@nocobase/database 1.9.0-alpha.11 → 1.9.0-alpha.12

package/lib/collection.d.ts

@@ -88,6 +88,13 @@ export declare class Collection<TModelAttributes extends {} = any, TCreationAttr
     get db(): Database;
     get treeParentField(): BelongsToField | null;
     get treeChildrenField(): HasManyField | null;
+    validate(options: {
+        values: Record<string, any> | Record<string, any>[];
+        operation: 'create' | 'update';
+        context: {
+            t: Function;
+        };
+    }): void;
     isMultiFilterTargetKey(): boolean;
     tableName(): any;
     /**

package/lib/collection.js

@@ -53,9 +53,11 @@ var import_events = require("events");
 var import_lodash = __toESM(require("lodash"));
 var import_safe_json_stringify = __toESM(require("safe-json-stringify"));
 var import_sequelize = require("sequelize");
+var import_fields = require("./fields");
 var import_model = require("./model");
 var import_repository = require("./repository");
 var import_utils = require("./utils");
+var import_field_validation = require("./utils/field-validation");
 function EnsureAtomicity(target, propertyKey, descriptor) {
   const originalMethod = descriptor.value;
   descriptor.value = function(...args) {
@@ -152,6 +154,71 @@ const _Collection = class _Collection extends import_events.EventEmitter {
       }
     }
   }
+  validate(options) {
+    const { values: updateValues, context, operation } = options;
+    if (!updateValues) {
+      return;
+    }
+    const values = Array.isArray(updateValues) ? updateValues : [updateValues];
+    const { t } = context || { t: /* @__PURE__ */ __name((key, options2) => key, "t") };
+    const unwrapTplLabel = /* @__PURE__ */ __name((label) => {
+      if (typeof label !== "string") return label;
+      const m = label.match(/^[\s\t]*\{\{\s*t\(\s*(['"])(.*?)\1(?:\s*,[\s\S]*)?\)\s*\}\}[\s\t]*$/);
+      return m ? m[2] : label;
+    }, "unwrapTplLabel");
+    const helper = /* @__PURE__ */ __name((field, value) => {
+      var _a, _b, _c;
+      const val = value[field.name];
+      if (!field.options.validation) {
+        return;
+      }
+      const fieldLabel = unwrapTplLabel(((_a = field.options.uiSchema) == null ? void 0 : _a.title) || field.name);
+      if (field instanceof import_fields.RelationField) {
+        if ((_b = field.options) == null ? void 0 : _b.validation.rules) {
+          const isRequired = (_c = field.options) == null ? void 0 : _c.validation.rules.some((rule) => rule.name === "required");
+          if (isRequired && !val) {
+            throw new Error(
+              t("{{#label}} is required", {
+                ns: "client",
+                "#label": `${t("Collection", { ns: "client" })}: ${this.name}, ${t("Field", { ns: "client" })}: ${t(
+                  fieldLabel,
+                  { ns: "client" }
+                )}`
+              })
+            );
+          }
+        }
+        return;
+      }
+      const joiSchema = (0, import_field_validation.buildJoiSchema)(field.options.validation, {
+        label: `${t("Collection", { ns: "client" })}: ${this.name}, ${t("Field", { ns: "client" })}: ${t(fieldLabel, {
+          ns: "client"
+        })}`,
+        value: val
+      });
+      const { error } = joiSchema.validate(val, {
+        messages: (0, import_field_validation.getJoiErrorMessage)(t)
+      });
+      if (error) {
+        throw error;
+      }
+    }, "helper");
+    for (const value of values) {
+      if (operation === "create") {
+        for (const [, field] of this.fields) {
+          helper(field, value);
+        }
+      }
+      if (operation === "update") {
+        for (const key of Object.keys(value)) {
+          const field = this.getField(key);
+          if (field) {
+            helper(field, value);
+          }
+        }
+      }
+    }
+  }
   isMultiFilterTargetKey() {
     return Array.isArray(this.filterTargetKey) && this.filterTargetKey.length > 1;
   }

