@trailmix-cms/cms 0.4.4 → 0.7.1

package/dist/auth.guard.d.ts

@@ -1,24 +1,16 @@
 import { Reflector } from '@nestjs/core';
 import { CanActivate, ExecutionContext } from '@nestjs/common';
-import { Account } from '@trailmix-cms/models';
-import { ConfigService } from '@nestjs/config';
-import { AppConfig } from './config';
-import { AccountService } from './services/account.service';
-import { AuthGuardHook } from './auth-guard-hook';
+import { AuthService } from './services/auth.service';
+import { type RequestPrincipal } from './types';
 declare module 'fastify' {
     interface FastifyRequest {
-        account?: Account.Entity;
+        principal: RequestPrincipal;
     }
 }
 export declare class AuthGuard implements CanActivate {
     private reflector;
-    private accountService;
-    private configService;
-    private authGuardHook?;
-    private readonly logger;
-    private readonly clerkClient;
-    constructor(reflector: Reflector, accountService: AccountService, configService: ConfigService<AppConfig>, authGuardHook?: AuthGuardHook | undefined);
+    private authService;
+    constructor(reflector: Reflector, authService: AuthService);
     canActivate(context: ExecutionContext): Promise<boolean>;
-    private getAccount;
 }
 //# sourceMappingURL=auth.guard.d.ts.map

package/dist/auth.guard.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../src/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAAqG,MAAM,gBAAgB,CAAC;AAG9K,OAAO,EAAE,OAAO,EAAQ,MAAM,sBAAsB,CAAC;AAErD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAE/C,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD,OAAO,QAAQ,SAAS,CAAC;IACrB,UAAU,cAAc;QACpB,OAAO,CAAC,EAAE,OAAO,CAAC,MAAM,CAAA;KAC3B;CACJ;AAED,qBACa,SAAU,YAAW,WAAW;IAKrC,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,aAAa;IACiD,OAAO,CAAC,aAAa,CAAC;IAPhG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA8B;IACrD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;gBAG9B,SAAS,EAAE,SAAS,EACpB,cAAc,EAAE,cAAc,EAC9B,aAAa,EAAE,aAAa,CAAC,SAAS,CAAC,EAC+B,aAAa,CAAC,EAAE,aAAa,YAAA;IAOzG,WAAW,CACb,OAAO,EAAE,gBAAgB,GAC1B,OAAO,CAAC,OAAO,CAAC;YA2CL,UAAU;CAoD3B"}
+{"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../src/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAA2E,MAAM,gBAAgB,CAAC;AAIpJ,OAAO,EAAc,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,KAAK,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAEhD,OAAO,QAAQ,SAAS,CAAC;IACrB,UAAU,cAAc;QACpB,SAAS,EAAE,gBAAgB,CAAA;KAC9B;CACJ;AAED,qBACa,SAAU,YAAW,WAAW;IAErC,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,WAAW;gBADX,SAAS,EAAE,SAAS,EACpB,WAAW,EAAE,WAAW;IAG9B,WAAW,CACb,OAAO,EAAE,gBAAgB,GAC1B,OAAO,CAAC,OAAO,CAAC;CAyCtB"}

