node-type-registry 0.19.0 → 0.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/authz/authz-allow-all.js +10 -10
  2. package/authz/authz-composite.js +28 -28
  3. package/authz/authz-deny-all.js +10 -10
  4. package/authz/authz-direct-owner-any.js +19 -18
  5. package/authz/authz-direct-owner.js +17 -16
  6. package/authz/authz-entity-membership.js +39 -38
  7. package/authz/authz-member-list.js +17 -16
  8. package/authz/authz-membership-check.js +34 -34
  9. package/authz/authz-not-read-only.js +23 -22
  10. package/authz/authz-org-hierarchy.js +33 -31
  11. package/authz/authz-peer-ownership.js +40 -39
  12. package/authz/authz-publishable.js +26 -24
  13. package/authz/authz-related-entity-membership.js +57 -55
  14. package/authz/authz-related-member-list.js +35 -32
  15. package/authz/authz-related-peer-ownership.js +62 -59
  16. package/authz/authz-temporal.js +32 -30
  17. package/authz/index.d.ts +9 -9
  18. package/authz/index.js +19 -19
  19. package/blueprint-types.generated.js +1 -1
  20. package/codegen/generate-types.js +1 -1
  21. package/data/data-composite-field.js +27 -25
  22. package/data/data-direct-owner.js +24 -23
  23. package/data/data-entity-membership.js +24 -23
  24. package/data/data-force-current-user.js +17 -16
  25. package/data/data-id.js +16 -15
  26. package/data/data-immutable-fields.js +20 -19
  27. package/data/data-inflection.js +33 -32
  28. package/data/data-inherit-from-parent.js +31 -29
  29. package/data/data-job-trigger.js +87 -84
  30. package/data/data-jsonb.js +27 -26
  31. package/data/data-owned-fields.js +25 -23
  32. package/data/data-ownership-in-entity.js +21 -21
  33. package/data/data-peoplestamps.js +19 -19
  34. package/data/data-publishable.js +16 -16
  35. package/data/data-slug.js +21 -19
  36. package/data/data-soft-delete.js +14 -14
  37. package/data/data-status-field.js +32 -31
  38. package/data/data-tags.js +23 -22
  39. package/data/data-timestamps.js +15 -15
  40. package/data/index.d.ts +17 -17
  41. package/data/index.js +35 -35
  42. package/data/search-bm25.js +34 -33
  43. package/data/search-full-text.js +49 -47
  44. package/data/search-spatial-aggregate.js +77 -74
  45. package/data/search-spatial.js +51 -50
  46. package/data/search-trgm.js +20 -19
  47. package/data/search-unified.js +170 -162
  48. package/data/search-vector.js +104 -101
  49. package/data/table-organization-settings.js +13 -13
  50. package/data/table-user-profiles.js +13 -13
  51. package/data/table-user-settings.js +13 -13
  52. package/esm/authz/authz-allow-all.js +10 -10
  53. package/esm/authz/authz-composite.js +28 -28
  54. package/esm/authz/authz-deny-all.js +10 -10
  55. package/esm/authz/authz-direct-owner-any.js +19 -18
  56. package/esm/authz/authz-direct-owner.js +17 -16
  57. package/esm/authz/authz-entity-membership.js +39 -38
  58. package/esm/authz/authz-member-list.js +17 -16
  59. package/esm/authz/authz-membership-check.js +34 -34
  60. package/esm/authz/authz-not-read-only.js +23 -22
  61. package/esm/authz/authz-org-hierarchy.js +33 -31
  62. package/esm/authz/authz-peer-ownership.js +40 -39
  63. package/esm/authz/authz-publishable.js +26 -24
  64. package/esm/authz/authz-related-entity-membership.js +57 -55
  65. package/esm/authz/authz-related-member-list.js +35 -32
  66. package/esm/authz/authz-related-peer-ownership.js +62 -59
  67. package/esm/authz/authz-temporal.js +32 -30
  68. package/esm/authz/index.d.ts +9 -9
  69. package/esm/authz/index.js +9 -9
  70. package/esm/blueprint-types.generated.js +1 -1
  71. package/esm/codegen/generate-types.js +1 -1
  72. package/esm/data/data-composite-field.js +27 -25
  73. package/esm/data/data-direct-owner.js +24 -23
  74. package/esm/data/data-entity-membership.js +24 -23
  75. package/esm/data/data-force-current-user.js +17 -16
