npm - @lssm/lib.identity-rbac - Versions diffs - 0.0.0-canary-20251217083314 → 0.0.0-canary-20251220002821 - Mend

@lssm/lib.identity-rbac 0.0.0-canary-20251217083314 → 0.0.0-canary-20251220002821

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (182) hide show

package/dist/events.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"events.d.ts","names":[],"sources":["../src/events.ts"],"sourcesContent":[],"mappings":";;;;;;;;cA0Ma,kBAAgB,oBAAA,CAAA,UAAA;EAAhB,MAAA,EAAA;IAKX,IAAA,EAAA,iBAAA,CAAA,SAAA,CAAA,MAAA,EAAA,MAAA,CAAA;;;;;IAL2B,UAAA,EAAA,KAAA;EAAA,CAAA;EAAA,IAAA,EAAA;IAUhB,IAAA,6BAKX,CAAA,MAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,IAAA;;;;IAL2B,UAAA,EAAA,KAAA;EAAA,CAAA;CAAA,CAAA,CAAA;AAU7B;;;cAVa,kBAAgB,oBAAA,CAAA,UAAA;;IAUA,IAAA,EAL3B,iBAAA,CAAA,SAK2B,CAAA,MAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAAA,CAAA;EAWhB,aAAA,EAAA;IAKX,IAAA,6BAAA,CAAA,MAAA,EAAA,MAAA,CAAA;;;;EALiC,SAAA,EAAA;IAAA,IAAA,6BAAA,KAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAYtB,CAAA;CAKX,CAAA,CAAA;;;;cA5BW,kBAAgB,oBAAA,CAAA,UAAA;;IAuBD,IAAA,EAjB1B,iBAAA,CAAA,SAiB0B,CAAA,MAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAAA,CAAA;EAUf,KAAA,EAAA;IAKX,IAAA,6BAAA,CAAA,MAAA,EAAA,MAAA,CAAA;;;;;IAL0B,UAAA,EAAA,KAAA;EAAA,CAAA;CAAA,CAAA,CAAA;AAU5B;;;cAhCa,wBAAsB,oBAAA,CAAA,UAAA;;UAKjC,iBAAA,CAAA;IA2B0B,UAAA,EAAA,KAAA;EAAA,CAAA;EAAA,KAAA,EAAA;IAYf,IAAA,6BAKX,CAAA,MAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;;;;;;CAL8B,CAAA,CAAA;;;AAUhC;AAKE,cA/CW,eA+CX,EA/C0B,oBAAA,CAAA,SA+C1B,CA/C0B,WA+C1B,CAAA;;UA1CA,iBAAA,CAAA;;;;IAqCgC,IAAA,6BAAA,CAAA,MAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAAA,CAAA;EAUrB,IAAA,EAAA;IAKX,IAAA,6BAAA,CAAA,MAAA,EAAA,MAAA,CAAA;;;;;;;EALoC,SAAA,EAAA;IAAA,IAAA,6BAAA,KAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAYzB,CAAA;CAMX,CAAA,CAAA;;;;cA5DW,iBAAe,oBAAA,CAAA,UAAA;;UAK1B,iBAAA,CAAA;;;EAiD6B,aAAA,EAAA;IAAA,IAAA,6BAAA,CAAA,MAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;IAWlB,OAAA,EAAA,IAAA;EAKX,CAAA;;;;;EALiC,SAAA,EAAA;IAAA,IAAA,6BAAA,KAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAUtB,CAAA;CAKX,CAAA,CAAA;;;;AALiC,cAjEtB,eAiEsB,EAjEP,oBAAA,CAAA,SAiEO,CAjEP,WAiEO,CAAA;EAAA,KAAA,EAAA;IAAA,IAAA,EA5DjC,iBAAA,CAAA,SA4DiC,CAAA,MAAA,EAAA,MAAA,CAAA;IAYtB,UAAA,EAAA,KAKX;EAAA,CAAA;;;;;;;;;;IAL4B,IAAA,6BAAA,KAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAAA,CAAA;AAU9B,CAAA,CAAA,CAAA;;;;cA3Ea,qBAAmB,oBAAA,CAAA,UAAA;;UAK9B,iBAAA,CAAA;;;EAsE2B,MAAA,EAAA;IAAA,IAAA,6BAAA,CAAA,MAAA,EAAA,MAAA,CAAA;IAAA,UAAA,EAAA,KAAA;EAYhB,CAAA;EAgBZ,IAAA,EAAA;;;;;;;;;;;;;;;;cA7FY,uBAAqB,oBAAA,CAAA,UAAA;;UAKhC,iBAAA,CAAA;;;;;;;;;;;;;;;;;;;;;;;cAKW,2BAAyB,oBAAA,CAAA,UAAA;;UAKpC,iBAAA,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;cAOW,oBAAkB,oBAAA,CAAA,UAAA;;UAM7B,iBAAA,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAKW,wBAAsB,oBAAA,CAAA,UAAA;;UAKjC,iBAAA,CAAA;;;;;;;;;;;;;;;;;;;cAKW,wBAAsB,oBAAA,CAAA,UAAA;;UAKjC,iBAAA,CAAA;;;;;;;;;;;;;;;cAOW,mBAAiB,oBAAA,CAAA,UAAA;;UAK5B,iBAAA,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAKW,kBAAgB,oBAAA,CAAA,UAAA;;UAK3B,iBAAA,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAOW;;;YAgBZ,iBAAA,CAAA"}

