dineway 0.1.3 → 0.1.5

package/src/astro/routes/api/admin/hitl-requests/[id]/resolve.ts

@@ -0,0 +1,54 @@
+/**
+ * Admin HITL request resolution
+ *
+ * POST /_dineway/api/admin/hitl-requests/:id/resolve - Approve or reject a generic HITL request
+ */
+
+import { Role } from "@dineway-ai/auth";
+import type { APIRoute } from "astro";
+
+import { apiError, handleError, requireDb, unwrapResult } from "#api/error.js";
+import { handleHitlRequestResolve } from "#api/handlers/hitl-requests.js";
+import { logHitlRouteActivity, resolveHitlRouteActor } from "#api/hitl-route-helpers.js";
+import { isParseError, parseBody } from "#api/parse.js";
+import { hitlRequestResolveBody } from "#api/schemas.js";
+
+export const prerender = false;
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!id) {
+		return apiError("VALIDATION_ERROR", "HITL request ID required", 400);
+	}
+
+	const dbErr = requireDb(dineway?.db);
+	if (dbErr) return dbErr;
+
+	if (!user || user.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	try {
+		const body = await parseBody(request, hitlRequestResolveBody);
+		if (isParseError(body)) return body;
+
+		const actor = resolveHitlRouteActor(locals);
+		const result = await handleHitlRequestResolve(dineway.db, id, {
+			decision: body.decision,
+			reviewNote: body.reviewNote,
+			actor: actor.access,
+		});
+		if (!result.success) return unwrapResult(result);
+
+		await logHitlRouteActivity(dineway.db, locals, {
+			actionType: body.decision === "approved" ? "hitl.approved" : "hitl.rejected",
+			item: result.data.item,
+		});
+
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to resolve HITL request", "WORKFLOW_HITL_RESOLVE_ERROR");
+	}
+};

package/src/astro/routes/api/admin/hitl-requests/index.ts

@@ -0,0 +1,38 @@
+/**
+ * Admin HITL requests
+ *
+ * GET /_dineway/api/admin/hitl-requests - List generic HITL requests
+ */
+
+import { Role } from "@dineway-ai/auth";
+import type { APIRoute } from "astro";
+
+import { apiError, handleError, requireDb, unwrapResult } from "#api/error.js";
+import { handleHitlRequestList } from "#api/handlers/hitl-requests.js";
+import { resolveHitlRouteActor } from "#api/hitl-route-helpers.js";
+import { isParseError, parseQuery } from "#api/parse.js";
+import { hitlRequestListQuery } from "#api/schemas.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ url, locals }) => {
+	const { dineway, user } = locals;
+
+	const dbErr = requireDb(dineway?.db);
+	if (dbErr) return dbErr;
+
+	if (!user || user.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	try {
+		const query = parseQuery(url, hitlRequestListQuery);
+		if (isParseError(query)) return query;
+
+		const actor = resolveHitlRouteActor(locals);
+		const result = await handleHitlRequestList(dineway.db, actor.access, query);
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to list HITL requests", "WORKFLOW_HITL_LIST_ERROR");
+	}
+};

