@uploadista/server 0.0.18-beta.16 → 0.0.18-beta.2

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@uploadista/server",
   "type": "module",
-  "version": "0.0.18-beta.16",
+  "version": "0.0.18-beta.2",
   "description": "Core Server package for Uploadista",
   "license": "MIT",
   "author": "Uploadista",
@@ -20,23 +20,23 @@
     }
   },
   "dependencies": {
-    "@uploadista/core": "0.0.18-beta.16",
-    "@uploadista/event-emitter-websocket": "0.0.18-beta.16",
-    "@uploadista/observability": "0.0.18-beta.16",
-    "@uploadista/event-broadcaster-memory": "0.0.18-beta.16"
+    "@uploadista/core": "0.0.18-beta.2",
+    "@uploadista/event-broadcaster-memory": "0.0.18-beta.2",
+    "@uploadista/event-emitter-websocket": "0.0.18-beta.2",
+    "@uploadista/observability": "0.0.18-beta.2"
   },
   "devDependencies": {
-    "@cloudflare/workers-types": "4.20251202.0",
+    "@cloudflare/workers-types": "4.20251125.0",
     "@effect/vitest": "0.27.0",
     "@types/express": "^5.0.0",
     "@types/node": "24.10.1",
-    "effect": "3.19.8",
+    "effect": "3.19.6",
     "tsd": "0.33.0",
-    "tsdown": "0.16.8",
+    "tsdown": "0.16.6",
     "typescript": "5.9.3",
-    "vitest": "4.0.15",
+    "vitest": "4.0.13",
     "zod": "4.1.13",
-    "@uploadista/typescript-config": "0.0.18-beta.16"
+    "@uploadista/typescript-config": "0.0.18-beta.2"
   },
   "peerDependencies": {
     "effect": "^3.0.0",

package/src/core/http-handlers/flow-http-handlers.ts

@@ -1,10 +1,7 @@
 import { FlowServer } from "@uploadista/core/flow";
 import { Effect } from "effect";
 import { AuthCacheService } from "../../cache";
-import { PERMISSIONS } from "../../permissions/types";
-import { QuotaExceededError } from "../../permissions/errors";
 import { AuthContextService } from "../../service";
-import { UsageHookService } from "../../usage-hooks/service";
 import type {
   CancelFlowRequest,
   CancelFlowResponse,
@@ -23,12 +20,10 @@ import type {
 export const handleGetFlow = ({ flowId }: GetFlowRequest) => {
   return Effect.gen(function* () {
     const flowServer = yield* FlowServer;
+    // Access auth context if available
     const authService = yield* AuthContextService;
     const clientId = yield* authService.getClientId();
 
-    // Check permission for reading flow status
-    yield* authService.requirePermission(PERMISSIONS.FLOW.STATUS);
-
     if (clientId) {
       yield* Effect.logInfo(
         `[Flow] Getting flow data: ${flowId}, client: ${clientId}`,
@@ -51,14 +46,11 @@ export const handleRunFlow = <TRequirements>({
 }: RunFlowRequest) => {
   return Effect.gen(function* () {
     const flowServer = yield* FlowServer;
+    // Access auth context if available
     const authService = yield* AuthContextService;
     const authCache = yield* AuthCacheService;
-    const usageHookService = yield* UsageHookService;
     const clientId = yield* authService.getClientId();
 
-    // Check permission for executing flows
-    yield* authService.requirePermission(PERMISSIONS.FLOW.EXECUTE);
-
     if (clientId) {
       yield* Effect.logInfo(
         `[Flow] Executing flow: ${flowId}, storage: ${storageId}, client: ${clientId}`,
@@ -73,28 +65,7 @@ export const handleRunFlow = <TRequirements>({
       );
     }
 
-    // Execute onFlowStart hook for quota checking
-    if (clientId) {
-      const hookResult = yield* usageHookService.onFlowStart({
-        clientId,
-        operation: "flow",
-        metadata: {
-          flowId,
-        },
-      });
-
-      if (hookResult.action === "abort") {
-        return yield* Effect.fail(
-          new QuotaExceededError(
-            hookResult.reason,
-            hookResult.code ?? "SUBSCRIPTION_REQUIRED",
-          ),
-        );
-      }
-    }
-
     // Run flow returns immediately with jobId
-    const startTime = Date.now();
     yield* Effect.logInfo(`[Flow] Calling flowServer.runFlow...`);
     const result = yield* flowServer
       .runFlow<TRequirements>({
@@ -120,10 +91,6 @@ export const handleRunFlow = <TRequirements>({
 
     yield* Effect.logInfo(`[Flow] Flow started with jobId: ${result.id}`);
 
