@stratal/framework 0.0.13 → 0.0.14

package/dist/rbac/errors/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/rbac/errors/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAA"}

package/dist/rbac/errors/insufficient-permissions.error.d.ts

@@ -1,14 +0,0 @@
-import { ApplicationError } from 'stratal/errors';
-/**
- * InsufficientPermissionsError
- *
- * Thrown when a user attempts to perform an action without the required permissions.
- * This error is used by the auth guard after authorization check fails.
- *
- * HTTP Status: 403 Forbidden
- * Error Code: 3102 (AUTHZ.INSUFFICIENT_PERMISSIONS)
- */
-export declare class InsufficientPermissionsError extends ApplicationError {
-    constructor(requiredScopes: string[], userId?: string);
-}
-//# sourceMappingURL=insufficient-permissions.error.d.ts.map

package/dist/rbac/errors/insufficient-permissions.error.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"insufficient-permissions.error.d.ts","sourceRoot":"","sources":["../../../src/rbac/errors/insufficient-permissions.error.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAe,MAAM,gBAAgB,CAAA;AAE9D;;;;;;;;GAQG;AACH,qBAAa,4BAA6B,SAAQ,gBAAgB;gBACpD,cAAc,EAAE,MAAM,EAAE,EAAE,MAAM,CAAC,EAAE,MAAM;CAMtD"}

package/dist/rbac/errors/insufficient-permissions.error.js

@@ -1,19 +0,0 @@
-import { ApplicationError, ERROR_CODES } from 'stratal/errors';
-/**
- * InsufficientPermissionsError
- *
- * Thrown when a user attempts to perform an action without the required permissions.
- * This error is used by the auth guard after authorization check fails.
- *
- * HTTP Status: 403 Forbidden
- * Error Code: 3102 (AUTHZ.INSUFFICIENT_PERMISSIONS)
- */
-export class InsufficientPermissionsError extends ApplicationError {
-    constructor(requiredScopes, userId) {
-        super('errors.insufficientPermissions', ERROR_CODES.AUTHZ.INSUFFICIENT_PERMISSIONS, {
-            requiredScopes: requiredScopes.join(', '),
-            userId: userId ?? 'unknown',
-        });
-    }
-}
-//# sourceMappingURL=insufficient-permissions.error.js.map

package/dist/rbac/errors/insufficient-permissions.error.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"insufficient-permissions.error.js","sourceRoot":"","sources":["../../../src/rbac/errors/insufficient-permissions.error.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAE9D;;;;;;;;GAQG;AACH,MAAM,OAAO,4BAA6B,SAAQ,gBAAgB;IAChE,YAAY,cAAwB,EAAE,MAAe;QACnD,KAAK,CAAC,gCAAgC,EAAE,WAAW,CAAC,KAAK,CAAC,wBAAwB,EAAE;YAClF,cAAc,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;YACzC,MAAM,EAAE,MAAM,IAAI,SAAS;SAC5B,CAAC,CAAA;IACJ,CAAC;CACF"}

package/dist/rbac/index.d.ts

@@ -1,9 +0,0 @@
-export { RBAC_CONTEXT_KEYS } from './constants';
-export { InsufficientPermissionsError } from './errors/insufficient-permissions.error';
-export { CasbinEnforcerService } from './services/casbin-enforcer.service';
-export { CasbinService } from './services/casbin.service';
-export { CustomZenStackAdapter } from './adapters/custom-zenstack-adapter';
-export { RbacModule } from './rbac.module';
-export { RBAC_TOKENS } from './tokens';
-export type { RbacModuleOptions } from './types';
-//# sourceMappingURL=index.d.ts.map

package/dist/rbac/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/rbac/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAC/C,OAAO,EAAE,4BAA4B,EAAE,MAAM,yCAAyC,CAAA;AACtF,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA;AACtC,YAAY,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA"}

