@cerebruminc/yates 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +29 -0
- package/README.md +3 -1
- package/dist/index.js +15 -8
- package/dist/index.js.map +1 -1
- package/images/yates-icon.png +0 -0
- package/package.json +6 -4
- package/.github/workflows/integration-tests.yml +0 -32
- package/.github/workflows/publish-beta.yml +0 -41
- package/.github/workflows/release-please.yml +0 -33
- package/.github/workflows/unit-test.yml +0 -14
- package/Dockerfile.sut +0 -13
- package/docker-compose.yml +0 -36
- package/jest.config.js +0 -7
- package/prisma/migrations/20230120145355_init/migration.sql +0 -31
- package/prisma/migrations/migration_lock.toml +0 -3
- package/prisma/schema.prisma +0 -34
- package/rome.json +0 -15
- package/test/integration/index.spec.ts +0 -29
- package/tsconfig.json +0 -13
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
## [1.0.2](https://github.com/cerebruminc/yates/compare/v1.0.1...v1.0.2) (2023-01-24)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Bug Fixes
|
|
7
|
+
|
|
8
|
+
* Publish package as public explicitly ([2b200e5](https://github.com/cerebruminc/yates/commit/2b200e5e3815c70e9bbf73182613bd5b4997ecb5))
|
|
9
|
+
|
|
10
|
+
## [1.0.1](https://github.com/cerebruminc/yates/compare/v1.0.0...v1.0.1) (2023-01-24)
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
### Bug Fixes
|
|
14
|
+
|
|
15
|
+
* Add NPM version badge to README ([5198969](https://github.com/cerebruminc/yates/commit/51989692711746660bb19044ea732655a1f4ad7b))
|
|
16
|
+
|
|
17
|
+
## 1.0.0 (2023-01-20)
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
### Features
|
|
21
|
+
|
|
22
|
+
* Add basic integration testing ([27bb368](https://github.com/cerebruminc/yates/commit/27bb3680515ffab8868847cfb6d310a2c8abac3e))
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
### Bug Fixes
|
|
26
|
+
|
|
27
|
+
* Update .npmignore to be more aggressive ([3915869](https://github.com/cerebruminc/yates/commit/3915869fd9b8df96b499d53bd5566b06f05c4cc1))
|
|
28
|
+
* Update Icon to something more thematic ([d37a4e4](https://github.com/cerebruminc/yates/commit/d37a4e4141a153c7d598875ec13bfebce63c31f9))
|
|
29
|
+
* Use package-lock for keying action cache ([92375a6](https://github.com/cerebruminc/yates/commit/92375a6bb45586551c8d1a8c5bce600b97346b13))
|
package/README.md
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
<div align="center">
|
|
2
2
|
<img width="200" height="200" src="./images/yates-icon.png">
|
|
3
3
|
|
|
4
|
+
[](https://badge.fury.io/js/cerebruminc/yates)
|
|
5
|
+
|
|
4
6
|
<h1>Yates = Prisma + RLS</h1>
|
|
5
7
|
|
|
6
8
|
<p>
|
|
@@ -9,7 +11,7 @@
|
|
|
9
11
|
<br>
|
|
10
12
|
</div>
|
|
11
13
|
|
|
12
|
-
> English: from Middle English
|
|
14
|
+
> English: from Middle English _yates_ ‘gates’ plural of _yate_ Old English _geat_ ‘gate’ hence a topographic or occupational name for someone who lived by the gates of a town or castle and who probably acted as the gatekeeper or porter.
|
|
13
15
|
|
|
14
16
|
<br>
|
|
15
17
|
|
package/dist/index.js
CHANGED
|
@@ -72,7 +72,8 @@ var createAbilityName = function (model, ability) {
|
|
|
72
72
|
};
|
|
73
73
|
exports.createAbilityName = createAbilityName;
|
|
74
74
|
var createRoleName = function (name) {
|
|
75
|
-
|
|
75
|
+
var normalized = name.toLowerCase().replace("-", "_").replace(/[^a-z_]/g, "");
|
|
76
|
+
return "yates_role_".concat(normalized);
|
|
76
77
|
};
|
|
77
78
|
exports.createRoleName = createRoleName;
|
|
78
79
|
// This middleware is used to set the role and context for the current user so that RLS can be applied
|
|
@@ -283,9 +284,9 @@ var createRoles = function (_a) {
|
|
|
283
284
|
_o = 0;
|
|
284
285
|
_p.label = 9;
|
|
285
286
|
case 9:
|
|
286
|
-
if (!(_o < _l.length)) return [3 /*break*/,
|
|
287
|
+
if (!(_o < _l.length)) return [3 /*break*/, 16];
|
|
287
288
|
_m = _l[_o];
|
|
288
|
-
if (!(_m in _k)) return [3 /*break*/,
|
|
289
|
+
if (!(_m in _k)) return [3 /*break*/, 15];
|
|
289
290
|
key = _m;
|
|
290
291
|
role = (0, exports.createRoleName)(key);
|
|
291
292
|
return [4 /*yield*/, prisma.$queryRawUnsafe("\n do\n $$\n begin\n if not exists (select * from pg_catalog.pg_roles where rolname = '".concat(role, "') then \n create role ").concat(role, ";\n end if;\n end\n $$\n ;\n "))];
|
|
@@ -293,10 +294,16 @@ var createRoles = function (_a) {
|
|
|
293
294
|
_p.sent();
|
|
294
295
|
// Note: We need to GRANT all on schema public so that we can resolve relation queries with prisma, as they will sometimes use a join table.
