@payez/next-mvp 3.5.0 → 3.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/dist/api-handlers/admin/index.d.ts +1 -0
  2. package/dist/api-handlers/admin/index.js +3 -1
  3. package/dist/api-handlers/admin/stats.d.ts +21 -0
  4. package/dist/api-handlers/admin/stats.js +240 -0
  5. package/dist/auth/utils/idp-client.js +1 -0
  6. package/dist/components/account/MobileNavDrawer.d.ts +32 -0
  7. package/dist/components/account/MobileNavDrawer.js +81 -0
  8. package/dist/components/account/UserAvatarMenu.js +5 -1
  9. package/dist/components/account/index.d.ts +2 -0
  10. package/dist/components/account/index.js +5 -2
  11. package/dist/index.d.ts +2 -2
  12. package/dist/index.js +2 -1
  13. package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts +18 -0
  14. package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.js +276 -0
  15. package/dist/pages/admin-page-permissions/index.d.ts +6 -0
  16. package/dist/pages/admin-page-permissions/index.js +13 -0
  17. package/dist/pages/admin-roles/RolesAdminPage.d.ts +12 -11
  18. package/dist/pages/admin-roles/RolesAdminPage.js +249 -66
  19. package/dist/routes/auth/session.d.ts +1 -30
  20. package/dist/routes/auth/session.js +3 -4
  21. package/package.json +6 -1
  22. package/src/api-handlers/admin/index.ts +5 -0
  23. package/src/api-handlers/admin/stats.ts +240 -0
  24. package/src/auth/utils/idp-client.ts +1 -0
  25. package/src/components/account/MobileNavDrawer.tsx +305 -0
  26. package/src/components/account/UserAvatarMenu.tsx +47 -17
  27. package/src/components/account/index.ts +5 -0
  28. package/src/index.ts +2 -2
  29. package/src/pages/admin-page-permissions/PagePermissionsAdminPage.tsx +527 -0
  30. package/src/pages/admin-page-permissions/index.ts +7 -0
  31. package/src/pages/admin-roles/RolesAdminPage.tsx +494 -318
  32. package/src/routes/auth/session.ts +3 -4
package/dist/api-handlers/admin/index.d.ts CHANGED
@@ -19,3 +19,4 @@ export { createAuditHandler, type AdminAuditHandlerConfig, } from './audit';
19
19
  export { createAnalyticsHandler, type AdminAnalyticsHandlerConfig, } from './analytics';
20
20
  export { createSiteLogsHandler, createSiteLogsStatsHandler, createSiteLogsDrainHandler, createSiteLogsQueueHandler, type SiteLogsHandlerConfig, } from './site-logs';
21
21
  export { createRedisSessionsHandler, createRedisSessionRevokeHandler, type RedisSessionsHandlerConfig, } from './redis-sessions';
22
+ export { createStatsHandler, type AdminStatsHandlerConfig, } from './stats';
package/dist/api-handlers/admin/index.js CHANGED
@@ -14,7 +14,7 @@
14
14
  * export const GET = createGetTableDataHandler({ getAuthOptions });
15
15
  */
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
- exports.createRedisSessionRevokeHandler = exports.createRedisSessionsHandler = exports.createSiteLogsQueueHandler = exports.createSiteLogsDrainHandler = exports.createSiteLogsStatsHandler = exports.createSiteLogsHandler = exports.createAnalyticsHandler = exports.createAuditHandler = exports.createUsersHandler = exports.createSessionsHandler = exports.createQueryHandler = exports.createDeleteRecordHandler = exports.createUpdateRecordHandler = exports.createGetRecordHandler = exports.createGetTableDataHandler = exports.createGetTablesHandler = exports.createGetCollectionsHandler = void 0;
17
+ exports.createStatsHandler = exports.createRedisSessionRevokeHandler = exports.createRedisSessionsHandler = exports.createSiteLogsQueueHandler = exports.createSiteLogsDrainHandler = exports.createSiteLogsStatsHandler = exports.createSiteLogsHandler = exports.createAnalyticsHandler = exports.createAuditHandler = exports.createUsersHandler = exports.createSessionsHandler = exports.createQueryHandler = exports.createDeleteRecordHandler = exports.createUpdateRecordHandler = exports.createGetRecordHandler = exports.createGetTableDataHandler = exports.createGetTablesHandler = exports.createGetCollectionsHandler = void 0;
18
18
  var vibe_data_1 = require("./vibe-data");
19
19
  Object.defineProperty(exports, "createGetCollectionsHandler", { enumerable: true, get: function () { return vibe_data_1.createGetCollectionsHandler; } });
20
20
  Object.defineProperty(exports, "createGetTablesHandler", { enumerable: true, get: function () { return vibe_data_1.createGetTablesHandler; } });
@@ -39,3 +39,5 @@ Object.defineProperty(exports, "createSiteLogsQueueHandler", { enumerable: true,
39
39
  var redis_sessions_1 = require("./redis-sessions");
40
40
  Object.defineProperty(exports, "createRedisSessionsHandler", { enumerable: true, get: function () { return redis_sessions_1.createRedisSessionsHandler; } });
41
41
  Object.defineProperty(exports, "createRedisSessionRevokeHandler", { enumerable: true, get: function () { return redis_sessions_1.createRedisSessionRevokeHandler; } });
42
+ var stats_1 = require("./stats");
43
+ Object.defineProperty(exports, "createStatsHandler", { enumerable: true, get: function () { return stats_1.createStatsHandler; } });
package/dist/api-handlers/admin/stats.d.ts ADDED
@@ -0,0 +1,21 @@
1
+ /**
2
+ * Admin Stats API Handler
3
+ *
4
+ * Aggregates dashboard statistics from users, Redis sessions, and audit logs.
