npm - @questpie/admin - Versions diffs - 3.2.6 → 3.3.0 - Mend

@questpie/admin 3.2.6 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (86) hide show

package/dist/server/modules/audit/collections/audit-log.d.mts CHANGED Viewed

@@ -1,5 +1,5 @@
 import * as questpie_shared0 from "questpie/shared";
-import * as questpie16 from "questpie";
+import * as questpie21 from "questpie";
 import * as questpie_src_server_modules_core_fields_email_js0 from "questpie/src/server/modules/core/fields/email.js";
 import * as questpie_src_server_modules_core_fields_json_js0 from "questpie/src/server/modules/core/fields/json.js";
 import * as drizzle_orm_pg_core0 from "drizzle-orm/pg-core";
@@ -19,22 +19,22 @@ import * as questpie_src_server_fields_operators_builtin_js0 from "questpie/src/
  * - update: disallowed
  * - read: allowed (for admin UI display)
  */
-declare const auditLogCollection: questpie16.CollectionBuilder<questpie_shared0.Override<questpie_shared0.Override<questpie_shared0.Override<questpie_shared0.Override<questpie_shared0.Override<questpie16.EmptyCollectionState<"admin_audit_log", undefined, {
-  readonly text: typeof questpie16.text;
-  readonly textarea: typeof questpie16.textarea;
+declare const auditLogCollection: questpie21.CollectionBuilder<questpie_shared0.Override<questpie_shared0.Override<questpie_shared0.Override<questpie_shared0.Override<questpie_shared0.Override<questpie_shared0.Override<questpie21.EmptyCollectionState<"admin_audit_log", undefined, {
+  readonly text: typeof questpie21.text;
+  readonly textarea: typeof questpie21.textarea;
   readonly email: typeof questpie_src_server_modules_core_fields_email_js0.email;
-  readonly url: typeof questpie16.url;
-  readonly number: typeof questpie16.number;
-  readonly boolean: typeof questpie16.boolean;
-  readonly date: typeof questpie16.date;
-  readonly datetime: typeof questpie16.datetime;
-  readonly time: typeof questpie16.time;
-  readonly select: typeof questpie16.select;
-  readonly upload: typeof questpie16.upload;
-  readonly relation: typeof questpie16.relation;
-  readonly object: typeof questpie16.object;
+  readonly url: typeof questpie21.url;
+  readonly number: typeof questpie21.number;
+  readonly boolean: typeof questpie21.boolean;
+  readonly date: typeof questpie21.date;
+  readonly datetime: typeof questpie21.datetime;
+  readonly time: typeof questpie21.time;
+  readonly select: typeof questpie21.select;
+  readonly upload: typeof questpie21.upload;
+  readonly relation: typeof questpie21.relation;
+  readonly object: typeof questpie21.object;
   readonly json: typeof questpie_src_server_modules_core_fields_json_js0.json;
-  readonly from: typeof questpie16.from;
+  readonly from: typeof questpie21.from;
 }>, {
   fields: {
     readonly action: drizzle_orm0.NotNull<drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>>;
@@ -52,98 +52,98 @@ declare const auditLogCollection: questpie16.CollectionBuilder<questpie_shared0.
   localized: readonly string[];
   fieldDefinitions: {
     /** Action performed: create, update, delete, transition, custom */
-    readonly action: questpie16.FieldWithMethods<Omit<questpie16.TextFieldState, "notNull" | "column"> & {
+    readonly action: questpie21.FieldWithMethods<Omit<questpie21.TextFieldState, "notNull" | "column"> & {
       notNull: true;
       column: drizzle_orm0.NotNull<drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>>;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** Resource type: collection, global, auth, system, custom */
-    readonly resourceType: questpie16.FieldWithMethods<Omit<questpie16.TextFieldState, "notNull" | "column"> & {
+    readonly resourceType: questpie21.FieldWithMethods<Omit<questpie21.TextFieldState, "notNull" | "column"> & {
       notNull: true;
       column: drizzle_orm0.NotNull<drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>>;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** Resource slug (collection/global name) */
-    readonly resource: questpie16.FieldWithMethods<Omit<questpie16.TextFieldState, "notNull" | "column"> & {
+    readonly resource: questpie21.FieldWithMethods<Omit<questpie21.TextFieldState, "notNull" | "column"> & {
       notNull: true;
       column: drizzle_orm0.NotNull<drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>>;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** ID of the specific record (null for globals) */
-    readonly resourceId: questpie16.FieldWithMethods<questpie16.DefaultFieldState & {
+    readonly resourceId: questpie21.FieldWithMethods<questpie21.DefaultFieldState & {
       type: "text";
       data: string;
       column: drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.stringOps;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** Denormalized display label for the affected record */
-    readonly resourceLabel: questpie16.FieldWithMethods<questpie16.DefaultFieldState & {
+    readonly resourceLabel: questpie21.FieldWithMethods<questpie21.DefaultFieldState & {
       type: "text";
       data: string;
       column: drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.stringOps;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** User who performed the action */
-    readonly userId: questpie16.FieldWithMethods<questpie16.DefaultFieldState & {
+    readonly userId: questpie21.FieldWithMethods<questpie21.DefaultFieldState & {
       type: "text";
       data: string;
       column: drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.stringOps;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** Denormalized user display name */
-    readonly userName: questpie16.FieldWithMethods<questpie16.DefaultFieldState & {
+    readonly userName: questpie21.FieldWithMethods<questpie21.DefaultFieldState & {
       type: "text";
       data: string;
       column: drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.stringOps;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** Locale context of the operation */
-    readonly locale: questpie16.FieldWithMethods<questpie16.DefaultFieldState & {
+    readonly locale: questpie21.FieldWithMethods<questpie21.DefaultFieldState & {
       type: "text";
       data: string;
       column: drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.stringOps;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
     /** Field-level diffs: { field: { from, to } } or null */
-    readonly changes: questpie16.Field<questpie16.DefaultFieldState & {
+    readonly changes: questpie21.Field<questpie21.DefaultFieldState & {
       type: "json";
-      data: questpie16.JsonValue;
+      data: questpie21.JsonValue;
       column: drizzle_orm_pg_core0.PgJsonbBuilder;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.basicOps;
     } & {
       label: questpie_shared0.I18nText;
     }>;
     /** Extra context metadata */
-    readonly metadata: questpie16.Field<questpie16.DefaultFieldState & {
+    readonly metadata: questpie21.Field<questpie21.DefaultFieldState & {
       type: "json";
-      data: questpie16.JsonValue;
+      data: questpie21.JsonValue;
       column: drizzle_orm_pg_core0.PgJsonbBuilder;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.basicOps;
     } & {
       label: questpie_shared0.I18nText;
     }>;
     /** Human-readable title: "User Action ResourceType 'ResourceLabel'" */
-    readonly title: questpie16.FieldWithMethods<questpie16.DefaultFieldState & {
+    readonly title: questpie21.FieldWithMethods<questpie21.DefaultFieldState & {
       type: "text";
       data: string;
       column: drizzle_orm_pg_core0.PgVarcharBuilder<[string, ...string[]]>;
       operators: typeof questpie_src_server_fields_operators_builtin_js0.stringOps;
     } & {
       label: questpie_shared0.I18nText;
-    }, questpie16.TextFieldMethods>;
+    }, questpie21.TextFieldMethods>;
   };
 }>, {
   options: {
@@ -153,6 +153,8 @@ declare const auditLogCollection: questpie16.CollectionBuilder<questpie_shared0.
   indexes: drizzle_orm_pg_core0.IndexBuilder[];
 }>, {
   access: Record<string, any>;
+}>, {
+  hooks: Record<string, any>;
 }> & Record<"admin", {
   label: {
     key: string;

