@gencow/core 0.1.27 → 0.1.28

package/src/__tests__/helpers/basic-rls-fixture.ts

@@ -1,135 +0,0 @@
-/**
- * Shared PGlite + `fixtures/basic` schema seed + RLS app role for integration tests.
- */
-import { dirname, join } from "path";
-import { fileURLToPath } from "url";
-import type { InferSelectModel } from "drizzle-orm";
-import { getTableName, sql } from "drizzle-orm";
-import type { PgTable } from "drizzle-orm/pg-core";
-import { PGlite } from "@electric-sql/pglite";
-import { drizzle } from "drizzle-orm/pglite";
-
-import type { UserIdentity } from "../../reactive.js";
-import { news, tasks, user } from "../fixtures/basic/schema.js";
-import {
-  createPgliteRlsAppRole,
-  DEFAULT_PGLITE_RLS_APP_ROLE,
-  setPgliteSessionRole,
-} from "./pglite-rls-session.js";
-import { loadAndApplyMigrations } from "./pglite-migrations.js";
-import { fillPartialRowsForInsert } from "./seed-like-fill.js";
-
-const __dirname = dirname(fileURLToPath(import.meta.url));
-
-export const basicFixtureUsers = [
-  { id: "us_000", name: "User 0", email: "user-0@s.com", emailVerified: true },
-  { id: "us_001", name: "User 1", email: "user-1@s.com", emailVerified: true },
-];
-
-/** Stable ids/titles; overlaps across users for search / RLS tests. */
-export const basicFixtureTasks = [
-  {
-    id: "tk-000",
-    userId: basicFixtureUsers[0].id,
-    done: false,
-    title: "Project Alpha — Q4 review prep",
-  },
-  {
-    id: "tk-001",
-    userId: basicFixtureUsers[1].id,
-    done: true,
-    title: "Project Alpha — teammate handoff",
-  },
-  {
-    id: "tk-002",
-    userId: basicFixtureUsers[0].id,
-    done: false,
-    title: "Project Alpha — backlog grooming",
-  },
-  {
-    id: "tk-003",
-    userId: basicFixtureUsers[0].id,
-    done: false,
-    title: "Quarterly planning — Q4",
-  },
-  {
-    id: "tk-004",
-    userId: basicFixtureUsers[1].id,
-    done: false,
-    title: "Project Beta — API docs",
-  },
-  {
-    id: "tk-005",
-    userId: basicFixtureUsers[1].id,
-    done: false,
-    title: "Project Gamma — research notes",
-  },
-  {
-    id: "tk-006",
-    userId: basicFixtureUsers[0].id,
-    done: false,
-    title: "Project Beta — spike",
-  },
-];
-
-/** No `ownerRls()` — two rows for user0 / user1 (no DB RLS on `news`). */
-export const basicFixtureNews = [
-  { id: "nw-000", userId: basicFixtureUsers[0].id, title: "owned by user0" },
-  { id: "nw-001", userId: basicFixtureUsers[1].id, title: "owned by user1" },
-];
-
-export const basicUser0Identity = {
-  id: basicFixtureUsers[0].id,
-  email: basicFixtureUsers[0].email,
-} satisfies UserIdentity;
-
-export const basicUser1Identity = {
-  id: basicFixtureUsers[1].id,
-  email: basicFixtureUsers[1].email,
-} satisfies UserIdentity;
-
-export type BasicTaskRow = InferSelectModel<typeof tasks>;
-export type BasicNewsRow = InferSelectModel<typeof news>;
-
-/**
- * Bootstrap user migrations, seed users/tasks as table owner, then `SET ROLE` to non-owner app role
- * so PostgreSQL RLS policies apply (same as `rls-crud-basic.test.ts`).
- */
-export async function createBasicRlsEnvironment(): Promise<{
-  client: PGlite;
-  db: ReturnType<typeof drizzle>;
-  taskRows: BasicTaskRow[];
-}> {
-  const client = new PGlite();
-  await client.waitReady;
-  await loadAndApplyMigrations(client, join(__dirname, "../fixtures/basic/migrations"));
-  const db = drizzle({ client });
-  await db.insert(user).values(fillPartialRowsForInsert(user, basicFixtureUsers));
-  const taskRows = fillPartialRowsForInsert(tasks, basicFixtureTasks) as BasicTaskRow[];
-  await db.insert(tasks).values(taskRows);
-  const newsRows = fillPartialRowsForInsert(news, basicFixtureNews) as BasicNewsRow[];
-  await db.insert(news).values(newsRows);
-  await createPgliteRlsAppRole(client, {
-    roleName: DEFAULT_PGLITE_RLS_APP_ROLE,
-  });
-  await setPgliteSessionRole(client, DEFAULT_PGLITE_RLS_APP_ROLE);
-  return { client, db, taskRows };
-}
-
-/** Asserts `pg_class.relrowsecurity` is false (table was never `ENABLE ROW LEVEL SECURITY`). */
-export async function assertTableRowLevelSecurityDisabled(
-  db: ReturnType<typeof drizzle>,
-  table: PgTable,
-): Promise<void> {
-  const relname = getTableName(table);
-  const q = await db.execute(sql`
-        select c.relrowsecurity as rls_enabled
-        from pg_class c
-        join pg_namespace n on n.oid = c.relnamespace
-        where n.nspname = 'public' and c.relname = ${relname}
-    `);
-  const row = (q as unknown as { rows: { rls_enabled: boolean }[] }).rows[0];
-  if (row?.rls_enabled !== false) {
-    throw new Error(`expected relrowsecurity = false for public.${relname}, got ${JSON.stringify(row)}`);
-  }
-}

