@vindentech/api-client 0.3.0-next.1 → 0.3.0-next.3

package/README.md

@@ -29,6 +29,87 @@ const { data: orders } = await client.listOrders();
 const { data: health } = await client.health(); // no token needed
 ```
 
+`getMe` / `listOrders` / `health` are typed shortcuts for the three no-argument
+endpoints. Every other endpoint is reached through `client.call` — see below.
+
+## Calling any endpoint
+
+The SDK exports an operation function for every endpoint in the OpenAPI spec
+(generated from the API — billing, invoices, coupons, price lists, …). Pass one
+to `client.call` along with its data arguments; the client threads in `baseUrl`,
+auth, and `fetch`:
+
+```ts
+import {
+  createVindenClient,
+  billingAccountsControllerListAccountsV1,
+  billingAccountsControllerCreateAccountV1,
+  type CreateBillingAccountDto,
+} from "@vindentech/api-client";
+
+const client = createVindenClient({ baseUrl, getToken });
+
+// query params first, options appended by the client
+const { data: accounts } = await client.call(
+  billingAccountsControllerListAccountsV1,
+  { limit: 50 },
+);
+
+// request body
+const body: CreateBillingAccountDto = { /* … */ };
+const { data: created } = await client.call(
+  billingAccountsControllerCreateAccountV1,
+  body,
+);
+```
+
+Each operation takes its data arguments (path params, query params, request
+body) first; `call` appends the request options. Operation names follow
+`<controller><Operation>V<n>`; all DTO and params types are exported too, so you
+can type forms and payloads. New endpoints appear here automatically when the
+SDK is regenerated — no SDK code change needed.
+
+## Permissions (gating UI)
+
+Every endpoint declares its access rule (from the API's `@RequiresPermission` /
+`@Public` decorators). The SDK exposes it so you can gate UI before calling —
+pair it with the `capabilities` array from `GET /v1/me`:
+
+```ts
+import {
+  requiredPermissions,
+  hasRequiredPermissions,
+  OPERATION_PERMISSIONS,
+} from "@vindentech/api-client";
+
+const { data: me } = await client.getMe(); // me.capabilities: string[]
+
+requiredPermissions("billingAccountsControllerCreateAccountV1");
+// → { kind: "permissions", permissions: ["billingaccount:write"] }
+
+if (hasRequiredPermissions(me.capabilities, "billingAccountsControllerCreateAccountV1")) {
+  // show the "Create account" button
+}
+```
+
+Operations are keyed by a **typed operation-name string** (autocompleted; a
+renamed/removed operation is a compile error). Pass the name, not the function —
+that's bundler-safe where `Function.name` is not. You can also read the typed
+map directly: `OPERATION_PERMISSIONS.billingAccountsControllerCreateAccountV1`.
+
+`requiredPermissions(op)` returns a **closed** rule — every operation is
+classified, so nothing reads as "open by omission":
+
+| `kind` | Meaning | `hasRequiredPermissions` |
+|---|---|---|
+| `"permissions"` | caller must hold **all** of `.permissions` | true iff all held |
+| `"authenticated"` | any authenticated user | always `true` |
+| `"public"` | no auth required | always `true` |
+
+Check `requiredPermissions(op).kind` to distinguish `"public"` from
+`"authenticated"` for logged-out rendering. The rule also shows in each
+operation's JSDoc on hover and in Swagger UI.
+
 ## API
 
 ### `createVindenClient(options)`

package/dist/client.d.ts

@@ -10,6 +10,26 @@ export type CreateVindenClientOptions = {
     /** Override the global fetch — useful for tests, MSW, or non-browser runtimes. */
     fetch?: typeof globalThis.fetch;
 };
+/**
+ * Invokes any generated operation with this client's auth/baseUrl/fetch
+ * threaded in as the trailing `RequestInit`.
+ *
+ * Every generated operation takes its data arguments first (path params, query
+ * params, request body — zero, one, or two of them) and an optional
+ * `RequestInit` last. `call` mirrors that: pass the operation, then its data
+ * arguments; the client appends the request options. This covers the entire
+ * generated surface — current and future — without per-endpoint wiring.
+ *
+ * @example
+ * import { createVindenClient, billingAccountsControllerListAccountsV1 } from "@vindentech/api-client";
+ * const client = createVindenClient({ baseUrl, getToken });
+ * const { data } = await client.call(billingAccountsControllerListAccountsV1, { limit: 50 });
+ */
+export interface ApiCall {
+    <R>(operation: (options?: RequestInit) => Promise<R>): Promise<R>;
+    <A, R>(operation: (arg: A, options?: RequestInit) => Promise<R>, arg: A): Promise<R>;
+    <A, B, R>(operation: (a: A, b: B, options?: RequestInit) => Promise<R>, a: A, b: B): Promise<R>;
+}
 /**
  * Create a fully-isolated Vinden API client.
  *
@@ -17,6 +37,10 @@ export type CreateVindenClientOptions = {
  * shared global state. Two clients with different tokens called concurrently
  * send different `Authorization` headers. Safe in SSR (Next.js Route
  * Handlers/RSCs) and multi-tenant server contexts.
+ *
+ * `health`/`getMe`/`listOrders` are typed convenience wrappers for the three
+ * no-argument endpoints. For everything else, use `call(operation, ...args)`
+ * with an operation imported from this package.
  */
 export declare function createVindenClient(opts: CreateVindenClientOptions): {
     /** GET /health — public, no auth required (version-neutral). */
@@ -25,6 +49,10 @@ export declare function createVindenClient(opts: CreateVindenClientOptions): {
     getMe: () => Promise<import("./generated/me/me.js").meControllerGetMeV1ResponseSuccess>;
     /** GET /v1/orders — RLS-filtered to the caller's tenant/org. */
     listOrders: () => Promise<import("./generated/orders/orders.js").ordersControllerFindAllV1ResponseSuccess>;
+    /**
+     * Invoke any generated operation with auth threaded in. See {@link ApiCall}.
