@lssm/lib.identity-rbac 0.0.0-canary-20251207013726 → 0.0.0-canary-20251207043720

package/dist/policies/engine.d.ts

@@ -1,132 +0,0 @@
-//#region src/policies/engine.d.ts
-/**
- * Standard permissions for identity-rbac module.
- */
-declare const Permission: {
-  readonly USER_CREATE: "user.create";
-  readonly USER_READ: "user.read";
-  readonly USER_UPDATE: "user.update";
-  readonly USER_DELETE: "user.delete";
-  readonly USER_LIST: "user.list";
-  readonly USER_MANAGE: "user.manage";
-  readonly ORG_CREATE: "org.create";
-  readonly ORG_READ: "org.read";
-  readonly ORG_UPDATE: "org.update";
-  readonly ORG_DELETE: "org.delete";
-  readonly ORG_LIST: "org.list";
-  readonly MEMBER_INVITE: "member.invite";
-  readonly MEMBER_REMOVE: "member.remove";
-  readonly MEMBER_UPDATE_ROLE: "member.update_role";
-  readonly MEMBER_LIST: "member.list";
-  readonly MANAGE_MEMBERS: "org.manage_members";
-  readonly TEAM_CREATE: "team.create";
-  readonly TEAM_UPDATE: "team.update";
-  readonly TEAM_DELETE: "team.delete";
-  readonly TEAM_MANAGE: "team.manage";
-  readonly ROLE_CREATE: "role.create";
-  readonly ROLE_UPDATE: "role.update";
-  readonly ROLE_DELETE: "role.delete";
-  readonly ROLE_ASSIGN: "role.assign";
-  readonly ROLE_REVOKE: "role.revoke";
-  readonly BILLING_VIEW: "billing.view";
-  readonly BILLING_MANAGE: "billing.manage";
-  readonly PROJECT_CREATE: "project.create";
-  readonly PROJECT_READ: "project.read";
-  readonly PROJECT_UPDATE: "project.update";
-  readonly PROJECT_DELETE: "project.delete";
-  readonly PROJECT_MANAGE: "project.manage";
-  readonly ADMIN_ACCESS: "admin.access";
-  readonly ADMIN_IMPERSONATE: "admin.impersonate";
-};
-type PermissionKey = (typeof Permission)[keyof typeof Permission];
-/**
- * Standard role definitions.
- */
-declare const StandardRole: {
-  readonly OWNER: {
-    readonly name: "owner";
-    readonly description: "Organization owner with full access";
-    readonly permissions: ("user.create" | "user.read" | "user.update" | "user.delete" | "user.list" | "user.manage" | "org.create" | "org.read" | "org.update" | "org.delete" | "org.list" | "member.invite" | "member.remove" | "member.update_role" | "member.list" | "org.manage_members" | "team.create" | "team.update" | "team.delete" | "team.manage" | "role.create" | "role.update" | "role.delete" | "role.assign" | "role.revoke" | "billing.view" | "billing.manage" | "project.create" | "project.read" | "project.update" | "project.delete" | "project.manage" | "admin.access" | "admin.impersonate")[];
-  };
-  readonly ADMIN: {
-    readonly name: "admin";
-    readonly description: "Administrator with most permissions";
-    readonly permissions: readonly ["user.read", "user.list", "org.read", "org.update", "member.invite", "member.remove", "member.update_role", "member.list", "org.manage_members", "team.create", "team.update", "team.delete", "team.manage", "project.create", "project.read", "project.update", "project.delete", "project.manage", "billing.view"];
-  };
-  readonly MEMBER: {
-    readonly name: "member";
-    readonly description: "Regular organization member";
-    readonly permissions: readonly ["user.read", "org.read", "member.list", "project.read", "project.create"];
-  };
-  readonly VIEWER: {
-    readonly name: "viewer";
-    readonly description: "Read-only access";
-    readonly permissions: readonly ["user.read", "org.read", "member.list", "project.read"];
-  };
-};
-/**
- * Permission check input.
- */
-interface PermissionCheckInput {
-  userId: string;
-  orgId?: string;
-  permission: PermissionKey | string;
-}
-/**
- * Permission check result.
- */
-interface PermissionCheckResult {
-  allowed: boolean;
-  reason?: string;
-  matchedRole?: string;
-}
-/**
- * Role with permissions.
- */
-interface RoleWithPermissions {
-  id: string;
-  name: string;
-  permissions: string[];
-}
-/**
- * Policy binding for permission evaluation.
- */
-interface PolicyBindingForEval {
-  roleId: string;
-  role: RoleWithPermissions;
-  targetType: 'user' | 'organization';
-  targetId: string;
-  expiresAt?: Date | null;
-}
-/**
- * RBAC Policy Engine for permission checks.
- */
-declare class RBACPolicyEngine {
-  private roleCache;
-  private bindingCache;
-  /**
-   * Check if a user has a specific permission.
-   */
-  checkPermission(input: PermissionCheckInput, bindings: PolicyBindingForEval[]): Promise<PermissionCheckResult>;
-  /**
-   * Get all permissions for a user in a context.
-   */
-  getPermissions(userId: string, orgId: string | undefined, bindings: PolicyBindingForEval[]): Promise<{
-    permissions: Set<string>;
-    roles: RoleWithPermissions[];
-  }>;
-  /**
-   * Check if user has any of the specified permissions.
-   */
-  hasAnyPermission(userId: string, orgId: string | undefined, permissions: string[], bindings: PolicyBindingForEval[]): Promise<boolean>;
-  /**
-   * Check if user has all of the specified permissions.
-   */
-  hasAllPermissions(userId: string, orgId: string | undefined, permissions: string[], bindings: PolicyBindingForEval[]): Promise<boolean>;
-}
-/**
- * Create a new RBAC policy engine instance.
- */
-declare function createRBACEngine(): RBACPolicyEngine;
-//#endregion
-export { Permission, PermissionCheckInput, PermissionCheckResult, PermissionKey, PolicyBindingForEval, RBACPolicyEngine, RoleWithPermissions, StandardRole, createRBACEngine };

