@playcademy/sandbox 0.1.0-beta.7 → 0.1.0-beta.8

package/dist/server.js

@@ -50943,7 +50943,8 @@ var PLAYCADEMY_CREDITS_ID = crypto.randomUUID();
 var SAMPLE_ITEMS = [
   {
     id: PLAYCADEMY_CREDITS_ID,
-    internalName: "PLAYCADEMY_CREDITS",
+    slug: "PLAYCADEMY_CREDITS",
+    gameId: null,
     displayName: "PLAYCADEMY credits",
     description: "The main currency used across PLAYCADEMY.",
     type: "currency",
@@ -50954,7 +50955,8 @@ var SAMPLE_ITEMS = [
   },
   {
     id: crypto.randomUUID(),
-    internalName: "FOUNDING_MEMBER_BADGE",
+    slug: "FOUNDING_MEMBER_BADGE",
+    gameId: null,
     displayName: "Founding Member Badge",
     description: "Reserved for founding core team of the PLAYCADEMY platform.",
     type: "badge",
@@ -50965,7 +50967,8 @@ var SAMPLE_ITEMS = [
   },
   {
     id: crypto.randomUUID(),
-    internalName: "EARLY_ADOPTER_BADGE",
+    slug: "EARLY_ADOPTER_BADGE",
+    gameId: null,
     displayName: "Early Adopter Badge",
     description: "Awarded to users who joined during the beta phase.",
     type: "badge",
@@ -50976,7 +50979,8 @@ var SAMPLE_ITEMS = [
   },
   {
     id: crypto.randomUUID(),
-    internalName: "FIRST_GAME_BADGE",
+    slug: "FIRST_GAME_BADGE",
+    gameId: null,
     displayName: "First Game Played",
     description: "Awarded for playing your first game in the Playcademy platform.",
     type: "badge",
@@ -50987,7 +50991,8 @@ var SAMPLE_ITEMS = [
   },
   {
     id: crypto.randomUUID(),
-    internalName: "COMMON_SWORD",
+    slug: "COMMON_SWORD",
+    gameId: null,
     displayName: "Common Sword",
     description: "A basic sword, good for beginners.",
     type: "unlock",
@@ -50996,7 +51001,8 @@ var SAMPLE_ITEMS = [
   },
   {
     id: crypto.randomUUID(),
-    internalName: "SMALL_HEALTH_POTION",
+    slug: "SMALL_HEALTH_POTION",
+    gameId: null,
     displayName: "Small Health Potion",
     description: "Restores a small amount of health.",
     type: "other",
@@ -51005,7 +51011,8 @@ var SAMPLE_ITEMS = [
   },
   {
     id: crypto.randomUUID(),
-    internalName: "SMALL_BACKPACK",
+    slug: "SMALL_BACKPACK",
+    gameId: null,
     displayName: "Small Backpack",
     description: "Increases your inventory capacity by 5 slots.",
     type: "upgrade",
@@ -75478,14 +75485,20 @@ var itemTypeEnum = pgEnum("item_type", [
 ]);
 var items = pgTable("items", {
   id: uuid("id").primaryKey().defaultRandom(),
-  internalName: text("internal_name").notNull().unique(),
+  slug: text("slug").notNull(),
+  gameId: uuid("game_id").references(() => games.id, {
+    onDelete: "cascade"
+  }),
   displayName: text("display_name").notNull(),
   description: text("description"),
   type: itemTypeEnum("type").notNull().default("other"),
   imageUrl: text("image_url"),
   metadata: jsonb("metadata").default({}),
   createdAt: timestamp("created_at").defaultNow().notNull()
-});
+}, (table) => [
+  uniqueIndex("items_game_slug_idx").on(table.gameId, table.slug),
+  uniqueIndex("items_global_slug_idx").on(table.slug).where(sql`game_id IS NULL`)
+]);
 var inventoryItems = pgTable("inventory_items", {
   id: uuid("id").primaryKey().defaultRandom(),
   userId: text("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
@@ -75518,9 +75531,13 @@ var shopListings = pgTable("shop_listings", {
 }, (table) => [
   uniqueIndex("unique_item_currency_listing_idx").on(table.itemId, table.currencyId)
 ]);
-var itemsRelations = relations(items, ({ many }) => ({
+var itemsRelations = relations(items, ({ many, one }) => ({
   shopListings: many(shopListings),
-  inventoryItems: many(inventoryItems)
+  inventoryItems: many(inventoryItems),
+  game: one(games, {
+    fields: [items.gameId],
+    references: [games.id]
+  })
 }));
 var currenciesRelations = relations(currencies, ({ many }) => ({
   shopListings: many(shopListings)
@@ -75569,14 +75586,18 @@ var ItemMetadataSchema = exports_external.object({
 var InsertItemSchema = createInsertSchema(items, {
   imageUrl: exports_external.string().refine((val) => validateRelativePath2(val, "imageUrl")).optional().nullable(),
   type: exports_external.enum(itemTypeEnum.enumValues).default("other"),
-  metadata: ItemMetadataSchema.optional()
+  metadata: ItemMetadataSchema.optional(),
+  gameId: exports_external.string().uuid().optional().nullable()
 }).omit({ id: true });
 var SelectItemSchema = createSelectSchema(items);
 var UpdateItemSchema = InsertItemSchema.pick({
+  slug: true,
+  displayName: true,
+  description: true,
   type: true,
   metadata: true,
   imageUrl: true
-});
+}).partial();
 var InsertInventoryItemSchema = createInsertSchema(inventoryItems).omit({
