@objectstack/platform-objects 15.0.0 → 15.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -53,7 +53,7 @@ var SysUser = ObjectSchema.create({
53
53
  // "add a teammate" affordance — the Users list is always reachable —
54
54
  // and every add flows through better-auth invitations, never bespoke
55
55
  // sys_user CRUD.
56
- visible: "features.organization != false",
56
+ requiresFeature: "organization",
57
57
  successMessage: "Invitation sent",
58
58
  refreshAfter: true,
59
59
  params: [
@@ -64,9 +64,11 @@ var SysUser = ObjectSchema.create({
64
64
  // ── Platform admin operations (require better-auth `admin` plugin) ─
65
65
  //
66
66
  // These actions hit /api/v1/auth/admin/* endpoints that are only
67
- // wired when `auth.plugins.admin` is enabled. When the plugin is
68
- // disabled the actions still render (schema is static) but server
69
- // returns 404. UI surfaces them under the row menu AND the
67
+ // wired when `auth.plugins.admin` is enabled, so each one is gated on
68
+ // `requiresFeature: 'admin'` (#2874) when the plugin is off the UI
69
+ // hides them instead of rendering buttons that 404. SCIM deployments
70
+ // keep them: SCIM forces the admin plugin (and `features.admin`) on
71
+ // (ADR-0071). UI surfaces them under the row menu AND the
70
72
  // record-detail header (`record_header`, overflowing into the ⋯
71
73
  // "More" menu) so platform admins can manage an account from either
72
74
  // the Users list or an open user record — without dropping to SQL or
@@ -79,6 +81,7 @@ var SysUser = ObjectSchema.create({
79
81
  locations: ["list_item", "record_header"],
80
82
  type: "api",
81
83
  target: "/api/v1/auth/admin/ban-user",
84
+ requiresFeature: "admin",
82
85
  recordIdParam: "userId",
83
86
  successMessage: "User banned",
84
87
  refreshAfter: true,
@@ -95,6 +98,7 @@ var SysUser = ObjectSchema.create({
95
98
  locations: ["list_item", "record_header"],
96
99
  type: "api",
97
100
  target: "/api/v1/auth/admin/unban-user",
101
+ requiresFeature: "admin",
98
102
  recordIdParam: "userId",
99
103
  successMessage: "User unbanned",
100
104
  refreshAfter: true
@@ -110,6 +114,7 @@ var SysUser = ObjectSchema.create({
110
114
  locations: ["list_item", "record_header"],
111
115
  type: "api",
112
116
  target: "/api/v1/auth/admin/unlock-user",
117
+ requiresFeature: "admin",
113
118
  recordIdParam: "userId",
114
119
  successMessage: "Account unlocked",
115
120
  refreshAfter: true
@@ -129,7 +134,7 @@ var SysUser = ObjectSchema.create({
129
134
  locations: ["list_toolbar"],
130
135
  type: "api",
131
136
  target: "/api/v1/auth/admin/create-user",
132
- visible: "features.admin == true",
137
+ requiresFeature: "admin",
133
138
  successMessage: "User created",
134
139
  refreshAfter: true,
135
140
  params: [
@@ -146,7 +151,7 @@ var SysUser = ObjectSchema.create({
146
151
  // otherwise the create-user endpoint rejects a phone with
147
152
  // "Phone numbers require the phoneNumber auth plugin". `features.phoneNumber`
148
153
  // is served in /api/v1/auth/config (getPublicConfig).
149
- visible: "features.phoneNumber == true"
154
+ requiresFeature: "phoneNumber"
150
155
  },
151
156
  { field: "name", required: false },
152
157
  {
@@ -188,6 +193,7 @@ var SysUser = ObjectSchema.create({
188
193
  // legacy role scalar), can mint a temporary password, and stamps
189
194
  // must_change_password.
190
195
  target: "/api/v1/auth/admin/set-user-password",
196
+ requiresFeature: "admin",
191
197
  recordIdParam: "userId",
192
198
  successMessage: "Password updated",
193
199
  refreshAfter: false,
@@ -225,6 +231,7 @@ var SysUser = ObjectSchema.create({
225
231
  locations: ["list_item", "record_header"],
226
232
  type: "api",
227
233
  target: "/api/v1/auth/admin/set-role",
234
+ requiresFeature: "admin",
228
235
  recordIdParam: "userId",
229
236
  successMessage: "Role updated",
230
237
  refreshAfter: true,
@@ -240,6 +247,7 @@ var SysUser = ObjectSchema.create({
240
247
  locations: ["list_item", "record_header"],
241
248
  type: "api",
242
249
  target: "/api/v1/auth/admin/impersonate-user",
250
+ requiresFeature: "admin",
243
251
  recordIdParam: "userId",
244
252
  successMessage: "Now impersonating user",
245
253
  refreshAfter: true,
@@ -357,6 +365,7 @@ var SysUser = ObjectSchema.create({
357
365
  type: "api",
358
366
  target: "/api/v1/auth/two-factor/enable",
359
367
  visible: "record.id == ctx.user.id && record.two_factor_enabled != true",
368
+ requiresFeature: "twoFactor",
360
369
  successMessage: "Two-factor authentication enabled. Scan the QR code or paste the otpauth URI into your authenticator app, then verify a code to complete setup.",
361
370
  refreshAfter: true,
362
371
  params: [
@@ -372,6 +381,7 @@ var SysUser = ObjectSchema.create({
372
381
  type: "api",
373
382
  target: "/api/v1/auth/two-factor/disable",
374
383
  visible: "record.id == ctx.user.id && record.two_factor_enabled == true",
384
+ requiresFeature: "twoFactor",
375
385
  confirmText: "Turn off two-factor authentication? Your account will be less secure.",
376
386
  successMessage: "Two-factor authentication disabled.",
377
387
  refreshAfter: true,
@@ -388,6 +398,7 @@ var SysUser = ObjectSchema.create({
388
398
  type: "api",
389
399
  target: "/api/v1/auth/two-factor/generate-backup-codes",
390
400
  visible: "record.id == ctx.user.id && record.two_factor_enabled == true",
401
+ requiresFeature: "twoFactor",
391
402
  confirmText: "Generate a new set of backup codes? Any previously generated codes will stop working.",
392
403
  successMessage: "New backup codes generated \u2014 save them somewhere safe.",
393
404
  refreshAfter: false,
@@ -1195,7 +1206,7 @@ var SysOrganization = ObjectSchema.create({
1195
1206
  // populated by the console/account shells from `/auth/config`;
1196
1207
  // we default to visible when the flag is undefined so we don't
1197
1208
  // accidentally hide the button while auth config is still loading.
1198
- visible: "features.multiOrgEnabled != false",
1209
+ requiresFeature: "multiOrgEnabled",
1199
1210
  params: [
1200
1211
  { field: "name", required: true },
1201
1212
  { field: "slug", required: true },
@@ -1216,7 +1227,7 @@ var SysOrganization = ObjectSchema.create({
1216
1227
  // Org-admin actions are multi-org-only; hide them in single-org for
1217
1228
  // consistency with `create_organization` (the org list is empty there,
1218
1229
  // but this also guards direct record-URL access).
1219
- visible: "features.multiOrgEnabled != false",
1230
+ requiresFeature: "multiOrgEnabled",
1220
1231
  successMessage: "Organization updated",
1221
1232
  refreshAfter: true,
1222
1233
  params: [
@@ -1235,7 +1246,7 @@ var SysOrganization = ObjectSchema.create({
1235
1246
  type: "api",
1236
1247
  target: "/api/v1/auth/organization/delete",
1237
1248
  recordIdParam: "organizationId",
1238
- visible: "features.multiOrgEnabled != false",
1249
+ requiresFeature: "multiOrgEnabled",
1239
1250
  confirmText: "Delete this organization? All members will lose access immediately. This cannot be undone.",
1240
1251
  successMessage: "Organization deleted",
1241
1252
  refreshAfter: true
@@ -1254,7 +1265,7 @@ var SysOrganization = ObjectSchema.create({
1254
1265
  type: "api",
1255
1266
  target: "/api/v1/auth/organization/set-active",
1256
1267
  recordIdParam: "organizationId",
1257
- visible: "features.multiOrgEnabled != false",
1268
+ requiresFeature: "multiOrgEnabled",
1258
1269
  successMessage: "Active organization switched",
1259
1270
  refreshAfter: true
1260
1271
  },
@@ -1271,7 +1282,7 @@ var SysOrganization = ObjectSchema.create({
1271
1282
  type: "api",
1272
1283
  target: "/api/v1/auth/organization/leave",
1273
1284
  recordIdParam: "organizationId",
1274
- visible: "features.multiOrgEnabled != false",
1285
+ requiresFeature: "multiOrgEnabled",
1275
1286
  confirmText: "Leave this organization? You will lose access to all of its resources.",
1276
1287
  successMessage: "You have left the organization",
1277
1288
  refreshAfter: true
@@ -1293,7 +1304,7 @@ var SysOrganization = ObjectSchema.create({
1293
1304
  type: "api",
1294
1305
  target: "/api/v1/cloud/organizations/{id}/change-slug",
1295
1306
  method: "POST",
1296
- visible: "features.multiOrgEnabled != false",
1307
+ requiresFeature: "multiOrgEnabled",
1297
1308
  confirmText: "Renaming the slug rewrites every platform subdomain for this org and parks the old slug for 90 days. Continue?",
1298
1309
  successMessage: "Organization slug changed",
1299
1310
  refreshAfter: true,
@@ -1431,7 +1442,7 @@ var SysMember = ObjectSchema.create({
1431
1442
  // better-auth endpoints resolve the session's active org, which
1432
1443
  // single-org mode now guarantees via plugin-auth's default-org
1433
1444
  // bootstrap. Same gate on every membership mutation below.
1434
- visible: "features.organization != false",
1445
+ requiresFeature: "organization",
1435
1446
  successMessage: "Member added",
1436
1447
  refreshAfter: true,
1437
1448
  params: [
@@ -1449,7 +1460,7 @@ var SysMember = ObjectSchema.create({
1449
1460
  type: "api",
1450
1461
  target: "/api/v1/auth/organization/update-member-role",
1451
1462
  recordIdParam: "memberId",
1452
- visible: "features.organization != false",
1463
+ requiresFeature: "organization",
1453
1464
  successMessage: "Member role updated",
1454
1465
  refreshAfter: true,
1455
1466
  params: [
@@ -1466,7 +1477,7 @@ var SysMember = ObjectSchema.create({
1466
1477
  type: "api",
1467
1478
  target: "/api/v1/auth/organization/remove-member",
1468
1479
  recordIdParam: "memberIdOrEmail",
1469
- visible: "features.organization != false",
1480
+ requiresFeature: "organization",
1470
1481
  confirmText: "Remove this member from the organization? They will lose access to all org resources.",
1471
1482
  successMessage: "Member removed",
1472
1483
  refreshAfter: true
@@ -1488,7 +1499,10 @@ var SysMember = ObjectSchema.create({
1488
1499
  target: "/api/v1/auth/organization/update-member-role",
1489
1500
  recordIdParam: "memberId",
1490
1501
  bodyExtra: { role: "owner" },
1491
- visible: "record.role != 'owner' && features.organization != false",
1502
+ // The residual row predicate stays hand-written; the feature gate is
1503
+ // AND-composed onto it by the requiresFeature lowering.
1504
+ visible: "record.role != 'owner'",
1505
+ requiresFeature: "organization",
1492
1506
  confirmText: "Transfer ownership of this organization to the selected member? You will be demoted to admin and lose owner-only privileges.",
1493
1507
  successMessage: "Ownership transferred",
1494
1508
  refreshAfter: true
@@ -1596,7 +1610,7 @@ var SysInvitation = ObjectSchema.create({
1596
1610
  // sys_organization.create_organization). The recipient-side
1597
1611
  // accept/reject actions below stay record-gated — they are
1598
1612
  // unreachable in single-org anyway (no invitation rows exist).
1599
- visible: "features.organization != false",
1613
+ requiresFeature: "organization",
1600
1614
  successMessage: "Invitation sent",
1601
1615
  refreshAfter: true,
1602
1616
  params: [
@@ -1614,7 +1628,7 @@ var SysInvitation = ObjectSchema.create({
1614
1628
  type: "api",
1615
1629
  target: "/api/v1/auth/organization/cancel-invitation",
1616
1630
  recordIdParam: "invitationId",
1617
- visible: "features.organization != false",
1631
+ requiresFeature: "organization",
1618
1632
  confirmText: "Cancel this invitation? The recipient will no longer be able to accept it.",
1619
1633
  successMessage: "Invitation canceled",
1620
1634
  refreshAfter: true
@@ -1628,7 +1642,7 @@ var SysInvitation = ObjectSchema.create({
1628
1642
  type: "api",
1629
1643
  target: "/api/v1/auth/organization/invite-member",
1630
1644
  bodyExtra: { resend: true },
1631
- visible: "features.organization != false",
1645
+ requiresFeature: "organization",
1632
1646
  successMessage: "Invitation resent",
1633
1647
  refreshAfter: true,
1634
1648
  params: [
@@ -1818,7 +1832,7 @@ var SysTeam = ObjectSchema.create({
1818
1832
  // Teams are nested inside organizations — a multi-org-only concept.
1819
1833
  // Gate every team mutation on the multi-org flag so the affordances
1820
1834
  // disappear in single-org (mirrors sys_organization.create_organization).
1821
- visible: "features.organization != false",
1835
+ requiresFeature: "organization",
1822
1836
  successMessage: "Team created",
1823
1837
  refreshAfter: true,
1824
1838
  params: [
@@ -1839,7 +1853,7 @@ var SysTeam = ObjectSchema.create({
1839
1853
  target: "/api/v1/auth/organization/update-team",
1840
1854
  recordIdParam: "teamId",
1841
1855
  bodyShape: { wrap: "data" },
1842
- visible: "features.organization != false",
1856
+ requiresFeature: "organization",
1843
1857
  successMessage: "Team updated",
1844
1858
  refreshAfter: true,
1845
1859
  params: [
@@ -1858,7 +1872,7 @@ var SysTeam = ObjectSchema.create({
1858
1872
  type: "api",
1859
1873
  target: "/api/v1/auth/organization/remove-team",
1860
1874
  recordIdParam: "teamId",
1861
- visible: "features.organization != false",
1875
+ requiresFeature: "organization",
1862
1876
  confirmText: "Delete this team? Members will lose any team-scoped access. This cannot be undone.",
1863
1877
  successMessage: "Team deleted",
1864
1878
  refreshAfter: true
@@ -1972,7 +1986,7 @@ var SysTeamMember = ObjectSchema.create({
1972
1986
  // Team membership lives under organizations — multi-org-only. Gate
1973
1987
  // both mutations so they vanish in single-org (mirrors
1974
1988
  // sys_organization.create_organization).
