npm - @gencow/core - Versions diffs - 0.1.24 → 0.1.25 - Mend

@gencow/core 0.1.24 → 0.1.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (73) hide show

package/dist/crud.d.ts +2 -2
package/dist/crud.js +225 -208
package/dist/index.d.ts +5 -5
package/dist/index.js +2 -2
package/dist/reactive.js +10 -3
package/dist/retry.js +1 -1
package/dist/rls-db.d.ts +2 -2
package/dist/rls-db.js +1 -5
package/dist/scheduler.d.ts +2 -0
package/dist/scheduler.js +16 -6
package/dist/server.d.ts +0 -1
package/dist/server.js +0 -1
package/dist/storage.js +29 -22
package/dist/v.d.ts +2 -2
package/dist/workflow.js +4 -11
package/dist/workflows-api.js +5 -12
package/package.json +46 -42
package/src/__tests__/auth.test.ts +90 -86
package/src/__tests__/crons.test.ts +69 -67
package/src/__tests__/crud-codegen-integration.test.ts +164 -170
package/src/__tests__/crud-owner-rls.test.ts +308 -301
package/src/__tests__/crud.test.ts +694 -711
package/src/__tests__/dist-exports.test.ts +120 -120
package/src/__tests__/fixtures/basic/auth.ts +16 -16
package/src/__tests__/fixtures/basic/drizzle.config.ts +1 -4
package/src/__tests__/fixtures/basic/index.ts +1 -1
package/src/__tests__/fixtures/basic/schema.ts +1 -1
package/src/__tests__/fixtures/basic/tasks.ts +4 -4
package/src/__tests__/fixtures/common/auth-schema.ts +38 -34
package/src/__tests__/helpers/basic-rls-fixture.ts +80 -78
package/src/__tests__/helpers/pglite-migrations.ts +2 -5
package/src/__tests__/helpers/pglite-rls-session.ts +13 -16
package/src/__tests__/helpers/seed-like-fill.ts +50 -44
package/src/__tests__/helpers/test-gencow-ctx-rls.ts +4 -7
package/src/__tests__/httpaction.test.ts +91 -91
package/src/__tests__/image-optimization.test.ts +570 -574
package/src/__tests__/load.test.ts +321 -308
package/src/__tests__/network-sim.test.ts +238 -215
package/src/__tests__/reactive.test.ts +380 -358
package/src/__tests__/retry.test.ts +99 -84
package/src/__tests__/rls-crud-basic.test.ts +172 -245
package/src/__tests__/rls-crud-no-owner-rls-pglite.test.ts +81 -81
package/src/__tests__/rls-custom-mutation-handlers.test.ts +47 -94
package/src/__tests__/rls-custom-query-handlers.test.ts +92 -92
package/src/__tests__/rls-db-leased-connection.test.ts +2 -6
package/src/__tests__/rls-session-and-policies.test.ts +181 -199
package/src/__tests__/scheduler-durable-v2.test.ts +199 -181
package/src/__tests__/scheduler-durable.test.ts +117 -117
package/src/__tests__/scheduler-exec.test.ts +258 -246
package/src/__tests__/scheduler.test.ts +129 -111
package/src/__tests__/storage.test.ts +282 -269
package/src/__tests__/tsconfig.json +6 -6
package/src/__tests__/validator.test.ts +236 -232
package/src/__tests__/workflow.test.ts +309 -286
package/src/__tests__/ws-integration.test.ts +223 -218
package/src/__tests__/ws-scale.test.ts +168 -159
package/src/auth-config.ts +18 -18
package/src/auth.ts +106 -106
package/src/crons.ts +77 -77
package/src/crud.ts +523 -479
package/src/index.ts +69 -5
package/src/reactive.ts +357 -331
package/src/retry.ts +51 -54
package/src/rls-db.ts +195 -205
package/src/rls.ts +33 -36
package/src/scheduler.ts +237 -211
package/src/server.ts +0 -1
package/src/storage.ts +632 -593
package/src/v.ts +119 -114
package/src/workflow-types.ts +67 -70
package/src/workflow.ts +99 -116
package/src/workflows-api.ts +231 -241
package/src/db.ts +0 -18

package/src/__tests__/crud-owner-rls.test.ts CHANGED Viewed

@@ -15,366 +15,373 @@
 import { describe, it, expect } from "bun:test";
 import { pgTable, serial, text, timestamp, pgPolicy } from "drizzle-orm/pg-core";
 import { sql } from "drizzle-orm";
-import { crud } from "../crud";
-import { ownerRls, getOwnerRlsMeta, registerOwnerRls } from "../rls";
-import { getQueryDef, getRegisteredMutations } from "../reactive";
+import { crud } from "../crud.js";
+import { ownerRls, getOwnerRlsMeta, registerOwnerRls } from "../rls.js";