+     */
+    call: ApiCall;
 };
 export type VindenClient = ReturnType<typeof createVindenClient>;
 //# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,UAAU,GAAG,MACrB,MAAM,GACN,IAAI,GACJ,SAAS,GACT,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC,CAAC;AAEvC,MAAM,MAAM,yBAAyB,GAAG;IACtC,iEAAiE;IACjE,OAAO,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,QAAQ,CAAC,EAAE,UAAU,CAAC;IACtB,kFAAkF;IAClF,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;CACjC,CAAC;AAEF;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,yBAAyB;IAE9D,gEAAgE;;IAEhE,gFAAgF;;IAEhF,gEAAgE;;EAGnE;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,kBAAkB,CAAC,CAAC"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,UAAU,GAAG,MACrB,MAAM,GACN,IAAI,GACJ,SAAS,GACT,OAAO,CAAC,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC,CAAC;AAEvC,MAAM,MAAM,yBAAyB,GAAG;IACtC,iEAAiE;IACjE,OAAO,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,QAAQ,CAAC,EAAE,UAAU,CAAC;IACtB,kFAAkF;IAClF,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;CACjC,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,OAAO;IACtB,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IAClE,CAAC,CAAC,EAAE,CAAC,EACH,SAAS,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,EACxD,GAAG,EAAE,CAAC,GACL,OAAO,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EACN,SAAS,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,EAC5D,CAAC,EAAE,CAAC,EACJ,CAAC,EAAE,CAAC,GACH,OAAO,CAAC,CAAC,CAAC,CAAC;CACf;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,yBAAyB;IAK9D,gEAAgE;;IAEhE,gFAAgF;;IAEhF,gEAAgE;;IAEhE;;OAEG;;EAGN;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,kBAAkB,CAAC,CAAC"}

package/dist/client.js

@@ -8,18 +8,27 @@ import { ordersControllerFindAllV1 } from "./generated/orders/orders.js";
  * shared global state. Two clients with different tokens called concurrently
  * send different `Authorization` headers. Safe in SSR (Next.js Route
  * Handlers/RSCs) and multi-tenant server contexts.
+ *
+ * `health`/`getMe`/`listOrders` are typed convenience wrappers for the three
+ * no-argument endpoints. For everything else, use `call(operation, ...args)`
+ * with an operation imported from this package.
  */
 export function createVindenClient(opts) {
+    const call = ((operation, ...args) => invoke(opts, operation, args));
     return {
         /** GET /health — public, no auth required (version-neutral). */
-        health: () => callApi(opts, healthControllerCheck),
+        health: () => call(healthControllerCheck),
         /** GET /v1/me — bootstraps user_profile + organization_member on first call. */
-        getMe: () => callApi(opts, meControllerGetMeV1),
+        getMe: () => call(meControllerGetMeV1),
         /** GET /v1/orders — RLS-filtered to the caller's tenant/org. */
-        listOrders: () => callApi(opts, ordersControllerFindAllV1),
+        listOrders: () => call(ordersControllerFindAllV1),
+        /**
+         * Invoke any generated operation with auth threaded in. See {@link ApiCall}.
+         */
+        call,
     };
 }
-async function callApi(opts, fn) {
+async function invoke(opts, operation, args) {
     const token = opts.getToken ? await opts.getToken() : undefined;
     const headers = {};
     if (token) {
@@ -30,6 +39,18 @@ async function callApi(opts, fn) {
         fetch: opts.fetch,
         headers,
     };
-    return fn(init);
+    // `options` is always the operation's last declared parameter. Place `init`
+    // at that slot rather than right after the supplied args: an operation with
+    // an optional leading param (e.g. `(params?, options?)`) called with no data
+    // args would otherwise receive `init` in the `params` slot. `operation.length`
+    // is the declared param count (orval emits no defaults/rest), so the options
+    // slot is `length - 1`; pad any omitted optional leading args with undefined.
+    const optionsIndex = Math.max(operation.length - 1, args.length);
+    const callArgs = new Array(optionsIndex);
+    for (let i = 0; i < args.length; i++) {
+        callArgs[i] = args[i];
+    }
+    callArgs[optionsIndex] = init;
+    return operation(...callArgs);
 }
 //# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAC;AAqBzE;;;;;;;GAOG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAA+B;IAChE,OAAO;QACL,gEAAgE;QAChE,MAAM,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,qBAAqB,CAAC;QAClD,gFAAgF;QAChF,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,mBAAmB,CAAC;QAC/C,gEAAgE;QAChE,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,yBAAyB,CAAC;KAC3D,CAAC;AACJ,CAAC;AAID,KAAK,UAAU,OAAO,CACpB,IAA+B,EAC/B,EAAyC;IAEzC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAChE,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,aAAa,GAAG,UAAU,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,MAAM,IAAI,GAAuB;QAC/B,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,OAAO;KACR,CAAC;IAEF,OAAO,EAAE,CAAC,IAAmB,CAAC,CAAC;AACjC,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAC;AAiDzE;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAA+B;IAChE,MAAM,IAAI,GAAG,CAAC,CAAC,SAAmD,EAAE,GAAG,IAAe,EAAE,EAAE,CACxF,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,CAAY,CAAC;IAE5C,OAAO;QACL,gEAAgE;QAChE,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,qBAAqB,CAAC;QACzC,gFAAgF;QAChF,KAAK,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC;QACtC,gEAAgE;QAChE,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,yBAAyB,CAAC;QACjD;;WAEG;QACH,IAAI;KACL,CAAC;AACJ,CAAC;AAID,KAAK,UAAU,MAAM,CACnB,IAA+B,EAC/B,SAA6C,EAC7C,IAAe;IAEf,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAChE,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,aAAa,GAAG,UAAU,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,MAAM,IAAI,GAAuB;QAC/B,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,OAAO;KACR,CAAC;IAEF,4EAA4E;IAC5E,4EAA4E;IAC5E,6EAA6E;IAC7E,+EAA+E;IAC/E,6EAA6E;IAC7E,8EAA8E;IAC9E,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACjE,MAAM,QAAQ,GAAG,IAAI,KAAK,CAAU,YAAY,CAAC,CAAC;IAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;IACD,QAAQ,CAAC,YAAY,CAAC,GAAG,IAAmB,CAAC;IAE7C,OAAO,SAAS,CAAC,GAAG,QAAQ,CAAC,CAAC;AAChC,CAAC"}

package/dist/generated/_all.d.ts

@@ -0,0 +1,19 @@
+export * from "./index.schemas.js";
+export * from "./account-credits/account-credits.js";
+export * from "./articles/articles.js";
+export * from "./billing-accounts/billing-accounts.js";
+export * from "./binding-plans/binding-plans.js";
+export * from "./coupons/coupons.js";
+export * from "./discount-rules/discount-rules.js";
+export * from "./fortnox-o-auth/fortnox-o-auth.js";
+export * from "./health/health.js";
+export * from "./integrations/integrations.js";
+export * from "./invoices/invoices.js";
+export * from "./me/me.js";
+export * from "./orders/orders.js";
+export * from "./price-lists/price-lists.js";
+export * from "./provider-switch/provider-switch.js";
+export * from "./stripe-webhook/stripe-webhook.js";
+export * from "./subscription-configs/subscription-configs.js";
+export * from "./tenant-config/tenant-config.js";
+//# sourceMappingURL=_all.d.ts.map

package/dist/generated/_all.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"_all.d.ts","sourceRoot":"","sources":["../../src/generated/_all.ts"],"names":[],"mappings":"AAGA,cAAc,oBAAoB,CAAC;AACnC,cAAc,sCAAsC,CAAC;AACrD,cAAc,wBAAwB,CAAC;AACvC,cAAc,wCAAwC,CAAC;AACvD,cAAc,kCAAkC,CAAC;AACjD,cAAc,sBAAsB,CAAC;AACrC,cAAc,oCAAoC,CAAC;AACnD,cAAc,oCAAoC,CAAC;AACnD,cAAc,oBAAoB,CAAC;AACnC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,wBAAwB,CAAC;AACvC,cAAc,YAAY,CAAC;AAC3B,cAAc,oBAAoB,CAAC;AACnC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,sCAAsC,CAAC;AACrD,cAAc,oCAAoC,CAAC;AACnD,cAAc,gDAAgD,CAAC;AAC/D,cAAc,kCAAkC,CAAC"}

package/dist/generated/_all.js

@@ -0,0 +1,21 @@
+// Generated by scripts/generate-barrel.mjs — do not edit manually.
