@wirechunk/cli 0.0.1-rc.1

package/package.json

@@ -0,0 +1,40 @@
+{
+  "name": "@wirechunk/cli",
+  "version": "0.0.1-rc.1",
+  "private": false,
+  "type": "module",
+  "scripts": {
+    "lint": "eslint --fix",
+    "lint:check": "eslint",
+    "format": "prettier --write .",
+    "format:check": "prettier --check .",
+    "typecheck": "tsc",
+    "typecheck-src": "tsc --skipLibCheck",
+    "test": "echo 'no tests yet'",
+    "build": "npm run build:clean && npm run build:cli",
+    "build:clean": "rm -rf build",
+    "build:cli": "vite build"
+  },
+  "bin": {
+    "wirechunk": "build/main.js"
+  },
+  "dependencies": {
+    "argon2": "^0.41.1"
+  },
+  "devDependencies": {
+    "@commander-js/extra-typings": "^13.0.0",
+    "@types/archiver": "^6.0.3",
+    "@wirechunk/backend-lib": "0.0.0",
+    "@wirechunk/lib": "0.0.0",
+    "archiver": "^7.0.1",
+    "chalk": "^5.3.0",
+    "commander": "^13.0.0",
+    "slonik": "^46.3.0",
+    "slonik-interceptor-query-logging": "^46.3.0",
+    "undici": "^7.2.0",
+    "zod": "^3.24.1"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}

package/src/commands/bootstrap.ts

@@ -0,0 +1,81 @@
+import { randomUUID } from 'node:crypto';
+import { cleanTinyId } from '@wirechunk/lib/clean-small-id.ts';
+import { normalizeEmailAddress } from '@wirechunk/lib/emails.ts';
+import {
+  defaultFormattedDataTemplate,
+  defaultNotificationEmailBodyTemplate,
+} from '@wirechunk/lib/mixer/form-formatting-templates.ts';
+import { normalizeDomain } from '@wirechunk/server/site-domains/util.ts';
+import type { DatabasePool } from 'slonik';
+import { createPool, sql } from 'slonik';
+import type { Env } from '../env.ts';
+import { requireCoreDbUrl } from '../env.ts';
+import type { WithGlobalOptions } from '../global-options.ts';
+import { voidSelectSchema } from '../util.ts';
+
+const platformHandleAvailable = async (handle: string, db: DatabasePool) =>
+  !(await db.maybeOne(
+    sql.type(voidSelectSchema)`select from "Platforms" where "handle" = ${handle}`,
+  ));
+
+const randomString = () => randomUUID().replaceAll('-', '').slice(0, 10);
+
+type BootstrapOptions = {
+  name: string;
+  handle?: string;
+  adminSiteDomain: string;
+  emailSendFrom?: string;
+};
+
+export const bootstrap = async (
+  opts: WithGlobalOptions<BootstrapOptions>,
+  env: Env,
+): Promise<void> => {
+  const db = await createPool(requireCoreDbUrl(env));
+
+  const platformId = cleanTinyId();
+  const name = opts.name.trim();
+  let handle = opts.handle?.trim().toLowerCase().replace(/\s+/g, '-');
+  if (!handle) {
+    handle = name.toLowerCase().replace(/\s+/g, '-');
+    if (!(await platformHandleAvailable(handle, db))) {
+      handle = `${handle}-${randomString()}`;
+    }
+  } else if (!(await platformHandleAvailable(handle, db))) {
+    console.error(`Handle "${handle}" is already in use`);
+    process.exit(1);
+  }
+  const adminSiteDomain = normalizeDomain(opts.adminSiteDomain, { allowPort: true });
+  if (!adminSiteDomain) {
+    console.error('Invalid admin site domain');
+    process.exit(1);
+  }
+  let emailSendFrom: string;
+  if (opts.emailSendFrom) {
+    const normalizeEmailSendFromResult = normalizeEmailAddress(opts.emailSendFrom);
+    if (!normalizeEmailSendFromResult.ok) {
+      console.error(normalizeEmailSendFromResult.error);
+      process.exit(1);
+    }
+    emailSendFrom = normalizeEmailSendFromResult.value;
+  } else {
+    emailSendFrom = `site@${adminSiteDomain}`;
+  }
+  const adminSiteName = `${name} Admin`;
+
+  await db.transaction(async (db) => {
+    await db.query(
+      sql.type(
+        voidSelectSchema,
+      )`insert into "Platforms" ("id", "handle", "name", "defaultFormFormattedDataTemplate", "defaultFormNotificationEmailBodyTemplate", "emailSendFromAddress") values (${platformId}, ${handle}, ${name}, ${defaultFormattedDataTemplate}, ${defaultNotificationEmailBodyTemplate}, ${emailSendFrom})`,
+    );
+
+    await db.query(
+      sql.type(
+        voidSelectSchema,
+      )`insert into "Sites" ("platformId", "domain", "name") values (${platformId}, ${adminSiteDomain}, ${adminSiteName})`,
+    );
+  });
+
+  console.log(`Created platform ${name} with handle ${handle} (ID ${platformId})`);
+};

