@veloxts/orm 0.6.27 → 0.6.29

package/dist/tenant/errors.js

@@ -0,0 +1,221 @@
+/**
+ * Tenant-specific error classes for @veloxts/orm/tenant
+ */
+/**
+ * Base error class for tenant-related errors
+ */
+export class TenantError extends Error {
+    code;
+    tenantId;
+    schemaName;
+    constructor(message, code, options) {
+        super(message, { cause: options?.cause });
+        this.name = 'TenantError';
+        this.code = code;
+        this.tenantId = options?.tenantId;
+        this.schemaName = options?.schemaName;
+        // Maintains proper stack trace for where error was thrown (V8 engines)
+        if (Error.captureStackTrace) {
+            Error.captureStackTrace(this, TenantError);
+        }
+    }
+}
+/**
+ * Tenant not found in database
+ */
+export class TenantNotFoundError extends TenantError {
+    constructor(tenantId) {
+        super(`Tenant not found: ${tenantId}`, 'TENANT_NOT_FOUND', { tenantId });
+        this.name = 'TenantNotFoundError';
+    }
+}
+/**
+ * Tenant is suspended and cannot be accessed
+ */
+export class TenantSuspendedError extends TenantError {
+    constructor(tenantId) {
+        super(`Tenant is suspended: ${tenantId}`, 'TENANT_SUSPENDED', { tenantId });
+        this.name = 'TenantSuspendedError';
+    }
+}
+/**
+ * Tenant is pending activation
+ */
+export class TenantPendingError extends TenantError {
+    constructor(tenantId) {
+        super(`Tenant is pending activation: ${tenantId}`, 'TENANT_PENDING', { tenantId });
+        this.name = 'TenantPendingError';
+    }
+}
+/**
+ * Tenant is currently being migrated
+ */
+export class TenantMigratingError extends TenantError {
+    constructor(tenantId) {
+        super(`Tenant is currently migrating: ${tenantId}`, 'TENANT_MIGRATING', { tenantId });
+        this.name = 'TenantMigratingError';
+    }
+}
+/**
+ * Tenant ID missing from request context
+ */
+export class TenantIdMissingError extends TenantError {
+    constructor() {
+        super('Tenant ID is required but was not found in request context', 'TENANT_ID_MISSING');
+        this.name = 'TenantIdMissingError';
+    }
+}
+/**
+ * User does not have access to the requested tenant
+ *
+ * SECURITY: This error is thrown when tenant access verification fails.
+ * It prevents tenant isolation bypass attacks where a user might try
+ * to access a tenant they don't belong to by manipulating JWT claims.
+ */
+export class TenantAccessDeniedError extends TenantError {
+    userId;
+    constructor(tenantId, userId) {
+        super(`Access denied to tenant: ${tenantId}`, 'TENANT_ACCESS_DENIED', { tenantId });
+        this.name = 'TenantAccessDeniedError';
+        this.userId = userId;
+    }
+}
+/**
+ * Schema creation failed
+ */
+export class SchemaCreateError extends TenantError {
+    constructor(schemaName, cause) {
+        super(`Failed to create schema: ${schemaName}`, 'SCHEMA_CREATE_FAILED', { schemaName, cause });
+        this.name = 'SchemaCreateError';
+    }
+}
+/**
+ * Schema deletion failed
+ */
+export class SchemaDeleteError extends TenantError {
+    constructor(schemaName, cause) {
+        super(`Failed to delete schema: ${schemaName}`, 'SCHEMA_DELETE_FAILED', { schemaName, cause });
+        this.name = 'SchemaDeleteError';
+    }
+}
+/**
+ * Schema migration failed
+ */
+export class SchemaMigrateError extends TenantError {
+    constructor(schemaName, cause) {
+        super(`Failed to migrate schema: ${schemaName}`, 'SCHEMA_MIGRATE_FAILED', {
+            schemaName,
+            cause,
+        });
+        this.name = 'SchemaMigrateError';
+    }
+}
+/**
+ * Schema not found
+ */
+export class SchemaNotFoundError extends TenantError {
+    constructor(schemaName) {
+        super(`Schema not found: ${schemaName}`, 'SCHEMA_NOT_FOUND', { schemaName });
+        this.name = 'SchemaNotFoundError';
+    }
+}
+/**
