over-zero 0.0.0 → 0.0.1

package/dist/esm/createPermissions.js

@@ -1,17 +1,14 @@
-import { createLocalStorage, ensure, EnsureError } from "@vxrn/helpers";
+import { ANYONE_CAN, definePermissions } from "@rocicorp/zero";
+import { ensure, EnsureError, objectEntries } from "@vxrn/helpers";
+import { runWithContext } from "./helpers/context";
 import { prettyFormatZeroQuery } from "./helpers/prettyFormatZeroQuery";
-function createPermissions(schema, getContext) {
-  runEnvironmentSafetyCheck();
-  const permissionCache = createLocalStorage("permissions-cache", {
-    storageLimit: 24
-  });
-  function where(a, b) {
-    return b && WhereTableNameMap.set(b, a), b || a;
-  }
-  const WhereTableNameMap = /* @__PURE__ */ new WeakMap();
-  function getWhereTableName(where2) {
-    return WhereTableNameMap.get(where2);
-  }
+import { getWhereTableName } from "./where";
+function createPermissions({
+  environment,
+  schema,
+  models,
+  getContext
+}) {
   const fallbackActions = {
     select: "read",
     insert: "write",
@@ -23,7 +20,10 @@ function createPermissions(schema, getContext) {
     const tableName = getWhereTableName(permissionWhere);
     if (!tableName)
       throw new Error("Must use PermissionWhere for buildPermissionQuery");
-    const primaryKeys = schema.tables[tableName].primaryKey, permissionQueryBuilder = permissionWhere(eb, authData), fallbackAction = fallbackActions[action], permissionCondition = permissionQueryBuilder[action] || (fallbackAction ? permissionQueryBuilder[fallbackAction] : void 0);
+    const tableSchema = schema.tables[tableName];
+    if (!tableSchema)
+      throw new Error("No schema?");
+    const primaryKeys = tableSchema.primaryKey, permissionQueryBuilder = permissionWhere(eb, authData), fallbackAction = fallbackActions[action], permissionCondition = permissionQueryBuilder[action] || (fallbackAction ? permissionQueryBuilder[fallbackAction] : void 0);
     if (permissionCondition == null)
       throw new Error(`No permission defined for ${action} (or ${fallbackAction})`);
     if (permissionCondition === !0)
@@ -37,26 +37,26 @@ function createPermissions(schema, getContext) {
     }
     return eb.and(permissionCondition, ...primaryKeyWheres);
   }
-  async function can(where2, action, obj) {
-    const ctx = getContext(), tableName = getWhereTableName(where2);
+  async function can(where, action, obj) {
+    const ctx = getContext(), tableName = getWhereTableName(where);
     if (!tableName)
       throw new Error("Must use where('table') style where to pass to can()");
-    process.env.VITE_ENVIRONMENT === "ssr" && (await ensurePermission(
+    environment === "server" && (await ensurePermission(
       ctx.tx,
       ctx.authData,
       tableName,
-      where2,
+      where,
       action,
       obj
     ), ctx.didCanPermissionsRun = !0);
   }
-  async function ensurePermission(tx, authData, tableName, where2, actionIn, obj) {
+  async function ensurePermission(tx, authData, tableName, where, actionIn, obj) {
     if (authData?.role === "admin")
       return;
     const action = String(actionIn), name = `${tableName}.${action}`, queryBase = tx.query[tableName];
     let query = null;
     try {
-      query = queryBase.where((eb) => buildPermissionQuery(authData, eb, where2, action, obj)).one(), ensure(await query);
+      query = queryBase.where((eb) => buildPermissionQuery(authData, eb, where, action, obj)).one(), ensure(await query);
     } catch (err) {
       const errorTitle = `${name} with auth id: ${authData?.id}`;
       if (err instanceof EnsureError) {
@@ -68,38 +68,39 @@ function createPermissions(schema, getContext) {
 ${err}`);
     }
   }
-  function usePermission(table, action, objOrId, enabled = typeof objOrId < "u", debug = !1) {
-    const keyBase = `${table}${action}`, key = `${keyBase}${typeof objOrId == "string" ? objOrId : JSON.stringify(objOrId)}`, cacheVal = permissionCache.get(key) ?? permissionCache.get(keyBase), authData = useAuthData(), permission = modelPermissions[table], query = (() => {
-      let baseQuery = zero.query[table].one();
-      return enabled ? baseQuery.where((eb) => buildPermissionQuery(authData, eb, permission, action, objOrId)) : baseQuery;
-    })(), [data, status] = useQuery(query, {
-      enabled: !!(enabled && authData && objOrId)
-    });
-    debug && console.info(
-      "usePermission()",
-      { data, status, action, authData, permission },
-      prettyFormatZeroQuery(query)
+  const readPermissions = definePermissions(schema, async () => {
+    const permissionsEntries = await Promise.all(
+      objectEntries(models).map(async ([key, model]) => await runWithContext(
+        {
+          authData: { id: "", role: void 0, email: "" }
+        },
+        () => [
+          key,
+          {
+            row: {
+              select: [
+                (authData, eb) => {
+                  const out = model.permissions(eb, authData).read;
+                  return out === !0 ? eb.and() : out === !1 ? eb.cmpLit(!0, "=", !1) : out;
+                }
+              ],
+              // we have permissions on these through our model system with custom mutators:
+              insert: ANYONE_CAN,
+              update: ANYONE_CAN,
+              delete: ANYONE_CAN
+            }
+          }
+        ]
+      ))
     );
-    const allowed = !!data;
-    return objOrId ? allowed : !1;
-  }
+    return Object.fromEntries(permissionsEntries);
+  });
   return {
-    where,
     can,
-    usePermission
+    buildPermissionQuery,
+    readPermissions
   };
 }
-function runEnvironmentSafetyCheck() {
-  typeof document < "u" || typeof navigator < "u" && navigator.product === "ReactNative" || process.env.VITE_ENVIRONMENT !== "ssr" && console.error(`\u274C\u274C\u274C\u274C
-
-ERROR: VITE_ENVIRONMENT is not set to "ssr" on server, which means permissions checks won't run when they should
-This is makes Zero entirely insecure and needs to be fixed immediately.
-
-This is likely a One framework issue, unless the user Vite config is overwriting the value.
-One automatically sets this value.
