@balena/pinejs 15.0.0-build-15-x-4acccbc677d2f8b6c23ace10945cd167339fc8df-1 → 15.0.0-build-15-x-bf3a44dfe299de8966cf9bc201fa13fdf9d4a747-1

package/src/migrator/async.ts

@@ -14,7 +14,6 @@ type InitialMigrationStatus = MigrationStatus &
 import {
 	MigrationTuple,
 	AsyncMigrationFn,
-	setExecutedMigrations,
 	getExecutedMigrations,
 	migratorEnv,
 	lockMigrations,
@@ -64,19 +63,10 @@ const $run = async (
 	}> = [];
 
 	// get a transaction for setting up the async migrator
-	const modelIsNew = await sbvrUtils.isModelNew(setupTx, modelName);
-	const executedMigrations = await getExecutedMigrations(setupTx, modelName);
 
-	if (modelIsNew) {
-		(sbvrUtils.api.migrations?.logger.info ?? console.info)(
-			'First time model has executed, skipping async migrations',
-		);
+	const executedMigrations = await getExecutedMigrations(setupTx, modelName);
 
-		return await setExecutedMigrations(setupTx, modelName, [
-			...executedMigrations,
-			...Object.keys(migrations),
-		]);
-	}
+	// if the model is new, the sync migration parts (marked by finalize=true) are already marked in the sync migration runner.
 
 	/**
 	 * preflight check if there are already migrations executed before starting the async scheduler
@@ -246,6 +236,26 @@ const $run = async (
 										// when it fails it would break the transaction for managing the migration status
 										const migratedRows = await sbvrUtils.db.transaction(
 											async (migrationTx) => {
+												// disable automatic close on the management transaction as the migration transaction consumes up to max autoClose time
+												// disable first here, to let if fail when it takes to long before coming here to actually migrate.
+												tx.disableAutomaticClose();
+												const rollbackMigrationTx = async () => {
+													// if the parent transaction fails for any reason, the actual running migration transaction has to be rolled back to stop parallel unsafe async migrations.
+													try {
+														if (!migrationTx.isClosed()) {
+															await migrationTx.rollback();
+														}
+													} catch (err) {
+														(
+															sbvrUtils.api.migrations?.logger.error ??
+															console.error
+														)(
+															`error rolling back pending async migration tx on mgmt tx end/rollback: ${key}: ${err}`,
+														);
+													}
+												};
+												tx.on('rollback', rollbackMigrationTx);
+												tx.on('end', rollbackMigrationTx);
 												return (
 													(await asyncRunnerMigratorFn?.(migrationTx)) ?? 0
 												);

package/src/migrator/utils.ts

@@ -19,11 +19,17 @@ export const migrations: Migrations = {
 				await tx.executeSql(`\
 					ALTER TABLE "migration"
 					MODIFY "executed migrations" JSON NOT NULL;`);
+				await tx.executeSql(`\
+					ALTER TABLE "migration status"
+					MODIFY "is backing off" JSON NOT NULL;`);
 				break;
 			case 'postgres':
 				await tx.executeSql(`\
 					ALTER TABLE "migration"
 					ALTER COLUMN "executed migrations" SET DATA TYPE JSONB USING b::JSONB;`);
+				await tx.executeSql(`\
+					ALTER TABLE "migration status"
+					ALTER COLUMN "is backing off" SET DATA TYPE JSONB USING b::JSONB;`);
 				break;
 			// No need to migrate for websql
 		}
@@ -53,8 +59,7 @@ export type AsyncMigrationFn = (
 ) => Resolvable<Result>;
 
 type AddFn<T extends {}, x extends 'sync' | 'async'> = T & {
-	syncFn: MigrationFn;
-	asyncFn: AsyncMigrationFn;
+	[key in `${x}Fn`]: key extends 'syncFn' ? MigrationFn : AsyncMigrationFn;
 } & {
 	[key in `${x}Sql`]?: undefined;
 };
@@ -79,13 +84,19 @@ export type AsyncMigration =
 	| AddFn<AddSql<BaseAsyncMigration, 'sync'>, 'async'>;
 
