@libredb/studio 0.9.7 → 0.9.13

package/src/app/api/auth/oidc/login/route.ts

@@ -1,43 +0,0 @@
-import { NextResponse } from 'next/server';
-import { cookies } from 'next/headers';
-import {
-  getOIDCConfig,
-  discoverProvider,
-  generateAuthUrl,
-  encryptState,
-  getPublicOrigin,
-} from '@/lib/oidc';
-import { logger } from '@/lib/logger';
-
-export async function GET(request: Request) {
-  try {
-    const oidcConfig = getOIDCConfig();
-    const config = await discoverProvider(oidcConfig);
-
-    const origin = getPublicOrigin(request);
-    const redirectUri = `${origin}/api/auth/oidc/callback`;
-
-    const { url, state } = await generateAuthUrl(
-      config,
-      redirectUri,
-      oidcConfig.scope
-    );
-
-    // Store PKCE state in signed cookie
-    const stateCookie = await encryptState(state);
-    const cookieStore = await cookies();
-    cookieStore.set('oidc-state', stateCookie, {
-      httpOnly: true,
-      secure: process.env.NODE_ENV === 'production',
-      sameSite: 'lax',
-      maxAge: 300, // 5 minutes
-      path: '/',
-    });
-
-    return NextResponse.redirect(url.toString());
-  } catch (error) {
-    logger.error('OIDC login error', error, { route: 'GET /api/auth/oidc/login' });
-    const origin = getPublicOrigin(request);
-    return NextResponse.redirect(`${origin}/login?error=oidc_config`);
-  }
-}

package/src/app/api/connections/managed/route.ts

@@ -1,35 +0,0 @@
-import { NextResponse } from 'next/server';
-import { getSession } from '@/lib/auth';
-import { getManagedConnections } from '@/lib/seed';
-import { logger } from '@/lib/logger';
-
-export const dynamic = 'force-dynamic';
-
-export async function GET() {
-  try {
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    const connections = await getManagedConnections([session.role]);
-
-    const sanitized = connections.map((conn) => {
-      if (conn.managed) {
-        const { password, connectionString, ...rest } = conn;
-        return rest;
-      }
-      return conn;
-    });
-
-    const rawTTL = Number(process.env.SEED_CACHE_TTL_MS);
-    const cacheTTL = Number.isFinite(rawTTL) ? rawTTL : 60_000;
-
-    return NextResponse.json({ connections: sanitized, cacheHint: cacheTTL });
-  } catch (error) {
-    logger.error('Failed to load managed connections', error, {
-      route: 'GET /api/connections/managed',
-    });
-    return NextResponse.json({ error: 'Failed to load managed connections' }, { status: 500 });
-  }
-}

package/src/app/api/db/cancel/route.ts

@@ -1,42 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getOrCreateProvider } from '@/lib/db';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-import { getSession } from '@/lib/auth';
-
-export async function POST(req: NextRequest) {
-  try {
-    const body = await req.json();
-    const { queryId } = body;
-
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    const connection = await resolveConnection(body, session);
-
-    if (!queryId) {
-      return NextResponse.json(
-        { error: 'Connection and queryId are required' },
-        { status: 400 }
-      );
-    }
-
-    const provider = await getOrCreateProvider(connection);
-
-    // Check if provider supports cancellation
-    if (!('cancelQuery' in provider) || typeof (provider as Record<string, unknown>).cancelQuery !== 'function') {
-      return NextResponse.json(
-        { error: 'Query cancellation is not supported for this database type', cancelled: false },
-        { status: 400 }
-      );
-    }
-
-    const cancelled = await (provider as { cancelQuery(queryId: string): Promise<boolean> }).cancelQuery(queryId);
-
-    return NextResponse.json({ cancelled });
-  } catch (error) {
-    return createErrorResponse(error, { route: 'api/db/cancel' });
-  }
-}

