npm - @rangka/core - Versions diffs - 0.1.1 → 0.1.3 - Mend

@rangka/core 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (197) hide show

package/package.json +6 -2
package/.claude/skills/extend-core/SKILL.md +0 -133
package/.turbo/turbo-build.log +0 -4
package/CHANGELOG.md +0 -25
package/CLAUDE.md +0 -180
package/src/__tests__/coerce.test.ts +0 -154
package/src/__tests__/context.test.ts +0 -111
package/src/__tests__/helpers.ts +0 -21
package/src/__tests__/index.test.ts +0 -7
package/src/__tests__/widgets.test.ts +0 -197
package/src/api/__tests__/handlers.test.ts +0 -389
package/src/api/__tests__/include-resolver.test.ts +0 -393
package/src/api/__tests__/middleware.test.ts +0 -100
package/src/api/__tests__/openapi-schema.test.ts +0 -210
package/src/api/__tests__/query-parser.test.ts +0 -291
package/src/api/__tests__/route-generator.test.ts +0 -137
package/src/api/__tests__/server.test.ts +0 -73
package/src/api/__tests__/swagger.test.ts +0 -166
package/src/api/handlers.ts +0 -274
package/src/api/include-resolver.ts +0 -27
package/src/api/index.ts +0 -4
package/src/api/meta-handler.ts +0 -254
package/src/api/openapi-schema.ts +0 -99
package/src/api/query-parser.ts +0 -315
package/src/api/route-generator.ts +0 -448
package/src/api/server.ts +0 -147
package/src/api/types.ts +0 -16
package/src/audit/__tests__/audit.test.ts +0 -144
package/src/audit/index.ts +0 -3
package/src/audit/record.ts +0 -69
package/src/audit/tables.ts +0 -48
package/src/audit/types.ts +0 -26
package/src/auth/__tests__/core-module.test.ts +0 -54
package/src/auth/__tests__/debug.test.ts +0 -47
package/src/auth/__tests__/field-permissions.test.ts +0 -245
package/src/auth/__tests__/integration.test.ts +0 -208
package/src/auth/__tests__/meta-boot.test.ts +0 -538
package/src/auth/__tests__/model-permissions.test.ts +0 -205
package/src/auth/__tests__/password.test.ts +0 -29
package/src/auth/__tests__/permission-registry.test.ts +0 -313
package/src/auth/__tests__/scope-hook.test.ts +0 -509
package/src/auth/__tests__/scope-registry.test.ts +0 -297
package/src/auth/__tests__/scopes.test.ts +0 -66
package/src/auth/__tests__/session.test.ts +0 -214
package/src/auth/core-models.ts +0 -52
package/src/auth/core-module.ts +0 -59
package/src/auth/debug.ts +0 -157
package/src/auth/field-permissions.ts +0 -116
package/src/auth/index.ts +0 -37
package/src/auth/model-permissions.ts +0 -59
package/src/auth/password.ts +0 -22
package/src/auth/permission-registry.ts +0 -171
package/src/auth/scope-filters.ts +0 -11
package/src/auth/scope-registry.ts +0 -121
package/src/auth/scopes.ts +0 -146
package/src/auth/seed.ts +0 -44
package/src/auth/session.ts +0 -178
package/src/auth/types.ts +0 -50
package/src/boot/__tests__/page-scanning.test.ts +0 -170
package/src/boot/__tests__/page-utils.test.ts +0 -225
package/src/boot/__tests__/project-scanner.test.ts +0 -88
package/src/boot/dependency-sort.ts +0 -82
package/src/boot/discovery.ts +0 -85
package/src/boot/index.ts +0 -457
package/src/boot/page-utils.ts +0 -110
package/src/boot/project-scanner.ts +0 -397
package/src/boot/schema-loader.ts +0 -26
package/src/boot/schema-merger.ts +0 -125
package/src/boot/traits.ts +0 -25
package/src/boot/types.ts +0 -73
package/src/context.ts +0 -105
package/src/db/__tests__/cascade-delete.test.ts +0 -182
package/src/db/__tests__/desired-state.test.ts +0 -136
package/src/db/__tests__/diff-engine.test.ts +0 -635
package/src/db/__tests__/field-mapper.test.ts +0 -355
package/src/db/__tests__/introspect.test.ts +0 -70
package/src/db/__tests__/search-filter.test.ts +0 -45
package/src/db/__tests__/sequence.test.ts +0 -221
package/src/db/auto-sync.ts +0 -133
package/src/db/client.ts +0 -147
package/src/db/desired-state.ts +0 -98
package/src/db/diff-engine.ts +0 -305
package/src/db/field-mapper.ts +0 -504
package/src/db/filter-applier.ts +0 -89
package/src/db/include-resolver.ts +0 -40
