npm - @open-core/identity - Versions diffs - 1.0.0 - Mend

@open-core/identity 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/LICENSE +7 -0
package/README.md +682 -0
package/dist/entities/account.entity.d.ts +34 -0
package/dist/entities/account.entity.js +2 -0
package/dist/entities/role.entity.d.ts +35 -0
package/dist/entities/role.entity.js +2 -0
package/dist/events/identity.events.d.ts +24 -0
package/dist/events/identity.events.js +2 -0
package/dist/index.d.ts +70 -0
package/dist/index.js +100 -0
package/dist/repositories/account.repository.d.ts +60 -0
package/dist/repositories/account.repository.js +185 -0
package/dist/repositories/role.repository.d.ts +50 -0
package/dist/repositories/role.repository.js +79 -0
package/dist/services/account.service.d.ts +78 -0
package/dist/services/account.service.js +207 -0
package/dist/services/auth/api-auth.provider.d.ts +30 -0
package/dist/services/auth/api-auth.provider.js +134 -0
package/dist/services/auth/credentials-auth.provider.d.ts +27 -0
package/dist/services/auth/credentials-auth.provider.js +214 -0
package/dist/services/auth/local-auth.provider.d.ts +28 -0
package/dist/services/auth/local-auth.provider.js +135 -0
package/dist/services/cache/memory-cache.service.d.ts +47 -0
package/dist/services/cache/memory-cache.service.js +108 -0
package/dist/services/identity-auth.provider.d.ts +18 -0
package/dist/services/identity-auth.provider.js +125 -0
package/dist/services/identity-principal.provider.d.ts +29 -0
package/dist/services/identity-principal.provider.js +104 -0
package/dist/services/principal/api-principal.provider.d.ts +27 -0
package/dist/services/principal/api-principal.provider.js +141 -0
package/dist/services/principal/local-principal.provider.d.ts +39 -0
package/dist/services/principal/local-principal.provider.js +114 -0
package/dist/services/role.service.d.ts +73 -0
package/dist/services/role.service.js +145 -0
package/dist/setup.d.ts +58 -0
package/dist/setup.js +93 -0
package/dist/types/auth.types.d.ts +48 -0
package/dist/types/auth.types.js +2 -0
package/dist/types/index.d.ts +36 -0
package/dist/types/index.js +2 -0
package/migrations/001_accounts_table.sql +16 -0
package/migrations/002_roles_table.sql +21 -0
package/migrations/003_alter_accounts_add_role.sql +24 -0
package/migrations/004_rename_uuid_to_linked_id.sql +12 -0
package/migrations/005_add_password_hash.sql +7 -0
package/package.json +59 -0

package/dist/entities/account.entity.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Represents an authenticated account within OpenCore Identity.
+ * This entity is storage-agnostic and maps directly to the accounts table.
+ */
+export interface Account {
+    /** Numeric primary key for internal references and joins. */
+    id: number;
+    /** Optional linked ID - can be UUID (local) or external API ID. Auto-generated by default. */
+    linkedId: string | null;
+    /** Source of the account: 'local', 'api', or custom identifier. */
+    externalSource?: string;
+    /** Rockstar license identifier (preferred). */
+    license: string | null;
+    /** Discord user ID. */
+    discord: string | null;
+    /** Steam hex identifier. */
+    steam: string | null;
+    /** Optional display name or username. */
+    username: string | null;
+    /** Role assignment (FK to roles table). */
+    roleId: number | null;
+    /** Custom permissions specific to this account (overrides/additions to role permissions). */
+    customPermissions: string[];
+    /** Creation timestamp. */
+    createdAt: Date;
+    /** Last successful login timestamp. */
+    lastLoginAt: Date;
+    /** Ban status flag. */
+    banned: boolean;
+    /** Ban reason text when banned. */
+    banReason: string | null;
+    /** Ban expiration (null means permanent). */
+    banExpires: Date | null;
+}

package/dist/entities/account.entity.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/entities/role.entity.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+/**
+ * Role entity representing a security role/rank in the system.
+ * Roles define base permissions and hierarchy through rank.
+ */
+export interface Role {
+    /**
+     * Unique identifier for the role
+     */
+    id: number;
+    /**
+     * Internal name (e.g., 'admin', 'moderator', 'user')
+     */
+    name: string;
+    /**
+     * Display name for UI (e.g., 'Administrator', 'Moderator', 'Player')
+     */
+    displayName: string;
+    /**
+     * Numeric rank for hierarchy comparisons (higher = more privileged)
+     * Example: 100 = admin, 50 = moderator, 0 = user
+     */
+    rank: number;
+    /**
+     * Base permissions granted by this role
+     */
+    permissions: string[];
+    /**
+     * Whether this is the default role for new accounts
+     */
+    isDefault: boolean;
+    /**
+     * Role creation timestamp
+     */
+    createdAt: Date;
+}

