npm - @rapidd/build - Versions diffs - 1.0.0 - Mend

@rapidd/build 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/LICENSE +21 -0
package/README.md +86 -0
package/bin/cli.js +30 -0
package/index.js +11 -0
package/package.json +63 -0
package/src/commands/build.js +448 -0
package/src/generators/modelGenerator.js +168 -0
package/src/generators/relationshipsGenerator.js +186 -0
package/src/generators/rlsGenerator.js +334 -0
package/src/generators/rlsGeneratorV2.js +381 -0
package/src/generators/routeGenerator.js +127 -0
package/src/parsers/advancedRLSConverter.js +305 -0
package/src/parsers/autoRLSConverter.js +322 -0
package/src/parsers/datasourceParser.js +73 -0
package/src/parsers/deepSQLAnalyzer.js +540 -0
package/src/parsers/dynamicRLSConverter.js +353 -0
package/src/parsers/enhancedRLSConverter.js +181 -0
package/src/parsers/functionAnalyzer.js +302 -0
package/src/parsers/postgresRLSConverter.js +192 -0
package/src/parsers/prismaFilterBuilder.js +422 -0
package/src/parsers/prismaParser.js +245 -0
package/src/parsers/sqlToJsConverter.js +611 -0

package/src/parsers/functionAnalyzer.js ADDED Viewed

@@ -0,0 +1,302 @@
+/**
+ * PostgreSQL Function Analyzer
+ * Dynamically analyzes PostgreSQL functions and generates JavaScript mappings
+ */
+const { Client } = require('pg');
+/**
+ * Analyze all PostgreSQL functions used in RLS policies
+ * @param {string} databaseUrl - PostgreSQL connection URL
+ * @returns {Object} - Function mappings and metadata
+ */
+async function analyzeFunctions(databaseUrl) {
+  if (!databaseUrl) {
+    return {
+      functionMappings: {},
+      sessionVariables: [],
+      userContextRequirements: {}
+    };
+  }
+  const client = new Client({ connectionString: databaseUrl });
+  try {
+    await client.connect();
+    // Step 1: Find all functions used in RLS policies
+    const functionsQuery = await client.query(`
+      WITH rls_text AS (
+        SELECT
+          qual || ' ' || COALESCE(with_check, '') as policy_text
+        FROM pg_policies
+        WHERE schemaname = 'public'
+      ),
+      function_names AS (
+        SELECT DISTINCT
+          unnest(
+            regexp_matches(
+              policy_text,
+              '(\\w+)\\s*\\(',
+              'g'
+            )
+          ) as function_name
+        FROM rls_text
+      )
+      SELECT function_name
+      FROM function_names
+      WHERE function_name NOT IN ('SELECT', 'EXISTS', 'ANY', 'ARRAY', 'WHERE', 'AND', 'OR', 'NOT', 'IN', 'THEN', 'ELSE', 'CASE', 'WHEN', 'END')
+      AND function_name NOT LIKE 'current_setting%'
+    `);
+    const functionNames = functionsQuery.rows.map(r => r.function_name);
+    // Step 2: Analyze each function's definition
+    const functionMappings = {};
+    const userContextRequirements = {};
+    const sessionVariables = new Set();
+    for (const funcName of functionNames) {
+      try {
+        const funcDef = await client.query(`
+          SELECT
+            proname as name,
+            prosrc as source,
+            pg_get_functiondef(oid) as full_definition,
+            prorettype::regtype as return_type
+          FROM pg_proc
+          WHERE proname = $1
+          AND pronamespace = (SELECT oid FROM pg_namespace WHERE nspname = 'public')
+        `, [funcName]);
+        if (funcDef.rows.length > 0) {
+          const func = funcDef.rows[0];
+          const analysis = analyzeFunctionBody(func.source, func.return_type);
+          functionMappings[funcName] = analysis.mapping;
+          // Track what this function requires
+          if (analysis.requiresUserId) {
+            userContextRequirements.id = true;
+          }
+          if (analysis.queriesTable) {
+            userContextRequirements[analysis.returnField] = {
+              table: analysis.queriesTable,
+              lookupField: analysis.lookupField || 'user_id',
+              description: `${funcName}() queries ${analysis.queriesTable} table`
+            };
+          }
+          // Track session variables
+          analysis.sessionVars.forEach(v => sessionVariables.add(v));
+        }
+      } catch (e) {
+        console.warn(`Could not analyze function ${funcName}:`, e.message);
