@mostajs/setup 1.4.14 → 1.5.0

package/README.md

@@ -25,7 +25,8 @@ Part of the [@mosta suite](https://mostajs.dev).
 6. [Systeme de modules](#6-systeme-de-modules)
 7. [Exemples avances](#7-exemples-avances)
 8. [Reconfiguration (post-installation)](#8-reconfiguration-post-installation)
-9. [FAQ / Troubleshooting](#9-faq--troubleshooting)
+9. [Mode declaratif : setup.json](#9-mode-declaratif--setupjson)
+10. [FAQ / Troubleshooting](#10-faq--troubleshooting)
 
 ---
 
@@ -497,6 +498,13 @@ npm run dev
 | `createDetectModulesHandler()` | `/api/setup/detect-modules` | GET | Liste modules (statiques + npm) + installes |
 | `createInstallModulesHandler(needsSetup)` | `/api/setup/install-modules` | POST | Installe les modules npm selectionnes |
 
+### setup.json (declaratif)
+
+| Export | Signature | Description |
+|--------|-----------|-------------|
+| `loadSetupJson` | `(source?, repoFactory?) => Promise<MostaSetupConfig>` | Charge `setup.json` et retourne un config complet |
+| `createSetupJsonHandler` | `(needsSetup) => { GET, POST }` | Route API pour verifier/uploader `setup.json` |
+
 ### Data exports
 
 | Export | Description |
@@ -853,7 +861,202 @@ Un package npm ne peut pas injecter de pages dans le routeur — c'est donc au p
 
 ---
 
-## 9. FAQ / Troubleshooting
+## 9. Mode declaratif : setup.json
+
+> **Nouveau** — Depuis v1.5, le setup peut etre entierement configure via un fichier JSON declaratif.
+
+### Principe
+
+Au lieu d'ecrire du TypeScript pour definir les categories, permissions, roles et seeds,
+vous declarez tout dans un fichier `setup.json` a la racine du projet. Le module le lit
+et genere automatiquement les callbacks `seedRBAC`, `createAdmin` et `optionalSeeds`.
+
+### Creer un setup.json
+
+**3 methodes :**
+
+| Methode | Commande | Pour qui |
+|---------|----------|----------|
+| **Studio visuel** | Ouvrir [MostaSetup Studio](https://github.com/apolocine/mosta-setup-studio) | Non-developpeurs, design RBAC |
+| **CLI interactif** | `npx mosta-setup` | Developpeurs en terminal |
+| **CLI rapide** | `npx mosta-setup --quick --name MonApp --port 3000` | CI/CD, scripts |
+
+### Structure du fichier
+
+```json
+{
+  "$schema": "https://mostajs.dev/schemas/setup.v1.json",
+  "app": {
+    "name": "MonApp",
+    "port": 3000,
+    "dbNamePrefix": "monappdb"
+  },
+  "env": {
+    "MOSTAJS_MODULES": "orm,auth,audit,rbac,settings,setup"
+  },
+  "rbac": {
+    "categories": [
+      { "name": "admin", "label": "Administration", "icon": "Settings", "order": 0 }
+    ],
+    "permissions": [
+      { "code": "admin:access", "description": "Acceder au panneau", "category": "admin" }
+    ],
+    "roles": [
+      { "name": "admin", "description": "Administrateur", "permissions": ["*"] }
+    ]
+  },
+  "seeds": [
+    {
+      "key": "products",
+      "label": "Produits demo",
+      "collection": "product",
+      "match": "slug",
+      "default": true,
+      "data": [
+        { "name": "Produit A", "slug": "produit-a", "price": 1000 }
+      ]
+    }
+  ]
+}
+```
+
+Le champ `$schema` active l'**autocompletion dans VS Code** (types, descriptions, exemples).
+
+### Utiliser loadSetupJson()
+
+```typescript
+// src/lib/setup-config.ts
+import { loadSetupJson } from '@mostajs/setup'
+import type { MostaSetupConfig } from '@mostajs/setup'
+
+// repoFactory : adapte a votre couche d'acces aux donnees
+async function repoFactory(collection: string) {
+  const service = await import('@/dal/service')
+  const factories: Record<string, () => Promise<unknown>> = {
+    permissionCategory: service.permissionCategoryRepo,
+    permission: service.permissionRepo,
+    role: service.roleRepo,
+    user: service.userRepo,
+    activity: service.activityRepo,
+  }
+  return factories[collection]() as Promise<any>
+}
+
+export async function getSetupConfig(): Promise<MostaSetupConfig> {
+  return loadSetupJson('./setup.json', repoFactory)
+}
+```
+
+```typescript
+// src/app/api/setup/install/route.ts
+import { runInstall } from '@mostajs/setup'
+import type { InstallConfig } from '@mostajs/setup'
+import { appNeedsSetup, getSetupConfig } from '@/lib/setup-config'
+
+export async function POST(req: Request) {
+  if (!(await appNeedsSetup())) {
+    return Response.json({ error: 'Already installed' }, { status: 400 })
+  }
+  const body: InstallConfig = await req.json()
+  const config = await getSetupConfig()
+  return Response.json(await runInstall(body, config))
+}
+```
+
+### Fonctionnalites des seeds JSON
+
+| Champ | Type | Description |
+|-------|------|-------------|
+| `key` | `string` | Identifiant unique du seed |
+| `label` | `string` | Label affiche dans le wizard (checkbox) |
+| `collection` | `string` | Collection/table cible (doit matcher un schema enregistre) |
+| `match` | `string` | Champ pour upsert idempotent (ex: `slug`, `email`) |
+| `hashField` | `string` | Champ a hasher avec bcrypt avant insertion (ex: `password`) |
+| `roleField` | `string` | Champ contenant un nom de role — resolu en ID a l'execution |
+| `defaults` | `object` | Valeurs par defaut fusionnees dans chaque ligne |
+| `default` | `boolean` | Si `true`, la checkbox est cochee par defaut dans le wizard |
+| `data` | `array` | Tableau d'objets a seeder |
+
+**Exemple : seed utilisateurs avec hash + resolution de role :**
+```json
+{
+  "key": "demoUsers",
+  "collection": "user",
+  "match": "email",
+  "hashField": "password",
+  "roleField": "role",
+  "defaults": { "status": "active" },
+  "data": [
+    { "email": "agent@app.dz", "password": "Agent@123", "firstName": "Karim", "role": "agent_accueil" }
+  ]
+}
+```
+
+A l'execution :
+1. `password` est hashe avec bcrypt (12 rounds)
+2. `role: "agent_accueil"` est resolu en `roles: ["<id-du-role>"]`
+3. `defaults.status` est fusionne → `status: "active"`
+4. Si `match: "email"` et l'email existe deja → upsert (pas de doublon)
+
+### setup.json manquant : upload automatique
+
+Si le projet accede a `/setup` et que `setup.json` n'existe pas, la page affiche
+automatiquement un formulaire d'upload (drag & drop ou selection de fichier).
+
+Pour activer cette fonctionnalite, ajoutez la route API :
+
+```typescript
+// src/app/api/setup/setup-json/route.ts
+import { createSetupJsonHandler } from '@mostajs/setup'
+import { appNeedsSetup } from '@/lib/setup-config'
+
+export const { GET, POST } = createSetupJsonHandler(appNeedsSetup)
+```
+
+- **GET** `/api/setup/setup-json` → `{ exists: boolean, config?: {...} }`
+- **POST** `/api/setup/setup-json` → recoit le JSON, ecrit `./setup.json`
+
+### Mixer JSON + code TypeScript
+
+Les seeds simples (insert de donnees) vont dans `setup.json`. Les seeds complexes
+(relations, logique conditionnelle) restent en TypeScript :
+
+```typescript
+const config = await loadSetupJson('./setup.json', repoFactory)
+// Ajouter un seed code-only
+config.optionalSeeds = [
+  ...(config.optionalSeeds ?? []),
+  { key: 'demoData', label: 'Donnees complexes', run: async () => { /* ... */ } },
+]
+```
+
+### Validation
+
+`loadSetupJson()` valide automatiquement :
+- `app.name` est requis
+- Chaque permission reference une categorie existante
+- Chaque role reference des permissions existantes (sauf `*`)
+- Erreur descriptive en cas de reference croisee invalide
+
+### CLI : npx mosta-setup
+
+```bash
+# Mode interactif (terminal)
+npx mosta-setup
+
+# Mode rapide (CI, scripts, Dockerfile)
+npx mosta-setup --quick --name MonApp --port 4567 --db monappdb
+
+# Avec modules
+npx mosta-setup --quick --name MonApp --modules "orm,auth,audit,rbac,settings,setup"
+
+# Sortie stdout (pour pipe)
+npx mosta-setup --quick --name MonApp --stdout | jq .
+```
+
+---
+
+## 10. FAQ / Troubleshooting
 