package/dist/entities/role.entity.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/events/identity.events.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import type { AccountIdentifiers } from "../types";
+export interface AccountCreatedEvent {
+    accountId: number;
+    uuid: string;
+    identifiers: AccountIdentifiers;
+}
+export interface AccountBannedEvent {
+    accountId: number;
+    reason?: string | null;
+    expires?: Date | null;
+}
+export interface AccountUnbannedEvent {
+    accountId: number;
+}
+export interface AccountLoggedInEvent {
+    accountId: number;
+    uuid: string;
+}
+export interface IdentityEventMap {
+    "identity:accountCreated": AccountCreatedEvent;
+    "identity:accountBanned": AccountBannedEvent;
+    "identity:accountUnbanned": AccountUnbannedEvent;
+    "identity:accountLoggedIn": AccountLoggedInEvent;
+}

package/dist/events/identity.events.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,70 @@
+import * as Setup from "./setup";
+import type * as Entities from "./entities/account.entity";
+import type * as RoleEntities from "./entities/role.entity";
+import * as AccountRepo from "./repositories/account.repository";
+import * as RoleRepo from "./repositories/role.repository";
+import * as AcctService from "./services/account.service";
+import * as RService from "./services/role.service";
+import * as CacheService from "./services/cache/memory-cache.service";
+import * as LocalAuth from "./services/auth/local-auth.provider";
+import * as CredentialsAuth from "./services/auth/credentials-auth.provider";
+import * as ApiAuth from "./services/auth/api-auth.provider";
+import * as LocalPrincipal from "./services/principal/local-principal.provider";
+import * as ApiPrincipal from "./services/principal/api-principal.provider";
+import * as AuthProvider from "./services/identity-auth.provider";
+import * as PrincipalProvider from "./services/identity-principal.provider";
+import type * as Types from "./types";
+import type * as AuthTypes from "./types/auth.types";
+import type * as Events from "./events/identity.events";
+export declare namespace Identity {
+    const setup: typeof Setup.setupIdentity;
+    type SetupOptions = Setup.IdentitySetupOptions;
+    type Account = Entities.Account;
+    type Role = RoleEntities.Role;
+    export import AccountRepository = AccountRepo.AccountRepository;
+    export import RoleRepository = RoleRepo.RoleRepository;
+    export import AccountService = AcctService.AccountService;
+    export import RoleService = RService.RoleService;
+    export import MemoryCacheService = CacheService.MemoryCacheService;
+    export import LocalAuthProvider = LocalAuth.LocalAuthProvider;
+    export import CredentialsAuthProvider = CredentialsAuth.CredentialsAuthProvider;
+    export import ApiAuthProvider = ApiAuth.ApiAuthProvider;
+    export import LocalPrincipalProvider = LocalPrincipal.LocalPrincipalProvider;
+    export import ApiPrincipalProvider = ApiPrincipal.ApiPrincipalProvider;
+    export import IdentityAuthProvider = AuthProvider.IdentityAuthProvider;
+    export import IdentityPrincipalProvider = PrincipalProvider.IdentityPrincipalProvider;
+    type IdentifierType = Types.IdentifierType;
+    type AccountIdentifiers = Types.AccountIdentifiers;
+    type CreateAccountInput = Types.CreateAccountInput;
+    type BanOptions = Types.BanOptions;
+    type AuthSession = Types.AuthSession;
+    type CreateRoleInput = Types.CreateRoleInput;
+    type UpdateRoleInput = Types.UpdateRoleInput;
+    type ApiAuthConfig = AuthTypes.ApiAuthConfig;
+    type ApiAuthResponse = AuthTypes.ApiAuthResponse;
+    type ApiPrincipalResponse = AuthTypes.ApiPrincipalResponse;
+    type CacheOptions = AuthTypes.CacheOptions;
+    type AccountCreatedEvent = Events.AccountCreatedEvent;
+    type AccountBannedEvent = Events.AccountBannedEvent;
+    type AccountUnbannedEvent = Events.AccountUnbannedEvent;
+    type AccountLoggedInEvent = Events.AccountLoggedInEvent;
+    type IdentityEventMap = Events.IdentityEventMap;
+}
+export { setupIdentity, type IdentitySetupOptions } from "./setup";
+export * from "./entities/account.entity";
+export * from "./entities/role.entity";
+export * from "./repositories/account.repository";
+export * from "./repositories/role.repository";
+export * from "./services/account.service";
+export * from "./services/role.service";
+export * from "./services/cache/memory-cache.service";
+export * from "./services/auth/local-auth.provider";
+export * from "./services/auth/credentials-auth.provider";
+export * from "./services/auth/api-auth.provider";
+export * from "./services/principal/local-principal.provider";
+export * from "./services/principal/api-principal.provider";
+export * from "./services/identity-auth.provider";
+export * from "./services/identity-principal.provider";
+export * from "./events/identity.events";
+export * from "./types";
+export * from "./types/auth.types";