package/src/commands/create-extension-version.ts

@@ -0,0 +1,206 @@
+import { parseErrorMessage } from '@wirechunk/lib/errors.ts';
+import archiver from 'archiver';
+import { z } from 'zod';
+import type { Env } from '../env.ts';
+import { requireApiToken } from '../env.ts';
+import { fetchWithLocal } from '../fetch.ts';
+import type { WithGlobalOptions } from '../global-options.js';
+import { requireExtensionIdOptionOrEnvVar } from '../util.ts';
+
+const bytesFormat = Intl.NumberFormat('en', {
+  notation: 'compact',
+  style: 'unit',
+  unit: 'byte',
+  unitDisplay: 'narrow',
+  minimumFractionDigits: 1,
+  maximumFractionDigits: 1,
+});
+
+const createExtensionVersionResultDataSchema = z.discriminatedUnion('__typename', [
+  z.object({
+    __typename: z.literal('CreateExtensionVersionSuccessResult'),
+    extensionVersion: z.object({
+      id: z.string(),
+    }),
+    signedUrl: z.string(),
+  }),
+  z.object({
+    __typename: z.literal('AuthorizationError'),
+    message: z.string(),
+  }),
+  z.object({
+    __typename: z.literal('GenericInternalError'),
+    message: z.string(),
+  }),
+  z.object({
+    __typename: z.literal('GenericUserError'),
+    message: z.string(),
+  }),
+]);
+
+const graphQlErrorSchema = z.object({
+  message: z.string(),
+});
+
+const createExtensionVersionResultSchema = z.object({
+  errors: z.array(graphQlErrorSchema).optional().nullable(),
+  data: z
+    .object({
+      createExtensionVersion: createExtensionVersionResultDataSchema,
+    })
+    .nullable(),
+});
+
+type CreateExtensionVersionOptions = {
+  extensionId?: string;
+  versionName: string;
+};
+
+export const createExtensionVersion = async (
+  opts: WithGlobalOptions<CreateExtensionVersionOptions>,
+  env: Env,
+): Promise<void> => {
+  const extensionId = requireExtensionIdOptionOrEnvVar(opts, env);
+  const apiToken = requireApiToken(env);
+  let extensionVersionId: string;
+  let signedUrl: string;
+  try {
+    const url = `${env.CORE_SERVER_URL}/api`;
+    if (opts.verbose) {
+      console.log(`POST ${url}`);
+    }
+    const createResult = await fetchWithLocal(url, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: `Bearer ${apiToken}`,
+      },
+      body: JSON.stringify({
+        query: `
+          mutation ($input: CreateExtensionVersionInput!) {
+            createExtensionVersion(input: $input) {
+              __typename
+              ... on CreateExtensionVersionSuccessResult {
+                extensionVersion {
+                  id
+                }
+                signedUrl
+              }
+              ... on Error {
+                message
+              }
+            }
+          }
+        `,
+        variables: {
+          input: {
+            extensionId,
+            versionName: opts.versionName,
+          },
+        },
+      }),
+    });
+    if (!createResult.ok) {
+      const message = `Failed to create an extension version (status ${createResult.status})`;
+      try {
