db-model-router 1.0.4 → 1.0.6

package/src/cli/generate-route.js

@@ -58,8 +58,15 @@ export default route(${varName}, { ${fkColumn}: "params.${fkColumn}" });
 /**
  * Generate the routes index file that mounts all routes on an express Router.
  * Supports parent-child nesting: parent/:pk/child
+ *
+ * Child routes are placed in subfolders: routes/<parent>/<child>.js
+ * Children are only mounted under their parent path (no duplicate top-level route).
+ *
+ * @param {string[]} tableNames
+ * @param {Array<{parent, child, foreignKey}>} relationships
+ * @param {{ includeDocs?: boolean }} [options]
  */
-function generateRoutesIndexFile(tableNames, relationships = []) {
+function generateRoutesIndexFile(tableNames, relationships = [], options = {}) {
   let imports = `import express from "express";\n\nconst router = express.Router();\n\n`;
 
   // Collect child tables that are nested under parents
@@ -68,35 +75,42 @@ function generateRoutesIndexFile(tableNames, relationships = []) {
     nestedChildren.add(rel.child);
   }
 
+  // Import top-level routes only (not children)
   for (const table of tableNames) {
+    if (nestedChildren.has(table)) continue;
     const varName = safeVarName(table);
     imports += `import ${varName}Route from "./${table}.js";\n`;
   }
-  // Import child routes with _child suffix for nested ones
+
+  // Import child routes from subfolders
   for (const rel of relationships) {
     const varName = safeVarName(rel.child);
-    imports += `import ${varName}ChildRoute from "./${rel.child}_child_of_${rel.parent}.js";\n`;
+    imports += `import ${varName}ChildRoute from "./${rel.parent}/${rel.child}.js";\n`;
+  }
+
+  // Import docs route if openapi is generated
+  if (options.includeDocs) {
+    imports += `import docsRoute from "./docs.js";\n`;
   }
 
   imports += "\n";
 
-  // Mount top-level routes (skip tables that are ONLY children)
-  for (const table of tableNames) {
-    if (nestedChildren.has(table)) continue;
-    const varName = safeVarName(table);
-    imports += `router.use("/${table}", ${varName}Route);\n`;
+  // Mount docs route first
+  if (options.includeDocs) {
+    imports += `router.use("/docs", docsRoute);\n`;
   }
 
-  // Mount nested child routes under parent
+  // Mount child routes BEFORE parent routes to prevent path clashing
   for (const rel of relationships) {
     const childVar = safeVarName(rel.child);
-    imports += `router.use("/${rel.parent}/:${rel.fkColumn}/${rel.child}", ${childVar}ChildRoute);\n`;
+    imports += `router.use("/${rel.parent}/:${rel.foreignKey}/${rel.child}", ${childVar}ChildRoute);\n`;
   }
 
-  // Also mount children as top-level for direct access
-  for (const rel of relationships) {
-    const varName = safeVarName(rel.child);
-    imports += `router.use("/${rel.child}", ${varName}Route);\n`;
+  // Mount top-level routes
+  for (const table of tableNames) {
+    if (nestedChildren.has(table)) continue;
+    const varName = safeVarName(table);
+    imports += `router.use("/${table}", ${varName}Route);\n`;
   }
 
   imports += "\nexport default router;\n";
@@ -387,7 +401,7 @@ async function main() {
         const fkColumn = parent.replace(/s$/, "") + "_id";
         // Only add if both tables exist in our model set
         if (tableNames.includes(parent) && tableNames.includes(child)) {
-          relationships.push({ parent, child, fkColumn });
+          relationships.push({ parent, child, foreignKey: fkColumn });
         }
       }
     }
@@ -398,23 +412,36 @@ async function main() {
     fs.mkdirSync(routesDir, { recursive: true });
   }
 
+  // Collect child tables to skip top-level route files
+  const nestedChildren = new Set();
+  for (const rel of relationships) {
+    nestedChildren.add(rel.child);
+  }
+
   for (const table of tableNames) {
+    if (nestedChildren.has(table)) continue;
     const filePath = path.join(routesDir, table + ".js");
     fs.writeFileSync(filePath, generateRouteFile(table, modelsRelPath));
     console.log(`  Created ${filePath}`);
   }
 