package/dist/rbac/index.js

@@ -1,8 +0,0 @@
-export { RBAC_CONTEXT_KEYS } from './constants';
-export { InsufficientPermissionsError } from './errors/insufficient-permissions.error';
-export { CasbinEnforcerService } from './services/casbin-enforcer.service';
-export { CasbinService } from './services/casbin.service';
-export { CustomZenStackAdapter } from './adapters/custom-zenstack-adapter';
-export { RbacModule } from './rbac.module';
-export { RBAC_TOKENS } from './tokens';
-//# sourceMappingURL=index.js.map

package/dist/rbac/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rbac/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAC/C,OAAO,EAAE,4BAA4B,EAAE,MAAM,yCAAyC,CAAA;AACtF,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA"}

package/dist/rbac/rbac.module.d.ts

@@ -1,26 +0,0 @@
-import type { AsyncModuleOptions, DynamicModule } from 'stratal/module';
-import type { RbacModuleOptions } from './types';
-/**
- * RBAC Module
- *
- * Provides role-based access control using Casbin.
- * Fully configurable — no hardcoded roles, policies, or model.
- *
- * @example
- * ```typescript
- * @Module({
- *   imports: [
- *     RbacModule.forRoot({
- *       model: MY_RBAC_MODEL,
- *       defaultPolicies: [['admin', 'users:*', '.*']],
- *       roleHierarchy: [['super_admin', 'admin']],
- *     })
- *   ]
- * })
- * ```
- */
-export declare class RbacModule {
-    static forRoot(options: RbacModuleOptions): DynamicModule;
-    static forRootAsync(options: AsyncModuleOptions<RbacModuleOptions>): DynamicModule;
-}
-//# sourceMappingURL=rbac.module.d.ts.map

package/dist/rbac/rbac.module.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"rbac.module.d.ts","sourceRoot":"","sources":["../../src/rbac/rbac.module.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAIvE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA;AAEhD;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAMa,UAAU;IACrB,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,iBAAiB,GAAG,aAAa;IASzD,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,kBAAkB,CAAC,iBAAiB,CAAC,GAAG,aAAa;CAYnF"}

package/dist/rbac/rbac.module.js

@@ -1,62 +0,0 @@
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var RbacModule_1;
-import { Module } from 'stratal/module';
-import { CasbinEnforcerService } from './services/casbin-enforcer.service';
-import { CasbinService } from './services/casbin.service';
-import { RBAC_TOKENS } from './tokens';
-/**
- * RBAC Module
- *
- * Provides role-based access control using Casbin.
- * Fully configurable — no hardcoded roles, policies, or model.
- *
- * @example
- * ```typescript
- * @Module({
- *   imports: [
- *     RbacModule.forRoot({
- *       model: MY_RBAC_MODEL,
- *       defaultPolicies: [['admin', 'users:*', '.*']],
- *       roleHierarchy: [['super_admin', 'admin']],
- *     })
- *   ]
- * })
- * ```
- */
-let RbacModule = RbacModule_1 = class RbacModule {
-    static forRoot(options) {
-        return {
-            module: RbacModule_1,
-            providers: [
-                { provide: RBAC_TOKENS.Options, useValue: options },
-            ],
-        };
-    }
-    static forRootAsync(options) {
-        return {
-            module: RbacModule_1,
-            providers: [
-                {
-                    provide: RBAC_TOKENS.Options,
-                    useFactory: options.useFactory,
-                    inject: options.inject,
-                },
-            ],
-        };
-    }
-};
-RbacModule = RbacModule_1 = __decorate([
-    Module({
-        providers: [
-            CasbinEnforcerService,
-            { provide: RBAC_TOKENS.CasbinService, useClass: CasbinService },
-        ],
-    })
-], RbacModule);
-export { RbacModule };
-//# sourceMappingURL=rbac.module.js.map

