@reverso/api 0.1.0

package/dist/utils/security.js

@@ -0,0 +1,154 @@
+/**
+ * Security utilities for the API.
+ */
+import crypto from 'node:crypto';
+/**
+ * Private IP ranges that should be blocked for SSRF protection.
+ */
+const PRIVATE_IP_RANGES = [
+    /^127\./, // 127.0.0.0/8 (loopback)
+    /^10\./, // 10.0.0.0/8 (private)
+    /^172\.(1[6-9]|2[0-9]|3[0-1])\./, // 172.16.0.0/12 (private)
+    /^192\.168\./, // 192.168.0.0/16 (private)
+    /^169\.254\./, // 169.254.0.0/16 (link-local)
+    /^0\./, // 0.0.0.0/8 (current network)
+    /^224\./, // 224.0.0.0/4 (multicast)
+    /^240\./, // 240.0.0.0/4 (reserved)
+    /^255\.255\.255\.255$/, // broadcast
+    /^localhost$/i, // localhost hostname
+    /^::1$/, // IPv6 loopback
+    /^fe80:/i, // IPv6 link-local
+    /^fc00:/i, // IPv6 private
+    /^fd00:/i, // IPv6 private
+];
+/**
+ * Blocked hostnames for SSRF protection.
+ */
+const BLOCKED_HOSTNAMES = [
+    'localhost',
+    'metadata.google.internal',
+    'metadata.google.com',
+    '169.254.169.254', // AWS/GCP metadata
+    'metadata',
+];
+/**
+ * Check if a URL is safe for server-side requests (SSRF protection).
+ * Blocks private IPs, localhost, and cloud metadata endpoints.
+ */
+export function isUrlSafeForSSRF(urlString) {
+    try {
+        const url = new URL(urlString);
+        // Only allow http and https
+        if (!['http:', 'https:'].includes(url.protocol)) {
+            return { safe: false, reason: 'Only HTTP and HTTPS protocols are allowed' };
+        }
+        // Check blocked hostnames
+        const hostname = url.hostname.toLowerCase();
+        if (BLOCKED_HOSTNAMES.includes(hostname)) {
+            return { safe: false, reason: 'Blocked hostname' };
+        }
+        // Check private IP ranges
+        for (const pattern of PRIVATE_IP_RANGES) {
+            if (pattern.test(hostname)) {
+                return { safe: false, reason: 'Private IP addresses are not allowed' };
+            }
+        }
+        // Block URLs with credentials
+        if (url.username || url.password) {
+            return { safe: false, reason: 'URLs with credentials are not allowed' };
+        }
+        return { safe: true };
+    }
+    catch {
+        return { safe: false, reason: 'Invalid URL format' };
+    }
+}
+/**
+ * Allowed redirect domains (empty means only relative URLs allowed).
+ * Configure via REVERSO_ALLOWED_REDIRECT_DOMAINS environment variable.
+ */
+function getAllowedRedirectDomains() {
+    const envDomains = process.env.REVERSO_ALLOWED_REDIRECT_DOMAINS;
+    if (envDomains) {
+        return envDomains.split(',').map((d) => d.trim().toLowerCase());
+    }
+    return [];
+}
+/**
+ * Check if a redirect URL is safe (prevents open redirect attacks).
+ * Only allows relative URLs or URLs to whitelisted domains.
+ */
+export function isRedirectUrlSafe(urlString) {
+    if (!urlString) {
+        return { safe: true }; // No redirect is safe
+    }
+    // Allow relative URLs (must start with /)
+    if (urlString.startsWith('/') && !urlString.startsWith('//')) {
+        return { safe: true };
+    }
+    try {
+        const url = new URL(urlString);
+        // Only allow http and https
+        if (!['http:', 'https:'].includes(url.protocol)) {
+            return { safe: false, reason: 'Only HTTP and HTTPS protocols are allowed' };
+        }
+        // Check against allowed domains
+        const allowedDomains = getAllowedRedirectDomains();
+        const hostname = url.hostname.toLowerCase();
+        if (allowedDomains.length === 0) {
+            return { safe: false, reason: 'External redirects are not allowed. Use relative URLs or configure REVERSO_ALLOWED_REDIRECT_DOMAINS' };
+        }
+        const isAllowed = allowedDomains.some((domain) => {
+            // Exact match or subdomain match
+            return hostname === domain || hostname.endsWith(`.${domain}`);
+        });
+        if (!isAllowed) {
+            return { safe: false, reason: `Domain "${hostname}" is not in the allowed list` };
+        }
+        return { safe: true };
+    }
+    catch {
+        return { safe: false, reason: 'Invalid URL format' };
+    }
+}
+/**
+ * Generate HMAC-SHA256 signature for webhook payloads.
