@trailmix-cms/cms 0.4.3 → 0.7.1

package/dist/collections/{file.collection.js → organization.collection.js}

@@ -12,18 +12,17 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.FileCollection = void 0;
+exports.OrganizationCollection = void 0;
 const mongodb_1 = require("mongodb");
 const common_1 = require("@nestjs/common");
-const zod_1 = require("zod");
 const db_1 = require("@trailmix-cms/db");
 const constants_1 = require("../constants");
-const collectionName = constants_1.CMSCollectionName.File;
-let FileCollection = class FileCollection extends db_1.AuditedCollection {
+const zod_1 = require("zod");
+const collectionName = constants_1.CMSCollectionName.Organization;
+let OrganizationCollection = class OrganizationCollection extends db_1.AuditedCollection {
     entitySchema;
     setup;
     config;
-    collection;
     databaseService;
     auditCollection;
     logger = new common_1.Logger(this.constructor.name);
@@ -33,27 +32,28 @@ let FileCollection = class FileCollection extends db_1.AuditedCollection {
         this.entitySchema = entitySchema;
         this.setup = setup;
         this.config = config;
-        this.collection = collection;
         this.databaseService = databaseService;
         this.auditCollection = auditCollection;
     }
     async onModuleInit() {
         this.logger.verbose(`creating custom indexes for collection_${collectionName}`);
         if (!this.config.disableDefaultIndexes) {
-            await this.collection.createIndex({ external_id: 1 });
-            await this.collection.createIndex({ guid: 1 }, { unique: true, sparse: true });
+            // await this.collection.createIndex({ name: 1 });
+        }
+        if (this.setup) {
+            await this.setup(this.collection);
         }
-        await this.setup(this.collection);
     }
 };
-exports.FileCollection = FileCollection;
-exports.FileCollection = FileCollection = __decorate([
+exports.OrganizationCollection = OrganizationCollection;
+exports.OrganizationCollection = OrganizationCollection = __decorate([
     (0, common_1.Injectable)(),
-    __param(0, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_FILE_SCHEMA)),
-    __param(1, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_FILE_SETUP)),
-    __param(2, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_FILE_CONFIG)),
+    __param(0, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.ORGANIZATION_SCHEMA)),
+    __param(1, (0, common_1.Optional)()),
+    __param(1, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.ORGANIZATION_SETUP)),
+    __param(2, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.ORGANIZATION_CONFIG)),
     __param(3, (0, db_1.DocumentCollection)(collectionName)),
-    __metadata("design:paramtypes", [zod_1.ZodType, Function, Object, mongodb_1.Collection,
+    __metadata("design:paramtypes", [zod_1.ZodType, Object, Object, mongodb_1.Collection,
         db_1.DatabaseService, db_1.Collections.AuditCollection])
-], FileCollection);
-//# sourceMappingURL=file.collection.js.map
+], OrganizationCollection);
+//# sourceMappingURL=organization.collection.js.map

package/dist/collections/organization.collection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"organization.collection.js","sourceRoot":"","sources":["../../src/collections/organization.collection.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,qCAA+D;AAC/D,2CAAoF;AACpF,yCAAuG;AACvG,4CAAmE;AAEnE,6BAA8B;AAI9B,MAAM,cAAc,GAAG,6BAAiB,CAAC,YAAY,CAAC;AAG/C,IAAM,sBAAsB,GAA5B,MAAM,sBAAkD,SAAQ,sBAAoB;IAKlB;IACW;IACX;IAE9C;IACA;IATN,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAC5C,cAAc,GAAG,cAAc,CAAC;IAEhD,YACqE,YAAkD,EACvC,KAA4D,EACvE,MAAwB,EACrD,UAAyB,EAC1C,eAAgC,EAChC,eAA4C;QAE/D,KAAK,CAAC,UAAU,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;QAPa,iBAAY,GAAZ,YAAY,CAAsC;QACvC,UAAK,GAAL,KAAK,CAAuD;QACvE,WAAM,GAAN,MAAM,CAAkB;QAEtE,oBAAe,GAAf,eAAe,CAAiB;QAChC,oBAAe,GAAf,eAAe,CAA6B;IAGnE,CAAC;IAED,KAAK,CAAC,YAAY;QACd,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0CAA0C,cAAc,EAAE,CAAC,CAAC;QAChF,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;YACrC,kDAAkD;QACtD,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACtC,CAAC;IACL,CAAC;CACJ,CAAA;AAxBY,wDAAsB;iCAAtB,sBAAsB;IADlC,IAAA,mBAAU,GAAE;IAMJ,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,mBAAmB,CAAC,CAAA;IAC5C,WAAA,IAAA,iBAAQ,GAAE,CAAA;IAAE,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,kBAAkB,CAAC,CAAA;IACvD,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,mBAAmB,CAAC,CAAA;IAC5C,WAAA,IAAA,uBAAkB,EAAC,cAAc,CAAC,CAAA;qCAH4C,aAAO,kBAGtC,oBAAU;QACtB,oBAAe,EACf,gBAAW,CAAC,eAAe;GAV1D,sBAAsB,CAwBlC"}