package/lib/fields/field.d.ts

@@ -10,17 +10,39 @@ import { DataType, ModelAttributeColumnOptions, ModelIndexesOptions, SyncOptions
 import { Collection } from '../collection';
 import { Database } from '../database';
 import { ModelEventTypes } from '../types';
+import { BasicType, BooleanSchema, NumberSchema, ObjectSchema, StringSchema } from 'joi';
 export interface FieldContext {
     database: Database;
     collection: Collection;
 }
-export interface BaseFieldOptions {
+type RuleSchemaMap = {
+    string: StringSchema;
+    boolean: BooleanSchema;
+    number: NumberSchema;
+    object: ObjectSchema;
+};
+export type FieldValidationRuleName<T extends BasicType> = T extends keyof RuleSchemaMap ? keyof RuleSchemaMap[T] : never;
+export interface FieldValidationRule<T extends BasicType> {
+    key: string;
+    name: FieldValidationRuleName<T>;
+    args?: {
+        [key: string]: any;
+    };
+    paramsType?: 'object';
+}
+export interface ValidationOptions<T extends BasicType = BasicType> {
+    type: T;
+    rules: FieldValidationRule<T>[];
+    [key: string]: any;
+}
+export interface BaseFieldOptions<T extends BasicType = BasicType> {
     name?: string;
     hidden?: boolean;
     translation?: boolean;
+    validation?: ValidationOptions<T>;
     [key: string]: any;
 }
-export interface BaseColumnFieldOptions extends BaseFieldOptions, Omit<ModelAttributeColumnOptions, 'type'> {
+export interface BaseColumnFieldOptions<T extends BasicType = BasicType> extends BaseFieldOptions<T>, Omit<ModelAttributeColumnOptions, 'type'> {
     dataType?: DataType;
     index?: boolean | ModelIndexesOptions;
 }
@@ -50,3 +72,4 @@ export declare abstract class Field {
     additionalSequelizeOptions(): {};
     typeToString(): any;
 }
+export {};

package/lib/fields/number-field.d.ts

@@ -13,7 +13,7 @@ export declare abstract class NumberField extends Field {
 export declare class IntegerField extends NumberField {
     get dataType(): DataTypes.IntegerDataTypeConstructor;
 }
-export interface IntegerFieldOptions extends BaseColumnFieldOptions {
+export interface IntegerFieldOptions extends BaseColumnFieldOptions<'number'> {
     type: 'integer';
 }
 export declare class BigIntField extends NumberField {

package/lib/fields/string-field.d.ts

@@ -14,7 +14,7 @@ export declare class StringField extends Field {
         set(value: any): void;
     };
 }
-export interface StringFieldOptions extends BaseColumnFieldOptions {
+export interface StringFieldOptions extends BaseColumnFieldOptions<'string'> {
     type: 'string';
     length?: number;
     trim?: boolean;

package/lib/index.d.ts

@@ -42,3 +42,4 @@ export { default as fieldTypeMap } from './view/field-type-map';
 export * from './view/view-inference';
 export * from './update-guard';
 export { default as operators } from './operators';
+export { filterIncludes, mergeIncludes } from './utils/filter-include';

package/lib/index.js

@@ -54,8 +54,10 @@ __export(src_exports, {
   ValidationErrorItem: () => import_sequelize.ValidationErrorItem,
   default: () => import_database.Database,
   fieldTypeMap: () => import_field_type_map.default,
+  filterIncludes: () => import_filter_include.filterIncludes,
   fn: () => import_sequelize.fn,
   literal: () => import_sequelize.literal,
+  mergeIncludes: () => import_filter_include.mergeIncludes,
   operators: () => import_operators.default,
   snakeCase: () => import_utils.snakeCase,
   sqlParser: () => import_sql_parser.default,
@@ -98,6 +100,7 @@ var import_field_type_map = __toESM(require("./view/field-type-map"));
 __reExport(src_exports, require("./view/view-inference"), module.exports);
 __reExport(src_exports, require("./update-guard"), module.exports);
 var import_operators = __toESM(require("./operators"));
+var import_filter_include = require("./utils/filter-include");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   BaseError,
@@ -116,8 +119,10 @@ var import_operators = __toESM(require("./operators"));
   ValidationError,
   ValidationErrorItem,
   fieldTypeMap,
+  filterIncludes,
   fn,
   literal,
+  mergeIncludes,
   operators,
   snakeCase,
   sqlParser,

