UNPKG

@mastra/core

Version:

Mastra is a framework for building AI-powered applications and agents with a modern TypeScript stack.

mastra.ai

mastra-ai/mastra

475 lines 21.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
/** * AUTO-GENERATED FILE - DO NOT EDIT DIRECTLY * * This file is generated by packages/server/scripts/generate-permissions.ts * Run `pnpm generate:permissions` from packages/server to regenerate. * * Source of truth: SERVER_ROUTES in @mastra/server */ /** * All known API resources. * Derived from SERVER_ROUTES paths in @mastra/server. */ export declare const RESOURCES: readonly ["a2a", "agents", "background-tasks", "channels", "datasets", "embedders", "experiments", "logs", "mcp", "memory", "observability", "processor-providers", "processors", "schedules", "scores", "stored-agents", "stored-mcp-clients", "stored-prompt-blocks", "stored-scorers", "stored-skills", "stored-workspaces", "system", "tool-providers", "tools", "vector", "vectors", "workflows", "workspaces"]; /** * Resource type union. */ export type Resource = (typeof RESOURCES)[number]; /** * All permission actions. * Derived from HTTP methods and route overrides: * - GET → read * - POST → write or execute (context-dependent) * - PUT/PATCH → write * - DELETE → delete * - Additional actions from explicit requiresPermission overrides */ export declare const ACTIONS: readonly ["create", "delete", "execute", "publish", "read", "share", "write"]; /** * Action type union. */ export type Action = (typeof ACTIONS)[number]; /** * All valid permission patterns. * Use `keyof typeof PERMISSION_PATTERNS` or the `PermissionPattern` type. */ export declare const PERMISSION_PATTERNS: { /** Full access to all resources and actions */ readonly '*': "*"; /** Create all resources */ readonly '*:create': "*:create"; /** Delete all resources */ readonly '*:delete': "*:delete"; /** Execute all resources */ readonly '*:execute': "*:execute"; /** Publish, activate, or restore all resources */ readonly '*:publish': "*:publish"; /** View all resources */ readonly '*:read': "*:read"; /** Change visibility/audience all resources */ readonly '*:share': "*:share"; /** Create and modify all resources */ readonly '*:write': "*:write"; /** Full access to agent-to-agent communication */ readonly 'a2a:*': "a2a:*"; /** Full access to agents */ readonly 'agents:*': "agents:*"; /** Full access to background tasks */ readonly 'background-tasks:*': "background-tasks:*"; /** Full access to channels */ readonly 'channels:*': "channels:*"; /** Full access to datasets */ readonly 'datasets:*': "datasets:*"; /** Full access to embedders */ readonly 'embedders:*': "embedders:*"; /** Full access to experiments */ readonly 'experiments:*': "experiments:*"; /** Full access to logs */ readonly 'logs:*': "logs:*"; /** Full access to MCP servers */ readonly 'mcp:*': "mcp:*"; /** Full access to memory and threads */ readonly 'memory:*': "memory:*"; /** Full access to traces and spans */ readonly 'observability:*': "observability:*"; /** Full access to processor-providers */ readonly 'processor-providers:*': "processor-providers:*"; /** Full access to processors */ readonly 'processors:*': "processors:*"; /** Full access to schedules */ readonly 'schedules:*': "schedules:*"; /** Full access to evaluation scores */ readonly 'scores:*': "scores:*"; /** Full access to stored agents */ readonly 'stored-agents:*': "stored-agents:*"; /** Full access to stored MCP clients */ readonly 'stored-mcp-clients:*': "stored-mcp-clients:*"; /** Full access to stored prompt blocks */ readonly 'stored-prompt-blocks:*': "stored-prompt-blocks:*"; /** Full access to stored scorers */ readonly 'stored-scorers:*': "stored-scorers:*"; /** Full access to stored skills */ readonly 'stored-skills:*': "stored-skills:*"; /** Full access to stored workspaces */ readonly 'stored-workspaces:*': "stored-workspaces:*"; /** Full access to system info */ readonly 'system:*': "system:*"; /** Full access to tool-providers */ readonly 'tool-providers:*': "tool-providers:*"; /** Full access