@powerhousedao/reactor-api 6.2.0-dev.4 → 6.2.0-dev.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.mts CHANGED
@@ -3,9 +3,9 @@ import { IAnalyticsStore } from "@powerhousedao/analytics-engine-core";
3
3
  import { AnalyticsModel } from "@powerhousedao/analytics-engine-graphql";
4
4
  import * as graphql from "graphql";
5
5
  import { DocumentNode, GraphQLResolveInfo, GraphQLScalarType, GraphQLScalarTypeConfig, GraphQLSchema } from "graphql";
6
+ import { IDocumentModelLoader, IDocumentModelRegistry, IDriveClient, IReactorClient, IRelationalDb, ISyncManager, InProcessReactorClientModule, ParsedDriveUrl, driveIdFromUrl, parseDriveUrl } from "@powerhousedao/reactor";
6
7
  import { ILogger } from "document-model";
7
8
  import { DocumentModelGlobalState as DocumentModelGlobalState$1, DocumentModelModule, Operation, PHDocument, PHDocumentHeader } from "@powerhousedao/shared/document-model";
8
- import { IDocumentModelLoader, IDocumentModelRegistry, IDriveClient, IReactorClient, IRelationalDb, ISyncManager, ParsedDriveUrl, ReactorClientModule, driveIdFromUrl, parseDriveUrl } from "@powerhousedao/reactor";
9
9
  import * as z$1 from "zod";
10
10
  import { DocumentDriveDocument, DocumentDriveGlobalState } from "@powerhousedao/shared/document-drive";
11
11
  import { AttachmentBuildResult } from "@powerhousedao/reactor-attachments";
@@ -42,11 +42,7 @@ interface DocumentProtectionTable {
42
42
  }
43
43
  interface DocumentPermissionDatabase {
44
44
  DocumentPermission: DocumentPermissionTable;
45
- Group: GroupTable;
46
- UserGroup: UserGroupTable;
47
- DocumentGroupPermission: DocumentGroupPermissionTable;
48
45
  OperationUserPermission: OperationUserPermissionTable;
49
- OperationGroupPermission: OperationGroupPermissionTable;
50
46
  DocumentProtection: DocumentProtectionTable;
51
47
  }
52
48
  interface DocumentPermissionTable {
@@ -58,27 +54,6 @@ interface DocumentPermissionTable {
58
54
  createdAt: Date;
59
55
  updatedAt: Date;
60
56
  }
61
- interface GroupTable {
62
- id: Generated<number>;
63
- name: string;
64
- description: string | null;
65
- createdAt: Date;
66
- updatedAt: Date;
67
- }
68
- interface UserGroupTable {
69
- userAddress: string;
70
- groupId: number;
71
- createdAt: Date;
72
- }
73
- interface DocumentGroupPermissionTable {
74
- id: Generated<number>;
75
- documentId: string;
76
- groupId: number;
77
- permission: DocumentPermissionLevel;
78
- grantedBy: string;
79
- createdAt: Date;
80
- updatedAt: Date;
81
- }
82
57
  interface OperationUserPermissionTable {
83
58
  id: Generated<number>;
84
59
  documentId: string;
@@ -87,14 +62,6 @@ interface OperationUserPermissionTable {
87
62
  grantedBy: string;
88
63
  createdAt: Date;
89
64
  }
90
- interface OperationGroupPermissionTable {
91
- id: Generated<number>;
92
- documentId: string;
93
- operationType: string;
94
- groupId: number;
95
- grantedBy: string;
96
- createdAt: Date;
97
- }
98
65
  type Db = Kysely<any>;
99
66
  /**
100
67
  * Optional factory used by callers (e.g. Switchboard) to inject a
@@ -120,21 +87,6 @@ interface DocumentPermissionEntry {
120
87
  createdAt: Date;
121
88
  updatedAt: Date;
122
89
  }
123
- interface Group {
124
- id: number;
125
- name: string;
126
- description: string | null;
127
- createdAt: Date;
128
- updatedAt: Date;
129
- }
130
- interface DocumentGroupPermissionEntry {
131
- documentId: string;
132
- groupId: number;
133
- permission: DocumentPermissionLevel;
134
- grantedBy: string;
135
- createdAt: Date;
136
- updatedAt: Date;
137
- }
138
90
  interface OperationUserPermissionEntry {
139
91
  documentId: string;
140
92
  operationType: string;
@@ -142,13 +94,6 @@ interface OperationUserPermissionEntry {
142
94
  grantedBy: string;
143
95
  createdAt: Date;
144
96
  }
145
- interface OperationGroupPermissionEntry {
146
- documentId: string;
147
- operationType: string;
148
- groupId: number;
149
- grantedBy: string;
150
- createdAt: Date;
151
- }
152
97
  /**
153
98
  * Function type for getting parent document IDs
154
99
  * This is injected to avoid circular dependencies with the reactor client
@@ -169,7 +114,7 @@ interface DocumentPermissionConfig {
169
114
  * - ADMIN: Can manage document permissions and settings
170
115
  *
171
116
  * Operation permissions:
172
- * - Users and groups can be granted permission to execute specific operations
117
+ * - Users can be granted permission to execute specific operations
173
118
  */
174
119
  declare class DocumentPermissionService {
175
120
  private readonly db;
@@ -200,83 +145,6 @@ declare class DocumentPermissionService {
200
145
  * Delete all permissions for a document (used when deleting a document)
201
146
  */
202
147
  deleteAllDocumentPermissions(documentId: string): Promise<void>;
203
- /**
204
- * Check if a user can read a document.
205
- * Returns true if user has READ, WRITE, or ADMIN permission (direct or via group)
206
- */
207
- canReadDocument(documentId: string, userAddress: string | undefined): Promise<boolean>;
208
- /**
209
- * Check if a user can write to a document.
210
- * Returns true if user has WRITE or ADMIN permission (direct or via group)
211
- */
212
- canWriteDocument(documentId: string, userAddress: string | undefined): Promise<boolean>;
213
- /**
214
- * Check if a user can manage a document (change permissions, settings).
215
- * Returns true if user has ADMIN permission (direct or via group)
216
- */
217
- canManageDocument(documentId: string, userAddress: string | undefined): Promise<boolean>;
218
- /**
219
- * Check if a user can read a document, including parent permission inheritance.
220
- * Returns true if user has permission on the document OR any parent in the hierarchy.
221
- */
222
- canRead(documentId: string, userAddress: string | undefined, getParentIds: GetParentIdsFn): Promise<boolean>;
223
- /**
224
- * Check if a user can write to a document, including parent permission inheritance.
225
- * Returns true if user has write permission on the document OR any parent in the hierarchy.
226
- */
227
- canWrite(documentId: string, userAddress: string | undefined, getParentIds: GetParentIdsFn): Promise<boolean>;
228
- /**
229
- * Filter a list of document IDs to only include those the user can read.