+        const data = await createResult.json();
+        console.error(`${message}:`, parseErrorMessage(data));
+        process.exit(1);
+      } catch {
+        console.error(message);
+        process.exit(1);
+      }
+    }
+    const data = await createResult.json();
+    const parseResult = createExtensionVersionResultSchema.safeParse(data);
+    if (!parseResult.success) {
+      console.error('Failed to create an extension version:', parseResult.error.message);
+      process.exit(1);
+    }
+    const result = parseResult.data;
+    if (result.errors) {
+      console.error('Failed to create an extension version:', parseErrorMessage(result));
+      process.exit(1);
+    }
+    if (result.data?.createExtensionVersion.__typename === 'CreateExtensionVersionSuccessResult') {
+      extensionVersionId = result.data.createExtensionVersion.extensionVersion.id;
+      signedUrl = result.data.createExtensionVersion.signedUrl;
+    } else {
+      console.error(
+        `Failed to create an extension version (${result.data?.createExtensionVersion.__typename ?? 'unknown error'}):`,
+        parseErrorMessage(result.data?.createExtensionVersion),
+      );
+      process.exit(1);
+    }
+  } catch (e) {
+    console.error('Failed to create an extension version:', parseErrorMessage(e));
+    process.exit(1);
+  }
+
+  const archive = archiver('zip', {
+    zlib: { level: 6 },
+  });
+
+  archive.on('error', (err) => {
+    console.error('Failed to archive:', parseErrorMessage(err));
+    process.exit(1);
+  });
+
+  archive.on('warning', (err) => {
+    console.warn('Archive warning:', err.message);
+  });
+
+  let processedBytes = 0;
+  let lastProcessedBytes = 0;
+
+  if (opts.verbose) {
+    archive.on('progress', (progress) => {
+      processedBytes += progress.fs.processedBytes;
+      if (processedBytes >= lastProcessedBytes + 1024 * 100) {
+        lastProcessedBytes = processedBytes;
+        console.log(`Processed ${bytesFormat.format(processedBytes)}`);
+      }
+    });
+  }
+
+  const cwd = process.cwd();
+  archive.glob('**/*', {
+    cwd,
+    ignore: [
+      '**/.git/**/*',
+      '.git/**/*',
+      'eslint.config.js',
+      '**/eslint.config.js',
+      'node_modules/**/*',
+      '**/node_modules/**/*',
+    ],
+  });
+
+  if (opts.verbose) {
+    console.log(`Uploading files at ${cwd}`);
+  }
+
+  // Must not await here because otherwise it doesn't work.
+  const finalizePromise = archive.finalize();
+  await finalizePromise;
+
+  const uploadResponse = await fetch(signedUrl, {
+    method: 'PUT',
+    headers: {
+      'Content-Type': 'application/zip',
+    },
+    duplex: 'half',
+    body: archive,
+  });
+
+  if (uploadResponse.status !== 200) {
+    console.error('Failed to upload:', uploadResponse.statusText);
+    process.exit(1);
+  }
+
+  if (opts.verbose) {
+    console.log('Uploaded');
+  }
+
+  console.log(`Created version ${opts.versionName} (ID ${extensionVersionId})`);
+};

