npm - @cosmicdrift/kumiko-bundled-features - Versions diffs - 0.21.1 → 0.23.1 - Mend

@cosmicdrift/kumiko-bundled-features 0.21.1 → 0.23.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/src/custom-fields/web/custom-fields-form-section.tsx ADDED Viewed

@@ -0,0 +1,181 @@
+// @runtime client
+// CustomFieldsFormSection — extension-section component für entityEdit-
+// Screens. Lädt die fieldDefinition-Liste des Tenants, filtert auf die
+// host-Entity, rendert pro Definition einen typed Input, dispatched
+// `custom-fields:write:set-custom-field` pro non-empty Value beim Save.
+//
+// Mount via createKumikoApp({ clientFeatures: [customFieldsClient()] })
+// — der clientFeature-Factory registriert diese Component unter dem
+// Namen `CustomFieldsFormSection`, den die App im Screen-Schema via
+// `component: { react: { __component: CUSTOM_FIELDS_FORM_EXTENSION_NAME } }`
+// referenziert.
+import { useDispatcher, usePrimitives, useQuery } from "@cosmicdrift/kumiko-renderer";
+import { type ReactNode, useState } from "react";
+import { CustomFieldsHandlers, CustomFieldsQueries } from "../constants";
+type FieldDefinitionRow = {
+  readonly id: string;
+  readonly entityName: string;
+  readonly fieldKey: string;
+  readonly type: string;
+  readonly required: boolean;
+  readonly displayOrder: number;
+};
+type FieldDefinitionListResponse = {
+  readonly rows: readonly FieldDefinitionRow[];
+};
+export function CustomFieldsFormSection({
+  entityName,
+  entityId,
+}: {
+  readonly entityName: string;
+  readonly entityId: string | null;
+}): ReactNode {
+  const { Banner, Button, Field, Input, Text } = usePrimitives();
+  const dispatcher = useDispatcher();
+  const query = useQuery<FieldDefinitionListResponse>(CustomFieldsQueries.fieldDefinitionList, {});
+  const [pending, setPending] = useState<Readonly<Record<string, string>>>({});
+  const [saving, setSaving] = useState(false);
+  const [errorKey, setErrorKey] = useState<string | null>(null);
+  if (entityId === null) {
+    return (
+      <Banner variant="info" testId="custom-fields-form-create-mode">
+        <Text>Save the entity first to add custom field values.</Text>
+      </Banner>
+    );
+  }
+  if (query.loading && query.data === null) {
+    return (
+      <Banner variant="loading" testId="custom-fields-form-loading">
+        <Text>Loading…</Text>
+      </Banner>
+    );
+  }
+  if (query.error) {
+    return (
+      <Banner variant="error" testId="custom-fields-form-error">
+        <Text>{query.error.i18nKey}</Text>
+      </Banner>
+    );
+  }
+  const matchingFields = (query.data?.rows ?? [])
+    .filter((f) => f.entityName === entityName)
+    .slice()
+    .sort((a, b) => a.displayOrder - b.displayOrder);
+  if (matchingFields.length === 0) {
+    return (
+      <Banner variant="info" testId="custom-fields-form-empty">
+        <Text>No custom fields defined for "{entityName}".</Text>
+      </Banner>
+    );
+  }
+  const handleSave = async (): Promise<void> => {
+    setSaving(true);
+    setErrorKey(null);
+    try {
+      for (const field of matchingFields) {
+        const raw = pending[field.fieldKey];
+        if (raw === undefined || raw === "") continue;
+        const value = coerceValue(field.type, raw);
+        const result = await dispatcher.write(CustomFieldsHandlers.setCustomField, {
+          entityName,
+          entityId,
+          fieldKey: field.fieldKey,
+          value,
+        });
+        if (!result.isSuccess) {
+          setErrorKey(result.error?.i18nKey ?? "custom-fields:save-failed");
+          return;
+        }
+      }
+      setPending({});
+    } finally {
+      setSaving(false);
+    }
+  };
+  const dirty = Object.values(pending).some((v) => v !== "");
+  return (
+    <div data-testid="custom-fields-form-section">
+      {matchingFields.map((field) => (
+        <Field
+          key={field.id}
+          id={`custom-field-${field.fieldKey}`}
+          label={field.fieldKey}
+          required={field.required}
+        >
+          {renderInputFor(field, pending[field.fieldKey] ?? "", (v) =>
+            setPending((p) => ({ ...p, [field.fieldKey]: v })),
+          )}
+        </Field>
+      ))}
+      <Button
+        variant="primary"
+        onClick={() => void handleSave()}
+        disabled={saving || !dirty}
+        testId="custom-fields-form-save"
+      >
+        {saving ? "Saving…" : "Save custom fields"}
+      </Button>
+      {errorKey !== null && (
+        <Banner variant="error" testId="custom-fields-form-save-error">
+          <Text>{errorKey}</Text>
+        </Banner>
+      )}
+    </div>
+  );
+  function renderInputFor(
+    field: FieldDefinitionRow,
+    raw: string,
+    onChange: (v: string) => void,
+  ): ReactNode {
+    const id = `custom-field-${field.fieldKey}`;
+    const name = field.fieldKey;
+    if (field.type === "number") {
+      return (
+        <Input
+          kind="number"
+          id={id}
+          name={name}
+          value={raw === "" ? "" : Number(raw)}
+          onChange={(v) => onChange(v === undefined ? "" : String(v))}
+        />
+      );
+    }
+    if (field.type === "boolean") {
+      return (
+        <Input
+          kind="boolean"
+          id={id}
+          name={name}
+          value={raw === "true"}
+          onChange={(v) => onChange(v ? "true" : "false")}
+        />
+      );
+    }
+    if (field.type === "date") {
+      return (
+        <Input kind="date" id={id} name={name} value={raw} onChange={(v) => onChange(v ?? "")} />
+      );
+    }
+    return <Input kind="text" id={id} name={name} value={raw} onChange={onChange} />;
+  }
+}
+function coerceValue(type: string, raw: string): unknown {
+  if (type === "number") {
+    const n = Number(raw);
+    return Number.isNaN(n) ? raw : n;
+  }
+  if (type === "boolean") return raw === "true";
+  return raw;
+}

