@palbase/backend 8.1.0 → 8.3.0

package/dist/index.d.cts

@@ -1,8 +1,8 @@
 import { C as CacheClient, b as PalbaseDocsClient, c as PalbaseFlagsClient, L as Logger, d as PalbaseNotificationsClient, Q as QueueClient, e as PalbaseRealtimeClient, D as DBClient, f as PalbaseStorageClient, A as AuthSpec, R as RateLimitConfig, H as HttpError, U as User$1 } from './endpoint-fW9yWla0.cjs';
 export { g as AuthConfig, B as BadRequest, h as ClientInfo, i as Conflict, j as DBOps, E as ErrorDef, k as ErrorMap, l as ErrorThrowers, F as FileContext, m as Forbidden, n as HttpMethod, M as Middleware, o as MiddlewareContext, p as MiddlewareHandler, N as NotFound, P as PBRequest, q as PalError, r as PalbaseAnalyticsClient, s as PalbaseAnalyticsManagementNamespace, t as PalbaseAnalyticsProperties, u as PalbaseAnalyticsQueryNamespace, v as PalbaseAttestAndroidParams, w as PalbaseAttestAndroidResult, x as PalbaseAttestiOSParams, y as PalbaseAttestiOSResult, z as PalbaseAuthClient, G as PalbaseBatchOverrideOperation, I as PalbaseBatchSetOverridesResult, J as PalbaseBindDeviceParams, K as PalbaseBucketClient, O as PalbaseClearAllOverridesResult, S as PalbaseClearOverrideResult, T as PalbaseCohortQueryInput, V as PalbaseCohortResult, W as PalbaseCollectionRef, X as PalbaseCountQueryInput, Y as PalbaseCountResult, Z as PalbaseCreateLinkParams, _ as PalbaseDeviceInfo, $ as PalbaseDeviceTokenView, a0 as PalbaseDocumentRef, a1 as PalbaseDocumentSnapshot, a2 as PalbaseEmailClient, a3 as PalbaseEmailSendParams, a4 as PalbaseEmailSendResponse, a5 as PalbaseEventNamesResult, a6 as PalbaseEventsQueryInput, a7 as PalbaseEventsResult, a8 as PalbaseFileObject, a9 as PalbaseFlag, aa as PalbaseFlagContext, ab as PalbaseFlagSource, ac as PalbaseFlagValue, ad as PalbaseFlagVariant, ae as PalbaseFlagsServiceClient, af as PalbaseFunctionsClient, ag as PalbaseFunnelQueryInput, ah as PalbaseFunnelResult, ai as PalbaseIdentifyTraits, aj as PalbaseInboxClient, ak as PalbaseInboxListOptions, al as PalbaseInboxListResult, am as PalbaseInboxMessage, an as PalbaseInboxSendParams, ao as PalbaseInboxSendResponse, ap as PalbaseInitialLink, aq as PalbaseInvokeOptions, ar as PalbaseLink, as as PalbaseLinkAnalytics, at as PalbaseLinkDetails, au as PalbaseLinksClient, av as PalbaseListLinksOptions, aw as PalbaseListLinksResult, ax as PalbaseListOptions, ay as PalbaseMatchParams, az as PalbaseMultiChannelResponse, aA as PalbaseOverviewResult, aB as PalbasePreferences, aC as PalbasePreferencesClient, aD as PalbasePublicUrlResponse, aE as PalbasePushClient, aF as PalbasePushSendParams, aG as PalbasePushSendResponse, aH as PalbaseQrCodeOptions, aI as PalbaseQuerySnapshot, aJ as PalbaseRegisterDeviceParams, aK as PalbaseResult, aL as PalbaseRetentionQueryInput, aM as PalbaseRetentionResult, aN as PalbaseSession, aO as PalbaseSetOverrideResult, aP as PalbaseSetOverridesResult, aQ as PalbaseSignedUrlResponse, aR as PalbaseSmsClient, aS as PalbaseSmsSendParams, aT as PalbaseSmsSendResponse, aU as PalbaseTransformOptions, aV as PalbaseUpdateLinkParams, aW as PalbaseUploadOptions, aX as PalbaseUser, aY as PalbaseUserDetailResult, aZ as PalbaseUsersQueryInput, a_ as PalbaseUsersResult, a$ as PalbaseVerifyRequestSignatureParams, b0 as PalbaseWhereOperator, b1 as TooManyRequests, b2 as TxClient, b3 as Unauthorized, b4 as defineMiddleware } from './endpoint-fW9yWla0.cjs';