+ * Schema list operation failed
+ */
+export class SchemaListError extends TenantError {
+    constructor(cause) {
+        super('Failed to list schemas', 'SCHEMA_LIST_FAILED', { cause });
+        this.name = 'SchemaListError';
+    }
+}
+/**
+ * Schema already exists
+ */
+export class SchemaAlreadyExistsError extends TenantError {
+    constructor(schemaName) {
+        super(`Schema already exists: ${schemaName}`, 'SCHEMA_ALREADY_EXISTS', { schemaName });
+        this.name = 'SchemaAlreadyExistsError';
+    }
+}
+/**
+ * Client pool has reached maximum capacity
+ */
+export class ClientPoolExhaustedError extends TenantError {
+    constructor(maxClients) {
+        super(`Client pool exhausted: maximum ${maxClients} clients reached`, 'CLIENT_POOL_EXHAUSTED');
+        this.name = 'ClientPoolExhaustedError';
+    }
+}
+/**
+ * Failed to create database client
+ */
+export class ClientCreateError extends TenantError {
+    constructor(schemaName, cause) {
+        super(`Failed to create client for schema: ${schemaName}`, 'CLIENT_CREATE_FAILED', {
+            schemaName,
+            cause,
+        });
+        this.name = 'ClientCreateError';
+    }
+}
+/**
+ * Failed to disconnect database client
+ */
+export class ClientDisconnectError extends TenantError {
+    constructor(schemaName, cause) {
+        super(`Failed to disconnect client for schema: ${schemaName}`, 'CLIENT_DISCONNECT_FAILED', {
+            schemaName,
+            cause,
+        });
+        this.name = 'ClientDisconnectError';
+    }
+}
+/**
+ * Invalid tenant slug format
+ */
+export class InvalidSlugError extends TenantError {
+    constructor(slug, reason) {
+        super(`Invalid tenant slug '${slug}': ${reason}`, 'INVALID_SLUG');
+        this.name = 'InvalidSlugError';
+    }
+}
+/**
+ * Tenant provisioning failed
+ */
+export class ProvisionError extends TenantError {
+    constructor(slug, cause) {
+        super(`Failed to provision tenant: ${slug}`, 'PROVISION_FAILED', { cause });
+        this.name = 'ProvisionError';
+    }
+}
+/**
+ * Tenant deprovisioning failed
+ */
+export class DeprovisionError extends TenantError {
+    constructor(tenantId, cause) {
+        super(`Failed to deprovision tenant: ${tenantId}`, 'DEPROVISION_FAILED', { tenantId, cause });
+        this.name = 'DeprovisionError';
+    }
+}
+/**
+ * Type guard to check if an error is a TenantError
+ */
+export function isTenantError(error) {
+    return error instanceof TenantError;
+}
+/**
+ * Get error based on tenant status
+ */
+export function getTenantStatusError(tenantId, status) {
+    switch (status) {
+        case 'suspended':
+            return new TenantSuspendedError(tenantId);
+        case 'pending':
+            return new TenantPendingError(tenantId);
+        case 'migrating':
+            return new TenantMigratingError(tenantId);
+        default:
+            return null;
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/tenant/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/tenant/errors.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;GAEG;AACH,MAAM,OAAO,WAAY,SAAQ,KAAK;IACpB,IAAI,CAAkB;IACtB,QAAQ,CAAU;IAClB,UAAU,CAAU;IAEpC,YACE,OAAe,EACf,IAAqB,EACrB,OAIC;QAED,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,CAAC;QAClC,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,UAAU,CAAC;QAEtC,uEAAuE;QACvE,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;YAC5B,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;CACF;AAyBD;;GAEG;AACH,MAAM,OAAO,mBAAoB,SAAQ,WAAW;IAClD,YAAY,QAAgB;QAC1B,KAAK,CAAC,qBAAqB,QAAQ,EAAE,EAAE,kBAAkB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACzE,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,oBAAqB,SAAQ,WAAW;IACnD,YAAY,QAAgB;QAC1B,KAAK,CAAC,wBAAwB,QAAQ,EAAE,EAAE,kBAAkB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC5E,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