package/dist/rbac/rbac.module.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"rbac.module.js","sourceRoot":"","sources":["../../src/rbac/rbac.module.ts"],"names":[],"mappings":";;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AAEvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA;AAGtC;;;;;;;;;;;;;;;;;;GAkBG;AAOI,IAAM,UAAU,kBAAhB,MAAM,UAAU;IACrB,MAAM,CAAC,OAAO,CAAC,OAA0B;QACvC,OAAO;YACL,MAAM,EAAE,YAAU;YAClB,SAAS,EAAE;gBACT,EAAE,OAAO,EAAE,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,OAA4B,EAAE;aACzE;SACF,CAAA;IACH,CAAC;IAED,MAAM,CAAC,YAAY,CAAC,OAA8C;QAChE,OAAO;YACL,MAAM,EAAE,YAAU;YAClB,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,WAAW,CAAC,OAAO;oBAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;iBACvB;aACF;SACF,CAAA;IACH,CAAC;CACF,CAAA;AAtBY,UAAU;IANtB,MAAM,CAAC;QACN,SAAS,EAAE;YACT,qBAAqB;YACrB,EAAE,OAAO,EAAE,WAAW,CAAC,aAAa,EAAE,QAAQ,EAAE,aAAa,EAAE;SAChE;KACF,CAAC;GACW,UAAU,CAsBtB"}

package/dist/rbac/services/casbin-enforcer.service.d.ts

@@ -1,37 +0,0 @@
-import { type Enforcer } from 'casbin';
-import { type CasbinDbClient } from '../adapters/custom-zenstack-adapter';
-import type { RbacModuleOptions } from '../types';
-/**
- * CasbinEnforcerService
- *
- * Manages the Casbin enforcer instance for authorization.
- * Model, default policies, and role hierarchy are provided via DI options.
- */
-export declare class CasbinEnforcerService {
-    protected readonly db: CasbinDbClient;
-    protected readonly options: RbacModuleOptions;
-    protected enforcer: Enforcer | null;
-    constructor(db: CasbinDbClient, options: RbacModuleOptions);
-    /**
-     * Get or create the enforcer instance
-     */
-    getEnforcer(): Promise<Enforcer>;
-    /**
-     * Create a new enforcer instance.
-     * Can be overridden by subclasses to customize enforcer creation.
-     */
-    protected createEnforcer(): Promise<Enforcer>;
-    /**
-     * Seed default policies into database
-     */
-    seedPolicies(): Promise<void>;
-    /**
-     * Clear cached enforcer instance
-     */
-    clearCache(): void;
-    /**
-     * Seed role hierarchy into database
-     */
-    seedRoleHierarchy(): Promise<void>;
-}
-//# sourceMappingURL=casbin-enforcer.service.d.ts.map

package/dist/rbac/services/casbin-enforcer.service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"casbin-enforcer.service.d.ts","sourceRoot":"","sources":["../../../src/rbac/services/casbin-enforcer.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAyC,KAAK,QAAQ,EAAE,MAAM,QAAQ,CAAA;AAG7E,OAAO,EAAyB,KAAK,cAAc,EAAE,MAAM,qCAAqC,CAAA;AAEhG,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAEjD;;;;;GAKG;AACH,qBACa,qBAAqB;IAK9B,SAAS,CAAC,QAAQ,CAAC,EAAE,EAAE,cAAc;IAErC,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,iBAAiB;IAN/C,SAAS,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAO;gBAIrB,EAAE,EAAE,cAAc,EAElB,OAAO,EAAE,iBAAiB;IAG/C;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,QAAQ,CAAC;IAKtC;;;OAGG;cACa,cAAc,IAAI,OAAO,CAAC,QAAQ,CAAC;IASnD;;OAEG;IACG,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAWnC;;OAEG;IACH,UAAU,IAAI,IAAI;IAIlB;;OAEG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;CAUzC"}

