@tailor-platform/sdk 1.2.2 → 1.2.4

package/dist/{types-C0n7Syhv.d.mts → types-BeinUo7W.d.mts}

@@ -6,6 +6,17 @@ import { IsAny, NonEmptyObject } from "type-fest";
 import { StandardSchemaV1 } from "@standard-schema/spec";
 import * as zod_v4_core33 from "zod/v4/core";
 
+//#region src/parser/service/tailordb/relation.d.ts
+declare const relationTypes: {
+  readonly "1-1": "1-1";
+  readonly oneToOne: "1-1";
+  readonly "n-1": "n-1";
+  readonly manyToOne: "n-1";
+  readonly "N-1": "n-1";
+  readonly keyOnly: "keyOnly";
+};
+type RelationType = keyof typeof relationTypes;
+//#endregion
 //#region src/configure/types/helpers.d.ts
 type Prettify<T$1> = { [K in keyof T$1 as string extends K ? never : K]: T$1[K] } & {};
 type DeepWritable<T$1> = T$1 extends Date | RegExp | Function ? T$1 : T$1 extends object ? { -readonly [P in keyof T$1]: DeepWritable<T$1[P]> } & {} : T$1;
@@ -252,6 +263,11 @@ declare class TailorField<const Defined extends DefinedFieldMetadata = DefinedFi
   /**
    * Parse and validate a value against this field's validation rules
    * Returns StandardSchema Result type with success or failure
+   * @param {{ value: unknown; data: unknown; user: TailorUser }} args - Value, context data, and user
+   * @param {unknown} args.value - Value to validate
+   * @param {unknown} args.data - Context data
+   * @param {TailorUser} args.user - Tailor user information
+   * @returns {StandardSchemaV1.Result<Output>} Validation result
    */
   parse(args: {
     value: unknown;
@@ -262,11 +278,23 @@ declare class TailorField<const Defined extends DefinedFieldMetadata = DefinedFi
    * Validate a single value (not an array element)
    * Used internally for array element validation
    * @private
+   * @param {{ value: TailorToTs[T]; data: unknown; user: TailorUser; pathArray: string[] }} args - Validation arguments
+   * @param {TailorToTs[T]} args.value - Value to validate
+   * @param {unknown} args.data - Context data
+   * @param {TailorUser} args.user - Tailor user information
+   * @param {string[]} args.pathArray - Field path array for nested validation
+   * @returns {StandardSchemaV1.Issue[]} Validation issues
    */
   private _validateValue;
   /**
    * Internal parse method that tracks field path for nested validation
    * @private
+   * @param {{ value: unknown; data: unknown; user: TailorUser; pathArray: string[] }} args - Parse arguments
+   * @param {unknown} args.value - Value to parse
+   * @param {unknown} args.data - Context data
+   * @param {TailorUser} args.user - Tailor user information
+   * @param {string[]} args.pathArray - Field path array for nested validation
+   * @returns {StandardSchemaV1.Result<Output>} Validation result
    */
   private _parseInternal;
 }
@@ -306,10 +334,166 @@ type TailorUser = {
 /** Represents an unauthenticated user in the Tailor platform. */
 declare const unauthenticatedTailorUser: TailorUser;
 //#endregion
-//#region src/configure/types/env.d.ts
-interface Env {}
-/** Represents environment variables in the Tailor platform. */
-type TailorEnv = keyof Env extends never ? Record<string, string> : Env;
+//#region src/configure/services/tailordb/permission.d.ts
+type TailorTypePermission<User extends object = InferredAttributeMap, Type extends object = object> = {
+  create: readonly ActionPermission<"record", User, Type, false>[];
+  read: readonly ActionPermission<"record", User, Type, false>[];
+  update: readonly ActionPermission<"record", User, Type, true>[];
+  delete: readonly ActionPermission<"record", User, Type, false>[];
+};
+type ActionPermission<Level extends "record" | "gql" = "record" | "gql", User extends object = InferredAttributeMap, Type extends object = object, Update extends boolean = boolean> = {
+  conditions: PermissionCondition<Level, User, Update, Type> | readonly PermissionCondition<Level, User, Update, Type>[];
+  description?: string | undefined;
+  permit?: boolean;
+} | readonly [...PermissionCondition<Level, User, Update, Type>, ...([] | [boolean])] | readonly [...PermissionCondition<Level, User, Update, Type>[], ...([] | [boolean])];
+type TailorTypeGqlPermission<User extends object = InferredAttributeMap, Type extends object = object> = readonly GqlPermissionPolicy<User, Type>[];
+type GqlPermissionPolicy<User extends object = InferredAttributeMap, Type extends object = object> = {
+  conditions: readonly PermissionCondition<"gql", User, boolean, Type>[];
+  actions: "all" | readonly GqlPermissionAction$1[];
+  permit?: boolean;
+  description?: string;
+};
+type GqlPermissionAction$1 = "read" | "create" | "update" | "delete" | "aggregate" | "bulkUpsert";
+type EqualityOperator = "=" | "!=";
+type ContainsOperator = "in" | "not in";
