@zealamic/payload-auth-rbac-plugin 1.0.0-beta.1

package/dist/collections/users/index.js

@@ -0,0 +1,135 @@
+import { getArrayOfMergedFieldAffectingData, getPermissionAccess, toLocaleRecord } from "../../lib/utils/index.js";
+import { mergeUserCollectionHooks } from "./parent-path.js";
+const buildDefaultFields = (translations)=>{
+    const locales = Object.keys(translations);
+    return [
+        {
+            name: "isSuperAdmin",
+            type: "checkbox",
+            defaultValue: false,
+            label: toLocaleRecord(locales, (locale)=>translations[locale]?.fields?.isSuperAdmin?.label),
+            admin: {
+                readOnly: true
+            }
+        },
+        {
+            name: "roles",
+            type: "relationship",
+            relationTo: "roles",
+            hasMany: true,
+            label: toLocaleRecord(locales, (locale)=>translations[locale]?.fields?.roles?.label)
+        },
+        {
+            name: "parent",
+            type: "relationship",
+            relationTo: "users",
+            label: toLocaleRecord(locales, (locale)=>translations[locale]?.fields?.parent?.label),
+            filterOptions: ({ id })=>id ? {
+                    id: {
+                        not_equals: id
+                    }
+                } : true
+        },
+        {
+            name: "parentPath",
+            type: "text",
+            index: true,
+            admin: {
+                hidden: true,
+                readOnly: true
+            }
+        }
+    ];
+};
+export const modifyUsersCollection = (params = {})=>{
+    const { translations = {}, fields: customFields = [] } = params;
+    return (incomingConfig)=>{
+        const config = {
+            ...incomingConfig
+        };
+        const userSlug = config.admin?.user || "users";
+        const customAdmin = {
+            defaultColumns: [
+                "email",
+                "roles",
+                "isSuperAdmin",
+                "updatedAt"
+            ],
+            useAsTitle: "email",
+            ...config.admin
+        };
+        const pluginFields = getArrayOfMergedFieldAffectingData({
+            defaultFields: buildDefaultFields(translations),
+            fields: customFields
+        });
+        const existing = (config.collections || []).find((c)=>c.slug === userSlug);
+        const dataScopeOptions = {
+            createdByField: "id",
+            usersCollectionSlug: userSlug
+        };
+        const defaultAccess = {
+            create: getPermissionAccess({
+                featureCode: userSlug,
+                actionCode: "create"
+            }),
+            update: getPermissionAccess({
+                featureCode: userSlug,
+                actionCode: "update",
+                mode: "modify",
+                collectionSlug: userSlug,
+                options: dataScopeOptions
+            }),
+            delete: getPermissionAccess({
+                featureCode: userSlug,
+                actionCode: "delete",
+                mode: "modify",
+                collectionSlug: userSlug,
+                options: dataScopeOptions
+            }),
+            read: getPermissionAccess({
+                featureCode: userSlug,
+                actionCode: "read",
+                options: dataScopeOptions
+            })
+        };
+        if (existing) {
+            config.collections = (config.collections || []).map((collection)=>{
+                if (collection.slug !== userSlug) {
+                    return collection;
+                }
+                return {
+                    ...collection,
+                    fields: [
+                        ...collection.fields,
+                        ...pluginFields
+                    ],
+                    access: {
+                        ...defaultAccess,
+                        ...collection.access
+                    },
+                    hooks: mergeUserCollectionHooks({
+                        existingHooks: collection.hooks,
+                        userSlug
+                    })
+                };
