ahmido
1fec9c6f9d
Some checks failed
Main Confidence / confidence (push) Failing after 45s
## Summary - introduce surface-aware compressed governance outcomes and reuse the shared truth/explanation seams for operator-first summaries - apply the compressed outcome hierarchy across baseline, evidence, review, review-pack, canonical review/evidence, and artifact-oriented operation-run surfaces - expand spec 214 fixtures and Pest coverage, and fix tenant-panel route assertions by generating explicit tenant-panel URLs in the affected Filament tests ## Validation - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` - focused governance compression suite from `specs/214-governance-outcome-compression/quickstart.md` passed (`68` tests, `445` assertions) - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/InventoryItemResourceTest.php tests/Feature/Filament/BackupSetUiEnforcementTest.php tests/Feature/Filament/RestoreRunUiEnforcementTest.php` passed (`18` tests, `81` assertions) Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #253
21 lines
1.5 KiB
Plaintext
21 lines
1.5 KiB
Plaintext
import { type AnyPgColumn, type PgPolicyToOption } from "../pg-core/index.js";
|
|
import { PgRole } from "../pg-core/roles.js";
|
|
import { type SQL } from "../sql/sql.js";
|
|
/**
|
|
* Generates a set of PostgreSQL row-level security (RLS) policies for CRUD operations based on the provided options.
|
|
*
|
|
* @param options - An object containing the policy configuration.
|
|
* @param options.role - The PostgreSQL role(s) to apply the policy to. Can be a single `PgRole` instance or an array of `PgRole` instances or role names.
|
|
* @param options.read - The SQL expression or boolean value that defines the read policy. Set to `true` to allow all reads, `false` to deny all reads, or provide a custom SQL expression. Set to `null` to prevent the policy from being generated.
|
|
* @param options.modify - The SQL expression or boolean value that defines the modify (insert, update, delete) policies. Set to `true` to allow all modifications, `false` to deny all modifications, or provide a custom SQL expression. Set to `null` to prevent policies from being generated.
|
|
* @returns An array of PostgreSQL policy definitions, one for each CRUD operation.
|
|
*/
|
|
export declare const crudPolicy: (options: {
|
|
role: PgPolicyToOption;
|
|
read: SQL | boolean | null;
|
|
modify: SQL | boolean | null;
|
|
}) => (import("../pg-core/index.js").PgPolicy | undefined)[];
|
|
export declare const authenticatedRole: PgRole;
|
|
export declare const anonymousRole: PgRole;
|
|
export declare const authUid: (userIdColumn: AnyPgColumn) => SQL<unknown>;
|