@prisma-next/extension-supabase 0.13.0-dev.9 → 0.14.0-dev.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,9 +1,8 @@
1
1
  //#region test/supabase-bootstrap.ts
2
2
  /**
3
- * Seeds the database with the external Supabase schemas and tables. The
4
- * caller passes an already-connected `pg.Client` — this function does not
5
- * open or close connections, so the same client can be reused across the
6
- * test's other setup steps.
3
+ * Seeds the database with the external Supabase schemas, tables, roles, and grants.
4
+ * The caller passes an already-connected `pg.Client` — this function does not
5
+ * open or close connections.
7
6
  *
8
7
  * Creates two schemas (`auth`, `storage`) and four tables whose columns
9
8
  * exactly match the `@prisma-next/extension-supabase` contract:
@@ -13,8 +12,10 @@
13
12
  * - `storage.buckets` — id text PK, name text, created_at timestamptz, updated_at timestamptz
14
13
  * - `storage.objects` — id uuid PK, bucket_id text, name text, created_at timestamptz, updated_at timestamptz
15
14
  *
16
- * Does NOT create Postgres roles or `auth.*` functions those are added by
17
- * the `postgres-rls` constituent.
15
+ * Creates the three Postgres roles and grants that mirror a real Supabase database.
16
+ * `ALTER DEFAULT PRIVILEGES` covers tables created after the shim runs (e.g. via `dbInit`).
17
+ * WAL grants are guarded by a schema-existence check — a PGlite single-connection
18
+ * accommodation so role-bound sessions can interleave with the WAL drain query.
18
19
  */
19
20
  async function bootstrapSupabaseShim(client) {
20
21
  await client.query("CREATE SCHEMA IF NOT EXISTS auth");
@@ -57,6 +58,18 @@ async function bootstrapSupabaseShim(client) {
57
58
  PRIMARY KEY (id)
58
59
  )
59
60
  `);
61
+ await client.query("CREATE ROLE anon NOLOGIN");
62
+ await client.query("CREATE ROLE authenticated NOLOGIN");
63
+ await client.query("CREATE ROLE service_role NOLOGIN BYPASSRLS");
64
+ await client.query("GRANT USAGE ON SCHEMA public TO anon, authenticated, service_role");
65
+ await client.query("GRANT USAGE ON SCHEMA auth, storage TO anon, authenticated, service_role");
66
+ await client.query("GRANT ALL ON ALL TABLES IN SCHEMA auth TO service_role");
67
+ await client.query("GRANT ALL ON ALL TABLES IN SCHEMA storage TO service_role");
68
+ await client.query("GRANT SELECT ON ALL TABLES IN SCHEMA auth TO anon, authenticated");
69
+ await client.query("GRANT SELECT ON ALL TABLES IN SCHEMA storage TO anon, authenticated");
70
+ await client.query("ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO service_role");
71
+ await client.query("ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, UPDATE ON TABLES TO authenticated");
72
+ await client.query("ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO anon");
60
73
  }
61
74
  //#endregion
62
75
  export { bootstrapSupabaseShim };
@@ -1 +1 @@
1
- {"version":3,"file":"utils.mjs","names":[],"sources":["../../test/supabase-bootstrap.ts"],"sourcesContent":["/**\n * Shared Supabase test fixture — seeds the external schemas and tables.\n *\n * Seeds a Postgres/PGlite database with the external Supabase schemas and\n * tables that the framework verifier expects when a composed contract declares\n * `auth.*` and `storage.*` tables as `external`. Without these tables present,\n * `db init`/`db update` will fail at the verify step because the framework\n * confirms declared `external` tables exist.\n *\n * **M1 scope:** `CREATE SCHEMA auth, storage` + the four tables\n * (`auth.users`, `auth.identities`, `storage.buckets`, `storage.objects`) with\n * columns matching the Supabase extension contract's pinned model table.