-        
-        `);
-}
 export {
   createPermissions
 };

package/dist/esm/createPermissions.js.map

@@ -1,6 +1,6 @@
 {
   "version": 3,
   "sources": ["../../src/createPermissions.ts"],
-  "mappings": "AAQA,SAAS,oBAAoB,QAAQ,mBAAmB;AAGxD,SAAS,6BAA6B;AAE/B,SAAS,kBACd,QACA,YACA;AACA,4BAA0B;AAO1B,QAAM,kBAAkB,mBAAoC,qBAAqB;AAAA,IAC/E,cAAc;AAAA,EAChB,CAAC;AAoBD,WAAS,MACP,GACA,GACS;AACT,WAAI,KACF,kBAAkB,IAAI,GAAG,CAAU,GAE7B,KAAK;AAAA,EACf;AAIA,QAAM,oBAAoB,oBAAI,QAA0B;AAExD,WAAS,kBAAkBA,QAAc;AACvC,WAAO,kBAAkB,IAAIA,MAAK;AAAA,EACpC;AAqBA,QAAM,kBAA0C;AAAA,IAC9C,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,EACV;AAEA,WAAS,qBAIP,UACA,IACA,iBACA,QAEA,SACA;AACA,UAAM,YAAY,kBAAkB,eAAe;AAEnD,QAAI,CAAC;AACH,YAAM,IAAI,MAAM,mDAAmD;AAIrE,UAAM,cADc,OAAO,OAAO,SAAS,EACX,YAC1B,yBAAyB,gBAAgB,IAAI,QAAQ,GACrD,iBAAiB,gBAAgB,MAAM,GAEvC,sBACJ,uBAAuB,MAAM,MAC5B,iBAAiB,uBAAuB,cAAc,IAAI;AAE7D,QAAI,uBAAuB;AACzB,YAAM,IAAI,MAAM,6BAA6B,MAAM,QAAQ,cAAc,GAAG;AAG9E,QAAI,wBAAwB;AAC1B,aAAO,GAAG,OAAO,IAAM,KAAK,EAAI;AAGlC,QAAI,wBAAwB;AAC1B,aAAO,GAAG,OAAO,IAAM,KAAK,EAAK;AAGnC,UAAM,mBAAgC,CAAC;AAEvC,eAAW,OAAO,aAAa;AAC7B,YAAM,QAAQ,OAAO,WAAY,WAAW,UAAU,QAAQ,GAAG;AACjE,uBAAiB,KAAK,GAAG,IAAI,KAAY,KAAK,CAAC;AAAA,IACjD;AAEA,WAAO,GAAG,IAAI,qBAAqB,GAAG,gBAAgB;AAAA,EACxD;AAEA,iBAAe,IAGbA,QAAe,QAAgB,KAAU;AACzC,UAAM,MAAM,WAAW,GACjB,YAAY,kBAAkBA,MAAK;AACzC,QAAI,CAAC;AACH,YAAM,IAAI,MAAM,sDAAsD;AAIxE,IAAI,QAAQ,IAAI,qBAAqB,UACnC,MAAM;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACAA;AAAA,MACA;AAAA,MACA;AAAA,IACF,GACA,IAAI,uBAAuB;AAAA,EAE/B;AAIA,iBAAe,iBAIb,IACA,UACA,WACAA,QACA,UACA,KACe;AACf,QAAI,UAAU,SAAS;AAErB;AAGF,UAAM,SAAS,OAAO,QAAQ,GACxB,OAAO,GAAG,SAAS,IAAI,MAAM,IAC7B,YAAY,GAAG,MAAM,SAAS;AACpC,QAAI,QAAqC;AAEzC,QAAI;AACF,cAAQ,UACL,MAAM,CAAC,OACC,qBAAqB,UAAU,IAAIA,QAAO,QAAQ,GAAG,CAC7D,EACA,IAAI,GAEP,OAAO,MAAM,KAAK;AAAA,IACpB,SAAS,KAAK;AACZ,YAAM,aAAa,GAAG,IAAI,kBAAkB,UAAU,EAAE;AAExD,UAAI,eAAe,aAAa;AAC9B,YAAI,MAAM,uCAAgC,UAAU;AACpD,cAAI,QAAQ,IAAI,aAAa,iBAAiB,UAC5C,OAAO;AAAA,GAAM,sBAAsB,KAAK,CAAC,KAErC,IAAI,MAAM,GAAG;AAAA,MACrB;AAEA,YAAM,IAAI,MAAM,4BAA4B,UAAU;AAAA,EAAK,GAAG,EAAE;AAAA,IAClE;AAAA,EACF;AAEA,WAAS,cAIP,OACA,QACA,SACA,UAAU,OAAO,UAAY,KAC7B,QAAQ,IACQ;AAEhB,UAAM,UAAU,GAAG,KAAK,GAAG,MAAM,IAC3B,MAAM,GAAG,OAAO,GAAG,OAAO,WAAY,WAAW,UAAU,KAAK,UAAU,OAAO,CAAC,IAClF,WAAW,gBAAgB,IAAI,GAAG,KAAK,gBAAgB,IAAI,OAAO,GAClE,WAAW,YAAY,GACvB,aAAa,iBAAiB,KAAK,GAEnC,SAAS,MAAM;AACnB,UAAI,YAAY,KAAK,MAAM,KAAK,EAAE,IAAI;AAEtC,aAAK,UAIE,UAAU,MAAM,CAAC,OACf,qBAAqB,UAAU,IAAI,YAAY,QAAQ,OAAc,CAC7E,IALQ;AAAA,IAMX,GAAG,GAEG,CAAC,MAAM,MAAM,IAAI,SAAS,OAAO;AAAA,MACrC,SAAS,GAAQ,WAAW,YAAY;AAAA,IAC1C,CAAC;AAED,IAAI,SACF,QAAQ;AAAA,MACN;AAAA,MACA,EAAE,MAAM,QAAQ,QAAQ,UAAU,WAAW;AAAA,MAC7C,sBAAsB,KAAK;AAAA,IAC7B;AAKF,UAAM,UAAU,EAFD;AAIf,WAAK,UAIE,UAHE;AAAA,EAIX;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAIA,SAAS,4BAA4B;AACnC,EAAI,OAAO,WAAa,OAEb,OAAO,YAAc,OAAe,UAAU,YAAY,iBAI/D,QAAQ,IAAI,qBAAqB,SACnC,QAAQ,MAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,SAQX;AAGT;",
-  "names": ["where"]
+  "mappings": "AAMA,SAAS,YAAY,yBAAyB;AAC9C,SAAS,QAAQ,aAAa,qBAAqB;AACnD,SAAS,sBAAsB;AAC/B,SAAS,6BAA6B;AAEtC,SAAS,yBAAyB;AAE3B,SAAS,kBAA6C;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAKG;AAkBD,QAAM,kBAA0C;AAAA,IAC9C,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,QAAQ;AAAA,EACV;AAEA,WAAS,qBAIP,UACA,IACA,iBACA,QAEA,SACA;AACA,UAAM,YAAY,kBAAkB,eAAe;AAEnD,QAAI,CAAC;AACH,YAAM,IAAI,MAAM,mDAAmD;AAGrE,UAAM,cAAc,OAAO,OAAO,SAAS;AAE3C,QAAI,CAAC;AACH,YAAM,IAAI,MAAM,YAAY;AAG9B,UAAM,cAAc,YAAY,YAC1B,yBAAyB,gBAAgB,IAAI,QAAQ,GACrD,iBAAiB,gBAAgB,MAAM,GAEvC,sBACJ,uBAAuB,MAAM,MAC5B,iBAAiB,uBAAuB,cAAc,IAAI;AAE7D,QAAI,uBAAuB;AACzB,YAAM,IAAI,MAAM,6BAA6B,MAAM,QAAQ,cAAc,GAAG;AAG9E,QAAI,wBAAwB;AAC1B,aAAO,GAAG,OAAO,IAAM,KAAK,EAAI;AAGlC,QAAI,wBAAwB;AAC1B,aAAO,GAAG,OAAO,IAAM,KAAK,EAAK;AAGnC,UAAM,mBAAgC,CAAC;AAEvC,eAAW,OAAO,aAAa;AAC7B,YAAM,QAAQ,OAAO,WAAY,WAAW,UAAU,QAAQ,GAAG;AACjE,uBAAiB,KAAK,GAAG,IAAI,KAAY,KAAK,CAAC;AAAA,IACjD;AAEA,WAAO,GAAG,IAAI,qBAAqB,GAAG,gBAAgB;AAAA,EACxD;AAEA,iBAAe,IAGb,OAAe,QAAgB,KAAU;AACzC,UAAM,MAAM,WAAW,GACjB,YAAY,kBAAkB,KAAK;AACzC,QAAI,CAAC;AACH,YAAM,IAAI,MAAM,sDAAsD;AAIxE,IAAI,gBAAgB,aAClB,MAAM;AAAA,MACJ,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,GACA,IAAI,uBAAuB;AAAA,EAE/B;AAEA,iBAAe,iBAIb,IACA,UACA,WACA,OACA,UACA,KACe;AACf,QAAI,UAAU,SAAS;AAErB;AAGF,UAAM,SAAS,OAAO,QAAQ,GACxB,OAAO,GAAG,SAAS,IAAI,MAAM,IAE7B,YAAY,GAAG,MAAM,SAAS;AACpC,QAAI,QAAqC;AAEzC,QAAI;AACF,cAAQ,UACL,MAAM,CAAC,OACC,qBAAqB,UAAU,IAAI,OAAO,QAAQ,GAAG,CAC7D,EACA,IAAI,GAEP,OAAO,MAAM,KAAK;AAAA,IACpB,SAAS,KAAK;AACZ,YAAM,aAAa,GAAG,IAAI,kBAAkB,UAAU,EAAE;AAExD,UAAI,eAAe,aAAa;AAC9B,YAAI,MAAM,uCAAgC,UAAU;AACpD,cAAI,QAAQ,IAAI,aAAa,iBAAiB,UAC5C,OAAO;AAAA,GAAM,sBAAsB,KAAK,CAAC,KAErC,IAAI,MAAM,GAAG;AAAA,MACrB;AAEA,YAAM,IAAI,MAAM,4BAA4B,UAAU;AAAA,EAAK,GAAG,EAAE;AAAA,IAClE;AAAA,EACF;AAEA,QAAM,kBAAkB,kBAAoC,QAAQ,YAAY;AAC9E,UAAM,qBAAqB,MAAM,QAAQ;AAAA,MACvC,cAAc,MAAM,EAAE,IAAI,OAAO,CAAC,KAAK,KAAK,MACnC,MAAM;AAAA,QACX;AAAA,UACE,UAAU,EAAE,IAAI,IAAI,MAAM,QAAW,OAAO,GAAG;AAAA,QACjD;AAAA,QACA,MACS;AAAA,UACL;AAAA,UACA;AAAA,YACE,KAAK;AAAA,cACH,QAAQ;AAAA,gBACN,CAAC,UAAoB,OAAoC;AACvD,wBAAM,MAAM,MAAM,YAAY,IAAI,QAAQ,EAAE;AAE5C,yBAAI,QAAQ,KACH,GAAG,IAAI,IAGZ,QAAQ,KACH,GAAG,OAAO,IAAM,KAAK,EAAK,IAG5B;AAAA,gBACT;AAAA,cACF;AAAA;AAAA,cAEA,QAAQ;AAAA,cACR,QAAQ;AAAA,cACR,QAAQ;AAAA,YACV;AAAA,UACF;AAAA,QACF;AAAA,MAEJ,CACD;AAAA,IACH;AAIA,WAFoB,OAAO,YAAY,kBAAkB;AAAA,EAG3D,CAAC;AAED,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;",
+  "names": []
 }

package/dist/esm/createPermissions.mjs

@@ -1,17 +1,14 @@
-import { createLocalStorage, ensure, EnsureError } from "@vxrn/helpers";