+ */
+export function generateWebhookSignature(payload, secret) {
+    const hmac = crypto.createHmac('sha256', secret);
+    hmac.update(payload);
+    return `sha256=${hmac.digest('hex')}`;
+}
+/**
+ * Verify HMAC-SHA256 signature for webhook payloads.
+ */
+export function verifyWebhookSignature(payload, signature, secret) {
+    const expected = generateWebhookSignature(payload, secret);
+    // Use timing-safe comparison to prevent timing attacks
+    try {
+        return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expected));
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Validate token format and length.
+ */
+export function isValidTokenFormat(token) {
+    // Session tokens are 64 hex characters (32 bytes)
+    // API keys can vary but should be reasonable length
+    if (!token || typeof token !== 'string') {
+        return false;
+    }
+    // Max reasonable length for a token
+    if (token.length > 256) {
+        return false;
+    }
+    // Min length for security
+    if (token.length < 16) {
+        return false;
+    }
+    return true;
+}
+//# sourceMappingURL=security.js.map

package/dist/utils/security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../../src/utils/security.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC;;GAEG;AACH,MAAM,iBAAiB,GAAG;IACxB,QAAQ,EAAqB,yBAAyB;IACtD,OAAO,EAAsB,uBAAuB;IACpD,gCAAgC,EAAE,0BAA0B;IAC5D,aAAa,EAAgB,2BAA2B;IACxD,aAAa,EAAgB,8BAA8B;IAC3D,MAAM,EAAuB,8BAA8B;IAC3D,QAAQ,EAAqB,0BAA0B;IACvD,QAAQ,EAAqB,yBAAyB;IACtD,sBAAsB,EAAO,YAAY;IACzC,cAAc,EAAe,qBAAqB;IAClD,OAAO,EAAsB,gBAAgB;IAC7C,SAAS,EAAoB,kBAAkB;IAC/C,SAAS,EAAoB,eAAe;IAC5C,SAAS,EAAoB,eAAe;CAC7C,CAAC;AAEF;;GAEG;AACH,MAAM,iBAAiB,GAAG;IACxB,WAAW;IACX,0BAA0B;IAC1B,qBAAqB;IACrB,iBAAiB,EAAE,mBAAmB;IACtC,UAAU;CACX,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAiB;IAChD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAE/B,4BAA4B;QAC5B,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,2CAA2C,EAAE,CAAC;QAC9E,CAAC;QAED,0BAA0B;QAC1B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC5C,IAAI,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,kBAAkB,EAAE,CAAC;QACrD,CAAC;QAED,0BAA0B;QAC1B,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;YACxC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3B,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,sCAAsC,EAAE,CAAC;YACzE,CAAC;QACH,CAAC;QAED,8BAA8B;QAC9B,IAAI,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;YACjC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,uCAAuC,EAAE,CAAC;QAC1E,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;IACvD,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,yBAAyB;IAChC,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC;IAChE,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;IAClE,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAAoC;IACpE,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,sBAAsB;IAC/C,CAAC;IAED,0CAA0C;IAC1C,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7D,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAE/B,4BAA4B;QAC5B,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,2CAA2C,EAAE,CAAC;QAC9E,CAAC;QAED,gCAAgC;QAChC,MAAM,cAAc,GAAG,yBAAyB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAE5C,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,qGAAqG,EAAE,CAAC;QACxI,CAAC;QAED,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;YAC/C,iCAAiC;YACjC,OAAO,QAAQ,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,QAAQ,8BAA8B,EAAE,CAAC;QACpF,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;IACvD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAAe,EAAE,MAAc;IACtE,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACjD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACrB,OAAO,UAAU,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe,EAAE,SAAiB,EAAE,MAAc;IACvF,MAAM,QAAQ,GAAG,wBAAwB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC3D,uDAAuD;IACvD,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,KAAa;IAC9C,kDAAkD;IAClD,oDAAoD;IACpD,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,0BAA0B;IAC1B,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/validation.d.ts

@@ -0,0 +1,402 @@
+/**
+ * Input validation schemas using Zod.
