@objectstack/plugin-security 9.9.0 → 9.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.d.mts +173 -14
  2. package/dist/index.d.ts +173 -14
  3. package/dist/index.js +126 -14
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.mjs +124 -14
  6. package/dist/index.mjs.map +1 -1
  7. package/package.json +4 -4
package/dist/index.d.mts CHANGED
@@ -230,7 +230,9 @@ interface RLSUserContext {
230
230
  * current user (incl. self). Pre-resolved by the runtime so RLS can
231
231
  * scope identity tables like `sys_user` via
232
232
  * `id IN (current_user.org_user_ids)` without needing subquery
233
- * support in the compiler.
233
+ * support in the compiler. This is the one well-known membership set;
234
+ * arbitrary §7.3.1 sets arrive via `ExecutionContext.rlsMembership`
235
+ * and are merged in under their own keys (see {@link RLSCompiler.compileFilter}).
234
236
  */
235
237
  org_user_ids?: string[];
236
238
  [key: string]: unknown;
@@ -275,10 +277,17 @@ declare class RLSCompiler {
275
277
  /**
276
278
  * Compile a single RLS expression into a query filter.
277
279
  *
278
- * Supports simple expressions like:
279
- * - "field_name = current_user.property"
280
- * - "field_name IN (current_user.array_property)"
281
- * - "field_name = 'literal_value'"
280
+ * This reference compiler recognizes exactly four forms — anything else
281
+ * returns `null` and (via {@link compileFilter}) fails closed:
282
+ * - `field = current_user.property` → `{ field: <value> }`
283
+ * - `field = 'literal_value'` → `{ field: 'literal_value' }`
284
+ * - `field IN (current_user.array)` → `{ field: { $in: [...] } }`
285
+ * (the array may be a §7.3.1 pre-resolved membership set)
286
+ * - `1 = 1` → `{}` (always-true / no restriction)
287
+ *
288
+ * There is intentionally no support for subqueries, `LIKE`/`ILIKE`,
289
+ * regex, `ANY`/`ALL`, `AND`/`OR`/`NOT`, or `NULL` checks — express those
290
+ * needs as a `current_user.*` property the runtime pre-resolves instead.
282
291
  */
283
292
  compileExpression(expression: string, userCtx: RLSUserContext): Record<string, unknown> | null;
284
293
  /**
@@ -561,7 +570,7 @@ declare const securityObjects: ((Omit<{
561
570
  description?: string | undefined;
562
571
  icon?: string | undefined;
563
572
  tags?: string[] | undefined;
564
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
573
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
565
574
  userActions?: {
566
575
  create?: boolean | undefined;
567
576
  import?: boolean | undefined;
@@ -790,6 +799,29 @@ declare const securityObjects: ((Omit<{
790
799
  titleField: string;
791
800
  progressField?: string | undefined;
792
801
  dependenciesField?: string | undefined;
802
+ colorField?: string | undefined;
803
+ parentField?: string | undefined;
804
+ typeField?: string | undefined;
805
+ baselineStartField?: string | undefined;
806
+ baselineEndField?: string | undefined;
807
+ groupByField?: string | undefined;
808
+ resourceView?: boolean | undefined;
809
+ assigneeField?: string | undefined;
810
+ effortField?: string | undefined;
811
+ capacity?: number | undefined;
812
+ tooltipFields?: (string | {
813
+ field: string;
814
+ label?: string | undefined;
815
+ })[] | undefined;
816
+ quickFilters?: {
817
+ field: string;
818
+ label?: string | undefined;
819
+ options?: (string | {
820
+ value: string | number;
821
+ label?: string | undefined;
822
+ })[] | undefined;
823
+ }[] | undefined;
824
+ autoZoomToFilter?: boolean | undefined;
793
825
  } | undefined;
794
826
  gallery?: {
795
827
  coverFit: "cover" | "contain";
@@ -985,7 +1017,7 @@ declare const securityObjects: ((Omit<{
985
1017
  } | {
986
1018
  language: "js";
987
1019
  source: string;
988
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