package/dist/collections/role.collection.d.ts

@@ -0,0 +1,32 @@
+import { Collection, ObjectId } from 'mongodb';
+import { OnModuleInit } from '@nestjs/common';
+import { DatabaseService, Collections, AuditedCollection } from '@trailmix-cms/db';
+import * as trailmixModels from '@trailmix-cms/models';
+type Record = trailmixModels.Role.Entity;
+export declare class RoleCollection extends AuditedCollection<Record> implements OnModuleInit {
+    protected readonly collection: Collection<Record>;
+    protected readonly databaseService: DatabaseService;
+    protected readonly auditCollection: Collections.AuditCollection;
+    private readonly logger;
+    readonly collectionName: "role";
+    readonly entitySchema: import("zod").ZodObject<{
+        _id: import("zod").ZodCodec<import("zod").ZodString, import("zod").ZodCustom<import("bson").ObjectId, import("bson").ObjectId>>;
+        created_at: import("zod").ZodCodec<import("zod").ZodISODateTime, import("zod").ZodDate>;
+        updated_at: import("zod").ZodOptional<import("zod").ZodCodec<import("zod").ZodISODateTime, import("zod").ZodDate>>;
+        type: import("zod").ZodEnum<{
+            organization: "organization";
+            global: "global";
+        }>;
+        principal_id: import("zod").ZodCodec<import("zod").ZodString, import("zod").ZodCustom<import("bson").ObjectId, import("bson").ObjectId>>;
+        principal_type: import("zod").ZodEnum<{
+            account: "account";
+            api_key: "api_key";
+        }>;
+        organization_id: import("zod").ZodOptional<import("zod").ZodCodec<import("zod").ZodString, import("zod").ZodCustom<import("bson").ObjectId, import("bson").ObjectId>>>;
+        role: import("zod").ZodString;
+    }, import("zod/v4/core").$strip>;
+    constructor(collection: Collection<Record>, databaseService: DatabaseService, auditCollection: Collections.AuditCollection);
+    onModuleInit(): Promise<void>;
+}
+export {};
+//# sourceMappingURL=role.collection.d.ts.map

package/dist/collections/role.collection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"role.collection.d.ts","sourceRoot":"","sources":["../../src/collections/role.collection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAsB,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAClE,OAAO,EAAsB,eAAe,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAEvG,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AAEvD,KAAK,MAAM,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC;AAGzC,qBACa,cAAe,SAAQ,iBAAiB,CAAC,MAAM,CAAE,YAAW,YAAY;IAO7E,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC;IACjD,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,eAAe;IACnD,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,WAAW,CAAC,eAAe;IARnE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,SAAgB,cAAc,SAAkB;IAChD,SAAgB,YAAY;;;;;;;;;;;;;;;qCAA8B;gBAInC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAC9B,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,WAAW,CAAC,eAAe;IAK7D,YAAY;CAcrB"}

package/dist/collections/role.collection.js

@@ -0,0 +1,90 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RoleCollection = void 0;
+const mongodb_1 = require("mongodb");
+const common_1 = require("@nestjs/common");
+const db_1 = require("@trailmix-cms/db");
+const constants_1 = require("../constants");
+const trailmixModels = __importStar(require("@trailmix-cms/models"));
+const collectionName = constants_1.CMSCollectionName.Role;
+let RoleCollection = class RoleCollection extends db_1.AuditedCollection {
+    collection;
+    databaseService;
+    auditCollection;
+    logger = new common_1.Logger(this.constructor.name);
+    collectionName = collectionName;
+    entitySchema = trailmixModels.Role.schema;
+    constructor(collection, databaseService, auditCollection) {
+        super(collection, databaseService, auditCollection);
+        this.collection = collection;
+        this.databaseService = databaseService;
+        this.auditCollection = auditCollection;
+    }
+    async onModuleInit() {
+        this.logger.verbose(`creating custom indexes for collection_${collectionName}`);
+        await this.collection.createIndex({ type: 1 });
+        // Index for finding roles by organization
+        await this.collection.createIndex({ type: 1, organization_id: 1 }, { sparse: true });
+        // Index for finding roles by principal
+        await this.collection.createIndex({ type: 1, principal_id: 1, principal_type: 1 });
+        // Index for finding specific role assignments
+        await this.collection.createIndex({ type: 1, principal_id: 1, principal_type: 1, organization_id: 1 }, { sparse: true });
+        // Unique index to prevent duplicate organization role assignments 
+        await this.collection.createIndex({ type: 1, principal_id: 1, principal_type: 1, organization_id: 1, role: 1 }, { unique: true, sparse: true });
+        // Index for finding roles by organization and role name
+        await this.collection.createIndex({ type: 1, organization_id: 1, role: 1 }, { sparse: true });
+    }
+};
+exports.RoleCollection = RoleCollection;
+exports.RoleCollection = RoleCollection = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, db_1.DocumentCollection)(collectionName)),
+    __metadata("design:paramtypes", [mongodb_1.Collection,
+        db_1.DatabaseService, db_1.Collections.AuditCollection])
+], RoleCollection);
+//# sourceMappingURL=role.collection.js.map