package/src/__tests__/helpers/pglite-migrations.ts

@@ -1,32 +0,0 @@
-import { readFileSync, readdirSync } from "fs";
-import { join } from "path";
-import type { PGlite } from "@electric-sql/pglite";
-
-function listMigrationSqlFiles(migrationsDir: string): string[] {
-  return readdirSync(migrationsDir)
-    .filter((f) => f.endsWith(".sql"))
-    .sort()
-    .map((f) => join(migrationsDir, f));
-}
-
-/**
- * Apply Drizzle-generated SQL from a folder of `.sql` files (split on `--> statement-breakpoint`).
- */
-export async function loadAndApplyMigrations(client: PGlite, migrationsDir: string): Promise<void> {
-  const files = listMigrationSqlFiles(migrationsDir);
-  if (files.length === 0) {
-    throw new Error(
-      `No .sql migration files in ${migrationsDir} (generate migrations with your Drizzle workflow)`,
-    );
-  }
-  for (const filePath of files) {
-    const raw = readFileSync(filePath, "utf8");
-    const chunks = raw
-      .split(/--> statement-breakpoint/g)
-      .map((s) => s.trim())
-      .filter(Boolean);
-    for (const sqlChunk of chunks) {
-      await client.exec(sqlChunk);
-    }
-  }
-}