230
- */
231
- filterReadableDocuments(documentIds: string[], userAddress: string | undefined, getParentIds: GetParentIdsFn): Promise<string[]>;
232
- /**
233
- * Create a new group
234
- */
235
- createGroup(name: string, description?: string): Promise<Group>;
236
- /**
237
- * Delete a group and all its associations
238
- */
239
- deleteGroup(groupId: number): Promise<void>;
240
- /**
241
- * Get a group by ID
242
- */
243
- getGroup(groupId: number): Promise<Group | null>;
244
- /**
245
- * List all groups
246
- */
247
- listGroups(): Promise<Group[]>;
248
- /**
249
- * Add a user to a group
250
- */
251
- addUserToGroup(userAddress: string, groupId: number): Promise<void>;
252
- /**
253
- * Remove a user from a group
254
- */
255
- removeUserFromGroup(userAddress: string, groupId: number): Promise<void>;
256
- /**
257
- * Get all groups a user belongs to
258
- */
259
- getUserGroups(userAddress: string): Promise<Group[]>;
260
- /**
261
- * Get all members of a group
262
- */
263
- getGroupMembers(groupId: number): Promise<string[]>;
264
- /**
265
- * Grant a group permission on a document
266
- */
267
- grantGroupPermission(documentId: string, groupId: number, permission: DocumentPermissionLevel, grantedBy: string): Promise<DocumentGroupPermissionEntry>;
268
- /**
269
- * Revoke a group's permission on a document
270
- */
271
- revokeGroupPermission(documentId: string, groupId: number): Promise<void>;
272
- /**
273
- * Get all group permissions for a document
274
- */
275
- getDocumentGroupPermissions(documentId: string): Promise<DocumentGroupPermissionEntry[]>;
276
- /**
277
- * Get best permission level a user has on a document via groups
278
- */
279
- getUserGroupPermission(documentId: string, userAddress: string): Promise<DocumentPermissionLevel | null>;
280
148
  /**
281
149
  * Grant a user permission to execute an operation on a document
282
150
  */
@@ -285,27 +153,14 @@ declare class DocumentPermissionService {
285
153
  * Revoke a user's permission to execute an operation
286
154
  */
287
155
  revokeOperationPermission(documentId: string, operationType: string, userAddress: string): Promise<void>;
288
- /**
289
- * Grant a group permission to execute an operation on a document
290
- */
291
- grantGroupOperationPermission(documentId: string, operationType: string, groupId: number, grantedBy: string): Promise<OperationGroupPermissionEntry>;
292
- /**
293
- * Revoke a group's permission to execute an operation
294
- */
295
- revokeGroupOperationPermission(documentId: string, operationType: string, groupId: number): Promise<void>;
296
156
  /**
297
157
  * Get all users with permission to execute an operation
298
158
  */
299
159
  getOperationUserPermissions(documentId: string, operationType: string): Promise<OperationUserPermissionEntry[]>;
300
160
  /**
301
- * Get all groups with permission to execute an operation
161
+ * Whether an operation-permission row exists for the user on this operation.
302
162
  */
303
- getOperationGroupPermissions(documentId: string, operationType: string): Promise<OperationGroupPermissionEntry[]>;
304
- /**
305
- * Check if a user can execute a specific operation on a document.
306
- * Returns true if user has direct permission or is in a group with permission.
307
- */
308
- canExecuteOperation(documentId: string, operationType: string, userAddress: string | undefined): Promise<boolean>;
163
+ hasOperationGrant(documentId: string, operationType: string, userAddress: string): Promise<boolean>;
309
164
  /**
310
165
  * Check if an operation has any permissions set (is restricted)
311
166
  */
@@ -352,73 +207,80 @@ declare class DocumentPermissionService {
352
207
  }
353
208
  //#endregion
354
209
  //#region src/services/authorization.service.d.ts
210
+ /**
211
+ * A document id that has been resolved to its canonical form, never a slug.
212
+ *
213
+ * Protection and grant rows are written under the canonical id, while the
214
+ * read/operation data paths accept an id-or-slug identifier. The decision layer
215
+ * must key on the canonical id, so branding it forces every caller to resolve a
216
+ * slug to its id before consulting this service, closing the slug-aliasing
217
+ * bypass (S-C1). The only sanctioned cast from string to CanonicalDocumentId
218
+ * lives in the BaseSubgraph resolution helpers, immediately after the shared
219
+ * resolveIdOrSlug lookup returns.
220
+ */
221
+ type CanonicalDocumentId = string & {
222
+ readonly __canonicalDocumentId: unique symbol;
223
+ };
224
+ /**
225
+ * Result of a passed per-document authorization check. `fetchIdentifier` is
226
+ * always safe for the data fetch: the canonical id when resolved, or the raw
227
+ * identifier when the check was skipped for a policy-wide caller.
228
+ */
229
+ declare class AuthorizedDocumentHandle {
230
+ readonly fetchIdentifier: string;
231
+ readonly isResolved: boolean;
232
+ private constructor();
233
+ static resolved(documentId: CanonicalDocumentId): AuthorizedDocumentHandle;
234
+ static skipped(identifier: string): AuthorizedDocumentHandle;
235
+ /** The verified canonical id; throws when resolution was skipped. */
236
+ canonicalId(): CanonicalDocumentId;
237
+ }
238
+ declare const AuthorizationPolicy: {
239
+ readonly OPEN: "OPEN";
240
+ readonly ADMIN_ONLY: "ADMIN_ONLY";
241
+ readonly DOCUMENT_PERMISSIONS: "DOCUMENT_PERMISSIONS";
242
+ };
243
+ type AuthorizationPolicy = (typeof AuthorizationPolicy)[keyof typeof AuthorizationPolicy];
355
244
  interface AuthorizationConfig {
356
245
  admins: string[];
357
246
  defaultProtection: boolean;
247
+ policy: AuthorizationPolicy;
358
248
  }
359
249
  /**
360
- * Central authorization service — single source of truth for all permission checks.
250
+ * Single source of truth for every permission decision. Always present (never
251
+ * null) so callers branch on data, not on the existence of a service.
252
+ *
253
+ * The policy selects an implementation once at boot:
254
+ * - OPEN: authentication disabled — everyone (incl. anonymous) is allowed.
255
+ * - ADMIN_ONLY: authentication on, document permissions off — only ADMINS.
256
+ * - DOCUMENT_PERMISSIONS: the full per-document protection + grant model.
361
257
  *
362
- * Authorization model:
363
- * 1. Supreme admin (ADMINS env) ALLOW ALL
364
- * 2. Is document protected?
365
- * a. NOT protected:
366
- * - READ: anyone (even anonymous) → ALLOW
367
- * - WRITE: authenticated user → ALLOW
368
- * b. PROTECTED:
369
- * - READ: requires explicit READ/WRITE/ADMIN grant (direct or via group/parent)
370
- * - WRITE: requires explicit WRITE/ADMIN grant (direct or via group/parent)
371
- * 3. Operation restricted? → Check OperationUserPermission
372
- * 4. Document owner = implicit ADMIN
373
- * 5. Drive protected = all children effectively protected
258
+ * Permission inheritance walks the parent-document hierarchy through a
259
+ * parent resolver injected at construction; callers never supply one.
374
260
  */
375
- declare class AuthorizationService {
376
- private readonly documentPermissionService;
261
+ interface IAuthorizationService {
377
262
  readonly config: AuthorizationConfig;
378
- constructor(documentPermissionService: DocumentPermissionService, config: AuthorizationConfig);
379
263
  /**
380
- * Check if a user is a supreme admin (from ADMINS env var).