package/dist/policies/index.d.ts

@@ -1,2 +0,0 @@
-import { Permission, PermissionCheckInput, PermissionCheckResult, PermissionKey, PolicyBindingForEval, RBACPolicyEngine, RoleWithPermissions, StandardRole, createRBACEngine } from "./engine.js";
-export { Permission, type PermissionCheckInput, type PermissionCheckResult, type PermissionKey, type PolicyBindingForEval, RBACPolicyEngine, type RoleWithPermissions, StandardRole, createRBACEngine };

package/dist/schema/dist/EnumType.js

@@ -1 +0,0 @@
-import{z as e}from"zod";import"graphql";

package/dist/schema/dist/FieldType.js

@@ -1 +0,0 @@
-import{z as e}from"zod";import{GraphQLScalarType as t}from"graphql";var n=class extends t{zodSchema;jsonSchemaDef;constructor(e){super(e),this.zodSchema=e.zod,this.jsonSchemaDef=e.jsonSchema}getZod(){return this.zodSchema}getPothos(){return this}getJson(){return typeof this.jsonSchemaDef==`function`?this.jsonSchemaDef():this.jsonSchemaDef}getJsonSchemaDef(){return this.jsonSchemaDef}getJsonSchema(){let e=t=>{let n=typeof t==`function`?t():t;if(Array.isArray(n))return n.map(t=>e(t));if(n&&typeof n==`object`){let t={};for(let[r,i]of Object.entries(n))t[r]=e(i);return t}return n};return e(this.getJson())}};export{n};

