@snowtop/ent 0.1.0-alpha6 → 0.1.0-alpha60

package/action/orchestrator.js

@@ -1,14 +1,36 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.EntChangeset = exports.Orchestrator = exports.edgeDirection = void 0;
 const ent_1 = require("../core/ent");
 const schema_1 = require("../schema/schema");
 const action_1 = require("../action");
-const snake_case_1 = require("snake-case");
-const camel_case_1 = require("camel-case");
 const privacy_1 = require("../core/privacy");
 const executor_1 = require("./executor");
 const logger_1 = require("../core/logger");
+const memoizee_1 = __importDefault(require("memoizee"));
+const clause = __importStar(require("../core/clause"));
 var edgeDirection;
 (function (edgeDirection) {
     edgeDirection[edgeDirection["inboundEdge"] = 0] = "inboundEdge";
@@ -62,6 +84,9 @@ class Orchestrator {
         this.defaultFieldsByFieldName = {};
         this.defaultFieldsByTSName = {};
         this.viewer = options.viewer;
+        this.actualOperation = this.options.operation;
+        this.existingEnt = this.options.builder.existingEnt;
+        this.memoizedGetFields = (0, memoizee_1.default)(this.getFieldsInfo.bind(this));
     }
     addEdge(edge, op) {
         this.edgeSet.add(edge.edgeType);
@@ -80,6 +105,9 @@ class Orchestrator {
         m1.set(op, m2);
         this.edges.set(edge.edgeType, m1);
     }
+    setDisableTransformations(val) {
+        this.disableTransformations = val;
+    }
     addInboundEdge(id1, edgeType, nodeType, options) {
         this.addEdge(new edgeInputData({
             id: id1,
@@ -135,24 +163,28 @@ class Orchestrator {
     }
     buildMainOp() {
         // this assumes we have validated fields
-        switch (this.options.operation) {
+        switch (this.actualOperation) {
             case action_1.WriteOperation.Delete:
-                return new ent_1.DeleteNodeOperation(this.options.builder.existingEnt.id, {
+                return new ent_1.DeleteNodeOperation(this.existingEnt.id, {
                     tableName: this.options.tableName,
                 });
             default:
+                if (this.actualOperation === action_1.WriteOperation.Edit && !this.existingEnt) {
+                    throw new Error(`existing ent required with operation ${this.actualOperation}`);
+                }
                 const opts = {
                     fields: this.validatedFields,
                     tableName: this.options.tableName,
                     fieldsToResolve: this.fieldsToResolve,
                     key: this.options.key,
-                    ent: this.options.loaderOptions.ent,
+                    loadEntOptions: this.options.loaderOptions,
                     placeholderID: this.options.builder.placeholderID,
+                    whereClause: clause.Eq(this.options.key, this.existingEnt?.id),
                 };
                 if (this.logValues) {
                     opts.fieldsToLog = this.logValues;
                 }
-                this.mainOp = new ent_1.EditNodeOperation(opts, this.options.builder.existingEnt);
+                this.mainOp = new ent_1.EditNodeOperation(opts, this.existingEnt);
                 return this.mainOp;
         }
     }
@@ -219,75 +251,173 @@ class Orchestrator {
         if (!privacyPolicy || !action) {
             throw new Error(`shouldn't get here if no privacyPolicy for action`);
         }
-        if (this.options.operation === action_1.WriteOperation.Insert) {
+        if (this.actualOperation === action_1.WriteOperation.Insert) {
             return new EntCannotCreateEntError(privacyPolicy, action);
         }
-        else if (this.options.operation === action_1.WriteOperation.Edit) {
-            return new EntCannotEditEntError(privacyPolicy, action, this.options.builder.existingEnt);
+        else if (this.actualOperation === action_1.WriteOperation.Edit) {
+            return new EntCannotEditEntError(privacyPolicy, action, this.existingEnt);
         }
-        return new EntCannotDeleteEntError(privacyPolicy, action, this.options.builder.existingEnt);
+        return new EntCannotDeleteEntError(privacyPolicy, action, this.existingEnt);
     }
