emdash 0.14.0 → 0.16.0

package/dist/astro/routes/api/auth/passkey/options.mjs

@@ -1,16 +1,16 @@
 import "../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../types-CwXMEPRr.mjs";
+import "../../../../../types-B0bmgwMG.mjs";
 import { t as OptionsRepository } from "../../../../../options-BL4X94qY.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-tSQWIl5U.mjs";
-import { r as parseOptionalBody, t as isParseError } from "../../../../../parse-BFTPon-J.mjs";
-import "../../../../../redirects-Dmj6KRU3.mjs";
-import { _ as passkeyOptionsBody } from "../../../../../setup-BGAJ2uXs.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-ChfADBuu.mjs";
+import { r as parseOptionalBody, t as isParseError } from "../../../../../parse-DHbXfvxO.mjs";
+import "../../../../../redirects-COMLwsV5.mjs";
+import { _ as passkeyOptionsBody } from "../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-CJhQIk65.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-CseXl9Fv.mjs";
-import { n as createChallengeStore, t as cleanupExpiredChallenges } from "../../../../../challenge-store-CJ0OOHOr.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-Cg86_ISa.mjs";
-import { n as getClientIp, r as rateLimitResponse, t as checkRateLimit } from "../../../../../rate-limit-t5CVjCO6.mjs";
+import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-97pajC2f.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-CUWWFME2.mjs";
+import { n as createChallengeStore, t as cleanupExpiredChallenges } from "../../../../../challenge-store-Dng1SxKT.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-BloQOT3y.mjs";
+import { n as getClientIp, r as rateLimitResponse, t as checkRateLimit } from "../../../../../rate-limit-D8RAXN8b.mjs";
 import { createKyselyAdapter } from "@emdash-cms/auth/adapters/kysely";
 import { generateAuthenticationOptions } from "@emdash-cms/auth/passkey";
 

package/dist/astro/routes/api/auth/passkey/register/options.mjs

@@ -1,14 +1,14 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
 import { t as OptionsRepository } from "../../../../../../options-BL4X94qY.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-BFTPon-J.mjs";
-import "../../../../../../redirects-Dmj6KRU3.mjs";
-import { v as passkeyRegisterOptionsBody } from "../../../../../../setup-BGAJ2uXs.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-DHbXfvxO.mjs";
+import "../../../../../../redirects-COMLwsV5.mjs";
+import { v as passkeyRegisterOptionsBody } from "../../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../../public-url-CseXl9Fv.mjs";
-import { n as createChallengeStore } from "../../../../../../challenge-store-CJ0OOHOr.mjs";
-import { t as getPasskeyConfig } from "../../../../../../passkey-config-Cg86_ISa.mjs";
+import { n as getPublicOrigin } from "../../../../../../public-url-CUWWFME2.mjs";
+import { n as createChallengeStore } from "../../../../../../challenge-store-Dng1SxKT.mjs";
+import { t as getPasskeyConfig } from "../../../../../../passkey-config-BloQOT3y.mjs";
 import { createKyselyAdapter } from "@emdash-cms/auth/adapters/kysely";
 import { generateRegistrationOptions } from "@emdash-cms/auth/passkey";
 

package/dist/astro/routes/api/auth/passkey/register/verify.mjs

@@ -1,15 +1,15 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
 import { t as OptionsRepository } from "../../../../../../options-BL4X94qY.mjs";
-import { n as apiSuccess, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../../parse-BFTPon-J.mjs";
-import "../../../../../../redirects-Dmj6KRU3.mjs";
-import { y as passkeyRegisterVerifyBody } from "../../../../../../setup-BGAJ2uXs.mjs";
+import { n as apiSuccess, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../../parse-DHbXfvxO.mjs";
+import "../../../../../../redirects-COMLwsV5.mjs";
+import { y as passkeyRegisterVerifyBody } from "../../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../../public-url-CseXl9Fv.mjs";
-import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../../allowed-origins-CDdG-4Gd.mjs";
-import { n as createChallengeStore } from "../../../../../../challenge-store-CJ0OOHOr.mjs";
-import { t as getPasskeyConfig } from "../../../../../../passkey-config-Cg86_ISa.mjs";
+import { n as getPublicOrigin } from "../../../../../../public-url-CUWWFME2.mjs";
+import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../../allowed-origins-D0fFk9a6.mjs";
+import { n as createChallengeStore } from "../../../../../../challenge-store-Dng1SxKT.mjs";
+import { t as getPasskeyConfig } from "../../../../../../passkey-config-BloQOT3y.mjs";
 import { createKyselyAdapter } from "@emdash-cms/auth/adapters/kysely";
 import { registerPasskey, verifyRegistrationResponse } from "@emdash-cms/auth/passkey";
 

package/dist/astro/routes/api/auth/passkey/verify.mjs

@@ -1,15 +1,15 @@
 import "../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../types-CwXMEPRr.mjs";
+import "../../../../../types-B0bmgwMG.mjs";
 import { t as OptionsRepository } from "../../../../../options-BL4X94qY.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-tSQWIl5U.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BFTPon-J.mjs";
-import "../../../../../redirects-Dmj6KRU3.mjs";
-import { x as passkeyVerifyBody } from "../../../../../setup-BGAJ2uXs.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-ChfADBuu.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-DHbXfvxO.mjs";
+import "../../../../../redirects-COMLwsV5.mjs";
+import { x as passkeyVerifyBody } from "../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-CseXl9Fv.mjs";
-import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-CDdG-4Gd.mjs";
-import { n as createChallengeStore } from "../../../../../challenge-store-CJ0OOHOr.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-Cg86_ISa.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-CUWWFME2.mjs";
+import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-D0fFk9a6.mjs";
+import { n as createChallengeStore } from "../../../../../challenge-store-Dng1SxKT.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-BloQOT3y.mjs";
 import { createKyselyAdapter } from "@emdash-cms/auth/adapters/kysely";
 import { PasskeyAuthenticationError, authenticateWithPasskey } from "@emdash-cms/auth/passkey";
 

package/dist/astro/routes/api/auth/signup/complete.mjs

@@ -1,15 +1,15 @@
 import "../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../types-CwXMEPRr.mjs";
+import "../../../../../types-B0bmgwMG.mjs";
 import { t as OptionsRepository } from "../../../../../options-BL4X94qY.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-tSQWIl5U.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BFTPon-J.mjs";
-import "../../../../../redirects-Dmj6KRU3.mjs";
-import { S as signupCompleteBody } from "../../../../../setup-BGAJ2uXs.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-ChfADBuu.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-DHbXfvxO.mjs";
+import "../../../../../redirects-COMLwsV5.mjs";
+import { S as signupCompleteBody } from "../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { n as getPublicOrigin } from "../../../../../public-url-CseXl9Fv.mjs";
-import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-CDdG-4Gd.mjs";
-import { n as createChallengeStore } from "../../../../../challenge-store-CJ0OOHOr.mjs";
-import { t as getPasskeyConfig } from "../../../../../passkey-config-Cg86_ISa.mjs";
+import { n as getPublicOrigin } from "../../../../../public-url-CUWWFME2.mjs";
+import { n as validateAllowedOrigins, t as getConfiguredAllowedOrigins } from "../../../../../allowed-origins-D0fFk9a6.mjs";
+import { n as createChallengeStore } from "../../../../../challenge-store-Dng1SxKT.mjs";
+import { t as getPasskeyConfig } from "../../../../../passkey-config-BloQOT3y.mjs";
 import { createKyselyAdapter } from "@emdash-cms/auth/adapters/kysely";
 import { SignupError, completeSignup } from "@emdash-cms/auth";
 import { registerPasskey, verifyRegistrationResponse } from "@emdash-cms/auth/passkey";

