npm - @powerhousedao/vetra - Versions diffs - 6.0.0-dev.67 → 6.0.0-dev.69 - Mend

@powerhousedao/vetra 6.0.0-dev.67 → 6.0.0-dev.69

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@powerhousedao/vetra",
-  "version": "6.0.0-dev.67",
+  "version": "6.0.0-dev.69",
   "license": "AGPL-3.0-only",
   "type": "module",
   "repository": {
@@ -34,10 +34,6 @@
       "import": "./dist/editors/index.js",
       "types": "./dist/editors/index.d.ts"
     },
-    "./subgraphs": {
-      "import": "./dist/subgraphs/index.js",
-      "types": "./dist/subgraphs/index.d.ts"
-    },
     "./processors": {
       "import": "./dist/processors/index.js",
       "types": "./dist/processors/index.d.ts"
@@ -61,14 +57,14 @@
     "zod": "4.3.6",
     "graphql-tag": "2.12.6",
     "@electric-sql/pglite": "0.3.15",
-    "@powerhousedao/common": "6.0.0-dev.67",
-    "@powerhousedao/connect": "6.0.0-dev.67",
-    "@powerhousedao/config": "6.0.0-dev.67",
-    "@powerhousedao/design-system": "6.0.0-dev.67",
-    "@powerhousedao/builder-tools": "6.0.0-dev.67",
-    "document-model": "6.0.0-dev.67",
-    "@powerhousedao/reactor-browser": "6.0.0-dev.67",
-    "@powerhousedao/shared": "6.0.0-dev.67"
+    "@powerhousedao/connect": "6.0.0-dev.69",
+    "@powerhousedao/common": "6.0.0-dev.69",
+    "@powerhousedao/builder-tools": "6.0.0-dev.69",
+    "@powerhousedao/config": "6.0.0-dev.69",
+    "@powerhousedao/design-system": "6.0.0-dev.69",
+    "document-model": "6.0.0-dev.69",
+    "@powerhousedao/shared": "6.0.0-dev.69",
+    "@powerhousedao/reactor-browser": "6.0.0-dev.69"
   },
   "devDependencies": {
     "tailwindcss": "4.1.18",
@@ -84,10 +80,9 @@
     "react-dom": "19.2.4",
     "vite": "7.3.1",
     "vitest": "3.2.4",
-    "@powerhousedao/codegen": "6.0.0-dev.67",
-    "@powerhousedao/ph-cli": "6.0.0-dev.67",
-    "@powerhousedao/reactor-api": "6.0.0-dev.67",
-    "document-drive": "6.0.0-dev.67"
+    "@powerhousedao/codegen": "6.0.0-dev.69",
+    "@powerhousedao/ph-cli": "6.0.0-dev.69",
+    "document-drive": "6.0.0-dev.69"
   },
   "peerDependencies": {
     "react": ">=19.0.0",

package/dist/subgraphs/__tests__/permission-utils.test.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export {};
2	- //# sourceMappingURL=permission-utils.test.d.ts.map

package/dist/subgraphs/__tests__/permission-utils.test.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"permission-utils.test.d.ts","sourceRoot":"","sources":["../../../subgraphs/__tests__/permission-utils.test.ts"],"names":[],"mappings":""}

package/dist/subgraphs/__tests__/permission-utils.test.js DELETED Viewed

@@ -1,348 +0,0 @@
-import { GraphQLError } from "graphql";
-import { beforeEach, describe, expect, it, vi } from "vitest";
-import { assertCanExecuteOperation, assertCanRead, assertCanWrite, canReadDocument, canWriteDocument, hasGlobalAdminAccess, } from "../permission-utils.js";
-describe("permission-utils", () => {
-    // Helper to create context with different permission levels
-    const createContext = (options) => ({
-        user: options.userAddress ? { address: options.userAddress } : undefined,
-        isAdmin: vi.fn().mockReturnValue(options.isAdmin ?? false),
-    });
-    describe("hasGlobalAdminAccess", () => {
-        it("should return true when user is global admin", () => {
-            const ctx = createContext({ isAdmin: true, userAddress: "0xadmin" });
-            const result = hasGlobalAdminAccess(ctx);
-            expect(result).toBe(true);
-            expect(ctx.isAdmin).toHaveBeenCalledWith("0xadmin");
-        });
-        it("should return false when user is not admin", () => {
-            const ctx = createContext({ userAddress: "0xnorole" });
-            const result = hasGlobalAdminAccess(ctx);
-            expect(result).toBe(false);
-        });
-        it("should return false when user is not authenticated (no address)", () => {
-            const ctx = createContext({});
-            const result = hasGlobalAdminAccess(ctx);
-            expect(result).toBe(false);
-            // Should call with empty string when no user address
-            expect(ctx.isAdmin).toHaveBeenCalledWith("");
-        });
-    });
-    describe("canReadDocument", () => {
-        let mockSubgraph;
-        let mockDocumentPermissionService;
-        beforeEach(() => {
-            mockDocumentPermissionService = {
-                canRead: vi.fn().mockResolvedValue(false),
-                canWrite: vi.fn().mockResolvedValue(false),
-                canReadDocument: vi.fn().mockResolvedValue(false),
