@onebun/core 0.2.6 → 0.2.8

package/src/application/multi-service-application.test.ts

@@ -181,6 +181,21 @@ describe('MultiServiceApplication', () => {
     });
   });
 
+  describe('queue option', () => {
+    test('should accept queue option and pass it to child applications', () => {
+      const app = new MultiServiceApplication({
+        services: {
+          serviceA: { module: TestModuleA, port: 3001 },
+        },
+        queue: {
+          enabled: true,
+          adapter: 'memory',
+        },
+      });
+      expect(app).toBeDefined();
+    });
+  });
+
   describe('filtering configuration', () => {
     test('should accept enabledServices option', () => {
       const app = new MultiServiceApplication({

package/src/application/multi-service-application.ts

@@ -219,6 +219,8 @@ export class MultiServiceApplication<TServices extends ServicesMap = ServicesMap
           ...mergedOptions.tracing,
           serviceName: name,
         },
+        queue: this.options.queue,
+        static: mergedOptions.static ?? serviceConfig.static,
       });
 
       this.applications.set(name, app);

package/src/application/multi-service.types.ts

@@ -30,7 +30,7 @@ export type TracingOptions = NonNullable<ApplicationOptions['tracing']>;
  * Any new shared options should be added to ApplicationOptions first.
  */
 export interface BaseServiceOptions
-  extends Pick<ApplicationOptions, 'host' | 'basePath' | 'metrics' | 'tracing' | 'middleware'> {
+  extends Pick<ApplicationOptions, 'host' | 'basePath' | 'metrics' | 'tracing' | 'middleware' | 'static'> {
   /**
    * Add service name as prefix to all routes.
    * When true, the service name will be used as routePrefix.
@@ -132,4 +132,10 @@ export interface MultiServiceApplicationOptions<TServices extends ServicesMap =
    * ```
    */
   externalServiceUrls?: Partial<Record<keyof TServices, string>>;
+
+  /**
+   * Queue configuration applied to all services.
+   * When set, each service's OneBunApplication receives this queue config.
+   */
+  queue?: ApplicationOptions['queue'];
 }

package/src/decorators/decorators.ts

@@ -1,11 +1,14 @@
 import './metadata'; // Import polyfill first
 import { type, type Type } from 'arktype';
 
+import type { ExceptionFilter } from '../exception-filters/exception-filters';
+
 import {
   type ControllerMetadata,
   type FileUploadOptions,
   type FilesUploadOptions,
   HttpMethod,
+  type HttpGuard,
   type ParamDecoratorOptions,
   type ParamMetadata,
   ParamType,
@@ -213,6 +216,30 @@ export function controllerDecorator(basePath: string = '') {
       );
     }
 
+    // Copy controller-level guards from original class to wrapped class
+    // This ensures @UseGuards works regardless of decorator order
+    const existingControllerGuards: (Function | HttpGuard)[] | undefined =
+      Reflect.getMetadata(HTTP_CONTROLLER_GUARDS_METADATA, target);
+    if (existingControllerGuards) {
+      Reflect.defineMetadata(
+        HTTP_CONTROLLER_GUARDS_METADATA,
+        existingControllerGuards,
+        WrappedController,
+      );
+    }
+
+    // Copy controller-level exception filters from original class to wrapped class
+    // This ensures @UseFilters works regardless of decorator order
+    const existingControllerFilters: ExceptionFilter[] | undefined =
+      Reflect.getMetadata(CONTROLLER_EXCEPTION_FILTERS_METADATA, target);
+    if (existingControllerFilters) {
+      Reflect.defineMetadata(
+        CONTROLLER_EXCEPTION_FILTERS_METADATA,
+        existingControllerFilters,
+        WrappedController,
+      );
+    }
+
     return WrappedController as T;
   };
 }
@@ -330,6 +357,14 @@ function createRouteDecorator(method: HttpMethod) {
       const middleware: Function[] =
         Reflect.getMetadata(MIDDLEWARE_METADATA, target, propertyKey) || [];
 
