npm - @lssm/lib.identity-rbac - Versions diffs - 0.0.0-canary-20251217063201 → 0.0.0-canary-20251217072406 - Mend

@lssm/lib.identity-rbac 0.0.0-canary-20251217063201 → 0.0.0-canary-20251217072406

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (143) hide show

package/dist/entities/index.js CHANGED Viewed

@@ -1 +1,35 @@
-import{AccountEntity as e,SessionEntity as t,UserEntity as n,VerificationEntity as r}from"./user.js";import{InvitationEntity as i,MemberEntity as a,OrganizationEntity as o,OrganizationTypeEnum as s,TeamEntity as c,TeamMemberEntity as l}from"./organization.js";import{ApiKeyEntity as u,PasskeyEntity as d,PermissionEntity as f,PolicyBindingEntity as p,RoleEntity as m}from"./rbac.js";const h=[n,t,e,r,o,a,i,c,l,m,f,p,u,d],g={moduleId:`@lssm/lib.identity-rbac`,entities:h,enums:[s]};export{e as AccountEntity,u as ApiKeyEntity,i as InvitationEntity,a as MemberEntity,o as OrganizationEntity,s as OrganizationTypeEnum,d as PasskeyEntity,f as PermissionEntity,p as PolicyBindingEntity,m as RoleEntity,t as SessionEntity,c as TeamEntity,l as TeamMemberEntity,n as UserEntity,r as VerificationEntity,h as identityRbacEntities,g as identityRbacSchemaContribution};
+import { AccountEntity, SessionEntity, UserEntity, VerificationEntity } from "./user.js";
+import { InvitationEntity, MemberEntity, OrganizationEntity, OrganizationTypeEnum, TeamEntity, TeamMemberEntity } from "./organization.js";
+import { ApiKeyEntity, PasskeyEntity, PermissionEntity, PolicyBindingEntity, RoleEntity } from "./rbac.js";
+//#region src/entities/index.ts
+/**
+* All identity-rbac entities for schema composition.
+*/
+const identityRbacEntities = [
+	UserEntity,
+	SessionEntity,
+	AccountEntity,
+	VerificationEntity,
+	OrganizationEntity,
+	MemberEntity,
+	InvitationEntity,
+	TeamEntity,
+	TeamMemberEntity,
+	RoleEntity,
+	PermissionEntity,
+	PolicyBindingEntity,
+	ApiKeyEntity,
+	PasskeyEntity
+];
+/**
+* Module schema contribution for identity-rbac.
+*/
+const identityRbacSchemaContribution = {
+	moduleId: "@lssm/lib.identity-rbac",
+	entities: identityRbacEntities,
+	enums: [OrganizationTypeEnum]
+};
+//#endregion
+export { AccountEntity, ApiKeyEntity, InvitationEntity, MemberEntity, OrganizationEntity, OrganizationTypeEnum, PasskeyEntity, PermissionEntity, PolicyBindingEntity, RoleEntity, SessionEntity, TeamEntity, TeamMemberEntity, UserEntity, VerificationEntity, identityRbacEntities, identityRbacSchemaContribution };

package/dist/entities/organization.d.ts CHANGED Viewed

@@ -1,86 +1,86 @@
-import * as _lssm_lib_schema484 from "@lssm/lib.schema";
+import * as _lssm_lib_schema734 from "@lssm/lib.schema";
 //#region src/entities/organization.d.ts
 /**
  * Organization type enum.
  */
-declare const OrganizationTypeEnum: _lssm_lib_schema484.EntityEnumDef;
+declare const OrganizationTypeEnum: _lssm_lib_schema734.EntityEnumDef;
 /**
  * Organization entity - tenant/company grouping.
  */
-declare const OrganizationEntity: _lssm_lib_schema484.EntitySpec<{
-  id: _lssm_lib_schema484.EntityScalarField;
-  name: _lssm_lib_schema484.EntityScalarField;
-  slug: _lssm_lib_schema484.EntityScalarField;
-  logo: _lssm_lib_schema484.EntityScalarField;
-  description: _lssm_lib_schema484.EntityScalarField;
-  metadata: _lssm_lib_schema484.EntityScalarField;
-  type: _lssm_lib_schema484.EntityEnumField;
-  onboardingCompleted: _lssm_lib_schema484.EntityScalarField;
-  onboardingStep: _lssm_lib_schema484.EntityScalarField;
-  referralCode: _lssm_lib_schema484.EntityScalarField;
-  referredBy: _lssm_lib_schema484.EntityScalarField;
-  createdAt: _lssm_lib_schema484.EntityScalarField;
-  updatedAt: _lssm_lib_schema484.EntityScalarField;
-  members: _lssm_lib_schema484.EntityRelationField;
-  invitations: _lssm_lib_schema484.EntityRelationField;
-  teams: _lssm_lib_schema484.EntityRelationField;
-  policyBindings: _lssm_lib_schema484.EntityRelationField;
+declare const OrganizationEntity: _lssm_lib_schema734.EntitySpec<{
+  id: _lssm_lib_schema734.EntityScalarField;
+  name: _lssm_lib_schema734.EntityScalarField;
+  slug: _lssm_lib_schema734.EntityScalarField;
+  logo: _lssm_lib_schema734.EntityScalarField;
+  description: _lssm_lib_schema734.EntityScalarField;
+  metadata: _lssm_lib_schema734.EntityScalarField;
+  type: _lssm_lib_schema734.EntityEnumField;
+  onboardingCompleted: _lssm_lib_schema734.EntityScalarField;
+  onboardingStep: _lssm_lib_schema734.EntityScalarField;
+  referralCode: _lssm_lib_schema734.EntityScalarField;
+  referredBy: _lssm_lib_schema734.EntityScalarField;
+  createdAt: _lssm_lib_schema734.EntityScalarField;
+  updatedAt: _lssm_lib_schema734.EntityScalarField;
+  members: _lssm_lib_schema734.EntityRelationField;
+  invitations: _lssm_lib_schema734.EntityRelationField;
+  teams: _lssm_lib_schema734.EntityRelationField;
+  policyBindings: _lssm_lib_schema734.EntityRelationField;
 }>;
 /**
  * Member entity - user membership in an organization.
