@cosmicdrift/kumiko-bundled-features 0.14.0 → 0.16.0

package/src/user-data-rights/__tests__/request-cancel-deletion.integration.ts

@@ -9,6 +9,8 @@
 // User-Explicit-Anforderung "exporte + fristen" — der Frist-Set-Pfad ist
 // hier; der Frist-Ablauf-Cleanup folgt mit S2.U5b.
 
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { asRawClient, insertOne, selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import { createEventsTable } from "@cosmicdrift/kumiko-framework/event-store";
 import {
   createTestUser,
@@ -19,8 +21,6 @@ import {
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
 import { getTemporal } from "@cosmicdrift/kumiko-framework/time";
-import { eq, sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import {
   createComplianceProfilesFeature,
   tenantComplianceProfileEntity,
@@ -71,9 +71,9 @@ afterAll(async () => {
 beforeEach(async () => {
   // Hard-clean User-Rows fuer einen sauberen Start je Test. softDelete
   // wuerde sonst row-state aus voherigen Tests einschleppen.
-  await stack.db.delete(userTable);
-  await stack.db.execute(sql`DELETE FROM read_tenant_compliance_profiles`);
-  await stack.db.execute(sql`DELETE FROM kumiko_events`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM "${userTable.tableName}"`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_tenant_compliance_profiles`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM kumiko_events`);
 });
 
 // gracePeriodEnd ist `instant()` (Temporal.Instant in JS). Nicht JS-Date —
@@ -91,7 +91,7 @@ async function seedAlice(
     gracePeriodEnd: Instant | null;
   }> = {},
 ): Promise<void> {
-  await stack.db.insert(userTable).values({
+  await insertOne(stack.db, userTable, {
     id: aliceUser.id,
     tenantId: tenantA,
     email: "alice@example.com",
@@ -109,14 +109,10 @@ async function fetchAlice(): Promise<{
   status: string;
   gracePeriodEnd: Instant | null;
 } | null> {
-  const rows = (await stack.db
-    .select({
-      status: userTable["status"],
-      gracePeriodEnd: userTable["gracePeriodEnd"],
-    })
-    .from(userTable)
-    .where(eq(userTable["id"], aliceUser.id))
-    .limit(1)) as Array<{ status: string; gracePeriodEnd: Instant | null }>;
+  const rows = (await selectMany(stack.db, userTable, { id: aliceUser.id })) as Array<{
+    status: string;
+    gracePeriodEnd: Instant | null;
+  }>;
   return rows[0] ?? null;
 }
 
@@ -348,7 +344,7 @@ describe("Cross-User-Isolation", () => {
       tenantId: tenantA,
       roles: ["Member"],
     });
-    await stack.db.insert(userTable).values({
+    await insertOne(stack.db, userTable, {
       id: testUserId(43),
       tenantId: tenantA,
       email: "bob@example.com",

package/src/user-data-rights/__tests__/request-deletion-callback.integration.ts

@@ -7,6 +7,8 @@
 // Der Code-Comment in handlers/request-deletion.write.ts behauptet beide
 // Properties — dieser Test verifiziert sie end-to-end.
 
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { asRawClient, insertOne, selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import { createEventsTable } from "@cosmicdrift/kumiko-framework/event-store";
 import {
   createTestUser,
@@ -15,8 +17,6 @@ import {
   testTenantId,
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { eq, sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import {
   createComplianceProfilesFeature,
   tenantComplianceProfileEntity,
@@ -76,13 +76,13 @@ afterAll(async () => {
 beforeEach(async () => {
   state.calls = [];
   state.shouldThrow = false;
-  await stack.db.delete(userTable);
-  await stack.db.execute(sql`DELETE FROM read_tenant_compliance_profiles`);
-  await stack.db.execute(sql`DELETE FROM kumiko_events`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM "${userTable.tableName}"`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_tenant_compliance_profiles`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM kumiko_events`);
 });
 