\n *\n * **Future increments:**\n * - `postgres-rls` constituent adds Postgres roles (`anon`, `authenticated`,\n * `service_role`) and the `auth.uid()`, `auth.jwt()`, `auth.role()` functions.\n * - `cross-contract-refs` constituent seeds `auth.users` rows for FK tests.\n *\n * The caller owns the client lifecycle — pass any already-connected `pg.Client`\n * (e.g. one the test is sharing across setup steps, or one bound to a\n * transaction for isolation). Convenience wrapper for tests that don't already\n * have one:\n *\n * @example\n * ```ts\n * import { withClient } from '@prisma-next/test-utils';\n * import { bootstrapSupabaseShim } from '@prisma-next/extension-supabase/test/utils';\n *\n * await withClient(connectionString, async (client) => {\n * await bootstrapSupabaseShim(client);\n * });\n * ```\n */\nimport type { Client } from 'pg';\n\n/**\n * Seeds the database with the external Supabase schemas and tables. The\n * caller passes an already-connected `pg.Client` — this function does not\n * open or close connections, so the same client can be reused across the\n * test's other setup steps.\n *\n * Creates two schemas (`auth`, `storage`) and four tables whose columns\n * exactly match the `@prisma-next/extension-supabase` contract:\n *\n * - `auth.users` — id uuid PK, email text, created_at timestamptz, updated_at timestamptz\n * - `auth.identities` — id uuid PK, user_id uuid, provider text, created_at timestamptz, updated_at timestamptz\n * - `storage.buckets` — id text PK, name text, created_at timestamptz, updated_at timestamptz\n * - `storage.objects` — id uuid PK, bucket_id text, name text, created_at timestamptz, updated_at timestamptz\n *\n * Does NOT create Postgres roles or `auth.*` functions those are added by\n * the `postgres-rls` constituent.\n */\nexport async function bootstrapSupabaseShim(client: Client): Promise<void> {\n await client.query('CREATE SCHEMA IF NOT EXISTS auth');\n await client.query('CREATE SCHEMA IF NOT EXISTS storage');\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS auth.users (\n id uuid NOT NULL,\n email text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS auth.identities (\n id uuid NOT NULL,\n user_id uuid NOT NULL,\n provider text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS storage.buckets (\n id text NOT NULL,\n name text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS storage.objects (\n id uuid NOT NULL,\n bucket_id text NOT NULL,\n name text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAoDA,eAAsB,sBAAsB,QAA+B;CACzE,MAAM,OAAO,MAAM,kCAAkC;CACrD,MAAM,OAAO,MAAM,qCAAqC;CAExD,MAAM,OAAO,MAAM;;;;;;;;GAQlB;CAED,MAAM,OAAO,MAAM;;;;;;;;;GASlB;CAED,MAAM,OAAO,MAAM;;;;;;;;GAQlB;CAED,MAAM,OAAO,MAAM;;;;;;;;;GASlB;AACH"}
1
+ {"version":3,"file":"utils.mjs","names":[],"sources":["../../test/supabase-bootstrap.ts"],"sourcesContent":["/**\n * Shared Supabase test fixture — seeds the external schemas, tables, roles, and grants.\n *\n * Seeds a Postgres/PGlite database with the external Supabase schemas and\n * tables that the framework verifier expects when a composed contract declares\n * `auth.*` and `storage.*` tables as `external`. Without these tables present,\n * `db init`/`db update` will fail at the verify step because the framework\n * confirms declared `external` tables exist.\n *\n * Also creates the three Postgres roles (`anon`, `authenticated`, `service_role`)\n * with grants that mirror a real Supabase database. `ALTER DEFAULT PRIVILEGES`\n * ensures tables created after the shim runs (e.g. `public.profile` via `dbInit`)\n * are automatically accessible to the roles.