@friggframework/core 2.0.0-next.52 → 2.0.0-next.54

package/integrations/repositories/process-repository-documentdb.js

@@ -0,0 +1,141 @@
+const { prisma } = require('../../database/prisma');
+const {
+    toObjectId,
+    fromObjectId,
+    findMany,
+    findOne,
+    insertOne,
+    updateOne,
+    deleteOne,
+} = require('../../database/documentdb-utils');
+const { ProcessRepositoryInterface } = require('./process-repository-interface');
+
+class ProcessRepositoryDocumentDB extends ProcessRepositoryInterface {
+    constructor() {
+        super();
+        this.prisma = prisma;
+    }
+
+    async create(processData) {
+        const now = new Date();
+        const document = {
+            userId: toObjectId(processData.userId),
+            integrationId: toObjectId(processData.integrationId),
+            name: processData.name,
+            type: processData.type,
+            state: processData.state || 'INITIALIZING',
+            context: processData.context || {},
+            results: processData.results || {},
+            childProcesses: (processData.childProcesses || []).map((id) => toObjectId(id)).filter(Boolean),
+            parentProcessId: processData.parentProcessId ? toObjectId(processData.parentProcessId) : null,
+            createdAt: now,
+            updatedAt: now,
+        };
+        const insertedId = await insertOne(this.prisma, 'Process', document);
+        const created = await findOne(this.prisma, 'Process', { _id: insertedId });
+        return this._mapProcess(created);
+    }
+
+    async findById(processId) {
+        const objectId = toObjectId(processId);
+        if (!objectId) return null;
+        const doc = await findOne(this.prisma, 'Process', { _id: objectId });
+        return doc ? this._mapProcess(doc) : null;
+    }
+
+    async update(processId, updates) {
+        const objectId = toObjectId(processId);
+        if (!objectId) return null;
+        const updatePayload = {};
+        if (updates.state !== undefined) updatePayload.state = updates.state;
+        if (updates.context !== undefined) updatePayload.context = updates.context;
+        if (updates.results !== undefined) updatePayload.results = updates.results;
+        if (updates.childProcesses !== undefined) {
+            updatePayload.childProcesses = (updates.childProcesses || []).map((id) => toObjectId(id)).filter(Boolean);
+        }
+        if (updates.parentProcessId !== undefined) {
+            updatePayload.parentProcessId = updates.parentProcessId ? toObjectId(updates.parentProcessId) : null;
+        }
+        updatePayload.updatedAt = new Date();
+        await updateOne(
+            this.prisma,
+            'Process',
+            { _id: objectId },
+            { $set: updatePayload }
+        );
+        const updated = await findOne(this.prisma, 'Process', { _id: objectId });
+        return updated ? this._mapProcess(updated) : null;
+    }
+
+    async findByIntegrationAndType(integrationId, type) {
+        const integrationObjectId = toObjectId(integrationId);
+        const filter = {
+            integrationId: integrationObjectId,
+            type,
+        };
+        const docs = await findMany(this.prisma, 'Process', filter, {
+            sort: { createdAt: -1 },
+        });
+        return docs.map((doc) => this._mapProcess(doc));
+    }
+
+    async findActiveProcesses(integrationId, excludeStates = ['COMPLETED', 'ERROR']) {
+        const integrationObjectId = toObjectId(integrationId);
+        const pipeline = [
+            {
+                $match: {
+                    integrationId: integrationObjectId,
+                },
+            },
+            {
+                $match: {
+                    state: { $nin: excludeStates },
+                },
+            },
+            { $sort: { createdAt: -1 } },
+        ];
+        const docs = await this.prisma.$runCommandRaw({
+            aggregate: 'Process',
+            pipeline,
+            cursor: {},
+        }).then((res) => res?.cursor?.firstBatch || []);
+        return docs.map((doc) => this._mapProcess(doc));
+    }
+
+    async findByName(name) {
+        const doc = await findOne(
+            this.prisma,
+            'Process',
+            { name },
+            { sort: { createdAt: -1 } }
+        );
+        return doc ? this._mapProcess(doc) : null;
+    }
+
+    async deleteById(processId) {
+        const objectId = toObjectId(processId);
+        if (!objectId) return;
+        await deleteOne(this.prisma, 'Process', { _id: objectId });
+    }
+
+    _mapProcess(doc) {
+        return {
+            id: fromObjectId(doc?._id),
+            userId: fromObjectId(doc?.userId),
+            integrationId: fromObjectId(doc?.integrationId),
+            name: doc?.name ?? null,
+            type: doc?.type ?? null,
+            state: doc?.state ?? null,
+            context: doc?.context ?? {},
+            results: doc?.results ?? {},
+            childProcesses: (doc?.childProcesses || []).map((id) => fromObjectId(id)),
+            parentProcessId: doc?.parentProcessId ? fromObjectId(doc.parentProcessId) : null,
+            createdAt: doc?.createdAt ? new Date(doc.createdAt) : null,
+            updatedAt: doc?.updatedAt ? new Date(doc.updatedAt) : null,
+        };
+    }
+}
+
+module.exports = { ProcessRepositoryDocumentDB };
+
+

