nuxt-auto-crud 1.31.0 → 2.1.1

package/README.md

@@ -1,44 +1,264 @@
-# Nuxt Auto CRUD
+# nuxt-auto-crud (nac 2.x)
 
-**Nuxt Auto CRUD is a headless, zero-codegen CRUD engine that transforms Drizzle ORM schemas into fully functional RESTful APIs for Nuxt 4.** 
+**Zero-Codegen Dynamic RESTful CRUD APIs** derived directly from schemas. It eliminates the need to manually write or generate boilerplate for CRUD operations.
 
-| Specification | Details |
-| :--- | :--- |
-| **Runtime** | Nuxt 4 (`app/` directory), Nitro |
-| **Persistence** | SQLite / libSQL (Optimized for Cloudflare D1) |
-| **ORM & SSOT** | Drizzle ORM (Schema-driven) |
-| **Validation** | `drizzle-zod` (Dynamic derivation) |
+---
+
+## 🚀 Core Features
+
+* **Zero-Codegen Dynamic RESTful CRUD APIs**: nuxt-auto-crud leverages Drizzle ORM, Zod, Nuxt, and Nitro to eliminate the need for manual CRUD coding.
+* **Single Source of Truth (SSOT)**: Your Drizzle schemas (`schema/db/schema`) define the entire API structure and validation.
+* **Constant Bundle Size**: Since no code is generated, the bundle size remains virtually identical whether you have one table or one hundred (scaling only with your schema definitions).
+---
+
+## Installation Guide
+
+```bash
+bun create nuxt@latest my-app
+npx nuxi module add hub
+bun add drizzle-orm@beta @libsql/client nuxt-auto-crud
+bun add -D drizzle-kit@beta
+
+```
+
+### Configuration
+
+Update `nuxt.config.ts`:
+
+```typescript
+export default defineNuxtConfig({
+  modules: [
+    '@nuxthub/core',
+    'nuxt-auto-crud'
+  ],
+  hub: {
+    db: 'sqlite'
+  }
+})
+
+```
+
+### Schema Definition
+
+Define your schema in `server/database/schema.ts`:
+
+```typescript
+import { sqliteTable, text, integer } from 'drizzle-orm/sqlite-core'
+
+export const users = sqliteTable('users', {
+  id: integer().primaryKey({ autoIncrement: true }),
+  name: text().notNull(),
+  email: text().notNull().unique(),
+  password: text().notNull(),
+  avatar: text().notNull(),
+  createdAt: integer({ mode: 'timestamp' }).notNull().$defaultFn(() => new Date()),
+})
+
+```
+
+### Initialize and Run
+
+```bash
+npx nuxi generate
+npx nuxi dev
+
+```
+
+---
+
+## 🌐 Dynamic RESTful CRUD endpoints
+
+Nb: Endpoints follow the pattern `/api/_nac/:model`.
+
+| Method | Endpoint | Action |
+| --- | --- | --- |
+| **GET** | `/:model` | List records (supports filtering & pagination) |
+| **POST** | `/:model` | Create record with Zod validation |
+| **GET** | `/:model/:id` | Fetch single record |
+| **PATCH** | `/:model/:id` | Partial update with validation |
+| **DELETE** | `/:model/:id` | Hard delete |
+
+**Example (`users` table):** 
+
+| Action | HTTP Method | Endpoint | Example Result |
+| --- | --- | --- | --- |
+| **Fetch All** | `GET` | `/api/_nac/users` | List of all users (paginated) |
+| **Create** | `POST` | `/api/_nac/users` | New user record added |
+| **Fetch One** | `GET` | `/api/_nac/users/1` | Details of user with `id: 1` |
+| **Update** | `PATCH` | `/api/_nac/users/1` | Partial update to user `1` |
+| **Delete** | `DELETE` | `/api/_nac/users/1` | User `1` hard deleted from DB |
+
+---
+
+## 🛠 Frontend Integration APIs
+
+In addition to CRUD endpoints, **nac** provides metadata APIs to power dynamic forms and tables in your frontend.
+
+* **List Resources**: `GET /api/_nac/_schemas` returns all tables (excluding system-protected tables).
+* **Resource Metadata**: `GET /api/_nac/_schemas/:resource` returns the field definitions, validation rules, and relationship data for a specific table.
+
+---
+
+### Schema Interface
+
+```typescript
+export interface Field {
+  name: string
+  type: string
+  required?: boolean
+  selectOptions?: string[]
+  references?: string
+  isReadOnly?: boolean
+}
+
+export interface SchemaDefinition {
+  resource: string
+  labelField: string
+  fields: Field[]
+}
 
