@powerportalspro/core 5.0.0-beta.2 → 5.0.0

package/dist/index.js

@@ -90,8 +90,8 @@ var auth = {
   confirmEmail: `${authRoot}/confirm-email`,
   /** POST — send a fresh confirmation email. */
   resendEmailConfirmation: `${authRoot}/resend-email-confirmation`,
-  /** GET — list of configured external (OAuth) login providers. */
-  externalProviders: `${authRoot}/external-providers`,
+  /** GET — anonymous auth options for the sign-in UI: the local-accounts flag plus the configured external (OAuth) providers. */
+  options: `${authRoot}/options`,
   /** GET — kicks off the OAuth flow for the named external provider. Full-page navigate, do not fetch. */
   externalLogin: `${authRoot}/external-login`,
   /** GET — snapshot the in-flight external-login cookie set by the OAuth callback. */
@@ -129,14 +129,39 @@ var api = {
   retrieveLocalizedStrings: `${apiRoot}/localizedStrings/{culture}`,
   /** Template — POST a batch of OrganizationRequest payloads. */
   executeMultiple: `${apiRoot}/executeMultiple`,
-  /** GET — environment-wide file upload settings (blocked extensions, max upload size). */
-  environmentFileSettings: `${apiRoot}/environmentFileSettings`,
+  /**
+   * GET — organization-wide settings sourced from the Dataverse `organization` record:
+   * default currency plus file-upload constraints (blocked extensions, max upload size).
+   * Replaces the legacy `/api/environmentFileSettings` endpoint.
+   */
+  organizationSettings: `${apiRoot}/organizationSettings`,
   /** POST — clear all server-side caches. SystemAdmin-only. */
   clearAllCaches: `${apiRoot}/caches/clear`,
   /** GET — every server-side cache name. SystemAdmin-only. */
   cacheNames: `${apiRoot}/caches`,
   /** Template — POST to clear a single named cache. SystemAdmin-only. */
   clearCache: `${apiRoot}/caches/{cacheName}/clear`,
+  /**
+   * GET — admin localization overview: configured sources plus the per-source
+   * load records produced by the most recent warmup. SystemAdmin-only. Backs
+   * the LocalizationAdmin component (Blazor-only today; React mirror TBD).
+   */
+  localizationOverview: `${apiRoot}/localizations/overview`,
+  /**
+   * GET — JSON of the keys one source contributed to one culture during the most
+   * recent warmup. `sourceId` + `culture` are query-string parameters (a sourceId
+   * can contain colons/slashes, so they're not path segments). SystemAdmin-only.
+   */
+  localizationSourceDownload: `${apiRoot}/localizations/sources/download`,
+  /**
+   * GET — JSON of every key the cache will serve for a culture (post-merge winning
+   * values across all sources). `culture` is a query-string parameter. SystemAdmin-only.
+   */
+  localizationMergedDownload: `${apiRoot}/localizations/merged/download`,
+  /** GET — whether translation is configured, the managed solution is installed, and the candidate target languages. SystemAdmin-only. */
+  localizationTranslationAvailability: `${apiRoot}/localizations/translation/availability`,
+  /** POST — translate an uploaded localization file into one or more target languages. SystemAdmin-only. */
+  localizationTranslate: `${apiRoot}/localizations/translation`,
   /** Template — GET file metadata + (optionally) content for one record/column. */
   retrieveFileInfo: `${apiRoot}/files/{tableLogicalName}/{recordId}/{columnName}`,
   /** Template — POST record ids; returns file info + content for many records of one column. */
@@ -172,10 +197,10 @@ var api = {
   getRetrieveTableMetadataRoute: (tableLogicalName) => `${apiRoot}/tableMetadata/${tableLogicalName}`,
   /**
    * Resolved URL for retrieving the current user's combined
-   * `TableSecurityPermission` mask for a single table. Mirrors the
-   * server-side `ITablePermissionCache.GetPermissionForUserAsync` lookup
-   * the Blazor grid buttons already use via DI — exposed so the React
-   * client can read the same answer without firing a grid query.
