clawfire 0.1.0

package/README.md

@@ -0,0 +1,182 @@
+# Clawfire
+
+**AI-First Firebase App Framework — Speak. Build. Deploy.**
+
+Clawfire는 "말하면 완성되는 Firebase 앱 플랫폼"입니다. 코드를 작성하지 않고, AI(Claude Skills)에게 말하며 앱을 만듭니다.
+
+## Features
+
+- **Contract-based API** — Zod 스키마로 input/output 계약 정의
+- **File-based Routing** — `app/routes/` 디렉터리 = API 경로
+- **Auto Client Generation** — 타입 안전한 `api.xxx.yyy()` 클라이언트 자동 생성
+- **Firebase-Only Stack** — Firestore, Auth, Functions, Hosting 완전 통합
+- **Security by Default** — 입력 검증, CORS, Rate Limit, 로그 마스킹 기본 제공
+- **AI Skills System** — `/clawfire-*` 커맨드로 프로젝트 관리
+- **API Playground** — 웹 기반 API 탐색기 내장
+- **Auto Security Rules** — 모델 정의에서 Firestore Rules 자동 생성
+
+## Quick Start
+
+```bash
+# 새 프로젝트 초기화
+npx clawfire init
+
+# 또는 기존 프로젝트에 설치
+npm install clawfire
+```
+
+## Usage
+
+### Define a Model
+
+```typescript
+// app/schemas/product.ts
+import { defineModel } from "clawfire";
+
+export const Product = defineModel({
+  collection: "products",
+  fields: {
+    name: { type: "string", required: true },
+    price: { type: "number", required: true },
+    category: { type: "string", enum: ["electronics", "clothing"] },
+  },
+  timestamps: true,
+  rules: {
+    read: "public",
+    create: "role",
+    createRoles: ["admin"],
+  },
+});
+```
+
+### Define an API
+
+```typescript
+// app/routes/products/list.ts
+import { defineAPI, z } from "clawfire";
+
+export default defineAPI({
+  input: z.object({
+    category: z.string().optional(),
+    limit: z.number().default(20),
+  }),
+  output: z.object({
+    products: z.array(z.object({
+      id: z.string(),
+      name: z.string(),
+      price: z.number(),
+    })),
+    hasMore: z.boolean(),
+  }),
+  meta: {
+    description: "상품 목록 조회",
+    auth: "public",
+    tags: ["products"],
+  },
+  handler: async (input, ctx) => {
+    // Your business logic here
+    return { products: [], hasMore: false };
+  },
+});
+```
+
+### Server Setup (Firebase Functions)
+
+```typescript
+// functions/index.ts
+import * as admin from "firebase-admin";
+import * as functions from "firebase-functions";
+import { createRouter, createAdminDB, createSecurityMiddleware } from "clawfire/functions";
+
+admin.initializeApp();
+const db = createAdminDB(admin.firestore());
+
+const router = createRouter({
+  auth: admin.auth(),
+  cors: ["https://myapp.web.app"],
+  middleware: createSecurityMiddleware(),
+});
+
+// Register routes
+import listProducts from "../app/routes/products/list";
+router.register("/products/list", listProducts);
+
+export const api = functions.https.onRequest((req, res) => {
+  router.handleRequest(req as any, res as any);
+});
+```
+
+### Client Usage
+
+```typescript
+// Generated api-client.ts provides typed access
+import { api, configureClient } from "./generated/api-client";
+import { getAuth } from "firebase/auth";
+
+configureClient("https://us-central1-myapp.cloudfunctions.net", async () => {
+  const user = getAuth().currentUser;
+  return user ? user.getIdToken() : null;
+});
+
+const result = await api.products.list({ category: "electronics", limit: 10 });
+```
+
+## Project Structure
+
+```
+app/
+  routes/           API route handlers (file-based routing)
+  schemas/          Model definitions (Firestore collections)
+generated/          Auto-generated files (DO NOT EDIT)
+  api-client.ts     Typed API client
+  manifest.json     API manifest
+functions/          Firebase Functions entry point
+public/             Static files for Firebase Hosting
+firebase.json       Firebase config
+firestore.rules     Firestore security rules
+clawfire.config.ts  Clawfire configuration
+```
+
+## AI Skills (Claude Code)
+
+| Command | Description |
+|---------|-------------|
+| `/clawfire-init` | Initialize project / connect Firebase |
+| `/clawfire-model` | Create/modify data models |
+| `/clawfire-api` | Create/modify APIs |
+| `/clawfire-auth` | Configure authentication |
+| `/clawfire-deploy` | Deploy to Firebase |
+| `/clawfire-diagnose` | Diagnose and fix issues |
+
+## Auth Levels
+
+| Level | Description |
+|-------|-------------|
+| `public` | No authentication required |
+| `authenticated` | Login required |
+| `role` | Specific role required |
+| `reauth` | Recent re-authentication required |
+
+## Exports
+
+| Path | Description |
+|------|-------------|
+| `clawfire` | Core types, defineAPI, defineModel, Zod |
+| `clawfire/functions` | Server-side: Router, DB, Auth, Security |
+| `clawfire/client` | Client-side: Auth helpers |
+| `clawfire/admin` | Admin: Rules, Indexes, User management |
+| `clawfire/codegen` | Code generation utilities |
+| `clawfire/playground` | Playground HTML generator |
+
+## Tech Stack (Fixed)
+
+- **DB**: Firestore
+- **Auth**: Firebase Auth
+- **Hosting**: Firebase Hosting
+- **Backend**: Firebase Functions
+- **Schema**: Zod
+- **Language**: TypeScript
+
+## License
+
+MIT

package/dist/admin.cjs

@@ -0,0 +1,309 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/admin.ts
+var admin_exports = {};
+__export(admin_exports, {
+  defineModel: () => defineModel,
+  generateDefaultRules: () => generateDefaultRules,
+  generateFirebaseJson: () => generateFirebaseJson,
+  generateFirestoreIndexes: () => generateFirestoreIndexes,
+  generateFirestoreRules: () => generateFirestoreRules,
+  getUserRole: () => getUserRole,
+  modelToZodSchema: () => modelToZodSchema,
+  setCustomClaims: () => setCustomClaims,
+  setUserRole: () => setUserRole
+});
+module.exports = __toCommonJS(admin_exports);
+
+// src/firebase/rules.ts
+function generateFirestoreRules(models) {
+  const rules = [];
+  rules.push("rules_version = '2';");
+  rules.push("service cloud.firestore {");
+  rules.push("  match /databases/{database}/documents {");
+  rules.push("");
+  rules.push("    // \u2500\u2500 Helper Functions \u2500\u2500");