-## 🛠 Architectural Logic: Zero-Codegen
-NAC treats your Drizzle schema as the **Single Source of Truth (SSOT)**. Unlike traditional scaffolds, it does not generate physical files; it mounts dynamic Nitro handlers at runtime.
+```
 
-* **Dynamic Routing**: Automatically maps `GET|POST|PATCH|DELETE` to your Drizzle tables.
-* **Real-time Sync**: Built-in SSE broadcasting for `create`, `update`, and `delete` events.
-* **Agentic Compatibility**: Built with an MCP-friendly structure to allow AI Agents to interact directly with the schema-driven API.
+### Example Response
 
-## 🔐 RBAC & Permissions
-Integrates with `nuxt-authorization` for database-driven Role-Based Access Control.
-* **Ownership Logic**: Supports `update_own` and `delete_own` via `createdBy` column reflection.
-* **Granular Scopes**: Fine-grained control over `list` vs `list_all` (drafts/soft-deleted).
+`GET /api/_nac/_schemas/users`
 
-## 🌐 Endpoints
-| Method | Endpoint | Description |
-| :--- | :--- | :--- |
-| `GET` | `/api/:model` | List with filtering/paging |
-| `POST` | `/api/:model` | Validated creation |
-| `GET` | `/api/:model/:id` | Single record retrieval |
-| `PATCH` | `/api/:model/:id` | Partial validated update |
-| `DELETE` | `/api/:model/:id` | Soft/Hard deletion |
+```json
+{
+  "resource": "users",
+  "labelField": "name",
+  "fields": [
+    { "name": "id", "type": "string", "required": true, "isReadOnly": true },
+    { "name": "name", "type": "string", "required": true, "isReadOnly": false },
+    { "name": "email", "type": "string", "required": true, "isReadOnly": false }
+  ]
+}
 
+```
 ---
 
-## Installation
-It is highly recommended to use the [Template](https://auto-crud.clifland.in/docs/auto-crud) for new installations.
+## 🛡 Security & Configuration
 
-If you are adding it to an existing application, refer to the [Manual Installation](https://auto-crud.clifland.in/docs/manual-installation) guide.
+Enabling `authentication` in the `autoCrud` config protects all **nac** routes (`/api/_nac/*`), except those explicitly defined in `publicResources`.
 
-[YouTube Walkthrough](https://www.youtube.com/watch?v=_o0cddJUU50&list=PLnbvxcojhIixqM1J08Tnm7vmMdx2wsy4B)
+### 🔒 Access Control & Data Safety
 
-[NPM Package](https://www.npmjs.com/package/nuxt-auto-crud)
+* **`apiHiddenFields`**: Globally hides sensitive columns from all API responses. Default: `['password', 'secret', 'token', 'reset_token', 'reset_expires', 'github_id', 'google_id']`.
+* **`formHiddenFields`**: Columns excluded from the frontend schema metadata to prevent user input. Defaults to `apiHiddenFields` plus system-managed fields like `id`, `uuid`, `createdAt`, `updatedAt`, `createdBy`, etc.
+* **Response Scrubbing**: If a field is in `apiHiddenFields` or does not exist in the schema, it is silently stripped from the response even if listed in `publicResources`.
 
