@promakeai/orm 1.0.6 → 1.3.0

package/dist/types.d.ts

@@ -25,7 +25,7 @@ export interface FieldReference {
     onUpdate?: "CASCADE" | "SET_NULL" | "RESTRICT" | "NO_ACTION";
 }
 /**
- * Complete field definition after DSL processing
+ * Complete field definition (normalized from JSON schema)
  */
 export interface FieldDefinition {
     type: FieldType;
@@ -47,12 +47,27 @@ export interface FieldDefinition {
     enum?: string[];
     match?: string;
 }
+/**
+ * Permission roles for table access control
+ */
+export type PermissionRole = "anon" | "user" | "admin";
+/**
+ * Permission actions
+ */
+export type PermissionAction = "create" | "read" | "update" | "delete";
+/**
+ * Table-level permissions mapping roles to allowed actions.
+ * If not defined on a table, no restrictions apply (backward compatible).
+ * Enforced by the backend, not by the ORM.
+ */
+export type TablePermissions = Partial<Record<PermissionRole, PermissionAction[]>>;
 /**
  * Table definition with all fields
  */
 export interface TableDefinition {
     name: string;
     fields: Record<string, FieldDefinition>;
+    permissions?: TablePermissions;
 }
 /**
  * Language configuration
@@ -69,20 +84,6 @@ export interface SchemaDefinition {
     languages: LanguageConfig;
     tables: Record<string, TableDefinition>;
 }
-/**
- * Interface for FieldBuilder-like objects (for type checking)
- */
-export interface FieldBuilderLike {
-    build(): FieldDefinition;
-}
-/**
- * Raw schema input before processing (from user DSL)
- */
-export interface SchemaInput {
-    name?: string;
-    languages: string[] | LanguageConfig;
-    tables: Record<string, Record<string, FieldBuilderLike>>;
-}
 /**
  * JSON-native type syntax for schema.json
  *

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@promakeai/orm",
-  "version": "1.0.6",
+  "version": "1.3.0",
   "description": "Database-agnostic ORM core - works in browser and Node.js",
   "type": "module",
   "main": "./dist/index.js",

package/src/adapters/RestAdapter.ts

@@ -0,0 +1,483 @@
+/**
+ * REST API Adapter
+ *
+ * Communicates with a backend REST API implementing the /database endpoints.
+ * Works in both Node.js and browser environments (uses fetch).
+ */
+
+import type { IDataAdapter } from "./IDataAdapter";
+import type { QueryOptions, PaginatedResult, SchemaDefinition } from "../types";
+import { toTranslationTableName, toTranslationFKName } from "../schema";
+
+type FetchFn = (input: string, init?: any) => Promise<any>;
+
+export interface RestAdapterConfig {
+  /** Base URL for API (e.g., "https://backend.promake.ai/api") */
+  baseUrl: string;
+  /** Database endpoint prefix (default: "/database") */
+  databasePrefix?: string;
+  /** Static authorization token for Bearer auth */
+  token?: string;
+  /** Dynamic token getter - called on every request. Takes priority over static token. */
+  getToken?: () => string | null;
+  /** Custom headers to include in all requests */
+  headers?: Record<string, string>;
+  /** Schema definition for translation support */
+  schema?: SchemaDefinition;
+  /** Default language for translations */
+  defaultLang?: string;
+  /** Custom fetch function (for testing/SSR) */
+  fetch?: FetchFn;
+  /** Request timeout in ms (default: 30000) */
+  timeout?: number;
+}
+
+export class RestAdapter implements IDataAdapter {
+  private baseUrl: string;
+  private databasePrefix: string;
+  private token?: string;
+  private getTokenFn?: () => string | null;
+  private customHeaders: Record<string, string>;
+  private fetchFn: FetchFn;
+  private timeout: number;
+
+  schema?: SchemaDefinition;
+  defaultLang?: string;
+
+  constructor(config: RestAdapterConfig) {
+    this.baseUrl = config.baseUrl.replace(/\/+$/, "");
+    this.databasePrefix = config.databasePrefix ?? "/database";
+    this.token = config.token;
+    this.getTokenFn = config.getToken;
+    this.customHeaders = config.headers ?? {};
+    const gf = globalThis as any;
+    this.fetchFn = config.fetch ?? gf.fetch.bind(gf);
+    this.timeout = config.timeout ?? 30000;
+    this.schema = config.schema;
