@stratal/framework 0.0.18 → 0.0.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/access-control/index.d.mts +180 -0
- package/dist/access-control/index.d.mts.map +1 -0
- package/dist/access-control/index.mjs +71 -0
- package/dist/access-control/index.mjs.map +1 -0
- package/dist/access.service-BjYVtUJw.mjs +145 -0
- package/dist/access.service-BjYVtUJw.mjs.map +1 -0
- package/dist/auth/index.d.mts +122 -4
- package/dist/auth/index.d.mts.map +1 -1
- package/dist/auth/index.mjs +237 -65
- package/dist/auth/index.mjs.map +1 -1
- package/dist/{auth-context-BD2ApWg1.d.mts → auth-context-BXSkiJ56.d.mts} +14 -1
- package/dist/auth-context-BXSkiJ56.d.mts.map +1 -0
- package/dist/{auth-context-BfekHvM9.mjs → auth-context-BberoPal.mjs} +25 -4
- package/dist/auth-context-BberoPal.mjs.map +1 -0
- package/dist/context/index.d.mts +1 -1
- package/dist/context/index.mjs +2 -2
- package/dist/database/index.d.mts +3 -3
- package/dist/database/index.mjs +49 -43
- package/dist/database/index.mjs.map +1 -1
- package/dist/{decorate-C12QolJF.mjs → decorate-CdfCRvAc.mjs} +1 -1
- package/dist/{decorateMetadata-rWbWGUuO.mjs → decorateMetadata-CqtSx3_1.mjs} +1 -1
- package/dist/decorateParam-Dc5DGEpb.mjs +18 -0
- package/dist/decorateParam-Dc5DGEpb.mjs.map +1 -0
- package/dist/{errors-C_KIIU1v.mjs → errors-B1vVXc1T.mjs} +1 -1
- package/dist/{errors-C_KIIU1v.mjs.map → errors-B1vVXc1T.mjs.map} +1 -1
- package/dist/factory/index.d.mts +1 -1
- package/dist/guards/index.d.mts +7 -6
- package/dist/guards/index.d.mts.map +1 -1
- package/dist/guards/index.mjs +38 -29
- package/dist/guards/index.mjs.map +1 -1
- package/dist/{index-B1iGBJcO.d.mts → index-CpFBG0Ws.d.mts} +23 -41
- package/dist/index-CpFBG0Ws.d.mts.map +1 -0
- package/dist/index.d.mts +2 -2
- package/dist/insufficient-permissions.error-CRnOHYvq.mjs +23 -0
- package/dist/insufficient-permissions.error-CRnOHYvq.mjs.map +1 -0
- package/dist/types-BLyu9dAd.d.mts +11 -0
- package/dist/types-BLyu9dAd.d.mts.map +1 -0
- package/dist/types-BZlcRR2M.d.mts +92 -0
- package/dist/types-BZlcRR2M.d.mts.map +1 -0
- package/package.json +22 -22
- package/dist/auth-context-BD2ApWg1.d.mts.map +0 -1
- package/dist/auth-context-BfekHvM9.mjs.map +0 -1
- package/dist/decorateParam-WGqsyT5s.mjs +0 -8
- package/dist/index-B1iGBJcO.d.mts.map +0 -1
- package/dist/rbac/index.d.mts +0 -206
- package/dist/rbac/index.d.mts.map +0 -1
- package/dist/rbac/index.mjs +0 -346
- package/dist/rbac/index.mjs.map +0 -1
- package/dist/tokens-Di1ofovy.mjs +0 -32
- package/dist/tokens-Di1ofovy.mjs.map +0 -1
- package/dist/types-Gjk0d2qB.d.mts +0 -47
- package/dist/types-Gjk0d2qB.d.mts.map +0 -1
package/dist/auth/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","names":[],"sources":["../../src/auth/auth.tokens.ts","../../src/auth/middleware/auth-context.middleware.ts","../../src/auth/middleware/session-verification.middleware.ts","../../src/auth/errors/auth-errors.ts","../../src/auth/errors/invalid-token.error.ts","../../src/auth/errors/token-required.error.ts","../../src/auth/errors/verification-failed.error.ts","../../src/auth/utils/better-auth-error-handler.ts","../../src/auth/utils/auth-helpers.ts","../../src/auth/services/auth.service.ts","../../src/auth/auth.module.ts"],"sourcesContent":["/** Token for AuthService - core authentication service */\nexport const AUTH_SERVICE = Symbol.for('stratal:auth:service')\n\n/** Token for Better Auth options configuration */\nexport const AUTH_OPTIONS = Symbol.for('stratal:auth:options')\n","import { DI_TOKENS, Transient } from 'stratal/di'\nimport type { Middleware, Next, RouterContext } from 'stratal/router'\nimport { AuthContext } from '../../context/auth-context'\n\n/**\n * Auth Context Middleware\n *\n * Registers AuthContext in the request container at the start of each request.\n * This MUST run before SessionVerificationMiddleware and any other middleware\n * that depends on AuthContext.\n */\n@Transient()\nexport class AuthContextMiddleware implements Middleware {\n async handle(ctx: RouterContext, next: Next): Promise<void> {\n const requestContainer = ctx.getContainer()\n\n const authContext = new AuthContext()\n requestContainer.registerValue(DI_TOKENS.AuthContext, authContext)\n\n await next()\n }\n}\n","import { DI_TOKENS, Transient } from 'stratal/di'\nimport { LOGGER_TOKENS, type LoggerService } from 'stratal/logger'\nimport type { Middleware, Next, RouterContext } from 'stratal/router'\nimport { inject } from 'tsyringe'\nimport { type AuthContext } from '../../context/auth-context'\nimport { AUTH_SERVICE } from '../auth.tokens'\nimport type { AuthService } from '../services/auth.service'\n\n/**\n * Session Verification Middleware\n *\n * Verifies user session via Better Auth and populates AuthContext with userId.\n *\n * **Responsibilities:**\n * - Calls Better Auth's getSession() API\n * - Populates AuthContext with userId if session is valid\n * - Continues request chain regardless of session status\n */\n@Transient()\nexport class SessionVerificationMiddleware implements Middleware {\n constructor(\n @inject(AUTH_SERVICE)\n private readonly authService: AuthService,\n @inject(LOGGER_TOKENS.LoggerService) private logger: LoggerService\n ) { }\n\n async handle(ctx: RouterContext, next: Next): Promise<void> {\n try {\n const session = await this.authService.auth.api.getSession({\n headers: ctx.c.req.raw.headers\n })\n\n if (session) {\n const authContext = ctx.getContainer().resolve<AuthContext>(DI_TOKENS.AuthContext)\n authContext.setAuthContext({ userId: session.user.id })\n }\n\n await next()\n } catch (error: unknown) {\n this.logger.debug('Session validation failed (e.g., invalidated in DB)', { error });\n await next()\n }\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class UserNotFoundError extends ApplicationError {\n constructor(email?: string) {\n super('errors.auth.userNotFound', ERROR_CODES.RESOURCE.NOT_FOUND, email ? { email } : undefined)\n }\n}\n\nexport class InvalidCredentialsError extends ApplicationError {\n constructor() {\n super('errors.auth.invalidCredentials', ERROR_CODES.AUTH.INVALID_CREDENTIALS)\n }\n}\n\nexport class InvalidPasswordError extends ApplicationError {\n constructor() {\n super('errors.auth.invalidPassword', ERROR_CODES.AUTH.INVALID_CREDENTIALS)\n }\n}\n\nexport class InvalidEmailError extends ApplicationError {\n constructor(email?: string) {\n super('errors.auth.invalidEmail', ERROR_CODES.VALIDATION.INVALID_FORMAT, email ? { email } : undefined)\n }\n}\n\nexport class SessionExpiredError extends ApplicationError {\n constructor() {\n super('errors.auth.sessionExpired', ERROR_CODES.AUTH.SESSION_EXPIRED)\n }\n}\n\nexport class EmailNotVerifiedError extends ApplicationError {\n constructor(email?: string) {\n super('errors.auth.emailNotVerified', ERROR_CODES.AUTH.EMAIL_NOT_VERIFIED, email ? { email } : undefined)\n }\n}\n\nexport class PasswordTooShortError extends ApplicationError {\n constructor(minLength: number) {\n super('errors.auth.passwordTooShort', ERROR_CODES.AUTH.PASSWORD_TOO_SHORT, { minLength })\n }\n}\n\nexport class PasswordTooLongError extends ApplicationError {\n constructor(maxLength: number) {\n super('errors.auth.passwordTooLong', ERROR_CODES.AUTH.PASSWORD_TOO_LONG, { maxLength })\n }\n}\n\nexport class AccountAlreadyExistsError extends ApplicationError {\n constructor(email?: string) {\n super('errors.auth.accountAlreadyExists', ERROR_CODES.AUTH.ACCOUNT_ALREADY_EXISTS, email ? { email } : undefined)\n }\n}\n\nexport class FailedToCreateUserError extends ApplicationError {\n constructor(reason?: string) {\n super('errors.auth.failedToCreateUser', ERROR_CODES.AUTH.FAILED_TO_CREATE_USER, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToCreateSessionError extends ApplicationError {\n constructor(reason?: string) {\n super('errors.auth.failedToCreateSession', ERROR_CODES.AUTH.FAILED_TO_CREATE_SESSION, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToUpdateUserError extends ApplicationError {\n constructor(reason?: string) {\n super('errors.auth.failedToUpdateUser', ERROR_CODES.AUTH.FAILED_TO_UPDATE_USER, reason ? { reason } : undefined)\n }\n}\n\nexport class SocialAccountLinkedError extends ApplicationError {\n constructor(provider?: string) {\n super('errors.auth.socialAccountLinked', ERROR_CODES.AUTH.SOCIAL_ACCOUNT_LINKED, provider ? { provider } : undefined)\n }\n}\n\nexport class CannotUnlinkLastAccountError extends ApplicationError {\n constructor() {\n super('errors.auth.cannotUnlinkLastAccount', ERROR_CODES.AUTH.CANNOT_UNLINK_LAST_ACCOUNT)\n }\n}\n\nexport class ProviderNotFoundError extends ApplicationError {\n constructor(provider?: string) {\n super('errors.auth.providerNotFound', ERROR_CODES.RESOURCE.NOT_FOUND, provider ? { provider } : undefined)\n }\n}\n\nexport class UserEmailNotFoundError extends ApplicationError {\n constructor() {\n super('errors.auth.userEmailNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n\nexport class AccountNotFoundError extends ApplicationError {\n constructor() {\n super('errors.auth.accountNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n\nexport class CredentialAccountNotFoundError extends ApplicationError {\n constructor() {\n super('errors.auth.credentialAccountNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n\nexport class UserAlreadyHasPasswordError extends ApplicationError {\n constructor() {\n super('errors.auth.userAlreadyHasPassword', ERROR_CODES.RESOURCE.CONFLICT)\n }\n}\n\nexport class EmailCannotBeUpdatedError extends ApplicationError {\n constructor(reason?: string) {\n super('errors.auth.emailCannotBeUpdated', ERROR_CODES.VALIDATION.GENERIC, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToGetSessionError extends ApplicationError {\n constructor(reason?: string) {\n super('errors.auth.failedToGetSession', ERROR_CODES.SYSTEM.INTERNAL_ERROR, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToGetUserInfoError extends ApplicationError {\n constructor(reason?: string) {\n super('errors.auth.failedToGetUserInfo', ERROR_CODES.SYSTEM.INTERNAL_ERROR, reason ? { reason } : undefined)\n }\n}\n\nexport class IdTokenNotSupportedError extends ApplicationError {\n constructor() {\n super('errors.auth.invalidToken', ERROR_CODES.VALIDATION.GENERIC)\n }\n}\n\nexport class TokenExpiredError extends ApplicationError {\n constructor() {\n super('errors.auth.tokenExpired', ERROR_CODES.VALIDATION.GENERIC)\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class InvalidTokenError extends ApplicationError {\n constructor() {\n super('errors.auth.invalidToken', ERROR_CODES.AUTH.INVALID_TOKEN)\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class TokenRequiredError extends ApplicationError {\n constructor() {\n super('errors.auth.tokenRequired', ERROR_CODES.VALIDATION.REQUIRED_FIELD, { field: 'token' })\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class VerificationFailedError extends ApplicationError {\n constructor() {\n super('errors.auth.verificationFailed', ERROR_CODES.AUTH.INVALID_CREDENTIALS)\n }\n}\n","import { type BASE_ERROR_CODES } from '@better-auth/core/error'\nimport { APIError } from 'better-auth/api'\nimport type { ApplicationError } from 'stratal/errors'\nimport { InternalError } from 'stratal/errors'\nimport {\n AccountAlreadyExistsError,\n AccountNotFoundError,\n CannotUnlinkLastAccountError,\n CredentialAccountNotFoundError,\n EmailCannotBeUpdatedError,\n EmailNotVerifiedError,\n FailedToCreateSessionError,\n FailedToCreateUserError,\n FailedToGetSessionError,\n FailedToGetUserInfoError,\n FailedToUpdateUserError,\n IdTokenNotSupportedError,\n InvalidCredentialsError,\n InvalidEmailError,\n InvalidPasswordError,\n InvalidTokenError,\n PasswordTooLongError,\n PasswordTooShortError,\n ProviderNotFoundError,\n SessionExpiredError,\n SocialAccountLinkedError,\n TokenExpiredError,\n UserAlreadyHasPasswordError,\n UserEmailNotFoundError,\n UserNotFoundError,\n} from '../errors'\n\n/**\n * Maps Better Auth API error codes to ApplicationError instances.\n */\nexport function mapBetterAuthError(error: APIError): ApplicationError {\n const errorCode = error.body?.code as keyof typeof BASE_ERROR_CODES | 'TOKEN_EXPIRED' | undefined\n\n if (error.status === 'FOUND') {\n const headers = error.headers as Headers\n const location = headers.get('location') ?? ''\n\n if (location.includes('INVALID_TOKEN')) return new InvalidTokenError()\n if (location.includes('EXPIRED_TOKEN')) return new TokenExpiredError()\n if (location.includes('ATTEMPTS_EXCEEDED')) return new InvalidTokenError()\n if (location.includes('new_user_signup_disabled')) return new UserNotFoundError()\n if (location.includes('failed_to_create_user')) return new FailedToCreateUserError()\n if (location.includes('failed_to_create_session')) return new FailedToCreateSessionError()\n }\n\n if (!errorCode) {\n return new InternalError({\n originalError: `Better Auth error: ${error.message}`,\n stack: error.stack,\n })\n }\n\n // User errors\n if (errorCode === 'USER_NOT_FOUND') return new UserNotFoundError()\n if (errorCode === 'USER_EMAIL_NOT_FOUND') return new UserEmailNotFoundError()\n\n // Credential errors\n if (errorCode === 'INVALID_EMAIL_OR_PASSWORD') return new InvalidCredentialsError()\n if (errorCode === 'INVALID_PASSWORD') return new InvalidPasswordError()\n if (errorCode === 'INVALID_EMAIL') return new InvalidEmailError()\n\n // Session errors\n if (errorCode === 'SESSION_EXPIRED') return new SessionExpiredError()\n if (errorCode === 'FAILED_TO_CREATE_SESSION') return new FailedToCreateSessionError()\n if (errorCode === 'FAILED_TO_GET_SESSION') return new FailedToGetSessionError()\n\n // Email verification\n if (errorCode === 'EMAIL_NOT_VERIFIED') return new EmailNotVerifiedError()\n if (errorCode === 'EMAIL_CAN_NOT_BE_UPDATED') return new EmailCannotBeUpdatedError()\n\n // Password validation\n if (errorCode === 'PASSWORD_TOO_SHORT') return new PasswordTooShortError(8)\n if (errorCode === 'PASSWORD_TOO_LONG') return new PasswordTooLongError(128)\n\n // Account errors\n if (errorCode === 'USER_ALREADY_EXISTS' || errorCode === 'USER_ALREADY_EXISTS_USE_ANOTHER_EMAIL') {\n return new AccountAlreadyExistsError()\n }\n if (errorCode === 'ACCOUNT_NOT_FOUND') return new AccountNotFoundError()\n if (errorCode === 'CREDENTIAL_ACCOUNT_NOT_FOUND') return new CredentialAccountNotFoundError()\n if (errorCode === 'FAILED_TO_UNLINK_LAST_ACCOUNT') return new CannotUnlinkLastAccountError()\n\n // User creation/update errors\n if (errorCode === 'FAILED_TO_CREATE_USER') return new FailedToCreateUserError()\n if (errorCode === 'FAILED_TO_UPDATE_USER') return new FailedToUpdateUserError()\n if (errorCode === 'FAILED_TO_GET_USER_INFO') return new FailedToGetUserInfoError()\n\n // Social account errors\n if (errorCode === 'SOCIAL_ACCOUNT_ALREADY_LINKED') return new SocialAccountLinkedError()\n if (errorCode === 'PROVIDER_NOT_FOUND') return new ProviderNotFoundError()\n\n // Token errors\n if (errorCode === 'ID_TOKEN_NOT_SUPPORTED') return new IdTokenNotSupportedError()\n if (errorCode === 'INVALID_TOKEN') return new IdTokenNotSupportedError()\n if (errorCode === 'TOKEN_EXPIRED') return new TokenExpiredError()\n\n // Password management\n if (errorCode === 'USER_ALREADY_HAS_PASSWORD') return new UserAlreadyHasPasswordError()\n\n // Unknown error code\n return new InternalError({\n originalError: `Better Auth error [${errorCode}]: ${error.message}`,\n stack: error.stack,\n })\n}\n\n/**\n * Type guard to check if an error is a Better Auth APIError.\n * Uses duck typing to handle bundler environments (e.g. Vite)\n * where instanceof may fail across module boundaries.\n */\nexport function isAPIError(error: unknown): error is APIError {\n if (error instanceof APIError) return true\n\n return (\n error instanceof Error\n && error.name === 'APIError'\n && 'status' in error\n && 'statusCode' in error\n )\n}\n","import type { BetterAuthOptions } from 'better-auth'\nimport { isAPIError, mapBetterAuthError } from './better-auth-error-handler'\n\n/**\n * Get shared Better Auth error handler configuration.\n * Use this in Better Auth config's onAPIError option.\n */\nexport function getErrorHandlerConfig(): BetterAuthOptions['onAPIError'] {\n return {\n throw: false,\n onError: (error) => {\n if (isAPIError(error)) {\n throw mapBetterAuthError(error)\n }\n throw error\n },\n }\n}\n\n/**\n * Wrap a Better Auth function in a try/catch block and map errors to ApplicationError.\n */\nexport const wrapBetterAuth = async <T>(fn: () => Promise<T>): Promise<T> => {\n try {\n return await fn()\n } catch (error) {\n if (isAPIError(error)) {\n throw mapBetterAuthError(error)\n }\n throw error\n }\n}\n","import type { Auth, BetterAuthOptions } from 'better-auth'\nimport { betterAuth } from 'better-auth'\nimport { inject } from 'tsyringe'\nimport { Transient } from 'stratal/di'\nimport { AUTH_OPTIONS, AUTH_SERVICE } from '../auth.tokens'\nimport { getErrorHandlerConfig } from '../utils'\n\n/**\n * AuthService\n *\n * Base authentication service using Better Auth.