npm - @restura/core - Versions diffs - 0.2.1 → 1.0.0-beta.0 - Mend

@restura/core 0.2.1 → 1.0.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.js CHANGED Viewed

@@ -1,39 +1,10 @@
 "use strict";
 var __create = Object.create;
 var __defProp = Object.defineProperty;
-var __defProps = Object.defineProperties;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropDescs = Object.getOwnPropertyDescriptors;
 var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getOwnPropSymbols = Object.getOwnPropertySymbols;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __propIsEnum = Object.prototype.propertyIsEnumerable;
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __spreadValues = (a, b) => {
-  for (var prop in b || (b = {}))
-    if (__hasOwnProp.call(b, prop))
-      __defNormalProp(a, prop, b[prop]);
-  if (__getOwnPropSymbols)
-    for (var prop of __getOwnPropSymbols(b)) {
-      if (__propIsEnum.call(b, prop))
-        __defNormalProp(a, prop, b[prop]);
-    }
-  return a;
-};
-var __spreadProps = (a, b) => __defProps(a, __getOwnPropDescs(b));
-var __objRest = (source, exclude) => {
-  var target = {};
-  for (var prop in source)
-    if (__hasOwnProp.call(source, prop) && exclude.indexOf(prop) < 0)
-      target[prop] = source[prop];
-  if (source != null && __getOwnPropSymbols)
-    for (var prop of __getOwnPropSymbols(source)) {
-      if (exclude.indexOf(prop) < 0 && __propIsEnum.call(source, prop))
-        target[prop] = source[prop];
-    }
-  return target;
-};
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -92,13 +63,12 @@ var import_winston = __toESM(require("winston"));
 var import_logform = require("logform");
 // src/logger/loggerConfigSchema.ts
-var import_zod = require("zod");
-var loggerConfigSchema = import_zod.z.object({
-  level: import_zod.z.enum(["info", "warn", "error", "debug", "silly"]).default("info")
+var import_v4 = require("zod/v4");
+var loggerConfigSchema = import_v4.z.object({
+  level: import_v4.z.enum(["info", "warn", "error", "debug", "silly"]).default("info")
 });
 // src/logger/logger.ts
-var loggerConfig = import_internal.config.validate("logger", loggerConfigSchema);
 var consoleFormat = import_logform.format.combine(
   import_logform.format.timestamp({
     format: "YYYY-MM-DD HH:mm:ss.sss"
@@ -111,7 +81,7 @@ var consoleFormat = import_logform.format.combine(
   })
 );
 var logger = import_winston.default.createLogger({
-  level: loggerConfig.level,
+  level: "info",
   format: import_logform.format.combine(
     import_logform.format.timestamp({
       format: "YYYY-MM-DD HH:mm:ss.sss"
@@ -119,29 +89,24 @@ var logger = import_winston.default.createLogger({
     import_logform.format.errors({ stack: true }),
     import_logform.format.json()
   ),
-  //defaultMeta: { service: 'user-service' },
-  transports: [
-    //
-    // - Write to all logs with level `info` and below to `combined.log`
-    // - Write all logs error (and below) to `error.log`.
-    // - Write all logs to standard out.
-    //
-    // new winston.transports.File({ filename: 'error.log', level: 'error' }),
-    // new winston.transports.File({ filename: 'combined.log' }),
-    new import_winston.default.transports.Console({ format: consoleFormat })
-  ]
+  transports: [new import_winston.default.transports.Console({ format: consoleFormat })]
+});
+import_internal.config.validate("logger", loggerConfigSchema).then((loggerConfig) => {
+  if (loggerConfig.level) {
+    logger.level = loggerConfig.level;
+  }
+}).catch((error) => {
+  logger.error("Failed to load logger config:", error);
 });
 // src/restura/eventManager.ts
 var import_bluebird = __toESM(require("bluebird"));
 var EventManager = class {
-  constructor() {
-    this.actionHandlers = {
-      DATABASE_ROW_DELETE: [],
-      DATABASE_ROW_INSERT: [],
-      DATABASE_COLUMN_UPDATE: []
-    };
-  }
+  actionHandlers = {
+    DATABASE_ROW_DELETE: [],
+    DATABASE_ROW_INSERT: [],
+    DATABASE_COLUMN_UPDATE: []
+  };
   addRowInsertHandler(onInsert, filter) {
     this.actionHandlers.DATABASE_ROW_INSERT.push({
       callback: onInsert,
@@ -338,6 +303,10 @@ var HtmlStatusCodes = /* @__PURE__ */ ((HtmlStatusCodes2) => {
   return HtmlStatusCodes2;
 })(HtmlStatusCodes || {});
 var RsError = class _RsError {
+  err;
+  msg;
+  status;
+  stack;
   constructor(errCode, message) {
     this.err = errCode;
     this.msg = message || "";
@@ -490,9 +459,7 @@ var import_fs = __toESM(require("fs"));
 var import_path = __toESM(require("path"));
 var import_internal2 = require("@restura/internal");
 var CustomApiFactory = class {
-  constructor() {
-    this.customApis = {};
-  }
+  customApis = {};
   async loadApiFiles(baseFolderPath) {
     const apiVersions = ["v1"];
     for (const apiVersion of apiVersions) {
@@ -506,11 +473,10 @@ var CustomApiFactory = class {
     return this.customApis[customApiName];
   }
   async addDirectory(directoryPath, apiVersion) {
-    var _a2;
     const entries = await import_fs.default.promises.readdir(directoryPath, {
       withFileTypes: true
     });
-    const isTsx2 = (_a2 = process.argv[1]) == null ? void 0 : _a2.endsWith(".ts");
+    const isTsx2 = process.argv[1]?.endsWith(".ts");
     const isTsNode2 = process.env.TS_NODE_DEV || process.env.TS_NODE_PROJECT;
     const extension = isTsx2 || isTsNode2 ? "ts" : "js";
     const shouldEndWith = `.api.${apiVersion}.${extension}`;
@@ -575,6 +541,8 @@ var SqlUtils = class _SqlUtils {
 // src/restura/validators/ResponseValidator.ts
 var ResponseValidator = class _ResponseValidator {
+  rootMap;
+  database;
   constructor(schema) {
     this.database = schema.database;
     this.rootMap = {};
@@ -650,7 +618,7 @@ var ResponseValidator = class _ResponseValidator {
     if (path5.length === 0 || path5.length > 2 || path5[0] === "") return { validator: "any", isOptional: false };
     const tableName = path5.length == 2 ? path5[0] : name, columnName = path5.length == 2 ? path5[1] : path5[0];
     const table = this.database.find((t) => t.name == tableName);
-    const column = table == null ? void 0 : table.columns.find((c) => c.name == columnName);
+    const column = table?.columns.find((c) => c.name == columnName);
     if (!table || !column) return { validator: "any", isOptional: false };
     let validator = SqlUtils.convertDatabaseTypeToTypescript(
       column.type,
@@ -734,10 +702,12 @@ var ResponseValidator = class _ResponseValidator {
 var ApiTree = class _ApiTree {
   constructor(namespace, database) {
     this.database = database;
-    this.data = [];
     this.namespace = namespace;
     this.children = /* @__PURE__ */ new Map();
   }
+  namespace;
+  data = [];
+  children;
   static createRootNode(database) {
     return new _ApiTree(null, database);
   }
@@ -881,7 +851,7 @@ var ApiTree = class _ApiTree {