package/integrations/repositories/process-repository-factory.js

@@ -1,5 +1,8 @@
 const { ProcessRepositoryMongo } = require('./process-repository-mongo');
 const { ProcessRepositoryPostgres } = require('./process-repository-postgres');
+const {
+    ProcessRepositoryDocumentDB,
+} = require('./process-repository-documentdb');
 const config = require('../../database/config');
 
 /**
@@ -30,9 +33,12 @@ function createProcessRepository() {
         case 'postgresql':
             return new ProcessRepositoryPostgres();
 
+        case 'documentdb':
+            return new ProcessRepositoryDocumentDB();
+
         default:
             throw new Error(
-                `Unsupported database type: ${dbType}. Supported values: 'mongodb', 'postgresql'`
+                `Unsupported database type: ${dbType}. Supported values: 'mongodb', 'documentdb', 'postgresql'`
             );
     }
 }
@@ -42,5 +48,6 @@ module.exports = {
     // Export adapters for direct testing
     ProcessRepositoryMongo,
     ProcessRepositoryPostgres,
+    ProcessRepositoryDocumentDB,
 };
 

package/modules/repositories/module-repository-documentdb.js

@@ -0,0 +1,307 @@
+const { prisma } = require('../../database/prisma');
+const {
+    toObjectId,
+    fromObjectId,
+    findMany,
+    findOne,
+    insertOne,
+    updateOne,
+    deleteOne,
+} = require('../../database/documentdb-utils');
+const { ModuleRepositoryInterface } = require('./module-repository-interface');
+const { DocumentDBEncryptionService } = require('../../database/documentdb-encryption-service');
+
+/**
+ * Module/Entity repository for DocumentDB.
+ * Uses DocumentDBEncryptionService for credential decryption.
+ *
+ * Encrypted fields: Credential.data.*
+ *
+ * Note: This repository only reads credentials. CredentialRepository
+ * handles credential creation/updates with encryption.
+ *
+ * @see DocumentDBEncryptionService
+ * @see CredentialRepositoryDocumentDB
+ */
+class ModuleRepositoryDocumentDB extends ModuleRepositoryInterface {
+    constructor() {
+        super();
+        this.prisma = prisma;
+        this.encryptionService = new DocumentDBEncryptionService();
+    }
+
+    async findEntityById(entityId) {
+        const objectId = toObjectId(entityId);
+        if (!objectId) {
+            throw new Error(`Entity ${entityId} not found`);
+        }
+        const doc = await findOne(this.prisma, 'Entity', { _id: objectId });
+        if (!doc) {
+            throw new Error(`Entity ${entityId} not found`);
+        }
+        const credential = await this._fetchCredential(doc.credentialId);
+        return this._mapEntity(doc, credential);
+    }
+
+    async findEntitiesByUserId(userId) {
+        const objectId = toObjectId(userId);
+        if (!objectId) {
+            throw new Error(`Invalid userId: ${userId}`);
+        }
+        const filter = { userId: objectId };
+        const docs = await findMany(this.prisma, 'Entity', filter);
+        const credentialMap = await this._fetchCredentialsBulk(docs.map((doc) => doc.credentialId));
+        return docs.map((doc) => this._mapEntity(doc, credentialMap.get(fromObjectId(doc.credentialId)) || null));
+    }
+
+    async findEntitiesByIds(entitiesIds) {
+        const ids = (entitiesIds || []).map((id) => toObjectId(id)).filter(Boolean);
+        if (ids.length === 0) return [];
+        const docs = await findMany(this.prisma, 'Entity', { _id: { $in: ids } });
+        const credentialMap = await this._fetchCredentialsBulk(docs.map((doc) => doc.credentialId));
+        return docs.map((doc) => this._mapEntity(doc, credentialMap.get(fromObjectId(doc.credentialId)) || null));
+    }
+
+    async findEntitiesByUserIdAndModuleName(userId, moduleName) {
+        const objectId = toObjectId(userId);
+        if (!objectId) {
+            throw new Error(`Invalid userId: ${userId}`);
+        }
+        const filter = {
+            userId: objectId,
+            moduleName,
+        };
+        const docs = await findMany(this.prisma, 'Entity', filter);
+        const credentialMap = await this._fetchCredentialsBulk(docs.map((doc) => doc.credentialId));
+        return docs.map((doc) => this._mapEntity(doc, credentialMap.get(fromObjectId(doc.credentialId)) || null));
+    }
+
+    async unsetCredential(entityId) {
+        const objectId = toObjectId(entityId);
+        if (!objectId) return false;
+        await updateOne(
+            this.prisma,
+            'Entity',
+            { _id: objectId },
+            {
+                $set: {
+                    credentialId: null,
+                },
+            }
+        );
+        return true;
+    }
