@questpie/admin 3.2.7 → 3.4.0

package/dist/server/modules/admin/index.d.mts

@@ -10,7 +10,6 @@ import "./index.mjs";
 import * as zod0 from "zod";
 import * as questpie0 from "questpie";
 import * as better_auth0 from "better-auth";
-import * as better_call0 from "better-call";
 import * as better_auth_plugins0 from "better-auth/plugins";
 import * as zod_v4_core0 from "zod/v4/core";
 import * as questpie_src_server_modules_core_fields_email_js0 from "questpie/src/server/modules/core/fields/email.js";
@@ -168,18 +167,18 @@ declare const adminModule: {
           hooks: {
             after: {
               matcher(context: better_auth0.HookEndpointContext): boolean;
-              handler: (inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<better_auth_plugins0.SessionWithImpersonatedBy[] | undefined>;
+              handler: (inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<better_auth_plugins0.SessionWithImpersonatedBy[] | undefined>;
             }[];
           };
           endpoints: {
-            setRole: better_call0.StrictEndpoint<"/admin/set-role", {
+            setRole: better_auth0.StrictEndpoint<"/admin/set-role", {
               method: "POST";
               body: zod0.ZodObject<{
                 userId: zod0.ZodCoercedString<unknown>;
                 role: zod0.ZodUnion<readonly [zod0.ZodString, zod0.ZodArray<zod0.ZodString>]>;
               }, zod_v4_core0.$strip>;
               requireHeaders: true;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -227,12 +226,12 @@ declare const adminModule: {
             }, {
               user: better_auth_plugins0.UserWithRole;
             }>;
-            getUser: better_call0.StrictEndpoint<"/admin/get-user", {
+            getUser: better_auth0.StrictEndpoint<"/admin/get-user", {
               method: "GET";
               query: zod0.ZodObject<{
                 id: zod0.ZodString;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -272,7 +271,7 @@ declare const adminModule: {
                 };
               };
             }, better_auth_plugins0.UserWithRole>;
-            createUser: better_call0.StrictEndpoint<"/admin/create-user", {
+            createUser: better_auth0.StrictEndpoint<"/admin/create-user", {
               method: "POST";
               body: zod0.ZodObject<{
                 email: zod0.ZodString;
@@ -317,13 +316,13 @@ declare const adminModule: {
             }, {
               user: better_auth_plugins0.UserWithRole;
             }>;
-            adminUpdateUser: better_call0.StrictEndpoint<"/admin/update-user", {
+            adminUpdateUser: better_auth0.StrictEndpoint<"/admin/update-user", {
               method: "POST";
               body: zod0.ZodObject<{
                 userId: zod0.ZodCoercedString<unknown>;
                 data: zod0.ZodRecord<zod0.ZodAny, zod0.ZodAny>;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -363,9 +362,9 @@ declare const adminModule: {
                 };
               };
             }, better_auth_plugins0.UserWithRole>;
-            listUsers: better_call0.StrictEndpoint<"/admin/list-users", {
+            listUsers: better_auth0.StrictEndpoint<"/admin/list-users", {
               method: "GET";
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -455,9 +454,9 @@ declare const adminModule: {
               users: better_auth_plugins0.UserWithRole[];
               total: number;
             }>;
-            listUserSessions: better_call0.StrictEndpoint<"/admin/list-user-sessions", {
+            listUserSessions: better_auth0.StrictEndpoint<"/admin/list-user-sessions", {
               method: "POST";
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -505,12 +504,12 @@ declare const adminModule: {
             }, {
               sessions: better_auth_plugins0.SessionWithImpersonatedBy[];
             }>;
-            unbanUser: better_call0.StrictEndpoint<"/admin/unban-user", {
+            unbanUser: better_auth0.StrictEndpoint<"/admin/unban-user", {
               method: "POST";
               body: zod0.ZodObject<{
                 userId: zod0.ZodCoercedString<unknown>;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -552,14 +551,14 @@ declare const adminModule: {
             }, {
               user: better_auth_plugins0.UserWithRole;
             }>;
-            banUser: better_call0.StrictEndpoint<"/admin/ban-user", {
+            banUser: better_auth0.StrictEndpoint<"/admin/ban-user", {
               method: "POST";
               body: zod0.ZodObject<{
                 userId: zod0.ZodCoercedString<unknown>;