-  // Write child route files for parent-child relationships
+  // Write child route files in subfolders: routes/<parent>/<child>.js
   for (const rel of relationships) {
-    const fileName = `${rel.child}_child_of_${rel.parent}.js`;
-    const filePath = path.join(routesDir, fileName);
+    const parentDir = path.join(routesDir, rel.parent);
+    if (!fs.existsSync(parentDir)) {
+      fs.mkdirSync(parentDir, { recursive: true });
+    }
+    const filePath = path.join(parentDir, `${rel.child}.js`);
+    const childModelsRelPath = path
+      .relative(parentDir, path.resolve(modelsDir))
+      .replace(/\\/g, "/");
     fs.writeFileSync(
       filePath,
       generateChildRouteFile(
         rel.child,
         rel.parent,
-        rel.fkColumn,
-        modelsRelPath,
+        rel.foreignKey,
+        childModelsRelPath,
       ),
     );
     console.log(`  Created ${filePath}`);
@@ -445,7 +472,7 @@ async function main() {
       }
     }
     if (modelMeta.length > 0) {
-      const spec = generateOpenAPISpec(modelMeta);
+      const spec = generateOpenAPISpec(modelMeta, { relationships });
       const specPath = path.join(routesDir, "openapi.json");
       fs.writeFileSync(specPath, JSON.stringify(spec, null, 2));
       console.log(`  Created ${specPath}`);
@@ -473,7 +500,7 @@ async function main() {
     console.log(`  Created ${testPath}`);
   }
 
-  // Generate child route test files
+  // Generate child route test files in subfolders
   for (const rel of relationships) {
     let pk = "id";
     const modelPath = path.join(modelsDir, rel.child + ".js");
@@ -484,13 +511,14 @@ async function main() {
       );
       if (meta && meta.primary_key) pk = meta.primary_key;
     }
-    const testPath = path.join(
-      testsDir,
-      `${rel.child}_child_of_${rel.parent}.test.js`,
-    );
+    const parentTestDir = path.join(testsDir, rel.parent);
+    if (!fs.existsSync(parentTestDir)) {
+      fs.mkdirSync(parentTestDir, { recursive: true });
+    }
+    const testPath = path.join(parentTestDir, `${rel.child}.test.js`);
     fs.writeFileSync(
       testPath,
-      generateChildTestFile(rel.child, rel.parent, rel.fkColumn, pk),
+      generateChildTestFile(rel.child, rel.parent, rel.foreignKey, pk),
     );
     console.log(`  Created ${testPath}`);
   }

package/src/cli/init/dependencies.js

@@ -63,6 +63,9 @@ function collectDependencies(answers) {
   // Dev dependencies
   devDependencies["nodemon"] = "latest";
 
+  // Swagger UI for API documentation
+  dependencies["swagger-ui-express"] = "latest";
+
   return { dependencies, devDependencies };
 }
 

package/src/cli/init/generators.js

@@ -367,21 +367,21 @@ function generateAppJs(answers) {
     answers.framework === "ultimate-express" ? "ultimate-express" : "express";
 
   // Imports
-  let imports = `const express = require("${frameworkPkg}");
-const { init, db } = require("db-model-router");
-const session = require("express-session");`;
+  let imports = `import express from "${frameworkPkg}";
+import { init, db } from "db-model-router";
+import session from "express-session";`;
 
   if (answers.session === "redis") {
-    imports += `\nconst RedisStore = require("connect-redis").default;
-const { Redis } = require("ioredis");`;
+    imports += `\nimport RedisStore from "connect-redis";
+import { Redis } from "ioredis";`;
   }
   if (answers.rateLimiting) {
-    imports += `\nconst rateLimit = require("express-rate-limit");`;
+    imports += `\nimport rateLimit from "express-rate-limit";`;
   }
   if (answers.helmet) {
-    imports += `\nconst helmet = require("helmet");`;
+    imports += `\nimport helmet from "helmet";`;
   }
-  imports += `\nconst logger = require("./middleware/logger");`;
+  imports += `\nimport logger from "./middleware/logger.js";`;
 
   // Rate limiting block
   const rateLimitBlock = answers.rateLimiting
@@ -396,9 +396,7 @@ const { Redis } = require("ioredis");`;
   const helmetBlock = answers.helmet ? `app.use(helmet());` : "";
 
   return `${imports}
-
-// Load environment variables
-require("dotenv").config();
+import "dotenv/config";
 
