@objectstack/platform-objects 7.6.0 → 7.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/dist/index.d.mts +1 -1
  2. package/dist/index.d.ts +1 -1
  3. package/dist/index.js +25 -597
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.mjs +6 -593
  6. package/dist/index.mjs.map +1 -1
  7. package/dist/metadata/index.d.mts +1 -15012
  8. package/dist/metadata/index.d.ts +1 -15012
  9. package/dist/metadata/index.js +19 -588
  10. package/dist/metadata/index.js.map +1 -1
  11. package/dist/metadata/index.mjs +1 -589
  12. package/dist/metadata/index.mjs.map +1 -1
  13. package/dist/security/index.d.mts +1 -2
  14. package/dist/security/index.d.ts +1 -2
  15. package/dist/system/index.d.mts +7 -11
  16. package/dist/system/index.d.ts +7 -11
  17. package/dist/system/index.js +4 -8
  18. package/dist/system/index.js.map +1 -1
  19. package/dist/system/index.mjs +4 -8
  20. package/dist/system/index.mjs.map +1 -1
  21. package/package.json +3 -2
package/dist/metadata/index.mjs CHANGED
@@ -1,591 +1,3 @@
1
- import { ObjectSchema, Field } from '@objectstack/spec/data';
2
-
3
- // src/metadata/sys-metadata.object.ts
4
- var SysMetadataObject = ObjectSchema.create({
5
- name: "sys_metadata",
6
- label: "System Metadata",
7
- pluralLabel: "System Metadata",
8
- icon: "settings",
9
- isSystem: true,
10
- // managedBy: 'system' — the metadata table backs every other config
11
- // object. Writing rows directly here bypasses the typed Zod APIs and
12
- // would let an admin inject malformed payloads. The "All Metadata"
13
- // menu is therefore a read-only debug surface (Export only); typed
14
- // edits flow through the dedicated per-type pages (Approval Process,
15
- // Sharing Rule, etc.).
16
- managedBy: "system",
17
- description: "Stores platform and user-scope metadata records (objects, views, flows, etc.)",
18
- fields: {
19
- /** Primary Key (UUID) */
20
- id: Field.text({
21
- label: "ID",
22
- required: true,
23
- readonly: true
24
- }),
25
- /** Machine name — unique identifier used in code references */
26
- name: Field.text({
27
- label: "Name",
28
- required: true,
29
- searchable: true,
30
- maxLength: 255
31
- }),
32
- /** Metadata type (e.g. "object", "view", "flow") */
33
- type: Field.text({
34
- label: "Metadata Type",
35
- required: true,
36
- searchable: true,
37
- maxLength: 100
38
- }),
39
- /** Namespace / module grouping (e.g. "crm", "core") */
40
- namespace: Field.text({
41
- label: "Namespace",
42
- required: false,
43
- defaultValue: "default",
44
- maxLength: 100
45
- }),
46
- /** Package that owns/delivered this metadata (legacy string identifier, kept for compat) */
47
- package_id: Field.text({
48
- label: "Package ID",
49
- required: false,
50
- maxLength: 255,
51
- description: "Legacy package manifest ID string. Use package_version_id for new records."
52
- }),
53
- /**
54
- * FK → sys_package_version (UUID). Set for metadata that belongs to a specific
55
- * package release snapshot. NULL = platform-built-in or environment override.
56
- */
57
- package_version_id: Field.lookup("sys_package_version", {
58
- label: "Package Version",
59
- required: false,
60
- description: "Foreign key to sys_package_version (UUID). Null = platform-built-in or env-level override."