package/src/custom-fields/web/index.ts ADDED Viewed

@@ -0,0 +1,8 @@
+// @runtime client
+export {
+  CUSTOM_FIELDS_FORM_EXTENSION_NAME,
+  CustomFieldsHandlers,
+  CustomFieldsQueries,
+} from "../constants";
+export { customFieldsClient } from "./client-plugin";
+export { CustomFieldsFormSection } from "./custom-fields-form-section";

package/src/files/__tests__/files.integration.test.ts CHANGED Viewed

@@ -4,13 +4,11 @@
 //   1. Feature-Definition Smoke (Boot-Validation passes)
 //   2. Cross-Feature-Behavior: fileRef-Entity ist als Hook-Anker für
 //      Sprint-2-userData-Extension nutzbar
-//   3. DDL-Konsistenz: Framework-pgTable + Feature-Entity zeigen auf
-//      dieselbe Postgres-Struktur (Drift-Guard)
-//   4. Event-QN-Match: r.defineEvent + framework's fileUploadedEvent
-//      resolven zum selben QN
+//   3. DDL-Konsistenz: fileRefsTable (buildEntityTable) + fileRefEntity
+//      zeigen auf dieselbe Postgres-Struktur (Drift-Guard)
 import { defineFeature, EXT_USER_DATA } from "@cosmicdrift/kumiko-framework/engine";
-import { FILE_UPLOADED_EVENT_TYPE, fileRefsTable } from "@cosmicdrift/kumiko-framework/files";
+import { fileRefsTable } from "@cosmicdrift/kumiko-framework/files";
 import { setupTestStack, type TestStack } from "@cosmicdrift/kumiko-framework/stack";
 // Native dialect exposes column metadata on the `columns` array (EntityTableMeta)
@@ -148,21 +146,3 @@ describe("files :: DDL-Konsistenz (M3, S1.7)", () => {
     expect(pgColumns.has("size")).toBe(true);
   });
 });
-describe("files :: event-QN-match (M4, S1.7)", () => {
-  test("framework's fileUploadedEvent.name === 'files:event:uploaded'", () => {
-    // Wenn das Framework den Event-Namen aendert, fliegt dieser Test
-    // sofort an — und der QN aus r.defineEvent("uploaded") im feature
-    // wuerde nicht mehr matchen. Drift-Guard.
-    expect(FILE_UPLOADED_EVENT_TYPE).toBe("files:event:uploaded");
-  });
-  test("Feature-Name 'files' + Event-Short 'uploaded' = QN 'files:event:uploaded'", () => {
-    // r.defineEvent("uploaded") in defineFeature("files", ...) resolved
-    // zu QN "files:event:uploaded" via Framework-Convention. Match
-    // garantiert dass framework's appendEvent + EventDef-Schema-
-    // Validation auf demselben QN landen.
-    const expected = `${feature.name}:event:uploaded`;
-    expect(expected).toBe(FILE_UPLOADED_EVENT_TYPE);
-  });
-});

