npm - @cosmicdrift/kumiko-bundled-features - Versions diffs - 0.14.0 → 0.16.0 - Mend

@cosmicdrift/kumiko-bundled-features 0.14.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (269) hide show

package/src/custom-fields/__tests__/custom-fields.integration.ts CHANGED Viewed

@@ -10,7 +10,9 @@
 // Pattern follows cap-counter.integration.ts: probe-feature mit own entity,
 // wired via wireCustomFieldsFor.
-import { buildDrizzleTable } from "@cosmicdrift/kumiko-framework/db";
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import { buildEntityTable } from "@cosmicdrift/kumiko-framework/db";
 import {
   createEntity,
   createEntityExecutor,
@@ -25,8 +27,6 @@ import {
   type TestStack,
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import { z } from "zod";
 import { fieldDefinitionEntity } from "../entity";
 import { createCustomFieldsFeature } from "../feature";
@@ -41,7 +41,7 @@ const propertyEntity = createEntity({
     customFields: customFieldsField(),
   },
 });
-const propertyTable = buildDrizzleTable("property", propertyEntity);
+const propertyTable = buildEntityTable("property", propertyEntity);
 const propertyFeature = defineFeature("property-test", (r) => {
   r.entity("property", propertyEntity);
@@ -91,9 +91,9 @@ afterAll(async () => {
 beforeEach(async () => {
   // Clean slate per test — event-log + entity-rows.
-  await stack.db.execute(sql`DELETE FROM kumiko_events`);
-  await stack.db.execute(sql`DELETE FROM read_t1_properties`);
-  await stack.db.execute(sql`DELETE FROM read_custom_field_definitions`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM kumiko_events`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_t1_properties`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_custom_field_definitions`);
 });
 // --- Helpers ---

package/src/custom-fields/__tests__/feature.test.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { describe, expect, test } from "vitest";
+import { describe, expect, test } from "bun:test";
 import { fieldDefinitionAggregateId } from "../aggregate-id";
 import { SUPPORTED_FIELD_TYPES } from "../constants";
 import { createCustomFieldsFeature } from "../feature";

package/src/custom-fields/__tests__/field-access.integration.ts CHANGED Viewed

@@ -9,7 +9,9 @@
 // exactly as in B2 (no extra gate) — the existing roundtrip-test suite
 // stays green, and we add an explicit covers-the-no-op-path test here too.
-import { buildDrizzleTable } from "@cosmicdrift/kumiko-framework/db";
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import { buildEntityTable } from "@cosmicdrift/kumiko-framework/db";
 import {
   createEntity,
   createEntityExecutor,
@@ -24,8 +26,6 @@ import {
   type TestStack,
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import { z } from "zod";
 import { fieldDefinitionEntity } from "../entity";
 import { createCustomFieldsFeature } from "../feature";
@@ -38,7 +38,7 @@ const propertyEntity = createEntity({
     customFields: customFieldsField(),
   },
 });
-const propertyTable = buildDrizzleTable("property", propertyEntity);
+const propertyTable = buildEntityTable("property", propertyEntity);
 const propertyFeature = defineFeature("property-t15b", (r) => {
   r.entity("property", propertyEntity);
@@ -84,8 +84,8 @@ afterAll(async () => {
 beforeEach(async () => {
   await resetEventStore(stack);
-  await stack.db.execute(sql`DELETE FROM read_t15b_properties`);
-  await stack.db.execute(sql`DELETE FROM read_custom_field_definitions`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_t15b_properties`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_custom_field_definitions`);
 });
 async function defineField(fieldKey: string, serializedField: Record<string, unknown>) {

package/src/custom-fields/__tests__/quota.integration.ts CHANGED Viewed

@@ -5,7 +5,9 @@
 // rejects with `unprocessable` + reason `cap_exceeded` when the
 // tenant already has >= N definitions.
-import { buildDrizzleTable } from "@cosmicdrift/kumiko-framework/db";
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import { buildEntityTable } from "@cosmicdrift/kumiko-framework/db";
 import {
   createEntity,
   createEntityExecutor,
@@ -20,8 +22,6 @@ import {
   type TestStack,
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import { z } from "zod";
 import { fieldDefinitionEntity } from "../entity";
 import { createCustomFieldsFeature } from "../feature";
@@ -34,7 +34,7 @@ const propertyEntity = createEntity({
     customFields: customFieldsField(),
   },
 });
-const propertyTable = buildDrizzleTable("property", propertyEntity);
+const propertyTable = buildEntityTable("property", propertyEntity);
 const propertyFeature = defineFeature("property-t15e", (r) => {
   r.entity("property", propertyEntity);
@@ -74,8 +74,8 @@ afterAll(async () => {
 beforeEach(async () => {
   await resetEventStore(stack);
-  await stack.db.execute(sql`DELETE FROM read_t15e_properties`);
-  await stack.db.execute(sql`DELETE FROM read_custom_field_definitions`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_t15e_properties`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_custom_field_definitions`);
 });
 async function defineField(fieldKey: string) {

