@jskit-ai/users-core 0.1.67 → 0.1.69

package/package.descriptor.mjs

@@ -1,7 +1,7 @@
 export default Object.freeze({
   packageVersion: 1,
   packageId: "@jskit-ai/users-core",
-  version: "0.1.67",
+  version: "0.1.69",
   kind: "runtime",
   description: "Users/account runtime plus HTTP routes for account features.",
   dependsOn: [
@@ -132,16 +132,16 @@ export default Object.freeze({
   mutations: {
     dependencies: {
       runtime: {
-        "@jskit-ai/auth-core": "0.1.56",
-        "@jskit-ai/crud-core": "0.1.65",
-        "@jskit-ai/database-runtime": "0.1.57",
-        "@jskit-ai/http-runtime": "0.1.56",
-        "@jskit-ai/json-rest-api-core": "0.1.2",
-        "@jskit-ai/kernel": "0.1.57",
-        "@jskit-ai/resource-core": "0.1.2",
-        "@jskit-ai/resource-crud-core": "0.1.2",
+        "@jskit-ai/auth-core": "0.1.58",
+        "@jskit-ai/crud-core": "0.1.67",
+        "@jskit-ai/database-runtime": "0.1.59",
+        "@jskit-ai/http-runtime": "0.1.58",
+        "@jskit-ai/json-rest-api-core": "0.1.4",
+        "@jskit-ai/kernel": "0.1.59",
+        "@jskit-ai/resource-core": "0.1.4",
+        "@jskit-ai/resource-crud-core": "0.1.4",
         "@local/users": "file:packages/users",
-        "@jskit-ai/uploads-runtime": "0.1.35"
+        "@jskit-ai/uploads-runtime": "0.1.37"
       },
       dev: {}
     },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jskit-ai/users-core",
-  "version": "0.1.67",
+  "version": "0.1.69",
   "type": "module",
   "scripts": {
     "test": "node --test"
@@ -11,14 +11,14 @@
     "./shared/resources/userSettingsResource": "./src/shared/resources/userSettingsResource.js"
   },
   "dependencies": {
-    "@jskit-ai/auth-core": "0.1.56",
-    "@jskit-ai/database-runtime": "0.1.57",
-    "@jskit-ai/http-runtime": "0.1.56",
-    "@jskit-ai/json-rest-api-core": "0.1.2",
-    "@jskit-ai/kernel": "0.1.57",
-    "@jskit-ai/resource-crud-core": "0.1.2",
-    "@jskit-ai/resource-core": "0.1.2",
-    "@jskit-ai/uploads-runtime": "0.1.35",
+    "@jskit-ai/auth-core": "0.1.58",
+    "@jskit-ai/database-runtime": "0.1.59",
+    "@jskit-ai/http-runtime": "0.1.58",
+    "@jskit-ai/json-rest-api-core": "0.1.4",
+    "@jskit-ai/kernel": "0.1.59",
+    "@jskit-ai/resource-crud-core": "0.1.4",
+    "@jskit-ai/resource-core": "0.1.4",
+    "@jskit-ai/uploads-runtime": "0.1.37",
     "json-rest-schema": "1.x.x"
   }
 }

package/src/server/common/repositories/userProfilesRepository.js

@@ -11,7 +11,7 @@ import {
 import {
   createJsonApiInputRecord,
   createJsonRestContext,
-  simplifyJsonApiDocument
+  extractJsonRestCollectionRows
 } from "@jskit-ai/json-rest-api-core/server/jsonRestApiHost";
 import { normalizeIdentity } from "../support/identity.js";
 
@@ -142,18 +142,18 @@ async function resolveUniqueUsername(api, baseUsername, { excludeUserId = null,
 
   for (let suffix = 0; suffix < 1000; suffix += 1) {
     const candidate = buildUsernameCandidate(baseUsername, suffix);
-    const result = await api.resources.userProfiles.query({
-      queryParams: {
-        filters: {
-          username: candidate
-        }
-      },
-      transaction,
-      simplified: false
-    });
-
-    const existingRows = simplifyJsonApiDocument(result);
-    const existing = Array.isArray(existingRows) ? existingRows[0] || null : null;
+    const existingRows = extractJsonRestCollectionRows(
+      await api.resources.userProfiles.query({
+        queryParams: {
+          filters: {
+            username: candidate
+          }
+        },
+        transaction,
+        simplified: true
+      })
+    );
+    const existing = existingRows[0] || null;
     const existingId = normalizeDbRecordId(existing?.id, { fallback: null });
     if (!existing || existingId === normalizedExcludeUserId) {
       return candidate;
@@ -174,19 +174,20 @@ function createRepository({ api, knex } = {}) {
   const withTransaction = createWithTransaction(knex);
 
