@forgebase/database 0.0.1

package/dist/esm/utils/permission-initializer.js

@@ -0,0 +1,137 @@
+import * as fs from 'fs';
+import * as path from 'path';
+export async function initializePermissions(db, permissionService, dbInspector, excludedTables, defaultPermissions, reportPath, onComplete) {
+    // Start the initialization process in the background
+    setTimeout(async () => {
+        const report = {
+            startTime: new Date(),
+            endTime: new Date(),
+            totalTables: 0,
+            tablesWithPermissions: 0,
+            tablesInitialized: 0,
+            tablesExcluded: 0,
+            initializedTables: [],
+            existingPermissionTables: [],
+            excludedTables: [],
+            errors: [],
+        };
+        try {
+            // Get all tables
+            const allTables = await dbInspector.getTables();
+            // Filter out excluded tables
+            const tablesToProcess = allTables.filter((table) => !excludedTables.includes(table));
+            report.totalTables = allTables.length;
+            report.tablesExcluded = allTables.length - tablesToProcess.length;
+            report.excludedTables = excludedTables;
+            // Process each table
+            for (const table of tablesToProcess) {
+                try {
+                    // Check if the table already has permissions
+                    const existingPermissions = await permissionService.getPermissionsForTable(table);
+                    if (existingPermissions &&
+                        Object.keys(existingPermissions).length > 0) {
+                        // Table already has permissions
+                        report.tablesWithPermissions++;
+                        report.existingPermissionTables.push(table);
+                    }
+                    else {
+                        // Table doesn't have permissions, set default permissions
+                        await permissionService.setPermissionsForTable(table, defaultPermissions);
+                        report.tablesInitialized++;
+                        report.initializedTables.push(table);
+                    }
+                }
+                catch (error) {
+                    // Log the error and continue with the next table
+                    const errorMessage = error instanceof Error ? error.message : String(error);
+                    report.errors.push({ table, error: errorMessage });
+                    console.error(`Error initializing permissions for table ${table}:`, error);
+                }
+            }
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            report.errors.push({ table: 'global', error: errorMessage });
+            console.error('Error during permission initialization:', error);
+        }
+        finally {
+            // Update the end time
+            report.endTime = new Date();
+            // Generate the report file if a path is provided
+            if (reportPath) {
+                generateReportFile(report, reportPath);
+            }
+            // Call the callback if provided
+            if (onComplete) {
+                onComplete(report);
+            }
+            console.log('Permission initialization completed');
+        }
+    }, 0);
+}
+/**
+ * Generates a report file with the initialization results
+ * @param report The initialization report
+ * @param reportPath Path where to save the report
+ */
+function generateReportFile(report, reportPath) {
+    try {
+        // Ensure the directory exists
+        const dir = path.dirname(reportPath);
+        if (!fs.existsSync(dir)) {
+            fs.mkdirSync(dir, { recursive: true });
+        }
+        // Format the report as a readable string
+        const formattedReport = formatReportAsMarkdown(report);
+        // Write the report to the file
+        fs.writeFileSync(reportPath, formattedReport);
+        console.log(`Permission initialization report saved to ${reportPath}`);
+    }
+    catch (error) {
+        console.error('Error generating report file:', error);
+    }
+}
+/**
+ * Formats the report as a markdown string
+ * @param report The initialization report
+ * @returns Formatted report as markdown
+ */
+function formatReportAsMarkdown(report) {
+    const duration = (report.endTime.getTime() - report.startTime.getTime()) / 1000;
+    return `# ForgeBase Permission Initialization Report
+
+## Summary
+- **Start Time**: ${report.startTime.toISOString()}
+- **End Time**: ${report.endTime.toISOString()}
+- **Duration**: ${duration.toFixed(2)} seconds
+- **Total Tables**: ${report.totalTables}
+- **Tables with Existing Permissions**: ${report.tablesWithPermissions}
+- **Tables Initialized**: ${report.tablesInitialized}
+- **Tables Excluded**: ${report.tablesExcluded}
+
+## Details
+
+### Tables Initialized (${report.initializedTables.length})
+${report.initializedTables.length > 0
+        ? report.initializedTables.map((table) => `- \`${table}\``).join('\n')
+        : '- None'}
+
+### Tables with Existing Permissions (${report.existingPermissionTables.length})
+${report.existingPermissionTables.length > 0
+        ? report.existingPermissionTables
+            .map((table) => `- \`${table}\``)
+            .join('\n')
+        : '- None'}
+
+### Excluded Tables (${report.excludedTables.length})
+${report.excludedTables.length > 0
+        ? report.excludedTables.map((table) => `- \`${table}\``).join('\n')
+        : '- None'}
+
+### Errors (${report.errors.length})
+${report.errors.length > 0
+        ? report.errors.map((err) => `- \`${err.table}\`: ${err.error}`).join('\n')
+        : '- None'}
+`;
+}
+//# sourceMappingURL=permission-initializer.js.map

