@wirechunk/cli 0.0.1-rc.1 → 0.0.1-rc.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wirechunk/cli",
-  "version": "0.0.1-rc.1",
+  "version": "0.0.1-rc.3",
   "private": false,
   "type": "module",
   "scripts": {
@@ -13,7 +13,8 @@
     "test": "echo 'no tests yet'",
     "build": "npm run build:clean && npm run build:cli",
     "build:clean": "rm -rf build",
-    "build:cli": "vite build"
+    "build:cli": "vite build",
+    "prepublishOnly": "npm run typecheck-src && npm run lint:check && npm run build"
   },
   "bin": {
     "wirechunk": "build/main.js"
@@ -31,7 +32,6 @@
     "commander": "^13.0.0",
     "slonik": "^46.3.0",
     "slonik-interceptor-query-logging": "^46.3.0",
-    "undici": "^7.2.0",
     "zod": "^3.24.1"
   },
   "publishConfig": {

package/src/commands/create-extension-version.ts

@@ -1,9 +1,9 @@
+import { requireValidExtensionDir } from '@wirechunk/backend-lib/extensions/require-extension-dir.ts';
 import { parseErrorMessage } from '@wirechunk/lib/errors.ts';
 import archiver from 'archiver';
 import { z } from 'zod';
 import type { Env } from '../env.ts';
 import { requireApiToken } from '../env.ts';
-import { fetchWithLocal } from '../fetch.ts';
 import type { WithGlobalOptions } from '../global-options.js';
 import { requireExtensionIdOptionOrEnvVar } from '../util.ts';
 
@@ -62,6 +62,35 @@ export const createExtensionVersion = async (
 ): Promise<void> => {
   const extensionId = requireExtensionIdOptionOrEnvVar(opts, env);
   const apiToken = requireApiToken(env);
+  const cwd = process.cwd();
+  const extConfig = await requireValidExtensionDir(cwd);
+  let enableServer: boolean;
+  let enableDb: boolean;
+  if (extConfig.server) {
+    enableServer = !!extConfig.server.enable;
+    if (extConfig.server.database?.enable && extConfig.server.enable === false) {
+      // Server was explicitly disabled, so don't allow database.
+      console.warn('WARNING: Automatically disabling database because server is disabled');
+      enableDb = false;
+    } else if (extConfig.server.database?.enable && !extConfig.server.enable) {
+      // Server was unspecified, so enable it because database is enabled.
+      console.warn('WARNING: Automatically enabling server because database is enabled');
+      enableServer = true;
+      enableDb = true;
+    } else {
+      enableDb = !!extConfig.server.database?.enable;
+    }
+  } else {
+    enableServer = false;
+    enableDb = false;
+  }
+
+  const { versionName } = opts;
+  console.log(`Creating extension version ${versionName} (Extension ID ${extensionId})
+  Server: ${enableServer ? 'enabled' : 'disabled'}
+  Database: ${enableDb ? 'enabled' : 'disabled'}
+  Components: ${Object.keys(extConfig.components ?? {}).length}`);
+
   let extensionVersionId: string;
   let signedUrl: string;
   try {
@@ -69,7 +98,7 @@ export const createExtensionVersion = async (
     if (opts.verbose) {
       console.log(`POST ${url}`);
     }
-    const createResult = await fetchWithLocal(url, {
+    const createResult = await fetch(url, {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
@@ -95,7 +124,10 @@ export const createExtensionVersion = async (
         variables: {
           input: {
             extensionId,
-            versionName: opts.versionName,
+            extensionName: extConfig.name,
+            versionName,
+            enableServer,
+            enableDb,
           },
         },
       }),
@@ -163,7 +195,6 @@ export const createExtensionVersion = async (
     });
   }
 
-  const cwd = process.cwd();
   archive.glob('**/*', {
     cwd,
     ignore: [
@@ -202,5 +233,5 @@ export const createExtensionVersion = async (
     console.log('Uploaded');
   }
 