package/dist/auth.guard.js

@@ -8,38 +8,21 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 var __metadata = (this && this.__metadata) || function (k, v) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-var AuthGuard_1;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthGuard = void 0;
 const core_1 = require("@nestjs/core");
 const common_1 = require("@nestjs/common");
-const fastify_1 = require("@clerk/fastify");
-const models_1 = require("@trailmix-cms/models");
-const config_1 = require("@nestjs/config");
 const auth_decorator_1 = require("./decorators/auth.decorator");
-const account_service_1 = require("./services/account.service");
-const constants_1 = require("./constants");
-let AuthGuard = AuthGuard_1 = class AuthGuard {
+const auth_service_1 = require("./services/auth.service");
+let AuthGuard = class AuthGuard {
     reflector;
-    accountService;
-    configService;
-    authGuardHook;
-    logger = new common_1.Logger(AuthGuard_1.name);
-    clerkClient;
-    constructor(reflector, accountService, configService, authGuardHook) {
+    authService;
+    constructor(reflector, authService) {
         this.reflector = reflector;
-        this.accountService = accountService;
-        this.configService = configService;
-        this.authGuardHook = authGuardHook;
-        this.clerkClient = (0, fastify_1.createClerkClient)({
-            secretKey: this.configService.get('CLERK_SECRET_KEY'),
-        });
+        this.authService = authService;
     }
     async canActivate(context) {
-        const requiredRoles = this.reflector.getAllAndOverride(auth_decorator_1.ROLES_KEY, [
+        const requiredGlobalRoles = this.reflector.getAllAndOverride(auth_decorator_1.ROLES_KEY, [
             context.getHandler(),
             context.getClass(),
         ]);
@@ -47,82 +30,31 @@ let AuthGuard = AuthGuard_1 = class AuthGuard {
             context.getHandler(),
             context.getClass(),
         ]);
+        const requiredPrincipalTypes = this.reflector.getAllAndOverride(auth_decorator_1.PRINCIPAL_TYPES_KEY, [
+            context.getHandler(),
+            context.getClass(),
+        ]);
         const request = context.switchToHttp().getRequest();
-        const { account } = await this.getAccount(context);
-        if (!account) {
-            if (allowAnonymous) {
-                return true;
+        const requestUrl = request.url;
+        const principal = await this.authService.getPrincipal(context);
+        const authResult = await this.authService.validateAuth(principal, allowAnonymous, requiredPrincipalTypes, requiredGlobalRoles, requestUrl);
+        if (authResult !== auth_service_1.AuthResult.IsValid) {
+            if (authResult === auth_service_1.AuthResult.Unauthorized) {
+                throw new common_1.UnauthorizedException('Unauthorized request');
             }
-            throw new common_1.UnauthorizedException('Unauthorized request');
-        }
-        request.account = account;
-        if (allowAnonymous) {
-            return true;
-        }
-        // If no roles are required, allow any authenticated user
-        if (requiredRoles.length == 0) {
-            return true;
-        }
-        // Check if user has required role
-        const hasRole = requiredRoles.some((role) => account?.roles?.includes(role))
-            || account?.roles?.includes(models_1.Role.Admin);
-        if (!hasRole) {
-            throw new common_1.ForbiddenException('You are not authorized to access this resource');
-        }
-        return true;
-    }
-    async getAccount(context) {
-        const request = context.switchToHttp().getRequest();
-        const auth = (0, fastify_1.getAuth)(request);
-        if (!auth.userId) {
-            return {};
-        }
-        // TODO: Cache user
-        // const cachedUser = await this.userCache.getUser(auth.userId);
-        // if (cachedUser) {
-        //     return {
-        //         account: cachedUser.account,
-        //         userPublicMetadata: cachedUser.metadata,
-        //     };
-        // }
-        const user = await this.clerkClient.users.getUser(auth.userId);
-        const accountExists = await this.accountService.getAccount(auth.userId);
-        if (accountExists) {
-            return {
-                account: accountExists,
-                userPublicMetadata: user.publicMetadata,
-            };
-        }
-        const account = await this.accountService.upsertAccount(auth.userId);
-        // TODO: Lock this step to prevent race conditions
-        if (this.authGuardHook) {
-            const authGuardHookresult = await this.authGuardHook.onHook(account);
-            if (!authGuardHookresult) {
-                this.logger.error('Failed to validate account using auth guard hook', {
-                    userId: auth.userId,
-                    accountId: account?._id,
-                });
-                throw new common_1.InternalServerErrorException('Failed to validate account using auth guard hook');
+            if (authResult === auth_service_1.AuthResult.Forbidden) {
+                throw new common_1.ForbiddenException('You are not authorized to access this resource');
             }
+            throw new common_1.InternalServerErrorException('Failed to validate authentication');
         }
-        // TODO: Cache user
-        // await this.userCache.cacheUser(auth.userId, {
-        //     account: account!,
-        //     metadata: user.publicMetadata,
-        // });
-        return {
-            account,
-            userPublicMetadata: user.publicMetadata,
-        };
+        request.principal = principal;
+        return true;
     }
 };
 exports.AuthGuard = AuthGuard;
-exports.AuthGuard = AuthGuard = AuthGuard_1 = __decorate([
+exports.AuthGuard = AuthGuard = __decorate([
     (0, common_1.Injectable)(),
-    __param(3, (0, common_1.Optional)()),
-    __param(3, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_AUTH_GUARD_HOOK)),
     __metadata("design:paramtypes", [core_1.Reflector,
-        account_service_1.AccountService,
-        config_1.ConfigService, Object])
+        auth_service_1.AuthService])
 ], AuthGuard);
 //# sourceMappingURL=auth.guard.js.map