package/dist/events.js CHANGED Viewed

@@ -1,382 +1,380 @@
-import { ScalarTypeEnum } from "./schema/dist/ScalarTypeEnum.js";
-import { SchemaModel } from "./schema/dist/SchemaModel.js";
-import "./schema/dist/index.js";
+import { E5, x8 } from "./schema/dist/index.js";
 import { defineEvent } from "./contracts/dist/events.js";
 import "./contracts/dist/index.js";
 //#region src/events.ts
-const UserCreatedPayload = new SchemaModel({
+const UserCreatedPayload = new x8({
 	name: "UserCreatedPayload",
 	description: "Payload for user created event",
 	fields: {
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		email: {
-			type: ScalarTypeEnum.EmailAddress(),
+			type: E5.EmailAddress(),
 			isOptional: false
 		},
 		name: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: true
 		},
 		createdAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const UserUpdatedPayload = new SchemaModel({
+const UserUpdatedPayload = new x8({
 	name: "UserUpdatedPayload",
 	description: "Payload for user updated event",
 	fields: {
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		updatedFields: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false,
 			isArray: true
 		},
 		updatedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const UserDeletedPayload = new SchemaModel({
+const UserDeletedPayload = new x8({
 	name: "UserDeletedPayload",
 	description: "Payload for user deleted event",
 	fields: {
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		email: {
-			type: ScalarTypeEnum.EmailAddress(),
+			type: E5.EmailAddress(),
 			isOptional: false
 		},
 		deletedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const UserEmailVerifiedPayload = new SchemaModel({
+const UserEmailVerifiedPayload = new x8({
 	name: "UserEmailVerifiedPayload",
 	description: "Payload for user email verified event",
 	fields: {
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		email: {
-			type: ScalarTypeEnum.EmailAddress(),
+			type: E5.EmailAddress(),
 			isOptional: false
 		},
 		verifiedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgCreatedPayload = new SchemaModel({
+const OrgCreatedPayload = new x8({
 	name: "OrgCreatedPayload",
 	description: "Payload for org created event",
 	fields: {
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		name: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		slug: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: true
 		},
 		createdBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		createdAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgUpdatedPayload = new SchemaModel({
+const OrgUpdatedPayload = new x8({
 	name: "OrgUpdatedPayload",
 	description: "Payload for org updated event",
 	fields: {
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		updatedFields: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false,
 			isArray: true
 		},
 		updatedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		updatedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgDeletedPayload = new SchemaModel({
+const OrgDeletedPayload = new x8({
 	name: "OrgDeletedPayload",
 	description: "Payload for org deleted event",
 	fields: {
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		name: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		deletedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		deletedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgMemberAddedPayload = new SchemaModel({
+const OrgMemberAddedPayload = new x8({
 	name: "OrgMemberAddedPayload",
 	description: "Payload for member added event",
 	fields: {
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		role: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		invitedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: true
 		},
 		joinedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgMemberRemovedPayload = new SchemaModel({
+const OrgMemberRemovedPayload = new x8({
 	name: "OrgMemberRemovedPayload",
 	description: "Payload for member removed event",
 	fields: {
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		removedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: true
 		},
 		reason: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: true
 		},
 		removedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgMemberRoleChangedPayload = new SchemaModel({
+const OrgMemberRoleChangedPayload = new x8({
 	name: "OrgMemberRoleChangedPayload",
 	description: "Payload for member role changed event",
 	fields: {
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		previousRole: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		newRole: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		changedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		changedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgInviteSentPayload = new SchemaModel({
+const OrgInviteSentPayload = new x8({
 	name: "OrgInviteSentPayload",
 	description: "Payload for invite sent event",
 	fields: {
 		invitationId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		email: {
-			type: ScalarTypeEnum.EmailAddress(),
+			type: E5.EmailAddress(),
 			isOptional: false
 		},
 		role: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		invitedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		expiresAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: true
 		},
 		sentAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgInviteAcceptedPayload = new SchemaModel({
+const OrgInviteAcceptedPayload = new x8({
 	name: "OrgInviteAcceptedPayload",
 	description: "Payload for invite accepted event",
 	fields: {
 		invitationId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		userId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		acceptedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const OrgInviteDeclinedPayload = new SchemaModel({
+const OrgInviteDeclinedPayload = new x8({
 	name: "OrgInviteDeclinedPayload",
 	description: "Payload for invite declined event",
 	fields: {
 		invitationId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		orgId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		declinedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const RoleAssignedPayload = new SchemaModel({
+const RoleAssignedPayload = new x8({
 	name: "RoleAssignedPayload",
 	description: "Payload for role assigned event",
 	fields: {
 		bindingId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		roleId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		roleName: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		targetType: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		targetId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		assignedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		expiresAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: true
 		},
 		assignedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
 });
-const RoleRevokedPayload = new SchemaModel({
+const RoleRevokedPayload = new x8({
 	name: "RoleRevokedPayload",
 	description: "Payload for role revoked event",
 	fields: {
 		bindingId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		roleId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		roleName: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		targetType: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		targetId: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		revokedBy: {
-			type: ScalarTypeEnum.String_unsecure(),
+			type: E5.String_unsecure(),
 			isOptional: false
 		},
 		revokedAt: {
-			type: ScalarTypeEnum.DateTime(),
+			type: E5.DateTime(),
 			isOptional: false
 		}
 	}
@@ -540,4 +538,5 @@ const IdentityRbacEvents = {
 };
 //#endregion
-export { IdentityRbacEvents, OrgCreatedEvent, OrgDeletedEvent, OrgInviteAcceptedEvent, OrgInviteDeclinedEvent, OrgInviteSentEvent, OrgMemberAddedEvent, OrgMemberRemovedEvent, OrgMemberRoleChangedEvent, OrgUpdatedEvent, RoleAssignedEvent, RoleRevokedEvent, UserCreatedEvent, UserDeletedEvent, UserEmailVerifiedEvent, UserUpdatedEvent };
+export { IdentityRbacEvents, OrgCreatedEvent, OrgDeletedEvent, OrgInviteAcceptedEvent, OrgInviteDeclinedEvent, OrgInviteSentEvent, OrgMemberAddedEvent, OrgMemberRemovedEvent, OrgMemberRoleChangedEvent, OrgUpdatedEvent, RoleAssignedEvent, RoleRevokedEvent, UserCreatedEvent, UserDeletedEvent, UserEmailVerifiedEvent, UserUpdatedEvent };
+//# sourceMappingURL=events.js.map

