@lucern/contracts 0.3.0-alpha.16 → 0.3.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (316) hide show
  1. package/CHANGELOG.md +0 -7
  2. package/dist/api-enums.contract.d.ts +3 -5
  3. package/dist/api-enums.contract.js +12 -14
  4. package/dist/api-enums.contract.js.map +1 -1
  5. package/dist/auth-context.contract.js +1 -13
  6. package/dist/auth-context.contract.js.map +1 -1
  7. package/dist/auth-session.contract.js +1 -13
  8. package/dist/auth-session.contract.js.map +1 -1
  9. package/dist/auth.contract.d.ts +1 -1
  10. package/dist/auth.contract.js +1 -13
  11. package/dist/auth.contract.js.map +1 -1
  12. package/dist/context-pack.contract.d.ts +3 -5
  13. package/dist/context-pack.contract.js.map +1 -1
  14. package/dist/{defineTable-t1wr5wgn.d.ts → defineTable-CBQ03FXl.d.ts} +1 -1
  15. package/dist/{dsl-DVPthQGY.d.ts → dsl-BgpoVOVQ.d.ts} +2 -2
  16. package/dist/dsl.d.ts +2 -2
  17. package/dist/dsl.js +4 -1
  18. package/dist/dsl.js.map +1 -1
  19. package/dist/function-registry/beliefs.d.ts +51 -64
  20. package/dist/function-registry/beliefs.js +55 -815
  21. package/dist/function-registry/beliefs.js.map +1 -1
  22. package/dist/function-registry/coding.d.ts +6 -15
  23. package/dist/function-registry/coding.js +41 -864
  24. package/dist/function-registry/coding.js.map +1 -1
  25. package/dist/function-registry/context.d.ts +16 -22
  26. package/dist/function-registry/context.js +44 -803
  27. package/dist/function-registry/context.js.map +1 -1
  28. package/dist/function-registry/contracts.d.ts +3 -9
  29. package/dist/function-registry/contracts.js +37 -768
  30. package/dist/function-registry/contracts.js.map +1 -1
  31. package/dist/function-registry/coordination.d.ts +9 -21
  32. package/dist/function-registry/coordination.js +37 -768
  33. package/dist/function-registry/coordination.js.map +1 -1
  34. package/dist/function-registry/edges.d.ts +2 -167
  35. package/dist/function-registry/edges.js +69 -976
  36. package/dist/function-registry/edges.js.map +1 -1
  37. package/dist/function-registry/evidence.d.ts +41 -52
  38. package/dist/function-registry/evidence.js +60 -824
  39. package/dist/function-registry/evidence.js.map +1 -1
  40. package/dist/function-registry/graph.d.ts +66 -162
  41. package/dist/function-registry/graph.js +44 -884
  42. package/dist/function-registry/graph.js.map +1 -1
  43. package/dist/function-registry/helpers.d.ts +4 -7
  44. package/dist/function-registry/helpers.js +38 -769
  45. package/dist/function-registry/helpers.js.map +1 -1
  46. package/dist/function-registry/identity.d.ts +16 -62
  47. package/dist/function-registry/identity.js +43 -791
  48. package/dist/function-registry/identity.js.map +1 -1
  49. package/dist/function-registry/index.d.ts +3 -5
  50. package/dist/function-registry/index.js +41 -775
  51. package/dist/function-registry/index.js.map +1 -1
  52. package/dist/function-registry/judgments.d.ts +11 -16
  53. package/dist/function-registry/judgments.js +40 -780
  54. package/dist/function-registry/judgments.js.map +1 -1
  55. package/dist/function-registry/legacy.d.ts +1 -5
  56. package/dist/function-registry/legacy.js +37 -768
  57. package/dist/function-registry/legacy.js.map +1 -1
  58. package/dist/function-registry/lenses.d.ts +21 -28
  59. package/dist/function-registry/lenses.js +40 -791
  60. package/dist/function-registry/lenses.js.map +1 -1
  61. package/dist/function-registry/manifest.d.ts +6 -6
  62. package/dist/function-registry/manifest.js +2 -19
  63. package/dist/function-registry/manifest.js.map +1 -1
  64. package/dist/function-registry/ontologies.d.ts +56 -70
  65. package/dist/function-registry/ontologies.js +43 -786
  66. package/dist/function-registry/ontologies.js.map +1 -1
  67. package/dist/function-registry/pipeline.d.ts +16 -22
  68. package/dist/function-registry/pipeline.js +40 -777
  69. package/dist/function-registry/pipeline.js.map +1 -1
  70. package/dist/function-registry/questions.d.ts +61 -76
  71. package/dist/function-registry/questions.js +50 -867
  72. package/dist/function-registry/questions.js.map +1 -1
  73. package/dist/function-registry/tasks.d.ts +21 -28
  74. package/dist/function-registry/tasks.js +46 -843
  75. package/dist/function-registry/tasks.js.map +1 -1
  76. package/dist/function-registry/topics.d.ts +26 -114
  77. package/dist/function-registry/topics.js +41 -850
  78. package/dist/function-registry/topics.js.map +1 -1
  79. package/dist/function-registry/types.d.ts +3 -7
  80. package/dist/function-registry/worktrees.d.ts +51 -104
  81. package/dist/function-registry/worktrees.js +49 -907
  82. package/dist/function-registry/worktrees.js.map +1 -1
  83. package/dist/gateway.contract.d.ts +0 -5
  84. package/dist/gateway.contract.js.map +1 -1
  85. package/dist/generated/convexSchemas.d.ts +3 -3
  86. package/dist/generated/convexSchemas.js +18 -39
  87. package/dist/generated/convexSchemas.js.map +1 -1
  88. package/dist/generated/schema-manifest.json +98 -1244
  89. package/dist/generated/tableOwnership.d.ts +28 -49
  90. package/dist/generated/tableOwnership.js +26 -68
