@willyim/drizzle-audit 0.3.0 → 0.5.0

package/dist/test/{d1-runtime.integration.test.js → sqlite.integration.test.js}

@@ -3,7 +3,7 @@ import test from "node:test";
 import Database from "better-sqlite3";
 import { asc, eq, isNull } from "drizzle-orm";
 import { drizzle } from "drizzle-orm/better-sqlite3";
-import { sqliteTable, text, integer } from "drizzle-orm/sqlite-core";
+import { integer, sqliteTable, text } from "drizzle-orm/sqlite-core";
 import { d1AuditLogTable } from "../src/d1/index.js";
 import { withAudit } from "../src/d1-runtime/index.js";
 const users = sqliteTable("users", {
@@ -44,11 +44,11 @@ function setupDb() {
   `);
     return { db, sqlite };
 }
-test("withAudit insert logs audit row with new_data", () => {
+test("withAudit insert logs audit row with new_data", async () => {
     const { db, sqlite } = setupDb();
     try {
         const audited = withAudit(db, auditLogs, { userId: "user_1" });
-        const row = audited.insert(users, { id: "u1", name: "Ada", email: "ada@example.com" });
+        const row = await audited.insert(users, { id: "u1", name: "Ada", email: "ada@example.com" });
         assert.equal(row.id, "u1");
         assert.equal(row.name, "Ada");
         const logs = db.select().from(auditLogs).all();
@@ -68,13 +68,12 @@ test("withAudit insert logs audit row with new_data", () => {
         sqlite.close();
     }
 });
-test("withAudit update captures old and new data", () => {
+test("withAudit update captures old and new data", async () => {
     const { db, sqlite } = setupDb();
     try {
-        // Seed a row
         db.insert(users).values({ id: "u1", name: "Ada", email: "ada@example.com" }).run();
         const audited = withAudit(db, auditLogs, { userId: "user_2" });
-        const rows = audited.update(users, eq(users.id, "u1"), { name: "Ada Lovelace" });
+        const rows = await audited.update(users, eq(users.id, "u1"), { name: "Ada Lovelace" });
         assert.equal(rows.length, 1);
         assert.equal(rows[0]?.name, "Ada Lovelace");
         const logs = db.select().from(auditLogs).all();
@@ -93,18 +92,16 @@ test("withAudit update captures old and new data", () => {
         sqlite.close();
     }
 });
-test("withAudit delete captures old data", () => {
+test("withAudit delete captures old data", async () => {
     const { db, sqlite } = setupDb();
     try {
         db.insert(users).values({ id: "u1", name: "Ada" }).run();
         const audited = withAudit(db, auditLogs, { userId: "user_3" });
-        const deleted = audited.delete(users, eq(users.id, "u1"));
+        const deleted = await audited.delete(users, eq(users.id, "u1"));
         assert.equal(deleted.length, 1);
         assert.equal(deleted[0]?.id, "u1");
-        // Verify row is gone
         const remaining = db.select().from(users).all();
         assert.equal(remaining.length, 0);
-        // Verify audit log
         const logs = db.select().from(auditLogs).all();
         assert.equal(logs.length, 1);
         assert.equal(logs[0]?.operation, "DELETE");
@@ -121,13 +118,13 @@ test("withAudit delete captures old data", () => {
         sqlite.close();
     }
 });
-test("withAudit works with custom primary key column", () => {
+test("withAudit works with custom primary key column", async () => {
     const { db, sqlite } = setupDb();
     try {
         const audited = withAudit(db, auditLogs, { userId: "user_1" });
-        audited.insert(invoices, { invoice_id: "inv_1", amount: 100 });
-        audited.update(invoices, eq(invoices.invoice_id, "inv_1"), { amount: 200 });
-        audited.delete(invoices, eq(invoices.invoice_id, "inv_1"));
+        await audited.insert(invoices, { invoice_id: "inv_1", amount: 100 });
+        await audited.update(invoices, eq(invoices.invoice_id, "inv_1"), { amount: 200 });
+        await audited.delete(invoices, eq(invoices.invoice_id, "inv_1"));
         const logs = db.select().from(auditLogs).orderBy(asc(auditLogs.id)).all();
         assert.equal(logs.length, 3);
         assert.equal(logs[0]?.table_name, "invoices");
@@ -143,7 +140,7 @@ test("withAudit works with custom primary key column", () => {
         sqlite.close();
     }
 });
-test("withAudit handles multi-row update", () => {
+test("withAudit handles multi-row update", async () => {
     const { db, sqlite } = setupDb();
     try {
         db.insert(users).values([
@@ -152,25 +149,25 @@ test("withAudit handles multi-row update", () => {
             { id: "u3", name: "Carol" },
         ]).run();
         const audited = withAudit(db, auditLogs, { userId: "admin" });
-        // Update all users (no where = all rows, but let's use a broader condition)
-        const rows = audited.update(users, isNull(users.email), { email: "bulk@example.com" });
+        const rows = await audited.update(users, isNull(users.email), { email: "bulk@example.com" });