package/dist/rbac/services/casbin-enforcer.service.js

@@ -1,86 +0,0 @@
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-import { newCachedEnforcer, newModelFromString } from 'casbin';
-import { DI_TOKENS, Transient } from 'stratal/di';
-import { inject } from 'tsyringe';
-import { CustomZenStackAdapter } from '../adapters/custom-zenstack-adapter';
-import { RBAC_TOKENS } from '../tokens';
-/**
- * CasbinEnforcerService
- *
- * Manages the Casbin enforcer instance for authorization.
- * Model, default policies, and role hierarchy are provided via DI options.
- */
-let CasbinEnforcerService = class CasbinEnforcerService {
-    db;
-    options;
-    enforcer = null;
-    constructor(db, options) {
-        this.db = db;
-        this.options = options;
-    }
-    /**
-     * Get or create the enforcer instance
-     */
-    async getEnforcer() {
-        this.enforcer ??= await this.createEnforcer();
-        return this.enforcer;
-    }
-    /**
-     * Create a new enforcer instance.
-     * Can be overridden by subclasses to customize enforcer creation.
-     */
-    async createEnforcer() {
-        const model = newModelFromString(this.options.model);
-        const adapter = CustomZenStackAdapter.newAdapter(this.db);
-        const enforcer = await newCachedEnforcer(model, adapter);
-        await enforcer.loadPolicy();
-        return enforcer;
-    }
-    /**
-     * Seed default policies into database
-     */
-    async seedPolicies() {
-        const enforcer = await this.getEnforcer();
-        const policies = this.options.defaultPolicies ?? [];
-        for (const [role, resource, action] of policies) {
-            await enforcer.addPolicy(role, resource, action);
-        }
-        await enforcer.savePolicy();
-    }
-    /**
-     * Clear cached enforcer instance
-     */
-    clearCache() {
-        this.enforcer = null;
-    }
-    /**
-     * Seed role hierarchy into database
-     */
-    async seedRoleHierarchy() {
-        const enforcer = await this.getEnforcer();
-        const hierarchy = this.options.roleHierarchy ?? [];
-        for (const [childRole, parentRole] of hierarchy) {
-            await enforcer.addGroupingPolicy(childRole, parentRole);
-        }
-        await enforcer.savePolicy();
-    }
-};
-CasbinEnforcerService = __decorate([
-    Transient(),
-    __param(0, inject(DI_TOKENS.Database)),
-    __param(1, inject(RBAC_TOKENS.Options)),
-    __metadata("design:paramtypes", [Object, Object])
-], CasbinEnforcerService);
-export { CasbinEnforcerService };
-//# sourceMappingURL=casbin-enforcer.service.js.map

package/dist/rbac/services/casbin-enforcer.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"casbin-enforcer.service.js","sourceRoot":"","sources":["../../../src/rbac/services/casbin-enforcer.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,iBAAiB,EAAE,kBAAkB,EAAiB,MAAM,QAAQ,CAAA;AAC7E,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,qBAAqB,EAAuB,MAAM,qCAAqC,CAAA;AAChG,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAA;AAGvC;;;;;GAKG;AAEI,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAKX;IAEA;IANX,QAAQ,GAAoB,IAAI,CAAA;IAE1C,YAEqB,EAAkB,EAElB,OAA0B;QAF1B,OAAE,GAAF,EAAE,CAAgB;QAElB,YAAO,GAAP,OAAO,CAAmB;IAC3C,CAAC;IAEL;;OAEG;IACH,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC9C,OAAO,IAAI,CAAC,QAAQ,CAAA;IACtB,CAAC;IAED;;;OAGG;IACO,KAAK,CAAC,cAAc;QAC5B,MAAM,KAAK,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAEpD,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACzD,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACxD,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QAC3B,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QAChB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,CAAA;QAEnD,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YAChD,MAAM,QAAQ,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAA;QAClD,CAAC;QAED,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;IAC7B,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAA;IACtB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB;QACrB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,CAAA;QAElD,KAAK,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,IAAI,SAAS,EAAE,CAAC;YAChD,MAAM,QAAQ,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QACzD,CAAC;QAED,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;IAC7B,CAAC;CACF,CAAA;AAjEY,qBAAqB;IADjC,SAAS,EAAE;IAKP,WAAA,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAA;IAE1B,WAAA,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;;GANnB,qBAAqB,CAiEjC"}

