@mastra/server 1.16.0-alpha.0 → 1.16.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/CHANGELOG.md +37 -0
  2. package/dist/{chunk-P4GHYEST.js → chunk-K5SP7SOS.js} +18 -3
  3. package/dist/chunk-K5SP7SOS.js.map +1 -0
  4. package/dist/{chunk-AOAIJJY6.cjs → chunk-N6ZHI7A3.cjs} +62 -60
  5. package/dist/chunk-N6ZHI7A3.cjs.map +1 -0
  6. package/dist/{chunk-QVMLEJ63.cjs → chunk-OMNWTK4B.cjs} +18 -2
  7. package/dist/chunk-OMNWTK4B.cjs.map +1 -0
  8. package/dist/{chunk-7LQDR5AI.js → chunk-RFO7PBA6.js} +4 -2
  9. package/dist/chunk-RFO7PBA6.js.map +1 -0
  10. package/dist/{chunk-I3QRIKI5.js → chunk-VD26CDFT.js} +5 -3
  11. package/dist/chunk-VD26CDFT.js.map +1 -0
  12. package/dist/{chunk-N5RFB7A4.cjs → chunk-ZHVL7YBO.cjs} +4 -2
  13. package/dist/chunk-ZHVL7YBO.cjs.map +1 -0
  14. package/dist/docs/SKILL.md +2 -1
  15. package/dist/docs/assets/SOURCE_MAP.json +1 -1
  16. package/dist/docs/references/docs-server-middleware.md +237 -0
  17. package/dist/docs/references/reference-server-mastra-server.md +3 -2
  18. package/dist/server/auth/helpers.d.ts +7 -0
  19. package/dist/server/auth/helpers.d.ts.map +1 -1
  20. package/dist/server/auth/index.cjs +16 -12
  21. package/dist/server/auth/index.js +1 -1
  22. package/dist/server/handlers/datasets.cjs +24 -24
  23. package/dist/server/handlers/datasets.d.ts +6 -0
  24. package/dist/server/handlers/datasets.d.ts.map +1 -1
  25. package/dist/server/handlers/datasets.js +1 -1
  26. package/dist/server/schemas/datasets.d.ts +3 -0
  27. package/dist/server/schemas/datasets.d.ts.map +1 -1
  28. package/dist/server/schemas/index.cjs +40 -40
  29. package/dist/server/schemas/index.js +1 -1
  30. package/dist/server/server-adapter/index.cjs +26 -26
  31. package/dist/server/server-adapter/index.js +2 -2
  32. package/dist/server/server-adapter/routes/datasets.d.ts +6 -0
  33. package/dist/server/server-adapter/routes/datasets.d.ts.map +1 -1
  34. package/package.json +4 -4
  35. package/dist/chunk-7LQDR5AI.js.map +0 -1
  36. package/dist/chunk-AOAIJJY6.cjs.map +0 -1
  37. package/dist/chunk-I3QRIKI5.js.map +0 -1
  38. package/dist/chunk-N5RFB7A4.cjs.map +0 -1
  39. package/dist/chunk-P4GHYEST.js.map +0 -1
  40. package/dist/chunk-QVMLEJ63.cjs.map +0 -1
package/dist/chunk-N5RFB7A4.cjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/server/schemas/datasets.ts"],"names":["z","paginationInfoSchema"],"mappings":";;;;;;;;;AAQA,IAAM,gBAAA,GAAuDA,kBAAA,CAAE,IAAA,CAAK,MAAMA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAC,CAAA;AAG3G,IAAM,eAAA,GAAkBA,kBAAA,CAAE,KAAA,CAAM,CAAC,gBAAA,EAAkBA,mBAAE,IAAA,EAAM,CAAC,CAAA,CAAE,QAAA,EAAS;AAGvE,IAAM,uBAAA,GAA0BA,mBAC7B,MAAA,CAAO;AAAA,EACN,IAAA,EAAMA,kBAAA,CAAE,IAAA,CAAK,CAAC,KAAA,EAAO,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,mBAAmB,CAAC,CAAA,CAAE,QAAA,CAAS,2BAA2B,CAAA;AAAA,EACvG,aAAaA,kBAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,qDAAqD;AACnG,CAAC,CAAA,CACA,QAAA,EAAS,CACT,QAAA,CAAS,wCAAwC,CAAA;AAM7C,IAAM,mBAAA,GAAsBA,mBAAE,MAAA,CAAO;AAAA,EAC1C,SAAA,EAAWA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC;AACpE,CAAC;AAEM,IAAM,sBAAA,GAAyBA,mBAAE,MAAA,CAAO;AAAA,EAC7C,YAAA,EAAcA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC;AAC1E,CAAC;AAEM,IAAM,gBAAA,GAAmBA,mBAAE,MAAA,CAAO;AAAA,EACvC,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,wCAAwC;AACtE,CAAC;AAEM,IAAM,gCAAA,GAAmCA,mBAAE,MAAA,CAAO;AAAA,EACvD,SAAA,EAAWA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,YAAA,EAAcA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC;AAC1E,CAAC;AAEM,IAAM,4BAAA,GAA+BA,mBAAE,MAAA,CAAO;AAAA,EACnD,SAAA,EAAWA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,YAAA,EAAcA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC,CAAA;AAAA,EACxE,QAAA,EAAUA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,6CAA6C;AAC7E,CAAC;AAEM,IAAM,0BAAA,GAA6BA,mBAAE,MAAA,CAAO;AAAA,EACjD,SAAA,EAAWA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,wCAAwC;AACtE,CAAC;AAMM,IAAM,qBAAA,GAAwBA,mBAAE,MAAA,CAAO;AAAA,EAC5C,IAAA,EAAMA,mBAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,CAAC,CAAA;AAAA,EAC5C,OAAA,EAASA,mBAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,EAAE;AAClD,CAAC;AAEM,IAAM,oBAAA,GAAuBA,mBAAE,MAAA,CAAO;AAAA,EAC3C,IAAA,EAAMA,mBAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,CAAC,CAAA;AAAA,EAC5C,OAAA,EAASA,mBAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,EAAE,CAAA;AAAA,EAChD,SAASA,kBAAA,CAAE,MAAA,CAAO,QAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA;AAAA,EAC1C,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACrB,CAAC;AAMM,IAAM,uBAAA,GAA0BA,mBAAE,MAAA,CAAO;AAAA,EAC9C,IAAA,EAAMA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qBAAqB,CAAA;AAAA,EAC/C,aAAaA,kBAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,4BAA4B,CAAA;AAAA,EACxE,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,WAAA,EAAa,eAAA,CAAgB,QAAA,CAAS,uCAAuC,CAAA;AAAA,EAC7E,iBAAA,EAAmB,eAAA,CAAgB,QAAA,CAAS,6CAA6C,CAAA;AAAA,EACzF,oBAAA,EAAsB,eAAA,CAAgB,QAAA,CAAS,uDAAuD,CAAA;AAAA,EACtG,YAAYA,kBAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,mDAAmD,CAAA;AAAA,EAC9F,SAAA,EAAWA,kBAAA,CAAE,KAAA,CAAMA,kBAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,oDAAoD;AACzG,CAAC;AAEM,IAAM,uBAAA,GAA0BA,mBAAE,MAAA,CAAO;AAAA,EAC9C,MAAMA,kBAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EAC1D,aAAaA,kBAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,4BAA4B,CAAA;AAAA,EACxE,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,WAAA,EAAa,eAAA,CAAgB,QAAA,CAAS,uCAAuC,CAAA;AAAA,EAC7E,iBAAA,EAAmB,eAAA,CAAgB,QAAA,CAAS,6CAA6C,CAAA;AAAA,EACzF,oBAAA,EAAsB,eAAA,CAAgB,QAAA,CAAS,uDAAuD,CAAA;AAAA,EACtG,IAAA,EAAMA,kBAAA,CAAE,KAAA,CAAMA,kBAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,qDAAqD,CAAA;AAAA,EACnG,YAAYA,kBAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,mDAAmD,CAAA;AAAA,EAC9F,SAAA,EAAWA,kBAAA,CAAE,KAAA,CAAMA,kBAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,oDAAoD;AACzG,CAAC;AAEM,IAAM,iBAAA,GAAoBA,mBAAE,MAAA,CAAO;AAAA,EACxC,KAAA,EAAOA,kBAAA,CAAE,OAAA,EAAQ,CAAE,SAAS,iCAAiC,CAAA;AAAA,EAC7D,aAAaA,kBAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,gCAAgC,CAAA;AAAA,EAC7E,cAAA,EAAgBA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,sCAAsC,CAAA;AAAA,EAC5G,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,MAAA,EAAQ;AACV,CAAC;AAEM,IAAM,oBAAA,GAAuBA,mBAAE,MAAA,CAAO;AAAA,EAC3C,OAAOA,kBAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,iCAAiC,CAAA;AAAA,EACxE,aAAaA,kBAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,gCAAgC,CAAA;AAAA,EAC7E,cAAA,EAAgBA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,sCAAsC,CAAA;AAAA,EAC5G,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,MAAA,EAAQ;AACV,CAAC;AAEM,IAAM,2BAAA,GAA8BA,mBAAE,MAAA,CAAO;AAAA,EAClD,UAAA,EAAYA,kBAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,YAAY,QAAQ,CAAC,CAAA,CAAE,QAAA,CAAS,+BAA+B,CAAA;AAAA,EAC5F,QAAA,EAAUA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,kBAAkB,CAAA;AAAA,EAChD,SAAA,EAAWA,kBAAA,CAAE,KAAA,CAAMA,kBAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,yBAAyB,CAAA;AAAA,EAC5E,OAAA,EAASA,kBAAA,CAAE,MAAA,CAAO,MAAA,EAAO,CAAE,KAAI,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,iCAAiC,CAAA;AAAA,EACtF,gBAAgBA,kBAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,+BAA+B,CAAA;AAAA,EAC9E,cAAA,EAAgBA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,6CAA6C;AACrH,CAAC;AAEM,IAAM,4BAAA,GAA+BA,mBAAE,MAAA,CAAO;AAAA,EACnD,aAAA,EAAeA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,2BAA2B,CAAA;AAAA,EAC9D,aAAA,EAAeA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,4BAA4B;AACjE,CAAC;AAOM,IAAM,qBAAA,GAAwBA,mBAAE,MAAA,CAAO;AAAA,EAC5C,EAAA,EAAIA,mBAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAMA,mBAAE,MAAA,EAAO;AAAA,EACf,aAAaA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,GAAW,QAAA,EAAS;AAAA,EAC5C,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,EAAO,EAAGA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAChE,WAAA,EAAaA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACxD,iBAAA,EAAmBA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EAC9D,oBAAA,EAAsBA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACjE,IAAA,EAAMA,mBAAE,KAAA,CAAMA,kBAAA,CAAE,QAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC9C,YAAYA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,GAAW,QAAA,EAAS;AAAA,EAC3C,SAAA,EAAWA,mBAAE,KAAA,CAAMA,kBAAA,CAAE,QAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EACnD,OAAA,EAASA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EACxB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAGM,IAAM,yBAAA,GAA4BA,mBAAE,MAAA,CAAO;AAAA,EAChD,EAAA,EAAIA,mBAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAWA,mBAAE,MAAA,EAAO;AAAA,EACpB,cAAA,EAAgBA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EAC/B,KAAA,EAAOA,mBAAE,OAAA,EAAQ;AAAA,EACjB,WAAA,EAAaA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,cAAA,EAAgBA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EAC3D,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,MAAA,EAAQ,uBAAA;AAAA,EACR,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAGM,IAAM,wBAAA,GAA2BA,mBAAE,MAAA,CAAO;AAAA,EAC/C,EAAA,EAAIA,mBAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAWA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,gBAAgBA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EAC1C,UAAA,EAAYA,mBAAE,IAAA,CAAK,CAAC,SAAS,UAAA,EAAY,QAAA,EAAU,WAAW,CAAC,CAAA;AAAA,EAC/D,QAAA,EAAUA,mBAAE,MAAA,EAAO;AAAA,EACnB,IAAA,EAAMA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,WAAA,EAAaA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,MAAA,EAAQA,mBAAE,IAAA,CAAK,CAAC,WAAW,SAAA,EAAW,WAAA,EAAa,QAAQ,CAAC,CAAA;AAAA,EAC5D,UAAA,EAAYA,mBAAE,MAAA,EAAO;AAAA,EACrB,cAAA,EAAgBA,mBAAE,MAAA,EAAO;AAAA,EACzB,WAAA,EAAaA,mBAAE,MAAA,EAAO;AAAA,EACtB,YAAA,EAAcA,mBAAE,MAAA,EAAO;AAAA,EACvB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,GAAO,QAAA,EAAS;AAAA,EACpC,WAAA,EAAaA,kBAAA,CAAE,MAAA,CAAO,IAAA,GAAO,QAAA,EAAS;AAAA,EACtC,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAGM,IAAM,kBAAA,GAAqBA,mBAAE,MAAA,CAAO;AAAA,EACzC,QAAA,EAAUA,mBAAE,MAAA,EAAO;AAAA,EACnB,UAAA,EAAYA,mBAAE,MAAA,EAAO;AAAA,EACrB,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACpB,CAAC;AAGM,IAAM,8BAAA,GAAiCA,mBAAE,MAAA,CAAO;AAAA,EACrD,EAAA,EAAIA,mBAAE,MAAA,EAAO;AAAA,EACb,YAAA,EAAcA,mBAAE,MAAA,EAAO;AAAA,EACvB,MAAA,EAAQA,mBAAE,MAAA,EAAO;AAAA,EACjB,oBAAoBA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EAC9C,KAAA,EAAOA,mBAAE,OAAA,EAAQ;AAAA,EACjB,MAAA,EAAQA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC7B,WAAA,EAAaA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,KAAA,EAAOA,mBACJ,MAAA,CAAO;AAAA,IACN,OAAA,EAASA,mBAAE,MAAA,EAAO;AAAA,IAClB,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAC3B,IAAA,EAAMA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,GAC3B,EACA,QAAA,EAAS;AAAA,EACZ,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,WAAA,EAAaA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EAC3B,UAAA,EAAYA,mBAAE,MAAA,EAAO;AAAA,EACrB,OAAA,EAASA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,MAAA,EAAQA,kBAAA,CAAE,IAAA,CAAK,CAAC,cAAA,EAAgB,UAAA,EAAY,UAAU,CAAC,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC7E,IAAA,EAAMA,mBAAE,KAAA,CAAMA,kBAAA,CAAE,QAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC9C,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAEM,IAAM,gCAAA,GAAmCA,mBAAE,MAAA,CAAO;AAAA,EACvD,MAAA,EAAQA,kBAAA,CAAE,IAAA,CAAK,CAAC,cAAA,EAAgB,UAAA,EAAY,UAAU,CAAC,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC7E,MAAMA,kBAAA,CAAE,KAAA,CAAMA,mBAAE,MAAA,EAAQ,EAAE,QAAA;AAC5B,CAAC;AAGD,IAAM,oBAAA,GAAuBA,mBAAE,MAAA,CAAO;AAAA,EACpC,MAAA,EAAQA,mBAAE,MAAA,EAAO;AAAA,EACjB,KAAA,EAAOA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC5B,WAAA,EAAaA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,SAASA,kBAAA,CAAE,MAAA;AAAA,IACTA,mBAAE,MAAA,EAAO;AAAA,IACTA,mBACG,MAAA,CAAO;AAAA,MACN,MAAA,EAAQA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAC7B,MAAA,EAAQA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAU;AAAA,KACnD,EACA,QAAA;AAAS;AAEhB,CAAC,CAAA;AAGM,IAAM,wBAAA,GAA2BA,mBAAE,MAAA,CAAO;AAAA,EAC/C,UAAA,EAAYA,mBAAE,MAAA,EAAO;AAAA,EACrB,KAAA,EAAOA,kBAAA,CAAE,KAAA,CAAM,oBAAoB;AACrC,CAAC;AAIM,IAAM,+BAAA,GAAkCA,mBAAE,MAAA,CAAO;AAAA,EACtD,YAAA,EAAcA,mBAAE,MAAA,EAAO;AAAA,EACvB,MAAA,EAAQA,mBAAE,IAAA,CAAK,CAAC,WAAW,SAAA,EAAW,WAAA,EAAa,QAAQ,CAAC,CAAA;AAAA,EAC5D,UAAA,EAAYA,mBAAE,MAAA,EAAO;AAAA,EACrB,cAAA,EAAgBA,mBAAE,MAAA,EAAO;AAAA,EACzB,WAAA,EAAaA,mBAAE,MAAA,EAAO;AAAA,EACtB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,WAAA,EAAaA,kBAAA,CAAE,MAAA,CAAO,IAAA,GAAO,QAAA,EAAS;AAAA,EACtC,SAASA,kBAAA,CAAE,KAAA;AAAA,IACTA,mBAAE,MAAA,CAAO;AAAA,MACP,MAAA,EAAQA,mBAAE,MAAA,EAAO;AAAA,MACjB,oBAAoBA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,MAC9C,KAAA,EAAOA,mBAAE,OAAA,EAAQ;AAAA,MACjB,MAAA,EAAQA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAC7B,WAAA,EAAaA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAClC,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,MAC3B,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,MACzB,WAAA,EAAaA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,MAC3B,UAAA,EAAYA,mBAAE,MAAA,EAAO;AAAA,MACrB,QAAQA,kBAAA,CAAE,KAAA;AAAA,QACRA,mBAAE,MAAA,CAAO;AAAA,UACP,QAAA,EAAUA,mBAAE,MAAA,EAAO;AAAA,UACnB,UAAA,EAAYA,mBAAE,MAAA,EAAO;AAAA,UACrB,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,UAC3B,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,UAC5B,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,SAC5B;AAAA;AACH,KACD;AAAA;AAEL,CAAC;AAMM,IAAM,0BAAA,GAA6BA,mBAAE,MAAA,CAAO;AAAA,EACjD,QAAA,EAAUA,kBAAA,CAAE,KAAA,CAAM,qBAAqB,CAAA;AAAA,EACvC,UAAA,EAAYC;AACd,CAAC;AAEM,IAAM,uBAAA,GAA0BD,mBAAE,MAAA,CAAO;AAAA,EAC9C,KAAA,EAAOA,kBAAA,CAAE,KAAA,CAAM,yBAAyB,CAAA;AAAA,EACxC,UAAA,EAAYC;AACd,CAAC;AAEM,IAAM,6BAAA,GAAgCD,mBAAE,MAAA,CAAO;AAAA,EACpD,WAAA,EAAaA,kBAAA,CAAE,KAAA,CAAM,wBAAwB,CAAA;AAAA,EAC7C,UAAA,EAAYC;AACd,CAAC;AAEM,IAAM,mCAAA,GAAsCD,mBAAE,MAAA,CAAO;AAAA,EAC1D,OAAA,EAASA,kBAAA,CAAE,KAAA,CAAM,8BAA8B,CAAA;AAAA,EAC/C,UAAA,EAAYC;AACd,CAAC;AAOM,IAAM,4BAAA,GAA+BD,mBAAE,MAAA,CAAO;AAAA,EACnD,SAAA,EAAWA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,wCAAwC,CAAA;AAAA,EACpE,cAAA,EAAgBA,mBAAE,MAAA,CAAO,MAAA,GAAS,GAAA,EAAI,CAAE,SAAS,wBAAwB;AAC3E,CAAC;AAGM,IAAM,yBAAA,GAA4BA,mBAAE,MAAA,CAAO;AAAA,EAChD,EAAA,EAAIA,mBAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAWA,mBAAE,MAAA,EAAO;AAAA,EACpB,cAAA,EAAgBA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EAC/B,KAAA,EAAOA,mBAAE,OAAA,EAAQ;AAAA,EACjB,WAAA,EAAaA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,SAASA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EACnC,SAAA,EAAWA,mBAAE,OAAA,EAAQ;AAAA,EACrB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAEM,IAAM,8BAAA,GAAiCA,mBAAE,MAAA,CAAO;AAAA,EACrD,OAAA,EAASA,kBAAA,CAAE,KAAA,CAAM,yBAAyB;AAC5C,CAAC;AAGM,IAAM,4BAAA,GAA+BA,mBAAE,MAAA,CAAO;AAAA,EACnD,EAAA,EAAIA,mBAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAWA,mBAAE,MAAA,EAAO;AAAA,EACpB,OAAA,EAASA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EACxB,SAAA,EAAWA,kBAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAEM,IAAM,iCAAA,GAAoCA,mBAAE,MAAA,CAAO;AAAA,EACxD,QAAA,EAAUA,kBAAA,CAAE,KAAA,CAAM,4BAA4B,CAAA;AAAA,EAC9C,UAAA,EAAYC;AACd,CAAC;AAMM,IAAM,0BAAA,GAA6BD,mBAAE,MAAA,CAAO;AAAA,EACjD,OAAOA,kBAAA,CAAE,KAAA;AAAA,IACPA,mBAAE,MAAA,CAAO;AAAA,MACP,KAAA,EAAOA,mBAAE,OAAA,EAAQ;AAAA,MACjB,WAAA,EAAaA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAClC,cAAA,EAAgBA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,MAC3D,QAAA,EAAUA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,MACrD,MAAA,EAAQ;AAAA,KACT;AAAA;AAEL,CAAC;AAEM,IAAM,8BAAA,GAAiCA,mBAAE,MAAA,CAAO;AAAA,EACrD,KAAA,EAAOA,kBAAA,CAAE,KAAA,CAAM,yBAAyB,CAAA;AAAA,EACxC,KAAA,EAAOA,mBAAE,MAAA;AACX,CAAC;AAEM,IAAM,0BAAA,GAA6BA,mBAAE,MAAA,CAAO;AAAA,EACjD,OAAA,EAASA,kBAAA,CAAE,KAAA,CAAMA,kBAAA,CAAE,QAAQ;AAC7B,CAAC;AAEM,IAAM,8BAAA,GAAiCA,mBAAE,MAAA,CAAO;AAAA,EACrD,OAAA,EAASA,mBAAE,OAAA,EAAQ;AAAA,EACnB,YAAA,EAAcA,mBAAE,MAAA;AAClB,CAAC;AAMM,IAAM,uBAAA,GAA0BA,mBAAE,MAAA,CAAO;AAAA,EAC9C,OAAA,EAASA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qEAAqE,CAAA;AAAA,EAClG,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,kDAAkD,CAAA;AAAA,EAC9E,OAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,EAAE,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAA,CAAE,SAAS,6BAA6B,CAAA;AAAA,EACxF,YAAA,EAAcA,mBACX,MAAA,CAAO;AAAA,IACN,WAAA,EAAaA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACjC,YAAA,EAAcA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAClC,OAAOA,kBAAA,CAAE,KAAA,CAAMA,mBAAE,MAAA,EAAQ,EAAE,QAAA;AAAS,GACrC,CAAA,CACA,QAAA,EAAS,CACT,SAAS,wDAAwD;AACtE,CAAC;AAED,IAAM,mBAAA,GAAsBA,mBAAE,MAAA,CAAO;AAAA,EACnC,KAAA,EAAOA,mBAAE,OAAA,EAAQ;AAAA,EACjB,WAAA,EAAaA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AAC3B,CAAC,CAAA;AAEM,IAAM,2BAAA,GAA8BA,mBAAE,MAAA,CAAO;AAAA,EAClD,KAAA,EAAOA,kBAAA,CAAE,KAAA,CAAM,mBAAmB;AACpC,CAAC;AAMM,IAAM,yBAAA,GAA4BA,mBAAE,MAAA,CAAO;AAAA,EAChD,OAAA,EAASA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qEAAqE,CAAA;AAAA,EAClG,OAAOA,kBAAA,CACJ,KAAA;AAAA,IACCA,mBAAE,MAAA,CAAO;AAAA,MACP,EAAA,EAAIA,mBAAE,MAAA,EAAO;AAAA,MACb,KAAA,EAAOA,mBAAE,OAAA,EAAQ;AAAA,MACjB,MAAA,EAAQA,kBAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAC7B,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,MAC3B,MAAA,EAAQA,kBAAA,CAAE,MAAA,CAAOA,kBAAA,CAAE,MAAA,IAAUA,kBAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS;AAAA,MAClD,YAAA,EAAcA,kBAAA,CAAE,KAAA,CAAMA,kBAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,mCAAmC;AAAA,KAC1F;AAAA,GACH,CACC,IAAI,CAAC,CAAA,CACL,IAAI,GAAG,CAAA,CACP,SAAS,0BAA0B,CAAA;AAAA,EACtC,aAAA,EAAeA,kBAAA,CACZ,KAAA,CAAMA,kBAAA,CAAE,MAAA,EAAQ,CAAA,CAChB,QAAA,EAAS,CACT,QAAA,CAAS,qGAAqG,CAAA;AAAA,EACjH,QAAQA,kBAAA,CACL,MAAA,GACA,QAAA,EAAS,CACT,SAAS,yFAAyF;AACvG,CAAC;AAED,IAAM,oBAAA,GAAuBA,mBAAE,MAAA,CAAO;AAAA,EACpC,EAAA,EAAIA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,6BAA6B,CAAA;AAAA,EACrD,KAAA,EAAOA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC,CAAA;AAAA,EACjE,WAAA,EAAaA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EACpE,OAAA,EAASA,mBAAE,KAAA,CAAMA,kBAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,wCAAwC;AAChF,CAAC,CAAA;AAEM,IAAM,6BAAA,GAAgCA,mBAAE,MAAA,CAAO;AAAA,EACpD,QAAA,EAAUA,kBAAA,CAAE,KAAA,CAAM,oBAAoB,CAAA;AAAA;AAAA,EAEtC,cAAcA,kBAAA,CACX,KAAA;AAAA,IACCA,mBAAE,MAAA,CAAO;AAAA,MACP,MAAA,EAAQA,mBAAE,MAAA,EAAO;AAAA,MACjB,IAAA,EAAMA,kBAAA,CAAE,KAAA,CAAMA,kBAAA,CAAE,QAAQ,CAAA;AAAA,MACxB,MAAA,EAAQA,kBAAA,CAAE,MAAA,EAAO,CAAE,SAAS,gEAAgE;AAAA,KAC7F;AAAA,IAEF,QAAA;AACL,CAAC","file":"chunk-N5RFB7A4.cjs","sourcesContent":["import z from 'zod';\nimport { paginationInfoSchema } from './common';\n\n// ============================================================================\n// JSON Schema Types (for inputSchema/groundTruthSchema fields)\n// ============================================================================\n\n// JSON Schema type (simplified for storage - full spec too complex)\nconst jsonSchemaObject: z.ZodType<Record<string, unknown>> = z.lazy(() => z.record(z.string(), z.unknown()));\n\n// JSON Schema field (object or null to disable)\nconst jsonSchemaField = z.union([jsonSchemaObject, z.null()]).optional();\n\n// Dataset item source tracking\nconst datasetItemSourceSchema = z\n .object({\n type: z.enum(['csv', 'json', 'trace', 'llm', 'experiment-result']).describe('How this item was created'),\n referenceId: z.string().optional().describe('Reference identifier (e.g., trace id, csv filename)'),\n })\n .optional()\n .describe('Source/provenance of this dataset item');\n\n// ============================================================================\n// Path Parameter Schemas\n// ============================================================================\n\nexport const datasetIdPathParams = z.object({\n datasetId: z.string().describe('Unique