+  rules.push("    function isAuthenticated() {");
+  rules.push("      return request.auth != null;");
+  rules.push("    }");
+  rules.push("");
+  rules.push("    function isOwner(userId) {");
+  rules.push("      return isAuthenticated() && request.auth.uid == userId;");
+  rules.push("    }");
+  rules.push("");
+  rules.push("    function hasRole(role) {");
+  rules.push("      return isAuthenticated() && request.auth.token.role == role;");
+  rules.push("    }");
+  rules.push("");
+  rules.push("    function hasAnyRole(roles) {");
+  rules.push("      return isAuthenticated() && request.auth.token.role in roles;");
+  rules.push("    }");
+  rules.push("");
+  rules.push("    function isRecentAuth() {");
+  rules.push("      return request.auth.token.auth_time > (request.time - duration.value(5, 'm'));");
+  rules.push("    }");
+  rules.push("");
+  for (const [name, model] of Object.entries(models)) {
+    rules.push(`    // \u2500\u2500 ${name} \u2500\u2500`);
+    rules.push(`    match /${model.collection}/{docId} {`);
+    const modelRules = model.rules || { read: "authenticated", create: "authenticated", update: "authenticated", delete: "authenticated" };
+    rules.push(`      allow read: if ${buildRuleCondition(modelRules, "read", model)};`);
+    rules.push(`      allow create: if ${buildRuleCondition(modelRules, "create", model)};`);
+    rules.push(`      allow update: if ${buildRuleCondition(modelRules, "update", model)};`);
+    rules.push(`      allow delete: if ${buildRuleCondition(modelRules, "delete", model)};`);
+    if (model.subcollections) {
+      for (const [subName, subModel] of Object.entries(model.subcollections)) {
+        rules.push("");
+        rules.push(`      // ${subName}`);
+        rules.push(`      match /${subModel.collection}/{subDocId} {`);
+        const subRules = subModel.rules || { read: "authenticated", create: "authenticated", update: "authenticated", delete: "authenticated" };
+        rules.push(`        allow read: if ${buildRuleCondition(subRules, "read", subModel)};`);
+        rules.push(`        allow create: if ${buildRuleCondition(subRules, "create", subModel)};`);
+        rules.push(`        allow update: if ${buildRuleCondition(subRules, "update", subModel)};`);
+        rules.push(`        allow delete: if ${buildRuleCondition(subRules, "delete", subModel)};`);
+        rules.push("      }");
+      }
+    }
+    rules.push("    }");
+    rules.push("");
+  }
+  rules.push("  }");
+  rules.push("}");
+  return rules.join("\n");
+}
+function buildRuleCondition(rules, operation, model) {
+  const level = rules[operation] || "authenticated";
+  const roles = rules[`${operation}Roles`];
+  const ownerField = rules.ownerField;
+  const conditions = [];
+  switch (level) {
+    case "public":
+      return "true";
+    case "authenticated":
+      conditions.push("isAuthenticated()");
+      break;
+    case "role":
+      if (roles && roles.length > 0) {
+        if (roles.length === 1) {
+          conditions.push(`hasRole('${roles[0]}')`);
+        } else {
+          conditions.push(`hasAnyRole(${JSON.stringify(roles)})`);
+        }
+      } else {
+        conditions.push("isAuthenticated()");
+      }
+      break;
+    case "reauth":
+      conditions.push("isAuthenticated()");
+      conditions.push("isRecentAuth()");
+      break;
+  }
+  if (ownerField && (operation === "read" || operation === "update" || operation === "delete")) {
+    const ownerCondition = operation === "read" ? `resource.data.${ownerField} == request.auth.uid` : `resource.data.${ownerField} == request.auth.uid`;
+    if (conditions.length > 0) {
+      return `(${conditions.join(" && ")}) || (isAuthenticated() && ${ownerCondition})`;
+    }
+    return `isAuthenticated() && ${ownerCondition}`;
+  }
+  if (ownerField && operation === "create") {
+    conditions.push(`request.resource.data.${ownerField} == request.auth.uid`);
+  }
+  return conditions.join(" && ") || "false";
+}
+function generateFirestoreIndexes(models) {
+  const indexes = [];
+  for (const model of Object.values(models)) {
+    if (model.indexes) {
+      for (const index of model.indexes) {
+        indexes.push({
+          collectionGroup: model.collection,
+          queryScope: "COLLECTION",
+          fields: index.fields.map((f) => ({
+            fieldPath: f.field,
+            order: (f.order || "asc").toUpperCase()
+          }))
+        });
+      }
+    }
+  }
+  return { indexes };
+}
+
+// src/firebase/hosting.ts
+function generateFirebaseJson(config) {
+  return {
+    hosting: {
+      public: "public",
+      ignore: ["firebase.json", "**/.*", "**/node_modules/**"],
+      rewrites: [
+        {
+          source: "/api/**",
+          function: "api"
+        },
+        {
+          source: "**",
+          destination: "/index.html"
+        }
+      ],
+      headers: [
+        {
+          source: "/api/**",
+          headers: [
+            { key: "Cache-Control", value: "no-store" },
+            { key: "X-Content-Type-Options", value: "nosniff" },
+            { key: "X-Frame-Options", value: "DENY" },
+            { key: "X-XSS-Protection", value: "1; mode=block" },
+            { key: "Referrer-Policy", value: "strict-origin-when-cross-origin" }
+          ]
+        },
+        {
+          source: "**/*.@(js|css|svg|png|jpg|jpeg|gif|ico|webp|woff|woff2)",
+          headers: [
+            { key: "Cache-Control", value: "public, max-age=31536000, immutable" }
+          ]
+        }
+      ]
+    },
+    functions: {
+      source: "functions",
+      runtime: "nodejs20",
+      codebase: "clawfire"
+    },
+    firestore: {
+      rules: "firestore.rules",
+      indexes: "firestore.indexes.json"
+    },
+    emulators: {
+      functions: { port: 5001 },
+      firestore: { port: 8080 },