+
+    async findEntity(filter) {
+        const query = this._buildFilter(filter);
+        const doc = await findOne(this.prisma, 'Entity', query);
+        if (!doc) return null;
+        const credential = await this._fetchCredential(doc.credentialId);
+        return this._mapEntity(doc, credential);
+    }
+
+    async createEntity(entityData) {
+        const document = {
+            userId: toObjectId(entityData.user || entityData.userId),
+            credentialId: toObjectId(entityData.credential || entityData.credentialId) || null,
+            name: entityData.name ?? null,
+            moduleName: entityData.moduleName ?? null,
+            externalId: entityData.externalId ?? null,
+            accountId: entityData.accountId ?? null,
+        };
+        const insertedId = await insertOne(this.prisma, 'Entity', document);
+        const created = await findOne(this.prisma, 'Entity', { _id: insertedId });
+        const credential = await this._fetchCredential(created?.credentialId);
+        return this._mapEntity(created, credential);
+    }
+
+    async updateEntity(entityId, updates) {
+        const objectId = toObjectId(entityId);
+        if (!objectId) return null;
+        const updatePayload = {};
+        if (updates.user !== undefined || updates.userId !== undefined) {
+            const userVal = updates.user !== undefined ? updates.user : updates.userId;
+            updatePayload.userId = toObjectId(userVal) || null;
+        }
+        if (updates.credential !== undefined || updates.credentialId !== undefined) {
+            const credVal = updates.credential !== undefined ? updates.credential : updates.credentialId;
+            updatePayload.credentialId = toObjectId(credVal) || null;
+        }
+        if (updates.name !== undefined) updatePayload.name = updates.name;
+        if (updates.moduleName !== undefined) updatePayload.moduleName = updates.moduleName;
+        if (updates.externalId !== undefined) updatePayload.externalId = updates.externalId;
+        if (updates.accountId !== undefined) updatePayload.accountId = updates.accountId;
+        const result = await updateOne(
+            this.prisma,
+            'Entity',
+            { _id: objectId },
+            { $set: updatePayload }
+        );
+        const modified = result?.nModified ?? result?.n ?? 0;
+        if (modified === 0) return null;
+        const updated = await findOne(this.prisma, 'Entity', { _id: objectId });
+        const credential = await this._fetchCredential(updated?.credentialId);
+        return this._mapEntity(updated, credential);
+    }
+
+    async deleteEntity(entityId) {
+        const objectId = toObjectId(entityId);
+        if (!objectId) return false;
+        const result = await deleteOne(this.prisma, 'Entity', { _id: objectId });
+        const deleted = result?.n ?? 0;
+        return deleted > 0;
+    }
+
+    async _fetchCredential(credentialId) {
+        const id = fromObjectId(credentialId);
+        if (!id) return null;
+
+        try {
+            // Convert to ObjectId for raw query
+            const objectId = toObjectId(id);
+            if (!objectId) return null;
+
+            // Use raw findOne to bypass Prisma encryption extension
+            const rawCredential = await findOne(this.prisma, 'Credential', {
+                _id: objectId
+            });
+
+            if (!rawCredential) return null;
+
+            // Decrypt sensitive fields using service
+            const decryptedCredential = await this.encryptionService.decryptFields('Credential', rawCredential);
+
+            // Return in same format
+            const credential = {
+                id: fromObjectId(decryptedCredential._id),
+                userId: fromObjectId(decryptedCredential.userId),
+                externalId: decryptedCredential.externalId ?? null,
+                authIsValid: decryptedCredential.authIsValid ?? null,
+                createdAt: decryptedCredential.createdAt,
+                updatedAt: decryptedCredential.updatedAt,
+                data: decryptedCredential.data
+            };
+
+            return this._convertCredentialIds(credential);
+        } catch (error) {
+            console.error(`Failed to fetch/decrypt credential ${id}:`, error.message);
+            // Return null instead of throwing to allow graceful degradation
+            // This repository is read-only (doesn't create/update credentials)
+            // Entities can still be loaded even if their credential is corrupted/unreadable
+            // The entity will have null credential, which calling code must handle