;IACrC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,WAAW;IACjD,YAAY,QAAgB;QAC1B,KAAK,CAAC,iCAAiC,QAAQ,EAAE,EAAE,gBAAgB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACnF,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,oBAAqB,SAAQ,WAAW;IACnD,YAAY,QAAgB;QAC1B,KAAK,CAAC,kCAAkC,QAAQ,EAAE,EAAE,kBAAkB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACtF,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;IACrC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,oBAAqB,SAAQ,WAAW;IACnD;QACE,KAAK,CAAC,4DAA4D,EAAE,mBAAmB,CAAC,CAAC;QACzF,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;IACrC,CAAC;CACF;AAED;;;;;;GAMG;AACH,MAAM,OAAO,uBAAwB,SAAQ,WAAW;IACtC,MAAM,CAAU;IAEhC,YAAY,QAAgB,EAAE,MAAe;QAC3C,KAAK,CAAC,4BAA4B,QAAQ,EAAE,EAAE,sBAAsB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpF,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;QACtC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,iBAAkB,SAAQ,WAAW;IAChD,YAAY,UAAkB,EAAE,KAAa;QAC3C,KAAK,CAAC,4BAA4B,UAAU,EAAE,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/F,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;IAClC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,iBAAkB,SAAQ,WAAW;IAChD,YAAY,UAAkB,EAAE,KAAa;QAC3C,KAAK,CAAC,4BAA4B,UAAU,EAAE,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/F,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;IAClC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,WAAW;IACjD,YAAY,UAAkB,EAAE,KAAa;QAC3C,KAAK,CAAC,6BAA6B,UAAU,EAAE,EAAE,uBAAuB,EAAE;YACxE,UAAU;YACV,KAAK;SACN,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,mBAAoB,SAAQ,WAAW;IAClD,YAAY,UAAkB;QAC5B,KAAK,CAAC,qBAAqB,UAAU,EAAE,EAAE,kBAAkB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;QAC7E,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,eAAgB,SAAQ,WAAW;IAC9C,YAAY,KAAa;QACvB,KAAK,CAAC,wBAAwB,EAAE,oBAAoB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,wBAAyB,SAAQ,WAAW;IACvD,YAAY,UAAkB;QAC5B,KAAK,CAAC,0BAA0B,UAAU,EAAE,EAAE,uBAAuB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;QACvF,IAAI,CAAC,IAAI,GAAG,0BAA0B,CAAC;IACzC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,wBAAyB,SAAQ,WAAW;IACvD,YAAY,UAAkB;QAC5B,KAAK,CAAC,kCAAkC,UAAU,kBAAkB,EAAE,uBAAuB,CAAC,CAAC;QAC/F,IAAI,CAAC,IAAI,GAAG,0BAA0B,CAAC;IACzC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,iBAAkB,SAAQ,WAAW;IAChD,YAAY,UAAkB,EAAE,KAAa;QAC3C,KAAK,CAAC,uCAAuC,UAAU,EAAE,EAAE,sBAAsB,EAAE;YACjF,UAAU;YACV,KAAK;SACN,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;IAClC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,qBAAsB,SAAQ,WAAW;IACpD,YAAY,UAAkB,EAAE,KAAa;QAC3C,KAAK,CAAC,2CAA2C,UAAU,EAAE,EAAE,0BAA0B,EAAE;YACzF,UAAU;YACV,KAAK;SACN,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,WAAW;IAC/C,YAAY,IAAY,EAAE,MAAc;QACtC,KAAK,CAAC,wBAAwB,IAAI,MAAM,MAAM,EAAE,EAAE,cAAc,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,cAAe,SAAQ,WAAW;IAC7C,YAAY,IAAY,EAAE,KAAa;QACrC,KAAK,CAAC,+BAA+B,IAAI,EAAE,EAAE,kBAAkB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5E,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,WAAW;IAC/C,YAAY,QAAgB,EAAE,KAAa;QACzC,KAAK,CAAC,iCAAiC,QAAQ,EAAE,EAAE,oBAAoB,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;QAC9F,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAc;IAC1C,OAAO,KAAK,YAAY,WAAW,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAgB,EAAE,MAAc;IACnE,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,WAAW;YACd,OAAO,IAAI,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAC5C,KAAK,SAAS;YACZ,OAAO,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QAC1C,KAAK,WAAW;YACd,OAAO,IAAI,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAC5C;YACE,OAAO,IAAI,CAAC;IAChB,CAAC;AACH,CAAC"}

package/dist/tenant/index.d.ts

@@ -0,0 +1,59 @@
+/**
+ * @veloxts/orm/tenant - Multi-tenancy support for VeloxTS
+ *
+ * Schema-per-tenant isolation with PostgreSQL schemas.