+// Re-exports the full orval surface (operations + schemas) for src/index.ts.
+export * from "./index.schemas.js";
+export * from "./account-credits/account-credits.js";
+export * from "./articles/articles.js";
+export * from "./billing-accounts/billing-accounts.js";
+export * from "./binding-plans/binding-plans.js";
+export * from "./coupons/coupons.js";
+export * from "./discount-rules/discount-rules.js";
+export * from "./fortnox-o-auth/fortnox-o-auth.js";
+export * from "./health/health.js";
+export * from "./integrations/integrations.js";
+export * from "./invoices/invoices.js";
+export * from "./me/me.js";
+export * from "./orders/orders.js";
+export * from "./price-lists/price-lists.js";
+export * from "./provider-switch/provider-switch.js";
+export * from "./stripe-webhook/stripe-webhook.js";
+export * from "./subscription-configs/subscription-configs.js";
+export * from "./tenant-config/tenant-config.js";
+//# sourceMappingURL=_all.js.map

package/dist/generated/_all.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"_all.js","sourceRoot":"","sources":["../../src/generated/_all.ts"],"names":[],"mappings":"AAAA,mEAAmE;AACnE,6EAA6E;AAE7E,cAAc,oBAAoB,CAAC;AACnC,cAAc,sCAAsC,CAAC;AACrD,cAAc,wBAAwB,CAAC;AACvC,cAAc,wCAAwC,CAAC;AACvD,cAAc,kCAAkC,CAAC;AACjD,cAAc,sBAAsB,CAAC;AACrC,cAAc,oCAAoC,CAAC;AACnD,cAAc,oCAAoC,CAAC;AACnD,cAAc,oBAAoB,CAAC;AACnC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,wBAAwB,CAAC;AACvC,cAAc,YAAY,CAAC;AAC3B,cAAc,oBAAoB,CAAC;AACnC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,sCAAsC,CAAC;AACrD,cAAc,oCAAoC,CAAC;AACnD,cAAc,gDAAgD,CAAC;AAC/D,cAAc,kCAAkC,CAAC"}

package/dist/generated/_permissions.d.ts

@@ -0,0 +1,214 @@
+export type ApiPermission = "accountcredit:read" | "accountcredit:write" | "article:write" | "billingaccount:read" | "billingaccount:write" | "billingconfig:read" | "billingconfig:write" | "bindingplan:read" | "bindingplan:write" | "coupon:read" | "coupon:write" | "discountrule:read" | "discountrule:write" | "integration:read" | "integration:write" | "invoice:correct" | "invoice:read" | "order:read" | "pricelist:read" | "pricelist:write" | "providerswitch:write" | "subscriptionconfig:read" | "subscriptionconfig:write";
+/** The closed access rule for an operation. */
+export type OperationAccess = {
+    readonly kind: "permissions";
+    readonly permissions: readonly ApiPermission[];
+} | {
+    readonly kind: "authenticated";
+} | {
+    readonly kind: "public";
+};
+/**
+ * Maps every orval operation-function name to its access rule. Total by
+ * construction (the API stamps every operation), so a lookup is never a miss —
+ * there is no "absent means open" bucket.