package/dist/astro/routes/api/auth/signup/request.mjs

@@ -1,14 +1,14 @@
 import "../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../types-CwXMEPRr.mjs";
+import "../../../../../types-B0bmgwMG.mjs";
 import { t as OptionsRepository } from "../../../../../options-BL4X94qY.mjs";
-import { n as apiSuccess, t as apiError } from "../../../../../error-tSQWIl5U.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../parse-BFTPon-J.mjs";
-import "../../../../../redirects-Dmj6KRU3.mjs";
-import { C as signupRequestBody } from "../../../../../setup-BGAJ2uXs.mjs";
+import { n as apiSuccess, t as apiError } from "../../../../../error-ChfADBuu.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../parse-DHbXfvxO.mjs";
+import "../../../../../redirects-COMLwsV5.mjs";
+import { C as signupRequestBody } from "../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../api/schemas/index.mjs";
-import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-CJhQIk65.mjs";
-import { t as getSiteBaseUrl } from "../../../../../site-url-D-M4Fd8O.mjs";
-import { n as getClientIp, t as checkRateLimit } from "../../../../../rate-limit-t5CVjCO6.mjs";
+import { t as getTrustedProxyHeaders } from "../../../../../trusted-proxy-97pajC2f.mjs";
+import { t as getSiteBaseUrl } from "../../../../../site-url-xkhw1tcz.mjs";
+import { n as getClientIp, t as checkRateLimit } from "../../../../../rate-limit-D8RAXN8b.mjs";
 import { createKyselyAdapter } from "@emdash-cms/auth/adapters/kysely";
 import { requestSignup } from "@emdash-cms/auth";
 

package/dist/astro/routes/api/auth/signup/verify.mjs

@@ -1,6 +1,6 @@
 import "../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../types-CwXMEPRr.mjs";
-import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-tSQWIl5U.mjs";
+import "../../../../../types-B0bmgwMG.mjs";
+import { n as apiSuccess, r as handleError, t as apiError } from "../../../../../error-ChfADBuu.mjs";
 import { createKyselyAdapter } from "@emdash-cms/auth/adapters/kysely";
 import { SignupError, roleFromLevel, validateSignupToken } from "@emdash-cms/auth";
 

package/dist/astro/routes/api/comments/_collection_/_contentId_/index.mjs

@@ -1,18 +1,18 @@
 import { t as validateIdentifier } from "../../../../../../validate-VPnKoIzW.mjs";
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { t as CommentRepository } from "../../../../../../comment-Dd9MI82-.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { t as CommentRepository } from "../../../../../../comment-C76G-9tz.mjs";
 import "../../../../../../options-BL4X94qY.mjs";
-import { a as unwrapResult, i as requireDb, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../../parse-BFTPon-J.mjs";
-import { yt as createCommentBody } from "../../../../../../redirects-Dmj6KRU3.mjs";
-import "../../../../../../setup-BGAJ2uXs.mjs";
+import { a as unwrapResult, i as requireDb, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../../parse-DHbXfvxO.mjs";
+import { yt as createCommentBody } from "../../../../../../redirects-COMLwsV5.mjs";
+import "../../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { t as extractRequestMeta } from "../../../../../../request-meta-CLCwSQOS.mjs";
-import { i as resolveSecretsCached } from "../../../../../../secrets-6pgZyq0K.mjs";
-import { c as hashIp, s as handleCommentList, t as checkRateLimit } from "../../../../../../comments-koGI0FrK.mjs";
-import { t as getSiteBaseUrl } from "../../../../../../site-url-D-M4Fd8O.mjs";
-import { i as sendCommentNotification, t as createComment } from "../../../../../../service-vByySp-2.mjs";
+import { t as extractRequestMeta } from "../../../../../../request-meta-C_Cjii-T.mjs";
+import { i as resolveSecretsCached } from "../../../../../../secrets-rPdhEBkD.mjs";
+import { c as hashIp, s as handleCommentList, t as checkRateLimit } from "../../../../../../comments-CCxFFGY1.mjs";
+import { t as getSiteBaseUrl } from "../../../../../../site-url-xkhw1tcz.mjs";
+import { i as sendCommentNotification, t as createComment } from "../../../../../../service-B0H7U1Y9.mjs";
 
 //#region src/astro/routes/api/comments/[collection]/[contentId]/index.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/compare.mjs

@@ -1,7 +1,7 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as requirePerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as requirePerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/compare.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/discard-draft.mjs

@@ -1,7 +1,7 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { t as requireOwnerPerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { t as requireOwnerPerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/discard-draft.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/discard-draft.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"discard-draft.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/discard-draft.ts"],"sourcesContent":["/**\n * Discard draft changes - reverts to live version\n *\n * POST /_emdash/api/content/{collection}/{id}/discard-draft\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentDiscardDraft || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst denied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (denied) return denied;\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\tconst result = await emdash.handleContentDiscardDraft(collection, resolvedId);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;AAWA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CAClE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,6BAA6B,CAAC,QAAQ,iBAClD,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAEF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,SAAS,iBAAiB,MADf,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IACtC,oBAAoB,mBAAmB;AACvF,KAAI,OAAQ,QAAO;CAEnB,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAE5E,MAAM,SAAS,MAAM,OAAO,0BAA0B,YAAY,WAAW;AAE7E,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,WAAW,EAAE,CAAC;AAE9E,QAAO,aAAa,OAAO"}
+{"version":3,"file":"discard-draft.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/discard-draft.ts"],"sourcesContent":["/**\n * Discard draft changes - reverts to live version\n *\n * POST /_emdash/api/content/{collection}/{id}/discard-draft\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentDiscardDraft || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst denied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (denied) return denied;\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\tconst result = await emdash.handleContentDiscardDraft(collection, resolvedId);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;AAWA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CAClE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,6BAA6B,CAAC,QAAQ,iBAClD,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAEF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,SAAS,iBAAiB,MADf,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IACtC,oBAAoB,mBAAmB;AACvF,KAAI,OAAQ,QAAO;CAEnB,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAE5E,MAAM,SAAS,MAAM,OAAO,0BAA0B,YAAY,WAAW;AAE7E,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,WAAW,EAAE,CAAC;AAE9E,QAAO,aAAa,OAAO"}

package/dist/astro/routes/api/content/_collection_/_id_/duplicate.mjs

@@ -1,7 +1,7 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as requirePerm, t as requireOwnerPerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as requirePerm, t as requireOwnerPerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/duplicate.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/duplicate.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"duplicate.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/duplicate.ts"],"sourcesContent":["/**\n * Duplicate content endpoint - injected by EmDash integration\n *\n * POST /_emdash/api/content/{collection}/{id}/duplicate - Create a copy\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requirePerm, requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tconst denied = requirePerm(user, \"content:create\");\n\tif (denied) return denied;\n\n\tif (!emdash?.handleContentDuplicate || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership — duplicating requires read access to the source\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\t// Duplicating requires read access to the source — check ownership-based edit permissions\n\t// since content:read is flat (no own/any split). This ensures authors can only duplicate their own.\n\tconst readDenied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (readDenied) return readDenied;\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\tconst result = await emdash.handleContentDuplicate(collection, resolvedId, user?.id);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection] });\n\n\treturn unwrapResult(result, 201);\n};\n"],"mappings":";;;;;;AAWA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CAClE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;CAElB,MAAM,SAAS,YAAY,MAAM,iBAAiB;AAClD,KAAI,OAAQ,QAAO;AAEnB,KAAI,CAAC,QAAQ,0BAA0B,CAAC,QAAQ,iBAC/C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAIJ,MAAM,aAAa,iBAAiB,MAHnB,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IAGlC,oBAAoB,mBAAmB;AAC3F,KAAI,WAAY,QAAO;CAEvB,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAC5E,MAAM,SAAS,MAAM,OAAO,uBAAuB,YAAY,YAAY,MAAM,GAAG;AAEpF,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC;AAElE,QAAO,aAAa,QAAQ,IAAI"}
+{"version":3,"file":"duplicate.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/duplicate.ts"],"sourcesContent":["/**\n * Duplicate content endpoint - injected by EmDash integration\n *\n * POST /_emdash/api/content/{collection}/{id}/duplicate - Create a copy\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requirePerm, requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tconst denied = requirePerm(user, \"content:create\");\n\tif (denied) return denied;\n\n\tif (!emdash?.handleContentDuplicate || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership — duplicating requires read access to the source\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\t// Duplicating requires read access to the source — check ownership-based edit permissions\n\t// since content:read is flat (no own/any split). This ensures authors can only duplicate their own.\n\tconst readDenied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (readDenied) return readDenied;\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\tconst result = await emdash.handleContentDuplicate(collection, resolvedId, user?.id);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection] });\n\n\treturn unwrapResult(result, 201);\n};\n"],"mappings":";;;;;;AAWA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CAClE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;CAElB,MAAM,SAAS,YAAY,MAAM,iBAAiB;AAClD,KAAI,OAAQ,QAAO;AAEnB,KAAI,CAAC,QAAQ,0BAA0B,CAAC,QAAQ,iBAC/C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAIJ,MAAM,aAAa,iBAAiB,MAHnB,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IAGlC,oBAAoB,mBAAmB;AAC3F,KAAI,WAAY,QAAO;CAEvB,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAC5E,MAAM,SAAS,MAAM,OAAO,uBAAuB,YAAY,YAAY,MAAM,GAAG;AAEpF,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC;AAElE,QAAO,aAAa,QAAQ,IAAI"}

package/dist/astro/routes/api/content/_collection_/_id_/permanent.mjs

@@ -1,7 +1,7 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as requirePerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as requirePerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/permanent.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/preview-url.mjs

