@jskit-ai/users-core 0.1.4

package/src/server/common/formatters/workspaceFormatter.js

@@ -0,0 +1,46 @@
+import { coerceWorkspaceColor } from "../../../shared/settings.js";
+import { normalizeLowerText, normalizeText } from "@jskit-ai/kernel/shared/actions/textNormalization";
+
+function mapWorkspaceSummary(workspace, membership) {
+  return {
+    id: Number(workspace.id),
+    slug: normalizeText(workspace.slug),
+    name: normalizeText(workspace.name),
+    color: coerceWorkspaceColor(workspace.color),
+    avatarUrl: normalizeText(workspace.avatarUrl),
+    roleId: normalizeLowerText(membership?.roleId || "member") || "member",
+    isAccessible: normalizeLowerText(membership?.status || "active") === "active"
+  };
+}
+
+function mapWorkspaceSettingsPublic(workspaceSettings, { workspaceInvitationsEnabled = true } = {}) {
+  const source = workspaceSettings && typeof workspaceSettings === "object" ? workspaceSettings : {};
+  const invitesAvailable = workspaceInvitationsEnabled === true;
+  const invitesEnabled = invitesAvailable && source.invitesEnabled !== false;
+  return {
+    name: normalizeText(source.name),
+    color: coerceWorkspaceColor(source.color),
+    avatarUrl: normalizeText(source.avatarUrl),
+    invitesEnabled,
+    invitesAvailable,
+    invitesEffective: invitesAvailable && invitesEnabled
+  };
+}
+
+function mapMembershipSummary(membership, workspace) {
+  if (!membership) {
+    return null;
+  }
+
+  return {
+    workspaceId: Number(workspace?.id || membership.workspaceId),
+    roleId: normalizeLowerText(membership.roleId || "member") || "member",
+    status: normalizeLowerText(membership.status || "active") || "active"
+  };
+}
+
+export {
+  mapMembershipSummary,
+  mapWorkspaceSettingsPublic,
+  mapWorkspaceSummary
+};

package/src/server/common/registerCommonRepositories.js

@@ -0,0 +1,45 @@
+import { KERNEL_TOKENS } from "@jskit-ai/kernel/shared/support/tokens";
+import { createRepository as createUserProfilesRepository } from "./repositories/userProfilesRepository.js";
+import { createRepository as createUserSettingsRepository } from "./repositories/userSettingsRepository.js";
+import { createRepository as createWorkspacesRepository } from "./repositories/workspacesRepository.js";
+import { createRepository as createWorkspaceMembershipsRepository } from "./repositories/workspaceMembershipsRepository.js";
+import { createRepository as createWorkspaceInvitesRepository } from "./repositories/workspaceInvitesRepository.js";
+import { createRepository as createConsoleSettingsRepository } from "../consoleSettings/consoleSettingsRepository.js";
+
+function registerCommonRepositories(app) {
+  if (!app || typeof app.singleton !== "function") {
+    throw new Error("registerCommonRepositories requires application singleton().");
+  }
+
+  app.singleton("userProfilesRepository", (scope) => {
+    const knex = scope.make(KERNEL_TOKENS.Knex);
+    return createUserProfilesRepository(knex);
+  });
+
+  app.singleton("userSettingsRepository", (scope) => {
+    const knex = scope.make(KERNEL_TOKENS.Knex);
+    return createUserSettingsRepository(knex);
+  });
+
+  app.singleton("workspacesRepository", (scope) => {
+    const knex = scope.make(KERNEL_TOKENS.Knex);
+    return createWorkspacesRepository(knex);
+  });
+
+  app.singleton("workspaceMembershipsRepository", (scope) => {
+    const knex = scope.make(KERNEL_TOKENS.Knex);
+    return createWorkspaceMembershipsRepository(knex);
+  });
+
+  app.singleton("workspaceInvitesRepository", (scope) => {
+    const knex = scope.make(KERNEL_TOKENS.Knex);
+    return createWorkspaceInvitesRepository(knex);
+  });
+
+  app.singleton("consoleSettingsRepository", (scope) => {
+    const knex = scope.make(KERNEL_TOKENS.Knex);
+    return createConsoleSettingsRepository(knex);
+  });
+}
+
+export { registerCommonRepositories };