package/dist/events.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"events.js","names":["SchemaModel","ScalarTypeEnum"],"sources":["../src/events.ts"],"sourcesContent":["import { SchemaModel, ScalarTypeEnum } from '@lssm/lib.schema';\nimport { defineEvent } from '@lssm/lib.contracts';\n\n// ============ User Event Payloads ============\n\nconst UserCreatedPayload = new SchemaModel({\n name: 'UserCreatedPayload',\n description: 'Payload for user created event',\n fields: {\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n email: { type: ScalarTypeEnum.EmailAddress(), isOptional: false },\n name: { type: ScalarTypeEnum.String_unsecure(), isOptional: true },\n createdAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst UserUpdatedPayload = new SchemaModel({\n name: 'UserUpdatedPayload',\n description: 'Payload for user updated event',\n fields: {\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n updatedFields: {\n type: ScalarTypeEnum.String_unsecure(),\n isOptional: false,\n isArray: true,\n },\n updatedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst UserDeletedPayload = new SchemaModel({\n name: 'UserDeletedPayload',\n description: 'Payload for user deleted event',\n fields: {\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n email: { type: ScalarTypeEnum.EmailAddress(), isOptional: false },\n deletedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst UserEmailVerifiedPayload = new SchemaModel({\n name: 'UserEmailVerifiedPayload',\n description: 'Payload for user email verified event',\n fields: {\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n email: { type: ScalarTypeEnum.EmailAddress(), isOptional: false },\n verifiedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\n// ============ Organization Event Payloads ============\n\nconst OrgCreatedPayload = new SchemaModel({\n name: 'OrgCreatedPayload',\n description: 'Payload for org created event',\n fields: {\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n name: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n slug: { type: ScalarTypeEnum.String_unsecure(), isOptional: true },\n createdBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n createdAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst OrgUpdatedPayload = new SchemaModel({\n name: 'OrgUpdatedPayload',\n description: 'Payload for org updated event',\n fields: {\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n updatedFields: {\n type: ScalarTypeEnum.String_unsecure(),\n isOptional: false,\n isArray: true,\n },\n updatedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n updatedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst OrgDeletedPayload = new SchemaModel({\n name: 'OrgDeletedPayload',\n description: 'Payload for org deleted event',\n fields: {\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n name: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n deletedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n deletedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\n// ============ Member Event Payloads ============\n\nconst OrgMemberAddedPayload = new SchemaModel({\n name: 'OrgMemberAddedPayload',\n description: 'Payload for member added event',\n fields: {\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n role: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n invitedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: true },\n joinedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst OrgMemberRemovedPayload = new SchemaModel({\n name: 'OrgMemberRemovedPayload',\n description: 'Payload for member removed event',\n fields: {\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n removedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: true },\n reason: { type: ScalarTypeEnum.String_unsecure(), isOptional: true }, // left | removed | banned\n removedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst OrgMemberRoleChangedPayload = new SchemaModel({\n name: 'OrgMemberRoleChangedPayload',\n description: 'Payload for member role changed event',\n fields: {\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n previousRole: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n newRole: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n changedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n changedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\n// ============ Invitation Event Payloads ============\n\nconst OrgInviteSentPayload = new SchemaModel({\n name: 'OrgInviteSentPayload',\n description: 'Payload for invite sent event',\n fields: {\n invitationId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n email: { type: ScalarTypeEnum.EmailAddress(), isOptional: false },\n role: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n invitedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n expiresAt: { type: ScalarTypeEnum.DateTime(), isOptional: true },\n sentAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst OrgInviteAcceptedPayload = new SchemaModel({\n name: 'OrgInviteAcceptedPayload',\n description: 'Payload for invite accepted event',\n fields: {\n invitationId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n userId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n acceptedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst OrgInviteDeclinedPayload = new SchemaModel({\n name: 'OrgInviteDeclinedPayload',\n description: 'Payload for invite declined event',\n fields: {\n invitationId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n orgId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n declinedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\n// ============ Role Event Payloads ============\n\nconst RoleAssignedPayload = new SchemaModel({\n name: 'RoleAssignedPayload',\n description: 'Payload for role assigned event',\n fields: {\n bindingId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n roleId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n roleName: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n targetType: { type: ScalarTypeEnum.String_unsecure(), isOptional: false }, // user | organization\n targetId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n assignedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n expiresAt: { type: ScalarTypeEnum.DateTime(), isOptional: true },\n assignedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\nconst RoleRevokedPayload = new SchemaModel({\n name: 'RoleRevokedPayload',\n description: 'Payload for role revoked event',\n fields: {\n bindingId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n roleId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n roleName: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n targetType: { type: ScalarTypeEnum.String_unsecure(), isOptional: false }, // user | organization\n targetId: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n revokedBy: { type: ScalarTypeEnum.String_unsecure(), isOptional: false },\n revokedAt: { type: ScalarTypeEnum.DateTime(), isOptional: false },\n },\n});\n\n// ============ User Events ============\n\n/**\n * Emitted when a new user is created.\n */\nexport const UserCreatedEvent = defineEvent({\n name: 'user.created',\n version: 1,\n description: 'A new user has been created.',\n payload: UserCreatedPayload,\n});\n\n/**\n * Emitted when a user profile is updated.\n */\nexport const UserUpdatedEvent = defineEvent({\n name: 'user.updated',\n version: 1,\n description: 'A user profile has been updated.',\n payload: UserUpdatedPayload,\n});\n\n/**\n * Emitted when a user is deleted.\n */\nexport const UserDeletedEvent = defineEvent({\n name: 'user.deleted',\n version: 1,\n description: 'A user account has been deleted.',\n pii: ['email'],\n payload: UserDeletedPayload,\n});\n\n/**\n * Emitted when a user's email is verified.\n */\nexport const UserEmailVerifiedEvent = defineEvent({\n name: 'user.email_verified',\n version: 1,\n description: 'A user has verified their email address.',\n payload: UserEmailVerifiedPayload,\n});\n\n// ============ Organization Events ============\n\n/**\n * Emitted when a new organization is created.\n */\nexport const OrgCreatedEvent = defineEvent({\n name: 'org.created',\n version: 1,\n description: 'A new organization has been created.',\n payload: OrgCreatedPayload,\n});\n\n/**\n * Emitted when an organization is updated.\n */\nexport const OrgUpdatedEvent = defineEvent({\n name: 'org.updated',\n version: 1,\n description: 'An organization has been updated.',\n payload: OrgUpdatedPayload,\n});\n\n/**\n * Emitted when an organization is deleted.\n */\nexport const OrgDeletedEvent = defineEvent({\n name: 'org.deleted',\n version: 1,\n description: 'An organization has been deleted.',\n payload: OrgDeletedPayload,\n});\n\n// ============ Member Events ============\n\n/**\n * Emitted when a member joins an organization.