\n * Configured via AuthModule.forRootAsync() from the application layer.\n *\n * **Extensibility:**\n * Extend this class in application layer to add custom methods.\n *\n * @example\n * ```typescript\n * @Transient(AUTH_SERVICE)\n * export class AppAuthService extends AuthService<AuthOptions> {\n * async signInMagicLink(email: string) {\n * return wrapBetterAuth(async () => {\n * return this.auth.api.signInMagicLink({ body: { email }, headers: new Headers() })\n * })\n * }\n * }\n * ```\n */\n@Transient(AUTH_SERVICE)\nexport class AuthService<TOptions extends BetterAuthOptions = BetterAuthOptions> {\n private authInstance: Auth<TOptions>\n\n constructor(\n @inject(AUTH_OPTIONS) protected readonly options: TOptions\n ) {\n this.authInstance = betterAuth({\n ...this.options,\n onAPIError: getErrorHandlerConfig()\n }) as Auth<TOptions>\n }\n\n /**\n * Get the Better Auth instance\n */\n get auth(): Auth<TOptions> {\n return this.authInstance\n }\n}\n","/**\n * Auth Module\n *\n * Provides configurable authentication using Better Auth.\n * Use `forRootAsync` to configure Better Auth options from the application layer.\n *\n * @example\n * ```typescript\n * @Module({\n * imports: [\n * AuthModule.forRootAsync({\n * inject: [DI_TOKENS.Database, CONFIG_TOKENS.ConfigService],\n * useFactory: (db, config) => createAuthOptions(db, config)\n * })\n * ]\n * })\n * export class AppModule {}\n * ```\n */\n\nimport type { BetterAuthOptions } from 'better-auth'\nimport type { RouteConfigurable, Router } from 'stratal/router'\nimport { Module } from 'stratal/module'\nimport type { AsyncModuleOptions, DynamicModule } from 'stratal/module'\nimport { AUTH_OPTIONS, AUTH_SERVICE } from './auth.tokens'\nimport { AuthContextMiddleware } from './middleware/auth-context.middleware'\nimport { SessionVerificationMiddleware } from './middleware/session-verification.middleware'\nimport { AuthService } from './services/auth.service'\n\n@Module({\n providers: []\n})\nexport class AuthModule implements RouteConfigurable {\n /**\n * Configure auth middleware globally.\n *\n * Registers middlewares in order:\n * 1. AuthContextMiddleware - Creates and registers AuthContext in request container\n * 2. SessionVerificationMiddleware - Verifies session and populates AuthContext with userId\n */\n configureRoutes(router: Router): void {\n router.use(AuthContextMiddleware, SessionVerificationMiddleware)\n }\n\n /**\n * Configure AuthModule with async options factory\n */\n static forRootAsync<TOptions extends BetterAuthOptions>(\n options: AsyncModuleOptions<TOptions>\n ): DynamicModule {\n return {\n module: AuthModule,\n providers: [\n {\n provide: AUTH_OPTIONS,\n useFactory: options.useFactory,\n inject: options.inject\n },\n {\n provide: AUTH_SERVICE,\n useClass: AuthService\n }\n ]\n }\n }\n}\n"],"mappings":";;;;;;;;;;;;;AACA,MAAa,eAAe,OAAO,IAAI,uBAAuB;;AAG9D,MAAa,eAAe,OAAO,IAAI,uBAAuB;;;ACQvD,IAAA,wBAAA,MAAM,sBAA4C;CACvD,MAAM,OAAO,KAAoB,MAA2B;EAC1D,MAAM,mBAAmB,IAAI,cAAc;EAE3C,MAAM,cAAc,IAAI,aAAa;AACrC,mBAAiB,cAAc,UAAU,aAAa,YAAY;AAElE,QAAM,MAAM;;;oCARf,WAAW,CAAA,EAAA,sBAAA;;;ACQL,IAAA,gCAAA,MAAM,8BAAoD;CAC/D,YACE,aAEA,QACA;AAFiB,OAAA,cAAA;AAC4B,OAAA,SAAA;;CAG/C,MAAM,OAAO,KAAoB,MAA2B;AAC1D,MAAI;GACF,MAAM,UAAU,MAAM,KAAK,YAAY,KAAK,IAAI,WAAW,EACzD,SAAS,IAAI,EAAE,IAAI,IAAI,SACxB,CAAC;AAEF,OAAI,QACkB,KAAI,cAAc,CAAC,QAAqB,UAAU,YAAY,CACtE,eAAe,EAAE,QAAQ,QAAQ,KAAK,IAAI,CAAC;AAGzD,SAAM,MAAM;WACL,OAAgB;AACvB,QAAK,OAAO,MAAM,uDAAuD,EAAE,OAAO,CAAC;AACnF,SAAM,MAAM;;;;;CAtBjB,WAAW;oBAGP,OAAO,aAAa,CAAA;oBAEpB,OAAO,cAAc,cAAc,CAAA;;;;;ACrBxC,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,YAAY,OAAgB;AAC1B,QAAM,4BAA4B,YAAY,SAAS,WAAW,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAIpG,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,cAAc;AACZ,QAAM,kCAAkC,YAAY,KAAK,oBAAoB;;;AAIjF,IAAa,uBAAb,cAA0C,iBAAiB;CACzD,cAAc;AACZ,QAAM,+BAA+B,YAAY,KAAK,oBAAoB;;;AAI9E,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,YAAY,OAAgB;AAC1B,QAAM,4BAA4B,YAAY,WAAW,gBAAgB,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAI3G,IAAa,sBAAb,cAAyC,iBAAiB;CACxD,cAAc;AACZ,QAAM,8BAA8B,YAAY,KAAK,gBAAgB;;;AAIzE,IAAa,wBAAb,cAA2C,iBAAiB;CAC1D,YAAY,OAAgB;AAC1B,QAAM,gCAAgC,YAAY,KAAK,oBAAoB,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAI7G,IAAa,wBAAb,cAA2C,iBAAiB;CAC1D,YAAY,WAAmB;AAC7B,QAAM,gCAAgC,YAAY,KAAK,oBAAoB,EAAE,WAAW,CAAC;;;AAI7F,IAAa,uBAAb,cAA0C,iBAAiB;CACzD,YAAY,WAAmB;AAC7B,QAAM,+BAA+B,YAAY,KAAK,mBAAmB,EAAE,WAAW,CAAC;;;AAI3F,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,YAAY,OAAgB;AAC1B,QAAM,oCAAoC,YAAY,KAAK,wBAAwB,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAIrH,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,YAAY,QAAiB;AAC3B,QAAM,kCAAkC,YAAY,KAAK,uBAAuB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAIpH,IAAa,6BAAb,cAAgD,iBAAiB;CAC/D,YAAY,QAAiB;AAC3B,QAAM,qCAAqC,YAAY,KAAK,0BAA0B,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAI1H,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,YAAY,QAAiB;AAC3B,QAAM,kCAAkC,YAAY,KAAK,uBAAuB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAIpH,IAAa,2BAAb,cAA8C,iBAAiB;CAC7D,YAAY,UAAmB;AAC7B,QAAM,mCAAmC,YAAY,KAAK,uBAAuB,WAAW,EAAE,UAAU,GAAG,KAAA,EAAU;;;AAIzH,IAAa,+BAAb,cAAkD,iBAAiB;CACjE,cAAc;AACZ,QAAM,uCAAuC,YAAY,KAAK,2BAA2B;;;AAI7F,IAAa,wBAAb,cAA2C,iBAAiB;CAC1D,YAAY,UAAmB;AAC7B,QAAM,gCAAgC,YAAY,SAAS,WAAW,WAAW,EAAE,UAAU,GAAG,KAAA,EAAU;;;AAI9G,IAAa,yBAAb,cAA4C,iBAAiB;CAC3D,cAAc;AACZ,QAAM,iCAAiC,YAAY,SAAS,UAAU;;;AAI1E,IAAa,uBAAb,cAA0C,iBAAiB;CACzD,cAAc;AACZ,QAAM,+BAA+B,YAAY,SAAS,UAAU;;;AAIxE,IAAa,iCAAb,cAAoD,iBAAiB;CACnE,cAAc;AACZ,QAAM,yCAAyC,YAAY,SAAS,UAAU;;;AAIlF,IAAa,8BAAb,cAAiD,iBAAiB;CAChE,cAAc;AACZ,QAAM,sCAAsC,YAAY,SAAS,SAAS;;;AAI9E,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,YAAY,QAAiB;AAC3B,QAAM,oCAAoC,YAAY,WAAW,SAAS,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAI9G,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,YAAY,QAAiB;AAC3B,QAAM,kCAAkC,YAAY,OAAO,gBAAgB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAI/G,IAAa,2BAAb,cAA8C,iBAAiB;CAC7D,YAAY,QAAiB;AAC3B,QAAM,mCAAmC,YAAY,OAAO,gBAAgB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAIhH,IAAa,2BAAb,cAA8C,iBAAiB;CAC7D,cAAc;AACZ,QAAM,4BAA4B,YAAY,WAAW,QAAQ;;;AAIrE,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,cAAc;AACZ,QAAM,4BAA4B,YAAY,WAAW,QAAQ;;;;;AC5IrE,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,cAAc;AACZ,QAAM,4BAA4B,YAAY,KAAK,cAAc;;;;;ACFrE,IAAa,qBAAb,cAAwC,iBAAiB;CACvD,cAAc;AACZ,QAAM,6BAA6B,YAAY,WAAW,gBAAgB,EAAE,OAAO,SAAS,CAAC;;;;;ACFjG,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,cAAc;AACZ,QAAM,kCAAkC,YAAY,KAAK,oBAAoB;;;;;;;;AC+BjF,SAAgB,mBAAmB,OAAmC;CACpE,MAAM,YAAY,MAAM,MAAM;AAE9B,KAAI,MAAM,WAAW,SAAS;EAE5B,MAAM,WADU,MAAM,QACG,IAAI,WAAW,IAAI;AAE5C,MAAI,SAAS,SAAS,gBAAgB,CAAE,QAAO,IAAI,mBAAmB;AACtE,MAAI,SAAS,SAAS,gBAAgB,CAAE,QAAO,IAAI,mBAAmB;AACtE,MAAI,SAAS,SAAS,oBAAoB,CAAE,QAAO,IAAI,mBAAmB;AAC1E,MAAI,SAAS,SAAS,2BAA2B,CAAE,QAAO,IAAI,mBAAmB;AACjF,MAAI,SAAS,SAAS,wBAAwB,CAAE,QAAO,IAAI,yBAAyB;AACpF,MAAI,SAAS,SAAS,2BAA2B,CAAE,QAAO,IAAI,4BAA4B;;AAG5F,KAAI,CAAC,UACH,QAAO,IAAI,cAAc;EACvB,eAAe,sBAAsB,MAAM;EAC3C,OAAO,MAAM;EACd,CAAC;AAIJ,KAAI,cAAc,iBAAkB,QAAO,IAAI,mBAAmB;AAClE,KAAI,cAAc,uBAAwB,QAAO,IAAI,wBAAwB;AAG7E,KAAI,cAAc,4BAA6B,QAAO,IAAI,yBAAyB;AACnF,KAAI,cAAc,mBAAoB,QAAO,IAAI,sBAAsB;AACvE,KAAI,cAAc,gBAAiB,QAAO,IAAI,mBAAmB;AAGjE,KAAI,cAAc,kBAAmB,QAAO,IAAI,qBAAqB;AACrE,KAAI,cAAc,2BAA4B,QAAO,IAAI,4BAA4B;AACrF,KAAI,cAAc,wBAAyB,QAAO,IAAI,yBAAyB;AAG/E,KAAI,cAAc,qBAAsB,QAAO,IAAI,uBAAuB;AAC1E,KAAI,cAAc,2BAA4B,QAAO,IAAI,2BAA2B;AAGpF,KAAI,cAAc,qBAAsB,QAAO,IAAI,sBAAsB,EAAE;AAC3E,KAAI,cAAc,oBAAqB,QAAO,IAAI,qBAAqB,IAAI;AAG3E,KAAI,cAAc,yBAAyB,cAAc,wCACvD,QAAO,IAAI,2BAA2B;AAExC,KAAI,cAAc,oBAAqB,QAAO,IAAI,sBAAsB;AACxE,KAAI,cAAc,+BAAgC,QAAO,IAAI,gCAAgC;AAC7F,KAAI,cAAc,gCAAiC,QAAO,IAAI,8BAA8B;AAG5F,KAAI,cAAc,wBAAyB,QAAO,IAAI,yBAAyB;AAC/E,KAAI,cAAc,wBAAyB,QAAO,IAAI,yBAAyB;AAC/E,KAAI,cAAc,0BAA2B,QAAO,IAAI,0BAA0B;AAGlF,KAAI,cAAc,gCAAiC,QAAO,IAAI,0BAA0B;AACxF,KAAI,cAAc,qBAAsB,QAAO,IAAI,uBAAuB;AAG1E,KAAI,cAAc,yBAA0B,QAAO,IAAI,0BAA0B;AACjF,KAAI,cAAc,gBAAiB,QAAO,IAAI,0BAA0B;AACxE,KAAI,cAAc,gBAAiB,QAAO,IAAI,mBAAmB;AAGjE,KAAI,cAAc,4BAA6B,QAAO,IAAI,6BAA6B;AAGvF,QAAO,IAAI,cAAc;EACvB,eAAe,sBAAsB,UAAU,KAAK,MAAM;EAC1D,OAAO,MAAM;EACd,CAAC;;;;;;;AAQJ,SAAgB,WAAW,OAAmC;AAC5D,KAAI,iBAAiB,SAAU,QAAO;AAEtC,QACE,iBAAiB,SACd,MAAM,SAAS,cACf,YAAY,SACZ,gBAAgB;;;;;;;;ACpHvB,SAAgB,wBAAyD;AACvE,QAAO;EACL,OAAO;EACP,UAAU,UAAU;AAClB,OAAI,WAAW,MAAM,CACnB,OAAM,mBAAmB,MAAM;AAEjC,SAAM;;EAET;;;;;AAMH,MAAa,iBAAiB,OAAU,OAAqC;AAC3E,KAAI;AACF,SAAO,MAAM,IAAI;UACV,OAAO;AACd,MAAI,WAAW,MAAM,CACnB,OAAM,mBAAmB,MAAM;AAEjC,QAAM;;;;;ACAH,IAAA,cAAA,MAAM,YAAoE;CAC/E;CAEA,YACE,SACA;AADyC,OAAA,UAAA;AAEzC,OAAK,eAAe,WAAW;GAC7B,GAAG,KAAK;GACR,YAAY,uBAAuB;GACpC,CAAC;;;;;CAMJ,IAAI,OAAuB;AACzB,SAAO,KAAK;;;;CAjBf,UAAU,aAAa;oBAKnB,OAAO,aAAa,CAAA;;;;;;ACDlB,IAAA,aAAA,cAAA,MAAM,WAAwC;;;;;;;;CAQnD,gBAAgB,QAAsB;AACpC,SAAO,IAAI,uBAAuB,8BAA8B;;;;;CAMlE,OAAO,aACL,SACe;AACf,SAAO;GACL,QAAA;GACA,WAAW,CACT;IACE,SAAS;IACT,YAAY,QAAQ;IACpB,QAAQ,QAAQ;IACjB,EACD;IACE,SAAS;IACT,UAAU;IACX,CACF;GACF;;;uCAlCJ,OAAO,EACN,WAAW,EAAE,EACd,CAAC,CAAA,EAAA,WAAA"}
|
|
1
|
+
{"version":3,"file":"index.mjs","names":["inject","inject"],"sources":["../../src/auth/auth.tokens.ts","../../src/auth/i18n/en.ts","../../src/auth/middleware/auth-context.middleware.ts","../../src/auth/middleware/session-verification.middleware.ts","../../src/auth/errors/auth-errors.ts","../../src/auth/errors/invalid-token.error.ts","../../src/auth/errors/organization-errors.ts","../../src/auth/errors/token-required.error.ts","../../src/auth/errors/verification-failed.error.ts","../../src/auth/utils/better-auth-error-handler.ts","../../src/auth/utils/auth-helpers.ts","../../src/auth/services/auth.service.ts","../../src/auth/auth.module.ts"],"sourcesContent":["/** Token for AuthService - core authentication service */\nexport const AUTH_SERVICE = Symbol.for('stratal:auth:service')\n\n/** Token for Better Auth options configuration */\nexport const AUTH_OPTIONS = Symbol.for('stratal:auth:options')\n","export const authMessages = {\n en: {\n auth: {\n errors: {\n tokenRequired: 'Verification token is required',\n invalidToken: 'Invalid or expired verification token',\n verificationFailed: 'Verification failed. Please try again.',\n userNotFound: 'User not found. Please check your credentials.',\n invalidCredentials: 'Invalid email or password',\n invalidPassword: 'Invalid password',\n invalidEmail: 'Invalid email address',\n sessionExpired: 'Your session has expired. Please sign in again.',\n emailNotVerified: 'Please verify your email address before signing in',\n passwordTooShort: 'Password must be at least {minLength} characters',\n passwordTooLong: 'Password must be at most {maxLength} characters',\n accountAlreadyExists: 'An account with this email already exists',\n failedToCreateUser: 'Failed to create user account. Please try again.',\n failedToCreateSession: 'Failed to create session. Please try again.',\n failedToGetSession: 'Failed to retrieve session. Please try again.',\n failedToUpdateUser: 'Failed to update user information. Please try again.',\n failedToGetUserInfo: 'Failed to retrieve user information. Please try again.',\n socialAccountLinked: 'This social account is already linked to another user',\n providerNotFound: 'Authentication provider not found',\n userEmailNotFound: 'User email address not found',\n accountNotFound: 'Account not found',\n credentialAccountNotFound: 'Credential account not found',\n cannotUnlinkLastAccount: 'Cannot unlink your last account',\n userAlreadyHasPassword: 'User already has a password set',\n emailCannotBeUpdated: 'Email address cannot be updated at this time',\n tokenExpired: 'The verification token has expired. Please request a new verification email.',\n invalidCallbackUrl: 'Invalid callback URL',\n invalidOrigin: 'Request origin is not allowed',\n validationFailed: 'Authentication validation failed',\n emailAlreadyVerified: 'Email address is already verified',\n emailMismatch: 'Email address does not match',\n unknownError: 'An authentication error occurred',\n },\n org: {\n organizationNotFound: 'Organization not found',\n memberNotFound: 'Member not found',\n invitationNotFound: 'Invitation not found',\n permissionDenied: 'You do not have permission to perform this action',\n invitationRecipientMismatch: 'You are not the recipient of this invitation',\n conflict: 'A resource with this identifier already exists',\n limitReached: 'The maximum limit has been reached',\n membershipError: 'This action cannot be performed due to membership constraints',\n teamNotFound: 'Team not found',\n roleNotFound: 'Role not found',\n },\n },\n },\n} as const\n\ndeclare module 'stratal/i18n' {\n interface AppMessageNamespaces {\n auth: typeof authMessages['en']['auth']\n }\n}\n","import { DI_TOKENS, Transient } from 'stratal/di'\nimport type { Middleware, Next, RouterContext } from 'stratal/router'\nimport { AuthContext } from '../../context/auth-context'\n\n/**\n * Auth Context Middleware\n *\n * Registers AuthContext in the request container at the start of each request.\n * This MUST run before SessionVerificationMiddleware and any other middleware\n * that depends on AuthContext.\n */\n@Transient()\nexport class AuthContextMiddleware implements Middleware {\n async handle(ctx: RouterContext, next: Next): Promise<void> {\n const requestContainer = ctx.getContainer()\n\n const authContext = new AuthContext()\n requestContainer.registerValue(DI_TOKENS.AuthContext, authContext)\n\n return next()\n }\n}\n","import { DI_TOKENS, Transient } from 'stratal/di'\nimport { LOGGER_TOKENS, type LoggerService } from 'stratal/logger'\nimport type { Middleware, Next, RouterContext } from 'stratal/router'\nimport { inject } from 'tsyringe'\nimport { type AuthContext } from '../../context/auth-context'\nimport { AUTH_SERVICE } from '../auth.tokens'\nimport type { AuthService } from '../services/auth.service'\n\n/**\n * Session Verification Middleware\n *\n * Verifies user session via Better Auth and populates AuthContext with userId.\n *\n * **Responsibilities:**\n * - Calls Better Auth's getSession() API\n * - Populates AuthContext with userId if session is valid\n * - Continues request chain regardless of session status\n */\n@Transient()\nexport class SessionVerificationMiddleware implements Middleware {\n constructor(\n @inject(AUTH_SERVICE)\n private readonly authService: AuthService,\n @inject(LOGGER_TOKENS.LoggerService) private logger: LoggerService\n ) { }\n\n async handle(ctx: RouterContext, next: Next): Promise<void> {\n try {\n const session = await this.authService.auth.api.getSession({\n headers: ctx.c.req.raw.headers\n })\n\n if (session) {\n const authContext = ctx.getContainer().resolve<AuthContext>(DI_TOKENS.AuthContext)\n authContext.setAuthContext({\n userId: session.user.id,\n role: (session.user as Record<string, unknown>).role as string | undefined,\n })\n }\n } catch (error: unknown) {\n this.logger.debug('Session validation failed (e.g., invalidated in DB)', { error })\n }\n\n return next()\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class UserNotFoundError extends ApplicationError {\n constructor(email?: string) {\n super('auth.errors.userNotFound', ERROR_CODES.RESOURCE.NOT_FOUND, email ? { email } : undefined)\n }\n}\n\nexport class InvalidCredentialsError extends ApplicationError {\n constructor() {\n super('auth.errors.invalidCredentials', ERROR_CODES.AUTH.INVALID_CREDENTIALS)\n }\n}\n\nexport class InvalidPasswordError extends ApplicationError {\n constructor() {\n super('auth.errors.invalidPassword', ERROR_CODES.AUTH.INVALID_CREDENTIALS)\n }\n}\n\nexport class InvalidEmailError extends ApplicationError {\n constructor(email?: string) {\n super('auth.errors.invalidEmail', ERROR_CODES.VALIDATION.INVALID_FORMAT, email ? { email } : undefined)\n }\n}\n\nexport class SessionExpiredError extends ApplicationError {\n constructor() {\n super('auth.errors.sessionExpired', ERROR_CODES.AUTH.SESSION_EXPIRED)\n }\n}\n\nexport class EmailNotVerifiedError extends ApplicationError {\n constructor(email?: string) {\n super('auth.errors.emailNotVerified', ERROR_CODES.AUTH.EMAIL_NOT_VERIFIED, email ? { email } : undefined)\n }\n}\n\nexport class PasswordTooShortError extends ApplicationError {\n constructor(minLength: number) {\n super('auth.errors.passwordTooShort', ERROR_CODES.AUTH.PASSWORD_TOO_SHORT, { minLength })\n }\n}\n\nexport class PasswordTooLongError extends ApplicationError {\n constructor(maxLength: number) {\n super('auth.errors.passwordTooLong', ERROR_CODES.AUTH.PASSWORD_TOO_LONG, { maxLength })\n }\n}\n\nexport class AccountAlreadyExistsError extends ApplicationError {\n constructor(email?: string) {\n super('auth.errors.accountAlreadyExists', ERROR_CODES.AUTH.ACCOUNT_ALREADY_EXISTS, email ? { email } : undefined)\n }\n}\n\nexport class FailedToCreateUserError extends ApplicationError {\n constructor(reason?: string) {\n super('auth.errors.failedToCreateUser', ERROR_CODES.AUTH.FAILED_TO_CREATE_USER, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToCreateSessionError extends ApplicationError {\n constructor(reason?: string) {\n super('auth.errors.failedToCreateSession', ERROR_CODES.AUTH.FAILED_TO_CREATE_SESSION, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToUpdateUserError extends ApplicationError {\n constructor(reason?: string) {\n super('auth.errors.failedToUpdateUser', ERROR_CODES.AUTH.FAILED_TO_UPDATE_USER, reason ? { reason } : undefined)\n }\n}\n\nexport class SocialAccountLinkedError extends ApplicationError {\n constructor(provider?: string) {\n super('auth.errors.socialAccountLinked', ERROR_CODES.AUTH.SOCIAL_ACCOUNT_LINKED, provider ? { provider } : undefined)\n }\n}\n\nexport class CannotUnlinkLastAccountError extends ApplicationError {\n constructor() {\n super('auth.errors.cannotUnlinkLastAccount', ERROR_CODES.AUTH.CANNOT_UNLINK_LAST_ACCOUNT)\n }\n}\n\nexport class ProviderNotFoundError extends ApplicationError {\n constructor(provider?: string) {\n super('auth.errors.providerNotFound', ERROR_CODES.RESOURCE.NOT_FOUND, provider ? { provider } : undefined)\n }\n}\n\nexport class UserEmailNotFoundError extends ApplicationError {\n constructor() {\n super('auth.errors.userEmailNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n\nexport class AccountNotFoundError extends ApplicationError {\n constructor() {\n super('auth.errors.accountNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n\nexport class CredentialAccountNotFoundError extends ApplicationError {\n constructor() {\n super('auth.errors.credentialAccountNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n\nexport class UserAlreadyHasPasswordError extends ApplicationError {\n constructor() {\n super('auth.errors.userAlreadyHasPassword', ERROR_CODES.RESOURCE.CONFLICT)\n }\n}\n\nexport class EmailCannotBeUpdatedError extends ApplicationError {\n constructor(reason?: string) {\n super('auth.errors.emailCannotBeUpdated', ERROR_CODES.VALIDATION.GENERIC, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToGetSessionError extends ApplicationError {\n constructor(reason?: string) {\n super('auth.errors.failedToGetSession', ERROR_CODES.SYSTEM.INTERNAL_ERROR, reason ? { reason } : undefined)\n }\n}\n\nexport class FailedToGetUserInfoError extends ApplicationError {\n constructor(reason?: string) {\n super('auth.errors.failedToGetUserInfo', ERROR_CODES.SYSTEM.INTERNAL_ERROR, reason ? { reason } : undefined)\n }\n}\n\nexport class IdTokenNotSupportedError extends ApplicationError {\n constructor() {\n super('auth.errors.invalidToken', ERROR_CODES.VALIDATION.GENERIC)\n }\n}\n\nexport class TokenExpiredError extends ApplicationError {\n constructor() {\n super('auth.errors.tokenExpired', ERROR_CODES.VALIDATION.GENERIC)\n }\n}\n\nexport class InvalidCallbackUrlError extends ApplicationError {\n constructor() {\n super('auth.errors.invalidCallbackUrl', ERROR_CODES.VALIDATION.INVALID_FORMAT)\n }\n}\n\nexport class InvalidOriginError extends ApplicationError {\n constructor() {\n super('auth.errors.invalidOrigin', ERROR_CODES.AUTHZ.FORBIDDEN)\n }\n}\n\nexport class AuthValidationFailedError extends ApplicationError {\n constructor() {\n super('auth.errors.validationFailed', ERROR_CODES.VALIDATION.GENERIC)\n }\n}\n\nexport class EmailAlreadyVerifiedError extends ApplicationError {\n constructor() {\n super('auth.errors.emailAlreadyVerified', ERROR_CODES.RESOURCE.CONFLICT)\n }\n}\n\nexport class EmailMismatchError extends ApplicationError {\n constructor() {\n super('auth.errors.emailMismatch', ERROR_CODES.VALIDATION.INVALID_FORMAT)\n }\n}\n\nexport class BetterAuthUnknownError extends ApplicationError {\n constructor(errorCode?: string) {\n super('auth.errors.unknownError', ERROR_CODES.SYSTEM.INTERNAL_ERROR, errorCode ? { errorCode } : undefined)\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class InvalidTokenError extends ApplicationError {\n constructor() {\n super('auth.errors.invalidToken', ERROR_CODES.AUTH.INVALID_TOKEN)\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class OrganizationNotFoundError extends ApplicationError {\n constructor() {\n super('auth.org.organizationNotFound', ERROR_CODES.AUTH.ORGANIZATION_NOT_FOUND)\n }\n}\n\nexport class OrganizationMemberNotFoundError extends ApplicationError {\n constructor() {\n super('auth.org.memberNotFound', ERROR_CODES.AUTH.MEMBER_NOT_FOUND)\n }\n}\n\nexport class OrganizationInvitationNotFoundError extends ApplicationError {\n constructor() {\n super('auth.org.invitationNotFound', ERROR_CODES.AUTH.INVITATION_NOT_FOUND)\n }\n}\n\nexport class OrganizationPermissionDeniedError extends ApplicationError {\n constructor() {\n super('auth.org.permissionDenied', ERROR_CODES.AUTHZ.FORBIDDEN)\n }\n}\n\nexport class OrganizationInvitationRecipientMismatchError extends ApplicationError {\n constructor() {\n super('auth.org.invitationRecipientMismatch', ERROR_CODES.AUTH.INVITATION_RECIPIENT_MISMATCH)\n }\n}\n\nexport class OrganizationConflictError extends ApplicationError {\n constructor() {\n super('auth.org.conflict', ERROR_CODES.RESOURCE.CONFLICT)\n }\n}\n\nexport class OrganizationLimitReachedError extends ApplicationError {\n constructor() {\n super('auth.org.limitReached', ERROR_CODES.AUTH.ORGANIZATION_LIMIT_REACHED)\n }\n}\n\nexport class OrganizationMembershipError extends ApplicationError {\n constructor() {\n super('auth.org.membershipError', ERROR_CODES.AUTH.ORGANIZATION_MEMBERSHIP_REQUIRED)\n }\n}\n\nexport class OrganizationTeamNotFoundError extends ApplicationError {\n constructor() {\n super('auth.org.teamNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n\nexport class OrganizationRoleNotFoundError extends ApplicationError {\n constructor() {\n super('auth.org.roleNotFound', ERROR_CODES.RESOURCE.NOT_FOUND)\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class TokenRequiredError extends ApplicationError {\n constructor() {\n super('auth.errors.tokenRequired', ERROR_CODES.VALIDATION.REQUIRED_FIELD, { field: 'token' })\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\nexport class VerificationFailedError extends ApplicationError {\n constructor() {\n super('auth.errors.verificationFailed', ERROR_CODES.AUTH.INVALID_CREDENTIALS)\n }\n}\n","import { APIError } from 'better-auth/api'\nimport type { ApplicationError } from 'stratal/errors'\nimport {\n AccountAlreadyExistsError,\n AccountNotFoundError,\n AuthValidationFailedError,\n BetterAuthUnknownError,\n CannotUnlinkLastAccountError,\n CredentialAccountNotFoundError,\n EmailAlreadyVerifiedError,\n EmailCannotBeUpdatedError,\n EmailMismatchError,\n EmailNotVerifiedError,\n FailedToCreateSessionError,\n FailedToCreateUserError,\n FailedToGetSessionError,\n FailedToGetUserInfoError,\n FailedToUpdateUserError,\n IdTokenNotSupportedError,\n InvalidCallbackUrlError,\n InvalidCredentialsError,\n InvalidEmailError,\n InvalidOriginError,\n InvalidPasswordError,\n InvalidTokenError,\n OrganizationConflictError,\n OrganizationInvitationNotFoundError,\n OrganizationInvitationRecipientMismatchError,\n OrganizationLimitReachedError,\n OrganizationMemberNotFoundError,\n OrganizationMembershipError,\n OrganizationNotFoundError,\n OrganizationPermissionDeniedError,\n OrganizationRoleNotFoundError,\n OrganizationTeamNotFoundError,\n PasswordTooLongError,\n PasswordTooShortError,\n ProviderNotFoundError,\n SessionExpiredError,\n SocialAccountLinkedError,\n TokenExpiredError,\n UserAlreadyHasPasswordError,\n UserEmailNotFoundError,\n UserNotFoundError,\n} from '../errors'\n\n/**\n * Maps Better Auth API error codes to ApplicationError instances.\n */\nexport function mapBetterAuthError(error: APIError): ApplicationError {\n const errorCode = error.body?.code\n\n if (error.status === 'FOUND') {\n const headers = error.headers as Headers\n const location = headers.get('location') ?? ''\n\n if (location.includes('INVALID_TOKEN')) return new InvalidTokenError()\n if (location.includes('EXPIRED_TOKEN')) return new TokenExpiredError()\n if (location.includes('ATTEMPTS_EXCEEDED')) return new InvalidTokenError()\n if (location.includes('new_user_signup_disabled')) return new UserNotFoundError()\n if (location.includes('failed_to_create_user')) return new FailedToCreateUserError()\n if (location.includes('failed_to_create_session')) return new FailedToCreateSessionError()\n }\n\n if (!errorCode) {\n return new BetterAuthUnknownError()\n }\n\n // ── Base Error Codes ──────────────────────────────────────────────────\n\n // User errors\n if (errorCode === 'USER_NOT_FOUND' || errorCode === 'INVALID_USER') return new UserNotFoundError()\n if (errorCode === 'USER_EMAIL_NOT_FOUND') return new UserEmailNotFoundError()\n\n // Credential errors\n if (errorCode === 'INVALID_EMAIL_OR_PASSWORD') return new InvalidCredentialsError()\n if (errorCode === 'INVALID_PASSWORD') return new InvalidPasswordError()\n if (errorCode === 'INVALID_EMAIL') return new InvalidEmailError()\n\n // Session errors\n if (errorCode === 'SESSION_EXPIRED' || errorCode === 'SESSION_NOT_FRESH') return new SessionExpiredError()\n if (errorCode === 'FAILED_TO_CREATE_SESSION') return new FailedToCreateSessionError()\n if (errorCode === 'FAILED_TO_GET_SESSION') return new FailedToGetSessionError()\n\n // Email verification\n if (errorCode === 'EMAIL_NOT_VERIFIED') return new EmailNotVerifiedError()\n if (errorCode === 'EMAIL_CAN_NOT_BE_UPDATED') return new EmailCannotBeUpdatedError()\n if (errorCode === 'EMAIL_ALREADY_VERIFIED') return new EmailAlreadyVerifiedError()\n if (errorCode === 'EMAIL_MISMATCH') return new EmailMismatchError()\n\n // Password validation\n if (errorCode === 'PASSWORD_TOO_SHORT') return new PasswordTooShortError(8)\n if (errorCode === 'PASSWORD_TOO_LONG') return new PasswordTooLongError(128)\n\n // Account errors\n if (errorCode === 'USER_ALREADY_EXISTS' || errorCode === 'USER_ALREADY_EXISTS_USE_ANOTHER_EMAIL') {\n return new AccountAlreadyExistsError()\n }\n if (errorCode === 'ACCOUNT_NOT_FOUND') return new AccountNotFoundError()\n if (errorCode === 'CREDENTIAL_ACCOUNT_NOT_FOUND') return new CredentialAccountNotFoundError()\n if (errorCode === 'FAILED_TO_UNLINK_LAST_ACCOUNT') return new CannotUnlinkLastAccountError()\n\n // User creation/update errors\n if (errorCode === 'FAILED_TO_CREATE_USER') return new FailedToCreateUserError()\n if (errorCode === 'FAILED_TO_UPDATE_USER') return new FailedToUpdateUserError()\n if (errorCode === 'FAILED_TO_GET_USER_INFO') return new FailedToGetUserInfoError()\n\n // Social account errors\n if (errorCode === 'SOCIAL_ACCOUNT_ALREADY_LINKED' || errorCode === 'LINKED_ACCOUNT_ALREADY_EXISTS') {\n return new SocialAccountLinkedError()\n }\n if (errorCode === 'PROVIDER_NOT_FOUND') return new ProviderNotFoundError()\n\n // Token errors\n if (errorCode === 'ID_TOKEN_NOT_SUPPORTED') return new IdTokenNotSupportedError()\n if (errorCode === 'INVALID_TOKEN') return new InvalidTokenError()\n if (errorCode === 'TOKEN_EXPIRED') return new TokenExpiredError()\n\n // Password management\n if (errorCode === 'USER_ALREADY_HAS_PASSWORD' || errorCode === 'PASSWORD_ALREADY_SET') {\n return new UserAlreadyHasPasswordError()\n }\n\n // Callback/redirect URL errors\n if (\n errorCode === 'INVALID_CALLBACK_URL'\n || errorCode === 'INVALID_REDIRECT_URL'\n || errorCode === 'INVALID_NEW_USER_CALLBACK_URL'\n || errorCode === 'INVALID_ERROR_CALLBACK_URL'\n || errorCode === 'CALLBACK_URL_REQUIRED'\n ) {\n return new InvalidCallbackUrlError()\n }\n\n // Origin/CORS errors\n if (\n errorCode === 'INVALID_ORIGIN'\n || errorCode === 'MISSING_OR_NULL_ORIGIN'\n || errorCode === 'CROSS_SITE_NAVIGATION_LOGIN_BLOCKED'\n ) {\n return new InvalidOriginError()\n }\n\n // Validation errors\n if (\n errorCode === 'VALIDATION_ERROR'\n || errorCode === 'MISSING_FIELD'\n || errorCode === 'FIELD_NOT_ALLOWED'\n || errorCode === 'BODY_MUST_BE_AN_OBJECT'\n || errorCode === 'ASYNC_VALIDATION_NOT_SUPPORTED'\n || errorCode === 'METHOD_NOT_ALLOWED_DEFER_SESSION_REQUIRED'\n ) {\n return new AuthValidationFailedError()\n }\n\n // Verification errors\n if (errorCode === 'FAILED_TO_CREATE_VERIFICATION' || errorCode === 'VERIFICATION_EMAIL_NOT_ENABLED') {\n return new FailedToCreateSessionError()\n }\n\n // ── Organization Plugin Error Codes ───────────────────────────────────\n\n // Organization not found\n if (errorCode === 'ORGANIZATION_NOT_FOUND' || errorCode === 'NO_ACTIVE_ORGANIZATION') {\n return new OrganizationNotFoundError()\n }\n\n // Member not found\n if (\n errorCode === 'MEMBER_NOT_FOUND'\n || errorCode === 'USER_IS_NOT_A_MEMBER_OF_THE_ORGANIZATION'\n || errorCode === 'USER_IS_NOT_A_MEMBER_OF_THE_TEAM'\n ) {\n return new OrganizationMemberNotFoundError()\n }\n\n // Invitation not found\n if (errorCode === 'INVITATION_NOT_FOUND' || errorCode === 'FAILED_TO_RETRIEVE_INVITATION') {\n return new OrganizationInvitationNotFoundError()\n }\n\n // Invitation recipient mismatch\n if (\n errorCode === 'YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION'\n || errorCode === 'EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION'\n ) {\n return new OrganizationInvitationRecipientMismatchError()\n }\n\n // Team not found\n if (errorCode === 'TEAM_NOT_FOUND' || errorCode === 'YOU_DO_NOT_HAVE_AN_ACTIVE_TEAM') {\n return new OrganizationTeamNotFoundError()\n }\n\n // Role not found\n if (errorCode === 'ROLE_NOT_FOUND' || errorCode === 'INVALID_RESOURCE') {\n return new OrganizationRoleNotFoundError()\n }\n\n // Organization conflict/already exists\n if (\n errorCode === 'ORGANIZATION_ALREADY_EXISTS'\n || errorCode === 'ORGANIZATION_SLUG_ALREADY_TAKEN'\n || errorCode === 'USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION'\n || errorCode === 'USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION'\n || errorCode === 'TEAM_ALREADY_EXISTS'\n || errorCode === 'ROLE_NAME_IS_ALREADY_TAKEN'\n ) {\n return new OrganizationConflictError()\n }\n\n // Organization limit reached\n if (\n errorCode === 'YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_ORGANIZATIONS'\n || errorCode === 'YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_TEAMS'\n || errorCode === 'ORGANIZATION_MEMBERSHIP_LIMIT_REACHED'\n || errorCode === 'INVITATION_LIMIT_REACHED'\n || errorCode === 'TEAM_MEMBER_LIMIT_REACHED'\n || errorCode === 'TOO_MANY_ROLES'\n ) {\n return new OrganizationLimitReachedError()\n }\n\n // Organization membership constraints\n if (\n errorCode === 'YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER'\n || errorCode === 'YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER'\n || errorCode === 'UNABLE_TO_REMOVE_LAST_TEAM'\n || errorCode === 'CANNOT_DELETE_A_PRE_DEFINED_ROLE'\n || errorCode === 'ROLE_IS_ASSIGNED_TO_MEMBERS'\n || errorCode === 'YOU_CANNOT_IMPERSONATE_ADMINS'\n || errorCode === 'YOU_CANNOT_BAN_YOURSELF'\n || errorCode === 'YOU_CANNOT_REMOVE_YOURSELF'\n || errorCode === 'INVITER_IS_NO_LONGER_A_MEMBER_OF_THE_ORGANIZATION'\n ) {\n return new OrganizationMembershipError()\n }\n\n // Organization permission denied (catch-all for YOU_ARE_NOT_ALLOWED_TO_* patterns)\n if (\n errorCode.startsWith('YOU_ARE_NOT_ALLOWED_TO_')\n || errorCode === 'YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION'\n || errorCode === 'YOU_CAN_NOT_ACCESS_THE_MEMBERS_OF_THIS_TEAM'\n || errorCode === 'YOU_MUST_BE_IN_AN_ORGANIZATION_TO_CREATE_A_ROLE'\n || errorCode === 'MISSING_AC_INSTANCE'\n ) {\n return new OrganizationPermissionDeniedError()\n }\n\n // Unknown error code\n return new BetterAuthUnknownError(errorCode)\n}\n\n/**\n * Type guard to check if an error is a Better Auth APIError.\n * Uses duck typing to handle bundler environments (e.g. Vite)\n * where instanceof may fail across module boundaries.\n */\nexport function isAPIError(error: unknown): error is APIError {\n if (error instanceof APIError) return true\n\n return (\n error instanceof Error\n && error.name === 'APIError'\n && 'status' in error\n && 'statusCode' in error\n )\n}\n","import type { BetterAuthOptions } from 'better-auth'\nimport { isAPIError, mapBetterAuthError } from './better-auth-error-handler'\n\n/**\n * Get shared Better Auth error handler configuration.\n * Use this in Better Auth config's onAPIError option.\n */\nexport function getErrorHandlerConfig(): BetterAuthOptions['onAPIError'] {\n return {\n throw: false,\n onError: (error) => {\n if (isAPIError(error)) {\n throw mapBetterAuthError(error)\n }\n throw error\n },\n }\n}\n\n/**\n * Wrap a Better Auth function in a try/catch block and map errors to ApplicationError.\n */\nexport const wrapBetterAuth = async <T>(fn: () => Promise<T>): Promise<T> => {\n try {\n return await fn()\n } catch (error) {\n if (isAPIError(error)) {\n throw mapBetterAuthError(error)\n }\n throw error\n }\n}\n","import type { Auth, BetterAuthOptions } from 'better-auth'\nimport { betterAuth } from 'better-auth'\nimport { inject } from 'tsyringe'\nimport { Transient } from 'stratal/di'\nimport { AUTH_OPTIONS, AUTH_SERVICE } from '../auth.tokens'\nimport { getErrorHandlerConfig } from '../utils'\n\n/**\n * AuthService\n *\n * Base authentication service using Better Auth.