@rpcbase/server 0.489.0 → 0.490.0

package/dist/rts/index.js

@@ -1,631 +0,0 @@
-import { randomUUID } from "node:crypto";
-import { models } from "@rpcbase/db";
-import { buildAbilityFromSession, getTenantRolesFromSessionUser, buildAbility, getAccessibleByQuery } from "@rpcbase/db/acl";
-import { WebSocketServer } from "ws";
-const routes = Object.entries({
-  .../* @__PURE__ */ Object.assign({ "./api/changes/handler.ts": () => import("../handler-CedzJJg0.js") })
-}).reduce((acc, [path, mod]) => {
-  acc[path.replace("./api/", "@rpcbase/server/rts/api/")] = mod;
-  return acc;
-}, {});
-const TENANT_ID_QUERY_PARAM = "rb-tenant-id";
-const USER_ID_HEADER = "rb-user-id";
-const QUERY_KEY_MAX_LEN = 4096;
-const QUERY_MAX_LIMIT = 4096;
-const INTERNAL_MODEL_NAMES = /* @__PURE__ */ new Set(["RBRtsChange", "RBRtsCounter"]);
-const DEFAULT_MAX_PAYLOAD_BYTES = 1024 * 1024;
-const DEFAULT_MAX_SUBSCRIPTIONS_PER_SOCKET = 256;
-const DEFAULT_DISPATCH_DEBOUNCE_MS = 25;
-const initializedServers = /* @__PURE__ */ new WeakSet();
-const customHandlers = [];
-const sockets = /* @__PURE__ */ new Map();
-const socketMeta = /* @__PURE__ */ new Map();
-const socketWrappers = /* @__PURE__ */ new Map();
-const socketCleanup = /* @__PURE__ */ new Map();
-const socketSubscriptions = /* @__PURE__ */ new Map();
-const subscriptions = /* @__PURE__ */ new Map();
-const changeStreams = /* @__PURE__ */ new Map();
-const dispatchTimers = /* @__PURE__ */ new Map();
-const upgradeMeta = /* @__PURE__ */ new WeakMap();
-let maxPayloadBytes = DEFAULT_MAX_PAYLOAD_BYTES;
-let maxSubscriptionsPerSocket = DEFAULT_MAX_SUBSCRIPTIONS_PER_SOCKET;
-let dispatchDebounceMs = DEFAULT_DISPATCH_DEBOUNCE_MS;
-let allowInternalModels = false;
-class RtsSocket {
-  id;
-  tenantId;
-  userId;
-  ws;
-  handlers = /* @__PURE__ */ new Map();
-  constructor({
-    id,
-    ws,
-    meta
-  }) {
-    this.id = id;
-    this.ws = ws;
-    this.tenantId = meta.tenantId;
-    this.userId = meta.userId;
-  }
-  on(event, handler) {
-    const set = this.handlers.get(event) ?? /* @__PURE__ */ new Set();
-    set.add(handler);
-    this.handlers.set(event, set);
-    return () => this.off(event, handler);
-  }
-  off(event, handler) {
-    const set = this.handlers.get(event);
-    if (!set) return;
-    set.delete(handler);
-    if (!set.size) this.handlers.delete(event);
-  }
-  emit(event, payload) {
-    sendWs(this.ws, { type: "event", event, payload });
-  }
-  close() {
-    try {
-      this.ws.close();
-    } catch {
-    }
-  }
-  dispatch(event, payload) {
-    const set = this.handlers.get(event);
-    if (!set) return;
-    for (const handler of set) {
-      handler(payload);
-    }
-  }
-}
-const rawToText = (raw) => {
-  if (typeof raw === "string") return raw;
-  if (raw instanceof ArrayBuffer) return Buffer.from(raw).toString();
-  if (Array.isArray(raw)) return Buffer.concat(raw).toString();
-  return raw.toString();
-};
-const safeJsonParse = (raw) => JSON.parse(rawToText(raw));
-const sendWs = (ws, message) => {
-  if (ws.readyState !== 1) return;
-  ws.send(JSON.stringify(message));
-};
-const redactErrorMessage = (err) => {
-  const raw = err instanceof Error ? err.message : "Unknown error";
-  const trimmedModelList = raw.replace(/\.\s+Available models:[\s\S]*$/, "");
-  const maxLen = 256;
-  if (trimmedModelList.length <= maxLen) return trimmedModelList;
-  return trimmedModelList.slice(0, maxLen);
-};
-const unauthorized = (socket, message = "Unauthorized") => {
-  try {
-    socket.write("HTTP/1.1 401 Unauthorized\r\n\r\n");
