@hienlh/ppm 0.6.2 → 0.6.4

package/src/server/routes/database.ts

@@ -0,0 +1,259 @@
+import { Hono } from "hono";
+import {
+  getConnections, getConnectionById, insertConnection, updateConnection, deleteConnection,
+  type ConnectionConfig, type ConnectionRow,
+} from "../../services/db.service.ts";
+import { getAdapter } from "../../services/database/adapter-registry.ts";
+import { syncTables, searchTables } from "../../services/table-cache.service.ts";
+import { isReadOnlyQuery } from "../../services/database/readonly-check.ts";
+import { ok, err } from "../../types/api.ts";
+import type { DbConnectionConfig } from "../../types/database.ts";
+
+export const databaseRoutes = new Hono();
+
+/** Strip sensitive connection_config from connection responses */
+function sanitizeConn(conn: ConnectionRow): Omit<ConnectionRow, "connection_config"> {
+  // eslint-disable-next-line @typescript-eslint/no-unused-vars
+  const { connection_config: _, ...safe } = conn;
+  return safe;
+}
+
+/** Validate hex color string (e.g. #3b82f6) */
+function isValidHex(color: string): boolean {
+  return /^#[0-9a-fA-F]{3}([0-9a-fA-F]{3})?$/.test(color);
+}
+
+/** Resolve connection + parse config, return 404 on miss */
+function resolveConn(id: string) {
+  const numId = parseInt(id, 10);
+  if (isNaN(numId)) return null;
+  return getConnectionById(numId);
+}
+
+// ---------------------------------------------------------------------------
+// Connection CRUD
+// ---------------------------------------------------------------------------
+
+/** GET /api/db/connections */
+databaseRoutes.get("/connections", (c) => {
+  try {
+    return c.json(ok(getConnections().map(sanitizeConn)));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** GET /api/db/connections/:id */
+databaseRoutes.get("/connections/:id", (c) => {
+  const conn = resolveConn(c.req.param("id"));
+  if (!conn) return c.json(err("Connection not found"), 404);
+  return c.json(ok(sanitizeConn(conn)));
+});
+
+/** POST /api/db/connections */
+databaseRoutes.post("/connections", async (c) => {
+  try {
+    const body = await c.req.json<{
+      type: "sqlite" | "postgres";
+      name: string;
+      connectionConfig: ConnectionConfig;
+      groupName?: string;
+      color?: string;
+    }>();
+    if (!body.type || !body.name || !body.connectionConfig) {
+      return c.json(err("type, name, and connectionConfig are required"), 400);
+    }
+    if (!["sqlite", "postgres"].includes(body.type)) {
+      return c.json(err("type must be sqlite or postgres"), 400);
+    }
+    if (body.color && !isValidHex(body.color)) {
+      return c.json(err("color must be a valid hex color (e.g. #3b82f6)"), 400);
+    }
+    const conn = insertConnection(body.type, body.name, body.connectionConfig, body.groupName, body.color);
+    return c.json(ok(sanitizeConn(conn)), 201);
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** PUT /api/db/connections/:id — allows toggling readonly (UI-only) */
+databaseRoutes.put("/connections/:id", async (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+
+    const body = await c.req.json<{
+      name?: string;
+      connectionConfig?: ConnectionConfig;
+      groupName?: string | null;
+      color?: string | null;
+      readonly?: number;
+    }>();
+
+    if (body.color && !isValidHex(body.color)) {
+      return c.json(err("color must be a valid hex color (e.g. #3b82f6)"), 400);
+    }
+
+    updateConnection(conn.id, {
+      name: body.name,
+      config: body.connectionConfig,
+      groupName: body.groupName,
+      color: body.color,
+      readonly: body.readonly,
+    });
+    const updated = getConnectionById(conn.id);
+    return c.json(ok(updated ? sanitizeConn(updated) : null));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** DELETE /api/db/connections/:id */
+databaseRoutes.delete("/connections/:id", (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+    deleteConnection(String(conn.id));
+    return c.json(ok({ deleted: true }));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+// ---------------------------------------------------------------------------
+// Connection operations
+// ---------------------------------------------------------------------------
+
+/** POST /api/db/connections/:id/test */
+databaseRoutes.post("/connections/:id/test", async (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+    const config = JSON.parse(conn.connection_config) as DbConnectionConfig;
