@heyhru/app-dms-server 0.3.7 → 0.4.1

package/dist/index.js

@@ -66,7 +66,12 @@ var PERMISSIONS = {
   "POST /approvals/reject": { auth: true, roles: ["admin", "maintainer"] },
   "POST /approvals/execute": { auth: true, roles: ["admin", "maintainer"] },
   // Audit
-  "POST /logs/list": { auth: true, roles: ["admin", "maintainer"] }
+  "POST /logs/list": { auth: true, roles: ["admin", "maintainer"] },
+  // Saved SQLs
+  "POST /saved-sqls/list": { auth: true },
+  "POST /saved-sqls/create": { auth: true },
+  "POST /saved-sqls/update": { auth: true },
+  "POST /saved-sqls/delete": { auth: true }
 };
 async function authHook(req, reply) {
   const key = `${req.method} ${req.routeOptions.url}`;
@@ -145,177 +150,15 @@ function userController(app) {
 }
 
 // src/datasources/datasources.service.ts
-import { encrypt, decrypt } from "@heyhru/server-util-crypto";
-import { createPool as createMysqlPool } from "@heyhru/server-plugin-mysql";
-import { createPool as createPgPool } from "@heyhru/server-plugin-pg";
-
-// src/datasources/datasources.model.ts
-import { getPgDb } from "@heyhru/server-plugin-pg";
-
-// src/datasources/datasources.sql.ts
-var LIST = `
-SELECT id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at
-FROM data_sources
-ORDER BY created_at DESC`;
-var FIND_BY_ID = `
-SELECT id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at
-FROM data_sources
-WHERE id = ?`;
-var FIND_WITH_PASSWORD = `
-SELECT *
-FROM data_sources
-WHERE id = ?`;
-var CREATE = `
-INSERT INTO data_sources (name, type, host, port, database, username, password_encrypted, ssl, pool_min, pool_max, created_by)
-VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-RETURNING id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at`;
-var UPDATE_FIELDS = ["name", "type", "host", "port", "database", "username", "ssl", "pool_min", "pool_max"];
-var DELETE = `
-DELETE FROM data_sources
-WHERE id = ?`;
-
-// src/datasources/datasources.model.ts
-function listDataSources() {
-  return getPgDb().query(LIST);
-}
-function getDataSourceById(id) {
-  return getPgDb().queryOne(FIND_BY_ID, [id]);
-}
-function getDataSourceRow(id) {
-  return getPgDb().queryOne(FIND_WITH_PASSWORD, [id]);
-}
-function insertDataSource(data, encryptedPassword, createdBy) {
-  return getPgDb().queryOne(CREATE, [
-    data.name,
-    data.type,
-    data.host,
-    data.port,
-    data.database,
-    data.username,
-    encryptedPassword,
-    data.ssl,
-    data.pool_min,
-    data.pool_max,
-    createdBy
-  ]);
-}
-async function updateDataSource(id, data, encryptedPassword) {
-  const fields = [];
-  const values = [];
-  for (const key of UPDATE_FIELDS) {
-    if (data[key] !== void 0) {
-      fields.push(`${key} = ?`);
-      values.push(data[key]);
-    }
-  }
-  if (encryptedPassword) {
-    fields.push("password_encrypted = ?");
-    values.push(encryptedPassword);
-  }
-  if (!fields.length) return getDataSourceById(id);
-  values.push(id);
-  return getPgDb().queryOne(
-    `UPDATE data_sources SET ${fields.join(", ")} WHERE id = ? RETURNING id, name, type, host, port, database, username, ssl, pool_min, pool_max, created_by, created_at`,
-    values
-  );
-}
-function removeDataSource(id) {
-  return getPgDb().run(DELETE, [id]);
-}
-
-// src/datasources/datasources.service.ts
-var pools = /* @__PURE__ */ new Map();
-function poolKey(id, database) {