  76. package/esm/data/data-id.js +16 -15
  77. package/esm/data/data-immutable-fields.js +20 -19
  78. package/esm/data/data-inflection.js +33 -32
  79. package/esm/data/data-inherit-from-parent.js +31 -29
  80. package/esm/data/data-job-trigger.js +87 -84
  81. package/esm/data/data-jsonb.js +27 -26
  82. package/esm/data/data-owned-fields.js +25 -23
  83. package/esm/data/data-ownership-in-entity.js +21 -21
  84. package/esm/data/data-peoplestamps.js +19 -19
  85. package/esm/data/data-publishable.js +16 -16
  86. package/esm/data/data-slug.js +21 -19
  87. package/esm/data/data-soft-delete.js +14 -14
  88. package/esm/data/data-status-field.js +32 -31
  89. package/esm/data/data-tags.js +23 -22
  90. package/esm/data/data-timestamps.js +15 -15
  91. package/esm/data/index.d.ts +17 -17
  92. package/esm/data/index.js +17 -17
  93. package/esm/data/search-bm25.js +34 -33
  94. package/esm/data/search-full-text.js +49 -47
  95. package/esm/data/search-spatial-aggregate.js +77 -74
  96. package/esm/data/search-spatial.js +51 -50
  97. package/esm/data/search-trgm.js +20 -19
  98. package/esm/data/search-unified.js +170 -162
  99. package/esm/data/search-vector.js +104 -101
  100. package/esm/data/table-organization-settings.js +13 -13
  101. package/esm/data/table-user-profiles.js +13 -13
  102. package/esm/data/table-user-settings.js +13 -13
  103. package/esm/index.d.ts +3 -3
  104. package/esm/index.js +3 -3
  105. package/esm/module-presets/auth-email-magic.js +2 -2
  106. package/esm/module-presets/auth-email.js +8 -8
  107. package/esm/module-presets/auth-passkey.js +4 -4
  108. package/esm/module-presets/auth-sso.js +7 -7
  109. package/esm/module-presets/full.js +1 -1
  110. package/esm/module-presets/index.d.ts +5 -5
  111. package/esm/module-presets/index.js +4 -4
  112. package/esm/relation/index.d.ts +1 -1
  113. package/esm/relation/index.js +1 -1
  114. package/esm/relation/relation-belongs-to.js +41 -40
  115. package/esm/relation/relation-has-many.js +42 -41
  116. package/esm/relation/relation-has-one.js +42 -41
  117. package/esm/relation/relation-many-to-many.js +70 -68
  118. package/esm/relation/relation-spatial.js +54 -54
  119. package/esm/view/index.d.ts +3 -3
  120. package/esm/view/index.js +3 -3
  121. package/esm/view/view-aggregated.js +50 -48
  122. package/esm/view/view-composite.js +18 -18
  123. package/esm/view/view-filtered-table.js +37 -36
  124. package/esm/view/view-joined-tables.js +65 -61
  125. package/esm/view/view-table-projection.js +29 -28
  126. package/index.d.ts +3 -3
  127. package/index.js +3 -3
  128. package/module-presets/auth-email-magic.js +2 -2
  129. package/module-presets/auth-email.js +8 -8
  130. package/module-presets/auth-passkey.js +4 -4
  131. package/module-presets/auth-sso.js +7 -7
  132. package/module-presets/full.js +1 -1
  133. package/module-presets/index.d.ts +5 -5
  134. package/module-presets/index.js +7 -7
  135. package/package.json +2 -2
  136. package/relation/index.d.ts +1 -1
  137. package/relation/index.js +3 -3
  138. package/relation/relation-belongs-to.js +41 -40
  139. package/relation/relation-has-many.js +42 -41
  140. package/relation/relation-has-one.js +42 -41
  141. package/relation/relation-many-to-many.js +70 -68
  142. package/relation/relation-spatial.js +54 -54
  143. package/view/index.d.ts +3 -3
  144. package/view/index.js +7 -7
  145. package/view/view-aggregated.js +50 -48
  146. package/view/view-composite.js +18 -18
  147. package/view/view-filtered-table.js +37 -36
  148. package/view/view-joined-tables.js +65 -61
  149. package/view/view-table-projection.js +29 -28
package/esm/authz/authz-org-hierarchy.js CHANGED
@@ -1,42 +1,44 @@
1
1
  export const AuthzOrgHierarchy = {
2
- "name": "AuthzOrgHierarchy",
3
- "slug": "authz_org_hierarchy",
4
- "category": "authz",
5
- "display_name": "Org Hierarchy",