+type StringFieldKeys<User extends object> = { [K in keyof User]: User[K] extends string ? K : never }[keyof User];
+type StringArrayFieldKeys<User extends object> = { [K in keyof User]: User[K] extends string[] ? K : never }[keyof User];
+type BooleanFieldKeys<User extends object> = { [K in keyof User]: User[K] extends boolean ? K : never }[keyof User];
+type BooleanArrayFieldKeys<User extends object> = { [K in keyof User]: User[K] extends boolean[] ? K : never }[keyof User];
+type UserStringOperand<User extends object = InferredAttributeMap> = {
+  user: StringFieldKeys<User> | "id";
+};
+type UserStringArrayOperand<User extends object = InferredAttributeMap> = {
+  user: StringArrayFieldKeys<User>;
+};
+type UserBooleanOperand<User extends object = InferredAttributeMap> = {
+  user: BooleanFieldKeys<User> | "_loggedIn";
+};
+type UserBooleanArrayOperand<User extends object = InferredAttributeMap> = {
+  user: BooleanArrayFieldKeys<User>;
+};
+type RecordOperand$1<Type extends object, Update extends boolean = false> = Update extends true ? {
+  oldRecord: (keyof Type & string) | "id";
+} | {
+  newRecord: (keyof Type & string) | "id";
+} : {
+  record: (keyof Type & string) | "id";
+};
+type StringEqualityCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = (Level extends "gql" ? readonly [string, EqualityOperator, boolean] : never) | readonly [string, EqualityOperator, string] | readonly [UserStringOperand<User>, EqualityOperator, string] | readonly [string, EqualityOperator, UserStringOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, EqualityOperator, string | UserStringOperand<User>] | readonly [string | UserStringOperand<User>, EqualityOperator, RecordOperand$1<Type, Update>] : never);
+type BooleanEqualityCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = readonly [boolean, EqualityOperator, boolean] | readonly [UserBooleanOperand<User>, EqualityOperator, boolean] | readonly [boolean, EqualityOperator, UserBooleanOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, EqualityOperator, boolean | UserBooleanOperand<User>] | readonly [boolean | UserBooleanOperand<User>, EqualityOperator, RecordOperand$1<Type, Update>] : never);
+type EqualityCondition<Level extends "record" | "gql" = "record", User extends object = InferredAttributeMap, Update extends boolean = boolean, Type extends object = object> = StringEqualityCondition<Level, User, Update, Type> | BooleanEqualityCondition<Level, User, Update, Type>;
+type StringContainsCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = readonly [string, ContainsOperator, string[]] | readonly [UserStringOperand<User>, ContainsOperator, string[]] | readonly [string, ContainsOperator, UserStringArrayOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, ContainsOperator, string[] | UserStringArrayOperand<User>] | readonly [string | UserStringOperand<User>, ContainsOperator, RecordOperand$1<Type, Update>] : never);
+type BooleanContainsCondition<Level extends "record" | "gql", User extends object, Update extends boolean, Type extends object> = (Level extends "gql" ? readonly [string, ContainsOperator, boolean[]] : never) | readonly [boolean, ContainsOperator, boolean[]] | readonly [UserBooleanOperand<User>, ContainsOperator, boolean[]] | readonly [boolean, ContainsOperator, UserBooleanArrayOperand<User>] | (Level extends "record" ? readonly [RecordOperand$1<Type, Update>, ContainsOperator, boolean[] | UserBooleanArrayOperand<User>] | readonly [boolean | UserBooleanOperand<User>, ContainsOperator, RecordOperand$1<Type, Update>] : never);
+type ContainsCondition<Level extends "record" | "gql" = "record", User extends object = InferredAttributeMap, Update extends boolean = boolean, Type extends object = object> = StringContainsCondition<Level, User, Update, Type> | BooleanContainsCondition<Level, User, Update, Type>;
+/**
+ * Type representing a permission condition that combines user attributes, record fields, and literal values using comparison operators.
+ *
+ * The User type is extended by `user-defined.d.ts`, which is automatically generated when running `tailor-sdk generate`.
+ * Attributes enabled in the config file's `auth.userProfile.attributes` become available as types.
+ * @example
+ * ```ts
+ * // tailor.config.ts
+ * export const auth = defineAuth("my-auth", {
+ *   userProfile: {
+ *     type: user,
+ *     attributes: {
+ *       isAdmin: true,
+ *       roles: true,
+ *     }
+ *   }
+ * });
+ * ```
+ */
+type PermissionCondition<Level extends "record" | "gql" = "record", User extends object = InferredAttributeMap, Update extends boolean = boolean, Type extends object = object> = EqualityCondition<Level, User, Update, Type> | ContainsCondition<Level, User, Update, Type>;
+/**
+ * Grants full record-level access without any conditions.
