@lark-apaas/miaoda-cli 0.1.2-alpha.746290f → 0.1.2-alpha.87ead47

package/dist/api/db/api.js

@@ -5,7 +5,9 @@ exports.getSchema = getSchema;
 exports.importData = importData;
 exports.exportData = exportData;
 exports.listDDLChangelog = listDDLChangelog;
+exports.getAuditStatus = getAuditStatus;
 exports.setAuditConfig = setAuditConfig;
+exports.listAuditLog = listAuditLog;
 exports.migrationInit = migrationInit;
 exports.migrate = migrate;
 exports.recover = recover;
@@ -332,13 +334,35 @@ async function listDDLChangelog(opts) {
         hasMore: Boolean(data.hasMore),
     };
 }
-// ── db audit → InnerAdminSetAuditConfig ──
+// ── db audit → InnerAdminGetAuditStatus / InnerAdminSetAuditConfig ──
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/audit/status?table=&dbBranch=
+ * 查表审计开关状态。table 非空 → 单表过滤；空 → 返当前 workspace 全部已配置表。
+ */
+async function getAuditStatus(opts) {
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, "/db/audit/status", {
+        table: opts.table,
+        dbBranch: opts.dbBranch,
+    });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)("GET", url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)("GET", url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, "Failed to get audit status");
+        throw err; // 不可达
+    }
+    const respBody = (await response.json());
+    const data = (0, client_1.extractData)(respBody);
+    return data.items ?? [];
+}
 /**
  * 后端：POST /v1/dataloom/app/{appId}/db/audit/config
  * 写：enabled=true 开启 / false 关闭。retention 仅 enabled=true 生效。
- *
- * 读路径（status / log）不在此模块——CLI handler 走 execSql 直接 SELECT
- * `_dl_audit_config` / `_dl_audit_log` 元数据表。
  */
 async function setAuditConfig(opts) {
     const client = (0, http_1.getHttpClient)();
@@ -369,6 +393,51 @@ async function setAuditConfig(opts) {
     }
     return data.status;
 }
+// ── db audit log → InnerAdminListAuditLog ──
+/**
+ * 后端：GET /v1/dataloom/app/{appId}/db/audit/log?tables=&since=&until=&limit=&cursor=&dbBranch=
+ *
+ * 走 admin-inner 接口而不是 InnerAdminExecuteSQL 直接 SELECT pg_audit：
+ *   - operator 在 details JSONB 内是 user_id，服务端解析成 username
+ *   - summary 后端按 type + before/after diff 合成（pg_audit 表无此列）
+ *   - before/after JSONB 后端 JSON.stringify 后透传字符串，CLI 按需 parse
+ *
+ * 多表用逗号拼接走 query；后端按 target_table IN (...) 一次查。skipped 字段返
+ * 多表中无记录的表名，便于 CLI 展示 hint。
+ */
+async function listAuditLog(opts) {
+    if (opts.tables.length === 0) {
+        throw new error_1.AppError("ARGS_INVALID", "at least one table is required");
+    }
+    const client = (0, http_1.getHttpClient)();
+    const url = (0, client_1.buildInnerUrl)(opts.appId, "/db/audit/log", {
+        tables: opts.tables.join(","),
+        since: opts.since,
+        until: opts.until,
+        limit: opts.limit !== undefined ? String(opts.limit) : undefined,
+        cursor: opts.cursor,
+        dbBranch: opts.dbBranch,
+    });
+    const start = Date.now();
+    let response;
+    try {
+        response = await client.get(url);
+        (0, client_1.traceHttp)("GET", url, start, response);
+    }
+    catch (err) {
+        (0, client_1.traceHttp)("GET", url, start, err instanceof http_client_1.HttpError ? err.response : undefined, err);
+        await mapDbHttpError(err, url, "Failed to list audit log");
+        throw err; // 不可达
+    }
+    const body = (await response.json());
+    const data = (0, client_1.extractData)(body);
+    return {
+        items: data.items ?? [],
+        nextCursor: data.nextCursor && data.nextCursor !== "" ? data.nextCursor : null,
+        hasMore: Boolean(data.hasMore),
+        skipped: data.skipped ?? [],
+    };
+}
 // ── db migration → InnerAdminMigrationInit / InnerAdminMigrate ──
 /**
  * 后端：POST /v1/dataloom/app/{appId}/db/enableMultiEnv