@@ -1,16 +1,16 @@
 import { n as getI18nConfig } from "../../../../../../config-CVssduLe.mjs";
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
 import "../../../../../../options-BL4X94qY.mjs";
-import { a as unwrapResult, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-BFTPon-J.mjs";
-import { rn as contentPreviewUrlBody } from "../../../../../../redirects-Dmj6KRU3.mjs";
-import "../../../../../../setup-BGAJ2uXs.mjs";
+import { a as unwrapResult, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-DHbXfvxO.mjs";
+import { rn as contentPreviewUrlBody } from "../../../../../../redirects-COMLwsV5.mjs";
+import "../../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import "../../../../../../tokens-DILYNZMi.mjs";
-import { i as getPreviewUrl } from "../../../../../../preview-C1LOEbWZ.mjs";
-import { i as resolveSecretsCached } from "../../../../../../secrets-6pgZyq0K.mjs";
-import { n as requirePerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../tokens-N8otWMmj.mjs";
+import { i as getPreviewUrl } from "../../../../../../preview-D4z0WONU.mjs";
+import { i as resolveSecretsCached } from "../../../../../../secrets-rPdhEBkD.mjs";
+import { n as requirePerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/preview-url.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/publish.mjs

@@ -1,11 +1,11 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-BFTPon-J.mjs";
-import { in as contentPublishBody } from "../../../../../../redirects-Dmj6KRU3.mjs";
-import "../../../../../../setup-BGAJ2uXs.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { r as parseOptionalBody, t as isParseError } from "../../../../../../parse-DHbXfvxO.mjs";
+import { in as contentPublishBody } from "../../../../../../redirects-COMLwsV5.mjs";
+import "../../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { t as requireOwnerPerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import { t as requireOwnerPerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 import { hasPermission } from "@emdash-cms/auth";
 
 //#region src/astro/routes/api/content/[collection]/[id]/publish.ts

package/dist/astro/routes/api/content/_collection_/_id_/publish.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"publish.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/publish.ts"],"sourcesContent":["/**\n * Publish content - promotes draft to live\n *\n * POST /_emdash/api/content/{collection}/{id}/publish\n *\n * Optional JSON body: { publishedAt?: string }\n *   publishedAt — ISO 8601 datetime to backdate the publish (e.g. when\n *   migrating content). Writing publishedAt requires content:publish_any.\n *   Without it, the existing published_at is preserved on re-publish and\n *   falls back to the current time on first publish.\n */\n\nimport { hasPermission } from \"@emdash-cms/auth\";\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\nimport { isParseError, parseOptionalBody } from \"#api/parse.js\";\nimport { contentPublishBody } from \"#api/schemas.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, request, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentPublish || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Body is optional — empty body means use the legacy behavior (preserve\n\t// or default published_at). Pass `publishedAt` to backdate.\n\tconst body = await parseOptionalBody(request, contentPublishBody, {});\n\tif (isParseError(body)) return body;\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst denied = requireOwnerPerm(user, authorId, \"content:publish_own\", \"content:publish_any\");\n\tif (denied) return denied;\n\n\t// Schema narrows `publishedAt` to `string | undefined`; null is rejected\n\t// at the schema layer (publish has no semantic meaning for \"clear\").\n\tconst publishedAt = body?.publishedAt;\n\n\t// Backdating overwrites historical record — gate behind publish_any\n\t// regardless of ownership.\n\tif (publishedAt !== undefined && !hasPermission(user, \"content:publish_any\")) {\n\t\treturn apiError(\n\t\t\t\"FORBIDDEN\",\n\t\t\t\"Setting publishedAt requires content:publish_any permission\",\n\t\t\t403,\n\t\t);\n\t}\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\tconst result = await emdash.handleContentPublish(collection, resolvedId, {\n\t\tpublishedAt,\n\t});\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAoBA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,SAAS,QAAQ,YAAY;CAC3E,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,wBAAwB,CAAC,QAAQ,iBAC7C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAKpE,MAAM,OAAO,MAAM,kBAAkB,SAAS,oBAAoB,EAAE,CAAC;AACrE,KAAI,aAAa,KAAK,CAAE,QAAO;CAG/B,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CACJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,SAAS,iBAAiB,MADf,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IACtC,uBAAuB,sBAAsB;AAC7F,KAAI,OAAQ,QAAO;CAInB,MAAM,cAAc,MAAM;AAI1B,KAAI,gBAAgB,UAAa,CAAC,cAAc,MAAM,sBAAsB,CAC3E,QAAO,SACN,aACA,+DACA,IACA;CAGF,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAE5E,MAAM,SAAS,MAAM,OAAO,qBAAqB,YAAY,YAAY,EACxE,aACA,CAAC;AAEF,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,WAAW,EAAE,CAAC;AAE9E,QAAO,aAAa,OAAO"}
+{"version":3,"file":"publish.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/publish.ts"],"sourcesContent":["/**\n * Publish content - promotes draft to live\n *\n * POST /_emdash/api/content/{collection}/{id}/publish\n *\n * Optional JSON body: { publishedAt?: string }\n *   publishedAt — ISO 8601 datetime to backdate the publish (e.g. when\n *   migrating content). Writing publishedAt requires content:publish_any.\n *   Without it, the existing published_at is preserved on re-publish and\n *   falls back to the current time on first publish.\n */\n\nimport { hasPermission } from \"@emdash-cms/auth\";\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\nimport { isParseError, parseOptionalBody } from \"#api/parse.js\";\nimport { contentPublishBody } from \"#api/schemas.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, request, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentPublish || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Body is optional — empty body means use the legacy behavior (preserve\n\t// or default published_at). Pass `publishedAt` to backdate.\n\tconst body = await parseOptionalBody(request, contentPublishBody, {});\n\tif (isParseError(body)) return body;\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst denied = requireOwnerPerm(user, authorId, \"content:publish_own\", \"content:publish_any\");\n\tif (denied) return denied;\n\n\t// Schema narrows `publishedAt` to `string | undefined`; null is rejected\n\t// at the schema layer (publish has no semantic meaning for \"clear\").\n\tconst publishedAt = body?.publishedAt;\n\n\t// Backdating overwrites historical record — gate behind publish_any\n\t// regardless of ownership.\n\tif (publishedAt !== undefined && !hasPermission(user, \"content:publish_any\")) {\n\t\treturn apiError(\n\t\t\t\"FORBIDDEN\",\n\t\t\t\"Setting publishedAt requires content:publish_any permission\",\n\t\t\t403,\n\t\t);\n\t}\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\tconst result = await emdash.handleContentPublish(collection, resolvedId, {\n\t\tpublishedAt,\n\t});\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAoBA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,SAAS,QAAQ,YAAY;CAC3E,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,wBAAwB,CAAC,QAAQ,iBAC7C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAKpE,MAAM,OAAO,MAAM,kBAAkB,SAAS,oBAAoB,EAAE,CAAC;AACrE,KAAI,aAAa,KAAK,CAAE,QAAO;CAG/B,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CACJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,SAAS,iBAAiB,MADf,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IACtC,uBAAuB,sBAAsB;AAC7F,KAAI,OAAQ,QAAO;CAInB,MAAM,cAAc,MAAM;AAI1B,KAAI,gBAAgB,UAAa,CAAC,cAAc,MAAM,sBAAsB,CAC3E,QAAO,SACN,aACA,+DACA,IACA;CAGF,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAE5E,MAAM,SAAS,MAAM,OAAO,qBAAqB,YAAY,YAAY,EACxE,aACA,CAAC;AAEF,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,WAAW,EAAE,CAAC;AAE9E,QAAO,aAAa,OAAO"}

