@thebes/cadmus 0.2.1

package/dist/cms/index.js

@@ -0,0 +1,743 @@
+import { a as CadmusCmsError, l as CadmusQueueError, t as CadmusAccessDeniedError } from "../errors-mZIqZJO4.js";
+import { enqueue } from "../queues/index.js";
+import { integer, real, sqliteTable, text } from "drizzle-orm/sqlite-core";
+import { count, desc, eq, inArray, sql } from "drizzle-orm";
+//#region src/cms/types.ts
+/**
+* Expands every `group` field in `fields` into its flattened equivalents
+* (`<key>_<subKey>`, recursively — a group nested inside a group flattens
+* all the way down), and passes every other field through unchanged. This
+* is the single canonicalization step codegen, schema-gen, and the Local
+* API's field-shape validation (`validateRequiredFields`/
+* `rejectUnknownFields`) all run before touching `group` fields, so none of
+* them need their own group-aware branch — see localApi.ts's `flattenDoc`/
+* `nestDoc` for the matching document-level transform.
+*
+* Known limitation: a flattened key can collide if two different group
+* nestings produce the same combined name (e.g. a group `a_b` containing
+* field `c` collides with group `a` containing field `b_c`) — not guarded
+* against, since no current collection nests groups deeply enough to hit
+* it.
+*/
+function flattenFields(fields) {
+	const result = {};
+	for (const [key, field] of Object.entries(fields)) if (field.type === "group") for (const [subKey, subField] of Object.entries(flattenFields(field.fields))) result[`${key}_${subKey}`] = subField;
+	else result[key] = field;
+	return result;
+}
+/**
+* The document-level counterpart to `flattenFields` — turns a `group`
+* field's nested object value (`{ shippingAddress: { city: "..." } }`) into
+* its flattened equivalent (`{ shippingAddress_city: "..." }`) for writing
+* to the DB, recursively. Fields not present in `doc` are simply omitted
+* from the result (lets `update()`'s partial inputs flatten correctly —
+* an absent group means every one of its flattened keys is absent too, not
+* `undefined`-valued). See `nestDoc` for the inverse, used on read.
+*/
+function flattenDoc(fields, doc) {
+	const result = {};
+	for (const [key, field] of Object.entries(fields)) if (field.type === "group") {
+		if (!(key in doc)) continue;
+		const nested = doc[key] ?? {};
+		for (const [subKey, subValue] of Object.entries(flattenDoc(field.fields, nested))) result[`${key}_${subKey}`] = subValue;
+	} else if (key in doc) result[key] = doc[key];
+	return result;
+}
+/**
+* The inverse of `flattenDoc` — re-nests a flat DB row's `<key>_<subKey>`
+* columns back into `{ key: { subKey: ... } }` for everything the Local
+* API returns to a caller, so a `group` field's document shape always
+* matches its config shape regardless of how it's actually stored.
+*/
+function nestDoc(fields, flatRow) {
+	const result = {};
+	for (const [key, field] of Object.entries(fields)) if (field.type === "group") {
+		const prefix = `${key}_`;
+		const nestedFlat = {};
+		for (const [flatKey, value] of Object.entries(flatRow)) if (flatKey.startsWith(prefix)) nestedFlat[flatKey.slice(prefix.length)] = value;
+		result[key] = nestDoc(field.fields, nestedFlat);
+	} else if (key in flatRow) result[key] = flatRow[key];
+	return result;
+}
+//#endregion
+//#region src/cms/codegen.ts
+function toSnakeCase$1(value) {
+	return value.replace(/[A-Z]/g, (letter) => `_${letter.toLowerCase()}`);
+}
+function fieldToColumn(key, field) {
+	const columnName = field.name ?? toSnakeCase$1(key);
+	switch (field.type) {
+		case "text":
+		case "upload": {
+			let column = text(columnName);
+			if (field.required) column = column.notNull();
+			if (field.unique) column = column.unique();
+			if (field.defaultValue !== void 0) column = column.default(field.defaultValue);
+			return column;
+		}
+		case "richText":
+		case "array":
+		case "json": {
+			let column = text(columnName, { mode: "json" }).$type();
+			if (field.required) column = column.notNull();
+			if (field.defaultValue !== void 0) column = column.default(field.defaultValue);
+			return column;
+		}
+		case "relationship": {
+			let column = integer(columnName);
+			if (field.required) column = column.notNull();
+			return column;
+		}
+		case "select": {
+			let column = text(columnName, { enum: field.options });
+			if (field.required) column = column.notNull();