\n */\nexport const OrgMemberAddedEvent = defineEvent({\n name: 'org.member.added',\n version: 1,\n description: 'A user has joined an organization.',\n payload: OrgMemberAddedPayload,\n});\n\n/**\n * Emitted when a member leaves or is removed from an organization.\n */\nexport const OrgMemberRemovedEvent = defineEvent({\n name: 'org.member.removed',\n version: 1,\n description: 'A user has left or been removed from an organization.',\n payload: OrgMemberRemovedPayload,\n});\n\n/**\n * Emitted when a member's role is changed.\n */\nexport const OrgMemberRoleChangedEvent = defineEvent({\n name: 'org.member.role_changed',\n version: 1,\n description: \"A member's role in an organization has changed.\",\n payload: OrgMemberRoleChangedPayload,\n});\n\n// ============ Invitation Events ============\n\n/**\n * Emitted when an invitation is sent.\n */\nexport const OrgInviteSentEvent = defineEvent({\n name: 'org.invite.sent',\n version: 1,\n description: 'An invitation to join an organization has been sent.',\n pii: ['email'],\n payload: OrgInviteSentPayload,\n});\n\n/**\n * Emitted when an invitation is accepted.\n */\nexport const OrgInviteAcceptedEvent = defineEvent({\n name: 'org.invite.accepted',\n version: 1,\n description: 'An invitation has been accepted.',\n payload: OrgInviteAcceptedPayload,\n});\n\n/**\n * Emitted when an invitation is declined.\n */\nexport const OrgInviteDeclinedEvent = defineEvent({\n name: 'org.invite.declined',\n version: 1,\n description: 'An invitation has been declined.',\n payload: OrgInviteDeclinedPayload,\n});\n\n// ============ Role Events ============\n\n/**\n * Emitted when a role is assigned to a user or organization.\n */\nexport const RoleAssignedEvent = defineEvent({\n name: 'role.assigned',\n version: 1,\n description: 'A role has been assigned.',\n payload: RoleAssignedPayload,\n});\n\n/**\n * Emitted when a role is revoked from a user or organization.\n */\nexport const RoleRevokedEvent = defineEvent({\n name: 'role.revoked',\n version: 1,\n description: 'A role has been revoked.',\n payload: RoleRevokedPayload,\n});\n\n// ============ All Events ============\n\n/**\n * All identity-rbac events.\n */\nexport const IdentityRbacEvents = {\n UserCreatedEvent,\n UserUpdatedEvent,\n UserDeletedEvent,\n UserEmailVerifiedEvent,\n OrgCreatedEvent,\n OrgUpdatedEvent,\n OrgDeletedEvent,\n OrgMemberAddedEvent,\n OrgMemberRemovedEvent,\n OrgMemberRoleChangedEvent,\n OrgInviteSentEvent,\n OrgInviteAcceptedEvent,\n OrgInviteDeclinedEvent,\n RoleAssignedEvent,\n RoleRevokedEvent,\n};\n"],"mappings":";;;;;AAKA,MAAM,qBAAqB,IAAIA,GAAY;CACzC,MAAM;CACN,aAAa;CACb,QAAQ;EACN,QAAQ;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,OAAO;GAAE,MAAMA,GAAe,cAAc;GAAE,YAAY;GAAO;EACjE,MAAM;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAM;EAClE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAEF,MAAM,qBAAqB,IAAID,GAAY;CACzC,MAAM;CACN,aAAa;CACb,QAAQ;EACN,QAAQ;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,eAAe;GACb,MAAMA,GAAe,iBAAiB;GACtC,YAAY;GACZ,SAAS;GACV;EACD,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAEF,MAAM,qBAAqB,IAAID,GAAY;CACzC,MAAM;CACN,aAAa;CACb,QAAQ;EACN,QAAQ;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,OAAO;GAAE,MAAMA,GAAe,cAAc;GAAE,YAAY;GAAO;EACjE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAEF,MAAM,2BAA2B,IAAID,GAAY;CAC/C,MAAM;CACN,aAAa;CACb,QAAQ;EACN,QAAQ;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,OAAO;GAAE,MAAMA,GAAe,cAAc;GAAE,YAAY;GAAO;EACjE,YAAY;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EACnE;CACF,CAAC;AAIF,MAAM,oBAAoB,IAAID,GAAY;CACxC,MAAM;CACN,aAAa;CACb,QAAQ;EACN,OAAO;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,MAAM;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACnE,MAAM;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAM;EAClE,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAEF,MAAM,oBAAoB,IAAID,GAAY;CACxC,MAAM;CACN,aAAa;CACb,QAAQ;EACN,OAAO;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,eAAe;GACb,MAAMA,GAAe,iBAAiB;GACtC,YAAY;GACZ,SAAS;GACV;EACD,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAEF,MAAM,oBAAoB,IAAID,GAAY;CACxC,MAAM;CACN,aAAa;CACb,QAAQ;EACN,OAAO;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,MAAM;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACnE,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAIF,MAAM,wBAAwB,IAAID,GAAY;CAC5C,MAAM;CACN,aAAa;CACb,QAAQ;EACN,OAAO;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,QAAQ;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,MAAM;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACnE,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAM;EACvE,UAAU;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EACjE;CACF,CAAC;AAEF,MAAM,0BAA0B,IAAID,GAAY;CAC9C,MAAM;CACN,aAAa;CACb,QAAQ;EACN,OAAO;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,QAAQ;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAM;EACvE,QAAQ;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAM;EACpE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAEF,MAAM,8BAA8B,IAAID,GAAY;CAClD,MAAM;CACN,aAAa;CACb,QAAQ;EACN,OAAO;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,QAAQ;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,cAAc;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EAC3E,SAAS;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACtE,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;AAIF,MAAM,uBAAuB,IAAID,GAAY;CAC3C,MAAM;CACN,aAAa;CACb,QAAQ;EACN,cAAc;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EAC3E,OAAO;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,OAAO;GAAE,MAAMA,GAAe,cAAc;GAAE,YAAY;GAAO;EACjE,MAAM;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACnE,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAM;EAChE,QAAQ;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAC/D;CACF,CAAC;AAEF,MAAM,2BAA2B,IAAID,GAAY;CAC/C,MAAM;CACN,aAAa;CACb,QAAQ;EACN,cAAc;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EAC3E,OAAO;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,QAAQ;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,YAAY;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EACnE;CACF,CAAC;AAEF,MAAM,2BAA2B,IAAID,GAAY;CAC/C,MAAM;CACN,aAAa;CACb,QAAQ;EACN,cAAc;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EAC3E,OAAO;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACpE,YAAY;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EACnE;CACF,CAAC;AAIF,MAAM,sBAAsB,IAAID,GAAY;CAC1C,MAAM;CACN,aAAa;CACb,QAAQ;EACN,WAAW;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,QAAQ;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,UAAU;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACvE,YAAY;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACzE,UAAU;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACvE,YAAY;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACzE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAM;EAChE,YAAY;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EACnE;CACF,CAAC;AAEF,MAAM,qBAAqB,IAAID,GAAY;CACzC,MAAM;CACN,aAAa;CACb,QAAQ;EACN,WAAW;GAAE,MAAMC,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,QAAQ;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACrE,UAAU;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACvE,YAAY;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACzE,UAAU;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACvE,WAAW;GAAE,MAAMA,GAAe,iBAAiB;GAAE,YAAY;GAAO;EACxE,WAAW;GAAE,MAAMA,GAAe,UAAU;GAAE,YAAY;GAAO;EAClE;CACF,CAAC;;;;AAOF,MAAa,mBAAmB,YAAY;CAC1C,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,mBAAmB,YAAY;CAC1C,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,mBAAmB,YAAY;CAC1C,MAAM;CACN,SAAS;CACT,aAAa;CACb,KAAK,CAAC,QAAQ;CACd,SAAS;CACV,CAAC;;;;AAKF,MAAa,yBAAyB,YAAY;CAChD,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAOF,MAAa,kBAAkB,YAAY;CACzC,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,kBAAkB,YAAY;CACzC,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,kBAAkB,YAAY;CACzC,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAOF,MAAa,sBAAsB,YAAY;CAC7C,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,wBAAwB,YAAY;CAC/C,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,4BAA4B,YAAY;CACnD,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAOF,MAAa,qBAAqB,YAAY;CAC5C,MAAM;CACN,SAAS;CACT,aAAa;CACb,KAAK,CAAC,QAAQ;CACd,SAAS;CACV,CAAC;;;;AAKF,MAAa,yBAAyB,YAAY;CAChD,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,yBAAyB,YAAY;CAChD,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAOF,MAAa,oBAAoB,YAAY;CAC3C,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAKF,MAAa,mBAAmB,YAAY;CAC1C,MAAM;CACN,SAAS;CACT,aAAa;CACb,SAAS;CACV,CAAC;;;;AAOF,MAAa,qBAAqB;CAChC;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD"}

