@lssm/lib.identity-rbac 0.0.0-canary-20251207013726 → 0.0.0-canary-20251207043720
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/contracts/organization.js +1 -1
- package/dist/contracts/rbac.js +1 -1
- package/dist/contracts/user.js +1 -1
- package/dist/entities/organization.js +1 -1
- package/dist/entities/rbac.js +1 -1
- package/dist/entities/user.js +1 -1
- package/dist/events.js +1 -1
- package/dist/policies/engine.js +1 -1
- package/package.json +29 -14
- package/dist/contracts/dist/capabilities/openbanking.js +0 -1
- package/dist/contracts/dist/client/index.js +0 -1
- package/dist/contracts/dist/client/react/feature-render.js +0 -1
- package/dist/contracts/dist/client/react/form-render.js +0 -1
- package/dist/contracts/dist/client/react/index.js +0 -1
- package/dist/contracts/dist/events.js +0 -1
- package/dist/contracts/dist/experiments/evaluator.js +0 -1
- package/dist/contracts/dist/graphql-federation/dist/index.js +0 -1
- package/dist/contracts/dist/index.js +0 -1
- package/dist/contracts/dist/install.js +0 -1
- package/dist/contracts/dist/integrations/contracts.js +0 -1
- package/dist/contracts/dist/integrations/index.js +0 -1
- package/dist/contracts/dist/integrations/openbanking/contracts/accounts.js +0 -1
- package/dist/contracts/dist/integrations/openbanking/contracts/balances.js +0 -1
- package/dist/contracts/dist/integrations/openbanking/contracts/index.js +0 -1
- package/dist/contracts/dist/integrations/openbanking/contracts/transactions.js +0 -1
- package/dist/contracts/dist/integrations/openbanking/models.js +0 -1
- package/dist/contracts/dist/integrations/openbanking/telemetry.js +0 -1
- package/dist/contracts/dist/integrations/providers/elevenlabs.js +0 -1
- package/dist/contracts/dist/integrations/providers/gcs-storage.js +0 -1
- package/dist/contracts/dist/integrations/providers/gmail.js +0 -1
- package/dist/contracts/dist/integrations/providers/google-calendar.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/elevenlabs-voice.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/gcs-storage.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/gmail-inbound.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/gmail-outbound.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/google-calendar.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/index.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/mistral-embedding.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/mistral-llm.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/postmark-email.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/powens-client.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/powens-openbanking.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/provider-factory.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/qdrant-vector.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/stripe-payments.js +0 -1
- package/dist/contracts/dist/integrations/providers/impls/twilio-sms.js +0 -1
- package/dist/contracts/dist/integrations/providers/index.js +0 -1
- package/dist/contracts/dist/integrations/providers/mistral.js +0 -1
- package/dist/contracts/dist/integrations/providers/postmark.js +0 -1
- package/dist/contracts/dist/integrations/providers/powens.js +0 -1
- package/dist/contracts/dist/integrations/providers/qdrant.js +0 -1
- package/dist/contracts/dist/integrations/providers/stripe.js +0 -1
- package/dist/contracts/dist/integrations/providers/twilio-sms.js +0 -1
- package/dist/contracts/dist/integrations/runtime.js +0 -1
- package/dist/contracts/dist/integrations/secrets/env-secret-provider.js +0 -1
- package/dist/contracts/dist/integrations/secrets/gcp-secret-manager.js +0 -1
- package/dist/contracts/dist/integrations/secrets/index.js +0 -1
- package/dist/contracts/dist/integrations/secrets/manager.js +0 -1
- package/dist/contracts/dist/integrations/secrets/provider.js +0 -1
- package/dist/contracts/dist/jsonschema.js +0 -1
- package/dist/contracts/dist/knowledge/contracts.js +0 -1
- package/dist/contracts/dist/knowledge/index.js +0 -1
- package/dist/contracts/dist/knowledge/spaces/email-threads.js +0 -1
- package/dist/contracts/dist/knowledge/spaces/financial-docs.js +0 -1
- package/dist/contracts/dist/knowledge/spaces/financial-overview.js +0 -1
- package/dist/contracts/dist/knowledge/spaces/index.js +0 -1
- package/dist/contracts/dist/knowledge/spaces/product-canon.js +0 -1
- package/dist/contracts/dist/knowledge/spaces/support-faq.js +0 -1
- package/dist/contracts/dist/knowledge/spaces/uploaded-docs.js +0 -1
- package/dist/contracts/dist/onboarding-base.js +0 -1
- package/dist/contracts/dist/ownership.js +0 -1
- package/dist/contracts/dist/presentations.js +0 -1
- package/dist/contracts/dist/presentations.v2.js +0 -1
- package/dist/contracts/dist/prompt.js +0 -1
- package/dist/contracts/dist/promptRegistry.js +0 -1
- package/dist/contracts/dist/regenerator/index.js +0 -1
- package/dist/contracts/dist/regenerator/service.js +0 -1
- package/dist/contracts/dist/registry.js +0 -1
- package/dist/contracts/dist/resources.js +0 -1
- package/dist/contracts/dist/schema/dist/EnumType.js +0 -1
- package/dist/contracts/dist/schema/dist/FieldType.js +0 -1
- package/dist/contracts/dist/schema/dist/ScalarTypeEnum.js +0 -1
- package/dist/contracts/dist/schema/dist/SchemaModel.js +0 -1
- package/dist/contracts/dist/schema/dist/entity/defineEntity.js +0 -1
- package/dist/contracts/dist/schema/dist/entity/index.js +0 -1
- package/dist/contracts/dist/schema/dist/entity/types.js +0 -1
- package/dist/contracts/dist/schema/dist/index.js +0 -1
- package/dist/contracts/dist/server/graphql-pothos.js +0 -1
- package/dist/contracts/dist/server/graphql-schema-export.js +0 -1
- package/dist/contracts/dist/server/index.js +0 -1
- package/dist/contracts/dist/server/provider-mcp.js +0 -1
- package/dist/contracts/dist/server/rest-elysia.js +0 -1
- package/dist/contracts/dist/server/rest-express.js +0 -1
- package/dist/contracts/dist/server/rest-generic.js +0 -1
- package/dist/contracts/dist/server/rest-next-app.js +0 -1
- package/dist/contracts/dist/server/rest-next-pages.js +0 -1
- package/dist/contracts/dist/spec.js +0 -1
- package/dist/contracts/dist/telemetry/index.js +0 -1
- package/dist/contracts/dist/telemetry/tracker.js +0 -1
- package/dist/contracts/dist/tests/index.js +0 -1
- package/dist/contracts/dist/tests/runner.js +0 -1
- package/dist/contracts/dist/workflow/index.js +0 -1
- package/dist/contracts/dist/workflow/runner.js +0 -1
- package/dist/contracts/index.d.ts +0 -4
- package/dist/contracts/organization.d.ts +0 -895
- package/dist/contracts/rbac.d.ts +0 -611
- package/dist/contracts/user.d.ts +0 -610
- package/dist/entities/index.d.ts +0 -176
- package/dist/entities/organization.d.ts +0 -86
- package/dist/entities/rbac.d.ts +0 -87
- package/dist/entities/user.d.ts +0 -87
- package/dist/events.d.ts +0 -689
- package/dist/index.d.ts +0 -10
- package/dist/policies/engine.d.ts +0 -132
- package/dist/policies/index.d.ts +0 -2
- package/dist/schema/dist/EnumType.js +0 -1
- package/dist/schema/dist/FieldType.js +0 -1
- package/dist/schema/dist/ScalarTypeEnum.js +0 -1
- package/dist/schema/dist/SchemaModel.js +0 -1
- package/dist/schema/dist/entity/defineEntity.js +0 -1
- package/dist/schema/dist/entity/index.js +0 -1
- package/dist/schema/dist/entity/types.js +0 -1
- package/dist/schema/dist/index.js +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{SuccessResultModel as e}from"./user.js";import{ScalarTypeEnum as t,SchemaModel as n}from"@lssm/lib.schema";import{defineCommand as r,defineQuery as i}from"@lssm/lib.contracts";const a=[`platform.identity-rbac`],o=new n({name:`Organization`,description:`Organization details`,fields:{id:{type:t.String_unsecure(),isOptional:!1},name:{type:t.String_unsecure(),isOptional:!1},slug:{type:t.String_unsecure(),isOptional:!0},logo:{type:t.URL(),isOptional:!0},description:{type:t.String_unsecure(),isOptional:!0},type:{type:t.String_unsecure(),isOptional:!1},onboardingCompleted:{type:t.Boolean(),isOptional:!1},createdAt:{type:t.DateTime(),isOptional:!1}}}),s=new n({name:`MemberUser`,description:`Basic user info within a member`,fields:{id:{type:t.String_unsecure(),isOptional:!1},email:{type:t.EmailAddress(),isOptional:!1},name:{type:t.String_unsecure(),isOptional:!0}}}),c=new n({name:`Member`,description:`Organization member`,fields:{id:{type:t.String_unsecure(),isOptional:!1},userId:{type:t.String_unsecure(),isOptional:!1},organizationId:{type:t.String_unsecure(),isOptional:!1},role:{type:t.String_unsecure(),isOptional:!1},createdAt:{type:t.DateTime(),isOptional:!1},user:{type:s,isOptional:!1}}}),l=new n({name:`Invitation`,description:`Organization invitation`,fields:{id:{type:t.String_unsecure(),isOptional:!1},email:{type:t.EmailAddress(),isOptional:!1},role:{type:t.String_unsecure(),isOptional:!0},status:{type:t.String_unsecure(),isOptional:!1},expiresAt:{type:t.DateTime(),isOptional:!0},createdAt:{type:t.DateTime(),isOptional:!1}}}),u=new n({name:`CreateOrgInput`,description:`Input for creating an organization`,fields:{name:{type:t.NonEmptyString(),isOptional:!1},slug:{type:t.String_unsecure(),isOptional:!0},description:{type:t.String_unsecure(),isOptional:!0},type:{type:t.String_unsecure(),isOptional:!0}}}),d=new n({name:`GetOrgInput`,description:`Input for getting an organization`,fields:{orgId:{type:t.String_unsecure(),isOptional:!1}}}),f=new n({name:`UpdateOrgInput`,description:`Input for updating an organization`,fields:{orgId:{type:t.String_unsecure(),isOptional:!1},name:{type:t.String_unsecure(),isOptional:!0},slug:{type:t.String_unsecure(),isOptional:!0},logo:{type:t.URL(),isOptional:!0},description:{type:t.String_unsecure(),isOptional:!0}}}),p=new n({name:`InviteMemberInput`,description:`Input for inviting a member`,fields:{orgId:{type:t.String_unsecure(),isOptional:!1},email:{type:t.EmailAddress(),isOptional:!1},role:{type:t.String_unsecure(),isOptional:!1},teamId:{type:t.String_unsecure(),isOptional:!0}}}),m=new n({name:`AcceptInviteInput`,description:`Input for accepting an invitation`,fields:{invitationId:{type:t.String_unsecure(),isOptional:!1}}}),h=new n({name:`RemoveMemberInput`,description:`Input for removing a member`,fields:{orgId:{type:t.String_unsecure(),isOptional:!1},userId:{type:t.String_unsecure(),isOptional:!1}}}),g=new n({name:`MemberRemovedPayload`,description:`Payload for member removed event`,fields:{orgId:{type:t.String_unsecure(),isOptional:!1},userId:{type:t.String_unsecure(),isOptional:!1}}}),_=new n({name:`ListMembersInput`,description:`Input for listing members`,fields:{orgId:{type:t.String_unsecure(),isOptional:!1},limit:{type:t.Int_unsecure(),isOptional:!0},offset:{type:t.Int_unsecure(),isOptional:!0}}}),v=new n({name:`ListMembersOutput`,description:`Output for listing members`,fields:{members:{type:c,isOptional:!1,isArray:!0},total:{type:t.Int_unsecure(),isOptional:!1}}}),y=new n({name:`OrganizationWithRole`,description:`Organization with user role`,fields:{id:{type:t.String_unsecure(),isOptional:!1},name:{type:t.String_unsecure(),isOptional:!1},slug:{type:t.String_unsecure(),isOptional:!0},logo:{type:t.URL(),isOptional:!0},description:{type:t.String_unsecure(),isOptional:!0},type:{type:t.String_unsecure(),isOptional:!1},onboardingCompleted:{type:t.Boolean(),isOptional:!1},createdAt:{type:t.DateTime(),isOptional:!1},role:{type:t.String_unsecure(),isOptional:!1}}}),b=new n({name:`ListUserOrgsOutput`,description:`Output for listing user organizations`,fields:{organizations:{type:y,isOptional:!1,isArray:!0}}}),x=r({meta:{name:`identity.org.create`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`create`],description:`Create a new organization.