+import { ANYONE_CAN, definePermissions } from "@rocicorp/zero";
+import { ensure, EnsureError, objectEntries } from "@vxrn/helpers";
+import { runWithContext } from "./helpers/context.mjs";
 import { prettyFormatZeroQuery } from "./helpers/prettyFormatZeroQuery.mjs";
-function createPermissions(schema, getContext) {
-  runEnvironmentSafetyCheck();
-  const permissionCache = createLocalStorage("permissions-cache", {
-    storageLimit: 24
-  });
-  function where(a, b) {
-    return b && WhereTableNameMap.set(b, a), b || a;
-  }
-  const WhereTableNameMap = /* @__PURE__ */new WeakMap();
-  function getWhereTableName(where2) {
-    return WhereTableNameMap.get(where2);
-  }
+import { getWhereTableName } from "./where.mjs";
+function createPermissions({
+  environment,
+  schema,
+  models,
+  getContext
+}) {
   const fallbackActions = {
     select: "read",
     insert: "write",
@@ -22,7 +19,9 @@ function createPermissions(schema, getContext) {
   function buildPermissionQuery(authData, eb, permissionWhere, action, objOrId) {
     const tableName = getWhereTableName(permissionWhere);
     if (!tableName) throw new Error("Must use PermissionWhere for buildPermissionQuery");
-    const primaryKeys = schema.tables[tableName].primaryKey,
+    const tableSchema = schema.tables[tableName];
+    if (!tableSchema) throw new Error("No schema?");
+    const primaryKeys = tableSchema.primaryKey,
       permissionQueryBuilder = permissionWhere(eb, authData),
       fallbackAction = fallbackActions[action],
       permissionCondition = permissionQueryBuilder[action] || (fallbackAction ? permissionQueryBuilder[fallbackAction] : void 0);
@@ -36,20 +35,20 @@ function createPermissions(schema, getContext) {
     }
     return eb.and(permissionCondition, ...primaryKeyWheres);
   }
-  async function can(where2, action, obj) {
+  async function can(where, action, obj) {
     const ctx = getContext(),
-      tableName = getWhereTableName(where2);
+      tableName = getWhereTableName(where);
     if (!tableName) throw new Error("Must use where('table') style where to pass to can()");
-    process.env.VITE_ENVIRONMENT === "ssr" && (await ensurePermission(ctx.tx, ctx.authData, tableName, where2, action, obj), ctx.didCanPermissionsRun = !0);
+    environment === "server" && (await ensurePermission(ctx.tx, ctx.authData, tableName, where, action, obj), ctx.didCanPermissionsRun = !0);
   }
-  async function ensurePermission(tx, authData, tableName, where2, actionIn, obj) {
+  async function ensurePermission(tx, authData, tableName, where, actionIn, obj) {
     if (authData?.role === "admin") return;
     const action = String(actionIn),
       name = `${tableName}.${action}`,
       queryBase = tx.query[tableName];
     let query = null;
     try {
-      query = queryBase.where(eb => buildPermissionQuery(authData, eb, where2, action, obj)).one(), ensure(await query);
+      query = queryBase.where(eb => buildPermissionQuery(authData, eb, where, action, obj)).one(), ensure(await query);
     } catch (err) {
       const errorTitle = `${name} with auth id: ${authData?.id}`;
       if (err instanceof EnsureError) {
@@ -61,45 +60,32 @@ function createPermissions(schema, getContext) {
 ${err}`);
     }
   }
-  function usePermission(table, action, objOrId, enabled = typeof objOrId < "u", debug = !1) {
-    const keyBase = `${table}${action}`,
-      key = `${keyBase}${typeof objOrId == "string" ? objOrId : JSON.stringify(objOrId)}`,
-      cacheVal = permissionCache.get(key) ?? permissionCache.get(keyBase),
-      authData = useAuthData(),
-      permission = modelPermissions[table],
-      query = (() => {
-        let baseQuery = zero.query[table].one();
-        return enabled ? baseQuery.where(eb => buildPermissionQuery(authData, eb, permission, action, objOrId)) : baseQuery;
-      })(),
-      [data, status] = useQuery(query, {
-        enabled: !!(enabled && authData && objOrId)
-      });
-    debug && console.info("usePermission()", {
-      data,
-      status,
-      action,
-      authData,
-      permission
-    }, prettyFormatZeroQuery(query));
-    const allowed = !!data;
-    return objOrId ? allowed : !1;
-  }
+  const readPermissions = definePermissions(schema, async () => {
+    const permissionsEntries = await Promise.all(objectEntries(models).map(async ([key, model]) => await runWithContext({
+      authData: {
+        id: "",
+        role: void 0,
+        email: ""
+      }
+    }, () => [key, {
+      row: {
+        select: [(authData, eb) => {
+          const out = model.permissions(eb, authData).read;
+          return out === !0 ? eb.and() : out === !1 ? eb.cmpLit(!0, "=", !1) : out;
+        }],
+        // we have permissions on these through our model system with custom mutators:
+        insert: ANYONE_CAN,
+        update: ANYONE_CAN,
+        delete: ANYONE_CAN
+      }
+    }])));
+    return Object.fromEntries(permissionsEntries);
+  });
   return {
-    where,
     can,
-    usePermission
+    buildPermissionQuery,
+    readPermissions
   };
 }
-function runEnvironmentSafetyCheck() {
-  typeof document < "u" || typeof navigator < "u" && navigator.product === "ReactNative" || process.env.VITE_ENVIRONMENT !== "ssr" && console.error(`\u274C\u274C\u274C\u274C
-
-ERROR: VITE_ENVIRONMENT is not set to "ssr" on server, which means permissions checks won't run when they should
-This is makes Zero entirely insecure and needs to be fixed immediately.
-
-This is likely a One framework issue, unless the user Vite config is overwriting the value.
-One automatically sets this value.