-    // Note: onFlowComplete hook is called when the flow actually completes,
-    // which happens asynchronously. The hook should be invoked from the
-    // flow execution pipeline, not here where we just start the flow.
-
     return {
       status: 200,
       body: result,
@@ -134,13 +101,11 @@ export const handleRunFlow = <TRequirements>({
 export const handleJobStatus = ({ jobId }: GetJobStatusRequest) => {
   return Effect.gen(function* () {
     const flowServer = yield* FlowServer;
+    // Access auth context if available
     const authService = yield* AuthContextService;
     const authCache = yield* AuthCacheService;
     const clientId = yield* authService.getClientId();
 
-    // Check permission for checking flow status
-    yield* authService.requirePermission(PERMISSIONS.FLOW.STATUS);
-
     if (!jobId) {
       throw new Error("No job id");
     }
@@ -177,12 +142,10 @@ export const handleResumeFlow = <TRequirements>({
 }: ResumeFlowRequest) => {
   return Effect.gen(function* () {
     const flowServer = yield* FlowServer;
+    // Try to get auth from current request or cached auth
     const authService = yield* AuthContextService;
     const authCache = yield* AuthCacheService;
 
-    // Check permission for executing flows (resume is part of execution)
-    yield* authService.requirePermission(PERMISSIONS.FLOW.EXECUTE);
-
     // Try current auth first, fallback to cached auth
     let clientId = yield* authService.getClientId();
     if (!clientId) {
@@ -223,16 +186,13 @@ export const handleResumeFlow = <TRequirements>({
     } as ResumeFlowResponse;
   });
 };
-
 export const handlePauseFlow = ({ jobId }: PauseFlowRequest) => {
   return Effect.gen(function* () {
     const flowServer = yield* FlowServer;
+    // Try to get auth from current request or cached auth
     const authService = yield* AuthContextService;
     const authCache = yield* AuthCacheService;
 
-    // Check permission for cancelling flows (pause is related to cancel)
-    yield* authService.requirePermission(PERMISSIONS.FLOW.CANCEL);
-
     // Try current auth first, fallback to cached auth
     let clientId = yield* authService.getClientId();
     if (!clientId) {
@@ -264,12 +224,9 @@ export const handlePauseFlow = ({ jobId }: PauseFlowRequest) => {
 export const handleCancelFlow = ({ jobId }: CancelFlowRequest) => {
   return Effect.gen(function* () {
     const flowServer = yield* FlowServer;
+    // Try to get auth from current request or cached auth
     const authService = yield* AuthContextService;
     const authCache = yield* AuthCacheService;
-    const usageHookService = yield* UsageHookService;
-
-    // Check permission for cancelling flows
-    yield* authService.requirePermission(PERMISSIONS.FLOW.CANCEL);
 
     if (!jobId) {
       throw new Error("No job id");
@@ -296,18 +253,6 @@ export const handleCancelFlow = ({ jobId }: CancelFlowRequest) => {
       yield* Effect.logInfo(
         `[Flow] Flow cancelled, cleared auth cache: ${jobId}`,
       );
-
-      // Execute onFlowComplete hook for cancelled flow
-      yield* Effect.forkDaemon(
-        usageHookService.onFlowComplete({
-          clientId,
-          operation: "flow",
-          metadata: {
-            jobId,
-            status: "cancelled",
-          },
-        }),
-      );
     }
 
     return {

package/src/core/http-handlers/http-handlers.ts

@@ -1,16 +1,5 @@
-import type { HealthCheckConfig } from "@uploadista/core/types";
 import { Effect } from "effect";
 import type { UploadistaRequest, UploadistaResponse } from "../routes";
-import {
-  handleDlqCleanup,
-  handleDlqDelete,
-  handleDlqGet,
-  handleDlqList,
-  handleDlqResolve,
-  handleDlqRetry,
-  handleDlqRetryAll,
-  handleDlqStats,
-} from "./dlq-http-handlers";
 import {
   handleCancelFlow,
   handleGetFlow,
@@ -19,11 +8,6 @@ import {
   handleResumeFlow,
   handleRunFlow,
 } from "./flow-http-handlers";
-import {
-  handleHealthComponents,
-  handleHealthLiveness,
-  handleHealthReadiness,
-} from "./health-http-handlers";
 import {
   handleCreateUpload,
   handleGetCapabilities,
@@ -35,7 +19,6 @@ export type { UploadistaRequest, UploadistaResponse } from "../routes";
 