  */
-declare const MemberEntity: _lssm_lib_schema484.EntitySpec<{
-  id: _lssm_lib_schema484.EntityScalarField;
-  userId: _lssm_lib_schema484.EntityScalarField;
-  organizationId: _lssm_lib_schema484.EntityScalarField;
-  role: _lssm_lib_schema484.EntityScalarField;
-  createdAt: _lssm_lib_schema484.EntityScalarField;
-  user: _lssm_lib_schema484.EntityRelationField;
-  organization: _lssm_lib_schema484.EntityRelationField;
+declare const MemberEntity: _lssm_lib_schema734.EntitySpec<{
+  id: _lssm_lib_schema734.EntityScalarField;
+  userId: _lssm_lib_schema734.EntityScalarField;
+  organizationId: _lssm_lib_schema734.EntityScalarField;
+  role: _lssm_lib_schema734.EntityScalarField;
+  createdAt: _lssm_lib_schema734.EntityScalarField;
+  user: _lssm_lib_schema734.EntityRelationField;
+  organization: _lssm_lib_schema734.EntityRelationField;
 }>;
 /**
  * Invitation entity - pending organization invites.
  */
-declare const InvitationEntity: _lssm_lib_schema484.EntitySpec<{
-  id: _lssm_lib_schema484.EntityScalarField;
-  organizationId: _lssm_lib_schema484.EntityScalarField;
-  email: _lssm_lib_schema484.EntityScalarField;
-  role: _lssm_lib_schema484.EntityScalarField;
-  status: _lssm_lib_schema484.EntityScalarField;
-  acceptedAt: _lssm_lib_schema484.EntityScalarField;
-  expiresAt: _lssm_lib_schema484.EntityScalarField;
-  inviterId: _lssm_lib_schema484.EntityScalarField;
-  teamId: _lssm_lib_schema484.EntityScalarField;
-  createdAt: _lssm_lib_schema484.EntityScalarField;
-  updatedAt: _lssm_lib_schema484.EntityScalarField;
-  organization: _lssm_lib_schema484.EntityRelationField;
-  inviter: _lssm_lib_schema484.EntityRelationField;
-  team: _lssm_lib_schema484.EntityRelationField;
+declare const InvitationEntity: _lssm_lib_schema734.EntitySpec<{
+  id: _lssm_lib_schema734.EntityScalarField;
+  organizationId: _lssm_lib_schema734.EntityScalarField;
+  email: _lssm_lib_schema734.EntityScalarField;
+  role: _lssm_lib_schema734.EntityScalarField;
+  status: _lssm_lib_schema734.EntityScalarField;
+  acceptedAt: _lssm_lib_schema734.EntityScalarField;
+  expiresAt: _lssm_lib_schema734.EntityScalarField;
+  inviterId: _lssm_lib_schema734.EntityScalarField;
+  teamId: _lssm_lib_schema734.EntityScalarField;
+  createdAt: _lssm_lib_schema734.EntityScalarField;
+  updatedAt: _lssm_lib_schema734.EntityScalarField;
+  organization: _lssm_lib_schema734.EntityRelationField;
+  inviter: _lssm_lib_schema734.EntityRelationField;
+  team: _lssm_lib_schema734.EntityRelationField;
 }>;
 /**
  * Team entity - team within an organization.