|
|
295
296
|
// This is not ideal, but because we are using RLS, it's not a security risk. Any table with RLS also needs a corresponding policy for the role to have access.
|
|
296
|
-
return [4 /*yield*/, prisma.$queryRawUnsafe("\n
|
|
297
|
+
return [4 /*yield*/, prisma.$queryRawUnsafe("\n\t\t\tGRANT ALL ON ALL TABLES IN SCHEMA public TO ".concat(role, ";\n\t\t"))];
|
|
297
298
|
case 11:
|
|
298
299
|
// Note: We need to GRANT all on schema public so that we can resolve relation queries with prisma, as they will sometimes use a join table.
|
|
299
300
|
// This is not ideal, but because we are using RLS, it's not a security risk. Any table with RLS also needs a corresponding policy for the role to have access.
|
|
301
|
+
_p.sent();
|
|
302
|
+
return [4 /*yield*/, prisma.$queryRawUnsafe("\n\t\t\tGRANT ALL ON ALL SEQUENCES IN SCHEMA public TO ".concat(role, ";\n\t\t"))];
|
|
303
|
+
case 12:
|
|
304
|
+
_p.sent();
|
|
305
|
+
return [4 /*yield*/, prisma.$queryRawUnsafe("\n\t\t\tGRANT ALL ON SCHEMA public TO ".concat(role, ";\n\t\t"))];
|
|
306
|
+
case 13:
|
|
300
307
|
_p.sent();
|
|
301
308
|
wildCardAbilities = (0, flatMap_1["default"])(abilities, function (model, modelName) {
|
|
302
309
|
return (0, map_1["default"])(model, function (params, slug) {
|
|
@@ -308,13 +315,13 @@ var createRoles = function (_a) {
|
|
|
308
315
|
? wildCardAbilities
|
|
309
316
|
: roleAbilities.map(function (ability) { return (0, exports.createAbilityName)(ability.model, ability.slug); });
|
|
310
317
|
return [4 /*yield*/, prisma.$queryRawUnsafe("GRANT ".concat(rlsRoles.join(", "), " TO ").concat(role))];
|
|
311
|
-
case
|
|
318
|
+
case 14:
|
|
312
319
|
_p.sent();
|
|
313
|
-
_p.label =
|
|
314
|
-
case
|
|
320
|
+
_p.label = 15;
|
|
321
|
+
case 15:
|
|
315
322
|
_o++;
|
|
316
323
|
return [3 /*break*/, 9];
|
|
317
|
-
case
|
|
324
|
+
case 16: return [2 /*return*/];
|
|
318
325
|
}
|
|
319
326
|
});
|
|
320
327
|
});
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,2DAAqC;AACrC,mDAA6B;AAC7B,2DAAqC;AAmB9B,IAAM,iBAAiB,GAAG,UAAC,KAAa,EAAE,OAAe;IAC/D,OAAO,UAAG,KAAK,cAAI,OAAO,UAAO,CAAC,WAAW,EAAE,CAAC;AACjD,CAAC,CAAC;AAFW,QAAA,iBAAiB,qBAE5B;AAEK,IAAM,cAAc,GAAG,UAAC,IAAY;IAC1C,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,2DAAqC;AACrC,mDAA6B;AAC7B,2DAAqC;AAmB9B,IAAM,iBAAiB,GAAG,UAAC,KAAa,EAAE,OAAe;IAC/D,OAAO,UAAG,KAAK,cAAI,OAAO,UAAO,CAAC,WAAW,EAAE,CAAC;AACjD,CAAC,CAAC;AAFW,QAAA,iBAAiB,qBAE5B;AAEK,IAAM,cAAc,GAAG,UAAC,IAAY;IAC1C,IAAM,UAAU,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAChF,OAAO,qBAAc,UAAU,CAAE,CAAC;AACnC,CAAC,CAAC;AAHW,QAAA,cAAc,kBAGzB;AAEF,sGAAsG;AACtG,oHAAoH;AAC7G,IAAM,eAAe,GAAG,UAAC,MAAoB,EAAE,UAAwB;IAC7E,MAAM,CAAC,IAAI,CAAC,UAAO,MAAM,EAAE,IAAI;;;;;;oBAC9B,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