-        
-        `);
-}
 export { createPermissions };
 //# sourceMappingURL=createPermissions.mjs.map

package/dist/esm/createPermissions.mjs.map

@@ -1 +1 @@
-{"version":3,"names":["createLocalStorage","ensure","EnsureError","prettyFormatZeroQuery","createPermissions","schema","getContext","runEnvironmentSafetyCheck","permissionCache","storageLimit","where","a","b","WhereTableNameMap","set","WeakMap","getWhereTableName","where2","get","fallbackActions","select","insert","update","upsert","delete","buildPermissionQuery","authData","eb","permissionWhere","action","objOrId","tableName","Error","primaryKeys","tables","primaryKey","permissionQueryBuilder","fallbackAction","permissionCondition","cmpLit","primaryKeyWheres","key","value","push","cmp","and","can","obj","ctx","process","env","VITE_ENVIRONMENT","ensurePermission","tx","didCanPermissionsRun","actionIn","role","String","name","queryBase","query","one","err","errorTitle","id","msg","NODE_ENV","usePermission","table","enabled","debug","keyBase","JSON","stringify","cacheVal","useAuthData","permission","modelPermissions","baseQuery","zero","data","status","useQuery","console","info","allowed","document","navigator","product","error"],"sources":["../../src/createPermissions.ts"],"sourcesContent":[null],"mappings":"AAQA,SAASA,kBAAA,EAAoBC,MAAA,EAAQC,WAAA,QAAmB;AAGxD,SAASC,qBAAA,QAA6B;AAE/B,SAASC,kBACdC,MAAA,EACAC,UAAA,EACA;EACAC,yBAAA,CAA0B;EAO1B,MAAMC,eAAA,GAAkBR,kBAAA,CAAoC,qBAAqB;IAC/ES,YAAA,EAAc;EAChB,CAAC;EAoBD,SAASC,MACPC,CAAA,EACAC,CAAA,EACS;IACT,OAAIA,CAAA,IACFC,iBAAA,CAAkBC,GAAA,CAAIF,CAAA,EAAGD,CAAU,GAE7BC,CAAA,IAAKD,CAAA;EACf;EAIA,MAAME,iBAAA,GAAoB,mBAAIE,OAAA,CAA0B;EAExD,SAASC,kBAAkBC,MAAA,EAAc;IACvC,OAAOJ,iBAAA,CAAkBK,GAAA,CAAID,MAAK;EACpC;EAqBA,MAAME,eAAA,GAA0C;IAC9CC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;EACV;EAEA,SAASC,qBAIPC,QAAA,EACAC,EAAA,EACAC,eAAA,EACAC,MAAA,EAEAC,OAAA,EACA;IACA,MAAMC,SAAA,GAAYf,iBAAA,CAAkBY,eAAe;IAEnD,IAAI,CAACG,SAAA,EACH,MAAM,IAAIC,KAAA,CAAM,mDAAmD;IAIrE,MAAMC,WAAA,GADc5B,MAAA,CAAO6B,MAAA,CAAOH,SAAS,EACXI,UAAA;MAC1BC,sBAAA,GAAyBR,eAAA,CAAgBD,EAAA,EAAID,QAAQ;MACrDW,cAAA,GAAiBlB,eAAA,CAAgBU,MAAM;MAEvCS,mBAAA,GACJF,sBAAA,CAAuBP,MAAM,MAC5BQ,cAAA,GAAiBD,sBAAA,CAAuBC,cAAc,IAAI;IAE7D,IAAIC,mBAAA,IAAuB,MACzB,MAAM,IAAIN,KAAA,CAAM,6BAA6BH,MAAM,QAAQQ,cAAc,GAAG;IAG9E,IAAIC,mBAAA,KAAwB,IAC1B,OAAOX,EAAA,CAAGY,MAAA,CAAO,IAAM,KAAK,EAAI;IAGlC,IAAID,mBAAA,KAAwB,IAC1B,OAAOX,EAAA,CAAGY,MAAA,CAAO,IAAM,KAAK,EAAK;IAGnC,MAAMC,gBAAA,GAAgC,EAAC;IAEvC,WAAWC,GAAA,IAAOR,WAAA,EAAa;MAC7B,MAAMS,KAAA,GAAQ,OAAOZ,OAAA,IAAY,WAAWA,OAAA,GAAUA,OAAA,CAAQW,GAAG;MACjED,gBAAA,CAAiBG,IAAA,CAAKhB,EAAA,CAAGiB,GAAA,CAAIH,GAAA,EAAYC,KAAK,CAAC;IACjD;IAEA,OAAOf,EAAA,CAAGkB,GAAA,CAAIP,mBAAA,EAAqB,GAAGE,gBAAgB;EACxD;EAEA,eAAeM,IAGb7B,MAAA,EAAeY,MAAA,EAAgBkB,GAAA,EAAU;IACzC,MAAMC,GAAA,GAAM1C,UAAA,CAAW;MACjByB,SAAA,GAAYf,iBAAA,CAAkBC,MAAK;IACzC,IAAI,CAACc,SAAA,EACH,MAAM,IAAIC,KAAA,CAAM,sDAAsD;IAIpEiB,OAAA,CAAQC,GAAA,CAAIC,gBAAA,KAAqB,UACnC,MAAMC,gBAAA,CACJJ,GAAA,CAAIK,EAAA,EACJL,GAAA,CAAItB,QAAA,EACJK,SAAA,EACAd,MAAA,EACAY,MAAA,EACAkB,GACF,GACAC,GAAA,CAAIM,oBAAA,GAAuB;EAE/B;EAIA,eAAeF,iBAIbC,EAAA,EACA3B,QAAA,EACAK,SAAA,EACAd,MAAA,EACAsC,QAAA,EACAR,GAAA,EACe;IACf,IAAIrB,QAAA,EAAU8B,IAAA,KAAS,SAErB;IAGF,MAAM3B,MAAA,GAAS4B,MAAA,CAAOF,QAAQ;MACxBG,IAAA,GAAO,GAAG3B,SAAS,IAAIF,MAAM;MAC7B8B,SAAA,GAAYN,EAAA,CAAGO,KAAA,CAAM7B,SAAS;IACpC,IAAI6B,KAAA,GAAqC;IAEzC,IAAI;MACFA,KAAA,GAAQD,SAAA,CACLjD,KAAA,CAAOiB,EAAA,IACCF,oBAAA,CAAqBC,QAAA,EAAUC,EAAA,EAAIV,MAAA,EAAOY,MAAA,EAAQkB,GAAG,CAC7D,EACAc,GAAA,CAAI,GAEP5D,MAAA,CAAO,MAAM2D,KAAK;IACpB,SAASE,GAAA,EAAK;MACZ,MAAMC,UAAA,GAAa,GAAGL,IAAI,kBAAkBhC,QAAA,EAAUsC,EAAE;MAExD,IAAIF,GAAA,YAAe5D,WAAA,EAAa;QAC9B,IAAI+D,GAAA,GAAM,uCAAgCF,UAAU;QACpD,MAAId,OAAA,CAAQC,GAAA,CAAIgB,QAAA,KAAa,iBAAiBN,KAAA,KAC5CK,GAAA,IAAO;AAAA,GAAM9D,qBAAA,CAAsByD,KAAK,CAAC,KAErC,IAAI5B,KAAA,CAAMiC,GAAG;MACrB;MAEA,MAAM,IAAIjC,KAAA,CAAM,4BAA4B+B,UAAU;AAAA,EAAKD,GAAG,EAAE;IAClE;EACF;EAEA,SAASK,cAIPC,KAAA,EACAvC,MAAA,EACAC,OAAA,EACAuC,OAAA,GAAU,OAAOvC,OAAA,GAAY,KAC7BwC,KAAA,GAAQ,IACQ;IAEhB,MAAMC,OAAA,GAAU,GAAGH,KAAK,GAAGvC,MAAM;MAC3BY,GAAA,GAAM,GAAG8B,OAAO,GAAG,OAAOzC,OAAA,IAAY,WAAWA,OAAA,GAAU0C,IAAA,CAAKC,SAAA,CAAU3C,OAAO,CAAC;MAClF4C,QAAA,GAAWlE,eAAA,CAAgBU,GAAA,CAAIuB,GAAG,KAAKjC,eAAA,CAAgBU,GAAA,CAAIqD,OAAO;MAClE7C,QAAA,GAAWiD,WAAA,CAAY;MACvBC,UAAA,GAAaC,gBAAA,CAAiBT,KAAK;MAEnCR,KAAA,IAAS,MAAM;QACnB,IAAIkB,SAAA,GAAYC,IAAA,CAAKnB,KAAA,CAAMQ,KAAK,EAAEP,GAAA,CAAI;QAEtC,OAAKQ,OAAA,GAIES,SAAA,CAAUpE,KAAA,CAAOiB,EAAA,IACfF,oBAAA,CAAqBC,QAAA,EAAUC,EAAA,EAAIiD,UAAA,EAAY/C,MAAA,EAAQC,OAAc,CAC7E,IALQgD,SAAA;MAMX,GAAG;MAEG,CAACE,IAAA,EAAMC,MAAM,IAAIC,QAAA,CAAStB,KAAA,EAAO;QACrCS,OAAA,EAAS,GAAQA,OAAA,IAAW3C,QAAA,IAAYI,OAAA;MAC1C,CAAC;IAEGwC,KAAA,IACFa,OAAA,CAAQC,IAAA,CACN,mBACA;MAAEJ,IAAA;MAAMC,MAAA;MAAQpD,MAAA;MAAQH,QAAA;MAAUkD;IAAW,GAC7CzE,qBAAA,CAAsByD,KAAK,CAC7B;IAKF,MAAMyB,OAAA,GAAU,EAFDL,IAAA;IAIf,OAAKlD,OAAA,GAIEuD,OAAA,GAHE;EAIX;EAEA,OAAO;IACL3E,KAAA;IACAoC,GAAA;IACAqB;EACF;AACF;AAIA,SAAS5D,0BAAA,EAA4B;EAC/B,OAAO+E,QAAA,GAAa,OAEb,OAAOC,SAAA,GAAc,OAAeA,SAAA,CAAUC,OAAA,KAAY,iBAI/DvC,OAAA,CAAQC,GAAA,CAAIC,gBAAA,KAAqB,SACnCgC,OAAA,CAAQM,KAAA,CAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,SAQX;AAGT","ignoreList":[]}