package/dist/astro/routes/api/content/_collection_/_id_/restore.mjs

@@ -1,7 +1,7 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { t as requireOwnerPerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { t as requireOwnerPerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/restore.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/restore.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"restore.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/restore.ts"],"sourcesContent":["/**\n * Restore content from trash endpoint - injected by EmDash integration\n *\n * POST /_emdash/api/content/{collection}/{id}/restore - Restore from trash\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentRestore || !emdash?.handleContentGetIncludingTrashed) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item including trashed items to check ownership\n\tconst existing = await emdash.handleContentGetIncludingTrashed(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst denied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (denied) return denied;\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\tconst result = await emdash.handleContentRestore(collection, resolvedId);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;AAWA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CAClE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,wBAAwB,CAAC,QAAQ,iCAC7C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iCAAiC,YAAY,GAAG;AAC9E,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAEF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,SAAS,iBAAiB,MADf,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IACtC,oBAAoB,mBAAmB;AACvF,KAAI,OAAQ,QAAO;CAEnB,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAE5E,MAAM,SAAS,MAAM,OAAO,qBAAqB,YAAY,WAAW;AAExE,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,WAAW,EAAE,CAAC;AAE9E,QAAO,aAAa,OAAO"}
+{"version":3,"file":"restore.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/restore.ts"],"sourcesContent":["/**\n * Restore content from trash endpoint - injected by EmDash integration\n *\n * POST /_emdash/api/content/{collection}/{id}/restore - Restore from trash\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nexport const POST: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentRestore || !emdash?.handleContentGetIncludingTrashed) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item including trashed items to check ownership\n\tconst existing = await emdash.handleContentGetIncludingTrashed(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst denied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (denied) return denied;\n\n\tconst resolvedId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\tconst result = await emdash.handleContentRestore(collection, resolvedId);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;AAWA,MAAa,YAAY;AAEzB,MAAa,OAAiB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CAClE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,wBAAwB,CAAC,QAAQ,iCAC7C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iCAAiC,YAAY,GAAG;AAC9E,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAEF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,SAAS,iBAAiB,MADf,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IACtC,oBAAoB,mBAAmB;AACvF,KAAI,OAAQ,QAAO;CAEnB,MAAM,aAAa,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;CAE5E,MAAM,SAAS,MAAM,OAAO,qBAAqB,YAAY,WAAW;AAExE,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,WAAW,EAAE,CAAC;AAE9E,QAAO,aAAa,OAAO"}

package/dist/astro/routes/api/content/_collection_/_id_/revisions.mjs

@@ -1,7 +1,7 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as requirePerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as requirePerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/revisions.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/schedule.mjs

@@ -1,11 +1,11 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../../parse-BFTPon-J.mjs";
-import { on as contentScheduleBody } from "../../../../../../redirects-Dmj6KRU3.mjs";
-import "../../../../../../setup-BGAJ2uXs.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, o as mapErrorStatus, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../../parse-DHbXfvxO.mjs";
+import { on as contentScheduleBody } from "../../../../../../redirects-COMLwsV5.mjs";
+import "../../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../../api/schemas/index.mjs";
-import { t as requireOwnerPerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import { t as requireOwnerPerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/schedule.ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/schedule.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"schedule.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/schedule.ts"],"sourcesContent":["/**\n * Schedule content for future publishing - injected by EmDash integration\n *\n * POST /_emdash/api/content/{collection}/{id}/schedule - Schedule for publishing\n * DELETE /_emdash/api/content/{collection}/{id}/schedule - Unschedule (clear scheduled time)\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\nimport { parseBody, isParseError } from \"#api/parse.js\";\nimport { contentScheduleBody } from \"#api/schemas.js\";\n\nexport const prerender = false;\n\n/**\n * Extract author ID from a content item response (shared by POST and DELETE).\n */\nfunction extractOwnership(data: unknown): { authorId: string; resolvedId: string | undefined } {\n\tconst obj =\n\t\tdata && typeof data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown; narrowed by typeof\n\t\t\t\t(data as Record<string, unknown>)\n\t\t\t: undefined;\n\tconst item =\n\t\tobj?.item && typeof obj.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof\n\t\t\t\t(obj.item as Record<string, unknown>)\n\t\t\t: obj;\n\treturn {\n\t\tauthorId: typeof item?.authorId === \"string\" ? item.authorId : \"\",\n\t\tresolvedId: typeof item?.id === \"string\" ? item.id : undefined,\n\t};\n}\n\nexport const POST: APIRoute = async ({ params, request, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\tconst body = await parseBody(request, contentScheduleBody);\n\tif (isParseError(body)) return body;\n\n\tif (!emdash?.handleContentSchedule || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst { authorId, resolvedId } = extractOwnership(existing.data);\n\tconst denied = requireOwnerPerm(user, authorId, \"content:publish_own\", \"content:publish_any\");\n\tif (denied) return denied;\n\n\tconst result = await emdash.handleContentSchedule(collection, resolvedId ?? id, body.scheduledAt);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId ?? id] });\n\n\treturn unwrapResult(result);\n};\n\nexport const DELETE: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentUnschedule || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst { authorId, resolvedId } = extractOwnership(existing.data);\n\tconst denied = requireOwnerPerm(user, authorId, \"content:publish_own\", \"content:publish_any\");\n\tif (denied) return denied;\n\n\tconst result = await emdash.handleContentUnschedule(collection, resolvedId ?? id);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId ?? id] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;;;;;AAcA,MAAa,YAAY;;;;AAKzB,SAAS,iBAAiB,MAAqE;CAC9F,MAAM,MACL,QAAQ,OAAO,SAAS,WAErB,OACA;CACJ,MAAM,OACL,KAAK,QAAQ,OAAO,IAAI,SAAS,WAE9B,IAAI,OACJ;AACJ,QAAO;EACN,UAAU,OAAO,MAAM,aAAa,WAAW,KAAK,WAAW;EAC/D,YAAY,OAAO,MAAM,OAAO,WAAW,KAAK,KAAK;EACrD;;AAGF,MAAa,OAAiB,OAAO,EAAE,QAAQ,SAAS,QAAQ,YAAY;CAC3E,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;CAClB,MAAM,OAAO,MAAM,UAAU,SAAS,oBAAoB;AAC1D,KAAI,aAAa,KAAK,CAAE,QAAO;AAE/B,KAAI,CAAC,QAAQ,yBAAyB,CAAC,QAAQ,iBAC9C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,EAAE,UAAU,eAAe,iBAAiB,SAAS,KAAK;CAChE,MAAM,SAAS,iBAAiB,MAAM,UAAU,uBAAuB,sBAAsB;AAC7F,KAAI,OAAQ,QAAO;CAEnB,MAAM,SAAS,MAAM,OAAO,sBAAsB,YAAY,cAAc,IAAI,KAAK,YAAY;AAEjG,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,cAAc,GAAG,EAAE,CAAC;AAEpF,QAAO,aAAa,OAAO;;AAG5B,MAAa,SAAmB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CACpE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,2BAA2B,CAAC,QAAQ,iBAChD,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,EAAE,UAAU,eAAe,iBAAiB,SAAS,KAAK;CAChE,MAAM,SAAS,iBAAiB,MAAM,UAAU,uBAAuB,sBAAsB;AAC7F,KAAI,OAAQ,QAAO;CAEnB,MAAM,SAAS,MAAM,OAAO,wBAAwB,YAAY,cAAc,GAAG;AAEjF,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,cAAc,GAAG,EAAE,CAAC;AAEpF,QAAO,aAAa,OAAO"}
+{"version":3,"file":"schedule.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/schedule.ts"],"sourcesContent":["/**\n * Schedule content for future publishing - injected by EmDash integration\n *\n * POST /_emdash/api/content/{collection}/{id}/schedule - Schedule for publishing\n * DELETE /_emdash/api/content/{collection}/{id}/schedule - Unschedule (clear scheduled time)\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, mapErrorStatus, unwrapResult } from \"#api/error.js\";\nimport { parseBody, isParseError } from \"#api/parse.js\";\nimport { contentScheduleBody } from \"#api/schemas.js\";\n\nexport const prerender = false;\n\n/**\n * Extract author ID from a content item response (shared by POST and DELETE).\n */\nfunction extractOwnership(data: unknown): { authorId: string; resolvedId: string | undefined } {\n\tconst obj =\n\t\tdata && typeof data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown; narrowed by typeof\n\t\t\t\t(data as Record<string, unknown>)\n\t\t\t: undefined;\n\tconst item =\n\t\tobj?.item && typeof obj.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof\n\t\t\t\t(obj.item as Record<string, unknown>)\n\t\t\t: obj;\n\treturn {\n\t\tauthorId: typeof item?.authorId === \"string\" ? item.authorId : \"\",\n\t\tresolvedId: typeof item?.id === \"string\" ? item.id : undefined,\n\t};\n}\n\nexport const POST: APIRoute = async ({ params, request, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\tconst body = await parseBody(request, contentScheduleBody);\n\tif (isParseError(body)) return body;\n\n\tif (!emdash?.handleContentSchedule || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst { authorId, resolvedId } = extractOwnership(existing.data);\n\tconst denied = requireOwnerPerm(user, authorId, \"content:publish_own\", \"content:publish_any\");\n\tif (denied) return denied;\n\n\tconst result = await emdash.handleContentSchedule(collection, resolvedId ?? id, body.scheduledAt);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId ?? id] });\n\n\treturn unwrapResult(result);\n};\n\nexport const DELETE: APIRoute = async ({ params, locals, cache }) => {\n\tconst { emdash, user } = locals;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentUnschedule || !emdash?.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Fetch item to check ownership\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"UNKNOWN_ERROR\",\n\t\t\texisting.error?.message ?? \"Unknown error\",\n\t\t\tmapErrorStatus(existing.error?.code),\n\t\t);\n\t}\n\n\tconst { authorId, resolvedId } = extractOwnership(existing.data);\n\tconst denied = requireOwnerPerm(user, authorId, \"content:publish_own\", \"content:publish_any\");\n\tif (denied) return denied;\n\n\tconst result = await emdash.handleContentUnschedule(collection, resolvedId ?? id);\n\n\tif (!result.success) return unwrapResult(result);\n\n\tif (cache?.enabled) await cache.invalidate({ tags: [collection, resolvedId ?? id] });\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;;;;;AAcA,MAAa,YAAY;;;;AAKzB,SAAS,iBAAiB,MAAqE;CAC9F,MAAM,MACL,QAAQ,OAAO,SAAS,WAErB,OACA;CACJ,MAAM,OACL,KAAK,QAAQ,OAAO,IAAI,SAAS,WAE9B,IAAI,OACJ;AACJ,QAAO;EACN,UAAU,OAAO,MAAM,aAAa,WAAW,KAAK,WAAW;EAC/D,YAAY,OAAO,MAAM,OAAO,WAAW,KAAK,KAAK;EACrD;;AAGF,MAAa,OAAiB,OAAO,EAAE,QAAQ,SAAS,QAAQ,YAAY;CAC3E,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;CAClB,MAAM,OAAO,MAAM,UAAU,SAAS,oBAAoB;AAC1D,KAAI,aAAa,KAAK,CAAE,QAAO;AAE/B,KAAI,CAAC,QAAQ,yBAAyB,CAAC,QAAQ,iBAC9C,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,EAAE,UAAU,eAAe,iBAAiB,SAAS,KAAK;CAChE,MAAM,SAAS,iBAAiB,MAAM,UAAU,uBAAuB,sBAAsB;AAC7F,KAAI,OAAQ,QAAO;CAEnB,MAAM,SAAS,MAAM,OAAO,sBAAsB,YAAY,cAAc,IAAI,KAAK,YAAY;AAEjG,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,cAAc,GAAG,EAAE,CAAC;AAEpF,QAAO,aAAa,OAAO;;AAG5B,MAAa,SAAmB,OAAO,EAAE,QAAQ,QAAQ,YAAY;CACpE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,2BAA2B,CAAC,QAAQ,iBAChD,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,iBACxB,SAAS,OAAO,WAAW,iBAC3B,eAAe,SAAS,OAAO,KAAK,CACpC;CAGF,MAAM,EAAE,UAAU,eAAe,iBAAiB,SAAS,KAAK;CAChE,MAAM,SAAS,iBAAiB,MAAM,UAAU,uBAAuB,sBAAsB;AAC7F,KAAI,OAAQ,QAAO;CAEnB,MAAM,SAAS,MAAM,OAAO,wBAAwB,YAAY,cAAc,GAAG;AAEjF,KAAI,CAAC,OAAO,QAAS,QAAO,aAAa,OAAO;AAEhD,KAAI,OAAO,QAAS,OAAM,MAAM,WAAW,EAAE,MAAM,CAAC,YAAY,cAAc,GAAG,EAAE,CAAC;AAEpF,QAAO,aAAa,OAAO"}