package/src/app/api/db/disconnect/route.ts

@@ -1,28 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { removeProvider } from '@/lib/db/factory';
-import { logger } from '@/lib/logger';
-
-export async function POST(req: NextRequest) {
-  try {
-    const { connectionId } = await req.json();
-
-    if (!connectionId || typeof connectionId !== 'string') {
-      return NextResponse.json(
-        { success: false, error: 'connectionId is required' },
-        { status: 400 }
-      );
-    }
-
-    await removeProvider(connectionId);
-
-    logger.info('[DB] Provider disconnected and removed from cache', { connectionId });
-
-    return NextResponse.json({ success: true });
-  } catch (error) {
-    logger.error('[DB] Error disconnecting provider', { error: String(error) });
-    return NextResponse.json(
-      { success: false, error: 'Failed to disconnect' },
-      { status: 500 }
-    );
-  }
-}

package/src/app/api/db/health/route.ts

@@ -1,49 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getOrCreateProvider } from '@/lib/db';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-import { getSession } from '@/lib/auth';
-
-/**
- * GET /api/db/health
- * Simple health check for load balancers and container orchestration (Render, K8s, etc.)
- * Returns 200 OK if the service is running
- */
-export async function GET() {
-  return NextResponse.json({
-    status: 'healthy',
-    timestamp: new Date().toISOString(),
-    service: 'libredb-studio',
-  });
-}
-
-/**
- * POST /api/db/health
- * Detailed health check for a specific database connection
- */
-export async function POST(req: NextRequest) {
-  try {
-    const body = await req.json();
-
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    const connection = await resolveConnection(body, session);
-
-    if (!connection.type) {
-      return NextResponse.json(
-        { error: 'Valid connection configuration is required' },
-        { status: 400 }
-      );
-    }
-
-    const provider = await getOrCreateProvider(connection);
-    const health = await provider.getHealth();
-
-    return NextResponse.json(health);
-  } catch (error) {
-    return createErrorResponse(error, { route: 'api/db/health' });
-  }
-}

package/src/app/api/db/maintenance/route.ts

@@ -1,72 +0,0 @@
-import { getSession } from '@/lib/auth';
-import { NextResponse } from 'next/server';
-import {
-  getOrCreateProvider,
-  type MaintenanceType,
-} from '@/lib/db';
-import { getServerAuditBuffer } from '@/lib/audit';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-
-export async function POST(request: Request) {
-  // Check admin authorization
-  const session = await getSession();
-
-  if (!session || session.role !== 'admin') {
-    return NextResponse.json(
-      { error: 'Unauthorized. Admin access required.' },
-      { status: 403 }
-    );
-  }
-
-  try {
-    const body = await request.json();
-    const { type, target } = body;
-
-    const connection = await resolveConnection(body, session);
-
-    if (!type) {
-      return NextResponse.json(
-        { error: 'Maintenance type is required' },
-        { status: 400 }
-      );
-    }
-
-    const provider = await getOrCreateProvider(connection);
-    const capabilities = provider.getCapabilities();
-
-    if (!capabilities.supportsMaintenance) {
-      return NextResponse.json(
-        { error: `Maintenance operations not supported for this database` },
-        { status: 400 }
-      );
-    }
-
-    if (!capabilities.maintenanceOperations.includes(type as MaintenanceType)) {
-      return NextResponse.json(
-        { error: `Operation '${type}' not supported for this database. Supported: ${capabilities.maintenanceOperations.join(', ')}` },
-        { status: 400 }
-      );
-    }
-
-    const startTime = Date.now();
-    const result = await provider.runMaintenance(type, target);
-    const duration = Date.now() - startTime;
-
-    // Emit audit event
-    const audit = getServerAuditBuffer();
-    audit.push({
-      type: type === 'kill' ? 'kill_session' : 'maintenance',
-      action: type.toUpperCase(),
-      target: target || 'all',
-      connectionName: connection.name || connection.database || 'unknown',
-      user: session.username || 'admin',
-      result: 'success',
-      duration,
-    });
-
-    return NextResponse.json(result);
-  } catch (error) {
-    return createErrorResponse(error, { route: 'api/db/maintenance' });
-  }
-}