264
+ * Whether the user has unrestricted, policy-wide access. Under OPEN this is
265
+ * true for everyone (including anonymous callers) by design: OPEN means "no
266
+ * restrictions", and consumers use this check to skip per-document
267
+ * filtering. It does NOT mean the caller is in the ADMINS list.
381
268
  */
382
269
  isSupremeAdmin(userAddress?: string): boolean;
383
270
  /**
384
- * Check if a user can read a document.
385
- *
386
- * - Supreme admin → yes
387
- * - Not protected → anyone can read (even anonymous)
388
- * - Protected → requires READ/WRITE/ADMIN grant (direct, group, or parent inheritance)
389
- * - Owner → yes (implicit ADMIN)
390
- */
391
- canRead(documentId: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
392
- /**
393
- * Check if a user can write to a document.
394
- *
395
- * - Supreme admin → yes
396
- * - Not protected → anyone can write (even anonymous)
397
- * - Protected → requires authentication + WRITE/ADMIN grant
398
- * - Owner → yes (implicit ADMIN)
399
- */
400
- canWrite(documentId: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
401
- /**
402
- * Check if a user can manage a document (change permissions, protection, transfer ownership).
403
- *
404
- * - Supreme admin → yes
405
- * - Owner → yes
406
- * - Has ADMIN grant → yes
407
- */
408
- canManage(documentId: string, userAddress?: string, _getParentIds?: GetParentIdsFn): Promise<boolean>;
409
- /**
410
- * Check if a user can execute a specific operation.
411
- * If the operation is not restricted, falls through to the standard write check.
412
- * If the operation is restricted, requires an explicit OperationUserPermission grant.
271
+ * Whether the user may create new documents under the current policy:
272
+ * everyone in OPEN, only admins in ADMIN_ONLY, any authenticated user in
273
+ * DOCUMENT_PERMISSIONS.
413
274
  */
414
- canExecuteOperation(documentId: string, operationType: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
275
+ canCreate(userAddress?: string): boolean;
276
+ canRead(documentId: CanonicalDocumentId, userAddress?: string): Promise<boolean>;
277
+ canWrite(documentId: CanonicalDocumentId, userAddress?: string): Promise<boolean>;
415
278
  /**
416
- * Combined check for mutations: can the user write + execute the operation?
417
- * This enables READ-only users with operation grants to execute specific operations.
418
- * For restricted operations, only the operation grant is checked (bypasses write check),
419
- * allowing READ-only users with an explicit operation grant to execute that operation.
279
+ * Whether the user administers the document: supreme admin, document
280
+ * owner, or holder of an ADMIN grant.
420
281
  */
421
- canMutate(documentId: string, operationType: string, userAddress?: string, getParentIds?: GetParentIdsFn): Promise<boolean>;
282
+ canManage(documentId: CanonicalDocumentId, userAddress?: string): Promise<boolean>;
283
+ canMutate(documentId: CanonicalDocumentId, operationType: string, userAddress?: string): Promise<boolean>;
422
284
  }
423
285
  //#endregion
424
286
  //#region src/graphql/types.d.ts
@@ -428,14 +290,11 @@ type Context = {
428
290
  document?: PHDocument;
429
291
  headers: IncomingHttpHeaders;
430
292
  db: unknown;
431
- isAdmin?: (address: string) => boolean;
432
293
  user?: {
433
294
  address: string;
434
295
  chainId: number;
435
296
  networkId: string;
436
297
  };
437
- documentPermissionService?: DocumentPermissionService;
438
- authorizationService?: AuthorizationService;
439
298
  };
440
299
  type ISubgraph = {
441
300
  name: string;
@@ -454,7 +313,7 @@ type SubgraphArgs = {
454
313
  graphqlManager: GraphQLManager$1;
455
314
  syncManager: ISyncManager;
456
315
  documentPermissionService?: DocumentPermissionService;
457
- authorizationService?: AuthorizationService;
316
+ authorizationService: IAuthorizationService;
458
317
  path?: string;
459
318
  };
460
319
  type GqlSigner = {
@@ -516,6 +375,7 @@ type GqlDriveDocument = GqlDocument & {
516
375
  //#endregion
517
376
  //#region src/graphql/base-subgraph.d.ts
518
377
  declare class BaseSubgraph implements ISubgraph$1 {
378
+ #private;
519
379
  name: string;
520
380
  path: string;
521
381
  resolvers: Record<string, any>;
@@ -525,15 +385,47 @@ declare class BaseSubgraph implements ISubgraph$1 {
525
385
  relationalDb: IRelationalDb;
526
386
  syncManager: ISyncManager;
527
387
  documentPermissionService?: DocumentPermissionService;
528
- authorizationService?: AuthorizationService;
388
+ authorizationService: IAuthorizationService;
529
389
  constructor(args: SubgraphArgs$1);
530
390
  onSetup(): Promise<void>;
531
- protected getParentIdsFn(): GetParentIdsFn;
532
- protected hasGlobalAdminAccess(ctx: Context): boolean;
533
- protected canReadDocument(documentId: string, ctx: Context): Promise<boolean>;
534
- protected assertCanRead(documentId: string, ctx: Context): Promise<void>;
535
- protected assertCanWrite(documentId: string, ctx: Context): Promise<void>;
536
- protected assertCanExecuteOperation(documentId: string, operationType: string, ctx: Context): Promise<void>;
391
+ /**
392
+ * Resolves a caller-supplied identifier (id or slug) to its canonical
393
+ * document id, memoized per request. Both the decision layer and the data
394
+ * layer must agree on the subject, so this runs the same resolveIdOrSlug
395
+ * lookup the data path uses. A resolution failure (not found, ambiguous, or
396
+ * transient) surfaces as a generic Forbidden, fail-closed, so a bad
397
+ * identifier cannot be used as a document-existence oracle.
398
+ */
399
+ resolveCanonicalDocumentId(identifier: string, requestKey: object): Promise<CanonicalDocumentId>;
400
+ /**
401
+ * Resolves the args' `documentId` to canonical form. Unconditional (unlike the
402
+ * assertCan* helpers, no admin skip): ACL rows are keyed on the canonical id.
403
+ */
404
+ withCanonicalDocumentId<T extends {
405
+ documentId: string;
406
+ }>(args: T, requestKey: object): Promise<T & {
407
+ documentId: CanonicalDocumentId;
408
+ }>;
409
+ /**
410
+ * Read filter for an already-canonical document id (one sourced from the data
411
+ * layer, such as a fetched document's id). Performs no slug resolution.
412
+ */
413
+ canReadDocument(documentId: CanonicalDocumentId, ctx: Context): Promise<boolean>;
414
+ /**
415
+ * Asserts read access, resolving a slug first. Returns a handle whose
416
+ * `fetchIdentifier` the caller reuses for the data fetch; a denial throws.
417
+ */
418
+ assertCanRead(identifier: string, ctx: Context): Promise<AuthorizedDocumentHandle>;
419
+ assertCanWrite(identifier: string, ctx: Context): Promise<AuthorizedDocumentHandle>;
420
+ assertCanExecuteOperation(identifier: string, operationType: string, ctx: Context): Promise<AuthorizedDocumentHandle>;
421
+ /**
422
+ * Read assertion for an already-canonical document id. No slug resolution;
423
+ * use only with ids sourced from the data layer or already resolved.