-    socket.write(`Error: ${message}\r
-`);
-    socket.end();
-  } catch {
-    socket.destroy();
-  }
-};
-const badRequest = (socket, message = "Bad Request") => {
-  try {
-    socket.write("HTTP/1.1 400 Bad Request\r\n\r\n");
-    socket.write(`Error: ${message}\r
-`);
-    socket.end();
-  } catch {
-    socket.destroy();
-  }
-};
-const runSessionMiddleware = async (sessionMiddleware, req) => {
-  await new Promise((resolve, reject) => {
-    const next = (err) => {
-      if (err) reject(err);
-      else resolve();
-    };
-    sessionMiddleware(req, {}, next);
-  });
-};
-const parseUpgradeMeta = async ({
-  req,
-  url,
-  sessionMiddleware
-}) => {
-  const tenantId = url.searchParams.get(TENANT_ID_QUERY_PARAM);
-  if (!tenantId) {
-    throw new Error("Missing rb-tenant-id query parameter");
-  }
-  if (sessionMiddleware) {
-    const upgradeReq = req;
-    try {
-      await runSessionMiddleware(sessionMiddleware, upgradeReq);
-    } catch {
-      throw new Error("Failed to load session for RTS");
-    }
-    const sessionUser = upgradeReq.session?.user;
-    const sessionUserId = sessionUser?.id;
-    if (!sessionUserId) {
-      throw new Error("Not signed in (missing session.user.id)");
-    }
-    const signedInTenants = sessionUser?.signedInTenants;
-    const currentTenantId = sessionUser?.currentTenantId;
-    if (Array.isArray(signedInTenants) && signedInTenants.length > 0) {
-      if (!signedInTenants.includes(tenantId)) {
-        throw new Error("Tenant not authorized for this session");
-      }
-    } else if (currentTenantId) {
-      if (currentTenantId !== tenantId) {
-        throw new Error("Tenant not authorized for this session");
-      }
-    } else {
-      throw new Error("Tenant not authorized for this session");
-    }
-    const ability2 = buildAbilityFromSession({ tenantId, session: upgradeReq.session });
-    return { tenantId, userId: sessionUserId, ability: ability2 };
-  }
-  const raw = req.headers[USER_ID_HEADER];
-  const headerUserId = Array.isArray(raw) ? raw[0] : raw;
-  if (!headerUserId) {
-    throw new Error("Missing rb-user-id header (reverse-proxy) and no session middleware configured");
-  }
-  const rbCtx = { req: { session: null } };
-  const User = await models.getGlobal("RBUser", rbCtx);
-  const user = await User.findById(headerUserId, { tenants: 1, tenantRoles: 1 }).lean();
-  const tenantsRaw = user?.tenants;
-  const tenants = Array.isArray(tenantsRaw) ? tenantsRaw.map((t) => String(t)) : [];
-  if (!tenants.includes(tenantId)) {
-    throw new Error("Tenant not authorized for this session");
-  }
-  const roles = getTenantRolesFromSessionUser(user, tenantId);
-  const ability = buildAbility({ tenantId, userId: headerUserId, roles: roles.length ? roles : ["owner"] });
-  return { tenantId, userId: headerUserId, ability };
-};
-const getTenantModel = async (tenantId, modelName) => {
-  const ctx = {
-    req: {
-      session: {
-        user: {
-          currentTenantId: tenantId
-        }
-      }
-    }
-  };
-  return models.get(modelName, ctx);
-};
-const normalizeLimit = (limit) => {
-  if (typeof limit !== "number") return QUERY_MAX_LIMIT;
-  if (!Number.isFinite(limit)) return QUERY_MAX_LIMIT;
-  return Math.min(QUERY_MAX_LIMIT, Math.abs(limit));
-};
-const normalizeOptions = (options) => {
-  if (!options || typeof options !== "object") return {};
-  const normalized = {};
-  if (options.projection && typeof options.projection === "object" && !Array.isArray(options.projection)) {
-    normalized.projection = options.projection;
