.js +18 -0
package/dist/utils/migrations.js.map +1 -0
package/dist/utils/payload-client.d.ts +10 -0
package/dist/utils/payload-client.d.ts.map +1 -0
package/dist/utils/payload-client.js +14 -0
package/dist/utils/payload-client.js.map +1 -0
package/dist/utils/slugify.d.ts +8 -0
package/dist/utils/slugify.d.ts.map +1 -0
package/dist/utils/slugify.js +15 -0
package/dist/utils/slugify.js.map +1 -0
package/eslint.config.mjs +90 -0
package/package.json +139 -0
package/pnpm-workspace.yaml +4 -0
package/src/access/adminAccessOnly.ts +13 -0
package/src/access/admins.ts +78 -0
package/src/access/anyone.ts +35 -0
package/src/access/authenticated.ts +70 -0
package/src/access/authenticatedAccessOnly.ts +13 -0
package/src/access/index.ts +6 -0
package/src/access/publicReadAuthenticatedAccess.ts +14 -0
package/src/collections/ContactMessages/hooks/sendEmailNotification.ts +58 -0
package/src/collections/ContactMessages/index.ts +100 -0
package/src/collections/EmailTemplates/index.ts +89 -0
package/src/collections/Media/index.ts +24 -0
package/src/collections/QueuedEmails/components/HtmlViewer.tsx +16 -0
package/src/collections/QueuedEmails/components/RetryEmailButtons.tsx +115 -0
package/src/collections/QueuedEmails/index.ts +246 -0
package/src/collections/Users/auth-emails/forgot-password-email.ts +135 -0
package/src/collections/Users/auth-emails/verify-email.ts +123 -0
package/src/collections/Users/hooks/ensureFirstUserIsAdmin.ts +22 -0
package/src/collections/Users/index.ts +201 -0
package/src/collections/index.ts +23 -0
package/src/components/index.ts +3 -0
package/src/forms/states.ts +23 -0
package/src/forms/translate-errors.ts +13 -0
package/src/forms/validators.ts +33 -0
package/src/globals/PrivacyPolicy/hooks/revalidate-cache.ts +5 -0
package/src/globals/PrivacyPolicy/index.ts +33 -0
package/src/globals/TermsOfUse/hooks/revalidate-cache.ts +5 -0
package/src/globals/TermsOfUse/index.ts +33 -0
package/src/globals/index.ts +2 -0
package/src/index.ts +26 -0
package/src/tasks/index.ts +7 -0
package/src/tasks/process-email-queue.ts +261 -0
package/src/types/index.ts +15 -0
package/src/types/slug.ts +11 -0
package/src/utils/database-dates.ts +6 -0
package/src/utils/email/generate-email-html.ts +63 -0
package/src/utils/email/get-email-template.ts +18 -0
package/src/utils/email/index.ts +3 -0
package/src/utils/email/queue-email.ts +109 -0
package/src/utils/get-global.ts +25 -0
package/src/utils/id-from-payload.ts +11 -0
package/src/utils/index.ts +3 -0
package/src/utils/migrations.ts +18 -0
package/src/utils/payload-client.ts +16 -0
package/src/utils/slugify.ts +21 -0
package/tests/fixtures/email-template.html +58 -0
package/tests/fixtures/sample-data.ts +56 -0
package/tests/helpers/create-test-user.ts +37 -0
package/tests/helpers/init-payload.ts +59 -0
package/tests/setup.integration.ts +9 -0
package/tests/setup.ts +4 -0
package/tests/unit/access/adminAccessOnly.spec.ts +117 -0
package/tests/unit/access/admins.spec.ts +68 -0
package/tests/unit/access/anyone.spec.ts +28 -0
package/tests/unit/access/authenticated.spec.ts +53 -0
package/tests/unit/access/authenticatedAccessOnly.spec.ts +112 -0
package/tests/unit/access/publicReadAuthenticatedAccess.spec.ts +112 -0
package/tests/unit/forms/validators.spec.ts +348 -0
package/tests/unit/utils/database-dates.spec.ts +97 -0
package/tests/unit/utils/id-from-payload.spec.ts +142 -0
package/tests/unit/utils/slugify.spec.ts +185 -0
package/tsconfig.json +31 -0
package/typedoc.json +40 -0
package/vitest.config.ts +31 -0
package/vitest.integration.config.ts +27 -0