package/src/commands/create-user.ts

@@ -0,0 +1,142 @@
+import { hashPassword, validatePasswordComplexity } from '@wirechunk/backend-lib/passwords.ts';
+import { normalizeEmailAddress } from '@wirechunk/lib/emails.ts';
+import { createPool, sql, UniqueIntegrityConstraintViolationError } from 'slonik';
+import { z } from 'zod';
+import type { Env } from '../env.ts';
+import { requireCoreDbUrl } from '../env.ts';
+import { detailedUniqueIntegrityConstraintViolationError } from '../errors.ts';
+import type { WithGlobalOptions } from '../global-options.ts';
+
+const insertOrgResult = z.object({
+  id: z.string(),
+});
+
+const insertUserResult = z.object({
+  id: z.string(),
+});
+
+const findOrgResult = z.object({
+  platformId: z.string(),
+});
+
+const findPlatformResult = z.object({
+  id: z.string(),
+  name: z.string(),
+});
+
+type CreateUserOptions = {
+  email: string;
+  password: string;
+  firstName: string;
+  lastName: string;
+  orgId?: string;
+  platformId?: string;
+  role: string;
+  emailVerified: boolean;
+  pending: boolean;
+};
+
+export const createUser = async (
+  opts: WithGlobalOptions<CreateUserOptions>,
+  env: Env,
+): Promise<void> => {
+  const db = await createPool(requireCoreDbUrl(env));
+
+  const normalizeEmailResult = normalizeEmailAddress(opts.email);
+  if (!normalizeEmailResult.ok) {
+    console.error(normalizeEmailResult.error);
+    process.exit(1);
+  }
+  const email = normalizeEmailResult.value;
+  const validatePasswordResult = validatePasswordComplexity(opts.password);
+  if (!validatePasswordResult.ok) {
+    console.error(validatePasswordResult.error);
+    process.exit(1);
+  }
+  const password = await hashPassword(opts.password);
+  const { role } = opts;
+  const status = opts.pending ? 'Pending' : 'Active';
+  const firstName = opts.firstName.trim();
+  if (!firstName.length) {
+    console.error('First name must not be empty');
+    process.exit(1);
+  }
+  const lastName = opts.lastName.trim();
+  if (!lastName.length) {
+    console.error('Last name must not be empty');
+    process.exit(1);
+  }
+
+  let platformId: string | null | undefined = opts.platformId;
+  let orgId: string | null | undefined = opts.orgId;
+  let orgPrimary = false;
+
+  try {
+    const user = await db.transaction(async (db) => {
+      if (!platformId) {
+        if (!orgId) {
+          throw new Error('Either --org-id or --platform-id must be specified');
+        }
+        platformId = await db.maybeOneFirst(
+          sql.type(findOrgResult)`select "platformId" from "Organizations" where "id" = ${orgId}`,
+        );
+        if (!platformId) {
+          throw new Error(`No org found with ID ${orgId}`);
+        }
+      } else if (orgId) {
+        // Verify that the specified org belongs to the specified platform.
+        const orgPlatformId = await db.maybeOneFirst(
+          sql.type(findOrgResult)`select "platformId" from "Organizations" where "id" = ${orgId}`,
+        );
+        if (!orgPlatformId) {
+          throw new Error(`No org found with ID ${orgId}`);
+        }
+        if (orgPlatformId !== platformId) {
+          throw new Error(`Org ID ${orgId} does not belong to platform ID ${platformId}`);
+        }
+      }
+      const platform = await db.maybeOne(
+        sql.type(
+          findPlatformResult,
+        )`select "id", "name" from "Platforms" where "id" = ${platformId}`,
+      );
+      if (!platform) {
+        throw new Error(`No platform found with ID ${platformId}`);
+      }
+      if (opts.verbose) {
+        console.log(`Found platform ${platform.name} (ID ${platform.id})`);
+      }
+      if (!orgId) {
+        orgId = await db.oneFirst(
+          sql.type(
+            insertOrgResult,
+          )`insert into "Organizations" ("platformId") values (${platform.id}) returning "id"`,
+        );
+        if (opts.verbose) {
+          console.log(`Created org ID ${orgId}`);
+        }
+        orgPrimary = true;
+      }
+
+      const user = await db.one(
+        sql.type(
+          insertUserResult,
+        )`insert into "Users" ("platformId", "email", "emailVerified", "password", "passwordStatus", "orgId", "orgPrimary", "role", "status", "firstName", "lastName") values (${platformId}, ${email}, ${opts.emailVerified}, ${password}, 'Ok', ${orgId}, ${orgPrimary}, ${role}, ${status}, ${firstName}, ${lastName}) returning "id"`,
+      );
+
+      // if (opts.admin) {
+      //   await grantAllUserPlatformPermissions({ userId: user.id, platformId }, db);
+      // }
+
+      return user;
+    });
+    console.log(`Created user (ID ${user.id})`);
+  } catch (e) {
+    if (e instanceof UniqueIntegrityConstraintViolationError) {
+      console.error(detailedUniqueIntegrityConstraintViolationError(e));
+      process.exit(1);
+    }
+    console.error(e);
+    process.exit(1);
+  }
+};