najm-auth 0.1.11 → 0.1.13

package/dist/index.mjs

@@ -1,2706 +0,0 @@
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __decorateClass = (decorators, target, key, kind) => {
-  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
-  for (var i = decorators.length - 1, decorator; i >= 0; i--)
-    if (decorator = decorators[i])
-      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
-  if (kind && result) __defProp(target, key, result);
-  return result;
-};
-var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
-
-// src/auth/EncryptionService.ts
-import { Injectable } from "najm-api";
-import bcrypt from "bcrypt";
-var EncryptionService = class {
-  constructor() {
-  }
-  async hashPassword(password) {
-    if (!password) return null;
-    if (typeof password !== "string" || password.trim().length === 0) {
-      return null;
-    }
-    return bcrypt.hash(password, 10);
-  }
-  async comparePassword(password, hashedPassword) {
-    return bcrypt.compare(password, hashedPassword);
-  }
-};
-EncryptionService = __decorateClass([
-  Injectable()
-], EncryptionService);
-
-// src/auth/CookieService.ts
-import { setCookie, Injectable as Injectable2, deleteCookie } from "najm-api";
-import timestring from "timestring";
-var CookieService = class {
-  setRefreshCookie(refreshToken) {
-    const maxAge = timestring(process.env.REFRESH_EXPIRES_IN, "s");
-    setCookie("refreshToken", refreshToken, {
-      httpOnly: false,
-      sameSite: "Lax",
-      maxAge,
-      path: "/api/auth/refresh"
-    });
-  }
-  clearRefreshCookie() {
-    deleteCookie("refreshToken", {
-      httpOnly: false,
-      sameSite: "Lax",
-      path: "/api/auth/refresh",
-      maxAge: 0
-    });
-  }
-};
-CookieService = __decorateClass([
-  Injectable2()
-], CookieService);
-
-// src/auth/AuthController.ts
-import { Controller, Get, Post, Params, Body, User, t } from "najm-api";
-
-// src/roles/RoleGuards.ts
-import { Injectable as Injectable3, Headers, createGuard, GuardParams, Ctx } from "najm-api";
-var ROLES = {
-  ADMIN: "admin",
-  PRINCIPAL: "principal",
-  ACCOUNTING: "accounting",
-  SECRETARY: "secretary",
-  TEACHER: "teacher",
-  STUDENT: "student",
-  PARENT: "parent"
-};
-var ROLE_GROUPS = {
-  ADMINISTRATORS: [ROLES.ADMIN, ROLES.PRINCIPAL],
-  FINANCIAL: [ROLES.ADMIN, ROLES.ACCOUNTING],
-  STAFF: [ROLES.ADMIN, ROLES.PRINCIPAL, ROLES.ACCOUNTING, ROLES.SECRETARY, ROLES.TEACHER],
-  END_USERS: [ROLES.STUDENT, ROLES.PARENT],
-  ALL: [ROLES.ADMIN, ROLES.PRINCIPAL, ROLES.ACCOUNTING, ROLES.SECRETARY, ROLES.TEACHER, ROLES.STUDENT, ROLES.PARENT]
-};
-var RoleChecker = class {
-  isInGroup(userRole, group) {
-    return group.includes(userRole?.toLowerCase());
-  }
-  isAdministrator(userRole) {
-    return this.isInGroup(userRole, ROLE_GROUPS.ADMINISTRATORS);
-  }
-  isStaff(userRole) {
-    return this.isInGroup(userRole, ROLE_GROUPS.STAFF);
-  }
-  hasAnyRole(userRole, roles) {
-    return roles.includes(userRole?.toLowerCase());
-  }
-  hasExactRole(userRole, requiredRole) {
-    return userRole?.toLowerCase() === requiredRole?.toLowerCase();
-  }
-};
-RoleChecker = __decorateClass([
-  Injectable3()
-], RoleChecker);
-var RoleGuards = class {
-  constructor(roleChecker, tokenService) {
-    this.roleChecker = roleChecker;
-    this.tokenService = tokenService;
-  }
-  async isAuth(auth, ctx) {
-    const user = await this.tokenService.storeUserInCache(auth, ctx);
-    return !!user;
-  }
-  async hasRoles(auth, ctx, roles) {
-    try {
-      const user = await this.tokenService.storeUserInCache(auth, ctx);
-      if (!user?.role) return false;
-      const roleArray = Array.isArray(roles) ? roles : [roles];
-      return this.roleChecker.hasAnyRole(user.role, roleArray);
-    } catch {
-      return false;
-    }
-  }
-};
-__decorateClass([
-  __decorateParam(0, Headers("authorization")),
-  __decorateParam(1, Ctx())
-], RoleGuards.prototype, "isAuth", 1);
-__decorateClass([
-  __decorateParam(0, Headers("authorization")),
-  __decorateParam(1, Ctx()),
-  __decorateParam(2, GuardParams())
-], RoleGuards.prototype, "hasRoles", 1);
-RoleGuards = __decorateClass([
-  Injectable3()
-], RoleGuards);
-var isAdmin = () => Role("admin");
-var isPrincipal = () => Role("principal");
-var isAccounting = () => Role("accounting");
-var isSecretary = () => Role("secretary");
-var isTeacher = () => Role("teacher");
-var isParent = () => Role("parent");
-var isStudent = () => Role("student");
-var isAdministrator = () => Role("admin", "principal");
-var isFinancial = () => Role("admin", "accounting");
-var isStaff = () => Role("admin", "principal", "accounting", "secretary", "teacher");
-var isAuth = createGuard(RoleGuards, "isAuth");
-var Role = (...roles) => createGuard(RoleGuards, "hasRoles")(...roles);
-
-// src/auth/AuthController.ts
-var AuthController = class {
-  constructor(authService) {
-    this.authService = authService;
-  }
-  async registerUser(body) {
-    const data = await this.authService.registerUser(body);
-    return {
-      data,
-      message: t("auth.success.register"),
-      status: "success"
-    };
-  }
-  async loginUser(body) {
-    const data = await this.authService.loginUser(body);
-    return {
-      data,
-      message: t("auth.success.login"),
-      status: "success"
-    };
-  }
-  async refreshTokens() {
-    const data = await this.authService.refreshTokens();
-    return {
-      data,
-      message: t("auth.success.tokenRefreshed"),
-      status: "success"
-    };
-  }
-  async logoutUser(id) {
-    const data = await this.authService.logoutUser(id);
-    return {
-      data,
-      message: t("auth.success.logout"),
-      status: "success"
-    };
-  }
-  async userProfile(user) {
-    const data = await this.authService.getUserProfile(user);
-    return {
-      data,
-      message: t("users.success.retrieved"),
-      status: "success"
-    };
-  }
-  async forgotPassword(body) {
-    const data = await this.authService.forgotPassword(body.email);
-    return {
-      data,
-      message: t("auth.success.passwordReset"),
-      status: "success"
-    };
-  }
-};
-__decorateClass([
-  Post("/register"),
-  __decorateParam(0, Body())
-], AuthController.prototype, "registerUser", 1);
-__decorateClass([
-  Post("/login"),
-  __decorateParam(0, Body())
-], AuthController.prototype, "loginUser", 1);
-__decorateClass([
-  Get("/refresh")
-], AuthController.prototype, "refreshTokens", 1);
-__decorateClass([
-  Get("/logout/:id"),
-  __decorateParam(0, Params("id"))
-], AuthController.prototype, "logoutUser", 1);
-__decorateClass([
-  Get("/me"),
-  isAuth(),
-  __decorateParam(0, User())
-], AuthController.prototype, "userProfile", 1);
-__decorateClass([
-  Post("/forgot-password"),
-  isAuth(),
-  __decorateParam(0, Body())
-], AuthController.prototype, "forgotPassword", 1);
-AuthController = __decorateClass([
-  Controller("/auth")
-], AuthController);
-
-// src/auth/AuthService.ts
-import { t as t2 } from "najm-api";
-import { Injectable as Injectable4, getCurrentLanguage } from "najm-api";
-var AuthService = class {
-  constructor(tokenService, userService, userValidator, cookieService) {
-    this.tokenService = tokenService;
-    this.userService = userService;
-    this.userValidator = userValidator;
-    this.cookieService = cookieService;
-  }
-  async registerUser(body) {
-    return await this.userService.create(body);
-  }
-  async loginUser(body) {
-    const { email, password } = body;
-    if (!email || !password) {
-      throw new Error(t2("auth.errors.invalidCredentials"));
-    }
-    const existingPassword = await this.userService.getPassword(email);
-    const { id } = await this.userService.getByEmail(email);
-    await this.userValidator.checkPasswordValid(password, existingPassword);
-    const data = await this.tokenService.generateTokens(id);
-    this.cookieService.setRefreshCookie(data.refreshToken);
-    return data;
-  }
-  async refreshTokens() {
-    const data = await this.tokenService.refreshTokens();
-    this.cookieService.setRefreshCookie(data.refreshToken);
-    return data;
-  }
-  async logoutUser(userId) {
-    await this.userValidator.checkUserExists(userId);
-    await this.tokenService.revokeToken(userId);
-    this.cookieService.clearRefreshCookie();
-    return { data: null, message: t2("auth.success.logout") };
-  }
-  async getUserProfile(userData) {
-    const lang = getCurrentLanguage();
-    return {
-      ...userData,
-      language: lang
-    };
-  }
-  async forgotPassword(email) {
-  }
-};
-AuthService = __decorateClass([
-  Injectable4()
-], AuthService);
-
-// src/lib/ENUMS.ts
-var ENUMS = {
-  // Core System
-  userType: {
-    values: ["admin", "teacher", "student", "parent"],
-    translationKey: "enums.userType"
-  },
-  userStatus: {
-    values: ["active", "inactive", "pending"],
-    translationKey: "enums.userStatus"
-  },
-  tokenStatus: {
-    values: ["active", "revoked", "expired"],
-    translationKey: "enums.tokenStatus"
-  },
-  tokenType: {
-    values: ["access", "refresh"],
-    translationKey: "enums.tokenType"
-  },
-  fileStatus: {
-    values: ["active", "deleted", "archived"],
-    translationKey: "enums.fileStatus"
-  },
-  // Educational System
-  gender: {
-    values: ["M", "F"],
-    translationKey: "common.gender"
-  },
-  studentStatus: {
-    values: ["active", "inactive", "graduated", "transferred"],
-    translationKey: "students.status"
-  },
-  teacherStatus: {
-    values: ["active", "inactive", "onLeave"],
-    translationKey: "teachers.status"
-  },
-  employmentType: {
-    values: ["fullTime", "partTime", "contract", "temporary"],
-    translationKey: "teachers.employmentType"
-  },
-  relationshipType: {
-    values: ["father", "mother", "guardian", "stepparent", "grandparent", "other"],
-    translationKey: "parents.relationships"
-  },
-  semester: {
-    values: ["spring", "summer", "fall", "winter"],
-    translationKey: "academic.semester"
-  },
-  classStatus: {
-    values: ["active", "completed", "cancelled"],
-    translationKey: "classes.status"
-  },
-  sectionStatus: {
-    values: ["active", "inactive", "archived"],
-    translationKey: "sections.status"
-  },
-  language: {
-    values: ["en", "fr", "ar", "es"],
-    translationKey: "common.languages"
-  },
-  enrollmentStatus: {
-    values: ["enrolled", "completed", "dropped", "failed"],
-    translationKey: "enrollments.status"
-  },
-  assignmentStatus: {
-    values: ["active", "completed", "cancelled"],
-    translationKey: "assignments.status"
-  },
-  calendarSystem: {
-    values: ["SEMESTER", "TRIMESTER", "QUARTER"],
-    translationKey: "settings.calendarSystem"
-  },
-  // Assessment & Exams
-  assessmentType: {
-    values: ["quiz", "assignment", "project", "participation", "test", "presentation"],
-    translationKey: "assessments.type"
-  },
-  assessmentStatus: {
-    values: ["scheduled", "active", "completed", "cancelled"],
-    translationKey: "assessments.status"
-  },
-  submissionType: {
-    values: ["online", "paper", "presentation", "practical", "discussion"],
-    translationKey: "assessments.submissionType"
-  },
-  examType: {
-    values: ["midterm", "final", "standardized"],
-    translationKey: "exams.type"
-  },
-  examSecurity: {
-    values: ["low", "medium", "high"],
-    translationKey: "exams.security"
-  },
-  examStatus: {
-    values: ["scheduled", "active", "completed", "cancelled", "rescheduled"],
-    translationKey: "exams.status"
-  },
-  gradeStatus: {
-    values: ["graded", "pending", "draft", "reviewed"],
-    translationKey: "grades.status"
-  },
-  attendanceStatus: {
-    values: ["present", "absent", "late", "excused"],
-    translationKey: "attendance.status"
-  },
-  proficiencyLevel: {
-    values: ["beginner", "intermediate", "advanced", "expert"],
-    translationKey: "common.proficiencyLevel"
-  },
-  dayOfWeek: {
-    values: ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"],
-    translationKey: "common.days"
-  },
-  // Alerts
-  alertType: {
-    values: ["academic", "attendance", "behavioral", "health", "system", "announcement", "reminder", "emergency"],
-    translationKey: "alerts.type"
-  },
-  alertPriority: {
-    values: ["low", "medium", "high", "critical"],
-    translationKey: "alerts.priority"
-  },
-  alertStatus: {
