@stratal/framework 0.0.17 → 0.0.19

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stratal/framework",
-  "version": "0.0.17",
+  "version": "0.0.19",
   "type": "module",
   "license": "MIT",
   "author": "Temitayo Fadojutimi",
@@ -26,6 +26,10 @@
       "types": "./dist/index.d.mts",
       "import": "./dist/index.mjs"
     },
+    "./access-control": {
+      "types": "./dist/access-control/index.d.mts",
+      "import": "./dist/access-control/index.mjs"
+    },
     "./auth": {
       "types": "./dist/auth/index.d.mts",
       "import": "./dist/auth/index.mjs"
@@ -46,10 +50,6 @@
       "types": "./dist/guards/index.d.mts",
       "import": "./dist/guards/index.mjs"
     },
-    "./rbac": {
-      "types": "./dist/rbac/index.d.mts",
-      "import": "./dist/rbac/index.mjs"
-    },
     "./package.json": "./package.json"
   },
   "scripts": {
@@ -63,40 +63,40 @@
     "test:coverage": "vitest run --coverage",
     "test:db": "docker compose -f test/docker-compose.yml up -d",
     "typecheck": "yarn tsc --noEmit",
-    "lint": "npx eslint .",
-    "lint:fix": "npx eslint --fix ."
+    "lint": "npx oxlint .",
+    "lint:fix": "npx oxlint --fix ."
   },
   "dependencies": {
-    "@better-auth/core": "^1.5.5",
-    "@faker-js/faker": "^10.3.0",
-    "@zenstackhq/cli": "^3.4.6",
-    "@zenstackhq/orm": "^3.4.6",
-    "better-auth": "^1.5.5",
-    "casbin": "^5.49.0",
+    "@better-auth/core": "^1.6.9",
+    "@faker-js/faker": "^10.4.0",
+    "@zenstackhq/cli": "^3.6.3",
+    "@zenstackhq/orm": "^3.6.3",
+    "better-auth": "^1.6.9",
     "postgres-array": "^3.0.4"
   },
   "peerDependencies": {
     "pg": "^8.0.0",
     "reflect-metadata": "^0.2.2",
-    "stratal": "^0.0.17"
+    "stratal": "^0.0.19"
   },
   "devDependencies": {
-    "@cloudflare/vitest-pool-workers": "^0.13.3",
-    "@cloudflare/workers-types": "4.20260317.1",
+    "@cloudflare/vitest-pool-workers": "^0.15.0",
+    "@cloudflare/workers-types": "4.20260426.1",
     "@stratal/testing": "workspace:^",
-    "@types/node": "^25.5.0",
+    "@types/node": "^25.6.0",
     "@types/pg": "^8.20.0",
-    "@vitest/coverage-istanbul": "~4.1.0",
-    "@vitest/runner": "~4.1.0",
-    "@vitest/snapshot": "~4.1.0",
-    "@zenstackhq/better-auth": "^3.4.6",
+    "@vitest/coverage-istanbul": "~4.1.5",
+    "@vitest/runner": "~4.1.5",
+    "@vitest/snapshot": "~4.1.5",
+    "@zenstackhq/better-auth": "^3.6.3",
     "dotenv-cli": "^11.0.0",
+    "kysely": "0.28.16",
     "pg": "^8.20.0",
     "reflect-metadata": "^0.2.2",
     "stratal": "workspace:*",
-    "tsdown": "^0.21.4",
-    "typescript": "^5.9.3",
-    "vitest": "~4.1.0",
-    "wrangler": "^4.76.0"
+    "tsdown": "^0.21.10",
+    "typescript": "^6.0.3",
+    "vitest": "~4.1.5",
+    "wrangler": "^4.85.0"
   }
 }

