@velajs/storage 0.3.0 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (99) hide show
  1. package/CHANGELOG.md +6 -1
  2. package/dist/body-BMUcBeQ0.js +93 -0
  3. package/dist/body-BMUcBeQ0.js.map +1 -0
  4. package/dist/client/index.d.ts +49 -46
  5. package/dist/client/index.js +207 -228
  6. package/dist/client/index.js.map +1 -0
  7. package/dist/drivers/memory/index.d.ts +17 -13
  8. package/dist/drivers/memory/index.js +190 -197
  9. package/dist/drivers/memory/index.js.map +1 -0
  10. package/dist/drivers/r2/index.d.ts +7 -4
  11. package/dist/drivers/r2/index.js +162 -160
  12. package/dist/drivers/r2/index.js.map +1 -0
  13. package/dist/drivers/r2-http/index.d.ts +23 -19
  14. package/dist/drivers/r2-http/index.js +52 -45
  15. package/dist/drivers/r2-http/index.js.map +1 -0
  16. package/dist/drivers/s3/index.d.ts +79 -5
  17. package/dist/drivers/s3/index.js +2 -3
  18. package/dist/index.d.ts +271 -17
  19. package/dist/index.js +1078 -16
  20. package/dist/index.js.map +1 -0
  21. package/dist/middleware/index.d.ts +177 -15
  22. package/dist/middleware/index.js +553 -8
  23. package/dist/middleware/index.js.map +1 -0
  24. package/dist/protocol.types-C5PPBD12.d.ts +80 -0
  25. package/dist/r2.types-Bw4Ft83t.d.ts +71 -0
  26. package/dist/retry-DXtO6R9D.js +119 -0
  27. package/dist/retry-DXtO6R9D.js.map +1 -0
  28. package/dist/s3-DrE9NrnD.js +557 -0
  29. package/dist/s3-DrE9NrnD.js.map +1 -0
  30. package/dist/storage.error-DVCOkJhc.js +49 -0
  31. package/dist/storage.error-DVCOkJhc.js.map +1 -0
  32. package/dist/storage.types-BJN7Yp1J.d.ts +288 -0
  33. package/dist/storagesdk/index.d.ts +73 -69
  34. package/dist/storagesdk/index.js +117 -130
  35. package/dist/storagesdk/index.js.map +1 -0
  36. package/dist/stored-file-2Yl07eRc.js +105 -0
  37. package/dist/stored-file-2Yl07eRc.js.map +1 -0
  38. package/dist/testing/index.d.ts +12 -8
  39. package/dist/testing/index.js +36 -53
  40. package/dist/testing/index.js.map +1 -0
  41. package/package.json +62 -48
  42. package/dist/base64.d.ts +0 -8
  43. package/dist/base64.js +0 -25
  44. package/dist/decorators/inject-storage.decorator.d.ts +0 -17
  45. package/dist/decorators/inject-storage.decorator.js +0 -21
  46. package/dist/drivers/r2/r2.types.d.ts +0 -67
  47. package/dist/drivers/r2/r2.types.js +0 -5
  48. package/dist/drivers/s3/s3-client.d.ts +0 -33
  49. package/dist/drivers/s3/s3-client.js +0 -154
  50. package/dist/drivers/s3/s3.driver.d.ts +0 -4
  51. package/dist/drivers/s3/s3.driver.js +0 -404
  52. package/dist/drivers/s3/s3.types.d.ts +0 -28
  53. package/dist/drivers/s3/s3.types.js +0 -1
  54. package/dist/drivers/s3/xml.d.ts +0 -6
  55. package/dist/drivers/s3/xml.js +0 -52
  56. package/dist/http/authorizer.types.d.ts +0 -59
  57. package/dist/http/authorizer.types.js +0 -1
  58. package/dist/http/http-helpers.d.ts +0 -22
  59. package/dist/http/http-helpers.js +0 -80
  60. package/dist/http/protocol.types.d.ts +0 -76
  61. package/dist/http/protocol.types.js +0 -1
  62. package/dist/internal/body.d.ts +0 -18
  63. package/dist/internal/body.js +0 -90
  64. package/dist/internal/retry.d.ts +0 -41
  65. package/dist/internal/retry.js +0 -127
  66. package/dist/internal/stored-file.d.ts +0 -27
  67. package/dist/internal/stored-file.js +0 -114
  68. package/dist/middleware/cache.d.ts +0 -50
  69. package/dist/middleware/cache.js +0 -101
  70. package/dist/middleware/compose.d.ts +0 -12
  71. package/dist/middleware/compose.js +0 -11
  72. package/dist/middleware/compression.d.ts +0 -16
  73. package/dist/middleware/compression.js +0 -101
  74. package/dist/middleware/encryption.d.ts +0 -14
  75. package/dist/middleware/encryption.js +0 -134
  76. package/dist/middleware/failover.d.ts +0 -18