       tableName = tableAliasSplit[1];
       table = this.database.find((t) => t.name == tableName);
     }
-    const column = table == null ? void 0 : table.columns.find((c) => c.name == columnName);
+    const column = table?.columns.find((c) => c.name == columnName);
     if (!table || !column) return { responseType: "any", isNullable: false };
     return {
       responseType: SqlUtils.convertDatabaseTypeToTypescript(column.type, column.value),
@@ -912,16 +882,17 @@ function apiGenerator(schema) {
 			${schema.customTypes.join("\n")}
 		}`;
   }
-  return import_prettier.default.format(apiString, __spreadValues({
-    parser: "typescript"
-  }, {
-    trailingComma: "none",
-    tabWidth: 4,
-    useTabs: true,
-    endOfLine: "lf",
-    printWidth: 120,
-    singleQuote: true
-  }));
+  return import_prettier.default.format(apiString, {
+    parser: "typescript",
+    ...{
+      trailingComma: "none",
+      tabWidth: 4,
+      useTabs: true,
+      endOfLine: "lf",
+      printWidth: 120,
+      singleQuote: true
+    }
+  });
 }
 // src/restura/generators/customTypeValidationGenerator.ts
@@ -932,7 +903,7 @@ var TJS = __toESM(require("typescript-json-schema"));
 function customTypeValidationGenerator(currentSchema) {
   const schemaObject = {};
   const customInterfaceNames = currentSchema.customTypes.map((customType) => {
-    const matches = customType.match(new RegExp("(?<=interface\\s)(\\w+)|(?<=type\\s)(\\w+)", "g"));
+    const matches = customType.match(/(?<=interface\s)(\w+)|(?<=type\s)(\w+)/g);
     if (matches && matches.length > 0) return matches[0];
     return "";
   }).filter(Boolean);
@@ -976,16 +947,17 @@ function modelGenerator(schema) {
     modelString += convertTable(table);
   }
   modelString += `}`;
-  return import_prettier2.default.format(modelString, __spreadValues({
-    parser: "typescript"
-  }, {
-    trailingComma: "none",
-    tabWidth: 4,
-    useTabs: true,
-    endOfLine: "lf",
-    printWidth: 120,
-    singleQuote: true
-  }));
+  return import_prettier2.default.format(modelString, {
+    parser: "typescript",
+    ...{
+      trailingComma: "none",
+      tabWidth: 4,
+      useTabs: true,
+      endOfLine: "lf",
+      printWidth: 120,
+      singleQuote: true
+    }
+  });
 }
 function convertTable(table) {
   let modelString = `	export interface ${import_core_utils2.StringUtils.capitalizeFirst(table.name)} {
@@ -1037,20 +1009,21 @@ function addApiResponseFunctions(req, res, next) {
         htmlStatusCode = 500;
       }
     }
-    const errorData = __spreadValues({
+    const errorData = {
       err: shortError,
-      msg
-    }, restura.resturaConfig.sendErrorStackTrace && stack ? { stack } : {});
+      msg,
+      ...restura.resturaConfig.sendErrorStackTrace && stack ? { stack } : {}
+    };
     res.status(htmlStatusCode).send(errorData);
   };
   next();
 }
-// src/restura/middleware/authenticateUser.ts
-function authenticateUser(applicationAuthenticateHandler) {
+// src/restura/middleware/authenticateRequester.ts
+function authenticateRequester(applicationAuthenticateHandler) {
   return (req, res, next) => {
-    applicationAuthenticateHandler(req, res, (userDetails) => {
-      req.requesterDetails = __spreadValues({ host: req.hostname, ipAddress: req.ip || "" }, userDetails);
+    applicationAuthenticateHandler(req, res, (authenticatedRequesterDetails) => {
+      req.requesterDetails = { host: req.hostname, ipAddress: req.ip || "", ...authenticatedRequesterDetails };
       next();
     });
   };
@@ -1082,110 +1055,97 @@ var getMulterUpload = (directory) => {
 };
 // src/restura/schemas/resturaSchema.ts
-var import_zod3 = require("zod");
+var import_zod2 = require("zod");
 // src/restura/schemas/validatorDataSchema.ts
-var import_zod2 = require("zod");
-var validatorDataSchemeValue = import_zod2.z.union([import_zod2.z.string(), import_zod2.z.array(import_zod2.z.string()), import_zod2.z.number(), import_zod2.z.array(import_zod2.z.number())]);
-var validatorDataSchema = import_zod2.z.object({
-  type: import_zod2.z.enum(["TYPE_CHECK", "MIN", "MAX", "ONE_OF"]),
+var import_zod = require("zod");
+var validatorDataSchemeValue = import_zod.z.union([import_zod.z.string(), import_zod.z.array(import_zod.z.string()), import_zod.z.number(), import_zod.z.array(import_zod.z.number())]);
+var validatorDataSchema = import_zod.z.object({
+  type: import_zod.z.enum(["TYPE_CHECK", "MIN", "MAX", "ONE_OF"]),
   value: validatorDataSchemeValue
 }).strict();
 // src/restura/schemas/resturaSchema.ts
-var orderBySchema = import_zod3.z.object({
-  columnName: import_zod3.z.string(),
-  order: import_zod3.z.enum(["ASC", "DESC"]),
-  tableName: import_zod3.z.string()
+var orderBySchema = import_zod2.z.object({
+  columnName: import_zod2.z.string(),
+  order: import_zod2.z.enum(["ASC", "DESC"]),
+  tableName: import_zod2.z.string()
 }).strict();
-var groupBySchema = import_zod3.z.object({
-  columnName: import_zod3.z.string(),
-  tableName: import_zod3.z.string()
+var groupBySchema = import_zod2.z.object({
+  columnName: import_zod2.z.string(),
+  tableName: import_zod2.z.string()
 }).strict();
-var whereDataSchema = import_zod3.z.object({
-  tableName: import_zod3.z.string().optional(),
-  columnName: import_zod3.z.string().optional(),
-  operator: import_zod3.z.enum([
-    "=",
-    "<",
-    ">",
-    "<=",
-    ">=",
-    "!=",
-    "LIKE",
-    "NOT LIKE",
-    "IN",
-    "NOT IN",
-    "STARTS WITH",
-    "ENDS WITH",
-    "IS",
-    "IS NOT"
-  ]).optional(),
-  value: import_zod3.z.string().or(import_zod3.z.number()).optional(),
-  custom: import_zod3.z.string().optional(),
-  conjunction: import_zod3.z.enum(["AND", "OR"]).optional()
+var whereDataSchema = import_zod2.z.object({
+  tableName: import_zod2.z.string().optional(),
+  columnName: import_zod2.z.string().optional(),
+  operator: import_zod2.z.enum(["=", "<", ">", "<=", ">=", "!=", "LIKE", "IN", "NOT IN", "STARTS WITH", "ENDS WITH", "IS", "IS NOT"]).optional(),
+  value: import_zod2.z.string().or(import_zod2.z.number()).optional(),
+  custom: import_zod2.z.string().optional(),
+  conjunction: import_zod2.z.enum(["AND", "OR"]).optional()
 }).strict();
-var assignmentDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  value: import_zod3.z.string()
+var assignmentDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  value: import_zod2.z.string()
 }).strict();
-var joinDataSchema = import_zod3.z.object({
-  table: import_zod3.z.string(),
-  localColumnName: import_zod3.z.string().optional(),
-  foreignColumnName: import_zod3.z.string().optional(),
-  custom: import_zod3.z.string().optional(),
-  type: import_zod3.z.enum(["LEFT", "INNER"]),
-  alias: import_zod3.z.string().optional()
+var joinDataSchema = import_zod2.z.object({