+    this.defaultLang = config.defaultLang;
+  }
+
+  // ==================== Private Helpers ====================
+
+  private buildUrl(path: string): string {
+    return `${this.baseUrl}${this.databasePrefix}${path}`;
+  }
+
+  private getHeaders(): Record<string, string> {
+    const headers: Record<string, string> = {
+      "Content-Type": "application/json",
+      Accept: "application/json",
+      ...this.customHeaders,
+    };
+    const token = this.getTokenFn ? this.getTokenFn() : this.token;
+    if (token) {
+      headers["Authorization"] = `Bearer ${token}`;
+    }
+    return headers;
+  }
+
+  private async request<T>(url: string, init?: Record<string, any>): Promise<T> {
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), this.timeout);
+
+    try {
+      const response: any = await this.fetchFn(url, {
+        ...init,
+        headers: { ...this.getHeaders(), ...(init?.headers ?? {}) },
+        signal: controller.signal,
+      });
+
+      if (!response.ok) {
+        const body = await response.json().catch(() => null);
+        const message =
+          body?.message || body?.error || `HTTP ${response.status} ${response.statusText}`;
+        throw new Error(message);
+      }
+
+      return await response.json();
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+
+  private buildQueryParams(options?: QueryOptions): URLSearchParams {
+    const params = new URLSearchParams();
+    if (!options) return params;
+
+    if (options.where && Object.keys(options.where).length > 0) {
+      params.set("where", JSON.stringify(options.where));
+    }
+    if (options.orderBy?.length) {
+      params.set(
+        "order",
+        options.orderBy.map((o) => `${o.field}:${o.direction}`).join(",")
+      );
+    }
+    if (options.limit != null) {
+      params.set("limit", String(options.limit));
+    }
+    if (options.offset != null) {
+      params.set("offset", String(options.offset));
+    }
+    if (options.lang) {
+      params.set("lang", options.lang);
+    }
+    if (options.fallbackLang) {
+      params.set("fallback_lang", options.fallbackLang);
+    }
+
+    return params;
+  }
+
+  private urlWithParams(base: string, params: URLSearchParams): string {
+    const qs = params.toString();
+    return qs ? `${base}?${qs}` : base;
+  }
+
+  // ==================== Lifecycle ====================
+
+  setSchema(schema: SchemaDefinition): void {
+    this.schema = schema;
+  }
+
+  async connect(): Promise<void> {
+    if (!this.schema) return;
+
+    // Convert internal SchemaDefinition to the API's expected format
+    const apiSchema: Record<string, { columns: Record<string, unknown>[] }> = {};
+
+    for (const [tableName, tableDef] of Object.entries(this.schema.tables)) {
+      const columns: Record<string, unknown>[] = [];
+      for (const [fieldName, fieldDef] of Object.entries(tableDef.fields)) {
+        const col: Record<string, unknown> = {
+          name: fieldName,
+          type: this.mapFieldType(fieldDef.type),
+        };
+        if (fieldDef.primary) col.primary_key = true;
+        if (!fieldDef.nullable) col.not_null = true;
+        if (fieldDef.unique) col.unique = true;
+        if (fieldDef.default !== undefined) col.default_value = String(fieldDef.default);
+        if (fieldDef.translatable) col.translatable = true;
+        columns.push(col);
+      }
+      const tableEntry: Record<string, unknown> = { columns };
+      if (tableDef.permissions) {
+        tableEntry.permissions = tableDef.permissions;
+      }
+      apiSchema[tableName] = tableEntry as { columns: Record<string, unknown>[] };
+    }
+
+    await this.request(this.buildUrl("/generate"), {
+      method: "POST",
+      body: JSON.stringify({ schema: { tables: apiSchema } }),
+    });
+  }
+
+  private mapFieldType(type: string): string {
+    switch (type) {
+      case "id":
+      case "int":
+        return "INTEGER";
+      case "string":
+      case "text":
+      case "timestamp":
+        return "TEXT";
+      case "decimal":
+        return "REAL";
+      case "bool":
+        return "INTEGER";
+      case "json":
