@expo/entity 0.18.0 → 0.22.0

package/src/__tests__/EntityPrivacyPolicy-test.ts

@@ -1,4 +1,4 @@
-import { mock, instance, spy, verify, anyOfClass } from 'ts-mockito';
+import { mock, instance, spy, verify, anyOfClass, anything, objectContaining } from 'ts-mockito';
 
 import Entity from '../Entity';
 import { EntityCompanionDefinition } from '../EntityCompanionProvider';
@@ -6,11 +6,15 @@ import EntityConfiguration from '../EntityConfiguration';
 import { UUIDField } from '../EntityFields';
 import EntityPrivacyPolicy, {
   EntityPrivacyPolicyEvaluator,
+  EntityAuthorizationAction,
   EntityPrivacyPolicyEvaluationMode,
 } from '../EntityPrivacyPolicy';
 import { EntityQueryContext } from '../EntityQueryContext';
 import ViewerContext from '../ViewerContext';
 import EntityNotAuthorizedError from '../errors/EntityNotAuthorizedError';
+import IEntityMetricsAdapter, {
+  EntityMetricsAuthorizationResult,
+} from '../metrics/IEntityMetricsAdapter';
 import AlwaysAllowPrivacyPolicyRule from '../rules/AlwaysAllowPrivacyPolicyRule';
 import AlwaysDenyPrivacyPolicyRule from '../rules/AlwaysDenyPrivacyPolicyRule';
 import AlwaysSkipPrivacyPolicyRule from '../rules/AlwaysSkipPrivacyPolicyRule';
@@ -237,143 +241,276 @@ const blahEntityCompanionDefinition = new EntityCompanionDefinition({
 });
 
 describe(EntityPrivacyPolicy, () => {
-  it('throws EntityNotAuthorizedError when deny', async () => {
-    const viewerContext = instance(mock(ViewerContext));
-    const queryContext = instance(mock(EntityQueryContext));
-    const entity = new BlahEntity(viewerContext, { id: '1' });
-    const policy = new AlwaysDenyPolicy();
-    await expect(
-      policy.authorizeCreateAsync(viewerContext, queryContext, entity)
-    ).rejects.toBeInstanceOf(EntityNotAuthorizedError);
-  });
+  describe(EntityPrivacyPolicyEvaluationMode.ENFORCE.toString(), () => {
+    it('throws EntityNotAuthorizedError when deny', async () => {
+      const viewerContext = instance(mock(ViewerContext));
+      const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
+      const entity = new BlahEntity(viewerContext, { id: '1' });
+      const policy = new AlwaysDenyPolicy();
+      await expect(
+        policy.authorizeCreateAsync(viewerContext, queryContext, entity, metricsAdapter)
+      ).rejects.toBeInstanceOf(EntityNotAuthorizedError);
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.DENY,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.ENFORCE,
+          })
+        )
+      ).once();
+    });
 
-  it('returns entity when allowed', async () => {
-    const viewerContext = instance(mock(ViewerContext));
-    const queryContext = instance(mock(EntityQueryContext));
-    const entity = new BlahEntity(viewerContext, { id: '1' });
-    const policy = new AlwaysAllowPolicy();
-    const approvedEntity = await policy.authorizeCreateAsync(viewerContext, queryContext, entity);
-    expect(approvedEntity).toEqual(entity);
-  });
+    it('returns entity when allowed', async () => {
+      const viewerContext = instance(mock(ViewerContext));
+      const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
+      const entity = new BlahEntity(viewerContext, { id: '1' });
+      const policy = new AlwaysAllowPolicy();
+      const approvedEntity = await policy.authorizeCreateAsync(
+        viewerContext,
+        queryContext,
+        entity,
+        metricsAdapter
+      );
+      expect(approvedEntity).toEqual(entity);
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.ALLOW,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.ENFORCE,
+          })
+        )
+      ).once();
+    });
 
-  it('throws EntityNotAuthorizedError when all skipped', async () => {
-    const viewerContext = instance(mock(ViewerContext));
-    const queryContext = instance(mock(EntityQueryContext));
-    const entity = new BlahEntity(viewerContext, { id: '1' });
-    const policy = new SkipAllPolicy();
-    await expect(
-      policy.authorizeCreateAsync(viewerContext, queryContext, entity)
-    ).rejects.toBeInstanceOf(EntityNotAuthorizedError);
-  });
+    it('throws EntityNotAuthorizedError when all skipped', async () => {
+      const viewerContext = instance(mock(ViewerContext));
+      const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
+      const entity = new BlahEntity(viewerContext, { id: '1' });
+      const policy = new SkipAllPolicy();
+      await expect(
+        policy.authorizeCreateAsync(viewerContext, queryContext, entity, metricsAdapter)
+      ).rejects.toBeInstanceOf(EntityNotAuthorizedError);
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.DENY,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.ENFORCE,
+          })
+        )
+      ).once();
+    });
 