  */
-declare const TeamEntity: _lssm_lib_schema484.EntitySpec<{
-  id: _lssm_lib_schema484.EntityScalarField;
-  name: _lssm_lib_schema484.EntityScalarField;
-  organizationId: _lssm_lib_schema484.EntityScalarField;
-  createdAt: _lssm_lib_schema484.EntityScalarField;
-  updatedAt: _lssm_lib_schema484.EntityScalarField;
-  organization: _lssm_lib_schema484.EntityRelationField;
-  members: _lssm_lib_schema484.EntityRelationField;
-  invitations: _lssm_lib_schema484.EntityRelationField;
+declare const TeamEntity: _lssm_lib_schema734.EntitySpec<{
+  id: _lssm_lib_schema734.EntityScalarField;
+  name: _lssm_lib_schema734.EntityScalarField;
+  organizationId: _lssm_lib_schema734.EntityScalarField;
+  createdAt: _lssm_lib_schema734.EntityScalarField;
+  updatedAt: _lssm_lib_schema734.EntityScalarField;
+  organization: _lssm_lib_schema734.EntityRelationField;
+  members: _lssm_lib_schema734.EntityRelationField;
+  invitations: _lssm_lib_schema734.EntityRelationField;
 }>;
 /**
  * TeamMember entity - user's team membership.
  */
-declare const TeamMemberEntity: _lssm_lib_schema484.EntitySpec<{
-  id: _lssm_lib_schema484.EntityScalarField;
-  teamId: _lssm_lib_schema484.EntityScalarField;
-  userId: _lssm_lib_schema484.EntityScalarField;
-  createdAt: _lssm_lib_schema484.EntityScalarField;
-  team: _lssm_lib_schema484.EntityRelationField;
-  user: _lssm_lib_schema484.EntityRelationField;
+declare const TeamMemberEntity: _lssm_lib_schema734.EntitySpec<{
+  id: _lssm_lib_schema734.EntityScalarField;
+  teamId: _lssm_lib_schema734.EntityScalarField;
+  userId: _lssm_lib_schema734.EntityScalarField;
+  createdAt: _lssm_lib_schema734.EntityScalarField;
+  team: _lssm_lib_schema734.EntityRelationField;
+  user: _lssm_lib_schema734.EntityRelationField;
 }>;
 //#endregion
 export { InvitationEntity, MemberEntity, OrganizationEntity, OrganizationTypeEnum, TeamEntity, TeamMemberEntity };

package/dist/entities/organization.js CHANGED Viewed

@@ -1 +1,151 @@
-import{i as e,n as t,r as n,t as r}from"../schema/dist/entity/defineEntity.js";import"../schema/dist/index.js";const i=t({name:`OrganizationType`,values:[`PLATFORM_ADMIN`,`CONTRACT_SPEC_CUSTOMER`],schema:`lssm_sigil`,description:`Type of organization in the platform.`}),a=r({name:`Organization`,description:`An organization is a tenant boundary grouping users.`,schema:`lssm_sigil`,map:`organization`,fields:{id:n.id({description:`Unique organization identifier`}),name:n.string({description:`Organization display name`}),slug:n.string({isOptional:!0,isUnique:!0,description:`URL-friendly identifier`}),logo:n.url({isOptional:!0,description:`Organization logo URL`}),description:n.string({isOptional:!0,description:`Organization description`}),metadata:n.json({isOptional:!0,description:`Arbitrary organization metadata`}),type:n.enum(`OrganizationType`,{description:`Organization type`}),onboardingCompleted:n.boolean({default:!1}),onboardingStep:n.string({isOptional:!0}),referralCode:n.string({isOptional:!0,isUnique:!0,description:`Unique referral code`}),referredBy:n.string({isOptional:!0,description:`ID of referring user`}),createdAt:n.createdAt(),updatedAt:n.updatedAt(),members:n.hasMany(`Member`),invitations:n.hasMany(`Invitation`),teams:n.hasMany(`Team`),policyBindings:n.hasMany(`PolicyBinding`)},enums:[i]}),o=r({name:`Member`,description:`Membership of a user in an organization with a role.`,schema:`lssm_sigil`,map:`member`,fields:{id:n.id(),userId:n.foreignKey(),organizationId:n.foreignKey(),role:n.string({description:`Role in organization (owner, admin, member)`}),createdAt:n.createdAt(),user:n.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`}),organization:n.belongsTo(`Organization`,[`organizationId`],[`id`],{onDelete:`Cascade`})},indexes:[e.unique([`userId`,`organizationId`])]}),s=r({name:`Invitation`,description:`An invitation to join an organization.`,schema:`lssm_sigil`,map:`invitation`,fields:{id:n.id(),organizationId:n.foreignKey(),email:n.email({description:`Invited email address`}),role:n.string({isOptional:!0,description:`Role to assign on acceptance`}),status:n.string({default:`"pending"`,description:`Invitation status`}),acceptedAt:n.dateTime({isOptional:!0}),expiresAt:n.dateTime({isOptional:!0}),inviterId:n.foreignKey({description:`User who sent the invitation`}),teamId:n.string({isOptional:!0}),createdAt:n.createdAt(),updatedAt:n.updatedAt(),organization:n.belongsTo(`Organization`,[`organizationId`],[`id`],{onDelete:`Cascade`}),inviter:n.belongsTo(`User`,[`inviterId`],[`id`],{onDelete:`Cascade`}),team:n.belongsTo(`Team`,[`teamId`],[`id`],{onDelete:`Cascade`})}}),c=r({name:`Team`,description:`Team within an organization.`,schema:`lssm_sigil`,map:`team`,fields:{id:n.id(),name:n.string({description:`Team name`}),organizationId:n.foreignKey(),createdAt:n.createdAt(),updatedAt:n.updatedAt(),organization:n.belongsTo(`Organization`,[`organizationId`],[`id`],{onDelete:`Cascade`}),members:n.hasMany(`TeamMember`),invitations:n.hasMany(`Invitation`)}}),l=r({name:`TeamMember`,description:`Team membership for a user.`,schema:`lssm_sigil`,map:`team_member`,fields:{id:n.id(),teamId:n.foreignKey(),userId:n.foreignKey(),createdAt:n.createdAt(),team:n.belongsTo(`Team`,[`teamId`],[`id`],{onDelete:`Cascade`}),user:n.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})}});export{s as InvitationEntity,o as MemberEntity,a as OrganizationEntity,i as OrganizationTypeEnum,c as TeamEntity,l as TeamMemberEntity};
+import { defineEntity, defineEntityEnum, field, index } from "../schema/dist/entity/defineEntity.js";
+import "../schema/dist/index.js";
+//#region src/entities/organization.ts
+/**
+* Organization type enum.