package/src/__tests__/helpers/pglite-rls-session.ts

@@ -1,51 +0,0 @@
-import type { PGlite } from "@electric-sql/pglite";
-
-/** Default role used in PGlite tests when you need RLS to apply (session user must not own the tables). */
-export const DEFAULT_PGLITE_RLS_APP_ROLE = "gencow_rls_app";
-
-function quoteIdent(name: string): string {
-  if (!/^[a-z_][a-z0-9_]*$/i.test(name)) {
-    throw new Error(`Invalid SQL identifier: ${name}`);
-  }
-  return `"${name.replace(/"/g, '""')}"`;
-}
-
-/**
- * After migrations (and optional seed as the bootstrap user), create a non-superuser role and grant
- * DML on `public` so queries run as **non-owner** → PostgreSQL applies RLS policies without
- * `FORCE ROW LEVEL SECURITY`.
- *
- * Omits `GRANT CONNECT ON DATABASE` — PGlite’s default DB can be `template1` and that grant has
- * caused engine errors; schema/table privileges are enough for the embedded single-connection case.
- *
- * Call {@link setPgliteSessionRole} on the same `PGlite` instance before running app queries.
- */
-export async function createPgliteRlsAppRole(
-  client: PGlite,
-  options?: { roleName?: string },
-): Promise<string> {
-  const roleName = options?.roleName ?? DEFAULT_PGLITE_RLS_APP_ROLE;
-  const role = quoteIdent(roleName);
-
-  await client.exec(`
-CREATE ROLE ${role} LOGIN;
-GRANT USAGE ON SCHEMA public TO ${role};
-GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO ${role};
-GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO ${role};
-`);
-
-  return roleName;
-}
-
-/**
- * Run follow-up queries in this session as the given role (must not be table owner so RLS applies).
- * The bootstrap user must be allowed to `SET ROLE` (e.g. superuser, or `GRANT rls_role TO bootstrap`).
- */
-export async function setPgliteSessionRole(client: PGlite, roleName: string): Promise<void> {
-  await client.exec(`SET ROLE ${quoteIdent(roleName)}`);
-}
-
-/** Restore session user to the original login role (typically the PGlite bootstrap user). */
-export async function resetPgliteSessionRole(client: PGlite): Promise<void> {
-  await client.exec("RESET ROLE");
-}