5
+ * Uses service account HMAC auth for Vibe API requests.
6
+ *
7
+ * @version 1.0
8
+ * @requires Admin role (vibe_app_admin or payez_admin)
9
+ */
10
+ import { NextRequest, NextResponse } from 'next/server';
11
+ export interface AdminStatsHandlerConfig {
12
+ getAuthOptions: () => Promise<any>;
13
+ appSlug?: string;
14
+ }
15
+ /**
16
+ * GET /api/admin/stats - Dashboard statistics
17
+ * Aggregates users + tier breakdown, active Redis sessions, and recent audit activity.
18
+ */
19
+ export declare function createStatsHandler(config: AdminStatsHandlerConfig): {
20
+ GET(_request: NextRequest): Promise<NextResponse<unknown>>;
21
+ };
package/dist/api-handlers/admin/stats.js ADDED
@@ -0,0 +1,240 @@
1
+ "use strict";
2
+ /**
3
+ * Admin Stats API Handler
4
+ *
5
+ * Aggregates dashboard statistics from users, Redis sessions, and audit logs.
6
+ * Uses service account HMAC auth for Vibe API requests.
7
+ *
8
+ * @version 1.0
9
+ * @requires Admin role (vibe_app_admin or payez_admin)
10
+ */
11
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
12
+ if (k2 === undefined) k2 = k;
13
+ var desc = Object.getOwnPropertyDescriptor(m, k);
14
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
15
+ desc = { enumerable: true, get: function() { return m[k]; } };
16
+ }
17
+ Object.defineProperty(o, k2, desc);
18
+ }) : (function(o, m, k, k2) {
19
+ if (k2 === undefined) k2 = k;
20
+ o[k2] = m[k];
21
+ }));
22
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
23
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
24
+ }) : function(o, v) {
25
+ o["default"] = v;
26
+ });
27
+ var __importStar = (this && this.__importStar) || (function () {
28
+ var ownKeys = function(o) {
29
+ ownKeys = Object.getOwnPropertyNames || function (o) {
30
+ var ar = [];
31
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
32
+ return ar;
33
+ };
34
+ return ownKeys(o);
35
+ };
36
+ return function (mod) {
37
+ if (mod && mod.__esModule) return mod;
38
+ var result = {};
39
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
40
+ __setModuleDefault(result, mod);
41
+ return result;
42
+ };
43
+ })();
44
+ Object.defineProperty(exports, "__esModule", { value: true });
45
+ exports.createStatsHandler = createStatsHandler;
46
+ const server_1 = require("next/server");
47
+ const next_auth_1 = require("next-auth");
48
+ const startup_init_1 = require("../../lib/startup-init");
49
+ const redis_1 = require("../../lib/redis");
50
+ const roles_1 = require("../../lib/roles");
51
+ async function checkAdminRole(getAuthOptions) {
52
+ const authOptions = await getAuthOptions();
53
+ const session = await (0, next_auth_1.getServerSession)(authOptions);
54
+ if (!session?.user) {
55
+ return {
56
+ isAdmin: false,
57
+ error: server_1.NextResponse.json({ success: false, error: 'Please sign in' }, { status: 401 }),
58
+ };
59
+ }
60
+ const userRoles = session.user?.roles || [];
61
+ const hasAdminRole = roles_1.ADMIN_ROLES.some(role => userRoles.includes(role));
62
+ if (!hasAdminRole) {
63
+ return {
64
+ isAdmin: false,
65
+ error: server_1.NextResponse.json({ success: false, error: 'Admin access required' }, { status: 403 }),
66
+ };
67
+ }
68
+ return { isAdmin: true };
69
+ }
70
+ async function vibeServiceRequest(endpoint, options) {
71
+ const idpUrl = process.env.NEXT_PUBLIC_IDP_URL || process.env.IDP_URL;
72
+ const clientId = process.env.VIBE_CLIENT_ID;
73
+ const signingKey = process.env.VIBE_HMAC_KEY;
74
+ if (!idpUrl || !clientId || !signingKey) {
75
+ return { ok: false, status: 500, data: null, error: 'Vibe not configured' };
76
+ }
77
+ const timestamp = Math.floor(Date.now() / 1000);
78
+ const stringToSign = `${timestamp}|${options.method}|${endpoint}`;
79
+ const crypto = await Promise.resolve().then(() => __importStar(require('crypto')));
80
+ const signature = crypto
81
+ .createHmac('sha256', Buffer.from(signingKey, 'base64'))
82
+ .update(stringToSign)
83
+ .digest('base64');
84
+ const proxyUrl = `${idpUrl}/api/vibe/proxy`;
85
+ const idpConfig = (0, startup_init_1.getStartupIDPConfig)();
86
+ const idpClientId = idpConfig?.clientSlug || idpConfig?.clientId;
87
+ try {
88
+ const res = await fetch(proxyUrl, {
89
+ method: 'POST',
90
+ headers: {
91
+ 'Content-Type': 'application/json',
92
+ 'X-Vibe-Client-Id': clientId,
93
+ 'X-Vibe-Timestamp': String(timestamp),
94
+ 'X-Vibe-Signature': signature,
95
+ ...(idpClientId && { 'X-Client-Id': idpClientId }),
96
+ },
97
+ body: JSON.stringify({
98
+ endpoint,
99
+ method: options.method,
100
+ data: options.body ?? null,
101
+ }),
102
+ cache: 'no-store',
103
+ });
104
+ if (res.status === 204)
105
+ return { ok: true, status: 204, data: null };
106
+ if (!res.ok) {
107
+ const errorText = await res.text();
108
+ return { ok: false, status: res.status, data: null, error: errorText };
109
+ }
110
+ const body = await res.json();
111
+ return { ok: true, status: res.status, data: body };
112
+ }
113
+ catch (error) {
114
+ return { ok: false, status: 0, data: null, error: String(error) };
115
+ }
116
+ }
117
+ /**
118
+ * GET /api/admin/stats - Dashboard statistics
119
+ * Aggregates users + tier breakdown, active Redis sessions, and recent audit activity.