package/src/files/feature.ts CHANGED Viewed

@@ -1,34 +1,7 @@
-import { defineFeature, type FeatureDefinition } from "@cosmicdrift/kumiko-framework/engine";
-import { fileUploadedPayloadSchema } from "@cosmicdrift/kumiko-framework/files";
-import { fileRefEntity } from "./schema/file-ref";
-export { fileRefEntity } from "./schema/file-ref";
-// files — Schema-Sicht der framework-internen file_refs-Tabelle als
-// bundled-feature, damit Cross-Feature-Hooks (userData, tenantData) sich
-// an die "fileRef"-Entity hängen können.
-//
-// Sprint 1.5 (this commit):
-//   - r.entity("fileRef", fileRefEntity) — Schema-Surface
-//   - r.defineEvent("uploaded", schema)  — Event-Marker
-//
-// Sprint 2 (kommt):
-//   - r.useExtension(EXT_USER_DATA, "fileRef", { export, delete })
-//
-// Sprint 5 (kommt):
-//   - r.useExtension(EXT_TENANT_DATA, "fileRef", { destroy })
-//
-// Routes bleiben framework-internal (multipart-Upload + binary-Streaming
-// passen nicht in das Handler-Pattern; siehe schema/file-ref.ts für
-// Architektur-Note).
-//
-// Sprint-1.5-Plan-Roadmap-Wille: "fileRefsTable bleibt in framework
-// (kein Daten-Move), aber r.entity('fileRef') deklariert sie für das
-// Feature." — diese Datei IST die Umsetzung.
-export function createFilesFeature(): FeatureDefinition {
-  return defineFeature("files", (r) => {
-    r.entity("fileRef", fileRefEntity);
-    r.defineEvent("uploaded", fileUploadedPayloadSchema);
-  });
-}
+// files — full Event-Sourcing für File-Metadata. Die Implementierung (Entity,
+// files:event:*-Events, Inline-Projektion) lebt seit dem ES-Umbau im
+// Framework neben file-routes + fileRefsTable, weil file-routes hart davon
+// abhängt (appendDomainEventCore verlangt registrierte Events + Projektion).
+// Dieses Modul re-exportiert nur, damit der App-Import-Pfad
+// `@cosmicdrift/kumiko-bundled-features/files` stabil bleibt.
+export { createFilesFeature, fileRefEntity } from "@cosmicdrift/kumiko-framework/files";

package/src/files-provider-s3/__tests__/s3-provider.integration.test.ts CHANGED Viewed