+      case "object":
+      case "object[]":
+      case "string[]":
+      case "number[]":
+      case "boolean[]":
+        return "TEXT";
+      default:
+        return "TEXT";
+    }
+  }
+
+  close(): void {
+    // No-op for REST
+  }
+
+  // ==================== Query Methods ====================
+
+  async list<T = unknown>(table: string, options?: QueryOptions): Promise<T[]> {
+    const params = this.buildQueryParams(options);
+    const url = this.urlWithParams(this.buildUrl(`/${table}/list`), params);
+    const res = await this.request<{ data: T[] }>(url);
+    return res.data;
+  }
+
+  async get<T = unknown>(
+    table: string,
+    id: string | number,
+    options?: QueryOptions
+  ): Promise<T | null> {
+    const params = new URLSearchParams();
+    if (options?.lang) params.set("lang", options.lang);
+    if (options?.fallbackLang) params.set("fallback_lang", options.fallbackLang);
+    const url = this.urlWithParams(this.buildUrl(`/${table}/${id}`), params);
+
+    try {
+      const res = await this.request<{ data: T }>(url);
+      return res.data ?? null;
+    } catch (err) {
+      if (err instanceof Error && err.message.includes("404")) {
+        return null;
+      }
+      throw err;
+    }
+  }
+
+  async findOne<T = unknown>(
+    table: string,
+    options?: QueryOptions
+  ): Promise<T | null> {
+    const results = await this.list<T>(table, { ...options, limit: 1 });
+    return results[0] ?? null;
+  }
+
+  async count(table: string, options?: QueryOptions): Promise<number> {
+    const params = new URLSearchParams();
+    if (options?.where && Object.keys(options.where).length > 0) {
+      params.set("where", JSON.stringify(options.where));
+    }
+    const url = this.urlWithParams(this.buildUrl(`/${table}/count`), params);
+    const res = await this.request<{ count: number }>(url);
+    return res.count;
+  }
+
+  async paginate<T = unknown>(
+    table: string,
+    page: number,
+    limit: number,
+    options?: QueryOptions
+  ): Promise<PaginatedResult<T>> {
+    const offset = (page - 1) * limit;
+    const [total, data] = await Promise.all([
+      this.count(table, options),
+      this.list<T>(table, { ...options, limit, offset }),
+    ]);
+    const totalPages = Math.ceil(total / limit);
+    return {
+      data,
+      page,
+      limit,
+      total,
+      totalPages,
+      hasMore: page < totalPages,
+    };
+  }
+
+  // ==================== Write Methods ====================
+
+  async create<T = unknown>(
+    table: string,
+    data: Record<string, unknown>
+  ): Promise<T> {
+    const url = this.buildUrl(`/${table}/create`);
+    const res = await this.request<{ data: T; id: unknown }>(url, {
+      method: "POST",
+      body: JSON.stringify({ data }),
+    });
+    // Backend returns id at top level, merge it into data
+    const result = (res.data ?? {}) as Record<string, unknown>;
+    if (res.id !== undefined && !("id" in result)) {
+      result.id = res.id;
+    }
+    return result as T;
+  }
+
+  async update<T = unknown>(
+    table: string,
+    id: string | number,
+    data: Record<string, unknown>,
+    options?: { translations?: Record<string, Record<string, unknown>> }
+  ): Promise<T> {
+    const url = this.buildUrl(`/${table}/${id}`);
+    const body: Record<string, unknown> = { data };
+    if (options?.translations) {
+      body.translations = options.translations;
+    }
+    const res = await this.request<{ data: T }>(url, {
+      method: "PUT",
+      body: JSON.stringify(body),
+    });
+    return res.data;
+  }
+
+  async delete(table: string, id: string | number): Promise<boolean> {
+    const url = this.buildUrl(`/${table}/${id}`);
+    try {
+      const res = await this.request<{ deleted: boolean }>(url, {
+        method: "DELETE",
+      });
+      return res.deleted ?? true;
+    } catch (err) {
+      if (err instanceof Error && err.message.includes("404")) {
+        return false;
+      }
+      throw err;
+    }
+  }
+
+  // ==================== Batch Methods ====================
+
+  async createMany<T = unknown>(
+    table: string,