+ *
+ * @example
+ * ```typescript
+ * import {
+ *   createTenantClientPool,
+ *   createTenantSchemaManager,
+ *   createTenantProvisioner,
+ *   createTenant,
+ * } from '@veloxts/orm/tenant';
+ *
+ * // 1. Create schema manager
+ * const schemaManager = createTenantSchemaManager({
+ *   databaseUrl: process.env.DATABASE_URL!,
+ * });
+ *
+ * // 2. Create client pool
+ * const clientPool = createTenantClientPool({
+ *   baseDatabaseUrl: process.env.DATABASE_URL!,
+ *   createClient: (schemaName) => {
+ *     const url = `${process.env.DATABASE_URL}?schema=${schemaName}`;
+ *     const adapter = new PrismaPg({ connectionString: url });
+ *     return new PrismaClient({ adapter });
+ *   },
+ * });
+ *
+ * // 3. Create provisioner
+ * const provisioner = createTenantProvisioner({
+ *   schemaManager,
+ *   publicClient: publicDb,
+ *   clientPool,
+ * });
+ *
+ * // 4. Create tenant middleware
+ * const tenant = createTenant({
+ *   loadTenant: (id) => publicDb.tenant.findUnique({ where: { id } }),
+ *   clientPool,
+ *   publicClient: publicDb,
+ * });
+ *
+ * // 5. Use in procedures
+ * const getUsers = procedure()
+ *   .use(auth.requireAuth())
+ *   .use(tenant.middleware())
+ *   .query(({ ctx }) => ctx.db.user.findMany());
+ * ```
+ *
+ * @module @veloxts/orm/tenant
+ */
+export type { CachedClient, SchemaCreateResult, SchemaMigrateResult, Tenant, TenantClientPool, TenantClientPoolConfig, TenantContext, TenantContextInput, TenantDatabaseClient, TenantMiddlewareConfig, TenantPoolStats, TenantProvisioner, TenantProvisionerConfig, TenantProvisionInput, TenantProvisionResult, TenantSchemaManager, TenantSchemaManagerConfig, TenantStatus, } from './types.js';
+export { ClientCreateError, ClientDisconnectError, ClientPoolExhaustedError, DeprovisionError, getTenantStatusError, InvalidSlugError, isTenantError, ProvisionError, SchemaAlreadyExistsError, SchemaCreateError, SchemaDeleteError, SchemaListError, SchemaMigrateError, SchemaNotFoundError, TenantAccessDeniedError, TenantError, type TenantErrorCode, TenantIdMissingError, TenantMigratingError, TenantNotFoundError, TenantPendingError, TenantSuspendedError, } from './errors.js';
+export { createTenantClientPool } from './client-pool.js';
+export { createTenant, createTenantMiddleware, getTenantOrThrow, hasTenant, type MiddlewareFunction, type TenantNamespace, } from './middleware.js';
+export { createTenantSchemaManager, slugToSchemaName, } from './schema/manager.js';
+export { createTenantProvisioner } from './schema/provisioner.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/tenant/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/tenant/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmDG;AAMH,YAAY,EACV,YAAY,EACZ,kBAAkB,EAClB,mBAAmB,EAEnB,MAAM,EACN,gBAAgB,EAEhB,sBAAsB,EACtB,aAAa,EACb,kBAAkB,EAElB,oBAAoB,EAEpB,sBAAsB,EACtB,eAAe,EACf,iBAAiB,EAEjB,uBAAuB,EACvB,oBAAoB,EACpB,qBAAqB,EACrB,mBAAmB,EAEnB,yBAAyB,EACzB,YAAY,GACb,MAAM,YAAY,CAAC;AAMpB,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EAErB,wBAAwB,EACxB,gBAAgB,EAChB,oBAAoB,EAEpB,gBAAgB,EAEhB,aAAa,EAEb,cAAc,EACd,wBAAwB,EAExB,iBAAiB,EACjB,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,mBAAmB,EAEnB,uBAAuB,EAEvB,WAAW,EACX,KAAK,eAAe,EACpB,oBAAoB,EACpB,oBAAoB,EAEpB,mBAAmB,EACnB,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,aAAa,CAAC;AAMrB,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAM1D,OAAO,EACL,YAAY,EACZ,sBAAsB,EACtB,gBAAgB,EAChB,SAAS,EACT,KAAK,kBAAkB,EACvB,KAAK,eAAe,GACrB,MAAM,iBAAiB,CAAC;AAMzB,OAAO,EACL,yBAAyB,EACzB,gBAAgB,GACjB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC"}

package/dist/tenant/index.js

@@ -0,0 +1,86 @@
+/**
+ * @veloxts/orm/tenant - Multi-tenancy support for VeloxTS
+ *
+ * Schema-per-tenant isolation with PostgreSQL schemas.