package/dist/astro/routes/api/content/_collection_/_id_/terms/_taxonomy_.mjs

@@ -1,16 +1,17 @@
 import "../../../../../../../dialect-helpers-BKCvISIQ.mjs";
 import "../../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../../types-CwXMEPRr.mjs";
-import { t as TaxonomyRepository } from "../../../../../../../taxonomy-wPfusMK9.mjs";
+import "../../../../../../../types-B0bmgwMG.mjs";
+import { t as TaxonomyRepository } from "../../../../../../../taxonomy-zqGQUqgu.mjs";
 import "../../../../../../../request-cache-dzCt8TZB.mjs";
-import "../../../../../../../loader-Cs6-Bqe6.mjs";
-import { l as invalidateTermCache } from "../../../../../../../taxonomies-Cn9UpaR2.mjs";
-import { i as requireDb, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../../error-tSQWIl5U.mjs";
-import { n as parseBody, t as isParseError } from "../../../../../../../parse-BFTPon-J.mjs";
-import { ln as contentTermsBody } from "../../../../../../../redirects-Dmj6KRU3.mjs";
-import "../../../../../../../setup-BGAJ2uXs.mjs";
+import "../../../../../../../loader-D-vIJjfY.mjs";
+import "../../../../../../../resolve-D6sM-SgF.mjs";
+import { l as invalidateTermCache } from "../../../../../../../taxonomies-CcvrMLbR.mjs";
+import { i as requireDb, n as apiSuccess, r as handleError, t as apiError } from "../../../../../../../error-ChfADBuu.mjs";
+import { n as parseBody, t as isParseError } from "../../../../../../../parse-DHbXfvxO.mjs";
+import { ln as contentTermsBody } from "../../../../../../../redirects-COMLwsV5.mjs";
+import "../../../../../../../setup-Cf_TyOv5.mjs";
 import "../../../../../../../api/schemas/index.mjs";
-import { n as requirePerm, t as requireOwnerPerm } from "../../../../../../../authorize-BlyCH-96.mjs";
+import { n as requirePerm, t as requireOwnerPerm } from "../../../../../../../authorize-Bn4S4DUT.mjs";
 
 //#region src/astro/routes/api/content/[collection]/[id]/terms/[taxonomy].ts
 const prerender = false;

