npm - @mohamedatia/fly-design-system - Versions diffs - 1.9.3 → 2.3.0 - Mend

@mohamedatia/fly-design-system 1.9.3 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/fesm2022/mohamedatia-fly-design-system.mjs +843 -35
package/fesm2022/mohamedatia-fly-design-system.mjs.map +1 -1
package/package.json +1 -1
package/scss/_theme-light.scss +89 -89
package/types/mohamedatia-fly-design-system.d.ts +525 -75
package/types/mohamedatia-fly-design-system.d.ts.map +1 -1

package/types/mohamedatia-fly-design-system.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import * as _angular_core from '@angular/core';
-import { Type, InjectionToken, PipeTransform, signal, Signal, AfterViewInit, OnDestroy, OnInit, EventEmitter, ElementRef } from '@angular/core';
+import { Type, InjectionToken, Signal, OnInit, EventEmitter, OnChanges, OnDestroy, SimpleChanges, PipeTransform, signal, AfterViewInit, ElementRef } from '@angular/core';
+import { ControlValueAccessor, Validator, AbstractControl, ValidationErrors } from '@angular/forms';
 import { Observable } from 'rxjs';
 /**
@@ -66,6 +67,35 @@ interface WindowInstance {
     contentUiBlockMessageKey?: string;
 }
 declare const WINDOW_DATA: InjectionToken<WindowInstance>;
+/**
+ * Payload delivered to a window when it is launched (or re-launched) via a deep link.
+ * Both fields are nullable: a normal dock click yields `route: null`, `params: null`.
+ *
+ * Hosts provide a `Signal<LaunchContext | null>` per window via `LAUNCH_CONTEXT` so
+ * remotes can react with `effect()` when the same window is re-launched (the host
+ * bumps `version` to differentiate). `version` starts at 1 for the first launch.
+ */
+interface LaunchContext {
+    readonly route: string | null;
+    readonly params: Readonly<Record<string, unknown>> | null;
+    readonly version: number;
+}
+/**
+ * Per-window injection token carrying the active `LaunchContext` as a signal.
+ * Resolves to `null` outside the desktop shell (e.g. mock-host dev mode).
+ *
+ * Remotes typically consume it as:
+ * ```ts
+ * private readonly launchCtx = inject(LAUNCH_CONTEXT, { optional: true });
+ * constructor() {
+ *   effect(() => {
+ *     const ctx = this.launchCtx?.();
+ *     if (ctx?.route) this.router.navigateByUrl(ctx.route);
+ *   });
+ * }
+ * ```
+ */
+declare const LAUNCH_CONTEXT: InjectionToken<Signal<LaunchContext | null>>;
 interface User {
     id: string;
@@ -88,16 +118,72 @@ interface User {
 /**
  * Generic share / ACL panel models — hosts map domain DTOs to these shapes.
+ *
+ * v2.0.0: introduces the {@link SharePrincipal} discriminated union to replace the v1
+ * "set-which-is-set" discriminator on {@link SharePermissionEntry} (`grantedToUserId` /
+ * `grantedToOuId` / `grantedToAppId`). The new shape compiles invalid combinations away
+ * (a permission row carries exactly one principal, never overlapping ids) and reserves
+ * a `role` kind for the planned apps-chart role-as-principal flow.
+ */
+/**
+ * Discriminated principal that owns a share permission row. Hosts translate domain DTO
+ * fields into one of these variants.
+ *
+ * The `role` variant is reserved for a follow-up enabling the Apps-chart role-as-principal
+ * flow end-to-end (frontend looks up the role-OU UUID; backend's PermissionResolver must
+ * enumerate the user's full OU set including computed-from-role memberships). Until that
+ * runtime work lands, hosts SHOULD NOT emit `role` principals.
+ */
+type SharePrincipal = UserPrincipal | RolePrincipal | OuPrincipal | AppEveryonePrincipal;
+interface UserPrincipal {
+    kind: 'user';
+    /** Tenant-scoped user id. */
+    userId: string;
+    /** Display name resolved by the host (e.g. "Jane Doe"). Falls back to a Guid prefix. */
+    displayName?: string;
+    /** Optional email — surfaced as a secondary line on the row when set. */
+    email?: string;
+}
+interface RolePrincipal {
+    kind: 'role';
+    /** Owning app id (e.g. `circles`). Roles are unique within an app, not globally. */
+    appId: string;
+    /** Stable role key within that app (e.g. `ffo`, `viewer`). */
+    roleKey: string;
+    displayName?: string;
+}
+interface OuPrincipal {
+    kind: 'ou';
+    ouId: string;
+    /** Chart context for stable display labels. Null = the Default Company chart. */
+    chartId?: string | null;
+    displayName?: string;
+}
+interface AppEveryonePrincipal {
+    kind: 'app-everyone';
+    /** App id whose user population this grant targets. `*` = every tenant user. */
+    appId: string;
+    displayName?: string;
+}
+/** Principal-kind discriminator strings — re-exported for hosts that build menus dynamically. */
+type SharePrincipalKind = SharePrincipal['kind'];
+/**
+ * One row of the share-panel permissions list. v2.0 carries a {@link SharePrincipal}
+ * discriminated union instead of the v1 `grantedToUserId` / `grantedToOuId` / `grantedToAppId`
+ * fields. See the file header for migration notes.