package/dist/rbac/services/casbin.service.d.ts

@@ -1,37 +0,0 @@
-import type { Enforcer } from 'casbin';
-import type { AuthContext } from '../../context/auth-context';
-import { CasbinEnforcerService } from './casbin-enforcer.service';
-/**
- * CasbinService
- *
- * Request-scoped service that provides the full Casbin RBAC API.
- * Uses AuthContext to get the current user.
- */
-export declare class CasbinService {
-    protected readonly context: AuthContext;
-    protected readonly enforcerService: CasbinEnforcerService;
-    constructor(context: AuthContext, enforcerService: CasbinEnforcerService);
-    protected getEnforcer(): Promise<Enforcer>;
-    addRoleForUser(userId: string, role: string): Promise<boolean>;
-    deleteRoleForUser(userId: string, role: string): Promise<boolean>;
-    deleteRolesForUser(userId: string): Promise<boolean>;
-    getRolesForUser(userId: string): Promise<string[]>;
-    getImplicitRolesForUser(userId: string): Promise<string[]>;
-    getUsersForRole(role: string): Promise<string[]>;
-    getImplicitUsersForRole(role: string): Promise<string[]>;
-    hasRoleForUser(userId: string, role: string): Promise<boolean>;
-    addRoleInheritance(childRole: string, parentRole: string): Promise<boolean>;
-    deleteRoleInheritance(childRole: string, parentRole: string): Promise<boolean>;
-    deleteUser(userId: string): Promise<boolean>;
-    deleteRole(role: string): Promise<boolean>;
-    getCurrentUserRoles(): Promise<string[]>;
-    currentUserHasRole(role: string): Promise<boolean>;
-    setRolesForUser(userId: string, roles: string[]): Promise<void>;
-    hasPermission(userId: string, scope: string, action: string): Promise<boolean>;
-    currentUserHasPermission(scope: string, action: string): Promise<boolean>;
-    hasAnyPermission(userId: string, scopes: string[], action: string): Promise<boolean>;
-    currentUserHasAnyPermission(scopes: string[], action: string): Promise<boolean>;
-    getPermissionsForUserAsCasbinJs(userId: string): Promise<Record<string, string[]>>;
-    getCurrentUserPermissionsAsCasbinJs(): Promise<Record<string, string[]>>;
-}
-//# sourceMappingURL=casbin.service.d.ts.map

package/dist/rbac/services/casbin.service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"casbin.service.d.ts","sourceRoot":"","sources":["../../../src/rbac/services/casbin.service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAA;AAGtC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAE7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAA;AAEjE;;;;;GAKG;AACH,qBACa,aAAa;IAGtB,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,WAAW;IAEvC,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,qBAAqB;gBAFtC,OAAO,EAAE,WAAW,EAEpB,eAAe,EAAE,qBAAqB;cAG3C,WAAW,IAAI,OAAO,CAAC,QAAQ,CAAC;IAM1C,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAO9D,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOjE,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOpD,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAKlD,uBAAuB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAK1D,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAKhD,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAKxD,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAO9D,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAO3E,qBAAqB,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAS9E,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAO5C,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAS1C,mBAAmB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAMxC,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlD,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAW/D,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK9E,wBAAwB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMzE,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOpF,2BAA2B,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAQ/E,+BAA+B,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAelF,mCAAmC,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;CAK/E"}