package/dist/api/db/index.js

@@ -1,13 +1,15 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.pickTableDetail = exports.flattenSchemaList = exports.parseSqlResult = exports.SQLSTATE_MAP = exports.ensureInnerSuccess = exports.buildInnerUrl = exports.getDbQuota = exports.recover = exports.migrate = exports.migrationInit = exports.setAuditConfig = exports.listDDLChangelog = exports.exportData = exports.importData = exports.getSchema = exports.execSql = void 0;
+exports.pickTableDetail = exports.flattenSchemaList = exports.parseSqlResult = exports.SQLSTATE_MAP = exports.ensureInnerSuccess = exports.buildInnerUrl = exports.getDbQuota = exports.recover = exports.migrate = exports.migrationInit = exports.listAuditLog = exports.setAuditConfig = exports.getAuditStatus = exports.listDDLChangelog = exports.exportData = exports.importData = exports.getSchema = exports.execSql = void 0;
 var api_1 = require("./api");
 Object.defineProperty(exports, "execSql", { enumerable: true, get: function () { return api_1.execSql; } });
 Object.defineProperty(exports, "getSchema", { enumerable: true, get: function () { return api_1.getSchema; } });
 Object.defineProperty(exports, "importData", { enumerable: true, get: function () { return api_1.importData; } });
 Object.defineProperty(exports, "exportData", { enumerable: true, get: function () { return api_1.exportData; } });
 Object.defineProperty(exports, "listDDLChangelog", { enumerable: true, get: function () { return api_1.listDDLChangelog; } });
+Object.defineProperty(exports, "getAuditStatus", { enumerable: true, get: function () { return api_1.getAuditStatus; } });
 Object.defineProperty(exports, "setAuditConfig", { enumerable: true, get: function () { return api_1.setAuditConfig; } });
+Object.defineProperty(exports, "listAuditLog", { enumerable: true, get: function () { return api_1.listAuditLog; } });
 Object.defineProperty(exports, "migrationInit", { enumerable: true, get: function () { return api_1.migrationInit; } });
 Object.defineProperty(exports, "migrate", { enumerable: true, get: function () { return api_1.migrate; } });
 Object.defineProperty(exports, "recover", { enumerable: true, get: function () { return api_1.recover; } });