+*/
+const OrganizationTypeEnum = defineEntityEnum({
+	name: "OrganizationType",
+	values: ["PLATFORM_ADMIN", "CONTRACT_SPEC_CUSTOMER"],
+	schema: "lssm_sigil",
+	description: "Type of organization in the platform."
+});
+/**
+* Organization entity - tenant/company grouping.
+*/
+const OrganizationEntity = defineEntity({
+	name: "Organization",
+	description: "An organization is a tenant boundary grouping users.",
+	schema: "lssm_sigil",
+	map: "organization",
+	fields: {
+		id: field.id({ description: "Unique organization identifier" }),
+		name: field.string({ description: "Organization display name" }),
+		slug: field.string({
+			isOptional: true,
+			isUnique: true,
+			description: "URL-friendly identifier"
+		}),
+		logo: field.url({
+			isOptional: true,
+			description: "Organization logo URL"
+		}),
+		description: field.string({
+			isOptional: true,
+			description: "Organization description"
+		}),
+		metadata: field.json({
+			isOptional: true,
+			description: "Arbitrary organization metadata"
+		}),
+		type: field.enum("OrganizationType", { description: "Organization type" }),
+		onboardingCompleted: field.boolean({ default: false }),
+		onboardingStep: field.string({ isOptional: true }),
+		referralCode: field.string({
+			isOptional: true,
+			isUnique: true,
+			description: "Unique referral code"
+		}),
+		referredBy: field.string({
+			isOptional: true,
+			description: "ID of referring user"
+		}),
+		createdAt: field.createdAt(),
+		updatedAt: field.updatedAt(),
+		members: field.hasMany("Member"),
+		invitations: field.hasMany("Invitation"),
+		teams: field.hasMany("Team"),
+		policyBindings: field.hasMany("PolicyBinding")
+	},
+	enums: [OrganizationTypeEnum]
+});
+/**
+* Member entity - user membership in an organization.
+*/
+const MemberEntity = defineEntity({
+	name: "Member",
+	description: "Membership of a user in an organization with a role.",
+	schema: "lssm_sigil",
+	map: "member",
+	fields: {
+		id: field.id(),
+		userId: field.foreignKey(),
+		organizationId: field.foreignKey(),
+		role: field.string({ description: "Role in organization (owner, admin, member)" }),
+		createdAt: field.createdAt(),
+		user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" }),
+		organization: field.belongsTo("Organization", ["organizationId"], ["id"], { onDelete: "Cascade" })
+	},
+	indexes: [index.unique(["userId", "organizationId"])]
+});
+/**
+* Invitation entity - pending organization invites.
+*/
+const InvitationEntity = defineEntity({
+	name: "Invitation",
+	description: "An invitation to join an organization.",
+	schema: "lssm_sigil",
+	map: "invitation",
+	fields: {
+		id: field.id(),
+		organizationId: field.foreignKey(),
+		email: field.email({ description: "Invited email address" }),
+		role: field.string({
+			isOptional: true,
+			description: "Role to assign on acceptance"
+		}),
+		status: field.string({
+			default: "\"pending\"",
+			description: "Invitation status"
+		}),
+		acceptedAt: field.dateTime({ isOptional: true }),
+		expiresAt: field.dateTime({ isOptional: true }),
+		inviterId: field.foreignKey({ description: "User who sent the invitation" }),
+		teamId: field.string({ isOptional: true }),
+		createdAt: field.createdAt(),
+		updatedAt: field.updatedAt(),
+		organization: field.belongsTo("Organization", ["organizationId"], ["id"], { onDelete: "Cascade" }),
+		inviter: field.belongsTo("User", ["inviterId"], ["id"], { onDelete: "Cascade" }),
+		team: field.belongsTo("Team", ["teamId"], ["id"], { onDelete: "Cascade" })
+	}
+});
+/**
+* Team entity - team within an organization.