  */
 interface SharePermissionEntry {
     id: string;
-    grantedToUserId?: string | null;
-    grantedToOuId?: string | null;
-    grantedToAppId?: string | null;
+    principal: SharePrincipal;
     level: string;
     isInherited?: boolean;
-    /** Resolved label (user name, OU name, etc.); if omitted, panel uses fallbacks. */
-    displayName?: string;
+    /**
+     * When true, this row is a deny grant — visually distinct, revokes access for the
+     * principal regardless of any matching allow grant. Backed by the ACL semantic in
+     * Files Manager (`FilePermission.IsDeny`) and Notes (`NoteShareLevel.Deny`).
+     * Hosts that do not support deny grants may omit this field entirely.
+     */
+    isDeny?: boolean;
 }
 interface ShareUserResult {
     id: string;
@@ -121,6 +207,424 @@ interface SharePanelLevelOption {
     labelKey: string;
 }
+/**
+ * Canonical {@link AudienceFilter} TypeScript model — wire-compatible byte-for-byte with the
+ * C# `Fly.Shared.Core.Audience.AudienceFilter` polymorphic record. The discriminator field is
+ * `kind` and matches the values declared in `AudienceTerm.cs`'s `[JsonDerivedType]` attributes:
+ * `users`, `roles`, `ou`, `app-everyone`, `chart`, `preset`.
+ *
+ * Resolution semantics (server-side, see `AudienceFilter.cs`):
+ *   1. Each include term is expanded to a user-id set; sets are unioned.
+ *   2. Each exclude term is expanded; the union of excludes is subtracted.
+ *   3. Inactive users are filtered when {@link AudienceOptions.excludeInactiveUsers} is true.
+ *
+ * **Empty `includes` resolves to the empty set — never "everyone".** To target every user in a
+ * tenant, emit an explicit {@link AppEveryoneTerm} or {@link ChartTerm}; this matches the
+ * defensive backend default and prevents a UI bug from broadcasting tenant-wide.
+ */
+interface AudienceFilter {
+    /** At least one term required server-side; an empty array resolves to zero recipients. */
+    includes: AudienceTerm[];
+    /** Optional. Subtracted from the include union. */
+    excludes?: AudienceTerm[];
+    /** Optional resolver options. Server applies defaults when omitted. */
+    options?: AudienceOptions;
+}
+/** Tagged union of the six supported audience term kinds. */
+type AudienceTerm = UsersTerm | RolesTerm | OuTerm | AppEveryoneTerm | ChartTerm | PresetTerm;
+type AudienceTermKind = AudienceTerm['kind'];
+/** Discriminator string values — re-exported so hosts can build kind menus dynamically. */
+declare const AUDIENCE_TERM_KINDS: readonly ["users", "roles", "ou", "app-everyone", "chart", "preset"];
+/**
+ * Runtime values for {@link AudiencePresetKind}. Hosts iterate this when surfacing a
+ * preset picker; the type union mirrors this list 1:1.
+ */
+declare const AUDIENCE_PRESETS: readonly ["self", "ou-managers", "direct-reports"];
+/** Explicit user ids. Capped server-side at {@link AUDIENCE_LIMITS.maxUserIdsPerTerm}. */
+interface UsersTerm {
+    kind: 'users';
+    /** Tenant-scoped user ids. */
+    userIds: string[];
+}
+/**
+ * Users holding any of the named roles in a single owning app. Roles are matched by
+ * `(appId, key)` and filtered to active rows by the manifest spec — deprecated roles never
+ * expand into the audience. RoleKeys are unique within an app, not globally.
+ */
+interface RolesTerm {
+    kind: 'roles';
+    /** The role's owning app id (e.g. `circles`). */
+    appId: string;
+    /** Role keys within that app (e.g. `["ffo", "ops"]`). */
+    roleKeys: string[];
+}
+/**
+ * Members of one or more OUs. `chartId` null = the Default Company chart; non-null targets
+ * an alternative chart (including the Apps Chart). When `includeDescendants` is true, members
+ * of all descendant OUs are included (resolved server-side via a recursive CTE).
+ *
+ * `includeDescendants` is required (not optional) so the wire round-trip is unambiguous: a
+ * stored term that was previously emitted with `false` deserialises identically to one emitted
+ * fresh, and the backend never has to choose between "missing" and "explicit false". Builders
+ * MUST emit a definite boolean.
+ */
+interface OuTerm {
+    kind: 'ou';
+    ouIds: string[];
+    /**
+     * Chart context for descendant traversal; null = default tree by parent id. Use `null`
+     * (never `undefined`) to keep wire shape symmetric with C# `Guid?` deserialization.
+     */
+    chartId: string | null;
+    includeDescendants: boolean;
+}
+/**
+ * "All users of this app in this tenant" — semantically the Apps Chart app-root OU. Resolved
+ * from `UserRole` rows joined to active roles owned by the app, never from a materialized
+ * member list. `appId === '*'` means every tenant user.