package/dist/cli/handlers/db/audit.js

@@ -40,41 +40,37 @@ exports.handleDbAuditList = handleDbAuditList;
 const api = __importStar(require("../../../api/index"));
 const index_1 = require("../../../api/file/index");
 const shared_1 = require("../../../cli/commands/shared");
+const colors_1 = require("../../../utils/colors");
 const error_1 = require("../../../utils/error");
 const output_1 = require("../../../utils/output");
 const render_1 = require("../../../utils/render");
-const index_2 = require("../../../api/db/index");
 const VALID_RETENTION = new Set(["7d", "30d", "180d", "360d", "forever"]);
 async function handleDbAuditStatus(table, opts) {
     const appId = (0, shared_1.resolveAppId)(opts);
-    const sql = table !== undefined && table !== ""
-        ? `SELECT "table", enabled, enabled_at, retention FROM _dl_audit_config WHERE "table" = '${escapeSqlLiteral(table)}'`
-        : `SELECT "table", enabled, enabled_at, retention FROM _dl_audit_config ORDER BY "table"`;
-    const results = await api.db.execSql({ appId, sql, dbBranch: opts.env });
-    const rows = collectSelectRows(results);
-    // 单表查询且 _dl_audit_config 没记录 → enabled=false 占位
+    const items = await api.db.getAuditStatus({ appId, table, dbBranch: opts.env });
+    const rows = items.map(toAuditStatus);
+    // 单表查询但后端没记录 → 占位 enabled=false
     if (table !== undefined && table !== "" && rows.length === 0) {
-        rows.push({ table, enabled: false });
+        rows.push({ table, enabled: false, enabled_at: null, retention: null });
     }
-    const items = rows.map(toAuditStatus);
     // PRD JSON：单表返 object，多表返 array
     if ((0, output_1.isJsonMode)()) {
-        if (table !== undefined && items.length === 1) {
-            (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(items[0]));
+        if (table !== undefined && rows.length === 1) {
+            (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(rows[0]));
         }
         else {
-            (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(items));
+            (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(rows));
         }
         return;
     }
-    if (items.length === 0) {
+    if (rows.length === 0) {
         (0, output_1.emit)("No audit configuration found.");
         return;
     }
     const tty = (0, render_1.isStdoutTty)();
-    // 单表 → key:value 形态（PRD 示例）
-    if (table !== undefined && items.length === 1) {
-        const it = items[0];
+    // 单表 → key:value 形态
+    if (table !== undefined && rows.length === 1) {
+        const it = rows[0];
         (0, output_1.emit)((0, render_1.renderKeyValue)([
             ["Table", it.table],
             ["Enabled", boolToYesNo(it.enabled)],
@@ -85,7 +81,7 @@ async function handleDbAuditStatus(table, opts) {
     }
     // 列表 → table 形态
     const headers = ["table", "enabled", "enabled_at", "retention"];
-    const out = items.map((it) => [
+    const out = rows.map((it) => [
         it.table,
         boolToYesNo(it.enabled),
         it.enabled_at ? (0, render_1.formatTime)(it.enabled_at, tty) : "—",
@@ -93,24 +89,12 @@ async function handleDbAuditStatus(table, opts) {
     ]);
     (0, output_1.emit)(tty ? (0, render_1.renderAlignedTable)(headers, out) : (0, render_1.renderTsv)(headers, out));
 }
-function toAuditStatus(row) {
-    // retention 列存的是后端 ValidDay (int64 天数)，按 sentinel 反向映射成 PRD 字符串
-    const rawRetention = row.retention;
-    let retention = null;
-    if (rawRetention != null) {
-        if (typeof rawRetention === "number") {
-            retention = retentionDaysToString(rawRetention);
-        }
-        else if (typeof rawRetention === "string") {
-            // 兼容存的就是字符串形态（"7d" / "forever"）
-            retention = rawRetention;
-        }
-    }
+function toAuditStatus(s) {
     return {
-        table: asString(row.table),
-        enabled: Boolean(row.enabled),
-        enabled_at: row.enabled_at == null ? null : asString(row.enabled_at),
-        retention,
+        table: s.table,
+        enabled: s.enabled,
+        enabled_at: s.enabledAt ?? null,
+        retention: s.retention ?? null,
     };
 }
 async function handleDbAuditEnable(table, opts) {
@@ -146,7 +130,9 @@ async function handleDbAuditEnable(table, opts) {
     }
     const tty = (0, render_1.isStdoutTty)();
     const prefix = tty ? "✓" : "OK";
-    (0, output_1.emit)(`${prefix} Audit enabled for table '${status.table}' (retention: ${status.retention ?? retention})`);
+    // c.highlight 内部按 TTY/NO_COLOR/FORCE_COLOR 自动决定是否染色，无需再判 tty
+    const tableLabel = colors_1.c.highlight(`'${status.table}'`);
+    (0, output_1.emit)(`${prefix} Audit enabled for table ${tableLabel} (retention: ${status.retention ?? retention})`);
 }
 async function handleDbAuditDisable(table, opts) {
     if (!table) {
@@ -170,7 +156,7 @@ async function handleDbAuditDisable(table, opts) {
     }
     const tty = (0, render_1.isStdoutTty)();
     const prefix = tty ? "✓" : "OK";
-    (0, output_1.emit)(`${prefix} Audit disabled for table '${status.table}'`);
+    (0, output_1.emit)(`${prefix} Audit disabled for table ${colors_1.c.highlight(`'${status.table}'`)}`);
 }
 async function handleDbAuditList(tables, opts) {
     if (tables.length === 0) {
@@ -182,40 +168,35 @@ async function handleDbAuditList(tables, opts) {
     }
     const appId = (0, shared_1.resolveAppId)(opts);
     const limit = opts.limit ?? 20;
-    // since 优先级：opts.cursor（前一页末条 event_time）> opts.since
-    const sinceRaw = opts.cursor ?? opts.since;
-    const since = normalizeTime(sinceRaw, "--since/--cursor");
+    // 时间字段归一化为 ISO 8601 UTC（服务端按 event_time 字段比较）。cursor 由
+    // 后端管理（本质也是 ISO 时间），CLI 不再混用 cursor/since。
+    const since = normalizeTime(opts.since, "--since");
