@rebasepro/server-postgresql 0.0.1-canary.dbf160a → 0.0.1-canary.e17585f

package/dist/types/src/types/translations.d.ts

@@ -51,6 +51,8 @@ export interface RebaseTranslations {
     all_entries_loaded: string;
     create_your_first_entry: string;
     no_results_filter_sort: string;
+    /** Shown when a text search yields no results. Supports `{{search}}` interpolation. */
+    no_results_search?: string;
     add: string;
     remove: string;
     copy_id: string;
@@ -390,6 +392,12 @@ export interface RebaseTranslations {
     submit: string;
     no_filterable_properties: string;
     apply_filters: string;
+    /** Label shown on the filter presets dropdown trigger */
+    filter_presets?: string;
+    /** Tooltip shown when hovering over a preset entry */
+    filter_preset_apply?: string;
+    /** Shown when a preset is active, with {{label}} interpolation */
+    filter_preset_active?: string;
     list: string;
     table_view_mode: string;
     cards: string;
@@ -461,6 +469,10 @@ export interface RebaseTranslations {
     reset_password_success?: string;
     reset_password_confirmation?: string;
     error_resetting_password?: string;
+    /** Permission-denied empty states */
+    no_permission_to_view_users?: string;
+    no_permission_to_view_roles?: string;
+    no_permission_description?: string;
     /** Editor table-bubble */
     add_row_before: string;
     add_row_after: string;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@rebasepro/server-postgresql",
   "type": "module",
-  "version": "0.0.1-canary.dbf160a",
+  "version": "0.0.1-canary.e17585f",
   "description": "PostgreSQL data source backend implementation for Rebase with Drizzle ORM",
   "funding": {
     "url": "https://github.com/sponsors/rebaseco"
@@ -64,10 +64,10 @@
     "drizzle-orm": "^0.44.4",
     "execa": "^4.1.0",
     "pg": "^8.11.3",
-    "@rebasepro/server-core": "0.0.1-canary.dbf160a",
-    "@rebasepro/common": "0.0.1-canary.dbf160a",
-    "@rebasepro/types": "0.0.1-canary.dbf160a",
-    "@rebasepro/utils": "0.0.1-canary.dbf160a"
+    "@rebasepro/common": "0.0.1-canary.e17585f",
+    "@rebasepro/server-core": "0.0.1-canary.e17585f",
+    "@rebasepro/utils": "0.0.1-canary.e17585f",
+    "@rebasepro/types": "0.0.1-canary.e17585f"
   },
   "devDependencies": {
     "@types/jest": "^29.5.14",

package/src/PostgresAdapter.ts

@@ -0,0 +1,52 @@
+import { DatabaseAdapter, InitializedDriver, RealtimeProvider, DataDriver, DatabaseAdmin } from "@rebasepro/types";
+import { createPostgresBootstrapper } from "./PostgresBootstrapper";
+// @ts-ignore
+import type { PostgresDriverConfig } from "@rebasepro/server-core";
+
+/**
+ * Creates a Postgres database adapter for Rebase.
+ */
+export function createPostgresAdapter(pgConfig: PostgresDriverConfig): DatabaseAdapter {
+    const bootstrapper = createPostgresBootstrapper(pgConfig);
+    
+    return {
+        type: bootstrapper.type,
+        
+        async initializeDriver(config) {
+            return bootstrapper.initializeDriver(config);
+        },
+        
+        async initializeRealtime(driverResult) {
+            if (bootstrapper.initializeRealtime) {
+                return bootstrapper.initializeRealtime({}, driverResult);
+            }
+            return undefined;
+        },
+        
+        async initializeHistory(config, driverResult) {
+            if (bootstrapper.initializeHistory) {
+                return bootstrapper.initializeHistory(config, driverResult) as any;
+            }
+            return undefined;
+        },
+        
+        initializeWebsockets(server, realtimeService, driver, config) {
+            if (bootstrapper.initializeWebsockets) {
+                return bootstrapper.initializeWebsockets(server, realtimeService, driver, config);
+            }
+        },
+        
+        getAdmin(driverResult) {
+            if (bootstrapper.getAdmin) {
+                return bootstrapper.getAdmin(driverResult);
+            }
+            return undefined;
+        },
+        
+        mountRoutes(app, basePath, driverResult) {
+            if (bootstrapper.mountRoutes) {
+                bootstrapper.mountRoutes(app, basePath, driverResult);
+            }
+        }
+    };
+}

