@jmruthers/pace-core 0.5.186 → 0.5.187

package/src/rbac/request-deduplication.ts

@@ -0,0 +1,87 @@
+/**
+ * Request Deduplication for RBAC Permission Checks
+ * @package @jmruthers/pace-core
+ * @module RBAC/RequestDeduplication
+ * @since 2.0.0
+ * 
+ * This module provides request deduplication to prevent multiple identical
+ * permission checks from being made simultaneously. When multiple components
+ * request the same permission at the same time, they share the same promise.
+ */
+
+import { PermissionCheck } from './types';
+import { RBACCache } from './cache';
+
+/**
+ * Map of in-flight permission check requests
+ * Key: cache key string, Value: Promise<boolean>
+ */
+const inFlightRequests = new Map<string, Promise<boolean>>();
+
+/**
+ * Generate a deduplication key from permission check input
+ * 
+ * @param input - Permission check input
+ * @returns Deduplication key string
+ */
+function generateDeduplicationKey(input: PermissionCheck): string {
+  return RBACCache.generatePermissionKey({
+    userId: input.userId,
+    organisationId: input.scope.organisationId!,
+    eventId: input.scope.eventId,
+    appId: input.scope.appId,
+    permission: input.permission,
+    pageId: input.pageId,
+  });
+}
+
+/**
+ * Get or create a deduplicated permission check request
+ * 
+ * If a request for the same permission is already in-flight, returns the existing promise.
+ * Otherwise, creates a new request and tracks it.
+ * 
+ * @param input - Permission check input
+ * @param checkFn - Function to perform the actual permission check
+ * @returns Promise resolving to permission result
+ */
+export async function getOrCreateRequest(
+  input: PermissionCheck,
+  checkFn: (input: PermissionCheck) => Promise<boolean>
+): Promise<boolean> {
+  const key = generateDeduplicationKey(input);
+  
+  // Check if request is already in-flight
+  const existingRequest = inFlightRequests.get(key);
+  if (existingRequest) {
+    return existingRequest;
+  }
+  
+  // Create new request
+  const requestPromise = checkFn(input).finally(() => {
+    // Clean up when request completes (success or failure)
+    inFlightRequests.delete(key);
+  });
+  
+  // Track the request
+  inFlightRequests.set(key, requestPromise);
+  
+  return requestPromise;
+}
+
+/**
+ * Clear all in-flight requests (useful for testing or cleanup)
+ */
+export function clearInFlightRequests(): void {
+  inFlightRequests.clear();
+}
+
+/**
+ * Get count of in-flight requests (useful for monitoring)
+ * 
+ * @returns Number of in-flight requests
+ */
+export function getInFlightRequestCount(): number {
+  return inFlightRequests.size;
+}
+

package/src/rbac/utils/deep-equal.ts

@@ -0,0 +1,93 @@
+/**
+ * Deep equality check utility for RBAC
+ * @package @jmruthers/pace-core
+ * @module RBAC/Utils/DeepEqual
+ * @since 2.0.0
+ * 
+ * Provides deep equality checking for scope objects and other RBAC data structures.
+ */
+
+import { Scope } from '../types';
+
+/**
+ * Deep equality check for two values
+ * 
+ * @param a - First value
+ * @param b - Second value
+ * @returns True if values are deeply equal
+ */
+export function deepEqual(a: unknown, b: unknown): boolean {
+  if (a === b) {
+    return true;
+  }
+
+  if (a == null || b == null) {
+    return a === b;
+  }
+
+  if (typeof a !== typeof b) {
+    return false;
+  }
+
+  if (typeof a !== 'object') {
+    return false;
+  }
+
+  if (Array.isArray(a) !== Array.isArray(b)) {
+    return false;
+  }
+
+  if (Array.isArray(a) && Array.isArray(b)) {
+    if (a.length !== b.length) {
+      return false;
+    }
+    for (let i = 0; i < a.length; i++) {
+      if (!deepEqual(a[i], b[i])) {
+        return false;
+      }
+    }
+    return true;
+  }
+
+  const keysA = Object.keys(a as Record<string, unknown>);
+  const keysB = Object.keys(b as Record<string, unknown>);
+
+  if (keysA.length !== keysB.length) {
+    return false;
+  }
+
+  for (const key of keysA) {
+    if (!keysB.includes(key)) {
+      return false;
+    }
+    if (!deepEqual((a as Record<string, unknown>)[key], (b as Record<string, unknown>)[key])) {
+      return false;
+    }
+  }
+
+  return true;
+}
+
+/**
+ * Deep equality check for Scope objects
+ * 
+ * @param a - First scope
+ * @param b - Second scope
+ * @returns True if scopes are deeply equal
+ */
+export function scopeEqual(a: Scope | null | undefined, b: Scope | null | undefined): boolean {
+  if (a === b) {
+    return true;
+  }
+
+  if (a == null || b == null) {
+    return a === b;
+  }
+
+  return (
+    a.organisationId === b.organisationId &&
+    a.eventId === b.eventId &&
+    a.appId === b.appId
+  );
+}
+