  91. package/dist/generated/tableOwnership.js.map +1 -1
  92. package/dist/generated/tier-expectations.json +9 -66
  93. package/dist/graph-types/index.d.ts +1 -5
  94. package/dist/graph-types/index.js +4 -15
  95. package/dist/graph-types/index.js.map +1 -1
  96. package/dist/index-CV-0_VWJ.d.ts +25 -0
  97. package/dist/index.d.ts +414 -30
  98. package/dist/index.js +339 -34916
  99. package/dist/index.js.map +1 -1
  100. package/dist/lens-filter.contract.js +3 -4
  101. package/dist/lens-filter.contract.js.map +1 -1
  102. package/dist/lens-workflow.contract.js +3 -4
  103. package/dist/lens-workflow.contract.js.map +1 -1
  104. package/dist/schema-helpers/enumValidation.js +5 -2
  105. package/dist/schema-helpers/enumValidation.js.map +1 -1
  106. package/dist/schema-helpers/spine/nodes/decision.js +1 -2
  107. package/dist/schema-helpers/spine/nodes/decision.js.map +1 -1
  108. package/dist/schema-helpers/spine/tables/epistemicNodes.js +27 -27
  109. package/dist/schema-helpers/spine/tables/epistemicNodes.js.map +1 -1
  110. package/dist/schemas/component-table-manifest.d.ts +6 -6
  111. package/dist/schemas/component-table-manifest.js +2 -2
  112. package/dist/schemas/component-table-manifest.js.map +1 -1
  113. package/dist/schemas/enums.d.ts +2 -5
  114. package/dist/schemas/enums.js +2 -5
  115. package/dist/schemas/enums.js.map +1 -1
  116. package/dist/schemas/index.d.ts +3 -3
  117. package/dist/schemas/index.js +139 -1165
  118. package/dist/schemas/index.js.map +1 -1
  119. package/dist/schemas/manifest.d.ts +932 -3042
  120. package/dist/schemas/manifest.js +137 -1163
  121. package/dist/schemas/manifest.js.map +1 -1
  122. package/dist/schemas/sl-opinion.d.ts +4 -4
  123. package/dist/schemas/tables/{controlPlane → identity}/agent.d.ts +1 -1
  124. package/dist/schemas/tables/{controlPlane → identity}/agent.js +3 -3
  125. package/dist/schemas/tables/identity/agent.js.map +1 -0
  126. package/dist/schemas/tables/{controlPlane → identity}/epistemic.d.ts +1 -1
  127. package/dist/schemas/tables/{controlPlane → identity}/epistemic.js +3 -3
  128. package/dist/schemas/tables/identity/epistemic.js.map +1 -0
  129. package/dist/schemas/tables/{controlPlane → identity}/model.d.ts +1 -1
  130. package/dist/schemas/tables/{controlPlane → identity}/model.js +6 -6
  131. package/dist/schemas/tables/identity/model.js.map +1 -0
  132. package/dist/schemas/tables/{controlPlane → identity}/platform.d.ts +11 -11
  133. package/dist/schemas/tables/{controlPlane → identity}/platform.js +18 -18
  134. package/dist/schemas/tables/identity/platform.js.map +1 -0
  135. package/dist/schemas/tables/{controlPlane → identity}/project.d.ts +1 -1
  136. package/dist/schemas/tables/{controlPlane → identity}/project.js +3 -3
  137. package/dist/schemas/tables/identity/project.js.map +1 -0
  138. package/dist/schemas/tables/{controlPlane → identity}/user.d.ts +1 -1
  139. package/dist/schemas/tables/{controlPlane → identity}/user.js +3 -3
  140. package/dist/schemas/tables/identity/user.js.map +1 -0
  141. package/dist/schemas/tables/kernel/config.d.ts +1 -1
  142. package/dist/schemas/tables/kernel/config.js.map +1 -1
  143. package/dist/schemas/tables/kernel/coordination.d.ts +1 -1
  144. package/dist/schemas/tables/kernel/coordination.js.map +1 -1
  145. package/dist/schemas/tables/kernel/decision.d.ts +1 -1
  146. package/dist/schemas/tables/kernel/decision.js.map +1 -1
  147. package/dist/schemas/tables/kernel/embedding.d.ts +1 -1
  148. package/dist/schemas/tables/kernel/embedding.js.map +1 -1
  149. package/dist/schemas/tables/kernel/epistemic.d.ts +7 -7
  150. package/dist/schemas/tables/kernel/epistemic.js.map +1 -1
  151. package/dist/schemas/tables/kernel/idempotency.d.ts +1 -1
  152. package/dist/schemas/tables/kernel/idempotency.js.map +1 -1
  153. package/dist/schemas/tables/kernel/infra.d.ts +5 -5
  154. package/dist/schemas/tables/kernel/infra.js.map +1 -1
  155. package/dist/schemas/tables/kernel/intelligence.d.ts +11 -11
  156. package/dist/schemas/tables/kernel/intelligence.js.map +1 -1
  157. package/dist/schemas/tables/kernel/lens.d.ts +5 -5
  158. package/dist/schemas/tables/kernel/lens.js.map +1 -1
  159. package/dist/schemas/tables/kernel/ontology.d.ts +1 -1
  160. package/dist/schemas/tables/kernel/ontology.js.map +1 -1
  161. package/dist/schemas/tables/kernel/platform.d.ts +13 -13
  162. package/dist/schemas/tables/kernel/platform.js.map +1 -1
  163. package/dist/schemas/tables/kernel/spine.d.ts +4 -5
  164. package/dist/schemas/tables/kernel/spine.js +2 -6
  165. package/dist/schemas/tables/kernel/spine.js.map +1 -1
  166. package/dist/schemas/tables/kernel/task.d.ts +43 -43
  167. package/dist/schemas/tables/kernel/task.js.map +1 -1
  168. package/dist/schemas/tables/kernel/topic.d.ts +1 -1
  169. package/dist/schemas/tables/kernel/topic.js +1 -5
  170. package/dist/schemas/tables/kernel/topic.js.map +1 -1
  171. package/dist/schemas/tables/kernel/workflow.d.ts +1 -1
  172. package/dist/schemas/tables/kernel/workflow.js.map +1 -1
  173. package/dist/schemas/tables/kernel/worktree.d.ts +55 -55