 ### L'installation tourne en boucle (GET /setup se repete)
 

package/cli/init.ts

@@ -0,0 +1,153 @@
+#!/usr/bin/env node
+// Author: Dr Hamid MADANI drmdh@msn.com
+// CLI: npx @mostajs/setup init — interactive setup.json generator
+//
+// Usage:
+//   npx mosta-setup              # interactive mode
+//   npx mosta-setup --quick      # generate minimal setup.json with defaults
+//   npx mosta-setup --name MyApp --port 4567 --db myappdb  # non-interactive
+
+import * as readline from 'readline'
+import * as fs from 'fs'
+import * as path from 'path'
+
+const CYAN = '\x1b[36m'
+const GREEN = '\x1b[32m'
+const NC = '\x1b[0m'
+
+// ── Parse CLI args ───────────────────────────────────────
+
+const args = process.argv.slice(2)
+const getArg = (flag: string): string | undefined => {
+  const i = args.indexOf(flag)
+  return i >= 0 && i + 1 < args.length ? args[i + 1] : undefined
+}
+const hasFlag = (flag: string) => args.includes(flag)
+
+// ── Quick mode (non-interactive) ─────────────────────────
+
+if (hasFlag('--quick') || hasFlag('-q')) {
+  const name = getArg('--name') || 'MonApp'
+  const port = parseInt(getArg('--port') || '3000')
+  const dbPrefix = getArg('--db') || name.toLowerCase().replace(/[^a-z0-9]/g, '') + 'db'
+  const modules = getArg('--modules')
+
+  const setup: Record<string, unknown> = {
+    $schema: 'https://mostajs.dev/schemas/setup.v1.json',
+    app: { name, ...(port !== 3000 ? { port } : {}), ...(dbPrefix ? { dbNamePrefix: dbPrefix } : {}) },
+  }
+  if (modules) setup.env = { MOSTAJS_MODULES: modules }
+
+  const json = JSON.stringify(setup, null, 2)
+  const outPath = path.resolve(process.cwd(), 'setup.json')
+
+  if (hasFlag('--stdout')) {
+    process.stdout.write(json + '\n')
+  } else {
+    fs.writeFileSync(outPath, json + '\n', 'utf-8')
+    console.log(`${GREEN}setup.json cree: ${outPath}${NC}`)
+  }
+  process.exit(0)
+}
+
+// ── Interactive mode ─────────────────────────────────────
+
+const rl = readline.createInterface({ input: process.stdin, output: process.stdout, terminal: process.stdin.isTTY !== false })
+const ask = (q: string, def?: string): Promise<string> =>
+  new Promise(r => rl.question(`${q}${def ? ` (${def})` : ''}: `, a => r(a.trim() || def || '')))
+
+async function main() {
+  console.log(`\n${CYAN}  MostaSetup — Generateur de setup.json${NC}\n`)
+
+  // ── App ────────────────────────────────────────────────
+  const appName = await ask('  Nom de l\'application', 'MonApp')
+  const portStr = await ask('  Port HTTP', '3000')
+  const port = parseInt(portStr) || 3000
+  const dbPrefix = await ask('  Prefix DB', appName.toLowerCase().replace(/[^a-z0-9]/g, '') + 'db')
+
+  // ── Env ────────────────────────────────────────────────
+  const addModules = (await ask('  Ajouter MOSTAJS_MODULES ? (o/n)', 'o')).toLowerCase() === 'o'
+  const modules = addModules
+    ? await ask('  Modules', 'orm,auth,audit,rbac,settings,setup')
+    : ''
+
+  // ── RBAC ───────────────────────────────────────────────
+  const addRbac = (await ask('\n  Generer un RBAC de base ? (o/n)', 'o')).toLowerCase() === 'o'
+  const categories: { name: string; label: string }[] = []
+  const permissions: { code: string; description: string; category: string }[] = []
+  const roles: { name: string; description: string; permissions: string[] }[] = []
+
+  if (addRbac) {
+    console.log(`\n  ${CYAN}Categories${NC} (entree vide pour terminer)`)
+    while (true) {
+      const name = await ask('    Nom categorie (ex: admin)')
+      if (!name) break
+      const label = await ask(`    Label pour "${name}"`, name.charAt(0).toUpperCase() + name.slice(1))
+      categories.push({ name, label })
+    }
+
+    console.log(`\n  ${CYAN}Permissions${NC} (entree vide pour terminer)`)
+    while (true) {
+      const code = await ask('    Code permission (ex: client:view)')
+      if (!code) break
+      const desc = await ask(`    Description pour "${code}"`, code)
+      const cat = categories.length > 0
+        ? await ask(`    Categorie (${categories.map(c => c.name).join(', ')})`, categories[0].name)
+        : ''
+      permissions.push({ code, description: desc, category: cat })
+    }
+
+    console.log(`\n  ${CYAN}Roles${NC} (entree vide pour terminer)`)
+    while (true) {
+      const name = await ask('    Nom role (ex: admin)')
+      if (!name) break
+      const desc = await ask(`    Description`, name)
+      const allPerms = (await ask('    Toutes les permissions ? (o/n)', name === 'admin' ? 'o' : 'n')).toLowerCase() === 'o'
+      let rolePerms: string[] = []