                 banReason: zod0.ZodOptional<zod0.ZodString>;
                 banExpiresIn: zod0.ZodOptional<zod0.ZodNumber>;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -601,12 +600,12 @@ declare const adminModule: {
             }, {
               user: better_auth_plugins0.UserWithRole;
             }>;
-            impersonateUser: better_call0.StrictEndpoint<"/admin/impersonate-user", {
+            impersonateUser: better_auth0.StrictEndpoint<"/admin/impersonate-user", {
               method: "POST";
               body: zod0.ZodObject<{
                 userId: zod0.ZodCoercedString<unknown>;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -661,7 +660,7 @@ declare const adminModule: {
               };
               user: better_auth_plugins0.UserWithRole;
             }>;
-            stopImpersonating: better_call0.StrictEndpoint<"/admin/stop-impersonating", {
+            stopImpersonating: better_auth0.StrictEndpoint<"/admin/stop-impersonating", {
               method: "POST";
               requireHeaders: true;
             }, {
@@ -685,12 +684,12 @@ declare const adminModule: {
                 image?: string | null | undefined;
               } & Record<string, any>;
             }>;
-            revokeUserSession: better_call0.StrictEndpoint<"/admin/revoke-user-session", {
+            revokeUserSession: better_auth0.StrictEndpoint<"/admin/revoke-user-session", {
               method: "POST";
               body: zod0.ZodObject<{
                 sessionToken: zod0.ZodString;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -732,12 +731,12 @@ declare const adminModule: {
             }, {
               success: boolean;
             }>;
-            revokeUserSessions: better_call0.StrictEndpoint<"/admin/revoke-user-sessions", {
+            revokeUserSessions: better_auth0.StrictEndpoint<"/admin/revoke-user-sessions", {
               method: "POST";
               body: zod0.ZodObject<{
                 userId: zod0.ZodCoercedString<unknown>;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -779,12 +778,12 @@ declare const adminModule: {
             }, {
               success: boolean;
             }>;
-            removeUser: better_call0.StrictEndpoint<"/admin/remove-user", {
+            removeUser: better_auth0.StrictEndpoint<"/admin/remove-user", {
               method: "POST";
               body: zod0.ZodObject<{
                 userId: zod0.ZodCoercedString<unknown>;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -826,13 +825,13 @@ declare const adminModule: {
             }, {
               success: boolean;
             }>;
-            setUserPassword: better_call0.StrictEndpoint<"/admin/set-user-password", {
+            setUserPassword: better_auth0.StrictEndpoint<"/admin/set-user-password", {
               method: "POST";
               body: zod0.ZodObject<{
                 newPassword: zod0.ZodString;
                 userId: zod0.ZodCoercedString<unknown>;
               }, zod_v4_core0.$strip>;
-              use: ((inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 session: {
                   user: better_auth_plugins0.UserWithRole;
                   session: {
@@ -874,7 +873,7 @@ declare const adminModule: {
             }, {
               status: boolean;
             }>;
-            userHasPermission: better_call0.StrictEndpoint<"/admin/has-permission", {
+            userHasPermission: better_auth0.StrictEndpoint<"/admin/has-permission", {
               method: "POST";
               body: zod0.ZodIntersection<zod0.ZodObject<{
                 userId: zod0.ZodOptional<zod0.ZodCoercedString<unknown>>;
@@ -1007,7 +1006,7 @@ declare const adminModule: {
           hooks: {
             before: {
               matcher(context: better_auth0.HookEndpointContext): boolean;
-              handler: (inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<{
+              handler: (inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
                 context: {
                   headers: Headers;
                 };
@@ -1015,7 +1014,7 @@ declare const adminModule: {
             }[];
             after: {
               matcher(context: better_auth0.HookEndpointContext): true;
-              handler: (inputContext: better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>) => Promise<void>;
+              handler: (inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<void>;
             }[];
           };
           options: better_auth_plugins0.BearerOptions | undefined;