+    const adapter = getAdapter(conn.type);
+    const result = await adapter.testConnection(config);
+    return c.json(ok(result));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** GET /api/db/connections/:id/tables — live fetch + sync cache */
+databaseRoutes.get("/connections/:id/tables", async (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+    const tables = await syncTables(conn.id);
+    return c.json(ok(tables));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** GET /api/db/connections/:id/schema?table=...&schema=... */
+databaseRoutes.get("/connections/:id/schema", async (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+    const table = c.req.query("table");
+    const schema = c.req.query("schema");
+    if (!table) return c.json(err("table query param required"), 400);
+    const config = JSON.parse(conn.connection_config) as DbConnectionConfig;
+    const adapter = getAdapter(conn.type);
+    const cols = await adapter.getTableSchema(config, table, schema);
+    return c.json(ok(cols));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** GET /api/db/connections/:id/data?table=...&page=1&limit=100&orderBy=...&orderDir=ASC */
+databaseRoutes.get("/connections/:id/data", async (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+    const table = c.req.query("table");
+    if (!table) return c.json(err("table query param required"), 400);
+    const config = JSON.parse(conn.connection_config) as DbConnectionConfig;
+    const adapter = getAdapter(conn.type);
+    const data = await adapter.getTableData(config, table, {
+      schema: c.req.query("schema"),
+      page: parseInt(c.req.query("page") ?? "1", 10),
+      limit: Math.min(parseInt(c.req.query("limit") ?? "100", 10), 1000),
+      orderBy: c.req.query("orderBy"),
+      orderDir: (c.req.query("orderDir") as "ASC" | "DESC") ?? "ASC",
+    });
+    return c.json(ok(data));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** POST /api/db/connections/:id/query — body: { sql } — enforces readonly */
+databaseRoutes.post("/connections/:id/query", async (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+    const body = await c.req.json<{ sql: string }>();
+    if (!body.sql) return c.json(err("sql is required"), 400);
+
+    if (conn.readonly && !isReadOnlyQuery(body.sql)) {
+      return c.json(err("Connection is readonly — only SELECT queries allowed. Change this in PPM web UI."), 403);
+    }
+
+    const config = JSON.parse(conn.connection_config) as DbConnectionConfig;
+    const adapter = getAdapter(conn.type);
+    const result = await adapter.executeQuery(config, body.sql);
+    return c.json(ok(result));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+/** PUT /api/db/connections/:id/cell — body: { table, schema?, pkColumn, pkValue, column, value } — enforces readonly */
+databaseRoutes.put("/connections/:id/cell", async (c) => {
+  try {
+    const conn = resolveConn(c.req.param("id"));
+    if (!conn) return c.json(err("Connection not found"), 404);
+
+    if (conn.readonly) {
+      return c.json(err("Connection is readonly — cell editing is disabled. Change this in PPM web UI."), 403);
+    }
+
+    const body = await c.req.json<{
+      table: string; schema?: string;
+      pkColumn: string; pkValue: unknown; column: string; value: unknown;
+    }>();
+    if (!body.table || !body.pkColumn || !body.column) {
+      return c.json(err("table, pkColumn, and column are required"), 400);
+    }
+
+    const config = JSON.parse(conn.connection_config) as DbConnectionConfig;
+    const adapter = getAdapter(conn.type);
+    await adapter.updateCell(config, body.table, {
+      schema: body.schema,
+      pkColumn: body.pkColumn,
+      pkValue: body.pkValue,
+      column: body.column,
+      value: body.value,
+    });
+    return c.json(ok({ updated: true }));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
+// ---------------------------------------------------------------------------
+// Search
+// ---------------------------------------------------------------------------
+
+/** GET /api/db/search?q=... — search cached tables across all connections */
+databaseRoutes.get("/search", (c) => {
+  try {
+    const q = c.req.query("q") ?? "";
+    return c.json(ok(searchTables(q)));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+