 async function seedAlice(email: string = "alice@example.com"): Promise<void> {
-  await stack.db.insert(userTable).values({
+  await insertOne(stack.db, userTable, {
     id: aliceUser.id,
     tenantId: tenantA,
     email,
@@ -137,11 +137,9 @@ describe("request-deletion :: sendDeletionRequestedEmail callback", () => {
     // DB-State ist tatsaechlich geflipt — der zentrale "best-effort"-
     // Beweis. Wenn das Write die Email-Failure-Exception bubbelt, waere
     // der Status hier noch Active.
-    const rows = (await stack.db
-      .select({ status: userTable["status"] })
-      .from(userTable)
-      .where(eq(userTable["id"], aliceUser.id))
-      .limit(1)) as Array<{ status: string }>;
+    const rows = (await selectMany(stack.db, userTable, { id: aliceUser.id })) as Array<{
+      status: string;
+    }>;
     expect(rows[0]?.status).toBe(USER_STATUS.DeletionRequested);
   });
 
@@ -152,7 +150,7 @@ describe("request-deletion :: sendDeletionRequestedEmail callback", () => {
   });
 
   test("422 user_not_in_active_state → callback NICHT gefeuert", async () => {
-    await stack.db.insert(userTable).values({
+    await insertOne(stack.db, userTable, {
       id: aliceUser.id,
       tenantId: tenantA,
       email: "alice@example.com",

package/src/user-data-rights/__tests__/request-export.integration.ts

@@ -17,6 +17,13 @@
 //   - Status-Polling: User sieht eigene Jobs, Cross-User-Isolation,
 //     hasJob=false wenn nichts da
 
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import {
+  asRawClient,
+  insertOne,
+  selectMany,
+  updateMany,
+} from "@cosmicdrift/kumiko-framework/bun-db";
 import { createEventsTable } from "@cosmicdrift/kumiko-framework/event-store";
 import {
   createTestUser,
@@ -26,8 +33,6 @@ import {
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
 import { getTemporal } from "@cosmicdrift/kumiko-framework/time";
-import { sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import { createComplianceProfilesFeature } from "../../compliance-profiles";
 import { createDataRetentionFeature } from "../../data-retention";
 import { createUserFeature } from "../../user";
@@ -63,8 +68,8 @@ afterAll(async () => {
 });
 
 beforeEach(async () => {
-  await stack.db.delete(exportJobsTable);
-  await stack.db.execute(sql`DELETE FROM kumiko_events`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM "${exportJobsTable.tableName}"`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM kumiko_events`);
 });
 
 type RequestExportResponse = {
@@ -81,7 +86,7 @@ describe("request-export :: happy path", () => {
     expect(result.status).toBe(EXPORT_JOB_STATUS.Pending);
     expect(result.jobId).toMatch(/^[0-9a-f]{8}-[0-9a-f]{4}-/);
 
-    const rows = await stack.db.select().from(exportJobsTable);
+    const rows = await selectMany(stack.db, exportJobsTable);
     expect(rows).toHaveLength(1);
     // biome-ignore lint/suspicious/noExplicitAny: drizzle-row typing
     expect((rows[0] as any).userId).toBe(aliceUser.id);
@@ -94,7 +99,7 @@ describe("request-export :: happy path", () => {
   test("Event 'export-job.created' im Stream", async () => {
     await stack.http.writeOk(REQUEST_EXPORT, {}, aliceUser);
 
-    const events = await stack.db.execute(sql`
+    const events = await asRawClient(stack.db).unsafe(`
       SELECT type FROM kumiko_events WHERE aggregate_type = 'export-job'
     `);
     // biome-ignore lint/suspicious/noExplicitAny: drizzle-execute typing
@@ -114,10 +119,10 @@ describe("request-export :: App-side-Idempotency (primaerer Pfad)", () => {
     expect(second.jobId).toBe(first.jobId);
     expect(second.status).toBe(EXPORT_JOB_STATUS.Pending);
 
-    const rows = await stack.db.select().from(exportJobsTable);
+    const rows = await selectMany(stack.db, exportJobsTable);
     expect(rows).toHaveLength(1);
 