6
- "description": "Organizational hierarchy visibility using closure table. Managers can see subordinate data or subordinates can see manager data.",
7
- "parameter_schema": {
8
- "type": "object",
9
- "properties": {
10
- "direction": {
11
- "type": "string",
12
- "enum": [
13
- "up",
14
- "down"
2
+ name: 'AuthzOrgHierarchy',
3
+ slug: 'authz_org_hierarchy',
4
+ category: 'authz',
5
+ display_name: 'Org Hierarchy',
6
+ description: 'Organizational hierarchy visibility using closure table. Managers can see subordinate data or subordinates can see manager data.',
7
+ parameter_schema: {
8
+ type: 'object',
9
+ properties: {
10
+ direction: {
11
+ type: 'string',
12
+ enum: [
13
+ 'up',
14
+ 'down'
15
15
  ],
16
- "description": "down=manager sees subordinates, up=subordinate sees managers"
16
+ description: 'down=manager sees subordinates, up=subordinate sees managers'
17
17
  },
18
- "entity_field": {
19
- "type": "string",
20
- "description": "Field referencing the org entity",
21
- "default": "entity_id"
18
+ entity_field: {
19
+ type: 'string',
20
+ format: 'column-ref',
21
+ description: 'Field referencing the org entity',
22
+ default: 'entity_id'
22
23
  },
23
- "anchor_field": {
24
- "type": "string",
25
- "description": "Field referencing the user (e.g., owner_id)"
24
+ anchor_field: {
25
+ type: 'string',
26
+ format: 'column-ref',
27
+ description: 'Field referencing the user (e.g., owner_id)'
26
28
  },
27
- "max_depth": {
28
- "type": "integer",
29
- "description": "Optional max depth to limit visibility"
29
+ max_depth: {
30
+ type: 'integer',
31
+ description: 'Optional max depth to limit visibility'
30
32
  }
31
33
  },
32
- "required": [
33
- "direction",
34
- "anchor_field"
34
+ required: [
35
+ 'direction',
36
+ 'anchor_field'
35
37
  ]
36
38
  },
37
- "tags": [
38
- "membership",
39
- "hierarchy",
40
- "authz"
39
+ tags: [
40
+ 'membership',
41
+ 'hierarchy',
42
+ 'authz'
41
43
  ]
42
44
  };
package/esm/authz/authz-peer-ownership.js CHANGED
@@ -1,54 +1,55 @@
1
1
  export const AuthzPeerOwnership = {
2
- "name": "AuthzPeerOwnership",
3
- "slug": "authz_peer_ownership",
4
- "category": "authz",
5
- "display_name": "Peer Ownership",
6
- "description": "Peer visibility through shared entity membership. Authorizes access to user-owned rows when the owner and current user are both members of the same entity. Self-joins the SPRT table to find peers.",
7
- "parameter_schema": {
8
- "type": "object",
9
- "properties": {
10
- "owner_field": {
11
- "type": "string",
12
- "description": "Column name on protected table referencing the owning user (e.g., owner_id)"
2
+ name: 'AuthzPeerOwnership',
3
+ slug: 'authz_peer_ownership',
4
+ category: 'authz',
5
+ display_name: 'Peer Ownership',
6
+ description: 'Peer visibility through shared entity membership. Authorizes access to user-owned rows when the owner and current user are both members of the same entity. Self-joins the SPRT table to find peers.',
7
+ parameter_schema: {
8
+ type: 'object',
9
+ properties: {
10
+ owner_field: {
11
+ type: 'string',
12
+ format: 'column-ref',
13
+ description: 'Column name on protected table referencing the owning user (e.g., owner_id)'
13
14
  },
14
- "membership_type": {
15
- "type": [
16
- "integer",
17
- "string"
15
+ membership_type: {
16
+ type: [
17
+ 'integer',
18
+ 'string'
18
19
  ],
19
- "description": "Scope: 1=app, 2=org, 3+=dynamic entity types (or string name resolved via membership_types_module)"
20
+ description: 'Scope: 1=app, 2=org, 3+=dynamic entity types (or string name resolved via membership_types_module)'
20
21
  },
21
- "entity_type": {
22
- "type": "string",
23
- "description": "Entity type prefix (e.g. 'channel', 'department'). Resolved to membership_type integer via memberships_module lookup. Use instead of membership_type for readability."