+    records: Record<string, unknown>[],
+    options?: { ignore?: boolean; noAtomic?: boolean }
+  ): Promise<{ created: number; ids: (number | bigint)[] }> {
+    const url = this.buildUrl(`/${table}/create-batch`);
+    const res = await this.request<{ created: number; ids: (number | bigint)[] }>(url, {
+      method: "POST",
+      body: JSON.stringify({
+        records,
+        ignore: options?.ignore ?? false,
+        no_atomic: options?.noAtomic ?? false,
+      }),
+    });
+    return { created: res.created, ids: res.ids };
+  }
+
+  async updateMany(
+    table: string,
+    updates: { id: number | string; data: Record<string, unknown> }[],
+    options?: { noAtomic?: boolean }
+  ): Promise<{ updated: number }> {
+    const url = this.buildUrl(`/${table}/update-batch`);
+    const res = await this.request<{ updated: number }>(url, {
+      method: "POST",
+      body: JSON.stringify({
+        updates,
+        no_atomic: options?.noAtomic ?? false,
+      }),
+    });
+    return { updated: res.updated };
+  }
+
+  async deleteMany(
+    table: string,
+    ids: (number | string)[],
+    options?: { noAtomic?: boolean }
+  ): Promise<{ deleted: number }> {
+    const url = this.buildUrl(`/${table}/delete-batch`);
+    const res = await this.request<{ deleted: number }>(url, {
+      method: "POST",
+      body: JSON.stringify({
+        ids,
+        no_atomic: options?.noAtomic ?? false,
+      }),
+    });
+    return { deleted: res.deleted };
+  }
+
+  // ==================== Translation Methods ====================
+
+  async createWithTranslations<T = unknown>(
+    table: string,
+    data: Record<string, unknown>,
+    translations?: Record<string, Record<string, unknown>>
+  ): Promise<T> {
+    const url = this.buildUrl(`/${table}/create`);
+    const res = await this.request<{ data: T; id: unknown }>(url, {
+      method: "POST",
+      body: JSON.stringify({ data, translations }),
+    });
+    // Backend returns id at top level, merge it into data
+    const result = (res.data ?? {}) as Record<string, unknown>;
+    if (res.id !== undefined && !("id" in result)) {
+      result.id = res.id;
+    }
+    return result as T;
+  }
+
+  async upsertTranslation(
+    table: string,
+    id: string | number,
+    lang: string,
+    data: Record<string, unknown>
+  ): Promise<void> {
+    const url = this.buildUrl(`/${table}/${id}`);
+    await this.request(url, {
+      method: "PUT",
+      body: JSON.stringify({ data, lang }),
+    });
+  }
+
+  async getTranslations<T = unknown>(
+    table: string,
+    id: string | number
+  ): Promise<T[]> {
+    const translationTable = toTranslationTableName(table);
+    const fkName = toTranslationFKName(table);
+    const params = new URLSearchParams();
+    params.set("where", JSON.stringify({ [fkName]: id }));
+    const url = this.urlWithParams(
+      this.buildUrl(`/${translationTable}/list`),
+      params
+    );
+    const res = await this.request<{ data: T[] }>(url);
+    return res.data;
+  }
+
+  // ==================== Raw Query Methods ====================
+
+  async raw<T = unknown>(query: string, params?: unknown[]): Promise<T[]> {
+    const url = this.buildUrl("/exec");
+    const res = await this.request<{ data: T[] }>(url, {
+      method: "POST",
+      body: JSON.stringify({ sql: query, params: params ?? [] }),
+    });
+    return res.data;
+  }
+
+  async execute(
+    query: string,
+    params?: unknown[]
+  ): Promise<{ changes: number; lastInsertRowid: number | bigint }> {
+    const url = this.buildUrl("/exec");
+    const res = await this.request<{
+      changes: number;
+      last_insert_rowid: number;
+    }>(url, {
+      method: "POST",
+      body: JSON.stringify({ sql: query, params: params ?? [] }),
+    });
+    return {
+      changes: res.changes,
+      lastInsertRowid: res.last_insert_rowid ?? 0,
+    };
+  }
+
+  // ==================== Transaction Methods ====================
+
+  async beginTransaction(): Promise<void> {
+    // No-op: REST API handles atomicity per-request
+  }
+
+  async commit(): Promise<void> {