-    getEntForPrivacyPolicy(editedData) {
-        if (this.options.operation !== action_1.WriteOperation.Insert) {
-            return this.options.builder.existingEnt;
+    getEntForPrivacyPolicyImpl(editedData) {
+        if (this.actualOperation !== action_1.WriteOperation.Insert) {
+            return this.existingEnt;
         }
         // we create an unsafe ent to be used for privacy policies
         return new this.options.builder.ent(this.options.builder.viewer, editedData);
     }
+    getSQLStatementOperation() {
+        switch (this.actualOperation) {
+            case action_1.WriteOperation.Edit:
+                return schema_1.SQLStatementOperation.Update;
+            case action_1.WriteOperation.Insert:
+                return schema_1.SQLStatementOperation.Insert;
+            case action_1.WriteOperation.Delete:
+                return schema_1.SQLStatementOperation.Delete;
+        }
+    }
+    getWriteOpForSQLStamentOp(op) {
+        switch (op) {
+            case schema_1.SQLStatementOperation.Update:
+                return action_1.WriteOperation.Edit;
+            case schema_1.SQLStatementOperation.Insert:
+                return action_1.WriteOperation.Insert;
+            case schema_1.SQLStatementOperation.Update:
+                return action_1.WriteOperation.Delete;
+            default:
+                throw new Error("invalid path");
+        }
+    }
+    // if you're doing custom privacy within an action and want to
+    // get either the unsafe ent or the existing ent that's being edited
+    async getPossibleUnsafeEntForPrivacy() {
+        if (this.actualOperation !== action_1.WriteOperation.Insert) {
+            return this.existingEnt;
+        }
+        const { editedData } = await this.memoizedGetFields();
+        return this.getEntForPrivacyPolicyImpl(editedData);
+    }
+    // this gets the fields that were explicitly set plus any default or transformed values
+    // mainly exists to get default fields e.g. default id to be used in triggers
+    // NOTE: this API may change in the future
+    // doesn't work to get ids for autoincrement keys
+    async getEditedData() {
+        const { editedData } = await this.memoizedGetFields();
+        return editedData;
+    }
+    /**
+     * @returns validated and formatted fields that would be written to the db
+     * throws an error if called before valid() or validX() has been called
+     */
+    getValidatedFields() {
+        if (this.validatedFields === null) {
+            throw new Error(`trying to call getValidatedFields before validating fields`);
+        }
+        return this.validatedFields;
+    }
+    // Note: this is memoized. call memoizedGetFields instead
+    async getFieldsInfo() {
+        const action = this.options.action;
+        const builder = this.options.builder;
+        // future optimization: can get schemaFields to memoize based on different values
+        const schemaFields = (0, schema_1.getFields)(this.options.schema);
+        const editedFields = await this.options.editedFields();
+        let editedData = await this.getFieldsWithDefaultValues(builder, schemaFields, editedFields, action);
+        return { editedData, editedFields, schemaFields };
+    }
     async validate() {
         // existing ent required for edit or delete operations
-        switch (this.options.operation) {
+        switch (this.actualOperation) {
             case action_1.WriteOperation.Delete:
             case action_1.WriteOperation.Edit:
-                if (!this.options.builder.existingEnt) {
-                    throw new Error("existing ent required with operation");
+                if (!this.existingEnt) {
+                    throw new Error(`existing ent required with operation ${this.actualOperation}`);
                 }
         }
+        const { schemaFields, editedData } = await this.memoizedGetFields();
         const action = this.options.action;
         const builder = this.options.builder;
-        // future optimization: can get schemaFields to memoize based on different values
-        const schemaFields = (0, schema_1.getFields)(this.options.schema);
