@nexpress/core 0.1.0

package/dist/chunk-M43PGOQY.js

@@ -0,0 +1,715 @@
+// src/db/schema/system.ts
+import {
+  boolean as boolean2,
+  index as index3,
+  integer as integer3,
+  jsonb as jsonb3,
+  pgEnum as pgEnum3,
+  pgTable as pgTable3,
+  primaryKey as primaryKey2,
+  text as text3,
+  timestamp as timestamp3,
+  unique as unique2,
+  uuid as uuid3
+} from "drizzle-orm/pg-core";
+
+// src/db/schema/media.ts
+import {
+  bigint,
+  index as index2,
+  integer as integer2,
+  jsonb as jsonb2,
+  pgEnum as pgEnum2,
+  pgTable as pgTable2,
+  text as text2,
+  timestamp as timestamp2,
+  uuid as uuid2
+} from "drizzle-orm/pg-core";
+
+// src/db/schema/community.ts
+import {
+  boolean,
+  index,
+  integer,
+  jsonb,
+  pgEnum,
+  pgTable,
+  primaryKey,
+  text,
+  timestamp,
+  unique,
+  uuid
+} from "drizzle-orm/pg-core";
+var npMemberStatusEnum = pgEnum("np_member_status", [
+  "active",
+  "pending",
+  "suspended",
+  "deleted",
+  "imported"
+]);
+var npBanScopeEnum = pgEnum("np_ban_scope", ["site", "category", "collection"]);
+var npBanKindEnum = pgEnum("np_ban_kind", ["temporary", "permanent"]);
+var npCommentStatusEnum = pgEnum("np_comment_status", [
+  "visible",
+  "pending",
+  "hidden",
+  "deleted"
+]);
+var npMemberRoleScopeEnum = pgEnum("np_member_role_scope", [
+  "site",
+  "category",
+  "collection",
+  "thread"
+]);
+var npMembers = pgTable(
+  "np_members",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    handle: text("handle").notNull().unique(),
+    email: text("email").notNull().unique(),
+    emailVerified: boolean("email_verified").default(false).notNull(),
+    /** Argon2 hash. Nullable so SSO-only members can exist without a password. */
+    password: text("password"),
+    displayName: text("display_name").notNull(),
+    avatar: uuid("avatar").references(() => npMedia.id),
+    bio: text("bio"),
+    status: npMemberStatusEnum("status").default("pending").notNull(),
+    reputation: integer("reputation").default(0).notNull(),
+    loginAttempts: integer("login_attempts").default(0).notNull(),
+    lockUntil: timestamp("lock_until", { withTimezone: true, mode: "date" }),
+    /** Bumped to invalidate every issued JWT (logout-everywhere, password reset). */
+    tokenVersion: integer("token_version").default(0).notNull(),
+    passwordResetTokenHash: text("password_reset_token_hash"),
+    passwordResetExpiresAt: timestamp("password_reset_expires_at", {
+      withTimezone: true,
+      mode: "date"
+    }),
+    emailVerifyTokenHash: text("email_verify_token_hash"),
+    emailVerifyExpiresAt: timestamp("email_verify_expires_at", {
+      withTimezone: true,
+      mode: "date"
+    }),
+    /** Plugin-extensible bag — preferences, custom profile fields, etc. */
+    meta: jsonb("meta").$type().default({}).notNull(),
+    /**
+     * Phase 16.3 — per-member notification preferences. Shape:
+     *   { disabled?: string[] }   — kinds the member opted out of
+     *   { digest?: "off"|"daily"|"weekly" }  — email digest cadence (16.4)
+     * Empty default = every kind enabled, no email digest.
