@spinajs/rbac-http-user 2.0.470 → 2.0.471

package/lib/mjs/controllers/TwoFactorAuthController.js

@@ -19,11 +19,28 @@ import { TwoFacRouteEnabled } from '../policies/2FaPolicy.js';
 import { AutoinjectService } from '@spinajs/configuration';
 import { Autoinject } from '@spinajs/di';
 import { QueueService } from '@spinajs/queue';
-import { User, NotAuthorizedPolicy, } from "@spinajs/rbac-http";
+import { User, NotAuthorizedPolicy } from "@spinajs/rbac-http";
 import { auth2Fa, disableUser2Fa } from "./../actions/2fa.js";
 import { enableUser2Fa } from "../actions/2fa.js";
 import { InvalidOperation } from '@spinajs/exceptions';
+/**
+ * Two-factor authentication (TOTP) management.
+ * Enables, disables, and verifies TOTP-based two-factor authentication for users.
+ * All routes are only available when 2FA is enabled in the system configuration.
+ * The caller must be logged in but does NOT need to be fully authorized (2FA verified),
+ * allowing these routes to be used during the 2FA verification step itself.
+ * @tags Two-Factor Authentication
+ */
 let TwoFactorAuthController = class TwoFactorAuthController extends BaseController {
+    /**
+     * Enable two-factor authentication
+     * Generates a TOTP secret for the authenticated user and returns the OTP provisioning URI
+     * to be scanned by an authenticator app. Throws if 2FA is already enabled for the user.
+     * @security cookieAuth
+     * @returns {IEnable2faResponse} OTP provisioning URI to scan with an authenticator app
+     * @response 400 Two-factor authentication is already enabled for this user
+     * @response 401 Unauthorized — valid session required
+     */
     async enable2fa(user) {
         if (user.Metadata['2fa:enabled']) {
             throw new InvalidOperation(`User ${user.Uuid} already has 2fa enabled`);
@@ -33,6 +50,15 @@ let TwoFactorAuthController = class TwoFactorAuthController extends BaseControll
             otp: result
         });
     }
+    /**
+     * Disable two-factor authentication
+     * Removes the TOTP secret and disables 2FA for the authenticated user.
+     * Throws if 2FA is not currently enabled for the user.
+     * @security cookieAuth
+     * @response 200 Two-factor authentication disabled successfully
+     * @response 400 Two-factor authentication is not enabled for this user
+     * @response 401 Unauthorized — valid session required
+     */
     async disable2Fa(user) {
         if (!user.Metadata['2fa:enabled']) {
             throw new InvalidOperation(`User ${user.Uuid} already has 2fa disabled`);
@@ -40,6 +66,15 @@ let TwoFactorAuthController = class TwoFactorAuthController extends BaseControll
         await disableUser2Fa(user);
         return new Ok();
     }
+    /**
+     * Verify TOTP token
+     * Validates the provided TOTP token against the user's 2FA secret. On success, marks the session
+     * as fully authorized and returns the user profile with RBAC grants — identical to a full login response.
+     * @security cookieAuth
+     * @returns {IUserWithGrants} User profile merged with RBAC grants on successful 2FA verification
+     * @response 403 Invalid or expired TOTP token
+     * @response 401 Unauthorized — valid session required
+     */
     async verifyToken(logged, token, session) {
         try {
             await auth2Fa(logged, token.Token);

package/lib/mjs/controllers/TwoFactorAuthController.js.map

@@ -1 +1 @@
-{"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAY,eAAe,EAAE,IAAI,IAAI,SAAS,EAA0B,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnI,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAY,MAAM,wBAAwB,CAAC;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,IAAI,EAAE,mBAAmB,GAAG,MAAM,oBAAoB,CAAC;AAChE,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAKhD,IAAM,uBAAuB,GAA7B,MAAM,uBAAwB,SAAQ,cAAc;IAW1C,AAAN,KAAK,CAAC,SAAS,CAAS,IAAe;QAE1C,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,gBAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,0BAA0B,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,CAAC;QACzC,OAAO,IAAI,EAAE,CAAC;YACV,GAAG,EAAE,MAAM;SACd,CAAC,CAAC;IACP,CAAC;IAGY,AAAN,KAAK,CAAC,UAAU,CAAS,IAAe;QAC3C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,gBAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,2BAA2B,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAGY,AAAN,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAU,KAAe,EAAa,OAAiB;QAErG,IAAI,CAAC;YACD,MAAM,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAEnC,mCAAmC;YACnC,4CAA4C;YAC5C,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;YACrC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;YACrC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEzC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,gCAAgC,EAAE;gBAC9C,IAAI,EAAE,MAAM,CAAC,IAAI;aACpB,CAAC,CAAC;YAGH,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;YAClE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;YAGxD,OAAO,IAAI,EAAE,CAAC;gBACV,GAAG,MAAM,CAAC,sBAAsB,CAAC;oBAC7B,cAAc,EAAE,KAAK;iBACxB,CAAC;gBACF,MAAM,EAAE,cAAc;aACzB,CAAC,CAAC;QACP,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;YAET,IAAI,GAAG,YAAY,KAAK,EAAE,CAAC;gBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACJ,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/D,CAAC;YAED,OAAO,IAAI,iBAAiB,CAAC;gBACzB,KAAK,EAAE;oBACH,IAAI,EAAE,cAAc;oBACpB,OAAO,EAAE,kBAAkB;iBAC9B;aACJ,CAAC,CAAC;QACP,CAAC;IACL,CAAC;CACJ,CAAA;AA5Ea;IADT,UAAU,CAAC,YAAY,CAAC;8BACR,YAAY;sDAAC;AAGpB;IADT,iBAAiB,CAAC,cAAc,CAAC;8BACP,eAAe;gEAAC;AAGjC;IADT,UAAU,CAAC,aAAa,CAAC;8BACZ,aAAa;mDAAC;AAGf;IADZ,GAAG,CAAC,YAAY,CAAC;IACM,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;wDAU7C;AAGY;IADZ,GAAG,CAAC,aAAa,CAAC;IACM,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;yDAO9C;AAGY;IADZ,IAAI,CAAC,YAAY,CAAC;IACO,WAAA,IAAI,EAAE,CAAA;IAAqB,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,OAAO,EAAE,CAAA;;qCAA9C,SAAS,EAAiB,QAAQ;;0DA2C1E;AA7EQ,uBAAuB;IAHnC,QAAQ,CAAC,MAAM,CAAC;IAChB,MAAM,CAAC,kBAAkB,CAAC;IAC1B,MAAM,CAAC,mBAAmB,CAAC;GACf,uBAAuB,CA8EnC"}
+{"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAY,eAAe,EAAE,IAAI,IAAI,SAAS,EAA0B,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnI,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAY,MAAM,wBAAwB,CAAC;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,IAAI,EAAE,mBAAmB,EAAuC,MAAM,oBAAoB,CAAC;AACpG,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAEvD;;;;;;;GAOG;AAII,IAAM,uBAAuB,GAA7B,MAAM,uBAAwB,SAAQ,cAAc;IAUvD;;;;;;;;OAQG;IAEU,AAAN,KAAK,CAAC,SAAS,CAAS,IAAe;QAE1C,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,gBAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,0BAA0B,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,CAAC;QACzC,OAAO,IAAI,EAAE,CAAC;YACV,GAAG,EAAE,MAAgB;SACxB,CAAC,CAAC;IACP,CAAC;IAED;;;;;;;;OAQG;IAEU,AAAN,KAAK,CAAC,UAAU,CAAS,IAAe;QAC3C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,gBAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,2BAA2B,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAED;;;;;;;;OAQG;IAEU,AAAN,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAU,KAAe,EAAa,OAAiB;QAErG,IAAI,CAAC;YACD,MAAM,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAEnC,mCAAmC;YACnC,4CAA4C;YAC5C,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;YACrC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;YACrC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEzC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,gCAAgC,EAAE;gBAC9C,IAAI,EAAE,MAAM,CAAC,IAAI;aACpB,CAAC,CAAC;YAGH,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;YAClE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;YAGxD,OAAO,IAAI,EAAE,CAAC;gBACV,GAAG,MAAM,CAAC,sBAAsB,CAAC;oBAC7B,cAAc,EAAE,KAAK;iBACxB,CAAC;gBACF,MAAM,EAAE,cAAc;aACK,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;YAET,IAAI,GAAG,YAAY,KAAK,EAAE,CAAC;gBACvB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACJ,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/D,CAAC;YAED,OAAO,IAAI,iBAAiB,CAAC;gBACzB,KAAK,EAAE;oBACH,IAAI,EAAE,cAAc;oBACpB,OAAO,EAAE,kBAAkB;iBAC9B;aACJ,CAAC,CAAC;QACP,CAAC;IACL,CAAC;CACJ,CAAA;AAvGa;IADT,UAAU,CAAC,YAAY,CAAC;8BACR,YAAY;sDAAC;AAGpB;IADT,iBAAiB,CAAC,cAAc,CAAC;8BACP,eAAe;gEAAC;AAGjC;IADT,UAAU,CAAC,aAAa,CAAC;8BACZ,aAAa;mDAAC;AAYf;IADZ,GAAG,CAAC,YAAY,CAAC;IACM,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;wDAU7C;AAYY;IADZ,GAAG,CAAC,aAAa,CAAC;IACM,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;yDAO9C;AAYY;IADZ,IAAI,CAAC,YAAY,CAAC;IACO,WAAA,IAAI,EAAE,CAAA;IAAqB,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,OAAO,EAAE,CAAA;;qCAA9C,SAAS,EAAiB,QAAQ;;0DA2C1E;AAxGQ,uBAAuB;IAHnC,QAAQ,CAAC,MAAM,CAAC;IAChB,MAAM,CAAC,kBAAkB,CAAC;IAC1B,MAAM,CAAC,mBAAmB,CAAC;GACf,uBAAuB,CAyGnC"}