@@ -110,6 +110,33 @@ describe("s3-provider (Minio)", () => {
     const key = uniqueKey("never-existed.bin");
     await expect(provider.read(key)).rejects.toThrow();
   });
+  test("writeStream round-trip via multipart writer preserves bytes", async () => {
+    // Pinst die idiomatic Bun-S3-writer-Form (write + end, kein manual
+    // flush). Chunks summieren absichtlich auf > 5 MiB (partSize) UND auf
+    // einen krummen Rest, damit der multipart-finalizer auch dann greift,
+    // wenn die Source-Chunks nicht auf die Part-Boundary aufgehen.
+    const key = uniqueKey("stream-multipart.bin");
+    const partSize = 5 * 1024 * 1024;
+    const chunk = new Uint8Array(1024 * 1024);
+    for (let i = 0; i < chunk.length; i++) chunk[i] = i % 251;
+    const chunks: Uint8Array[] = [];
+    for (let i = 0; i < 7; i++) chunks.push(chunk);
+    if (!provider.writeStream) throw new Error("s3 provider should implement writeStream");
+    await provider.writeStream(
+      key,
+      (async function* () {
+        for (const c of chunks) yield c;
+      })(),
+    );
+    const readBack = await provider.read(key);
+    expect(readBack.byteLength).toBe(chunks.length * chunk.length);
+    expect(readBack.byteLength).toBeGreaterThan(partSize);
+    expect(readBack[0]).toBe(0);
+    expect(readBack[readBack.byteLength - 1]).toBe(chunk[chunk.length - 1]);
+  });
 });
 describe("createS3ProviderFromEnv", () => {

package/src/files-provider-s3/s3-provider.ts CHANGED Viewed

@@ -72,26 +72,21 @@ export function createS3Provider(config: S3ProviderConfig): FileStorageProvider
     },
     async writeStream(key, source, options): Promise<void> {
-      // Echtes multipart-streaming via Bun's S3-Writer — der Source-
-      // AsyncIterable wird chunk-weise hochgeladen, niemals alles im Memory.
-      // Wir flushen sobald ein Part voll ist, damit der Heap-Footprint auf
-      // ~ein Part begrenzt bleibt, unabhaengig von der Total-Bundle-Size —
-      // macht 1GB+ Exports ohne OOM moeglich.
+      // Echtes multipart-streaming via Bun's S3-Writer — partSize steuert die
+      // Part-Boundary intern (AWS/R2 verlangen non-final Parts >= 5 MiB,
+      // sonst EntityTooSmall beim CompleteMultipartUpload). Manuelles flush()
+      // hier wuerde genau diese Garantie brechen, sobald die Source-Chunks
+      // nicht auf partSize aufgehen.
       const writer = client.file(key).writer({
         ...(options?.mimeType !== undefined && { type: options.mimeType }),
         retry: 3,
         queueSize: 4,
         partSize: STREAM_PART_SIZE,
       });
-      let buffered = 0;
       for await (const chunk of source) {
-        // write() returns a Promise when the writer applies backpressure —
-        // awaiting it bounds the in-flight queue instead of buffering ahead.
-        buffered += await writer.write(chunk);
-        if (buffered >= STREAM_PART_SIZE) {
-          await writer.flush();
-          buffered = 0;
-        }
+        // Await applies Backpressure und bounded die in-flight Queue auf
+        // queueSize, statt unbegrenzt zu puffern.
+        await writer.write(chunk);
       }
       await writer.end();
     },

package/src/tenant/__tests__/seed-testing.integration.test.ts CHANGED Viewed

@@ -62,7 +62,7 @@ beforeEach(async () => {
 describe("seedTenant", () => {
   test("schreibt Projection-Row mit id/key/name", async () => {
-    const id = await seedTenant(stack.db, {
+    const { id } = await seedTenant(stack.db, {
       id: TENANT_A,
       key: "tenant-a",
       name: "Tenant A",