1975
- visible: "features.organization != false",
1989
+ requiresFeature: "organization",
1976
1990
  successMessage: "Team member added",
1977
1991
  refreshAfter: true,
1978
1992
  params: [
@@ -1993,7 +2007,7 @@ var SysTeamMember = ObjectSchema.create({
1993
2007
  locations: ["list_item"],
1994
2008
  type: "api",
1995
2009
  target: "/api/v1/auth/organization/remove-team-member",
1996
- visible: "features.organization != false",
2010
+ requiresFeature: "organization",
1997
2011
  confirmText: "Remove this user from the team? They will lose any team-scoped access.",
1998
2012
  successMessage: "Team member removed",
1999
2013
  refreshAfter: true,
@@ -2549,6 +2563,7 @@ var SysTwoFactor = ObjectSchema.create({
2549
2563
  locations: ["list_toolbar"],
2550
2564
  type: "api",
2551
2565
  target: "/api/v1/auth/two-factor/enable",
2566
+ requiresFeature: "twoFactor",
2552
2567
  refreshAfter: true,
2553
2568
  params: [
2554
2569
  { name: "password", label: "Current Password", type: "text", required: true }
@@ -2571,6 +2586,7 @@ var SysTwoFactor = ObjectSchema.create({
2571
2586
  locations: ["list_toolbar"],
2572
2587
  type: "api",
2573
2588
  target: "/api/v1/auth/two-factor/disable",
2589
+ requiresFeature: "twoFactor",
2574
2590
  confirmText: "Disable two-factor authentication on your account?",
2575
2591
  successMessage: "2FA disabled",
2576
2592
  refreshAfter: true,
@@ -2586,6 +2602,7 @@ var SysTwoFactor = ObjectSchema.create({
2586
2602
  locations: ["list_toolbar", "list_item"],
2587
2603
  type: "api",
2588
2604
  target: "/api/v1/auth/two-factor/generate-backup-codes",
2605
+ requiresFeature: "twoFactor",
2589
2606
  confirmText: "Regenerate backup codes? All previous backup codes will stop working immediately.",
2590
2607
  refreshAfter: true,
2591
2608
  params: [
@@ -2900,6 +2917,7 @@ var SysOauthApplication = ObjectSchema.create({
2900
2917
  type: "api",
2901
2918
  method: "POST",
2902
2919
  target: "/api/v1/auth/admin/oauth2/toggle-disabled",
2920
+ requiresFeature: "oidcProvider",
2903
2921
  confirmText: "Disable this OAuth application? Active access/refresh tokens issued to it will continue to be rejected at the token, authorize, and introspect endpoints. Existing integrations will stop working immediately.",
2904
2922
  successMessage: "OAuth application disabled",
2905
2923
  refreshAfter: true,
@@ -2919,6 +2937,7 @@ var SysOauthApplication = ObjectSchema.create({
2919
2937
  type: "api",
2920
2938
  method: "POST",
2921
2939
  target: "/api/v1/auth/admin/oauth2/toggle-disabled",
2940
+ requiresFeature: "oidcProvider",
2922
2941
  confirmText: "Re-enable this OAuth application? Token issuance, authorization, and introspection will resume immediately.",
2923
2942
  successMessage: "OAuth application enabled",
2924
2943
  refreshAfter: true,
@@ -2938,6 +2957,7 @@ var SysOauthApplication = ObjectSchema.create({
2938
2957
  type: "api",
2939
2958
  method: "POST",
2940
2959
  target: "/api/v1/auth/sys-oauth-application/register",
2960
+ requiresFeature: "oidcProvider",
2941
2961
  refreshAfter: true,
2942
2962
  params: [
2943
2963
  { name: "name", label: "Application Name", type: "text", required: true },
@@ -2969,6 +2989,7 @@ var SysOauthApplication = ObjectSchema.create({
2969
2989
  type: "api",
2970
2990
  method: "POST",
2971
2991
  target: "/api/v1/auth/oauth2/client/rotate-secret",
2992
+ requiresFeature: "oidcProvider",
2972
2993
  confirmText: "Rotate this OAuth client's secret? The previous secret will stop working immediately and any integrations using it will break until they are updated with the new secret. The new secret is shown only once.",
2973
2994
  refreshAfter: true,
2974
2995
  params: [
@@ -2993,6 +3014,7 @@ var SysOauthApplication = ObjectSchema.create({
2993
3014
  type: "api",
2994
3015
  method: "POST",
2995
3016
  target: "/api/v1/auth/oauth2/delete-client",
3017
+ requiresFeature: "oidcProvider",
2996
3018
  confirmText: "Permanently delete this OAuth application? All issued tokens and consents will be invalidated and integrations using this client_id will stop working immediately. This cannot be undone.",
2997
3019
  successMessage: "OAuth application deleted",
2998
3020
  refreshAfter: true,
@@ -3172,6 +3194,25 @@ var SysOauthApplication = ObjectSchema.create({
3172
3194
  description: "OIDC subject type (e.g. public, pairwise)",
3173
3195
  group: "Credentials"
3174
3196
  }),
3197
+ jwks: Field.textarea({
3198
+ label: "JWKS",
3199
+ required: false,
3200
+ description: "Client JSON Web Key Set (for private_key_jwt / signed-request verification)",
3201
+ group: "Credentials"
3202
+ }),
3203
+ jwks_uri: Field.url({
3204
+ label: "JWKS URI",
3205
+ required: false,
3206
+ description: "URL of the client JSON Web Key Set",
3207
+ group: "Credentials"
3208
+ }),
3209
+ dpop_bound_access_tokens: Field.boolean({
3210
+ label: "DPoP-bound Access Tokens",
3211
+ required: false,
3212
+ defaultValue: false,
3213
+ description: "Require access tokens issued to this client to be DPoP-bound (RFC 9449)",
3214
+ group: "Credentials"
3215
+ }),
3175
3216
  // ── Behaviour flags ──────────────────────────────────────────
3176
3217
  disabled: Field.boolean({
3177
3218
  label: "Disabled",
@@ -3191,6 +3232,18 @@ var SysOauthApplication = ObjectSchema.create({
3191
3232
  description: "Allow the client to call the OIDC end-session endpoint",
3192
3233
  group: "Behaviour"
3193
3234
  }),
3235
+ backchannel_logout_uri: Field.url({
3236
+ label: "Back-channel Logout URI",
3237
+ required: false,
3238
+ description: "OIDC back-channel logout endpoint of the client",
3239
+ group: "Behaviour"
3240
+ }),
3241
+ backchannel_logout_session_required: Field.boolean({
3242
+ label: "Back-channel Logout Session Required",
3243
+ required: false,
3244
+ description: "Whether the back-channel logout token must include a sid claim",
3245
+ group: "Behaviour"
3246
+ }),
3194
3247
  // ── Software statement (RFC 7591 §2.3) ───────────────────────
3195
3248
  software_id: Field.text({
3196
3249
  label: "Software ID",
@@ -3316,6 +3369,22 @@ var SysOauthAccessToken = ObjectSchema.create({
3316
3369
  maxLength: 255,
3317
3370
  description: "Caller-supplied correlation identifier"
3318
3371
  }),
3372
+ authorization_code_id: Field.text({
3373
+ label: "Authorization Code ID",
3374
+ required: false,
3375
+ maxLength: 255,
3376
+ description: "ID of the authorization-code grant this token originates from"
3377
+ }),
3378
+ resources: Field.textarea({
3379
+ label: "Resources",
3380
+ required: false,
3381
+ description: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
3382
+ }),
3383
+ requested_user_info_claims: Field.textarea({
3384
+ label: "Requested UserInfo Claims",
3385
+ required: false,
3386
+ description: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
3387
+ }),
3319
3388
  scopes: Field.textarea({
3320
3389
  label: "Scopes",
3321
3390
  required: true,
@@ -3329,6 +3398,16 @@ var SysOauthAccessToken = ObjectSchema.create({
3329
3398
  label: "Created At",
3330
3399
  defaultValue: "NOW()",
3331
3400
  readonly: true
3401
+ }),
3402
+ revoked: Field.datetime({
3403
+ label: "Revoked At",
3404
+ required: false,
3405
+ description: "Timestamp at which this access token was revoked"
3406
+ }),
3407
+ confirmation: Field.textarea({
3408
+ label: "Confirmation",
3409
+ required: false,
3410
+ description: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
3332
3411
  })
3333
3412
  },
3334
3413
  indexes: [
@@ -3336,7 +3415,8 @@ var SysOauthAccessToken = ObjectSchema.create({
3336
3415
  { fields: ["client_id"] },
3337
3416
  { fields: ["session_id"] },
3338
3417
  { fields: ["user_id"] },
3339
- { fields: ["refresh_id"] }
3418
+ { fields: ["refresh_id"] },
3419
+ { fields: ["authorization_code_id"] }
3340
3420
  ],
3341
3421
  enable: {
3342
3422
  trackHistory: false,
@@ -3402,6 +3482,22 @@ var SysOauthRefreshToken = ObjectSchema.create({
3402
3482
  maxLength: 255,
3403
3483
  description: "Caller-supplied correlation identifier"
3404
3484
  }),
3485
+ authorization_code_id: Field.text({
3486
+ label: "Authorization Code ID",
3487
+ required: false,
3488
+ maxLength: 255,
3489
+ description: "ID of the authorization-code grant this token chain originates from"
3490
+ }),
3491
+ resources: Field.textarea({
3492
+ label: "Resources",
3493
+ required: false,
3494
+ description: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
3495
+ }),
3496
+ requested_user_info_claims: Field.textarea({
3497
+ label: "Requested UserInfo Claims",
3498
+ required: false,
3499
+ description: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
3500
+ }),
3405
3501
  scopes: Field.textarea({
3406
3502
  label: "Scopes",
3407
3503
  required: true,
@@ -3421,17 +3517,38 @@ var SysOauthRefreshToken = ObjectSchema.create({
3421
3517
  required: false,
3422
3518
  description: "Timestamp at which this refresh token was revoked"
3423
3519
  }),
3520
+ rotated_at: Field.datetime({
3521
+ label: "Rotated At",
3522
+ required: false,
3523
+ description: "Timestamp at which this token was rotated (superseded by a new row)"
3524
+ }),
3525
+ rotation_replay_response: Field.textarea({
3526
+ label: "Rotation Replay Response",
3527
+ required: false,
3528
+ description: "Cached token response replayed when the old token is re-presented within the reuse interval"
3529
+ }),
3530
+ rotation_replay_expires_at: Field.datetime({
3531
+ label: "Rotation Replay Expires At",
3532
+ required: false,
3533
+ description: "End of the post-rotation reuse interval during which the replay response is served"
3534
+ }),
3424
3535
  auth_time: Field.datetime({
3425
3536
  label: "Auth Time",
3426
3537
  required: false,
3427
3538
  description: "When the user originally authenticated for this token chain"
3539
+ }),
3540
+ confirmation: Field.textarea({
3541
+ label: "Confirmation",
3542
+ required: false,
3543
+ description: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
3428
3544
  })
3429
3545
  },
3430
3546
  indexes: [
3431
3547
  { fields: ["token"], unique: true },
3432
3548
  { fields: ["client_id"] },
3433
3549
  { fields: ["session_id"] },
3434
- { fields: ["user_id"] }
3550
+ { fields: ["user_id"] },
3551
+ { fields: ["authorization_code_id"] }
3435
3552
  ],
3436
3553
  enable: {
3437
3554
  trackHistory: false,
@@ -3481,6 +3598,16 @@ var SysOauthConsent = ObjectSchema.create({
3481
3598
  maxLength: 255,
3482
3599
  description: "Caller-supplied correlation identifier"
3483
3600
  }),
3601
+ resources: Field.textarea({
3602
+ label: "Resources",
3603
+ required: false,
3604
+ description: "JSON-serialized list of RFC 8707 resource indicators the consent covers"
3605
+ }),
3606
+ requested_user_info_claims: Field.textarea({
3607
+ label: "Requested UserInfo Claims",
3608
+ required: false,
3609
+ description: "JSON-serialized list of OIDC claims the user consented to expose"
3610
+ }),
3484
3611
  scopes: Field.textarea({
3485
3612
  label: "Scopes",
3486
3613
  required: true,
@@ -3510,6 +3637,215 @@ var SysOauthConsent = ObjectSchema.create({
3510
3637
  mru: false
3511
3638
  }
3512
3639
  });
3640
+ var SysOauthResource = ObjectSchema.create({
3641
+ name: "sys_oauth_resource",
3642
+ label: "OAuth Resource",
3643
+ pluralLabel: "OAuth Resources",
3644
+ icon: "server",
3645
+ isSystem: true,
3646
+ managedBy: "better-auth",
3647
+ // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
3648
+ // but may add overlay row-level config. Use `no-overlay` if you need to
3649
+ // forbid sys_metadata overlays entirely.
3650
+ protection: {
3651
+ lock: "full",
3652
+ reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
3653
+ docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
3654
+ },
3655
+ description: "Registered OAuth protected resources (RFC 8707 resource indicators)",
3656
+ displayNameField: "name",
3657
+ nameField: "name",
3658
+ highlightFields: ["name", "identifier", "disabled"],
3659
+ fields: {
3660
+ id: Field.text({
3661
+ label: "ID",
3662
+ required: true,
3663
+ readonly: true
3664
+ }),
3665
+ identifier: Field.text({
3666
+ label: "Identifier",
3667
+ required: true,
3668
+ maxLength: 1024,
3669
+ description: "Resource indicator URI presented in the RFC 8707 resource parameter"
3670
+ }),
3671
+ name: Field.text({
3672
+ label: "Name",
3673
+ required: true,
3674
+ maxLength: 255
3675
+ }),
3676
+ access_token_ttl: Field.number({
3677
+ label: "Access Token TTL",
3678
+ required: false,
3679
+ description: "Access-token lifetime in seconds for this resource (overrides the server default)"
3680
+ }),
3681
+ refresh_token_ttl: Field.number({
3682
+ label: "Refresh Token TTL",
3683
+ required: false,
3684
+ description: "Refresh-token lifetime in seconds for this resource (overrides the server default)"
3685
+ }),
3686
+ signing_algorithm: Field.text({
3687
+ label: "Signing Algorithm",
3688
+ required: false,
3689
+ maxLength: 32,
3690
+ description: "JWS algorithm used to sign access tokens for this resource"
3691
+ }),
3692
+ signing_key_id: Field.text({
3693
+ label: "Signing Key ID",
3694
+ required: false,
3695
+ maxLength: 255,
3696
+ description: "Key id (kid) used to sign access tokens for this resource"
3697
+ }),
3698
+ allowed_scopes: Field.textarea({
3699
+ label: "Allowed Scopes",
3700
+ required: false,
3701
+ description: "JSON-serialized list of scopes clients may request for this resource"
3702
+ }),
3703
+ custom_claims: Field.textarea({
3704
+ label: "Custom Claims",
3705
+ required: false,
3706
+ description: "JSON object of extra claims stamped on access tokens for this resource"
3707
+ }),
3708
+ dpop_bound_access_tokens_required: Field.boolean({
3709
+ label: "DPoP Required",
3710
+ required: false,
3711
+ defaultValue: false,
3712
+ description: "Require access tokens for this resource to be DPoP-bound (RFC 9449)"
3713
+ }),
3714
+ disabled: Field.boolean({
3715
+ label: "Disabled",
3716
+ required: false,
3717
+ defaultValue: false
3718
+ }),
3719
+ policy_version: Field.number({
3720
+ label: "Policy Version",
3721
+ required: false,
3722
+ defaultValue: 1,
3723
+ description: "Monotonic version of the resource token policy"
3724
+ }),
3725
+ metadata: Field.textarea({
3726
+ label: "Metadata",
3727
+ required: false,
3728
+ description: "JSON object of additional resource metadata"
3729
+ }),
3730
+ created_at: Field.datetime({
3731
+ label: "Created At",
3732
+ defaultValue: "NOW()",
3733
+ readonly: true
3734
+ }),
3735
+ updated_at: Field.datetime({
3736
+ label: "Updated At",
3737
+ defaultValue: "NOW()",
3738
+ readonly: true
3739
+ })
3740
+ },
3741
+ indexes: [
3742
+ { fields: ["identifier"], unique: true }
3743
+ ],
3744
+ enable: {
3745
+ trackHistory: false,
3746
+ searchable: false,
3747
+ apiEnabled: false,
3748
+ apiMethods: [],
3749
+ trash: false,
3750
+ mru: false
3751
+ }
3752
+ });
3753
+ var SysOauthClientResource = ObjectSchema.create({
3754
+ name: "sys_oauth_client_resource",
3755
+ label: "OAuth Client Resource",
3756
+ pluralLabel: "OAuth Client Resources",
3757
+ icon: "link",
3758
+ isSystem: true,
3759
+ managedBy: "better-auth",
3760
+ // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
3761
+ // but may add overlay row-level config. Use `no-overlay` if you need to
3762
+ // forbid sys_metadata overlays entirely.
3763
+ protection: {
3764
+ lock: "full",
3765
+ reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
3766
+ docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
3767
+ },
3768
+ description: "Grants allowing an OAuth client to request tokens for a protected resource",
3769
+ highlightFields: ["client_id", "resource_id"],
3770
+ fields: {
3771
+ id: Field.text({
3772
+ label: "ID",
3773
+ required: true,
3774
+ readonly: true
3775
+ }),
3776
+ client_id: Field.text({
3777
+ label: "Client ID",
3778
+ required: true,
3779
+ description: "Foreign key to sys_oauth_application.client_id"
3780
+ }),
3781
+ resource_id: Field.text({
3782
+ label: "Resource ID",
3783
+ required: true,
3784
+ maxLength: 1024,
3785
+ description: "Foreign key to sys_oauth_resource.identifier"
3786
+ }),
3787
+ metadata: Field.textarea({
3788
+ label: "Metadata",
3789
+ required: false,
3790
+ description: "JSON object of additional grant metadata"
3791
+ }),
3792
+ created_at: Field.datetime({
3793
+ label: "Created At",
3794
+ defaultValue: "NOW()",
3795
+ readonly: true
3796
+ })
3797
+ },
3798
+ indexes: [
3799
+ { fields: ["client_id"] },
3800
+ { fields: ["resource_id"] }
3801
+ ],
3802
+ enable: {
3803
+ trackHistory: false,
3804
+ searchable: false,
3805
+ apiEnabled: false,
3806
+ apiMethods: [],
3807
+ trash: false,
3808
+ mru: false
3809
+ }
3810
+ });
3811
+ var SysOauthClientAssertion = ObjectSchema.create({
3812
+ name: "sys_oauth_client_assertion",
3813
+ label: "OAuth Client Assertion",
3814
+ pluralLabel: "OAuth Client Assertions",
3815
+ icon: "shield-check",
3816
+ isSystem: true,
3817
+ managedBy: "better-auth",
3818
+ // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,
3819
+ // but may add overlay row-level config. Use `no-overlay` if you need to
3820
+ // forbid sys_metadata overlays entirely.
3821
+ protection: {
3822
+ lock: "full",
3823
+ reason: "Identity table managed by better-auth \u2014 see ADR-0010.",
3824
+ docsUrl: "https://docs.objectstack.ai/adr/0010-metadata-protection"
3825
+ },
3826
+ description: "Consumed OAuth client-assertion JTIs (RFC 7523 replay prevention)",
3827
+ highlightFields: ["expires_at"],
3828
+ fields: {
3829
+ id: Field.text({
3830
+ label: "ID",
3831
+ required: true,
3832
+ readonly: true
3833
+ }),
3834
+ expires_at: Field.datetime({
3835
+ label: "Expires At",
3836
+ required: true,
3837
+ description: "Assertion expiry \u2014 rows past this instant are safe to prune"
3838
+ })
3839
+ },
3840
+ enable: {
3841
+ trackHistory: false,
3842
+ searchable: false,
3843
+ apiEnabled: false,
3844
+ apiMethods: [],
3845
+ trash: false,
3846
+ mru: false
3847
+ }
3848
+ });
3513
3849
  var SysJwks = ObjectSchema.create({
3514
3850
  name: "sys_jwks",
3515
3851
  label: "JWKS Key",
@@ -3551,6 +3887,21 @@ var SysJwks = ObjectSchema.create({
3551
3887
  required: true,
3552
3888
  description: "JSON-serialized JWK private key (encrypted at rest)"
3553
3889
  }),
3890
+ // better-auth 1.7 records the key's signing algorithm and (for EdDSA/EC
3891
+ // keys) its curve alongside the key material, so tokens can advertise the
3892
+ // correct `alg`/`crv` in the JWKS response. Both are optional — legacy rows
3893
+ // minted before 1.7 leave them null and better-auth falls back to the
3894
+ // configured `keyPairConfig.alg` (default `EdDSA`).
3895
+ alg: Field.text({
3896
+ label: "Algorithm",
3897
+ required: false,
3898
+ description: "JWK signing algorithm, e.g. `EdDSA` (better-auth 1.7+)"
3899
+ }),
3900
+ crv: Field.text({
3901
+ label: "Curve",
3902
+ required: false,
3903
+ description: "JWK curve for EdDSA/EC keys, e.g. `Ed25519` (better-auth 1.7+)"
3904
+ }),
3554
3905
  created_at: Field.datetime({
3555
3906
  label: "Created At",
3556
3907
  required: true,
@@ -3593,7 +3944,7 @@ var SysSsoProvider = ObjectSchema.create({
3593
3944
  // Together: admins see all env providers; non-admins get 403. better-auth's
3594
3945
  // own endpoints already read via a system context. (Env-only object — no
3595
3946
  // control-plane cross-tenant risk.)
3596
- tenancy: { enabled: false, strategy: "shared" },
3947
+ tenancy: { enabled: false },
3597
3948
  requiredPermissions: ["manage_platform_settings"],
3598
3949
  // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema.
3599
3950
  protection: {
@@ -4102,24 +4453,6 @@ var SysAttachment = ObjectSchema.create({
4102
4453
  required: false,
4103
4454
  group: "File"
4104
4455
  }),
4105
- // ── Sharing ────────────────────────────────────────────────
4106
- share_type: Field.select(
4107
- ["viewer", "collaborator", "inferred"],
4108
- {
4109
- label: "Share Type",
4110
- defaultValue: "viewer",
4111
- description: "viewer | collaborator | inferred (inherited from parent record)",
4112
- group: "Sharing"
4113
- }
4114
- ),
4115
- visibility: Field.select(
4116
- ["internal", "all_users", "shared_users"],
4117
- {
4118
- label: "Visibility",
4119
- defaultValue: "internal",
4120
- group: "Sharing"
4121
- }
4122
- ),
4123
4456
  // ── Authoring ──────────────────────────────────────────────
4124
4457
  uploaded_by: Field.lookup("sys_user", {
4125
4458
  label: "Uploaded By",
@@ -4154,7 +4487,12 @@ var SysAttachment = ObjectSchema.create({
4154
4487
  trackHistory: false,
4155
4488
  searchable: true,
4156
4489
  apiEnabled: true,
4157
- trash: true,
4490
+ // [#2970 item 5 / ADR-0049] `trash` is `dead` in the liveness ledger (no
4491
+ // engine soft-delete reader) and attachment deletes ARE hard (#2755): the
4492
+ // reap guard reclaims a file's bytes once its last join row is gone, so a
4493
+ // "restore" would dangle. Declare `false` — the honest state — rather than
4494
+ // claim a restore capability the runtime does not provide.