61
- }),
62
- /** Who manages this record: package, platform, or user */
63
- managed_by: Field.select(["package", "platform", "user"], {
64
- label: "Managed By",
65
- required: false
66
- }),
67
- /** Scope: system (code), platform (admin DB), user (personal DB) */
68
- scope: Field.select(["system", "platform", "user"], {
69
- label: "Scope",
70
- required: true,
71
- defaultValue: "platform"
72
- }),
73
- /** JSON payload — the actual metadata configuration */
74
- metadata: Field.textarea({
75
- label: "Metadata",
76
- required: true,
77
- description: "JSON-serialized metadata payload"
78
- }),
79
- /** Parent metadata name for extension/override */
80
- extends: Field.text({
81
- label: "Extends",
82
- required: false,
83
- maxLength: 255
84
- }),
85
- /** Merge strategy when extending parent metadata */
86
- strategy: Field.select(["merge", "replace"], {
87
- label: "Strategy",
88
- required: false,
89
- defaultValue: "merge"
90
- }),
91
- /** Owner user ID (for user-scope items) */
92
- owner: Field.text({
93
- label: "Owner",
94
- required: false,
95
- maxLength: 255
96
- }),
97
- /** Lifecycle state */
98
- state: Field.select(["draft", "active", "archived", "deprecated"], {
99
- label: "State",
100
- required: false,
101
- defaultValue: "active"
102
- }),
103
- /** Organization ID for multi-tenant isolation */
104
- organization_id: Field.lookup("sys_organization", {
105
- label: "Organization",
106
- required: false,
107
- description: "Organization for multi-tenant isolation."
108
- }),
109
- /**
110
- * @deprecated ADR-0005 (revised 2026-05): per-env DBs replace per-project
111
- * isolation. `environment_id` is no longer written by saveMetaItem and not
112
- * consulted by overlay reads. Kept for legacy rows; new writes leave it
113
- * NULL. Will be dropped in a future schema migration.
114
- */
115
- environment_id: Field.lookup("sys_environment", {
116
- label: "Environment (deprecated)",
117
- required: false,
118
- description: "DEPRECATED. Use organization_id for tenant isolation."
119
- }),
120
- /** Version number for optimistic concurrency */
121
- version: Field.number({
122
- label: "Version",
123
- required: false,
124
- defaultValue: 1
125
- }),
126
- /** Content checksum for change detection (e.g. `sha256:<64 hex>` = 71 chars) */
127
- checksum: Field.text({
128
- label: "Checksum",
129
- required: false,
130
- maxLength: 71
131
- }),
132
- /** Origin of this metadata record */
133
- source: Field.select(["filesystem", "database", "api", "migration"], {
134
- label: "Source",
135
- required: false
136
- }),
137
- /** Classification tags (JSON array) */
138
- tags: Field.textarea({
139
- label: "Tags",
140
- required: false,
141
- description: "JSON-serialized array of classification tags"
142
- }),
143
- /** Audit fields */
144
- created_by: Field.lookup("sys_user", {
145
- label: "Created By",
146
- required: false,
147
- readonly: true
148
- }),
149
- created_at: Field.datetime({
150
- label: "Created At",
151
- required: false,
152
- readonly: true
153
- }),
154
- updated_by: Field.lookup("sys_user", {
155
- label: "Updated By",
156
- required: false
157
- }),
158
- updated_at: Field.datetime({
159
- label: "Updated At",
160
- required: false
161
- })
162
- },
163
- indexes: [
164
- // ADR-0005 (revised 2026-05): overlay uniqueness is scoped by
165
- // (type, name, organization_id), restricted to active rows so resets
166
- // / archived versions don't collide. environment_id is deprecated and
167
- // not part of the discriminator. The runtime layer (protocol.ts
168
- // ensureOverlayIndex) issues a DROP-then-CREATE migration to
169
- // replace any pre-existing legacy composite index in-place.