package/dist/auth.guard.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../src/auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,uCAAyC;AACzC,2CAA8K;AAE9K,4CAAyE;AACzE,iDAAqD;AAErD,2CAA+C;AAG/C,gEAA6E;AAC7E,gEAA4D;AAC5D,2CAA+C;AAUxC,IAAM,SAAS,iBAAf,MAAM,SAAS;IAKN;IACA;IACA;IACsE;IAPjE,MAAM,GAAG,IAAI,eAAM,CAAC,WAAS,CAAC,IAAI,CAAC,CAAC;IACpC,WAAW,CAAc;IAE1C,YACY,SAAoB,EACpB,cAA8B,EAC9B,aAAuC,EAC+B,aAA6B;QAHnG,cAAS,GAAT,SAAS,CAAW;QACpB,mBAAc,GAAd,cAAc,CAAgB;QAC9B,kBAAa,GAAb,aAAa,CAA0B;QAC+B,kBAAa,GAAb,aAAa,CAAgB;QAE3G,IAAI,CAAC,WAAW,GAAG,IAAA,2BAAiB,EAAC;YACjC,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,kBAAkB,CAAC;SACxD,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,WAAW,CACb,OAAyB;QAEzB,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAoB,0BAAS,EAAE;YACjF,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,oCAAmB,EAAE;YAClF,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAkB,CAAC;QAEpE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAEnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,IAAI,cAAc,EAAE,CAAC;gBACjB,OAAO,IAAI,CAAC;YAChB,CAAC;YACD,MAAM,IAAI,8BAAqB,CAAC,sBAAsB,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;QAE1B,IAAI,cAAc,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,yDAAyD;QACzD,IAAI,aAAa,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,kCAAkC;QAClC,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;eACrE,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,aAAI,CAAC,KAAK,CAAC,CAAC;QAC5C,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,2BAAkB,CAAC,gDAAgD,CAAC,CAAC;QACnF,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,OAAyB;QAC9C,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAkB,CAAC;QAEpE,MAAM,IAAI,GAAG,IAAA,iBAAO,EAAC,OAAO,CAAC,CAAA;QAE7B,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,OAAO,EAAE,CAAC;QACd,CAAC;QAED,mBAAmB;QACnB,gEAAgE;QAChE,oBAAoB;QACpB,eAAe;QACf,uCAAuC;QACvC,mDAAmD;QACnD,SAAS;QACT,IAAI;QAEJ,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC9D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxE,IAAI,aAAa,EAAE,CAAC;YAChB,OAAO;gBACH,OAAO,EAAE,aAAa;gBACtB,kBAAkB,EAAE,IAAI,CAAC,cAAc;aAC1C,CAAC;QACN,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAErE,kDAAkD;QAClD,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACrB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,OAAQ,CAAC,CAAC;YACtE,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kDAAkD,EAAE;oBAClE,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,SAAS,EAAE,OAAO,EAAE,GAAG;iBAC1B,CAAC,CAAC;gBACH,MAAM,IAAI,qCAA4B,CAAC,kDAAkD,CAAC,CAAC;YAC/F,CAAC;QACL,CAAC;QAED,mBAAmB;QACnB,gDAAgD;QAChD,yBAAyB;QACzB,qCAAqC;QACrC,MAAM;QAEN,OAAO;YACH,OAAO;YACP,kBAAkB,EAAE,IAAI,CAAC,cAAc;SAC1C,CAAC;IACN,CAAC;CACJ,CAAA;AAhHY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;IASJ,WAAA,IAAA,iBAAQ,GAAE,CAAA;IAAE,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,+BAA+B,CAAC,CAAA;qCAHlD,gBAAS;QACJ,gCAAc;QACf,sBAAa;GAP/B,SAAS,CAgHrB"}
+{"version":3,"file":"auth.guard.js","sourceRoot":"","sources":["../src/auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,uCAAyC;AACzC,2CAAoJ;AAGpJ,gEAAkG;AAClG,0DAAkE;AAU3D,IAAM,SAAS,GAAf,MAAM,SAAS;IAEN;IACA;IAFZ,YACY,SAAoB,EACpB,WAAwB;QADxB,cAAS,GAAT,SAAS,CAAW;QACpB,gBAAW,GAAX,WAAW,CAAa;IAChC,CAAC;IAEL,KAAK,CAAC,WAAW,CACb,OAAyB;QAEzB,MAAM,mBAAmB,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAwC,0BAAS,EAAE;YAC3G,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,oCAAmB,EAAE;YAClF,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAEH,MAAM,sBAAsB,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAA6B,oCAAmB,EAAE;YAC7G,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAkB,CAAC;QACpE,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC;QAE/B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAClD,SAAS,EACT,cAAc,EACd,sBAAsB,EACtB,mBAAmB,EACnB,UAAU,CACb,CAAC;QAEF,IAAI,UAAU,KAAK,yBAAU,CAAC,OAAO,EAAE,CAAC;YACpC,IAAI,UAAU,KAAK,yBAAU,CAAC,YAAY,EAAE,CAAC;gBACzC,MAAM,IAAI,8BAAqB,CAAC,sBAAsB,CAAC,CAAC;YAC5D,CAAC;YACD,IAAI,UAAU,KAAK,yBAAU,CAAC,SAAS,EAAE,CAAC;gBACtC,MAAM,IAAI,2BAAkB,CAAC,gDAAgD,CAAC,CAAC;YACnF,CAAC;YACD,MAAM,IAAI,qCAA4B,CAAC,mCAAmC,CAAC,CAAC;QAChF,CAAC;QAED,OAAO,CAAC,SAAS,GAAG,SAAU,CAAC;QAC/B,OAAO,IAAI,CAAC;IAChB,CAAC;CACJ,CAAA;AAjDY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;qCAGc,gBAAS;QACP,0BAAW;GAH3B,SAAS,CAiDrB"}

package/dist/collections/account.collection.d.ts

@@ -3,15 +3,17 @@ import { OnModuleInit } from '@nestjs/common';
 import { ZodType } from 'zod';
 import { Account } from '@trailmix-cms/models';
 import { Collections, DatabaseService, AuditedCollection } from '@trailmix-cms/db';
-import { CollectionConfig } from '../types/collection-config';
+import { type CollectionConfig } from '../types';
 type Record = Account.Entity;
 export declare class AccountCollection<T extends Record = Record> extends AuditedCollection<T> implements OnModuleInit {
     protected readonly entitySchema: ZodType<OptionalUnlessRequiredId<T>>;
-    protected readonly setup: (collection: Collection<T>) => Promise<void>;
     protected readonly config: CollectionConfig;
+    protected readonly setup: ((collection: Collection<T>) => Promise<void>) | null;
+    protected readonly databaseService: DatabaseService;
+    protected readonly auditCollection: Collections.AuditCollection;
     private readonly logger;
     protected readonly collectionName: "account";
-    constructor(entitySchema: ZodType<OptionalUnlessRequiredId<T>>, setup: (collection: Collection<T>) => Promise<void>, config: CollectionConfig, collection: Collection<T>, databaseService: DatabaseService, auditCollection: Collections.AuditCollection);
+    constructor(entitySchema: ZodType<OptionalUnlessRequiredId<T>>, config: CollectionConfig, setup: ((collection: Collection<T>) => Promise<void>) | null, collection: Collection<T>, databaseService: DatabaseService, auditCollection: Collections.AuditCollection);
     onModuleInit(): Promise<void>;
 }
 export {};