+ */
+import { z } from 'zod';
+/**
+ * Allowed MIME types for file uploads.
+ */
+export declare const ALLOWED_MIME_TYPES: Set<string>;
+/**
+ * Max file size (50MB).
+ */
+export declare const MAX_FILE_SIZE: number;
+/**
+ * Slug validation regex.
+ * Allows lowercase letters, numbers, and hyphens.
+ */
+export declare const SLUG_REGEX: RegExp;
+/**
+ * Path validation regex.
+ * Allows alphanumeric, dots, underscores, and $ for repeaters.
+ */
+export declare const PATH_REGEX: RegExp;
+/**
+ * Locale validation regex.
+ * Allows standard locale codes like "en", "en-US", "pt-BR".
+ */
+export declare const LOCALE_REGEX: RegExp;
+/**
+ * Sanitize filename to prevent path traversal attacks.
+ */
+export declare function sanitizeFilename(filename: string): string;
+/**
+ * Check if MIME type is allowed.
+ */
+export declare function isAllowedMimeType(mimeType: string): boolean;
+/**
+ * Content update body schema.
+ */
+export declare const contentUpdateSchema: z.ZodObject<{
+    value: z.ZodUnknown;
+    locale: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    publish: z.ZodOptional<z.ZodBoolean>;
+}, z.core.$strip>;
+/**
+ * Bulk content update schema.
+ */
+export declare const bulkContentUpdateSchema: z.ZodObject<{
+    updates: z.ZodArray<z.ZodObject<{
+        path: z.ZodString;
+        value: z.ZodUnknown;
+        locale: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
+}, z.core.$strip>;
+/**
+ * Schema sync body schema.
+ */
+export declare const schemaSyncSchema: z.ZodObject<{
+    schema: z.ZodObject<{
+        version: z.ZodString;
+        generatedAt: z.ZodString;
+        pages: z.ZodArray<z.ZodObject<{
+            slug: z.ZodString;
+            name: z.ZodString;
+            sections: z.ZodArray<z.ZodAny>;
+            fieldCount: z.ZodNumber;
+            sourceFiles: z.ZodArray<z.ZodString>;
+        }, z.core.$strip>>;
+        pageCount: z.ZodNumber;
+        totalFields: z.ZodNumber;
+        meta: z.ZodObject<{
+            srcDir: z.ZodString;
+            filesScanned: z.ZodNumber;
+            filesWithMarkers: z.ZodNumber;
+            scanDuration: z.ZodNumber;
+        }, z.core.$strip>;
+    }, z.core.$strip>;
+    deleteRemoved: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, z.core.$strip>;
+/**
+ * Media metadata update schema.
+ */
+export declare const mediaUpdateSchema: z.ZodObject<{
+    alt: z.ZodOptional<z.ZodString>;
+    caption: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+/**
+ * Pagination query schema.
+ */
+export declare const paginationSchema: z.ZodObject<{
+    limit: z.ZodOptional<z.ZodPipe<z.ZodPipe<z.ZodString, z.ZodTransform<number, string>>, z.ZodNumber>>;
+    offset: z.ZodOptional<z.ZodPipe<z.ZodPipe<z.ZodString, z.ZodTransform<number, string>>, z.ZodNumber>>;
+}, z.core.$strip>;
+/**
+ * Media list query schema.
+ */
+export declare const mediaListQuerySchema: z.ZodObject<{
+    limit: z.ZodOptional<z.ZodPipe<z.ZodPipe<z.ZodString, z.ZodTransform<number, string>>, z.ZodNumber>>;
+    offset: z.ZodOptional<z.ZodPipe<z.ZodPipe<z.ZodString, z.ZodTransform<number, string>>, z.ZodNumber>>;
+    type: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+/**
+ * Path param schema.
+ */
+export declare const pathParamSchema: z.ZodObject<{
+    path: z.ZodString;
+}, z.core.$strip>;
+/**
+ * Slug param schema.
+ */
+export declare const slugParamSchema: z.ZodObject<{
+    slug: z.ZodString;
+}, z.core.$strip>;
+/**
+ * ID param schema.