-    const events = await stack.db.execute(sql`
+    const events = await asRawClient(stack.db).unsafe(`
       SELECT type FROM kumiko_events WHERE aggregate_type = 'export-job'
     `);
     // biome-ignore lint/suspicious/noExplicitAny: drizzle-execute typing
@@ -128,16 +133,18 @@ describe("request-export :: App-side-Idempotency (primaerer Pfad)", () => {
   test("Klick nach done-Job ist NEUER Job (Audit-Historie wird nicht blockiert)", async () => {
     const first = await stack.http.writeOk<RequestExportResponse>(REQUEST_EXPORT, {}, aliceUser);
     // Worker-Simulation: status auf done flippen (direct-update OK in Test)
-    await stack.db
-      .update(exportJobsTable)
-      .set({ status: EXPORT_JOB_STATUS.Done })
-      .where(sql`id = ${first.jobId}`);
+    await updateMany(
+      stack.db,
+      exportJobsTable,
+      { status: EXPORT_JOB_STATUS.Done },
+      { id: first.jobId },
+    );
 
     const second = await stack.http.writeOk<RequestExportResponse>(REQUEST_EXPORT, {}, aliceUser);
     expect(second.isExisting).toBe(false);
     expect(second.jobId).not.toBe(first.jobId);
 
-    const rows = await stack.db.select().from(exportJobsTable);
+    const rows = await selectMany(stack.db, exportJobsTable);
     expect(rows).toHaveLength(2);
   });
 });
@@ -154,7 +161,7 @@ describe("request-export :: Cross-Tenant (Plan-Doc-Pflicht-Test)", () => {
     expect(fromB.jobId).toBe(fromA.jobId);
 
     // Genau 1 Job (kein 2. fuer Tenant B)
-    const rows = await stack.db.select().from(exportJobsTable);
+    const rows = await selectMany(stack.db, exportJobsTable);
     expect(rows).toHaveLength(1);
     // requestedFromTenantId = Tenant aus 1. Klick (= A), nicht B
     // biome-ignore lint/suspicious/noExplicitAny: drizzle-row typing
@@ -183,7 +190,7 @@ describe("request-export :: Race-Schutz (Promise.all parallel)", () => {
     const winners = [a, b].filter((r) => r.isExisting === false);
     expect(winners).toHaveLength(1);
 
-    const rows = await stack.db.select().from(exportJobsTable);
+    const rows = await selectMany(stack.db, exportJobsTable);
     expect(rows).toHaveLength(1);
   });
 
@@ -241,7 +248,7 @@ describe("export-status :: User-Polling", () => {
     const T = getTemporal();
     // 1. Job done in der Vergangenheit
     const oldJobId = "11111111-1111-4111-8111-111111111111";
-    await stack.db.insert(exportJobsTable).values({
+    await insertOne(stack.db, exportJobsTable, {
       id: oldJobId,
       tenantId: tenantA,
       userId: aliceUser.id,

package/src/user-data-rights/__tests__/restriction-flow.integration.ts

@@ -10,7 +10,9 @@
 //   - State-Transition-Matrix: Active↔Restricted, andere Uebergaenge
 //     fehlgeschlagen mit klaren error codes
 
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
 import { randomBytes } from "node:crypto";
+import { asRawClient, selectMany, updateMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import { createEncryptionProvider } from "@cosmicdrift/kumiko-framework/db";
 import type { TenantId } from "@cosmicdrift/kumiko-framework/engine";
 import { createEventsTable } from "@cosmicdrift/kumiko-framework/event-store";
@@ -23,8 +25,6 @@ import {
   unsafePushTables,
 } from "@cosmicdrift/kumiko-framework/stack";
 import { createLateBoundHolder } from "@cosmicdrift/kumiko-framework/testing";
-import { eq, sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import { AuthErrors, AuthHandlers } from "../../auth-email-password/constants";
 import { createAuthEmailPasswordFeature } from "../../auth-email-password/feature";
 import { hashPassword } from "../../auth-email-password/password-hashing";
@@ -97,11 +97,11 @@ afterAll(async () => {
 });
 
 beforeEach(async () => {
-  await stack.db.delete(userSessionTable);
-  await stack.db.delete(userTable);
-  await stack.db.delete(tenantMembershipsTable);
-  await stack.db.execute(sql`DELETE FROM read_tenant_compliance_profiles`);
-  await stack.db.execute(sql`DELETE FROM kumiko_events`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM "${userSessionTable.tableName}"`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM "${userTable.tableName}"`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM "${tenantMembershipsTable.tableName}"`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_tenant_compliance_profiles`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM kumiko_events`);
 });
 
 async function seedAliceWithMembership(
@@ -114,7 +114,7 @@ async function seedAliceWithMembership(
     TestUsers.systemAdmin,
   );
   if (status !== USER_STATUS.Active) {
-    await stack.db.update(userTable).set({ status }).where(eq(userTable["id"], created.id));
+    await updateMany(stack.db, userTable, { status }, { id: created.id });
   }
   await seedTenantMembership(stack.db, {
     userId: created.id,
@@ -141,10 +141,7 @@ describe("S2.U6 :: restrict-account state-transitions", () => {
     expect(loginRes.status).toBe(200);
 