120
+ */
121
+ function createStatsHandler(config) {
122
+ const getSessionPrefix = () => {
123
+ const appSlug = config.appSlug || process.env.APP_SLUG || process.env.CLIENT_ID || 'app';
124
+ return `${appSlug}:sess:`;
125
+ };
126
+ return {
127
+ async GET(_request) {
128
+ const adminCheck = await checkAdminRole(config.getAuthOptions);
129
+ if (adminCheck.error)
130
+ return adminCheck.error;
131
+ try {
132
+ // Fetch from 3 sources in parallel
133
+ const [usersResult, sessionCount, auditResult] = await Promise.allSettled([
134
+ // 1. Users + tier breakdown via HMAC proxy (Vibe collection query)
135
+ vibeServiceRequest('/v1/collections/vibe_app/tables/users/query', {
136
+ method: 'POST',
137
+ body: { page: 1, pageSize: 500, orderBy: 'created_at', orderDirection: 'desc' },
138
+ }),
139
+ // 2. Active sessions from Redis
140
+ (async () => {
141
+ const redis = (0, redis_1.getRedis)();
142
+ const sessionPrefix = getSessionPrefix();
143
+ const sessionKeys = [];
144
+ let cursor = '0';
145
+ do {
146
+ const [newCursor, keys] = await redis.scan(cursor, 'MATCH', `${sessionPrefix}*`, 'COUNT', 100);
147
+ cursor = newCursor;
148
+ sessionKeys.push(...keys.filter((k) => !k.includes(':ver:')));
149
+ } while (cursor !== '0');
150
+ return sessionKeys.length;
151
+ })(),
152
+ // 3. Recent audit activity via HMAC proxy
153
+ vibeServiceRequest('/v1/audit?pageSize=10&sortDir=desc', { method: 'GET' }),
154
+ ]);
155
+ // Parse users — deduplicate by user_id
156
+ let totalUsers = 0;
157
+ let tierBreakdown = {};
158
+ if (usersResult.status === 'fulfilled' && usersResult.value.ok && usersResult.value.data) {
159
+ const data = usersResult.value.data;
160
+ const rawUsers = data.data || data.documents || data.users || [];
161
+ // Deduplicate by user_id (keeps latest document_id)
162
+ const userMap = new Map();
163
+ for (const u of rawUsers) {
164
+ const uid = u.user_id || u.id || u.document_id;
165
+ const existing = userMap.get(uid);
166
+ if (!existing || (u.document_id || '') > (existing.document_id || '')) {
167
+ userMap.set(uid, u);
168
+ }
169
+ }
170
+ const uniqueUsers = Array.from(userMap.values());
171
+ totalUsers = uniqueUsers.length;
172
+ // Build tier breakdown from deduplicated users (unless API provides one)
173
+ tierBreakdown = data.tierBreakdown || data.tiers || {};
174
+ if (Object.keys(tierBreakdown).length === 0) {
175
+ for (const user of uniqueUsers) {
176
+ const tier = user.tier || 'free';
177
+ tierBreakdown[tier] = (tierBreakdown[tier] || 0) + 1;
178
+ }
179
+ }
180
+ }
181
+ // Parse active sessions count
182
+ let activeSessions = 0;
183
+ if (sessionCount.status === 'fulfilled') {
184
+ activeSessions = sessionCount.value;
185
+ }
186
+ // Parse audit events for recent activity
187
+ let recentActivity = [];
188
+ if (auditResult.status === 'fulfilled' && auditResult.value.ok && auditResult.value.data) {
189
+ const data = auditResult.value.data;
190
+ // Handle multiple possible response shapes
191
+ let events = [];
192
+ if (Array.isArray(data)) {
193
+ events = data;
194
+ }
195
+ else if (Array.isArray(data.data)) {
196
+ events = data.data;
197
+ }
198
+ else if (Array.isArray(data.entries)) {
199
+ events = data.entries;
200
+ }
201
+ else if (Array.isArray(data.items)) {
202
+ events = data.items;
203
+ }
204
+ else if (Array.isArray(data.documents)) {
205
+ events = data.documents;
206
+ }
207
+ else if (data.success && Array.isArray(data.results)) {
208
+ events = data.results;
209
+ }
210
+ recentActivity = events.slice(0, 5).map((e) => ({
211
+ id: e.audit_log_id || e.id || e.document_id,
212
+ type: e.category || e.type || 'admin',
213
+ action: e.action || e.event || e.message || 'Unknown action',
214
+ actor: e.admin_email || e.actor || e.user || e.actor_email || 'System',
215
+ target: e.target_type ? `${e.target_type}:${e.target_id}` : (e.target || e.target_user),
216
+ details: e.description || e.details,
217
+ timestamp: e.created_at || e.timestamp || e.date,
218
+ success: e.is_success ?? e.success ?? true,
219
+ }));
220
+ }
221
+ // Calculate tier percentages
222
+ const tiers = Object.entries(tierBreakdown).map(([name, count]) => ({
223
+ name,
224
+ count: count,
225
+ pct: totalUsers > 0 ? Math.round((count / totalUsers) * 100) : 0,