package/lib/query-interface/postgres-query-interface.js

@@ -111,7 +111,14 @@ const _PostgresQueryInterface = class _PostgresQueryInterface extends import_que
     return results[0]["exists"];
   }
   async listViews() {
-    const sql = `
+    var _a;
+    const targetSchema = ((_a = this.db.options) == null ? void 0 : _a.schema) || "public";
+    const sql = targetSchema ? `
+      SELECT viewname as name, definition, schemaname as schema
+      FROM pg_views
+      WHERE schemaname = '${targetSchema}'
+      ORDER BY viewname;
+    ` : `
       SELECT viewname as name, definition, schemaname as schema
       FROM pg_views
       WHERE schemaname NOT IN ('pg_catalog', 'information_schema')

package/lib/relation-repository/belongs-to-many-repository.js

@@ -86,6 +86,11 @@ const _BelongsToManyRepository = class _BelongsToManyRepository extends import_m
       through: values[this.throughName()],
       transaction: transaction2
     };
+    this.collection.validate({
+      values,
+      operation: "create",
+      context: options.context
+    });
     const instance = await sourceModel[createAccessor](values, createOptions);
     await (0, import_update_associations.updateAssociations)(instance, values, { ...options, transaction: transaction2 });
     return instance;

package/lib/relation-repository/relation-repository.js

@@ -178,6 +178,7 @@ const _RelationRepository = class _RelationRepository {
     const values = options.values;
     const transaction2 = await this.getTransaction(options);
     const sourceModel = await this.getSourceModel(transaction2);
+    this.collection.validate({ values, context: options.context, operation: "create" });
     const instance = await sourceModel[createAccessor](guard.sanitize(options.values), { ...options, transaction: transaction2 });
     await (0, import_update_associations.updateAssociations)(instance, values, { ...options, transaction: transaction2 });
     if (options.hooks !== false) {

package/lib/repository.d.ts

@@ -209,6 +209,7 @@ export declare class Repository<TModelAttributes extends {} = any, TCreationAttr
      */
     firstOrCreate(options: FirstOrCreateOptions): Promise<any>;
     updateOrCreate(options: FirstOrCreateOptions): Promise<any>;
+    private validate;
     /**
      * Save instance to database
      *

package/lib/repository.js

@@ -433,6 +433,9 @@ const _Repository = class _Repository {
     }
     return this.create({ values, transaction: transaction2, context, ...rest });
   }
+  validate(options) {
+    this.collection.validate(options);
+  }
   async create(options) {
     if (Array.isArray(options.values)) {
       return this.createMany({
@@ -447,6 +450,7 @@ const _Repository = class _Repository {
       underscored: this.collection.options.underscored
     });
     const values = this.model.callSetters(guard.sanitize(options.values || {}), options);
+    this.validate({ values, context: options.context, operation: "create" });
     const instance = await this.model.create(values, {
       ...options,
       transaction: transaction2
@@ -491,6 +495,7 @@ const _Repository = class _Repository {
     const transaction2 = await this.getTransaction(options);
     const guard = import_update_guard.UpdateGuard.fromOptions(this.model, { ...options, underscored: this.collection.options.underscored });
     const values = this.model.callSetters(guard.sanitize(options.values || {}), options);
+    this.validate({ values, context: options.context, operation: "update" });
     if (options.individualHooks === false) {
       const { model: Model2 } = this.collection;
       const primaryKeyField = Model2.primaryKeyField || Model2.primaryKeyAttribute;