+  table: import_zod2.z.string(),
+  localColumnName: import_zod2.z.string().optional(),
+  foreignColumnName: import_zod2.z.string().optional(),
+  custom: import_zod2.z.string().optional(),
+  type: import_zod2.z.enum(["LEFT", "INNER"]),
+  alias: import_zod2.z.string().optional()
 }).strict();
-var requestDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  required: import_zod3.z.boolean(),
-  isNullable: import_zod3.z.boolean().optional(),
-  validator: import_zod3.z.array(validatorDataSchema)
+var requestDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  required: import_zod2.z.boolean(),
+  isNullable: import_zod2.z.boolean().optional(),
+  validator: import_zod2.z.array(validatorDataSchema)
 }).strict();
-var responseDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  selector: import_zod3.z.string().optional(),
-  subquery: import_zod3.z.object({
-    table: import_zod3.z.string(),
-    joins: import_zod3.z.array(joinDataSchema),
-    where: import_zod3.z.array(whereDataSchema),
-    properties: import_zod3.z.array(import_zod3.z.lazy(() => responseDataSchema)),
+var responseDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  selector: import_zod2.z.string().optional(),
+  subquery: import_zod2.z.object({
+    table: import_zod2.z.string(),
+    joins: import_zod2.z.array(joinDataSchema),
+    where: import_zod2.z.array(whereDataSchema),
+    properties: import_zod2.z.array(import_zod2.z.lazy(() => responseDataSchema)),
     // Explicit type for the lazy schema
     groupBy: groupBySchema.optional(),
     orderBy: orderBySchema.optional()
   }).optional(),
-  type: import_zod3.z.string().optional()
+  type: import_zod2.z.string().optional()
+  // Type allows you to override the type of the response, used in custom selectors
 }).strict();
-var routeDataBaseSchema = import_zod3.z.object({
-  method: import_zod3.z.enum(["GET", "POST", "PUT", "PATCH", "DELETE"]),
-  name: import_zod3.z.string(),
-  description: import_zod3.z.string(),
-  path: import_zod3.z.string(),
-  roles: import_zod3.z.array(import_zod3.z.string())
+var routeDataBaseSchema = import_zod2.z.object({
+  method: import_zod2.z.enum(["GET", "POST", "PUT", "PATCH", "DELETE"]),
+  name: import_zod2.z.string(),
+  description: import_zod2.z.string(),
+  path: import_zod2.z.string(),
+  roles: import_zod2.z.array(import_zod2.z.string()),
+  scopes: import_zod2.z.array(import_zod2.z.string())
 }).strict();
 var standardRouteSchema = routeDataBaseSchema.extend({
-  type: import_zod3.z.enum(["ONE", "ARRAY", "PAGED"]),
-  table: import_zod3.z.string(),
-  joins: import_zod3.z.array(joinDataSchema),
-  assignments: import_zod3.z.array(assignmentDataSchema),
-  where: import_zod3.z.array(whereDataSchema),
-  request: import_zod3.z.array(requestDataSchema),
-  response: import_zod3.z.array(responseDataSchema),
+  type: import_zod2.z.enum(["ONE", "ARRAY", "PAGED"]),
+  table: import_zod2.z.string(),
+  joins: import_zod2.z.array(joinDataSchema),
+  assignments: import_zod2.z.array(assignmentDataSchema),
+  where: import_zod2.z.array(whereDataSchema),
+  request: import_zod2.z.array(requestDataSchema),
+  response: import_zod2.z.array(responseDataSchema),
   groupBy: groupBySchema.optional(),
   orderBy: orderBySchema.optional()
 }).strict();
 var customRouteSchema = routeDataBaseSchema.extend({
-  type: import_zod3.z.enum(["CUSTOM_ONE", "CUSTOM_ARRAY", "CUSTOM_PAGED"]),
-  responseType: import_zod3.z.union([import_zod3.z.string(), import_zod3.z.enum(["string", "number", "boolean"])]),
-  requestType: import_zod3.z.string().optional(),
-  request: import_zod3.z.array(requestDataSchema).optional(),
-  table: import_zod3.z.undefined(),
-  joins: import_zod3.z.undefined(),
-  assignments: import_zod3.z.undefined(),
-  fileUploadType: import_zod3.z.enum(["SINGLE", "MULTIPLE"]).optional()
+  type: import_zod2.z.enum(["CUSTOM_ONE", "CUSTOM_ARRAY", "CUSTOM_PAGED"]),
+  responseType: import_zod2.z.union([import_zod2.z.string(), import_zod2.z.enum(["string", "number", "boolean"])]),
+  requestType: import_zod2.z.string().optional(),
+  request: import_zod2.z.array(requestDataSchema).optional(),
+  table: import_zod2.z.undefined(),
+  joins: import_zod2.z.undefined(),
+  assignments: import_zod2.z.undefined(),
+  fileUploadType: import_zod2.z.enum(["SINGLE", "MULTIPLE"]).optional()
 }).strict();
-var postgresColumnNumericTypesSchema = import_zod3.z.enum([
+var postgresColumnNumericTypesSchema = import_zod2.z.enum([
   "SMALLINT",
   // 2 bytes, -32,768 to 32,767
   "INTEGER",
@@ -1205,7 +1165,7 @@ var postgresColumnNumericTypesSchema = import_zod3.z.enum([
   "BIGSERIAL"
   // auto-incrementing big integer
 ]);
-var postgresColumnStringTypesSchema = import_zod3.z.enum([
+var postgresColumnStringTypesSchema = import_zod2.z.enum([
   "CHAR",
   // fixed-length, blank-padded
   "VARCHAR",
@@ -1215,7 +1175,7 @@ var postgresColumnStringTypesSchema = import_zod3.z.enum([
   "BYTEA"
   // binary data
 ]);
-var postgresColumnDateTypesSchema = import_zod3.z.enum([
+var postgresColumnDateTypesSchema = import_zod2.z.enum([
   "DATE",
   // calendar date (year, month, day)
   "TIMESTAMP",
@@ -1227,13 +1187,13 @@ var postgresColumnDateTypesSchema = import_zod3.z.enum([
   "INTERVAL"
   // time span
 ]);
-var postgresColumnJsonTypesSchema = import_zod3.z.enum([
+var postgresColumnJsonTypesSchema = import_zod2.z.enum([
   "JSON",
   // stores JSON data as raw text
   "JSONB"
   // stores JSON data in a binary format, optimized for query performance
 ]);
-var mariaDbColumnNumericTypesSchema = import_zod3.z.enum([
+var mariaDbColumnNumericTypesSchema = import_zod2.z.enum([
   "BOOLEAN",
   // 1-byte A synonym for "TINYINT(1)". Supported from version 1.2.0 onwards.
   "TINYINT",
@@ -1253,7 +1213,7 @@ var mariaDbColumnNumericTypesSchema = import_zod3.z.enum([
   "DOUBLE"
   // 8 bytes Stored in 64-bit IEEE-754 floating point format. As such, the number of significant digits is about 15 and the range of values is approximately +/-1e308.
 ]);
-var mariaDbColumnStringTypesSchema = import_zod3.z.enum([
+var mariaDbColumnStringTypesSchema = import_zod2.z.enum([
   "CHAR",
   // 1, 2, 4, or 8 bytes Holds letters and special characters of fixed length. Max length is 255. Default and minimum size is 1 byte.
   "VARCHAR",
@@ -1279,7 +1239,7 @@ var mariaDbColumnStringTypesSchema = import_zod3.z.enum([
   "ENUM"
   // Enum type
 ]);
-var mariaDbColumnDateTypesSchema = import_zod3.z.enum([
+var mariaDbColumnDateTypesSchema = import_zod2.z.enum([
   "DATE",
   // 4-bytes Date has year, month, and day.
   "DATETIME",
@@ -1289,9 +1249,9 @@ var mariaDbColumnDateTypesSchema = import_zod3.z.enum([
   "TIMESTAMP"
   // 4-bytes Values are stored as the number of seconds since 1970-01-01 00:00:00 UTC, and optionally microseconds.