+            });
+        } else {
+            config.collections = [
+                ...config.collections || [],
+                {
+                    slug: userSlug,
+                    auth: true,
+                    admin: customAdmin,
+                    fields: pluginFields,
+                    access: defaultAccess,
+                    hooks: mergeUserCollectionHooks({
+                        userSlug
+                    })
+                }
+            ];
+        }
+        return config;
+    };
+};
+
+//# sourceMappingURL=index.js.map

package/dist/collections/users/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/collections/users/index.ts"],"sourcesContent":["import type { Config, Field, PayloadRequest } from \"payload\";\nimport {\n  getArrayOfMergedFieldAffectingData,\n  getPermissionAccess,\n  toLocaleRecord,\n} from \"../../lib/utils/index.js\";\nimport { mergeUserCollectionHooks } from \"./parent-path.js\";\nimport type {\n  UsersModificationParams,\n  UsersModificationTranslations,\n} from \"./types.js\";\n\nconst buildDefaultFields = (\n  translations: UsersModificationTranslations,\n): Field[] => {\n  const locales = Object.keys(translations);\n  return [\n    {\n      name: \"isSuperAdmin\",\n      type: \"checkbox\",\n      defaultValue: false,\n      label: toLocaleRecord(\n        locales,\n        (locale) => translations[locale]?.fields?.isSuperAdmin?.label,\n      ),\n      admin: {\n        readOnly: true,\n      },\n    },\n    {\n      name: \"roles\",\n      type: \"relationship\",\n      relationTo: \"roles\",\n      hasMany: true,\n      label: toLocaleRecord(\n        locales,\n        (locale) => translations[locale]?.fields?.roles?.label,\n      ),\n    },\n    {\n      name: \"parent\",\n      type: \"relationship\",\n      relationTo: \"users\",\n      label: toLocaleRecord(\n        locales,\n        (locale) => translations[locale]?.fields?.parent?.label,\n      ),\n      filterOptions: ({ id }) => (id ? { id: { not_equals: id } } : true),\n    },\n    {\n      name: \"parentPath\",\n      type: \"text\",\n      index: true,\n      admin: {\n        hidden: true,\n        readOnly: true,\n      },\n    },\n  ];\n};\n\nexport const modifyUsersCollection = (params: UsersModificationParams = {}) => {\n  const { translations = {}, fields: customFields = [] } = params;\n\n  return (incomingConfig: Config): Config => {\n    const config = { ...incomingConfig };\n    const userSlug = config.admin?.user || \"users\";\n\n    const customAdmin = {\n      defaultColumns: [\"email\", \"roles\", \"isSuperAdmin\", \"updatedAt\"],\n      useAsTitle: \"email\",\n      ...config.admin,\n    };\n\n    const pluginFields = getArrayOfMergedFieldAffectingData({\n      defaultFields: buildDefaultFields(translations),\n      fields: customFields,\n    });\n\n    const existing = (config.collections || []).find(\n      (c) => c.slug === userSlug,\n    );\n    const dataScopeOptions = {\n      createdByField: \"id\",\n      usersCollectionSlug: userSlug,\n    } as const;\n\n    const defaultAccess = {\n      create: getPermissionAccess({\n        featureCode: userSlug,\n        actionCode: \"create\",\n      }),\n      update: getPermissionAccess({\n        featureCode: userSlug,\n        actionCode: \"update\",\n        mode: \"modify\",\n        collectionSlug: userSlug,\n        options: dataScopeOptions,\n      }),\n      delete: getPermissionAccess({\n        featureCode: userSlug,\n        actionCode: \"delete\",\n        mode: \"modify\",\n        collectionSlug: userSlug,\n        options: dataScopeOptions,\n      }),\n      read: getPermissionAccess({\n        featureCode: userSlug,\n        actionCode: \"read\",\n        options: dataScopeOptions,\n      }),\n    };\n\n    if (existing) {\n      config.collections = (config.collections || []).map((collection) => {\n        if (collection.slug !