-    values: ["active", "acknowledged", "resolved", "dismissed"],
-    translationKey: "alerts.status"
-  },
-  // Fees & Payments
-  feeTypeStatus: {
-    values: ["active", "inactive", "archived"],
-    translationKey: "fees.typeStatus"
-  },
-  feeCategory: {
-    values: ["tuition", "registration", "transport", "cafeteria", "books", "sports", "uniform", "technology", "fieldtrip", "other"],
-    translationKey: "feeTypes.category"
-  },
-  paymentType: {
-    values: ["recurring", "oneTime"],
-    translationKey: "payments.type"
-  },
-  schedule: {
-    values: ["monthly", "quarterly", "semester", "annually", "oneTime"],
-    translationKey: "fees.schedule"
-  },
-  feeStatus: {
-    values: ["pending", "partiallyPaid", "paid", "overdue"],
-    translationKey: "fees.status"
-  },
-  feeInstallmentStatus: {
-    values: ["pending", "partiallyPaid", "paid", "overdue"],
-    translationKey: "fees.installmentStatus"
-  },
-  paymentMethod: {
-    values: ["cash", "bankTransfer", "check", "creditCard", "debitCard", "online", "mobilePayment"],
-    translationKey: "payments.methods"
-  },
-  paymentStatus: {
-    values: ["completed", "pending", "failed", "refunded"],
-    translationKey: "payments.status"
-  },
-  // Events
-  eventType: {
-    values: ["academic", "sports", "cultural", "holiday", "exam", "meeting", "workshop", "fieldtrip", "ceremony", "conference", "other"],
-    translationKey: "events.type"
-  },
-  eventStatus: {
-    values: ["scheduled", "ongoing", "completed", "cancelled", "postponed"],
-    translationKey: "events.status"
-  },
-  eventVisibility: {
-    values: ["public", "private", "teachers", "students", "parents", "staff"],
-    translationKey: "events.visibility"
-  },
-  participantType: {
-    values: ["student", "teacher", "parent", "staff"],
-    translationKey: "events.participantType"
-  },
-  // Expenses
-  expenseCategory: {
-    values: ["salary", "utilities", "maintenance", "supplies", "equipment", "transport", "food", "security", "cleaning", "insurance", "rent", "tax", "marketing", "training", "technology", "miscellaneous"],
-    translationKey: "expenses.categories"
-  },
-  expenseStatus: {
-    values: ["pending", "approved", "paid", "rejected", "cancelled"],
-    translationKey: "expenses.status"
-  },
-  // Tracker
-  trackerMode: {
-    values: ["tracking", "gprs", "sms", "sleepTime", "sleepShock", "sleepDeep"],
-    translationKey: "tracker.mode"
-  },
-  // Transport
-  driverStatus: {
-    values: ["active", "inactive", "onLeave", "suspended"],
-    translationKey: "transport.driverStatus"
-  },
-  vehicleStatus: {
-    values: ["active", "inactive", "maintenance", "retired"],
-    translationKey: "transport.vehicleStatus"
-  },
-  vehicleType: {
-    values: ["sedan", "minibus", "fullbus", "shuttle"],
-    translationKey: "transport.vehicleType"
-  },
-  vehicleDocumentType: {
-    values: ["insurance", "registration", "inspection", "emission", "license"],
-    translationKey: "transport.documentType"
-  },
-  busStatus: {
-    values: ["active", "inactive", "maintenance", "retired"],
-    translationKey: "transport.busStatus"
-  },
-  refuelStatus: {
-    values: ["pending", "completed", "cancelled"],
-    translationKey: "transport.refuelStatus"
-  },
-  fuelType: {
-    values: ["gasoline", "diesel", "electric", "hybrid", "lpg", "cng"],
-    translationKey: "transport.fuelType"
-  },
-  maintenanceType: {
-    values: ["scheduled", "repair", "inspection", "oilChange", "filterChange", "other"],
-    translationKey: "transport.maintenanceType"
-  },
-  maintenanceStatus: {
-    values: ["scheduled", "inProgress", "completed", "cancelled", "overdue"],
-    translationKey: "transport.maintenanceStatus"
-  },
-  // Personal
-  maritalStatus: {
-    values: ["single", "married", "divorced", "widowed", "separated"],
-    translationKey: "parents.maritalStatus"
-  }
-};
-var getEnumConfig = (enumKey) => ENUMS[enumKey];
-var getEnumValues = (enumKey) => ENUMS[enumKey]?.values || [];
-
-// src/lib/validations.ts
-import { z as z2 } from "zod";
-
-// src/lib/ZodEnum.ts
-import { z } from "zod";
-var createZodEnum = (enumKey) => {
-  const values = ENUMS[enumKey]?.values;
-  if (!values) throw new Error(`Enum ${enumKey} not found`);
-  return z.enum(values);
-};
-var userTypeEnum = createZodEnum("userType");
-var userStatusEnum = createZodEnum("userStatus");
-var tokenStatusEnum = createZodEnum("tokenStatus");
-var tokenTypeEnum = createZodEnum("tokenType");
-var fileStatusEnum = createZodEnum("fileStatus");
-var genderEnum = createZodEnum("gender");
-var studentStatusEnum = createZodEnum("studentStatus");
-var teacherStatusEnum = createZodEnum("teacherStatus");
-var employmentTypeEnum = createZodEnum("employmentType");
-var relationshipTypeEnum = createZodEnum("relationshipType");
-var semesterEnum = createZodEnum("semester");
-var classStatusEnum = createZodEnum("classStatus");
-var sectionStatusEnum = createZodEnum("sectionStatus");
-var languageEnum = createZodEnum("language");
-var enrollmentStatusEnum = createZodEnum("enrollmentStatus");
-var assignmentStatusEnum = createZodEnum("assignmentStatus");
-var calendarSystemEnum = createZodEnum("calendarSystem");
-var assessmentTypeEnum = createZodEnum("assessmentType");
-var assessmentStatusEnum = createZodEnum("assessmentStatus");
-var submissionTypeEnum = createZodEnum("submissionType");
-var examTypeEnum = createZodEnum("examType");
-var examSecurityEnum = createZodEnum("examSecurity");
-var examStatusEnum = createZodEnum("examStatus");
-var gradeStatusEnum = createZodEnum("gradeStatus");
-var attendanceStatusEnum = createZodEnum("attendanceStatus");
-var proficiencyLevelEnum = createZodEnum("proficiencyLevel");
-var dayOfWeekEnum = createZodEnum("dayOfWeek");
-var alertTypeEnum = createZodEnum("alertType");
-var alertPriorityEnum = createZodEnum("alertPriority");
-var alertStatusEnum = createZodEnum("alertStatus");
-var feeTypeStatusEnum = createZodEnum("feeTypeStatus");
-var paymentTypeEnum = createZodEnum("paymentType");
-var scheduleEnum = createZodEnum("schedule");
-var feeStatusEnum = createZodEnum("feeStatus");
-var feeInstallmentStatusEnum = createZodEnum("feeInstallmentStatus");
-var paymentMethodEnum = createZodEnum("paymentMethod");
-var paymentStatusEnum = createZodEnum("paymentStatus");
-var eventTypeEnum = createZodEnum("eventType");
-var eventStatusEnum = createZodEnum("eventStatus");
-var eventVisibilityEnum = createZodEnum("eventVisibility");
-var participantTypeEnum = createZodEnum("participantType");
-var expenseCategoryEnum = createZodEnum("expenseCategory");
-var expenseStatusEnum = createZodEnum("expenseStatus");
-var trackerModeEnum = createZodEnum("trackerMode");
-var driverStatusEnum = createZodEnum("driverStatus");
-var vehicleStatusEnum = createZodEnum("vehicleStatus");
-var vehicleTypeEnum = createZodEnum("vehicleType");
-var vehicleDocumentTypeEnum = createZodEnum("vehicleDocumentType");
-var busStatusEnum = createZodEnum("busStatus");
-var refuelStatusEnum = createZodEnum("refuelStatus");
-var fuelTypeEnum = createZodEnum("fuelType");
-var maintenanceTypeEnum = createZodEnum("maintenanceType");
-var maintenanceStatusEnum = createZodEnum("maintenanceStatus");
-var maritalStatusEnum = createZodEnum("maritalStatus");
-
-// src/lib/validations.ts
-var requiredId = z2.preprocess((val) => val ?? "", z2.string().min(1, "ID is required"));
-var optionalId = z2.string().min(1, "ID cannot be empty").nullish().optional();
-var emailField = z2.string().email("Invalid email format").or(z2.literal(""));
-var phoneField = z2.string().regex(/^[\+]?[1-9][\d]{0,15}$/, "Invalid phone number");
-var nameField = z2.string().min(2, "Name must be at least 2 characters").max(100, "Name too long");
-var dateField = z2.string().regex(/^(\d{4}-\d{2}-\d{2}|\d{2}\/\d{2}\/\d{4}|\d{2}-\d{2}-\d{2}|\d{2}-\d{2}-\d{4})$/, "Date must be in YYYY-MM-DD, MM/DD/YYYY, DD/MM/YYYY, DD-MM-YY, or DD-MM-YYYY format");
-var optionalDateField = z2.string().regex(/^\d{4}-\d{2}-\d{2}$/, "Date must be in YYYY-MM-DD format").nullable().optional();
-var timeField = z2.string().regex(/^([01]?[0-9]|2[0-3]):[0-5][0-9]$/, "Time must be in HH:MM format").optional().nullable();
-var cinField = z2.string().min(8, "CIN must be at least 8 characters").max(20, "CIN too long");
-var addressField = z2.string().max(500, "Address too long").optional();
-var academicYearField = z2.string().min(9, "Academic year is required").regex(/^\d{4}-\d{4}$/, "Academic year must be in YYYY-YYYY format");
-var num = () => {
-  const createChainable = (currentSchema) => {
-    const methods = {
-      positive: (msg = "Must be positive") => createChainable(currentSchema.refine((val) => val > 0, { message: msg })),
-      min: (value, msg) => createChainable(currentSchema.refine(
-        (val) => val >= value,
-        { message: msg || `Must be at least ${value}` }
-      )),
-      max: (value, msg) => createChainable(currentSchema.refine(
-        (val) => val <= value,
-        { message: msg || `Cannot exceed ${value}` }
-      )),
-      int: (msg = "Must be an integer") => createChainable(currentSchema.refine(
-        (val) => Number.isInteger(val),
-        { message: msg }
-      ))
-    };
-    return Object.assign(currentSchema, methods);
-  };
-  const isValidNumber = (val) => {
-    if (val === null || val === void 0 || Number.isNaN(val)) return false;
-    if (typeof val === "number") return true;
-    if (typeof val === "string") {
-      const trimmed = val.trim();
-      return trimmed !== "" && !isNaN(Number(trimmed));
-    }
-    return false;
-  };
-  const baseSchema = z2.any().refine(isValidNumber, { message: "Must be a valid number" }).transform((val) => typeof val === "string" ? Number(val) : val);
-  return createChainable(baseSchema);
-};
-var userSchema = z2.object({
-  id: optionalId,
-  username: nameField.max(50).optional(),
-  email: emailField,
-  password: z2.string().min(8, "Password must be at least 8 characters"),
-  roleId: optionalId,
-  roleName: nameField.max(50).optional(),
-  lastLogin: optionalDateField,
-  image: z2.union([z2.string(), z2.instanceof(File), z2.undefined()]).optional(),
-  emailVerified: z2.boolean().default(false),
-  status: userStatusEnum,
-  createdAt: optionalDateField
-});
-var roleSchema = z2.object({
-  id: optionalId,
-  name: nameField.max(50),
-  description: z2.string().max(255, "Description too long").optional(),
-  createdAt: optionalDateField
-});
-var studentSchema = z2.object({
-  id: optionalId,
-  classId: requiredId,
-  sectionId: requiredId,
-  studentCode: z2.string(),
-  name: nameField,
-  email: emailField,
-  phone: phoneField.nullish(),
-  address: addressField,
-  dateOfBirth: optionalDateField,
-  gender: genderEnum,
-  enrollmentDate: dateField,
-  medicalConditions: z2.string().max(1e3, "Medical conditions description too long").nullish().optional(),
-  previousSchool: z2.string().max(500, "Previous school name too long").optional().nullable(),
-  image: z2.union([z2.string(), z2.instanceof(File), z2.null()]).optional(),
-  status: studentStatusEnum.default("active")
-});
-var parentSchema = z2.object({
-  id: optionalId,
-  name: nameField,
-  email: emailField.optional(),
-  phone: phoneField,
-  gender: genderEnum.optional(),
-  address: addressField,
-  dateOfBirth: optionalDateField,
-  cin: cinField,
-  occupation: z2.string().max(100, "Occupation too long").optional(),
-  nationality: z2.string().max(100, "Nationality too long").optional(),
-  maritalStatus: z2.string().max(50, "Marital status too long").optional(),
-  relationshipType: relationshipTypeEnum,
-  image: z2.union([z2.string(), z2.instanceof(File), z2.null()]).optional(),
-  isEmergencyContact: z2.boolean().optional().default(false),
-  financialResponsibility: z2.boolean().optional().default(false)
-});
-var driverSchema = z2.object({
-  id: optionalId,
-  name: nameField,
-  email: emailField,
-  cin: cinField,
-  phone: phoneField,
-  address: addressField,
-  gender: genderEnum.optional(),
-  licenseNumber: z2.string().min(5, "License number must be at least 5 characters").max(20, "License number too long"),
-  licenseType: z2.string().max(10, "License type too long"),
-  licenseExpiry: dateField,
-  hireDate: dateField,
-  salary: num().positive("Salary must be positive").optional(),