 ]);
-var columnDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  type: import_zod3.z.union([
+var columnDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  type: import_zod2.z.union([
     postgresColumnNumericTypesSchema,
     postgresColumnStringTypesSchema,
     postgresColumnDateTypesSchema,
@@ -1300,24 +1260,25 @@ var columnDataSchema = import_zod3.z.object({
     mariaDbColumnStringTypesSchema,
     mariaDbColumnDateTypesSchema
   ]),
-  isNullable: import_zod3.z.boolean(),
-  roles: import_zod3.z.array(import_zod3.z.string()),
-  comment: import_zod3.z.string().optional(),
-  default: import_zod3.z.string().optional(),
-  value: import_zod3.z.string().optional(),
-  isPrimary: import_zod3.z.boolean().optional(),
-  isUnique: import_zod3.z.boolean().optional(),
-  hasAutoIncrement: import_zod3.z.boolean().optional(),
-  length: import_zod3.z.number().optional()
+  isNullable: import_zod2.z.boolean(),
+  roles: import_zod2.z.array(import_zod2.z.string()),
+  scopes: import_zod2.z.array(import_zod2.z.string()),
+  comment: import_zod2.z.string().optional(),
+  default: import_zod2.z.string().optional(),
+  value: import_zod2.z.string().optional(),
+  isPrimary: import_zod2.z.boolean().optional(),
+  isUnique: import_zod2.z.boolean().optional(),
+  hasAutoIncrement: import_zod2.z.boolean().optional(),
+  length: import_zod2.z.number().optional()
 }).strict();
-var indexDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  columns: import_zod3.z.array(import_zod3.z.string()),
-  isUnique: import_zod3.z.boolean(),
-  isPrimaryKey: import_zod3.z.boolean(),
-  order: import_zod3.z.enum(["ASC", "DESC"])
+var indexDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  columns: import_zod2.z.array(import_zod2.z.string()),
+  isUnique: import_zod2.z.boolean(),
+  isPrimaryKey: import_zod2.z.boolean(),
+  order: import_zod2.z.enum(["ASC", "DESC"])
 }).strict();
-var foreignKeyActionsSchema = import_zod3.z.enum([
+var foreignKeyActionsSchema = import_zod2.z.enum([
   "CASCADE",
   // CASCADE action for foreign keys
   "SET NULL",
@@ -1329,39 +1290,41 @@ var foreignKeyActionsSchema = import_zod3.z.enum([
   "SET DEFAULT"
   // SET DEFAULT action for foreign keys
 ]);
-var foreignKeyDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  column: import_zod3.z.string(),
-  refTable: import_zod3.z.string(),
-  refColumn: import_zod3.z.string(),
+var foreignKeyDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  column: import_zod2.z.string(),
+  refTable: import_zod2.z.string(),
+  refColumn: import_zod2.z.string(),
   onDelete: foreignKeyActionsSchema,
   onUpdate: foreignKeyActionsSchema
 }).strict();
-var checkConstraintDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  check: import_zod3.z.string()
+var checkConstraintDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  check: import_zod2.z.string()
 }).strict();
-var tableDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  columns: import_zod3.z.array(columnDataSchema),
-  indexes: import_zod3.z.array(indexDataSchema),
-  foreignKeys: import_zod3.z.array(foreignKeyDataSchema),
-  checkConstraints: import_zod3.z.array(checkConstraintDataSchema),
-  roles: import_zod3.z.array(import_zod3.z.string()),
-  notify: import_zod3.z.union([import_zod3.z.literal("ALL"), import_zod3.z.array(import_zod3.z.string())]).optional()
+var tableDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  columns: import_zod2.z.array(columnDataSchema),
+  indexes: import_zod2.z.array(indexDataSchema),
+  foreignKeys: import_zod2.z.array(foreignKeyDataSchema),
+  checkConstraints: import_zod2.z.array(checkConstraintDataSchema),
+  roles: import_zod2.z.array(import_zod2.z.string()),
+  scopes: import_zod2.z.array(import_zod2.z.string()),
+  notify: import_zod2.z.union([import_zod2.z.literal("ALL"), import_zod2.z.array(import_zod2.z.string())]).optional()
 }).strict();
-var endpointDataSchema = import_zod3.z.object({
-  name: import_zod3.z.string(),
-  description: import_zod3.z.string(),
-  baseUrl: import_zod3.z.string(),
-  routes: import_zod3.z.array(import_zod3.z.union([standardRouteSchema, customRouteSchema]))
+var endpointDataSchema = import_zod2.z.object({
+  name: import_zod2.z.string(),
+  description: import_zod2.z.string(),
+  baseUrl: import_zod2.z.string(),
+  routes: import_zod2.z.array(import_zod2.z.union([standardRouteSchema, customRouteSchema]))
 }).strict();
-var resturaSchema = import_zod3.z.object({
-  database: import_zod3.z.array(tableDataSchema),
-  endpoints: import_zod3.z.array(endpointDataSchema),
-  globalParams: import_zod3.z.array(import_zod3.z.string()),
-  roles: import_zod3.z.array(import_zod3.z.string()),
-  customTypes: import_zod3.z.array(import_zod3.z.string())
+var resturaSchema = import_zod2.z.object({
+  database: import_zod2.z.array(tableDataSchema),
+  endpoints: import_zod2.z.array(endpointDataSchema),
+  globalParams: import_zod2.z.array(import_zod2.z.string()),
+  roles: import_zod2.z.array(import_zod2.z.string()),
+  scopes: import_zod2.z.array(import_zod2.z.string()),
+  customTypes: import_zod2.z.array(import_zod2.z.string())
 }).strict();
 async function isSchemaValid(schemaToCheck) {
   try {
@@ -1376,7 +1339,7 @@ async function isSchemaValid(schemaToCheck) {
 // src/restura/validators/requestValidator.ts
 var import_core_utils3 = require("@redskytech/core-utils");
 var import_jsonschema = __toESM(require("jsonschema"));
-var import_zod4 = require("zod");
+var import_zod3 = require("zod");
 // src/restura/utils/utils.ts
 function addQuotesToStrings(variable) {
@@ -1458,31 +1421,31 @@ function isValidType(type, requestValue) {
   try {
     expectValidType(type, requestValue);
     return true;
-  } catch (e) {
+  } catch {
     return false;
   }
 }
 function expectValidType(type, requestValue) {
   if (type === "number") {
-    return import_zod4.z.number().parse(requestValue);
+    return import_zod3.z.number().parse(requestValue);
   }
   if (type === "string") {
-    return import_zod4.z.string().parse(requestValue);
+    return import_zod3.z.string().parse(requestValue);
   }
   if (type === "boolean") {
-    return import_zod4.z.boolean().parse(requestValue);
+    return import_zod3.z.boolean().parse(requestValue);
   }
   if (type === "string[]") {
-    return import_zod4.z.array(import_zod4.z.string()).parse(requestValue);
+    return import_zod3.z.array(import_zod3.z.string()).parse(requestValue);
   }
   if (type === "number[]") {
-    return import_zod4.z.array(import_zod4.z.number()).parse(requestValue);
+    return import_zod3.z.array(import_zod3.z.number()).parse(requestValue);
   }
   if (type === "any[]") {
-    return import_zod4.z.array(import_zod4.z.any()).parse(requestValue);
+    return import_zod3.z.array(import_zod3.z.any()).parse(requestValue);
   }
   if (type === "object") {
-    return import_zod4.z.object({}).strict().parse(requestValue);
+    return import_zod3.z.object({}).strict().parse(requestValue);
   }
 }
 function performTypeCheck(requestValue, validator, requestParamName) {
@@ -1494,7 +1457,7 @@ function performTypeCheck(requestValue, validator, requestParamName) {
   }
   try {
     validatorDataSchemeValue.parse(validator.value);
-  } catch (e) {
+  } catch {
     throw new RsError("SCHEMA_ERROR", `Schema validator value (${validator.value}) is not a valid type`);
   }
 }
@@ -1585,18 +1548,18 @@ async function schemaValidation(req, res, next) {
 }
 // src/restura/schemas/resturaConfigSchema.ts
-var import_zod5 = require("zod");
-var _a;
-var isTsx = (_a = process.argv[1]) == null ? void 0 : _a.endsWith(".ts");
+var import_v42 = require("zod/v4");
+var isTsx = process.argv[1]?.endsWith(".ts");
 var isTsNode = process.env.TS_NODE_DEV || process.env.TS_NODE_PROJECT;
 var customApiFolderPath = isTsx || isTsNode ? "/src/api" : "/dist/api";
-var resturaConfigSchema = import_zod5.z.object({
-  authToken: import_zod5.z.string().min(1, "Missing Restura Auth Token"),
-  sendErrorStackTrace: import_zod5.z.boolean().default(false),
-  schemaFilePath: import_zod5.z.string().default(process.cwd() + "/restura.schema.json"),