+ *
+ * Unsafe and intended only for local development, prototyping, or tests.
+ * Do not use this in production environments, as it effectively disables
+ * authorization checks.
+ */
+declare const unsafeAllowAllTypePermission: TailorTypePermission;
+/**
+ * Grants full GraphQL access (all actions) without any conditions.
+ *
+ * Unsafe and intended only for local development, prototyping, or tests.
+ * Do not use this in production environments, as it effectively disables
+ * authorization checks.
+ */
+declare const unsafeAllowAllGqlPermission: TailorTypeGqlPermission;
+//#endregion
+//#region src/configure/services/tailordb/types.d.ts
+type SerialConfig<T$1 extends "string" | "integer" = "string" | "integer"> = Prettify<{
+  start: number;
+  maxValue?: number;
+} & (T$1 extends "string" ? {
+  format?: string;
+} : object)>;
+interface DBFieldMetadata extends FieldMetadata {
+  index?: boolean;
+  unique?: boolean;
+  vector?: boolean;
+  foreignKey?: boolean;
+  foreignKeyType?: string;
+  foreignKeyField?: string;
+  hooks?: Hook<any, any>;
+  serial?: SerialConfig;
+  relation?: boolean;
+}
+interface DefinedDBFieldMetadata extends DefinedFieldMetadata {
+  index?: boolean;
+  unique?: boolean;
+  vector?: boolean;
+  foreignKey?: boolean;
+  foreignKeyType?: boolean;
+  validate?: boolean;
+  hooks?: {
+    create: boolean;
+    update: boolean;
+  };
+  serial?: boolean;
+  relation?: boolean;
+}
+type ExcludeNestedDBFields<T$1 extends Record<string, TailorAnyDBField>> = { [K in keyof T$1]: T$1[K] extends TailorDBField<{
+  type: "nested";
+  array: boolean;
+}, any> ? never : T$1[K] };
+type HookFn<TValue, TData, TReturn> = (args: {
+  value: TValue;
+  data: TData extends Record<string, unknown> ? { readonly [K in keyof TData]?: TData[K] | null | undefined } : unknown;
+  user: TailorUser;
+}) => TReturn;
+type Hook<TData, TReturn> = {
+  create?: HookFn<TReturn | null, TData, TReturn>;
+  update?: HookFn<TReturn | null, TData, TReturn>;
+};
+type Hooks<F extends Record<string, TailorAnyDBField>, TData = { [K in keyof F]: output<F[K]> }> = NonEmptyObject<{ [K in Exclude<keyof F, "id"> as F[K]["_defined"] extends {
+  hooks: unknown;
+} ? never : F[K]["_defined"] extends {
+  type: "nested";
+} ? never : K]?: Hook<TData, output<F[K]>> }>;
+type TailorDBServiceConfig = {
+  files: string[];
+  ignores?: string[];
+};
+type TailorDBExternalConfig = {
+  external: true;
+};
+type TailorDBServiceInput = {
+  [namespace: string]: TailorDBServiceConfig | TailorDBExternalConfig;
+};
+type IndexDef<T$1 extends {
+  fields: Record<PropertyKey, unknown>;
+}> = {
+  fields: [keyof T$1["fields"], keyof T$1["fields"], ...(keyof T$1["fields"])[]];
+  unique?: boolean;
+  name?: string;
+};
+interface TypeFeatures {
+  pluralForm?: string;
+  aggregation?: true;
+  bulkUpsert?: true;
+}
 //#endregion
 //#region src/parser/service/auth/schema.d.ts
 declare const AuthInvokerSchema: z.ZodObject<{
@@ -555,179 +739,6 @@ type AuthServiceInput<User extends TailorDBInstance, AttributeMap$1 extends User
   tenantProvider?: TenantProviderConfig;
 };
 //#endregion
-//#region src/configure/services/auth/index.d.ts
-declare const authDefinitionBrand: unique symbol;
-type AuthDefinitionBrand = {
-  readonly [authDefinitionBrand]: true;
-};
-/**
- * Invoker type compatible with tailor.v1.AuthInvoker
- * - namespace: auth service name
- * - machineUserName: machine user name
- */
-type AuthInvoker<M extends string> = Omit<AuthInvoker$1, "machineUserName"> & {
-  machineUserName: M;
-};
-declare function defineAuth<const Name extends string, const User extends TailorDBInstance, const AttributeMap$1 extends UserAttributeMap<User>, const AttributeList$1 extends UserAttributeListKey<User>[], const MachineUserNames extends string>(name: Name, config: AuthServiceInput<User, AttributeMap$1, AttributeList$1, MachineUserNames>): {
-  readonly name: Name;
-  readonly invoker: <M extends MachineUserNames>(machineUser: M) => {
-    readonly namespace: Name;
-    readonly machineUserName: M;
-  };
-  readonly userProfile?: {
-    namespace?: string;
-    type: User;
-    usernameField: UsernameFieldKey<User>;
-    attributes?: (AttributeMap$1 & { [K in Exclude<keyof AttributeMap$1, UserAttributeKey<User>>]: never }) | undefined;