package/lib/mjs/controllers/UserController.d.ts

@@ -1,13 +1,47 @@
 import { PasswordDto } from '../dto/password-dto.js';
 import { User as UserModel, PasswordProvider, SessionProvider, AccessControl } from '@spinajs/rbac';
 import { BaseController, Ok } from '@spinajs/http';
+import { IGrantsMap } from '@spinajs/rbac-http';
+/**
+ * Current user profile management.
+ * Allows an authenticated user to read and modify their own account — refresh profile data,
+ * view their RBAC grants, and change their password.
+ * @tags User
+ */
 export declare class UserController extends BaseController {
     protected PasswordProvider: PasswordProvider;
     protected CoockieSecret: string;
     protected SessionProvider: SessionProvider;
     protected AC: AccessControl;
-    refresh(user: UserModel, ssid: string): Promise<Ok>;
-    getGrants(user: UserModel): Promise<Ok>;
-    newPassword(user: UserModel, pwd: PasswordDto): Promise<Ok>;
+    /**
+     * Refresh current user profile
+     * Reloads the authenticated user's record from the database (including metadata) and
+     * updates the session with the latest data. Returns the refreshed user data.
+     * @security cookieAuth
+     * @returns {IUserProfile} Refreshed user profile data
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — insufficient permissions
+     */
+    refresh(user: UserModel, ssid: string): Promise<Ok<import("@spinajs/orm").ModelData<UserModel>>>;
+    /**
+     * Get current user grants
+     * Returns the flattened RBAC grants for the authenticated user, combining all roles
+     * the user is assigned to into a single permission map keyed by resource.
+     * @security cookieAuth
+     * @returns {IGrantsMap} Combined RBAC grants map: resource → action → permission descriptor
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — insufficient permissions
+     */
+    getGrants(user: UserModel): Promise<Ok<IGrantsMap>>;
+    /**
+     * Change own password
+     * Changes the authenticated user's password. Requires the current (old) password for verification.
+     * The new password and its confirmation must match.
+     * @security cookieAuth
+     * @response 400 Old password is incorrect, or new passwords do not match
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — insufficient permissions
+     */
+    newPassword(user: UserModel, pwd: PasswordDto): Promise<Ok<unknown>>;
 }
 //# sourceMappingURL=UserController.d.ts.map

package/lib/mjs/controllers/UserController.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"UserController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAgD,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAiB,EAAE,EAA+B,MAAM,eAAe,CAAC;AAW/F,qBAGa,cAAe,SAAQ,cAAc;IAEhD,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAG7C,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC;IAGhC,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAG3C,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;IAIf,OAAO,CAAS,IAAI,EAAE,SAAS,EAAY,IAAI,EAAE,MAAM;IAmBvD,SAAS,CAAS,IAAI,EAAE,SAAS;IAYjC,WAAW,CAAS,IAAI,EAAE,SAAS,EAAU,GAAG,EAAE,WAAW;CAkB3E"}
+{"version":3,"file":"UserController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAgD,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAiB,EAAE,EAA+B,MAAM,eAAe,CAAC;AAM/F,OAAO,EAAgD,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAK9F;;;;;GAKG;AACH,qBAGa,cAAe,SAAQ,cAAc;IAEhD,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAG7C,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC;IAGhC,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAG3C,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;IAE5B;;;;;;;;OAQG;IAGU,OAAO,CAAS,IAAI,EAAE,SAAS,EAAY,IAAI,EAAE,MAAM;IAiBpE;;;;;;;;OAQG;IAGU,SAAS,CAAS,IAAI,EAAE,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC;IAUxE;;;;;;;;OAQG;IAGU,WAAW,CAAS,IAAI,EAAE,SAAS,EAAU,GAAG,EAAE,WAAW;CAkB3E"}