package/dist/rbac/services/casbin.service.js

@@ -1,174 +0,0 @@
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-import { inject } from 'tsyringe';
-import { Transient, DI_TOKENS } from 'stratal/di';
-import { RBAC_TOKENS } from '../tokens';
-import { CasbinEnforcerService } from './casbin-enforcer.service';
-/**
- * CasbinService
- *
- * Request-scoped service that provides the full Casbin RBAC API.
- * Uses AuthContext to get the current user.
- */
-let CasbinService = class CasbinService {
-    context;
-    enforcerService;
-    constructor(context, enforcerService) {
-        this.context = context;
-        this.enforcerService = enforcerService;
-    }
-    async getEnforcer() {
-        return this.enforcerService.getEnforcer();
-    }
-    // ==================== USER-ROLE MANAGEMENT ====================
-    async addRoleForUser(userId, role) {
-        const enforcer = await this.getEnforcer();
-        const added = await enforcer.addRoleForUser(userId, role);
-        if (added)
-            await enforcer.savePolicy();
-        return added;
-    }
-    async deleteRoleForUser(userId, role) {
-        const enforcer = await this.getEnforcer();
-        const deleted = await enforcer.deleteRoleForUser(userId, role);
-        if (deleted)
-            await enforcer.savePolicy();
-        return deleted;
-    }
-    async deleteRolesForUser(userId) {
-        const enforcer = await this.getEnforcer();
-        const deleted = await enforcer.deleteRolesForUser(userId);
-        if (deleted)
-            await enforcer.savePolicy();
-        return deleted;
-    }
-    async getRolesForUser(userId) {
-        const enforcer = await this.getEnforcer();
-        return enforcer.getRolesForUser(userId);
-    }
-    async getImplicitRolesForUser(userId) {
-        const enforcer = await this.getEnforcer();
-        return enforcer.getImplicitRolesForUser(userId);
-    }
-    async getUsersForRole(role) {
-        const enforcer = await this.getEnforcer();
-        return enforcer.getUsersForRole(role);
-    }
-    async getImplicitUsersForRole(role) {
-        const enforcer = await this.getEnforcer();
-        return enforcer.getImplicitUsersForRole(role);
-    }
-    async hasRoleForUser(userId, role) {
-        const enforcer = await this.getEnforcer();
-        return enforcer.hasRoleForUser(userId, role);
-    }
-    // ==================== ROLE HIERARCHY MANAGEMENT ====================
-    async addRoleInheritance(childRole, parentRole) {
-        const enforcer = await this.getEnforcer();
-        const added = await enforcer.addGroupingPolicy(childRole, parentRole);
-        if (added)
-            await enforcer.savePolicy();
-        return added;
-    }
-    async deleteRoleInheritance(childRole, parentRole) {
-        const enforcer = await this.getEnforcer();
-        const deleted = await enforcer.removeGroupingPolicy(childRole, parentRole);
-        if (deleted)
-            await enforcer.savePolicy();
-        return deleted;
-    }
-    // ==================== USER/ROLE DELETION ====================
-    async deleteUser(userId) {
-        const enforcer = await this.getEnforcer();
-        const deleted = await enforcer.deleteUser(userId);
-        if (deleted)
-            await enforcer.savePolicy();
-        return deleted;
-    }
-    async deleteRole(role) {
-        const enforcer = await this.getEnforcer();
-        const deleted = await enforcer.deleteRole(role);
-        if (deleted)
-            await enforcer.savePolicy();
-        return deleted;
-    }
-    // ==================== CONVENIENCE METHODS ====================
-    async getCurrentUserRoles() {
-        const userId = this.context.getUserId();
-        if (!userId)
-            return [];
-        return this.getImplicitRolesForUser(userId);
-    }
-    async currentUserHasRole(role) {
-        const roles = await this.getCurrentUserRoles();
-        return roles.includes(role);
-    }
-    async setRolesForUser(userId, roles) {
-        const enforcer = await this.getEnforcer();
-        await enforcer.deleteRolesForUser(userId);
-        for (const role of roles) {
-            await enforcer.addRoleForUser(userId, role);
-        }
-        await enforcer.savePolicy();
-    }
-    // ==================== PERMISSION CHECKING ====================
-    async hasPermission(userId, scope, action) {
-        const enforcer = await this.getEnforcer();
-        return enforcer.enforce(userId, scope, action);
-    }
-    async currentUserHasPermission(scope, action) {
-        const userId = this.context.getUserId();
-        if (!userId)
-            return false;
-        return this.hasPermission(userId, scope, action);
-    }
-    async hasAnyPermission(userId, scopes, action) {
-        const enforcer = await this.getEnforcer();
-        const requests = scopes.map(scope => [userId, scope, action]);
-        const results = await enforcer.batchEnforce(requests);
-        return results.some(allowed => allowed);
-    }
-    async currentUserHasAnyPermission(scopes, action) {
-        const userId = this.context.getUserId();
-        if (!userId)
-            return false;
-        return this.hasAnyPermission(userId, scopes, action);
-    }
-    // ==================== CASBIN.JS FRONTEND SUPPORT ====================
-    async getPermissionsForUserAsCasbinJs(userId) {
-        const enforcer = await this.getEnforcer();
-        const permissions = await enforcer.getImplicitPermissionsForUser(userId);
-        const result = {};
-        for (const [_role, resource, action] of permissions) {
-            result[action] ??= [];
-            if (!result[action].includes(resource)) {
-                result[action].push(resource);
-            }
-        }
-        return result;
-    }
-    async getCurrentUserPermissionsAsCasbinJs() {
-        const userId = this.context.getUserId();
-        if (!userId)
-            return {};
-        return this.getPermissionsForUserAsCasbinJs(userId);
-    }
-};
-CasbinService = __decorate([
-    Transient(RBAC_TOKENS.CasbinService),
-    __param(0, inject(DI_TOKENS.AuthContext)),
-    __param(1, inject(CasbinEnforcerService)),
-    __metadata("design:paramtypes", [Function, CasbinEnforcerService])
-], CasbinService);
-export { CasbinService };
-//# sourceMappingURL=casbin.service.js.map