package/dist/auth-context-BD2ApWg1.d.mts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-context-BD2ApWg1.d.mts","names":[],"sources":["../src/context/auth-context.ts"],"mappings":";UAMiB,QAAA;EACf,MAAA;AAAA;AAAA,cAIW,WAAA;EAAA,UACD,MAAA;EALJ;AAGR;;;EAQE,cAAA,CAAe,IAAA,EAAM,QAAA;EANX;;;;EAcV,SAAA,CAAA;EAQA;;;;EAAA,aAAA,CAAA;EA+BgB;;;EApBhB,cAAA,CAAA,GAAkB,QAAA;;;;EAYlB,eAAA,CAAA;;;;;EAQA,gBAAA,CAAA;AAAA"}

package/dist/auth-context-CV3Ko1ew.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-context-CV3Ko1ew.mjs","names":[],"sources":["../src/context/auth-context.ts"],"sourcesContent":["import { Transient, DI_TOKENS } from 'stratal/di'\nimport {\n  ContextNotInitializedError,\n  UserNotAuthenticatedError\n} from './errors'\n\nexport interface AuthInfo {\n  userId?: string\n}\n\n@Transient(DI_TOKENS.AuthContext)\nexport class AuthContext {\n  protected userId?: string\n\n  /**\n   * Set authentication context.\n   * This should be called once per request with user information.\n   */\n  setAuthContext(info: AuthInfo): void {\n    this.userId = info.userId\n  }\n\n  /**\n   * Get user ID if available.\n   * Returns undefined if no user is authenticated.\n   */\n  getUserId(): string | undefined {\n    return this.userId\n  }\n\n  /**\n   * Get user ID or throw if not authenticated.\n   * Use this when authentication is required.\n   */\n  requireUserId(): string {\n    const userId = this.getUserId()\n    if (!userId) {\n      throw new UserNotAuthenticatedError()\n    }\n    return userId\n  }\n\n  /**\n   * Get full authentication context or throw if not initialized.\n   */\n  getAuthContext(): AuthInfo {\n    if (!this.userId) {\n      throw new ContextNotInitializedError('Authentication')\n    }\n    return {\n      userId: this.userId\n    }\n  }\n\n  /**\n   * Check if user is authenticated.\n   */\n  isAuthenticated(): boolean {\n    return !!this.userId\n  }\n\n  /**\n   * Clear authentication context.\n   * Useful for testing or cleanup.\n   */\n  clearAuthContext(): void {\n    this.userId = undefined\n  }\n}\n"],"mappings":";;;;AAWO,IAAA,cAAA,MAAM,YAAY;CACvB;;;;;CAMA,eAAe,MAAsB;AACnC,OAAK,SAAS,KAAK;;;;;;CAOrB,YAAgC;AAC9B,SAAO,KAAK;;;;;;CAOd,gBAAwB;EACtB,MAAM,SAAS,KAAK,WAAW;AAC/B,MAAI,CAAC,OACH,OAAM,IAAI,2BAA2B;AAEvC,SAAO;;;;;CAMT,iBAA2B;AACzB,MAAI,CAAC,KAAK,OACR,OAAM,IAAI,2BAA2B,iBAAiB;AAExD,SAAO,EACL,QAAQ,KAAK,QACd;;;;;CAMH,kBAA2B;AACzB,SAAO,CAAC,CAAC,KAAK;;;;;;CAOhB,mBAAyB;AACvB,OAAK,SAAS,KAAA;;;0BAxDjB,UAAU,UAAU,YAAY,CAAA,EAAA,YAAA"}

package/dist/decorateParam-CcTvpNsw.mjs

@@ -1,8 +0,0 @@
-//#region \0@oxc-project+runtime@0.115.0/helpers/decorateParam.js
-function __decorateParam(paramIndex, decorator) {
-	return function(target, key) {
-		decorator(target, key, paramIndex);
-	};
-}
-//#endregion