+   * `TableSecurityPermission` mask for a single table. Routes through
+   * the server-side `ITablePermissionCache.GetPermissionForUserAsync`
+   * lookup so the client can read the table-level answer without firing
+   * a grid query.
    * `GridDataResponse.tablePermissions` carries the same value when a
    * grid query happens to be in flight; this endpoint covers the other
    * cases (custom toolbars, conditional UI elsewhere on the page).
@@ -457,11 +482,16 @@ var AuthClient = class {
   getCurrentUserAsync(signal) {
     return this.transport.sendJson("GET", Routes.api.auth.me, bodyAndSignal(void 0, signal));
   }
-  /** Lists the configured external (OAuth) login providers (Microsoft, Google, …). */
-  getExternalLoginProvidersAsync(signal) {
+  /**
+   * Anonymous auth options for the sign-in UI: whether the portal accepts local
+   * username/password accounts (`localAccountsEnabled`) plus the configured external
+   * providers — one round-trip the login page uses to decide whether to render the
+   * local form / register + reset links and which provider buttons to show.
+   */
+  getAuthOptionsAsync(signal) {
     return this.transport.sendJson(
       "GET",
-      Routes.api.auth.externalProviders,
+      Routes.api.auth.options,
       bodyAndSignal(void 0, signal)
     );
   }
@@ -676,10 +706,9 @@ var PowerPortalsProClient = class {
   }
   // --- Records (CRUD + FetchXML) ---------------------------------------------------
   /**
-   * Creates a new record. URL is derived from `record.tableName`. Server marks all
-   * properties as modified before applying so column values arriving from JSON
-   * (which carry no dirty flags) round-trip the same way they do from Blazor's
-   * dirty-tracked records.
+   * Creates a new record. URL is derived from `record.tableName`. The server
+   * marks every property as modified before applying so column values
+   * arriving from JSON (which carry no dirty flags) round-trip correctly.
    */
   createRecordAsync(record, signal) {
     return this.transport.sendJson(
@@ -699,6 +728,137 @@ var PowerPortalsProClient = class {
       signal ? { signal } : {}
     );
   }
+  // --- Localization translation (admin) --------------------------------------------
+  /**
+   * Probes whether the localization-translation feature is usable: whether a translation
+   * provider is configured, whether the managed solution is installed, and the candidate
+   * target languages (the portal's cultures annotated with provider-translatability).
+   * SystemAdmin-gated.
+   */
+  getTranslationAvailabilityAsync(signal) {
+    return this.transport.sendJson(
+      "GET",
+      Routes.api.localizationTranslationAvailability,
+      signal ? { signal } : {}
+    );
+  }
+  /**
+   * Translates an uploaded localization file into one or more target languages, reusing the
+   * Dataverse translation memory. Returns one file per language (base64 `content`) plus a zip
+   * of all and translated-vs-reused counts. SystemAdmin-gated.
+   */
+  translateLocalizationFileAsync(request, signal) {
+    return this.transport.sendJson(
+      "POST",
+      Routes.api.localizationTranslate,
+      { body: request, ...signal ? { signal } : {} }
+    );
+  }
+  // --- Localization admin overview (admin) -----------------------------------------
+  /**
+   * Reads the admin localization overview: the configured warmup pipeline plus the
+   * per-source load records (load order, source kind, cultures touched, key counts,
+   * how many keys overrode an earlier source, duration, status) from the most recent
+   * warmup. Backs the `<LocalizationAdmin />` panel. SystemAdmin-gated.
+   */
+  getLocalizationOverviewAsync(signal) {
+    return this.transport.sendJson(
+      "GET",
+      Routes.api.localizationOverview,
+      signal ? { signal } : {}
+    );
+  }
+  /**
+   * Downloads the JSON one source contributed to one culture during the most recent
+   * warmup — a translation-handoff snapshot. Returns `null` when the source/culture
+   * pair isn't tracked (the server answers 404 — cache cleared, source removed, or
+   * the culture has no entries for that source). SystemAdmin-gated.