-  it('throws EntityNotAuthorizedError when empty policy', async () => {
-    const viewerContext = instance(mock(ViewerContext));
-    const queryContext = instance(mock(EntityQueryContext));
-    const entity = new BlahEntity(viewerContext, { id: '1' });
-    const policy = new EmptyPolicy();
-    await expect(
-      policy.authorizeCreateAsync(viewerContext, queryContext, entity)
-    ).rejects.toBeInstanceOf(EntityNotAuthorizedError);
-  });
+    it('throws EntityNotAuthorizedError when empty policy', async () => {
+      const viewerContext = instance(mock(ViewerContext));
+      const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
+      const entity = new BlahEntity(viewerContext, { id: '1' });
+      const policy = new EmptyPolicy();
+      await expect(
+        policy.authorizeCreateAsync(viewerContext, queryContext, entity, metricsAdapter)
+      ).rejects.toBeInstanceOf(EntityNotAuthorizedError);
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.DENY,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.ENFORCE,
+          })
+        )
+      ).once();
+    });
 
-  it('throws when rule throws', async () => {
-    const viewerContext = instance(mock(ViewerContext));
-    const queryContext = instance(mock(EntityQueryContext));
-    const entity = new BlahEntity(viewerContext, { id: '1' });
-    const policy = new ThrowAllPolicy();
-    await expect(
-      policy.authorizeCreateAsync(viewerContext, queryContext, entity)
-    ).rejects.toThrowError('WooHoo!');
+    it('throws when rule throws', async () => {
+      const viewerContext = instance(mock(ViewerContext));
+      const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
+      const entity = new BlahEntity(viewerContext, { id: '1' });
+      const policy = new ThrowAllPolicy();
+      await expect(
+        policy.authorizeCreateAsync(viewerContext, queryContext, entity, metricsAdapter)
+      ).rejects.toThrowError('WooHoo!');
+      verify(metricsAdapterMock.logAuthorizationEvent(anything())).never();
+    });
   });
 
-  describe('dry run', () => {
+  describe(EntityPrivacyPolicyEvaluationMode.DRY_RUN.toString(), () => {
     it('returns entity when denied but calls denialHandler', async () => {
       const viewerContext = instance(mock(ViewerContext));
       const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
       const entity = new BlahEntity(viewerContext, { id: '1' });
       const policy = new DryRunAlwaysDenyPolicy();
 
       const policySpy = spy(policy);
 
-      const approvedEntity = await policy.authorizeCreateAsync(viewerContext, queryContext, entity);
+      const approvedEntity = await policy.authorizeCreateAsync(
+        viewerContext,
+        queryContext,
+        entity,
+        metricsAdapter
+      );
       expect(approvedEntity).toEqual(entity);
 
       verify(policySpy.denyHandler(anyOfClass(EntityNotAuthorizedError))).once();
+
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.DENY,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.DRY_RUN,
+          })
+        )
+      ).once();
     });
 
     it('does not log when not denied', async () => {
       const viewerContext = instance(mock(ViewerContext));
       const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
       const entity = new BlahEntity(viewerContext, { id: '1' });
       const policy = new DryRunAlwaysAllowPolicy();
 
       const policySpy = spy(policy);
 
-      const approvedEntity = await policy.authorizeCreateAsync(viewerContext, queryContext, entity);
+      const approvedEntity = await policy.authorizeCreateAsync(
+        viewerContext,
+        queryContext,
+        entity,
+        metricsAdapter
+      );
       expect(approvedEntity).toEqual(entity);
 
       verify(policySpy.denyHandler(anyOfClass(EntityNotAuthorizedError))).never();
+
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.ALLOW,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.DRY_RUN,
+          })
+        )
+      ).once();
     });
 
     it('passes through other errors', async () => {
       const viewerContext = instance(mock(ViewerContext));
       const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
       const entity = new BlahEntity(viewerContext, { id: '1' });
       const policy = new DryRunThrowAllPolicy();
 
       const policySpy = spy(policy);
 
       await expect(
-        policy.authorizeCreateAsync(viewerContext, queryContext, entity)
+        policy.authorizeCreateAsync(viewerContext, queryContext, entity, metricsAdapter)
       ).rejects.toThrowError('WooHoo!');
 
       verify(policySpy.denyHandler(anyOfClass(EntityNotAuthorizedError))).never();
+
+      verify(metricsAdapterMock.logAuthorizationEvent(anything())).never();
     });
   });
 