22
+ entity_type: {
23
+ type: 'string',
24
+ description: "Entity type prefix (e.g. 'channel', 'department'). Resolved to membership_type integer via memberships_module lookup. Use instead of membership_type for readability."
24
25
  },
25
- "permission": {
26
- "type": "string",
27
- "description": "Single permission name to check on the current user membership (resolved to bitstring mask)"
26
+ permission: {
27
+ type: 'string',
28
+ description: 'Single permission name to check on the current user membership (resolved to bitstring mask)'
28
29
  },
29
- "permissions": {
30
- "type": "array",
31
- "items": {
32
- "type": "string"
30
+ permissions: {
31
+ type: 'array',
32
+ items: {
33
+ type: 'string'
33
34
  },
34
- "description": "Multiple permission names to check on the current user membership (ORed together into mask)"
35
+ description: 'Multiple permission names to check on the current user membership (ORed together into mask)'
35
36
  },
36
- "is_admin": {
37
- "type": "boolean",
38
- "description": "If true, require is_admin flag on current user membership"
37
+ is_admin: {
38
+ type: 'boolean',
39
+ description: 'If true, require is_admin flag on current user membership'
39
40
  },
40
- "is_owner": {
41
- "type": "boolean",
42
- "description": "If true, require is_owner flag on current user membership"
41
+ is_owner: {
42
+ type: 'boolean',
43
+ description: 'If true, require is_owner flag on current user membership'
43
44
  }
44
45
  },
45
- "required": [
46
- "owner_field"
46
+ required: [
47
+ 'owner_field'
47
48
  ]
48
49
  },
49
- "tags": [
50
- "membership",
51
- "peer",
52
- "authz"
50
+ tags: [
51
+ 'membership',
52
+ 'peer',
53
+ 'authz'
53
54
  ]
54
55
  };
package/esm/authz/authz-publishable.js CHANGED
@@ -1,32 +1,34 @@
1
1
  export const AuthzPublishable = {
2
- "name": "AuthzPublishable",
3
- "slug": "authz_publishable",
4
- "category": "authz",
5
- "display_name": "Published Content",
6
- "description": "Published state access control. Restricts access to records that are published.",
7
- "parameter_schema": {
8
- "type": "object",
9
- "properties": {
10
- "is_published_field": {
11
- "type": "string",
12
- "description": "Boolean field indicating published state",
13
- "default": "is_published"
2
+ name: 'AuthzPublishable',
3
+ slug: 'authz_publishable',
4
+ category: 'authz',
5
+ display_name: 'Published Content',
6
+ description: 'Published state access control. Restricts access to records that are published.',
7
+ parameter_schema: {
8
+ type: 'object',
9
+ properties: {
10
+ is_published_field: {
11
+ type: 'string',
12
+ format: 'column-ref',
13
+ description: 'Boolean field indicating published state',
14
+ default: 'is_published'
14
15
  },
15
- "published_at_field": {
16
- "type": "string",
17
- "description": "Timestamp field for publish time",
18
- "default": "published_at"
16
+ published_at_field: {
17
+ type: 'string',
18
+ format: 'column-ref',
19
+ description: 'Timestamp field for publish time',
20
+ default: 'published_at'
19
21
  },
20
- "require_published_at": {
21
- "type": "boolean",
22
- "description": "Require published_at to be non-null and <= now()",
23
- "default": true
22
+ require_published_at: {
23
+ type: 'boolean',
24
+ description: 'Require published_at to be non-null and <= now()',
25
+ default: true
24
26
  }
25
27
  }
26
28
  },
27
- "tags": [
28
- "temporal",
29
- "publishing",
30
- "authz"
29
+ tags: [
30
+ 'temporal',
31
+ 'publishing',
32
+ 'authz'
31
33
  ]
32
34
  };
package/esm/authz/authz-related-entity-membership.js CHANGED
@@ -1,75 +1,77 @@
1
1
  export const AuthzRelatedEntityMembership = {
2
- "name": "AuthzRelatedEntityMembership",
3
- "slug": "authz_related_entity_membership",
4
- "category": "authz",
5
- "display_name": "Related Entity Membership",
6
- "description": "JOIN-based membership verification through related tables. Joins SPRT table with another table to verify membership.",
7
- "parameter_schema": {
8
- "type": "object",
9
- "properties": {
10
- "entity_field": {
11
- "type": "string",
12