`,goal:`Allow users to create new organizations/workspaces.`,context:`Called during onboarding or when creating additional workspaces.`},io:{input:u,output:o,errors:{SLUG_EXISTS:{description:`An organization with this slug already exists`,http:409,gqlCode:`SLUG_EXISTS`,when:`Slug is already taken`}}},policy:{auth:`user`},sideEffects:{emits:[{name:`org.created`,version:1,when:`Organization is created`,payload:o}],audit:[`org.created`]}}),S=i({meta:{name:`identity.org.get`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`get`],description:`Get organization details.`,goal:`Retrieve organization information.`,context:`Called when viewing organization settings or dashboard.`},io:{input:d,output:o},policy:{auth:`user`}}),C=r({meta:{name:`identity.org.update`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`update`],description:`Update organization details.`,goal:`Allow org admins to update organization settings.`,context:`Organization settings page.`},io:{input:f,output:o},policy:{auth:`user`},sideEffects:{emits:[{name:`org.updated`,version:1,when:`Organization is updated`,payload:o}],audit:[`org.updated`]}}),w=r({meta:{name:`identity.org.invite`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`invite`,`member`],description:`Invite a user to join the organization.`,goal:`Allow org admins to invite new members.`,context:`Team management. Sends invitation email.`},io:{input:p,output:l,errors:{ALREADY_MEMBER:{description:`User is already a member of this organization`,http:409,gqlCode:`ALREADY_MEMBER`,when:`Invitee is already a member`},INVITE_PENDING:{description:`An invitation for this email is already pending`,http:409,gqlCode:`INVITE_PENDING`,when:`Active invitation exists`}}},policy:{auth:`user`},sideEffects:{emits:[{name:`org.invite.sent`,version:1,when:`Invitation is sent`,payload:l}],audit:[`org.invite.sent`]}}),T=r({meta:{name:`identity.org.invite.accept`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`invite`,`accept`],description:`Accept an organization invitation.`,goal:`Allow users to join organizations via invitation.`,context:`Called from invitation email link.`},io:{input:m,output:c,errors:{INVITE_EXPIRED:{description:`The invitation has expired`,http:410,gqlCode:`INVITE_EXPIRED`,when:`Invitation is past expiry date`},INVITE_USED:{description:`The invitation has already been used`,http:409,gqlCode:`INVITE_USED`,when:`Invitation was already accepted`}}},policy:{auth:`user`},sideEffects:{emits:[{name:`org.member.added`,version:1,when:`Member joins org`,payload:c}],audit:[`org.member.added`]}}),E=r({meta:{name:`identity.org.member.remove`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`member`,`remove`],description:`Remove a member from the organization.`,goal:`Allow org admins to remove members.`,context:`Team management.`},io:{input:h,output:e,errors:{CANNOT_REMOVE_OWNER:{description:`Cannot remove the organization owner`,http:403,gqlCode:`CANNOT_REMOVE_OWNER`,when:`Target is the org owner`}}},policy:{auth:`user`},sideEffects:{emits:[{name:`org.member.removed`,version:1,when:`Member is removed`,payload:g}],audit:[`org.member.removed`]}}),D=i({meta:{name:`identity.org.members.list`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`member`,`list`],description:`List organization members.`,goal:`View all members of an organization.`,context:`Team management page.`},io:{input:_,output:v},policy:{auth:`user`}}),O=i({meta:{name:`identity.org.list`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`org`,`list`],description:`List organizations the current user belongs to.`,goal:`Show user their organizations for workspace switching.`,context:`Workspace switcher, org selection.`},io:{input:null,output:b},policy:{auth:`user`}});export{T as AcceptInviteContract,m as AcceptInviteInputModel,x as CreateOrgContract,u as CreateOrgInputModel,S as GetOrgContract,d as GetOrgInputModel,l as InvitationModel,w as InviteMemberContract,p as InviteMemberInputModel,D as ListMembersContract,_ as ListMembersInputModel,v as ListMembersOutputModel,O as ListUserOrgsContract,b as ListUserOrgsOutputModel,c as MemberModel,g as MemberRemovedPayloadModel,s as MemberUserModel,o as OrganizationModel,y as OrganizationWithRoleModel,E as RemoveMemberContract,h as RemoveMemberInputModel,C as UpdateOrgContract,f as UpdateOrgInputModel};
|
package/dist/contracts/rbac.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{SuccessResultModel as e}from"./user.js";import{ScalarTypeEnum as t,SchemaModel as n}from"@lssm/lib.schema";import{defineCommand as r,defineQuery as i}from"@lssm/lib.contracts";const a=[`platform.identity-rbac`],o=new n({name:`Role`,description:`RBAC role definition`,fields:{id:{type:t.String_unsecure(),isOptional:!1},name:{type:t.String_unsecure(),isOptional:!1},description:{type:t.String_unsecure(),isOptional:!0},permissions:{type:t.String_unsecure(),isOptional:!1,isArray:!0},createdAt:{type:t.DateTime(),isOptional:!1}}}),s=new n({name:`PolicyBinding`,description:`Role assignment to a target`,fields:{id:{type:t.String_unsecure(),isOptional:!1},roleId:{type:t.String_unsecure(),isOptional:!1},targetType:{type:t.String_unsecure(),isOptional:!1},targetId:{type:t.String_unsecure(),isOptional:!1},expiresAt:{type:t.DateTime(),isOptional:!0},createdAt:{type:t.DateTime(),isOptional:!1},role:{type:o,isOptional:!1}}}),c=new n({name:`PermissionCheckResult`,description:`Result of a permission check`,fields:{allowed:{type:t.Boolean(),isOptional:!1},reason:{type:t.String_unsecure(),isOptional:!0},matchedRole:{type:t.String_unsecure(),isOptional:!0}}}),l=new n({name:`CreateRoleInput`,description:`Input for creating a role`,fields:{name:{type:t.NonEmptyString(),isOptional:!1},description:{type:t.String_unsecure(),isOptional:!0},permissions:{type:t.String_unsecure(),isOptional:!1,isArray:!0}}}),u=new n({name:`UpdateRoleInput`,description:`Input for updating a role`,fields:{roleId:{type:t.String_unsecure(),isOptional:!1},name:{type:t.String_unsecure(),isOptional:!0},description:{type:t.String_unsecure(),isOptional:!0},permissions:{type:t.String_unsecure(),isOptional:!0,isArray:!0}}}),d=new n({name:`DeleteRoleInput`,description:`Input for deleting a role`,fields:{roleId:{type:t.String_unsecure(),isOptional:!1}}}),f=new n({name:`ListRolesOutput`,description:`Output for listing roles`,fields:{roles:{type:o,isOptional:!1,isArray:!0}}}),p=new n({name:`AssignRoleInput`,description:`Input for assigning a role`,fields:{roleId:{type:t.String_unsecure(),isOptional:!1},targetType:{type:t.String_unsecure(),isOptional:!1},targetId:{type:t.String_unsecure(),isOptional:!1},expiresAt:{type:t.DateTime(),isOptional:!0}}}),m=new n({name:`RevokeRoleInput`,description:`Input for revoking a role`,fields:{bindingId:{type:t.String_unsecure(),isOptional:!1}}}),h=new n({name:`BindingIdPayload`,description:`Payload with binding ID`,fields:{bindingId:{type:t.String_unsecure(),isOptional:!1}}}),g=new n({name:`CheckPermissionInput`,description:`Input for checking a permission`,fields:{userId:{type:t.String_unsecure(),isOptional:!1},orgId:{type:t.String_unsecure(),isOptional:!0},permission:{type:t.String_unsecure(),isOptional:!1}}}),_=new n({name:`ListUserPermissionsInput`,description:`Input for listing user permissions`,fields:{userId:{type:t.String_unsecure(),isOptional:!1},orgId:{type:t.String_unsecure(),isOptional:!0}}}),v=new n({name:`ListUserPermissionsOutput`,description:`Output for listing user permissions`,fields:{permissions:{type:t.String_unsecure(),isOptional:!1,isArray:!0},roles:{type:o,isOptional:!1,isArray:!0}}}),y=r({meta:{name:`identity.rbac.role.create`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`role`,`create`],description:`Create a new role with permissions.`,goal:`Allow admins to define custom roles.`,context:`Role management in admin settings.`},io:{input:l,output:o,errors:{ROLE_EXISTS:{description:`A role with this name already exists`,http:409,gqlCode:`ROLE_EXISTS`,when:`Role name is taken`}}},policy:{auth:`admin`},sideEffects:{audit:[`role.created`]}}),b=r({meta:{name:`identity.rbac.role.update`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`role`,`update`],description:`Update an existing role.`,goal:`Allow admins to modify role permissions.`,context:`Role management in admin settings.`},io:{input:u,output:o},policy:{auth:`admin`},sideEffects:{audit:[`role.updated`]}}),x=r({meta:{name:`identity.rbac.role.delete`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`role`,`delete`],description:`Delete an existing role.`,goal:`Allow admins to remove unused roles.`,context:`Role management. Removes all policy bindings using this role.`},io:{input:d,output:e,errors:{ROLE_IN_USE:{description:`Role is still assigned to users or organizations`,http:409,gqlCode:`ROLE_IN_USE`,when:`Role has active bindings`}}},policy:{auth:`admin`},sideEffects:{audit:[`role.deleted`]}}),S=i({meta:{name:`identity.rbac.role.list`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`role`,`list`],description:`List all available roles.`,goal:`Show available roles for assignment.`,context:`Role assignment UI.`},io:{input:null,output:f},policy:{auth:`user`}}),C=r({meta:{name:`identity.rbac.assign`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`assign`],description:`Assign a role to a user or organization.`,goal:`Grant permissions via role assignment.`,context:`User/org permission management.`},io:{input:p,output:s,errors:{ROLE_NOT_FOUND:{description:`The specified role does not exist`,http:404,gqlCode:`ROLE_NOT_FOUND`,when:`Role ID is invalid`},ALREADY_ASSIGNED:{description:`This role is already assigned to the target`,http:409,gqlCode:`ALREADY_ASSIGNED`,when:`Binding already exists`}}},policy:{auth:`admin`},sideEffects:{emits:[{name:`role.assigned`,version:1,when:`Role is assigned`,payload:s}],audit:[`role.assigned`]}}),w=r({meta:{name:`identity.rbac.revoke`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`revoke`],description:`Revoke a role from a user or organization.`,goal:`Remove permissions via role revocation.`,context:`User/org permission management.`},io:{input:m,output:e,errors:{BINDING_NOT_FOUND:{description:`The policy binding does not exist`,http:404,gqlCode:`BINDING_NOT_FOUND`,when:`Binding ID is invalid`}}},policy:{auth:`admin`},sideEffects:{emits:[{name:`role.revoked`,version:1,when:`Role is revoked`,payload:h}],audit:[`role.revoked`]}}),T=i({meta:{name:`identity.rbac.check`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`check`,`permission`],description:`Check if a user has a specific permission.`,goal:`Authorization check before sensitive operations.`,context:`Called by other services to verify permissions.`},io:{input:g,output:c},policy:{auth:`user`}}),E=i({meta:{name:`identity.rbac.permissions`,version:1,stability:`stable`,owners:[...a],tags:[`identity`,`rbac`,`permissions`,`user`],description:`List all permissions for a user in a context.`,goal:`Show what a user can do in an org.`,context:`UI permission display, debugging.`},io:{input:_,output:v},policy:{auth:`user`}});export{C as AssignRoleContract,p as AssignRoleInputModel,h as BindingIdPayloadModel,T as CheckPermissionContract,g as CheckPermissionInputModel,y as CreateRoleContract,l as CreateRoleInputModel,x as DeleteRoleContract,d as DeleteRoleInputModel,S as ListRolesContract,f as ListRolesOutputModel,E as ListUserPermissionsContract,_ as ListUserPermissionsInputModel,v as ListUserPermissionsOutputModel,c as PermissionCheckResultModel,s as PolicyBindingModel,w as RevokeRoleContract,m as RevokeRoleInputModel,o as RoleModel,b as UpdateRoleContract,u as UpdateRoleInputModel};