package/src/PostgresBackendDriver.ts

@@ -4,9 +4,9 @@ import { BranchService } from "./services/BranchService";
 import { RealtimeService } from "./services/realtimeService";
 import { DatabasePoolManager } from "./databasePoolManager";
 import { DrizzleClient } from "./interfaces";
-import { User } from "@rebasepro/types";
+import { User, RebaseClient } from "@rebasepro/types";
 import { sql as drizzleSql } from "drizzle-orm";
-import { buildPropertyCallbacks } from "@rebasepro/common";
+import { buildPropertyCallbacks, updateDateAutoValues } from "@rebasepro/common";
 import { PostgresCollectionRegistry } from "./collections/PostgresCollectionRegistry";
 import {
     DataDriver,
@@ -44,6 +44,7 @@ export class PostgresBackendDriver implements DataDriver {
     public branchService?: BranchService;
     public user?: User;
     public data: RebaseData;
+    public client?: RebaseClient;
 
     /**
      * When true, realtime notifications are deferred until after the
@@ -101,6 +102,15 @@ export class PostgresBackendDriver implements DataDriver {
         };
     }
 
+    /**
+     * REST-optimised fetch service (include-aware eager-loading).
+     * Delegates to the underlying EntityFetchService which already
+     * implements the matching method signatures.
+     */
+    get restFetchService() {
+        return this.entityService.getFetchService();
+    }
+
 
     private resolveCollectionCallbacks<M extends Record<string, unknown>>(collection: EntityCollection<M> | undefined, path: string) {
         if (!collection && !path) return { collection: undefined,
@@ -154,7 +164,8 @@ propertyCallbacks: undefined };
             const contextForCallback = {
                 user: this.user,
                 driver: this,
-                data: this.data
+                data: this.data,
+                client: this.client
             } as unknown as RebaseCallContext; // Backend context
             return Promise.all(entities.map(async (entity) => {
                 let fetched = entity;
@@ -263,7 +274,8 @@ propertyCallbacks: undefined };
             const contextForCallback = {
                 user: this.user,
                 driver: this,
-                data: this.data
+                data: this.data,
+                client: this.client
             } as unknown as RebaseCallContext; // Backend context
             if (callbacks?.afterRead) {
                 entity = await callbacks.afterRead({
@@ -345,7 +357,8 @@ propertyCallbacks: undefined };
         const contextForCallback = {
             user: this.user,
             driver: this,
-            data: this.data
+            data: this.data,
+            client: this.client
         } as unknown as RebaseCallContext;
 
         // Fetch previous values for callbacks AND history recording
@@ -386,6 +399,17 @@ propertyCallbacks: undefined };
 
         }
 
+        // Apply autoValue timestamps (on_create / on_update) at the application layer.
+        // This handles updated_at fields for all writes that flow through the Rebase backend.
+        if (resolvedCollection?.properties) {
+            updatedValues = updateDateAutoValues({
+                inputValues: updatedValues,
+                properties: resolvedCollection.properties,
+                status: status ?? "new",
+                timestampNowValue: new Date()
+            });
+        }
+
         try {
             let savedEntity = await this.entityService.saveEntity<M>(
                 path,
@@ -508,7 +532,8 @@ propertyCallbacks: undefined };
         const contextForCallback = {
             user: this.user,
             driver: this,
-            data: this.data
+            data: this.data,
+            client: this.client
         } as unknown as RebaseCallContext;
 
         if (callbacks?.beforeDelete || propertyCallbacks?.beforeDelete) {
@@ -639,7 +664,23 @@ searchString }
         const targetDb = this.getTargetDb(options?.database);
 