+   */
+  downloadLocalizationSourceAsync(sourceId, culture, signal) {
+    const query = new URLSearchParams({ sourceId, culture }).toString();
+    return this.downloadLocalizationFile(
+      `${Routes.api.localizationSourceDownload}?${query}`,
+      signal
+    );
+  }
+  /**
+   * Downloads the merged JSON of every key the cache will serve for a culture (the
+   * post-merge winning value across all sources) — a complete-snapshot reference.
+   * Returns `null` when the culture has no entries (404). SystemAdmin-gated.
+   */
+  downloadMergedLocalizationsAsync(culture, signal) {
+    const query = new URLSearchParams({ culture }).toString();
+    return this.downloadLocalizationFile(
+      `${Routes.api.localizationMergedDownload}?${query}`,
+      signal
+    );
+  }
+  /**
+   * Shared binary-download path for the two localization download endpoints. Reads
+   * the raw bytes via `response.arrayBuffer()` and derives the filename from the
+   * `Content-Disposition` header (matching {@link createFileArchiveAsync}). Maps a
+   * 404 to `null` so callers can show a "nothing to download" message instead of
+   * surfacing it as an error.
+   */
+  async downloadLocalizationFile(path, signal) {
+    try {
+      const response = await this.transport.send("GET", path, signal ? { signal } : {});
+      const fileName = parseContentDispositionFileName(response.headers.get("Content-Disposition")) ?? "localization.json";
+      const buffer = await response.arrayBuffer();
+      return { fileName, data: new Uint8Array(buffer) };
+    } catch (error) {
+      if (error instanceof PowerPortalsProError && error.status === 404) return null;
+      throw error;
+    }
+  }
+  // --- Cache administration (admin) ------------------------------------------------
+  /**
+   * Lists every registered server-side cache by name — the values that
+   * {@link clearCacheAsync} accepts. Backs the per-cache buttons on an admin
+   * "clear caches" page; render them sorted client-side for a stable order.
+   * SystemAdmin-gated.
+   */
+  getCacheNamesAsync(signal) {
+    return this.transport.sendJson(
+      "GET",
+      Routes.api.cacheNames,
+      signal ? { signal } : {}
+    );
+  }
+  /**
+   * Clears every registered server-side cache and returns one
+   * {@link CacheClearResult} per cache (name, success flag, error, elapsed ms).
+   * Per-cache failures are reported in the result rows rather than thrown, so a
+   * single misbehaving cache doesn't abort the rest — inspect `succeeded` on each
+   * row. SystemAdmin-gated.
+   */
+  clearAllCachesAsync(signal) {
+    return this.transport.sendJson(
+      "POST",
+      Routes.api.clearAllCaches,
+      signal ? { signal } : {}
+    );
+  }
+  /**
+   * Clears a single named cache (case-insensitive match against
+   * {@link getCacheNamesAsync}). Returns the {@link CacheClearResult}, or `null`
+   * when no cache by that name is registered (the server answers 404). A clear
+   * that runs but throws internally comes back as a result row with
+   * `succeeded: false` — that's distinct from the not-found `null`.
+   * SystemAdmin-gated.
+   */
+  async clearCacheAsync(name, signal) {
+    try {
+      return await this.transport.sendJson(
+        "POST",
+        Routes.api.getClearCacheRoute(name),
+        signal ? { signal } : {}
+      );
+    } catch (error) {
+      if (error instanceof PowerPortalsProError && error.status === 404) return null;
+      throw error;
+    }
+  }
   /**
    * Runs a FetchXML query and returns the matching records plus paging info.
    * The query is the FetchXML XML literal — the same format Dataverse natively accepts.
@@ -722,10 +882,12 @@ var PowerPortalsProClient = class {
    * client can render headers + dispatch cells without a separate
    * metadata round-trip.
    *
-   * Exactly one of <c>request.viewId</c> or <c>request.fetchXml</c> must
-   * be supplied; sending both or neither returns a 400.
+   * At least one of <c>request.viewId</c> or <c>request.fetchXml</c> must
+   * be supplied (neither returns a 400). Both may be supplied together — the
+   * <c>fetchXml</c> is the query and the <c>viewId</c> names the view for
+   * localized column-title resolution.
    *
-   * Mirrors how the Blazor `IGridService` is consumed —
+   * Mirrors how the is consumed
    * `@powerportalspro/react`'s `useGridData` hook calls this method
    * internally, so most consumers don't invoke it directly.