-  describe('logging enforce', () => {
+  describe(EntityPrivacyPolicyEvaluationMode.ENFORCE_AND_LOG.toString(), () => {
     it('denies when denied but calls denialHandler', async () => {
       const viewerContext = instance(mock(ViewerContext));
       const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
       const entity = new BlahEntity(viewerContext, { id: '1' });
       const policy = new LoggingEnforceAlwaysDenyPolicy();
 
       const policySpy = spy(policy);
 
       await expect(
-        policy.authorizeCreateAsync(viewerContext, queryContext, entity)
+        policy.authorizeCreateAsync(viewerContext, queryContext, entity, metricsAdapter)
       ).rejects.toBeInstanceOf(EntityNotAuthorizedError);
 
       verify(policySpy.denyHandler(anyOfClass(EntityNotAuthorizedError))).once();
+
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.DENY,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.ENFORCE_AND_LOG,
+          })
+        )
+      ).once();
     });
 
     it('does not log when not denied', async () => {
       const viewerContext = instance(mock(ViewerContext));
       const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
       const entity = new BlahEntity(viewerContext, { id: '1' });
       const policy = new LoggingEnforceAlwaysAllowPolicy();
 
       const policySpy = spy(policy);
 
-      const approvedEntity = await policy.authorizeCreateAsync(viewerContext, queryContext, entity);
+      const approvedEntity = await policy.authorizeCreateAsync(
+        viewerContext,
+        queryContext,
+        entity,
+        metricsAdapter
+      );
       expect(approvedEntity).toEqual(entity);
 
       verify(policySpy.denyHandler(anyOfClass(EntityNotAuthorizedError))).never();
+
+      verify(
+        metricsAdapterMock.logAuthorizationEvent(
+          objectContaining({
+            entityClassName: entity.constructor.name,
+            action: EntityAuthorizationAction.CREATE,
+            evaluationResult: EntityMetricsAuthorizationResult.ALLOW,
+            privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode.ENFORCE_AND_LOG,
+          })
+        )
+      ).once();
     });
 
     it('passes through other errors', async () => {
       const viewerContext = instance(mock(ViewerContext));
       const queryContext = instance(mock(EntityQueryContext));
+      const metricsAdapterMock = mock<IEntityMetricsAdapter>();
+      const metricsAdapter = instance(metricsAdapterMock);
       const entity = new BlahEntity(viewerContext, { id: '1' });
       const policy = new LoggingEnforceThrowAllPolicy();
 
       const policySpy = spy(policy);
 
       await expect(
-        policy.authorizeCreateAsync(viewerContext, queryContext, entity)
+        policy.authorizeCreateAsync(viewerContext, queryContext, entity, metricsAdapter)
       ).rejects.toThrowError('WooHoo!');
 
       verify(policySpy.denyHandler(anyOfClass(EntityNotAuthorizedError))).never();
+
+      verify(metricsAdapterMock.logAuthorizationEvent(anything())).never();
     });
   });
 });

package/src/__tests__/EntityQueryContext-test.ts

@@ -0,0 +1,82 @@
+import invariant from 'invariant';
+
+import { EntityQueryContext } from '../EntityQueryContext';
+import ViewerContext from '../ViewerContext';
+import { createUnitTestEntityCompanionProvider } from '../utils/testing/createUnitTestEntityCompanionProvider';
+
+describe(EntityQueryContext, () => {
+  describe('callbacks', () => {
+    it('calls all callbacks, and calls invalidation first', async () => {
+      const companionProvider = createUnitTestEntityCompanionProvider();
+      const viewerContext = new ViewerContext(companionProvider);
+
+      const preCommitFirstCallback = jest.fn(async (): Promise<void> => {});
+      const preCommitSecondCallback = jest.fn(async (): Promise<void> => {});
+      const postCommitInvalidationCallback = jest.fn(async (): Promise<void> => {
+        invariant(
+          preCommitFirstCallback.mock.calls.length === 1,
+          'preCommit should be called before postCommitInvalidation'
+        );
+        invariant(
+          preCommitSecondCallback.mock.calls.length === 1,
+          'preCommit should be called before postCommitInvalidation'
+        );
+      });
+      const postCommitCallback = jest.fn(async (): Promise<void> => {
+        invariant(
+          preCommitFirstCallback.mock.calls.length === 1,
+          'preCommit should be called before postCommit'
+        );
+        invariant(
+          preCommitSecondCallback.mock.calls.length === 1,
+          'preCommit should be called before postCommit'
+        );
+        invariant(
+          postCommitInvalidationCallback.mock.calls.length === 1,
+          'postCommitInvalidation should be called before postCommit'
+        );
+      });
+
+      await viewerContext.runInTransactionForDatabaseAdaptorFlavorAsync(
+        'postgres',
+        async (queryContext) => {
+          queryContext.appendPostCommitCallback(postCommitCallback);
+          queryContext.appendPostCommitInvalidationCallback(postCommitInvalidationCallback);
+          queryContext.appendPreCommitCallback(preCommitSecondCallback, 2);
+          queryContext.appendPreCommitCallback(preCommitFirstCallback, 1);
+        }
+      );
+
+      expect(preCommitFirstCallback).toHaveBeenCalledTimes(1);
+      expect(preCommitSecondCallback).toHaveBeenCalledTimes(1);
+      expect(postCommitCallback).toHaveBeenCalledTimes(1);
+      expect(postCommitInvalidationCallback).toHaveBeenCalledTimes(1);
+    });
+
+    it('prevents transaction from finishing when precommit throws (post commit callbacks are not called)', async () => {
+      const companionProvider = createUnitTestEntityCompanionProvider();
+      const viewerContext = new ViewerContext(companionProvider);
+
+      const preCommitCallback = jest.fn(async (): Promise<void> => {
+        throw new Error('wat');
+      });
+      const postCommitInvalidationCallback = jest.fn(async (): Promise<void> => {});
+      const postCommitCallback = jest.fn(async (): Promise<void> => {});
+
+      await expect(
+        viewerContext.runInTransactionForDatabaseAdaptorFlavorAsync(
+          'postgres',
+          async (queryContext) => {
+            queryContext.appendPostCommitCallback(postCommitCallback);
+            queryContext.appendPostCommitInvalidationCallback(postCommitInvalidationCallback);
+            queryContext.appendPreCommitCallback(preCommitCallback, 0);
+          }
+        )
+      ).rejects.toThrowError('wat');
+
+      expect(preCommitCallback).toHaveBeenCalledTimes(1);
+      expect(postCommitCallback).toHaveBeenCalledTimes(0);
+      expect(postCommitInvalidationCallback).toHaveBeenCalledTimes(0);
+    });
+  });
+});