package/lib/mjs/controllers/UserController.js

@@ -19,7 +19,22 @@ import { Config } from '@spinajs/configuration';
 import * as cs from 'cookie-signature';
 import { AuthorizedPolicy, Permission, Resource, User } from '@spinajs/rbac-http';
 import { _chain, _either } from '@spinajs/util';
+/**
+ * Current user profile management.
+ * Allows an authenticated user to read and modify their own account — refresh profile data,
+ * view their RBAC grants, and change their password.
+ * @tags User
+ */
 let UserController = class UserController extends BaseController {
+    /**
+     * Refresh current user profile
+     * Reloads the authenticated user's record from the database (including metadata) and
+     * updates the session with the latest data. Returns the refreshed user data.
+     * @security cookieAuth
+     * @returns {IUserProfile} Refreshed user profile data
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — insufficient permissions
+     */
     async refresh(user, ssid) {
         // get user data from db
         await user.refresh();
@@ -34,12 +49,30 @@ let UserController = class UserController extends BaseController {
         }
         return new Ok(user.dehydrate());
     }
+    /**
+     * Get current user grants
+     * Returns the flattened RBAC grants for the authenticated user, combining all roles
+     * the user is assigned to into a single permission map keyed by resource.
+     * @security cookieAuth
+     * @returns {IGrantsMap} Combined RBAC grants map: resource → action → permission descriptor
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — insufficient permissions
+     */
     async getGrants(user) {
         const grants = this.AC.getGrants();
         const userGrants = user.Role.map(r => _unwindGrants(r, grants));
         const combinedGrants = Object.assign({}, ...userGrants);
         return new Ok(combinedGrants);
     }
+    /**
+     * Change own password
+     * Changes the authenticated user's password. Requires the current (old) password for verification.
+     * The new password and its confirmation must match.
+     * @security cookieAuth
+     * @response 400 Old password is incorrect, or new passwords do not match
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — insufficient permissions
+     */
     async newPassword(user, pwd) {
         if (pwd.Password !== pwd.ConfirmPassword) {
             throw new InvalidArgument('password does not match');

package/lib/mjs/controllers/UserController.js.map

@@ -1 +1 @@
-{"version":3,"file":"UserController.js","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAE,aAAa,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEvC,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAClF,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAOzC,IAAM,cAAc,GAApB,MAAM,cAAe,SAAQ,cAAc;IAenC,AAAN,KAAK,CAAC,OAAO,CAAS,IAAe,EAAY,IAAY;QAClE,wBAAwB;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,+BAA+B;QAC/B,MAAM,GAAG,GAAmB,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAChE,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,OAAO,IAAI,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAClC,CAAC;IAIY,AAAN,KAAK,CAAC,SAAS,CAAS,IAAe;QAE5C,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;QAChE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;QAExD,OAAO,IAAI,EAAE,CAAC,cAAc,CAAC,CAAC;IAChC,CAAC;IAKY,AAAN,KAAK,CAAC,WAAW,CAAS,IAAe,EAAU,GAAgB;QACxE,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,eAAe,EAAE,CAAC;YACzC,MAAM,IAAI,eAAe,CAAC,yBAAyB,CAAC,CAAC;QACvD,CAAC;QAGD,OAAO,IAAI,EAAE,CACX,MAAM,CACJ,IAAI,EACJ,OAAO,CACL,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,EAC9B,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,EAC5B,GAAG,EAAE;YACH,MAAM,IAAI,eAAe,CAAC,2BAA2B,CAAC,CAAC;QACzD,CAAC,CAAC,CACL,CACF,CAAC;IACJ,CAAC;CACF,CAAA;AA9DW;IADT,UAAU,EAAE;8BACe,gBAAgB;wDAAC;AAGnC;IADT,MAAM,CAAC,oBAAoB,CAAC;;qDACG;AAGtB;IADT,UAAU,EAAE;8BACc,eAAe;uDAAC;AAGjC;IADT,UAAU,CAAC,aAAa,CAAC;8BACZ,aAAa;0CAAC;AAIf;IAFZ,GAAG,EAAE;IACL,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACF,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,MAAM,EAAE,CAAA;;qCAApB,SAAS;;6CAe3C;AAIY;IAFZ,GAAG,CAAC,QAAQ,CAAC;IACb,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACA,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;+CAO7C;AAKY;IAFZ,KAAK,CAAC,UAAU,CAAC;IACjB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACA,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,IAAI,EAAE,CAAA;;qCAAlB,SAAS,EAAe,WAAW;;iDAiBzE;AA/DU,cAAc;IAH1B,QAAQ,CAAC,MAAM,CAAC;IAChB,QAAQ,CAAC,MAAM,CAAC;IAChB,MAAM,CAAC,gBAAgB,CAAC;GACZ,cAAc,CAgE1B"}
+{"version":3,"file":"UserController.js","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAE,aAAa,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEvC,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAc,MAAM,oBAAoB,CAAC;AAC9F,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAIhD;;;;;GAKG;AAII,IAAM,cAAc,GAApB,MAAM,cAAe,SAAQ,cAAc;IAahD;;;;;;;;OAQG;IAGU,AAAN,KAAK,CAAC,OAAO,CAAS,IAAe,EAAY,IAAY;QAClE,wBAAwB;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,+BAA+B;QAC/B,MAAM,GAAG,GAAmB,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAChE,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,OAAO,IAAI,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAClC,CAAC;IAED;;;;;;;;OAQG;IAGU,AAAN,KAAK,CAAC,SAAS,CAAS,IAAe;QAE5C,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;QAChE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;QAExD,OAAO,IAAI,EAAE,CAAC,cAAc,CAAC,CAAC;IAChC,CAAC;IAGD;;;;;;;;OAQG;IAGU,AAAN,KAAK,CAAC,WAAW,CAAS,IAAe,EAAU,GAAgB;QACxE,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,eAAe,EAAE,CAAC;YACzC,MAAM,IAAI,eAAe,CAAC,yBAAyB,CAAC,CAAC;QACvD,CAAC;QAGD,OAAO,IAAI,EAAE,CACX,MAAM,CACJ,IAAI,EACJ,OAAO,CACL,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,EAC9B,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,EAC5B,GAAG,EAAE;YACH,MAAM,IAAI,eAAe,CAAC,2BAA2B,CAAC,CAAC;QACzD,CAAC,CAAC,CACL,CACF,CAAC;IACJ,CAAC;CACF,CAAA;AAzFW;IADT,UAAU,EAAE;8BACe,gBAAgB;wDAAC;AAGnC;IADT,MAAM,CAAC,oBAAoB,CAAC;;qDACG;AAGtB;IADT,UAAU,EAAE;8BACc,eAAe;uDAAC;AAGjC;IADT,UAAU,CAAC,aAAa,CAAC;8BACZ,aAAa;0CAAC;AAaf;IAFZ,GAAG,EAAE;IACL,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACF,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,MAAM,EAAE,CAAA;;qCAApB,SAAS;;6CAe3C;AAaY;IAFZ,GAAG,CAAC,QAAQ,CAAC;IACb,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACA,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;+CAO7C;AAcY;IAFZ,KAAK,CAAC,UAAU,CAAC;IACjB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACA,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,IAAI,EAAE,CAAA;;qCAAlB,SAAS,EAAe,WAAW;;iDAiBzE;AA1FU,cAAc;IAH1B,QAAQ,CAAC,MAAM,CAAC;IAChB,QAAQ,CAAC,MAAM,CAAC;IAChB,MAAM,CAAC,gBAAgB,CAAC;GACZ,cAAc,CA2F1B"}