package/src/custom-fields/__tests__/retention.integration.ts CHANGED Viewed

@@ -9,7 +9,9 @@
 // The reference timestamp is the host row's `modified_at`, not a per-key
 // timestamp — see run-retention.ts header for the rationale.
-import { buildDrizzleTable } from "@cosmicdrift/kumiko-framework/db";
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import { buildEntityTable } from "@cosmicdrift/kumiko-framework/db";
 import {
   createEntity,
   createEntityExecutor,
@@ -25,8 +27,6 @@ import {
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
 import { getTemporal } from "@cosmicdrift/kumiko-framework/time";
-import { sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import { z } from "zod";
 import { fieldDefinitionEntity } from "../entity";
 import { createCustomFieldsFeature } from "../feature";
@@ -40,7 +40,7 @@ const propertyEntity = createEntity({
     customFields: customFieldsField(),
   },
 });
-const propertyTable = buildDrizzleTable("property", propertyEntity);
+const propertyTable = buildEntityTable("property", propertyEntity);
 const propertyFeature = defineFeature("property-t15d", (r) => {
   r.entity("property", propertyEntity);
@@ -81,8 +81,8 @@ afterAll(async () => {
 beforeEach(async () => {
   await resetEventStore(stack);
-  await stack.db.execute(sql`DELETE FROM read_t15d_properties`);
-  await stack.db.execute(sql`DELETE FROM read_custom_field_definitions`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_t15d_properties`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_custom_field_definitions`);
 });
 async function defineField(fieldKey: string, serializedField: Record<string, unknown>) {
@@ -116,14 +116,16 @@ async function setField(entityId: string, fieldKey: string, value: unknown) {
 // older than the retention cutoff. Faster than waiting `keepFor` real
 // time and the cleanest way to drive the cron under test.
 async function backdateRow(id: string, isoOlderThan: string) {
-  await stack.db.execute(
-    sql`UPDATE read_t15d_properties SET modified_at = ${isoOlderThan}::timestamptz WHERE id = ${id}`,
+  await asRawClient(stack.db).unsafe(
+    `UPDATE read_t15d_properties SET modified_at = $1::timestamptz WHERE id = $2`,
+    [isoOlderThan, id],
   );
 }
 async function readRow(id: string): Promise<Record<string, unknown> | undefined> {
-  const rows = await stack.db.execute(
-    sql`SELECT id, custom_fields FROM read_t15d_properties WHERE id = ${id}`,
+  const rows = await asRawClient(stack.db).unsafe(
+    `SELECT id, custom_fields FROM read_t15d_properties WHERE id = $1`,
+    [id],
   );
   return (rows as ReadonlyArray<Record<string, unknown>>)[0];
 }

package/src/custom-fields/__tests__/user-data-rights.integration.ts CHANGED Viewed