    */
@@ -737,7 +899,7 @@ var PowerPortalsProClient = class {
     );
   }
   /**
-   * Updates an existing record. URL is derived from `record.tableName` and `record.id` —
+   * Updates an existing record. URL is derived from `record.tableName` and `record.id`
    * `record.id` must be set. For a new record, use {@link createRecordAsync} instead.
    */
   updateRecordAsync(record, signal) {
@@ -753,9 +915,8 @@ var PowerPortalsProClient = class {
     );
   }
   /**
-   * Executes a batch of {@link OrganizationRequest}s as a single round-trip,
-   * matching Blazor's `IPowerPortalsProService.ExecuteMultipleAsync`. The
-   * MainContext save flow uses this to ship every dirty descendant's
+   * Executes a batch of {@link OrganizationRequest}s as a single round-trip.
+   * The MainContext save flow uses this to ship every dirty descendant's
    * requests in one shot so a multi-record save lands transactionally
    * server-side.
    *
@@ -792,7 +953,7 @@ var PowerPortalsProClient = class {
    * query, performs the multi-series pivot, and applies combined
    * date-label formatting using the request culture.
    *
-   * Mirrors how the Blazor `IChartService` is consumed —
+   * Mirrors how the is consumed
    * `@powerportalspro/react-charts`'s `DataverseChartDataSource` family
    * calls this method internally, so most consumers don't invoke it
    * directly.
@@ -817,12 +978,13 @@ var PowerPortalsProClient = class {
    * Returns the current user's combined table-level `TableSecurityPermission`
    * bitmask for `tableLogicalName` — the bitwise union of Read / Create /
    * Write / Delete / Append / AppendTo flags any registered
-   * `ITablePermissionHandler` allows for that user on that table. Mirrors
-   * the cached `ITablePermissionCache.GetPermissionForUserAsync` lookup
-   * Blazor's grid buttons already use directly via DI. Wrapped client-side
-   * by the `useTablePermissions(tableName)` React hook with in-flight-promise
-   * dedup; reach for the raw client only when you're outside React (e.g.
-   * a sample stand-alone script) or need an imperative one-off check.
+   * `ITablePermissionHandler` allows for that user on that table. Routed
+   * server-side through the cached `ITablePermissionCache` lookup.
+   *
+   * Wrapped by the `useTablePermissions(tableName)` React hook with
+   * in-flight-promise dedup; reach for the raw client only when you're
+   * outside React (e.g. a stand-alone script) or need an imperative
+   * one-off check.
    *
    * Returns `0` (`TableSecurityPermission.None`) when the user has no
    * permissions on the table; consumers compare via bit math (e.g.
@@ -957,14 +1119,14 @@ var PowerPortalsProClient = class {
    * override files (last-wins). Use this to seed the React-side localizer
    * with one round-trip.
    *
-   * Returned shape is a nested object that mirrors the source JSON files —
+   * Returned shape is a nested object that mirrors the source JSON files
    * `{ app: { buttons: { save: { label: "Save" } } }, tables: { contact: ... } }`.
    * The client typically flattens this to dotted-key form for `t()` lookup
    * (see {@link flattenStrings} in `@powerportalspro/react`).
    *
    * @param culture culture code matching what server-side ASP.NET request
-   *   localization recognizes — e.g. `"en"`, `"es"`, `"fr-CA"`. Falls back
-   *   to the default culture server-side when the value isn't supported.
+   * localization recognizes — e.g. `"en"`, `"es"`, `"fr-CA"`. Falls back
+   * to the default culture server-side when the value isn't supported.
    */
   retrieveLocalizedStringsAsync(culture, signal) {
     return this.transport.sendJson(
@@ -1008,12 +1170,12 @@ var PowerPortalsProClient = class {
    * Two response shapes, selected by `request.responseFormat`:
    *
    * - **BinaryStream** (default): the server returns the raw archive bytes; this
-   *   method reads them via `response.arrayBuffer()` and wraps the result in a
-   *   {@link FileArchiveResult}, deriving `fileName` from the `Content-Disposition`
-   *   header and `contentType` from `Content-Type`. Most consumers want this path.