+import { getQueryDef, getRegisteredMutations } from "../reactive.js";
 // ─── 테스트 테이블 정의 ────────────────────────────────────────────────────
 // ownerRls 적용 테이블
-const rlsTasks = pgTable("rls_tasks", {
+const rlsTasks = pgTable(
+  "rls_tasks",
+  {
     id: serial("id").primaryKey(),
     title: text("title").notNull(),
     userId: text("user_id").notNull(),
     createdAt: timestamp("created_at").defaultNow(),
     updatedAt: timestamp("updated_at").defaultNow(),
-}, (t) => ownerRls(t.userId));
+  },
+  (t) => ownerRls(t.userId),
+);
 // ownerRls(read: "public") 테이블
-const rlsPosts = pgTable("rls_posts", {
+const rlsPosts = pgTable(
+  "rls_posts",
+  {
     id: serial("id").primaryKey(),
     content: text("content").notNull(),
     userId: text("user_id").notNull(),
     createdAt: timestamp("created_at").defaultNow(),
-}, (t) => ownerRls(t.userId, { read: "public" }));
+  },
+  (t) => ownerRls(t.userId, { read: "public" }),
+);
 // ownerRls 미적용 테이블 (하위호환 검증)
 const plainItems = pgTable("plain_items", {
-    id: serial("id").primaryKey(),
-    name: text("name"),
-    userId: text("user_id"),
-    createdAt: timestamp("created_at").defaultNow(),
+  id: serial("id").primaryKey(),
+  name: text("name"),
+  userId: text("user_id"),
+  createdAt: timestamp("created_at").defaultNow(),
 });
 // ─── Mock 유틸 ─────────────────────────────────────────────────────────
 function createMockCtx(userId: string, mockData: any[] = []) {
-    const dataChain: any = {
-        from: () => dataChain,
-        where: () => dataChain,
-        orderBy: () => dataChain,
-        limit: (n?: number) => n === 1
-            ? Promise.resolve(mockData.slice(0, 1))  // get handler: .limit(1) → 단일 행 반환
-            : dataChain,                              // list handler: .limit(n).offset(m)
-        offset: () => Promise.resolve(mockData),
-    };
-    const countChain = {
-        from: () => countChain,
-        where: () => Promise.resolve([{ count: mockData.length }]),
-    };
-    let capturedValues: any = null;
-    let capturedWhereArg: any = null;
-    const emitted: { key: string; data: any }[] = [];
-    return {
-        ctx: {
-            auth: {
-                requireAuth: () => ({ id: userId, email: `${userId}@test.com` }),
-                getUserIdentity: () => ({ id: userId }),
-                getSession: () => null,
-            },
-            db: {
-                select: (selectArg?: any) => {
-                    if (selectArg && typeof selectArg === "object" && "count" in selectArg) {
-                        return countChain;
-                    }
-                    return dataChain;
-                },
-                insert: () => ({
-                    values: (v: any) => {
-                        capturedValues = v;
-                        return { returning: () => Promise.resolve([{ ...v, id: 1 }]) };
-                    },
-                }),
-                update: () => ({
-                    set: (data: any) => ({
-                        where: (w: any) => {
-                            capturedWhereArg = w;
-                            return { returning: () => Promise.resolve([{ ...data, id: 1 }]) };
-                        },
-                    }),
-                }),
-                delete: () => ({
-                    where: (w: any) => {
-                        capturedWhereArg = w;
-                        return Promise.resolve();
-                    },
-                }),
-            },
-            realtime: {
-                emit: (key: string, data: any) => emitted.push({ key, data }),
-            },
+  const dataChain: any = {
+    from: () => dataChain,
+    where: () => dataChain,
+    orderBy: () => dataChain,
+    limit: (n?: number) =>
+      n === 1
+        ? Promise.resolve(mockData.slice(0, 1)) // get handler: .limit(1) → 단일 행 반환
+        : dataChain, // list handler: .limit(n).offset(m)