424
+ */
425
+ assertCanReadCanonical(documentId: CanonicalDocumentId, ctx: Context): Promise<void>;
426
+ assertCanWriteCanonical(documentId: CanonicalDocumentId, ctx: Context): Promise<void>;
427
+ assertCanExecuteOperationCanonical(documentId: CanonicalDocumentId, operationType: string, ctx: Context): Promise<void>;
428
+ assertCanCreate(ctx: Context): void;
537
429
  }
538
430
  //#endregion
539
431
  //#region src/graphql/analytics-subgraph.d.ts
@@ -557,29 +449,6 @@ type DocumentAccessInfo = {
557
449
  createdAt: Date;
558
450
  updatedAt: Date;
559
451
  }>;
560
- groupPermissions: Array<{
561
- documentId: string;
562
- groupId: number;
563
- permission: DocumentPermissionLevel;
564
- grantedBy: string;
565
- createdAt: Date;
566
- updatedAt: Date;
567
- }>;
568
- };
569
- type Group$1 = {
570
- id: number;
571
- name: string;
572
- description: string | null;
573
- createdAt: Date;
574
- updatedAt: Date;
575
- };
576
- type DocumentGroupPermission = {
577
- documentId: string;
578
- groupId: number;
579
- permission: DocumentPermissionLevel;
580
- grantedBy: string;
581
- createdAt: Date;
582
- updatedAt: Date;
583
452
  };
584
453
  type OperationUserPermission = {
585
454
  documentId: string;
@@ -588,18 +457,10 @@ type OperationUserPermission = {
588
457
  grantedBy: string;
589
458
  createdAt: Date;
590
459
  };
591
- type OperationGroupPermission = {
592
- documentId: string;
593
- operationType: string;
594
- groupId: number;
595
- grantedBy: string;
596
- createdAt: Date;
597
- };
598
460
  type OperationPermissionsInfo = {
599
461
  documentId: string;
600
462
  operationType: string;
601
463
  userPermissions: OperationUserPermission[];
602
- groupPermissions: OperationGroupPermission[];
603
464
  };
604
465
  type DocumentProtectionInfo = {
605
466
  documentId: string;
@@ -614,8 +475,7 @@ type DocumentProtectionInfo = {
614
475
  * This subgraph is conditionally registered based on the DOCUMENT_PERMISSIONS_ENABLED
615
476
  * feature flag. When enabled, it provides GraphQL operations for:
616
477
  * - Document permissions (grant/revoke user access)
617
- * - Group management (create/delete groups, manage membership)
618
- * - Group document permissions (grant/revoke group access)
478
+ * - Document protection and ownership
619
479
  * - Operation-level permissions (fine-grained operation control)
620
480
  */
621
481
  declare class AuthSubgraph extends BaseSubgraph {
@@ -628,6 +488,10 @@ declare class AuthSubgraph extends BaseSubgraph {
628
488
  Query: {
629
489
  documentAccess: (_parent: unknown, args: {
630
490
  documentId: string;
491
+ }, ctx: {
492
+ user?: {
493
+ address: string;
494
+ };
631
495
  }) => Promise<DocumentAccessInfo>;
632
496
  userDocumentPermissions: (_parent: unknown, _args: unknown, ctx: {
633
497
  user?: {
@@ -641,16 +505,13 @@ declare class AuthSubgraph extends BaseSubgraph {
641
505
  createdAt: Date;
642
506
  updatedAt: Date;
643
507
  }[]>;
644
- groups: () => Promise<Group$1[]>;
645
- group: (_parent: unknown, args: {
646
- id: number;
647
- }) => Promise<Group$1 | null>;
648
- userGroups: (_parent: unknown, args: {
649
- userAddress: string;
650
- }) => Promise<Group$1[]>;
651
508
  operationPermissions: (_parent: unknown, args: {
652
509
  documentId: string;
653
510
  operationType: string;
511
+ }, ctx: {
512
+ user?: {
513
+ address: string;
514
+ };
654
515
  }) => Promise<OperationPermissionsInfo>;
655
516
  canExecuteOperation: (_parent: unknown, args: {
656
517
  documentId: string;
@@ -676,7 +537,6 @@ declare class AuthSubgraph extends BaseSubgraph {
676
537
  user?: {
677
538
  address: string;
678
539
  };
679
- isAdmin?: (address: string) => boolean;
680
540
  }) => Promise<DocumentProtectionInfo>;
681
541
  transferDocumentOwnership: (_parent: unknown, args: {
682
542
  documentId: string;
@@ -685,7 +545,6 @@ declare class AuthSubgraph extends BaseSubgraph {
685
545
  user?: {
686
546
  address: string;
687
547
  };
688
- isAdmin?: (address: string) => boolean;
689
548
  }) => Promise<DocumentProtectionInfo>;
690
549
  grantDocumentPermission: (_parent: unknown, args: {
691
550
  documentId: string;
@@ -695,7 +554,6 @@ declare class AuthSubgraph extends BaseSubgraph {
695
554
  user?: {
696
555
  address: string;
697
556
  };
698
- isAdmin?: (address: string) => boolean;
699
557
  }) => Promise<{
700
558
  documentId: string;
701
559
  userAddress: string;
@@ -711,41 +569,6 @@ declare class AuthSubgraph extends BaseSubgraph {
711
569
  user?: {
712
570
  address: string;
713
571
  };
714
- isAdmin?: (address: string) => boolean;
715
- }) => Promise<boolean>;
716
- createGroup: (_parent: unknown, args: {
717
- name: string;
718
- description?: string | null;
719
- }) => Promise<Group$1>;
720
- deleteGroup: (_parent: unknown, args: {
721
- id: number;
722
- }) => Promise<boolean>;
723
- addUserToGroup: (_parent: unknown, args: {
724
- userAddress: string;
725
- groupId: number;
726
- }) => Promise<boolean>;
727
- removeUserFromGroup: (_parent: unknown, args: {
728
- userAddress: string;
729
- groupId: number;
730
- }) => Promise<boolean>;
731
- grantGroupPermission: (_parent: unknown, args: {
732
- documentId: string;
733
- groupId: number;
734
- permission: string;
735
- }, ctx: {
736
- user?: {
737
- address: string;
738
- };
739
- isAdmin?: (address: string) => boolean;
740
- }) => Promise<DocumentGroupPermission>;
741
- revokeGroupPermission: (_parent: unknown, args: {
742
- documentId: string;
743
- groupId: number;
744
- }, ctx: {
745
- user?: {
746
- address: string;
747
- };
748
- isAdmin?: (address: string) => boolean;
749
572
  }) => Promise<boolean>;
750
573
  grantOperationPermission: (_parent: unknown, args: {
751
574
  documentId: string;
@@ -755,7 +578,6 @@ declare class AuthSubgraph extends BaseSubgraph {
755
578
  user?: {
756
579
  address: string;
757
580
  };
758
- isAdmin?: (address: string) => boolean;
759
581
  }) => Promise<OperationUserPermission>;
760
582
  revokeOperationPermission: (_parent: unknown, args: {
761
583
  documentId: string;
@@ -765,44 +587,8 @@ declare class AuthSubgraph extends BaseSubgraph {
765
587
  user?: {
766
588
  address: string;
767
589
  };
768