package/src/server/routes/settings.ts

@@ -1,5 +1,6 @@
 import { Hono } from "hono";
 import { configService } from "../../services/config.service.ts";
+import { getConfigValue, setConfigValue } from "../../services/db.service.ts";
 import {
   validateAIProviderConfig,
   validateDefaultProvider,
@@ -102,3 +103,35 @@ settingsRoutes.put("/ai", async (c) => {
     return c.json(err((e as Error).message), 400);
   }
 });
+
+// ── Keybindings ──────────────────────────────────────────────────────
+
+const KEYBINDINGS_KEY = "keybindings";
+
+/** GET /settings/keybindings — return user overrides (partial) */
+settingsRoutes.get("/keybindings", (c) => {
+  const raw = getConfigValue(KEYBINDINGS_KEY);
+  const overrides: Record<string, string> = raw ? JSON.parse(raw) : {};
+  return c.json(ok(overrides));
+});
+
+/** PUT /settings/keybindings — save user overrides (partial, only changed keys) */
+settingsRoutes.put("/keybindings", async (c) => {
+  try {
+    const body = await c.req.json<Record<string, string | null>>();
+    // Merge with existing overrides
+    const raw = getConfigValue(KEYBINDINGS_KEY);
+    const current: Record<string, string> = raw ? JSON.parse(raw) : {};
+    for (const [actionId, combo] of Object.entries(body)) {
+      if (combo === null) {
+        delete current[actionId]; // reset to default
+      } else {
+        current[actionId] = combo;
+      }
+    }
+    setConfigValue(KEYBINDINGS_KEY, JSON.stringify(current));
+    return c.json(ok(current));
+  } catch (e) {
+    return c.json(err((e as Error).message), 400);
+  }
+});

package/src/services/database/adapter-registry.ts

@@ -0,0 +1,13 @@
+import type { DbType, DatabaseAdapter } from "../../types/database.ts";
+
+const adapters = new Map<DbType, DatabaseAdapter>();
+
+export function registerAdapter(type: DbType, adapter: DatabaseAdapter): void {
+  adapters.set(type, adapter);
+}
+
+export function getAdapter(type: DbType): DatabaseAdapter {
+  const adapter = adapters.get(type);
+  if (!adapter) throw new Error(`No adapter registered for database type: ${type}`);
+  return adapter;
+}

package/src/services/database/init-adapters.ts

@@ -0,0 +1,9 @@
+import { registerAdapter } from "./adapter-registry.ts";
+import { sqliteAdapter } from "./sqlite-adapter.ts";
+import { postgresAdapter } from "./postgres-adapter.ts";
+
+/** Register all database adapters. Call once at server startup. */
+export function initAdapters(): void {
+  registerAdapter("sqlite", sqliteAdapter);
+  registerAdapter("postgres", postgresAdapter);
+}

package/src/services/database/postgres-adapter.ts

@@ -0,0 +1,42 @@
+import type { DatabaseAdapter, DbConnectionConfig, DbTableInfo, DbColumnInfo, DbPagedData, DbQueryResult } from "../../types/database.ts";
+import { postgresService } from "../postgres.service.ts";
+
+/** Thin adapter wrapping the existing PostgresService to implement DatabaseAdapter */
+export const postgresAdapter: DatabaseAdapter = {
+  async testConnection(config: DbConnectionConfig): Promise<{ ok: boolean; error?: string }> {
+    if (!config.connectionString) return { ok: false, error: "Missing connectionString" };
+    return postgresService.testConnection(config.connectionString);
+  },
+
+  async getTables(config: DbConnectionConfig): Promise<DbTableInfo[]> {
+    if (!config.connectionString) throw new Error("Missing connectionString");
+    const tables = await postgresService.getTables(config.connectionString);
+    return tables.map((t) => ({ name: t.name, schema: t.schema, rowCount: t.rowCount }));
+  },
+
+  async getTableSchema(config: DbConnectionConfig, table: string, schema = "public"): Promise<DbColumnInfo[]> {
+    if (!config.connectionString) throw new Error("Missing connectionString");
+    return postgresService.getTableSchema(config.connectionString, table, schema);
+  },
+
+  async getTableData(config: DbConnectionConfig, table: string, opts): Promise<DbPagedData> {
+    if (!config.connectionString) throw new Error("Missing connectionString");
+    return postgresService.getTableData(
+      config.connectionString, table, opts.schema ?? "public",
+      opts.page, opts.limit, opts.orderBy, opts.orderDir,
+    );
+  },
+
+  async executeQuery(config: DbConnectionConfig, sql: string): Promise<DbQueryResult> {
+    if (!config.connectionString) throw new Error("Missing connectionString");
+    return postgresService.executeQuery(config.connectionString, sql);
+  },
+
+  async updateCell(config: DbConnectionConfig, table: string, opts): Promise<void> {
+    if (!config.connectionString) throw new Error("Missing connectionString");
+    await postgresService.updateCell(
+      config.connectionString, table, opts.schema ?? "public",
+      opts.pkColumn, opts.pkValue, opts.column, opts.value,
+    );
+  },
+};