package/dist/esm/utils/permission-initializer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permission-initializer.js","sourceRoot":"","sources":["../../../src/utils/permission-initializer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAmB7B,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,EAAe,EACf,iBAAoC,EACpC,WAAwB,EACxB,cAAwB,EACxB,kBAAoC,EACpC,UAAmB,EACnB,UAA6D;IAE7D,qDAAqD;IACrD,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,MAAM,MAAM,GAAmC;YAC7C,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,OAAO,EAAE,IAAI,IAAI,EAAE;YACnB,WAAW,EAAE,CAAC;YACd,qBAAqB,EAAE,CAAC;YACxB,iBAAiB,EAAE,CAAC;YACpB,cAAc,EAAE,CAAC;YACjB,iBAAiB,EAAE,EAAE;YACrB,wBAAwB,EAAE,EAAE;YAC5B,cAAc,EAAE,EAAE;YAClB,MAAM,EAAE,EAAE;SACX,CAAC;QAEF,IAAI,CAAC;YACH,iBAAiB;YACjB,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,SAAS,EAAE,CAAC;YAEhD,6BAA6B;YAC7B,MAAM,eAAe,GAAG,SAAS,CAAC,MAAM,CACtC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAC3C,CAAC;YAEF,MAAM,CAAC,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC;YACtC,MAAM,CAAC,cAAc,GAAG,SAAS,CAAC,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC;YAClE,MAAM,CAAC,cAAc,GAAG,cAAc,CAAC;YAEvC,qBAAqB;YACrB,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;gBACpC,IAAI,CAAC;oBACH,6CAA6C;oBAC7C,MAAM,mBAAmB,GACvB,MAAM,iBAAiB,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;oBAExD,IACE,mBAAmB;wBACnB,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,MAAM,GAAG,CAAC,EAC3C,CAAC;wBACD,gCAAgC;wBAChC,MAAM,CAAC,qBAAqB,EAAE,CAAC;wBAC/B,MAAM,CAAC,wBAAwB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBAC9C,CAAC;yBAAM,CAAC;wBACN,0DAA0D;wBAC1D,MAAM,iBAAiB,CAAC,sBAAsB,CAC5C,KAAK,EACL,kBAAkB,CACnB,CAAC;wBACF,MAAM,CAAC,iBAAiB,EAAE,CAAC;wBAC3B,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBACvC,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,iDAAiD;oBACjD,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBACzD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;oBACnD,OAAO,CAAC,KAAK,CACX,4CAA4C,KAAK,GAAG,EACpD,KAAK,CACN,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACzD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;YAC7D,OAAO,CAAC,KAAK,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;QAClE,CAAC;gBAAS,CAAC;YACT,sBAAsB;YACtB,MAAM,CAAC,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC;YAE5B,iDAAiD;YACjD,IAAI,UAAU,EAAE,CAAC;gBACf,kBAAkB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACzC,CAAC;YAED,gCAAgC;YAChC,IAAI,UAAU,EAAE,CAAC;gBACf,UAAU,CAAC,MAAM,CAAC,CAAC;YACrB,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QACrD,CAAC;IACH,CAAC,EAAE,CAAC,CAAC,CAAC;AACR,CAAC;AAED;;;;GAIG;AACH,SAAS,kBAAkB,CACzB,MAAsC,EACtC,UAAkB;IAElB,IAAI,CAAC;QACH,8BAA8B;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACrC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzC,CAAC;QAED,yCAAyC;QACzC,MAAM,eAAe,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;QAEvD,+BAA+B;QAC/B,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;QAE9C,OAAO,CAAC,GAAG,CAAC,6CAA6C,UAAU,EAAE,CAAC,CAAC;IACzE,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,KAAK,CAAC,CAAC;IACxD,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,sBAAsB,CAC7B,MAAsC;IAEtC,MAAM,QAAQ,GACZ,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC;IAEjE,OAAO;;;oBAGW,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE;kBAChC,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE;kBAC5B,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;sBACf,MAAM,CAAC,WAAW;0CACE,MAAM,CAAC,qBAAqB;4BAC1C,MAAM,CAAC,iBAAiB;yBAC3B,MAAM,CAAC,cAAc;;;;0BAIpB,MAAM,CAAC,iBAAiB,CAAC,MAAM;EAEvD,MAAM,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC;QACjC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QACtE,CAAC,CAAC,QACN;;wCAEwC,MAAM,CAAC,wBAAwB,CAAC,MAAM;EAE5E,MAAM,CAAC,wBAAwB,CAAC,MAAM,GAAG,CAAC;QACxC,CAAC,CAAC,MAAM,CAAC,wBAAwB;aAC5B,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC;aAChC,IAAI,CAAC,IAAI,CAAC;QACf,CAAC,CAAC,QACN;;uBAEuB,MAAM,CAAC,cAAc,CAAC,MAAM;EAEjD,MAAM,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC;QAC9B,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QACnE,CAAC,CAAC,QACN;;cAEc,MAAM,CAAC,MAAM,CAAC,MAAM;EAEhC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC;QACtB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,GAAG,CAAC,KAAK,OAAO,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC3E,CAAC,CAAC,QACN;CACC,CAAC;AACF,CAAC"}