- isAdmin?: (address: string) => boolean;
769
- }) => Promise<boolean>;
770
- grantGroupOperationPermission: (_parent: unknown, args: {
771
- documentId: string;
772
- operationType: string;
773
- groupId: number;
774
- }, ctx: {
775
- user?: {
776
- address: string;
777
- };
778
- isAdmin?: (address: string) => boolean;
779
- }) => Promise<OperationGroupPermission>;
780
- revokeGroupOperationPermission: (_parent: unknown, args: {
781
- documentId: string;
782
- operationType: string;
783
- groupId: number;
784
- }, ctx: {
785
- user?: {
786
- address: string;
787
- };
788
- isAdmin?: (address: string) => boolean;
789
590
  }) => Promise<boolean>;
790
591
  };
791
- Group: {
792
- members: (parent: {
793
- id: number;
794
- }) => Promise<string[]>;
795
- };
796
- DocumentGroupPermission: {
797
- group: (parent: {
798
- groupId: number;
799
- }) => Promise<Group$1>;
800
- };
801
- OperationGroupPermission: {
802
- group: (parent: {
803
- groupId: number;
804
- }) => Promise<Group$1>;
805
- };
806
592
  };
807
593
  onSetup(): Promise<void>;
808
594
  }
@@ -811,8 +597,8 @@ declare class AuthSubgraph extends BaseSubgraph {
811
597
  interface AuthConfig {
812
598
  enabled: boolean;
813
599
  admins: string[];
814
- cacheTtl?: number;
815
600
  skipCredentialVerification?: boolean;
601
+ credentialVerificationCacheTtlMs?: number;
816
602
  }
817
603
  interface User {
818
604
  address: string;
@@ -826,6 +612,7 @@ interface AuthContext {
826
612
  }
827
613
  declare class AuthService {
828
614
  private readonly config;
615
+ private readonly credentialCache;
829
616
  constructor(config: AuthConfig);
830
617
  authenticateRequest(request: globalThis.Request): Promise<AuthContext | globalThis.Response>;
831
618
  /**
@@ -843,27 +630,28 @@ declare class AuthService {
843
630
  */
844
631
  private extractUserFromVerification;
845
632
  /**
846
- * Get additional context fields for GraphQL
633
+ * Verify that the credential still exists on the Renown API.
634
+ *
635
+ * Results are cached per (address, chainId, issuer) for a short TTL so the
636
+ * blocking external round-trip is not paid on every request. Concurrent
637
+ * checks for the same key share a single in-flight request, and entries
638
+ * that resolve to false are evicted immediately so failed or revoked
639
+ * credentials are re-checked on the next request.
847
640
  */
848
- getAdditionalContextFields(): {
849
- isAdmin: (address: string) => boolean;
850
- };
641
+ private verifyCredentialExists;
851
642
  /**
852
- * Get user context for GraphQL
643
+ * Enforce the cache size cap before inserting a new entry: drop expired
644
+ * entries first, then evict oldest-inserted entries (insertion order
645
+ * matches expiry order since the TTL is constant) until under the cap, so
646
+ * a flood of distinct keys cannot grow the map without bound.
853
647
  */
854
- getUserContext(user?: User): {
855
- user?: undefined;
856
- } | {
857
- user: {
858
- address: string;
859
- chainId: number;
860
- networkId: string;
861
- };
862
- };
648
+ private pruneCredentialCache;
863
649
  /**
864
- * Verify that the credential still exists on the Renown API
650
+ * Fetch the credential from the Renown API and validate it against the
651
+ * expected address, chainId and issuer. Never throws; returns false on any
652
+ * network or validation failure.
865
653
  */
866
- private verifyCredentialExists;
654
+ private fetchCredentialExists;
867
655
  }
868
656
  //#endregion
869
657
  //#region src/graphql/gateway/types.d.ts
@@ -1016,16 +804,14 @@ declare class GraphQLManager {
1016
804
  private readonly logger;
1017
805
  private readonly httpAdapter;
1018
806
  private readonly gatewayAdapter;
1019
- private readonly authConfig?;
807
+ private readonly authService?;
1020
808
  private readonly documentPermissionService?;
1021
809
  private readonly featureFlags;
1022
810
  private readonly port;
1023
- private readonly authorizationService?;
1024
811
  private initialized;
1025
812
  private coreSubgraphsMap;
1026
813
  private contextFields;
1027
814
  private readonly subgraphs;
1028
- private authService;
1029
815
  private readonly subgraphWsDisposers;
1030
816
  readonly driveOwnershipCache: DriveOwnershipCache;
1031
817
  /** Cached document models for schema generation - updated on init and regenerate */
@@ -1037,7 +823,8 @@ declare class GraphQLManager {
1037
823
  * it for reactor-drive parents.
1038
824
  */
1039
825
  readonly reactorDriveClient?: IDriveClient;
1040
- constructor(path: string, httpServer: http.Server, wsServer: WebSocketServer, reactorClient: IReactorClient, relationalDb: IRelationalDb, analyticsStore: IAnalyticsStore, syncManager: ISyncManager, logger: ILogger, httpAdapter: IHttpAdapter, gatewayAdapter: IGatewayAdapter<Context$1>, authConfig?: AuthConfig | undefined, documentPermissionService?: DocumentPermissionService | undefined, featureFlags?: GraphqlManagerFeatureFlags, port?: number, authorizationService?: AuthorizationService | undefined, reactorDriveClient?: IDriveClient);
826
+ private readonly authorizationService;
827
+ constructor(path: string, httpServer: http.Server, wsServer: WebSocketServer, reactorClient: IReactorClient, relationalDb: IRelationalDb, analyticsStore: IAnalyticsStore, syncManager: ISyncManager, logger: ILogger, httpAdapter: IHttpAdapter, gatewayAdapter: IGatewayAdapter<Context$1>, authService?: AuthService | undefined, documentPermissionService?: DocumentPermissionService | undefined, featureFlags?: GraphqlManagerFeatureFlags, port?: number, authorizationService?: IAuthorizationService, reactorDriveClient?: IDriveClient);
1041
828
  init(coreSubgraphs: SubgraphClass$1[], authMiddleware?: AuthFetchMiddleware): Promise<void>;
1042
829
  /**
1043
830
  * Regenerate document model subgraphs when models are dynamically loaded.
@@ -1053,6 +840,12 @@ declare class GraphQLManager {
1053
840
  * Get the base path used for subgraph registration.
1054
841
  */
1055
842
  getBasePath(): string;
843
+ /**
844
+ * Get the authorization service shared with subgraphs. Use this when
845
+ * constructing a subgraph instance externally for
846
+ * {@link registerSubgraphInstance}.