package/dist/collections/account.collection.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account.collection.d.ts","sourceRoot":"","sources":["../../src/collections/account.collection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,wBAAwB,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAA8B,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC1E,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;AAC9B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,eAAe,EAAsB,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGvG,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAE9D,KAAK,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;AAG5B,qBACa,iBAAiB,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,iBAAiB,CAAC,CAAC,CAAE,YAAW,YAAY;IAK7C,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC;IACtE,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC;IACrE,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB;IANxG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,SAAS,CAAC,QAAQ,CAAC,cAAc,YAAkB;gBAG6B,YAAY,EAAE,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC,EACnD,KAAK,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,EAClD,MAAM,EAAE,gBAAgB,EAChE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,EAC7D,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,WAAW,CAAC,eAAe;IAK1C,YAAY;CAOrB"}
+{"version":3,"file":"account.collection.d.ts","sourceRoot":"","sources":["../../src/collections/account.collection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,wBAAwB,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAA8B,YAAY,EAAY,MAAM,gBAAgB,CAAC;AACpF,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;AAC9B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,eAAe,EAAsB,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGvG,OAAO,EAAE,KAAK,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAEjD,KAAK,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;AAG5B,qBACa,iBAAiB,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,iBAAiB,CAAC,CAAC,CAAE,YAAW,YAAY;IAK7D,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC;IACrE,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB;IAChC,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI;IAEnI,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,eAAe;IACnD,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,WAAW,CAAC,eAAe;IATnE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,SAAS,CAAC,QAAQ,CAAC,cAAc,YAAkB;gBAGa,YAAY,EAAE,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC,EAClD,MAAM,EAAE,gBAAgB,EACb,KAAK,EAAE,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,EAC/F,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,EAC1C,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,WAAW,CAAC,eAAe;IAK7D,YAAY;CASrB"}

package/dist/collections/account.collection.js

@@ -21,32 +21,39 @@ const constants_1 = require("../constants");
 const collectionName = constants_1.CMSCollectionName.Account;
 let AccountCollection = class AccountCollection extends db_1.AuditedCollection {
     entitySchema;
-    setup;
     config;
+    setup;
+    databaseService;
+    auditCollection;
     logger = new common_1.Logger(this.constructor.name);
     collectionName = collectionName;
-    constructor(entitySchema, setup, config, collection, databaseService, auditCollection) {
+    constructor(entitySchema, config, setup, collection, databaseService, auditCollection) {
         super(collection, databaseService, auditCollection);
         this.entitySchema = entitySchema;
-        this.setup = setup;
         this.config = config;
+        this.setup = setup;
+        this.databaseService = databaseService;
+        this.auditCollection = auditCollection;
     }
     async onModuleInit() {
         this.logger.verbose(`creating custom indexes for collection_${collectionName}`);
         if (!this.config.disableDefaultIndexes) {
             await this.collection.createIndex({ user_id: 1 }, { unique: true, sparse: true });
         }
-        await this.setup(this.collection);
+        if (this.setup) {
+            await this.setup(this.collection);
+        }
     }
 };
 exports.AccountCollection = AccountCollection;
 exports.AccountCollection = AccountCollection = __decorate([
     (0, common_1.Injectable)(),
-    __param(0, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_ACCOUNT_SCHEMA)),
-    __param(1, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_ACCOUNT_SETUP)),
-    __param(2, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.TRAILMIXCMS_CMS_ACCOUNT_CONFIG)),
+    __param(0, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.ACCOUNT_SCHEMA)),
+    __param(1, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.ACCOUNT_CONFIG)),
+    __param(2, (0, common_1.Optional)()),
+    __param(2, (0, common_1.Inject)(constants_1.PROVIDER_SYMBOLS.ACCOUNT_SETUP)),
     __param(3, (0, db_1.DocumentCollection)(collectionName)),
-    __metadata("design:paramtypes", [zod_1.ZodType, Function, Object, mongodb_1.Collection,
+    __metadata("design:paramtypes", [zod_1.ZodType, Object, Object, mongodb_1.Collection,
         db_1.DatabaseService, db_1.Collections.AuditCollection])
 ], AccountCollection);
 //# sourceMappingURL=account.collection.js.map