-  }
-  if (options.sort && typeof options.sort === "object" && !Array.isArray(options.sort)) {
-    normalized.sort = options.sort;
-  }
-  normalized.limit = normalizeLimit(options.limit);
-  return normalized;
-};
-const makeDispatchKey = (tenantId, modelName) => `${tenantId}:${modelName}`;
-const clearDispatchTimer = (tenantId, modelName) => {
-  const key = makeDispatchKey(tenantId, modelName);
-  const timer = dispatchTimers.get(key);
-  if (!timer) return;
-  clearTimeout(timer);
-  dispatchTimers.delete(key);
-};
-const scheduleDispatchSubscriptionsForModel = (tenantId, modelName) => {
-  const key = makeDispatchKey(tenantId, modelName);
-  if (dispatchTimers.has(key)) return;
-  const delay = Math.max(0, Math.min(1e3, Math.floor(dispatchDebounceMs)));
-  dispatchTimers.set(key, setTimeout(() => {
-    dispatchTimers.delete(key);
-    void dispatchSubscriptionsForModel(tenantId, modelName);
-  }, delay));
-};
-const runAndSendQuery = async ({
-  tenantId,
-  targetSocketIds,
-  ability,
-  modelName,
-  queryKey,
-  query,
-  options
-}) => {
-  if (!ability.can("read", modelName)) {
-    const payload2 = { type: "query-payload", modelName, queryKey, error: "forbidden" };
-    for (const socketId of targetSocketIds) {
-      const ws = sockets.get(socketId);
-      if (!ws) continue;
-      sendWs(ws, payload2);
-    }
-    return;
-  }
-  const model = await getTenantModel(tenantId, modelName);
-  const projection = options.projection ?? void 0;
-  const sort = options.sort;
-  const limit = normalizeLimit(options.limit);
-  const accessQuery = getAccessibleByQuery(ability, "read", modelName);
-  const finalQuery = { $and: [query, accessQuery] };
-  const queryPromise = model.find(finalQuery, projection);
-  if (sort && Object.keys(sort).length) {
-    queryPromise.sort(sort);
-  }
-  queryPromise.limit(limit);
-  const data = await queryPromise;
-  const payload = { type: "query-payload", modelName, queryKey, data };
-  for (const socketId of targetSocketIds) {
-    const ws = sockets.get(socketId);
-    if (!ws) continue;
-    sendWs(ws, payload);
-  }
-};
-const dispatchSubscriptionsForModel = async (tenantId, modelName) => {
-  const tenantSubs = subscriptions.get(tenantId);
-  if (!tenantSubs || !tenantSubs.size) return;
-  for (const userSubs of tenantSubs.values()) {
-    const modelSubs = userSubs.get(modelName);
-    if (!modelSubs || !modelSubs.size) continue;
-    for (const [queryKey, sub] of modelSubs.entries()) {
-      const targetSocketIds = Array.from(sub.socketIds);
-      if (!targetSocketIds.length) continue;
-      const socketId = targetSocketIds[0];
-      const meta = socketMeta.get(socketId);
-      const ability = meta?.ability;
-      if (!ability) continue;
-      try {
-        await runAndSendQuery({
-          tenantId,
-          targetSocketIds,
-          ability,
-          modelName,
-          queryKey,
-          query: sub.query,
-          options: sub.options
-        });
-      } catch (err) {
-        const error = redactErrorMessage(err);
-        const payload = { type: "query-payload", modelName, queryKey, error };
-        for (const socketId2 of targetSocketIds) {
-          const ws = sockets.get(socketId2);
-          if (!ws) continue;
-          sendWs(ws, payload);
-        }
-      }
-    }
-  }
-};
-const ensureChangeStream = async (tenantId, modelName) => {
-  const tenantStreams = changeStreams.get(tenantId) ?? /* @__PURE__ */ new Map();
-  changeStreams.set(tenantId, tenantStreams);
-  if (tenantStreams.has(modelName)) return;