package/dist/collections/role.collection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"role.collection.js","sourceRoot":"","sources":["../../src/collections/role.collection.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAA+C;AAC/C,2CAAkE;AAClE,yCAAuG;AACvG,4CAAiD;AACjD,qEAAuD;AAGvD,MAAM,cAAc,GAAG,6BAAiB,CAAC,IAAI,CAAC;AAGvC,IAAM,cAAc,GAApB,MAAM,cAAe,SAAQ,sBAAyB;IAOlC;IACA;IACA;IARN,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAC5C,cAAc,GAAG,cAAc,CAAC;IAChC,YAAY,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC;IAE1D,YAEuB,UAA8B,EAC9B,eAAgC,EAChC,eAA4C;QAE/D,KAAK,CAAC,UAAU,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;QAJjC,eAAU,GAAV,UAAU,CAAoB;QAC9B,oBAAe,GAAf,eAAe,CAAiB;QAChC,oBAAe,GAAf,eAAe,CAA6B;IAGnE,CAAC;IAED,KAAK,CAAC,YAAY;QACd,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0CAA0C,cAAc,EAAE,CAAC,CAAC;QAChF,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;QAC/C,0CAA0C;QAC1C,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QACrF,uCAAuC;QACvC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,cAAc,EAAE,CAAC,EAAE,CAAC,CAAC;QACnF,8CAA8C;QAC9C,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,cAAc,EAAE,CAAC,EAAE,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QACzH,mEAAmE;QACnE,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,cAAc,EAAE,CAAC,EAAE,eAAe,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QAChJ,wDAAwD;QACxD,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,eAAe,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAClG,CAAC;CACJ,CAAA;AA5BY,wCAAc;yBAAd,cAAc;IAD1B,IAAA,mBAAU,GAAE;IAOJ,WAAA,IAAA,uBAAkB,EAAC,cAAc,CAAC,CAAA;qCACJ,oBAAU;QACL,oBAAe,EACf,gBAAW,CAAC,eAAe;GAT1D,cAAc,CA4B1B"}

package/dist/collections/security-audit.collection.d.ts

@@ -0,0 +1,30 @@
+import { Collection } from 'mongodb';
+import { OnModuleInit } from '@nestjs/common';
+import { DatabaseService, BaseCollection } from '@trailmix-cms/db';
+import * as trailmixModels from '@trailmix-cms/models';
+type Record = trailmixModels.SecurityAudit.Entity;
+export declare class SecurityAuditCollection extends BaseCollection<Record> implements OnModuleInit {
+    protected readonly collection: Collection<Record>;
+    protected readonly databaseService: DatabaseService;
+    private readonly logger;
+    readonly collectionName: "security-audit";
+    readonly entitySchema: import("zod").ZodObject<{
+        _id: import("zod").ZodCodec<import("zod").ZodString, import("zod").ZodCustom<import("bson").ObjectId, import("bson").ObjectId>>;
+        created_at: import("zod").ZodCodec<import("zod").ZodISODateTime, import("zod").ZodDate>;
+        updated_at: import("zod").ZodOptional<import("zod").ZodCodec<import("zod").ZodISODateTime, import("zod").ZodDate>>;
+        event_type: import("zod").ZodEnum<{
+            unauthorized_access: "unauthorized_access";
+        }>;
+        principal_id: import("zod").ZodCodec<import("zod").ZodString, import("zod").ZodCustom<import("bson").ObjectId, import("bson").ObjectId>>;
+        principal_type: import("zod").ZodEnum<{
+            account: "account";
+            api_key: "api_key";
+        }>;
+        message: import("zod").ZodOptional<import("zod").ZodString>;
+        source: import("zod").ZodOptional<import("zod").ZodString>;
+    }, import("zod/v4/core").$strip>;
+    constructor(collection: Collection<Record>, databaseService: DatabaseService);
+    onModuleInit(): Promise<void>;
+}
+export {};
+//# sourceMappingURL=security-audit.collection.d.ts.map