         assert.equal(rows.length, 3);
         const logs = db.select().from(auditLogs).orderBy(asc(auditLogs.id)).all();
         assert.equal(logs.length, 3);
         for (const log of logs) {
             assert.equal(log.operation, "UPDATE");
             assert.equal(log.user_id, "admin");
-            const newData = JSON.parse(log.new_data);
-            assert.equal(newData.email, "bulk@example.com");
+            assert.equal(JSON.parse(log.new_data).email, "bulk@example.com");
         }
     }
     finally {
         sqlite.close();
     }
 });
-test("withAudit with workspace_id", () => {
+test("withAudit with workspace_id", async () => {
     const sqlite = new Database(":memory:");
-    const auditLogsWithWs = d1AuditLogTable({ workspaceIdColumn: "workspace_id" });
+    const auditLogsWithWs = d1AuditLogTable({
+        contextColumns: [{ column: "workspace_id" }],
+    });
     const db = drizzle({ client: sqlite, schema: { auditLogs: auditLogsWithWs, users } });
     try {
         sqlite.exec(`
@@ -193,9 +190,9 @@ test("withAudit with workspace_id", () => {
     `);
         const audited = withAudit(db, auditLogsWithWs, {
             userId: "user_1",
-            workspaceId: "ws_1",
+            context: { workspace_id: "ws_1" },
         });
-        audited.insert(users, { id: "u1", name: "Ada" });
+        await audited.insert(users, { id: "u1", name: "Ada" });
         const logs = db.select().from(auditLogsWithWs).all();
         assert.equal(logs.length, 1);
         assert.equal(logs[0]?.user_id, "user_1");
@@ -205,11 +202,71 @@ test("withAudit with workspace_id", () => {
         sqlite.close();
     }
 });
-test("withAudit.db gives access to raw db for non-audited ops", () => {
+test("withAudit with generic context columns", async () => {
+    const sqlite = new Database(":memory:");
+    const auditLogsWithCtx = d1AuditLogTable({
+        contextColumns: [
+            { column: "workspace_id" },
+            { column: "tenant_id" },
+            { column: "request_id" },
+        ],
+    });
+    const db = drizzle({ client: sqlite, schema: { auditLogs: auditLogsWithCtx, users } });
+    try {
+        sqlite.exec(`
+      CREATE TABLE audit_logs (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        table_name TEXT NOT NULL,
+        operation TEXT NOT NULL,
+        row_id TEXT,
+        user_id TEXT,
+        workspace_id TEXT,
+        tenant_id TEXT,
+        request_id TEXT,
+        old_data TEXT,
+        new_data TEXT,
+        created_at TEXT NOT NULL DEFAULT (datetime('now'))
+      );
+      CREATE TABLE users (
+        id TEXT PRIMARY KEY,
+        name TEXT NOT NULL,
+        email TEXT
+      );
+    `);
+        const audited = withAudit(db, auditLogsWithCtx, {
+            userId: "user_1",
+            context: {
+                workspace_id: "ws_1",
+                tenant_id: "tenant_1",
+                request_id: "req_1",
+            },
+        });
+        await audited.insert(users, { id: "u1", name: "Ada" });
+        const logs = db.select().from(auditLogsWithCtx).all();
+        assert.equal(logs.length, 1);
+        const row = logs[0];
+        assert.equal(row.user_id, "user_1");
+        assert.equal(row.workspace_id, "ws_1");
+        assert.equal(row.tenant_id, "tenant_1");
+        assert.equal(row.request_id, "req_1");
+        // No context: extra columns stay NULL.
+        const auditedNoCtx = withAudit(db, auditLogsWithCtx, { userId: "user_2" });
+        await auditedNoCtx.insert(users, { id: "u2", name: "Bob" });
+        const all = db.select().from(auditLogsWithCtx).orderBy(asc(auditLogsWithCtx.id)).all();
+        const last = all[all.length - 1];
+        assert.equal(last.user_id, "user_2");
+        assert.equal(last.workspace_id, null);
+        assert.equal(last.tenant_id, null);
+        assert.equal(last.request_id, null);
+    }
+    finally {
+        sqlite.close();
+    }
+});
+test("withAudit.db gives access to raw db for non-audited ops", async () => {
     const { db, sqlite } = setupDb();
     try {
         const audited = withAudit(db, auditLogs, { userId: "user_1" });
-        // Direct insert — no audit
         audited.db.insert(users).values({ id: "u1", name: "Ada" }).run();
         const logs = db.select().from(auditLogs).all();
         assert.equal(logs.length, 0);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@willyim/drizzle-audit",
-  "version": "0.3.0",
+  "version": "0.5.0",
   "description": "Lightweight audit logging for Drizzle ORM using database triggers (Postgres + D1/SQLite)",
   "type": "module",
   "main": "./dist/src/index.js",
@@ -53,6 +53,7 @@
   "devDependencies": {
     "@types/node": "^22.19.7",
     "drizzle-orm": "^1.0.0-beta.15-859cf75",
+    "miniflare": "^4.20260410.0",
     "typescript": "^5.9.3"
   },
   "publishConfig": {