4495
+ trash: false,
4158
4496
  mru: false,
4159
4497
  clone: false
4160
4498
  }
@@ -6389,7 +6727,12 @@ var enObjects = {
6389
6727
  ban_user: {
6390
6728
  label: "Ban User",
6391
6729
  confirmText: "Ban this user? They will be signed out and unable to sign in until unbanned.",
6392
- successMessage: "User banned"
6730
+ successMessage: "User banned",
6731
+ params: {
6732
+ banReason: {
6733
+ label: "Ban Reason"
6734
+ }
6735
+ }
6393
6736
  },
6394
6737
  unban_user: {
6395
6738
  label: "Unban User",
@@ -6401,15 +6744,46 @@ var enObjects = {
6401
6744
  },
6402
6745
  create_user: {
6403
6746
  label: "Create User",
6404
- successMessage: "User created"
6747
+ successMessage: "User created",
6748
+ params: {
6749
+ phoneNumber: {
6750
+ label: "Phone Number",
6751
+ helpText: "Sign-in phone number (E.164, e.g. +8613800000000). Required when no email is given."
6752
+ },
6753
+ generatePassword: {
6754
+ label: "Generate Temporary Password"
6755
+ },
6756
+ password: {
6757
+ label: "Password (leave empty to generate)"
6758
+ },
6759
+ mustChangePassword: {
6760
+ label: "Require Password Change On First Login"
6761
+ }
6762
+ }
6405
6763
  },
6406
6764
  set_user_password: {
6407
6765
  label: "Set Password",
6408
- successMessage: "Password updated"
6766
+ successMessage: "Password updated",
6767
+ params: {
6768
+ generatePassword: {
6769
+ label: "Generate Temporary Password"
6770
+ },
6771
+ newPassword: {
6772
+ label: "New Password (leave empty to generate)"
6773
+ },
6774
+ mustChangePassword: {
6775
+ label: "Require Password Change On Next Login"
6776
+ }
6777
+ }
6409
6778
  },
6410
6779
  set_user_role: {
6411
6780
  label: "Set Platform Role",
6412
- successMessage: "Role updated"
6781
+ successMessage: "Role updated",
6782
+ params: {
6783
+ role: {
6784
+ label: "Platform Role"
6785
+ }
6786
+ }
6413
6787
  },
6414
6788
  impersonate_user: {
6415
6789
  label: "Impersonate User",
@@ -6422,11 +6796,27 @@ var enObjects = {
6422
6796
  },
6423
6797
  change_my_password: {
6424
6798
  label: "Change Password",
6425
- successMessage: "Password changed"
6799
+ successMessage: "Password changed",
6800
+ params: {
6801
+ currentPassword: {
6802
+ label: "Current Password"
6803
+ },
6804
+ newPassword: {
6805
+ label: "New Password"
6806
+ },
6807
+ revokeOtherSessions: {
6808
+ label: "Sign out other devices"
6809
+ }
6810
+ }
6426
6811
  },
6427
6812
  change_my_email: {
6428
6813
  label: "Change Email",
6429
- successMessage: "Verification email sent \u2014 check the new address to confirm."
6814
+ successMessage: "Verification email sent \u2014 check the new address to confirm.",
6815
+ params: {
6816
+ newEmail: {
6817
+ label: "New Email"
6818
+ }
6819
+ }
6430
6820
  },
6431
6821
  resend_verification_email: {
6432
6822
  label: "Resend Verification Email",
@@ -6435,21 +6825,41 @@ var enObjects = {
6435
6825
  delete_my_account: {
6436
6826
  label: "Delete My Account",
6437
6827
  confirmText: "Permanently delete your account? This cannot be undone \u2014 all your sessions will be terminated and all data you own will be removed per the configured retention policy.",
6438
- successMessage: "Account deleted"
6828
+ successMessage: "Account deleted",
6829
+ params: {
6830
+ password: {
6831
+ label: "Current Password"
6832
+ }
6833
+ }
6439
6834
  },
6440
6835
  enable_two_factor: {
6441
6836
  label: "Enable Two-Factor Auth",
6442
- successMessage: "Two-factor authentication enabled. Scan the QR code or paste the otpauth URI into your authenticator app, then verify a code to complete setup."
6837
+ successMessage: "Two-factor authentication enabled. Scan the QR code or paste the otpauth URI into your authenticator app, then verify a code to complete setup.",
6838
+ params: {
6839
+ password: {
6840
+ label: "Current Password"
6841
+ }
6842
+ }
6443
6843
  },
6444
6844
  disable_two_factor: {
6445
6845
  label: "Disable Two-Factor Auth",
6446
6846
  confirmText: "Turn off two-factor authentication? Your account will be less secure.",
6447
- successMessage: "Two-factor authentication disabled."
6847
+ successMessage: "Two-factor authentication disabled.",
6848
+ params: {
6849
+ password: {
6850
+ label: "Current Password"
6851
+ }
6852
+ }
6448
6853
  },
6449
6854
  generate_backup_codes: {
6450
6855
  label: "Regenerate Backup Codes",
6451
6856
  confirmText: "Generate a new set of backup codes? Any previously generated codes will stop working.",
6452
- successMessage: "New backup codes generated \u2014 save them somewhere safe."
6857
+ successMessage: "New backup codes generated \u2014 save them somewhere safe.",
6858
+ params: {
6859
+ password: {
6860
+ label: "Current Password"
6861
+ }
6862
+ }
6453
6863
  }
6454
6864
  }
6455
6865
  },
@@ -6593,7 +7003,21 @@ var enObjects = {
6593
7003
  },
6594
7004
  _actions: {
6595
7005
  link_social: {
6596
- label: "Link Social Account"
7006
+ label: "Link Social Account",
7007
+ params: {
7008
+ provider: {
7009
+ label: "Provider",
7010
+ options: {
7011
+ google: "Google",
7012
+ github: "GitHub",
7013
+ microsoft: "Microsoft",
7014
+ apple: "Apple",
7015
+ facebook: "Facebook",
7016
+ gitlab: "GitLab",
7017
+ discord: "Discord"
7018
+ }
7019
+ }
7020
+ }
6597
7021
  },
6598
7022
  unlink_account: {
6599
7023
  label: "Unlink Account",
@@ -6726,7 +7150,11 @@ var enObjects = {
6726
7150
  },
6727
7151
  _views: {
6728
7152
  mine: {
6729
- label: "My Memberships"
7153
+ label: "My Memberships",
7154
+ emptyState: {
7155
+ title: "No organizations yet",
7156
+ message: "You haven't joined any organizations."
7157
+ }
6730
7158
  }
6731
7159
  },
6732
7160
  _actions: {
@@ -7146,16 +7574,31 @@ var enObjects = {
7146
7574
  },
7147
7575
  _actions: {
7148
7576
  enable_two_factor: {
7149
- label: "Enable 2FA"
7577
+ label: "Enable 2FA",
7578
+ params: {
7579
+ password: {
7580
+ label: "Current Password"
7581
+ }
7582
+ }
7150
7583
  },
7151
7584
  disable_two_factor: {
7152
7585
  label: "Disable 2FA",
7153
7586
  confirmText: "Disable two-factor authentication on your account?",
7154
- successMessage: "2FA disabled"
7587
+ successMessage: "2FA disabled",
7588
+ params: {
7589
+ password: {
7590
+ label: "Current Password"
7591
+ }
7592
+ }
7155
7593
  },
7156
7594
  regenerate_backup_codes: {
7157
7595
  label: "Regenerate Backup Codes",
7158
- confirmText: "Regenerate backup codes? All previous backup codes will stop working immediately."
7596
+ confirmText: "Regenerate backup codes? All previous backup codes will stop working immediately.",
7597
+ params: {
7598
+ password: {
7599
+ label: "Current Password"
7600
+ }
7601
+ }
7159
7602
  }
7160
7603
  }
7161
7604
  },
@@ -7335,6 +7778,18 @@ var enObjects = {
7335
7778
  label: "Subject Type",
7336
7779
  help: "OIDC subject type (e.g. public, pairwise)"
7337
7780
  },
7781
+ jwks: {
7782
+ label: "JWKS",
7783
+ help: "Client JSON Web Key Set (for private_key_jwt / signed-request verification)"
7784
+ },
7785
+ jwks_uri: {
7786
+ label: "JWKS URI",
7787
+ help: "URL of the client JSON Web Key Set"
7788
+ },
7789
+ dpop_bound_access_tokens: {
7790
+ label: "DPoP-bound Access Tokens",
7791
+ help: "Require access tokens issued to this client to be DPoP-bound (RFC 9449)"
7792
+ },
7338
7793
  disabled: {
7339
7794
  label: "Disabled"
7340
7795
  },
@@ -7346,6 +7801,14 @@ var enObjects = {
7346
7801
  label: "Enable End Session",
7347
7802
  help: "Allow the client to call the OIDC end-session endpoint"
7348
7803
  },
7804
+ backchannel_logout_uri: {
7805
+ label: "Back-channel Logout URI",
7806
+ help: "OIDC back-channel logout endpoint of the client"
7807
+ },
7808
+ backchannel_logout_session_required: {
7809
+ label: "Back-channel Logout Session Required",
7810
+ help: "Whether the back-channel logout token must include a sid claim"
7811
+ },
7349
7812
  software_id: {
7350
7813
  label: "Software ID"
7351
7814
  },
@@ -7397,7 +7860,25 @@ var enObjects = {
7397
7860
  successMessage: "OAuth application enabled"
7398
7861
  },
7399
7862
  create_oauth_application: {
7400
- label: "Register OAuth Application"
7863
+ label: "Register OAuth Application",
7864
+ params: {
7865
+ name: {
7866
+ label: "Application Name"
7867
+ },
7868
+ redirectURLs: {
7869
+ label: "Redirect URLs",
7870
+ helpText: "One URL per line. Must use https:// in production."
7871
+ },
7872
+ type: {
7873
+ label: "Application Type",
7874
+ options: {
7875
+ web: "Web",
7876
+ native: "Native",
7877
+ "user-agent-based": "User-agent based",
7878
+ public: "Public"
7879
+ }
7880
+ }
7881
+ }
7401
7882
  },
7402
7883
  rotate_client_secret: {
7403
7884
  label: "Rotate Client Secret",
@@ -7442,6 +7923,18 @@ var enObjects = {
7442
7923
  label: "Reference ID",
7443
7924
  help: "Caller-supplied correlation identifier"
7444
7925
  },
7926
+ authorization_code_id: {
7927
+ label: "Authorization Code ID",
7928
+ help: "ID of the authorization-code grant this token originates from"
7929
+ },
7930
+ resources: {
7931
+ label: "Resources",
7932
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
7933
+ },
7934
+ requested_user_info_claims: {
7935
+ label: "Requested UserInfo Claims",
7936
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
7937
+ },
7445
7938
  scopes: {
7446
7939
  label: "Scopes",
7447
7940
  help: "JSON-serialized list of scopes granted to this token"
@@ -7451,6 +7944,14 @@ var enObjects = {
7451
7944
  },
7452
7945
  created_at: {
7453
7946
  label: "Created At"
7947
+ },
7948
+ revoked: {
7949
+ label: "Revoked At",
7950
+ help: "Timestamp at which this access token was revoked"
7951
+ },
7952
+ confirmation: {
7953
+ label: "Confirmation",
7954
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
7454
7955
  }
7455
7956
  }
7456
7957
  },
@@ -7470,42 +7971,172 @@ var enObjects = {
7470
7971
  label: "Client ID",
7471
7972
  help: "Foreign key to sys_oauth_application.client_id"
7472
7973
  },
7473
- session_id: {
7474
- label: "Session",
7475
- help: "Foreign key to sys_session.id"
7974
+ session_id: {
7975
+ label: "Session",
7976
+ help: "Foreign key to sys_session.id"
7977
+ },
7978
+ user_id: {
7979
+ label: "User",
7980
+ help: "Foreign key to sys_user.id"
7981
+ },
7982
+ reference_id: {
7983
+ label: "Reference ID",
7984
+ help: "Caller-supplied correlation identifier"
7985
+ },
7986
+ authorization_code_id: {
7987
+ label: "Authorization Code ID",
7988
+ help: "ID of the authorization-code grant this token chain originates from"
7989
+ },
7990
+ resources: {
7991
+ label: "Resources",
7992
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
7993
+ },
7994
+ requested_user_info_claims: {
7995
+ label: "Requested UserInfo Claims",
7996
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
7997
+ },
7998
+ scopes: {
7999
+ label: "Scopes",
8000
+ help: "JSON-serialized list of scopes granted to this token"
8001
+ },
8002
+ expires_at: {
8003
+ label: "Expires At"
8004
+ },
8005
+ created_at: {
8006
+ label: "Created At"
8007
+ },
8008
+ revoked: {
8009
+ label: "Revoked At",
8010
+ help: "Timestamp at which this refresh token was revoked"
8011
+ },
8012
+ rotated_at: {
8013
+ label: "Rotated At",
8014
+ help: "Timestamp at which this token was rotated (superseded by a new row)"
8015
+ },
8016
+ rotation_replay_response: {
8017
+ label: "Rotation Replay Response",
8018
+ help: "Cached token response replayed when the old token is re-presented within the reuse interval"
8019
+ },
8020
+ rotation_replay_expires_at: {
8021
+ label: "Rotation Replay Expires At",
8022
+ help: "End of the post-rotation reuse interval during which the replay response is served"
8023
+ },
8024
+ auth_time: {
8025
+ label: "Auth Time",
8026
+ help: "When the user originally authenticated for this token chain"
8027
+ },
8028
+ confirmation: {
8029
+ label: "Confirmation",
8030
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
8031
+ }
8032
+ }
8033
+ },
8034
+ sys_oauth_consent: {
8035
+ label: "OAuth Consent",
8036
+ pluralLabel: "OAuth Consents",
8037
+ description: "User consent records for OAuth client applications",
8038
+ fields: {
8039
+ id: {
8040
+ label: "ID"
8041
+ },
8042
+ client_id: {
8043
+ label: "Client ID",
8044
+ help: "Foreign key to sys_oauth_application.client_id"
8045
+ },
8046
+ user_id: {
8047
+ label: "User",
8048
+ help: "Foreign key to sys_user.id"
8049
+ },
8050
+ reference_id: {
8051
+ label: "Reference ID",
8052
+ help: "Caller-supplied correlation identifier"
8053
+ },
8054
+ resources: {
8055
+ label: "Resources",
8056
+ help: "JSON-serialized list of RFC 8707 resource indicators the consent covers"
8057
+ },
8058
+ requested_user_info_claims: {
8059
+ label: "Requested UserInfo Claims",
8060
+ help: "JSON-serialized list of OIDC claims the user consented to expose"
8061
+ },
8062
+ scopes: {
8063
+ label: "Scopes",
8064
+ help: "JSON-serialized list of scopes the user consented to"
8065
+ },
8066
+ created_at: {
8067
+ label: "Created At"
8068
+ },
8069
+ updated_at: {
8070
+ label: "Updated At"
8071
+ }
8072
+ }
8073
+ },
8074
+ sys_oauth_resource: {
8075
+ label: "OAuth Resource",
8076
+ pluralLabel: "OAuth Resources",
8077
+ description: "Registered OAuth protected resources (RFC 8707 resource indicators)",
8078
+ fields: {
8079
+ id: {
8080
+ label: "ID"
8081
+ },
8082
+ identifier: {
8083
+ label: "Identifier",
8084
+ help: "Resource indicator URI presented in the RFC 8707 resource parameter"
8085
+ },
8086
+ name: {
8087
+ label: "Name"
8088
+ },
8089
+ access_token_ttl: {
8090
+ label: "Access Token TTL",
8091
+ help: "Access-token lifetime in seconds for this resource (overrides the server default)"
8092
+ },
8093
+ refresh_token_ttl: {
8094
+ label: "Refresh Token TTL",
8095
+ help: "Refresh-token lifetime in seconds for this resource (overrides the server default)"
8096
+ },
8097
+ signing_algorithm: {
8098
+ label: "Signing Algorithm",
8099
+ help: "JWS algorithm used to sign access tokens for this resource"
8100
+ },
8101
+ signing_key_id: {
8102
+ label: "Signing Key ID",
8103
+ help: "Key id (kid) used to sign access tokens for this resource"
8104
+ },
8105
+ allowed_scopes: {
8106
+ label: "Allowed Scopes",
8107
+ help: "JSON-serialized list of scopes clients may request for this resource"
7476
8108
  },
7477
- user_id: {
7478
- label: "User",
7479
- help: "Foreign key to sys_user.id"
8109
+ custom_claims: {
8110
+ label: "Custom Claims",
8111
+ help: "JSON object of extra claims stamped on access tokens for this resource"
7480
8112
  },
7481
- reference_id: {
7482
- label: "Reference ID",
7483
- help: "Caller-supplied correlation identifier"
8113
+ dpop_bound_access_tokens_required: {
8114
+ label: "DPoP Required",
8115
+ help: "Require access tokens for this resource to be DPoP-bound (RFC 9449)"
7484
8116
  },
7485
- scopes: {
7486
- label: "Scopes",
7487
- help: "JSON-serialized list of scopes granted to this token"
8117
+ disabled: {
8118
+ label: "Disabled"
7488
8119
  },
7489
- expires_at: {
7490
- label: "Expires At"
8120
+ policy_version: {
8121
+ label: "Policy Version",
8122
+ help: "Monotonic version of the resource token policy"
8123
+ },
8124
+ metadata: {
8125
+ label: "Metadata",
8126
+ help: "JSON object of additional resource metadata"
7491
8127
  },
7492
8128
  created_at: {
7493
8129
  label: "Created At"
7494
8130
  },
7495
- revoked: {
7496
- label: "Revoked At",
7497
- help: "Timestamp at which this refresh token was revoked"
7498
- },
7499
- auth_time: {
7500
- label: "Auth Time",
7501
- help: "When the user originally authenticated for this token chain"
8131
+ updated_at: {
8132
+ label: "Updated At"
7502
8133
  }
7503
8134
  }
7504
8135
  },
7505
- sys_oauth_consent: {
7506
- label: "OAuth Consent",
7507
- pluralLabel: "OAuth Consents",
7508
- description: "User consent records for OAuth client applications",
8136
+ sys_oauth_client_resource: {
8137
+ label: "OAuth Client Resource",
8138
+ pluralLabel: "OAuth Client Resources",
8139
+ description: "Grants allowing an OAuth client to request tokens for a protected resource",
7509
8140
  fields: {
7510
8141
  id: {
7511
8142
  label: "ID"
@@ -7514,23 +8145,30 @@ var enObjects = {
7514
8145
  label: "Client ID",
7515
8146
  help: "Foreign key to sys_oauth_application.client_id"
7516
8147
  },
7517
- user_id: {
7518
- label: "User",
7519
- help: "Foreign key to sys_user.id"
7520
- },
7521
- reference_id: {
7522
- label: "Reference ID",
7523
- help: "Caller-supplied correlation identifier"
8148
+ resource_id: {
8149
+ label: "Resource ID",
8150
+ help: "Foreign key to sys_oauth_resource.identifier"
7524
8151
  },
7525
- scopes: {
7526
- label: "Scopes",
7527
- help: "JSON-serialized list of scopes the user consented to"
8152
+ metadata: {
8153
+ label: "Metadata",
8154
+ help: "JSON object of additional grant metadata"
7528
8155
  },
7529
8156
  created_at: {
7530
8157
  label: "Created At"
8158
+ }
8159
+ }
8160
+ },
8161
+ sys_oauth_client_assertion: {
8162
+ label: "OAuth Client Assertion",
8163
+ pluralLabel: "OAuth Client Assertions",
8164
+ description: "Consumed OAuth client-assertion JTIs (RFC 7523 replay prevention)",
8165
+ fields: {
8166
+ id: {
8167
+ label: "ID"
7531
8168
  },
7532
- updated_at: {
7533
- label: "Updated At"
8169
+ expires_at: {
8170
+ label: "Expires At",
8171
+ help: "Assertion expiry \u2014 rows past this instant are safe to prune"
7534
8172
  }
7535
8173
  }
7536
8174
  },
@@ -7551,6 +8189,14 @@ var enObjects = {
7551
8189
  label: "Private Key",
7552
8190
  help: "JSON-serialized JWK private key (encrypted at rest)"
7553
8191
  },
8192
+ alg: {
8193
+ label: "Algorithm",
8194
+ help: "JWK signing algorithm, e.g. `EdDSA` (better-auth 1.7+)"
8195
+ },
8196
+ crv: {
8197
+ label: "Curve",
8198
+ help: "JWK curve for EdDSA/EC keys, e.g. `Ed25519` (better-auth 1.7+)"
8199
+ },
7554
8200
  created_at: {
7555
8201
  label: "Created At"
7556
8202
  },
@@ -7607,7 +8253,11 @@ var enObjects = {
7607
8253
  },
7608
8254
  _views: {
7609
8255
  recent: {
7610
- label: "Recent"
8256
+ label: "Recent",
8257
+ emptyState: {
8258
+ title: "No events",
8259
+ message: "No notification events have been emitted."