  174. package/dist/schemas/tables/kernel/worktree.js.map +1 -1
  175. package/dist/schemas/tables/mc/identity.d.ts +4 -44
  176. package/dist/schemas/tables/mc/identity.js +1 -66
  177. package/dist/schemas/tables/mc/identity.js.map +1 -1
  178. package/dist/schemas/tables/mc/methodology.d.ts +1 -1
  179. package/dist/schemas/tables/mc/methodology.js.map +1 -1
  180. package/dist/schemas/tables/mc/pack.d.ts +21 -21
  181. package/dist/schemas/tables/mc/pack.js.map +1 -1
  182. package/dist/schemas/tables/mc/policy.d.ts +2 -2
  183. package/dist/schemas/tables/mc/policy.js +1 -1
  184. package/dist/schemas/tables/mc/policy.js.map +1 -1
  185. package/dist/schemas/tables/mc/registry.d.ts +5 -5
  186. package/dist/schemas/tables/mc/registry.js.map +1 -1
  187. package/dist/schemas/tables/mc/runtime.d.ts +3 -109
  188. package/dist/schemas/tables/mc/runtime.js +104 -330
  189. package/dist/schemas/tables/mc/runtime.js.map +1 -1
  190. package/dist/schemas/tables/mc/tenant.d.ts +2 -4
  191. package/dist/schemas/tables/mc/tenant.js +1 -3
  192. package/dist/schemas/tables/mc/tenant.js.map +1 -1
  193. package/dist/schemas/tables/mc/workspace.d.ts +5 -28
  194. package/dist/schemas/tables/mc/workspace.js +2 -36
  195. package/dist/schemas/tables/mc/workspace.js.map +1 -1
  196. package/dist/sdk-methods.contract.d.ts +2 -2
  197. package/dist/{sdk-tools.contract-CKmSsrZ2.d.ts → sdk-tools.contract-S4ia0TTo.d.ts} +2 -2
  198. package/dist/sdk-tools.contract.d.ts +2 -2
  199. package/dist/sdk-tools.contract.js +25 -717
  200. package/dist/sdk-tools.contract.js.map +1 -1
  201. package/dist/{tool-contracts-C_xvM9q2.d.ts → tool-contracts-C92-9ueT.d.ts} +2 -38
  202. package/dist/tool-contracts.d.ts +1 -1
  203. package/dist/tool-contracts.js +26 -718
  204. package/dist/tool-contracts.js.map +1 -1
  205. package/package.json +1 -30
  206. package/dist/component-boundary.contract.d.ts +0 -14
  207. package/dist/component-boundary.contract.js +0 -175
  208. package/dist/component-boundary.contract.js.map +0 -1
  209. package/dist/component-host-boundary.contract.d.ts +0 -46
  210. package/dist/component-host-boundary.contract.js +0 -60
  211. package/dist/component-host-boundary.contract.js.map +0 -1
  212. package/dist/edge-policy-manifest-Dw5IhT1L.d.ts +0 -133
  213. package/dist/function-registry/nodes.d.ts +0 -412
  214. package/dist/function-registry/nodes.js +0 -5354
  215. package/dist/function-registry/nodes.js.map +0 -1
  216. package/dist/function-registry-input-audit.d.ts +0 -13
  217. package/dist/function-registry-input-audit.js +0 -166
  218. package/dist/function-registry-input-audit.js.map +0 -1
  219. package/dist/generated/infisicalRuntimeEnv.d.ts +0 -70
  220. package/dist/generated/infisicalRuntimeEnv.js +0 -27051
  221. package/dist/generated/infisicalRuntimeEnv.js.map +0 -1
  222. package/dist/generated/lucernGatewayEnv.d.ts +0 -17
  223. package/dist/generated/lucernGatewayEnv.js +0 -38
  224. package/dist/generated/lucernGatewayEnv.js.map +0 -1
  225. package/dist/generated/lucernWebPublicEnv.d.ts +0 -26
  226. package/dist/generated/lucernWebPublicEnv.js +0 -32
  227. package/dist/generated/lucernWebPublicEnv.js.map +0 -1
  228. package/dist/generated/lucernWebServerEnv.d.ts +0 -33
  229. package/dist/generated/lucernWebServerEnv.js +0 -51
  230. package/dist/generated/lucernWebServerEnv.js.map +0 -1
  231. package/dist/graph-intelligence.contract.d.ts +0 -506
  232. package/dist/graph-intelligence.contract.js +0 -595
  233. package/dist/graph-intelligence.contract.js.map +0 -1
  234. package/dist/index-CM1Pl_vI.d.ts +0 -28
  235. package/dist/infisical-runtime.contract.d.ts +0 -1851
  236. package/dist/infisical-runtime.contract.js +0 -3189
  237. package/dist/infisical-runtime.contract.js.map +0 -1
  238. package/dist/manifests/edge-policy-manifest.d.ts +0 -2
  239. package/dist/manifests/edge-policy-manifest.data.d.ts +0 -13
  240. package/dist/manifests/edge-policy-manifest.data.js +0 -26
  241. package/dist/manifests/edge-policy-manifest.data.js.map +0 -1
  242. package/dist/manifests/edge-policy-manifest.js +0 -92
  243. package/dist/manifests/edge-policy-manifest.js.map +0 -1
  244. package/dist/manifests/infisical-runtime-manifest.d.ts +0 -1754
  245. package/dist/manifests/infisical-runtime-manifest.js +0 -3044
  246. package/dist/manifests/infisical-runtime-manifest.js.map +0 -1
  247. package/dist/manifests/invariant-manifest.d.ts +0 -65
  248. package/dist/manifests/invariant-manifest.js +0 -18
  249. package/dist/manifests/invariant-manifest.js.map +0 -1
  250. package/dist/manifests/invariants/ast-utils.d.ts +0 -14
  251. package/dist/manifests/invariants/ast-utils.js +0 -54
  252. package/dist/manifests/invariants/ast-utils.js.map +0 -1
  253. package/dist/manifests/invariants/index.d.ts +0 -15
  254. package/dist/manifests/invariants/index.js +0 -183
  255. package/dist/manifests/invariants/index.js.map +0 -1
  256. package/dist/manifests/invariants/inv-1-beliefs-append-only.d.ts +0 -12
  257. package/dist/manifests/invariants/inv-1-beliefs-append-only.js +0 -94