@@ -14,7 +14,9 @@
 //   * Forget strategy=delete: no-op — the host entity's own user-data-
 //     rights hook handles the row delete, jsonb travels with the row.
-import { buildDrizzleTable } from "@cosmicdrift/kumiko-framework/db";
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import { buildEntityTable } from "@cosmicdrift/kumiko-framework/db";
 import {
   createEntity,
   createEntityExecutor,
@@ -32,8 +34,6 @@ import {
   type TestStack,
   unsafeCreateEntityTable,
 } from "@cosmicdrift/kumiko-framework/stack";
-import { sql } from "drizzle-orm";
-import { afterAll, beforeAll, beforeEach, describe, expect, test } from "vitest";
 import { z } from "zod";
 import { createComplianceProfilesFeature } from "../../compliance-profiles";
 import { createDataRetentionFeature } from "../../data-retention";
@@ -52,17 +52,20 @@ const propertyEntity = createEntity({
     customFields: customFieldsField(),
   },
 });
-const propertyTable = buildDrizzleTable("property", propertyEntity);
+const propertyTable = buildEntityTable("property", propertyEntity);
 // Host entity gets its own EXT_USER_DATA-registration too — that's the
 // canonical setup (host bundle handles row-anonymize/delete, custom-fields
 // adds its strip-sensitive-jsonb layer on top). Both hooks fire in the
 // same cleanup-run.
 const hostExportHook: UserDataExportHook = async (ctx) => {
-  const rows = await ctx.db.execute(sql`
+  const rows = await asRawClient(ctx.db).unsafe(
+    `
     SELECT id, name FROM read_t15c_properties
-    WHERE inserted_by_id = ${ctx.userId} AND tenant_id = ${ctx.tenantId}
-  `);
+    WHERE inserted_by_id = $1 AND tenant_id = $2
+  `,
+    [ctx.userId, ctx.tenantId],
+  );
   const list = rows as ReadonlyArray<Record<string, unknown>>;
   if (list.length === 0) return null;
   return {
@@ -73,16 +76,22 @@ const hostExportHook: UserDataExportHook = async (ctx) => {
 const hostDeleteHook: UserDataDeleteHook = async (ctx, strategy) => {
   if (strategy === "delete") {
-    await ctx.db.execute(sql`
+    await asRawClient(ctx.db).unsafe(
+      `
       DELETE FROM read_t15c_properties
-      WHERE inserted_by_id = ${ctx.userId} AND tenant_id = ${ctx.tenantId}
-    `);
+      WHERE inserted_by_id = $1 AND tenant_id = $2
+    `,
+      [ctx.userId, ctx.tenantId],
+    );
   } else {
     // anonymize: clear owner, keep row + non-sensitive customFields
-    await ctx.db.execute(sql`
+    await asRawClient(ctx.db).unsafe(
+      `
       UPDATE read_t15c_properties SET inserted_by_id = NULL
-      WHERE inserted_by_id = ${ctx.userId} AND tenant_id = ${ctx.tenantId}
-    `);
+      WHERE inserted_by_id = $1 AND tenant_id = $2
+    `,
+      [ctx.userId, ctx.tenantId],
+    );
   }
 };
@@ -143,8 +152,8 @@ afterAll(async () => {
 beforeEach(async () => {
   await resetEventStore(stack);
-  await stack.db.execute(sql`DELETE FROM read_t15c_properties`);
-  await stack.db.execute(sql`DELETE FROM read_custom_field_definitions`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_t15c_properties`);
+  await asRawClient(stack.db).unsafe(`DELETE FROM read_custom_field_definitions`);
 });
 async function defineField(fieldKey: string, serializedField: Record<string, unknown>) {
@@ -175,8 +184,9 @@ async function setField(entityId: string, fieldKey: string, value: unknown) {
 }
 async function readRow(id: string): Promise<Record<string, unknown> | undefined> {
-  const rows = await stack.db.execute(
-    sql`SELECT id, custom_fields FROM read_t15c_properties WHERE id = ${id}`,
+  const rows = await asRawClient(stack.db).unsafe(
+    `SELECT id, custom_fields FROM read_t15c_properties WHERE id = $1`,
+    [id],
   );
   const list = rows as ReadonlyArray<Record<string, unknown>>;
   return list[0];

package/src/custom-fields/__tests__/wire-for-entity.test.ts CHANGED Viewed

@@ -1,6 +1,6 @@
-import { buildDrizzleTable } from "@cosmicdrift/kumiko-framework/db";
+import { describe, expect, test } from "bun:test";
+import { buildEntityTable } from "@cosmicdrift/kumiko-framework/db";
 import { createEntity, createTextField, defineFeature } from "@cosmicdrift/kumiko-framework/engine";
-import { describe, expect, test } from "vitest";
 import { customFieldsField, wireCustomFieldsFor } from "../wire-for-entity";
 // B2 wireCustomFieldsFor: einziger Aufruf registriert MSP + postQuery-hook +
@@ -15,7 +15,7 @@ const propertyEntity = createEntity({
   },
 });
-const propertyTable = buildDrizzleTable("property", propertyEntity);
+const propertyTable = buildEntityTable("property", propertyEntity);
 describe("wireCustomFieldsFor", () => {
   test("registers useExtension + MSP + postQuery-entity-hook + search-payload-extension", () => {
@@ -43,7 +43,7 @@ describe("wireCustomFieldsFor", () => {
     expect(feature.entityHooks.postQuery["property"]).toHaveLength(1);
     // 4. search-payload-extension on "property"
-    expect(feature.searchPayloadExtensions["property"]).toHaveLength(1);
+    expect(feature.searchPayloadExtensions!["property"]).toHaveLength(1);
   });
   test("postQuery-hook flattens row.customFields onto root", async () => {
@@ -107,7 +107,7 @@ describe("wireCustomFieldsFor", () => {
       wireCustomFieldsFor(r, "property", propertyTable);
     });
-    const contributor = feature.searchPayloadExtensions["property"]?.[0]?.fn;
+    const contributor = feature.searchPayloadExtensions!["property"]?.[0]?.fn;
     expect(contributor).toBeDefined();
     const result = await contributor?.({
       entityName: "property",