-[Creator: Clifland](https://www.clifland.in/)
+---
+
+### ⚙️ Configuration Reference
+
+| Key | Default | Description |
+| --- | --- | --- |
+| `realtime` | `false` | Enables/disables real-time capabilities. |
+| `auth.authentication` | `true` | Requires a valid session for all NAC routes. |
+| `auth.authorization` | `true` | Enables role/owner-based access checks. |
+| `auth.ownerKey` | `'ownerId'` | The column name used to identify the record creator. |
+| `publicResources` | `{}` | Defines tables and specific columns accessible without auth. |
+| `nacEndpointPrefix` | `'/api/_nac'` | The base path for NAC routes. Access via `useRuntimeConfig().public.autoCrud`. |
+| `schemaPath` | `'server/db/schema'` | Location of your Drizzle schema files. |
+
+### Example `nuxt.config.ts`
+
+```typescript
+autoCrud: {
+  realtime: false,
+  auth: {
+    authentication: true,
+    authorization: true,
+    ownerKey: 'ownerId', 
+  },
+  publicResources: {
+    users: ['id', 'name', 'email'],
+  },
+  apiHiddenFields: ['password'], 
+  agenticToken: process.env.NAC_AGENTIC_TOKEN, 
+  formHiddenFields: [], 
+  nacEndpointPrefix: '/api/_nac',
+  schemaPath: 'server/db/schema',
+}
+
+```
+
+> **Note**: Modify `nacEndpointPrefix` or `schemaPath` only if the Nuxt/Nitro conventions change.
+---
+
+## 🛡 Filtering & Performance Optimization
+
+### Automatic Status Filtering
+
+To align with standard application behavior, **nac** automatically filters records if a `status` column exists. By default, it will only return **active** records, reducing boilerplate for soft-state management.
+
+### Ownership & Permissions
+
+While the implementing app handles the authentication layer, **nac** provides a standardized way to enforce record ownership and granular access.
+
+If your middleware populates `event.context.nac` with `resourcePermissions`, **nac** automatically injects the necessary SQL filters.
+
+**Example: Restricting users to their own records**
+If the permissions array includes `'list_own'`, **nac** appends a filter where `ownerCol === userId`.
+
+```typescript
+// Example: Setting context in your Auth Middleware
+event.context.nac = {
+  userId: user.id,
+  resourcePermissions: user.permissions[model], // e.g., ['list_own', 'list']
+  record: null, // Optional: Pre-fetched record to prevent double-hitting the DB
+}
+
+```
+
+### Optimization: Skip Redundant Fetches 
+
+If your middleware has already fetched the record, pass it to `event.context.nac.record` (as shown above). **nac** will use this object instead of executing an additional database query.
+
+---
+
+## 📡 Real-time Synchronization (SSE)
+
+When `realtime` is enabled, all `create`, `update`, and `delete` operations are automatically broadcasted:
+
+```typescript
+if (realtime) {
+  void broadcast({
+    table: model,
+    action: 'create',
+    primaryKey: newRecord.id,
+    data: newRecord,
+  })
+}
+
+```
+
+### Frontend Usage
+
+NAC provides a `useNacAutoCrudSSE` composable to listen for these changes in your frontend:
+
+```typescript
+useNacAutoCrudSSE(({ table, action, data: sseData, primaryKey }) => {
+  // Optional: Filter by specific table
+  // if (table !== currentTable.value) return
+
+  if (action === 'update') {
+    // updateRow(primaryKey, sseData)
+  }
+
+  if (action === 'create') {
+    // addRow(sseData)
+  }
+
+  if (action === 'delete') {
+    // removeRow(primaryKey)
+  }
+})
+
+```
+---
+
+## ⚠️ Limitations
+**Database Support:** Currently optimized for SQLite/libSQL only.
+
+---

package/dist/module.d.mts

@@ -1,58 +1,28 @@
 import * as _nuxt_schema from '@nuxt/schema';
 
 interface ModuleOptions {
-    /**
-     * Path to the database schema file
-     * @default 'server/database/schema'
-     */
-    schemaPath?: string;
-    /**
-     * Authentication configuration
-     */
-    auth?: boolean | AuthOptions;
-    /**
-     * Resource-specific configuration
-     * Define column visibility for unauthenticated users
-     */
-    resources?: {
-        [modelName: string]: string[];
+    realtime: boolean;
+    schemaPath: string;
+    auth: {
+        authentication: boolean;
+        authorization: boolean;
+        ownerKey: string;
     };
-    /**
-     * Fields that should be automatically hashed before storage
-     * @default ['password']
-     */
-    hashedFields?: string[];
+    apiHiddenFields: string[]; /** Sensitive: Never leaves the server */
+    agenticToken: string;
+    publicResources: Record<string, string[]>; /** Allowed fields for public apis */
+    nacEndpointPrefix: string;
+    formHiddenFields: string[]; /** UI: Hidden from forms */
 }
-interface AuthOptions {
-    /**
-     * Authentication type
-     * @default 'session'
-     */
-    type?: 'session' | 'jwt';
-    /**
-     * JWT Secret (required if type is 'jwt')
-     */
-    jwtSecret?: string;
-    /**
-     * Enable authentication checks (requires nuxt-auth-utils for session)
-     * @default false
-     */
-    authentication: boolean;
-    /**
-     * Enable authorization checks (requires nuxt-authorization)
-     * @default false
-     */
-    authorization?: boolean;
-}
-interface RuntimeModuleOptions extends Omit<ModuleOptions, 'auth'> {
-    auth: AuthOptions;
-}
-
 declare module '@nuxt/schema' {
     interface RuntimeConfig {
-        autoCrud: RuntimeModuleOptions;
+        autoCrud: Omit<ModuleOptions, 'nacEndpointPrefix' | 'formHiddenFields'>;
+    }
+    interface PublicRuntimeConfig {
+        autoCrud: Pick<ModuleOptions, 'nacEndpointPrefix' | 'formHiddenFields'>;
     }
 }
+
 declare const _default: _nuxt_schema.NuxtModule<ModuleOptions, ModuleOptions, false>;
 