   async function queryFirst(filters = {}, options = {}) {
-    const result = await api.resources.userProfiles.query(
-      {
-        queryParams: {
-          filters
+    const rows = extractJsonRestCollectionRows(
+      await api.resources.userProfiles.query(
+        {
+          queryParams: {
+            filters
+          },
+          transaction: options?.trx || null,
+          simplified: true
         },
-        transaction: options?.trx || null,
-        simplified: false
-      },
-      createJsonRestContext(options?.context || null)
+        createJsonRestContext(options?.context || null)
+      )
     );
 
-    const rows = simplifyJsonApiDocument(result);
-    return Array.isArray(rows) ? rows[0] || null : null;
+    return rows[0] || null;
   }
 
   async function findById(userId, options = {}) {
@@ -242,13 +243,12 @@ function createRepository({ api, knex } = {}) {
             id: normalizedUserId
           }
         ),
-        transaction: options?.trx || null,
-        simplified: false
+        transaction: options?.trx || null
       },
       createJsonRestContext(options?.context || null)
     );
 
-    return normalizeProfileRecord(simplifyJsonApiDocument(updated));
+    return normalizeProfileRecord(updated);
   }
 
   async function updateAvatarById(userId, avatar = {}, options = {}) {
@@ -271,13 +271,12 @@ function createRepository({ api, knex } = {}) {
             id: normalizedUserId
           }
         ),
-        transaction: options?.trx || null,
-        simplified: false
+        transaction: options?.trx || null
       },
       createJsonRestContext(options?.context || null)
     );
 
-    return normalizeProfileRecord(simplifyJsonApiDocument(updated));
+    return normalizeProfileRecord(updated);
   }
 
   async function clearAvatarById(userId, options = {}) {
@@ -300,13 +299,12 @@ function createRepository({ api, knex } = {}) {
             id: normalizedUserId
           }
         ),
-        transaction: options?.trx || null,
-        simplified: false
+        transaction: options?.trx || null
       },
       createJsonRestContext(options?.context || null)
     );
 
-    return normalizeProfileRecord(simplifyJsonApiDocument(updated));
+    return normalizeProfileRecord(updated);
   }
 
   async function upsert(profileLike = {}, options = {}) {
@@ -357,13 +355,12 @@ function createRepository({ api, knex } = {}) {
                   id: normalizeDbRecordId(existing.id, { fallback: null })
                 }
               ),
-              transaction: trx,
-              simplified: false
+              transaction: trx
             },
             createJsonRestContext(options?.context || null)
           );
 
-          return normalizeProfileRecord(simplifyJsonApiDocument(updated));
+          return normalizeProfileRecord(updated);
         }
 
         const username = await resolveUniqueUsername(
@@ -382,13 +379,12 @@ function createRepository({ api, knex } = {}) {
               username,
               createdAt: new Date()
             }),
-            transaction: trx,
-            simplified: false
+            transaction: trx
           },
           createJsonRestContext(options?.context || null)
         );
 
-        return normalizeProfileRecord(simplifyJsonApiDocument(created));
+        return normalizeProfileRecord(created);
       } catch (error) {
         if (duplicateTargetsEmail(error)) {
           throw createDuplicateEmailConflictError();

package/src/server/common/repositories/userSettingsRepository.js

@@ -7,7 +7,7 @@ import {
 import {
   createJsonApiInputRecord,
   createJsonRestContext,
-  simplifyJsonApiDocument
+  extractJsonRestCollectionRows
 } from "@jskit-ai/json-rest-api-core/server/jsonRestApiHost";
 import { DEFAULT_USER_SETTINGS } from "../../../shared/settings.js";
 
@@ -67,19 +67,20 @@ function createRepository({ api, knex } = {}) {
   const withTransaction = createWithTransaction(knex);
 
   async function queryFirst(filters = {}, options = {}) {
-    const result = await api.resources.userSettings.query(
-      {
-        queryParams: {
-          filters
+    const rows = extractJsonRestCollectionRows(
+      await api.resources.userSettings.query(
+        {
+          queryParams: {
+            filters
+          },
+          transaction: options?.trx || null,
+          simplified: true
         },
-        transaction: options?.trx || null,
-        simplified: false
-      },
-      createJsonRestContext(options?.context || null)
+        createJsonRestContext(options?.context || null)
+      )
     );
 