1020
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
989
1021
  timeoutMs?: number | undefined;
990
1022
  memoryMb?: number | undefined;
991
1023
  } | undefined;
@@ -2883,7 +2915,7 @@ declare const securityObjects: ((Omit<{
2883
2915
  description?: string | undefined;
2884
2916
  icon?: string | undefined;
2885
2917
  tags?: string[] | undefined;
2886
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
2918
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
2887
2919
  userActions?: {
2888
2920
  create?: boolean | undefined;
2889
2921
  import?: boolean | undefined;
@@ -3112,6 +3144,29 @@ declare const securityObjects: ((Omit<{
3112
3144
  titleField: string;
3113
3145
  progressField?: string | undefined;
3114
3146
  dependenciesField?: string | undefined;
3147
+ colorField?: string | undefined;
3148
+ parentField?: string | undefined;
3149
+ typeField?: string | undefined;
3150
+ baselineStartField?: string | undefined;
3151
+ baselineEndField?: string | undefined;
3152
+ groupByField?: string | undefined;
3153
+ resourceView?: boolean | undefined;
3154
+ assigneeField?: string | undefined;
3155
+ effortField?: string | undefined;
3156
+ capacity?: number | undefined;
3157
+ tooltipFields?: (string | {
3158
+ field: string;
3159
+ label?: string | undefined;
3160
+ })[] | undefined;
3161
+ quickFilters?: {
3162
+ field: string;
3163
+ label?: string | undefined;
3164
+ options?: (string | {
3165
+ value: string | number;
3166
+ label?: string | undefined;
3167
+ })[] | undefined;
3168
+ }[] | undefined;
3169
+ autoZoomToFilter?: boolean | undefined;
3115
3170
  } | undefined;
3116
3171
  gallery?: {
3117
3172
  coverFit: "cover" | "contain";
@@ -3307,7 +3362,7 @@ declare const securityObjects: ((Omit<{
3307
3362
  } | {
3308
3363
  language: "js";
3309
3364
  source: string;
3310
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
3365
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
3311
3366
  timeoutMs?: number | undefined;
3312
3367
  memoryMb?: number | undefined;
3313
3368
  } | undefined;
@@ -5634,7 +5689,7 @@ declare const securityObjects: ((Omit<{
5634
5689
  description?: string | undefined;
5635
5690
  icon?: string | undefined;
5636
5691
  tags?: string[] | undefined;
5637
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
5692
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
5638
5693
  userActions?: {
5639
5694
  create?: boolean | undefined;
5640
5695
  import?: boolean | undefined;
@@ -5863,6 +5918,29 @@ declare const securityObjects: ((Omit<{
5863
5918
  titleField: string;
5864
5919
  progressField?: string | undefined;
5865
5920
  dependenciesField?: string | undefined;
5921
+ colorField?: string | undefined;
5922
+ parentField?: string | undefined;
5923
+ typeField?: string | undefined;
5924
+ baselineStartField?: string | undefined;
5925
+ baselineEndField?: string | undefined;
5926
+ groupByField?: string | undefined;
5927
+ resourceView?: boolean | undefined;
5928
+ assigneeField?: string | undefined;
5929
+ effortField?: string | undefined;
5930
+ capacity?: number | undefined;
5931
+ tooltipFields?: (string | {
5932
+ field: string;
5933
+ label?: string | undefined;
5934
+ })[] | undefined;
5935
+ quickFilters?: {
5936
+ field: string;
5937
+ label?: string | undefined;
5938
+ options?: (string | {
5939
+ value: string | number;
5940
+ label?: string | undefined;
5941
+ })[] | undefined;
5942
+ }[] | undefined;
5943
+ autoZoomToFilter?: boolean | undefined;
5866
5944
  } | undefined;
5867
5945
  gallery?: {
5868
5946
  coverFit: "cover" | "contain";
@@ -6058,7 +6136,7 @@ declare const securityObjects: ((Omit<{
6058
6136
  } | {
6059
6137
  language: "js";
6060
6138
  source: string;
6061
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
6139