-  console.log(`Created version ${opts.versionName} (ID ${extensionVersionId})`);
+  console.log(`Created version ${versionName} (ID ${extensionVersionId})`);
 };

package/src/commands/create-extension.ts

@@ -0,0 +1,14 @@
+import type { Env } from '../env.ts';
+import type { WithGlobalOptions } from '../global-options.ts';
+
+type CreateExtensionOptions = {
+  platformId: string;
+  name: string;
+};
+
+export const createExtension = async (
+  _opts: WithGlobalOptions<CreateExtensionOptions>,
+  _env: Env,
+): Promise<void> => {
+  // TODO
+};

package/src/commands/create-user.ts

@@ -1,4 +1,5 @@
 import { hashPassword, validatePasswordComplexity } from '@wirechunk/backend-lib/passwords.ts';
+import { cleanSmallId } from '@wirechunk/lib/clean-small-id.ts';
 import { normalizeEmailAddress } from '@wirechunk/lib/emails.ts';
 import { createPool, sql, UniqueIntegrityConstraintViolationError } from 'slonik';
 import { z } from 'zod';
@@ -6,10 +7,7 @@ import type { Env } from '../env.ts';
 import { requireCoreDbUrl } from '../env.ts';
 import { detailedUniqueIntegrityConstraintViolationError } from '../errors.ts';
 import type { WithGlobalOptions } from '../global-options.ts';
-
-const insertOrgResult = z.object({
-  id: z.string(),
-});
+import { voidSelectSchema } from '../util.ts';
 
 const insertUserResult = z.object({
   id: z.string(),
@@ -69,7 +67,8 @@ export const createUser = async (
 
   let platformId: string | null | undefined = opts.platformId;
   let orgId: string | null | undefined = opts.orgId;
-  let orgPrimary = false;
+  // TODO
+  // let orgPrimary = false;
 
   try {
     const user = await db.transaction(async (db) => {
@@ -78,7 +77,7 @@ export const createUser = async (
           throw new Error('Either --org-id or --platform-id must be specified');
         }
         platformId = await db.maybeOneFirst(
-          sql.type(findOrgResult)`select "platformId" from "Organizations" where "id" = ${orgId}`,
+          sql.type(findOrgResult)`select "platformId" from "Orgs" where "id" = ${orgId}`,
         );
         if (!platformId) {
           throw new Error(`No org found with ID ${orgId}`);
@@ -86,7 +85,7 @@ export const createUser = async (
       } else if (orgId) {
         // Verify that the specified org belongs to the specified platform.
         const orgPlatformId = await db.maybeOneFirst(
-          sql.type(findOrgResult)`select "platformId" from "Organizations" where "id" = ${orgId}`,
+          sql.type(findOrgResult)`select "platformId" from "Orgs" where "id" = ${orgId}`,
         );
         if (!orgPlatformId) {
           throw new Error(`No org found with ID ${orgId}`);
@@ -107,21 +106,22 @@ export const createUser = async (
         console.log(`Found platform ${platform.name} (ID ${platform.id})`);
       }
       if (!orgId) {
-        orgId = await db.oneFirst(
+        orgId = cleanSmallId();
+        await db.maybeOne(
           sql.type(
-            insertOrgResult,
-          )`insert into "Organizations" ("platformId") values (${platform.id}) returning "id"`,
+            voidSelectSchema,
+          )`insert into "Orgs" ("id", "platformId") values (${orgId}, ${platform.id})`,
         );
         if (opts.verbose) {
           console.log(`Created org ID ${orgId}`);
         }
-        orgPrimary = true;
+        // orgPrimary = true;
       }
 
       const user = await db.one(
         sql.type(
           insertUserResult,
-        )`insert into "Users" ("platformId", "email", "emailVerified", "password", "passwordStatus", "orgId", "orgPrimary", "role", "status", "firstName", "lastName") values (${platformId}, ${email}, ${opts.emailVerified}, ${password}, 'Ok', ${orgId}, ${orgPrimary}, ${role}, ${status}, ${firstName}, ${lastName}) returning "id"`,
+        )`insert into "Users" ("platformId", "email", "emailVerified", "password", "passwordStatus", "orgId", "role", "status", "firstName", "lastName") values (${platformId}, ${email}, ${opts.emailVerified}, ${password}, 'Ok', ${orgId}, ${role}, ${status}, ${firstName}, ${lastName}) returning "id"`,
       );
 