package/src/tenant/seeding.ts CHANGED Viewed

@@ -24,8 +24,9 @@
 // IS a test fixture, not a user request) while still producing the
 // correct event + projection.
 //
-// Idempotent: calling twice for the same (userId, tenantId) is a no-op on
-// the second call (ifExists="skip", siehe @cosmicdrift/kumiko-framework/seeding).
+// Idempotent (add-only): calling twice for the same (userId, tenantId) is
+// a no-op on the second call. Memberships have no update-semantic — to
+// change roles, write a new event via the regular handler path.
 import { fetchOne } from "@cosmicdrift/kumiko-framework/bun-db";
 import {
@@ -73,12 +74,15 @@ export type SeedTenantOptions = {
 };
 /**
- * Seed a tenant through the event-store executor. Idempotent (ifExists="skip"):
- * a second call for the same `id` is a no-op. Same TX-semantics as the real
- * `TenantHandlers.create`, minus the SystemAdmin-access-check and minus
- * ConflictError-on-duplicate.
+ * Seed a tenant through the event-store executor. Idempotent add-only:
+ * a second call for the same `id` is a no-op (no update path). Same
+ * TX-semantics as the real `TenantHandlers.create`, minus the SystemAdmin-
+ * access-check and minus ConflictError-on-duplicate.
  */
-export async function seedTenant(db: DbRunner, options: SeedTenantOptions): Promise<TenantId> {
+export async function seedTenant(
+  db: DbRunner,
+  options: SeedTenantOptions,
+): Promise<{ id: TenantId }> {
   const by = options.by ?? TestUsers.systemAdmin;
   // executor.create erwartet eine TenantDb (mit .insert()-API), nicht
   // die rohe DbConnection. Auch wenn das Tenant-Aggregat selbst NICHT
@@ -88,14 +92,14 @@ export async function seedTenant(db: DbRunner, options: SeedTenantOptions): Prom
   const tdb = createTenantDb(db, by.tenantId, "system");
   const existing = await fetchOne(db, tenantTable, { id: options.id });
-  if (existing) return options.id;
+  if (existing) return { id: options.id };
   // Idempotenz: Aggregate kann im Event-Store existieren ohne Projection-Row
   // (Projection-Drift nach rebuild, manuellem DELETE, oder async-lag). Wenn
   // Stream-Version > 0 → kein create() — wäre version_conflict. Caller
   // bekommt die ID, Projection wird beim nächsten Dispatcher-Cycle aufgebaut.
   const streamVersion = await getAggregateStreamMaxVersion(db, options.id);
-  if (streamVersion > 0) return options.id;
+  if (streamVersion > 0) return { id: options.id };
   const result = await tenantExecutor.create(
     { id: options.id, key: options.key, name: options.name },
@@ -107,7 +111,7 @@ export async function seedTenant(db: DbRunner, options: SeedTenantOptions): Prom
       `seedTenant failed: ${result.error.code} — ${JSON.stringify(result.error.details ?? {})}`,
     );
   }
-  return options.id;
+  return { id: options.id };
 }
 /**
@@ -116,11 +120,13 @@ export async function seedTenant(db: DbRunner, options: SeedTenantOptions): Prom
  * projection row in one transaction — identical effect to
  * `TenantHandlers.addMember`, minus the access-check and minus the
  * ConflictError on duplicates (duplicate calls no-op).
+ *
+ * Returns the membership-row id (existing on no-op, freshly minted on create).
  */
 export async function seedTenantMembership(
   db: DbRunner,
   options: SeedTenantMembershipOptions,
-): Promise<void> {
+): Promise<{ id: string }> {
   const by = options.by ?? TestUsers.systemAdmin;
   // Wrap into a system-scoped TenantDb so the insert respects the tenant-
   // override (we write into options.tenantId, which may differ from by.tenantId).
@@ -134,10 +140,11 @@ export async function seedTenantMembership(
     userId: options.userId,
     tenantId: options.tenantId,
   });
-  // skip: idempotent no-op — duplicate seed is expected across beforeEach-
-  // resets that don't truncate this table. Cheaper than try/catch on the
-  // unique-index, and documented in the function JSDoc above.
-  if (existing) return;
+  if (existing) {
+    // @cast-boundary db-row: membership-row id is uuid (string) per
+    // entity definition; fetchOne returns the raw projection row.
+    return { id: existing["id"] as string };
+  }
   const result = await executor.create(
     {
@@ -153,4 +160,17 @@ export async function seedTenantMembership(
       `seedTenantMembership failed: ${result.error.code} — ${JSON.stringify(result.error.details ?? {})}`,
     );
   }
+  return { id: extractMembershipId(result.data) };
+}
+function extractMembershipId(data: unknown): string {
+  if (typeof data === "object" && data !== null && "id" in data) {
+    // @cast-boundary engine-bridge: executor.create returns the projection
+    // row as Record<string, unknown>; id is uuid per entity definition.
+    const id = (data as { id: unknown }).id;
+    if (typeof id === "string") return id;
+  }
+  throw new Error(
+    `seedTenantMembership: executor.create returned no string id (got ${JSON.stringify(data)})`,
+  );
 }