8260
+ }
7611
8261
  },
7612
8262
  by_topic: {
7613
8263
  label: "By Topic"
@@ -7644,23 +8294,6 @@ var enObjects = {
7644
8294
  size: {
7645
8295
  label: "Size (bytes)"
7646
8296
  },
7647
- share_type: {
7648
- label: "Share Type",
7649
- help: "viewer | collaborator | inferred (inherited from parent record)",
7650
- options: {
7651
- viewer: "viewer",
7652
- collaborator: "collaborator",
7653
- inferred: "inferred"
7654
- }
7655
- },
7656
- visibility: {
7657
- label: "Visibility",
7658
- options: {
7659
- internal: "internal",
7660
- all_users: "all_users",
7661
- shared_users: "shared_users"
7662
- }
7663
- },
7664
8297
  uploaded_by: {
7665
8298
  label: "Uploaded By"
7666
8299
  },
@@ -8967,7 +9600,12 @@ var zhCNObjects = {
8967
9600
  ban_user: {
8968
9601
  label: "\u5C01\u7981\u7528\u6237",
8969
9602
  confirmText: "\u8981\u5C01\u7981\u8BE5\u7528\u6237\u5417\uFF1F\u5C01\u7981\u540E\u4F1A\u7ACB\u5373\u767B\u51FA\uFF0C\u4E14\u5728\u89E3\u9664\u5C01\u7981\u524D\u65E0\u6CD5\u518D\u6B21\u767B\u5F55\u3002",
8970
- successMessage: "\u7528\u6237\u5DF2\u5C01\u7981"
9603
+ successMessage: "\u7528\u6237\u5DF2\u5C01\u7981",
9604
+ params: {
9605
+ banReason: {
9606
+ label: "\u5C01\u7981\u539F\u56E0"
9607
+ }
9608
+ }
8971
9609
  },
8972
9610
  unban_user: {
8973
9611
  label: "\u89E3\u9664\u5C01\u7981",
@@ -8979,15 +9617,46 @@ var zhCNObjects = {
8979
9617
  },
8980
9618
  create_user: {
8981
9619
  label: "\u521B\u5EFA\u7528\u6237",
8982
- successMessage: "\u7528\u6237\u5DF2\u521B\u5EFA"
9620
+ successMessage: "\u7528\u6237\u5DF2\u521B\u5EFA",
9621
+ params: {
9622
+ phoneNumber: {
9623
+ label: "\u624B\u673A\u53F7",
9624
+ helpText: "\u767B\u5F55\u624B\u673A\u53F7\uFF08E.164 \u683C\u5F0F\uFF0C\u5982 +8613800000000\uFF09\u3002\u672A\u586B\u5199\u90AE\u7BB1\u65F6\u5FC5\u586B\u3002"
9625
+ },
9626
+ generatePassword: {
9627
+ label: "\u751F\u6210\u4E34\u65F6\u5BC6\u7801"
9628
+ },
9629
+ password: {
9630
+ label: "\u5BC6\u7801\uFF08\u7559\u7A7A\u5219\u81EA\u52A8\u751F\u6210\uFF09"
9631
+ },
9632
+ mustChangePassword: {
9633
+ label: "\u9996\u6B21\u767B\u5F55\u65F6\u5FC5\u987B\u4FEE\u6539\u5BC6\u7801"
9634
+ }
9635
+ }
8983
9636
  },
8984
9637
  set_user_password: {
8985
9638
  label: "\u8BBE\u7F6E\u5BC6\u7801",
8986
- successMessage: "\u5BC6\u7801\u5DF2\u66F4\u65B0"
9639
+ successMessage: "\u5BC6\u7801\u5DF2\u66F4\u65B0",
9640
+ params: {
9641
+ generatePassword: {
9642
+ label: "\u751F\u6210\u4E34\u65F6\u5BC6\u7801"
9643
+ },
9644
+ newPassword: {
9645
+ label: "\u65B0\u5BC6\u7801\uFF08\u7559\u7A7A\u5219\u81EA\u52A8\u751F\u6210\uFF09"
9646
+ },
9647
+ mustChangePassword: {
9648
+ label: "\u4E0B\u6B21\u767B\u5F55\u65F6\u5FC5\u987B\u4FEE\u6539\u5BC6\u7801"
9649
+ }
9650
+ }
8987
9651
  },
8988
9652
  set_user_role: {
8989
9653
  label: "\u8BBE\u7F6E\u5E73\u53F0\u89D2\u8272",
8990
- successMessage: "\u89D2\u8272\u5DF2\u66F4\u65B0"
9654
+ successMessage: "\u89D2\u8272\u5DF2\u66F4\u65B0",
9655
+ params: {
9656
+ role: {
9657
+ label: "\u5E73\u53F0\u89D2\u8272"
9658
+ }
9659
+ }
8991
9660
  },
8992
9661
  impersonate_user: {
8993
9662
  label: "\u6A21\u62DF\u7528\u6237",
@@ -9000,11 +9669,27 @@ var zhCNObjects = {
9000
9669
  },
9001
9670
  change_my_password: {
9002
9671
  label: "\u4FEE\u6539\u5BC6\u7801",
9003
- successMessage: "\u5DF2\u4FEE\u6539\u5BC6\u7801"
9672
+ successMessage: "\u5DF2\u4FEE\u6539\u5BC6\u7801",
9673
+ params: {
9674
+ currentPassword: {
9675
+ label: "\u5F53\u524D\u5BC6\u7801"
9676
+ },
9677
+ newPassword: {
9678
+ label: "\u65B0\u5BC6\u7801"
9679
+ },
9680
+ revokeOtherSessions: {
9681
+ label: "\u767B\u51FA\u5176\u4ED6\u8BBE\u5907"
9682
+ }
9683
+ }
9004
9684
  },
9005
9685
  change_my_email: {
9006
9686
  label: "\u4FEE\u6539\u90AE\u7BB1",
9007
- successMessage: "\u5DF2\u53D1\u9001\u9A8C\u8BC1\u90AE\u4EF6\uFF0C\u8BF7\u524D\u5F80\u65B0\u90AE\u7BB1\u786E\u8BA4\u3002"
9687
+ successMessage: "\u5DF2\u53D1\u9001\u9A8C\u8BC1\u90AE\u4EF6\uFF0C\u8BF7\u524D\u5F80\u65B0\u90AE\u7BB1\u786E\u8BA4\u3002",
9688
+ params: {
9689
+ newEmail: {
9690
+ label: "\u65B0\u90AE\u7BB1"
9691
+ }
9692
+ }
9008
9693
  },
9009
9694
  resend_verification_email: {
9010
9695
  label: "\u91CD\u53D1\u9A8C\u8BC1\u90AE\u4EF6",
@@ -9013,21 +9698,41 @@ var zhCNObjects = {
9013
9698
  delete_my_account: {
9014
9699
  label: "\u5220\u9664\u6211\u7684\u8D26\u53F7",
9015
9700
  confirmText: "\u786E\u5B9A\u8981\u6C38\u4E45\u5220\u9664\u60A8\u7684\u8D26\u6237\u5417\uFF1F\u6B64\u64CD\u4F5C\u65E0\u6CD5\u64A4\u9500\u2014\u2014\u60A8\u7684\u6240\u6709\u4F1A\u8BDD\u90FD\u5C06\u88AB\u7EC8\u6B62\uFF0C\u5E76\u5C06\u6309\u7167\u914D\u7F6E\u7684\u4FDD\u7559\u7B56\u7565\u79FB\u9664\u60A8\u62E5\u6709\u7684\u6240\u6709\u6570\u636E\u3002",
9016
- successMessage: "\u5DF2\u5220\u9664\u8D26\u53F7"
9701
+ successMessage: "\u5DF2\u5220\u9664\u8D26\u53F7",
9702
+ params: {
9703
+ password: {
9704
+ label: "\u5F53\u524D\u5BC6\u7801"
9705
+ }
9706
+ }
9017
9707
  },
9018
9708
  enable_two_factor: {
9019
9709
  label: "\u542F\u7528\u53CC\u56E0\u7D20\u8BA4\u8BC1",
9020
- successMessage: "\u53CC\u56E0\u7D20\u8BA4\u8BC1\u5DF2\u542F\u7528\u3002\u7528\u8EAB\u4EFD\u9A8C\u8BC1\u5668 App \u626B\u63CF\u4E8C\u7EF4\u7801\u6216\u7C98\u8D34 otpauth URI\uFF0C\u7136\u540E\u9A8C\u8BC1\u4E00\u6B21\u52A8\u6001\u7801\u4EE5\u5B8C\u6210\u8BBE\u7F6E\u3002"
9710
+ successMessage: "\u53CC\u56E0\u7D20\u8BA4\u8BC1\u5DF2\u542F\u7528\u3002\u7528\u8EAB\u4EFD\u9A8C\u8BC1\u5668 App \u626B\u63CF\u4E8C\u7EF4\u7801\u6216\u7C98\u8D34 otpauth URI\uFF0C\u7136\u540E\u9A8C\u8BC1\u4E00\u6B21\u52A8\u6001\u7801\u4EE5\u5B8C\u6210\u8BBE\u7F6E\u3002",
9711
+ params: {
9712
+ password: {
9713
+ label: "\u5F53\u524D\u5BC6\u7801"
9714
+ }
9715
+ }
9021
9716
  },
9022
9717
  disable_two_factor: {
9023
9718
  label: "\u505C\u7528\u53CC\u56E0\u7D20\u8BA4\u8BC1",
9024
9719
  confirmText: "\u8981\u5173\u95ED\u53CC\u56E0\u7D20\u8BA4\u8BC1\u5417\uFF1F\u60A8\u7684\u8D26\u6237\u5B89\u5168\u6027\u5C06\u964D\u4F4E\u3002",
9025
- successMessage: "\u53CC\u56E0\u7D20\u8BA4\u8BC1\u5DF2\u505C\u7528\u3002"
9720
+ successMessage: "\u53CC\u56E0\u7D20\u8BA4\u8BC1\u5DF2\u505C\u7528\u3002",
9721
+ params: {
9722
+ password: {
9723
+ label: "\u5F53\u524D\u5BC6\u7801"
9724
+ }
9725
+ }
9026
9726
  },
9027
9727
  generate_backup_codes: {
9028
9728
  label: "\u91CD\u65B0\u751F\u6210\u5907\u7528\u7801",
9029
9729
  confirmText: "\u8981\u751F\u6210\u4E00\u7EC4\u65B0\u7684\u5907\u7528\u7801\u5417\uFF1F\u4E4B\u524D\u751F\u6210\u7684\u5907\u7528\u7801\u5C06\u5168\u90E8\u5931\u6548\u3002",
9030
- successMessage: "\u65B0\u5907\u7528\u7801\u5DF2\u751F\u6210\u2014\u2014\u8BF7\u59A5\u5584\u4FDD\u5B58\u3002"
9730
+ successMessage: "\u65B0\u5907\u7528\u7801\u5DF2\u751F\u6210\u2014\u2014\u8BF7\u59A5\u5584\u4FDD\u5B58\u3002",
9731
+ params: {
9732
+ password: {
9733
+ label: "\u5F53\u524D\u5BC6\u7801"
9734
+ }
9735
+ }
9031
9736
  }
9032
9737
  }
9033
9738
  },
@@ -9171,7 +9876,21 @@ var zhCNObjects = {
9171
9876
  },
9172
9877
  _actions: {
9173
9878
  link_social: {
9174
- label: "\u5173\u8054\u793E\u4EA4\u8D26\u53F7"
9879
+ label: "\u5173\u8054\u793E\u4EA4\u8D26\u53F7",
9880
+ params: {
9881
+ provider: {
9882
+ label: "\u670D\u52A1\u63D0\u4F9B\u5546",
9883
+ options: {
9884
+ google: "Google",
9885
+ github: "GitHub",
9886
+ microsoft: "Microsoft",
9887
+ apple: "Apple",
9888
+ facebook: "Facebook",
9889
+ gitlab: "GitLab",
9890
+ discord: "Discord"
9891
+ }
9892
+ }
9893
+ }
9175
9894
  },
9176
9895
  unlink_account: {
9177
9896
  label: "\u89E3\u9664\u5173\u8054",
@@ -9304,7 +10023,11 @@ var zhCNObjects = {
9304
10023
  },
9305
10024
  _views: {
9306
10025
  mine: {
9307
- label: "My Memberships"
10026
+ label: "My Memberships",
10027
+ emptyState: {
10028
+ title: "No organizations yet",
10029
+ message: "You haven't joined any organizations."