+      auth: { port: 9099 },
+      hosting: { port: 5e3 },
+      ui: { enabled: true, port: 4e3 }
+    }
+  };
+}
+function generateDefaultRules() {
+  return `rules_version = '2';
+service cloud.firestore {
+  match /databases/{database}/documents {
+
+    // Helper functions
+    function isAuthenticated() {
+      return request.auth != null;
+    }
+
+    function isOwner(userId) {
+      return isAuthenticated() && request.auth.uid == userId;
+    }
+
+    function hasRole(role) {
+      return isAuthenticated() && request.auth.token.role == role;
+    }
+
+    // Default: deny all
+    match /{document=**} {
+      allow read, write: if false;
+    }
+  }
+}
+`;
+}
+
+// src/firebase/auth.ts
+async function setUserRole(auth, uid, role) {
+  const user = await auth.getUser(uid);
+  const currentClaims = user.customClaims || {};
+  await auth.setCustomUserClaims(uid, { ...currentClaims, role });
+}
+async function getUserRole(auth, uid) {
+  const user = await auth.getUser(uid);
+  return user.customClaims?.role;
+}
+async function setCustomClaims(auth, uid, claims) {
+  const user = await auth.getUser(uid);
+  const currentClaims = user.customClaims || {};
+  await auth.setCustomUserClaims(uid, { ...currentClaims, ...claims });
+}
+
+// src/core/schema.ts
+var import_zod = require("zod");
+function defineModel(definition) {
+  return {
+    timestamps: true,
+    ...definition
+  };
+}
+function modelToZodSchema(model) {
+  const shape = {};
+  for (const [key, field] of Object.entries(model.fields)) {
+    let fieldSchema = fieldToZod(field);
+    if (!field.required) {
+      fieldSchema = fieldSchema.optional();
+    }
+    shape[key] = fieldSchema;
+  }
+  if (model.timestamps) {
+    shape.createdAt = import_zod.z.string().datetime().optional();
+    shape.updatedAt = import_zod.z.string().datetime().optional();
+  }
+  if (model.softDelete) {
+    shape.deletedAt = import_zod.z.string().datetime().nullable().optional();
+  }
+  return import_zod.z.object(shape);
+}
+function fieldToZod(field) {
+  switch (field.type) {
+    case "string":
+      if (field.enum) return import_zod.z.enum(field.enum);
+      return import_zod.z.string();
+    case "number":
+      return import_zod.z.number();
+    case "boolean":
+      return import_zod.z.boolean();
+    case "timestamp":
+      return import_zod.z.string().datetime();
+    case "array":
+      if (field.items) return import_zod.z.array(fieldToZod(field.items));
+      return import_zod.z.array(import_zod.z.unknown());
+    case "map":
+      if (field.values) return import_zod.z.record(import_zod.z.string(), fieldToZod(field.values));
+      return import_zod.z.record(import_zod.z.string(), import_zod.z.unknown());
+    case "reference":
+      return import_zod.z.string();
+    // 참조는 문서 경로 문자열
+    case "geopoint":
+      return import_zod.z.object({ latitude: import_zod.z.number(), longitude: import_zod.z.number() });
+    default:
+      return import_zod.z.unknown();
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  defineModel,
+  generateDefaultRules,
+  generateFirebaseJson,
+  generateFirestoreIndexes,
+  generateFirestoreRules,
+  getUserRole,
+  modelToZodSchema,
+  setCustomClaims,
+  setUserRole
+});
+//# sourceMappingURL=admin.cjs.map

package/dist/admin.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/admin.ts","../src/firebase/rules.ts","../src/firebase/hosting.ts","../src/firebase/auth.ts","../src/core/schema.ts"],"sourcesContent":["/**\n * Clawfire Admin Entry Point\n *\n * Rules 생성, 인덱스 생성, 모델 관리 등 관리 도구\n *\n * @example\n * ```ts\n * import { generateFirestoreRules, generateFirestoreIndexes } from \"clawfire/admin\";\n * ```\n */\n\nexport {\n  generateFirestoreRules,\n  generateFirestoreIndexes,\n} from \"./firebase/rules.js\";\n\nexport {\n  generateFirebaseJson,\n  generateDefaultRules,\n  type FirebaseJsonConfig,\n} from \"./firebase/hosting.js\";\n\nexport {\n  setUserRole,\n  getUserRole,\n  setCustomClaims,\n} from \"./firebase/auth.js\";\n\nexport {\n  defineModel,\n  modelToZodSchema,\n  type ModelDefinition,\n  type ModelField,\n  type ModelIndex,\n  type ModelRules,\n} from \"./core/index.js\";\n","/**\n * Clawfire Security Rules Generator\n *\n * 모델 정의에서 Firestore Security Rules 자동 생성\n */\nimport type { ModelDefinition, ModelRules, AuthLevel } from \"../core/schema.js\";\n\n/**\n * 모델 정의 배열에서 Firestore Security Rules 생성\n */\nexport function generateFirestoreRules(\n  models: Record<string, ModelDefinition>,\n): string {\n  const rules: string[] = [];\n  rules.push(\"rules_version = '2';\");\n  rules.push(\"service cloud.firestore {\");\n  rules.push(\"  match /databases/{database}/documents {\");\n  rules.push(\"\");\n  rules.push(\"    // ── Helper Functions ──\");\n  rules.push(\"    function isAuthenticated() {\");\n  rules.push(\"      return request.auth != null;\");\n  rules.push(\"    }\");\n  rules.push(\"\");\n  rules.push(\"    function isOwner(userId) {\");\n  rules.push(\"      return isAuthenticated() && request.auth.uid == userId;\");\n  rules.push(\"    }\");\n  rules.push(\"\");\n  rules.push(\"    function hasRole(role) {\");\n  rules.push(\"      return isAuthenticated() && request.auth.token.role == role;\");\n  rules.push(\"    }\");\n  rules.push(\"\");\n  rules.push(\"    function hasAnyRole(roles) {\");\n  rules.push(\"      return isAuthenticated() && request.auth.token.role in roles;\");\n  rules.push(\"    }\");\n  rules.push(\"\");\n  rules.push(\"    function isRecentAuth() {\");\n  rules.push(\"      return request.auth.token.auth_time > (request.time - duration.value(5, 'm'));\");\n  rules.push(\"    }\");\n  rules.push(\"\");\n\n  for (const [name, model] of Object.entries(models)) {\n    rules.push(`    // ── ${name} ──`);\n    rules.push(`    match /${model.collection}/{docId} {`);\n\n    const modelRules = model.rules || { read: \"authenticated\" as AuthLevel, create: \"authenticated\" as AuthLevel, update: \"authenticated\" as AuthLevel, delete: \"authenticated\" as AuthLevel };\n\n    rules.push(`      allow read: if ${buildRuleCondition(modelRules, \"read\", model)};`);\n    rules.push(`      allow create: if ${buildRuleCondition(modelRules, \"create\", model)};`);\n    rules.push(`      allow update: if ${buildRuleCondition(modelRules, \"update\", model)};`);\n    rules.push(`      allow delete: if ${buildRuleCondition(modelRules, \"delete\", model)};`);\n\n    // 서브컬렉션\n    if (model.subcollections) {\n      for (const [subName, subModel] of Object.entries(model.subcollections)) {\n        rules.push(\"\");\n        rules.push(`      // ${subName}`);\n        rules.push(`      match /${subModel.collection}/{subDocId} {`);\n        const subRules = subModel.rules || { read: \"authenticated\" as AuthLevel, create: \"authenticated\" as AuthLevel, update: \"authenticated\" as AuthLevel, delete: \"authenticated\" as AuthLevel };\n        rules.push(`        allow read: if ${buildRuleCondition(subRules, \"read\", subModel)};`);\n        rules.push(`        allow create: if ${buildRuleCondition(subRules, \"create\", subModel)};`);\n        rules.push(`        allow update: if ${buildRuleCondition(subRules, \"update\", subModel)};`);\n        rules.push(`        allow delete: if ${buildRuleCondition(subRules, \"delete\", subModel)};`);\n        rules.push(\"      }\");\n      }\n    }\n\n    rules.push(\"    }\");\n    rules.push(\"\");\n  }\n\n  rules.push(\"  }\");\n  rules.push(\"}\");\n\n  return rules.join(\"\\n\");\n}\n\nfunction buildRuleCondition(\n  rules: ModelRules,\n  operation: \"read\" | \"create\" | \"update\" | \"delete\",\n  model: ModelDefinition,\n): string {\n  const level = rules[operation] || \"authenticated\";\n  const roles = rules[`${operation}Roles` as keyof ModelRules] as string[] | undefined;\n  const ownerField = rules.ownerField;\n\n  const conditions: string[] = [];\n\n  switch (level) {\n    case \"public\":\n      return \"true\";\n\n    case \"authenticated\":\n      conditions.push(\"isAuthenticated()\");\n      break;\n\n    case \"role\":\n      if (roles && roles.length > 0) {\n        if (roles.length === 1) {\n          conditions.push(`hasRole('${roles[0]}')`);\n        } else {\n          conditions.push(`hasAnyRole(${JSON.stringify(roles)})`);\n        }\n      } else {\n        conditions.push(\"isAuthenticated()\");\n      }\n      break;\n\n    case \"reauth\":\n      conditions.push(\"isAuthenticated()\");\n      conditions.push(\"isRecentAuth()\");\n      break;\n  }\n\n  // 소유자 기반 접근 제어\n  if (ownerField && (operation === \"read\" || operation === \"update\" || operation === \"delete\")) {\n    const ownerCondition = operation === \"read\"\n      ? `resource.data.${ownerField} == request.auth.uid`\n      : `resource.data.${ownerField} == request.auth.uid`;\n\n    if (conditions.length > 0) {\n      // 소유자이거나 권한이 있는 경우\n      return `(${conditions.join(\" && \")}) || (isAuthenticated() && ${ownerCondition})`;\n    }\n    return `isAuthenticated() && ${ownerCondition}`;\n  }\n\n  if (ownerField && operation === \"create\") {\n    conditions.push(`request.resource.data.${ownerField} == request.auth.uid`);\n  }\n\n  return conditions.join(\" && \") || \"false\";\n}\n\n/**\n * 모델 정의에서 Firestore 인덱스 설정 생성 (firestore.indexes.json 형식)\n */\nexport function generateFirestoreIndexes(\n  models: Record<string, ModelDefinition>,\n): { indexes: Array<{ collectionGroup: string; queryScope: string; fields: Array<{ fieldPath: string; order?: string }> }> } {\n  const indexes: Array<{\n    collectionGroup: string;\n    queryScope: string;\n    fields: Array<{ fieldPath: string; order?: string }>;\n  }> = [];\n\n  for (const model of Object.values(models)) {\n    if (model.indexes) {\n      for (const index of model.indexes) {\n        indexes.push({\n          collectionGroup: model.collection,\n          queryScope: \"COLLECTION\",\n          fields: index.fields.map((f) => ({\n            fieldPath: f.field,\n            order: (f.order || \"asc\").toUpperCase(),\n          })),\n        });\n      }\n    }\n  }\n\n  return { indexes };\n}\n","/**\n * Clawfire Firebase Hosting & firebase.json Config Generator\n */\nimport type { ClawfireConfig } from \"../core/config.js\";\n\nexport interface FirebaseJsonConfig {\n  hosting?: {\n    public: string;\n    ignore: string[];\n    rewrites?: Array<{ source: string; function?: string; destination?: string }>;\n    headers?: Array<{ source: string; headers: Array<{ key: string; value: string }> }>;\n  };\n  functions?: {\n    source: string;\n    runtime?: string;\n    codebase?: string;\n  } | Array<{\n    source: string;\n    codebase: string;\n    runtime?: string;\n  }>;\n  firestore?: {\n    rules: string;\n    indexes: string;\n  };\n  emulators?: {\n    functions?: { port: number };\n    firestore?: { port: number };\n    auth?: { port: number };\n    hosting?: { port: number };\n    ui?: { enabled: boolean; port?: number };\n  };\n}\n\n/**\n * firebase.json 설정 생성\n */\nexport function generateFirebaseJson(config?: Partial<ClawfireConfig>): FirebaseJsonConfig {\n  return {\n    hosting: {\n      public: \"public\",\n      ignore: [\"firebase.json\", \"**/.*\", \"**/node_modules/**\"],\n      rewrites: [\n        {\n          source: \"/api/**\",\n          function: \"api\",\n        },\n        {\n          source: \"**\",\n          destination: \"/index.html\",\n        },\n      ],\n      headers: [\n        {\n          source: \"/api/**\",\n          headers: [\n            { key: \"Cache-Control\", value: \"no-store\" },\n            { key: \"X-Content-Type-Options\", value: \"nosniff\" },\n            { key: \"X-Frame-Options\", value: \"DENY\" },\n            { key: \"X-XSS-Protection\", value: \"1; mode=block\" },\n            { key: \"Referrer-Policy\", value: \"strict-origin-when-cross-origin\" },\n          ],\n        },\n        {\n          source: \"**/*.