to tools */ readonly 'tools:*': "tools:*"; /** Full access to vector stores */ readonly 'vector:*': "vector:*"; /** Full access to vectors */ readonly 'vectors:*': "vectors:*"; /** Full access to workflows */ readonly 'workflows:*': "workflows:*"; /** Full access to workspaces */ readonly 'workspaces:*': "workspaces:*"; /** View agent-to-agent communication */ readonly 'a2a:read': "a2a:read"; /** Create and modify agent-to-agent communication */ readonly 'a2a:write': "a2a:write"; /** Create agents */ readonly 'agents:create': "agents:create"; /** Delete agents */ readonly 'agents:delete': "agents:delete"; /** Execute agents */ readonly 'agents:execute': "agents:execute"; /** View agents */ readonly 'agents:read': "agents:read"; /** Create and modify agents */ readonly 'agents:write': "agents:write"; /** View background tasks */ readonly 'background-tasks:read': "background-tasks:read"; /** View channels */ readonly 'channels:read': "channels:read"; /** Create and modify channels */ readonly 'channels:write': "channels:write"; /** Delete datasets */ readonly 'datasets:delete': "datasets:delete"; /** Execute datasets */ readonly 'datasets:execute': "datasets:execute"; /** View datasets */ readonly 'datasets:read': "datasets:read"; /** Create and modify datasets */ readonly 'datasets:write': "datasets:write"; /** View embedders */ readonly 'embedders:read': "embedders:read"; /** View experiments */ readonly 'experiments:read': "experiments:read"; /** View logs */ readonly 'logs:read': "logs:read"; /** Execute MCP servers */ readonly 'mcp:execute': "mcp:execute"; /** View MCP servers */ readonly 'mcp:read': "mcp:read"; /** Create and modify MCP servers */ readonly 'mcp:write': "mcp:write"; /** Delete memory and threads */ readonly 'memory:delete': "memory:delete"; /** Execute memory and threads */ readonly 'memory:execute': "memory:execute"; /** View memory and threads */ readonly 'memory:read': "memory:read"; /** Create and modify memory and threads */ readonly 'memory:write': "memory:write"; /** View traces and spans */ readonly 'observability:read': "observability:read"; /** Create and modify traces and spans */ readonly 'observability:write': "observability:write"; /** View processor-providers */ readonly 'processor-providers:read': "processor-providers:read"; /** Execute processors */ readonly 'processors:execute': "processors:execute"; /** View processors */ readonly 'processors:read': "processors:read"; /** Execute schedules */ readonly 'schedules:execute': "schedules:execute"; /** View schedules */ readonly 'schedules:read': "schedules:read"; /** Create and modify schedules */ readonly 'schedules:write': "schedules:write"; /** View evaluation scores */ readonly 'scores:read': "scores:read"; /** Create and modify evaluation scores */ readonly 'scores:write': "scores:write"; /** Delete stored agents */ readonly 'stored-agents:delete': "stored-agents:delete"; /** Publish, activate, or restore stored agents */ readonly 'stored-agents:publish': "stored-agents:publish"; /** View stored agents */ readonly 'stored-agents:read': "stored-agents:read"; /** Create and modify stored agents */ readonly 'stored-agents:write': "stored-agents:write"; /** Delete stored MCP clients */ readonly 'stored-mcp-clients:delete': "stored-mcp-clients:delete"; /** Publish, activate, or restore stored MCP clients */ readonly 'stored-mcp-clients:publish': "stored-mcp-clients:publish"; /** View stored MCP clients */ readonly 'stored-mcp-clients:read': "stored-mcp-clients:read"; /** Create and modify stored MCP clients */ readonly 'stored-mcp-clients:write': "stored-mcp-clients:write"; /** Delete stored prompt blocks */ readonly 'stored-prompt-blocks:delete': "stored-prompt-blocks:delete"; /** Publish, activate, or restore stored prompt blocks */ readonly 'stored-prompt-blocks:publish': "stored-prompt-blocks:publish"; /** View stored prompt blocks */ readonly 'stored-prompt-blocks:read': "stored-prompt-blocks:read"; /** Create and modify stored prompt blocks */ readonly 'stored-prompt-blocks:write': "stored-prompt-blocks:write"; /** Delete