10030
+ }
9308
10031
  }
9309
10032
  },
9310
10033
  _actions: {
@@ -9724,16 +10447,31 @@ var zhCNObjects = {
9724
10447
  },
9725
10448
  _actions: {
9726
10449
  enable_two_factor: {
9727
- label: "\u542F\u7528 2FA"
10450
+ label: "\u542F\u7528 2FA",
10451
+ params: {
10452
+ password: {
10453
+ label: "\u5F53\u524D\u5BC6\u7801"
10454
+ }
10455
+ }
9728
10456
  },
9729
10457
  disable_two_factor: {
9730
10458
  label: "\u505C\u7528 2FA",
9731
10459
  confirmText: "\u8981\u505C\u7528\u4F60\u8D26\u53F7\u4E0A\u7684\u53CC\u56E0\u7D20\u8BA4\u8BC1\u5417\uFF1F",
9732
- successMessage: "2FA \u5DF2\u505C\u7528"
10460
+ successMessage: "2FA \u5DF2\u505C\u7528",
10461
+ params: {
10462
+ password: {
10463
+ label: "\u5F53\u524D\u5BC6\u7801"
10464
+ }
10465
+ }
9733
10466
  },
9734
10467
  regenerate_backup_codes: {
9735
10468
  label: "\u91CD\u65B0\u751F\u6210\u5907\u7528\u7801",
9736
- confirmText: "\u786E\u5B9A\u8981\u91CD\u65B0\u751F\u6210\u5907\u4EFD\u7801\u5417\uFF1F\u6B64\u524D\u7684\u6240\u6709\u5907\u4EFD\u7801\u5C06\u7ACB\u5373\u5931\u6548\u3002"
10469
+ confirmText: "\u786E\u5B9A\u8981\u91CD\u65B0\u751F\u6210\u5907\u4EFD\u7801\u5417\uFF1F\u6B64\u524D\u7684\u6240\u6709\u5907\u4EFD\u7801\u5C06\u7ACB\u5373\u5931\u6548\u3002",
10470
+ params: {
10471
+ password: {
10472
+ label: "\u5F53\u524D\u5BC6\u7801"
10473
+ }
10474
+ }
9737
10475
  }
9738
10476
  }
9739
10477
  },
@@ -9913,6 +10651,18 @@ var zhCNObjects = {
9913
10651
  label: "\u4E3B\u4F53\u7C7B\u578B",
9914
10652
  help: "OIDC \u4E3B\u4F53\u7C7B\u578B\uFF08\u4F8B\u5982 public\u3001pairwise\uFF09"
9915
10653
  },
10654
+ jwks: {
10655
+ label: "JWKS",
10656
+ help: "Client JSON Web Key Set (for private_key_jwt / signed-request verification)"
10657
+ },
10658
+ jwks_uri: {
10659
+ label: "JWKS URI",
10660
+ help: "URL of the client JSON Web Key Set"
10661
+ },
10662
+ dpop_bound_access_tokens: {
10663
+ label: "DPoP-bound Access Tokens",
10664
+ help: "Require access tokens issued to this client to be DPoP-bound (RFC 9449)"
10665
+ },
9916
10666
  disabled: {
9917
10667
  label: "\u5DF2\u7981\u7528"
9918
10668
  },
@@ -9924,6 +10674,14 @@ var zhCNObjects = {
9924
10674
  label: "\u542F\u7528 End Session",
9925
10675
  help: "\u5141\u8BB8\u5BA2\u6237\u7AEF\u8C03\u7528 OIDC end-session \u7AEF\u70B9"
9926
10676
  },
10677
+ backchannel_logout_uri: {
10678
+ label: "Back-channel Logout URI",
10679
+ help: "OIDC back-channel logout endpoint of the client"
10680
+ },
10681
+ backchannel_logout_session_required: {
10682
+ label: "Back-channel Logout Session Required",
10683
+ help: "Whether the back-channel logout token must include a sid claim"
10684
+ },
9927
10685
  software_id: {
9928
10686
  label: "\u8F6F\u4EF6 ID"
9929
10687
  },
@@ -9975,7 +10733,25 @@ var zhCNObjects = {
9975
10733
  successMessage: "OAuth \u5E94\u7528\u5DF2\u542F\u7528"
9976
10734
  },
9977
10735
  create_oauth_application: {
9978
- label: "\u6CE8\u518C OAuth \u5E94\u7528"
10736
+ label: "\u6CE8\u518C OAuth \u5E94\u7528",
10737
+ params: {
10738
+ name: {
10739
+ label: "\u5E94\u7528\u540D\u79F0"
10740
+ },
10741
+ redirectURLs: {
10742
+ label: "\u56DE\u8C03 URL",
10743
+ helpText: "\u6BCF\u884C\u4E00\u4E2A URL\u3002\u751F\u4EA7\u73AF\u5883\u5FC5\u987B\u4F7F\u7528 https://\u3002"
10744
+ },
10745
+ type: {
10746
+ label: "\u5E94\u7528\u7C7B\u578B",
10747
+ options: {
10748
+ web: "Web",
10749
+ native: "\u539F\u751F\u5E94\u7528",
10750
+ "user-agent-based": "\u57FA\u4E8E User-Agent",
10751
+ public: "\u516C\u5171\u5BA2\u6237\u7AEF"
10752
+ }
10753
+ }
10754
+ }
9979
10755
  },
9980
10756
  rotate_client_secret: {
9981
10757
  label: "\u8F6E\u6362 Client Secret",
@@ -10020,6 +10796,18 @@ var zhCNObjects = {
10020
10796
  label: "\u5F15\u7528 ID",
10021
10797
  help: "\u8C03\u7528\u65B9\u63D0\u4F9B\u7684\u5173\u8054\u6807\u8BC6\u7B26"
10022
10798
  },
10799
+ authorization_code_id: {
10800
+ label: "Authorization Code ID",
10801
+ help: "ID of the authorization-code grant this token originates from"
10802
+ },
10803
+ resources: {
10804
+ label: "Resources",
10805
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
10806
+ },
10807
+ requested_user_info_claims: {
10808
+ label: "Requested UserInfo Claims",
10809
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
10810
+ },
10023
10811
  scopes: {
10024
10812
  label: "\u8303\u56F4",
10025
10813
  help: "\u6388\u4E88\u8BE5\u4EE4\u724C\u7684 scopes \u7684 JSON \u5E8F\u5217\u5316\u5217\u8868"
@@ -10029,6 +10817,14 @@ var zhCNObjects = {
10029
10817
  },
10030
10818
  created_at: {
10031
10819
  label: "\u521B\u5EFA\u65F6\u95F4"
10820
+ },
10821
+ revoked: {
10822
+ label: "Revoked At",
10823
+ help: "Timestamp at which this access token was revoked"
10824
+ },
10825
+ confirmation: {
10826
+ label: "Confirmation",
10827
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
10032
10828
  }
10033
10829
  }
10034
10830
  },
@@ -10060,6 +10856,18 @@ var zhCNObjects = {
10060
10856
  label: "\u5F15\u7528 ID",
10061
10857
  help: "\u8C03\u7528\u65B9\u63D0\u4F9B\u7684\u5173\u8054\u6807\u8BC6\u7B26"
10062
10858
  },
10859
+ authorization_code_id: {
10860
+ label: "Authorization Code ID",
10861
+ help: "ID of the authorization-code grant this token chain originates from"
10862
+ },
10863
+ resources: {
10864
+ label: "Resources",
10865
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
10866
+ },
10867
+ requested_user_info_claims: {
10868
+ label: "Requested UserInfo Claims",
10869
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
10870
+ },
10063
10871
  scopes: {
10064
10872
  label: "\u8303\u56F4",
10065
10873
  help: "\u6388\u4E88\u8BE5\u4EE4\u724C\u7684 scopes \u7684 JSON \u5E8F\u5217\u5316\u5217\u8868"
@@ -10074,9 +10882,25 @@ var zhCNObjects = {
10074
10882
  label: "\u64A4\u9500\u65F6\u95F4",
10075
10883
  help: "\u8BE5\u5237\u65B0\u4EE4\u724C\u88AB\u64A4\u9500\u7684\u65F6\u95F4\u6233"
10076
10884
  },
10885
+ rotated_at: {
10886
+ label: "Rotated At",
10887
+ help: "Timestamp at which this token was rotated (superseded by a new row)"
10888
+ },
10889
+ rotation_replay_response: {
10890
+ label: "Rotation Replay Response",
10891
+ help: "Cached token response replayed when the old token is re-presented within the reuse interval"
10892
+ },
10893
+ rotation_replay_expires_at: {
10894
+ label: "Rotation Replay Expires At",
10895
+ help: "End of the post-rotation reuse interval during which the replay response is served"
10896
+ },
10077
10897
  auth_time: {
10078
10898
  label: "\u8BA4\u8BC1\u65F6\u95F4",
10079
10899
  help: "\u8BE5\u4EE4\u724C\u94FE\u4E2D\u7528\u6237\u6700\u521D\u5B8C\u6210\u8BA4\u8BC1\u7684\u65F6\u95F4"
10900
+ },
10901
+ confirmation: {
10902
+ label: "Confirmation",
10903
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
10080
10904
  }
10081
10905
  }
10082
10906
  },
@@ -10100,6 +10924,14 @@ var zhCNObjects = {
10100
10924
  label: "\u5F15\u7528 ID",
10101
10925
  help: "\u8C03\u7528\u65B9\u63D0\u4F9B\u7684\u5173\u8054\u6807\u8BC6\u7B26"
10102
10926
  },
10927
+ resources: {
10928
+ label: "Resources",
10929
+ help: "JSON-serialized list of RFC 8707 resource indicators the consent covers"
10930
+ },
10931
+ requested_user_info_claims: {
10932
+ label: "Requested UserInfo Claims",
10933
+ help: "JSON-serialized list of OIDC claims the user consented to expose"
10934
+ },
10103
10935
  scopes: {
10104
10936
  label: "\u8303\u56F4",
10105
10937
  help: "\u7528\u6237\u540C\u610F\u7684 scopes \u7684 JSON \u5E8F\u5217\u5316\u5217\u8868"
@@ -10112,6 +10944,107 @@ var zhCNObjects = {
10112
10944
  }
10113
10945
  }
10114
10946
  },
10947
+ sys_oauth_resource: {
10948
+ label: "OAuth Resource",
10949
+ pluralLabel: "OAuth Resources",
10950
+ description: "Registered OAuth protected resources (RFC 8707 resource indicators)",
10951
+ fields: {
10952
+ id: {
10953
+ label: "ID"
10954
+ },
10955
+ identifier: {
10956
+ label: "Identifier",
10957
+ help: "Resource indicator URI presented in the RFC 8707 resource parameter"
10958
+ },
10959
+ name: {
10960
+ label: "Name"
10961
+ },
10962
+ access_token_ttl: {
10963
+ label: "Access Token TTL",
10964
+ help: "Access-token lifetime in seconds for this resource (overrides the server default)"
10965
+ },
10966
+ refresh_token_ttl: {
10967
+ label: "Refresh Token TTL",
10968
+ help: "Refresh-token lifetime in seconds for this resource (overrides the server default)"
10969
+ },
10970
+ signing_algorithm: {
10971
+ label: "Signing Algorithm",
10972
+ help: "JWS algorithm used to sign access tokens for this resource"
10973
+ },
10974
+ signing_key_id: {
10975
+ label: "Signing Key ID",
10976
+ help: "Key id (kid) used to sign access tokens for this resource"
10977
+ },
10978
+ allowed_scopes: {
10979
+ label: "Allowed Scopes",
10980
+ help: "JSON-serialized list of scopes clients may request for this resource"
10981
+ },
10982
+ custom_claims: {
10983
+ label: "Custom Claims",
10984
+ help: "JSON object of extra claims stamped on access tokens for this resource"
10985
+ },
10986
+ dpop_bound_access_tokens_required: {
10987
+ label: "DPoP Required",
10988
+ help: "Require access tokens for this resource to be DPoP-bound (RFC 9449)"
10989
+ },
10990
+ disabled: {
10991
+ label: "Disabled"
10992
+ },
10993
+ policy_version: {
10994
+ label: "Policy Version",
10995
+ help: "Monotonic version of the resource token policy"
10996
+ },
10997
+ metadata: {
10998
+ label: "Metadata",
10999
+ help: "JSON object of additional resource metadata"
11000
+ },
11001
+ created_at: {
11002
+ label: "Created At"
11003
+ },
11004
+ updated_at: {
11005
+ label: "Updated At"
11006
+ }
11007
+ }
11008
+ },
11009
+ sys_oauth_client_resource: {
11010
+ label: "OAuth Client Resource",
11011
+ pluralLabel: "OAuth Client Resources",
11012
+ description: "Grants allowing an OAuth client to request tokens for a protected resource",
11013
+ fields: {
11014
+ id: {
11015
+ label: "ID"
11016
+ },
11017
+ client_id: {
11018
+ label: "Client ID",
11019
+ help: "Foreign key to sys_oauth_application.client_id"
11020
+ },
11021
+ resource_id: {
11022
+ label: "Resource ID",
11023
+ help: "Foreign key to sys_oauth_resource.identifier"
11024
+ },
11025
+ metadata: {
11026
+ label: "Metadata",
11027
+ help: "JSON object of additional grant metadata"
11028
+ },
11029
+ created_at: {
11030
+ label: "Created At"
11031
+ }
11032
+ }
11033
+ },
11034
+ sys_oauth_client_assertion: {
11035
+ label: "OAuth Client Assertion",
11036
+ pluralLabel: "OAuth Client Assertions",
11037
+ description: "Consumed OAuth client-assertion JTIs (RFC 7523 replay prevention)",
11038
+ fields: {
11039
+ id: {
11040
+ label: "ID"
11041
+ },
11042
+ expires_at: {
11043
+ label: "Expires At",
11044
+ help: "Assertion expiry \u2014 rows past this instant are safe to prune"
11045
+ }
11046
+ }
11047
+ },
10115
11048
  sys_jwks: {
10116
11049
  label: "\u7B7E\u540D\u5BC6\u94A5 (JWKS)",
10117
11050
  pluralLabel: "\u7B7E\u540D\u5BC6\u94A5 (JWKS)",
@@ -10129,6 +11062,14 @@ var zhCNObjects = {
10129
11062
  label: "\u79C1\u94A5",
10130
11063
  help: "JWK \u79C1\u94A5\u7684 JSON \u5E8F\u5217\u5316\u5185\u5BB9\uFF08\u9759\u6001\u5B58\u50A8\u65F6\u52A0\u5BC6\uFF09"
10131
11064
  },
11065
+ alg: {
11066
+ label: "\u7B97\u6CD5",
11067
+ help: "JWK \u7B7E\u540D\u7B97\u6CD5\uFF0C\u5982 `EdDSA`\uFF08better-auth 1.7+\uFF09"
11068
+ },
11069
+ crv: {
11070
+ label: "\u66F2\u7EBF",
11071
+ help: "EdDSA/EC \u5BC6\u94A5\u4F7F\u7528\u7684 JWK \u66F2\u7EBF\uFF0C\u5982 `Ed25519`\uFF08better-auth 1.7+\uFF09"
11072
+ },
10132
11073
  created_at: {
10133
11074
  label: "\u521B\u5EFA\u65F6\u95F4"
10134
11075
  },
@@ -10185,7 +11126,11 @@ var zhCNObjects = {
10185
11126
  },
10186
11127
  _views: {
10187
11128
  recent: {
10188
- label: "Recent"
11129
+ label: "Recent",
11130
+ emptyState: {
11131
+ title: "No events",
11132
+ message: "No notification events have been emitted."
11133
+ }
10189
11134
  },
10190
11135
  by_topic: {
10191
11136
  label: "By Topic"
@@ -10222,23 +11167,6 @@ var zhCNObjects = {
10222
11167
  size: {
10223
11168
  label: "\u5927\u5C0F\uFF08\u5B57\u8282\uFF09"
10224
11169
  },
10225
- share_type: {
10226
- label: "\u5171\u4EAB\u7C7B\u578B",
10227
- help: "viewer | collaborator | inferred\uFF08\u7EE7\u627F\u81EA\u7236\u8BB0\u5F55\uFF09",
10228
- options: {
10229
- viewer: "\u67E5\u770B\u8005",
10230
- collaborator: "\u534F\u4F5C\u8005",
10231
- inferred: "\u63A8\u65AD"
10232
- }
10233
- },
10234
- visibility: {
10235
- label: "\u53EF\u89C1\u6027",
10236
- options: {
10237
- internal: "\u5185\u90E8",
10238
- all_users: "\u5168\u90E8\u7528\u6237",
10239
- shared_users: "\u5171\u4EAB\u7528\u6237"
10240
- }
10241
- },
10242
11170
  uploaded_by: {
10243
11171
  label: "\u4E0A\u4F20\u4EBA"
10244
11172
  },
@@ -11509,7 +12437,12 @@ var jaJPObjects = {
11509
12437
  ban_user: {
11510
12438
  label: "\u5229\u7528\u505C\u6B62",
11511
12439
  confirmText: "\u3053\u306E\u30E6\u30FC\u30B6\u30FC\u3092\u5229\u7528\u505C\u6B62\u306B\u3057\u307E\u3059\u304B\uFF1F\u5229\u7528\u505C\u6B62\u306B\u306A\u308B\u3068\u30B5\u30A4\u30F3\u30A2\u30A6\u30C8\u3055\u308C\u3001\u89E3\u9664\u3055\u308C\u308B\u307E\u3067\u30B5\u30A4\u30F3\u30A4\u30F3\u3067\u304D\u306A\u304F\u306A\u308A\u307E\u3059\u3002",
11512
- successMessage: "\u30E6\u30FC\u30B6\u30FC\u3092\u5229\u7528\u505C\u6B62\u306B\u3057\u307E\u3057\u305F"
12440
+ successMessage: "\u30E6\u30FC\u30B6\u30FC\u3092\u5229\u7528\u505C\u6B62\u306B\u3057\u307E\u3057\u305F",
12441
+ params: {
12442
+ banReason: {
12443
+ label: "\u5229\u7528\u505C\u6B62\u306E\u7406\u7531"
12444
+ }
12445
+ }
11513
12446
  },
11514
12447
  unban_user: {
11515
12448
  label: "\u5229\u7528\u505C\u6B62\u3092\u89E3\u9664",
@@ -11521,15 +12454,46 @@ var jaJPObjects = {
11521
12454
  },
11522
12455
  create_user: {
11523
12456
  label: "\u30E6\u30FC\u30B6\u30FC\u3092\u4F5C\u6210",
11524
- successMessage: "\u30E6\u30FC\u30B6\u30FC\u3092\u4F5C\u6210\u3057\u307E\u3057\u305F"
12457
+ successMessage: "\u30E6\u30FC\u30B6\u30FC\u3092\u4F5C\u6210\u3057\u307E\u3057\u305F",
12458
+ params: {
12459
+ phoneNumber: {
12460
+ label: "\u96FB\u8A71\u756A\u53F7",
12461
+ helpText: "\u30B5\u30A4\u30F3\u30A4\u30F3\u7528\u306E\u96FB\u8A71\u756A\u53F7\uFF08E.164 \u5F62\u5F0F\u3001\u4F8B: +8613800000000\uFF09\u3002\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u3092\u6307\u5B9A\u3057\u306A\u3044\u5834\u5408\u306F\u5FC5\u9808\u3067\u3059\u3002"
12462
+ },
12463
+ generatePassword: {
12464
+ label: "\u4E00\u6642\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u751F\u6210"
12465
+ },
12466
+ password: {
12467
+ label: "\u30D1\u30B9\u30EF\u30FC\u30C9\uFF08\u7A7A\u6B04\u306E\u5834\u5408\u306F\u81EA\u52D5\u751F\u6210\uFF09"
12468
+ },
12469
+ mustChangePassword: {
12470
+ label: "\u521D\u56DE\u30B5\u30A4\u30F3\u30A4\u30F3\u6642\u306B\u30D1\u30B9\u30EF\u30FC\u30C9\u5909\u66F4\u3092\u5FC5\u9808\u306B\u3059\u308B"
12471
+ }
12472
+ }
11525
12473
  },
11526
12474
  set_user_password: {
11527
12475
  label: "\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u8A2D\u5B9A",
11528
- successMessage: "\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u66F4\u65B0\u3057\u307E\u3057\u305F"
12476
+ successMessage: "\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u66F4\u65B0\u3057\u307E\u3057\u305F",
12477
+ params: {
12478
+ generatePassword: {
12479
+ label: "\u4E00\u6642\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u751F\u6210"
12480
+ },
12481
+ newPassword: {
12482
+ label: "\u65B0\u3057\u3044\u30D1\u30B9\u30EF\u30FC\u30C9\uFF08\u7A7A\u6B04\u306E\u5834\u5408\u306F\u81EA\u52D5\u751F\u6210\uFF09"
12483
+ },
12484
+ mustChangePassword: {
12485
+ label: "\u6B21\u56DE\u30B5\u30A4\u30F3\u30A4\u30F3\u6642\u306B\u30D1\u30B9\u30EF\u30FC\u30C9\u5909\u66F4\u3092\u5FC5\u9808\u306B\u3059\u308B"