-  yearsOfExperience: num().int().min(0, "Years of experience must be non-negative").optional(),
-  emergencyContact: nameField.optional(),
-  emergencyPhone: phoneField.optional(),
-  image: z2.union([z2.string(), z2.instanceof(File), z2.null()]).optional(),
-  status: driverStatusEnum.default("active"),
-  notes: z2.string().max(1e3, "Notes too long").optional().nullable()
-});
-var teacherPersonalSchema = z2.object({
-  id: optionalId,
-  name: nameField,
-  cin: cinField,
-  email: emailField,
-  phone: phoneField,
-  address: addressField,
-  gender: genderEnum.optional(),
-  emergencyContact: nameField.optional(),
-  emergencyPhone: phoneField,
-  status: teacherStatusEnum.default("active"),
-  image: z2.union([z2.string(), z2.instanceof(File), z2.null()]).optional()
-});
-var teacherProfessionalSchema = z2.object({
-  specialization: z2.string().max(100, "Specialization too long").optional(),
-  yearsOfExperience: num().int().min(0, "Years of experience must be non-negative").optional(),
-  salary: num().positive("Salary must be positive").optional(),
-  hireDate: dateField,
-  bankAccount: z2.coerce.string().max(100, { message: "Bank account too long" }).optional(),
-  employmentType: employmentTypeEnum.optional(),
-  workloadHours: num().int().min(0, "Workload hours must be non-negative").max(60, "Workload hours cannot exceed 60").optional(),
-  academicDegrees: z2.string().max(500, "Academic degrees description too long").optional()
-});
-var assignmentSchema = z2.object({
-  classId: z2.string().min(1, "Class is required"),
-  sectionIds: z2.array(z2.string()).min(1, "At least one section is required"),
-  subjectIds: z2.array(z2.string()).min(1, "At least one subject is required"),
-  academicYear: z2.string().optional()
-});
-var assignmentsSchema = z2.object({
-  assignments: z2.array(assignmentSchema).min(1, "At least one parent is required")
-});
-var teacherFullSchema = z2.object({
-  ...teacherPersonalSchema.shape,
-  ...teacherProfessionalSchema.shape,
-  ...assignmentsSchema.shape
-});
-var feeTypeSchema = z2.object({
-  id: optionalId,
-  name: z2.string().min(2, "Fee type name must be at least 2 characters").max(100, "Fee type name too long"),
-  description: z2.string().max(500, "Description too long").optional().nullable(),
-  category: z2.string(),
-  amount: num().positive("Amount must be greater than 0").max(1e5, "Amount too large"),
-  paymentType: paymentTypeEnum.default("recurring"),
-  status: feeTypeStatusEnum.default("active").optional()
-});
-var feeSchema = z2.object({
-  id: optionalId,
-  studentId: requiredId,
-  feeTypeId: requiredId,
-  academicYear: academicYearField.optional(),
-  status: feeStatusEnum.optional(),
-  schedule: scheduleEnum,
-  baseAmount: num().positive("Base amount must be positive").optional(),
-  grossAmount: num().positive("Gross amount must be positive").optional(),
-  netAmount: num().optional(),
-  paidAmount: num().min(0, "Paid amount cannot be negative").optional(),
-  discountAmount: num().min(0, "Discount cannot be negative").optional(),
-  discountReason: z2.string().max(500, "Discount reason too long").optional().nullable(),
-  assignedBy: optionalId.nullable(),
-  notes: z2.string().max(1e3, "Notes too long").optional().nullable()
-});
-var bulkFeeItemSchema = feeSchema.omit({ studentId: true });
-var bulkFeeFormSchema = z2.object({
-  studentId: requiredId,
-  fees: z2.array(bulkFeeItemSchema).min(1, "At least one fee is required")
-});
-var feeInstallmentSchema = z2.object({
-  feeId: optionalId,
-  number: num().int().min(1, "Installment must be at least 1"),
-  dueDate: dateField,
-  amount: num().positive("Amount must be greater than 0").max(1e5, "Amount too large"),
-  paidAmount: num().min(0, "Paid amount cannot be negative").max(1e5, "Amount too large").optional(),
-  status: feeInstallmentStatusEnum.optional()
-});
-var feePaymentSchema = z2.object({
-  studentId: optionalId,
-  amount: num().positive("Amount must be greater than 0").max(1e5, "Amount too large").optional(),
-  paymentMethod: paymentMethodEnum,
-  paymentDate: dateField,
-  checkNumber: z2.preprocess((val) => val === "" ? null : val, z2.string().max(50, "Check number too long").optional().nullable()),
-  checkDueDate: z2.preprocess((val) => val === "" ? null : val, optionalDateField.nullable()),
-  transactionRef: z2.preprocess((val) => val === "" ? null : val, z2.string().max(100, "Transaction reference too long").optional().nullable()),
-  receiptNumber: z2.preprocess((val) => val === "" ? null : val, z2.string().max(50, "Receipt number too long").optional().nullable()),
-  status: paymentStatusEnum.default("completed"),
-  processedBy: optionalId,
-  notes: z2.preprocess((val) => val === "" ? null : val, z2.string().max(1e3, "Notes too long").optional().nullable()),
-  allocations: z2.array(z2.object({
-    feeId: optionalId,
-    number: z2.number().int().positive("Installment must be a positive number"),
-    amount: num().positive("Amount must be greater than 0")
-  })).optional().nullable()
-});
-var paymentAllocationSchema = z2.object({
-  paymentId: z2.string().min(1, "Payment ID is required"),
-  feeId: z2.string().min(1, "Fee ID is required"),
-  installmentId: z2.string().optional(),
-  amount: z2.number().positive("Amount must be positive"),
-  type: z2.enum(["fee", "installment"]).default("installment"),
-  notes: z2.string().optional()
-});
-var parentsSchema = z2.object({
-  parents: z2.array(parentSchema).optional().default([])
-});
-var feesSchema = z2.object({
-  fees: z2.array(bulkFeeItemSchema).min(1, "At least one fee is required")
-});
-var fullStudentSchema = z2.object({
-  ...studentSchema.shape,
-  ...parentsSchema.shape,
-  ...feesSchema.shape
-});
-var subjectSchema = z2.object({
-  id: optionalId,
-  code: z2.string().min(2, "Subject code must be at least 2 characters").max(10, "Subject code too long"),
-  name: z2.string().min(2, "Subject name must be at least 2 characters").max(100, "Subject name too long"),
-  description: z2.string().max(500, "Description too long").optional(),
-  gradeLevel: num().int().min(1).max(12).optional()
-});
-var sectionSchema = z2.object({
-  id: optionalId,
-  classId: requiredId,
-  name: z2.string().min(1, "Section name is required").max(10, "Section name too long"),
-  maxStudents: num().int().min(1, "Max students must be at least 1").max(100, "Max students cannot exceed 100").default(30),
-  roomNumber: num().max(1e4, "Room number too long").optional(),
-  status: sectionStatusEnum.default("active")
-});
-var classSchema = z2.object({
-  id: optionalId,
-  name: z2.string().min(1, "Class name is required").max(50, "Class name too long"),
-  description: z2.string().max(500, "Description too long").optional(),
-  academicYear: academicYearField,
-  level: z2.string().min(1, "Class level is required")
-});
-var attendanceSchema = z2.object({
-  studentId: requiredId,
-  teacherId: requiredId,
-  subjectId: requiredId,
-  sectionId: requiredId,
-  date: dateField,
-  status: attendanceStatusEnum.default("present"),
-  notes: z2.string().max(500, "Notes too long").optional()
-});
-var assessmentSchema = z2.object({
-  classId: requiredId,
-  sectionId: requiredId,
-  subjectId: requiredId,
-  teacherId: requiredId,
-  teacherAssignmentId: optionalId,
-  title: z2.string().min(3, "Title must be at least 3 characters").max(200, "Title too long"),
-  description: z2.string().max(1e3, "Description too long").optional().nullable(),
-  type: assessmentTypeEnum.default("quiz"),
-  date: dateField,
-  duration: num().int().min(1, "Duration must be at least 1 minute").max(480, "Duration cannot exceed 8 hours"),
-  totalMarks: num().positive("Total marks must be greater than 0").max(1e3, "Total marks cannot exceed 1000"),
-  passingMarks: num().min(0, "Passing marks must be non-negative").max(1e3, "Passing marks cannot exceed 1000"),
-  instructions: z2.string().max(2e3, "Instructions too long").optional().nullable(),
-  status: assessmentStatusEnum.default("scheduled"),
-  assessmentId: optionalId
-});
-var bulkAssessmentSchema = z2.object({
-  assessments: z2.array(assessmentSchema).min(1, "At least one assessment is required").max(50, "Cannot create more than 50 assessments at once")
-});
-var gradeSchema = z2.object({
-  assessmentId: requiredId,
-  teacherId: requiredId,
-  subjectId: requiredId,
-  sectionId: requiredId,
-  studentId: requiredId,
-  gradeId: requiredId,
-  assessmentTitle: z2.string().min(3, "Assessment title must be at least 3 characters").max(200, "Assessment title too long").optional(),
-  marksObtained: num().min(0, "Marks obtained must be non-negative").max(1e3, "Marks obtained cannot exceed 1000"),
-  feedback: z2.string().max(1e3, "Feedback too long").optional().nullable(),
-  status: gradeStatusEnum.default("graded")
-});
-var examSchema = z2.object({
-  classId: optionalId,
-  sectionId: requiredId,
-  subjectId: requiredId,
-  teacherId: requiredId,
-  examId: requiredId,
-  teacherAssignmentId: requiredId,
-  title: z2.string().min(3, "Title must be at least 3 characters").max(200, "Title too long"),
-  description: z2.string().max(1e3, "Description too long").optional().nullable(),
-  type: examTypeEnum.default("midterm"),
-  date: dateField,
-  startTime: timeField,
-  endTime: timeField,
-  duration: num().int().min(30, "Exam duration must be at least 30 minutes").max(480, "Duration cannot exceed 8 hours"),
-  totalMarks: num().positive("Total marks must be greater than 0").max(1e3, "Total marks cannot exceed 1000"),
-  passingMarks: num().min(0, "Passing marks must be non-negative").max(1e3, "Passing marks cannot exceed 1000"),
-  roomNumber: num().max(50, "Room number too long").optional().nullable(),
-  allowedMaterials: z2.string().max(500, "Allowed materials description too long").optional().nullable(),
-  instructions: z2.string().max(2e3, "Instructions too long").optional().nullable(),
-  status: examStatusEnum.default("scheduled")
-});
-var announcementSchema = z2.object({
-  title: z2.string().min(3, "Title must be at least 3 characters").max(200, "Title too long"),
-  content: z2.string().min(10, "Content must be at least 10 characters").max(5e3, "Content too long"),
-  authorId: optionalId,
-  targetAudience: z2.enum(["all", "students", "teachers", "parents", "class"]),
-  classId: optionalId,
-  isPublished: z2.boolean().default(false),
-  publishDate: z2.string().datetime("Invalid publish date").optional(),
-  expiryDate: z2.string().datetime("Invalid expiry date").optional()
-});
-var alertSchema = z2.object({
-  type: alertTypeEnum,
-  title: z2.string().min(3, "Title must be at least 3 characters").max(200, "Title too long"),
-  message: z2.string().min(10, "Message must be at least 10 characters").max(2e3, "Message too long"),
-  priority: alertPriorityEnum.default("medium"),
-  status: alertStatusEnum.default("active"),
-  studentId: optionalId,
-  teacherId: optionalId,
-  classId: optionalId,
-  subjectId: optionalId,
-  targetAudience: z2.enum(["all", "students", "teachers", "parents"]).optional(),
-  authorId: optionalId,
-  isRead: z2.boolean().default(false)
-});
-var eventSchema = z2.object({
-  title: z2.string().min(3, "Title must be at least 3 characters").max(200, "Title too long"),
-  description: z2.string().max(5e3, "Description too long").optional().nullable(),
-  type: eventTypeEnum,
-  startDate: dateField,
-  endDate: dateField,
-  startTime: timeField,
-  endTime: timeField,
-  location: z2.string().max(200, "Location too long").optional().nullable(),
-  venue: z2.string().max(200, "Venue too long").optional().nullable(),
-  organizerId: optionalId,
-  classId: optionalId.nullable(),
-  sectionId: optionalId.nullable(),
-  visibility: eventVisibilityEnum.default("public"),
-  status: eventStatusEnum.default("scheduled"),
-  capacity: num().int().positive("Capacity must be positive").optional().nullable(),
-  registrationRequired: z2.boolean().default(false),
-  registrationDeadline: optionalDateField.nullable(),
-  attachments: z2.any().optional().nullable(),
-  notes: z2.string().max(2e3, "Notes too long").optional().nullable()
-});
-var eventParticipantSchema = z2.object({
-  eventId: optionalId,
-  participantId: optionalId,
-  participantType: participantTypeEnum,
-  attendanceStatus: attendanceStatusEnum.optional().nullable(),
-  notes: z2.string().max(500, "Notes too long").optional().nullable()