       // if (opts.admin) {

package/src/commands/ext-dev/db-connect-info.ts

@@ -0,0 +1,36 @@
+import { existsSync } from 'node:fs';
+import { readFile, writeFile } from 'node:fs/promises';
+import { resolve } from 'node:path';
+import type { Env } from '../../env.ts';
+import type { WithGlobalOptions } from '../../global-options.js';
+import { getExtensionDbConnectInfo, replaceEnvVar } from '../../util.ts';
+
+type DbConnectInfoOptions = {
+  extensionId?: string;
+  dbName?: string;
+};
+
+export const dbConnectInfo = async (
+  opts: WithGlobalOptions<DbConnectInfoOptions>,
+  env: Env,
+): Promise<void> => {
+  const connInfo = getExtensionDbConnectInfo(opts, env);
+  const url = connInfo.url.toString();
+  const cwd = process.cwd();
+  const localEnvFilePath = opts.envMode
+    ? resolve(cwd, `./.env.${opts.envMode}.local`)
+    : resolve(cwd, './.env.local');
+  if (opts.verbose) {
+    console.log(`Loading file ${localEnvFilePath} to update environment variables`);
+  }
+  if (existsSync(localEnvFilePath)) {
+    const localEnv = await readFile(localEnvFilePath, 'utf8');
+    const lines = replaceEnvVar(localEnv.split('\n'), 'DATABASE_URL', url);
+    await writeFile(localEnvFilePath, lines.join('\n'));
+  } else {
+    if (opts.verbose) {
+      console.log(`Creating file ${localEnvFilePath}`);
+    }
+    await writeFile(localEnvFilePath, `DATABASE_URL=${url}\n`);
+  }
+};

package/src/commands/{dev/init-ext-db.ts → ext-dev/init-db.ts}

@@ -1,6 +1,3 @@
-import { existsSync } from 'node:fs';
-import { readFile, writeFile } from 'node:fs/promises';
-import { resolve } from 'node:path';
 import type { DatabasePool } from 'slonik';
 import { createPool, sql } from 'slonik';
 import { z } from 'zod';
@@ -8,18 +5,22 @@ import type { Env } from '../../env.js';
 import { requireCoreDbUrl } from '../../env.ts';
 import { isDuplicateDatabaseError } from '../../errors.ts';
 import type { WithGlobalOptions } from '../../global-options.js';
-import { dbPoolOptions, extensionDbName, requireExtensionIdOptionOrEnvVar } from '../../util.ts';
-
-const initSchemas = async ({
-  extensionDbName,
+import {
+  dbPoolOptions,
+  getExtensionDbConnectInfo,
+  requireExtensionIdOptionOrEnvVar,
+} from '../../util.ts';
+import { dbConnectInfo } from './db-connect-info.ts';
+
+const initExtDb = async ({
+  // A connection to the extension database by a superuser role.
+  db,
   extensionRoleName,
   coreDbUrl,
-  db,
 }: {
-  extensionDbName: string;
+  db: DatabasePool;
   extensionRoleName: string;
   coreDbUrl: URL;
-  db: DatabasePool;
 }) => {
   await db.query(sql.unsafe`
     create extension if not exists postgres_fdw
@@ -34,10 +35,10 @@ const initSchemas = async ({
     )
   `);
 
-  const extRoleNameIdent = sql.identifier([extensionRoleName]);
+  const extRoleIdent = sql.identifier([extensionRoleName]);
 