  77. package/dist/middleware/failover.js +0 -52
  78. package/dist/middleware/retry.d.ts +0 -14
  79. package/dist/middleware/retry.js +0 -47
  80. package/dist/middleware/versioning.d.ts +0 -36
  81. package/dist/middleware/versioning.js +0 -89
  82. package/dist/middleware/wrap.d.ts +0 -11
  83. package/dist/middleware/wrap.js +0 -46
  84. package/dist/object-key.d.ts +0 -17
  85. package/dist/object-key.js +0 -42
  86. package/dist/storage.controller.d.ts +0 -21
  87. package/dist/storage.controller.js +0 -380
  88. package/dist/storage.error.d.ts +0 -28
  89. package/dist/storage.error.js +0 -46
  90. package/dist/storage.facade.d.ts +0 -47
  91. package/dist/storage.facade.js +0 -443
  92. package/dist/storage.module.d.ts +0 -46
  93. package/dist/storage.module.js +0 -113
  94. package/dist/storage.service.d.ts +0 -42
  95. package/dist/storage.service.js +0 -86
  96. package/dist/storage.tokens.d.ts +0 -13
  97. package/dist/storage.tokens.js +0 -26
  98. package/dist/storage.types.d.ts +0 -245
  99. package/dist/storage.types.js +0 -1
package/dist/index.d.ts CHANGED
@@ -1,17 +1,271 @@
1
- export { Storage, createStorage } from './storage.facade';
2
- export type { FileHandle } from './storage.facade';
3
- export { StorageModule } from './storage.module';
4
- export type { StorageModuleOptions, StorageModuleAsyncOptions } from './storage.module';
5
- export { StorageService, lazyDriver } from './storage.service';
6
- export type { StorageServiceOptions } from './storage.service';
7
- export { InjectStorage } from './decorators/inject-storage.decorator';
8
- export { DEFAULT_STORAGE_NAME, storageDriverBuilder, storageToken } from './storage.tokens';
9
- export { createStorageController } from './storage.controller';
10
- export type { ResolvedHttpOptions } from './storage.controller';
11
- export type { StorageHttpOptions } from './storage.module';
12
- export type { StorageAction, StorageAuthContext, StorageAuthResult, StorageAuthorizer, } from './http/authorizer.types';
13
- export type { SignUploadRequest, SignUploadResponse, MultipartCreateRequest, MultipartCreateResponse, SignPartRequest, SignPartResponse, MultipartCompleteRequest, MultipartCompleteResponse, MultipartAbortRequest, DeleteRequest, ListResponse, StoredFileMeta, SignDownloadResponse, OkResponse, StorageWireErrorCode, StorageErrorBody, } from './http/protocol.types';
14
- export { StorageError, isAbort } from './storage.error';
15
- export type { StorageErrorCode, StorageErrorOptions } from './storage.error';
16
- export { isSafeKey, sanitizeKey, normalizePrefix, joinKey, stripPrefix } from './object-key';
17
- export type { Body, PartBody, OperationOptions, RetryOptions, RetryBackoffContext, UploadProgress, MultipartOptions, UploadOptions, UploadResult, ByteRange, DownloadOptions, StoredFile, ListOptions, ListResult, DeleteManyOptions, DeleteManyError, DeleteManyResult, UrlOptions, SignUploadOptions, SignedUpload, SignedUrlCapability, CreateMultipartOptions, UploadedPart, MultipartUpload, SignedMultipartCreate, SignedPart, SignedMultipartCapability, StorageDriver, StorageCapabilities, StorageHooks, StorageHookEvent, StorageOptions, } from './storage.types';
1
+ import { A as UploadResult, C as StorageDriver, D as StoredFile, E as StorageOptions, F as StorageErrorOptions, I as isAbort, M as UrlOptions, N as StorageError, O as UploadOptions, P as StorageErrorCode, S as StorageCapabilities, T as StorageHooks, _ as SignedMultipartCapability, a as DeleteManyOptions, b as SignedUpload, c as ListOptions, d as MultipartUpload, f as OperationOptions, g as SignUploadOptions, h as RetryOptions, i as DeleteManyError, j as UploadedPart, k as UploadProgress, l as ListResult, m as RetryBackoffContext, n as ByteRange, o as DeleteManyResult, p as PartBody, r as CreateMultipartOptions, s as DownloadOptions, t as Body, u as MultipartOptions, v as SignedMultipartCreate, w as StorageHookEvent, x as SignedUrlCapability, y as SignedPart } from "./storage.types-BJN7Yp1J.js";