+      // Get HTTP guards metadata if exists
+      const guards: (Function | HttpGuard)[] =
+        Reflect.getMetadata(HTTP_GUARDS_METADATA, target, propertyKey) || [];
+
+      // Get exception filters metadata if exists
+      const filters: ExceptionFilter[] =
+        Reflect.getMetadata(EXCEPTION_FILTERS_METADATA, target, propertyKey) || [];
+
       // Get response schemas metadata if exists
       const responseSchemas: Array<{
         statusCode: number;
@@ -343,6 +378,8 @@ function createRouteDecorator(method: HttpMethod) {
         handler: propertyKey,
         params,
         middleware,
+        guards,
+        filters,
         responseSchemas: responseSchemas.map((rs) => ({
           statusCode: rs.statusCode,
           schema: rs.schema,
@@ -679,6 +716,26 @@ export function FormField(fieldName: string, options?: ParamDecoratorOptions): P
  */
 const CONTROLLER_MIDDLEWARE_METADATA = 'onebun:controller_middleware';
 
+/**
+ * Metadata key for route-level HTTP guards
+ */
+const HTTP_GUARDS_METADATA = 'onebun:http_guards';
+
+/**
+ * Metadata key for controller-level HTTP guards
+ */
+const HTTP_CONTROLLER_GUARDS_METADATA = 'onebun:controller_http_guards';
+
+/**
+ * Metadata key for route-level exception filters
+ */
+const EXCEPTION_FILTERS_METADATA = 'onebun:exception_filters';
+
+/**
+ * Metadata key for controller-level exception filters
+ */
+const CONTROLLER_EXCEPTION_FILTERS_METADATA = 'onebun:controller_exception_filters';
+
 /**
  * Middleware decorator — can be applied to both controllers (class) and individual routes (method).
  *
@@ -765,6 +822,162 @@ export function getControllerMiddleware(target: Function): Function[] {
   return Reflect.getMetadata(CONTROLLER_MIDDLEWARE_METADATA, target) || [];
 }
 