package/dist/collections/security-audit.collection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-audit.collection.d.ts","sourceRoot":"","sources":["../../src/collections/security-audit.collection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAsB,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAClE,OAAO,EAAsB,eAAe,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvF,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AAEvD,KAAK,MAAM,GAAG,cAAc,CAAC,aAAa,CAAC,MAAM,CAAC;AAGlD,qBACa,uBAAwB,SAAQ,cAAc,CAAC,MAAM,CAAE,YAAW,YAAY;IAOnF,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC;IACjD,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,eAAe;IAPvD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,SAAgB,cAAc,mBAAkB;IAChD,SAAgB,YAAY;;;;;;;;;;;;;;qCAAuC;gBAI5C,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAC9B,eAAe,EAAE,eAAe;IAKjD,YAAY;CAKrB"}

package/dist/collections/security-audit.collection.js

@@ -0,0 +1,79 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecurityAuditCollection = void 0;
+const mongodb_1 = require("mongodb");
+const common_1 = require("@nestjs/common");
+const db_1 = require("@trailmix-cms/db");
+const constants_1 = require("../constants");
+const trailmixModels = __importStar(require("@trailmix-cms/models"));
+const collectionName = constants_1.CMSCollectionName.SecurityAudit;
+let SecurityAuditCollection = class SecurityAuditCollection extends db_1.BaseCollection {
+    collection;
+    databaseService;
+    logger = new common_1.Logger(this.constructor.name);
+    collectionName = collectionName;
+    entitySchema = trailmixModels.SecurityAudit.schema;
+    constructor(collection, databaseService) {
+        super(collection, databaseService);
+        this.collection = collection;
+        this.databaseService = databaseService;
+    }
+    async onModuleInit() {
+        this.logger.verbose(`creating custom indexes for collection_${collectionName}`);
+        await this.collection.createIndex({ principal_id: 1, principal_type: 1, created_at: -1 });
+        await this.collection.createIndex({ event_type: 1, created_at: -1 });
+    }
+};
+exports.SecurityAuditCollection = SecurityAuditCollection;
+exports.SecurityAuditCollection = SecurityAuditCollection = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, db_1.DocumentCollection)(collectionName)),
+    __metadata("design:paramtypes", [mongodb_1.Collection,
+        db_1.DatabaseService])
+], SecurityAuditCollection);
+//# sourceMappingURL=security-audit.collection.js.map

package/dist/collections/security-audit.collection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-audit.collection.js","sourceRoot":"","sources":["../../src/collections/security-audit.collection.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAqC;AACrC,2CAAkE;AAClE,yCAAuF;AACvF,4CAAiD;AACjD,qEAAuD;AAGvD,MAAM,cAAc,GAAG,6BAAiB,CAAC,aAAa,CAAC;AAGhD,IAAM,uBAAuB,GAA7B,MAAM,uBAAwB,SAAQ,mBAAsB;IAOxC;IACA;IAPN,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAC5C,cAAc,GAAG,cAAc,CAAC;IAChC,YAAY,GAAG,cAAc,CAAC,aAAa,CAAC,MAAM,CAAC;IAEnE,YAEuB,UAA8B,EAC9B,eAAgC;QAEnD,KAAK,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;QAHhB,eAAU,GAAV,UAAU,CAAoB;QAC9B,oBAAe,GAAf,eAAe,CAAiB;IAGvD,CAAC;IAED,KAAK,CAAC,YAAY;QACd,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0CAA0C,cAAc,EAAE,CAAC,CAAC;QAChF,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,cAAc,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QAC1F,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IACzE,CAAC;CACJ,CAAA;AAlBY,0DAAuB;kCAAvB,uBAAuB;IADnC,IAAA,mBAAU,GAAE;IAOJ,WAAA,IAAA,uBAAkB,EAAC,cAAc,CAAC,CAAA;qCACJ,oBAAU;QACL,oBAAe;GAR9C,uBAAuB,CAkBnC"}

package/dist/constants/cms-collection-names.d.ts

@@ -1,7 +1,9 @@
 export declare const CMSCollectionName: {
+    readonly Organization: "organization";
+    readonly Role: "role";
+    readonly ApiKey: "api-key";
+    readonly SecurityAudit: "security-audit";
     readonly Account: "account";
-    readonly File: "file";
-    readonly Text: "text";
 };
 export type CMSCollectionName = typeof CMSCollectionName[keyof typeof CMSCollectionName];
 //# sourceMappingURL=cms-collection-names.d.ts.map

package/dist/constants/cms-collection-names.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cms-collection-names.d.ts","sourceRoot":"","sources":["../../src/constants/cms-collection-names.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,iBAAiB;;;;CAIpB,CAAC;AAEX,MAAM,MAAM,iBAAiB,GAAG,OAAO,iBAAiB,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC"}
+{"version":3,"file":"cms-collection-names.d.ts","sourceRoot":"","sources":["../../src/constants/cms-collection-names.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,iBAAiB;;;;;;CAMpB,CAAC;AAEX,MAAM,MAAM,iBAAiB,GAAG,OAAO,iBAAiB,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC"}

