node-type-registry 0.47.0 → 0.48.0

package/codegen/generate-types.js

@@ -827,7 +827,7 @@ function buildProgram(meta) {
     statements.push(buildFieldTypeInterface());
     statements.push(buildFieldDefaultInterface());
     // -- Parameter interfaces grouped by category --
-    const categoryOrder = ['billing', 'check', 'data', 'event', 'limit', 'limit_enforce', 'limit_track', 'limit_warning', 'search', 'job', 'process', 'authz', 'relation', 'view'];
+    const categoryOrder = ['billing', 'check', 'data', 'event', 'guard', 'limit', 'limit_enforce', 'limit_track', 'limit_warning', 'search', 'job', 'process', 'authz', 'relation', 'view'];
     for (const cat of categoryOrder) {
         const nts = categories.get(cat);
         if (!nts || nts.length === 0)

package/esm/codegen/generate-types.js

@@ -792,7 +792,7 @@ function buildProgram(meta) {
     statements.push(buildFieldTypeInterface());
     statements.push(buildFieldDefaultInterface());
     // -- Parameter interfaces grouped by category --
-    const categoryOrder = ['billing', 'check', 'data', 'event', 'limit', 'limit_enforce', 'limit_track', 'limit_warning', 'search', 'job', 'process', 'authz', 'relation', 'view'];
+    const categoryOrder = ['billing', 'check', 'data', 'event', 'guard', 'limit', 'limit_enforce', 'limit_track', 'limit_warning', 'search', 'job', 'process', 'authz', 'relation', 'view'];
     for (const cat of categoryOrder) {
         const nts = categories.get(cat);
         if (!nts || nts.length === 0)

package/esm/guard/index.d.ts

@@ -0,0 +1 @@
+export { GuardStepUp } from './step-up';

package/esm/guard/index.js

@@ -0,0 +1 @@
+export { GuardStepUp } from './step-up';

package/esm/guard/step-up.d.ts

@@ -0,0 +1,2 @@
+import type { NodeTypeDefinition } from '../types';
+export declare const GuardStepUp: NodeTypeDefinition;

package/esm/guard/step-up.js

@@ -0,0 +1,37 @@
+import { conditionDefs, conditionProperties } from '../conditions';
+export const GuardStepUp = {
+    name: 'GuardStepUp',
+    slug: 'guard_step_up',
+    category: 'guard',
+    display_name: 'Guard Step-Up',
+    description: 'Attaches a BEFORE trigger that calls require_step_up() to enforce recent ' +
+        'password or MFA verification before allowing mutations. Requires a ' +
+        'provisioned sessions_module (with app_settings_auth) for the target database. ' +
+        'The step_up_window is read from app_settings_auth at runtime (default 30 minutes). ' +
+        'Supports compound conditions (AND/OR/NOT), watch_fields (fire only when specific ' +
+        'fields change), and simple condition_field/condition_value leaf conditions.',
+    parameter_schema: {
+        type: 'object',
+        $defs: conditionDefs,
+        properties: {
+            step_up_type: {
+                type: 'string',
+                enum: ['password', 'mfa', 'password_or_mfa'],
+                description: 'Which verification method satisfies the step-up requirement',
+                default: 'password_or_mfa',
+            },
+            events: {
+                type: 'array',
+                items: {
+                    type: 'string',
+                    enum: ['INSERT', 'UPDATE', 'DELETE'],
+                },
+                description: 'Which DML events require step-up verification',
+                default: ['UPDATE', 'DELETE'],
+            },
+            ...conditionProperties,
+        },
+        required: [],
+    },
+    tags: ['guard', 'triggers', 'auth', 'step-up', 'mfa', 'security'],
+};

package/esm/index.d.ts

@@ -3,6 +3,7 @@ export * from './blueprint-types.generated';
 export * from './conditions';
 export * from './data';
 export * from './event';
+export * from './guard';
 export * from './job';
 export * from './limit';
 export * from './module-presets';

package/esm/index.js

@@ -3,6 +3,7 @@ export * from './blueprint-types.generated';
 export * from './conditions';
 export * from './data';
 export * from './event';
+export * from './guard';
 export * from './job';
 export * from './limit';
 export * from './module-presets';
@@ -12,6 +13,7 @@ export * from './view';
 import * as authz from './authz';
 import * as data from './data';
 import * as event from './event';
+import * as guard from './guard';
 import * as job from './job';
 import * as limit from './limit';
 import * as process from './process';
@@ -21,6 +23,7 @@ export const allNodeTypes = [
     ...Object.values(authz),
     ...Object.values(data),
     ...Object.values(event),
+    ...Object.values(guard),
     ...Object.values(job),
     ...Object.values(limit),
     ...Object.values(process),