package/dist/collections/account.collection.js.map

@@ -1 +1 @@
-{"version":3,"file":"account.collection.js","sourceRoot":"","sources":["../../src/collections/account.collection.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,qCAA+D;AAC/D,2CAA0E;AAC1E,6BAA8B;AAE9B,yCAAuG;AAEvG,4CAAmE;AAInE,MAAM,cAAc,GAAG,6BAAiB,CAAC,OAAO,CAAC;AAG1C,IAAM,iBAAiB,GAAvB,MAAM,iBAA6C,SAAQ,sBAAoB;IAKF;IACD;IACC;IAN/D,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IACzC,cAAc,GAAG,cAAc,CAAC;IAEnD,YACgF,YAAkD,EACnD,KAAmD,EAClD,MAAwB,EAChE,UAAyB,EAC7D,eAAgC,EAChC,eAA4C;QAE5C,KAAK,CAAC,UAAU,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;QAPwB,iBAAY,GAAZ,YAAY,CAAsC;QACnD,UAAK,GAAL,KAAK,CAA8C;QAClD,WAAM,GAAN,MAAM,CAAkB;IAMxG,CAAC;IAED,KAAK,CAAC,YAAY;QACd,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0CAA0C,cAAc,EAAE,CAAC,CAAA;QAC/E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;YACrC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QACtF,CAAC;QACD,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACtC,CAAC;CACJ,CAAA;AAtBY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;IAMJ,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,8BAA8B,CAAC,CAAA;IACvD,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,6BAA6B,CAAC,CAAA;IACtD,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,8BAA8B,CAAC,CAAA;IACvD,WAAA,IAAA,uBAAkB,EAAC,cAAc,CAAC,CAAA;qCAHuD,aAAO,oBAGjD,oBAAU;QACzC,oBAAe,EACf,gBAAW,CAAC,eAAe;GAVvC,iBAAiB,CAsB7B"}
+{"version":3,"file":"account.collection.js","sourceRoot":"","sources":["../../src/collections/account.collection.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,qCAA+D;AAC/D,2CAAoF;AACpF,6BAA8B;AAE9B,yCAAuG;AAEvG,4CAAmE;AAInE,MAAM,cAAc,GAAG,6BAAiB,CAAC,OAAO,CAAC;AAG1C,IAAM,iBAAiB,GAAvB,MAAM,iBAA6C,SAAQ,sBAAoB;IAKlB;IACA;IACW;IAEpD;IACA;IATN,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IACzC,cAAc,GAAG,cAAc,CAAC;IAEnD,YACgE,YAAkD,EAClD,MAAwB,EACb,KAA4D,EAC/F,UAAyB,EAC1C,eAAgC,EAChC,eAA4C;QAE/D,KAAK,CAAC,UAAU,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;QAPQ,iBAAY,GAAZ,YAAY,CAAsC;QAClD,WAAM,GAAN,MAAM,CAAkB;QACb,UAAK,GAAL,KAAK,CAAuD;QAEhH,oBAAe,GAAf,eAAe,CAAiB;QAChC,oBAAe,GAAf,eAAe,CAA6B;IAGnE,CAAC;IAED,KAAK,CAAC,YAAY;QACd,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0CAA0C,cAAc,EAAE,CAAC,CAAA;QAC/E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;YACrC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QACtF,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACtC,CAAC;IACL,CAAC;CACJ,CAAA;AAxBY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;IAMJ,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,cAAc,CAAC,CAAA;IACvC,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,cAAc,CAAC,CAAA;IACvC,WAAA,IAAA,iBAAQ,GAAE,CAAA;IAAE,WAAA,IAAA,eAAM,EAAC,4BAAgB,CAAC,aAAa,CAAC,CAAA;IAClD,WAAA,IAAA,uBAAkB,EAAC,cAAc,CAAC,CAAA;qCAHuC,aAAO,kBAGjC,oBAAU;QACtB,oBAAe,EACf,gBAAW,CAAC,eAAe;GAV1D,iBAAiB,CAwB7B"}

package/dist/collections/api-key.collection.d.ts

@@ -0,0 +1,54 @@
+import { ClientSession, Collection, ObjectId } from 'mongodb';
+import { DatabaseService, Collections, AuditedCollection } from '@trailmix-cms/db';
+import * as trailmixModels from '@trailmix-cms/models';
+import { Utils } from '@trailmix-cms/db';
+type Record = trailmixModels.ApiKey.Entity;
+export declare class ApiKeyCollection extends AuditedCollection<Record> {
+    protected readonly collection: Collection<Record>;
+    protected readonly databaseService: DatabaseService;
+    protected readonly auditCollection: Collections.AuditCollection;
+    private readonly logger;
+    readonly collectionName: "api-key";
+    readonly entitySchema: import("zod").ZodObject<{
+        _id: import("zod").ZodCodec<import("zod").ZodString, import("zod").ZodCustom<import("bson").ObjectId, import("bson").ObjectId>>;
+        created_at: import("zod").ZodCodec<import("zod").ZodISODateTime, import("zod").ZodDate>;
+        updated_at: import("zod").ZodOptional<import("zod").ZodCodec<import("zod").ZodISODateTime, import("zod").ZodDate>>;
+        api_key: import("zod").ZodString;
+        name: import("zod").ZodOptional<import("zod").ZodString>;
+        disabled: import("zod").ZodOptional<import("zod").ZodBoolean>;
+        expires_at: import("zod").ZodOptional<import("zod").ZodCodec<import("zod").ZodISODateTime, import("zod").ZodDate>>;
+        scope_type: import("zod").ZodEnum<{
+            account: "account";
+            organization: "organization";
+            global: "global";
+        }>;
+        scope_id: import("zod").ZodOptional<import("zod").ZodCodec<import("zod").ZodString, import("zod").ZodCustom<import("bson").ObjectId, import("bson").ObjectId>>>;
+    }, import("zod/v4/core").$strip>;
+    constructor(collection: Collection<Record>, databaseService: DatabaseService, auditCollection: Collections.AuditCollection);
+    onModuleInit(): Promise<void>;
+    /**
+     * Generates a new API key with the format: <prefix>_<random characters>
+     * @param prefix Optional prefix for the API key
+     * @param length Length of the random string
+     * @returns A randomly generated API key prefixed with the prefix if provided
+     */
+    private static generateApiKey;
+    /**
+     * Creates a new APIKey record with retry logic for duplicate API keys
+     * @param params The parameters for the API key
+     * @param auditContext The audit context for the operation
+     * @param options The options for the API key
+     * @param options.maxRetries Maximum number of retry attempts if duplicate key is encountered (default: 10)
+     * @param options.prefix Optional prefix for the API key
+     * @param options.length Length of the random string
+     * @returns The created APIKey record
+     * @throws Error if max retries exceeded or if insert fails for non-duplicate reasons
+     */
+    create(params: Omit<Utils.Creatable<trailmixModels.ApiKey.Entity>, 'api_key'>, auditContext: trailmixModels.AuditContext.Model, options?: {
+        maxRetries: number;
+        prefix?: string;
+        length: number;
+    }, session?: ClientSession): Promise<Record>;
+}
+export {};
+//# sourceMappingURL=api-key.collection.d.ts.map

