npm - tjs-lang - Versions diffs - 0.7.6 → 0.7.8 - Mend

tjs-lang 0.7.6 → 0.7.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/CLAUDE.md +101 -26
package/bin/docs.js +4 -1
package/demo/docs.json +46 -12
package/demo/src/examples.test.ts +1 -0
package/demo/src/imports.test.ts +16 -4
package/demo/src/imports.ts +60 -15
package/demo/src/playground-shared.ts +9 -8
package/demo/src/tfs-worker.js +205 -147
package/demo/src/tjs-playground.ts +34 -10
package/demo/src/ts-playground.ts +24 -8
package/dist/index.js +140 -119
package/dist/index.js.map +4 -4
package/dist/src/lang/bool-coercion.d.ts +50 -0
package/dist/src/lang/docs.d.ts +31 -6
package/dist/src/lang/linter.d.ts +8 -0
package/dist/src/lang/parser-transforms.d.ts +18 -0
package/dist/src/lang/parser-types.d.ts +2 -0
package/dist/src/lang/parser.d.ts +9 -0
package/dist/src/lang/runtime.d.ts +34 -0
package/dist/src/lang/types.d.ts +9 -1
package/dist/src/rbac/index.d.ts +1 -1
package/dist/src/vm/runtime.d.ts +1 -1
package/dist/tjs-eval.js +44 -39
package/dist/tjs-eval.js.map +4 -4
package/dist/tjs-from-ts.js +20 -20
package/dist/tjs-from-ts.js.map +3 -3
package/dist/tjs-lang.js +86 -80
package/dist/tjs-lang.js.map +4 -4
package/dist/tjs-vm.js +50 -45
package/dist/tjs-vm.js.map +4 -4
package/llms.txt +79 -0
package/package.json +3 -2
package/src/cli/commands/convert.test.ts +16 -21
package/src/lang/bool-coercion.test.ts +203 -0
package/src/lang/bool-coercion.ts +314 -0
package/src/lang/codegen.test.ts +177 -0
package/src/lang/docs.test.ts +328 -1
package/src/lang/docs.ts +424 -24
package/src/lang/emitters/ast.ts +11 -12
package/src/lang/emitters/dts.test.ts +41 -0
package/src/lang/emitters/dts.ts +9 -0
package/src/lang/emitters/js-tests.ts +16 -4
package/src/lang/emitters/js.ts +208 -2
package/src/lang/features.test.ts +22 -0
package/src/lang/inference.ts +54 -0
package/src/lang/linter.test.ts +104 -1
package/src/lang/linter.ts +124 -1
package/src/lang/parser-params.ts +31 -0
package/src/lang/parser-transforms.ts +539 -6
package/src/lang/parser-types.ts +2 -0
package/src/lang/parser.test.ts +73 -1
package/src/lang/parser.ts +85 -1
package/src/lang/runtime.ts +98 -0
package/src/lang/tests.ts +21 -8
package/src/lang/types.ts +6 -0
package/src/rbac/index.ts +2 -2
package/src/rbac/rules.tjs.d.ts +9 -0
package/src/vm/atoms/batteries.ts +2 -2
package/src/vm/runtime.ts +10 -3
package/dist/src/rbac/rules.d.ts +0 -184
package/src/rbac/rules.js +0 -338

