@heyhru/app-dms-server 0.1.4 → 0.1.5

package/dist/index.js

@@ -1,31 +1,5 @@
-import "./chunk-QGM4M3NI.js";
-
-// src/db/index.ts
-var _db = null;
-var _driver = "sqlite";
-function parseDbDriver(url) {
-  if (url.startsWith("postgres://") || url.startsWith("postgresql://")) return "postgres";
-  return "sqlite";
-}
-async function createDmsDb(url) {
-  if (_db) throw new Error("DmsDb already initialized. Call close() first.");
-  _driver = parseDbDriver(url);
-  if (_driver === "postgres") {
-    const { createPgAdapter } = await import("./pg.adapter-BNI42SHT.js");
-    _db = createPgAdapter(url);
-  } else {
-    const { createSqliteAdapter } = await import("./sqlite.adapter-ARBIRN6Z.js");
-    _db = createSqliteAdapter(url.replace("sqlite://", ""));
-  }
-  return _db;
-}
-function getDb() {
-  if (!_db) throw new Error("DmsDb not initialized. Call createDmsDb() first.");
-  return _db;
-}
-function getDriver() {
-  return _driver;
-}
+// src/index.ts
+import { createSqlite } from "@heyhru/server-util-sqlite";
 
 // src/app.ts
 import Fastify from "fastify";
@@ -111,10 +85,8 @@ import { hashPassword as hashPassword2, verifyPassword } from "@heyhru/server-ut
 // src/users/users.service.ts
 import { hashPassword } from "@heyhru/server-util-crypto";
 
-// src/db/dialect.ts
-function nowExpr() {
-  return getDriver() === "postgres" ? "NOW()" : "datetime('now')";
-}
+// src/users/users.model.ts
+import { getSqlite as getDb } from "@heyhru/server-util-sqlite";
 
 // src/users/users.sql.ts
 var LIST = `
@@ -133,9 +105,9 @@ var CREATE = `
 INSERT INTO users (username, email, password_hash, role)
 VALUES (?, ?, ?, ?)
 RETURNING id, username, email, role, created_at`;
-var UPDATE_PASSWORD = () => `
+var UPDATE_PASSWORD = `
 UPDATE users
-SET password_hash = ?, updated_at = ${nowExpr()}
+SET password_hash = ?, updated_at = datetime('now')
 WHERE id = ?`;
 var DELETE = `
 DELETE FROM users
@@ -143,18 +115,18 @@ WHERE id = ?`;
 
 // src/users/users.model.ts
 function listUsers() {
-  return getDb().query(LIST);
+  return getDb().prepare(LIST).all();
 }
 function getUserById(id) {
-  return getDb().queryOne(FIND_BY_ID, [id]);
+  return getDb().prepare(FIND_BY_ID).get(id);
 }
 function getUserByUsername(username) {
-  return getDb().queryOne(FIND_BY_USERNAME, [username]);
+  return getDb().prepare(FIND_BY_USERNAME).get(username);
 }
 function createUserRow(username, email, hash, role) {
-  return getDb().queryOne(CREATE, [username, email, hash, role]);
+  return getDb().prepare(CREATE).get(username, email, hash, role);
 }
-async function updateUserRow(id, data) {
+function updateUserRow(id, data) {
   const fields = [];
   const values = [];
   if (data.email) {
@@ -166,18 +138,18 @@ async function updateUserRow(id, data) {
     values.push(data.role);
   }
   if (!fields.length) return getUserById(id);
-  fields.push(`updated_at = ${nowExpr()}`);
+  fields.push("updated_at = datetime('now')");
   values.push(id);
-  return getDb().queryOne(
-    `UPDATE users SET ${fields.join(", ")} WHERE id = ? RETURNING id, username, email, role, created_at`,
-    values
-  );
+  const bound = values;
+  return getDb().prepare(
+    `UPDATE users SET ${fields.join(", ")} WHERE id = ? RETURNING id, username, email, role, created_at`
+  ).get(...bound);
 }
 function deleteUser(id) {
-  return getDb().run(DELETE, [id]);
+  return getDb().prepare(DELETE).run(id);
 }
 function updatePasswordHash(id, hash) {
-  return getDb().run(UPDATE_PASSWORD(), [hash, id]);
+  return getDb().prepare(UPDATE_PASSWORD).run(hash, id);
 }
 