package/src/server/common/registerSharedApi.js

@@ -0,0 +1,9 @@
+function registerSharedApi(app, usersCoreApi) {
+  if (!app || typeof app.singleton !== "function") {
+    throw new Error("registerSharedApi requires application singleton().");
+  }
+
+  app.singleton("users.core", () => usersCoreApi);
+}
+
+export { registerSharedApi };

package/src/server/common/repositories/README.md

@@ -0,0 +1,24 @@
+# `repositories/`
+
+Use this directory for persistence code shared by more than one server slice.
+
+What belongs here:
+- repository helpers that are part of persistence logic
+- shared repositories used by multiple features/slices
+
+Examples:
+- SQL/date/JSON helper functions reused by several repositories
+- `workspaceMembershipsRepository`
+- `workspaceInvitesRepository`
+
+Do not put these here:
+- repositories used by only one feature
+- business logic
+- action definitions
+- transport validation
+- feature-specific response mapping
+
+Rule:
+- if a helper is reused by multiple repository files, it can live here
+- if a repository is reused by multiple slices, keep it here
+- if a repository is owned by one slice only, keep it in that slice folder

package/src/server/common/repositories/repositoryUtils.js

@@ -0,0 +1,50 @@
+import { toInsertDateTime, toNullableDateTime, toIsoString } from "@jskit-ai/database-runtime/shared";
+import { isDuplicateEntryError } from "@jskit-ai/database-runtime/shared/duplicateEntry";
+import { normalizeText, normalizeLowerText } from "@jskit-ai/kernel/shared/support/normalize";
+
+function nowDb() {
+  return toInsertDateTime();
+}
+
+function toNullableIso(value) {
+  if (!value) {
+    return null;
+  }
+  return toIsoString(value);
+}
+
+function uniqueSorted(values) {
+  return [...new Set(values)].sort((left, right) => String(left).localeCompare(String(right)));
+}
+
+function parseJson(value, fallback = {}) {
+  if (value == null) {
+    return fallback;
+  }
+  if (typeof value === "object") {
+    return value;
+  }
+  try {
+    return JSON.parse(String(value));
+  } catch {
+    return fallback;
+  }
+}
+
+function toDbJson(value, fallback = {}) {
+  const source = value && typeof value === "object" ? value : fallback;
+  return JSON.stringify(source);
+}
+
+export {
+  toNullableDateTime,
+  toIsoString,
+  isDuplicateEntryError,
+  normalizeText,
+  normalizeLowerText,
+  nowDb,
+  toNullableIso,
+  uniqueSorted,
+  parseJson,
+  toDbJson
+};