+ */
+export declare const OPERATION_PERMISSIONS: {
+    readonly accountCreditsControllerCancelAccountCreditV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["accountcredit:write"];
+    };
+    readonly accountCreditsControllerCreateAccountCreditV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["accountcredit:write"];
+    };
+    readonly accountCreditsControllerListAccountCreditsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["accountcredit:read"];
+    };
+    readonly accountCreditsControllerListApplicationsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["accountcredit:read"];
+    };
+    readonly articlesControllerCreateArticleV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["article:write"];
+    };
+    readonly articlesControllerGetArticleByIdV1: {
+        readonly kind: "authenticated";
+    };
+    readonly articlesControllerListArticlesV1: {
+        readonly kind: "authenticated";
+    };
+    readonly articlesControllerUpdateArticleV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["article:write"];
+    };
+    readonly billingAccountsControllerCreateAccountV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["billingaccount:write"];
+    };
+    readonly billingAccountsControllerGetAccountByIdV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["billingaccount:read"];
+    };
+    readonly billingAccountsControllerListAccountsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["billingaccount:read"];
+    };
+    readonly billingAccountsControllerUpdateAccountV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["billingaccount:write"];
+    };
+    readonly bindingPlansControllerCreateBindingPlanV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["bindingplan:write"];
+    };
+    readonly bindingPlansControllerListBindingPlansV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["bindingplan:read"];
+    };
+    readonly couponsControllerAddBenefitV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["coupon:write"];
+    };
+    readonly couponsControllerCreateCouponV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["coupon:write"];
+    };
+    readonly couponsControllerGetCouponV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["coupon:read"];
+    };
+    readonly couponsControllerListCouponsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["coupon:read"];
+    };
+    readonly couponsControllerListRedemptionsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["coupon:read"];
+    };
+    readonly couponsControllerRedeemCouponV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["coupon:write"];
+    };
+    readonly discountRulesControllerCreateDiscountRuleV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["discountrule:write"];
+    };
+    readonly discountRulesControllerListDiscountRulesV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["discountrule:read"];
+    };
+    readonly fortnoxOAuthControllerAuthorizeV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["integration:write"];
+    };
+    readonly healthControllerCheck: {
+        readonly kind: "public";
+    };
+    readonly integrationsControllerCreateFortnoxV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["integration:write"];
+    };
+    readonly integrationsControllerCreateStripeV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["integration:write"];
+    };
+    readonly integrationsControllerGetByIdV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["integration:read"];
+    };
+    readonly integrationsControllerListV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["integration:read"];
+    };
+    readonly invoicesControllerGetInvoiceByIdV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["invoice:read"];
+    };
+    readonly invoicesControllerIssueAdjustmentV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["invoice:correct"];
+    };
+    readonly invoicesControllerIssueCreditNoteV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["invoice:correct"];
+    };
+    readonly invoicesControllerListCorrectionsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["invoice:read"];
+    };
+    readonly invoicesControllerListInvoicesV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["invoice:read"];
+    };
+    readonly invoicesControllerVoidInvoiceV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["invoice:correct"];
+    };
+    readonly meControllerGetMeV1: {
+        readonly kind: "authenticated";
+    };
+    readonly ordersControllerFindAllV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["order:read"];
+    };
+    readonly priceListsControllerCreatePriceListItemV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["pricelist:write"];
+    };
+    readonly priceListsControllerCreatePriceListV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["pricelist:write"];
+    };
+    readonly priceListsControllerGetPriceListByIdV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["pricelist:read"];
+    };
+    readonly priceListsControllerGetPriceListItemsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["pricelist:read"];
+    };
+    readonly priceListsControllerListPriceListsV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["pricelist:read"];
+    };
+    readonly priceListsControllerUpdatePriceListV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["pricelist:write"];
+    };
+    readonly providerSwitchControllerSwitchAccountProvidersV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["providerswitch:write"];
+    };
+    readonly providerSwitchControllerSwitchTenantConfigProvidersV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["providerswitch:write"];
+    };
+    readonly stripeWebhookControllerReceiveV1: {
+        readonly kind: "public";
+    };
+    readonly subscriptionConfigsControllerCreateV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["subscriptionconfig:write"];
+    };
+    readonly subscriptionConfigsControllerGetByBillingAccountV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["subscriptionconfig:read"];
+    };
+    readonly subscriptionConfigsControllerUpdateV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["subscriptionconfig:write"];
+    };
+    readonly tenantConfigControllerGetConfigV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["billingconfig:read"];
+    };
+    readonly tenantConfigControllerUpdateV1: {
+        readonly kind: "permissions";
+        readonly permissions: readonly ["billingconfig:write"];
+    };
+};
+export type OperationName = keyof typeof OPERATION_PERMISSIONS;
+//# sourceMappingURL=_permissions.d.ts.map

package/dist/generated/_permissions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"_permissions.d.ts","sourceRoot":"","sources":["../../src/generated/_permissions.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,aAAa,GACrB,oBAAoB,GACpB,qBAAqB,GACrB,eAAe,GACf,qBAAqB,GACrB,sBAAsB,GACtB,oBAAoB,GACpB,qBAAqB,GACrB,kBAAkB,GAClB,mBAAmB,GACnB,aAAa,GACb,cAAc,GACd,mBAAmB,GACnB,oBAAoB,GACpB,kBAAkB,GAClB,mBAAmB,GACnB,iBAAiB,GACjB,cAAc,GACd,YAAY,GACZ,gBAAgB,GAChB,iBAAiB,GACjB,sBAAsB,GACtB,yBAAyB,GACzB,0BAA0B,CAAC;AAE/B,+CAA+C;AAC/C,MAAM,MAAM,eAAe,GACvB;IAAE,QAAQ,CAAC,IAAI,EAAE,aAAa,CAAC;IAAC,QAAQ,CAAC,WAAW,EAAE,SAAS,aAAa,EAAE,CAAA;CAAE,GAChF;IAAE,QAAQ,CAAC,IAAI,EAAE,eAAe,CAAA;CAAE,GAClC;IAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAA;CAAE,CAAC;AAEhC;;;;GAIG;AACH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAmDkB,CAAC;AAErD,MAAM,MAAM,aAAa,GAAG,MAAM,OAAO,qBAAqB,CAAC"}

package/dist/generated/_permissions.js

@@ -0,0 +1,60 @@
+// Generated by scripts/generate-permissions.mjs — do not edit manually.
+// Access rule per operation, from the API's x-required-permissions / x-access.
+/**
+ * Maps every orval operation-function name to its access rule. Total by
+ * construction (the API stamps every operation), so a lookup is never a miss —
+ * there is no "absent means open" bucket.