@(js|css|svg|png|jpg|jpeg|gif|ico|webp|woff|woff2)\",\n          headers: [\n            { key: \"Cache-Control\", value: \"public, max-age=31536000, immutable\" },\n          ],\n        },\n      ],\n    },\n    functions: {\n      source: \"functions\",\n      runtime: \"nodejs20\",\n      codebase: \"clawfire\",\n    },\n    firestore: {\n      rules: \"firestore.rules\",\n      indexes: \"firestore.indexes.json\",\n    },\n    emulators: {\n      functions: { port: 5001 },\n      firestore: { port: 8080 },\n      auth: { port: 9099 },\n      hosting: { port: 5000 },\n      ui: { enabled: true, port: 4000 },\n    },\n  };\n}\n\n/**\n * 기본 Firestore rules 파일 내용 생성\n */\nexport function generateDefaultRules(): string {\n  return `rules_version = '2';\nservice cloud.firestore {\n  match /databases/{database}/documents {\n\n    // Helper functions\n    function isAuthenticated() {\n      return request.auth != null;\n    }\n\n    function isOwner(userId) {\n      return isAuthenticated() && request.auth.uid == userId;\n    }\n\n    function hasRole(role) {\n      return isAuthenticated() && request.auth.token.role == role;\n    }\n\n    // Default: deny all\n    match /{document=**} {\n      allow read, write: if false;\n    }\n  }\n}\n`;\n}\n","/**\n * Clawfire Auth Helpers\n *\n * Firebase Auth 통합: 토큰 검증, 역할 관리, 재인증\n */\nimport type { AuthContext, AuthLevel } from \"../core/schema.js\";\nimport { Errors } from \"../core/errors.js\";\n\n// ─── Server-side Auth (Admin SDK) ────────────────────────────────────\n\n/**\n * Firebase ID 토큰에서 AuthContext 추출 (서버사이드)\n */\nexport async function verifyToken(\n  auth: any, // firebase-admin Auth instance\n  idToken: string,\n): Promise<AuthContext> {\n  const decoded = await auth.verifyIdToken(idToken);\n  return {\n    uid: decoded.uid,\n    email: decoded.email,\n    emailVerified: decoded.email_verified,\n    role: decoded.role || decoded.customClaims?.role,\n    customClaims: decoded,\n    token: idToken,\n  };\n}\n\n/**\n * 재인증 토큰 검증 (최근 5분 이내 인증)\n */\nexport async function verifyReauth(\n  auth: any,\n  idToken: string,\n  maxAgeSeconds = 300,\n): Promise<AuthContext> {\n  const decoded = await auth.verifyIdToken(idToken, true);\n  const authTime = decoded.auth_time * 1000;\n  const now = Date.now();\n\n  if (now - authTime > maxAgeSeconds * 1000) {\n    throw Errors.reauthRequired(\n      `Re-authentication required. Last auth was ${Math.floor((now - authTime) / 1000)}s ago.`,\n    );\n  }\n\n  return {\n    uid: decoded.uid,\n    email: decoded.email,\n    emailVerified: decoded.email_verified,\n    role: decoded.role || decoded.customClaims?.role,\n    customClaims: decoded,\n    token: idToken,\n  };\n}\n\n/**\n * 요청에서 Authorization 헤더의 Bearer 토큰 추출\n */\nexport function extractBearerToken(authHeader?: string): string | null {\n  if (!authHeader) return null;\n  const parts = authHeader.split(\" \");\n  if (parts.length !== 2 || parts[0] !== \"Bearer\") return null;\n  return parts[1];\n}\n\n/**\n * 인증 수준 체크\n */\nexport function checkAuthLevel(\n  authCtx: AuthContext | null,\n  level: AuthLevel,\n  roles?: string[],\n  reauthenticated?: boolean,\n): void {\n  switch (level) {\n    case \"public\":\n      return; // 누구나 접근 가능\n\n    case \"authenticated\":\n      if (!authCtx) throw Errors.unauthorized();\n      return;\n\n    case \"role\":\n      if (!authCtx) throw Errors.unauthorized();\n      if (!roles || roles.length === 0) return;\n      if (!authCtx.role || !roles.includes(authCtx.role)) {\n        throw Errors.forbidden(`Required role: ${roles.join(\" or \")}`);\n      }\n      return;\n\n    case \"reauth\":\n      if (!authCtx) throw Errors.unauthorized();\n      if (!reauthenticated) {\n        throw Errors.reauthRequired();\n      }\n      return;\n  }\n}\n\n// ─── Custom Claims / Role Management ─────────────────────────────────\n\n/**\n * 사용자에게 역할(Role) 설정\n */\nexport async function setUserRole(\n  auth: any,\n  uid: string,\n  role: string,\n): Promise<void> {\n  const user = await auth.getUser(uid);\n  const currentClaims = user.customClaims || {};\n  await auth.setCustomUserClaims(uid, { ...currentClaims, role });\n}\n\n/**\n * 사용자의 역할 조회\n */\nexport async function getUserRole(auth: any, uid: string): Promise<string | undefined> {\n  const user = await auth.getUser(uid);\n  return user.customClaims?.role;\n}\n\n/**\n * 사용자에게 커스텀 클레임 설정\n */\nexport async function setCustomClaims(\n  auth: any,\n  uid: string,\n  claims: Record<string, unknown>,\n): Promise<void> {\n  const user = await auth.getUser(uid);\n  const currentClaims = user.customClaims || {};\n  await auth.setCustomUserClaims(uid, { ...currentClaims, ...claims });\n}\n\n// ─── Client-side Auth Helpers ────────────────────────────────────────\n\n/**\n * 클라이언트 사이드 Auth 헬퍼 (firebase/auth 래핑)\n */\nexport function createClientAuth(firebaseAuth: any) {\n  return {\n    /** 현재 사용자 조회 */\n    getCurrentUser(): any | null {\n      return firebaseAuth.currentUser;\n    },\n\n    /** ID 토큰 취득 */\n    async getIdToken(forceRefresh = false): Promise<string | null> {\n      const user = firebaseAuth.currentUser;\n      if (!user) return null;\n      return user.getIdToken(forceRefresh);\n    },\n\n    /** 인증 상태 변경 리스너 */\n    onAuthStateChanged(callback: (user: any | null) => void): () => void {\n      return firebaseAuth.onAuthStateChanged(callback);\n    },\n\n    /** 로그아웃 */\n    async signOut(): Promise<void> {\n      await firebaseAuth.signOut();\n    },\n\n    /** 원시 auth 접근 */\n    raw: firebaseAuth,\n  };\n}\n\nexport type ClientAuth = ReturnType<typeof createClientAuth>;\n","/**\n * Clawfire Schema & Contract System\n *\n * 모든 API는 input/output schema + meta + handler로 구성된 \"계약(Contract)\"으로 정의됩니다.