-                canWriteDocument: vi.fn().mockResolvedValue(false),
-            };
-            mockSubgraph = {
-                documentPermissionService: mockDocumentPermissionService,
-                reactorClient: {
-                    getParents: vi.fn().mockResolvedValue({
-                        results: [],
-                        options: { limit: 10 },
-                    }),
-                },
-            };
-        });
-        describe("Global access bypass", () => {
-            it("should return true immediately when user has global admin access", async () => {
-                const ctx = createContext({ isAdmin: true, userAddress: "0xadmin" });
-                const result = await canReadDocument(mockSubgraph, "doc-123", ctx);
-                expect(result).toBe(true);
-                expect(mockDocumentPermissionService.canRead).not.toHaveBeenCalled();
-            });
-        });
-        describe("Document-level permissions", () => {
-            it("should check document permission service when no global access", async () => {
-                const ctx = createContext({ userAddress: "0xuser" });
-                vi.mocked(mockDocumentPermissionService.canRead).mockResolvedValue(true);
-                const result = await canReadDocument(mockSubgraph, "doc-123", ctx);
-                expect(result).toBe(true);
-                expect(mockDocumentPermissionService.canRead).toHaveBeenCalledWith("doc-123", "0xuser", expect.any(Function));
-            });
-            it("should return false when user has no document permission", async () => {
-                const ctx = createContext({ userAddress: "0xunpermitted" });
-                vi.mocked(mockDocumentPermissionService.canRead).mockResolvedValue(false);
-                const result = await canReadDocument(mockSubgraph, "doc-123", ctx);
-                expect(result).toBe(false);
-            });
-            it("should pass undefined user address to permission service when no user", async () => {
-                const ctx = createContext({});
-                await canReadDocument(mockSubgraph, "doc-123", ctx);
-                expect(mockDocumentPermissionService.canRead).toHaveBeenCalledWith("doc-123", undefined, expect.any(Function));
-            });
-        });
-        describe("No permission service", () => {
-            it("should return false when no permission service is available", async () => {
-                const subgraphWithoutService = {
-                    documentPermissionService: undefined,
-                    reactorClient: mockSubgraph.reactorClient,
-                };
-                const ctx = createContext({ userAddress: "0xuser" });
-                const result = await canReadDocument(subgraphWithoutService, "doc-123", ctx);
-                expect(result).toBe(false);
-            });
-        });
-        describe("Hierarchy function (getParentIdsFn)", () => {
-            it("should pass a function that retrieves parent IDs", async () => {
-                const ctx = createContext({ userAddress: "0xuser" });
-                const mockParents = [
-                    { header: { id: "parent-1" } },
-                    { header: { id: "parent-2" } },
-                ];
-                vi.mocked(mockSubgraph.reactorClient.getParents).mockResolvedValue({
-                    results: mockParents,
-                    options: { limit: 10 },
-                });
-                let capturedGetParentsFn = null;
-                vi.mocked(mockDocumentPermissionService.canRead).mockImplementation(async (_docId, _user, getParentsFn) => {
-                    capturedGetParentsFn = getParentsFn;
-                    return false;
-                });
-                await canReadDocument(mockSubgraph, "child-doc", ctx);
-                expect(capturedGetParentsFn).not.toBeNull();
-                const parentIds = await capturedGetParentsFn("child-doc");
-                expect(parentIds).toEqual(["parent-1", "parent-2"]);
-                expect(mockSubgraph.reactorClient.getParents).toHaveBeenCalledWith("child-doc");
-            });
-            it("should return empty array if getParents fails", async () => {
-                const ctx = createContext({ userAddress: "0xuser" });
-                vi.mocked(mockSubgraph.reactorClient.getParents).mockRejectedValue(new Error("Not found"));
-                let capturedGetParentsFn = null;
-                vi.mocked(mockDocumentPermissionService.canRead).mockImplementation(async (_docId, _user, getParentsFn) => {