+      if (allPerms) {
+        rolePerms = ['*']
+      } else {
+        const permsStr = await ask(`    Permissions (virgules: ${permissions.map(p => p.code).slice(0, 5).join(', ')}...)`)
+        rolePerms = permsStr.split(',').map(s => s.trim()).filter(Boolean)
+      }
+      roles.push({ name, description: desc, permissions: rolePerms })
+    }
+  }
+
+  // ── Build JSON ─────────────────────────────────────────
+  const setup: Record<string, unknown> = {
+    $schema: 'https://mostajs.dev/schemas/setup.v1.json',
+    app: { name: appName, ...(port !== 3000 ? { port } : {}), ...(dbPrefix ? { dbNamePrefix: dbPrefix } : {}) },
+  }
+  if (modules) {
+    setup.env = { MOSTAJS_MODULES: modules }
+  }
+  if (addRbac && (categories.length || permissions.length || roles.length)) {
+    const rbac: Record<string, unknown> = {}
+    if (categories.length) rbac.categories = categories
+    if (permissions.length) rbac.permissions = permissions
+    if (roles.length) rbac.roles = roles
+    setup.rbac = rbac
+  }
+
+  const json = JSON.stringify(setup, null, 2)
+  const outPath = path.resolve(process.cwd(), 'setup.json')
+
+  console.log(`\n${CYAN}  Preview:${NC}`)
+  console.log(json)
+
+  const write = (await ask(`\n  Ecrire dans ${outPath} ? (o/n)`, 'o')).toLowerCase() === 'o'
+  if (write) {
+    fs.writeFileSync(outPath, json + '\n', 'utf-8')
+    console.log(`\n  ${GREEN}setup.json cree avec succes${NC}\n`)
+  } else {
+    console.log(`\n  Annule.\n`)
+  }
+
+  rl.close()
+}
+
+main().catch(err => {
+  console.error(err)
+  process.exit(1)
+})

package/dist/api/upload-setup-json.route.d.ts

@@ -0,0 +1,12 @@
+type NeedsSetupFn = () => Promise<boolean>;
+/**
+ * Creates handlers for checking and uploading setup.json.
+ *
+ * GET  /api/setup/setup-json → { exists: boolean, config?: { appName, seeds, rbac } }
+ * POST /api/setup/setup-json → receives JSON body, writes to ./setup.json
+ */
+export declare function createSetupJsonHandler(needsSetup: NeedsSetupFn): {
+    GET: () => Promise<Response>;
+    POST: (req: Request) => Promise<Response>;
+};
+export {};

package/dist/api/upload-setup-json.route.js

@@ -0,0 +1,64 @@
+// @mostajs/setup — API Route for uploading setup.json
+// Author: Dr Hamid MADANI drmdh@msn.com
+//
+// When a project uses loadSetupJson() but setup.json is missing,
+// this route allows uploading it via the setup wizard UI.
+import fs from 'fs';
+import path from 'path';
+/**
+ * Creates handlers for checking and uploading setup.json.
+ *
+ * GET  /api/setup/setup-json → { exists: boolean, config?: { appName, seeds, rbac } }
+ * POST /api/setup/setup-json → receives JSON body, writes to ./setup.json
+ */
+export function createSetupJsonHandler(needsSetup) {
+    const setupJsonPath = () => path.resolve(process.cwd(), 'setup.json');
+    async function GET() {
+        const filePath = setupJsonPath();
+        if (!fs.existsSync(filePath)) {
+            return Response.json({ exists: false });
+        }
+        try {
+            const raw = fs.readFileSync(filePath, 'utf-8');
+            const json = JSON.parse(raw);
+            return Response.json({
+                exists: true,
+                config: {
+                    appName: json.app?.name,
+                    hasRbac: !!(json.rbac?.roles?.length || json.rbac?.permissions?.length),
+                    seedCount: json.seeds?.length ?? 0,
+                },
+            });
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : 'Invalid JSON';
+            return Response.json({ exists: false, error: msg });
+        }
+    }
+    async function POST(req) {
+        if (!(await needsSetup())) {
+            return Response.json({ error: 'Already installed' }, { status: 400 });
+        }
+        let body;
+        try {
+            body = await req.json();
+        }
+        catch {
+            return Response.json({ error: 'Invalid JSON body' }, { status: 400 });
+        }
+        if (!body.app?.name) {
+            return Response.json({ error: 'setup.json must have app.name' }, { status: 400 });
+        }
+        const filePath = setupJsonPath();
+        fs.writeFileSync(filePath, JSON.stringify(body, null, 2) + '\n', 'utf-8');
+        return Response.json({
+            ok: true,
+            config: {
+                appName: body.app.name,
+                hasRbac: !!(body.rbac?.roles?.length || body.rbac?.permissions?.length),
+                seedCount: body.seeds?.length ?? 0,
+            },
+        });
+    }
+    return { GET, POST };
+}