package/dist/esm/websocket/RealtimeAdapter.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Interface for realtime adapters that can be used for database table broadcasts
+ */
+export interface RealtimeAdapter {
+    /**
+     * Initialize the adapter
+     */
+    initialize(): void;
+    /**
+     * Broadcast a message to all clients subscribed to a table
+     * @param tableName The name of the table
+     * @param event The event type (create, update, delete)
+     * @param data The data to broadcast
+     */
+    broadcast(tableName: string, event: string, data: any): Promise<void>;
+    /**
+     * Get the port the adapter is listening on
+     */
+    getPort(): number;
+    handleRequest?(request: Request): Promise<Response>;
+}
+//# sourceMappingURL=RealtimeAdapter.d.ts.map

package/dist/esm/websocket/RealtimeAdapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RealtimeAdapter.d.ts","sourceRoot":"","sources":["../../../src/websocket/RealtimeAdapter.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,UAAU,IAAI,IAAI,CAAC;IAEnB;;;;;OAKG;IACH,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtE;;OAEG;IACH,OAAO,IAAI,MAAM,CAAC;IAElB,aAAa,CAAC,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACrD"}

package/dist/esm/websocket/RealtimeAdapter.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=RealtimeAdapter.js.map

package/dist/esm/websocket/RealtimeAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RealtimeAdapter.js","sourceRoot":"","sources":["../../../src/websocket/RealtimeAdapter.ts"],"names":[],"mappings":""}

package/dist/esm/websocket/SSEManager.d.ts

@@ -0,0 +1,40 @@
+import { PermissionService } from '../permissionService';
+import { RealtimeAdapter } from './RealtimeAdapter';
+export declare class SSEManager implements RealtimeAdapter {
+    private port;
+    private permissionService;
+    private sseAdapter;
+    constructor(port: number, permissionService: PermissionService);
+    /**
+     * Initialize the SSE server
+     */
+    initialize(): Promise<void>;
+    private setupSSEServer;
+    private canSubscribe;
+    /**
+     * Broadcast a message to all clients subscribed to a table
+     * @param tableName The name of the table
+     * @param event The event type (create, update, delete)
+     * @param data The data to broadcast
+     */
+    broadcast(tableName: string, event: string, data: Record<string, unknown> | Record<string, unknown>[]): Promise<void>;
+    /**
+     * Get the port the SSE server is listening on
+     * @returns The port number
+     */
+    getPort(): number;
+    /**
+     * Get the SSE adapter instance
+     * This can be used to integrate with an HTTP server
+     * @returns The SSE adapter instance
+     */
+    getSSEAdapter(): Promise<any>;
+    /**
+     * Handle an incoming HTTP request
+     * This method can be used to integrate with any HTTP server framework
+     * @param request The HTTP request object (must be compatible with the Fetch API Request)
+     * @returns A Response object
+     */
+    handleRequest(request: Request): Promise<Response>;
+}
+//# sourceMappingURL=SSEManager.d.ts.map

package/dist/esm/websocket/SSEManager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SSEManager.d.ts","sourceRoot":"","sources":["../../../src/websocket/SSEManager.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AA0BpD,qBAAa,UAAW,YAAW,eAAe;IAI9C,OAAO,CAAC,IAAI;IACZ,OAAO,CAAC,iBAAiB;IAJ3B,OAAO,CAAC,UAAU,CAAkB;gBAG1B,IAAI,EAAE,MAAM,EACZ,iBAAiB,EAAE,iBAAiB;IAS9C;;OAEG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;YAI1B,cAAc;YA6Jd,YAAY;IAmB1B;;;;;OAKG;IACU,SAAS,CACpB,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GACxD,OAAO,CAAC,IAAI,CAAC;IAiChB;;;OAGG;IACI,OAAO,IAAI,MAAM;IAIxB;;;;OAIG;IACU,aAAa;IAW1B;;;;;OAKG;IACU,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC;CAoBhE"}