package/src/services/database/readonly-check.ts

@@ -0,0 +1,17 @@
+/**
+ * Returns true if sql is a read-only statement.
+ * Handles: SELECT, EXPLAIN, SHOW, PRAGMA, DESCRIBE, WITH...SELECT.
+ * Guards against CTEs with write keywords (e.g. WITH x AS (DELETE...) SELECT).
+ */
+export function isReadOnlyQuery(sql: string): boolean {
+  const trimmed = sql.trim();
+
+  // Reject if the SQL contains write keywords anywhere (catches CTE attacks like
+  // "WITH x AS (DELETE ...) SELECT ...").
+  if (/\b(INSERT|UPDATE|DELETE|DROP|CREATE|ALTER|TRUNCATE|REPLACE|MERGE)\b/i.test(trimmed)) {
+    return false;
+  }
+
+  // Confirm it starts with a known read-only keyword.
+  return /^\s*(SELECT|EXPLAIN|SHOW|PRAGMA|DESCRIBE|WITH\b)/i.test(trimmed);
+}

package/src/services/database/sqlite-adapter.ts

@@ -0,0 +1,55 @@
+import type { DatabaseAdapter, DbConnectionConfig, DbTableInfo, DbColumnInfo, DbPagedData, DbQueryResult } from "../../types/database.ts";
+import { sqliteService } from "../sqlite.service.ts";
+import { existsSync } from "node:fs";
+
+/** Thin adapter wrapping the existing SqliteService to implement DatabaseAdapter */
+export const sqliteAdapter: DatabaseAdapter = {
+  async testConnection(config: DbConnectionConfig): Promise<{ ok: boolean; error?: string }> {
+    try {
+      if (!config.path) return { ok: false, error: "Missing path" };
+      if (!existsSync(config.path)) return { ok: false, error: `File not found: ${config.path}` };
+      // Attempt to open and list tables
+      sqliteService.getTables(config.path, config.path);
+      return { ok: true };
+    } catch (e) {
+      return { ok: false, error: (e as Error).message };
+    }
+  },
+
+  async getTables(config: DbConnectionConfig): Promise<DbTableInfo[]> {
+    if (!config.path) throw new Error("Missing path");
+    const tables = sqliteService.getTables(config.path, config.path);
+    return tables.map((t) => ({ name: t.name, schema: "main", rowCount: t.rowCount }));
+  },
+
+  async getTableSchema(config: DbConnectionConfig, table: string): Promise<DbColumnInfo[]> {
+    if (!config.path) throw new Error("Missing path");
+    const cols = sqliteService.getTableSchema(config.path, config.path, table);
+    return cols.map((c) => ({
+      name: c.name,
+      type: c.type,
+      nullable: !c.notnull,
+      pk: !!c.pk,
+      defaultValue: c.dflt_value,
+    }));
+  },
+
+  async getTableData(config: DbConnectionConfig, table: string, opts): Promise<DbPagedData> {
+    if (!config.path) throw new Error("Missing path");
+    return sqliteService.getTableData(
+      config.path, config.path, table,
+      opts.page, opts.limit, opts.orderBy, opts.orderDir,
+    );
+  },
+
+  async executeQuery(config: DbConnectionConfig, sql: string): Promise<DbQueryResult> {
+    if (!config.path) throw new Error("Missing path");
+    return sqliteService.executeQuery(config.path, config.path, sql);
+  },
+
+  async updateCell(config: DbConnectionConfig, table: string, opts): Promise<void> {
+    if (!config.path) throw new Error("Missing path");
+    // SQLite uses rowid as PK for cell updates
+    sqliteService.updateCell(config.path, config.path, table, Number(opts.pkValue), opts.column, opts.value);
+  },
+};