package/dist/schema/dist/ScalarTypeEnum.js

@@ -1 +0,0 @@
-import{n as e}from"./FieldType.js";import{z as t}from"zod";import{Kind as n}from"graphql";const r=/^[A-Za-z]{2}(?:-[A-Za-z0-9]{2,8})*$/,i=/^(?:UTC|[A-Za-z_]+\/[A-Za-z_]+)$/,a=/^[+]?\d[\d\s().-]{3,}$/,o=/^[A-Z]{3}$/,s=/^[A-Z]{2}$/,c=-180,l={String_unsecure:()=>new e({name:`String_unsecure`,description:`Unvalidated string scalar`,zod:t.string(),parseValue:e=>t.string().parse(e),serialize:e=>String(e),parseLiteral:e=>{if(e.kind!==n.STRING)throw TypeError(`Invalid literal`);return e.value},jsonSchema:{type:`string`}}),Int_unsecure:()=>new e({name:`Int_unsecure`,description:`Unvalidated integer scalar`,zod:t.number().int(),parseValue:e=>{let n=typeof e==`number`?e:Number(e);return t.number().int().parse(n)},serialize:e=>Math.trunc(typeof e==`number`?e:Number(e)),parseLiteral:e=>{if(e.kind!==n.INT)throw TypeError(`Invalid literal`);return Number(e.value)},jsonSchema:{type:`integer`}}),Float_unsecure:()=>new e({name:`Float_unsecure`,description:`Unvalidated float scalar`,zod:t.number(),parseValue:e=>{let n=typeof e==`number`?e:Number(e);return t.number().parse(n)},serialize:e=>Number(e),parseLiteral:e=>{if(e.kind!==n.FLOAT&&e.kind!==n.INT)throw TypeError(`Invalid literal`);return Number(e.value)},jsonSchema:{type:`number`}}),Boolean:()=>new e({name:`Boolean`,description:`Unvalidated boolean scalar`,zod:t.boolean(),parseValue:e=>t.coerce.boolean().parse(e),serialize:e=>!!e,parseLiteral:e=>{if(e.kind!==n.BOOLEAN)throw TypeError(`Invalid literal`);return e.value},jsonSchema:{type:`boolean`}}),ID:()=>new e({name:`ID`,description:`Unvalidated id scalar`,zod:t.string(),parseValue:e=>t.string().parse(e),serialize:e=>String(e),parseLiteral:e=>{if(e.kind!==n.STRING)throw TypeError(`Invalid literal`);return e.value},jsonSchema:{type:`string`}}),JSON:()=>new e({name:`JSON`,zod:t.any(),parseValue:e=>e,serialize:e=>e,jsonSchema:{}}),JSONObject:()=>new e({name:`JSONObject`,zod:t.record(t.string(),t.any()),parseValue:e=>t.record(t.string(),t.any()).parse(e),serialize:e=>e??{},jsonSchema:{type:`object`}}),Date:()=>new e({name:`Date`,zod:t.date(),parseValue:e=>e instanceof Date?e:new Date(String(e)),serialize:e=>e instanceof Date?e.toISOString().split(`T`)[0]:String(e),jsonSchema:{type:`string`,format:`date`}}),DateTime:()=>new e({name:`DateTime`,zod:t.date(),parseValue:e=>e instanceof Date?e:new Date(String(e)),serialize:e=>e instanceof Date?e.toISOString():String(e),jsonSchema:{type:`string`,format:`date-time`}}),Time:()=>new e({name:`Time`,zod:t.string().regex(/^\d{2}:\d{2}(:\d{2})?$/),parseValue:e=>t.string().regex(/^\d{2}:\d{2}(:\d{2})?$/).parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,pattern:`^\\d{2}:\\d{2}(:\\d{2})?$`}}),EmailAddress:()=>new e({name:`EmailAddress`,zod:t.string().email(),parseValue:e=>t.string().email().parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,format:`email`}}),URL:()=>new e({name:`URL`,zod:t.string().url(),parseValue:e=>t.string().url().parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,format:`uri`}}),PhoneNumber:()=>new e({name:`PhoneNumber`,zod:t.string().regex(a),parseValue:e=>t.string().regex(a).parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,pattern:a.source}}),NonEmptyString:()=>new e({name:`NonEmptyString`,zod:t.string().min(1),parseValue:e=>t.string().min(1).parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,minLength:1}}),Locale:()=>new e({name:`Locale`,zod:t.string().regex(r),parseValue:e=>t.string().regex(r).parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,pattern:r.source}}),TimeZone:()=>new e({name:`TimeZone`,zod:t.string().regex(i),parseValue:e=>t.string().regex(i).parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,pattern:i.source}}),Latitude:()=>new e({name:`Latitude`,zod:t.number().min(-90).max(90),parseValue:e=>t.coerce.number().min(-90).max(90).parse(e),serialize:e=>Number(e),jsonSchema:{type:`number`,minimum:-90,maximum:90}}),Longitude:()=>new e({name:`Longitude`,zod:t.number().min(c).max(180),parseValue:e=>t.coerce.number().min(c).max(180).parse(e),serialize:e=>Number(e),jsonSchema:{type:`number`,minimum:c,maximum:180}}),Currency:()=>new e({name:`Currency`,zod:t.string().regex(o),parseValue:e=>t.string().regex(o).parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,pattern:o.source}}),CountryCode:()=>new e({name:`CountryCode`,zod:t.string().regex(s),parseValue:e=>t.string().regex(s).parse(e),serialize:e=>String(e),jsonSchema:{type:`string`,pattern:s.source}})};export{l};