package/dist/index.js ADDED Viewed

@@ -0,0 +1,100 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.setupIdentity = exports.Identity = void 0;
+// Imports for namespace
+const Setup = __importStar(require("./setup"));
+const AccountRepo = __importStar(require("./repositories/account.repository"));
+const RoleRepo = __importStar(require("./repositories/role.repository"));
+const AcctService = __importStar(require("./services/account.service"));
+const RService = __importStar(require("./services/role.service"));
+const CacheService = __importStar(require("./services/cache/memory-cache.service"));
+const LocalAuth = __importStar(require("./services/auth/local-auth.provider"));
+const CredentialsAuth = __importStar(require("./services/auth/credentials-auth.provider"));
+const ApiAuth = __importStar(require("./services/auth/api-auth.provider"));
+const LocalPrincipal = __importStar(require("./services/principal/local-principal.provider"));
+const ApiPrincipal = __importStar(require("./services/principal/api-principal.provider"));
+const AuthProvider = __importStar(require("./services/identity-auth.provider"));
+const PrincipalProvider = __importStar(require("./services/identity-principal.provider"));
+// Namespace for organized exports
+// eslint-disable-next-line @typescript-eslint/no-namespace
+var Identity;
+(function (Identity) {
+    // Setup
+    Identity.setup = Setup.setupIdentity;
+    // Repositories
+    Identity.AccountRepository = AccountRepo.AccountRepository;
+    Identity.RoleRepository = RoleRepo.RoleRepository;
+    // Services
+    Identity.AccountService = AcctService.AccountService;
+    Identity.RoleService = RService.RoleService;
+    Identity.MemoryCacheService = CacheService.MemoryCacheService;
+    // Auth Providers
+    Identity.LocalAuthProvider = LocalAuth.LocalAuthProvider;
+    Identity.CredentialsAuthProvider = CredentialsAuth.CredentialsAuthProvider;
+    Identity.ApiAuthProvider = ApiAuth.ApiAuthProvider;
+    // Principal Providers
+    Identity.LocalPrincipalProvider = LocalPrincipal.LocalPrincipalProvider;
+    Identity.ApiPrincipalProvider = ApiPrincipal.ApiPrincipalProvider;
+    // Legacy providers (for backward compatibility)
+    Identity.IdentityAuthProvider = AuthProvider.IdentityAuthProvider;
+    Identity.IdentityPrincipalProvider = PrincipalProvider.IdentityPrincipalProvider;
+})(Identity || (exports.Identity = Identity = {}));
+// Top-level exports for backward compatibility
+var setup_1 = require("./setup");
+Object.defineProperty(exports, "setupIdentity", { enumerable: true, get: function () { return setup_1.setupIdentity; } });
+__exportStar(require("./entities/account.entity"), exports);
+__exportStar(require("./entities/role.entity"), exports);
+__exportStar(require("./repositories/account.repository"), exports);
+__exportStar(require("./repositories/role.repository"), exports);
+__exportStar(require("./services/account.service"), exports);
+__exportStar(require("./services/role.service"), exports);
+__exportStar(require("./services/cache/memory-cache.service"), exports);
+// Auth providers
+__exportStar(require("./services/auth/local-auth.provider"), exports);
+__exportStar(require("./services/auth/credentials-auth.provider"), exports);
+__exportStar(require("./services/auth/api-auth.provider"), exports);
+// Principal providers
+__exportStar(require("./services/principal/local-principal.provider"), exports);
+__exportStar(require("./services/principal/api-principal.provider"), exports);
+// Legacy providers
+__exportStar(require("./services/identity-auth.provider"), exports);
+__exportStar(require("./services/identity-principal.provider"), exports);
+__exportStar(require("./events/identity.events"), exports);
+__exportStar(require("./types"), exports);
+__exportStar(require("./types/auth.types"), exports);