-        let editedData = this.getFieldsWithDefaultValues(builder, schemaFields, action);
         // this runs in following phases:
         // * set default fields and pass to builder so the value can be checked by triggers/observers/validators
         // * privacy policy (use unsafe ent if we have it)
         // * triggers
         // * validators
         let privacyPolicy = action?.getPrivacyPolicy();
+        let privacyError = null;
         if (privacyPolicy) {
-            await (0, privacy_1.applyPrivacyPolicyX)(this.options.viewer, privacyPolicy, this.getEntForPrivacyPolicy(editedData), this.throwError.bind(this));
+            try {
+                await (0, privacy_1.applyPrivacyPolicyX)(this.options.viewer, privacyPolicy, this.getEntForPrivacyPolicyImpl(editedData), this.throwError.bind(this));
+            }
+            catch (err) {
+                privacyError = err;
+            }
         }
         // have to run triggers which update fields first before field and other validators
         // so running this first to build things up
-        let triggers = action?.triggers;
-        if (triggers) {
-            await this.triggers(action, builder, triggers);
-        }
-        let validators = action?.validators || [];
-        await Promise.all([
-            this.formatAndValidateFields(schemaFields),
+        if (action?.getTriggers) {
+            await this.triggers(action, builder, action.getTriggers());
+        }
+        let validators = [];
+        if (action?.getValidators) {
+            validators = action.getValidators();
+        }
+        // not ideal we're calling this twice. fix...
+        // needed for now. may need to rewrite some of this?
+        const editedFields2 = await this.options.editedFields();
+        const [errors, _] = await Promise.all([
+            this.formatAndValidateFields(schemaFields, editedFields2),
             this.validators(validators, action, builder),
         ]);
+        if (privacyError !== null) {
+            errors.unshift(privacyError);
+        }
+        return errors;
     }
     async triggers(action, builder, triggers) {
-        await Promise.all(triggers.map(async (trigger) => {
-            let ret = await trigger.changeset(builder, action.getInput());
-            if (Array.isArray(ret)) {
-                ret = await Promise.all(ret);
-            }
-            if (Array.isArray(ret)) {
-                for (const v of ret) {
-                    if (typeof v === "object") {
-                        this.changesets.push(v);
-                    }
+        let groups = [];
+        let lastArray = 0;
+        let prevWasArray = false;
+        for (let i = 0; i < triggers.length; i++) {
+            let t = triggers[i];
+            if (Array.isArray(t)) {
+                if (!prevWasArray) {
+                    // @ts-ignore
+                    groups.push(triggers.slice(lastArray, i));
                 }
+                groups.push(t);
+                prevWasArray = true;
+                lastArray++;
             }
-            else if (ret) {
-                this.changesets.push(ret);
+            else {
+                if (i === triggers.length - 1) {
+                    // @ts-ignore
+                    groups.push(triggers.slice(lastArray, i + 1));
+                }
+                prevWasArray = false;
             }
-        }));
+        }
+        for (const triggers of groups) {
+            await Promise.all(triggers.map(async (trigger) => {
+                let ret = await trigger.changeset(builder, action.getInput());
+                if (Array.isArray(ret)) {
+                    ret = await Promise.all(ret);
+                }
+                if (Array.isArray(ret)) {
+                    for (const v of ret) {
+                        if (typeof v === "object") {
+                            this.changesets.push(v);
+                        }
+                    }
+                }
+                else if (ret) {
+                    this.changesets.push(ret);
+                }
+            }));
+        }
     }
     async validators(validators, action, builder) {
+        // TODO need to catch errors and return it...