 import { AsyncLocalStorage } from 'node:async_hooks';
-import { E as EnvTypedDatabase, S as SchemaDef } from './index-BZdDJJIy.cjs';
-export { C as ColumnBuilder, a as ColumnDef, b as ColumnMap, c as ColumnType, d as EXTENSION_DEPENDENCIES, e as EnvServiceDatabase, f as EnvTables, g as EnvTypedTable, h as EnvTypedTx, I as InsertShape, O as OnDeleteAction, P as PALBASE_EXTENSIONS, i as PalbaseExtension, j as PolicyBuilder, k as PolicyCommand, l as PolicyDef, m as PolicyMode, R as RowShape, n as SchemaInput, T as TableDef, o as TableInput, p as TypedDB, q as TypedTable, r as TypedTx, s as boolean, t as defineSchema, u as enumType, v as integer, w as isPalbaseExtension, x as jsonb, y as makeTypedDB, z as policy, A as text, B as timestamp, D as uuid } from './index-BZdDJJIy.cjs';
+import { E as EnvTypedDatabase, S as SchemaDef } from './index-CC0LdYkQ.cjs';
+export { C as ColumnBuilder, a as ColumnDef, b as ColumnMap, c as ColumnType, d as EXTENSION_DEPENDENCIES, e as EnvServiceDatabase, f as EnvTables, g as EnvTypedTable, h as EnvTypedTx, I as InsertShape, O as OnDeleteAction, P as PALBASE_EXTENSIONS, i as PalbaseExtension, j as PolicyBuilder, k as PolicyCommand, l as PolicyDef, m as PolicyMode, R as RawConstraintDef, n as RowShape, o as SchemaInput, T as TableDef, p as TableInput, q as TypedDB, r as TypedTable, s as TypedTx, t as boolean, u as defineSchema, v as enumType, w as integer, x as isPalbaseExtension, y as jsonb, z as makeTypedDB, A as policy, B as raw, D as text, F as timestamp, G as uuid } from './index-CC0LdYkQ.cjs';
 export { TableTypes, Tables } from './db/env.cjs';
 import { ZodTypeAny, z } from 'zod';
 export { z } from 'zod';
@@ -714,20 +714,18 @@ type ParameterDecorator$1 = (target: object, propertyKey: string | symbol, param
  * — the client cannot exceed what it declared.
  */
 interface UploadConfig {
-    /** Target bucket NAME. MUST exist in `config/storage.ts` `defineStorage(...)`. */
-    bucket: string;
-    /**
-     * Max object size in BYTES. Enforced twice: the authorize pre-flight rejects a
-     * larger declared size, and the signed URL pins it so storage rejects a larger
-     * PUT. When omitted, the bucket's own `fileSizeLimit` applies.
-     */
-    maxSize?: number;
     /**
-     * MIME allowlist for the object. The authorize pre-flight rejects a
-     * non-matching declared content-type, and the signed URL pins the exact type.
-     * When omitted, the bucket's own `allowedMimeTypes` applies (or any type).
+     * Target bucket NAME. MUST exist in `config/storage.ts` `defineStorage(...)`.
+     *
+     * The bucket is the SINGLE SOURCE OF TRUTH for the size limit + MIME allowlist:
+     * `bucket({ fileSizeLimit, allowedMimeTypes })`. Storage enforces those at the
+     * actual PUT (the only guard a client cannot skip), so `@Upload` deliberately
+     * does NOT take its own `maxSize`/`allowedTypes` — duplicating them here would
+     * let a route declare a tighter limit than its bucket that storage would not
+     * enforce (a real bypass: declare 10 bytes at authorize, then PUT up to the
+     * bucket ceiling straight at the signed URL). One bucket, one limit, enforced.