-  const model = await getTenantModel(tenantId, modelName);
-  const stream = model.watch([], {
-    fullDocument: "updateLookup"
-  });
-  stream.on("change", () => {
-    scheduleDispatchSubscriptionsForModel(tenantId, modelName);
-  });
-  stream.on("close", () => {
-    clearDispatchTimer(tenantId, modelName);
-    const map = changeStreams.get(tenantId);
-    map?.delete(modelName);
-    if (map && map.size === 0) changeStreams.delete(tenantId);
-  });
-  stream.on("error", () => {
-    try {
-      clearDispatchTimer(tenantId, modelName);
-      stream.close();
-    } catch {
-    }
-  });
-  tenantStreams.set(modelName, stream);
-};
-const addSocketSubscription = ({
-  socketId,
-  tenantId,
-  userId,
-  modelName,
-  queryKey,
-  query,
-  options
-}) => {
-  const tenantSubs = subscriptions.get(tenantId) ?? /* @__PURE__ */ new Map();
-  subscriptions.set(tenantId, tenantSubs);
-  const userSubs = tenantSubs.get(userId) ?? /* @__PURE__ */ new Map();
-  tenantSubs.set(userId, userSubs);
-  const modelSubs = userSubs.get(modelName) ?? /* @__PURE__ */ new Map();
-  userSubs.set(modelName, modelSubs);
-  const existing = modelSubs.get(queryKey);
-  if (existing) {
-    existing.socketIds.add(socketId);
-  } else {
-    modelSubs.set(queryKey, {
-      query,
-      options,
-      socketIds: /* @__PURE__ */ new Set([socketId])
-    });
-  }
-  const byModel = socketSubscriptions.get(socketId) ?? /* @__PURE__ */ new Map();
-  socketSubscriptions.set(socketId, byModel);
-  const querySet = byModel.get(modelName) ?? /* @__PURE__ */ new Set();
-  byModel.set(modelName, querySet);
-  querySet.add(queryKey);
-};
-const removeSocketSubscription = ({
-  socketId,
-  tenantId,
-  userId,
-  modelName,
-  queryKey
-}) => {
-  const tenantSubs = subscriptions.get(tenantId);
-  const userSubs = tenantSubs?.get(userId);
-  const modelSubs = userSubs?.get(modelName);
-  const sub = modelSubs?.get(queryKey);
-  if (sub) {
-    sub.socketIds.delete(socketId);
-    if (!sub.socketIds.size) {
-      modelSubs?.delete(queryKey);
-    }
-  }
-  const byModel = socketSubscriptions.get(socketId);
-  const set = byModel?.get(modelName);
-  if (set) {
-    set.delete(queryKey);
-    if (!set.size) {
-      byModel?.delete(modelName);
-    }
-  }
-  if (modelSubs && modelSubs.size === 0) {
-    userSubs?.delete(modelName);
-  }
-  if (userSubs && userSubs.size === 0) {
-    tenantSubs?.delete(userId);
-  }
-  const hasAnyModelSubs = (() => {
-    const byUser = subscriptions.get(tenantId);
-    if (!byUser) return false;
-    for (const subs of byUser.values()) {
-      const modelSubs2 = subs.get(modelName);
-      if (modelSubs2 && modelSubs2.size > 0) return true;
-    }
-    return false;
-  })();
-  if (!hasAnyModelSubs) {
-    const tenantStreams = changeStreams.get(tenantId);
-    const stream = tenantStreams?.get(modelName);
-    if (stream) {
-      try {
-        stream.close();
-      } catch {
-      }
-      clearDispatchTimer(tenantId, modelName);
-      tenantStreams?.delete(modelName);
-      if (tenantStreams && tenantStreams.size === 0) changeStreams.delete(tenantId);
-    }
-  }
-  if (tenantSubs && tenantSubs.size === 0) subscriptions.delete(tenantId);
-  if (byModel && byModel.size === 0) socketSubscriptions.delete(socketId);
-};
-const cleanupSocket = (socketId) => {
-  const meta = socketMeta.get(socketId);
-  if (meta) {
-    const byModel = socketSubscriptions.get(socketId);
-    if (byModel) {
-      for (const [modelName, keys] of byModel.entries()) {
-        for (const queryKey of keys.values()) {