+        // don't need it initially since what we need this for doesn't have the errors
         let promises = [];
         validators.forEach((validator) => {
             let res = validator.validate(builder, action.getInput());
@@ -300,18 +430,79 @@ class Orchestrator {
     isBuilder(val) {
         return val.placeholderID !== undefined;
     }
-    getFieldsWithDefaultValues(builder, schemaFields, action) {
-        const editedFields = this.options.editedFields();
+    getInputKey(k) {
+        return this.options.fieldInfo[k].inputKey;
+    }
+    getStorageKey(k) {
+        return this.options.fieldInfo[k].dbCol;
+    }
+    async getFieldsWithDefaultValues(builder, schemaFields, editedFields, action) {
         let data = {};
         let defaultData = {};
         let input = action?.getInput() || {};
         let updateInput = false;
+        // transformations
+        // if action transformations. always do it
+        // if disable transformations set, don't do schema transform and just do the right thing
+        // else apply schema tranformation if it exists
+        let transformed = null;
+        const sqlOp = this.getSQLStatementOperation();
+        if (action?.transformWrite) {
+            transformed = await action.transformWrite({
+                builder,
+                input,
+                op: sqlOp,
+                data: editedFields,
+            });
+        }
+        else if (!this.disableTransformations) {
+            transformed = (0, schema_1.getTransformedUpdateOp)(this.options.schema, {
+                builder,
+                input,
+                op: sqlOp,
+                data: editedFields,
+            });
+        }
+        if (transformed) {
+            if (sqlOp === schema_1.SQLStatementOperation.Insert && sqlOp !== transformed.op) {
+                if (!transformed.existingEnt) {
+                    throw new Error(`cannot transform an insert operation without providing an existing ent`);
+                }
+            }
+            if (transformed.data) {
+                updateInput = true;
+                for (const k in transformed.data) {
+                    let field = schemaFields.get(k);
+                    if (!field) {
+                        throw new Error(`tried to transform field with unknown field ${k}`);
+                    }
+                    let val = transformed.data[k];
+                    if (field.format) {
+                        val = field.format(transformed.data[k]);
+                    }
+                    data[this.getStorageKey(k)] = val;
+                    this.defaultFieldsByTSName[this.getInputKey(k)] = val;
+                    // hmm do we need this?
+                    // TODO how to do this for local tests?
+                    // this.defaultFieldsByFieldName[k] = val;
+                }
+            }
+            this.actualOperation = this.getWriteOpForSQLStamentOp(transformed.op);
+            if (transformed.existingEnt) {
+                // @ts-ignore
+                this.existingEnt = transformed.existingEnt;
+                // modify existing ent in builder. it's readonly in generated ents but doesn't apply here
+                builder.existingEnt = transformed.existingEnt;
+            }
+        }
+        // transforming before doing default fields so that we don't create a new id
+        // and anything that depends on the type of operations knows what it is
         for (const [fieldName, field] of schemaFields) {
             let value = editedFields.get(fieldName);
             let defaultValue = undefined;
-            let dbKey = field.storageKey || (0, snake_case_1.snakeCase)(fieldName);
+            let dbKey = this.getStorageKey(fieldName);
             if (value === undefined) {
-                if (this.options.operation === action_1.WriteOperation.Insert) {
+                if (this.actualOperation === action_1.WriteOperation.Insert) {
                     if (field.defaultToViewerOnCreate && field.defaultValueOnCreate) {
                         throw new Error(`cannot set both defaultToViewerOnCreate and defaultValueOnCreate`);
                     }
@@ -326,7 +517,7 @@ class Orchestrator {
                     }
                 }
                 if (field.defaultValueOnEdit &&
-                    this.options.operation === action_1.WriteOperation.Edit) {
+                    this.actualOperation === action_1.WriteOperation.Edit) {
                     defaultValue = field.defaultValueOnEdit(builder, input);
                 }
             }
@@ -337,8 +528,7 @@ class Orchestrator {
                 updateInput = true;
                 defaultData[dbKey] = defaultValue;
                 this.defaultFieldsByFieldName[fieldName] = defaultValue;
-                // TODO related to #510. we need this logic to be consistent so do this all in TypeScript or get it from go somehow
-                this.defaultFieldsByTSName[(0, camel_case_1.camelCase)(fieldName)] = defaultValue;
+                this.defaultFieldsByTSName[this.getInputKey(fieldName)] = defaultValue;
             }
         }
         // if there's data changing, add data
@@ -364,7 +554,7 @@ class Orchestrator {
         // now format and validate...