226
+ }));
227
+ return server_1.NextResponse.json({
228
+ totalUsers,
229
+ activeSessions,
230
+ tiers,
231
+ recentActivity,
232
+ });
233
+ }
234
+ catch (error) {
235
+ console.error('[admin/stats] Error:', error);
236
+ return server_1.NextResponse.json({ error: error.message || 'Internal error' }, { status: 500 });
237
+ }
238
+ },
239
+ };
240
+ }
package/dist/auth/utils/idp-client.js CHANGED
@@ -160,6 +160,7 @@ async function idpOAuthCallback(oauthData) {
160
160
  access_token: oauthData.accessToken || '',
161
161
  refresh_token: oauthData.refreshToken || '',
162
162
  expires_at: oauthData.expiresAt || 0,
163
+ client_id: clientId,
163
164
  }),
164
165
  });
165
166
  if (!response.ok) {
package/dist/components/account/MobileNavDrawer.d.ts ADDED
@@ -0,0 +1,32 @@
1
+ export interface NavItem {
2
+ href: string;
3
+ label: string;
4
+ icon?: React.ReactNode;
5
+ }
6
+ export interface NavSection {
7
+ title?: string;
8
+ items: Array<{
9
+ label: string;
10
+ icon?: React.ReactNode;
11
+ href?: string;
12
+ onClick?: () => void;
13
+ }>;
14
+ }
15
+ export interface MobileNavDrawerProps {
16
+ isOpen: boolean;
17
+ onClose: () => void;
18
+ navItems: NavItem[];
19
+ /** Extra sections like Admin, rendered after nav items with optional title */
20
+ customSections?: NavSection[];
21
+ /** Base path for account link (default: '/account') */
22
+ basePath?: string;
23
+ /** Custom sign-in handler (default: next-auth signIn) */
24
+ onSignIn?: () => void;
25
+ /** Callback URL after sign in (default: '/dashboard') */
26
+ signInCallbackUrl?: string;
27
+ /** Custom unauthenticated actions (replaces default Login + Start Free buttons) */
28
+ unauthActions?: React.ReactNode;
29
+ /** Custom authenticated footer (replaces default "Account Settings" link) */
30
+ authFooter?: React.ReactNode;
31
+ }
32
+ export declare function MobileNavDrawer({ isOpen, onClose, navItems, customSections, basePath, onSignIn, signInCallbackUrl, unauthActions, authFooter, }: MobileNavDrawerProps): import("react/jsx-runtime").JSX.Element;
package/dist/components/account/MobileNavDrawer.js ADDED
@@ -0,0 +1,81 @@
1
+ "use strict";
2
+ 'use client';
3
+ var __importDefault = (this && this.__importDefault) || function (mod) {
4
+ return (mod && mod.__esModule) ? mod : { "default": mod };
5
+ };
6
+ Object.defineProperty(exports, "__esModule", { value: true });
7
+ exports.MobileNavDrawer = MobileNavDrawer;
8
+ const jsx_runtime_1 = require("react/jsx-runtime");
9
+ const react_1 = require("react");
10
+ const react_2 = require("next-auth/react");
11
+ const navigation_1 = require("next/navigation");
12
+ const image_1 = __importDefault(require("next/image"));
13
+ const link_1 = __importDefault(require("next/link"));
14
+ const lucide_react_1 = require("lucide-react");
15
+ function MobileNavDrawer({ isOpen, onClose, navItems, customSections, basePath = '/account', onSignIn, signInCallbackUrl = '/dashboard', unauthActions, authFooter, }) {
16
+ const { data: session } = (0, react_2.useSession)();
17
+ const pathname = (0, navigation_1.usePathname)();
18
+ const isAuthenticated = !!session?.user;
19
+ const isActiveRoute = (0, react_1.useCallback)((href) => pathname?.startsWith(href) ?? false, [pathname]);
20
+ // Close on Escape key
21
+ (0, react_1.useEffect)(() => {
22
+ function handleEscape(event) {
23
+ if (event.key === 'Escape') {
24
+ onClose();
25
+ }
26
+ }
27
+ if (isOpen) {
28
+ document.addEventListener('keydown', handleEscape);
29
+ return () => document.removeEventListener('keydown', handleEscape);
30
+ }
31
+ }, [isOpen, onClose]);
32
+ // Lock body scroll when open
33
+ (0, react_1.useEffect)(() => {
34
+ if (isOpen) {
35
+ document.body.style.overflow = 'hidden';
36
+ return () => {
37
+ document.body.style.overflow = '';
38
+ };
39
+ }
40
+ }, [isOpen]);
41
+ const handleSignIn = () => {
42
+ onClose();
43
+ if (onSignIn) {
44
+ onSignIn();
45
+ }
46
+ else {
47
+ (0, react_2.signIn)(undefined, { callbackUrl: signInCallbackUrl });
48
+ }
49
+ };
50
+ const handleSectionItemClick = (item) => {
51
+ onClose();
52
+ if (item.onClick) {
53
+ item.onClick();
54
+ }
55
+ };
56
+ // Derive display initial from name or email
57
+ const userName = session?.user?.name;
58
+ const userEmail = session?.user?.email;