12486
+ }
12487
+ }
11529
12488
  },
11530
12489
  set_user_role: {
11531
12490
  label: "\u30D7\u30E9\u30C3\u30C8\u30D5\u30A9\u30FC\u30E0\u30ED\u30FC\u30EB\u3092\u8A2D\u5B9A",
11532
- successMessage: "\u30ED\u30FC\u30EB\u3092\u66F4\u65B0\u3057\u307E\u3057\u305F"
12491
+ successMessage: "\u30ED\u30FC\u30EB\u3092\u66F4\u65B0\u3057\u307E\u3057\u305F",
12492
+ params: {
12493
+ role: {
12494
+ label: "\u30D7\u30E9\u30C3\u30C8\u30D5\u30A9\u30FC\u30E0\u30ED\u30FC\u30EB"
12495
+ }
12496
+ }
11533
12497
  },
11534
12498
  impersonate_user: {
11535
12499
  label: "\u4EE3\u7406\u30ED\u30B0\u30A4\u30F3",
@@ -11542,11 +12506,27 @@ var jaJPObjects = {
11542
12506
  },
11543
12507
  change_my_password: {
11544
12508
  label: "\u30D1\u30B9\u30EF\u30FC\u30C9\u5909\u66F4",
11545
- successMessage: "\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5909\u66F4\u3057\u307E\u3057\u305F"
12509
+ successMessage: "\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5909\u66F4\u3057\u307E\u3057\u305F",
12510
+ params: {
12511
+ currentPassword: {
12512
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
12513
+ },
12514
+ newPassword: {
12515
+ label: "\u65B0\u3057\u3044\u30D1\u30B9\u30EF\u30FC\u30C9"
12516
+ },
12517
+ revokeOtherSessions: {
12518
+ label: "\u4ED6\u306E\u30C7\u30D0\u30A4\u30B9\u304B\u3089\u30B5\u30A4\u30F3\u30A2\u30A6\u30C8"
12519
+ }
12520
+ }
11546
12521
  },
11547
12522
  change_my_email: {
11548
12523
  label: "\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u5909\u66F4",
11549
- successMessage: "\u78BA\u8A8D\u30E1\u30FC\u30EB\u3092\u9001\u4FE1\u3057\u307E\u3057\u305F\u3002\u65B0\u3057\u3044\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u3067\u78BA\u8A8D\u3057\u3066\u304F\u3060\u3055\u3044\u3002"
12524
+ successMessage: "\u78BA\u8A8D\u30E1\u30FC\u30EB\u3092\u9001\u4FE1\u3057\u307E\u3057\u305F\u3002\u65B0\u3057\u3044\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u3067\u78BA\u8A8D\u3057\u3066\u304F\u3060\u3055\u3044\u3002",
12525
+ params: {
12526
+ newEmail: {
12527
+ label: "\u65B0\u3057\u3044\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9"
12528
+ }
12529
+ }
11550
12530
  },
11551
12531
  resend_verification_email: {
11552
12532
  label: "\u78BA\u8A8D\u30E1\u30FC\u30EB\u3092\u518D\u9001",
@@ -11555,21 +12535,41 @@ var jaJPObjects = {
11555
12535
  delete_my_account: {
11556
12536
  label: "\u30A2\u30AB\u30A6\u30F3\u30C8\u524A\u9664",
11557
12537
  confirmText: "\u30A2\u30AB\u30A6\u30F3\u30C8\u3092\u5B8C\u5168\u306B\u524A\u9664\u3057\u307E\u3059\u304B\uFF1F\u3053\u306E\u64CD\u4F5C\u306F\u5143\u306B\u623B\u305B\u307E\u305B\u3093\u3002\u3059\u3079\u3066\u306E\u30BB\u30C3\u30B7\u30E7\u30F3\u304C\u7D42\u4E86\u3055\u308C\u3001\u8A2D\u5B9A\u3055\u308C\u305F\u4FDD\u6301\u30DD\u30EA\u30B7\u30FC\u306B\u5F93\u3063\u3066\u6240\u6709\u3059\u308B\u3059\u3079\u3066\u306E\u30C7\u30FC\u30BF\u304C\u524A\u9664\u3055\u308C\u307E\u3059\u3002",
11558
- successMessage: "\u30A2\u30AB\u30A6\u30F3\u30C8\u3092\u524A\u9664\u3057\u307E\u3057\u305F"
12538
+ successMessage: "\u30A2\u30AB\u30A6\u30F3\u30C8\u3092\u524A\u9664\u3057\u307E\u3057\u305F",
12539
+ params: {
12540
+ password: {
12541
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
12542
+ }
12543
+ }
11559
12544
  },
11560
12545
  enable_two_factor: {
11561
12546
  label: "\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u6709\u52B9\u5316",
11562
- successMessage: "\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u6709\u52B9\u306B\u3057\u307E\u3057\u305F\u3002\u8A8D\u8A3C\u30A2\u30D7\u30EA\u3067 QR \u30B3\u30FC\u30C9\u3092\u30B9\u30AD\u30E3\u30F3\u3059\u308B\u304B otpauth URI \u3092\u8CBC\u308A\u4ED8\u3051\u3001\u30B3\u30FC\u30C9\u3092\u691C\u8A3C\u3057\u3066\u8A2D\u5B9A\u3092\u5B8C\u4E86\u3057\u3066\u304F\u3060\u3055\u3044\u3002"
12547
+ successMessage: "\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u6709\u52B9\u306B\u3057\u307E\u3057\u305F\u3002\u8A8D\u8A3C\u30A2\u30D7\u30EA\u3067 QR \u30B3\u30FC\u30C9\u3092\u30B9\u30AD\u30E3\u30F3\u3059\u308B\u304B otpauth URI \u3092\u8CBC\u308A\u4ED8\u3051\u3001\u30B3\u30FC\u30C9\u3092\u691C\u8A3C\u3057\u3066\u8A2D\u5B9A\u3092\u5B8C\u4E86\u3057\u3066\u304F\u3060\u3055\u3044\u3002",
12548
+ params: {
12549
+ password: {
12550
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
12551
+ }
12552
+ }
11563
12553
  },
11564
12554
  disable_two_factor: {
11565
12555
  label: "\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u7121\u52B9\u5316",
11566
12556
  confirmText: "\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u30AA\u30D5\u306B\u3057\u307E\u3059\u304B\uFF1F\u30A2\u30AB\u30A6\u30F3\u30C8\u306E\u5B89\u5168\u6027\u304C\u4F4E\u4E0B\u3057\u307E\u3059\u3002",
11567
- successMessage: "\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u7121\u52B9\u306B\u3057\u307E\u3057\u305F\u3002"
12557
+ successMessage: "\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u7121\u52B9\u306B\u3057\u307E\u3057\u305F\u3002",
12558
+ params: {
12559
+ password: {
12560
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
12561
+ }
12562
+ }
11568
12563
  },
11569
12564
  generate_backup_codes: {
11570
12565
  label: "\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u3092\u518D\u751F\u6210",
11571
12566
  confirmText: "\u65B0\u3057\u3044\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u3092\u751F\u6210\u3057\u307E\u3059\u304B\uFF1F\u4EE5\u524D\u306B\u751F\u6210\u3055\u308C\u305F\u30B3\u30FC\u30C9\u306F\u3059\u3079\u3066\u4F7F\u7528\u3067\u304D\u306A\u304F\u306A\u308A\u307E\u3059\u3002",
11572
- successMessage: "\u65B0\u3057\u3044\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u3092\u751F\u6210\u3057\u307E\u3057\u305F\u3002\u5B89\u5168\u306A\u5834\u6240\u306B\u4FDD\u7BA1\u3057\u3066\u304F\u3060\u3055\u3044\u3002"
12567
+ successMessage: "\u65B0\u3057\u3044\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u3092\u751F\u6210\u3057\u307E\u3057\u305F\u3002\u5B89\u5168\u306A\u5834\u6240\u306B\u4FDD\u7BA1\u3057\u3066\u304F\u3060\u3055\u3044\u3002",
12568
+ params: {
12569
+ password: {
12570
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
12571
+ }
12572
+ }
11573
12573
  }
11574
12574
  }
11575
12575
  },
@@ -11713,7 +12713,21 @@ var jaJPObjects = {
11713
12713
  },
11714
12714
  _actions: {
11715
12715
  link_social: {
11716
- label: "\u30BD\u30FC\u30B7\u30E3\u30EB\u30A2\u30AB\u30A6\u30F3\u30C8\u9023\u643A"
12716
+ label: "\u30BD\u30FC\u30B7\u30E3\u30EB\u30A2\u30AB\u30A6\u30F3\u30C8\u9023\u643A",
12717
+ params: {
12718
+ provider: {
12719
+ label: "\u30D7\u30ED\u30D0\u30A4\u30C0\u30FC",
12720
+ options: {
12721
+ google: "Google",
12722
+ github: "GitHub",
12723
+ microsoft: "Microsoft",
12724
+ apple: "Apple",
12725
+ facebook: "Facebook",
12726
+ gitlab: "GitLab",
12727
+ discord: "Discord"
12728
+ }
12729
+ }
12730
+ }
11717
12731
  },
11718
12732
  unlink_account: {
11719
12733
  label: "\u9023\u643A\u89E3\u9664",
@@ -11846,7 +12860,11 @@ var jaJPObjects = {
11846
12860
  },
11847
12861
  _views: {
11848
12862
  mine: {
11849
- label: "My Memberships"
12863
+ label: "My Memberships",
12864
+ emptyState: {
12865
+ title: "No organizations yet",
12866
+ message: "You haven't joined any organizations."
12867
+ }
11850
12868
  }
11851
12869
  },
11852
12870
  _actions: {
@@ -12266,16 +13284,31 @@ var jaJPObjects = {
12266
13284
  },
12267
13285
  _actions: {
12268
13286
  enable_two_factor: {
12269
- label: "2FA \u3092\u6709\u52B9\u5316"
13287
+ label: "2FA \u3092\u6709\u52B9\u5316",
13288
+ params: {
13289
+ password: {
13290
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
13291
+ }
13292
+ }
12270
13293
  },
12271
13294
  disable_two_factor: {
12272
13295
  label: "2FA \u3092\u7121\u52B9\u5316",
12273
13296
  confirmText: "\u30A2\u30AB\u30A6\u30F3\u30C8\u306E\u4E8C\u8981\u7D20\u8A8D\u8A3C\u3092\u7121\u52B9\u5316\u3057\u307E\u3059\u304B\uFF1F",
12274
- successMessage: "2FA \u3092\u7121\u52B9\u5316\u3057\u307E\u3057\u305F"
13297
+ successMessage: "2FA \u3092\u7121\u52B9\u5316\u3057\u307E\u3057\u305F",
13298
+ params: {
13299
+ password: {
13300
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
13301
+ }
13302
+ }
12275
13303
  },
12276
13304
  regenerate_backup_codes: {
12277
13305
  label: "\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u518D\u751F\u6210",
12278
- confirmText: "\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u3092\u518D\u751F\u6210\u3057\u307E\u3059\u304B\uFF1F\u4EE5\u524D\u306E\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u306F\u3059\u3079\u3066\u76F4\u3061\u306B\u4F7F\u7528\u3067\u304D\u306A\u304F\u306A\u308A\u307E\u3059\u3002"
13306
+ confirmText: "\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u3092\u518D\u751F\u6210\u3057\u307E\u3059\u304B\uFF1F\u4EE5\u524D\u306E\u30D0\u30C3\u30AF\u30A2\u30C3\u30D7\u30B3\u30FC\u30C9\u306F\u3059\u3079\u3066\u76F4\u3061\u306B\u4F7F\u7528\u3067\u304D\u306A\u304F\u306A\u308A\u307E\u3059\u3002",
13307
+ params: {
13308
+ password: {
13309
+ label: "\u73FE\u5728\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"
13310
+ }
13311
+ }
12279
13312
  }
12280
13313
  }
12281
13314
  },
@@ -12455,6 +13488,18 @@ var jaJPObjects = {
12455
13488
  label: "\u30B5\u30D6\u30B8\u30A7\u30AF\u30C8\u30BF\u30A4\u30D7",
12456
13489
  help: "OIDC \u30B5\u30D6\u30B8\u30A7\u30AF\u30C8\u30BF\u30A4\u30D7\uFF08\u4F8B: public\u3001pairwise\uFF09"
12457
13490
  },
13491
+ jwks: {
13492
+ label: "JWKS",
13493
+ help: "Client JSON Web Key Set (for private_key_jwt / signed-request verification)"
13494
+ },
13495
+ jwks_uri: {
13496
+ label: "JWKS URI",
13497
+ help: "URL of the client JSON Web Key Set"
13498
+ },
13499
+ dpop_bound_access_tokens: {
13500
+ label: "DPoP-bound Access Tokens",
13501
+ help: "Require access tokens issued to this client to be DPoP-bound (RFC 9449)"
13502
+ },
12458
13503
  disabled: {
12459
13504
  label: "\u7121\u52B9"
12460
13505
  },
@@ -12466,6 +13511,14 @@ var jaJPObjects = {
12466
13511
  label: "\u30A8\u30F3\u30C9\u30BB\u30C3\u30B7\u30E7\u30F3\u3092\u6709\u52B9\u5316",
12467
13512
  help: "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u304C OIDC \u30A8\u30F3\u30C9\u30BB\u30C3\u30B7\u30E7\u30F3\u30A8\u30F3\u30C9\u30DD\u30A4\u30F3\u30C8\u3092\u547C\u3073\u51FA\u305B\u308B\u3088\u3046\u306B\u3057\u307E\u3059"
12468
13513
  },
13514
+ backchannel_logout_uri: {
13515
+ label: "Back-channel Logout URI",
13516
+ help: "OIDC back-channel logout endpoint of the client"
13517
+ },
13518
+ backchannel_logout_session_required: {
13519
+ label: "Back-channel Logout Session Required",
13520
+ help: "Whether the back-channel logout token must include a sid claim"
13521
+ },
12469
13522
  software_id: {
12470
13523
  label: "\u30BD\u30D5\u30C8\u30A6\u30A7\u30A2 ID"
12471
13524
  },
@@ -12517,7 +13570,25 @@ var jaJPObjects = {
12517
13570
  successMessage: "OAuth\u30A2\u30D7\u30EA\u30B1\u30FC\u30B7\u30E7\u30F3\u3092\u6709\u52B9\u5316\u3057\u307E\u3057\u305F"
12518
13571
  },
12519
13572
  create_oauth_application: {
12520
- label: "OAuth\u30A2\u30D7\u30EA\u30B1\u30FC\u30B7\u30E7\u30F3\u3092\u767B\u9332"
13573
+ label: "OAuth\u30A2\u30D7\u30EA\u30B1\u30FC\u30B7\u30E7\u30F3\u3092\u767B\u9332",
13574
+ params: {
13575
+ name: {
13576
+ label: "\u30A2\u30D7\u30EA\u30B1\u30FC\u30B7\u30E7\u30F3\u540D"
13577
+ },
13578
+ redirectURLs: {
13579
+ label: "\u30EA\u30C0\u30A4\u30EC\u30AF\u30C8 URL",
13580
+ helpText: "1 \u884C\u306B\u3064\u304D 1 \u3064\u306E URL\u3002\u672C\u756A\u74B0\u5883\u3067\u306F https:// \u304C\u5FC5\u9808\u3067\u3059\u3002"
13581
+ },
13582
+ type: {
13583
+ label: "\u30A2\u30D7\u30EA\u30B1\u30FC\u30B7\u30E7\u30F3\u30BF\u30A4\u30D7",
13584
+ options: {
13585
+ web: "Web",
13586
+ native: "\u30CD\u30A4\u30C6\u30A3\u30D6",
13587
+ "user-agent-based": "\u30E6\u30FC\u30B6\u30FC\u30A8\u30FC\u30B8\u30A7\u30F3\u30C8\u578B",
13588
+ public: "\u30D1\u30D6\u30EA\u30C3\u30AF"
13589
+ }
13590
+ }
13591
+ }
12521
13592
  },
12522
13593
  rotate_client_secret: {
12523
13594
  label: "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u30B7\u30FC\u30AF\u30EC\u30C3\u30C8\u66F4\u65B0",
@@ -12562,6 +13633,18 @@ var jaJPObjects = {
12562
13633
  label: "\u53C2\u7167 ID",
12563
13634
  help: "\u547C\u3073\u51FA\u3057\u5143\u304C\u6307\u5B9A\u3057\u305F\u76F8\u95A2\u8B58\u5225\u5B50"
12564
13635
  },
13636
+ authorization_code_id: {
13637
+ label: "Authorization Code ID",
13638
+ help: "ID of the authorization-code grant this token originates from"
13639
+ },
13640
+ resources: {
13641
+ label: "Resources",
13642
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
13643
+ },
13644
+ requested_user_info_claims: {
13645
+ label: "Requested UserInfo Claims",
13646
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
13647
+ },
12565
13648
  scopes: {
12566
13649
  label: "\u30B9\u30B3\u30FC\u30D7",
12567
13650
  help: "\u3053\u306E\u30C8\u30FC\u30AF\u30F3\u306B\u4ED8\u4E0E\u3055\u308C\u305F\u30B9\u30B3\u30FC\u30D7\u306E JSON \u30B7\u30EA\u30A2\u30E9\u30A4\u30BA\u30EA\u30B9\u30C8"
@@ -12571,6 +13654,14 @@ var jaJPObjects = {
12571
13654
  },
12572
13655
  created_at: {
12573
13656
  label: "\u4F5C\u6210\u65E5\u6642"
13657
+ },
13658
+ revoked: {
13659
+ label: "Revoked At",
13660
+ help: "Timestamp at which this access token was revoked"
13661
+ },
13662
+ confirmation: {
13663
+ label: "Confirmation",
13664
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
12574
13665
  }
12575
13666
  }
12576
13667
  },
@@ -12602,6 +13693,18 @@ var jaJPObjects = {
12602
13693
  label: "\u53C2\u7167 ID",
12603
13694
  help: "\u547C\u3073\u51FA\u3057\u5143\u304C\u6307\u5B9A\u3057\u305F\u76F8\u95A2\u8B58\u5225\u5B50"
12604
13695
  },
13696
+ authorization_code_id: {
13697
+ label: "Authorization Code ID",
13698
+ help: "ID of the authorization-code grant this token chain originates from"
13699
+ },
13700
+ resources: {
13701
+ label: "Resources",
13702
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
13703
+ },
13704
+ requested_user_info_claims: {
13705
+ label: "Requested UserInfo Claims",
13706
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
13707
+ },
12605
13708
  scopes: {
12606
13709
  label: "\u30B9\u30B3\u30FC\u30D7",
12607
13710
  help: "\u3053\u306E\u30C8\u30FC\u30AF\u30F3\u306B\u4ED8\u4E0E\u3055\u308C\u305F\u30B9\u30B3\u30FC\u30D7\u306E JSON \u30B7\u30EA\u30A2\u30E9\u30A4\u30BA\u30EA\u30B9\u30C8"
@@ -12616,9 +13719,25 @@ var jaJPObjects = {
12616
13719
  label: "\u5931\u52B9\u65E5\u6642",
12617
13720
  help: "\u3053\u306E\u30EA\u30D5\u30EC\u30C3\u30B7\u30E5\u30C8\u30FC\u30AF\u30F3\u304C\u5931\u52B9\u3057\u305F\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7"
12618
13721
  },
13722
+ rotated_at: {
13723
+ label: "Rotated At",
13724
+ help: "Timestamp at which this token was rotated (superseded by a new row)"
13725
+ },
13726
+ rotation_replay_response: {
13727
+ label: "Rotation Replay Response",
13728
+ help: "Cached token response replayed when the old token is re-presented within the reuse interval"
13729
+ },
13730
+ rotation_replay_expires_at: {
13731
+ label: "Rotation Replay Expires At",
13732
+ help: "End of the post-rotation reuse interval during which the replay response is served"
13733
+ },
12619
13734
  auth_time: {
12620
13735
  label: "\u8A8D\u8A3C\u65E5\u6642",
12621
13736
  help: "\u3053\u306E\u30C8\u30FC\u30AF\u30F3\u30C1\u30A7\u30FC\u30F3\u306E\u305F\u3081\u306B\u30E6\u30FC\u30B6\u30FC\u304C\u6700\u521D\u306B\u8A8D\u8A3C\u3057\u305F\u65E5\u6642"
13737
+ },
13738
+ confirmation: {
13739
+ label: "Confirmation",
13740
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
12622
13741
  }
12623
13742
  }
12624
13743
  },
@@ -12642,6 +13761,14 @@ var jaJPObjects = {
12642
13761