 // src/users/users.service.ts
@@ -187,30 +159,30 @@ function getUserByUsername2(username) {
 function updateUserPassword(id, hash) {
   return updatePasswordHash(id, hash);
 }
-async function userList(_req, reply) {
-  return reply.send(await listUsers());
+function userList(_req, reply) {
+  return reply.send(listUsers());
 }
-async function userGet(req, reply) {
+function userGet(req, reply) {
   const { id } = req.body ?? {};
-  const user = await getUserById(id);
+  const user = getUserById(id);
   if (!user) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
   return reply.send(user);
 }
 async function userCreate(req, reply) {
   const body = req.body ?? {};
   const hash = await hashPassword(body.password);
-  const user = await createUserRow(body.username, body.email, hash, body.role);
+  const user = createUserRow(body.username, body.email, hash, body.role);
   return reply.code(201).send(user);
 }
-async function userUpdate(req, reply) {
+function userUpdate(req, reply) {
   const { id, ...rest } = req.body ?? {};
-  const user = await updateUserRow(id, rest);
+  const user = updateUserRow(id, rest);
   if (!user) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
   return reply.send(user);
 }
-async function userDelete(req, reply) {
+function userDelete(req, reply) {
   const { id } = req.body ?? {};
-  await deleteUser(id);
+  deleteUser(id);
   return reply.code(204).send();
 }
 
@@ -220,7 +192,7 @@ async function authLogin(req, reply) {
   if (!username || !password) {
     return reply.code(400).send({ error: "\u7528\u6237\u540D\u548C\u5BC6\u7801\u4E0D\u80FD\u4E3A\u7A7A" });
   }
-  const user = await getUserByUsername2(username);
+  const user = getUserByUsername2(username);
   if (!user || !await verifyPassword(password, user.password_hash)) {
     logger.warn("Login failed for user: %s", username);
     return reply.code(401).send({ error: "\u7528\u6237\u540D\u6216\u5BC6\u7801\u9519\u8BEF" });
@@ -242,12 +214,12 @@ async function authChangePassword(req, reply) {
   if (!currentPassword || !newPassword) {
     return reply.code(400).send({ error: "\u5F53\u524D\u5BC6\u7801\u548C\u65B0\u5BC6\u7801\u4E0D\u80FD\u4E3A\u7A7A" });
   }
-  const user = await getUserByUsername2(req.user.username);
+  const user = getUserByUsername2(req.user.username);
   if (!user || !await verifyPassword(currentPassword, user.password_hash)) {
     return reply.code(400).send({ error: "\u5F53\u524D\u5BC6\u7801\u4E0D\u6B63\u786E" });
   }
   const hash = await hashPassword2(newPassword);
-  await updateUserPassword(user.id, hash);
+  updateUserPassword(user.id, hash);
   logger.info("Password changed for user: %s", req.user.username);
   return reply.send({ ok: true });
 }
@@ -274,13 +246,16 @@ import { encrypt, decrypt } from "@heyhru/server-util-crypto";
 import { createPool as createMysqlPool } from "@heyhru/server-util-mysql";
 import { createPool as createPgPool } from "@heyhru/server-util-pg";
 
+// src/datasources/datasources.model.ts
+import { getSqlite as getDb2 } from "@heyhru/server-util-sqlite";
+
 // src/datasources/datasources.sql.ts
 var LIST2 = `
-SELECT id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at
+SELECT id, name, type, host, port, database, username, pool_min, pool_max, created_by, created_at
 FROM data_sources
 ORDER BY created_at DESC`;
 var FIND_BY_ID2 = `
-SELECT id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at
+SELECT id, name, type, host, port, database, username, pool_min, pool_max, created_by, created_at
 FROM data_sources
 WHERE id = ?`;
 var FIND_WITH_PASSWORD = `
@@ -288,26 +263,26 @@ SELECT *
 FROM data_sources
 WHERE id = ?`;
 var CREATE2 = `
-INSERT INTO data_sources (name, type, host, port, database, username, password_encrypted, ssl, pool_min, pool_max, created_by)
-VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-RETURNING id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at`;
-var UPDATE_FIELDS = ["name", "type", "host", "port", "database", "username", "ssl", "pool_min", "pool_max"];
+INSERT INTO data_sources (name, type, host, port, database, username, password_encrypted, pool_min, pool_max, created_by)
+VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+RETURNING id, name, type, host, port, database, username, pool_min, pool_max, created_by, created_at`;
+var UPDATE_FIELDS = ["name", "type", "host", "port", "database", "username", "pool_min", "pool_max"];
 var DELETE2 = `
 DELETE FROM data_sources
 WHERE id = ?`;
 