package/lib/update-associations.js

@@ -79,6 +79,11 @@ async function updateModelByValues(instance, values, options) {
     guard.setAssociationKeysToBeUpdate(options.updateAssociationValues);
     values = guard.sanitize(values);
   }
+  instance.constructor.collection.validate({
+    values,
+    operation: "update",
+    context: options == null ? void 0 : options.context
+  });
   await instance.update(values, options);
   await updateAssociations(instance, values, options);
 }
@@ -266,6 +271,11 @@ async function updateSingleAssociation(model, key, value, options = {}) {
       return true;
     }
   }
+  association.target.collection.validate({
+    values: value,
+    context: options.context,
+    operation: "create"
+  });
   const instance = await model[createAccessor](value, { context, transaction });
   await updateAssociations(instance, value, {
     ...options,
@@ -356,6 +366,11 @@ async function updateMultipleAssociation(model, key, value, options = {}) {
       throw new Error(`${targetKey} field value is empty`);
     }
     if ((0, import_utils.isUndefinedOrNull)(item[targetKey])) {
+      association.target.collection.validate({
+        values: item,
+        context: options.context,
+        operation: "create"
+      });
       const instance = await model[createAccessor](item, accessorOptions);
       await updateAssociations(instance, item, {
         ...options,
@@ -373,6 +388,11 @@ async function updateMultipleAssociation(model, key, value, options = {}) {
         transaction
       });
       if (!instance) {
+        association.target.collection.validate({
+          values: item,
+          context: options.context,
+          operation: "create"
+        });
         instance = await model[createAccessor](item, accessorOptions);
         await updateAssociations(instance, item, {
           ...options,
@@ -392,6 +412,11 @@ async function updateMultipleAssociation(model, key, value, options = {}) {
         if (association.associationType === "HasMany") {
           delete item[association.foreignKey];
         }
+        association.target.collection.validate({
+          values: item,
+          context: options.context,
+          operation: "update"
+        });
         await instance.update(item, { ...options, transaction });
       }
       await updateAssociations(instance, item, {

package/lib/utils/field-validation.d.ts

@@ -0,0 +1,59 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+import { AnySchema } from 'joi';
+import { ValidationOptions } from '../fields';
+export declare function buildJoiSchema(validation: ValidationOptions, options: {
+    label?: string;
+    value: string;
+}): AnySchema;
+export declare function getJoiErrorMessage(t: Function): {
+    'string.base': any;
+    'string.empty': any;
+    'string.min': any;
+    'string.max': any;
+    'string.length': any;
+    'string.alphanum': any;
+    'string.token': any;
+    'string.regex': any;
+    'string.email': any;
+    'string.uri': any;
+    'string.uriCustomScheme': any;
+    'string.isoDate': any;
+    'string.guid': any;
+    'string.hex': any;
+    'string.hostname': any;
+    'string.lowercase': any;
+    'string.uppercase': any;
+    'string.trim': any;
+    'string.creditCard': any;
+    'string.pattern.base': any;
+    'string.pattern.name': any;
+    'string.pattern.invert.base': any;
+    'string.pattern.invert.name': any;
+    'any.required': any;
+    'number.base': any;
+    'number.min': any;
+    'number.max': any;
+    'number.less': any;
+    'number.greater': any;
+    'number.float': any;
+    'number.integer': any;
+    'number.negative': any;
+    'number.positive': any;
+    'number.precision': any;
+    'number.multiple': any;
+    'number.port': any;
+    'number.unsafe': any;
+    'date.base': any;
+    'date.format': any;
+    'date.greater': any;
+    'date.less': any;
+    'date.max': any;
+    'date.min': any;
+};