package/lib/mjs/controllers/UserMetadataController.d.ts

@@ -2,22 +2,145 @@ import { Ok, BaseController } from '@spinajs/http';
 import { User as UserModel, UserMetadata } from '@spinajs/rbac';
 import { PaginationDTO, OrderDTO, IFilterRequest } from '@spinajs/orm-http';
 import { UserMetadataDto } from '../dto/metadata-dto.js';
+import { FilterableUserMetadata } from '../models/FilterableUserMetadata.js';
+/**
+ * User metadata management.
+ * Provides CRUD operations for key-value metadata entries attached to user accounts.
+ * Admin routes operate on any user (identified by UUID), while own routes operate on the
+ * currently authenticated user's metadata.
+ * @tags User Metadata
+ */
 export declare class UserMetadataController extends BaseController {
     /**
-     *  SPECIFIC USER FUNCTIONS ( ADMIN FUNCTIONS )
+     * List metadata for a specific user (admin)
+     * Returns a paginated, filtered, and ordered list of metadata entries for the given user.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @param pagination.page Page number (zero-based)
+     * @param pagination.limit Number of entries per page
+     * @param order.column Column to sort by (default: Id)
+     * @param order.order Sort direction: ASC or DESC (default: DESC)
+     * @returns {IUserMetadataEntry[]} Paginated list of metadata entries for the user
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readAny permission required
+     * @response 404 User not found
      */
-    readUserMeta(user: UserModel, pagination?: PaginationDTO, order?: OrderDTO, filter?: IFilterRequest): Promise<Ok>;
-    getUserMeta(user: UserModel, key: string): Promise<Ok>;
-    addUserMetadata(user: UserModel, metadata: UserMetadata): Promise<Ok>;
-    updateUserMetadata(meta: UserMetadata, _user: UserModel, data: UserMetadataDto): Promise<Ok>;
-    deleteUserMetadata(user: UserModel, meta: number): Promise<Ok>;
+    readUserMeta(user: UserModel, pagination?: PaginationDTO, order?: OrderDTO, filter?: IFilterRequest): Promise<Ok<import("@spinajs/orm").ISelectQueryBuilder<FilterableUserMetadata[]> & import("@spinajs/orm").QueryScope>>;
     /**
-     * --------------------------------------------------------------------------
+     * Get a single metadata entry for a specific user (admin)
+     * Retrieves one metadata entry by key for the given user.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @param key Metadata key to retrieve
+     * @returns {IUserMetadataEntry} Single metadata entry for the user
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readAny permission required
+     * @response 404 User or metadata key not found
+     */
+    getUserMeta(user: UserModel, key: string): Promise<Ok<UserMetadata>>;
+    /**
+     * Add or update metadata for a specific user (admin)
+     * Inserts a new metadata entry for the given user, or updates it if the key already exists.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @response 200 Metadata created or updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateAny permission required
+     * @response 404 User not found
+     */
+    addUserMetadata(user: UserModel, metadata: UserMetadata): Promise<Ok<any>>;
+    /**
+     * Update a metadata entry for a specific user (admin)
+     * Updates Key, Value, and Type of an existing metadata entry identified by Id or Key.
+     * @security cookieAuth
+     * @param _user User UUID path parameter (used for authorization scope)
+     * @param meta Metadata Id or Key to update
+
+     * @response 200 Metadata updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateAny permission required
+     * @response 404 User or metadata entry not found
+     */
+    updateUserMetadata(meta: UserMetadata, _user: UserModel, data: UserMetadataDto): Promise<Ok<any>>;
+    /**
+     * Delete a metadata entry for a specific user (admin)
+     * Permanently removes a metadata entry by Id from the given user's metadata.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @param meta Metadata Id to delete
+     * @response 200 Metadata deleted successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — deleteAny permission required
+     * @response 404 User or metadata entry not found
+     */
+    deleteUserMetadata(user: UserModel, meta: number): Promise<Ok<any>>;
+    /**
+     * List own metadata
+     * Returns a paginated, filtered, and ordered list of metadata entries for the authenticated user.
+     * @security cookieAuth
+     * @param pagination.page Page number (zero-based)
+     * @param pagination.limit Number of entries per page
+     * @param order.column Column to sort by (default: Id)
+     * @param order.order Sort direction: ASC or DESC (default: DESC)
+     * @returns {IUserMetadataEntry[]} Paginated list of own metadata entries
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readOwn permission required
+     */
+    /**
+     * List own metadata
+     * Returns a paginated, filtered, and ordered list of metadata entries for the authenticated user.
+     * @security cookieAuth
+     * @param pagination.page Page number (zero-based)
+     * @param pagination.limit Number of entries per page
+     * @param order.column Column to sort by (default: Id)
+     * @param order.order Sort direction: ASC or DESC (default: DESC)
+     * @returns {IUserMetadataEntry[]} Paginated list of own metadata entries
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readOwn permission required
+     */
+    readMeta(pagination?: PaginationDTO, order?: OrderDTO, filter?: IFilterRequest): Promise<Ok<import("@spinajs/orm").ISelectQueryBuilder<FilterableUserMetadata[]> & import("@spinajs/orm").QueryScope>>;
+    /**
+     * Get own metadata entry by key
+     * Retrieves a single metadata entry by key for the authenticated user.
+     * @security cookieAuth
+     * @param key Metadata key to retrieve
+     * @returns {IUserMetadataEntry} Single own metadata entry by key
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readOwn permission required
+     * @response 404 Metadata key not found
+     */
+    getMeta(key: string): Promise<Ok<UserMetadata>>;
+    /**
+     * Add or update own metadata
+     * Inserts a new metadata entry for the authenticated user, or updates it if the key already exists.
+     * @security cookieAuth
+     * @response 200 Metadata created or updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateOwn permission required
      */
-    readMeta(pagination?: PaginationDTO, order?: OrderDTO, filter?: IFilterRequest): Promise<Ok>;
-    getMeta(key: string): Promise<Ok>;
     addMetadata(metadata: UserMetadata): Promise<void>;
-    updateMetadata(meta: string, data: UserMetadataDto): Promise<Ok>;
-    deleteMetadata(meta: number): Promise<Ok>;
+    /**
+     * Update own metadata entry
+     * Updates Key, Value, and Type of an existing metadata entry identified by Id or Key.
+     * @security cookieAuth
+     * @param meta Metadata Id or Key to update
+
+     * @response 200 Metadata updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateOwn permission required
+     * @response 404 Metadata entry not found
+     */
+    updateMetadata(meta: string, data: UserMetadataDto): Promise<Ok<any>>;
+    /**
+     * Delete own metadata entry
+     * Permanently removes a metadata entry by Id from the authenticated user's metadata.
+     * @security cookieAuth
+     * @param meta Metadata Id to delete
+     * @response 200 Metadata deleted successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — deleteOwn permission required
+     * @response 404 Metadata entry not found
+     */
+    deleteMetadata(meta: number): Promise<Ok<any>>;
 }
 //# sourceMappingURL=UserMetadataController.d.ts.map