 // src/datasources/datasources.model.ts
 function listDataSources() {
-  return getDb().query(LIST2);
+  return getDb2().prepare(LIST2).all();
 }
 function getDataSourceById(id) {
-  return getDb().queryOne(FIND_BY_ID2, [id]);
+  return getDb2().prepare(FIND_BY_ID2).get(id);
 }
 function getDataSourceRow(id) {
-  return getDb().queryOne(FIND_WITH_PASSWORD, [id]);
+  return getDb2().prepare(FIND_WITH_PASSWORD).get(id);
 }
 function insertDataSource(data, encryptedPassword, createdBy) {
-  return getDb().queryOne(CREATE2, [
+  return getDb2().prepare(CREATE2).get(
     data.name,
     data.type,
     data.host,
@@ -315,13 +290,12 @@ function insertDataSource(data, encryptedPassword, createdBy) {
     data.database,
     data.username,
     encryptedPassword,
-    data.ssl,
     data.pool_min,
     data.pool_max,
     createdBy
-  ]);
+  );
 }
-async function updateDataSource(id, data, encryptedPassword) {
+function updateDataSource(id, data, encryptedPassword) {
   const fields = [];
   const values = [];
   for (const key of UPDATE_FIELDS) {
@@ -336,13 +310,13 @@ async function updateDataSource(id, data, encryptedPassword) {
   }
   if (!fields.length) return getDataSourceById(id);
   values.push(id);
-  return getDb().queryOne(
-    `UPDATE data_sources SET ${fields.join(", ")} WHERE id = ? RETURNING id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at`,
-    values
-  );
+  const bound = values;
+  return getDb2().prepare(
+    `UPDATE data_sources SET ${fields.join(", ")} WHERE id = ? RETURNING id, name, type, host, port, database, username, pool_min, pool_max, created_by, created_at`
+  ).get(...bound);
 }
 function removeDataSource(id) {
-  return getDb().run(DELETE2, [id]);
+  return getDb2().prepare(DELETE2).run(id);
 }
 
 // src/datasources/datasources.service.ts
@@ -367,15 +341,14 @@ function getPool(ds) {
     username: ds.username,
     password: ds.password,
     poolMin: ds.pool_min,
-    poolMax: ds.pool_max,
-    ssl: ds.ssl
+    poolMax: ds.pool_max
   });
   pools.set(key, pool);
   logger.info("Connection pool created (ds=%s, db=%s, type=%s)", ds.id, ds.database, ds.type);
   return pool;
 }
-async function getPoolForDatabase(dataSourceId, database) {
-  const ds = await getDataSourceWithPassword(dataSourceId);
+function getPoolForDatabase(dataSourceId, database) {
+  const ds = getDataSourceWithPassword(dataSourceId);
   if (!ds) return null;
   return getPool({ ...ds, database });
 }
@@ -389,8 +362,8 @@ async function destroyPool(id) {
     }
   }
 }
-async function getDataSourceWithPassword(id) {
-  const row = await getDataSourceRow(id);
+function getDataSourceWithPassword(id) {
+  const row = getDataSourceRow(id);
   if (!row) return null;
   return {
     id: row.id,
@@ -400,24 +373,23 @@ async function getDataSourceWithPassword(id) {
     database: row.database ?? null,
     username: row.username,
     password: decrypt(row.password_encrypted, config.encryptionKey),
-    ssl: row.ssl,
     pool_min: row.pool_min,
     pool_max: row.pool_max
   };
 }
-async function datasourceList(_req, reply) {
-  return reply.send(await listDataSources());
+function datasourceList(_req, reply) {
+  return reply.send(listDataSources());
 }
-async function datasourceGet(req, reply) {
+function datasourceGet(req, reply) {
   const { id } = req.body ?? {};
-  const ds = await getDataSourceById(id);
+  const ds = getDataSourceById(id);
   if (!ds) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
   return reply.send(ds);
 }
-async function datasourceCreate(req, reply) {
+function datasourceCreate(req, reply) {
   const body = req.body ?? {};
-  const ds = await insertDataSource(
-    { ...body, ssl: body.ssl ?? false, pool_min: body.pool_min ?? 1, pool_max: body.pool_max ?? 10 },
+  const ds = insertDataSource(
+    { ...body, pool_min: body.pool_min ?? 1, pool_max: body.pool_max ?? 10 },
     encrypt(body.password, config.encryptionKey),
     req.user.id
   );
@@ -425,17 +397,17 @@ async function datasourceCreate(req, reply) {
 }
 async function datasourceUpdate(req, reply) {
   const { id, password, ...rest } = req.body ?? {};
-  const existing = await getDataSourceById(id);
+  const existing = getDataSourceById(id);
   if (!existing) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
   const encryptedPassword = password ? encrypt(password, config.encryptionKey) : void 0;
   await destroyPool(id);
-  const ds = await updateDataSource(id, rest, encryptedPassword);
+  const ds = updateDataSource(id, rest, encryptedPassword);
   return reply.send(ds);
 }
 async function datasourceDelete(req, reply) {
   const { id } = req.body ?? {};
   await destroyPool(id);
-  await removeDataSource(id);
+  removeDataSource(id);
   return reply.code(204).send();
 }
 