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
6062
6140
  timeoutMs?: number | undefined;
6063
6141
  memoryMb?: number | undefined;
6064
6142
  } | undefined;
@@ -7477,7 +7555,7 @@ declare const securityObjects: ((Omit<{
7477
7555
  description?: string | undefined;
7478
7556
  icon?: string | undefined;
7479
7557
  tags?: string[] | undefined;
7480
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
7558
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
7481
7559
  userActions?: {
7482
7560
  create?: boolean | undefined;
7483
7561
  import?: boolean | undefined;
@@ -7706,6 +7784,29 @@ declare const securityObjects: ((Omit<{
7706
7784
  titleField: string;
7707
7785
  progressField?: string | undefined;
7708
7786
  dependenciesField?: string | undefined;
7787
+ colorField?: string | undefined;
7788
+ parentField?: string | undefined;
7789
+ typeField?: string | undefined;
7790
+ baselineStartField?: string | undefined;
7791
+ baselineEndField?: string | undefined;
7792
+ groupByField?: string | undefined;
7793
+ resourceView?: boolean | undefined;
7794
+ assigneeField?: string | undefined;
7795
+ effortField?: string | undefined;
7796
+ capacity?: number | undefined;
7797
+ tooltipFields?: (string | {
7798
+ field: string;
7799
+ label?: string | undefined;
7800
+ })[] | undefined;
7801
+ quickFilters?: {
7802
+ field: string;
7803
+ label?: string | undefined;
7804
+ options?: (string | {
7805
+ value: string | number;
7806
+ label?: string | undefined;
7807
+ })[] | undefined;
7808
+ }[] | undefined;
7809
+ autoZoomToFilter?: boolean | undefined;
7709
7810
  } | undefined;
7710
7811
  gallery?: {
7711
7812
  coverFit: "cover" | "contain";
@@ -7901,7 +8002,7 @@ declare const securityObjects: ((Omit<{
7901
8002
  } | {
7902
8003
  language: "js";
7903
8004
  source: string;
7904
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
8005
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
7905
8006
  timeoutMs?: number | undefined;
7906
8007
  memoryMb?: number | undefined;
7907
8008
  } | undefined;
@@ -8884,4 +8985,62 @@ declare function backfillOrgAdminGrants(ql: any, options?: {
8884
8985
  skipped: number;
8885
8986
  }>;
8886
8987
 
8887
- export { FieldMasker, PermissionDeniedError, PermissionEvaluator, RLSCompiler, RLS_DENY_FILTER, SECURITY_PLUGIN_ID, SECURITY_PLUGIN_VERSION, SecurityPlugin, backfillOrgAdminGrants, isPermissionDeniedError, reconcileOrgAdminGrant, securityDefaultPermissionSets, securityObjects, securityPluginManifestHeader };
8988
+ /**
8989
+ * bootstrapPlatformAdmin — first-boot platform admin promotion.
8990
+ *
8991
+ * Two responsibilities, both idempotent and run on `kernel:ready`:
8992
+ *
8993
+ * 1. **Seed `sys_permission_set` rows** for each `defaultPermissionSets`
8994
+ * entry (admin_full_access / member_default / viewer_readonly).
8995
+ *
8996
+ * 2. **Promote the first registered user to platform admin** by
8997
+ * inserting a `sys_user_permission_set` row that points at
8998
+ * `admin_full_access` with `organization_id = NULL` (= cross-tenant).
8999
+ * If a platform admin already exists, this is a no-op forever.
9000
+ *
9001
+ * The "create a Default Organization for the freshly-promoted admin"
9002
+ * behavior moved to `@objectstack/plugin-org-scoping` (see
9003
+ * `ensureDefaultOrganization`). Install that plugin to get
9004
+ * multi-tenant bootstrap.
9005
+ */
9006
+
9007
+ interface BootstrapOptions {
9008
+ /** Logger from PluginContext. */
9009
+ logger?: {
9010
+ info: (message: string, meta?: Record<string, any>) => void;
9011
+ warn: (message: string, meta?: Record<string, any>) => void;
9012
+ };
9013
+ }
9014
+ /**
9015
+ * Persist seed permission sets and promote the first registered user to
9016
+ * platform admin. Safe to call multiple times.