package/dist/repositories/account.repository.d.ts ADDED Viewed

@@ -0,0 +1,60 @@
+import { Server } from "@open-core/framework";
+import type { Account } from "../entities/account.entity";
+import type { Role } from "../entities/role.entity";
+import type { CreateAccountInput, IdentifierType } from "../types";
+interface AccountRow {
+    id?: number;
+    linked_id: string | null;
+    external_source: string | null;
+    license: string | null;
+    discord: string | null;
+    steam: string | null;
+    username: string | null;
+    role_id: number | null;
+    custom_permissions: string;
+    created_at: Date;
+    last_login_at: Date;
+    banned: boolean;
+    ban_reason: string | null;
+    ban_expires: Date | null;
+}
+/**
+ * Repository for the accounts table.
+ */
+export declare class AccountRepository extends Server.Repository<Account> {
+    protected readonly db: Server.DatabaseContract;
+    protected tableName: string;
+    constructor(db: Server.DatabaseContract);
+    findByLinkedId(linkedId: string): Promise<Account | null>;
+    findByIdentifier(type: IdentifierType, value: string): Promise<Account | null>;
+    createAccount(input: CreateAccountInput): Promise<Account>;
+    updateLastLogin(accountId: number, date: Date): Promise<void>;
+    setBan(accountId: number, banned: boolean, reason: string | null, expires: Date | null): Promise<void>;
+    updateCustomPermissions(accountId: number, permissions: string[]): Promise<void>;
+    updateRole(accountId: number, roleId: number | null): Promise<void>;
+    /**
+     * Find account by ID with role data joined.
+     *
+     * @param id - Account ID
+     * @returns Account with role or null if not found
+     */
+    findByIdWithRole(id: number): Promise<{
+        account: Account;
+        role: Role | null;
+    } | null>;
+    /**
+     * Find account by linkedId with role data joined.
+     *
+     * @param linkedId - Account linkedId
+     * @returns Account with role or null if not found
+     */
+    findByLinkedIdWithRole(linkedId: string): Promise<{
+        account: Account;
+        role: Role | null;
+    } | null>;
+    protected toEntity(row: AccountRow): Account;
+    protected toRow(entity: Account): Record<string, unknown>;
+    private identifierColumn;
+    private parsePermissions;
+}
+export {};