+			if (field.defaultValue !== void 0) column = column.default(field.defaultValue);
+			return column;
+		}
+		case "number": {
+			if (field.autoIncrement) return integer(columnName).primaryKey({ autoIncrement: true });
+			let column = real(columnName);
+			if (field.required) column = column.notNull();
+			if (field.defaultValue !== void 0) column = column.default(field.defaultValue);
+			return column;
+		}
+		case "date": {
+			let column = field.mode === "timestamp_ms" ? integer(columnName, { mode: "timestamp_ms" }) : integer(columnName, { mode: "timestamp" });
+			if (field.required) column = column.notNull();
+			if (field.defaultValue === "now") column = column.$defaultFn(() => /* @__PURE__ */ new Date());
+			else if (field.defaultValue instanceof Date) {
+				const defaultDate = field.defaultValue;
+				column = column.$defaultFn(() => defaultDate);
+			}
+			return column;
+		}
+		case "checkbox": {
+			let column = integer(columnName, { mode: "boolean" });
+			if (field.required) column = column.notNull();
+			if (field.defaultValue !== void 0) column = column.default(field.defaultValue);
+			return column;
+		}
+		default: throw new CadmusCmsError(`Field type "${field.type}" is not yet supported by cadmus/cms codegen`);
+	}
+}
+function collectionToTable(config) {
+	const columns = {};
+	for (const [key, field] of Object.entries(flattenFields(config.fields))) {
+		if (field.type === "relationship" && field.hasMany) continue;
+		columns[key] = fieldToColumn(key, field);
+	}
+	if (config.versions?.drafts) columns.publishedVersionId = integer("published_version_id");
+	return sqliteTable(config.slug, columns);
+}
+function collectionVersionsTable(config) {
+	return sqliteTable(`${config.slug}_versions`, {
+		id: integer("id").primaryKey({ autoIncrement: true }),
+		parentId: integer("parent_id").notNull(),
+		versionData: text("version_data", { mode: "json" }).$type().notNull(),
+		status: text("status", { enum: ["draft", "published"] }).notNull(),
+		createdAt: integer("created_at", { mode: "timestamp" }).$defaultFn(() => /* @__PURE__ */ new Date())
+	});
+}
+function relationshipJoinTables(config) {
+	const joinTables = {};
+	for (const [key, field] of Object.entries(config.fields)) {
+		if (field.type !== "relationship" || !field.hasMany) continue;
+		const tableName = `${config.slug}_${key}`;
+		const ownColumn = `${config.slug}_id`;
+		const relatedColumn = `${field.relationTo}_id`;
+		const columns = {};
+		columns[ownColumn] = integer(ownColumn).notNull();
+		columns[relatedColumn] = integer(relatedColumn).notNull();
+		joinTables[tableName] = sqliteTable(tableName, columns);
+	}
+	return joinTables;
+}
+function collectionSearchTableName(config) {
+	return `${config.slug}_fts`;
+}
+function collectionSearchTableSQL(config) {
+	const fields = config.search?.fields ?? [];
+	if (fields.length === 0) return "";
+	const columns = fields.map((key) => `"${key}"`).join(", ");
+	return `CREATE VIRTUAL TABLE IF NOT EXISTS "${collectionSearchTableName(config)}" USING fts5(${columns});`;
+}
+function flattenRichText(value) {
+	if (value === null || value === void 0) return "";
+	if (typeof value === "string") return value;
+	if (typeof value !== "object") return String(value);
+	if (Array.isArray(value)) return value.map(flattenRichText).filter(Boolean).join(" ");
+	const node = value;
+	const parts = [];
+	if (typeof node.text === "string") parts.push(node.text);
+	if (Array.isArray(node.content)) parts.push(flattenRichText(node.content));
+	return parts.filter(Boolean).join(" ");
+}
+function extractSearchText(config, doc) {
+	return (config.search?.fields ?? []).map((key) => {
+		const field = config.fields[key];
+		const raw = doc[key];
+		if (field?.type === "richText") return flattenRichText(raw);
+		return typeof raw === "string" ? raw : "";
+	});
+}
+function cmsConfigToSchema(config) {
+	const schema = {};
+	for (const collection of config.collections) {
+		schema[collection.slug] = collectionToTable(collection);
+		Object.assign(schema, relationshipJoinTables(collection));
+		if (collection.versions?.drafts) schema[`${collection.slug}_versions`] = collectionVersionsTable(collection);
+	}
+	return schema;
+}
+//#endregion
+//#region src/cms/defineCollection.ts
+const KNOWN_FIELD_TYPES = new Set([
+	"text",
+	"select",
+	"number",
+	"date",
+	"richText",
+	"checkbox",
+	"relationship",
+	"array",