 export const handleUploadistaRequest = <TRequirements>(
   req: UploadistaRequest,
-  options?: { healthCheckConfig?: HealthCheckConfig },
 ) => {
   return Effect.gen(function* () {
     switch (req.type) {
@@ -61,39 +44,6 @@ export const handleUploadistaRequest = <TRequirements>(
         return (yield* handlePauseFlow(req)) as UploadistaResponse;
       case "cancel-flow":
         return (yield* handleCancelFlow(req)) as UploadistaResponse;
-      // DLQ Admin routes
-      case "dlq-list":
-        return (yield* handleDlqList(req)) as UploadistaResponse;
-      case "dlq-get":
-        return (yield* handleDlqGet(req)) as UploadistaResponse;
-      case "dlq-retry":
-        return (yield* handleDlqRetry(req)) as UploadistaResponse;
-      case "dlq-retry-all":
-        return (yield* handleDlqRetryAll(req)) as UploadistaResponse;
-      case "dlq-delete":
-        return (yield* handleDlqDelete(req)) as UploadistaResponse;
-      case "dlq-resolve":
-        return (yield* handleDlqResolve(req)) as UploadistaResponse;
-      case "dlq-cleanup":
-        return (yield* handleDlqCleanup(req)) as UploadistaResponse;
-      case "dlq-stats":
-        return (yield* handleDlqStats(req)) as UploadistaResponse;
-      // Health check routes
-      case "health":
-        return (yield* handleHealthLiveness(
-          req,
-          options?.healthCheckConfig,
-        )) as UploadistaResponse;
-      case "health-ready":
-        return (yield* handleHealthReadiness(
-          req,
-          options?.healthCheckConfig,
-        )) as UploadistaResponse;
-      case "health-components":
-        return (yield* handleHealthComponents(
-          req,
-          options?.healthCheckConfig,
-        )) as UploadistaResponse;
       case "not-found":
         return {
           status: 404,

package/src/core/http-handlers/upload-http-handlers.ts

@@ -5,10 +5,7 @@ import { MetricsService } from "@uploadista/observability";
 import { Effect } from "effect";
 import { AuthCacheService } from "../../cache";
 import { ValidationError } from "../../error-types";
-import { PERMISSIONS } from "../../permissions/types";
-import { QuotaExceededError } from "../../permissions/errors";
 import { AuthContextService } from "../../service";
-import { UsageHookService } from "../../usage-hooks/service";
 import type {
   CreateUploadRequest,
   CreateUploadResponse,
@@ -23,14 +20,11 @@ import type {
 export const handleCreateUpload = (req: CreateUploadRequest) =>
   Effect.gen(function* () {
     const server = yield* UploadServer;
+    // Access auth context if available
     const authService = yield* AuthContextService;
     const authCache = yield* AuthCacheService;
-    const usageHookService = yield* UsageHookService;
     const clientId = yield* authService.getClientId();
 
-    // Check permission for creating uploads
-    yield* authService.requirePermission(PERMISSIONS.UPLOAD.CREATE);
-
     if (clientId) {
       yield* Effect.logInfo(`[Upload] Creating upload for client: ${clientId}`);
     }
@@ -57,28 +51,6 @@ export const handleCreateUpload = (req: CreateUploadRequest) =>
       );
     }
 
-    // Execute onUploadStart hook for quota checking
-    if (clientId) {
-      const hookResult = yield* usageHookService.onUploadStart({
-        clientId,
-        operation: "upload",
-        metadata: {
-          fileSize: parsedInputFile.data.size,
-          mimeType: parsedInputFile.data.type,
-          fileName: parsedInputFile.data.fileName,
-        },
-      });
-
-      if (hookResult.action === "abort") {
-        return yield* Effect.fail(
-          new QuotaExceededError(
-            hookResult.reason,
-            hookResult.code ?? "QUOTA_EXCEEDED",
-          ),
-        );
-      }
-    }
-
     const fileCreated = yield* server.createUpload(
       parsedInputFile.data,
       clientId,
@@ -108,9 +80,6 @@ export const handleGetCapabilities = ({ storageId }: GetCapabilitiesRequest) =>
     const authService = yield* AuthContextService;
     const clientId = yield* authService.getClientId();
 
