@o-lang/bank-account-lookup 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +8 -23
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -1,60 +1,45 @@
|
|
|
1
1
|
// O-Lang Resolver: Secure Bank Account Balance Lookup
|
|
2
|
-
// This resolver ONLY reads data - no mutations allowed
|
|
3
|
-
|
|
4
2
|
const Database = require('better-sqlite3');
|
|
5
|
-
const path = require('path');
|
|
3
|
+
const path = require('path');
|
|
6
4
|
|
|
7
|
-
/**
|
|
8
|
-
* Bank account balance lookup resolver
|
|
9
|
-
* @param {string} action - O-Lang action string
|
|
10
|
-
* @param {Object} context - Workflow context containing customer_id and bank_db_path
|
|
11
|
-
* @returns {Object|undefined} { balance: number } or undefined if not applicable
|
|
12
|
-
*/
|
|
13
5
|
module.exports = async (action, context) => {
|
|
14
|
-
// Only handle our specific action
|
|
15
6
|
if (!action.startsWith('Action bank-account-lookup ')) {
|
|
16
7
|
return undefined;
|
|
17
8
|
}
|
|
18
9
|
|
|
19
|
-
// Require database path (from context or env var)
|
|
20
10
|
let dbPath = context.bank_db_path || process.env.BANK_DB_PATH;
|
|
21
11
|
if (!dbPath) {
|
|
22
12
|
throw new Error('bank-account-lookup requires "bank_db_path" in context or BANK_DB_PATH environment variable');
|
|
23
13
|
}
|
|
24
14
|
|
|
25
|
-
// ✅ Resolve relative paths relative to the current working directory
|
|
26
15
|
if (!path.isAbsolute(dbPath)) {
|
|
27
16
|
dbPath = path.resolve(process.cwd(), dbPath);
|
|
28
17
|
}
|
|
29
18
|
|
|
30
|
-
//
|
|
19
|
+
// ✅ Handle both string and number customer IDs
|
|
31
20
|
const customerId = context.customer_id;
|
|
32
|
-
if (!customerId
|
|
21
|
+
if (!customerId) {
|
|
33
22
|
return { balance: 0 };
|
|
34
23
|
}
|
|
24
|
+
|
|
25
|
+
const customerIdStr = String(customerId); // Convert to string
|
|
35
26
|
|
|
36
27
|
try {
|
|
37
|
-
// ✅ Open database in READ-ONLY mode (security critical)
|
|
38
28
|
const db = new Database(dbPath, { readonly: true });
|
|
39
|
-
|
|
40
|
-
// ✅ Parameterized query (SQL injection safe)
|
|
41
29
|
const stmt = db.prepare(`
|
|
42
30
|
SELECT balance
|
|
43
31
|
FROM customer_balances
|
|
44
|
-
WHERE id = ?
|
|
32
|
+
WHERE id = ?
|
|
45
33
|
`);
|
|
46
34
|
|
|
47
|
-
const result = stmt.get(
|
|
48
|
-
db.close();
|
|
49
|
-
|
|
35
|
+
const result = stmt.get(customerIdStr);
|
|
36
|
+
db.close();
|
|
50
37
|
return { balance: result?.balance || 0 };
|
|
51
38
|
|
|
52
39
|
} catch (error) {
|
|
53
|
-
// ✅ Never expose database errors to LLM/workflow
|
|
54
40
|
console.error('🏦 [bank-account-lookup] Database error:', error.message);
|
|
55
41
|
return { balance: 0 };
|
|
56
42
|
}
|
|
57
43
|
};
|
|
58
44
|
|
|
59
|
-
// ✅ Required for O-Lang allowlist policy
|
|
60
45
|
module.exports.resolverName = 'bank-account-lookup';
|