package/src/__tests__/helpers/seed-like-fill.ts

@@ -1,202 +0,0 @@
-/**
- * Merge explicit partial insert rows with drizzle-seed-style values for missing columns.
- * Uses drizzle-seed's `SeedService.generatePossibleGenerators` so new schema columns get
- * the same generators as `seed()` without listing every column in test fixtures.
- */
-
-import { getTableColumns, getTableName } from "drizzle-orm";
-import type { InferInsertModel } from "drizzle-orm";
-import type { PgColumn, PgTable } from "drizzle-orm/pg-core";
-import { getTableConfig } from "drizzle-orm/pg-core";
-import { SeedService } from "drizzle-seed";
-
-type SeedSvc = InstanceType<typeof SeedService>;
-type SeedTable = Parameters<SeedSvc["generatePossibleGenerators"]>[1][number];
-type SeedColumn = SeedTable["columns"][number];
-
-/** Fields drizzle-seed reads from ORM columns (mirrors `getPostgresInfo` in drizzle-seed). */
-type PgColumnSeedExtras = PgColumn & {
-  size?: number;
-  baseColumn?: PgColumn;
-};
-
-function pgColumnForSeed(column: PgColumn): PgColumnSeedExtras {
-  return column as PgColumnSeedExtras;
-}
-
-function hashSeed(str: string): number {
-  let h = 0;
-  for (let i = 0; i < str.length; i++) {
-    h = (Math.imul(31, h) + str.charCodeAt(i)) | 0;
-  }
-  return h >>> 0;
-}
-
-function getTypeParams(sqlType: string): SeedColumn["typeParams"] {
-  const typeParams: Record<string, number> = {};
-  if (sqlType.includes("[")) {
-    const match = sqlType.match(/\[\w*]/g);
-    if (match) {
-      typeParams.dimensions = match.length;
-    }
-  }
-  if (
-    sqlType.startsWith("numeric") ||
-    sqlType.startsWith("decimal") ||
-    sqlType.startsWith("double precision") ||
-    sqlType.startsWith("real")
-  ) {
-    const match = sqlType.match(/\((\d+), *(\d+)\)/);
-    if (match) {
-      typeParams.precision = Number(match[1]);
-      typeParams.scale = Number(match[2]);
-    }
-  } else if (
-    sqlType.startsWith("varchar") ||
-    sqlType.startsWith("bpchar") ||
-    sqlType.startsWith("char") ||
-    sqlType.startsWith("bit") ||
-    sqlType.startsWith("time") ||
-    sqlType.startsWith("timestamp") ||
-    sqlType.startsWith("interval")
-  ) {
-    const match = sqlType.match(/\((\d+)\)/);
-    if (match) {
-      typeParams.length = Number(match[1]);
-    }
-  }
-  return typeParams;
-}
-
-function getAllBaseColumns(baseColumn: PgColumn): NonNullable<SeedColumn["baseColumn"]> {
-  const b = pgColumnForSeed(baseColumn);
-  return {
-    name: baseColumn.name,
-    columnType: baseColumn.getSQLType(),
-    typeParams: getTypeParams(baseColumn.getSQLType()),
-    dataType: baseColumn.dataType,
-    size: b.size,
-    hasDefault: baseColumn.hasDefault,
-    default: baseColumn.default,
-    enumValues: baseColumn.enumValues,
-    isUnique: baseColumn.isUnique,
-    notNull: baseColumn.notNull,
-    primary: baseColumn.primary,
-    baseColumn: b.baseColumn === undefined ? undefined : getAllBaseColumns(b.baseColumn),
-  };
-}
-
-/**
- * Drizzle `PgTable` → drizzle-seed `Table` (same shape as `getPostgresInfo` in drizzle-seed).
- */
-export function drizzlePgTableToSeedTable(pgTable: PgTable, schemaKey: string): SeedTable {
-  const colsMap = getTableColumns(pgTable) as Record<string, PgColumn>;
-  const tableConfig = getTableConfig(pgTable);
-  const columns: SeedColumn[] = Object.entries(colsMap).map(([tsName, column]) => {
-    const c = pgColumnForSeed(column);
-    return {
-      name: tsName,
-      columnType: column.getSQLType(),
-      typeParams: getTypeParams(column.getSQLType()),
-      dataType: column.dataType,
-      size: c.size,
-      hasDefault: column.hasDefault,
-      default: column.default,
-      enumValues: column.enumValues,
-      isUnique: column.isUnique,
-      notNull: column.notNull,
-      primary: column.primary,
-      generatedIdentityType: column.generatedIdentity?.type,
-      identity: column.generatedIdentity !== undefined,
-      baseColumn: c.baseColumn === undefined ? undefined : getAllBaseColumns(c.baseColumn),
-    };
-  });
-  const primaryKeys = Object.keys(colsMap).filter((k) => colsMap[k]!.primary);
-  const uniqueConstraints = tableConfig.uniqueConstraints.map((uc) =>
-    uc.columns.map((c) => (c as PgColumn).name),
-  );
-  return { name: schemaKey, columns, primaryKeys, uniqueConstraints };
-}
-
-/**
- * For each row, use explicit keys from `partialRows[i]`; for any other column, run the same
- * generator drizzle-seed would use for that column type (same `generate({ i })` loop as seed).
- *
- * `schemaKey` for drizzle-seed defaults to `getTableName(pgTable)` (the SQL table name from
- * `pgTable("name", …)`). Pass `options.schemaKey` only when you need a different seed namespace.
- */
-export function fillPartialRowsForInsert<T extends PgTable>(
-  pgTable: T,
-  partialRows: Array<Partial<InferInsertModel<T>>>,
-  options?: { seed?: number; version?: number; schemaKey?: string },
-): InferInsertModel<T>[] {
-  const schemaKey = options?.schemaKey ?? getTableName(pgTable);
-  const seedService = new SeedService();
-  const seedTable = drizzlePgTableToSeedTable(pgTable, schemaKey);
-  const colsMap = getTableColumns(pgTable) as Record<string, PgColumn>;
-  const tsNames = Object.keys(colsMap);
-  const baseSeed = options?.seed ?? 0;
-  const count = partialRows.length;
-
-  // Build generator map for all columns at once using the v1 API
-  const tablePossibleGens = seedService.generatePossibleGenerators(
-    "postgresql",
-    [seedTable],
-    [],
-    undefined,
-    { version: options?.version ?? 2 },
-  );
-  const colGenMap: Record<string, ReturnType<SeedSvc["selectVersionOfGenerator"]>> = {};
-  for (const colGen of tablePossibleGens[0]!.columnsPossibleGenerators) {
-    if (colGen.generator !== undefined) {
-      colGenMap[colGen.columnName] = seedService.selectVersionOfGenerator(colGen.generator);
-    }
-  }
-
-  const generators: Record<string, { generate: (args: { i: number }) => unknown }> = {};
-
-  for (const tsName of tsNames) {
-    const drizzleCol = colsMap[tsName]!;
-    if (drizzleCol.generatedIdentity?.type === "always") {
-      continue;
-    }
-    const needsGen = partialRows.some((p) => !Object.hasOwn(p, tsName));
-    if (!needsGen) {
-      continue;
-    }
-    const gen = colGenMap[tsName];
-    if (gen === undefined) {
-      throw new Error(
-        `[seed-like-fill] unsupported column type for ${schemaKey}.${tsName}: ${drizzleCol.getSQLType()}`,
-      );
-    }
-    const pRNGSeed = baseSeed + hashSeed(`${schemaKey}.${tsName}`);
-    gen.init({ count, seed: pRNGSeed });
-    generators[tsName] = gen;
-  }
-
-  const out: InferInsertModel<T>[] = [];
-  for (let i = 0; i < count; i++) {
-    const partial = partialRows[i]!;
-    const row: Record<string, unknown> = {};
-    for (const tsName of tsNames) {
-      const drizzleCol = colsMap[tsName]!;
-      if (drizzleCol.generatedIdentity?.type === "always") {
-        continue;
-      }
-      if (Object.hasOwn(partial, tsName)) {
-        row[tsName] = partial[tsName as keyof typeof partial];
-      } else {
-        const g = generators[tsName];
-        if (!g) {
-          throw new Error(
-            `[seed-like-fill] missing generator for ${schemaKey}.${tsName} (partial row without value)`,
-          );
-        }
-        row[tsName] = g.generate({ i });
-      }
-    }
-    out.push(row as InferInsertModel<T>);
-  }
-  return out;
-}