package/dist/constants/cms-collection-names.js

@@ -2,8 +2,10 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CMSCollectionName = void 0;
 exports.CMSCollectionName = {
+    Organization: 'organization',
+    Role: 'role',
+    ApiKey: 'api-key',
+    SecurityAudit: 'security-audit',
     Account: 'account',
-    File: 'file',
-    Text: 'text',
 };
 //# sourceMappingURL=cms-collection-names.js.map

package/dist/constants/cms-collection-names.js.map

@@ -1 +1 @@
-{"version":3,"file":"cms-collection-names.js","sourceRoot":"","sources":["../../src/constants/cms-collection-names.ts"],"names":[],"mappings":";;;AAAa,QAAA,iBAAiB,GAAG;IAC7B,OAAO,EAAE,SAAS;IAClB,IAAI,EAAE,MAAM;IACZ,IAAI,EAAE,MAAM;CACN,CAAC"}
+{"version":3,"file":"cms-collection-names.js","sourceRoot":"","sources":["../../src/constants/cms-collection-names.ts"],"names":[],"mappings":";;;AAAa,QAAA,iBAAiB,GAAG;IAC7B,YAAY,EAAE,cAAc;IAC5B,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,SAAS;IACjB,aAAa,EAAE,gBAAgB;IAC/B,OAAO,EAAE,SAAS;CACZ,CAAC"}

package/dist/constants/provider-symbols.d.ts

@@ -1,15 +1,13 @@
 export declare const PROVIDER_SYMBOLS: {
-    readonly TRAILMIXCMS_CMS_ACCOUNT_CONFIG: "TRAILMIXCMS_CMS_ACCOUNT_CONFIG";
-    readonly TRAILMIXCMS_CMS_ACCOUNT_SCHEMA: "TRAILMIXCMS_CMS_ACCOUNT_SCHEMA";
-    readonly TRAILMIXCMS_CMS_ACCOUNT_SETUP: "TRAILMIXCMS_CMS_ACCOUNT_SETUP";
-    readonly TRAILMIXCMS_CMS_ACCOUNT_DTO_SCHEMA: "TRAILMIXCMS_CMS_ACCOUNT_DTO_SCHEMA";
-    readonly TRAILMIXCMS_CMS_ACCOUNT_MAP_ENTITY: "TRAILMIXCMS_CMS_ACCOUNT_MAP_ENTITY";
-    readonly TRAILMIXCMS_CMS_FILE_CONFIG: "TRAILMIXCMS_CMS_FILE_CONFIG";
-    readonly TRAILMIXCMS_CMS_FILE_SCHEMA: "TRAILMIXCMS_CMS_FILE_SCHEMA";
-    readonly TRAILMIXCMS_CMS_FILE_SETUP: "TRAILMIXCMS_CMS_FILE_SETUP";
-    readonly TRAILMIXCMS_CMS_TEXT_CONFIG: "TRAILMIXCMS_CMS_TEXT_CONFIG";
-    readonly TRAILMIXCMS_CMS_TEXT_SCHEMA: "TRAILMIXCMS_CMS_TEXT_SCHEMA";
-    readonly TRAILMIXCMS_CMS_TEXT_SETUP: "TRAILMIXCMS_CMS_TEXT_SETUP";
-    readonly TRAILMIXCMS_CMS_AUTH_GUARD_HOOK: "TRAILMIXCMS_CMS_AUTH_GUARD_HOOK";
+    readonly ACCOUNT_CONFIG: "TRAILMIXCMS_CMS_ACCOUNT_CONFIG";
+    readonly ACCOUNT_SCHEMA: "TRAILMIXCMS_CMS_ACCOUNT_SCHEMA";
+    readonly ACCOUNT_SETUP: "TRAILMIXCMS_CMS_ACCOUNT_SETUP";
+    readonly ACCOUNT_MAP_ENTITY: "TRAILMIXCMS_CMS_ACCOUNT_MAP_ENTITY";
+    readonly ORGANIZATION_CONFIG: "TRAILMIXCMS_CMS_ORGANIZATION_CONFIG";
+    readonly ORGANIZATION_SCHEMA: "TRAILMIXCMS_CMS_ORGANIZATION_SCHEMA";
+    readonly ORGANIZATION_SETUP: "TRAILMIXCMS_CMS_ORGANIZATION_SETUP";
+    readonly ORGANIZATION_MAP_ENTITY: "TRAILMIXCMS_CMS_ORGANIZATION_MAP_ENTITY";
+    readonly AUTH_GUARD_HOOK: "TRAILMIXCMS_CMS_AUTH_GUARD_HOOK";
+    readonly ORGANIZATION_DELETE_HOOK: "TRAILMIXCMS_CMS_ORGANIZATION_DELETE_HOOK";
 };
 //# sourceMappingURL=provider-symbols.d.ts.map