+ */
+interface AppEveryoneTerm {
+    kind: 'app-everyone';
+    appId: string;
+}
+/**
+ * "Every user placed somewhere in this chart". For the Default Company chart this is every
+ * user with at least one OU membership.
+ */
+interface ChartTerm {
+    kind: 'chart';
+    chartId: string;
+}
+/**
+ * Named platform preset evaluated against an anchor user. Anchor is typically the request
+ * initiator (`Self`) or a referenced user (e.g. delegate's manager).
+ */
+interface PresetTerm {
+    kind: 'preset';
+    preset: AudiencePresetKind;
+    anchorUserId: string;
+}
+/**
+ * Supported audience presets. Kept intentionally small — wire matches C# `JsonStringEnumMemberName`.
+ */
+type AudiencePresetKind = 'self' | 'ou-managers' | 'direct-reports';
+interface AudienceOptions {
+    /** When true (default), users with `IsActive=false` are filtered out. */
+    excludeInactiveUsers?: boolean;
+    /** Caller-supplied ceiling. Server clamps to {@link AUDIENCE_LIMITS.maxResolvedUsers}. */
+    hardCap?: number;
+}
+/**
+ * Hard caps mirrored from `AudienceLimits.cs`. Hosts use these for client-side validation
+ * before submit — backend re-validates regardless. Keep these in sync with the C# constants.
+ */
+declare const AUDIENCE_LIMITS: {
+    readonly maxTermsPerFilter: 64;
+    readonly maxUserIdsPerTerm: 500;
+    readonly maxRoleKeysPerTerm: 64;
+    readonly maxOuIdsPerTerm: 32;
+    readonly maxResolvedUsers: 10000;
+};
+/** Default permission levels (file-style ACL). Hosts can override via `permissionLevels`. */
+declare const SHARE_PANEL_DEFAULT_FILE_LEVELS: SharePanelLevelOption[];
+declare class SharePanelComponent implements OnInit {
+    /** Resource title shown in the header */
+    targetName: string;
+    /** i18n key for panel title */
+    titleKey: string;
+    /** Load current shares / permissions (host resolves display names when possible). */
+    loadPermissions: () => Observable<SharePermissionEntry[]>;
+    searchUsers: (query: string) => Observable<ShareUserResult[]>;
+    /**
+     * Load OU hierarchy for sharing. `chartId` is null for the default/official tree;
+     * non-null for an alternative chart.
+     */
+    loadOuTree: (chartId: string | null) => Observable<ShareOuNode[]>;
+    /** Chart selector options; first entry should be the default chart (`id: null`). */
+    loadChartOptions: () => Observable<ShareOrgChartOption[]>;
+    /**
+     * Labels from the default (official) OU tree for stable display names on OU grants
+     * when the picker shows an alternative chart.
+     */
+    loadOuLabelMap: () => Observable<Record<string, string>>;
+    grantToUser: (userId: string, level: string, applyToChildren: boolean, isDeny: boolean) => Observable<void>;
+    grantToOu: (ouId: string, level: string, applyToChildren: boolean, isDeny: boolean) => Observable<void>;
+    updatePermission: (id: string, level: string) => Observable<void>;
+    revokePermission: (id: string) => Observable<void>;
+    /** When true, show “apply to children” (e.g. folders). */
+    showApplyToChildren: boolean;
+    /**
+     * When true, surfaces an "Add as deny" toggle in the add-permission row and renders
+     * existing deny grants with red styling. Hosts whose backend does not support deny
+     * grants (legacy callers) leave this false and the panel hides all deny affordances.
+     */
+    supportsDeny: boolean;
+    /** Override level dropdown options (e.g. notes: View / Edit only). */
+    permissionLevels?: SharePanelLevelOption[];
+    /** i18n key for wildcard app grant label */
+    everyoneLabelKey: string;
+    /**
+     * Optional apps-chart role-OU index for the tenant. When supplied, the panel:
+     * <list type="bullet">
+     * <item>Renders existing OU grants whose ouId matches a row as <c>RolePrincipal</c>
+     *   chips ("FFO in Circles") instead of opaque OU labels.</item>
+     * <item>Surfaces an "Add role" picker that translates the picked role to its
+     *   role-OU UUID and dispatches via {@link grantToOu}. Backend stores it as a
+     *   plain OU grant; <see cref="PermissionResolver"/> resolves at access time via
+     *   the user's effective OU set.</item>
+     * </list>
+     * Hosts that don't have access to the apps-chart (or don't want the role flow) omit
+     * this input — OU grants then render as generic OU principals.