package/dist/esm/websocket/SSEManager.js

@@ -0,0 +1,231 @@
+import { evaluatePermission } from '../rlsManager';
+export class SSEManager {
+    constructor(port, permissionService) {
+        this.port = port;
+        this.permissionService = permissionService;
+        // Call initialize but don't await it here
+        // This allows the constructor to return synchronously
+        this.initialize().catch((error) => {
+            console.error('Failed to initialize SSE adapter:', error);
+        });
+    }
+    /**
+     * Initialize the SSE server
+     */
+    async initialize() {
+        await this.setupSSEServer();
+    }
+    async setupSSEServer() {
+        // Dynamically import the SSE adapter
+        const { default: sseAdapter } = await import('crossws/adapters/sse');
+        this.sseAdapter = sseAdapter({
+            bidir: true, // Enable bidirectional messaging support
+            hooks: {
+                upgrade: (request) => {
+                    // Extract user context from request headers
+                    let userContext;
+                    try {
+                        const userContextHeader = request.headers.get('userContext');
+                        // console.log('sse request context', request.context);
+                        // console.log('sse request header', request.headers);
+                        if (userContextHeader) {
+                            console.log('userContextHeader', userContextHeader);
+                            userContext = JSON.parse(userContextHeader);
+                        }
+                        if (!userContext) {
+                            // return new Response('Authentication required', { status: 401 });
+                            userContext = {
+                                userId: '1',
+                                role: 'user',
+                                labels: [],
+                                teams: [],
+                                permissions: [],
+                            };
+                        }
+                    }
+                    catch (error) {
+                        console.error('Error parsing user context:', error);
+                        return new Response('Invalid user context', { status: 400 });
+                    }
+                    request.context.userContext = userContext;
+                    // In case of bidirectional mode, extra auth is recommended based on request
+                    // return {
+                    //   headers: {},
+                    // };
+                },
+                open: (peer) => {
+                    // Send welcome message
+                    peer.send(JSON.stringify({
+                        type: 'welcome',
+                        message: `Welcome ${peer.id}`,
+                    }));
+                },
+                message: async (peer, message) => {
+                    try {
+                        // Handle both string and ReadableStream message types
+                        let messageData;
+                        console.log('message', typeof message);
+                        console.log('message event', message.event);
+                        console.log('message peer', message.peer);
+                        console.log('message data', message.data);
+                        console.log('message text', message.text());
+                        // console.log('message json', message.json());
+                        console.log('message blob', message.blob);
+                        console.log('message array', message.uint8Array().toString());
+                        console.log('message array buffer', message.arrayBuffer());
+                        if (message instanceof ReadableStream) {
+                            const reader = message.getReader();
+                            const { value } = await reader.read();
+                            messageData = new TextDecoder().decode(value);
+                        }
+                        else {
+                            messageData = message.toString();
+                        }
+                        console.log('Received message:', messageData);
+                        const msg = JSON.parse(messageData);
+                        if (msg.type === 'subscribe' && msg.tableName) {
+                            // Get user context from peer data
+                            const userContext = peer.context.userContext;
+                            if (!userContext) {
+                                peer.send(JSON.stringify({
+                                    type: 'error',
+                                    message: 'Authentication required',
+                                }));
+                                return;
+                            }
+                            // Check table permissions
+                            const permissions = await this.permissionService.getPermissionsForTable(msg.tableName);
+                            if (!permissions) {
+                                peer.send(JSON.stringify({
+                                    type: 'error',
+                                    message: 'Table not found',
+                                }));
+                                return;
+                            }
+                            // Check if user can subscribe
+                            const canSubscribe = await this.canSubscribe(userContext, permissions);
+                            if (!canSubscribe) {
+                                peer.send(JSON.stringify({
+                                    type: 'error',
+                                    message: 'Permission denied',
+                                }));
+                                return;
+                            }
+                            // Subscribe the peer to the table channel
+                            peer.subscribe(`table:${msg.tableName}`);
+                            peer.send(JSON.stringify({
+                                type: 'subscribed',
+                                tableName: msg.tableName,
+                            }));
+                        }
+                        else if (msg.type === 'unsubscribe' && msg.tableName) {
+                            // Unsubscribe from the table channel
+                            peer.unsubscribe(`table:${msg.tableName}`);
+                            peer.send(JSON.stringify({
+                                type: 'unsubscribed',
+                                tableName: msg.tableName,
+                            }));
+                        }
+                    }
+                    catch (error) {
+                        console.error('Error handling message:', error);
+                        peer.send(JSON.stringify({
+                            type: 'error',
+                            message: 'Invalid message format',
+                        }));
+                    }
+                },
+                close: (peer) => {
+                    // No need to manually clean up subscriptions
+                    // crossws handles this automatically
+                    console.log(`Client ${peer.id} disconnected`);
+                },
+            },
+        });
+    }
+    async canSubscribe(userContext, permissions) {
+        if (!permissions.operations.SELECT)
+            return false;
+        // Create a copy of the rules without fieldCheck
+        const selectRules = permissions.operations.SELECT;
+        const rulesWithoutFieldCheck = selectRules.map((rule) => {
+            // Using destructuring to remove fieldCheck from the rule
+            // eslint-disable-next-line @typescript-eslint/no-unused-vars
+            const { fieldCheck, ...ruleWithoutFieldCheck } = rule;
+            return ruleWithoutFieldCheck;
+        });
+        // Check if the user has the required permissions to subscribe
+        return evaluatePermission(rulesWithoutFieldCheck, userContext);
+    }
+    /**
+     * Broadcast a message to all clients subscribed to a table
+     * @param tableName The name of the table
+     * @param event The event type (create, update, delete)
+     * @param data The data to broadcast
+     */
+    async broadcast(tableName, event, data) {
+        // Check if the SSE adapter is initialized
+        if (!this.sseAdapter) {
+            console.warn('SSE adapter not initialized yet. Waiting for initialization...');
+            await this.initialize();
+        }
+        // Get permissions for the table
+        const permissions = await this.permissionService.getPermissionsForTable(tableName);
+        if (!permissions || !permissions.operations.SELECT)
+            return;
+        // Prepare the data to broadcast
+        const dataArray = Array.isArray(data) ? data : [data];
+        // Publish to the table channel
+        // Note: In a real implementation, we would filter data based on user permissions
+        // But since we're using pub/sub, all subscribers will receive the same message
+        // FIXME: Assess the permissions for each row
+        const message = JSON.stringify({
+            event,
+            tableName,
+            data: dataArray,
+        });
+        // Use the SSE adapter to publish to all subscribers of this table
+        this.sseAdapter.publish(`table:${tableName}`, message);
+    }
+    /**
+     * Get the port the SSE server is listening on
+     * @returns The port number
+     */
+    getPort() {
+        return this.port;
+    }
+    /**
+     * Get the SSE adapter instance
+     * This can be used to integrate with an HTTP server
+     * @returns The SSE adapter instance
+     */
+    async getSSEAdapter() {
+        // Check if the SSE adapter is initialized
+        if (!this.sseAdapter) {
+            console.warn('SSE adapter not initialized yet. Waiting for initialization...');
+            await this.initialize();
+        }
+        return this.sseAdapter;
+    }
+    /**
+     * Handle an incoming HTTP request
+     * This method can be used to integrate with any HTTP server framework
+     * @param request The HTTP request object (must be compatible with the Fetch API Request)
+     * @returns A Response object
+     */
+    async handleRequest(request) {
+        // Check if the SSE adapter is initialized
+        if (!this.sseAdapter) {
+            console.warn('SSE adapter not initialized yet. Waiting for initialization...');
+            await this.initialize();
+        }
+        // Check if this is an SSE request
+        if (request.headers.get('accept') === 'text/event-stream' ||
+            request.headers.has('x-crossws-id')) {
+            return this.sseAdapter.fetch(request);
+        }
+        // Return 404 for non-SSE requests
+        return new Response('Not found', { status: 404 });
+    }
+}
+//# sourceMappingURL=SSEManager.js.map