package/dist/server/modules/admin/routes/admin-config.d.mts

@@ -1,28 +1,13 @@
-import * as questpie367 from "questpie";
+import * as questpie454 from "questpie";
 
 //#region src/server/modules/admin/routes/admin-config.d.ts
 
-/**
- * Admin Config Functions
- *
- * Provides server-defined admin configuration (dashboard, sidebar,
- * collection/global metadata) to the client via RPC.
- *
- * Filters results by the current user's read access.
- *
- * @example
- * ```ts
- * // Client usage
- * const config = await client.routes.getAdminConfig({});
- * // { dashboard: {...}, sidebar: {...}, collections: {...}, globals: {...} }
- * ```
- */
 /**
  * Admin config route handlers.
  * Registered via module routes and exposed through the fetch handler.
  */
 declare const adminConfigFunctions: {
-  readonly getAdminConfig: questpie367.JsonRouteDefinition<Record<string, never> | undefined, any, questpie367.JsonRouteParams>;
+  readonly getAdminConfig: questpie454.JsonRouteDefinition<Record<string, never> | undefined, any, questpie454.JsonRouteParams>;
 };
 //#endregion
 export { adminConfigFunctions };

package/dist/server/modules/admin/routes/admin-config.mjs

@@ -1,5 +1,5 @@
-import { introspectBlocks } from "../block/introspection.mjs";
 import { resolveDashboardCallback, resolveSidebarCallback } from "../../../proxy-factories.mjs";
+import { introspectBlocks } from "../block/introspection.mjs";
 import { adminConfigDTOSchema } from "../dto/admin-config.dto.mjs";
 import { getAccessContext, getAdminConfig as getAdminConfig$1, getApp, getAppState, getCollectionState, getGlobalState } from "./route-helpers.mjs";
 import { z } from "zod";
@@ -21,6 +21,21 @@ import { executeAccessRule, route } from "questpie";
 * // { dashboard: {...}, sidebar: {...}, collections: {...}, globals: {...} }
 * ```
 */
+function isPlainRecord(value) {
+	if (value === null || typeof value !== "object") return false;
+	const proto = Object.getPrototypeOf(value);
+	return proto === Object.prototype || proto === null;
+}
+function stripUndefinedDeep(value) {
+	if (Array.isArray(value)) return value.filter((item) => item !== void 0).map((item) => stripUndefinedDeep(item));
+	if (!isPlainRecord(value)) return value;
+	const result = {};
+	for (const [key, child] of Object.entries(value)) {
+		if (child === void 0) continue;
+		result[key] = stripUndefinedDeep(child);
+	}
+	return result;
+}
 /**
 * Check if the current user has read access to a collection or global.
 * Returns true if accessible, false if denied.
@@ -468,7 +483,7 @@ async function processDashboardItems(items, accessibleCollections, accessCtx) {
 				if (action.action?.type === "create") return accessibleCollections.has(action.action.collection);
 				return true;
 			});
-			const { loader: loader$1, access: access$1, filterFn: filterFn$1, ...serializable$1 } = widget;
+			const { loader: loader$1, access: _access$1, filterFn: _filterFn$1, ...serializable$1 } = widget;
 			if (loader$1) serializable$1.hasLoader = true;
 			if (serializable$1.label && !serializable$1.title) serializable$1.title = serializable$1.label;
 			result.push({
@@ -478,7 +493,7 @@ async function processDashboardItems(items, accessibleCollections, accessCtx) {
 			});
 			continue;
 		}
-		const { loader, access, filterFn, ...serializable } = widget;
+		const { loader, access: _access, filterFn: _filterFn, ...serializable } = widget;
 		if (loader) serializable.hasLoader = true;
 		if (serializable.label && !serializable.title) serializable.title = serializable.label;
 		result.push(serializable);
@@ -497,7 +512,7 @@ const getAdminConfigOutputSchema = adminConfigDTOSchema;
 * ```ts title="questpie/server/config/admin.ts"
 * import { adminConfig } from "#questpie/factories";
 *
-* export default adminConfig({
+* export const config = adminConfig({
 *   dashboard: { items: [] },
 *   sidebar: { sections: [], items: [] },
 * });
@@ -527,6 +542,7 @@ const getAdminConfig = route().post().schema(getAdminConfigSchema).outputSchema(
 		defaultCollection: uploadCollections.length === 1 ? uploadCollections[0] : void 0
 	};
 	if (adminCfg.branding) response.branding = adminCfg.branding;
+	if (adminCfg.shell) response.shell = adminCfg.shell;
 	if (adminCfg.dashboard) {
 		let dashboard;
 		if (isLegacyDashboardConfig(adminCfg.dashboard)) dashboard = adminCfg.dashboard;
@@ -555,7 +571,7 @@ const getAdminConfig = route().post().schema(getAdminConfigSchema).outputSchema(
 	if (appState.blocks && Object.keys(appState.blocks).length > 0) response.blocks = introspectBlocks(appState.blocks);
 	response.collections = filteredCollectionsMeta;
 	response.globals = filteredGlobalsMeta;
-	return response;
+	return stripUndefinedDeep(response);
 });
 /**
 * Admin config route handlers.