+    offset: () => Promise.resolve(mockData),
+  };
+  const countChain = {
+    from: () => countChain,
+    where: () => Promise.resolve([{ count: mockData.length }]),
+  };
+  let capturedValues: any = null;
+  let capturedWhereArg: any = null;
+  const emitted: { key: string; data: any }[] = [];
+  return {
+    ctx: {
+      auth: {
+        requireAuth: () => ({ id: userId, email: `${userId}@test.com` }),
+        getUserIdentity: () => ({ id: userId }),
+        getSession: () => null,
+      },
+      db: {
+        select: (selectArg?: any) => {
+          if (selectArg && typeof selectArg === "object" && "count" in selectArg) {
+            return countChain;
+          }
+          return dataChain;
         },
-        getCapturedValues: () => capturedValues,
-        getCapturedWhere: () => capturedWhereArg,
-        emitted,
-    };
+        insert: () => ({
+          values: (v: any) => {
+            capturedValues = v;
+            return { returning: () => Promise.resolve([{ ...v, id: 1 }]) };
+          },
+        }),
+        update: () => ({
+          set: (data: any) => ({
+            where: (w: any) => {
+              capturedWhereArg = w;
+              return { returning: () => Promise.resolve([{ ...data, id: 1 }]) };
+            },
+          }),
+        }),
+        delete: () => ({
+          where: (w: any) => {
+            capturedWhereArg = w;
+            return Promise.resolve();
+          },
+        }),
+      },
+      realtime: {
+        emit: (key: string, data: any) => emitted.push({ key, data }),
+      },
+    },
+    getCapturedValues: () => capturedValues,
+    getCapturedWhere: () => capturedWhereArg,
+    emitted,
+  };
 }
 function createUnauthCtx(mockData: any[] = []) {
-    const dataChain = {
-        from: () => dataChain,
-        where: () => dataChain,
-        orderBy: () => dataChain,
-        limit: () => dataChain,
-        offset: () => Promise.resolve(mockData),
-    };
-    const countChain = {
-        from: () => countChain,
-        where: () => Promise.resolve([{ count: mockData.length }]),
-    };
-    return {
-        auth: {
-            requireAuth: () => { throw new Error("Unauthorized"); },
-            getUserIdentity: () => null,
-            getSession: () => null,
-        },
-        db: {
-            select: (selectArg?: any) => {
-                if (selectArg && typeof selectArg === "object" && "count" in selectArg) {
-                    return countChain;
-                }
-                return dataChain;
-            },
-        },
-        realtime: {
-            emit: () => {},
-        },
-    };
+  const dataChain = {
+    from: () => dataChain,
+    where: () => dataChain,
+    orderBy: () => dataChain,
+    limit: () => dataChain,
+    offset: () => Promise.resolve(mockData),
+  };
+  const countChain = {
+    from: () => countChain,
+    where: () => Promise.resolve([{ count: mockData.length }]),
+  };
+  return {
+    auth: {
+      requireAuth: () => {
+        throw new Error("Unauthorized");
+      },
+      getUserIdentity: () => null,
+      getSession: () => null,
+    },
+    db: {
+      select: (selectArg?: any) => {
+        if (selectArg && typeof selectArg === "object" && "count" in selectArg) {
+          return countChain;
+        }
+        return dataChain;
+      },
+    },
+    realtime: {
+      emit: () => {},
+    },
+  };
 }
 // ═══════════════════════════════════════════════════════════════════════════════
 // Phase 1 검증: ownerRls() 메타데이터
 // ═══════════════════════════════════════════════════════════════════════════════
 describe("ownerRls() — 메타데이터 레지스트리", () => {
-    it("ownerRls 적용 테이블에서 메타데이터를 감지한다", () => {
-        // ownerRls()가 호출된 rlsTasks 테이블에서 WeakMap으로 건 못 찾더라도
-        // crud()가 getTableConfig().policies로 fallback 감지
-        // 여기서는 registerOwnerRls를 직접 호출하여 테스트