+ *
+ * @example
+ * ```typescript
+ * import {
+ *   createTenantClientPool,
+ *   createTenantSchemaManager,
+ *   createTenantProvisioner,
+ *   createTenant,
+ * } from '@veloxts/orm/tenant';
+ *
+ * // 1. Create schema manager
+ * const schemaManager = createTenantSchemaManager({
+ *   databaseUrl: process.env.DATABASE_URL!,
+ * });
+ *
+ * // 2. Create client pool
+ * const clientPool = createTenantClientPool({
+ *   baseDatabaseUrl: process.env.DATABASE_URL!,
+ *   createClient: (schemaName) => {
+ *     const url = `${process.env.DATABASE_URL}?schema=${schemaName}`;
+ *     const adapter = new PrismaPg({ connectionString: url });
+ *     return new PrismaClient({ adapter });
+ *   },
+ * });
+ *
+ * // 3. Create provisioner
+ * const provisioner = createTenantProvisioner({
+ *   schemaManager,
+ *   publicClient: publicDb,
+ *   clientPool,
+ * });
+ *
+ * // 4. Create tenant middleware
+ * const tenant = createTenant({
+ *   loadTenant: (id) => publicDb.tenant.findUnique({ where: { id } }),
+ *   clientPool,
+ *   publicClient: publicDb,
+ * });
+ *
+ * // 5. Use in procedures
+ * const getUsers = procedure()
+ *   .use(auth.requireAuth())
+ *   .use(tenant.middleware())
+ *   .query(({ ctx }) => ctx.db.user.findMany());
+ * ```
+ *
+ * @module @veloxts/orm/tenant
+ */
+// ============================================================================
+// Errors
+// ============================================================================
+export { ClientCreateError, ClientDisconnectError, 
+// Client pool errors
+ClientPoolExhaustedError, DeprovisionError, getTenantStatusError, 
+// Validation errors
+InvalidSlugError, 
+// Utilities
+isTenantError, 
+// Provisioning errors
+ProvisionError, SchemaAlreadyExistsError, 
+// Schema errors
+SchemaCreateError, SchemaDeleteError, SchemaListError, SchemaMigrateError, SchemaNotFoundError, 
+// Authorization error
+TenantAccessDeniedError, 
+// Base error
+TenantError, TenantIdMissingError, TenantMigratingError, 
+// Tenant errors
+TenantNotFoundError, TenantPendingError, TenantSuspendedError, } from './errors.js';
+// ============================================================================
+// Client Pool
+// ============================================================================
+export { createTenantClientPool } from './client-pool.js';
+// ============================================================================
+// Middleware
+// ============================================================================
+export { createTenant, createTenantMiddleware, getTenantOrThrow, hasTenant, } from './middleware.js';
+// ============================================================================
+// Schema Management
+// ============================================================================
+export { createTenantSchemaManager, slugToSchemaName, } from './schema/manager.js';
+export { createTenantProvisioner } from './schema/provisioner.js';
+//# sourceMappingURL=index.js.map

package/dist/tenant/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/tenant/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmDG;AAiCH,+EAA+E;AAC/E,SAAS;AACT,+EAA+E;AAE/E,OAAO,EACL,iBAAiB,EACjB,qBAAqB;AACrB,qBAAqB;AACrB,wBAAwB,EACxB,gBAAgB,EAChB,oBAAoB;AACpB,oBAAoB;AACpB,gBAAgB;AAChB,YAAY;AACZ,aAAa;AACb,sBAAsB;AACtB,cAAc,EACd,wBAAwB;AACxB,gBAAgB;AAChB,iBAAiB,EACjB,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,mBAAmB;AACnB,sBAAsB;AACtB,uBAAuB;AACvB,aAAa;AACb,WAAW,EAEX,oBAAoB,EACpB,oBAAoB;AACpB,gBAAgB;AAChB,mBAAmB,EACnB,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,aAAa,CAAC;AAErB,+EAA+E;AAC/E,cAAc;AACd,+EAA+E;AAE/E,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAE1D,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E,OAAO,EACL,YAAY,EACZ,sBAAsB,EACtB,gBAAgB,EAChB,SAAS,GAGV,MAAM,iBAAiB,CAAC;AAEzB,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E,OAAO,EACL,yBAAyB,EACzB,gBAAgB,GACjB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC"}

package/dist/tenant/middleware.d.ts

@@ -0,0 +1,82 @@
+/**
+ * Tenant middleware for procedure handlers
+ *
+ * Resolves tenant from JWT claims and provides tenant-scoped database access.
+ */
+import type { DatabaseClient } from '../types.js';
+import type { Tenant, TenantClientPool, TenantContext, TenantContextInput, TenantMiddlewareConfig } from './types.js';
+/**
+ * Middleware function type compatible with tRPC/procedure middleware
+ */
+export type MiddlewareFunction<TInput, TOutput> = (opts: {
+    ctx: TInput;
+    next: (opts: {
+        ctx: TOutput;
+    }) => Promise<unknown>;
+}) => Promise<unknown>;
+/**
+ * Create tenant middleware for procedures
+ *
+ * This middleware:
+ * 1. Extracts tenantId from JWT claims (ctx.auth.token.tenantId)
+ * 2. Loads tenant from public schema
+ * 3. Validates tenant status (must be 'active')
+ * 4. Gets a tenant-scoped database client from the pool
+ * 5. Extends context with tenant info and scoped db client
+ *
+ * @example
+ * ```typescript
+ * const tenantMw = createTenantMiddleware({
+ *   loadTenant: async (tenantId) => publicDb.tenant.findUnique({ where: { id: tenantId } }),
+ *   clientPool,
+ *   publicClient: publicDb,
+ * });
+ *
+ * // Use in procedures
+ * const getUsers = procedure()
+ *   .use(auth.requireAuth())
+ *   .use(tenantMw)
+ *   .query(({ ctx }) => ctx.db.user.findMany());
+ * ```
+ */
+export declare function createTenantMiddleware<TClient extends DatabaseClient>(config: TenantMiddlewareConfig<TClient>): MiddlewareFunction<TenantContextInput, TenantContextInput & TenantContext<TClient>>;
+/**
+ * Create a tenant namespace object with middleware and helpers
+ *
+ * Provides a cleaner API similar to auth package pattern.