stored scorers */ readonly 'stored-scorers:delete': "stored-scorers:delete"; /** Publish, activate, or restore stored scorers */ readonly 'stored-scorers:publish': "stored-scorers:publish"; /** View stored scorers */ readonly 'stored-scorers:read': "stored-scorers:read"; /** Create and modify stored scorers */ readonly 'stored-scorers:write': "stored-scorers:write"; /** Delete stored skills */ readonly 'stored-skills:delete': "stored-skills:delete"; /** Publish, activate, or restore stored skills */ readonly 'stored-skills:publish': "stored-skills:publish"; /** View stored skills */ readonly 'stored-skills:read': "stored-skills:read"; /** Create and modify stored skills */ readonly 'stored-skills:write': "stored-skills:write"; /** Delete stored workspaces */ readonly 'stored-workspaces:delete': "stored-workspaces:delete"; /** View stored workspaces */ readonly 'stored-workspaces:read': "stored-workspaces:read"; /** Create and modify stored workspaces */ readonly 'stored-workspaces:write': "stored-workspaces:write"; /** View system info */ readonly 'system:read': "system:read"; /** View tool-providers */ readonly 'tool-providers:read': "tool-providers:read"; /** Execute tools */ readonly 'tools:execute': "tools:execute"; /** View tools */ readonly 'tools:read': "tools:read"; /** Delete vector stores */ readonly 'vector:delete': "vector:delete"; /** Execute vector stores */ readonly 'vector:execute': "vector:execute"; /** View vector stores */ readonly 'vector:read': "vector:read"; /** Create and modify vector stores */ readonly 'vector:write': "vector:write"; /** View vectors */ readonly 'vectors:read': "vectors:read"; /** Delete workflows */ readonly 'workflows:delete': "workflows:delete"; /** Execute workflows */ readonly 'workflows:execute': "workflows:execute"; /** View workflows */ readonly 'workflows:read': "workflows:read"; /** Create and modify workflows */ readonly 'workflows:write': "workflows:write"; /** Delete workspaces */ readonly 'workspaces:delete': "workspaces:delete"; /** View workspaces */ readonly 'workspaces:read': "workspaces:read"; /** Create and modify workspaces */ readonly 'workspaces:write': "workspaces:write"; /** Full access to all stored resource families */ readonly 'stored:*': "stored:*"; /** View all stored resource families */ readonly 'stored:read': "stored:read"; /** Create and modify all stored resource families */ readonly 'stored:write': "stored:write"; /** Delete all stored resource families */ readonly 'stored:delete': "stored:delete"; /** Change visibility/audience stored agents */ readonly 'stored-agents:share': "stored-agents:share"; /** Change visibility/audience stored skills */ readonly 'stored-skills:share': "stored-skills:share"; }; /** * Permission pattern that can be used in role definitions. * Supports: * - Specific permissions: 'agents:read', 'workflows:execute' * - Resource wildcards: 'agents:*', 'workflows:*' (all actions on a resource) * - Action wildcards: '*:read', '*:write' (an action across all resources) * - Global wildcard: '*' (full access) */ export type PermissionPattern = keyof typeof PERMISSION_PATTERNS; /** * All valid resource:action permission combinations (excludes wildcards). */ export declare const PERMISSIONS: readonly ["a2a:read", "a2a:write", "agents:create", "agents:delete", "agents:execute", "agents:read", "agents:write", "background-tasks:read", "channels:read", "channels:write", "datasets:delete", "datasets:execute", "datasets:read", "datasets:write", "embedders:read", "experiments:read", "logs:read", "mcp:execute", "mcp:read", "mcp:write", "memory:delete", "memory:execute", "memory:read", "memory:write", "observability:read", "observability:write", "processor-providers:read", "processors:execute", "processors:read", "schedules:execute", "schedules:read", "schedules:write", "scores:read", "scores:write", "stored-agents:delete", "stored-agents:publish", "stored-agents:read", "stored-agents:write", "stored-mcp-clients:delete", "stored-mcp-clients:publish", "stored-mcp-clients:read