npm - @rangka/core - Versions diffs - 0.1.1 → 0.1.3 - Mend

@rangka/core 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (197) hide show

package/package.json +6 -2
package/.claude/skills/extend-core/SKILL.md +0 -133
package/.turbo/turbo-build.log +0 -4
package/CHANGELOG.md +0 -25
package/CLAUDE.md +0 -180
package/src/__tests__/coerce.test.ts +0 -154
package/src/__tests__/context.test.ts +0 -111
package/src/__tests__/helpers.ts +0 -21
package/src/__tests__/index.test.ts +0 -7
package/src/__tests__/widgets.test.ts +0 -197
package/src/api/__tests__/handlers.test.ts +0 -389
package/src/api/__tests__/include-resolver.test.ts +0 -393
package/src/api/__tests__/middleware.test.ts +0 -100
package/src/api/__tests__/openapi-schema.test.ts +0 -210
package/src/api/__tests__/query-parser.test.ts +0 -291
package/src/api/__tests__/route-generator.test.ts +0 -137
package/src/api/__tests__/server.test.ts +0 -73
package/src/api/__tests__/swagger.test.ts +0 -166
package/src/api/handlers.ts +0 -274
package/src/api/include-resolver.ts +0 -27
package/src/api/index.ts +0 -4
package/src/api/meta-handler.ts +0 -254
package/src/api/openapi-schema.ts +0 -99
package/src/api/query-parser.ts +0 -315
package/src/api/route-generator.ts +0 -448
package/src/api/server.ts +0 -147
package/src/api/types.ts +0 -16
package/src/audit/__tests__/audit.test.ts +0 -144
package/src/audit/index.ts +0 -3
package/src/audit/record.ts +0 -69
package/src/audit/tables.ts +0 -48
package/src/audit/types.ts +0 -26
package/src/auth/__tests__/core-module.test.ts +0 -54
package/src/auth/__tests__/debug.test.ts +0 -47
package/src/auth/__tests__/field-permissions.test.ts +0 -245
package/src/auth/__tests__/integration.test.ts +0 -208
package/src/auth/__tests__/meta-boot.test.ts +0 -538
package/src/auth/__tests__/model-permissions.test.ts +0 -205
package/src/auth/__tests__/password.test.ts +0 -29
package/src/auth/__tests__/permission-registry.test.ts +0 -313
package/src/auth/__tests__/scope-hook.test.ts +0 -509
package/src/auth/__tests__/scope-registry.test.ts +0 -297
package/src/auth/__tests__/scopes.test.ts +0 -66
package/src/auth/__tests__/session.test.ts +0 -214
package/src/auth/core-models.ts +0 -52
package/src/auth/core-module.ts +0 -59
package/src/auth/debug.ts +0 -157
package/src/auth/field-permissions.ts +0 -116
package/src/auth/index.ts +0 -37
package/src/auth/model-permissions.ts +0 -59
package/src/auth/password.ts +0 -22
package/src/auth/permission-registry.ts +0 -171
package/src/auth/scope-filters.ts +0 -11
package/src/auth/scope-registry.ts +0 -121
package/src/auth/scopes.ts +0 -146
package/src/auth/seed.ts +0 -44
package/src/auth/session.ts +0 -178
package/src/auth/types.ts +0 -50
package/src/boot/__tests__/page-scanning.test.ts +0 -170
package/src/boot/__tests__/page-utils.test.ts +0 -225
package/src/boot/__tests__/project-scanner.test.ts +0 -88
package/src/boot/dependency-sort.ts +0 -82
package/src/boot/discovery.ts +0 -85
package/src/boot/index.ts +0 -457
package/src/boot/page-utils.ts +0 -110
package/src/boot/project-scanner.ts +0 -397
package/src/boot/schema-loader.ts +0 -26
package/src/boot/schema-merger.ts +0 -125
package/src/boot/traits.ts +0 -25
package/src/boot/types.ts +0 -73
package/src/context.ts +0 -105
package/src/db/__tests__/cascade-delete.test.ts +0 -182
package/src/db/__tests__/desired-state.test.ts +0 -136
package/src/db/__tests__/diff-engine.test.ts +0 -635
package/src/db/__tests__/field-mapper.test.ts +0 -355
package/src/db/__tests__/introspect.test.ts +0 -70
package/src/db/__tests__/search-filter.test.ts +0 -45
package/src/db/__tests__/sequence.test.ts +0 -221
package/src/db/auto-sync.ts +0 -133
package/src/db/client.ts +0 -147
package/src/db/desired-state.ts +0 -98
package/src/db/diff-engine.ts +0 -305
package/src/db/field-mapper.ts +0 -504
package/src/db/filter-applier.ts +0 -89
package/src/db/include-resolver.ts +0 -40
package/src/db/index.ts +0 -23
package/src/db/introspect.ts +0 -265
package/src/db/model-include-resolver.ts +0 -327
package/src/db/model-ops.ts +0 -281
package/src/db/scope-enforcer.ts +0 -37
package/src/db/types.ts +0 -98