package/src/custom-fields/db/queries/field-access.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import type { TenantDb } from "@cosmicdrift/kumiko-framework/db";
+export async function selectSerializedFieldDefinition(
+  db: TenantDb,
+  tenantId: string,
+  entityName: string,
+  fieldKey: string,
+): Promise<unknown | null> {
+  const rows = await asRawClient(db.raw).unsafe(
+    "SELECT serialized_field FROM read_custom_field_definitions WHERE entity_name = $1 AND field_key = $2 AND tenant_id = $3 LIMIT 1",
+    [entityName, fieldKey, tenantId],
+  );
+  const first = (rows as ReadonlyArray<Record<string, unknown>>)[0];
+  return first ? (first["serialized_field"] ?? null) : null;
+}

package/src/custom-fields/db/queries/projection.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import type { DbRunner } from "@cosmicdrift/kumiko-framework/db";
+function quoteTable(tableName: string): string {
+  return `"${tableName.replace(/"/g, '""')}"`;
+}
+export async function setCustomFieldValue(
+  db: DbRunner,
+  tableName: string,
+  fieldKey: string,
+  valueJson: string,
+  aggregateId: string,
+): Promise<void> {
+  const tbl = quoteTable(tableName);
+  const escapedKey = fieldKey.replace(/'/g, "''");
+  await asRawClient(db).unsafe(
+    `UPDATE ${tbl} SET custom_fields = jsonb_set(custom_fields, '{${escapedKey}}', $1::jsonb, true) WHERE id = $2`,
+    [valueJson, aggregateId],
+  );
+}
+export async function clearCustomFieldKey(
+  db: DbRunner,
+  tableName: string,
+  fieldKey: string,
+  aggregateId: string,
+): Promise<void> {
+  const tbl = quoteTable(tableName);
+  await asRawClient(db).unsafe(
+    `UPDATE ${tbl} SET custom_fields = custom_fields - $1 WHERE id = $2`,
+    [fieldKey, aggregateId],
+  );
+}
+export async function removeCustomFieldKeyFromAllRows(
+  db: DbRunner,
+  tableName: string,
+  fieldKey: string,
+): Promise<void> {
+  const tbl = quoteTable(tableName);
+  await asRawClient(db).unsafe(`UPDATE ${tbl} SET custom_fields = custom_fields - $1`, [fieldKey]);
+}

package/src/custom-fields/db/queries/quota.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import type { TenantDb } from "@cosmicdrift/kumiko-framework/db";
+export async function countTenantFieldDefinitions(db: TenantDb, tenantId: string): Promise<number> {
+  const rowsResult = await asRawClient(db.raw).unsafe(
+    "SELECT COUNT(*)::int AS n FROM read_custom_field_definitions WHERE tenant_id = $1",
+    [tenantId],
+  );
+  const rows = rowsResult as ReadonlyArray<Record<string, unknown>>;
+  const first = rows[0];
+  if (!first) return 0;
+  const n = first["n"];
+  return typeof n === "number" ? n : Number.parseInt(String(n ?? 0), 10);
+}