package/dist/identity-rbac.feature.d.ts CHANGED Viewed

@@ -8,4 +8,5 @@ import { FeatureModuleSpec } from "@lssm/lib.contracts";
  */
 declare const IdentityRbacFeature: FeatureModuleSpec;
 //#endregion
-export { IdentityRbacFeature };
+export { IdentityRbacFeature };
+//# sourceMappingURL=identity-rbac.feature.d.ts.map

package/dist/identity-rbac.feature.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"identity-rbac.feature.d.ts","names":[],"sources":["../src/identity-rbac.feature.ts"],"sourcesContent":[],"mappings":";;;;;;;;cAWa,qBAAqB"}

package/dist/identity-rbac.feature.js CHANGED Viewed

@@ -183,4 +183,5 @@ const IdentityRbacFeature = {
 };
 //#endregion
-export { IdentityRbacFeature };
+export { IdentityRbacFeature };
+//# sourceMappingURL=identity-rbac.feature.js.map

package/dist/identity-rbac.feature.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"identity-rbac.feature.js","names":["IdentityRbacFeature: FeatureModuleSpec"],"sources":["../src/identity-rbac.feature.ts"],"sourcesContent":["/**\n * Identity RBAC Feature Module Specification\n *\n * Defines the feature module for identity management and role-based access control.\n */\nimport type { FeatureModuleSpec } from '@lssm/lib.contracts';\n\n/**\n * Identity RBAC feature module that bundles user, organization,\n * and role-based access control capabilities.\n */\nexport const IdentityRbacFeature: FeatureModuleSpec = {\n meta: {\n key: 'identity-rbac',\n title: 'Identity & RBAC',\n description:\n 'User identity, organization management, and role-based access control',\n domain: 'platform',\n owners: ['@platform.identity-rbac'],\n tags: ['identity', 'rbac', 'users', 'organizations', 'permissions'],\n stability: 'stable',\n },\n\n // All contract operations included in this feature\n operations: [\n // User operations\n { name: 'identity.user.create', version: 1 },\n { name: 'identity.user.update', version: 1 },\n { name: 'identity.user.delete', version: 1 },\n { name: 'identity.user.me', version: 1 },\n { name: 'identity.user.list', version: 1 },\n\n // Organization operations\n { name: 'identity.org.create', version: 1 },\n { name: 'identity.org.update', version: 1 },\n { name: 'identity.org.get', version: 1 },\n { name: 'identity.org.list', version: 1 },\n { name: 'identity.org.invite', version: 1 },\n { name: 'identity.org.invite.accept', version: 1 },\n { name: 'identity.org.member.remove', version: 1 },\n { name: 'identity.org.members.list', version: 1 },\n\n // RBAC operations\n { name: 'identity.rbac.role.create', version: 1 },\n { name: 'identity.rbac.role.update', version: 1 },\n { name: 'identity.rbac.role.delete', version: 1 },\n { name: 'identity.rbac.role.list', version: 1 },\n { name: 'identity.rbac.assign', version: 1 },\n { name: 'identity.rbac.revoke', version: 1 },\n { name: 'identity.rbac.check', version: 1 },\n { name: 'identity.rbac.permissions', version: 1 },\n ],\n\n // Events emitted by this feature\n events: [\n // User events\n { name: 'user.created', version: 1 },\n { name: 'user.updated', version: 1 },\n { name: 'user.deleted', version: 1 },\n { name: 'user.email_verified', version: 1 },\n\n // Organization events\n { name: 'org.created', version: 1 },\n { name: 'org.updated', version: 1 },\n { name: 'org.deleted', version: 1 },\n { name: 'org.member.added', version: 1 },\n { name: 'org.member.removed', version: 1 },\n { name: 'org.member.role_changed', version: 1 },\n\n // Invitation events\n { name: 'org.invite.sent', version: 1 },\n { name: 'org.invite.accepted', version: 1 },\n { name: 'org.invite.declined', version: 1 },\n\n // Role events\n { name: 'role.assigned', version: 1 },\n { name: 'role.revoked', version: 1 },\n ],\n\n // No presentations for this library feature\n presentations: [],\n opToPresentation: [],\n presentationsTargets: [],\n\n // Capability definitions\n capabilities: {\n provides: [\n { key: 'identity', version: 1 },\n { key: 'rbac', version: 1 },\n ],\n requires: [],\n },\n};\n"],"mappings":";;;;;AAWA,MAAaA,sBAAyC;CACpD,MAAM;EACJ,KAAK;EACL,OAAO;EACP,aACE;EACF,QAAQ;EACR,QAAQ,CAAC,0BAA0B;EACnC,MAAM;GAAC;GAAY;GAAQ;GAAS;GAAiB;GAAc;EACnE,WAAW;EACZ;CAGD,YAAY;EAEV;GAAE,MAAM;GAAwB,SAAS;GAAG;EAC5C;GAAE,MAAM;GAAwB,SAAS;GAAG;EAC5C;GAAE,MAAM;GAAwB,SAAS;GAAG;EAC5C;GAAE,MAAM;GAAoB,SAAS;GAAG;EACxC;GAAE,MAAM;GAAsB,SAAS;GAAG;EAG1C;GAAE,MAAM;GAAuB,SAAS;GAAG;EAC3C;GAAE,MAAM;GAAuB,SAAS;GAAG;EAC3C;GAAE,MAAM;GAAoB,SAAS;GAAG;EACxC;GAAE,MAAM;GAAqB,SAAS;GAAG;EACzC;GAAE,MAAM;GAAuB,SAAS;GAAG;EAC3C;GAAE,MAAM;GAA8B,SAAS;GAAG;EAClD;GAAE,MAAM;GAA8B,SAAS;GAAG;EAClD;GAAE,MAAM;GAA6B,SAAS;GAAG;EAGjD;GAAE,MAAM;GAA6B,SAAS;GAAG;EACjD;GAAE,MAAM;GAA6B,SAAS;GAAG;EACjD;GAAE,MAAM;GAA6B,SAAS;GAAG;EACjD;GAAE,MAAM;GAA2B,SAAS;GAAG;EAC/C;GAAE,MAAM;GAAwB,SAAS;GAAG;EAC5C;GAAE,MAAM;GAAwB,SAAS;GAAG;EAC5C;GAAE,MAAM;GAAuB,SAAS;GAAG;EAC3C;GAAE,MAAM;GAA6B,SAAS;GAAG;EAClD;CAGD,QAAQ;EAEN;GAAE,MAAM;GAAgB,SAAS;GAAG;EACpC;GAAE,MAAM;GAAgB,SAAS;GAAG;EACpC;GAAE,MAAM;GAAgB,SAAS;GAAG;EACpC;GAAE,MAAM;GAAuB,SAAS;GAAG;EAG3C;GAAE,MAAM;GAAe,SAAS;GAAG;EACnC;GAAE,MAAM;GAAe,SAAS;GAAG;EACnC;GAAE,MAAM;GAAe,SAAS;GAAG;EACnC;GAAE,MAAM;GAAoB,SAAS;GAAG;EACxC;GAAE,MAAM;GAAsB,SAAS;GAAG;EAC1C;GAAE,MAAM;GAA2B,SAAS;GAAG;EAG/C;GAAE,MAAM;GAAmB,SAAS;GAAG;EACvC;GAAE,MAAM;GAAuB,SAAS;GAAG;EAC3C;GAAE,MAAM;GAAuB,SAAS;GAAG;EAG3C;GAAE,MAAM;GAAiB,SAAS;GAAG;EACrC;GAAE,MAAM;GAAgB,SAAS;GAAG;EACrC;CAGD,eAAe,EAAE;CACjB,kBAAkB,EAAE;CACpB,sBAAsB,EAAE;CAGxB,cAAc;EACZ,UAAU,CACR;GAAE,KAAK;GAAY,SAAS;GAAG,EAC/B;GAAE,KAAK;GAAQ,SAAS;GAAG,CAC5B;EACD,UAAU,EAAE;EACb;CACF"}