-    attributeList?: AttributeList$1 | undefined;
-  } | undefined;
-  readonly machineUsers?: Record<MachineUserNames, type_fest0.IsAny<User> extends true ? {
-    attributes: Record<string, AuthAttributeValue>;
-    attributeList?: string[];
-  } : (Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>> extends never ? {
-    attributes?: never;
-  } : {
-    attributes: { [K_2 in Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>>]: K_2 extends keyof output<User> ? output<User>[K_2] : never } & { [K_3 in Exclude<keyof output<User>, Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>>>]?: undefined };
-  }) & ([] extends AttributeList$1 ? {
-    attributeList?: never;
-  } : {
-    attributeList: { [Index in keyof AttributeList$1]: AttributeList$1[Index] extends UserAttributeListKey<User> ? AttributeList$1[Index] extends infer T ? T extends AttributeList$1[Index] ? T extends keyof output<User> ? output<User>[T] : never : never : never : never };
-  })> | undefined;
-  readonly oauth2Clients?: Record<string, OAuth2ClientInput>;
-  readonly idProvider?: IdProviderConfig;
-  readonly scim?: SCIMConfig;
-  readonly tenantProvider?: TenantProviderConfig;
-} & AuthDefinitionBrand;
-type AuthExternalConfig = {
-  name: string;
-  external: true;
-};
-type AuthOwnConfig = ReturnType<typeof defineAuth<string, any, any, any, string>>;
-type AuthConfig = AuthOwnConfig | AuthExternalConfig;
-//#endregion
-//#region src/configure/services/tailordb/permission.d.ts
-type TailorTypePermission<User extends object = InferredAttributeMap, Type extends object = object> = {
-  create: readonly ActionPermission<"record", User, Type, false>[];
-  read: readonly ActionPermission<"record", User, Type, false>[];
-  update: readonly ActionPermission<"record", User, Type, true>[];
-  delete: readonly ActionPermission<"record", User, Type, false>[];
-};
-type ActionPermission<Level extends "record" | "gql" = "record" | "gql", User extends object = InferredAttributeMap, Type extends object = object, Update extends boolean = boolean> = {
-  conditions: PermissionCondition<Level, User, Update, Type> | readonly PermissionCondition<Level, User, Update, Type>[];
-  description?: string | undefined;
-  permit?: boolean;
-} | readonly [...PermissionCondition<Level, User, Update, Type>, ...([] | [boolean])] | readonly [...PermissionCondition<Level, User, Update, Type>[], ...([] | [boolean])];
-type TailorTypeGqlPermission<User extends object = InferredAttributeMap, Type extends object = object> = readonly GqlPermissionPolicy<User, Type>[];
-type GqlPermissionPolicy<User extends object = InferredAttributeMap, Type extends object = object> = {
-  conditions: readonly PermissionCondition<"gql", User, boolean, Type>[];
-  actions: "all" | readonly GqlPermissionAction$1[];
-  permit?: boolean;
-  description?: string;
-};
-type GqlPermissionAction$1 = "read" | "create" | "update" | "delete" | "aggregate" | "bulkUpsert";
-type PermissionCondition<Level extends "record" | "gql" = "record" | "gql", User extends object = InferredAttributeMap, Update extends boolean = boolean, Type extends object = object> = readonly [PermissionOperand$1<Level, User, Type, Update>, PermissionOperator, PermissionOperand$1<Level, User, Type, Update>];
-type UserOperand$1<User extends object = InferredAttributeMap> = {
-  user: { [K in keyof User]: User[K] extends string | string[] | boolean | boolean[] ? K : never }[keyof User] | "id" | "_loggedIn";
-};
-type RecordOperand$1<Type extends object, Update extends boolean = false> = Update extends true ? {
-  oldRecord: (keyof Type & string) | "id";
-} | {
-  newRecord: (keyof Type & string) | "id";
-} : {
-  record: (keyof Type & string) | "id";
-};
-type PermissionOperand$1<Level extends "record" | "gql" = "record" | "gql", User extends object = InferredAttributeMap, Type extends object = object, Update extends boolean = boolean> = UserOperand$1<User> | ValueOperand | (Level extends "record" ? RecordOperand$1<Type, Update> : never);
-type PermissionOperator = "=" | "!=" | "in" | "not in";
-/**
- * Grants full record-level access without any conditions.
- *
- * Unsafe and intended only for local development, prototyping, or tests.
- * Do not use this in production environments, as it effectively disables
- * authorization checks.