+ *
+ * @example
+ * ```typescript
+ * const tenant = createTenant({
+ *   loadTenant: async (id) => publicDb.tenant.findUnique({ where: { id } }),
+ *   clientPool,
+ *   publicClient: publicDb,
+ * });
+ *
+ * // Use the middleware
+ * const procedure = baseProcedure
+ *   .use(auth.requireAuth())
+ *   .use(tenant.middleware());
+ * ```
+ */
+export declare function createTenant<TClient extends DatabaseClient>(config: TenantMiddlewareConfig<TClient>): TenantNamespace<TClient>;
+/**
+ * Tenant namespace interface
+ */
+export interface TenantNamespace<TClient extends DatabaseClient> {
+    middleware: () => MiddlewareFunction<TenantContextInput, TenantContextInput & TenantContext<TClient>>;
+    optionalMiddleware: () => MiddlewareFunction<TenantContextInput, TenantContextInput & Partial<TenantContext<TClient>>>;
+    getClientPool: () => TenantClientPool<TClient>;
+    getPublicClient: () => TClient | undefined;
+    loadTenant: (tenantId: string) => Promise<Tenant | null>;
+    getClient: (schemaName: string) => Promise<TClient>;
+}
+/**
+ * Type guard to check if context has tenant
+ */
+export declare function hasTenant<TClient extends DatabaseClient>(ctx: TenantContextInput): ctx is TenantContextInput & TenantContext<TClient>;
+/**
+ * Get tenant from context or throw
+ */
+export declare function getTenantOrThrow<TClient extends DatabaseClient>(ctx: TenantContextInput): TenantContext<TClient>;
+//# sourceMappingURL=middleware.d.ts.map

package/dist/tenant/middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/tenant/middleware.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAOlD,OAAO,KAAK,EACV,MAAM,EACN,gBAAgB,EAChB,aAAa,EACb,kBAAkB,EAClB,sBAAsB,EACvB,MAAM,YAAY,CAAC;AAEpB;;GAEG;AACH,MAAM,MAAM,kBAAkB,CAAC,MAAM,EAAE,OAAO,IAAI,CAAC,IAAI,EAAE;IACvD,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,OAAO,CAAA;KAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CACpD,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEvB;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,SAAS,cAAc,EACnE,MAAM,EAAE,sBAAsB,CAAC,OAAO,CAAC,GACtC,kBAAkB,CAAC,kBAAkB,EAAE,kBAAkB,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,CAkErF;AASD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,YAAY,CAAC,OAAO,SAAS,cAAc,EACzD,MAAM,EAAE,sBAAsB,CAAC,OAAO,CAAC,GACtC,eAAe,CAAC,OAAO,CAAC,CAuC1B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe,CAAC,OAAO,SAAS,cAAc;IAC7D,UAAU,EAAE,MAAM,kBAAkB,CAClC,kBAAkB,EAClB,kBAAkB,GAAG,aAAa,CAAC,OAAO,CAAC,CAC5C,CAAC;IACF,kBAAkB,EAAE,MAAM,kBAAkB,CAC1C,kBAAkB,EAClB,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CACrD,CAAC;IACF,aAAa,EAAE,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC/C,eAAe,EAAE,MAAM,OAAO,GAAG,SAAS,CAAC;IAC3C,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzD,SAAS,EAAE,CAAC,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CACrD;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,OAAO,SAAS,cAAc,EACtD,GAAG,EAAE,kBAAkB,GACtB,GAAG,IAAI,kBAAkB,GAAG,aAAa,CAAC,OAAO,CAAC,CAUpD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,SAAS,cAAc,EAC7D,GAAG,EAAE,kBAAkB,GACtB,aAAa,CAAC,OAAO,CAAC,CAKxB"}

package/dist/tenant/middleware.js

@@ -0,0 +1,163 @@
+/**
+ * Tenant middleware for procedure handlers
+ *
+ * Resolves tenant from JWT claims and provides tenant-scoped database access.