- "description": "Column name on protected table referencing the join table"
2
+ name: 'AuthzRelatedEntityMembership',
3
+ slug: 'authz_related_entity_membership',
4
+ category: 'authz',
5
+ display_name: 'Related Entity Membership',
6
+ description: 'JOIN-based membership verification through related tables. Joins SPRT table with another table to verify membership.',
7
+ parameter_schema: {
8
+ type: 'object',
9
+ properties: {
10
+ entity_field: {
11
+ type: 'string',
12
+ format: 'column-ref',
13
+ description: 'Column name on protected table referencing the join table'
13
14
  },
14
- "membership_type": {
15
- "type": [
16
- "integer",
17
- "string"
15
+ membership_type: {
16
+ type: [
17
+ 'integer',
18
+ 'string'
18
19
  ],
19
- "description": "Scope: 1=app, 2=org, 3+=dynamic entity types (or string name resolved via membership_types_module)"
20
+ description: 'Scope: 1=app, 2=org, 3+=dynamic entity types (or string name resolved via membership_types_module)'
20
21
  },
21
- "entity_type": {
22
- "type": "string",
23
- "description": "Entity type prefix (e.g. 'channel', 'department'). Resolved to membership_type integer via memberships_module lookup. Use instead of membership_type for readability."
22
+ entity_type: {
23
+ type: 'string',
24
+ description: "Entity type prefix (e.g. 'channel', 'department'). Resolved to membership_type integer via memberships_module lookup. Use instead of membership_type for readability."
24
25
  },
25
- "obj_table_id": {
26
- "type": "string",
27
- "format": "uuid",
28
- "description": "UUID of the join table (alternative to obj_schema/obj_table)"
26
+ obj_table_id: {
27
+ type: 'string',
28
+ format: 'uuid',
29
+ description: 'UUID of the join table (alternative to obj_schema/obj_table)'
29
30
  },
30
- "obj_schema": {
31
- "type": "string",
32
- "description": "Schema of the join table (or use obj_table_id)"
31
+ obj_schema: {
32
+ type: 'string',
33
+ description: 'Schema of the join table (or use obj_table_id)'
33
34
  },
34
- "obj_table": {
35
- "type": "string",
36
- "description": "Name of the join table (or use obj_table_id)"
35
+ obj_table: {
36
+ type: 'string',
37
+ description: 'Name of the join table (or use obj_table_id)'
37
38
  },
38
- "obj_field_id": {
39
- "type": "string",
40
- "format": "uuid",
41
- "description": "UUID of field on join table (alternative to obj_field)"
39
+ obj_field_id: {
40
+ type: 'string',
41
+ format: 'uuid',
42
+ description: 'UUID of field on join table (alternative to obj_field)'
42
43
  },
43
- "obj_field": {
44
- "type": "string",
45
- "description": "Field name on join table to match against SPRT entity_id"
44
+ obj_field: {
45
+ type: 'string',
46
+ format: 'column-ref',
47
+ description: 'Field name on join table to match against SPRT entity_id'
46
48
  },
47
- "permission": {
48
- "type": "string",
49
- "description": "Single permission name to check (resolved to bitstring mask)"
49
+ permission: {
50
+ type: 'string',
51
+ description: 'Single permission name to check (resolved to bitstring mask)'
50
52
  },
51
- "permissions": {
52
- "type": "array",
53
- "items": {
54
- "type": "string"
53
+ permissions: {
54
+ type: 'array',
55
+ items: {
56
+ type: 'string'
55
57
  },
56
- "description": "Multiple permission names to check (ORed together into mask)"
58
+ description: 'Multiple permission names to check (ORed together into mask)'
57
59
  },
58
- "is_admin": {
59
- "type": "boolean",
60
- "description": "If true, require is_admin flag"
60
+ is_admin: {
61
+ type: 'boolean',
62
+ description: 'If true, require is_admin flag'
61
63
  },
62
- "is_owner": {
63
- "type": "boolean",
64
- "description": "If true, require is_owner flag"
64
+ is_owner: {
65
+ type: 'boolean',
66
+ description: 'If true, require is_owner flag'
65
67
  }
66
68
  },
67
- "required": [
68
- "entity_field"
69
+ required: [
70
+ 'entity_field'
69
71
  ]
70
72
  },
71
- "tags": [
72
- "membership",
73
- "authz"
73
+ tags: [
74
+ 'membership',
75
+ 'authz'
74
76
  ]
75
77
  };
package/esm/authz/authz-related-member-list.js CHANGED
@@ -1,43 +1,46 @@
1
1