   await db.query(sql.unsafe`
-    create user mapping if not exists for ${extRoleNameIdent} server wirechunk
+    create user mapping if not exists for ${extRoleIdent} server wirechunk
     options (user ${sql.literalValue(extensionRoleName)}, password_required 'false')
   `);
   await db.query(sql.unsafe`
@@ -76,69 +77,39 @@ const initSchemas = async ({
   // Here we just want to simplify the development experience.
   // At any moment, a developer may drop an extension's database and reinitialize it.
   await db.query(sql.unsafe`
-    grant connect, create, temporary on database ${sql.identifier([extensionDbName])} to ${extRoleNameIdent}
-  `);
-  await db.query(sql.unsafe`
-    grant all on schema public to ${extRoleNameIdent}
+    grant all on schema public to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    grant all on table "Orgs" to ${extRoleNameIdent}
+    grant all on table "Orgs" to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    grant all on table "Sites" to ${extRoleNameIdent}
+    grant all on table "Sites" to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    grant all on table "Users" to ${extRoleNameIdent}
+    grant all on table "Users" to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    alter default privileges grant all on schemas to ${extRoleNameIdent}
+    alter default privileges grant all on schemas to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    alter default privileges grant all on types to ${extRoleNameIdent}
+    alter default privileges grant all on types to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    alter default privileges grant all on tables to ${extRoleNameIdent}
+    alter default privileges grant all on tables to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    alter default privileges grant all on sequences to ${extRoleNameIdent}
+    alter default privileges grant all on sequences to ${extRoleIdent}
   `);
   await db.query(sql.unsafe`
-    alter default privileges grant all on functions to ${extRoleNameIdent}
+    alter default privileges grant all on functions to ${extRoleIdent}
   `);
 };
 
-const replaceDbName = (url: URL, dbName: string): URL => {
-  const urlObj = new URL(url.toString());
-  urlObj.pathname = `/${dbName}`;
-  return urlObj;
-};
-
 const extensionSelectSchema = z.object({
   id: z.string(),
   platformId: z.string(),
 });
 
-// Replace instances of a variable, or add a variable if needed, preserving other lines.
-const replaceEnvVar = (lines: string[], name: string, value: string): string[] => {
-  const newLines: string[] = [];
-  let hasName = false;
-  const namePattern = new RegExp(String.raw`^\s*${name}\s*=\s*`);
-  for (const line of lines) {
-    if (namePattern.test(line)) {
-      if (!hasName) {
-        newLines.push(`${name}=${value}`);
-        hasName = true;
-      }
-    } else {
-      newLines.push(line);
-    }
-  }
-  if (!hasName) {
-    newLines.push(`${name}=${value}`);
-  }
-  return newLines;
-};
-
 const applyExtensionPolicy = async ({
   extRole,
   table,
@@ -150,7 +121,7 @@ const applyExtensionPolicy = async ({
   platformId: string;
   db: DatabasePool;
 }) => {
-  const policyNameIdent = sql.identifier([`${table}_ext_${extRole}_select`]);
+  const policyNameIdent = sql.identifier([`${table}_${extRole}_select`]);
   const extRoleIdent = sql.identifier([extRole]);
   const tableIdent = sql.identifier([table]);
   await db.query(sql.unsafe`
@@ -162,7 +133,7 @@ const applyExtensionPolicy = async ({
     using ("platformId" = ${sql.literalValue(platformId)})
   `);
   await db.query(sql.unsafe`
-    grant select on ${tableIdent} to ${extRoleIdent}
+    grant select on table ${tableIdent} to ${extRoleIdent}
   `);
 };
 
@@ -171,12 +142,15 @@ type InitExtDbOptions = {
   dbName?: string;
 };
 
-export const initExtDb = async (
+export const initDb = async (
   opts: WithGlobalOptions<InitExtDbOptions>,
   env: Env,
 ): Promise<void> => {
   const coreDbUrl = requireCoreDbUrl(env);
   const extensionId = requireExtensionIdOptionOrEnvVar(opts, env);
+
+  await dbConnectInfo(opts, env);
+
   const db = await createPool(coreDbUrl, dbPoolOptions(opts));
 
   const extension = await db.maybeOne(sql.type(extensionSelectSchema)`
@@ -189,30 +163,12 @@ export const initExtDb = async (
     process.exit(1);
   }
 