+ */
+export const OPERATION_PERMISSIONS = {
+    accountCreditsControllerCancelAccountCreditV1: { kind: "permissions", permissions: ["accountcredit:write"] },
+    accountCreditsControllerCreateAccountCreditV1: { kind: "permissions", permissions: ["accountcredit:write"] },
+    accountCreditsControllerListAccountCreditsV1: { kind: "permissions", permissions: ["accountcredit:read"] },
+    accountCreditsControllerListApplicationsV1: { kind: "permissions", permissions: ["accountcredit:read"] },
+    articlesControllerCreateArticleV1: { kind: "permissions", permissions: ["article:write"] },
+    articlesControllerGetArticleByIdV1: { kind: "authenticated" },
+    articlesControllerListArticlesV1: { kind: "authenticated" },
+    articlesControllerUpdateArticleV1: { kind: "permissions", permissions: ["article:write"] },
+    billingAccountsControllerCreateAccountV1: { kind: "permissions", permissions: ["billingaccount:write"] },
+    billingAccountsControllerGetAccountByIdV1: { kind: "permissions", permissions: ["billingaccount:read"] },
+    billingAccountsControllerListAccountsV1: { kind: "permissions", permissions: ["billingaccount:read"] },
+    billingAccountsControllerUpdateAccountV1: { kind: "permissions", permissions: ["billingaccount:write"] },
+    bindingPlansControllerCreateBindingPlanV1: { kind: "permissions", permissions: ["bindingplan:write"] },
+    bindingPlansControllerListBindingPlansV1: { kind: "permissions", permissions: ["bindingplan:read"] },
+    couponsControllerAddBenefitV1: { kind: "permissions", permissions: ["coupon:write"] },
+    couponsControllerCreateCouponV1: { kind: "permissions", permissions: ["coupon:write"] },
+    couponsControllerGetCouponV1: { kind: "permissions", permissions: ["coupon:read"] },
+    couponsControllerListCouponsV1: { kind: "permissions", permissions: ["coupon:read"] },
+    couponsControllerListRedemptionsV1: { kind: "permissions", permissions: ["coupon:read"] },
+    couponsControllerRedeemCouponV1: { kind: "permissions", permissions: ["coupon:write"] },
+    discountRulesControllerCreateDiscountRuleV1: { kind: "permissions", permissions: ["discountrule:write"] },
+    discountRulesControllerListDiscountRulesV1: { kind: "permissions", permissions: ["discountrule:read"] },
+    fortnoxOAuthControllerAuthorizeV1: { kind: "permissions", permissions: ["integration:write"] },
+    healthControllerCheck: { kind: "public" },
+    integrationsControllerCreateFortnoxV1: { kind: "permissions", permissions: ["integration:write"] },
+    integrationsControllerCreateStripeV1: { kind: "permissions", permissions: ["integration:write"] },
+    integrationsControllerGetByIdV1: { kind: "permissions", permissions: ["integration:read"] },
+    integrationsControllerListV1: { kind: "permissions", permissions: ["integration:read"] },
+    invoicesControllerGetInvoiceByIdV1: { kind: "permissions", permissions: ["invoice:read"] },
+    invoicesControllerIssueAdjustmentV1: { kind: "permissions", permissions: ["invoice:correct"] },
+    invoicesControllerIssueCreditNoteV1: { kind: "permissions", permissions: ["invoice:correct"] },
+    invoicesControllerListCorrectionsV1: { kind: "permissions", permissions: ["invoice:read"] },
+    invoicesControllerListInvoicesV1: { kind: "permissions", permissions: ["invoice:read"] },
+    invoicesControllerVoidInvoiceV1: { kind: "permissions", permissions: ["invoice:correct"] },
+    meControllerGetMeV1: { kind: "authenticated" },
+    ordersControllerFindAllV1: { kind: "permissions", permissions: ["order:read"] },
+    priceListsControllerCreatePriceListItemV1: { kind: "permissions", permissions: ["pricelist:write"] },
+    priceListsControllerCreatePriceListV1: { kind: "permissions", permissions: ["pricelist:write"] },
+    priceListsControllerGetPriceListByIdV1: { kind: "permissions", permissions: ["pricelist:read"] },
+    priceListsControllerGetPriceListItemsV1: { kind: "permissions", permissions: ["pricelist:read"] },
+    priceListsControllerListPriceListsV1: { kind: "permissions", permissions: ["pricelist:read"] },
+    priceListsControllerUpdatePriceListV1: { kind: "permissions", permissions: ["pricelist:write"] },
+    providerSwitchControllerSwitchAccountProvidersV1: { kind: "permissions", permissions: ["providerswitch:write"] },
+    providerSwitchControllerSwitchTenantConfigProvidersV1: { kind: "permissions", permissions: ["providerswitch:write"] },
+    stripeWebhookControllerReceiveV1: { kind: "public" },
+    subscriptionConfigsControllerCreateV1: { kind: "permissions", permissions: ["subscriptionconfig:write"] },
+    subscriptionConfigsControllerGetByBillingAccountV1: { kind: "permissions", permissions: ["subscriptionconfig:read"] },
+    subscriptionConfigsControllerUpdateV1: { kind: "permissions", permissions: ["subscriptionconfig:write"] },
+    tenantConfigControllerGetConfigV1: { kind: "permissions", permissions: ["billingconfig:read"] },
+    tenantConfigControllerUpdateV1: { kind: "permissions", permissions: ["billingconfig:write"] },
+};
+//# sourceMappingURL=_permissions.js.map

package/dist/generated/_permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"_permissions.js","sourceRoot":"","sources":["../../src/generated/_permissions.ts"],"names":[],"mappings":"AAAA,wEAAwE;AACxE,+EAA+E;AAiC/E;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,6CAA6C,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,qBAAqB,CAAC,EAAE;IAC5G,6CAA6C,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,qBAAqB,CAAC,EAAE;IAC5G,4CAA4C,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,oBAAoB,CAAC,EAAE;IAC1G,0CAA0C,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,oBAAoB,CAAC,EAAE;IACxG,iCAAiC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,eAAe,CAAC,EAAE;IAC1F,kCAAkC,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE;IAC7D,gCAAgC,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE;IAC3D,iCAAiC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,eAAe,CAAC,EAAE;IAC1F,wCAAwC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,sBAAsB,CAAC,EAAE;IACxG,yCAAyC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,qBAAqB,CAAC,EAAE;IACxG,uCAAuC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,qBAAqB,CAAC,EAAE;IACtG,wCAAwC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,sBAAsB,CAAC,EAAE;IACxG,yCAAyC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,mBAAmB,CAAC,EAAE;IACtG,wCAAwC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,kBAAkB,CAAC,EAAE;IACpG,6BAA6B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,cAAc,CAAC,EAAE;IACrF,+BAA+B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,cAAc,CAAC,EAAE;IACvF,4BAA4B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,aAAa,CAAC,EAAE;IACnF,8BAA8B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,aAAa,CAAC,EAAE;IACrF,kCAAkC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,aAAa,CAAC,EAAE;IACzF,+BAA+B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,cAAc,CAAC,EAAE;IACvF,2CAA2C,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,oBAAoB,CAAC,EAAE;IACzG,0CAA0C,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,mBAAmB,CAAC,EAAE;IACvG,iCAAiC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,mBAAmB,CAAC,EAAE;IAC9F,qBAAqB,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;IACzC,qCAAqC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,mBAAmB,CAAC,EAAE;IAClG,oCAAoC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,mBAAmB,CAAC,EAAE;IACjG,+BAA+B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,kBAAkB,CAAC,EAAE;IAC3F,4BAA4B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,kBAAkB,CAAC,EAAE;IACxF,kCAAkC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,cAAc,CAAC,EAAE;IAC1F,mCAAmC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,iBAAiB,CAAC,EAAE;IAC9F,mCAAmC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,iBAAiB,CAAC,EAAE;IAC9F,mCAAmC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,cAAc,CAAC,EAAE;IAC3F,gCAAgC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,cAAc,CAAC,EAAE;IACxF,+BAA+B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,iBAAiB,CAAC,EAAE;IAC1F,mBAAmB,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE;IAC9C,yBAAyB,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,YAAY,CAAC,EAAE;IAC/E,yCAAyC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,iBAAiB,CAAC,EAAE;IACpG,qCAAqC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,iBAAiB,CAAC,EAAE;IAChG,sCAAsC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,gBAAgB,CAAC,EAAE;IAChG,uCAAuC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,gBAAgB,CAAC,EAAE;IACjG,oCAAoC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,gBAAgB,CAAC,EAAE;IAC9F,qCAAqC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,iBAAiB,CAAC,EAAE;IAChG,gDAAgD,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,sBAAsB,CAAC,EAAE;IAChH,qDAAqD,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,sBAAsB,CAAC,EAAE;IACrH,gCAAgC,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;IACpD,qCAAqC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,0BAA0B,CAAC,EAAE;IACzG,kDAAkD,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,yBAAyB,CAAC,EAAE;IACrH,qCAAqC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,0BAA0B,CAAC,EAAE;IACzG,iCAAiC,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,oBAAoB,CAAC,EAAE;IAC/F,8BAA8B,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC,qBAAqB,CAAC,EAAE;CAC3C,CAAC"}

package/dist/generated/account-credits/account-credits.d.ts

@@ -7,6 +7,7 @@
  */
 import type { AccountCreditApplicationDto, AccountCreditDto, AccountCreditsControllerListAccountCreditsV1Params, AccountCreditsControllerListApplicationsV1Params, CreateAccountCreditDto } from '../index.schemas.js';
 /**
+ * 🔒 Requires permission: accountcredit:read. Gate UI with hasRequiredPermissions() from @vindentech/api-client.