+	"upload",
+	"json",
+	"group"
+]);
+function validateField(slug, key, field) {
+	if (!KNOWN_FIELD_TYPES.has(field.type)) throw new CadmusCmsError(`Collection "${slug}" field "${key}" has unrecognized type "${field.type}"`);
+	if (field.type === "relationship" && !field.relationTo) throw new CadmusCmsError(`Collection "${slug}" field "${key}" is a relationship field and requires "relationTo"`);
+	if (field.type === "array" && Object.keys(field.fields ?? {}).length === 0) throw new CadmusCmsError(`Collection "${slug}" field "${key}" is an array field and must define at least one nested field`);
+	if (field.type === "group") {
+		const nestedEntries = Object.entries(field.fields ?? {});
+		if (nestedEntries.length === 0) throw new CadmusCmsError(`Collection "${slug}" field "${key}" is a group field and must define at least one nested field`);
+		for (const [nestedKey, nestedField] of nestedEntries) validateField(slug, `${key}.${nestedKey}`, nestedField);
+	}
+}
+function validateCollectionConfig(config) {
+	if (!config.slug || config.slug.trim().length === 0) throw new CadmusCmsError("Collection config requires a non-empty slug");
+	const fieldEntries = Object.entries(config.fields ?? {});
+	if (fieldEntries.length === 0) throw new CadmusCmsError(`Collection "${config.slug}" must define at least one field`);
+	for (const [key, field] of fieldEntries) validateField(config.slug, key, field);
+	const SEARCHABLE_FIELD_TYPES = new Set([
+		"text",
+		"richText",
+		"upload"
+	]);
+	for (const key of config.search?.fields ?? []) {
+		const field = config.fields[key];
+		if (!field) throw new CadmusCmsError(`Collection "${config.slug}" search.fields references unknown field "${key}"`);
+		if (!SEARCHABLE_FIELD_TYPES.has(field.type)) throw new CadmusCmsError(`Collection "${config.slug}" search.fields field "${key}" has type "${field.type}" — only "text", "richText", and "upload" fields can be indexed`);
+	}
+}
+function validateUniqueSlugs(collections) {
+	const seen = /* @__PURE__ */ new Set();
+	for (const collection of collections) {
+		if (seen.has(collection.slug)) throw new CadmusCmsError(`Duplicate collection slug "${collection.slug}" — collection slugs must be unique`);
+		seen.add(collection.slug);
+	}
+}
+function defineCollection(config) {
+	validateCollectionConfig(config);
+	return config;
+}
+function defineCmsConfig(config) {
+	let resolved = config;
+	for (const plugin of config.plugins ?? []) resolved = plugin(resolved);
+	for (const collection of resolved.collections) validateCollectionConfig(collection);
+	validateUniqueSlugs(resolved.collections);
+	return resolved;
+}
+//#endregion
+//#region src/cms/localApi.ts
+function validateRequiredFields(config, input) {
+	for (const [key, field] of Object.entries(flattenFields(config.fields))) {
+		const hasDefault = field.defaultValue !== void 0;
+		if (field.required && !hasDefault && input[key] === void 0) throw new CadmusCmsError(`Missing required field "${key}" for collection "${config.slug}"`);
+	}
+}
+function rejectUnknownFields(config, input) {
+	const flatFields = flattenFields(config.fields);
+	for (const key of Object.keys(input)) if (!(key in flatFields)) throw new CadmusCmsError(`Unknown field "${key}" for collection "${config.slug}"`);
+}
+function wrapWriteError(config, error) {
+	if (error instanceof CadmusCmsError) throw error;
+	if ((error instanceof Error ? error.message : String(error)).includes("UNIQUE constraint failed")) throw new CadmusCmsError(`Unique constraint violated for collection "${config.slug}"`, error);
+	throw new CadmusCmsError(`Write failed for collection "${config.slug}"`, error);
+}
+function notFound(config, id) {
+	throw new CadmusCmsError(`No "${config.slug}" document found with id ${id}`);
+}
+/**
+* Reads collection `slug`'s `LocalApi` out of `registry.apis` — the
+* accessor hook factories should use (see `CmsRegistry`'s doc comment for
+* the late-binding pattern this assumes) instead of indexing
+* `registry.apis` directly, so every caller gets the same clear error if
+* the registry wasn't built/populated correctly. `TContext` is a type-only
+* parameter (the registry itself is stored with `never` to stay variance-
+* safe across collections with different context shapes) — callers assert
+* the context type they expect, the same way `resolveRelationships`'s own
+* registry lookups do.