+            // This is intentional behavior: prefer partial data over complete failure
+            return null;
+        }
+    }
+
+    async _fetchCredentialsBulk(credentialIds) {
+        const ids = (credentialIds || [])
+            .map((value) => fromObjectId(value))
+            .filter((value) => value !== null && value !== undefined);
+        if (ids.length === 0) return new Map();
+
+        try {
+            // Convert string IDs to ObjectIds for bulk query
+            const objectIds = ids.map(id => toObjectId(id)).filter(Boolean);
+            if (objectIds.length === 0) return new Map();
+
+            // Use raw findMany to bypass Prisma encryption extension
+            const rawCredentials = await findMany(this.prisma, 'Credential', {
+                _id: { $in: objectIds }
+            });
+
+            // Decrypt all credentials in parallel
+            const decryptionPromises = rawCredentials.map(async (rawCredential) => {
+                try {
+                    // Decrypt sensitive fields using service
+                    const decryptedCredential = await this.encryptionService.decryptFields('Credential', rawCredential);
+
+                    // Build credential object in same format as Prisma would return
+                    const credential = {
+                        id: fromObjectId(decryptedCredential._id),
+                        userId: fromObjectId(decryptedCredential.userId),
+                        externalId: decryptedCredential.externalId ?? null,
+                        authIsValid: decryptedCredential.authIsValid ?? null,
+                        createdAt: decryptedCredential.createdAt,
+                        updatedAt: decryptedCredential.updatedAt,
+                        data: decryptedCredential.data
+                    };
+
+                    return this._convertCredentialIds(credential);
+                } catch (error) {
+                    const credId = fromObjectId(rawCredential._id);
+                    console.error(`Failed to decrypt credential ${credId}:`, error.message);
+                    return null;
+                }
+            });
+
+            // Wait for all decryptions to complete
+            const decryptedCredentials = await Promise.all(decryptionPromises);
+
+            // Build Map from results, filtering out nulls
+            const map = new Map();
+            decryptedCredentials.forEach(credential => {
+                if (credential) {
+                    map.set(credential.id, credential);
+                }
+            });
+
+            return map;
+        } catch (error) {
+            console.error('Failed to fetch credentials bulk:', error.message);
+            return new Map();
+        }
+    }
+
+    /**
+     * Convert credential object IDs to strings for application layer
+     * Ensures consistent credential format across database adapters
+     * @private
+     * @param {Object|null} credential - Credential object from database
+     * @returns {Object|null} Credential with properly formatted IDs
+     */
+    _convertCredentialIds(credential) {
+        if (!credential) return credential;
+        return {
+            ...credential,
+            id: credential.id ? String(credential.id) : null,
+            userId: credential.userId ? String(credential.userId) : null,
+        };
+    }
+
+    _buildFilter(filter) {
+        const query = {};
+        if (!filter) return query;
+        if (filter._id || filter.id) {
+            const idObj = toObjectId(filter._id || filter.id);
+            if (idObj) query._id = idObj;
+        }
+        if (filter.user || filter.userId) {
+            const userObj = toObjectId(filter.user || filter.userId);
+            if (userObj) query.userId = userObj;
+        }
+        if (filter.credential || filter.credentialId) {
+            const credObj = toObjectId(filter.credential || filter.credentialId);
+            if (credObj) query.credentialId = credObj;
+        }
+        if (filter.name) query.name = filter.name;
+        if (filter.moduleName) query.moduleName = filter.moduleName;
+        if (filter.externalId) query.externalId = filter.externalId;
+        return query;
+    }
+
+    _mapEntity(doc, credential) {
+        return {
+            id: fromObjectId(doc?._id),
+            accountId: doc?.accountId ?? null,
+            credential,
+            userId: fromObjectId(doc?.userId),
+            name: doc?.name ?? null,
+            externalId: doc?.externalId ?? null,
+            moduleName: doc?.moduleName ?? null,
+        };
+    }
+}
+
+module.exports = { ModuleRepositoryDocumentDB };
+