package/dist/constants/provider-symbols.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"provider-symbols.d.ts","sourceRoot":"","sources":["../../src/constants/provider-symbols.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;CAanB,CAAC"}
+{"version":3,"file":"provider-symbols.d.ts","sourceRoot":"","sources":["../../src/constants/provider-symbols.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,gBAAgB;;;;;;;;;;;CAanB,CAAC"}

package/dist/constants/provider-symbols.js

@@ -2,17 +2,15 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PROVIDER_SYMBOLS = void 0;
 exports.PROVIDER_SYMBOLS = {
-    TRAILMIXCMS_CMS_ACCOUNT_CONFIG: 'TRAILMIXCMS_CMS_ACCOUNT_CONFIG',
-    TRAILMIXCMS_CMS_ACCOUNT_SCHEMA: 'TRAILMIXCMS_CMS_ACCOUNT_SCHEMA',
-    TRAILMIXCMS_CMS_ACCOUNT_SETUP: 'TRAILMIXCMS_CMS_ACCOUNT_SETUP',
-    TRAILMIXCMS_CMS_ACCOUNT_DTO_SCHEMA: 'TRAILMIXCMS_CMS_ACCOUNT_DTO_SCHEMA',
-    TRAILMIXCMS_CMS_ACCOUNT_MAP_ENTITY: 'TRAILMIXCMS_CMS_ACCOUNT_MAP_ENTITY',
-    TRAILMIXCMS_CMS_FILE_CONFIG: 'TRAILMIXCMS_CMS_FILE_CONFIG',
-    TRAILMIXCMS_CMS_FILE_SCHEMA: 'TRAILMIXCMS_CMS_FILE_SCHEMA',
-    TRAILMIXCMS_CMS_FILE_SETUP: 'TRAILMIXCMS_CMS_FILE_SETUP',
-    TRAILMIXCMS_CMS_TEXT_CONFIG: 'TRAILMIXCMS_CMS_TEXT_CONFIG',
-    TRAILMIXCMS_CMS_TEXT_SCHEMA: 'TRAILMIXCMS_CMS_TEXT_SCHEMA',
-    TRAILMIXCMS_CMS_TEXT_SETUP: 'TRAILMIXCMS_CMS_TEXT_SETUP',
-    TRAILMIXCMS_CMS_AUTH_GUARD_HOOK: 'TRAILMIXCMS_CMS_AUTH_GUARD_HOOK',
+    ACCOUNT_CONFIG: 'TRAILMIXCMS_CMS_ACCOUNT_CONFIG',
+    ACCOUNT_SCHEMA: 'TRAILMIXCMS_CMS_ACCOUNT_SCHEMA',
+    ACCOUNT_SETUP: 'TRAILMIXCMS_CMS_ACCOUNT_SETUP',
+    ACCOUNT_MAP_ENTITY: 'TRAILMIXCMS_CMS_ACCOUNT_MAP_ENTITY',
+    ORGANIZATION_CONFIG: 'TRAILMIXCMS_CMS_ORGANIZATION_CONFIG',
+    ORGANIZATION_SCHEMA: 'TRAILMIXCMS_CMS_ORGANIZATION_SCHEMA',
+    ORGANIZATION_SETUP: 'TRAILMIXCMS_CMS_ORGANIZATION_SETUP',
+    ORGANIZATION_MAP_ENTITY: 'TRAILMIXCMS_CMS_ORGANIZATION_MAP_ENTITY',
+    AUTH_GUARD_HOOK: 'TRAILMIXCMS_CMS_AUTH_GUARD_HOOK',
+    ORGANIZATION_DELETE_HOOK: 'TRAILMIXCMS_CMS_ORGANIZATION_DELETE_HOOK',
 };
 //# sourceMappingURL=provider-symbols.js.map