 export { _default as default };

package/dist/module.json

@@ -1,9 +1,9 @@
 {
   "name": "nuxt-auto-crud",
   "configKey": "autoCrud",
-  "version": "1.31.0",
+  "version": "2.1.1",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
-    "unbuild": "3.6.1"
+    "unbuild": "unknown"
   }
 }

package/dist/module.mjs

@@ -1,4 +1,5 @@
-import { defineNuxtModule, createResolver, addImportsDir, hasNuxtModule, addServerImports, addServerHandler, addServerImportsDir } from '@nuxt/kit';
+import { defineNuxtModule, createResolver, addImportsDir, addServerImportsDir, addServerHandler } from '@nuxt/kit';
+import { NAC_FORM_HIDDEN_FIELDS, NAC_API_HIDDEN_FIELDS } from '../dist/runtime/server/utils/constants.js';
 
 const module$1 = defineNuxtModule({
   meta: {
@@ -6,104 +7,60 @@ const module$1 = defineNuxtModule({
     configKey: "autoCrud"
   },
   defaults: {
+    // Private config
+    realtime: false,
+    auth: {
+      authentication: false,
+      authorization: false,
+      ownerKey: "createdBy"
+    },
+    publicResources: {},
+    apiHiddenFields: NAC_API_HIDDEN_FIELDS,
+    agenticToken: "",
     schemaPath: "server/db/schema",
-    auth: false
+    // Public config
+    formHiddenFields: NAC_FORM_HIDDEN_FIELDS,
+    nacEndpointPrefix: "/api/_nac"
   },
   async setup(options, nuxt) {
+    const prefix = options.nacEndpointPrefix || "/api/_nac";
     const resolver = createResolver(import.meta.url);
-    const schemaPath = resolver.resolve(
-      nuxt.options.rootDir,
-      options.schemaPath
-    );
-    nuxt.options.alias["#site/schema"] = schemaPath;
-    addImportsDir(resolver.resolve(nuxt.options.rootDir, "shared/utils"));
-    const stubsPath = resolver.resolve("./runtime/server/stubs/auth");
-    if (!hasNuxtModule("nuxt-auth-utils")) {
-      addServerImports([
-        { name: "requireUserSession", from: stubsPath },
-        { name: "getUserSession", from: stubsPath },
-        { name: "hashPassword", from: stubsPath }
-      ]);
-    }
-    if (!hasNuxtModule("nuxt-authorization")) {
-      addServerImports([
-        { name: "allows", from: stubsPath },
-        { name: "abilities", from: stubsPath },
-        { name: "abilityLogic", from: stubsPath }
-      ]);
-    }
-    nuxt.options.alias["#authorization"] ||= "nuxt-authorization/utils";
-    const mergedAuth = options.auth === false ? { authentication: false, authorization: false, type: "session" } : {
-      authentication: true,
-      authorization: options.auth === true,
-      type: "session",
-      ...typeof options.auth === "object" ? options.auth : {}
-    };
-    nuxt.options.runtimeConfig.autoCrud = {
-      auth: {
-        authentication: mergedAuth.authentication ?? false,
-        authorization: mergedAuth.authorization ?? false,
-        type: mergedAuth.type ?? "session",
-        jwtSecret: mergedAuth.jwtSecret
-      },
-      resources: {
-        ...options.resources
-      },
-      hashedFields: options.hashedFields ?? ["password"]
-    };
-    const apiDir = resolver.resolve("./runtime/server/api");
-    addServerHandler({
-      route: "/api/_schema",
-      method: "get",
-      handler: resolver.resolve(apiDir, "_schema/index.get")
-    });
-    addServerHandler({
-      route: "/api/_schema/:table",
-      method: "get",
-      handler: resolver.resolve(apiDir, "_schema/[table].get")
-    });
-    addServerHandler({
-      route: "/api/_relations",
-      method: "get",
-      handler: resolver.resolve(apiDir, "_relations.get")
-    });
-    addServerHandler({
-      route: "/api/_meta",
-      method: "get",
-      handler: resolver.resolve(apiDir, "_meta.get")
-    });
-    addServerHandler({
-      route: "/api/sse",
-      method: "get",
-      handler: resolver.resolve(apiDir, "sse")
-    });
-    addServerHandler({
-      route: "/api/:model",