package/src/errors.ts +0 -41
package/src/events/__tests__/bus.test.ts +0 -105
package/src/events/bus.ts +0 -89
package/src/events/index.ts +0 -2
package/src/events/types.ts +0 -9
package/src/external-model/__tests__/computed-fields.test.ts +0 -106
package/src/external-model/__tests__/field-mapper.test.ts +0 -160
package/src/external-model/__tests__/in-memory-ops.test.ts +0 -247
package/src/external-model/__tests__/mutation-executor.test.ts +0 -160
package/src/external-model/__tests__/query-executor.test.ts +0 -284
package/src/external-model/__tests__/schema-converter.test.ts +0 -174
package/src/external-model/computed-fields.ts +0 -15
package/src/external-model/define.ts +0 -5
package/src/external-model/external-model-ops.ts +0 -108
package/src/external-model/field-mapper.ts +0 -66
package/src/external-model/in-memory-ops.ts +0 -107
package/src/external-model/index.ts +0 -7
package/src/external-model/mutation-executor.ts +0 -71
package/src/external-model/query-executor.ts +0 -100
package/src/external-model/schema-converter.ts +0 -53
package/src/external-model/types.ts +0 -32
package/src/fixtures/__tests__/fixtures.test.ts +0 -203
package/src/fixtures/index.ts +0 -10
package/src/fixtures/loader.ts +0 -196
package/src/fixtures/registry.ts +0 -125
package/src/fixtures/types.ts +0 -33
package/src/helpers/assert-ownership.ts +0 -19
package/src/helpers/coerce.ts +0 -28
package/src/helpers/stamping.ts +0 -28
package/src/helpers/validation.ts +0 -14
package/src/hooks/__tests__/context.test.ts +0 -73
package/src/hooks/__tests__/executor.test.ts +0 -433
package/src/hooks/__tests__/middleware.test.ts +0 -224
package/src/hooks/__tests__/registry.test.ts +0 -50
package/src/hooks/context.ts +0 -89
package/src/hooks/errors.ts +0 -11
package/src/hooks/executor.ts +0 -115
package/src/hooks/index.ts +0 -10
package/src/hooks/middleware.ts +0 -220
package/src/hooks/registry.ts +0 -20
package/src/hooks/types.ts +0 -32
package/src/index.ts +0 -172
package/src/jobs/__tests__/enqueue.test.ts +0 -77
package/src/jobs/__tests__/integration.test.ts +0 -71
package/src/jobs/__tests__/registry.test.ts +0 -103
package/src/jobs/__tests__/scheduler.test.ts +0 -92
package/src/jobs/__tests__/worker-execution.test.ts +0 -202
package/src/jobs/__tests__/worker.test.ts +0 -119
package/src/jobs/enqueue.ts +0 -93
package/src/jobs/index.ts +0 -14
package/src/jobs/registry.ts +0 -92
package/src/jobs/scheduler.ts +0 -205
package/src/jobs/tables.ts +0 -132
package/src/jobs/types.ts +0 -62
package/src/jobs/worker.ts +0 -272
package/src/model-api/__tests__/cross-boundary-includes.test.ts +0 -366
package/src/model-api/__tests__/extended-api.test.ts +0 -244
package/src/model-api/__tests__/filter-applier.test.ts +0 -177
package/src/model-api/__tests__/filter-translator.test.ts +0 -186
package/src/model-api/__tests__/include-resolver.test.ts +0 -226
package/src/model-api/__tests__/model-access.test.ts +0 -284
package/src/model-api/__tests__/query-builder.test.ts +0 -224
package/src/model-api/__tests__/scope-enforcer.test.ts +0 -268
package/src/model-api/field-access.ts +0 -28
package/src/model-api/filter-applier.ts +0 -1
package/src/model-api/filter-translator.ts +0 -67
package/src/model-api/include-resolver.ts +0 -2
package/src/model-api/index.ts +0 -86
package/src/model-api/query-builder.ts +0 -155
package/src/model-api/scope-enforcer.ts +0 -3
package/src/model-api/types.ts +0 -139
package/src/plugins/__tests__/adapter-registry.test.ts +0 -92
package/src/plugins/__tests__/lifecycle.test.ts +0 -96
package/src/plugins/__tests__/loader.test.ts +0 -273
package/src/plugins/__tests__/validator.test.ts +0 -275
package/src/plugins/adapter-registry.ts +0 -42
package/src/plugins/define.ts +0 -5
package/src/plugins/index.ts +0 -28
package/src/plugins/lifecycle.ts +0 -27
package/src/plugins/loader.ts +0 -126
package/src/plugins/types.ts +0 -76
package/src/plugins/validator.ts +0 -141
package/src/schema/__tests__/registry-models-by-module.test.ts +0 -58
package/src/schema/registry.ts +0 -93
package/src/schema/relationships.ts +0 -93
package/src/schema/types.ts +0 -43