+     */
+    notificationPrefs: jsonb("notification_prefs").$type().default({}).notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedAt: timestamp("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [index("np_members_status_idx").on(table.status)]
+);
+var npMemberSessions = pgTable("np_member_sessions", {
+  id: uuid("id").defaultRandom().primaryKey(),
+  memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+  tokenHash: text("token_hash").notNull(),
+  userAgent: text("user_agent"),
+  ip: text("ip"),
+  expiresAt: timestamp("expires_at", { withTimezone: true, mode: "date" }).notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+});
+var npMemberIdentities = pgTable(
+  "np_member_identities",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    provider: text("provider").notNull(),
+    subject: text("subject").notNull(),
+    email: text("email"),
+    /** Free-form per-provider metadata (avatar URL, scopes granted, etc.). */
+    metadata: jsonb("metadata").$type().default({}).notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedAt: timestamp("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    unique("np_member_identities_provider_subject_uq").on(table.provider, table.subject),
+    unique("np_member_identities_member_provider_uq").on(table.memberId, table.provider),
+    index("np_member_identities_member_idx").on(table.memberId)
+  ]
+);
+var npMemberRoles = pgTable(
+  "np_member_roles",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    role: text("role").notNull(),
+    scopeType: npMemberRoleScopeEnum("scope_type").notNull(),
+    /** Nullable for `scope_type='site'`. Otherwise an opaque string id. */
+    scopeId: text("scope_id"),
+    /**
+     * Phase 18 — the tenant the grant applies on. For
+     * `scope_type='site'` this column IS the site identifier
+     * (`scope_id` stays null because site is the root scope).
+     * For category / collection / thread grants, `site_id` says
+     * which tenant's category/collection/thread this row
+     * targets — the same slug exists on every site.
+     */
+    siteId: text("site_id").default("default").notNull(),
+    grantedBy: uuid("granted_by").references(() => npUsers.id),
+    grantedAt: timestamp("granted_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    expiresAt: timestamp("expires_at", { withTimezone: true, mode: "date" })
+  },
+  (table) => [
+    // Two indexes mirror the two access patterns: "what can this member
+    // do?" (memberId scan) and "who mods this scope?" (scope scan).
+    index("np_member_roles_member_idx").on(table.memberId),
+    index("np_member_roles_scope_idx").on(table.scopeType, table.scopeId),
+    index("np_member_roles_site_idx").on(table.siteId, table.memberId),
+    // `scope_id` is null for site-wide grants. NULLS NOT
+    // DISTINCT makes two null `scope_id`s collide so the
+    // unique constraint enforces "one grant per (member, role,
+    // scope, site)." `site_id` widens the key so the same
+    // member can hold the same role on different tenants.
+    unique("np_member_roles_grant_uq").on(table.memberId, table.role, table.scopeType, table.scopeId, table.siteId).nullsNotDistinct()
+  ]
+);
+var npComments = pgTable(
+  "np_comments",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    targetType: text("target_type").notNull(),
+    targetId: uuid("target_id").notNull(),
+    parentId: uuid("parent_id").references(() => npComments.id, {
+      onDelete: "cascade"
+    }),
+    memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    bodyMd: text("body_md").notNull(),
+    bodyHtml: text("body_html").notNull(),
+    status: npCommentStatusEnum("status").default("visible").notNull(),
+    hiddenByUserId: uuid("hidden_by_user_id").references(() => npUsers.id),
+    hiddenByMemberId: uuid("hidden_by_member_id").references(() => npMembers.id),
+    hiddenReason: text("hidden_reason"),
+    editedAt: timestamp("edited_at", { withTimezone: true, mode: "date" }),
+    /**
+     * Phase 18 — site this comment belongs to. Filled at insert
+     * time from the target document's site (canonical) so a
+     * forged request resolver can't smuggle a comment into the
+     * wrong site. Defaults to `'default'` for legacy single-
+     * tenant rows so the migration backfill is a no-op.