package/dist/constants/provider-symbols.js.map

@@ -1 +1 @@
-{"version":3,"file":"provider-symbols.js","sourceRoot":"","sources":["../../src/constants/provider-symbols.ts"],"names":[],"mappings":";;;AAAa,QAAA,gBAAgB,GAAG;IAC5B,8BAA8B,EAAE,gCAAgC;IAChE,8BAA8B,EAAE,gCAAgC;IAChE,6BAA6B,EAAE,+BAA+B;IAC9D,kCAAkC,EAAE,oCAAoC;IACxE,kCAAkC,EAAE,oCAAoC;IACxE,2BAA2B,EAAE,6BAA6B;IAC1D,2BAA2B,EAAE,6BAA6B;IAC1D,0BAA0B,EAAE,4BAA4B;IACxD,2BAA2B,EAAE,6BAA6B;IAC1D,2BAA2B,EAAE,6BAA6B;IAC1D,0BAA0B,EAAE,4BAA4B;IACxD,+BAA+B,EAAE,iCAAiC;CAC5D,CAAC"}
+{"version":3,"file":"provider-symbols.js","sourceRoot":"","sources":["../../src/constants/provider-symbols.ts"],"names":[],"mappings":";;;AAAa,QAAA,gBAAgB,GAAG;IAC5B,cAAc,EAAE,gCAAgC;IAChD,cAAc,EAAE,gCAAgC;IAChD,aAAa,EAAE,+BAA+B;IAC9C,kBAAkB,EAAE,oCAAoC;IAExD,mBAAmB,EAAE,qCAAqC;IAC1D,mBAAmB,EAAE,qCAAqC;IAC1D,kBAAkB,EAAE,oCAAoC;IACxD,uBAAuB,EAAE,yCAAyC;IAElE,eAAe,EAAE,iCAAiC;IAClD,wBAAwB,EAAE,0CAA0C;CAC9D,CAAC"}

package/dist/controllers/account.controller.d.ts

@@ -1,10 +1,15 @@
 import { Logger } from '@nestjs/common';
 import * as models from '@trailmix-cms/models';
+import { type RequestPrincipal } from '../types';
+import * as dto from '../dto/account.dto';
+import { GlobalRoleService } from '../services';
 export declare function buildAccountController<AccountEntity extends models.Account.Entity = models.Account.Entity, AccountDtoEntity = AccountEntity>(accountDto?: any): {
-    new (accountMapEntity: (entity: AccountEntity) => AccountDtoEntity): {
+    new (accountMapEntity: (entity: AccountEntity) => AccountDtoEntity, globalRoleService: GlobalRoleService): {
         readonly logger: Logger;
         readonly accountMapEntity: (entity: AccountEntity) => AccountDtoEntity;
-        info(account: AccountEntity): Promise<AccountDtoEntity>;
+        readonly globalRoleService: GlobalRoleService;
+        info(principal: RequestPrincipal): Promise<AccountDtoEntity>;
+        getGlobalRoles(principal: RequestPrincipal): Promise<dto.AccountGlobalRoleListResponseDto>;
     };
 };
 export declare const AccountController: {
@@ -12,42 +17,33 @@ export declare const AccountController: {
         _id: import("bson").ObjectId;
         created_at: Date;
         user_id: string;
-        roles: string[];
         updated_at?: Date | undefined;
     }) => {
         _id: import("bson").ObjectId;
         created_at: Date;
         user_id: string;
-        roles: string[];
         updated_at?: Date | undefined;
-    }): {
+    }, globalRoleService: GlobalRoleService): {
         readonly logger: Logger;
         readonly accountMapEntity: (entity: {
             _id: import("bson").ObjectId;
             created_at: Date;
             user_id: string;
-            roles: string[];
             updated_at?: Date | undefined;
         }) => {
             _id: import("bson").ObjectId;
             created_at: Date;
             user_id: string;
-            roles: string[];
             updated_at?: Date | undefined;
         };
-        info(account: {
+        readonly globalRoleService: GlobalRoleService;
+        info(principal: RequestPrincipal): Promise<{
             _id: import("bson").ObjectId;
             created_at: Date;
             user_id: string;
-            roles: string[];
-            updated_at?: Date | undefined;
-        }): Promise<{
-            _id: import("bson").ObjectId;
-            created_at: Date;
-            user_id: string;
-            roles: string[];
             updated_at?: Date | undefined;
         }>;
+        getGlobalRoles(principal: RequestPrincipal): Promise<dto.AccountGlobalRoleListResponseDto>;
     };
 };
 //# sourceMappingURL=account.controller.d.ts.map

package/dist/controllers/account.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account.controller.d.ts","sourceRoot":"","sources":["../../src/controllers/account.controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAA2B,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAEjE,OAAO,KAAK,MAAM,MAAM,sBAAsB,CAAC;AAO/C,wBAAgB,sBAAsB,CAClC,aAAa,SAAS,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,EACnE,gBAAgB,GAAG,aAAa,EAClC,UAAU,GAAE,GAAwC;2BAQ8C,CAAC,MAAM,EAAE,aAAa,KAAK,gBAAgB;;mCAA3C,CAAC,MAAM,EAAE,aAAa,KAAK,gBAAgB;sBAMjG,aAAa,GAAG,OAAO,CAAC,gBAAgB,CAAC;;EAOtF;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAA2B,CAAC"}
+{"version":3,"file":"account.controller.d.ts","sourceRoot":"","sources":["../../src/controllers/account.controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAA2B,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAGjE,OAAO,KAAK,MAAM,MAAM,sBAAsB,CAAC;AAI/C,OAAO,EAAE,KAAK,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACjD,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAEhD,wBAAgB,sBAAsB,CAClC,aAAa,SAAS,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,EACnE,gBAAgB,GAAG,aAAa,EAClC,UAAU,GAAE,GAAyC;2BAQ6B,CAAC,MAAM,EAAE,aAAa,KAAK,gBAAgB,qBACvF,iBAAiB;;mCAD2B,CAAC,MAAM,EAAE,aAAa,KAAK,gBAAgB;oCACvF,iBAAiB;wBAMP,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;kCAUnD,gBAAgB,GAChD,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC;;EAavD;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;0BAhCU,iBAAiB;;;;;;;;;;;;;oCAAjB,iBAAiB;wBAMP,gBAAgB;;;;;;kCAUvB,gBAAgB,GAChD,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC;;CAeC,CAAC"}