package/src/services/__tests__/integration.test.ts +0 -63
package/src/services/__tests__/registry.test.ts +0 -175
package/src/services/index.ts +0 -13
package/src/services/registry.ts +0 -156
package/src/services/types.ts +0 -27
package/src/validation/__tests__/field-validator.test.ts +0 -195
package/src/validation/field-validator.ts +0 -113
package/src/validation/index.ts +0 -1
package/src/widgets/index.ts +0 -3
package/src/widgets/slot-validator.ts +0 -87
package/src/widgets/widget-registry.ts +0 -32
package/tests/boot.test.ts +0 -323
package/tests/dependency-sort.test.ts +0 -99
package/tests/discovery.test.ts +0 -126
package/tests/registry.test.ts +0 -216
package/tests/schema-loader.test.ts +0 -52
package/tests/schema-merger.test.ts +0 -180
package/tsconfig.json +0 -9
package/tsconfig.tsbuildinfo +0 -1
package/vitest.config.ts +0 -14

package/src/auth/__tests__/meta-boot.test.ts DELETED Viewed

@@ -1,538 +0,0 @@
-import { describe, it, expect } from 'vitest';
-import { PermissionRegistry } from '../permission-registry.js';
-import { createAuthHook } from '../session.js';
-import { createMetaBootHandler } from '../../api/meta-handler.js';
-import type { MetaBootContext } from '../../api/meta-handler.js';
-import { SchemaRegistry } from '../../schema/registry.js';
-import type { ResolvedModel } from '../../schema/types.js';
-import type { ModuleConfig, PageDefinition } from '@rangka/shared';
-import { hashPassword } from '../password.js';
-import { createTestServer } from '../../__tests__/helpers.js';
-const orderModel: ResolvedModel = {
-  qualifiedName: 'sales.order',
-  app: 'sales',
-  module: 'sales',
-  name: 'order',
-  label: 'Sales Order',
-  auditLog: false,
-  traits: [],
-  fields: [
-    {
-      name: 'id',
-      config: { type: 'string', required: true } as any,
-      provenance: { source: 'base' },
-    },
-    {
-      name: 'customer',
-      config: { type: 'link', model: 'sales.customer', label: 'Customer' } as any,
-      provenance: { source: 'base' },
-    },
-    {
-      name: 'total',
-      config: { type: 'decimal', label: 'Total' } as any,
-      provenance: { source: 'base' },
-    },
-    {
-      name: 'status',
-      config: { type: 'enum', options: ['draft', 'confirmed'], label: 'Status' } as any,
-      provenance: { source: 'base' },
-    },
-  ],
-  indexes: [],
-};
-const payslipModel: ResolvedModel = {
-  qualifiedName: 'hr.payslip',
-  app: 'hr',
-  module: 'hr',
-  name: 'payslip',
-  label: 'Payslip',
-  auditLog: false,
-  traits: [],
-  fields: [
-    {
-      name: 'id',
-      config: { type: 'string', required: true } as any,
-      provenance: { source: 'base' },
-    },
-    { name: 'amount', config: { type: 'decimal' } as any, provenance: { source: 'base' } },
-  ],
-  indexes: [],
-};
-const contactModel: ResolvedModel = {
-  qualifiedName: 'contacts.contact',
-  app: 'contacts',
-  module: 'contacts',
-  name: 'contact',
-  label: 'Contact',
-  auditLog: false,
-  traits: [],
-  fields: [
-    {
-      name: 'id',
-      config: { type: 'string', required: true } as any,
-      provenance: { source: 'base' },
-    },
-    {
-      name: 'name',
-      config: { type: 'string', label: 'Name' } as any,
-      provenance: { source: 'base' },
-    },
-  ],
-  indexes: [],
-};
-const pages: Array<{ module: string; page: PageDefinition }> = [
-  {
-    module: 'sales',
-    page: {
-      key: 'sales.orders',
-      label: 'Orders',
-      type: 'collection',
-      path: '/sales/orders',
-      body: [
-        { type: 'data', source: { model: 'sales.order' }, children: [] },
-        { type: 'data', source: { model: 'contacts.contact' }, children: [] },
-      ],
-    },
-  },
-  {
-    module: 'hr',
-    page: {
-      key: 'hr.payroll',
-      label: 'Payroll',
-      type: 'collection',
-      path: '/hr/payroll',
-      body: [{ type: 'data', source: { model: 'hr.payslip' }, children: [] }],
-    },
-  },
-  {
-    module: 'admin',
-    page: {
-      key: 'admin.dashboard',
-      label: 'Admin Dashboard',
-      type: 'dashboard',
-      path: '/admin/dashboard',