+*/
+function getRegisteredApi(registry, slug) {
+	const api = registry?.apis?.[slug];
+	if (!api) throw new CadmusCmsError(`No LocalApi registered for collection "${slug}" — pass a CmsRegistry whose "apis" map has been populated with every collection a hook needs to reach (see CmsRegistry's doc comment for the late-binding build order)`);
+	return api;
+}
+/**
+* Batch-resolves this collection's `hasMany: false` relationship fields
+* for an already-fetched page of `rows`, one query per relationship field
+* (not one query per row — the N+1 the `depth: 1` design note in types.ts
+* calls out avoiding). The related collection's `read` access fn is run
+* once per field against `context`, not once per row: there's a single
+* yes/no for "can this context read collection X", not a row-by-row
+* filter. When it rejects, the field is left as the bare id rather than
+* throwing — a denied relationship is an omission, not a failed request.
+* `hasMany: true` relationship fields are untouched (no column on this
+* table to resolve from — they live in a join table, out of scope here).
+*/
+async function resolveRelationships(db, config, rows, context, registry) {
+	const relationshipFields = Object.entries(config.fields).filter(([, field]) => field.type === "relationship" && !field.hasMany);
+	if (relationshipFields.length === 0) return rows;
+	if (!registry) throw new CadmusCmsError(`Collection "${config.slug}" requested depth: 1 but createLocalApi was not given a registry to resolve relationship fields against`);
+	let result = rows;
+	for (const [key, field] of relationshipFields) {
+		const relationTo = field.relationTo;
+		const relatedConfig = registry.configs[relationTo];
+		const relatedTable = registry.tables[relationTo];
+		if (!relatedConfig || !relatedTable) throw new CadmusCmsError(`Collection "${config.slug}" field "${key}" relates to unknown collection "${relationTo}" — not present in the registry`);
+		const readFn = relatedConfig.access?.read;
+		if (!(readFn ? await readFn(context) : true)) continue;
+		const ids = [...new Set(result.map((row) => row[key]).filter((id) => typeof id === "number"))];
+		if (ids.length === 0) continue;
+		const relatedRows = await db.select().from(relatedTable).where(inArray(relatedTable.id, ids));
+		const byId = new Map(relatedRows.map((row) => [row.id, row]));
+		result = result.map((row) => {
+			const id = row[key];
+			const related = typeof id === "number" ? byId.get(id) : void 0;
+			return related ? {
+				...row,
+				[key]: related
+			} : row;
+		});
+	}
+	return result;
+}
+/**
+* Non-throwing counterpart to `checkAccess` below, for UI code that wants
+* to hide/disable an action a context can't perform rather than let it
+* fail server-side after a click (see Phase 6 / issue #26's
+* `getPageCapabilities`). `checkAccess` calls through this same function
+* rather than duplicating the "no access fn = allowed" logic, so `can()`'s
+* answer and the real operation's enforcement can never disagree.