-  return database ? `${id}:${database}` : id;
-}
-function getPool(ds) {
-  const key = poolKey(ds.id, ds.database);
-  if (pools.has(key)) return pools.get(key);
-  const pool = ds.type === "mysql" ? createMysqlPool({
-    host: ds.host,
-    port: ds.port,
-    database: ds.database,
-    username: ds.username,
-    password: ds.password,
-    poolMax: ds.pool_max
-  }) : createPgPool({
-    host: ds.host,
-    port: ds.port,
-    database: ds.database,
-    username: ds.username,
-    password: ds.password,
-    poolMin: ds.pool_min,
-    poolMax: ds.pool_max,
-    ssl: ds.ssl
-  });
-  pools.set(key, pool);
-  logger.info("Connection pool created (ds=%s, db=%s, type=%s)", ds.id, ds.database, ds.type);
-  return pool;
-}
-async function getPoolForDatabase(dataSourceId, database) {
-  const ds = await getDataSourceWithPassword(dataSourceId);
-  if (!ds) return null;
-  return getPool({ ...ds, database });
-}
-async function destroyPool(id) {
-  const prefix = `${id}:`;
-  for (const [key, pool] of pools) {
-    if (key === id || key.startsWith(prefix)) {
-      await pool.end();
-      pools.delete(key);
-      logger.info("Connection pool destroyed (key=%s)", key);
-    }
-  }
-}
-async function getDataSourceWithPassword(id) {
-  const row = await getDataSourceRow(id);
-  if (!row) return null;
-  return {
-    id: row.id,
-    type: row.type,
-    host: row.host,
-    port: row.port,
-    database: row.database ?? null,
-    username: row.username,
-    password: decrypt(row.password_encrypted, config.encryptionKey),
-    ssl: row.ssl,
-    pool_min: row.pool_min,
-    pool_max: row.pool_max
-  };
-}
-async function datasourceList(_req, reply) {
-  return reply.send(await listDataSources());
-}
-async function datasourceGet(req, reply) {
-  const { id } = req.body ?? {};
-  const ds = await getDataSourceById(id);
-  if (!ds) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
-  return reply.send(ds);
-}
-async function datasourceCreate(req, reply) {
-  const body = req.body ?? {};
-  const ds = await insertDataSource(
-    { ...body, ssl: body.ssl ?? false, pool_min: body.pool_min ?? 1, pool_max: body.pool_max ?? 10 },
-    encrypt(body.password, config.encryptionKey),
-    req.user.id
-  );
-  return reply.code(201).send(ds);
-}
-async function datasourceUpdate(req, reply) {
-  const { id, password, ...rest } = req.body ?? {};
-  const existing = await getDataSourceById(id);
-  if (!existing) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
-  const encryptedPassword = password ? encrypt(password, config.encryptionKey) : void 0;
-  await destroyPool(id);
-  const ds = await updateDataSource(id, rest, encryptedPassword);
-  return reply.send(ds);
-}
-async function datasourceDelete(req, reply) {
-  const { id } = req.body ?? {};
-  await destroyPool(id);
-  await removeDataSource(id);
-  return reply.code(204).send();
-}
+import {
+  datasourceList,
+  datasourceGet,
+  datasourceCreate as _datasourceCreate,
+  datasourceUpdate as _datasourceUpdate,
+  datasourceDelete
+} from "@heyhru/business-dms-datasource";
+var datasourceCreate = _datasourceCreate(config.encryptionKey);
+var datasourceUpdate = _datasourceUpdate(config.encryptionKey);
 
 // src/datasources/datasources.controller.ts
 function datasourceController(app) {
@@ -328,64 +171,12 @@ function datasourceController(app) {
 