-      body: [{ type: 'text', props: { content: 'Dashboard' } }],
-    },
-  },
-];
-const modules: ModuleConfig[] = [
-  {
-    name: 'sales',
-    label: 'Sales',
-    icon: 'shopping-cart',
-    order: 1,
-    navigation: [
-      {
-        section: 'Orders',
-        items: [{ page: 'sales.orders', label: 'Orders', icon: 'list' }],
-      },
-    ],
-  },
-  {
-    name: 'hr',
-    label: 'Human Resources',
-    icon: 'users',
-    order: 2,
-    navigation: [
-      {
-        section: 'Payroll',
-        items: [{ page: 'hr.payroll', label: 'Payroll', icon: 'dollar' }],
-      },
-    ],
-  },
-  {
-    name: 'admin',
-    label: 'Administration',
-    icon: 'settings',
-    order: 3,
-    navigation: [
-      {
-        section: 'System',
-        items: [{ page: 'admin.dashboard', label: 'Dashboard', icon: 'dashboard' }],
-      },
-    ],
-  },
-];
-function createMockDb(opts?: { noSession?: boolean; expiredSession?: boolean }) {
-  const users = [
-    {
-      id: 'u1',
-      email: 'sales@test.com',
-      full_name: 'Sales User',
-      enabled: true,
-      password_hash: hashPassword('pass'),
-    },
-  ];
-  const roles = [{ id: 'r1', name: 'SalesRep' }];
-  const userRoles = [{ user_id: 'u1', role_id: 'r1' }];
-  const sessions = opts?.noSession
-    ? []
-    : [
-        {
-          id: 's1',
-          token: 'test-token',
-          user_id: 'u1',
-          expires_at: opts?.expiredSession
-            ? new Date(Date.now() - 60000).toISOString()
-            : new Date(Date.now() + 60000).toISOString(),
-        },
-      ];
-  return {
-    selectFrom(table: string) {
-      const store =
-        table === 'core.user'
-          ? users
-          : table === 'core.role'
-            ? roles
-            : table === 'core.user_role'
-              ? userRoles
-              : table === 'core.session'
-                ? sessions
-                : [];
-      return {
-        selectAll() {
-          return this;
-        },
-        where(field: string, op: string, value: any) {
-          const filtered = (store as any[]).filter((r) => {
-            if (op === '=') return r[field] === value;
-            if (op === 'in') return value.includes(r[field]);
-            return false;
-          });
-          return {
-            executeTakeFirst: async () => filtered[0],
-            execute: async () => filtered,
-            where(f2: string, o2: string, v2: any) {
-              const f = filtered.filter((r: any) => {
-                if (o2 === '=') return r[f2] === v2;
-                if (o2 === 'in') return v2.includes(r[f2]);
-                return false;
-              });
-              return { executeTakeFirst: async () => f[0], execute: async () => f };
-            },
-          };
-        },
-        executeTakeFirst: async () => undefined,
-        execute: async () => [],
-      };
-    },
-  } as any;
-}
-function buildServer(
-  permissionRegistry: PermissionRegistry,
-  db: any,
-  schemaRegistry: SchemaRegistry,
-) {
-  const server = createTestServer();
-  const metaCtx: MetaBootContext = {
-    schemaRegistry,
-    pages,
-    modules,
-  };
-  server.get('/api/meta/boot', {
-    onRequest: createAuthHook(db, permissionRegistry),
-    handler: createMetaBootHandler(metaCtx),
-  });
-  return server;
-}
-describe('GET /api/meta/boot', () => {
-  it('returns correct boot response for authenticated user with filtered pages/nav/models', async () => {
-    const permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles(
-      {
-        SalesRep: {
-          label: 'Sales Rep',
-          models: { 'sales.order': { read: true, create: true } },
-          pages: ['admin.dashboard'],
-        },
-      },
-      'sales',
-    );
-    const schemaRegistry = new SchemaRegistry([orderModel, payslipModel, contactModel]);
-    const db = createMockDb();
-    const server = buildServer(permissionRegistry, db, schemaRegistry);
-    const res = await server.inject({
-      method: 'GET',
-      url: '/api/meta/boot',
-      headers: { authorization: 'Bearer test-token' },