package/dist/controllers/account.controller.js

@@ -1,10 +1,43 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
 var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
     var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
     if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
     else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
     return c > 3 && r && Object.defineProperty(target, key, r), r;
 };
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __metadata = (this && this.__metadata) || function (k, v) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
@@ -15,41 +48,64 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AccountController = void 0;
 exports.buildAccountController = buildAccountController;
 const common_1 = require("@nestjs/common");
+const nestjs_zod_1 = require("nestjs-zod");
 const swagger_1 = require("@nestjs/swagger");
-const auth_decorator_1 = require("../decorators/auth.decorator");
+const models = __importStar(require("@trailmix-cms/models"));
+const decorators_1 = require("../decorators");
 const provider_symbols_1 = require("../constants/provider-symbols");
-const account_decorator_1 = require("../decorators/account.decorator");
-const models_1 = require("@trailmix-cms/models");
-const nestjs_zod_1 = require("nestjs-zod");
-function buildAccountController(accountDto = (0, nestjs_zod_1.createZodDto)(models_1.Account.entitySchema)) {
+const dto = __importStar(require("../dto/account.dto"));
+const services_1 = require("../services");
+function buildAccountController(accountDto = (0, nestjs_zod_1.createZodDto)(models.Account.schema)) {
     var AccountController_1;
     let AccountController = AccountController_1 = class AccountController {
         accountMapEntity;
+        globalRoleService;
         logger = new common_1.Logger(AccountController_1.name);
-        constructor(accountMapEntity) {
+        constructor(accountMapEntity, globalRoleService) {
             this.accountMapEntity = accountMapEntity;
+            this.globalRoleService = globalRoleService;
         }
-        async info(account) {
+        async info(principal) {
             this.logger.log('info');
-            this.logger.log(account);
-            return this.accountMapEntity(account);
+            this.logger.log(principal);
+            return this.accountMapEntity(principal.entity);
+        }
+        async getGlobalRoles(principal) {
+            this.logger.log('getGlobalRoles');
+            const roles = await this.globalRoleService.find({
+                principal_id: principal.entity._id,
+                principal_type: principal.principal_type,
+            });
+            return {
+                items: roles,
+                count: roles.length,
+            };
         }
     };
     __decorate([
         (0, common_1.Get)(),
         (0, swagger_1.ApiOperation)({ summary: 'Get account info' }),
         (0, swagger_1.ApiOkResponse)({ description: 'Account info.', type: accountDto }),
-        __param(0, (0, account_decorator_1.AccountContext)()),
+        __param(0, (0, decorators_1.PrincipalContext)()),
         __metadata("design:type", Function),
         __metadata("design:paramtypes", [Object]),
         __metadata("design:returntype", Promise)
     ], AccountController.prototype, "info", null);
+    __decorate([
+        (0, common_1.Get)('global-roles'),
+        (0, swagger_1.ApiOperation)({ summary: 'Get global roles for the current account' }),
+        (0, swagger_1.ApiOkResponse)({ description: 'Global roles for the account.', type: dto.AccountGlobalRoleListResponseDto }),
+        __param(0, (0, decorators_1.PrincipalContext)()),
+        __metadata("design:type", Function),
+        __metadata("design:paramtypes", [Object]),
+        __metadata("design:returntype", Promise)
+    ], AccountController.prototype, "getGlobalRoles", null);
     AccountController = AccountController_1 = __decorate([
-        (0, auth_decorator_1.Auth)(),
+        (0, decorators_1.Auth)({ principalTypes: [models.Principal.Account] }),
         (0, swagger_1.ApiTags)('account'),
         (0, common_1.Controller)('account'),
-        __param(0, (0, common_1.Inject)(provider_symbols_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_ACCOUNT_MAP_ENTITY)),
-        __metadata("design:paramtypes", [Function])
+        __param(0, (0, common_1.Inject)(provider_symbols_1.PROVIDER_SYMBOLS.ACCOUNT_MAP_ENTITY)),
+        __metadata("design:paramtypes", [Function, services_1.GlobalRoleService])
     ], AccountController);
     return AccountController;
 }