-export { __decorateParam as t };

package/dist/index-eukGTmI8.d.mts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index-eukGTmI8.d.mts","names":[],"sources":["../src/database/database.module.ts","../src/database/database.service.ts","../src/database/database.tokens.ts","../src/database/decorators/inject-db.decorator.ts","../src/database/errors/database-error.ts","../src/database/errors/database-config.error.ts","../src/database/errors/foreign-key-constraint.error.ts","../src/database/errors/invalid-error-code-range.error.ts","../src/database/errors/record-not-found.error.ts","../src/database/errors/unique-constraint.error.ts","../src/database/errors/from-zenstack-error.ts","../src/database/event-types.ts","../src/database/i18n/en.ts","../src/database/plugins/error-handler.plugin.ts","../src/database/plugins/event-emitter.plugin.ts","../src/database/plugins/schema-switcher.plugin.ts","../src/database/commands/zenstack.command.ts","../src/database/commands/db-generate.command.ts","../src/database/commands/db-pull.command.ts","../src/database/commands/db-push.command.ts","../src/database/commands/migrate-deploy.command.ts","../src/database/commands/migrate-dev.command.ts","../src/database/commands/migrate-reset.command.ts","../src/database/commands/migrate-status.command.ts"],"mappings":";;;;;;;;;;;;UAyBiB,wBAAA,gBACA,SAAA,GAAY,SAAA,eACd,cAAA,GAAiB,cAAA;EAE9B,IAAA,EAAM,IAAA;EACN,MAAA,EAAQ,MAAA;EACR,OAAA,QAAe,OAAA;EACf,OAAA,GAAU,SAAA;AAAA;AAAA,UAGK,oBAAA;EACf,OAAA,EAAS,qBAAA;EACT,WAAA,EAAa,wBAAA;AAAA;AAAA,cAcF,cAAA,YAA0B,YAAA,EAAc,UAAA;EAAA,OAC5C,OAAA,CAAQ,MAAA,EAAQ,oBAAA,GAAuB,aAAA;EAAA,OASvC,YAAA,CAAa,OAAA,EAAS,kBAAA,CAAmB,oBAAA,IAAwB,aAAA;EAaxE,YAAA,CAAa,OAAA,EAAS,aAAA;EAmBtB,UAAA,CAAW,OAAA,EAAS,aAAA;AAAA;;;;;;;;;;;;;AApEtB;;;;KCRY,eAAA,WACA,cAAA,GAAiB,qBAAA,IACzB,cAAA,CACF,qBAAA,CAAsB,CAAA,GACtB,aAAA,CAAc,qBAAA,CAAsB,CAAA;;;cCrBzB,eAAA;EAAA,SAGH,OAAA;EAAA,SAAA,QAAA;AAAA;AAAA,iBAIM,gBAAA,CAAiB,IAAA,EAAM,cAAA;;;iBCHvB,QAAA,CAAS,IAAA,EAAM,cAAA,GAAiB,kBAAA;;;;;;;;;;;cCQnC,aAAA,SAAsB,gBAAA;cAE/B,UAAA,GAAY,WAAA,EACZ,IAAA,GAAM,SAAA,EACN,QAAA,GAAW,MAAA;AAAA;;;cCbF,mBAAA,SAA4B,aAAA;cAC3B,OAAA;AAAA;;;;;;;;;;;;cCQD,yBAAA,SAAkC,aAAA;cACjC,KAAA;AAAA;;;;;;;;;;cCJD,0BAAA,SAAmC,gBAAA;cAClC,IAAA,UAAc,aAAA;AAAA;;;;;;;;;;;;;cCGf,mBAAA,SAA4B,aAAA;cAC3B,OAAA;AAAA;;;;;;;;;;;;;cCDD,qBAAA,SAA8B,aAAA;cAC7B,MAAA;AAAA;;;;;;;;;;;;;;ATWd;;;;;;;;iBUCgB,iBAAA,CAAkB,KAAA,YAAiB,aAAA;;;;;;KCavC,UAAA;;;;KAKA,iBAAA,GAAoB,iBAAA;;;;;;KAO3B,kBAAA,MAAwB,CAAA;EAAY,MAAA;AAAA,IAAoB,OAAA,OAAc,CAAA;;;;;KAM/D,SAAA,GAAY,kBAAA,CAAmB,cAAA;;;;KAS/B,iBAAA,MACL,UAAA,IAAc,SAAA,IAAa,iBAAA,QAC3B,UAAA,IAAc,SAAA,QACd,UAAA,IAAc,iBAAA,KACjB,UAAA;;;AXnCJ;KW4CK,gBAAA,WACO,SAAA,YACA,OAAA,OAAc,CAAA,+BACd,iBAAA,IAEV,CAAA,oBAAqB,UAAA,CAAW,CAAA,EAAG,CAAA,IACnC,CAAA,wBAAyB,cAAA,CAAe,CAAA,EAAG,CAAA,IAC3C,CAAA,oBAAqB,UAAA,CAAW,CAAA,EAAG,CAAA,IACnC,CAAA,wBAAyB,cAAA,CAAe,CAAA,EAAG,CAAA,IAC3C,CAAA,oBAAqB,UAAA,CAAW,CAAA,EAAG,CAAA,IACnC,CAAA,wBAAyB,cAAA,CAAe,CAAA,EAAG,CAAA,IAC3C,CAAA,wBAAyB,cAAA,CAAe,CAAA,EAAG,CAAA,IAC3C,CAAA,uBAAwB,aAAA,CAAc,CAAA,EAAG,CAAA,IACzC,CAAA,sBAAuB,YAAA,CAAa,CAAA,EAAG,CAAA,IACvC,CAAA,oBAAqB,UAAA,CAAW,CAAA,EAAG,CAAA,IACnC,CAAA,mBAAoB,SAAA,CAAU,CAAA,EAAG,CAAA,IACjC,CAAA,uBAAwB,aAAA,CAAc,CAAA,EAAG,CAAA,IACzC,CAAA,qBAAsB,WAAA,CAAY,CAAA,EAAG,CAAA;;;;KAMlC,YAAA,gCAA4C,iBAAA,IAC/C,CAAA,SAAU,SAAA,GACR,CAAA,SAAU,OAAA,OAAc,CAAA,sBACxB,gBAAA,CAAiB,CAAA,EAAG,CAAA,EAAG,CAAA;EAAa,IAAA;AAAA,IACpC,CAAA,GACA,gBAAA,CAAiB,CAAA,EAAG,CAAA,EAAG,CAAA;EAAa,KAAA;AAAA,IACpC,CAAA,GACA,gBAAA,CAAiB,CAAA,EAAG,CAAA,EAAG,CAAA;AXrE3B;;;;AAAA,KW6EY,OAAA,WAAkB,SAAA,YAAqB,iBAAA,IACjD,YAAA,CAAa,cAAA,EAAgB,CAAA,EAAG,CAAA,4BAA6B,YAAA,CAAa,cAAA,EAAgB,CAAA,EAAG,CAAA;;;;KAK1F,cAAA,gCAA8C,iBAAA,IACjD,CAAA,SAAU,SAAA,GACR,CAAA,SAAU,OAAA,OAAc,CAAA,sBACxB,CAAA,mEACA,WAAA,CAAY,CAAA,EAAG,CAAA,MACf,CAAA,4BAEA,WAAA,CAAY,CAAA,EAAG,CAAA;;;;;KAQP,SAAA,WAAoB,SAAA,YAAqB,iBAAA,IACnD,cAAA,CAAe,cAAA,EAAgB,CAAA,EAAG,CAAA,4BAA6B,cAAA,CAAe,cAAA,EAAgB,CAAA,EAAG,CAAA;;;;KASvF,UAAA,qBACV,CAAA,gCAAiC,UAAA,wBAAkC,SAAA,qBAA8B,iBAAA;EAC7F,KAAA,EAAO,KAAA;EAAO,KAAA,EAAO,KAAA;EAAO,SAAA,EAAW,EAAA;EAAI,IAAA;AAAA,IAC7C,CAAA,gCAAiC,UAAA,qBACjC,MAAA,SAAe,SAAA;EACb,KAAA,EAAO,KAAA;EAAO,KAAA,EAAO,MAAA;EAAQ,IAAA;AAAA,IAC/B,MAAA,SAAe,iBAAA;EACb,KAAA,EAAO,KAAA;EAAO,SAAA,EAAW,MAAA;EAAQ,IAAA;AAAA,YAEnC,CAAA,SAAU,UAAA;EACR,KAAA,EAAO,CAAA;EAAG,IAAA;AAAA;;UAQN,gBAAA;;UAIA,yBAAA,WACE,SAAA,YACA,iBAAA,gBACI,UAAA,UACN,gBAAA;EACR,IAAA,EAAM,KAAA,oBAAyB,OAAA,CAAQ,CAAA,EAAG,CAAA,IAAK,QAAA,CAAS,OAAA,CAAQ,CAAA,EAAG,CAAA;EACnE,MAAA,EAAQ,KAAA,mBAAwB,SAAA,CAAU,CAAA,EAAG,CAAA;AAAA;;UAIrC,yBAAA,eACM,UAAA,UACN,gBAAA;EACR,SAAA,EAAW,iBAAA;EACX,IAAA,EAAM,KAAA,8BAAmC,QAAA;EACzC,MAAA,EAAQ,KAAA;AAAA;;UAIA,6BAAA,eACM,UAAA,UACN,gBAAA;EACR,KAAA,EAAO,SAAA;EACP,IAAA,EAAM,KAAA,8BAAmC,QAAA;EACzC,MAAA,EAAQ,KAAA;AAAA;;UAIA,yBAAA,eACM,UAAA,UACN,gBAAA;EACR,KAAA,EAAO,SAAA;EACP,SAAA,EAAW,iBAAA;EACX,IAAA,EAAM,KAAA,8BAAmC,QAAA;EACzC,MAAA,EAAQ,KAAA;AAAA;;;AT5MV;KSsNK,oBAAA,qBACH,UAAA,CAAW,CAAA;EACT,KAAA,kBAAuB,UAAA;EACvB,KAAA,kBAAuB,SAAA;EACvB,SAAA,kBAA2B,iBAAA;EAC3B,IAAA;AAAA,IAEA,yBAAA,CAA0B,CAAA,EAAG,CAAA,EAAG,CAAA,IAChC,UAAA,CAAW,CAAA;EACX,KAAA,kBAAuB,UAAA;EACvB,KAAA,mBAAwB,SAAA;EACxB,IAAA;AAAA,IAEA,yBAAA,CAA0B,CAAA,IAC1B,UAAA,CAAW,CAAA;EACX,KAAA,kBAAuB,UAAA;EACvB,SAAA,mBAA4B,iBAAA;EAC5B,IAAA;AAAA,IAEA,6BAAA,CAA8B,CAAA,IAC9B,UAAA,CAAW,CAAA;EAAa,KAAA,kBAAuB,UAAA;EAAY,IAAA;AAAA,IAC3D,yBAAA,CAA0B,CAAA,IAC1B,gBAAA;;;;;;;;APhOJ;;;;;KOkPY,cAAA,WACJ,iBAAA,GAAoB,oBAAA,CAAqB,CAAA;AAAA;EAAA,UAQrC,mBAAA,SAA4B,cAAA;AAAA;;;cCvQ3B,YAAA;EAAA;;;;;;;;;YAWD,WAAA;IACR,QAAA,SAAiB,YAAA;EAAA;AAAA;;;;;;;;;;;;;AZarB;caVa,kBAAA,YAA8B,aAAA