package/dist/server/modules/audit/collections/audit-log.mjs CHANGED Viewed

@@ -1,4 +1,5 @@
-import { collection } from "questpie";
+import { localizeAuditTitle } from "../config/localize-title.mjs";
+import { collection, tryGetContext } from "questpie";
 import { index } from "questpie/drizzle-pg-core";
 //#region src/server/modules/audit/collections/audit-log.ts
@@ -41,7 +42,11 @@ const auditLogCollection = collection(AUDIT_LOG_COLLECTION).fields(({ f }) => ({
 	update: false,
 	delete: false,
 	read: true
-}).set("admin", {
+}).hooks({ afterRead: ({ data, locale }) => {
+	if (!data) return;
+	const localized = localizeAuditTitle(data, locale, tryGetContext()?.app);
+	if (localized) data.title = localized;
+} }).set("admin", {
 	label: { key: "audit.collection.label" },
 	icon: {
 		type: "icon",

package/dist/server/modules/audit/config/localize-title.mjs ADDED Viewed

@@ -0,0 +1,67 @@
+import { getAdminMessagesForLocale } from "../../../i18n/index.mjs";
+import { isI18nTranslationKey, resolveI18nText } from "questpie/shared";
+//#region src/server/modules/audit/config/localize-title.ts
+function lookupMessage(messages, key) {
+	const value = messages[key];
+	if (typeof value === "string") return value;
+	if (value && typeof value === "object") {
+		const plural = value.other;
+		if (typeof plural === "string") return plural;
+	}
+	return null;
+}
+function makeTranslator(messages) {
+	return (key) => lookupMessage(messages, key) ?? key;
+}
+function getResourceLabel(app, resourceType, resource) {
+	if (!app) return null;
+	if (resourceType === "collection") {
+		const config = app.getCollectionConfig?.(resource);
+		return config?.state?.admin?.label ?? config?.state?.label ?? null;
+	}
+	if (resourceType === "global") {
+		const config = app.getGlobals?.()?.[resource];
+		return config?.state?.admin?.label ?? config?.state?.label ?? null;
+	}
+	return null;
+}
+function resolveLabel(label, locale, t) {
+	if (label == null) return null;
+	if (isI18nTranslationKey(label)) {
+		const resolved = t(label.key);
+		return resolved === label.key ? label.fallback ?? null : resolved;
+	}
+	return resolveI18nText(label, locale, t);
+}
+function interpolate(template, values) {
+	return template.replace(/\{\{\s*(\w+)\s*\}\}/g, (_m, k) => values[k] ?? `{{${k}}}`);
+}
+/**
+* Recompute the audit log title in the viewer's locale.
+* Returns null when no locale is provided so the caller can keep the stored value.
+*/
+function localizeAuditTitle(data, locale, app) {
+	if (!locale) return null;
+	const messages = getAdminMessagesForLocale(locale);
+	const t = makeTranslator(messages);
+	const action = String(data.action ?? "");
+	const resourceType = String(data.resourceType ?? "");
+	const resource = String(data.resource ?? "");
+	const userName = String(data.userName ?? "");
+	const actionText = lookupMessage(messages, `audit.action.${action}`) ?? action;
+	const resourceTypeText = lookupMessage(messages, `audit.resourceType.${resourceType}`) ?? resourceType;
+	const resourceName = resolveLabel(getResourceLabel(app, resourceType, resource), locale, t) ?? resource;
+	const rawLabel = typeof data.resourceLabel === "string" && data.resourceLabel.length > 0 ? data.resourceLabel : null;
+	const unnamed = lookupMessage(messages, "audit.unnamed") ?? "(unnamed)";
+	const resourceLabel = rawLabel ? `'${rawLabel}'` : unnamed;
+	return interpolate(lookupMessage(messages, "audit.title.template") ?? "{{userName}} {{action}} {{resourceType}} {{resourceLabel}}", {
+		userName,
+		action: actionText,
+		resourceType: `${resourceTypeText} ${resourceName}`,
+		resourceLabel
+	});
+}
+//#endregion
+export { localizeAuditTitle };