|
package/dist/contracts/user.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{ScalarTypeEnum as e,SchemaModel as t}from"@lssm/lib.schema";import{defineCommand as n,defineQuery as r}from"@lssm/lib.contracts";const i=[`platform.identity-rbac`],a=new t({name:`UserProfile`,description:`User profile information`,fields:{id:{type:e.String_unsecure(),isOptional:!1},email:{type:e.EmailAddress(),isOptional:!1},emailVerified:{type:e.Boolean(),isOptional:!1},name:{type:e.String_unsecure(),isOptional:!0},firstName:{type:e.String_unsecure(),isOptional:!0},lastName:{type:e.String_unsecure(),isOptional:!0},locale:{type:e.String_unsecure(),isOptional:!0},timezone:{type:e.String_unsecure(),isOptional:!0},imageUrl:{type:e.URL(),isOptional:!0},role:{type:e.String_unsecure(),isOptional:!0},onboardingCompleted:{type:e.Boolean(),isOptional:!1},createdAt:{type:e.DateTime(),isOptional:!1}}}),o=new t({name:`CreateUserInput`,description:`Input for creating a new user`,fields:{email:{type:e.EmailAddress(),isOptional:!1},name:{type:e.String_unsecure(),isOptional:!0},firstName:{type:e.String_unsecure(),isOptional:!0},lastName:{type:e.String_unsecure(),isOptional:!0},password:{type:e.String_unsecure(),isOptional:!0}}}),s=new t({name:`UpdateUserInput`,description:`Input for updating a user profile`,fields:{name:{type:e.String_unsecure(),isOptional:!0},firstName:{type:e.String_unsecure(),isOptional:!0},lastName:{type:e.String_unsecure(),isOptional:!0},locale:{type:e.String_unsecure(),isOptional:!0},timezone:{type:e.String_unsecure(),isOptional:!0},imageUrl:{type:e.URL(),isOptional:!0}}}),c=new t({name:`DeleteUserInput`,description:`Input for deleting a user`,fields:{confirmEmail:{type:e.EmailAddress(),isOptional:!1}}}),l=new t({name:`SuccessResult`,description:`Simple success result`,fields:{success:{type:e.Boolean(),isOptional:!1}}}),u=new t({name:`UserDeletedPayload`,description:`Payload for user deleted event`,fields:{userId:{type:e.String_unsecure(),isOptional:!1}}}),d=new t({name:`ListUsersInput`,description:`Input for listing users`,fields:{limit:{type:e.Int_unsecure(),isOptional:!0},offset:{type:e.Int_unsecure(),isOptional:!0},search:{type:e.String_unsecure(),isOptional:!0}}}),f=new t({name:`ListUsersOutput`,description:`Output for listing users`,fields:{users:{type:a,isOptional:!1,isArray:!0},total:{type:e.Int_unsecure(),isOptional:!1}}}),p=n({meta:{name:`identity.user.create`,version:1,stability:`stable`,owners:[...i],tags:[`identity`,`user`,`create`],description:`Create a new user account.`,goal:`Register a new user in the system.`,context:`Used during signup flows. May trigger email verification.`},io:{input:o,output:a,errors:{EMAIL_EXISTS:{description:`A user with this email already exists`,http:409,gqlCode:`EMAIL_EXISTS`,when:`Email is already registered`}}},policy:{auth:`anonymous`},sideEffects:{emits:[{name:`user.created`,version:1,when:`User is successfully created`,payload:a}],audit:[`user.created`]}}),m=r({meta:{name:`identity.user.me`,version:1,stability:`stable`,owners:[...i],tags:[`identity`,`user`,`profile`],description:`Get the current authenticated user profile.`,goal:`Retrieve user profile for the authenticated session.`,context:`Called on app load and after profile updates.`},io:{input:null,output:a},policy:{auth:`user`}}),h=n({meta:{name:`identity.user.update`,version:1,stability:`stable`,owners:[...i],tags:[`identity`,`user`,`update`],description:`Update user profile information.`,goal:`Allow users to update their profile.`,context:`Self-service profile updates.`},io:{input:s,output:a},policy:{auth:`user`},sideEffects:{emits:[{name:`user.updated`,version:1,when:`User profile is updated`,payload:a}],audit:[`user.updated`]}}),g=n({meta:{name:`identity.user.delete`,version:1,stability:`stable`,owners:[...i],tags:[`identity`,`user`,`delete`],description:`Delete user account and all associated data.`,goal:`Allow users to delete their account (GDPR compliance).`,context:`Self-service account deletion. Cascades to memberships, sessions, etc.`},io:{input:c,output:l},policy:{auth:`user`,escalate:`human_review`},sideEffects:{emits:[{name:`user.deleted`,version:1,when:`User account is deleted`,payload:u}],audit:[`user.deleted`]}}),_=r({meta:{name:`identity.user.list`,version:1,stability:`stable`,owners:[...i],tags:[`identity`,`user`,`admin`,`list`],description:`List all users (admin only).`,goal:`Allow admins to browse and manage users.`,context:`Admin dashboard user management.`},io:{input:d,output:f},policy:{auth:`admin`}});export{p as CreateUserContract,o as CreateUserInputModel,g as DeleteUserContract,c as DeleteUserInputModel,m as GetCurrentUserContract,_ as ListUsersContract,d as ListUsersInputModel,f as ListUsersOutputModel,l as SuccessResultModel,h as UpdateUserContract,s as UpdateUserInputModel,u as UserDeletedPayloadModel,a as UserProfileModel};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{defineEntity as e,defineEntityEnum as t,field as n,index as r}from"@lssm/lib.schema";const i=t({name:`OrganizationType`,values:[`PLATFORM_ADMIN`,`CONTRACT_SPEC_CUSTOMER`],schema:`lssm_sigil`,description:`Type of organization in the platform.`}),a=e({name:`Organization`,description:`An organization is a tenant boundary grouping users.`,schema:`lssm_sigil`,map:`organization`,fields:{id:n.id({description:`Unique organization identifier`}),name:n.string({description:`Organization display name`}),slug:n.string({isOptional:!0,isUnique:!0,description:`URL-friendly identifier`}),logo:n.url({isOptional:!0,description:`Organization logo URL`}),description:n.string({isOptional:!0,description:`Organization description`}),metadata:n.json({isOptional:!0,description:`Arbitrary organization metadata`}),type:n.enum(`OrganizationType`,{description:`Organization type`}),onboardingCompleted:n.boolean({default:!1}),onboardingStep:n.string({isOptional:!0}),referralCode:n.string({isOptional:!0,isUnique:!0,description:`Unique referral code`}),referredBy:n.string({isOptional:!0,description:`ID of referring user`}),createdAt:n.createdAt(),updatedAt:n.updatedAt(),members:n.hasMany(`Member`),invitations:n.hasMany(`Invitation`),teams:n.hasMany(`Team`),policyBindings:n.hasMany(`PolicyBinding`)},enums:[i]}),o=e({name:`Member`,description:`Membership of a user in an organization with a role.`,schema:`lssm_sigil`,map:`member`,fields:{id:n.id(),userId:n.foreignKey(),organizationId:n.foreignKey(),role:n.string({description:`Role in organization (owner, admin, member)`}),createdAt:n.createdAt(),user:n.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`}),organization:n.belongsTo(`Organization`,[`organizationId`],[`id`],{onDelete:`Cascade`})},indexes:[r.unique([`userId`,`organizationId`])]}),s=e({name:`Invitation`,description:`An invitation to join an organization.`,schema:`lssm_sigil`,map:`invitation`,fields:{id:n.id(),organizationId:n.foreignKey(),email:n.email({description:`Invited email address`}),role:n.string({isOptional:!0,description:`Role to assign on acceptance`}),status:n.string({default:`"pending"`,description:`Invitation status`}),acceptedAt:n.dateTime({isOptional:!0}),expiresAt:n.dateTime({isOptional:!0}),inviterId:n.foreignKey({description:`User who sent the invitation`}),teamId:n.string({isOptional:!0}),createdAt:n.createdAt(),updatedAt:n.updatedAt(),organization:n.belongsTo(`Organization`,[`organizationId`],[`id`],{onDelete:`Cascade`}),inviter:n.belongsTo(`User`,[`inviterId`],[`id`],{onDelete:`Cascade`}),team:n.belongsTo(`Team`,[`teamId`],[`id`],{onDelete:`Cascade`})}}),c=e({name:`Team`,description:`Team within an organization.`,schema:`lssm_sigil`,map:`team`,fields:{id:n.id(),name:n.string({description:`Team name`}),organizationId:n.foreignKey(),createdAt:n.createdAt(),updatedAt:n.updatedAt(),organization:n.belongsTo(`Organization`,[`organizationId`],[`id`],{onDelete:`Cascade`}),members:n.hasMany(`TeamMember`),invitations:n.hasMany(`Invitation`)}}),l=e({name:`TeamMember`,description:`Team membership for a user.`,schema:`lssm_sigil`,map:`team_member`,fields:{id:n.id(),teamId:n.foreignKey(),userId:n.foreignKey(),createdAt:n.createdAt(),team:n.belongsTo(`Team`,[`teamId`],[`id`],{onDelete:`Cascade`}),user:n.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})}});export{s as InvitationEntity,o as MemberEntity,a as OrganizationEntity,i as OrganizationTypeEnum,c as TeamEntity,l as TeamMemberEntity};
|