package/src/__tests__/EntitySecondaryCacheLoader-test.ts

@@ -78,6 +78,7 @@ describe(EntitySecondaryCacheLoader, () => {
         spiedPrivacyPolicy.authorizeReadAsync(
           vc1,
           anyOfClass(EntityNonTransactionalQueryContext),
+          anything(),
           anything()
         )
       ).once();

package/src/index.ts

@@ -33,6 +33,7 @@ export { default as EntitySecondaryCacheLoader } from './EntitySecondaryCacheLoa
 export * from './EntitySecondaryCacheLoader';
 export * from './EntityMutator';
 export { default as EntityMutationValidator } from './EntityMutationValidator';
+export * from './EntityMutationInfo';
 export * from './EntityMutationTriggerConfiguration';
 export { default as EntityMutationTriggerConfiguration } from './EntityMutationTriggerConfiguration';
 export { default as EntityMutatorFactory } from './EntityMutatorFactory';

package/src/metrics/IEntityMetricsAdapter.ts

@@ -1,3 +1,8 @@
+import {
+  EntityAuthorizationAction,
+  EntityPrivacyPolicyEvaluationMode,
+} from '../EntityPrivacyPolicy';
+
 export enum EntityMetricsLoadType {
   LOAD_MANY,
   LOAD_MANY_EQUALITY_CONJUNCTION,
@@ -28,11 +33,29 @@ export interface IncrementLoadCountEvent {
   entityClassName: string;
 }
 
+export enum EntityMetricsAuthorizationResult {
+  DENY,
+  ALLOW,
+}
+
+export interface EntityMetricsAuthorizationEvent {
+  entityClassName: string;
+  action: EntityAuthorizationAction;
+  evaluationResult: EntityMetricsAuthorizationResult;
+  privacyPolicyEvaluationMode: EntityPrivacyPolicyEvaluationMode;
+}
+
 /**
  * An interface for gathering metrics about the Entity framework. Information about
  * entity load and mutation operations is piped to an instance of this adapter.
  */
 export default interface IEntityMetricsAdapter {
+  /**
+   * Called when a {@link EntityPrivacyPolicy} authorization succeeds or fails.
+   * @param authorizationEvent - info about the authorization event
+   */
+  logAuthorizationEvent(authorizationEvent: EntityMetricsAuthorizationEvent): void;
+
   /**
    * Called when any load occurs.
    * @param loadEvent - info about the load event

package/src/metrics/NoOpEntityMetricsAdapter.ts

@@ -1,10 +1,12 @@
 import IEntityMetricsAdapter, {
+  EntityMetricsAuthorizationEvent,
   EntityMetricsLoadEvent,
   EntityMetricsMutationEvent,
   IncrementLoadCountEvent,
 } from './IEntityMetricsAdapter';
 
 export default class NoOpEntityMetricsAdapter implements IEntityMetricsAdapter {
+  logAuthorizationEvent(_authorizationEvent: EntityMetricsAuthorizationEvent): void {}
   logDataManagerLoadEvent(_loadEvent: EntityMetricsLoadEvent): void {}
   logMutatorMutationEvent(_mutationEvent: EntityMetricsMutationEvent): void {}
   incrementDataManagerDataloaderLoadCount(