,IAAI,MAAM,CAAC,gBAAgB,EAAE;wBAC7E,sBAAO,IAAI,CAAC,MAAM,CAAC,EAAC;qBACpB;oBAEK,GAAG,GAAG,UAAU,EAAE,CAAC;oBAEzB,uDAAuD;oBACvD,IAAI,GAAG,KAAK,IAAI,EAAE;wBACjB,sBAAO,IAAI,CAAC,MAAM,CAAC,EAAC;qBACpB;oBACO,IAAI,GAAc,GAAG,KAAjB,EAAE,OAAO,GAAK,GAAG,QAAR,CAAS;oBAExB,MAAM,GAAG,IAAA,sBAAc,EAAC,IAAI,CAAC,CAAC;oBAEpC,0EAA0E;oBAC1E,qDAAqD;oBACrD,IAAI,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE;wBAC5B,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;qBACtC;oBAGK,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;;;;oBAG5D,qBAAM,MAAM,CAAC,YAAY;4BAC1C,oJAAoJ;4BACpJ,MAAM,CAAC,eAAe,CAAC,mBAAY,MAAM,CAAE,CAAC;2BAEzC,IAAA,oBAAO,EAAC,OAAO,CAAC,CAAC,GAAG,CAAC,UAAC,EAAY;gCAAX,GAAG,QAAA,EAAE,KAAK,QAAA;4BACnC,IAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;4BAC9C,OAAO,MAAM,CAAC,SAAS,0GAAA,oBAAqB,EAAO,IAAK,EAAK,WAAW,KAA5B,OAAO,EAAK,KAAK,EAAY;wBAC1E,CAAC,CAAC,SACC;4BACF,6BAA6B;4BAC7B,eAAe;4BACf,oDAAoD;4BACpD,0CAA0C;4BACzC,MAAc,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;4BACtD,iCAAiC;4BACjC,MAAM,CAAC,eAAe,CAAC,eAAe,CAAC;yBACvC,SACA,EAAA;;oBAjBI,SAAS,GAAG,SAiBhB;oBACI,YAAY,GAAG,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;oBAErD,+GAA+G;oBAC/G,6MAA6M;oBAC7M,oEAAoE;oBACpE,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE;wBACjB,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;wBACnD,IACC,UAAU,CAAC,MAAM,KAAK,CAAC;4BACvB,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;4BAC1B,UAAU,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;4BAC7D,UAAU,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAC7C;4BACD,sBAAO,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAC;yBACnC;qBACD;oBACD,sBAAO,YAAY,EAAC;;;oBAEpB,yDAAyD;oBACzD,IAAI,MAAA,GAAC,CAAC,OAAO,0CAAE,QAAQ,CAAC,sDAAsD,CAAC,EAAE;wBAChF,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;qBACtE;oBAED,MAAM,GAAC,CAAC;;;;SAET,CAAC,CAAC;AACJ,CAAC,CAAC;AAtEW,QAAA,eAAe,mBAsE1B;AAEF,IAAM,MAAM,GAAG,UACd,MAAoB,EACpB,KAAa,EACb,QAAgB,EAChB,SAAoD,EACpD,UAAkB;;;;;gBAGZ,UAAU,GAAG,UAAG,QAAQ,YAAS,CAAC;gBACpB,qBAAM,MAAM,CAAC,eAAe,CAAC,wEACU,KAAK,iCAAuB,UAAU,WAChG,CAAC,EAAA;;gBAFI,IAAI,GAAU,SAElB;qBAEE,CAAA,IAAI,CAAC,MAAM,KAAK,CAAC,CAAA,EAAjB,wBAAiB;qBAEhB,CAAA,SAAS,KAAK,QAAQ,CAAA,EAAtB,wBAAsB;gBACzB,qBAAM,MAAM,CAAC,eAAe,CAAC,kCACR,UAAU,8BAAiB,KAAK,oBAAS,SAAS,iBAAO,QAAQ,0BAAgB,UAAU,eAC5G,CAAC,EAAA;;gBAFL,SAEK,CAAC;;oBAEN,qBAAM,MAAM,CAAC,eAAe,CAAC,kCACR,UAAU,8BAAiB,KAAK,oBAAS,SAAS,iBAAO,QAAQ,qBAAW,UAAU,eACvG,CAAC,EAAA;;gBAFL,SAEK,CAAC;;;;qBAEG,CAAA,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAAA,EAA3B,yBAA2B;qBACjC,CAAA,SAAS,KAAK,QAAQ,CAAA,EAAtB,wBAAsB;gBACzB,qBAAM,MAAM,CAAC,eAAe,CAAC,iCACT,UAAU,8BAAiB,KAAK,mBAAQ,QAAQ,0BAAgB,UAAU,eAC1F,CAAC,EAAA;;gBAFL,SAEK,CAAC;;oBAEN,qBAAM,MAAM,CAAC,eAAe,CAAC,iCACT,UAAU,8BAAiB,KAAK,mBAAQ,QAAQ,qBAAW,UAAU,eACrF,CAAC,EAAA;;gBAFL,SAEK,CAAC;;;;;KAGR,CAAC;AAEK,IAAM,WAAW,GAAG,UAAO,EAUjC;QATA,MAAM,YAAA,EACN,eAAe,qBAAA,EACf,QAAQ,cAAA;;;;;;oBAQF,SAAS,GAA4B,EAAE,CAAC;oBAExC,MAAM,GAAI,MAAc,CAAC,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,IAAI,EAAN,CAAM,CAAa,CAAC;oBAC9F,WAA0B,EAAN,iBAAM,EAAN,oBAAM,EAAN,IAAM,EAAE;wBAAjB,KAAK;wBACf,SAAS,CAAC,KAAK,CAAC,GAAG;4BAClB,MAAM,EAAE;gCACP,WAAW,EAAE,iBAAU,KAAK,CAAE;gCAC9B,UAAU,EAAE,MAAM;gCAClB,SAAS,EAAE,QAAQ;gCACnB,KAAK,OAAA;gCACL,IAAI,EAAE,QAAQ;6BACd;4BACD,IAAI,EAAE;gCACL,WAAW,EAAE,eAAQ,KAAK,CAAE;gCAC5B,UAAU,EAAE,MAAM;gCAClB,SAAS,EAAE,QAAQ;gCACnB,KAAK,OAAA;gCACL,IAAI,EAAE,MAAM;6BACZ;4BACD,MAAM,EAAE;gCACP,WAAW,EAAE,iBAAU,KAAK,CAAE;gCAC9B,UAAU,EAAE,MAAM;gCAClB,SAAS,EAAE,QAAQ;gCACnB,KAAK,OAAA;gCACL,IAAI,EAAE,QAAQ;6BACd;4BACD,QAAM,EAAE;gCACP,WAAW,EAAE,iBAAU,KAAK,CAAE;gCAC9B,UAAU,EAAE,MAAM;gCAClB,SAAS,EAAE,QAAQ;gCACnB,KAAK,OAAA;gCACL,IAAI,EAAE,QAAQ;6BACd;yBACD,CAAC;wBACF,IAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAG,KAAK,CAAC,EAAE;4BAC7B,KAAW,OAAO,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE;gCAC7C,SAAS,CAAC,KAAK,CAAE,CAAC,OAAO,CAAC,yBACtB,eAAe,CAAC,KAAK,CAAE,CAAC,OAAO,CAAC,KACnC,KAAK,OAAA,EACL,IAAI,EAAE,OAAO,GACb,CAAC;6BACF;yBACD;qBACD;oBAEK,KAAK,GAAG,QAAQ,CAAC,SAA2B,CAAC,CAAC;yBAIhC,SAAS;;;;;;;;;;;oBACtB,KAAK,GAAG,KAAK,CAAC;oBAEpB,qBAAM,MAAM,CAAC,eAAe,CAAC,wBAAgB,KAAK,iCAA6B,CAAC,EAAA;;oBAAhF,SAAgF,CAAC;yBAE9D,SAAS,CAAC,KAA+B,CAAC;;;;;;;;;;;oBACtD,OAAO,GAAG,SAAS,CAAC,KAA+B,CAAE,CAAC,IAAI,CAAC,CAAC;oBAC5D,QAAQ,GAAG,IAAA,yBAAiB,EAAC,KAAK,EAAE,IAAI,CAAC,CAAC;oBAEhD,+BAA+B;oBAC/B,qBAAM,MAAM,CAAC,eAAe,CAAC,6HAI4C,QAAQ,6CAC5D,QAAQ,gCACd,OAAO,CAAC,SAAS,mBAAQ,KAAK,mBAAQ,QAAQ,mEAKzD,CAAC,EAAA;;oBAZL,+BAA+B;oBAC/B,SAWK,CAAC;yBAEF,OAAO,CAAC,UAAU,EAAlB,wBAAkB;oBACrB,qBAAM,MAAM,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,EAAA;;oBAA5E,SAA4E,CAAC;;;;;;;;;yBAQ9D,KAAK;;;;;;;;;;;oBAChB,IAAI,GAAG,IAAA,sBAAc,EAAC,GAAG,CAAC,CAAC;oBACjC,qBAAM,MAAM,CAAC,eAAe,CAAC,qHAI2C,IAAI,2CACxD,IAAI,yDAKrB,CAAC,EAAA;;oBAVJ,SAUI,CAAC;oBAEL,4IAA4I;oBAC5I,+JAA+J;oBAC/J,qBAAM,MAAM,CAAC,eAAe,CAAC,8DACkB,IAAI,YAClD,CAAC,EAAA;;oBAJF,4IAA4I;oBAC5I,+JAA+J;oBAC/J,SAEE,CAAC;oBACH,qBAAM,MAAM,CAAC,eAAe,CAAC,iEACqB,IAAI,YACrD,CAAC,EAAA;;oBAFF,SAEE,CAAC;oBACH,qBAAM,MAAM,CAAC,eAAe,CAAC,gDACI,IAAI,YACpC,CAAC,EAAA;;oBAFF,SAEE,CAAC;oBAEG,iBAAiB,GAAG,IAAA,oBAAO,EAAC,SAAS,EAAE,UAAC,KAAK,EAAE,SAAS;wBAC7D,OAAO,IAAA,gBAAG,EAAC,KAAK,EAAE,UAAC,MAAM,EAAE,IAAI;4BAC9B,OAAO,IAAA,yBAAiB,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC;wBAC3C,CAAC,CAAC,CAAC;oBACJ,CAAC,CAAC,CAAC;oBACG,aAAa,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC3B,QAAQ,GACb,aAAa,KAAK,GAAG;wBACpB,CAAC,CAAC,iBAAiB;wBACnB,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,UAAC,OAAO,IAAK,OAAA,IAAA,yBAAiB,EAAC,OAAO,CAAC,KAAM,EAAE,OAAO,CAAC,IAAK,CAAC,EAAhD,CAAgD,CAAC,CAAC;oBACrF,qBAAM,MAAM,CAAC,eAAe,CAAC,gBAAS,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAO,IAAI,CAAE,CAAC,EAAA;;oBAAvE,SAAuE,CAAC;;;;;;;;;CAEzE,CAAC;AAlIW,QAAA,WAAW,eAkItB;AA2BK,IAAM,KAAK,GAAG,UAAO,EAA8D;QAA5D,MAAM,YAAA,EAAE,eAAe,qBAAA,EAAE,QAAQ,cAAA,EAAE,UAAU,gBAAA;;;;wBAC1E,qBAAM,IAAA,mBAAW,EAAC,EAAE,MAAM,QAAA,EAAE,eAAe,iBAAA,EAAE,QAAQ,UAAA,EAAE,CAAC,EAAA;;oBAAxD,SAAwD,CAAC;oBACzD,IAAA,uBAAe,EAAC,MAAM,EAAE,UAAU,CAAC,CAAC;;;;;CACpC,CAAC;AAHW,QAAA,KAAK,SAGhB"}
|
package/images/yates-icon.png
CHANGED
|
Binary file
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cerebruminc/yates",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.2",
|
|
4
4
|
"description": "Role based access control for Prisma Apps",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"build": "tsc",
|
|
9
9
|
"test": "rome ci src",
|
|
10
10
|
"test:integration": "jest test/integration",
|
|
11
|
-
"test:compose:integration": "docker-compose --profile with-sut up db sut --exit-code-from sut",
|
|
11
|
+
"test:compose:integration": "docker compose -f docker-compose.yml --profile with-sut up db sut --exit-code-from sut",
|
|
12
12
|
"setup": "prisma generate && prisma migrate dev",
|
|
13
13
|
"prepublishOnly": "npm run build"
|
|
14
14
|
},
|
|
@@ -18,11 +18,13 @@
|
|
|
18
18
|
"@prisma/client": "^4.0.0",
|
|
19
19
|
"@types/jest": "^29.2.6",
|
|
20
20
|
"@types/lodash": "^4.14.191",
|
|
21
|
+
"@types/uuid": "^9.0.0",
|
|
21
22
|
"jest": "^29.3.1",
|
|
22
23
|
"prisma": "^4.9.0",
|
|
23
24
|
"rome": "^11.0.0",
|
|
24
25
|
"ts-jest": "^29.0.5",
|
|
25
|
-
"typescript": "^4.9.4"
|
|
26
|
+
"typescript": "^4.9.4",
|
|
27
|
+
"uuid": "^9.0.0"
|
|
26
28
|
},
|
|
27
29
|
"dependencies": {
|
|
28
30
|
"lodash": "^4.17.21"
|
|
@@ -31,4 +33,4 @@
|
|
|
31
33
|
"@prisma/client": "^4.0.0",
|
|
32
34
|
"prisma": "^4.9.0"
|
|
33
35
|
}
|
|
34
|
-
}
|
|
36
|
+
}
|
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
name: Integration testing
|
|
2
|
-
|
|
3
|
-
on:
|
|
4
|
-
pull_request:
|
|
5
|
-
types: [opened, synchronize, closed]
|
|
6
|
-
|
|
7
|
-
jobs:
|
|
8
|
-
docker_test:
|
|
9
|
-
permissions:
|
|
10
|
-
id-token: write
|
|
11
|
-
contents: read
|
|
12
|
-
runs-on: ubuntu-20.04
|
|
13
|
-
name: integration testing in docker compose
|
|
14
|
-
defaults:
|
|
15
|
-
run:
|
|
16
|
-
shell: bash --noprofile --norc -eo pipefail -x {0}
|
|
17
|
-
|
|
18
|
-
env:
|
|
19
|
-
DOCKER_BUILDKIT: "1"
|
|
20
|
-
|
|
21
|
-
strategy:
|
|
22
|
-
fail-fast: false
|
|
23
|
-
|
|
24
|
-
steps:
|
|
25
|
-
- name: Checkout
|
|
26
|
-
uses: actions/checkout@v1
|
|
27
|
-
|
|
28
|
-
- name: Run docker compose tests
|
|
29
|
-
# In a test environment we can use default env vars, by copying from .env.sample
|