-          removeSocketSubscription({
-            socketId,
-            tenantId: meta.tenantId,
-            userId: meta.userId,
-            modelName,
-            queryKey
-          });
-        }
-      }
-    }
-  }
-  socketSubscriptions.delete(socketId);
-  const cleanupFns = socketCleanup.get(socketId) ?? [];
-  socketCleanup.delete(socketId);
-  for (const fn of cleanupFns) {
-    try {
-      fn();
-    } catch {
-    }
-  }
-  sockets.delete(socketId);
-  socketMeta.delete(socketId);
-  socketWrappers.delete(socketId);
-};
-const handleClientMessage = async ({
-  socketId,
-  meta,
-  message
-}) => {
-  const ws = sockets.get(socketId);
-  if (!ws) return;
-  if (message.type === "event") {
-    const wrapper = socketWrappers.get(socketId);
-    wrapper?.dispatch(message.event, message.payload);
-    return;
-  }
-  if (!message.modelName || typeof message.modelName !== "string") return;
-  if (!allowInternalModels && INTERNAL_MODEL_NAMES.has(message.modelName)) {
-    sendWs(ws, { type: "query-payload", modelName: message.modelName, queryKey: message.queryKey ?? "", error: "Model not allowed" });
-    return;
-  }
-  if (!message.queryKey || typeof message.queryKey !== "string") return;
-  if (message.queryKey.length > QUERY_KEY_MAX_LEN) return;
-  if (message.type === "remove-query") {
-    removeSocketSubscription({
-      socketId,
-      tenantId: meta.tenantId,
-      userId: meta.userId,
-      modelName: message.modelName,
-      queryKey: message.queryKey
-    });
-    return;
-  }
-  if (!message.query || typeof message.query !== "object") return;
-  const options = normalizeOptions(message.options);
-  const ability = meta.ability;
-  if (!ability.can("read", message.modelName)) {
-    sendWs(ws, { type: "query-payload", modelName: message.modelName, queryKey: message.queryKey, error: "forbidden" });
-    return;
-  }
-  if (message.type === "register-query") {
-    const existing = socketSubscriptions.get(socketId)?.get(message.modelName)?.has(message.queryKey) ?? false;
-    if (!existing) {
-      let count = 0;
-      const byModel = socketSubscriptions.get(socketId);
-      if (byModel) {
-        for (const set of byModel.values()) count += set.size;
-      }
-      if (count >= maxSubscriptionsPerSocket) {
-        sendWs(ws, { type: "query-payload", modelName: message.modelName, queryKey: message.queryKey, error: "Too many subscriptions" });
-        return;
-      }
-    }
-    addSocketSubscription({
-      socketId,
-      tenantId: meta.tenantId,
-      userId: meta.userId,
-      modelName: message.modelName,
-      queryKey: message.queryKey,
-      query: message.query,
-      options
-    });
-    try {
-      await ensureChangeStream(meta.tenantId, message.modelName);
-    } catch (err) {
-      const error = redactErrorMessage(err);
-      sendWs(ws, { type: "query-payload", modelName: message.modelName, queryKey: message.queryKey, error });
-      return;
-    }
-  }
-  try {
-    await runAndSendQuery({
-      tenantId: meta.tenantId,
-      targetSocketIds: [socketId],
-      ability,
-      modelName: message.modelName,
-      queryKey: message.queryKey,
-      query: message.query,
-      options
-    });
-  } catch (err) {
-    const error = redactErrorMessage(err);
-    sendWs(ws, { type: "query-payload", modelName: message.modelName, queryKey: message.queryKey, error });
-  }
-};
-const initRts = ({
-  server,
-  path = "/rts",
-  sessionMiddleware,
-  maxPayloadBytes: maxPayloadBytesArg,
-  maxSubscriptionsPerSocket: maxSubscriptionsPerSocketArg,
