@soulbatical/tetra-core 0.1.0

package/dist/shared/validators/featureConfigValidator.js

@@ -0,0 +1,143 @@
+/**
+ * Feature Config Validator
+ *
+ * Validates feature configurations at startup to catch common mistakes early.
+ * Runs during RouteManager initialization to fail fast with clear error messages.
+ */
+import { createLogger } from '../../utils/logger.js';
+const logger = createLogger('config:validator');
+/**
+ * Known wrong table names — projects register their own via addWrongTableNames().
+ */
+const wrongTableNames = {};
+/**
+ * Register known wrong table name mappings for validation.
+ * @example addWrongTableNames({ 'userspublic': 'users_public' });
+ */
+export function addWrongTableNames(mappings) {
+    Object.assign(wrongTableNames, mappings);
+}
+/**
+ * Validate a feature configuration
+ * @throws Error if validation fails (fail-fast approach)
+ */
+export function validateFeatureConfig(config, featureName) {
+    const errors = [];
+    // ==========================================
+    // SECURITY: navigationPanels validation
+    // ==========================================
+    if (config.display?.card?.navigationPanels) {
+        const navigationPanels = config.display.card.navigationPanels;
+        // 🚨 CRITICAL: 'organization' and 'organizations' are FORBIDDEN in navigation panels
+        const forbiddenPanels = navigationPanels.filter(panel => panel === 'organization' || panel === 'organizations');
+        if (forbiddenPanels.length > 0) {
+            errors.push({
+                feature: featureName,
+                field: 'display.card.navigationPanels',
+                error: `Contains forbidden values: ${forbiddenPanels.join(', ')}`,
+                fix: `Remove '${forbiddenPanels.join("', '")}' from navigationPanels array. Organizations contain sensitive multi-tenant data and should NEVER be exposed in UI navigation.`
+            });
+        }
+    }
+    // ==========================================
+    // DATABASE: Table name validation
+    // ==========================================
+    if (config.tableName) {
+        // Check for correct snake_case format
+        if (config.tableName.includes('-')) {
+            errors.push({
+                feature: featureName,
+                field: 'tableName',
+                error: `Uses hyphens instead of underscores: '${config.tableName}'`,
+                fix: `Use snake_case: '${config.tableName.replace(/-/g, '_')}'`
+            });
+        }
+        // Check for plural form (best practice)
+        if (!config.tableName.endsWith('s') && !config.tableName.includes('_')) {
+            logger.warn(`[${featureName}] Table name '${config.tableName}' should be plural (e.g., 'orders', 'users')`);
+        }
+    }
+    // ==========================================
+    // INCLUDE MAPPING: Table name validation
+    // ==========================================
+    if (config.includeMapping) {
+        Object.entries(config.includeMapping).forEach(([key, mapping]) => {
+            // Check for correct snake_case in table names
+            if (mapping.tableName.includes('-')) {
+                errors.push({
+                    feature: featureName,
+                    field: `includeMapping.${key}.tableName`,
+                    error: `Uses hyphens instead of underscores: '${mapping.tableName}'`,
+                    fix: `Use snake_case: '${mapping.tableName.replace(/-/g, '_')}'`
+                });
+            }
+            // Check for common typos — projects can register their own via addWrongTableNames()
+            const correctName = wrongTableNames[mapping.tableName];
+            if (correctName) {
+                errors.push({
+                    feature: featureName,
+                    field: `includeMapping.${key}.tableName`,
+                    error: `Incorrect table name: '${mapping.tableName}'`,
+                    fix: `Should be: '${correctName}'`
+                });
+            }
+        });
+    }
+    // ==========================================
+    // DISPLAY CONFIG: Required fields validation
+    // ==========================================
+    if (config.display) {
+        // Check page config
+        if (!config.display.page) {
+            logger.warn(`[${featureName}] Missing display.page config - GeneratedPage may not work correctly`);
+        }
+        else {
+            if (!config.display.page.title) {
+                logger.warn(`[${featureName}] Missing display.page.title`);
+            }
+            if (!config.display.page.entityName) {
+                logger.warn(`[${featureName}] Missing display.page.entityName`);
+            }
+        }
+        // Check card config
+        if (!config.display.card) {
+            logger.warn(`[${featureName}] Missing display.card config - cards may not render correctly`);
+        }
+    }
+    // ==========================================
+    // THROW ERRORS IF ANY FOUND
+    // ==========================================
+    if (errors.length > 0) {
+        const errorMessage = errors.map(err => `\n🚨 [${err.feature}] ${err.field}:\n` +
+            `   Error: ${err.error}\n` +
+            `   Fix: ${err.fix}`).join('\n');
+        throw new Error(`\n${'='.repeat(80)}\n` +
+            `❌ FEATURE CONFIG VALIDATION FAILED\n` +
+            `${'='.repeat(80)}` +
+            errorMessage +
+            `\n${'='.repeat(80)}\n`);
+    }
+    logger.debug(`✅ [${featureName}] Feature config validation passed`);
+}
+/**
+ * Validate all feature configs
+ * Call this during application startup
+ */
+export function validateAllFeatureConfigs(configs) {
+    logger.info(`🔍 Validating ${Object.keys(configs).length} feature configs...`);
+    let totalErrors = 0;
+    for (const [featureName, config] of Object.entries(configs)) {
+        try {
+            validateFeatureConfig(config, featureName);
+        }
+        catch (error) {
+            totalErrors++;
+            // Re-throw to fail startup
+            throw error;
+        }
+    }
+    if (totalErrors === 0) {
+        logger.info(`✅ All feature configs validated successfully`);
+    }
+}
+//# sourceMappingURL=featureConfigValidator.js.map