+{"version":3,"names":["ANYONE_CAN","definePermissions","ensure","EnsureError","objectEntries","runWithContext","prettyFormatZeroQuery","getWhereTableName","createPermissions","environment","schema","models","getContext","fallbackActions","select","insert","update","upsert","delete","buildPermissionQuery","authData","eb","permissionWhere","action","objOrId","tableName","Error","tableSchema","tables","primaryKeys","primaryKey","permissionQueryBuilder","fallbackAction","permissionCondition","cmpLit","primaryKeyWheres","key","value","push","cmp","and","can","where","obj","ctx","ensurePermission","tx","didCanPermissionsRun","actionIn","role","String","name","queryBase","query","one","err","errorTitle","id","msg","process","env","NODE_ENV","readPermissions","permissionsEntries","Promise","all","map","model","email","row","out","permissions","read","Object","fromEntries"],"sources":["../../src/createPermissions.ts"],"sourcesContent":[null],"mappings":"AAMA,SAASA,UAAA,EAAYC,iBAAA,QAAyB;AAC9C,SAASC,MAAA,EAAQC,WAAA,EAAaC,aAAA,QAAqB;AACnD,SAASC,cAAA,QAAsB;AAC/B,SAASC,qBAAA,QAA6B;AAEtC,SAASC,iBAAA,QAAyB;AAE3B,SAASC,kBAA6C;EAC3DC,WAAA;EACAC,MAAA;EACAC,MAAA;EACAC;AACF,GAKG;EAkBD,MAAMC,eAAA,GAA0C;IAC9CC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;EACV;EAEA,SAASC,qBAIPC,QAAA,EACAC,EAAA,EACAC,eAAA,EACAC,MAAA,EAEAC,OAAA,EACA;IACA,MAAMC,SAAA,GAAYlB,iBAAA,CAAkBe,eAAe;IAEnD,IAAI,CAACG,SAAA,EACH,MAAM,IAAIC,KAAA,CAAM,mDAAmD;IAGrE,MAAMC,WAAA,GAAcjB,MAAA,CAAOkB,MAAA,CAAOH,SAAS;IAE3C,IAAI,CAACE,WAAA,EACH,MAAM,IAAID,KAAA,CAAM,YAAY;IAG9B,MAAMG,WAAA,GAAcF,WAAA,CAAYG,UAAA;MAC1BC,sBAAA,GAAyBT,eAAA,CAAgBD,EAAA,EAAID,QAAQ;MACrDY,cAAA,GAAiBnB,eAAA,CAAgBU,MAAM;MAEvCU,mBAAA,GACJF,sBAAA,CAAuBR,MAAM,MAC5BS,cAAA,GAAiBD,sBAAA,CAAuBC,cAAc,IAAI;IAE7D,IAAIC,mBAAA,IAAuB,MACzB,MAAM,IAAIP,KAAA,CAAM,6BAA6BH,MAAM,QAAQS,cAAc,GAAG;IAG9E,IAAIC,mBAAA,KAAwB,IAC1B,OAAOZ,EAAA,CAAGa,MAAA,CAAO,IAAM,KAAK,EAAI;IAGlC,IAAID,mBAAA,KAAwB,IAC1B,OAAOZ,EAAA,CAAGa,MAAA,CAAO,IAAM,KAAK,EAAK;IAGnC,MAAMC,gBAAA,GAAgC,EAAC;IAEvC,WAAWC,GAAA,IAAOP,WAAA,EAAa;MAC7B,MAAMQ,KAAA,GAAQ,OAAOb,OAAA,IAAY,WAAWA,OAAA,GAAUA,OAAA,CAAQY,GAAG;MACjED,gBAAA,CAAiBG,IAAA,CAAKjB,EAAA,CAAGkB,GAAA,CAAIH,GAAA,EAAYC,KAAK,CAAC;IACjD;IAEA,OAAOhB,EAAA,CAAGmB,GAAA,CAAIP,mBAAA,EAAqB,GAAGE,gBAAgB;EACxD;EAEA,eAAeM,IAGbC,KAAA,EAAenB,MAAA,EAAgBoB,GAAA,EAAU;IACzC,MAAMC,GAAA,GAAMhC,UAAA,CAAW;MACjBa,SAAA,GAAYlB,iBAAA,CAAkBmC,KAAK;IACzC,IAAI,CAACjB,SAAA,EACH,MAAM,IAAIC,KAAA,CAAM,sDAAsD;IAIpEjB,WAAA,KAAgB,aAClB,MAAMoC,gBAAA,CACJD,GAAA,CAAIE,EAAA,EACJF,GAAA,CAAIxB,QAAA,EACJK,SAAA,EACAiB,KAAA,EACAnB,MAAA,EACAoB,GACF,GACAC,GAAA,CAAIG,oBAAA,GAAuB;EAE/B;EAEA,eAAeF,iBAIbC,EAAA,EACA1B,QAAA,EACAK,SAAA,EACAiB,KAAA,EACAM,QAAA,EACAL,GAAA,EACe;IACf,IAAIvB,QAAA,EAAU6B,IAAA,KAAS,SAErB;IAGF,MAAM1B,MAAA,GAAS2B,MAAA,CAAOF,QAAQ;MACxBG,IAAA,GAAO,GAAG1B,SAAS,IAAIF,MAAM;MAE7B6B,SAAA,GAAYN,EAAA,CAAGO,KAAA,CAAM5B,SAAS;IACpC,IAAI4B,KAAA,GAAqC;IAEzC,IAAI;MACFA,KAAA,GAAQD,SAAA,CACLV,KAAA,CAAOrB,EAAA,IACCF,oBAAA,CAAqBC,QAAA,EAAUC,EAAA,EAAIqB,KAAA,EAAOnB,MAAA,EAAQoB,GAAG,CAC7D,EACAW,GAAA,CAAI,GAEPpD,MAAA,CAAO,MAAMmD,KAAK;IACpB,SAASE,GAAA,EAAK;MACZ,MAAMC,UAAA,GAAa,GAAGL,IAAI,kBAAkB/B,QAAA,EAAUqC,EAAE;MAExD,IAAIF,GAAA,YAAepD,WAAA,EAAa;QAC9B,IAAIuD,GAAA,GAAM,uCAAgCF,UAAU;QACpD,MAAIG,OAAA,CAAQC,GAAA,CAAIC,QAAA,KAAa,iBAAiBR,KAAA,KAC5CK,GAAA,IAAO;AAAA,GAAMpD,qBAAA,CAAsB+C,KAAK,CAAC,KAErC,IAAI3B,KAAA,CAAMgC,GAAG;MACrB;MAEA,MAAM,IAAIhC,KAAA,CAAM,4BAA4B8B,UAAU;AAAA,EAAKD,GAAG,EAAE;IAClE;EACF;EAEA,MAAMO,eAAA,GAAkB7D,iBAAA,CAAoCS,MAAA,EAAQ,YAAY;IAC9E,MAAMqD,kBAAA,GAAqB,MAAMC,OAAA,CAAQC,GAAA,CACvC7D,aAAA,CAAcO,MAAM,EAAEuD,GAAA,CAAI,OAAO,CAAC9B,GAAA,EAAK+B,KAAK,MACnC,MAAM9D,cAAA,CACX;MACEe,QAAA,EAAU;QAAEqC,EAAA,EAAI;QAAIR,IAAA,EAAM;QAAWmB,KAAA,EAAO;MAAG;IACjD,GACA,MACS,CACLhC,GAAA,EACA;MACEiC,GAAA,EAAK;QACHvD,MAAA,EAAQ,CACN,CAACM,QAAA,EAAoBC,EAAA,KAAoC;UACvD,MAAMiD,GAAA,GAAMH,KAAA,CAAMI,WAAA,CAAYlD,EAAA,EAAID,QAAQ,EAAEoD,IAAA;UAE5C,OAAIF,GAAA,KAAQ,KACHjD,EAAA,CAAGmB,GAAA,CAAI,IAGZ8B,GAAA,KAAQ,KACHjD,EAAA,CAAGa,MAAA,CAAO,IAAM,KAAK,EAAK,IAG5BoC,GAAA;QACT,EACF;QAAA;QAEAvD,MAAA,EAAQf,UAAA;QACRgB,MAAA,EAAQhB,UAAA;QACRkB,MAAA,EAAQlB;MACV;IACF,EAGN,CACD,CACH;IAIA,OAFoByE,MAAA,CAAOC,WAAA,CAAYX,kBAAkB;EAG3D,CAAC;EAED,OAAO;IACLtB,GAAA;IACAtB,oBAAA;IACA2C;EACF;AACF","ignoreList":[]}

package/dist/esm/createPermissions.native.js

@@ -1,29 +1,28 @@
-import { createLocalStorage, ensure, EnsureError } from "@vxrn/helpers";
+import { ANYONE_CAN, definePermissions } from "@rocicorp/zero";
+import { ensure, EnsureError, objectEntries } from "@vxrn/helpers";
+import { runWithContext } from "./helpers/context.native.js";
 import { prettyFormatZeroQuery } from "./helpers/prettyFormatZeroQuery.native.js";
-function createPermissions(schema, getContext) {
-  runEnvironmentSafetyCheck();
-  var permissionCache = createLocalStorage("permissions-cache", {
-    storageLimit: 24
-  });
-  function where(a, b) {
-    return b && WhereTableNameMap.set(b, a), b || a;
-  }
-  var WhereTableNameMap = /* @__PURE__ */new WeakMap();
-  function getWhereTableName(where2) {
-    return WhereTableNameMap.get(where2);
-  }
-  var fallbackActions = {
-    select: "read",
-    insert: "write",
-    update: "write",
-    upsert: "write",