  label: "\u53C2\u7167 ID",
12643
13762
  help: "\u547C\u3073\u51FA\u3057\u5143\u304C\u6307\u5B9A\u3057\u305F\u76F8\u95A2\u8B58\u5225\u5B50"
12644
13763
  },
13764
+ resources: {
13765
+ label: "Resources",
13766
+ help: "JSON-serialized list of RFC 8707 resource indicators the consent covers"
13767
+ },
13768
+ requested_user_info_claims: {
13769
+ label: "Requested UserInfo Claims",
13770
+ help: "JSON-serialized list of OIDC claims the user consented to expose"
13771
+ },
12645
13772
  scopes: {
12646
13773
  label: "\u30B9\u30B3\u30FC\u30D7",
12647
13774
  help: "\u30E6\u30FC\u30B6\u30FC\u304C\u540C\u610F\u3057\u305F\u30B9\u30B3\u30FC\u30D7\u306E JSON \u30B7\u30EA\u30A2\u30E9\u30A4\u30BA\u30EA\u30B9\u30C8"
@@ -12654,6 +13781,107 @@ var jaJPObjects = {
12654
13781
  }
12655
13782
  }
12656
13783
  },
13784
+ sys_oauth_resource: {
13785
+ label: "OAuth Resource",
13786
+ pluralLabel: "OAuth Resources",
13787
+ description: "Registered OAuth protected resources (RFC 8707 resource indicators)",
13788
+ fields: {
13789
+ id: {
13790
+ label: "ID"
13791
+ },
13792
+ identifier: {
13793
+ label: "Identifier",
13794
+ help: "Resource indicator URI presented in the RFC 8707 resource parameter"
13795
+ },
13796
+ name: {
13797
+ label: "Name"
13798
+ },
13799
+ access_token_ttl: {
13800
+ label: "Access Token TTL",
13801
+ help: "Access-token lifetime in seconds for this resource (overrides the server default)"
13802
+ },
13803
+ refresh_token_ttl: {
13804
+ label: "Refresh Token TTL",
13805
+ help: "Refresh-token lifetime in seconds for this resource (overrides the server default)"
13806
+ },
13807
+ signing_algorithm: {
13808
+ label: "Signing Algorithm",
13809
+ help: "JWS algorithm used to sign access tokens for this resource"
13810
+ },
13811
+ signing_key_id: {
13812
+ label: "Signing Key ID",
13813
+ help: "Key id (kid) used to sign access tokens for this resource"
13814
+ },
13815
+ allowed_scopes: {
13816
+ label: "Allowed Scopes",
13817
+ help: "JSON-serialized list of scopes clients may request for this resource"
13818
+ },
13819
+ custom_claims: {
13820
+ label: "Custom Claims",
13821
+ help: "JSON object of extra claims stamped on access tokens for this resource"
13822
+ },
13823
+ dpop_bound_access_tokens_required: {
13824
+ label: "DPoP Required",
13825
+ help: "Require access tokens for this resource to be DPoP-bound (RFC 9449)"
13826
+ },
13827
+ disabled: {
13828
+ label: "Disabled"
13829
+ },
13830
+ policy_version: {
13831
+ label: "Policy Version",
13832
+ help: "Monotonic version of the resource token policy"
13833
+ },
13834
+ metadata: {
13835
+ label: "Metadata",
13836
+ help: "JSON object of additional resource metadata"
13837
+ },
13838
+ created_at: {
13839
+ label: "Created At"
13840
+ },
13841
+ updated_at: {
13842
+ label: "Updated At"
13843
+ }
13844
+ }
13845
+ },
13846
+ sys_oauth_client_resource: {
13847
+ label: "OAuth Client Resource",
13848
+ pluralLabel: "OAuth Client Resources",
13849
+ description: "Grants allowing an OAuth client to request tokens for a protected resource",
13850
+ fields: {
13851
+ id: {
13852
+ label: "ID"
13853
+ },
13854
+ client_id: {
13855
+ label: "Client ID",
13856
+ help: "Foreign key to sys_oauth_application.client_id"
13857
+ },
13858
+ resource_id: {
13859
+ label: "Resource ID",
13860
+ help: "Foreign key to sys_oauth_resource.identifier"
13861
+ },
13862
+ metadata: {
13863
+ label: "Metadata",
13864
+ help: "JSON object of additional grant metadata"
13865
+ },
13866
+ created_at: {
13867
+ label: "Created At"
13868
+ }
13869
+ }
13870
+ },
13871
+ sys_oauth_client_assertion: {
13872
+ label: "OAuth Client Assertion",
13873
+ pluralLabel: "OAuth Client Assertions",
13874
+ description: "Consumed OAuth client-assertion JTIs (RFC 7523 replay prevention)",
13875
+ fields: {
13876
+ id: {
13877
+ label: "ID"
13878
+ },
13879
+ expires_at: {
13880
+ label: "Expires At",
13881
+ help: "Assertion expiry \u2014 rows past this instant are safe to prune"
13882
+ }
13883
+ }
13884
+ },
12657
13885
  sys_jwks: {
12658
13886
  label: "\u7F72\u540D\u30AD\u30FC (JWKS)",
12659
13887
  pluralLabel: "\u7F72\u540D\u30AD\u30FC (JWKS)",
@@ -12671,6 +13899,14 @@ var jaJPObjects = {
12671
13899
  label: "\u79D8\u5BC6\u9375",
12672
13900
  help: "JSON \u30B7\u30EA\u30A2\u30E9\u30A4\u30BA\u3055\u308C\u305F JWK \u79D8\u5BC6\u9375\uFF08\u4FDD\u5B58\u6642\u306B\u6697\u53F7\u5316\u6E08\u307F\uFF09"
12673
13901
  },
13902
+ alg: {
13903
+ label: "\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0",
13904
+ help: "JWK \u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\uFF08\u4F8B: `EdDSA`\u3001better-auth 1.7+\uFF09"
13905
+ },
13906
+ crv: {
13907
+ label: "\u66F2\u7DDA",
13908
+ help: "EdDSA/EC \u9375\u3067\u4F7F\u3046 JWK \u66F2\u7DDA\uFF08\u4F8B: `Ed25519`\u3001better-auth 1.7+\uFF09"
13909
+ },
12674
13910
  created_at: {
12675
13911
  label: "\u4F5C\u6210\u65E5\u6642"
12676
13912
  },
@@ -12727,7 +13963,11 @@ var jaJPObjects = {
12727
13963
  },
12728
13964
  _views: {
12729
13965
  recent: {
12730
- label: "Recent"
13966
+ label: "Recent",
13967
+ emptyState: {
13968
+ title: "No events",
13969
+ message: "No notification events have been emitted."
13970
+ }
12731
13971
  },
12732
13972
  by_topic: {
12733
13973
  label: "By Topic"
@@ -12764,23 +14004,6 @@ var jaJPObjects = {
12764
14004
  size: {
12765
14005
  label: "\u30B5\u30A4\u30BA\uFF08\u30D0\u30A4\u30C8\uFF09"
12766
14006
  },
12767
- share_type: {
12768
- label: "\u5171\u6709\u30BF\u30A4\u30D7",
12769
- help: "viewer | collaborator | inferred\uFF08\u89AA\u30EC\u30B3\u30FC\u30C9\u304B\u3089\u7D99\u627F\uFF09",
12770
- options: {
12771
- viewer: "\u95B2\u89A7\u8005",
12772
- collaborator: "\u5171\u540C\u7DE8\u96C6\u8005",
12773
- inferred: "\u63A8\u5B9A"
12774
- }
12775
- },
12776
- visibility: {
12777
- label: "\u516C\u958B\u7BC4\u56F2",
12778
- options: {
12779
- internal: "\u5185\u90E8",
12780
- all_users: "\u3059\u3079\u3066\u306E\u30E6\u30FC\u30B6\u30FC",
12781
- shared_users: "\u5171\u6709\u30E6\u30FC\u30B6\u30FC"
12782
- }
12783
- },
12784
14007
  uploaded_by: {
12785
14008
  label: "\u30A2\u30C3\u30D7\u30ED\u30FC\u30C9\u8005"
12786
14009
  },
@@ -14047,7 +15270,12 @@ var esESObjects = {
14047
15270
  ban_user: {
14048
15271
  label: "Bloquear usuario",
14049
15272
  confirmText: "\xBFBloquear a este usuario? Cerrar\xE1 sesi\xF3n y no podr\xE1 volver a iniciarla hasta que se desbloquee.",
14050
- successMessage: "Usuario bloqueado"
15273
+ successMessage: "Usuario bloqueado",
15274
+ params: {
15275
+ banReason: {
15276
+ label: "Motivo del bloqueo"
15277
+ }
15278
+ }
14051
15279
  },
14052
15280
  unban_user: {
14053
15281
  label: "Desbloquear usuario",
@@ -14059,15 +15287,46 @@ var esESObjects = {
14059
15287
  },
14060
15288
  create_user: {
14061
15289
  label: "Crear usuario",
14062
- successMessage: "Usuario creado"
15290
+ successMessage: "Usuario creado",
15291
+ params: {
15292
+ phoneNumber: {
15293
+ label: "N\xFAmero de tel\xE9fono",
15294
+ helpText: "N\xFAmero de tel\xE9fono para iniciar sesi\xF3n (E.164, p. ej. +8613800000000). Obligatorio si no se indica un correo."
15295
+ },
15296
+ generatePassword: {
15297
+ label: "Generar contrase\xF1a temporal"
15298
+ },
15299
+ password: {
15300
+ label: "Contrase\xF1a (dejar en blanco para generarla)"
15301
+ },
15302
+ mustChangePassword: {
15303
+ label: "Exigir cambio de contrase\xF1a en el primer inicio de sesi\xF3n"
15304
+ }
15305
+ }
14063
15306
  },
14064
15307
  set_user_password: {
14065
15308
  label: "Establecer contrase\xF1a",
14066
- successMessage: "Contrase\xF1a actualizada"
15309
+ successMessage: "Contrase\xF1a actualizada",
15310
+ params: {
15311
+ generatePassword: {
15312
+ label: "Generar contrase\xF1a temporal"
15313
+ },
15314
+ newPassword: {
15315
+ label: "Nueva contrase\xF1a (dejar en blanco para generarla)"
15316
+ },
15317
+ mustChangePassword: {
15318
+ label: "Exigir cambio de contrase\xF1a en el pr\xF3ximo inicio de sesi\xF3n"
15319
+ }
15320
+ }
14067
15321
  },
14068
15322
  set_user_role: {
14069
15323
  label: "Establecer rol de plataforma",
14070
- successMessage: "Rol actualizado"
15324
+ successMessage: "Rol actualizado",
15325
+ params: {
15326
+ role: {
15327
+ label: "Rol de plataforma"
15328
+ }
15329
+ }
14071
15330
  },
14072
15331
  impersonate_user: {
14073
15332
  label: "Suplantar usuario",
@@ -14080,11 +15339,27 @@ var esESObjects = {
14080
15339
  },
14081
15340
  change_my_password: {
14082
15341
  label: "Cambiar contrase\xF1a",
14083
- successMessage: "Contrase\xF1a cambiada"
15342
+ successMessage: "Contrase\xF1a cambiada",
15343
+ params: {
15344
+ currentPassword: {
15345
+ label: "Contrase\xF1a actual"
15346
+ },
15347
+ newPassword: {
15348
+ label: "Nueva contrase\xF1a"
15349
+ },
15350
+ revokeOtherSessions: {
15351
+ label: "Cerrar sesi\xF3n en los dem\xE1s dispositivos"
15352
+ }
15353
+ }
14084
15354
  },
14085
15355
  change_my_email: {
14086
15356
  label: "Cambiar correo",
14087
- successMessage: "Correo de verificaci\xF3n enviado; revisa la nueva direcci\xF3n para confirmar."
15357
+ successMessage: "Correo de verificaci\xF3n enviado; revisa la nueva direcci\xF3n para confirmar.",
15358
+ params: {
15359
+ newEmail: {
15360
+ label: "Nuevo correo"
15361
+ }
15362
+ }
14088
15363
  },
14089
15364
  resend_verification_email: {
14090
15365
  label: "Reenviar correo de verificaci\xF3n",
@@ -14093,21 +15368,41 @@ var esESObjects = {
14093
15368
  delete_my_account: {
14094
15369
  label: "Eliminar mi cuenta",
14095
15370
  confirmText: "\xBFEliminar tu cuenta de forma permanente? Esta acci\xF3n no se puede deshacer: se cerrar\xE1n todas tus sesiones y se eliminar\xE1n todos los datos de tu propiedad seg\xFAn la pol\xEDtica de retenci\xF3n configurada.",
14096
- successMessage: "Cuenta eliminada"
15371
+ successMessage: "Cuenta eliminada",
15372
+ params: {
15373
+ password: {
15374
+ label: "Contrase\xF1a actual"
15375
+ }
15376
+ }
14097
15377
  },
14098
15378
  enable_two_factor: {
14099
15379
  label: "Habilitar autenticaci\xF3n de dos factores",
14100
- successMessage: "Autenticaci\xF3n de dos factores habilitada. Escanea el c\xF3digo QR o pega el URI otpauth en tu aplicaci\xF3n de autenticaci\xF3n y verifica un c\xF3digo para completar la configuraci\xF3n."
15380
+ successMessage: "Autenticaci\xF3n de dos factores habilitada. Escanea el c\xF3digo QR o pega el URI otpauth en tu aplicaci\xF3n de autenticaci\xF3n y verifica un c\xF3digo para completar la configuraci\xF3n.",
15381
+ params: {
15382
+ password: {
15383
+ label: "Contrase\xF1a actual"
15384
+ }
15385
+ }
14101
15386
  },
14102
15387
  disable_two_factor: {
14103
15388
  label: "Deshabilitar autenticaci\xF3n de dos factores",
14104
15389
  confirmText: "\xBFDesactivar la autenticaci\xF3n de dos factores? Tu cuenta ser\xE1 menos segura.",
14105
- successMessage: "Autenticaci\xF3n de dos factores deshabilitada."
15390
+ successMessage: "Autenticaci\xF3n de dos factores deshabilitada.",
15391
+ params: {
15392
+ password: {
15393
+ label: "Contrase\xF1a actual"
15394
+ }
15395
+ }
14106
15396
  },
14107
15397
  generate_backup_codes: {
14108
15398
  label: "Regenerar c\xF3digos de respaldo",
14109
15399
  confirmText: "\xBFGenerar un nuevo juego de c\xF3digos de respaldo? Los c\xF3digos generados anteriormente dejar\xE1n de funcionar.",
14110
- successMessage: "Nuevos c\xF3digos de respaldo generados; gu\xE1rdalos en un lugar seguro."
15400
+ successMessage: "Nuevos c\xF3digos de respaldo generados; gu\xE1rdalos en un lugar seguro.",
15401
+ params: {
15402
+ password: {
15403
+ label: "Contrase\xF1a actual"
15404
+ }
15405
+ }
14111
15406
  }
14112
15407
  }
14113
15408
  },
@@ -14251,7 +15546,21 @@ var esESObjects = {
14251
15546
  },
14252
15547
  _actions: {
14253
15548
  link_social: {
14254
- label: "Vincular cuenta social"
15549
+ label: "Vincular cuenta social",
15550
+ params: {
15551
+ provider: {
15552
+ label: "Proveedor",
15553
+ options: {
15554
+ google: "Google",
15555
+ github: "GitHub",
15556
+ microsoft: "Microsoft",
15557
+ apple: "Apple",
15558
+ facebook: "Facebook",
15559
+ gitlab: "GitLab",
15560
+ discord: "Discord"
15561
+ }
15562
+ }
15563
+ }
14255
15564
  },
14256
15565
  unlink_account: {
14257
15566
  label: "Desvincular cuenta",
@@ -14384,7 +15693,11 @@ var esESObjects = {
14384
15693
  },
14385
15694
  _views: {
14386
15695
  mine: {
14387
- label: "My Memberships"
15696
+ label: "My Memberships",
15697
+ emptyState: {
15698
+ title: "No organizations yet",
15699
+ message: "You haven't joined any organizations."
15700
+ }
14388
15701
  }
14389
15702
  },
14390
15703
  _actions: {
@@ -14804,16 +16117,31 @@ var esESObjects = {
14804
16117
  },
14805
16118
  _actions: {
14806
16119
  enable_two_factor: {
14807
- label: "Habilitar 2FA"
16120
+ label: "Habilitar 2FA",
16121
+ params: {
16122
+ password: {
16123
+ label: "Contrase\xF1a actual"
16124
+ }
16125
+ }
14808
16126
  },
14809
16127
  disable_two_factor: {
14810
16128
  label: "Deshabilitar 2FA",
14811
16129
  confirmText: "\xBFDeshabilitar la autenticaci\xF3n de doble factor en su cuenta?",
14812
- successMessage: "2FA deshabilitado"
16130
+ successMessage: "2FA deshabilitado",
16131
+ params: {
16132
+ password: {
16133
+ label: "Contrase\xF1a actual"
16134
+ }
16135
+ }
14813
16136
  },
14814
16137
  regenerate_backup_codes: {
14815
16138
  label: "Regenerar c\xF3digos de respaldo",
14816
- confirmText: "\xBFRegenerar los c\xF3digos de respaldo? Todos los c\xF3digos de respaldo anteriores dejar\xE1n de funcionar de inmediato."
16139
+ confirmText: "\xBFRegenerar los c\xF3digos de respaldo? Todos los c\xF3digos de respaldo anteriores dejar\xE1n de funcionar de inmediato.",
16140
+ params: {
16141
+ password: {
16142
+ label: "Contrase\xF1a actual"
16143
+ }
16144
+ }
14817
16145
  }
14818
16146
  }
14819
16147
  },
@@ -14993,6 +16321,18 @@ var esESObjects = {
14993
16321
  label: "Tipo de sujeto",
14994
16322
  help: "Tipo de sujeto OIDC (p. ej. public, pairwise)."
14995
16323
  },
16324
+ jwks: {
16325
+ label: "JWKS",
16326
+ help: "Client JSON Web Key Set (for private_key_jwt / signed-request verification)"
16327
+ },
16328
+ jwks_uri: {
16329
+ label: "JWKS URI",
16330
+ help: "URL of the client JSON Web Key Set"
16331
+ },
16332
+ dpop_bound_access_tokens: {
16333
+ label: "DPoP-bound Access Tokens",
16334
+ help: "Require access tokens issued to this client to be DPoP-bound (RFC 9449)"
16335
+ },
14996
16336
  disabled: {
14997
16337
  label: "Deshabilitado"
14998
16338
  },
@@ -15004,6 +16344,14 @@ var esESObjects = {
15004
16344
  label: "Habilitar finalizaci\xF3n de sesi\xF3n",
15005
16345
  help: "Permitir que el cliente llame al endpoint OIDC de finalizaci\xF3n de sesi\xF3n."
15006
16346
  },
16347
+ backchannel_logout_uri: {
16348
+ label: "Back-channel Logout URI",
16349
+ help: "OIDC back-channel logout endpoint of the client"
16350
+ },
16351
+ backchannel_logout_session_required: {
16352
+ label: "Back-channel Logout Session Required",
16353
+ help: "Whether the back-channel logout token must include a sid claim"
16354
+ },
15007
16355
  software_id: {
15008
16356
  label: "ID de software"
15009
16357
  },
@@ -15055,7 +16403,25 @@ var esESObjects = {
15055
16403
  successMessage: "Aplicaci\xF3n OAuth habilitada"
15056
16404
  },
15057
16405
  create_oauth_application: {
15058
- label: "Registrar aplicaci\xF3n OAuth"
16406
+ label: "Registrar aplicaci\xF3n OAuth",
16407
+ params: {
16408
+ name: {
16409
+ label: "Nombre de la aplicaci\xF3n"
16410
+ },
16411
+ redirectURLs: {
16412
+ label: "URLs de redirecci\xF3n",
16413
+ helpText: "Una URL por l\xEDnea. Debe usar https:// en producci\xF3n."