package/lib/utils/field-validation.js

@@ -0,0 +1,143 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var field_validation_exports = {};
+__export(field_validation_exports, {
+  buildJoiSchema: () => buildJoiSchema,
+  getJoiErrorMessage: () => getJoiErrorMessage
+});
+module.exports = __toCommonJS(field_validation_exports);
+var import_joi = __toESM(require("joi"));
+var import_lodash = __toESM(require("lodash"));
+function buildJoiSchema(validation, options) {
+  const { type, rules } = validation;
+  const { label, value } = options;
+  if (!type || typeof type !== "string" || !(type in import_joi.default)) {
+    throw new Error(`Invalid validation type: "${type}". Type must be a valid Joi schema type.`);
+  }
+  let schema = import_joi.default[type]();
+  const isRequired = rules.some((rule) => rule.name === "required");
+  if (isRequired) {
+    schema = schema.empty(null);
+  } else {
+    schema = schema.allow(null, "");
+    if ([null, ""].includes(value)) return schema;
+  }
+  if (rules) {
+    rules.forEach((rule) => {
+      if (!import_lodash.default.isEmpty(rule.args)) {
+        if (rule.name === "pattern" && !import_lodash.default.isRegExp(rule.args.regex)) {
+          const lastSlash = rule.args.regex.lastIndexOf("/");
+          const isRegExpStr = rule.args.regex.startsWith("/") && lastSlash > 0;
+          if (isRegExpStr) {
+            rule.args.regex = rule.args.regex.slice(1, lastSlash);
+          }
+          rule.args.regex = new RegExp(rule.args.regex);
+        }
+        schema = rule.paramsType === "object" ? schema[rule.name](rule.args) : schema[rule.name](...Object.values(rule.args));
+      } else {
+        schema = schema[rule.name]();
+      }
+    });
+  }
+  if (label) {
+    schema = schema.label(label);
+  }
+  return schema;
+}
+__name(buildJoiSchema, "buildJoiSchema");
+function getJoiErrorMessage(t) {
+  const tOptions = { ns: "client" };
+  const JoiErrorMessages = {
+    "string.base": t("{{#label}} must be a string", tOptions),
+    "string.empty": t("{{#label}} is not allowed to be empty", tOptions),
+    "string.min": t("{{#label}} length must be at least {{#limit}} characters long", tOptions),
+    "string.max": t("{{#label}} length must be less than or equal to {{#limit}} characters long", tOptions),
+    "string.length": t("{{#label}} length must be {{#limit}} characters long", tOptions),
+    "string.alphanum": t("{{#label}} must only contain alpha-numeric characters", tOptions),
+    "string.token": t("{{#label}} must only contain alpha-numeric and underscore characters", tOptions),
+    "string.regex": t("{{#label}} with value {{#value}} fails to match the required pattern", tOptions),
+    "string.email": t("{{#label}} email address doesn\u2019t meet the required format", tOptions),
+    "string.uri": t("{{#label}} must be a valid uri", tOptions),
+    "string.uriCustomScheme": t(
+      "{{#label}} must be a valid uri with a scheme matching the {{#scheme}} pattern",
+      tOptions
+    ),
+    "string.isoDate": t("{{#label}} must be a valid ISO 8601 date", tOptions),
+    "string.guid": t("{{#label}} must be a valid UUID", tOptions),
+    "string.hex": t("{{#label}} must only contain hexadecimal characters", tOptions),
+    "string.hostname": t("{{#label}} must be a valid hostname", tOptions),
+    "string.lowercase": t("{{#label}} must only contain lowercase characters", tOptions),
+    "string.uppercase": t("{{#label}} must only contain uppercase characters", tOptions),
+    "string.trim": t("{{#label}} must not have leading or trailing whitespace", tOptions),
+    "string.creditCard": t("{{#label}} must be a credit card", tOptions),
+    "string.pattern.base": t('{{#label}} with value "{{#value}}" fails to match the required pattern', tOptions),
+    "string.pattern.name": t('{{#label}} with value "{{#value}}" fails to match the {{#name}} pattern', tOptions),
+    "string.pattern.invert.base": t('{{#label}} with value "{{#value}}" matches the inverted pattern', tOptions),
+    "string.pattern.invert.name": t(
+      '{{#label}} with value "{{#value}}" matches the inverted {{#name}} pattern',
+      tOptions
+    ),
+    "any.required": t("{{#label}} is required", tOptions),
+    "number.base": t("{{#label}} must be a number", tOptions),
+    "number.min": t("{{#label}} must be greater than or equal to {{#limit}}", tOptions),
+    "number.max": t("{{#label}} must be less than or equal to {{#limit}}", tOptions),
+    "number.less": t("{{#label}} must be less than {{#limit}}", tOptions),
+    "number.greater": t("{{#label}} must be greater than {{#limit}}", tOptions),
+    "number.float": t("{{#label}} must be a float or double", tOptions),
+    "number.integer": t("{{#label}} must be an integer", tOptions),
+    "number.negative": t("{{#label}} must be a negative number", tOptions),
+    "number.positive": t("{{#label}} must be a positive number", tOptions),
+    "number.precision": t("{{#label}} must not have more than {{#limit}} decimal places", tOptions),
+    "number.multiple": t("{{#label}} must be a multiple of {{#multiple}}", tOptions),
+    "number.port": t("{{#label}} must be a valid port", tOptions),
+    "number.unsafe": t("{{#label}} must be a safe number", tOptions),
+    "date.base": t("{{#label}} must be a valid date", tOptions),
+    "date.format": t("{{#label}} must be in {{#format}} format", tOptions),
+    "date.greater": t("{{#label}} must be greater than {{#limit}}", tOptions),
+    "date.less": t("{{#label}} must be less than {{#limit}}", tOptions),
+    "date.max": t("{{#label}} must be less than or equal to {{#limit}}", tOptions),
+    "date.min": t("{{#label}} must be greater than or equal to {{#limit}}", tOptions)
+  };
+  return JoiErrorMessages;
+}
+__name(getJoiErrorMessage, "getJoiErrorMessage");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  buildJoiSchema,
+  getJoiErrorMessage
+});