package/src/services/db.service.ts

@@ -1,10 +1,10 @@
-import { Database } from "bun:sqlite";
+import { Database, type SQLQueryBindings } from "bun:sqlite";
 import { resolve } from "node:path";
 import { homedir } from "node:os";
 import { mkdirSync, existsSync } from "node:fs";
 
 const PPM_DIR = resolve(homedir(), ".ppm");
-const CURRENT_SCHEMA_VERSION = 1;
+const CURRENT_SCHEMA_VERSION = 3;
 
 let db: Database | null = null;
 let dbProfile: string | null = null;
@@ -121,6 +121,52 @@ function runMigrations(database: Database): void {
       PRAGMA user_version = 1;
     `);
   }
+
+  if (current < 2) {
+    database.exec(`
+      CREATE TABLE IF NOT EXISTS connections (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        type TEXT NOT NULL CHECK(type IN ('sqlite', 'postgres')),
+        name TEXT NOT NULL UNIQUE,
+        connection_config TEXT NOT NULL,
+        group_name TEXT,
+        color TEXT,
+        sort_order INTEGER NOT NULL DEFAULT 0,
+        created_at TEXT DEFAULT (datetime('now')),
+        updated_at TEXT DEFAULT (datetime('now'))
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_connections_type ON connections(type);
+      CREATE INDEX IF NOT EXISTS idx_connections_group ON connections(group_name);
+
+      PRAGMA user_version = 2;
+    `);
+  }
+
+  if (current < 3) {
+    // Add readonly column (safe-by-default: 1 = block writes, UI-only toggle)
+    try {
+      database.exec(`ALTER TABLE connections ADD COLUMN readonly INTEGER NOT NULL DEFAULT 1`);
+    } catch {
+      // Column may already exist (fresh DB created in this session)
+    }
+
+    database.exec(`
+      CREATE TABLE IF NOT EXISTS connection_table_cache (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        connection_id INTEGER NOT NULL REFERENCES connections(id) ON DELETE CASCADE,
+        table_name TEXT NOT NULL,
+        schema_name TEXT NOT NULL DEFAULT 'public',
+        row_count INTEGER NOT NULL DEFAULT 0,
+        cached_at TEXT DEFAULT (datetime('now')),
+        UNIQUE(connection_id, schema_name, table_name)
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_table_cache_conn ON connection_table_cache(connection_id);
+
+      PRAGMA user_version = 3;
+    `);
+  }
 }
 
 // ---------------------------------------------------------------------------
@@ -299,5 +345,130 @@ export function getDbFilePath(): string {
   return getDbPath();
 }
 