\n * Configured via AuthModule.forRootAsync() from the application layer.\n *\n * **Extensibility:**\n * Extend this class in application layer to add custom methods.\n *\n * @example\n * ```typescript\n * @Transient(AUTH_SERVICE)\n * export class AppAuthService extends AuthService<AuthOptions> {\n * async signInMagicLink(email: string) {\n * return wrapBetterAuth(async () => {\n * return this.auth.api.signInMagicLink({ body: { email }, headers: new Headers() })\n * })\n * }\n * }\n * ```\n */\n@Transient(AUTH_SERVICE)\nexport class AuthService<TOptions extends BetterAuthOptions = BetterAuthOptions> {\n private authInstance: Auth<TOptions>\n\n constructor(\n @inject(AUTH_OPTIONS) protected readonly options: TOptions\n ) {\n this.authInstance = betterAuth({\n ...this.options,\n onAPIError: getErrorHandlerConfig()\n }) as Auth<TOptions>\n }\n\n /**\n * Get the Better Auth instance\n */\n get auth(): Auth<TOptions> {\n return this.authInstance\n }\n}\n","/**\n * Auth Module\n *\n * Provides configurable authentication using Better Auth.\n * Use `forRootAsync` to configure Better Auth options from the application layer.\n *\n * Optionally pass `accessControl` to enable permission-based authorization.\n * This auto-adds the Stratal AC plugin to Better Auth and registers `AccessService`.\n *\n * @example Without access control\n * ```typescript\n * @Module({\n * imports: [\n * AuthModule.forRootAsync({\n * inject: [DI_TOKENS.Database, CONFIG_TOKENS.ConfigService],\n * useFactory: (db, config) => createAuthOptions(db, config)\n * })\n * ]\n * })\n * export class AppModule {}\n * ```\n *\n * @example With access control\n * ```typescript\n * import { createAccessControl } from '@stratal/framework/access-control'\n * import { admin } from 'better-auth/plugins'\n *\n * const permissions = createAccessControl({\n * resources: { posts: ['create', 'read', 'update', 'delete'] } as const,\n * roles: { admin: { posts: ['create', 'read', 'update', 'delete'] }, user: { posts: ['read'] } },\n * })\n *\n * @Module({\n * imports: [\n * AuthModule.forRootAsync({\n * inject: [DI_TOKENS.Database],\n * useFactory: (db) => ({\n * database: ...,\n * plugins: [admin({ ...permissions })],\n * }),\n * accessControl: permissions,\n * })\n * ]\n * })\n * ```\n */\n\nimport type { BetterAuthOptions } from 'better-auth'\nimport { I18nModule } from 'stratal/i18n'\nimport type { AsyncModuleOptions, DynamicModule } from 'stratal/module'\nimport { Module } from 'stratal/module'\nimport type { RouteConfigurable, Router } from 'stratal/router'\nimport { createStratalAcPlugin } from '../access-control/plugin'\nimport { AccessService } from '../access-control/services/access.service'\nimport { AC_TOKENS } from '../access-control/tokens'\nimport type { AccessControlOptions } from '../access-control/types'\nimport { AUTH_OPTIONS, AUTH_SERVICE } from './auth.tokens'\nimport { authMessages } from './i18n'\nimport { AuthContextMiddleware } from './middleware/auth-context.middleware'\nimport { SessionVerificationMiddleware } from './middleware/session-verification.middleware'\nimport { AuthService } from './services/auth.service'\n\nexport interface AuthModuleAsyncOptions<TOptions extends BetterAuthOptions = BetterAuthOptions>\n extends AsyncModuleOptions<TOptions> {\n /**\n * Optional access control configuration.\n * When provided, registers AccessService and auto-adds the Stratal AC plugin to Better Auth.\n */\n accessControl?: AccessControlOptions\n}\n\n@Module({\n imports: [\n I18nModule.registerMessages(authMessages),\n ],\n providers: []\n})\nexport class AuthModule implements RouteConfigurable {\n /**\n * Configure auth middleware globally.\n *\n * Registers middlewares in order:\n * 1. AuthContextMiddleware - Creates and registers AuthContext in request container\n * 2. SessionVerificationMiddleware - Verifies session and populates AuthContext with userId + role\n */\n configureRoutes(router: Router): void {\n router.use(AuthContextMiddleware, SessionVerificationMiddleware)\n }\n\n /**\n * Configure AuthModule with async options factory.\n * Optionally provide `accessControl` to enable permission-based authorization.\n */\n static forRootAsync<TOptions extends BetterAuthOptions>(\n options: AuthModuleAsyncOptions<TOptions>\n ): DynamicModule {\n const { accessControl } = options\n\n const authOptionsProvider = accessControl\n ? {\n provide: AUTH_OPTIONS,\n useFactory: (...deps: unknown[]) => {\n const raw = (options.useFactory as (...args: unknown[]) => TOptions)(...deps) as BetterAuthOptions\n return {\n ...raw,\n plugins: [createStratalAcPlugin(accessControl), ...(raw.plugins ?? [])],\n }\n },\n inject: options.inject,\n }\n : {\n provide: AUTH_OPTIONS,\n useFactory: options.useFactory,\n inject: options.inject,\n }\n\n return {\n module: AuthModule,\n providers: [\n authOptionsProvider,\n {\n provide: AUTH_SERVICE,\n useClass: AuthService,\n },\n ...(accessControl\n ? [\n { provide: AC_TOKENS.Options, useValue: accessControl as unknown as object },\n { provide: AC_TOKENS.AccessService, useClass: AccessService },\n ]\n : []),\n ],\n }\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;AACA,MAAa,eAAe,OAAO,IAAI,uBAAuB;;AAG9D,MAAa,eAAe,OAAO,IAAI,uBAAuB;;;ACJ9D,MAAa,eAAe,EAC1B,IAAI,EACF,MAAM;CACJ,QAAQ;EACN,eAAe;EACf,cAAc;EACd,oBAAoB;EACpB,cAAc;EACd,oBAAoB;EACpB,iBAAiB;EACjB,cAAc;EACd,gBAAgB;EAChB,kBAAkB;EAClB,kBAAkB;EAClB,iBAAiB;EACjB,sBAAsB;EACtB,oBAAoB;EACpB,uBAAuB;EACvB,oBAAoB;EACpB,oBAAoB;EACpB,qBAAqB;EACrB,qBAAqB;EACrB,kBAAkB;EAClB,mBAAmB;EACnB,iBAAiB;EACjB,2BAA2B;EAC3B,yBAAyB;EACzB,wBAAwB;EACxB,sBAAsB;EACtB,cAAc;EACd,oBAAoB;EACpB,eAAe;EACf,kBAAkB;EAClB,sBAAsB;EACtB,eAAe;EACf,cAAc;EACf;CACD,KAAK;EACH,sBAAsB;EACtB,gBAAgB;EAChB,oBAAoB;EACpB,kBAAkB;EAClB,6BAA6B;EAC7B,UAAU;EACV,cAAc;EACd,iBAAiB;EACjB,cAAc;EACd,cAAc;EACf;CACF,EACF,EACF;;;ACvCM,IAAA,wBAAA,MAAM,sBAA4C;CACvD,MAAM,OAAO,KAAoB,MAA2B;EAC1D,MAAM,mBAAmB,IAAI,cAAc;EAE3C,MAAM,cAAc,IAAI,aAAa;AACrC,mBAAiB,cAAc,UAAU,aAAa,YAAY;AAElE,SAAO,MAAM;;;oCARhB,WAAW,CAAA,EAAA,sBAAA;;;ACQL,IAAA,gCAAA,MAAM,8BAAoD;CAC/D,YACE,aAEA,QACA;AAFiB,OAAA,cAAA;AAC4B,OAAA,SAAA;;CAG/C,MAAM,OAAO,KAAoB,MAA2B;AAC1D,MAAI;GACF,MAAM,UAAU,MAAM,KAAK,YAAY,KAAK,IAAI,WAAW,EACzD,SAAS,IAAI,EAAE,IAAI,IAAI,SACxB,CAAC;AAEF,OAAI,QACkB,KAAI,cAAc,CAAC,QAAqB,UAAU,YAC3D,CAAC,eAAe;IACzB,QAAQ,QAAQ,KAAK;IACrB,MAAO,QAAQ,KAAiC;IACjD,CAAC;WAEG,OAAgB;AACvB,QAAK,OAAO,MAAM,uDAAuD,EAAE,OAAO,CAAC;;AAGrF,SAAO,MAAM;;;;CAzBhB,WAAW;oBAGPA,SAAO,aAAa,CAAA;oBAEpBA,SAAO,cAAc,cAAc,CAAA;;;;;ACrBxC,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,YAAY,OAAgB;AAC1B,QAAM,4BAA4B,YAAY,SAAS,WAAW,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAIpG,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,cAAc;AACZ,QAAM,kCAAkC,YAAY,KAAK,oBAAoB;;;AAIjF,IAAa,uBAAb,cAA0C,iBAAiB;CACzD,cAAc;AACZ,QAAM,+BAA+B,YAAY,KAAK,oBAAoB;;;AAI9E,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,YAAY,OAAgB;AAC1B,QAAM,4BAA4B,YAAY,WAAW,gBAAgB,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAI3G,IAAa,sBAAb,cAAyC,iBAAiB;CACxD,cAAc;AACZ,QAAM,8BAA8B,YAAY,KAAK,gBAAgB;;;AAIzE,IAAa,wBAAb,cAA2C,iBAAiB;CAC1D,YAAY,OAAgB;AAC1B,QAAM,gCAAgC,YAAY,KAAK,oBAAoB,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAI7G,IAAa,wBAAb,cAA2C,iBAAiB;CAC1D,YAAY,WAAmB;AAC7B,QAAM,gCAAgC,YAAY,KAAK,oBAAoB,EAAE,WAAW,CAAC;;;AAI7F,IAAa,uBAAb,cAA0C,iBAAiB;CACzD,YAAY,WAAmB;AAC7B,QAAM,+BAA+B,YAAY,KAAK,mBAAmB,EAAE,WAAW,CAAC;;;AAI3F,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,YAAY,OAAgB;AAC1B,QAAM,oCAAoC,YAAY,KAAK,wBAAwB,QAAQ,EAAE,OAAO,GAAG,KAAA,EAAU;;;AAIrH,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,YAAY,QAAiB;AAC3B,QAAM,kCAAkC,YAAY,KAAK,uBAAuB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAIpH,IAAa,6BAAb,cAAgD,iBAAiB;CAC/D,YAAY,QAAiB;AAC3B,QAAM,qCAAqC,YAAY,KAAK,0BAA0B,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAI1H,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,YAAY,QAAiB;AAC3B,QAAM,kCAAkC,YAAY,KAAK,uBAAuB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAIpH,IAAa,2BAAb,cAA8C,iBAAiB;CAC7D,YAAY,UAAmB;AAC7B,QAAM,mCAAmC,YAAY,KAAK,uBAAuB,WAAW,EAAE,UAAU,GAAG,KAAA,EAAU;;;AAIzH,IAAa,+BAAb,cAAkD,iBAAiB;CACjE,cAAc;AACZ,QAAM,uCAAuC,YAAY,KAAK,2BAA2B;;;AAI7F,IAAa,wBAAb,cAA2C,iBAAiB;CAC1D,YAAY,UAAmB;AAC7B,QAAM,gCAAgC,YAAY,SAAS,WAAW,WAAW,EAAE,UAAU,GAAG,KAAA,EAAU;;;AAI9G,IAAa,yBAAb,cAA4C,iBAAiB;CAC3D,cAAc;AACZ,QAAM,iCAAiC,YAAY,SAAS,UAAU;;;AAI1E,IAAa,uBAAb,cAA0C,iBAAiB;CACzD,cAAc;AACZ,QAAM,+BAA+B,YAAY,SAAS,UAAU;;;AAIxE,IAAa,iCAAb,cAAoD,iBAAiB;CACnE,cAAc;AACZ,QAAM,yCAAyC,YAAY,SAAS,UAAU;;;AAIlF,IAAa,8BAAb,cAAiD,iBAAiB;CAChE,cAAc;AACZ,QAAM,sCAAsC,YAAY,SAAS,SAAS;;;AAI9E,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,YAAY,QAAiB;AAC3B,QAAM,oCAAoC,YAAY,WAAW,SAAS,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAI9G,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,YAAY,QAAiB;AAC3B,QAAM,kCAAkC,YAAY,OAAO,gBAAgB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAI/G,IAAa,2BAAb,cAA8C,iBAAiB;CAC7D,YAAY,QAAiB;AAC3B,QAAM,mCAAmC,YAAY,OAAO,gBAAgB,SAAS,EAAE,QAAQ,GAAG,KAAA,EAAU;;;AAIhH,IAAa,2BAAb,cAA8C,iBAAiB;CAC7D,cAAc;AACZ,QAAM,4BAA4B,YAAY,WAAW,QAAQ;;;AAIrE,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,cAAc;AACZ,QAAM,4BAA4B,YAAY,WAAW,QAAQ;;;AAIrE,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,cAAc;AACZ,QAAM,kCAAkC,YAAY,WAAW,eAAe;;;AAIlF,IAAa,qBAAb,cAAwC,iBAAiB;CACvD,cAAc;AACZ,QAAM,6BAA6B,YAAY,MAAM,UAAU;;;AAInE,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,cAAc;AACZ,QAAM,gCAAgC,YAAY,WAAW,QAAQ;;;AAIzE,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,cAAc;AACZ,QAAM,oCAAoC,YAAY,SAAS,SAAS;;;AAI5E,IAAa,qBAAb,cAAwC,iBAAiB;CACvD,cAAc;AACZ,QAAM,6BAA6B,YAAY,WAAW,eAAe;;;AAI7E,IAAa,yBAAb,cAA4C,iBAAiB;CAC3D,YAAY,WAAoB;AAC9B,QAAM,4BAA4B,YAAY,OAAO,gBAAgB,YAAY,EAAE,WAAW,GAAG,KAAA,EAAU;;;;;AChL/G,IAAa,oBAAb,cAAuC,iBAAiB;CACtD,cAAc;AACZ,QAAM,4BAA4B,YAAY,KAAK,cAAc;;;;;ACFrE,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,cAAc;AACZ,QAAM,iCAAiC,YAAY,KAAK,uBAAuB;;;AAInF,IAAa,kCAAb,cAAqD,iBAAiB;CACpE,cAAc;AACZ,QAAM,2BAA2B,YAAY,KAAK,iBAAiB;;;AAIvE,IAAa,sCAAb,cAAyD,iBAAiB;CACxE,cAAc;AACZ,QAAM,+BAA+B,YAAY,KAAK,qBAAqB;;;AAI/E,IAAa,oCAAb,cAAuD,iBAAiB;CACtE,cAAc;AACZ,QAAM,6BAA6B,YAAY,MAAM,UAAU;;;AAInE,IAAa,+CAAb,cAAkE,iBAAiB;CACjF,cAAc;AACZ,QAAM,wCAAwC,YAAY,KAAK,8BAA8B;;;AAIjG,IAAa,4BAAb,cAA+C,iBAAiB;CAC9D,cAAc;AACZ,QAAM,qBAAqB,YAAY,SAAS,SAAS;;;AAI7D,IAAa,gCAAb,cAAmD,iBAAiB;CAClE,cAAc;AACZ,QAAM,yBAAyB,YAAY,KAAK,2BAA2B;;;AAI/E,IAAa,8BAAb,cAAiD,iBAAiB;CAChE,cAAc;AACZ,QAAM,4BAA4B,YAAY,KAAK,iCAAiC;;;AAIxF,IAAa,gCAAb,cAAmD,iBAAiB;CAClE,cAAc;AACZ,QAAM,yBAAyB,YAAY,SAAS,UAAU;;;AAIlE,IAAa,gCAAb,cAAmD,iBAAiB;CAClE,cAAc;AACZ,QAAM,yBAAyB,YAAY,SAAS,UAAU;;;;;ACxDlE,IAAa,qBAAb,cAAwC,iBAAiB;CACvD,cAAc;AACZ,QAAM,6BAA6B,YAAY,WAAW,gBAAgB,EAAE,OAAO,SAAS,CAAC;;;;;ACFjG,IAAa,0BAAb,cAA6C,iBAAiB;CAC5D,cAAc;AACZ,QAAM,kCAAkC,YAAY,KAAK,oBAAoB;;;;;;;;AC6CjF,SAAgB,mBAAmB,OAAmC;CACpE,MAAM,YAAY,MAAM,MAAM;AAE9B,KAAI,MAAM,WAAW,SAAS;EAE5B,MAAM,WADU,MAAM,QACG,IAAI,WAAW,IAAI;AAE5C,MAAI,SAAS,SAAS,gBAAgB,CAAE,QAAO,IAAI,mBAAmB;AACtE,MAAI,SAAS,SAAS,gBAAgB,CAAE,QAAO,IAAI,mBAAmB;AACtE,MAAI,SAAS,SAAS,oBAAoB,CAAE,QAAO,IAAI,mBAAmB;AAC1E,MAAI,SAAS,SAAS,2BAA2B,CAAE,QAAO,IAAI,mBAAmB;AACjF,MAAI,SAAS,SAAS,wBAAwB,CAAE,QAAO,IAAI,yBAAyB;AACpF,MAAI,SAAS,SAAS,2BAA2B,CAAE,QAAO,IAAI,4BAA4B;;AAG5F,KAAI,CAAC,UACH,QAAO,IAAI,wBAAwB;AAMrC,KAAI,cAAc,oBAAoB,cAAc,eAAgB,QAAO,IAAI,mBAAmB;AAClG,KAAI,cAAc,uBAAwB,QAAO,IAAI,wBAAwB;AAG7E,KAAI,cAAc,4BAA6B,QAAO,IAAI,yBAAyB;AACnF,KAAI,cAAc,mBAAoB,QAAO,IAAI,sBAAsB;AACvE,KAAI,cAAc,gBAAiB,QAAO,IAAI,mBAAmB;AAGjE,KAAI,cAAc,qBAAqB,cAAc,oBAAqB,QAAO,IAAI,qBAAqB;AAC1G,KAAI,cAAc,2BAA4B,QAAO,IAAI,4BAA4B;AACrF,KAAI,cAAc,wBAAyB,QAAO,IAAI,yBAAyB;AAG/E,KAAI,cAAc,qBAAsB,QAAO,IAAI,uBAAuB;AAC1E,KAAI,cAAc,2BAA4B,QAAO,IAAI,2BAA2B;AACpF,KAAI,cAAc,yBAA0B,QAAO,IAAI,2BAA2B;AAClF,KAAI,cAAc,iBAAkB,QAAO,IAAI,oBAAoB;AAGnE,KAAI,cAAc,qBAAsB,QAAO,IAAI,sBAAsB,EAAE;AAC3E,KAAI,cAAc,oBAAqB,QAAO,IAAI,qBAAqB,IAAI;AAG3E,KAAI,cAAc,yBAAyB,cAAc,wCACvD,QAAO,IAAI,2BAA2B;AAExC,KAAI,cAAc,oBAAqB,QAAO,IAAI,sBAAsB;AACxE,KAAI,cAAc,+BAAgC,QAAO,IAAI,gCAAgC;AAC7F,KAAI,cAAc,gCAAiC,QAAO,IAAI,8BAA8B;AAG5F,KAAI,cAAc,wBAAyB,QAAO,IAAI,yBAAyB;AAC/E,KAAI,cAAc,wBAAyB,QAAO,IAAI,yBAAyB;AAC/E,KAAI,cAAc,0BAA2B,QAAO,IAAI,0BAA0B;AAGlF,KAAI,cAAc,mCAAmC,cAAc,gCACjE,QAAO,IAAI,0BAA0B;AAEvC,KAAI,cAAc,qBAAsB,QAAO,IAAI,uBAAuB;AAG1E,KAAI,cAAc,yBAA0B,QAAO,IAAI,0BAA0B;AACjF,KAAI,cAAc,gBAAiB,QAAO,IAAI,mBAAmB;AACjE,KAAI,cAAc,gBAAiB,QAAO,IAAI,mBAAmB;AAGjE,KAAI,cAAc,+BAA+B,cAAc,uBAC7D,QAAO,IAAI,6BAA6B;AAI1C,KACE,cAAc,0BACX,cAAc,0BACd,cAAc,mCACd,cAAc,gCACd,cAAc,wBAEjB,QAAO,IAAI,yBAAyB;AAItC,KACE,cAAc,oBACX,cAAc,4BACd,cAAc,sCAEjB,QAAO,IAAI,oBAAoB;AAIjC,KACE,cAAc,sBACX,cAAc,mBACd,cAAc,uBACd,cAAc,4BACd,cAAc,oCACd,cAAc,4CAEjB,QAAO,IAAI,2BAA2B;AAIxC,KAAI,cAAc,mCAAmC,cAAc,iCACjE,QAAO,IAAI,4BAA4B;AAMzC,KAAI,cAAc,4BAA4B,cAAc,yBAC1D,QAAO,IAAI,2BAA2B;AAIxC,KACE,cAAc,sBACX,cAAc,8CACd,cAAc,mCAEjB,QAAO,IAAI,iCAAiC;AAI9C,KAAI,cAAc,0BAA0B,cAAc,gCACxD,QAAO,IAAI,qCAAqC;AAIlD,KACE,cAAc,iDACX,cAAc,uEAEjB,QAAO,IAAI,8CAA8C;AAI3D,KAAI,cAAc,oBAAoB,cAAc,iCAClD,QAAO,IAAI,+BAA+B;AAI5C,KAAI,cAAc,oBAAoB,cAAc,mBAClD,QAAO,IAAI,+BAA+B;AAI5C,KACE,cAAc,iCACX,cAAc,qCACd,cAAc,mDACd,cAAc,kDACd,cAAc,yBACd,cAAc,6BAEjB,QAAO,IAAI,2BAA2B;AAIxC,KACE,cAAc,0DACX,cAAc,kDACd,cAAc,2CACd,cAAc,8BACd,cAAc,+BACd,cAAc,iBAEjB,QAAO,IAAI,+BAA+B;AAI5C,KACE,cAAc,yDACX,cAAc,wDACd,cAAc,gCACd,cAAc,sCACd,cAAc,iCACd,cAAc,mCACd,cAAc,6BACd,cAAc,gCACd,cAAc,oDAEjB,QAAO,IAAI,6BAA6B;AAI1C,KACE,UAAU,WAAW,0BAA0B,IAC5C,cAAc,+CACd,cAAc,iDACd,cAAc,qDACd,cAAc,sBAEjB,QAAO,IAAI,mCAAmC;AAIhD,QAAO,IAAI,uBAAuB,UAAU;;;;;;;AAQ9C,SAAgB,WAAW,OAAmC;AAC5D,KAAI,iBAAiB,SAAU,QAAO;AAEtC,QACE,iBAAiB,SACd,MAAM,SAAS,cACf,YAAY,SACZ,gBAAgB;;;;;;;;AClQvB,SAAgB,wBAAyD;AACvE,QAAO;EACL,OAAO;EACP,UAAU,UAAU;AAClB,OAAI,WAAW,MAAM,CACnB,OAAM,mBAAmB,MAAM;AAEjC,SAAM;;EAET;;;;;AAMH,MAAa,iBAAiB,OAAU,OAAqC;AAC3E,KAAI;AACF,SAAO,MAAM,IAAI;UACV,OAAO;AACd,MAAI,WAAW,MAAM,CACnB,OAAM,mBAAmB,MAAM;AAEjC,QAAM;;;;;ACAH,IAAA,cAAA,MAAM,YAAoE;CAC/E;CAEA,YACE,SACA;AADyC,OAAA,UAAA;AAEzC,OAAK,eAAe,WAAW;GAC7B,GAAG,KAAK;GACR,YAAY,uBAAuB;GACpC,CAAC;;;;;CAMJ,IAAI,OAAuB;AACzB,SAAO,KAAK;;;;CAjBf,UAAU,aAAa;oBAKnBC,SAAO,aAAa,CAAA;;;;;;AC4ClB,IAAA,aAAA,cAAA,MAAM,WAAwC;;;;;;;;CAQnD,gBAAgB,QAAsB;AACpC,SAAO,IAAI,uBAAuB,8BAA8B;;;;;;CAOlE,OAAO,aACL,SACe;EACf,MAAM,EAAE,kBAAkB;EAE1B,MAAM,sBAAsB,gBACxB;GACA,SAAS;GACT,aAAa,GAAG,SAAoB;IAClC,MAAM,MAAO,QAAQ,WAAgD,GAAG,KAAK;AAC7E,WAAO;KACL,GAAG;KACH,SAAS,CAAC,sBAAsB,cAAc,EAAE,GAAI,IAAI,WAAW,EAAE,CAAE;KACxE;;GAEH,QAAQ,QAAQ;GACjB,GACC;GACA,SAAS;GACT,YAAY,QAAQ;GACpB,QAAQ,QAAQ;GACjB;AAEH,SAAO;GACL,QAAA;GACA,WAAW;IACT;IACA;KACE,SAAS;KACT,UAAU;KACX;IACD,GAAI,gBACA,CACA;KAAE,SAAS,UAAU;KAAS,UAAU;KAAoC,EAC5E;KAAE,SAAS,UAAU;KAAe,UAAU;KAAe,CAC9D,GACC,EAAE;IACP;GACF;;;uCA5DJ,OAAO;CACN,SAAS,CACP,WAAW,iBAAiB,aAAa,CAC1C;CACD,WAAW,EAAE;CACd,CAAC,CAAA,EAAA,WAAA"}
|
|
@@ -1,9 +1,12 @@
|
|
|
1
1
|
//#region src/context/auth-context.d.ts
|
|
2
2
|
interface AuthInfo {
|
|
3
3
|
userId?: string;
|
|
4
|
+
/** Comma-separated role string from the session (e.g. "admin" or "editor,reviewer") */
|
|
5
|
+
role?: string;
|
|
4
6
|
}
|
|
5
7
|
declare class AuthContext {
|
|
6
8
|
protected userId?: string;
|
|
9
|
+
protected role?: string;
|
|
7
10
|
/**
|
|
8
11
|
* Set authentication context.
|
|
9
12
|
* This should be called once per request with user information.
|
|
@@ -23,6 +26,16 @@ declare class AuthContext {
|
|
|
23
26
|
* Get full authentication context or throw if not initialized.
|
|
24
27
|
*/
|
|
25
28
|
getAuthContext(): AuthInfo;
|
|
29
|
+
/**
|
|
30
|
+
* Get the raw comma-separated role string from the session.
|
|
31
|
+
* Returns undefined if no role is set or user is not authenticated.
|
|
32
|
+
*/
|
|
33
|
+
getRole(): string | undefined;
|
|
34
|
+
/**
|
|
35
|
+
* Get the user's roles as an array.
|
|
36
|
+
* Returns an empty array if no role is set or user is not authenticated.
|
|
37
|
+
*/
|
|
38
|
+
getRoles(): string[];
|
|
26
39
|
/**
|
|
27
40
|
* Check if user is authenticated.
|
|
28
41
|
*/
|
|
@@ -35,4 +48,4 @@ declare class AuthContext {
|
|
|
35
48
|
}
|
|
36
49
|
//#endregion
|
|
37
50
|
export { AuthInfo as n, AuthContext as t };
|
|
38
|
-
//# sourceMappingURL=auth-context-
|
|
51
|
+
//# sourceMappingURL=auth-context-BXSkiJ56.d.mts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-context-BXSkiJ56.d.mts","names":[],"sources":["../src/context/auth-context.ts"],"mappings":";UAMiB,QAAA;EACf,MAAA;EADuB;EAGvB,IAAA;AAAA;AAAA,cAIW,WAAA;EAAA,UACD,MAAA;EAAA,UACA,IAAA;;;;;EAMV,cAAA,CAAe,IAAA,EAAM,QAAA;EAAA;;;;EASrB,SAAA,CAAA;EAmBkB;;;;EAXlB,aAAA,CAAA;EAiDgB;;;EAtChB,cAAA,CAAA,GAAkB,QAAA;;;;;EAclB,OAAA,CAAA;;;;;EAQA,QAAA,CAAA;;;;EAQA,eAAA,CAAA;;;;;EAQA,gBAAA,CAAA;AAAA"}
|
|
@@ -1,15 +1,17 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import {
|
|
1
|
+
import { t as __decorate } from "./decorate-CdfCRvAc.mjs";
|
|
2
|
+
import { n as UserNotAuthenticatedError, r as ContextNotInitializedError } from "./errors-B1vVXc1T.mjs";
|
|
3
3
|
import { DI_TOKENS, Transient } from "stratal/di";
|
|
4
4
|
//#region src/context/auth-context.ts
|
|
5
5
|
let AuthContext = class AuthContext {
|
|
6
6
|
userId;
|
|
7
|
+
role;
|
|
7
8
|
/**
|
|
8
9
|
* Set authentication context.