package/src/app/api/db/monitoring/route.ts

@@ -1,62 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getOrCreateProvider } from '@/lib/db';
-import type { MonitoringOptions } from '@/lib/db/types';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-import { getSession } from '@/lib/auth';
-
-/**
- * POST /api/db/monitoring
- * Get comprehensive monitoring data for a database connection
- */
-export async function POST(req: NextRequest) {
-  try {
-    // Handle empty or aborted requests
-    let body;
-    try {
-      const text = await req.text();
-      if (!text) {
-        return NextResponse.json(
-          { error: 'Request body is empty' },
-          { status: 400 }
-        );
-      }
-      body = JSON.parse(text);
-    } catch {
-      return NextResponse.json(
-        { error: 'Invalid JSON in request body' },
-        { status: 400 }
-      );
-    }
-
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    const connection = await resolveConnection(body, session);
-    const { options } = body as { options?: MonitoringOptions };
-
-    if (!connection.type) {
-      return NextResponse.json(
-        { error: 'Valid connection configuration is required' },
-        { status: 400 }
-      );
-    }
-
-    const provider = await getOrCreateProvider(connection);
-    const monitoringData = await provider.getMonitoringData(options);
-
-    return NextResponse.json(monitoringData);
-  } catch (error) {
-    // Ignore aborted requests (client cancelled)
-    if (error instanceof Error &&
-        (error.message === 'aborted' ||
-         error.name === 'AbortError' ||
-         (error as NodeJS.ErrnoException).code === 'ECONNRESET')) {
-      return new Response(null, { status: 499 }); // Client Closed Request
-    }
-
-    return createErrorResponse(error, { route: 'api/db/monitoring' });
-  }
-}

package/src/app/api/db/multi-query/route.ts

@@ -1,116 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getOrCreateProvider } from '@/lib/db';
-import { splitStatements } from '@/lib/sql/statement-splitter';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-import { getSession } from '@/lib/auth';
-
-export interface StatementResult {
-  index: number;
-  sql: string;
-  startLine: number;
-  status: 'success' | 'error';
-  rows?: Record<string, unknown>[];
-  fields?: string[];
-  rowCount?: number;
-  executionTime: number;
-  error?: string;
-}
-
-export async function POST(req: NextRequest) {
-  try {
-    const body = await req.json();
-    const { sql, options = {} } = body;
-
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    const connection = await resolveConnection(body, session);
-
-    if (!sql) {
-      return NextResponse.json(
-        { error: 'Connection and query are required' },
-        { status: 400 }
-      );
-    }
-
-    const statements = splitStatements(sql);
-
-    if (statements.length === 0) {
-      return NextResponse.json(
-        { error: 'No valid SQL statements found' },
-        { status: 400 }
-      );
-    }
-
-    const provider = await getOrCreateProvider(connection);
-    const results: StatementResult[] = [];
-    let totalExecutionTime = 0;
-
-    for (let i = 0; i < statements.length; i++) {
-      const stmt = statements[i];
-      const startTime = performance.now();
-
-      try {
-        // For the last statement that is a SELECT, apply limit
-        const isLastSelect = i === statements.length - 1 && /^\s*SELECT\b/i.test(stmt.sql);
-        const prepared = isLastSelect
-          ? provider.prepareQuery(stmt.sql, options)
-          : { query: stmt.sql, wasLimited: false, limit: 0, offset: 0 };
-
-        const result = await provider.query(prepared.query);
-        const executionTime = Math.round(performance.now() - startTime);
-        totalExecutionTime += executionTime;
-
-        results.push({
-          index: i,
-          sql: stmt.sql,
-          startLine: stmt.startLine,
-          status: 'success',
-          rows: result.rows,
-          fields: result.fields,
-          rowCount: result.rowCount,
-          executionTime,
-        });
-      } catch (error) {
-        const executionTime = Math.round(performance.now() - startTime);
-        totalExecutionTime += executionTime;
-        const errorMessage = error instanceof Error ? error.message : 'Unknown error';
-
-        results.push({
-          index: i,
-          sql: stmt.sql,
-          startLine: stmt.startLine,
-          status: 'error',
-          executionTime,
-          error: errorMessage,
-        });
-
-        // Stop execution on error
-        break;
-      }
-    }
-
-    // Return the last successful result with rows as the main result (for ResultsGrid)
-    const lastResultWithRows = [...results].reverse().find(r => r.status === 'success' && r.rows && r.rows.length > 0);
-    const hasError = results.some(r => r.status === 'error');
-
-    return NextResponse.json({
-      // Main result (for backward compatibility with ResultsGrid)
-      rows: lastResultWithRows?.rows || [],
-      fields: lastResultWithRows?.fields || [],
-      rowCount: lastResultWithRows?.rowCount || 0,
-      executionTime: totalExecutionTime,
-      // Multi-statement metadata
-      multiStatement: true,
-      statementCount: statements.length,
-      executedCount: results.length,
-      hasError,
-      statements: results,
-    });
-  } catch (error) {
-    return createErrorResponse(error, { route: 'api/db/multi-query' });
-  }
-}