+     */
+    loadRoleOus?: () => Observable<RoleOuLookupRow[]>;
+    close: EventEmitter<void>;
+    private destroyRef;
+    private i18n;
+    permissions: _angular_core.WritableSignal<SharePermissionEntry[]>;
+    loading: _angular_core.WritableSignal<boolean>;
+    searchQuery: string;
+    newLevel: string;
+    applyToChildren: boolean;
+    /** Apps-chart role-OU index, populated lazily when {@link loadRoleOus} is provided. */
+    roleOus: _angular_core.WritableSignal<RoleOuLookupRow[]>;
+    /** Map<ouId, role row> — derived from roleOus for O(1) lookup during rendering. */
+    private readonly roleOusByOuId;
+    /** Two-way bound to the role picker's filter input. */
+    roleSearchQuery: string;
+    /** True while the role picker section is expanded. */
+    showRolePicker: _angular_core.WritableSignal<boolean>;
+    /**
+     * Two-way bound to the "Add as deny" toggle. When true, the next user/OU pick is
+     * persisted as a deny grant. Reset to false after each successful grant so the next
+     * pick defaults back to allow.
+     */
+    addAsDeny: boolean;
+    searchResults: _angular_core.WritableSignal<ShareUserResult[]>;
+    ouTree: _angular_core.WritableSignal<ShareOuNode[]>;
+    showOuPicker: _angular_core.WritableSignal<boolean>;
+    chartOptions: _angular_core.WritableSignal<ShareOrgChartOption[]>;
+    selectedOrgChartId: _angular_core.WritableSignal<string | null>;
+    /** Default-tree id → display name for permission rows (OU grants). */
+    private readonly ouLabelById;
+    private searchTimeout;
+    /** Emits after chart options load; further emissions on user chart changes (no initial null). */
+    private readonly selectedChartId$;
+    ngOnInit(): void;
+    onOrgChartSelectChange(chartId: string | null): void;
+    get levelOptions(): SharePanelLevelOption[];
+    refreshPermissions(): void;
+    onSearchInput(): void;
+    onGrantToUser(user: ShareUserResult): void;
+    onGrantToOu(ou: ShareOuNode): void;
+    /**
+     * Add a role grant. Resolves to the role-OU UUID and dispatches via {@link grantToOu}
+     * so the backend stores it as a plain OU grant; PermissionResolver matches it at access
+     * time via the user's effective OU set (apps-chart computed-from-role membership).
+     */
+    onGrantToRole(role: RoleOuLookupRow): void;
+    /** Filtered role list — empty query returns all roles, otherwise case-insensitive substring match. */
+    filteredRoles(): RoleOuLookupRow[];
+    onUpdateLevel(perm: SharePermissionEntry, level: string): void;
+    onRevokePermission(perm: SharePermissionEntry): void;
+    getPermIcon(perm: SharePermissionEntry): string;
+    /** Maps a principal kind to its display icon. Static so hosts can reuse for menus. */
+    static principalIcon(principal: SharePrincipal): string;
+    /** Logical start padding for OU hierarchy (roots align with section padding). */
+    ouIndentStartPx(ou: ShareOuNode): number;
+    getPermLabel(perm: SharePermissionEntry): string;
+    static ɵfac: _angular_core.ɵɵFactoryDeclaration<SharePanelComponent, never>;
+    static ɵcmp: _angular_core.ɵɵComponentDeclaration<SharePanelComponent, "fly-share-panel", never, { "targetName": { "alias": "targetName"; "required": false; }; "titleKey": { "alias": "titleKey"; "required": false; }; "loadPermissions": { "alias": "loadPermissions"; "required": true; }; "searchUsers": { "alias": "searchUsers"; "required": true; }; "loadOuTree": { "alias": "loadOuTree"; "required": true; }; "loadChartOptions": { "alias": "loadChartOptions"; "required": true; }; "loadOuLabelMap": { "alias": "loadOuLabelMap"; "required": true; }; "grantToUser": { "alias": "grantToUser"; "required": true; }; "grantToOu": { "alias": "grantToOu"; "required": true; }; "updatePermission": { "alias": "updatePermission"; "required": true; }; "revokePermission": { "alias": "revokePermission"; "required": true; }; "showApplyToChildren": { "alias": "showApplyToChildren"; "required": false; }; "supportsDeny": { "alias": "supportsDeny"; "required": false; }; "permissionLevels": { "alias": "permissionLevels"; "required": false; }; "everyoneLabelKey": { "alias": "everyoneLabelKey"; "required": false; }; "loadRoleOus": { "alias": "loadRoleOus"; "required": false; }; }, { "close": "close"; }, never, never, true, never>;
+}
+/**
+ * One row in the role-OU lookup table the share panel uses to render OU grants as Role
+ * chips and to drive the "Add role" picker. Hosts source this from
+ * <c>OrgStructureApiService.listRoleOus()</c> in the desktop shell.
+ */
+interface RoleOuLookupRow {
+    /** Apps-chart role-OU UUID — what backend stores in `grantedToOuId` / `sharedWithOuId`. */
+    ouId: string;
+    appId: string;
+    roleKey: string;
+    /** Display name resolved by the host (e.g. "FFO" or "Future Foresight Officer"). */
+    displayName: string;
+}
+/** Bucket the picker is currently editing. Exported so hosts can drive `editTarget` if needed. */
+type AudienceEditTarget = 'includes' | 'excludes';
+/**
+ * Generic builder for {@link AudienceFilter}. Accepts an initial value, emits both the
+ * full filter and a validity flag on every change. Reuses the same callback shapes as
+ * {@link SharePanelComponent} so a host already wiring the share panel can drop this in
+ * with no extra plumbing.