-    delete: "write"
-  };
+import { getWhereTableName } from "./where.native.js";
+function createPermissions(param) {
+  var {
+      environment,
+      schema,
+      models,
+      getContext
+    } = param,
+    fallbackActions = {
+      select: "read",
+      insert: "write",
+      update: "write",
+      upsert: "write",
+      delete: "write"
+    };
   function buildPermissionQuery(authData, eb, permissionWhere, action, objOrId) {
     var tableName = getWhereTableName(permissionWhere);
     if (!tableName) throw new Error("Must use PermissionWhere for buildPermissionQuery");
-    var tableSchema = schema.tables[tableName],
-      primaryKeys = tableSchema.primaryKey,
+    var tableSchema = schema.tables[tableName];
+    if (!tableSchema) throw new Error("No schema?");
+    var primaryKeys = tableSchema.primaryKey,
       permissionQueryBuilder = permissionWhere(eb, authData),
       fallbackAction = fallbackActions[action],
       permissionCondition = permissionQueryBuilder[action] || (fallbackAction ? permissionQueryBuilder[fallbackAction] : void 0);
@@ -51,13 +50,13 @@ function createPermissions(schema, getContext) {
     }
     return eb.and(permissionCondition, ...primaryKeyWheres);
   }
-  async function can(where2, action, obj) {
+  async function can(where, action, obj) {
     var ctx = getContext(),
-      tableName = getWhereTableName(where2);
+      tableName = getWhereTableName(where);
     if (!tableName) throw new Error("Must use where('table') style where to pass to can()");
-    process.env.VITE_ENVIRONMENT === "ssr" && (await ensurePermission(ctx.tx, ctx.authData, tableName, where2, action, obj), ctx.didCanPermissionsRun = !0);
+    environment === "server" && (await ensurePermission(ctx.tx, ctx.authData, tableName, where, action, obj), ctx.didCanPermissionsRun = !0);
   }
-  async function ensurePermission(tx, authData, tableName, where2, actionIn, obj) {
+  async function ensurePermission(tx, authData, tableName, where, actionIn, obj) {
     if (authData?.role !== "admin") {
       var action = String(actionIn),
         name = `${tableName}.${action}`,
@@ -65,7 +64,7 @@ function createPermissions(schema, getContext) {
         query = null;
       try {
         query = queryBase.where(function (eb) {
-          return buildPermissionQuery(authData, eb, where2, action, obj);
+          return buildPermissionQuery(authData, eb, where, action, obj);
         }).one(), ensure(await query);
       } catch (err) {
         var errorTitle = `${name} with auth id: ${authData?.id}`;
@@ -79,51 +78,38 @@ ${err}`);
       }
     }
   }
-  function usePermission(table, action, objOrId) {
-    var enabled = arguments.length > 3 && arguments[3] !== void 0 ? arguments[3] : typeof objOrId < "u",
-      debug = arguments.length > 4 && arguments[4] !== void 0 ? arguments[4] : !1,
-      keyBase = `${table}${action}`,
-      key = `${keyBase}${typeof objOrId == "string" ? objOrId : JSON.stringify(objOrId)}`,
-      _permissionCache_get,
-      cacheVal = (_permissionCache_get = permissionCache.get(key)) !== null && _permissionCache_get !== void 0 ? _permissionCache_get : permissionCache.get(keyBase),
-      authData = useAuthData(),
-      permission = modelPermissions[table],
-      query = function () {
-        var baseQuery = zero.query[table].one();
-        return enabled ? baseQuery.where(function (eb) {
-          return buildPermissionQuery(authData, eb, permission, action, objOrId);
-        }) : baseQuery;
-      }(),
-      [data, status] = useQuery(query, {
-        enabled: !!(enabled && authData && objOrId)
-      });
-    debug && console.info("usePermission()", {
-      data,
-      status,
-      action,
-      authData,
-      permission
-    }, prettyFormatZeroQuery(query));
-    var result = data,
-      allowed = !!result;
-    return objOrId ? allowed : !1;
-  }
+  var readPermissions = definePermissions(schema, async function () {
+    var permissionsEntries = await Promise.all(objectEntries(models).map(async function (param2) {
+        var [key, model] = param2;
+        return await runWithContext({
+          authData: {
+            id: "",
+            role: void 0,
+            email: ""
+          }
+        }, function () {
+          return [key, {
+            row: {
+              select: [function (authData, eb) {
+                var out = model.permissions(eb, authData).read;
+                return out === !0 ? eb.and() : out === !1 ? eb.cmpLit(!0, "=", !1) : out;
+              }],
+              // we have permissions on these through our model system with custom mutators:
+              insert: ANYONE_CAN,
+              update: ANYONE_CAN,
+              delete: ANYONE_CAN
+            }
+          }];
+        });
+      })),
+      permissions = Object.fromEntries(permissionsEntries);
+    return permissions;
+  });
   return {
-    where,
     can,
-    usePermission
+    buildPermissionQuery,
+    readPermissions
   };
 }
-function runEnvironmentSafetyCheck() {
-  typeof document < "u" || typeof navigator < "u" && navigator.product === "ReactNative" || process.env.VITE_ENVIRONMENT !== "ssr" && console.error(`\u274C\u274C\u274C\u274C