 // src/sql/sql.service.ts
 import NodeSqlParser from "node-sql-parser";
-
-// src/audit/audit.model.ts
-import { getPgDb as getPgDb2 } from "@heyhru/server-plugin-pg";
-
-// src/audit/audit.sql.ts
-var INSERT = `
-INSERT INTO audit_logs (user_id, data_source_id, action, sql_text, result_summary, ip_address)
-VALUES (?, ?, ?, ?, ?, ?)`;
-var LIST2 = `
-SELECT al.*, u.username
-FROM audit_logs al
-LEFT JOIN users u ON al.user_id = u.id
-WHERE 1=1`;
-
-// src/audit/audit.model.ts
-function insertAuditLog(entry) {
-  return getPgDb2().run(INSERT, [
-    entry.userId,
-    entry.dataSourceId ?? null,
-    entry.action,
-    entry.sqlText ?? null,
-    entry.resultSummary ?? null,
-    entry.ipAddress ?? null
-  ]);
-}
-async function queryAuditLogs(filters) {
-  let query = LIST2;
-  const params = [];
-  if (filters?.userId) {
-    query += " AND al.user_id = ?";
-    params.push(filters.userId);
-  }
-  if (filters?.dataSourceId) {
-    query += " AND al.data_source_id = ?";
-    params.push(filters.dataSourceId);
-  }
-  query += " ORDER BY al.created_at DESC LIMIT ? OFFSET ?";
-  params.push(filters?.limit ?? 50, filters?.offset ?? 0);
-  return getPgDb2().query(query, params);
-}
-
-// src/audit/audit.service.ts
-function writeAuditLog(entry) {
-  return insertAuditLog(entry);
-}
-async function logList(req, reply) {
-  const { userId, dataSourceId, limit, offset } = req.body ?? {};
-  return reply.send(
-    await queryAuditLogs({
-      userId,
-      dataSourceId,
-      limit: limit ? Number(limit) : void 0,
-      offset: offset ? Number(offset) : void 0
-    })
-  );
-}
-
-// src/sql/sql.service.ts
+import {
+  getDataSourceWithPassword,
+  getPool,
+  getPoolForDatabase
+} from "@heyhru/business-dms-datasource";
+import { writeAuditLog } from "@heyhru/business-dms-audit";
 var parser = new NodeSqlParser.Parser();
 function sqlParse(sql) {
   try {
@@ -421,8 +212,8 @@ async function sqlExecute({ dataSourceId, database, sql, userId, ip }) {
   if (category !== "select") {
     throw new Error("\u4EC5\u5141\u8BB8\u76F4\u63A5\u6267\u884C SELECT \u8BED\u53E5");
   }
-  const pool = database ? await getPoolForDatabase(dataSourceId, database) : await (async () => {
-    const ds = await getDataSourceWithPassword(dataSourceId);
+  const pool = database ? await getPoolForDatabase(dataSourceId, database, config.encryptionKey) : await (async () => {
+    const ds = await getDataSourceWithPassword(dataSourceId, config.encryptionKey);
     return ds ? getPool(ds) : null;
   })();
   if (!pool) throw new Error("\u6570\u636E\u6E90\u672A\u627E\u5230");
@@ -442,7 +233,7 @@ async function postSqlDatabases(req, reply) {
   if (!dataSourceId) {
     return reply.code(400).send({ error: "\u6570\u636E\u6E90 ID \u4E0D\u80FD\u4E3A\u7A7A" });
   }
-  const ds = await getDataSourceWithPassword(dataSourceId);
+  const ds = await getDataSourceWithPassword(dataSourceId, config.encryptionKey);
   if (!ds) return reply.code(404).send({ error: "\u6570\u636E\u6E90\u672A\u627E\u5230" });
   const pool = getPool({
     ...ds,
@@ -465,9 +256,9 @@ async function postSqlTables(req, reply) {
   if (!dataSourceId || !database) {
     return reply.code(400).send({ error: "\u6570\u636E\u6E90 ID \u548C\u6570\u636E\u5E93\u540D\u4E0D\u80FD\u4E3A\u7A7A" });
   }
-  const pool = await getPoolForDatabase(dataSourceId, database);
+  const pool = await getPoolForDatabase(dataSourceId, database, config.encryptionKey);
   if (!pool) return reply.code(404).send({ error: "\u6570\u636E\u6E90\u672A\u627E\u5230" });
-  const ds = await getDataSourceWithPassword(dataSourceId);
+  const ds = await getDataSourceWithPassword(dataSourceId, config.encryptionKey);
   const sql = ds.type === "mysql" ? `SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA = '${database}' ORDER BY TABLE_NAME` : "SELECT tablename FROM pg_tables WHERE schemaname = 'public' ORDER BY tablename";
   try {
     const rows = await pool.execute(sql);
@@ -489,161 +280,16 @@ function sqlController(app) {
   app.post("/sql/tables", postSqlTables);
 }
 