-  customApiFolderPath: import_zod5.z.string().default(process.cwd() + customApiFolderPath),
-  generatedTypesPath: import_zod5.z.string().default(process.cwd() + "/src/@types"),
-  fileTempCachePath: import_zod5.z.string().optional()
+var resturaConfigSchema = import_v42.z.object({
+  authToken: import_v42.z.string().min(1, "Missing Restura Auth Token"),
+  sendErrorStackTrace: import_v42.z.boolean().default(false),
+  schemaFilePath: import_v42.z.string().default(process.cwd() + "/restura.schema.json"),
+  customApiFolderPath: import_v42.z.string().default(process.cwd() + customApiFolderPath),
+  generatedTypesPath: import_v42.z.string().default(process.cwd() + "/src/@types"),
+  fileTempCachePath: import_v42.z.string().optional(),
+  scratchDatabaseSuffix: import_v42.z.string().optional()
 });
 // src/restura/sql/PsqlEngine.ts
@@ -1682,13 +1645,14 @@ function SQL(strings, ...values) {
 // src/restura/sql/PsqlConnection.ts
 var PsqlConnection = class {
+  instanceId;
   constructor(instanceId) {
     this.instanceId = instanceId || import_crypto.default.randomUUID();
   }
   // eslint-disable-next-line  @typescript-eslint/no-explicit-any
   async queryOne(query, options, requesterDetails) {
     const formattedQuery = questionMarksToOrderedParams(query);
-    const meta = __spreadValues({ connectionInstanceId: this.instanceId }, requesterDetails);
+    const meta = { connectionInstanceId: this.instanceId, ...requesterDetails };
     this.logSqlStatement(formattedQuery, options, meta);
     const queryMetadata = `--QUERY_METADATA(${JSON.stringify(meta)})
 `;
@@ -1701,7 +1665,7 @@ var PsqlConnection = class {
       return response.rows[0];
     } catch (error) {
       if (RsError.isRsError(error)) throw error;
-      if ((error == null ? void 0 : error.routine) === "_bt_check_unique") {
+      if (error?.routine === "_bt_check_unique") {
         throw new RsError("DUPLICATE", error.message);
       }
       throw new RsError("DATABASE_ERROR", `${error.message}`);
@@ -1710,7 +1674,7 @@ var PsqlConnection = class {
   // eslint-disable-next-line  @typescript-eslint/no-explicit-any
   async runQuery(query, options, requesterDetails) {
     const formattedQuery = questionMarksToOrderedParams(query);
-    const meta = __spreadValues({ connectionInstanceId: this.instanceId }, requesterDetails);
+    const meta = { connectionInstanceId: this.instanceId, ...requesterDetails };
     this.logSqlStatement(formattedQuery, options, meta);
     const queryMetadata = `--QUERY_METADATA(${JSON.stringify(meta)})
 `;
@@ -1720,7 +1684,7 @@ var PsqlConnection = class {
       this.logQueryDuration(startTime);
       return response.rows;
     } catch (error) {
-      if ((error == null ? void 0 : error.routine) === "_bt_check_unique") {
+      if (error?.routine === "_bt_check_unique") {
         throw new RsError("DUPLICATE", error.message);
       }
       throw new RsError("DATABASE_ERROR", `${error.message}`);
@@ -1770,13 +1734,20 @@ var PsqlPool = class extends PsqlConnection {
     super();
     this.poolConfig = poolConfig;
     this.pool = new Pool(poolConfig);
-    this.queryOne("SELECT NOW();", [], { isSystemUser: true, role: "", host: "localhost", ipAddress: "" }).then(() => {
+    this.queryOne("SELECT NOW();", [], {
+      isSystemUser: true,
+      role: "",
+      host: "localhost",
+      ipAddress: "",
+      scopes: []
+    }).then(() => {
       logger.info("Connected to PostgreSQL database");
     }).catch((error) => {
       logger.error("Error connecting to database", error);
       process.exit(1);
     });
   }
+  pool;
   async query(query, values) {
     return this.pool.query(query, values);
   }
@@ -1786,7 +1757,12 @@ var PsqlPool = class extends PsqlConnection {
 var import_core_utils4 = require("@redskytech/core-utils");
 var SqlEngine = class {
   async runQueryForRoute(req, routeData, schema) {
-    if (!this.doesRoleHavePermissionToTable(req.requesterDetails.role, schema, routeData.table))
+    if (!this.canRequesterAccessTable(
+      req.requesterDetails.role,
+      req.requesterDetails.scopes,
+      schema,
+      routeData.table
+    ))
       throw new RsError("FORBIDDEN", "You do not have permission to access this table");
     switch (routeData.method) {
       case "POST":
@@ -1805,7 +1781,7 @@ var SqlEngine = class {
     if (!tableSchema) throw new RsError("SCHEMA_ERROR", `Table ${tableName} not found in schema`);
     return tableSchema;
   }
-  doesRoleHavePermissionToColumn(role, schema, item, joins) {
+  canRequesterAccessColumn(requesterRole, requesterScopes, schema, item, joins) {
     if (item.type) return true;
     if (item.selector) {
       let tableName = item.selector.split(".")[0];
@@ -1821,26 +1797,36 @@ var SqlEngine = class {
       const columnSchema = tableSchema.columns.find((item2) => item2.name === columnName);
       if (!columnSchema)
         throw new RsError("SCHEMA_ERROR", `Column ${columnName} not found in table ${tableName}`);
-      const doesColumnHaveRoles = import_core_utils4.ObjectUtils.isArrayWithData(columnSchema.roles);
-      if (!doesColumnHaveRoles) return true;
-      if (!role) return false;
-      return columnSchema.roles.includes(role);
+      if (import_core_utils4.ObjectUtils.isArrayWithData(columnSchema.roles)) {
+        if (!requesterRole) return false;
+        return columnSchema.roles.includes(requesterRole);
+      }
+      if (import_core_utils4.ObjectUtils.isArrayWithData(columnSchema.scopes)) {
+        if (!requesterScopes) return false;
+        return columnSchema.scopes.some((scope) => requesterScopes.includes(scope));
+      }
+      return true;
     }
     if (item.subquery) {
       return import_core_utils4.ObjectUtils.isArrayWithData(
         item.subquery.properties.filter((nestedItem) => {
-          return this.doesRoleHavePermissionToColumn(role, schema, nestedItem, joins);
+          return this.canRequesterAccessColumn(requesterRole, requesterScopes, schema, nestedItem, joins);
         })
       );
     }
     return false;
   }
-  doesRoleHavePermissionToTable(userRole, schema, tableName) {
+  canRequesterAccessTable(requesterRole, requesterScopes, schema, tableName) {
     const tableSchema = this.getTableSchema(schema, tableName);
-    const doesTableHaveRoles = import_core_utils4.ObjectUtils.isArrayWithData(tableSchema.roles);
-    if (!doesTableHaveRoles) return true;
-    if (!userRole) return false;
-    return tableSchema.roles.includes(userRole);
+    if (import_core_utils4.ObjectUtils.isArrayWithData(tableSchema.roles)) {
+      if (!requesterRole) return false;
+      return tableSchema.roles.includes(requesterRole);
+    }
+    if (import_core_utils4.ObjectUtils.isArrayWithData(tableSchema.scopes)) {
+      if (!requesterScopes) return false;
+      return tableSchema.scopes.some((scope) => requesterScopes.includes(scope));
+    }
+    return true;
   }
   replaceParamKeywords(value, routeData, req, sqlParams) {
     let returnValue = value;
@@ -1849,11 +1835,10 @@ var SqlEngine = class {
     return returnValue;
   }
   replaceLocalParamKeywords(value, routeData, req, sqlParams) {
-    var _a2;
     if (!routeData.request) return value;
     const data = req.data;
     if (typeof value === "string") {
-      (_a2 = value.match(/\$[a-zA-Z][a-zA-Z0-9_]+/g)) == null ? void 0 : _a2.forEach((param) => {
+      value.match(/\$[a-zA-Z][a-zA-Z0-9_]+/g)?.forEach((param) => {
         const requestParam = routeData.request.find((item) => {
           return item.name === param.replace("$", "");
         });
@@ -1866,9 +1851,8 @@ var SqlEngine = class {
     return value;
   }
   replaceGlobalParamKeywords(value, routeData, req, sqlParams) {
-    var _a2;
     if (typeof value === "string") {
-      (_a2 = value.match(/#[a-zA-Z][a-zA-Z0-9_]+/g)) == null ? void 0 : _a2.forEach((param) => {
+      value.match(/#[a-zA-Z][a-zA-Z0-9_]+/g)?.forEach((param) => {
         param = param.replace("#", "");
         const globalParamValue = req.requesterDetails[param];
         if (!globalParamValue)
@@ -1958,10 +1942,32 @@ negate = "!"