package/modules/repositories/module-repository-factory.js

@@ -1,5 +1,8 @@
 const { ModuleRepositoryMongo } = require('./module-repository-mongo');
 const { ModuleRepositoryPostgres } = require('./module-repository-postgres');
+const {
+    ModuleRepositoryDocumentDB,
+} = require('./module-repository-documentdb');
 const config = require('../../database/config');
 
 /**
@@ -18,9 +21,12 @@ function createModuleRepository() {
         case 'postgresql':
             return new ModuleRepositoryPostgres();
 
+        case 'documentdb':
+            return new ModuleRepositoryDocumentDB();
+
         default:
             throw new Error(
-                `Unsupported database type: ${dbType}. Supported values: 'mongodb', 'postgresql'`
+                `Unsupported database type: ${dbType}. Supported values: 'mongodb', 'documentdb', 'postgresql'`
             );
     }
 }
@@ -30,4 +36,5 @@ module.exports = {
     // Export adapters for direct testing
     ModuleRepositoryMongo,
     ModuleRepositoryPostgres,
+    ModuleRepositoryDocumentDB,
 };

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@friggframework/core",
     "prettier": "@friggframework/prettier-config",
-    "version": "2.0.0-next.52",
+    "version": "2.0.0-next.54",
     "dependencies": {
         "@aws-sdk/client-apigatewaymanagementapi": "^3.588.0",
         "@aws-sdk/client-kms": "^3.588.0",
@@ -38,9 +38,9 @@
         }
     },
     "devDependencies": {
-        "@friggframework/eslint-config": "2.0.0-next.52",
-        "@friggframework/prettier-config": "2.0.0-next.52",
-        "@friggframework/test": "2.0.0-next.52",
+        "@friggframework/eslint-config": "2.0.0-next.54",
+        "@friggframework/prettier-config": "2.0.0-next.54",
+        "@friggframework/test": "2.0.0-next.54",
         "@prisma/client": "^6.17.0",
         "@types/lodash": "4.17.15",
         "@typescript-eslint/eslint-plugin": "^8.0.0",
@@ -80,5 +80,5 @@
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "424fabff6ef8fabf31e2d75b2b1e5600e6e1edb8"
+    "gitHead": "d72f0af6966a5701fe2a4257139d40292972f92a"
 }

package/prisma-mongodb/schema.prisma

@@ -50,9 +50,7 @@ model User {
   integrations Integration[]
   processes    Process[]
 
-  @@unique([email])
-  @@unique([username])
-  @@unique([appOrgId])
+  @@unique([username, appUserId])
   @@index([type])
   @@index([appUserId])
   @@map("User")

package/prisma-postgresql/migrations/20251112195422_update_user_unique_constraints/migration.sql