2
+ import { a as MultipartCompleteResponse, c as OkResponse, d as SignPartResponse, f as SignUploadRequest, g as StoredFileMeta, h as StorageWireErrorCode, i as MultipartCompleteRequest, l as SignDownloadResponse, m as StorageErrorBody, n as ListResponse, o as MultipartCreateRequest, p as SignUploadResponse, r as MultipartAbortRequest, s as MultipartCreateResponse, t as DeleteRequest, u as SignPartRequest } from "./protocol.types-C5PPBD12.js";
3
+ import { DynamicModule, InferTokens, InjectionToken, Token, Type } from "@velajs/vela";
4
+ import { Context } from "hono";
5
+ //#region src/storage.facade.d.ts
6
+ /**
7
+ * The consumer-facing storage handle. Wraps a {@link StorageDriver} with
8
+ * capability-gating (throws before any driver call), retry/timeout/abort,
9
+ * prefix scoping, generic `move`/`deleteMany` fallbacks, multipart
10
+ * orchestration, progress synthesis, and observability hooks.
11
+ *
12
+ * Framework-free `StorageService` builds and caches one of these per bucket.
13
+ */
14
+ declare class Storage {
15
+ #private;
16
+ constructor(opts: StorageOptions);
17
+ get raw(): unknown;
18
+ get driver(): StorageDriver;
19
+ get capabilities(): StorageCapabilities;
20
+ upload(key: string, body: Body, opts?: UploadOptions): Promise<UploadResult>;
21
+ download(key: string, opts?: DownloadOptions): Promise<StoredFile>;
22
+ head(key: string, opts?: OperationOptions): Promise<StoredFile>;
23
+ exists(key: string, opts?: OperationOptions): Promise<boolean>;
24
+ delete(key: string, opts?: OperationOptions): Promise<void>;
25
+ delete(keys: string[], opts?: DeleteManyOptions): Promise<DeleteManyResult>;
26
+ copy(from: string, to: string, opts?: OperationOptions): Promise<void>;
27
+ move(from: string, to: string, opts?: OperationOptions): Promise<void>;
28
+ list(opts?: ListOptions): Promise<ListResult>;
29
+ listAll(opts?: ListOptions): AsyncGenerator<StoredFile>;
30
+ url(key: string, opts?: UrlOptions): Promise<string>;
31
+ signedUploadUrl(key: string, opts: SignUploadOptions): Promise<SignedUpload>;
32
+ /** Prefix-bound view of the driver's presigned-multipart capability. */
33
+ get signedMultipart(): SignedMultipartCapability | undefined;
34
+ createMultipartUpload(key: string, opts?: CreateMultipartOptions): Promise<MultipartUpload>;
35
+ resumeMultipartUpload(key: string, uploadId: string): MultipartUpload;
36
+ /** A key-bound handle over the common single-object operations. */
37
+ file(key: string): FileHandle;
38
+ /** A read-only clone of this handle (mutations throw `ReadOnly`). */
39
+ readonly(): Storage;
40
+ }
41
+ interface FileHandle {
42
+ readonly key: string;
43
+ upload(body: Body, opts?: UploadOptions): Promise<UploadResult>;
44
+ download(opts?: DownloadOptions): Promise<StoredFile>;
45
+ head(opts?: OperationOptions): Promise<StoredFile>;
46
+ exists(opts?: OperationOptions): Promise<boolean>;
47
+ delete(opts?: OperationOptions): Promise<void>;
48
+ url(opts?: UrlOptions): Promise<string>;
49
+ signedUploadUrl(opts: SignUploadOptions): Promise<SignedUpload>;
50
+ }
51
+ declare function createStorage(opts: StorageOptions): Storage;
52
+ //#endregion
53
+ //#region src/http/authorizer.types.d.ts
54
+ /**
55
+ * The typed action a request wants to perform. The authorizer receives this
56
+ * and can deny, allow, or allow-with-overrides (rewriting the effective key /
57
+ * prefix / limits) — the load-bearing IDOR / cross-tenant guard.