59
+ const displaySource = userName || userEmail;
60
+ const userInitial = displaySource?.charAt(0).toUpperCase() || '?';
61
+ return ((0, jsx_runtime_1.jsxs)(jsx_runtime_1.Fragment, { children: [(0, jsx_runtime_1.jsx)("div", { className: `
62
+ fixed inset-0 bg-black/50 backdrop-blur-sm z-40 lg:hidden
63
+ transition-opacity duration-300
64
+ ${isOpen ? 'opacity-100' : 'opacity-0 pointer-events-none'}
65
+ `, onClick: onClose, "aria-hidden": "true" }), (0, jsx_runtime_1.jsxs)("div", { role: "dialog", "aria-modal": "true", "aria-label": "Navigation menu", "aria-expanded": isOpen, className: `
66
+ fixed top-0 right-0 bottom-0 w-80 max-w-[85vw]
67
+ bg-white dark:bg-slate-900
68
+ shadow-[-8px_0_32px_rgba(0,0,0,0.15)]
69
+ dark:shadow-[-8px_0_32px_rgba(0,0,0,0.4)]
70
+ z-50 lg:hidden
71
+ overflow-y-auto
72
+ transition-transform duration-300 ease-out
73
+ ${isOpen ? 'translate-x-0' : 'translate-x-full'}
74
+ `, children: [(0, jsx_runtime_1.jsxs)("div", { className: "flex items-center justify-between p-4 border-b border-gray-200 dark:border-white/10", children: [(0, jsx_runtime_1.jsx)("span", { className: "text-lg font-semibold text-gray-900 dark:text-white", children: "Menu" }), (0, jsx_runtime_1.jsx)("button", { onClick: onClose, className: "\r\n p-2 rounded-xl\r\n text-gray-400 hover:text-gray-900\r\n dark:hover:text-white\r\n hover:bg-gray-100 dark:hover:bg-white/10\r\n transition-colors\r\n ", "aria-label": "Close menu", children: (0, jsx_runtime_1.jsx)(lucide_react_1.X, { className: "h-5 w-5" }) })] }), isAuthenticated && session?.user && ((0, jsx_runtime_1.jsx)("div", { className: "p-4 border-b border-gray-200 dark:border-white/10", children: (0, jsx_runtime_1.jsxs)("div", { className: "flex items-center gap-3", children: [session.user.image ? ((0, jsx_runtime_1.jsx)(image_1.default, { src: session.user.image, alt: "", width: 48, height: 48, className: "w-12 h-12 rounded-full", unoptimized: true })) : ((0, jsx_runtime_1.jsx)("div", { className: "w-12 h-12 rounded-full bg-blue-500 flex items-center justify-center text-white font-semibold text-lg", children: userInitial })), (0, jsx_runtime_1.jsxs)("div", { className: "flex-1 min-w-0", children: [userName && ((0, jsx_runtime_1.jsx)("p", { className: "text-sm font-semibold text-gray-900 dark:text-white truncate", children: userName })), userEmail && ((0, jsx_runtime_1.jsx)("p", { className: "text-xs text-gray-500 dark:text-slate-400 truncate", children: userEmail }))] })] }) })), (0, jsx_runtime_1.jsx)("div", { className: "p-2", children: navItems.map((item) => ((0, jsx_runtime_1.jsxs)(link_1.default, { href: item.href, onClick: onClose, className: `
75
+ flex items-center gap-3 px-4 py-3.5 rounded-xl
76
+ transition-colors duration-200
77
+ ${isActiveRoute(item.href)
78
+ ? 'bg-blue-500/10 text-blue-500'
79
+ : 'text-gray-900 dark:text-white hover:bg-gray-100 dark:hover:bg-white/10'}
80
+ `, children: [item.icon && (0, jsx_runtime_1.jsx)("span", { className: "text-xl", children: item.icon }), (0, jsx_runtime_1.jsx)("span", { className: "font-medium", children: item.label }), isActiveRoute(item.href) && ((0, jsx_runtime_1.jsx)("span", { className: "ml-auto w-2 h-2 rounded-full bg-blue-500" }))] }, item.href))) }), customSections?.map((section, sectionIndex) => ((0, jsx_runtime_1.jsxs)("div", { className: "p-2 border-t border-gray-200 dark:border-white/10", children: [section.title && ((0, jsx_runtime_1.jsx)("p", { className: "px-4 py-2 text-xs font-semibold text-gray-500 dark:text-slate-400 uppercase tracking-wider", children: section.title })), section.items.map((item, itemIndex) => item.href ? ((0, jsx_runtime_1.jsxs)(link_1.default, { href: item.href, onClick: onClose, className: "\r\n flex items-center gap-3 px-4 py-3 rounded-xl\r\n text-gray-900 dark:text-white\r\n hover:bg-gray-100 dark:hover:bg-white/10\r\n transition-colors\r\n ", children: [item.icon && (0, jsx_runtime_1.jsx)("span", { className: "text-xl", children: item.icon }), (0, jsx_runtime_1.jsx)("span", { className: "font-medium", children: item.label })] }, itemIndex)) : ((0, jsx_runtime_1.jsxs)("button", { onClick: () => handleSectionItemClick(item), className: "\r\n flex items-center gap-3 px-4 py-3 rounded-xl w-full text-left\r\n text-gray-900 dark:text-white\r\n