-                    capturedGetParentsFn = getParentsFn;
-                    return false;
-                });
-                await canReadDocument(mockSubgraph, "child-doc", ctx);
-                const parentIds = await capturedGetParentsFn("child-doc");
-                expect(parentIds).toEqual([]);
-            });
-        });
-    });
-    describe("canWriteDocument", () => {
-        let mockSubgraph;
-        let mockDocumentPermissionService;
-        beforeEach(() => {
-            mockDocumentPermissionService = {
-                canRead: vi.fn().mockResolvedValue(false),
-                canWrite: vi.fn().mockResolvedValue(false),
-            };
-            mockSubgraph = {
-                documentPermissionService: mockDocumentPermissionService,
-                reactorClient: {
-                    getParents: vi.fn().mockResolvedValue({
-                        results: [],
-                        options: { limit: 10 },
-                    }),
-                },
-            };
-        });
-        describe("Global access bypass", () => {
-            it("should return true immediately when user is global admin", async () => {
-                const ctx = createContext({ isAdmin: true, userAddress: "0xadmin" });
-                const result = await canWriteDocument(mockSubgraph, "doc-123", ctx);
-                expect(result).toBe(true);
-                expect(mockDocumentPermissionService.canWrite).not.toHaveBeenCalled();
-            });
-        });
-        describe("Document-level permissions", () => {
-            it("should check document permission service when no global write access", async () => {
-                const ctx = createContext({ userAddress: "0xuser" });
-                vi.mocked(mockDocumentPermissionService.canWrite).mockResolvedValue(true);
-                const result = await canWriteDocument(mockSubgraph, "doc-123", ctx);
-                expect(result).toBe(true);
-                expect(mockDocumentPermissionService.canWrite).toHaveBeenCalledWith("doc-123", "0xuser", expect.any(Function));
-            });
-            it("should return false when user has no document write permission", async () => {
-                const ctx = createContext({ userAddress: "0xunpermitted" });
-                vi.mocked(mockDocumentPermissionService.canWrite).mockResolvedValue(false);
-                const result = await canWriteDocument(mockSubgraph, "doc-123", ctx);
-                expect(result).toBe(false);
-            });
-        });
-        describe("No permission service", () => {
-            it("should return false when no permission service is available", async () => {
-                const subgraphWithoutService = {
-                    documentPermissionService: undefined,
-                    reactorClient: mockSubgraph.reactorClient,
-                };
-                const ctx = createContext({ userAddress: "0xuser" });
-                const result = await canWriteDocument(subgraphWithoutService, "doc-123", ctx);
-                expect(result).toBe(false);
-            });
-        });
-    });
-    describe("assertCanRead", () => {
-        let mockSubgraph;
-        let mockDocumentPermissionService;
-        beforeEach(() => {
-            mockDocumentPermissionService = {
-                canRead: vi.fn().mockResolvedValue(false),
-            };
-            mockSubgraph = {
-                documentPermissionService: mockDocumentPermissionService,
-                reactorClient: {
-                    getParents: vi.fn().mockResolvedValue({
-                        results: [],
-                        options: { limit: 10 },
-                    }),
-                },
-            };
-        });
-        it("should not throw when user has global read access", async () => {
-            const ctx = createContext({ isAdmin: true, userAddress: "0xadmin" });
-            await expect(assertCanRead(mockSubgraph, "doc-123", ctx)).resolves.not.toThrow();
-        });
-        it("should not throw when user has document read permission", async () => {
-            vi.mocked(mockDocumentPermissionService.canRead).mockResolvedValue(true);
-            const ctx = createContext({ userAddress: "0xpermitted" });
-            await expect(assertCanRead(mockSubgraph, "doc-123", ctx)).resolves.not.toThrow();
-        });
-        it("should throw GraphQLError when user cannot read", async () => {
-            vi.mocked(mockDocumentPermissionService.canRead).mockResolvedValue(false);