-      method: "get",
-      handler: resolver.resolve(apiDir, "[model]/index.get")
-    });
-    addServerHandler({
-      route: "/api/:model",
-      method: "post",
-      handler: resolver.resolve(apiDir, "[model]/index.post")
-    });
-    addServerHandler({
-      route: "/api/:model/:id",
-      method: "get",
-      handler: resolver.resolve(apiDir, "[model]/[id].get")
-    });
-    addServerHandler({
-      route: "/api/:model/:id",
-      method: "patch",
-      handler: resolver.resolve(apiDir, "[model]/[id].patch")
+    nuxt.options.alias["#nac/shared"] = resolver.resolve("./runtime/shared");
+    nuxt.options.alias["#nac/types"] = resolver.resolve("./runtime/server/types");
+    nuxt.options.alias["#nac/schema"] = resolver.resolve(nuxt.options.rootDir, options.schemaPath);
+    const { formHiddenFields, nacEndpointPrefix, ...privateOptions } = options;
+    nuxt.options.runtimeConfig.autoCrud = privateOptions;
+    nuxt.options.runtimeConfig.public.autoCrud = { formHiddenFields, nacEndpointPrefix };
+    addImportsDir(resolver.resolve("./runtime/composables"));
+    addServerImportsDir(resolver.resolve("./runtime/server/utils"));
+    nuxt.hook("prepare:types", ({ references }) => {
+      references.push({ path: resolver.resolve("./runtime/types/index.d.ts") });
     });
     addServerHandler({
-      route: "/api/:model/:id",
-      method: "delete",
-      handler: resolver.resolve(apiDir, "[model]/[id].delete")
+      middleware: true,
+      handler: resolver.resolve("./runtime/server/middleware/nac-guard")
     });
-    addServerImportsDir(resolver.resolve("./runtime/server/utils"));
-    addImportsDir(resolver.resolve("./runtime/composables"));
+    const apiDir = resolver.resolve("./runtime/server/api/_nac");
+    const routes = [
+      // Dynamic CRUD Endpoints
+      { path: "/:model", method: "get", handler: "[model]/index.get" },
+      { path: "/:model", method: "post", handler: "[model]/index.post" },
+      { path: "/:model/:id", method: "get", handler: "[model]/[id].get" },
+      { path: "/:model/:id", method: "patch", handler: "[model]/[id].patch" },
+      { path: "/:model/:id", method: "delete", handler: "[model]/[id].delete" },
+      // System Endpoints
+      { path: "/_schemas", method: "get", handler: "_schemas/index.get" },
+      { path: "/_schemas/:model", method: "get", handler: "_schemas/[model].get" },
+      { path: "/_meta", method: "get", handler: "_meta.get" },
+      { path: "/_sse", method: "get", handler: "_sse.get" }
+    ];
+    for (const route of routes) {
+      addServerHandler({
+        route: `${prefix}${route.path}`,
+        method: route.method,
+        handler: resolver.resolve(apiDir, route.handler)
+      });
+    }
   }
 });
 

package/dist/runtime/composables/{useAutoCrudSSE.d.ts → useNacAutoCrudSSE.d.ts}

@@ -4,4 +4,4 @@ export interface AutoCrudEvent {
     data: Record<string, unknown>;
     primaryKey: string | number;
 }
-export declare function useAutoCrudSSE(onEvent: (e: AutoCrudEvent) => void): void;
+export declare function useNacAutoCrudSSE(onEvent: (e: AutoCrudEvent) => void): void;

package/dist/runtime/composables/useNacAutoCrudSSE.js

@@ -0,0 +1,21 @@
+export function useNacAutoCrudSSE(onEvent) {
+  let source = null;
+  onMounted(() => {
+    if (typeof window === "undefined" || !("EventSource" in window)) return;
+    source = new EventSource(`/api/_nac/_sse`);
+    source.onerror = (err) => {
+      console.error("[NAC] SSE Connection Error:", err);
+    };
+    source.addEventListener("crud", (e) => {
+      try {
+        const payload = JSON.parse(e.data);
+        onEvent(payload);
+      } catch (err) {
+        console.error("[NAC] SSE Parse Error:", err);
+      }
+    });
+  });
+  onBeforeUnmount(() => {
+    source?.close();
+  });
+}