package/dist/test/d1-runtime.integration.test.d.ts

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=d1-runtime.integration.test.d.ts.map

package/dist/test/d1-runtime.integration.test.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"d1-runtime.integration.test.d.ts","sourceRoot":"","sources":["../../test/d1-runtime.integration.test.ts"],"names":[],"mappings":""}

package/dist/test/postgres.integration.test.d.ts

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=postgres.integration.test.d.ts.map

package/dist/test/postgres.integration.test.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"postgres.integration.test.d.ts","sourceRoot":"","sources":["../../test/postgres.integration.test.ts"],"names":[],"mappings":""}

package/dist/test/postgres.integration.test.js

@@ -1,286 +0,0 @@
-import assert from "node:assert/strict";
-import test from "node:test";
-import { PGlite } from "@electric-sql/pglite";
-import { asc, eq } from "drizzle-orm";
-import { drizzle } from "drizzle-orm/pglite";
-import { integer, pgTable, text } from "drizzle-orm/pg-core";
-import { createAttachAuditTriggersSql, createAuditInstallSql, pgAuditLogTable, withAuditedTransaction, } from "../src/postgres/index.js";
-const users = pgTable("users", {
-    id: text("id").primaryKey(),
-    name: text("name").notNull(),
-});
-const invoices = pgTable("invoices", {
-    invoice_id: text("invoice_id").primaryKey(),
-    amount: integer("amount").notNull(),
-});
-const auditLogs = pgAuditLogTable();
-test("postgres auditing works end to end", async () => {
-    const client = new PGlite();
-    const db = drizzle({
-        client,
-        schema: {
-            auditLogs,
-            users,
-            invoices,
-        },
-    });
-    try {
-        await client.exec(createAuditInstallSql());
-        await client.exec(`
-      CREATE TABLE users (
-        id TEXT PRIMARY KEY,
-        name TEXT NOT NULL
-      );
-
-      CREATE TABLE invoices (
-        invoice_id TEXT PRIMARY KEY,
-        amount INTEGER NOT NULL
-      );
-    `);
-        await client.exec(createAttachAuditTriggersSql([
-            { table: "users" },
-            { table: "invoices", rowIdColumn: "invoice_id" },
-        ]));
-        // Insert without audit context should succeed with user_id = NULL
-        await db.insert(users).values({ id: "user_0", name: "No Context" });
-        const existingUsers = await db.select().from(users);
-        assert.equal(existingUsers.length, 1);
-        const noContextLogs = await db.select().from(auditLogs).orderBy(asc(auditLogs.id));
-        assert.equal(noContextLogs.length, 1);
-        assert.equal(noContextLogs[0]?.user_id, null);
-        assert.equal(noContextLogs[0]?.table_name, "users");
-        assert.equal(noContextLogs[0]?.operation, "INSERT");
-        await withAuditedTransaction(db, "user_123", async (tx) => {
-            await tx.insert(users).values({ id: "user_1", name: "Ada" });
-            await tx
-                .update(users)
-                .set({ name: "Ada Lovelace" })
-                .where(eq(users.id, "user_1"));
-            await tx.insert(invoices).values({ invoice_id: "inv_1", amount: 42 });
-            await tx.delete(users).where(eq(users.id, "user_1"));
-        });
-        const logs = await db
-            .select()
-            .from(auditLogs)
-            .orderBy(asc(auditLogs.id));
-        assert.equal(logs.length, 5);
-        assert.equal(logs[1]?.table_name, "users");
-        assert.equal(logs[1]?.operation, "INSERT");
-        assert.equal(logs[1]?.row_id, "user_1");
-        assert.equal(logs[1]?.user_id, "user_123");
-        assert.deepEqual(logs[1]?.new_data, { id: "user_1", name: "Ada" });
-        assert.equal(logs[2]?.table_name, "users");
-        assert.equal(logs[2]?.operation, "UPDATE");
-        assert.equal(logs[2]?.row_id, "user_1");
-        assert.deepEqual(logs[2]?.old_data, { id: "user_1", name: "Ada" });