package/lib/mjs/controllers/UserMetadataController.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"UserMetadataController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserMetadataController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkB,EAAE,EAAwC,cAAc,EAAS,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAEhE,OAAO,EAAW,aAAa,EAAE,QAAQ,EAAU,cAAc,EAAa,MAAM,mBAAmB,CAAC;AACxG,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAIzD,qBAGa,sBAAuB,SAAQ,cAAc;IAGtD;;OAEG;IAIU,YAAY,CACc,IAAI,EAAE,SAAS,EACzC,UAAU,CAAC,EAAE,aAAa,EAC1B,KAAK,CAAC,EAAE,QAAQ,EAEzB,MAAM,CAAC,EAAE,cAAc;IAcd,WAAW,CACe,IAAI,EAAE,SAAS,EACzC,GAAG,EAAE,MAAM;IASX,eAAe,CACW,IAAI,EAAE,SAAS,EACvC,QAAQ,EAAE,YAAY;IASxB,kBAAkB,CAOxB,IAAI,EAAE,YAAY,EACc,KAAK,EAAE,SAAS,EAC3C,IAAI,EAAE,eAAe;IAYpB,kBAAkB,CACQ,IAAI,EAAE,SAAS,EACzC,IAAI,EAAE,MAAM;IAWzB;;OAEG;IAMU,QAAQ,CACR,UAAU,CAAC,EAAE,aAAa,EAC1B,KAAK,CAAC,EAAE,QAAQ,EAEzB,MAAM,CAAC,EAAE,cAAc;IAWd,OAAO,CAAU,GAAG,EAAE,MAAM;IAQ5B,WAAW,CAAY,QAAQ,EAAE,YAAY;IAM7C,cAAc,CAAU,IAAI,EAAE,MAAM,EAAU,IAAI,EAAE,eAAe;IAYnE,cAAc,CAAU,IAAI,EAAE,MAAM;CAOpD"}
+{"version":3,"file":"UserMetadataController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserMetadataController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkB,EAAE,EAAwC,cAAc,EAAS,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAEhE,OAAO,EAAW,aAAa,EAAE,QAAQ,EAAU,cAAc,EAAa,MAAM,mBAAmB,CAAC;AACxG,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAE7E;;;;;;GAMG;AACH,qBAGa,sBAAuB,SAAQ,cAAc;IAEtD;;;;;;;;;;;;;OAaG;IAGU,YAAY,CACc,IAAI,EAAE,SAAS,EACzC,UAAU,CAAC,EAAE,aAAa,EAC1B,KAAK,CAAC,EAAE,QAAQ,EAEzB,MAAM,CAAC,EAAE,cAAc;IAY3B;;;;;;;;;;OAUG;IAGU,WAAW,CACe,IAAI,EAAE,SAAS,EACzC,GAAG,EAAE,MAAM;IAOxB;;;;;;;;;OASG;IAGU,eAAe,CACW,IAAI,EAAE,SAAS,EACvC,QAAQ,EAAE,YAAY;IAOrC;;;;;;;;;;;OAWG;IAGU,kBAAkB,CAOxB,IAAI,EAAE,YAAY,EACc,KAAK,EAAE,SAAS,EAC3C,IAAI,EAAE,eAAe;IAUjC;;;;;;;;;;OAUG;IAGU,kBAAkB,CACQ,IAAI,EAAE,SAAS,EACzC,IAAI,EAAE,MAAM;IASzB;;;;;;;;;;;OAWG;IAIH;;;;;;;;;;;OAWG;IAGU,QAAQ,CACR,UAAU,CAAC,EAAE,aAAa,EAC1B,KAAK,CAAC,EAAE,QAAQ,EAEzB,MAAM,CAAC,EAAE,cAAc;IAS3B;;;;;;;;;OASG;IAGU,OAAO,CAAU,GAAG,EAAE,MAAM;IAMzC;;;;;;;OAOG;IAGU,WAAW,CAAY,QAAQ,EAAE,YAAY;IAI1D;;;;;;;;;;OAUG;IAGU,cAAc,CAAU,IAAI,EAAE,MAAM,EAAU,IAAI,EAAE,eAAe;IAUhF;;;;;;;;;OASG;IAGU,cAAc,CAAU,IAAI,EAAE,MAAM;CAOpD"}