         if (value === null) {
             if (!field.nullable) {
-                throw new Error(`field ${fieldName} set to null for non-nullable field`);
+                return new Error(`field ${fieldName} set to null for non-nullable field`);
             }
         }
         else if (value === undefined) {
@@ -374,15 +564,15 @@ class Orchestrator {
                 // not setting server default as we're depending on the database handling that.
                 // server default allowed
                 field.serverDefault === undefined &&
-                this.options.operation === action_1.WriteOperation.Insert) {
-                throw new Error(`required field ${fieldName} not set`);
+                this.actualOperation === action_1.WriteOperation.Insert) {
+                return new Error(`required field ${fieldName} not set`);
             }
         }
         else if (this.isBuilder(value)) {
             if (field.valid) {
-                const valid = await Promise.resolve(field.valid(value));
+                const valid = await field.valid(value);
                 if (!valid) {
-                    throw new Error(`invalid field ${fieldName} with value ${value}`);
+                    return new Error(`invalid field ${fieldName} with value ${value}`);
                 }
             }
             // keep track of dependencies to resolve
@@ -393,24 +583,23 @@ class Orchestrator {
         else {
             if (field.valid) {
                 // TODO this could be async. handle this better
-                const valid = await Promise.resolve(field.valid(value));
+                const valid = await field.valid(value);
                 if (!valid) {
-                    throw new Error(`invalid field ${fieldName} with value ${value}`);
+                    return new Error(`invalid field ${fieldName} with value ${value}`);
                 }
             }
             if (field.format) {
-                // TODO this could be async e.g. password. handle this better
-                value = await Promise.resolve(field.format(value));
+                value = await field.format(value);
             }
         }
         return value;
     }
-    async formatAndValidateFields(schemaFields) {
-        const op = this.options.operation;
+    async formatAndValidateFields(schemaFields, editedFields) {
+        const errors = [];
+        const op = this.actualOperation;
         if (op === action_1.WriteOperation.Delete) {
-            return;
+            return [];
         }
-        const editedFields = this.options.editedFields();
         // build up data to be saved...
         let data = {};
         let logValues = {};
@@ -420,8 +609,14 @@ class Orchestrator {
                 // null allowed
                 value = this.defaultFieldsByFieldName[fieldName];
             }
-            let dbKey = field.storageKey || (0, snake_case_1.snakeCase)(fieldName);
-            value = await this.transformFieldValue(fieldName, field, dbKey, value);
+            let dbKey = this.getStorageKey(fieldName);
+            let ret = await this.transformFieldValue(fieldName, field, dbKey, value);
+            if (ret instanceof Error) {
+                errors.push(ret);
+            }
+            else {
+                value = ret;
+            }
             if (value !== undefined) {
                 data[dbKey] = value;
                 logValues[dbKey] = field.logValue(value);
@@ -433,29 +628,48 @@ class Orchestrator {
             for (const fieldName in this.defaultFieldsByFieldName) {
                 const defaultValue = this.defaultFieldsByFieldName[fieldName];
                 let field = schemaFields.get(fieldName);
-                let dbKey = field.storageKey || (0, snake_case_1.snakeCase)(fieldName);
+                let dbKey = this.getStorageKey(fieldName);
                 // no value, let's just default
                 if (data[dbKey] === undefined) {
-                    const value = await this.transformFieldValue(fieldName, field, dbKey, defaultValue);
-                    data[dbKey] = value;
-                    logValues[dbKey] = field.logValue(value);
+                    const ret = await this.transformFieldValue(fieldName, field, dbKey, defaultValue);
+                    if (ret instanceof Error) {
+                        errors.push(ret);
+                    }
+                    else {
+                        data[dbKey] = ret;
+                        logValues[dbKey] = field.logValue(ret);
+                    }
                 }
             }
         }
         this.validatedFields = data;
         this.logValues = logValues;
+        return errors;
     }
     async valid() {
-        try {
-            await this.validate();
-        }
-        catch (e) {
-            (0, logger_1.log)("error", e);
+        const errors = await this.validate();
+        if (errors.length) {
+            errors.map((err) => (0, logger_1.log)("error", err));
             return false;
         }
         return true;
     }
     async validX() {
+        const errors = await this.validate();
+        if (errors.length) {
+            // just throw the first one...