  export const AuthzRelatedMemberList = {
2
- "name": "AuthzRelatedMemberList",
3
- "slug": "authz_related_member_list",
4
- "category": "authz",
5
- "display_name": "Related Member List",
6
- "description": "Array membership check in a related table.",
7
- "parameter_schema": {
8
- "type": "object",
9
- "properties": {
10
- "owned_schema": {
11
- "type": "string",
12
- "description": "Schema of the related table"
2
+ name: 'AuthzRelatedMemberList',
3
+ slug: 'authz_related_member_list',
4
+ category: 'authz',
5
+ display_name: 'Related Member List',
6
+ description: 'Array membership check in a related table.',
7
+ parameter_schema: {
8
+ type: 'object',
9
+ properties: {
10
+ owned_schema: {
11
+ type: 'string',
12
+ description: 'Schema of the related table'
13
13
  },
14
- "owned_table": {
15
- "type": "string",
16
- "description": "Name of the related table"
14
+ owned_table: {
15
+ type: 'string',
16
+ description: 'Name of the related table'
17
17
  },
18
- "owned_table_key": {
19
- "type": "string",
20
- "description": "Array column in related table"
18
+ owned_table_key: {
19
+ type: 'string',
20
+ format: 'column-ref',
21
+ description: 'Array column in related table'
21
22
  },
22
- "owned_table_ref_key": {
23
- "type": "string",
24
- "description": "FK column in related table"
23
+ owned_table_ref_key: {
24
+ type: 'string',
25
+ format: 'column-ref',
26
+ description: 'FK column in related table'
25
27
  },
26
- "this_object_key": {
27
- "type": "string",
28
- "description": "PK column in protected table"
28
+ this_object_key: {
29
+ type: 'string',
30
+ format: 'column-ref',
31
+ description: 'PK column in protected table'
29
32
  }
30
33
  },
31
- "required": [
32
- "owned_schema",
33
- "owned_table",
34
- "owned_table_key",
35
- "owned_table_ref_key",
36
- "this_object_key"
34
+ required: [
35
+ 'owned_schema',
36
+ 'owned_table',
37
+ 'owned_table_key',
38
+ 'owned_table_ref_key',
39
+ 'this_object_key'
37
40
  ]
38
41
  },
39
- "tags": [
40
- "ownership",
41
- "authz"
42
+ tags: [
43
+ 'ownership',
44
+ 'authz'
42
45
  ]
43
46
  };
package/esm/authz/authz-related-peer-ownership.js CHANGED
@@ -1,80 +1,83 @@
1
1
  export const AuthzRelatedPeerOwnership = {
2
- "name": "AuthzRelatedPeerOwnership",
3
- "slug": "authz_related_peer_ownership",
4
- "category": "authz",
5
- "display_name": "Related Peer Ownership",
6
- "description": "Peer visibility through shared entity membership via a related table. Like AuthzPeerOwnership but the owning user is resolved through a FK JOIN to a related table. Combines SPRT self-join with object table JOIN.",
7
- "parameter_schema": {
8
- "type": "object",
9
- "properties": {
10
- "entity_field": {
11
- "type": "string",
12
- "description": "Column name on protected table referencing the related table (e.g., message_id)"
2
+ name: 'AuthzRelatedPeerOwnership',
3
+ slug: 'authz_related_peer_ownership',
4
+ category: 'authz',
5
+ display_name: 'Related Peer Ownership',
6
+ description: 'Peer visibility through shared entity membership via a related table. Like AuthzPeerOwnership but the owning user is resolved through a FK JOIN to a related table. Combines SPRT self-join with object table JOIN.',
7
+ parameter_schema: {
8
+ type: 'object',
9
+ properties: {
10
+ entity_field: {
11
+ type: 'string',
12
+ format: 'column-ref',
13
+ description: 'Column name on protected table referencing the related table (e.g., message_id)'
13
14
  },
14
- "membership_type": {
15
- "type": [
16
- "integer",
17
- "string"
15
+ membership_type: {
16
+ type: [
17
+ 'integer',
18
+ 'string'
18
19
  ],
19
- "description": "Scope: 1=app, 2=org, 3+=dynamic entity types (or string name resolved via membership_types_module)"
20
+ description: 'Scope: 1=app, 2=org, 3+=dynamic entity types (or string name resolved via membership_types_module)'
20
21
  },
21
- "entity_type": {
22
- "type": "string",
23
- "description": "Entity type prefix (e.g. 'channel', 'department'). Resolved to membership_type integer via memberships_module lookup. Use instead of membership_type for readability."
