From 391aae20e75d1eedaadd3ccd4b0ba9b0fc1cfefa Mon Sep 17 00:00:00 2001
From: Moses Ingersoll <258583966+burning-bush-dev@users.noreply.github.com>
Date: Sun, 12 Apr 2026 21:45:55 +0100
Subject: [PATCH 1/2] add delegation validation schemas

Joi schemas for delegation CRUD (GET, POST, PUT, DELETE) and updated
index exports. Bump to 0.8.10.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 CHANGELOG.md      |  4 +++
 index.js          |  4 ++-
 lib/delegation.js | 75 +++++++++++++++++++++++++++++++++++++++++++++++
 package.json      |  2 +-
 4 files changed, 83 insertions(+), 2 deletions(-)
 create mode 100644 lib/delegation.js

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 736616c..816f030 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
 
 ### Unreleased
 
+### [0.8.10] - 2026-04-12
+
+- delegation: add validation schemas for GET, POST, PUT, DELETE (#22)
+
 ### [0.8.9] - 2026-03-29
 
 - group: GET can return one group or array
diff --git a/index.js b/index.js
index 3768b20..9931c9f 100644
--- a/index.js
+++ b/index.js
@@ -1,3 +1,4 @@
+import * as delegation from './lib/delegation.js'
 import * as group from './lib/group.js'
 import * as nameserver from './lib/nameserver.js'
 import * as permission from './lib/permission.js'
@@ -6,9 +7,10 @@ import * as user from './lib/user.js'
 import * as zone from './lib/zone.js'
 import * as zone_record from './lib/zone_record.js'
 
-export { group, nameserver, permission, session, user, zone, zone_record }
+export { delegation, group, nameserver, permission, session, user, zone, zone_record }
 
 export default {
+  delegation,
   group,
   nameserver,
   permission,
diff --git a/lib/delegation.js b/lib/delegation.js
new file mode 100644
index 0000000..831315a
--- /dev/null
+++ b/lib/delegation.js
@@ -0,0 +1,75 @@
+import Joi from 'joi'
+
+import * as shared from './shared.js'
+
+const objectType = Joi.string().valid('ZONE', 'ZONERECORD', 'NAMESERVER', 'GROUP')
+
+const permBool = Joi.boolean().default(true)
+
+const delegationPerms = {
+  perm_write: permBool,
+  perm_delete: permBool,
+  perm_delegate: permBool,
+  zone_perm_add_records: permBool,
+  zone_perm_delete_records: permBool,
+}
+
+const delegationObj = Joi.object({
+  nt_group_id: shared.uint32,
+  nt_object_id: shared.uint32,
+  nt_object_type: objectType,
+  group_name: Joi.string().allow('', null),
+  delegated_by_id: shared.uint32.allow(null),
+  delegated_by_name: Joi.string().allow('', null),
+
+  delegate_write: Joi.number().integer().min(0).max(1),
+  delegate_delete: Joi.number().integer().min(0).max(1),
+  delegate_delegate: Joi.number().integer().min(0).max(1),
+  delegate_add_records: Joi.number().integer().min(0).max(1),
+  delegate_delete_records: Joi.number().integer().min(0).max(1),
+
+  // zone fields from JOIN (when type=ZONE)
+  nt_zone_id: shared.uint32,
+  zone: Joi.string().allow('', null),
+  description: Joi.string().allow('', null),
+
+  // zone record fields from JOIN (when type=ZONERECORD)
+  nt_zone_record_id: shared.uint32,
+}).unknown(true)
+
+export const POST = Joi.object({
+  gid: shared.uint32.required(),
+  oid: shared.uint32.required(),
+  type: objectType.required(),
+  delegated_by_id: shared.uint32,
+  delegated_by_name: Joi.string().max(50),
+  ...delegationPerms,
+})
+
+export const GET_req = Joi.object({
+  gid: shared.uint32,
+  oid: shared.uint32,
+  type: objectType,
+})
+
+export const GET_res = Joi.object({
+  delegation: Joi.array().items(delegationObj),
+  meta: shared.meta,
+})
+
+export const PUT = Joi.object({
+  gid: shared.uint32.required(),
+  oid: shared.uint32.required(),
+  type: objectType.required(),
+  perm_write: Joi.boolean(),
+  perm_delete: Joi.boolean(),
+  perm_delegate: Joi.boolean(),
+  zone_perm_add_records: Joi.boolean(),
+  zone_perm_delete_records: Joi.boolean(),
+})
+
+export const DELETE = Joi.object({
+  gid: shared.uint32.required(),
+  oid: shared.uint32.required(),
+  type: objectType.required(),
+})
diff --git a/package.json b/package.json
index 20ac64c..a371b97 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@nictool/validate",
-  "version": "0.8.9",
+  "version": "0.8.10",
   "description": "NicTool Object Validation",
   "type": "module",
   "files": [

From 562bd7c5511839f91e2d74cf87db7cbbc1210097 Mon Sep 17 00:00:00 2001
From: Matt Simerson <matt@tnpi.net>
Date: Mon, 13 Apr 2026 09:23:48 -0500
Subject: [PATCH 2/2] Update CHANGELOG for version 0.8.10

Updated version date for release 0.8.10 and added validation schemas.
---
 CHANGELOG.md | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index aadc967..e65643f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,15 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
 
 ### Unreleased
 
-<<<<<<< feat/authz-enforcement
-### [0.8.10] - 2026-04-12
-
-- delegation: add validation schemas for GET, POST, PUT, DELETE (#22)
-=======
 ### [0.8.10] - 2026-04-13
 
-
->>>>>>> main
+- delegation: add validation schemas for GET, POST, PUT, DELETE (#22)
+- deps: bump versions
 
 ### [0.8.9] - 2026-03-29