-            const ctx = createContext({ userAddress: "0xunpermitted" });
-            await expect(assertCanRead(mockSubgraph, "doc-123", ctx)).rejects.toThrow(GraphQLError);
-        });
-        it("should throw with correct error message", async () => {
-            vi.mocked(mockDocumentPermissionService.canRead).mockResolvedValue(false);
-            const ctx = createContext({ userAddress: "0xunpermitted" });
-            await expect(assertCanRead(mockSubgraph, "doc-123", ctx)).rejects.toThrow("Forbidden: insufficient permissions to read this document");
-        });
-        it("should throw for unauthenticated user", async () => {
-            const ctx = createContext({});
-            await expect(assertCanRead(mockSubgraph, "doc-123", ctx)).rejects.toThrow("Forbidden");
-        });
-    });
-    describe("assertCanWrite", () => {
-        let mockSubgraph;
-        let mockDocumentPermissionService;
-        beforeEach(() => {
-            mockDocumentPermissionService = {
-                canWrite: vi.fn().mockResolvedValue(false),
-            };
-            mockSubgraph = {
-                documentPermissionService: mockDocumentPermissionService,
-                reactorClient: {
-                    getParents: vi.fn().mockResolvedValue({
-                        results: [],
-                        options: { limit: 10 },
-                    }),
-                },
-            };
-        });
-        it("should not throw when user has global write access", async () => {
-            const ctx = createContext({ isAdmin: true, userAddress: "0xadmin" });
-            await expect(assertCanWrite(mockSubgraph, "doc-123", ctx)).resolves.not.toThrow();
-        });
-        it("should not throw when user has document write permission", async () => {
-            vi.mocked(mockDocumentPermissionService.canWrite).mockResolvedValue(true);
-            const ctx = createContext({ userAddress: "0xpermitted" });
-            await expect(assertCanWrite(mockSubgraph, "doc-123", ctx)).resolves.not.toThrow();
-        });
-        it("should throw GraphQLError when user cannot write", async () => {
-            vi.mocked(mockDocumentPermissionService.canWrite).mockResolvedValue(false);
-            const ctx = createContext({ userAddress: "0xunpermitted" });
-            await expect(assertCanWrite(mockSubgraph, "doc-123", ctx)).rejects.toThrow(GraphQLError);
-        });
-        it("should throw with correct error message", async () => {
-            vi.mocked(mockDocumentPermissionService.canWrite).mockResolvedValue(false);
-            const ctx = createContext({ userAddress: "0xunpermitted" });
-            await expect(assertCanWrite(mockSubgraph, "doc-123", ctx)).rejects.toThrow("Forbidden: insufficient permissions to write to this document");
-        });
-    });
-    describe("assertCanExecuteOperation", () => {
-        let mockSubgraph;
-        let mockDocumentPermissionService;
-        beforeEach(() => {
-            mockDocumentPermissionService = {
-                isOperationRestricted: vi.fn().mockResolvedValue(false),
-                canExecuteOperation: vi.fn().mockResolvedValue(false),
-            };
-            mockSubgraph = {
-                documentPermissionService: mockDocumentPermissionService,
-            };
-        });
-        describe("No permission service", () => {
-            it("should not throw when no permission service is available", async () => {
-                const subgraphWithoutService = {
-                    documentPermissionService: undefined,
-                };
-                const ctx = createContext({ userAddress: "0xuser" });
-                await expect(assertCanExecuteOperation(subgraphWithoutService, "doc-123", "SET_NAME", ctx)).resolves.not.toThrow();
-            });
-        });
-        describe("Admin bypass", () => {
-            it("should not throw when user is global admin", async () => {
-                const ctx = createContext({ isAdmin: true, userAddress: "0xadmin" });
-                await expect(assertCanExecuteOperation(mockSubgraph, "doc-123", "SET_NAME", ctx)).resolves.not.toThrow();
-                // Should not check operation restrictions for admin
-                expect(mockDocumentPermissionService.isOperationRestricted).not.toHaveBeenCalled();
-            });
-        });
-        describe("Unrestricted operations", () => {
-            it("should not throw when operation is not restricted", async () => {