  258. package/dist/manifests/invariants/inv-1-beliefs-append-only.js.map +0 -1
  259. package/dist/manifests/invariants/inv-14-no-silent-transitions.d.ts +0 -12
  260. package/dist/manifests/invariants/inv-14-no-silent-transitions.js +0 -99
  261. package/dist/manifests/invariants/inv-14-no-silent-transitions.js.map +0 -1
  262. package/dist/manifests/invariants/manifest-1-projections-declare-audit.d.ts +0 -12
  263. package/dist/manifests/invariants/manifest-1-projections-declare-audit.js +0 -42
  264. package/dist/manifests/invariants/manifest-1-projections-declare-audit.js.map +0 -1
  265. package/dist/manifests/tenant-client-manifest.d.ts +0 -327
  266. package/dist/manifests/tenant-client-manifest.js +0 -449
  267. package/dist/manifests/tenant-client-manifest.js.map +0 -1
  268. package/dist/mcp-gateway-boundary.contract.d.ts +0 -201
  269. package/dist/mcp-gateway-boundary.contract.js +0 -45
  270. package/dist/mcp-gateway-boundary.contract.js.map +0 -1
  271. package/dist/permit-principal-projection.contract.d.ts +0 -74
  272. package/dist/permit-principal-projection.contract.js +0 -160
  273. package/dist/permit-principal-projection.contract.js.map +0 -1
  274. package/dist/projections/check-convex-args-shape.d.ts +0 -3
  275. package/dist/projections/check-convex-args-shape.js +0 -403
  276. package/dist/projections/check-convex-args-shape.js.map +0 -1
  277. package/dist/projections/create-evidence.projection.d.ts +0 -176
  278. package/dist/projections/create-evidence.projection.js +0 -130
  279. package/dist/projections/create-evidence.projection.js.map +0 -1
  280. package/dist/projections/index.d.ts +0 -102
  281. package/dist/projections/index.js +0 -352
  282. package/dist/projections/index.js.map +0 -1
  283. package/dist/projections/list-beliefs.projection.d.ts +0 -36
  284. package/dist/projections/list-beliefs.projection.js +0 -54
  285. package/dist/projections/list-beliefs.projection.js.map +0 -1
  286. package/dist/projections/list-tasks.projection.d.ts +0 -44
  287. package/dist/projections/list-tasks.projection.js +0 -57
  288. package/dist/projections/list-tasks.projection.js.map +0 -1
  289. package/dist/projections/modulate-confidence.projection.d.ts +0 -219
  290. package/dist/projections/modulate-confidence.projection.js +0 -148
  291. package/dist/projections/modulate-confidence.projection.js.map +0 -1
  292. package/dist/projections/projection-dsl.d.ts +0 -11
  293. package/dist/projections/projection-dsl.js +0 -8
  294. package/dist/projections/projection-dsl.js.map +0 -1
  295. package/dist/proof-attestation.json +0 -45
  296. package/dist/schemas/tables/controlPlane/accessControl.d.ts +0 -260
  297. package/dist/schemas/tables/controlPlane/accessControl.js +0 -658
  298. package/dist/schemas/tables/controlPlane/accessControl.js.map +0 -1
  299. package/dist/schemas/tables/controlPlane/agent.js.map +0 -1
  300. package/dist/schemas/tables/controlPlane/epistemic.js.map +0 -1
  301. package/dist/schemas/tables/controlPlane/model.js.map +0 -1
  302. package/dist/schemas/tables/controlPlane/platform.js.map +0 -1
  303. package/dist/schemas/tables/controlPlane/project.js.map +0 -1
  304. package/dist/schemas/tables/controlPlane/user.js.map +0 -1
  305. package/dist/schemas/tables/kernel/events.d.ts +0 -21
  306. package/dist/schemas/tables/kernel/events.js +0 -43
  307. package/dist/schemas/tables/kernel/events.js.map +0 -1
  308. package/dist/tenant-bootstrap-seed.contract.d.ts +0 -1289
  309. package/dist/tenant-bootstrap-seed.contract.js +0 -764
  310. package/dist/tenant-bootstrap-seed.contract.js.map +0 -1
  311. package/dist/tenant-bootstrap-seed.defaults.d.ts +0 -16
  312. package/dist/tenant-bootstrap-seed.defaults.js +0 -321
  313. package/dist/tenant-bootstrap-seed.defaults.js.map +0 -1
  314. package/dist/tenant-client.contract.d.ts +0 -354
  315. package/dist/tenant-client.contract.js +0 -505
  316. package/dist/tenant-client.contract.js.map +0 -1
@@ -1,658 +0,0 @@
1
- import { z } from 'zod';
2
-
3
- // src/schemas/tables/controlPlane/accessControl.ts
4
-
5
- // src/dsl/defineTable.ts
6
- function defineTable(spec) {
7
- return spec;
8
- }
9
-
10
- // src/schemas/tables/controlPlane/accessControl.ts
11
- var permitActorType = z.enum([
12
- "human",
13
- "agent",
14
- "service_principal",
15
- "external_stakeholder",
16
- "system"
17
- ]);
18
- var permitMembershipStatus = z.enum([
19
- "active",
20
- "invited",
21
- "revoked",
22
- "suspended",
23
- "disabled"
24
- ]);
25
- var permitDecision = z.enum(["allow", "deny"]);
26
- var permitAccessReviewStatus = z.enum([
27
- "open",
28
- "in_progress",
29
- "approved",
30
- "denied",
31
- "expired",
32
- "cancelled"
33
- ]);
34
- var permitReviewScope = z.enum([
35
- "tenant",
36
- "workspace",
37
- "resource_instance",
38
- "group",
39
- "principal",
40
- "api_key",
41
- "admin_action"
42
- ]);
43
- var permitRecordStatus = z.enum([
44
- "queued",
45
- "inflight",
46
- "completed",
47
- "failed",
48
- "skipped",
49
- "stale"
50
- ]);
51
- var permitObjectType = z.enum([
52
- "resource",
53
- "role",
54
- "resource_role",
55
- "resource_relation",
56
- "tenant",