         try {
-            if (options?.role) {
+            // Determine if we actually need to switch roles.
+            // Skip SET LOCAL ROLE when the requested role matches the current session role,
+            // as it's a no-op that can fail on managed Postgres setups where the connection
+            // user doesn't have permission to SET ROLE.
+            let needsRoleSwitch = false;
+            if (options?.role && process.env.DISABLE_DB_ROLE_SWITCHING !== "true") {
+                try {
+                    const currentRoleResult = await targetDb.execute(drizzleSql.raw("SELECT current_user AS role"));
+                    const currentRole = (currentRoleResult.rows?.[0] as Record<string, unknown>)?.role as string | undefined;
+                    needsRoleSwitch = !!currentRole && currentRole !== options.role;
+                } catch {
+                    // If we can't determine the current role, attempt the switch anyway
+                    needsRoleSwitch = true;
+                }
+            }
+
+            if (needsRoleSwitch && options?.role) {
                 const safeRole = options.role.replace(/"/g, '""');
                 return await targetDb.transaction(async (tx) => {
                     await tx.execute(drizzleSql.raw(`SET LOCAL ROLE "${safeRole}"`));
@@ -931,6 +972,7 @@ roles: userRoles })}, true)
             txDelegate.entityService = txEntityService;
             txDelegate._deferNotifications = true;
             txDelegate._pendingNotifications = pendingNotifications;
+            txDelegate.client = this.delegate.client;
 
             return await operation(txDelegate);
         });

package/src/PostgresBootstrapper.ts

@@ -2,11 +2,6 @@
  * PostgresBootstrapper
  *
  * Implements the `BackendBootstrapper` interface for PostgreSQL.
- * Encapsulates all Postgres-specific initialization logic that was previously
- * hardcoded inside `initializeRebaseBackend()`.
- *
- * Third-party drivers (MongoDB, MySQL, etc.) can implement their own
- * bootstrapper following this pattern and pass it to the coordinator.
  */
 
 import { getTableName, isTable, Relations, sql } from "drizzle-orm";
@@ -19,6 +14,7 @@ import {
     DatabaseAdmin,
     RealtimeProvider,
     type DataDriver,
+    type AuthAdapter,
     EntityCollection
 } from "@rebasepro/types";
 import { PostgresBackendDriver } from "./PostgresBackendDriver";
@@ -218,13 +214,14 @@ authRepository };
             // Currently Postgres doesn't need additional routes beyond what the coordinator mounts.
         },
 
-        async initializeWebsockets(server: unknown, realtimeService: RealtimeProvider, driver: DataDriver, config?: unknown): Promise<void> {
+        async initializeWebsockets(server: unknown, realtimeService: RealtimeProvider, driver: DataDriver, config?: unknown, adapter?: unknown): Promise<void> {
             const { createPostgresWebSocket } = await import("./websocket");
             createPostgresWebSocket(
                 server as import("http").Server,
                 realtimeService as RealtimeService,
                 driver as PostgresBackendDriver,
-                config as AuthConfig
+                config as AuthConfig,
+                adapter as AuthAdapter | undefined
             );
         }
     };

package/src/auth/ensure-tables.ts

@@ -62,6 +62,9 @@ export async function ensureAuthTablesExist(db: NodePgDatabase): Promise<void> {
                 password_hash TEXT,
                 display_name TEXT,
                 photo_url TEXT,
+                email_verified BOOLEAN DEFAULT FALSE,
+                email_verification_token TEXT,
+                email_verification_sent_at TIMESTAMP WITH TIME ZONE,
                 created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
                 updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
             )
@@ -181,9 +184,6 @@ export async function ensureAuthTablesExist(db: NodePgDatabase): Promise<void> {
             )
         `);
 
-        // Apply any schema alterations for existing databases
-        await applyInternalMigrations(db);
-
         // Create the `auth` schema with Supabase-style helper functions for RLS.
         //   auth.uid()   → returns the current user's ID (reads app.user_id)
         //   auth.jwt()   → returns the full JWT claims as JSONB (reads app.jwt)
@@ -261,121 +261,3 @@ async function seedDefaultRoles(db: NodePgDatabase): Promise<void> {
     console.log("✅ Default roles created: admin, editor, viewer");
 }
 