package/src/db/index.ts +0 -23
package/src/db/introspect.ts +0 -265
package/src/db/model-include-resolver.ts +0 -327
package/src/db/model-ops.ts +0 -281
package/src/db/scope-enforcer.ts +0 -37
package/src/db/types.ts +0 -98
package/src/errors.ts +0 -41
package/src/events/__tests__/bus.test.ts +0 -105
package/src/events/bus.ts +0 -89
package/src/events/index.ts +0 -2
package/src/events/types.ts +0 -9
package/src/external-model/__tests__/computed-fields.test.ts +0 -106
package/src/external-model/__tests__/field-mapper.test.ts +0 -160
package/src/external-model/__tests__/in-memory-ops.test.ts +0 -247
package/src/external-model/__tests__/mutation-executor.test.ts +0 -160
package/src/external-model/__tests__/query-executor.test.ts +0 -284
package/src/external-model/__tests__/schema-converter.test.ts +0 -174
package/src/external-model/computed-fields.ts +0 -15
package/src/external-model/define.ts +0 -5
package/src/external-model/external-model-ops.ts +0 -108
package/src/external-model/field-mapper.ts +0 -66
package/src/external-model/in-memory-ops.ts +0 -107
package/src/external-model/index.ts +0 -7
package/src/external-model/mutation-executor.ts +0 -71
package/src/external-model/query-executor.ts +0 -100
package/src/external-model/schema-converter.ts +0 -53
package/src/external-model/types.ts +0 -32
package/src/fixtures/__tests__/fixtures.test.ts +0 -203
package/src/fixtures/index.ts +0 -10
package/src/fixtures/loader.ts +0 -196
package/src/fixtures/registry.ts +0 -125
package/src/fixtures/types.ts +0 -33
package/src/helpers/assert-ownership.ts +0 -19
package/src/helpers/coerce.ts +0 -28
package/src/helpers/stamping.ts +0 -28
package/src/helpers/validation.ts +0 -14
package/src/hooks/__tests__/context.test.ts +0 -73
package/src/hooks/__tests__/executor.test.ts +0 -433
package/src/hooks/__tests__/middleware.test.ts +0 -224
package/src/hooks/__tests__/registry.test.ts +0 -50
package/src/hooks/context.ts +0 -89
package/src/hooks/errors.ts +0 -11
package/src/hooks/executor.ts +0 -115
package/src/hooks/index.ts +0 -10
package/src/hooks/middleware.ts +0 -220
package/src/hooks/registry.ts +0 -20
package/src/hooks/types.ts +0 -32
package/src/index.ts +0 -172
package/src/jobs/__tests__/enqueue.test.ts +0 -77
package/src/jobs/__tests__/integration.test.ts +0 -71
package/src/jobs/__tests__/registry.test.ts +0 -103
package/src/jobs/__tests__/scheduler.test.ts +0 -92
package/src/jobs/__tests__/worker-execution.test.ts +0 -202
package/src/jobs/__tests__/worker.test.ts +0 -119
package/src/jobs/enqueue.ts +0 -93
package/src/jobs/index.ts +0 -14
package/src/jobs/registry.ts +0 -92
package/src/jobs/scheduler.ts +0 -205
package/src/jobs/tables.ts +0 -132
package/src/jobs/types.ts +0 -62
package/src/jobs/worker.ts +0 -272
package/src/model-api/__tests__/cross-boundary-includes.test.ts +0 -366
package/src/model-api/__tests__/extended-api.test.ts +0 -244
package/src/model-api/__tests__/filter-applier.test.ts +0 -177
package/src/model-api/__tests__/filter-translator.test.ts +0 -186
package/src/model-api/__tests__/include-resolver.test.ts +0 -226
package/src/model-api/__tests__/model-access.test.ts +0 -284
package/src/model-api/__tests__/query-builder.test.ts +0 -224
package/src/model-api/__tests__/scope-enforcer.test.ts +0 -268
package/src/model-api/field-access.ts +0 -28
package/src/model-api/filter-applier.ts +0 -1
package/src/model-api/filter-translator.ts +0 -67
package/src/model-api/include-resolver.ts +0 -2
package/src/model-api/index.ts +0 -86
package/src/model-api/query-builder.ts +0 -155
package/src/model-api/scope-enforcer.ts +0 -3
package/src/model-api/types.ts +0 -139
package/src/plugins/__tests__/adapter-registry.test.ts +0 -92
package/src/plugins/__tests__/lifecycle.test.ts +0 -96
package/src/plugins/__tests__/loader.test.ts +0 -273
package/src/plugins/__tests__/validator.test.ts +0 -275