package/dist/server/modules/audit/index.d.mts CHANGED Viewed

@@ -1,2 +1,3 @@
 import { auditLogCollection } from "./collections/audit-log.mjs";
-import { AuditModule, _module } from "./.generated/module.mjs";
+import { AuditModule, _module } from "./.generated/module.mjs";
+import { AuditActorType, AuditContext, LogAuditEntryOptions, logAuditEntry } from "./log-audit-entry.mjs";

package/dist/server/modules/audit/log-audit-entry.d.mts ADDED Viewed

@@ -0,0 +1,85 @@
+//#region src/server/modules/audit/log-audit-entry.d.ts
+/**
+ * Options for a custom audit log entry.
+ */
+type AuditActorType = "anonymous" | "system" | "user" | (string & {});
+interface LogAuditEntryOptions {
+  /** Action performed (e.g., "create", "bulk-email", "archive", "migrate"). */
+  action: string;
+  /**
+   * Category of the affected resource.
+   * Built-in: "collection" | "global"
+   * Custom: "system" | "job" | "webhook" | any string
+   */
+  resourceType: string;
+  /** Resource identifier (e.g., collection slug, job name). */
+  resource: string;
+  /** Optional ID of a specific record. */
+  resourceId?: string | null;
+  /** Display label for the affected resource (e.g., record title, job description). */
+  resourceLabel?: string | null;
+  /** Override actor user name (auto-resolved from session when omitted). */
+  userName?: string;
+  /** Override actor user ID (auto-resolved from session when omitted). */
+  userId?: string | null;
+  /** Override actor category stored in metadata. */
+  actorType?: AuditActorType;
+  /** Locale context of the operation. */
+  locale?: string | null;
+  /** Field-level changes, or arbitrary structured data. */
+  changes?: Record<string, unknown> | null;
+  /** Extra metadata (e.g., job payload, webhook source). */
+  metadata?: Record<string, unknown> | null;
+}
+/**
+ * Audit context — pass the hook/job context directly.
+ * Needs `collections` (or `app.collections`) and optionally `session`, `db`.
+ */
+interface AuditContext {
+  collections?: Record<string, any>;
+  app?: {
+    collections?: Record<string, any>;
+    getCollectionConfig?: (slug: string) => any;
+    getGlobals?: () => Record<string, any>;
+  };
+  session?: {
+    user?: Record<string, unknown> | null;
+  } | null;
+  accessMode?: string;
+  db?: unknown;
+  logger?: {
+    error?: (...args: any[]) => void;
+  };
+}
+/**
+ * Write a custom audit log entry.
+ *
+ * Use this in jobs, custom actions, webhooks, or anywhere you want
+ * to record a meaningful event in the audit trail.
+ *
+ * @example
+ * ```ts
+ * import { logAuditEntry } from "@questpie/admin/server";
+ *
+ * // Inside a job handler:
+ * await logAuditEntry(ctx, {
+ *   action: "bulk-email",
+ *   resourceType: "system",
+ *   resource: "newsletter",
+ *   resourceLabel: "Q1 Campaign",
+ *   metadata: { sentCount: 1234, jobId: ctx.id },
+ * });
+ *
+ * // Inside a collection hook with session:
+ * await logAuditEntry(ctx, {
+ *   action: "export",
+ *   resourceType: "collection",
+ *   resource: "orders",
+ *   resourceLabel: "Monthly export",
+ *   changes: { format: { from: null, to: "csv" } },
+ * });
+ * ```
+ */
+declare function logAuditEntry(ctx: AuditContext, options: LogAuditEntryOptions): Promise<void>;
+//#endregion
+export { AuditActorType, AuditContext, LogAuditEntryOptions, logAuditEntry };