package/dist/esm/websocket/SSEManager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SSEManager.js","sourceRoot":"","sources":["../../../src/websocket/SSEManager.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AA4BnD,MAAM,OAAO,UAAU;IAGrB,YACU,IAAY,EACZ,iBAAoC;QADpC,SAAI,GAAJ,IAAI,CAAQ;QACZ,sBAAiB,GAAjB,iBAAiB,CAAmB;QAE5C,0CAA0C;QAC1C,sDAAsD;QACtD,IAAI,CAAC,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YAChC,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;QAC5D,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,UAAU;QACrB,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;IAC9B,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,qCAAqC;QACrC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,CAAC;QAErE,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;YAC3B,KAAK,EAAE,IAAI,EAAE,yCAAyC;YACtD,KAAK,EAAE;gBACL,OAAO,EAAE,CAAC,OAAO,EAAE,EAAE;oBACnB,4CAA4C;oBAC5C,IAAI,WAAoC,CAAC;oBACzC,IAAI,CAAC;wBACH,MAAM,iBAAiB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;wBAC7D,uDAAuD;wBACvD,sDAAsD;wBACtD,IAAI,iBAAiB,EAAE,CAAC;4BACtB,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,iBAAiB,CAAC,CAAC;4BACpD,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;wBAC9C,CAAC;wBAED,IAAI,CAAC,WAAW,EAAE,CAAC;4BACjB,mEAAmE;4BACnE,WAAW,GAAG;gCACZ,MAAM,EAAE,GAAG;gCACX,IAAI,EAAE,MAAM;gCACZ,MAAM,EAAE,EAAE;gCACV,KAAK,EAAE,EAAE;gCACT,WAAW,EAAE,EAAE;6BAChB,CAAC;wBACJ,CAAC;oBACH,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,OAAO,CAAC,KAAK,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;wBACpD,OAAO,IAAI,QAAQ,CAAC,sBAAsB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;oBAC/D,CAAC;oBACD,OAAO,CAAC,OAAO,CAAC,WAAW,GAAG,WAAW,CAAC;oBAC1C,4EAA4E;oBAC5E,WAAW;oBACX,iBAAiB;oBACjB,KAAK;gBACP,CAAC;gBACD,IAAI,EAAE,CAAC,IAAI,EAAE,EAAE;oBACb,uBAAuB;oBACvB,IAAI,CAAC,IAAI,CACP,IAAI,CAAC,SAAS,CAAC;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,WAAW,IAAI,CAAC,EAAE,EAAE;qBAC9B,CAAC,CACH,CAAC;gBACJ,CAAC;gBACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE;oBAC/B,IAAI,CAAC;wBACH,sDAAsD;wBACtD,IAAI,WAAmB,CAAC;wBACxB,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,OAAO,CAAC,CAAC;wBACvC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;wBAC5C,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBAC1C,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBAC1C,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;wBAC5C,+CAA+C;wBAC/C,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC;wBAC9D,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;wBAC3D,IAAI,OAAO,YAAY,cAAc,EAAE,CAAC;4BACtC,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;4BACnC,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;4BACtC,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;wBAChD,CAAC;6BAAM,CAAC;4BACN,WAAW,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC;wBACnC,CAAC;wBACD,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,WAAW,CAAC,CAAC;wBAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAkB,CAAC;wBAErD,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;4BAC9C,kCAAkC;4BAClC,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,WAEpB,CAAC;4BAEd,IAAI,CAAC,WAAW,EAAE,CAAC;gCACjB,IAAI,CAAC,IAAI,CACP,IAAI,CAAC,SAAS,CAAC;oCACb,IAAI,EAAE,OAAO;oCACb,OAAO,EAAE,yBAAyB;iCACnC,CAAC,CACH,CAAC;gCACF,OAAO;4BACT,CAAC;4BAED,0BAA0B;4BAC1B,MAAM,WAAW,GACf,MAAM,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,CACjD,GAAG,CAAC,SAAS,CACd,CAAC;4BAEJ,IAAI,CAAC,WAAW,EAAE,CAAC;gCACjB,IAAI,CAAC,IAAI,CACP,IAAI,CAAC,SAAS,CAAC;oCACb,IAAI,EAAE,OAAO;oCACb,OAAO,EAAE,iBAAiB;iCAC3B,CAAC,CACH,CAAC;gCACF,OAAO;4BACT,CAAC;4BAED,8BAA8B;4BAC9B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAC1C,WAAW,EACX,WAAW,CACZ,CAAC;4BACF,IAAI,CAAC,YAAY,EAAE,CAAC;gCAClB,IAAI,CAAC,IAAI,CACP,IAAI,CAAC,SAAS,CAAC;oCACb,IAAI,EAAE,OAAO;oCACb,OAAO,EAAE,mBAAmB;iCAC7B,CAAC,CACH,CAAC;gCACF,OAAO;4BACT,CAAC;4BAED,0CAA0C;4BAC1C,IAAI,CAAC,SAAS,CAAC,SAAS,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC;4BAEzC,IAAI,CAAC,IAAI,CACP,IAAI,CAAC,SAAS,CAAC;gCACb,IAAI,EAAE,YAAY;gCAClB,SAAS,EAAE,GAAG,CAAC,SAAS;6BACzB,CAAC,CACH,CAAC;wBACJ,CAAC;6BAAM,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;4BACvD,qCAAqC;4BACrC,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC;4BAE3C,IAAI,CAAC,IAAI,CACP,IAAI,CAAC,SAAS,CAAC;gCACb,IAAI,EAAE,cAAc;gCACpB,SAAS,EAAE,GAAG,CAAC,SAAS;6BACzB,CAAC,CACH,CAAC;wBACJ,CAAC;oBACH,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;wBAChD,IAAI,CAAC,IAAI,CACP,IAAI,CAAC,SAAS,CAAC;4BACb,IAAI,EAAE,OAAO;4BACb,OAAO,EAAE,wBAAwB;yBAClC,CAAC,CACH,CAAC;oBACJ,CAAC;gBACH,CAAC;gBACD,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE;oBACd,6CAA6C;oBAC7C,qCAAqC;oBACrC,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,CAAC,EAAE,eAAe,CAAC,CAAC;gBAChD,CAAC;aACF;SACF,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,YAAY,CACxB,WAAwB,EACxB,WAA6B;QAE7B,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAEjD,gDAAgD;QAChD,MAAM,WAAW,GAAG,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC;QAClD,MAAM,sBAAsB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACtD,yDAAyD;YACzD,6DAA6D;YAC7D,MAAM,EAAE,UAAU,EAAE,GAAG,qBAAqB,EAAE,GAAG,IAAI,CAAC;YACtD,OAAO,qBAAqB,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,8DAA8D;QAC9D,OAAO,kBAAkB,CAAC,sBAAsB,EAAE,WAAW,CAAC,CAAC;IACjE,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,SAAS,CACpB,SAAiB,EACjB,KAAa,EACb,IAAyD;QAEzD,0CAA0C;QAC1C,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,CAAC,IAAI,CACV,gEAAgE,CACjE,CAAC;YACF,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAC1B,CAAC;QAED,gCAAgC;QAChC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,CACrE,SAAS,CACV,CAAC;QAEF,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM;YAAE,OAAO;QAE3D,gCAAgC;QAChC,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAEtD,+BAA+B;QAC/B,iFAAiF;QACjF,+EAA+E;QAC/E,6CAA6C;QAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;YAC7B,KAAK;YACL,SAAS;YACT,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QAEH,kEAAkE;QAClE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,SAAS,EAAE,EAAE,OAAO,CAAC,CAAC;IACzD,CAAC;IAED;;;OAGG;IACI,OAAO;QACZ,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,aAAa;QACxB,0CAA0C;QAC1C,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,CAAC,IAAI,CACV,gEAAgE,CACjE,CAAC;YACF,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAC1B,CAAC;QACD,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,aAAa,CAAC,OAAgB;QACzC,0CAA0C;QAC1C,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,CAAC,IAAI,CACV,gEAAgE,CACjE,CAAC;YACF,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAC1B,CAAC;QAED,kCAAkC;QAClC,IACE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,mBAAmB;YACrD,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EACnC,CAAC;YACD,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACxC,CAAC;QAED,kCAAkC;QAClC,OAAO,IAAI,QAAQ,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;IACpD,CAAC;CACF"}