170
- {
171
- name: "idx_sys_metadata_overlay_active",
172
- fields: ["type", "name", "organization_id"],
173
- unique: true,
174
- partial: "state = 'active'"
175
- },
176
- { name: "idx_sys_metadata_org_type", fields: ["organization_id", "type"] },
177
- { fields: ["type", "scope"] },
178
- { fields: ["package_version_id"] },
179
- { fields: ["state"] },
180
- { fields: ["namespace"] }
181
- ],
182
- enable: {
183
- trackHistory: true,
184
- searchable: false,
185
- apiEnabled: true,
186
- apiMethods: ["get", "list", "create", "update", "delete"],
187
- trash: false
188
- },
189
- // Named list views — power the Setup App "Data Model" group so admins
190
- // can browse object/field metadata in a typed grid instead of the raw
191
- // `All Metadata` debug surface. Each entry pre-filters by `type` and
192
- // shows the columns that matter for that type. The dedicated visual
193
- // designer (objectui's <ObjectManager> / <FieldDesigner>) deep-links
194
- // from the row's `Edit in Designer` action; the grid stays useful for
195
- // search, audit (state / updated_at) and triage.
196
- listViews: {
197
- only_objects: {
198
- type: "grid",
199
- name: "only_objects",
200
- label: "Objects",
201
- data: { provider: "object", object: "sys_metadata" },
202
- columns: ["name", "namespace", "scope", "managed_by", "state", "updated_at"],
203
- filter: [{ field: "type", operator: "equals", value: "object" }],
204
- sort: [{ field: "name", order: "asc" }],
205
- pagination: { pageSize: 50 }
206
- },
207
- only_fields: {
208
- type: "grid",
209
- name: "only_fields",
210
- label: "Fields",
211
- data: { provider: "object", object: "sys_metadata" },
212
- columns: ["name", "namespace", "scope", "managed_by", "state", "updated_at"],
213
- filter: [{ field: "type", operator: "equals", value: "field" }],
214
- sort: [{ field: "name", order: "asc" }],
215
- pagination: { pageSize: 50 }
216
- },
217
- all_metadata: {
218
- type: "grid",
219
- name: "all_metadata",
220
- label: "All",
221
- data: { provider: "object", object: "sys_metadata" },
222
- columns: ["name", "type", "namespace", "scope", "state", "updated_at"],
223
- sort: [{ field: "updated_at", order: "desc" }],
224
- pagination: { pageSize: 50 }
225
- }
226
- }
227
- });
228
- var SysMetadataHistoryObject = ObjectSchema.create({
229
- name: "sys_metadata_history",
230
- label: "Metadata History",
231
- pluralLabel: "Metadata History",
232
- icon: "history",
233
- isSystem: true,
234
- managedBy: "system",
235
- description: "Durable event log of metadata overlay changes (per-org, append-only)",
236
- fields: {
237
- /** Primary Key (UUID) */
238
- id: Field.text({
239
- label: "ID",
240
- required: true,
241
- readonly: true
242
- }),
243
- /** Per-org monotonic event sequence (durable cursor for replay). */
244
- event_seq: Field.number({
245
- label: "Event Seq",
246
- required: true,
247
- readonly: true,
248
- description: "Per-organization monotonic event log cursor."
249
- }),
250
- /** Machine name (denormalized for easier querying) */
251
- name: Field.text({
252
- label: "Name",
253
- required: true,
254
- searchable: true,
255
- readonly: true,
256
- maxLength: 255
257
- }),
258
- /** Metadata type (denormalized for easier querying) */
259
- type: Field.text({
260
- label: "Metadata Type",
261
- required: true,
262
- searchable: true,
263
- readonly: true,
264
- maxLength: 100
265
- }),
266
- /** Per-(org,type,name) lineage counter at this snapshot. */
267
- version: Field.number({
268
- label: "Version",
269
- required: true,
270
- readonly: true
271
- }),
272
- /** Type of operation that created this history entry */
273
- operation_type: Field.select(["create", "update", "publish", "revert", "delete"], {
274
- label: "Operation Type",
275
- required: true,
276
- readonly: true
277
- }),
278
- /**
279
- * Historical metadata snapshot (JSON payload).
280
- * Null for `operation_type = 'delete'` — the row carries no body.