@@ -451,6 +423,9 @@ function datasourceController(app) {
 // src/sql/sql.service.ts
 import NodeSqlParser from "node-sql-parser";
 
+// src/audit/audit.model.ts
+import { getSqlite as getDb3 } from "@heyhru/server-util-sqlite";
+
 // src/audit/audit.sql.ts
 var INSERT = `
 INSERT INTO audit_logs (user_id, data_source_id, action, sql_text, result_summary, ip_address)
@@ -463,16 +438,16 @@ WHERE 1=1`;
 
 // src/audit/audit.model.ts
 function insertAuditLog(entry) {
-  return getDb().run(INSERT, [
+  return getDb3().prepare(INSERT).run(
     entry.userId,
     entry.dataSourceId ?? null,
     entry.action,
     entry.sqlText ?? null,
     entry.resultSummary ?? null,
     entry.ipAddress ?? null
-  ]);
+  );
 }
-async function queryAuditLogs(filters) {
+function queryAuditLogs(filters) {
   let query = LIST3;
   const params = [];
   if (filters?.userId) {
@@ -485,7 +460,8 @@ async function queryAuditLogs(filters) {
   }
   query += " ORDER BY al.created_at DESC LIMIT ? OFFSET ?";
   params.push(filters?.limit ?? 50, filters?.offset ?? 0);
-  return getDb().query(query, params);
+  const bound = params;
+  return getDb3().prepare(query).all(...bound);
 }
 