package/dist/shared/validators/featureConfigValidator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"featureConfigValidator.js","sourceRoot":"","sources":["../../../src/shared/validators/featureConfigValidator.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,MAAM,MAAM,GAAG,YAAY,CAAC,kBAAkB,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,eAAe,GAA2B,EAAE,CAAC;AAEnD;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAAgC;IACjE,MAAM,CAAC,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;AAC3C,CAAC;AASD;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAqB,EAAE,WAAmB;IAC9E,MAAM,MAAM,GAAsB,EAAE,CAAC;IAErC,6CAA6C;IAC7C,wCAAwC;IACxC,6CAA6C;IAC7C,IAAI,MAAM,CAAC,OAAO,EAAE,IAAI,EAAE,gBAAgB,EAAE,CAAC;QAC3C,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC;QAE9D,qFAAqF;QACrF,MAAM,eAAe,GAAG,gBAAgB,CAAC,MAAM,CAC7C,KAAK,CAAC,EAAE,CAAC,KAAK,KAAK,cAAc,IAAI,KAAK,KAAK,eAAe,CAC/D,CAAC;QAEF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC;gBACV,OAAO,EAAE,WAAW;gBACpB,KAAK,EAAE,+BAA+B;gBACtC,KAAK,EAAE,8BAA8B,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBACjE,GAAG,EAAE,WAAW,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,gIAAgI;aAC7K,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,kCAAkC;IAClC,6CAA6C;IAC7C,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,sCAAsC;QACtC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC;gBACV,OAAO,EAAE,WAAW;gBACpB,KAAK,EAAE,WAAW;gBAClB,KAAK,EAAE,yCAAyC,MAAM,CAAC,SAAS,GAAG;gBACnE,GAAG,EAAE,oBAAoB,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,GAAG;aAChE,CAAC,CAAC;QACL,CAAC;QAED,wCAAwC;QACxC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACvE,MAAM,CAAC,IAAI,CAAC,IAAI,WAAW,iBAAiB,MAAM,CAAC,SAAS,8CAA8C,CAAC,CAAC;QAC9G,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,yCAAyC;IACzC,6CAA6C;IAC7C,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;QAC1B,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE,EAAE;YAC/D,8CAA8C;YAC9C,IAAI,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpC,MAAM,CAAC,IAAI,CAAC;oBACV,OAAO,EAAE,WAAW;oBACpB,KAAK,EAAE,kBAAkB,GAAG,YAAY;oBACxC,KAAK,EAAE,yCAAyC,OAAO,CAAC,SAAS,GAAG;oBACpE,GAAG,EAAE,oBAAoB,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,GAAG;iBACjE,CAAC,CAAC;YACL,CAAC;YAED,oFAAoF;YACpF,MAAM,WAAW,GAAG,eAAe,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACvD,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,CAAC,IAAI,CAAC;oBACV,OAAO,EAAE,WAAW;oBACpB,KAAK,EAAE,kBAAkB,GAAG,YAAY;oBACxC,KAAK,EAAE,0BAA0B,OAAO,CAAC,SAAS,GAAG;oBACrD,GAAG,EAAE,eAAe,WAAW,GAAG;iBACnC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,6CAA6C;IAC7C,6CAA6C;IAC7C,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,oBAAoB;QACpB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,IAAI,WAAW,sEAAsE,CAAC,CAAC;QACrG,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC/B,MAAM,CAAC,IAAI,CAAC,IAAI,WAAW,8BAA8B,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;gBACpC,MAAM,CAAC,IAAI,CAAC,IAAI,WAAW,mCAAmC,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,oBAAoB;QACpB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,IAAI,WAAW,gEAAgE,CAAC,CAAC;QAC/F,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,4BAA4B;IAC5B,6CAA6C;IAC7C,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,YAAY,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CACpC,SAAS,GAAG,CAAC,OAAO,KAAK,GAAG,CAAC,KAAK,KAAK;YACvC,aAAa,GAAG,CAAC,KAAK,IAAI;YAC1B,WAAW,GAAG,CAAC,GAAG,EAAE,CACrB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,MAAM,IAAI,KAAK,CACb,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI;YACvB,sCAAsC;YACtC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE;YACnB,YAAY;YACZ,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CACxB,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAM,WAAW,oCAAoC,CAAC,CAAC;AACtE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAsC;IAC9E,MAAM,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,qBAAqB,CAAC,CAAC;IAE/E,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,KAAK,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5D,IAAI,CAAC;YACH,qBAAqB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,WAAW,EAAE,CAAC;YACd,2BAA2B;YAC3B,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;IAC9D,CAAC;AACH,CAAC"}