package/dist/server/modules/admin/routes/execute-action.d.mts

@@ -1,7 +1,7 @@
 import { ServerActionDefinition, ServerActionResult } from "../../../augmentation/actions.mjs";
 import "../../../augmentation.mjs";
 import { App } from "./route-helpers.mjs";
-import * as questpie64 from "questpie";
+import * as questpie123 from "questpie";
 
 //#region src/server/modules/admin/routes/execute-action.d.ts
 
@@ -56,37 +56,37 @@ declare function executeAction(app: App, request: ExecuteActionRequest, session?
  * });
  * ```
  */
-declare const executeActionFn: questpie64.JsonRouteDefinition<{
+declare const executeActionFn: questpie123.JsonRouteDefinition<{
   collection: string;
   actionId: string;
   itemId?: string | undefined;
   itemIds?: string[] | undefined;
   data?: Record<string, unknown> | undefined;
   locale?: string | undefined;
-}, any, questpie64.JsonRouteParams>;
+}, any, questpie123.JsonRouteParams>;
 /**
  * Get actions configuration for a collection.
  * Returns action definitions without handlers for client rendering.
  */
-declare const getActionsConfigFn: questpie64.JsonRouteDefinition<{
+declare const getActionsConfigFn: questpie123.JsonRouteDefinition<{
   collection: string;
-}, any, questpie64.JsonRouteParams>;
+}, any, questpie123.JsonRouteParams>;
 /**
  * QUESTPIE functions for action execution.
  * These are registered on the `adminModule`.
  */
 declare const actionFunctions: {
-  executeAction: questpie64.JsonRouteDefinition<{
+  executeAction: questpie123.JsonRouteDefinition<{
     collection: string;
     actionId: string;
     itemId?: string | undefined;
     itemIds?: string[] | undefined;
     data?: Record<string, unknown> | undefined;
     locale?: string | undefined;
-  }, any, questpie64.JsonRouteParams>;
-  getActionsConfig: questpie64.JsonRouteDefinition<{
+  }, any, questpie123.JsonRouteParams>;
+  getActionsConfig: questpie123.JsonRouteDefinition<{
     collection: string;
-  }, any, questpie64.JsonRouteParams>;
+  }, any, questpie123.JsonRouteParams>;
 };
 //#endregion
 export { ExecuteActionRequest, ExecuteActionResponse, actionFunctions, executeAction, executeActionFn, getActionsConfig, getActionsConfigFn };

package/dist/server/modules/admin/routes/execute-action.mjs

@@ -1,4 +1,4 @@
-import { getApp, getAppState, getSession } from "./route-helpers.mjs";
+import { getApp, getCollection, getCollectionCrud, getCollectionCruds, getGlobalCruds, getSession } from "./route-helpers.mjs";
 import { translateAdminMessage } from "./i18n-helpers.mjs";
 import { z } from "zod";
 import { route } from "questpie";
@@ -26,7 +26,7 @@ import { route } from "questpie";
 * Returns action definitions without handlers (for client-side rendering).
 */
 function getActionsConfig(app, collectionSlug) {
-	const collection$1 = getAppState(app).collections?.[collectionSlug];
+	const collection$1 = getCollection(app, collectionSlug);
 	if (!collection$1) return null;
 	const actionsConfig = (collection$1.state || collection$1).adminActions;
 	if (!actionsConfig) return {
@@ -98,7 +98,7 @@ function serializeActionFormFields(fields) {
 */
 async function executeAction(app, request, session) {
 	const { collection: collectionSlug, actionId, itemId, itemIds, data, locale } = request;
-	const collection$1 = getAppState(app).collections?.[collectionSlug];
+	const collection$1 = getCollection(app, collectionSlug);
 	const t = (key, params) => translateAdminMessage(locale, key, params);
 	if (!collection$1) return {
 		success: false,
@@ -148,8 +148,8 @@ async function executeAction(app, request, session) {
 			itemId,
 			itemIds,
 			auth: appRec.auth,
-			collections: appRec.api?.collections,
-			globals: appRec.api?.globals,
+			collections: getCollectionCruds(app),
+			globals: getGlobalCruds(app),
 			db: appRec.db,
 			session,
 			locale
@@ -177,7 +177,7 @@ async function executeBuiltinAction(app, params) {
 	const { collectionSlug, actionId, itemId, itemIds, data, locale } = params;
 	const t = (key, messageParams) => translateAdminMessage(locale, key, messageParams);