-// src/approvals/approvals.model.ts
-import { getPgDb as getPgDb3 } from "@heyhru/server-plugin-pg";
-
-// src/approvals/approvals.sql.ts
-var FIND_BY_ID2 = `
-SELECT *
-FROM approvals
-WHERE id = ?`;
-var CREATE2 = `
-INSERT INTO approvals (data_source_id, sql_text, submitted_by)
-VALUES (?, ?, ?)
-RETURNING *`;
-var UPDATE_REVIEW = () => `
-UPDATE approvals
-SET status = ?, reviewed_by = ?, reject_reason = ?, updated_at = NOW()
-WHERE id = ?
-RETURNING *`;
-var UPDATE_EXECUTING = () => `
-UPDATE approvals
-SET status = 'executing', updated_at = NOW()
-WHERE id = ?`;
-var UPDATE_RESULT = () => `
-UPDATE approvals
-SET status = ?, execute_result = ?, updated_at = NOW()
-WHERE id = ?`;
-
-// src/approvals/approvals.model.ts
-async function listApprovals(filters) {
-  let query = "SELECT * FROM approvals WHERE 1=1";
-  const params = [];
-  if (filters?.status) {
-    query += " AND status = ?";
-    params.push(filters.status);
-  }
-  if (filters?.submittedBy) {
-    query += " AND submitted_by = ?";
-    params.push(filters.submittedBy);
-  }
-  query += " ORDER BY created_at DESC";
-  return getPgDb3().query(query, params);
-}
-function getApprovalById(id) {
-  return getPgDb3().queryOne(FIND_BY_ID2, [id]);
-}
-function insertApproval(dataSourceId, sqlText, submittedBy) {
-  return getPgDb3().queryOne(CREATE2, [dataSourceId, sqlText, submittedBy]);
-}
-function updateReview(id, status, reviewedBy, rejectReason) {
-  return getPgDb3().queryOne(UPDATE_REVIEW(), [status, reviewedBy, rejectReason, id]);
-}
-function setExecuting(id) {
-  return getPgDb3().run(UPDATE_EXECUTING(), [id]);
-}
-function setExecuteResult(id, status, result) {
-  return getPgDb3().run(UPDATE_RESULT(), [status, result, id]);
-}
-
 // src/approvals/approvals.service.ts
-async function approvalList(req, reply) {
-  const { status, mine } = req.body ?? {};
-  return reply.send(
-    await listApprovals({
-      status,
-      submittedBy: mine === "true" ? req.user.id : void 0
-    })
-  );
-}
-async function approvalGet(req, reply) {
-  const { id } = req.body ?? {};
-  const approval = await getApprovalById(id);
-  if (!approval) return reply.code(404).send({ error: "\u672A\u627E\u5230" });
-  return reply.send(approval);
-}
-async function approvalCreate(req, reply) {
-  const { dataSourceId, sql } = req.body ?? {};
-  if (!dataSourceId || !sql) {
-    return reply.code(400).send({ error: "\u6570\u636E\u6E90 ID \u548C SQL \u4E0D\u80FD\u4E3A\u7A7A" });
-  }
-  const approval = await insertApproval(dataSourceId, sql, req.user.id);
-  req.log.info("Approval submitted (user=%s)", req.user.id);
-  return reply.code(201).send(approval);
-}
-async function reviewApproval(id, reviewerId, decision, rejectReason) {
-  const approval = await getApprovalById(id);
-  if (!approval || approval["status"] !== "pending") {
-    throw new Error("\u5BA1\u6279\u8BB0\u5F55\u4E0D\u5B58\u5728\u6216\u4E0D\u5728\u5F85\u5BA1\u6279\u72B6\u6001");
-  }
-  if (approval["submitted_by"] === reviewerId) {
