@flowerforce/flowerbase 1.7.6-beta.7 → 1.7.6-beta.8

package/src/utils/__tests__/checkIsValidFieldNameFn.test.ts

@@ -68,23 +68,40 @@ describe('checkIsValidFieldNameFn', () => {
       read: true,
       fields: {
         avatar: { write: false },
-        name: { write: true }
-      }
+        name: { write: true },
+        tags: { write: false },
+        updatedAt: { write: true }
+      },
+      additional_fields: {}
     } as Role
     const context = {
       user: mockUser,
       role: mockedRole,
       params: {
         type: 'read',
-        cursor: { _id: mockId, avatar: 'avatar.png', name: 'Alice' }
+        cursor: {
+          _id: mockId,
+          userId: 'user-1',
+          email: 'alice@example.com',
+          workspaces: ['workspace-1'],
+          avatar: 'avatar.png',
+          name: 'Alice',
+          tags: ['owner'],
+          updatedAt: new Date('2026-03-17T10:00:00.000Z')
+        }
       }
     } as MachineContext
 
     const result = await checkIsValidFieldNameFn(context)
     expect(result).toEqual({
       _id: mockId,
+      userId: 'user-1',
+      email: 'alice@example.com',
+      workspaces: ['workspace-1'],
       avatar: 'avatar.png',
-      name: 'Alice'
+      name: 'Alice',
+      tags: ['owner'],
+      updatedAt: new Date('2026-03-17T10:00:00.000Z')
     })
   })
 

package/src/utils/__tests__/evaluateExpression.test.ts

@@ -0,0 +1,33 @@
+import { evaluateExpression } from '../roles/helpers'
+import { Params } from '../roles/interface'
+
+describe('evaluateExpression', () => {
+  it('supports insert-only write expressions that rely on %%prevRoot', async () => {
+    const expression = {
+      '%%prevRoot': {
+        '%exists': false
+      }
+    }
+
+    const insertParams = {
+      type: 'insert',
+      cursor: { title: 'new doc' },
+      expansions: {
+        '%%prevRoot': undefined
+      },
+      roles: []
+    } as Params
+
+    const readParams = {
+      type: 'read',
+      cursor: { _id: 'doc-1', title: 'existing doc' },
+      expansions: {
+        '%%prevRoot': { _id: 'doc-1', title: 'existing doc' }
+      },
+      roles: []
+    } as Params
+
+    await expect(evaluateExpression(insertParams, expression)).resolves.toBe(true)
+    await expect(evaluateExpression(readParams, expression)).resolves.toBe(false)
+  })
+})

package/src/utils/__tests__/rule.test.ts

@@ -85,4 +85,42 @@ describe('rule function', () => {
     expect(result.valid).toBe(true)
     expect(result.name).toBe('user.authId___%oidToString')
   })
+
+  it('does not treat scalar equality as array membership in compact rules', () => {
+    const data = {
+      doc: {
+        owners: ['user-1', 'user-2']
+      }
+    }
+
+    const result = rulesMatcherUtils.rule({ owners: 'user-1' }, data, {
+      prefix: 'doc'
+    })
+
+    expect(result.valid).toBe(false)
+    expect(result.name).toBe('doc.owners___$eq')
+  })
+
+  it('supports explicit array membership with $in rules', () => {
+    const data = {
+      doc: {
+        owners: ['user-1', 'user-2']
+      }
+    }
+
+    const result = rulesMatcherUtils.rule(
+      {
+        owners: {
+          $in: ['user-1']
+        }
+      },
+      data,
+      {
+        prefix: 'doc'
+      }
+    )
+
+    expect(result.valid).toBe(true)
+    expect(result.name).toBe('doc.owners___$in')
+  })
 })

package/src/utils/roles/helpers.ts

@@ -17,7 +17,9 @@ const normalizeUserRole = (user?: MachineContext['user']) => {
     typeof candidate.custom_data === 'object' && candidate.custom_data !== null
       ? (candidate.custom_data as Record<string, unknown>).role
       : undefined
-  return typeof customRole === 'string' ? ({ ...candidate, role: customRole } as MachineContext['user']) : user
+  return typeof customRole === 'string'
+    ? ({ ...candidate, role: customRole } as MachineContext['user'])
+    : user
 }
 