package/dist/entities/rbac.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{defineEntity as e,field as t,index as n}from"@lssm/lib.schema";const r=e({name:`Role`,description:`A role defines a named set of permissions.`,schema:`lssm_sigil`,map:`role`,fields:{id:t.id(),name:t.string({isUnique:!0,description:`Unique role name`}),description:t.string({isOptional:!0,description:`Role description`}),permissions:t.string({isArray:!0,description:`Array of permission names`}),createdAt:t.createdAt(),updatedAt:t.updatedAt(),policyBindings:t.hasMany(`PolicyBinding`)}}),i=e({name:`Permission`,description:`A permission represents an atomic access right.`,schema:`lssm_sigil`,map:`permission`,fields:{id:t.id(),name:t.string({isUnique:!0,description:`Unique permission name`}),description:t.string({isOptional:!0,description:`Permission description`}),createdAt:t.createdAt(),updatedAt:t.updatedAt()}}),a=e({name:`PolicyBinding`,description:`Binds roles to principals (users or organizations).`,schema:`lssm_sigil`,map:`policy_binding`,fields:{id:t.id(),roleId:t.foreignKey(),targetType:t.string({description:`"user" or "organization"`}),targetId:t.string({description:`ID of User or Organization`}),expiresAt:t.dateTime({isOptional:!0,description:`When binding expires`}),createdAt:t.createdAt(),userId:t.string({isOptional:!0}),organizationId:t.string({isOptional:!0}),role:t.belongsTo(`Role`,[`roleId`],[`id`],{onDelete:`Cascade`}),user:t.belongsTo(`User`,[`userId`],[`id`]),organization:t.belongsTo(`Organization`,[`organizationId`],[`id`])},indexes:[n.on([`targetType`,`targetId`])]}),o=e({name:`ApiKey`,description:`API keys for programmatic access.`,schema:`lssm_sigil`,map:`api_key`,fields:{id:t.id(),name:t.string({description:`API key name`}),start:t.string({description:`Starting characters for identification`}),prefix:t.string({description:`API key prefix`}),key:t.string({description:`Hashed API key`}),userId:t.foreignKey(),refillInterval:t.int({description:`Refill interval in ms`}),refillAmount:t.int({description:`Amount to refill`}),lastRefillAt:t.dateTime(),remaining:t.int({description:`Remaining requests`}),requestCount:t.int({description:`Total requests made`}),lastRequest:t.dateTime(),enabled:t.boolean({default:!0}),rateLimitEnabled:t.boolean({default:!0}),rateLimitTimeWindow:t.int({description:`Rate limit window in ms`}),rateLimitMax:t.int({description:`Max requests in window`}),expiresAt:t.dateTime(),permissions:t.string({isArray:!0}),metadata:t.json({isOptional:!0}),createdAt:t.createdAt(),updatedAt:t.updatedAt(),user:t.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})}}),s=e({name:`Passkey`,description:`WebAuthn passkeys for passwordless authentication.`,schema:`lssm_sigil`,map:`passkey`,fields:{id:t.id(),name:t.string({description:`Passkey name`}),publicKey:t.string({description:`Public key`}),userId:t.foreignKey(),credentialID:t.string({description:`Credential ID`}),counter:t.int({description:`Counter`}),deviceType:t.string({description:`Device type`}),backedUp:t.boolean({description:`Whether passkey is backed up`}),transports:t.string({description:`Transports`}),aaguid:t.string({description:`Authenticator GUID`}),createdAt:t.createdAt(),user:t.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})}});export{o as ApiKeyEntity,s as PasskeyEntity,i as PermissionEntity,a as PolicyBindingEntity,r as RoleEntity};
|
package/dist/entities/user.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{defineEntity as e,field as t,index as n}from"@lssm/lib.schema";const r=e({name:`User`,description:`A user of the platform. Users hold core profile information and authenticate via Account records.`,schema:`lssm_sigil`,map:`user`,fields:{id:t.id({description:`Unique user identifier`}),email:t.email({isUnique:!0,description:`User email address`}),emailVerified:t.boolean({default:!1,description:`Whether email has been verified`}),name:t.string({isOptional:!0,description:`Display name`}),firstName:t.string({isOptional:!0,description:`First name`}),lastName:t.string({isOptional:!0,description:`Last name`}),locale:t.string({isOptional:!0,description:`User locale (e.g., "en-US")`}),timezone:t.string({isOptional:!0,description:`Olson timezone (e.g., "Europe/Paris")`}),imageUrl:t.url({isOptional:!0,description:`URL of avatar or profile picture`}),image:t.string({isOptional:!0,description:`Legacy image field`}),metadata:t.json({isOptional:!0,description:`Arbitrary user metadata`}),onboardingCompleted:t.boolean({default:!1,description:`Whether onboarding is complete`}),onboardingStep:t.string({isOptional:!0,description:`Current onboarding step`}),whitelistedAt:t.dateTime({isOptional:!0,description:`When user was whitelisted`}),role:t.string({isOptional:!0,default:`"user"`,description:`User role (user, admin)`}),banned:t.boolean({default:!1,description:`Whether user is banned`}),banReason:t.string({isOptional:!0,description:`Reason for ban`}),banExpires:t.dateTime({isOptional:!0,description:`When ban expires`}),phoneNumber:t.string({isOptional:!0,isUnique:!0,description:`Phone number`}),phoneNumberVerified:t.boolean({default:!1,description:`Whether phone is verified`}),createdAt:t.createdAt(),updatedAt:t.updatedAt(),sessions:t.hasMany(`Session`),accounts:t.hasMany(`Account`),memberships:t.hasMany(`Member`),invitations:t.hasMany(`Invitation`),teamMemberships:t.hasMany(`TeamMember`),policyBindings:t.hasMany(`PolicyBinding`),apiKeys:t.hasMany(`ApiKey`),passkeys:t.hasMany(`Passkey`)}}),i=e({name:`Session`,description:`Represents a login session (e.g., web session or API token).`,schema:`lssm_sigil`,map:`session`,fields:{id:t.id(),userId:t.foreignKey(),expiresAt:t.dateTime({description:`Session expiration time`}),token:t.string({isUnique:!0,description:`Session token`}),ipAddress:t.string({isOptional:!0,description:`Client IP address`}),userAgent:t.string({isOptional:!0,description:`Client user agent`}),impersonatedBy:t.string({isOptional:!0,description:`Admin impersonating this session`}),activeOrganizationId:t.string({isOptional:!0,description:`Active org context`}),activeTeamId:t.string({isOptional:!0,description:`Active team context`}),createdAt:t.createdAt(),updatedAt:t.updatedAt(),user:t.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})}}),a=e({name:`Account`,description:`External authentication accounts (OAuth, password, etc.).`,schema:`lssm_sigil`,map:`account`,fields:{id:t.id(),accountId:t.string({description:`Account ID from provider`}),providerId:t.string({description:`Provider identifier`}),userId:t.foreignKey(),accessToken:t.string({isOptional:!0}),refreshToken:t.string({isOptional:!0}),idToken:t.string({isOptional:!0}),accessTokenExpiresAt:t.dateTime({isOptional:!0}),refreshTokenExpiresAt:t.dateTime({isOptional:!0}),scope:t.string({isOptional:!0}),password:t.string({isOptional:!0,description:`Hashed password for password providers`}),createdAt:t.createdAt(),updatedAt:t.updatedAt(),user:t.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})},indexes:[n.unique([`accountId`,`providerId`])]}),o=e({name:`Verification`,description:`Verification tokens for email/phone confirmation.`,schema:`lssm_sigil`,map:`verification`,fields:{id:t.uuid(),identifier:t.string({description:`Email or phone being verified`}),value:t.string({description:`Verification code/token`}),expiresAt:t.dateTime({description:`Token expiration`}),createdAt:t.createdAt(),updatedAt:t.updatedAt()}});export{a as AccountEntity,i as SessionEntity,r as UserEntity,o as VerificationEntity};
|
package/dist/events.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{ScalarTypeEnum as e,SchemaModel as t}from"@lssm/lib.schema";import{defineEvent as n}from"@lssm/lib.contracts";const r=new t({name:`UserCreatedPayload`,description:`Payload for user created event`,fields:{userId:{type:e.String_unsecure(),isOptional:!1},email:{type:e.EmailAddress(),isOptional:!1},name:{type:e.String_unsecure(),isOptional:!0},createdAt:{type:e.DateTime(),isOptional:!1}}}),i=new t({name:`UserUpdatedPayload`,description:`Payload for user updated event`,fields:{userId:{type:e.String_unsecure(),isOptional:!1},updatedFields:{type:e.String_unsecure(),isOptional:!1,isArray:!0},updatedAt:{type:e.DateTime(),isOptional:!1}}}),a=new t({name:`UserDeletedPayload`,description:`Payload for user deleted event`,fields:{userId:{type:e.String_unsecure(),isOptional:!1},email:{type:e.EmailAddress(),isOptional:!1},deletedAt:{type:e.DateTime(),isOptional:!1}}}),o=new t({name:`UserEmailVerifiedPayload`,description:`Payload for user email verified event`,fields:{userId:{type:e.String_unsecure(),isOptional:!1},email:{type:e.EmailAddress(),isOptional:!1},verifiedAt:{type:e.DateTime(),isOptional:!1}}}),s=new t({name:`OrgCreatedPayload`,description:`Payload for org created event`,fields:{orgId:{type:e.String_unsecure(),isOptional:!1},name:{type:e.String_unsecure(),isOptional:!1},slug:{type:e.String_unsecure(),isOptional:!0},createdBy:{type:e.String_unsecure(),isOptional:!1},createdAt:{type:e.DateTime(),isOptional:!1}}}),c=new t({name:`OrgUpdatedPayload`,description:`Payload for org updated event`,fields:{orgId:{type:e.String_unsecure(),isOptional:!1},updatedFields:{type:e.String_unsecure(),isOptional:!1,isArray:!0},updatedBy:{type:e.String_unsecure(),isOptional:!1},updatedAt:{type:e.DateTime(),isOptional:!1}}}),l=new t({name:`OrgDeletedPayload`,description:`Payload for org deleted event`,fields:{orgId:{type:e.String_unsecure(),isOptional:!1},name:{type:e.String_unsecure(),isOptional:!1},deletedBy:{type:e.String_unsecure(),isOptional:!1},deletedAt:{type:e.DateTime(),isOptional:!1}}}),u=new t({name:`OrgMemberAddedPayload`,description:`Payload for member added event`,fields:{orgId:{type:e.String_unsecure(),isOptional:!1},userId:{type:e.String_unsecure(),isOptional:!1},role:{type:e.String_unsecure(),isOptional:!1},invitedBy:{type:e.String_unsecure(),isOptional:!0},joinedAt:{type:e.DateTime(),isOptional:!1}}}),d=new t({name:`OrgMemberRemovedPayload`,description:`Payload for member removed event`,fields:{orgId:{type:e.String_unsecure(),isOptional:!1},userId:{type:e.String_unsecure(),isOptional:!1},removedBy:{type:e.String_unsecure(),isOptional:!0},reason:{type:e.String_unsecure(),isOptional:!0},removedAt:{type:e.DateTime(),isOptional:!1}}}),f=new t({name:`OrgMemberRoleChangedPayload`,description:`Payload for member role changed event`,fields:{orgId:{type:e.String_unsecure(),isOptional:!1},userId:{type:e.String_unsecure(),isOptional:!1},previousRole:{type:e.String_unsecure(),isOptional:!1},newRole:{type:e.String_unsecure(),isOptional:!1},changedBy:{type:e.String_unsecure(),isOptional:!1},changedAt:{type:e.DateTime(),isOptional:!1}}}),p=new t({name:`OrgInviteSentPayload`,description:`Payload for invite sent event`,fields:{invitationId:{type:e.String_unsecure(),isOptional:!1},orgId:{type:e.String_unsecure(),isOptional:!1},email:{type:e.EmailAddress(),isOptional:!1},role:{type:e.String_unsecure(),isOptional:!1},invitedBy:{type:e.String_unsecure(),isOptional:!1},expiresAt:{type:e.DateTime(),isOptional:!0},sentAt:{type:e.DateTime(),isOptional:!1}}}),m=new t({name:`OrgInviteAcceptedPayload`,description:`Payload for invite accepted event`,fields:{invitationId:{type:e.String_unsecure(),isOptional:!1},orgId:{type:e.String_unsecure(),isOptional:!1},userId:{type:e.String_unsecure(),isOptional:!1},acceptedAt:{type:e.DateTime(),isOptional:!1}}}),h=new t({name:`OrgInviteDeclinedPayload`,description:`Payload for invite declined event`,fields:{invitationId:{type:e.String_unsecure(),isOptional:!1},orgId:{type:e.String_unsecure(),isOptional:!1},declinedAt:{type:e.DateTime(),isOptional:!1}}}),g=new t({name:`RoleAssignedPayload`,description:`Payload for role assigned event`,fields:{bindingId:{type:e.String_unsecure(),isOptional:!1},roleId:{type:e.String_unsecure(),isOptional:!1},roleName:{type:e.String_unsecure(),isOptional:!1},targetType:{type:e.String_unsecure(),isOptional:!1},targetId:{type:e.String_unsecure(),isOptional:!1},assignedBy:{type:e.String_unsecure(),isOptional:!1},expiresAt:{type:e.DateTime(),isOptional:!0},assignedAt:{type:e.DateTime(),isOptional:!1}}}),_=new t({name:`RoleRevokedPayload`,description:`Payload for role revoked event`,fields:{bindingId:{type:e.String_unsecure(),isOptional:!1},roleId:{type:e.String_unsecure(),isOptional:!1},roleName:{type:e.String_unsecure(),isOptional:!1},targetType:{type:e.String_unsecure(),isOptional:!1},targetId:{type:e.String_unsecure(),isOptional:!1},revokedBy:{type:e.String_unsecure(),isOptional:!1},revokedAt:{type:e.DateTime(),isOptional:!1}}}),v=n({name:`user.created`,version:1,description:`A new user has been created.