+      }
+    }
+    // Step 3: Find all session variables used
+    const settingsQuery = await client.query(`
+      SELECT DISTINCT
+        unnest(
+          regexp_matches(
+            pg_policies.qual || ' ' || COALESCE(pg_policies.with_check, ''),
+            'current_setting\\s*\\(\\s*''([^'']+)''',
+            'g'
+          )
+        ) as setting_name
+      FROM pg_policies
+      WHERE schemaname = 'public'
+    `);
+    settingsQuery.rows.forEach(r => sessionVariables.add(r.setting_name));
+    await client.end();
+    return {
+      functionMappings,
+      sessionVariables: Array.from(sessionVariables),
+      userContextRequirements
+    };
+  } catch (error) {
+    try {
+      await client.end();
+    } catch (e) {}
+    console.warn('Could not analyze PostgreSQL functions:', error.message);
+    return {
+      functionMappings: {},
+      sessionVariables: [],
+      userContextRequirements: {}
+    };
+  }
+}
+/**
+ * Analyze a PostgreSQL function body to understand what it does
+ * @param {string} functionBody - The PL/pgSQL function source
+ * @param {string} returnType - The return type of the function
+ * @returns {Object} - Analysis results
+ */
+function analyzeFunctionBody(functionBody, returnType) {
+  const analysis = {
+    mapping: null,
+    requiresUserId: false,
+    queriesTable: null,
+    returnField: null,
+    lookupField: null,
+    sessionVars: []
+  };
+  if (!functionBody) return analysis;
+  // Detect session variable usage
+  const sessionMatches = functionBody.matchAll(/current_setting\s*\(\s*'([^']+)'/gi);
+  for (const match of sessionMatches) {
+    analysis.sessionVars.push(match[1]);
+    if (match[1].includes('user_id')) {
+      analysis.requiresUserId = true;
+    }
+  }
+  // Detect SELECT statements to understand what table is queried
+  const selectMatch = functionBody.match(/SELECT\s+(\w+)(?:\.(\w+))?\s+INTO\s+\w+\s+FROM\s+(\w+)/i);
+  if (selectMatch) {
+    const fieldOrAlias = selectMatch[1];
+    const fieldName = selectMatch[2] || fieldOrAlias;
+    const tableName = selectMatch[3];
+    analysis.queriesTable = tableName;
+    // Infer the return field name
+    if (fieldName === 'id' || fieldOrAlias === 'id') {
+      analysis.returnField = `${tableName}_id`;
+    } else {
+      analysis.returnField = fieldName;
+    }
+    // Detect the lookup condition
+    const whereMatch = functionBody.match(/WHERE\s+\w+\.(\w+)\s*=\s*current_setting/i);
+    if (whereMatch) {
+      analysis.lookupField = whereMatch[1];
+    }
+    // Generate JavaScript mapping
+    if (returnType.includes('int')) {
+      analysis.mapping = {
+        type: 'lookup',
+        returns: `user?.${analysis.returnField}`,
+        description: `Looks up ${tableName}.id where ${tableName}.${analysis.lookupField} = current_user_id`
+      };
+    } else if (returnType.includes('char') || returnType.includes('text')) {
+      // For string returns (like role), map directly
+      const userTableMatch = functionBody.match(/FROM\s+["']?user["']?/i);
+      if (userTableMatch) {
+        // Querying user table directly
+        analysis.mapping = {
+          type: 'direct',
+          returns: `user?.${analysis.returnField}`,
+          description: `Returns user.${analysis.returnField}`
+        };
+      } else {
+        analysis.mapping = {
+          type: 'lookup',
+          returns: `user?.${analysis.returnField}`,
+          description: `Looks up ${tableName}.${analysis.returnField}`
+        };
+      }
+    }
+  }
+  // If we couldn't parse it, make a best guess based on function patterns
+  if (!analysis.mapping) {
+    const funcName = functionBody.match(/FUNCTION\s+(\w+)/i)?.[1] || '';
+    if (funcName.includes('role')) {
+      analysis.mapping = {
+        type: 'inferred',
+        returns: 'user?.role',
+        description: 'Inferred from function name'
+      };
+    } else if (funcName.includes('_id')) {
+      const entity = funcName.replace(/get_current_|_id/gi, '');
+      analysis.mapping = {
+        type: 'inferred',
+        returns: `user?.${entity}_id`,
+        description: 'Inferred from function name'