-});
-var expenseSchema = z2.object({
-  id: optionalId,
-  category: expenseCategoryEnum,
-  title: z2.string().min(3, "Title must be at least 3 characters").max(200, "Title too long"),
-  amount: num().positive("Amount must be greater than 0").max(1e7, "Amount too large"),
-  expenseDate: dateField,
-  paymentMethod: paymentMethodEnum.optional().nullable(),
-  paymentDate: optionalDateField.nullable(),
-  vendor: z2.string().max(200, "Vendor name too long").optional().nullable(),
-  invoiceNumber: z2.string().max(100, "Invoice number too long").optional().nullable(),
-  receiptNumber: z2.string().max(100, "Receipt number too long").optional().nullable(),
-  checkNumber: z2.string().max(50, "Check number too long").optional().nullable(),
-  transactionRef: z2.string().max(100, "Transaction reference too long").optional().nullable(),
-  status: expenseStatusEnum.default("pending"),
-  notes: z2.string().max(1e3, "Notes too long").optional().nullable()
-});
-var expenseApprovalSchema = z2.object({
-  action: z2.enum(["approve", "reject"]),
-  rejectionReason: z2.string().min(10, "Rejection reason must be at least 10 characters").max(1e3, "Rejection reason too long").optional().nullable()
-});
-var expensePaymentSchema = z2.object({
-  paymentMethod: paymentMethodEnum,
-  paymentDate: dateField,
-  checkNumber: z2.string().max(50, "Check number too long").optional().nullable(),
-  transactionRef: z2.string().max(100, "Transaction reference too long").optional().nullable(),
-  notes: z2.string().max(1e3, "Notes too long").optional().nullable()
-});
-var vehicleSchema = z2.object({
-  id: optionalId,
-  name: z2.string().min(2, "Vehicle name must be at least 2 characters").max(100, "Vehicle name too long"),
-  brand: z2.string().min(2, "Brand must be at least 2 characters").max(100, "Brand too long"),
-  model: z2.string().min(2, "Model must be at least 2 characters").max(100, "Model too long"),
-  year: num().int().min(1900, "Year must be after 1900").max((/* @__PURE__ */ new Date()).getFullYear() + 1, "Year cannot be in future"),
-  type: vehicleTypeEnum.default("fullbus"),
-  capacity: num().int().min(1, "Capacity must be at least 1").max(200, "Capacity cannot exceed 200"),
-  licensePlate: z2.string().min(2, "License plate must be at least 2 characters").max(50, "License plate too long"),
-  driverId: optionalId.nullable(),
-  image: z2.string().max(500, "Image path too long").optional().nullable().default("novehicle.png"),
-  purchaseDate: optionalDateField.nullable(),
-  purchasePrice: num().min(0, "Purchase price must be non-negative").max(1e7, "Purchase price too large").optional().nullable(),
-  initialMileage: num().min(0, "Initial mileage must be non-negative").max(1e7, "Initial mileage too large").optional().nullable(),
-  currentMileage: num().min(0, "Current mileage must be non-negative").max(1e7, "Current mileage too large").optional().nullable(),
-  status: vehicleStatusEnum.default("active"),
-  notes: z2.string().max(1e3, "Notes too long").optional().nullable()
-});
-var refuelSchema = z2.object({
-  id: optionalId,
-  busId: optionalId,
-  refuelDate: dateField,
-  quantity: num().positive("Quantity must be greater than 0").max(1e4, "Quantity too large"),
-  unitPrice: num().positive("Unit price must be greater than 0").max(1e5, "Unit price too large"),
-  totalCost: num().positive("Total cost must be greater than 0").max(1e7, "Total cost too large").optional(),
-  fuelType: fuelTypeEnum.default("diesel"),
-  odometer: num().min(0, "Odometer must be non-negative").max(1e7, "Odometer value too large").optional().nullable(),
-  fuelStation: z2.string().max(200, "Fuel station name too long").optional().nullable(),
-  invoiceNumber: z2.string().max(100, "Invoice number too long").optional().nullable(),
-  paymentMethod: paymentMethodEnum.optional().nullable(),
-  paidBy: optionalId.nullable(),
-  status: refuelStatusEnum.default("completed"),
-  notes: z2.string().max(1e3, "Notes too long").optional().nullable()
-});
-var settingsSchema = z2.object({
-  // School Information
-  schoolName: z2.string().min(2, "School name must be at least 2 characters").max(200, "School name too long"),
-  schoolAddress: z2.string().max(500, "School address too long").optional(),
-  schoolPhone: phoneField,
-  schoolEmail: emailField,
-  schoolWebsite: z2.string().url("Must be a valid URL").max(255, "School website URL too long").optional(),
-  // New
-  schoolLogo: z2.string().url("Must be a valid image URL").max(255, "School logo URL too long").optional(),
-  // New
-  currentAcademicYear: academicYearField,
-  // Academic Settings
-  gradingScale: z2.any().optional(),
-  attendanceRequirement: num().min(0, "Attendance requirement must be non-negative").max(100, "Attendance requirement cannot exceed 100").default(75),
-  maxClassSize: num().int("Max class size must be an integer").min(1, "Max class size must be at least 1").max(200, "Max class size cannot exceed 200").default(34),
-  minimumPassingGrade: num().min(0, "Minimum passing grade must be non-negative").max(100, "Minimum passing grade cannot exceed 100").default(60),
-  defaultExamDuration: num().int("Default exam duration must be in minutes").min(15, "Exam duration must be at least 15 minutes").max(480, "Exam duration cannot exceed 480 minutes").default(120),
-  calendarSystem: calendarSystemEnum.default("SEMESTER"),
-  startMonth: z2.string().default("september"),
-  endMonth: z2.string().default("june"),
-  // Notification Settings
-  academicAlerts: z2.boolean().default(true),
-  attendanceAlerts: z2.boolean().default(true),
-  eventAlerts: z2.boolean().default(true),
-  homeworkAlerts: z2.boolean().default(true),
-  feesReminder: z2.boolean().default(true),
-  feesOverdueAlerts: z2.boolean().default(true),
-  emailNotifications: z2.boolean().default(true),
-  smsNotifications: z2.boolean().default(false),
-  parentNotifications: z2.boolean().default(true),
-  lowGradeAlerts: z2.boolean().default(true),
-  allowLateSubmission: z2.boolean().default(true),
-  examResultsAlerts: z2.boolean().default(true),
-  disciplinaryAlerts: z2.boolean().default(true),
-  achievementAlerts: z2.boolean().default(true),
-  maintenanceNotifications: z2.boolean().default(true),
-  // Security Settings
-  twoFactorEnabled: z2.boolean().default(false),
-  sessionTimeout: z2.string().regex(/^\d{1,4}$/, "Session timeout must be a number between 1-9999 minutes").default("60"),
-  passwordRequireSymbols: z2.boolean().default(true),
-  loginNotifications: z2.boolean().default(true),
-  parentAccessEnabled: z2.boolean().default(true),
-  teacherAccessEnabled: z2.boolean().default(true),
-  studentAccessEnabled: z2.boolean().default(true),
-  // System Preferences
-  timeZone: z2.string().min(1, "Time zone is required").default("UTC"),
-  language: languageEnum.default("en"),
-  theme: z2.enum(["light", "dark", "system"]).default("system"),
-  dateFormat: z2.enum(["YYYY-MM-DD", "MM/DD/YYYY", "DD/MM/YYYY", "DD-MM-YY", "DD-MM-YYYY"]).default("MM/DD/YYYY"),
-  // Adjusted default to match table
-  timeFormat: z2.enum(["12", "24"]).default("12"),
-  currency: z2.string().length(3, "Currency must be a 3-letter ISO code").regex(/^[A-Z]{3}$/, "Currency must be uppercase ISO code").default("USD"),
-  // Academic Calendar Settings
-  gradingPeriods: num().int("Grading periods must be an integer").min(1, "Grading periods must be at least 1").max(12, "Grading periods cannot exceed 12").default(4),
-  schoolStartTime: z2.string().regex(/^([01]?[0-9]|2[0-3]):[0-5][0-9]$/, "Invalid start time format (HH:MM)").default("08:00"),
-  schoolEndTime: z2.string().regex(/^([01]?[0-9]|2[0-3]):[0-5][0-9]$/, "Invalid end time format (HH:MM)").default("15:00"),
-  lunchBreakDuration: num().int("Lunch break duration must be in minutes").min(15, "Lunch break must be at least 15 minutes").max(120, "Lunch break cannot exceed 120 minutes").default(30),
-  // Maintenance & Backup Settings
-  maintenanceMode: z2.boolean().default(false),
-  autoBackup: z2.boolean().default(true)
-});
-var idParamSchema = z2.object({
-  id: optionalId
-});
-var paginationSchema = z2.object({
-  page: num().int().min(1).default(1),
-  limit: num().int().min(1).max(100).default(10)
-});
-var dateRangeSchema = z2.object({
-  dateFrom: dateField,
-  dateTo: dateField
-});
-
-// src/database/schema/index.ts
-import { pgTable, text, boolean, timestamp } from "drizzle-orm/pg-core";
-import { nanoid } from "nanoid";
-import { sql } from "drizzle-orm";
-
-// src/database/schema/PgEnum.ts
-import { pgEnum } from "drizzle-orm/pg-core";
-var createPgEnum = (enumKey) => {
-  const config = getEnumConfig(enumKey);
-  if (!config) throw new Error(`Enum ${enumKey} not found`);
-  const enumName = config.name || enumKey;
-  return pgEnum(enumName, config.values);
-};
-var userStatusEnum2 = createPgEnum("userStatus");
-var tokenStatusEnum2 = createPgEnum("tokenStatus");
-var tokenTypeEnum2 = createPgEnum("tokenType");
-var studentStatusEnum2 = createPgEnum("studentStatus");
-
-// src/database/schema/index.ts
-var timestamps = {
-  createdAt: timestamp("created_at", { mode: "string" }).defaultNow(),
-  updatedAt: timestamp("updated_at", { mode: "string" }).defaultNow().$onUpdate(() => sql`CURRENT_TIMESTAMP`)
-};
-var idField = (length = 5) => text("id").primaryKey().notNull().$defaultFn(() => nanoid(length));
-var rolesTable = pgTable("roles", {
-  id: idField(),
-  name: text("name").notNull(),
-  description: text("description")
-});
-var usersTable = pgTable("users", {
-  id: idField(8),
-  email: text("email").notNull().unique(),
-  emailVerified: boolean("email_verified").default(false),
-  password: text("password").notNull(),
-  image: text("image").default("noavatar.png"),
-  status: userStatusEnum2("status").default("pending"),
-  roleId: text("role_id").references(() => rolesTable.id),
-  lastLogin: timestamp("last_login", { mode: "string" }),
-  ...timestamps
-});
-var tokensTable = pgTable("tokens", {
-  id: idField(10),
-  userId: text("user_id").references(() => usersTable.id, { onDelete: "cascade" }).unique().notNull(),
-  token: text("token").notNull(),
-  type: tokenTypeEnum2("type").default("refresh"),
-  status: tokenStatusEnum2("status").default("active"),
-  expiresAt: timestamp("expires_at", { mode: "string" }).notNull(),
-  ...timestamps
-});
-var permissionsTable = pgTable("permissions", {
-  id: idField(),
-  name: text("name").notNull().unique(),
-  description: text("description"),
-  resource: text("resource").notNull(),
-  action: text("action").notNull(),
-  ...timestamps
-});
-var rolePermissionsTable = pgTable("role_permissions", {
-  id: idField(),
-  roleId: text("role_id").references(() => rolesTable.id).notNull(),
-  permissionId: text("permission_id").references(() => permissionsTable.id).notNull(),
-  ...timestamps
-});
-
-// src/permissions/PermissionRepository.ts
-import { eq, and } from "drizzle-orm";
-import { Repository } from "najm-api";
-var PermissionRepository = class {
-  async getAll() {
-    return await this.db.select().from(permissionsTable);
-  }
-  async getById(id) {
-    const [existingPermission] = await this.db.select().from(permissionsTable).where(eq(permissionsTable.id, id));
-    return existingPermission;
-  }
-  async getByName(name) {
-    const [existingPermission] = await this.db.select().from(permissionsTable).where(eq(permissionsTable.name, name));
-    return existingPermission;
-  }
-  async create(data) {
-    const [newPermission] = await this.db.insert(permissionsTable).values(data).returning();
-    return newPermission;
-  }
-  async update(id, data) {
-    const [updatedPermission] = await this.db.update(permissionsTable).set(data).where(eq(permissionsTable.id, id)).returning();
-    return updatedPermission;
-  }
-  async delete(id) {
-    const [deletedPermission] = await this.db.delete(permissionsTable).where(eq(permissionsTable.id, id)).returning();
-    return deletedPermission;
-  }
-  async getPermissionsByRole(roleId) {
-    return await this.db.select({
-      id: permissionsTable.id,
-      name: permissionsTable.name,
-      description: permissionsTable.description,
-      resource: permissionsTable.resource,
-      action: permissionsTable.action
-    }).from(rolePermissionsTable).leftJoin(permissionsTable, eq(rolePermissionsTable.permissionId, permissionsTable.id)).where(eq(rolePermissionsTable.roleId, roleId));