-  dispatchDebounceMs: dispatchDebounceMsArg,
-  allowInternalModels: allowInternalModelsArg
-}) => {
-  if (initializedServers.has(server)) return;
-  initializedServers.add(server);
-  if (typeof maxPayloadBytesArg === "number" && Number.isFinite(maxPayloadBytesArg) && maxPayloadBytesArg > 0) {
-    maxPayloadBytes = Math.floor(maxPayloadBytesArg);
-  }
-  if (typeof maxSubscriptionsPerSocketArg === "number" && Number.isFinite(maxSubscriptionsPerSocketArg) && maxSubscriptionsPerSocketArg > 0) {
-    maxSubscriptionsPerSocket = Math.floor(maxSubscriptionsPerSocketArg);
-  }
-  if (typeof dispatchDebounceMsArg === "number" && Number.isFinite(dispatchDebounceMsArg) && dispatchDebounceMsArg >= 0) {
-    dispatchDebounceMs = Math.floor(dispatchDebounceMsArg);
-  }
-  allowInternalModels = Boolean(allowInternalModelsArg);
-  const wss = new WebSocketServer({ noServer: true, maxPayload: maxPayloadBytes });
-  server.on("upgrade", (req, socket, head) => {
-    upgradeMeta.delete(req);
-    let url;
-    try {
-      url = new URL(req.url ?? "", `http://${req.headers.host ?? "localhost"}`);
-    } catch {
-      badRequest(socket, "Invalid URL");
-      return;
-    }
-    if (url.pathname !== path) return;
-    void (async () => {
-      try {
-        const meta = await parseUpgradeMeta({ req, url, sessionMiddleware });
-        upgradeMeta.set(req, meta);
-        wss.handleUpgrade(req, socket, head, (ws) => {
-          wss.emit("connection", ws, req);
-        });
-      } catch (err) {
-        const message = err instanceof Error ? err.message : "RTS upgrade failed";
-        if (message.startsWith("Missing rb-tenant-id")) {
-          badRequest(socket, message);
-          return;
-        }
-        unauthorized(socket, message);
-        return;
-      }
-    })().catch(() => {
-      badRequest(socket, "RTS upgrade failed");
-    });
-  });
-  wss.on("connection", (ws, req) => {
-    const meta = upgradeMeta.get(req);
-    upgradeMeta.delete(req);
-    if (!meta) {
-      try {
-        ws.close();
-      } catch {
-      }
-      return;
-    }
-    const socketId = randomUUID();
-    sockets.set(socketId, ws);
-    socketMeta.set(socketId, meta);
-    const wrapper = new RtsSocket({ id: socketId, ws, meta });
-    socketWrappers.set(socketId, wrapper);
-    const cleanupFns = [];
-    for (const handler of customHandlers) {
-      try {
-        const cleanup = handler(wrapper);
-        if (typeof cleanup === "function") cleanupFns.push(cleanup);
-      } catch {
-      }
-    }
-    if (cleanupFns.length) socketCleanup.set(socketId, cleanupFns);
-    ws.on("message", (raw) => {
-      let parsed;
-      try {
-        parsed = safeJsonParse(raw);
-      } catch {
-        return;
-      }
-      if (!parsed || typeof parsed !== "object") return;
-      const message = parsed;
-      if (message.type !== "event" && message.type !== "run-query" && message.type !== "register-query" && message.type !== "remove-query") return;
-      void handleClientMessage({ socketId, meta, message });
-    });
-    ws.on("close", () => {
-      cleanupSocket(socketId);
-    });
-    ws.on("error", () => {
-      cleanupSocket(socketId);
-    });
-  });
-};
-const registerRtsHandler = (handler) => {
-  customHandlers.push(handler);
-};
-const notifyRtsModelChanged = (tenantId, modelName) => {
-  scheduleDispatchSubscriptionsForModel(tenantId, modelName);
-};
-export {
-  initRts,
-  notifyRtsModelChanged,
-  registerRtsHandler,
-  routes
-};
-//# sourceMappingURL=index.js.map