-    // Check permission for reading upload capabilities
-    yield* authService.requirePermission(PERMISSIONS.UPLOAD.READ);
-
     const capabilities = yield* server.getCapabilities(storageId, clientId);
 
     return {
@@ -126,11 +95,6 @@ export const handleGetCapabilities = ({ storageId }: GetCapabilitiesRequest) =>
 export const handleGetUpload = ({ uploadId }: GetUploadRequest) =>
   Effect.gen(function* () {
     const server = yield* UploadServer;
-    const authService = yield* AuthContextService;
-
-    // Check permission for reading upload status
-    yield* authService.requirePermission(PERMISSIONS.UPLOAD.READ);
-
     const fileResult = yield* server.getUpload(uploadId);
 
     return {
@@ -142,16 +106,13 @@ export const handleGetUpload = ({ uploadId }: GetUploadRequest) =>
 export const handleUploadChunk = (req: UploadChunkRequest) =>
   Effect.gen(function* () {
     const server = yield* UploadServer;
+    // Try to get auth from current request or cached auth
     const authService = yield* AuthContextService;
     const authCache = yield* AuthCacheService;
     const metricsService = yield* MetricsService;
-    const usageHookService = yield* UsageHookService;
 
     const { uploadId, data } = req;
 
-    // Check permission for creating uploads (chunks are part of creation)
-    yield* authService.requirePermission(PERMISSIONS.UPLOAD.CREATE);
-
     // Try current auth first, fallback to cached auth
     let clientId = yield* authService.getClientId();
     let authMetadata = yield* authService.getMetadata();
@@ -167,7 +128,6 @@ export const handleUploadChunk = (req: UploadChunkRequest) =>
       );
     }
 
-    const startTime = Date.now();
     const fileResult = yield* server.uploadChunk(uploadId, clientId, data);
 
     // Clear cache and record metrics if upload is complete
@@ -180,6 +140,7 @@ export const handleUploadChunk = (req: UploadChunkRequest) =>
       }
 
       // Record upload metrics if we have organization ID
+
       if (clientId && fileResult.size) {
         yield* Effect.logInfo(
           `[Upload] Recording metrics for org: ${clientId}, size: ${fileResult.size}`,
@@ -187,20 +148,6 @@ export const handleUploadChunk = (req: UploadChunkRequest) =>
         yield* Effect.forkDaemon(
           metricsService.recordUpload(clientId, fileResult.size, authMetadata),
         );
-
-        // Execute onUploadComplete hook for usage tracking
-        const duration = Date.now() - startTime;
-        yield* Effect.forkDaemon(
-          usageHookService.onUploadComplete({
-            clientId,
-            operation: "upload",
-            metadata: {
-              uploadId,
-              fileSize: fileResult.size,
-              duration,
-            },
-          }),
-        );
       } else {
         yield* Effect.logWarning(
           `[Upload] Cannot record metrics - missing organizationId or size`,

package/src/core/routes.ts

@@ -1,14 +1,7 @@
 import type {
   DataStoreCapabilities,
-  DeadLetterCleanupOptions,
-  DeadLetterCleanupResult,
-  DeadLetterItem,
-  DeadLetterItemStatus,
-  DeadLetterListOptions,
-  DeadLetterQueueStats,
   FlowData,
   FlowJob,
-  HealthResponse as HealthResponseBody,
   UploadFile,
 } from "@uploadista/core";
 import type { StandardResponse } from "../adapter/types";
@@ -24,20 +17,6 @@ export type UploadistaRouteType =
   | "resume-flow"
   | "pause-flow"
   | "cancel-flow"
-  // DLQ Admin routes
-  | "dlq-list"
-  | "dlq-get"
-  | "dlq-retry"
-  | "dlq-retry-all"
-  | "dlq-delete"
-  | "dlq-resolve"
-  | "dlq-cleanup"
-  | "dlq-stats"
-  // Health check routes
-  | "health"
-  | "health-ready"
-  | "health-components"
-  // Error routes
   | "not-found"
   | "bad-request"
   | "method-not-allowed"
@@ -175,128 +154,6 @@ export type CancelFlowResponse = UploadistaStandardResponse<
   FlowJob
 >;
 