== userSlug) {\n          return collection;\n        }\n        return {\n          ...collection,\n          fields: [...collection.fields, ...pluginFields],\n          access: {\n            ...defaultAccess,\n            ...collection.access,\n          },\n          hooks: mergeUserCollectionHooks({\n            existingHooks: collection.hooks,\n            userSlug,\n          }),\n        };\n      });\n    } else {\n      config.collections = [\n        ...(config.collections || []),\n        {\n          slug: userSlug,\n          auth: true,\n          admin: customAdmin,\n          fields: pluginFields,\n          access: defaultAccess,\n          hooks: mergeUserCollectionHooks({ userSlug }),\n        },\n      ];\n    }\n\n    return config;\n  };\n};\n"],"names":["getArrayOfMergedFieldAffectingData","getPermissionAccess","toLocaleRecord","mergeUserCollectionHooks","buildDefaultFields","translations","locales","Object","keys","name","type","defaultValue","label","locale","fields","isSuperAdmin","admin","readOnly","relationTo","hasMany","roles","parent","filterOptions","id","not_equals","index","hidden","modifyUsersCollection","params","customFields","incomingConfig","config","userSlug","user","customAdmin","defaultColumns","useAsTitle","pluginFields","defaultFields","existing","collections","find","c","slug","dataScopeOptions","createdByField","usersCollectionSlug","defaultAccess","create","featureCode","actionCode","update","mode","collectionSlug","options","delete","read","map","collection","access","hooks","existingHooks","auth"],"mappings":"AACA,SACEA,kCAAkC,EAClCC,mBAAmB,EACnBC,cAAc,QACT,2BAA2B;AAClC,SAASC,wBAAwB,QAAQ,mBAAmB;AAM5D,MAAMC,qBAAqB,CACzBC;IAEA,MAAMC,UAAUC,OAAOC,IAAI,CAACH;IAC5B,OAAO;QACL;YACEI,MAAM;YACNC,MAAM;YACNC,cAAc;YACdC,OAAOV,eACLI,SACA,CAACO,SAAWR,YAAY,CAACQ,OAAO,EAAEC,QAAQC,cAAcH;YAE1DI,OAAO;gBACLC,UAAU;YACZ;QACF;QACA;YACER,MAAM;YACNC,MAAM;YACNQ,YAAY;YACZC,SAAS;YACTP,OAAOV,eACLI,SACA,CAACO,SAAWR,YAAY,CAACQ,OAAO,EAAEC,QAAQM,OAAOR;QAErD;QACA;YACEH,MAAM;YACNC,MAAM;YACNQ,YAAY;YACZN,OAAOV,eACLI,SACA,CAACO,SAAWR,YAAY,CAACQ,OAAO,EAAEC,QAAQO,QAAQT;YAEpDU,eAAe,CAAC,EAAEC,EAAE,EAAE,GAAMA,KAAK;oBAAEA,IAAI;wBAAEC,YAAYD;oBAAG;gBAAE,IAAI;QAChE;QACA;YACEd,MAAM;YACNC,MAAM;YACNe,OAAO;YACPT,OAAO;gBACLU,QAAQ;gBACRT,UAAU;YACZ;QACF;KACD;AACH;AAEA,OAAO,MAAMU,wBAAwB,CAACC,SAAkC,CAAC,CAAC;IACxE,MAAM,EAAEvB,eAAe,CAAC,CAAC,EAAES,QAAQe,eAAe,EAAE,EAAE,GAAGD;IAEzD,OAAO,CAACE;QACN,MAAMC,SAAS;YAAE,GAAGD,cAAc;QAAC;QACnC,MAAME,WAAWD,OAAOf,KAAK,EAAEiB,QAAQ;QAEvC,MAAMC,cAAc;YAClBC,gBAAgB;gBAAC;gBAAS;gBAAS;gBAAgB;aAAY;YAC/DC,YAAY;YACZ,GAAGL,OAAOf,KAAK;QACjB;QAEA,MAAMqB,eAAerC,mCAAmC;YACtDsC,eAAelC,mBAAmBC;YAClCS,QAAQe;QACV;QAEA,MAAMU,WAAW,AAACR,CAAAA,OAAOS,WAAW,IAAI,EAAE,AAAD,EAAGC,IAAI,CAC9C,CAACC,IAAMA,EAAEC,IAAI,KAAKX;QAEpB,MAAMY,mBAAmB;YACvBC,gBAAgB;YAChBC,qBAAqBd;QACvB;QAEA,MAAMe,gBAAgB;YACpBC,QAAQ/C,oBAAoB;gBAC1BgD,aAAajB;gBACbkB,YAAY;YACd;YACAC,QAAQlD,oBAAoB;gBAC1BgD,aAAajB;gBACbkB,YAAY;gBACZE,MAAM;gBACNC,gBAAgBrB;gBAChBsB,SAASV;YACX;YACAW,QAAQtD,oBAAoB;gBAC1BgD,aAAajB;gBACbkB,YAAY;gBACZE,MAAM;gBACNC,gBAAgBrB;gBAChBsB,SAASV;YACX;YACAY,MAAMvD,oBAAoB;gBACxBgD,aAAajB;gBACbkB,YAAY;gBACZI,SAASV;YACX;QACF;QAEA,IAAIL,UAAU;YACZR,OAAOS,WAAW,GAAG,AAACT,CAAAA,OAAOS,WAAW,IAAI,EAAE,AAAD,EAAGiB,GAAG,CAAC,CAACC;gBACnD,IAAIA,WAAWf,IAAI,KAAKX,UAAU;oBAChC,OAAO0B;gBACT;gBACA,OAAO;oBACL,GAAGA,UAAU;oBACb5C,QAAQ;2BAAI4C,WAAW5C,MAAM;2BAAKuB;qBAAa;oBAC/CsB,QAAQ;wBACN,GAAGZ,aAAa;wBAChB,GAAGW,WAAWC,MAAM;oBACtB;oBACAC,OAAOzD,yBAAyB;wBAC9B0D,eAAeH,WAAWE,KAAK;wBAC/B5B;oBACF;gBACF;YACF;QACF,OAAO;YACLD,OAAOS,WAAW,GAAG;mBACfT,OAAOS,WAAW,IAAI,EAAE;gBAC5B;oBACEG,MAAMX;oBACN8B,MAAM;oBACN9C,OAAOkB;oBACPpB,QAAQuB;oBACRsB,QAAQZ;oBACRa,OAAOzD,yBAAyB;wBAAE6B;oBAAS;gBAC7C;aACD;QACH;QAEA,OAAOD;IACT;AACF,EAAE"}

package/dist/collections/users/parent-path.js

@@ -0,0 +1,210 @@
+import { PARENT_PATH_SEPARATOR } from "../../lib/constants/user.js";
+import { toID } from "../../lib/utils/data.js";
+const getParentId = (parent)=>{
+    const id = toID(parent ?? undefined);
+    return id || undefined;
+};
+/** Ancestor IDs from root to parent (exclusive of self), e.g. `"1,2"`. */ export const buildParentPathFromParentDoc = (parent)=>{
+    if (!parent?.id) {
+        return "";
+    }
+    const parentId = String(parent.id);
+    const ancestorPath = parent.parentPath?.trim();