 export function isAsyncMigration(
-	migration: AsyncMigration | RunnableMigrations,
+	migration: string | MigrationFn | AsyncMigration | RunnableMigrations,
 ): migration is AsyncMigration {
-	return (migration as AsyncMigration).type === MigrationCategories.async;
+	return (
+		((typeof (migration as AsyncMigration).asyncFn === 'function' ||
+			typeof (migration as AsyncMigration).asyncSql === 'string') &&
+			(typeof (migration as AsyncMigration).syncFn === 'function' ||
+				typeof (migration as AsyncMigration).syncSql === 'string')) ||
+		(migration as AsyncMigration).type === MigrationCategories.async
+	);
 }
 
 export function isSyncMigration(
-	migration: string | MigrationFn | RunnableMigrations,
+	migration: string | MigrationFn | RunnableMigrations | AsyncMigration,
 ): migration is MigrationFn {
 	return typeof migration === 'function' || typeof migration === 'string';
 }

package/src/passport-pinejs/passport-pinejs.ts

@@ -10,7 +10,7 @@ import * as permissions from '../sbvr-api/permissions';
 export let login: (
 	fn: (
 		err: any,
-		user: {} | undefined,
+		user: {} | null | false | undefined,
 		req: Express.Request,
 		res: Express.Response,
 		next: Express.NextFunction,
@@ -54,15 +54,15 @@ const setup: ConfigLoader.SetupFunction = async (app: Express.Application) => {
 		passport.use(new LocalStrategy(checkPassword));
 
 		login = (fn) => (req, res, next) =>
-			passport.authenticate('local', (err, user?) => {
-				if (err || user == null) {
+			passport.authenticate('local', ((err, user) => {
+				if (err || user == null || user === false) {
 					fn(err, user, req, res, next);
 					return;
 				}
 				req.login(user, (error) => {
 					fn(error, user, req, res, next);
 				});
-			})(req, res, next);
+			}) as Passport.AuthenticateCallback)(req, res, next);
 
 		logout = (req, _res, next) => {
 			req.logout((error) => {

package/src/sbvr-api/abstract-sql.ts

@@ -1,6 +1,7 @@
 import * as _ from 'lodash';
 
 import * as AbstractSQLCompiler from '@balena/abstract-sql-compiler';
+import type { BindKey } from '@balena/odata-parser';
 import {
 	ODataBinds,
 	odataNameToSqlName,
@@ -123,7 +124,7 @@ export const getAndCheckBindValues = async (
 						throw new Error('Invalid binding');
 					}
 					let dataType;
-					[dataType, value] = odataBinds[bindValue];
+					[dataType, value] = odataBinds[bindValue as BindKey];
 					field = { dataType };
 				} else {
 					throw new Error(`Unknown binding: ${binding}`);

package/src/sbvr-api/hooks.ts

@@ -442,7 +442,7 @@ export const runHooks = async <T extends keyof Hooks>(
 		await Promise.all(
 			(modelHooks as Array<Hook<HookFn>>).map(async (hook) => {
 				if (hook.readOnlyTx) {
-					modelReadOnlyArgs ??= getReadOnlyArgs(modelName, args);
+					modelReadOnlyArgs ??= getReadOnlyArgs(modelName, modelArgs);
 					await hook.run(modelReadOnlyArgs);
 				} else {
 					await hook.run(modelArgs);

package/src/sbvr-api/permissions.ts

@@ -1,8 +1,8 @@
 import type {
 	AbstractSqlModel,
 	AbstractSqlQuery,
-	AbstractSqlType,
 	AliasNode,
+	AnyTypeNodes,
 	Definition,
 	FieldNode,
 	ReferencedFieldNode,
@@ -657,7 +657,7 @@ const generateConstrainedAbstractSql = (
 	const select = abstractSqlQuery.find(
 		(v): v is SelectNode => v[0] === 'Select',
 	)!;
-	select[1] = select[1].map((selectField): AbstractSqlType => {
+	select[1] = select[1].map((selectField): AnyTypeNodes => {
 		if (selectField[0] === 'Alias') {
 			const sqlName = odataNameToSqlName((selectField as AliasNode<any>)[2]);
 			const maybeField = (
@@ -1045,7 +1045,9 @@ const getBoundConstrainedMemoizer = memoizeWeak(
 									permissionsLookup,
 									permissions,
 									vocabulary,
-									sqlNameToODataName(permissionsTable.name),
+									sqlNameToODataName(
+										permissionsTable.modifyName ?? permissionsTable.name,
+									),
 								),
 							);
 
