@donotdev/functions 0.0.9 → 0.0.10

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@donotdev/functions",
-  "version": "0.0.9",
+  "version": "0.0.10",
   "private": false,
   "description": "Backend functions for DoNotDev Framework - Firebase, Vercel, and platform-agnostic implementations for auth, billing, CRUD, and OAuth",
   "main": "./lib/firebase/index.js",
@@ -42,8 +42,8 @@
     "serve": "firebase emulators:start --only functions"
   },
   "dependencies": {
-    "@donotdev/core": "^0.0.19",
-    "@donotdev/firebase": "^0.0.8"
+    "@donotdev/core": "^0.0.23",
+    "@donotdev/firebase": "^0.0.10"
   },
   "peerDependencies": {
     "@sentry/node": "^10.38.0",

package/src/firebase/config/constants.ts

@@ -30,15 +30,12 @@ export const FUNCTION_CONFIG = {
   cors: true, // Enable CORS by default for all functions (required for web apps)
 } as const;
 
-import { stripeSecretKey, stripeWebhookSecret } from './secrets.js';
-
 /** Stripe/billing functions */
 export const STRIPE_CONFIG = {
   ...BASE_CONFIG,
   memory: '512MiB' as const,
   timeoutSeconds: 30,
   cors: true,
-  secrets: [stripeSecretKey, stripeWebhookSecret],
 };
 
 /** Auth functions */

package/src/firebase/crud/get.ts

@@ -16,7 +16,7 @@ import {
   hasRoleAccess,
   HIDDEN_STATUSES,
 } from '@donotdev/core/server';
-import type { UserRole } from '@donotdev/core/server';
+import type { EntityOwnershipConfig, UserRole } from '@donotdev/core/server';
 import { getFirebaseAdminFirestore } from '@donotdev/firebase/server';
 
 import { transformFirestoreData } from '../../shared/index.js';
@@ -37,14 +37,15 @@ export type GetEntityRequest = { id: string };
  */
 function getEntityLogicFactory(
   collection: string,
-  documentSchema: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
+  documentSchema: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>,
+  ownership?: EntityOwnershipConfig
 ) {
   return async function getEntityLogic(
     data: GetEntityRequest,
     context: { uid: string; userRole: UserRole; request: CallableRequest<any> }
   ) {
     const { id } = data;
-    const { userRole } = context;
+    const { userRole, uid } = context;
 
     // Get the document reference
     const db = getFirebaseAdminFirestore();
@@ -69,11 +70,16 @@ function getEntityLogicFactory(
       throw new DoNotDevError('Entity not found', 'not-found');
     }
 
-    // Filter fields based on visibility and user role
+    const rawData = docData || {};
+    const visibilityOptions =
+      ownership && uid ? { documentData: rawData, uid, ownership } : undefined;
+
+    // Filter fields based on visibility and user role (and ownership for visibility: 'owner')
     const filteredData = filterVisibleFields(
-      docData || {},
+      rawData,
       documentSchema,
-      userRole
+      userRole,
+      visibilityOptions
     );
 
     // Transform the document data back to the application format
@@ -90,13 +96,15 @@ function getEntityLogicFactory(
  * @param documentSchema - The Valibot schema for document validation
  * @param requiredRole - Minimum role required for this operation
  * @param customSchema - Optional custom request schema
+ * @param ownership - Optional ownership config for visibility: 'owner' field masking
  * @returns Firebase callable function
  */
 export const getEntity = (
   collection: string,
   documentSchema: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>,
   requiredRole: UserRole,
-  customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
+  customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>,
+  ownership?: EntityOwnershipConfig
 ): CallableFunction<GetEntityRequest, Promise<any>> => {
   const requestSchema =
     customSchema ||
@@ -108,7 +116,7 @@ export const getEntity = (
     CRUD_READ_CONFIG,
     requestSchema,
     'get_entity',
-    getEntityLogicFactory(collection, documentSchema),
+    getEntityLogicFactory(collection, documentSchema, ownership),
     requiredRole
   );
 };