package/src/astro/routes/api/admin/hooks/exclusive/[hookName].ts

@@ -0,0 +1,132 @@
+/**
+ * Exclusive hook selection endpoint
+ *
+ * PUT /_dineway/api/admin/hooks/exclusive/:hookName
+ *
+ * Sets or clears the selected provider for an exclusive hook.
+ * Body: { pluginId: string | null }
+ * Requires settings:manage permission.
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, apiSuccess, handleError } from "#api/error.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
+import { isParseError, parseBody } from "#api/parse.js";
+import {
+	ExclusiveHookHitlPayloadBuilder,
+	exclusiveHookApiRouteSource,
+	logExclusiveHookActivity,
+	RiskPolicyEvaluator,
+} from "#site-context/index.js";
+
+export const prerender = false;
+
+/** Hook name format: namespace:action (e.g., "content:beforeSave") */
+const HOOK_NAME_RE = /^[a-z]+:[a-zA-Z]+$/;
+
+const setSelectionSchema = z.object({
+	pluginId: z.string().min(1).nullable(),
+	hitlRequestId: z.string().min(1).optional(),
+});
+
+export const PUT: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "settings:manage");
+	if (denied) return denied;
+
+	const hookName = params.hookName;
+	if (!hookName) {
+		return apiError("VALIDATION_ERROR", "Hook name is required", 400);
+	}
+
+	// Validate hook name format: must be namespace:action (e.g., "content:beforeSave")
+	if (!HOOK_NAME_RE.test(hookName)) {
+		return apiError("VALIDATION_ERROR", "Invalid hook name format", 400);
+	}
+
+	try {
+		const pipeline = dineway.hooks;
+
+		// Verify this is actually an exclusive hook
+		if (!pipeline.isExclusiveHook(hookName)) {
+			return apiError("NOT_FOUND", `Hook '${hookName}' is not a registered exclusive hook`, 404);
+		}
+
+		const body = await parseBody(request, setSelectionSchema);
+		if (isParseError(body)) return body;
+		const providers = pipeline
+			.getExclusiveHookProviders(hookName)
+			.map((provider: { pluginId: string; pluginName?: string }) => ({
+				pluginId: provider.pluginId,
+				pluginName: provider.pluginName ?? provider.pluginId,
+			}));
+		if (body.pluginId !== null) {
+			const isValidProvider = providers.some((provider) => provider.pluginId === body.pluginId);
+			if (!isValidProvider) {
+				return apiError(
+					"VALIDATION_ERROR",
+					`Plugin '${body.pluginId}' is not a provider for hook '${hookName}'`,
+					400,
+				);
+			}
+		}
+
+		const previousPluginId = await pipeline.getExclusiveHookSelection(hookName);
+		const actor = resolveHitlRouteActor(locals);
+		const evaluator = new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		});
+		let approvedHitlRequestId: string | null = null;
+
+		if (evaluator.requiresWorkflowHitl(actor.identity)) {
+			const action = await new ExclusiveHookHitlPayloadBuilder().buildSetSelectionRequest({
+				hookName,
+				currentPluginId: previousPluginId,
+				requestedPluginId: body.pluginId,
+				providers,
+			});
+			const decision = await evaluator.evaluateWorkflowHitl({
+				actor: actor.identity,
+				hitlRequestId: body.hitlRequestId,
+				action,
+			});
+			if (!decision.allowed) {
+				const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+				return hitlRequiredRouteError(decision, ensured);
+			}
+			approvedHitlRequestId = decision.hitlRequest.id;
+		}
+
+		await pipeline.setExclusiveHookSelection(hookName, body.pluginId);
+		await logExclusiveHookActivity(dineway.db, locals, {
+			action: "updated",
+			hookName,
+			previousPluginId,
+			selectedPluginId: body.pluginId,
+			...exclusiveHookApiRouteSource("updated"),
+			detail: {
+				hitlRequestId: approvedHitlRequestId,
+			},
+		});
+
+		return apiSuccess({
+			hookName,
+			selectedPluginId: body.pluginId,
+		});
+	} catch (error) {
+		return handleError(error, "Failed to set exclusive hook selection", "EXCLUSIVE_HOOK_SET_ERROR");
+	}
+};