  * @summary List account credits (optionally filtered by billing account)
  */
 export type accountCreditsControllerListAccountCreditsV1Response200 = {
@@ -20,6 +21,7 @@ export type accountCreditsControllerListAccountCreditsV1Response = (accountCredi
 export declare const getAccountCreditsControllerListAccountCreditsV1Url: (params?: AccountCreditsControllerListAccountCreditsV1Params) => string;
 export declare const accountCreditsControllerListAccountCreditsV1: (params?: AccountCreditsControllerListAccountCreditsV1Params, options?: RequestInit) => Promise<accountCreditsControllerListAccountCreditsV1Response>;
 /**
+ * 🔒 Requires permission: accountcredit:write. Gate UI with hasRequiredPermissions() from @vindentech/api-client.
  * @summary Create an account credit (fully unspent)
  */
 export type accountCreditsControllerCreateAccountCreditV1Response201 = {
@@ -33,6 +35,7 @@ export type accountCreditsControllerCreateAccountCreditV1Response = (accountCred
 export declare const getAccountCreditsControllerCreateAccountCreditV1Url: () => string;
 export declare const accountCreditsControllerCreateAccountCreditV1: (createAccountCreditDto: CreateAccountCreditDto, options?: RequestInit) => Promise<accountCreditsControllerCreateAccountCreditV1Response>;
 /**
+ * 🔒 Requires permission: accountcredit:read. Gate UI with hasRequiredPermissions() from @vindentech/api-client.
  * @summary List the INSERT-only consumption ledger for one account credit
  */
 export type accountCreditsControllerListApplicationsV1Response200 = {
@@ -46,6 +49,7 @@ export type accountCreditsControllerListApplicationsV1Response = (accountCredits
 export declare const getAccountCreditsControllerListApplicationsV1Url: (id: string, params?: AccountCreditsControllerListApplicationsV1Params) => string;
 export declare const accountCreditsControllerListApplicationsV1: (id: string, params?: AccountCreditsControllerListApplicationsV1Params, options?: RequestInit) => Promise<accountCreditsControllerListApplicationsV1Response>;
 /**
+ * 🔒 Requires permission: accountcredit:write. Gate UI with hasRequiredPermissions() from @vindentech/api-client.
  * @summary Cancel an account credit (idempotent; existing applications stay)
  */
 export type accountCreditsControllerCancelAccountCreditV1Response200 = {

package/dist/generated/account-credits/account-credits.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account-credits.d.ts","sourceRoot":"","sources":["../../../src/generated/account-credits/account-credits.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,EACV,2BAA2B,EAC3B,gBAAgB,EAChB,kDAAkD,EAClD,gDAAgD,EAChD,sBAAsB,EACvB,MAAM,qBAAqB,CAAC;AAI7B;;GAEG;AACH,MAAM,MAAM,uDAAuD,GAAG;IACpE,IAAI,EAAE,gBAAgB,EAAE,CAAA;IACxB,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,2DAA2D,GAAG,CAAC,uDAAuD,CAAC,GAAG;IACpI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAGF,MAAM,MAAM,oDAAoD,GAAG,CAAC,2DAA2D,CAAC,CAAA;AAEhI,eAAO,MAAM,kDAAkD,GAAI,SAAS,kDAAkD,WAa7H,CAAA;AAED,eAAO,MAAM,4CAA4C,GAAU,SAAS,kDAAkD,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,oDAAoD,CASjN,CAAA;AAGH;;GAEG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,gBAAgB,CAAA;IACtB,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,4DAA4D,GAAG,CAAC,wDAAwD,CAAC,GAAG;IACtI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAGF,MAAM,MAAM,qDAAqD,GAAG,CAAC,4DAA4D,CAAC,CAAA;AAElI,eAAO,MAAM,mDAAmD,cAM/D,CAAA;AAED,eAAO,MAAM,6CAA6C,GAAU,wBAAwB,sBAAsB,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,qDAAqD,CAUtM,CAAA;AAGH;;GAEG;AACH,MAAM,MAAM,qDAAqD,GAAG;IAClE,IAAI,EAAE,2BAA2B,EAAE,CAAA;IACnC,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,yDAAyD,GAAG,CAAC,qDAAqD,CAAC,GAAG;IAChI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAGF,MAAM,MAAM,kDAAkD,GAAG,CAAC,yDAAyD,CAAC,CAAA;AAE5H,eAAO,MAAM,gDAAgD,GAAI,IAAI,MAAM,EACvE,SAAS,gDAAgD,WAa5D,CAAA;AAED,eAAO,MAAM,0CAA0C,GAAU,IAAI,MAAM,EACvE,SAAS,gDAAgD,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,kDAAkD,CAS9I,CAAA;AAGH;;GAEG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,gBAAgB,CAAA;IACtB,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,IAAI,CAAA;IACV,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,4DAA4D,GAAG,CAAC,wDAAwD,CAAC,GAAG;IACtI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AACF,MAAM,MAAM,0DAA0D,GAAG,CAAC,wDAAwD,CAAC,GAAG;IACpI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,qDAAqD,GAAG,CAAC,4DAA4D,GAAG,0DAA0D,CAAC,CAAA;AAE/L,eAAO,MAAM,mDAAmD,GAAI,IAAI,MAAM,WAM7E,CAAA;AAED,eAAO,MAAM,6CAA6C,GAAU,IAAI,MAAM,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,qDAAqD,CASlK,CAAA"}