 	const appRec = app;
-	const collectionCrud = appRec.api?.collections?.[collectionSlug];
+	const collectionCrud = getCollectionCrud(app, collectionSlug);
 	const crudContext = {
 		db: appRec.db,
 		session: params.session,
@@ -186,7 +186,7 @@ async function executeBuiltinAction(app, params) {
 	try {
 		switch (actionId) {
 			case "create": {
-				const result = await appRec.create(collectionSlug, data || {});
+				const result = collectionCrud?.create ? await collectionCrud.create(data || {}, crudContext) : await appRec.create(collectionSlug, data || {});
 				return {
 					success: true,
 					result: {
@@ -207,7 +207,11 @@ async function executeBuiltinAction(app, params) {
 						toast: { message: t("action.itemIdRequired.save") }
 					}
 				};
-				await appRec.update(collectionSlug, itemId, data || {});
+				if (collectionCrud?.updateById) await collectionCrud.updateById({
+					id: itemId,
+					data: data || {}
+				}, crudContext);
+				else await appRec.update(collectionSlug, itemId, data || {});
 				return {
 					success: true,
 					result: {
@@ -224,7 +228,8 @@ async function executeBuiltinAction(app, params) {
 						toast: { message: t("action.itemIdRequired.delete") }
 					}
 				};
-				await appRec.delete(collectionSlug, itemId);
+				if (collectionCrud?.deleteById) await collectionCrud.deleteById({ id: itemId }, crudContext);
+				else await appRec.delete(collectionSlug, itemId);
 				return {
 					success: true,
 					result: {
@@ -244,7 +249,8 @@ async function executeBuiltinAction(app, params) {
 						toast: { message: t("action.itemIdsRequired.bulkDelete") }
 					}
 				};
-				await Promise.all(itemIds.map((id) => appRec.delete(collectionSlug, id)));
+				if (collectionCrud?.deleteById) await Promise.all(itemIds.map((id) => collectionCrud.deleteById({ id }, crudContext)));
+				else await Promise.all(itemIds.map((id) => appRec.delete(collectionSlug, id)));
 				return {
 					success: true,
 					result: {
@@ -314,7 +320,7 @@ async function executeBuiltinAction(app, params) {
 						toast: { message: t("action.itemIdRequired.duplicate") }
 					}
 				};
-				const original = await appRec.findById(collectionSlug, itemId);
+				const original = collectionCrud?.findOne ? await collectionCrud.findOne({ where: { id: itemId } }, crudContext) : await appRec.findById(collectionSlug, itemId);
 				if (!original) return {
 					success: false,
 					result: {
@@ -323,7 +329,7 @@ async function executeBuiltinAction(app, params) {
 					}
 				};
 				const { id, createdAt, updatedAt, ...duplicateData } = original;
-				const duplicated = await appRec.create(collectionSlug, duplicateData);
+				const duplicated = collectionCrud?.create ? await collectionCrud.create(duplicateData, crudContext) : await appRec.create(collectionSlug, duplicateData);
 				return {
 					success: true,
 					result: {

package/dist/server/modules/admin/routes/i18n-helpers.d.mts

@@ -0,0 +1,4 @@
+//#region src/server/modules/admin/routes/i18n-helpers.d.ts
+declare function translateAdminMessage(locale: string | undefined, key: string, params?: Record<string, unknown>): string;
+//#endregion
+export { translateAdminMessage };

package/dist/server/modules/admin/routes/locales.d.mts

@@ -1,4 +1,4 @@
-import * as questpie395 from "questpie";
+import * as questpie456 from "questpie";
 
 //#region src/server/modules/admin/routes/locales.d.ts
 
@@ -12,7 +12,7 @@ import * as questpie395 from "questpie";
  * Bundle of locale-related functions.
  */
 declare const localeFunctions: {
-  readonly getContentLocales: questpie395.JsonRouteDefinition<Record<string, never> | undefined, any, questpie395.JsonRouteParams>;
+  readonly getContentLocales: questpie456.JsonRouteDefinition<Record<string, never> | undefined, any, questpie456.JsonRouteParams>;
 };
 //#endregion
 export { localeFunctions };

package/dist/server/modules/admin/routes/preview.d.mts

@@ -1,4 +1,4 @@
-import * as questpie88 from "questpie";
+import * as questpie113 from "questpie";
 