281
- */
282
- metadata: Field.textarea({
283
- label: "Metadata",
284
- required: false,
285
- readonly: true,
286
- description: "JSON-serialized metadata snapshot at this version (null for deletes)."
287
- }),
288
- /** SHA-256 checksum of metadata content (null for deletes). */
289
- checksum: Field.text({
290
- label: "Checksum",
291
- required: false,
292
- readonly: true,
293
- maxLength: 80
294
- }),
295
- /** Checksum of the previous version (null for the first event). */
296
- previous_checksum: Field.text({
297
- label: "Previous Checksum",
298
- required: false,
299
- readonly: true,
300
- maxLength: 80
301
- }),
302
- /** Human-readable description of changes (= MetadataEvent.message). */
303
- change_note: Field.textarea({
304
- label: "Change Note",
305
- required: false,
306
- readonly: true,
307
- description: "Description of what changed in this version."
308
- }),
309
- /**
310
- * Producer of the event ('sys-metadata-repo', 'fs', 'studio',
311
- * 'api', …). Defaults to 'sys-metadata-repo' on the canonical
312
- * write path; preserved on history() reads as MetadataEvent.source.
313
- */
314
- source: Field.text({
315
- label: "Source",
316
- required: false,
317
- readonly: true,
318
- maxLength: 64
319
- }),
320
- /** Organization ID for multi-tenant isolation */
321
- organization_id: Field.lookup("sys_organization", {
322
- label: "Organization",
323
- required: false,
324
- readonly: true,
325
- description: "Organization for multi-tenant isolation."
326
- }),
327
- /** User who made this change (= MetadataEvent.actor). */
328
- recorded_by: Field.lookup("sys_user", {
329
- label: "Recorded By",
330
- required: false,
331
- readonly: true
332
- }),
333
- /** When was this version recorded */
334
- recorded_at: Field.datetime({
335
- label: "Recorded At",
336
- required: true,
337
- readonly: true
338
- })
339
- },
340
- indexes: [
341
- { fields: ["organization_id", "event_seq"], unique: true },
342
- { fields: ["organization_id", "type", "name", "version"], unique: true },
343
- { fields: ["organization_id", "type", "name", "recorded_at"] },
344
- // ADR-0009: getByHash() lookup — execution-pinned types resolve a
345
- // historical body by content hash via this index.
346
- { fields: ["organization_id", "type", "name", "checksum"] },
347
- { fields: ["type", "name"] },
348
- { fields: ["recorded_at"] },
349
- { fields: ["operation_type"] }
350
- ],
351
- enable: {
352
- trackHistory: false,
353
- searchable: false,
354
- apiEnabled: true,
355
- apiMethods: ["get", "list"],
356
- trash: false
357
- }
358
- });
359
- var SysMetadataAuditObject = ObjectSchema.create({
360
- name: "sys_metadata_audit",
361
- label: "Metadata Audit",
362
- pluralLabel: "Metadata Audit",
363
- icon: "shield-check",
364
- isSystem: true,
365
- managedBy: "append-only",
366
- description: "Append-only audit trail of metadata write decisions (ADR-0010).",
367
- fields: {
368
- /** Primary Key (UUID) */
369
- id: Field.text({
370
- label: "ID",
371
- required: true,
372
- readonly: true
373
- }),
374
- /** When the decision was made (ISO-8601 UTC). */
375
- occurred_at: Field.datetime({
376
- label: "Occurred At",
377
- required: true,
378
- readonly: true
379
- }),
380
- /** Acting principal (user id, system id, or 'system'). */
381
- actor: Field.text({
382
- label: "Actor",
383
- required: true,
384
- readonly: true,
385
- maxLength: 255,
386
- description: 'Acting principal \u2014 user id, system id, or "system".'