+*/
+async function can(config, operation, context) {
+	const fn = config.access?.[operation];
+	if (!fn) return true;
+	return await fn(context);
+}
+async function checkAccess(config, operation, context) {
+	if (await can(config, operation, context)) return;
+	throw new CadmusAccessDeniedError(`Access denied for "${operation}" on collection "${config.slug}"`);
+}
+async function runBeforeChange(config, data) {
+	let result = data;
+	for (const hook of config.hooks?.beforeChange ?? []) result = await hook({ data: result });
+	return result;
+}
+async function runAfterChange(config, doc, operation) {
+	for (const hook of config.hooks?.afterChange ?? []) await hook({
+		doc,
+		operation
+	});
+}
+async function runReadHooks(config, doc) {
+	let result = doc;
+	for (const hook of config.hooks?.beforeRead ?? []) result = await hook({ doc: result });
+	for (const hook of config.hooks?.afterRead ?? []) result = await hook({ doc: result });
+	return result;
+}
+function hasReadHooks(config) {
+	return Boolean(config.hooks?.beforeRead?.length || config.hooks?.afterRead?.length);
+}
+async function runBeforeDelete(config, id) {
+	for (const hook of config.hooks?.beforeDelete ?? []) await hook({ id });
+}
+async function runAfterDelete(config, id) {
+	for (const hook of config.hooks?.afterDelete ?? []) await hook({ id });
+}
+async function syncSearchIndex(db, config, doc) {
+	const fields = config.search?.fields;
+	if (!fields?.length) return;
+	const id = doc.id;
+	if (typeof id !== "number") return;
+	const fts = sql.identifier(collectionSearchTableName(config));
+	const columnList = sql.join(fields.map((key) => sql.identifier(key)), sql.raw(", "));
+	const values = extractSearchText(config, doc);
+	const valueList = sql.join(values.map((value) => sql`${value}`), sql.raw(", "));
+	await db.run(sql`DELETE FROM ${fts} WHERE rowid = ${id}`);
+	await db.run(sql`INSERT INTO ${fts} (rowid, ${columnList}) VALUES (${id}, ${valueList})`);
+}
+async function removeFromSearchIndex(db, config, id) {
+	if (!config.search?.fields.length) return;
+	const fts = sql.identifier(collectionSearchTableName(config));
+	await db.run(sql`DELETE FROM ${fts} WHERE rowid = ${id}`);
+}
+function createLocalApi(db, table, config, registry) {
+	const idColumn = table.id;
+	const hasGroupFields = Object.values(config.fields).some((field) => field.type === "group");
+	const toFlatDoc = (doc) => hasGroupFields ? flattenDoc(config.fields, doc) : doc;
+	const toNestedDoc = (row) => hasGroupFields ? nestDoc(config.fields, row) : row;
+	return {
+		async find(context, options) {
+			await checkAccess(config, "read", context);
+			if (options?.depth !== void 0 && options.depth !== 0 && options.depth !== 1) throw new CadmusCmsError(`Relationship resolution depth ${options.depth} is not supported for collection "${config.slug}" (only 0 and 1 are)`);
+			let query = db.select().from(table).where(options?.where).$dynamic();
+			if (options?.orderBy !== void 0) query = query.orderBy(...Array.isArray(options.orderBy) ? options.orderBy : [options.orderBy]);
+			if (options?.limit !== void 0) query = query.limit(options.limit);
+			if (options?.offset !== void 0) query = query.offset(options.offset);
+			const nestedRows = (await query).map((row) => toNestedDoc(row));
+			const afterHooks = hasReadHooks(config) ? await Promise.all(nestedRows.map((row) => runReadHooks(config, row))) : nestedRows;
+			return options?.depth === 1 ? await resolveRelationships(db, config, afterHooks, context, registry) : afterHooks;
+		},
+		async count(context, options) {
+			await checkAccess(config, "read", context);
+			const [row] = await db.select({ value: count() }).from(table).where(options?.where);
+			return row?.value ?? 0;
+		},
+		async findByID(context, id, options) {
+			await checkAccess(config, "read", context);
+			if (options?.depth !== void 0 && options.depth !== 0 && options.depth !== 1) throw new CadmusCmsError(`Relationship resolution depth ${options.depth} is not supported for collection "${config.slug}" (only 0 and 1 are)`);
+			const [row] = await db.select().from(table).where(eq(idColumn, id));
+			if (!row) notFound(config, id);
+			const nestedRow = toNestedDoc(row);
+			const afterHooks = hasReadHooks(config) ? await runReadHooks(config, nestedRow) : nestedRow;
+			return options?.depth === 1 ? (await resolveRelationships(db, config, [afterHooks], context, registry))[0] : afterHooks;
+		},
+		async search(context, query, options) {
+			await checkAccess(config, "read", context);
+			if (!config.search?.fields.length) throw new CadmusCmsError(`Collection "${config.slug}" has no "search" config — cannot run search()`);
+			const fts = sql.identifier(collectionSearchTableName(config));
+			const limit = options?.limit ?? 20;
+			return (await db.all(sql`
+        SELECT ${table}.* FROM ${fts}
+        JOIN ${table} ON ${idColumn} = ${fts}.rowid
+        WHERE ${fts} MATCH ${query}