package/dist/api/wire-module.route.js

@@ -91,22 +91,26 @@ export function createWireModuleHandler() {
                     const wireFile = path.join(mostaDir, dir, `${dir}.wire.json`);
                     if (fs.existsSync(wireFile)) {
                         const manifest = JSON.parse(fs.readFileSync(wireFile, 'utf8'));
-                        // Check if already wired by looking at schemas or permissions in host files
-                        const permFile = path.join(root, 'src/lib/permissions.ts');
-                        let installed = false;
-                        if (manifest.permissions?.permissionsConst && fs.existsSync(permFile)) {
-                            installed = fs.readFileSync(permFile, 'utf8').includes(manifest.permissions.permissionsConst);
-                        }
-                        else if (manifest.schemas?.exports?.[0]) {
-                            const regFile = path.join(root, 'src/dal/registry.ts');
-                            if (fs.existsSync(regFile)) {
-                                installed = fs.readFileSync(regFile, 'utf8').includes(manifest.schemas.exports[0]);
+                        // Check if already wired — primary: package in dependencies
+                        const pkg = JSON.parse(fs.readFileSync(path.join(root, 'package.json'), 'utf8'));
+                        let installed = !!pkg.dependencies?.[manifest.package];
+                        // Fallback: check host source files for legacy codegen markers
+                        if (!installed) {
+                            const permFile = path.join(root, 'src/lib/permissions.ts');
+                            if (manifest.permissions?.permissionsConst && fs.existsSync(permFile)) {
+                                installed = fs.readFileSync(permFile, 'utf8').includes(manifest.permissions.permissionsConst);
                             }
-                        }
-                        else if (manifest.menu?.name) {
-                            const sidebarFile = path.join(root, 'src/components/layout/Sidebar.tsx');
-                            if (fs.existsSync(sidebarFile)) {
-                                installed = fs.readFileSync(sidebarFile, 'utf8').includes(manifest.menu.name);
+                            else if (manifest.schemas?.exports?.[0]) {
+                                const regFile = path.join(root, 'src/dal/registry.ts');
+                                if (fs.existsSync(regFile)) {
+                                    installed = fs.readFileSync(regFile, 'utf8').includes(manifest.schemas.exports[0]);
+                                }
+                            }
+                            else if (manifest.menu?.name) {
+                                const sidebarFile = path.join(root, 'src/components/layout/Sidebar.tsx');
+                                if (fs.existsSync(sidebarFile)) {
+                                    installed = fs.readFileSync(sidebarFile, 'utf8').includes(manifest.menu.name);
+                                }
                             }
                         }
                         found.push({

package/dist/cli/init.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/cli/init.js