package/src/custom-fields/db/queries/retention.ts ADDED Viewed

@@ -0,0 +1,39 @@
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import type { DbRunner } from "@cosmicdrift/kumiko-framework/db";
+export async function selectFieldDefinitionsWithSerialized(
+  db: DbRunner,
+  entityName: string,
+  tenantId: string,
+): Promise<readonly { field_key: string; serialized_field: unknown }[]> {
+  return asRawClient(db).unsafe(
+    "SELECT field_key, serialized_field FROM read_custom_field_definitions WHERE entity_name = $1 AND tenant_id = $2",
+    [entityName, tenantId],
+  ) as Promise<readonly { field_key: string; serialized_field: unknown }[]>;
+}
+export async function selectHostRowsWithCustomFields(
+  db: DbRunner,
+  tableName: string,
+  tenantId: string,
+): Promise<readonly unknown[]> {
+  const quoted = `"${tableName.replace(/"/g, '""')}"`;
+  const rowsResult = await asRawClient(db).unsafe(
+    `SELECT id, modified_at, custom_fields FROM ${quoted} WHERE tenant_id = $1 AND custom_fields IS NOT NULL`,
+    [tenantId],
+  );
+  return Array.isArray(rowsResult) ? rowsResult : [];
+}
+export async function updateHostRowCustomFields(
+  db: DbRunner,
+  tableName: string,
+  customFieldsJson: string,
+  rowId: string,
+): Promise<void> {
+  const quoted = `"${tableName.replace(/"/g, '""')}"`;
+  await asRawClient(db).unsafe(`UPDATE ${quoted} SET custom_fields = $1::jsonb WHERE id = $2`, [
+    customFieldsJson,
+    rowId,
+  ]);
+}

package/src/custom-fields/db/queries/user-data-rights.ts ADDED Viewed

@@ -0,0 +1,54 @@
+import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import type { DbRunner } from "@cosmicdrift/kumiko-framework/db";
+function quoteTable(tableName: string): string {
+  return `"${tableName.replace(/"/g, '""')}"`;
+}
+function quoteColumn(columnName: string): string {
+  return `"${columnName.replace(/"/g, '""')}"`;
+}
+export async function selectCustomFieldsHostRows(
+  db: DbRunner,
+  tableName: string,
+  userIdColumn: string,
+  userId: string,
+  tenantId: string,
+): Promise<readonly unknown[]> {
+  const tbl = quoteTable(tableName);
+  const userCol = quoteColumn(userIdColumn);
+  const rowsResult = await asRawClient(db).unsafe(
+    `SELECT id, custom_fields FROM ${tbl} WHERE ${userCol} = $1 AND tenant_id = $2`,
+    [userId, tenantId],
+  );
+  return Array.isArray(rowsResult) ? rowsResult : [];
+}
+export async function stripSensitiveCustomFieldKeys(
+  db: DbRunner,
+  tableName: string,
+  userIdColumn: string,
+  sensitiveKeys: readonly string[],
+  userId: string,
+  tenantId: string,
+): Promise<void> {
+  const tbl = quoteTable(tableName);
+  const userCol = quoteColumn(userIdColumn);
+  const placeholders = sensitiveKeys.map((_, i) => `$${i + 1}`).join(" - ");
+  await asRawClient(db).unsafe(
+    `UPDATE ${tbl} SET custom_fields = custom_fields - ${placeholders} WHERE ${userCol} = $${sensitiveKeys.length + 1} AND tenant_id = $${sensitiveKeys.length + 2}`,
+    [...sensitiveKeys, userId, tenantId],
+  );
+}
+export async function selectFieldDefinitionsForEntity(
+  db: DbRunner,
+  entityName: string,
+  tenantId: string,
+): Promise<readonly { field_key: string; serialized_field: unknown }[]> {
+  return asRawClient(db).unsafe(
+    "SELECT field_key, serialized_field FROM read_custom_field_definitions WHERE entity_name = $1 AND tenant_id = $2",
+    [entityName, tenantId],
+  ) as Promise<readonly { field_key: string; serialized_field: unknown }[]>;
+}