-  }
-  async getRolesByPermission(permissionId) {
-    return await this.db.select({
-      id: rolesTable.id,
-      name: rolesTable.name,
-      description: rolesTable.description
-    }).from(rolePermissionsTable).leftJoin(rolesTable, eq(rolePermissionsTable.roleId, rolesTable.id)).where(eq(rolePermissionsTable.permissionId, permissionId));
-  }
-  async assignPermissionToRole(roleId, permissionId) {
-    const [newRolePermission] = await this.db.insert(rolePermissionsTable).values({ roleId, permissionId }).returning();
-    return newRolePermission;
-  }
-  async removePermissionFromRole(roleId, permissionId) {
-    const [deletedRolePermission] = await this.db.delete(rolePermissionsTable).where(and(eq(rolePermissionsTable.roleId, roleId), eq(rolePermissionsTable.permissionId, permissionId))).returning();
-    return deletedRolePermission;
-  }
-  async checkRoleHasPermission(roleId, permissionId) {
-    const [rolePermission] = await this.db.select().from(rolePermissionsTable).where(and(eq(rolePermissionsTable.roleId, roleId), eq(rolePermissionsTable.permissionId, permissionId)));
-    return !!rolePermission;
-  }
-  async deleteAll() {
-    await this.db.delete(rolePermissionsTable);
-    const deletedPermissions = await this.db.delete(permissionsTable).returning();
-    return deletedPermissions;
-  }
-};
-PermissionRepository = __decorateClass([
-  Repository()
-], PermissionRepository);
-
-// src/permissions/PermissionGuards.ts
-import { createGuard as createGuard2, Injectable as Injectable5, GuardParams as GuardParams2, Headers as Headers2, Ctx as Ctx2 } from "najm-api";
-var PermissionGuards = class {
-  constructor(tokenService) {
-    this.tokenService = tokenService;
-  }
-  async getUserPermissions(auth) {
-    const permissions = await this.tokenService.getUserPermissions(auth);
-    if (!permissions || !Array.isArray(permissions)) return null;
-    return permissions;
-  }
-  checkPermissionMatch(permissions, requiredPermission) {
-    if (permissions.includes(requiredPermission)) {
-      return true;
-    }
-    const [requiredAction, requiredResource] = requiredPermission.split(":");
-    if (requiredAction && requiredResource) {
-      if (permissions.includes(`${requiredAction}:*`)) {
-        return true;
-      }
-      if (permissions.includes(`*:${requiredResource}`)) {
-        return true;
-      }
-    }
-    if (permissions.includes("*:*")) {
-      return true;
-    }
-    return false;
-  }
-  async hasPermission(auth, ctx, requiredPermission) {
-    await this.tokenService.storeUserInCache(auth, ctx);
-    const permissions = await this.getUserPermissions(auth);
-    if (!permissions) return false;
-    const check = this.checkPermissionMatch(permissions, requiredPermission);
-    return check;
-  }
-};
-__decorateClass([
-  __decorateParam(0, Headers2("authorization")),
-  __decorateParam(1, Ctx2()),
-  __decorateParam(2, GuardParams2())
-], PermissionGuards.prototype, "hasPermission", 1);
-PermissionGuards = __decorateClass([
-  Injectable5()
-], PermissionGuards);
-var Permission = (...permissions) => createGuard2(PermissionGuards, "hasPermission")(...permissions);
-
-// src/permissions/PermissionController.ts
-import { Controller as Controller2, Get as Get2, Post as Post2, Put, Delete, Params as Params2, Body as Body2, t as t3 } from "najm-api";
-var PermissionController = class {
-  constructor(permissionService) {
-    this.permissionService = permissionService;
-  }
-  async getPermissions() {
-    const permissions = await this.permissionService.getAll();
-    return {
-      data: permissions,
-      message: t3("permissions.success.retrieved"),
-      status: "success"
-    };
-  }
-  async getPermission(id) {
-    const permission = await this.permissionService.getById(id);
-    return {
-      data: permission,
-      message: t3("permissions.success.retrieved"),
-      status: "success"
-    };
-  }
-  async create(body) {
-    const newPermission = await this.permissionService.create(body);
-    return {
-      data: newPermission,
-      message: t3("permissions.success.created"),
-      status: "success"
-    };
-  }
-  async update(id, body) {
-    const updatedPermission = await this.permissionService.update(id, body);
-    return {
-      data: updatedPermission,
-      message: t3("permissions.success.updated"),
-      status: "success"
-    };
-  }
-  async delete(id) {
-    const result = await this.permissionService.delete(id);
-    return {
-      data: result,
-      message: t3("permissions.success.deleted"),
-      status: "success"
-    };
-  }
-  async getByRole(roleId) {
-    const permissions = await this.permissionService.getPermissionsByRole(roleId);
-    return {
-      data: permissions,
-      message: t3("permissions.success.retrieved"),
-      status: "success"
-    };
-  }
-  async getRolesByPermission(permissionId) {
-    const roles = await this.permissionService.getRolesByPermission(permissionId);
-    return {
-      data: roles,
-      message: t3("permissions.success.retrieved"),
-      status: "success"
-    };
-  }
-  async assignToRole(roleId, permissionId) {
-    const result = await this.permissionService.assignPermissionToRole(roleId, permissionId);
-    return {
-      data: result,
-      message: t3("permissions.success.assigned"),
-      status: "success"
-    };
-  }
-  async removeFromRole(roleId, permissionId) {
-    const result = await this.permissionService.removePermissionFromRole(roleId, permissionId);
-    return {
-      data: result,
-      message: t3("permissions.success.removed"),
-      status: "success"
-    };
-  }
-  async deleteAll() {
-    const result = await this.permissionService.deleteAll();
-    return {
-      data: result,
-      message: t3("permissions.success.allDeleted"),
-      status: "success"
-    };
-  }
-};
-__decorateClass([
-  Get2()
-], PermissionController.prototype, "getPermissions", 1);
-__decorateClass([
-  Get2("/:id"),
-  __decorateParam(0, Params2("id"))
-], PermissionController.prototype, "getPermission", 1);
-__decorateClass([
-  Post2(),
-  __decorateParam(0, Body2())
-], PermissionController.prototype, "create", 1);
-__decorateClass([
-  Put("/:id"),
-  __decorateParam(0, Params2("id")),
-  __decorateParam(1, Body2())
-], PermissionController.prototype, "update", 1);
-__decorateClass([
-  Delete("/:id"),
-  __decorateParam(0, Params2("id"))
-], PermissionController.prototype, "delete", 1);
-__decorateClass([
-  Get2("/role/:roleId"),
-  __decorateParam(0, Params2("roleId"))
-], PermissionController.prototype, "getByRole", 1);
-__decorateClass([
-  Get2("/roles/:permissionId"),
-  __decorateParam(0, Params2("permissionId"))
-], PermissionController.prototype, "getRolesByPermission", 1);
-__decorateClass([
-  Post2("/assign/:roleId/:permissionId"),
-  __decorateParam(0, Params2("roleId")),
-  __decorateParam(1, Params2("permissionId"))
-], PermissionController.prototype, "assignToRole", 1);
-__decorateClass([
-  Delete("/remove/:roleId/:permissionId"),
-  __decorateParam(0, Params2("roleId")),
-  __decorateParam(1, Params2("permissionId"))
-], PermissionController.prototype, "removeFromRole", 1);
-__decorateClass([
-  Delete(),
-  isAdmin()
-], PermissionController.prototype, "deleteAll", 1);
-PermissionController = __decorateClass([
-  Controller2("/permissions"),
-  isAdmin()
-], PermissionController);
-
-// src/permissions/PermissionService.ts
-import { Injectable as Injectable6 } from "najm-api";
-var PermissionService = class {
-  constructor(permissionRepository, permissionValidator, roleService) {
-    this.permissionRepository = permissionRepository;
-    this.permissionValidator = permissionValidator;
-    this.roleService = roleService;
-  }
-  async getAll() {
-    return await this.permissionRepository.getAll();
-  }
-  async getById(id) {
-    await this.permissionValidator.checkPermissionExists(id);
-    return await this.permissionRepository.getById(id);
-  }
-  async getByName(name) {
-    return await this.permissionRepository.getByName(name);
-  }
-  async getByResource(resource) {
-    return await this.permissionRepository.getAll().then(
-      (permissions) => permissions.filter((p) => p.resource === resource)
-    );
-  }
-  async create(data) {
-    await this.permissionValidator.validateCreatePermission(data);
-    await this.permissionValidator.checkPermissionNameUnique(data.name);
-    return await this.permissionRepository.create(data);
-  }
-  async update(id, data) {
-    await this.permissionValidator.checkPermissionExists(id);
-    await this.permissionValidator.checkPermissionNameUnique(data.name, id);
-    return await this.permissionRepository.update(id, data);
-  }
-  async delete(id) {
-    await this.permissionValidator.checkPermissionExists(id);
-    return await this.permissionRepository.delete(id);
-  }
-  async getPermissionsByRole(roleId) {
-    return await this.permissionRepository.getPermissionsByRole(roleId);
-  }
-  async getRolesByPermission(permissionId) {
-    await this.permissionValidator.checkPermissionExists(permissionId);
-    return await this.permissionRepository.getRolesByPermission(permissionId);
-  }
-  async assignPermissionToRole(roleId, permissionId) {
-    await this.permissionValidator.checkRoleHasPermission(roleId, permissionId);
-    return await this.permissionRepository.assignPermissionToRole(roleId, permissionId);
-  }
-  async removePermissionFromRole(roleId, permissionId) {
-    return await this.permissionRepository.removePermissionFromRole(roleId, permissionId);
-  }
-  async seedDefaultPermissions(defaultPermissions) {
-    const createdPermissions = [];
-    for (const permission of defaultPermissions) {
-      try {
-        const permissionEntity = await this.create(permission);
-        createdPermissions.push(permissionEntity);
-      } catch (error) {
-        continue;
-      }
-    }
-    return createdPermissions;
-  }
-  async seedDefaultRolePermissions(defaultRolePermissions) {
-    const results = [];
-    for (const { roleName, permissions } of defaultRolePermissions) {
-      try {
-        await this.permissionValidator.checkRoleExistsByName(roleName);
-        const role = await this.roleService.getByName(roleName);
-        for (const permissionName of permissions) {
-          try {
-            await this.permissionValidator.checkPermissionExistsByName(permissionName);
-            const permission = await this.getByName(permissionName);
-            await this.permissionValidator.checkRoleHasPermission(role.id, permission.id);
-            await this.assignPermissionToRole(role.id, permission.id);
-            results.push({ role: roleName, permission: permissionName });
-          } catch (error) {
-            continue;
-          }
-        }
-      } catch (error) {
-        continue;
-      }
-    }
-    return results;
-  }
-  async deleteAll() {
-    return await this.permissionRepository.deleteAll();
-  }
-};
-PermissionService = __decorateClass([
-  Injectable6()
-], PermissionService);
-
-// src/permissions/PermissionValidator.ts
-import { Injectable as Injectable7, t as t4 } from "najm-api";
-
-// src/shared/index.ts
-import * as fs from "fs/promises";
-import * as path from "path";
-import _isEmpty from "lodash.isempty";
-var avatarsPath = path.join(process.cwd(), "avatars");
-var parseSchema = async (schema, data) => {
-  try {
-    return await schema.parseAsync(data);
-  } catch (error) {
-    const errors = error.issues || error.errors || [];
-    const errorMessage = errors.map((err) => `${err.path.join(".")}: ${err.message}`).join("; ");
-    throw new Error(errorMessage);
-  }
-};
-var clean = (obj) => {
-  const cleaned = {};
-  for (const [key, value] of Object.entries(obj)) {
-    if (value !== null && value !== void 0 && value !== "") {
-      cleaned[key] = value;
-    }
-  }
-  return cleaned;
-};
-var getAvatarFile = async (fileName) => {
-  try {
-    const filePath = path.join(avatarsPath, fileName);
-    const buffer = await fs.readFile(filePath);
-    const file = new File([buffer], fileName, {
-      type: "image/png"
-    });
-    return file;
-  } catch (error) {
-    return null;
-  }
-};
-var formatDate = (dateValue) => {
-  if (!dateValue) return null;
-  let date;