@@ -0,0 +1,138 @@
+#!/usr/bin/env node
+// Author: Dr Hamid MADANI drmdh@msn.com
+// CLI: npx @mostajs/setup init — interactive setup.json generator
+//
+// Usage:
+//   npx mosta-setup              # interactive mode
+//   npx mosta-setup --quick      # generate minimal setup.json with defaults
+//   npx mosta-setup --name MyApp --port 4567 --db myappdb  # non-interactive
+import * as readline from 'readline';
+import * as fs from 'fs';
+import * as path from 'path';
+const CYAN = '\x1b[36m';
+const GREEN = '\x1b[32m';
+const NC = '\x1b[0m';
+// ── Parse CLI args ───────────────────────────────────────
+const args = process.argv.slice(2);
+const getArg = (flag) => {
+    const i = args.indexOf(flag);
+    return i >= 0 && i + 1 < args.length ? args[i + 1] : undefined;
+};
+const hasFlag = (flag) => args.includes(flag);
+// ── Quick mode (non-interactive) ─────────────────────────
+if (hasFlag('--quick') || hasFlag('-q')) {
+    const name = getArg('--name') || 'MonApp';
+    const port = parseInt(getArg('--port') || '3000');
+    const dbPrefix = getArg('--db') || name.toLowerCase().replace(/[^a-z0-9]/g, '') + 'db';
+    const modules = getArg('--modules');
+    const setup = {
+        $schema: 'https://mostajs.dev/schemas/setup.v1.json',
+        app: { name, ...(port !== 3000 ? { port } : {}), ...(dbPrefix ? { dbNamePrefix: dbPrefix } : {}) },
+    };
+    if (modules)
+        setup.env = { MOSTAJS_MODULES: modules };
+    const json = JSON.stringify(setup, null, 2);
+    const outPath = path.resolve(process.cwd(), 'setup.json');
+    if (hasFlag('--stdout')) {
+        process.stdout.write(json + '\n');
+    }
+    else {
+        fs.writeFileSync(outPath, json + '\n', 'utf-8');
+        console.log(`${GREEN}setup.json cree: ${outPath}${NC}`);
+    }
+    process.exit(0);
+}
+// ── Interactive mode ─────────────────────────────────────
+const rl = readline.createInterface({ input: process.stdin, output: process.stdout, terminal: process.stdin.isTTY !== false });
+const ask = (q, def) => new Promise(r => rl.question(`${q}${def ? ` (${def})` : ''}: `, a => r(a.trim() || def || '')));
+async function main() {
+    console.log(`\n${CYAN}  MostaSetup — Generateur de setup.json${NC}\n`);
+    // ── App ────────────────────────────────────────────────
+    const appName = await ask('  Nom de l\'application', 'MonApp');
+    const portStr = await ask('  Port HTTP', '3000');
+    const port = parseInt(portStr) || 3000;
+    const dbPrefix = await ask('  Prefix DB', appName.toLowerCase().replace(/[^a-z0-9]/g, '') + 'db');
+    // ── Env ────────────────────────────────────────────────
+    const addModules = (await ask('  Ajouter MOSTAJS_MODULES ? (o/n)', 'o')).toLowerCase() === 'o';
+    const modules = addModules
+        ? await ask('  Modules', 'orm,auth,audit,rbac,settings,setup')
+        : '';
+    // ── RBAC ───────────────────────────────────────────────
+    const addRbac = (await ask('\n  Generer un RBAC de base ? (o/n)', 'o')).toLowerCase() === 'o';
+    const categories = [];
+    const permissions = [];
+    const roles = [];
+    if (addRbac) {
+        console.log(`\n  ${CYAN}Categories${NC} (entree vide pour terminer)`);
+        while (true) {
+            const name = await ask('    Nom categorie (ex: admin)');
+            if (!name)
+                break;
+            const label = await ask(`    Label pour "${name}"`, name.charAt(0).toUpperCase() + name.slice(1));
+            categories.push({ name, label });
+        }
+        console.log(`\n  ${CYAN}Permissions${NC} (entree vide pour terminer)`);
+        while (true) {
+            const code = await ask('    Code permission (ex: client:view)');
+            if (!code)
+                break;
+            const desc = await ask(`    Description pour "${code}"`, code);
+            const cat = categories.length > 0
+                ? await ask(`    Categorie (${categories.map(c => c.name).join(', ')})`, categories[0].name)
+                : '';
+            permissions.push({ code, description: desc, category: cat });
+        }
+        console.log(`\n  ${CYAN}Roles${NC} (entree vide pour terminer)`);
+        while (true) {
+            const name = await ask('    Nom role (ex: admin)');
+            if (!name)
+                break;
+            const desc = await ask(`    Description`, name);
+            const allPerms = (await ask('    Toutes les permissions ? (o/n)', name === 'admin' ? 'o' : 'n')).toLowerCase() === 'o';
+            let rolePerms = [];
+            if (allPerms) {
+                rolePerms = ['*'];
+            }
+            else {
+                const permsStr = await ask(`    Permissions (virgules: ${permissions.map(p => p.code).slice(0, 5).join(', ')}...)`);
+                rolePerms = permsStr.split(',').map(s => s.trim()).filter(Boolean);
+            }
+            roles.push({ name, description: desc, permissions: rolePerms });
+        }
+    }
+    // ── Build JSON ─────────────────────────────────────────
+    const setup = {
+        $schema: 'https://mostajs.dev/schemas/setup.v1.json',
+        app: { name: appName, ...(port !== 3000 ? { port } : {}), ...(dbPrefix ? { dbNamePrefix: dbPrefix } : {}) },
+    };
+    if (modules) {
+        setup.env = { MOSTAJS_MODULES: modules };
+    }
+    if (addRbac && (categories.length || permissions.length || roles.length)) {
+        const rbac = {};
+        if (categories.length)
+            rbac.categories = categories;
+        if (permissions.length)
+            rbac.permissions = permissions;
+        if (roles.length)
+            rbac.roles = roles;
+        setup.rbac = rbac;
+    }
+    const json = JSON.stringify(setup, null, 2);
+    const outPath = path.resolve(process.cwd(), 'setup.json');
+    console.log(`\n${CYAN}  Preview:${NC}`);
+    console.log(json);
+    const write = (await ask(`\n  Ecrire dans ${outPath} ? (o/n)`, 'o')).toLowerCase() === 'o';
+    if (write) {
+        fs.writeFileSync(outPath, json + '\n', 'utf-8');
+        console.log(`\n  ${GREEN}setup.json cree avec succes${NC}\n`);
+    }
+    else {
+        console.log(`\n  Annule.\n`);
+    }
+    rl.close();
+}
+main().catch(err => {
+    console.error(err);
+    process.exit(1);
+});

package/dist/index.d.ts

@@ -5,6 +5,8 @@ export { writeEnvLocal } from './lib/env-writer';
 export { DIALECT_INFO, ALL_DIALECTS } from './data/dialects';
 export { MODULES, resolveModuleDependencies } from './data/module-definitions';
 export { discoverNpmModules } from './lib/discover-modules';
+export { loadSetupJson } from './lib/load-setup-json';
+export type { SetupJson, SetupJsonRbac, SetupJsonSeed, SetupJsonCategory, SetupJsonPermission, SetupJsonRole } from './lib/load-setup-json';
 export { createTestDbHandler } from './api/test-db.route';
 export { createInstallHandler } from './api/install.route';
 export { createStatusHandler } from './api/status.route';
@@ -13,6 +15,7 @@ export { createInstallModulesHandler } from './api/install-modules.route';
 export { createReconfigHandlers } from './api/reconfig.route';
 export { createUploadJarHandlers } from './api/upload-jar.route';
 export { createWireModuleHandler } from './api/wire-module.route';
+export { createSetupJsonHandler } from './api/upload-setup-json.route';
 export { default as ReconfigPanel } from './components/ReconfigPanel';
 export { default as SetupWizard } from './components/SetupWizard';
 export { setupMenuContribution } from './lib/menu';