|
30
|
-
run: |
|
|
31
|
-
cp .env.sample .env
|
|
32
|
-
yarn run test:compose:integration
|
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
name: Publish beta package
|
|
2
|
-
on:
|
|
3
|
-
pull_request:
|
|
4
|
-
branches:
|
|
5
|
-
- master
|
|
6
|
-
jobs:
|
|
7
|
-
release:
|
|
8
|
-
runs-on: ubuntu-latest
|
|
9
|
-
env:
|
|
10
|
-
CEREBRUM_NPM_TOKEN: ${{ secrets.CEREBRUM_NPM_TOKEN }}
|
|
11
|
-
steps:
|
|
12
|
-
# Checkout project repository
|
|
13
|
-
- name: Checkout
|
|
14
|
-
uses: actions/checkout@v2.3.4
|
|
15
|
-
|
|
16
|
-
# Setup Node.js environment
|
|
17
|
-
- name: Setup Node.js
|
|
18
|
-
uses: actions/setup-node@v2
|
|
19
|
-
with:
|
|
20
|
-
registry-url: https://registry.npmjs.org/
|
|
21
|
-
node-version: 16
|
|
22
|
-
|
|
23
|
-
# Use a cache for dependencies
|
|
24
|
-
- uses: actions/cache@v2.1.4
|
|
25
|
-
with:
|
|
26
|
-
path: "**/node_modules"
|
|
27
|
-
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
|
|
28
|
-
|
|
29
|
-
# Install dependencies so that prepublish scripts work as expected
|
|
30
|
-
- name: Install deps
|
|
31
|
-
run: npm i
|
|
32
|
-
|
|
33
|
-
# Update package version to a beta release, including the git commit sha
|
|
34
|
-
- name: Bump package.json
|
|
35
|
-
run: |
|
|
36
|
-
npm --no-git-tag-version version $(npm show . version)-beta.dangerous.$(git rev-parse --short HEAD)
|
|
37
|
-
# Publish version to npm
|
|
38
|
-
- name: Publish beta package
|
|
39
|
-
run: npm publish --tag beta
|
|
40
|
-
env:
|
|
41
|
-
NODE_AUTH_TOKEN: ${{ secrets.CEREBRUM_PUBLISH_NPM_TOKEN }}
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
on:
|
|
2
|
-
push:
|
|
3
|
-
branches:
|
|
4
|
-
- master
|
|
5
|
-
|
|
6
|
-
name: release-please
|
|
7
|
-
jobs:
|
|
8
|
-
release-please:
|
|
9
|
-
runs-on: ubuntu-latest
|
|
10
|
-
env:
|
|
11
|
-
CEREBRUM_NPM_TOKEN: ${{ secrets.CEREBRUM_NPM_TOKEN }}
|
|
12
|
-
steps:
|
|
13
|
-
- uses: google-github-actions/release-please-action@v3
|
|
14
|
-
id: release
|
|
15
|
-
with:
|
|
16
|
-
release-type: node
|
|
17
|
-
package-name: release-please-action
|
|
18
|
-
# The logic below handles the npm publication:
|
|
19
|
-
- uses: actions/checkout@v2
|
|
20
|
-
# these if statements ensure that a publication only occurs when
|
|
21
|
-
# a new release is created:
|
|
22
|
-
if: ${{ steps.release.outputs.release_created }}
|
|
23
|
-
- uses: actions/setup-node@v1
|
|
24
|
-
with:
|
|
25
|
-
node-version: 16
|
|
26
|
-
registry-url: "https://registry.npmjs.org"
|
|
27
|
-
if: ${{ steps.release.outputs.release_created }}
|
|
28
|
-
- run: npm i
|
|
29
|
-
if: ${{ steps.release.outputs.release_created }}
|
|
30
|
-
- run: npm publish
|
|
31
|
-
env:
|
|
32
|
-
NODE_AUTH_TOKEN: ${{secrets.CEREBRUM_PUBLISH_NPM_TOKEN}}