- */
-declare const unsafeAllowAllTypePermission: TailorTypePermission;
-/**
- * Grants full GraphQL access (all actions) without any conditions.
- *
- * Unsafe and intended only for local development, prototyping, or tests.
- * Do not use this in production environments, as it effectively disables
- * authorization checks.
- */
-declare const unsafeAllowAllGqlPermission: TailorTypeGqlPermission;
-//#endregion
-//#region src/configure/services/tailordb/types.d.ts
-type SerialConfig<T$1 extends "string" | "integer" = "string" | "integer"> = Prettify<{
-  start: number;
-  maxValue?: number;
-} & (T$1 extends "string" ? {
-  format?: string;
-} : object)>;
-interface DBFieldMetadata extends FieldMetadata {
-  index?: boolean;
-  unique?: boolean;
-  vector?: boolean;
-  foreignKey?: boolean;
-  foreignKeyType?: string;
-  foreignKeyField?: string;
-  hooks?: Hook<any, any>;
-  serial?: SerialConfig;
-  relation?: boolean;
-}
-interface DefinedDBFieldMetadata extends DefinedFieldMetadata {
-  index?: boolean;
-  unique?: boolean;
-  vector?: boolean;
-  foreignKey?: boolean;
-  foreignKeyType?: boolean;
-  validate?: boolean;
-  hooks?: {
-    create: boolean;
-    update: boolean;
-  };
-  serial?: boolean;
-  relation?: boolean;
-}
-type ExcludeNestedDBFields<T$1 extends Record<string, TailorAnyDBField>> = { [K in keyof T$1]: T$1[K] extends TailorDBField<{
-  type: "nested";
-  array: boolean;
-}, any> ? never : T$1[K] };
-type HookFn<TValue, TData, TReturn> = (args: {
-  value: TValue;
-  data: TData extends Record<string, unknown> ? { readonly [K in keyof TData]?: TData[K] | null | undefined } : unknown;
-  user: TailorUser;
-}) => TReturn;
-type Hook<TData, TReturn> = {
-  create?: HookFn<TReturn | null, TData, TReturn>;
-  update?: HookFn<TReturn | null, TData, TReturn>;
-};
-type Hooks<F extends Record<string, TailorAnyDBField>, TData = { [K in keyof F]: output<F[K]> }> = NonEmptyObject<{ [K in Exclude<keyof F, "id"> as F[K]["_defined"] extends {
-  hooks: unknown;
-} ? never : F[K]["_defined"] extends {
-  type: "nested";
-} ? never : K]?: Hook<TData, output<F[K]>> }>;
-type TailorDBServiceConfig = {
-  files: string[];
-  ignores?: string[];
-};
-type TailorDBExternalConfig = {
-  external: true;
-};
-type TailorDBServiceInput = {
-  [namespace: string]: TailorDBServiceConfig | TailorDBExternalConfig;
-};
-type IndexDef<T$1 extends {
-  fields: Record<PropertyKey, unknown>;
-}> = {
-  fields: [keyof T$1["fields"], keyof T$1["fields"], ...(keyof T$1["fields"])[]];
-  unique?: boolean;
-  name?: string;
-};
-interface TypeFeatures {
-  pluralForm?: string;
-  aggregation?: true;
-  bulkUpsert?: true;
-}
-//#endregion
 //#region src/parser/service/tailordb/types.d.ts
 interface Script {
   expr: string;
@@ -744,6 +755,20 @@ interface OperatorFieldHook {
   create?: Script;
   update?: Script;
 }
+/**
+ * Raw relation config stored in configure layer, processed in parser layer.
+ * This is the serialized form of RelationConfig from schema.ts where
+ * the TailorDBType reference is replaced with the type name string.
+ */
+interface RawRelationConfig {
+  type: RelationType;
+  toward: {
+    type: string;
+    as?: string;
+    key?: string;
+  };
+  backward?: string;
+}
 interface OperatorFieldConfig {
   type: string;
   required?: boolean;
@@ -756,6 +781,7 @@ interface OperatorFieldConfig {
   foreignKey?: boolean;
   foreignKeyType?: string;
   foreignKeyField?: string;
+  rawRelation?: RawRelationConfig;
   validate?: OperatorValidateConfig[];
   hooks?: OperatorFieldHook;
   serial?: {
@@ -869,7 +895,6 @@ type AllowedValuesOutput<V extends AllowedValues> = V[number] extends infer T ?