package/src/firebase/crud/list.ts

@@ -16,7 +16,11 @@ import {
   hasRoleAccess,
   HIDDEN_STATUSES,
 } from '@donotdev/core/server';
-import type { UserRole } from '@donotdev/core/server';
+import type {
+  EntityOwnershipConfig,
+  EntityOwnershipPublicCondition,
+  UserRole,
+} from '@donotdev/core/server';
 import { getFirebaseAdminFirestore, Query } from '@donotdev/firebase/server';
 
 import { transformFirestoreData } from '../../shared/index.js';
@@ -40,6 +44,20 @@ export interface ListEntityRequest {
   };
 }
 
+/**
+ * Apply public-condition where clauses to a query (for listCard when ownership is set).
+ */
+function applyPublicCondition(
+  query: Query,
+  publicCondition: EntityOwnershipPublicCondition[]
+): Query {
+  let q = query;
+  for (const c of publicCondition) {
+    q = q.where(c.field, c.op as any, c.value);
+  }
+  return q;
+}
+
 /**
  * Generic business logic for listing entities
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -47,7 +65,9 @@ export interface ListEntityRequest {
 function listEntitiesLogicFactory(
   collection: string,
   documentSchema: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>,
-  listFields?: string[]
+  listFields?: string[],
+  ownership?: EntityOwnershipConfig,
+  isListCard?: boolean
 ) {
   return async function listEntitiesLogic(
     data: ListEntityRequest,
@@ -58,7 +78,8 @@ function listEntitiesLogicFactory(
     }
   ) {
     const { where = [], orderBy = [], limit, startAfterId, search } = data;
-    const { userRole } = context;
+    // Extract uid and userRole once (reused for all document masking)
+    const { userRole, uid } = context;
 
     const isAdmin = hasRoleAccess(userRole, 'admin'); // Uses role hierarchy
 
@@ -71,6 +92,26 @@ function listEntitiesLogicFactory(
       query = query.where('status', 'not-in', [...HIDDEN_STATUSES]);
     }
 
+    // Ownership: when set and not admin, listCard = public condition, list = mine filter
+    if (ownership && !isAdmin) {
+      if (
+        isListCard &&
+        ownership.publicCondition &&
+        ownership.publicCondition.length > 0
+      ) {
+        query = applyPublicCondition(query, ownership.publicCondition);
+      } else if (!isListCard && ownership.ownerFields.length > 0) {
+        // "Mine" filter: Firestore does not support OR across different fields in one query.
+        // Use first owner field only for single query; recommend ownerIds array-contains for multiple.
+        const firstOwnerField = ownership.ownerFields[0];
+        query = query.where(firstOwnerField, '==', uid);
+        if (ownership.ownerFields.length > 1) {
+          // Optional: run second query and merge (complex pagination). For now, single field only.
+          // Document ownerIds pattern for multiple stakeholders.
+        }
+      }
+    }
+
     // Apply search if provided
     if (search) {
       const { field, query: searchQuery } = search;
@@ -158,13 +199,18 @@ function listEntitiesLogicFactory(
       return value;
     };
 
-    // Filter document fields based on visibility and user role
+    const visibilityOptions = ownership && uid ? { uid, ownership } : undefined;
+
+    // Filter document fields based on visibility and user role (uid/userRole from context, once)
     const docs = snapshot.docs.map((doc: any) => {
       const rawData = doc.data() || {};
       const visibleData = filterVisibleFields(
         rawData,
         documentSchema,
-        userRole
+        userRole,
+        visibilityOptions
+          ? { ...visibilityOptions, documentData: rawData }
+          : undefined
       );
 