9017
+ */
9018
+ declare function bootstrapPlatformAdmin(ql: any, bootstrapPermissionSets: PermissionSet[], options?: BootstrapOptions): Promise<{
9019
+ seeded: number;
9020
+ adminPromoted: boolean;
9021
+ reason?: string;
9022
+ /** Count of seeded rows re-owned to the freshly-promoted admin. */
9023
+ ownershipClaimed?: number;
9024
+ }>;
9025
+
9026
+ interface ClaimOwnershipOptions {
9027
+ logger?: {
9028
+ info: (message: string, meta?: Record<string, any>) => void;
9029
+ warn: (message: string, meta?: Record<string, any>) => void;
9030
+ };
9031
+ }
9032
+ /**
9033
+ * Re-own every orphan seed row (owner_id NULL or usr_system) to `adminUserId`.
9034
+ *
9035
+ * Walks `ql.registry.getAllObjects()`, filters to schemas that
9036
+ * (a) are not `managedBy` (skip sys_/auth/platform tables),
9037
+ * (b) are not `sys_*`-namespaced,
9038
+ * (c) declare an `owner_id` field,
9039
+ * and updates the unowned rows as `isSystem`. Returns a per-object summary.
9040
+ */
9041
+ declare function claimSeedOwnership(ql: any, adminUserId: string, options?: ClaimOwnershipOptions): Promise<{
9042
+ object: string;
9043
+ count: number;
9044
+ }[]>;
9045
+
9046
+ export { FieldMasker, PermissionDeniedError, PermissionEvaluator, RLSCompiler, RLS_DENY_FILTER, SECURITY_PLUGIN_ID, SECURITY_PLUGIN_VERSION, SecurityPlugin, backfillOrgAdminGrants, bootstrapPlatformAdmin, claimSeedOwnership, isPermissionDeniedError, reconcileOrgAdminGrant, securityDefaultPermissionSets, securityObjects, securityPluginManifestHeader };
package/dist/index.d.ts CHANGED
@@ -230,7 +230,9 @@ interface RLSUserContext {
230
230
  * current user (incl. self). Pre-resolved by the runtime so RLS can
231
231
  * scope identity tables like `sys_user` via
232
232
  * `id IN (current_user.org_user_ids)` without needing subquery
233
- * support in the compiler.
233
+ * support in the compiler. This is the one well-known membership set;
234
+ * arbitrary §7.3.1 sets arrive via `ExecutionContext.rlsMembership`
235
+ * and are merged in under their own keys (see {@link RLSCompiler.compileFilter}).
234
236
  */
235
237
  org_user_ids?: string[];
236
238
  [key: string]: unknown;
@@ -275,10 +277,17 @@ declare class RLSCompiler {
275
277
  /**
276
278
  * Compile a single RLS expression into a query filter.
277
279
  *
278
- * Supports simple expressions like:
279
- * - "field_name = current_user.property"
280
- * - "field_name IN (current_user.array_property)"
281
- * - "field_name = 'literal_value'"
280
+ * This reference compiler recognizes exactly four forms — anything else
281
+ * returns `null` and (via {@link compileFilter}) fails closed:
282
+ * - `field = current_user.property` → `{ field: <value> }`
283
+ * - `field = 'literal_value'` → `{ field: 'literal_value' }`
284
+ * - `field IN (current_user.array)` → `{ field: { $in: [...] } }`
285
+ * (the array may be a §7.3.1 pre-resolved membership set)
286
+ * - `1 = 1` → `{}` (always-true / no restriction)
287
+ *
288
+ * There is intentionally no support for subqueries, `LIKE`/`ILIKE`,
289
+ * regex, `ANY`/`ALL`, `AND`/`OR`/`NOT`, or `NULL` checks — express those
290
+ * needs as a `current_user.*` property the runtime pre-resolves instead.