package/src/server/common/repositories/userProfilesRepository.js

@@ -0,0 +1,251 @@
+import {
+  isDuplicateEntryError,
+  normalizeLowerText,
+  normalizeText,
+  toIsoString,
+  toNullableDateTime,
+  toNullableIso,
+  nowDb
+} from "./repositoryUtils.js";
+
+const USERNAME_MAX_LENGTH = 120;
+
+function normalizeIdentity(identityLike) {
+  const source = identityLike && typeof identityLike === "object" ? identityLike : {};
+  const provider = normalizeLowerText(source.provider || source.authProvider);
+  const providerUserId = normalizeText(source.providerUserId || source.authProviderUserId);
+  if (!provider || !providerUserId) {
+    return null;
+  }
+  return {
+    provider,
+    providerUserId
+  };
+}
+
+function normalizeUsername(value) {
+  const normalized = normalizeLowerText(value)
+    .replace(/[^a-z0-9]+/g, "-")
+    .replace(/^-+|-+$/g, "")
+    .slice(0, USERNAME_MAX_LENGTH);
+  return normalized || "";
+}
+
+function usernameBaseFromEmail(email) {
+  const normalizedEmail = normalizeLowerText(email);
+  const emailLocalPart = normalizedEmail.includes("@") ? normalizedEmail.split("@")[0] : normalizedEmail;
+  const username = normalizeUsername(emailLocalPart);
+  return username || "user";
+}
+
+function buildUsernameCandidate(baseUsername, suffix) {
+  const normalizedBase = normalizeUsername(baseUsername) || "user";
+  if (suffix < 1) {
+    return normalizedBase;
+  }
+
+  const suffixText = `-${suffix + 1}`;
+  const allowedBaseLength = USERNAME_MAX_LENGTH - suffixText.length;
+  const trimmedBase = normalizedBase.slice(0, allowedBaseLength);
+  return `${trimmedBase}${suffixText}`;
+}
+
+function mapProfileRow(row) {
+  if (!row) {
+    return null;
+  }
+  return {
+    id: Number(row.id),
+    authProvider: normalizeLowerText(row.auth_provider),
+    authProviderUserId: normalizeText(row.auth_provider_user_id),
+    email: normalizeLowerText(row.email),
+    username: normalizeLowerText(row.username),
+    displayName: normalizeText(row.display_name),
+    avatarStorageKey: row.avatar_storage_key ? normalizeText(row.avatar_storage_key) : null,
+    avatarVersion: row.avatar_version == null ? null : String(row.avatar_version),
+    avatarUpdatedAt: toNullableIso(row.avatar_updated_at),
+    createdAt: toIsoString(row.created_at)
+  };
+}
+
+function duplicateTargetsEmail(error) {
+  if (!isDuplicateEntryError(error)) {
+    return false;
+  }
+  const message = normalizeLowerText(error?.sqlMessage || error?.message);
+  return message.includes("email");
+}
+
+function duplicateTargetsUsername(error) {
+  if (!isDuplicateEntryError(error)) {
+    return false;
+  }
+  const message = normalizeLowerText(error?.sqlMessage || error?.message);
+  return message.includes("username");
+}
+
+function createDuplicateEmailConflictError() {
+  const error = new Error("Email is already linked to a different profile.");
+  error.code = "USER_PROFILE_EMAIL_CONFLICT";
+  return error;
+}
+
+async function resolveUniqueUsername(client, baseUsername, { excludeUserId = 0 } = {}) {
+  for (let suffix = 0; suffix < 1000; suffix += 1) {
+    const candidate = buildUsernameCandidate(baseUsername, suffix);
+    const existing = await client("user_profiles").where({ username: candidate }).first();
+    if (!existing || Number(existing.id) === Number(excludeUserId || 0)) {
+      return candidate;
+    }
+  }
+
+  throw new Error("Unable to generate unique username.");
+}
+
+function createRepository(knex) {
+  if (typeof knex !== "function") {
+    throw new TypeError("userProfilesRepository requires knex.");
+  }
+
+  async function findById(userId, options = {}) {
+    const client = options?.trx || knex;
+    const row = await client("user_profiles").where({ id: userId }).first();
+    return mapProfileRow(row);
+  }
+
+  async function findByIdentity(identityLike, options = {}) {
+    const client = options?.trx || knex;
+    const identity = normalizeIdentity(identityLike);
+    if (!identity) {
+      return null;
+    }
+
+    const row = await client("user_profiles")
+      .where({