-        assert.deepEqual(logs[2]?.new_data, {
-            id: "user_1",
-            name: "Ada Lovelace",
-        });
-        assert.equal(logs[3]?.table_name, "invoices");
-        assert.equal(logs[3]?.operation, "INSERT");
-        assert.equal(logs[3]?.row_id, "inv_1");
-        assert.deepEqual(logs[3]?.new_data, {
-            invoice_id: "inv_1",
-            amount: 42,
-        });
-        assert.equal(logs[4]?.table_name, "users");
-        assert.equal(logs[4]?.operation, "DELETE");
-        assert.equal(logs[4]?.row_id, "user_1");
-        assert.deepEqual(logs[4]?.old_data, {
-            id: "user_1",
-            name: "Ada Lovelace",
-        });
-    }
-    finally {
-        await client.close();
-    }
-});
-test("migration SQL bundle installs and enforces audit context", async () => {
-    const client = new PGlite();
-    const db = drizzle({
-        client,
-        schema: {
-            auditLogs,
-            users,
-            invoices,
-        },
-    });
-    try {
-        await client.exec(`
-      CREATE TABLE users (
-        id TEXT PRIMARY KEY,
-        name TEXT NOT NULL
-      );
-
-      CREATE TABLE invoices (
-        invoice_id TEXT PRIMARY KEY,
-        amount INTEGER NOT NULL
-      );
-    `);
-        const migrationBundle = [
-            createAuditInstallSql(),
-            createAttachAuditTriggersSql([
-                { table: "users" },
-                { table: "invoices", rowIdColumn: "invoice_id" },
-            ]),
-        ].join("\n\n");
-        await client.exec(migrationBundle);
-        // Insert without audit context should succeed with user_id = NULL
-        await db.insert(users).values({ id: "u_no_ctx", name: "No Context" });
-        const noCtxLogs = await db.select().from(auditLogs);
-        assert.equal(noCtxLogs.length, 1);
-        assert.equal(noCtxLogs[0]?.user_id, null);
-        assert.equal(noCtxLogs[0]?.operation, "INSERT");
-        await withAuditedTransaction(db, "system:test", async (tx) => {
-            await tx.insert(users).values({ id: "u", name: "With Context" });
-        });
-        const logs = await db.select().from(auditLogs).orderBy(asc(auditLogs.id));
-        assert.equal(logs.length, 2);
-        assert.equal(logs[1]?.table_name, "users");
-        assert.equal(logs[1]?.operation, "INSERT");
-        assert.equal(logs[1]?.user_id, "system:test");
-    }
-    finally {
-        await client.close();
-    }
-});
-test("writes without audit context produce audit rows with user_id = NULL", async () => {
-    const client = new PGlite();
-    const db = drizzle({
-        client,
-        schema: {
-            auditLogs,
-            users,
-        },
-    });
-    try {
-        await client.exec(createAuditInstallSql());
-        await client.exec(`
-      CREATE TABLE users (
-        id TEXT PRIMARY KEY,
-        name TEXT NOT NULL
-      );
-    `);
-        await client.exec(createAttachAuditTriggersSql([{ table: "users" }]));
-        // INSERT without audit context
-        await db.insert(users).values({ id: "u1", name: "Alice" });
-        // UPDATE without audit context
-        await db.update(users).set({ name: "Alice Updated" }).where(eq(users.id, "u1"));
-        // DELETE without audit context
-        await db.delete(users).where(eq(users.id, "u1"));
-        const logs = await db.select().from(auditLogs).orderBy(asc(auditLogs.id));
-        assert.equal(logs.length, 3);
-        assert.equal(logs[0]?.operation, "INSERT");
-        assert.equal(logs[0]?.user_id, null);
-        assert.equal(logs[0]?.row_id, "u1");
-        assert.deepEqual(logs[0]?.new_data, { id: "u1", name: "Alice" });
-        assert.equal(logs[1]?.operation, "UPDATE");
-        assert.equal(logs[1]?.user_id, null);
-        assert.deepEqual(logs[1]?.old_data, { id: "u1", name: "Alice" });
-        assert.deepEqual(logs[1]?.new_data, { id: "u1", name: "Alice Updated" });
-        assert.equal(logs[2]?.operation, "DELETE");