package/src/astro/routes/api/admin/hooks/exclusive/index.ts

@@ -0,0 +1,51 @@
+/**
+ * Exclusive hooks list endpoint
+ *
+ * GET /_dineway/api/admin/hooks/exclusive
+ *
+ * Lists all exclusive hooks with their providers and current selections.
+ * Requires admin role.
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, apiSuccess, handleError } from "#api/error.js";
+import { OptionsRepository } from "#db/repositories/options.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "settings:manage");
+	if (denied) return denied;
+
+	try {
+		const pipeline = dineway.hooks;
+		const exclusiveHookNames = pipeline.getRegisteredExclusiveHooks();
+		const optionsRepo = new OptionsRepository(dineway.db);
+
+		const hooks = [];
+		for (const hookName of exclusiveHookNames) {
+			const providers = pipeline.getExclusiveHookProviders(hookName);
+			const selection = await optionsRepo.get<string>(`dineway:exclusive_hook:${hookName}`);
+
+			hooks.push({
+				hookName,
+				providers: providers.map((provider: { pluginId: string }) => ({
+					pluginId: provider.pluginId,
+				})),
+				selectedPluginId: selection,
+			});
+		}
+
+		return apiSuccess({ items: hooks });
+	} catch (error) {
+		return handleError(error, "Failed to list exclusive hooks", "EXCLUSIVE_HOOKS_LIST_ERROR");
+	}
+};

package/src/astro/routes/api/admin/oauth-clients/[id].ts

@@ -0,0 +1,137 @@
+/**
+ * Single OAuth client endpoints
+ *
+ * GET    /_dineway/api/admin/oauth-clients/:id — Get a client
+ * PUT    /_dineway/api/admin/oauth-clients/:id — Update a client
+ * DELETE /_dineway/api/admin/oauth-clients/:id — Delete a client
+ */
+
+import { Role } from "@dineway-ai/auth";
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { rejectApiTokenAuthControlWrite } from "#api/auth-control-guard.js";
+import { apiError, handleError, unwrapResult } from "#api/error.js";
+import {
+	handleOAuthClientDelete,
+	handleOAuthClientGet,
+	handleOAuthClientUpdate,
+} from "#api/handlers/oauth-clients.js";
+import { isParseError, parseBody } from "#api/parse.js";
+import { ALL_VALID_SCOPES } from "#auth/api-tokens.js";
+import {
+	disabledExperimentalSiteContextWorkflowScopes,
+	getExperimentalSiteContextWorkflowScopesDisabledMessage,
+} from "#site-context/experimental-workflows.js";
+
+export const prerender = false;
+
+const updateClientSchema = z.object({
+	name: z.string().min(1).max(255).optional(),
+	redirectUris: z
+		.array(z.string().url("Each redirect URI must be a valid URL"))
+		.min(1, "At least one redirect URI is required")
+		.optional(),
+	scopes: z.array(z.enum(ALL_VALID_SCOPES)).nullable().optional(),
+});
+
+/**
+ * Get a single OAuth client.
+ */
+export const GET: APIRoute = async ({ params, locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	if (!user || user.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	const credentialGuard = rejectApiTokenAuthControlWrite(locals, "oauth_clients");
+	if (credentialGuard) return credentialGuard;
+
+	const clientId = params.id;
+	if (!clientId) {
+		return apiError("VALIDATION_ERROR", "Client ID is required", 400);
+	}
+
+	const result = await handleOAuthClientGet(dineway.db, clientId);
+	return unwrapResult(result);
+};
+
+/**
+ * Update an OAuth client.
+ */
+export const PUT: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	if (!user || user.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	const credentialGuard = rejectApiTokenAuthControlWrite(locals, "oauth_clients");
+	if (credentialGuard) return credentialGuard;
+
+	const clientId = params.id;
+	if (!clientId) {
+		return apiError("VALIDATION_ERROR", "Client ID is required", 400);
+	}
+
+	try {
+		const body = await parseBody(request, updateClientSchema);
+		if (isParseError(body)) return body;
+		const requestedWorkflowScopes = disabledExperimentalSiteContextWorkflowScopes(
+			body.scopes ?? [],
+		);
+		if (requestedWorkflowScopes.length > 0) {
+			return apiError(
+				"NOT_IMPLEMENTED",
+				getExperimentalSiteContextWorkflowScopesDisabledMessage(),
+				501,
+				{
+					status: "workflow_oauth_client_scopes_disabled",
+					reason: "workflow_oauth_client_scopes_disabled",
+					scopes: requestedWorkflowScopes,
+				},
+			);
+		}
+
+		const result = await handleOAuthClientUpdate(dineway.db, clientId, body);
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to update OAuth client", "CLIENT_UPDATE_ERROR");
+	}
+};
+
+/**
+ * Delete an OAuth client.
+ */
+export const DELETE: APIRoute = async ({ params, locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	if (!user || user.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	const clientId = params.id;
+	if (!clientId) {
+		return apiError("VALIDATION_ERROR", "Client ID is required", 400);
+	}
+
+	try {
+		const result = await handleOAuthClientDelete(dineway.db, clientId);
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to delete OAuth client", "CLIENT_DELETE_ERROR");
+	}
+};