package/src/app/api/db/pool-stats/route.ts

@@ -1,37 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getOrCreateProvider } from '@/lib/db/factory';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-import { getSession } from '@/lib/auth';
-
-export async function POST(request: NextRequest) {
-  try {
-    const body = await request.json();
-
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    const connection = await resolveConnection(body, session);
-
-    const provider = await getOrCreateProvider(connection);
-
-    // Check if provider has getPoolStats
-    if ('getPoolStats' in provider && typeof (provider as Record<string, unknown>).getPoolStats === 'function') {
-      const stats = (provider as { getPoolStats: () => { total: number; idle: number; active: number; waiting: number } }).getPoolStats();
-      return NextResponse.json(stats);
-    }
-
-    // Fallback for providers without pool stats
-    return NextResponse.json({
-      total: 0,
-      idle: 0,
-      active: 0,
-      waiting: 0,
-      message: 'Pool statistics not available for this provider',
-    });
-  } catch (error) {
-    return createErrorResponse(error, { route: 'api/db/pool-stats' });
-  }
-}

package/src/app/api/db/profile/route.ts

@@ -1,144 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getOrCreateProvider } from '@/lib/db/factory';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-import { getSession } from '@/lib/auth';
-
-export async function POST(req: NextRequest) {
-  try {
-    const body = await req.json();
-    const { tableName, columns } = body;
-
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    const connection = await resolveConnection(body, session);
-
-    if (!tableName) {
-      return NextResponse.json({ error: 'tableName is required' }, { status: 400 });
-    }
-
-    const provider = await getOrCreateProvider(connection);
-
-    {
-      const capabilities = provider.getCapabilities();
-      const isSQL = capabilities.queryLanguage === 'sql';
-
-      if (!isSQL) {
-        // MongoDB profiling
-        const profileQuery = JSON.stringify({
-          collection: tableName,
-          operation: 'aggregate',
-          pipeline: [
-            { $sample: { size: 1000 } },
-            { $project: Object.fromEntries((columns || []).map((c: string) => [c, 1])) },
-          ],
-        });
-        const sampleResult = await provider.query(profileQuery);
-        const totalCountResult = await provider.query(JSON.stringify({
-          collection: tableName,
-          operation: 'countDocuments',
-          filter: {},
-        }));
-
-        const totalRows = totalCountResult.rows[0]?.count || sampleResult.rows.length;
-        const columnProfiles = (columns || []).map((col: string) => {
-          const values = sampleResult.rows.map(r => r[col]).filter(v => v !== undefined);
-          const nullCount = sampleResult.rows.length - values.length;
-          const distinctValues = new Set(values.map(v => JSON.stringify(v)));
-
-          return {
-            name: col,
-            type: typeof values[0] || 'unknown',
-            totalRows,
-            nullCount,
-            nullPercent: sampleResult.rows.length > 0 ? Math.round((nullCount / sampleResult.rows.length) * 100) : 0,
-            distinctCount: distinctValues.size,
-            sampleValues: values.slice(0, 5).map(v => String(v)),
-          };
-        });
-
-        return NextResponse.json({ tableName, totalRows, columns: columnProfiles });
-      }
-
-      // SQL profiling
-      const colList = (columns || []) as string[];
-      if (colList.length === 0) {
-        return NextResponse.json({ error: 'No columns to profile' }, { status: 400 });
-      }
-
-      // Get total row count
-      const countResult = await provider.query(`SELECT COUNT(*) as total FROM ${tableName}`);
-      const totalRows = Number(countResult.rows[0]?.total || 0);
-
-      // Build profiling query for each column
-      const profileParts = colList.slice(0, 20).map((col) => {
-        const safeCol = `"${col}"`;
-        return `