package/dist/shared/validators/organizationValidator.d.ts

@@ -0,0 +1,53 @@
+import { Response } from 'express';
+import { AuthenticatedRequest } from '../../middleware/authMiddleware.js';
+/**
+ * Organization Validation Utilities
+ *
+ * Prevents multi-tenancy security gaps:
+ * - Users accessing data from other organizations
+ * - Missing organization filtering in queries
+ * - Inconsistent organization validation
+ *
+ * CRITICAL: All Admin controllers MUST validate organization ID
+ */
+/**
+ * Validate organization ID exists on request
+ *
+ * @param req - Authenticated request
+ * @returns Organization ID if valid
+ * @throws Error if missing
+ *
+ * @example
+ * const organizationId = validateOrganization(req);
+ * // Throws if req.user?.organizationId is missing
+ */
+export declare function validateOrganization(req: AuthenticatedRequest): string;
+/**
+ * Validate organization ID and send 403 response if missing
+ *
+ * Use this for early return pattern in controllers
+ *
+ * @param req - Authenticated request
+ * @param res - Express response
+ * @returns Organization ID if valid, undefined if response was sent
+ *
+ * @example
+ * const organizationId = validateOrganizationOrRespond(req, res);
+ * if (!organizationId) return; // Response already sent
+ *
+ * // Continue with valid organizationId
+ */
+export declare function validateOrganizationOrRespond(req: AuthenticatedRequest, res: Response): string | undefined;
+/**
+ * Check if user has organization ID
+ *
+ * @param req - Authenticated request
+ * @returns true if organization ID exists, false otherwise
+ *
+ * @example
+ * if (!hasOrganization(req)) {
+ *   // Handle missing organization
+ * }
+ */
+export declare function hasOrganization(req: AuthenticatedRequest): boolean;
+//# sourceMappingURL=organizationValidator.d.ts.map