-  const extDb = opts.dbName || extensionDbName(extensionId);
-
   const coreDbUrlObject = new URL(coreDbUrl);
-  const extDbUrl = replaceDbName(coreDbUrlObject, extDb);
-  extDbUrl.pathname = `/${extDb}`;
-
-  const cwd = process.cwd();
-  const localEnvFilePath = opts.envMode
-    ? resolve(cwd, `./.env.${opts.envMode}.local`)
-    : resolve(cwd, './.env.local');
-  if (opts.verbose) {
-    console.log(`Loading ${localEnvFilePath} to update environment variables`);
-  }
-  if (existsSync(localEnvFilePath)) {
-    const localEnv = await readFile(localEnvFilePath, 'utf8');
-    const lines = replaceEnvVar(localEnv.split('\n'), 'DATABASE_URL', extDbUrl.toString());
-    await writeFile(localEnvFilePath, lines.join('\n'));
-  } else {
-    await writeFile(localEnvFilePath, `DATABASE_URL=${extDbUrl.toString()}\n`);
-  }
+  const extDb = getExtensionDbConnectInfo(opts, env);
 
   try {
     await db.query(sql.unsafe`
-      create database ${sql.identifier([extDb])}
+      create database ${sql.identifier([extDb.dbName])}
     `);
   } catch (err) {
     if (!isDuplicateDatabaseError(err)) {
@@ -230,11 +186,17 @@ export const initExtDb = async (
       if not exists (
         select 1 from pg_roles where rolname = ${sql.literalValue(extRole)}
       ) then
-        create role ${extRoleIdent} login noinherit;
+        create role ${extRoleIdent} login noinherit createdb;
       end if;
     end; $$
   `);
+  await db.query(sql.unsafe`
+    grant ${extRoleIdent} to ${sql.identifier([coreDbUrlObject.username])}
+  `);
 
+  await db.query(sql.unsafe`
+    grant connect, create, temporary on database ${sql.identifier([extDb.dbName])} to ${extRoleIdent}
+  `);
   await applyExtensionPolicy({
     extRole,
     table: 'Orgs',
@@ -254,10 +216,12 @@ export const initExtDb = async (
     db,
   });
 
-  await initSchemas({
-    extensionDbName: extDb,
+  const extDbSuper = new URL(extDb.url);
+  extDbSuper.username = coreDbUrlObject.username;
+
+  await initExtDb({
+    db: await createPool(extDbSuper.toString(), dbPoolOptions(opts)),
     extensionRoleName: extRole,
     coreDbUrl: coreDbUrlObject,
-    db: await createPool(extDbUrl.toString(), dbPoolOptions(opts)),
   });
 };

package/src/env.ts

@@ -6,7 +6,7 @@ import { isLocalhost } from '@wirechunk/lib/localhost.ts';
 
 export type Env = Record<string, string> & {
   CORE_DATABASE_URL?: string;
-  // A URL to the server root, like https://wirechunk.com or http://admin.localhost:8080
+  // A URL to the server root, like https://wirechunk.com or http://localhost:8080
   CORE_SERVER_URL: string;
   WIRECHUNK_API_TOKEN?: string;
 };

package/src/main.ts

@@ -6,8 +6,9 @@ import chalk from 'chalk';
 import { bootstrap } from './commands/bootstrap.ts';
 import { createExtensionVersion } from './commands/create-extension-version.ts';
 import { createUser } from './commands/create-user.ts';
-import { initExtDb } from './commands/dev/init-ext-db.ts';
 import { editAdmin } from './commands/edit-admin.ts';
+import { dbConnectInfo } from './commands/ext-dev/db-connect-info.ts';
+import { initDb } from './commands/ext-dev/init-db.ts';
 import type { Env } from './env.ts';
 import { parseEnv } from './env.ts';
 import type { WithGlobalOptions } from './global-options.ts';
@@ -90,17 +91,30 @@ program
 
 // TODO: create-admin
 
-const dev = program.command('dev').description('extension development commands');
+const extDev = program.command('ext-dev').description('extension development commands');
 
