@wxn0brp/vql 0.6.4 → 0.7.0

package/README.md

@@ -5,12 +5,13 @@ VQL is a query language and processing framework designed for managing and inter
 [![npm version](https://img.shields.io/npm/v/@wxn0brp/vql)](https://www.npmjs.com/package/@wxn0brp/vql)
 [![License](https://img.shields.io/npm/l/@wxn0brp/vql)](./LICENSE)
 [![Downloads](https://img.shields.io/npm/dm/@wxn0brp/vql)](https://www.npmjs.com/package/@wxn0brp/vql)
+![CI](https://img.shields.io/github/actions/workflow/status/wxn0brP/VQL/build.yml?branch=master)
+![bundle size](https://img.shields.io/bundlephobia/minzip/@wxn0brp/vql)
 
 ## Features
 
 - **Query Execution**: Supports CRUD operations and advanced query capabilities.
 - **Permission Management**: Fine-grained access control using Gate Warden.
-- **GUI**: A web-based interface for managing ACL rules and database structures.
 - **Extensibility**: Easily extendable with pre-defined sheets and custom configurations.
 
 ## Example Usage
@@ -35,7 +36,7 @@ const query = {
     d: {
         find: {
             collection: "users",
-            search: { age: { $gt: 18 } },
+            search: { $gt: { age: 18 } },
             fields: { name: 1, age: 1 },
         },
     },

package/dist/apiAbstract.js

@@ -22,8 +22,8 @@ export function createValtheraAdapter(resolver, extendedFind = false) {
         adapter[name] = (...args) => safe(resolver[name])(...args);
     }
     if (extendedFind) {
-        adapter.find = async (col, search, context, options, findOpts) => {
-            let data = await safe(resolver.find)(col, search, context, options, findOpts);
+        adapter.find = async (col, search, options, findOpts, context) => {
+            let data = await safe(resolver.find)(col, search, options, findOpts, context);
             if (options?.reverse)
                 data.reverse();
             if (options?.max !== -1 && data.length > options?.max)

package/dist/cpu/request.js

@@ -13,14 +13,14 @@ export async function executeQuery(cpu, query, user) {
         const select = parseSelect(cpu.config, params.fields || params.select || {});
         if (select && typeof select === "object" && Object.keys(select).length !== 0)
             params.searchOpts = { ...params.searchOpts, select };
-        return db.find(params.collection, params.search, {}, params.options || {}, params.searchOpts);
+        return db.find(params.collection, params.search, params.options || {}, params.searchOpts);
     }
     else if (operation === "findOne" || operation === "f") {
         const params = query.d[operation];
         const select = parseSelect(cpu.config, params.fields || params.select || {});
         if (select && typeof select === "object" && Object.keys(select).length !== 0)
             params.searchOpts = { ...params.searchOpts, select };
-        return db.findOne(params.collection, params.search, {}, params.searchOpts);
+        return db.findOne(params.collection, params.search, params.searchOpts);
     }
     else if (operation === "add") {
         const params = query.d[operation];
@@ -44,7 +44,12 @@ export async function executeQuery(cpu, query, user) {
     }
     else if (operation === "updateOneOrAdd") {
         const params = query.d[operation];
-        return db.updateOneOrAdd(params.collection, params.search, params.updater, params.add_arg || {}, {}, params.id_gen ?? true);
+        const opts = {};
+        if (params.add_arg)
+            opts.add_arg = params.add_arg;
+        if (params.id_gen)
+            opts.id_gen = params.id_gen;
+        return db.updateOneOrAdd(params.collection, params.search, params.updater, opts);
     }
     else if (operation === "removeCollection") {
         const params = query.d[operation];

package/dist/gw.js

@@ -1,5 +1,5 @@
 export function createGwValidFn(gw) {
-    return async (path, perm, user) => {
-        return gw.hasAccess(user.id, path, perm);
+    return async (args) => {
+        return gw.hasAccess(args.user.id, args.field, args.p);
     };
 }