57
- "workspace",
58
- "principal",
59
- "membership",
60
- "group",
61
- "resource_instance",
62
- "relationship_tuple",
63
- "role_assignment",
64
- "attribute_binding",
65
- "policy_bundle"
66
- ]);
67
- var permitOutboxOperation = z.enum([
68
- "upsert",
69
- "delete",
70
- "sync",
71
- "resync",
72
- "delete_sync",
73
- "noop"
74
- ]);
75
- var permitPolicyBundleStatus = z.enum([
76
- "draft",
77
- "validated",
78
- "enforced",
79
- "archived"
80
- ]);
81
- var permitSyncStatus = z.enum([
82
- "pending",
83
- "synced",
84
- "error",
85
- "skipped"
86
- ]);
87
- var permitAccessReviewSubjectType = z.enum([
88
- "principal",
89
- "group",
90
- "role_assignment",
91
- "resource_instance"
92
- ]);
93
- var permitAttributeType = z.enum([
94
- "string",
95
- "number",
96
- "bool",
97
- "json",
98
- "time"
99
- ]);
100
- var permitAttributeOperator = z.enum([
101
- "eq",
102
- "neq",
103
- "in",
104
- "not_in",
105
- "gt",
106
- "gte",
107
- "lt",
108
- "lte",
109
- "contains",
110
- "not_contains",
111
- "matches"
112
- ]);
113
- var permitRoleBindingTarget = z.enum([
114
- "principal",
115
- "group"
116
- ]);
117
- var permitPrincipals = defineTable({
118
- name: "permitPrincipals",
119
- component: "control-plane",
120
- category: "access-control",
121
- shape: z.object({
122
- principalId: z.string(),
123
- tenantId: z.string(),
124
- workspaceId: z.optional(z.string()),
125
- principalType: permitActorType,
126
- status: permitMembershipStatus,
127
- displayName: z.string().optional(),
128
- metadata: z.record(z.any()).optional(),
129
- createdBy: z.string(),
130
- createdAt: z.number(),
131
- updatedAt: z.number(),
132
- updatedBy: z.string().optional(),
133
- lastSeenAt: z.number().optional()
134
- }),
135
- indices: [
136
- { kind: "index", name: "by_tenantId", columns: ["tenantId"] },
137
- { kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
138
- { kind: "index", name: "by_tenant_principalId", columns: ["tenantId", "principalId"] },
139
- { kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
140
- {
141
- kind: "index",
142
- name: "by_tenant_principalType_status",
143
- columns: ["tenantId", "principalType", "status"]
144
- }
145
- ]
146
- });
147
- var permitPrincipalAliases = defineTable({
148
- name: "permitPrincipalAliases",
149
- component: "control-plane",
150
- category: "access-control",
151
- shape: z.object({
152
- principalId: z.string(),
153
- tenantId: z.string(),
154
- workspaceId: z.optional(z.string()),
155
- provider: z.string(),
156
- providerSubjectId: z.string(),
157
- providerProjectId: z.string().optional(),
158
- alias: z.string(),
159
- aliasKind: z.string(),
160
- status: permitMembershipStatus,
161
- metadata: z.record(z.any()).optional(),
162
- createdBy: z.string(),
163
- createdAt: z.number(),
164
- updatedAt: z.number(),
165
- revokedBy: z.string().optional(),
166
- revokedAt: z.number().optional(),
167
- updatedBy: z.string().optional()
168
- }),
169
- indices: [
170
- { kind: "index", name: "by_principalId", columns: ["principalId"] },
171
- { kind: "index", name: "by_provider_subject", columns: ["provider", "providerSubjectId"] },
172
- { kind: "index", name: "by_provider_project_subject", columns: ["provider", "providerProjectId", "providerSubjectId"] },
173
- { kind: "index", name: "by_tenant_provider_subject", columns: ["tenantId", "provider", "providerSubjectId"] },
174
- { kind: "index", name: "by_tenant_provider_project_subject", columns: ["tenantId", "provider", "providerProjectId", "providerSubjectId"] },
175
- {
176
- kind: "index",
177
- name: "by_tenant_provider_alias",
178
- columns: ["tenantId", "provider", "alias"]
179
- },
180
- { kind: "index", name: "by_tenant_alias", columns: ["tenantId", "alias"] },
181
- {
182
- kind: "index",
183
- name: "by_tenant_provider_status",
184
- columns: ["tenantId", "provider", "status"]
185
- }
186
- ]
187
- });
188
- var permitGroups = defineTable({
189
- name: "permitGroups",
190
- component: "control-plane",
191
- category: "access-control",
192
- shape: z.object({
193
- tenantId: z.string(),
194
- workspaceId: z.optional(z.string()),
195
- groupId: z.string(),
196
- groupKey: z.string(),
197
- groupName: z.string(),
198
- groupType: z.enum(["tenant", "workspace", "external", "system", "dynamic"]),
199
- status: permitMembershipStatus,
200
- description: z.string().optional(),
201
- metadata: z.record(z.any()).optional(),
202
- createdBy: z.string(),
203
- createdAt: z.number(),
204
- updatedAt: z.number(),
205
- updatedBy: z.string().optional()
206
- }),
207
- indices: [
208
- { kind: "index", name: "by_tenantId", columns: ["tenantId"] },
209
- { kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
210
- { kind: "index", name: "by_tenant_groupId", columns: ["tenantId", "groupId"] },
211
- { kind: "index", name: "by_tenant_groupKey", columns: ["tenantId", "groupKey"] },
212
- { kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
213
- ]
214
- });
215
- var permitGroupMemberships = defineTable({
216
- name: "permitGroupMemberships",
217
- component: "control-plane",
218
- category: "access-control",
219