58
+ */
59
+ type StorageAction = {
60
+ type: 'sign-upload';
61
+ key: string;
62
+ contentType?: string;
63
+ size?: number;
64
+ } | {
65
+ type: 'multipart-create';
66
+ key: string;
67
+ contentType?: string;
68
+ } | {
69
+ type: 'multipart-sign-part';
70
+ key: string;
71
+ uploadId: string;
72
+ partNumber: number;
73
+ } | {
74
+ type: 'multipart-complete';
75
+ key: string;
76
+ uploadId: string;
77
+ } | {
78
+ type: 'multipart-abort';
79
+ key: string;
80
+ uploadId: string;
81
+ } | {
82
+ type: 'download';
83
+ key: string;
84
+ } | {
85
+ type: 'head';
86
+ key: string;
87
+ } | {
88
+ type: 'list';
89
+ prefix?: string;
90
+ } | {
91
+ type: 'delete';
92
+ keys: string[];
93
+ };
94
+ interface StorageAuthContext {
95
+ /** The raw Web `Request` (edge-safe). */
96
+ req: Request;
97
+ /** The Hono context — `c.env` (bindings/secrets), `c.get('user')` from an upstream guard. */
98
+ ctx: Context;
99
+ /** The bucket name this controller is bound to. */
100
+ driver: string;
101
+ }
102
+ /** Return this to ALLOW with server-side modifications. */
103
+ interface StorageAuthResult {
104
+ key?: string;
105
+ keys?: string[];
106
+ prefix?: string;
107
+ maxSize?: number;
108
+ expiresIn?: number;
109
+ metadata?: Record<string, string>;
110
+ }
111
+ type StorageAuthorizer = (action: StorageAction, context: StorageAuthContext) => boolean | StorageAuthResult | Promise<boolean | StorageAuthResult>;
112
+ //#endregion
113
+ //#region src/storage.module.d.ts
114
+ /** Options for mounting the HTTP upload/download controller for a bucket. */
115
+ interface StorageHttpOptions {
116
+ /** Mount path (relative to vela's globalPrefix). Default `/api/storage`. */
117
+ basePath?: string;
118
+ /** Fine-grained per-action authorizer (deny / allow / allow-with-overrides). */
119
+ authorize?: StorageAuthorizer;
120
+ /** Behavior when no `authorize` is set. Default `'deny'`. */
121
+ defaultPolicy?: 'deny' | 'allow';
122
+ /** `redirect` to a signed URL (default) or `proxy` bytes through the Worker. */
123
+ download?: 'redirect' | 'proxy';
124
+ /** Set `false` to configure options without mounting the controller. Default mounts. */
125
+ mountController?: boolean;
126
+ defaultExpiresIn?: number;
127
+ maxExpiresIn?: number;
128
+ maxUploadSize?: number;
129
+ maxListLimit?: number;
130
+ deleteConcurrency?: number;
131
+ }
132
+ interface StorageModuleOptions {
133
+ driver: StorageDriver;
134
+ name?: string;
135
+ prefix?: string;
136
+ readonly?: boolean;
137
+ hooks?: StorageHooks;
138
+ http?: StorageHttpOptions;
139
+ }
140
+ interface StorageModuleAsyncOptions<Inject extends readonly Token<unknown>[] = readonly Token<unknown>[]> {
141
+ inject?: Inject;
142
+ imports?: DynamicModule['imports'];
143
+ useFactory: (...deps: InferTokens<Inject>) => StorageDriver;
144
+ name?: string;
145
+ prefix?: string;
146
+ readonly?: boolean;
147
+ hooks?: StorageHooks;
148
+ http?: StorageHttpOptions;
149
+ key?: string;
150
+ }
151
+ declare class StorageModule {
152
+ /** Synchronous registration — the driver is provided directly. */
153
+ static forRoot(options: StorageModuleOptions): DynamicModule;
154
+ /** Deferred / DI-driven registration — `useFactory` runs lazily on first use. */
155
+ static forRootAsync<const Inject extends readonly Token<unknown>[] = readonly Token<unknown>[]>(options: StorageModuleAsyncOptions<Inject>): DynamicModule;
156
+ }
157
+ //#endregion
158
+ //#region src/storage.service.d.ts
159
+ /**
160
+ * Build the real driver on first property access and delegate to it. This is
161
+ * the edge-binding-safe seam: the driver factory (which may read Cloudflare
162
+ * bindings / `c.env` secrets) does not run at module load — only on the first
163
+ * storage operation, which happens at request time.