package/dist/permissions/relation.js

@@ -3,30 +3,35 @@ import { extractPathsFromData, hashKey } from "./utils.js";
 export async function checkRelationPermission(config, permValidFn, user, query) {
     const { path, search, relations, select } = query.r;
     // Helper function to recursively check permissions with fallback mechanism
-    const checkPermissionRecursively = async (entityId, fallbackLevels = []) => {
+    const checkPermissionRecursively = async (entityId, originalPath, fallbackLevels = []) => {
         // Check if the user has access to the current entity
         // const result = await gw.hasAccess(user.id, entityId, PermCRUD.READ);
-        const result = await permValidFn(entityId, PermCRUD.READ, user);
+        const result = await permValidFn({
+            field: entityId,
+            path: originalPath,
+            p: PermCRUD.READ,
+            user
+        });
         if (result.granted) {
             return true;
         }
         // If the result is "entity-404", check the next fallback level
         if (!config.strictACL && result.via === "entity-404" && fallbackLevels.length > 0) {
             const nextFallbackEntityId = await hashKey(config, fallbackLevels.slice(0, -1));
-            return checkPermissionRecursively(nextFallbackEntityId, fallbackLevels.slice(0, -2));
+            return checkPermissionRecursively(nextFallbackEntityId, fallbackLevels.slice(0, -2), fallbackLevels.slice(0, -2));
         }
         // If no fallback levels are left or the result is not "entity-404", deny access
         return false;
     };
     // Check permission for the relation field in the parent collection
-    if (!await checkPermissionRecursively(await hashKey(config, path), path)) {
+    if (!await checkPermissionRecursively(await hashKey(config, path), path, path)) {
         return false;
     }
     // Check permissions for search fields
     const searchPaths = extractPathsFromData(search || {});
     for (const searchPath of searchPaths) {
         const key = [...path, ...searchPath.path, searchPath.key];
-        if (!await checkPermissionRecursively(await hashKey(config, key), key)) {
+        if (!await checkPermissionRecursively(await hashKey(config, key), key, key)) {
             return false;
         }
     }
@@ -34,7 +39,7 @@ export async function checkRelationPermission(config, permValidFn, user, query)
     if (select) {
         for (const fieldPath of select) {
             const key = [...path, fieldPath];
-            if (!await checkPermissionRecursively(await hashKey(config, key), key)) {
+            if (!await checkPermissionRecursively(await hashKey(config, key), key, key)) {
                 return false;
             }
         }

package/dist/permissions/request.js

@@ -41,14 +41,15 @@ export async function extractPaths(config, query) {
             permPaths.paths.push({ c: PermCRUD.COLLECTION });
             break;
     }
-    permPaths.paths = permPaths.paths.map(path => {
+    permPaths.paths = (await Promise.all(permPaths.paths.map(async (path) => {
         if (!path.filed)
             return path;
-        return path.filed.map(filed => {
+        return await Promise.all(path.filed.map(async (filed) => {
             const processedPath = [query.db, collection, ...processFieldPath(filed)];
-            return { filed: hashKey(config, processedPath), path: processedPath, p: path.p };
-        });
-    }).flat();
+            const hashedKey = await hashKey(config, processedPath);
+            return { filed: hashedKey, path: processedPath, p: path.p };
+        }));
+    }))).flat();
     return permPaths;
 }
 export function processFieldPath(pathObj) {
@@ -84,17 +85,22 @@ export async function checkRequestPermission(config, permValidFn, user, query) {
         return false;
     const permPaths = await extractPaths(config, query);
     // Helper function to recursively check permissions
-    const checkPermissionRecursively = async (entityId, requiredPerm, fallbackLevels = []) => {
+    const checkPermissionRecursively = async (entityId, originalPath, requiredPerm, fallbackLevels = []) => {
         // Check if the user has access to the current entity
         // const result = await gw.hasAccess(user.id, entityId, requiredPerm);
-        const result = await permValidFn(entityId, requiredPerm, user);
+        const result = await permValidFn({
+            field: entityId,
+            path: originalPath,
+            p: requiredPerm,
+            user
+        });
         if (result.granted) {
             return true;
         }
         // If the result is "entity-404", check the next fallback level
         if (!config.strictACL && result.via === "entity-404" && fallbackLevels.length > 0) {
             const nextFallbackEntityId = await hashKey(config, fallbackLevels.slice(0, -1));
-            return checkPermissionRecursively(nextFallbackEntityId, requiredPerm, fallbackLevels.slice(0, -2));
+            return checkPermissionRecursively(nextFallbackEntityId, fallbackLevels.slice(0, -2), requiredPerm, fallbackLevels.slice(0, -2));
         }
         // If no fallback levels are left or the result is not "entity-404", deny access
         return false;
@@ -105,10 +111,12 @@ export async function checkRequestPermission(config, permValidFn, user, query) {
         let entityId;
         let requiredPerm;
         let fallbackLevels = [];
+        let originalPath = [];
         if ("c" in path) {
             // Collection-level permission: hash the combination of db and collection
             entityId = await hashKey(config, [query.db, permPaths.c]);
             requiredPerm = path.c;
+            originalPath = [query.db, permPaths.c];
             // Fallback to database level if needed
             fallbackLevels = [query.db];
         }
@@ -116,11 +124,12 @@ export async function checkRequestPermission(config, permValidFn, user, query) {
             // Field-level permission: use the hashed field path
             entityId = path.filed;
             requiredPerm = path.p;
+            originalPath = path.path;
             // Fallback to collection and then database level if needed
             fallbackLevels = path.path;
         }
         // Check permissions recursively
-        const result = await checkPermissionRecursively(entityId, requiredPerm, fallbackLevels);
+        const result = await checkPermissionRecursively(entityId, originalPath, requiredPerm, fallbackLevels);
         results.push(result);
     }
     // All permissions must be granted