 // Initialize database adapter
 init("${answers.database}");
@@ -428,7 +426,7 @@ app.listen(PORT, () => {
   console.log(\`Server running on port \${PORT}\`);
 });
 
-module.exports = app;
+export default app;
 `;
 }
 
@@ -551,14 +549,15 @@ function generateMigrateScript(answers) {
 
   if (isNoSql) {
     return `#!/usr/bin/env node
-"use strict";
+import fs from "fs";
+import path from "path";
+import crypto from "crypto";
+import { fileURLToPath } from "url";
+import "dotenv/config";
 
-const fs = require("fs");
-const path = require("path");
-const crypto = require("crypto");
-require("dotenv").config();
+import { init, db } from "db-model-router";
 
-const { init, db } = require("db-model-router");
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
 
 init("${answers.database}");
 
@@ -598,7 +597,7 @@ async function migrate() {
     const content = fs.readFileSync(filePath, "utf8");
     const checksum = crypto.createHash("md5").update(content).digest("hex");
 
-    const migration = require(filePath);
+    const migration = await import(filePath);
     console.log(\`  Running migration: \${file}\`);
     await migration.up(db);
     await recordMigration(file, checksum);
@@ -622,14 +621,15 @@ migrate().catch(err => {
   }
 
   return `#!/usr/bin/env node
-"use strict";
+import fs from "fs";
+import path from "path";
+import crypto from "crypto";
+import { fileURLToPath } from "url";
+import "dotenv/config";
 
-const fs = require("fs");
-const path = require("path");
-const crypto = require("crypto");
-require("dotenv").config();
+import { init, db } from "db-model-router";
 
-const { init, db } = require("db-model-router");
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
 
 init("${answers.database}");
 
@@ -700,14 +700,15 @@ function generateAddMigrationScript(answers) {
   const isNoSql = NOSQL_DATABASES.includes(answers.database);
   const ext = isNoSql ? "js" : "sql";
   const template = isNoSql
-    ? `"use strict";\\n\\nmodule.exports = {\\n  async up(db) {\\n    // Write your migration here\\n  },\\n\\n  async down(db) {\\n    // Write your rollback here\\n  },\\n};\\n`
+    ? `export async function up(db) {\\n  // Write your migration here\\n}\\n\\nexport async function down(db) {\\n  // Write your rollback here\\n}\\n`
     : `-- Write your migration SQL here\\n`;
 
   return `#!/usr/bin/env node
-"use strict";
+import fs from "fs";
+import path from "path";
+import { fileURLToPath } from "url";
 
-const fs = require("fs");
-const path = require("path");
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
 
 const migrationsDir = path.join(__dirname, "migrations");
 
@@ -1422,6 +1423,8 @@ if (isMain) {
   const pkg = await import("db-model-router");
   const mod = pkg.default || pkg;
   mod.init("${answers.database}");
+  mod.db.connect({
+  ${dbConnectArgs(answers.database)}});
   const migrationsDir = path.join(__dirname, "${migrationsRel}");
   runMigrations(mod.db, migrationsDir)
     .then(() => process.exit(0))
@@ -1490,6 +1493,8 @@ if (isMain) {
   const pkg = await import("db-model-router");
   const mod = pkg.default || pkg;
   mod.init("${answers.database}");
+  mod.db.connect({
+  ${dbConnectArgs(answers.database)}});
   const migrationsDir = path.join(__dirname, "${migrationsRel}");
   runMigrations(mod.db, migrationsDir)
     .then(() => process.exit(0))
@@ -1715,7 +1720,7 @@ function generateAppJsV2(answers, outputDir) {
     answers.framework === "ultimate-express" ? "ultimate-express" : "express";
 
   const commonsPrefix = outputDir ? `./${outputDir}/commons` : "./commons";
-  const routePrefix = outputDir ? `./${outputDir}/route` : "./route";
+  const routePrefix = outputDir ? `./${outputDir}/routes` : "./routes";
   const middlewarePrefix = outputDir
     ? `./${outputDir}/middleware`
     : "./middleware";
@@ -1726,7 +1731,8 @@ import configureSession from "${commonsPrefix}/session.js";
 import applySecurity from "${commonsPrefix}/security.js";
 import logger from "${middlewarePrefix}/logger.js";
 import route from "${routePrefix}/index.js";
-
+import { fileURLToPath } from 'node:url';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const app = express();
 const PORT = process.env.PORT || 3000;
 