-    });
-    expect(res.statusCode).toBe(200);
-    const body = res.json();
-    // User
-    expect(body.user).toEqual({
-      id: 'u1',
-      name: 'Sales User',
-      email: 'sales@test.com',
-      roles: ['SalesRep'],
-    });
-    // Permissions
-    expect(body.permissions.models['sales.order']).toEqual({ read: true, create: true });
-    expect(body.permissions.pages).toContain('admin.dashboard');
-    // Pages: sales.orders (model access), admin.dashboard (explicit pages), NOT hr.payroll
-    const pageKeys = body.pages.map((p: any) => p.key);
-    expect(pageKeys).toContain('sales.orders');
-    expect(pageKeys).toContain('admin.dashboard');
-    expect(pageKeys).not.toContain('hr.payroll');
-    // Navigation: sales and admin modules, NOT hr
-    const navModules = body.navigation.map((n: any) => n.module);
-    expect(navModules).toContain('sales');
-    expect(navModules).toContain('admin');
-    expect(navModules).not.toContain('hr');
-    // Models: sales.order and contacts.contact (from overlay), NOT hr.payslip
-    expect(body.models['sales.order']).toBeDefined();
-    expect(body.models['contacts.contact']).toBeDefined();
-    expect(body.models['hr.payslip']).toBeUndefined();
-    // Model metadata shape
-    expect(body.models['sales.order'].qualifiedName).toBe('sales.order');
-    expect(body.models['sales.order'].fields.length).toBe(4);
-    const statusField = body.models['sales.order'].fields.find((f: any) => f.name === 'status');
-    expect(statusField.type).toBe('enum');
-    expect(statusField.options).toEqual(['draft', 'confirmed']);
-    const customerField = body.models['sales.order'].fields.find((f: any) => f.name === 'customer');
-    expect(customerField.relationship).toEqual({ type: 'link', model: 'sales.customer' });
-  });
-  it('returns 401 for unauthenticated request', async () => {
-    const permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles({ SalesRep: { label: 'Sales Rep', models: {} } }, 'sales');
-    const schemaRegistry = new SchemaRegistry([orderModel]);
-    const db = createMockDb();
-    const server = buildServer(permissionRegistry, db, schemaRegistry);
-    const res = await server.inject({
-      method: 'GET',
-      url: '/api/meta/boot',
-    });
-    expect(res.statusCode).toBe(401);
-    expect(res.json().error.code).toBe('UNAUTHORIZED');
-  });
-  it('user with limited permissions only sees accessible pages and referenced models', async () => {
-    const permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles(
-      {
-        SalesRep: {
-          label: 'Sales Rep',
-          models: { 'hr.payslip': { read: true } },
-        },
-      },
-      'app',
-    );
-    const schemaRegistry = new SchemaRegistry([orderModel, payslipModel, contactModel]);
-    const db = createMockDb();
-    const server = buildServer(permissionRegistry, db, schemaRegistry);
-    const res = await server.inject({
-      method: 'GET',
-      url: '/api/meta/boot',
-      headers: { authorization: 'Bearer test-token' },
-    });
-    expect(res.statusCode).toBe(200);
-    const body = res.json();
-    const pageKeys = body.pages.map((p: any) => p.key);
-    expect(pageKeys).toContain('hr.payroll');
-    expect(pageKeys).toContain('admin.dashboard');
-    expect(pageKeys).not.toContain('sales.orders');
-    expect(body.models['hr.payslip']).toBeDefined();
-    expect(body.models['sales.order']).toBeUndefined();
-  });
-  it('non-model page accessible via explicit pages permission', async () => {
-    const permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles(
-      {
-        SalesRep: {
-          label: 'Sales Rep',
-          models: {},
-          pages: ['admin.dashboard'],
-        },
-      },
-      'app',
-    );
-    const schemaRegistry = new SchemaRegistry([orderModel, payslipModel, contactModel]);
-    const db = createMockDb();
-    const server = buildServer(permissionRegistry, db, schemaRegistry);
-    const res = await server.inject({
-      method: 'GET',
-      url: '/api/meta/boot',
-      headers: { authorization: 'Bearer test-token' },