+ */
+import { getTenantStatusError, TenantAccessDeniedError, TenantIdMissingError, TenantNotFoundError, } from './errors.js';
+/**
+ * Create tenant middleware for procedures
+ *
+ * This middleware:
+ * 1. Extracts tenantId from JWT claims (ctx.auth.token.tenantId)
+ * 2. Loads tenant from public schema
+ * 3. Validates tenant status (must be 'active')
+ * 4. Gets a tenant-scoped database client from the pool
+ * 5. Extends context with tenant info and scoped db client
+ *
+ * @example
+ * ```typescript
+ * const tenantMw = createTenantMiddleware({
+ *   loadTenant: async (tenantId) => publicDb.tenant.findUnique({ where: { id: tenantId } }),
+ *   clientPool,
+ *   publicClient: publicDb,
+ * });
+ *
+ * // Use in procedures
+ * const getUsers = procedure()
+ *   .use(auth.requireAuth())
+ *   .use(tenantMw)
+ *   .query(({ ctx }) => ctx.db.user.findMany());
+ * ```
+ */
+export function createTenantMiddleware(config) {
+    const { loadTenant, clientPool, publicClient, getTenantId = defaultGetTenantId, allowNoTenant = false, verifyTenantAccess, } = config;
+    return async ({ ctx, next }) => {
+        // Extract tenant ID from context
+        const tenantId = getTenantId(ctx);
+        if (!tenantId) {
+            if (allowNoTenant) {
+                // Continue without tenant context
+                return next({
+                    ctx: ctx,
+                });
+            }
+            throw new TenantIdMissingError();
+        }
+        // Load tenant from database
+        const tenant = await loadTenant(tenantId);
+        if (!tenant) {
+            throw new TenantNotFoundError(tenantId);
+        }
+        // Validate tenant status
+        const statusError = getTenantStatusError(tenantId, tenant.status);
+        if (statusError) {
+            throw statusError;
+        }
+        // SECURITY: Verify user has access to this tenant
+        // This prevents tenant isolation bypass where a user could
+        // manipulate JWT claims to access another tenant's data
+        if (verifyTenantAccess) {
+            const hasAccess = await verifyTenantAccess(ctx, tenant);
+            if (!hasAccess) {
+                throw new TenantAccessDeniedError(tenantId, ctx.user?.id);
+            }
+        }
+        // Get tenant-scoped database client
+        const db = await clientPool.getClient(tenant.schemaName);
+        // Build extended context
+        const extendedCtx = {
+            ...ctx,
+            tenant,
+            db,
+            ...(publicClient ? { publicDb: publicClient } : {}),
+        };
+        try {
+            // Continue to next middleware/handler
+            return await next({ ctx: extendedCtx });
+        }
+        finally {
+            // Release client back to pool
+            clientPool.releaseClient(tenant.schemaName);
+        }
+    };
+}
+/**
+ * Default tenant ID extractor from JWT claims
+ */
+function defaultGetTenantId(ctx) {
+    return ctx.auth?.token?.tenantId;
+}
+/**
+ * Create a tenant namespace object with middleware and helpers
+ *
+ * Provides a cleaner API similar to auth package pattern.
+ *
+ * @example
+ * ```typescript
+ * const tenant = createTenant({
+ *   loadTenant: async (id) => publicDb.tenant.findUnique({ where: { id } }),
+ *   clientPool,
+ *   publicClient: publicDb,
+ * });
+ *
+ * // Use the middleware
+ * const procedure = baseProcedure
+ *   .use(auth.requireAuth())
+ *   .use(tenant.middleware());
+ * ```
+ */
+export function createTenant(config) {
+    const middleware = createTenantMiddleware(config);
+    const { clientPool, publicClient, loadTenant } = config;
+    return {
+        /**
+         * Middleware that requires tenant context
+         */
+        middleware: () => middleware,
+        /**
+         * Middleware that makes tenant context optional
+         */
+        optionalMiddleware: () => createTenantMiddleware({
+            ...config,
+            allowNoTenant: true,
+        }),
+        /**
+         * Get the client pool for direct access
+         */
+        getClientPool: () => clientPool,
+        /**
+         * Get the public client
+         */
+        getPublicClient: () => publicClient,
+        /**
+         * Load a tenant by ID
+         */
+        loadTenant,
+        /**
+         * Get a tenant-scoped client directly
+         */
+        getClient: (schemaName) => clientPool.getClient(schemaName),
+    };
+}
+/**
+ * Type guard to check if context has tenant
+ */
+export function hasTenant(ctx) {
+    return (ctx !== null &&
+        typeof ctx === 'object' &&
+        'tenant' in ctx &&