|
|
9
10
|
* This should be called once per request with user information.
|
|
10
11
|
*/
|
|
11
12
|
setAuthContext(info) {
|
|
12
13
|
this.userId = info.userId;
|
|
14
|
+
this.role = info.role;
|
|
13
15
|
}
|
|
14
16
|
/**
|
|
15
17
|
* Get user ID if available.
|
|
@@ -32,7 +34,25 @@ let AuthContext = class AuthContext {
|
|
|
32
34
|
*/
|
|
33
35
|
getAuthContext() {
|
|
34
36
|
if (!this.userId) throw new ContextNotInitializedError("Authentication");
|
|
35
|
-
return {
|
|
37
|
+
return {
|
|
38
|
+
userId: this.userId,
|
|
39
|
+
role: this.role
|
|
40
|
+
};
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Get the raw comma-separated role string from the session.
|
|
44
|
+
* Returns undefined if no role is set or user is not authenticated.
|
|
45
|
+
*/
|
|
46
|
+
getRole() {
|
|
47
|
+
return this.role;
|
|
48
|
+
}
|
|
49
|
+
/**
|
|
50
|
+
* Get the user's roles as an array.
|
|
51
|
+
* Returns an empty array if no role is set or user is not authenticated.
|
|
52
|
+
*/
|
|
53
|
+
getRoles() {
|
|
54
|
+
if (!this.role) return [];
|
|
55
|
+
return this.role.split(",").map((r) => r.trim()).filter(Boolean);
|
|
36
56
|
}
|
|
37
57
|
/**
|
|
38
58
|
* Check if user is authenticated.
|
|
@@ -46,10 +66,11 @@ let AuthContext = class AuthContext {
|
|
|
46
66
|
*/
|
|
47
67
|
clearAuthContext() {
|
|
48
68
|
this.userId = void 0;
|
|
69
|
+
this.role = void 0;
|
|
49
70
|
}
|
|
50
71
|
};
|
|
51
72
|
AuthContext = __decorate([Transient(DI_TOKENS.AuthContext)], AuthContext);
|
|
52
73
|
//#endregion
|
|
53
74
|
export { AuthContext as t };
|
|
54
75
|
|
|
55
|
-
//# sourceMappingURL=auth-context-
|
|
76
|
+
//# sourceMappingURL=auth-context-BberoPal.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-context-BberoPal.mjs","names":[],"sources":["../src/context/auth-context.ts"],"sourcesContent":["import { Transient, DI_TOKENS } from 'stratal/di'\nimport {\n ContextNotInitializedError,\n UserNotAuthenticatedError\n} from './errors'\n\nexport interface AuthInfo {\n userId?: string\n /** Comma-separated role string from the session (e.g. \"admin\" or \"editor,reviewer\") */\n role?: string\n}\n\n@Transient(DI_TOKENS.AuthContext)\nexport class AuthContext {\n protected userId?: string\n protected role?: string\n\n /**\n * Set authentication context.\n * This should be called once per request with user information.\n */\n setAuthContext(info: AuthInfo): void {\n this.userId = info.userId\n this.role = info.role\n }\n\n /**\n * Get user ID if available.\n * Returns undefined if no user is authenticated.\n */\n getUserId(): string | undefined {\n return this.userId\n }\n\n /**\n * Get user ID or throw if not authenticated.\n * Use this when authentication is required.\n */\n requireUserId(): string {\n const userId = this.getUserId()\n if (!userId) {\n throw new UserNotAuthenticatedError()\n }\n return userId\n }\n\n /**\n * Get full authentication context or throw if not initialized.\n */\n getAuthContext(): AuthInfo {\n if (!this.userId) {\n throw new ContextNotInitializedError('Authentication')\n }\n return {\n userId: this.userId,\n role: this.role,\n }\n }\n\n /**\n * Get the raw comma-separated role string from the session.\n * Returns undefined if no role is set or user is not authenticated.\n */\n getRole(): string | undefined {\n return this.role\n }\n\n /**\n * Get the user's roles as an array.\n * Returns an empty array if no role is set or user is not authenticated.\n */\n getRoles(): string[] {\n if (!this.role) return []\n return this.role.split(',').map(r => r.trim()).filter(Boolean)\n }\n\n /**\n * Check if user is authenticated.\n */\n isAuthenticated(): boolean {\n return !!this.userId\n }\n\n /**\n * Clear authentication context.\n * Useful for testing or cleanup.\n */\n clearAuthContext(): void {\n this.userId = undefined\n this.role = undefined\n }\n}\n"],"mappings":";;;;AAaO,IAAA,cAAA,MAAM,YAAY;CACvB;CACA;;;;;CAMA,eAAe,MAAsB;AACnC,OAAK,SAAS,KAAK;AACnB,OAAK,OAAO,KAAK;;;;;;CAOnB,YAAgC;AAC9B,SAAO,KAAK;;;;;;CAOd,gBAAwB;EACtB,MAAM,SAAS,KAAK,WAAW;AAC/B,MAAI,CAAC,OACH,OAAM,IAAI,2BAA2B;AAEvC,SAAO;;;;;CAMT,iBAA2B;AACzB,MAAI,CAAC,KAAK,OACR,OAAM,IAAI,2BAA2B,iBAAiB;AAExD,SAAO;GACL,QAAQ,KAAK;GACb,MAAM,KAAK;GACZ;;;;;;CAOH,UAA8B;AAC5B,SAAO,KAAK;;;;;;CAOd,WAAqB;AACnB,MAAI,CAAC,KAAK,KAAM,QAAO,EAAE;AACzB,SAAO,KAAK,KAAK,MAAM,IAAI,CAAC,KAAI,MAAK,EAAE,MAAM,CAAC,CAAC,OAAO,QAAQ;;;;;CAMhE,kBAA2B;AACzB,SAAO,CAAC,CAAC,KAAK;;;;;;CAOhB,mBAAyB;AACvB,OAAK,SAAS,KAAA;AACd,OAAK,OAAO,KAAA;;;0BA7Ef,UAAU,UAAU,YAAY,CAAA,EAAA,YAAA"}
|
package/dist/context/index.d.mts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { n as AuthInfo, t as AuthContext } from "../auth-context-
|
|
1
|
+
import { n as AuthInfo, t as AuthContext } from "../auth-context-BXSkiJ56.mjs";
|
|
2
2
|
import { ApplicationError } from "stratal/errors";
|
|
3
3
|
|
|
4
4
|
//#region src/context/errors/context-not-initialized.error.d.ts
|
package/dist/context/index.mjs
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import { n as UserNotAuthenticatedError, r as ContextNotInitializedError, t as UserNotAuthorizedError } from "../errors-
|
|
2
|
-
import { t as AuthContext } from "../auth-context-
|
|
1
|
+
import { n as UserNotAuthenticatedError, r as ContextNotInitializedError, t as UserNotAuthorizedError } from "../errors-B1vVXc1T.mjs";
|
|
2
|
+
import { t as AuthContext } from "../auth-context-BberoPal.mjs";
|
|
3
3
|
export { AuthContext, ContextNotInitializedError, UserNotAuthenticatedError, UserNotAuthorizedError };
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import { a as
|
|
2
|
-
import { A as
|
|
3
|
-
export { ConnectionName, DATABASE_TOKENS, DatabaseConfigError, DatabaseConnectionConfig, DatabaseError, DatabaseEventName, DatabaseEvents, DatabaseModule, DatabaseModuleConfig, DatabaseOperation, DatabaseService, DbGenerateCommand, DbPullCommand, DbPushCommand, DefaultConnectionName, ErrorHandlerPlugin, EventEmitterPlugin, EventEmitterPluginOptions, EventPhase, ForeignKeyConstraintError, GetData, GetResult, InferAnySchema, InferConnectionSchema, InjectDB, InternalDatabaseEventContext, InvalidErrorCodeRangeError, MigrateDeployCommand, MigrateDevCommand, MigrateResetCommand, MigrateStatusCommand, ModelName, ParseEvent, RecordNotFoundError,
|
|
1
|
+
import { a as InferConnectionSchema, i as InferConnectionExtensions, n as DefaultConnectionName, o as InternalDatabaseEventContext, r as InferAnySchema, s as StratalDatabase, t as ConnectionName } from "../types-BZlcRR2M.mjs";
|
|
2
|
+
import { A as DATABASE_TOKENS, C as UniqueConstraintError, D as DatabaseConfigError, E as ForeignKeyConstraintError, F as DatabaseModuleConfig, M as DatabaseService, N as DatabaseConnectionConfig, O as DatabaseError, P as DatabaseModule, S as fromZenStackError, T as InvalidErrorCodeRangeError, _ as EventPhase, a as DbPushCommand, b as ModelName, c as ZenStackCommand, d as EventEmitterPluginOptions, f as ErrorHandlerPlugin, g as DatabaseOperation, h as DatabaseEvents, i as MigrateDeployCommand, j as connectionSymbol, k as InjectDB, l as SchemaSwitcher, m as DatabaseEventName, n as MigrateResetCommand, o as DbPullCommand, p as databaseMessages, r as MigrateDevCommand, s as DbGenerateCommand, t as MigrateStatusCommand, u as EventEmitterPlugin, v as GetData, w as RecordNotFoundError, x as ParseEvent, y as GetResult } from "../index-CpFBG0Ws.mjs";
|
|
3
|
+
export { ConnectionName, DATABASE_TOKENS, DatabaseConfigError, DatabaseConnectionConfig, DatabaseError, DatabaseEventName, DatabaseEvents, DatabaseModule, DatabaseModuleConfig, DatabaseOperation, DatabaseService, DbGenerateCommand, DbPullCommand, DbPushCommand, DefaultConnectionName, ErrorHandlerPlugin, EventEmitterPlugin, EventEmitterPluginOptions, EventPhase, ForeignKeyConstraintError, GetData, GetResult, InferAnySchema, InferConnectionExtensions, InferConnectionSchema, InjectDB, InternalDatabaseEventContext, InvalidErrorCodeRangeError, MigrateDeployCommand, MigrateDevCommand, MigrateResetCommand, MigrateStatusCommand, ModelName, ParseEvent, RecordNotFoundError, SchemaSwitcher, StratalDatabase, UniqueConstraintError, ZenStackCommand, connectionSymbol, databaseMessages, fromZenStackError };
|
package/dist/database/index.mjs
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
|
-
import { t as
|
|
2
|
-
import { t as
|
|
1
|
+
import { t as __decorateMetadata } from "../decorateMetadata-CqtSx3_1.mjs";
|
|
2
|
+
import { t as __decorate } from "../decorate-CdfCRvAc.mjs";
|
|
3
|
+
import { I18nModule } from "stratal/i18n";
|
|
3
4
|
import { Module } from "stratal/module";
|
|
4
5
|
import { DI_TOKENS, Scope, Transient, delay } from "stratal/di";
|
|
5
6
|
import { ApplicationError, ERROR_CODES } from "stratal/errors";
|
|
6
|
-
import { inject } from "tsyringe";
|
|
7
|
+
import { inject as inject$1 } from "tsyringe";
|
|
7
8
|
import { Command } from "stratal/quarry";
|
|
8
9
|
import { ORMError, ORMErrorReason, ZenStackClient } from "@zenstackhq/orm";
|
|
9
10
|
import { withI18n, z } from "stratal/validation";
|
|
@@ -365,30 +366,32 @@ var EventEmitterPlugin = class {
|
|
|
365
366
|
};
|
|
366
367
|
};
|
|
367
368
|
//#endregion
|
|
368
|
-
//#region src/database/plugins/schema-switcher.
|
|
369
|
+
//#region src/database/plugins/schema-switcher.ts
|
|
369
370
|
/**
|
|
370
|
-
*
|
|
371
|
-
*
|
|
371
|
+
* Switches the active schema on a ZenStack/Kysely database client by mutating
|
|
372
|
+
* `$schema.provider.defaultSchema`. This causes ZenStack's QueryNameMapper to
|
|
373
|
+
* generate fully-qualified table references (e.g. `"tenant_123"."User"`).
|
|
372
374
|
*
|
|
373
|
-
*
|
|
374
|
-
*
|
|
375
|
-
*
|
|
376
|
-
*
|
|
377
|
-
*
|
|
378
|
-
* new SchemaSwitcherPlugin({ schemaName: `tenant_${tenantId}` })
|
|
379
|
-
* ]
|
|
380
|
-
* })
|
|
381
|
-
* ```
|
|
375
|
+
* Must be called BEFORE any queries are made on the client.
|
|
376
|
+
*
|
|
377
|
+
* Note: The ZenStack RuntimePlugin `onQuery` hook fires after table names are
|
|
378
|
+
* already resolved, so a plugin-based approach cannot set the schema prefix.
|
|
379
|
+
* Direct client mutation is the only supported method.
|
|
382
380
|
*/
|
|
383
|
-
var
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
381
|
+
var SchemaSwitcher = class {
|
|
382
|
+
static apply(client, schemaName) {
|
|
383
|
+
const c = client;
|
|
384
|
+
const switched = {
|
|
385
|
+
...c.$schema,
|
|
386
|
+
provider: {
|
|
387
|
+
...c.$schema.provider,
|
|
388
|
+
defaultSchema: schemaName
|
|
389
|
+
}
|
|
390
|
+
};
|
|
391
|
+
c.$schema = switched;
|
|
392
|
+
c.schema = switched;
|
|
393
|
+
return client;
|
|
387
394
|
}
|
|
388
|
-
onQuery = async ({ args, proceed, client }) => {
|
|
389
|
-
await client.$executeRawUnsafe(`SET search_path TO "${this.options.schemaName}"`);
|
|
390
|
-
return proceed(args);
|
|
391
|
-
};
|
|
392
395
|
};
|
|
393
396
|
//#endregion
|
|
394
397
|
//#region src/database/database.helpers.ts
|
|
@@ -433,6 +436,15 @@ function connectionSymbol(name) {
|
|
|
433
436
|
return Symbol.for(`stratal:database:connection:${name}`);
|
|
434
437
|
}
|
|
435
438
|
//#endregion
|
|
439
|
+
//#region src/database/i18n/en.ts
|
|
440
|
+
const databaseMessages = { en: {
|
|
441
|
+
connectionNameRequired: "Connection name is required",
|
|
442
|
+
defaultConnectionRequired: "Default connection name is required",
|
|
443
|
+
connectionRequired: "At least one connection is required",
|
|
444
|
+
duplicateConnections: "Duplicate connection names found",
|
|
445
|
+
defaultConnectionNotFound: "Default connection not found in connections"
|
|
446
|
+
} };
|
|
447
|
+
//#endregion
|
|
436
448
|
//#region src/database/database.module.ts
|
|
437
449
|
var _DatabaseModule;
|
|
438
450
|
let DatabaseModule = _DatabaseModule = class DatabaseModule {
|
|
@@ -470,30 +482,24 @@ let DatabaseModule = _DatabaseModule = class DatabaseModule {
|
|
|
470
482
|
context.logger.info("DatabaseModule shutdown");
|
|
471
483
|
}
|
|
472
484
|
};
|
|
473
|
-
DatabaseModule = _DatabaseModule = __decorate([Module({
|
|
474
|
-
|
|
475
|
-
|
|
476
|
-
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
|
|
480
|
-
|
|
481
|
-
|
|
485
|
+
DatabaseModule = _DatabaseModule = __decorate([Module({
|
|
486
|
+
imports: [I18nModule.registerMessages({ en: { database: databaseMessages.en } })],
|
|
487
|
+
providers: [
|
|
488
|
+
DbGenerateCommand,
|
|
489
|
+
DbPushCommand,
|
|
490
|
+
DbPullCommand,
|
|
491
|
+
MigrateDevCommand,
|
|
492
|
+
MigrateDeployCommand,
|
|
493
|
+
MigrateStatusCommand,
|
|
494
|
+
MigrateResetCommand
|
|
495
|
+
]
|
|
496
|
+
})], DatabaseModule);
|
|
482
497
|
//#endregion
|
|
483
498
|
//#region src/database/decorators/inject-db.decorator.ts
|
|
484
499
|
function InjectDB(name) {
|
|
485
|
-
return inject(connectionSymbol(name));
|
|
500
|
+
return inject$1(connectionSymbol(name));
|
|
486
501
|
}
|
|
487
502
|
//#endregion
|
|
488
|
-
|
|
489
|
-
const databaseI18n = { database: {
|
|
490
|
-
connectionNameRequired: "Connection name is required",
|
|
491
|
-
defaultConnectionRequired: "Default connection name is required",
|
|
492
|
-
connectionRequired: "At least one connection is required",
|
|
493
|
-
duplicateConnections: "Duplicate connection names found",
|
|
494
|
-
defaultConnectionNotFound: "Default connection not found in connections"
|
|
495
|
-
} };
|
|
496
|
-
//#endregion
|
|
497
|
-
export { DATABASE_TOKENS, DatabaseConfigError, DatabaseError, DatabaseModule, DbGenerateCommand, DbPullCommand, DbPushCommand, ErrorHandlerPlugin, EventEmitterPlugin, ForeignKeyConstraintError, InjectDB, InvalidErrorCodeRangeError, MigrateDeployCommand, MigrateDevCommand, MigrateResetCommand, MigrateStatusCommand, RecordNotFoundError, SchemaSwitcherPlugin, UniqueConstraintError, ZenStackCommand, connectionSymbol, databaseI18n, fromZenStackError };
|
|
503
|
+
export { DATABASE_TOKENS, DatabaseConfigError, DatabaseError, DatabaseModule, DbGenerateCommand, DbPullCommand, DbPushCommand, ErrorHandlerPlugin, EventEmitterPlugin, ForeignKeyConstraintError, InjectDB, InvalidErrorCodeRangeError, MigrateDeployCommand, MigrateDevCommand, MigrateResetCommand, MigrateStatusCommand, RecordNotFoundError, SchemaSwitcher, UniqueConstraintError, ZenStackCommand, connectionSymbol, databaseMessages, fromZenStackError };
|
|
498
504
|
|
|
499
505
|
//# sourceMappingURL=index.mjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","names":[],"sources":["../../src/database/commands/zenstack.command.ts","../../src/database/commands/db-generate.command.ts","../../src/database/commands/db-pull.command.ts","../../src/database/commands/db-push.command.ts","../../src/database/commands/migrate-deploy.command.ts","../../src/database/commands/migrate-dev.command.ts","../../src/database/commands/migrate-reset.command.ts","../../src/database/commands/migrate-status.command.ts","../../src/database/errors/invalid-error-code-range.error.ts","../../src/database/errors/database-error.ts","../../src/database/errors/database-config.error.ts","../../src/database/errors/foreign-key-constraint.error.ts","../../src/database/errors/record-not-found.error.ts","../../src/database/errors/unique-constraint.error.ts","../../src/database/errors/from-zenstack-error.ts","../../src/database/plugins/error-handler.plugin.ts","../../src/database/plugins/event-emitter.plugin.ts","../../src/database/plugins/schema-switcher.plugin.ts","../../src/database/database.helpers.ts","../../src/database/database.tokens.ts","../../src/database/database.module.ts","../../src/database/decorators/inject-db.decorator.ts","../../src/database/i18n/en.ts"],"sourcesContent":["import { Command } from 'stratal/quarry'\n\n/**\n * Base command for ZenStack CLI wrappers.\n * Uses execFileSync with array arguments to prevent shell injection.\n */\nexport abstract class ZenStackCommand extends Command {\n protected async zenstack(args: string[]): Promise<number> {\n // Dynamic import — node:child_process is only available in the Quarry CLI (Node) context\n const { execFileSync } = await import('node:child_process')\n\n try {\n const output = execFileSync('npx', ['zenstack', ...args], {\n encoding: 'utf-8',\n stdio: 'pipe',\n })\n if (output) this.info(output.trim())\n return 0\n } catch (err) {\n const error = err as { stderr?: string; stdout?: string; status?: number }\n if (error.stderr) this.error(error.stderr.trim())\n if (error.stdout) this.info(error.stdout.trim())\n return error.status ?? 1\n }\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class DbGenerateCommand extends ZenStackCommand {\n static command = 'db:generate {--schema= : Path to schema file} {--watch : Enable watch mode}'\n static description = 'Generate ZenStack ORM client'\n\n async handle(): Promise<number> {\n const args = ['generate']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n if (this.boolean('watch')) args.push('--watch')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class DbPullCommand extends ZenStackCommand {\n static command = 'db:pull {--schema= : Path to schema file}'\n static description = 'Introspect database and generate schema'\n\n async handle(): Promise<number> {\n const args = ['db', 'pull']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class DbPushCommand extends ZenStackCommand {\n static command = 'db:push {--schema= : Path to schema file} {--accept-data-loss : Accept data loss} {--force-reset : Force reset database}'\n static description = 'Push database schema changes'\n\n async handle(): Promise<number> {\n const args = ['db', 'push']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n if (this.boolean('accept-data-loss')) args.push('--accept-data-loss')\n if (this.boolean('force-reset')) args.push('--force-reset')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateDeployCommand extends ZenStackCommand {\n static command = 'migrate:deploy {--schema= : Path to schema file}'\n static description = 'Deploy pending migrations'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'deploy']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateDevCommand extends ZenStackCommand {\n static command = 'migrate:dev {--schema= : Path to schema file} {--name= : Migration name} {--create-only : Create without applying}'\n static description = 'Create and apply migration'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'dev']\n const schema = this.string('schema')\n const name = this.string('name')\n\n if (schema) args.push('--schema', schema)\n if (name) args.push('--name', name)\n if (this.boolean('create-only')) args.push('--create-only')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateResetCommand extends ZenStackCommand {\n static command = 'migrate:reset {--schema= : Path to schema file} {--force : Skip confirmation} {--skip-seed : Skip seeding}'\n static description = 'Reset database'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'reset']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n if (this.boolean('force')) args.push('--force')\n if (this.boolean('skip-seed')) args.push('--skip-seed')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateStatusCommand extends ZenStackCommand {\n static command = 'migrate:status {--schema= : Path to schema file}'\n static description = 'Check migration status'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'status']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n\n return this.zenstack(args)\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\n/**\n * InvalidErrorCodeRangeError\n *\n * Thrown when a DatabaseError subclass is constructed with an error code\n * outside the valid database error range (2000-2999).