\n * Zod를 사용하여 타입 안전성과 런타임 검증을 동시에 보장합니다.\n */\nimport { z, type ZodType, type ZodObject, type ZodRawShape } from \"zod\";\n\n// ─── Types ───────────────────────────────────────────────────────────\n\n/** 인증 컨텍스트 */\nexport interface AuthContext {\n  uid: string;\n  email?: string;\n  emailVerified?: boolean;\n  role?: string;\n  customClaims?: Record<string, unknown>;\n  token?: string;\n}\n\n/** API 핸들러에 전달되는 컨텍스트 */\nexport interface HandlerContext {\n  auth: AuthContext | null;\n  /** 재인증 여부 (민감 작업용) */\n  reauthenticated?: boolean;\n  /** 원본 요청 헤더 */\n  headers?: Record<string, string>;\n  /** 요청 IP */\n  ip?: string;\n}\n\n/** 권한 수준 */\nexport type AuthLevel = \"public\" | \"authenticated\" | \"role\" | \"reauth\";\n\n/** API 메타데이터 */\nexport interface APIMeta {\n  /** API 설명 (AI/Playground용) */\n  description: string;\n  /** 태그 (그룹화용) */\n  tags?: string[];\n  /** 인증 요구 수준 */\n  auth?: AuthLevel;\n  /** 필요 역할 (auth가 'role'일 때) */\n  roles?: string[];\n  /** 재인증 필요 여부 */\n  reauth?: boolean;\n  /** Rate limit (초당 요청 수) */\n  rateLimit?: number;\n  /** 비활성화 여부 */\n  deprecated?: boolean;\n  /** 예시 입력값 */\n  exampleInput?: unknown;\n  /** 예시 출력값 */\n  exampleOutput?: unknown;\n}\n\n/** API 계약 정의 */\nexport interface APIContract<\n  TInput extends ZodType = ZodType,\n  TOutput extends ZodType = ZodType,\n> {\n  /** 입력 스키마 */\n  input: TInput;\n  /** 출력 스키마 */\n  output: TOutput;\n  /** 메타데이터 */\n  meta: APIMeta;\n  /** 핸들러 함수 */\n  handler: (\n    input: z.infer<TInput>,\n    ctx: HandlerContext,\n  ) => Promise<z.infer<TOutput>>;\n}\n\n/** 모델 필드 정의 */\nexport interface ModelField {\n  type: \"string\" | \"number\" | \"boolean\" | \"timestamp\" | \"array\" | \"map\" | \"reference\" | \"geopoint\";\n  required?: boolean;\n  description?: string;\n  default?: unknown;\n  /** 배열 아이템 타입 */\n  items?: ModelField;\n  /** 맵 값 타입 */\n  values?: ModelField;\n  /** 참조 대상 컬렉션 */\n  ref?: string;\n  /** enum 값 리스트 */\n  enum?: string[];\n}\n\n/** 모델 정의 */\nexport interface ModelDefinition {\n  /** 컬렉션 이름 */\n  collection: string;\n  /** 필드 정의 */\n  fields: Record<string, ModelField>;\n  /** 서브컬렉션 */\n  subcollections?: Record<string, ModelDefinition>;\n  /** 인덱스 */\n  indexes?: ModelIndex[];\n  /** 보안 규칙 */\n  rules?: ModelRules;\n  /** 타임스탬프 자동 생성 */\n  timestamps?: boolean;\n  /** 소프트 삭제 */\n  softDelete?: boolean;\n}\n\n/** Firestore 인덱스 */\nexport interface ModelIndex {\n  fields: Array<{ field: string; order?: \"asc\" | \"desc\" }>;\n}\n\n/** 모델 보안 규칙 */\nexport interface ModelRules {\n  read?: AuthLevel;\n  create?: AuthLevel;\n  update?: AuthLevel;\n  delete?: AuthLevel;\n  readRoles?: string[];\n  createRoles?: string[];\n  updateRoles?: string[];\n  deleteRoles?: string[];\n  /** 소유자만 읽기/쓰기 가능 필드 */\n  ownerField?: string;\n}\n\n// ─── Builders ────────────────────────────────────────────────────────\n\n/**\n * API 계약 정의\n *\n * @example\n * ```ts\n * export default defineAPI({\n *   input: z.object({ name: z.string() }),\n *   output: z.object({ id: z.string(), name: z.string() }),\n *   meta: { description: \"상품 생성\", auth: \"authenticated\" },\n *   handler: async (input, ctx) => {\n *     const id = await db.create(\"products\", input);\n *     return { id, ...input };\n *   }\n * });\n * ```\n */\nexport function defineAPI<\n  TInput extends ZodType,\n  TOutput extends ZodType,\n>(contract: APIContract<TInput, TOutput>): APIContract<TInput, TOutput> {\n  return contract;\n}\n\n/**\n * 모델(Firestore 컬렉션) 정의\n *\n * @example\n * ```ts\n * export const Product = defineModel({\n *   collection: \"products\",\n *   fields: {\n *     name: { type: \"string\", required: true },\n *     price: { type: \"number\", required: true },\n *     tags: { type: \"array\", items: { type: \"string\" } },\n *   },\n *   timestamps: true,\n *   rules: { read: \"public\", create: \"authenticated\" }\n * });\n * ```\n */\nexport function defineModel(definition: ModelDefinition): ModelDefinition {\n  return {\n    timestamps: true,\n    ...definition,\n  };\n}\n\n// ─── Schema Utilities ────────────────────────────────────────────────\n\n/** Zod 스키마에서 JSON Schema 생성 (Playground/문서용) */\nexport function zodToJsonSchema(schema: ZodType): Record<string, unknown> {\n  return extractZodShape(schema);\n}\n\nfunction extractZodShape(schema: ZodType): Record<string, unknown> {\n  const def = (schema as any)._def;\n\n  if (!def) return { type: \"unknown\" };\n\n  switch (def.typeName) {\n    case \"ZodObject\": {\n      const shape = (schema as ZodObject<ZodRawShape>).shape;\n      const properties: Record<string, unknown> = {};\n      const required: string[] = [];\n\n      for (const [key, value] of Object.entries(shape)) {\n        properties[key] = extractZodShape(value as ZodType);\n        if (!(value as any).isOptional?.()) {\n          const innerDef = (value as any)._def;\n          if (innerDef?.typeName !== \"ZodOptional\" && innerDef?.typeName !== \"ZodDefault\") {\n            required.push(key);\n          }\n        }\n      }\n\n      return { type: \"object\", properties, ...(required.length > 0 ? { required } : {}) };\n    }\n    case \"ZodString\":\n      return { type: \"string\", ...