package/dist/repositories/account.repository.js ADDED Viewed

@@ -0,0 +1,185 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccountRepository = void 0;
+const framework_1 = require("@open-core/framework");
+/**
+ * Repository for the accounts table.
+ */
+class AccountRepository extends framework_1.Server.Repository {
+    constructor(db) {
+        super(db);
+        this.db = db;
+        this.tableName = "accounts";
+    }
+    async findByLinkedId(linkedId) {
+        const row = await this.db.single(`SELECT * FROM ${this.tableName} WHERE linked_id = ?`, [linkedId]);
+        return row ? this.toEntity(row) : null;
+    }
+    async findByIdentifier(type, value) {
+        const column = this.identifierColumn(type);
+        const row = await this.db.single(`SELECT * FROM ${this.tableName} WHERE ${column} = ?`, [value]);
+        return row ? this.toEntity(row) : null;
+    }
+    async createAccount(input) {
+        const now = new Date();
+        const row = {
+            linked_id: input.linkedId ?? null,
+            external_source: input.externalSource ?? null,
+            license: input.license ?? null,
+            discord: input.discord ?? null,
+            steam: input.steam ?? null,
+            username: input.username ?? null,
+            role_id: input.roleId ?? null,
+            custom_permissions: JSON.stringify([]),
+            created_at: now,
+            last_login_at: now,
+            banned: false,
+            ban_reason: null,
+            ban_expires: null,
+        };
+        const insertId = await this.insertRow(row);
+        return this.toEntity({ ...row, id: insertId });
+    }
+    async updateLastLogin(accountId, date) {
+        await this.db.execute(`UPDATE ${this.tableName} SET last_login_at = ? WHERE id = ?`, [date, accountId]);
+    }
+    async setBan(accountId, banned, reason, expires) {
+        await this.db.execute(`UPDATE ${this.tableName} SET banned = ?, ban_reason = ?, ban_expires = ? WHERE id = ?`, [banned, reason, expires, accountId]);
+    }
+    async updateCustomPermissions(accountId, permissions) {
+        await this.db.execute(`UPDATE ${this.tableName} SET custom_permissions = ? WHERE id = ?`, [JSON.stringify(permissions), accountId]);
+    }
+    async updateRole(accountId, roleId) {
+        await this.db.execute(`UPDATE ${this.tableName} SET role_id = ? WHERE id = ?`, [roleId, accountId]);
+    }
+    /**
+     * Find account by ID with role data joined.
+     *
+     * @param id - Account ID
+     * @returns Account with role or null if not found
+     */
+    async findByIdWithRole(id) {
+        const row = await this.db.single(`SELECT
+        a.*,
+        r.id as role_id,
+        r.name as role_name,
+        r.display_name as role_display_name,
+        r.rank as role_rank,
+        r.permissions as role_permissions,
+        r.is_default as role_is_default,
+        r.created_at as role_created_at
+      FROM ${this.tableName} a
+      LEFT JOIN roles r ON a.role_id = r.id
+      WHERE a.id = ?`, [id]);
+        if (!row)
+            return null;
+        const account = this.toEntity(row);
+        const role = row.role_name
+            ? {
+                id: row.role_id,
+                name: row.role_name,
+                displayName: row.role_display_name,
+                rank: row.role_rank,
+                permissions: JSON.parse(row.role_permissions),
+                isDefault: Boolean(row.role_is_default),
+                createdAt: new Date(row.role_created_at),
+            }
+            : null;
+        return { account, role };
+    }
+    /**
+     * Find account by linkedId with role data joined.
+     *
+     * @param linkedId - Account linkedId
+     * @returns Account with role or null if not found
+     */
+    async findByLinkedIdWithRole(linkedId) {
+        const row = await this.db.single(`SELECT
+        a.*,
+        r.id as role_id,
+        r.name as role_name,
+        r.display_name as role_display_name,
+        r.rank as role_rank,
+        r.permissions as role_permissions,
+        r.is_default as role_is_default,
+        r.created_at as role_created_at
+      FROM ${this.tableName} a
+      LEFT JOIN roles r ON a.role_id = r.id
+      WHERE a.linked_id = ?`, [linkedId]);
+        if (!row)
+            return null;
+        const account = this.toEntity(row);
+        const role = row.role_name
+            ? {
+                id: row.role_id,
+                name: row.role_name,
+                displayName: row.role_display_name,
+                rank: row.role_rank,
+                permissions: JSON.parse(row.role_permissions),
+                isDefault: Boolean(row.role_is_default),
+                createdAt: new Date(row.role_created_at),
+            }
+            : null;
+        return { account, role };
+    }
+    toEntity(row) {
+        return {
+            id: row.id ?? 0,
+            linkedId: row.linked_id,
+            externalSource: row.external_source ?? undefined,
+            license: row.license,
+            discord: row.discord,
+            steam: row.steam,
+            username: row.username,
+            roleId: row.role_id,
+            customPermissions: this.parsePermissions(row.custom_permissions),
+            createdAt: row.created_at ? new Date(row.created_at) : new Date(),
+            lastLoginAt: row.last_login_at ? new Date(row.last_login_at) : new Date(),
+            banned: Boolean(row.banned),
+            banReason: row.ban_reason,
+            banExpires: row.ban_expires ? new Date(row.ban_expires) : null,
+        };
+    }
+    toRow(entity) {
+        return {
+            id: entity.id,
+            linked_id: entity.linkedId,
+            external_source: entity.externalSource ?? null,
+            license: entity.license ?? null,
+            discord: entity.discord ?? null,
+            steam: entity.steam ?? null,
+            username: entity.username ?? null,
+            role_id: entity.roleId,
+            custom_permissions: JSON.stringify(entity.customPermissions ?? []),
+            created_at: entity.createdAt,
+            last_login_at: entity.lastLoginAt,
+            banned: entity.banned,
+            ban_reason: entity.banReason ?? null,
+            ban_expires: entity.banExpires,
+        };
+    }
+    identifierColumn(type) {
+        switch (type) {
+            case "discord":
+                return "discord";
+            case "steam":
+                return "steam";
+            case "license":
+            default:
+                return "license";
+        }
+    }
+    parsePermissions(raw) {
+        if (Array.isArray(raw))
+            return raw;
+        if (!raw)
+            return [];
+        try {
+            return JSON.parse(raw);
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.AccountRepository = AccountRepository;

