npm - dbnexus - Versions diffs - 0.3.1 → 0.4.0 - Mend

dbnexus 0.3.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/api.js +7922 -686
package/dist/cli.js +222 -66
package/dist/web/assets/index-DoAn-9yR.js +517 -0
package/dist/web/index.html +1 -1
package/package.json +1 -1
package/dist/web/assets/index-Cqd98z-J.js +0 -510

package/dist/cli.js CHANGED Viewed

@@ -33113,7 +33113,7 @@ var import_dotenv = __toESM(require_main(), 1);
 import Database from "better-sqlite3";
 // packages/metadata/dist/schema.js
-var SCHEMA_VERSION = 19;
+var SCHEMA_VERSION = 21;
 var MIGRATIONS = [
   // Version 1: Initial schema
   `
@@ -33514,6 +33514,90 @@ var MIGRATIONS = [
   ALTER TABLE servers ADD COLUMN stop_command TEXT;
   UPDATE schema_version SET version = 19;
+  `,
+  // Version 20: Add authentication tables (users, api_keys, user_permissions, refresh_tokens)
+  `
+  -- Users table for authentication
+  CREATE TABLE IF NOT EXISTS users (
+    id TEXT PRIMARY KEY,
+    email TEXT UNIQUE NOT NULL,
+    password_hash TEXT NOT NULL,
+    name TEXT,
+    role TEXT NOT NULL DEFAULT 'viewer' CHECK(role IN ('admin', 'editor', 'viewer')),
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+  -- API Keys for CLI/programmatic access
+  CREATE TABLE IF NOT EXISTS api_keys (
+    id TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    name TEXT NOT NULL,
+    key_hash TEXT NOT NULL,
+    last_used_at TEXT,
+    expires_at TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+  );
+  -- User permissions for per-database access control
+  CREATE TABLE IF NOT EXISTS user_permissions (
+    id TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    connection_id TEXT NOT NULL,
+    permission TEXT NOT NULL DEFAULT 'read' CHECK(permission IN ('read', 'write', 'admin')),
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+    FOREIGN KEY (connection_id) REFERENCES connections(id) ON DELETE CASCADE,
+    UNIQUE(user_id, connection_id)
+  );
+  -- Refresh tokens for JWT authentication
+  CREATE TABLE IF NOT EXISTS refresh_tokens (
+    id TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    token_hash TEXT NOT NULL,
+    expires_at TEXT NOT NULL,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+  );
+  CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
+  CREATE INDEX IF NOT EXISTS idx_api_keys_user ON api_keys(user_id);
+  CREATE INDEX IF NOT EXISTS idx_user_permissions_user ON user_permissions(user_id);
+  CREATE INDEX IF NOT EXISTS idx_user_permissions_connection ON user_permissions(connection_id);
+  CREATE INDEX IF NOT EXISTS idx_refresh_tokens_user ON refresh_tokens(user_id);
+  CREATE INDEX IF NOT EXISTS idx_refresh_tokens_expires ON refresh_tokens(expires_at);
+  UPDATE schema_version SET version = 20;
+  `,
+  // Version 21: Add created_by column to resources for multi-user ownership
+  `
+  -- Add created_by to connections
+  ALTER TABLE connections ADD COLUMN created_by TEXT REFERENCES users(id) ON DELETE SET NULL;
+  CREATE INDEX IF NOT EXISTS idx_connections_created_by ON connections(created_by);
+  -- Add created_by to servers
+  ALTER TABLE servers ADD COLUMN created_by TEXT REFERENCES users(id) ON DELETE SET NULL;
+  CREATE INDEX IF NOT EXISTS idx_servers_created_by ON servers(created_by);
+  -- Add created_by to projects
+  ALTER TABLE projects ADD COLUMN created_by TEXT REFERENCES users(id) ON DELETE SET NULL;
+  CREATE INDEX IF NOT EXISTS idx_projects_created_by ON projects(created_by);
+  -- Add created_by to database_groups
+  ALTER TABLE database_groups ADD COLUMN created_by TEXT REFERENCES users(id) ON DELETE SET NULL;
+  CREATE INDEX IF NOT EXISTS idx_database_groups_created_by ON database_groups(created_by);
+  -- Add created_by to saved_queries
+  ALTER TABLE saved_queries ADD COLUMN created_by TEXT REFERENCES users(id) ON DELETE SET NULL;
+  CREATE INDEX IF NOT EXISTS idx_saved_queries_created_by ON saved_queries(created_by);
+  -- Add created_by to backups
+  ALTER TABLE backups ADD COLUMN created_by TEXT REFERENCES users(id) ON DELETE SET NULL;
+  CREATE INDEX IF NOT EXISTS idx_backups_created_by ON backups(created_by);
+  UPDATE schema_version SET version = 21;
   `
 ];
@@ -33627,15 +33711,15 @@ var ConnectionRepository = class {
   /**
    * Create a new connection with password
    */
-  create(input) {
+  create(input, userId) {
     const id = MetadataDatabase.generateId();
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const encryptedPwd = input.password ? encryptPassword(input.password) : null;
     const connectionType = input.connectionType || this.inferConnectionType(input.host);
     this.db.prepare(`
-      INSERT INTO connections (id, name, engine, connection_type, host, port, database, username, encrypted_password, ssl, default_schema, tags, read_only, server_id, project_id, group_id, created_at, updated_at)
-      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-    `).run(id, input.name, input.engine, connectionType, input.host, input.port, input.database, input.username, encryptedPwd, input.ssl ? 1 : 0, input.defaultSchema || null, JSON.stringify(input.tags ?? []), input.readOnly ? 1 : 0, input.serverId || null, input.projectId || null, input.groupId || null, now, now);