-        registerOwnerRls(rlsTasks, { columnName: "user_id", readPublic: false });
-        const meta = getOwnerRlsMeta(rlsTasks);
-        expect(meta).toBeDefined();
-        expect(meta!.columnName).toBe("user_id");
-        expect(meta!.readPublic).toBe(false);
-    });
-    it("read: public 옵션이 메타데이터에 반영된다", () => {
-        registerOwnerRls(rlsPosts, { columnName: "user_id", readPublic: true });
-        const meta = getOwnerRlsMeta(rlsPosts);
-        expect(meta).toBeDefined();
-        expect(meta!.readPublic).toBe(true);
-    });
-    it("ownerRls 미적용 테이블은 undefined 반환", () => {
-        const meta = getOwnerRlsMeta(plainItems);
-        expect(meta).toBeUndefined();
-    });
+  it("ownerRls 적용 테이블에서 메타데이터를 감지한다", () => {
+    // ownerRls()가 호출된 rlsTasks 테이블에서 WeakMap으로 건 못 찾더라도
+    // crud()가 getTableConfig().policies로 fallback 감지
+    // 여기서는 registerOwnerRls를 직접 호출하여 테스트
+    registerOwnerRls(rlsTasks, { columnName: "user_id", readPublic: false });
+    const meta = getOwnerRlsMeta(rlsTasks);
+    expect(meta).toBeDefined();
+    expect(meta!.columnName).toBe("user_id");
+    expect(meta!.readPublic).toBe(false);
+  });
+  it("read: public 옵션이 메타데이터에 반영된다", () => {
+    registerOwnerRls(rlsPosts, { columnName: "user_id", readPublic: true });
+    const meta = getOwnerRlsMeta(rlsPosts);
+    expect(meta).toBeDefined();
+    expect(meta!.readPublic).toBe(true);
+  });
+  it("ownerRls 미적용 테이블은 undefined 반환", () => {
+    const meta = getOwnerRlsMeta(plainItems);
+    expect(meta).toBeUndefined();
+  });
 });
 // ═══════════════════════════════════════════════════════════════════════════════
 // Phase 2 검증: crud() ownerRls 감지 + 필터 주입
 // ═══════════════════════════════════════════════════════════════════════════════
 describe("crud() + ownerRls — 데이터 격리", () => {
-    // 초기화: crud 등록
-    crud(rlsTasks);
-    crud(rlsPosts);
-    crud(plainItems);
-    // ── list 격리 ──
-    it("list: ownerRls 테이블에서 requireAuth가 호출된다", async () => {
-        const listDef = getQueryDef("rls_tasks.list");
-        expect(listDef).toBeDefined();
-        const { ctx } = createMockCtx("user-A", []);
-        // 에러 없이 실행되면 requireAuth 호출 성공
-        const result = await listDef!.handler(ctx, {});
-        expect(result).toHaveProperty("data");
-        expect(result).toHaveProperty("total");
-    });
-    it("list: ownerRls 테이블은 인증 없이 접근 불가", async () => {
-        const listDef = getQueryDef("rls_tasks.list");
-        const unauthCtx = createUnauthCtx();
-        await expect(listDef!.handler(unauthCtx, {})).rejects.toThrow("Unauthorized");
-    });
-    // ── get 격리 ──
-    it("get: ownerRls 테이블에서 requireAuth가 호출된다", async () => {
-        const getDef = getQueryDef("rls_tasks.get");
-        expect(getDef).toBeDefined();
-        const { ctx } = createMockCtx("user-A", [{ id: 1, title: "test", userId: "user-A" }]);
-        const result = await getDef!.handler(ctx, { id: 1 });
-        // null 또는 데이터 반환 (mock이므로 체이닝 결과)
-        // 핵심: 에러 없이 실행되면 성공
-    });
-    // ── create 자동 주입 ──
-    it("create: ownerRls 테이블에서 userId가 인증 사용자로 강제 설정된다", async () => {
-        const mutations = getRegisteredMutations();
-        const createDef = mutations.find((m: any) => m.name === "rls_tasks.create");
-        expect(createDef).toBeDefined();
-        const { ctx, getCapturedValues } = createMockCtx("user-A");
-        await createDef!.handler(ctx, { title: "New Task" });
-        // userId가 인증된 사용자 ID로 강제 설정됨 (JS 프로퍼티명 사용)
-        const values = getCapturedValues();
-        expect(values).toBeDefined();
-        expect(values.userId).toBe("user-A");
-    });
-    it("create: 타인 user_id 주입 시도는 거부되고 insert까지 가지 않음 (보안)", async () => {
-        const mutations = getRegisteredMutations();
-        const createDef = mutations.find((m: any) => m.name === "rls_tasks.create");
-        const { ctx, getCapturedValues } = createMockCtx("user-A");