package/dist/esm/websocket/WebSocketManager.d.ts

@@ -0,0 +1,28 @@
+import { PermissionService } from '../permissionService';
+import { RealtimeAdapter } from './RealtimeAdapter';
+export declare class WebSocketManager implements RealtimeAdapter {
+    private port;
+    private permissionService;
+    private app;
+    private clients;
+    private tableSubscriptions;
+    constructor(port: number, permissionService: PermissionService);
+    /**
+     * Initialize the WebSocket server
+     */
+    initialize(): void;
+    private setupWebSocketServer;
+    private handleSubscribe;
+    private handleUnsubscribe;
+    private removeClient;
+    private canSubscribe;
+    private processBatch;
+    broadcast(tableName: string, event: string, data: any): Promise<void>;
+    private sendError;
+    /**
+     * Get the port the WebSocket server is listening on
+     * @returns The port number
+     */
+    getPort(): number;
+}
+//# sourceMappingURL=WebSocketManager.d.ts.map

package/dist/esm/websocket/WebSocketManager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"WebSocketManager.d.ts","sourceRoot":"","sources":["../../../src/websocket/WebSocketManager.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAQpD,qBAAa,gBAAiB,YAAW,eAAe;IAMpD,OAAO,CAAC,IAAI;IACZ,OAAO,CAAC,iBAAiB;IAN3B,OAAO,CAAC,GAAG,CAAe;IAC1B,OAAO,CAAC,OAAO,CAAwC;IACvD,OAAO,CAAC,kBAAkB,CAAuC;gBAGvD,IAAI,EAAE,MAAM,EACZ,iBAAiB,EAAE,iBAAiB;IAM9C;;OAEG;IACI,UAAU,IAAI,IAAI;IAIzB,OAAO,CAAC,oBAAoB;YAyDd,eAAe;IAuB7B,OAAO,CAAC,iBAAiB;IAKzB,OAAO,CAAC,YAAY;YAON,YAAY;YAoBZ,YAAY;IAsCb,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG;IA2BlE,OAAO,CAAC,SAAS;IAIjB;;;OAGG;IACI,OAAO,IAAI,MAAM;CAGzB"}