282
291
  */
283
292
  compileExpression(expression: string, userCtx: RLSUserContext): Record<string, unknown> | null;
284
293
  /**
@@ -561,7 +570,7 @@ declare const securityObjects: ((Omit<{
561
570
  description?: string | undefined;
562
571
  icon?: string | undefined;
563
572
  tags?: string[] | undefined;
564
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
573
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
565
574
  userActions?: {
566
575
  create?: boolean | undefined;
567
576
  import?: boolean | undefined;
@@ -790,6 +799,29 @@ declare const securityObjects: ((Omit<{
790
799
  titleField: string;
791
800
  progressField?: string | undefined;
792
801
  dependenciesField?: string | undefined;
802
+ colorField?: string | undefined;
803
+ parentField?: string | undefined;
804
+ typeField?: string | undefined;
805
+ baselineStartField?: string | undefined;
806
+ baselineEndField?: string | undefined;
807
+ groupByField?: string | undefined;
808
+ resourceView?: boolean | undefined;
809
+ assigneeField?: string | undefined;
810
+ effortField?: string | undefined;
811
+ capacity?: number | undefined;
812
+ tooltipFields?: (string | {
813
+ field: string;
814
+ label?: string | undefined;
815
+ })[] | undefined;
816
+ quickFilters?: {
817
+ field: string;
818
+ label?: string | undefined;
819
+ options?: (string | {
820
+ value: string | number;
821
+ label?: string | undefined;
822
+ })[] | undefined;
823
+ }[] | undefined;
824
+ autoZoomToFilter?: boolean | undefined;
793
825
  } | undefined;
794
826
  gallery?: {
795
827
  coverFit: "cover" | "contain";
@@ -985,7 +1017,7 @@ declare const securityObjects: ((Omit<{
985
1017
  } | {
986
1018
  language: "js";
987
1019
  source: string;
988
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
1020
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
989
1021
  timeoutMs?: number | undefined;
990
1022
  memoryMb?: number | undefined;
991
1023
  } | undefined;
@@ -2883,7 +2915,7 @@ declare const securityObjects: ((Omit<{
2883
2915
  description?: string | undefined;
2884
2916
  icon?: string | undefined;
2885
2917
  tags?: string[] | undefined;
2886
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
2918
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
2887
2919
  userActions?: {
2888
2920
  create?: boolean | undefined;
2889
2921
  import?: boolean | undefined;
@@ -3112,6 +3144,29 @@ declare const securityObjects: ((Omit<{
3112
3144
  titleField: string;
3113
3145
  progressField?: string | undefined;
3114
3146
  dependenciesField?: string | undefined;
3147
+ colorField?: string | undefined;
3148
+ parentField?: string | undefined;
3149
+ typeField?: string | undefined;
3150
+ baselineStartField?: string | undefined;
3151
+ baselineEndField?: string | undefined;
3152
+ groupByField?: string | undefined;
3153
+ resourceView?: boolean | undefined;
3154
+ assigneeField?: string | undefined;
3155
+ effortField?: string | undefined;
3156
+ capacity?: number | undefined;
3157
+ tooltipFields?: (string | {
3158
+ field: string;
3159
+ label?: string | undefined;
3160
+ })[] | undefined;
3161
+ quickFilters?: {
3162
+ field: string;
3163
+ label?: string | undefined;
3164
+ options?: (string | {
3165
+ value: string | number;
3166
+ label?: string | undefined;
3167
+ })[] | undefined;
3168
+ }[] | undefined;
3169
+ autoZoomToFilter?: boolean | undefined;
3115
3170
  } | undefined;
3116
3171
  gallery?: {
3117
3172
  coverFit: "cover" | "contain";
@@ -3307,7 +3362,7 @@ declare const securityObjects: ((Omit<{
3307
3362
  } | {
3308
3363
  language: "js";
3309
3364
  source: string;
3310
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
3365
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
3311
3366
  timeoutMs?: number | undefined;
3312
3367
  memoryMb?: number | undefined;
3313
3368
  } | undefined;
@@ -5634,7 +5689,7 @@ declare const securityObjects: ((Omit<{
5634
5689
  description?: string | undefined;
5635
5690
  icon?: string | undefined;
5636
5691
  tags?: string[] | undefined;
5637
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
5692
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
5638
5693