-    const rows = simplifyJsonApiDocument(result);
-    return Array.isArray(rows) ? rows[0] || null : null;
+    return rows[0] || null;
   }
 
   async function findByUserId(userId, options = {}) {
@@ -112,8 +113,7 @@ function createRepository({ api, knex } = {}) {
               id: normalizedUserId
             }
           ),
-          transaction: options?.trx || null,
-          simplified: false
+          transaction: options?.trx || null
         },
         createJsonRestContext(options?.context || null)
       );
@@ -152,8 +152,7 @@ function createRepository({ api, knex } = {}) {
             id: normalizedUserId
           }
         ),
-        transaction: options?.trx || null,
-        simplified: false
+        transaction: options?.trx || null
       },
       createJsonRestContext(options?.context || null)
     );

package/src/shared/resources/userProfileResource.js

@@ -42,6 +42,13 @@ const userProfileBodySchema = createSchema({
 });
 
 const avatarUploadBodySchema = createSchema({
+  stream: {
+    type: "none",
+    required: true,
+    messages: {
+      default: "Avatar stream is missing."
+    }
+  },
   mimeType: {
     type: "string",
     required: false,

package/test/repositoryContracts.test.js

@@ -16,18 +16,24 @@ function createKnexStub() {
   return knex;
 }
 
+function asCollectionDocument(rows = []) {
+  return {
+    data: Array.isArray(rows) ? rows : []
+  };
+}
+
 test("users-core repositories expose withTransaction", async () => {
   const knex = createKnexStub();
   const api = {
     resources: {
       userProfiles: {
         async query() {
-          return { data: [] };
+          return asCollectionDocument([]);
         }
       },
       userSettings: {
         async query() {
-          return { data: [] };
+          return asCollectionDocument([]);
         }
       }
     }
@@ -54,23 +60,12 @@ function createUserProfilesApiStub(expectedRecord) {
         userProfiles: {
           async query({ queryParams }) {
             calls.push(queryParams?.filters || {});
-            return {
-              data: expectedRecord ? [{
-                type: "userProfiles",
-                id: String(expectedRecord.id),
-                attributes: {
-                  authProvider: expectedRecord.authProvider,
-                  authProviderUserSid: expectedRecord.authProviderUserSid,
-                  email: expectedRecord.email,
-                  username: expectedRecord.username,
-                  displayName: expectedRecord.displayName,
-                  avatarStorageKey: expectedRecord.avatarStorageKey,
-                  avatarVersion: expectedRecord.avatarVersion,
-                  avatarUpdatedAt: expectedRecord.avatarUpdatedAt,
-                  createdAt: expectedRecord.createdAt
-                }
+            return asCollectionDocument(
+              expectedRecord ? [{
+                ...expectedRecord,
+                id: String(expectedRecord.id)
               }] : []
-            };
+            );
           }
         }
       }
@@ -89,28 +84,20 @@ test("userSettingsRepository.ensureForUserId sends transaction outside simplifie
         userSettings: {
           async query() {
             queryCount += 1;
-            return queryCount < 2
-              ? { data: [] }
-              : {
-                  data: [{
-                    type: "userSettings",
+            return asCollectionDocument(
+              queryCount < 2
+                ? []
+                : [{
                     id: "7",
-                    attributes: {
-                      ...DEFAULT_USER_SETTINGS
-                    }
+                    ...DEFAULT_USER_SETTINGS
                   }]
-                };
+            );
           },
           async post(params) {
             postParams = params;
             return {
-              data: {
-                type: "userSettings",
-                id: "7",
-                attributes: {
-                  ...DEFAULT_USER_SETTINGS
-                }
-              }
+              id: "7",
+              ...DEFAULT_USER_SETTINGS
             };
           }
         }
@@ -120,7 +107,7 @@ test("userSettingsRepository.ensureForUserId sends transaction outside simplifie
 
   const record = await repository.ensureForUserId("7", { trx });
 