package/dist/policies/engine.d.ts CHANGED Viewed

@@ -129,4 +129,5 @@ declare class RBACPolicyEngine {
  */
 declare function createRBACEngine(): RBACPolicyEngine;
 //#endregion
-export { Permission, PermissionCheckInput, PermissionCheckResult, PermissionKey, PolicyBindingForEval, RBACPolicyEngine, RoleWithPermissions, StandardRole, createRBACEngine };
+export { Permission, PermissionCheckInput, PermissionCheckResult, PermissionKey, PolicyBindingForEval, RBACPolicyEngine, RoleWithPermissions, StandardRole, createRBACEngine };
+//# sourceMappingURL=engine.d.ts.map

package/dist/policies/engine.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"engine.d.ts","names":[],"sources":["../../src/policies/engine.ts"],"sourcesContent":[],"mappings":";;AAGA;AAoDA;AAKa,cAzDA,UA6GH,EAAA;EAKO,SAAA,WAAA,EAAA,aAGH;EAMG,SAAA,SAAA,EAAA,WAAqB;EASrB,SAAA,WAAA,EAAmB,aAAA;EASnB,SAAA,WAAA,EAAA,aAET;EASK,SAAA,SAAA,EAAgB,WAAA;EAQlB,SAAA,WAAA,EAAA,aAAA;EACG,SAAA,UAAA,EAAA,YAAA;EACD,SAAA,QAAA,EAAA,UAAA;EAAR,SAAA,UAAA,EAAA,YAAA;EAmDS,SAAA,UAAA,EAAA,YAAA;EAEG,SAAA,QAAA,EAAA,UAAA;EACN,SAAA,aAAA,EAAA,eAAA;EAFN,SAAA,aAAA,EAAA,eAAA;EA4CS,SAAA,kBAAA,EAAA,oBAAA;EACT,SAAA,WAAA,EAAA,aAAA;EAiBS,SAAA,cAAA,EAAA,oBAAA;EACT,SAAA,WAAA,EAAA,aAAA;EAAO,SAAA,WAAA,EAAA,aAAA;EAcI,SAAA,WAAgB,EAAA,aAAI;;;;;;;;;;;;;;;;;KA/OxB,aAAA,WAAwB,yBAAyB;;;;cAKhD;;;;;;;;;;;;;;;;;;;;;;;;;UAyDI,oBAAA;;;cAGH;;;;;UAMG,qBAAA;;;;;;;;UASA,mBAAA;;;;;;;;UASA,oBAAA;;QAET;;;cAGM;;;;;cAMD,gBAAA;;;;;;yBAQF,gCACG,yBACT,QAAQ;;;;sEAmDC,yBACT;iBACY;WACN;;;;;+FA0CG,yBACT;;;;gGAiBS,yBACT;;;;;iBAcW,gBAAA,CAAA,GAAoB"}

package/dist/policies/engine.js CHANGED Viewed

@@ -164,4 +164,5 @@ function createRBACEngine() {
 }
 //#endregion
-export { Permission, RBACPolicyEngine, StandardRole, createRBACEngine };
+export { Permission, RBACPolicyEngine, StandardRole, createRBACEngine };
+//# sourceMappingURL=engine.js.map