\n *\n * The caller owns the client lifecycle — pass any already-connected `pg.Client`\n * (e.g. one the test is sharing across setup steps, or one bound to a\n * transaction for isolation). Convenience wrapper for tests that don't already\n * have one:\n *\n * @example\n * ```ts\n * import { withClient } from '@prisma-next/test-utils';\n * import { bootstrapSupabaseShim } from '@prisma-next/extension-supabase/test/utils';\n *\n * await withClient(connectionString, async (client) => {\n * await bootstrapSupabaseShim(client);\n * });\n * ```\n */\nimport type { Client } from 'pg';\n\n/**\n * Seeds the database with the external Supabase schemas, tables, roles, and grants.\n * The caller passes an already-connected `pg.Client` — this function does not\n * open or close connections.\n *\n * Creates two schemas (`auth`, `storage`) and four tables whose columns\n * exactly match the `@prisma-next/extension-supabase` contract:\n *\n * - `auth.users` — id uuid PK, email text, created_at timestamptz, updated_at timestamptz\n * - `auth.identities` — id uuid PK, user_id uuid, provider text, created_at timestamptz, updated_at timestamptz\n * - `storage.buckets` — id text PK, name text, created_at timestamptz, updated_at timestamptz\n * - `storage.objects` — id uuid PK, bucket_id text, name text, created_at timestamptz, updated_at timestamptz\n *\n * Creates the three Postgres roles and grants that mirror a real Supabase database.\n * `ALTER DEFAULT PRIVILEGES` covers tables created after the shim runs (e.g. via `dbInit`).\n * WAL grants are guarded by a schema-existence check — a PGlite single-connection\n * accommodation so role-bound sessions can interleave with the WAL drain query.\n */\nexport async function bootstrapSupabaseShim(client: Client): Promise<void> {\n await client.query('CREATE SCHEMA IF NOT EXISTS auth');\n await client.query('CREATE SCHEMA IF NOT EXISTS storage');\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS auth.users (\n id uuid NOT NULL,\n email text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS auth.identities (\n id uuid NOT NULL,\n user_id uuid NOT NULL,\n provider text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS storage.buckets (\n id text NOT NULL,\n name text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n\n await client.query(`\n CREATE TABLE IF NOT EXISTS storage.objects (\n id uuid NOT NULL,\n bucket_id text NOT NULL,\n name text NOT NULL,\n created_at timestamptz NOT NULL,\n updated_at timestamptz NOT NULL,\n PRIMARY KEY (id)\n )\n `);\n\n // Roles + grants mirror a real Supabase database; WAL grants are a\n // PGlite-single-connection test accommodation.\n await client.query('CREATE ROLE anon NOLOGIN');\n await client.query('CREATE ROLE authenticated NOLOGIN');\n await client.query('CREATE ROLE service_role NOLOGIN BYPASSRLS');\n await client.query('GRANT USAGE ON SCHEMA public TO anon, authenticated, service_role');\n await client.query('GRANT USAGE ON SCHEMA auth, storage TO anon, authenticated, service_role');\n await client.query('GRANT ALL ON ALL TABLES IN SCHEMA auth TO service_role');\n await client.query('GRANT ALL ON ALL TABLES IN SCHEMA storage TO service_role');\n await client.query('GRANT SELECT ON ALL TABLES IN SCHEMA auth TO anon, authenticated');\n await client.query('GRANT SELECT ON ALL TABLES IN SCHEMA storage TO anon, authenticated');\n\n // Default privileges cover tables created after this shim runs (e.g. public.profile via dbInit).