+   * method reads them via `response.arrayBuffer()` and wraps the result in a
+   * {@link FileArchiveResult}, deriving `fileName` from the `Content-Disposition`
+   * header and `contentType` from `Content-Type`. Most consumers want this path.
    * - **Json**: the server returns a {@link FileArchiveJsonResponse} envelope with
-   *   the archive bytes base64-encoded. Useful for test harnesses, service workers,
-   *   or callers that need to inspect filename/size before triggering a download.
+   * the archive bytes base64-encoded. Useful for test harnesses, service workers,
+   * or callers that need to inspect filename/size before triggering a download.
    *
    * Either way, the returned `data` is empty (`Uint8Array(0)`) when none of the
    * supplied records produced a usable file — the caller can surface a "nothing to
@@ -1047,10 +1209,24 @@ var PowerPortalsProClient = class {
    * upload size in KB). UI consumers use this to validate uploads client-side before
    * the round-trip, mirroring what the server enforces.
    */
-  getEnvironmentFileSettingsAsync(signal) {
+  /**
+   * Reads the org-wide settings sourced from the Dataverse `organization`
+   * record: default currency plus file-upload constraints
+   * (`blockedFileExtensions`, `maxUploadFileSizeInBytes`). Replaces the legacy
+   * `getEnvironmentFileSettingsAsync` — file fields now live on this combined
+   * response.
+   * <para>
+   * Primary consumers:
+   * </para>
+   * - Create-mode `<MoneyEdit>` reads `defaultCurrency` to render the right
+   * symbol on brand-new records before save.
+   * - File editors / FileGrid read the two file fields to reject invalid
+   * uploads client-side before the round-trip.
+   */
+  getOrganizationSettingsAsync(signal) {
     return this.transport.sendJson(
       "GET",
-      Routes.api.environmentFileSettings,
+      Routes.api.organizationSettings,
       signal ? { signal } : {}
     );
   }
@@ -1076,142 +1252,259 @@ function parseContentDispositionFileName(header) {
 
 // src/generated/result-codes.ts
 var AggregateType = {
+  /** No aggregation. */
   None: 0,
+  /** Count of rows (including nulls). */
   Count: 1,
+  /** Count of rows where the column is not null. */
   CountColumn: 2,
+  /** Sum of values. */
   Sum: 3,
+  /** Arithmetic mean of values. */
   Avg: 4,
+  /** Minimum value. */
   Min: 5,
+  /** Maximum value. */
   Max: 6
 };
 var ArchiveFormat = {
+  /** Standard ZIP archive (application/zip, .zip extension). Built via ZipArchive with Optimal. */
   Zip: 0
 };
 var ChangeEmailResult = {
+  /** A confirmation email was sent to the new address. The change does not take effect until the user clicks the link. */
   ConfirmationEmailSent: 0,
+  /** The submitted email matches the user's current email. Nothing was sent. The client should show a "this is already your email" message. */
   SameAsCurrentEmail: 1
 };
 var ChangePasswordResult = {
+  /** The password was changed. The auth cookie has been refreshed to pick up the new security stamp so other sessions are invalidated. */
   Success: 0,
+  /** The supplied old password did not match the current password. The client should show an "incorrect current password" error and allow retry. */
   IncorrectOldPassword: 1,
+  /** The new password did not satisfy the host's IdentityOptions.Password rules. Errors carries the per-rule messages so the client can show actionable feedback. */
   InvalidPassword: 2
 };
 var ChartDateGrouping = {
+  /** No date grouping — the column is grouped by its raw value. */
   None: 0,
+  /** Group by day (dategrouping="day"). Label: day number. */
   Day: 1,
+  /** Group by ISO week (dategrouping="week"). Label: week number. */
   Week: 2,
+  /** Group by calendar month (dategrouping="month"). Label: abbreviated month name (Jan, Feb, …) in the current culture. */
   Month: 3,
+  /** Group by calendar quarter (dategrouping="quarter"). Label: quarter number. */
   Quarter: 4,
+  /** Group by calendar year (dategrouping="year"). Label: year. */
   Year: 5,
+  /** Group by month + year. Label: "Jan 2024". */