", "stored-mcp-clients:write", "stored-prompt-blocks:delete", "stored-prompt-blocks:publish", "stored-prompt-blocks:read", "stored-prompt-blocks:write", "stored-scorers:delete", "stored-scorers:publish", "stored-scorers:read", "stored-scorers:write", "stored-skills:delete", "stored-skills:publish", "stored-skills:read", "stored-skills:write", "stored-workspaces:delete", "stored-workspaces:read", "stored-workspaces:write", "system:read", "tool-providers:read", "tools:execute", "tools:read", "vector:delete", "vector:execute", "vector:read", "vector:write", "vectors:read", "workflows:delete", "workflows:execute", "workflows:read", "workflows:write", "workspaces:delete", "workspaces:read", "workspaces:write"]; /** * Specific permission type (e.g., 'agents:read', 'workflows:execute'). */ export type Permission = (typeof PERMISSIONS)[number]; /** * Type-safe constants for Mastra-owned FGA permissions. * * These values are generated from server routes and can be used wherever * Mastra checks or maps FGA permissions. */ export declare const MastraFGAPermissions: { /** View agent-to-agent communication */ readonly A2A_READ: "a2a:read"; /** Create and modify agent-to-agent communication */ readonly A2A_WRITE: "a2a:write"; /** Create agents */ readonly AGENTS_CREATE: "agents:create"; /** Delete agents */ readonly AGENTS_DELETE: "agents:delete"; /** Execute agents */ readonly AGENTS_EXECUTE: "agents:execute"; /** View agents */ readonly AGENTS_READ: "agents:read"; /** Create and modify agents */ readonly AGENTS_WRITE: "agents:write"; /** View background tasks */ readonly BACKGROUND_TASKS_READ: "background-tasks:read"; /** View channels */ readonly CHANNELS_READ: "channels:read"; /** Create and modify channels */ readonly CHANNELS_WRITE: "channels:write"; /** Delete datasets */ readonly DATASETS_DELETE: "datasets:delete"; /** Execute datasets */ readonly DATASETS_EXECUTE: "datasets:execute"; /** View datasets */ readonly DATASETS_READ: "datasets:read"; /** Create and modify datasets */ readonly DATASETS_WRITE: "datasets:write"; /** View embedders */ readonly EMBEDDERS_READ: "embedders:read"; /** View experiments */ readonly EXPERIMENTS_READ: "experiments:read"; /** View logs */ readonly LOGS_READ: "logs:read"; /** Execute MCP servers */ readonly MCP_EXECUTE: "mcp:execute"; /** View MCP servers */ readonly MCP_READ: "mcp:read"; /** Create and modify MCP servers */ readonly MCP_WRITE: "mcp:write"; /** Delete memory and threads */ readonly MEMORY_DELETE: "memory:delete"; /** Execute memory and threads */ readonly MEMORY_EXECUTE: "memory:execute"; /** View memory and threads */ readonly MEMORY_READ: "memory:read"; /** Create and modify memory and threads */ readonly MEMORY_WRITE: "memory:write"; /** View traces and spans */ readonly OBSERVABILITY_READ: "observability:read"; /** Create and modify traces and spans */ readonly OBSERVABILITY_WRITE: "observability:write"; /** View processor-providers */ readonly PROCESSOR_PROVIDERS_READ: "processor-providers:read"; /** Execute processors */ readonly PROCESSORS_EXECUTE: "processors:execute"; /** View processors */ readonly PROCESSORS_READ: "processors:read"; /** Execute schedules */ readonly SCHEDULES_EXECUTE: "schedules:execute"; /** View schedules */ readonly SCHEDULES_READ: "schedules:read"; /** Create and modify schedules */ readonly SCHEDULES_WRITE: "schedules:write"; /** View evaluation scores */ readonly SCORES_READ: "scores:read"; /** Create and modify evaluation scores */ readonly SCORES_WRITE: "scores:write"; /** Delete stored agents */ readonly STORED_AGENTS_DELETE: "stored-agents:delete"; /** Publish, activate, or restore stored agents */ readonly STORED_AGENTS_PUBLISH: "stored-agents:publish"; /** View stored agents */ readonly STORED_AGENTS_READ: "stored-agents:read"; /** Create and modify stored agents */ readonly STORED_AGENTS_WRITE: "stored-agents:write"; /** Delete stored MCP clients */ readonly STORED_MCP_CLIENTS_DELETE: "stored-mcp-clients:delete"; /** Publish, activate, or restore stored MCP clients */ readonly STORED_MCP_CLIENTS_PUBLISH: "stored-mcp-clients:publish"; /** View stored MCP clients */ readonly STORED_MCP_CLIENTS_READ: "stored-mcp-clients:read"; /** Create and modify stored MCP clients */ readonly STORED_MCP_CLIENTS_WRITE: "stored-mcp-clients:write"; /** Delete stored prompt blocks */ readonly STORED_PROMPT_BLOCKS_DELETE: "stored-prompt-blocks:delete"; /** Publish, activate, or restore stored prompt blocks */ readonly STORED_PROMPT_BLOCKS_PUBLISH: "stored-prompt-blocks:publish"; /** View stored prompt blocks */ readonly STORED_PROMPT_BLOCKS_READ: "stored-prompt-blocks:read"; /** Create and modify stored prompt blocks */ readonly STORED_PROMPT_BLOCKS_WRITE: "stored-prompt-blocks:write"; /** Delete stored scorers */ readonly STORED_SCORERS_DELETE: "stored-scorers:delete"; /** Publish, activate, or restore stored scorers */ readonly STORED_SCORERS_PUBLISH: "stored-scorers:publish"; /** View stored scorers */ readonly STORED_SCORERS_READ: "stored-scorers:read"; /** Create and modify stored scorers */ readonly STORED_SCORERS_WRITE: "stored-scorers:write"; /** Delete stored skills */ readonly STORED_SKILLS_DELETE: "stored-skills:delete"; /** Publish, activate, or restore stored skills */ readonly STORED_SKILLS_PUBLISH: "stored-skills:publish"; /** View stored skills */ readonly STORED_SKILLS_READ: "stored-skills:read"; /** Create and modify stored skills */ readonly STORED_SKILLS_WRITE: "stored-skills:write"; /** Delete stored workspaces */ readonly STORED_WORKSPACES_DELETE: "stored-workspaces:delete"; /** View stored workspaces */ readonly STORED_WORKSPACES_READ: "stored-workspaces:read"; /** Create and modify stored workspaces */ readonly STORED_WORKSPACES_WRITE: "stored-workspaces:write"; /** View system info */ readonly SYSTEM_READ: "system:read"; /** View tool-providers */ readonly TOOL_PROVIDERS_READ: "tool-providers:read"; /** Execute tools */ readonly TOOLS_EXECUTE: "tools:execute"; /** View tools */ readonly TOOLS_READ: "tools:read"; /** Delete vector stores */ readonly VECTOR_DELETE: "vector:delete"; /** Execute vector stores */ readonly VECTOR_EXECUTE: "vector:execute"; /** View vector stores */ readonly VECTOR_READ: "vector:read"; /** Create and modify vector stores */ readonly VECTOR_WRITE: "vector:write"; /** View vectors */ readonly VECTORS_READ: "vectors:read"; /** Delete workflows */ readonly WORKFLOWS_DELETE: "workflows:delete"; /** Execute workflows */ readonly WORKFLOWS_EXECUTE: "workflows:execute"; /** View workflows */ readonly WORKFLOWS_READ: "workflows:read"; /** Create and modify workflows */ readonly WORKFLOWS_WRITE: "workflows:write"; /** Delete workspaces */ readonly WORKSPACES_DELETE: "workspaces:delete"; /** View workspaces */ readonly WORKSPACES_READ: "workspaces:read"; /** Create and modify workspaces */ readonly WORKSPACES_WRITE: "workspaces:write"; }; /** * Mastra-owned FGA permission values. */ export type MastraFGAPermission = (typeof MastraFGAPermissions)[keyof typeof MastraFGAPermissions]; /** * FGA permission input accepted by public config and provider APIs. * Keeps autocomplete for Mastra-owned permissions while allowing custom provider strings. */ export type MastraFGAPermissionInput = MastraFGAPermission | (string & {}); /** * Type-safe role mapping configuration. * * Maps role names (from your identity provider) to Mastra permission patterns. * * @example * ```typescript * const roleMapping: TypedRoleMapping = { * "Engineering": ["agents:*", "workflows:*"], * "Product": ["agents:read", "workflows:read"], * "Admin": ["*"], * "_default": [], * }; * ``` */ export type TypedRoleMapping = { [role: string]: PermissionPattern[]; }; /** * Validates that a string is a valid permission pattern. * Useful for runtime validation of permission strings. */ export declare function isValidPermissionPattern(pattern: string): pattern is PermissionPattern; /** * Validates that all permissions in an array are valid patterns. */ export declare function validatePermissions(permissions: string[]): permissions is PermissionPattern[]; //# sourceMappingURL=permissions.generated.d.ts.map