package/lib/mjs/controllers/UserMetadataController.js

@@ -17,29 +17,80 @@ import { AsModel, PaginationDTO, OrderDTO, Filter, FromModel } from '@spinajs/or
 import { UserMetadataDto } from '../dto/metadata-dto.js';
 import { InsertBehaviour, SortOrder } from '@spinajs/orm';
 import { FilterableUserMetadata } from '../models/FilterableUserMetadata.js';
+/**
+ * User metadata management.
+ * Provides CRUD operations for key-value metadata entries attached to user accounts.
+ * Admin routes operate on any user (identified by UUID), while own routes operate on the
+ * currently authenticated user's metadata.
+ * @tags User Metadata
+ */
 let UserMetadataController = class UserMetadataController extends BaseController {
     /**
-     *  SPECIFIC USER FUNCTIONS ( ADMIN FUNCTIONS )
+     * List metadata for a specific user (admin)
+     * Returns a paginated, filtered, and ordered list of metadata entries for the given user.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @param pagination.page Page number (zero-based)
+     * @param pagination.limit Number of entries per page
+     * @param order.column Column to sort by (default: Id)
+     * @param order.order Sort direction: ASC or DESC (default: DESC)
+     * @returns {IUserMetadataEntry[]} Paginated list of metadata entries for the user
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readAny permission required
+     * @response 404 User not found
      */
     async readUserMeta(user, pagination, order, filter) {
         return new Ok(FilterableUserMetadata.select().where({
             user_id: user.Id
-        }).filter(filter?.filters, filter?.op)
-            .take(pagination?.limit ?? undefined)
-            .skip(pagination?.limit * pagination?.page || 0)
+        }).filter(filter?.filters ?? [], filter?.op)
+            .take(pagination?.limit ?? 0)
+            .skip((pagination?.limit ?? 0) * (pagination?.page ?? 0))
             .order(order?.column ?? 'Id', order?.order ?? SortOrder.DESC));
     }
+    /**
+     * Get a single metadata entry for a specific user (admin)
+     * Retrieves one metadata entry by key for the given user.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @param key Metadata key to retrieve
+     * @returns {IUserMetadataEntry} Single metadata entry for the user
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readAny permission required
+     * @response 404 User or metadata key not found
+     */
     async getUserMeta(user, key) {
         return new Ok(UserMetadata.where({
             Key: key,
             user_id: user.Id
         }).firstOrFail());
     }
+    /**
+     * Add or update metadata for a specific user (admin)
+     * Inserts a new metadata entry for the given user, or updates it if the key already exists.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @response 200 Metadata created or updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateAny permission required
+     * @response 404 User not found
+     */
     async addUserMetadata(user, metadata) {
         metadata.User.attach(user);
         await metadata.insert(InsertBehaviour.InsertOrUpdate);
         return new Ok();
     }
+    /**
+     * Update a metadata entry for a specific user (admin)
+     * Updates Key, Value, and Type of an existing metadata entry identified by Id or Key.
+     * @security cookieAuth
+     * @param _user User UUID path parameter (used for authorization scope)
+     * @param meta Metadata Id or Key to update
+
+     * @response 200 Metadata updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateAny permission required
+     * @response 404 User or metadata entry not found
+     */
     async updateUserMetadata(meta, _user, data) {
         await meta.update({
             Key: data.Key,
@@ -48,6 +99,17 @@ let UserMetadataController = class UserMetadataController extends BaseController
         });
         return new Ok();
     }
+    /**
+     * Delete a metadata entry for a specific user (admin)
+     * Permanently removes a metadata entry by Id from the given user's metadata.
+     * @security cookieAuth
+     * @param user User UUID path parameter
+     * @param meta Metadata Id to delete
+     * @response 200 Metadata deleted successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — deleteAny permission required
+     * @response 404 User or metadata entry not found
+     */
     async deleteUserMetadata(user, meta) {
         await UserMetadata.destroy().where({
             Id: meta,
@@ -56,22 +118,72 @@ let UserMetadataController = class UserMetadataController extends BaseController
         return new Ok();
     }
     /**
-     * --------------------------------------------------------------------------
+     * List own metadata
+     * Returns a paginated, filtered, and ordered list of metadata entries for the authenticated user.
+     * @security cookieAuth
+     * @param pagination.page Page number (zero-based)
+     * @param pagination.limit Number of entries per page
+     * @param order.column Column to sort by (default: Id)
+     * @param order.order Sort direction: ASC or DESC (default: DESC)
+     * @returns {IUserMetadataEntry[]} Paginated list of own metadata entries
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readOwn permission required
+     */
+    /**
+     * List own metadata
+     * Returns a paginated, filtered, and ordered list of metadata entries for the authenticated user.
+     * @security cookieAuth
+     * @param pagination.page Page number (zero-based)
+     * @param pagination.limit Number of entries per page
+     * @param order.column Column to sort by (default: Id)
+     * @param order.order Sort direction: ASC or DESC (default: DESC)
+     * @returns {IUserMetadataEntry[]} Paginated list of own metadata entries
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readOwn permission required
      */
     async readMeta(pagination, order, filter) {
-        return new Ok(FilterableUserMetadata.select().filter(filter?.filters, filter?.op)
-            .take(pagination?.limit ?? undefined)
-            .skip(pagination?.limit * pagination?.page || 0)
+        return new Ok(FilterableUserMetadata.select().filter(filter?.filters ?? [], filter?.op)
+            .take(pagination?.limit ?? 0)
+            .skip((pagination?.limit ?? 0) * (pagination?.page ?? 0))
             .order(order?.column ?? 'Id', order?.order ?? SortOrder.DESC));
     }
+    /**
+     * Get own metadata entry by key
+     * Retrieves a single metadata entry by key for the authenticated user.
+     * @security cookieAuth
+     * @param key Metadata key to retrieve
+     * @returns {IUserMetadataEntry} Single own metadata entry by key
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — readOwn permission required
+     * @response 404 Metadata key not found
+     */
     async getMeta(key) {
         return new Ok(UserMetadata.where({
             Key: key,
         }).firstOrFail());
     }
+    /**
+     * Add or update own metadata
+     * Inserts a new metadata entry for the authenticated user, or updates it if the key already exists.
+     * @security cookieAuth
+     * @response 200 Metadata created or updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateOwn permission required
+     */
     async addMetadata(metadata) {
         await metadata.insert(InsertBehaviour.InsertOrUpdate);
     }
+    /**
+     * Update own metadata entry
+     * Updates Key, Value, and Type of an existing metadata entry identified by Id or Key.
+     * @security cookieAuth
+     * @param meta Metadata Id or Key to update
+
+     * @response 200 Metadata updated successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — updateOwn permission required
+     * @response 404 Metadata entry not found
+     */
     async updateMetadata(meta, data) {
         await UserMetadata.update({
             Key: data.Key,
@@ -80,6 +192,16 @@ let UserMetadataController = class UserMetadataController extends BaseController
         }).where("Key", meta).orWhere("Id", meta);
         return new Ok();
     }
+    /**
+     * Delete own metadata entry
+     * Permanently removes a metadata entry by Id from the authenticated user's metadata.
+     * @security cookieAuth
+     * @param meta Metadata Id to delete
+     * @response 200 Metadata deleted successfully
+     * @response 401 Unauthorized — valid session required
+     * @response 403 Forbidden — deleteOwn permission required
+     * @response 404 Metadata entry not found
+     */
     async deleteMetadata(meta) {
         await UserMetadata.destroy().where({
             Id: meta