+            // TODO we should ideally throw all of them
+            throw errors[0];
+        }
+    }
+    /**
+     * @experimental API that's not guaranteed to remain in the future which returns
+     * a list of errors encountered
+     * 0 errors indicates valid
+     * NOTE that this currently doesn't catch errors returned by validators().
+     * If those throws, this still throws and doesn't return them
+     */
+    async validWithErrors() {
         return this.validate();
     }
     async build() {
@@ -470,7 +684,7 @@ class Orchestrator {
         if (!action || !action.viewerForEntLoad) {
             return this.options.viewer;
         }
-        return action.viewerForEntLoad(data);
+        return action.viewerForEntLoad(data, action.builder.viewer.context);
     }
     async returnedRow() {
         if (this.mainOp && this.mainOp.returnedRow) {
@@ -494,7 +708,7 @@ class Orchestrator {
         const viewer = await this.viewerForEntLoad(row);
         const ent = await (0, ent_1.applyPrivacyPolicyForRow)(viewer, this.options.loaderOptions, row);
         if (!ent) {
-            if (this.options.operation == action_1.WriteOperation.Insert) {
+            if (this.actualOperation == action_1.WriteOperation.Insert) {
                 throw new Error(`was able to create ent but not load it`);
             }
             else {

package/action/privacy.d.ts

@@ -2,11 +2,11 @@ import { Builder } from "./action";
 import { Viewer, ID, Ent, PrivacyResult, PrivacyPolicyRule } from "../core/base";
 export declare class DenyIfBuilder implements PrivacyPolicyRule {
     private id?;
-    constructor(id?: ID | Builder<Ent> | undefined);
+    constructor(id?: ID | Builder<Ent<Viewer<Ent<any> | null, ID | null>>, any, Ent<Viewer<Ent<any> | null, ID | null>> | null> | undefined);
     apply(_v: Viewer, _ent: Ent): Promise<PrivacyResult>;
 }
 export declare class AllowIfBuilder implements PrivacyPolicyRule {
     private id?;
-    constructor(id?: ID | Builder<Ent> | undefined);
+    constructor(id?: ID | Builder<Ent<Viewer<Ent<any> | null, ID | null>>, any, Ent<Viewer<Ent<any> | null, ID | null>> | null> | undefined);
     apply(_v: Viewer, _ent: Ent): Promise<PrivacyResult>;
 }

package/core/base.d.ts

@@ -30,27 +30,27 @@ interface queryOptions {
     clause: clause.Clause;
     orderby?: string;
 }
-export interface Context {
-    getViewer(): Viewer;
+export interface Context<TViewer extends Viewer = Viewer> {
+    getViewer(): TViewer;
     cache?: cache;
 }
-export interface Viewer {
-    viewerID: ID | null;
-    viewer: () => Promise<Ent | null>;
+export interface Viewer<TEnt extends any = Ent<any> | null, TID extends any = ID | null> {
+    viewerID: TID;
+    viewer: () => Promise<TEnt>;
     instanceKey: () => string;
-    context?: Context;
+    context?: Context<any>;
 }
-export interface Ent {
+export interface Ent<TViewer extends Viewer = Viewer> {
     id: ID;
-    viewer: Viewer;
-    privacyPolicy: PrivacyPolicy<this>;
+    viewer: TViewer;
+    getPrivacyPolicy(): PrivacyPolicy<this, TViewer>;