   id: true,
   updatedAt: true
@@ -75812,7 +75833,7 @@ async function seedCurrentProjectGame(db, project) {
 // package.json
 var package_default = {
   name: "@playcademy/sandbox",
-  version: "0.1.0-beta.6",
+  version: "0.1.0-beta.7",
   description: "Local development server for Playcademy game development",
   type: "module",
   exports: {
@@ -75917,7 +75938,7 @@ async function getUserMe(ctx) {
 }
 
 // ../data/src/constants.ts
-var ITEM_INTERNAL_NAMES = {
+var ITEM_SLUGS = {
   PLAYCADEMY_CREDITS: "PLAYCADEMY_CREDITS",
   PLAYCADEMY_XP: "PLAYCADEMY_XP",
   FOUNDING_MEMBER_BADGE: "FOUNDING_MEMBER_BADGE",
@@ -75928,14 +75949,15 @@ var ITEM_INTERNAL_NAMES = {
   SMALL_BACKPACK: "SMALL_BACKPACK"
 };
 var CURRENCIES = {
-  PRIMARY: ITEM_INTERNAL_NAMES.PLAYCADEMY_CREDITS,
-  XP: ITEM_INTERNAL_NAMES.PLAYCADEMY_XP
+  PRIMARY: ITEM_SLUGS.PLAYCADEMY_CREDITS,
+  XP: ITEM_SLUGS.PLAYCADEMY_XP
 };
 var BADGES = {
-  FOUNDING_MEMBER: ITEM_INTERNAL_NAMES.FOUNDING_MEMBER_BADGE,
-  EARLY_ADOPTER: ITEM_INTERNAL_NAMES.EARLY_ADOPTER_BADGE,
-  FIRST_GAME: ITEM_INTERNAL_NAMES.FIRST_GAME_BADGE
+  FOUNDING_MEMBER: ITEM_SLUGS.FOUNDING_MEMBER_BADGE,
+  EARLY_ADOPTER: ITEM_SLUGS.EARLY_ADOPTER_BADGE,
+  FIRST_GAME: ITEM_SLUGS.FIRST_GAME_BADGE
 };
+var INTERACTION_TYPE = Object.fromEntries(interactionTypeEnum.enumValues.map((value) => [value, value]));
 
 // ../api-core/src/utils/levels.ts
 var levelConfigCache = null;
@@ -76092,7 +76114,7 @@ async function addXP(ctx, amount) {
           creditsAwarded: creditsToAward
         });
         if (creditsToAward > 0) {
-          const [creditsItem] = await tx.select({ id: items.id }).from(items).where(eq(items.internalName, CURRENCIES.PRIMARY)).limit(1);
+          const [creditsItem] = await tx.select({ id: items.id }).from(items).where(eq(items.slug, CURRENCIES.PRIMARY)).limit(1);
           if (!creditsItem) {
             throw ApiError.internal(`${CURRENCIES.PRIMARY} item not found`);
           }
@@ -76292,15 +76314,18 @@ async function getUserInventory(ctx) {
     const db = getDatabase();
     const inventory2 = await db.select({
       id: inventoryItems.id,
+      userId: inventoryItems.userId,
       quantity: inventoryItems.quantity,
       item: {
         id: items.id,
-        internalName: items.internalName,
+        slug: items.slug,
+        gameId: items.gameId,
         displayName: items.displayName,
         description: items.description,
         type: items.type,
         imageUrl: items.imageUrl,
-        metadata: items.metadata
+        metadata: items.metadata,
+        createdAt: items.createdAt
       },
       updatedAt: inventoryItems.updatedAt
     }).from(inventoryItems).where(eq(inventoryItems.userId, user.id)).innerJoin(items, eq(inventoryItems.itemId, items.id));
@@ -77929,14 +77954,13 @@ async function listGames(ctx) {
   if (!user) {
     throw ApiError.unauthorized("Must be logged in to list games");
   }
-  if (user.role !== "admin" && user.role !== "developer") {
-    throw ApiError.forbidden("Requires admin or developer privileges to list games");
-  }
   try {
     const db = getDatabase();
     let filter2 = undefined;
     if (user.role === "developer") {
       filter2 = eq(games.developerId, user.id);
+    } else if (user.role === "player") {
+      return [];
     }
     const games2 = await db.query.games.findMany({
       where: filter2,
@@ -78177,147 +78201,516 @@ async function upsertGameBySlug(ctx) {
     throw ApiError.internal("Internal server error", error2);
   }
 }
-// ../../node_modules/@oslojs/binary/dist/uint.js
-class BigEndian {
-  uint8(data2, offset) {
-    if (data2.byteLength < offset + 1) {
-      throw new TypeError("Insufficient bytes");
-    }
-    return data2[offset];
-  }
-  uint16(data2, offset) {
-    if (data2.byteLength < offset + 2) {
-      throw new TypeError("Insufficient bytes");
-    }
-    return data2[offset] << 8 | data2[offset + 1];
+
+// ../api-core/src/items/index.ts
+async function validateGameOwnership(user, gameId) {
+  if (user.role === "admin") {
+    return;
   }
-  uint32(data2, offset) {
-    if (data2.byteLength < offset + 4) {
-      throw new TypeError("Insufficient bytes");
+  try {
+    const db = getDatabase();
+    const gameOwnership = await db.query.games.findFirst({
+      where: and(eq(games.id, gameId), eq(games.developerId, user.id)),
+      columns: { id: true }
+    });
+    if (!gameOwnership) {
+      const gameExists = await db.query.games.findFirst({
+        where: eq(games.id, gameId),
+        columns: { id: true }
+      });
+      if (!gameExists) {
+        throw ApiError.notFound("Game not found");