-                vi.mocked(mockDocumentPermissionService.isOperationRestricted).mockResolvedValue(false);
-                const ctx = createContext({ userAddress: "0xuser" });
-                await expect(assertCanExecuteOperation(mockSubgraph, "doc-123", "COMMON_OPERATION", ctx)).resolves.not.toThrow();
-                expect(mockDocumentPermissionService.isOperationRestricted).toHaveBeenCalledWith("doc-123", "COMMON_OPERATION");
-                expect(mockDocumentPermissionService.canExecuteOperation).not.toHaveBeenCalled();
-            });
-        });
-        describe("Restricted operations", () => {
-            beforeEach(() => {
-                vi.mocked(mockDocumentPermissionService.isOperationRestricted).mockResolvedValue(true);
-            });
-            it("should not throw when user has operation permission", async () => {
-                vi.mocked(mockDocumentPermissionService.canExecuteOperation).mockResolvedValue(true);
-                const ctx = createContext({ userAddress: "0xauthorized" });
-                await expect(assertCanExecuteOperation(mockSubgraph, "doc-123", "RESTRICTED_OP", ctx)).resolves.not.toThrow();
-                expect(mockDocumentPermissionService.canExecuteOperation).toHaveBeenCalledWith("doc-123", "RESTRICTED_OP", "0xauthorized");
-            });
-            it("should throw when user lacks operation permission", async () => {
-                vi.mocked(mockDocumentPermissionService.canExecuteOperation).mockResolvedValue(false);
-                const ctx = createContext({ userAddress: "0xunauthorized" });
-                await expect(assertCanExecuteOperation(mockSubgraph, "doc-123", "RESTRICTED_OP", ctx)).rejects.toThrow(GraphQLError);
-            });
-            it("should throw with operation name in error message", async () => {
-                vi.mocked(mockDocumentPermissionService.canExecuteOperation).mockResolvedValue(false);
-                const ctx = createContext({ userAddress: "0xunauthorized" });
-                await expect(assertCanExecuteOperation(mockSubgraph, "doc-123", "SET_SENSITIVE_DATA", ctx)).rejects.toThrow('Forbidden: insufficient permissions to execute operation "SET_SENSITIVE_DATA" on this document');
-            });
-            it("should pass undefined user address when not authenticated", async () => {
-                vi.mocked(mockDocumentPermissionService.canExecuteOperation).mockResolvedValue(false);
-                const ctx = createContext({});
-                await expect(assertCanExecuteOperation(mockSubgraph, "doc-123", "RESTRICTED_OP", ctx)).rejects.toThrow("Forbidden");
-                expect(mockDocumentPermissionService.canExecuteOperation).toHaveBeenCalledWith("doc-123", "RESTRICTED_OP", undefined);
-            });
-        });
-    });
-    describe("Edge Cases", () => {
-        describe("Empty string user address", () => {
-            it("should handle empty string user address", () => {
-                const ctx = createContext({ userAddress: "" });
-                const result = hasGlobalAdminAccess(ctx);
-                expect(result).toBe(false);
-                expect(ctx.isAdmin).toHaveBeenCalledWith("");
-            });
-        });
-        describe("Case sensitivity", () => {
-            it("should pass user address as-is to permission checks", async () => {
-                const mockDocPermService = {
-                    canRead: vi.fn().mockResolvedValue(true),
-                };
-                const mockSubgraph = {
-                    documentPermissionService: mockDocPermService,
-                    reactorClient: {
-                        getParents: vi.fn().mockResolvedValue({ results: [] }),
-                    },
-                };
-                const ctx = createContext({ userAddress: "0xABCDEF" });
-                await canReadDocument(mockSubgraph, "doc-123", ctx);
-                expect(mockDocPermService.canRead).toHaveBeenCalledWith("doc-123", "0xABCDEF", expect.any(Function));
-            });
-        });
-    });
-});

package/dist/subgraphs/__tests__/vetra-read-model-permissions.test.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export {};
2	- //# sourceMappingURL=vetra-read-model-permissions.test.d.ts.map

package/dist/subgraphs/__tests__/vetra-read-model-permissions.test.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"vetra-read-model-permissions.test.d.ts","sourceRoot":"","sources":["../../../subgraphs/__tests__/vetra-read-model-permissions.test.ts"],"names":[],"mappings":""}