+*/
+const TeamEntity = defineEntity({
+	name: "Team",
+	description: "Team within an organization.",
+	schema: "lssm_sigil",
+	map: "team",
+	fields: {
+		id: field.id(),
+		name: field.string({ description: "Team name" }),
+		organizationId: field.foreignKey(),
+		createdAt: field.createdAt(),
+		updatedAt: field.updatedAt(),
+		organization: field.belongsTo("Organization", ["organizationId"], ["id"], { onDelete: "Cascade" }),
+		members: field.hasMany("TeamMember"),
+		invitations: field.hasMany("Invitation")
+	}
+});
+/**
+* TeamMember entity - user's team membership.
+*/
+const TeamMemberEntity = defineEntity({
+	name: "TeamMember",
+	description: "Team membership for a user.",
+	schema: "lssm_sigil",
+	map: "team_member",
+	fields: {
+		id: field.id(),
+		teamId: field.foreignKey(),
+		userId: field.foreignKey(),
+		createdAt: field.createdAt(),
+		team: field.belongsTo("Team", ["teamId"], ["id"], { onDelete: "Cascade" }),
+		user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" })
+	}
+});
+//#endregion
+export { InvitationEntity, MemberEntity, OrganizationEntity, OrganizationTypeEnum, TeamEntity, TeamMemberEntity };

package/dist/entities/rbac.d.ts CHANGED Viewed

@@ -1,87 +1,87 @@
-import * as _lssm_lib_schema608 from "@lssm/lib.schema";
+import * as _lssm_lib_schema792 from "@lssm/lib.schema";
 //#region src/entities/rbac.d.ts
 /**
  * Role entity - named set of permissions.
  */
-declare const RoleEntity: _lssm_lib_schema608.EntitySpec<{
-  id: _lssm_lib_schema608.EntityScalarField;
-  name: _lssm_lib_schema608.EntityScalarField;
-  description: _lssm_lib_schema608.EntityScalarField;
-  permissions: _lssm_lib_schema608.EntityScalarField;
-  createdAt: _lssm_lib_schema608.EntityScalarField;
-  updatedAt: _lssm_lib_schema608.EntityScalarField;
-  policyBindings: _lssm_lib_schema608.EntityRelationField;
+declare const RoleEntity: _lssm_lib_schema792.EntitySpec<{
+  id: _lssm_lib_schema792.EntityScalarField;
+  name: _lssm_lib_schema792.EntityScalarField;
+  description: _lssm_lib_schema792.EntityScalarField;
+  permissions: _lssm_lib_schema792.EntityScalarField;
+  createdAt: _lssm_lib_schema792.EntityScalarField;
+  updatedAt: _lssm_lib_schema792.EntityScalarField;
+  policyBindings: _lssm_lib_schema792.EntityRelationField;
 }>;
 /**
  * Permission entity - atomic access right.
  */
-declare const PermissionEntity: _lssm_lib_schema608.EntitySpec<{
-  id: _lssm_lib_schema608.EntityScalarField;
-  name: _lssm_lib_schema608.EntityScalarField;
-  description: _lssm_lib_schema608.EntityScalarField;
-  createdAt: _lssm_lib_schema608.EntityScalarField;
-  updatedAt: _lssm_lib_schema608.EntityScalarField;
+declare const PermissionEntity: _lssm_lib_schema792.EntitySpec<{
+  id: _lssm_lib_schema792.EntityScalarField;
+  name: _lssm_lib_schema792.EntityScalarField;
+  description: _lssm_lib_schema792.EntityScalarField;
+  createdAt: _lssm_lib_schema792.EntityScalarField;
+  updatedAt: _lssm_lib_schema792.EntityScalarField;
 }>;
 /**
  * PolicyBinding entity - binds roles to principals.
  */
-declare const PolicyBindingEntity: _lssm_lib_schema608.EntitySpec<{
-  id: _lssm_lib_schema608.EntityScalarField;
-  roleId: _lssm_lib_schema608.EntityScalarField;
-  targetType: _lssm_lib_schema608.EntityScalarField;
-  targetId: _lssm_lib_schema608.EntityScalarField;
-  expiresAt: _lssm_lib_schema608.EntityScalarField;
-  createdAt: _lssm_lib_schema608.EntityScalarField;
-  userId: _lssm_lib_schema608.EntityScalarField;
-  organizationId: _lssm_lib_schema608.EntityScalarField;
-  role: _lssm_lib_schema608.EntityRelationField;
-  user: _lssm_lib_schema608.EntityRelationField;
-  organization: _lssm_lib_schema608.EntityRelationField;
+declare const PolicyBindingEntity: _lssm_lib_schema792.EntitySpec<{
+  id: _lssm_lib_schema792.EntityScalarField;
+  roleId: _lssm_lib_schema792.EntityScalarField;
+  targetType: _lssm_lib_schema792.EntityScalarField;
+  targetId: _lssm_lib_schema792.EntityScalarField;
+  expiresAt: _lssm_lib_schema792.EntityScalarField;
+  createdAt: _lssm_lib_schema792.EntityScalarField;
+  userId: _lssm_lib_schema792.EntityScalarField;
+  organizationId: _lssm_lib_schema792.EntityScalarField;
+  role: _lssm_lib_schema792.EntityRelationField;
+  user: _lssm_lib_schema792.EntityRelationField;
+  organization: _lssm_lib_schema792.EntityRelationField;
 }>;
 /**
  * ApiKey entity - API keys for programmatic access.