+ *
+ * Compaction policy: when the operator picks the same kind multiple times, the component
+ * merges into a single term where it's safe to do so:
+ * <list type="bullet">
+ *   <item><b>users</b>: dedupes user ids into one {@link UsersTerm}.</item>
+ *   <item><b>roles</b>: per `appId`, dedupes role keys into one {@link RolesTerm}.</item>
+ *   <item><b>ou</b>: per `(chartId, includeDescendants)`, dedupes OU ids into one {@link OuTerm}.</item>
+ *   <item><b>app-everyone / chart / preset</b>: idempotent per kind+key.</item>
+ * </list>
+ * This keeps the term count well below {@link AUDIENCE_LIMITS.maxTermsPerFilter} for typical
+ * use, and matches how the backend resolver would have unioned them anyway.
+ */
+declare class AudienceBuilderComponent implements OnInit, OnChanges, OnDestroy, ControlValueAccessor, Validator {
+    /** Initial audience filter. Two-way: changes emit via {@link audienceChange}. */
+    value: AudienceFilter | null | undefined;
+    /** Hide the Excludes section entirely (e.g. for simple "send to" pickers). */
+    showExcludes: boolean;
+    /**
+     * Which term kinds are selectable. Defaults to all six. Hosts that don't have a
+     * concept of `chart` or `preset` should narrow this down to keep the UI focused.
+     */
+    supportedKinds: readonly AudienceTermKind[];
+    /**
+     * Anchor user id used when adding a `preset` term. Typically `auth.currentUser().id`.
+     * If null and the operator picks a preset, the term is rejected with an inline error.
+     */
+    selfUserId: string | null;
+    /** App ids the host wants to expose as `app-everyone` options. */
+    appEveryoneOptions: {
+        appId: string;
+        displayName: string;
+    }[];
+    searchUsers: (query: string) => Observable<ShareUserResult[]>;
+    loadOuTree: (chartId: string | null) => Observable<ShareOuNode[]>;
+    loadChartOptions: () => Observable<ShareOrgChartOption[]>;
+    /**
+     * Optional apps-chart role-OU index. When supplied, the picker exposes a "Roles" tab
+     * surfacing role chips; without it, that tab is hidden even if `'roles'` is in
+     * {@link supportedKinds}.
+     */
+    loadRoleOus?: () => Observable<RoleOuLookupRow[]>;
+    /** Fires on every successful add/remove with the current filter. */
+    audienceChange: EventEmitter<AudienceFilter>;
+    /**
+     * True when {@link AudienceFilter.includes} is non-empty and the term count is within
+     * {@link AUDIENCE_LIMITS.maxTermsPerFilter}. Hosts should disable submit when false.
+     */
+    validityChange: EventEmitter<boolean>;
+    private readonly destroyRef;
+    private readonly i18n;
+    readonly includes: _angular_core.WritableSignal<AudienceTerm[]>;
+    readonly excludes: _angular_core.WritableSignal<AudienceTerm[]>;
+    readonly editTarget: _angular_core.WritableSignal<AudienceEditTarget>;
+    readonly pickerOpen: _angular_core.WritableSignal<boolean>;
+    readonly activeKind: _angular_core.WritableSignal<"ou" | "app-everyone" | "users" | "roles" | "chart" | "preset">;
+    readonly userSearchQuery: _angular_core.WritableSignal<string>;
+    readonly userSearchResults: _angular_core.WritableSignal<ShareUserResult[]>;
+    private readonly userSearch$;
+    readonly roleOus: _angular_core.WritableSignal<RoleOuLookupRow[]>;
+    readonly roleSearchQuery: _angular_core.WritableSignal<string>;
+    /**
+     * Filtered role list as a `computed` so the template doesn't re-call a method on every
+     * change-detection cycle.
+     */
+    readonly filteredRoles: _angular_core.Signal<RoleOuLookupRow[]>;
+    readonly ouTree: _angular_core.WritableSignal<ShareOuNode[]>;
+    readonly chartOptions: _angular_core.WritableSignal<ShareOrgChartOption[]>;
+    readonly selectedChartId: _angular_core.WritableSignal<string | null>;
+    readonly ouIncludeDescendants: _angular_core.WritableSignal<boolean>;
+    /**
+     * Chart-term picker entries — filters out the null-id default chart since `ChartTerm`
+     * requires a real Guid. Avoids the UX trap where clicking "Default Company" surfaces
+     * an inline error.
+     */
+    readonly chartTermOptions: _angular_core.Signal<ShareOrgChartOption[]>;
+    private readonly selectedChartId$;
+    readonly presetOptions: readonly ["self", "ou-managers", "direct-reports"];
+    readonly errorKey: _angular_core.WritableSignal<string | null>;
+    /** True when the host disabled this control (template-driven `[disabled]` or reactive). */
+    readonly disabled: _angular_core.WritableSignal<boolean>;
+    private onChange;
+    private onTouched;
+    private onValidatorChange;
+    ngOnInit(): void;
+    ngOnChanges(changes: SimpleChanges): void;
+    ngOnDestroy(): void;
+    /**
+     * Replaces the in-component state from an external value. Null-safe — if the host
+     * passes <c>null</c> or <c>undefined</c> (e.g. while a parent signal is loading),
+     * we treat it as an empty filter rather than crashing.