package/src/text-content/seeding.ts CHANGED Viewed

@@ -36,7 +36,7 @@ export type SeedTextBlockOptions = {
 export async function seedTextBlock(
   db: DbConnection,
   opts: SeedTextBlockOptions,
-): Promise<{ id: string | number }> {
+): Promise<{ id: string }> {
   // Default-user muss user.tenantId === opts.tenantId haben, sonst
   // landet der event-store-stream im user.tenantId-bucket aber die
   // projection-row im opts.tenantId-bucket. Spätere echte writes via
@@ -75,6 +75,9 @@ export async function seedTextBlock(
       if (!result.isSuccess) {
         throw new Error(`seedTextBlock create failed: ${JSON.stringify(result)}`);
       }
+      // @cast-boundary db-row: executor.create result.data ist die
+      // inserted Drizzle-Row (Record<string, unknown>), projected
+      // nach INSERT/RETURNING auf TextBlockRow. Runtime-Check unten.
       const data = result.data as Partial<TextBlockRow>;
       if (data.id === undefined) {
         throw new Error("seedTextBlock: executor.create did not return an id");

package/src/text-content/table.ts CHANGED Viewed

@@ -38,7 +38,7 @@ export const textBlocksTable = buildEntityTable("text-block", textBlockEntity);
 // createdAt, updatedAt, createdBy, updatedBy) die buildBaseColumns
 // erzwingt.
 export type TextBlockRow = {
-  readonly id: string | number;
+  readonly id: string;
   readonly version: number;
   readonly tenantId: string;
   readonly slug: string;

package/src/user/__tests__/seed-testing.integration.test.ts CHANGED Viewed

@@ -47,7 +47,7 @@ beforeEach(async () => {
 describe("seedUser", () => {
   test("schreibt Projection-Row mit email/displayName/passwordHash", async () => {
-    const userId = await seedUser(stack.db, {
+    const { id: userId } = await seedUser(stack.db, {
       email: "alice@example.com",
       displayName: "Alice",
       passwordHash: "$argon2id$test-hash",
@@ -62,7 +62,7 @@ describe("seedUser", () => {
   });
   test("emittiert user.created-Event auf den Aggregate-Stream", async () => {
-    const userId = await seedUser(stack.db, {
+    const { id: userId } = await seedUser(stack.db, {
       email: "bob@example.com",
       displayName: "Bob",
     });
@@ -84,7 +84,7 @@ describe("seedUser", () => {
       email: "carol@example.com",
       displayName: "Carol Updated",
     });
-    expect(second).toBe(first);
+    expect(second.id).toBe(first.id);
     const rows = await selectMany(stack.db, userTable, { email: "carol@example.com" });
     expect(rows).toHaveLength(1);
@@ -96,7 +96,7 @@ describe("seedUser", () => {
   });
   test("passwordHash optional — User ohne Hash anlegbar (z.B. SSO-Federation)", async () => {
-    const userId = await seedUser(stack.db, {
+    const { id: userId } = await seedUser(stack.db, {
       email: "dave@example.com",
       displayName: "Dave",
     });
@@ -105,7 +105,7 @@ describe("seedUser", () => {
   });
   test("default `by` ist TestUsers.systemAdmin (für audit-trail)", async () => {
-    const userId = await seedUser(stack.db, {
+    const { id: userId } = await seedUser(stack.db, {
       email: "eve@example.com",
       displayName: "Eve",
     });