identifier for the dataset'),\n});\n\nexport const experimentIdPathParams = z.object({\n experimentId: z.string().describe('Unique identifier for the experiment'),\n});\n\nexport const itemIdPathParams = z.object({\n itemId: z.string().describe('Unique identifier for the dataset item'),\n});\n\nexport const datasetAndExperimentIdPathParams = z.object({\n datasetId: z.string().describe('Unique identifier for the dataset'),\n experimentId: z.string().describe('Unique identifier for the experiment'),\n});\n\nexport const experimentResultIdPathParams = z.object({\n datasetId: z.string().describe('Unique identifier for the dataset'),\n experimentId: z.string().describe('Unique identifier for the experiment'),\n resultId: z.string().describe('Unique identifier for the experiment result'),\n});\n\nexport const datasetAndItemIdPathParams = z.object({\n datasetId: z.string().describe('Unique identifier for the dataset'),\n itemId: z.string().describe('Unique identifier for the dataset item'),\n});\n\n// ============================================================================\n// Query Parameter Schemas\n// ============================================================================\n\nexport const paginationQuerySchema = z.object({\n page: z.coerce.number().optional().default(0),\n perPage: z.coerce.number().optional().default(10),\n});\n\nexport const listItemsQuerySchema = z.object({\n page: z.coerce.number().optional().default(0),\n perPage: z.coerce.number().optional().default(10),\n version: z.coerce.number().int().optional(), // Optional version filter for snapshot semantics\n search: z.string().optional(),\n});\n\n// ============================================================================\n// Request Body Schemas\n// ============================================================================\n\nexport const createDatasetBodySchema = z.object({\n name: z.string().describe('Name of the dataset'),\n description: z.string().optional().describe('Description of the dataset'),\n metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n inputSchema: jsonSchemaField.describe('JSON Schema for validating item input'),\n groundTruthSchema: jsonSchemaField.describe('JSON Schema for validating item groundTruth'),\n requestContextSchema: jsonSchemaField.describe('JSON Schema describing expected request context shape'),\n targetType: z.string().optional().describe('Target entity type (e.g. agent, workflow, scorer)'),\n targetIds: z.array(z.string()).optional().describe('IDs of target entities this dataset is attached to'),\n});\n\nexport const updateDatasetBodySchema = z.object({\n name: z.string().optional().describe('Name of the dataset'),\n description: z.string().optional().describe('Description of the dataset'),\n metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n inputSchema: jsonSchemaField.describe('JSON Schema for validating item input'),\n groundTruthSchema: jsonSchemaField.describe('JSON Schema for validating item groundTruth'),\n requestContextSchema: jsonSchemaField.describe('JSON Schema describing expected request context shape'),\n tags: z.array(z.string()).optional().describe('Tag definitions for categorizing experiment results'),\n targetType: z.string().optional().describe('Target entity type (e.g. agent, workflow, scorer)'),\n targetIds: z.array(z.string()).optional().describe('IDs of target entities this dataset is attached to'),\n});\n\nexport const addItemBodySchema = z.object({\n input: z.unknown().describe('Input data for the dataset item'),\n groundTruth: z.unknown().optional().describe('Expected output for comparison'),\n requestContext: z.record(z.string(), z.unknown()).optional().describe('Request context preset for this item'),\n metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n source: datasetItemSourceSchema,\n});\n\nexport const updateItemBodySchema = z.object({\n input: z.unknown().optional().describe('Input data for the dataset item'),\n groundTruth: z.unknown().optional().describe('Expected output for comparison'),\n requestContext: z.record(z.string(), z.unknown()).optional().describe('Request context preset for this item'),\n metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n source: datasetItemSourceSchema,\n});\n\nexport const triggerExperimentBodySchema = z.object({\n targetType: z.enum(['agent', 'workflow', 'scorer']).describe('Type of target to run against'),\n targetId: z.string().describe('ID of the target'),\n scorerIds: z.array(z.string()).optional().describe('IDs of scorers to apply'),\n version: z.coerce.number().int().optional().describe('Pin to specific dataset version'),\n maxConcurrency: z.number().optional().describe('Maximum concurrent executions'),\n requestContext: z.record(z.string(), z.unknown()).optional().describe('Global request context passed to the target'),\n});\n\nexport const compareExperimentsBodySchema = z.object({\n experimentIdA: z.string().describe('ID of baseline experiment'),\n experimentIdB: z.string().describe('ID of candidate experiment'),\n});\n\n// ============================================================================\n// Response Schemas\n// ============================================================================\n\n// Dataset entity schema\nexport const datasetResponseSchema = z.object({\n id: z.string(),\n name: z.string(),\n description: z.string().optional().nullable(),\n metadata: z.record(z.string(), z.unknown()).optional().nullable(),\n inputSchema: z.record(z.string(), z.unknown()).optional(),\n groundTruthSchema: z.record(z.string(), z.unknown()).optional(),\n requestContextSchema: z.record(z.string(), z.unknown()).optional(),\n tags: z.array(z.string()).optional().nullable(),\n targetType: z.string().optional().nullable(),\n targetIds: z.array(z.string()).optional().nullable(),\n version: z.number().int(),\n createdAt: z.coerce.date(),\n updatedAt: z.coerce.date(),\n});\n\n// Dataset item entity schema\nexport const datasetItemResponseSchema = z.object({\n id: z.string(),\n datasetId: z.string(),\n datasetVersion: z.number().int(),\n input: z.unknown(),\n groundTruth: z.unknown().optional(),\n requestContext: z.record(z.string(), z.unknown()).optional(),\n metadata: z.record(z.string(), z.unknown()).optional(),\n source: datasetItemSourceSchema,\n createdAt: z.coerce.date(),\n updatedAt: z.coerce.date(),\n});\n\n// Experiment entity schema\nexport const experimentResponseSchema = z.object({\n id: z.string(),\n datasetId: z.string().nullable(),\n datasetVersion: z.number().int().nullable(),\n targetType: z.enum(['agent', 'workflow', 'scorer', 'processor']),\n targetId: z.string(),\n name: z.string().optional(),\n description: z.string().optional(),\n metadata: z.record(z.string(), z.unknown()).optional(),\n status: z.enum(['pending', 'running', 'completed', 'failed']),\n totalItems: z.number(),\n succeededCount: z.number(),\n failedCount: z.number(),\n skippedCount: z.number(),\n startedAt: z.coerce.date().nullable(),\n completedAt: z.coerce.date().nullable(),\n createdAt: z.coerce.date(),\n updatedAt: z.coerce.date(),\n});\n\n// Scorer result schema\nexport const scorerResultSchema = z.object({\n scorerId: z.string(),\n scorerName: z.string(),\n score: z.number().nullable(),\n reason: z.string().nullable(),\n error: z.string().nullable(),\n});\n\n// Experiment result entity schema\nexport const experimentResultResponseSchema = z.object({\n id: z.string(),\n experimentId: z.string(),\n itemId: z.string(),\n itemDatasetVersion: z.number().int().nullable(),\n input: z.unknown(),\n output: z.unknown().nullable(),\n groundTruth: z.unknown().nullable(),\n error: z\n .object({\n message: z.string(),\n stack: z.string().optional(),\n code: z.string().optional(),\n })\n .nullable(),\n startedAt: z.coerce.date(),\n completedAt: z.coerce.date(),\n retryCount: z.number(),\n traceId: z.string().nullable(),\n status: z.enum(['needs-review', 'reviewed', 'complete']).nullable().optional(),\n tags: z.array(z.string()).nullable().optional(),\n createdAt: z.coerce.date(),\n});\n\nexport const updateExperimentResultBodySchema = z.object({\n status: z.enum(['needs-review', 'reviewed', 'complete']).nullable().optional(),\n tags: z.array(z.string()).optional(),\n});\n\n// Comparison item schema (MVP shape)\nconst comparisonItemSchema = z.object({\n itemId: z.string(),\n input: z.unknown().nullable(),\n groundTruth: z.unknown().nullable(),\n results: z.record(\n z.string(),\n z\n .object({\n output: z.unknown().nullable(),\n scores: z.record(z.string(), z.number().nullable()),\n })\n .nullable(),\n ),\n});\n\n// Comparison result schema\nexport const comparisonResponseSchema = z.object({\n baselineId: z.string(),\n items: z.array(comparisonItemSchema),\n});\n\n// Experiment summary schema (returned by trigger experiment)\n// Note: completedAt is nullable for pending/running experiments (async trigger)\nexport const experimentSummaryResponseSchema = z.object({\n experimentId: z.string(),\n status: z.enum(['pending', 'running', 'completed', 'failed']),\n totalItems: z.number(),\n succeededCount: z.number(),\n failedCount: z.number(),\n startedAt: z.coerce.date(),\n completedAt: z.coerce.date().nullable(),\n results: z.array(\n z.object({\n itemId: z.string(),\n itemDatasetVersion: z.number().int().nullable(),\n input: z.unknown(),\n output: z.unknown().nullable(),\n groundTruth: z.unknown().nullable(),\n error: z.string().nullable(),\n startedAt: z.coerce.date(),\n completedAt: z.coerce.date(),\n retryCount: z.number(),\n scores: z.array(\n z.object({\n scorerId: z.string(),\n scorerName: z.string(),\n score: z.number().nullable(),\n reason: z.string().nullable(),\n error: z.string().nullable(),\n }),\n ),\n }),\n ),\n});\n\n// ============================================================================\n// List Response Schemas\n// ============================================================================\n\nexport