(def.checks?.length ? extractStringChecks(def.checks) : {}) };\n    case \"ZodNumber\":\n      return { type: \"number\" };\n    case \"ZodBoolean\":\n      return { type: \"boolean\" };\n    case \"ZodArray\":\n      return { type: \"array\", items: extractZodShape(def.type) };\n    case \"ZodEnum\":\n      return { type: \"string\", enum: def.values };\n    case \"ZodOptional\":\n      return { ...extractZodShape(def.innerType), optional: true };\n    case \"ZodDefault\":\n      return { ...extractZodShape(def.innerType), default: def.defaultValue() };\n    case \"ZodNullable\":\n      return { ...extractZodShape(def.innerType), nullable: true };\n    case \"ZodLiteral\":\n      return { type: typeof def.value, const: def.value };\n    case \"ZodUnion\":\n      return { oneOf: def.options.map((o: ZodType) => extractZodShape(o)) };\n    case \"ZodRecord\":\n      return { type: \"object\", additionalProperties: extractZodShape(def.valueType) };\n    case \"ZodDate\":\n      return { type: \"string\", format: \"date-time\" };\n    default:\n      return { type: \"unknown\" };\n  }\n}\n\nfunction extractStringChecks(checks: Array<{ kind: string; value?: unknown }>): Record<string, unknown> {\n  const result: Record<string, unknown> = {};\n  for (const check of checks) {\n    switch (check.kind) {\n      case \"min\": result.minLength = check.value; break;\n      case \"max\": result.maxLength = check.value; break;\n      case \"email\": result.format = \"email\"; break;\n      case \"url\": result.format = \"uri\"; break;\n      case \"uuid\": result.format = \"uuid\"; break;\n    }\n  }\n  return result;\n}\n\n/** 모델 정의에서 Zod 스키마 자동 생성 */\nexport function modelToZodSchema(model: ModelDefinition): ZodObject<ZodRawShape> {\n  const shape: ZodRawShape = {};\n\n  for (const [key, field] of Object.entries(model.fields)) {\n    let fieldSchema: ZodType = fieldToZod(field);\n    if (!field.required) {\n      fieldSchema = fieldSchema.optional();\n    }\n    shape[key] = fieldSchema;\n  }\n\n  if (model.timestamps) {\n    shape.createdAt = z.string().datetime().optional();\n    shape.updatedAt = z.string().datetime().optional();\n  }\n\n  if (model.softDelete) {\n    shape.deletedAt = z.string().datetime().nullable().optional();\n  }\n\n  return z.object(shape);\n}\n\nfunction fieldToZod(field: ModelField): ZodType {\n  switch (field.type) {\n    case \"string\":\n      if (field.enum) return z.enum(field.enum as [string, ...string[]]);\n      return z.string();\n    case \"number\":\n      return z.number();\n    case \"boolean\":\n      return z.boolean();\n    case \"timestamp\":\n      return z.string().datetime();\n    case \"array\":\n      if (field.items) return z.array(fieldToZod(field.items));\n      return z.array(z.unknown());\n    case \"map\":\n      if (field.values) return z.record(z.string(), fieldToZod(field.values));\n      return z.record(z.string(), z.unknown());\n    case \"reference\":\n      return z.string(); // 참조는 문서 경로 문자열\n    case \"geopoint\":\n      return z.object({ latitude: z.number(), longitude: z.number() });\n    default:\n      return z.unknown();\n  }\n}\n\n// ─── Manifest ────────────────────────────────────────────────────────\n\n/** API 매니페스트 항목 */\nexport interface ManifestEntry {\n  path: string;\n  method: \"POST\"; // Clawfire는 모두 POST\n  meta: APIMeta;\n  inputSchema: Record<string, unknown>;\n  outputSchema: Record<string, unknown>;\n}\n\n/** 전체 매니페스트 */\nexport interface Manifest {\n  version: string;\n  generatedAt: string;\n  apis: ManifestEntry[];\n  models: Record<string, ModelDefinition>;\n}\n\n/** 계약에서 매니페스트 항목 생성 */\nexport function contractToManifest(\n  path: string,\n  contract: APIContract,\n): ManifestEntry {\n  return {\n    path,\n    method: \"POST\",\n    meta: contract.meta,\n    inputSchema: zodToJsonSchema(contract.input),\n    outputSchema: zodToJsonSchema(contract.output),\n  };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACUO,SAAS,uBACd,QACQ;AACR,QAAM,QAAkB,CAAC;AACzB,QAAM,KAAK,sBAAsB;AACjC,QAAM,KAAK,2BAA2B;AACtC,QAAM,KAAK,2CAA2C;AACtD,QAAM,KAAK,EAAE;AACb,QAAM,KAAK,mDAA+B;AAC1C,QAAM,KAAK,kCAAkC;AAC7C,QAAM,KAAK,oCAAoC;AAC/C,QAAM,KAAK,OAAO;AAClB,QAAM,KAAK,EAAE;AACb,QAAM,KAAK,gCAAgC;AAC3C,QAAM,KAAK,+DAA+D;AAC1E,QAAM,KAAK,OAAO;AAClB,QAAM,KAAK,EAAE;AACb,QAAM,KAAK,8BAA8B;AACzC,QAAM,KAAK,oEAAoE;AAC/E,QAAM,KAAK,OAAO;AAClB,QAAM,KAAK,EAAE;AACb,QAAM,KAAK,kCAAkC;AAC7C,QAAM,KAAK,qEAAqE;AAChF,QAAM,KAAK,OAAO;AAClB,QAAM,KAAK,EAAE;AACb,QAAM,KAAK,+BAA+B;AAC1C,QAAM,KAAK,sFAAsF;AACjG,QAAM,KAAK,OAAO;AAClB,QAAM,KAAK,EAAE;AAEb,aAAW,CAAC,MAAM,KAAK,KAAK,OAAO,QAAQ,MAAM,GAAG;AAClD,UAAM,KAAK,uBAAa,IAAI,eAAK;AACjC,UAAM,KAAK,cAAc,MAAM,UAAU,YAAY;AAErD,UAAM,aAAa,MAAM,SAAS,EAAE,MAAM,iBAA8B,QAAQ,iBAA8B,QAAQ,iBAA8B,QAAQ,gBAA6B;AAEzL,UAAM,KAAK,wBAAwB,mBAAmB,YAAY,QAAQ,KAAK,CAAC,GAAG;AACnF,UAAM,KAAK,0BAA0B,mBAAmB,YAAY,UAAU,KAAK,CAAC,GAAG;AACvF,UAAM,KAAK,0BAA0B,mBAAmB,YAAY,UAAU,KAAK,CAAC,GAAG;AACvF,UAAM,KAAK,0BAA0B,mBAAmB,YAAY,UAAU,KAAK,CAAC,GAAG;AAGvF,QAAI,MAAM,gBAAgB;AACxB,iBAAW,CAAC,SAAS,QAAQ,KAAK,OAAO,QAAQ,MAAM,cAAc,GAAG;AACtE,cAAM,KAAK,EAAE;AACb,cAAM,KAAK,YAAY,OAAO,EAAE;AAChC,cAAM,KAAK,gBAAgB,SAAS,UAAU,eAAe;AAC7D,cAAM,WAAW,SAAS,SAAS,EAAE,MAAM,iBAA8B,QAAQ,iBAA8B,QAAQ,iBAA8B,QAAQ,gBAA6B;AAC1L,cAAM,KAAK,0BAA0B,mBAAmB,UAAU,QAAQ,QAAQ,CAAC,GAAG;AACtF,cAAM,KAAK,4BAA4B,mBAAmB,UAAU,UAAU,QAAQ,CAAC,GAAG;AAC1F,cAAM,KAAK,4BAA4B,mBAAmB,UAAU,UAAU,QAAQ,CAAC,GAAG;AAC1F,cAAM,KAAK,4BAA4B,mBAAmB,UAAU,UAAU,QAAQ,CAAC,GAAG;AAC1F,cAAM,KAAK,SAAS;AAAA,MACtB;AAAA,IACF;AAEA,UAAM,KAAK,OAAO;AAClB,UAAM,KAAK,EAAE;AAAA,EACf;AAEA,QAAM,KAAK,KAAK;AAChB,QAAM,KAAK,GAAG;AAEd,SAAO,MAAM,KAAK,IAAI;AACxB;AAEA,SAAS,mBACP,OACA,WACA,OACQ;AACR,QAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,QAAM,QAAQ,MAAM,GAAG,SAAS,OAA2B;AAC3D,QAAM,aAAa,MAAM;AAEzB,QAAM,aAAuB,CAAC;AAE9B,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IAET,KAAK;AACH,iBAAW,KAAK,mBAAmB;AACnC;AAAA,IAEF,KAAK;AACH,UAAI,SAAS,MAAM,SAAS,GAAG;AAC7B,YAAI,MAAM,WAAW,GAAG;AACtB,qBAAW,KAAK,YAAY,MAAM,CAAC,CAAC,IAAI;AAAA,QAC1C,OAAO;AACL,qBAAW,KAAK,cAAc,KAAK,UAAU,KAAK,CAAC,GAAG;AAAA,QACxD;AAAA,MACF,OAAO;AACL,mBAAW,KAAK,mBAAmB;AAAA,MACrC;AACA;AAAA,IAEF,KAAK;AACH,iBAAW,KAAK,mBAAmB;AACnC,iBAAW,KAAK,gBAAgB;AAChC;AAAA,EACJ;AAGA,MAAI,eAAe,cAAc,UAAU,cAAc,YAAY,cAAc,WAAW;AAC5F,UAAM,iBAAiB,cAAc,SACjC,iBAAiB,UAAU,yBAC3B,iBAAiB,UAAU;AAE/B,QAAI,WAAW,SAAS,GAAG;AAEzB,aAAO,IAAI,WAAW,KAAK,MAAM,CAAC,8BAA8B,cAAc;AAAA,IAChF;AACA,WAAO,wBAAwB,cAAc