package/dist/astro/routes/api/content/_collection_/_id_/terms/_taxonomy_.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"_taxonomy_.mjs","names":[],"sources":["../../../../../../../../src/astro/routes/api/content/[collection]/[id]/terms/[taxonomy].ts"],"sourcesContent":["/**\n * Content-taxonomy association endpoint\n *\n * GET /_emdash/api/content/:collection/:id/terms/:taxonomy - Get terms for an entry\n * POST /_emdash/api/content/:collection/:id/terms/:taxonomy - Set terms for an entry\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requirePerm, requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, apiSuccess, handleError, requireDb } from \"#api/error.js\";\nimport { parseBody, isParseError } from \"#api/parse.js\";\nimport { contentTermsBody } from \"#api/schemas.js\";\nimport { TaxonomyRepository } from \"#db/repositories/taxonomy.js\";\nimport { invalidateTermCache } from \"#taxonomies/index.js\";\n\nexport const prerender = false;\n\n/**\n * Get terms assigned to an entry\n */\nexport const GET: APIRoute = async ({ params, locals }) => {\n\tconst { emdash, user } = locals;\n\tconst { collection, id, taxonomy } = params;\n\n\tconst denied = requirePerm(user, \"content:read\");\n\tif (denied) return denied;\n\n\tif (!collection || !id || !taxonomy) {\n\t\treturn apiError(\"VALIDATION_ERROR\", \"Collection, id, and taxonomy required\", 400);\n\t}\n\n\tconst dbErr = requireDb(emdash?.db);\n\tif (dbErr) return dbErr;\n\n\ttry {\n\t\tconst repo = new TaxonomyRepository(emdash!.db);\n\t\tconst terms = await repo.getTermsForEntry(collection, id, taxonomy);\n\n\t\treturn apiSuccess({\n\t\t\tterms: terms.map((t) => ({\n\t\t\t\tid: t.id,\n\t\t\t\tname: t.name,\n\t\t\t\tslug: t.slug,\n\t\t\t\tlabel: t.label,\n\t\t\t\tparentId: t.parentId,\n\t\t\t})),\n\t\t});\n\t} catch (error) {\n\t\treturn handleError(error, \"Failed to get entry terms\", \"TERMS_GET_ERROR\");\n\t}\n};\n\n/**\n * Set terms for an entry (replaces existing)\n */\nexport const POST: APIRoute = async ({ params, request, locals }) => {\n\tconst { emdash, user } = locals;\n\tconst { collection, id, taxonomy } = params;\n\n\tif (!collection || !id || !taxonomy) {\n\t\treturn apiError(\"VALIDATION_ERROR\", \"Collection, id, and taxonomy required\", 400);\n\t}\n\n\tconst denied = requirePerm(user, \"content:edit_own\");\n\tif (denied) return denied;\n\n\tconst dbErr = requireDb(emdash?.db);\n\tif (dbErr) return dbErr;\n\n\tif (!emdash!.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Verify the content exists before modifying its terms\n\tconst existing = await emdash!.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"NOT_FOUND\",\n\t\t\texisting.error?.message ?? \"Content not found\",\n\t\t\texisting.error?.code === \"NOT_FOUND\" ? 404 : 500,\n\t\t);\n\t}\n\n\t// Check ownership for edit permission\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst editDenied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (editDenied) return editDenied;\n\n\t// Resolve the canonical content ID from the handler result.\n\t// The URL `id` param may be a slug; we must use the real ID for term storage.\n\tconst canonicalId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\ttry {\n\t\tconst body = await parseBody(request, contentTermsBody);\n\t\tif (isParseError(body)) return body;\n\t\tconst { termIds } = body;\n\n\t\tconst repo = new TaxonomyRepository(emdash!.db);\n\n\t\t// Verify all term IDs exist and belong to the correct taxonomy\n\t\tfor (const termId of termIds) {\n\t\t\tconst term = await repo.findById(termId);\n\t\t\tif (!term) {\n\t\t\t\treturn apiError(\"NOT_FOUND\", `Term ID '${termId}' not found`, 404);\n\t\t\t}\n\t\t\tif (term.name !== taxonomy) {\n\t\t\t\treturn apiError(\n\t\t\t\t\t\"VALIDATION_ERROR\",\n\t\t\t\t\t`Term ID '${termId}' does not belong to taxonomy '${taxonomy}'`,\n\t\t\t\t\t400,\n\t\t\t\t);\n\t\t\t}\n\t\t}\n\n\t\t// Set the terms (replaces existing) using the canonical ID\n\t\tawait repo.setTermsForEntry(collection, canonicalId, taxonomy, termIds);\n\n\t\t// Term assignments changed — invalidate the hasAnyTermAssignments cache\n\t\t// so hydration on subsequent reads issues a fresh query.\n\t\tinvalidateTermCache();\n\n\t\t// Get the updated terms using the canonical ID\n\t\tconst terms = await repo.getTermsForEntry(collection, canonicalId, taxonomy);\n\n\t\treturn apiSuccess({\n\t\t\tterms: terms.map((t) => ({\n\t\t\t\tid: t.id,\n\t\t\t\tname: t.name,\n\t\t\t\tslug: t.slug,\n\t\t\t\tlabel: t.label,\n\t\t\t\tparentId: t.parentId,\n\t\t\t})),\n\t\t});\n\t} catch (error) {\n\t\treturn handleError(error, \"Failed to set entry terms\", \"TERMS_SET_ERROR\");\n\t}\n};\n"],"mappings":";;;;;;;;;;;;;;;AAgBA,MAAa,YAAY;;;;AAKzB,MAAa,MAAgB,OAAO,EAAE,QAAQ,aAAa;CAC1D,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,EAAE,YAAY,IAAI,aAAa;CAErC,MAAM,SAAS,YAAY,MAAM,eAAe;AAChD,KAAI,OAAQ,QAAO;AAEnB,KAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAC1B,QAAO,SAAS,oBAAoB,yCAAyC,IAAI;CAGlF,MAAM,QAAQ,UAAU,QAAQ,GAAG;AACnC,KAAI,MAAO,QAAO;AAElB,KAAI;AAIH,SAAO,WAAW,EACjB,QAHa,MADD,IAAI,mBAAmB,OAAQ,GAAG,CACtB,iBAAiB,YAAY,IAAI,SAAS,EAGrD,KAAK,OAAO;GACxB,IAAI,EAAE;GACN,MAAM,EAAE;GACR,MAAM,EAAE;GACR,OAAO,EAAE;GACT,UAAU,EAAE;GACZ,EAAE,EACH,CAAC;UACM,OAAO;AACf,SAAO,YAAY,OAAO,6BAA6B,kBAAkB;;;;;;AAO3E,MAAa,OAAiB,OAAO,EAAE,QAAQ,SAAS,aAAa;CACpE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,EAAE,YAAY,IAAI,aAAa;AAErC,KAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAC1B,QAAO,SAAS,oBAAoB,yCAAyC,IAAI;CAGlF,MAAM,SAAS,YAAY,MAAM,mBAAmB;AACpD,KAAI,OAAQ,QAAO;CAEnB,MAAM,QAAQ,UAAU,QAAQ,GAAG;AACnC,KAAI,MAAO,QAAO;AAElB,KAAI,CAAC,OAAQ,iBACZ,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAQ,iBAAiB,YAAY,GAAG;AAC/D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,aACxB,SAAS,OAAO,WAAW,qBAC3B,SAAS,OAAO,SAAS,cAAc,MAAM,IAC7C;CAIF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,aAAa,iBAAiB,MADnB,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IAClC,oBAAoB,mBAAmB;AAC3F,KAAI,WAAY,QAAO;CAIvB,MAAM,cAAc,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;AAE7E,KAAI;EACH,MAAM,OAAO,MAAM,UAAU,SAAS,iBAAiB;AACvD,MAAI,aAAa,KAAK,CAAE,QAAO;EAC/B,MAAM,EAAE,YAAY;EAEpB,MAAM,OAAO,IAAI,mBAAmB,OAAQ,GAAG;AAG/C,OAAK,MAAM,UAAU,SAAS;GAC7B,MAAM,OAAO,MAAM,KAAK,SAAS,OAAO;AACxC,OAAI,CAAC,KACJ,QAAO,SAAS,aAAa,YAAY,OAAO,cAAc,IAAI;AAEnE,OAAI,KAAK,SAAS,SACjB,QAAO,SACN,oBACA,YAAY,OAAO,iCAAiC,SAAS,IAC7D,IACA;;AAKH,QAAM,KAAK,iBAAiB,YAAY,aAAa,UAAU,QAAQ;AAIvE,uCAAqB;AAKrB,SAAO,WAAW,EACjB,QAHa,MAAM,KAAK,iBAAiB,YAAY,aAAa,SAAS,EAG9D,KAAK,OAAO;GACxB,IAAI,EAAE;GACN,MAAM,EAAE;GACR,MAAM,EAAE;GACR,OAAO,EAAE;GACT,UAAU,EAAE;GACZ,EAAE,EACH,CAAC;UACM,OAAO;AACf,SAAO,YAAY,OAAO,6BAA6B,kBAAkB"}