package/dist/shared/validators/organizationValidator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"organizationValidator.d.ts","sourceRoot":"","sources":["../../../src/shared/validators/organizationValidator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAE1E;;;;;;;;;GASG;AAEH;;;;;;;;;;GAUG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,oBAAoB,GAAG,MAAM,CAQtE;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,6BAA6B,CAC3C,GAAG,EAAE,oBAAoB,EACzB,GAAG,EAAE,QAAQ,GACZ,MAAM,GAAG,SAAS,CAYpB;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAElE"}

package/dist/shared/validators/organizationValidator.js

@@ -0,0 +1,69 @@
+/**
+ * Organization Validation Utilities
+ *
+ * Prevents multi-tenancy security gaps:
+ * - Users accessing data from other organizations
+ * - Missing organization filtering in queries
+ * - Inconsistent organization validation
+ *
+ * CRITICAL: All Admin controllers MUST validate organization ID
+ */
+/**
+ * Validate organization ID exists on request
+ *
+ * @param req - Authenticated request
+ * @returns Organization ID if valid
+ * @throws Error if missing
+ *
+ * @example
+ * const organizationId = validateOrganization(req);
+ * // Throws if req.user?.organizationId is missing
+ */
+export function validateOrganization(req) {
+    const organizationId = req.user?.organizationId;
+    if (!organizationId) {
+        throw new Error('Organization ID is required');
+    }
+    return organizationId;
+}
+/**
+ * Validate organization ID and send 403 response if missing
+ *
+ * Use this for early return pattern in controllers
+ *
+ * @param req - Authenticated request
+ * @param res - Express response
+ * @returns Organization ID if valid, undefined if response was sent
+ *
+ * @example
+ * const organizationId = validateOrganizationOrRespond(req, res);
+ * if (!organizationId) return; // Response already sent
+ *
+ * // Continue with valid organizationId
+ */
+export function validateOrganizationOrRespond(req, res) {
+    const organizationId = req.user?.organizationId;
+    if (!organizationId) {
+        res.status(403).json({
+            success: false,
+            message: 'Organization ID is required'
+        });
+        return undefined;
+    }
+    return organizationId;
+}
+/**
+ * Check if user has organization ID
+ *
+ * @param req - Authenticated request
+ * @returns true if organization ID exists, false otherwise
+ *
+ * @example
+ * if (!hasOrganization(req)) {
+ *   // Handle missing organization
+ * }
+ */
+export function hasOrganization(req) {
+    return !!req.user?.organizationId;
+}
+//# sourceMappingURL=organizationValidator.js.map

package/dist/shared/validators/organizationValidator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"organizationValidator.js","sourceRoot":"","sources":["../../../src/shared/validators/organizationValidator.ts"],"names":[],"mappings":"AAGA;;;;;;;;;GASG;AAEH;;;;;;;;;;GAUG;AACH,MAAM,UAAU,oBAAoB,CAAC,GAAyB;IAC5D,MAAM,cAAc,GAAG,GAAG,CAAC,IAAI,EAAE,cAAc,CAAC;IAEhD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,6BAA6B,CAC3C,GAAyB,EACzB,GAAa;IAEb,MAAM,cAAc,GAAG,GAAG,CAAC,IAAI,EAAE,cAAc,CAAC;IAEhD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,6BAA6B;SACvC,CAAC,CAAC;QACH,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,eAAe,CAAC,GAAyB;IACvD,OAAO,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,cAAc,CAAC;AACpC,CAAC"}