 export const evaluateExpression = async (
@@ -31,12 +33,15 @@ export const evaluateExpression = async (
   const value = {
     ...params.expansions,
     ...params.cursor,
+    '%%root': params.cursor,
+    '%%prevRoot': params.expansions?.['%%prevRoot'],
     '%%user': normalizedUser,
-    '%%true': true
+    '%%true': true,
+    '%%false': false
   }
   const conditions = expandQuery(expression, value)
-  const complexCondition = Object.entries(conditions as Record<string, any>).find(([key]) =>
-    functionsConditions.includes(key)
+  const complexCondition = Object.entries(conditions as Record<string, any>).find(
+    ([key]) => functionsConditions.includes(key)
   )
   return complexCondition
     ? await evaluateComplexExpression(complexCondition, params, normalizedUser)
@@ -75,7 +80,7 @@ const evaluateComplexExpression = async (
   const response = await GenerateContext({
     args: expandedArguments,
     app,
-    rules: StateManager.select("rules"),
+    rules: StateManager.select('rules'),
     user: normalizedUser,
     currentFunction,
     functionName: name,

package/src/utils/roles/machines/fieldPermissions.ts

@@ -78,6 +78,8 @@ export const filterDocumentByFieldPermissions = async (
         const readAllowed = await canReadField(context, permission)
         if (typeof readAllowed !== 'undefined') {
           allowed = readAllowed
+        } else if (!allowed && typeof permission.write !== 'undefined') {
+          allowed = await canWriteField(context, permission)
         }
       } else {
         allowed = await canWriteField(context, permission)

package/src/utils/rules-matcher/interface.ts

@@ -331,6 +331,7 @@ export type Operators = {
    * @returns
    */
   $regex: OperatorsFunction
+  '%exists': OperatorsFunction
   '%stringToOid': OperatorsFunction
   '%oidToString': OperatorsFunction
 }
@@ -352,6 +353,7 @@ export enum RulesOperators {
   $all = '$all',
   $size = '$size',
   $regex = '$regex',
+  '%exists' = '%exists',
   '%stringToOid' = '%stringToOid',
   '%oidToString' = '%oidToString'
 }

package/src/utils/rules-matcher/utils.ts

@@ -23,7 +23,10 @@ const toObjectIdHex = (value: unknown): string | null => {
   }
 
   const maybeObjectId = value as { _bsontype?: string; toHexString?: () => string }
-  if (maybeObjectId._bsontype === 'ObjectId' && typeof maybeObjectId.toHexString === 'function') {
+  if (
+    maybeObjectId._bsontype === 'ObjectId' &&
+    typeof maybeObjectId.toHexString === 'function'
+  ) {
     const hex = maybeObjectId.toHexString()
     return HEX_24_REGEXP.test(hex) ? hex.toLowerCase() : null
   }
@@ -49,12 +52,22 @@ const includesWithSemanticEquality = (value: unknown, candidate: unknown): boole
       rulesMatcherUtils
         .forceArray(value)
         .some((sourceItem) =>
-          rulesMatcherUtils.forceArray(item).some((candidateItem) =>
-            areSemanticallyEqual(sourceItem, candidateItem)
-          )
+          rulesMatcherUtils
+            .forceArray(item)
+            .some((candidateItem) => areSemanticallyEqual(sourceItem, candidateItem))
         )
     )
 