- shape: z.object({
220
- tenantId: z.string(),
221
- workspaceId: z.optional(z.string()),
222
- groupId: z.string(),
223
- memberType: z.enum(["principal", "group"]),
224
- memberId: z.string(),
225
- principalId: z.string().optional(),
226
- childGroupId: z.string().optional(),
227
- status: permitMembershipStatus,
228
- addedBy: z.string().optional(),
229
- revokedBy: z.string().optional(),
230
- expiresAt: z.number().optional(),
231
- revocationReason: z.string().optional(),
232
- metadata: z.record(z.any()).optional(),
233
- createdAt: z.number(),
234
- updatedAt: z.number(),
235
- updatedBy: z.string().optional()
236
- }),
237
- indices: [
238
- { kind: "index", name: "by_tenant_principal", columns: ["tenantId", "principalId"] },
239
- { kind: "index", name: "by_tenant_member", columns: ["tenantId", "memberType", "memberId"] },
240
- {
241
- kind: "index",
242
- name: "by_tenant_member_group",
243
- columns: ["tenantId", "memberType", "memberId", "groupId"]
244
- },
245
- { kind: "index", name: "by_tenant_group", columns: ["tenantId", "groupId"] },
246
- { kind: "index", name: "by_member_group", columns: ["memberType", "memberId", "groupId"] },
247
- { kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
248
- {
249
- kind: "index",
250
- name: "by_workspace_principal",
251
- columns: ["workspaceId", "principalId"]
252
- }
253
- ]
254
- });
255
- var permitResourceInstances = defineTable({
256
- name: "permitResourceInstances",
257
- component: "control-plane",
258
- category: "access-control",
259
- shape: z.object({
260
- tenantId: z.string(),
261
- workspaceId: z.optional(z.string()),
262
- resourceType: z.string(),
263
- resourceKey: z.string(),
264
- resourceId: z.string(),
265
- status: z.enum(["active", "deleted", "archived"]),
266
- attributes: z.record(z.any()).optional(),
267
- ownerPrincipalId: z.string().optional(),
268
- metadata: z.record(z.any()).optional(),
269
- createdBy: z.string(),
270
- updatedBy: z.string().optional(),
271
- createdAt: z.number(),
272
- updatedAt: z.number()
273
- }),
274
- indices: [
275
- {
276
- kind: "index",
277
- name: "by_tenant_resource_type",
278
- columns: ["tenantId", "resourceType"]
279
- },
280
- {
281
- kind: "index",
282
- name: "by_tenant_resource_key",
283
- columns: ["tenantId", "resourceType", "resourceKey"]
284
- },
285
- { kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
286
- { kind: "index", name: "by_status", columns: ["status"] },
287
- {
288
- kind: "index",
289
- name: "by_tenant_status",
290
- columns: ["tenantId", "status"]
291
- },
292
- {
293
- kind: "index",
294
- name: "by_ownerPrincipalId",
295
- columns: ["ownerPrincipalId"]
296
- }
297
- ]
298
- });
299
- var permitRoleAssignments = defineTable({
300
- name: "permitRoleAssignments",
301
- component: "control-plane",
302
- category: "access-control",
303
- shape: z.object({
304
- tenantId: z.string(),
305
- workspaceId: z.optional(z.string()),
306
- role: z.string(),
307
- targetType: permitRoleBindingTarget,
308
- targetId: z.string(),
309
- resourceType: z.string(),
310
- resourceKey: z.string(),
311
- resourceInstanceId: z.string().optional(),
312
- status: permitMembershipStatus,
313
- expiresAt: z.number().optional(),
314
- attributes: z.record(z.any()).optional(),
315
- grantedBy: z.string().optional(),
316
- updatedBy: z.string().optional(),
317
- revokedBy: z.string().optional(),
318
- createdAt: z.number(),
319
- updatedAt: z.number()
320
- }),
321
- indices: [
322
- {
323
- kind: "index",
324
- name: "by_tenant_target",
325
- columns: ["tenantId", "targetType", "targetId"]
326
- },
327
- {
328
- kind: "index",
329
- name: "by_tenant_resource",
330
- columns: ["tenantId", "resourceType", "resourceKey"]
331
- },
332
- {
333
- kind: "index",
334
- name: "by_tenant_role",
335
- columns: ["tenantId", "role", "status"]
336
- },
337
- { kind: "index", name: "by_status", columns: ["status"] },
338
- {
339
- kind: "index",
340
- name: "by_workspace_resource",
341
- columns: ["workspaceId", "resourceType", "resourceKey"]
342
- }
343
- ]
344
- });
345
- var permitRelationshipTuples = defineTable({
346
- name: "permitRelationshipTuples",
347
- component: "control-plane",
348
- category: "access-control",
349
- shape: z.object({
350
- tenantId: z.string(),
351
- workspaceId: z.optional(z.string()),
352
- relation: z.string(),
353
- subject: z.string(),
354
- object: z.string(),
355
- resourceType: z.string().optional(),
356
- resourceKey: z.string().optional(),
357
- status: permitRecordStatus,
358
- attributes: z.record(z.any()).optional(),
359
- createdBy: z.string(),
360
- createdAt: z.number(),
361
- updatedAt: z.number(),
362
- lastSeenAt: z.number().optional(),
363
- updatedBy: z.string().optional()
364
- }),
365
- indices: [
366
- { kind: "index", name: "by_tenant_subject", columns: ["tenantId", "subject"] },
367
- { kind: "index", name: "by_tenant_object", columns: ["tenantId", "object"] },
368
- { kind: "index", name: "by_tenant_relation", columns: ["tenantId", "relation"] },
369
- {
370
- kind: "index",
371
- name: "by_tenant_relation_subject",
372
- columns: ["tenantId", "relation", "subject"]