package/dist/shared/validators/uuidValidator.d.ts

@@ -0,0 +1,57 @@
+/**
+ * UUID Validation Utilities
+ *
+ * Centralized UUID validation to prevent:
+ * - Code duplication across controllers
+ * - SQL injection attempts
+ * - Performance issues from invalid IDs
+ * - Inconsistent error messages
+ */
+/**
+ * Validate UUID format
+ *
+ * @param id - The ID to validate
+ * @returns true if valid UUID, false otherwise
+ *
+ * @example
+ * validateUUID('550e8400-e29b-41d4-a716-446655440000') // true
+ * validateUUID('invalid-id') // false
+ * validateUUID('') // false
+ */
+export declare function validateUUID(id: string): boolean;
+/**
+ * Validate UUID and throw error if invalid
+ *
+ * Useful for early validation in controller methods
+ *
+ * @param id - The ID to validate
+ * @param resourceName - Name of resource for error message (default: 'Resource')
+ * @throws Error if ID is invalid
+ *
+ * @example
+ * validateUUIDOrThrow(req.params.id, 'Order');
+ * // Throws: "Invalid Order ID format"
+ */
+export declare function validateUUIDOrThrow(id: string, resourceName?: string): void;
+/**
+ * Validate multiple UUIDs at once
+ *
+ * @param ids - Array of IDs to validate
+ * @returns true if all are valid UUIDs, false otherwise
+ *
+ * @example
+ * validateUUIDs(['uuid1', 'uuid2']) // true/false
+ */
+export declare function validateUUIDs(ids: string[]): boolean;
+/**
+ * Filter out invalid UUIDs from array
+ *
+ * @param ids - Array of IDs to filter
+ * @returns Array containing only valid UUIDs
+ *
+ * @example
+ * filterValidUUIDs(['valid-uuid', 'invalid', 'another-valid-uuid'])
+ * // Returns: ['valid-uuid', 'another-valid-uuid']
+ */
+export declare function filterValidUUIDs(ids: string[]): string[];
+//# sourceMappingURL=uuidValidator.d.ts.map

package/dist/shared/validators/uuidValidator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"uuidValidator.d.ts","sourceRoot":"","sources":["../../../src/shared/validators/uuidValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH;;;;;;;;;;GAUG;AACH,wBAAgB,YAAY,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAKhD;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,mBAAmB,CAAC,EAAE,EAAE,MAAM,EAAE,YAAY,GAAE,MAAmB,GAAG,IAAI,CAIvF;AAED;;;;;;;;GAQG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,OAAO,CAKpD;AAED;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAKxD"}

package/dist/shared/validators/uuidValidator.js

@@ -0,0 +1,77 @@
+/**
+ * UUID Validation Utilities
+ *
+ * Centralized UUID validation to prevent:
+ * - Code duplication across controllers
+ * - SQL injection attempts
+ * - Performance issues from invalid IDs
+ * - Inconsistent error messages
+ */
+const UUID_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+/**
+ * Validate UUID format
+ *
+ * @param id - The ID to validate
+ * @returns true if valid UUID, false otherwise
+ *
+ * @example
+ * validateUUID('550e8400-e29b-41d4-a716-446655440000') // true
+ * validateUUID('invalid-id') // false
+ * validateUUID('') // false
+ */
+export function validateUUID(id) {
+    if (!id || typeof id !== 'string') {
+        return false;
+    }
+    return UUID_REGEX.test(id);
+}
+/**
+ * Validate UUID and throw error if invalid
+ *
+ * Useful for early validation in controller methods
+ *
+ * @param id - The ID to validate
+ * @param resourceName - Name of resource for error message (default: 'Resource')
+ * @throws Error if ID is invalid
+ *
+ * @example
+ * validateUUIDOrThrow(req.params.id, 'Order');
+ * // Throws: "Invalid Order ID format"
+ */
+export function validateUUIDOrThrow(id, resourceName = 'Resource') {
+    if (!validateUUID(id)) {
+        throw new Error(`Invalid ${resourceName} ID format`);
+    }
+}
+/**
+ * Validate multiple UUIDs at once
+ *
+ * @param ids - Array of IDs to validate
+ * @returns true if all are valid UUIDs, false otherwise
+ *
+ * @example
+ * validateUUIDs(['uuid1', 'uuid2']) // true/false
+ */
+export function validateUUIDs(ids) {
+    if (!Array.isArray(ids) || ids.length === 0) {
+        return false;
+    }
+    return ids.every(id => validateUUID(id));
+}
+/**
+ * Filter out invalid UUIDs from array
+ *
+ * @param ids - Array of IDs to filter
+ * @returns Array containing only valid UUIDs
+ *
+ * @example
+ * filterValidUUIDs(['valid-uuid', 'invalid', 'another-valid-uuid'])
+ * // Returns: ['valid-uuid', 'another-valid-uuid']
+ */
+export function filterValidUUIDs(ids) {
+    if (!Array.isArray(ids)) {
+        return [];
+    }
+    return ids.filter(id => validateUUID(id));
+}
+//# sourceMappingURL=uuidValidator.js.map