     const until = normalizeTime(opts.until, "--until");
-    const inList = tables.map((t) => `'${escapeSqlLiteral(t)}'`).join(",");
-    const whereParts = [`target_table IN (${inList})`];
-    if (since !== undefined)
-        whereParts.push(`event_time >= '${since}'`);
-    if (until !== undefined)
-        whereParts.push(`event_time <= '${until}'`);
-    const sql = `SELECT event_id, event_time, target_table, type, operator, summary, details ` +
-        `FROM _dl_audit_log WHERE ${whereParts.join(" AND ")} ORDER BY event_time DESC LIMIT ${String(limit + 1)}`;
-    const results = await api.db.execSql({ appId, sql, dbBranch: opts.env });
-    const allRows = collectSelectRows(results);
-    const hasMore = allRows.length > limit;
-    const visible = hasMore ? allRows.slice(0, limit) : allRows;
-    const nextCursor = hasMore && visible.length > 0 ? asString(visible[visible.length - 1].event_time) : null;
-    // 多表混合时统计哪些表无记录
-    const seen = new Set();
-    for (const r of visible)
-        seen.add(asString(r.target_table));
-    const skipped = tables.filter((t) => !seen.has(t));
+    const result = await api.db.listAuditLog({
+        appId,
+        tables,
+        since,
+        until,
+        limit,
+        cursor: opts.cursor,
+        dbBranch: opts.env,
+    });
+    const visible = result.items;
+    const skipped = result.skipped;
     // PRD JSON：data 是数组，元素是事件对象（snake_case），分页信封 next_cursor / has_more
     if ((0, output_1.isJsonMode)()) {
-        const items = visible.map((r) => ({
-            event_id: asString(r.event_id),
-            event_time: asString(r.event_time),
-            target_table: asString(r.target_table),
-            type: asString(r.type),
-            operator: asString(r.operator),
-            summary: asString(r.summary),
-            details: r.details, // 已经是结构化 JSON，透传
+        const items = visible.map((it) => ({
+            event_id: it.eventId,
+            event_time: it.eventTime,
+            target_table: it.targetTable,
+            type: it.type,
+            operator: it.operator,
+            summary: it.summary,
+            // before/after 服务端是 JSON 字符串，反序列化回结构化对象供下游消费
+            ...(it.before !== undefined ? { before: safeParseJson(it.before) } : {}),
+            ...(it.after !== undefined ? { after: safeParseJson(it.after) } : {}),
         }));
-        (0, output_1.emitPaged)(items, nextCursor, hasMore);
+        (0, output_1.emitPaged)(items, result.nextCursor, result.hasMore);
         if (skipped.length > 0) {
             process.stderr.write(`(${String(skipped.length)} table(s) skipped: ${skipped.join(", ")})\n`);
         }
@@ -238,23 +219,17 @@ async function handleDbAuditList(tables, opts) {
         ? ["target_table", "event_time", "type", "event_id", "operator", "summary"]
         : ["event_time", "type", "event_id", "operator", "summary"];
     const rows = visible.map((it) => {
-        const eventTime = (0, render_1.formatTime)(asString(it.event_time), tty);
-        const eventId = truncateId(asString(it.event_id));
-        const cells = [
-            eventTime,
-            asString(it.type),
-            eventId,
-            asString(it.operator, "—"),
-            asString(it.summary),
-        ];
-        return isMultiTable ? [asString(it.target_table), ...cells] : cells;
+        const eventTime = (0, render_1.formatTime)(it.eventTime, tty);
+        const eventId = truncateId(it.eventId);
+        const cells = [eventTime, it.type, eventId, it.operator || "—", it.summary];
+        return isMultiTable ? [it.targetTable, ...cells] : cells;
     });
     (0, output_1.emit)(tty ? (0, render_1.renderAlignedTable)(headers, rows) : (0, render_1.renderTsv)(headers, rows));
     if (skipped.length > 0) {
         process.stderr.write(`(${String(skipped.length)} table(s) skipped: ${skipped.join(", ")})\n`);
     }
-    if (hasMore && nextCursor) {
-        process.stderr.write(`(more results; use --cursor '${nextCursor}')\n`);
+    if (result.hasMore && result.nextCursor) {
+        process.stderr.write(`(more results; use --cursor '${result.nextCursor}')\n`);
     }
 }
 // ── helpers ──
@@ -268,46 +243,20 @@ function normalizeTime(input, flagName) {
     const ms = (0, index_1.parseTimeFilterMs)(input, flagName);
     return new Date(ms).toISOString();
 }
-function collectSelectRows(results) {
-    const out = [];
-    for (const r of results) {
-        const parsed = (0, index_2.parseSqlResult)(r);
-        if (parsed.kind === "select")
-            out.push(...parsed.rows);
+// 服务端 before/after 是 JSON 字符串透传，CLI JSON 输出再反序列化回对象，
+// 给下游 jq 等工具消费。失败时透传原始字符串避免数据丢失。
+function safeParseJson(s) {
+    try {
+        return JSON.parse(s);
+    }
+    catch {
+        return s;
     }
-    return out;
-}
-// SQL 字面量转义。表名 / 时间戳由调用方控制范围（白名单或严格 ISO 8601 正则）。
-function escapeSqlLiteral(s) {
-    return s.replace(/'/g, "''");
 }
 // PRD 输出 enabled 列用 yes/no 而非 true/false
 function boolToYesNo(b) {
     return b ? "yes" : "no";
 }
-// 后端 ValidDay (int64 天数) → PRD retention 字符串。-1 = 永久（前端 / 后端约定）
-function retentionDaysToString(days) {
-    if (days === -1)
-        return "forever";
-    if (days === 7)
-        return "7d";
-    if (days === 30)
-        return "30d";
-    if (days === 180)
-        return "180d";
-    if (days === 360)
-        return "360d";
-    return `${String(days)}d`;
-}
-function asString(v, fallback = "") {
-    if (v == null)
-        return fallback;
-    if (typeof v === "string")
-        return v;
-    if (typeof v === "number" || typeof v === "boolean" || typeof v === "bigint")
-        return String(v);
-    return JSON.stringify(v);
-}
 // audit list 的 event_id 在 TTY 视图里截断展示（PRD 示例 "01525416B44F..."）
 function truncateId(id) {
     if (id.length <= 12)