package/src/plugins/adapter-registry.ts +0 -42
package/src/plugins/define.ts +0 -5
package/src/plugins/index.ts +0 -28
package/src/plugins/lifecycle.ts +0 -27
package/src/plugins/loader.ts +0 -126
package/src/plugins/types.ts +0 -76
package/src/plugins/validator.ts +0 -141
package/src/schema/__tests__/registry-models-by-module.test.ts +0 -58
package/src/schema/registry.ts +0 -93
package/src/schema/relationships.ts +0 -93
package/src/schema/types.ts +0 -43
package/src/services/__tests__/integration.test.ts +0 -63
package/src/services/__tests__/registry.test.ts +0 -175
package/src/services/index.ts +0 -13
package/src/services/registry.ts +0 -156
package/src/services/types.ts +0 -27
package/src/validation/__tests__/field-validator.test.ts +0 -195
package/src/validation/field-validator.ts +0 -113
package/src/validation/index.ts +0 -1
package/src/widgets/index.ts +0 -3
package/src/widgets/slot-validator.ts +0 -87
package/src/widgets/widget-registry.ts +0 -32
package/tests/boot.test.ts +0 -323
package/tests/dependency-sort.test.ts +0 -99
package/tests/discovery.test.ts +0 -126
package/tests/registry.test.ts +0 -216
package/tests/schema-loader.test.ts +0 -52
package/tests/schema-merger.test.ts +0 -180
package/tsconfig.json +0 -9
package/tsconfig.tsbuildinfo +0 -1
package/vitest.config.ts +0 -14

package/src/auth/__tests__/scope-registry.test.ts DELETED Viewed

@@ -1,297 +0,0 @@
-import { describe, it, expect } from 'vitest';
-import { ScopeRegistry, ScopeResolutionError } from '../scope-registry.js';
-import { SchemaRegistry } from '../../schema/registry.js';
-import type { ResolvedModel } from '../../schema/types.js';
-import type { ModuleConfig } from '@rangka/shared';
-function makeModel(overrides: Partial<ResolvedModel> & { qualifiedName: string }): ResolvedModel {
-  return {
-    app: overrides.module ?? 'test',
-    module: overrides.module ?? 'test',
-    name: overrides.qualifiedName.split('.')[1],
-    auditLog: false,
-    traits: [],
-    fields: [],
-    indexes: [],
-    ...overrides,
-  };
-}
-function linkField(name: string, model: string) {
-  return {
-    name,
-    config: { type: 'link' as const, model },
-    provenance: { source: 'base' as const },
-  };
-}
-describe('ScopeRegistry', () => {
-  describe('scope registration', () => {
-    it('registers scopes from modules', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: {
-            company: { model: 'core.company', default: 'user.default_company', switchable: true },
-          },
-        },
-      ];
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core', fields: [] }),
-      ]);
-      const scopeRegistry = new ScopeRegistry(modules, schemaRegistry);
-      const scope = scopeRegistry.getScope('company');
-      expect(scope).toBeDefined();
-      expect(scope!.name).toBe('company');
-      expect(scope!.definition.model).toBe('core.company');
-      expect(scope!.module).toBe('core');
-    });
-    it('registers multiple scopes from different modules', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: {
-            company: { model: 'core.company', default: 'user.default_company' },
-          },
-        },
-        {
-          name: 'cms',
-          label: 'CMS',
-          scopes: {
-            workspace: { model: 'cms.workspace', default: 'user.default_workspace' },
-          },
-        },
-      ];
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        makeModel({ qualifiedName: 'cms.workspace', module: 'cms' }),
-      ]);
-      const scopeRegistry = new ScopeRegistry(modules, schemaRegistry);
-      expect(scopeRegistry.getAllScopes()).toHaveLength(2);
-      expect(scopeRegistry.getScope('company')).toBeDefined();
-      expect(scopeRegistry.getScope('workspace')).toBeDefined();
-    });