const listDatasetsResponseSchema = z.object({\n datasets: z.array(datasetResponseSchema),\n pagination: paginationInfoSchema,\n});\n\nexport const listItemsResponseSchema = z.object({\n items: z.array(datasetItemResponseSchema),\n pagination: paginationInfoSchema,\n});\n\nexport const listExperimentsResponseSchema = z.object({\n experiments: z.array(experimentResponseSchema),\n pagination: paginationInfoSchema,\n});\n\nexport const listExperimentResultsResponseSchema = z.object({\n results: z.array(experimentResultResponseSchema),\n pagination: paginationInfoSchema,\n});\n\n// ============================================================================\n// Version Schemas\n// ============================================================================\n\n// Path params for item version routes\nexport const datasetItemVersionPathParams = z.object({\n datasetId: z.string().describe('Unique identifier for the dataset'),\n itemId: z.string().describe('Unique identifier for the dataset item'),\n datasetVersion: z.coerce.number().int().describe('Dataset version number'),\n});\n\n// Item history row response schema (SCD-2 DatasetItemRow shape)\nexport const itemVersionResponseSchema = z.object({\n id: z.string(),\n datasetId: z.string(),\n datasetVersion: z.number().int(),\n input: z.unknown(),\n groundTruth: z.unknown().optional(),\n metadata: z.record(z.string(), z.unknown()).optional(),\n validTo: z.number().int().nullable(),\n isDeleted: z.boolean(),\n createdAt: z.coerce.date(),\n updatedAt: z.coerce.date(),\n});\n\nexport const listItemVersionsResponseSchema = z.object({\n history: z.array(itemVersionResponseSchema),\n});\n\n// Dataset version response schema\nexport const datasetVersionResponseSchema = z.object({\n id: z.string(),\n datasetId: z.string(),\n version: z.number().int(),\n createdAt: z.coerce.date(),\n});\n\nexport const listDatasetVersionsResponseSchema = z.object({\n versions: z.array(datasetVersionResponseSchema),\n pagination: paginationInfoSchema,\n});\n\n// ============================================================================\n// Batch Operation Schemas\n// ============================================================================\n\nexport const batchInsertItemsBodySchema = z.object({\n items: z.array(\n z.object({\n input: z.unknown(),\n groundTruth: z.unknown().optional(),\n requestContext: z.record(z.string(), z.unknown()).optional(),\n metadata: z.record(z.string(), z.unknown()).optional(),\n source: datasetItemSourceSchema,\n }),\n ),\n});\n\nexport const batchInsertItemsResponseSchema = z.object({\n items: z.array(datasetItemResponseSchema),\n count: z.number(),\n});\n\nexport const batchDeleteItemsBodySchema = z.object({\n itemIds: z.array(z.string()),\n});\n\nexport const batchDeleteItemsResponseSchema = z.object({\n success: z.boolean(),\n deletedCount: z.number(),\n});\n\n// ============================================================================\n// AI Generation Schemas\n// ============================================================================\n\nexport const generateItemsBodySchema = z.object({\n modelId: z.string().describe('Model identifier in \"provider/model\" format (e.g., \"openai/gpt-4o\")'),\n prompt: z.string().describe('Description of the kind of test data to generate'),\n count: z.number().int().min(1).max(50).default(5).describe('Number of items to generate'),\n agentContext: z\n .object({\n description: z.string().optional(),\n instructions: z.string().optional(),\n tools: z.array(z.string()).optional(),\n })\n .optional()\n .describe('Context about the agent to generate relevant test data'),\n});\n\nconst generatedItemSchema = z.object({\n input: z.unknown(),\n groundTruth: z.unknown().optional(),\n});\n\nexport const generateItemsResponseSchema = z.object({\n items: z.array(generatedItemSchema),\n});\n\n// ============================================================================\n// Cluster Failures\n// ============================================================================\n\nexport const clusterFailuresBodySchema = z.object({\n modelId: z.string().describe('Model identifier in \"provider/model\" format (e.g., \"openai/gpt-4o\")'),\n items: z\n .array(\n z.object({\n id: z.string(),\n input: z.unknown(),\n output: z.unknown().optional(),\n error: z.string().optional(),\n scores: z.record(z.string(), z.number()).optional(),\n existingTags: z.array(z.string()).optional().describe('Tags already applied to this item'),\n }),\n )\n .min(1)\n .max(200)\n .describe('Failure items to cluster'),\n availableTags: z\n .array(z.string())\n .optional()\n .describe('Existing tag vocabulary from the dataset. The LLM should prefer reusing these tags when applicable.'),\n prompt: z\n .string()\n .optional()\n .describe('Optional user instructions to guide the analysis (e.g., \"focus on tool usage failures\")'),\n});\n\nconst failureClusterSchema = z.object({\n id: z.string().describe('A unique cluster identifier'),\n label: z.string().describe('Short label for this failure pattern'),\n description: z.string().describe('Description of the common pattern'),\n itemIds: z.array(z.string()).describe('IDs of items belonging to this cluster'),\n});\n\nexport const clusterFailuresResponseSchema = z.object({\n clusters: z.array(failureClusterSchema),\n /** Per-item proposed tag assignments. Each entry maps an item ID to the tags the LLM suggests adding. */\n proposedTags: z\n .array(\n z.object({\n itemId: z.string(),\n tags: z.array(z.string()),\n reason: z.string().describe('Brief explanation of why these tags were assigned to this item'),\n }),\n )\n .optional(),\n});\n"]}
package/dist/chunk-P4GHYEST.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/server/auth/defaults.ts","../src/server/auth/path-pattern.ts","../src/server/auth/helpers.ts"],"names":[],"mappings":";AAGO,IAAM,iBAAA,GAAsC;AAAA,EACjD,SAAA,EAAW,CAAC,QAAQ,CAAA;AAAA,EACpB,MAAA,EAAQ,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA;AAAA,EAE9B,KAAA,EAAO;AAAA;AAAA,IAEL;AAAA,MACE,WAAW,CAAA,IAAA,KAAQ;AACjB,QAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,IAAA,EAAM;AAC7C,UAAA,IAAI,aAAa,IAAA,EAAM;AACrB,YAAA,OAAO,CAAC,CAAC,IAAA,CAAK,OAAA;AAAA,UAChB;AAEA,UAAA,IAAI,UAAU,IAAA,EAAM;AAClB,YAAA,OAAO,KAAK,IAAA,KAAS,OAAA;AAAA,UACvB;AAAA,QACF;AACA,QAAA,OAAO,KAAA;AAAA,MACT,CAAA;AAAA,MACA,KAAA,EAAO;AAAA;AACT;AAEJ;;;ACcO,SAAS,KAAA,CAAM,OAAwB,KAAA,EAAgC;AAC5E,EAAA,IAAI,iBAAiB,MAAA,EAAQ,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAM;AAElE,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,MAAM,OAAiB,EAAC;AACxB,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAE3B,EAAA,GAAA,CAAI,CAAC,CAAA,IAAK,GAAA,CAAI,KAAA,EAAM;AAEpB,EAAA,OAAQ,GAAA,GAAM,GAAA,CAAI,KAAA,EAAM,EAAI;AAC1B,IAAA,CAAA,GAAI,IAAI,CAAC,CAAA;AACT,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,OAAA,IAAW,GAAA,CAAI,CAAC,CAAA,KAAM,GAAA,GAAM,YAAA,GAAe,OAAA;AAAA,IAC7C,CAAA,MAAA,IAAW,MAAM,GAAA,EAAK;AACpB,MAAA,CAAA,GAAI,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACtB,MAAA,GAAA,GAAM,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACxB,MAAA,IAAA,CAAK,KAAK,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAC,CAAC,CAAA,GAAI,CAAA,GAAI,CAAC,CAAC,CAAC,GAAA,GAAM,GAAA,GAAM,GAAA,CAAI,MAAM,CAAC,CAAA;AAChE,MAAA,OAAA,IAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,gBAAA,GAAmB,WAAA;AAC9C,MAAA,IAAI,CAAC,CAAC,CAAC,GAAA,cAAiB,CAAC,CAAC,CAAC,CAAA,GAAI,GAAA,GAAM,EAAA,IAAM,IAAA,GAAO,GAAA,CAAI,UAAU,GAAG,CAAA;AAAA,IACrE,CAAA,MAAO;AACL,MAAA,OAAA,IAAW,GAAA,GAAM,GAAA;AAAA,IACnB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,OAAA,EAAS,IAAI,MAAA,CAAO,GAAA,GAAM,WAA+B,QAAQ,GAAG;AAAA,GACtE;AACF;;;AC5DO,IAAM,sBAAA,GAAyB,CACpC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,KAAM,IAAA;AAAA,EACtD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,KAAM,IAAA;AAAA,EACpD;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,YAAA,KAAiB,IAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAOO,IAAM,yBAAyB,CACpC,IAAA,EACA,MAAA,EACA,SAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OACE,OAAA,CAAQ,IAAI,UAAA,KAAe,MAAA;AAAA,GAEzB,CAAC,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,eAAe,KAAK,CAAC,sBAAA,CAAuB,IAAA,EAAM,MAAA,EAAQ,qBAAqB,CAAA;AAAA,EAEzG,SAAA,CAAU,yBAAyB,CAAA,KAAM,MAAA,CAAA;AAE/C;AAEO,IAAM,mBAAA,GAAsB,CACjC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA;AAAA,EAC/C;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,CAAC,YAAA;AAAA,IACV;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAQO,IAAM,eAAA,GAAkB,CAC7B,IAAA,EACA,MAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OAAO,UAAA,CAAW,MAAM,MAAA,EAAQ,eAAe,KAAK,sBAAA,CAAuB,IAAA,EAAM,QAAQ,qBAAqB,CAAA;AAChH;AAEO,IAAM,iBAAA,GAAoB,CAAC,IAAA,EAAc,MAAA,EAAgB,UAAA,KAA0C;AAExG,EAAA,MAAM,YAAA,GAAe,CAAC,GAAI,iBAAA,CAAkB,MAAA,IAAU,EAAC,EAAI,GAAI,UAAA,CAAW,MAAA,IAAU,EAAG,CAAA;AAEvF,EAAA,OAAO,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,YAAY,CAAA;AAC9C;AAEA,IAAM,UAAA,GAAa,CACjB,IAAA,EACA,MAAA,EACA,QAAA,KACY;AACZ,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,uBAAuB,QAAA,EAAU;AAC1C,IAAA,IAAI,+BAA+B,MAAA,EAAQ;AACzC,MAAA,IAAI,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,mBAAA,KAAwB,QAAA,IAAY,kBAAA,CAAmB,IAAA,EAAM,mBAAmB,CAAA,EAAG;AAC5F,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,MAAM,OAAA,CAAQ,mBAAmB,CAAA,IAAK,mBAAA,CAAoB,WAAW,CAAA,EAAG;AAC1E,MAAA,MAAM,CAAC,OAAA,EAAS,eAAe,CAAA,GAAI,mBAAA;AACnC,MAAA,IAAI,mBAAmB,IAAA,EAAM,OAAO,KAAK,iBAAA,CAAkB,eAAA,EAAiB,MAAM,CAAA,EAAG;AACnF,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT,CAAA;AAEO,IAAM,kBAAA,GAAqB,CAAC,IAAA,EAAc,OAAA,KAA6B;AAQ5E,EAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAM,GAAI,MAAM,OAAO,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,CAAA;AACxB;AAEO,IAAM,eAAA,GAAkB,CAAC,IAAA,EAAc,QAAA,KAA8D;AAC1G,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,IAAA,OAAO,kBAAA,CAAmB,MAAM,QAAQ,CAAA;AAAA,EAC1C;AAEA,EAAA,IAAI,oBAAoB,MAAA,EAAQ;AAC9B,IAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAC3B,IAAA,OAAO,SAAS,IAAA,CAAK,CAAA,CAAA,KAAK,kBAAA,CAAmB,IAAA,EAAM,CAAC,CAAC,CAAA;AAAA,EACvD;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,IAAM,iBAAA,GAAoB,CAAC,MAAA,EAA2B,KAAA,KAA2B;AACtF,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA,KAAW,KAAA;AAAA,EACpB;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,OAAO,MAAA,CAAO,SAAS,KAAK,CAAA;AAAA,EAC9B;AAEA,EAAA,OAAO,KAAA;AACT;AAqBA,IAAM,IAAA,GAAmB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAMnC,IAAM,kBAAA,GAAqB,OAAO,GAAA,KAAoD;AAC3F,EAAA,MAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAY,qBAAA,EAAuB,cAAA,EAAgB,UAAA,EAAY,KAAA,EAAM,GAAI,GAAA;AAOlH,EAAA,MAAM,eAAA,GAAkB,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,sBAAA,CAAuB,IAAA,EAAM,QAAQ,SAAA,EAAW,UAAA,EAAY,qBAAqB,CAAA,EAAG;AAC1G,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAY,qBAAqB,CAAA,EAAG;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,iBAAA,CAAkB,IAAA,EAAM,MAAA,EAAQ,UAAU,CAAA,EAAG;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAIA,EAAA,IAAI,IAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA,EAAY;AACtD,MAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,KAAA,IAAS,IAAI,UAAiB,CAAA;AAAA,IAC1E,CAAA,MAAO;AACL,MAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,IAC3D;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,IACrF;AAEA,IAAA,cAAA,CAAe,GAAA,CAAI,QAAQ,IAAI,CAAA;AAE/B,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,OAAO,SAAA,EAAU;AACtC,MAAA,MAAM,eAAe,YAAA,EAAc,IAAA;AAEnC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,SAAS,QAAA,IAAY,EAAE,QAAQ,IAAA,CAAA,EAAO;AACxD,UAAA,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA,CAAK,mFAAmF,CAAA;AAAA,QAC9G,CAAA,MAAO;AACL,UAAA,MAAM,WAAA,GAAc,MAAM,YAAA,CAAa,cAAA,CAAe,IAAc,CAAA;AACpE,UAAA,cAAA,CAAe,GAAA,CAAI,mBAAmB,WAAW,CAAA;AAEjD,UAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,QAAA,CAAS,IAAc,CAAA;AACxD,UAAA,cAAA,CAAe,GAAA,CAAI,aAAa,KAAK,CAAA;AAAA,QACvC;AAAA,MACF;AAAA,IACF,SAAS,SAAA,EAAW;AAClB,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,QACvE,KAAA,EAAO,SAAA,YAAqB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAU,OAAA,EAAS,KAAA,EAAO,SAAA,CAAU,KAAA,EAAM,GAAI;AAAA,OAC9F,CAAA;AAAA,IACH;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sBAAA,EAAwB;AAAA,MAChD,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,KAC5E,CAAA;AACD,IAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,EACrF;AAIA,EAAA,IAAI,eAAA,IAAmB,UAAA,IAAc,OAAO,UAAA,CAAW,kBAAkB,UAAA,EAAY;AACnF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,MAAM,UAAA,CAAW,aAAA,CAAc,MAAM,UAAiB,CAAA;AAE3E,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sCAAA,EAAwC;AAAA,QAChE,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,OAC5E,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,WAAW,WAAA,IAAe,UAAA,IAAc,OAAO,UAAA,CAAW,cAAc,UAAA,EAAY;AAClF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,IAAI,qBAAA,EAAsB;AAC/C,MAAA,MAAM,eAAe,MAAM,UAAA,CAAW,UAAU,IAAA,EAAM,MAAA,EAAQ,MAAM,YAAmB,CAAA;AAEvF,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,kCAAA,EAAoC;AAAA,QAC5D,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI,GAAA;AAAA,QAC3E,IAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,CAAA,MAAA,IAAW,WAAW,UAAA,IAAc,UAAA,CAAW,SAAS,UAAA,CAAW,KAAA,CAAM,SAAS,CAAA,EAAG;AACnF,IAAA,MAAM,eAAe,MAAM,UAAA,CAAW,WAAW,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAE1E,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,IAC1E;AAAA,EACF,CAAA,MAAO;AAIL,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACzC,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,IAAI,iBAAA,CAAkB,KAAA,IAAS,iBAAA,CAAkB,KAAA,CAAM,SAAS,CAAA,EAAG;AACjE,QAAA,MAAM,eAAe,MAAM,UAAA,CAAW,kBAAkB,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAEjF,QAAA,IAAI,CAAC,YAAA,EAAc;AACjB,UAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,QAC1E;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAGO,IAAM,UAAA,GAAa,OACxB,KAAA,EACA,IAAA,EACA,QACA,IAAA,KACqB;AAErB,EAAA,KAAA,MAAW,CAAA,IAAK,KAAA,IAAS,EAAC,EAAG;AAC3B,IAAA,MAAM,IAAA,GAAO,QAAQ,CAAC,CAAA;AAEtB,IAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,IAAA,CAAK,IAAI,CAAA,EAAG;AACrC,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,KAAK,OAAA,IAAW,CAAC,kBAAkB,IAAA,CAAK,OAAA,EAAS,MAAM,CAAA,EAAG;AAC5D,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,IAAA,IAAI,OAAO,cAAc,UAAA,EAAY;AACnC,MAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,OAAA,EAAQ,CACnC,IAAA,CAAK,MAAM,SAAA,CAAU,IAAI,CAAC,CAAA,CAC1B,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,KAAK,KAAA,EAAO;AACrB,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT","file":"chunk-P4GHYEST.js","sourcesContent":["import type { MastraAuthConfig } from '@mastra/core/server';\n\n// Default configuration that can be extended by clients\nexport const defaultAuthConfig: MastraAuthConfig = {\n protected: ['/api/*'],\n public: ['/api', '/api/auth/*'],\n // Simple rule system\n rules: [\n // Admin users can do anything\n {\n condition: user => {\n if (typeof user === 'object' && user !== null) {\n if ('isAdmin' in user) {\n return !!user.isAdmin;\n }\n\n if ('role' in user) {\n return user.role === 'admin';\n }\n }\n return false;\n },\n allow: true,\n },\n ],\n};\n","/**\n * Path pattern matching utility\n * Inlined from regexparam v3.0.0 (MIT License)\n * https://github.com/lukeed/regexparam\n *\n * Copyright (c) Luke Edwards <luke.edwards05@gmail.com> (lukeed.com)\n *\n * Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n *\n * The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n */\n\nexport interface ParsedPattern {\n keys: string[] | false;\n pattern: RegExp;\n}\n\n/**\n * Parse a route pattern into a RegExp\n * Supports:\n * - Named parameters: /users/:id\n * - Optional parameters: /users/:id?\n * - Wildcards: /files/*\n * - Mixed patterns: /api/:version/users/:id\n */\nexport function parse(input: string | RegExp, loose?: boolean): ParsedPattern {\n if (input instanceof RegExp) return { keys: false, pattern: input };\n\n let c: string;\n let o: number;\n let tmp: string | undefined;\n let ext: number;\n const keys: string[] = [];\n let pattern = '';\n const arr = input.split('/');\n\n arr[0] || arr.shift();\n\n while ((tmp = arr.shift())) {\n c = tmp[0]!;\n if (c === '*') {\n keys.push(c);\n pattern += tmp[1] === '?' ? '(?:/(.*))?' : '/(.*)';\n } else if (c === ':') {\n o = tmp.indexOf('?', 1);\n ext = tmp.indexOf('.', 1);\n keys.push(tmp.substring(1, !!~o ? o : !!~ext ? ext : tmp.length));\n pattern += !!~o && !~ext ? '(?:/([^/]+?))?' : '/([^/]+?)';\n if (!!~ext) pattern += (!!~o ? '?' : '') + '\\\\' + tmp.substring(ext);\n } else {\n pattern += '/' + tmp;\n }\n }\n\n return {\n keys: keys,\n pattern: new RegExp('^' + pattern + (loose ? '(?=$|/)' : '/?$'), 'i'),\n };\n}\n\n/**\n * Test if a path matches a pattern\n */\nexport function matchPath(path: string, pattern: string | RegExp): boolean {\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n}\n","import type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { Mastra } from '@mastra/core/mastra';\nimport type { MastraAuthConfig } from '@mastra/core/server';\n\nimport { defaultAuthConfig } from './defaults';\nimport { parse } from './path-pattern';\n\n/**\n * Check if a route is a registered custom route that requires authentication.\n * Returns true only if the route is explicitly registered with requiresAuth: true.\n * Returns false if the route is not in the config or has requiresAuth: false.\n */\nexport const isProtectedCustomRoute = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return customRouteAuthConfig.get(exactRouteKey) === true;\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return customRouteAuthConfig.get(allRouteKey) === true;\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return requiresAuth === true;\n }\n }\n\n return false; // Not in config = not a protected custom route\n};\n\n/**\n * Check if request is from dev playground\n * @param getHeader - Function to get header value from request\n * @param customRouteAuthConfig - Map of custom route auth configurations\n */\nexport const isDevPlaygroundRequest = (\n path: string,\n method: string,\n getHeader: (name: string) => string | undefined,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n return (\n process.env.MASTRA_DEV === 'true' &&\n // Allow if path doesn't match protected patterns AND is not a protected custom route\n ((!isAnyMatch(path, method, protectedAccess) && !isProtectedCustomRoute(path, method, customRouteAuthConfig)) ||\n // Or if has playground header\n getHeader('x-mastra-dev-playground') === 'true')\n );\n};\n\nexport const isCustomRoutePublic = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return !customRouteAuthConfig.get(exactRouteKey); // True when route opts out of auth\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return !customRouteAuthConfig.get(allRouteKey);\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return !requiresAuth; // True when route opts out of auth\n }\n }\n\n return false;\n};\n\n// NOTE: This uses isProtectedCustomRoute (default-allow for unknown paths) rather than\n// !isCustomRoutePublic (default-deny). This is intentional — all registered server and\n// custom routes are auth-checked via registerRoute/checkRouteAuth regardless of this\n// function. The '/api/*' protected pattern exists as a user-facing override mechanism.\n// The old default-deny logic incorrectly blocked non-API paths (e.g. '/', '/agents')\n// which prevented the studio login page from loading in production.\nexport const isProtectedPath = (\n path: string,\n method: string,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n return isAnyMatch(path, method, protectedAccess) || isProtectedCustomRoute(path, method, customRouteAuthConfig);\n};\n\nexport const canAccessPublicly = (path: string, method: string, authConfig: MastraAuthConfig): boolean => {\n // Check if this path+method combination is publicly accessible\n const publicAccess = [...