 // src/audit/audit.service.ts
@@ -540,8 +516,8 @@ async function sqlExecute({ dataSourceId, database, sql, userId, ip }) {
   if (category !== "select") {
     throw new Error("\u4EC5\u5141\u8BB8\u76F4\u63A5\u6267\u884C SELECT \u8BED\u53E5");
   }
-  const pool = database ? await getPoolForDatabase(dataSourceId, database) : await (async () => {
-    const ds = await getDataSourceWithPassword(dataSourceId);
+  const pool = database ? getPoolForDatabase(dataSourceId, database) : (() => {
+    const ds = getDataSourceWithPassword(dataSourceId);
     return ds ? getPool(ds) : null;
   })();
   if (!pool) throw new Error("\u6570\u636E\u6E90\u672A\u627E\u5230");
@@ -556,48 +532,46 @@ async function sqlExecute({ dataSourceId, database, sql, userId, ip }) {
   });
   return rows;
 }
-async function postSqlDatabases(req, reply) {
+function postSqlDatabases(req, reply) {
   const { dataSourceId } = req.body ?? {};
   if (!dataSourceId) {
     return reply.code(400).send({ error: "\u6570\u636E\u6E90 ID \u4E0D\u80FD\u4E3A\u7A7A" });
   }
-  const ds = await getDataSourceWithPassword(dataSourceId);
+  const ds = getDataSourceWithPassword(dataSourceId);
   if (!ds) return reply.code(404).send({ error: "\u6570\u636E\u6E90\u672A\u627E\u5230" });
   const pool = getPool({
     ...ds,
     database: ds.database ?? (ds.type === "postgres" ? "postgres" : "")
   });
   const sql = ds.type === "mysql" ? "SHOW DATABASES" : "SELECT datname FROM pg_database WHERE datistemplate = false ORDER BY datname";
-  try {
-    const rows = await pool.execute(sql);
+  return pool.execute(sql).then((rows) => {
     const names = rows.map(
       (r) => Object.values(r)[0]
     );
     return reply.send(names);
-  } catch (err) {
+  }).catch((err) => {
     logger.error(err, "Failed to list databases (ds=%s)", dataSourceId);
     return reply.code(400).send({ error: err instanceof Error ? err.message : String(err) });
-  }
+  });
 }
-async function postSqlTables(req, reply) {
+function postSqlTables(req, reply) {
   const { dataSourceId, database } = req.body ?? {};
   if (!dataSourceId || !database) {
     return reply.code(400).send({ error: "\u6570\u636E\u6E90 ID \u548C\u6570\u636E\u5E93\u540D\u4E0D\u80FD\u4E3A\u7A7A" });
   }
-  const pool = await getPoolForDatabase(dataSourceId, database);
+  const pool = getPoolForDatabase(dataSourceId, database);
   if (!pool) return reply.code(404).send({ error: "\u6570\u636E\u6E90\u672A\u627E\u5230" });
-  const ds = await getDataSourceWithPassword(dataSourceId);
+  const ds = getDataSourceWithPassword(dataSourceId);
   const sql = ds.type === "mysql" ? `SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA = '${database}' ORDER BY TABLE_NAME` : "SELECT tablename FROM pg_tables WHERE schemaname = 'public' ORDER BY tablename";
-  try {
-    const rows = await pool.execute(sql);
+  return pool.execute(sql).then((rows) => {
     const names = rows.map(
       (r) => Object.values(r)[0]
     );
     return reply.send(names);
-  } catch (err) {
+  }).catch((err) => {
     logger.error(err, "Failed to list tables (ds=%s, db=%s)", dataSourceId, database);
     return reply.code(400).send({ error: err instanceof Error ? err.message : String(err) });
-  }
+  });
 }
 
 // src/sql/sql.controller.ts
@@ -608,6 +582,9 @@ function sqlController(app) {
   app.post("/sql/tables", postSqlTables);
 }
 
+// src/approvals/approvals.model.ts
+import { getSqlite as getDb4 } from "@heyhru/server-util-sqlite";
+
 // src/approvals/approvals.sql.ts
 var FIND_BY_ID3 = `
 SELECT *
@@ -617,22 +594,22 @@ var CREATE3 = `
 INSERT INTO approvals (data_source_id, sql_text, submitted_by)
 VALUES (?, ?, ?)
 RETURNING *`;
-var UPDATE_REVIEW = () => `
+var UPDATE_REVIEW = `
 UPDATE approvals
-SET status = ?, reviewed_by = ?, reject_reason = ?, updated_at = ${nowExpr()}
+SET status = ?, reviewed_by = ?, reject_reason = ?, updated_at = datetime('now')
 WHERE id = ?
 RETURNING *`;
-var UPDATE_EXECUTING = () => `
+var UPDATE_EXECUTING = `
 UPDATE approvals
-SET status = 'executing', updated_at = ${nowExpr()}
+SET status = 'executing', updated_at = datetime('now')
 WHERE id = ?`;
-var UPDATE_RESULT = () => `
+var UPDATE_RESULT = `
 UPDATE approvals
-SET status = ?, execute_result = ?, updated_at = ${nowExpr()}
+SET status = ?, execute_result = ?, updated_at = datetime('now')
 WHERE id = ?`;
 