  */
-declare const ApiKeyEntity: _lssm_lib_schema608.EntitySpec<{
-  id: _lssm_lib_schema608.EntityScalarField;
-  name: _lssm_lib_schema608.EntityScalarField;
-  start: _lssm_lib_schema608.EntityScalarField;
-  prefix: _lssm_lib_schema608.EntityScalarField;
-  key: _lssm_lib_schema608.EntityScalarField;
-  userId: _lssm_lib_schema608.EntityScalarField;
-  refillInterval: _lssm_lib_schema608.EntityScalarField;
-  refillAmount: _lssm_lib_schema608.EntityScalarField;
-  lastRefillAt: _lssm_lib_schema608.EntityScalarField;
-  remaining: _lssm_lib_schema608.EntityScalarField;
-  requestCount: _lssm_lib_schema608.EntityScalarField;
-  lastRequest: _lssm_lib_schema608.EntityScalarField;
-  enabled: _lssm_lib_schema608.EntityScalarField;
-  rateLimitEnabled: _lssm_lib_schema608.EntityScalarField;
-  rateLimitTimeWindow: _lssm_lib_schema608.EntityScalarField;
-  rateLimitMax: _lssm_lib_schema608.EntityScalarField;
-  expiresAt: _lssm_lib_schema608.EntityScalarField;
-  permissions: _lssm_lib_schema608.EntityScalarField;
-  metadata: _lssm_lib_schema608.EntityScalarField;
-  createdAt: _lssm_lib_schema608.EntityScalarField;
-  updatedAt: _lssm_lib_schema608.EntityScalarField;
-  user: _lssm_lib_schema608.EntityRelationField;
+declare const ApiKeyEntity: _lssm_lib_schema792.EntitySpec<{
+  id: _lssm_lib_schema792.EntityScalarField;
+  name: _lssm_lib_schema792.EntityScalarField;
+  start: _lssm_lib_schema792.EntityScalarField;
+  prefix: _lssm_lib_schema792.EntityScalarField;
+  key: _lssm_lib_schema792.EntityScalarField;
+  userId: _lssm_lib_schema792.EntityScalarField;
+  refillInterval: _lssm_lib_schema792.EntityScalarField;
+  refillAmount: _lssm_lib_schema792.EntityScalarField;
+  lastRefillAt: _lssm_lib_schema792.EntityScalarField;
+  remaining: _lssm_lib_schema792.EntityScalarField;
+  requestCount: _lssm_lib_schema792.EntityScalarField;
+  lastRequest: _lssm_lib_schema792.EntityScalarField;
+  enabled: _lssm_lib_schema792.EntityScalarField;
+  rateLimitEnabled: _lssm_lib_schema792.EntityScalarField;
+  rateLimitTimeWindow: _lssm_lib_schema792.EntityScalarField;
+  rateLimitMax: _lssm_lib_schema792.EntityScalarField;
+  expiresAt: _lssm_lib_schema792.EntityScalarField;
+  permissions: _lssm_lib_schema792.EntityScalarField;
+  metadata: _lssm_lib_schema792.EntityScalarField;
+  createdAt: _lssm_lib_schema792.EntityScalarField;
+  updatedAt: _lssm_lib_schema792.EntityScalarField;
+  user: _lssm_lib_schema792.EntityRelationField;
 }>;
 /**
  * Passkey entity - WebAuthn passkeys.