+      };
+    } else {
+      analysis.mapping = {
+        type: 'unknown',
+        returns: 'null',
+        description: 'Could not analyze function'
+      };
+    }
+  }
+  return analysis;
+}
+/**
+ * Generate a function mapping configuration
+ * This can be saved to a file for manual adjustment if needed
+ */
+function generateMappingConfig(analysisResult) {
+  const config = {
+    // Metadata
+    generated: new Date().toISOString(),
+    source: 'PostgreSQL function analysis',
+    // Function mappings
+    functions: {},
+    // Session variable mappings
+    sessionVariables: {},
+    // User context requirements
+    userContext: {
+      required: [],
+      optional: [],
+      relationships: {}
+    }
+  };
+  // Build function mappings
+  for (const [funcName, mapping] of Object.entries(analysisResult.functionMappings)) {
+    config.functions[funcName] = {
+      javascript: mapping.returns,
+      description: mapping.description,
+      type: mapping.type
+    };
+  }
+  // Build session variable mappings
+  for (const varName of analysisResult.sessionVariables) {
+    if (varName.includes('user_id')) {
+      config.sessionVariables[varName] = 'user.id';
+    } else {
+      // Infer from variable name
+      const key = varName.split('.').pop().replace(/_/g, '');
+      config.sessionVariables[varName] = `user.${key}`;
+    }
+  }
+  // Build user context requirements
+  for (const [field, requirement] of Object.entries(analysisResult.userContextRequirements)) {
+    if (field === 'id') {
+      config.userContext.required.push('id');
+    } else {
+      config.userContext.relationships[field] = requirement;
+      config.userContext.optional.push(field);
+    }
+  }
+  return config;
+}
+module.exports = {
+  analyzeFunctions,
+  analyzeFunctionBody,
+  generateMappingConfig
+};

package/src/parsers/postgresRLSConverter.js ADDED Viewed

@@ -0,0 +1,192 @@
+/**
+ * PostgreSQL RLS to JavaScript/Prisma Converter
+ * Handles real-world PostgreSQL RLS patterns including CASE WHEN, EXISTS, type casts, etc.
+ */
+/**
+ * Convert PostgreSQL RLS expression to JavaScript
+ * @param {string} sql - PostgreSQL RLS expression
+ * @param {string} dataVar - Variable name for row data
+ * @param {string} userVar - Variable name for user context
+ * @returns {string} - JavaScript boolean expression
+ */
+function convertToJavaScript(sql, dataVar = 'data', userVar = 'user') {
+  if (!sql || sql.trim() === '') {
+    return 'true';
+  }
+  sql = sql.trim();
+  // Handle CASE WHEN expressions
+  if (sql.toUpperCase().startsWith('CASE')) {
+    return convertCaseWhen(sql, dataVar, userVar);
+  }
+  // Handle simple role checks: get_current_user_role() = ANY (ARRAY[...])
+  const roleAnyMatch = sql.match(/get_current_user_role\(\)[^=]*=\s*ANY\s*\(\s*(?:\()?ARRAY\s*\[([^\]]+)\]/i);
+  if (roleAnyMatch) {
+    const roles = roleAnyMatch[1]
+      .split(',')
+      .map(r => r.trim())
+      .map(r => r.replace(/::[^,\]]+/g, '')) // Remove type casts
+      .map(r => r.replace(/^'|'$/g, '')) // Remove quotes
+      .map(r => `'${r}'`)
+      .join(', ');
+    return `[${roles}].includes(${userVar}?.role)`;
+  }
+  // Handle EXISTS subqueries - these need manual implementation
+  if (sql.toUpperCase().includes('EXISTS')) {
+    return `true /* EXISTS subquery - requires manual implementation: ${sql.substring(0, 50)}... */`;
+  }
+  // Handle simple comparisons with current_setting
+  const settingMatch = sql.match(/(\w+)\s*=\s*\(\s*current_setting\s*\(\s*'app\.current_user_id'/i);
+  if (settingMatch) {
+    const field = settingMatch[1];
+    return `${dataVar}?.${field} === ${userVar}?.id`;
+  }
+  // Fallback: return true with comment
+  return `true /* Complex RLS - manual implementation needed: ${sql.substring(0, 50)}... */`;
+}
+/**
+ * Convert CASE WHEN expression to JavaScript
+ */
+function convertCaseWhen(sql, dataVar, userVar) {
+  // Extract CASE conditions - improved regex to handle multiline
+  const casePattern = /CASE\s+(\w+\([^)]*\))\s+(WHEN\s+[\s\S]+?)(?:ELSE\s+([\s\S]+?))?END/i;
+  const match = sql.match(casePattern);
+  if (!match) {