+{"version":3,"file":"account-credits.d.ts","sourceRoot":"","sources":["../../../src/generated/account-credits/account-credits.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,EACV,2BAA2B,EAC3B,gBAAgB,EAChB,kDAAkD,EAClD,gDAAgD,EAChD,sBAAsB,EACvB,MAAM,qBAAqB,CAAC;AAI7B;;;GAGG;AACH,MAAM,MAAM,uDAAuD,GAAG;IACpE,IAAI,EAAE,gBAAgB,EAAE,CAAA;IACxB,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,2DAA2D,GAAG,CAAC,uDAAuD,CAAC,GAAG;IACpI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAGF,MAAM,MAAM,oDAAoD,GAAG,CAAC,2DAA2D,CAAC,CAAA;AAEhI,eAAO,MAAM,kDAAkD,GAAI,SAAS,kDAAkD,WAa7H,CAAA;AAED,eAAO,MAAM,4CAA4C,GAAU,SAAS,kDAAkD,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,oDAAoD,CASjN,CAAA;AAGH;;;GAGG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,gBAAgB,CAAA;IACtB,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,4DAA4D,GAAG,CAAC,wDAAwD,CAAC,GAAG;IACtI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAGF,MAAM,MAAM,qDAAqD,GAAG,CAAC,4DAA4D,CAAC,CAAA;AAElI,eAAO,MAAM,mDAAmD,cAM/D,CAAA;AAED,eAAO,MAAM,6CAA6C,GAAU,wBAAwB,sBAAsB,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,qDAAqD,CAUtM,CAAA;AAGH;;;GAGG;AACH,MAAM,MAAM,qDAAqD,GAAG;IAClE,IAAI,EAAE,2BAA2B,EAAE,CAAA;IACnC,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,yDAAyD,GAAG,CAAC,qDAAqD,CAAC,GAAG;IAChI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAGF,MAAM,MAAM,kDAAkD,GAAG,CAAC,yDAAyD,CAAC,CAAA;AAE5H,eAAO,MAAM,gDAAgD,GAAI,IAAI,MAAM,EACvE,SAAS,gDAAgD,WAa5D,CAAA;AAED,eAAO,MAAM,0CAA0C,GAAU,IAAI,MAAM,EACvE,SAAS,gDAAgD,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,kDAAkD,CAS9I,CAAA;AAGH;;;GAGG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,gBAAgB,CAAA;IACtB,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,IAAI,CAAA;IACV,MAAM,EAAE,GAAG,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,4DAA4D,GAAG,CAAC,wDAAwD,CAAC,GAAG;IACtI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AACF,MAAM,MAAM,0DAA0D,GAAG,CAAC,wDAAwD,CAAC,GAAG;IACpI,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,qDAAqD,GAAG,CAAC,4DAA4D,GAAG,0DAA0D,CAAC,CAAA;AAE/L,eAAO,MAAM,mDAAmD,GAAI,IAAI,MAAM,WAM7E,CAAA;AAED,eAAO,MAAM,6CAA6C,GAAU,IAAI,MAAM,EAAE,UAAU,WAAW,KAAG,OAAO,CAAC,qDAAqD,CASlK,CAAA"}

package/dist/generated/account-credits/account-credits.js.map

@@ -1 +1 @@
-{"version":3,"file":"account-credits.js","sourceRoot":"","sources":["../../../src/generated/account-credits/account-credits.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAa/C,CAAC;AAID,MAAM,CAAC,MAAM,kDAAkD,GAAG,CAAC,MAA2D,EAAG,EAAE;IACjI,MAAM,gBAAgB,GAAG,IAAI,eAAe,EAAE,CAAC;IAE/C,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAEpD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,gBAAgB,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;QAC1E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,QAAQ,EAAE,CAAC;IAEtD,OAAO,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,+BAA+B,iBAAiB,EAAE,CAAC,CAAC,CAAC,6BAA6B,CAAA;AAC1H,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,4CAA4C,GAAG,KAAK,EAAE,MAA2D,EAAE,OAAqB,EAAiE,EAAE;IAEtN,OAAO,WAAW,CAAuD,kDAAkD,CAAC,MAAM,CAAC,EACnI;QACE,GAAG,OAAO;QACV,MAAM,EAAE,KAAK;KAGd,CACF,CAAC;AAAA,CAAC,CAAA;AAcH,CAAC;AAID,MAAM,CAAC,MAAM,mDAAmD,GAAG,GAAG,EAAE;IAKtE,OAAO,6BAA6B,CAAA;AACtC,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,6CAA6C,GAAG,KAAK,EAAE,sBAA8C,EAAE,OAAqB,EAAkE,EAAE;IAE3M,OAAO,WAAW,CAAwD,mDAAmD,EAAE,EAC/H;QACE,GAAG,OAAO;QACV,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE;QACpE,IAAI,EAAE,IAAI,CAAC,SAAS,CAClB,sBAAsB,CAAE;KAC3B,CACF,CAAC;AAAA,CAAC,CAAA;AAcH,CAAC;AAID,MAAM,CAAC,MAAM,gDAAgD,GAAG,CAAC,EAAU,EACvE,MAAyD,EAAG,EAAE;IAChE,MAAM,gBAAgB,GAAG,IAAI,eAAe,EAAE,CAAC;IAE/C,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAEpD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,gBAAgB,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;QAC1E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,QAAQ,EAAE,CAAC;IAEtD,OAAO,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,+BAA+B,EAAE,iBAAiB,iBAAiB,EAAE,CAAC,CAAC,CAAC,+BAA+B,EAAE,eAAe,CAAA;AAChK,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,0CAA0C,GAAG,KAAK,EAAE,EAAU,EACvE,MAAyD,EAAE,OAAqB,EAA+D,EAAE;IAEnJ,OAAO,WAAW,CAAqD,gDAAgD,CAAC,EAAE,EAAC,MAAM,CAAC,EAClI;QACE,GAAG,OAAO;QACV,MAAM,EAAE,KAAK;KAGd,CACF,CAAC;AAAA,CAAC,CAAA;AAyBH,MAAM,CAAC,MAAM,mDAAmD,GAAG,CAAC,EAAU,EAAG,EAAE;IAKjF,OAAO,+BAA+B,EAAE,SAAS,CAAA;AACnD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,6CAA6C,GAAG,KAAK,EAAE,EAAU,EAAE,OAAqB,EAAkE,EAAE;IAEvK,OAAO,WAAW,CAAwD,mDAAmD,CAAC,EAAE,CAAC,EACjI;QACE,GAAG,OAAO;QACV,MAAM,EAAE,MAAM;KAGf,CACF,CAAC;AAAA,CAAC,CAAA"}