  */
-declare const PasskeyEntity: _lssm_lib_schema608.EntitySpec<{
-  id: _lssm_lib_schema608.EntityScalarField;
-  name: _lssm_lib_schema608.EntityScalarField;
-  publicKey: _lssm_lib_schema608.EntityScalarField;
-  userId: _lssm_lib_schema608.EntityScalarField;
-  credentialID: _lssm_lib_schema608.EntityScalarField;
-  counter: _lssm_lib_schema608.EntityScalarField;
-  deviceType: _lssm_lib_schema608.EntityScalarField;
-  backedUp: _lssm_lib_schema608.EntityScalarField;
-  transports: _lssm_lib_schema608.EntityScalarField;
-  aaguid: _lssm_lib_schema608.EntityScalarField;
-  createdAt: _lssm_lib_schema608.EntityScalarField;
-  user: _lssm_lib_schema608.EntityRelationField;
+declare const PasskeyEntity: _lssm_lib_schema792.EntitySpec<{
+  id: _lssm_lib_schema792.EntityScalarField;
+  name: _lssm_lib_schema792.EntityScalarField;
+  publicKey: _lssm_lib_schema792.EntityScalarField;
+  userId: _lssm_lib_schema792.EntityScalarField;
+  credentialID: _lssm_lib_schema792.EntityScalarField;
+  counter: _lssm_lib_schema792.EntityScalarField;
+  deviceType: _lssm_lib_schema792.EntityScalarField;
+  backedUp: _lssm_lib_schema792.EntityScalarField;
+  transports: _lssm_lib_schema792.EntityScalarField;
+  aaguid: _lssm_lib_schema792.EntityScalarField;
+  createdAt: _lssm_lib_schema792.EntityScalarField;
+  user: _lssm_lib_schema792.EntityRelationField;
 }>;
 //#endregion
 export { ApiKeyEntity, PasskeyEntity, PermissionEntity, PolicyBindingEntity, RoleEntity };

package/dist/entities/rbac.js CHANGED Viewed

@@ -1 +1,138 @@
-import{i as e,r as t,t as n}from"../schema/dist/entity/defineEntity.js";import"../schema/dist/index.js";const r=n({name:`Role`,description:`A role defines a named set of permissions.`,schema:`lssm_sigil`,map:`role`,fields:{id:t.id(),name:t.string({isUnique:!0,description:`Unique role name`}),description:t.string({isOptional:!0,description:`Role description`}),permissions:t.string({isArray:!0,description:`Array of permission names`}),createdAt:t.createdAt(),updatedAt:t.updatedAt(),policyBindings:t.hasMany(`PolicyBinding`)}}),i=n({name:`Permission`,description:`A permission represents an atomic access right.`,schema:`lssm_sigil`,map:`permission`,fields:{id:t.id(),name:t.string({isUnique:!0,description:`Unique permission name`}),description:t.string({isOptional:!0,description:`Permission description`}),createdAt:t.createdAt(),updatedAt:t.updatedAt()}}),a=n({name:`PolicyBinding`,description:`Binds roles to principals (users or organizations).`,schema:`lssm_sigil`,map:`policy_binding`,fields:{id:t.id(),roleId:t.foreignKey(),targetType:t.string({description:`"user" or "organization"`}),targetId:t.string({description:`ID of User or Organization`}),expiresAt:t.dateTime({isOptional:!0,description:`When binding expires`}),createdAt:t.createdAt(),userId:t.string({isOptional:!0}),organizationId:t.string({isOptional:!0}),role:t.belongsTo(`Role`,[`roleId`],[`id`],{onDelete:`Cascade`}),user:t.belongsTo(`User`,[`userId`],[`id`]),organization:t.belongsTo(`Organization`,[`organizationId`],[`id`])},indexes:[e.on([`targetType`,`targetId`])]}),o=n({name:`ApiKey`,description:`API keys for programmatic access.`,schema:`lssm_sigil`,map:`api_key`,fields:{id:t.id(),name:t.string({description:`API key name`}),start:t.string({description:`Starting characters for identification`}),prefix:t.string({description:`API key prefix`}),key:t.string({description:`Hashed API key`}),userId:t.foreignKey(),refillInterval:t.int({description:`Refill interval in ms`}),refillAmount:t.int({description:`Amount to refill`}),lastRefillAt:t.dateTime(),remaining:t.int({description:`Remaining requests`}),requestCount:t.int({description:`Total requests made`}),lastRequest:t.dateTime(),enabled:t.boolean({default:!0}),rateLimitEnabled:t.boolean({default:!0}),rateLimitTimeWindow:t.int({description:`Rate limit window in ms`}),rateLimitMax:t.int({description:`Max requests in window`}),expiresAt:t.dateTime(),permissions:t.string({isArray:!0}),metadata:t.json({isOptional:!0}),createdAt:t.createdAt(),updatedAt:t.updatedAt(),user:t.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})}}),s=n({name:`Passkey`,description:`WebAuthn passkeys for passwordless authentication.`,schema:`lssm_sigil`,map:`passkey`,fields:{id:t.id(),name:t.string({description:`Passkey name`}),publicKey:t.string({description:`Public key`}),userId:t.foreignKey(),credentialID:t.string({description:`Credential ID`}),counter:t.int({description:`Counter`}),deviceType:t.string({description:`Device type`}),backedUp:t.boolean({description:`Whether passkey is backed up`}),transports:t.string({description:`Transports`}),aaguid:t.string({description:`Authenticator GUID`}),createdAt:t.createdAt(),user:t.belongsTo(`User`,[`userId`],[`id`],{onDelete:`Cascade`})}});export{o as ApiKeyEntity,s as PasskeyEntity,i as PermissionEntity,a as PolicyBindingEntity,r as RoleEntity};
+import { defineEntity, field, index } from "../schema/dist/entity/defineEntity.js";
+import "../schema/dist/index.js";
+//#region src/entities/rbac.ts
+/**
+* Role entity - named set of permissions.