package/dist/repositories/role.repository.d.ts ADDED Viewed

@@ -0,0 +1,50 @@
+import { Server } from "@open-core/framework";
+import type { Role } from "../entities/role.entity";
+interface RoleRow {
+    id?: number;
+    name: string;
+    display_name: string;
+    rank: number;
+    permissions: string;
+    is_default: boolean;
+    created_at: Date;
+}
+/**
+ * Repository for the roles table.
+ * Manages CRUD operations for roles with custom queries for defaults and names.
+ */
+export declare class RoleRepository extends Server.Repository<Role> {
+    protected readonly db: Server.DatabaseContract;
+    protected tableName: string;
+    constructor(db: Server.DatabaseContract);
+    /**
+     * Find a role by its internal name.
+     *
+     * @param name - Role name (e.g., 'admin', 'user')
+     * @returns The role or null if not found
+     */
+    findByName(name: string): Promise<Role | null>;
+    /**
+     * Get the default role for new accounts.
+     *
+     * @returns The default role or null if none is set
+     */
+    getDefaultRole(): Promise<Role | null>;
+    /**
+     * Update role permissions.
+     *
+     * @param roleId - Role ID
+     * @param permissions - New permissions array
+     */
+    updatePermissions(roleId: number, permissions: string[]): Promise<void>;
+    /**
+     * Set or unset a role as default.
+     *
+     * @param roleId - Role ID
+     * @param isDefault - Whether this should be the default role
+     */
+    setDefault(roleId: number, isDefault: boolean): Promise<void>;
+    protected toEntity(row: RoleRow): Role;
+    protected toRow(entity: Role): Record<string, unknown>;
+}
+export {};

package/dist/repositories/role.repository.js ADDED Viewed

@@ -0,0 +1,79 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RoleRepository = void 0;
+const framework_1 = require("@open-core/framework");
+/**
+ * Repository for the roles table.
+ * Manages CRUD operations for roles with custom queries for defaults and names.
+ */
+class RoleRepository extends framework_1.Server.Repository {
+    constructor(db) {
+        super(db);
+        this.db = db;
+        this.tableName = "roles";
+    }
+    /**
+     * Find a role by its internal name.
+     *
+     * @param name - Role name (e.g., 'admin', 'user')
+     * @returns The role or null if not found
+     */
+    async findByName(name) {
+        const row = await this.db.single(`SELECT * FROM ${this.tableName} WHERE name = ?`, [name]);
+        return row ? this.toEntity(row) : null;
+    }
+    /**
+     * Get the default role for new accounts.
+     *
+     * @returns The default role or null if none is set
+     */
+    async getDefaultRole() {
+        const row = await this.db.single(`SELECT * FROM ${this.tableName} WHERE is_default = TRUE LIMIT 1`);
+        return row ? this.toEntity(row) : null;
+    }
+    /**
+     * Update role permissions.
+     *
+     * @param roleId - Role ID
+     * @param permissions - New permissions array
+     */
+    async updatePermissions(roleId, permissions) {
+        await this.db.execute(`UPDATE ${this.tableName} SET permissions = ? WHERE id = ?`, [JSON.stringify(permissions), roleId]);
+    }
+    /**
+     * Set or unset a role as default.
+     *
+     * @param roleId - Role ID
+     * @param isDefault - Whether this should be the default role
+     */
+    async setDefault(roleId, isDefault) {
+        if (isDefault) {
+            // Unset all other defaults first
+            await this.db.execute(`UPDATE ${this.tableName} SET is_default = FALSE WHERE id != ?`, [roleId]);
+        }
+        await this.db.execute(`UPDATE ${this.tableName} SET is_default = ? WHERE id = ?`, [isDefault, roleId]);
+    }
+    toEntity(row) {
+        return {
+            id: row.id,
+            name: row.name,
+            displayName: row.display_name,
+            rank: row.rank,
+            permissions: JSON.parse(row.permissions),
+            isDefault: row.is_default,
+            createdAt: new Date(row.created_at),
+        };
+    }
+    toRow(entity) {
+        return {
+            id: entity.id,
+            name: entity.name,
+            display_name: entity.displayName,
+            rank: entity.rank,
+            permissions: JSON.stringify(entity.permissions ?? []),
+            is_default: entity.isDefault,
+            created_at: entity.createdAt,
+        };
+    }
+}
+exports.RoleRepository = RoleRepository;