package/dist/cli/handlers/db/quota.js

@@ -42,7 +42,17 @@ async function handleDbQuota(opts) {
     const appId = (0, shared_1.resolveAppId)(opts);
     const data = await api.db.getDbQuota({ appId, dbBranch: opts.env });
     if ((0, output_1.isJsonMode)()) {
-        (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(data));
+        // 配额未对接（storageQuotaBytes=0）时，quota / usage_percent 字段都不输出
+        const out = {
+            storageUsedBytes: data.storageUsedBytes,
+            tables: data.tables,
+            views: data.views,
+        };
+        if (data.storageQuotaBytes > 0) {
+            out.storageQuotaBytes = data.storageQuotaBytes;
+            out.usagePercent = data.usagePercent;
+        }
+        (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(out));
         return;
     }
     // PRD：单行 "Storage: 14.9 MB / 1 GB (1.5%)"；配额未对接时只显示 used

package/dist/cli/handlers/file/quota.js

@@ -42,7 +42,16 @@ async function handleFileQuota(opts) {
     const appId = (0, shared_1.resolveAppId)(opts);
     const data = await api.file.getStorageQuota({ appId });
     if ((0, output_1.isJsonMode)()) {
-        (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(data));
+        // 配额未对接（storageQuotaBytes=0）时，quota / usage_percent 字段都不输出
+        const out = {
+            storageUsedBytes: data.storageUsedBytes,
+            files: data.files,
+        };
+        if (data.storageQuotaBytes > 0) {
+            out.storageQuotaBytes = data.storageQuotaBytes;
+            out.usagePercent = data.usagePercent;
+        }
+        (0, output_1.emitOk)((0, output_1.snakeCaseKeys)(out));
         return;
     }
     // PRD：单行 "Storage: 150 MB / 1 GB (15%)"；配额未对接时只显示 used

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lark-apaas/miaoda-cli",
-  "version": "0.1.2-alpha.746290f",
+  "version": "0.1.2-alpha.87ead47",
   "description": "Miaoda 平台命令行工具，面向 Agent 调用",
   "type": "commonjs",
   "bin": {