+     */
+    siteId: text("site_id").default("default").notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index("np_comments_target_idx").on(table.targetType, table.targetId, table.createdAt),
+    index("np_comments_member_idx").on(table.memberId, table.createdAt),
+    index("np_comments_site_idx").on(table.siteId, table.createdAt)
+  ]
+);
+var npReactions = pgTable(
+  "np_reactions",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    targetType: text("target_type").notNull(),
+    targetId: uuid("target_id").notNull(),
+    memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    kind: text("kind").notNull(),
+    /** Phase 18 — site this reaction belongs to (derived from target). */
+    siteId: text("site_id").default("default").notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index("np_reactions_target_idx").on(table.targetType, table.targetId),
+    index("np_reactions_site_idx").on(table.siteId),
+    unique("np_reactions_unique").on(table.targetType, table.targetId, table.memberId, table.kind)
+  ]
+);
+var npFollows = pgTable(
+  "np_follows",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    followerId: uuid("follower_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    targetType: text("target_type").notNull(),
+    targetId: text("target_id").notNull(),
+    /**
+     * Phase 18 — site the follow happened on. The same global
+     * member can follow on multiple sites and each row scopes
+     * to where the click happened (so site-scoped notifications
+     * + activity feeds don't leak cross-tenant). The unique
+     * key is widened to include site_id so the same follower
+     * can have parallel follow rows under different tenants.
+     */
+    siteId: text("site_id").default("default").notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index("np_follows_target_idx").on(table.targetType, table.targetId),
+    index("np_follows_site_idx").on(table.siteId),
+    unique("np_follows_unique").on(
+      table.followerId,
+      table.targetType,
+      table.targetId,
+      table.siteId
+    )
+  ]
+);
+var npMemberMutes = pgTable(
+  "np_member_mutes",
+  {
+    memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    targetId: uuid("target_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    /**
+     * Phase 18 — site the mute applies to. A muter can choose
+     * to silence someone on one tenant without affecting their
+     * other tenants. PK is widened to include site_id so the
+     * same `(member, target)` pair can hold parallel rows per
+     * site.
+     */
+    siteId: text("site_id").default("default").notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    primaryKey({ columns: [table.memberId, table.targetId, table.siteId] }),
+    index("np_member_mutes_target_idx").on(table.targetId)
+  ]
+);
+var npNotifications = pgTable(
+  "np_notifications",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    kind: text("kind").notNull(),
+    payload: jsonb("payload").$type().default({}).notNull(),
+    readAt: timestamp("read_at", { withTimezone: true, mode: "date" }),
+    /**
+     * Phase 18 — site this notification belongs to. A member
+     * who's active on multiple tenants gets one inbox per site
+     * (the inbox API filters by current site) so cross-tenant
+     * activity doesn't bleed into the wrong site's UI.
+     */
+    siteId: text("site_id").default("default").notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index("np_notifications_inbox_idx").on(table.memberId, table.readAt, table.createdAt),
+    index("np_notifications_site_inbox_idx").on(table.siteId, table.memberId, table.readAt)
+  ]
+);
+var npReports = pgTable(
+  "np_reports",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    reporterId: uuid("reporter_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    targetType: text("target_type").notNull(),
+    targetId: text("target_id").notNull(),
+    reason: text("reason").notNull(),
+    resolvedAt: timestamp("resolved_at", { withTimezone: true, mode: "date" }),
+    resolvedByUserId: uuid("resolved_by_user_id").references(() => npUsers.id),
+    resolvedByMemberId: uuid("resolved_by_member_id").references(() => npMembers.id),
+    resolution: text("resolution"),
+    /**
+     * Phase 18 — site this report belongs to. The mod queue
+     * is per-site so a category-mod on tenant A doesn't see
+     * tenant B's reports.
+     */
+    siteId: text("site_id").default("default").notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index("np_reports_queue_idx").on(table.resolvedAt, table.createdAt),
+    index("np_reports_target_idx").on(table.targetType, table.targetId),
+    index("np_reports_site_queue_idx").on(table.siteId, table.resolvedAt)
+  ]
+);
+var npAuditEvents = pgTable(
+  "np_audit_events",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    actorKind: text("actor_kind").notNull(),
+    actorUserId: uuid("actor_user_id").references(() => npUsers.id),
+    actorMemberId: uuid("actor_member_id").references(() => npMembers.id),
+    action: text("action").notNull(),
+    targetType: text("target_type"),
+    targetId: text("target_id"),
+    payload: jsonb("payload").$type().default({}).notNull(),
+    /**
+     * Phase 17 — site-scoped audit. Filled by `recordAuditEvent`
+     * from the current request's site (the multi-site resolver).