 operator = "and"i / "or"i
-column = left:text "." right:text { return  \`\${quoteSqlIdentity(left)}.\${quoteSqlIdentity(right)}\`; }
-    /
-    text:text { return quoteSqlIdentity(text); }
+column = first:text rest:("." text)* {
+    const partsArray = [first];
+    if (rest && rest.length > 0) {
+        partsArray.push(...rest.map(item => item[1]));
+    }
+    if (partsArray.length > 3) {
+        throw new SyntaxError('Column path cannot have more than 3 parts (table.column.jsonField)');
+    }
+    if (partsArray.length === 1) {
+        return quoteSqlIdentity(partsArray[0]);
+    }
+    const tableName = quoteSqlIdentity(partsArray[0]);
+    // If we only have two parts (table.column), use regular dot notation
+    if (partsArray.length === 2) {
+        return tableName + "." + quoteSqlIdentity(partsArray[1]);
+    }
+    // For JSON paths (more than 2 parts), first part is a column, last part uses ->>
+    const jsonColumn = quoteSqlIdentity(partsArray[1]);
+    const lastPart = partsArray[partsArray.length - 1];
+    const result = tableName + "." + jsonColumn + "->>'" + lastPart + "'";
+    return result;
+}
 text = text:[a-z0-9 \\t\\r\\n\\-_:@']i+ { return text.join(""); }
@@ -1991,19 +1997,24 @@ var filterPsqlParser_default = filterPsqlParser;
 var { Client, types } = import_pg2.default;
 var systemUser = {
   role: "",
+  scopes: [],
   host: "",
   ipAddress: "",
   isSystemUser: true
 };
 var PsqlEngine = class extends SqlEngine {
-  constructor(psqlConnectionPool, shouldListenForDbTriggers = false) {
+  constructor(psqlConnectionPool, shouldListenForDbTriggers = false, scratchDatabaseSuffix = "") {
     super();
     this.psqlConnectionPool = psqlConnectionPool;
     this.setupPgReturnTypes();
     if (shouldListenForDbTriggers) {
       this.setupTriggerListeners = this.listenForDbTriggers();
     }
+    this.scratchDbName = `${psqlConnectionPool.poolConfig.database}_scratch${scratchDatabaseSuffix ? `_${scratchDatabaseSuffix}` : ""}`;
   }
+  setupTriggerListeners;
+  triggerClient;
+  scratchDbName = "";
   async close() {
     if (this.triggerClient) {
       await this.triggerClient.end();
@@ -2132,27 +2143,22 @@ var PsqlEngine = class extends SqlEngine {
     sqlStatements.push(triggers.join("\n"));
     return sqlStatements.join("\n\n");
   }
-  async getScratchPool() {
-    var _a2, _b;
+  async getNewPublicSchemaAndScratchPool() {
     const scratchDbExists = await this.psqlConnectionPool.runQuery(
       `SELECT *
              FROM pg_database
-             WHERE datname = '${this.psqlConnectionPool.poolConfig.database}_scratch';`,
+             WHERE datname = '${this.scratchDbName}';`,
       [],
       systemUser
     );
     if (scratchDbExists.length === 0) {
-      await this.psqlConnectionPool.runQuery(
-        `CREATE DATABASE ${this.psqlConnectionPool.poolConfig.database}_scratch;`,
-        [],
-        systemUser
-      );
+      await this.psqlConnectionPool.runQuery(`CREATE DATABASE ${this.scratchDbName};`, [], systemUser);
     }
     const scratchPool = new PsqlPool({
       host: this.psqlConnectionPool.poolConfig.host,
       port: this.psqlConnectionPool.poolConfig.port,
       user: this.psqlConnectionPool.poolConfig.user,
-      database: this.psqlConnectionPool.poolConfig.database + "_scratch",
+      database: this.scratchDbName,
       password: this.psqlConnectionPool.poolConfig.password,
       max: this.psqlConnectionPool.poolConfig.max,
       idleTimeoutMillis: this.psqlConnectionPool.poolConfig.idleTimeoutMillis,
@@ -2165,16 +2171,17 @@ var PsqlEngine = class extends SqlEngine {
       systemUser
     );
     const schemaComment = await this.psqlConnectionPool.runQuery(
-      `SELECT pg_description.description
-                                                                                               FROM pg_description
-                                                                                                        JOIN pg_namespace ON pg_namespace.oid = pg_description.objoid
-                                                                                   WHERE pg_namespace.nspname = 'public';`,
+      `
+			SELECT pg_description.description
+			FROM pg_description
+			JOIN pg_namespace ON pg_namespace.oid = pg_description.objoid
+			WHERE pg_namespace.nspname = 'public';`,
       [],
       systemUser
     );
-    if ((_a2 = schemaComment[0]) == null ? void 0 : _a2.description) {
+    if (schemaComment[0]?.description) {
       await scratchPool.runQuery(
-        `COMMENT ON SCHEMA public IS '${(_b = schemaComment[0]) == null ? void 0 : _b.description}';`,
+        `COMMENT ON SCHEMA public IS '${schemaComment[0]?.description}';`,
         [],
         systemUser
       );
@@ -2182,7 +2189,7 @@ var PsqlEngine = class extends SqlEngine {
     return scratchPool;
   }
   async diffDatabaseToSchema(schema) {
-    const scratchPool = await this.getScratchPool();
+    const scratchPool = await this.getNewPublicSchemaAndScratchPool();
     await this.createDatabaseFromSchema(schema, scratchPool);
     const originalClient = new Client({
       database: this.psqlConnectionPool.poolConfig.database,
@@ -2192,7 +2199,7 @@ var PsqlEngine = class extends SqlEngine {
       port: this.psqlConnectionPool.poolConfig.port
     });
     const scratchClient = new Client({
-      database: this.psqlConnectionPool.poolConfig.database + "_scratch",
+      database: this.scratchDbName,
       user: this.psqlConnectionPool.poolConfig.user,
       password: this.psqlConnectionPool.poolConfig.password,
       host: this.psqlConnectionPool.poolConfig.host,
@@ -2207,24 +2214,30 @@ var PsqlEngine = class extends SqlEngine {
     await Promise.all(endPromises);
     return diff.join("\n");
   }
-  createNestedSelect(req, schema, item, routeData, userRole, sqlParams) {
+  createNestedSelect(req, schema, item, routeData, sqlParams) {
     if (!item.subquery) return "";
     if (!import_core_utils5.ObjectUtils.isArrayWithData(
       item.subquery.properties.filter((nestedItem) => {
-        return this.doesRoleHavePermissionToColumn(req.requesterDetails.role, schema, nestedItem, [
-          ...routeData.joins,
-          ...item.subquery.joins
-        ]);
+        return this.canRequesterAccessColumn(
+          req.requesterDetails.role,
+          req.requesterDetails.scopes,
+          schema,
+          nestedItem,
+          [...routeData.joins, ...item.subquery.joins]
+        );
       })
     )) {
       return "'[]'";
     }
     return `COALESCE((SELECT JSON_AGG(JSON_BUILD_OBJECT(
 			${item.subquery.properties.map((nestedItem) => {
-      if (!this.doesRoleHavePermissionToColumn(req.requesterDetails.role, schema, nestedItem, [
-        ...routeData.joins,
-        ...item.subquery.joins
-      ])) {
+      if (!this.canRequesterAccessColumn(
+        req.requesterDetails.role,
+        req.requesterDetails.scopes,
+        schema,
+        nestedItem,
+        [...routeData.joins, ...item.subquery.joins]
+      )) {
         return;
       }
       if (nestedItem.subquery) {
@@ -2234,7 +2247,6 @@ var PsqlEngine = class extends SqlEngine {
           schema,
           nestedItem,
           routeData,
-          userRole,
           sqlParams
         )}`;
       }
@@ -2243,7 +2255,7 @@ var PsqlEngine = class extends SqlEngine {
 						))
 						FROM
 							"${item.subquery.table}"
-							${this.generateJoinStatements(req, item.subquery.joins, item.subquery.table, routeData, schema, userRole, sqlParams)}
+							${this.generateJoinStatements(req, item.subquery.joins, item.subquery.table, routeData, schema, sqlParams)}