+{"version":3,"file":"account-credits.js","sourceRoot":"","sources":["../../../src/generated/account-credits/account-credits.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAc/C,CAAC;AAID,MAAM,CAAC,MAAM,kDAAkD,GAAG,CAAC,MAA2D,EAAG,EAAE;IACjI,MAAM,gBAAgB,GAAG,IAAI,eAAe,EAAE,CAAC;IAE/C,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAEpD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,gBAAgB,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;QAC1E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,QAAQ,EAAE,CAAC;IAEtD,OAAO,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,+BAA+B,iBAAiB,EAAE,CAAC,CAAC,CAAC,6BAA6B,CAAA;AAC1H,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,4CAA4C,GAAG,KAAK,EAAE,MAA2D,EAAE,OAAqB,EAAiE,EAAE;IAEtN,OAAO,WAAW,CAAuD,kDAAkD,CAAC,MAAM,CAAC,EACnI;QACE,GAAG,OAAO;QACV,MAAM,EAAE,KAAK;KAGd,CACF,CAAC;AAAA,CAAC,CAAA;AAeH,CAAC;AAID,MAAM,CAAC,MAAM,mDAAmD,GAAG,GAAG,EAAE;IAKtE,OAAO,6BAA6B,CAAA;AACtC,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,6CAA6C,GAAG,KAAK,EAAE,sBAA8C,EAAE,OAAqB,EAAkE,EAAE;IAE3M,OAAO,WAAW,CAAwD,mDAAmD,EAAE,EAC/H;QACE,GAAG,OAAO;QACV,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE;QACpE,IAAI,EAAE,IAAI,CAAC,SAAS,CAClB,sBAAsB,CAAE;KAC3B,CACF,CAAC;AAAA,CAAC,CAAA;AAeH,CAAC;AAID,MAAM,CAAC,MAAM,gDAAgD,GAAG,CAAC,EAAU,EACvE,MAAyD,EAAG,EAAE;IAChE,MAAM,gBAAgB,GAAG,IAAI,eAAe,EAAE,CAAC;IAE/C,MAAM,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAEpD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,gBAAgB,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;QAC1E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,QAAQ,EAAE,CAAC;IAEtD,OAAO,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,+BAA+B,EAAE,iBAAiB,iBAAiB,EAAE,CAAC,CAAC,CAAC,+BAA+B,EAAE,eAAe,CAAA;AAChK,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,0CAA0C,GAAG,KAAK,EAAE,EAAU,EACvE,MAAyD,EAAE,OAAqB,EAA+D,EAAE;IAEnJ,OAAO,WAAW,CAAqD,gDAAgD,CAAC,EAAE,EAAC,MAAM,CAAC,EAClI;QACE,GAAG,OAAO;QACV,MAAM,EAAE,KAAK;KAGd,CACF,CAAC;AAAA,CAAC,CAAA;AA0BH,MAAM,CAAC,MAAM,mDAAmD,GAAG,CAAC,EAAU,EAAG,EAAE;IAKjF,OAAO,+BAA+B,EAAE,SAAS,CAAA;AACnD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,6CAA6C,GAAG,KAAK,EAAE,EAAU,EAAE,OAAqB,EAAkE,EAAE;IAEvK,OAAO,WAAW,CAAwD,mDAAmD,CAAC,EAAE,CAAC,EACjI;QACE,GAAG,OAAO;QACV,MAAM,EAAE,MAAM;KAGf,CACF,CAAC;AAAA,CAAC,CAAA"}

package/dist/generated/articles/articles.d.ts

@@ -7,6 +7,7 @@
  */
 import type { ArticleDto, ArticlesControllerListArticlesV1Params, CreateArticleDto, UpdateArticleDto } from '../index.schemas.js';
 /**
+ * 🔒 Requires: authenticated session
  * @summary List articles
  */
 export type articlesControllerListArticlesV1Response200 = {
@@ -20,6 +21,7 @@ export type articlesControllerListArticlesV1Response = (articlesControllerListAr
 export declare const getArticlesControllerListArticlesV1Url: (params?: ArticlesControllerListArticlesV1Params) => string;
 export declare const articlesControllerListArticlesV1: (params?: ArticlesControllerListArticlesV1Params, options?: RequestInit) => Promise<articlesControllerListArticlesV1Response>;
 /**
+ * 🔒 Requires permission: article:write. Gate UI with hasRequiredPermissions() from @vindentech/api-client.
  * @summary Create a tenant article
  */
 export type articlesControllerCreateArticleV1Response201 = {
@@ -33,6 +35,7 @@ export type articlesControllerCreateArticleV1Response = (articlesControllerCreat
 export declare const getArticlesControllerCreateArticleV1Url: () => string;
 export declare const articlesControllerCreateArticleV1: (createArticleDto: CreateArticleDto, options?: RequestInit) => Promise<articlesControllerCreateArticleV1Response>;
 /**
+ * 🔒 Requires: authenticated session
  * @summary Get one article by id
  */
 export type articlesControllerGetArticleByIdV1Response200 = {
@@ -46,6 +49,7 @@ export type articlesControllerGetArticleByIdV1Response = (articlesControllerGetA
 export declare const getArticlesControllerGetArticleByIdV1Url: (id: string) => string;
 export declare const articlesControllerGetArticleByIdV1: (id: string, options?: RequestInit) => Promise<articlesControllerGetArticleByIdV1Response>;
 /**
+ * 🔒 Requires permission: article:write. Gate UI with hasRequiredPermissions() from @vindentech/api-client.
  * @summary Update a tenant article
  */
 export type articlesControllerUpdateArticleV1Response200 = {