package/src/types/file-reference.ts

@@ -87,7 +87,6 @@ export interface FileReferenceService {
 
 export interface StorageUploadOptions {
   orgId: string;
-  category: FileCategory;
   isPublic?: boolean;
   customPath?: string;
 }

package/src/utils/file-reference/__tests__/file-reference.test.ts

@@ -449,9 +449,22 @@ describe('[service] FileReferenceServiceImpl', () => {
     });
 
     it('lists all file references for record', async () => {
-      const mockFiles = [mockFileReference];
-      mockSupabase.rpc.mockResolvedValue({ data: [{ id: 'file-ref-123' }], error: null });
-      (mockSupabase.from() as any).in.mockResolvedValue({ data: mockFiles, error: null });
+      // Mock RPC to return full data structure (as per new implementation)
+      // RPC returns: id, file_path, file_metadata, is_public, created_at
+      // The code constructs FileReference objects from this RPC response
+      mockSupabase.rpc.mockResolvedValue({ 
+        data: [{
+          id: 'file-ref-123',
+          file_path: mockFileReference.file_path,
+          file_metadata: {
+            ...mockFileReference.file_metadata,
+            app_id: mockFileReference.app_id // Include app_id in metadata for proper construction
+          },
+          is_public: mockFileReference.is_public,
+          created_at: mockFileReference.created_at
+        }], 
+        error: null 
+      });
       
       const result = await service.listFileReferences(
         'test_table',
@@ -459,7 +472,21 @@ describe('[service] FileReferenceServiceImpl', () => {
         'test-org-123'
       );
       
-      expect(result).toEqual(mockFiles);
+      // Verify result has correct structure (constructed from RPC response)
+      expect(result).toHaveLength(1);
+      expect(result[0].id).toBe('file-ref-123');
+      expect(result[0].table_name).toBe('test_table');
+      expect(result[0].record_id).toBe('test-record-123');
+      expect(result[0].organisation_id).toBe('test-org-123');
+      expect(result[0].file_path).toBe(mockFileReference.file_path);
+      // file_metadata: code extracts fileName and fileType from file_path, then spreads item.file_metadata
+      // Since item.file_metadata has fileName: 'test-document.pdf' and fileType: 'application/pdf',
+      // the spread overwrites the extracted values
+      // So we expect the metadata's values, not the extracted ones
+      expect(result[0].file_metadata.fileName).toBe('test-document.pdf');
+      expect(result[0].file_metadata.fileType).toBe('application/pdf');
+      expect(result[0].is_public).toBe(mockFileReference.is_public);
+      expect(result[0].app_id).toBe(mockFileReference.app_id);
     });
   });
 

package/src/utils/file-reference/index.ts

@@ -26,7 +26,7 @@ export class FileReferenceServiceImpl implements FileReferenceService {
    * 
    * Storage Flow:
    * 1. Upload file to storage bucket first (files or public-files based on is_public flag)
-   *    - Path format: {orgId}/{category}/{timestamp-uuid-filename}
+   *    - Path format: {orgId}/{folder}/{timestamp-uuid-filename}
    *    - Bucket selection: 'files' (private) or 'public-files' (public)
    * 2. Extract file metadata (dimensions, hash, etc.)
    * 3. Set organisation context for RLS policies
@@ -48,6 +48,9 @@ export class FileReferenceServiceImpl implements FileReferenceService {
       if (!options.record_id) {
         throw new Error('record_id is required for file upload');
       }
+      if (!options.folder) {
+        throw new Error('folder is required for file upload. The folder prop determines the storage path.');
+      }
 