+ */
+export declare const idParamSchema: z.ZodObject<{
+    id: z.ZodString;
+}, z.core.$strip>;
+/**
+ * Locale query schema.
+ */
+export declare const localeQuerySchema: z.ZodObject<{
+    locale: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+}, z.core.$strip>;
+/**
+ * Form status enum.
+ */
+export declare const formStatusSchema: z.ZodEnum<{
+    draft: "draft";
+    published: "published";
+    archived: "archived";
+}>;
+/**
+ * Form step schema.
+ */
+export declare const formStepSchema: z.ZodObject<{
+    id: z.ZodString;
+    name: z.ZodString;
+    description: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+/**
+ * Form settings schema.
+ */
+export declare const formSettingsSchema: z.ZodObject<{
+    submitButtonText: z.ZodOptional<z.ZodString>;
+    successMessage: z.ZodOptional<z.ZodString>;
+    redirectUrl: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+/**
+ * Form create schema.
+ */
+export declare const formCreateSchema: z.ZodObject<{
+    name: z.ZodString;
+    slug: z.ZodString;
+    description: z.ZodOptional<z.ZodString>;
+    status: z.ZodOptional<z.ZodEnum<{
+        draft: "draft";
+        published: "published";
+        archived: "archived";
+    }>>;
+    isMultiStep: z.ZodOptional<z.ZodBoolean>;
+    steps: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodString;
+        description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>>;
+    settings: z.ZodOptional<z.ZodObject<{
+        submitButtonText: z.ZodOptional<z.ZodString>;
+        successMessage: z.ZodOptional<z.ZodString>;
+        redirectUrl: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
+    notifyEmails: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    notifyOnSubmission: z.ZodOptional<z.ZodBoolean>;
+    webhookUrl: z.ZodOptional<z.ZodString>;
+    webhookSecret: z.ZodOptional<z.ZodString>;
+    webhookEnabled: z.ZodOptional<z.ZodBoolean>;
+    honeypotEnabled: z.ZodOptional<z.ZodBoolean>;
+    rateLimitPerMinute: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>;
+/**
+ * Form update schema.
+ */
+export declare const formUpdateSchema: z.ZodObject<{
+    name: z.ZodOptional<z.ZodString>;
+    slug: z.ZodOptional<z.ZodString>;
+    description: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    status: z.ZodOptional<z.ZodOptional<z.ZodEnum<{
+        draft: "draft";
+        published: "published";
+        archived: "archived";
+    }>>>;
+    isMultiStep: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+    steps: z.ZodOptional<z.ZodOptional<z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodString;
+        description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>>>;
+    settings: z.ZodOptional<z.ZodOptional<z.ZodObject<{
+        submitButtonText: z.ZodOptional<z.ZodString>;
+        successMessage: z.ZodOptional<z.ZodString>;
+        redirectUrl: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>>;
+    notifyEmails: z.ZodOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>;
+    notifyOnSubmission: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+    webhookUrl: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    webhookSecret: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    webhookEnabled: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+    honeypotEnabled: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+    rateLimitPerMinute: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
+}, z.core.$strip>;
+/**
+ * Form field type enum.
+ */
+export declare const formFieldTypeSchema: z.ZodEnum<{
+    number: "number";
+    date: "date";
+    email: "email";
+    select: "select";
+    file: "file";
+    text: "text";
+    textarea: "textarea";
+    checkbox: "checkbox";
+    radio: "radio";
+    hidden: "hidden";
+}>;
+/**
+ * Field condition schema.
+ */
+export declare const fieldConditionSchema: z.ZodObject<{
+    field: z.ZodString;
+    operator: z.ZodEnum<{
+        equals: "equals";
+        notEquals: "notEquals";
+        contains: "contains";
+        notContains: "notContains";
+        isEmpty: "isEmpty";
+        isNotEmpty: "isNotEmpty";
+    }>;
+    value: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>;
+}, z.core.$strip>;
+/**
+ * Field config schema.
+ */
+export declare const fieldConfigSchema: z.ZodObject<{
+    options: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        label: z.ZodString;
+        value: z.ZodString;
+    }, z.core.$strip>>>;
+    accept: z.ZodOptional<z.ZodString>;
+    min: z.ZodOptional<z.ZodNumber>;
+    max: z.ZodOptional<z.ZodNumber>;
+    minLength: z.ZodOptional<z.ZodNumber>;
+    maxLength: z.ZodOptional<z.ZodNumber>;
+    pattern: z.ZodOptional<z.ZodString>;
+    rows: z.ZodOptional<z.ZodNumber>;
+    multiple: z.ZodOptional<z.ZodBoolean>;
+}, z.core.$strip>;
+/**
+ * Form field create schema.