 } ? K : never : never;
 //#endregion
 //#region src/configure/services/tailordb/schema.d.ts
-type RelationType = "oneToOne" | "1-1" | "manyToOne" | "n-1" | "N-1" | "keyOnly";
 interface RelationConfig<S extends RelationType, T$1 extends TailorDBType> {
   type: S;
   toward: {
@@ -888,16 +913,10 @@ type RelationSelfConfig = {
   };
   backward?: string;
 };
-interface ReferenceConfig<T$1 extends TailorAnyDBType> {
-  type: TailorAnyDBType;
-  key: keyof T$1["fields"] & string;
-  nameMap: [string | undefined, string];
-}
 type TailorAnyDBField = TailorDBField<any, any>;
 declare class TailorDBField<const Defined extends DefinedDBFieldMetadata, const Output> extends TailorField<Defined, Output, DBFieldMetadata> {
-  private _ref;
-  private _pendingSelfRelation;
-  get reference(): Readonly<ReferenceConfig<TailorDBType>> | undefined;
+  private _rawRelation;
+  get rawRelation(): Readonly<RawRelationConfig> | undefined;
   get metadata(): {
     index?: boolean;
     unique?: boolean;
@@ -1183,6 +1202,68 @@ declare const db: {
   };
 };
 //#endregion
+//#region src/configure/services/auth/index.d.ts
+declare const authDefinitionBrand: unique symbol;
+type AuthDefinitionBrand = {
+  readonly [authDefinitionBrand]: true;
+};
+/**
+ * Invoker type compatible with tailor.v1.AuthInvoker
+ * - namespace: auth service name
+ * - machineUserName: machine user name
+ */
+type AuthInvoker<M extends string> = Omit<AuthInvoker$1, "machineUserName"> & {
+  machineUserName: M;
+};
+/**
+ * Define an auth service for the Tailor SDK.
+ * @template Name
+ * @template User
+ * @template AttributeMap
+ * @template AttributeList
+ * @template MachineUserNames
+ * @template M
+ * @param {Name} name - Auth service name
+ * @param {AuthServiceInput<User, AttributeMap, AttributeList, MachineUserNames>} config - Auth service configuration
+ * @returns {AuthDefinitionBrand & AuthServiceInput<User, AttributeMap, AttributeList, MachineUserNames> & { name: string; invoker<M extends MachineUserNames>(machineUser: M): AuthInvoker<M> }} Defined auth service
+ */
+declare function defineAuth<const Name extends string, const User extends TailorDBInstance, const AttributeMap$1 extends UserAttributeMap<User>, const AttributeList$1 extends UserAttributeListKey<User>[], const MachineUserNames extends string>(name: Name, config: AuthServiceInput<User, AttributeMap$1, AttributeList$1, MachineUserNames>): {
+  readonly name: Name;
+  readonly invoker: <M extends MachineUserNames>(machineUser: M) => {
+    readonly namespace: Name;
+    readonly machineUserName: M;
+  };
+  readonly userProfile?: {
+    namespace?: string;
+    type: User;
+    usernameField: UsernameFieldKey<User>;
+    attributes?: (AttributeMap$1 & { [K in Exclude<keyof AttributeMap$1, UserAttributeKey<User>>]: never }) | undefined;
+    attributeList?: AttributeList$1 | undefined;
+  } | undefined;
+  readonly machineUsers?: Record<MachineUserNames, type_fest0.IsAny<User> extends true ? {
+    attributes: Record<string, AuthAttributeValue>;
+    attributeList?: string[];
+  } : (Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>> extends never ? {
+    attributes?: never;
+  } : {
+    attributes: { [K_2 in Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>>]: K_2 extends keyof output<User> ? output<User>[K_2] : never } & { [K_3 in Exclude<keyof output<User>, Extract<{ [K_1 in keyof AttributeMap$1]-?: undefined extends AttributeMap$1[K_1] ? never : K_1 }[keyof AttributeMap$1], UserAttributeKey<User>>>]?: undefined };
+  }) & ([] extends AttributeList$1 ? {
+    attributeList?: never;
+  } : {
+    attributeList: { [Index in keyof AttributeList$1]: AttributeList$1[Index] extends UserAttributeListKey<User> ? AttributeList$1[Index] extends infer T ? T extends AttributeList$1[Index] ? T extends keyof output<User> ? output<User>[T] : never : never : never : never };
+  })> | undefined;
+  readonly oauth2Clients?: Record<string, OAuth2ClientInput>;
+  readonly idProvider?: IdProviderConfig;
+  readonly scim?: SCIMConfig;
+  readonly tenantProvider?: TenantProviderConfig;
+} & AuthDefinitionBrand;
+type AuthExternalConfig = {
+  name: string;
+  external: true;
+};
+type AuthOwnConfig = ReturnType<typeof defineAuth<string, any, any, any, string>>;
+type AuthConfig = AuthOwnConfig | AuthExternalConfig;
+//#endregion
 //#region src/configure/services/executor/types.d.ts
 type ExecutorServiceConfig = {
   files: string[];
@@ -1251,6 +1332,13 @@ declare const idpDefinitionBrand: unique symbol;
 type IdpDefinitionBrand = {
   readonly [idpDefinitionBrand]: true;
 };
+/**
+ * Define an IdP service configuration for the Tailor SDK.