847
+ */
848
+ getAuthorizationService(): IAuthorizationService;
1056
849
  registerSubgraph(subgraph: SubgraphClass$1, supergraph?: string, core?: boolean): Promise<ISubgraph$1>;
1057
850
  updateRouter: (immediate?: boolean) => Promise<void>;
1058
851
  private _updateRouter;
@@ -3007,6 +2800,17 @@ type Options = {
3007
2800
  attachmentStoragePath?: string;
3008
2801
  };
3009
2802
  type ProcessorInitializer = ProcessorFactoryBuilder;
2803
+ /**
2804
+ * Doc-perms require auth: with auth off no `user` is ever resolved, so every
2805
+ * authorization check fails closed. Refuse to boot rather than run broken.
2806
+ */
2807
+ declare function assertAuthRequiredForDocumentPermissions(authEnabled: boolean, documentPermissionsRequested: boolean): void;
2808
+ /**
2809
+ * Refuses SKIP_CREDENTIAL_VERIFICATION at boot outside tests or an explicit
2810
+ * opt-in: it removes the only binding between a token's claimed address and its
2811
+ * signing key. Fail-closed — unset NODE_ENV counts as production.
2812
+ */
2813
+ declare function assertSkipCredentialVerificationAllowed(authEnabled: boolean, skipCredentialVerification: boolean, env: NodeJS.ProcessEnv): void;
3010
2814
  /**
3011
2815
  * Initializes and starts the API server using an initializer function.
3012
2816
  * This function first loads packages to get document models, then calls the initializer function
@@ -3023,7 +2827,7 @@ type ProcessorInitializer = ProcessorFactoryBuilder;
3023
2827
  * ops to it; legacy switchboards omit it.
3024
2828
  */
3025
2829
  interface ClientInitializerResult {
3026
- module: ReactorClientModule;
2830
+ module: InProcessReactorClientModule;
3027
2831
  reactorDriveClient?: IDriveClient;
3028
2832
  }
3029
2833
  declare function initializeAndStartAPI(clientInitializer: (documentModels: DocumentModelModule[]) => Promise<ClientInitializerResult>, options: Options, processorApp: ProcessorApp): Promise<API & {
@@ -3066,5 +2870,5 @@ interface DocumentModelSchemaOptions {
3066
2870
  */
3067
2871
  declare function generateDocumentModelSchema(documentModel: DocumentModelGlobalState$1, options?: DocumentModelSchemaOptions): DocumentNode;
3068
2872
  //#endregion
3069
- export { ADMIN_USERS, API, Action, ActionContext, ActionContextInput, ActionContextInputSchema, ActionContextResolvers, ActionInput, ActionInputSchema, ActionResolvers, AddRelationshipDocument, AddRelationshipMutation, AddRelationshipMutationVariables, AnalyticsSubgraph, AuthConfig, AuthContext, AuthFetchMiddleware, AuthService, AuthSubgraph, BaseSubgraph, ChannelMeta, ChannelMetaInput, ChannelMetaInputSchema, ChannelMetaResolvers, ClientInitializerResult, Context, CreateDocumentDocument, CreateDocumentMutation, CreateDocumentMutationVariables, CreateEmptyDocumentDocument, CreateEmptyDocumentMutation, CreateEmptyDocumentMutationVariables, DateTimeScalarConfig, DbClient, DeadLetterInfo, DeadLetterInfoResolvers, DeleteDocumentDocument, DeleteDocumentMutation, DeleteDocumentMutationVariables, DeleteDocumentsDocument, DeleteDocumentsMutation, DeleteDocumentsMutationVariables, DirectiveResolverFn, DocumentChangeContext, DocumentChangeContextResolvers, DocumentChangeEvent, DocumentChangeEventResolvers, DocumentChangeType, DocumentChangeTypeSchema, DocumentChangesDocument, DocumentChangesSubscription, DocumentChangesSubscriptionVariables, DocumentGroupPermissionEntry, DocumentGroupPermissionTable, DocumentModelGlobalState, DocumentModelGlobalStateResolvers, DocumentModelResultPage, DocumentModelResultPageResolvers, DocumentModelSchemaOptions, DocumentOperationsFilterInput, DocumentOperationsFilterInputSchema, DocumentPermissionConfig, DocumentPermissionDatabase, DocumentPermissionEntry, DocumentPermissionLevel, DocumentPermissionService, DocumentPermissionTable, DocumentProtectionTable, DocumentWithChildren, DocumentWithChildrenResolvers, Exact, FetchHandler, FindDocumentsDocument, FindDocumentsQuery, FindDocumentsQueryVariables, GatewayAdapterType, GatewayContextFactory, GetDocumentDocument, GetDocumentIncomingRelationshipsDocument, GetDocumentIncomingRelationshipsQuery, GetDocumentIncomingRelationshipsQueryVariables, GetDocumentModelsDocument, GetDocumentModelsQuery, GetDocumentModelsQueryVariables, GetDocumentOperationsDocument, GetDocumentOperationsQuery, GetDocumentOperationsQueryVariables, GetDocumentOutgoingRelationshipsDocument, GetDocumentOutgoingRelationshipsQuery, GetDocumentOutgoingRelationshipsQueryVariables, GetDocumentQuery, GetDocumentQueryVariables, GetDocumentWithOperationsDocument, GetDocumentWithOperationsQuery, GetDocumentWithOperationsQueryVariables, GetJobStatusDocument, GetJobStatusQuery, GetJobStatusQueryVariables, GetParentIdsFn, GqlDocument, GqlDriveDocument, GqlOperation, GqlOperationContext, GqlSigner, GqlSignerApp, GqlSignerUser, GraphQLManager, GraphqlManagerFeatureFlags, Group, GroupTable, HttpAdapterSetup, HttpAdapterType, HttpDocumentModelLoader, HttpPackageLoader, HttpPackageLoaderLogger, HttpPackageLoaderOptions, IGatewayAdapter, IHttpAdapter, type IPackageLoader, type IPackageLoaderOptions, IPackageStorage, IReactorProcessorHostModule, ISubgraph, ImportPackageLoader, InMemoryPackageStorage, Incremental, InputMaybe, InstallPackageResult, InstalledPackageInfo, IsTypeOfResolverFn, JobChangeEvent, JobChangeEventResolvers, JobChangesDocument, JobChangesSubscription, JobChangesSubscriptionVariables, JobInfo, JobInfoResolvers, JsonObjectScalarConfig, MakeEmpty, MakeMaybe, MakeOptional, Maybe, MoveRelationshipDocument, MoveRelationshipMutation, MoveRelationshipMutationVariables, MoveRelationshipResult, MoveRelationshipResultResolvers, MutateDocumentAsyncDocument, MutateDocumentAsyncMutation, MutateDocumentAsyncMutationVariables, MutateDocumentDocument, MutateDocumentMutation, MutateDocumentMutationVariables, Mutation, MutationAddRelationshipArgs, MutationCreateDocumentArgs, MutationCreateEmptyDocumentArgs, MutationDeleteDocumentArgs, MutationDeleteDocumentsArgs, MutationMoveRelationshipArgs, MutationMutateDocumentArgs, MutationMutateDocumentAsyncArgs, MutationPushSyncEnvelopesArgs, MutationRemoveRelationshipArgs, MutationRenameDocumentArgs, MutationResolvers, MutationSetPreferredEditorArgs, MutationTouchChannelArgs, NextResolverFn, OperationContext, OperationContextInput, OperationContextInputSchema, OperationContextResolvers, OperationGroupPermissionEntry, OperationGroupPermissionTable, OperationInput, OperationInputSchema, OperationUserPermissionEntry, OperationUserPermissionTable, OperationWithContext, OperationWithContextInput, OperationWithContextInputSchema, OperationWithContextResolvers, OperationsFilterInput, OperationsFilterInputSchema, PackageManagementService, PackageManagementServiceOptions, PackageManager, PackagesSubgraph, type