@@ -1603,7 +1605,7 @@ const getGuestPermissions = memoize(
 
 const getReqPermissions = async (
 	req: PermissionReq,
-	odataBinds: ODataBinds = [],
+	odataBinds: ODataBinds = [] as any as ODataBinds,
 ) => {
 	const guestPermissions = await (async () => {
 		if (

package/src/sbvr-api/sbvr-utils.ts

@@ -23,6 +23,7 @@ import { version as AbstractSQLCompilerVersion } from '@balena/abstract-sql-comp
 import * as LF2AbstractSQL from '@balena/lf-to-abstract-sql';
 
 import {
+	ODataBinds,
 	odataNameToSqlName,
 	sqlNameToODataName,
 	SupportedMethod,
@@ -372,12 +373,60 @@ export const isModelNew = async (
 	return !cachedIsModelNew.has(modelName);
 };
 
+const bindsForAffectedIds = (
+	bindings: AbstractSQLCompiler.Binding[],
+	request?: Pick<
+		uriParser.ODataRequest,
+		| 'vocabulary'
+		| 'abstractSqlModel'
+		| 'method'
+		| 'resourceName'
+		| 'affectedIds'
+	>,
+) => {
+	if (request?.affectedIds == null) {
+		return {};
+	}
+
+	const tableName =
+		getAbstractSqlModel(request).tables[resolveSynonym(request)].name;
+
+	// If we're deleting the affected IDs then we can't narrow our rule to
+	// those IDs that are now missing
+	const isDelete = request.method === 'DELETE';
+
+	const odataBinds: { [key: string]: any } = {};
+	for (const bind of bindings) {
+		if (
+			bind.length !== 2 ||
+			bind[0] !== 'Bind' ||
+			typeof bind[1] !== 'string'
+		) {
+			continue;
+		}
+
+		const bindName = bind[1];
+		if (!isDelete && bindName === tableName) {
+			odataBinds[bindName] = ['Text', `{${request.affectedIds}}`];
+		} else {
+			odataBinds[bindName] = ['Text', '{}'];
+		}
+	}
+
+	return odataBinds;
+};
+
 export const validateModel = async (
 	tx: Db.Tx,
 	modelName: string,
 	request?: Pick<
 		uriParser.ODataRequest,
-		'abstractSqlQuery' | 'modifiedFields' | 'method' | 'vocabulary'
+		| 'abstractSqlQuery'
+		| 'modifiedFields'
+		| 'method'
+		| 'vocabulary'
+		| 'resourceName'
+		| 'affectedIds'
 	>,
 ): Promise<void> => {
 	const { sql } = models[modelName];
@@ -394,7 +443,16 @@ export const validateModel = async (
 			const values = await getAndCheckBindValues(
 				{
 					vocabulary: modelName,
-					odataBinds: [],
+					// TODO: `odataBinds` is of type `ODataBinds`, which is an
+					// array with extra arbitrary fields. `getAndCheckBindValues`
+					// accepts that and also a pure object form for this
+					// argument. Given how arrays have predefined symbols,
+					// `bindsForAffectedIds` cannot return an `ODataBinds`.
+					// Both `ODataBinds` and `getAndCheckBindValues` should be
+					// fixed to accept a pure object with both string and
+					// numerical keys, for named and positional binds
+					// respectively
+					odataBinds: bindsForAffectedIds(rule.bindings, request) as any,
 					values: {},
 					engine: db.engine,
 				},
@@ -832,7 +890,7 @@ export const runRule = (() => {
 		const values = await getAndCheckBindValues(
 			{
 				vocabulary: vocab,
-				odataBinds: [],
+				odataBinds: [] as any as ODataBinds,
 				values: {},
 				engine: db.engine,
 			},
@@ -1479,7 +1537,8 @@ const updateBinds = (
 	request: uriParser.ODataRequest,
 ) => {
 	if (request._defer) {
-		request.odataBinds = request.odataBinds.map(([tag, id]) => {
+		for (let i = 0; i < request.odataBinds.length; i++) {
+			const [tag, id] = request.odataBinds[i];
 			if (tag === 'ContentReference') {
 				const ref = changeSetResults.get(id);
 				if (
@@ -1491,10 +1550,9 @@ const updateBinds = (
 						'Reference to a non existing resource in Changeset',
 					);
 				}
-				return uriParser.parseId(ref.body.id);
+				request.odataBinds[i] = uriParser.parseId(ref.body.id);
 			}
-			return [tag, id];
-		});
+		}
 	}
 	return request;
 };