+ * @template TClients
+ * @param {string} name - IdP service name
+ * @param {Omit<IdPInput, "name" | "clients"> & { clients: TClients }} config - IdP configuration
+ * @returns {IdpDefinitionBrand & IdPInput} Defined IdP service
+ */
 declare function defineIdp<const TClients extends string[]>(name: string, config: Omit<IdPInput, "name" | "clients"> & {
   clients: TClients;
 }): {
@@ -1298,6 +1386,12 @@ declare const staticWebsiteDefinitionBrand: unique symbol;
 type StaticWebsiteDefinitionBrand = {
   readonly [staticWebsiteDefinitionBrand]: true;
 };
+/**
+ * Define a static website configuration for the Tailor SDK.
+ * @param {string} name - Static website name
+ * @param {Omit<StaticWebsiteInput, "name">} config - Static website configuration
+ * @returns {StaticWebsiteDefinitionBrand & StaticWebsiteInput & { readonly url: string }} Defined static website
+ */
 declare function defineStaticWebSite(name: string, config: Omit<StaticWebsiteInput, "name">): {
   readonly name: string;
   readonly url: `${string}:url`;
@@ -1364,6 +1458,7 @@ declare const BaseGeneratorConfigSchema: z.ZodUnion<readonly [z.ZodTuple<[z.ZodL
 /**
  * Creates a GeneratorConfigSchema with built-in generator support
  * @param {Map<string, (options: unknown) => CodeGeneratorBase>} builtinGenerators - Map of generator IDs to their constructor functions
+ * @returns {z.ZodEffects<z.ZodUnion<[typeof KyselyTypeConfigSchema, typeof SeedConfigSchema, typeof EnumConstantsConfigSchema, typeof FileUtilsConfigSchema, typeof CodeGeneratorSchema]>, CodeGeneratorBase, unknown> | z.ZodUnion<[typeof KyselyTypeConfigSchema, typeof SeedConfigSchema, typeof EnumConstantsConfigSchema, typeof FileUtilsConfigSchema, typeof CodeGeneratorSchema]>} Generator config schema
  */
 declare function createGeneratorConfigSchema(builtinGenerators: Map<string, (options: any) => CodeGeneratorBase>): z.core.$ZodBranded<z.ZodPipe<z.ZodUnion<readonly [z.ZodTuple<[z.ZodLiteral<"@tailor-platform/kysely-type">, z.ZodObject<{
   distPath: z.ZodString;
@@ -1418,9 +1513,9 @@ type CodeGeneratorBase = Omit<z.output<typeof CodeGeneratorSchema>, "dependencie
 };
 //#endregion
 //#region src/configure/config.d.ts
-interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[] = IdPConfig[], StaticWebsites extends StaticWebsiteConfig[] = StaticWebsiteConfig[], Env$1 extends Record<string, string | number | boolean> = Record<string, string | number | boolean>> {
+interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[] = IdPConfig[], StaticWebsites extends StaticWebsiteConfig[] = StaticWebsiteConfig[], Env extends Record<string, string | number | boolean> = Record<string, string | number | boolean>> {
   name: string;
-  env?: Env$1;
+  env?: Env;
   cors?: string[];
   allowedIpAddresses?: string[];
   disableIntrospection?: boolean;
@@ -1432,7 +1527,18 @@ interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[
   workflow?: WorkflowServiceInput;
   staticWebsites?: StaticWebsites;
 }
+/**
+ * Define a Tailor SDK application configuration with shallow exactness.
+ * @template Config
+ * @param {Config} config - Application configuration
+ * @returns {Config} The same configuration object
+ */
 declare function defineConfig<const Config extends AppConfig & Record<Exclude<keyof Config, keyof AppConfig>, never>>(config: Config): Config;
+/**
+ * Define generators to be used with the Tailor SDK.