387
- }),
388
- /** Code path that produced the decision (e.g. `protocol.saveMetaItem`). */
389
- source: Field.text({
390
- label: "Source",
391
- required: false,
392
- readonly: true,
393
- maxLength: 128
394
- }),
395
- /** Metadata type (singular, e.g. `app`, `object`, `view`). */
396
- type: Field.text({
397
- label: "Metadata Type",
398
- required: true,
399
- readonly: true,
400
- searchable: true,
401
- maxLength: 100
402
- }),
403
- /** Item machine name. */
404
- name: Field.text({
405
- label: "Name",
406
- required: true,
407
- readonly: true,
408
- searchable: true,
409
- maxLength: 255
410
- }),
411
- /** Organization for multi-tenant filtering. NULL for env-wide writes. */
412
- organization_id: Field.lookup("sys_organization", {
413
- label: "Organization",
414
- required: false,
415
- readonly: true
416
- }),
417
- /** Operation kind. */
418
- operation: Field.select(["save", "publish", "rollback", "delete", "reset"], {
419
- label: "Operation",
420
- required: true,
421
- readonly: true
422
- }),
423
- /** Decision outcome — allowed, denied (refused), or forced (bypassed via override). */
424
- outcome: Field.select(["allowed", "denied", "forced"], {
425
- label: "Outcome",
426
- required: true,
427
- readonly: true
428
- }),
429
- /**
430
- * Machine-readable code for the decision:
431
- * - on `allowed`: `'ok'`
432
- * - on `denied`: `'not_overridable'` | `'not_creatable'` |
433
- * `'item_locked'` | `'invalid_metadata'` | `'destructive_change'` |
434
- * `'metadata_conflict'`
435
- * - on `forced`: `'lock_override'` (Phase 3)
436
- */
437
- code: Field.text({
438
- label: "Code",
439
- required: true,
440
- readonly: true,
441
- maxLength: 64
442
- }),
443
- /**
444
- * Lock state observed at the time of the decision (`none` if the
445
- * item carried no `_lock`). Captured even on `allowed` rows so
446
- * later compliance queries can see "what was the lock state when
447
- * this write succeeded".
448
- */
449
- lock_state: Field.select(["none", "no-overlay", "no-delete", "full"], {
450
- label: "Lock State",
451
- required: false,
452
- readonly: true
453
- }),
454
- /** True when the write succeeded by bypassing a lock (Phase 3). */
455
- lock_overridden: Field.boolean({
456
- label: "Lock Overridden",
457
- required: false,
458
- readonly: true
459
- }),
460
- /** Optional request correlation id for tracing. */
461
- request_id: Field.text({
462
- label: "Request ID",
463
- required: false,
464
- readonly: true,
465
- maxLength: 128
466
- }),
467
- /** Optional free-form context (e.g. brief diff summary). */
468
- note: Field.textarea({
469
- label: "Note",
470
- required: false,
471
- readonly: true
472
- })
473
- },
474
- indexes: [
475
- { fields: ["organization_id", "occurred_at"] },
476
- { fields: ["type", "name", "occurred_at"] },
477
- { fields: ["actor", "occurred_at"] },
478
- { fields: ["outcome"] }
479
- ],
480
- enable: {
481
- trackHistory: false,
482
- searchable: false,
483
- apiEnabled: true,
484
- apiMethods: ["get", "list"],
485
- trash: false
486
- }
487
- });
488
- var SysViewDefinitionObject = ObjectSchema.create({
489
- name: "sys_view_definition",
490
- label: "View Definition",
491
- pluralLabel: "View Definitions",
492
- icon: "layout-grid",
493
- isSystem: true,
494
- description: "Runtime-authored view definitions (shared / personal layers). The package layer ships from source.",
495
- fields: {
496
- /** Primary Key (UUID) */
497
- id: Field.text({ label: "ID", required: true, readonly: true }),
498
- /**
499
- * Globally-unique qualified view id, `<object>.<viewKey>`, matching the
500
- * spec `ViewItemSchema.name`. For personal views the runtime may suffix
501
- * to keep it unique per owner.