hover:bg-gray-100 dark:hover:bg-white/10\r\n transition-colors\r\n ", children: [item.icon && (0, jsx_runtime_1.jsx)("span", { className: "text-xl", children: item.icon }), (0, jsx_runtime_1.jsx)("span", { className: "font-medium", children: item.label })] }, itemIndex)))] }, sectionIndex))), (0, jsx_runtime_1.jsx)("div", { className: "p-4 mt-auto border-t border-gray-200 dark:border-white/10", children: !isAuthenticated ? (unauthActions ?? ((0, jsx_runtime_1.jsx)("div", { className: "space-y-3", children: (0, jsx_runtime_1.jsx)("button", { onClick: handleSignIn, className: "\r\n w-full px-4 py-3 rounded-xl\r\n text-blue-500 font-semibold\r\n border border-blue-500/30\r\n hover:bg-blue-500/10\r\n transition-colors\r\n ", children: "Login" }) }))) : (authFooter ?? ((0, jsx_runtime_1.jsx)(link_1.default, { href: basePath, onClick: onClose, className: "\r\n flex items-center justify-center gap-2\r\n w-full px-4 py-3 rounded-xl\r\n text-gray-500 dark:text-slate-400 font-medium\r\n hover:bg-gray-100 dark:hover:bg-white/10\r\n transition-colors\r\n ", children: "Account Settings" }))) })] })] }));
81
+ }
package/dist/components/account/UserAvatarMenu.js CHANGED
@@ -1,11 +1,15 @@
1
1
  "use strict";
2
2
  'use client';
3
+ var __importDefault = (this && this.__importDefault) || function (mod) {
4
+ return (mod && mod.__esModule) ? mod : { "default": mod };
5
+ };
3
6
  Object.defineProperty(exports, "__esModule", { value: true });
4
7
  exports.UserAvatarMenu = UserAvatarMenu;
5
8
  const jsx_runtime_1 = require("react/jsx-runtime");
6
9
  const react_1 = require("react");
7
10
  const react_2 = require("next-auth/react");
8
11
  const navigation_1 = require("next/navigation");
12
+ const image_1 = __importDefault(require("next/image"));
9
13
  const lucide_react_1 = require("lucide-react");
10
14
  function UserAvatarMenu({ basePath = '', showProfile = true, showSettings = true, showSecurity = true, customItems, onSignOut, }) {
11
15
  const { data: session, status } = (0, react_2.useSession)();
@@ -73,7 +77,7 @@ function UserAvatarMenu({ basePath = '', showProfile = true, showSettings = true
73
77
  router.push(item.href);
74
78
  }
75
79
  };
76
- return ((0, jsx_runtime_1.jsxs)("div", { ref: menuRef, className: "relative", children: [(0, jsx_runtime_1.jsx)("button", { onClick: () => setIsOpen(!isOpen), className: "flex items-center justify-center h-10 w-10 rounded-full bg-[#349AD5] text-white font-semibold text-lg hover:bg-[#2980b9] transition-colors focus:outline-none focus:ring-2 focus:ring-[#349AD5] focus:ring-offset-2 dark:focus:ring-offset-slate-900", "aria-label": "User menu", "aria-expanded": isOpen, "aria-haspopup": "true", children: userInitial }), isOpen && ((0, jsx_runtime_1.jsxs)("div", { className: "absolute right-0 mt-2 w-56 rounded-md shadow-lg z-50\r\n bg-white dark:bg-slate-900\r\n border border-gray-200 dark:border-slate-700", role: "menu", "aria-orientation": "vertical", children: [(0, jsx_runtime_1.jsxs)("div", { className: "px-4 py-3 border-b border-gray-200 dark:border-slate-700", children: [userName && ((0, jsx_runtime_1.jsx)("p", { className: "text-sm font-medium text-gray-700 dark:text-slate-200 truncate", children: userName })), userEmail && ((0, jsx_runtime_1.jsx)("p", { className: "text-sm text-gray-500 dark:text-slate-400 truncate", children: userEmail })), !userName && !userEmail && ((0, jsx_runtime_1.jsx)("p", { className: "text-sm text-gray-500 dark:text-slate-400", children: "Signed in" }))] }), (0, jsx_runtime_1.jsxs)("div", { className: "py-1", children: [showProfile && ((0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.User, { className: "h-4 w-4" }), label: "Profile", onClick: () => handleNavigation(`${basePath}/profile`) })), showSettings && ((0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.Settings, { className: "h-4 w-4" }), label: "Settings", onClick: () => handleNavigation(`${basePath}/settings`) })), showSecurity && ((0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.Shield, { className: "h-4 w-4" }), label: "Security", onClick: () => handleNavigation(`${basePath}/security`) })), customItems?.map((item, index) => ((0, jsx_runtime_1.jsx)(MenuItem, { icon: item.icon, label: item.label, onClick: () => handleItemClick(item) }, index)))] }), (0, jsx_runtime_1.jsx)("div", { className: "border-t border-gray-200 dark:border-slate-700 py-1", children: (0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.LogOut, { className: "h-4 w-4" }), label: "Sign Out", onClick: handleSignOut, variant: "danger" }) })] }))] }));