@@ -0,0 +1,69 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `subType` on the `Credential` table. All the data in the column will be lost.
+  - You are about to drop the column `subType` on the `Entity` table. All the data in the column will be lost.
+  - A unique constraint covering the columns `[username,appUserId]` on the table `User` will be added. If there are existing duplicate values, this will fail.
+
+*/
+-- DropIndex
+DROP INDEX "User_appOrgId_key";
+
+-- DropIndex
+DROP INDEX "User_email_key";
+
+-- DropIndex
+DROP INDEX "User_username_key";
+
+-- AlterTable
+ALTER TABLE "Credential" DROP COLUMN "subType";
+
+-- AlterTable
+ALTER TABLE "Entity" DROP COLUMN "subType";
+
+-- CreateTable
+CREATE TABLE "Process" (
+    "id" SERIAL NOT NULL,
+    "userId" INTEGER NOT NULL,
+    "integrationId" INTEGER NOT NULL,
+    "name" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "state" TEXT NOT NULL,
+    "context" JSONB NOT NULL DEFAULT '{}',
+    "results" JSONB NOT NULL DEFAULT '{}',
+    "parentProcessId" INTEGER,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "Process_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE INDEX "Process_userId_idx" ON "Process"("userId");
+
+-- CreateIndex
+CREATE INDEX "Process_integrationId_idx" ON "Process"("integrationId");
+
+-- CreateIndex
+CREATE INDEX "Process_type_idx" ON "Process"("type");
+
+-- CreateIndex
+CREATE INDEX "Process_state_idx" ON "Process"("state");
+
+-- CreateIndex
+CREATE INDEX "Process_name_idx" ON "Process"("name");
+
+-- CreateIndex
+CREATE INDEX "Process_parentProcessId_idx" ON "Process"("parentProcessId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_username_appUserId_key" ON "User"("username", "appUserId");
+
+-- AddForeignKey
+ALTER TABLE "Process" ADD CONSTRAINT "Process_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "Process" ADD CONSTRAINT "Process_integrationId_fkey" FOREIGN KEY ("integrationId") REFERENCES "Integration"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "Process" ADD CONSTRAINT "Process_parentProcessId_fkey" FOREIGN KEY ("parentProcessId") REFERENCES "Process"("id") ON DELETE SET NULL ON UPDATE CASCADE;

package/prisma-postgresql/schema.prisma

@@ -50,9 +50,7 @@ model User {
   integrations Integration[]
   processes    Process[]
 
-  @@unique([email])
-  @@unique([username])
-  @@unique([appOrgId])
+  @@unique([username, appUserId])
   @@index([type])
   @@index([appUserId])
 }