package/dist/server/modules/audit/log-audit-entry.mjs ADDED Viewed

@@ -0,0 +1,125 @@
+import { AUDIT_LOG_COLLECTION } from "./collections/audit-log.mjs";
+import { tryGetContext } from "questpie";
+//#region src/server/modules/audit/log-audit-entry.ts
+function resolveCollections(ctx) {
+	return ctx.collections ?? ctx.app?.collections ?? null;
+}
+function resolveActor(ctx) {
+	const user = ctx.session?.user;
+	const userId = user?.id != null ? String(user.id) : null;
+	for (const candidate of [
+		user?.name,
+		user?.email,
+		userId
+	]) if (typeof candidate === "string" && candidate.trim().length > 0) return {
+		actorType: "user",
+		userId,
+		userName: candidate.trim()
+	};
+	if (ctx.accessMode === "system") return {
+		actorType: "system",
+		userId: "system",
+		userName: "System"
+	};
+	return {
+		actorType: "anonymous",
+		userId: null,
+		userName: "Anonymous"
+	};
+}
+function getResourceTypeLabel(ctx, resourceType, resource) {
+	const stored = tryGetContext();
+	const app = ctx.app ?? stored?.app;
+	if (!app) return resource;
+	if (resourceType === "collection") {
+		const config = app.getCollectionConfig?.(resource);
+		const label = config?.state?.admin?.label ?? config?.state?.label;
+		if (typeof label === "string") return label;
+		return resource;
+	}
+	if (resourceType === "global") {
+		const config = app.getGlobals?.()?.[resource];
+		const label = config?.state?.admin?.label ?? config?.state?.label;
+		if (typeof label === "string") return label;
+		return resource;
+	}
+	return resource;
+}
+function resolveActorType(actor, options, userId) {
+	if (options.actorType) return options.actorType;
+	if (options.userId !== void 0 || options.userName !== void 0) return userId && userId !== "system" ? "user" : "system";
+	return actor.actorType;
+}
+/**
+* Write a custom audit log entry.
+*
+* Use this in jobs, custom actions, webhooks, or anywhere you want
+* to record a meaningful event in the audit trail.
+*
+* @example
+* ```ts
+* import { logAuditEntry } from "@questpie/admin/server";
+*
+* // Inside a job handler:
+* await logAuditEntry(ctx, {
+*   action: "bulk-email",
+*   resourceType: "system",
+*   resource: "newsletter",
+*   resourceLabel: "Q1 Campaign",
+*   metadata: { sentCount: 1234, jobId: ctx.id },
+* });
+*
+* // Inside a collection hook with session:
+* await logAuditEntry(ctx, {
+*   action: "export",
+*   resourceType: "collection",
+*   resource: "orders",
+*   resourceLabel: "Monthly export",
+*   changes: { format: { from: null, to: "csv" } },
+* });
+* ```
+*/
+async function logAuditEntry(ctx, options) {
+	const collections = resolveCollections(ctx);
+	if (!collections?.[AUDIT_LOG_COLLECTION]) {
+		ctx.logger?.error?.("[Audit] Cannot write audit entry — audit log collection not available");
+		return;
+	}
+	const actor = resolveActor(ctx);
+	const userName = options.userName ?? actor.userName;
+	const userId = options.userId !== void 0 ? options.userId : actor.userId;
+	const actorType = resolveActorType(actor, options, userId);
+	const resourceTypeLabel = getResourceTypeLabel(ctx, options.resourceType, options.resource);
+	const resourceLabel = options.resourceLabel ?? null;
+	const label = resourceLabel || "(unnamed)";
+	const title = `${userName} ${{
+		create: "created",
+		update: "updated",
+		delete: "deleted",
+		transition: "changed status of"
+	}[options.action] || options.action} ${resourceTypeLabel} '${label}'`;
+	await collections[AUDIT_LOG_COLLECTION].create({
+		action: options.action,
+		resourceType: options.resourceType,
+		resource: options.resource,
+		resourceId: options.resourceId ?? null,
+		resourceLabel,
+		userId,
+		userName,
+		locale: options.locale ?? null,
+		changes: options.changes ?? null,
+		metadata: {
+			actorType,
+			accessMode: ctx.accessMode ?? "system",
+			...options.metadata ?? {}
+		},
+		title
+	}, {
+		accessMode: "system",
+		db: ctx.db
+	});
+}
+//#endregion
+export { logAuditEntry };