+      }
+      throw ApiError.forbidden("You do not own this game");
     }
-    let result = 0;
-    for (let i3 = 0;i3 < 4; i3++) {
-      result |= data2[offset + i3] << 24 - i3 * 8;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
     }
-    return result;
+    logger2.error(`Error checking game ownership for ${gameId}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
   }
-  uint64(data2, offset) {
-    if (data2.byteLength < offset + 8) {
-      throw new TypeError("Insufficient bytes");
-    }
-    let result = 0n;
-    for (let i3 = 0;i3 < 8; i3++) {
-      result |= BigInt(data2[offset + i3]) << BigInt(56 - i3 * 8);
-    }
-    return result;
+}
+async function listItems(ctx) {
+  const user = ctx.user;
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to view items");
   }
-  putUint8(target, value, offset) {
-    if (target.length < offset + 1) {
-      throw new TypeError("Not enough space");
+  try {
+    const db = getDatabase();
+    const url2 = new URL(ctx.request.url);
+    const gameId = url2.searchParams.get("gameId");
+    let allItems;
+    if (gameId) {
+      allItems = await db.query.items.findMany({
+        where: eq(items.gameId, gameId)
+      });
+    } else {
+      allItems = await db.query.items.findMany();
     }
-    if (value < 0 || value > 255) {
-      throw new TypeError("Invalid uint8 value");
+    return allItems;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
     }
-    target[offset] = value;
+    logger2.error("Error fetching items:", error2);
+    throw ApiError.internal("Internal server error", error2);
   }
-  putUint16(target, value, offset) {
-    if (target.length < offset + 2) {
-      throw new TypeError("Not enough space");
+}
+async function getItemById(ctx) {
+  const user = ctx.user;
+  const itemId = ctx.params.itemId;
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to view item details");
+  }
+  if (!itemId) {
+    throw ApiError.badRequest("Missing item ID");
+  }
+  try {
+    const db = getDatabase();
+    const item = await db.query.items.findFirst({
+      where: eq(items.id, itemId)
+    });
+    if (!item) {
+      throw ApiError.notFound("Item not found");
     }
-    if (value < 0 || value > 65535) {
-      throw new TypeError("Invalid uint16 value");
+    return item;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
     }
-    target[offset] = value >> 8;
-    target[offset + 1] = value & 255;
+    logger2.error(`Error fetching item ${itemId}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
   }
-  putUint32(target, value, offset) {
-    if (target.length < offset + 4) {
-      throw new TypeError("Not enough space");
-    }
-    if (value < 0 || value > 4294967295) {
-      throw new TypeError("Invalid uint32 value");
+}
+async function createItem(ctx) {
+  const user = ctx.user;
+  if (!user || user.role !== "admin") {
+    throw ApiError.forbidden("Admin access required");
+  }
+  let inputData;
+  try {
+    const requestBody = await ctx.request.json();
+    const validationResult = InsertItemSchema.safeParse(requestBody);
+    if (!validationResult.success) {
+      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(validationResult.error)}`);
     }
-    for (let i3 = 0;i3 < 4; i3++) {
-      target[offset + i3] = value >> (3 - i3) * 8 & 255;
+    inputData = validationResult.data;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
     }
+    logger2.error("Failed to parse request body or invalid JSON:", error2);
+    throw ApiError.badRequest("Invalid JSON body");
   }
-  putUint64(target, value, offset) {
-    if (target.length < offset + 8) {
-      throw new TypeError("Not enough space");
-    }
-    if (value < 0 || value > 18446744073709551615n) {
-      throw new TypeError("Invalid uint64 value");
+  try {
+    const db = getDatabase();
+    const [newItem] = await db.insert(items).values(inputData).returning();
+    if (!newItem) {
+      throw ApiError.internal("Failed to create item in database");
     }
-    for (let i3 = 0;i3 < 8; i3++) {
-      target[offset + i3] = Number(value >> BigInt((7 - i3) * 8) & 0xffn);
+    return newItem;
+  } catch (error2) {
+    if (error2 instanceof Error) {
+      if (error2.message.includes("duplicate key value violates unique constraint")) {
+        const gameScope = inputData.gameId ? "for this game" : "as a platform item";
+        throw ApiError.conflict(`An item with slug '${inputData.slug}' already exists ${gameScope}`);
+      }
     }
+    logger2.error("Error creating item:", error2);
+    throw ApiError.internal("Internal server error", error2);
   }
 }
-