`,payload:r}),y=n({name:`user.updated`,version:1,description:`A user profile has been updated.`,payload:i}),b=n({name:`user.deleted`,version:1,description:`A user account has been deleted.`,pii:[`email`],payload:a}),x=n({name:`user.email_verified`,version:1,description:`A user has verified their email address.`,payload:o}),S=n({name:`org.created`,version:1,description:`A new organization has been created.`,payload:s}),C=n({name:`org.updated`,version:1,description:`An organization has been updated.`,payload:c}),w=n({name:`org.deleted`,version:1,description:`An organization has been deleted.`,payload:l}),T=n({name:`org.member.added`,version:1,description:`A user has joined an organization.`,payload:u}),E=n({name:`org.member.removed`,version:1,description:`A user has left or been removed from an organization.`,payload:d}),D=n({name:`org.member.role_changed`,version:1,description:`A member's role in an organization has changed.`,payload:f}),O=n({name:`org.invite.sent`,version:1,description:`An invitation to join an organization has been sent.`,pii:[`email`],payload:p}),k=n({name:`org.invite.accepted`,version:1,description:`An invitation has been accepted.`,payload:m}),A=n({name:`org.invite.declined`,version:1,description:`An invitation has been declined.`,payload:h}),j=n({name:`role.assigned`,version:1,description:`A role has been assigned.`,payload:g}),M=n({name:`role.revoked`,version:1,description:`A role has been revoked.`,payload:_}),N={UserCreatedEvent:v,UserUpdatedEvent:y,UserDeletedEvent:b,UserEmailVerifiedEvent:x,OrgCreatedEvent:S,OrgUpdatedEvent:C,OrgDeletedEvent:w,OrgMemberAddedEvent:T,OrgMemberRemovedEvent:E,OrgMemberRoleChangedEvent:D,OrgInviteSentEvent:O,OrgInviteAcceptedEvent:k,OrgInviteDeclinedEvent:A,RoleAssignedEvent:j,RoleRevokedEvent:M};export{N as IdentityRbacEvents,S as OrgCreatedEvent,w as OrgDeletedEvent,k as OrgInviteAcceptedEvent,A as OrgInviteDeclinedEvent,O as OrgInviteSentEvent,T as OrgMemberAddedEvent,E as OrgMemberRemovedEvent,D as OrgMemberRoleChangedEvent,C as OrgUpdatedEvent,j as RoleAssignedEvent,M as RoleRevokedEvent,v as UserCreatedEvent,b as UserDeletedEvent,x as UserEmailVerifiedEvent,y as UserUpdatedEvent};
|
package/dist/policies/engine.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
|
|
1
|
+
const e={USER_CREATE:`user.create`,USER_READ:`user.read`,USER_UPDATE:`user.update`,USER_DELETE:`user.delete`,USER_LIST:`user.list`,USER_MANAGE:`user.manage`,ORG_CREATE:`org.create`,ORG_READ:`org.read`,ORG_UPDATE:`org.update`,ORG_DELETE:`org.delete`,ORG_LIST:`org.list`,MEMBER_INVITE:`member.invite`,MEMBER_REMOVE:`member.remove`,MEMBER_UPDATE_ROLE:`member.update_role`,MEMBER_LIST:`member.list`,MANAGE_MEMBERS:`org.manage_members`,TEAM_CREATE:`team.create`,TEAM_UPDATE:`team.update`,TEAM_DELETE:`team.delete`,TEAM_MANAGE:`team.manage`,ROLE_CREATE:`role.create`,ROLE_UPDATE:`role.update`,ROLE_DELETE:`role.delete`,ROLE_ASSIGN:`role.assign`,ROLE_REVOKE:`role.revoke`,BILLING_VIEW:`billing.view`,BILLING_MANAGE:`billing.manage`,PROJECT_CREATE:`project.create`,PROJECT_READ:`project.read`,PROJECT_UPDATE:`project.update`,PROJECT_DELETE:`project.delete`,PROJECT_MANAGE:`project.manage`,ADMIN_ACCESS:`admin.access`,ADMIN_IMPERSONATE:`admin.impersonate`},t={OWNER:{name:`owner`,description:`Organization owner with full access`,permissions:Object.values(e)},ADMIN:{name:`admin`,description:`Administrator with most permissions`,permissions:[e.USER_READ,e.USER_LIST,e.ORG_READ,e.ORG_UPDATE,e.MEMBER_INVITE,e.MEMBER_REMOVE,e.MEMBER_UPDATE_ROLE,e.MEMBER_LIST,e.MANAGE_MEMBERS,e.TEAM_CREATE,e.TEAM_UPDATE,e.TEAM_DELETE,e.TEAM_MANAGE,e.PROJECT_CREATE,e.PROJECT_READ,e.PROJECT_UPDATE,e.PROJECT_DELETE,e.PROJECT_MANAGE,e.BILLING_VIEW]},MEMBER:{name:`member`,description:`Regular organization member`,permissions:[e.USER_READ,e.ORG_READ,e.MEMBER_LIST,e.PROJECT_READ,e.PROJECT_CREATE]},VIEWER:{name:`viewer`,description:`Read-only access`,permissions:[e.USER_READ,e.ORG_READ,e.MEMBER_LIST,e.PROJECT_READ]}};var n=class{roleCache=new Map;bindingCache=new Map;async checkPermission(e,t){let{userId:n,orgId:r,permission:i}=e,a=new Date,o=t.filter(e=>e.targetType===`user`&&e.targetId===n),s=r?t.filter(e=>e.targetType===`organization`&&e.targetId===r):[],c=[...o,...s].filter(e=>!e.expiresAt||e.expiresAt>a);if(c.length===0)return{allowed:!1,reason:`No active role bindings found`};for(let e of c)if(e.role.permissions.includes(i))return{allowed:!0,matchedRole:e.role.name};return{allowed:!1,reason:`No role grants the "${i}" permission`}}async getPermissions(e,t,n){let r=new Date,i=n.filter(t=>t.targetType===`user`&&t.targetId===e),a=t?n.filter(e=>e.targetType===`organization`&&e.targetId===t):[],o=[...i,...a].filter(e=>!e.expiresAt||e.expiresAt>r),s=new Set,c=[];for(let e of o){c.push(e.role);for(let t of e.role.permissions)s.add(t)}return{permissions:s,roles:c}}async hasAnyPermission(e,t,n,r){let{permissions:i}=await this.getPermissions(e,t,r);return n.some(e=>i.has(e))}async hasAllPermissions(e,t,n,r){let{permissions:i}=await this.getPermissions(e,t,r);return n.every(e=>i.has(e))}};function r(){return new n}export{e as Permission,n as RBACPolicyEngine,t as StandardRole,r as createRBACEngine};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lssm/lib.identity-rbac",
|
|
3
|
-
"version": "0.0.0-canary-
|
|
3
|
+
"version": "0.0.0-canary-20251207043720",
|
|
4
4
|
"description": "Identity, Organizations, and RBAC module for ContractSpec applications",
|
|
5
5
|
"main": "./dist/index.js",
|
|
6
6
|
"types": "./dist/index.d.ts",
|
|
@@ -27,18 +27,18 @@
|
|
|
27
27
|
"typescript": "^5.9.3"
|
|
28
28
|
},
|
|
29
29
|
"exports": {
|
|
30
|
-
".": "./
|
|
31
|
-
"./contracts": "./
|
|
32
|
-
"./contracts/organization": "./
|
|
33
|
-
"./contracts/rbac": "./
|
|
34
|
-
"./contracts/user": "./
|
|
35
|
-
"./entities": "./
|
|
36
|
-
"./entities/organization": "./
|
|
37
|
-
"./entities/rbac": "./
|
|
38
|
-
"./entities/user": "./
|
|
39
|
-
"./events": "./
|
|
40
|
-
"./policies": "./
|
|
41
|
-
"./policies/engine": "./
|
|
30
|
+
".": "./src/index.ts",
|
|
31
|
+
"./contracts": "./src/contracts/index.ts",
|
|
32
|
+
"./contracts/organization": "./src/contracts/organization.ts",
|
|
33
|
+
"./contracts/rbac": "./src/contracts/rbac.ts",
|
|
34
|
+
"./contracts/user": "./src/contracts/user.ts",
|
|
35
|
+
"./entities": "./src/entities/index.ts",
|
|
36
|
+
"./entities/organization": "./src/entities/organization.ts",
|
|
37
|
+
"./entities/rbac": "./src/entities/rbac.ts",
|
|
38
|
+
"./entities/user": "./src/entities/user.ts",
|
|
39
|
+
"./events": "./src/events.ts",
|
|
40
|
+
"./policies": "./src/policies/index.ts",
|
|
41
|
+
"./policies/engine": "./src/policies/engine.ts",
|
|
42
42
|
"./*": "./*"
|
|
43
43
|
},
|
|
44
44
|
"module": "./dist/index.js",
|
|
@@ -47,6 +47,21 @@
|
|
|
47
47
|
"README.md"
|
|
48
48
|
],
|
|
49
49
|
"publishConfig": {
|
|
50
|
-
"access": "public"
|
|
50
|
+
"access": "public",
|
|
51
|
+
"exports": {
|
|
52
|
+
".": "./dist/index.js",
|
|
53
|
+
"./contracts": "./dist/contracts/index.js",
|
|
54
|
+
"./contracts/organization": "./dist/contracts/organization.js",
|
|
55
|
+
"./contracts/rbac": "./dist/contracts/rbac.js",
|
|
56
|
+
"./contracts/user": "./dist/contracts/user.js",
|
|
57
|
+
"./entities": "./dist/entities/index.js",
|
|
58
|
+
"./entities/organization": "./dist/entities/organization.js",
|
|
59
|
+
"./entities/rbac": "./dist/entities/rbac.js",
|
|
60
|
+
"./entities/user": "./dist/entities/user.js",
|
|
61
|
+
"./events": "./dist/events.js",
|
|
62
|
+
"./policies": "./dist/policies/index.js",
|
|
63
|
+
"./policies/engine": "./dist/policies/engine.js",
|
|
64
|
+
"./*": "./*"
|
|
65
|
+
}
|
|
51
66
|
}
|
|
52
67
|
}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../ownership.js";const t=[`platform.finance`],n=[`open-banking`,`finance`];[...t],[...n],e.Experimental,[...t],[...n],e.Experimental,[...t],[...n],e.Experimental;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
"use client";import"./react/feature-render.js";import"./react/form-render.js";import"./react/index.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"../../presentations.v2.js";import"react";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"react";import"react-hook-form";import"@hookform/resolvers/zod";import"react/jsx-runtime";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
"use client";import"./feature-render.js";import"./form-render.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./schema/dist/index.js";function e(e){return e}export{e};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"node:crypto";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"@pothos/plugin-federation";import"@apollo/subgraph";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./schema/dist/SchemaModel.js";import"./schema/dist/index.js";import{e}from"./events.js";import"./presentations.v2.js";import"./client/react/feature-render.js";import"./client/react/form-render.js";import"./client/index.js";import"./jsonschema.js";import"./server/graphql-pothos.js";import"./server/graphql-schema-export.js";import"./presentations.js";import"./server/provider-mcp.js";import"./server/rest-generic.js";import"./server/rest-elysia.js";import"./server/rest-express.js";import"./server/rest-next-app.js";import"./server/rest-next-pages.js";import"./server/index.js";import{n as t,t as n}from"./spec.js";import"./registry.js";import"./install.js";import"./prompt.js";import"./promptRegistry.js";import"./resources.js";import{e as r,r as i,t as a}from"./ownership.js";import{d as o,l as s,m as c,o as l,p as u,s as