373
- },
374
- { kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
375
- ]
376
- });
377
- var permitAttributeBindings = defineTable({
378
- name: "permitAttributeBindings",
379
- component: "control-plane",
380
- category: "access-control",
381
- shape: z.object({
382
- tenantId: z.string(),
383
- workspaceId: z.optional(z.string()),
384
- targetType: permitRoleBindingTarget,
385
- targetId: z.string(),
386
- attributeName: z.string(),
387
- attributeType: permitAttributeType,
388
- attributeOperator: permitAttributeOperator,
389
- attributeValue: z.any(),
390
- status: permitRecordStatus,
391
- source: z.string().optional(),
392
- sourceRef: z.string().optional(),
393
- metadata: z.record(z.any()).optional(),
394
- createdAt: z.number(),
395
- updatedAt: z.number(),
396
- createdBy: z.string(),
397
- updatedBy: z.string().optional(),
398
- expiresAt: z.number().optional()
399
- }),
400
- indices: [
401
- {
402
- kind: "index",
403
- name: "by_tenant_target",
404
- columns: ["tenantId", "targetType", "targetId"]
405
- },
406
- {
407
- kind: "index",
408
- name: "by_tenant_target_attribute",
409
- columns: ["tenantId", "targetType", "targetId", "attributeName"]
410
- },
411
- {
412
- kind: "index",
413
- name: "by_tenant_name",
414
- columns: ["tenantId", "attributeName"]
415
- },
416
- {
417
- kind: "index",
418
- name: "by_tenant_status",
419
- columns: ["tenantId", "status"]
420
- }
421
- ]
422
- });
423
- var permitPolicyBundles = defineTable({
424
- name: "permitPolicyBundles",
425
- component: "control-plane",
426
- category: "access-control",
427
- shape: z.object({
428
- tenantId: z.string(),
429
- workspaceId: z.optional(z.string()),
430
- bundleKey: z.string(),
431
- version: z.number(),
432
- status: permitPolicyBundleStatus,
433
- policyHash: z.string().optional(),
434
- policyPayload: z.record(z.any()),
435
- metadata: z.record(z.any()).optional(),
436
- createdBy: z.string(),
437
- reviewedBy: z.string().optional(),
438
- createdAt: z.number(),
439
- updatedAt: z.number(),
440
- retiredAt: z.number().optional()
441
- }),
442
- indices: [
443
- { kind: "index", name: "by_tenantId", columns: ["tenantId"] },
444
- { kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
445
- {
446
- kind: "index",
447
- name: "by_tenant_bundleKey",
448
- columns: ["tenantId", "bundleKey"]
449
- },
450
- {
451
- kind: "index",
452
- name: "by_tenant_bundle_version",
453
- columns: ["tenantId", "bundleKey", "version"]
454
- },
455
- { kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
456
- ]
457
- });
458
- var permitProjectionOutbox = defineTable({
459
- name: "permitProjectionOutbox",
460
- component: "control-plane",
461
- category: "access-control",
462
- shape: z.object({
463
- syncKey: z.string(),
464
- objectType: permitObjectType,
465
- objectId: z.string(),
466
- operation: permitOutboxOperation,
467
- payload: z.record(z.any()),
468
- status: permitRecordStatus,
469
- attemptCount: z.number(),
470
- nextAttemptAt: z.number().optional(),
471
- lastError: z.string().optional(),
472
- tenantId: z.string().optional(),
473
- workspaceId: z.optional(z.string()),
474
- principalId: z.string().optional(),
475
- permitTenantKey: z.string().optional(),
476
- permitResourceType: z.string().optional(),
477
- permitResourceKey: z.string().optional(),
478
- createdAt: z.number(),
479
- updatedAt: z.number(),
480
- lastHandledAt: z.number().optional()
481
- }),
482
- indices: [
483
- { kind: "index", name: "by_syncKey", columns: ["syncKey"] },
484
- { kind: "index", name: "by_status", columns: ["status"] },
485
- { kind: "index", name: "by_tenantId", columns: ["tenantId"] },
486
- {
487
- kind: "index",
488
- name: "by_tenant_status",
489
- columns: ["tenantId", "status"]
490
- },
491
- {
492
- kind: "index",
493
- name: "by_objectType",
494
- columns: ["objectType", "status"]
495
- }
496
- ]
497
- });
498
- var tenantPermitSyncStates = defineTable({
499
- name: "tenantPermitSyncStates",
500
- component: "control-plane",
501
- category: "access-control",
502
- shape: z.object({
503
- syncKey: z.string(),
504
- objectType: permitObjectType,
505
- objectId: z.string(),
506
- tenantId: z.string().optional(),
507
- workspaceId: z.string().optional(),
508
- principalId: z.string().optional(),
509
- permitTenantKey: z.string().optional(),
510
- permitResourceType: z.string().optional(),
511
- permitResourceKey: z.string().optional(),
512
- desiredPayload: z.record(z.any()),
513
- lastAppliedPayloadHash: z.string().optional(),
514
- status: permitSyncStatus,
515
- attemptCount: z.number(),
516
- lastError: z.string().optional(),
517
- nextAttemptAt: z.number().optional(),
518
- lastSyncedAt: z.number().optional(),
519
- createdBy: z.string(),
520
- updatedBy: z.string().optional(),
521
- createdAt: z.number(),
522
- updatedAt: z.number()
523
- }),
524
- indices: [
525
- { kind: "index", name: "by_syncKey", columns: ["syncKey"] },
526
- { kind: "index", name: "by_status", columns: ["status"] },
527
- {
528
- kind: "index",
529
- name: "by_tenant_status",
530
- columns: ["tenantId", "status"]
531
- },
532