,CAAc,WAAA,EAAW,MAAA,mBAAyB,MAAA;EAAA,SAClF,EAAA;EAET,OAAA;IAAiB,IAAA;IAAA;EAAA;IACf,IAAA,EAAM,MAAA;IACN,OAAA,GAAU,IAAA,EAAM,MAAA,kCAAwC,OAAA;EAAA,MACtD,OAAA;AAAA;;;UCjBW,yBAAA;EACf,aAAA,EAAe,cAAA;AAAA;;;;;;;AdoBjB;;;;;;;;;;;;;ccEa,kBAAA,YAA8B,aAAA,CAAc,WAAA,EAAW,MAAA,mBAAyB,MAAA;EAAA,QAGvE,OAAA;EAAA,SAFX,EAAA;cAEW,OAAA,EAAS,yBAAA;EAE7B,OAAA;IAAiB,KAAA;IAAA,SAAA;IAAA,IAAA;IAAA;EAAA;IACf,KAAA;IACA,SAAA;IACA,IAAA,EAAM,MAAA;IACN,OAAA,GAAU,IAAA,EAAM,MAAA,kCAAwC,OAAA;EAAA,MACtD,OAAA;AAAA;;;UClCW,2BAAA;EACf,UAAA;AAAA;;;;;;;;AfqBF;;;;;;;ceJa,oBAAA,YAAgC,aAAA,CAAc,WAAA,EAAW,MAAA,mBAAyB,MAAA;EAAA,QAGzE,OAAA;EAAA,SAFX,EAAA;cAEW,OAAA,EAAS,2BAAA;EAE7B,OAAA;IAAiB,IAAA;IAAA,OAAA;IAAA;EAAA;IACf,IAAA,EAAM,MAAA;IACN,OAAA,GAAU,IAAA,EAAM,MAAA,kCAAwC,OAAA;IACxD,MAAA;MAAU,iBAAA,GAAoB,GAAA,aAAgB,OAAA;IAAA;EAAA,MAC5C,OAAA;AAAA;;;;;;;uBCxBgB,eAAA,SAAwB,OAAA;EAAA,UAC5B,QAAA,CAAS,IAAA,aAAiB,OAAA;AAAA;;;cCL/B,iBAAA,SAA0B,eAAA;EAAA,OAC9B,OAAA;EAAA,OACA,WAAA;EAED,MAAA,CAAA,GAAU,OAAA;AAAA;;;cCJL,aAAA,SAAsB,eAAA;EAAA,OAC1B,OAAA;EAAA,OACA,WAAA;EAED,MAAA,CAAA,GAAU,OAAA;AAAA;;;cCJL,aAAA,SAAsB,eAAA;EAAA,OAC1B,OAAA;EAAA,OACA,WAAA;EAED,MAAA,CAAA,GAAU,OAAA;AAAA;;;cCJL,oBAAA,SAA6B,eAAA;EAAA,OACjC,OAAA;EAAA,OACA,WAAA;EAED,MAAA,CAAA,GAAU,OAAA;AAAA;;;cCJL,iBAAA,SAA0B,eAAA;EAAA,OAC9B,OAAA;EAAA,OACA,WAAA;EAED,MAAA,CAAA,GAAU,OAAA;AAAA;;;cCJL,mBAAA,SAA4B,eAAA;EAAA,OAChC,OAAA;EAAA,OACA,WAAA;EAED,MAAA,CAAA,GAAU,OAAA;AAAA;;;cCJL,oBAAA,SAA6B,eAAA;EAAA,OACjC,OAAA;EAAA,OACA,WAAA;EAED,MAAA,CAAA,GAAU,OAAA;AAAA"}

package/dist/rbac/index.d.mts

@@ -1,206 +0,0 @@
-import { t as AuthContext } from "../auth-context-BD2ApWg1.mjs";
-import { AsyncModuleOptions, DynamicModule } from "stratal/module";
-import { ApplicationError } from "stratal/errors";
-import { Adapter, Enforcer, Model } from "casbin";
-
-//#region src/rbac/constants.d.ts
-/**
- * RBAC Constants
- */
-declare const RBAC_CONTEXT_KEYS: {
-  /** Key for storing required authorization scopes (permissions) in context */readonly AUTH_SCOPES: symbol;
-};
-//#endregion
-//#region src/rbac/errors/insufficient-permissions.error.d.ts
-/**
- * InsufficientPermissionsError
- *
- * Thrown when a user attempts to perform an action without the required permissions.
- * This error is used by the auth guard after authorization check fails.
- *
- * HTTP Status: 403 Forbidden
- * Error Code: 3102 (AUTHZ.INSUFFICIENT_PERMISSIONS)
- */
-declare class InsufficientPermissionsError extends ApplicationError {
-  constructor(requiredScopes: string[], userId?: string);
-}
-//#endregion
-//#region src/rbac/adapters/custom-zenstack-adapter.d.ts
-/**
- * Minimal interface for the database client used by the adapter.
- * The actual DatabaseService extends ZenStackClient which provides these methods
- * when the schema includes a `casbinRule` model.