+    return `false /* Unparseable CASE expression */`;
+  }
+  const caseExpr = match[1]; // e.g., get_current_user_role()
+  const whenClauses = match[2];
+  const elseClause = match[3];
+  // Determine what function is being called
+  let jsExpr = '';
+  if (caseExpr.includes('get_current_user_role')) {
+    jsExpr = `${userVar}?.role`;
+  } else if (caseExpr.includes('current_user_id')) {
+    jsExpr = `${userVar}?.id`;
+  } else {
+    return `false /* Unsupported CASE expression: ${caseExpr} */`;
+  }
+  // Parse WHEN clauses - improved regex for multiline THEN
+  const whenPattern = /WHEN\s+'([^']+)'(?:::\w+)?\s+THEN\s+([\s\S]+?)(?=\s+WHEN\s+|$)/gi;
+  const whenMatches = [...whenClauses.matchAll(whenPattern)];
+  const conditions = [];
+  for (const whenMatch of whenMatches) {
+    const value = whenMatch[1]; // e.g., 'super_admin'
+    let thenExpr = whenMatch[2].trim(); // e.g., 'true' or complex expression
+    // Remove trailing text before next WHEN or ELSE
+    thenExpr = thenExpr.replace(/\s+(?:WHEN|ELSE)[\s\S]*$/, '').trim();
+    if (thenExpr.toLowerCase() === 'true') {
+      conditions.push(`${jsExpr} === '${value}'`);
+    } else {
+      // Complex THEN expression - try to convert it
+      const convertedThen = convertSimpleExpression(thenExpr, dataVar, userVar);
+      conditions.push(`(${jsExpr} === '${value}' && ${convertedThen})`);
+    }
+  }
+  if (conditions.length === 0) {
+    return 'false';
+  }
+  return conditions.join(' || ');
+}
+/**
+ * Convert simple PostgreSQL expressions
+ */
+function convertSimpleExpression(expr, dataVar, userVar) {
+  expr = expr.trim();
+  // Remove outer parentheses
+  if (expr.startsWith('(') && expr.endsWith(')')) {
+    expr = expr.substring(1, expr.length - 1).trim();
+  }
+  // Handle EXISTS - mark as needing manual implementation (check FIRST before simple patterns)
+  if (expr.toUpperCase().includes('EXISTS')) {
+    return `true /* EXISTS subquery requires manual implementation */`;
+  }
+  // Handle: id = (current_setting('app.current_user_id')::integer)
+  const settingMatch = expr.match(/(\w+)\s*=\s*\(\s*current_setting\s*\(\s*'app\.current_user_id'[^)]*\)[^)]*\)/i);
+  if (settingMatch) {
+    const field = settingMatch[1];
+    return `${dataVar}?.${field} === ${userVar}?.id`;
+  }
+  return 'true /* Requires manual implementation */';
+}
+/**
+ * Convert PostgreSQL RLS expression to Prisma filter
+ * @param {string} sql - PostgreSQL RLS expression
+ * @param {string} userVar - Variable name for user context
+ * @returns {string} - Prisma filter object as string
+ */
+function convertToPrismaFilter(sql, userVar = 'user') {
+  if (!sql || sql.trim() === '') {
+    return '{}';
+  }
+  sql = sql.trim();
+  // Handle CASE WHEN - convert to OR filter
+  if (sql.toUpperCase().startsWith('CASE')) {
+    return convertCaseWhenToPrisma(sql, userVar);
+  }
+  // Handle simple role checks - can't filter on user role in Prisma, return empty
+  const roleAnyMatch = sql.match(/get_current_user_role\(\)[^=]*=\s*ANY\s*\(\s*(?:\()?ARRAY\s*\[([^\]]+)\]/i);
+  if (roleAnyMatch) {
+    // Role-based access can't be filtered in Prisma - must be checked in hasAccess
+    return '{}';
+  }
+  // Handle simple comparisons with current_setting
+  const settingMatch = sql.match(/(\w+)\s*=\s*\(\s*current_setting\s*\(\s*'app\.current_user_id'/i);
+  if (settingMatch) {
+    const field = settingMatch[1];
+    return `{ ${field}: ${userVar}?.id }`;
+  }
+  // Fallback
+  return '{}';
+}
+/**
+ * Convert CASE WHEN to Prisma OR filter
+ */
+function convertCaseWhenToPrisma(sql, userVar) {
+  // For CASE WHEN expressions, extract simple field comparisons
+  const settingMatches = [...sql.matchAll(/(\w+)\s*=\s*\(\s*current_setting\s*\(\s*'app\.current_user_id'/gi)];
+  if (settingMatches.length > 0) {
+    const filters = settingMatches.map(m => `{ ${m[1]}: ${userVar}?.id }`);
+    if (filters.length === 1) {
+      return filters[0];
+    }
+    return `{ OR: [${filters.join(', ')}] }`;
+  }
+  // If no simple filters found, return empty (role-based checks handled in hasAccess)
+  return '{}';
+}
+module.exports = {
+  convertToJavaScript,
+  convertToPrismaFilter
+};