+        ORDER BY rank
+        LIMIT ${limit}
+      `)).map((row) => toNestedDoc(row));
+		},
+		async create(context, input) {
+			await checkAccess(config, "create", context);
+			const flatData = toFlatDoc(await runBeforeChange(config, input));
+			validateRequiredFields(config, flatData);
+			rejectUnknownFields(config, flatData);
+			let row;
+			try {
+				const [inserted] = await db.insert(table).values(flatData).returning();
+				row = inserted;
+			} catch (error) {
+				wrapWriteError(config, error);
+			}
+			const doc = toNestedDoc(row);
+			await syncSearchIndex(db, config, doc);
+			await runAfterChange(config, doc, "create");
+			return doc;
+		},
+		async update(context, id, input) {
+			await checkAccess(config, "update", context);
+			const flatData = toFlatDoc(await runBeforeChange(config, input));
+			rejectUnknownFields(config, flatData);
+			let row;
+			try {
+				const [updated] = await db.update(table).set(flatData).where(eq(idColumn, id)).returning();
+				if (!updated) notFound(config, id);
+				row = updated;
+			} catch (error) {
+				wrapWriteError(config, error);
+			}
+			const doc = toNestedDoc(row);
+			await syncSearchIndex(db, config, doc);
+			await runAfterChange(config, doc, "update");
+			return doc;
+		},
+		async deleteByID(context, id) {
+			await checkAccess(config, "delete", context);
+			await runBeforeDelete(config, id);
+			const [rawRow] = await db.delete(table).where(eq(idColumn, id)).returning();
+			if (!rawRow) notFound(config, id);
+			const row = toNestedDoc(rawRow);
+			await removeFromSearchIndex(db, config, id);
+			await runAfterDelete(config, id);
+			return row;
+		}
+	};
+}
+function notFoundVersion(config, id) {
+	throw new CadmusCmsError(`No "${config.slug}" version found with id ${id}`);
+}
+function createVersionedLocalApi(db, table, versionsTable, config, registry) {
+	const base = createLocalApi(db, table, config, registry);
+	const idColumn = table.id;
+	const versionsIdColumn = versionsTable.id;
+	const versionsParentIdColumn = versionsTable.parentId;
+	return {
+		...base,
+		async findVersions(context, parentId) {
+			await checkAccess(config, "read", context);
+			return await db.select().from(versionsTable).where(eq(versionsParentIdColumn, parentId)).orderBy(desc(versionsIdColumn));
+		},
+		async saveDraft(context, id, input) {
+			await checkAccess(config, "update", context);
+			const [parent] = await db.select().from(table).where(eq(idColumn, id));
+			if (!parent) notFound(config, id);
+			const data = await runBeforeChange(config, input);
+			rejectUnknownFields(config, data);
+			const insertValues = {
+				parentId: id,
+				versionData: data,
+				status: "draft"
+			};
+			const [row] = await db.insert(versionsTable).values(insertValues).returning();
+			return row;
+		},
+		async publish(context, versionId) {
+			await checkAccess(config, "publish", context);
+			const [version] = await db.select().from(versionsTable).where(eq(versionsIdColumn, versionId));
+			if (!version) notFoundVersion(config, versionId);
+			const versionRecord = version;
+			const data = await runBeforeChange(config, versionRecord.versionData);
+			validateRequiredFields(config, data);
+			rejectUnknownFields(config, data);
+			const parentId = versionRecord.parentId;
+			let doc;
+			try {
+				const [row] = await db.update(table).set({
+					...data,
+					publishedVersionId: versionId
+				}).where(eq(idColumn, parentId)).returning();
+				if (!row) notFound(config, parentId);
+				doc = row;
+			} catch (error) {
+				wrapWriteError(config, error);
+			}
+			await db.update(versionsTable).set({ status: "published" }).where(eq(versionsIdColumn, versionId));
+			await syncSearchIndex(db, config, doc);
+			await runAfterChange(config, doc, "update");
+			return doc;
+		},
+		async unpublish(context, id) {
+			await checkAccess(config, "publish", context);
+			const [row] = await db.update(table).set({ publishedVersionId: null }).where(eq(idColumn, id)).returning();
+			if (!row) notFound(config, id);
+			return row;
+		}
+	};
+}
+//#endregion
+//#region src/cms/meta.ts
+function getCollectionsMeta(config) {
+	return config.collections.map((collection) => ({
+		slug: collection.slug,
+		fields: collection.fields,
+		searchable: Boolean(collection.search?.fields.length)
+	}));
+}
+//#endregion
+//#region src/cms/schema-gen.ts
+function toSnakeCase(value) {
+	return value.replace(/[A-Z]/g, (letter) => `_${letter.toLowerCase()}`);
+}
+function quote(value) {
+	return JSON.stringify(value);
+}
+function fieldToColumnSource(key, field, usedBuilders) {
+	const columnName = field.name ?? toSnakeCase(key);
+	switch (field.type) {
+		case "text":
+		case "upload": {
+			usedBuilders.add("text");
+			let source = `text(${quote(columnName)})`;
+			if (field.required) source += ".notNull()";
+			if (field.unique) source += ".unique()";