-class LittleEndian {
-  uint8(data2, offset) {
-    if (data2.byteLength < offset + 1) {
-      throw new TypeError("Insufficient bytes");
-    }
-    return data2[offset];
+async function updateItem(ctx) {
+  const user = ctx.user;
+  const itemId = ctx.params.itemId;
+  if (!user || user.role !== "admin") {
+    throw ApiError.forbidden("Admin access required");
   }
-  uint16(data2, offset) {
-    if (data2.byteLength < offset + 2) {
-      throw new TypeError("Insufficient bytes");
-    }
-    return data2[offset] | data2[offset + 1] << 8;
+  if (!itemId) {
+    throw ApiError.badRequest("Missing item ID");
   }
-  uint32(data2, offset) {
-    if (data2.byteLength < offset + 4) {
-      throw new TypeError("Insufficient bytes");
+  let inputData;
+  try {
+    const requestBody = await ctx.request.json();
+    const validationResult = UpdateItemSchema.safeParse(requestBody);
+    if (!validationResult.success) {
+      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(validationResult.error)}`);
     }
-    let result = 0;
-    for (let i3 = 0;i3 < 4; i3++) {
-      result |= data2[offset + i3] << i3 * 8;
+    inputData = validationResult.data;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
     }
-    return result;
+    logger2.error("Failed to parse request body or invalid JSON:", error2);
+    throw ApiError.badRequest("Invalid JSON body");
   }
-  uint64(data2, offset) {
-    if (data2.byteLength < offset + 8) {
-      throw new TypeError("Insufficient bytes");
-    }
-    let result = 0n;
-    for (let i3 = 0;i3 < 8; i3++) {
-      result |= BigInt(data2[offset + i3]) << BigInt(i3 * 8);
-    }
-    return result;
+  if (Object.keys(inputData).length === 0) {
+    throw ApiError.badRequest("No update data provided");
   }
-  putUint8(target, value, offset) {
-    if (target.length < 1 + offset) {
-      throw new TypeError("Insufficient space");
+  try {
+    const db = getDatabase();
+    const [updatedItem] = await db.update(items).set(inputData).where(eq(items.id, itemId)).returning();
+    if (!updatedItem) {
+      throw ApiError.notFound("Item not found for update");
     }
-    if (value < 0 || value > 255) {
-      throw new TypeError("Invalid uint8 value");
+    return updatedItem;
+  } catch (error2) {
+    if (error2 instanceof Error) {
+      if (error2.message.includes("duplicate key value violates unique constraint")) {
+        throw ApiError.conflict("An item with this slug already exists within the same scope (platform or game)");
+      }
     }
-    target[offset] = value;
+    logger2.error(`Error updating item ${itemId}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
   }
-  putUint16(target, value, offset) {
-    if (target.length < 2 + offset) {
-      throw new TypeError("Insufficient space");
-    }
-    if (value < 0 || value > 65535) {
-      throw new TypeError("Invalid uint16 value");
-    }
-    target[offset + 1] = value >> 8;
-    target[offset] = value & 255;
+}
+async function deleteItem(ctx) {
+  const user = ctx.user;
+  const itemId = ctx.params.itemId;
+  if (!user || user.role !== "admin") {
+    throw ApiError.forbidden("Admin access required");
   }
-  putUint32(target, value, offset) {
-    if (target.length < 4 + offset) {
-      throw new TypeError("Insufficient space");
-    }
-    if (value < 0 || value > 4294967295) {
-      throw new TypeError("Invalid uint32 value");
+  if (!itemId) {
+    throw ApiError.badRequest("Missing item ID");
+  }
+  try {
+    const db = getDatabase();
+    const result = await db.delete(items).where(eq(items.id, itemId)).returning({ id: items.id });
+    if (result.length === 0) {
+      throw ApiError.notFound("Item not found for deletion");
     }
-    for (let i3 = 0;i3 < 4; i3++) {
-      target[offset + i3] = value >> i3 * 8 & 255;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
     }
+    logger2.error(`Error deleting item ${itemId}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
   }
-  putUint64(target, value, offset) {
+}
+async function resolveItem(ctx) {
+  const user = ctx.user;
+  const url2 = new URL(ctx.request.url);
+  const slug = url2.searchParams.get("slug");
+  const gameId = url2.searchParams.get("gameId");
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to resolve items");
+  }
+  if (!slug) {
+    throw ApiError.badRequest("Missing slug parameter");
+  }
+  try {
+    const db = getDatabase();
+    if (gameId) {
+      const gameItem = await db.query.items.findFirst({
+        where: and(eq(items.slug, slug), eq(items.gameId, gameId))
+      });
+      if (gameItem) {
+        return gameItem;
+      }