-          SELECT
-            '${col.replace(/'/g, "''")}' as column_name,
-            COUNT(*) as total_count,
-            COUNT(${safeCol}) as non_null_count,
-            COUNT(*) - COUNT(${safeCol}) as null_count,
-            COUNT(DISTINCT ${safeCol}) as distinct_count,
-            MIN(${safeCol}::text) as min_value,
-            MAX(${safeCol}::text) as max_value
-          FROM ${tableName}
-        `;
-      });
-
-      const columnProfiles: { name: string; totalRows: number; nullCount: number; nullPercent: number; distinctCount: number; minValue?: unknown; maxValue?: unknown; error?: string; sampleValues?: string[] }[] = [];
-
-      for (const sql of profileParts) {
-        try {
-          const result = await provider.query(sql);
-          const row = result.rows[0];
-          if (row) {
-            const nullCount = Number(row.null_count || 0);
-            const total = Number(row.total_count || 0);
-
-            columnProfiles.push({
-              name: String(row.column_name),
-              totalRows: total,
-              nullCount,
-              nullPercent: total > 0 ? Math.round((nullCount / total) * 100) : 0,
-              distinctCount: Number(row.distinct_count || 0),
-              minValue: row.min_value,
-              maxValue: row.max_value,
-            });
-          }
-        } catch {
-          // Skip columns that can't be profiled (e.g., binary)
-          columnProfiles.push({
-            name: colList[columnProfiles.length],
-            totalRows,
-            nullCount: 0,
-            nullPercent: 0,
-            distinctCount: 0,
-            error: 'Could not profile this column',
-          });
-        }
-      }
-
-      // Get sample values for top 5 columns
-      const topCols = colList.slice(0, 5);
-      const safeCols = topCols.map(c => `"${c}"`).join(', ');
-      try {
-        const sampleResult = await provider.query(
-          `SELECT ${safeCols} FROM ${tableName} LIMIT 5`
-        );
-        for (const profile of columnProfiles) {
-          if (topCols.includes(profile.name)) {
-            profile.sampleValues = sampleResult.rows.map(r => String(r[profile.name] ?? 'NULL')).slice(0, 5);
-          }
-        }
-      } catch { /* skip sample values on error */ }
-
-      return NextResponse.json({ tableName, totalRows, columns: columnProfiles });
-    }
-  } catch (error) {
-    return createErrorResponse(error, { route: 'api/db/profile' });
-  }
-}

package/src/app/api/db/provider-meta/route.ts

@@ -1,49 +0,0 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { getOrCreateProvider } from '@/lib/db';
-import { createErrorResponse } from '@/lib/api/errors';
-import { resolveConnection } from '@/lib/seed/resolve-connection';
-import { getSession } from '@/lib/auth';
-
-export const dynamic = 'force-dynamic';
-
-export async function POST(req: NextRequest) {
-  try {
-    let body;
-    try {
-      body = await req.json();
-    } catch {
-      return NextResponse.json({ error: 'Empty request body' }, { status: 400 });
-    }
-
-    if (!body || (typeof body === 'object' && Object.keys(body).length === 0)) {
-      return NextResponse.json({ error: 'Empty request body' }, { status: 400 });
-    }
-
-    const session = await getSession();
-    if (!session) {
-      return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
-    }
-
-    // Support both formats: { connectionId: "seed:X" }, { connection: {...} }, or bare connection object
-    const connection = await resolveConnection(
-      body.connectionId ? body : (body.connection ? body : { connection: body }),
-      session,
-    );
-
-    if (!connection.type) {
-      return NextResponse.json(
-        { error: 'Valid connection configuration is required' },
-        { status: 400 }
-      );
-    }
-
-    const provider = await getOrCreateProvider(connection);
-
-    return NextResponse.json({
-      capabilities: provider.getCapabilities(),
-      labels: provider.getLabels(),
-    });
-  } catch (error) {
-    return createErrorResponse(error, { route: 'api/db/provider-meta' });
-  }
-}