package/lib/mjs/controllers/UserMetadataController.js.map

@@ -1 +1 @@
-{"version":3,"file":"UserMetadataController.js","sourceRoot":"","sources":["../../../src/controllers/UserMetadataController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAkB,SAAS,EAAE,MAAM,mBAAmB,CAAC;AACxG,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAKtE,IAAM,sBAAsB,GAA5B,MAAM,sBAAuB,SAAQ,cAAc;IAGtD;;OAEG;IAIU,AAAN,KAAK,CAAC,YAAY,CACc,IAAe,EACzC,UAA0B,EAC1B,KAAgB,EAEzB,MAAuB;QAEvB,OAAO,IAAI,EAAE,CAAC,sBAAsB,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC;YAChD,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAAC;aACjC,IAAI,CAAC,UAAU,EAAE,KAAK,IAAI,SAAS,CAAC;aACpC,IAAI,CAAC,UAAU,EAAE,KAAK,GAAG,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC;aAC/C,KAAK,CAAC,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,CAAC,IAAI,CAAC,CAChE,CAAC;IACN,CAAC;IAKY,AAAN,KAAK,CAAC,WAAW,CACe,IAAe,EACzC,GAAW;QACpB,OAAO,IAAI,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC;YAC7B,GAAG,EAAE,GAAG;YACR,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACtB,CAAC;IAIY,AAAN,KAAK,CAAC,eAAe,CACW,IAAe,EACvC,QAAsB;QAEjC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC3B,MAAM,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;QACtD,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAIY,AAAN,KAAK,CAAC,kBAAkB,CAOxB,IAAkB,EACc,KAAgB,EAC3C,IAAqB;QAC7B,MAAM,IAAI,CAAC,MAAM,CAAC;YACd,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC,CAAA;QAEF,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAIY,AAAN,KAAK,CAAC,kBAAkB,CACQ,IAAe,EACzC,IAAY;QACrB,MAAM,YAAY,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC;YAC/B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAID;;OAEG;IAMU,AAAN,KAAK,CAAC,QAAQ,CACR,UAA0B,EAC1B,KAAgB,EAEzB,MAAuB;QAEvB,OAAO,IAAI,EAAE,CAAC,sBAAsB,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAAC;aAC5E,IAAI,CAAC,UAAU,EAAE,KAAK,IAAI,SAAS,CAAC;aACpC,IAAI,CAAC,UAAU,EAAE,KAAK,GAAG,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC;aAC/C,KAAK,CAAC,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,CAAC,IAAI,CAAC,CAChE,CAAC;IACN,CAAC;IAIY,AAAN,KAAK,CAAC,OAAO,CAAU,GAAW;QACrC,OAAO,IAAI,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC;YAC7B,GAAG,EAAE,GAAG;SACX,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACtB,CAAC;IAIY,AAAN,KAAK,CAAC,WAAW,CAAY,QAAsB;QACtD,MAAM,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAIY,AAAN,KAAK,CAAC,cAAc,CAAU,IAAY,EAAU,IAAqB;QAC5E,MAAM,YAAY,CAAC,MAAM,CAAC;YACtB,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAE1C,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAIY,AAAN,KAAK,CAAC,cAAc,CAAU,IAAY;QAC7C,MAAM,YAAY,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC;YAC/B,EAAE,EAAE,IAAI;SACX,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;CACJ,CAAA;AAnIgB;IAFZ,GAAG,CAAC,gBAAgB,CAAC;IACrB,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,MAAM,CAAC,sBAAsB,CAAC,CAAA;;qCAHU,SAAS;QAC5B,aAAa;QAClB,QAAQ;;0DAW5B;AAKY;IAFZ,GAAG,CAAC,qBAAqB,CAAC;IAC1B,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;;qCADiC,SAAS;;yDAMrD;AAIY;IAFZ,IAAI,CAAC,gBAAgB,CAAC;IACtB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,OAAO,EAAE,CAAA;;qCAD+B,SAAS;QAC7B,YAAY;;6DAKpC;AAIY;IAFZ,KAAK,CAAC,uBAAuB,CAAC;IAC9B,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC;QACP,KAAK,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,IAAI;YAC7B,OAAO,IAAI,CAAC,KAAK,CAAC;gBACd,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAA;QACnC,CAAC,CAAC;KACL,CAAC,CAAA;IACD,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,IAAI,EAAE,CAAA;;qCAFE,YAAY;QACqB,SAAS;QACrC,eAAe;;gEAQhC;AAIY;IAFZ,GAAG,CAAC,sBAAsB,CAAC;IAC3B,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;;qCADiC,SAAS;;gEAQrD;AAYY;IAFZ,GAAG,CAAC,UAAU,CAAC;IACf,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,MAAM,CAAC,sBAAsB,CAAC,CAAA;;qCAFT,aAAa;QAClB,QAAQ;;sDAS5B;AAIY;IAFZ,GAAG,CAAC,eAAe,CAAC;IACpB,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACF,WAAA,KAAK,EAAE,CAAA;;;;qDAI5B;AAIY;IAFZ,IAAI,CAAC,UAAU,CAAC;IAChB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACA,WAAA,OAAO,EAAE,CAAA;;qCAAW,YAAY;;yDAEzD;AAIY;IAFZ,KAAK,CAAC,gBAAgB,CAAC;IACvB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACG,WAAA,KAAK,EAAE,CAAA;IAAgB,WAAA,IAAI,EAAE,CAAA;;6CAAO,eAAe;;4DAQ/E;AAIY;IAFZ,GAAG,CAAC,gBAAgB,CAAC;IACrB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACG,WAAA,KAAK,EAAE,CAAA;;;;4DAMnC;AA3IQ,sBAAsB;IAHlC,QAAQ,CAAC,MAAM,CAAC;IAChB,QAAQ,CAAC,eAAe,CAAC;IACzB,MAAM,CAAC,gBAAgB,CAAC;GACZ,sBAAsB,CA4IlC"}
+{"version":3,"file":"UserMetadataController.js","sourceRoot":"","sources":["../../../src/controllers/UserMetadataController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAkB,SAAS,EAAE,MAAM,mBAAmB,CAAC;AACxG,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAE7E;;;;;;GAMG;AAII,IAAM,sBAAsB,GAA5B,MAAM,sBAAuB,SAAQ,cAAc;IAEtD;;;;;;;;;;;;;OAaG;IAGU,AAAN,KAAK,CAAC,YAAY,CACc,IAAe,EACzC,UAA0B,EAC1B,KAAgB,EAEzB,MAAuB;QAEvB,OAAO,IAAI,EAAE,CAAC,sBAAsB,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC;YAChD,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC;aACvC,IAAI,CAAC,UAAU,EAAE,KAAK,IAAI,CAAC,CAAC;aAC5B,IAAI,CAAC,CAAC,UAAU,EAAE,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC;aACxD,KAAK,CAAC,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,CAAC,IAAI,CAAC,CAChE,CAAC;IACN,CAAC;IAGD;;;;;;;;;;OAUG;IAGU,AAAN,KAAK,CAAC,WAAW,CACe,IAAe,EACzC,GAAW;QACpB,OAAO,IAAI,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC;YAC7B,GAAG,EAAE,GAAG;YACR,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACtB,CAAC;IAED;;;;;;;;;OASG;IAGU,AAAN,KAAK,CAAC,eAAe,CACW,IAAe,EACvC,QAAsB;QAEjC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC3B,MAAM,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;QACtD,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAED;;;;;;;;;;;OAWG;IAGU,AAAN,KAAK,CAAC,kBAAkB,CAOxB,IAAkB,EACc,KAAgB,EAC3C,IAAqB;QAC7B,MAAM,IAAI,CAAC,MAAM,CAAC;YACd,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC,CAAA;QAEF,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAED;;;;;;;;;;OAUG;IAGU,AAAN,KAAK,CAAC,kBAAkB,CACQ,IAAe,EACzC,IAAY;QACrB,MAAM,YAAY,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC;YAC/B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAED;;;;;;;;;;;OAWG;IAIH;;;;;;;;;;;OAWG;IAGU,AAAN,KAAK,CAAC,QAAQ,CACR,UAA0B,EAC1B,KAAgB,EAEzB,MAAuB;QAEvB,OAAO,IAAI,EAAE,CAAC,sBAAsB,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC;aAClF,IAAI,CAAC,UAAU,EAAE,KAAK,IAAI,CAAC,CAAC;aAC5B,IAAI,CAAC,CAAC,UAAU,EAAE,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC;aACxD,KAAK,CAAC,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,CAAC,IAAI,CAAC,CAChE,CAAC;IACN,CAAC;IAED;;;;;;;;;OASG;IAGU,AAAN,KAAK,CAAC,OAAO,CAAU,GAAW;QACrC,OAAO,IAAI,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC;YAC7B,GAAG,EAAE,GAAG;SACX,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACtB,CAAC;IAED;;;;;;;OAOG;IAGU,AAAN,KAAK,CAAC,WAAW,CAAY,QAAsB;QACtD,MAAM,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;;;;;OAUG;IAGU,AAAN,KAAK,CAAC,cAAc,CAAU,IAAY,EAAU,IAAqB;QAC5E,MAAM,YAAY,CAAC,MAAM,CAAC;YACtB,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAE1C,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAED;;;;;;;;;OASG;IAGU,AAAN,KAAK,CAAC,cAAc,CAAU,IAAY;QAC7C,MAAM,YAAY,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC;YAC/B,EAAE,EAAE,IAAI;SACX,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;CACJ,CAAA;AAzOgB;IAFZ,GAAG,CAAC,gBAAgB,CAAC;IACrB,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,MAAM,CAAC,sBAAsB,CAAC,CAAA;;qCAHU,SAAS;QAC5B,aAAa;QAClB,QAAQ;;0DAW5B;AAgBY;IAFZ,GAAG,CAAC,qBAAqB,CAAC;IAC1B,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;;qCADiC,SAAS;;yDAMrD;AAcY;IAFZ,IAAI,CAAC,gBAAgB,CAAC;IACtB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,OAAO,EAAE,CAAA;;qCAD+B,SAAS;QAC7B,YAAY;;6DAKpC;AAgBY;IAFZ,KAAK,CAAC,uBAAuB,CAAC;IAC9B,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC;QACP,KAAK,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,IAAI;YAC7B,OAAO,IAAI,CAAC,KAAK,CAAC;gBACd,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAA;QACnC,CAAC,CAAC;KACL,CAAC,CAAA;IACD,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,IAAI,EAAE,CAAA;;qCAFE,YAAY;QACqB,SAAS;QACrC,eAAe;;gEAQhC;AAeY;IAFZ,GAAG,CAAC,sBAAsB,CAAC;IAC3B,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;;qCADiC,SAAS;;gEAQrD;AA+BY;IAFZ,GAAG,CAAC,UAAU,CAAC;IACf,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,MAAM,CAAC,sBAAsB,CAAC,CAAA;;qCAFT,aAAa;QAClB,QAAQ;;sDAS5B;AAcY;IAFZ,GAAG,CAAC,eAAe,CAAC;IACpB,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACF,WAAA,KAAK,EAAE,CAAA;;;;qDAI5B;AAYY;IAFZ,IAAI,CAAC,UAAU,CAAC;IAChB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACA,WAAA,OAAO,EAAE,CAAA;;qCAAW,YAAY;;yDAEzD;AAeY;IAFZ,KAAK,CAAC,gBAAgB,CAAC;IACvB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACG,WAAA,KAAK,EAAE,CAAA;IAAgB,WAAA,IAAI,EAAE,CAAA;;6CAAO,eAAe;;4DAQ/E;AAcY;IAFZ,GAAG,CAAC,gBAAgB,CAAC;IACrB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACG,WAAA,KAAK,EAAE,CAAA;;;;4DAMnC;AA1PQ,sBAAsB;IAHlC,QAAQ,CAAC,MAAM,CAAC;IAChB,QAAQ,CAAC,eAAe,CAAC;IACzB,MAAM,CAAC,gBAAgB,CAAC;GACZ,sBAAsB,CA2PlC"}