d}from"./onboarding-base.js";import"./capabilities/openbanking.js";import"./telemetry/tracker.js";import"./telemetry/index.js";import"./tests/runner.js";import"./tests/index.js";import"./experiments/evaluator.js";import"./integrations/providers/stripe.js";import"./integrations/providers/postmark.js";import"./integrations/providers/qdrant.js";import"./integrations/providers/mistral.js";import"./integrations/providers/elevenlabs.js";import"./integrations/providers/gmail.js";import"./integrations/providers/google-calendar.js";import"./integrations/providers/twilio-sms.js";import"./integrations/providers/gcs-storage.js";import"./integrations/providers/powens.js";import"./integrations/providers/impls/mistral-llm.js";import"./integrations/providers/impls/mistral-embedding.js";import"./integrations/providers/impls/qdrant-vector.js";import"./integrations/providers/impls/gmail-inbound.js";import"./integrations/providers/impls/gmail-outbound.js";import"./integrations/providers/impls/google-calendar.js";import"./integrations/providers/impls/elevenlabs-voice.js";import"./integrations/providers/impls/gcs-storage.js";import"./integrations/providers/impls/stripe-payments.js";import"./integrations/providers/impls/postmark-email.js";import"./integrations/providers/impls/twilio-sms.js";import"./integrations/providers/impls/powens-client.js";import"./integrations/providers/impls/powens-openbanking.js";import"./integrations/providers/impls/provider-factory.js";import"./integrations/secrets/provider.js";import"./integrations/secrets/gcp-secret-manager.js";import"./integrations/secrets/env-secret-provider.js";import"./integrations/secrets/manager.js";import"./integrations/runtime.js";import{i as f,n as p,r as m}from"./integrations/openbanking/models.js";import{t as h}from"./integrations/openbanking/telemetry.js";import{d as g,f as _,p as v}from"./integrations/openbanking/contracts/accounts.js";import{d as y,u as b}from"./integrations/openbanking/contracts/transactions.js";import{d as x,u as S}from"./integrations/openbanking/contracts/balances.js";import"./integrations/openbanking/contracts/index.js";import"./integrations/index.js";import"./knowledge/spaces/product-canon.js";import"./knowledge/spaces/support-faq.js";import"./knowledge/spaces/email-threads.js";import"./knowledge/spaces/uploaded-docs.js";import"./knowledge/spaces/financial-docs.js";import"./knowledge/spaces/financial-overview.js";import"./knowledge/index.js";import{_ as C,g as w,h as T,m as E,p as D}from"./integrations/contracts.js";import{_ as O,g as k,h as A,m as j,v as M}from"./knowledge/contracts.js";import"./regenerator/service.js";import"./regenerator/index.js";import"./workflow/runner.js";import"./workflow/index.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./registry.js";import{z as e}from"zod";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{t as e}from"../schema/dist/SchemaModel.js";import{l as t}from"../schema/dist/ScalarTypeEnum.js";import"../schema/dist/index.js";import{n,t as r}from"../spec.js";const i=new e({name:`IntegrationConnectionRecord`,fields:{id:{type:t.ID(),isOptional:!1},tenantId:{type:t.ID(),isOptional:!1},integrationKey:{type:t.NonEmptyString(),isOptional:!1},integrationVersion:{type:t.Int_unsecure(),isOptional:!1},label:{type:t.String_unsecure(),isOptional:!1},ownershipMode:{type:t.String_unsecure(),isOptional:!1},externalAccountId:{type:t.String_unsecure(),isOptional:!0},secretProvider:{type:t.String_unsecure(),isOptional:!1},secretRef:{type:t.String_unsecure(),isOptional:!1},status:{type:t.String_unsecure(),isOptional:!1},environment:{type:t.String_unsecure(),isOptional:!0},healthStatus:{type:t.String_unsecure(),isOptional:!0},healthCheckedAt:{type:t.DateTime(),isOptional:!0},healthLatencyMs:{type:t.Float_unsecure(),isOptional:!0},healthErrorCode:{type:t.String_unsecure(),isOptional:!0},healthErrorMessage:{type:t.String_unsecure(),isOptional:!0},usageRequestCount:{type:t.Int_unsecure(),isOptional:!0},usageSuccessCount:{type:t.Int_unsecure(),isOptional:!0},usageErrorCount:{type:t.Int_unsecure(),isOptional:!0},usageLastUsedAt:{type:t.DateTime(),isOptional:!0},usageLastErrorAt:{type:t.DateTime(),isOptional:!0},usageLastErrorCode:{type:t.String_unsecure(),isOptional:!0},createdAt:{type:t.DateTime(),isOptional:!0},updatedAt:{type:t.DateTime(),isOptional:!0}}}),a=new e({name:`CreateIntegrationConnectionInput`,fields:{tenantId:{type:t.ID(),isOptional:!1},integrationKey:{type:t.NonEmptyString(),isOptional:!1},integrationVersion:{type:t.Int_unsecure(),isOptional:!1},label:{type:t.String_unsecure(),isOptional:!1},ownershipMode:{type:t.String_unsecure(),isOptional:!1},externalAccountId:{type:t.String_unsecure(),isOptional:!0},secretProvider:{type:t.String_unsecure(),isOptional:!1},secretRef:{type:t.String_unsecure(),isOptional:!1},environment:{type:t.String_unsecure(),isOptional:!0},config:{type:t.JSONObject(),isOptional:!1}}}),o=new e({name:`UpdateIntegrationConnectionInput`,fields:{connectionId:{type:t.ID(),isOptional:!1},label:{type:t.String_unsecure(),isOptional:!0},status:{type:t.String_unsecure(),isOptional:!0},ownershipMode:{type:t.String_unsecure(),isOptional:!0},externalAccountId:{type:t.String_unsecure(),isOptional:!0},secretProvider:{type:t.String_unsecure(),isOptional:!0},secretRef:{type:t.String_unsecure(),isOptional:!0},config:{type:t.JSONObject(),isOptional:!0}}}),s=new e({name:`DeleteIntegrationConnectionInput`,fields:{connectionId:{type:t.ID(),isOptional:!1}}}),c=new e({name:`ListIntegrationConnectionsInput`,fields:{tenantId:{type:t.ID(),isOptional:!1},category:{type:t.String_unsecure(),isOptional:!0},status:{type:t.String_unsecure(),isOptional:!0}}}),l=new e({name:`ListIntegrationConnectionsOutput`,fields:{connections:{type:i,isOptional:!1,isArray:!0}}}),u=new e({name:`TestIntegrationConnectionInput`,fields:{connectionId:{type:t.ID(),isOptional:!1}}}),d=new e({name:`TestIntegrationConnectionOutput`,fields:{success:{type:t.Boolean(),isOptional:!1},status:{type:t.String_unsecure(),isOptional:!0},latencyMs:{type:t.Float_unsecure(),isOptional:!0},error:{type:t.String_unsecure(),isOptional:!0},errorCode:{type:t.String_unsecure(),isOptional:!0}}}),f=new e({name:`DeleteIntegrationConnectionOutput`,fields:{success:{type:t.Boolean(),isOptional:!1}}}),p=r({meta:{name:`integrations.connection.create`,version:1,description:`Create a new integration connection for a tenant.`,goal:`Provision a tenant-scoped connection to an external provider.`,context:`Used by Ops or the App Studio to configure external integrations such as Stripe or Qdrant.`,owners:[`platform.integrations`],tags:[`integration`,`connections`],stability:`experimental`},io:{input:a,output:i},policy:{auth:`admin`,policies:[{name:`platform.integration.manage`,version:1}]}}),m=r({meta:{name:`integrations.connection.update`,version:1,description:`Update metadata or credentials for an integration connection.`,goal:`Allow secure rotation of credentials and metadata adjustments.`,context:`Supports rotating API keys, toggling status, or updating labels for tenant integrations.`,owners:[`platform.integrations`],tags:[`integration`,`connections`],stability:`experimental`},io:{input:o,output:i},policy:{auth:`admin`,policies:[{name:`platform.integration.manage`,version:1}]}}),h=r({meta:{name:`integrations.connection.delete`,version:1,description:`Delete an integration connection for a tenant.`,goal:`Safely remove credentials and disable connector usage.`,context:`Ensures connections are de-provisioned when no longer needed or breached.`,owners:[`platform.integrations`],tags:[`integration`,`connections`],stability:`experimental`},io:{input:s,output:f},policy:{auth:`admin`,policies:[{name:`platform.integration.manage`,version:1}]}}),g=n({meta:{name:`integrations.connection.list`,version:1,description:`List integration connections for a tenant.`,goal:`Provide visibility into configured integrations and their status.`,context:`Used by the App Studio and Ops flows to show bindings and health.`,owners:[`platform.integrations`],tags:[`integration`,`connections`],stability:`experimental`},io:{input:c,output:l},policy:{auth:`admin`,policies:[{name:`platform.integration.read`,version:1}]}}),_=r({meta:{name:`integrations.connection.test`,version:1,description:`Run a health check against a configured integration connection.`,goal:`Validate credentials and connectivity for external providers.`,context:`Triggered manually or by background monitors to confirm provider availability.`,owners:[`platform.integrations`],tags:[`integration`,`connections`],stability:`experimental`},io:{input:u,output:d},policy:{auth:`admin`,policies:[{name:`platform.integration.manage`,version:1}]}});export{_,g,h,m,p};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./providers/stripe.js";import"./providers/postmark.js";import"./providers/qdrant.js";import"./providers/mistral.js";import"./providers/elevenlabs.js";import"./providers/gmail.js";import"./providers/google-calendar.js";import"./providers/twilio-sms.js";import"./providers/gcs-storage.js";import"./providers/powens.js";import"./providers/impls/mistral-llm.js";import"./providers/impls/mistral-embedding.js";import"./providers/impls/qdrant-vector.js";import"./providers/impls/gmail-inbound.js";import"./providers/impls/gmail-outbound.js";import"./providers/impls/google-calendar.js";import"./providers/impls/elevenlabs-voice.js";import"./providers/impls/gcs-storage.js";import"./providers/impls/stripe-payments.js";import"./providers/impls/postmark-email.js";import"./providers/impls/twilio-sms.js";import"./providers/impls/powens-client.js";import"./providers/impls/powens-openbanking.js";import"./providers/impls/provider-factory.js";import"./secrets/provider.js";import"./secrets/gcp-secret-manager.js";import"./secrets/env-secret-provider.js";import"./secrets/manager.js";import"./runtime.js";import{i as e,n as t,r as n}from"./openbanking/models.js";import{t as r}from"./openbanking/telemetry.js";import{d as i,f as a,p as o}from"./openbanking/contracts/accounts.js";import{d as s,u as c}from"./openbanking/contracts/transactions.js";import{d as l,u}from"./openbanking/contracts/balances.js";import"./openbanking/contracts/index.js";import"./providers/index.js";import"./secrets/index.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{t as e}from"../../../schema/dist/SchemaModel.js";import{l as t}from"../../../schema/dist/ScalarTypeEnum.js";import"../../../schema/dist/index.js";import{n,t as r}from"../../../spec.js";import{n as i}from"../models.js";import{t as a}from"../telemetry.js";const o=new e({name:`OpenBankingListAccountsInput`,description:`Parameters for listing bank accounts through the open banking provider.`,fields:{tenantId:{type:t.ID(),isOptional:!1},userId:{type:t.ID(),isOptional:!1},connectionId:{type:t.ID(),isOptional:!0},includeBalances:{type:t.Boolean(),isOptional:!0},institutionId:{type:t.String_unsecure(),isOptional:!0},cursor:{type:t.String_unsecure(),isOptional:!0},pageSize:{type:t.Int_unsecure(),isOptional:!0}}}),s=new e({name:`OpenBankingListAccountsOutput`,description:`Paginated list of bank accounts available to the tenant and user.`,fields:{accounts:{type:i,isOptional:!1,isArray:!0},nextCursor:{type:t.String_unsecure(),isOptional:!0},hasMore:{type:t.Boolean(),isOptional:!0}}}),c=new e({name:`OpenBankingGetAccountInput`,description:`Parameters for retrieving a specific bank account.