package/dist/server/plugin.mjs CHANGED Viewed

@@ -267,7 +267,7 @@ function adminPlugin() {
 					view: {
 						dir: "views",
 						description: "Server-side view definition",
-						template: ({ kebab, camel }) => `import { view } from "@questpie/admin/server";\n\nexport const ${camel}View = view("${kebab}", "list", {\n\t// TODO: configure view\n});\n`
+						template: ({ kebab, camel }) => `import { view } from "@questpie/admin/server";\n\nexport const ${camel}View = view("${kebab}", {\n\tkind: "list",\n});\n`
 					},
 					component: {
 						dir: "components",
@@ -362,19 +362,19 @@ function adminPlugin() {
 						dir: "views",
 						extension: ".tsx",
 						description: "Client-side view component",
-						template: ({ kebab, pascal }) => `import { defineView } from "@questpie/admin";\n\nexport default defineView("${kebab}", (props) => {\n\treturn (\n\t\t<div>\n\t\t\t<h2>${pascal} View</h2>\n\t\t\t{/* TODO: implement view */}\n\t\t</div>\n\t);\n});\n`
+						template: ({ kebab, pascal }) => `import { type CollectionListViewProps, view } from "@questpie/admin/client";\n\nfunction ${pascal}View(_props: CollectionListViewProps) {\n\treturn (\n\t\t<div>\n\t\t\t<h2>${pascal} View</h2>\n\t\t\t{/* TODO: implement view */}\n\t\t</div>\n\t);\n}\n\nexport default view("${kebab}", {\n\tkind: "list",\n\tcomponent: ${pascal}View,\n});\n`
 					},
 					field: {
 						dir: "fields",
 						extension: ".tsx",
 						description: "Client-side field component",
-						template: ({ kebab, pascal }) => `import { field } from "@questpie/admin";\n\nexport default field({\n\tname: "${kebab}",\n\tcomponent: (props) => {\n\t\treturn (\n\t\t\t<div>\n\t\t\t\t<label>${pascal}</label>\n\t\t\t\t{/* TODO: implement field */}\n\t\t\t</div>\n\t\t);\n\t},\n});\n`
+						template: ({ kebab, pascal }) => `import { type BaseFieldProps, field } from "@questpie/admin/client";\n\nfunction ${pascal}Field({ label, value, onChange, onBlur }: BaseFieldProps) {\n\treturn (\n\t\t<label>\n\t\t\t<span>{label ?? "${pascal}"}</span>\n\t\t\t<input\n\t\t\t\tvalue={typeof value === "string" ? value : ""}\n\t\t\t\tonChange={(event) => onChange?.(event.target.value)}\n\t\t\t\tonBlur={onBlur}\n\t\t\t/>\n\t\t</label>\n\t);\n}\n\nexport default field("${kebab}", {\n\tcomponent: ${pascal}Field,\n});\n`
 					},
 					widget: {
 						dir: "widgets",
 						extension: ".tsx",
 						description: "Client-side dashboard widget",
-						template: ({ kebab, pascal }) => `import { defineWidget } from "@questpie/admin";\n\nexport default defineWidget("${kebab}", (props) => {\n\treturn (\n\t\t<div>\n\t\t\t<h3>${pascal} Widget</h3>\n\t\t\t{/* TODO: implement widget */}\n\t\t</div>\n\t);\n});\n`
+						template: ({ kebab, pascal }) => `import { type WidgetComponentProps, widget } from "@questpie/admin/client";\n\nfunction ${pascal}Widget(_props: WidgetComponentProps) {\n\treturn (\n\t\t<div>\n\t\t\t<h3>${pascal} Widget</h3>\n\t\t\t{/* TODO: implement widget */}\n\t\t</div>\n\t);\n}\n\nexport default widget("${kebab}", {\n\tcomponent: ${pascal}Widget,\n});\n`
 					}
 				},
 				generate: (ctx) => generateAdminClientTemplate(ctx)