164
+ *
165
+ * Functions are bound to the built driver so class-based drivers keep `this`.
166
+ */
167
+ declare function lazyDriver(build: () => StorageDriver): StorageDriver;
168
+ interface StorageServiceOptions {
169
+ name: string;
170
+ prefix?: string;
171
+ readonly?: boolean;
172
+ hooks?: StorageHooks;
173
+ }
174
+ /**
175
+ * The injectable consumers reach for. Wraps one bucket's {@link Storage}
176
+ * facade (lazy driver construction), plus thin forwarders for the common
177
+ * single-object operations so `service.upload(...)` works without reaching
178
+ * through `.storage`.
179
+ *
180
+ * For multiple buckets, register `StorageModule.forRoot({ name })` per bucket
181
+ * and inject with `@InjectStorage(name)`.
182
+ */
183
+ declare class StorageService {
184
+ readonly storage: Storage;
185
+ readonly name: string;
186
+ constructor(build: () => StorageDriver, options: StorageServiceOptions);
187
+ upload(key: string, body: Body, opts?: UploadOptions): Promise<UploadResult>;
188
+ download(key: string, opts?: DownloadOptions): Promise<StoredFile>;
189
+ head(key: string, opts?: OperationOptions): Promise<StoredFile>;
190
+ exists(key: string, opts?: OperationOptions): Promise<boolean>;
191
+ delete(key: string, opts?: OperationOptions): Promise<void>;
192
+ deleteMany(keys: string[], opts?: DeleteManyOptions): Promise<DeleteManyResult>;
193
+ copy(from: string, to: string, opts?: OperationOptions): Promise<void>;
194
+ move(from: string, to: string, opts?: OperationOptions): Promise<void>;
195
+ list(opts?: ListOptions): Promise<ListResult>;
196
+ url(key: string, opts?: UrlOptions): Promise<string>;
197
+ signedUploadUrl(key: string, opts: SignUploadOptions): Promise<SignedUpload>;
198
+ }
199
+ //#endregion
200
+ //#region src/decorators/inject-storage.decorator.d.ts
201
+ /**
202
+ * Inject the {@link StorageService} for a named bucket.
203
+ *
204
+ * ```ts
205
+ * class UploadService {
206
+ * constructor(
207
+ * @InjectStorage() private readonly uploads: StorageService, // default bucket
208
+ * @InjectStorage('backups') private readonly backups: StorageService, // named bucket
209
+ * ) {}
210
+ * }
211
+ * ```
212
+ *
213
+ * The default bucket resolves the `StorageService` class token directly (so
214
+ * plain `@Inject(StorageService)` and `Test.overrideProvider(StorageService)`
215
+ * keep working); named buckets resolve their per-name token.
216
+ */
217
+ declare function InjectStorage(name?: string): ParameterDecorator;
218
+ //#endregion
219
+ //#region src/storage.tokens.d.ts
220
+ /** Bucket name used when a registration omits `name`. */
221
+ declare const DEFAULT_STORAGE_NAME = "default";
222
+ /** Internal token holding the lazy driver-construction thunk for `name`. */
223
+ declare function storageDriverBuilder(name: string): InjectionToken<() => StorageDriver>;
224
+ /**
225
+ * Token that resolves to the {@link StorageService} for a named bucket.