+    }
+    const platformItem = await db.query.items.findFirst({
+      where: and(eq(items.slug, slug), isNull(items.gameId))
+    });
+    if (!platformItem) {
+      throw ApiError.notFound(`Item with slug '${slug}' not found`);
+    }
+    return platformItem;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error resolving item slug ${slug}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function listGameItems(ctx) {
+  const user = ctx.user;
+  const gameId = ctx.params.gameId;
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to view items");
+  }
+  if (!gameId) {
+    throw ApiError.badRequest("Missing game ID");
+  }
+  try {
+    const db = getDatabase();
+    const gameItems = await db.query.items.findMany({
+      where: eq(items.gameId, gameId)
+    });
+    return gameItems;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error fetching items for game ${gameId}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function createGameItem(ctx) {
+  const user = ctx.user;
+  const gameId = ctx.params.gameId;
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to create items");
+  }
+  if (!gameId) {
+    throw ApiError.badRequest("Missing game ID");
+  }
+  await validateGameOwnership(user, gameId);
+  let inputData;
+  try {
+    const requestBody = await ctx.request.json();
+    const bodyData = typeof requestBody === "object" && requestBody !== null ? requestBody : {};
+    const validationResult = InsertItemSchema.safeParse({
+      ...bodyData,
+      gameId
+    });
+    if (!validationResult.success) {
+      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(validationResult.error)}`);
+    }
+    inputData = validationResult.data;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error("Failed to parse request body or invalid JSON:", error2);
+    throw ApiError.badRequest("Invalid JSON body");
+  }
+  try {
+    const db = getDatabase();
+    const [newItem] = await db.insert(items).values(inputData).returning();
+    if (!newItem) {
+      throw ApiError.internal("Failed to create item in database");
+    }
+    return newItem;
+  } catch (error2) {
+    if (error2 instanceof Error) {
+      if (error2.message.includes("duplicate key value violates unique constraint")) {
+        throw ApiError.conflict(`An item with slug '${inputData.slug}' already exists for this game`);
+      }
+    }
+    logger2.error("Error creating game item:", error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function updateGameItem(ctx) {
+  const user = ctx.user;
+  const gameId = ctx.params.gameId;
+  const itemId = ctx.params.itemId;
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to update items");
+  }
+  if (!gameId || !itemId) {
+    throw ApiError.badRequest("Missing game ID or item ID");
+  }
+  await validateGameOwnership(user, gameId);
+  let inputData;
+  try {
+    const requestBody = await ctx.request.json();
+    const validationResult = UpdateItemSchema.safeParse(requestBody);
+    if (!validationResult.success) {
+      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(validationResult.error)}`);
+    }
+    inputData = validationResult.data;
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error("Failed to parse request body or invalid JSON:", error2);
+    throw ApiError.badRequest("Invalid JSON body");
+  }
+  if (Object.keys(inputData).length === 0) {
+    throw ApiError.badRequest("No update data provided");
+  }
+  try {
+    const db = getDatabase();
+    const existingItem = await db.query.items.findFirst({
+      where: and(eq(items.id, itemId), eq(items.gameId, gameId))
+    });
+    if (!existingItem) {
+      throw ApiError.notFound("Item not found for this game");
+    }
+    const [updatedItem] = await db.update(items).set(inputData).where(eq(items.id, itemId)).returning();
+    if (!updatedItem) {
+      throw ApiError.notFound("Item not found for update");
+    }
+    return updatedItem;
+  } catch (error2) {
+    if (error2 instanceof Error) {
+      if (error2.message.includes("duplicate key value violates unique constraint")) {
+        throw ApiError.conflict("An item with this slug already exists for this game");
+      }
+    }
+    logger2.error(`Error updating game item ${itemId}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+async function deleteGameItem(ctx) {
+  const user = ctx.user;
+  const gameId = ctx.params.gameId;
+  const itemId = ctx.params.itemId;
+  if (!user) {
+    throw ApiError.unauthorized("Must be logged in to delete items");
+  }
+  if (!gameId || !itemId) {
+    throw ApiError.badRequest("Missing game ID or item ID");
+  }