+ */
+export declare const formFieldCreateSchema: z.ZodObject<{
+    name: z.ZodString;
+    type: z.ZodEnum<{
+        number: "number";
+        date: "date";
+        email: "email";
+        select: "select";
+        file: "file";
+        text: "text";
+        textarea: "textarea";
+        checkbox: "checkbox";
+        radio: "radio";
+        hidden: "hidden";
+    }>;
+    label: z.ZodOptional<z.ZodString>;
+    placeholder: z.ZodOptional<z.ZodString>;
+    help: z.ZodOptional<z.ZodString>;
+    required: z.ZodOptional<z.ZodBoolean>;
+    validation: z.ZodOptional<z.ZodString>;
+    config: z.ZodOptional<z.ZodObject<{
+        options: z.ZodOptional<z.ZodArray<z.ZodObject<{
+            label: z.ZodString;
+            value: z.ZodString;
+        }, z.core.$strip>>>;
+        accept: z.ZodOptional<z.ZodString>;
+        min: z.ZodOptional<z.ZodNumber>;
+        max: z.ZodOptional<z.ZodNumber>;
+        minLength: z.ZodOptional<z.ZodNumber>;
+        maxLength: z.ZodOptional<z.ZodNumber>;
+        pattern: z.ZodOptional<z.ZodString>;
+        rows: z.ZodOptional<z.ZodNumber>;
+        multiple: z.ZodOptional<z.ZodBoolean>;
+    }, z.core.$strip>>;
+    width: z.ZodOptional<z.ZodNumber>;
+    step: z.ZodOptional<z.ZodNumber>;
+    sortOrder: z.ZodOptional<z.ZodNumber>;
+    condition: z.ZodOptional<z.ZodObject<{
+        field: z.ZodString;
+        operator: z.ZodEnum<{
+            equals: "equals";
+            notEquals: "notEquals";
+            contains: "contains";
+            notContains: "notContains";
+            isEmpty: "isEmpty";
+            isNotEmpty: "isNotEmpty";
+        }>;
+        value: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>;
+    }, z.core.$strip>>;
+}, z.core.$strip>;
+/**
+ * Form field update schema.
+ */
+export declare const formFieldUpdateSchema: z.ZodObject<{
+    name: z.ZodOptional<z.ZodString>;
+    type: z.ZodOptional<z.ZodEnum<{
+        number: "number";
+        date: "date";
+        email: "email";
+        select: "select";
+        file: "file";
+        text: "text";
+        textarea: "textarea";
+        checkbox: "checkbox";
+        radio: "radio";
+        hidden: "hidden";
+    }>>;
+    label: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    placeholder: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    help: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    required: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+    validation: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    config: z.ZodOptional<z.ZodOptional<z.ZodObject<{
+        options: z.ZodOptional<z.ZodArray<z.ZodObject<{
+            label: z.ZodString;
+            value: z.ZodString;
+        }, z.core.$strip>>>;
+        accept: z.ZodOptional<z.ZodString>;
+        min: z.ZodOptional<z.ZodNumber>;
+        max: z.ZodOptional<z.ZodNumber>;
+        minLength: z.ZodOptional<z.ZodNumber>;
+        maxLength: z.ZodOptional<z.ZodNumber>;
+        pattern: z.ZodOptional<z.ZodString>;
+        rows: z.ZodOptional<z.ZodNumber>;
+        multiple: z.ZodOptional<z.ZodBoolean>;
+    }, z.core.$strip>>>;
+    width: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
+    step: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
+    sortOrder: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
+    condition: z.ZodOptional<z.ZodOptional<z.ZodObject<{
+        field: z.ZodString;
+        operator: z.ZodEnum<{
+            equals: "equals";
+            notEquals: "notEquals";
+            contains: "contains";
+            notContains: "notContains";
+            isEmpty: "isEmpty";
+            isNotEmpty: "isNotEmpty";
+        }>;
+        value: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>;
+    }, z.core.$strip>>>;
+}, z.core.$strip>;
+/**
+ * Form submission create schema (public).