-// ============================================================================
-// Dead Letter Queue Admin Routes
-// ============================================================================
-
-export type DlqListRequest = UploadistaRoute<"dlq-list"> & {
-  options?: DeadLetterListOptions;
-};
-export type DlqListResponse = UploadistaStandardResponse<
-  "dlq-list",
-  { items: DeadLetterItem[]; total: number }
->;
-
-export type DlqGetRequest = UploadistaRoute<"dlq-get"> & {
-  itemId: string;
-};
-export type DlqGetResponse = UploadistaStandardResponse<"dlq-get", DeadLetterItem>;
-
-export type DlqRetryRequest = UploadistaRoute<"dlq-retry"> & {
-  itemId: string;
-};
-export type DlqRetryResponse = UploadistaStandardResponse<
-  "dlq-retry",
-  { success: boolean; newJobId?: string }
->;
-
-export type DlqRetryAllRequest = UploadistaRoute<"dlq-retry-all"> & {
-  options?: { status?: DeadLetterItemStatus; flowId?: string };
-};
-export type DlqRetryAllResponse = UploadistaStandardResponse<
-  "dlq-retry-all",
-  { retried: number; succeeded: number; failed: number }
->;
-
-export type DlqDeleteRequest = UploadistaRoute<"dlq-delete"> & {
-  itemId: string;
-};
-export type DlqDeleteResponse = UploadistaStandardResponse<
-  "dlq-delete",
-  { success: boolean }
->;
-
-export type DlqResolveRequest = UploadistaRoute<"dlq-resolve"> & {
-  itemId: string;
-};
-export type DlqResolveResponse = UploadistaStandardResponse<
-  "dlq-resolve",
-  DeadLetterItem
->;
-
-export type DlqCleanupRequest = UploadistaRoute<"dlq-cleanup"> & {
-  options?: DeadLetterCleanupOptions;
-};
-export type DlqCleanupResponse = UploadistaStandardResponse<
-  "dlq-cleanup",
-  DeadLetterCleanupResult
->;
-
-export type DlqStatsRequest = UploadistaRoute<"dlq-stats">;
-export type DlqStatsResponse = UploadistaStandardResponse<
-  "dlq-stats",
-  DeadLetterQueueStats
->;
-
-// ============================================================================
-// Health Check Routes
-// ============================================================================
-
-/**
- * Health check request base type with optional Accept header.
- */
-type HealthCheckRequestBase = {
-  /** Accept header value for response format negotiation */
-  acceptHeader?: string | null;
-};
-
-/**
- * Liveness health check request (GET /health or /healthz).
- */
-export type HealthRequest = UploadistaRoute<"health"> & HealthCheckRequestBase;
-
-/**
- * Liveness health check response.
- * Can return JSON or plain text based on Accept header.
- */
-export type HealthResponse = UploadistaRoute<"health"> & {
-  status: 200;
-  headers: { "Content-Type": "application/json" | "text/plain" };
-  body: HealthResponseBody | string;
-};
-
-/**
- * Readiness health check request (GET /ready or /readyz).
- */
-export type HealthReadyRequest = UploadistaRoute<"health-ready"> &
-  HealthCheckRequestBase;
-
-/**
- * Readiness health check response.
- * Returns 200 if healthy, 503 if unhealthy.
- */
-export type HealthReadyResponse = UploadistaRoute<"health-ready"> & {
-  status: 200 | 503;
-  headers: { "Content-Type": "application/json" | "text/plain" };
-  body: HealthResponseBody | string;
-};
-
-/**
- * Component details health check request (GET /health/components).
- */
-export type HealthComponentsRequest = UploadistaRoute<"health-components"> &
-  HealthCheckRequestBase;
-
-/**
- * Component details health check response.
- * Always returns 200 for debugging purposes.
- */
-export type HealthComponentsResponse = UploadistaRoute<"health-components"> & {
-  status: 200;
-  headers: { "Content-Type": "application/json" | "text/plain" };
-  body: HealthResponseBody | string;
-};
-
 export type UploadistaRequest =
   | CreateUploadRequest
   | GetCapabilitiesRequest
@@ -308,20 +165,6 @@ export type UploadistaRequest =
   | ResumeFlowRequest
   | PauseFlowRequest
   | CancelFlowRequest
-  // DLQ Admin requests
-  | DlqListRequest
-  | DlqGetRequest
-  | DlqRetryRequest
-  | DlqRetryAllRequest
-  | DlqDeleteRequest
-  | DlqResolveRequest
-  | DlqCleanupRequest
-  | DlqStatsRequest
-  // Health check requests
-  | HealthRequest
-  | HealthReadyRequest
-  | HealthComponentsRequest
-  // Error requests
   | NotFoundRequest
   | BadRequestRequest
   | MethodNotAllowedRequest
@@ -338,20 +181,6 @@ export type UploadistaResponse =
   | ResumeFlowResponse
   | PauseFlowResponse
   | CancelFlowResponse
-  // DLQ Admin responses
-  | DlqListResponse
-  | DlqGetResponse
-  | DlqRetryResponse
-  | DlqRetryAllResponse
-  | DlqDeleteResponse
-  | DlqResolveResponse
-  | DlqCleanupResponse
-  | DlqStatsResponse
-  // Health check responses
-  | HealthResponse
-  | HealthReadyResponse
-  | HealthComponentsResponse
-  // Error responses
   | NotFoundResponse
   | BadRequestResponse
   | MethodNotAllowedResponse