+  await validateGameOwnership(user, gameId);
+  try {
+    const db = getDatabase();
+    const result = await db.delete(items).where(and(eq(items.id, itemId), eq(items.gameId, gameId))).returning({ id: items.id });
+    if (result.length === 0) {
+      throw ApiError.notFound("Item not found for this game");
+    }
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      throw error2;
+    }
+    logger2.error(`Error deleting game item ${itemId}:`, error2);
+    throw ApiError.internal("Internal server error", error2);
+  }
+}
+// ../../node_modules/@oslojs/binary/dist/uint.js
+class BigEndian {
+  uint8(data2, offset) {
+    if (data2.byteLength < offset + 1) {
+      throw new TypeError("Insufficient bytes");
+    }
+    return data2[offset];
+  }
+  uint16(data2, offset) {
+    if (data2.byteLength < offset + 2) {
+      throw new TypeError("Insufficient bytes");
+    }
+    return data2[offset] << 8 | data2[offset + 1];
+  }
+  uint32(data2, offset) {
+    if (data2.byteLength < offset + 4) {
+      throw new TypeError("Insufficient bytes");
+    }
+    let result = 0;
+    for (let i3 = 0;i3 < 4; i3++) {
+      result |= data2[offset + i3] << 24 - i3 * 8;
+    }
+    return result;
+  }
+  uint64(data2, offset) {
+    if (data2.byteLength < offset + 8) {
+      throw new TypeError("Insufficient bytes");
+    }
+    let result = 0n;
+    for (let i3 = 0;i3 < 8; i3++) {
+      result |= BigInt(data2[offset + i3]) << BigInt(56 - i3 * 8);
+    }
+    return result;
+  }
+  putUint8(target, value, offset) {
+    if (target.length < offset + 1) {
+      throw new TypeError("Not enough space");
+    }
+    if (value < 0 || value > 255) {
+      throw new TypeError("Invalid uint8 value");
+    }
+    target[offset] = value;
+  }
+  putUint16(target, value, offset) {
+    if (target.length < offset + 2) {
+      throw new TypeError("Not enough space");
+    }
+    if (value < 0 || value > 65535) {
+      throw new TypeError("Invalid uint16 value");
+    }
+    target[offset] = value >> 8;
+    target[offset + 1] = value & 255;
+  }
+  putUint32(target, value, offset) {
+    if (target.length < offset + 4) {
+      throw new TypeError("Not enough space");
+    }
+    if (value < 0 || value > 4294967295) {
+      throw new TypeError("Invalid uint32 value");
+    }
+    for (let i3 = 0;i3 < 4; i3++) {
+      target[offset + i3] = value >> (3 - i3) * 8 & 255;
+    }
+  }
+  putUint64(target, value, offset) {
+    if (target.length < offset + 8) {
+      throw new TypeError("Not enough space");
+    }
+    if (value < 0 || value > 18446744073709551615n) {
+      throw new TypeError("Invalid uint64 value");
+    }
+    for (let i3 = 0;i3 < 8; i3++) {
+      target[offset + i3] = Number(value >> BigInt((7 - i3) * 8) & 0xffn);
+    }
+  }
+}
+
+class LittleEndian {
+  uint8(data2, offset) {
+    if (data2.byteLength < offset + 1) {
+      throw new TypeError("Insufficient bytes");
+    }
+    return data2[offset];
+  }
+  uint16(data2, offset) {
+    if (data2.byteLength < offset + 2) {
+      throw new TypeError("Insufficient bytes");
+    }
+    return data2[offset] | data2[offset + 1] << 8;
+  }
+  uint32(data2, offset) {
+    if (data2.byteLength < offset + 4) {
+      throw new TypeError("Insufficient bytes");
+    }
+    let result = 0;
+    for (let i3 = 0;i3 < 4; i3++) {
+      result |= data2[offset + i3] << i3 * 8;
+    }
+    return result;
+  }
+  uint64(data2, offset) {
+    if (data2.byteLength < offset + 8) {
+      throw new TypeError("Insufficient bytes");
+    }
+    let result = 0n;
+    for (let i3 = 0;i3 < 8; i3++) {
+      result |= BigInt(data2[offset + i3]) << BigInt(i3 * 8);
+    }
+    return result;
+  }
+  putUint8(target, value, offset) {
+    if (target.length < 1 + offset) {
+      throw new TypeError("Insufficient space");
+    }
+    if (value < 0 || value > 255) {
+      throw new TypeError("Invalid uint8 value");
+    }
+    target[offset] = value;
+  }
+  putUint16(target, value, offset) {
+    if (target.length < 2 + offset) {
+      throw new TypeError("Insufficient space");
+    }
+    if (value < 0 || value > 65535) {
+      throw new TypeError("Invalid uint16 value");
+    }
+    target[offset + 1] = value >> 8;
+    target[offset] = value & 255;
+  }
+  putUint32(target, value, offset) {
+    if (target.length < 4 + offset) {
+      throw new TypeError("Insufficient space");
+    }
+    if (value < 0 || value > 4294967295) {
+      throw new TypeError("Invalid uint32 value");
+    }
+    for (let i3 = 0;i3 < 4; i3++) {
+      target[offset + i3] = value >> i3 * 8 & 255;
+    }
+  }
+  putUint64(target, value, offset) {