+     */
+    private applyValue;
+    openPicker(target: AudienceEditTarget): void;
+    closePicker(): void;
+    selectKind(kind: AudienceTermKind): void;
+    onUserSearchInput(): void;
+    pickUser(user: ShareUserResult): void;
+    pickRole(role: RoleOuLookupRow): void;
+    onChartChange(chartId: string | null): void;
+    pickOu(ou: ShareOuNode): void;
+    ouIndentStartPx(ou: ShareOuNode): number;
+    pickAppEveryone(appId: string): void;
+    pickChart(chartId: string | null): void;
+    pickPreset(preset: AudiencePresetKind): void;
+    removeTerm(target: AudienceEditTarget, index: number): void;
+    removeUserId(target: AudienceEditTarget, termIndex: number, userId: string): void;
+    removeRoleKey(target: AudienceEditTarget, termIndex: number, roleKey: string): void;
+    removeOuId(target: AudienceEditTarget, termIndex: number, ouId: string): void;
+    /** Returns the current filter snapshot — useful for hosts that want to peek without subscribing. */
+    snapshot(): AudienceFilter;
+    /**
+     * Called by the forms infrastructure to push a new value into the control. Mirrors the
+     * `[value]` setter path — re-uses `applyValue` so template-driven and reactive callers
+     * converge on the same hydration code.
+     */
+    writeValue(value: AudienceFilter | null | undefined): void;
+    registerOnChange(fn: (value: AudienceFilter) => void): void;
+    registerOnTouched(fn: () => void): void;
+    setDisabledState(isDisabled: boolean): void;
+    /**
+     * Aligns Angular's reactive-forms validity with the component's own `validityChange`
+     * output. Returns `audienceRequired` when includes is empty (the canonical "zero
+     * recipients" guard) and `audienceTooManyTerms` when over the per-filter cap.
+     * <br>
+     * The output-event path (<see cref="emitState"/>) reuses this method so there is ONE
+     * definition of "valid" — the classic "two almost-identical validators drifted" bug
+     * cannot recur here.
+     */
+    validate(_: AbstractControl): ValidationErrors | null;
+    private validateFilter;
+    registerOnValidatorChange(fn: () => void): void;
+    ouLabel(ouId: string): string;
+    roleLabel(appId: string, roleKey: string): string;
+    appLabel(appId: string): string;
+    chartLabel(chartId: string): string;
+    /**
+     * Locale key for a term kind. Replaces hyphens with underscores so the JSON file uses
+     * one consistent naming convention (`audience.kind_app_everyone`, not the hyphen variant).
+     */
+    kindLocaleKey(kind: AudienceTermKind): string;
+    /** Same convention as {@link kindLocaleKey} but for preset names. */
+    presetLocaleKey(preset: AudiencePresetKind): string;
+    /** Picon icon CSS class for a term kind tab — kept here so the template stays declarative. */
+    kindIconClass(kind: AudienceTermKind): string;
+    private addToActiveBucket;
+    private editTermAt;
+    private totalTermCount;
+    private upsertUsersTerm;
+    private upsertRolesTerm;
+    private upsertOuTerm;
+    private upsertAppEveryoneTerm;
+    private upsertChartTerm;
+    private upsertPresetTerm;
+    private buildFilter;
+    private emitState;
+    /**
+     * Emits ONLY the validity signal (component output + forms-validator hook). Used by
+     * <see cref="ngOnChanges"/> when the host pushes a new value: the host already knows the
+     * value it sent, so re-firing onChange / audienceChange is redundant and risks feedback
+     * loops with two-way bindings; but the validity flag may genuinely have flipped and the
+     * host needs that to enable / disable submit.
+     */
+    private emitValidityOnly;
+    private computeValidity;
+    static ɵfac: _angular_core.ɵɵFactoryDeclaration<AudienceBuilderComponent, never>;
+    static ɵcmp: _angular_core.ɵɵComponentDeclaration<AudienceBuilderComponent, "fly-audience-builder", never, { "value": { "alias": "value"; "required": false; }; "showExcludes": { "alias": "showExcludes"; "required": false; }; "supportedKinds": { "alias": "supportedKinds"; "required": false; }; "selfUserId": { "alias": "selfUserId"; "required": false; }; "appEveryoneOptions": { "alias": "appEveryoneOptions"; "required": false; }; "searchUsers": { "alias": "searchUsers"; "required": true; }; "loadOuTree": { "alias": "loadOuTree"; "required": true; }; "loadChartOptions": { "alias": "loadChartOptions"; "required": true; }; "loadRoleOus": { "alias": "loadRoleOus"; "required": false; }; }, { "audienceChange": "audienceChange"; "validityChange": "validityChange"; }, never, never, true, never>;
+}
 /**
  * Describes a Business or Supporting App remote from the Controller App's
  * `GET /api/apps/manifest` endpoint. The shell loads the component at runtime
@@ -511,73 +1015,6 @@ declare class MessageBoxComponent implements AfterViewInit {
     static ɵcmp: _angular_core.ɵɵComponentDeclaration<MessageBoxComponent, "fly-message-box", never, {}, {}, never, never, true, never>;
 }
-/** Default permission levels (file-style ACL). Hosts can override via `permissionLevels`. */
-declare const SHARE_PANEL_DEFAULT_FILE_LEVELS: SharePanelLevelOption[];
-declare class SharePanelComponent implements OnInit {
-    /** Resource title shown in the header */
-    targetName: string;
-    /** i18n key for panel title */
-    titleKey: string;
-    /** Load current shares / permissions (host resolves display names when possible). */
-    loadPermissions: () => Observable<SharePermissionEntry[]>;
-    searchUsers: (query: string) => Observable<ShareUserResult[]>;
-    /**
-     * Load OU hierarchy for sharing. `chartId` is null for the default/official tree;
-     * non-null for an alternative chart.