package/dist/schema/dist/SchemaModel.js

@@ -1 +0,0 @@
-import"./EnumType.js";import"./FieldType.js";import{z as e}from"zod";var t=class{constructor(e){this.config=e}getZod(){let t=Object.entries(this.config.fields).reduce((t,[n,r])=>{let i=r.type.getZod(),a=r.isArray?e.array(i):i;return t[n]=r.isOptional?a.optional():a,t},{});return e.object(t)}getPothosInput(){return this.config.name}};export{t};

package/dist/schema/dist/entity/defineEntity.js

@@ -1 +0,0 @@
-import{z as e}from"zod";function t(e){return e}function n(e){return e}const r={string(e){return{kind:`scalar`,type:`String`,...e}},int(e){return{kind:`scalar`,type:`Int`,...e}},float(e){return{kind:`scalar`,type:`Float`,...e}},boolean(e){return{kind:`scalar`,type:`Boolean`,...e}},dateTime(e){return{kind:`scalar`,type:`DateTime`,...e}},json(e){return{kind:`scalar`,type:`Json`,...e}},bigInt(e){return{kind:`scalar`,type:`BigInt`,...e}},decimal(e){return{kind:`scalar`,type:`Decimal`,...e}},bytes(e){return{kind:`scalar`,type:`Bytes`,...e}},id(e){return{kind:`scalar`,type:`String`,isId:!0,default:`cuid()`,...e}},uuid(e){return{kind:`scalar`,type:`String`,isId:!0,default:`uuid()`,...e}},autoIncrement(e){return{kind:`scalar`,type:`Int`,isId:!0,default:`autoincrement()`,...e}},createdAt(e){return{kind:`scalar`,type:`DateTime`,default:`now()`,...e}},updatedAt(e){return{kind:`scalar`,type:`DateTime`,updatedAt:!0,...e}},email(t){return{kind:`scalar`,type:`String`,zod:e.email(),...t}},url(t){return{kind:`scalar`,type:`String`,zod:e.url(),...t}},enum(e,t){return{kind:`enum`,enumName:e,...t}},inlineEnum(e,t,n){return{kind:`enum`,enumName:e,values:t,...n}},hasOne(e,t){return{kind:`relation`,type:`hasOne`,target:e,...t}},hasMany(e,t){return{kind:`relation`,type:`hasMany`,target:e,...t}},belongsTo(e,t,n,r){return{kind:`relation`,type:`belongsTo`,target:e,fields:t,references:n,...r}},foreignKey(e){return{kind:`scalar`,type:`String`,...e}}},i={on(e,t){return{fields:e,...t}},unique(e,t){return{fields:e,unique:!0,...t}},compound(e,t,n){return{fields:e,sort:t,...n}}};export{i,n,r,t};

package/dist/schema/dist/entity/index.js

@@ -1 +0,0 @@
-import{i as e,n as t,r as n,t as r}from"./defineEntity.js";import"./types.js";

package/dist/schema/dist/entity/types.js

@@ -1 +0,0 @@
-import{z as e}from"zod";

package/dist/schema/dist/index.js

@@ -1 +0,0 @@
-import"./EnumType.js";import{n as e}from"./FieldType.js";import{l as t}from"./ScalarTypeEnum.js";import{t as n}from"./SchemaModel.js";import{i as r,n as i,r as a,t as o}from"./entity/defineEntity.js";import"./entity/index.js";