+    if (!ancestorPath) {
+        return parentId;
+    }
+    return `${ancestorPath}${PARENT_PATH_SEPARATOR}${parentId}`;
+};
+export const computeParentPath = async ({ parentId, req, userSlug })=>{
+    if (!parentId) {
+        return "";
+    }
+    const parentDoc = await req.payload.findByID({
+        collection: userSlug,
+        id: parentId,
+        depth: 0,
+        req
+    });
+    return buildParentPathFromParentDoc(parentDoc);
+};
+const pathContainsId = (parentPath, id)=>{
+    if (!parentPath) {
+        return false;
+    }
+    return parentPath.split(PARENT_PATH_SEPARATOR).includes(id);
+};
+const validateParentAssignment = async ({ userId, parentId, req, userSlug })=>{
+    if (!parentId) {
+        return true;
+    }
+    if (userId && String(parentId) === String(userId)) {
+        return "A user cannot be their own parent.";
+    }
+    if (!userId) {
+        return true;
+    }
+    const parentDoc = await req.payload.findByID({
+        collection: userSlug,
+        id: parentId,
+        depth: 0,
+        req
+    });
+    const parentPath = parentDoc.parentPath ?? "";
+    if (pathContainsId(parentPath, String(userId))) {
+        return "Cannot assign a descendant as parent (would create a cycle).";
+    }
+    return true;
+};
+const syncDescendantParentPaths = async ({ userId, req, userSlug })=>{
+    const children = await req.payload.find({
+        collection: userSlug,
+        depth: 0,
+        limit: 0,
+        pagination: false,
+        req,
+        where: {
+            parent: {
+                equals: userId
+            }
+        }
+    });
+    for (const child of children.docs){
+        if (!child.id) {
+            continue;
+        }
+        const parentId = getParentId(child.parent);
+        const nextParentPath = await computeParentPath({
+            parentId,
+            req,
+            userSlug
+        });
+        if ((child.parentPath ?? "") === nextParentPath) {
+            await syncDescendantParentPaths({
+                userId: child.id,
+                req,
+                userSlug
+            });
+            continue;
+        }
+        await req.payload.update({
+            collection: userSlug,
+            id: child.id,
+            data: {
+                parentPath: nextParentPath
+            },
+            depth: 0,
+            req,
+            overrideAccess: true
+        });
+        await syncDescendantParentPaths({
+            userId: child.id,
+            req,
+            userSlug
+        });
+    }
+};
+export const createUserParentPathHooks = (userSlug)=>{
+    const beforeChange = async ({ data, req, operation, originalDoc })=>{
+        const incoming = data;
+        const previous = originalDoc;
+        const parentRef = incoming.parent !== undefined ? incoming.parent : operation === "update" ? previous?.parent : undefined;
+        const parentId = getParentId(parentRef);
+        const validation = await validateParentAssignment({
+            userId: operation === "update" ? previous?.id ?? incoming.id : incoming.id,
+            parentId,
+            req,
+            userSlug
+        });
+        if (validation !== true) {
+            throw new Error(validation);
+        }
+        incoming.parentPath = await computeParentPath({
+            parentId,
+            req,
+            userSlug
+        });
+        return incoming;
+    };
+    const afterChange = async ({ doc, previousDoc, req, operation })=>{
+        const current = doc;
+        const previous = previousDoc;
+        if (!current.id) {
+            return doc;
+        }
+        const previousParentId = getParentId(previous?.parent);
+        const nextParentId = getParentId(current.parent);
+        const parentChanged = operation === "create" || previousParentId !== nextParentId;
+        if (parentChanged) {
+            await syncDescendantParentPaths({
+                userId: current.id,
+                req,
+                userSlug
+            });
+        }
+        return doc;
+    };
+    const afterDelete = async ({ doc, req })=>{