package/lib/utils/filter-include.d.ts

@@ -0,0 +1,55 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+/**
+ * Merge a flat list of include descriptors by association (alias) key.
+ * - Nodes with the same association are merged into one.
+ * - `required` is OR-ed (true if any source is true).
+ * - Child includes are recursively merged with the same rules.
+ * - Empty `include` arrays are removed to keep the payload minimal.
+ *
+ * Notes:
+ * - Association keys are normalized via snake_case to ensure consistent merging.
+ * - This function is idempotent and order-insensitive for equivalent input sets.
+ *
+ * Usage example (input and output):
+ *
+ *   const includesA = [
+ *     { association: 'posts', required: true, include: [{ association: 'comments' }] },
+ *     { association: 'profile' },
+ *   ];
+ *
+ *   const includesB = [
+ *     { association: 'posts', include: [
+ *         { association: 'comments', required: true },
+ *         { association: 'tags' },
+ *       ]
+ *     },
+ *     { association: 'roles', required: true },
+ *   ];
+ *
+ *   const merged = mergeIncludes([...includesA, ...includesB]);
+ *
+ *   Result:
+ *   [
+ *     {
+ *       association: 'posts',
+ *       required: true,
+ *       include: [
+ *         { association: 'comments', required: true },
+ *         { association: 'tags' },
+ *       ],
+ *     },
+ *     { association: 'profile' },
+ *     { association: 'roles', required: true },
+ *   ]
+ */
+export declare const mergeIncludes: (includes?: any[]) => any[];
+export declare const filterIncludes: (where: any, includes: any, options: {
+    underscored: boolean;
+}) => any[];