package/src/cli/init.js

@@ -95,7 +95,7 @@ function generateFiles(answers, outputDir) {
     path.join(srcBase, "middleware"),
     path.join(srcBase, "migrations"),
     path.join(srcBase, "commons"),
-    path.join(srcBase, "route"),
+    path.join(srcBase, "routes"),
   ];
   // SQLite3 needs a data/ folder for the database file
   if (answers.database === "sqlite3") {
@@ -189,15 +189,15 @@ function generateFiles(answers, outputDir) {
   if (safeWriteFile(dbPath, generateDbModule(answers)))
     files.push(path.join(srcBase, "commons/db.js"));
 
-  // route/health.js
-  const healthPath = path.join(srcBase, "route", "health.js");
+  // routes/health.js
+  const healthPath = path.join(srcBase, "routes", "health.js");
   if (safeWriteFile(healthPath, generateHealthRoute()))
-    files.push(path.join(srcBase, "route/health.js"));
+    files.push(path.join(srcBase, "routes/health.js"));
 
-  // route/index.js
-  const routeIndexPath = path.join(srcBase, "route", "index.js");
+  // routes/index.js
+  const routeIndexPath = path.join(srcBase, "routes", "index.js");
   if (safeWriteFile(routeIndexPath, generateRouteIndexFile()))
-    files.push(path.join(srcBase, "route/index.js"));
+    files.push(path.join(srcBase, "routes/index.js"));
 
   // Initial migration (inside outputDir/migrations)
   const initialMigration = generateInitialMigration(answers);
@@ -365,7 +365,7 @@ Options:
   --db <name>           Alias for --database
   --session <type>      Session store: memory, redis, database
   --output <dir>        Directory for backend source files (e.g. --output backend).
-                        package.json stays in root; index.js, commons/, route/,
+                        package.json stays in root; index.js, commons/, routes/,
                         middleware/, and migrations/ go inside the output folder.
   --rateLimiting        Enable rate limiting (express-rate-limit)
   --helmet              Enable Helmet security headers

package/src/cli/main.js

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 "use strict";
 
 const { parseFlags, OutputContext } = require("./flags");
@@ -64,7 +64,7 @@ const COMMAND_FLAGS = {
     ["--routes", "Generate only route files"],
     ["--openapi", "Generate only OpenAPI spec"],
     ["--tests", "Generate only test files"],
-    ["--llm-docs", "Generate only LLM documentation"],
+    ["--db-manager", "Generate DB Manager UI (SQL adapters only)"],
   ],
   doctor: [["--from <path>", "Schema file (default: dbmr.schema.json)"]],
   diff: [["--from <path>", "Schema file (default: dbmr.schema.json)"]],

package/src/cockroachdb/db.js

@@ -371,22 +371,30 @@ async function insert(table, data, uniqueKeys = []) {
     }
   }
 
-  // Bulk insert via multi-row VALUES
+  // Bulk insert via multi-row VALUES in batches of 1000
+  const BATCH_SIZE = 1000;
+  const colList = columns.join(",");
   const client = await pool.connect();
   try {
-    let paramIdx = 0;
-    const allParams = [];
-    const valuesClauses = array.map((row) => {
-      const placeholders = columns.map((c) => {
-        paramIdx++;
-        allParams.push(sanitizeValue(row[c]));
-        return "$" + paramIdx;
+    await client.query("BEGIN");
+    for (let offset = 0; offset < total; offset += BATCH_SIZE) {
+      const batch = array.slice(offset, offset + BATCH_SIZE);
+      let paramIdx = 0;
+      const allParams = [];
+      const valuesClauses = batch.map((row) => {
+        const placeholders = columns.map((c) => {
+          paramIdx++;
+          allParams.push(sanitizeValue(row[c]));
+          return "$" + paramIdx;
+        });
+        return "(" + placeholders.join(",") + ")";
       });
-      return "(" + placeholders.join(",") + ")";
-    });
-    const sql = `INSERT INTO ${table} (${columns.join(",")}) VALUES ${valuesClauses.join(",")}`;
-    await client.query(sql, allParams);
+      const sql = `INSERT INTO ${table} (${colList}) VALUES ${valuesClauses.join(",")}`;
+      await client.query(sql, allParams);
+    }
+    await client.query("COMMIT");
   } catch (e) {
+    await client.query("ROLLBACK").catch(() => {});
     throw mapPgError(e);
   } finally {
     client.release();
@@ -407,35 +415,40 @@ async function _insertOnConflict(table, array, columns, uniqueKeys, total) {
   let lastId = 0;
   const pk = await getPkColumn(table);
   const conflictCols = uniqueKeys.join(",");
+  const colList = columns.join(",");
+  const BATCH_SIZE = 1000;
 