- */
-interface CasbinDbClient {
-  casbinRule: {
-    findMany(args?: {
-      where?: Record<string, unknown>;
-    }): Promise<unknown[]>;
-    create(args: {
-      data: CasbinRuleCreateInput;
-    }): Promise<unknown>;
-    createMany(args: {
-      data: CasbinRuleCreateInput[];
-    }): Promise<unknown>;
-    deleteMany(args: {
-      where: CasbinRuleCreateInput;
-    }): Promise<{
-      count: number;
-    }>;
-  };
-  $executeRawUnsafe(query: string, ...values: unknown[]): Promise<unknown>;
-}
-interface CasbinRuleCreateInput {
-  ptype: string;
-  v0?: string | null;
-  v1?: string | null;
-  v2?: string | null;
-  v3?: string | null;
-  v4?: string | null;
-  v5?: string | null;
-}
-/**
- * Custom ZenStack adapter for Casbin that works with Cloudflare Workers.
- *
- * Based on the original casbin-prisma-adapter but modified to:
- * - Work with ZenStack v3 ORM clients
- * - Avoid bundling errors in Cloudflare Workers
- * - Accept pre-connected ZenStack clients (request-scoped)
- */
-declare class CustomZenStackAdapter implements Adapter {
-  #private;
-  filtered: boolean;
-  isFiltered(): boolean;
-  enableFiltered(enabled: boolean): void;
-  constructor(db: CasbinDbClient);
-  loadPolicy(model: Model): Promise<void>;
-  loadFilteredPolicy(model: Model, filter: Record<string, string[][]>): Promise<void>;
-  savePolicy(model: Model): Promise<boolean>;
-  addPolicy(_sec: string, ptype: string, rule: string[]): Promise<void>;
-  addPolicies(_sec: string, ptype: string, rules: string[][]): Promise<void>;
-  removePolicy(_sec: string, ptype: string, rule: string[]): Promise<void>;
-  removePolicies(_sec: string, ptype: string, rules: string[][]): Promise<void>;
-  removeFilteredPolicy(_sec: string, ptype: string, fieldIndex: number, ...fieldValues: string[]): Promise<void>;
-  close(): Promise<void>;
-  static newAdapter(db: CasbinDbClient): CustomZenStackAdapter;
-}
-//#endregion
-//#region src/rbac/types.d.ts
-/**
- * Configuration options for the RBAC module
- */
-interface RbacModuleOptions {
-  /** Casbin PERM model string */
-  model: string;
-  /** Default policies: [role, resource, action][] */
-  defaultPolicies?: readonly (readonly [string, string, string])[];
-  /** Role hierarchy: [childRole, parentRole][] */
-  roleHierarchy?: readonly (readonly [string, string])[];
-}
-//#endregion
-//#region src/rbac/services/casbin-enforcer.service.d.ts
-/**
- * CasbinEnforcerService
- *
- * Manages the Casbin enforcer instance for authorization.
- * Model, default policies, and role hierarchy are provided via DI options.
- */
-declare class CasbinEnforcerService {
-  protected readonly db: CasbinDbClient;
-  protected readonly options: RbacModuleOptions;
-  protected enforcer: Enforcer | null;
-  constructor(db: CasbinDbClient, options: RbacModuleOptions);
-  /**
-   * Get or create the enforcer instance
-   */
-  getEnforcer(): Promise<Enforcer>;
-  /**
-   * Create a new enforcer instance.
-   * Can be overridden by subclasses to customize enforcer creation.
-   */
-  protected createEnforcer(): Promise<Enforcer>;
-  /**
-   * Seed default policies into database
-   */
-  seedPolicies(): Promise<void>;
-  /**
-   * Clear cached enforcer instance
-   */
-  clearCache(): void;
-  /**
-   * Seed role hierarchy into database
-   */
-  seedRoleHierarchy(): Promise<void>;
-}
-//#endregion
-//#region src/rbac/services/casbin.service.d.ts
-/**
- * CasbinService
- *
- * Request-scoped service that provides the full Casbin RBAC API.
- * Uses AuthContext to get the current user.