`,fields:{tenantId:{type:t.ID(),isOptional:!1},accountId:{type:t.ID(),isOptional:!1},includeBalances:{type:t.Boolean(),isOptional:!0},includeLatestTransactions:{type:t.Boolean(),isOptional:!0}}}),l=new e({name:`OpenBankingSyncAccountsInput`,description:`Command payload to trigger an account synchronisation against the open banking provider.`,fields:{tenantId:{type:t.ID(),isOptional:!1},userId:{type:t.ID(),isOptional:!0},connectionId:{type:t.ID(),isOptional:!1},accountIds:{type:t.ID(),isArray:!0,isOptional:!0},forceFullRefresh:{type:t.Boolean(),isOptional:!0},triggerWorkflows:{type:t.Boolean(),isOptional:!0}}}),u=new e({name:`OpenBankingSyncAccountsOutput`,description:`Result of a bank account synchronisation run.`,fields:{synced:{type:t.Int_unsecure(),isOptional:!1},failed:{type:t.Int_unsecure(),isOptional:!1},errors:{type:t.String_unsecure(),isArray:!0,isOptional:!0},nextSyncSuggestedAt:{type:t.DateTime(),isOptional:!0}}}),d=n({meta:{name:`openbanking.accounts.list`,version:1,description:`List bank accounts available to a tenant/user via Powens Open Banking.`,goal:`Provide downstream workflows with the set of accounts accessible via the configured open banking connection.`,context:`Used by Pocket Family Office dashboards and sync workflows to enumerate bank accounts prior to syncing balances or transactions.`,owners:[`platform.finance`],tags:[`open-banking`,`powens`,`accounts`],stability:`experimental`},io:{input:o,output:s},policy:{auth:`user`}}),f=n({meta:{name:`openbanking.accounts.get`,version:1,description:`Retrieve the canonical bank account record for the given account identifier.`,goal:`Allow user-facing experiences and automations to display up-to-date account metadata.`,context:`Invoked by UI surfaces and workflow automation steps that require detailed metadata for a specific bank account.`,owners:[`platform.finance`],tags:[`open-banking`,`powens`,`accounts`],stability:`experimental`},io:{input:c,output:i},policy:{auth:`user`}}),p=r({meta:{name:`openbanking.accounts.sync`,version:1,description:`Initiate a synchronisation run to refresh bank account metadata from Powens.`,goal:`Keep canonical bank account records aligned with the external open banking provider.`,context:`Triggered by scheduled workflows or manual operator actions to reconcile account metadata prior to transaction/balance syncs.`,owners:[`platform.finance`],tags:[`open-banking`,`powens`,`accounts`],stability:`experimental`},io:{input:l,output:u},policy:{auth:`admin`},telemetry:{success:{event:{name:a.accountsSynced},properties:({input:e,output:t})=>{let n=e,r=t;return{tenantId:n?.tenantId,connectionId:n?.connectionId,synced:r?.synced,failed:r?.failed}}},failure:{event:{name:a.accountsSyncFailed},properties:({input:e,error:t})=>{let n=e;return{tenantId:n?.tenantId,connectionId:n?.connectionId,error:t instanceof Error?t.message:String(t??`unknown`)}}}}});export{d,f,p};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{t as e}from"../../../schema/dist/SchemaModel.js";import{l as t}from"../../../schema/dist/ScalarTypeEnum.js";import"../../../schema/dist/index.js";import{n,t as r}from"../../../spec.js";import{i}from"../models.js";import{t as a}from"../telemetry.js";const o=new e({name:`OpenBankingGetBalancesInput`,description:`Parameters for retrieving bank account balances from the canonical ledger.`,fields:{tenantId:{type:t.ID(),isOptional:!1},accountId:{type:t.ID(),isOptional:!1},balanceTypes:{type:t.String_unsecure(),isArray:!0,isOptional:!0}}}),s=new e({name:`OpenBankingGetBalancesOutput`,description:`Canonical balances for a bank account.`,fields:{balances:{type:i,isOptional:!1,isArray:!0},asOf:{type:t.DateTime(),isOptional:!0}}}),c=new e({name:`OpenBankingRefreshBalancesInput`,description:`Command payload to refresh balances for a bank account via the open banking provider.`,fields:{tenantId:{type:t.ID(),isOptional:!1},accountId:{type:t.ID(),isOptional:!1},connectionId:{type:t.ID(),isOptional:!0},balanceTypes:{type:t.String_unsecure(),isArray:!0,isOptional:!0},forceRefresh:{type:t.Boolean(),isOptional:!0}}}),l=new e({name:`OpenBankingRefreshBalancesOutput`,description:`Result of a balance refresh against the open banking provider.`,fields:{balances:{type:i,isOptional:!1,isArray:!0},refreshedAt:{type:t.DateTime(),isOptional:!1},errors:{type:t.String_unsecure(),isArray:!0,isOptional:!0}}}),u=n({meta:{name:`openbanking.balances.get`,version:1,description:`Retrieve the latest cached balances for a bank account.`,goal:`Expose current and available balances required by dashboards and analytics.`,context:`Used by Pocket Family Office UI surfaces and automation steps that require balance totals prior to generating summaries.`,owners:[`platform.finance`],tags:[`open-banking`,`powens`,`balances`],stability:`experimental`},io:{input:o,output:s},policy:{auth:`user`}}),d=r({meta:{name:`openbanking.balances.refresh`,version:1,description:`Refresh balances for a bank account via the configured open banking provider.`,goal:`Ensure canonical balance records reflect the latest values from Powens.`,context:`Triggered by scheduled workflows before generating summaries or forecasting cashflow.`,owners:[`platform.finance`],tags:[`open-banking`,`powens`,`balances`],stability:`experimental`},io:{input:c,output:l},policy:{auth:`admin`},telemetry:{success:{event:{name:a.balancesRefreshed},properties:({input:e,output:t})=>{let n=e,r=t;return{tenantId:n?.tenantId,accountId:n?.accountId,refreshedAt:r?.refreshedAt,balanceCount:Array.isArray(r?.balances)?r?.balances.length:void 0}}},failure:{event:{name:a.balancesRefreshFailed},properties:({input:e,error:t})=>{let n=e;return{tenantId:n?.tenantId,accountId:n?.accountId,error:t instanceof Error?t.message:String(t??`unknown`)}}}}});export{d,u};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{d as e,f as t,p as n}from"./accounts.js";import{d as r,u as i}from"./transactions.js";import{d as a,u as o}from"./balances.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{t as e}from"../../../schema/dist/SchemaModel.js";import{l as t}from"../../../schema/dist/ScalarTypeEnum.js";import"../../../schema/dist/index.js";import{n,t as r}from"../../../spec.js";import{r as i}from"../models.js";import{t as a}from"../telemetry.js";const o=new e({name:`OpenBankingListTransactionsInput`,description:`Parameters for listing bank transactions from the canonical ledger.`,fields:{tenantId:{type:t.ID(),isOptional:!1},accountId:{type:t.ID(),isOptional:!1},from:{type:t.DateTime(),isOptional:!0},to:{type:t.DateTime(),isOptional:!0},cursor:{type:t.String_unsecure(),isOptional:!0},pageSize:{type:t.Int_unsecure(),isOptional:!0},direction:{type:t.String_unsecure(),isOptional:!0},minimumAmount:{type:t.Float_unsecure(),isOptional:!0},maximumAmount:{type:t.Float_unsecure(),isOptional:!0},category:{type:t.String_unsecure(),isOptional:!0}}}),s=new e({name:`OpenBankingListTransactionsOutput`,description:`Paginated list of transactions for a bank account.`,fields:{transactions:{type:i,isOptional:!1,isArray:!0},nextCursor:{type:t.String_unsecure(),isOptional:!0},hasMore:{type:t.Boolean(),isOptional:!0}}}),c=new e({name:`OpenBankingSyncTransactionsInput`,description:`Command payload to synchronise transactions from the open banking provider into the canonical ledger.`,fields:{tenantId:{type:t.ID(),isOptional:!1},accountId:{type:t.ID(),isOptional:!1},from:{type:t.DateTime(),isOptional:!0},to:{type:t.DateTime(),isOptional:!0},connectionId:{type:t.ID(),isOptional:!0},includePending:{type:t.Boolean(),isOptional:!0},backfillDays:{type:t.Int_unsecure(),isOptional:!0}}}),l=new e({name:`OpenBankingSyncTransactionsOutput`,description:`Result of a transaction synchronisation run.`,fields:{synced:{type:t.Int_unsecure(),isOptional:!1},failed:{type:t.Int_unsecure(),isOptional:!1},earliestSyncedAt:{type:t.DateTime(),isOptional:!0},latestSyncedAt:{type:t.DateTime(),isOptional:!0},nextSinceToken:{type:t.String_unsecure(),isOptional:!0},errors:{type:t.String_unsecure(),isArray:!0,isOptional:!0}}}),u=n({meta:{name:`openbanking.transactions.list`,version:1,description:`List bank transactions that have been normalised into the canonical ledger.`,goal:`Allow downstream analytics and UI surfaces to page through canonical bank transactions.`,context:`Used by Pocket Family Office dashboards, reconciliation workflows, and analytics data views.`,owners:[`platform.finance`],tags:[`open-banking`,`powens`,`transactions`],stability:`experimental`},io:{input:o,output:s},policy:{auth:`user`}}),d=r({meta:{name:`openbanking.transactions.sync`,version:1,description:`Synchronise transactions for a bank account by calling the configured open banking provider.`,goal:`Ensure the canonical transaction ledger stays aligned with the external provider.`,context:`Triggered by scheduled workflows or on-demand actions when activity is expected on an account.`,owners:[`platform.finance`],tags:[`open-banking`,`powens`,`transactions`],stability:`experimental`},io:{input:c,output:l},policy:{auth:`admin`},telemetry:{success:{event:{name:a.transactionsSynced},properties:({input:e,output:t})=>{let n=e,r=t;return{tenantId:n?.tenantId,accountId:n?.accountId,synced:r?.synced,failed:r?.failed,earliestSyncedAt:r?.earliestSyncedAt,latestSyncedAt:r?.latestSyncedAt}}},failure:{event:{name:a.transactionsSyncFailed},properties:({input:e,error:t})=>{let n=e;return{tenantId:n?.tenantId,accountId:n?.accountId,error:t instanceof Error?t.message:String(t??`unknown`)}}}}});export{d,u};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{t as e}from"../../schema/dist/SchemaModel.js";import{l as t}from"../../schema/dist/ScalarTypeEnum.js";import"../../schema/dist/index.js";const n=new e({name:`BankAccountRecord`,description:`Canonical representation of a bank account synced from an open banking provider.`,fields:{id:{type:t.ID(),isOptional:!1},tenantId:{type:t.ID(),isOptional:!1},userId:{type:t.ID(),isOptional:!1},connectionId:{type:t.ID(),isOptional:!1},externalId:{type:t.NonEmptyString(),isOptional:!1},institutionId:{type:t.NonEmptyString(),isOptional:!1},institutionName:{type:t.NonEmptyString(),isOptional:!1},institutionLogoUrl:{type:t.URL(),isOptional:!0},iban:{type:t.String_unsecure(),isOptional:!0},bic:{type:t.String_unsecure(),isOptional:!0},accountType:{type:t.NonEmptyString(),isOptional:!1},currency:{type:t.Currency(),isOptional:!1},displayName:{type:t.NonEmptyString(),isOptional:!1},accountNumberMasked:{type:t.String_unsecure(),isOptional:!0},productCode:{type:t.String_unsecure(),isOptional:!0},balance:{type:t.Float_unsecure(),isOptional:!0},availableBalance:{type:t.Float_unsecure(),isOptional:!0},lastSyncedAt:{type:t.DateTime(),isOptional:!1},createdAt:{type:t.DateTime(),isOptional:!1},updatedAt:{type:t.DateTime(),isOptional:!1},metadata:{type:t.JSONObject(),isOptional:!0}}}),r=new e({name:`BankTransactionRecord`,description:`Canonical transaction entry mapped from Powens into the open banking ledger.