PackagesSubgraphArgs, PagingInput, PagingInputSchema, type ParsedDriveUrl, PgliteFactory, PhDocument, PhDocumentFieldsFragment, PhDocumentFieldsFragmentDoc, PhDocumentOperationsArgs, PhDocumentResolvers, PhDocumentResultPage, PhDocumentResultPageResolvers, PollSyncEnvelopesDocument, PollSyncEnvelopesQuery, PollSyncEnvelopesQueryVariables, PollSyncEnvelopesResult, PollSyncEnvelopesResultResolvers, Processor, ProcessorDriveFactory, ProcessorFactoryBuilder, PropagationMode, PropagationModeSchema, PushSyncEnvelopesDocument, PushSyncEnvelopesMutation, PushSyncEnvelopesMutationVariables, Query, QueryDocumentArgs, QueryDocumentIncomingRelationshipsArgs, QueryDocumentModelsArgs, QueryDocumentOperationsArgs, QueryDocumentOutgoingRelationshipsArgs, QueryFindDocumentsArgs, QueryJobStatusArgs, QueryPollSyncEnvelopesArgs, QueryResolvers, ReactorModule, ReactorOperation, ReactorOperationResolvers, ReactorOperationResultPage, ReactorOperationResultPageResolvers, ReactorSigner, ReactorSignerApp, ReactorSignerAppInput, ReactorSignerAppInputSchema, ReactorSignerAppResolvers, ReactorSignerInput, ReactorSignerInputSchema, ReactorSignerResolvers, ReactorSignerUser, ReactorSignerUserInput, ReactorSignerUserInputSchema, ReactorSignerUserResolvers, ReactorSubgraph, ReadinessGate, RemoteCursor, RemoteCursorInput, RemoteCursorInputSchema, RemoteCursorResolvers, RemoteFilterInput, RemoteFilterInputSchema, RemoveRelationshipDocument, RemoveRelationshipMutation, RemoveRelationshipMutationVariables, RenameDocumentDocument, RenameDocumentMutation, RenameDocumentMutationVariables, Requester, RequireFields, Resolver, ResolverFn, ResolverTypeWrapper, ResolverWithResolve, Resolvers, ResolversObject, ResolversParentTypes, ResolversTypes, Revision, RevisionResolvers, Scalars, Sdk, SearchFilterInput, SearchFilterInputSchema, SetPreferredEditorDocument, SetPreferredEditorMutation, SetPreferredEditorMutationVariables, SubgraphArgs, SubgraphClass, SubgraphDefinition, Subscription, SubscriptionDocumentChangesArgs, SubscriptionJobChangesArgs, SubscriptionObject, SubscriptionResolveFn, SubscriptionResolver, SubscriptionResolverObject, SubscriptionResolvers, SubscriptionSubscribeFn, SubscriptionSubscriberObject, SyncEnvelope, SyncEnvelopeInput, SyncEnvelopeInputSchema, SyncEnvelopeResolvers, SyncEnvelopeType, SyncEnvelopeTypeSchema, SystemSubgraph, TlsOptions, TouchChannelDocument, TouchChannelInput, TouchChannelInputSchema, TouchChannelMutation, TouchChannelMutationVariables, TouchChannelResult, TouchChannelResultResolvers, TypeResolveFn, User, UserGroupTable, ViewFilterInput, ViewFilterInputSchema, WithIndex, WsContextFactory, WsDisposer, buildGraphQlDocument, buildGraphQlDriveDocument, buildGraphqlOperation, buildGraphqlOperations, buildSubgraphSchemaModule, createAuthFetchMiddleware, createGatewayAdapter, createHttpAdapter, createMergedSchema, createReactorGraphQLClient, createSchema, definedNonNullAnySchema, driveIdFromUrl, extractSubgraphsFromModule, generateDocumentModelSchema, getAuthContext, getDbClient, getDocumentModelSchemaName, getDocumentModelTypeDefs, getGitHash, getGitUrl, getSdk, getUniqueDocumentModels, getVersion, initAnalyticsStoreSql, initializeAndStartAPI, isDefinedNonNullAny, isExpectedLoaderMiss, isSubgraphClass, parseDriveUrl, renderGraphqlPlayground };
2873
+ export { ADMIN_USERS, API, Action, ActionContext, ActionContextInput, ActionContextInputSchema, ActionContextResolvers, ActionInput, ActionInputSchema, ActionResolvers, AddRelationshipDocument, AddRelationshipMutation, AddRelationshipMutationVariables, AnalyticsSubgraph, AuthConfig, AuthContext, AuthFetchMiddleware, AuthService, AuthSubgraph, type AuthorizationConfig, AuthorizationPolicy, AuthorizedDocumentHandle, BaseSubgraph, type CanonicalDocumentId, ChannelMeta, ChannelMetaInput, ChannelMetaInputSchema, ChannelMetaResolvers, ClientInitializerResult, Context, CreateDocumentDocument, CreateDocumentMutation, CreateDocumentMutationVariables, CreateEmptyDocumentDocument, CreateEmptyDocumentMutation, CreateEmptyDocumentMutationVariables, DateTimeScalarConfig, DbClient, DeadLetterInfo, DeadLetterInfoResolvers, DeleteDocumentDocument, DeleteDocumentMutation, DeleteDocumentMutationVariables, DeleteDocumentsDocument, DeleteDocumentsMutation, DeleteDocumentsMutationVariables, DirectiveResolverFn, DocumentChangeContext, DocumentChangeContextResolvers, DocumentChangeEvent, DocumentChangeEventResolvers, DocumentChangeType, DocumentChangeTypeSchema, DocumentChangesDocument, DocumentChangesSubscription, DocumentChangesSubscriptionVariables, DocumentModelGlobalState, DocumentModelGlobalStateResolvers, DocumentModelResultPage, DocumentModelResultPageResolvers, DocumentModelSchemaOptions, DocumentOperationsFilterInput, DocumentOperationsFilterInputSchema, DocumentPermissionConfig, DocumentPermissionDatabase, DocumentPermissionEntry, DocumentPermissionLevel, DocumentPermissionService, DocumentPermissionTable, DocumentProtectionTable, DocumentWithChildren, DocumentWithChildrenResolvers, Exact, FetchHandler, FindDocumentsDocument, FindDocumentsQuery, FindDocumentsQueryVariables, GatewayAdapterType, GatewayContextFactory, GetDocumentDocument, GetDocumentIncomingRelationshipsDocument, GetDocumentIncomingRelationshipsQuery, GetDocumentIncomingRelationshipsQueryVariables, GetDocumentModelsDocument, GetDocumentModelsQuery, GetDocumentModelsQueryVariables, GetDocumentOperationsDocument, GetDocumentOperationsQuery, GetDocumentOperationsQueryVariables, GetDocumentOutgoingRelationshipsDocument, GetDocumentOutgoingRelationshipsQuery, GetDocumentOutgoingRelationshipsQueryVariables, GetDocumentQuery, GetDocumentQueryVariables, GetDocumentWithOperationsDocument, GetDocumentWithOperationsQuery, GetDocumentWithOperationsQueryVariables, GetJobStatusDocument, GetJobStatusQuery, GetJobStatusQueryVariables, GetParentIdsFn, GqlDocument, GqlDriveDocument, GqlOperation, GqlOperationContext, GqlSigner, GqlSignerApp, GqlSignerUser, GraphQLManager, GraphqlManagerFeatureFlags, HttpAdapterSetup, HttpAdapterType, HttpDocumentModelLoader, HttpPackageLoader, HttpPackageLoaderLogger, HttpPackageLoaderOptions, type