   MonthAndYear: 6,
+  /** Group by day + month. Label: "15 Jan". */
   DayAndMonth: 7,
+  /** Group by day + month + year. Label: "15 Jan 2024". */
   DayAndMonthAndYear: 8,
+  /** Group by ISO week + year. Label: "W15 2024". */
   WeekAndYear: 9,
+  /** Group by quarter + year. Label: "Q1 2024". */
   QuarterAndYear: 10
 };
 var ColumnType = {
+  /** A Boolean attribute. Value = 0. */
   Boolean: 0,
+  /** An attribute that represents a customer. Value = 1. */
   Customer: 1,
+  /** A date/time attribute. Value = 2. */
   DateTime: 2,
+  /** A decimal attribute. Value = 3. */
   Decimal: 3,
+  /** A double attribute. Value = 4. */
   Double: 4,
+  /** An integer attribute. Value = 5. */
   Integer: 5,
+  /** A lookup attribute. Value = 6. */
   Lookup: 6,
+  /** A memo attribute. Value = 7. */
   Memo: 7,
+  /** A money attribute. Value = 8. */
   Money: 8,
+  /** An owner attribute. Value = 9. */
   Owner: 9,
+  /** A partylist attribute. Value = 10. */
   PartyList: 10,
+  /** A picklist (single-select choice) attribute. Value = 11. */
   Choice: 11,
+  /** A state attribute. Value = 12. */
   State: 12,
+  /** A status attribute. Value = 13. */
   Status: 13,
+  /** A string attribute. Value = 14. */
   String: 14,
+  /** A unique identifier (GUID) attribute. Value = 15. */
   Uniqueidentifier: 15,
+  /** An attribute that contains calendar rules. Value = 16. */
   CalendarRules: 16,
+  /** An attribute that is created by the system at run time. Value = 17. */
   Virtual: 17,
+  /** A big integer (long) attribute. Value = 18. */
   BigInt: 18,
+  /** A managed property attribute. Value = 19. */
   ManagedProperty: 19,
+  /** An entity name attribute. Value = 20. */
   EntityName: 20,
+  /** A multi-select choice attribute. Value = 40. PowerPortalsPro-specific (not present in Dataverse AttributeTypeCode). */
   MultiSelectChoice: 40,
+  /** A file attachment attribute. Value = 41. PowerPortalsPro-specific (not present in Dataverse AttributeTypeCode). */
   File: 41,
+  /** An image attribute. Value = 42. PowerPortalsPro-specific (not present in Dataverse AttributeTypeCode). */
   Image: 42
 };
 var ConfirmExternalLoginResult = {
+  /** The external login was linked (creating a new local account if needed) and the user has been signed in. The auth cookie is set on the response. */
   SignedIn: 0,
+  /** The account was created but the host requires email confirmation. A confirmation link has been sent; the user is NOT signed in yet. */
   ConfirmationEmailSent: 1,
+  /** No external-login cookie was found — the user landed on the confirm endpoint without a fresh OAuth callback. The client should redirect back to the login page. */
   NoPendingExternalLogin: 2,
+  /** Identity rejected the create / add-login operation (e.g. duplicate email already linked to a different account). Errors carries the per-rule messages. */
   Failure: 3
 };
 var DateTimeBehavior = {
+  /** Only the date portion is stored; no time component. */
   DateOnly: 1,
+  /** The value is stored in UTC and converted to the user's local time zone for display. */
   UserLocal: 2,
+  /** The value is stored and displayed exactly as entered, without time zone conversion. */
   TimeZoneIndependent: 3
 };
 var DeletePersonalDataResult = {
+  /** The account was deleted and the auth cookie has been cleared. */
   Success: 0,
+  /** The user has a local password set, and one was supplied, but it did not match. The client should show an "incorrect password" error and allow retry. */
   IncorrectPassword: 1,
+  /** The user has a local password set but the request body's password field was empty. The client should prompt for the password and resubmit. Distinct from IncorrectPassword so the UI can choose between "please enter your password" and "that password is wrong." */
   RequireLocalPassword: 2
 };
 var ExternalLoginCandidateKind = {
+  /** The candidate is a Dataverse contact record. */
   Contact: 0,
+  /** The candidate is a Dataverse systemuser record. */
   SystemUser: 1
 };
 var FileArchiveResponseFormat = {