-/**
- * Apply idempotent alterations for internal Rebase tables.
- * This runs after CREATE TABLE IF NOT EXISTS to ensure existing
- * databases get new columns without needing external Drizzle migrations.
- */
-async function applyInternalMigrations(db: NodePgDatabase): Promise<void> {
-    try {
-        // Users Table Migrations
-        await db.execute(sql`
-            ALTER TABLE rebase.users 
-            ADD COLUMN IF NOT EXISTS email_verified BOOLEAN DEFAULT FALSE,
-            ADD COLUMN IF NOT EXISTS email_verification_token TEXT,
-            ADD COLUMN IF NOT EXISTS email_verification_sent_at TIMESTAMP WITH TIME ZONE
-        `);
-
-        // Migrate Old OAuth Data to user_identities table
-
-        // 1. Check if legacy columns exist
-        const columnsCheck = await db.execute(sql`
-            SELECT column_name 
-            FROM information_schema.columns 
-            WHERE table_schema='rebase' AND table_name='users' AND column_name IN ('google_id', 'linkedin_id', 'provider')
-        `);
-        const existingColumns = columnsCheck.rows.map(r => r.column_name);
-
-        if (existingColumns.includes("google_id")) {
-            // Migrate google users
-            await db.execute(sql`
-                INSERT INTO rebase.user_identities (user_id, provider, provider_id)
-                SELECT id, 'google', google_id
-                FROM rebase.users
-                WHERE google_id IS NOT NULL
-                ON CONFLICT (provider, provider_id) DO NOTHING
-            `);
-        }
-
-        if (existingColumns.includes("linkedin_id")) {
-            // Migrate linkedin users
-            await db.execute(sql`
-                INSERT INTO rebase.user_identities (user_id, provider, provider_id)
-                SELECT id, 'linkedin', linkedin_id
-                FROM rebase.users
-                WHERE linkedin_id IS NOT NULL
-                ON CONFLICT (provider, provider_id) DO NOTHING
-            `);
-        }
-
-        // Now drop legacy columns safely if they exist
-        if (existingColumns.length > 0) {
-            await db.execute(sql`
-                ALTER TABLE rebase.users
-                DROP COLUMN IF EXISTS provider,
-                DROP COLUMN IF EXISTS google_id,
-                DROP COLUMN IF EXISTS linkedin_id
-            `);
-
-            // Drop legacy indexes
-            await db.execute(sql`DROP INDEX IF EXISTS rebase.idx_users_google_id`);
-            await db.execute(sql`DROP INDEX IF EXISTS rebase.idx_users_linkedin_id`);
-
-            console.log("✅ Migrated to user_identities and dropped legacy columns.");
-        }
-
-        // Roles Table Migrations
-        await db.execute(sql`
-            ALTER TABLE rebase.roles 
-            ADD COLUMN IF NOT EXISTS collection_permissions JSONB
-        `);
-
-        // Refresh Tokens Table Migrations
-        await db.execute(sql`
-            ALTER TABLE rebase.refresh_tokens 
-            ADD COLUMN IF NOT EXISTS user_agent TEXT,
-            ADD COLUMN IF NOT EXISTS ip_address TEXT
-        `);
-
-        const constraintCheck = await db.execute(sql`
-            SELECT 1 FROM information_schema.table_constraints 
-            WHERE constraint_name = 'unique_device_session' 
-            AND table_schema = 'rebase'
-            AND table_name = 'refresh_tokens'
-        `);
-
-        if (constraintCheck.rows.length === 0) {
-            try {
-                await db.execute(sql`
-                    ALTER TABLE rebase.refresh_tokens
-                    ADD CONSTRAINT unique_device_session UNIQUE (user_id, user_agent, ip_address)
-                `);
-                console.log("✅ Added unique_device_session constraint");
-            } catch (e: unknown) {
-                const errorMessage = e instanceof Error ? e.message : String(e);
-                if (errorMessage.includes("could not create unique index")) {
-                    console.warn("⚠️ Duplicate sessions found, cleaning up before adding constraint...");
-                    await db.execute(sql`
-                        DELETE FROM rebase.refresh_tokens a
-                        USING rebase.refresh_tokens b
-                        WHERE a.user_id = b.user_id 
-                        AND COALESCE(a.user_agent, '') = COALESCE(b.user_agent, '')
-                        AND COALESCE(a.ip_address, '') = COALESCE(b.ip_address, '')
-                        AND a.created_at < b.created_at
-                    `);
-                    await db.execute(sql`
-                        ALTER TABLE rebase.refresh_tokens
-                        ADD CONSTRAINT unique_device_session UNIQUE (user_id, user_agent, ip_address)
-                    `).catch((retryErr: unknown) => {
-                        const retryMessage = retryErr instanceof Error ? retryErr.message : String(retryErr);
-                        console.error("Failed to add unique_device_session constraint after cleanup:", retryMessage);
-                    });
-                } else {
-                    console.error("Constraint migration issue:", errorMessage);
-                }
-            }
-        }
-    } catch (error) {
-        console.error("❌ Failed to run internal migrations:", error);
-    }
-}