-  for (const row of array) {
-    const vals = columns.map((c) => sanitizeValue(row[c]));
-    const placeholders = columns.map((_, i) => "$" + (i + 1)).join(",");
-    let sql = `INSERT INTO ${table} (${columns.join(",")}) VALUES (${placeholders}) ON CONFLICT (${conflictCols}) DO NOTHING`;
-    if (pk) sql += ` RETURNING ${pk}`;
+  const client = await pool.connect();
+  try {
+    await client.query("BEGIN");
+
+    for (let offset = 0; offset < total; offset += BATCH_SIZE) {
+      const batch = array.slice(offset, offset + BATCH_SIZE);
+      let paramIdx = 0;
+      const allParams = [];
+      const valuesClauses = batch.map((row) => {
+        const placeholders = columns.map((c) => {
+          paramIdx++;
+          allParams.push(sanitizeValue(row[c]));
+          return "$" + paramIdx;
+        });
+        return "(" + placeholders.join(",") + ")";
+      });
+      let sql = `INSERT INTO ${table} (${colList}) VALUES ${valuesClauses.join(",")} ON CONFLICT (${conflictCols}) DO NOTHING`;
+      if (pk) sql += ` RETURNING ${pk}`;
 
-    const client = await pool.connect();
-    try {
-      const result = await client.query(sql, vals);
-      if (result.rows && result.rows.length > 0 && pk) {
-        lastId = result.rows[0][pk] || 0;
-      } else if (total === 1 && pk) {
-        // Row already existed, fetch its PK
-        const whereClauses = uniqueKeys
-          .map((k, i) => `${k} = $${i + 1}`)
-          .join(" AND ");
-        const whereVals = uniqueKeys.map((k) => row[k]);
-        const fetched = await client.query(
-          `SELECT ${pk} FROM ${table} WHERE ${whereClauses}`,
-          whereVals,
-        );
-        if (fetched.rows.length > 0) lastId = fetched.rows[0][pk] || 0;
+      const result = await client.query(sql, allParams);
+      if (pk && result.rows && result.rows.length > 0) {
+        lastId = result.rows[result.rows.length - 1][pk] || lastId;
       }
-    } catch (e) {
-      throw mapPgError(e);
-    } finally {
-      client.release();
     }
+
+    await client.query("COMMIT");
+  } catch (e) {
+    await client.query("ROLLBACK").catch(() => {});
+    throw mapPgError(e);
+  } finally {
+    client.release();
   }
 
   return {
@@ -471,13 +484,13 @@ async function upsert(table, data, uniqueKeys = []) {
         const updateCols = columns.filter((c) => c !== keyCol);
         if (updateCols.length === 0) continue;
         const setClause = updateCols
-          .map((c, i) => `${c} = $${i + 1}`)
+          .map((c, i) => `${c} = ${i + 1}`)
           .join(", ");
         const vals = [
           ...updateCols.map((c) => sanitizeValue(row[c])),
           row[keyCol],
         ];
-        const sql = `UPDATE ${table} SET ${setClause} WHERE ${keyCol} = $${updateCols.length + 1}`;
+        const sql = `UPDATE ${table} SET ${setClause} WHERE ${keyCol} = ${updateCols.length + 1}`;
         await query(sql, vals);
         if (row[keyCol]) lastId = row[keyCol];
       }
@@ -497,34 +510,51 @@ async function upsert(table, data, uniqueKeys = []) {
   const nonUniqueColumns = columns.filter((c) => !uniqueKeys.includes(c));
   const pk = await getPkColumn(table);
   let lastId = 0;
+  const BATCH_SIZE = 1000;
+
+  const client = await pool.connect();
+  try {
+    await client.query("BEGIN");
 
