@cosmicdrift/kumiko-bundled-features 0.15.0 → 0.18.0

package/src/user-data-rights/db/queries/export-jobs.ts

@@ -1,6 +1,7 @@
-import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import { selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import type { DbConnection } from "@cosmicdrift/kumiko-framework/db";
 import type { TenantId } from "@cosmicdrift/kumiko-framework/engine";
+import { exportJobsTable } from "../../schema/export-job";
 
 export type ExportJobCleanupCandidate = {
   readonly id: string;
@@ -16,8 +17,8 @@ export async function selectExportJobsForStorageCleanup(
   doneStatus: string,
   failedStatus: string,
 ): Promise<readonly ExportJobCleanupCandidate[]> {
-  return asRawClient(db).unsafe<ExportJobCleanupCandidate>(
-    `SELECT id, version, status, requested_from_tenant_id AS "requestedFromTenantId", download_storage_key AS "downloadStorageKey", expires_at AS "expiresAt" FROM read_export_jobs WHERE status IN ($1, $2) AND download_storage_key IS NOT NULL`,
-    [doneStatus, failedStatus],
-  );
+  return selectMany<ExportJobCleanupCandidate>(db, exportJobsTable, {
+    status: { in: [doneStatus, failedStatus] },
+    downloadStorageKey: { ne: null },
+  });
 }

package/src/user-data-rights/db/queries/forget-cleanup.ts

@@ -1,13 +1,18 @@
-import { asRawClient } from "@cosmicdrift/kumiko-framework/bun-db";
+import { selectMany } from "@cosmicdrift/kumiko-framework/bun-db";
 import type { DbConnection } from "@cosmicdrift/kumiko-framework/db";
+import { userTable } from "../../../user";
 
 export async function selectUsersDueForForgetCleanup(
   db: DbConnection,
   status: string,
-  gracePeriodEnd: string,
+  gracePeriodEndCutoff: Temporal.Instant | string,
 ): Promise<readonly { id: string }[]> {
-  return asRawClient(db).unsafe<{ id: string }>(
-    `SELECT id FROM read_users WHERE status = $1 AND grace_period_end <= $2`,
-    [status, gracePeriodEnd],
-  );
+  const cutoff =
+    typeof gracePeriodEndCutoff === "string"
+      ? Temporal.Instant.from(gracePeriodEndCutoff)
+      : gracePeriodEndCutoff;
+  return selectMany<{ id: string }>(db, userTable, {
+    status,
+    gracePeriodEnd: { lte: cutoff },
+  });
 }

package/src/user-data-rights/handlers/cancel-deletion.write.ts

@@ -23,7 +23,7 @@ export const cancelDeletionWrite = defineWriteHandler({
     // ctx.db.raw (kein TenantDb-Wrapper) weil User-Entity tenant-agnostisch
     // ist — siehe request-deletion.write.ts fuer die Begruendung. Cancel
     // muss aus jedem Tenant-Mode den User finden + zuruecksetzen koennen.
-    const row = await fetchOne<{ status: string; grace_period_end: Date | null }>(
+    const row = await fetchOne<{ status: string; gracePeriodEnd: Temporal.Instant | null }>(
       ctx.db.raw,
       userTable,
       { id: event.user.id },
@@ -37,26 +37,21 @@ export const cancelDeletionWrite = defineWriteHandler({
       );
     }
 
-    if (row["status"] !== USER_STATUS.DeletionRequested) {
+    if (row.status !== USER_STATUS.DeletionRequested) {
       return writeFailure(
         new UnprocessableError("no_pending_deletion", {
           details: {
             reason: "no_pending_deletion",
-            currentStatus: row["status"],
+            currentStatus: row.status,
           },
         }),
       );
     }
 