+  /** Returns the raw archive bytes as the response body, with Content-Type: application/zip (or the matching MIME for the chosen ArchiveFormat) and a Content-Disposition: attachment; filename=… header. The caller hands the response directly to the browser's download path — no base64 round-trip. Default mode. */
   BinaryStream: 0,
+  /** Returns a JSON envelope (FileArchiveJsonResponse) that wraps the archive's bytes as base64. Useful when the consumer wants to inspect headers / filename / size programmatically before triggering a download, or when the host environment can't stream binary responses (some test harnesses, some service workers). Trades ~33% wire-size overhead for the JSON wrapper. */
   Json: 1
 };
 var JoinOperator = {
+  /** Inner join — only matching rows are returned. */
   Inner: 0,
+  /** Left outer join — unmatched parent rows are returned with null link columns. */
   LeftOuter: 1,
+  /** Natural join. */
   Natural: 2,
+  /** Match first row using cross apply. */
   MatchFirstRowUsingCrossApply: 3,
+  /** In join — semi-join used for subqueries. */
   In: 4,
+  /** Exists join — semi-join evaluating existence. */
   Exists: 5,
+  /** Any-match semi-join. */
   Any: 6,
+  /** Inverse of Any. */
   NotAny: 7,
+  /** All-match semi-join. */
   All: 8,
+  /** Inverse of All. */
   NotAll: 9
 };
+var LocalizationSourceKind = {
+  /** Strings derived from Dataverse table metadata — display names, descriptions, choice option labels, and view names, drawn from whatever language packs are installed in the environment. Loads first in the warmup. */
+  TableMetadata: 0,
+  /** JSON files stored in Dataverse as web resources under the /PowerPortalsPro/Localization/ path prefix. Loads after table metadata. */
+  WebResource: 1,
+  /** JSON or HTML files loaded from a directory or explicit path registered via String) / String). Loads LAST, so its values override anything an earlier source supplied for the same key. */
+  FolderFile: 2
+};
+var LocalizationSourceStatus = {
+  /** Load completed successfully; key counts and cultures are populated. */
+  Loaded: 0,
+  /** Load threw an exception; Error captures the message. */
+  Failed: 1,
+  /** Source was discovered but produced no strings (empty file, no matching metadata, etc.). */
+  Skipped: 2
+};
 var LoginResult = {
+  /** Credentials were accepted and the auth cookie has been set. The client should navigate to the post-login destination (typically ReturnUrl). */
   Success: 0,
+  /** Credentials were accepted but the account requires a second factor. The server has sent the 2FA code (e.g., via email) and is waiting for a follow-up call to POST /api/auth/login/2fa. No auth cookie is set yet. */
   RequiresTwoFactor: 1,
+  /** The email/password pair did not match any account, or the password was wrong. The client should show a generic "invalid credentials" message — the server deliberately does not distinguish between "no such email" and "wrong password" to avoid account-enumeration attacks. */
   InvalidCredentials: 2,
+  /** The account exists and the password matched, but the email address has not been confirmed and the host configured SignIn.RequireConfirmedAccount. The client should redirect to the registration-confirmation flow. */
   EmailNotConfirmed: 3,
+  /** The account is locked out (too many failed attempts, manual lockout, etc.). The client should show the lockout page. */
   LockedOut: 4
 };
 var RegisterResult = {
+  /** The account was created and a confirmation email has been sent. The user is NOT signed in yet — they must click the confirmation link first. */
   ConfirmationEmailSent: 0,
+  /** The account was created and the user has been signed in directly (the host did not configure SignIn.RequireConfirmedAccount). */
   SignedIn: 1,
+  /** An account with the same email already exists. The server returns this rather than silently succeeding to give the client an opportunity to surface a clear error, at the cost of allowing email enumeration. Hosts that prefer the enumeration- resistant path should treat this as success client-side. */