      */
-    allowedTypes?: string[];
+    bucket: string;
     /**
      * SERVER-side object key template. The client NEVER chooses the path. Tokens:
      * `{userId}` (authenticated user id), `{uploadId}` (server-minted), and
@@ -742,9 +740,10 @@ interface UploadConfig {
  * guard + signed-URL pinning.
  *
  * @example
- * ＠Upload("/", { bucket: "docs", maxSize: 25 * 1024 * 1024,
- *                allowedTypes: ["application/pdf"], pathTemplate: "{userId}/{uploadId}-{filename}" })
+ * ＠Upload("/", { bucket: "docs", pathTemplate: "{userId}/{uploadId}-{filename}" })
  * async upload(＠UploadedObject() obj: UploadedObject, ＠User() user): Promise<DocResult> { ... }
+ * // The size limit + MIME allowlist come from the "docs" bucket in
+ * // config/storage.ts — storage enforces them at the PUT.
  */
 declare function Upload(subpath: string, config: UploadConfig & Pick<RouteOptions, "auth" | "rateLimit">): MethodDecorator$1;
 /**
@@ -777,10 +776,13 @@ interface UploadedObject {
 declare function UploadedObject(): ParameterDecorator$1;
 /**
  * Cross-check one `@Upload` route's uploadConfig against the project's
- * {@link StorageConfig}: the bucket must exist, the upload's `maxSize` must not
- * exceed the bucket's `fileSizeLimit`, and the upload's `allowedTypes` must be a
- * subset of the bucket's `allowedMimeTypes`. Throws a precise error so a
- * mismatch fails at deploy, not at the first user upload.
+ * {@link StorageConfig}: the named bucket MUST exist in `defineStorage(...)`.
+ * Throws a precise error so a typo fails at deploy, not at the first user upload.
+ *
+ * That is the ONLY cross-check: the size limit + MIME allowlist live on the
+ * bucket (`bucket({ fileSizeLimit, allowedMimeTypes })`) and are enforced by
+ * storage at the PUT. `@Upload` carries no `maxSize`/`allowedTypes` of its own,
+ * so there is nothing to compare — one bucket, one limit, no drift.
  *
  * `routeLabel` is used only for error messages (e.g. `docs.upload`).
  */

package/dist/index.d.ts

@@ -1,8 +1,8 @@
 import { C as CacheClient, b as PalbaseDocsClient, c as PalbaseFlagsClient, L as Logger, d as PalbaseNotificationsClient, Q as QueueClient, e as PalbaseRealtimeClient, D as DBClient, f as PalbaseStorageClient, A as AuthSpec, R as RateLimitConfig, H as HttpError, U as User$1 } from './endpoint-fW9yWla0.js';
 export { g as AuthConfig, B as BadRequest, h as ClientInfo, i as Conflict, j as DBOps, E as ErrorDef, k as ErrorMap, l as ErrorThrowers, F as FileContext, m as Forbidden, n as HttpMethod, M as Middleware, o as MiddlewareContext, p as MiddlewareHandler, N as NotFound, P as PBRequest, q as PalError, r as PalbaseAnalyticsClient, s as PalbaseAnalyticsManagementNamespace, t as PalbaseAnalyticsProperties, u as PalbaseAnalyticsQueryNamespace, v as PalbaseAttestAndroidParams, w as PalbaseAttestAndroidResult, x as PalbaseAttestiOSParams, y as PalbaseAttestiOSResult, z as PalbaseAuthClient, G as PalbaseBatchOverrideOperation, I as PalbaseBatchSetOverridesResult, J as PalbaseBindDeviceParams, K as PalbaseBucketClient, O as PalbaseClearAllOverridesResult, S as PalbaseClearOverrideResult, T as PalbaseCohortQueryInput, V as PalbaseCohortResult, W as PalbaseCollectionRef, X as PalbaseCountQueryInput, Y as PalbaseCountResult, Z as PalbaseCreateLinkParams, _ as PalbaseDeviceInfo, $ as PalbaseDeviceTokenView, a0 as PalbaseDocumentRef, a1 as PalbaseDocumentSnapshot, a2 as PalbaseEmailClient, a3 as PalbaseEmailSendParams, a4 as PalbaseEmailSendResponse, a5 as PalbaseEventNamesResult, a6 as PalbaseEventsQueryInput, a7 as