package/src/astro/routes/api/admin/oauth-clients/index.ts

@@ -0,0 +1,95 @@
+/**
+ * OAuth client management endpoints
+ *
+ * GET  /_dineway/api/admin/oauth-clients — List all registered OAuth clients
+ * POST /_dineway/api/admin/oauth-clients — Register a new OAuth client
+ */
+
+import { Role } from "@dineway-ai/auth";
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { rejectApiTokenAuthControlWrite } from "#api/auth-control-guard.js";
+import { apiError, handleError, unwrapResult } from "#api/error.js";
+import { handleOAuthClientCreate, handleOAuthClientList } from "#api/handlers/oauth-clients.js";
+import { isParseError, parseBody } from "#api/parse.js";
+import { ALL_VALID_SCOPES } from "#auth/api-tokens.js";
+import {
+	disabledExperimentalSiteContextWorkflowScopes,
+	getExperimentalSiteContextWorkflowScopesDisabledMessage,
+} from "#site-context/experimental-workflows.js";
+
+export const prerender = false;
+
+const createClientSchema = z.object({
+	id: z
+		.string()
+		.min(1, "Client ID is required")
+		.max(255, "Client ID must be at most 255 characters"),
+	name: z.string().min(1, "Name is required").max(255, "Name must be at most 255 characters"),
+	redirectUris: z
+		.array(z.string().url("Each redirect URI must be a valid URL"))
+		.min(1, "At least one redirect URI is required"),
+	scopes: z.array(z.enum(ALL_VALID_SCOPES)).optional(),
+});
+
+/**
+ * List all registered OAuth clients.
+ */
+export const GET: APIRoute = async ({ locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	if (!user || user.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	const result = await handleOAuthClientList(dineway.db);
+	return unwrapResult(result);
+};
+
+/**
+ * Register a new OAuth client.
+ */
+export const POST: APIRoute = async ({ request, locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	if (!user || user.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	const credentialGuard = rejectApiTokenAuthControlWrite(locals, "oauth_clients");
+	if (credentialGuard) return credentialGuard;
+
+	try {
+		const body = await parseBody(request, createClientSchema);
+		if (isParseError(body)) return body;
+		const requestedWorkflowScopes = disabledExperimentalSiteContextWorkflowScopes(
+			body.scopes ?? [],
+		);
+		if (requestedWorkflowScopes.length > 0) {
+			return apiError(
+				"NOT_IMPLEMENTED",
+				getExperimentalSiteContextWorkflowScopesDisabledMessage(),
+				501,
+				{
+					status: "workflow_oauth_client_scopes_disabled",
+					reason: "workflow_oauth_client_scopes_disabled",
+					scopes: requestedWorkflowScopes,
+				},
+			);
+		}
+
+		const result = await handleOAuthClientCreate(dineway.db, body);
+		return unwrapResult(result, 201);
+	} catch (error) {
+		return handleError(error, "Failed to create OAuth client", "CLIENT_CREATE_ERROR");
+	}
+};