   EmailAlreadyInUse: 2
 };
 var RelationshipFilterMode = {
+  /** Return records currently associated with ParentRecord via the named relationship. For one-to-many, AND-merges a referencingColumn == parentRecord.Id condition. For many-to-many, AND-merges an intersect link-entity plus a condition on the parent-side intersect column. */
   IncludeExistingRecords: 0,
+  /** Return records that are NOT currently associated with ParentRecord. Many-to-many only — AND-merges a LEFT OUTER intersect link-entity (filtered to the parent's intersect rows) and an outer null-check on the parent-side intersect column, so unrelated records survive but related records get filtered out. */
   ExcludeExistingRecords: 1
 };
 var RequiredLevel = {
+  /** No requirements are specified. */
   None: 0,
+  /** The column is required by the system and cannot be null. */
   SystemRequired: 1,
+  /** The column is required by the application and should have a value. */
   ApplicationRequired: 2,
+  /** It is recommended that the column has a value, but it is not enforced. */
   Recommended: 3
 };
 var ResetPasswordResult = {
+  /** The password was reset and the user can now sign in with the new password. */
   Success: 0,
+  /** The token was missing, malformed, expired, or already used. The client should redirect the user to the "request a new reset link" flow. */
   InvalidOrExpiredToken: 1,
+  /** The new password did not satisfy the host's password rules. The accompanying ProblemDetails (in the failed-validation HTTP 400) carries the per-rule error messages from IdentityResult.Errors. */
   InvalidPassword: 2
 };
 var SwitchIdentityResult = {
+  /** The alt identity was signed in and the auth cookie has been swapped. */
   Switched: 0,
+  /** The current principal has no alt-identity claim — there is nothing to switch to. */
   NoAltIdentity: 1,
+  /** The alt identity referenced by the claim no longer exists in Dataverse (or is disabled). */
   AltIdentityNotFound: 2,
+  /** The current request is unauthenticated. */
   NotAuthenticated: 3
 };
 var TableSecurityPermission = {
+  /** No permissions. */
   None: 0,
+  /** The record can be read. */
   Read: 1,
+  /** The record (or table) can have new records created. */
   Create: 2,
+  /** The record can be modified. */
   Write: 4,
+  /** The record can be deleted. */
   Delete: 8,
+  /** The record can be appended to other records (used as the child of a relationship). */
   Append: 16,
+  /** Other records can be appended to this record (used as the parent of a relationship). */
   AppendTo: 32,
+  /** All permissions except Create. */
   All: 63
 };
 
@@ -1226,6 +1519,6 @@ function getRecordReferenceId(record) {
 // src/index.ts
 var VERSION = "0.1.0";
 
-export { AggregateType, ArchiveFormat, ArgumentError, ArgumentNullError, AuthClient, ChangeEmailResult, ChangePasswordResult, ChartDateGrouping, ColumnType, ConfirmExternalLoginResult, DateTimeBehavior, DeletePersonalDataResult, ExternalLoginCandidateKind, FileArchiveResponseFormat, InvalidOperationError, JoinOperator, LoginResult, PowerPortalsProClient, PowerPortalsProError, RegisterResult, RelationshipFilterMode, RequiredLevel, ResetPasswordResult, Routes, SwitchIdentityResult, TableSecurityPermission, Transport, UnauthorizedAccessError, VERSION, getRecordReferenceId, mapProblemDetails };
+export { AggregateType, ArchiveFormat, ArgumentError, ArgumentNullError, AuthClient, ChangeEmailResult, ChangePasswordResult, ChartDateGrouping, ColumnType, ConfirmExternalLoginResult, DateTimeBehavior, DeletePersonalDataResult, ExternalLoginCandidateKind, FileArchiveResponseFormat, InvalidOperationError, JoinOperator, LocalizationSourceKind, LocalizationSourceStatus, LoginResult, PowerPortalsProClient, PowerPortalsProError, RegisterResult, RelationshipFilterMode, RequiredLevel, ResetPasswordResult, Routes, SwitchIdentityResult, TableSecurityPermission, Transport, UnauthorizedAccessError, VERSION, getRecordReferenceId, mapProblemDetails };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map