package/dist/collections/api-key.collection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-key.collection.d.ts","sourceRoot":"","sources":["../../src/collections/api-key.collection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,UAAU,EAAoB,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEhF,OAAO,EAAsB,eAAe,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGvG,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,KAAK,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC;AAG3C,qBACa,gBAAiB,SAAQ,iBAAiB,CAAC,MAAM,CAAC;IAOvD,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC;IACjD,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,eAAe;IACnD,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,WAAW,CAAC,eAAe;IARnE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,SAAgB,cAAc,YAAkB;IAChD,SAAgB,YAAY;;;;;;;;;;;;;;qCAAgC;gBAIrC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAC9B,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,WAAW,CAAC,eAAe;IAK7D,YAAY;IAKlB;;;;;OAKG;IACH,OAAO,CAAC,MAAM,CAAC,cAAc;IAO7B;;;;;;;;;;OAUG;IACG,MAAM,CACR,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,SAAS,CAAC,EACtE,YAAY,EAAE,cAAc,CAAC,YAAY,CAAC,KAAK,EAC/C,OAAO,GAAE;QAAE,UAAU,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAmC,EACjG,OAAO,CAAC,EAAE,aAAa,GACxB,OAAO,CAAC,MAAM,CAAC;CA6CrB"}

package/dist/collections/api-key.collection.js

@@ -0,0 +1,142 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var ApiKeyCollection_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiKeyCollection = void 0;
+const mongodb_1 = require("mongodb");
+const common_1 = require("@nestjs/common");
+const db_1 = require("@trailmix-cms/db");
+const constants_1 = require("../constants");
+const crypto_1 = require("crypto");
+const trailmixModels = __importStar(require("@trailmix-cms/models"));
+const collectionName = constants_1.CMSCollectionName.ApiKey;
+let ApiKeyCollection = ApiKeyCollection_1 = class ApiKeyCollection extends db_1.AuditedCollection {
+    collection;
+    databaseService;
+    auditCollection;
+    logger = new common_1.Logger(this.constructor.name);
+    collectionName = collectionName;
+    entitySchema = trailmixModels.ApiKey.schema;
+    constructor(collection, databaseService, auditCollection) {
+        super(collection, databaseService, auditCollection);
+        this.collection = collection;
+        this.databaseService = databaseService;
+        this.auditCollection = auditCollection;
+    }
+    async onModuleInit() {
+        this.logger.verbose(`creating custom indexes for collection_${collectionName}`);
+        await this.collection.createIndex({ api_key: 1 }, { unique: true });
+    }
+    /**
+     * Generates a new API key with the format: <prefix>_<random characters>
+     * @param prefix Optional prefix for the API key
+     * @param length Length of the random string
+     * @returns A randomly generated API key prefixed with the prefix if provided
+     */
+    static generateApiKey(prefix, length = 32) {
+        // Generate random bytes and convert to hex
+        const randomBytesBuffer = (0, crypto_1.randomBytes)(length);
+        const randomString = randomBytesBuffer.toString('hex');
+        return [prefix, randomString].filter(Boolean).join('_');
+    }
+    /**
+     * Creates a new APIKey record with retry logic for duplicate API keys
+     * @param params The parameters for the API key
+     * @param auditContext The audit context for the operation
+     * @param options The options for the API key
+     * @param options.maxRetries Maximum number of retry attempts if duplicate key is encountered (default: 10)
+     * @param options.prefix Optional prefix for the API key
+     * @param options.length Length of the random string
+     * @returns The created APIKey record
+     * @throws Error if max retries exceeded or if insert fails for non-duplicate reasons
+     */
+    async create(params, auditContext, options = { maxRetries: 10, length: 32 }, session) {
+        const { maxRetries, prefix, length } = options;
+        let attempts = 0;
+        return this.databaseService.withTransaction({ session }, async (session) => {
+            while (attempts < maxRetries) {
+                try {
+                    const apiKey = ApiKeyCollection_1.generateApiKey(prefix, length);
+                    const doc = {
+                        api_key: apiKey,
+                        ...params,
+                    };
+                    const result = await this.insertOne(doc, auditContext);
+                    this.logger.verbose(`Successfully created APIKey with id ${result._id} on attempt ${attempts + 1}`);
+                    return result;
+                }
+                catch (error) {
+                    // Check if error is a duplicate key error (MongoDB error code 11000)
+                    if (error instanceof mongodb_1.MongoServerError && error.code === 11000) {
+                        attempts++;
+                        this.logger.warn(`Duplicate API key detected on attempt ${attempts}, retrying with new key...`);
+                        if (attempts >= maxRetries) {
+                            this.logger.error(`Failed to create APIKey after ${maxRetries} attempts due to duplicate keys`);
+                            throw new Error(`Failed to create APIKey: generated ${maxRetries} duplicate API keys. This is extremely unlikely.`);
+                        }
+                        // Continue to retry with a new key
+                    }
+                    else {
+                        // Re-throw non-duplicate errors
+                        this.logger.error(`Failed to create APIKey: ${error}`);
+                        throw error;
+                    }
+                }
+            }
+            // This should never be reached, but TypeScript requires it
+            throw new Error('Unexpected error in create method');
+        });
+    }
+};
+exports.ApiKeyCollection = ApiKeyCollection;
+exports.ApiKeyCollection = ApiKeyCollection = ApiKeyCollection_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __param(0, (0, db_1.DocumentCollection)(collectionName)),
+    __metadata("design:paramtypes", [mongodb_1.Collection,
+        db_1.DatabaseService, db_1.Collections.AuditCollection])
+], ApiKeyCollection);
+//# sourceMappingURL=api-key.collection.js.map