\n * This is a developer-facing error to enforce error code conventions.\n */\nexport class InvalidErrorCodeRangeError extends ApplicationError {\n constructor(code: number, expectedRange: string) {\n super(\n 'errors.invalidErrorCodeRange',\n ERROR_CODES.SYSTEM.INVALID_ERROR_CODE_RANGE,\n { code, expectedRange }\n )\n }\n}\n","import type { MessageKeys } from 'stratal/i18n'\nimport { ApplicationError, ERROR_CODES, type ErrorCode } from 'stratal/errors'\nimport { InvalidErrorCodeRangeError } from './invalid-error-code-range.error'\n\n/**\n * DatabaseError\n *\n * Generic database error thrown when a database operation fails\n * and doesn't fit into a more specific error category.\n *\n * This is the base class for all database-related errors.\n */\nexport class DatabaseError extends ApplicationError {\n constructor(\n messageKey: MessageKeys = 'errors.databaseGeneric',\n code: ErrorCode = ERROR_CODES.DATABASE.GENERIC,\n metadata?: Record<string, unknown>\n ) {\n // Validate that code is in the database error range\n if (code < 2000 || code >= 3000) {\n throw new InvalidErrorCodeRangeError(code, '2000-2999')\n }\n\n super(messageKey, code, metadata)\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\nexport class DatabaseConfigError extends DatabaseError {\n constructor(details: string) {\n super('errors.databaseGeneric', ERROR_CODES.DATABASE.GENERIC, { details })\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\n/**\n * ForeignKeyConstraintError\n *\n * Thrown when a database foreign key constraint is violated.\n * This typically occurs when:\n * - Trying to insert a record with a foreign key that doesn't exist\n * - Trying to delete a record that is referenced by other records\n * - Trying to update a foreign key to a non-existent value\n */\nexport class ForeignKeyConstraintError extends DatabaseError {\n constructor(field?: string) {\n super('errors.databaseForeignKeyConstraint', ERROR_CODES.DATABASE.FOREIGN_KEY_CONSTRAINT, {\n field,\n })\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\n/**\n * RecordNotFoundError\n *\n * Generic error thrown when a database record is not found.\n * This is typically thrown when a findUnique or findFirst operation\n * returns null, or when a required record doesn't exist.\n *\n * Services should catch this and optionally refine it to a more specific\n * domain error (e.g., NoteNotFoundError, UserNotFoundError).\n */\nexport class RecordNotFoundError extends DatabaseError {\n constructor(details?: string) {\n super('errors.databaseRecordNotFound', ERROR_CODES.DATABASE.RECORD_NOT_FOUND, {\n details,\n })\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\n/**\n * UniqueConstraintError\n *\n * Thrown when a database unique constraint is violated.\n * This typically occurs when trying to insert or update a record\n * with a value that already exists in a unique column.\n *\n * Services should catch this and optionally refine it to a more specific\n * domain error (e.g., UserEmailAlreadyExistsError).\n */\nexport class UniqueConstraintError extends DatabaseError {\n constructor(fields?: string[]) {\n super('errors.databaseUniqueConstraint', ERROR_CODES.DATABASE.UNIQUE_CONSTRAINT, {\n fields,\n })\n }\n}\n","import { ORMError, ORMErrorReason } from '@zenstackhq/orm'\nimport { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\nimport { ForeignKeyConstraintError } from './foreign-key-constraint.error'\nimport { RecordNotFoundError } from './record-not-found.error'\nimport { UniqueConstraintError } from './unique-constraint.error'\n\n/**\n * Transform ZenStack ORM errors into ApplicationError instances\n *\n * This function maps ORMError codes to generic database error classes.\n * Services can catch these generic errors and optionally refine them to\n * more specific domain errors if needed.\n *\n * @param error - The error thrown by ZenStack ORM\n * @returns An ApplicationError instance\n *\n * @example\n * ```typescript\n * try {\n * await db.user.create({ data: { email: 'existing@example.com' } })\n * } catch (error) {\n * throw fromZenStackError(error) // Becomes UniqueConstraintError or other\n * }\n * ```\n */\nexport function fromZenStackError(error: unknown): DatabaseError {\n // Handle ZenStack ORM Errors\n if (error instanceof ORMError) {\n const ormError = error\n\n switch (ormError.reason) {\n case ORMErrorReason.NOT_FOUND:\n return new RecordNotFoundError(ormError.model)\n\n case ORMErrorReason.DB_QUERY_ERROR:\n // Parse database-specific error codes\n return parseDatabaseError(ormError)\n\n case ORMErrorReason.INVALID_INPUT:\n return new DatabaseError(\n 'errors.databaseInvalidQuery',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message }\n )\n\n case ORMErrorReason.CONFIG_ERROR:\n return new DatabaseError(\n 'errors.databaseConnectionFailed',\n ERROR_CODES.DATABASE.CONNECTION_FAILED,\n { message: ormError.message }\n )\n\n case ORMErrorReason.NOT_SUPPORTED:\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message, reason: 'Operation not supported' }\n )\n\n case ORMErrorReason.INTERNAL_ERROR:\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message }\n )\n\n default:\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message, reason: ormError.reason }\n )\n }\n }\n\n // Handle unknown errors\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { originalError: String(error) }\n )\n}\n\n/**\n * Parse database-specific errors from the dbErrorCode field\n */\nfunction parseDatabaseError(error: ORMError): DatabaseError {\n // Cast dbErrorCode to string since ZenStack types it loosely\n const dbErrorCode = error.dbErrorCode as string | undefined\n\n // PostgreSQL error codes\n // https://www.postgresql.org/docs/current/errcodes-appendix.html\n if (dbErrorCode) {\n // Class 23 - Integrity Constraint Violation\n if (dbErrorCode === '23505') {\n // Unique violation\n return new UniqueConstraintError([error.model ?? 'unknown'])\n }\n\n if (dbErrorCode === '23503') {\n // Foreign key violation\n return new ForeignKeyConstraintError(error.model ?? 'unknown')\n }\n\n if (dbErrorCode === '23502') {\n // Not null violation\n return new DatabaseError(\n 'errors.databaseNullConstraint',\n ERROR_CODES.DATABASE.NULL_CONSTRAINT,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n if (dbErrorCode === '23514') {\n // Check constraint violation\n return new DatabaseError(\n 'errors.databaseConstraintFailed',\n ERROR_CODES.DATABASE.GENERIC,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 42 - Syntax Error or Access Rule Violation\n if (dbErrorCode.startsWith('42')) {\n if (dbErrorCode === '42P01') {\n // Undefined table\n return new DatabaseError(\n 'errors.databaseTableNotFound',\n ERROR_CODES.DATABASE.GENERIC,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n if (dbErrorCode === '42703') {\n // Undefined column\n return new DatabaseError(\n 'errors.databaseColumnNotFound',\n ERROR_CODES.DATABASE.GENERIC,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n }\n\n // Class 08 - Connection Exception\n if (dbErrorCode.startsWith('08')) {\n return new DatabaseError(\n 'errors.databaseConnectionFailed',\n ERROR_CODES.DATABASE.CONNECTION_FAILED,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 57 - Operator Intervention\n if (dbErrorCode === '57014') {\n // Query cancelled\n return new DatabaseError(\n 'errors.databaseTimeout',\n ERROR_CODES.DATABASE.TIMEOUT,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 40 - Transaction Rollback\n if (dbErrorCode.startsWith('40')) {\n return new DatabaseError(\n 'errors.databaseTransactionConflict',\n ERROR_CODES.DATABASE.TRANSACTION_CONFLICT,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 53 - Insufficient Resources\n if (dbErrorCode === '53300') {\n // Too many connections\n return new DatabaseError(\n 'errors.databaseTooManyConnections',\n ERROR_CODES.DATABASE.TOO_MANY_CONNECTIONS,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n }\n\n // Default database error\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n {\n dbErrorCode,\n dbErrorMessage: error.dbErrorMessage,\n sql: error.sql,\n }\n )\n}\n","import { type RuntimePlugin } from '@zenstackhq/orm'\nimport { type SchemaDef } from '@zenstackhq/orm/schema'\nimport { fromZenStackError } from '../errors'\n\n/**\n * ZenStack runtime plugin that transforms ORM errors into ApplicationError instances.\n *\n * @example\n * ```typescript\n * super(schema, {\n * dialect: new PostgresDialect({ pool }),\n * plugins: [new ErrorHandlerPlugin()]\n * })\n * ```\n */\nexport class ErrorHandlerPlugin implements RuntimePlugin<SchemaDef, Record<string, unknown>, Record<string, unknown>, {}> {\n readonly id = 'error-handler'\n\n onQuery = async ({ args, proceed }: {\n args: Record<string, unknown> | undefined\n proceed: (args: Record<string, unknown> | undefined) => Promise<unknown>\n }): Promise<unknown> => {\n try {\n return await proceed(args)\n } catch (error) {\n throw fromZenStackError(error)\n }\n }\n}\n","import { type RuntimePlugin } from '@zenstackhq/orm'\nimport { type SchemaDef } from '@zenstackhq/orm/schema'\nimport type { EventName, IEventRegistry } from 'stratal/events'\n\nexport interface EventEmitterPluginOptions {\n eventRegistry: IEventRegistry\n}\n\n/**\n * ZenStack runtime plugin that emits before/after events for database operations.\n *\n * Emits events in the format:\n * - `before.{Model}.{operation}` - Before the database operation\n * - `after.{Model}.{operation}` - After the database operation\n *\n * @example\n * ```typescript\n * super(schema, {\n * dialect: new PostgresDialect({ pool }),\n * plugins: [\n * new EventEmitterPlugin({\n * eventRegistry,\n * })\n * ]\n * })\n * ```\n */\nexport class EventEmitterPlugin implements RuntimePlugin<SchemaDef, Record<string, unknown>, Record<string, unknown>, {}> {\n readonly id = 'event-emitter'\n\n constructor(private options: EventEmitterPluginOptions) { }\n\n onQuery = async ({ model, operation, args, proceed }: {\n model: string\n operation: string\n args: Record<string, unknown> | undefined\n proceed: (args: Record<string, unknown> | undefined) => Promise<unknown>\n }): Promise<unknown> => {\n const { eventRegistry } = this.options\n const eventBase = `${model}.${operation}`\n\n // Emit BEFORE event\n await eventRegistry.emit(`before.${eventBase}` as EventName, {\n data: args,\n })\n\n // Execute the actual database operation\n const result = await proceed(args)\n\n // Emit AFTER event\n await eventRegistry.emit(`after.${eventBase}` as EventName, {\n data: args,\n result,\n })\n\n return result\n }\n}\n","import { type RuntimePlugin } from \"@zenstackhq/orm\"\nimport { type SchemaDef } from \"@zenstackhq/orm/schema\"\n\nexport interface SchemaSwitcherPluginOptions {\n schemaName: string\n}\n\n/**\n * ZenStack runtime plugin that sets PostgreSQL search_path before each query.\n * Used for tenant isolation in multi-tenant applications.\n *\n * @example\n * ```typescript\n * super(schema, {\n * dialect: new PostgresDialect({ pool }),\n * plugins: [\n * new SchemaSwitcherPlugin({ schemaName: `tenant_${tenantId}` })\n * ]\n * })\n * ```\n */\nexport class SchemaSwitcherPlugin implements RuntimePlugin<SchemaDef, Record<string, unknown>, Record<string, unknown>, {}> {\n readonly id = 'schema-switcher'\n\n constructor(private options: SchemaSwitcherPluginOptions) { }\n\n onQuery = async ({ args, proceed, client }: {\n args: Record<string, unknown> | undefined\n proceed: (args: Record<string, unknown> | undefined) => Promise<unknown>\n client: { $executeRawUnsafe: (sql: string) => Promise<unknown> }\n }): Promise<unknown> => {\n // Set search_path before each query\n await client.$executeRawUnsafe(`SET search_path TO \"${this.options.schemaName}\"`)\n return proceed(args)\n }\n}\n","import { ZenStackClient, type AnyPlugin } from '@zenstackhq/orm'\nimport { Transient } from 'stratal/di'\nimport type { IEventRegistry } from 'stratal/events'\nimport { withI18n, z } from 'stratal/validation'\nimport type { DatabaseConnectionConfig } from './database.module'\nimport { ErrorHandlerPlugin, EventEmitterPlugin } from './plugins'\n\nconst databaseConnectionSchema = z.object({\n name: z.string().min(1, withI18n('database.connectionNameRequired')),\n schema: z.object({}).loose(),\n dialect: z.function(),\n plugins: z.array(z.object({}).loose()).optional(),\n})\n\nexport const databaseModuleConfigSchema = z.object({\n default: z.string().min(1, withI18n('database.defaultConnectionRequired')),\n connections: z.array(databaseConnectionSchema).min(1, withI18n('database.connectionRequired')),\n}).refine(\n (config) => {\n const names = config.connections.map(c => c.name)\n return new Set(names).size === names.length\n },\n withI18n('database.duplicateConnections')\n).refine(\n (config) => config.connections.some(c => c.name === config.default),\n withI18n('database.defaultConnectionNotFound')\n)\n\nexport function createDatabaseService(\n conn: DatabaseConnectionConfig,\n eventRegistry: IEventRegistry,\n): new () => InstanceType<typeof ZenStackClient> {\n const plugins: AnyPlugin[] = [\n new ErrorHandlerPlugin(),\n new EventEmitterPlugin({\n eventRegistry,\n }),\n ...(conn.plugins ?? []),\n ]\n\n @Transient()\n class DatabaseClient extends ZenStackClient<typeof conn.schema> {\n constructor() {\n const dialect = conn.dialect()\n super(conn.schema, { dialect, plugins })\n }\n }\n\n return DatabaseClient\n}\n","export const DATABASE_TOKENS = {\n Options: Symbol.for('stratal:database:options'),\n Services: Symbol.for('stratal:database:services'),\n} as const\n\nimport type { ConnectionName } from './types'\n\nexport function connectionSymbol(name: ConnectionName): symbol {\n return Symbol.for(`stratal:database:connection:${name}`)\n}\n","import type { AnyPlugin, ClientOptions } from '@zenstackhq/orm'\nimport type { SchemaDef } from '@zenstackhq/schema'\nimport { DI_TOKENS, Scope, delay } from 'stratal/di'\nimport type { IEventRegistry } from 'stratal/events'\nimport {\n Module,\n type AsyncModuleOptions,\n type DynamicModule,\n type InjectionToken,\n type ModuleContext,\n type OnInitialize,\n type OnShutdown,\n} from 'stratal/module'\nimport { DbGenerateCommand } from './commands/db-generate.command'\nimport { DbPullCommand } from './commands/db-pull.command'\nimport { DbPushCommand } from './commands/db-push.command'\nimport { MigrateDeployCommand } from './commands/migrate-deploy.command'\nimport { MigrateDevCommand } from './commands/migrate-dev.command'\nimport { MigrateResetCommand } from './commands/migrate-reset.command'\nimport { MigrateStatusCommand } from './commands/migrate-status.command'\nimport { createDatabaseService } from './database.helpers'\nimport { DATABASE_TOKENS, connectionSymbol } from './database.tokens'\nimport type { ConnectionName, DefaultConnectionName } from './types'\n\nexport interface DatabaseConnectionConfig<\n Schema extends SchemaDef = SchemaDef,\n Name extends ConnectionName = ConnectionName,\n> {\n name: Name\n schema: Schema\n dialect: () => ClientOptions<SchemaDef>['dialect']\n plugins?: AnyPlugin[]\n}\n\nexport interface DatabaseModuleConfig {\n default: DefaultConnectionName\n connections: DatabaseConnectionConfig[]\n}\n\n@Module({\n providers: [\n DbGenerateCommand,\n DbPushCommand,\n DbPullCommand,\n MigrateDevCommand,\n MigrateDeployCommand,\n MigrateStatusCommand,\n MigrateResetCommand,\n ],\n})\nexport class DatabaseModule implements OnInitialize, OnShutdown {\n static forRoot(config: DatabaseModuleConfig): DynamicModule {\n return {\n module: DatabaseModule,\n providers: [\n { provide: DATABASE_TOKENS.Options, useValue: config as unknown as object },\n ],\n }\n }\n\n static forRootAsync(options: AsyncModuleOptions<DatabaseModuleConfig>): DynamicModule {\n return {\n module: DatabaseModule,\n providers: [\n {\n provide: DATABASE_TOKENS.Options,\n useFactory: options.useFactory,\n inject: options.inject,\n },\n ],\n }\n }\n\n onInitialize(context: ModuleContext): void {\n const config = context.container.resolve<DatabaseModuleConfig>(DATABASE_TOKENS.Options)\n const eventRegistry = context.container.resolve<IEventRegistry>(DI_TOKENS.EventRegistry)\n const container = context.container.getTsyringeContainer();\n\n for (const conn of config.connections) {\n const Service = createDatabaseService(conn, eventRegistry)\n\n container.register(connectionSymbol(conn.name) as InjectionToken<symbol>,\n // @ts-expect-error Overload error\n delay(() => Service),\n { lifecycle: Scope.Request })\n }\n\n context.container.registerExisting(DI_TOKENS.Database, connectionSymbol(config.default))\n\n context.logger.info('DatabaseModule initialized')\n }\n\n onShutdown(context: ModuleContext): void {\n context.logger.info('DatabaseModule shutdown')\n }\n}\n","import { inject } from 'tsyringe'\nimport type { ConnectionName } from '../types'\nimport { connectionSymbol } from '../database.tokens'\n\nexport function InjectDB(name: ConnectionName): ParameterDecorator {\n return inject(connectionSymbol(name))\n}\n","export const databaseI18n = {\n database: {\n connectionNameRequired: 'Connection name is required',\n defaultConnectionRequired: 'Default connection name is required',\n connectionRequired: 'At least one connection is required',\n duplicateConnections: 'Duplicate connection names found',\n defaultConnectionNotFound: 'Default connection not found in connections',\n },\n} as const\n\ndeclare module 'stratal/i18n' {\n interface AppMessages {\n database: typeof databaseI18n['database']\n }\n}\n"],"mappings":";;;;;;;;;;;;;;AAMA,IAAsB,kBAAtB,cAA8C,QAAQ;CACpD,MAAgB,SAAS,MAAiC;EAExD,MAAM,EAAE,iBAAiB,MAAM,OAAO;AAEtC,MAAI;GACF,MAAM,SAAS,aAAa,OAAO,CAAC,YAAY,GAAG,KAAK,EAAE;IACxD,UAAU;IACV,OAAO;IACR,CAAC;AACF,OAAI,OAAQ,MAAK,KAAK,OAAO,MAAM,CAAC;AACpC,UAAO;WACA,KAAK;GACZ,MAAM,QAAQ;AACd,OAAI,MAAM,OAAQ,MAAK,MAAM,MAAM,OAAO,MAAM,CAAC;AACjD,OAAI,MAAM,OAAQ,MAAK,KAAK,MAAM,OAAO,MAAM,CAAC;AAChD,UAAO,MAAM,UAAU;;;;;;ACpB7B,IAAa,oBAAb,cAAuC,gBAAgB;CACrD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW;EACzB,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAK,QAAQ,QAAQ,CAAE,MAAK,KAAK,UAAU;AAE/C,SAAO,KAAK,SAAS,KAAK;;;;;ACX9B,IAAa,gBAAb,cAAmC,gBAAgB;CACjD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,MAAM,OAAO;EAC3B,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AAEzC,SAAO,KAAK,SAAS,KAAK;;;;;ACV9B,IAAa,gBAAb,cAAmC,gBAAgB;CACjD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,MAAM,OAAO;EAC3B,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAK,QAAQ,mBAAmB,CAAE,MAAK,KAAK,qBAAqB;AACrE,MAAI,KAAK,QAAQ,cAAc,CAAE,MAAK,KAAK,gBAAgB;AAE3D,SAAO,KAAK,SAAS,KAAK;;;;;ACZ9B,IAAa,uBAAb,cAA0C,gBAAgB;CACxD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,SAAS;EAClC,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AAEzC,SAAO,KAAK,SAAS,KAAK;;;;;ACV9B,IAAa,oBAAb,cAAuC,gBAAgB;CACrD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,MAAM;EAC/B,MAAM,SAAS,KAAK,OAAO,SAAS;EACpC,MAAM,OAAO,KAAK,OAAO,OAAO;AAEhC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAM,MAAK,KAAK,UAAU,KAAK;AACnC,MAAI,KAAK,QAAQ,cAAc,CAAE,MAAK,KAAK,gBAAgB;AAE3D,SAAO,KAAK,SAAS,KAAK;;;;;ACb9B,IAAa,sBAAb,cAAyC,gBAAgB;CACvD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,QAAQ;EACjC,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAK,QAAQ,QAAQ,CAAE,MAAK,KAAK,UAAU;AAC/C,MAAI,KAAK,QAAQ,YAAY,CAAE,MAAK,KAAK,cAAc;AAEvD,SAAO,KAAK,SAAS,KAAK;;;;;ACZ9B,IAAa,uBAAb,cAA0C,gBAAgB;CACxD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,SAAS;EAClC,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AAEzC,SAAO,KAAK,SAAS,KAAK;;;;;;;;;;;;ACH9B,IAAa,6BAAb,cAAgD,iBAAiB;CAC/D,YAAY,MAAc,eAAuB;AAC/C,QACE,gCACA,YAAY,OAAO,0BACnB;GAAE;GAAM;GAAe,CACxB;;;;;;;;;;;;;ACHL,IAAa,gBAAb,cAAmC,iBAAiB;CAClD,YACE,aAA0B,0BAC1B,OAAkB,YAAY,SAAS,SACvC,UACA;AAEA,MAAI,OAAO,OAAQ,QAAQ,IACzB,OAAM,IAAI,2BAA2B,MAAM,YAAY;AAGzD,QAAM,YAAY,MAAM,SAAS;;;;;ACpBrC,IAAa,sBAAb,cAAyC,cAAc;CACrD,YAAY,SAAiB;AAC3B,QAAM,0BAA0B,YAAY,SAAS,SAAS,EAAE,SAAS,CAAC;;;;;;;;;;;;;;ACO9E,IAAa,4BAAb,cAA+C,cAAc;CAC3D,YAAY,OAAgB;AAC1B,QAAM,uCAAuC,YAAY,SAAS,wBAAwB,EACxF,OACD,CAAC;;;;;;;;;;;;;;;ACHN,IAAa,sBAAb,cAAyC,cAAc;CACrD,YAAY,SAAkB;AAC5B,QAAM,iCAAiC,YAAY,SAAS,kBAAkB,EAC5E,SACD,CAAC;;;;;;;;;;;;;;;ACJN,IAAa,wBAAb,cAA2C,cAAc;CACvD,YAAY,QAAmB;AAC7B,QAAM,mCAAmC,YAAY,SAAS,mBAAmB,EAC/E,QACD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;ACSN,SAAgB,kBAAkB,OAA+B;AAE/D,KAAI,iBAAiB,UAAU;EAC7B,MAAM,WAAW;AAEjB,UAAQ,SAAS,QAAjB;GACE,KAAK,eAAe,UAClB,QAAO,IAAI,oBAAoB,SAAS,MAAM;GAEhD,KAAK,eAAe,eAElB,QAAO,mBAAmB,SAAS;GAErC,KAAK,eAAe,cAClB,QAAO,IAAI,cACT,+BACA,YAAY,SAAS,SACrB,EAAE,SAAS,SAAS,SAAS,CAC9B;GAEH,KAAK,eAAe,aAClB,QAAO,IAAI,cACT,mCACA,YAAY,SAAS,mBACrB,EAAE,SAAS,SAAS,SAAS,CAC9B;GAEH,KAAK,eAAe,cAClB,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;IAAE,SAAS,SAAS;IAAS,QAAQ;IAA2B,CACjE;GAEH,KAAK,eAAe,eAClB,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB,EAAE,SAAS,SAAS,SAAS,CAC9B;GAEH,QACE,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;IAAE,SAAS,SAAS;IAAS,QAAQ,SAAS;IAAQ,CACvD;;;AAKP,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB,EAAE,eAAe,OAAO,MAAM,EAAE,CACjC;;;;;AAMH,SAAS,mBAAmB,OAAgC;CAE1D,MAAM,cAAc,MAAM;AAI1B,KAAI,aAAa;AAEf,MAAI,gBAAgB,QAElB,QAAO,IAAI,sBAAsB,CAAC,MAAM,SAAS,UAAU,CAAC;AAG9D,MAAI,gBAAgB,QAElB,QAAO,IAAI,0BAA0B,MAAM,SAAS,UAAU;AAGhE,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,iCACA,YAAY,SAAS,iBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAGH,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,mCACA,YAAY,SAAS,SACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,YAAY,WAAW,KAAK,EAAE;AAChC,OAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,gCACA,YAAY,SAAS,SACrB;IAAE;IAAa,SAAS,MAAM;IAAgB,CAC/C;AAGH,OAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,iCACA,YAAY,SAAS,SACrB;IAAE;IAAa,SAAS,MAAM;IAAgB,CAC/C;;AAKL,MAAI,YAAY,WAAW,KAAK,CAC9B,QAAO,IAAI,cACT,mCACA,YAAY,SAAS,mBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,YAAY,WAAW,KAAK,CAC9B,QAAO,IAAI,cACT,sCACA,YAAY,SAAS,sBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,qCACA,YAAY,SAAS,sBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;;AAKL,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;EACE;EACA,gBAAgB,MAAM;EACtB,KAAK,MAAM;EACZ,CACF;;;;;;;;;;;;;;;ACjLH,IAAa,qBAAb,MAA0H;CACxH,KAAc;CAEd,UAAU,OAAO,EAAE,MAAM,cAGD;AACtB,MAAI;AACF,UAAO,MAAM,QAAQ,KAAK;WACnB,OAAO;AACd,SAAM,kBAAkB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;ACEpC,IAAa,qBAAb,MAA0H;CACxH,KAAc;CAEd,YAAY,SAA4C;AAApC,OAAA,UAAA;;CAEpB,UAAU,OAAO,EAAE,OAAO,WAAW,MAAM,cAKnB;EACtB,MAAM,EAAE,kBAAkB,KAAK;EAC/B,MAAM,YAAY,GAAG,MAAM,GAAG;AAG9B,QAAM,cAAc,KAAK,UAAU,aAA0B,EAC3D,MAAM,MACP,CAAC;EAGF,MAAM,SAAS,MAAM,QAAQ,KAAK;AAGlC,QAAM,cAAc,KAAK,SAAS,aAA0B;GAC1D,MAAM;GACN;GACD,CAAC;AAEF,SAAO;;;;;;;;;;;;;;;;;;;AClCX,IAAa,uBAAb,MAA4H;CAC1H,KAAc;CAEd,YAAY,SAA8C;AAAtC,OAAA,UAAA;;CAEpB,UAAU,OAAO,EAAE,MAAM,SAAS,aAIV;AAEtB,QAAM,OAAO,kBAAkB,uBAAuB,KAAK,QAAQ,WAAW,GAAG;AACjF,SAAO,QAAQ,KAAK;;;;;AC1BxB,MAAM,2BAA2B,EAAE,OAAO;CACxC,MAAM,EAAE,QAAQ,CAAC,IAAI,GAAG,SAAS,kCAAkC,CAAC;CACpE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO;CAC5B,SAAS,EAAE,UAAU;CACrB,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,UAAU;CAClD,CAAC;AAEwC,EAAE,OAAO;CACjD,SAAS,EAAE,QAAQ,CAAC,IAAI,GAAG,SAAS,qCAAqC,CAAC;CAC1E,aAAa,EAAE,MAAM,yBAAyB,CAAC,IAAI,GAAG,SAAS,8BAA8B,CAAC;CAC/F,CAAC,CAAC,QACA,WAAW;CACV,MAAM,QAAQ,OAAO,YAAY,KAAI,MAAK,EAAE,KAAK;AACjD,QAAO,IAAI,IAAI,MAAM,CAAC,SAAS,MAAM;GAEvC,SAAS,gCAAgC,CAC1C,CAAC,QACC,WAAW,OAAO,YAAY,MAAK,MAAK,EAAE,SAAS,OAAO,QAAQ,EACnE,SAAS,qCAAqC,CAC/C;AAED,SAAgB,sBACd,MACA,eAC+C;CAC/C,MAAM,UAAuB;EAC3B,IAAI,oBAAoB;EACxB,IAAI,mBAAmB,EACrB,eACD,CAAC;EACF,GAAI,KAAK,WAAW,EAAE;EACvB;CAED,IAAA,iBAAA,MACM,uBAAuB,eAAmC;EAC9D,cAAc;GACZ,MAAM,UAAU,KAAK,SAAS;AAC9B,SAAM,KAAK,QAAQ;IAAE;IAAS;IAAS,CAAC;;;8BAJ3C,WAAW,EAAA,mBAAA,qBAAA,EAAA,CAAA,CAAA,EAAA,eAAA;AAQZ,QAAO;;;;AChDT,MAAa,kBAAkB;CAC7B,SAAS,OAAO,IAAI,2BAA2B;CAC/C,UAAU,OAAO,IAAI,4BAA4B;CAClD;AAID,SAAgB,iBAAiB,MAA8B;AAC7D,QAAO,OAAO,IAAI,+BAA+B,OAAO;;;;;AC0CnD,IAAA,iBAAA,kBAAA,MAAM,eAAmD;CAC9D,OAAO,QAAQ,QAA6C;AAC1D,SAAO;GACL,QAAA;GACA,WAAW,CACT;IAAE,SAAS,gBAAgB;IAAS,UAAU;IAA6B,CAC5E;GACF;;CAGH,OAAO,aAAa,SAAkE;AACpF,SAAO;GACL,QAAA;GACA,WAAW,CACT;IACE,SAAS,gBAAgB;IACzB,YAAY,QAAQ;IACpB,QAAQ,QAAQ;IACjB,CACF;GACF;;CAGH,aAAa,SAA8B;EACzC,MAAM,SAAS,QAAQ,UAAU,QAA8B,gBAAgB,QAAQ;EACvF,MAAM,gBAAgB,QAAQ,UAAU,QAAwB,UAAU,cAAc;EACxF,MAAM,YAAY,QAAQ,UAAU,sBAAsB;AAE1D,OAAK,MAAM,QAAQ,OAAO,aAAa;GACrC,MAAM,UAAU,sBAAsB,MAAM,cAAc;AAE1D,aAAU,SAAS,iBAAiB,KAAK,KAAK,EAE5C,YAAY,QAAQ,EACpB,EAAE,WAAW,MAAM,SAAS,CAAC;;AAGjC,UAAQ,UAAU,iBAAiB,UAAU,UAAU,iBAAiB,OAAO,QAAQ,CAAC;AAExF,UAAQ,OAAO,KAAK,6BAA6B;;CAGnD,WAAW,SAA8B;AACvC,UAAQ,OAAO,KAAK,0BAA0B;;;+CAtDjD,OAAO,EACN,WAAW;CACT;CACA;CACA;CACA;CACA;CACA;CACA;CACD,EACF,CAAC,CAAA,EAAA,eAAA;;;AC7CF,SAAgB,SAAS,MAA0C;AACjE,QAAO,OAAO,iBAAiB,KAAK,CAAC;;;;ACLvC,MAAa,eAAe,EAC1B,UAAU;CACR,wBAAwB;CACxB,2BAA2B;CAC3B,oBAAoB;CACpB,sBAAsB;CACtB,2BAA2B;CAC5B,EACF"}
|
|
1
|
+
{"version":3,"file":"index.mjs","names":["inject"],"sources":["../../src/database/commands/zenstack.command.ts","../../src/database/commands/db-generate.command.ts","../../src/database/commands/db-pull.command.ts","../../src/database/commands/db-push.command.ts","../../src/database/commands/migrate-deploy.command.ts","../../src/database/commands/migrate-dev.command.ts","../../src/database/commands/migrate-reset.command.ts","../../src/database/commands/migrate-status.command.ts","../../src/database/errors/invalid-error-code-range.error.ts","../../src/database/errors/database-error.ts","../../src/database/errors/database-config.error.ts","../../src/database/errors/foreign-key-constraint.error.ts","../../src/database/errors/record-not-found.error.ts","../../src/database/errors/unique-constraint.error.ts","../../src/database/errors/from-zenstack-error.ts","../../src/database/plugins/error-handler.plugin.ts","../../src/database/plugins/event-emitter.plugin.ts","../../src/database/plugins/schema-switcher.ts","../../src/database/database.helpers.ts","../../src/database/database.tokens.ts","../../src/database/i18n/en.ts","../../src/database/database.module.ts","../../src/database/decorators/inject-db.decorator.ts"],"sourcesContent":["import { Command } from 'stratal/quarry'\n\n/**\n * Base command for ZenStack CLI wrappers.\n * Uses execFileSync with array arguments to prevent shell injection.\n */\nexport abstract class ZenStackCommand extends Command {\n protected async zenstack(args: string[]): Promise<number> {\n // Dynamic import — node:child_process is only available in the Quarry CLI (Node) context\n const { execFileSync } = await import('node:child_process')\n\n try {\n const output = execFileSync('npx', ['zenstack', ...args], {\n encoding: 'utf-8',\n stdio: 'pipe',\n })\n if (output) this.info(output.trim())\n return 0\n } catch (err) {\n const error = err as { stderr?: string; stdout?: string; status?: number }\n if (error.stderr) this.error(error.stderr.trim())\n if (error.stdout) this.info(error.stdout.trim())\n return error.status ?? 1\n }\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class DbGenerateCommand extends ZenStackCommand {\n static command = 'db:generate {--schema= : Path to schema file} {--watch : Enable watch mode}'\n static description = 'Generate ZenStack ORM client'\n\n async handle(): Promise<number> {\n const args = ['generate']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n if (this.boolean('watch')) args.push('--watch')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class DbPullCommand extends ZenStackCommand {\n static command = 'db:pull {--schema= : Path to schema file}'\n static description = 'Introspect database and generate schema'\n\n async handle(): Promise<number> {\n const args = ['db', 'pull']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class DbPushCommand extends ZenStackCommand {\n static command = 'db:push {--schema= : Path to schema file} {--accept-data-loss : Accept data loss} {--force-reset : Force reset database}'\n static description = 'Push database schema changes'\n\n async handle(): Promise<number> {\n const args = ['db', 'push']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n if (this.boolean('accept-data-loss')) args.push('--accept-data-loss')\n if (this.boolean('force-reset')) args.push('--force-reset')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateDeployCommand extends ZenStackCommand {\n static command = 'migrate:deploy {--schema= : Path to schema file}'\n static description = 'Deploy pending migrations'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'deploy']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateDevCommand extends ZenStackCommand {\n static command = 'migrate:dev {--schema= : Path to schema file} {--name= : Migration name} {--create-only : Create without applying}'\n static description = 'Create and apply migration'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'dev']\n const schema = this.string('schema')\n const name = this.string('name')\n\n if (schema) args.push('--schema', schema)\n if (name) args.push('--name', name)\n if (this.boolean('create-only')) args.push('--create-only')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateResetCommand extends ZenStackCommand {\n static command = 'migrate:reset {--schema= : Path to schema file} {--force : Skip confirmation} {--skip-seed : Skip seeding}'\n static description = 'Reset database'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'reset']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n if (this.boolean('force')) args.push('--force')\n if (this.boolean('skip-seed')) args.push('--skip-seed')\n\n return this.zenstack(args)\n }\n}\n","import { ZenStackCommand } from './zenstack.command'\n\nexport class MigrateStatusCommand extends ZenStackCommand {\n static command = 'migrate:status {--schema= : Path to schema file}'\n static description = 'Check migration status'\n\n async handle(): Promise<number> {\n const args = ['migrate', 'status']\n const schema = this.string('schema')\n\n if (schema) args.push('--schema', schema)\n\n return this.zenstack(args)\n }\n}\n","import { ApplicationError, ERROR_CODES } from 'stratal/errors'\n\n/**\n * InvalidErrorCodeRangeError\n *\n * Thrown when a DatabaseError subclass is constructed with an error code\n * outside the valid database error range (2000-2999).\n * This is a developer-facing error to enforce error code conventions.\n */\nexport class InvalidErrorCodeRangeError extends ApplicationError {\n constructor(code: number, expectedRange: string) {\n super(\n 'errors.invalidErrorCodeRange',\n ERROR_CODES.SYSTEM.INVALID_ERROR_CODE_RANGE,\n { code, expectedRange }\n )\n }\n}\n","import type { MessageKeys } from 'stratal/i18n'\nimport { ApplicationError, ERROR_CODES, type ErrorCode } from 'stratal/errors'\nimport { InvalidErrorCodeRangeError } from './invalid-error-code-range.error'\n\n/**\n * DatabaseError\n *\n * Generic database error thrown when a database operation fails\n * and doesn't fit into a more specific error category.\n *\n * This is the base class for all database-related errors.\n */\nexport class DatabaseError extends ApplicationError {\n constructor(\n messageKey: MessageKeys = 'errors.databaseGeneric',\n code: ErrorCode = ERROR_CODES.DATABASE.GENERIC,\n metadata?: Record<string, unknown>\n ) {\n // Validate that code is in the database error range\n if (code < 2000 || code >= 3000) {\n throw new InvalidErrorCodeRangeError(code, '2000-2999')\n }\n\n super(messageKey, code, metadata)\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\nexport class DatabaseConfigError extends DatabaseError {\n constructor(details: string) {\n super('errors.databaseGeneric', ERROR_CODES.DATABASE.GENERIC, { details })\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\n/**\n * ForeignKeyConstraintError\n *\n * Thrown when a database foreign key constraint is violated.\n * This typically occurs when:\n * - Trying to insert a record with a foreign key that doesn't exist\n * - Trying to delete a record that is referenced by other records\n * - Trying to update a foreign key to a non-existent value\n */\nexport class ForeignKeyConstraintError extends DatabaseError {\n constructor(field?: string) {\n super('errors.databaseForeignKeyConstraint', ERROR_CODES.DATABASE.FOREIGN_KEY_CONSTRAINT, {\n field,\n })\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\n/**\n * RecordNotFoundError\n *\n * Generic error thrown when a database record is not found.\n * This is typically thrown when a findUnique or findFirst operation\n * returns null, or when a required record doesn't exist.\n *\n * Services should catch this and optionally refine it to a more specific\n * domain error (e.g., NoteNotFoundError, UserNotFoundError).\n */\nexport class RecordNotFoundError extends DatabaseError {\n constructor(details?: string) {\n super('errors.databaseRecordNotFound', ERROR_CODES.DATABASE.RECORD_NOT_FOUND, {\n details,\n })\n }\n}\n","import { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\n\n/**\n * UniqueConstraintError\n *\n * Thrown when a database unique constraint is violated.\n * This typically occurs when trying to insert or update a record\n * with a value that already exists in a unique column.\n *\n * Services should catch this and optionally refine it to a more specific\n * domain error (e.g., UserEmailAlreadyExistsError).\n */\nexport class UniqueConstraintError extends DatabaseError {\n constructor(fields?: string[]) {\n super('errors.databaseUniqueConstraint', ERROR_CODES.DATABASE.UNIQUE_CONSTRAINT, {\n fields,\n })\n }\n}\n","import { ORMError, ORMErrorReason } from '@zenstackhq/orm'\nimport { ERROR_CODES } from 'stratal/errors'\nimport { DatabaseError } from './database-error'\nimport { ForeignKeyConstraintError } from './foreign-key-constraint.error'\nimport { RecordNotFoundError } from './record-not-found.error'\nimport { UniqueConstraintError } from './unique-constraint.error'\n\n/**\n * Transform ZenStack ORM errors into ApplicationError instances\n *\n * This function maps ORMError codes to generic database error classes.\n * Services can catch these generic errors and optionally refine them to\n * more specific domain errors if needed.\n *\n * @param error - The error thrown by ZenStack ORM\n * @returns An ApplicationError instance\n *\n * @example\n * ```typescript\n * try {\n * await db.user.create({ data: { email: 'existing@example.com' } })\n * } catch (error) {\n * throw fromZenStackError(error) // Becomes UniqueConstraintError or other\n * }\n * ```\n */\nexport function fromZenStackError(error: unknown): DatabaseError {\n // Handle ZenStack ORM Errors\n if (error instanceof ORMError) {\n const ormError = error\n\n switch (ormError.reason) {\n case ORMErrorReason.NOT_FOUND:\n return new RecordNotFoundError(ormError.model)\n\n case ORMErrorReason.DB_QUERY_ERROR:\n // Parse database-specific error codes\n return parseDatabaseError(ormError)\n\n case ORMErrorReason.INVALID_INPUT:\n return new DatabaseError(\n 'errors.databaseInvalidQuery',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message }\n )\n\n case ORMErrorReason.CONFIG_ERROR:\n return new DatabaseError(\n 'errors.databaseConnectionFailed',\n ERROR_CODES.DATABASE.CONNECTION_FAILED,\n { message: ormError.message }\n )\n\n case ORMErrorReason.NOT_SUPPORTED:\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message, reason: 'Operation not supported' }\n )\n\n case ORMErrorReason.INTERNAL_ERROR:\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message }\n )\n\n default:\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { message: ormError.message, reason: ormError.reason }\n )\n }\n }\n\n // Handle unknown errors\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n { originalError: String(error) }\n )\n}\n\n/**\n * Parse database-specific errors from the dbErrorCode field\n */\nfunction parseDatabaseError(error: ORMError): DatabaseError {\n // Cast dbErrorCode to string since ZenStack types it loosely\n const dbErrorCode = error.dbErrorCode as string | undefined\n\n // PostgreSQL error codes\n // https://www.postgresql.org/docs/current/errcodes-appendix.html\n if (dbErrorCode) {\n // Class 23 - Integrity Constraint Violation\n if (dbErrorCode === '23505') {\n // Unique violation\n return new UniqueConstraintError([error.model ?? 'unknown'])\n }\n\n if (dbErrorCode === '23503') {\n // Foreign key violation\n return new ForeignKeyConstraintError(error.model ?? 