-        // 해커가 user_id를 "hacker-id"로 조작 시도 — Layer 1은 즉시 Forbidden (덮어쓰기 전 차단)
-        await expect(
-            createDef!.handler(ctx, { title: "Spoofed", user_id: "hacker-id" }),
-        ).rejects.toThrow("Forbidden: cannot create resource for another user");
+  // 초기화: crud 등록
+  crud(rlsTasks);
+  crud(rlsPosts);
+  crud(plainItems);
+  // ── list 격리 ──
+  it("list: ownerRls 테이블에서 requireAuth가 호출된다", async () => {
+    const listDef = getQueryDef("rls_tasks.list");
+    expect(listDef).toBeDefined();
+    const { ctx } = createMockCtx("user-A", []);
+    // 에러 없이 실행되면 requireAuth 호출 성공
+    const result = await listDef!.handler(ctx, {});
+    expect(result).toHaveProperty("data");
+    expect(result).toHaveProperty("total");
+  });
+  it("list: ownerRls 테이블은 인증 없이 접근 불가", async () => {
+    const listDef = getQueryDef("rls_tasks.list");
+    const unauthCtx = createUnauthCtx();
+    await expect(listDef!.handler(unauthCtx, {})).rejects.toThrow("Unauthorized");
+  });
+  // ── get 격리 ──
+  it("get: ownerRls 테이블에서 requireAuth가 호출된다", async () => {
+    const getDef = getQueryDef("rls_tasks.get");
+    expect(getDef).toBeDefined();
+    const { ctx } = createMockCtx("user-A", [{ id: 1, title: "test", userId: "user-A" }]);
+    const result = await getDef!.handler(ctx, { id: 1 });
+    // null 또는 데이터 반환 (mock이므로 체이닝 결과)
+    // 핵심: 에러 없이 실행되면 성공
+  });
+  // ── create 자동 주입 ──
+  it("create: ownerRls 테이블에서 userId가 인증 사용자로 강제 설정된다", async () => {
+    const mutations = getRegisteredMutations();
+    const createDef = mutations.find((m: any) => m.name === "rls_tasks.create");
+    expect(createDef).toBeDefined();
+    const { ctx, getCapturedValues } = createMockCtx("user-A");
+    await createDef!.handler(ctx, { title: "New Task" });
+    // userId가 인증된 사용자 ID로 강제 설정됨 (JS 프로퍼티명 사용)
+    const values = getCapturedValues();
+    expect(values).toBeDefined();
+    expect(values.userId).toBe("user-A");
+  });
+  it("create: 타인 user_id 주입 시도는 거부되고 insert까지 가지 않음 (보안)", async () => {
+    const mutations = getRegisteredMutations();
+    const createDef = mutations.find((m: any) => m.name === "rls_tasks.create");
+    const { ctx, getCapturedValues } = createMockCtx("user-A");
+    // 해커가 user_id를 "hacker-id"로 조작 시도 — Layer 1은 즉시 Forbidden (덮어쓰기 전 차단)
+    await expect(createDef!.handler(ctx, { title: "Spoofed", user_id: "hacker-id" })).rejects.toThrow(
+      "Forbidden: cannot create resource for another user",
+    );
+    expect(getCapturedValues()).toBeNull();
+  });
+  // ── update 격리 ──
+  it("update: ownerRls 테이블에서 userId 변경 시도가 차단된다", async () => {
+    const mutations = getRegisteredMutations();
+    const updateDef = mutations.find((m: any) => m.name === "rls_tasks.update");
+    expect(updateDef).toBeDefined();
+    // update에서는 set()에 전달되는 데이터에서 user_id 키가 삭제되어야 함
+    let capturedSetData: any = null;
+    const mockCtx = {
+      auth: {
+        requireAuth: () => ({ id: "user-A", email: "a@test.com" }),
+        getUserIdentity: () => ({ id: "user-A" }),
+      },
+      db: {
+        select: (selectArg?: any) => {
+          if (selectArg && typeof selectArg === "object" && "count" in selectArg) {
+            return { from: () => ({ where: () => Promise.resolve([{ count: 0 }]) }) };
+          }
+          return {
+            from: () => ({ where: () => ({ orderBy: () => Promise.resolve([]) }) }),
+          };
+        },
+        update: () => ({
+          set: (data: any) => {
+            capturedSetData = data;
+            return {
+              where: () => ({
+                returning: () => Promise.resolve([{ id: 1, title: "Updated" }]),
+              }),
+            };
+          },
+        }),
+      },
+      realtime: { emit: () => {} },
+    };
-        expect(getCapturedValues()).toBeNull();
+    await updateDef!.handler(mockCtx, {
+      id: 1,
+      title: "Updated",