package/lib/utils/filter-include.js

@@ -0,0 +1,118 @@
+/**
+ * This file is part of the NocoBase (R) project.
+ * Copyright (c) 2020-2024 NocoBase Co., Ltd.
+ * Authors: NocoBase Team.
+ *
+ * This project is dual-licensed under AGPL-3.0 and NocoBase Commercial License.
+ * For more information, please refer to: https://www.nocobase.com/agreement.
+ */
+
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var filter_include_exports = {};
+__export(filter_include_exports, {
+  filterIncludes: () => filterIncludes,
+  mergeIncludes: () => mergeIncludes
+});
+module.exports = __toCommonJS(filter_include_exports);
+var import_utils = require("../utils");
+const collectAssociationPathsFromWhere = /* @__PURE__ */ __name((where) => {
+  const aliasPaths = /* @__PURE__ */ new Set();
+  const traverse = /* @__PURE__ */ __name((value) => {
+    if (value == null) return;
+    if (Array.isArray(value)) {
+      for (const item of value) traverse(item);
+      return;
+    }
+    if (typeof value === "object") {
+      for (const [rawKey, child] of Object.entries(value)) {
+        if (typeof rawKey === "string" && rawKey.startsWith("$") && rawKey.endsWith("$")) {
+          const inner = rawKey.slice(1, -1);
+          const segments = inner.split(".");
+          if (segments.length > 1) {
+            aliasPaths.add(segments.slice(0, -1).join("."));
+          }
+        }
+        traverse(child);
+      }
+      for (const sym of Object.getOwnPropertySymbols(value)) {
+        traverse(value[sym]);
+      }
+    }
+  }, "traverse");
+  traverse(where);
+  return Array.from(aliasPaths);
+}, "collectAssociationPathsFromWhere");
+const pruneIncludeTreeByPaths = /* @__PURE__ */ __name((includes = [], requiredPathsRaw, options) => {
+  const normalizedPaths = options.underscored ? requiredPathsRaw.map(
+    (p) => p.split(".").map((s) => (0, import_utils.snakeCase)(s)).join(".")
+  ) : requiredPathsRaw;
+  if (!(includes == null ? void 0 : includes.length) || !(normalizedPaths == null ? void 0 : normalizedPaths.length)) return [];
+  const pruned = [];
+  for (const inc of includes) {
+    const association = inc == null ? void 0 : inc.association;
+    if (!association) continue;
+    const assocKey = options.underscored ? (0, import_utils.snakeCase)(String(association)) : String(association);
+    const matched = normalizedPaths.filter((p) => p === assocKey || p.startsWith(assocKey + "."));
+    if (!matched.length) continue;
+    const childRemainders = matched.map((p) => p === assocKey ? null : p.slice(assocKey.length + 1)).filter(Boolean);
+    const children = pruneIncludeTreeByPaths(inc.include ?? [], childRemainders, options);
+    const copy = { ...inc };
+    if (children.length) {
+      copy.include = children;
+    } else if ("include" in copy) {
+      delete copy.include;
+    }
+    pruned.push(copy);
+  }
+  return pruned;
+}, "pruneIncludeTreeByPaths");
+const mergeIncludes = /* @__PURE__ */ __name((includes = []) => {
+  const byAssociation = /* @__PURE__ */ new Map();
+  const mergeAll = /* @__PURE__ */ __name((list = []) => {
+    for (const inc of list) {
+      const association = inc == null ? void 0 : inc.association;
+      if (!association) continue;
+      const key = (0, import_utils.snakeCase)(String(association));
+      if (!byAssociation.has(key)) {
+        byAssociation.set(key, { ...inc, include: void 0 });
+      }
+      const target = byAssociation.get(key);
+      if (inc.required) target.required = true;
+      const mergedChildren = mergeIncludes([...target.include ?? [], ...inc.include ?? []]);
+      if (mergedChildren.length) {
+        target.include = mergedChildren;
+      } else if ("include" in target) {
+        delete target.include;
+      }
+    }
+  }, "mergeAll");
+  mergeAll(includes);
+  return Array.from(byAssociation.values());
+}, "mergeIncludes");
+const filterIncludes = /* @__PURE__ */ __name((where, includes, options) => {
+  const path = collectAssociationPathsFromWhere(where);
+  const result = pruneIncludeTreeByPaths(includes, path, options);
+  return result;
+}, "filterIncludes");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  filterIncludes,
+  mergeIncludes
+});

package/package.json

@@ -1,13 +1,13 @@
 {
   "name": "@nocobase/database",
-  "version": "1.9.0-alpha.11",
+  "version": "1.9.0-alpha.12",
   "description": "",
   "main": "./lib/index.js",
   "types": "./lib/index.d.ts",
   "license": "AGPL-3.0",
   "dependencies": {
-    "@nocobase/logger": "1.9.0-alpha.11",
-    "@nocobase/utils": "1.9.0-alpha.11",
+    "@nocobase/logger": "1.9.0-alpha.12",
+    "@nocobase/utils": "1.9.0-alpha.12",
     "async-mutex": "^0.3.2",
     "chalk": "^4.1.1",
     "cron-parser": "4.4.0",
@@ -18,6 +18,7 @@
     "flat": "^5.0.2",
     "glob": "^7.1.6",
     "graphlib": "^2.1.8",
+    "joi": "^17.13.3",
     "lodash": "^4.17.21",
     "mathjs": "^10.6.1",
     "nanoid": "^3.3.11",
@@ -38,5 +39,5 @@
     "url": "git+https://github.com/nocobase/nocobase.git",
     "directory": "packages/database"
   },
-  "gitHead": "2dbef60d43720e92b483fc07d8ef1fd013083c88"
+  "gitHead": "f7840ec3f679262884ad17b4743ee047cb37b8fe"
 }