package/src/rbac/rules.js DELETED Viewed

@@ -1,338 +0,0 @@
-/*#
-# RBAC Security Rules (Pure Logic)
-Pure security rule evaluation logic, independent of storage backend.
-This module contains no I/O - it only evaluates rules against contexts.
-## Rule Context
-- `_uid` - authenticated user ID (null if public)
-- `_roles` - array of user roles
-- `_method` - 'read' | 'write' | 'delete'
-- `_collection` - collection name
-- `_docId` - document ID
-- `doc` - existing document data (for read/write/delete)
-- `newData` - incoming data (for write only)
-## Rule Response
-- Return `true` to allow
-- Return `false` to deny
-- Return `{ allow: true/false, reason: string }` for detailed response
-*/
-/*#
-## Access Rule Shortcuts
-Evaluates simple access rule strings without AJS overhead.
-Returns { allowed: boolean, reason?: string } or null if not a shortcut.
-Shortcuts:
-- 'none' - deny all
-- 'all' - allow all
-- 'authenticated' - must be logged in
-- 'admin' - must have admin role
-- 'author' - must have author role
-- 'owner:fieldName' - doc[fieldName] === _uid
-- 'role:roleName' - _roles.includes(roleName)
-*/
-export function evaluateAccessShortcut(accessRule, context) {
-  if (typeof accessRule !== 'string') return null
-  const { _uid, _roles, doc, newData } = context
-  switch (accessRule) {
-    case 'none':
-      return { allowed: false, reason: 'Access denied' }
-    case 'all':
-      return { allowed: true }
-    case 'authenticated':
-      return _uid
-        ? { allowed: true }
-        : { allowed: false, reason: 'Authentication required' }
-    case 'admin':
-      return _roles?.includes('admin')
-        ? { allowed: true }
-        : { allowed: false, reason: 'Admin role required' }
-    case 'author':
-      return _roles?.includes('author')
-        ? { allowed: true }
-        : { allowed: false, reason: 'Author role required' }
-    default:
-      // owner:fieldName pattern
-      if (accessRule.startsWith('owner:')) {
-        const field = accessRule.slice(6)
-        const checkDoc = doc || newData
-        if (!_uid) {
-          return { allowed: false, reason: 'Authentication required' }
-        }
-        if (checkDoc && checkDoc[field] === _uid) {
-          return { allowed: true }
-        }
-        if (!doc && newData && newData[field] === _uid) {
-          return { allowed: true }
-        }
-        return { allowed: false, reason: `Must be owner (${field})` }
-      }
-      // role:roleName pattern
-      if (accessRule.startsWith('role:')) {
-        const role = accessRule.slice(5)
-        return _roles?.includes(role)
-          ? { allowed: true }
-          : { allowed: false, reason: `Role '${role}' required` }
-      }
-      return null // Not a recognized shortcut
-  }
-}
-evaluateAccessShortcut.__tjs = {
-  params: {
-    accessRule: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-    context: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-  },
-  unsafe: true,
-  source: 'rules.tjs:37',
-}
-/*#
-## Select Access Rule
-Determines which access rule to use based on the operation method.
-Supports granular rules (read/create/update/delete) with fallbacks.
-*/
-export function selectAccessRule(rule, context) {
-  const { _method, doc } = context
-  // Method-specific rules with fallbacks
-  if (_method === 'read' && rule.read !== undefined) {
-    return rule.read
-  }
-  if (_method === 'write') {
-    // Distinguish create vs update
-    if (!doc && rule.create !== undefined) {
-      return rule.create
-    }
-    if (doc && rule.update !== undefined) {
-      return rule.update
-    }
-    if (rule.write !== undefined) {
-      return rule.write
-    }
-  }
-  if (_method === 'delete' && rule.delete !== undefined) {
-    return rule.delete
-  }
-  // Fall back to code for backwards compatibility
-  return rule.code
-}
-selectAccessRule.__tjs = {
-  params: {
-    rule: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-    context: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-  },
-  unsafe: true,
-  source: 'rules.tjs:99',
-}
-/*#
-## Validate Schema
-Simple schema validation for write operations.
-Checks required fields and basic types.
-*/
-export function validateSchema(schema, data) {
-  const errors = []
-  if (!schema || typeof schema !== 'object') {
-    return { valid: true, errors: [] }
-  }
-  // Check required fields
-  if (schema.required && Array.isArray(schema.required)) {
-    for (const field of schema.required) {
-      if (data[field] === undefined || data[field] === null) {
-        errors.push(`Missing required field: ${field}`)
-      }
-    }
-  }
-  // Check field types
-  if (schema.properties && typeof schema.properties === 'object') {
-    for (const [field, spec] of Object.entries(schema.properties)) {
-      const value = data[field]
-      if (value === undefined) continue // Skip missing optional fields
-      const expectedType = spec.type
-      if (expectedType) {
-        const actualType = Array.isArray(value) ? 'array' : typeof value
-        if (actualType !== expectedType) {
-          errors.push(
-            `Field '${field}' expected ${expectedType}, got ${actualType}`
-          )
-        }
-      }
-    }
-  }
-  return {
-    valid: errors.length === 0,
-    errors,
-  }
-}
-validateSchema.__tjs = {
-  params: {
-    schema: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-    data: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-  },
-  unsafe: true,
-  source: 'rules.tjs:134',
-}
-/*#
-## Evaluate Rule Result
-Interprets the result of a rule evaluation (boolean, object, etc.)
-into a standardized { allowed, reason } format.
-*/
-export function interpretRuleResult(result) {
-  if (typeof result === 'boolean') {
-    return { allowed: result, reason: result ? null : 'Access denied' }
-  }
-  if (typeof result === 'object' && result !== null) {
-    return {
-      allowed: !!result.allow,
-      reason: result.reason || (result.allow ? null : 'Access denied'),
-    }
-  }
-  // Truthy/falsy fallback
-  return { allowed: !!result, reason: result ? null : 'Access denied' }
-}
-interpretRuleResult.__tjs = {
-  params: {
-    result: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-  },
-  unsafe: true,
-  source: 'rules.tjs:178',
-}
-/*#
-## Check Role Hierarchy
-Evaluates if a user has sufficient role level.
-Role hierarchy: admin > author > user > guest
-*/
-const ROLE_LEVELS = {
-  admin: 100,
-  author: 50,
-  editor: 40,
-  user: 10,
-  guest: 0,
-}
-export function hasRoleLevel(userRoles, requiredRole) {
-  const requiredLevel = ROLE_LEVELS[requiredRole] ?? 0
-  for (const role of userRoles || []) {
-    const level = ROLE_LEVELS[role] ?? 0
-    if (level >= requiredLevel) {
-      return true
-    }
-  }
-  return false
-}
-hasRoleLevel.__tjs = {
-  params: {
-    userRoles: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-    requiredRole: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-  },
-  unsafe: true,
-  source: 'rules.tjs:208',
-}
-/*#
-## Build Rule Context
-Creates the evaluation context for a security rule.
-*/
-export function buildRuleContext(options) {
-  const { uid, roles, method, collection, docId, doc, newData } = options
-  return {
-    _uid: uid || null,
-    _roles: roles || [],
-    _isAdmin: roles?.includes('admin') || false,
-    _isAuthor: roles?.includes('author') || false,
-    _method: method,
-    _collection: collection,
-    _docId: docId,
-    doc: doc || null,
-    newData: newData || null,
-  }
-}
-buildRuleContext.__tjs = {
-  params: {
-    options: {
-      type: {
-        kind: 'any',
-      },
-      required: false,
-    },
-  },
-  unsafe: true,
-  source: 'rules.tjs:226',
-}