package/dist/shared/validators/uuidValidator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"uuidValidator.js","sourceRoot":"","sources":["../../../src/shared/validators/uuidValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,UAAU,GAAG,iEAAiE,CAAC;AAErF;;;;;;;;;;GAUG;AACH,MAAM,UAAU,YAAY,CAAC,EAAU;IACrC,IAAI,CAAC,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE,CAAC;QAClC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC7B,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,mBAAmB,CAAC,EAAU,EAAE,eAAuB,UAAU;IAC/E,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,WAAW,YAAY,YAAY,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,aAAa,CAAC,GAAa;IACzC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;AAC3C,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAa;IAC5C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;AAC5C,CAAC"}

package/dist/utils/logger.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Tetra Logging Utility - Pino Edition
+ *
+ * Usage:
+ * ```typescript
+ * import { createLogger } from '@tetra/core';
+ *
+ * const logger = createLogger('workflow:executor');
+ * logger.info({ stepId: 'abc', duration: 123 }, 'Step completed');
+ * logger.error({ error: err }, 'Step failed');
+ * ```
+ *
+ * Environment Variables:
+ * - LOG_LEVEL: Set minimum log level (default: info in prod, debug in dev)
+ * - NODE_ENV: development/staging/production
+ */
+import pino from 'pino';
+export declare const rootLogger: pino.Logger<never, boolean>;
+/**
+ * Logger interface that accepts both argument orders:
+ * - logger.info({ context }, 'message')  (pino native)
+ * - logger.info('message', { context })   (legacy)
+ */
+export interface Logger {
+    trace(msg: string, ...args: any[]): void;
+    trace(obj: object, msg?: string, ...args: any[]): void;
+    debug(msg: string, ...args: any[]): void;
+    debug(obj: object, msg?: string, ...args: any[]): void;
+    info(msg: string, ...args: any[]): void;
+    info(obj: object, msg?: string, ...args: any[]): void;
+    warn(msg: string, ...args: any[]): void;
+    warn(obj: object, msg?: string, ...args: any[]): void;
+    error(msg: string, ...args: any[]): void;
+    error(obj: object, msg?: string, ...args: any[]): void;
+    fatal(msg: string, ...args: any[]): void;
+    fatal(obj: object, msg?: string, ...args: any[]): void;
+    child(bindings: Record<string, any>): Logger;
+}
+export declare function createLogger(namespace: string): Logger;
+//# sourceMappingURL=logger.d.ts.map

package/dist/utils/logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../../src/utils/logger.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AAKxB,eAAO,MAAM,UAAU,6BAYrB,CAAC;AAEH;;;;GAIG;AACH,MAAM,WAAW,MAAM;IACrB,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACzC,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACvD,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACzC,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACvD,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACxC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACtD,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACxC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACtD,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACzC,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACvD,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACzC,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACvD,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC;CAC9C;AAiBD,wBAAgB,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAEtD"}