       // If listFields specified, filter to only those fields (plus id always)
@@ -206,6 +252,8 @@ function listEntitiesLogicFactory(
  * @param requiredRole - Minimum role required for this operation
  * @param customSchema - Optional custom request schema
  * @param listFields - Optional array of field names to include (plus id). If not provided, all visible fields are returned.
+ * @param ownership - Optional ownership config for list constraints and visibility: 'owner' masking
+ * @param isListCard - When true and ownership is set, applies public condition; when false, applies "mine" filter
  * @returns Firebase callable function
  */
 export const listEntities = (
@@ -213,7 +261,9 @@ export const listEntities = (
   documentSchema: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>,
   requiredRole: UserRole,
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>,
-  listFields?: string[]
+  listFields?: string[],
+  ownership?: EntityOwnershipConfig,
+  isListCard?: boolean
 ): CallableFunction<ListEntityRequest, Promise<any>> => {
   const requestSchema =
     customSchema ||
@@ -236,7 +286,13 @@ export const listEntities = (
     CRUD_READ_CONFIG,
     requestSchema,
     'list_entities',
-    listEntitiesLogicFactory(collection, documentSchema, listFields),
+    listEntitiesLogicFactory(
+      collection,
+      documentSchema,
+      listFields,
+      ownership,
+      isListCard
+    ),
     requiredRole
   );
 };

package/src/firebase/registerCrudFunctions.ts

@@ -67,14 +67,23 @@ export function createCrudFunctions(
       schemas.create,
       access.create
     );
-    functions[`${prefix}get_${col}`] = getEntity(col, schemas.get, access.read);
+    functions[`${prefix}get_${col}`] = getEntity(
+      col,
+      schemas.get,
+      access.read,
+      undefined,
+      entity.ownership
+    );
     // Use schemas.get for visibility filtering, entity.listFields for field selection
+    // When ownership is set: list = "mine" filter, listCard = public condition
     functions[`${prefix}list_${col}`] = listEntities(
       col,
       schemas.get,
       access.read,
       undefined,
-      entity.listFields
+      entity.listFields,
+      entity.ownership,
+      false
     );
     // Always create listCard - uses same schemas.get, field selection via listCardFields ?? listFields ?? undefined
     functions[`${prefix}listCard_${col}`] = listEntities(
@@ -82,7 +91,9 @@ export function createCrudFunctions(
       schemas.get,
       access.read,
       undefined,
-      entity.listCardFields ?? entity.listFields ?? undefined
+      entity.listCardFields ?? entity.listFields ?? undefined,
+      entity.ownership,
+      true
     );
     functions[`${prefix}update_${col}`] = updateEntity(
       col,

package/src/shared/schema.ts

@@ -12,7 +12,7 @@
 import * as v from 'valibot';
 
 /** Visibility levels matching @donotdev/core */
-type Visibility = 'guest' | 'user' | 'admin' | 'technical' | 'hidden';
+type Visibility = 'guest' | 'user' | 'admin' | 'technical' | 'hidden' | 'owner';
 
 // Define a type for the custom visibility property we might add to Valibot schemas
 interface ValibotSchemaWithVisibility extends v.BaseSchema<
@@ -52,6 +52,7 @@ function getFieldVisibility(field: any): Visibility | undefined {
  * - 'admin': Visible only to admins
  * - 'technical': Visible to admins only (shown as read-only in edit forms)
  * - 'hidden': Never visible (passwords, tokens, API keys - only in DB)
+ * - 'owner': Visible only when uid matches one of entity.ownership.ownerFields (requires document context; here treated as not visible for aggregate)
  * - undefined: Defaults to 'user' behavior (visible to authenticated users)
  *
  * @param key - The name (key) of the field.
@@ -90,6 +91,11 @@ export function isFieldVisible(
     return isAdmin;
   }
 
+  // Owner: requires per-document check (documentData, uid, ownership); not available in aggregate context
+  if (visibility === 'owner') {
+    return false;
+  }
+
   // User fields (or undefined/default) are visible to authenticated users
   if (visibility === 'user' || visibility === undefined) {
     return isAuthenticated;