+        const deleted = doc;
+        if (!deleted?.id) {
+            return;
+        }
+        const children = await req.payload.find({
+            collection: userSlug,
+            depth: 0,
+            limit: 0,
+            pagination: false,
+            req,
+            where: {
+                parent: {
+                    equals: deleted.id
+                }
+            }
+        });
+        for (const child of children.docs){
+            if (!child.id) {
+                continue;
+            }
+            await req.payload.update({
+                collection: userSlug,
+                id: child.id,
+                data: {
+                    parent: null,
+                    parentPath: ""
+                },
+                depth: 0,
+                req,
+                overrideAccess: true
+            });
+            await syncDescendantParentPaths({
+                userId: child.id,
+                req,
+                userSlug
+            });
+        }
+    };
+    return {
+        beforeChange,
+        afterChange,
+        afterDelete
+    };
+};
+const mergeHookArrays = (existing, added)=>{
+    const base = Array.isArray(existing) ? existing : existing ? [
+        existing
+    ] : [];
+    return [
+        ...base,
+        added
+    ];
+};
+export const mergeUserCollectionHooks = ({ existingHooks, userSlug })=>{
+    const { beforeChange, afterChange, afterDelete } = createUserParentPathHooks(userSlug);
+    return {
+        ...existingHooks,
+        beforeChange: mergeHookArrays(existingHooks?.beforeChange, beforeChange),
+        afterChange: mergeHookArrays(existingHooks?.afterChange, afterChange),
+        afterDelete: mergeHookArrays(existingHooks?.afterDelete, afterDelete)
+    };
+};
+
+//# sourceMappingURL=parent-path.js.map

package/dist/collections/users/parent-path.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/collections/users/parent-path.ts"],"sourcesContent":["import type {\n  CollectionAfterChangeHook,\n  CollectionAfterDeleteHook,\n  CollectionBeforeChangeHook,\n  PayloadRequest,\n} from \"payload\";\nimport { PARENT_PATH_SEPARATOR } from \"../../lib/constants/user.js\";\nimport { toID } from \"../../lib/utils/data.js\";\n\ntype UserDoc = {\n  id?: string | number;\n  parent?: ItemRef;\n  parentPath?: string | null;\n};\n\nconst getParentId = (parent: ItemRef | null | undefined): string | undefined => {\n  const id = toID(parent ?? undefined);\n  return id || undefined;\n};\n\n/** Ancestor IDs from root to parent (exclusive of self), e.g. `\"1,2\"`. */\nexport const buildParentPathFromParentDoc = (\n  parent: UserDoc | null | undefined,\n): string => {\n  if (!parent?.id) {\n    return \"\";\n  }\n\n  const parentId = String(parent.id);\n  const ancestorPath = parent.parentPath?.trim();\n\n  if (!ancestorPath) {\n    return parentId;\n  }\n\n  return `${ancestorPath}${PARENT_PATH_SEPARATOR}${parentId}`;\n};\n\nexport const computeParentPath = async ({\n  parentId,\n  req,\n  userSlug,\n}: {\n  parentId?: string;\n  req: PayloadRequest;\n  userSlug: string;\n}): Promise<string> => {\n  if (!parentId) {\n    return \"\";\n  }\n\n  const parentDoc = await req.payload.findByID({\n    collection: userSlug,\n    id: parentId,\n    depth: 0,\n    req,\n  });\n\n  return buildParentPathFromParentDoc(parentDoc as UserDoc);\n};\n\nconst pathContainsId = (parentPath: string, id: string): boolean => {\n  if (!parentPath) {\n    return false;\n  }\n\n  return parentPath.split(PARENT_PATH_SEPARATOR).includes(id);\n};\n\nconst validateParentAssignment = async ({\n  userId,\n  parentId,\n  req,\n  userSlug,\n}: {\n  userId?: string | number;\n  parentId?: string;\n  req: PayloadRequest;\n  userSlug: string;\n}): Promise<string | true> => {\n  if (!parentId) {\n    return true;\n  }\n\n  if (userId && String(parentId) === String(userId)) {\n    return \"A user cannot be their own parent.