+        ctx.tenant !== null &&
+        typeof ctx.tenant === 'object' &&
+        'db' in ctx &&
+        ctx.db !== null);
+}
+/**
+ * Get tenant from context or throw
+ */
+export function getTenantOrThrow(ctx) {
+    if (!hasTenant(ctx)) {
+        throw new TenantIdMissingError();
+    }
+    return ctx;
+}
+//# sourceMappingURL=middleware.js.map

package/dist/tenant/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/tenant/middleware.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,oBAAoB,EACpB,uBAAuB,EACvB,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,aAAa,CAAC;AAiBrB;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAuC;IAEvC,MAAM,EACJ,UAAU,EACV,UAAU,EACV,YAAY,EACZ,WAAW,GAAG,kBAAkB,EAChC,aAAa,GAAG,KAAK,EACrB,kBAAkB,GACnB,GAAG,MAAM,CAAC;IAEX,OAAO,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;QAC7B,iCAAiC;QACjC,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAElC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,IAAI,aAAa,EAAE,CAAC;gBAClB,kCAAkC;gBAClC,OAAO,IAAI,CAAC;oBACV,GAAG,EAAE,GAAkD;iBACxD,CAAC,CAAC;YACL,CAAC;YACD,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACnC,CAAC;QAED,4BAA4B;QAC5B,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAE1C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;QAED,yBAAyB;QACzB,MAAM,WAAW,GAAG,oBAAoB,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAClE,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,WAAW,CAAC;QACpB,CAAC;QAED,kDAAkD;QAClD,2DAA2D;QAC3D,wDAAwD;QACxD,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,SAAS,GAAG,MAAM,kBAAkB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,IAAI,uBAAuB,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QAED,oCAAoC;QACpC,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAEzD,yBAAyB;QACzB,MAAM,WAAW,GAAgD;YAC/D,GAAG,GAAG;YACN,MAAM;YACN,EAAE;YACF,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACpD,CAAC;QAEF,IAAI,CAAC;YACH,sCAAsC;YACtC,OAAO,MAAM,IAAI,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC,CAAC;QAC1C,CAAC;gBAAS,CAAC;YACT,8BAA8B;YAC9B,UAAU,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,GAAuB;IACjD,OAAO,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,QAAQ,CAAC;AACnC,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,YAAY,CAC1B,MAAuC;IAEvC,MAAM,UAAU,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAClD,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC;IAExD,OAAO;QACL;;WAEG;QACH,UAAU,EAAE,GAAG,EAAE,CAAC,UAAU;QAE5B;;WAEG;QACH,kBAAkB,EAAE,GAAG,EAAE,CACvB,sBAAsB,CAAC;YACrB,GAAG,MAAM;YACT,aAAa,EAAE,IAAI;SACpB,CAAC;QAEJ;;WAEG;QACH,aAAa,EAAE,GAAG,EAAE,CAAC,UAAU;QAE/B;;WAEG;QACH,eAAe,EAAE,GAAG,EAAE,CAAC,YAAY;QAEnC;;WAEG;QACH,UAAU;QAEV;;WAEG;QACH,SAAS,EAAE,CAAC,UAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,UAAU,CAAC;KACpE,CAAC;AACJ,CAAC;AAoBD;;GAEG;AACH,MAAM,UAAU,SAAS,CACvB,GAAuB;IAEvB,OAAO,CACL,GAAG,KAAK,IAAI;QACZ,OAAO,GAAG,KAAK,QAAQ;QACvB,QAAQ,IAAI,GAAG;QACf,GAAG,CAAC,MAAM,KAAK,IAAI;QACnB,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ;QAC9B,IAAI,IAAI,GAAG;QACX,GAAG,CAAC,EAAE,KAAK,IAAI,CAChB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,GAAuB;IAEvB,IAAI,CAAC,SAAS,CAAU,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,oBAAoB,EAAE,CAAC;IACnC,CAAC;IACD,OAAO,GAA6B,CAAC;AACvC,CAAC"}

package/dist/tenant/schema/manager.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Tenant schema manager for PostgreSQL schema lifecycle operations
+ *
+ * Handles:
+ * - Creating tenant schemas
+ * - Running Prisma migrations per schema
+ * - Listing and deleting schemas
+ *
+ * SECURITY:
+ * - All SQL queries use parameterized queries via pg library
+ * - Prisma migrations use execFile (no shell) with validated paths
+ * - Input validation prevents injection attacks
+ */
+import type { TenantSchemaManager as ITenantSchemaManager, TenantSchemaManagerConfig } from '../types.js';
+/**
+ * Create a tenant schema manager
+ *
+ * @example
+ * ```typescript
+ * const schemaManager = createTenantSchemaManager({
+ *   databaseUrl: process.env.DATABASE_URL!,
+ *   schemaPrefix: 'tenant_',
+ * });
+ *
+ * // Create a new schema
+ * const result = await schemaManager.createSchema('acme-corp');
+ * // result.schemaName === 'tenant_acme_corp'
+ *
+ * // Run migrations
+ * await schemaManager.migrateSchema('tenant_acme_corp');
+ * ```
+ */
+export declare function createTenantSchemaManager(config: TenantSchemaManagerConfig): ITenantSchemaManager;
+/**
+ * Utility to convert a slug to a schema name without creating a manager
+ */
+export declare function slugToSchemaName(slug: string, prefix?: string): string;
+//# sourceMappingURL=manager.d.ts.map