80
+ return ((0, jsx_runtime_1.jsxs)("div", { ref: menuRef, className: "relative", children: [(0, jsx_runtime_1.jsx)("button", { onClick: () => setIsOpen(!isOpen), className: "flex items-center justify-center h-10 w-10 rounded-full overflow-hidden bg-blue-500 text-white font-semibold text-lg hover:opacity-90 transition-opacity focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 dark:focus:ring-offset-slate-900", "aria-label": "User menu", "aria-expanded": isOpen, "aria-haspopup": "true", children: session.user.image ? ((0, jsx_runtime_1.jsx)(image_1.default, { src: session.user.image, alt: "", width: 40, height: 40, className: "w-10 h-10 rounded-full object-cover", unoptimized: true })) : (userInitial) }), isOpen && ((0, jsx_runtime_1.jsxs)("div", { className: "absolute right-0 mt-2 w-56 rounded-md shadow-lg z-50\r\n bg-white dark:bg-slate-900\r\n border border-gray-200 dark:border-slate-700", role: "menu", "aria-orientation": "vertical", children: [(0, jsx_runtime_1.jsx)("div", { className: "px-4 py-3 border-b border-gray-200 dark:border-slate-700", children: (0, jsx_runtime_1.jsxs)("div", { className: "flex items-center gap-3", children: [session.user.image ? ((0, jsx_runtime_1.jsx)(image_1.default, { src: session.user.image, alt: "", width: 32, height: 32, className: "w-8 h-8 rounded-full flex-shrink-0", unoptimized: true })) : ((0, jsx_runtime_1.jsx)("div", { className: "w-8 h-8 rounded-full bg-blue-500 flex items-center justify-center text-white font-semibold text-sm flex-shrink-0", children: userInitial })), (0, jsx_runtime_1.jsxs)("div", { className: "min-w-0", children: [userName && ((0, jsx_runtime_1.jsx)("p", { className: "text-sm font-medium text-gray-700 dark:text-slate-200 truncate", children: userName })), userEmail && ((0, jsx_runtime_1.jsx)("p", { className: "text-sm text-gray-500 dark:text-slate-400 truncate", children: userEmail })), !userName && !userEmail && ((0, jsx_runtime_1.jsx)("p", { className: "text-sm text-gray-500 dark:text-slate-400", children: "Signed in" }))] })] }) }), (0, jsx_runtime_1.jsxs)("div", { className: "py-1", children: [showProfile && ((0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.User, { className: "h-4 w-4" }), label: "Profile", onClick: () => handleNavigation(`${basePath}/profile`) })), showSettings && ((0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.Settings, { className: "h-4 w-4" }), label: "Settings", onClick: () => handleNavigation(`${basePath}/settings`) })), showSecurity && ((0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.Shield, { className: "h-4 w-4" }), label: "Security", onClick: () => handleNavigation(`${basePath}/security`) })), customItems?.map((item, index) => ((0, jsx_runtime_1.jsx)(MenuItem, { icon: item.icon, label: item.label, onClick: () => handleItemClick(item) }, index)))] }), (0, jsx_runtime_1.jsx)("div", { className: "border-t border-gray-200 dark:border-slate-700 py-1", children: (0, jsx_runtime_1.jsx)(MenuItem, { icon: (0, jsx_runtime_1.jsx)(lucide_react_1.LogOut, { className: "h-4 w-4" }), label: "Sign Out", onClick: handleSignOut, variant: "danger" }) })] }))] }));
77
81
  }
78
82
  function MenuItem({ icon, label, onClick, variant = 'default' }) {
79
83
  const baseClasses = "flex items-center w-full px-4 py-2 text-sm cursor-pointer transition-colors";
package/dist/components/account/index.d.ts CHANGED
@@ -5,3 +5,5 @@
5
5
  */
6
6
  export { UserAvatarMenu } from './UserAvatarMenu';
7
7
  export type { UserAvatarMenuProps } from './UserAvatarMenu';
8
+ export { MobileNavDrawer } from './MobileNavDrawer';
9
+ export type { MobileNavDrawerProps, NavItem, NavSection } from './MobileNavDrawer';
package/dist/components/account/index.js CHANGED
@@ -1,10 +1,13 @@
1
1
  "use strict";
2
+ 'use client';
3
+ Object.defineProperty(exports, "__esModule", { value: true });
4
+ exports.MobileNavDrawer = exports.UserAvatarMenu = void 0;
2
5
  /**
3
6
  * Account Components for @payez/next-mvp
4
7
  *
5
8
  * User account related UI components.