package/src/astro/routes/api/admin/plugins/[id]/disable.ts

@@ -0,0 +1,91 @@
+/**
+ * Plugin disable endpoint
+ *
+ * POST /_dineway/api/admin/plugins/:id/disable - Disable a plugin
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
+import { handlePluginDisable, handlePluginGet } from "#api/index.js";
+import { isParseError, parseOptionalBody } from "#api/parse.js";
+import { setCronTasksEnabled } from "#plugins/cron.js";
+import {
+	logPluginActivity,
+	pluginApiRouteSource,
+	PluginHitlPayloadBuilder,
+	RiskPolicyEvaluator,
+} from "#site-context/index.js";
+
+export const prerender = false;
+
+const hitlBodySchema = z.object({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:manage");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+	}
+
+	const body = await parseOptionalBody(request, hitlBodySchema, {});
+	if (isParseError(body)) return body;
+
+	const current = await handlePluginGet(
+		dineway.db,
+		dineway.configuredPlugins,
+		id,
+		dineway.config.marketplace,
+	);
+	if (!current.success) return unwrapResult(current);
+
+	const actor = resolveHitlRouteActor(locals);
+	const action = await new PluginHitlPayloadBuilder().buildDisableRequest(current.data.item);
+	const decision = await new RiskPolicyEvaluator({
+		db: dineway.db,
+		handlers: dineway,
+	}).evaluateWorkflowHitl({
+		actor: actor.identity,
+		hitlRequestId: body.hitlRequestId,
+		action,
+	});
+	if (!decision.allowed) {
+		const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+		return hitlRequiredRouteError(decision, ensured);
+	}
+
+	const result = await handlePluginDisable(dineway.db, dineway.configuredPlugins, id);
+
+	if (!result.success) return unwrapResult(result);
+
+	await dineway.setPluginStatus(id, "inactive");
+	await setCronTasksEnabled(dineway.db, id, false);
+	await logPluginActivity(dineway.db, locals, {
+		action: "disabled",
+		pluginId: id,
+		...pluginApiRouteSource("disabled"),
+		summary: `Disabled plugin ${id}`,
+		detail: {
+			hitlRequestId: decision.required ? decision.hitlRequest.id : null,
+		},
+	});
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/[id]/enable.ts

@@ -0,0 +1,91 @@
+/**
+ * Plugin enable endpoint
+ *
+ * POST /_dineway/api/admin/plugins/:id/enable - Enable a plugin
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
+import { handlePluginEnable, handlePluginGet } from "#api/index.js";
+import { isParseError, parseOptionalBody } from "#api/parse.js";
+import { setCronTasksEnabled } from "#plugins/cron.js";
+import {
+	logPluginActivity,
+	pluginApiRouteSource,
+	PluginHitlPayloadBuilder,
+	RiskPolicyEvaluator,
+} from "#site-context/index.js";
+
+export const prerender = false;
+
+const hitlBodySchema = z.object({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:manage");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+	}
+
+	const body = await parseOptionalBody(request, hitlBodySchema, {});
+	if (isParseError(body)) return body;
+
+	const current = await handlePluginGet(
+		dineway.db,
+		dineway.configuredPlugins,
+		id,
+		dineway.config.marketplace,
+	);
+	if (!current.success) return unwrapResult(current);
+
+	const actor = resolveHitlRouteActor(locals);
+	const action = await new PluginHitlPayloadBuilder().buildEnableRequest(current.data.item);
+	const decision = await new RiskPolicyEvaluator({
+		db: dineway.db,
+		handlers: dineway,
+	}).evaluateWorkflowHitl({
+		actor: actor.identity,
+		hitlRequestId: body.hitlRequestId,
+		action,
+	});
+	if (!decision.allowed) {
+		const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+		return hitlRequiredRouteError(decision, ensured);
+	}
+
+	const result = await handlePluginEnable(dineway.db, dineway.configuredPlugins, id);
+
+	if (!result.success) return unwrapResult(result);
+
+	await dineway.setPluginStatus(id, "active");
+	await setCronTasksEnabled(dineway.db, id, true);
+	await logPluginActivity(dineway.db, locals, {
+		action: "enabled",
+		pluginId: id,
+		...pluginApiRouteSource("enabled"),
+		summary: `Enabled plugin ${id}`,
+		detail: {
+			hitlRequestId: decision.required ? decision.hitlRequest.id : null,
+		},
+	});
+
+	return unwrapResult(result);
+};