-  assert.equal(postParams?.simplified, false);
+  assert.equal(postParams?.simplified, undefined);
   assert.equal(postParams?.transaction, trx);
   assert.deepEqual(postParams?.inputRecord?.data, {
     type: "userSettings",
@@ -144,32 +131,27 @@ test("userProfilesRepository.upsert sends native JSON:API write documents with t
           async query({ queryParams }) {
             const filters = queryParams?.filters || {};
             if (Object.hasOwn(filters, "authProvider") || Object.hasOwn(filters, "authProviderUserSid")) {
-              return { data: [] };
+              return asCollectionDocument([]);
             }
             if (Object.hasOwn(filters, "username")) {
-              return { data: [] };
+              return asCollectionDocument([]);
             }
-            return { data: [] };
+            return asCollectionDocument([]);
           },
           async post(params) {
             postParams = params;
             const attributes = params.inputRecord?.data?.attributes || {};
             return {
-              data: {
-                type: "userProfiles",
-                id: "11",
-                attributes: {
-                  authProvider: attributes.authProvider,
-                  authProviderUserSid: attributes.authProviderUserSid,
-                  email: attributes.email,
-                  username: attributes.username,
-                  displayName: attributes.displayName,
-                  avatarStorageKey: null,
-                  avatarVersion: null,
-                  avatarUpdatedAt: null,
-                  createdAt: attributes.createdAt
-                }
-              }
+              id: "11",
+              authProvider: attributes.authProvider,
+              authProviderUserSid: attributes.authProviderUserSid,
+              email: attributes.email,
+              username: attributes.username,
+              displayName: attributes.displayName,
+              avatarStorageKey: null,
+              avatarVersion: null,
+              avatarUpdatedAt: null,
+              createdAt: attributes.createdAt
             };
           }
         }
@@ -184,7 +166,7 @@ test("userProfilesRepository.upsert sends native JSON:API write documents with t
     displayName: "Ada Example"
   }, { trx });
 
-  assert.equal(postParams?.simplified, false);
+  assert.equal(postParams?.simplified, undefined);
   assert.equal(postParams?.transaction, trx);
   assert.equal(postParams?.inputRecord?.transaction, undefined);
   assert.equal(postParams?.inputRecord?.data?.type, "userProfiles");
@@ -218,6 +200,37 @@ test("userProfilesRepository.findByEmail normalizes email lookup", async () => {
   assert.equal(profile?.displayName, "Ada Example");
 });
 
+test("userProfilesRepository.findByIdentity reads existing profiles from collection documents", async () => {
+  const { api, calls } = createUserProfilesApiStub({
+    id: 7,
+    authProvider: "supabase",
+    authProviderUserSid: "supabase-user-7",
+    email: "ada@example.com",
+    username: "ada",
+    displayName: "Ada Example",
+    avatarStorageKey: null,
+    avatarVersion: null,
+    avatarUpdatedAt: null,
+    createdAt: "2026-04-20T00:00:00.000Z"
+  });
+  const repository = createUserProfilesRepository({
+    api,
+    knex: createKnexStub()
+  });
+
+  const profile = await repository.findByIdentity({
+    provider: "supabase",
+    providerUserId: "supabase-user-7"
+  });
+
+  assert.deepEqual(calls, [{
+    authProvider: "supabase",
+    authProviderUserSid: "supabase-user-7"
+  }]);
+  assert.equal(profile?.id, "7");
+  assert.equal(profile?.displayName, "Ada Example");
+});
+
 test("userProfilesRepository.findByEmail returns null when the row is missing", async () => {
   const { api } = createUserProfilesApiStub(undefined);
   const repository = createUserProfilesRepository({

package/test/usersRouteRequestInputValidator.test.js

@@ -3,6 +3,8 @@ import test from "node:test";
 import { UsersCoreServiceProvider } from "../src/server/UsersCoreServiceProvider.js";
 import { INTERNAL_JSON_REST_API } from "@jskit-ai/json-rest-api-core/server/jsonRestApiHost";
 import { createRouter } from "../../kernel/server/http/lib/router.js";
+import { validateOperationSection } from "../../http-runtime/src/shared/validators/operationValidation.js";
+import { userProfileResource } from "../src/shared/resources/userProfileResource.js";
 
 function createReplyDouble() {
   return {
@@ -268,3 +270,19 @@ test("account settings jsonapi transport resolves response resource id from requ
     }
   });
 });
+
+test("avatar upload operation accepts the internal multipart stream field", () => {
+  const parsed = validateOperationSection({
+    operation: userProfileResource.operations.avatarUpload,
+    section: "body",
+    value: {
+      stream: {},
+      mimeType: "image/png",
+      fileName: "avatar.png"
+    }
+  });
+
+  assert.equal(parsed.ok, true);
+  assert.equal(parsed.value.mimeType, "image/png");
+  assert.equal(parsed.value.fileName, "avatar.png");
+});