package/dist/server.d.mts CHANGED Viewed

@@ -15,10 +15,8 @@ import { BlocksPrefetchContext, createBlocksPrefetchHook, processBlocksDocument,
 import "./server/block/index.mjs";
 import { adminPlugin } from "./server/plugin.mjs";
 import { AuthSession, GetAdminSessionOptions, RequireAdminAuthOptions, getAdminSession, isAdminUser, requireAdminAuth } from "./server/modules/admin/auth-helpers.mjs";
-import "./server/auth-helpers.mjs";
 import { NextAuthMiddlewareOptions, createNextAuthMiddleware, getNextAdminSession } from "./server/adapters/nextjs.mjs";
 import { BeforeLoadContext, TanStackAuthGuardOptions, createTanStackAuthGuard, createTanStackSessionLoader } from "./server/adapters/tanstack.mjs";
-import "./server/adapters/index.mjs";
 import { ExecuteActionRequest, ExecuteActionResponse, actionFunctions, executeAction, executeActionFn, getActionsConfig, getActionsConfigFn } from "./server/modules/admin/routes/execute-action.mjs";
 import { PreviewTokenPayload, createPreviewFunctions, createPreviewTokenVerifier, verifyPreviewTokenDirect } from "./server/modules/admin/routes/preview.mjs";
 import { batchReactive, fieldOptions, reactiveFunctions } from "./server/modules/admin/routes/reactive.mjs";
@@ -29,7 +27,8 @@ import { savedViewsCollection } from "./server/modules/admin-preferences/collect
 import { AdminModule, adminModule, adminRoutes } from "./server/modules/admin/index.mjs";
 import { auditLogCollection } from "./server/modules/audit/collections/audit-log.mjs";
 import { AuditModule, _module } from "./server/modules/audit/.generated/module.mjs";
+import { AuditActorType, AuditContext, LogAuditEntryOptions, logAuditEntry } from "./server/modules/audit/log-audit-entry.mjs";
 import "./server/modules/audit/index.mjs";
 import { createActionCallbackProxy, createActionProxy, createComponentCallbackProxy, createComponentProxy, createDashboardCallbackContext, createDashboardContributionProxy, createFieldProxy, createSidebarCallbackContext, createSidebarContributionProxy, createViewCallbackProxy, createViewProxy, resolveDashboardCallback, resolveSidebarCallback } from "./server/proxy-factories.mjs";
 import { component, editView, filterViewsByKind, listView, view } from "./server/registry-helpers.mjs";
-export { type ActionReference, type ActionsConfigContext, type AdminBlockConfig, type AdminCollectionConfig, type AdminConfigContext, type AdminConfigInput, type AdminGlobalConfig, type AdminLocaleConfig, type AdminModule, type AnyBlockBuilder, type AnyBlockDefinition, type AuditModule, type AuthSession, BeforeLoadContext, BlockBuilder, type BlockBuilderState, type BlockCategoryConfig, type BlockDefinition, type BlockNode, type BlockPrefetchContext, type BlockPrefetchFn, type BlockPrefetchWith, type BlockPrefetchWithOptions, type BlockSchema, type BlockValues, type BlocksDocument, type BlocksFieldMeta, type BlocksPrefetchContext, type BuiltinActionType, type ComponentDefinition, type ComponentFactory, type ComponentReference, type ComponentType, type ComponentTypeRegistry, type DashboardActionFactory, type DashboardActionProxy, type DashboardCallback, type DashboardCallbackContext, type DashboardConfigContext, type DashboardContribution, type DashboardItemDef, type DashboardProxy, type DashboardSectionDef, type EditViewDefinition, type EditViewFactory, type ExecuteActionRequest, type ExecuteActionResponse, type ExpandWithResult, type ExpandedRecord, type FieldLayoutItem, type FilterOperator, type FilterRule, type FilterViewsByKind, type FormFieldLayoutItem, type FormReactiveConfig, type FormReactiveContext, type FormSectionLayout, type FormSidebarConfig, type FormTabConfig, type FormTabsLayout, type FormViewConfig, type FormViewConfigContext, type GetAdminSessionOptions, type InferBlockData, type InferBlockValues, type ListViewConfig, type ListViewConfigContext, type ListViewDefinition, type ListViewFactory, NextAuthMiddlewareOptions, type PreviewConfig, type PreviewTokenPayload, type RequireAdminAuthOptions, type RichTextFeature, type RichTextFieldMeta, type ServerActionContext, type ServerActionDefinition, type ServerActionDownload, type ServerActionEffects, type ServerActionError, type ServerActionForm, type ServerActionFormField, type ServerActionHandler, type ServerActionRedirect, type ServerActionResult, type ServerActionSuccess, type ServerActionsConfig, type ServerBrandingConfig, type ServerChartWidget, type ServerCustomWidget, type ServerDashboardAction, type ServerDashboardConfig, type ServerDashboardItem, type ServerDashboardSection, type ServerDashboardTab, type ServerDashboardTabs, type ServerDashboardWidget, type ServerProgressWidget, type ServerQuickAction, type ServerQuickActionsWidget, type ServerRecentItemsWidget, type ServerSidebarCollectionItem, type ServerSidebarConfig, type ServerSidebarDividerItem, type ServerSidebarGlobalItem, type ServerSidebarItem, type ServerSidebarLinkItem, type ServerSidebarPageItem, type ServerSidebarSection, type ServerStatsWidget, type ServerTableWidget, type ServerTimelineWidget, type ServerValueWidget, type SidebarCallback, type SidebarCallbackContext, type SidebarConfigContext, type SidebarContribution, type SidebarItemDef, type SidebarProxy, type SidebarSectionDef, type SortConfig, TanStackAuthGuardOptions, type TipTapDocument, type TipTapNode, type ViewConfiguration, type ViewDefinition, type ViewKind, type ViewKindRegistry, type WidgetAccessRule, type