package/tests/unit/access/admins.spec.ts ADDED Viewed

@@ -0,0 +1,68 @@
+import { describe, expect, it } from 'vitest';
+import { admins, adminsFieldLevel } from '@/access/admins';
+describe('admins access control', () => {
+  describe('admins', () => {
+    it('should return true for users with admin role', () => {
+      const req = { user: { roles: ['admin'] } } as any;
+      expect(admins({ req })).toBe(true);
+    });
+    it('should return false for users without admin role', () => {
+      const req = { user: { roles: ['user'] } } as any;
+      expect(admins({ req })).toBe(false);
+    });
+    it('should return false for users with empty roles array', () => {
+      const req = { user: { roles: [] } } as any;
+      expect(admins({ req })).toBe(false);
+    });
+    it('should return false for unauthenticated users (null user)', () => {
+      const req = { user: null } as any;
+      expect(admins({ req })).toBe(false);
+    });
+    it('should return false for unauthenticated users (undefined user)', () => {
+      const req = { user: undefined } as any;
+      expect(admins({ req })).toBe(false);
+    });
+    it('should handle users with multiple roles including admin', () => {
+      const req = { user: { roles: ['user', 'admin', 'editor'] } } as any;
+      expect(admins({ req })).toBe(true);
+    });
+    it('should return false when user has no roles property', () => {
+      const req = { user: {} } as any;
+      expect(admins({ req })).toBe(false);
+    });
+    it('should return false when roles is null', () => {
+      const req = { user: { roles: null } } as any;
+      expect(admins({ req })).toBe(false);
+    });
+  });
+  describe('adminsFieldLevel', () => {
+    it('should return true for users with admin role', () => {
+      const params = { req: { user: { roles: ['admin'] } } } as any;
+      expect(adminsFieldLevel(params)).toBe(true);
+    });
+    it('should return false for users without admin role', () => {
+      const params = { req: { user: { roles: ['user'] } } } as any;
+      expect(adminsFieldLevel(params)).toBe(false);
+    });
+    it('should return false for unauthenticated users', () => {
+      const params = { req: { user: null } } as any;
+      expect(adminsFieldLevel(params)).toBe(false);
+    });
+    it('should handle users with multiple roles including admin', () => {
+      const params = { req: { user: { roles: ['user', 'admin'] } } } as any;
+      expect(adminsFieldLevel(params)).toBe(true);
+    });
+  });
+});

package/tests/unit/access/anyone.spec.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import { describe, expect, it } from 'vitest';
+import { anyone } from '@/access/anyone';
+describe('anyone access control', () => {
+  it('should return true for authenticated users', () => {
+    const req = { user: { id: 1 } } as any;
+    expect(anyone({ req })).toBe(true);
+  });
+  it('should return true for unauthenticated users (null)', () => {
+    const req = { user: null } as any;
+    expect(anyone({ req })).toBe(true);
+  });
+  it('should return true for unauthenticated users (undefined)', () => {
+    const req = { user: undefined } as any;
+    expect(anyone({ req })).toBe(true);
+  });
+  it('should return true with no arguments', () => {
+    expect(anyone({} as any)).toBe(true);
+  });
+  it('should return true for admin users', () => {
+    const req = { user: { roles: ['admin'] } } as any;
+    expect(anyone({ req })).toBe(true);
+  });
+});

package/tests/unit/access/authenticated.spec.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import { describe, expect, it } from 'vitest';
+import { authenticated, authenticatedFieldLevel } from '@/access/authenticated';
+describe('authenticated access control', () => {
+  describe('authenticated', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1, email: 'test@example.com' } } as any;
+      expect(authenticated({ req })).toBe(true);
+    });
+    it('should return false for null user', () => {
+      const req = { user: null } as any;
+      expect(authenticated({ req })).toBe(false);
+    });
+    it('should return false for undefined user', () => {
+      const req = { user: undefined } as any;
+      expect(authenticated({ req })).toBe(false);
+    });
+    it('should return true for user with minimal properties', () => {
+      const req = { user: {} } as any;
+      expect(authenticated({ req })).toBe(true);
+    });
+    it('should return true for user with roles', () => {
+      const req = { user: { roles: ['admin'] } } as any;
+      expect(authenticated({ req })).toBe(true);
+    });
+  });
+  describe('authenticatedFieldLevel', () => {
+    it('should return true for authenticated users', () => {
+      const params = { req: { user: { id: 1 } } } as any;
+      expect(authenticatedFieldLevel(params)).toBe(true);
+    });
+    it('should return false for null user', () => {
+      const params = { req: { user: null } } as any;
+      expect(authenticatedFieldLevel(params)).toBe(false);
+    });
+    it('should return false for undefined user', () => {
+      const params = { req: { user: undefined } } as any;
+      expect(authenticatedFieldLevel(params)).toBe(false);
+    });
+    it('should return true for user object (even empty)', () => {
+      const params = { req: { user: {} } } as any;
+      expect(authenticatedFieldLevel(params)).toBe(true);
+    });
+  });
+});