package/src/custom-fields/lib/field-access.ts CHANGED Viewed

@@ -1,12 +1,7 @@
 // T1.5b — per-field write access-check for the set/clear handlers.
-//
-// Loads a fieldDefinition by (tenantId, entityName, fieldKey), reads its
-// `serializedField.fieldAccess.write` array, and verifies the calling user
-// holds at least one of the listed roles. When `fieldAccess.write` is
-// absent or empty the handler-level RBAC is the only gate.
 import type { TenantDb } from "@cosmicdrift/kumiko-framework/db";
-import { sql } from "drizzle-orm";
+import { selectSerializedFieldDefinition } from "../db/queries/field-access";
 import { parseSerializedField } from "./parse-serialized-field";
 export type FieldAccessCheckResult =
@@ -17,36 +12,6 @@ export type FieldAccessCheckResult =
       requiredRoles?: ReadonlyArray<string>;
     };
-// Resolution mirrors the Plan-Doc v2 system+tenant UNION: the active
-// definition for a fieldKey on an entity is either system-scope or
-// tenant-scope, never both (B1 conflict-rule). The tenant-scoped row sits
-// in the caller's tenantId; system-scoped rows would sit under
-// SYSTEM_TENANT_ID. B1 only ships the tenant-scoped pipeline, so we only
-// query the caller's tenant — system-scope lookup will land in B2.
-async function loadSerializedField(
-  db: TenantDb,
-  tenantId: string,
-  entityName: string,
-  fieldKey: string,
-): Promise<unknown | null> {
-  // TenantDb's tenant-filtered API doesn't expose raw SQL — for this
-  // single-row lookup we drop down to the underlying DbRunner. tenantId
-  // is still pinned in the WHERE clause so we don't lose isolation.
-  const rows = await db.raw.execute(sql`
-    SELECT serialized_field
-    FROM read_custom_field_definitions
-    WHERE entity_name = ${entityName}
-      AND field_key = ${fieldKey}
-      AND tenant_id = ${tenantId}
-    LIMIT 1
-  `);
-  const first = (rows as ReadonlyArray<Record<string, unknown>>)[0]; // @cast-boundary db-row
-  return first ? (first["serialized_field"] ?? null) : null;
-}
-// Per Plan-Doc T1.5b: an empty / undefined `write` array means the field
-// inherits the handler-level RBAC unchanged. Only an explicit non-empty
-// list constrains. Intersection is role-name equality (case-sensitive).
 export async function checkFieldAccessForWrite(
   db: TenantDb,
   tenantId: string,
@@ -54,16 +19,12 @@ export async function checkFieldAccessForWrite(
   fieldKey: string,
   userRoles: ReadonlyArray<string>,
 ): Promise<FieldAccessCheckResult> {
-  const serialized = await loadSerializedField(db, tenantId, entityName, fieldKey);
+  const serialized = await selectSerializedFieldDefinition(db, tenantId, entityName, fieldKey);
   if (serialized === null) {
     return { ok: false, reason: "field_definition_not_found" };
   }
   const parsed = parseSerializedField(serialized);
-  // skip: corrupt serialized_field on disk → treat as no-access-restriction
-  // rather than 500. Loader already returned null on missing row, so a
-  // null here means parse-failure on a present row; behave like an open
-  // field (next gate is the handler-level RBAC).
   if (!parsed) return { ok: true };
   const required = parsed.fieldAccess?.write;

package/src/custom-fields/lib/quota.ts CHANGED Viewed

@@ -1,28 +1,5 @@
 // T1.5e — per-tenant fieldDefinition quota.
 //
-// `countTenantFieldDefinitions(db, tenantId)` runs a single COUNT(*) against
-// `read_custom_field_definitions` scoped to the caller's tenant. The
-// `define-tenant-field` handler consults this before insert and rejects
-// with `cap_exceeded` once a configurable per-tenant ceiling is reached.
-//
-// This is a simple projection-count rather than a `cap-counter`-bundle
-// counter, because the read-projection is the authoritative source
-// (soft-deleted rows already drop out) and we don't need rolling-window
-// semantics. A future iteration can swap to `cap-counter` if pricing
-// wants e.g. monthly-roll definition allowances.
-import type { TenantDb } from "@cosmicdrift/kumiko-framework/db";
-import { sql } from "drizzle-orm";
+// Re-exports from db/queries/quota.ts for backward-compatible import paths.
-export async function countTenantFieldDefinitions(db: TenantDb, tenantId: string): Promise<number> {
-  const rowsResult = await db.raw.execute(sql`
-    SELECT COUNT(*)::int AS n
-    FROM read_custom_field_definitions
-    WHERE tenant_id = ${tenantId}
-  `);
-  const rows = rowsResult as ReadonlyArray<Record<string, unknown>>; // @cast-boundary db-row
-  const first = rows[0];
-  if (!first) return 0;
-  const n = first["n"];
-  return typeof n === "number" ? n : Number.parseInt(String(n ?? 0), 10);
-}
+export { countTenantFieldDefinitions } from "../db/queries/quota";