     if (target.length < 8 + offset) {
       throw new TypeError("Insufficient space");
     }
@@ -79256,6 +79649,88 @@ gamesRouter.post("/uploads/finalize", async (c2) => {
     return c2.json({ error: message2 }, 500);
   }
 });
+gamesRouter.get("/:gameId/items", async (c2) => {
+  const gameId = c2.req.param("gameId");
+  const ctx = {
+    user: c2.get("user"),
+    params: { gameId },
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const result = await listGameItems(ctx);
+    return c2.json(result);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in listGameItems:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
+gamesRouter.post("/:gameId/items", async (c2) => {
+  const gameId = c2.req.param("gameId");
+  const ctx = {
+    user: c2.get("user"),
+    params: { gameId },
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const result = await createGameItem(ctx);
+    return c2.json(result, 201);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in createGameItem:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
+gamesRouter.patch("/:gameId/items/:itemId", async (c2) => {
+  const gameId = c2.req.param("gameId");
+  const itemId = c2.req.param("itemId");
+  const ctx = {
+    user: c2.get("user"),
+    params: { gameId, itemId },
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    const result = await updateGameItem(ctx);
+    return c2.json(result);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in updateGameItem:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
+gamesRouter.delete("/:gameId/items/:itemId", async (c2) => {
+  const gameId = c2.req.param("gameId");
+  const itemId = c2.req.param("itemId");
+  const ctx = {
+    user: c2.get("user"),
+    params: { gameId, itemId },
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
+  try {
+    await deleteGameItem(ctx);
+    return c2.body(null, 204);
+  } catch (error2) {
+    if (error2 instanceof ApiError) {
+      return c2.json({ error: error2.message }, error2.statusCode);
+    }
+    console.error("Error in deleteGameItem:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
+  }
+});
 // src/routes/manifest.ts
 var manifestRouter = new Hono2;
 manifestRouter.get("/", async (c2) => {
@@ -79387,157 +79862,27 @@ shopRouter.get("/view", async (c2) => {
     return c2.json({ error: message2 }, 500);
   }
 });
-// ../api-core/src/items/index.ts
-async function listItems(ctx) {
-  const user = ctx.user;
-  if (!user) {
-    throw ApiError.unauthorized("Must be logged in to view items");
-  }
-  try {
-    const db = getDatabase();
-    const allItems = await db.query.items.findMany();
-    return allItems;
-  } catch (error2) {
-    if (error2 instanceof ApiError) {
-      throw error2;
-    }
-    logger2.error("Error fetching items:", error2);
-    throw ApiError.internal("Internal server error", error2);
-  }
-}
-async function getItemById(ctx) {
-  const user = ctx.user;
-  const itemId = ctx.params.itemId;
-  if (!user) {
-    throw ApiError.unauthorized("Must be logged in to view item details");
-  }
-  if (!itemId) {
-    throw ApiError.badRequest("Missing item ID");
-  }
-  try {
-    const db = getDatabase();
-    const item = await db.query.items.findFirst({
-      where: eq(items.id, itemId)
-    });
-    if (!item) {
-      throw ApiError.notFound("Item not found");
-    }
-    return item;
-  } catch (error2) {
-    if (error2 instanceof ApiError) {
-      throw error2;
-    }
-    logger2.error(`Error fetching item ${itemId}:`, error2);
-    throw ApiError.internal("Internal server error", error2);
-  }
-}
-async function createItem(ctx) {
-  const user = ctx.user;
-  if (!user || user.role !== "admin") {
-    throw ApiError.forbidden("Admin access required");
-  }
-  let inputData;
-  try {
-    const requestBody = await ctx.request.json();
-    const validationResult = InsertItemSchema.safeParse(requestBody);
-    if (!validationResult.success) {
-      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(validationResult.error)}`);
-    }
-    inputData = validationResult.data;
-  } catch (error2) {
-    if (error2 instanceof ApiError) {
-      throw error2;
-    }
-    logger2.error("Failed to parse request body or invalid JSON:", error2);
-    throw ApiError.badRequest("Invalid JSON body");
-  }
-  try {
-    const db = getDatabase();
-    const [newItem] = await db.insert(items).values(inputData).returning();
-    if (!newItem) {
-      throw ApiError.internal("Failed to create item in database");
-    }
-    return newItem;
-  } catch (error2) {
-    if (error2 instanceof Error) {