-    it('throws on duplicate scope name across modules', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: { company: { model: 'core.company', default: 'user.default_company' } },
-        },
-        {
-          name: 'sales',
-          label: 'Sales',
-          scopes: { company: { model: 'sales.company', default: 'user.company' } },
-        },
-      ];
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        makeModel({ qualifiedName: 'sales.company', module: 'sales' }),
-      ]);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(ScopeResolutionError);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(
-        /Scope "company" declared by module "sales" conflicts/,
-      );
-    });
-    it('handles modules without scopes', () => {
-      const modules: ModuleConfig[] = [
-        { name: 'core', label: 'Core' },
-        { name: 'sales', label: 'Sales' },
-      ];
-      const schemaRegistry = new SchemaRegistry([]);
-      const scopeRegistry = new ScopeRegistry(modules, schemaRegistry);
-      expect(scopeRegistry.getAllScopes()).toHaveLength(0);
-    });
-  });
-  describe('model binding resolution', () => {
-    it('resolves scope column from link field targeting scope model', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: { company: { model: 'core.company', default: 'user.default_company' } },
-        },
-      ];
-      const invoiceModel = makeModel({
-        qualifiedName: 'sales.invoice',
-        module: 'sales',
-        scope: 'company',
-        fields: [linkField('company', 'core.company'), linkField('customer', 'sales.customer')],
-      });
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        makeModel({ qualifiedName: 'sales.customer', module: 'sales' }),
-        invoiceModel,
-      ]);
-      const scopeRegistry = new ScopeRegistry(modules, schemaRegistry);
-      const binding = scopeRegistry.getModelBinding('sales.invoice');
-      expect(binding).toBeDefined();
-      expect(binding!.scopeName).toBe('company');
-      expect(binding!.column).toBe('company');
-      expect(binding!.scopeModel).toBe('core.company');
-    });
-    it('returns undefined for models without scope', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: { company: { model: 'core.company', default: 'user.default_company' } },
-        },
-      ];
-      const customerModel = makeModel({
-        qualifiedName: 'sales.customer',
-        module: 'sales',
-        fields: [linkField('company', 'core.company')],
-      });
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        customerModel,
-      ]);
-      const scopeRegistry = new ScopeRegistry(modules, schemaRegistry);
-      expect(scopeRegistry.getModelBinding('sales.customer')).toBeUndefined();
-      expect(scopeRegistry.isModelScoped('sales.customer')).toBe(false);
-    });
-    it('isModelScoped returns true for scoped models', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: { company: { model: 'core.company', default: 'user.default_company' } },
-        },
-      ];
-      const invoiceModel = makeModel({
-        qualifiedName: 'sales.invoice',
-        module: 'sales',
-        scope: 'company',
-        fields: [linkField('company', 'core.company')],
-      });
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        invoiceModel,
-      ]);
-      const scopeRegistry = new ScopeRegistry(modules, schemaRegistry);
-      expect(scopeRegistry.isModelScoped('sales.invoice')).toBe(true);
-    });
-    it('throws when model references undefined scope', () => {
-      const modules: ModuleConfig[] = [{ name: 'core', label: 'Core' }];
-      const invoiceModel = makeModel({
-        qualifiedName: 'sales.invoice',
-        module: 'sales',
-        scope: 'company',
-        fields: [linkField('company', 'core.company')],
-      });
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        invoiceModel,