package/lib/mjs/dto/metadata-dto.d.ts

@@ -7,13 +7,16 @@ export declare const MetadataDtoSchema: {
             type: string;
             maxLength: number;
             minLength: number;
+            description: string;
         };
         Value: {
             type: string;
+            description: string;
         };
         Type: {
             type: string;
             enum: string[];
+            description: string;
         };
     };
     required: string[];

package/lib/mjs/dto/metadata-dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"metadata-dto.d.ts","sourceRoot":"","sources":["../../../src/dto/metadata-dto.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;CAU7B,CAAC;AAEF,qBACa,eAAe;IACjB,GAAG,EAAG,MAAM,CAAC;IACb,KAAK,EAAG,MAAM,CAAC;IACf,IAAI,EAAE,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,MAAM,GAAG,SAAS,GAAG,UAAU,CAAC;gBACjE,IAAI,EAAE,GAAG;CAGxB"}
+{"version":3,"file":"metadata-dto.d.ts","sourceRoot":"","sources":["../../../src/dto/metadata-dto.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;CAU7B,CAAC;AAEF,qBACa,eAAe;IACjB,GAAG,EAAG,MAAM,CAAC;IACb,KAAK,EAAG,MAAM,CAAC;IACf,IAAI,EAAE,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,MAAM,GAAG,SAAS,GAAG,UAAU,CAAC;gBACjE,IAAI,EAAE,GAAG;CAGxB"}

package/lib/mjs/dto/metadata-dto.js

@@ -13,9 +13,9 @@ export const MetadataDtoSchema = {
     title: 'User metadata DTO',
     type: 'object',
     properties: {
-        Key: { type: 'string', maxLength: 255, minLength: 6 },
-        Value: { type: 'string' },
-        Type: { type: "string", enum: ['number', 'float', 'string', 'json', 'boolean', 'datetime'] }
+        Key: { type: 'string', maxLength: 255, minLength: 6, description: 'Metadata key (dot-notation supported, e.g. user:niceName)' },
+        Value: { type: 'string', description: 'Metadata value stored as a string regardless of Type' },
+        Type: { type: 'string', enum: ['number', 'float', 'string', 'json', 'boolean', 'datetime'], description: 'Declared value type used for serialization/deserialization' },
     },
     required: ['Key', 'Type'],
 };

package/lib/mjs/dto/metadata-dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"metadata-dto.js","sourceRoot":"","sources":["../../../src/dto/metadata-dto.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC7B,OAAO,EAAE,yCAAyC;IAClD,KAAK,EAAE,mBAAmB;IAC1B,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE;QACR,GAAG,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,EAAE;QACrD,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;QACzB,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE;KAC/F;IACD,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;CAC5B,CAAC;AAGK,IAAM,eAAe,GAArB,MAAM,eAAe;IAIxB,YAAY,IAAS;QACjB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9B,CAAC;CACJ,CAAA;AAPY,eAAe;IAD3B,MAAM,CAAC,iBAAiB,CAAC;;GACb,eAAe,CAO3B"}
+{"version":3,"file":"metadata-dto.js","sourceRoot":"","sources":["../../../src/dto/metadata-dto.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC7B,OAAO,EAAE,yCAAyC;IAClD,KAAK,EAAE,mBAAmB;IAC1B,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE;QACR,GAAG,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,EAAE,WAAW,EAAE,2DAA2D,EAAE;QAC/H,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sDAAsD,EAAE;QAC9F,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,WAAW,EAAE,4DAA4D,EAAE;KAC1K;IACD,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;CAC5B,CAAC;AAGK,IAAM,eAAe,GAArB,MAAM,eAAe;IAIxB,YAAY,IAAS;QACjB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9B,CAAC;CACJ,CAAA;AAPY,eAAe;IAD3B,MAAM,CAAC,iBAAiB,CAAC;;GACb,eAAe,CAO3B"}