+{"version":3,"file":"_taxonomy_.mjs","names":[],"sources":["../../../../../../../../src/astro/routes/api/content/[collection]/[id]/terms/[taxonomy].ts"],"sourcesContent":["/**\n * Content-taxonomy association endpoint\n *\n * GET /_emdash/api/content/:collection/:id/terms/:taxonomy - Get terms for an entry\n * POST /_emdash/api/content/:collection/:id/terms/:taxonomy - Set terms for an entry\n */\n\nimport type { APIRoute } from \"astro\";\n\nimport { requirePerm, requireOwnerPerm } from \"#api/authorize.js\";\nimport { apiError, apiSuccess, handleError, requireDb } from \"#api/error.js\";\nimport { parseBody, isParseError } from \"#api/parse.js\";\nimport { contentTermsBody } from \"#api/schemas.js\";\nimport { TaxonomyRepository } from \"#db/repositories/taxonomy.js\";\nimport { invalidateTermCache } from \"#taxonomies/index.js\";\n\nexport const prerender = false;\n\n/**\n * Get terms assigned to an entry\n */\nexport const GET: APIRoute = async ({ params, locals }) => {\n\tconst { emdash, user } = locals;\n\tconst { collection, id, taxonomy } = params;\n\n\tconst denied = requirePerm(user, \"content:read\");\n\tif (denied) return denied;\n\n\tif (!collection || !id || !taxonomy) {\n\t\treturn apiError(\"VALIDATION_ERROR\", \"Collection, id, and taxonomy required\", 400);\n\t}\n\n\tconst dbErr = requireDb(emdash?.db);\n\tif (dbErr) return dbErr;\n\n\ttry {\n\t\tconst repo = new TaxonomyRepository(emdash.db);\n\t\tconst terms = await repo.getTermsForEntry(collection, id, taxonomy);\n\n\t\treturn apiSuccess({\n\t\t\tterms: terms.map((t) => ({\n\t\t\t\tid: t.id,\n\t\t\t\tname: t.name,\n\t\t\t\tslug: t.slug,\n\t\t\t\tlabel: t.label,\n\t\t\t\tparentId: t.parentId,\n\t\t\t})),\n\t\t});\n\t} catch (error) {\n\t\treturn handleError(error, \"Failed to get entry terms\", \"TERMS_GET_ERROR\");\n\t}\n};\n\n/**\n * Set terms for an entry (replaces existing)\n */\nexport const POST: APIRoute = async ({ params, request, locals }) => {\n\tconst { emdash, user } = locals;\n\tconst { collection, id, taxonomy } = params;\n\n\tif (!collection || !id || !taxonomy) {\n\t\treturn apiError(\"VALIDATION_ERROR\", \"Collection, id, and taxonomy required\", 400);\n\t}\n\n\tconst denied = requirePerm(user, \"content:edit_own\");\n\tif (denied) return denied;\n\n\tconst dbErr = requireDb(emdash?.db);\n\tif (dbErr) return dbErr;\n\n\tif (!emdash.handleContentGet) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\t// Verify the content exists before modifying its terms\n\tconst existing = await emdash.handleContentGet(collection, id);\n\tif (!existing.success) {\n\t\treturn apiError(\n\t\t\texisting.error?.code ?? \"NOT_FOUND\",\n\t\t\texisting.error?.message ?? \"Content not found\",\n\t\t\texisting.error?.code === \"NOT_FOUND\" ? 404 : 500,\n\t\t);\n\t}\n\n\t// Check ownership for edit permission\n\tconst existingData =\n\t\texisting.data && typeof existing.data === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above\n\t\t\t\t(existing.data as Record<string, unknown>)\n\t\t\t: undefined;\n\t// Handler returns { item, _rev } — extract the item for ownership check\n\tconst existingItem =\n\t\texistingData?.item && typeof existingData.item === \"object\"\n\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above\n\t\t\t\t(existingData.item as Record<string, unknown>)\n\t\t\t: existingData;\n\tconst authorId = typeof existingItem?.authorId === \"string\" ? existingItem.authorId : \"\";\n\tconst editDenied = requireOwnerPerm(user, authorId, \"content:edit_own\", \"content:edit_any\");\n\tif (editDenied) return editDenied;\n\n\t// Resolve the canonical content ID from the handler result.\n\t// The URL `id` param may be a slug; we must use the real ID for term storage.\n\tconst canonicalId = typeof existingItem?.id === \"string\" ? existingItem.id : id;\n\n\ttry {\n\t\tconst body = await parseBody(request, contentTermsBody);\n\t\tif (isParseError(body)) return body;\n\t\tconst { termIds } = body;\n\n\t\tconst repo = new TaxonomyRepository(emdash.db);\n\n\t\t// Verify all term IDs exist and belong to the correct taxonomy\n\t\tfor (const termId of termIds) {\n\t\t\tconst term = await repo.findById(termId);\n\t\t\tif (!term) {\n\t\t\t\treturn apiError(\"NOT_FOUND\", `Term ID '${termId}' not found`, 404);\n\t\t\t}\n\t\t\tif (term.name !== taxonomy) {\n\t\t\t\treturn apiError(\n\t\t\t\t\t\"VALIDATION_ERROR\",\n\t\t\t\t\t`Term ID '${termId}' does not belong to taxonomy '${taxonomy}'`,\n\t\t\t\t\t400,\n\t\t\t\t);\n\t\t\t}\n\t\t}\n\n\t\t// Set the terms (replaces existing) using the canonical ID\n\t\tawait repo.setTermsForEntry(collection, canonicalId, taxonomy, termIds);\n\n\t\t// Term assignments changed — invalidate the hasAnyTermAssignments cache\n\t\t// so hydration on subsequent reads issues a fresh query.\n\t\tinvalidateTermCache();\n\n\t\t// Get the updated terms using the canonical ID\n\t\tconst terms = await repo.getTermsForEntry(collection, canonicalId, taxonomy);\n\n\t\treturn apiSuccess({\n\t\t\tterms: terms.map((t) => ({\n\t\t\t\tid: t.id,\n\t\t\t\tname: t.name,\n\t\t\t\tslug: t.slug,\n\t\t\t\tlabel: t.label,\n\t\t\t\tparentId: t.parentId,\n\t\t\t})),\n\t\t});\n\t} catch (error) {\n\t\treturn handleError(error, \"Failed to set entry terms\", \"TERMS_SET_ERROR\");\n\t}\n};\n"],"mappings":";;;;;;;;;;;;;;;;AAgBA,MAAa,YAAY;;;;AAKzB,MAAa,MAAgB,OAAO,EAAE,QAAQ,aAAa;CAC1D,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,EAAE,YAAY,IAAI,aAAa;CAErC,MAAM,SAAS,YAAY,MAAM,eAAe;AAChD,KAAI,OAAQ,QAAO;AAEnB,KAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAC1B,QAAO,SAAS,oBAAoB,yCAAyC,IAAI;CAGlF,MAAM,QAAQ,UAAU,QAAQ,GAAG;AACnC,KAAI,MAAO,QAAO;AAElB,KAAI;AAIH,SAAO,WAAW,EACjB,QAHa,MADD,IAAI,mBAAmB,OAAO,GAAG,CACrB,iBAAiB,YAAY,IAAI,SAAS,EAGrD,KAAK,OAAO;GACxB,IAAI,EAAE;GACN,MAAM,EAAE;GACR,MAAM,EAAE;GACR,OAAO,EAAE;GACT,UAAU,EAAE;GACZ,EAAE,EACH,CAAC;UACM,OAAO;AACf,SAAO,YAAY,OAAO,6BAA6B,kBAAkB;;;;;;AAO3E,MAAa,OAAiB,OAAO,EAAE,QAAQ,SAAS,aAAa;CACpE,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,EAAE,YAAY,IAAI,aAAa;AAErC,KAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAC1B,QAAO,SAAS,oBAAoB,yCAAyC,IAAI;CAGlF,MAAM,SAAS,YAAY,MAAM,mBAAmB;AACpD,KAAI,OAAQ,QAAO;CAEnB,MAAM,QAAQ,UAAU,QAAQ,GAAG;AACnC,KAAI,MAAO,QAAO;AAElB,KAAI,CAAC,OAAO,iBACX,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAIpE,MAAM,WAAW,MAAM,OAAO,iBAAiB,YAAY,GAAG;AAC9D,KAAI,CAAC,SAAS,QACb,QAAO,SACN,SAAS,OAAO,QAAQ,aACxB,SAAS,OAAO,WAAW,qBAC3B,SAAS,OAAO,SAAS,cAAc,MAAM,IAC7C;CAIF,MAAM,eACL,SAAS,QAAQ,OAAO,SAAS,SAAS,WAEvC,SAAS,OACT;CAEJ,MAAM,eACL,cAAc,QAAQ,OAAO,aAAa,SAAS,WAEhD,aAAa,OACb;CAEJ,MAAM,aAAa,iBAAiB,MADnB,OAAO,cAAc,aAAa,WAAW,aAAa,WAAW,IAClC,oBAAoB,mBAAmB;AAC3F,KAAI,WAAY,QAAO;CAIvB,MAAM,cAAc,OAAO,cAAc,OAAO,WAAW,aAAa,KAAK;AAE7E,KAAI;EACH,MAAM,OAAO,MAAM,UAAU,SAAS,iBAAiB;AACvD,MAAI,aAAa,KAAK,CAAE,QAAO;EAC/B,MAAM,EAAE,YAAY;EAEpB,MAAM,OAAO,IAAI,mBAAmB,OAAO,GAAG;AAG9C,OAAK,MAAM,UAAU,SAAS;GAC7B,MAAM,OAAO,MAAM,KAAK,SAAS,OAAO;AACxC,OAAI,CAAC,KACJ,QAAO,SAAS,aAAa,YAAY,OAAO,cAAc,IAAI;AAEnE,OAAI,KAAK,SAAS,SACjB,QAAO,SACN,oBACA,YAAY,OAAO,iCAAiC,SAAS,IAC7D,IACA;;AAKH,QAAM,KAAK,iBAAiB,YAAY,aAAa,UAAU,QAAQ;AAIvE,uCAAqB;AAKrB,SAAO,WAAW,EACjB,QAHa,MAAM,KAAK,iBAAiB,YAAY,aAAa,SAAS,EAG9D,KAAK,OAAO;GACxB,IAAI,EAAE;GACN,MAAM,EAAE;GACR,MAAM,EAAE;GACR,OAAO,EAAE;GACT,UAAU,EAAE;GACZ,EAAE,EACH,CAAC;UACM,OAAO;AACf,SAAO,YAAY,OAAO,6BAA6B,kBAAkB"}