package/src/cli.ts

@@ -43,7 +43,7 @@ export async function runPluginCommand(args: string[]) {
 }
 
 async function dbCommand(subcommand: string, rawArgs: string[]): Promise<void> {
-    const VALID_ACTIONS = ["push", "pull", "generate", "migrate", "studio", "branch"];
+    const VALID_ACTIONS = ["push", "generate", "migrate", "studio", "branch"];
     if (!subcommand || !VALID_ACTIONS.includes(subcommand)) {
         console.error(chalk.red(`Unknown db command. Valid: ${VALID_ACTIONS.join(", ")}`));
         process.exit(1);
@@ -68,6 +68,12 @@ async function dbCommand(subcommand: string, rawArgs: string[]): Promise<void> {
         console.log("");
         console.log(`  You can now run ${chalk.bold.green("rebase db migrate")} to apply the migrations to your database.`);
         console.log("");
+    } else if (subcommand === "pull") {
+        console.log("");
+        console.log(chalk.yellow("  ⚠ \"rebase db pull\" has been removed."));
+        console.log(chalk.gray("  Use \"rebase schema introspect\" instead."));
+        console.log("");
+        process.exit(1);
     } else {
         console.log("");
         console.log(chalk.bold(`  🗄️  Rebase DB ${subcommand.charAt(0).toUpperCase() + subcommand.slice(1)}`));
@@ -538,9 +544,11 @@ async function schemaCommand(subcommand: string, rawArgs: string[]): Promise<voi
         const argsList = arg(
             {
                 "--output": String,
+                "--collections": String,
                 "--force": Boolean,
                 "--schema": String,
                 "-o": "--output",
+                "-c": "--collections",
                 "-f": "--force"
             },
             {
@@ -561,7 +569,7 @@ async function schemaCommand(subcommand: string, rawArgs: string[]): Promise<voi
             process.exit(1);
         }
 
-        const outputPath = argsList["--output"] || path.join("config", "collections");
+        const outputPath = argsList["--output"] || argsList["--collections"] || path.join("..", "config", "collections");
 
         console.log("");
         console.log(chalk.bold("  🔍 Rebase Schema Introspector"));

package/src/data-transformer.ts

@@ -258,7 +258,26 @@ export function serializePropertyToServer(value: unknown, property: Property): u
             }
             return value;
 
+        case "string":
+            if (typeof value === "string") {
+                if (value.startsWith("data:application/octet-stream;base64,")) {
+                    const base64Data = value.split(",")[1];
+                    if (base64Data) {
+                        return Buffer.from(base64Data, "base64");
+                    }
+                }
+            }
+            return value;
+
         default:
+            if (typeof value === "string") {
+                if (value.startsWith("data:application/octet-stream;base64,")) {
+                    const base64Data = value.split(",")[1];
+                    if (base64Data) {
+                        return Buffer.from(base64Data, "base64");
+                    }
+                }
+            }
             return value;
     }
 }
@@ -447,6 +466,45 @@ export function parsePropertyFromServer(value: unknown, property: Property, coll
     }
 