;AAAA,EAC/C;AAEA,MAAI,cAAc,cAAc,UAAU;AACxC,eAAW,KAAK,yBAAyB,UAAU,sBAAsB;AAAA,EAC3E;AAEA,SAAO,WAAW,KAAK,MAAM,KAAK;AACpC;AAKO,SAAS,yBACd,QAC2H;AAC3H,QAAM,UAID,CAAC;AAEN,aAAW,SAAS,OAAO,OAAO,MAAM,GAAG;AACzC,QAAI,MAAM,SAAS;AACjB,iBAAW,SAAS,MAAM,SAAS;AACjC,gBAAQ,KAAK;AAAA,UACX,iBAAiB,MAAM;AAAA,UACvB,YAAY;AAAA,UACZ,QAAQ,MAAM,OAAO,IAAI,CAAC,OAAO;AAAA,YAC/B,WAAW,EAAE;AAAA,YACb,QAAQ,EAAE,SAAS,OAAO,YAAY;AAAA,UACxC,EAAE;AAAA,QACJ,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAEA,SAAO,EAAE,QAAQ;AACnB;;;AC5HO,SAAS,qBAAqB,QAAsD;AACzF,SAAO;AAAA,IACL,SAAS;AAAA,MACP,QAAQ;AAAA,MACR,QAAQ,CAAC,iBAAiB,SAAS,oBAAoB;AAAA,MACvD,UAAU;AAAA,QACR;AAAA,UACE,QAAQ;AAAA,UACR,UAAU;AAAA,QACZ;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,QACf;AAAA,MACF;AAAA,MACA,SAAS;AAAA,QACP;AAAA,UACE,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,EAAE,KAAK,iBAAiB,OAAO,WAAW;AAAA,YAC1C,EAAE,KAAK,0BAA0B,OAAO,UAAU;AAAA,YAClD,EAAE,KAAK,mBAAmB,OAAO,OAAO;AAAA,YACxC,EAAE,KAAK,oBAAoB,OAAO,gBAAgB;AAAA,YAClD,EAAE,KAAK,mBAAmB,OAAO,kCAAkC;AAAA,UACrE;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,EAAE,KAAK,iBAAiB,OAAO,sCAAsC;AAAA,UACvE;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,WAAW;AAAA,MACT,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,UAAU;AAAA,IACZ;AAAA,IACA,WAAW;AAAA,MACT,OAAO;AAAA,MACP,SAAS;AAAA,IACX;AAAA,IACA,WAAW;AAAA,MACT,WAAW,EAAE,MAAM,KAAK;AAAA,MACxB,WAAW,EAAE,MAAM,KAAK;AAAA,MACxB,MAAM,EAAE,MAAM,KAAK;AAAA,MACnB,SAAS,EAAE,MAAM,IAAK;AAAA,MACtB,IAAI,EAAE,SAAS,MAAM,MAAM,IAAK;AAAA,IAClC;AAAA,EACF;AACF;AAKO,SAAS,uBAA+B;AAC7C,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAwBT;;;ACbA,eAAsB,YACpB,MACA,KACA,MACe;AACf,QAAM,OAAO,MAAM,KAAK,QAAQ,GAAG;AACnC,QAAM,gBAAgB,KAAK,gBAAgB,CAAC;AAC5C,QAAM,KAAK,oBAAoB,KAAK,EAAE,GAAG,eAAe,KAAK,CAAC;AAChE;AAKA,eAAsB,YAAY,MAAW,KAA0C;AACrF,QAAM,OAAO,MAAM,KAAK,QAAQ,GAAG;AACnC,SAAO,KAAK,cAAc;AAC5B;AAKA,eAAsB,gBACpB,MACA,KACA,QACe;AACf,QAAM,OAAO,MAAM,KAAK,QAAQ,GAAG;AACnC,QAAM,gBAAgB,KAAK,gBAAgB,CAAC;AAC5C,QAAM,KAAK,oBAAoB,KAAK,EAAE,GAAG,eAAe,GAAG,OAAO,CAAC;AACrE;;;AChIA,iBAAkE;AAmK3D,SAAS,YAAY,YAA8C;AACxE,SAAO;AAAA,IACL,YAAY;AAAA,IACZ,GAAG;AAAA,EACL;AACF;AA4EO,SAAS,iBAAiB,OAAgD;AAC/E,QAAM,QAAqB,CAAC;AAE5B,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,MAAM,MAAM,GAAG;AACvD,QAAI,cAAuB,WAAW,KAAK;AAC3C,QAAI,CAAC,MAAM,UAAU;AACnB,oBAAc,YAAY,SAAS;AAAA,IACrC;AACA,UAAM,GAAG,IAAI;AAAA,EACf;AAEA,MAAI,MAAM,YAAY;AACpB,UAAM,YAAY,aAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AACjD,UAAM,YAAY,aAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACnD;AAEA,MAAI,MAAM,YAAY;AACpB,UAAM,YAAY,aAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS;AAAA,EAC9D;AAEA,SAAO,aAAE,OAAO,KAAK;AACvB;AAEA,SAAS,WAAW,OAA4B;AAC9C,UAAQ,MAAM,MAAM;AAAA,IAClB,KAAK;AACH,UAAI,MAAM,KAAM,QAAO,aAAE,KAAK,MAAM,IAA6B;AACjE,aAAO,aAAE,OAAO;AAAA,IAClB,KAAK;AACH,aAAO,aAAE,OAAO;AAAA,IAClB,KAAK;AACH,aAAO,aAAE,QAAQ;AAAA,IACnB,KAAK;AACH,aAAO,aAAE,OAAO,EAAE,SAAS;AAAA,IAC7B,KAAK;AACH,UAAI,MAAM,MAAO,QAAO,aAAE,MAAM,WAAW,MAAM,KAAK,CAAC;AACvD,aAAO,aAAE,MAAM,aAAE,QAAQ,CAAC;AAAA,IAC5B,KAAK;AACH,UAAI,MAAM,OAAQ,QAAO,aAAE,OAAO,aAAE,OAAO,GAAG,WAAW,MAAM,MAAM,CAAC;AACtE,aAAO,aAAE,OAAO,aAAE,OAAO,GAAG,aAAE,QAAQ,CAAC;AAAA,IACzC,KAAK;AACH,aAAO,aAAE,OAAO;AAAA;AAAA,IAClB,KAAK;AACH,aAAO,aAAE,OAAO,EAAE,UAAU,aAAE,OAAO,GAAG,WAAW,aAAE,OAAO,EAAE,CAAC;AAAA,IACjE;AACE,aAAO,aAAE,QAAQ;AAAA,EACrB;AACF;","names":[]}

package/dist/admin.d.cts

@@ -0,0 +1,93 @@
+import { e as ModelDefinition } from './schema-BJsictSV.cjs';
+export { f as ModelField, i as ModelIndex, j as ModelRules, h as defineModel, m as modelToZodSchema } from './schema-BJsictSV.cjs';
+import { C as ClawfireConfig } from './config-QMBJRn9G.cjs';
+export { g as getUserRole, s as setCustomClaims, b as setUserRole } from './auth-DQ3cifhb.cjs';
+import 'zod';
+
+/**
+ * Clawfire Security Rules Generator
+ *
+ * 모델 정의에서 Firestore Security Rules 자동 생성
+ */
+
+/**
+ * 모델 정의 배열에서 Firestore Security Rules 생성
+ */
+declare function generateFirestoreRules(models: Record<string, ModelDefinition>): string;
+/**
+ * 모델 정의에서 Firestore 인덱스 설정 생성 (firestore.indexes.json 형식)
+ */
+declare function generateFirestoreIndexes(models: Record<string, ModelDefinition>): {
+    indexes: Array<{
+        collectionGroup: string;
+        queryScope: string;
+        fields: Array<{
+            fieldPath: string;
+            order?: string;
+        }>;
+    }>;
+};
+
+/**
+ * Clawfire Firebase Hosting & firebase.json Config Generator
+ */
+
+interface FirebaseJsonConfig {
+    hosting?: {
+        public: string;
+        ignore: string[];
+        rewrites?: Array<{
+            source: string;
+            function?: string;
+            destination?: string;
+        }>;
+        headers?: Array<{
+            source: string;
+            headers: Array<{
+                key: string;
+                value: string;
+            }>;
+        }>;
+    };
+    functions?: {
+        source: string;
+        runtime?: string;
+        codebase?: string;
+    } | Array<{
+        source: string;
+        codebase: string;
+        runtime?: string;
+    }>;
+    firestore?: {
+        rules: string;
+        indexes: string;
+    };
+    emulators?: {
+        functions?: {
+            port: number;
+        };
+        firestore?: {
+            port: number;
+        };
+        auth?: {
+            port: number;
+        };
+        hosting?: {
+            port: number;
+        };
+        ui?: {
+            enabled: boolean;
+            port?: number;
+        };
+    };
+}
+/**
+ * firebase.json 설정 생성
+ */
+declare function generateFirebaseJson(config?: Partial<ClawfireConfig>): FirebaseJsonConfig;
+/**
+ * 기본 Firestore rules 파일 내용 생성
+ */
+declare function generateDefaultRules(): string;
+
+export { type FirebaseJsonConfig, ModelDefinition, generateDefaultRules, generateFirebaseJson, generateFirestoreIndexes, generateFirestoreRules };