-  if (dateValue instanceof Date) {
-    date = dateValue;
-  } else if (typeof dateValue === "string") {
-    date = new Date(dateValue);
-  } else {
-    return null;
-  }
-  if (isNaN(date.getTime())) return null;
-  return date.toISOString().split("T")[0];
-};
-function calculateAge(dateOfBirth) {
-  if (!dateOfBirth) return null;
-  const formattedDate = formatDate(dateOfBirth);
-  if (!formattedDate) return null;
-  const birth = new Date(formattedDate);
-  const today = /* @__PURE__ */ new Date();
-  let age = today.getFullYear() - birth.getFullYear();
-  const monthDiff = today.getMonth() - birth.getMonth();
-  if (monthDiff < 0 || monthDiff === 0 && today.getDate() < birth.getDate()) {
-    age--;
-  }
-  return age;
-}
-function calculateYearsOfExperience(hireDate) {
-  if (!hireDate) return null;
-  const formattedDate = formatDate(hireDate);
-  if (!formattedDate) return null;
-  const hire = new Date(formattedDate);
-  const today = /* @__PURE__ */ new Date();
-  let years = today.getFullYear() - hire.getFullYear();
-  const monthDiff = today.getMonth() - hire.getMonth();
-  if (monthDiff < 0 || monthDiff === 0 && today.getDate() < hire.getDate()) {
-    years--;
-  }
-  return years;
-}
-function pickProps(source, keys) {
-  const result = {};
-  for (const key of keys) {
-    if (source[key] !== void 0) {
-      result[key] = source[key];
-    }
-  }
-  return result;
-}
-var isEmpty = _isEmpty;
-var isPath = (img) => typeof img === "string" && img.trim().length > 0 && (img.startsWith("/") || img.startsWith("http") || img.startsWith("storage/"));
-var isFile = (img) => !!img && typeof img !== "string" && img instanceof File;
-
-// src/permissions/PermissionValidator.ts
-import { z as z3 } from "zod";
-var permissionSchema = z3.object({
-  name: z3.string().min(1, "Permission name is required"),
-  description: z3.string().optional(),
-  resource: z3.string().min(1, "Resource is required"),
-  action: z3.string().min(1, "Action is required")
-});
-var PermissionValidator = class {
-  constructor(permissionRepository, roleValidator) {
-    this.permissionRepository = permissionRepository;
-    this.roleValidator = roleValidator;
-  }
-  async validateCreatePermission(data) {
-    return parseSchema(permissionSchema, data);
-  }
-  async isPermissionExists(id) {
-    const existingPermission = await this.permissionRepository.getById(id);
-    return !!existingPermission;
-  }
-  async isPermissionNameExists(name) {
-    const existingPermission = await this.permissionRepository.getByName(name);
-    return !!existingPermission;
-  }
-  //======================= throw errors
-  async checkPermissionExists(id) {
-    const permissionExists = await this.isPermissionExists(id);
-    if (!permissionExists) {
-      throw new Error(t4("permissions.errors.notFound"));
-    }
-    return permissionExists;
-  }
-  async checkPermissionExistsByName(name) {
-    const permissionExists = await this.isPermissionNameExists(name);
-    if (!permissionExists) {
-      throw new Error(t4("permissions.errors.notFound"));
-    }
-    return permissionExists;
-  }
-  async checkPermissionNameUnique(name, excludeId = null) {
-    if (!name) return;
-    const existingPermission = await this.permissionRepository.getByName(name);
-    if (existingPermission && existingPermission.id !== excludeId) {
-      throw new Error(t4("permissions.errors.nameExists"));
-    }
-  }
-  async checkRoleExists(id) {
-    return await this.roleValidator.checkRoleExists(id);
-  }
-  async checkRoleExistsByName(name) {
-    return await this.roleValidator.checkRoleExistsByName(name);
-  }
-  async checkRoleHasPermission(roleId, permissionId) {
-    await this.roleValidator.checkRoleExists(roleId);
-    await this.checkPermissionExists(permissionId);
-    const hasPermission = await this.permissionRepository.checkRoleHasPermission(roleId, permissionId);
-    if (hasPermission) {
-      throw new Error(t4("permissions.errors.roleAlreadyHasPermission"));
-    }
-  }
-};
-PermissionValidator = __decorateClass([
-  Injectable7()
-], PermissionValidator);
-
-// src/roles/RoleRepository.ts
-import { eq as eq2 } from "drizzle-orm";
-import { Repository as Repository2 } from "najm-api";
-var RoleRepository = class {
-  async getAll() {
-    return await this.db.select().from(rolesTable);
-  }
-  async getById(id) {
-    const [existingRole] = await this.db.select().from(rolesTable).where(eq2(rolesTable.id, id));
-    return existingRole;
-  }
-  async getByName(name) {
-    const [existingRole] = await this.db.select().from(rolesTable).where(eq2(rolesTable.name, name));
-    return existingRole;
-  }
-  async create(data) {
-    const [newRole] = await this.db.insert(rolesTable).values(data).returning();
-    return newRole;
-  }
-  async update(id, data) {
-    const [updatedRole] = await this.db.update(rolesTable).set(data).where(eq2(rolesTable.id, id)).returning();
-    return updatedRole;
-  }
-  async delete(id) {
-    const [deletedRole] = await this.db.delete(rolesTable).where(eq2(rolesTable.id, id)).returning();
-    return deletedRole;
-  }
-};
-RoleRepository = __decorateClass([
-  Repository2()
-], RoleRepository);
-
-// src/roles/RoleValidator.ts
-import { Injectable as Injectable8, t as t5 } from "najm-api";
-var RoleValidator = class {
-  constructor(roleRepository) {
-    this.roleRepository = roleRepository;
-  }
-  async validateCreateRole(data) {
-    return parseSchema(roleSchema, data);
-  }
-  async isRoleNameExists(roleName) {
-    const existingRole = await this.roleRepository.getByName(roleName);
-    return !!existingRole;
-  }
-  async isRoleIdExists(id) {
-    const existingRole = await this.roleRepository.getById(id);
-    return !!existingRole;
-  }
-  async checkNameUnique(roleName, excludeId = null) {
-    if (!roleName) return;
-    const existingRole = await this.roleRepository.getByName(roleName);
-    if (existingRole && existingRole.id !== excludeId) {
-      throw new Error(t5("roles.errors.exists"));
-    }
-  }
-  async checkRoleExists(id) {
-    const roleIdExists = await this.isRoleIdExists(id);
-    if (!roleIdExists) {
-      throw new Error(t5("roles.errors.notFound"));
-    }
-  }
-  async checkRoleExistsByName(roleName) {
-    const roleNameExists = await this.isRoleNameExists(roleName);
-    if (!roleNameExists) {
-      throw new Error(t5("roles.errors.notFound"));
-    }
-  }
-  async checkAdminRoleExists() {
-    const adminRole = await this.roleRepository.getByName("admin");
-    if (!adminRole) {
-      throw new Error(t5("users.errors.adminRoleNotFound"));
-    }
-    return adminRole;
-  }
-};
-RoleValidator = __decorateClass([
-  Injectable8()
-], RoleValidator);
-
-// src/roles/RoleController.ts
-import { Controller as Controller3, Get as Get3, Post as Post3, Put as Put2, Delete as Delete2, Params as Params3, Body as Body3, t as t6 } from "najm-api";
-var RoleController = class {
-  constructor(roleService) {
-    this.roleService = roleService;
-  }
-  async getRoles() {
-    const roles = await this.roleService.getAll();
-    return {
-      data: roles,
-      message: t6("roles.success.retrieved"),
-      status: "success"
-    };
-  }
-  async getRole(id) {
-    const role = await this.roleService.getById(id);
-    return {
-      data: role,
-      message: t6("roles.success.retrieved"),
-      status: "success"
-    };
-  }
-  async createRole(body) {
-    const newRole = await this.roleService.create(body);
-    return {
-      data: newRole,
-      message: t6("roles.success.created"),
-      status: "success"
-    };
-  }
-  async updateRole(id, body) {
-    const updatedRole = await this.roleService.update(id, body);
-    return {
-      data: updatedRole,
-      message: t6("roles.success.updated"),
-      status: "success"
-    };
-  }
-  async deleteRole(id) {
-    const result = await this.roleService.delete(id);
-    return {
-      data: result,
-      message: t6("roles.success.deleted"),
-      status: "success"
-    };
-  }
-};
-__decorateClass([
-  Get3(),
-  isAdmin()
-], RoleController.prototype, "getRoles", 1);
-__decorateClass([
-  Get3("/:id"),
-  isAdmin(),
-  __decorateParam(0, Params3("id"))
-], RoleController.prototype, "getRole", 1);
-__decorateClass([
-  Post3(),
-  isAdmin(),
-  __decorateParam(0, Body3())
-], RoleController.prototype, "createRole", 1);
-__decorateClass([
-  Put2("/:id"),
-  isAdmin(),
-  __decorateParam(0, Params3("id")),
-  __decorateParam(1, Body3())
-], RoleController.prototype, "updateRole", 1);
-__decorateClass([
-  Delete2("/:id"),
-  isAdmin(),
-  __decorateParam(0, Params3("id"))
-], RoleController.prototype, "deleteRole", 1);
-RoleController = __decorateClass([
-  Controller3("/roles")
-], RoleController);
-
-// src/roles/RoleService.ts
-import { Injectable as Injectable9 } from "najm-api";
-var RoleService = class {
-  constructor(roleRepository, roleValidator) {
-    this.roleRepository = roleRepository;
-    this.roleValidator = roleValidator;
-  }
-  async getAll() {
-    return await this.roleRepository.getAll();
-  }
-  async getById(id) {
-    await this.roleValidator.checkRoleExists(id);
-    return await this.roleRepository.getById(id);
-  }
-  async getByName(name) {
-    return await this.roleRepository.getByName(name);
-  }
-  async create(data) {
-    await this.roleValidator.validateCreateRole(data);
-    await this.roleValidator.checkNameUnique(data.name);
-    return await this.roleRepository.create(data);
-  }
-  async update(id, data) {
-    await this.roleValidator.checkRoleExists(id);
-    await this.roleValidator.checkNameUnique(data.name, id);
-    return await this.roleRepository.update(id, data);
-  }
-  async delete(id) {
-    await this.roleValidator.checkRoleExists(id);
-    return await this.roleRepository.delete(id);
-  }
-  async seedDefaultRoles(defaultRoles) {
-    const rolesToCreate = [];
-    for (const role of defaultRoles) {
-      const exists = await this.roleValidator.isRoleNameExists(role.name);
-      if (!exists) {
-        rolesToCreate.push(role);
-      }
-    }
-    const createdRoles = await Promise.all(
-      rolesToCreate.map((role) => this.roleRepository.create(role))
-    );
-    return createdRoles;
-  }
-  async getRoleIdByName(name) {
-    const teacherRole = await this.getByName(name);
-    return teacherRole?.id;
-  }
-};
-RoleService = __decorateClass([
-  Injectable9()
-], RoleService);
-
-// src/tokens/TokenRepository.ts
-import { eq as eq3 } from "drizzle-orm";
-import { Repository as Repository3 } from "najm-api";
-var TokenRepository = class {
-  async storeRefreshToken(tokenData) {
-    return await this.db.insert(tokensTable).values(tokenData).onConflictDoUpdate({
-      target: tokensTable.userId,
-      set: {
-        token: tokenData.token,
-        expiresAt: tokenData.expiresAt
-      }
-    }).returning();
-  }
-  async getRefreshToken(userId) {
-    const [token] = await this.db.select().from(tokensTable).where(eq3(tokensTable.userId, userId));
-    return token?.token;
-  }
-  async revokeToken(userId) {
-    const [deletedToken] = await this.db.delete(tokensTable).where(eq3(tokensTable.userId, userId)).returning();
-    return deletedToken;
-  }
-  async isUserExists(userId) {
-    const [user] = await this.db.select({ id: usersTable.id }).from(usersTable).where(eq3(usersTable.id, userId)).limit(1);
-    return !!user;
-  }
-  async getRoleNameById(userId) {
-    const [role] = await this.db.select({
-      roleName: rolesTable.name
-    }).from(usersTable).leftJoin(rolesTable, eq3(usersTable.roleId, rolesTable.id)).where(eq3(usersTable.id, userId)).limit(1);
-    return role?.roleName;
-  }
-  async getUserPermissions(userId) {
-    const [user] = await this.db.select({ roleId: usersTable.roleId }).from(usersTable).where(eq3(usersTable.id, userId)).limit(1);
-    if (!user || !user.roleId) return [];
-    const userPermissions = await this.db.select({
-      name: permissionsTable.name
-    }).from(rolePermissionsTable).leftJoin(permissionsTable, eq3(rolePermissionsTable.permissionId, permissionsTable.id)).where(eq3(rolePermissionsTable.roleId, user.roleId));
-    return userPermissions.map((p) => p.name).filter((name) => name);
-  }
-  async getUser(userId) {
-    const [user] = await this.db.select({
-      id: usersTable.id,
-      email: usersTable.email,