-     */
-    loadOuTree: (chartId: string | null) => Observable<ShareOuNode[]>;
-    /** Chart selector options; first entry should be the default chart (`id: null`). */
-    loadChartOptions: () => Observable<ShareOrgChartOption[]>;
-    /**
-     * Labels from the default (official) OU tree for stable display names on OU grants
-     * when the picker shows an alternative chart.
-     */
-    loadOuLabelMap: () => Observable<Record<string, string>>;
-    grantToUser: (userId: string, level: string, applyToChildren: boolean) => Observable<void>;
-    grantToOu: (ouId: string, level: string, applyToChildren: boolean) => Observable<void>;
-    updatePermission: (id: string, level: string) => Observable<void>;
-    revokePermission: (id: string) => Observable<void>;
-    /** When true, show “apply to children” (e.g. folders). */
-    showApplyToChildren: boolean;
-    /** Override level dropdown options (e.g. notes: View / Edit only). */
-    permissionLevels?: SharePanelLevelOption[];
-    /** i18n key for wildcard app grant label */
-    everyoneLabelKey: string;
-    close: EventEmitter<void>;
-    private destroyRef;
-    private i18n;
-    permissions: _angular_core.WritableSignal<SharePermissionEntry[]>;
-    loading: _angular_core.WritableSignal<boolean>;
-    searchQuery: string;
-    newLevel: string;
-    applyToChildren: boolean;
-    searchResults: _angular_core.WritableSignal<ShareUserResult[]>;
-    ouTree: _angular_core.WritableSignal<ShareOuNode[]>;
-    showOuPicker: _angular_core.WritableSignal<boolean>;
-    chartOptions: _angular_core.WritableSignal<ShareOrgChartOption[]>;
-    selectedOrgChartId: _angular_core.WritableSignal<string | null>;
-    /** Default-tree id → display name for permission rows (OU grants). */
-    private readonly ouLabelById;
-    private searchTimeout;
-    /** Emits after chart options load; further emissions on user chart changes (no initial null). */
-    private readonly selectedChartId$;
-    ngOnInit(): void;
-    onOrgChartSelectChange(chartId: string | null): void;
-    get levelOptions(): SharePanelLevelOption[];
-    refreshPermissions(): void;
-    onSearchInput(): void;
-    onGrantToUser(user: ShareUserResult): void;
-    onGrantToOu(ou: ShareOuNode): void;
-    onUpdateLevel(perm: SharePermissionEntry, level: string): void;
-    onRevokePermission(perm: SharePermissionEntry): void;
-    getPermIcon(perm: SharePermissionEntry): string;
-    /** Logical start padding for OU hierarchy (roots align with section padding). */
-    ouIndentStartPx(ou: ShareOuNode): number;
-    getPermLabel(perm: SharePermissionEntry): string;
-    static ɵfac: _angular_core.ɵɵFactoryDeclaration<SharePanelComponent, never>;
-    static ɵcmp: _angular_core.ɵɵComponentDeclaration<SharePanelComponent, "fly-share-panel", never, { "targetName": { "alias": "targetName"; "required": false; }; "titleKey": { "alias": "titleKey"; "required": false; }; "loadPermissions": { "alias": "loadPermissions"; "required": true; }; "searchUsers": { "alias": "searchUsers"; "required": true; }; "loadOuTree": { "alias": "loadOuTree"; "required": true; }; "loadChartOptions": { "alias": "loadChartOptions"; "required": true; }; "loadOuLabelMap": { "alias": "loadOuLabelMap"; "required": true; }; "grantToUser": { "alias": "grantToUser"; "required": true; }; "grantToOu": { "alias": "grantToOu"; "required": true; }; "updatePermission": { "alias": "updatePermission"; "required": true; }; "revokePermission": { "alias": "revokePermission"; "required": true; }; "showApplyToChildren": { "alias": "showApplyToChildren"; "required": false; }; "permissionLevels": { "alias": "permissionLevels"; "required": false; }; "everyoneLabelKey": { "alias": "everyoneLabelKey"; "required": false; }; }, { "close": "close"; }, never, never, true, never>;
-}
 /** Full-bleed loading overlay for window content (shell) or embedded hosts. */