+     * Nullable for events that don't belong to a single site
+     * (super-admin actions, background jobs, scripts).
+     */
+    siteId: text("site_id"),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index("np_audit_target_idx").on(table.targetType, table.targetId, table.createdAt),
+    index("np_audit_actor_user_idx").on(table.actorUserId, table.createdAt),
+    index("np_audit_actor_member_idx").on(table.actorMemberId, table.createdAt),
+    index("np_audit_site_idx").on(table.siteId, table.createdAt)
+  ]
+);
+var npBans = pgTable(
+  "np_bans",
+  {
+    id: uuid("id").defaultRandom().primaryKey(),
+    memberId: uuid("member_id").notNull().references(() => npMembers.id, { onDelete: "cascade" }),
+    scopeType: npBanScopeEnum("scope_type").notNull(),
+    scopeId: text("scope_id"),
+    kind: npBanKindEnum("kind").notNull(),
+    expiresAt: timestamp("expires_at", { withTimezone: true, mode: "date" }),
+    reason: text("reason"),
+    byUserId: uuid("by_user_id").references(() => npUsers.id),
+    byMemberId: uuid("by_member_id").references(() => npMembers.id),
+    /**
+     * Phase 18 — the tenant this ban applies to. Pre-Phase 18
+     * `scope_type='site'` rows had `scope_id=null` because
+     * "site" was the singular root scope; with multi-tenancy
+     * the column tells `assertNotBanned` WHICH site the ban
+     * blocks writes on. Category / collection scopes resolve
+     * per-site too — the same `posts` collection slug exists
+     * on every tenant.
+     */
+    siteId: text("site_id").default("default").notNull(),
+    createdAt: timestamp("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index("np_bans_member_scope_idx").on(table.memberId, table.scopeType, table.scopeId),
+    index("np_bans_active_idx").on(table.memberId, table.expiresAt),
+    index("np_bans_site_idx").on(table.siteId, table.memberId)
+  ]
+);
+
+// src/db/schema/media.ts
+var npMediaStatusEnum = pgEnum2("np_media_status", [
+  "processing",
+  "ready",
+  "error"
+]);
+var npMediaFolders = pgTable2("np_media_folders", {
+  id: uuid2("id").defaultRandom().primaryKey(),
+  name: text2("name").notNull(),
+  parentId: uuid2("parent_id").references(() => npMediaFolders.id),
+  createdAt: timestamp2("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+});
+var npMedia = pgTable2(
+  "np_media",
+  {
+    id: uuid2("id").defaultRandom().primaryKey(),
+    filename: text2("filename").notNull(),
+    originalFilename: text2("original_filename").notNull(),
+    mimeType: text2("mime_type").notNull(),
+    filesize: bigint("filesize", { mode: "number" }).notNull(),
+    width: integer2("width"),
+    height: integer2("height"),
+    alt: text2("alt"),
+    caption: jsonb2("caption").$type(),
+    focalPoint: jsonb2("focal_point").$type(),
+    sizes: jsonb2("sizes").$type(),
+    storageKey: text2("storage_key").notNull(),
+    hash: text2("hash").notNull(),
+    status: npMediaStatusEnum("status").notNull(),
+    folderId: uuid2("folder_id").references(() => npMediaFolders.id),
+    uploadedBy: uuid2("uploaded_by").references(() => npUsers.id),
+    /**
+     * Set when a member uploaded the row instead of a staff user
+     * (Phase 9.7j). Mutually exclusive with `uploadedBy`: a row
+     * has exactly one uploader. Member-side moderation tools key
+     * off this column to filter "uploads I should review."
+     * `ON DELETE SET NULL` so a member account deletion doesn't
+     * cascade-delete their uploads — staff still need them for
+     * the audit trail (just like `member_author_id` on
+     * collection tables).
