npm - @gblikas/querykit - Versions diffs - 0.4.0 → 0.5.0 - Mend

@gblikas/querykit 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/README.md +192 -0
package/dist/parser/types.d.ts +17 -1
package/dist/security/validator.js +14 -5
package/dist/translators/drizzle/index.js +11 -0
package/dist/virtual-fields/helpers.d.ts +32 -0
package/dist/virtual-fields/helpers.js +74 -0
package/dist/virtual-fields/index.d.ts +1 -0
package/dist/virtual-fields/index.js +1 -0
package/dist/virtual-fields/resolver.js +4 -0
package/dist/virtual-fields/types.d.ts +20 -3
package/package.json +1 -1
package/src/parser/types.ts +21 -1
package/src/security/validator.ts +15 -5
package/src/translators/drizzle/index.ts +18 -0
package/src/virtual-fields/helpers.ts +81 -0
package/src/virtual-fields/index.ts +1 -0
package/src/virtual-fields/raw-sql.test.ts +978 -0
package/src/virtual-fields/resolver.ts +5 -0
package/src/virtual-fields/types.ts +22 -2
package/src/virtual-fields/user-example-integration.test.ts +182 -0

package/src/virtual-fields/helpers.ts ADDED Viewed

@@ -0,0 +1,81 @@
+/**
+ * Helper utilities for creating raw SQL expressions in virtual fields
+ */
+import { sql } from 'drizzle-orm';
+import { IRawSqlExpression } from '../parser/types';
+/**
+ * Validates field name to prevent SQL injection.
+ * Only allows alphanumeric characters, dots, and underscores.
+ * @private
+ */
+function validateFieldName(field: string): void {
+  if (!/^[a-zA-Z][a-zA-Z0-9._]*$/.test(field)) {
+    throw new Error(`Invalid field name: ${field}`);
+  }
+  if (field.length > 64) {
+    throw new Error(`Field name too long: ${field}`);
+  }
+}
+/**
+ * Create a JSONB array contains expression (PostgreSQL).
+ * Checks if the JSONB array field contains the given value.
+ *
+ * @param field - The JSONB field name (e.g., 'assigned_to')
+ * @param value - The value to check for in the array
+ * @returns A raw SQL expression for JSONB contains check
+ *
+ * @example
+ * // Check if assignedTo contains the current user ID
+ * jsonbContains('assigned_to', ctx.currentUserId)
+ * // Generates: assigned_to @> '["user123"]'::jsonb
+ */
+export function jsonbContains(
+  field: string,
+  value: unknown
+): IRawSqlExpression {
+  validateFieldName(field);
+  return {
+    type: 'raw',
+    toSql: () =>
+      sql`${sql.identifier(field)} @> ${sql.raw("'" + JSON.stringify(Array.isArray(value) ? value : [value]).replace(/'/g, "''") + "'::jsonb")}`
+  };
+}
+/**
+ * Validates days parameter to ensure it's a positive finite number.
+ * @private
+ */
+function validateDaysParameter(days: number): void {
+  if (!Number.isFinite(days)) {
+    throw new Error(`Invalid days parameter: ${days}. Must be a finite number.`);
+  }
+  if (days <= 0) {
+    throw new Error(`Invalid days parameter: ${days}. Must be a positive number.`);
+  }
+}
+/**
+ * Create a date range expression.
+ * Checks if a timestamp field is within the specified number of days from now.
+ *
+ * @param field - The timestamp field name (e.g., 'created_at')
+ * @param days - Number of days from now (must be a positive finite number)
+ * @returns A raw SQL expression for date range check
+ *
+ * @example
+ * // Check if created within last day
+ * dateWithinDays('created_at', 1)
+ * // Generates: created_at >= NOW() - INTERVAL '1 days'
+ */
+export function dateWithinDays(field: string, days: number): IRawSqlExpression {
+  validateFieldName(field);
+  validateDaysParameter(days);
+  return {
+    type: 'raw',
+    toSql: () =>
+      sql`${sql.identifier(field)} >= NOW() - INTERVAL '${sql.raw(days.toString())} days'`
+  };
+}

package/src/virtual-fields/index.ts CHANGED Viewed

@@ -4,3 +4,4 @@
 export * from './types';
 export * from './resolver';
+export * from './helpers';