-      status: usersTable.status,
-      roleId: usersTable.roleId,
-      roleName: rolesTable.name,
-      createdAt: usersTable.createdAt,
-      updatedAt: usersTable.updatedAt
-    }).from(usersTable).leftJoin(rolesTable, eq3(usersTable.roleId, rolesTable.id)).where(eq3(usersTable.id, userId)).limit(1);
-    return user ? { ...user, role: user.roleName } : null;
-  }
-};
-TokenRepository = __decorateClass([
-  Repository3()
-], TokenRepository);
-
-// src/tokens/TokenService.ts
-import { t as t7 } from "najm-api";
-import { getCookie, Injectable as Injectable10 } from "najm-api";
-import jwt from "jsonwebtoken";
-import { jwtDecode } from "jwt-decode";
-import timestring2 from "timestring";
-var TokenService = class {
-  constructor(tokenRepository) {
-    this.tokenRepository = tokenRepository;
-    this.accessSecretKey = process.env.JWT_ACCESS_SECRET;
-    this.accessExpiresIn = process.env.ACCESS_EXPIRES_IN;
-    this.refreshSecretKey = process.env.JWT_REFRESH_SECRET;
-    this.refreshExpiresIn = process.env.REFRESH_EXPIRES_IN;
-  }
-  //==== Validate tokens
-  extractAccessToken(authorization) {
-    if (authorization && authorization.startsWith("Bearer")) {
-      return authorization.split(" ")[1];
-    }
-    throw new Error(t7("auth.errors.tokenMissing"));
-  }
-  verifyAccessToken(token) {
-    try {
-      return jwt.verify(token, this.accessSecretKey);
-    } catch (error) {
-      throw new Error(t7("auth.errors.tokenVerificationFailed"));
-    }
-  }
-  verifyRefreshToken(token) {
-    try {
-      const decoded = jwt.verify(token, this.refreshSecretKey);
-      return decoded.userId;
-    } catch (error) {
-      throw new Error(t7("auth.errors.tokenVerificationFailed"));
-    }
-  }
-  async getUserIdByAccessToken(header) {
-    const token = this.extractAccessToken(header);
-    const decodedToken = this.verifyAccessToken(token);
-    const userId = decodedToken.userId;
-    const userExists = await this.tokenRepository.isUserExists(userId);
-    if (!userExists) {
-      throw new Error(t7("users.errors.notFound"));
-    }
-    return userId;
-  }
-  //=== Generate tokens
-  async storeRefreshToken(userId, refreshToken) {
-    const expireInSecond = timestring2(this.refreshExpiresIn, "s");
-    const tokenData = {
-      userId,
-      token: refreshToken,
-      expiresAt: new Date(Date.now() + expireInSecond * 1e3).toISOString()
-    };
-    await this.tokenRepository.storeRefreshToken(tokenData);
-  }
-  getTokenExpire(token) {
-    return jwtDecode(token).exp;
-  }
-  generateAccessToken(data) {
-    const options = { expiresIn: this.accessExpiresIn };
-    return jwt.sign(data, this.accessSecretKey, options);
-  }
-  generateRefreshToken(data) {
-    const options = { expiresIn: this.refreshExpiresIn };
-    return jwt.sign(data, this.refreshSecretKey, options);
-  }
-  async generateTokens(userId) {
-    const tokenData = { userId };
-    const accessToken = await this.generateAccessToken(tokenData);
-    const refreshToken = await this.generateRefreshToken(tokenData);
-    const accessTokenExpiresAt = this.getTokenExpire(accessToken);
-    const refreshTokenExpiresAt = this.getTokenExpire(refreshToken);
-    await this.storeRefreshToken(userId, refreshToken);
-    return {
-      accessToken,
-      refreshToken,
-      accessTokenExpiresAt,
-      refreshTokenExpiresAt
-    };
-  }
-  async refreshTokens() {
-    const newRefreshToken = getCookie("refreshToken");
-    const userId = this.verifyRefreshToken(newRefreshToken);
-    const userExists = await this.tokenRepository.isUserExists(userId);
-    if (!userExists) {
-      throw new Error(t7("users.errors.notFound"));
-    }
-    const storedRefreshToken = await this.tokenRepository.getRefreshToken(userId);
-    if (newRefreshToken != storedRefreshToken) {
-      throw new Error(t7("auth.errors.refreshTokenInvalid"));
-    }
-    return await this.generateTokens(userId);
-  }
-  async revokeToken(userId) {
-    return await this.tokenRepository.revokeToken(userId);
-  }
-  async getUserPermissions(auth) {
-    if (!auth) return;
-    const userId = await this.getUserIdByAccessToken(auth);
-    const permissions = await this.tokenRepository.getUserPermissions(userId);
-    return permissions;
-  }
-  async getUserRole(auth) {
-    if (!auth) return;
-    const userId = await this.getUserIdByAccessToken(auth);
-    const roleName = await this.tokenRepository.getRoleNameById(userId);
-    return roleName;
-  }
-  async getUser(auth) {
-    if (!auth) return;
-    const userId = await this.getUserIdByAccessToken(auth);
-    const user = await this.tokenRepository.getUser(userId);
-    if (!user) return null;
-    return user;
-  }
-  async storeUserInCache(auth, ctx) {
-    const cachedUser = ctx.get("user");
-    if (cachedUser) return cachedUser;
-    const user = await this.getUser(auth);
-    if (user) {
-      ctx.set("user", user);
-    }
-    return user;
-  }
-};
-TokenService = __decorateClass([
-  Injectable10()
-], TokenService);
-
-// src/users/UserRepository.ts
-import { eq as eq4, ne } from "drizzle-orm";
-import { Repository as Repository4 } from "najm-api";
-var UserRepository = class {
-  getUser() {
-    return {
-      id: usersTable.id,
-      email: usersTable.email,
-      emailVerified: usersTable.emailVerified,
-      image: usersTable.image,
-      status: usersTable.status,
-      roleId: usersTable.roleId,
-      role: rolesTable.name,
-      createdAt: usersTable.createdAt,
-      updatedAt: usersTable.updatedAt
-    };
-  }
-  async getAll() {
-    const allUsers = await this.db.select(this.getUser()).from(usersTable).leftJoin(rolesTable, eq4(usersTable.roleId, rolesTable.id));
-    return Promise.all(allUsers.map(async (user) => ({
-      ...user,
-      permissions: await this.getUserPermissions(user.id)
-    })));
-  }
-  async getById(id) {
-    const [user] = await this.db.select(this.getUser()).from(usersTable).leftJoin(rolesTable, eq4(usersTable.roleId, rolesTable.id)).where(eq4(usersTable.id, id)).limit(1);
-    if (!user) return user;
-    return {
-      ...user,
-      permissions: await this.getUserPermissions(user.id)
-    };
-  }
-  async getByEmail(email) {
-    const [existingUser] = await this.db.select(this.getUser()).from(usersTable).leftJoin(rolesTable, eq4(usersTable.roleId, rolesTable.id)).where(eq4(usersTable.email, email));
-    return existingUser;
-  }
-  async create(data) {
-    const [newUser] = await this.db.insert(usersTable).values(data).returning();
-    return newUser;
-  }
-  async update(id, data) {
-    const [updatedUser] = await this.db.update(usersTable).set(data).where(eq4(usersTable.id, id)).returning();
-    return updatedUser;
-  }
-  async delete(id) {
-    const [deletedUser] = await this.db.delete(usersTable).where(eq4(usersTable.id, id)).returning();
-    return deletedUser;
-  }
-  async deleteAll() {
-    const adminRole = await this.db.select({ id: rolesTable.id }).from(rolesTable).where(eq4(rolesTable.name, "admin")).limit(1);
-    if (adminRole.length === 0) {
-      const deletedUsers2 = await this.db.delete(usersTable).returning();
-      return deletedUsers2;
-    }
-    const deletedUsers = await this.db.delete(usersTable).where(ne(usersTable.roleId, adminRole[0].id)).returning();
-    return deletedUsers;
-  }
-  async getRoleNameById(userId) {
-    const [role] = await this.db.select({
-      roleName: rolesTable.name
-    }).from(usersTable).leftJoin(rolesTable, eq4(usersTable.roleId, rolesTable.id)).where(eq4(usersTable.id, userId));
-    return role.roleName;
-  }
-  async getUserPassword(email) {
-    const [user] = await this.db.select({
-      id: usersTable.id,
-      email: usersTable.email,
-      password: usersTable.password
-    }).from(usersTable).where(eq4(usersTable.email, email)).limit(1);
-    return user.password;
-  }
-  async getUserPermissions(userId) {
-    const [user] = await this.db.select({ roleId: usersTable.roleId }).from(usersTable).where(eq4(usersTable.id, userId)).limit(1);
-    if (!user || !user.roleId) return [];
-    const userPermissions = await this.db.select({
-      name: permissionsTable.name
-    }).from(rolePermissionsTable).leftJoin(permissionsTable, eq4(rolePermissionsTable.permissionId, permissionsTable.id)).where(eq4(rolePermissionsTable.roleId, user.roleId));
-    return userPermissions.map((p) => p.name).filter((name) => name);
-  }
-};
-UserRepository = __decorateClass([
-  Repository4()
-], UserRepository);
-
-// src/users/UserValidator.ts
-import { Injectable as Injectable11, t as t8 } from "najm-api";
-var UserValidator = class {
-  constructor(userRepository, encryptionService) {
-    this.userRepository = userRepository;
-    this.encryptionService = encryptionService;
-  }
-  async validateCreateUser(data) {
-    return parseSchema(userSchema, data);
-  }
-  async isEmailExists(email) {
-    const existingUser = await this.userRepository.getByEmail(email);
-    return !!existingUser;
-  }
-  async isPasswordValid(password, hashedPassword) {
-    const isPasswordValid = await this.encryptionService.comparePassword(password, hashedPassword);
-    return !!isPasswordValid;
-  }
-  async isUserExist(id) {
-    const existingUser = await this.userRepository.getById(id);
-    return !!existingUser;
-  }
-  async checkUserIdIsUnique(id) {
-    if (!id) return;
-    const existingUser = await this.userRepository.getById(id);
-    if (existingUser) {
-      throw new Error(t8("users.errors.idExists"));
-    }
-  }
-  async isCorrectPass(password) {
-    return password && typeof password === "string" && password.trim().length > 0;
-  }
-  async hasRole(userId, roles) {
-    const roleName = await this.userRepository.getRoleNameById(userId);
-    if (!roleName) {
-      throw Error(t8("auth.errors.accessDenied"));
-    }
-    const hasRole = roles.some(
-      (item) => roleName.toLowerCase() === item.toLowerCase()
-    );
-    if (!hasRole) {
-      throw Error(t8("auth.errors.accessDenied"));
-    }
-    return true;
-  }
-  //======================= throw errors
-  async checkUserExistsByEmail(email) {
-    const user = await this.userRepository.getByEmail(email);
-    if (!user) {
-      throw new Error(t8("auth.errors.invalidCredentials"));
-    }
-    return user;
-  }
-  async checkUserExists(id) {
-    const userExists = await this.isUserExist(id);
-    if (!userExists) {
-      throw new Error(t8("users.errors.notFound"));
-    }
-    return userExists;
-  }
-  async checkEmailUnique(email, excludeId = null) {
-    if (!email) return;
-    const existingUser = await this.userRepository.getByEmail(email);
-    if (existingUser && existingUser.id !== excludeId) {
-      throw new Error(t8("auth.errors.emailExists"));
-    }
-  }
-  async checkEmailExists(email) {
-    const user = await this.userRepository.getByEmail(email);
-    if (!user) {
-      throw new Error(t8("users.errors.notFound"));
-    }
-    return user;
-  }
-  async checkPasswordValid(password, hashedPassword) {
-    const isPasswordValid = await this.isPasswordValid(password, hashedPassword);
-    if (!isPasswordValid) {
-      throw new Error(t8("auth.errors.invalidCredentials"));
-    }
-  }
-};
-UserValidator = __decorateClass([
-  Injectable11()
-], UserValidator);
-
-// src/users/UserService.ts
-import { Injectable as Injectable12, setLanguage, getCurrentLanguage as getCurrentLanguage2, Transactional } from "najm-api";
-import { nanoid as nanoid2 } from "nanoid";
-var UserService = class {
-  constructor(roleValidator, roleService, userRepository, userValidator, encryptionService) {
-    this.roleValidator = roleValidator;
-    this.roleService = roleService;
-    this.userRepository = userRepository;
-    this.userValidator = userValidator;
-    this.encryptionService = encryptionService;
-  }
-  sanitizeUser(user) {
-    if (!user) return user;
-    const { password, ...sanitizedUser } = user;
-    return sanitizedUser;
-  }
-  sanitizeUsers(users) {
-    return users.map((user) => this.sanitizeUser(user));
-  }
-  async resolveUserRole(roleId, roleName) {
-    if (roleId) {
-      await this.roleValidator.checkRoleExists(roleId);
-      return roleId;
-    }
-    if (roleName) {
-      const roleByName = await this.roleService.getByName(roleName);
-      if (roleByName) {
-        return roleByName.id;
-      }