-      ]);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(ScopeResolutionError);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(
-        /references scope "company" which is not defined/,
-      );
-    });
-    it('throws when model has no link field to scope model', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: { company: { model: 'core.company', default: 'user.default_company' } },
-        },
-      ];
-      const invoiceModel = makeModel({
-        qualifiedName: 'sales.invoice',
-        module: 'sales',
-        scope: 'company',
-        fields: [
-          { name: 'total', config: { type: 'number' } as any, provenance: { source: 'base' } },
-        ],
-      });
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        invoiceModel,
-      ]);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(ScopeResolutionError);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(
-        /has no link field to "core.company"/,
-      );
-    });
-    it('throws when model has multiple link fields to scope model without explicit field', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: { company: { model: 'core.company', default: 'user.default_company' } },
-        },
-      ];
-      const transferModel = makeModel({
-        qualifiedName: 'accounting.transfer',
-        module: 'accounting',
-        scope: 'company',
-        fields: [
-          linkField('source_company', 'core.company'),
-          linkField('target_company', 'core.company'),
-        ],
-      });
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        transferModel,
-      ]);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(ScopeResolutionError);
-      expect(() => new ScopeRegistry(modules, schemaRegistry)).toThrow(
-        /multiple link fields.*source_company, target_company/,
-      );
-    });
-    it('uses explicit field override when model has multiple links', () => {
-      const modules: ModuleConfig[] = [
-        {
-          name: 'core',
-          label: 'Core',
-          scopes: { company: { model: 'core.company', default: 'user.default_company' } },
-        },
-      ];
-      const transferModel = makeModel({
-        qualifiedName: 'accounting.transfer',
-        module: 'accounting',
-        scope: { name: 'company', field: 'source_company' },
-        fields: [
-          linkField('source_company', 'core.company'),
-          linkField('target_company', 'core.company'),
-        ],
-      });
-      const schemaRegistry = new SchemaRegistry([
-        makeModel({ qualifiedName: 'core.company', module: 'core' }),
-        transferModel,
-      ]);
-      const scopeRegistry = new ScopeRegistry(modules, schemaRegistry);
-      const binding = scopeRegistry.getModelBinding('accounting.transfer');
-      expect(binding).toBeDefined();
-      expect(binding!.column).toBe('source_company');
-      expect(binding!.scopeName).toBe('company');
-    });
-  });
-});

package/src/auth/__tests__/scopes.test.ts DELETED Viewed

@@ -1,66 +0,0 @@
-import { describe, it, expect } from 'vitest';
-import { applyScopeFiltersToQuery } from '../scopes.js';
-describe('scope system', () => {
-  describe('applyScopeFiltersToQuery', () => {
-    it('applies eq filters to query', () => {
-      const wheres: Array<[string, string, unknown]> = [];
-      const fakeQuery = {
-        where(field: string, op: string, value: unknown) {
-          wheres.push([field, op, value]);
-          return fakeQuery;
-        },
-      };
-      const result = applyScopeFiltersToQuery(fakeQuery, [
-        { field: 'company', operator: 'eq', value: 'C-001' },
-      ]);
-      expect(wheres).toEqual([['company', '=', 'C-001']]);
-      expect(result).toBe(fakeQuery);
-    });
-    it('applies in filters to query', () => {
-      const wheres: Array<[string, string, unknown]> = [];
-      const fakeQuery = {
-        where(field: string, op: string, value: unknown) {