-    // inGrace computed JS-side: compare grace_period_end (Temporal.Instant
-    // from bun-db boundary) against current server clock.
-    const gracePeriodEnd = row["grace_period_end"];
+    const gracePeriodEnd = row.gracePeriodEnd;
     const inGrace =
       gracePeriodEnd != null &&
-      Temporal.Instant.compare(
-        gracePeriodEnd as unknown as Temporal.Instant,
-        Temporal.Now.instant(),
-      ) > 0;
+      Temporal.Instant.compare(gracePeriodEnd, Temporal.Now.instant()) > 0;
 
     if (!inGrace) {
       return writeFailure(

package/src/user-data-rights/handlers/export-status.query.ts

@@ -22,11 +22,11 @@ type Instant = InstanceType<ReturnType<typeof getTemporal>["Instant"]>;
 type ExportJobRow = {
   readonly id: string;
   readonly status: string;
-  readonly requested_at: Instant;
-  readonly completed_at: Instant | null;
-  readonly expires_at: Instant | null;
-  readonly error_message: string | null;
-  readonly bytes_written: number | null;
+  readonly requestedAt: Instant;
+  readonly completedAt: Instant | null;
+  readonly expiresAt: Instant | null;
+  readonly errorMessage: string | null;
+  readonly bytesWritten: number | null;
 };
 
 export const exportStatusQuery = defineQueryHandler({
@@ -49,13 +49,13 @@ export const exportStatusQuery = defineQueryHandler({
     return {
       hasJob: true as const,
       job: {
-        id: latest["id"],
-        status: latest["status"],
-        requestedAt: latest["requested_at"].toString(),
-        completedAt: latest["completed_at"]?.toString() ?? null,
-        expiresAt: latest["expires_at"]?.toString() ?? null,
-        errorMessage: latest["error_message"],
-        bytesWritten: latest["bytes_written"],
+        id: latest.id,
+        status: latest.status,
+        requestedAt: latest.requestedAt.toString(),
+        completedAt: latest.completedAt?.toString() ?? null,
+        expiresAt: latest.expiresAt?.toString() ?? null,
+        errorMessage: latest.errorMessage,
+        bytesWritten: latest.bytesWritten,
       },
     };
   },

package/src/user-data-rights/run-export-jobs.ts

@@ -595,11 +595,8 @@ async function storageCleanupPass(args: {
   // → Trade-off zugunsten DSGVO entschieden. Wenn ein Operator forensik
   // braucht, muss er das vor dem Cleanup-Pass capturen (out-of-band).
   //
-  // **SQL-Filter:** WHERE-clause auf downloadStorageKey IS NOT NULL filtert
-  // bereits in der DB statt im Loop. Bei skalierender DB-Historie (10k+
-  // done-jobs nach 30 Tagen) reduziert das den Worker-Roundtrip drastisch.
-  //
-  // or() + isNotNull(): no bun-db helper covers this combination — raw SQL.
+  // **SQL-Filter:** status IN (done, failed) + downloadStorageKey IS NOT NULL
+  // via selectMany (db/queries/export-jobs.ts).
   const candidates = await selectExportJobsForStorageCleanup(
     db,
     EXPORT_JOB_STATUS.Done,

package/src/user-data-rights/run-forget-cleanup.ts

@@ -112,7 +112,6 @@ export async function runForgetCleanup(
   const { db, registry, now, sendDeletionExecutedEmail } = args;
 
   // Step 1: Find users with expired grace period.
-  // lte with Instant: no bun-db operator covers this — raw SQL.
   const dueUsers = await selectUsersDueForForgetCleanup(
     db,
     USER_STATUS.DeletionRequested,

package/src/user-data-rights-defaults/__tests__/{user-data-rights-defaults.integration.ts → user-data-rights-defaults.integration.test.ts}

@@ -20,6 +20,7 @@ import {
 import { createComplianceProfilesFeature } from "../../compliance-profiles";
 import { createDataRetentionFeature } from "../../data-retention";
 import { createFilesFeature } from "../../files";
+import { createSessionsFeature } from "../../sessions";
 import {
   createUserFeature,
   USER_ANONYMIZED_DISPLAY_NAME,
@@ -39,6 +40,7 @@ const features = [
   createFilesFeature(),
   createDataRetentionFeature(),
   createComplianceProfilesFeature(),
+  createSessionsFeature(),
   createUserDataRightsFeature(),
   createUserDataRightsDefaultsFeature(),
 ];