+        auth_provider: identity.provider,
+        auth_provider_user_id: identity.providerUserId
+      })
+      .first();
+    return mapProfileRow(row);
+  }
+
+  async function updateDisplayNameById(userId, displayName, options = {}) {
+    const client = options?.trx || knex;
+    await client("user_profiles")
+      .where({ id: userId })
+      .update({
+        display_name: normalizeText(displayName)
+      });
+    return findById(userId, { trx: client });
+  }
+
+  async function updateAvatarById(userId, avatar = {}, options = {}) {
+    const client = options?.trx || knex;
+    await client("user_profiles")
+      .where({ id: userId })
+      .update({
+        avatar_storage_key: avatar.avatarStorageKey || null,
+        avatar_version: avatar.avatarVersion == null ? null : String(avatar.avatarVersion),
+        avatar_updated_at: toNullableDateTime(avatar.avatarUpdatedAt) || nowDb()
+      });
+
+    return findById(userId, { trx: client });
+  }
+
+  async function clearAvatarById(userId, options = {}) {
+    const client = options?.trx || knex;
+    await client("user_profiles")
+      .where({ id: userId })
+      .update({
+        avatar_storage_key: null,
+        avatar_version: null,
+        avatar_updated_at: null
+      });
+    return findById(userId, { trx: client });
+  }
+
+  async function upsert(profileLike = {}, options = {}) {
+    const client = options?.trx || knex;
+    const identity = normalizeIdentity(profileLike);
+    if (!identity) {
+      throw new TypeError("upsert requires provider/authProvider and providerUserId/authProviderUserId.");
+    }
+
+    const email = normalizeLowerText(profileLike.email);
+    const displayName = normalizeText(profileLike.displayName);
+    const requestedUsername = normalizeUsername(profileLike.username);
+    if (!email || !displayName) {
+      throw new TypeError("upsert requires email and displayName.");
+    }
+
+    const executeUpsert = async (trx) => {
+      const where = {
+        auth_provider: identity.provider,
+        auth_provider_user_id: identity.providerUserId
+      };
+      const existing = await trx("user_profiles").where(where).first();
+
+      try {
+        if (existing) {
+          const existingUsername = normalizeUsername(existing.username);
+          const username = existingUsername || (await resolveUniqueUsername(trx, requestedUsername || usernameBaseFromEmail(email), {
+            excludeUserId: existing.id
+          }));
+          await trx("user_profiles").where({ id: existing.id }).update({
+            email,
+            display_name: displayName,
+            username
+          });
+        } else {
+          const username = await resolveUniqueUsername(trx, requestedUsername || usernameBaseFromEmail(email));
+          await trx("user_profiles").insert({
+            auth_provider: identity.provider,
+            auth_provider_user_id: identity.providerUserId,
+            email,
+            display_name: displayName,
+            username
+          });
+        }
+      } catch (error) {
+        if (duplicateTargetsEmail(error)) {
+          throw createDuplicateEmailConflictError();
+        }
+        if (duplicateTargetsUsername(error)) {
+          throw error;
+        }
+        if (!isDuplicateEntryError(error)) {
+          throw error;
+        }
+      }
+
+      const reloaded = await trx("user_profiles").where(where).first();
+      return mapProfileRow(reloaded);
+    };
+
+    if (options?.trx) {
+      return executeUpsert(client);
+    }
+
+    return knex.transaction(executeUpsert);
+  }
+
+  async function withTransaction(work) {
+    if (typeof work !== "function") {
+      throw new TypeError("withTransaction requires a callback.");
+    }
+
+    return knex.transaction((trx) => work(trx));
+  }
+
+  return Object.freeze({
+    findById,
+    findByIdentity,
+    updateDisplayNameById,
+    updateAvatarById,
+    clearAvatarById,
+    upsert,
+    withTransaction
+  });
+}
+
+export { createRepository, normalizeIdentity, mapProfileRow };