|
|
33
|
-
if: ${{ steps.release.outputs.release_created }}
|
package/Dockerfile.sut
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
# This container is used to run e2e tests against the built API container
|
|
2
|
-
FROM node:latest
|
|
3
|
-
|
|
4
|
-
COPY package.json /app/package.json
|
|
5
|
-
COPY package-lock.json /app/package-lock.json
|
|
6
|
-
|
|
7
|
-
WORKDIR /app
|
|
8
|
-
|
|
9
|
-
RUN npm i
|
|
10
|
-
|
|
11
|
-
COPY . .
|
|
12
|
-
|
|
13
|
-
CMD /bin/bash -c "npm run setup && npm run test:integration"
|
package/docker-compose.yml
DELETED
|
@@ -1,36 +0,0 @@
|
|
|
1
|
-
version: "3.7"
|
|
2
|
-
networks:
|
|
3
|
-
internal: {}
|
|
4
|
-
services:
|
|
5
|
-
sut:
|
|
6
|
-
build:
|
|
7
|
-
context: .
|
|
8
|
-
dockerfile: ./Dockerfile.sut
|
|
9
|
-
profiles:
|
|
10
|
-
- with-sut
|
|
11
|
-
depends_on:
|
|
12
|
-
db:
|
|
13
|
-
condition: service_healthy
|
|
14
|
-
ports:
|
|
15
|
-
- 8000:8000
|
|
16
|
-
networks:
|
|
17
|
-
- internal
|
|
18
|
-
environment:
|
|
19
|
-
- DATABASE_URL=postgresql://postgres:postgres@db:5432/yates?connection_limit=30
|
|
20
|
-
|
|
21
|
-
db:
|
|
22
|
-
image: postgres:11
|
|
23
|
-
restart: always
|
|
24
|
-
environment:
|
|
25
|
-
POSTGRES_USER: postgres
|
|
26
|
-
POSTGRES_PASSWORD: postgres
|
|
27
|
-
POSTGRES_DB: yates
|
|
28
|
-
ports:
|
|
29
|
-
- 5432:5432
|
|
30
|
-
networks:
|
|
31
|
-
- internal
|
|
32
|
-
healthcheck:
|
|
33
|
-
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
34
|
-
interval: 5s
|
|
35
|
-
timeout: 5s
|
|
36
|
-
retries: 5
|
package/jest.config.js
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
-- CreateEnum
|
|
2
|
-
CREATE TYPE "Role" AS ENUM ('USER', 'ADMIN');
|
|
3
|
-
|
|
4
|
-
-- CreateTable
|
|
5
|
-
CREATE TABLE "User" (
|
|
6
|
-
"id" SERIAL NOT NULL,
|
|
7
|
-
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
|
8
|
-
"email" TEXT NOT NULL,
|
|
9
|
-
"name" TEXT,
|
|
10
|
-
"role" "Role" NOT NULL DEFAULT 'USER',
|
|
11
|
-
|
|
12
|
-
CONSTRAINT "User_pkey" PRIMARY KEY ("id")
|
|
13
|
-
);
|
|
14
|
-
|
|
15
|
-
-- CreateTable
|
|
16
|
-
CREATE TABLE "Post" (
|
|
17
|
-
"id" SERIAL NOT NULL,
|
|
18
|
-
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
|
19
|
-
"updatedAt" TIMESTAMP(3) NOT NULL,
|
|
20
|
-
"published" BOOLEAN NOT NULL DEFAULT false,
|
|
21
|
-
"title" VARCHAR(255) NOT NULL,
|
|
22
|
-
"authorId" INTEGER,
|
|
23
|
-
|
|
24
|
-
CONSTRAINT "Post_pkey" PRIMARY KEY ("id")
|
|
25
|
-
);
|
|
26
|
-
|
|
27
|
-
-- CreateIndex
|
|
28
|
-
CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
|
|
29
|
-
|
|
30
|
-
-- AddForeignKey
|
|
31
|
-
ALTER TABLE "Post" ADD CONSTRAINT "Post_authorId_fkey" FOREIGN KEY ("authorId") REFERENCES "User"("id") ON DELETE SET NULL ON UPDATE CASCADE;