PalbaseEventsResult, a8 as PalbaseFileObject, a9 as PalbaseFlag, aa as PalbaseFlagContext, ab as PalbaseFlagSource, ac as PalbaseFlagValue, ad as PalbaseFlagVariant, ae as PalbaseFlagsServiceClient, af as PalbaseFunctionsClient, ag as PalbaseFunnelQueryInput, ah as PalbaseFunnelResult, ai as PalbaseIdentifyTraits, aj as PalbaseInboxClient, ak as PalbaseInboxListOptions, al as PalbaseInboxListResult, am as PalbaseInboxMessage, an as PalbaseInboxSendParams, ao as PalbaseInboxSendResponse, ap as PalbaseInitialLink, aq as PalbaseInvokeOptions, ar as PalbaseLink, as as PalbaseLinkAnalytics, at as PalbaseLinkDetails, au as PalbaseLinksClient, av as PalbaseListLinksOptions, aw as PalbaseListLinksResult, ax as PalbaseListOptions, ay as PalbaseMatchParams, az as PalbaseMultiChannelResponse, aA as PalbaseOverviewResult, aB as PalbasePreferences, aC as PalbasePreferencesClient, aD as PalbasePublicUrlResponse, aE as PalbasePushClient, aF as PalbasePushSendParams, aG as PalbasePushSendResponse, aH as PalbaseQrCodeOptions, aI as PalbaseQuerySnapshot, aJ as PalbaseRegisterDeviceParams, aK as PalbaseResult, aL as PalbaseRetentionQueryInput, aM as PalbaseRetentionResult, aN as PalbaseSession, aO as PalbaseSetOverrideResult, aP as PalbaseSetOverridesResult, aQ as PalbaseSignedUrlResponse, aR as PalbaseSmsClient, aS as PalbaseSmsSendParams, aT as PalbaseSmsSendResponse, aU as PalbaseTransformOptions, aV as PalbaseUpdateLinkParams, aW as PalbaseUploadOptions, aX as PalbaseUser, aY as PalbaseUserDetailResult, aZ as PalbaseUsersQueryInput, a_ as PalbaseUsersResult, a$ as PalbaseVerifyRequestSignatureParams, b0 as PalbaseWhereOperator, b1 as TooManyRequests, b2 as TxClient, b3 as Unauthorized, b4 as defineMiddleware } from './endpoint-fW9yWla0.js';
 import { AsyncLocalStorage } from 'node:async_hooks';
-import { E as EnvTypedDatabase, S as SchemaDef } from './index-CArW1VMq.js';
-export { C as ColumnBuilder, a as ColumnDef, b as ColumnMap, c as ColumnType, d as EXTENSION_DEPENDENCIES, e as EnvServiceDatabase, f as EnvTables, g as EnvTypedTable, h as EnvTypedTx, I as InsertShape, O as OnDeleteAction, P as PALBASE_EXTENSIONS, i as PalbaseExtension, j as PolicyBuilder, k as PolicyCommand, l as PolicyDef, m as PolicyMode, R as RowShape, n as SchemaInput, T as TableDef, o as TableInput, p as TypedDB, q as TypedTable, r as TypedTx, s as boolean, t as defineSchema, u as enumType, v as integer, w as isPalbaseExtension, x as jsonb, y as makeTypedDB, z as policy, A as text, B as timestamp, D as uuid } from './index-CArW1VMq.js';
+import { E as EnvTypedDatabase, S as SchemaDef } from './index-tudF0wAM.js';
+export { C as ColumnBuilder, a as ColumnDef, b as ColumnMap, c as ColumnType, d as EXTENSION_DEPENDENCIES, e as EnvServiceDatabase, f as EnvTables, g as EnvTypedTable, h as EnvTypedTx, I as InsertShape, O as OnDeleteAction, P as PALBASE_EXTENSIONS, i as PalbaseExtension, j as PolicyBuilder, k as PolicyCommand, l as PolicyDef, m as PolicyMode, R as RawConstraintDef, n as RowShape, o as SchemaInput, T as TableDef, p as TableInput, q as TypedDB, r as TypedTable, s as TypedTx, t as boolean, u as defineSchema, v as enumType, w as integer, x as isPalbaseExtension, y as jsonb, z as makeTypedDB, A as policy, B as raw, D as text, F as timestamp, G as uuid } from './index-tudF0wAM.js';
 export { TableTypes, Tables } from './db/env.js';
 import { ZodTypeAny, z } from 'zod';
 export { z } from 'zod';
@@ -714,20 +714,18 @@ type ParameterDecorator$1 = (target: object, propertyKey: string | symbol, param
  * — the client cannot exceed what it declared.