- */
-declare class CasbinService {
-  protected readonly context: AuthContext;
-  protected readonly enforcerService: CasbinEnforcerService;
-  constructor(context: AuthContext, enforcerService: CasbinEnforcerService);
-  protected getEnforcer(): Promise<Enforcer>;
-  addRoleForUser(userId: string, role: string): Promise<boolean>;
-  deleteRoleForUser(userId: string, role: string): Promise<boolean>;
-  deleteRolesForUser(userId: string): Promise<boolean>;
-  getRolesForUser(userId: string): Promise<string[]>;
-  getImplicitRolesForUser(userId: string): Promise<string[]>;
-  getUsersForRole(role: string): Promise<string[]>;
-  getImplicitUsersForRole(role: string): Promise<string[]>;
-  hasRoleForUser(userId: string, role: string): Promise<boolean>;
-  addRoleInheritance(childRole: string, parentRole: string): Promise<boolean>;
-  deleteRoleInheritance(childRole: string, parentRole: string): Promise<boolean>;
-  deleteUser(userId: string): Promise<boolean>;
-  deleteRole(role: string): Promise<boolean>;
-  getCurrentUserRoles(): Promise<string[]>;
-  currentUserHasRole(role: string): Promise<boolean>;
-  setRolesForUser(userId: string, roles: string[]): Promise<void>;
-  hasPermission(userId: string, scope: string, action: string): Promise<boolean>;
-  currentUserHasPermission(scope: string, action: string): Promise<boolean>;
-  hasAnyPermission(userId: string, scopes: string[], action: string): Promise<boolean>;
-  currentUserHasAnyPermission(scopes: string[], action: string): Promise<boolean>;
-  getPermissionsForUserAsCasbinJs(userId: string): Promise<Record<string, string[]>>;
-  getCurrentUserPermissionsAsCasbinJs(): Promise<Record<string, string[]>>;
-}
-//#endregion
-//#region src/rbac/rbac.module.d.ts
-/**
- * RBAC Module
- *
- * Provides role-based access control using Casbin.
- * Fully configurable — no hardcoded roles, policies, or model.
- *
- * @example
- * ```typescript
- * @Module({
- *   imports: [
- *     RbacModule.forRoot({
- *       model: MY_RBAC_MODEL,
- *       defaultPolicies: [['admin', 'users:*', '.*']],
- *       roleHierarchy: [['super_admin', 'admin']],
- *     })
- *   ]
- * })
- * ```
- */
-declare class RbacModule {
-  static forRoot(options: RbacModuleOptions): DynamicModule;
-  static forRootAsync(options: AsyncModuleOptions<RbacModuleOptions>): DynamicModule;
-}
-//#endregion
-//#region src/rbac/tokens.d.ts
-/**
- * RBAC DI Tokens
- */
-declare const RBAC_TOKENS: {
-  /** Request-scoped Casbin service with auto context resolution */readonly CasbinService: symbol; /** RBAC module options (model, policies, hierarchy) */
-  readonly Options: symbol;
-};
-//#endregion
-export { CasbinEnforcerService, CasbinService, CustomZenStackAdapter, InsufficientPermissionsError, RBAC_CONTEXT_KEYS, RBAC_TOKENS, RbacModule, type RbacModuleOptions };
-//# sourceMappingURL=index.d.mts.map