 // src/approvals/approvals.model.ts
-async function listApprovals(filters) {
+function listApprovals(filters) {
   let query = "SELECT * FROM approvals WHERE 1=1";
   const params = [];
   if (filters?.status) {
@@ -644,51 +621,52 @@ async function listApprovals(filters) {
     params.push(filters.submittedBy);
   }
   query += " ORDER BY created_at DESC";
-  return getDb().query(query, params);
+  const bound = params;
+  return getDb4().prepare(query).all(...bound);
 }
 function getApprovalById(id) {
-  return getDb().queryOne(FIND_BY_ID3, [id]);
+  return getDb4().prepare(FIND_BY_ID3).get(id);
 }
 function insertApproval(dataSourceId, sqlText, submittedBy) {
-  return getDb().queryOne(CREATE3, [dataSourceId, sqlText, submittedBy]);
+  return getDb4().prepare(CREATE3).get(dataSourceId, sqlText, submittedBy);
 }
 function updateReview(id, status, reviewedBy, rejectReason) {
-  return getDb().queryOne(UPDATE_REVIEW(), [status, reviewedBy, rejectReason, id]);
+  return getDb4().prepare(UPDATE_REVIEW).get(status, reviewedBy, rejectReason, id);
 }
 function setExecuting(id) {
-  return getDb().run(UPDATE_EXECUTING(), [id]);
+  return getDb4().prepare(UPDATE_EXECUTING).run(id);
 }
 function setExecuteResult(id, status, result) {
-  return getDb().run(UPDATE_RESULT(), [status, result, id]);
+  return getDb4().prepare(UPDATE_RESULT).run(status, result, id);
 }
 
 // src/approvals/approvals.service.ts
-async function approvalList(req, reply) {
+function approvalList(req, reply) {
   const { status, mine } = req.body ?? {};
   return reply.send(
-    await listApprovals({
+    listApprovals({
       status,
       submittedBy: mine === "true" ? req.user.id : void 0
     })
   );
 }
-async function approvalGet(req, reply) {
+function approvalGet(req, reply) {
   const { id } = req.body ?? {};
-  const approval = await getApprovalById(id);
+  const approval = getApprovalById(id);
   if (!approval) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
   return reply.send(approval);
 }
-async function approvalCreate(req, reply) {
+function approvalCreate(req, reply) {
   const { dataSourceId, sql } = req.body ?? {};
   if (!dataSourceId || !sql) {
     return reply.code(400).send({ error: "\u6570\u636E\u6E90 ID \u548C SQL \u4E0D\u80FD\u4E3A\u7A7A" });
   }
-  const approval = await insertApproval(dataSourceId, sql, req.user.id);
+  const approval = insertApproval(dataSourceId, sql, req.user.id);
   logger.info("Approval submitted (user=%s)", req.user.id);
   return reply.code(201).send(approval);
 }
-async function reviewApproval(id, reviewerId, decision, rejectReason) {
-  const approval = await getApprovalById(id);
+function reviewApproval(id, reviewerId, decision, rejectReason) {
+  const approval = getApprovalById(id);
   if (!approval || approval["status"] !== "pending") {
     throw new Error("\u5BA1\u6279\u8BB0\u5F55\u4E0D\u5B58\u5728\u6216\u4E0D\u5728\u5F85\u5BA1\u6279\u72B6\u6001");
   }
@@ -697,10 +675,10 @@ async function reviewApproval(id, reviewerId, decision, rejectReason) {
   }
   return updateReview(id, decision, reviewerId, rejectReason ?? null);
 }
-async function approvalApprove(req, reply) {
+function approvalApprove(req, reply) {
   const { id } = req.body ?? {};
   try {
-    const result = await reviewApproval(id, req.user.id, "approved");
+    const result = reviewApproval(id, req.user.id, "approved");
     logger.info("Approval approved (id=%s, reviewer=%s)", id, req.user.id);
     return reply.send(result);
   } catch (err) {
@@ -708,10 +686,10 @@ async function approvalApprove(req, reply) {
     return reply.code(400).send({ error: err instanceof Error ? err.message : String(err) });
   }
 }
-async function approvalReject(req, reply) {
+function approvalReject(req, reply) {
   const { id, reason } = req.body ?? {};
   try {
-    const result = await reviewApproval(id, req.user.id, "rejected", reason);
+    const result = reviewApproval(id, req.user.id, "rejected", reason);
     logger.info("Approval rejected (id=%s, reviewer=%s)", id, req.user.id);
     return reply.send(result);
   } catch (err) {
@@ -731,18 +709,18 @@ async function approvalExecute(req, reply) {
   }
 }
 async function doExecuteApproval(id, userId, ip) {
-  const approval = await getApprovalById(id);
+  const approval = getApprovalById(id);
   if (!approval || approval["status"] !== "approved") {
     throw new Error("\u5BA1\u6279\u8BB0\u5F55\u4E0D\u5B58\u5728\u6216\u672A\u901A\u8FC7\u5BA1\u6279");
   }
-  await setExecuting(id);
+  setExecuting(id);
   try {
-    const ds = await getDataSourceWithPassword(approval["data_source_id"]);
+    const ds = getDataSourceWithPassword(approval["data_source_id"]);
     if (!ds) throw new Error("\u6570\u636E\u6E90\u672A\u627E\u5230");
     const pool = getPool(ds);
     const rows = await pool.execute(approval["sql_text"]);
     const result = `${rows.length} rows affected`;
-    await setExecuteResult(id, "executed", result);
+    setExecuteResult(id, "executed", result);
     logger.info("Approval executed (id=%s, user=%s)", id, userId);
     await writeAuditLog({
       userId,
@@ -755,7 +733,7 @@ async function doExecuteApproval(id, userId, ip) {
     return getApprovalById(id);
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
-    await setExecuteResult(id, "execute_failed", message);
+    setExecuteResult(id, "execute_failed", message);
     logger.error(err, "Approval execute_failed (id=%s)", id);
     throw err;
   }
@@ -796,39 +774,38 @@ async function buildApp() {
   return app;
 }
 