  userActions?: {
5639
5694
  create?: boolean | undefined;
5640
5695
  import?: boolean | undefined;
@@ -5863,6 +5918,29 @@ declare const securityObjects: ((Omit<{
5863
5918
  titleField: string;
5864
5919
  progressField?: string | undefined;
5865
5920
  dependenciesField?: string | undefined;
5921
+ colorField?: string | undefined;
5922
+ parentField?: string | undefined;
5923
+ typeField?: string | undefined;
5924
+ baselineStartField?: string | undefined;
5925
+ baselineEndField?: string | undefined;
5926
+ groupByField?: string | undefined;
5927
+ resourceView?: boolean | undefined;
5928
+ assigneeField?: string | undefined;
5929
+ effortField?: string | undefined;
5930
+ capacity?: number | undefined;
5931
+ tooltipFields?: (string | {
5932
+ field: string;
5933
+ label?: string | undefined;
5934
+ })[] | undefined;
5935
+ quickFilters?: {
5936
+ field: string;
5937
+ label?: string | undefined;
5938
+ options?: (string | {
5939
+ value: string | number;
5940
+ label?: string | undefined;
5941
+ })[] | undefined;
5942
+ }[] | undefined;
5943
+ autoZoomToFilter?: boolean | undefined;
5866
5944
  } | undefined;
5867
5945
  gallery?: {
5868
5946
  coverFit: "cover" | "contain";
@@ -6058,7 +6136,7 @@ declare const securityObjects: ((Omit<{
6058
6136
  } | {
6059
6137
  language: "js";
6060
6138
  source: string;
6061
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
6139
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
6062
6140
  timeoutMs?: number | undefined;
6063
6141
  memoryMb?: number | undefined;
6064
6142
  } | undefined;
@@ -7477,7 +7555,7 @@ declare const securityObjects: ((Omit<{
7477
7555
  description?: string | undefined;
7478
7556
  icon?: string | undefined;
7479
7557
  tags?: string[] | undefined;
7480
- managedBy?: "system" | "platform" | "config" | "append-only" | "better-auth" | undefined;
7558
+ managedBy?: "platform" | "system" | "config" | "append-only" | "better-auth" | undefined;
7481
7559
  userActions?: {
7482
7560
  create?: boolean | undefined;
7483
7561
  import?: boolean | undefined;
@@ -7706,6 +7784,29 @@ declare const securityObjects: ((Omit<{
7706
7784
  titleField: string;
7707
7785
  progressField?: string | undefined;
7708
7786
  dependenciesField?: string | undefined;
7787
+ colorField?: string | undefined;
7788
+ parentField?: string | undefined;
7789
+ typeField?: string | undefined;
7790
+ baselineStartField?: string | undefined;
7791
+ baselineEndField?: string | undefined;
7792
+ groupByField?: string | undefined;
7793
+ resourceView?: boolean | undefined;
7794
+ assigneeField?: string | undefined;
7795
+ effortField?: string | undefined;
7796
+ capacity?: number | undefined;
7797
+ tooltipFields?: (string | {
7798
+ field: string;
7799
+ label?: string | undefined;
7800
+ })[] | undefined;
7801
+ quickFilters?: {
7802
+ field: string;
7803
+ label?: string | undefined;
7804
+ options?: (string | {
7805
+ value: string | number;
7806
+ label?: string | undefined;
7807
+ })[] | undefined;
7808
+ }[] | undefined;
7809
+ autoZoomToFilter?: boolean | undefined;
7709
7810
  } | undefined;
7710
7811
  gallery?: {
7711
7812
  coverFit: "cover" | "contain";
@@ -7901,7 +8002,7 @@ declare const securityObjects: ((Omit<{
7901
8002
  } | {
7902
8003
  language: "js";
7903
8004
  source: string;
7904
- capabilities: ("api.read" | "api.write" | "crypto.uuid" | "crypto.hash" | "log")[];
8005
+ capabilities: ("api.read" | "api.write" | "api.transaction" | "crypto.uuid" | "crypto.hash" | "log")[];
7905
8006
  timeoutMs?: number | undefined;
7906
8007
  memoryMb?: number | undefined;
7907
8008
  } | undefined;
@@ -8884,4 +8985,62 @@ declare function backfillOrgAdminGrants(ql: any, options?: {
8884
8985
  skipped: number;
8885
8986
  }>;
8886
8987
 
8887
- export { FieldMasker, PermissionDeniedError, PermissionEvaluator, RLSCompiler, RLS_DENY_FILTER, SECURITY_PLUGIN_ID, SECURITY_PLUGIN_VERSION, SecurityPlugin, backfillOrgAdminGrants, isPermissionDeniedError, reconcileOrgAdminGrant, securityDefaultPermissionSets, securityObjects, securityPluginManifestHeader };
8988
+ /**
8989
+ * bootstrapPlatformAdmin — first-boot platform admin promotion.