package/dist/rbac/index.d.mts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.mts","names":[],"sources":["../../src/rbac/constants.ts","../../src/rbac/errors/insufficient-permissions.error.ts","../../src/rbac/adapters/custom-zenstack-adapter.ts","../../src/rbac/types.ts","../../src/rbac/services/casbin-enforcer.service.ts","../../src/rbac/services/casbin.service.ts","../../src/rbac/rbac.module.ts","../../src/rbac/tokens.ts"],"mappings":";;;;;;;;;cAGa,iBAAA;wFAGH,WAAA;AAAA;;;;;;;;AAHV;;;;cCQa,4BAAA,SAAqC,gBAAA;cACpC,cAAA,YAA0B,MAAA;AAAA;;;;;;;;UCHvB,cAAA;EACf,UAAA;IACE,QAAA,CAAS,IAAA;MAAS,KAAA,GAAQ,MAAA;IAAA,IAA4B,OAAA;IACtD,MAAA,CAAO,IAAA;MAAQ,IAAA,EAAM,qBAAA;IAAA,IAA0B,OAAA;IAC/C,UAAA,CAAW,IAAA;MAAQ,IAAA,EAAM,qBAAA;IAAA,IAA4B,OAAA;IACrD,UAAA,CAAW,IAAA;MAAQ,KAAA,EAAO,qBAAA;IAAA,IAA0B,OAAA;MAAU,KAAA;IAAA;EAAA;EAEhE,iBAAA,CAAkB,KAAA,aAAkB,MAAA,cAAoB,OAAA;AAAA;AAAA,UAGhD,qBAAA;EACR,KAAA;EACA,EAAA;EACA,EAAA;EACA,EAAA;EACA,EAAA;EACA,EAAA;EACA,EAAA;AAAA;;;;;;;;;cAsBW,qBAAA,YAAiC,OAAA;EAAA;EAG5C,QAAA;EAEO,UAAA,CAAA;EAIA,cAAA,CAAe,OAAA;cAIV,EAAA,EAAI,cAAA;EAIV,UAAA,CAAW,KAAA,EAAO,KAAA,GAAQ,OAAA;EAQ1B,kBAAA,CACJ,KAAA,EAAO,KAAA,EACP,MAAA,EAAQ,MAAA,uBACP,OAAA;EA0BG,UAAA,CAAW,KAAA,EAAO,KAAA,GAAQ,OAAA;EAyB1B,SAAA,CAAU,IAAA,UAAc,KAAA,UAAe,IAAA,aAAiB,OAAA;EAKxD,WAAA,CACJ,IAAA,UACA,KAAA,UACA,KAAA,eACC,OAAA;EAWG,YAAA,CACJ,IAAA,UACA,KAAA,UACA,IAAA,aACC,OAAA;EAKG,cAAA,CACJ,IAAA,UACA,KAAA,UACA,KAAA,eACC,OAAA;EAWG,oBAAA,CACJ,IAAA,UACA,KAAA,UACA,UAAA,aACG,WAAA,aACF,OAAA;EA0BG,KAAA,CAAA,GAAS,OAAA;EAAA,OAIR,UAAA,CAAW,EAAA,EAAI,cAAA,GAAiB,qBAAA;AAAA;;;;;;UC3MxB,iBAAA;;EAEf,KAAA;EHFW;EGIX,eAAA;;EAEA,aAAA;AAAA;;;;;;AHNF;;;cIWa,qBAAA;EAAA,mBAKU,EAAA,EAAI,cAAA;EAAA,mBAEJ,OAAA,EAAS,iBAAA;EAAA,UANpB,QAAA,EAAU,QAAA;cAIC,EAAA,EAAI,cAAA,EAEJ,OAAA,EAAS,iBAAA;EHVnB;;;EGgBL,WAAA,CAAA,GAAe,OAAA,CAAQ,QAAA;EHhBmB;;;;EAAA,UGyBhC,cAAA,CAAA,GAAkB,OAAA,CAAQ,QAAA;EHxBW;;;EGoC/C,YAAA,CAAA,GAAgB,OAAA;EFvCP;;;EEqDf,UAAA,CAAA;EFnDwD;;;EE0DlD,iBAAA,CAAA,GAAqB,OAAA;AAAA;;;;;;AJlE7B;;;cKWa,aAAA;EAAA,mBAGU,OAAA,EAAS,WAAA;EAAA,mBAET,eAAA,EAAiB,qBAAA;cAFjB,OAAA,EAAS,WAAA,EAET,eAAA,EAAiB,qBAAA;EAAA,UAGtB,WAAA,CAAA,GAAe,OAAA,CAAQ,QAAA;EAMjC,cAAA,CAAe,MAAA,UAAgB,IAAA,WAAe,OAAA;EAO9C,iBAAA,CAAkB,MAAA,UAAgB,IAAA,WAAe,OAAA;EAOjD,kBAAA,CAAmB,MAAA,WAAiB,OAAA;EAOpC,eAAA,CAAgB,MAAA,WAAiB,OAAA;EAKjC,uBAAA,CAAwB,MAAA,WAAiB,OAAA;EAKzC,eAAA,CAAgB,IAAA,WAAe,OAAA;EAK/B,uBAAA,CAAwB,IAAA,WAAe,OAAA;EAKvC,cAAA,CAAe,MAAA,UAAgB,IAAA,WAAe,OAAA;EAO9C,kBAAA,CAAmB,SAAA,UAAmB,UAAA,WAAqB,OAAA;EAO3D,qBAAA,CAAsB,SAAA,UAAmB,UAAA,WAAqB,OAAA;EAS9D,UAAA,CAAW,MAAA,WAAiB,OAAA;EAO5B,UAAA,CAAW,IAAA,WAAe,OAAA;EAS1B,mBAAA,CAAA,GAAuB,OAAA;EAMvB,kBAAA,CAAmB,IAAA,WAAe,OAAA;EAKlC,eAAA,CAAgB,MAAA,UAAgB,KAAA,aAAkB,OAAA;EAWlD,aAAA,CAAc,MAAA,UAAgB,KAAA,UAAe,MAAA,WAAiB,OAAA;EAK9D,wBAAA,CAAyB,KAAA,UAAe,MAAA,WAAiB,OAAA;EAMzD,gBAAA,CAAiB,MAAA,UAAgB,MAAA,YAAkB,MAAA,WAAiB,OAAA;EAOpE,2BAAA,CAA4B,MAAA,YAAkB,MAAA,WAAiB,OAAA;EAQ/D,+BAAA,CAAgC,MAAA,WAAiB,OAAA,CAAQ,MAAA;EAezD,mCAAA,CAAA,GAAuC,OAAA,CAAQ,MAAA;AAAA;;;;;;;ALxKvD;;;;;;;;ACQA;;;;;;;cKqBa,UAAA;EAAA,OACJ,OAAA,CAAQ,OAAA,EAAS,iBAAA,GAAoB,aAAA;EAAA,OASrC,YAAA,CAAa,OAAA,EAAS,kBAAA,CAAmB,iBAAA,IAAqB,aAAA;AAAA;;;;;;cCvC1D,WAAA;4EAKH,aAAA,UPLG;EAAA,SOKH,OAAA;AAAA"}