package/dist/runtime/server/api/_nac/[model]/[id].delete.js

@@ -0,0 +1,22 @@
+import { eventHandler, getRouterParams } from "h3";
+import { useRuntimeConfig } from "#imports";
+import { modelTableMap } from "../../../utils/modelMapper.js";
+import { nacDeleteRow } from "../../../utils/queries.js";
+import { broadcast } from "../../../utils/sse-bus.js";
+import { ResourceNotFoundError } from "../../../exceptions.js";
+export default eventHandler(async (event) => {
+  const { model, id } = getRouterParams(event);
+  const table = modelTableMap[model];
+  if (!table) throw new ResourceNotFoundError(model);
+  const deletedRecord = await nacDeleteRow(table, id);
+  const { realtime } = useRuntimeConfig().autoCrud;
+  if (realtime) {
+    void broadcast({
+      table: model,
+      action: "delete",
+      primaryKey: deletedRecord.id,
+      data: deletedRecord
+    });
+  }
+  return deletedRecord;
+});

package/dist/runtime/server/api/{[model] → _nac/[model]}/[id].get.d.ts

@@ -1,2 +1,2 @@
-declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<Record<string, unknown>>>;
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<any>>;
 export default _default;

package/dist/runtime/server/api/_nac/[model]/[id].get.js

@@ -0,0 +1,10 @@
+import { eventHandler, getRouterParams } from "h3";
+import { modelTableMap } from "../../../utils/modelMapper.js";
+import { nacGetRow } from "../../../utils/queries.js";
+import { ResourceNotFoundError } from "../../../exceptions.js";
+export default eventHandler(async (event) => {
+  const { model, id } = getRouterParams(event);
+  const table = modelTableMap[model];
+  if (!table) throw new ResourceNotFoundError(model);
+  return await nacGetRow(table, id, event.context.nac || {});
+});

package/dist/runtime/server/api/{[model] → _nac/[model]}/[id].patch.d.ts

@@ -1,2 +1,2 @@
-declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<Record<string, unknown>>>;
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<any>>;
 export default _default;

package/dist/runtime/server/api/_nac/[model]/[id].patch.js

@@ -0,0 +1,25 @@
+import { eventHandler, getRouterParams, readBody } from "h3";
+import { useRuntimeConfig } from "#imports";
+import { modelTableMap } from "../../../utils/modelMapper.js";
+import { resolveValidatedSchema } from "../../../utils/validator.js";
+import { nacUpdateRow } from "../../../utils/queries.js";
+import { broadcast } from "../../../utils/sse-bus.js";
+import { ResourceNotFoundError } from "../../../exceptions.js";
+export default eventHandler(async (event) => {
+  const { model, id } = getRouterParams(event);
+  const body = await readBody(event);
+  const table = modelTableMap[model];
+  if (!table) throw new ResourceNotFoundError(model);
+  const validatedData = await resolveValidatedSchema(table, "patch").parseAsync(body);
+  const updatedRecord = await nacUpdateRow(table, id, validatedData, event.context.nac || {});
+  const { realtime } = useRuntimeConfig().autoCrud;
+  if (realtime) {
+    void broadcast({
+      table: model,
+      action: "update",
+      primaryKey: updatedRecord.id,
+      data: updatedRecord
+    });
+  }
+  return updatedRecord;
+});

package/dist/runtime/server/api/{_schema → _nac/[model]}/index.get.d.ts

@@ -1,2 +1,2 @@
-declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<Record<string, any>>>;
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<any>>;
 export default _default;

package/dist/runtime/server/api/_nac/[model]/index.get.js

@@ -0,0 +1,11 @@
+import { eventHandler, getRouterParams } from "h3";
+import { modelTableMap } from "../../../utils/modelMapper.js";
+import { nacGetRows } from "../../../utils/queries.js";
+import { ResourceNotFoundError } from "../../../exceptions.js";
+export default eventHandler(async (event) => {
+  const { model } = getRouterParams(event);
+  const table = modelTableMap[model];
+  if (!table) throw new ResourceNotFoundError(model);
+  const results = await nacGetRows(table, event.context.nac || {});
+  return results;
+});

package/dist/runtime/server/api/{[model] → _nac/[model]}/index.post.d.ts

@@ -1,2 +1,2 @@
-declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<Record<string, unknown>>>;
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<any>>;
 export default _default;