-          wheres.push([field, op, value]);
-          return fakeQuery;
-        },
-      };
-      const result = applyScopeFiltersToQuery(fakeQuery, [
-        { field: 'territory', operator: 'in', value: ['North', 'East'] },
-      ]);
-      expect(wheres).toEqual([['territory', 'in', ['North', 'East']]]);
-      expect(result).toBe(fakeQuery);
-    });
-    it('applies multiple filters sequentially', () => {
-      const wheres: Array<[string, string, unknown]> = [];
-      const fakeQuery = {
-        where(field: string, op: string, value: unknown) {
-          wheres.push([field, op, value]);
-          return fakeQuery;
-        },
-      };
-      applyScopeFiltersToQuery(fakeQuery, [
-        { field: 'company', operator: 'eq', value: 'C-001' },
-        { field: 'territory', operator: 'in', value: ['North'] },
-      ]);
-      expect(wheres).toEqual([
-        ['company', '=', 'C-001'],
-        ['territory', 'in', ['North']],
-      ]);
-    });
-    it('returns query unchanged when no filters', () => {
-      const fakeQuery = { where: () => fakeQuery };
-      const result = applyScopeFiltersToQuery(fakeQuery, []);
-      expect(result).toBe(fakeQuery);
-    });
-  });
-});

package/src/auth/__tests__/session.test.ts DELETED Viewed

@@ -1,214 +0,0 @@
-import { describe, it, expect, beforeEach } from 'vitest';
-import { PermissionRegistry } from '../permission-registry.js';
-import { createAuthHook, createSessionHandler, generateToken } from '../session.js';
-import { hashPassword } from '../password.js';
-import { createTestServer } from '../../__tests__/helpers.js';
-function createMockDb(data: { users: any[]; sessions: any[]; userRoles: any[]; roles: any[] }) {
-  return {
-    selectFrom(table: string) {
-      return {
-        selectAll() {
-          return this;
-        },
-        select(..._args: any[]) {
-          return this;
-        },
-        where(field: string, op: string, value: any) {
-          const store =
-            table === 'core.session'
-              ? data.sessions
-              : table === 'core.user'
-                ? data.users
-                : table === 'core.user_role'
-                  ? data.userRoles
-                  : data.roles;
-          const filtered = store.filter((r: any) => {
-            if (op === '=') return r[field] === value;
-            if (op === 'in') return value.includes(r[field]);
-            return false;
-          });
-          return {
-            executeTakeFirst: async () => filtered[0] ?? undefined,
-            execute: async () => filtered,
-            where(f2: string, o2: string, v2: any) {
-              const f = filtered.filter((r: any) => {
-                if (o2 === '=') return r[f2] === v2;
-                if (o2 === 'in') return v2.includes(r[f2]);
-                return false;
-              });
-              return { executeTakeFirst: async () => f[0], execute: async () => f };
-            },
-          };
-        },
-        executeTakeFirst: async () => undefined,
-        execute: async () => [],
-      };
-    },
-    insertInto(_table: string) {
-      return {
-        values(vals: any) {
-          return {
-            returningAll() {
-              return { executeTakeFirstOrThrow: async () => ({ id: 'new-id', ...vals }) };
-            },
-            execute: async () => {},
-          };
-        },
-      };
-    },
-    deleteFrom(_table: string) {
-      return {
-        where() {
-          return { execute: async () => {} };
-        },
-      };
-    },
-  } as any;
-}
-describe('session auth hook', () => {
-  let permissionRegistry: PermissionRegistry;
-  beforeEach(() => {
-    permissionRegistry = new PermissionRegistry();
-    permissionRegistry.registerRoles({ Admin: { label: 'Admin', models: {} } }, 'core');
-  });