package/dist/index.js

@@ -10,6 +10,7 @@ export { DIALECT_INFO, ALL_DIALECTS } from './data/dialects';
 export { MODULES, resolveModuleDependencies } from './data/module-definitions';
 // Lib
 export { discoverNpmModules } from './lib/discover-modules';
+export { loadSetupJson } from './lib/load-setup-json';
 // API route factories
 export { createTestDbHandler } from './api/test-db.route';
 export { createInstallHandler } from './api/install.route';
@@ -19,6 +20,7 @@ export { createInstallModulesHandler } from './api/install-modules.route';
 export { createReconfigHandlers } from './api/reconfig.route';
 export { createUploadJarHandlers } from './api/upload-jar.route';
 export { createWireModuleHandler } from './api/wire-module.route';
+export { createSetupJsonHandler } from './api/upload-setup-json.route';
 // Components
 export { default as ReconfigPanel } from './components/ReconfigPanel';
 export { default as SetupWizard } from './components/SetupWizard';

package/dist/lib/compose-uri.js

@@ -8,7 +8,7 @@ export function composeDbUri(dialect, config) {
     switch (dialect) {
         case 'mongodb':
             if (user && password)
-                return `mongodb://${eu}:${ep}@${host}:${port}/${name}`;
+                return `mongodb://${eu}:${ep}@${host}:${port}/${name}?authSource=admin`;
             return `mongodb://${host}:${port}/${name}`;
         case 'sqlite':
             return `./data/${name}.db`;

package/dist/lib/load-setup-json.d.ts

@@ -0,0 +1,72 @@
+import type { MostaSetupConfig } from '../types/index';
+export interface SetupJsonCategory {
+    name: string;
+    label: string;
+    description?: string;
+    icon?: string;
+    order?: number;
+    system?: boolean;
+}
+export interface SetupJsonPermission {
+    code: string;
+    name?: string;
+    description: string;
+    category: string;
+}
+export interface SetupJsonRole {
+    name: string;
+    description?: string;
+    system?: boolean;
+    permissions: string[];
+}
+export interface SetupJsonRbac {
+    categories?: SetupJsonCategory[];
+    permissions?: SetupJsonPermission[];
+    roles?: SetupJsonRole[];
+}
+export interface SetupJsonSeed {
+    key: string;
+    label: string;
+    description?: string;
+    icon?: string;
+    default?: boolean;
+    collection: string;
+    match?: string;
+    hashField?: string;
+    roleField?: string;
+    defaults?: Record<string, unknown>;
+    data: Record<string, unknown>[];
+}
+export interface SetupJson {
+    $schema?: string;
+    app: {
+        name: string;
+        port?: number;
+        dbNamePrefix?: string;
+    };
+    env?: Record<string, string>;
+    rbac?: SetupJsonRbac;
+    seeds?: SetupJsonSeed[];
+}
+/**
+ * Load a setup.json and return a MostaSetupConfig.
+ *
+ * @param source - File path (default: './setup.json'), or an already-parsed object.
+ * @param repoFactory - Optional factory to get a repository by collection name.
+ *   Signature: `(collection: string) => Promise<{ upsert, create, findOne, count }>`
+ *   If omitted, uses `@mostajs/orm` getRepository() at runtime.
+ */
+export declare function loadSetupJson(source?: string | SetupJson, repoFactory?: (collection: string) => Promise<GenericRepo>): Promise<MostaSetupConfig>;
+type GenericRepo = {
+    upsert?: (where: Record<string, unknown>, data: Record<string, unknown>) => Promise<{
+        id: string;
+    }>;
+    create?: (data: Record<string, unknown>) => Promise<{
+        id: string;
+    }>;
+    findOne?: (where: Record<string, unknown>) => Promise<{
+        id: string;
+    } | null>;
+    count?: () => Promise<number>;
+};
+export {};