+    // No-op
+  }
+
+  async rollback(): Promise<void> {
+    // No-op
+  }
+
+  // ==================== Schema Methods ====================
+
+  async getTables(): Promise<string[]> {
+    const url = this.buildUrl("/tables");
+    const res = await this.request<{ tables: string[] }>(url);
+    return res.tables;
+  }
+
+  async getTableSchema(table: string): Promise<unknown[]> {
+    const url = this.buildUrl(`/${table}/schema`);
+    const res = await this.request<{ columns: unknown[] }>(url);
+    return res.columns;
+  }
+}

package/src/index.ts

@@ -5,21 +5,21 @@
  *
  * @example
  * ```typescript
- * import { ORM, defineSchema, f } from '@promakeai/orm';
+ * import { ORM, parseJSONSchema } from '@promakeai/orm';
  *
- * // Define schema
- * const schema = defineSchema({
+ * // Parse JSON schema
+ * const schema = parseJSONSchema({
  *   languages: ['en', 'tr'],
  *   tables: {
  *     products: {
- *       id: f.id(),
- *       name: f.string().translatable().required(),
- *       price: f.decimal().required(),
- *       categoryId: f.int().ref('categories'),
+ *       id: { type: 'id' },
+ *       name: { type: 'string', translatable: true, required: true },
+ *       price: { type: 'decimal', required: true },
+ *       categoryId: { type: 'int', ref: 'categories' },
  *     },
  *     categories: {
- *       id: f.id(),
- *       name: f.string().translatable().required(),
+ *       id: { type: 'id' },
+ *       name: { type: 'string', translatable: true, required: true },
  *     },
  *   },
  * });
@@ -39,14 +39,8 @@ export { ORM } from "./ORM";
 // Adapter Interface
 export type { IDataAdapter } from "./adapters/IDataAdapter";
 
-// Schema API
-export {
-  defineSchema,
-  f,
-  mergeSchemas,
-  createSchemaUnsafe,
-} from "./schema";
-export type { FieldBuilder } from "./schema";
+// REST Adapter
+export { RestAdapter, type RestAdapterConfig } from "./adapters/RestAdapter";
 
 // Schema Validation
 export {
@@ -86,6 +80,7 @@ export {
   getRequiredFields,
   getRefTarget,
   getRefTargetFull,
+  getTablePermissions,
 } from "./schema";
 
 // Query Builder
@@ -113,12 +108,12 @@ export {
 } from "./utils/populateResolver";
 export type { PopulateAdapter } from "./utils/populateResolver";
 
-// JSON Schema Converter
-export {
-  parseJSONSchema,
-  parseJSONSchemaWithWarnings,
-} from "./utils/jsonConverter";
-export type { ParseJSONSchemaResult } from "./utils/jsonConverter";
+// JSON Schema Converter
+export {
+  parseJSONSchema,
+  parseJSONSchemaWithWarnings,
+} from "./utils/jsonConverter";
+export type { ParseJSONSchemaResult } from "./utils/jsonConverter";
 
 // Type Helpers
 export { isJsonType } from "./types";
@@ -132,13 +127,15 @@ export type {
   FieldType,
   FieldDefinition,
   FieldReference,
-  FieldBuilderLike,
-
   // Schema types
   TableDefinition,
   LanguageConfig,
   SchemaDefinition,
-  SchemaInput,
+
+  // Permission types
+  PermissionRole,
+  PermissionAction,
+  TablePermissions,
 
   // JSON Schema types (AI-friendly)
   JSONFieldType,

package/src/schema/index.ts

@@ -2,10 +2,6 @@
  * Schema Module Exports
  */
 
-// Main API
-export { defineSchema, f, mergeSchemas, createSchemaUnsafe } from "./defineSchema";
-export type { FieldBuilder } from "./fieldBuilder";
-
 // Validation
 export {
   validateSchema,
@@ -44,4 +40,5 @@ export {
   getRequiredFields,
   getRefTarget,
   getRefTargetFull,
+  getTablePermissions,
 } from "./schemaHelpers";

package/src/schema/schemaHelpers.ts

@@ -4,7 +4,7 @@
  * Utilities for working with schema definitions.
  */
 
-import type { TableDefinition, FieldDefinition, FieldReference } from "../types";
+import type { TableDefinition, FieldDefinition, FieldReference, TablePermissions } from "../types";
 import { isJsonType } from "../types";
 
 /**
@@ -122,3 +122,10 @@ export function getRefTargetFull(
   }
   return { table: field.ref.table, field: field.ref.field || "id" };
 }
+
+/**
+ * Get table permissions (undefined if no restrictions)
+ */
+export function getTablePermissions(table: TableDefinition): TablePermissions | undefined {
+  return table.permissions;
+}