+			if (field.defaultValue !== void 0) source += `.default(${quote(field.defaultValue)})`;
+			return source;
+		}
+		case "richText":
+		case "array":
+		case "json": {
+			usedBuilders.add("text");
+			let source = `text(${quote(columnName)}, { mode: "json" }).$type<JsonValue>()`;
+			if (field.required) source += ".notNull()";
+			if (field.defaultValue !== void 0) source += `.default(${JSON.stringify(field.defaultValue)})`;
+			return source;
+		}
+		case "relationship": {
+			usedBuilders.add("integer");
+			let source = `integer(${quote(columnName)})`;
+			if (field.required) source += ".notNull()";
+			return source;
+		}
+		case "select": {
+			usedBuilders.add("text");
+			const options = field.options.map(quote).join(", ");
+			let source = `text(${quote(columnName)}, { enum: [${options}] })`;
+			if (field.required) source += ".notNull()";
+			if (field.defaultValue !== void 0) source += `.default(${quote(field.defaultValue)})`;
+			return source;
+		}
+		case "number": {
+			if (field.autoIncrement) {
+				usedBuilders.add("integer");
+				return `integer(${quote(columnName)}).primaryKey({ autoIncrement: true })`;
+			}
+			usedBuilders.add("real");
+			let source = `real(${quote(columnName)})`;
+			if (field.required) source += ".notNull()";
+			if (field.defaultValue !== void 0) source += `.default(${field.defaultValue})`;
+			return source;
+		}
+		case "date": {
+			usedBuilders.add("integer");
+			const mode = field.mode === "timestamp_ms" ? "timestamp_ms" : "timestamp";
+			let source = `integer(${quote(columnName)}, { mode: ${quote(mode)} })`;
+			if (field.required) source += ".notNull()";
+			if (field.defaultValue === "now") source += ".$defaultFn(() => new Date())";
+			else if (field.defaultValue instanceof Date) source += `.$defaultFn(() => new Date(${field.defaultValue.getTime()}))`;
+			return source;
+		}
+		default: throw new CadmusCmsError(`Field type "${field.type}" is not yet supported by cadmus/cms schema-gen`);
+	}
+}
+function collectionToTableSource(config, usedBuilders) {
+	const fieldLines = Object.entries(flattenFields(config.fields)).filter(([, field]) => !(field.type === "relationship" && field.hasMany)).map(([key, field]) => `  ${key}: ${fieldToColumnSource(key, field, usedBuilders)},`);
+	if (config.versions?.drafts) {
+		usedBuilders.add("integer");
+		fieldLines.push("  publishedVersionId: integer(\"published_version_id\"),");
+	}
+	return `export const ${config.slug} = sqliteTable(${quote(config.slug)}, {\n${fieldLines.join("\n")}\n});`;
+}
+function versionsTableSource(config, usedBuilders) {
+	usedBuilders.add("integer");
+	usedBuilders.add("text");
+	const tableName = `${config.slug}_versions`;
+	return `export const ${tableName} = sqliteTable(${quote(tableName)}, {\n  id: integer("id").primaryKey({ autoIncrement: true }),
+  parentId: integer("parent_id").notNull(),
+  versionData: text("version_data", { mode: "json" }).\$type<JsonValue>().notNull(),
+  status: text("status", { enum: ["draft", "published"] }).notNull(),
+  createdAt: integer("created_at", { mode: "timestamp" }).\$defaultFn(() => new Date()),
+});`;
+}
+function relationshipJoinTableSources(config, usedBuilders) {
+	const blocks = [];
+	for (const [key, field] of Object.entries(config.fields)) {
+		if (field.type !== "relationship" || !field.hasMany) continue;
+		usedBuilders.add("integer");
+		const tableName = `${config.slug}_${key}`;
+		const ownColumn = `${config.slug}_id`;
+		const relatedColumn = `${field.relationTo}_id`;
+		blocks.push(`export const ${tableName} = sqliteTable(${quote(tableName)}, {\n  ${ownColumn}: integer(${quote(ownColumn)}).notNull(),\n  ${relatedColumn}: integer(${quote(relatedColumn)}).notNull(),\n});`);
+	}
+	return blocks;
+}
+function generateSchemaSource(config) {
+	const usedBuilders = new Set(["sqliteTable"]);
+	const blocks = config.collections.flatMap((collection) => [
+		collectionToTableSource(collection, usedBuilders),
+		...relationshipJoinTableSources(collection, usedBuilders),
+		...collection.versions?.drafts ? [versionsTableSource(collection, usedBuilders)] : []
+	]);
+	const importList = [...usedBuilders].sort().join(", ");
+	return [
+		"// Generated by @thebes/cadmus/cms — do not hand-edit.",
+		"// Source: this app's CmsConfig (see defineCmsConfig).",
+		...blocks.some((block) => block.includes(".$type<JsonValue>()")) ? ["import type { JsonValue } from \"@thebes/cadmus/cms\";"] : [],
+		`import { ${importList} } from "drizzle-orm/sqlite-core";`,
+		"",
+		blocks.join("\n\n"),
+		""
+	].join("\n");
+}
+//#endregion
+//#region src/cms/webhooks.ts
+/**
+* Builds an `afterChange` hook that enqueues a `WebhookMessage` for every
+* matching write — append the result to a collection's
+* `hooks.afterChange` array. `queue` is whatever `Queue<WebhookMessage>`
+* binding the caller's Worker has configured for webhook dispatch (see
+* wrangler.jsonc's webhook queue producer binding).