+/**
+ * Get controller-level HTTP guards for a controller class.
+ * Returns guards registered via @UseGuards() applied to the class.
+ *
+ * @param target - Controller class (constructor)
+ * @returns Array of guard class constructors or instances
+ */
+export function getControllerGuards(target: Function): (Function | HttpGuard)[] {
+  return Reflect.getMetadata(HTTP_CONTROLLER_GUARDS_METADATA, target) || [];
+}
+
+/**
+ * Guards decorator — can be applied to both controllers (class) and individual routes (method).
+ *
+ * Pass guard **class constructors** or **instances**. Class constructors are instantiated
+ * for each request; instances are reused.
+ *
+ * Guards run after the middleware chain but before the route handler.
+ * If any guard returns false, the request is rejected with a 403 Forbidden response.
+ *
+ * Execution order: middleware → guards → handler
+ *
+ * @example Class-level (all routes)
+ * ```typescript
+ * \@Controller('/admin')
+ * \@UseGuards(AuthGuard)
+ * class AdminController extends BaseController { ... }
+ * ```
+ *
+ * @example Method-level (single route)
+ * ```typescript
+ * \@Get('/dashboard')
+ * \@UseGuards(new RolesGuard(['admin']))
+ * getDashboard() { ... }
+ * ```
+ *
+ * @example Combined (class guard + route guard)
+ * ```typescript
+ * \@Controller('/api')
+ * \@UseGuards(AuthGuard)                      // runs on every route
+ * class ApiController extends BaseController {
+ *   \@Get('/admin')
+ *   \@UseGuards(new RolesGuard(['admin']))     // runs only here, after AuthGuard
+ *   getAdmin() { ... }
+ * }
+ * ```
+ */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export function UseGuards(...guards: (Function | HttpGuard)[]): any {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  return function useGuardsDecorator(...args: any[]): any {
+    // ---- Class decorator: target is a constructor function ----
+    if (args.length === 1 && typeof args[0] === 'function') {
+      const target = args[0] as Function;
+      const existing: (Function | HttpGuard)[] =
+        Reflect.getMetadata(HTTP_CONTROLLER_GUARDS_METADATA, target) || [];
+      Reflect.defineMetadata(
+        HTTP_CONTROLLER_GUARDS_METADATA,
+        [...existing, ...guards],
+        target,
+      );
+
+      return target;
+    }
+
+    // ---- Method decorator: (target, propertyKey, descriptor) ----
+    const [target, propertyKey, descriptor] = args as [
+      object,
+      string | symbol,
+      PropertyDescriptor,
+    ];
+    const existingGuards: (Function | HttpGuard)[] =
+      Reflect.getMetadata(HTTP_GUARDS_METADATA, target, propertyKey) || [];
+    Reflect.defineMetadata(
+      HTTP_GUARDS_METADATA,
+      [...existingGuards, ...guards],
+      target,
+      propertyKey,
+    );
+
+    return descriptor;
+  };
+}
+
+/**
+ * Get controller-level exception filters for a controller class.
+ * Returns filters registered via @UseFilters() applied to the class.
+ *
+ * @param target - Controller class (constructor)
+ * @returns Array of exception filter instances
+ */
+export function getControllerFilters(target: Function): ExceptionFilter[] {
+  return Reflect.getMetadata(CONTROLLER_EXCEPTION_FILTERS_METADATA, target) || [];
+}
+
+/**
+ * Exception Filters decorator — can be applied to both controllers (class) and individual routes (method).
+ *
+ * Pass filter **instances** (from `createExceptionFilter()` or implementing `ExceptionFilter`).
+ * Route-level filters take priority over controller-level filters.
+ *
+ * Filters run in order: controller-level first, then route-level.
+ * The first filter in the combined list catches the error.
+ * If no filters are registered, the default filter handles the error.
+ *
+ * @example Class-level (all routes)
+ * ```typescript
+ * \@Controller('/api')
+ * \@UseFilters(new HttpExceptionFilter())
+ * class ApiController extends BaseController { ... }
+ * ```
+ *
+ * @example Method-level (single route)
+ * ```typescript
+ * \@Get('/risky')
+ * \@UseFilters(createExceptionFilter((err, ctx) => new Response('Custom error', { status: 500 })))
+ * riskyRoute() { ... }
+ * ```
+ */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export function UseFilters(...filters: ExceptionFilter[]): any {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  return function useFiltersDecorator(...args: any[]): any {
+    // ---- Class decorator: target is a constructor function ----
+    if (args.length === 1 && typeof args[0] === 'function') {
+      const target = args[0] as Function;
+      const existing: ExceptionFilter[] =
+        Reflect.getMetadata(CONTROLLER_EXCEPTION_FILTERS_METADATA, target) || [];
+      Reflect.defineMetadata(
+        CONTROLLER_EXCEPTION_FILTERS_METADATA,
+        [...existing, ...filters],
+        target,
+      );
+
+      return target;
+    }
+
+    // ---- Method decorator: (target, propertyKey, descriptor) ----
+    const [target, propertyKey, descriptor] = args as [
+      object,
+      string | symbol,
+      PropertyDescriptor,
+    ];
+    const existingFilters: ExceptionFilter[] =
+      Reflect.getMetadata(EXCEPTION_FILTERS_METADATA, target, propertyKey) || [];
+    Reflect.defineMetadata(
+      EXCEPTION_FILTERS_METADATA,
+      [...existingFilters, ...filters],
+      target,
+      propertyKey,
+    );
+
+    return descriptor;
+  };
+}
+
 /**
  * HTTP GET decorator
  */