 							${this.generateWhereClause(req, item.subquery.where, routeData, sqlParams)}
 					), '[]')`;
   }
@@ -2253,7 +2265,7 @@ var PsqlEngine = class extends SqlEngine {
     (routeData.assignments || []).forEach((assignment) => {
       parameterObj[assignment.name] = this.replaceParamKeywords(assignment.value, routeData, req, sqlParams);
     });
-    const query = insertObjectQuery(routeData.table, __spreadValues(__spreadValues({}, req.data), parameterObj));
+    const query = insertObjectQuery(routeData.table, { ...req.data, ...parameterObj });
     const createdItem = await this.psqlConnectionPool.queryOne(
       query,
       sqlParams,
@@ -2268,24 +2280,29 @@ var PsqlEngine = class extends SqlEngine {
     };
     const whereData = [whereId];
     req.data = { id: insertId };
-    return this.executeGetRequest(req, __spreadProps(__spreadValues({}, routeData), { where: whereData }), schema);
+    return this.executeGetRequest(req, { ...routeData, where: whereData }, schema);
   }
   async executeGetRequest(req, routeData, schema) {
     const DEFAULT_PAGED_PAGE_NUMBER = 0;
     const DEFAULT_PAGED_PER_PAGE_NUMBER = 25;
     const sqlParams = [];
-    const userRole = req.requesterDetails.role;
     let sqlStatement = "";
     const selectColumns = [];
     routeData.response.forEach((item) => {
-      if (item.subquery || this.doesRoleHavePermissionToColumn(userRole, schema, item, routeData.joins))
+      if (item.subquery || this.canRequesterAccessColumn(
+        req.requesterDetails.role,
+        req.requesterDetails.scopes,
+        schema,
+        item,
+        routeData.joins
+      ))
         selectColumns.push(item);
     });
     if (!selectColumns.length) throw new RsError("FORBIDDEN", `You do not have permission to access this data.`);
     let selectStatement = "SELECT \n";
     selectStatement += `	${selectColumns.map((item) => {
       if (item.subquery) {
-        return `${this.createNestedSelect(req, schema, item, routeData, userRole, sqlParams)} AS ${escapeColumnName(
+        return `${this.createNestedSelect(req, schema, item, routeData, sqlParams)} AS ${escapeColumnName(
           item.name
         )}`;
       }
@@ -2300,7 +2317,6 @@ var PsqlEngine = class extends SqlEngine {
       routeData.table,
       routeData,
       schema,
-      userRole,
       sqlParams
     );
     sqlStatement += this.generateWhereClause(req, routeData.where, routeData, sqlParams);
@@ -2344,7 +2360,7 @@ var PsqlEngine = class extends SqlEngine {
   }
   async executeUpdateRequest(req, routeData, schema) {
     const sqlParams = [];
-    const _a2 = req.body, { id } = _a2, bodyNoId = __objRest(_a2, ["id"]);
+    const { id, ...bodyNoId } = req.body;
     const table = schema.database.find((item) => {
       return item.name === routeData.table;
     });
@@ -2373,7 +2389,6 @@ var PsqlEngine = class extends SqlEngine {
       routeData.table,
       routeData,
       schema,
-      req.requesterDetails.role,
       sqlParams
     );
     const whereClause = this.generateWhereClause(req, routeData.where, routeData, sqlParams);
@@ -2385,10 +2400,15 @@ DELETE FROM "${routeData.table}" ${joinStatement} ${whereClause}`;
     await this.psqlConnectionPool.runQuery(deleteStatement, sqlParams, req.requesterDetails);
     return true;
   }
-  generateJoinStatements(req, joins, baseTable, routeData, schema, userRole, sqlParams) {
+  generateJoinStatements(req, joins, baseTable, routeData, schema, sqlParams) {
     let joinStatements = "";
     joins.forEach((item) => {
-      if (!this.doesRoleHavePermissionToTable(userRole, schema, item.table))
+      if (!this.canRequesterAccessTable(
+        req.requesterDetails.role,
+        req.requesterDetails.scopes,
+        schema,
+        item.table
+      ))
         throw new RsError("FORBIDDEN", "You do not have permission to access this table");
       if (item.custom) {
         const customReplaced = this.replaceParamKeywords(item.custom, routeData, req, sqlParams);
@@ -2443,41 +2463,36 @@ DELETE FROM "${routeData.table}" ${joinStatement} ${whereClause}`;
           `Invalid where clause in route ${routeData.name}, missing required fields if not custom`
         );
       let operator = item.operator;
-      let value = item.value;
       if (operator === "LIKE") {
-        value = `'%${value}%'`;
-      } else if (operator === "NOT LIKE") {
-        value = `'%${value}%'`;
+        item.value = `'%${item.value}%'`;
       } else if (operator === "STARTS WITH") {
         operator = "LIKE";
-        value = `'${value}%'`;
+        item.value = `'${item.value}%'`;
       } else if (operator === "ENDS WITH") {
         operator = "LIKE";
-        value = `'%${value}'`;
+        item.value = `'%${item.value}'`;
       }
-      const replacedValue = this.replaceParamKeywords(value, routeData, req, sqlParams);
+      const replacedValue = this.replaceParamKeywords(item.value, routeData, req, sqlParams);
       whereClause += `	${item.conjunction || ""} "${item.tableName}"."${item.columnName}" ${operator.replace("LIKE", "ILIKE")} ${["IN", "NOT IN"].includes(operator) ? `(${replacedValue})` : replacedValue}
 `;
     });
     const data = req.data;
-    if (routeData.type === "PAGED" && !!(data == null ? void 0 : data.filter)) {
+    if (routeData.type === "PAGED" && !!data?.filter) {
       let statement = data.filter.replace(/\$[a-zA-Z][a-zA-Z0-9_]+/g, (value) => {
-        var _a2;
         const requestParam = routeData.request.find((item) => {
           return item.name === value.replace("$", "");
         });
         if (!requestParam)
           throw new RsError("SCHEMA_ERROR", `Invalid route keyword in route ${routeData.name}`);
-        return ((_a2 = data[requestParam.name]) == null ? void 0 : _a2.toString()) || "";
+        return data[requestParam.name]?.toString() || "";
       });
       statement = statement.replace(/#[a-zA-Z][a-zA-Z0-9_]+/g, (value) => {
-        var _a2;
         const requestParam = routeData.request.find((item) => {
           return item.name === value.replace("#", "");
         });
         if (!requestParam)
           throw new RsError("SCHEMA_ERROR", `Invalid route keyword in route ${routeData.name}`);
-        return ((_a2 = data[requestParam.name]) == null ? void 0 : _a2.toString()) || "";
+        return data[requestParam.name]?.toString() || "";
       });
       statement = filterPsqlParser_default.parse(statement);
       if (whereClause.startsWith("WHERE")) {
@@ -2718,8 +2733,9 @@ var import_internal3 = require("@restura/internal");
 var import_bluebird3 = __toESM(require("bluebird"));
 var os2 = __toESM(require("os"));
 var TempCache = class {
+  location;
+  maxDurationDays = 7;
   constructor(location) {
-    this.maxDurationDays = 7;
     this.location = location || os2.tmpdir();
     import_internal3.FileUtils.ensureDir(this.location).catch((e) => {
       throw e;
@@ -2744,15 +2760,24 @@ var TempCache = class {
 // src/restura/restura.ts
 var ResturaEngine = class {
-  constructor() {
-    this.publicEndpoints = {
-      GET: [],
-      POST: [],
-      PUT: [],
-      PATCH: [],
-      DELETE: []
-    };
-  }
+  // Make public so other modules can access without re-parsing the config
+  resturaConfig;
+  multerCommonUpload;
+  resturaRouter;
+  publicEndpoints = {
+    GET: [],
+    POST: [],
+    PUT: [],
+    PATCH: [],
+    DELETE: []
+  };
+  expressApp;
+  schema;
+  responseValidator;
+  authenticationHandler;
+  customTypeValidation;
+  psqlConnectionPool;
+  psqlEngine;
   /**
    * Initializes the Restura engine with the provided Express application.