`,fields:{id:{type:t.ID(),isOptional:!1},accountId:{type:t.ID(),isOptional:!1},tenantId:{type:t.ID(),isOptional:!1},connectionId:{type:t.ID(),isOptional:!1},externalId:{type:t.NonEmptyString(),isOptional:!1},amount:{type:t.Float_unsecure(),isOptional:!1},currency:{type:t.Currency(),isOptional:!1},date:{type:t.DateTime(),isOptional:!1},bookingDate:{type:t.DateTime(),isOptional:!0},valueDate:{type:t.DateTime(),isOptional:!0},description:{type:t.String_unsecure(),isOptional:!0},counterpartyName:{type:t.String_unsecure(),isOptional:!0},counterpartyAccount:{type:t.String_unsecure(),isOptional:!0},merchantCategoryCode:{type:t.String_unsecure(),isOptional:!0},rawCategory:{type:t.String_unsecure(),isOptional:!0},standardizedCategory:{type:t.String_unsecure(),isOptional:!0},transactionType:{type:t.NonEmptyString(),isOptional:!1},status:{type:t.NonEmptyString(),isOptional:!1},runningBalance:{type:t.Float_unsecure(),isOptional:!0},metadata:{type:t.JSONObject(),isOptional:!0},createdAt:{type:t.DateTime(),isOptional:!1},updatedAt:{type:t.DateTime(),isOptional:!1}}}),i=new e({name:`AccountBalanceRecord`,description:`Canonical balance snapshot computed from Powens balance payloads.`,fields:{id:{type:t.ID(),isOptional:!1},accountId:{type:t.ID(),isOptional:!1},tenantId:{type:t.ID(),isOptional:!1},connectionId:{type:t.ID(),isOptional:!1},balanceType:{type:t.NonEmptyString(),isOptional:!1},currentBalance:{type:t.Float_unsecure(),isOptional:!1},availableBalance:{type:t.Float_unsecure(),isOptional:!0},currency:{type:t.Currency(),isOptional:!1},lastUpdatedAt:{type:t.DateTime(),isOptional:!1},createdAt:{type:t.DateTime(),isOptional:!1},metadata:{type:t.JSONObject(),isOptional:!0}}});export{i,n,r};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
const e={accountsSynced:`openbanking.accounts.synced`,accountsSyncFailed:`openbanking.accounts.sync_failed`,transactionsSynced:`openbanking.transactions.synced`,transactionsSyncFailed:`openbanking.transactions.sync_failed`,balancesRefreshed:`openbanking.balances.refreshed`,balancesRefreshFailed:`openbanking.balances.refresh_failed`,overviewGenerated:`openbanking.overview.generated`};export{e as t};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"@elevenlabs/elevenlabs-js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"@google-cloud/storage";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"googleapis";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"googleapis";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"googleapis";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./mistral-llm.js";import"./mistral-embedding.js";import"./qdrant-vector.js";import"./gmail-inbound.js";import"./gmail-outbound.js";import"./google-calendar.js";import"./elevenlabs-voice.js";import"./gcs-storage.js";import"./stripe-payments.js";import"./postmark-email.js";import"./twilio-sms.js";import"./powens-client.js";import"./powens-openbanking.js";import"./provider-factory.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"@mistralai/mistralai";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"@mistralai/mistralai";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"postmark";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"node:url";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./powens-client.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./mistral-llm.js";import"./mistral-embedding.js";import"./qdrant-vector.js";import"./elevenlabs-voice.js";import"./gcs-storage.js";import"./stripe-payments.js";import"./postmark-email.js";import"./twilio-sms.js";import"./powens-openbanking.js";import"node:buffer";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"@qdrant/js-client-rest";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"stripe";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"twilio";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./stripe.js";import"./postmark.js";import"./qdrant.js";import"./mistral.js";import"./elevenlabs.js";import"./gmail.js";import"./google-calendar.js";import"./twilio-sms.js";import"./gcs-storage.js";import"./powens.js";import"./impls/mistral-llm.js";import"./impls/mistral-embedding.js";import"./impls/qdrant-vector.js";import"./impls/gmail-inbound.js";import"./impls/gmail-outbound.js";import"./impls/google-calendar.js";import"./impls/elevenlabs-voice.js";import"./impls/gcs-storage.js";import"./impls/stripe-payments.js";import"./impls/postmark-email.js";import"./impls/twilio-sms.js";import"./impls/powens-client.js";import"./impls/powens-openbanking.js";import"./impls/provider-factory.js";import"./impls/index.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Experimental;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Stable;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Experimental;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Experimental;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Stable;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Stable;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"node:perf_hooks";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./provider.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./provider.js";import"@google-cloud/secret-manager";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./provider.js";import"./gcp-secret-manager.js";import"./env-secret-provider.js";import"./manager.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./provider.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"node:buffer";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"zod";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{t as e}from"../schema/dist/SchemaModel.js";import{l as t}from"../schema/dist/ScalarTypeEnum.js";import"../schema/dist/index.js";import{n,t as r}from"../spec.js";const i=new e({name:`KnowledgeSyncSchedule`,fields:{enabled:{type:t.Boolean(),isOptional:!1},cron:{type:t.String_unsecure(),isOptional:!0},intervalMs:{type:t.Int_unsecure(),isOptional:!0}}}),a=new e({name:`KnowledgeSourceRecord`,fields:{id:{type:t.ID(),isOptional:!1},tenantId:{type:t.ID(),isOptional:!1},spaceKey:{type:t.NonEmptyString(),isOptional:!1},spaceVersion:{type:t.Int_unsecure(),isOptional:!1},label:{type:t.String_unsecure(),isOptional:!1},sourceType:{type:t.String_unsecure(),isOptional:!1},syncSchedule:{type:i,isOptional:!0},lastSyncStatus:{type:t.String_unsecure(),isOptional:!0},lastSyncAt:{type:t.DateTime(),isOptional:!0},itemsProcessed:{type:t.Int_unsecure(),isOptional:!0},createdAt:{type:t.DateTime(),isOptional:!0},updatedAt:{type:t.DateTime(),isOptional:!0}}}),o=new e({name:`CreateKnowledgeSourceInput`,fields:{tenantId:{type:t.ID(),isOptional:!1},spaceKey:{type:t.NonEmptyString(),isOptional:!1},spaceVersion:{type:t.Int_unsecure(),isOptional:!1},label:{type:t.String_unsecure(),isOptional:!1},sourceType:{type:t.NonEmptyString(),isOptional:!1},config:{type:t.JSONObject(),isOptional:!1},syncSchedule:{type:i,isOptional:!0}}}),s=new e({name:`UpdateKnowledgeSourceInput`,fields:{sourceId:{type:t.ID(),isOptional:!1},label:{type:t.String_unsecure(),isOptional:!0},config:{type:t.JSONObject(),isOptional:!0},syncSchedule:{type:i,isOptional:!0}}}),c=new e({name:`DeleteKnowledgeSourceInput`,fields:{sourceId:{type:t.ID(),isOptional:!1}}}),l=new e({name:`DeleteKnowledgeSourceOutput`,fields:{success:{type:t.Boolean(),isOptional:!1}}}),u=new e({name:`ListKnowledgeSourcesInput`,fields:{tenantId:{type:t.ID(),isOptional:!1},spaceKey:{type:t.NonEmptyString(),isOptional:!0}}}),d=new e({name:`ListKnowledgeSourcesOutput`,fields:{sources:{type:a,isOptional:!1,isArray:!0}}}),f=new e({name:`TriggerKnowledgeSyncInput`,fields:{sourceId:{type:t.ID(),isOptional:!1}}}),p=new e({name:`TriggerKnowledgeSyncOutput`,fields:{success:{type:t.Boolean(),isOptional:!1},itemsProcessed:{type:t.Int_unsecure(),isOptional:!0},error:{type:t.String_unsecure(),isOptional:!0}}}),m=r({meta:{name:`knowledge.source.create`,version:1,description:`Create a knowledge source binding for a tenant.`,goal:`Onboard a new knowledge ingestion source such as Notion or uploads.`,context:`Used by Ops and App Studio to configure knowledge ingestion per tenant and space.`,owners:[`platform.knowledge`],tags:[`knowledge`,`sources`],stability:`experimental`},io:{input:o,output:a},policy:{auth:`admin`,policies:[{name:`platform.knowledge.manage`,version:1}]}}),h=r({meta:{name:`knowledge.source.update`,version:1,description:`Update metadata or configuration for a knowledge source.`,goal:`Allow rotation of credentials, sync schedules, and labels.`,context:`Supports editing how a tenant ingests knowledge (e.g., toggling sync cadence).`,owners:[`platform.knowledge`],tags:[`knowledge`,`sources`],stability:`experimental`},io:{input:s,output:a},policy:{auth:`admin`,policies:[{name:`platform.knowledge.manage`,version:1}]}}),g=r({meta:{name:`knowledge.source.delete`,version:1,description:`Delete a knowledge source binding for a tenant.`,goal:`Remove obsolete or compromised knowledge ingestion paths.`,context:`Ensures ephemeral or external sources can be removed cleanly without leaving residual bindings.`,owners:[`platform.knowledge`],tags:[`knowledge`,`sources`],stability:`experimental`},io:{input:c,output:l},policy:{auth:`admin`,policies:[{name:`platform.knowledge.manage`,version:1}]}}),_=n({meta:{name:`knowledge.source.list`,version:1,description:`List knowledge sources configured for a tenant.`,goal:`Provide visibility into knowledge ingest configuration and schedules.`,context:`Used by App Studio and Ops flows to surface knowledge sources and their health.`,owners:[`platform.knowledge`],tags:[`knowledge`,`sources`],stability:`experimental`},io:{input:u,output:d},policy:{auth:`admin`,policies:[{name:`platform.knowledge.read`,version:1}]}}),v=r({meta:{name:`knowledge.source.triggerSync`,version:1,description:`Trigger an immediate sync for a knowledge source.`,goal:`Support manual or automated sync retries for knowledge ingestion.`,context:`Invoked by Ops tooling or monitors when knowledge content must be refreshed or reprocessed.`,owners:[`platform.knowledge`],tags:[`knowledge`,`sources`],stability:`experimental`},io:{input:f,output:p},policy:{auth:`admin`,policies:[{name:`platform.knowledge.manage`,version:1}]}});export{_,g,h,m,v};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./spaces/product-canon.js";import"./spaces/support-faq.js";import"./spaces/email-threads.js";import"./spaces/uploaded-docs.js";import"./spaces/financial-docs.js";import"./spaces/financial-overview.js";import"./spaces/index.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Experimental;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import"./product-canon.js";import"./support-faq.js";import"./email-threads.js";import"./uploaded-docs.js";import"./financial-docs.js";import"./financial-overview.js";
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Stable;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{e}from"../../ownership.js";e.Beta;
|