\";\n  }\n\n  if (!userId) {\n    return true;\n  }\n\n  const parentDoc = await req.payload.findByID({\n    collection: userSlug,\n    id: parentId,\n    depth: 0,\n    req,\n  });\n\n  const parentPath = (parentDoc as UserDoc).parentPath ?? \"\";\n\n  if (pathContainsId(parentPath, String(userId))) {\n    return \"Cannot assign a descendant as parent (would create a cycle).\";\n  }\n\n  return true;\n};\n\nconst syncDescendantParentPaths = async ({\n  userId,\n  req,\n  userSlug,\n}: {\n  userId: string | number;\n  req: PayloadRequest;\n  userSlug: string;\n}): Promise<void> => {\n  const children = await req.payload.find({\n    collection: userSlug,\n    depth: 0,\n    limit: 0,\n    pagination: false,\n    req,\n    where: {\n      parent: { equals: userId },\n    },\n  });\n\n  for (const child of children.docs as UserDoc[]) {\n    if (!child.id) {\n      continue;\n    }\n\n    const parentId = getParentId(child.parent);\n    const nextParentPath = await computeParentPath({\n      parentId,\n      req,\n      userSlug,\n    });\n\n    if ((child.parentPath ?? \"\") === nextParentPath) {\n      await syncDescendantParentPaths({\n        userId: child.id,\n        req,\n        userSlug,\n      });\n      continue;\n    }\n\n    await req.payload.update({\n      collection: userSlug,\n      id: child.id,\n      data: { parentPath: nextParentPath },\n      depth: 0,\n      req,\n      overrideAccess: true,\n    });\n\n    await syncDescendantParentPaths({\n      userId: child.id,\n      req,\n      userSlug,\n    });\n  }\n};\n\nexport const createUserParentPathHooks = (userSlug: string) => {\n  const beforeChange: CollectionBeforeChangeHook = async ({\n    data,\n    req,\n    operation,\n    originalDoc,\n  }) => {\n    const incoming = data as UserDoc;\n    const previous = originalDoc as UserDoc | undefined;\n\n    const parentRef =\n      incoming.parent !== undefined\n        ? incoming.parent\n        : operation === \"update\"\n          ? previous?.parent\n          : undefined;\n\n    const parentId = getParentId(parentRef);\n\n    const validation = await validateParentAssignment({\n      userId:\n        operation === \"update\"\n          ? (previous?.id ?? incoming.id)\n          : incoming.id,\n      parentId,\n      req,\n      userSlug,\n    });\n\n    if (validation !== true) {\n      throw new Error(validation);\n    }\n\n    incoming.parentPath = await computeParentPath({\n      parentId,\n      req,\n      userSlug,\n    });\n\n    return incoming;\n  };\n\n  const afterChange: CollectionAfterChangeHook = async ({\n    doc,\n    previousDoc,\n    req,\n    operation,\n  }) => {\n    const current = doc as UserDoc;\n    const previous = previousDoc as UserDoc | undefined;\n\n    if (!current.id) {\n      return doc;\n    }\n\n    const previousParentId = getParentId(previous?.parent);\n    const nextParentId = getParentId(current.parent);\n\n    const parentChanged =\n      operation === \"create\" || previousParentId !== nextParentId;\n\n    if (parentChanged) {\n      await syncDescendantParentPaths({\n        userId: current.id,\n        req,\n        userSlug,\n      });\n    }\n\n    return doc;\n  };\n\n  const afterDelete: CollectionAfterDeleteHook = async ({ doc, req }) => {\n    const deleted = doc as UserDoc | undefined;\n\n    if (!deleted?.id) {\n      return;\n    }\n\n    const children = await req.payload.find({\n      collection: userSlug,\n      depth: 0,\n      limit: 0,\n      pagination: false,\n      req,\n      where: {\n        parent: { equals: deleted.id },\n      },\n    });\n\n    for (const child of children.docs as UserDoc[]) {\n      if (!child.id) {\n        continue;\n      }\n\n      await req.payload.update({\n        collection: userSlug,\n        id: child.id,\n        data: {\n          parent: null,\n          parentPath: \"\",\n        },\n        depth: 0,\n        req,\n        overrideAccess: true,\n      });\n\n      await syncDescendantParentPaths({\n        userId: child.id,\n        req,\n        userSlug,\n      });\n    }\n  };\n\n  return { beforeChange, afterChange, afterDelete };\n};\n\nconst mergeHookArrays = <T>(existing: T[] | T | undefined, added: T): T[] => {\n  const base = Array.isArray(existing) ? existing : existing ? [existing] : [];\n  