package/dist/esm/websocket/WebSocketManager.js

@@ -0,0 +1,152 @@
+import { App, SHARED_COMPRESSOR, } from 'uWebSockets.js';
+import { evaluatePermission } from '../rlsManager';
+export class WebSocketManager {
+    constructor(port, permissionService) {
+        this.port = port;
+        this.permissionService = permissionService;
+        this.clients = new Map();
+        this.tableSubscriptions = new Map();
+        this.app = App();
+        this.initialize();
+    }
+    /**
+     * Initialize the WebSocket server
+     */
+    initialize() {
+        this.setupWebSocketServer();
+    }
+    setupWebSocketServer() {
+        this.app.ws('/*', {
+            compression: SHARED_COMPRESSOR,
+            maxPayloadLength: 16 * 1024 * 1024,
+            idleTimeout: 10,
+            upgrade: (res, req, context) => {
+                res.upgrade({
+                    userContext: JSON.parse(req.getHeader('user-context')),
+                }, 
+                /* Spell these correctly */
+                req.getHeader('sec-websocket-key'), req.getHeader('sec-websocket-protocol'), req.getHeader('sec-websocket-extensions'), context);
+            },
+            open: (ws) => {
+                const socketClient = ws;
+                socketClient.id = Math.random().toString(36).substr(2, 9);
+                socketClient.subscribedTables = new Set();
+                socketClient.userContext = ws.userContext;
+                this.clients.set(socketClient.id, socketClient);
+            },
+            message: async (ws, message) => {
+                const socketClient = ws;
+                const msg = JSON.parse(Buffer.from(message).toString());
+                switch (msg.type) {
+                    case 'subscribe':
+                        await this.handleSubscribe(socketClient, msg.tableName);
+                        break;
+                    case 'unsubscribe':
+                        this.handleUnsubscribe(socketClient, msg.tableName);
+                        break;
+                    default:
+                        this.sendError(socketClient, 'Invalid message type');
+                        break;
+                }
+            },
+            close: (ws) => {
+                const socketClient = ws;
+                this.removeClient(socketClient);
+            },
+            drain: (ws) => {
+                const socketClient = ws;
+                this.removeClient(socketClient);
+            },
+        });
+        this.app.listen(this.port, () => {
+            console.log(`WebSocket server listening on port ${this.port}`);
+        });
+    }
+    async handleSubscribe(client, tableName) {
+        if (!client.userContext) {
+            this.sendError(client, 'Authentication required');
+            return;
+        }
+        // Check table permissions
+        const permissions = await this.permissionService.getPermissionsForTable(tableName);
+        if (!this.canSubscribe(client.userContext, permissions)) {
+            this.sendError(client, 'Permission denied');
+            return;
+        }
+        client.subscribedTables.add(tableName);
+        if (!this.tableSubscriptions.has(tableName)) {
+            this.tableSubscriptions.set(tableName, new Set());
+        }
+        this.tableSubscriptions.get(tableName).add(client.id);
+    }
+    handleUnsubscribe(client, tableName) {
+        client.subscribedTables.delete(tableName);
+        this.tableSubscriptions.get(tableName)?.delete(client.id);
+    }
+    removeClient(client) {
+        client.subscribedTables.forEach((tableName) => {
+            this.tableSubscriptions.get(tableName)?.delete(client.id);
+        });
+        this.clients.delete(client.id);
+    }
+    async canSubscribe(userContext, permissions) {
+        if (!permissions)
+            return false;
+        const selectRules = permissions.operations.SELECT;
+        if (!selectRules)
+            return false;
+        // Create a copy of the rules without fieldCheck
+        const rulesWithoutFieldCheck = selectRules.map((rule) => {
+            const { fieldCheck, ...ruleWithoutFieldCheck } = rule;
+            return ruleWithoutFieldCheck;
+        });
+        // Check if the user has the required permissions to subscribe
+        return evaluatePermission(rulesWithoutFieldCheck, userContext);
+    }
+    async processBatch(clients, tableName, event, data, permissions) {
+        const BATCH_SIZE = 100; // Adjust based on your needs
+        for (let i = 0; i < clients.length; i += BATCH_SIZE) {
+            const batchClients = clients.slice(i, i + BATCH_SIZE);
+            await Promise.all(batchClients.map(async (client) => {
+                if (!client.userContext || !permissions.operations.SELECT)
+                    return;
+                // Filter data based on user permissions
+                const filteredData = data.filter((item) => evaluatePermission(permissions.operations.SELECT, client.userContext, item));
+                if (filteredData.length > 0) {
+                    client.send(JSON.stringify({
+                        event,
+                        tableName,
+                        data: filteredData,
+                    }));
+                }
+            }));
+        }
+    }
+    async broadcast(tableName, event, data) {
+        const subscribers = this.tableSubscriptions.get(tableName);
+        if (!subscribers)
+            return;
+        const permissions = await this.permissionService.getPermissionsForTable(tableName);
+        if (!permissions || !permissions.operations.SELECT)
+            return;
+        // Get all active clients for this table
+        const activeClients = Array.from(subscribers)
+            .map((clientId) => this.clients.get(clientId))
+            .filter((client) => client !== undefined);
+        // Handle single record vs array of records
+        const dataArray = Array.isArray(data) ? data : [data];
+        // Process in batches
+        await this.processBatch(activeClients, tableName, event, dataArray, permissions);
+    }
+    sendError(client, message) {
+        client.send(JSON.stringify({ type: 'error', message }));
+    }
+    /**
+     * Get the port the WebSocket server is listening on
+     * @returns The port number
+     */
+    getPort() {
+        return this.port;
+    }
+}
+//# sourceMappingURL=WebSocketManager.js.map