+     */
+    uploadedByMemberId: uuid2("uploaded_by_member_id").references(
+      () => npMembers.id,
+      { onDelete: "set null" }
+    ),
+    createdAt: timestamp2("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedAt: timestamp2("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    deletedAt: timestamp2("deleted_at", { withTimezone: true, mode: "date" })
+  },
+  (table) => ({
+    hashIdx: index2("np_media_hash_idx").on(table.hash),
+    statusIdx: index2("np_media_status_idx").on(table.status),
+    uploadedByMemberIdx: index2("np_media_uploaded_by_member_idx").on(
+      table.uploadedByMemberId
+    )
+  })
+);
+var npMediaRefs = pgTable2(
+  "np_media_refs",
+  {
+    id: uuid2("id").defaultRandom().primaryKey(),
+    mediaId: uuid2("media_id").notNull().references(() => npMedia.id, { onDelete: "cascade" }),
+    collection: text2("collection").notNull(),
+    documentId: text2("document_id").notNull(),
+    field: text2("field").notNull()
+  },
+  (table) => ({
+    mediaIdIdx: index2("np_media_refs_media_id_idx").on(table.mediaId),
+    documentIdIdx: index2("np_media_refs_document_id_idx").on(table.documentId)
+  })
+);
+
+// src/db/schema/system.ts
+var npUserRoleEnum = pgEnum3("np_user_role", [
+  "admin",
+  "editor",
+  // 9.5: community moderator. Sits OUTSIDE the linear content-edit
+  // hierarchy — a moderator handles community moderation (hide
+  // comments, resolve reports, issue bans) but cannot author or edit
+  // collection content. ROLE_HIERARCHY in config/types.ts intentionally
+  // does not list this role; community-moderation paths check the role
+  // explicitly via `principalCan()`.
+  "moderator",
+  "author",
+  "viewer"
+]);
+var npRevisionStatusEnum = pgEnum3("np_revision_status", [
+  "draft",
+  "published",
+  "autosave"
+]);
+var npPasswordResetPurposeEnum = pgEnum3("np_password_reset_purpose", ["invite", "reset"]);
+var npUsers = pgTable3("np_users", {
+  id: uuid3("id").defaultRandom().primaryKey(),
+  email: text3("email").notNull().unique(),
+  password: text3("password").notNull(),
+  name: text3("name").notNull(),
+  role: npUserRoleEnum("role").notNull(),
+  /**
+   * Phase 15.5 — super-admin flag. Bypasses per-site membership
+   * checks; the super-admin can manage every site including
+   * creating / deleting tenants. The flag is independent of
+   * the per-site `role` enum (a super-admin still needs a
+   * `role` field for non-multi-site contexts; multi-site
+   * permissions check `is_super_admin OR site_membership`).
+   */
+  isSuperAdmin: boolean2("is_super_admin").default(false).notNull(),
+  avatar: uuid3("avatar").references(() => npMedia.id),
+  loginAttempts: integer3("login_attempts").default(0).notNull(),
+  lockUntil: timestamp3("lock_until", { withTimezone: true, mode: "date" }),
+  tokenVersion: integer3("token_version").default(0).notNull(),
+  passwordResetTokenHash: text3("password_reset_token_hash"),
+  passwordResetExpiresAt: timestamp3("password_reset_expires_at", {
+    withTimezone: true,
+    mode: "date"
+  }),
+  passwordResetPurpose: npPasswordResetPurposeEnum("password_reset_purpose"),
+  createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+  updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+});
+var npSiteMemberships = pgTable3(
+  "np_site_memberships",
+  {
+    siteId: text3("site_id").notNull(),
+    userId: uuid3("user_id").notNull().references(() => npUsers.id, { onDelete: "cascade" }),
+    role: npUserRoleEnum("role").notNull(),
+    createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [primaryKey2({ columns: [table.siteId, table.userId] })]
+);
+var npUserOAuthIdentities = pgTable3(