package/guard/index.d.ts

@@ -0,0 +1 @@
+export { GuardStepUp } from './step-up';

package/guard/index.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardStepUp = void 0;
+var step_up_1 = require("./step-up");
+Object.defineProperty(exports, "GuardStepUp", { enumerable: true, get: function () { return step_up_1.GuardStepUp; } });

package/guard/step-up.d.ts

@@ -0,0 +1,2 @@
+import type { NodeTypeDefinition } from '../types';
+export declare const GuardStepUp: NodeTypeDefinition;

package/guard/step-up.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardStepUp = void 0;
+const conditions_1 = require("../conditions");
+exports.GuardStepUp = {
+    name: 'GuardStepUp',
+    slug: 'guard_step_up',
+    category: 'guard',
+    display_name: 'Guard Step-Up',
+    description: 'Attaches a BEFORE trigger that calls require_step_up() to enforce recent ' +
+        'password or MFA verification before allowing mutations. Requires a ' +
+        'provisioned sessions_module (with app_settings_auth) for the target database. ' +
+        'The step_up_window is read from app_settings_auth at runtime (default 30 minutes). ' +
+        'Supports compound conditions (AND/OR/NOT), watch_fields (fire only when specific ' +
+        'fields change), and simple condition_field/condition_value leaf conditions.',
+    parameter_schema: {
+        type: 'object',
+        $defs: conditions_1.conditionDefs,
+        properties: {
+            step_up_type: {
+                type: 'string',
+                enum: ['password', 'mfa', 'password_or_mfa'],
+                description: 'Which verification method satisfies the step-up requirement',
+                default: 'password_or_mfa',
+            },
+            events: {
+                type: 'array',
+                items: {
+                    type: 'string',
+                    enum: ['INSERT', 'UPDATE', 'DELETE'],
+                },
+                description: 'Which DML events require step-up verification',
+                default: ['UPDATE', 'DELETE'],
+            },
+            ...conditions_1.conditionProperties,
+        },
+        required: [],
+    },
+    tags: ['guard', 'triggers', 'auth', 'step-up', 'mfa', 'security'],
+};

package/index.d.ts

@@ -3,6 +3,7 @@ export * from './blueprint-types.generated';
 export * from './conditions';
 export * from './data';
 export * from './event';
+export * from './guard';
 export * from './job';
 export * from './limit';
 export * from './module-presets';

package/index.js

@@ -42,6 +42,7 @@ __exportStar(require("./blueprint-types.generated"), exports);
 __exportStar(require("./conditions"), exports);
 __exportStar(require("./data"), exports);
 __exportStar(require("./event"), exports);
+__exportStar(require("./guard"), exports);
 __exportStar(require("./job"), exports);
 __exportStar(require("./limit"), exports);
 __exportStar(require("./module-presets"), exports);
@@ -51,6 +52,7 @@ __exportStar(require("./view"), exports);
 const authz = __importStar(require("./authz"));
 const data = __importStar(require("./data"));
 const event = __importStar(require("./event"));
+const guard = __importStar(require("./guard"));
 const job = __importStar(require("./job"));
 const limit = __importStar(require("./limit"));
 const process = __importStar(require("./process"));
@@ -60,6 +62,7 @@ exports.allNodeTypes = [
     ...Object.values(authz),
     ...Object.values(data),
     ...Object.values(event),
+    ...Object.values(guard),
     ...Object.values(job),
     ...Object.values(limit),
     ...Object.values(process),

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "node-type-registry",
-  "version": "0.47.0",
+  "version": "0.48.0",
   "description": "Node type definitions for the Constructive blueprint system. Single source of truth for all Authz*, Data*, Relation*, and View* node types.",
   "author": "Constructive <developers@constructive.io>",
   "main": "index.js",
@@ -47,5 +47,5 @@
     "registry",
     "graphile"
   ],
-  "gitHead": "c9ff6a6cec5d8cb455010b190b78c3d055097981"
+  "gitHead": "d6a34a51d5e889443c2345c80ccfcea050875bda"
 }