 //#region src/server/modules/admin/routes/preview.d.ts
 
@@ -10,6 +10,9 @@ import * as questpie88 from "questpie";
  *
  * Browser-safe utilities (isDraftMode, createDraftModeCookie, etc.) are in @questpie/admin/shared
  */
+type PreviewSecretResolverContext = Record<string, any>;
+type PreviewSecretResolver = (ctx: PreviewSecretResolverContext) => string | Promise<string>;
+type PreviewSecretSource = string | PreviewSecretResolver;
 interface PreviewTokenPayload {
   path: string;
   exp: number;
@@ -17,17 +20,18 @@ interface PreviewTokenPayload {
 /**
  * Create preview-related RPC functions.
  *
- * @param secret - Secret key for signing tokens
+ * @param secret - Secret key or resolver for signing tokens. Defaults to
+ *   `app.config.secret` from the current route context.
  * @returns Object with preview functions
  */
-declare function createPreviewFunctions(secret: string): {
-  mintPreviewToken: questpie88.JsonRouteDefinition<{
+declare function createPreviewFunctions(secret?: PreviewSecretSource): {
+  mintPreviewToken: questpie113.JsonRouteDefinition<{
     path: string;
     ttlMs?: number | undefined;
-  }, any, questpie88.JsonRouteParams>;
-  verifyPreviewToken: questpie88.JsonRouteDefinition<{
+  }, any, questpie113.JsonRouteParams>;
+  verifyPreviewToken: questpie113.JsonRouteDefinition<{
     token: string;
-  }, any, questpie88.JsonRouteParams>;
+  }, any, questpie113.JsonRouteParams>;
 };
 /**
  * Verify a preview token without RPC.
@@ -37,44 +41,45 @@ declare function createPreviewFunctions(secret: string): {
  * @param secret - The secret used to sign the token
  * @returns The payload if valid, null otherwise
  */
-declare function verifyPreviewTokenDirect(token: string, secret: string): PreviewTokenPayload | null;
+declare function verifyPreviewTokenDirect(token: string, secret: string): Promise<PreviewTokenPayload | null>;
 /**
  * Create a preview token verifier with bound secret.
  * Use this in route handlers to avoid passing secret repeatedly.
  *
- * @param secret - The secret used to sign tokens (optional, uses env if not provided)
+ * @param secret - The secret used to sign tokens.
  * @returns A verify function that only needs the token
  *
  * @example
  * ```ts
  * // Create once at module level
- * const verifyPreviewToken = createPreviewTokenVerifier();
+ * const verifyPreviewToken = createPreviewTokenVerifier(secret);
  *
  * // Use in route handler
- * const payload = verifyPreviewToken(token);
+ * const payload = await verifyPreviewToken(token);
  * if (!payload) {
  *   return new Response("Invalid token", { status: 401 });
  * }
  * ```
  */
-declare function createPreviewTokenVerifier(secret?: string): (token: string) => PreviewTokenPayload | null;
+declare function createPreviewTokenVerifier(secret: string): (token: string) => Promise<PreviewTokenPayload | null>;
 /**
- * Default preview functions bundle with env-based secret.
+ * Default preview functions bundle. The route handlers resolve the token
+ * secret from `app.config.secret` at request time.
  * Used by the `adminModule` to register preview RPC functions.
  */
 declare const previewFunctions: {
-  getPreviewUrl: questpie88.JsonRouteDefinition<{
+  getPreviewUrl: questpie113.JsonRouteDefinition<{
     collection: string;
     record: Record<string, unknown>;
     locale?: string | undefined;
-  }, any, questpie88.JsonRouteParams>;
-  mintPreviewToken: questpie88.JsonRouteDefinition<{
+  }, any, questpie113.JsonRouteParams>;
+  mintPreviewToken: questpie113.JsonRouteDefinition<{
     path: string;
     ttlMs?: number | undefined;
-  }, any, questpie88.JsonRouteParams>;
-  verifyPreviewToken: questpie88.JsonRouteDefinition<{
+  }, any, questpie113.JsonRouteParams>;
+  verifyPreviewToken: questpie113.JsonRouteDefinition<{
     token: string;
-  }, any, questpie88.JsonRouteParams>;
+  }, any, questpie113.JsonRouteParams>;
 };
 //#endregion
 export { PreviewTokenPayload, createPreviewFunctions, createPreviewTokenVerifier, previewFunctions, verifyPreviewTokenDirect };