-  it('returns 401 for missing Authorization header', async () => {
-    const db = createMockDb({ users: [], sessions: [], userRoles: [], roles: [] });
-    const server = createTestServer();
-    server.get('/test', {
-      onRequest: createAuthHook(db, permissionRegistry),
-      handler: async () => ({ ok: true }),
-    });
-    const res = await server.inject({ method: 'GET', url: '/test' });
-    expect(res.statusCode).toBe(401);
-    expect(res.json().error.code).toBe('UNAUTHORIZED');
-  });
-  it('returns 401 for invalid token', async () => {
-    const db = createMockDb({ users: [], sessions: [], userRoles: [], roles: [] });
-    const server = createTestServer();
-    server.get('/test', {
-      onRequest: createAuthHook(db, permissionRegistry),
-      handler: async () => ({ ok: true }),
-    });
-    const res = await server.inject({
-      method: 'GET',
-      url: '/test',
-      headers: { authorization: 'Bearer invalid-token' },
-    });
-    expect(res.statusCode).toBe(401);
-  });
-  it('returns 401 for expired token', async () => {
-    const expired = new Date(Date.now() - 1000).toISOString();
-    const db = createMockDb({
-      users: [{ id: 'u1', email: 'a@b.com', enabled: true }],
-      sessions: [{ id: 's1', token: 'tok', user_id: 'u1', expires_at: expired }],
-      userRoles: [],
-      roles: [],
-    });
-    const server = createTestServer();
-    server.get('/test', {
-      onRequest: createAuthHook(db, permissionRegistry),
-      handler: async () => ({ ok: true }),
-    });
-    const res = await server.inject({
-      method: 'GET',
-      url: '/test',
-      headers: { authorization: 'Bearer tok' },
-    });
-    expect(res.statusCode).toBe(401);
-    expect(res.json().error.message).toContain('expired');
-  });
-  it('authenticates valid token and attaches context', async () => {
-    const future = new Date(Date.now() + 60000).toISOString();
-    const db = createMockDb({
-      users: [{ id: 'u1', email: 'a@b.com', full_name: 'Test', enabled: true, password_hash: 'x' }],
-      sessions: [{ id: 's1', token: 'valid-tok', user_id: 'u1', expires_at: future }],
-      userRoles: [{ user_id: 'u1', role_id: 'r1' }],
-      roles: [{ id: 'r1', name: 'Admin' }],
-    });
-    const server = createTestServer();
-    server.get('/test', {
-      onRequest: createAuthHook(db, permissionRegistry),
-      handler: async (request) => {
-        const ctx = (request as any).authContext;
-        return { email: ctx.user.email };
-      },
-    });
-    const res = await server.inject({
-      method: 'GET',
-      url: '/test',
-      headers: { authorization: 'Bearer valid-tok' },
-    });
-    expect(res.statusCode).toBe(200);
-    expect(res.json().email).toBe('a@b.com');
-  });
-});
-describe('session create endpoint', () => {
-  it('returns 401 for invalid credentials', async () => {
-    const db = createMockDb({ users: [], sessions: [], userRoles: [], roles: [] });
-    const server = createTestServer();
-    server.post('/api/core/session', createSessionHandler(db));
-    const res = await server.inject({
-      method: 'POST',
-      url: '/api/core/session',
-      payload: { email: 'bad@test.com', password: 'wrong' },
-    });
-    expect(res.statusCode).toBe(401);
-  });
-  it('returns 400 for missing fields', async () => {
-    const db = createMockDb({ users: [], sessions: [], userRoles: [], roles: [] });
-    const server = createTestServer();
-    server.post('/api/core/session', createSessionHandler(db));
-    const res = await server.inject({
-      method: 'POST',
-      url: '/api/core/session',
-      payload: {},
-    });
-    expect(res.statusCode).toBe(400);
-  });
-  it('creates session for valid credentials', async () => {
-    const pw = hashPassword('secret');
-    const db = createMockDb({
-      users: [