'unknown')\n }\n\n if (dbErrorCode === '23502') {\n // Not null violation\n return new DatabaseError(\n 'errors.databaseNullConstraint',\n ERROR_CODES.DATABASE.NULL_CONSTRAINT,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n if (dbErrorCode === '23514') {\n // Check constraint violation\n return new DatabaseError(\n 'errors.databaseConstraintFailed',\n ERROR_CODES.DATABASE.GENERIC,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 42 - Syntax Error or Access Rule Violation\n if (dbErrorCode.startsWith('42')) {\n if (dbErrorCode === '42P01') {\n // Undefined table\n return new DatabaseError(\n 'errors.databaseTableNotFound',\n ERROR_CODES.DATABASE.GENERIC,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n if (dbErrorCode === '42703') {\n // Undefined column\n return new DatabaseError(\n 'errors.databaseColumnNotFound',\n ERROR_CODES.DATABASE.GENERIC,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n }\n\n // Class 08 - Connection Exception\n if (dbErrorCode.startsWith('08')) {\n return new DatabaseError(\n 'errors.databaseConnectionFailed',\n ERROR_CODES.DATABASE.CONNECTION_FAILED,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 57 - Operator Intervention\n if (dbErrorCode === '57014') {\n // Query cancelled\n return new DatabaseError(\n 'errors.databaseTimeout',\n ERROR_CODES.DATABASE.TIMEOUT,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 40 - Transaction Rollback\n if (dbErrorCode.startsWith('40')) {\n return new DatabaseError(\n 'errors.databaseTransactionConflict',\n ERROR_CODES.DATABASE.TRANSACTION_CONFLICT,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n\n // Class 53 - Insufficient Resources\n if (dbErrorCode === '53300') {\n // Too many connections\n return new DatabaseError(\n 'errors.databaseTooManyConnections',\n ERROR_CODES.DATABASE.TOO_MANY_CONNECTIONS,\n { dbErrorCode, message: error.dbErrorMessage }\n )\n }\n }\n\n // Default database error\n return new DatabaseError(\n 'errors.databaseGeneric',\n ERROR_CODES.DATABASE.GENERIC,\n {\n dbErrorCode,\n dbErrorMessage: error.dbErrorMessage,\n sql: error.sql,\n }\n )\n}\n","import { type RuntimePlugin } from '@zenstackhq/orm'\nimport { type SchemaDef } from '@zenstackhq/orm/schema'\nimport { fromZenStackError } from '../errors'\n\n/**\n * ZenStack runtime plugin that transforms ORM errors into ApplicationError instances.\n *\n * @example\n * ```typescript\n * super(schema, {\n * dialect: new PostgresDialect({ pool }),\n * plugins: [new ErrorHandlerPlugin()]\n * })\n * ```\n */\nexport class ErrorHandlerPlugin implements RuntimePlugin<SchemaDef, Record<string, unknown>, Record<string, unknown>, {}> {\n readonly id = 'error-handler'\n\n onQuery = async ({ args, proceed }: {\n args: Record<string, unknown> | undefined\n proceed: (args: Record<string, unknown> | undefined) => Promise<unknown>\n }): Promise<unknown> => {\n try {\n return await proceed(args)\n } catch (error) {\n throw fromZenStackError(error)\n }\n }\n}\n","import { type RuntimePlugin } from '@zenstackhq/orm'\nimport { type SchemaDef } from '@zenstackhq/orm/schema'\nimport type { EventName, IEventRegistry } from 'stratal/events'\n\nexport interface EventEmitterPluginOptions {\n eventRegistry: IEventRegistry\n}\n\n/**\n * ZenStack runtime plugin that emits before/after events for database operations.\n *\n * Emits events in the format:\n * - `before.{Model}.{operation}` - Before the database operation\n * - `after.{Model}.{operation}` - After the database operation\n *\n * @example\n * ```typescript\n * super(schema, {\n * dialect: new PostgresDialect({ pool }),\n * plugins: [\n * new EventEmitterPlugin({\n * eventRegistry,\n * })\n * ]\n * })\n * ```\n */\nexport class EventEmitterPlugin implements RuntimePlugin<SchemaDef, Record<string, unknown>, Record<string, unknown>, {}> {\n readonly id = 'event-emitter'\n\n constructor(private options: EventEmitterPluginOptions) { }\n\n onQuery = async ({ model, operation, args, proceed }: {\n model: string\n operation: string\n args: Record<string, unknown> | undefined\n proceed: (args: Record<string, unknown> | undefined) => Promise<unknown>\n }): Promise<unknown> => {\n const { eventRegistry } = this.options\n const eventBase = `${model}.${operation}`\n\n // Emit BEFORE event\n await eventRegistry.emit(`before.${eventBase}` as EventName, {\n data: args,\n })\n\n // Execute the actual database operation\n const result = await proceed(args)\n\n // Emit AFTER event\n await eventRegistry.emit(`after.${eventBase}` as EventName, {\n data: args,\n result,\n })\n\n return result\n }\n}\n","interface SwitchableClient {\n $schema: { provider: { defaultSchema: string } } & Record<string, unknown>\n schema: unknown\n}\n\n/**\n * Switches the active schema on a ZenStack/Kysely database client by mutating\n * `$schema.provider.defaultSchema`. This causes ZenStack's QueryNameMapper to\n * generate fully-qualified table references (e.g. `\"tenant_123\".\"User\"`).\n *\n * Must be called BEFORE any queries are made on the client.\n *\n * Note: The ZenStack RuntimePlugin `onQuery` hook fires after table names are\n * already resolved, so a plugin-based approach cannot set the schema prefix.\n * Direct client mutation is the only supported method.\n */\nexport class SchemaSwitcher {\n static apply<T>(client: T, schemaName: string): T {\n const c = client as unknown as SwitchableClient\n const switched = {\n ...c.$schema,\n provider: { ...c.$schema.provider, defaultSchema: schemaName },\n }\n c.$schema = switched\n c.schema = switched\n return client\n }\n}\n","import { ZenStackClient, type AnyPlugin } from '@zenstackhq/orm'\nimport { Transient } from 'stratal/di'\nimport type { IEventRegistry } from 'stratal/events'\nimport { withI18n, z } from 'stratal/validation'\nimport type { DatabaseConnectionConfig } from './database.module'\nimport { ErrorHandlerPlugin, EventEmitterPlugin } from './plugins'\n\nconst databaseConnectionSchema = z.object({\n name: z.string().min(1, withI18n('database.connectionNameRequired')),\n schema: z.object({}).loose(),\n dialect: z.function(),\n plugins: z.array(z.object({}).loose()).optional(),\n})\n\nexport const databaseModuleConfigSchema = z.object({\n default: z.string().min(1, withI18n('database.defaultConnectionRequired')),\n connections: z.array(databaseConnectionSchema).min(1, withI18n('database.connectionRequired')),\n}).refine(\n (config) => {\n const names = config.connections.map(c => c.name)\n return new Set(names).size === names.length\n },\n withI18n('database.duplicateConnections')\n).refine(\n (config) => config.connections.some(c => c.name === config.default),\n withI18n('database.defaultConnectionNotFound')\n)\n\nexport function createDatabaseService(\n conn: DatabaseConnectionConfig,\n eventRegistry: IEventRegistry,\n): new () => InstanceType<typeof ZenStackClient> {\n const plugins: AnyPlugin[] = [\n new ErrorHandlerPlugin(),\n new EventEmitterPlugin({\n eventRegistry,\n }),\n ...(conn.plugins ?? []),\n ]\n\n @Transient()\n class DatabaseClient extends ZenStackClient<typeof conn.schema> {\n constructor() {\n const dialect = conn.dialect()\n super(conn.schema, { dialect, plugins })\n }\n }\n\n return DatabaseClient\n}\n","export const DATABASE_TOKENS = {\n Options: Symbol.for('stratal:database:options'),\n Services: Symbol.for('stratal:database:services'),\n} as const\n\nimport type { ConnectionName } from './types'\n\nexport function connectionSymbol(name: ConnectionName): symbol {\n return Symbol.for(`stratal:database:connection:${name}`)\n}\n","export const databaseMessages = {\n en: {\n connectionNameRequired: 'Connection name is required',\n defaultConnectionRequired: 'Default connection name is required',\n connectionRequired: 'At least one connection is required',\n duplicateConnections: 'Duplicate connection names found',\n defaultConnectionNotFound: 'Default connection not found in connections',\n },\n} as const\n\ndeclare module 'stratal/i18n' {\n interface AppMessageNamespaces {\n database: typeof databaseMessages['en']\n }\n}\n","import type { AnyPlugin, ClientOptions } from '@zenstackhq/orm'\nimport type { SchemaDef } from '@zenstackhq/schema'\nimport { delay, DI_TOKENS, Scope } from 'stratal/di'\nimport type { IEventRegistry } from 'stratal/events'\nimport { I18nModule } from 'stratal/i18n'\nimport {\n Module,\n type AsyncModuleOptions,\n type DynamicModule,\n type InjectionToken,\n type ModuleContext,\n type OnInitialize,\n type OnShutdown,\n} from 'stratal/module'\nimport { DbGenerateCommand } from './commands/db-generate.command'\nimport { DbPullCommand } from './commands/db-pull.command'\nimport { DbPushCommand } from './commands/db-push.command'\nimport { MigrateDeployCommand } from './commands/migrate-deploy.command'\nimport { MigrateDevCommand } from './commands/migrate-dev.command'\nimport { MigrateResetCommand } from './commands/migrate-reset.command'\nimport { MigrateStatusCommand } from './commands/migrate-status.command'\nimport { createDatabaseService } from './database.helpers'\nimport { connectionSymbol, DATABASE_TOKENS } from './database.tokens'\nimport { databaseMessages } from './i18n'\nimport type { ConnectionName, DefaultConnectionName } from './types'\n\nexport interface DatabaseConnectionConfig<\n Schema extends SchemaDef = SchemaDef,\n Name extends ConnectionName = ConnectionName,\n> {\n name: Name\n schema: Schema\n dialect: () => ClientOptions<SchemaDef>['dialect']\n plugins?: AnyPlugin[]\n}\n\nexport interface DatabaseModuleConfig {\n default: DefaultConnectionName\n connections: DatabaseConnectionConfig[]\n}\n\n@Module({\n imports: [\n I18nModule.registerMessages({ en: { database: databaseMessages.en } }),\n ],\n providers: [\n DbGenerateCommand,\n DbPushCommand,\n DbPullCommand,\n MigrateDevCommand,\n MigrateDeployCommand,\n MigrateStatusCommand,\n MigrateResetCommand,\n ],\n})\nexport class DatabaseModule implements OnInitialize, OnShutdown {\n static forRoot(config: DatabaseModuleConfig): DynamicModule {\n return {\n module: DatabaseModule,\n providers: [\n { provide: DATABASE_TOKENS.Options, useValue: config as unknown as object },\n ],\n }\n }\n\n static forRootAsync(options: AsyncModuleOptions<DatabaseModuleConfig>): DynamicModule {\n return {\n module: DatabaseModule,\n providers: [\n {\n provide: DATABASE_TOKENS.Options,\n useFactory: options.useFactory,\n inject: options.inject,\n },\n ],\n }\n }\n\n onInitialize(context: ModuleContext): void {\n const config = context.container.resolve<DatabaseModuleConfig>(DATABASE_TOKENS.Options)\n const eventRegistry = context.container.resolve<IEventRegistry>(DI_TOKENS.EventRegistry)\n const container = context.container.getTsyringeContainer();\n\n for (const conn of config.connections) {\n const Service = createDatabaseService(conn, eventRegistry);\n\n container.register(connectionSymbol(conn.name) as InjectionToken<symbol>,\n // @ts-expect-error Dynamic class type mismatch\n delay(() => Service),\n { lifecycle: Scope.Request })\n }\n\n context.container.registerExisting(DI_TOKENS.Database, connectionSymbol(config.default))\n\n context.logger.info('DatabaseModule initialized')\n }\n\n onShutdown(context: ModuleContext): void {\n context.logger.info('DatabaseModule shutdown')\n }\n}\n","import { inject } from 'tsyringe'\nimport type { ConnectionName } from '../types'\nimport { connectionSymbol } from '../database.tokens'\n\nexport function InjectDB(name: ConnectionName): ParameterDecorator {\n return inject(connectionSymbol(name))\n}\n"],"mappings":";;;;;;;;;;;;;;;AAMA,IAAsB,kBAAtB,cAA8C,QAAQ;CACpD,MAAgB,SAAS,MAAiC;EAExD,MAAM,EAAE,iBAAiB,MAAM,OAAO;AAEtC,MAAI;GACF,MAAM,SAAS,aAAa,OAAO,CAAC,YAAY,GAAG,KAAK,EAAE;IACxD,UAAU;IACV,OAAO;IACR,CAAC;AACF,OAAI,OAAQ,MAAK,KAAK,OAAO,MAAM,CAAC;AACpC,UAAO;WACA,KAAK;GACZ,MAAM,QAAQ;AACd,OAAI,MAAM,OAAQ,MAAK,MAAM,MAAM,OAAO,MAAM,CAAC;AACjD,OAAI,MAAM,OAAQ,MAAK,KAAK,MAAM,OAAO,MAAM,CAAC;AAChD,UAAO,MAAM,UAAU;;;;;;ACpB7B,IAAa,oBAAb,cAAuC,gBAAgB;CACrD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW;EACzB,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAK,QAAQ,QAAQ,CAAE,MAAK,KAAK,UAAU;AAE/C,SAAO,KAAK,SAAS,KAAK;;;;;ACX9B,IAAa,gBAAb,cAAmC,gBAAgB;CACjD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,MAAM,OAAO;EAC3B,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AAEzC,SAAO,KAAK,SAAS,KAAK;;;;;ACV9B,IAAa,gBAAb,cAAmC,gBAAgB;CACjD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,MAAM,OAAO;EAC3B,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAK,QAAQ,mBAAmB,CAAE,MAAK,KAAK,qBAAqB;AACrE,MAAI,KAAK,QAAQ,cAAc,CAAE,MAAK,KAAK,gBAAgB;AAE3D,SAAO,KAAK,SAAS,KAAK;;;;;ACZ9B,IAAa,uBAAb,cAA0C,gBAAgB;CACxD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,SAAS;EAClC,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AAEzC,SAAO,KAAK,SAAS,KAAK;;;;;ACV9B,IAAa,oBAAb,cAAuC,gBAAgB;CACrD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,MAAM;EAC/B,MAAM,SAAS,KAAK,OAAO,SAAS;EACpC,MAAM,OAAO,KAAK,OAAO,OAAO;AAEhC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAM,MAAK,KAAK,UAAU,KAAK;AACnC,MAAI,KAAK,QAAQ,cAAc,CAAE,MAAK,KAAK,gBAAgB;AAE3D,SAAO,KAAK,SAAS,KAAK;;;;;ACb9B,IAAa,sBAAb,cAAyC,gBAAgB;CACvD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,QAAQ;EACjC,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AACzC,MAAI,KAAK,QAAQ,QAAQ,CAAE,MAAK,KAAK,UAAU;AAC/C,MAAI,KAAK,QAAQ,YAAY,CAAE,MAAK,KAAK,cAAc;AAEvD,SAAO,KAAK,SAAS,KAAK;;;;;ACZ9B,IAAa,uBAAb,cAA0C,gBAAgB;CACxD,OAAO,UAAU;CACjB,OAAO,cAAc;CAErB,MAAM,SAA0B;EAC9B,MAAM,OAAO,CAAC,WAAW,SAAS;EAClC,MAAM,SAAS,KAAK,OAAO,SAAS;AAEpC,MAAI,OAAQ,MAAK,KAAK,YAAY,OAAO;AAEzC,SAAO,KAAK,SAAS,KAAK;;;;;;;;;;;;ACH9B,IAAa,6BAAb,cAAgD,iBAAiB;CAC/D,YAAY,MAAc,eAAuB;AAC/C,QACE,gCACA,YAAY,OAAO,0BACnB;GAAE;GAAM;GAAe,CACxB;;;;;;;;;;;;;ACHL,IAAa,gBAAb,cAAmC,iBAAiB;CAClD,YACE,aAA0B,0BAC1B,OAAkB,YAAY,SAAS,SACvC,UACA;AAEA,MAAI,OAAO,OAAQ,QAAQ,IACzB,OAAM,IAAI,2BAA2B,MAAM,YAAY;AAGzD,QAAM,YAAY,MAAM,SAAS;;;;;ACpBrC,IAAa,sBAAb,cAAyC,cAAc;CACrD,YAAY,SAAiB;AAC3B,QAAM,0BAA0B,YAAY,SAAS,SAAS,EAAE,SAAS,CAAC;;;;;;;;;;;;;;ACO9E,IAAa,4BAAb,cAA+C,cAAc;CAC3D,YAAY,OAAgB;AAC1B,QAAM,uCAAuC,YAAY,SAAS,wBAAwB,EACxF,OACD,CAAC;;;;;;;;;;;;;;;ACHN,IAAa,sBAAb,cAAyC,cAAc;CACrD,YAAY,SAAkB;AAC5B,QAAM,iCAAiC,YAAY,SAAS,kBAAkB,EAC5E,SACD,CAAC;;;;;;;;;;;;;;;ACJN,IAAa,wBAAb,cAA2C,cAAc;CACvD,YAAY,QAAmB;AAC7B,QAAM,mCAAmC,YAAY,SAAS,mBAAmB,EAC/E,QACD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;ACSN,SAAgB,kBAAkB,OAA+B;AAE/D,KAAI,iBAAiB,UAAU;EAC7B,MAAM,WAAW;AAEjB,UAAQ,SAAS,QAAjB;GACE,KAAK,eAAe,UAClB,QAAO,IAAI,oBAAoB,SAAS,MAAM;GAEhD,KAAK,eAAe,eAElB,QAAO,mBAAmB,SAAS;GAErC,KAAK,eAAe,cAClB,QAAO,IAAI,cACT,+BACA,YAAY,SAAS,SACrB,EAAE,SAAS,SAAS,SAAS,CAC9B;GAEH,KAAK,eAAe,aAClB,QAAO,IAAI,cACT,mCACA,YAAY,SAAS,mBACrB,EAAE,SAAS,SAAS,SAAS,CAC9B;GAEH,KAAK,eAAe,cAClB,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;IAAE,SAAS,SAAS;IAAS,QAAQ;IAA2B,CACjE;GAEH,KAAK,eAAe,eAClB,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB,EAAE,SAAS,SAAS,SAAS,CAC9B;GAEH,QACE,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;IAAE,SAAS,SAAS;IAAS,QAAQ,SAAS;IAAQ,CACvD;;;AAKP,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB,EAAE,eAAe,OAAO,MAAM,EAAE,CACjC;;;;;AAMH,SAAS,mBAAmB,OAAgC;CAE1D,MAAM,cAAc,MAAM;AAI1B,KAAI,aAAa;AAEf,MAAI,gBAAgB,QAElB,QAAO,IAAI,sBAAsB,CAAC,MAAM,SAAS,UAAU,CAAC;AAG9D,MAAI,gBAAgB,QAElB,QAAO,IAAI,0BAA0B,MAAM,SAAS,UAAU;AAGhE,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,iCACA,YAAY,SAAS,iBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAGH,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,mCACA,YAAY,SAAS,SACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,YAAY,WAAW,KAAK,EAAE;AAChC,OAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,gCACA,YAAY,SAAS,SACrB;IAAE;IAAa,SAAS,MAAM;IAAgB,CAC/C;AAGH,OAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,iCACA,YAAY,SAAS,SACrB;IAAE;IAAa,SAAS,MAAM;IAAgB,CAC/C;;AAKL,MAAI,YAAY,WAAW,KAAK,CAC9B,QAAO,IAAI,cACT,mCACA,YAAY,SAAS,mBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,YAAY,WAAW,KAAK,CAC9B,QAAO,IAAI,cACT,sCACA,YAAY,SAAS,sBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;AAIH,MAAI,gBAAgB,QAElB,QAAO,IAAI,cACT,qCACA,YAAY,SAAS,sBACrB;GAAE;GAAa,SAAS,MAAM;GAAgB,CAC/C;;AAKL,QAAO,IAAI,cACT,0BACA,YAAY,SAAS,SACrB;EACE;EACA,gBAAgB,MAAM;EACtB,KAAK,MAAM;EACZ,CACF;;;;;;;;;;;;;;;ACjLH,IAAa,qBAAb,MAA0H;CACxH,KAAc;CAEd,UAAU,OAAO,EAAE,MAAM,cAGD;AACtB,MAAI;AACF,UAAO,MAAM,QAAQ,KAAK;WACnB,OAAO;AACd,SAAM,kBAAkB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;ACEpC,IAAa,qBAAb,MAA0H;CACxH,KAAc;CAEd,YAAY,SAA4C;AAApC,OAAA,UAAA;;CAEpB,UAAU,OAAO,EAAE,OAAO,WAAW,MAAM,cAKnB;EACtB,MAAM,EAAE,kBAAkB,KAAK;EAC/B,MAAM,YAAY,GAAG,MAAM,GAAG;AAG9B,QAAM,cAAc,KAAK,UAAU,aAA0B,EAC3D,MAAM,MACP,CAAC;EAGF,MAAM,SAAS,MAAM,QAAQ,KAAK;AAGlC,QAAM,cAAc,KAAK,SAAS,aAA0B;GAC1D,MAAM;GACN;GACD,CAAC;AAEF,SAAO;;;;;;;;;;;;;;;;ACvCX,IAAa,iBAAb,MAA4B;CAC1B,OAAO,MAAS,QAAW,YAAuB;EAChD,MAAM,IAAI;EACV,MAAM,WAAW;GACf,GAAG,EAAE;GACL,UAAU;IAAE,GAAG,EAAE,QAAQ;IAAU,eAAe;IAAY;GAC/D;AACD,IAAE,UAAU;AACZ,IAAE,SAAS;AACX,SAAO;;;;;AClBX,MAAM,2BAA2B,EAAE,OAAO;CACxC,MAAM,EAAE,QAAQ,CAAC,IAAI,GAAG,SAAS,kCAAkC,CAAC;CACpE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO;CAC5B,SAAS,EAAE,UAAU;CACrB,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,UAAU;CAClD,CAAC;AAEwC,EAAE,OAAO;CACjD,SAAS,EAAE,QAAQ,CAAC,IAAI,GAAG,SAAS,qCAAqC,CAAC;CAC1E,aAAa,EAAE,MAAM,yBAAyB,CAAC,IAAI,GAAG,SAAS,8BAA8B,CAAC;CAC/F,CAAC,CAAC,QACA,WAAW;CACV,MAAM,QAAQ,OAAO,YAAY,KAAI,MAAK,EAAE,KAAK;AACjD,QAAO,IAAI,IAAI,MAAM,CAAC,SAAS,MAAM;GAEvC,SAAS,gCAAgC,CAC1C,CAAC,QACC,WAAW,OAAO,YAAY,MAAK,MAAK,EAAE,SAAS,OAAO,QAAQ,EACnE,SAAS,qCAAqC,CAC/C;AAED,SAAgB,sBACd,MACA,eAC+C;CAC/C,MAAM,UAAuB;EAC3B,IAAI,oBAAoB;EACxB,IAAI,mBAAmB,EACrB,eACD,CAAC;EACF,GAAI,KAAK,WAAW,EAAE;EACvB;CAED,IAAA,iBAAA,MACM,uBAAuB,eAAmC;EAC9D,cAAc;GACZ,MAAM,UAAU,KAAK,SAAS;AAC9B,SAAM,KAAK,QAAQ;IAAE;IAAS;IAAS,CAAC;;;8BAJ3C,WAAW,EAAA,mBAAA,qBAAA,EAAA,CAAA,CAAA,EAAA,eAAA;AAQZ,QAAO;;;;AChDT,MAAa,kBAAkB;CAC7B,SAAS,OAAO,IAAI,2BAA2B;CAC/C,UAAU,OAAO,IAAI,4BAA4B;CAClD;AAID,SAAgB,iBAAiB,MAA8B;AAC7D,QAAO,OAAO,IAAI,+BAA+B,OAAO;;;;ACR1D,MAAa,mBAAmB,EAC9B,IAAI;CACF,wBAAwB;CACxB,2BAA2B;CAC3B,oBAAoB;CACpB,sBAAsB;CACtB,2BAA2B;CAC5B,EACF;;;;AC+CM,IAAA,iBAAA,kBAAA,MAAM,eAAmD;CAC9D,OAAO,QAAQ,QAA6C;AAC1D,SAAO;GACL,QAAA;GACA,WAAW,CACT;IAAE,SAAS,gBAAgB;IAAS,UAAU;IAA6B,CAC5E;GACF;;CAGH,OAAO,aAAa,SAAkE;AACpF,SAAO;GACL,QAAA;GACA,WAAW,CACT;IACE,SAAS,gBAAgB;IACzB,YAAY,QAAQ;IACpB,QAAQ,QAAQ;IACjB,CACF;GACF;;CAGH,aAAa,SAA8B;EACzC,MAAM,SAAS,QAAQ,UAAU,QAA8B,gBAAgB,QAAQ;EACvF,MAAM,gBAAgB,QAAQ,UAAU,QAAwB,UAAU,cAAc;EACxF,MAAM,YAAY,QAAQ,UAAU,sBAAsB;AAE1D,OAAK,MAAM,QAAQ,OAAO,aAAa;GACrC,MAAM,UAAU,sBAAsB,MAAM,cAAc;AAE1D,aAAU,SAAS,iBAAiB,KAAK,KAAK,EAE5C,YAAY,QAAQ,EACpB,EAAE,WAAW,MAAM,SAAS,CAAC;;AAGjC,UAAQ,UAAU,iBAAiB,UAAU,UAAU,iBAAiB,OAAO,QAAQ,CAAC;AAExF,UAAQ,OAAO,KAAK,6BAA6B;;CAGnD,WAAW,SAA8B;AACvC,UAAQ,OAAO,KAAK,0BAA0B;;;+CAzDjD,OAAO;CACN,SAAS,CACP,WAAW,iBAAiB,EAAE,IAAI,EAAE,UAAU,iBAAiB,IAAI,EAAE,CAAC,CACvE;CACD,WAAW;EACT;EACA;EACA;EACA;EACA;EACA;EACA;EACD;CACF,CAAC,CAAA,EAAA,eAAA;;;AClDF,SAAgB,SAAS,MAA0C;AACjE,QAAOA,SAAO,iBAAiB,KAAK,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
//#region \0@oxc-project+runtime@0.
|
|
1
|
+
//#region \0@oxc-project+runtime@0.127.0/helpers/decorate.js
|
|
2
2
|
function __decorate(decorators, target, key, desc) {
|
|
3
3
|
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
4
|
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|