WidgetFetchContext, actionFunctions, adminConfig, adminFields, adminModule, adminPlugin, adminRoutes, auditLogCollection, _module as auditModule, batchReactive, block, component, createActionCallbackProxy, createActionProxy, createBlocksPrefetchHook, createComponentCallbackProxy, createComponentProxy, createDashboardCallbackContext, createDashboardContributionProxy, createFieldProxy, createFirstAdmin, createNextAuthMiddleware, createPreviewFunctions, createPreviewTokenVerifier, createSidebarCallbackContext, createSidebarContributionProxy, createTanStackAuthGuard, createTanStackSessionLoader, createViewCallbackProxy, createViewProxy, editView, executeAction, executeActionFn, fetchWidgetData, fieldOptions, filterViewsByKind, getActionsConfig, getActionsConfigFn, getAdminSession, getBlocksByCategory, getNextAdminSession, introspectBlock, introspectBlocks, isAdminUser, isSetupRequired, listView, processBlocksDocument, processDocumentBlocksPrefetch, reactiveFunctions, requireAdminAuth, resolveDashboardCallback, resolveSidebarCallback, savedViewsCollection, setupFunctions, verifyPreviewTokenDirect, view, widgetDataFunctions };
+export { type ActionReference, type ActionsConfigContext, type AdminBlockConfig, type AdminCollectionConfig, type AdminConfigContext, type AdminConfigInput, type AdminGlobalConfig, type AdminLocaleConfig, type AdminModule, type AnyBlockBuilder, type AnyBlockDefinition, type AuditActorType, type AuditContext, type AuditModule, type AuthSession, BeforeLoadContext, BlockBuilder, type BlockBuilderState, type BlockCategoryConfig, type BlockDefinition, type BlockNode, type BlockPrefetchContext, type BlockPrefetchFn, type BlockPrefetchWith, type BlockPrefetchWithOptions, type BlockSchema, type BlockValues, type BlocksDocument, type BlocksFieldMeta, type BlocksPrefetchContext, type BuiltinActionType, type ComponentDefinition, type ComponentFactory, type ComponentReference, type ComponentType, type ComponentTypeRegistry, type DashboardActionFactory, type DashboardActionProxy, type DashboardCallback, type DashboardCallbackContext, type DashboardConfigContext, type DashboardContribution, type DashboardItemDef, type DashboardProxy, type DashboardSectionDef, type EditViewDefinition, type EditViewFactory, type ExecuteActionRequest, type ExecuteActionResponse, type ExpandWithResult, type ExpandedRecord, type FieldLayoutItem, type FilterOperator, type FilterRule, type FilterViewsByKind, type FormFieldLayoutItem, type FormReactiveConfig, type FormReactiveContext, type FormSectionLayout, type FormSidebarConfig, type FormTabConfig, type FormTabsLayout, type FormViewConfig, type FormViewConfigContext, type GetAdminSessionOptions, type InferBlockData, type InferBlockValues, type ListViewConfig, type ListViewConfigContext, type ListViewDefinition, type ListViewFactory, type LogAuditEntryOptions, NextAuthMiddlewareOptions, type PreviewConfig, type PreviewTokenPayload, type RequireAdminAuthOptions, type RichTextFeature, type RichTextFieldMeta, type ServerActionContext, type ServerActionDefinition, type ServerActionDownload, type ServerActionEffects, type ServerActionError, type ServerActionForm, type ServerActionFormField, type ServerActionHandler, type ServerActionRedirect, type ServerActionResult, type ServerActionSuccess, type ServerActionsConfig, type ServerBrandingConfig, type ServerChartWidget, type ServerCustomWidget, type ServerDashboardAction, type ServerDashboardConfig, type ServerDashboardItem, type ServerDashboardSection, type ServerDashboardTab, type ServerDashboardTabs, type ServerDashboardWidget, type ServerProgressWidget, type ServerQuickAction, type ServerQuickActionsWidget, type ServerRecentItemsWidget, type ServerSidebarCollectionItem, type ServerSidebarConfig, type ServerSidebarDividerItem, type ServerSidebarGlobalItem, type ServerSidebarItem, type ServerSidebarLinkItem, type ServerSidebarPageItem, type ServerSidebarSection, type ServerStatsWidget, type ServerTableWidget, type ServerTimelineWidget, type ServerValueWidget, type SidebarCallback, type SidebarCallbackContext, type SidebarConfigContext, type SidebarContribution, type SidebarItemDef, type SidebarProxy, type SidebarSectionDef, type SortConfig, TanStackAuthGuardOptions, type TipTapDocument, type TipTapNode, type ViewConfiguration, type ViewDefinition, type ViewKind, type ViewKindRegistry, type WidgetAccessRule, type WidgetFetchContext, actionFunctions, adminConfig, adminFields, adminModule, adminPlugin, adminRoutes, auditLogCollection, _module as auditModule, batchReactive, block, component, createActionCallbackProxy, createActionProxy, createBlocksPrefetchHook, createComponentCallbackProxy, createComponentProxy, createDashboardCallbackContext, createDashboardContributionProxy, createFieldProxy, createFirstAdmin, createNextAuthMiddleware, createPreviewFunctions, createPreviewTokenVerifier, createSidebarCallbackContext, createSidebarContributionProxy, createTanStackAuthGuard, createTanStackSessionLoader, createViewCallbackProxy, createViewProxy, editView, executeAction, executeActionFn, fetchWidgetData, fieldOptions, filterViewsByKind, getActionsConfig, getActionsConfigFn, getAdminSession, getBlocksByCategory, getNextAdminSession, introspectBlock, introspectBlocks, isAdminUser, isSetupRequired, listView, logAuditEntry, processBlocksDocument, processDocumentBlocksPrefetch, reactiveFunctions, requireAdminAuth, resolveDashboardCallback, resolveSidebarCallback, savedViewsCollection, setupFunctions, verifyPreviewTokenDirect, view, widgetDataFunctions };