-
-ERROR: VITE_ENVIRONMENT is not set to "ssr" on server, which means permissions checks won't run when they should
-This is makes Zero entirely insecure and needs to be fixed immediately.
-
-This is likely a One framework issue, unless the user Vite config is overwriting the value.
-One automatically sets this value.
-        
-        `);
-}
 export { createPermissions };
 //# sourceMappingURL=createPermissions.native.js.map

package/dist/esm/createPermissions.native.js.map

@@ -1 +1 @@
-{"version":3,"names":["createLocalStorage","ensure","EnsureError","prettyFormatZeroQuery","createPermissions","schema","getContext","runEnvironmentSafetyCheck","permissionCache","storageLimit","where","a","b","WhereTableNameMap","set","WeakMap","getWhereTableName","where2","get","fallbackActions","select","insert","update","upsert","delete","buildPermissionQuery","authData","eb","permissionWhere","action","objOrId","tableName","Error","tableSchema","tables","primaryKeys","primaryKey","permissionQueryBuilder","fallbackAction","permissionCondition","cmpLit","primaryKeyWheres","_iteratorNormalCompletion","_didIteratorError","_iteratorError","_iterator","Symbol","iterator","_step","next","done","key","value","push","cmp","err","return","and","can","obj","ctx","process","env","VITE_ENVIRONMENT","ensurePermission","tx","didCanPermissionsRun","actionIn","role","String","name","queryBase","query","one","errorTitle","id","msg","NODE_ENV","usePermission","table","enabled","arguments","length","debug","keyBase","JSON","stringify","_permissionCache_get","cacheVal","useAuthData","permission","modelPermissions","baseQuery","zero","data","status","useQuery","console","info","result","allowed","document","navigator","product","error"],"sources":["../../src/createPermissions.ts"],"sourcesContent":[null],"mappings":"AAQA,SAASA,kBAAA,EAAoBC,MAAA,EAAQC,WAAA,QAAmB;AAGxD,SAASC,qBAAA,QAA6B;AAE/B,SAASC,kBACdC,MAAA,EACAC,UAAA,EACA;EACAC,yBAAA,CAA0B;EAO1B,IAAAC,eAAM,GAAAR,kBAAkB,oBAAoC;IAC1DS,YAAA,EAAc;EAChB,CAAC;EAoBD,SAASC,MACPC,CAAA,EACAC,CAAA,EACS;IACT,OAAIA,CAAA,IACFC,iBAAA,CAAkBC,GAAA,CAAIF,CAAA,EAAGD,CAAU,GAE7BC,CAAA,IAAKD,CAAA;EACf;EAIA,IAAAE,iBAAM,kBAAoB,IAAAE,OAAI;EAE9B,SAASC,kBAAkBC,MAAA,EAAc;IACvC,OAAOJ,iBAAA,CAAkBK,GAAA,CAAID,MAAK;EACpC;EAqBA,IAAAE,eAAM;IACJC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;IACRC,MAAA,EAAQ;EACV;EAEA,SAASC,qBAIPC,QAAA,EACAC,EAAA,EACAC,eAAA,EACAC,MAAA,EAEAC,OAAA,EACA;IACA,IAAAC,SAAM,GAAAf,iBAAY,CAAAY,eAAkB;IAEpC,IAAI,CAACG,SAAA,EACH,MAAM,IAAIC,KAAA,CAAM,mDAAmD;IAIrE,IAAAC,WAAM,GAAA5B,MADc,CAAA6B,MAAO,CAAAH,SAAO;MAASI,WACX,GAC1BF,WAAA,CAAAG,UAAA;MAAyBC,sBAAoB,GAAAT,eAC7C,CAAAD,EAAA,EAAAD,QAAiB;MAAAY,cAAsB,GAEvCnB,eAAA,CAAAU,MACJ;MAAAU,mBAAA,GAAuBF,sBACtB,CAAAR,MAAiB,MAAAS,cAAA,GAAuBD,sBAAkB,CAAAC,cAAA;IAE7D,IAAIC,mBAAA,IAAuB,MACzB,MAAM,IAAIP,KAAA,CAAM,6BAA6BH,MAAM,QAAQS,cAAc,GAAG;IAG9E,IAAIC,mBAAA,KAAwB,IAC1B,OAAOZ,EAAA,CAAGa,MAAA,CAAO,IAAM,KAAK,EAAI;IAGlC,IAAID,mBAAA,KAAwB,IAC1B,OAAOZ,EAAA,CAAGa,MAAA,CAAO,IAAM,KAAK,EAAK;IAGnC,IAAAC,gBAAM,KAAgC;MAACC,yBAAA;MAAAC,iBAAA;MAAAC,cAAA;IAEvC;MACE,SAAMC,SAAQ,GAAOV,WAAY,CAAAW,MAAA,CAAAC,QAAW,KAAUC,KAAA,IAAQN,yBAAG,IAAAM,KAAA,GAAAH,SAAA,CAAAI,IAAA,IAAAC,IAAA,GAAAR,yBAAA;QACjE,IAAAS,GAAA,GAAAH,KAAiB,CAAAI,KAAK;UAAGA,KAAI,UAAkBtB,OAAA,eAAAA,OAAA,GAAAA,OAAA,CAAAqB,GAAA;QACjDV,gBAAA,CAAAY,IAAA,CAAA1B,EAAA,CAAA2B,GAAA,CAAAH,GAAA,EAAAC,KAAA;MAEA;IACF,SAAAG,GAAA;MAEAZ,iBAGE,OAAeC,cAA0B,GAAAW,GAAA;IACzC,UAAM;MAEN,IAAK;QACH,CAAAb,yBAAgB,IAAAG,SAAA,CAAAW,MAAA,YAAAX,SAAA,CAAsDW,MAAA;MAIpE,UAAY;QAEZ,IAAIb,iBAAA,EACA,MAAAC,cAAA;MACJ;IAAA;IACA,OACAjB,EAAA,CAAA8B,GAAA,CAAAlB,mBAAA,KAAAE,gBAAA;EAAA;EACA,eAEEiB,IAAAzC,MAAA,EAAAY,MAAuB,EAAA8B,GAAA;IAE/B,IAAAC,GAAA,GAAAtD,UAAA;MAAAyB,SAAA,GAAAf,iBAAA,CAAAC,MAAA;IAIA,KAAAc,SAAe,EAWb,MAAI,IAAAC,KAAU,uDAAS;IAErB6B,OAAA,CAAAC,GAAA,CAAAC,gBAAA,qBAAAC,gBAAA,CAAAJ,GAAA,CAAAK,EAAA,EAAAL,GAAA,CAAAlC,QAAA,EAAAK,SAAA,EAAAd,MAAA,EAAAY,MAAA,EAAA8B,GAAA,GAAAC,GAAA,CAAAM,oBAAA;EAGF;EAGA,eAAyCF,iBAAAC,EAAA,EAAAvC,QAAA,EAAAK,SAAA,EAAAd,MAAA,EAAAkD,QAAA,EAAAR,GAAA;IAEzC,IAAIjC,QAAA,EAAA0C,IAAA;MACF,IAAAvC,MAAQ,GAAAwC,MACL,CAAAF,QAAO;QAAAG,IACC,MAAAvC,SAAA,IAAqBF,MAAA;QAAU0C,SAAI,GAAON,EAAA,CAAAO,KAAQ,CAAAzC,SAEtD;QAEPyC,KAAA,GAAO,IAAM;MACf;QACEA,KAAM,GAAAD,SAAa,CAAA7D,KAAG,CAAI,UAAAiB,EAAA;UAEtB,OAAAF,oBAAe,CAAaC,QAAA,EAAAC,EAAA,EAAAV,MAAA,EAAAY,MAAA,EAAA8B,GAAA;QAC9B,GAAAc,GAAI,IAAMxE,MAAA,OAAAuE,KAAA;MACV,SAAIjB,GAAA;QACW,IAAAmB,UAAA,GAAsB,GAAAJ,IAAM,kBAExB5C,QAAA,EAAAiD,EAAA;QACrB,IAAApB,GAAA,YAAArD,WAAA;UAEA,IAAM0E,GAAI,0CAAkCF,UAAU;UAAU,MAAAb,OAAA,CAAAC,GAAA,CAAAe,QAAA,sBAAAL,KAAA,KAAAI,GAAA;AAAA,GAAAzE,qBAClE,CAAAqE,KAAA,UAAAxC,KAAA,CAAA4C,GAAA;QACF;QAEA,MAAS,IAAA5C,KAAA,6BAOP0C,UAAU;AAIV,EAAAnB,GAAA;MAOE;IAEA;EACS;EAQ4B,SACrCuB,aAAiBA,CAAAC,KAAW,EAAAlD,MAAA,EAAAC,OAAY;IAC1C,IAACkD,OAAA,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,iBAAAA,SAAA,aAAAnD,OAAA;MAAAqD,KAAA,GAAAF,SAAA,CAAAC,MAAA,QAAAD,SAAA,iBAAAA,SAAA;MAAAG,OAAA,MAAAL,KAAA,GAAAlD,MAAA;MAAAsB,GAAA,MAAAiC,OAAA,UAAAtD,OAAA,eAAAA,OAAA,GAAAuD,IAAA,CAAAC,SAAA,CAAAxD,OAAA;MAAAyD,oBAAA;MAAAC,QAAA,IAAAD,oBAAA,GAAA/E,eAAA,CAAAU,GAAA,CAAAiC,GAAA,eAAAoC,oBAAA,cAAAA,oBAAA,GAAA/E,eAAA,CAAAU,GAAA,CAAAkE,OAAA;MAAA1D,QAAA,GAAA+D,WAAA;MAAAC,UAAA,GAAAC,gBAAA,CAAAZ,KAAA;MAAAP,KAAA;QAEG,IAAAoB,SACF,GAAQC,IAAA,CAAArB,KAAA,CAAAO,KAAA,EAAAN,GAAA;QACN,OAAAO,OAAA,GAAAY,SAAA,CAAAlF,KAAA,WAAAiB,EAAA;UACE,OAAMF,oBAAgB,CAAAC,QAAU,EAAAC,EAAA,EAAA+D,UAAW,EAAA7D,MAAA,EAAAC,OAAA;QAC7C,KAAA8D,SAAA;MACF;MAAA,CAAAE,IAAA,EAAAC,MAAA,IAAAC,QAAA,CAAAxB,KAAA;QAKFQ,OAAM,KAAAA,OAFS,IAAAtD,QAAA,IAAAI,OAAA;MAIf;IAKFqD,KAAA,IAAAc,OAAA,CAAAC,IAAA;MAEAJ,IAAO;MACLC,MAAA;MACAlE,MAAA;MACAH,QAAA;MACFgE;IACF,GAAAvF,qBAAA,CAAAqE,KAAA;IAIA,IAAA2B,MAAS,GAAAL,IAAA;MAAAM,OAAA,KAAAD,MAA4B;IAC/B,OAAOrE,OAAA,GAAasE,OAEb;EAKO;EAAA;IAAA1F,KAAA;IAAAgD,GAAA;IAAAoB;EAAA;AAAA;AAAA,SAQXvE,0BAAA;EAGT,OAAA8F,QAAA,iBAAAC,SAAA,UAAAA,SAAA,CAAAC,OAAA,sBAAA1C,OAAA,CAAAC,GAAA,CAAAC,gBAAA,cAAAkC,OAAA,CAAAO,KAAA","ignoreList":[]}