+const resolveRefPath = (data: unknown, refPath: string, prefix?: string): unknown => {
+  const exactMatch = _get(data, refPath, undefined)
+
+  if (exactMatch !== undefined) {
+    return exactMatch
+  }
+
+  return _get(data, rulesMatcherUtils.getPath(refPath, prefix), undefined)
+}
+
 /**
  * Defines a utility object named rulesMatcherUtils, which contains various helper functions used for processing rules and data in a rule-matching context.
  */
@@ -73,11 +86,7 @@ const rulesMatcherUtils: RulesMatcherUtils = {
     const { op, value, opt } = rulesMatcherUtils.getDefaultRule(valueBlock[path])
     const valueRef =
       value && String(value).indexOf('$ref:') === 0
-        ? _get(
-          data,
-          rulesMatcherUtils.getPath(value.replace('$ref:', ''), prefix),
-          undefined
-        )
+        ? resolveRefPath(data, value.replace('$ref:', ''), prefix)
         : value
 
     if (!operators[op]) {
@@ -107,7 +116,9 @@ const rulesMatcherUtils: RulesMatcherUtils = {
     const res = rulesMatcherUtils.getPath(path, prefix)
     const { value } = rulesMatcherUtils.getDefaultRule(valueBlock[path])
     if (value && String(value).indexOf('$ref:') === 0) {
-      keys[rulesMatcherUtils.getPath(value.replace('$ref:', ''), prefix)] = true
+      const refPath = value.replace('$ref:', '')
+      keys[refPath] = true
+      keys[rulesMatcherUtils.getPath(refPath, prefix)] = true
     }
 
     return (keys[res] = true)
@@ -279,6 +290,7 @@ const rulesMatcherUtils: RulesMatcherUtils = {
  */
 export const operators: Operators = {
   $exists: (a, b) => !rulesMatcherUtils.isEmpty(a) === b,
+  '%exists': (a, b) => !rulesMatcherUtils.isEmpty(a) === b,
 
   $eq: (a, b) => areSemanticallyEqual(a, b),
 
@@ -305,13 +317,17 @@ export const operators: Operators = {
   $nin: (a, b) => !includesWithSemanticEquality(a, b),
 
   $all: (a, b) =>
-    rulesMatcherUtils.forceArray(b).every((candidate) =>
-      rulesMatcherUtils
-        .forceArray(a)
-        .some((value) =>
-          rulesMatcherUtils.forceArray(candidate).some((item) => areSemanticallyEqual(value, item))
-        )
-    ),
+    rulesMatcherUtils
+      .forceArray(b)
+      .every((candidate) =>
+        rulesMatcherUtils
+          .forceArray(a)
+          .some((value) =>
+            rulesMatcherUtils
+              .forceArray(candidate)
+              .some((item) => areSemanticallyEqual(value, item))
+          )
+      ),
 
   $size: (a, b) => Array.isArray(a) && a.length === parseFloat(b),
 

package/src/utils/__tests__/readFileContent.test.ts

@@ -1,35 +0,0 @@
-import fs from 'fs'
-import { readFileContent, readJsonContent } from '..'
-
-jest.mock('fs')
-
-describe('File Reading Functions', () => {
-  const mockFilePath = '/mock/path/file.txt'
-  const mockJsonPath = '/mock/path/data.json'
-
-  beforeEach(() => {
-    jest.clearAllMocks()
-  })
-
-  it('should read file content correctly', () => {
-    const mockContent = 'Hello, world!'
-    ;(fs.readFileSync as jest.Mock).mockReturnValue(mockContent)
-    const result = readFileContent(mockFilePath)
-    expect(fs.readFileSync).toHaveBeenCalledWith(mockFilePath, 'utf-8')
-    expect(result).toBe(mockContent)
-  })
-
-  it('should read JSON content correctly', () => {
-    const mockJsonContent = '{"name": "Alice", "age": 30}'
-    ;(fs.readFileSync as jest.Mock).mockReturnValue(mockJsonContent)
-    const result = readJsonContent(mockJsonPath)
-    expect(fs.readFileSync).toHaveBeenCalledWith(mockJsonPath, 'utf-8')
-    expect(result).toEqual(JSON.parse(mockJsonContent))
-  })
-
-  it('should throw an error when JSON is invalid', () => {
-    const invalidJson = '{name: Alice, age: 30}'
-    ;(fs.readFileSync as jest.Mock).mockReturnValue(invalidJson)
-    expect(() => readJsonContent(mockJsonPath)).toThrow(SyntaxError)
-  })
-})