-  for (const row of array) {
-    const vals = columns.map((c) => sanitizeValue(row[c]));
-    const placeholders = columns.map((_, i) => "$" + (i + 1)).join(",");
-    const conflictCols = uniqueKeys.join(",");
     const updateSetSql = nonUniqueColumns
       .map((c) => `${c} = EXCLUDED.${c}`)
       .join(", ");
+    const conflictCols = uniqueKeys.join(",");
+    const colList = columns.join(",");
+
+    for (let offset = 0; offset < total; offset += BATCH_SIZE) {
+      const batch = array.slice(offset, offset + BATCH_SIZE);
+      let paramIdx = 0;
+      const allParams = [];
+      const valuesClauses = batch.map((row) => {
+        const placeholders = columns.map((c) => {
+          paramIdx++;
+          allParams.push(sanitizeValue(row[c]));
+          return "$" + paramIdx;
+        });
+        return "(" + placeholders.join(",") + ")";
+      });
 
-    let sql = `INSERT INTO ${table} (${columns.join(",")}) VALUES (${placeholders}) ON CONFLICT (${conflictCols})`;
-    if (updateSetSql) {
-      sql += ` DO UPDATE SET ${updateSetSql}`;
-    } else {
-      sql += ` DO NOTHING`;
-    }
-    if (pk) sql += ` RETURNING ${pk}`;
+      let sql = `INSERT INTO ${table} (${colList}) VALUES ${valuesClauses.join(",")} ON CONFLICT (${conflictCols})`;
+      if (updateSetSql) {
+        sql += ` DO UPDATE SET ${updateSetSql}`;
+      } else {
+        sql += ` DO NOTHING`;
+      }
+      if (pk) sql += ` RETURNING ${pk}`;
 
-    const client = await pool.connect();
-    try {
-      const result = await client.query(sql, vals);
-      if (result.rows && result.rows.length > 0 && pk) {
-        lastId = result.rows[0][pk] || 0;
+      const result = await client.query(sql, allParams);
+      if (pk && result.rows && result.rows.length > 0) {
+        lastId = result.rows[result.rows.length - 1][pk] || lastId;
       }
-    } catch (e) {
-      throw mapPgError(e);
-    } finally {
-      client.release();
     }
+
+    await client.query("COMMIT");
+  } catch (e) {
+    await client.query("ROLLBACK").catch(() => {});
+    throw mapPgError(e);
+  } finally {
+    client.release();
   }
 
   const response = {
@@ -554,6 +584,7 @@ module.exports = {
   query,
   qcount,
   remove,
+  delete: remove,
   upsert,
   change: upsert,
   insert,

package/src/commons/route.js

@@ -157,12 +157,10 @@ module.exports = function route(model, override = {}) {
     })
     .post("/", (req, res) => {
       if (!req.body || !Array.isArray(req.body.data)) {
-        return res
-          .status(400)
-          .send({
-            type: "danger",
-            message: "Request body must contain a 'data' array",
-          });
+        return res.status(400).send({
+          type: "danger",
+          message: "Request body must contain a 'data' array",
+        });
       }
       let payload = payloadOverride(req.body.data, req, override);
       model
@@ -176,12 +174,10 @@ module.exports = function route(model, override = {}) {
     })
     .put("/", (req, res) => {
       if (!req.body || !Array.isArray(req.body.data)) {
-        return res
-          .status(400)
-          .send({
-            type: "danger",
-            message: "Request body must contain a 'data' array",
-          });
+        return res.status(400).send({
+          type: "danger",
+          message: "Request body must contain a 'data' array",
+        });
       }
       let payload = payloadOverride(req.body.data, req, override);
       model
@@ -194,15 +190,19 @@ module.exports = function route(model, override = {}) {
         });
     })
     .delete("/", (req, res) => {
-      if (!req.body || !Array.isArray(req.body.data)) {
-        return res
-          .status(400)
-          .send({
-            type: "danger",
-            message: "Request body must contain a 'data' array",
-          });
+      if (!req.body || Object.keys(req.body).length === 0) {
+        return res.status(400).send({
+          type: "danger",
+          message: "Request body must contain filter criteria",
+        });
+      }
+      // Accept { data: [...] } (legacy array) or plain filter object in body
+      let payload;
+      if (req.body.data && Array.isArray(req.body.data)) {
+        payload = payloadOverride(req.body.data, req, override);
+      } else {
+        payload = payloadOverride(req.body, req, override);
       }
-      let payload = payloadOverride(req.body.data, req, override);
       model
         .remove(payload)
         .then((response) => {