(defaultAuthConfig.public || []), ...(authConfig.public || [])];\n\n return isAnyMatch(path, method, publicAccess);\n};\n\nconst isAnyMatch = (\n path: string,\n method: string,\n patterns: MastraAuthConfig['protected'] | MastraAuthConfig['public'],\n): boolean => {\n if (!patterns) {\n return false;\n }\n\n for (const patternPathOrMethod of patterns) {\n if (patternPathOrMethod instanceof RegExp) {\n if (patternPathOrMethod.test(path)) {\n return true;\n }\n }\n\n if (typeof patternPathOrMethod === 'string' && pathMatchesPattern(path, patternPathOrMethod)) {\n return true;\n }\n\n if (Array.isArray(patternPathOrMethod) && patternPathOrMethod.length === 2) {\n const [pattern, methodOrMethods] = patternPathOrMethod;\n if (pathMatchesPattern(path, pattern) && matchesOrIncludes(methodOrMethods, method)) {\n return true;\n }\n }\n }\n\n return false;\n};\n\nexport const pathMatchesPattern = (path: string, pattern: string): boolean => {\n // Use regexparam for battle-tested path matching\n // Supports:\n // - Exact paths: '/api/users'\n // - Wildcards: '/api/agents/*' matches '/api/agents/123'\n // - Path parameters: '/users/:id' matches '/users/123'\n // - Optional parameters: '/users/:id?' matches '/users' and '/users/123'\n // - Mixed patterns: '/api/:version/users/:id/profile'\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n};\n\nexport const pathMatchesRule = (path: string, rulePath: string | RegExp | string[] | undefined): boolean => {\n if (!rulePath) return true; // No path specified means all paths\n\n if (typeof rulePath === 'string') {\n return pathMatchesPattern(path, rulePath);\n }\n\n if (rulePath instanceof RegExp) {\n return rulePath.test(path);\n }\n\n if (Array.isArray(rulePath)) {\n return rulePath.some(p => pathMatchesPattern(path, p));\n }\n\n return false;\n};\n\nexport const matchesOrIncludes = (values: string | string[], value: string): boolean => {\n if (typeof values === 'string') {\n return values === value;\n }\n\n if (Array.isArray(values)) {\n return values.includes(value);\n }\n\n return false;\n};\n\n// ── Core auth middleware ──\n// Framework-agnostic auth logic extracted from adapter middlewares.\n// Each adapter builds an AuthMiddlewareContext and delegates to coreAuthMiddleware.\n\nexport interface AuthMiddlewareContext {\n path: string;\n method: string;\n getHeader: (name: string) => string | undefined;\n mastra: Mastra;\n authConfig: MastraAuthConfig;\n customRouteAuthConfig?: Map<string, boolean>;\n requestContext: { get: (key: string) => unknown; set: (key: string, value: unknown) => void };\n rawRequest: unknown;\n token: string | null;\n buildAuthorizeContext: () => unknown;\n}\n\nexport type AuthResult = { action: 'next' } | { action: 'error'; status: number; body: Record<string, unknown> };\n\nconst pass: AuthResult = { action: 'next' };\n\n/**\n * Single auth middleware: authenticate → authorize.\n * Skip checks (dev playground, unprotected path, public path) are evaluated once.\n */\nexport const coreAuthMiddleware = async (ctx: AuthMiddlewareContext): Promise<AuthResult> => {\n const { path, method, getHeader, mastra, authConfig, customRouteAuthConfig, requestContext, rawRequest, token } = ctx;\n\n // ── Skip checks (evaluated once) ──\n\n // Only bypass auth for dev playground when no real auth provider is configured.\n // When auth IS configured (has authenticateToken), we need the full auth flow\n // so user/roles/permissions are set in requestContext.\n const hasAuthProvider = typeof authConfig.authenticateToken === 'function';\n if (!hasAuthProvider && isDevPlaygroundRequest(path, method, getHeader, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (!isProtectedPath(path, method, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (canAccessPublicly(path, method, authConfig)) {\n return pass;\n }\n\n // ── Authentication ──\n\n let user: unknown;\n\n try {\n if (typeof authConfig.authenticateToken === 'function') {\n user = await authConfig.authenticateToken(token ?? '', rawRequest as any);\n } else {\n throw new Error('No token verification method configured');\n }\n\n if (!user) {\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n }\n\n requestContext.set('user', user);\n\n try {\n const serverConfig = mastra.getServer();\n const rbacProvider = serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n\n if (rbacProvider) {\n if (!user || typeof user !== 'object' || !('id' in user)) {\n mastra.getLogger()?.warn('RBAC: authenticated user missing required \"id\" field, skipping permission loading');\n } else {\n const permissions = await rbacProvider.getPermissions(user as EEUser);\n requestContext.set('userPermissions', permissions);\n\n const roles = await rbacProvider.getRoles(user as EEUser);\n requestContext.set('userRoles', roles);\n }\n }\n } catch (rbacError) {\n mastra.getLogger()?.error('RBAC: failed to load user permissions/roles', {\n error: rbacError instanceof Error ? { message: rbacError.message, stack: rbacError.stack } : rbacError,\n });\n }\n } catch (err) {\n mastra.getLogger()?.error('Authentication error', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n }\n\n // ── Authorization ──\n\n if ('authorizeUser' in authConfig && typeof authConfig.authorizeUser === 'function') {\n try {\n const isAuthorized = await authConfig.authorizeUser(user, rawRequest as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorizeUser', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n }\n } else if ('authorize' in authConfig && typeof authConfig.authorize === 'function') {\n try {\n const authorizeCtx = ctx.buildAuthorizeContext();\n const isAuthorized = await authConfig.authorize(path, method, user, authorizeCtx as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorize', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n path,\n method,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n }\n } else if ('rules' in authConfig && authConfig.rules && authConfig.rules.length > 0) {\n const isAuthorized = await checkRules(authConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } else {\n // No explicit authorization configured (authorizeUser, authorize, or rules)\n // Check if RBAC is configured - if not, allow authenticated users through\n // (auth-only mode = authenticated users get full access)\n const rbacProvider = mastra.getServer()?.rbac;\n if (rbacProvider) {\n if (defaultAuthConfig.rules && defaultAuthConfig.rules.length > 0) {\n const isAuthorized = await checkRules(defaultAuthConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } else {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n }\n }\n\n return pass;\n};\n\n// Check authorization rules\nexport const checkRules = async (\n rules: MastraAuthConfig['rules'],\n path: string,\n method: string,\n user: unknown,\n): Promise<boolean> => {\n // Go through rules in order (first match wins)\n for (const i in rules || []) {\n const rule = rules?.[i]!;\n // Check if rule applies to this path\n if (!pathMatchesRule(path, rule.path)) {\n continue;\n }\n\n // Check if rule applies to this method\n if (rule.methods && !matchesOrIncludes(rule.methods, method)) {\n continue;\n }\n\n // Rule matches, check conditions\n const condition = rule.condition;\n if (typeof condition === 'function') {\n const allowed = await Promise.resolve()\n .then(() => condition(user))\n .catch(() => false);\n\n if (allowed) {\n return true;\n }\n } else if (rule.allow) {\n return true;\n }\n }\n\n // No matching rules, deny by default\n return false;\n};\n"]}
package/dist/chunk-QVMLEJ63.cjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/server/auth/defaults.ts","../src/server/auth/path-pattern.ts","../src/server/auth/helpers.ts"],"names":[],"mappings":";;;AAGO,IAAM,iBAAA,GAAsC;AAAA,EACjD,SAAA,EAAW,CAAC,QAAQ,CAAA;AAAA,EACpB,MAAA,EAAQ,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA;AAAA,EAE9B,KAAA,EAAO;AAAA;AAAA,IAEL;AAAA,MACE,WAAW,CAAA,IAAA,KAAQ;AACjB,QAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,IAAA,EAAM;AAC7C,UAAA,IAAI,aAAa,IAAA,EAAM;AACrB,YAAA,OAAO,CAAC,CAAC,IAAA,CAAK,OAAA;AAAA,UAChB;AAEA,UAAA,IAAI,UAAU,IAAA,EAAM;AAClB,YAAA,OAAO,KAAK,IAAA,KAAS,OAAA;AAAA,UACvB;AAAA,QACF;AACA,QAAA,OAAO,KAAA;AAAA,MACT,CAAA;AAAA,MACA,KAAA,EAAO;AAAA;AACT;AAEJ;;;ACcO,SAAS,KAAA,CAAM,OAAwB,KAAA,EAAgC;AAC5E,EAAA,IAAI,iBAAiB,MAAA,EAAQ,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAM;AAElE,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,MAAM,OAAiB,EAAC;AACxB,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAE3B,EAAA,GAAA,CAAI,CAAC,CAAA,IAAK,GAAA,CAAI,KAAA,EAAM;AAEpB,EAAA,OAAQ,GAAA,GAAM,GAAA,CAAI,KAAA,EAAM,EAAI;AAC1B,IAAA,CAAA,GAAI,IAAI,CAAC,CAAA;AACT,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,OAAA,IAAW,GAAA,CAAI,CAAC,CAAA,KAAM,GAAA,GAAM,YAAA,GAAe,OAAA;AAAA,IAC7C,CAAA,MAAA,IAAW,MAAM,GAAA,EAAK;AACpB,MAAA,CAAA,GAAI,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACtB,MAAA,GAAA,GAAM,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACxB,MAAA,IAAA,CAAK,KAAK,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAC,CAAC,CAAA,GAAI,CAAA,GAAI,CAAC,CAAC,CAAC,GAAA,GAAM,GAAA,GAAM,GAAA,CAAI,MAAM,CAAC,CAAA;AAChE,MAAA,OAAA,IAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,gBAAA,GAAmB,WAAA;AAC9C,MAAA,IAAI,CAAC,CAAC,CAAC,GAAA,cAAiB,CAAC,CAAC,CAAC,CAAA,GAAI,GAAA,GAAM,EAAA,IAAM,IAAA,GAAO,GAAA,CAAI,UAAU,GAAG,CAAA;AAAA,IACrE,CAAA,MAAO;AACL,MAAA,OAAA,IAAW,GAAA,GAAM,GAAA;AAAA,IACnB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,OAAA,EAAS,IAAI,MAAA,CAAO,GAAA,GAAM,WAA+B,QAAQ,GAAG;AAAA,GACtE;AACF;;;AC5DO,IAAM,sBAAA,GAAyB,CACpC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,KAAM,IAAA;AAAA,EACtD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,KAAM,IAAA;AAAA,EACpD;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,YAAA,KAAiB,IAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAOO,IAAM,yBAAyB,CACpC,IAAA,EACA,MAAA,EACA,SAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OACE,OAAA,CAAQ,IAAI,UAAA,KAAe,MAAA;AAAA,GAEzB,CAAC,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,eAAe,KAAK,CAAC,sBAAA,CAAuB,IAAA,EAAM,MAAA,EAAQ,qBAAqB,CAAA;AAAA,EAEzG,SAAA,CAAU,yBAAyB,CAAA,KAAM,MAAA,CAAA;AAE/C;AAEO,IAAM,mBAAA,GAAsB,CACjC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA;AAAA,EAC/C;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,CAAC,YAAA;AAAA,IACV;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAQO,IAAM,eAAA,GAAkB,CAC7B,IAAA,EACA,MAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OAAO,UAAA,CAAW,MAAM,MAAA,EAAQ,eAAe,KAAK,sBAAA,CAAuB,IAAA,EAAM,QAAQ,qBAAqB,CAAA;AAChH;AAEO,IAAM,iBAAA,GAAoB,CAAC,IAAA,EAAc,MAAA,EAAgB,UAAA,KAA0C;AAExG,EAAA,MAAM,YAAA,GAAe,CAAC,GAAI,iBAAA,CAAkB,MAAA,IAAU,EAAC,EAAI,GAAI,UAAA,CAAW,MAAA,IAAU,EAAG,CAAA;AAEvF,EAAA,OAAO,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,YAAY,CAAA;AAC9C;AAEA,IAAM,UAAA,GAAa,CACjB,IAAA,EACA,MAAA,EACA,QAAA,KACY;AACZ,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,uBAAuB,QAAA,EAAU;AAC1C,IAAA,IAAI,+BAA+B,MAAA,EAAQ;AACzC,MAAA,IAAI,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,mBAAA,KAAwB,QAAA,IAAY,kBAAA,CAAmB,IAAA,EAAM,mBAAmB,CAAA,EAAG;AAC5F,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,MAAM,OAAA,CAAQ,mBAAmB,CAAA,IAAK,mBAAA,CAAoB,WAAW,CAAA,EAAG;AAC1E,MAAA,MAAM,CAAC,OAAA,EAAS,eAAe,CAAA,GAAI,mBAAA;AACnC,MAAA,IAAI,mBAAmB,IAAA,EAAM,OAAO,KAAK,iBAAA,CAAkB,eAAA,EAAiB,MAAM,CAAA,EAAG;AACnF,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT,CAAA;AAEO,IAAM,kBAAA,GAAqB,CAAC,IAAA,EAAc,OAAA,KAA6B;AAQ5E,EAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAM,GAAI,MAAM,OAAO,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,CAAA;AACxB;AAEO,IAAM,eAAA,GAAkB,CAAC,IAAA,EAAc,QAAA,KAA8D;AAC1G,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,IAAA,OAAO,kBAAA,CAAmB,MAAM,QAAQ,CAAA;AAAA,EAC1C;AAEA,EAAA,IAAI,oBAAoB,MAAA,EAAQ;AAC9B,IAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAC3B,IAAA,OAAO,SAAS,IAAA,CAAK,CAAA,CAAA,KAAK,kBAAA,CAAmB,IAAA,EAAM,CAAC,CAAC,CAAA;AAAA,EACvD;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,IAAM,iBAAA,GAAoB,CAAC,MAAA,EAA2B,KAAA,KAA2B;AACtF,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA,KAAW,KAAA;AAAA,EACpB;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,OAAO,MAAA,CAAO,SAAS,KAAK,CAAA;AAAA,EAC9B;AAEA,EAAA,OAAO,KAAA;AACT;AAqBA,IAAM,IAAA,GAAmB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAMnC,IAAM,kBAAA,GAAqB,OAAO,GAAA,KAAoD;AAC3F,EAAA,MAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAY,qBAAA,EAAuB,cAAA,EAAgB,UAAA,EAAY,KAAA,EAAM,GAAI,GAAA;AAOlH,EAAA,MAAM,eAAA,GAAkB,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,sBAAA,CAAuB,IAAA,EAAM,QAAQ,SAAA,EAAW,UAAA,EAAY,qBAAqB,CAAA,EAAG;AAC1G,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAY,qBAAqB,CAAA,EAAG;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,iBAAA,CAAkB,IAAA,EAAM,MAAA,EAAQ,UAAU,CAAA,EAAG;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAIA,EAAA,IAAI,IAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA,EAAY;AACtD,MAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,KAAA,IAAS,IAAI,UAAiB,CAAA;AAAA,IAC1E,CAAA,MAAO;AACL,MAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,IAC3D;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,IACrF;AAEA,IAAA,cAAA,CAAe,GAAA,CAAI,QAAQ,IAAI,CAAA;AAE/B,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,OAAO,SAAA,EAAU;AACtC,MAAA,MAAM,eAAe,YAAA,EAAc,IAAA;AAEnC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,SAAS,QAAA,IAAY,EAAE,QAAQ,IAAA,CAAA,EAAO;AACxD,UAAA,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA,CAAK,mFAAmF,CAAA;AAAA,QAC9G,CAAA,MAAO;AACL,UAAA,MAAM,WAAA,GAAc,MAAM,YAAA,CAAa,cAAA,CAAe,IAAc,CAAA;AACpE,UAAA,cAAA,CAAe,GAAA,CAAI,mBAAmB,WAAW,CAAA;AAEjD,UAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,QAAA,CAAS,IAAc,CAAA;AACxD,UAAA,cAAA,CAAe,GAAA,CAAI,aAAa,KAAK,CAAA;AAAA,QACvC;AAAA,MACF;AAAA,IACF,SAAS,SAAA,EAAW;AAClB,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,QACvE,KAAA,EAAO,SAAA,YAAqB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAU,OAAA,EAAS,KAAA,EAAO,SAAA,CAAU,KAAA,EAAM,GAAI;AAAA,OAC9F,CAAA;AAAA,IACH;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sBAAA,EAAwB;AAAA,MAChD,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,KAC5E,CAAA;AACD,IAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAE;AAAA,EACrF;AAIA,EAAA,IAAI,eAAA,IAAmB,UAAA,IAAc,OAAO,UAAA,CAAW,kBAAkB,UAAA,EAAY;AACnF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,MAAM,UAAA,CAAW,aAAA,CAAc,MAAM,UAAiB,CAAA;AAE3E,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sCAAA,EAAwC;AAAA,QAChE,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,OAC5E,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,WAAW,WAAA,IAAe,UAAA,IAAc,OAAO,UAAA,CAAW,cAAc,UAAA,EAAY;AAClF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,IAAI,qBAAA,EAAsB;AAC/C,MAAA,MAAM,eAAe,MAAM,UAAA,CAAW,UAAU,IAAA,EAAM,MAAA,EAAQ,MAAM,YAAmB,CAAA;AAEvF,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,kCAAA,EAAoC;AAAA,QAC5D,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI,GAAA;AAAA,QAC3E,IAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAE;AAAA,IAChF;AAAA,EACF,CAAA,MAAA,IAAW,WAAW,UAAA,IAAc,UAAA,CAAW,SAAS,UAAA,CAAW,KAAA,CAAM,SAAS,CAAA,EAAG;AACnF,IAAA,MAAM,eAAe,MAAM,UAAA,CAAW,WAAW,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAE1E,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,IAC1E;AAAA,EACF,CAAA,MAAO;AAIL,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACzC,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,IAAI,iBAAA,CAAkB,KAAA,IAAS,iBAAA,CAAkB,KAAA,CAAM,SAAS,CAAA,EAAG;AACjE,QAAA,MAAM,eAAe,MAAM,UAAA,CAAW,kBAAkB,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAEjF,QAAA,IAAI,CAAC,YAAA,EAAc;AACjB,UAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,QAC1E;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAO,EAAE,QAAQ,OAAA,EAAS,MAAA,EAAQ,KAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAE;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,IAAA;AACT;AAGO,IAAM,UAAA,GAAa,OACxB,KAAA,EACA,IAAA,EACA,QACA,IAAA,KACqB;AAErB,EAAA,KAAA,MAAW,CAAA,IAAK,KAAA,IAAS,EAAC,EAAG;AAC3B,IAAA,MAAM,IAAA,GAAO,QAAQ,CAAC,CAAA;AAEtB,IAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,IAAA,CAAK,IAAI,CAAA,EAAG;AACrC,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,KAAK,OAAA,IAAW,CAAC,kBAAkB,IAAA,CAAK,OAAA,EAAS,MAAM,CAAA,EAAG;AAC5D,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,IAAA,IAAI,OAAO,cAAc,UAAA,EAAY;AACnC,MAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,OAAA,EAAQ,CACnC,IAAA,CAAK,MAAM,SAAA,CAAU,IAAI,CAAC,CAAA,CAC1B,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,KAAK,KAAA,EAAO;AACrB,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT","file":"chunk-QVMLEJ63.cjs","sourcesContent":["import type { MastraAuthConfig } from '@mastra/core/server';\n\n// Default configuration that can be extended by clients\nexport const defaultAuthConfig: MastraAuthConfig = {\n protected: ['/api/*'],\n public: ['/api', '/api/auth/*'],\n // Simple rule system\n rules: [\n // Admin users can do anything\n {\n condition: user => {\n if (typeof user === 'object' && user !== null) {\n if ('isAdmin' in user) {\n return !!user.isAdmin;\n }\n\n if ('role' in user) {\n return user.role === 'admin';\n }\n }\n return false;\n },\n allow: true,\n },\n ],\n};\n","/**\n * Path pattern matching utility\n * Inlined from regexparam v3.0.0 (MIT License)\n * https://github.com/lukeed/regexparam\n *\n * Copyright (c) Luke Edwards <luke.edwards05@gmail.com> (lukeed.com)\n *\n * Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n *\n * The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n */\n\nexport interface ParsedPattern {\n keys: string[] | false;\n pattern: RegExp;\n}\n\n/**\n * Parse a route pattern into a RegExp\n * Supports:\n * - Named parameters: /users/:id\n * - Optional parameters: /users/:id?\n * - Wildcards: /files/*\n * - Mixed patterns: /api/:version/users/:id\n */\nexport function parse(input: string | RegExp, loose?: boolean): ParsedPattern {\n if (input instanceof RegExp) return { keys: false, pattern: input };\n\n let c: string;\n let o: number;\n let tmp: string | undefined;\n let ext: number;\n const keys: string[] = [];\n let pattern = '';\n const arr = input.split('/');\n\n arr[0] || arr.shift();\n\n while ((tmp = arr.shift())) {\n c = tmp[0]!;\n if (c === '*') {\n keys.push(c);\n pattern += tmp[1] === '?' ? '(?:/(.*))?' : '/(.*)';\n } else if (c === ':') {\n o = tmp.indexOf('?', 1);\n ext = tmp.indexOf('.', 1);\n keys.push(tmp.substring(1, !!~o ? o : !!~ext ? ext : tmp.length));\n pattern += !!~o && !~ext ? '(?:/([^/]+?))?' : '/([^/]+?)';\n if (!!~ext) pattern += (!!~o ? '?' : '') + '\\\\' + tmp.substring(ext);\n } else {\n pattern += '/' + tmp;\n }\n }\n\n return {\n keys: keys,\n pattern: new RegExp('^' + pattern + (loose ? '(?=$|/)' : '/?$'), 'i'),\n };\n}\n\n/**\n * Test if a path matches a pattern\n */\nexport function matchPath(path: string, pattern: string | RegExp): boolean {\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n}\n","import type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { Mastra } from '@mastra/core/mastra';\nimport type { MastraAuthConfig } from '@mastra/core/server';\n\nimport { defaultAuthConfig } from './defaults';\nimport { parse } from './path-pattern';\n\n/**\n * Check if a route is a registered custom route that requires authentication.\n * Returns true only if the route is explicitly registered with requiresAuth: true.\n * Returns false if the route is not in the config or has requiresAuth: false.