package/dist/lib/load-setup-json.js

@@ -0,0 +1,163 @@
+// @mostajs/setup — Declarative setup.json loader
+// Author: Dr Hamid MADANI drmdh@msn.com
+//
+// Reads a setup.json file and converts it into a MostaSetupConfig
+// that can be passed to createInstallHandler() / runInstall().
+//
+// Usage:
+//   import { loadSetupJson } from '@mostajs/setup'
+//   const config = await loadSetupJson()                    // reads ./setup.json
+//   const config = await loadSetupJson('./my-setup.json')   // custom path
+//   const config = await loadSetupJson(jsonObject)          // already-parsed object
+import fs from 'fs';
+import path from 'path';
+// ── Loader ───────────────────────────────────────────────
+/**
+ * Load a setup.json and return a MostaSetupConfig.
+ *
+ * @param source - File path (default: './setup.json'), or an already-parsed object.
+ * @param repoFactory - Optional factory to get a repository by collection name.
+ *   Signature: `(collection: string) => Promise<{ upsert, create, findOne, count }>`
+ *   If omitted, uses `@mostajs/orm` getRepository() at runtime.
+ */
+export async function loadSetupJson(source, repoFactory) {
+    const json = typeof source === 'object' && source !== null
+        ? source
+        : readJsonFile(typeof source === 'string' ? source : './setup.json');
+    validate(json);
+    return buildConfig(json, repoFactory);
+}
+function readJsonFile(filePath) {
+    const resolved = path.resolve(process.cwd(), filePath);
+    if (!fs.existsSync(resolved)) {
+        throw new Error(`setup.json not found at ${resolved}`);
+    }
+    const raw = fs.readFileSync(resolved, 'utf-8');
+    return JSON.parse(raw);
+}
+function validate(json) {
+    if (!json.app?.name) {
+        throw new Error('setup.json: "app.name" is required');
+    }
+    // Validate RBAC cross-references
+    if (json.rbac) {
+        const categoryNames = new Set((json.rbac.categories ?? []).map(c => c.name));
+        const permCodes = new Set((json.rbac.permissions ?? []).map(p => p.code));
+        for (const perm of json.rbac.permissions ?? []) {
+            if (categoryNames.size > 0 && !categoryNames.has(perm.category)) {
+                throw new Error(`setup.json: permission "${perm.code}" references unknown category "${perm.category}"`);
+            }
+        }
+        for (const role of json.rbac.roles ?? []) {
+            for (const code of role.permissions) {
+                if (code !== '*' && permCodes.size > 0 && !permCodes.has(code)) {
+                    throw new Error(`setup.json: role "${role.name}" references unknown permission "${code}"`);
+                }
+            }
+        }
+    }
+}
+function buildConfig(json, repoFactory) {
+    const config = {
+        appName: json.app.name,
+        defaultPort: json.app.port,
+        extraEnvVars: json.env ? { ...json.env } : undefined,
+    };
+    // ── seedRBAC ───────────────────────────────────────────
+    if (json.rbac) {
+        config.seedRBAC = async () => {
+            const getRepo = repoFactory ?? defaultRepoFactory;
+            // 1. Upsert categories
+            if (json.rbac.categories?.length) {
+                const catRepo = await getRepo('permissionCategory');
+                for (const cat of json.rbac.categories) {
+                    await catRepo.upsert({ name: cat.name }, { name: cat.name, label: cat.label, description: cat.description ?? '', icon: cat.icon ?? '', order: cat.order ?? 0, system: cat.system ?? true });
+                }
+            }
+            // 2. Upsert permissions — build code→ID map
+            const permissionMap = {};
+            if (json.rbac.permissions?.length) {
+                const permRepo = await getRepo('permission');
+                for (const pDef of json.rbac.permissions) {
+                    const displayName = pDef.name ?? pDef.code;
+                    const perm = await permRepo.upsert({ name: displayName }, { name: displayName, description: pDef.description, category: pDef.category });
+                    permissionMap[pDef.code] = perm.id;
+                }
+            }
+            // 3. Upsert roles with resolved permission IDs
+            if (json.rbac.roles?.length) {
+                const roleRepo = await getRepo('role');
+                const allPermIds = Object.values(permissionMap);
+                for (const roleDef of json.rbac.roles) {
+                    const permissionIds = roleDef.permissions.includes('*')
+                        ? allPermIds
+                        : roleDef.permissions.map(code => permissionMap[code]).filter(Boolean);
+                    await roleRepo.upsert({ name: roleDef.name }, { name: roleDef.name, description: roleDef.description ?? '', permissions: permissionIds });
+                }
+            }
+        };
+    }
+    // ── optionalSeeds ──────────────────────────────────────
+    if (json.seeds?.length) {
+        config.optionalSeeds = json.seeds.map(seedDef => buildSeedDefinition(seedDef, repoFactory));
+    }
+    return config;
+}
+function buildSeedDefinition(seedDef, repoFactory) {
+    return {
+        key: seedDef.key,
+        label: seedDef.label,
+        description: seedDef.description ?? '',
+        icon: seedDef.icon,
+        default: seedDef.default,
+        run: async () => {
+            const getRepo = repoFactory ?? defaultRepoFactory;
+            const repo = await getRepo(seedDef.collection);
+            for (const rawItem of seedDef.data) {
+                const item = { ...(seedDef.defaults ?? {}), ...rawItem };
+                // Hash field if configured (e.g. password)
+                if (seedDef.hashField && item[seedDef.hashField]) {
+                    const bcryptModule = await import('bcryptjs');
+                    const bcrypt = bcryptModule.default || bcryptModule;
+                    item[seedDef.hashField] = await bcrypt.hash(String(item[seedDef.hashField]), 12);
+                }
+                // Resolve role name → role ID if configured
+                if (seedDef.roleField && item[seedDef.roleField]) {
+                    const roleRepo = await getRepo('role');
+                    const roleName = String(item[seedDef.roleField]);
+                    const role = await roleRepo.findOne({ name: roleName });
+                    if (role) {
+                        item.roles = [role.id];
+                    }
+                    delete item[seedDef.roleField];
+                }
+                // Upsert (idempotent) or create
+                if (seedDef.match && repo.upsert) {
+                    const matchValue = item[seedDef.match];
+                    await repo.upsert({ [seedDef.match]: matchValue }, item);
+                }
+                else if (repo.create) {
+                    // Skip if already exists (check match field if available)
+                    if (seedDef.match && repo.findOne) {
+                        const existing = await repo.findOne({ [seedDef.match]: item[seedDef.match] });
+                        if (existing)
+                            continue;
+                    }
+                    await repo.create(item);
+                }
+            }
+        },
+    };
+}
+async function defaultRepoFactory(collection) {
+    // Try to import a getRepository from @mostajs/orm if available
+    try {
+        const orm = await import('@mostajs/orm');
+        if ('getRepository' in orm && typeof orm.getRepository === 'function') {
+            return await orm.getRepository(collection);
+        }
+    }
+    catch { /* fallback below */ }
+    throw new Error(`No repository factory provided for collection "${collection}". ` +
+        `Pass a repoFactory argument to loadSetupJson().`);
+}

package/dist/lib/setup.js

@@ -69,7 +69,8 @@ export async function runInstall(installConfig, setupConfig) {
         }
         // 5. Create admin user
         if (setupConfig.createAdmin) {
-            const bcrypt = await import('bcryptjs');
+            const bcryptModule = await import('bcryptjs');
+            const bcrypt = bcryptModule.default || bcryptModule;
             const hashedPassword = await bcrypt.hash(installConfig.admin.password, 12);
             await setupConfig.createAdmin({
                 email: installConfig.admin.email,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mostajs/setup",
-  "version": "1.4.14",
+  "version": "1.5.0",
   "description": "Reusable setup wizard module — multi-dialect DB configuration, .env.local writer, seed runner",
   "author": "Dr Hamid MADANI <drmdh@msn.com>",
   "license": "MIT",
@@ -67,10 +67,13 @@
       "types": "./dist/register.d.ts",
       "import": "./dist/register.js",
       "default": "./dist/register.js"
-    }
+    },
+    "./schemas/*": "./schemas/*"
   },
   "files": [
     "dist",
+    "schemas",
+    "cli",
     "wire.json",
     "setup.wire.json",
     "LICENSE",
@@ -93,6 +96,9 @@
   "engines": {
     "node": ">=18.0.0"
   },
+  "bin": {
+    "mosta-setup": "./dist/cli/init.js"
+  },
   "scripts": {
     "build": "tsc",
     "prepublishOnly": "npm run build"