+{"version":3,"names":["ANYONE_CAN","definePermissions","ensure","EnsureError","objectEntries","runWithContext","prettyFormatZeroQuery","getWhereTableName","createPermissions","param","environment","schema","models","getContext","fallbackActions","select","insert","update","upsert","delete","buildPermissionQuery","authData","eb","permissionWhere","action","objOrId","tableName","Error","tableSchema","tables","primaryKeys","primaryKey","permissionQueryBuilder","fallbackAction","permissionCondition","cmpLit","primaryKeyWheres","_iteratorNormalCompletion","_didIteratorError","_iteratorError","_iterator","Symbol","iterator","_step","next","done","key","value","push","cmp","err","return","and","can","where","obj","ctx","ensurePermission","tx","didCanPermissionsRun","actionIn","role","String","name","queryBase","query","one","errorTitle","id","msg","process","env","NODE_ENV","readPermissions","permissionsEntries","Promise","all","map","param2","model","email","row","out","permissions","read","Object","fromEntries"],"sources":["../../src/createPermissions.ts"],"sourcesContent":[null],"mappings":"AAMA,SAASA,UAAA,EAAYC,iBAAA,QAAyB;AAC9C,SAASC,MAAA,EAAQC,WAAA,EAAaC,aAAA,QAAqB;AACnD,SAASC,cAAA,QAAsB;AAC/B,SAASC,qBAAA,QAA6B;AAEtC,SAASC,iBAAA,QAAyB;AAE3B,SAASC,kBAA6CC,KAAA;EAC3D;MAAAC,WAAA;MAAAC,MAAA;MAAAC,MAAA;MAAAC;IAAA,IAAAJ,KAAA;IAAAK,eAAA;MACAC,MAAA;MACAC,MAAA;MACAC,MAAA;MAMCC,MAAA;MAkBDC,MAAM;IAA0C;EACtC,SACRC,oBAAQA,CAAAC,QAAA,EAAAC,EAAA,EAAAC,eAAA,EAAAC,MAAA,EAAAC,OAAA;IACR,IAAAC,SAAQ,GAAAnB,iBAAA,CAAAgB,eAAA;IACR,KAAAG,SAAQ,EACR,MAAQ,IAAAC,KAAA;IACV,IAAAC,WAAA,GAAAjB,MAAA,CAAAkB,MAAA,CAAAH,SAAA;IAEA,KAAAE,WAAS,EAWP,MAAM,IAAAD,KAAA,CAAY;IAElB,IAAIG,WAAC,GAAAF,WAAA,CAAAG,UAAA;MAAAC,sBAAA,GAAAT,eAAA,CAAAD,EAAA,EAAAD,QAAA;MAAAY,cAAA,GAAAnB,eAAA,CAAAU,MAAA;MAAAU,mBAAA,GAAAF,sBAAA,CAAAR,MAAA,MAAAS,cAAA,GAAAD,sBAAA,CAAAC,cAAA;IACH,IAAAC,mBAAgB,UAGlB,MAAM,IAAAP,KAAA,8BAAqCH,MAAA,QAAAS,cAAA;IAE3C,IAAIC,mBAAC,SACH,OAAMZ,EAAA,CAAIa,MAAM,YAAY;IAG9B,IAAAD,mBAAoB,SAQpB,OAAIZ,EAAA,CAAAa,MAAA,UAAuB;IACzB,IAAAC,gBAAgB;MAAAC,yBAA6B,GAAM;MAAAC,iBAAsB,GAAG;MAAAC,cAAA;IAG9E,IAAI;MACF,SAAOC,SAAU,GAAMV,WAAS,CAAAW,MAAA,CAAAC,QAAA,KAAAC,KAAA,IAAAN,yBAAA,IAAAM,KAAA,GAAAH,SAAA,CAAAI,IAAA,IAAAC,IAAA,GAAAR,yBAAA;QAG9B,IAAAS,GAAA,GAAAH,KAAA,CAAAI,KAAA;UAAAA,KAAwB,UAAAtB,OAAA,eAAAA,OAAA,GAAAA,OAAA,CAAAqB,GAAA;QAC1BV,gBAAiB,CAAAY,IAAM,CAAA1B,EAAK,CAAA2B,GAAK,CAAAH,GAAA,EAAAC,KAAA;MAGnC;IAEA,SAAAG,GAAW;MACTZ,iBAAc,IAAO,GAAAC,cAAY,GAAAW,GAAW;IAC5C;MACF;QAEA,CAAAb,yBAAc,IAAAG,SAAwB,CAAAW,MAAA,IAAgB,QAAAX,SAAA,CAAAW,MAAA;MACxD;QAEA,IAAAb,iBAGiB,EACT,MAAMC,cACN;MACN;IACE;IAIE,OAAAjB,EAAA,CAAA8B,GAAA,CAAAlB,mBACF,EAAM,GAAAE,gBAAA;EAAA;EACA,eACAiB,IAAAC,KAAA,EAAA9B,MAAA,EAAA+B,GAAA;IAAA,IACJC,GAAA,GAAA3C,UAAA;MAAAa,SAAA,GAAAnB,iBAAA,CAAA+C,KAAA;IAAA,IACA,CAAA5B,SAAA,EACA,UAAAC,KAAA;IAAAjB,WACA,wBAAA+C,gBAAA,CAAAD,GAAA,CAAAE,EAAA,EAAAF,GAAA,CAAAnC,QAAA,EAAAK,SAAA,EAAA4B,KAAA,EAAA9B,MAAA,EAAA+B,GAAA,GAAAC,GAAA,CAAAG,oBAAA;EAAA;EAIN,eAAAF,iBAAAC,EAAA,EAAArC,QAAA,EAAAK,SAAA,EAAA4B,KAAA,EAAAM,QAAA,EAAAL,GAAA;IAEA,IAAAlC,QAAA,EAAewC,IAAA,YAIb;MAOA,IAAIrC,MAAA,GAAUsC,MAAA,CAAAF,QAAS;QAAAG,IAAA,MAAArC,SAAA,IAAAF,MAAA;QAAAwC,SAAA,GAAAN,EAAA,CAAAO,KAAA,CAAAvC,SAAA;QAAAuC,KAAA;MAErB;QAGFA,KAAM,GAAAD,SAAS,CAAOV,KAAA,WAChBhC,EAAA,EAAO;UAGT,OAAqCF,oBAAA,CAAAC,QAAA,EAAAC,EAAA,EAAAgC,KAAA,EAAA9B,MAAA,EAAA+B,GAAA;QAErC,GAAAW,GAAA,IAAAhE,MAAA,OAAA+D,KAAA;MACF,SAAQf,GAAA;QAOV,IAAAiB,UAAc,MAAAJ,IAAA,kBAAA1C,QAAA,EAAA+C,EAAA;QACZ,IAAMlB,GAAA,YAAa/C,WAAO;UAEtB,IAAAkE,GAAA,0CAA4BF,UAAA;UAC9B,MAAIG,OAAM,CAAAC,GAAA,CAAAC,QAAA,sBAAgCP,KAAA,KAAUI,GAAA;AACpD,GAAA/D,qBAAY,CAAA2D,KAAI,UAAatC,KAAA,CAAA0C,GAAA;QACd;QAGjB,UAAA1C,KAAA,6BAAAwC,UAAA;AAEA,EAAAjB,GAAA;MAA8D;IAChE;EACF;EAEA,IAAAuB,eAAM,GAAAxE,iBAAkB,CAAAU,MAAoC,oBAAoB;IAC9E,IAAA+D,kBAAM,SAAqBC,OAAM,CAAAC,GAAQ,CAAAxE,aAAA,CAAAQ,MAAA,EAAAiE,GAAA,iBAAAC,MAAA;QACvC,KAAAhC,GAAA,EAAAiC,KAAc,IAAAD,MAAQ;QACP,OACX,MAAAzE,cAAA;UAAAgB,QACE;YACF+C,EAAA;YACAP,IACS;YACLmB,KAAA;UAAA;QACA,eACO;UAAA,OACH,CAAQlC,GAAA,EAEJ;YAEAmC,GAAA;cAQOlE,MACT,GACF,UAAAM,QAAA,EAAAC,EAAA;gBAAA,IAAA4D,GAAA,GAAAH,KAAA,CAAAI,WAAA,CAAA7D,EAAA,EAAAD,QAAA,EAAA+D,IAAA;gBAEA,OAAQF,GAAA,UAAA5D,EAAA,CAAA8B,GAAA,KAAA8B,GAAA,UAAA5D,EAAA,CAAAa,MAAA,gBAAA+C,GAAA;cACR,EACA;cACF;cACFlE,MAAA,EAAAhB,UAAA;cACFiB,MAAA,EAAAjB,UAAA;cAGLmB,MAAA,EAAAnB;YACH;UAIA,CAFoB,CAGrB;QAED;MACE;MAAAmF,WAAA,GAAAE,MAAA,CAAAC,WAAA,CAAAZ,kBAAA;IACA,OAAAS,WAAA;EAAA,EACA;EACF;IACF9B,GAAA","ignoreList":[]}