IAuthorizationService, IGatewayAdapter, IHttpAdapter, type IPackageLoader, type IPackageLoaderOptions, IPackageStorage, IReactorProcessorHostModule, ISubgraph, ImportPackageLoader, InMemoryPackageStorage, Incremental, InputMaybe, InstallPackageResult, InstalledPackageInfo, IsTypeOfResolverFn, JobChangeEvent, JobChangeEventResolvers, JobChangesDocument, JobChangesSubscription, JobChangesSubscriptionVariables, JobInfo, JobInfoResolvers, JsonObjectScalarConfig, MakeEmpty, MakeMaybe, MakeOptional, Maybe, MoveRelationshipDocument, MoveRelationshipMutation, MoveRelationshipMutationVariables, MoveRelationshipResult, MoveRelationshipResultResolvers, MutateDocumentAsyncDocument, MutateDocumentAsyncMutation, MutateDocumentAsyncMutationVariables, MutateDocumentDocument, MutateDocumentMutation, MutateDocumentMutationVariables, Mutation, MutationAddRelationshipArgs, MutationCreateDocumentArgs, MutationCreateEmptyDocumentArgs, MutationDeleteDocumentArgs, MutationDeleteDocumentsArgs, MutationMoveRelationshipArgs, MutationMutateDocumentArgs, MutationMutateDocumentAsyncArgs, MutationPushSyncEnvelopesArgs, MutationRemoveRelationshipArgs, MutationRenameDocumentArgs, MutationResolvers, MutationSetPreferredEditorArgs, MutationTouchChannelArgs, NextResolverFn, OperationContext, OperationContextInput, OperationContextInputSchema, OperationContextResolvers, OperationInput, OperationInputSchema, OperationUserPermissionEntry, OperationUserPermissionTable, OperationWithContext, OperationWithContextInput, OperationWithContextInputSchema, OperationWithContextResolvers, OperationsFilterInput, OperationsFilterInputSchema, PackageManagementService, PackageManagementServiceOptions, PackageManager, PackagesSubgraph, type PackagesSubgraphArgs, PagingInput, PagingInputSchema, type ParsedDriveUrl, PgliteFactory, PhDocument, PhDocumentFieldsFragment, PhDocumentFieldsFragmentDoc, PhDocumentOperationsArgs, PhDocumentResolvers, PhDocumentResultPage, PhDocumentResultPageResolvers, PollSyncEnvelopesDocument, PollSyncEnvelopesQuery, PollSyncEnvelopesQueryVariables, PollSyncEnvelopesResult, PollSyncEnvelopesResultResolvers, Processor, ProcessorDriveFactory, ProcessorFactoryBuilder, PropagationMode, PropagationModeSchema, PushSyncEnvelopesDocument, PushSyncEnvelopesMutation, PushSyncEnvelopesMutationVariables, Query, QueryDocumentArgs, QueryDocumentIncomingRelationshipsArgs, QueryDocumentModelsArgs, QueryDocumentOperationsArgs, QueryDocumentOutgoingRelationshipsArgs, QueryFindDocumentsArgs, QueryJobStatusArgs, QueryPollSyncEnvelopesArgs, QueryResolvers, ReactorModule, ReactorOperation, ReactorOperationResolvers, ReactorOperationResultPage, ReactorOperationResultPageResolvers, ReactorSigner, ReactorSignerApp, ReactorSignerAppInput, ReactorSignerAppInputSchema, ReactorSignerAppResolvers, ReactorSignerInput, ReactorSignerInputSchema, ReactorSignerResolvers, ReactorSignerUser, ReactorSignerUserInput, ReactorSignerUserInputSchema, ReactorSignerUserResolvers, ReactorSubgraph, ReadinessGate, RemoteCursor, RemoteCursorInput, RemoteCursorInputSchema, RemoteCursorResolvers, RemoteFilterInput, RemoteFilterInputSchema, RemoveRelationshipDocument, RemoveRelationshipMutation, RemoveRelationshipMutationVariables, RenameDocumentDocument, RenameDocumentMutation, RenameDocumentMutationVariables, Requester, RequireFields, Resolver, ResolverFn, ResolverTypeWrapper, ResolverWithResolve, Resolvers, ResolversObject, ResolversParentTypes, ResolversTypes, Revision, RevisionResolvers, Scalars, Sdk, SearchFilterInput, SearchFilterInputSchema, SetPreferredEditorDocument, SetPreferredEditorMutation, SetPreferredEditorMutationVariables, SubgraphArgs, SubgraphClass, SubgraphDefinition, Subscription, SubscriptionDocumentChangesArgs, SubscriptionJobChangesArgs, SubscriptionObject, SubscriptionResolveFn, SubscriptionResolver, SubscriptionResolverObject, SubscriptionResolvers, SubscriptionSubscribeFn, SubscriptionSubscriberObject, SyncEnvelope, SyncEnvelopeInput, SyncEnvelopeInputSchema, SyncEnvelopeResolvers, SyncEnvelopeType, SyncEnvelopeTypeSchema, SystemSubgraph, TlsOptions, TouchChannelDocument, TouchChannelInput, TouchChannelInputSchema, TouchChannelMutation, TouchChannelMutationVariables, TouchChannelResult, TouchChannelResultResolvers, TypeResolveFn, User, ViewFilterInput, ViewFilterInputSchema, WithIndex, WsContextFactory, WsDisposer, assertAuthRequiredForDocumentPermissions, assertSkipCredentialVerificationAllowed, buildGraphQlDocument, buildGraphQlDriveDocument, buildGraphqlOperation, buildGraphqlOperations, buildSubgraphSchemaModule, createAuthFetchMiddleware, createGatewayAdapter, createHttpAdapter, createMergedSchema, createReactorGraphQLClient, createSchema, definedNonNullAnySchema, driveIdFromUrl, extractSubgraphsFromModule, generateDocumentModelSchema, getAuthContext, getDbClient, getDocumentModelSchemaName, getDocumentModelTypeDefs, getGitHash, getGitUrl, getSdk, getUniqueDocumentModels, getVersion, initAnalyticsStoreSql, initializeAndStartAPI, isDefinedNonNullAny, isExpectedLoaderMiss, isSubgraphClass, parseDriveUrl, renderGraphqlPlayground };
3070
2874
  //# sourceMappingURL=index.d.mts.map