  */
 interface UploadConfig {
-    /** Target bucket NAME. MUST exist in `config/storage.ts` `defineStorage(...)`. */
-    bucket: string;
-    /**
-     * Max object size in BYTES. Enforced twice: the authorize pre-flight rejects a
-     * larger declared size, and the signed URL pins it so storage rejects a larger
-     * PUT. When omitted, the bucket's own `fileSizeLimit` applies.
-     */
-    maxSize?: number;
     /**
-     * MIME allowlist for the object. The authorize pre-flight rejects a
-     * non-matching declared content-type, and the signed URL pins the exact type.
-     * When omitted, the bucket's own `allowedMimeTypes` applies (or any type).
+     * Target bucket NAME. MUST exist in `config/storage.ts` `defineStorage(...)`.
+     *
+     * The bucket is the SINGLE SOURCE OF TRUTH for the size limit + MIME allowlist:
+     * `bucket({ fileSizeLimit, allowedMimeTypes })`. Storage enforces those at the
+     * actual PUT (the only guard a client cannot skip), so `@Upload` deliberately
+     * does NOT take its own `maxSize`/`allowedTypes` — duplicating them here would
+     * let a route declare a tighter limit than its bucket that storage would not
+     * enforce (a real bypass: declare 10 bytes at authorize, then PUT up to the
+     * bucket ceiling straight at the signed URL). One bucket, one limit, enforced.
      */
-    allowedTypes?: string[];
+    bucket: string;
     /**
      * SERVER-side object key template. The client NEVER chooses the path. Tokens:
      * `{userId}` (authenticated user id), `{uploadId}` (server-minted), and
@@ -742,9 +740,10 @@ interface UploadConfig {
  * guard + signed-URL pinning.
  *
  * @example
- * ＠Upload("/", { bucket: "docs", maxSize: 25 * 1024 * 1024,
- *                allowedTypes: ["application/pdf"], pathTemplate: "{userId}/{uploadId}-{filename}" })
+ * ＠Upload("/", { bucket: "docs", pathTemplate: "{userId}/{uploadId}-{filename}" })
  * async upload(＠UploadedObject() obj: UploadedObject, ＠User() user): Promise<DocResult> { ... }
+ * // The size limit + MIME allowlist come from the "docs" bucket in
+ * // config/storage.ts — storage enforces them at the PUT.
  */
 declare function Upload(subpath: string, config: UploadConfig & Pick<RouteOptions, "auth" | "rateLimit">): MethodDecorator$1;
 /**
@@ -777,10 +776,13 @@ interface UploadedObject {
 declare function UploadedObject(): ParameterDecorator$1;
 /**
  * Cross-check one `@Upload` route's uploadConfig against the project's
- * {@link StorageConfig}: the bucket must exist, the upload's `maxSize` must not
- * exceed the bucket's `fileSizeLimit`, and the upload's `allowedTypes` must be a
- * subset of the bucket's `allowedMimeTypes`. Throws a precise error so a
- * mismatch fails at deploy, not at the first user upload.
+ * {@link StorageConfig}: the named bucket MUST exist in `defineStorage(...)`.
+ * Throws a precise error so a typo fails at deploy, not at the first user upload.
+ *
+ * That is the ONLY cross-check: the size limit + MIME allowlist live on the
+ * bucket (`bucket({ fileSizeLimit, allowedMimeTypes })`) and are enforced by
+ * storage at the PUT. `@Upload` carries no `maxSize`/`allowedTypes` of its own,
+ * so there is nothing to compare — one bucket, one limit, no drift.