22
+ entity_type: {
23
+ type: 'string',
24
+ description: "Entity type prefix (e.g. 'channel', 'department'). Resolved to membership_type integer via memberships_module lookup. Use instead of membership_type for readability."
24
25
  },
25
- "obj_table_id": {
26
- "type": "string",
27
- "format": "uuid",
28
- "description": "UUID of the related table (alternative to obj_schema/obj_table)"
26
+ obj_table_id: {
27
+ type: 'string',
28
+ format: 'uuid',
29
+ description: 'UUID of the related table (alternative to obj_schema/obj_table)'
29
30
  },
30
- "obj_schema": {
31
- "type": "string",
32
- "description": "Schema of the related table (or use obj_table_id)"
31
+ obj_schema: {
32
+ type: 'string',
33
+ description: 'Schema of the related table (or use obj_table_id)'
33
34
  },
34
- "obj_table": {
35
- "type": "string",
36
- "description": "Name of the related table (or use obj_table_id)"
35
+ obj_table: {
36
+ type: 'string',
37
+ description: 'Name of the related table (or use obj_table_id)'
37
38
  },
38
- "obj_field_id": {
39
- "type": "string",
40
- "format": "uuid",
41
- "description": "UUID of field on related table containing the owner user ID (alternative to obj_field)"
39
+ obj_field_id: {
40
+ type: 'string',
41
+ format: 'uuid',
42
+ description: 'UUID of field on related table containing the owner user ID (alternative to obj_field)'
42
43
  },
43
- "obj_field": {
44
- "type": "string",
45
- "description": "Field name on related table containing the owner user ID (e.g., sender_id)"
44
+ obj_field: {
45
+ type: 'string',
46
+ format: 'column-ref',
47
+ description: 'Field name on related table containing the owner user ID (e.g., sender_id)'
46
48
  },
47
- "obj_ref_field": {
48
- "type": "string",
49
- "description": "Field on related table to select for matching entity_field (defaults to id)"
49
+ obj_ref_field: {
50
+ type: 'string',
51
+ format: 'column-ref',
52
+ description: 'Field on related table to select for matching entity_field (defaults to id)'
50
53
  },
51
- "permission": {
52
- "type": "string",
53
- "description": "Single permission name to check on the current user membership (resolved to bitstring mask)"
54
+ permission: {
55
+ type: 'string',
56
+ description: 'Single permission name to check on the current user membership (resolved to bitstring mask)'
54
57
  },
55
- "permissions": {
56
- "type": "array",
57
- "items": {
58
- "type": "string"
58
+ permissions: {
59
+ type: 'array',
60
+ items: {
61
+ type: 'string'
59
62
  },
60
- "description": "Multiple permission names to check on the current user membership (ORed together into mask)"
63
+ description: 'Multiple permission names to check on the current user membership (ORed together into mask)'
61
64
  },
62
- "is_admin": {
63
- "type": "boolean",
64
- "description": "If true, require is_admin flag on current user membership"
65
+ is_admin: {
66
+ type: 'boolean',
67
+ description: 'If true, require is_admin flag on current user membership'
65
68
  },
66
- "is_owner": {
67
- "type": "boolean",
68
- "description": "If true, require is_owner flag on current user membership"
69
+ is_owner: {
70
+ type: 'boolean',
71
+ description: 'If true, require is_owner flag on current user membership'
69
72
  }
70
73
  },
71
- "required": [
72
- "entity_field"
74
+ required: [
75
+ 'entity_field'
73
76
  ]
74
77
  },
75
- "tags": [
76
- "membership",
77
- "peer",
78
- "authz"
78
+ tags: [
79
+ 'membership',
80
+ 'peer',
81
+ 'authz'
79
82
  ]
80
83
  };