226
+ * The default bucket uses the `StorageService` class token directly (see
227
+ * `@InjectStorage()`); named buckets use this.
228
+ */
229
+ declare function storageToken(name: string): InjectionToken<StorageService>;
230
+ //#endregion
231
+ //#region src/storage.controller.d.ts
232
+ interface ResolvedHttpOptions {
233
+ driverName: string;
234
+ authorize?: StorageAuthorizer;
235
+ defaultPolicy: 'deny' | 'allow';
236
+ download: 'redirect' | 'proxy';
237
+ defaultExpiresIn: number;
238
+ maxExpiresIn: number;
239
+ maxUploadSize?: number;
240
+ maxListLimit: number;
241
+ deleteConcurrency: number;
242
+ }
243
+ /**
244
+ * Build a vela controller exposing presigned/multipart upload + download
245
+ * endpoints for one bucket. Factory-decorated (like better-auth's catch-all)
246
+ * so `basePath` bakes in at decoration time. Consumes the {@link StorageService}
247
+ * facade so gating/retry/prefix apply uniformly on the HTTP path.
248
+ */
249
+ declare function createStorageController(basePath: string, serviceToken: Token<StorageService>, http: ResolvedHttpOptions): Type;
250
+ //#endregion
251
+ //#region src/object-key.d.ts
252
+ /**
253
+ * True when `key` is a safe object key:
254
+ * - non-empty, not longer than 1024 bytes (S3's limit)
255
+ * - no leading `/`
256
+ * - no `.` / `..` path segments (traversal)
257
+ * - no control characters
258
+ * - no backslashes (Windows-style separators)
259
+ */
260
+ declare function isSafeKey(key: string): boolean;
261
+ /** Return `key` if safe, else throw `StorageError('InvalidKey')`. */
262
+ declare function sanitizeKey(key: string): string;
263
+ /** Normalize a prefix: drop leading/trailing slashes, collapse to '' when empty. */
264
+ declare function normalizePrefix(prefix: string | undefined): string;
265
+ /** Join a normalized prefix and a key with a single '/'. */
266
+ declare function joinKey(prefix: string, key: string): string;
267
+ /** Strip a normalized prefix from a stored key (for surfacing to callers). */
268
+ declare function stripPrefix(prefix: string, key: string): string;
269
+ //#endregion
270
+ export { type Body, type ByteRange, type CreateMultipartOptions, DEFAULT_STORAGE_NAME, type DeleteManyError, type DeleteManyOptions, type DeleteManyResult, type DeleteRequest, type DownloadOptions, type FileHandle, InjectStorage, type ListOptions, type ListResponse, type ListResult, type MultipartAbortRequest, type MultipartCompleteRequest, type MultipartCompleteResponse, type MultipartCreateRequest, type MultipartCreateResponse, type MultipartOptions, type MultipartUpload, type OkResponse, type OperationOptions, type PartBody, type ResolvedHttpOptions, type RetryBackoffContext, type RetryOptions, type SignDownloadResponse, type SignPartRequest, type SignPartResponse, type SignUploadOptions, type SignUploadRequest, type SignUploadResponse, type SignedMultipartCapability, type SignedMultipartCreate, type SignedPart, type SignedUpload, type SignedUrlCapability, Storage, type StorageAction, type StorageAuthContext, type StorageAuthResult, type StorageAuthorizer, type StorageCapabilities, type StorageDriver, StorageError, type StorageErrorBody, type StorageErrorCode, type StorageErrorOptions, type StorageHookEvent, type StorageHooks, type StorageHttpOptions, StorageModule, type StorageModuleAsyncOptions, type StorageModuleOptions, type StorageOptions, StorageService, type StorageServiceOptions, type StorageWireErrorCode, type StoredFile, type StoredFileMeta, type UploadOptions, type UploadProgress, type UploadResult, type UploadedPart, type UrlOptions, createStorage, createStorageController, isAbort, isSafeKey, joinKey, lazyDriver, normalizePrefix, sanitizeKey, storageDriverBuilder, storageToken, stripPrefix };
271
+ //# sourceMappingURL=index.d.ts.map