package/dist/astro/routes/api/content/_collection_/_id_/translations.mjs

@@ -1,7 +1,7 @@
 import "../../../../../../base64-CqR-7kqF.mjs";
-import "../../../../../../types-CwXMEPRr.mjs";
-import { a as unwrapResult, t as apiError } from "../../../../../../error-tSQWIl5U.mjs";
-import { n as requirePerm } from "../../../../../../authorize-BlyCH-96.mjs";
+import "../../../../../../types-B0bmgwMG.mjs";
+import { a as unwrapResult, t as apiError } from "../../../../../../error-ChfADBuu.mjs";
+import { n as requirePerm } from "../../../../../../authorize-Bn4S4DUT.mjs";
 import { hasPermission } from "@emdash-cms/auth";
 
 //#region src/astro/routes/api/content/[collection]/[id]/translations.ts

package/dist/astro/routes/api/content/_collection_/_id_/translations.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"translations.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/translations.ts"],"sourcesContent":["/**\n * Content translations endpoint\n *\n * GET /_emdash/api/content/{collection}/{id}/translations\n *\n * Returns all locale variants linked to the same translation group.\n */\n\nimport { hasPermission } from \"@emdash-cms/auth\";\nimport type { APIRoute } from \"astro\";\n\nimport { requirePerm } from \"#api/authorize.js\";\nimport { apiError, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nfunction isPublished(t: unknown): boolean {\n\treturn (\n\t\ttypeof t === \"object\" &&\n\t\tt !== null &&\n\t\t\"status\" in t &&\n\t\t(t as Record<string, unknown>).status === \"published\"\n\t);\n}\n\nexport const GET: APIRoute = async ({ params, locals }) => {\n\tconst { emdash, user } = locals;\n\tconst denied = requirePerm(user, \"content:read\");\n\tif (denied) return denied;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentTranslations) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\tconst result = await emdash.handleContentTranslations(collection, id);\n\n\t// Filter out non-published translations for users without read_drafts so a\n\t// subscriber can't enumerate locales that aren't yet live.\n\tif (result.success && !hasPermission(user, \"content:read_drafts\")) {\n\t\tconst data =\n\t\t\tresult.data && typeof result.data === \"object\"\n\t\t\t\t? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check\n\t\t\t\t\t(result.data as Record<string, unknown>)\n\t\t\t\t: undefined;\n\t\tconst translations = Array.isArray(data?.translations) ? data.translations : [];\n\t\tconst filtered = translations.filter(isPublished);\n\t\treturn unwrapResult({\n\t\t\tsuccess: true,\n\t\t\tdata: { ...data, translations: filtered },\n\t\t});\n\t}\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;;;;;;;;;AAcA,MAAa,YAAY;AAEzB,SAAS,YAAY,GAAqB;AACzC,QACC,OAAO,MAAM,YACb,MAAM,QACN,YAAY,KACX,EAA8B,WAAW;;AAI5C,MAAa,MAAgB,OAAO,EAAE,QAAQ,aAAa;CAC1D,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,SAAS,YAAY,MAAM,eAAe;AAChD,KAAI,OAAQ,QAAO;CACnB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,0BACZ,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAGpE,MAAM,SAAS,MAAM,OAAO,0BAA0B,YAAY,GAAG;AAIrE,KAAI,OAAO,WAAW,CAAC,cAAc,MAAM,sBAAsB,EAAE;EAClE,MAAM,OACL,OAAO,QAAQ,OAAO,OAAO,SAAS,WAEnC,OAAO,OACP;EAEJ,MAAM,YADe,MAAM,QAAQ,MAAM,aAAa,GAAG,KAAK,eAAe,EAAE,EACjD,OAAO,YAAY;AACjD,SAAO,aAAa;GACnB,SAAS;GACT,MAAM;IAAE,GAAG;IAAM,cAAc;IAAU;GACzC,CAAC;;AAGH,QAAO,aAAa,OAAO"}
+{"version":3,"file":"translations.mjs","names":[],"sources":["../../../../../../../src/astro/routes/api/content/[collection]/[id]/translations.ts"],"sourcesContent":["/**\n * Content translations endpoint\n *\n * GET /_emdash/api/content/{collection}/{id}/translations\n *\n * Returns all locale variants linked to the same translation group.\n */\n\nimport { hasPermission } from \"@emdash-cms/auth\";\nimport type { APIRoute } from \"astro\";\n\nimport { requirePerm } from \"#api/authorize.js\";\nimport { apiError, unwrapResult } from \"#api/error.js\";\n\nexport const prerender = false;\n\nfunction isPublished(t: unknown): boolean {\n\treturn (\n\t\ttypeof t === \"object\" &&\n\t\tt !== null &&\n\t\t\"status\" in t &&\n\t\t(t as Record<string, unknown>).status === \"published\"\n\t);\n}\n\nexport const GET: APIRoute = async ({ params, locals }) => {\n\tconst { emdash, user } = locals;\n\tconst denied = requirePerm(user, \"content:read\");\n\tif (denied) return denied;\n\tconst collection = params.collection!;\n\tconst id = params.id!;\n\n\tif (!emdash?.handleContentTranslations) {\n\t\treturn apiError(\"NOT_CONFIGURED\", \"EmDash is not initialized\", 500);\n\t}\n\n\tconst result = await emdash.handleContentTranslations(collection, id);\n\n\t// Filter out non-published translations for users without read_drafts so a\n\t// subscriber can't enumerate locales that aren't yet live.\n\tif (result.success && !hasPermission(user, \"content:read_drafts\")) {\n\t\tconst data =\n\t\t\tresult.data && typeof result.data === \"object\"\n\t\t\t\t? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check\n\t\t\t\t\t(result.data as Record<string, unknown>)\n\t\t\t\t: undefined;\n\t\tconst translations = Array.isArray(data?.translations) ? data.translations : [];\n\t\tconst filtered = translations.filter(isPublished);\n\t\treturn unwrapResult({\n\t\t\tsuccess: true,\n\t\t\tdata: { ...data, translations: filtered },\n\t\t});\n\t}\n\n\treturn unwrapResult(result);\n};\n"],"mappings":";;;;;;;;;;;;;;AAcA,MAAa,YAAY;AAEzB,SAAS,YAAY,GAAqB;AACzC,QACC,OAAO,MAAM,YACb,MAAM,QACN,YAAY,KACX,EAA8B,WAAW;;AAI5C,MAAa,MAAgB,OAAO,EAAE,QAAQ,aAAa;CAC1D,MAAM,EAAE,QAAQ,SAAS;CACzB,MAAM,SAAS,YAAY,MAAM,eAAe;AAChD,KAAI,OAAQ,QAAO;CACnB,MAAM,aAAa,OAAO;CAC1B,MAAM,KAAK,OAAO;AAElB,KAAI,CAAC,QAAQ,0BACZ,QAAO,SAAS,kBAAkB,6BAA6B,IAAI;CAGpE,MAAM,SAAS,MAAM,OAAO,0BAA0B,YAAY,GAAG;AAIrE,KAAI,OAAO,WAAW,CAAC,cAAc,MAAM,sBAAsB,EAAE;EAClE,MAAM,OACL,OAAO,QAAQ,OAAO,OAAO,SAAS,WAEnC,OAAO,OACP;EAEJ,MAAM,YADe,MAAM,QAAQ,MAAM,aAAa,GAAG,KAAK,eAAe,EAAE,EACjD,OAAO,YAAY;AACjD,SAAO,aAAa;GACnB,SAAS;GACT,MAAM;IAAE,GAAG;IAAM,cAAc;IAAU;GACzC,CAAC;;AAGH,QAAO,aAAa,OAAO"}