package/schemas/setup.schema.json

@@ -0,0 +1,218 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "$id": "https://mostajs.dev/schemas/setup.v1.json",
+  "title": "MostaJS Setup Configuration",
+  "description": "Declarative setup manifest for @mostajs/setup — defines app info, RBAC, seeds, and env vars for the install wizard.",
+  "type": "object",
+  "required": ["app"],
+  "additionalProperties": false,
+  "properties": {
+    "$schema": {
+      "type": "string",
+      "description": "JSON Schema reference for IDE autocompletion"
+    },
+    "app": {
+      "type": "object",
+      "description": "Application metadata",
+      "required": ["name"],
+      "additionalProperties": false,
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "Application name displayed in the setup wizard",
+          "minLength": 1,
+          "examples": ["SecuAccessPro", "MostaGare", "MonApp"]
+        },
+        "port": {
+          "type": "integer",
+          "description": "Default HTTP port",
+          "default": 3000,
+          "minimum": 1,
+          "maximum": 65535
+        },
+        "dbNamePrefix": {
+          "type": "string",
+          "description": "Default database name prefix used in the wizard",
+          "pattern": "^[a-z][a-z0-9_]*$",
+          "examples": ["secuaccessdb", "mostagaredb"]
+        }
+      }
+    },
+    "env": {
+      "type": "object",
+      "description": "Extra environment variables written to .env.local during install",
+      "additionalProperties": {
+        "type": "string"
+      },
+      "examples": [
+        { "MOSTAJS_MODULES": "orm,auth,audit,rbac,settings,setup" }
+      ]
+    },
+    "rbac": {
+      "type": "object",
+      "description": "Role-Based Access Control definitions seeded at install time",
+      "additionalProperties": false,
+      "properties": {
+        "categories": {
+          "type": "array",
+          "description": "Permission categories (grouping)",
+          "items": {
+            "type": "object",
+            "required": ["name", "label"],
+            "additionalProperties": false,
+            "properties": {
+              "name": {
+                "type": "string",
+                "description": "Unique key (e.g. 'admin', 'client')",
+                "pattern": "^[a-z][a-z0-9_]*$"
+              },
+              "label": {
+                "type": "string",
+                "description": "Display label"
+              },
+              "description": {
+                "type": "string"
+              },
+              "icon": {
+                "type": "string",
+                "description": "Lucide icon name (e.g. 'Settings', 'Users')"
+              },
+              "order": {
+                "type": "integer",
+                "minimum": 0,
+                "description": "Display order"
+              },
+              "system": {
+                "type": "boolean",
+                "default": true,
+                "description": "Whether this category is system-defined (not user-deletable)"
+              }
+            }
+          }
+        },
+        "permissions": {
+          "type": "array",
+          "description": "Permission definitions",
+          "items": {
+            "type": "object",
+            "required": ["code", "description", "category"],
+            "additionalProperties": false,
+            "properties": {
+              "code": {
+                "type": "string",
+                "description": "Unique permission code (e.g. 'client:view')",
+                "pattern": "^[a-z][a-z0-9_]*:[a-z][a-z0-9_]*$"
+              },
+              "name": {
+                "type": "string",
+                "description": "Display name (defaults to code if omitted)"
+              },
+              "description": {
+                "type": "string",
+                "description": "Human-readable description"
+              },
+              "category": {
+                "type": "string",
+                "description": "Category name reference"
+              }
+            }
+          }
+        },
+        "roles": {
+          "type": "array",
+          "description": "Role definitions with permission assignments",
+          "items": {
+            "type": "object",
+            "required": ["name", "permissions"],
+            "additionalProperties": false,
+            "properties": {
+              "name": {
+                "type": "string",
+                "description": "Unique role name (e.g. 'admin', 'agent_accueil')",
+                "pattern": "^[a-z][a-z0-9_]*$"
+              },
+              "description": {
+                "type": "string"
+              },
+              "system": {
+                "type": "boolean",
+                "default": true,
+                "description": "Whether this role is system-defined"
+              },
+              "permissions": {
+                "type": "array",
+                "description": "Permission codes assigned to this role. Use ['*'] for all permissions.",
+                "items": {
+                  "type": "string"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "seeds": {
+      "type": "array",
+      "description": "Optional seed datasets shown as checkboxes in the install wizard",
+      "items": {
+        "type": "object",
+        "required": ["key", "label", "collection", "data"],
+        "additionalProperties": false,
+        "properties": {
+          "key": {
+            "type": "string",
+            "description": "Unique seed identifier",
+            "pattern": "^[a-zA-Z][a-zA-Z0-9_]*$"
+          },
+          "label": {
+            "type": "string",
+            "description": "Label shown in the wizard checkbox"
+          },
+          "description": {
+            "type": "string",
+            "description": "Description shown below the label"
+          },
+          "icon": {
+            "type": "string",
+            "description": "Lucide icon name"
+          },
+          "default": {
+            "type": "boolean",
+            "default": false,
+            "description": "Whether this seed is checked by default"
+          },
+          "collection": {
+            "type": "string",
+            "description": "Target collection/table name (must match a registered schema)"
+          },
+          "match": {
+            "type": "string",
+            "description": "Field used for upsert matching (idempotent seeding). If omitted, uses 'create' (non-idempotent)."
+          },
+          "hashField": {
+            "type": "string",
+            "description": "Field to bcrypt-hash before insert (e.g. 'password')"
+          },
+          "roleField": {
+            "type": "string",
+            "description": "Field containing a role name — resolved to role ID at runtime"
+          },
+          "defaults": {
+            "type": "object",
+            "description": "Default values merged into every data item",
+            "additionalProperties": true
+          },
+          "data": {
+            "type": "array",
+            "description": "Array of records to seed",
+            "items": {
+              "type": "object",
+              "additionalProperties": true
+            },
+            "minItems": 1
+          }
+        }
+      }
+    }
+  }
+}