502
- */
503
- name: Field.text({
504
- label: "Name",
505
- required: true,
506
- searchable: true,
507
- maxLength: 255
508
- }),
509
- /** Bound object — the foreign key used to aggregate views for the switcher. */
510
- object: Field.text({
511
- label: "Object",
512
- required: true,
513
- searchable: true,
514
- maxLength: 255
515
- }),
516
- /** Whether `config` is a ListView (list family) or a FormView. */
517
- view_kind: Field.select(["list", "form"], {
518
- label: "View Kind",
519
- required: true,
520
- defaultValue: "list"
521
- }),
522
- /** Display label (plain string; i18n keys also accepted). */
523
- label: Field.text({ label: "Label", required: false, maxLength: 255 }),
524
- /** Whether this is the object's default view in the switcher. */
525
- is_default: Field.boolean({ label: "Is Default", required: false, defaultValue: false }),
526
- /** Sort order within the object's switcher / left rail. */
527
- view_order: Field.number({ label: "Order", required: false, defaultValue: 0 }),
528
- /**
529
- * Identity layer. Only `shared` and `personal` are stored at runtime;
530
- * `package` views come from source.
531
- */
532
- scope: Field.select(["shared", "personal"], {
533
- label: "Scope",
534
- required: true,
535
- defaultValue: "personal"
536
- }),
537
- /** Owner user id — set when scope = personal; null for shared. */
538
- owner: Field.text({ label: "Owner", required: false, maxLength: 255 }),
539
- /** Hidden from the switcher (per-user / per-org declutter). */
540
- hidden: Field.boolean({ label: "Hidden", required: false, defaultValue: false }),
541
- /** The ListView / FormView configuration payload. */
542
- config: Field.json({
543
- label: "Config",
544
- required: true,
545
- description: "ListView or FormView configuration (matches spec ViewItem.config)."
546
- }),
547
- /** Organization for multi-tenant isolation. */
548
- organization_id: Field.lookup("sys_organization", {
549
- label: "Organization",
550
- required: false,
551
- description: "Organization for multi-tenant isolation."
552
- }),
553
- /** Lifecycle state. */
554
- state: Field.select(["draft", "active", "archived"], {
555
- label: "State",
556
- required: false,
557
- defaultValue: "active"
558
- }),
559
- /** Audit fields. */
560
- created_by: Field.lookup("sys_user", { label: "Created By", required: false, readonly: true }),
561
- created_at: Field.datetime({ label: "Created At", required: false, readonly: true }),
562
- updated_by: Field.lookup("sys_user", { label: "Updated By", required: false }),
563
- updated_at: Field.datetime({ label: "Updated At", required: false })
564
- },
565
- indexes: [
566
- // A given view name is unique per (organization, owner) among active rows —
567
- // a shared view (owner NULL) and each user's personal views don't collide.
568
- {
569
- name: "idx_sys_view_def_active",
570
- fields: ["name", "organization_id", "owner"],
571
- unique: true,
572
- partial: "state = 'active'"
573
- },
574
- // The switcher query: views for one object within a tenant.
575
- { name: "idx_sys_view_def_object", fields: ["organization_id", "object"] },
576
- { fields: ["scope"] },
577
- { fields: ["owner"] },
578
- { fields: ["state"] }
579
- ],
580
- enable: {
581
- trackHistory: true,
582
- searchable: false,
583
- apiEnabled: true,
584
- apiMethods: ["get", "list", "create", "update", "delete"],
585
- trash: false
586
- }
587
- });
588
-
589
- export { SysMetadataObject as SysMetadata, SysMetadataAuditObject, SysMetadataHistoryObject, SysMetadataObject, SysViewDefinitionObject };
1
+ export { SysMetadata, SysMetadataAuditObject, SysMetadataHistoryObject, SysMetadataObject, SysViewDefinitionObject } from '@objectstack/metadata-core';
590
2
  //# sourceMappingURL=index.mjs.map
591
3
  //# sourceMappingURL=index.mjs.map