package/dist/server.mjs CHANGED Viewed

@@ -18,5 +18,6 @@ import { adminConfig } from "./server/augmentation/index.mjs";
 import { adminModule, adminRoutes } from "./server/modules/admin/index.mjs";
 import { auditLogCollection } from "./server/modules/audit/collections/audit-log.mjs";
 import module_default from "./server/modules/audit/.generated/module.mjs";
+import { logAuditEntry } from "./server/modules/audit/log-audit-entry.mjs";
-export { BlockBuilder, actionFunctions, adminConfig, adminFields, adminModule, adminPlugin, adminRoutes, auditLogCollection, module_default as auditModule, batchReactive, block, component, createActionCallbackProxy, createActionProxy, createBlocksPrefetchHook, createComponentCallbackProxy, createComponentProxy, createDashboardCallbackContext, createDashboardContributionProxy, createFieldProxy, createFirstAdmin, createNextAuthMiddleware, createPreviewFunctions, createPreviewTokenVerifier, createSidebarCallbackContext, createSidebarContributionProxy, createTanStackAuthGuard, createTanStackSessionLoader, createViewCallbackProxy, createViewProxy, editView, executeAction, executeActionFn, fetchWidgetData, fieldOptions, filterViewsByKind, getActionsConfig, getActionsConfigFn, getAdminSession, getBlocksByCategory, getNextAdminSession, introspectBlock, introspectBlocks, isAdminUser, isSetupRequired, listView, processBlocksDocument, processDocumentBlocksPrefetch, reactiveFunctions, requireAdminAuth, resolveDashboardCallback, resolveSidebarCallback, savedViewsCollection, setupFunctions, verifyPreviewTokenDirect, view, widgetDataFunctions };
+export { BlockBuilder, actionFunctions, adminConfig, adminFields, adminModule, adminPlugin, adminRoutes, auditLogCollection, module_default as auditModule, batchReactive, block, component, createActionCallbackProxy, createActionProxy, createBlocksPrefetchHook, createComponentCallbackProxy, createComponentProxy, createDashboardCallbackContext, createDashboardContributionProxy, createFieldProxy, createFirstAdmin, createNextAuthMiddleware, createPreviewFunctions, createPreviewTokenVerifier, createSidebarCallbackContext, createSidebarContributionProxy, createTanStackAuthGuard, createTanStackSessionLoader, createViewCallbackProxy, createViewProxy, editView, executeAction, executeActionFn, fetchWidgetData, fieldOptions, filterViewsByKind, getActionsConfig, getActionsConfigFn, getAdminSession, getBlocksByCategory, getNextAdminSession, introspectBlock, introspectBlocks, isAdminUser, isSetupRequired, listView, logAuditEntry, processBlocksDocument, processDocumentBlocksPrefetch, reactiveFunctions, requireAdminAuth, resolveDashboardCallback, resolveSidebarCallback, savedViewsCollection, setupFunctions, verifyPreviewTokenDirect, view, widgetDataFunctions };

package/dist/shared/preview-utils.d.mts CHANGED Viewed

@@ -76,11 +76,11 @@ declare function isDraftMode(cookieHeader: string | null | undefined): boolean;
  */
 declare function createDraftModeCookie(enabled: boolean, maxAge?: number): string;
 /**
- * Get preview secret from environment variables.
- * Falls back to SECRET if PREVIEW_SECRET is not set.
+ * Resolve a preview secret from an explicit value.
  *
- * @returns The preview secret
+ * @deprecated Preview token signing now reads `app.config.secret` in server
+ * route handlers. Pass a secret explicitly when using standalone helpers.
  */
-declare function getPreviewSecret(): string;
+declare function getPreviewSecret(secret?: string): string;
 //#endregion
 export { ADMIN_API_PREFIX, DRAFT_MODE_COOKIE, createDraftModeCookie, getPreviewSecret, isAdminRequest, isDraftMode };

package/dist/shared/preview-utils.mjs CHANGED Viewed

@@ -127,15 +127,13 @@ function createDraftModeCookie(enabled, maxAge = 3600) {
 	return `${DRAFT_MODE_COOKIE}=; Path=/; Max-Age=0; SameSite=Lax; HttpOnly`;
 }
 /**
-* Get preview secret from environment variables.
-* Falls back to SECRET if PREVIEW_SECRET is not set.
+* Resolve a preview secret from an explicit value.
 *
-* @returns The preview secret
+* @deprecated Preview token signing now reads `app.config.secret` in server
+* route handlers. Pass a secret explicitly when using standalone helpers.
 */
-function getPreviewSecret() {
-	const secret = process.env.PREVIEW_SECRET || process.env.SECRET || "dev-preview-secret";
-	if (process.env.NODE_ENV === "production" && secret === "dev-preview-secret") console.warn("[preview] Using default secret in production. Set PREVIEW_SECRET or SECRET env var.");
-	return secret;
+function getPreviewSecret(secret) {
+	return secret ?? "dev-preview-secret";
 }
 //#endregion

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/admin",
-	"version": "3.2.6",
+	"version": "3.3.0",
 	"repository": {
 		"type": "git",
 		"url": "https://github.com/questpie/questpie.git",
@@ -62,7 +62,7 @@
 		"@fontsource-variable/jetbrains-mono": "^5.2.8",
 		"@hookform/resolvers": "^5.1.0",
 		"@iconify/react": "^6.0.2",
-		"@questpie/tanstack-query": "^3.2.6",
+		"@questpie/tanstack-query": "^3.3.0",
 		"@tailwindcss/vite": "^4.0.6",
 		"@tiptap/core": "^2.x",
 		"@tiptap/extension-character-count": "^2.x",
@@ -88,7 +88,7 @@
 		"date-fns": "^4.1.0",
 		"lowlight": "^3.x",
 		"next-themes": "^0.4.6",
-		"questpie": "^3.2.6",
+		"questpie": "^3.3.0",
 		"react-day-picker": "^9.12.0",
 		"react-hook-form": "^7.54.0",
 		"react-resizable-panels": "^4.4.2",