|
package/prisma/schema.prisma
DELETED
|
@@ -1,34 +0,0 @@
|
|
|
1
|
-
// This is a sample Prisma schema file used for development and testing
|
|
2
|
-
// It it is taken from https://www.prisma.io/docs/concepts/components/prisma-schema and is not intended to be used in production
|
|
3
|
-
datasource db {
|
|
4
|
-
provider = "postgresql"
|
|
5
|
-
url = env("DATABASE_URL")
|
|
6
|
-
}
|
|
7
|
-
|
|
8
|
-
generator client {
|
|
9
|
-
provider = "prisma-client-js"
|
|
10
|
-
}
|
|
11
|
-
|
|
12
|
-
model User {
|
|
13
|
-
id Int @id @default(autoincrement())
|
|
14
|
-
createdAt DateTime @default(now())
|
|
15
|
-
email String @unique
|
|
16
|
-
name String?
|
|
17
|
-
role Role @default(USER)
|
|
18
|
-
posts Post[]
|
|
19
|
-
}
|
|
20
|
-
|
|
21
|
-
model Post {
|
|
22
|
-
id Int @id @default(autoincrement())
|
|
23
|
-
createdAt DateTime @default(now())
|
|
24
|
-
updatedAt DateTime @updatedAt
|
|
25
|
-
published Boolean @default(false)
|
|
26
|
-
title String @db.VarChar(255)
|
|
27
|
-
author User? @relation(fields: [authorId], references: [id])
|
|
28
|
-
authorId Int?
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
enum Role {
|
|
32
|
-
USER
|
|
33
|
-
ADMIN
|
|
34
|
-
}
|
package/rome.json
DELETED
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
import { PrismaClient } from "@prisma/client";
|
|
2
|
-
import { setup } from "../../src";
|
|
3
|
-
|
|
4
|
-
describe("setup", () => {
|
|
5
|
-
describe("params.getRoles()", () => {
|
|
6
|
-
it("should provide a set of built-in abilities for CRUD operations", async () => {
|
|
7
|
-
const prisma = new PrismaClient();
|
|
8
|
-
|
|
9
|
-
const getRoles = jest.fn((_abilities) => {
|
|
10
|
-
return {
|
|
11
|
-
USER: "*",
|
|
12
|
-
} as any;
|
|
13
|
-
});
|
|
14
|
-
|
|
15
|
-
await setup({
|
|
16
|
-
prisma,
|
|
17
|
-
getRoles,
|
|
18
|
-
getContext: () => null,
|
|
19
|
-
});
|
|
20
|
-
|
|
21
|
-
expect(getRoles.mock.calls).toHaveLength(1);
|
|
22
|
-
const abilities = getRoles.mock.calls[0][0];
|
|
23
|
-
|
|
24
|
-
expect(Object.keys(abilities)).toStrictEqual(["User", "Post"]);
|
|
25
|
-
expect(Object.keys(abilities.User)).toStrictEqual(["create", "read", "update", "delete"]);
|
|
26
|
-
expect(Object.keys(abilities.Post)).toStrictEqual(["create", "read", "update", "delete"]);
|
|
27
|
-
});
|
|
28
|
-
});
|
|
29
|
-
});
|
package/tsconfig.json
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"compilerOptions": {
|
|
3
|
-
"esModuleInterop": true,
|
|
4
|
-
"lib": ["es2020"],
|
|
5
|
-
"module": "CommonJS",
|
|
6
|
-
"outDir": "./dist",
|
|
7
|
-
"sourceMap": true,
|
|
8
|
-
"strict": true,
|
|
9
|
-
"useUnknownInCatchVariables": false,
|
|
10
|
-
"declaration": true
|
|
11
|
-
},
|
|
12
|
-
"include": ["src/**/*"]
|
|
13
|
-
}
|