package/dist/collections/api-key.collection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-key.collection.js","sourceRoot":"","sources":["../../src/collections/api-key.collection.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAgF;AAChF,2CAAoD;AACpD,yCAAuG;AACvG,4CAAiD;AACjD,mCAAqC;AACrC,qEAAuD;AAIvD,MAAM,cAAc,GAAG,6BAAiB,CAAC,MAAM,CAAC;AAGzC,IAAM,gBAAgB,wBAAtB,MAAM,gBAAiB,SAAQ,sBAAyB;IAOpC;IACA;IACA;IARN,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAC5C,cAAc,GAAG,cAAc,CAAC;IAChC,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC;IAE5D,YAEuB,UAA8B,EAC9B,eAAgC,EAChC,eAA4C;QAE/D,KAAK,CAAC,UAAU,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;QAJjC,eAAU,GAAV,UAAU,CAAoB;QAC9B,oBAAe,GAAf,eAAe,CAAiB;QAChC,oBAAe,GAAf,eAAe,CAA6B;IAGnE,CAAC;IAED,KAAK,CAAC,YAAY;QACd,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0CAA0C,cAAc,EAAE,CAAC,CAAC;QAChF,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IACxE,CAAC;IAED;;;;;OAKG;IACK,MAAM,CAAC,cAAc,CAAC,MAAe,EAAE,SAAiB,EAAE;QAC9D,2CAA2C;QAC3C,MAAM,iBAAiB,GAAG,IAAA,oBAAW,EAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,YAAY,GAAG,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACvD,OAAO,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,MAAM,CACR,MAAsE,EACtE,YAA+C,EAC/C,UAAmE,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EACjG,OAAuB;QAEvB,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAC/C,IAAI,QAAQ,GAAG,CAAC,CAAC;QAEjB,OAAO,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;YACvE,OAAO,QAAQ,GAAG,UAAU,EAAE,CAAC;gBAC3B,IAAI,CAAC;oBACD,MAAM,MAAM,GAAG,kBAAgB,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;oBAC/D,MAAM,GAAG,GAAsD;wBAC3D,OAAO,EAAE,MAAM;wBACf,GAAG,MAAM;qBACZ,CAAC;oBAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;oBACvD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,uCAAuC,MAAM,CAAC,GAAG,eAAe,QAAQ,GAAG,CAAC,EAAE,CAAC,CAAC;oBACpG,OAAO,MAAM,CAAC;gBAClB,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACb,qEAAqE;oBACrE,IAAI,KAAK,YAAY,0BAAgB,IAAI,KAAK,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;wBAC5D,QAAQ,EAAE,CAAC;wBACX,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,yCAAyC,QAAQ,4BAA4B,CAChF,CAAC;wBAEF,IAAI,QAAQ,IAAI,UAAU,EAAE,CAAC;4BACzB,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,iCAAiC,UAAU,iCAAiC,CAC/E,CAAC;4BACF,MAAM,IAAI,KAAK,CACX,sCAAsC,UAAU,kDAAkD,CACrG,CAAC;wBACN,CAAC;wBACD,mCAAmC;oBACvC,CAAC;yBAAM,CAAC;wBACJ,gCAAgC;wBAChC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,KAAK,EAAE,CAAC,CAAC;wBACvD,MAAM,KAAK,CAAC;oBAChB,CAAC;gBACL,CAAC;YACL,CAAC;YAED,2DAA2D;YAC3D,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;IACP,CAAC;CACJ,CAAA;AA7FY,4CAAgB;2BAAhB,gBAAgB;IAD5B,IAAA,mBAAU,GAAE;IAOJ,WAAA,IAAA,uBAAkB,EAAC,cAAc,CAAC,CAAA;qCACJ,oBAAU;QACL,oBAAe,EACf,gBAAW,CAAC,eAAe;GAT1D,gBAAgB,CA6F5B"}

package/dist/collections/index.d.ts

@@ -1,4 +1,6 @@
 export { AccountCollection } from './account.collection';
-export { FileCollection } from './file.collection';
-export { TextCollection } from './text.collection';
+export { OrganizationCollection } from './organization.collection';
+export { RoleCollection } from './role.collection';
+export { SecurityAuditCollection } from './security-audit.collection';
+export { ApiKeyCollection } from './api-key.collection';
 //# sourceMappingURL=index.d.ts.map

package/dist/collections/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/collections/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/collections/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,6BAA6B,CAAC;AACtE,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/collections/index.js