6
9
  */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.UserAvatarMenu = void 0;
9
10
  var UserAvatarMenu_1 = require("./UserAvatarMenu");
10
11
  Object.defineProperty(exports, "UserAvatarMenu", { enumerable: true, get: function () { return UserAvatarMenu_1.UserAvatarMenu; } });
12
+ var MobileNavDrawer_1 = require("./MobileNavDrawer");
13
+ Object.defineProperty(exports, "MobileNavDrawer", { enumerable: true, get: function () { return MobileNavDrawer_1.MobileNavDrawer; } });
package/dist/index.d.ts CHANGED
@@ -6,7 +6,7 @@ export type { AuthConfig } from './types/auth';
6
6
  export { makeAuthDecision } from './auth/auth-decision';
7
7
  export { isUnauthenticatedRoute, configurePublicRoutes, getRouteConfig } from './auth/route-config';
8
8
  export { createMvpMiddleware } from './middleware/create-middleware';
9
- export { UserAvatarMenu } from './components/account';
10
- export type { UserAvatarMenuProps } from './components/account';
9
+ export { UserAvatarMenu, MobileNavDrawer } from './components/account';
10
+ export type { UserAvatarMenuProps, MobileNavDrawerProps, NavItem, NavSection } from './components/account';
11
11
  export { ErrorMetricsCard, HealthMetricsCard, AuditLogViewer, AdminAnalyticsLayout, useErrorMetrics, useHealthMetrics, useAuditLog, useAdminAnalytics, getErrorMetrics, getHealthMetrics, writeAuditLog, queryAuditLog, } from './logging';
12
12
  export type { ErrorMetrics, HealthMetrics, AuditLogEntry, AuditLogQuery, AuditLogResponse, TimeRange, RouteError, LevelCount, CategoryCount, ErrorDetail, EndpointHealth, SlowRequest, } from './logging';
package/dist/index.js CHANGED
@@ -2,7 +2,7 @@
2
2
  // Type augmentation for NextAuth - included via ambient module declaration
3
3
  // Note: Type declarations are picked up automatically via tsconfig.json, no explicit import needed
4
4
  Object.defineProperty(exports, "__esModule", { value: true });
5
- exports.queryAuditLog = exports.writeAuditLog = exports.getHealthMetrics = exports.getErrorMetrics = exports.useAdminAnalytics = exports.useAuditLog = exports.useHealthMetrics = exports.useErrorMetrics = exports.AdminAnalyticsLayout = exports.AuditLogViewer = exports.HealthMetricsCard = exports.ErrorMetricsCard = exports.UserAvatarMenu = exports.createMvpMiddleware = exports.getRouteConfig = exports.configurePublicRoutes = exports.isUnauthenticatedRoute = exports.makeAuthDecision = exports.useTraditionalAuthEnabled = exports.useFederatedAuthEnabled = exports.useFederatedProviders = exports.useAuthMode = exports.useAuthConfig = exports.AuthProvider = exports.useAnonSession = exports.fetchWithAuth = void 0;
5
+ exports.queryAuditLog = exports.writeAuditLog = exports.getHealthMetrics = exports.getErrorMetrics = exports.useAdminAnalytics = exports.useAuditLog = exports.useHealthMetrics = exports.useErrorMetrics = exports.AdminAnalyticsLayout = exports.AuditLogViewer = exports.HealthMetricsCard = exports.ErrorMetricsCard = exports.MobileNavDrawer = exports.UserAvatarMenu = exports.createMvpMiddleware = exports.getRouteConfig = exports.configurePublicRoutes = exports.isUnauthenticatedRoute = exports.makeAuthDecision = exports.useTraditionalAuthEnabled = exports.useFederatedAuthEnabled = exports.useFederatedProviders = exports.useAuthMode = exports.useAuthConfig = exports.AuthProvider = exports.useAnonSession = exports.fetchWithAuth = void 0;
6
6
  // NOTE: Server-only exports are NOT exported from the root to prevent bundling Node.js modules in client code.
7
7
  // Server-side code should import from subpath exports:
8
8
  // - Session management: import { sessionStore } from '@payez/next-mvp/lib/session-store'
@@ -38,6 +38,7 @@ Object.defineProperty(exports, "createMvpMiddleware", { enumerable: true, get: f
38
38
  // Account Components
39
39
  var account_1 = require("./components/account");
40
40
  Object.defineProperty(exports, "UserAvatarMenu", { enumerable: true, get: function () { return account_1.UserAvatarMenu; } });
41
+ Object.defineProperty(exports, "MobileNavDrawer", { enumerable: true, get: function () { return account_1.MobileNavDrawer; } });
41
42
  // Admin Logging & Analytics (client-side components and hooks)
42
43
  var logging_1 = require("./logging");
43
44
  Object.defineProperty(exports, "ErrorMetricsCard", { enumerable: true, get: function () { return logging_1.ErrorMetricsCard; } });
package/dist/pages/admin-page-permissions/PagePermissionsAdminPage.d.ts ADDED
@@ -0,0 +1,18 @@
1
+ /**
2
+ * Page Permissions Admin Page (/admin/page-permissions)
3
+ *
4
+ * Design: Aurum (DESIGN_SPEC.md)
5
+ * Control which roles can access which pages
6
+ *
7
+ * Three sections:
8
+ * 1. Search & Filters — Find pages by route or category
9
+ * 2. Pages & Role Requirements — Table showing pages and their role assignments
10
+ * 3. Change History — Audit log of permission changes
11
+ *
12
+ * Design Principles:
13
+ * - No shadows, gradients, or animation
14
+ * - One accent color (blue #0066cc)
15
+ * - Inline interactions (no modals)
16
+ * - Scan-friendly tables and lists
17
+ */
18
+ export default function PagePermissionsAdminPage(): import("react/jsx-runtime").JSX.Element;