package/tests/unit/access/authenticatedAccessOnly.spec.ts ADDED Viewed

@@ -0,0 +1,112 @@
+import { describe, expect, it } from 'vitest';
+import { authenticatedAccessOnly } from '@/access/authenticatedAccessOnly';
+describe('authenticatedAccessOnly access control', () => {
+  describe('admin property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(authenticatedAccessOnly.admin({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users (null)', () => {
+      const req = { user: null } as any;
+      expect(authenticatedAccessOnly.admin({ req })).toBe(false);
+    });
+    it('should return false for unauthenticated users (undefined)', () => {
+      const req = { user: undefined } as any;
+      expect(authenticatedAccessOnly.admin({ req })).toBe(false);
+    });
+    it('should return true for empty user object', () => {
+      const req = { user: {} } as any;
+      expect(authenticatedAccessOnly.admin({ req })).toBe(true);
+    });
+  });
+  describe('create property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(authenticatedAccessOnly.create({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(authenticatedAccessOnly.create({ req })).toBe(false);
+    });
+  });
+  describe('read property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(authenticatedAccessOnly.read({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(authenticatedAccessOnly.read({ req })).toBe(false);
+    });
+  });
+  describe('update property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(authenticatedAccessOnly.update({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(authenticatedAccessOnly.update({ req })).toBe(false);
+    });
+  });
+  describe('delete property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(authenticatedAccessOnly.delete({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(authenticatedAccessOnly.delete({ req })).toBe(false);
+    });
+  });
+  describe('readVersions property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(authenticatedAccessOnly.readVersions({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(authenticatedAccessOnly.readVersions({ req })).toBe(false);
+    });
+  });
+  describe('unlock property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(authenticatedAccessOnly.unlock({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(authenticatedAccessOnly.unlock({ req })).toBe(false);
+    });
+  });
+  describe('all properties work consistently', () => {
+    it('should allow all operations for authenticated users', () => {
+      const req = { user: { roles: ['user'] } } as any;
+      expect(authenticatedAccessOnly.admin({ req })).toBe(true);
+      expect(authenticatedAccessOnly.create({ req })).toBe(true);
+      expect(authenticatedAccessOnly.read({ req })).toBe(true);
+      expect(authenticatedAccessOnly.update({ req })).toBe(true);
+      expect(authenticatedAccessOnly.delete({ req })).toBe(true);
+      expect(authenticatedAccessOnly.readVersions({ req })).toBe(true);
+      expect(authenticatedAccessOnly.unlock({ req })).toBe(true);
+    });
+  });
+});

package/tests/unit/access/publicReadAuthenticatedAccess.spec.ts ADDED Viewed

@@ -0,0 +1,112 @@
+import { describe, expect, it } from 'vitest';
+import { publicReadAuthenticatedAccess } from '@/access/publicReadAuthenticatedAccess';
+describe('publicReadAuthenticatedAccess access control', () => {
+  describe('admin property', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(publicReadAuthenticatedAccess.admin({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(publicReadAuthenticatedAccess.admin({ req })).toBe(false);
+    });
+  });
+  describe('read property (public access)', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(publicReadAuthenticatedAccess.read({ req })).toBe(true);
+    });
+    it('should return true for unauthenticated users (public read)', () => {
+      const req = { user: null } as any;
+      expect(publicReadAuthenticatedAccess.read({ req })).toBe(true);
+    });
+    it('should return true with no user property', () => {
+      const req = {} as any;
+      expect(publicReadAuthenticatedAccess.read({ req })).toBe(true);
+    });
+  });
+  describe('create property (authenticated only)', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(publicReadAuthenticatedAccess.create({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(publicReadAuthenticatedAccess.create({ req })).toBe(false);
+    });
+  });
+  describe('update property (authenticated only)', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(publicReadAuthenticatedAccess.update({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(publicReadAuthenticatedAccess.update({ req })).toBe(false);
+    });
+  });
+  describe('delete property (authenticated only)', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(publicReadAuthenticatedAccess.delete({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(publicReadAuthenticatedAccess.delete({ req })).toBe(false);
+    });
+  });
+  describe('readVersions property (authenticated only)', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(publicReadAuthenticatedAccess.readVersions({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(publicReadAuthenticatedAccess.readVersions({ req })).toBe(false);
+    });
+  });
+  describe('unlock property (authenticated only)', () => {
+    it('should return true for authenticated users', () => {
+      const req = { user: { id: 1 } } as any;
+      expect(publicReadAuthenticatedAccess.unlock({ req })).toBe(true);
+    });
+    it('should return false for unauthenticated users', () => {
+      const req = { user: null } as any;
+      expect(publicReadAuthenticatedAccess.unlock({ req })).toBe(false);
+    });
+  });
+  describe('access pattern verification', () => {
+    it('should allow read to everyone and other operations to authenticated users only', () => {
+      const authenticatedReq = { user: { id: 1 } } as any;
+      const unauthenticatedReq = { user: null } as any;
+      // Authenticated user can do everything
+      expect(publicReadAuthenticatedAccess.read({ req: authenticatedReq })).toBe(true);
+      expect(publicReadAuthenticatedAccess.create({ req: authenticatedReq })).toBe(true);
+      expect(publicReadAuthenticatedAccess.update({ req: authenticatedReq })).toBe(true);
+      expect(publicReadAuthenticatedAccess.delete({ req: authenticatedReq })).toBe(true);
+      // Unauthenticated user can only read
+      expect(publicReadAuthenticatedAccess.read({ req: unauthenticatedReq })).toBe(true);
+      expect(publicReadAuthenticatedAccess.create({ req: unauthenticatedReq })).toBe(false);
+      expect(publicReadAuthenticatedAccess.update({ req: unauthenticatedReq })).toBe(false);
+      expect(publicReadAuthenticatedAccess.delete({ req: unauthenticatedReq })).toBe(false);
+    });
+  });
+});