package/src/sbvr-api/translations.ts

@@ -24,47 +24,75 @@ export type AliasValidNodeType =
 	| UnknownTypeNodes
 	| NullNode;
 const aliasFields = (
-	abstractSqlModel: AbstractSqlModel,
-	resourceName: string,
+	fromAbstractSqlModel: AbstractSqlModel,
+	toAbstractSqlModel: AbstractSqlModel,
+	fromResourceName: string,
+	toResource: string,
 	aliases: Dictionary<string | AliasValidNodeType>,
 ): SelectNode[1] => {
-	const fieldNames = abstractSqlModel.tables[resourceName].fields.map(
-		({ fieldName }) => fieldName,
-	);
-	const nonexistentFields = _.difference(Object.keys(aliases), fieldNames);
+	const fromFieldNames = fromAbstractSqlModel.tables[
+		fromResourceName
+	].fields.map(({ fieldName }) => fieldName);
+	const nonexistentFields = _.difference(Object.keys(aliases), fromFieldNames);
 	if (nonexistentFields.length > 0) {
 		throw new Error(
 			`Tried to alias non-existent fields: '${nonexistentFields.join(', ')}'`,
 		);
 	}
-	return fieldNames.map(
+	const toFieldNames = toAbstractSqlModel.tables[toResource].fields.map(
+		({ fieldName }) => fieldName,
+	);
+	const checkToFieldExists = (fromFieldName: string, toFieldName: string) => {
+		if (!toFieldNames.includes(toFieldName)) {
+			throw new Error(
+				`Tried to alias '${fromFieldName}' to the non-existent target field: '${toFieldName}'`,
+			);
+		}
+	};
+	return fromFieldNames.map(
 		(fieldName): AliasNode<AliasValidNodeType> | ReferencedFieldNode => {
 			const alias = aliases[fieldName];
 			if (alias) {
 				if (typeof alias === 'string') {
-					return ['Alias', ['ReferencedField', resourceName, alias], fieldName];
+					checkToFieldExists(fieldName, alias);
+					return [
+						'Alias',
+						['ReferencedField', fromResourceName, alias],
+						fieldName,
+					];
 				}
 				return ['Alias', alias, fieldName];
 			}
-			return ['ReferencedField', resourceName, fieldName];
+			checkToFieldExists(fieldName, fieldName);
+			return ['ReferencedField', fromResourceName, fieldName];
 		},
 	);
 };
 
 const aliasResource = (
-	abstractSqlModel: AbstractSqlModel,
-	resourceName: string,
+	fromAbstractSqlModel: AbstractSqlModel,
+	toAbstractSqlModel: AbstractSqlModel,
+	fromResourceName: string,
 	toResource: string,
 	aliases: Dictionary<string | AliasValidNodeType>,
 ): Definition => {
-	if (!abstractSqlModel.tables[toResource]) {
+	if (!toAbstractSqlModel.tables[toResource]) {
 		throw new Error(`Tried to alias to a non-existent resource: ${toResource}`);
 	}
 	return {
 		abstractSql: [
 			'SelectQuery',
-			['Select', aliasFields(abstractSqlModel, resourceName, aliases)],
-			['From', ['Alias', ['Resource', toResource], resourceName]],
+			[
+				'Select',
+				aliasFields(
+					fromAbstractSqlModel,
+					toAbstractSqlModel,
+					fromResourceName,
+					toResource,
+					aliases,
+				),
+			],
+			['From', ['Alias', ['Resource', toResource], fromResourceName]],
 		],
 	};
 };
@@ -196,6 +224,7 @@ export const translateAbstractSqlModel = (
 			} else {
 				table.definition = aliasResource(
 					fromAbstractSqlModel,
+					toAbstractSqlModel,
 					key,
 					toResource,
 					definition,

package/src/sbvr-api/uri-parser.ts

@@ -124,7 +124,9 @@ export const memoizedParseOdata = (() => {
 						},
 					);
 					parsed.tree.options ??= {};
-					for (const key of Object.keys(parsedParams.tree)) {
+					for (const key of Object.keys(
+						parsedParams.tree,
+					) as ODataParser.BindKey[]) {
 						parsed.tree.options[key] = parsedParams.tree[key];
 						parsed.binds[key] = parsedParams.binds[key];
 					}

package/tsconfig.dev.json

@@ -6,6 +6,7 @@
 	"include": [
 		"build/**/*",
 		"src/**/*",
+		"test/**/*",
 		"typings/**/*.d.ts"
 	]
 }