- {
533
- kind: "index",
534
- name: "by_workspace_status",
535
- columns: ["workspaceId", "status"]
536
- },
537
- {
538
- kind: "index",
539
- name: "by_principal_status",
540
- columns: ["principalId", "status"]
541
- }
542
- ]
543
- });
544
- var permitPolicyDecisionReceipts = defineTable({
545
- name: "permitPolicyDecisionReceipts",
546
- component: "control-plane",
547
- category: "access-control",
548
- shape: z.object({
549
- tenantId: z.string().optional(),
550
- workspaceId: z.string().optional(),
551
- principalId: z.string(),
552
- subjectType: permitAccessReviewSubjectType.optional(),
553
- subjectId: z.string().optional(),
554
- resourceType: z.string(),
555
- resourceId: z.string(),
556
- action: z.string(),
557
- decision: permitDecision,
558
- reasonCode: z.string(),
559
- policyBundleId: z.string().optional(),
560
- policyVersion: z.string(),
561
- traceId: z.string().optional(),
562
- requestId: z.string().optional(),
563
- audienceMode: z.string().optional(),
564
- audienceKey: z.string().optional(),
565
- audienceClass: z.enum(["internal", "restricted_external", "public"]).optional(),
566
- metadata: z.record(z.any()).optional(),
567
- createdAt: z.number(),
568
- expiresAt: z.number().optional(),
569
- createdBy: z.string().optional()
570
- }),
571
- indices: [
572
- { kind: "index", name: "by_principal_createdAt", columns: ["principalId", "createdAt"] },
573
- { kind: "index", name: "by_tenant_createdAt", columns: ["tenantId", "createdAt"] },
574
- { kind: "index", name: "by_resource", columns: ["resourceType", "resourceId"] },
575
- { kind: "index", name: "by_decision_createdAt", columns: ["decision", "createdAt"] },
576
- { kind: "index", name: "by_traceId", columns: ["traceId"] },
577
- { kind: "index", name: "by_action", columns: ["action"] }
578
- ]
579
- });
580
- var permitAccessReviews = defineTable({
581
- name: "permitAccessReviews",
582
- component: "control-plane",
583
- category: "access-control",
584
- shape: z.object({
585
- tenantId: z.string(),
586
- workspaceId: z.optional(z.string()),
587
- reviewKey: z.string(),
588
- scope: permitReviewScope,
589
- status: permitAccessReviewStatus,
590
- subjectType: permitAccessReviewSubjectType,
591
- subjectId: z.string(),
592
- resourceType: z.string().optional(),
593
- resourceKey: z.string().optional(),
594
- outcome: z.enum(["allow", "deny"]).optional(),
595
- requestedBy: z.string(),
596
- reviewedBy: z.string().optional(),
597
- requestedAt: z.number(),
598
- reviewedAt: z.number().optional(),
599
- dueAt: z.number().optional(),
600
- justification: z.string().optional(),
601
- rationale: z.string().optional(),
602
- policyBundleId: z.string().optional(),
603
- metadata: z.record(z.any()).optional(),
604
- createdAt: z.number(),
605
- updatedAt: z.number()
606
- }),
607
- indices: [
608
- { kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
609
- { kind: "index", name: "by_tenant_reviewKey", columns: ["tenantId", "reviewKey"] },
610
- { kind: "index", name: "by_subject", columns: ["subjectType", "subjectId"] },
611
- {
612
- kind: "index",
613
- name: "by_tenant_subject",
614
- columns: ["tenantId", "subjectType", "subjectId"]
615
- },
616
- { kind: "index", name: "by_outcome", columns: ["outcome"] },
617
- {
618
- kind: "index",
619
- name: "by_workspace_status",
620
- columns: ["workspaceId", "status"]
621
- }
622
- ]
623
- });
624
- var permitAccessReviewItems = defineTable({
625
- name: "permitAccessReviewItems",
626
- component: "control-plane",
627
- category: "access-control",
628
- shape: z.object({
629
- reviewKey: z.string(),
630
- itemKey: z.string(),
631
- tenantId: z.string(),
632
- workspaceId: z.string().optional(),
633
- subjectType: permitAccessReviewSubjectType,
634
- subjectId: z.string(),
635
- resourceType: z.string().optional(),
636
- resourceKey: z.string().optional(),
637
- role: z.string().optional(),
638
- relation: z.string().optional(),
639
- status: z.enum(["open", "approved", "revoked", "changed", "deferred"]),
640
- reviewerId: z.string().optional(),
641
- decisionAt: z.number().optional(),
642
- rationale: z.string().optional(),
643
- metadata: z.record(z.any()).optional(),
644
- createdAt: z.number(),
645
- updatedAt: z.number()
646
- }),
647
- indices: [
648
- { kind: "index", name: "by_reviewKey", columns: ["reviewKey"] },
649
- { kind: "index", name: "by_tenant_reviewKey", columns: ["tenantId", "reviewKey"] },
650
- { kind: "index", name: "by_tenant_itemKey", columns: ["tenantId", "itemKey"] },
651
- { kind: "index", name: "by_subject", columns: ["subjectType", "subjectId"] },
652
- { kind: "index", name: "by_status", columns: ["status"] }
653
- ]
654
- });
655
-
656
- export { permitAccessReviewItems, permitAccessReviews, permitAttributeBindings, permitGroupMemberships, permitGroups, permitPolicyBundles, permitPolicyDecisionReceipts, permitPrincipalAliases, permitPrincipals, permitProjectionOutbox, permitRelationshipTuples, permitResourceInstances, permitRoleAssignments, tenantPermitSyncStates };
657
- //# sourceMappingURL=accessControl.js.map
658
- //# sourceMappingURL=accessControl.js.map