package/src/__tests__/helpers/test-gencow-ctx-rls.ts

@@ -1,50 +0,0 @@
-import { drizzle } from "drizzle-orm/pglite";
-
-import { createRlsDb } from "../../rls-db.js";
-import type { GencowCtx, UserIdentity } from "../../reactive.js";
-
-export function makeTestGencowCtxWithRls(db: ReturnType<typeof drizzle>, identity: UserIdentity): GencowCtx {
-  const scoped = createRlsDb(db, { userId: identity.id });
-  return {
-    db: scoped,
-    unsafeDb: db,
-    auth: {
-      getUserIdentity: () => identity,
-      requireAuth: () => identity,
-    },
-    storage: {} as GencowCtx["storage"],
-    scheduler: {} as GencowCtx["scheduler"],
-    realtime: { emit: () => {}, refresh: () => {} },
-    retry: async (fn) => fn(),
-  };
-}
-
-const FORCE_ROLLBACK = Symbol("force-rollback");
-
-/**
- * Executes a callback inside one outer transaction and always rolls it back.
- *
- * This is useful for mutation tests: handlers can run multiple operations and
- * see intermediate writes, but database state is discarded after the callback.
- */
-export async function runWithRollbackTestGencowCtxWithRls<T>(
-  db: ReturnType<typeof drizzle>,
-  identity: UserIdentity,
-  run: (ctx: GencowCtx) => Promise<T>,
-): Promise<T> {
-  let result!: T;
-
-  try {
-    await (db as any).transaction(async (outerTx: ReturnType<typeof drizzle>) => {
-      const txCtx = makeTestGencowCtxWithRls(outerTx, identity);
-      result = await run(txCtx);
-      throw FORCE_ROLLBACK;
-    });
-  } catch (error) {
-    if (error !== FORCE_ROLLBACK) {
-      throw error;
-    }
-  }
-
-  return result;
-}