package/dist/permissions/resolver.d.ts

@@ -0,0 +1,9 @@
+import { PathMatcher, PermissionResolver } from "../types/resolver.js";
+import { PermValidFn } from "../types/perm.js";
+import { GateWarden } from "@wxn0brp/gate-warden";
+export declare class PermissionResolverEngine {
+    private resolvers;
+    addResolver(matcher: PathMatcher, resolver: PermissionResolver): void;
+    create(): PermValidFn;
+    createWithGw(gw: GateWarden): PermValidFn;
+}

package/dist/permissions/resolver.js

@@ -0,0 +1,46 @@
+export class PermissionResolverEngine {
+    resolvers = [];
+    addResolver(matcher, resolver) {
+        this.resolvers.push({ matcher, resolver });
+    }
+    create() {
+        return async (args) => {
+            const originalPath = args.path.join("/");
+            for (const { matcher, resolver } of this.resolvers) {
+                let isMatch = false;
+                if (typeof matcher === "string") {
+                    isMatch = originalPath === matcher;
+                }
+                else if (matcher instanceof RegExp) {
+                    isMatch = matcher.test(originalPath);
+                }
+                else if (typeof matcher === "function") {
+                    isMatch = await matcher(originalPath, args.path);
+                }
+                if (isMatch) {
+                    try {
+                        const resolverGranted = await resolver(args);
+                        return { granted: resolverGranted, via: `resolver` };
+                    }
+                    catch (error) {
+                        console.error(`[Resolver Engine] Error in custom resolver for path ${originalPath}:`, error);
+                        return { granted: false, via: `resolver-error` };
+                    }
+                }
+            }
+            return { granted: false, via: `no-resolver-match` };
+        };
+    }
+    createWithGw(gw) {
+        const resolver = this.create();
+        return async (args) => {
+            const resolverResult = await resolver(args);
+            if (resolverResult.granted)
+                return resolverResult;
+            if (!resolverResult.granted && resolverResult.via !== `no-resolver-match`)
+                return resolverResult;
+            const gwResult = await gw.hasAccess(args.user.id, args.field, args.p);
+            return { granted: gwResult.granted, via: `gate-warden` };
+        };
+    }
+}

package/dist/types/perm.d.ts

@@ -9,4 +9,13 @@ export interface ValidFnResult {
     granted: boolean;
     via?: string;
 }
-export type PermValidFn = (path: string, perm: number, user: any) => Promise<ValidFnResult>;
+export interface PermValidFnArgs {
+    /** sha256/json */
+    field: string;
+    /** original path */
+    path: string[];
+    /** permission */
+    p: number;
+    user: any;
+}
+export type PermValidFn = (args: PermValidFnArgs) => Promise<ValidFnResult>;

package/dist/types/resolver.d.ts

@@ -0,0 +1,14 @@
+import { PermValidFnArgs } from "./perm.js";
+export interface GWUser {
+    _id: string;
+}
+export type PathMatcher = string | RegExp | ((path: string, pathSegments: string[]) => Promise<boolean>);
+export type PermissionResolver = (args: PermValidFnArgs) => Promise<boolean>;
+export interface ResolverEntry {
+    matcher: PathMatcher;
+    resolver: PermissionResolver;
+}
+export interface ResolverValidFnResult {
+    granted: boolean;
+    via: string;
+}

package/dist/types/resolver.js

@@ -0,0 +1 @@
+export {};