8990
+ *
8991
+ * Two responsibilities, both idempotent and run on `kernel:ready`:
8992
+ *
8993
+ * 1. **Seed `sys_permission_set` rows** for each `defaultPermissionSets`
8994
+ * entry (admin_full_access / member_default / viewer_readonly).
8995
+ *
8996
+ * 2. **Promote the first registered user to platform admin** by
8997
+ * inserting a `sys_user_permission_set` row that points at
8998
+ * `admin_full_access` with `organization_id = NULL` (= cross-tenant).
8999
+ * If a platform admin already exists, this is a no-op forever.
9000
+ *
9001
+ * The "create a Default Organization for the freshly-promoted admin"
9002
+ * behavior moved to `@objectstack/plugin-org-scoping` (see
9003
+ * `ensureDefaultOrganization`). Install that plugin to get
9004
+ * multi-tenant bootstrap.
9005
+ */
9006
+
9007
+ interface BootstrapOptions {
9008
+ /** Logger from PluginContext. */
9009
+ logger?: {
9010
+ info: (message: string, meta?: Record<string, any>) => void;
9011
+ warn: (message: string, meta?: Record<string, any>) => void;
9012
+ };
9013
+ }
9014
+ /**
9015
+ * Persist seed permission sets and promote the first registered user to
9016
+ * platform admin. Safe to call multiple times.
9017
+ */
9018
+ declare function bootstrapPlatformAdmin(ql: any, bootstrapPermissionSets: PermissionSet[], options?: BootstrapOptions): Promise<{
9019
+ seeded: number;
9020
+ adminPromoted: boolean;
9021
+ reason?: string;
9022
+ /** Count of seeded rows re-owned to the freshly-promoted admin. */
9023
+ ownershipClaimed?: number;
9024
+ }>;
9025
+
9026
+ interface ClaimOwnershipOptions {
9027
+ logger?: {
9028
+ info: (message: string, meta?: Record<string, any>) => void;
9029
+ warn: (message: string, meta?: Record<string, any>) => void;
9030
+ };
9031
+ }
9032
+ /**
9033
+ * Re-own every orphan seed row (owner_id NULL or usr_system) to `adminUserId`.
9034
+ *
9035
+ * Walks `ql.registry.getAllObjects()`, filters to schemas that
9036
+ * (a) are not `managedBy` (skip sys_/auth/platform tables),
9037
+ * (b) are not `sys_*`-namespaced,
9038
+ * (c) declare an `owner_id` field,
9039
+ * and updates the unowned rows as `isSystem`. Returns a per-object summary.
9040
+ */
9041
+ declare function claimSeedOwnership(ql: any, adminUserId: string, options?: ClaimOwnershipOptions): Promise<{
9042
+ object: string;
9043
+ count: number;
9044
+ }[]>;
9045
+
9046
+ export { FieldMasker, PermissionDeniedError, PermissionEvaluator, RLSCompiler, RLS_DENY_FILTER, SECURITY_PLUGIN_ID, SECURITY_PLUGIN_VERSION, SecurityPlugin, backfillOrgAdminGrants, bootstrapPlatformAdmin, claimSeedOwnership, isPermissionDeniedError, reconcileOrgAdminGrant, securityDefaultPermissionSets, securityObjects, securityPluginManifestHeader };