package/dist/policies/engine.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"engine.js","names":["roles: RoleWithPermissions[]"],"sources":["../../src/policies/engine.ts"],"sourcesContent":["/**\n * Standard permissions for identity-rbac module.\n */\nexport const Permission = {\n // User permissions\n USER_CREATE: 'user.create',\n USER_READ: 'user.read',\n USER_UPDATE: 'user.update',\n USER_DELETE: 'user.delete',\n USER_LIST: 'user.list',\n USER_MANAGE: 'user.manage',\n\n // Organization permissions\n ORG_CREATE: 'org.create',\n ORG_READ: 'org.read',\n ORG_UPDATE: 'org.update',\n ORG_DELETE: 'org.delete',\n ORG_LIST: 'org.list',\n\n // Member permissions\n MEMBER_INVITE: 'member.invite',\n MEMBER_REMOVE: 'member.remove',\n MEMBER_UPDATE_ROLE: 'member.update_role',\n MEMBER_LIST: 'member.list',\n MANAGE_MEMBERS: 'org.manage_members',\n\n // Team permissions\n TEAM_CREATE: 'team.create',\n TEAM_UPDATE: 'team.update',\n TEAM_DELETE: 'team.delete',\n TEAM_MANAGE: 'team.manage',\n\n // Role permissions\n ROLE_CREATE: 'role.create',\n ROLE_UPDATE: 'role.update',\n ROLE_DELETE: 'role.delete',\n ROLE_ASSIGN: 'role.assign',\n ROLE_REVOKE: 'role.revoke',\n\n // Billing permissions\n BILLING_VIEW: 'billing.view',\n BILLING_MANAGE: 'billing.manage',\n\n // Project permissions\n PROJECT_CREATE: 'project.create',\n PROJECT_READ: 'project.read',\n PROJECT_UPDATE: 'project.update',\n PROJECT_DELETE: 'project.delete',\n PROJECT_MANAGE: 'project.manage',\n\n // Admin permissions\n ADMIN_ACCESS: 'admin.access',\n ADMIN_IMPERSONATE: 'admin.impersonate',\n} as const;\n\nexport type PermissionKey = (typeof Permission)[keyof typeof Permission];\n\n/**\n * Standard role definitions.\n */\nexport const StandardRole = {\n OWNER: {\n name: 'owner',\n description: 'Organization owner with full access',\n permissions: Object.values(Permission),\n },\n ADMIN: {\n name: 'admin',\n description: 'Administrator with most permissions',\n permissions: [\n Permission.USER_READ,\n Permission.USER_LIST,\n Permission.ORG_READ,\n Permission.ORG_UPDATE,\n Permission.MEMBER_INVITE,\n Permission.MEMBER_REMOVE,\n Permission.MEMBER_UPDATE_ROLE,\n Permission.MEMBER_LIST,\n Permission.MANAGE_MEMBERS,\n Permission.TEAM_CREATE,\n Permission.TEAM_UPDATE,\n Permission.TEAM_DELETE,\n Permission.TEAM_MANAGE,\n Permission.PROJECT_CREATE,\n Permission.PROJECT_READ,\n Permission.PROJECT_UPDATE,\n Permission.PROJECT_DELETE,\n Permission.PROJECT_MANAGE,\n Permission.BILLING_VIEW,\n ],\n },\n MEMBER: {\n name: 'member',\n description: 'Regular organization member',\n permissions: [\n Permission.USER_READ,\n Permission.ORG_READ,\n Permission.MEMBER_LIST,\n Permission.PROJECT_READ,\n Permission.PROJECT_CREATE,\n ],\n },\n VIEWER: {\n name: 'viewer',\n description: 'Read-only access',\n permissions: [\n Permission.USER_READ,\n Permission.ORG_READ,\n Permission.MEMBER_LIST,\n Permission.PROJECT_READ,\n ],\n },\n} as const;\n\n/**\n * Permission check input.\n */\nexport interface PermissionCheckInput {\n userId: string;\n orgId?: string;\n permission: PermissionKey | string;\n}\n\n/**\n * Permission check result.\n */\nexport interface PermissionCheckResult {\n allowed: boolean;\n reason?: string;\n matchedRole?: string;\n}\n\n/**\n * Role with permissions.\n */\nexport interface RoleWithPermissions {\n id: string;\n name: string;\n permissions: string[];\n}\n\n/**\n * Policy binding for permission evaluation.\n */\nexport interface PolicyBindingForEval {\n roleId: string;\n role: RoleWithPermissions;\n targetType: 'user' | 'organization';\n targetId: string;\n expiresAt?: Date | null;\n}\n\n/**\n * RBAC Policy Engine for permission checks.\n */\nexport class RBACPolicyEngine {\n private roleCache = new Map<string, RoleWithPermissions>();\n private bindingCache = new Map<string, PolicyBindingForEval[]>();\n\n /**\n * Check if a user has a specific permission.\n */\n async checkPermission(\n input: PermissionCheckInput,\n bindings: PolicyBindingForEval[]\n ): Promise<PermissionCheckResult> {\n const { userId, orgId, permission } = input;\n const now = new Date();\n\n // Get all applicable bindings\n const userBindings = bindings.filter(\n (b) => b.targetType === 'user' && b.targetId === userId\n );\n\n const orgBindings = orgId\n ? bindings.filter(\n (b) => b.targetType === 'organization' && b.targetId === orgId\n )\n : [];\n\n const allBindings = [...userBindings, ...orgBindings];\n\n // Filter out expired bindings\n const activeBindings = allBindings.filter(\n (b) => !b.expiresAt || b.expiresAt > now\n );\n\n if (activeBindings.length === 0) {\n return {\n allowed: false,\n reason: 'No active role bindings found',\n };\n }\n\n // Check if any role grants the permission\n for (const binding of activeBindings) {\n if (binding.role.permissions.includes(permission)) {\n return {\n allowed: true,\n matchedRole: binding.role.name,\n };\n }\n }\n\n return {\n allowed: false,\n reason: `No role grants the \"${permission}\" permission`,\n };\n }\n\n /**\n * Get all permissions for a user in a context.