auth/self_service_role_action_specs.ts

Unified self-service role toggle action spec — schemas, error reasons, and the codegen-ready registry.

Client-safe: no query-layer or audit-write imports. Handler factory lives in auth/self_service_role_actions.ts.

Declarations
#

5 declarations

view source

all_self_service_role_action_specs
#

auth/self_service_role_action_specs.ts view source

readonly { method: string; initiator: "frontend" | "backend" | "both"; side_effects: boolean; input: ZodType<unknown, unknown, $ZodTypeInternals<unknown, unknown>>; output: ZodType<unknown, unknown, $ZodTypeInternals<unknown, unknown>>; ... 6 more ...; rate_limit?: "both" | ... 2 more ... | undefined; }[]

All self-service role action specs — a codegen-ready registry. Single-element post-unification, kept for symmetry with the other all_*_action_specs exports so codegen and frontend bundles import the same shape.

ERROR_ROLE_NOT_SELF_SERVICE_ELIGIBLE
#

self_service_role_set_action_spec
#

auth/self_service_role_action_specs.ts view source

{ method: string; kind: "request_response"; initiator: "frontend"; auth: "authenticated"; side_effects: true; input: ZodObject<{ role: ZodString; enabled: ZodBoolean; }, $strict>; output: ZodObject<...>; async: true; description: string; }

SelfServiceRoleSetInput
#

SelfServiceRoleSetOutput
#

auth/self_service_role_action_specs.ts view source

ZodObject<{ ok: ZodLiteral<true>; enabled: ZodBoolean; changed: ZodBoolean; }, $strict>

Output for self_service_role_set. enabled echoes the post-call state (always equals the input enabled on success). changed is true only when the call mutated — re-grants / re-revokes return false.

Depends on
#

Imported by
#