return [...base, added];\n};\n\nexport const mergeUserCollectionHooks = ({\n  existingHooks,\n  userSlug,\n}: {\n  existingHooks?: {\n    beforeChange?: CollectionBeforeChangeHook[] | CollectionBeforeChangeHook;\n    afterChange?: CollectionAfterChangeHook[] | CollectionAfterChangeHook;\n    afterDelete?: CollectionAfterDeleteHook[] | CollectionAfterDeleteHook;\n  };\n  userSlug: string;\n}) => {\n  const { beforeChange, afterChange, afterDelete } =\n    createUserParentPathHooks(userSlug);\n\n  return {\n    ...existingHooks,\n    beforeChange: mergeHookArrays(existingHooks?.beforeChange, beforeChange),\n    afterChange: mergeHookArrays(existingHooks?.afterChange, afterChange),\n    afterDelete: mergeHookArrays(existingHooks?.afterDelete, afterDelete),\n  };\n};\n"],"names":["PARENT_PATH_SEPARATOR","toID","getParentId","parent","id","undefined","buildParentPathFromParentDoc","parentId","String","ancestorPath","parentPath","trim","computeParentPath","req","userSlug","parentDoc","payload","findByID","collection","depth","pathContainsId","split","includes","validateParentAssignment","userId","syncDescendantParentPaths","children","find","limit","pagination","where","equals","child","docs","nextParentPath","update","data","overrideAccess","createUserParentPathHooks","beforeChange","operation","originalDoc","incoming","previous","parentRef","validation","Error","afterChange","doc","previousDoc","current","previousParentId","nextParentId","parentChanged","afterDelete","deleted","mergeHookArrays","existing","added","base","Array","isArray","mergeUserCollectionHooks","existingHooks"],"mappings":"AAMA,SAASA,qBAAqB,QAAQ,8BAA8B;AACpE,SAASC,IAAI,QAAQ,0BAA0B;AAQ/C,MAAMC,cAAc,CAACC;IACnB,MAAMC,KAAKH,KAAKE,UAAUE;IAC1B,OAAOD,MAAMC;AACf;AAEA,wEAAwE,GACxE,OAAO,MAAMC,+BAA+B,CAC1CH;IAEA,IAAI,CAACA,QAAQC,IAAI;QACf,OAAO;IACT;IAEA,MAAMG,WAAWC,OAAOL,OAAOC,EAAE;IACjC,MAAMK,eAAeN,OAAOO,UAAU,EAAEC;IAExC,IAAI,CAACF,cAAc;QACjB,OAAOF;IACT;IAEA,OAAO,GAAGE,eAAeT,wBAAwBO,UAAU;AAC7D,EAAE;AAEF,OAAO,MAAMK,oBAAoB,OAAO,EACtCL,QAAQ,EACRM,GAAG,EACHC,QAAQ,EAKT;IACC,IAAI,CAACP,UAAU;QACb,OAAO;IACT;IAEA,MAAMQ,YAAY,MAAMF,IAAIG,OAAO,CAACC,QAAQ,CAAC;QAC3CC,YAAYJ;QACZV,IAAIG;QACJY,OAAO;QACPN;IACF;IAEA,OAAOP,6BAA6BS;AACtC,EAAE;AAEF,MAAMK,iBAAiB,CAACV,YAAoBN;IAC1C,IAAI,CAACM,YAAY;QACf,OAAO;IACT;IAEA,OAAOA,WAAWW,KAAK,CAACrB,uBAAuBsB,QAAQ,CAAClB;AAC1D;AAEA,MAAMmB,2BAA2B,OAAO,EACtCC,MAAM,EACNjB,QAAQ,EACRM,GAAG,EACHC,QAAQ,EAMT;IACC,IAAI,CAACP,UAAU;QACb,OAAO;IACT;IAEA,IAAIiB,UAAUhB,OAAOD,cAAcC,OAAOgB,SAAS;QACjD,OAAO;IACT;IAEA,IAAI,CAACA,QAAQ;QACX,OAAO;IACT;IAEA,MAAMT,YAAY,MAAMF,IAAIG,OAAO,CAACC,QAAQ,CAAC;QAC3CC,YAAYJ;QACZV,IAAIG;QACJY,OAAO;QACPN;IACF;IAEA,MAAMH,aAAa,AAACK,UAAsBL,UAAU,IAAI;IAExD,IAAIU,eAAeV,YAAYF,OAAOgB,UAAU;QAC9C,OAAO;IACT;IAEA,OAAO;AACT;AAEA,MAAMC,4BAA4B,OAAO,EACvCD,MAAM,EACNX,GAAG,EACHC,QAAQ,EAKT;IACC,MAAMY,WAAW,MAAMb,IAAIG,OAAO,CAACW,IAAI,CAAC;QACtCT,YAAYJ;QACZK,OAAO;QACPS,OAAO;QACPC,YAAY;QACZhB;QACAiB,OAAO;YACL3B,QAAQ;gBAAE4B,QAAQP;YAAO;QAC3B;IACF;IAEA,KAAK,MAAMQ,SAASN,SAASO,IAAI,CAAe;QAC9C,IAAI,CAACD,MAAM5B,EAAE,EAAE;YACb;QACF;QAEA,MAAMG,WAAWL,YAAY8B,MAAM7B,MAAM;QACzC,MAAM+B,iBAAiB,MAAMtB,kBAAkB;YAC7CL;YACAM;YACAC;QACF;QAEA,IAAI,AAACkB,CAAAA,MAAMtB,UAAU,IAAI,EAAC,MAAOwB,gBAAgB;YAC/C,MAAMT,0BAA0B;gBAC9BD,QAAQQ,MAAM5B,EAAE;gBAChBS;gBACAC;YACF;YACA;QACF;QAEA,MAAMD,IAAIG,OAAO,CAACmB,MAAM,CAAC;YACvBjB,YAAYJ;YACZV,IAAI4B,MAAM5B,EAAE;YACZgC,MAAM;gBAAE1B,YAAYwB;YAAe;YACnCf,OAAO;YACPN;YACAwB,gBAAgB;QAClB;QAEA,MAAMZ,0BAA0B;YAC9BD,QAAQQ,MAAM5B,EAAE;YAChBS;YACAC;QACF;IACF;AACF;AAEA,OAAO,MAAMwB,4BAA4B,CAACxB;IACxC,MAAMyB,eAA2C,OAAO,EACtDH,IAAI,EACJvB,GAAG,EACH2B,SAAS,EACTC,WAAW,EACZ;QACC,MAAMC,WAAWN;QACjB,MAAMO,WAAWF;QAEjB,MAAMG,YACJF,SAASvC,MAAM,KAAKE,YAChBqC,SAASvC,MAAM,GACfqC,cAAc,WACZG,UAAUxC,SACVE;QAER,MAAME,WAAWL,YAAY0C;QAE7B,MAAMC,aAAa,MAAMtB,yBAAyB;YAChDC,QACEgB,cAAc,WACTG,UAAUvC,MAAMsC,SAAStC,EAAE,GAC5BsC,SAAStC,EAAE;YACjBG;YACAM;YACAC;QACF;QAEA,IAAI+B,eAAe,MAAM;YACvB,MAAM,IAAIC,MAAMD;QAClB;QAEAH,SAAShC,UAAU,GAAG,MAAME,kBAAkB;YAC5CL;YACAM;YACAC;QACF;QAEA,OAAO4B;IACT;IAEA,MAAMK,cAAyC,OAAO,EACpDC,GAAG,EACHC,WAAW,EACXpC,GAAG,EACH2B,SAAS,EACV;QACC,MAAMU,UAAUF;QAChB,MAAML,WAAWM;QAEjB,IAAI,CAACC,QAAQ9C,EAAE,EAAE;YACf,OAAO4C;QACT;QAEA,MAAMG,mBAAmBjD,YAAYyC,UAAUxC;QAC/C,MAAMiD,eAAelD,YAAYgD,QAAQ/C,MAAM;QAE/C,MAAMkD,gBACJb,cAAc,YAAYW,qBAAqBC;QAEjD,IAAIC,eAAe;YACjB,MAAM5B,0BAA0B;gBAC9BD,QAAQ0B,QAAQ9C,EAAE;gBAClBS;gBACAC;YACF;QACF;QAEA,OAAOkC;IACT;IAEA,MAAMM,cAAyC,OAAO,EAAEN,GAAG,EAAEnC,GAAG,EAAE;QAChE,MAAM0C,UAAUP;QAEhB,IAAI,CAACO,SAASnD,IAAI;YAChB;QACF;QAEA,MAAMsB,WAAW,MAAMb,IAAIG,OAAO,CAACW,IAAI,CAAC;YACtCT,YAAYJ;YACZK,OAAO;YACPS,OAAO;YACPC,YAAY;YACZhB;YACAiB,OAAO;gBACL3B,QAAQ;oBAAE4B,QAAQwB,QAAQnD,EAAE;gBAAC;YAC/B;QACF;QAEA,KAAK,MAAM4B,SAASN,SAASO,IAAI,CAAe;YAC9C,IAAI,CAACD,MAAM5B,EAAE,EAAE;gBACb;YACF;YAEA,MAAMS,IAAIG,OAAO,CAACmB,MAAM,CAAC;gBACvBjB,YAAYJ;gBACZV,IAAI4B,MAAM5B,EAAE;gBACZgC,MAAM;oBACJjC,QAAQ;oBACRO,YAAY;gBACd;gBACAS,OAAO;gBACPN;gBACAwB,gBAAgB;YAClB;YAEA,MAAMZ,0BAA0B;gBAC9BD,QAAQQ,MAAM5B,EAAE;gBAChBS;gBACAC;YACF;QACF;IACF;IAEA,OAAO;QAAEyB;QAAcQ;QAAaO;IAAY;AAClD,EAAE;AAEF,MAAME,kBAAkB,CAAIC,UAA+BC;IACzD,MAAMC,OAAOC,MAAMC,OAAO,CAACJ,YAAYA,WAAWA,WAAW;QAACA;KAAS,GAAG,EAAE;IAC5E,OAAO;WAAIE;QAAMD;KAAM;AACzB;AAEA,OAAO,MAAMI,2BAA2B,CAAC,EACvCC,aAAa,EACbjD,QAAQ,EAQT;IACC,MAAM,EAAEyB,YAAY,EAAEQ,WAAW,EAAEO,WAAW,EAAE,GAC9ChB,0BAA0BxB;IAE5B,OAAO;QACL,GAAGiD,aAAa;QAChBxB,cAAciB,gBAAgBO,eAAexB,cAAcA;QAC3DQ,aAAaS,gBAAgBO,eAAehB,aAAaA;QACzDO,aAAaE,gBAAgBO,eAAeT,aAAaA;IAC3D;AACF,EAAE"}

package/dist/collections/users/types.js

@@ -0,0 +1,3 @@
+export { };
+
+//# sourceMappingURL=types.js.map

package/dist/collections/users/types.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/collections/users/types.ts"],"sourcesContent":["import type { Field } from \"payload\";\n\nexport type UsersModificationTranslations = {\n  [locale: string]: {\n    fields?: {\n      isSuperAdmin?: {\n        label?: string;\n      };\n      roles?: {\n        label?: string;\n        placeholder?: string;\n      };\n      parent?: {\n        label?: string;\n        placeholder?: string;\n      };\n    };\n  };\n};\n\nexport type UsersModificationParams = {\n  translations?: UsersModificationTranslations;\n  fields?: Field[];\n  rolesSlug?: string;\n};\n"],"names":[],"mappings":"AAoBA,WAIE"}

package/dist/components/role-permission-matrix-client/default-data.js

@@ -0,0 +1,23 @@
+export const rolePermissionMatrixClientDefaultTranslations = {
+    en: {
+        viewInUpdateScreenOnly: {
+            label: "View permission matrix in update screen only"
+        },
+        loading: {
+            placeholder: "Loading permission matrix..."
+        },
+        title: "Permission Matrix",
+        features: {
+            label: "Features"
+        },
+        actions: {
+            label: "Actions",
+            create: "Create",
+            read: "Read",
+            update: "Update",
+            delete: "Delete"
+        }
+    }
+};
+
+//# sourceMappingURL=default-data.js.map

package/dist/components/role-permission-matrix-client/default-data.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/components/role-permission-matrix-client/default-data.ts"],"sourcesContent":["import type { RolePermissionMatrixClientTranslations } from \"./types.js\"\n\nexport const rolePermissionMatrixClientDefaultTranslations: RolePermissionMatrixClientTranslations =\n  {\n    en: {\n      viewInUpdateScreenOnly: {\n        label: \"View permission matrix in update screen only\",\n      },\n      loading: {\n        placeholder: \"Loading permission matrix...\",\n      },\n      title: \"Permission Matrix\",\n      features: {\n        label: \"Features\",\n      },\n      actions: {\n        label: \"Actions\",\n        create: \"Create\",\n        read: \"Read\",\n        update: \"Update\",\n        delete: \"Delete\",\n      },\n    },\n  }\n"],"names":["rolePermissionMatrixClientDefaultTranslations","en","viewInUpdateScreenOnly","label","loading","placeholder","title","features","actions","create","read","update","delete"],"mappings":"AAEA,OAAO,MAAMA,gDACX;IACEC,IAAI;QACFC,wBAAwB;YACtBC,OAAO;QACT;QACAC,SAAS;YACPC,aAAa;QACf;QACAC,OAAO;QACPC,UAAU;YACRJ,OAAO;QACT;QACAK,SAAS;YACPL,OAAO;YACPM,QAAQ;YACRC,MAAM;YACNC,QAAQ;YACRC,QAAQ;QACV;IACF;AACF,EAAC"}