-      if (error2.message.includes("duplicate key value violates unique constraint")) {
-        throw ApiError.conflict("An item with this internal name already exists");
-      }
-    }
-    logger2.error("Error creating item:", error2);
-    throw ApiError.internal("Internal server error", error2);
-  }
-}
-async function updateItem(ctx) {
-  const user = ctx.user;
-  const itemId = ctx.params.itemId;
-  if (!user || user.role !== "admin") {
-    throw ApiError.forbidden("Admin access required");
-  }
-  if (!itemId) {
-    throw ApiError.badRequest("Missing item ID");
-  }
-  let inputData;
-  try {
-    const requestBody = await ctx.request.json();
-    const validationResult = UpdateItemSchema.safeParse(requestBody);
-    if (!validationResult.success) {
-      throw ApiError.badRequest(`Validation failed: ${formatValidationErrors(validationResult.error)}`);
-    }
-    inputData = validationResult.data;
-  } catch (error2) {
-    if (error2 instanceof ApiError) {
-      throw error2;
-    }
-    logger2.error("Failed to parse request body or invalid JSON:", error2);
-    throw ApiError.badRequest("Invalid JSON body");
-  }
-  if (Object.keys(inputData).length === 0) {
-    throw ApiError.badRequest("No update data provided");
-  }
-  try {
-    const db = getDatabase();
-    const [updatedItem] = await db.update(items).set(inputData).where(eq(items.id, itemId)).returning();
-    if (!updatedItem) {
-      throw ApiError.notFound("Item not found for update");
-    }
-    return updatedItem;
-  } catch (error2) {
-    if (error2 instanceof Error) {
-      if (error2.message.includes("duplicate key value violates unique constraint")) {
-        throw ApiError.conflict("An item with this internal name already exists");
-      }
-    }
-    logger2.error(`Error updating item ${itemId}:`, error2);
-    throw ApiError.internal("Internal server error", error2);
-  }
-}
-async function deleteItem(ctx) {
-  const user = ctx.user;
-  const itemId = ctx.params.itemId;
-  if (!user || user.role !== "admin") {
-    throw ApiError.forbidden("Admin access required");
-  }
-  if (!itemId) {
-    throw ApiError.badRequest("Missing item ID");
-  }
+// src/routes/items.ts
+var itemsRouter = new Hono2;
+itemsRouter.get("/resolve", async (c2) => {
+  const ctx = {
+    user: c2.get("user"),
+    params: {},
+    url: new URL(c2.req.url),
+    request: c2.req.raw
+  };
   try {
-    const db = getDatabase();
-    const result = await db.delete(items).where(eq(items.id, itemId)).returning({ id: items.id });
-    if (result.length === 0) {
-      throw ApiError.notFound("Item not found for deletion");
-    }
+    const result = await resolveItem(ctx);
+    return c2.json(result);
   } catch (error2) {
     if (error2 instanceof ApiError) {
-      throw error2;
+      return c2.json({ error: error2.message }, error2.statusCode);
     }
-    logger2.error(`Error deleting item ${itemId}:`, error2);
-    throw ApiError.internal("Internal server error", error2);
+    console.error("Error in resolveItem:", error2);
+    const message2 = error2 instanceof Error ? error2.message : "Internal server error";
+    return c2.json({ error: message2 }, 500);
   }
-}
-
-// src/routes/items.ts
-var itemsRouter = new Hono2;
+});
 itemsRouter.post("/", async (c2) => {
   const ctx = {
     user: c2.get("user"),
@@ -79710,8 +80055,8 @@ async function createCurrency(ctx) {
   } catch (error2) {
     if (error2 instanceof Error) {
       if (error2.message.includes("duplicate key value violates unique constraint") || error2.message.includes("UNIQUE constraint failed")) {
-        if (error2.message.includes("currencies_internal_name_unique")) {
-          throw ApiError.conflict("A currency with this internal name already exists");
+        if (error2.message.includes("currencies_slug_unique")) {
+          throw ApiError.conflict("A currency with this slug already exists");
         }
         throw ApiError.conflict("A similar currency already exists");
       }
@@ -79757,8 +80102,8 @@ async function updateCurrency(ctx) {
   } catch (error2) {
     if (error2 instanceof Error) {
       if (error2.message.includes("duplicate key value violates unique constraint") || error2.message.includes("UNIQUE constraint failed")) {
-        if (error2.message.includes("currencies_internal_name_unique")) {
-          throw ApiError.conflict("A currency with this internal name already exists");
+        if (error2.message.includes("currencies_slug_unique")) {
+          throw ApiError.conflict("A currency with this slug already exists");
         }
         throw ApiError.conflict("A similar currency already exists");
       }