+      user_id: "hacker-id", // userId 변경 시도
     });
-    // ── update 격리 ──
-    it("update: ownerRls 테이블에서 userId 변경 시도가 차단된다", async () => {
-        const mutations = getRegisteredMutations();
-        const updateDef = mutations.find((m: any) => m.name === "rls_tasks.update");
-        expect(updateDef).toBeDefined();
-        // update에서는 set()에 전달되는 데이터에서 user_id 키가 삭제되어야 함
-        let capturedSetData: any = null;
-        const mockCtx = {
-            auth: {
-                requireAuth: () => ({ id: "user-A", email: "a@test.com" }),
-                getUserIdentity: () => ({ id: "user-A" }),
-            },
-            db: {
-                select: (selectArg?: any) => {
-                    if (selectArg && typeof selectArg === "object" && "count" in selectArg) {
-                        return { from: () => ({ where: () => Promise.resolve([{ count: 0 }]) }) };
-                    }
-                    return {
-                        from: () => ({ where: () => ({ orderBy: () => Promise.resolve([]) }) }),
-                    };
-                },
-                update: () => ({
-                    set: (data: any) => {
-                        capturedSetData = data;
-                        return {
-                            where: () => ({
-                                returning: () => Promise.resolve([{ id: 1, title: "Updated" }]),
-                            }),
-                        };
-                    },
-                }),
-            },
-            realtime: { emit: () => {} },
-        };
-        await updateDef!.handler(mockCtx, {
-            id: 1,
-            title: "Updated",
-            user_id: "hacker-id",  // userId 변경 시도
-        });
-        // user_id가 set 데이터에서 삭제되었는지 확인 (JS 프로퍼티명 + DB명 양쪽)
-        expect(capturedSetData).toBeDefined();
-        expect(capturedSetData).not.toHaveProperty("userId");
-        expect(capturedSetData).not.toHaveProperty("user_id");
-        expect(capturedSetData.title).toBe("Updated");
-    });
+    // user_id가 set 데이터에서 삭제되었는지 확인 (JS 프로퍼티명 + DB명 양쪽)
+    expect(capturedSetData).toBeDefined();
+    expect(capturedSetData).not.toHaveProperty("userId");
+    expect(capturedSetData).not.toHaveProperty("user_id");
+    expect(capturedSetData.title).toBe("Updated");
+  });
-    // ── remove 격리 ──
+  // ── remove 격리 ──
-    it("remove: ownerRls 테이블에서 requireAuth가 호출된다", async () => {
-        const mutations = getRegisteredMutations();
-        const removeDef = mutations.find((m: any) => m.name === "rls_tasks.remove");
-        expect(removeDef).toBeDefined();
+  it("remove: ownerRls 테이블에서 requireAuth가 호출된다", async () => {
+    const mutations = getRegisteredMutations();
+    const removeDef = mutations.find((m: any) => m.name === "rls_tasks.remove");
+    expect(removeDef).toBeDefined();
-        const { ctx } = createMockCtx("user-A");
-        const result = await removeDef!.handler(ctx, { id: 1 });
-        expect(result).toEqual({ success: true });
-    });
+    const { ctx } = createMockCtx("user-A");
+    const result = await removeDef!.handler(ctx, { id: 1 });
+    expect(result).toEqual({ success: true });
+  });
 });
 // ═══════════════════════════════════════════════════════════════════════════════
 // read: "public" 테스트
 // ═══════════════════════════════════════════════════════════════════════════════
 describe("crud() + ownerRls(read: 'public') — 공개 읽기", () => {
-    it("list: 인증 없이 접근 가능 (read: public이므로 auth skip)", async () => {
-        // rlsPosts는 ownerRls(userId, { read: "public" })
-        // readPublic: true → list에서 userId 필터 생략
-        const listDef = getQueryDef("rls_posts.list");
-        expect(listDef).toBeDefined();
-        // crud는 isPublic=false로 생성되었으므로 requireAuth는 호출됨
-        // 하지만 readPublic=true이므로 userId 필터는 추가되지 않음
-        const { ctx } = createMockCtx("user-A", [{ id: 1, content: "hello" }]);