\n */\nexport const isProtectedCustomRoute = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return customRouteAuthConfig.get(exactRouteKey) === true;\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return customRouteAuthConfig.get(allRouteKey) === true;\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return requiresAuth === true;\n }\n }\n\n return false; // Not in config = not a protected custom route\n};\n\n/**\n * Check if request is from dev playground\n * @param getHeader - Function to get header value from request\n * @param customRouteAuthConfig - Map of custom route auth configurations\n */\nexport const isDevPlaygroundRequest = (\n path: string,\n method: string,\n getHeader: (name: string) => string | undefined,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n return (\n process.env.MASTRA_DEV === 'true' &&\n // Allow if path doesn't match protected patterns AND is not a protected custom route\n ((!isAnyMatch(path, method, protectedAccess) && !isProtectedCustomRoute(path, method, customRouteAuthConfig)) ||\n // Or if has playground header\n getHeader('x-mastra-dev-playground') === 'true')\n );\n};\n\nexport const isCustomRoutePublic = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return !customRouteAuthConfig.get(exactRouteKey); // True when route opts out of auth\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return !customRouteAuthConfig.get(allRouteKey);\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return !requiresAuth; // True when route opts out of auth\n }\n }\n\n return false;\n};\n\n// NOTE: This uses isProtectedCustomRoute (default-allow for unknown paths) rather than\n// !isCustomRoutePublic (default-deny). This is intentional — all registered server and\n// custom routes are auth-checked via registerRoute/checkRouteAuth regardless of this\n// function. The '/api/*' protected pattern exists as a user-facing override mechanism.\n// The old default-deny logic incorrectly blocked non-API paths (e.g. '/', '/agents')\n// which prevented the studio login page from loading in production.\nexport const isProtectedPath = (\n path: string,\n method: string,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected || []), ...(authConfig.protected || [])];\n return isAnyMatch(path, method, protectedAccess) || isProtectedCustomRoute(path, method, customRouteAuthConfig);\n};\n\nexport const canAccessPublicly = (path: string, method: string, authConfig: MastraAuthConfig): boolean => {\n // Check if this path+method combination is publicly accessible\n const publicAccess = [...(defaultAuthConfig.public || []), ...(authConfig.public || [])];\n\n return isAnyMatch(path, method, publicAccess);\n};\n\nconst isAnyMatch = (\n path: string,\n method: string,\n patterns: MastraAuthConfig['protected'] | MastraAuthConfig['public'],\n): boolean => {\n if (!patterns) {\n return false;\n }\n\n for (const patternPathOrMethod of patterns) {\n if (patternPathOrMethod instanceof RegExp) {\n if (patternPathOrMethod.test(path)) {\n return true;\n }\n }\n\n if (typeof patternPathOrMethod === 'string' && pathMatchesPattern(path, patternPathOrMethod)) {\n return true;\n }\n\n if (Array.isArray(patternPathOrMethod) && patternPathOrMethod.length === 2) {\n const [pattern, methodOrMethods] = patternPathOrMethod;\n if (pathMatchesPattern(path, pattern) && matchesOrIncludes(methodOrMethods, method)) {\n return true;\n }\n }\n }\n\n return false;\n};\n\nexport const pathMatchesPattern = (path: string, pattern: string): boolean => {\n // Use regexparam for battle-tested path matching\n // Supports:\n // - Exact paths: '/api/users'\n // - Wildcards: '/api/agents/*' matches '/api/agents/123'\n // - Path parameters: '/users/:id' matches '/users/123'\n // - Optional parameters: '/users/:id?' matches '/users' and '/users/123'\n // - Mixed patterns: '/api/:version/users/:id/profile'\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n};\n\nexport const pathMatchesRule = (path: string, rulePath: string | RegExp | string[] | undefined): boolean => {\n if (!rulePath) return true; // No path specified means all paths\n\n if (typeof rulePath === 'string') {\n return pathMatchesPattern(path, rulePath);\n }\n\n if (rulePath instanceof RegExp) {\n return rulePath.test(path);\n }\n\n if (Array.isArray(rulePath)) {\n return rulePath.some(p => pathMatchesPattern(path, p));\n }\n\n return false;\n};\n\nexport const matchesOrIncludes = (values: string | string[], value: string): boolean => {\n if (typeof values === 'string') {\n return values === value;\n }\n\n if (Array.isArray(values)) {\n return values.includes(value);\n }\n\n return false;\n};\n\n// ── Core auth middleware ──\n// Framework-agnostic auth logic extracted from adapter middlewares.\n// Each adapter builds an AuthMiddlewareContext and delegates to coreAuthMiddleware.\n\nexport interface AuthMiddlewareContext {\n path: string;\n method: string;\n getHeader: (name: string) => string | undefined;\n mastra: Mastra;\n authConfig: MastraAuthConfig;\n customRouteAuthConfig?: Map<string, boolean>;\n requestContext: { get: (key: string) => unknown; set: (key: string, value: unknown) => void };\n rawRequest: unknown;\n token: string | null;\n buildAuthorizeContext: () => unknown;\n}\n\nexport type AuthResult = { action: 'next' } | { action: 'error'; status: number; body: Record<string, unknown> };\n\nconst pass: AuthResult = { action: 'next' };\n\n/**\n * Single auth middleware: authenticate → authorize.\n * Skip checks (dev playground, unprotected path, public path) are evaluated once.\n */\nexport const coreAuthMiddleware = async (ctx: AuthMiddlewareContext): Promise<AuthResult> => {\n const { path, method, getHeader, mastra, authConfig, customRouteAuthConfig, requestContext, rawRequest, token } = ctx;\n\n // ── Skip checks (evaluated once) ──\n\n // Only bypass auth for dev playground when no real auth provider is configured.\n // When auth IS configured (has authenticateToken), we need the full auth flow\n // so user/roles/permissions are set in requestContext.\n const hasAuthProvider = typeof authConfig.authenticateToken === 'function';\n if (!hasAuthProvider && isDevPlaygroundRequest(path, method, getHeader, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (!isProtectedPath(path, method, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (canAccessPublicly(path, method, authConfig)) {\n return pass;\n }\n\n // ── Authentication ──\n\n let user: unknown;\n\n try {\n if (typeof authConfig.authenticateToken === 'function') {\n user = await authConfig.authenticateToken(token ?? '', rawRequest as any);\n } else {\n throw new Error('No token verification method configured');\n }\n\n if (!user) {\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n }\n\n requestContext.set('user', user);\n\n try {\n const serverConfig = mastra.getServer();\n const rbacProvider = serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n\n if (rbacProvider) {\n if (!user || typeof user !== 'object' || !('id' in user)) {\n mastra.getLogger()?.warn('RBAC: authenticated user missing required \"id\" field, skipping permission loading');\n } else {\n const permissions = await rbacProvider.getPermissions(user as EEUser);\n requestContext.set('userPermissions', permissions);\n\n const roles = await rbacProvider.getRoles(user as EEUser);\n requestContext.set('userRoles', roles);\n }\n }\n } catch (rbacError) {\n mastra.getLogger()?.error('RBAC: failed to load user permissions/roles', {\n error: rbacError instanceof Error ? { message: rbacError.message, stack: rbacError.stack } : rbacError,\n });\n }\n } catch (err) {\n mastra.getLogger()?.error('Authentication error', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' } };\n }\n\n // ── Authorization ──\n\n if ('authorizeUser' in authConfig && typeof authConfig.authorizeUser === 'function') {\n try {\n const isAuthorized = await authConfig.authorizeUser(user, rawRequest as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorizeUser', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n }\n } else if ('authorize' in authConfig && typeof authConfig.authorize === 'function') {\n try {\n const authorizeCtx = ctx.buildAuthorizeContext();\n const isAuthorized = await authConfig.authorize(path, method, user, authorizeCtx as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorize', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n path,\n method,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' } };\n }\n } else if ('rules' in authConfig && authConfig.rules && authConfig.rules.length > 0) {\n const isAuthorized = await checkRules(authConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } else {\n // No explicit authorization configured (authorizeUser, authorize, or rules)\n // Check if RBAC is configured - if not, allow authenticated users through\n // (auth-only mode = authenticated users get full access)\n const rbacProvider = mastra.getServer()?.rbac;\n if (rbacProvider) {\n if (defaultAuthConfig.rules && defaultAuthConfig.rules.length > 0) {\n const isAuthorized = await checkRules(defaultAuthConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n } else {\n return { action: 'error', status: 403, body: { error: 'Access denied' } };\n }\n }\n }\n\n return pass;\n};\n\n// Check authorization rules\nexport const checkRules = async (\n rules: MastraAuthConfig['rules'],\n path: string,\n method: string,\n user: unknown,\n): Promise<boolean> => {\n // Go through rules in order (first match wins)\n for (const i in rules || []) {\n const rule = rules?.[i]!;\n // Check if rule applies to this path\n if (!pathMatchesRule(path, rule.path)) {\n continue;\n }\n\n // Check if rule applies to this method\n if (rule.methods && !matchesOrIncludes(rule.methods, method)) {\n continue;\n }\n\n // Rule matches, check conditions\n const condition = rule.condition;\n if (typeof condition === 'function') {\n const allowed = await Promise.resolve()\n .then(() => condition(user))\n .catch(() => false);\n\n if (allowed) {\n return true;\n }\n } else if (rule.allow) {\n return true;\n }\n }\n\n // No matching rules, deny by default\n return false;\n};\n"]}