16414
+ },
16415
+ type: {
16416
+ label: "Tipo de aplicaci\xF3n",
16417
+ options: {
16418
+ web: "Web",
16419
+ native: "Nativa",
16420
+ "user-agent-based": "Basada en user-agent",
16421
+ public: "P\xFAblica"
16422
+ }
16423
+ }
16424
+ }
15059
16425
  },
15060
16426
  rotate_client_secret: {
15061
16427
  label: "Rotar Client Secret",
@@ -15100,6 +16466,18 @@ var esESObjects = {
15100
16466
  label: "ID de referencia",
15101
16467
  help: "Identificador de correlaci\xF3n proporcionado por quien llama."
15102
16468
  },
16469
+ authorization_code_id: {
16470
+ label: "Authorization Code ID",
16471
+ help: "ID of the authorization-code grant this token originates from"
16472
+ },
16473
+ resources: {
16474
+ label: "Resources",
16475
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
16476
+ },
16477
+ requested_user_info_claims: {
16478
+ label: "Requested UserInfo Claims",
16479
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
16480
+ },
15103
16481
  scopes: {
15104
16482
  label: "\xC1mbitos",
15105
16483
  help: "Lista serializada en JSON de \xE1mbitos concedidos a este token."
@@ -15109,6 +16487,14 @@ var esESObjects = {
15109
16487
  },
15110
16488
  created_at: {
15111
16489
  label: "Creado el"
16490
+ },
16491
+ revoked: {
16492
+ label: "Revoked At",
16493
+ help: "Timestamp at which this access token was revoked"
16494
+ },
16495
+ confirmation: {
16496
+ label: "Confirmation",
16497
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
15112
16498
  }
15113
16499
  }
15114
16500
  },
@@ -15140,6 +16526,18 @@ var esESObjects = {
15140
16526
  label: "ID de referencia",
15141
16527
  help: "Identificador de correlaci\xF3n proporcionado por quien llama."
15142
16528
  },
16529
+ authorization_code_id: {
16530
+ label: "Authorization Code ID",
16531
+ help: "ID of the authorization-code grant this token chain originates from"
16532
+ },
16533
+ resources: {
16534
+ label: "Resources",
16535
+ help: "JSON-serialized list of RFC 8707 resource indicators bound to this token"
16536
+ },
16537
+ requested_user_info_claims: {
16538
+ label: "Requested UserInfo Claims",
16539
+ help: "JSON-serialized list of OIDC claims requested for the userinfo endpoint"
16540
+ },
15143
16541
  scopes: {
15144
16542
  label: "\xC1mbitos",
15145
16543
  help: "Lista serializada en JSON de \xE1mbitos concedidos a este token."
@@ -15154,9 +16552,25 @@ var esESObjects = {
15154
16552
  label: "Revocado el",
15155
16553
  help: "Marca temporal en la que se revoc\xF3 este token de actualizaci\xF3n."
15156
16554
  },
16555
+ rotated_at: {
16556
+ label: "Rotated At",
16557
+ help: "Timestamp at which this token was rotated (superseded by a new row)"
16558
+ },
16559
+ rotation_replay_response: {
16560
+ label: "Rotation Replay Response",
16561
+ help: "Cached token response replayed when the old token is re-presented within the reuse interval"
16562
+ },
16563
+ rotation_replay_expires_at: {
16564
+ label: "Rotation Replay Expires At",
16565
+ help: "End of the post-rotation reuse interval during which the replay response is served"
16566
+ },
15157
16567
  auth_time: {
15158
16568
  label: "Hora de autenticaci\xF3n",
15159
16569
  help: "Momento en que el usuario se autentic\xF3 originalmente para esta cadena de tokens."
16570
+ },
16571
+ confirmation: {
16572
+ label: "Confirmation",
16573
+ help: "JSON RFC 7800 cnf claim (e.g. DPoP key thumbprint) binding this token to a key"
15160
16574
  }
15161
16575
  }
15162
16576
  },
@@ -15180,6 +16594,14 @@ var esESObjects = {
15180
16594
  label: "ID de referencia",
15181
16595
  help: "Identificador de correlaci\xF3n proporcionado por quien llama."
15182
16596
  },
16597
+ resources: {
16598
+ label: "Resources",
16599
+ help: "JSON-serialized list of RFC 8707 resource indicators the consent covers"
16600
+ },
16601
+ requested_user_info_claims: {
16602
+ label: "Requested UserInfo Claims",
16603
+ help: "JSON-serialized list of OIDC claims the user consented to expose"
16604
+ },
15183
16605
  scopes: {
15184
16606
  label: "\xC1mbitos",
15185
16607
  help: "Lista serializada en JSON de \xE1mbitos a los que el usuario dio consentimiento."
@@ -15192,6 +16614,107 @@ var esESObjects = {
15192
16614
  }
15193
16615
  }
15194
16616
  },
16617
+ sys_oauth_resource: {
16618
+ label: "OAuth Resource",
16619
+ pluralLabel: "OAuth Resources",
16620
+ description: "Registered OAuth protected resources (RFC 8707 resource indicators)",
16621
+ fields: {
16622
+ id: {
16623
+ label: "ID"
16624
+ },
16625
+ identifier: {
16626
+ label: "Identifier",
16627
+ help: "Resource indicator URI presented in the RFC 8707 resource parameter"
16628
+ },
16629
+ name: {
16630
+ label: "Name"
16631
+ },
16632
+ access_token_ttl: {
16633
+ label: "Access Token TTL",
16634
+ help: "Access-token lifetime in seconds for this resource (overrides the server default)"
16635
+ },
16636
+ refresh_token_ttl: {
16637
+ label: "Refresh Token TTL",
16638
+ help: "Refresh-token lifetime in seconds for this resource (overrides the server default)"
16639
+ },
16640
+ signing_algorithm: {
16641
+ label: "Signing Algorithm",
16642
+ help: "JWS algorithm used to sign access tokens for this resource"
16643
+ },
16644
+ signing_key_id: {
16645
+ label: "Signing Key ID",
16646
+ help: "Key id (kid) used to sign access tokens for this resource"
16647
+ },
16648
+ allowed_scopes: {
16649
+ label: "Allowed Scopes",
16650
+ help: "JSON-serialized list of scopes clients may request for this resource"
16651
+ },
16652
+ custom_claims: {
16653
+ label: "Custom Claims",
16654
+ help: "JSON object of extra claims stamped on access tokens for this resource"
16655
+ },
16656
+ dpop_bound_access_tokens_required: {
16657
+ label: "DPoP Required",
16658
+ help: "Require access tokens for this resource to be DPoP-bound (RFC 9449)"
16659
+ },
16660
+ disabled: {
16661
+ label: "Disabled"
16662
+ },
16663
+ policy_version: {
16664
+ label: "Policy Version",
16665
+ help: "Monotonic version of the resource token policy"
16666
+ },
16667
+ metadata: {
16668
+ label: "Metadata",
16669
+ help: "JSON object of additional resource metadata"
16670
+ },
16671
+ created_at: {
16672
+ label: "Created At"
16673
+ },
16674
+ updated_at: {
16675
+ label: "Updated At"
16676
+ }
16677
+ }
16678
+ },
16679
+ sys_oauth_client_resource: {
16680
+ label: "OAuth Client Resource",
16681
+ pluralLabel: "OAuth Client Resources",
16682
+ description: "Grants allowing an OAuth client to request tokens for a protected resource",
16683
+ fields: {
16684
+ id: {
16685
+ label: "ID"
16686
+ },
16687
+ client_id: {
16688
+ label: "Client ID",
16689
+ help: "Foreign key to sys_oauth_application.client_id"
16690
+ },
16691
+ resource_id: {
16692
+ label: "Resource ID",
16693
+ help: "Foreign key to sys_oauth_resource.identifier"
16694
+ },
16695
+ metadata: {
16696
+ label: "Metadata",
16697
+ help: "JSON object of additional grant metadata"
16698
+ },
16699
+ created_at: {
16700
+ label: "Created At"
16701
+ }
16702
+ }
16703
+ },
16704
+ sys_oauth_client_assertion: {
16705
+ label: "OAuth Client Assertion",
16706
+ pluralLabel: "OAuth Client Assertions",
16707
+ description: "Consumed OAuth client-assertion JTIs (RFC 7523 replay prevention)",
16708
+ fields: {
16709
+ id: {
16710
+ label: "ID"
16711
+ },
16712
+ expires_at: {
16713
+ label: "Expires At",
16714
+ help: "Assertion expiry \u2014 rows past this instant are safe to prune"
16715
+ }
16716
+ }
16717
+ },
15195
16718
  sys_jwks: {
15196
16719
  label: "Clave de firma (JWKS)",
15197
16720
  pluralLabel: "Claves de firma (JWKS)",
@@ -15209,6 +16732,14 @@ var esESObjects = {
15209
16732
  label: "Clave privada",
15210
16733
  help: "Clave privada JWK serializada en JSON (cifrada en reposo)."
15211
16734
  },
16735
+ alg: {
16736
+ label: "Algoritmo",
16737
+ help: "Algoritmo de firma JWK, p. ej. `EdDSA` (better-auth 1.7+)"
16738
+ },
16739
+ crv: {
16740
+ label: "Curva",
16741
+ help: "Curva JWK para claves EdDSA/EC, p. ej. `Ed25519` (better-auth 1.7+)"
16742
+ },
15212
16743
  created_at: {
15213
16744
  label: "Creado el"
15214
16745
  },
@@ -15265,7 +16796,11 @@ var esESObjects = {
15265
16796
  },
15266
16797
  _views: {
15267
16798
  recent: {
15268
- label: "Recent"
16799
+ label: "Recent",
16800
+ emptyState: {
16801
+ title: "No events",
16802
+ message: "No notification events have been emitted."
16803
+ }
15269
16804
  },
15270
16805
  by_topic: {
15271
16806
  label: "By Topic"
@@ -15302,23 +16837,6 @@ var esESObjects = {
15302
16837
  size: {
15303
16838
  label: "Tama\xF1o (bytes)"
15304
16839
  },
15305
- share_type: {
15306
- label: "Tipo de compartici\xF3n",
15307
- help: "visualizador | colaborador | inferido (heredado del registro principal)",
15308
- options: {
15309
- viewer: "Visualizador",
15310
- collaborator: "Colaborador",
15311
- inferred: "Inferido"
15312
- }
15313
- },
15314
- visibility: {
15315
- label: "Visibilidad",
15316
- options: {
15317
- internal: "Interno",
15318
- all_users: "Todos los usuarios",
15319
- shared_users: "Usuarios compartidos"
15320
- }
15321
- },
15322
16840
  uploaded_by: {
15323
16841
  label: "Subido por"
15324
16842
  },
@@ -17864,6 +19382,22 @@ var enMetadataForms = {
17864
19382
  label: "Variables",
17865
19383
  helpText: "Local page state variables"
17866
19384
  },
19385
+ "variables.name": {
19386
+ label: "Name",
19387
+ helpText: "Variable name \u2014 exposed to expressions as `page.<name>`"
19388
+ },
19389
+ "variables.type": {
19390
+ label: "Type",
19391
+ helpText: "Value type"
19392
+ },
19393
+ "variables.defaultValue": {
19394
+ label: "Default Value",
19395
+ helpText: "Initial value (defaults to a type-appropriate empty value)"
19396
+ },
19397
+ "variables.source": {
19398
+ label: "Source",
19399
+ helpText: "Component (by id) that writes this variable \u2014 e.g. an element:record_picker"
19400
+ },
17867
19401
  regions: {
17868
19402
  label: "Regions",
17869
19403
  helpText: "Layout regions (header, main, sidebar, footer) with components"
@@ -19627,6 +21161,22 @@ var zhCNMetadataForms = {
19627
21161
  label: "\u53D8\u91CF",
19628
21162
  helpText: "\u9875\u9762\u672C\u5730\u72B6\u6001\u53D8\u91CF"
19629
21163
  },
21164
+ "variables.name": {
21165
+ label: "\u540D\u79F0",
21166
+ helpText: "\u53D8\u91CF\u540D\u2014\u2014\u5728\u8868\u8FBE\u5F0F\u4E2D\u4EE5 `page.<name>` \u8BBF\u95EE"
21167
+ },
21168
+ "variables.type": {
21169
+ label: "\u7C7B\u578B",
21170
+ helpText: "\u503C\u7C7B\u578B"
21171
+ },
21172
+ "variables.defaultValue": {
21173
+ label: "\u9ED8\u8BA4\u503C",
21174
+ helpText: "\u521D\u59CB\u503C\uFF08\u9ED8\u8BA4\u4E3A\u5BF9\u5E94\u7C7B\u578B\u7684\u7A7A\u503C\uFF09"
21175
+ },
21176
+ "variables.source": {
21177
+ label: "\u6765\u6E90",
21178
+ helpText: "\u5199\u5165\u8BE5\u53D8\u91CF\u7684\u7EC4\u4EF6\uFF08\u6309 id \u6307\u5B9A\uFF09\uFF0C\u5982 element:record_picker"
21179
+ },
19630
21180
  regions: {
19631
21181
  label: "\u533A\u57DF",
19632
21182
  helpText: "\u5E03\u5C40\u533A\u57DF\uFF08header\u3001main\u3001sidebar\u3001footer\uFF09\u53CA\u5176\u7EC4\u4EF6"
@@ -21390,6 +22940,22 @@ var jaJPMetadataForms = {
21390
22940
  label: "\u5909\u6570",
21391
22941
  helpText: "\u30DA\u30FC\u30B8\u30ED\u30FC\u30AB\u30EB\u72B6\u614B\u5909\u6570"
21392
22942
  },
22943
+ "variables.name": {
22944
+ label: "\u540D\u524D",
22945
+ helpText: "\u5909\u6570\u540D \u2014 \u5F0F\u3067\u306F `page.<name>` \u3068\u3057\u3066\u53C2\u7167\u3067\u304D\u307E\u3059"
22946
+ },
22947
+ "variables.type": {
22948
+ label: "\u578B",
22949
+ helpText: "\u5024\u306E\u578B"
22950
+ },
22951
+ "variables.defaultValue": {
22952
+ label: "\u30C7\u30D5\u30A9\u30EB\u30C8\u5024",
22953
+ helpText: "\u521D\u671F\u5024\uFF08\u672A\u6307\u5B9A\u306E\u5834\u5408\u306F\u578B\u306B\u5FDC\u3058\u305F\u7A7A\u306E\u5024\uFF09"
22954
+ },
22955
+ "variables.source": {
22956
+ label: "\u30BD\u30FC\u30B9",
22957
+ helpText: "\u3053\u306E\u5909\u6570\u306B\u66F8\u304D\u8FBC\u3080\u30B3\u30F3\u30DD\u30FC\u30CD\u30F3\u30C8\uFF08id \u6307\u5B9A\uFF09\u2014 \u4F8B: element:record_picker"
22958
+ },
21393
22959
  regions: {
21394
22960
  label: "\u30EA\u30FC\u30B8\u30E7\u30F3",
21395
22961
  helpText: "\u30B3\u30F3\u30DD\u30FC\u30CD\u30F3\u30C8\u3092\u542B\u3080\u30EC\u30A4\u30A2\u30A6\u30C8\u9818\u57DF\uFF08header, main, sidebar, footer\uFF09"
@@ -23153,6 +24719,22 @@ var esESMetadataForms = {
23153
24719
  label: "Variables de p\xE1gina",
23154
24720
  helpText: "Variables de estado local de p\xE1gina"
23155
24721
  },
24722
+ "variables.name": {
24723
+ label: "Nombre",
24724
+ helpText: "Nombre de la variable \u2014 expuesta en expresiones como `page.<name>`"
24725
+ },
24726
+ "variables.type": {
24727
+ label: "Tipo",
24728
+ helpText: "Tipo de valor"
24729
+ },
24730
+ "variables.defaultValue": {
24731
+ label: "Valor predeterminado",
24732
+ helpText: "Valor inicial (por defecto, un valor vac\xEDo seg\xFAn el tipo)"
24733
+ },
24734
+ "variables.source": {
24735
+ label: "Origen",
24736
+ helpText: "Componente (por id) que escribe esta variable \u2014 p. ej. un element:record_picker"
24737
+ },
23156
24738
  regions: {
23157
24739
  label: "Regiones",
23158
24740
  helpText: "Regiones de dise\xF1o (header, main, sidebar, footer) con componentes"
@@ -24187,6 +25769,6 @@ function createPlatformObjectsPlugin() {
24187
25769
  return new PlatformObjectsPlugin();
24188
25770
  }
24189
25771
 
24190
- export { ACCOUNT_APP, MetadataFormsTranslations, PlatformObjectsPlugin, SETUP_APP, SETUP_NAV_CONTRIBUTIONS, STUDIO_APP, SetupAppTranslations, SysAccount, SysApiKey, SysAttachment, SysBusinessUnit, SysBusinessUnitMember, SysDeviceCode, SysEmail, SysEmailTemplate, SysImportJob, SysInvitation, SysJob, SysJobQueue, SysJobRun, SysJwks, SysMember, SysNotification, SysOauthAccessToken, SysOauthApplication, SysOauthConsent, SysOauthRefreshToken, SysOrganization, SysOrganizationDetailPage, SysPositionDetailPage, SysReportSchedule, SysSavedReport, SysScimProvider, SysSecret, SysSession, SysSetting, SysSettingAudit, SysSsoProvider, SysTeam, SysTeamMember, SysTwoFactor, SysUser, SysUserDetailPage, SysUserPreference, SysVerification, SystemOverviewDashboard, SystemOverviewDatasets, createPlatformObjectsPlugin, en, esES, jaJP, zhCN };
25772
+ export { ACCOUNT_APP, MetadataFormsTranslations, PlatformObjectsPlugin, SETUP_APP, SETUP_NAV_CONTRIBUTIONS, STUDIO_APP, SetupAppTranslations, SysAccount, SysApiKey, SysAttachment, SysBusinessUnit, SysBusinessUnitMember, SysDeviceCode, SysEmail, SysEmailTemplate, SysImportJob, SysInvitation, SysJob, SysJobQueue, SysJobRun, SysJwks, SysMember, SysNotification, SysOauthAccessToken, SysOauthApplication, SysOauthClientAssertion, SysOauthClientResource, SysOauthConsent, SysOauthRefreshToken, SysOauthResource, SysOrganization, SysOrganizationDetailPage, SysPositionDetailPage, SysReportSchedule, SysSavedReport, SysScimProvider, SysSecret, SysSession, SysSetting, SysSettingAudit, SysSsoProvider, SysTeam, SysTeamMember, SysTwoFactor, SysUser, SysUserDetailPage, SysUserPreference, SysVerification, SystemOverviewDashboard, SystemOverviewDatasets, createPlatformObjectsPlugin, en, esES, jaJP, zhCN };
24191
25773
  //# sourceMappingURL=index.mjs.map
24192
25774
  //# sourceMappingURL=index.mjs.map