+*/
+const RoleEntity = defineEntity({
+	name: "Role",
+	description: "A role defines a named set of permissions.",
+	schema: "lssm_sigil",
+	map: "role",
+	fields: {
+		id: field.id(),
+		name: field.string({
+			isUnique: true,
+			description: "Unique role name"
+		}),
+		description: field.string({
+			isOptional: true,
+			description: "Role description"
+		}),
+		permissions: field.string({
+			isArray: true,
+			description: "Array of permission names"
+		}),
+		createdAt: field.createdAt(),
+		updatedAt: field.updatedAt(),
+		policyBindings: field.hasMany("PolicyBinding")
+	}
+});
+/**
+* Permission entity - atomic access right.
+*/
+const PermissionEntity = defineEntity({
+	name: "Permission",
+	description: "A permission represents an atomic access right.",
+	schema: "lssm_sigil",
+	map: "permission",
+	fields: {
+		id: field.id(),
+		name: field.string({
+			isUnique: true,
+			description: "Unique permission name"
+		}),
+		description: field.string({
+			isOptional: true,
+			description: "Permission description"
+		}),
+		createdAt: field.createdAt(),
+		updatedAt: field.updatedAt()
+	}
+});
+/**
+* PolicyBinding entity - binds roles to principals.
+*/
+const PolicyBindingEntity = defineEntity({
+	name: "PolicyBinding",
+	description: "Binds roles to principals (users or organizations).",
+	schema: "lssm_sigil",
+	map: "policy_binding",
+	fields: {
+		id: field.id(),
+		roleId: field.foreignKey(),
+		targetType: field.string({ description: "\"user\" or \"organization\"" }),
+		targetId: field.string({ description: "ID of User or Organization" }),
+		expiresAt: field.dateTime({
+			isOptional: true,
+			description: "When binding expires"
+		}),
+		createdAt: field.createdAt(),
+		userId: field.string({ isOptional: true }),
+		organizationId: field.string({ isOptional: true }),
+		role: field.belongsTo("Role", ["roleId"], ["id"], { onDelete: "Cascade" }),
+		user: field.belongsTo("User", ["userId"], ["id"]),
+		organization: field.belongsTo("Organization", ["organizationId"], ["id"])
+	},
+	indexes: [index.on(["targetType", "targetId"])]
+});
+/**
+* ApiKey entity - API keys for programmatic access.
+*/
+const ApiKeyEntity = defineEntity({
+	name: "ApiKey",
+	description: "API keys for programmatic access.",
+	schema: "lssm_sigil",
+	map: "api_key",
+	fields: {
+		id: field.id(),
+		name: field.string({ description: "API key name" }),
+		start: field.string({ description: "Starting characters for identification" }),
+		prefix: field.string({ description: "API key prefix" }),
+		key: field.string({ description: "Hashed API key" }),
+		userId: field.foreignKey(),
+		refillInterval: field.int({ description: "Refill interval in ms" }),
+		refillAmount: field.int({ description: "Amount to refill" }),
+		lastRefillAt: field.dateTime(),
+		remaining: field.int({ description: "Remaining requests" }),
+		requestCount: field.int({ description: "Total requests made" }),
+		lastRequest: field.dateTime(),
+		enabled: field.boolean({ default: true }),
+		rateLimitEnabled: field.boolean({ default: true }),
+		rateLimitTimeWindow: field.int({ description: "Rate limit window in ms" }),
+		rateLimitMax: field.int({ description: "Max requests in window" }),
+		expiresAt: field.dateTime(),
+		permissions: field.string({ isArray: true }),
+		metadata: field.json({ isOptional: true }),
+		createdAt: field.createdAt(),
+		updatedAt: field.updatedAt(),
+		user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" })
+	}
+});
+/**
+* Passkey entity - WebAuthn passkeys.
+*/
+const PasskeyEntity = defineEntity({
+	name: "Passkey",
+	description: "WebAuthn passkeys for passwordless authentication.",
+	schema: "lssm_sigil",
+	map: "passkey",
+	fields: {
+		id: field.id(),
+		name: field.string({ description: "Passkey name" }),
+		publicKey: field.string({ description: "Public key" }),
+		userId: field.foreignKey(),
+		credentialID: field.string({ description: "Credential ID" }),
+		counter: field.int({ description: "Counter" }),
+		deviceType: field.string({ description: "Device type" }),
+		backedUp: field.boolean({ description: "Whether passkey is backed up" }),
+		transports: field.string({ description: "Transports" }),
+		aaguid: field.string({ description: "Authenticator GUID" }),
+		createdAt: field.createdAt(),
+		user: field.belongsTo("User", ["userId"], ["id"], { onDelete: "Cascade" })
+	}
+});
+//#endregion
+export { ApiKeyEntity, PasskeyEntity, PermissionEntity, PolicyBindingEntity, RoleEntity };