package/src/__tests__/httpaction.test.ts

@@ -1,122 +0,0 @@
-/**
- * packages/core/src/__tests__/httpaction.test.ts
- *
- * Tests for httpAction() — custom HTTP endpoint registration.
- *
- * Run: bun test packages/core/src/__tests__/httpaction.test.ts
- */
-
-import { describe, it, expect, beforeEach } from "bun:test";
-import { httpAction, getRegisteredHttpActions } from "../reactive.js";
-
-// Clean up httpAction registry between tests
-// Note: httpAction uses globalThis.__gencow_httpActionRegistry (push-only array)
-// We clear it in beforeEach to isolate tests.
-
-describe("httpAction()", () => {
-  const initialLength = getRegisteredHttpActions().length;
-
-  it("httpAction 등록 시 레지스트리에 추가된다", () => {
-    const before = getRegisteredHttpActions().length;
-
-    httpAction({
-      method: "GET",
-      path: "/test/health",
-      handler: async () => ({ body: { status: "ok" } }),
-    });
-
-    const after = getRegisteredHttpActions().length;
-    expect(after).toBe(before + 1);
-  });
-
-  it("method, path가 정확히 설정된다", () => {
-    httpAction({
-      method: "POST",
-      path: "/webhook/stripe",
-      handler: async () => ({ body: { received: true } }),
-    });
-
-    const actions = getRegisteredHttpActions();
-    const last = actions[actions.length - 1];
-    expect(last.method).toBe("POST");
-    expect(last.path).toBe("/webhook/stripe");
-  });
-
-  it("public 기본값은 false이다", () => {
-    httpAction({
-      method: "GET",
-      path: "/test/private",
-      handler: async () => ({ body: {} }),
-    });
-
-    const actions = getRegisteredHttpActions();
-    const last = actions[actions.length - 1];
-    expect(last.isPublic).toBe(false);
-  });
-
-  it("public: true 설정 시 isPublic === true", () => {
-    httpAction({
-      method: "GET",
-      path: "/test/public-endpoint",
-      public: true,
-      handler: async () => ({ body: {} }),
-    });
-
-    const actions = getRegisteredHttpActions();
-    const last = actions[actions.length - 1];
-    expect(last.isPublic).toBe(true);
-  });
-
-  it("handler가 HttpActionDef에 포함된다", () => {
-    const handler = async () => ({ body: { ok: true } });
-    httpAction({
-      method: "PUT",
-      path: "/test/with-handler",
-      handler,
-    });
-
-    const actions = getRegisteredHttpActions();
-    const last = actions[actions.length - 1];
-    expect(last.handler).toBe(handler);
-  });
-
-  it("모든 HTTP 메서드 지원 (GET, POST, PUT, DELETE, PATCH)", () => {
-    const methods = ["GET", "POST", "PUT", "DELETE", "PATCH"] as const;
-    const before = getRegisteredHttpActions().length;
-
-    for (const method of methods) {
-      httpAction({
-        method,
-        path: `/test/method-${method.toLowerCase()}`,
-        handler: async () => ({ body: {} }),
-      });
-    }
-
-    const after = getRegisteredHttpActions().length;
-    expect(after).toBe(before + 5);
-
-    const actions = getRegisteredHttpActions();
-    const registered = actions.slice(-5).map((a) => a.method);
-    expect(registered).toEqual(["GET", "POST", "PUT", "DELETE", "PATCH"]);
-  });
-
-  it("getRegisteredHttpActions()는 복사본을 반환한다 (원본 보호)", () => {
-    const a = getRegisteredHttpActions();
-    const b = getRegisteredHttpActions();
-    expect(a).not.toBe(b);
-    expect(a).toEqual(b);
-  });
-
-  it("Hono 경로 패턴 (/api/:id) 지원", () => {
-    httpAction({
-      method: "GET",
-      path: "/api/apps/:id/status",
-      public: true,
-      handler: async () => ({ body: {} }),
-    });
-
-    const actions = getRegisteredHttpActions();
-    const last = actions[actions.length - 1];
-    expect(last.path).toBe("/api/apps/:id/status");
-  });
-});