package/dist/rbac/services/casbin.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"casbin.service.js","sourceRoot":"","sources":["../../../src/rbac/services/casbin.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AAEjD,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAA;AACvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAA;AAEjE;;;;;GAKG;AAEI,IAAM,aAAa,GAAnB,MAAM,aAAa;IAGH;IAEA;IAJrB,YAEqB,OAAoB,EAEpB,eAAsC;QAFtC,YAAO,GAAP,OAAO,CAAa;QAEpB,oBAAe,GAAf,eAAe,CAAuB;IACxD,CAAC;IAEM,KAAK,CAAC,WAAW;QACzB,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CAAA;IAC3C,CAAC;IAED,iEAAiE;IAEjE,KAAK,CAAC,cAAc,CAAC,MAAc,EAAE,IAAY;QAC/C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;QACzD,IAAI,KAAK;YAAE,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QACtC,OAAO,KAAK,CAAA;IACd,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,MAAc,EAAE,IAAY;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,iBAAiB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;QAC9D,IAAI,OAAO;YAAE,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QACxC,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,MAAc;QACrC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;QACzD,IAAI,OAAO;YAAE,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QACxC,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,MAAc;QAClC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,OAAO,QAAQ,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;IACzC,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,MAAc;QAC1C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,OAAO,QAAQ,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,IAAY;QAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,OAAO,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,CAAA;IACvC,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,IAAY;QACxC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,OAAO,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;IAC/C,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAAc,EAAE,IAAY;QAC/C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,OAAO,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;IAC9C,CAAC;IAED,sEAAsE;IAEtE,KAAK,CAAC,kBAAkB,CAAC,SAAiB,EAAE,UAAkB;QAC5D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QACrE,IAAI,KAAK;YAAE,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QACtC,OAAO,KAAK,CAAA;IACd,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,SAAiB,EAAE,UAAkB;QAC/D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,oBAAoB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAC1E,IAAI,OAAO;YAAE,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QACxC,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,+DAA+D;IAE/D,KAAK,CAAC,UAAU,CAAC,MAAc;QAC7B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;QACjD,IAAI,OAAO;YAAE,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QACxC,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,IAAY;QAC3B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;QAC/C,IAAI,OAAO;YAAE,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;QACxC,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,gEAAgE;IAEhE,KAAK,CAAC,mBAAmB;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAA;QACvC,IAAI,CAAC,MAAM;YAAE,OAAO,EAAE,CAAA;QACtB,OAAO,IAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAA;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,IAAY;QACnC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAA;QAC9C,OAAO,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;IAC7B,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,MAAc,EAAE,KAAe;QACnD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,QAAQ,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;QACzC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;QAC7C,CAAC;QACD,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAA;IAC7B,CAAC;IAED,gEAAgE;IAEhE,KAAK,CAAC,aAAa,CAAC,MAAc,EAAE,KAAa,EAAE,MAAc;QAC/D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,OAAO,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,KAAa,EAAE,MAAc;QAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAA;QACvC,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAA;QACzB,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;IAClD,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,MAAc,EAAE,MAAgB,EAAE,MAAc;QACrE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAA;QAC7D,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;QACrD,OAAO,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,CAAA;IACzC,CAAC;IAED,KAAK,CAAC,2BAA2B,CAAC,MAAgB,EAAE,MAAc;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAA;QACvC,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAA;QACzB,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAA;IACtD,CAAC;IAED,uEAAuE;IAEvE,KAAK,CAAC,+BAA+B,CAAC,MAAc;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;QACzC,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,6BAA6B,CAAC,MAAM,CAAC,CAAA;QAExE,MAAM,MAAM,GAA6B,EAAE,CAAA;QAC3C,KAAK,MAAM,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;YACpD,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACvC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;YAC/B,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAED,KAAK,CAAC,mCAAmC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAA;QACvC,IAAI,CAAC,MAAM;YAAE,OAAO,EAAE,CAAA;QACtB,OAAO,IAAI,CAAC,+BAA+B,CAAC,MAAM,CAAC,CAAA;IACrD,CAAC;CACF,CAAA;AAlKY,aAAa;IADzB,SAAS,CAAC,WAAW,CAAC,aAAa,CAAC;IAGhC,WAAA,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,CAAA;IAE7B,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;+CACM,qBAAqB;GALhD,aAAa,CAkKzB"}