-      throw new Error(`Role '${roleName}' not found`);
-    }
-    const defaultRole = await this.roleService.getByName("Student");
-    return defaultRole.id;
-  }
-  async getAll() {
-    const users = await this.userRepository.getAll();
-    return this.sanitizeUsers(users);
-  }
-  async getById(id) {
-    await this.userValidator.checkUserExists(id);
-    const user = await this.userRepository.getById(id);
-    return this.sanitizeUser(user);
-  }
-  async getByEmail(email) {
-    const user = await this.userValidator.checkUserExistsByEmail(email);
-    return this.sanitizeUser(user);
-  }
-  async create(data) {
-    const { id, email, image, emailVerified, password, roleId, role } = data;
-    let userId = id || nanoid2(5);
-    let pass = password || "12345678";
-    await this.userValidator.checkEmailUnique(data.email);
-    await this.userValidator.checkUserIdIsUnique(id);
-    const hashedPassword = await this.encryptionService.hashPassword(pass);
-    const resolvedRoleId = await this.resolveUserRole(roleId, role);
-    const userDetails = {
-      id: userId,
-      email,
-      image,
-      password: hashedPassword,
-      roleId: resolvedRoleId,
-      emailVerified,
-      status: "pending"
-    };
-    await this.userValidator.validateCreateUser(userDetails);
-    const newUser = await this.userRepository.create(userDetails);
-    return this.sanitizeUser(newUser);
-  }
-  async update(id, data) {
-    const { password, image } = data;
-    await this.userValidator.checkUserExists(id);
-    await this.userValidator.checkEmailUnique(data.email, id);
-    const currentUser = await this.userRepository.getById(id);
-    const hashedPassword = await this.encryptionService.hashPassword(password);
-    const updateData = {
-      ...data,
-      image,
-      ...hashedPassword && { password: hashedPassword }
-    };
-    const cleanedUpdateData = clean(updateData);
-    const updatedUser = await this.userRepository.update(id, cleanedUpdateData);
-    return this.sanitizeUser(updatedUser);
-  }
-  async delete(id) {
-    await this.userValidator.checkUserExists(id);
-    const user = await this.userRepository.delete(id);
-    return this.sanitizeUser(user);
-  }
-  async deleteAll() {
-    const deletedUsers = await this.userRepository.deleteAll();
-    return this.sanitizeUsers(deletedUsers);
-  }
-  async getRoleName(id) {
-    await this.userValidator.checkUserExists(id);
-    return await this.userRepository.getRoleNameById(id);
-  }
-  async getPassword(email) {
-    await this.userValidator.checkUserExistsByEmail(email);
-    return await this.userRepository.getUserPassword(email);
-  }
-  async assignRole(id, roleId, roleName) {
-    await this.userValidator.checkUserExists(id);
-    const resolvedRoleId = await this.resolveUserRole(roleId, roleName);
-    const updatedUser = await this.userRepository.update(id, { roleId: resolvedRoleId });
-    return this.sanitizeUser(updatedUser);
-  }
-  async removeRole(id) {
-    await this.userValidator.checkUserExists(id);
-    const updatedUser = await this.userRepository.update(id, { roleId: null });
-    return this.sanitizeUser(updatedUser);
-  }
-  async seedAdminUser() {
-    const email = "admin@admin.com";
-    const adminRole = await this.roleValidator.checkAdminRoleExists();
-    const existingUser = await this.userRepository.getByEmail(email);
-    if (existingUser) {
-      await this.delete(existingUser.id);
-    }
-    const newAdminUser = await this.create({
-      id: "USR00",
-      name: "System Administrator",
-      email,
-      password: "12345678",
-      image: null,
-      roleId: adminRole.id,
-      status: "active",
-      emailVerified: true
-    });
-    return this.sanitizeUser(newAdminUser);
-  }
-  async updateLang(language) {
-    setLanguage(language);
-    return language;
-  }
-  async getLang() {
-    return getCurrentLanguage2();
-  }
-};
-__decorateClass([
-  Transactional()
-], UserService.prototype, "create", 1);
-UserService = __decorateClass([
-  Injectable12()
-], UserService);
-
-// src/users/UserController.ts
-import { Controller as Controller4, Get as Get4, Post as Post4, Put as Put3, Delete as Delete3, Params as Params4, Body as Body4, t as t9 } from "najm-api";
-var UserController = class {
-  constructor(userService) {
-    this.userService = userService;
-  }
-  async getUsers() {
-    const users = await this.userService.getAll();
-    return {
-      data: users,
-      message: t9("users.success.retrieved"),
-      status: "success"
-    };
-  }
-  async getLang() {
-    const language = await this.userService.getLang();
-    return {
-      data: { language },
-      message: t9("users.success.retrieved"),
-      status: "success"
-    };
-  }
-  async updateLang(language) {
-    const data = await this.userService.updateLang(language);
-    return {
-      data,
-      message: t9("users.success.updated"),
-      status: "success"
-    };
-  }
-  async getUser(id) {
-    const user = await this.userService.getById(id);
-    return {
-      data: user,
-      message: t9("users.success.retrieved"),
-      status: "success"
-    };
-  }
-  async getByEmail(email) {
-    const user = await this.userService.getByEmail(email);
-    return {
-      data: user,
-      message: t9("users.success.retrieved"),
-      status: "success"
-    };
-  }
-  async getRole(userId) {
-    const role = await this.userService.getRoleName(userId);
-    return {
-      data: role,
-      message: t9("users.success.retrieved"),
-      status: "success"
-    };
-  }
-  async create(body) {
-    const newUser = await this.userService.create(body);
-    return {
-      data: newUser,
-      message: t9("users.success.created"),
-      status: "success"
-    };
-  }
-  async update(id, body) {
-    const updatedUser = await this.userService.update(id, body);
-    return {
-      data: updatedUser,
-      message: t9("users.success.updated"),
-      status: "success"
-    };
-  }
-  async delete(id) {
-    const result = await this.userService.delete(id);
-    return {
-      data: result,
-      message: t9("users.success.deleted"),
-      status: "success"
-    };
-  }
-  async deleteAll() {
-    const result = await this.userService.deleteAll();
-    return {
-      data: result,
-      message: t9("users.success.allDeleted"),
-      status: "success"
-    };
-  }
-  async assignRole(userId, roleId) {
-    await this.userService.assignRole(userId, roleId);
-    return {
-      message: t9("users.success.updated"),
-      status: "success"
-    };
-  }
-  async removeRole(userId) {
-    await this.userService.removeRole(userId);
-    return {
-      message: t9("users.success.updated"),
-      status: "success"
-    };
-  }
-};
-__decorateClass([
-  Get4(),
-  isAdmin()
-], UserController.prototype, "getUsers", 1);
-__decorateClass([
-  Get4("/lang"),
-  isAuth()
-], UserController.prototype, "getLang", 1);
-__decorateClass([
-  Post4("/lang/:language"),
-  isAuth(),
-  __decorateParam(0, Params4("language"))
-], UserController.prototype, "updateLang", 1);
-__decorateClass([
-  Get4("/:id"),
-  isAdmin(),
-  __decorateParam(0, Params4("id"))
-], UserController.prototype, "getUser", 1);
-__decorateClass([
-  Get4("/email/:email"),
-  isAdmin(),
-  __decorateParam(0, Params4("email"))
-], UserController.prototype, "getByEmail", 1);
-__decorateClass([
-  Get4("/role/:userId"),
-  isAdmin(),
-  __decorateParam(0, Params4("userId"))
-], UserController.prototype, "getRole", 1);
-__decorateClass([
-  Post4(),
-  isAdmin(),
-  __decorateParam(0, Body4())
-], UserController.prototype, "create", 1);
-__decorateClass([
-  Put3("/:id"),
-  isAdmin(),
-  __decorateParam(0, Params4("id")),
-  __decorateParam(1, Body4())
-], UserController.prototype, "update", 1);
-__decorateClass([
-  Delete3("/:id"),
-  isAdmin(),
-  __decorateParam(0, Params4("id"))
-], UserController.prototype, "delete", 1);
-__decorateClass([
-  Delete3(),
-  isAdmin()
-], UserController.prototype, "deleteAll", 1);
-__decorateClass([
-  Post4("/assign/:userId/:roleId"),
-  isAdmin(),
-  __decorateParam(0, Params4("userId")),
-  __decorateParam(1, Params4("roleId"))
-], UserController.prototype, "assignRole", 1);
-__decorateClass([
-  Delete3("/remove/:userId"),
-  isAdmin(),
-  __decorateParam(0, Params4("userId"))
-], UserController.prototype, "removeRole", 1);
-UserController = __decorateClass([
-  Controller4("/users")
-], UserController);
-
-// src/plugin.ts
-var AuthPlugin = {
-  name: "najm-auth",
-  version: "0.1.3",
-  database: "default",
-  controllers: [
-    UserController,
-    AuthController,
-    RoleController,
-    PermissionController
-  ],
-  services: [
-    UserService,
-    AuthService,
-    CookieService,
-    EncryptionService,
-    RoleService,
-    PermissionService,
-    TokenService
-  ],
-  repositories: [
-    UserRepository,
-    RoleRepository,
-    PermissionRepository,
-    TokenRepository
-  ],
-  providers: [
-    UserValidator,
-    RoleValidator,
-    PermissionValidator,
-    RoleGuards,
-    PermissionGuards
-  ],
-  onSetup: async () => {
-    console.log("  \u2713 najm-auth plugin initialized");
-    console.log("    - Authentication endpoints ready");
-    console.log("    - Authorization system active");
-    console.log("    - Database connection established");
-  },
-  onTeardown: async () => {
-    console.log("  \u2713 najm-auth plugin cleanup complete");
-  }
-};
-export {
-  AuthController,
-  AuthPlugin,
-  AuthService,
-  CookieService,
-  ENUMS,
-  EncryptionService,
-  Permission,
-  PermissionController,
-  PermissionGuards,
-  PermissionRepository,
-  PermissionService,
-  PermissionValidator,
-  ROLES,
-  ROLE_GROUPS,
-  Role,
-  RoleChecker,
-  RoleController,
-  RoleGuards,
-  RoleRepository,
-  RoleService,
-  RoleValidator,
-  TokenRepository,
-  TokenService,
-  UserController,
-  UserRepository,
-  UserService,
-  UserValidator,
-  alertPriorityEnum,
-  alertSchema,
-  alertStatusEnum,
-  alertTypeEnum,
-  announcementSchema,
-  assessmentSchema,
-  assessmentStatusEnum,
-  assessmentTypeEnum,
-  assignmentSchema,
-  assignmentStatusEnum,
-  assignmentsSchema,
-  attendanceSchema,
-  attendanceStatusEnum,
-  avatarsPath,
-  bulkAssessmentSchema,
-  bulkFeeFormSchema,
-  bulkFeeItemSchema,
-  busStatusEnum,
-  calculateAge,
-  calculateYearsOfExperience,
-  calendarSystemEnum,
-  classSchema,
-  classStatusEnum,
-  clean,
-  dateRangeSchema,
-  dayOfWeekEnum,
-  driverSchema,
-  driverStatusEnum,
-  employmentTypeEnum,
-  enrollmentStatusEnum,
-  eventParticipantSchema,
-  eventSchema,
-  eventStatusEnum,
-  eventTypeEnum,
-  eventVisibilityEnum,
-  examSchema,
-  examSecurityEnum,
-  examStatusEnum,
-  examTypeEnum,
-  expenseApprovalSchema,
-  expenseCategoryEnum,
-  expensePaymentSchema,
-  expenseSchema,
-  expenseStatusEnum,
-  feeInstallmentSchema,
-  feeInstallmentStatusEnum,
-  feePaymentSchema,
-  feeSchema,
-  feeStatusEnum,
-  feeTypeSchema,
-  feeTypeStatusEnum,
-  feesSchema,
-  fileStatusEnum,
-  formatDate,
-  fuelTypeEnum,
-  fullStudentSchema,
-  genderEnum,
-  getAvatarFile,
-  getEnumConfig,
-  getEnumValues,
-  gradeSchema,
-  gradeStatusEnum,
-  idField,
-  idParamSchema,
-  isAccounting,
-  isAdmin,
-  isAdministrator,
-  isAuth,
-  isEmpty,
-  isFile,
-  isFinancial,
-  isParent,
-  isPath,
-  isPrincipal,
-  isSecretary,
-  isStaff,
-  isStudent,
-  isTeacher,
-  languageEnum,
-  maintenanceStatusEnum,
-  maintenanceTypeEnum,
-  maritalStatusEnum,
-  paginationSchema,
-  parentSchema,
-  parentsSchema,
-  parseSchema,
-  participantTypeEnum,
-  paymentAllocationSchema,
-  paymentMethodEnum,
-  paymentStatusEnum,
-  paymentTypeEnum,
-  permissionsTable,
-  pickProps,
-  proficiencyLevelEnum,
-  refuelSchema,
-  refuelStatusEnum,
-  relationshipTypeEnum,
-  rolePermissionsTable,
-  roleSchema,
-  rolesTable,
-  scheduleEnum,
-  sectionSchema,
-  sectionStatusEnum,
-  semesterEnum,
-  settingsSchema,
-  studentSchema,
-  studentStatusEnum,
-  subjectSchema,
-  submissionTypeEnum,
-  teacherFullSchema,
-  teacherPersonalSchema,
-  teacherProfessionalSchema,
-  teacherStatusEnum,
-  tokenStatusEnum,
-  tokenTypeEnum,
-  tokensTable,
-  trackerModeEnum,
-  userSchema,
-  userStatusEnum,
-  userTypeEnum,
-  usersTable,
-  vehicleDocumentTypeEnum,
-  vehicleSchema,
-  vehicleStatusEnum,
-  vehicleTypeEnum
-};