package/src/user/seeding.ts CHANGED Viewed

@@ -1,9 +1,9 @@
 // Testing-Helper fürs user-Feature. `seedUser` legt einen User direkt
 // über den Event-Store-Executor an — gleicher Pfad wie der echte
 // `UserHandlers.create`, aber ohne Access-Check und ohne ConflictError
-// bei Duplikaten. Verhält sich wie ifExists="skip" (siehe
-// @cosmicdrift/kumiko-framework/seeding): existierende Email → return
-// ohne Event.
+// bei Duplikaten. Idempotent add-only über die `email`-Spalte: ein
+// existierender User → return ohne Event. Kein update-Pfad — Profilfelder
+// ändern läuft über den regulären Handler.
 //
 // Warum nicht direkt `db.insert(userTable)`: das würde den Event-Store
 // umgehen, also kein `user.created`-Event und keine MSP-Konsumenten
@@ -46,10 +46,13 @@ export type SeedUserOptions = {
 /**
  * Seed a user. Returns the userId (existing oder neu angelegt).
- * Idempotent über die `email`-Spalte: wenn ein User mit dieser Email
- * existiert, kommt seine ID zurück ohne neuen Insert.
+ * Idempotent add-only über die `email`-Spalte: wenn ein User mit dieser
+ * Email existiert, kommt seine ID zurück ohne neuen Insert.
  */
-export async function seedUser(db: DbConnection, options: SeedUserOptions): Promise<string> {
+export async function seedUser(
+  db: DbConnection,
+  options: SeedUserOptions,
+): Promise<{ id: string }> {
   const by = options.by ?? TestUsers.systemAdmin;
   // executor.create erwartet eine TenantDb (mit .insert()-API). User
   // ist zwar tenant-agnostic (kein tenant_id-Spalte), aber das runtime-
@@ -57,7 +60,9 @@ export async function seedUser(db: DbConnection, options: SeedUserOptions): Prom
   const tdb = createTenantDb(db, by.tenantId, "system");
   const existing = await fetchOne(db, userTable, { email: options.email });
-  if (existing) return existing["id"] as string; // @cast-boundary db-row
+  // @cast-boundary db-row: users.id ist uuid-Spalte (string), fetchOne
+  // liefert die Projection-Row als Record<string, unknown>.
+  if (existing) return { id: existing["id"] as string };
   const result = await userExecutor.create(
     {
@@ -76,7 +81,7 @@ export async function seedUser(db: DbConnection, options: SeedUserOptions): Prom
       `seedUser failed: ${result.error.code} — ${JSON.stringify(result.error.details ?? {})}`,
     );
   }
-  return extractId(result.data, "seedUser");
+  return { id: extractId(result.data, "seedUser") };
 }
 // Extrahiert die `id`-Spalte aus dem executor.create-Result. Der

package/src/user-data-rights/__tests__/cross-data-matrix.integration.test.ts CHANGED Viewed

@@ -25,6 +25,7 @@ import {
   setupTestStack,
   type TestStack,
   unsafeCreateEntityTable,
+  unsafePushTables,
 } from "@cosmicdrift/kumiko-framework/stack";
 import { resetTestTables } from "@cosmicdrift/kumiko-framework/testing";
 import { getTemporal } from "@cosmicdrift/kumiko-framework/time";
@@ -145,21 +146,9 @@ beforeAll(async () => {
       UNIQUE(user_id, tenant_id)
     )
   `);
-  await asRawClient(stack.db).unsafe(`
-    CREATE TABLE IF NOT EXISTS file_refs (
-      id UUID PRIMARY KEY,
-      tenant_id UUID NOT NULL,
-      storage_key TEXT NOT NULL,
-      file_name TEXT NOT NULL,
-      mime_type TEXT NOT NULL,
-      size INTEGER NOT NULL,
-      entity_type TEXT,
-      entity_id TEXT,
-      field_name TEXT,
-      inserted_at TIMESTAMPTZ DEFAULT now() NOT NULL,
-      inserted_by_id TEXT
-    )
-  `);
+  // fileRef ist buildEntityTable-getrieben (softDelete) — echte Entity-Tabelle
+  // pushen statt hand-CREATE, damit is_deleted/deleted_at/deleted_by_id da sind.
+  await unsafePushTables(stack.db, { fileRefsTable });
   await asRawClient(stack.db).unsafe(`
     CREATE TABLE IF NOT EXISTS test_notes (
       id UUID PRIMARY KEY,