+// ---------------------------------------------------------------------------
+// Connection helpers
+// ---------------------------------------------------------------------------
+
+export interface ConnectionRow {
+  id: number;
+  type: "sqlite" | "postgres";
+  name: string;
+  connection_config: string;
+  group_name: string | null;
+  color: string | null;
+  /** 1 = readonly (default), 0 = writable. UI-only toggle — CLI cannot change this. */
+  readonly: number;
+  sort_order: number;
+  created_at: string;
+  updated_at: string;
+}
+
+/** Parsed config stored in connection_config JSON */
+export type ConnectionConfig =
+  | { type: "sqlite"; path: string }
+  | { type: "postgres"; connectionString: string };
+
+export function getConnections(): ConnectionRow[] {
+  return getDb().query(
+    "SELECT * FROM connections ORDER BY sort_order, id",
+  ).all() as ConnectionRow[];
+}
+
+export function getConnectionById(id: number): ConnectionRow | null {
+  return getDb().query("SELECT * FROM connections WHERE id = ?").get(id) as ConnectionRow | null;
+}
+
+export function getConnectionByName(name: string): ConnectionRow | null {
+  return getDb().query("SELECT * FROM connections WHERE name = ?").get(name) as ConnectionRow | null;
+}
+
+/** Resolve a connection by name or numeric ID */
+export function resolveConnection(nameOrId: string): ConnectionRow | null {
+  const asNum = Number(nameOrId);
+  if (!Number.isNaN(asNum) && Number.isInteger(asNum)) {
+    return getConnectionById(asNum) ?? getConnectionByName(nameOrId);
+  }
+  return getConnectionByName(nameOrId);
+}
+
+export function insertConnection(
+  type: "sqlite" | "postgres", name: string, config: ConnectionConfig,
+  groupName?: string | null, color?: string | null,
+): ConnectionRow {
+  const maxOrder = (getDb().query("SELECT COALESCE(MAX(sort_order), -1) as m FROM connections").get() as { m: number }).m;
+  getDb().query(
+    "INSERT INTO connections (type, name, connection_config, group_name, color, sort_order) VALUES (?, ?, ?, ?, ?, ?)",
+  ).run(type, name, JSON.stringify(config), groupName ?? null, color ?? null, maxOrder + 1);
+  return getConnectionByName(name)!;
+}
+
+export function deleteConnection(nameOrId: string): boolean {
+  const conn = resolveConnection(nameOrId);
+  if (!conn) return false;
+  getDb().query("DELETE FROM connections WHERE id = ?").run(conn.id);
+  return true;
+}
+
+export function updateConnection(
+  id: number, updates: { name?: string; config?: ConnectionConfig; groupName?: string | null; color?: string | null; readonly?: number },
+): void {
+  const sets: string[] = [];
+  const vals: unknown[] = [];
+  if (updates.name !== undefined) { sets.push("name = ?"); vals.push(updates.name); }
+  if (updates.config !== undefined) { sets.push("connection_config = ?"); vals.push(JSON.stringify(updates.config)); }
+  if (updates.groupName !== undefined) { sets.push("group_name = ?"); vals.push(updates.groupName); }
+  if (updates.color !== undefined) { sets.push("color = ?"); vals.push(updates.color); }
+  if (updates.readonly !== undefined) { sets.push("readonly = ?"); vals.push(updates.readonly); }
+  if (sets.length === 0) return;
+  sets.push("updated_at = datetime('now')");
+  vals.push(id);
+  getDb().query(`UPDATE connections SET ${sets.join(", ")} WHERE id = ?`).run(...(vals as SQLQueryBindings[]));
+}
+
+// ---------------------------------------------------------------------------
+// Table cache helpers
+// ---------------------------------------------------------------------------
+
+export interface TableCacheRow {
+  id: number;
+  connection_id: number;
+  table_name: string;
+  schema_name: string;
+  row_count: number;
+  cached_at: string;
+}
+
+export function getCachedTables(connectionId: number): TableCacheRow[] {
+  return getDb().query(
+    "SELECT * FROM connection_table_cache WHERE connection_id = ? ORDER BY schema_name, table_name",
+  ).all(connectionId) as TableCacheRow[];
+}
+
+export function upsertTableCache(connectionId: number, tableName: string, schemaName: string, rowCount: number): void {
+  getDb().query(
+    `INSERT INTO connection_table_cache (connection_id, table_name, schema_name, row_count, cached_at)
+     VALUES (?, ?, ?, ?, datetime('now'))
+     ON CONFLICT(connection_id, schema_name, table_name)
+     DO UPDATE SET row_count = excluded.row_count, cached_at = excluded.cached_at`,
+  ).run(connectionId, tableName, schemaName, rowCount);
+}
+
+export function deleteTableCache(connectionId: number): void {
+  getDb().query("DELETE FROM connection_table_cache WHERE connection_id = ?").run(connectionId);
+}
+
+export function searchTableCache(query: string): Array<TableCacheRow & { connection_name: string; connection_type: string; connection_color: string | null }> {
+  // Escape LIKE wildcards so user input is treated as literal text
+  const escaped = query.replace(/[%_\\]/g, "\\$&");
+  return getDb().query(
+    `SELECT tc.*, c.name as connection_name, c.type as connection_type, c.color as connection_color
+     FROM connection_table_cache tc
+     JOIN connections c ON tc.connection_id = c.id
+     WHERE tc.table_name LIKE ? ESCAPE '\\'
+     ORDER BY tc.table_name, c.name
+     LIMIT 50`,
+  ).all(`%${escaped}%`) as Array<TableCacheRow & { connection_name: string; connection_type: string; connection_color: string | null }>;
+}
+
 // Auto-close on process exit
 process.on("beforeExit", closeDb);