     // Session-Row vorhanden + live (revokedAt=null).
-    const sessionsBefore = (await stack.db
-      .select({ id: userSessionTable["id"], revokedAt: userSessionTable["revokedAt"] })
-      .from(userSessionTable)
-      .where(eq(userSessionTable["userId"], userId))) as Array<{
+    const sessionsBefore = (await selectMany(stack.db, userSessionTable, { userId })) as Array<{
       id: string;
       revokedAt: unknown;
     }>;
@@ -166,17 +163,15 @@ describe("S2.U6 :: restrict-account state-transitions", () => {
     expect(result.userId).toBe(userId);
 
     // DB-State: status=Restricted.
-    const userRow = (await stack.db
-      .select({ status: userTable["status"] })
-      .from(userTable)
-      .where(eq(userTable["id"], userId))) as Array<{ status: string }>;
+    const userRow = (await selectMany(stack.db, userTable, { id: userId })) as Array<{
+      status: string;
+    }>;
     expect(userRow[0]?.status).toBe(USER_STATUS.Restricted);
 
     // Alle Sessions revoked (revokedAt != null).
-    const sessionsAfter = (await stack.db
-      .select({ revokedAt: userSessionTable["revokedAt"] })
-      .from(userSessionTable)
-      .where(eq(userSessionTable["userId"], userId))) as Array<{ revokedAt: unknown }>;
+    const sessionsAfter = (await selectMany(stack.db, userSessionTable, { userId })) as Array<{
+      revokedAt: unknown;
+    }>;
     expect(sessionsAfter.every((s) => s.revokedAt !== null)).toBe(true);
   });
 
@@ -204,10 +199,9 @@ describe("S2.U6 :: lift-restriction state-transitions", () => {
     const result = await stack.http.writeOk<{ status: string }>(LIFT, {}, aliceUser);
     expect(result.status).toBe(USER_STATUS.Active);
 
-    const userRow = (await stack.db
-      .select({ status: userTable["status"] })
-      .from(userTable)
-      .where(eq(userTable["id"], userId))) as Array<{ status: string }>;
+    const userRow = (await selectMany(stack.db, userTable, { id: userId })) as Array<{
+      status: string;
+    }>;
     expect(userRow[0]?.status).toBe(USER_STATUS.Active);
   });
 
@@ -279,10 +273,9 @@ describe("S2.U6 :: Cross-Feature sessions.revokeAllForUser direct", () => {
     expect(a.status).toBe(200);
     expect(b.status).toBe(200);
 
-    const liveBefore = (await stack.db
-      .select({ id: userSessionTable["id"] })
-      .from(userSessionTable)
-      .where(eq(userSessionTable["userId"], userId))) as Array<{ id: string }>;
+    const liveBefore = (await selectMany(stack.db, userSessionTable, { userId })) as Array<{
+      id: string;
+    }>;
     expect(liveBefore.length).toBe(2);
 
     // System-Caller.
@@ -300,10 +293,9 @@ describe("S2.U6 :: Cross-Feature sessions.revokeAllForUser direct", () => {
     expect(result.userId).toBe(userId);
 
     // Alle revoked.
-    const revoked = (await stack.db
-      .select({ revokedAt: userSessionTable["revokedAt"] })
-      .from(userSessionTable)
-      .where(eq(userSessionTable["userId"], userId))) as Array<{ revokedAt: unknown }>;
+    const revoked = (await selectMany(stack.db, userSessionTable, { userId })) as Array<{
+      revokedAt: unknown;
+    }>;
     expect(revoked.every((s) => s.revokedAt !== null)).toBe(true);
   });
 });