     switch (property.type) {
+        case "string": {
+            if (typeof value === "string") return value;
+            
+            // Handle Buffer objects (e.g. from PostgreSQL bytea columns)
+            let isBuffer = false;
+            let buf: Buffer | null = null;
+            
+            if (Buffer.isBuffer(value)) {
+                isBuffer = true;
+                buf = value;
+            } else if (typeof value === "object" && value !== null && (value as any).type === "Buffer" && Array.isArray((value as any).data)) {
+                isBuffer = true;
+                buf = Buffer.from((value as any).data);
+            }
+            
+            if (isBuffer && buf) {
+                // Heuristic: if all bytes are printable ASCII, return utf8, else base64
+                let isPrintable = true;
+                for (let i = 0; i < buf.length; i++) {
+                    const b = buf[i];
+                    // Allow standard printable ASCII + common whitespace (\r, \n, \t)
+                    if ((b < 32 || b > 126) && b !== 9 && b !== 10 && b !== 13) {
+                        isPrintable = false;
+                        break;
+                    }
+                }
+                return isPrintable ? buf.toString("utf8") : `data:application/octet-stream;base64,${buf.toString("base64")}`;
+            }
+            
+            if (typeof value === "object" && value !== null) {
+                try {
+                    return JSON.stringify(value);
+                } catch {
+                    return String(value);
+                }
+            }
+            return String(value);
+        }
+
         case "relation":
             // Transform ID back to relation object with type information
             if (typeof value === "string" || typeof value === "number") {
@@ -538,8 +596,33 @@ export function parsePropertyFromServer(value: unknown, property: Property, coll
             return null;
         }
 
-        default:
+        default: {
+            // Fallback for buffers in case they are mapped to something other than string
+            let isBuffer = false;
+            let buf: Buffer | null = null;
+            
+            if (Buffer.isBuffer(value)) {
+                isBuffer = true;
+                buf = value;
+            } else if (typeof value === "object" && value !== null && (value as any).type === "Buffer" && Array.isArray((value as any).data)) {
+                isBuffer = true;
+                buf = Buffer.from((value as any).data);
+            }
+            
+            if (isBuffer && buf) {
+                let isPrintable = true;
+                for (let i = 0; i < buf.length; i++) {
+                    const b = buf[i];
+                    if ((b < 32 || b > 126) && b !== 9 && b !== 10 && b !== 13) {
+                        isPrintable = false;
+                        break;
+                    }
+                }
+                return isPrintable ? buf.toString("utf8") : `data:application/octet-stream;base64,${buf.toString("base64")}`;
+            }
+            
             return value;
+        }
     }
 }
 

package/src/index.ts

@@ -11,3 +11,4 @@ export * from "./websocket";
 export * from "./collections/PostgresCollectionRegistry";
 export * from "./services/BranchService";
 export * from "./PostgresBootstrapper";
+export * from "./PostgresAdapter";

package/src/schema/doctor.ts

@@ -17,6 +17,18 @@ import { generateSchema } from "./generate-drizzle-schema-logic";
 import { getTableName, resolveCollectionRelations, findRelation } from "@rebasepro/common";
 import { toSnakeCase } from "@rebasepro/utils";
 
+/**
+ * Resolve the SQL column name for a property.
+ * Uses the explicit `columnName` when set (e.g. from introspection),
+ * falling back to `toSnakeCase(propName)` for manually-authored collections.
+ */
+const resolveColumnName = (propName: string, prop?: Property | null): string => {
+    if (prop && "columnName" in prop && typeof prop.columnName === "string") {
+        return prop.columnName;
+    }
+    return toSnakeCase(propName);
+};
+
 // ── Types ────────────────────────────────────────────────────────────────
 
 export type IssueSeverity = "error" | "warning" | "info";
@@ -316,7 +328,7 @@ export async function checkCollectionsVsDatabase(
                     const resolvedRelations = resolveCollectionRelations(collection);
                     const relation = findRelation(resolvedRelations, (prop as RelationProperty).relationName ?? propName);
                     if (relation?.direction === "owning" && relation.cardinality === "one" && relation.localKey) {
-                        const fkColName = toSnakeCase(relation.localKey);
+                        const fkColName = relation.localKey;
                         if (!dbColumnMap.has(fkColName)) {
                             issues.push({
                                 severity: "error",
@@ -349,7 +361,7 @@ export async function checkCollectionsVsDatabase(
                     continue;
                 }
 
-                const colName = toSnakeCase(propName);
+                const colName = resolveColumnName(propName, prop);
 
                 // Skip system columns — they're handled automatically
                 if (systemColumns.has(colName)) continue;