package/dist/vql.d.ts

@@ -119,11 +119,11 @@ declare class CollectionManager<D = Data> {
 	/**
 	 * Find data in a database.
 	 */
-	find<T = Data>(search?: Search<T & D>, context?: VContext, options?: DbFindOpts<T & Data>, findOpts?: FindOpts<T & Data>): Promise<T[]>;
+	find<T = Data>(search?: Search<T & D>, options?: DbFindOpts<T & Data>, findOpts?: FindOpts<T & Data>, context?: VContext): Promise<T[]>;
 	/**
 	 * Find one data entry in a database.
 	 */
-	findOne<T = Data>(search?: Search<T & Data>, context?: VContext, findOpts?: FindOpts<T & Data>): Promise<T>;
+	findOne<T = Data>(search?: Search<T & Data>, findOpts?: FindOpts<T & Data>, context?: VContext): Promise<T>;
 	/**
 	 * Update data in a database.
 	 */
@@ -143,7 +143,7 @@ declare class CollectionManager<D = Data> {
 	/**
 	 * Asynchronously updates one entry in a database or adds a new one if it doesn't exist.
 	 */
-	updateOneOrAdd<T = Data>(search: Search<T & Data>, updater: Updater<T & Data>, add_arg?: Arg<T & Data>, context?: VContext, id_gen?: boolean): Promise<boolean>;
+	updateOneOrAdd<T = Data>(search: Search<T & Data>, updater: Updater<T & Data>, { add_arg, context, id_gen }: UpdateOneOrAdd<T & Data>): Promise<boolean>;
 }
 export interface ValtheraCompatible {
 	c(collection: string): CollectionManager;
@@ -151,14 +151,19 @@ export interface ValtheraCompatible {
 	ensureCollection(collection: string): Promise<boolean>;
 	issetCollection(collection: string): Promise<boolean>;
 	add<T = Data>(collection: string, data: Arg<T>, id_gen?: boolean): Promise<T>;
-	find<T = Data>(collection: string, search: Search<T>, context?: VContext, options?: DbFindOpts<T>, findOpts?: FindOpts<T>): Promise<T[]>;
-	findOne<T = Data>(collection: string, search: Search<T>, context?: VContext, findOpts?: FindOpts<T>): Promise<T | null>;
+	find<T = Data>(collection: string, search?: Search<T>, options?: DbFindOpts<T>, findOpts?: FindOpts<T>, context?: VContext): Promise<T[]>;
+	findOne<T = Data>(collection: string, search?: Search<T>, findOpts?: FindOpts<T>, context?: VContext): Promise<T | null>;
 	update<T = Data>(collection: string, search: Search<T>, updater: Updater<T>, context?: VContext): Promise<boolean>;
 	updateOne<T = Data>(collection: string, search: Search<T>, updater: Updater<T>, context?: VContext): Promise<boolean>;
 	remove<T = Data>(collection: string, search: Search<T>, context?: VContext): Promise<boolean>;
 	removeOne<T = Data>(collection: string, search: Search<T>, context?: VContext): Promise<boolean>;
 	removeCollection(collection: string): Promise<boolean>;
-	updateOneOrAdd<T = Data>(collection: string, search: Search<T>, updater: Updater<T>, add_arg?: Arg<T>, context?: VContext, id_gen?: boolean): Promise<boolean>;
+	updateOneOrAdd<T = Data>(collection: string, search: Search<T>, updater: Updater<T>, opts?: UpdateOneOrAdd<T>): Promise<boolean>;
+}
+export interface UpdateOneOrAdd<T> {
+	add_arg?: Arg<T>;
+	id_gen?: boolean;
+	context?: VContext;
 }
 declare namespace RelationTypes {
 	type Path = [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wxn0brp/vql",
-  "version": "0.6.4",
+  "version": "0.7.0",
   "main": "dist/index.js",
   "author": "wxn0brP",
   "license": "MIT",
@@ -15,8 +15,8 @@
     "dist"
   ],
   "peerDependencies": {
-    "@wxn0brp/db-core": ">=0.1.4",
-    "@wxn0brp/falcon-frame": ">=0.0.20",
+    "@wxn0brp/db-core": ">=0.2.2",
+    "@wxn0brp/falcon-frame": ">=0.1.0",
     "@wxn0brp/gate-warden": ">=0.4.0"
   },
   "peerDependenciesMeta": {
@@ -31,13 +31,13 @@
     }
   },
   "devDependencies": {
-    "@types/node": "^24.3.0",
-    "@wxn0brp/db": "^0.30.0",
-    "@wxn0brp/falcon-frame": "0.0.21",
+    "@types/node": "*",
+    "@wxn0brp/db": "^0.40.0",
+    "@wxn0brp/falcon-frame": "0.1.0",
     "@wxn0brp/gate-warden": "^0.4.0",
-    "esbuild": "^0.25.9",
-    "tsc-alias": "^1.8.10",
-    "typescript": "^5.9.2"
+    "esbuild": "^0.25.10",
+    "tsc-alias": "*",
+    "typescript": "*"
   },
   "dependencies": {
     "@wxn0brp/lucerna-log": "^0.2.0"