package/dist/rbac/services/index.d.ts

@@ -1,3 +0,0 @@
-export * from './casbin-enforcer.service';
-export * from './casbin.service';
-//# sourceMappingURL=index.d.ts.map

package/dist/rbac/services/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/rbac/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,2BAA2B,CAAA;AACzC,cAAc,kBAAkB,CAAA"}

package/dist/rbac/services/index.js

@@ -1,3 +0,0 @@
-export * from './casbin-enforcer.service';
-export * from './casbin.service';
-//# sourceMappingURL=index.js.map

package/dist/rbac/services/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/rbac/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,2BAA2B,CAAA;AACzC,cAAc,kBAAkB,CAAA"}

package/dist/rbac/tokens.d.ts

@@ -1,10 +0,0 @@
-/**
- * RBAC DI Tokens
- */
-export declare const RBAC_TOKENS: {
-    /** Request-scoped Casbin service with auto context resolution */
-    readonly CasbinService: symbol;
-    /** RBAC module options (model, policies, hierarchy) */
-    readonly Options: symbol;
-};
-//# sourceMappingURL=tokens.d.ts.map

package/dist/rbac/tokens.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../src/rbac/tokens.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,eAAO,MAAM,WAAW;IACtB,iEAAiE;;IAEjE,uDAAuD;;CAE/C,CAAA"}

package/dist/rbac/tokens.js

@@ -1,10 +0,0 @@
-/**
- * RBAC DI Tokens
- */
-export const RBAC_TOKENS = {
-    /** Request-scoped Casbin service with auto context resolution */
-    CasbinService: Symbol.for('stratal:rbac:casbin:service'),
-    /** RBAC module options (model, policies, hierarchy) */
-    Options: Symbol.for('stratal:rbac:options'),
-};
-//# sourceMappingURL=tokens.js.map

package/dist/rbac/tokens.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../../src/rbac/tokens.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,iEAAiE;IACjE,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,6BAA6B,CAAC;IACxD,uDAAuD;IACvD,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,sBAAsB,CAAC;CACnC,CAAA"}

package/dist/rbac/types.d.ts

@@ -1,12 +0,0 @@
-/**
- * Configuration options for the RBAC module
- */
-export interface RbacModuleOptions {
-    /** Casbin PERM model string */
-    model: string;
-    /** Default policies: [role, resource, action][] */
-    defaultPolicies?: readonly (readonly [string, string, string])[];
-    /** Role hierarchy: [childRole, parentRole][] */
-    roleHierarchy?: readonly (readonly [string, string])[];
-}
-//# sourceMappingURL=types.d.ts.map

package/dist/rbac/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/rbac/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,+BAA+B;IAC/B,KAAK,EAAE,MAAM,CAAA;IACb,mDAAmD;IACnD,eAAe,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,EAAE,CAAA;IAChE,gDAAgD;IAChD,aAAa,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,EAAE,CAAA;CACvD"}

package/dist/rbac/types.js

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=types.js.map

package/dist/rbac/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/rbac/types.ts"],"names":[],"mappings":""}