+*/
+function createWebhookHook(queue, config) {
+	return async ({ doc, operation }) => {
+		if (config.events && !config.events.includes(operation)) return;
+		await enqueue(queue, {
+			url: config.url,
+			secret: config.secret,
+			event: operation,
+			doc,
+			timestamp: Date.now()
+		});
+	};
+}
+const BLOCKED_HOSTNAME_PATTERNS = [
+	/^localhost$/i,
+	/^127\./,
+	/^0\.0\.0\.0$/,
+	/^169\.254\./,
+	/^10\./,
+	/^172\.(1[6-9]|2\d|3[01])\./,
+	/^192\.168\./,
+	/^\[?::1\]?$/,
+	/^\[?fc/i,
+	/^\[?fd/i,
+	/^\[?fe80/i
+];
+function isAllowedWebhookUrl(url) {
+	let parsed;
+	try {
+		parsed = new URL(url);
+	} catch {
+		return false;
+	}
+	if (parsed.protocol !== "https:" && parsed.protocol !== "http:") return false;
+	return !BLOCKED_HOSTNAME_PATTERNS.some((pattern) => pattern.test(parsed.hostname));
+}
+async function hmacSha256Hex(payload, secret) {
+	const key = await crypto.subtle.importKey("raw", new TextEncoder().encode(secret), {
+		name: "HMAC",
+		hash: "SHA-256"
+	}, false, ["sign"]);
+	const signature = await crypto.subtle.sign("HMAC", key, new TextEncoder().encode(payload));
+	return Array.from(new Uint8Array(signature), (b) => b.toString(16).padStart(2, "0")).join("");
+}
+/**
+* Delivers a single `WebhookMessage` via `fetch()`. Throws
+* `CadmusQueueError` on any non-2xx response or network failure — meant
+* to be called from inside `processBatch`'s handler, where a thrown error
+* becomes a `message.retry()`.
+*/
+async function deliverWebhookMessage(message) {
+	if (!isAllowedWebhookUrl(message.url)) throw new CadmusQueueError(`Webhook URL "${message.url}" is not allowed (must be http(s) and not target a private/reserved/loopback address)`);
+	const body = JSON.stringify({
+		event: message.event,
+		doc: message.doc,
+		timestamp: message.timestamp
+	});
+	const headers = { "Content-Type": "application/json" };
+	if (message.secret) headers["X-Cadmus-Signature"] = await hmacSha256Hex(body, message.secret);
+	let response;
+	try {
+		response = await fetch(message.url, {
+			method: "POST",
+			headers,
+			body
+		});
+	} catch (cause) {
+		throw new CadmusQueueError(`Webhook delivery to "${message.url}" failed`, cause);
+	}
+	if (!response.ok) throw new CadmusQueueError(`Webhook delivery to "${message.url}" returned status ${response.status}`);
+}
+//#endregion
+export { can, cmsConfigToSchema, collectionSearchTableName, collectionSearchTableSQL, collectionToTable, collectionVersionsTable, createLocalApi, createVersionedLocalApi, createWebhookHook, defineCmsConfig, defineCollection, deliverWebhookMessage, extractSearchText, flattenDoc, flattenFields, generateSchemaSource, getCollectionsMeta, getRegisteredApi, nestDoc, relationshipJoinTables };
+
+//# sourceMappingURL=index.js.map