+ * @param {...GeneratorConfig} configs - Generator configurations
+ * @returns {GeneratorConfig[]} Generator configurations as given
+ */
 declare function defineGenerators(...configs: GeneratorConfig[]): (["@tailor-platform/kysely-type", {
   distPath: string;
 }] | ["@tailor-platform/seed", {
@@ -1589,5 +1695,5 @@ type WorkflowOperation = z.infer<typeof WorkflowOperationSchema>;
 type Executor = z.infer<typeof ExecutorSchema>;
 type ExecutorInput = z.input<typeof ExecutorSchema>;
 //#endregion
-export { SCIMAttributeMapping as $, db as A, AuthExternalConfig as B, ResolverServiceConfig as C, FieldOptions as Ct, TailorDBField as D, JsonCompatible as Dt, ExecutorServiceInput as E, InferFieldsOutput as Et, TailorTypeGqlPermission as F, BuiltinIdP as G, AuthOwnConfig as H, TailorTypePermission as I, OAuth2ClientGrantType as J, IDToken as K, unsafeAllowAllGqlPermission as L, AllowedValuesOutput as M, ParsedTailorDBType as N, TailorDBInstance as O, output as Ot, PermissionCondition as P, SCIMAttribute as Q, unsafeAllowAllTypePermission as R, ResolverExternalConfig as S, FieldMetadata as St, ExecutorServiceConfig as T, TailorFieldType as Tt, defineAuth as U, AuthInvoker as V, AuthServiceInput as W, OIDC as X, OAuth2ClientInput as Y, SAML as Z, StaticWebsiteConfig as _, TailorField as _t, IncomingWebhookTrigger as a, UserAttributeKey as at, IdPExternalConfig as b, ResolverInput as bt, ScheduleTriggerInput as c, UsernameFieldKey as ct, AppConfig as d, TailorEnv as dt, SCIMAttributeType as et, defineConfig as f, AttributeList as ft, WorkflowServiceInput as g, TailorAnyField as gt, WorkflowServiceConfig as h, unauthenticatedTailorUser as ht, GqlOperation as i, TenantProviderConfig as it, AllowedValues as j, TailorDBType as k, WebhookOperation as l, ValueOperand as lt, Generator as m, TailorUser as mt, ExecutorInput as n, SCIMConfig as nt, RecordTrigger as o, UserAttributeListKey as ot, defineGenerators as p, AttributeMap as pt, IdProviderConfig as q, FunctionOperation as r, SCIMResource as rt, ResolverExecutedTrigger as s, UserAttributeMap as st, Executor as t, SCIMAuthorization as tt, WorkflowOperation as u, Env as ut, defineStaticWebSite as v, QueryType as vt, ResolverServiceInput as w, FieldOutput$1 as wt, defineIdp as x, ArrayFieldOutput as xt, IdPConfig as y, Resolver as yt, AuthConfig as z };
-//# sourceMappingURL=types-C0n7Syhv.d.mts.map
+export { TenantProviderConfig as $, AuthOwnConfig as A, BuiltinIdP as B, ResolverServiceConfig as C, TailorFieldType as Ct, AuthConfig as D, ExecutorServiceInput as E, output as Et, db as F, OIDC as G, IdProviderConfig as H, AllowedValues as I, SCIMAttributeMapping as J, SAML as K, AllowedValuesOutput as L, TailorDBField as M, TailorDBInstance as N, AuthExternalConfig as O, TailorDBType as P, SCIMResource as Q, ParsedTailorDBType as R, ResolverExternalConfig as S, FieldOutput$1 as St, ExecutorServiceConfig as T, JsonCompatible as Tt, OAuth2ClientGrantType as U, IDToken as V, OAuth2ClientInput as W, SCIMAuthorization as X, SCIMAttributeType as Y, SCIMConfig as Z, StaticWebsiteConfig as _, Resolver as _t, IncomingWebhookTrigger as a, PermissionCondition as at, IdPExternalConfig as b, FieldMetadata as bt, ScheduleTriggerInput as c, unsafeAllowAllGqlPermission as ct, AppConfig as d, AttributeMap as dt, UserAttributeKey as et, defineConfig as f, TailorUser as ft, WorkflowServiceInput as g, QueryType as gt, WorkflowServiceConfig as h, TailorField as ht, GqlOperation as i, ValueOperand as it, defineAuth as j, AuthInvoker as k, WebhookOperation as l, unsafeAllowAllTypePermission as lt, Generator as m, TailorAnyField as mt, ExecutorInput as n, UserAttributeMap as nt, RecordTrigger as o, TailorTypeGqlPermission as ot, defineGenerators as p, unauthenticatedTailorUser as pt, SCIMAttribute as q, FunctionOperation as r, UsernameFieldKey as rt, ResolverExecutedTrigger as s, TailorTypePermission as st, Executor as t, UserAttributeListKey as tt, WorkflowOperation as u, AttributeList as ut, defineStaticWebSite as v, ResolverInput as vt, ResolverServiceInput as w, InferFieldsOutput as wt, defineIdp as x, FieldOptions as xt, IdPConfig as y, ArrayFieldOutput as yt, AuthServiceInput as z };
+//# sourceMappingURL=types-BeinUo7W.d.mts.map

package/dist/utils/test/index.d.mts

@@ -1,6 +1,6 @@
 /// <reference path="./../../user-defined.d.ts" />
-import { _t as TailorField, k as TailorDBType } from "../../types-C0n7Syhv.mjs";
-import { n as output } from "../../index-aNF917Ib.mjs";
+import { P as TailorDBType, ht as TailorField } from "../../types-BeinUo7W.mjs";
+import { n as output } from "../../index-Dkyvjk4D.mjs";
 import { StandardSchemaV1 } from "@standard-schema/spec";
 
 //#region src/utils/test/index.d.ts