+ */
+export declare const formSubmissionCreateSchema: z.ZodObject<{
+    data: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+    honeypot: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+/**
+ * Redirect status code enum.
+ */
+export declare const redirectStatusCodeSchema: z.ZodUnion<readonly [z.ZodLiteral<301>, z.ZodLiteral<302>, z.ZodLiteral<307>, z.ZodLiteral<308>]>;
+/**
+ * Redirect create schema.
+ */
+export declare const redirectCreateSchema: z.ZodObject<{
+    fromPath: z.ZodString;
+    toPath: z.ZodString;
+    statusCode: z.ZodOptional<z.ZodUnion<readonly [z.ZodLiteral<301>, z.ZodLiteral<302>, z.ZodLiteral<307>, z.ZodLiteral<308>]>>;
+    isEnabled: z.ZodOptional<z.ZodBoolean>;
+}, z.core.$strip>;
+/**
+ * Redirect update schema.
+ */
+export declare const redirectUpdateSchema: z.ZodObject<{
+    fromPath: z.ZodOptional<z.ZodString>;
+    toPath: z.ZodOptional<z.ZodString>;
+    statusCode: z.ZodOptional<z.ZodOptional<z.ZodUnion<readonly [z.ZodLiteral<301>, z.ZodLiteral<302>, z.ZodLiteral<307>, z.ZodLiteral<308>]>>>;
+    isEnabled: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+}, z.core.$strip>;
+export type ContentUpdateInput = z.infer<typeof contentUpdateSchema>;
+export type BulkContentUpdateInput = z.infer<typeof bulkContentUpdateSchema>;
+export type SchemaSyncInput = z.infer<typeof schemaSyncSchema>;
+export type MediaUpdateInput = z.infer<typeof mediaUpdateSchema>;
+export type FormCreateInput = z.infer<typeof formCreateSchema>;
+export type FormUpdateInput = z.infer<typeof formUpdateSchema>;
+export type FormFieldCreateInput = z.infer<typeof formFieldCreateSchema>;
+export type FormFieldUpdateInput = z.infer<typeof formFieldUpdateSchema>;
+export type FormSubmissionCreateInput = z.infer<typeof formSubmissionCreateSchema>;
+export type RedirectCreateInput = z.infer<typeof redirectCreateSchema>;
+export type RedirectUpdateInput = z.infer<typeof redirectUpdateSchema>;
+//# sourceMappingURL=validation.d.ts.map

package/dist/validation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../src/validation.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;GAEG;AACH,eAAO,MAAM,kBAAkB,aAuB7B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,aAAa,QAAmB,CAAC;AAE9C;;;GAGG;AACH,eAAO,MAAM,UAAU,QAA+B,CAAC;AAEvD;;;GAGG;AACH,eAAO,MAAM,UAAU,QAA4C,CAAC;AAEpE;;;GAGG;AACH,eAAO,MAAM,YAAY,QAAuC,CAAC;AAEjE;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAezD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAE3D;AAED;;GAEG;AACH,eAAO,MAAM,mBAAmB;;;;iBAI9B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,uBAAuB;;;;;;iBAUlC,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;iBAuB3B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;iBAG5B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;iBAW3B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;iBAE/B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe;;iBAE1B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe;;iBAE1B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,aAAa;;iBAExB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,iBAAiB;;iBAE5B,CAAC;AAMH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;EAA6C,CAAC;AAE3E;;GAEG;AACH,eAAO,MAAM,cAAc;;;;iBAIzB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,kBAAkB;;;;iBAI7B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAe3B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAA6B,CAAC;AAE3D;;GAEG;AACH,eAAO,MAAM,mBAAmB;;;;;;;;;;;EAW9B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;;;;;;;iBAI/B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;iBAU5B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAahC,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAAkC,CAAC;AAErE;;GAEG;AACH,eAAO,MAAM,0BAA0B;;;iBAGrC,CAAC;AAMH;;GAEG;AACH,eAAO,MAAM,wBAAwB,mGAKnC,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;iBAO/B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;iBAAiC,CAAC;AAMnE,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACrE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAC7E,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAC/D,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AACjE,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAC/D,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAC/D,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AACzE,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AACzE,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AACnF,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AACvE,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC"}