\n await client.query(\n 'ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO service_role',\n );\n await client.query(\n 'ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, UPDATE ON TABLES TO authenticated',\n );\n await client.query('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO anon');\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAiDA,eAAsB,sBAAsB,QAA+B;CACzE,MAAM,OAAO,MAAM,kCAAkC;CACrD,MAAM,OAAO,MAAM,qCAAqC;CAExD,MAAM,OAAO,MAAM;;;;;;;;GAQlB;CAED,MAAM,OAAO,MAAM;;;;;;;;;GASlB;CAED,MAAM,OAAO,MAAM;;;;;;;;GAQlB;CAED,MAAM,OAAO,MAAM;;;;;;;;;GASlB;CAID,MAAM,OAAO,MAAM,0BAA0B;CAC7C,MAAM,OAAO,MAAM,mCAAmC;CACtD,MAAM,OAAO,MAAM,4CAA4C;CAC/D,MAAM,OAAO,MAAM,mEAAmE;CACtF,MAAM,OAAO,MAAM,0EAA0E;CAC7F,MAAM,OAAO,MAAM,wDAAwD;CAC3E,MAAM,OAAO,MAAM,2DAA2D;CAC9E,MAAM,OAAO,MAAM,kEAAkE;CACrF,MAAM,OAAO,MAAM,qEAAqE;CAGxF,MAAM,OAAO,MACX,+EACF;CACA,MAAM,OAAO,MACX,2FACF;CACA,MAAM,OAAO,MAAM,0EAA0E;AAC/F"}
package/package.json CHANGED
@@ -1,44 +1,47 @@
1
1
  {
2
2
  "name": "@prisma-next/extension-supabase",
3
- "version": "0.13.0-dev.9",
3
+ "version": "0.14.0-dev.1",
4
4
  "license": "Apache-2.0",
5
5
  "type": "module",
6
6
  "sideEffects": false,
7
7
  "dependencies": {
8
- "@prisma-next/contract": "0.13.0-dev.9",
9
- "@prisma-next/contract-authoring": "0.13.0-dev.9",
10
- "@prisma-next/family-sql": "0.13.0-dev.9",
11
- "@prisma-next/framework-components": "0.13.0-dev.9",
12
- "@prisma-next/migration-tools": "0.13.0-dev.9",
13
- "@prisma-next/sql-contract": "0.13.0-dev.9",
14
- "@prisma-next/sql-contract-ts": "0.13.0-dev.9",
15
- "@prisma-next/sql-operations": "0.13.0-dev.9",
16
- "@prisma-next/sql-relational-core": "0.13.0-dev.9",
17
- "@prisma-next/sql-runtime": "0.13.0-dev.9",
18
- "@prisma-next/sql-schema-ir": "0.13.0-dev.9",
19
- "@prisma-next/utils": "0.13.0-dev.9",
8
+ "@prisma-next/adapter-postgres": "0.14.0-dev.1",
9
+ "@prisma-next/contract": "0.14.0-dev.1",
10
+ "@prisma-next/driver-postgres": "0.14.0-dev.1",
11
+ "@prisma-next/postgres": "0.14.0-dev.1",
12
+ "@prisma-next/sql-builder": "0.14.0-dev.1",
13
+ "@prisma-next/sql-orm-client": "0.14.0-dev.1",
14
+ "@prisma-next/target-postgres": "0.14.0-dev.1",
15
+ "jose": "^6",
16
+ "pg": "8.21.0",
17
+ "@prisma-next/contract-authoring": "0.14.0-dev.1",
18
+ "@prisma-next/family-sql": "0.14.0-dev.1",
19
+ "@prisma-next/framework-components": "0.14.0-dev.1",
20
+ "@prisma-next/migration-tools": "0.14.0-dev.1",
21
+ "@prisma-next/sql-contract": "0.14.0-dev.1",
22
+ "@prisma-next/sql-contract-ts": "0.14.0-dev.1",
23
+ "@prisma-next/sql-operations": "0.14.0-dev.1",
24
+ "@prisma-next/sql-relational-core": "0.14.0-dev.1",
25
+ "@prisma-next/sql-runtime": "0.14.0-dev.1",
26
+ "@prisma-next/sql-schema-ir": "0.14.0-dev.1",
27
+ "@prisma-next/utils": "0.14.0-dev.1",
20
28
  "@standard-schema/spec": "^1.1.0",
21
29
  "arktype": "^2.2.0"
22
30
  },
23
31
  "devDependencies": {
24
- "@prisma-next/adapter-postgres": "0.13.0-dev.9",
25
- "@prisma-next/cli": "0.13.0-dev.9",
26
- "@prisma-next/driver-postgres": "0.13.0-dev.9",
27
- "@prisma-next/operations": "0.13.0-dev.9",
28
- "@prisma-next/postgres": "0.13.0-dev.9",
29
- "@prisma-next/sql-contract-psl": "0.13.0-dev.9",
30
- "@prisma-next/target-postgres": "0.13.0-dev.9",
31
- "@prisma-next/test-utils": "0.13.0-dev.9",
32
- "@prisma-next/tsconfig": "0.13.0-dev.9",
33
- "@prisma-next/tsdown": "0.13.0-dev.9",
32
+ "@prisma-next/cli": "0.14.0-dev.1",
33
+ "@prisma-next/operations": "0.14.0-dev.1",
34
+ "@prisma-next/sql-contract-psl": "0.14.0-dev.1",
35
+ "@prisma-next/test-utils": "0.14.0-dev.1",
36
+ "@prisma-next/tsconfig": "0.14.0-dev.1",
37
+ "@prisma-next/tsdown": "0.14.0-dev.1",
34
38
  "@types/pg": "8.20.0",
35
- "pg": "8.21.0",
36
39
  "tsdown": "0.22.1",
37
40
  "typescript": "5.9.3",
38
41
  "vitest": "4.1.8"
39
42
  },
40
43
  "peerDependencies": {
41
- "@prisma-next/adapter-postgres": "0.13.0-dev.9",
44
+ "@prisma-next/adapter-postgres": "0.14.0-dev.1",
42
45
  "typescript": ">=5.9"
43
46
  },
44
47
  "peerDependenciesMeta": {