-    });
-    expect(res.statusCode).toBe(200);
-    const body = res.json();
-    const pageKeys = body.pages.map((p: any) => p.key);
-    expect(pageKeys).toContain('admin.dashboard');
-    expect(pageKeys).not.toContain('sales.orders');
-    expect(pageKeys).not.toContain('hr.payroll');
-    // No models referenced since admin.dashboard has no model sources
-    expect(Object.keys(body.models)).toHaveLength(0);
-  });
-  it('empty modules/sections are omitted from navigation', async () => {
-    const permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles(
-      {
-        SalesRep: {
-          label: 'Sales Rep',
-          models: { 'sales.order': { read: true } },
-        },
-      },
-      'app',
-    );
-    const schemaRegistry = new SchemaRegistry([orderModel, payslipModel, contactModel]);
-    const db = createMockDb();
-    const server = buildServer(permissionRegistry, db, schemaRegistry);
-    const res = await server.inject({
-      method: 'GET',
-      url: '/api/meta/boot',
-      headers: { authorization: 'Bearer test-token' },
-    });
-    expect(res.statusCode).toBe(200);
-    const body = res.json();
-    const navModules = body.navigation.map((n: any) => n.module);
-    expect(navModules).toContain('sales');
-    expect(navModules).toContain('admin');
-    expect(navModules).not.toContain('hr');
-    // Navigation is sorted by order
-    expect(body.navigation[0].module).toBe('sales');
-  });
-  it('includes widget and view metadata in boot response', async () => {
-    const permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles(
-      {
-        SalesRep: {
-          label: 'Sales Rep',
-          models: { 'sales.order': { read: true } },
-        },
-      },
-      'sales',
-    );
-    const schemaRegistry = new SchemaRegistry([orderModel]);
-    const db = createMockDb();
-    const server = createTestServer();
-    const widgetDefs: import('@rangka/shared').WidgetDefinitionMeta[] = [
-      {
-        name: 'button',
-        label: 'Button',
-        category: 'action',
-        schema: { label: { type: 'string', required: true } },
-        binding: 'none',
-        triggers: ['click'],
-        container: false,
-      },
-      {
-        name: 'input',
-        label: 'Input',
-        category: 'input',
-        schema: {},
-        binding: 'field',
-        triggers: ['change'],
-        container: false,
-      },
-    ];
-    const metaCtx: MetaBootContext = {
-      schemaRegistry,
-      pages,
-      modules,
-      widgets: widgetDefs,
-    };
-    server.get('/api/meta/boot', {
-      onRequest: createAuthHook(db, permissionRegistry),
-      handler: createMetaBootHandler(metaCtx),
-    });
-    const res = await server.inject({
-      method: 'GET',
-      url: '/api/meta/boot',
-      headers: { authorization: 'Bearer test-token' },
-    });
-    expect(res.statusCode).toBe(200);
-    const body = res.json();
-    expect(body.widgets).toHaveLength(2);
-    expect(body.widgets[0].name).toBe('button');
-    expect(body.widgets[1].name).toBe('input');
-  });
-  it('returns empty arrays when no widgets are registered', async () => {
-    const permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles(
-      {
-        SalesRep: {
-          label: 'Sales Rep',
-          models: { 'sales.order': { read: true } },
-        },
-      },
-      'sales',
-    );
-    const schemaRegistry = new SchemaRegistry([orderModel]);
-    const db = createMockDb();
-    const server = createTestServer();
-    const metaCtx: MetaBootContext = {
-      schemaRegistry,
-      pages,
-      modules,
-      widgets: [],
-    };
-    server.get('/api/meta/boot', {
-      onRequest: createAuthHook(db, permissionRegistry),
-      handler: createMetaBootHandler(metaCtx),
-    });
-    const res = await server.inject({
-      method: 'GET',
-      url: '/api/meta/boot',
-      headers: { authorization: 'Bearer test-token' },
-    });
-    expect(res.statusCode).toBe(200);
-    const body = res.json();
-    expect(body.widgets).toEqual([]);
-  });
-});