  *
  * `routeLabel` is used only for error messages (e.g. `docs.upload`).
  */

package/dist/index.js

@@ -25,10 +25,11 @@ import {
   jsonb,
   makeTypedDB,
   policy,
+  raw,
   text,
   timestamp,
   uuid
-} from "./chunk-2N4YNN6F.js";
+} from "./chunk-FIB3SBVQ.js";
 
 // src/db/env-gen.ts
 function baseTsType(def) {
@@ -476,7 +477,6 @@ var Patch = makeMethodDecorator("PATCH");
 var Delete = makeMethodDecorator("DELETE");
 
 // src/decorators/upload.ts
-var MIME_RE2 = /^[A-Za-z0-9][A-Za-z0-9!#$&^_.+-]*\/[A-Za-z0-9*][A-Za-z0-9!#$&^_.+-]*$/;
 function Upload(subpath, config) {
   const { auth: auth2, rateLimit, ...uploadConfig } = config;
   validateUploadConfigShape(uploadConfig);
@@ -507,21 +507,6 @@ function validateUploadConfigShape(c) {
   if (typeof c.pathTemplate !== "string" || c.pathTemplate.length === 0) {
     throw new Error("@Upload config.pathTemplate must be a non-empty key template");
   }
-  if (c.maxSize !== void 0) {
-    if (!Number.isInteger(c.maxSize) || c.maxSize <= 0) {
-      throw new Error(`@Upload config.maxSize must be a positive integer byte count, got ${c.maxSize}`);
-    }
-  }
-  if (c.allowedTypes !== void 0) {
-    if (!Array.isArray(c.allowedTypes) || c.allowedTypes.length === 0) {
-      throw new Error("@Upload config.allowedTypes must be a non-empty array of MIME types when present");
-    }
-    for (const t of c.allowedTypes) {
-      if (typeof t !== "string" || !MIME_RE2.test(t.trim())) {
-        throw new Error(`@Upload config.allowedTypes entry "${t}" is not a valid MIME type (e.g. "image/png")`);
-      }
-    }
-  }
 }
 function validateUploadAgainstStorage(uploadConfig, storage2, routeLabel) {
   const def = storage2.buckets[uploadConfig.bucket];
@@ -531,28 +516,6 @@ function validateUploadAgainstStorage(uploadConfig, storage2, routeLabel) {
       `@Upload route ${routeLabel} targets bucket "${uploadConfig.bucket}" which is not declared in defineStorage(...). ` + (known.length ? `Known buckets: ${known.join(", ")}.` : "No buckets are declared.")
     );
   }
-  if (uploadConfig.maxSize !== void 0 && def.fileSizeLimit !== null && uploadConfig.maxSize > def.fileSizeLimit) {
-    throw new Error(
-      `@Upload route ${routeLabel} maxSize (${uploadConfig.maxSize} bytes) exceeds bucket "${uploadConfig.bucket}" fileSizeLimit (${def.fileSizeLimit} bytes)`
-    );
-  }
-  if (uploadConfig.allowedTypes !== void 0 && def.allowedMimeTypes !== null) {
-    const bucketAllows = (mime) => def.allowedMimeTypes.some((b) => {
-      if (b === mime) return true;
-      const slash = b.indexOf("/");
-      if (slash > 0 && b.slice(slash + 1) === "*") {
-        return mime.startsWith(b.slice(0, slash + 1));
-      }
-      return false;
-    });
-    for (const t of uploadConfig.allowedTypes) {
-      if (!bucketAllows(t)) {
-        throw new Error(
-          `@Upload route ${routeLabel} allows MIME "${t}" which bucket "${uploadConfig.bucket}" does not (bucket allows: ${def.allowedMimeTypes.join(", ")})`
-        );
-      }
-    }
-  }
 }
 
 // src/decorators/params.ts
@@ -1169,6 +1132,7 @@ export {
   makeTypedDB,
   parseFileSizeLimit,
   policy,
+  raw,
   recordThrows,
   reservedSecretKey,
   storage,