-        assert.equal(logs[2]?.user_id, null);
-        assert.deepEqual(logs[2]?.old_data, { id: "u1", name: "Alice Updated" });
-    }
-    finally {
-        await client.close();
-    }
-});
-test("workspace_id column and context are stored when enabled", async () => {
-    const client = new PGlite();
-    const auditLogsWithWorkspace = pgAuditLogTable({ workspaceIdColumn: "workspace_id" });
-    const db = drizzle({
-        client,
-        schema: {
-            auditLogs: auditLogsWithWorkspace,
-            users,
-            invoices,
-        },
-    });
-    try {
-        await client.exec(createAuditInstallSql({ workspaceIdColumn: "workspace_id" }));
-        await client.exec(`
-      CREATE TABLE users (
-        id TEXT PRIMARY KEY,
-        name TEXT NOT NULL
-      );
-    `);
-        await client.exec(createAttachAuditTriggersSql([{ table: "users" }]));
-        await withAuditedTransaction(db, "user_1", async (tx) => {
-            await tx.insert(users).values({ id: "u1", name: "Alice" });
-        }, "app.user_id", { workspaceId: "ws_1" });
-        const logs = await db.select().from(auditLogsWithWorkspace);
-        assert.equal(logs.length, 1);
-        assert.equal(logs[0]?.user_id, "user_1");
-        assert.equal(logs[0].workspace_id, "ws_1");
-        await withAuditedTransaction(db, "user_2", async (tx) => {
-            await tx.insert(users).values({ id: "u2", name: "Bob" });
-        });
-        const logs2 = await db.select().from(auditLogsWithWorkspace).orderBy(asc(auditLogsWithWorkspace.id));
-        assert.equal(logs2.length, 2);
-        assert.equal(logs2[1]?.user_id, "user_2");
-        assert.equal(logs2[1].workspace_id, null);
-    }
-    finally {
-        await client.close();
-    }
-});
-test("custom workspace column name uses matching context key", async () => {
-    const client = new PGlite();
-    const auditLogsWithTenant = pgAuditLogTable({ workspaceIdColumn: "tenant_id" });
-    const db = drizzle({
-        client,
-        schema: {
-            auditLogs: auditLogsWithTenant,
-            users,
-        },
-    });
-    try {
-        await client.exec(createAuditInstallSql({ workspaceIdColumn: "tenant_id" }));
-        await client.exec(`
-      CREATE TABLE users (
-        id TEXT PRIMARY KEY,
-        name TEXT NOT NULL
-      );
-    `);
-        await client.exec(createAttachAuditTriggersSql([{ table: "users" }]));
-        // Use workspaceContextKey matching the trigger's "app.tenant_id"
-        await withAuditedTransaction(db, "user_1", async (tx) => {
-            await tx.insert(users).values({ id: "u1", name: "Alice" });
-        }, "app.user_id", { workspaceId: "tenant_abc", workspaceContextKey: "app.tenant_id" });
-        const logs = await db.select().from(auditLogsWithTenant);
-        assert.equal(logs.length, 1);
-        assert.equal(logs[0]?.user_id, "user_1");
-        assert.equal(logs[0].tenant_id, "tenant_abc");
-    }
-    finally {
-        await client.close();
-    }
-});
-test("custom context key for user_id works", async () => {
-    const client = new PGlite();
-    const db = drizzle({
-        client,
-        schema: { auditLogs, users },
-    });
-    try {
-        await client.exec(createAuditInstallSql({ contextKey: "myapp.actor" }));
-        await client.exec(`
-      CREATE TABLE users (
-        id TEXT PRIMARY KEY,
-        name TEXT NOT NULL
-      );
-    `);
-        await client.exec(createAttachAuditTriggersSql([{ table: "users" }], { contextKey: "myapp.actor" }));
-        await withAuditedTransaction(db, "custom_user", async (tx) => {
-            await tx.insert(users).values({ id: "u1", name: "Alice" });
-        }, "myapp.actor");
-        const logs = await db.select().from(auditLogs).orderBy(asc(auditLogs.id));
-        assert.equal(logs.length, 1);
-        assert.equal(logs[0]?.user_id, "custom_user");
-    }
-    finally {
-        await client.close();
-    }
-});