-    throw new Error("\u4E0D\u80FD\u5BA1\u6279\u81EA\u5DF1\u63D0\u4EA4\u7684\u8BF7\u6C42");
-  }
-  return updateReview(id, decision, reviewerId, rejectReason ?? null);
-}
-async function approvalApprove(req, reply) {
-  const { id } = req.body ?? {};
-  try {
-    const result = await reviewApproval(id, req.user.id, "approved");
-    req.log.info("Approval approved (id=%s, reviewer=%s)", id, req.user.id);
-    return reply.send(result);
-  } catch (err) {
-    req.log.warn(err, "Approve failed (id=%s, reviewer=%s)", id, req.user.id);
-    return reply.code(400).send({ error: err instanceof Error ? err.message : String(err) });
-  }
-}
-async function approvalReject(req, reply) {
-  const { id, reason } = req.body ?? {};
-  try {
-    const result = await reviewApproval(id, req.user.id, "rejected", reason);
-    req.log.info("Approval rejected (id=%s, reviewer=%s)", id, req.user.id);
-    return reply.send(result);
-  } catch (err) {
-    req.log.warn(err, "Reject failed (id=%s, reviewer=%s)", id, req.user.id);
-    return reply.code(400).send({ error: err instanceof Error ? err.message : String(err) });
-  }
-}
-async function approvalExecute(req, reply) {
-  const { id } = req.body ?? {};
-  const ip = req.headers["x-forwarded-for"] ?? req.headers["x-real-ip"] ?? "unknown";
-  try {
-    const result = await doExecuteApproval(id, req.user.id, ip, req.log);
-    return reply.send(result);
-  } catch (err) {
-    req.log.error(err, "Execute approval failed (id=%s, user=%s)", id, req.user.id);
-    return reply.code(400).send({ error: err instanceof Error ? err.message : String(err) });
-  }
-}
-async function doExecuteApproval(id, userId, ip, log) {
-  const approval = await getApprovalById(id);
-  if (!approval || !["approved", "execute_failed"].includes(approval["status"])) {
-    throw new Error("\u5BA1\u6279\u8BB0\u5F55\u4E0D\u5B58\u5728\u6216\u672A\u901A\u8FC7\u5BA1\u6279");
-  }
-  await setExecuting(id);
-  try {
-    const ds = await getDataSourceWithPassword(approval["data_source_id"]);
-    if (!ds) throw new Error("\u6570\u636E\u6E90\u672A\u627E\u5230");
-    const pool = getPool(ds);
-    const rows = await pool.execute(approval["sql_text"]);
-    const result = `${rows.length} rows affected`;
-    await setExecuteResult(id, "executed", result);
-    log.info("Approval executed (id=%s, user=%s)", id, userId);
-    await writeAuditLog({
-      userId,
-      dataSourceId: approval["data_source_id"],
-      action: "DML_EXECUTE",
-      sqlText: approval["sql_text"],
-      resultSummary: result,
-      ipAddress: ip
-    });
-    return getApprovalById(id);
-  } catch (err) {
-    const message = err instanceof Error ? err.message : String(err);
-    await setExecuteResult(id, "execute_failed", message);
-    log.error(err, "Approval execute_failed (id=%s)", id);
-    throw err;
-  }
-}
+import {
+  approvalList,
+  approvalGet,
+  approvalCreate,
+  approvalApprove,
+  approvalReject,
+  approvalExecute as _approvalExecute
+} from "@heyhru/business-dms-approval";
+var approvalExecute = _approvalExecute(config.encryptionKey);
 