package/src/server/common/repositories/userSettingsRepository.js

@@ -0,0 +1,179 @@
+import {
+  toIsoString,
+  nowDb,
+  isDuplicateEntryError
+} from "./repositoryUtils.js";
+import { DEFAULT_USER_SETTINGS } from "../../../shared/settings.js";
+import {
+  userSettingsFields
+} from "../../../shared/resources/userSettingsFields.js";
+
+function mapRow(row) {
+  if (!row) {
+    return null;
+  }
+
+  const mapped = {
+    userId: Number(row.user_id),
+    lastActiveWorkspaceId: row.last_active_workspace_id == null ? null : Number(row.last_active_workspace_id),
+    passwordSignInEnabled: row.password_sign_in_enabled == null ? true : Boolean(row.password_sign_in_enabled),
+    passwordSetupRequired: row.password_setup_required == null ? false : Boolean(row.password_setup_required),
+    createdAt: toIsoString(row.created_at),
+    updatedAt: toIsoString(row.updated_at)
+  };
+
+  for (const field of userSettingsFields) {
+    const value = Object.hasOwn(row, field.dbColumn)
+      ? row[field.dbColumn]
+      : field.resolveDefault({
+          settings: mapped,
+          row
+        });
+    mapped[field.key] = field.normalizeOutput(value, {
+      settings: mapped,
+      row
+    });
+  }
+
+  return mapped;
+}
+
+function normalizeBoolean(value, fallback = false) {
+  if (value === undefined) {
+    return fallback;
+  }
+  return value === true;
+}
+
+function createInsertPayload(userId) {
+  const payload = {
+    user_id: Number(userId),
+    last_active_workspace_id: null,
+    password_sign_in_enabled: DEFAULT_USER_SETTINGS.passwordSignInEnabled,
+    password_setup_required: DEFAULT_USER_SETTINGS.passwordSetupRequired,
+    created_at: nowDb(),
+    updated_at: nowDb()
+  };
+
+  const resolvedDefaults = {};
+  for (const field of userSettingsFields) {
+    const defaultValue = field.resolveDefault({
+      settings: resolvedDefaults
+    });
+    payload[field.dbColumn] = field.normalizeInput(defaultValue, {
+      payload: resolvedDefaults,
+      settings: resolvedDefaults
+    });
+    resolvedDefaults[field.key] = field.normalizeOutput(defaultValue, {
+      settings: resolvedDefaults
+    });
+  }
+
+  return payload;
+}
+
+function createRepository(knex) {
+  if (typeof knex !== "function") {
+    throw new TypeError("userSettingsRepository requires knex.");
+  }
+
+  async function findByUserId(userId, options = {}) {
+    const client = options?.trx || knex;
+    const row = await client("user_settings").where({ user_id: Number(userId) }).first();
+    return mapRow(row);
+  }
+
+  async function ensureForUserId(userId, options = {}) {
+    const client = options?.trx || knex;
+    const numericUserId = Number(userId);
+    const existing = await findByUserId(numericUserId, { trx: client });
+    if (existing) {
+      return existing;
+    }
+
+    try {
+      await client("user_settings").insert(createInsertPayload(numericUserId));
+    } catch (error) {
+      if (!isDuplicateEntryError(error)) {
+        throw error;
+      }
+    }
+
+    return findByUserId(numericUserId, { trx: client });
+  }
+
+  async function patchUserSettings(userId, patch = {}, options = {}) {
+    const client = options?.trx || knex;
+    const ensured = await ensureForUserId(userId, { trx: client });
+    const source = patch && typeof patch === "object" ? patch : {};
+
+    const dbPatch = {
+      updated_at: nowDb()
+    };
+
+    for (const field of userSettingsFields) {
+      if (!Object.hasOwn(source, field.key)) {
+        continue;
+      }
+      dbPatch[field.dbColumn] = field.normalizeInput(source[field.key], {
+        payload: source,
+        settings: ensured
+      });
+    }
+
+    if (Object.hasOwn(source, "passwordSignInEnabled")) {
+      dbPatch.password_sign_in_enabled = normalizeBoolean(source.passwordSignInEnabled, ensured.passwordSignInEnabled);
+    }
+    if (Object.hasOwn(source, "passwordSetupRequired")) {
+      dbPatch.password_setup_required = normalizeBoolean(source.passwordSetupRequired, ensured.passwordSetupRequired);
+    }
+    if (Object.hasOwn(source, "lastActiveWorkspaceId")) {
+      dbPatch.last_active_workspace_id = source.lastActiveWorkspaceId == null ? null : Number(source.lastActiveWorkspaceId);
+    }
+
+    await client("user_settings").where({ user_id: Number(userId) }).update(dbPatch);
+    return findByUserId(userId, { trx: client });
+  }
+
+  async function updatePreferences(userId, patch = {}, options = {}) {
+    return patchUserSettings(userId, patch, options);
+  }
+
+  async function updateNotifications(userId, patch = {}, options = {}) {
+    return patchUserSettings(userId, patch, options);
+  }
+
+  async function updatePasswordSignInEnabled(userId, enabled, options = {}) {
+    return patchUserSettings(
+      userId,
+      {
+        passwordSignInEnabled: enabled,
+        passwordSetupRequired: Object.hasOwn(options, "passwordSetupRequired")
+          ? options.passwordSetupRequired
+          : undefined
+      },
+      options
+    );
+  }
+
+  async function updatePasswordSetupRequired(userId, required, options = {}) {
+    return patchUserSettings(userId, { passwordSetupRequired: required }, options);
+  }
+
+  async function updateLastActiveWorkspaceId(userId, workspaceId, options = {}) {
+    return patchUserSettings(userId, { lastActiveWorkspaceId: workspaceId }, options);
+  }
+
+  return Object.freeze({
+    findByUserId,
+    ensureForUserId,
+    patchUserSettings,
+    updatePreferences,
+    updateNotifications,
+    updatePasswordSignInEnabled,
+    updatePasswordSetupRequired,
+    updateLastActiveWorkspaceId
+  });
+}
+
+export { createRepository, mapRow };