+  "np_user_oauth_identities",
+  {
+    id: uuid3("id").defaultRandom().primaryKey(),
+    userId: uuid3("user_id").notNull().references(() => npUsers.id, { onDelete: "cascade" }),
+    provider: text3("provider").notNull(),
+    providerUserId: text3("provider_user_id").notNull(),
+    /** Free-form per-provider metadata (avatar URL, scopes granted, etc.). */
+    metadata: jsonb3("metadata").$type().default({}).notNull(),
+    createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => ({
+    providerSubjectUnique: unique2("np_user_oauth_identities_provider_subject_unique").on(
+      table.provider,
+      table.providerUserId
+    ),
+    userProviderUnique: unique2("np_user_oauth_identities_user_provider_unique").on(
+      table.userId,
+      table.provider
+    ),
+    userIdx: index3("np_user_oauth_identities_user_idx").on(table.userId)
+  })
+);
+var npSessions = pgTable3("np_sessions", {
+  id: uuid3("id").defaultRandom().primaryKey(),
+  userId: uuid3("user_id").notNull().references(() => npUsers.id, { onDelete: "cascade" }),
+  tokenHash: text3("token_hash").notNull(),
+  userAgent: text3("user_agent"),
+  ip: text3("ip"),
+  expiresAt: timestamp3("expires_at", { withTimezone: true, mode: "date" }).notNull(),
+  createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+});
+var npRevisions = pgTable3(
+  "np_revisions",
+  {
+    id: uuid3("id").defaultRandom().primaryKey(),
+    collection: text3("collection").notNull(),
+    documentId: text3("document_id").notNull(),
+    version: integer3("version").notNull(),
+    status: npRevisionStatusEnum("status").notNull(),
+    snapshot: jsonb3("snapshot").$type().notNull(),
+    changedFields: text3("changed_fields").array().notNull(),
+    authorId: uuid3("author_id").references(() => npUsers.id),
+    createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => ({
+    documentVersionUnique: unique2("np_revisions_document_id_version_unique").on(
+      table.documentId,
+      table.version
+    ),
+    collectionIdx: index3("np_revisions_collection_idx").on(table.collection),
+    documentIdIdx: index3("np_revisions_document_id_idx").on(table.documentId)
+  })
+);
+var npSettings = pgTable3(
+  "np_settings",
+  {
+    siteId: text3("site_id").default("default").notNull(),
+    key: text3("key").notNull(),
+    value: jsonb3("value").$type().notNull(),
+    updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedBy: uuid3("updated_by").references(() => npUsers.id)
+  },
+  (table) => [primaryKey2({ columns: [table.siteId, table.key] })]
+);
+var npSlugHistory = pgTable3(
+  "np_slug_history",
+  {
+    id: uuid3("id").defaultRandom().primaryKey(),
+    siteId: text3("site_id").default("default").notNull(),
+    collection: text3("collection").notNull(),
+    documentId: text3("document_id").notNull(),
+    oldSlug: text3("old_slug").notNull(),
+    newSlug: text3("new_slug").notNull(),
+    createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index3("np_slug_history_lookup_idx").on(table.siteId, table.collection, table.oldSlug),
+    index3("np_slug_history_doc_idx").on(table.siteId, table.collection, table.documentId)
+  ]
+);
+var npNavigation = pgTable3(
+  "np_navigation",
+  {
+    id: uuid3("id").defaultRandom().primaryKey(),
+    siteId: text3("site_id").default("default").notNull(),
+    location: text3("location").notNull(),
+    items: jsonb3("items").$type().notNull(),
+    updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedBy: uuid3("updated_by").references(() => npUsers.id)
+  },
+  (table) => [unique2("np_navigation_site_location_idx").on(table.siteId, table.location)]
+);
+var npStringOverrides = pgTable3(