-dev
-  .command('init-ext-db')
-  .description('initialize a development database for an extension')
+extDev
+  .command('db-connect-info')
+  .description(
+    'write the connection info for the extension database to a .local.env or .local.<env-mode>.env file',
+  )
+  .option(
+    '--extension-id <string>',
+    'the ID of the extension, can be set with an EXTENSION_ID environment variable instead',
+  )
+  .action(withOptionsAndEnv(dbConnectInfo));
+
+extDev
+  .command('init-db')
+  .description(
+    'initialize a development database for an extension, useful for testing, assumes the extension role exists',
+  )
   .option(
     '--extension-id <string>',
     'the ID of the extension, can be set with an EXTENSION_ID environment variable instead',
   )
   .option('--db-name <string>', 'a custom name for the database, applicable only for testing')
-  .action(withOptionsAndEnv(initExtDb));
+  .action(withOptionsAndEnv(initDb));
 
 program
   .command('edit-admin')

package/src/util.ts

@@ -2,6 +2,7 @@ import type { ClientConfigurationInput } from 'slonik/src/types.js';
 import { createQueryLoggingInterceptor } from 'slonik-interceptor-query-logging';
 import { z } from 'zod';
 import type { Env } from './env.ts';
+import { requireCoreDbUrl } from './env.ts';
 import type { GlobalOptions } from './global-options.ts';
 
 // Returns the name to use for an extension's database in development mode.
@@ -27,3 +28,54 @@ export const requireExtensionIdOptionOrEnvVar = (
 // Note that you still need to set a ROARR_LOG=true environment variable to enable logging.
 export const dbPoolOptions = (opts: GlobalOptions): ClientConfigurationInput =>
   opts.verbose ? { interceptors: [createQueryLoggingInterceptor({ logValues: true })] } : {};
+
+// Replace instances of a variable, or add a variable if needed, preserving other lines.
+export const replaceEnvVar = (lines: string[], name: string, value: string): string[] => {
+  const newLines: string[] = [];
+  let hasName = false;
+  const namePattern = new RegExp(String.raw`^\s*${name}\s*=\s*`);
+  for (const line of lines) {
+    if (namePattern.test(line)) {
+      if (!hasName) {
+        newLines.push(`${name}=${value}`);
+        hasName = true;
+      }
+    } else {
+      newLines.push(line);
+    }
+  }
+  if (!hasName) {
+    newLines.push(`${name}=${value}`);
+  }
+  return newLines;
+};
+
+export const replaceDbName = (url: URL, dbName: string): URL => {
+  const urlObj = new URL(url.toString());
+  urlObj.pathname = `/${dbName}`;
+  return urlObj;
+};
+
+export type DbConnectInfo = {
+  url: URL;
+  dbName: string;
+};
+
+export const getExtensionDbConnectInfo = (
+  opts: {
+    extensionId?: string;
+    dbName?: string;
+  },
+  env: Env,
+): DbConnectInfo => {
+  const extensionId = requireExtensionIdOptionOrEnvVar(opts, env);
+  const dbName = opts.dbName || extensionDbName(extensionId);
+  const url = replaceDbName(new URL(requireCoreDbUrl(env)), dbName);
+  url.username = `ext_${extensionId}`;
+  url.password = '';
+
+  return {
+    url,
+    dbName,
+  };
+};

package/src/fetch.ts

@@ -1,32 +0,0 @@
-import { lookup } from 'node:dns';
-import { isLocalhost } from '@wirechunk/lib/localhost.ts';
-import * as undici from 'undici';
-
-// To allow easily accessing localhost subdomains without needing to override /etc/hosts, this function provides a DNS resolver
-// that resolves to 127.0.0.1 for localhost domains.
-export const fetchWithLocal = (
-  url: string,
-  init: RequestInit & undici.RequestInit,
-): Promise<Response | undici.Response> => {
-  const { host } = new URL(url);
-  if (isLocalhost(host)) {
-    return undici.fetch(url, {
-      ...init,
-      dispatcher: new undici.Agent({
-        connect: {
-          lookup: (hostname, options, callback) => {
-            if (isLocalhost(hostname)) {
-              callback(null, [
-                { address: '127.0.0.1', family: 4 },
-                { address: '::1', family: 6 },
-              ]);
-              return;
-            }
-            lookup(hostname, options, callback);
-          },
-        },
-      }),
-    });
-  }
-  return fetch(url, init);
-};