-        { id: 'u1', email: 'user@test.com', full_name: 'User', enabled: true, password_hash: pw },
-      ],
-      sessions: [],
-      userRoles: [],
-      roles: [],
-    });
-    const server = createTestServer();
-    server.post('/api/core/session', createSessionHandler(db));
-    const res = await server.inject({
-      method: 'POST',
-      url: '/api/core/session',
-      payload: { email: 'user@test.com', password: 'secret' },
-    });
-    expect(res.statusCode).toBe(201);
-    expect(res.json().data.token).toBeDefined();
-  });
-});
-describe('generateToken', () => {
-  it('generates a 64-character hex string', () => {
-    const token = generateToken();
-    expect(token).toHaveLength(64);
-    expect(/^[a-f0-9]+$/.test(token)).toBe(true);
-  });
-});

package/src/auth/core-models.ts DELETED Viewed

@@ -1,52 +0,0 @@
-import { defineModel, field } from '@rangka/shared';
-export const userSchema = defineModel({
-  name: 'user',
-  label: 'User',
-  fields: {
-    email: field.string({ required: true }),
-    password_hash: field.string({ required: true }),
-    full_name: field.string({ required: true }),
-    enabled: field.boolean({ default: true }),
-  },
-  indexes: [{ fields: ['email'], unique: true }],
-});
-export const roleSchema = defineModel({
-  name: 'role',
-  label: 'Role',
-  fields: {
-    name: field.string({ required: true }),
-    inherits: field.json({}),
-    permissions: field.json({}),
-  },
-  indexes: [{ fields: ['name'], unique: true }],
-});
-export const userRoleSchema = defineModel({
-  name: 'user_role',
-  label: 'User Role',
-  fields: {
-    user_id: field.link('core.user', { required: true }),
-    role_id: field.link('core.role', { required: true }),
-  },
-  indexes: [{ fields: ['user_id', 'role_id'], unique: true }],
-});
-export const sessionSchema = defineModel({
-  name: 'session',
-  label: 'Session',
-  fields: {
-    token: field.string({ required: true }),
-    user_id: field.link('core.user', { required: true }),
-    expires_at: field.datetime({ required: true }),
-    created_at: field.datetime({ required: true }),
-  },
-  indexes: [
-    { fields: ['token'], unique: true },
-    { fields: ['user_id'] },
-    { fields: ['expires_at'] },
-  ],
-});
-export const coreSchemas = [userSchema, roleSchema, userRoleSchema, sessionSchema];

package/src/auth/core-module.ts DELETED Viewed

@@ -1,59 +0,0 @@
-import type { DiscoveredApp } from '../boot/types.js';
-import type { ResolvedModel, ResolvedField } from '../schema/types.js';
-import { coreSchemas } from './core-models.js';
-import type { FieldConfig } from '@rangka/shared';
-function schemaToResolvedModel(schema: {
-  name: string;
-  label?: string;
-  fields: Record<string, FieldConfig>;
-  indexes?: Array<{ fields: string[]; unique?: boolean }>;
-}): ResolvedModel {
-  const fields: ResolvedField[] = [
-    {
-      name: 'id',
-      config: { type: 'string', required: true } as FieldConfig,
-      provenance: { source: 'base' },
-    },
-    ...Object.entries(schema.fields).map(([name, config]) => ({
-      name,
-      config,
-      provenance: { source: 'base' as const },
-    })),
-  ];
-  return {
-    qualifiedName: `core.${schema.name}`,
-    app: 'core',
-    module: 'core',
-    name: schema.name,
-    label: schema.label,
-    auditLog: false,
-    traits: [],
-    fields,
-    indexes: schema.indexes,
-  };
-}
-export function getCoreModels(): ResolvedModel[] {
-  return coreSchemas.map(schemaToResolvedModel);
-}
-export function getCoreApp(): DiscoveredApp {
-  return {
-    packageInfo: {
-      packageName: '@rangka/core',
-      path: '__builtin__',
-      rangka: { type: 'app', entrypoint: 'index.js' },
-    },
-    config: {
-      name: 'core',
-      label: 'Core',
-    },
-    schemas: coreSchemas.map((s) => ({
-      module: 'core',
-      schema: s,
-    })),
-    extensions: [],
-  };
-}