+  "np_string_overrides",
+  {
+    siteId: text3("site_id").default("default").notNull(),
+    locale: text3("locale").notNull(),
+    key: text3("key").notNull(),
+    value: text3("value"),
+    updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedBy: uuid3("updated_by").references(() => npUsers.id)
+  },
+  (table) => [primaryKey2({ columns: [table.siteId, table.locale, table.key] })]
+);
+var npSites = pgTable3(
+  "np_sites",
+  {
+    id: text3("id").primaryKey(),
+    name: text3("name").notNull(),
+    hostname: text3("hostname"),
+    description: text3("description"),
+    settings: jsonb3("settings").$type().default({}).notNull(),
+    isDefault: boolean2("is_default").default(false).notNull(),
+    createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+    updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [unique2("np_sites_hostname_idx").on(table.hostname)]
+);
+var npPlugins = pgTable3("np_plugins", {
+  id: text3("id").primaryKey(),
+  enabled: boolean2("enabled").default(true).notNull(),
+  installedAt: timestamp3("installed_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+  updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+});
+var NP_GLOBAL_PLUGIN_SITE_ID = "_global_";
+var npPluginStorage = pgTable3(
+  "np_plugin_storage",
+  {
+    pluginId: text3("plugin_id").notNull(),
+    siteId: text3("site_id").default(NP_GLOBAL_PLUGIN_SITE_ID).notNull(),
+    key: text3("key").notNull(),
+    value: jsonb3("value").$type().notNull(),
+    expiresAt: timestamp3("expires_at", { withTimezone: true, mode: "date" }),
+    updatedAt: timestamp3("updated_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => ({
+    pk: primaryKey2({ columns: [table.pluginId, table.siteId, table.key] }),
+    pluginIdx: index3("np_plugin_storage_plugin_id_idx").on(table.pluginId),
+    siteIdx: index3("np_plugin_storage_site_idx").on(table.siteId)
+  })
+);
+var npWorkerHeartbeats = pgTable3("np_worker_heartbeats", {
+  id: text3("id").primaryKey(),
+  status: text3("status").default("running").notNull(),
+  startedAt: timestamp3("started_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+  lastSeenAt: timestamp3("last_seen_at", { withTimezone: true, mode: "date" }).defaultNow().notNull(),
+  /** Free-form metadata (worker version, hostname, env). */
+  meta: jsonb3("meta").$type().default({}).notNull()
+});
+var npJobLogs = pgTable3(
+  "np_job_logs",
+  {
+    id: uuid3("id").defaultRandom().primaryKey(),
+    jobId: text3("job_id").notNull(),
+    level: text3("level").notNull(),
+    message: text3("message").notNull(),
+    context: jsonb3("context").$type(),
+    createdAt: timestamp3("created_at", { withTimezone: true, mode: "date" }).defaultNow().notNull()
+  },
+  (table) => [
+    index3("np_job_logs_job_idx").on(table.jobId, table.createdAt),
+    index3("np_job_logs_created_idx").on(table.createdAt)
+  ]
+);
+
+export {
+  npUserRoleEnum,
+  npRevisionStatusEnum,
+  npPasswordResetPurposeEnum,
+  npUsers,
+  npSiteMemberships,
+  npUserOAuthIdentities,
+  npSessions,
+  npRevisions,
+  npSettings,
+  npSlugHistory,
+  npNavigation,
+  npStringOverrides,
+  npSites,
+  npPlugins,
+  NP_GLOBAL_PLUGIN_SITE_ID,
+  npPluginStorage,
+  npWorkerHeartbeats,
+  npJobLogs,
+  npMediaStatusEnum,
+  npMediaFolders,
+  npMedia,
+  npMediaRefs,
+  npMemberStatusEnum,
+  npBanScopeEnum,
+  npBanKindEnum,
+  npCommentStatusEnum,
+  npMemberRoleScopeEnum,
+  npMembers,
+  npMemberSessions,
+  npMemberIdentities,
+  npMemberRoles,
+  npComments,
+  npReactions,
+  npFollows,
+  npMemberMutes,
+  npNotifications,
+  npReports,
+  npAuditEvents,
+  npBans
+};
+//# sourceMappingURL=chunk-M43PGOQY.js.map