+// src/migrate/runner.ts
+import { getSqlite as getDb5 } from "@heyhru/server-util-sqlite";
+
 // src/migrate/migrations.ts
-var idCol = (driver) => driver === "postgres" ? "id UUID PRIMARY KEY DEFAULT gen_random_uuid()" : "id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16))))";
-var tsCol = (name, driver) => driver === "postgres" ? `${name} TIMESTAMPTZ NOT NULL DEFAULT NOW()` : `${name} TEXT NOT NULL DEFAULT (datetime('now'))`;
-var fkNotNull = (name, ref, driver) => driver === "postgres" ? `${name} UUID NOT NULL REFERENCES ${ref}(id)` : `${name} TEXT NOT NULL REFERENCES ${ref}(id)`;
-var fkNullable = (name, ref, driver) => driver === "postgres" ? `${name} UUID REFERENCES ${ref}(id)` : `${name} TEXT REFERENCES ${ref}(id)`;
 var migrations = [
   {
     name: "001_users.sql",
-    sql: (d) => `
+    sql: `
 CREATE TABLE IF NOT EXISTS users (
-  ${idCol(d)},
+  id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
   username TEXT NOT NULL UNIQUE,
   email TEXT NOT NULL UNIQUE,
   password_hash TEXT NOT NULL,
   role TEXT NOT NULL CHECK (role IN ('admin', 'maintainer', 'developer', 'viewer')),
-  ${tsCol("created_at", d)},
-  ${tsCol("updated_at", d)}
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
 );
 
-INSERT ${d === "postgres" ? "" : "OR IGNORE "}INTO users (id, username, email, password_hash, role)
+INSERT OR IGNORE INTO users (id, username, email, password_hash, role)
 VALUES (
   'admin-seed-id-0000000000000000',
   'admin',
   'admin@example.com',
   '178c20236d9629bffcb301f57d1b8383:40c49d6500a8f322754ac0cd2d5c9dea019a4c14feef60e436d767cc2dd44bc1eeee7ef16f1bd768260aeec4025e06c479c4c367537899002ec89962382a3104',
   'admin'
-)${d === "postgres" ? " ON CONFLICT (id) DO NOTHING" : ""};`
+);`
   },
   {
     name: "002_data_sources.sql",
-    sql: (d) => `
+    sql: `
 CREATE TABLE IF NOT EXISTS data_sources (
-  ${idCol(d)},
+  id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
   name TEXT NOT NULL UNIQUE,
   type TEXT NOT NULL CHECK (type IN ('mysql', 'postgres')),
   host TEXT NOT NULL,
@@ -836,84 +813,77 @@ CREATE TABLE IF NOT EXISTS data_sources (
   database TEXT,
   username TEXT NOT NULL,
   password_encrypted TEXT NOT NULL,
-  ssl BOOLEAN NOT NULL DEFAULT FALSE,
   pool_min INTEGER NOT NULL DEFAULT 1,
   pool_max INTEGER NOT NULL DEFAULT 10,
-  ${fkNotNull("created_by", "users", d)},
-  ${tsCol("created_at", d)},
-  ${tsCol("updated_at", d)}
+  created_by TEXT NOT NULL REFERENCES users(id),
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
 );`
   },
   {
     name: "003_audit_logs.sql",
-    sql: (d) => `
+    sql: `
 CREATE TABLE IF NOT EXISTS audit_logs (
-  ${idCol(d)},
-  ${fkNotNull("user_id", "users", d)},
-  ${fkNullable("data_source_id", "data_sources", d)},
+  id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
+  user_id TEXT NOT NULL REFERENCES users(id),
+  data_source_id TEXT REFERENCES data_sources(id),
   action TEXT NOT NULL,
   sql_text TEXT,
   result_summary TEXT,
   ip_address TEXT,
-  ${tsCol("created_at", d)}
+  created_at TEXT NOT NULL DEFAULT (datetime('now'))
 );
 