     nodeType: string;
 }
 export declare type Data = {
     [key: string]: any;
 };
-export interface EntConstructor<T extends Ent> {
-    new (viewer: Viewer, data: Data): T;
+export interface EntConstructor<TEnt extends Ent, TViewer extends Viewer = Viewer> {
+    new (viewer: TViewer, data: Data): TEnt;
 }
 export declare type ID = string | number;
 export interface DataOptions {
@@ -62,6 +62,7 @@ export interface SelectBaseDataOptions extends DataOptions {
 }
 export interface SelectDataOptions extends SelectBaseDataOptions {
     key: string;
+    clause?: clause.Clause | (() => clause.Clause | undefined);
 }
 export interface QueryableDataOptions extends SelectBaseDataOptions, QueryDataOptions {
 }
@@ -81,16 +82,18 @@ export interface CreateRowOptions extends DataOptions {
     fieldsToLog?: Data;
 }
 export interface EditRowOptions extends CreateRowOptions {
-    key: string;
+    whereClause: clause.Clause;
 }
-interface LoadableEntOptions<T extends Ent> {
+interface LoadableEntOptions<TEnt extends Ent, TViewer extends Viewer = Viewer> {
     loaderFactory: LoaderFactory<any, Data | null>;
-    ent: EntConstructor<T>;
+    ent: EntConstructor<TEnt, TViewer>;
 }
-export interface LoadEntOptions<T extends Ent> extends LoadableEntOptions<T>, SelectBaseDataOptions {
+export interface LoadEntOptions<TEnt extends Ent, TViewer extends Viewer = Viewer> extends LoadableEntOptions<TEnt, TViewer>, SelectBaseDataOptions {
+    fieldPrivacy?: Map<string, PrivacyPolicy>;
 }
-export interface LoadCustomEntOptions<T extends Ent> extends SelectBaseDataOptions {
-    ent: EntConstructor<T>;
+export interface LoadCustomEntOptions<TEnt extends Ent, TViewer extends Viewer = Viewer> extends SelectBaseDataOptions {
+    ent: EntConstructor<TEnt, TViewer>;
+    fieldPrivacy?: Map<string, PrivacyPolicy>;
 }
 export interface LoaderInfo {
     tableName: string;
@@ -108,6 +111,7 @@ declare enum privacyResult {
 export interface PrivacyResult {
     result: privacyResult;
     error?: PrivacyError;
+    getError?(policy: PrivacyPolicy, rule: PrivacyPolicyRule, ent?: Ent): PrivacyError;
 }
 export interface PrivacyError extends Error {
     privacyPolicy: PrivacyPolicy<Ent>;
@@ -116,11 +120,11 @@ export interface PrivacyError extends Error {
 export declare function Allow(): PrivacyResult;
 export declare function Skip(): PrivacyResult;
 export declare function Deny(): PrivacyResult;
-export declare function DenyWithReason(e: PrivacyError): PrivacyResult;
-export interface PrivacyPolicyRule<TEnt extends Ent = Ent> {
-    apply(v: Viewer, ent?: TEnt): Promise<PrivacyResult>;
+export declare function DenyWithReason(e: PrivacyError | string): PrivacyResult;
+export interface PrivacyPolicyRule<TEnt extends Ent = Ent, TViewer = Viewer> {
+    apply(v: TViewer, ent?: TEnt): Promise<PrivacyResult>;
 }
-export interface PrivacyPolicy<TEnt extends Ent = Ent> {
-    rules: PrivacyPolicyRule<TEnt>[];
+export interface PrivacyPolicy<TEnt extends Ent = Ent, TViewer = Viewer> {
+    rules: PrivacyPolicyRule<TEnt, TViewer>[];
 }
 export {};