\n */\n async getPermissions(\n userId: string,\n orgId: string | undefined,\n bindings: PolicyBindingForEval[]\n ): Promise<{\n permissions: Set<string>;\n roles: RoleWithPermissions[];\n }> {\n const now = new Date();\n\n // Get all applicable bindings\n const userBindings = bindings.filter(\n (b) => b.targetType === 'user' && b.targetId === userId\n );\n\n const orgBindings = orgId\n ? bindings.filter(\n (b) => b.targetType === 'organization' && b.targetId === orgId\n )\n : [];\n\n const allBindings = [...userBindings, ...orgBindings];\n\n // Filter out expired bindings\n const activeBindings = allBindings.filter(\n (b) => !b.expiresAt || b.expiresAt > now\n );\n\n const permissions = new Set<string>();\n const roles: RoleWithPermissions[] = [];\n\n for (const binding of activeBindings) {\n roles.push(binding.role);\n for (const perm of binding.role.permissions) {\n permissions.add(perm);\n }\n }\n\n return { permissions, roles };\n }\n\n /**\n * Check if user has any of the specified permissions.\n */\n async hasAnyPermission(\n userId: string,\n orgId: string | undefined,\n permissions: string[],\n bindings: PolicyBindingForEval[]\n ): Promise<boolean> {\n const { permissions: userPerms } = await this.getPermissions(\n userId,\n orgId,\n bindings\n );\n\n return permissions.some((p) => userPerms.has(p));\n }\n\n /**\n * Check if user has all of the specified permissions.\n */\n async hasAllPermissions(\n userId: string,\n orgId: string | undefined,\n permissions: string[],\n bindings: PolicyBindingForEval[]\n ): Promise<boolean> {\n const { permissions: userPerms } = await this.getPermissions(\n userId,\n orgId,\n bindings\n );\n\n return permissions.every((p) => userPerms.has(p));\n }\n}\n\n/**\n * Create a new RBAC policy engine instance.\n */\nexport function createRBACEngine(): RBACPolicyEngine {\n return new RBACPolicyEngine();\n}\n"],"mappings":";;;;AAGA,MAAa,aAAa;CAExB,aAAa;CACb,WAAW;CACX,aAAa;CACb,aAAa;CACb,WAAW;CACX,aAAa;CAGb,YAAY;CACZ,UAAU;CACV,YAAY;CACZ,YAAY;CACZ,UAAU;CAGV,eAAe;CACf,eAAe;CACf,oBAAoB;CACpB,aAAa;CACb,gBAAgB;CAGhB,aAAa;CACb,aAAa;CACb,aAAa;CACb,aAAa;CAGb,aAAa;CACb,aAAa;CACb,aAAa;CACb,aAAa;CACb,aAAa;CAGb,cAAc;CACd,gBAAgB;CAGhB,gBAAgB;CAChB,cAAc;CACd,gBAAgB;CAChB,gBAAgB;CAChB,gBAAgB;CAGhB,cAAc;CACd,mBAAmB;CACpB;;;;AAOD,MAAa,eAAe;CAC1B,OAAO;EACL,MAAM;EACN,aAAa;EACb,aAAa,OAAO,OAAO,WAAW;EACvC;CACD,OAAO;EACL,MAAM;EACN,aAAa;EACb,aAAa;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACZ;EACF;CACD,QAAQ;EACN,MAAM;EACN,aAAa;EACb,aAAa;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACZ;EACF;CACD,QAAQ;EACN,MAAM;EACN,aAAa;EACb,aAAa;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACX,WAAW;GACZ;EACF;CACF;;;;AA2CD,IAAa,mBAAb,MAA8B;CAC5B,AAAQ,4BAAY,IAAI,KAAkC;CAC1D,AAAQ,+BAAe,IAAI,KAAqC;;;;CAKhE,MAAM,gBACJ,OACA,UACgC;EAChC,MAAM,EAAE,QAAQ,OAAO,eAAe;EACtC,MAAM,sBAAM,IAAI,MAAM;EAGtB,MAAM,eAAe,SAAS,QAC3B,MAAM,EAAE,eAAe,UAAU,EAAE,aAAa,OAClD;EAED,MAAM,cAAc,QAChB,SAAS,QACN,MAAM,EAAE,eAAe,kBAAkB,EAAE,aAAa,MAC1D,GACD,EAAE;EAKN,MAAM,iBAHc,CAAC,GAAG,cAAc,GAAG,YAAY,CAGlB,QAChC,MAAM,CAAC,EAAE,aAAa,EAAE,YAAY,IACtC;AAED,MAAI,eAAe,WAAW,EAC5B,QAAO;GACL,SAAS;GACT,QAAQ;GACT;AAIH,OAAK,MAAM,WAAW,eACpB,KAAI,QAAQ,KAAK,YAAY,SAAS,WAAW,CAC/C,QAAO;GACL,SAAS;GACT,aAAa,QAAQ,KAAK;GAC3B;AAIL,SAAO;GACL,SAAS;GACT,QAAQ,uBAAuB,WAAW;GAC3C;;;;;CAMH,MAAM,eACJ,QACA,OACA,UAIC;EACD,MAAM,sBAAM,IAAI,MAAM;EAGtB,MAAM,eAAe,SAAS,QAC3B,MAAM,EAAE,eAAe,UAAU,EAAE,aAAa,OAClD;EAED,MAAM,cAAc,QAChB,SAAS,QACN,MAAM,EAAE,eAAe,kBAAkB,EAAE,aAAa,MAC1D,GACD,EAAE;EAKN,MAAM,iBAHc,CAAC,GAAG,cAAc,GAAG,YAAY,CAGlB,QAChC,MAAM,CAAC,EAAE,aAAa,EAAE,YAAY,IACtC;EAED,MAAM,8BAAc,IAAI,KAAa;EACrC,MAAMA,QAA+B,EAAE;AAEvC,OAAK,MAAM,WAAW,gBAAgB;AACpC,SAAM,KAAK,QAAQ,KAAK;AACxB,QAAK,MAAM,QAAQ,QAAQ,KAAK,YAC9B,aAAY,IAAI,KAAK;;AAIzB,SAAO;GAAE;GAAa;GAAO;;;;;CAM/B,MAAM,iBACJ,QACA,OACA,aACA,UACkB;EAClB,MAAM,EAAE,aAAa,cAAc,MAAM,KAAK,eAC5C,QACA,OACA,SACD;AAED,SAAO,YAAY,MAAM,MAAM,UAAU,IAAI,EAAE,CAAC;;;;;CAMlD,MAAM,kBACJ,QACA,OACA,aACA,UACkB;EAClB,MAAM,EAAE,aAAa,cAAc,MAAM,KAAK,eAC5C,QACA,OACA,SACD;AAED,SAAO,YAAY,OAAO,MAAM,UAAU,IAAI,EAAE,CAAC;;;;;;AAOrD,SAAgB,mBAAqC;AACnD,QAAO,IAAI,kBAAkB"}