    *
@@ -2760,11 +2785,11 @@ var ResturaEngine = class {
    * @returns A promise that resolves when the initialization is complete.
    */
   async init(app, authenticationHandler, psqlConnectionPool) {
-    this.resturaConfig = import_internal4.config.validate("restura", resturaConfigSchema);
+    this.resturaConfig = await import_internal4.config.validate("restura", resturaConfigSchema);
     this.multerCommonUpload = getMulterUpload(this.resturaConfig.fileTempCachePath);
     new TempCache(this.resturaConfig.fileTempCachePath);
     this.psqlConnectionPool = psqlConnectionPool;
-    this.psqlEngine = new PsqlEngine(this.psqlConnectionPool, true);
+    this.psqlEngine = new PsqlEngine(this.psqlConnectionPool, true, this.resturaConfig.scratchDatabaseSuffix);
     await customApiFactory_default.loadApiFiles(this.resturaConfig.customApiFolderPath);
     this.authenticationHandler = authenticationHandler;
     app.use((0, import_compression.default)());
@@ -2773,7 +2798,7 @@ var ResturaEngine = class {
     app.use((0, import_cookie_parser.default)());
     app.disable("x-powered-by");
     app.use("/", addApiResponseFunctions);
-    app.use("/api/", authenticateUser(this.authenticationHandler));
+    app.use("/api/", authenticateRequester(this.authenticationHandler));
     app.use("/restura", this.resturaAuthentication);
     app.put(
       "/restura/v1/schema",
@@ -2794,7 +2819,7 @@ var ResturaEngine = class {
   }
   /**
    * Determines if a given endpoint is public based on the HTTP method and full URL. This
-   * is determined on whether the endpoint in the schema has no roles assigned to it.
+   * is determined on whether the endpoint in the schema has no roles or scopes assigned to it.
    *
    * @param method - The HTTP method (e.g., 'GET', 'POST', 'PUT', 'PATCH', 'DELETE').
    * @param fullUrl - The full URL of the endpoint.
@@ -2883,7 +2908,8 @@ var ResturaEngine = class {
         route.path = route.path.startsWith("/") ? route.path : `/${route.path}`;
         route.path = route.path.endsWith("/") ? route.path.slice(0, -1) : route.path;
         const fullUrl = `${baseUrl}${route.path}`;
-        if (route.roles.length === 0) this.publicEndpoints[route.method].push(fullUrl);
+        if (route.roles.length === 0 && route.scopes.length === 0)
+          this.publicEndpoints[route.method].push(fullUrl);
         this.resturaRouter[route.method.toLowerCase()](
           route.path,
           // <-- Notice we only use path here since the baseUrl is already added to the router.
@@ -2933,10 +2959,10 @@ var ResturaEngine = class {
     );
     this.generateResturaGlobalTypes(import_path5.default.join(this.resturaConfig.generatedTypesPath, "restura.d.ts"));
   }
-  async getSchema(req, res) {
+  async getSchema(_req, res) {
     res.send({ data: this.schema });
   }
-  async getSchemaAndTypes(req, res) {
+  async getSchemaAndTypes(_req, res) {
     try {
       const schema = await this.getLatestFileSystemSchema();
       const apiText = await apiGenerator(schema);
@@ -2947,8 +2973,7 @@ var ResturaEngine = class {
     }
   }
   async getMulterFilesIfAny(req, res, routeData) {
-    var _a2;
-    if (!((_a2 = req.header("content-type")) == null ? void 0 : _a2.includes("multipart/form-data"))) return;
+    if (!req.header("content-type")?.includes("multipart/form-data")) return;
     if (!this.isCustomRoute(routeData)) return;
     if (!routeData.fileUploadType) {
       throw new RsError("BAD_REQUEST", "File upload type not defined for route");
@@ -3011,16 +3036,17 @@ var ResturaEngine = class {
     await customFunction(req, res, routeData);
   }
   async storeFileSystemSchema() {
-    const schemaPrettyStr = await prettier3.format(JSON.stringify(this.schema), __spreadValues({
-      parser: "json"
-    }, {
-      trailingComma: "none",
-      tabWidth: 4,
-      useTabs: true,
-      endOfLine: "lf",
-      printWidth: 120,
-      singleQuote: true
-    }));
+    const schemaPrettyStr = await prettier3.format(JSON.stringify(this.schema), {
+      parser: "json",
+      ...{
+        trailingComma: "none",
+        tabWidth: 4,
+        useTabs: true,
+        endOfLine: "lf",
+        printWidth: 120,
+        singleQuote: true
+      }
+    });
     import_fs4.default.writeFileSync(this.resturaConfig.schemaFilePath, schemaPrettyStr);
   }
   resetPublicEndpoints() {
@@ -3033,9 +3059,13 @@ var ResturaEngine = class {
     };
   }
   validateAuthorization(req, routeData) {
-    const role = req.requesterDetails.role;
-    if (routeData.roles.length === 0 || !role) return;
-    if (!routeData.roles.includes(role)) throw new RsError("FORBIDDEN", "Not authorized to access this endpoint");
+    const requesterRole = req.requesterDetails.role;
+    const requesterScopes = req.requesterDetails.scopes;
+    if (routeData.roles.length === 0 && routeData.scopes.length === 0) return;
+    if (requesterRole && routeData.roles.length > 0 && !routeData.roles.includes(requesterRole))
+      throw new RsError("FORBIDDEN", "Not authorized to access this endpoint");
+    if (requesterScopes.length > 0 && routeData.scopes.length > 0 && !routeData.scopes.some((scope) => requesterScopes.includes(scope)))
+      throw new RsError("FORBIDDEN", "Not authorized to access this endpoint");
   }
   getRouteData(method, baseUrl, path5) {
     const endpoint = this.schema.endpoints.find((item) => {
@@ -3089,6 +3119,9 @@ var PsqlTransaction = class extends PsqlConnection {
     this.connectPromise = this.client.connect();
     this.beginTransactionPromise = this.beginTransaction();
   }
+  client;
+  beginTransactionPromise;
+  connectPromise;
   async close() {
     if (this.client) {
       await this.client.end();