-        const result = await listDef!.handler(ctx, {});
-        expect(result.data).toHaveLength(1);
-    });
-    it("create: 인증 필수 + userId 강제 주입", async () => {
-        const mutations = getRegisteredMutations();
-        const createDef = mutations.find((m: any) => m.name === "rls_posts.create");
-        expect(createDef).toBeDefined();
-        const { ctx, getCapturedValues } = createMockCtx("user-B");
-        await createDef!.handler(ctx, { content: "Public post" });
-        const values = getCapturedValues();
-        expect(values.userId).toBe("user-B");
-    });
+  it("list: 인증 없이 접근 가능 (read: public이므로 auth skip)", async () => {
+    // rlsPosts는 ownerRls(userId, { read: "public" })
+    // readPublic: true → list에서 userId 필터 생략
+    const listDef = getQueryDef("rls_posts.list");
+    expect(listDef).toBeDefined();
+    // crud는 isPublic=false로 생성되었으므로 requireAuth는 호출됨
+    // 하지만 readPublic=true이므로 userId 필터는 추가되지 않음
+    const { ctx } = createMockCtx("user-A", [{ id: 1, content: "hello" }]);
+    const result = await listDef!.handler(ctx, {});
+    expect(result.data).toHaveLength(1);
+  });
+  it("create: 인증 필수 + userId 강제 주입", async () => {
+    const mutations = getRegisteredMutations();
+    const createDef = mutations.find((m: any) => m.name === "rls_posts.create");
+    expect(createDef).toBeDefined();
+    const { ctx, getCapturedValues } = createMockCtx("user-B");
+    await createDef!.handler(ctx, { content: "Public post" });
+    const values = getCapturedValues();
+    expect(values.userId).toBe("user-B");
+  });
 });
 // ═══════════════════════════════════════════════════════════════════════════════
 // 하위호환 테스트 — ownerRls 미적용 테이블
 // ═══════════════════════════════════════════════════════════════════════════════
 describe("crud() — ownerRls 미적용 하위호환", () => {
-    it("ownerRls 없는 테이블에서 기존 userId 자동 주입 동작 유지", async () => {
-        const mutations = getRegisteredMutations();
-        const createDef = mutations.find((m: any) => m.name === "plain_items.create");
-        expect(createDef).toBeDefined();
-        const { ctx, getCapturedValues } = createMockCtx("user-C");
-        await createDef!.handler(ctx, { name: "Widget" });
-        const values = getCapturedValues();
-        // ownerRls 미적용 → 기존 자동 주입 로직: userId 컬럼이 있고 인증됐으면 주입
-        expect(values.userId).toBe("user-C");
-    });
-    it("ownerRls 없는 테이블의 list는 userId 필터 없이 전체 반환", async () => {
-        const listDef = getQueryDef("plain_items.list");
-        expect(listDef).toBeDefined();
-        const allData = [
-            { id: 1, name: "A", userId: "user-A" },
-            { id: 2, name: "B", userId: "user-B" },
-        ];
-        const { ctx } = createMockCtx("user-A", allData);
-        const result = await listDef!.handler(ctx, {});
-        // ownerRls 미적용 → 모든 데이터 반환 (기존 동작)
-        expect(result.data).toHaveLength(2);
-    });
+  it("ownerRls 없는 테이블에서 기존 userId 자동 주입 동작 유지", async () => {
+    const mutations = getRegisteredMutations();
+    const createDef = mutations.find((m: any) => m.name === "plain_items.create");
+    expect(createDef).toBeDefined();
+    const { ctx, getCapturedValues } = createMockCtx("user-C");
+    await createDef!.handler(ctx, { name: "Widget" });
+    const values = getCapturedValues();
+    // ownerRls 미적용 → 기존 자동 주입 로직: userId 컬럼이 있고 인증됐으면 주입
+    expect(values.userId).toBe("user-C");
+  });
+  it("ownerRls 없는 테이블의 list는 userId 필터 없이 전체 반환", async () => {
+    const listDef = getQueryDef("plain_items.list");
+    expect(listDef).toBeDefined();
+    const allData = [
+      { id: 1, name: "A", userId: "user-A" },
+      { id: 2, name: "B", userId: "user-B" },
+    ];
+    const { ctx } = createMockCtx("user-A", allData);
+    const result = await listDef!.handler(ctx, {});
+    // ownerRls 미적용 → 모든 데이터 반환 (기존 동작)
+    expect(result.data).toHaveLength(2);
+  });
 });