@@ -1,10 +1,14 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.TextCollection = exports.FileCollection = exports.AccountCollection = void 0;
+exports.ApiKeyCollection = exports.SecurityAuditCollection = exports.RoleCollection = exports.OrganizationCollection = exports.AccountCollection = void 0;
 var account_collection_1 = require("./account.collection");
 Object.defineProperty(exports, "AccountCollection", { enumerable: true, get: function () { return account_collection_1.AccountCollection; } });
-var file_collection_1 = require("./file.collection");
-Object.defineProperty(exports, "FileCollection", { enumerable: true, get: function () { return file_collection_1.FileCollection; } });
-var text_collection_1 = require("./text.collection");
-Object.defineProperty(exports, "TextCollection", { enumerable: true, get: function () { return text_collection_1.TextCollection; } });
+var organization_collection_1 = require("./organization.collection");
+Object.defineProperty(exports, "OrganizationCollection", { enumerable: true, get: function () { return organization_collection_1.OrganizationCollection; } });
+var role_collection_1 = require("./role.collection");
+Object.defineProperty(exports, "RoleCollection", { enumerable: true, get: function () { return role_collection_1.RoleCollection; } });
+var security_audit_collection_1 = require("./security-audit.collection");
+Object.defineProperty(exports, "SecurityAuditCollection", { enumerable: true, get: function () { return security_audit_collection_1.SecurityAuditCollection; } });
+var api_key_collection_1 = require("./api-key.collection");
+Object.defineProperty(exports, "ApiKeyCollection", { enumerable: true, get: function () { return api_key_collection_1.ApiKeyCollection; } });
 //# sourceMappingURL=index.js.map

package/dist/collections/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/collections/index.ts"],"names":[],"mappings":";;;AAAA,2DAAyD;AAAhD,uHAAA,iBAAiB,OAAA;AAC1B,qDAAmD;AAA1C,iHAAA,cAAc,OAAA;AACvB,qDAAmD;AAA1C,iHAAA,cAAc,OAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/collections/index.ts"],"names":[],"mappings":";;;AAAA,2DAAyD;AAAhD,uHAAA,iBAAiB,OAAA;AAC1B,qEAAmE;AAA1D,iIAAA,sBAAsB,OAAA;AAC/B,qDAAmD;AAA1C,iHAAA,cAAc,OAAA;AACvB,yEAAsE;AAA7D,oIAAA,uBAAuB,OAAA;AAChC,2DAAwD;AAA/C,sHAAA,gBAAgB,OAAA"}

package/dist/collections/organization.collection.d.ts

@@ -0,0 +1,20 @@
+import { Collection, OptionalUnlessRequiredId } from 'mongodb';
+import { OnModuleInit } from '@nestjs/common';
+import { DatabaseService, Collections, AuditedCollection } from '@trailmix-cms/db';
+import * as trailmixModels from '@trailmix-cms/models';
+import { ZodType } from 'zod';
+import { type CollectionConfig } from '../types';
+type Record = trailmixModels.Organization.Entity;
+export declare class OrganizationCollection<T extends Record = Record> extends AuditedCollection<T> implements OnModuleInit {
+    protected readonly entitySchema: ZodType<OptionalUnlessRequiredId<T>>;
+    protected readonly setup: ((collection: Collection<T>) => Promise<void>) | null;
+    protected readonly config: CollectionConfig;
+    protected readonly databaseService: DatabaseService;
+    protected readonly auditCollection: Collections.AuditCollection;
+    private readonly logger;
+    readonly collectionName: "organization";
+    constructor(entitySchema: ZodType<OptionalUnlessRequiredId<T>>, setup: ((collection: Collection<T>) => Promise<void>) | null, config: CollectionConfig, collection: Collection<T>, databaseService: DatabaseService, auditCollection: Collections.AuditCollection);
+    onModuleInit(): Promise<void>;
+}
+export {};
+//# sourceMappingURL=organization.collection.d.ts.map

package/dist/collections/organization.collection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"organization.collection.d.ts","sourceRoot":"","sources":["../../src/collections/organization.collection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,wBAAwB,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAAsB,YAAY,EAAoB,MAAM,gBAAgB,CAAC;AACpF,OAAO,EAAsB,eAAe,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAEvG,OAAO,KAAK,cAAc,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,CAAC;AAC9B,OAAO,EAAE,KAAK,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAEjD,KAAK,MAAM,GAAG,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC;AAGjD,qBACa,sBAAsB,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,CAAE,SAAQ,iBAAiB,CAAC,CAAC,CAAE,YAAW,YAAY;IAK7D,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC;IAC1D,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI;IAC1F,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB;IAEzF,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,eAAe;IACnD,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,WAAW,CAAC,eAAe;IATnE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,SAAgB,cAAc,iBAAkB;gBAGqB,YAAY,EAAE,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC,EACvC,KAAK,EAAE,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,EACvE,MAAM,EAAE,gBAAgB,EACrD,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,EAC1C,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,WAAW,CAAC,eAAe;IAK7D,YAAY;CASrB"}