       // Step 1: Upload file to storage bucket first
       // This generates a unique path: {orgId}/{folder}/{timestamp-uuid-filename}
@@ -117,7 +120,7 @@ export class FileReferenceServiceImpl implements FileReferenceService {
       // Get the created file reference
       const { data: fileRef, error: fetchError } = await this.supabase
         .from('file_references')
-        .select('*')
+        .select('id, table_name, record_id, file_path, file_metadata, organisation_id, app_id, is_public, created_at, updated_at')
         .eq('id', data)
         .single();
 
@@ -146,7 +149,7 @@ export class FileReferenceServiceImpl implements FileReferenceService {
     try {
       const { data, error } = await this.supabase
         .from('file_references')
-        .select('*')
+        .select('id, table_name, record_id, file_path, file_metadata, organisation_id, app_id, is_public, created_at, updated_at')
         .eq('table_name', table_name)
         .eq('record_id', record_id)
         .eq('organisation_id', organisation_id)
@@ -294,24 +297,50 @@ export class FileReferenceServiceImpl implements FileReferenceService {
         throw new Error(`Failed to list file references: ${error.message}`);
       }
 
-      // RPC returns partial data, need to fetch full file references
+      // RPC returns: id, file_path, file_metadata, is_public, created_at
+      // We can construct FileReference objects directly from RPC response + function parameters
+      // This avoids a second query and reduces network requests
       if (!data || data.length === 0) {
         return [];
       }
 
-      // Fetch full file reference data for each ID
-      // RPC returns array of objects with at least an 'id' property
-      const ids = data.map((item: { id: string }) => item.id);
-      const { data: fullData, error: fetchError } = await this.supabase
-        .from('file_references')
-        .select('*')
-        .in('id', ids);
-
-      if (fetchError) {
-        throw new Error(`Failed to fetch file references: ${fetchError.message}`);
+      // Construct FileReference objects from RPC response
+      // This avoids RLS issues with direct queries - the RPC already validated permissions
+      interface RpcFileItem {
+        id: string;
+        file_path: string;
+        file_metadata: { app_id?: string; [key: string]: unknown };
+        is_public?: boolean;
+        created_at?: string;
       }
+      const fileReferences: FileReference[] = data
+        .filter((item: RpcFileItem) => item.id && item.file_path && item.file_metadata)
+        .map((item: RpcFileItem) => {
+          // Extract file name and type from file_path
+          const fileName = item.file_path.split('/').pop() || 'unknown';
+          const fileType = fileName.split('.').pop() || 'unknown';
+          
+          // Construct complete FileReference from RPC response + function parameters
+          const fileRef: FileReference = {
+            id: item.id,
+            table_name: table_name,
+            record_id: record_id,
+            file_path: item.file_path,
+            file_metadata: {
+              fileName,
+              fileType,
+              ...(item.file_metadata || {}),
+            } as FileMetadata,
+            organisation_id: organisation_id,
+            app_id: item.file_metadata?.app_id ? assertAppId(item.file_metadata.app_id) : assertAppId(''), // May not be in metadata, use empty string
+            is_public: item.is_public ?? false,
+            created_at: item.created_at || new Date().toISOString(),
+            updated_at: item.created_at || new Date().toISOString() // RPC doesn't return updated_at, use created_at
+          };
+          return fileRef;
+        });
 
-      return (fullData || []) as FileReference[];
+      return fileReferences;
     } catch (error) {
       log.error('Error listing file references:', error);
       throw error;