 declare class FlyBlockUiComponent {
     /** When false, the overlay is not rendered (host may use @if instead). */
@@ -726,6 +1163,19 @@ declare class FlyFileUploadComponent {
     static ɵcmp: _angular_core.ɵɵComponentDeclaration<FlyFileUploadComponent, "fly-file-upload", never, { "maxFiles": { "alias": "maxFiles"; "required": false; "isSignal": true; }; "maxFileSizeBytes": { "alias": "maxFileSizeBytes"; "required": false; "isSignal": true; }; "accept": { "alias": "accept"; "required": false; "isSignal": true; }; "sourceApp": { "alias": "sourceApp"; "required": false; "isSignal": true; }; "sourceEntityType": { "alias": "sourceEntityType"; "required": false; "isSignal": true; }; "sourceEntityId": { "alias": "sourceEntityId"; "required": false; "isSignal": true; }; "existingFileIds": { "alias": "existingFileIds"; "required": false; "isSignal": true; }; "files": { "alias": "files"; "required": false; "isSignal": true; }; }, { "files": "filesChange"; "filesChanged": "filesChanged"; }, never, never, true, never>;
 }
-export { AuthService, ContextMenuComponent, DEFAULT_FLY_THEME_MODE, DialogResult, FLY_THEME_MODE_IDS, FlyBlockUiComponent, FlyFileUploadComponent, FlyImageUploadComponent, FlyThemeService, I18nService, MessageBoxButtons, MessageBoxComponent, MessageBoxIcon, MessageBoxService, MockAuthService, RTL_LOCALE_SET, SHARE_PANEL_DEFAULT_FILE_LEVELS, SharePanelComponent, StandaloneWindowManagerService, TranslatePipe, WINDOW_DATA, WindowManagerService, isRtlLocale, normalizeFlyTheme };
-export type { ChildWindowData, ContextMenuItem, ContextMenuSection, DesktopApp, DesktopAppKind, FlyFileInfo, FlyThemeMode, LoadBundleOptions, MessageBoxButton, MessageBoxOptions, MockAuthConfig, OpenWindowOptions, RemoteAppDef, ShareOrgChartOption, ShareOuNode, SharePanelLevelOption, SharePermissionEntry, ShareUserResult, User, WindowInstance, WindowState };
+/**
+ * Stable error codes returned by audience-aware backend endpoints. Mirror of
+ * `Fly.Shared.Core.Audience.AudienceErrorCodes`. Compare on these strings, not on HTTP
+ * status, so localized messages can change without breaking integrations.
+ */
+declare const AUDIENCE_ERROR_CODES: {
+    readonly invalidFilter: "INVALID_AUDIENCE_FILTER";
+    readonly audienceTooLarge: "AUDIENCE_TOO_LARGE";
+    readonly resolverUnavailable: "AUDIENCE_RESOLVER_UNAVAILABLE";
+    readonly invalidAudienceKind: "INVALID_AUDIENCE_KIND";
+};
+type AudienceErrorCode = (typeof AUDIENCE_ERROR_CODES)[keyof typeof AUDIENCE_ERROR_CODES];
+export { AUDIENCE_ERROR_CODES, AUDIENCE_LIMITS, AUDIENCE_PRESETS, AUDIENCE_TERM_KINDS, AudienceBuilderComponent, AuthService, ContextMenuComponent, DEFAULT_FLY_THEME_MODE, DialogResult, FLY_THEME_MODE_IDS, FlyBlockUiComponent, FlyFileUploadComponent, FlyImageUploadComponent, FlyThemeService, I18nService, LAUNCH_CONTEXT, MessageBoxButtons, MessageBoxComponent, MessageBoxIcon, MessageBoxService, MockAuthService, RTL_LOCALE_SET, SHARE_PANEL_DEFAULT_FILE_LEVELS, SharePanelComponent, StandaloneWindowManagerService, TranslatePipe, WINDOW_DATA, WindowManagerService, isRtlLocale, normalizeFlyTheme };
+export type { AppEveryonePrincipal, AppEveryoneTerm, AudienceEditTarget, AudienceErrorCode, AudienceFilter, AudienceOptions, AudiencePresetKind, AudienceTerm, AudienceTermKind, ChartTerm, ChildWindowData, ContextMenuItem, ContextMenuSection, DesktopApp, DesktopAppKind, FlyFileInfo, FlyThemeMode, LaunchContext, LoadBundleOptions, MessageBoxButton, MessageBoxOptions, MockAuthConfig, OpenWindowOptions, OuPrincipal, OuTerm, PresetTerm, RemoteAppDef, RoleOuLookupRow, RolePrincipal, RolesTerm, ShareOrgChartOption, ShareOuNode, SharePanelLevelOption, SharePermissionEntry, SharePrincipal, SharePrincipalKind, ShareUserResult, User, UserPrincipal, UsersTerm, WindowInstance, WindowState };
 //# sourceMappingURL=mohamedatia-fly-design-system.d.ts.map