 // src/approvals/approvals.controller.ts
 function approvalController(app) {
@@ -656,10 +302,25 @@ function approvalController(app) {
 }
 
 // src/audit/audit.controller.ts
+import { logList } from "@heyhru/business-dms-audit";
 function auditController(app) {
   app.post("/logs/list", logList);
 }
 
+// src/saved-sqls/saved-sqls.controller.ts
+import {
+  savedSqlList,
+  savedSqlCreate,
+  savedSqlUpdate,
+  savedSqlDelete
+} from "@heyhru/business-dms-saved-sql";
+function savedSqlController(app) {
+  app.post("/saved-sqls/list", savedSqlList);
+  app.post("/saved-sqls/create", savedSqlCreate);
+  app.post("/saved-sqls/update", savedSqlUpdate);
+  app.post("/saved-sqls/delete", savedSqlDelete);
+}
+
 // src/app.ts
 async function buildApp() {
   const app = Fastify({ loggerInstance: logger });
@@ -677,11 +338,12 @@ async function buildApp() {
   sqlController(app);
   approvalController(app);
   auditController(app);
+  savedSqlController(app);
   return app;
 }
 
 // src/migrate/runner.ts
-import { getPgDb as getPgDb4 } from "@heyhru/server-plugin-pg";
+import { getPgDb } from "@heyhru/server-plugin-pg";
 
 // src/migrate/migrations.ts
 var migrations = [
@@ -768,12 +430,28 @@ CREATE INDEX IF NOT EXISTS idx_approvals_submitted_by ON approvals(submitted_by)
   {
     name: "005_data_sources_add_ssl.sql",
     sql: () => `ALTER TABLE data_sources ADD COLUMN IF NOT EXISTS ssl BOOLEAN NOT NULL DEFAULT FALSE;`
+  },
+  {
+    name: "006_saved_sqls.sql",
+    sql: () => `
+CREATE TABLE IF NOT EXISTS saved_sqls (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+  name TEXT NOT NULL,
+  sql_text TEXT NOT NULL,
+  data_source_id UUID REFERENCES data_sources(id) ON DELETE SET NULL,
+  database TEXT,
+  created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+CREATE INDEX IF NOT EXISTS idx_saved_sqls_user_id ON saved_sqls(user_id);`
   }
 ];
 
 // src/migrate/runner.ts
 async function runMigrations() {
-  const db = getPgDb4();
+  const db = getPgDb();
   await db.exec(`CREATE TABLE IF NOT EXISTS _migrations (
     name TEXT PRIMARY KEY,
     applied_at TIMESTAMPTZ NOT NULL DEFAULT NOW()

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.3.7",
+  "version": "0.4.1",
   "description": "DMS backend API server built on Fastify",
   "type": "module",
   "main": "./dist/index.mjs",
@@ -19,12 +19,16 @@
   },
   "dependencies": {
     "@fastify/cors": "^11.0.0",
-    "@heyhru/business-dms-user": "0.3.0",
-    "@heyhru/common-util-logger": "0.3.2",
-    "@heyhru/server-plugin-jwt": "0.3.0",
-    "@heyhru/server-plugin-mysql": "0.3.0",
-    "@heyhru/server-plugin-pg": "0.3.0",
-    "@heyhru/server-util-crypto": "0.3.0",
+    "@heyhru/business-dms-approval": "0.4.0",
+    "@heyhru/business-dms-audit": "0.4.0",
+    "@heyhru/business-dms-datasource": "0.4.0",
+    "@heyhru/business-dms-saved-sql": "0.4.0",
+    "@heyhru/business-dms-user": "0.4.0",
+    "@heyhru/common-util-logger": "0.4.0",
+    "@heyhru/server-plugin-jwt": "0.4.0",
+    "@heyhru/server-plugin-mysql": "0.4.0",
+    "@heyhru/server-plugin-pg": "0.4.0",
+    "@heyhru/server-util-crypto": "0.4.0",
     "fastify": "^5.8.4",
     "node-sql-parser": "^5.4.0"
   },
@@ -36,5 +40,5 @@
     "typescript": "^6.0.2",
     "vitest": "^4.1.2"
   },
-  "gitHead": "5844861336ff4df88282f00a0eecd3a9a1fb50ea"
+  "gitHead": "0100f7a8b3290424cec7e4fe4ae623db15ba4039"
 }