 CREATE INDEX IF NOT EXISTS idx_audit_logs_user_id ON audit_logs(user_id);
-CREATE INDEX IF NOT EXISTS idx_audit_logs_data_source_id ON audit_logs(data_source_id);
 CREATE INDEX IF NOT EXISTS idx_audit_logs_created_at ON audit_logs(created_at);`
   },
   {
     name: "004_approvals.sql",
-    sql: (d) => `
+    sql: `
 CREATE TABLE IF NOT EXISTS approvals (
-  ${idCol(d)},
-  ${fkNotNull("data_source_id", "data_sources", d)},
-  ${fkNotNull("submitted_by", "users", d)},
-  ${fkNullable("reviewed_by", "users", d)},
+  id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
+  data_source_id TEXT NOT NULL REFERENCES data_sources(id),
+  submitted_by TEXT NOT NULL REFERENCES users(id),
+  reviewed_by TEXT REFERENCES users(id),
   sql_text TEXT NOT NULL,
   status TEXT NOT NULL DEFAULT 'pending'
     CHECK (status IN ('pending', 'approved', 'rejected', 'executing', 'executed', 'execute_failed')),
   reject_reason TEXT,
   execute_result TEXT,
-  ${tsCol("created_at", d)},
-  ${tsCol("updated_at", d)}
+  created_at TEXT NOT NULL DEFAULT (datetime('now')),
+  updated_at TEXT NOT NULL DEFAULT (datetime('now'))
 );
 
 CREATE INDEX IF NOT EXISTS idx_approvals_status ON approvals(status);
 CREATE INDEX IF NOT EXISTS idx_approvals_submitted_by ON approvals(submitted_by);`
-  },
-  {
-    name: "005_data_sources_add_ssl.sql",
-    sql: () => `
-ALTER TABLE data_sources ADD COLUMN ssl BOOLEAN NOT NULL DEFAULT FALSE;`
   }
 ];
 
 // src/migrate/runner.ts
-async function runMigrations() {
-  const db = getDb();
-  const driver = getDriver();
-  const createMigrationTable = driver === "postgres" ? `CREATE TABLE IF NOT EXISTS _migrations (
-           name TEXT PRIMARY KEY,
-           applied_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
-         )` : `CREATE TABLE IF NOT EXISTS _migrations (
-           name TEXT PRIMARY KEY,
-           applied_at TEXT NOT NULL DEFAULT (datetime('now'))
-         )`;
-  await db.exec(createMigrationTable);
-  const rows = await db.query("SELECT name FROM _migrations");
-  const applied = new Set(rows.map((r) => r.name));
+function runMigrations() {
+  const db = getDb5();
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS _migrations (
+      name TEXT PRIMARY KEY,
+      applied_at TEXT NOT NULL DEFAULT (datetime('now'))
+    )
+  `);
+  const applied = new Set(
+    db.prepare("SELECT name FROM _migrations").all().map((r) => r.name)
+  );
   for (const migration of migrations) {
     if (applied.has(migration.name)) continue;
-    await db.exec(migration.sql(driver));
-    await db.run("INSERT INTO _migrations (name) VALUES (?)", [migration.name]);
+    db.exec(migration.sql);
+    db.prepare("INSERT INTO _migrations (name) VALUES (?)").run(
+      migration.name
+    );
     logger.info("Migration applied: %s", migration.name);
   }
 }
 
 // src/index.ts
 async function main() {
-  await createDmsDb(config.dbUrl);
+  createSqlite({ path: config.dbUrl.replace("sqlite://", "") });
   await runMigrations();
   const app = await buildApp();
   await app.listen({ port: config.port, host: "0.0.0.0" });