package/dist/utils/logger.js

@@ -0,0 +1,47 @@
+/**
+ * Tetra Logging Utility - Pino Edition
+ *
+ * Usage:
+ * ```typescript
+ * import { createLogger } from '@tetra/core';
+ *
+ * const logger = createLogger('workflow:executor');
+ * logger.info({ stepId: 'abc', duration: 123 }, 'Step completed');
+ * logger.error({ error: err }, 'Step failed');
+ * ```
+ *
+ * Environment Variables:
+ * - LOG_LEVEL: Set minimum log level (default: info in prod, debug in dev)
+ * - NODE_ENV: development/staging/production
+ */
+import pino from 'pino';
+const isDevelopment = process.env.NODE_ENV !== 'production';
+const logLevel = process.env.LOG_LEVEL || (isDevelopment ? 'debug' : 'info');
+export const rootLogger = pino({
+    level: logLevel,
+    ...(isDevelopment && {
+        transport: {
+            target: 'pino-pretty',
+            options: {
+                colorize: true,
+                translateTime: 'HH:MM:ss',
+                ignore: 'pid,hostname'
+            }
+        }
+    })
+});
+function wrapLogger(pinoLogger) {
+    const levels = ['trace', 'debug', 'info', 'warn', 'error', 'fatal'];
+    const wrapped = {};
+    for (const level of levels) {
+        wrapped[level] = (...args) => {
+            pinoLogger[level](...args);
+        };
+    }
+    wrapped.child = (bindings) => wrapLogger(pinoLogger.child(bindings));
+    return wrapped;
+}
+export function createLogger(namespace) {
+    return wrapLogger(rootLogger.child({ namespace }));
+}
+//# sourceMappingURL=logger.js.map

package/dist/utils/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/utils/logger.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;AAC5D,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;AAE7E,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,CAAC;IAC7B,KAAK,EAAE,QAAQ;IACf,GAAG,CAAC,aAAa,IAAI;QACnB,SAAS,EAAE;YACT,MAAM,EAAE,aAAa;YACrB,OAAO,EAAE;gBACP,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,UAAU;gBACzB,MAAM,EAAE,cAAc;aACvB;SACF;KACF,CAAC;CACH,CAAC,CAAC;AAuBH,SAAS,UAAU,CAAC,UAAuB;IACzC,MAAM,MAAM,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAU,CAAC;IAC7E,MAAM,OAAO,GAAQ,EAAE,CAAC;IAExB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,IAAW,EAAE,EAAE;YACjC,UAAU,CAAC,KAAK,CAAS,CAAC,GAAG,IAAI,CAAC,CAAC;QACtC,CAAC,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,KAAK,GAAG,CAAC,QAA6B,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;IAE1F,OAAO,OAAiB,CAAC;AAC3B,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,SAAiB;IAC5C,OAAO,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;AACrD,CAAC"}

package/package.json

@@ -0,0 +1,80 @@
+{
+  "name": "@soulbatical/tetra-core",
+  "version": "0.1.0",
+  "publishConfig": {
+    "access": "restricted"
+  },
+  "description": "The foundation framework for VCA platform projects — config-driven Express + Supabase + TypeScript",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./frontend": {
+      "types": "./dist/frontend/index.d.ts",
+      "import": "./dist/frontend/index.js",
+      "require": "./dist/frontend/index.js",
+      "default": "./dist/frontend/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "express-rate-limit": "^8.2.1",
+    "helmet": "^8.1.0",
+    "node-cron": "^4.1.1",
+    "zod": "^3.22.4"
+  },
+  "peerDependencies": {
+    "@supabase/supabase-js": "2.93.3",
+    "@tanstack/react-table": "^8.0.0",
+    "express": "^5.0.0",
+    "pino": "^9.0.0",
+    "react": "^18.0.0 || ^19.0.0"
+  },
+  "peerDependenciesMeta": {
+    "pino": {
+      "optional": true
+    },
+    "react": {
+      "optional": true
+    },
+    "@tanstack/react-table": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@supabase/supabase-js": "2.93.3",
+    "@tanstack/react-table": "^8.21.3",
+    "@types/express": "^5.0.0",
+    "@types/node": "^20.11.0",
+    "@types/node-cron": "^3.0.11",
+    "@types/react": "^19.2.14",
+    "express": "^5.2.1",
+    "pino": "^9.12.0",
+    "react": "^19.2.4",
+    "typescript": "^5.7.3"
+  },
+  "keywords": [
+    "tetra",
+    "framework",
+    "express",
+    "supabase",
+    "config-driven",
+    "multi-tenant",
+    "rls"
+  ],
+  "author": "Albert Barth",
+  "license": "MIT"
+}