+      INSERT INTO connections (id, name, engine, connection_type, host, port, database, username, encrypted_password, ssl, default_schema, tags, read_only, server_id, project_id, group_id, created_by, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `).run(id, input.name, input.engine, connectionType, input.host, input.port, input.database, input.username, encryptedPwd, input.ssl ? 1 : 0, input.defaultSchema || null, JSON.stringify(input.tags ?? []), input.readOnly ? 1 : 0, input.serverId || null, input.projectId || null, input.groupId || null, userId || null, now, now);
     return this.findById(id);
   }
   /**
@@ -33675,10 +33759,10 @@ var ConnectionRepository = class {
     return row ? this.rowToConnection(row) : null;
   }
   /**
-   * Get all connections
+   * Get all connections (filtered by user unless admin)
    */
-  findAll() {
-    const rows = this.db.prepare(`
+  findAll(userContext) {
+    let query = `
             SELECT
                 c.*,
                 s.name as server_name,
@@ -33688,15 +33772,21 @@ var ConnectionRepository = class {
             LEFT JOIN servers s ON c.server_id = s.id
             LEFT JOIN projects p ON c.project_id = p.id
             LEFT JOIN database_groups dg ON c.group_id = dg.id
-            ORDER BY p.name, dg.name, c.name
-        `).all();
+        `;
+    const params = [];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` WHERE c.created_by = ? OR c.created_by IS NULL`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY p.name, dg.name, c.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToConnection(row));
   }
   /**
-   * Find connections by project
+   * Find connections by project (filtered by user unless admin)
    */
-  findByProject(projectId) {
-    const rows = this.db.prepare(`
+  findByProject(projectId, userContext) {
+    let query = `
             SELECT
                 c.*,
                 s.name as server_name,
@@ -33707,15 +33797,21 @@ var ConnectionRepository = class {
             LEFT JOIN projects p ON c.project_id = p.id
             LEFT JOIN database_groups dg ON c.group_id = dg.id
             WHERE c.project_id = ?
-            ORDER BY dg.name, c.name
-        `).all(projectId);
+        `;
+    const params = [projectId];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY dg.name, c.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToConnection(row));
   }
   /**
-   * Find connections by database group
+   * Find connections by database group (filtered by user unless admin)
    */
-  findByGroup(groupId) {
-    const rows = this.db.prepare(`
+  findByGroup(groupId, userContext) {
+    let query = `
             SELECT
                 c.*,
                 s.name as server_name,
@@ -33726,15 +33822,21 @@ var ConnectionRepository = class {
             LEFT JOIN projects p ON c.project_id = p.id
             LEFT JOIN database_groups dg ON c.group_id = dg.id
             WHERE c.group_id = ?
-            ORDER BY c.name
-        `).all(groupId);
+        `;
+    const params = [groupId];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY c.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToConnection(row));
   }
   /**
-   * Find ungrouped connections (no project assigned)
+   * Find ungrouped connections (no project assigned, filtered by user unless admin)
    */
-  findUngrouped() {
-    const rows = this.db.prepare(`
+  findUngrouped(userContext) {
+    let query = `
             SELECT
                 c.*,
                 s.name as server_name,
@@ -33745,15 +33847,21 @@ var ConnectionRepository = class {
             LEFT JOIN projects p ON c.project_id = p.id
             LEFT JOIN database_groups dg ON c.group_id = dg.id
             WHERE c.project_id IS NULL
-            ORDER BY c.name
-        `).all();
+        `;
+    const params = [];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY c.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToConnection(row));
   }
   /**
-   * Find connections by tag
+   * Find connections by tag (filtered by user unless admin)
    */
-  findByTag(tag) {
-    const rows = this.db.prepare(`
+  findByTag(tag, userContext) {
+    let query = `
             SELECT
                 c.*,
                 s.name as server_name,
@@ -33763,8 +33871,14 @@ var ConnectionRepository = class {
             LEFT JOIN servers s ON c.server_id = s.id
             LEFT JOIN projects p ON c.project_id = p.id
             LEFT JOIN database_groups dg ON c.group_id = dg.id
-            ORDER BY c.name
-        `).all();
+        `;
+    const params = [];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` WHERE c.created_by = ? OR c.created_by IS NULL`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY c.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.filter((row) => {
       const tags = JSON.parse(row.tags);
       return tags.includes(tag);
@@ -33905,27 +34019,45 @@ var ConnectionRepository = class {
       serverId: row.server_id || void 0,
       projectId: row.project_id || void 0,
       groupId: row.group_id || void 0,
+      createdBy: row.created_by || void 0,
       serverName: row.server_name,
       projectName: row.project_name,
       groupName: row.group_name
     };
   }
   /**
-   * Find connections by server ID
+   * Check if user can access a connection
    */
-  findByServerId(serverId) {
-    const rows = this.db.prepare(`
-                SELECT c.*,
-                    s.name as server_name,
-                    p.name as project_name,
-                    g.name as group_name
-                FROM connections c
-                LEFT JOIN servers s ON c.server_id = s.id
-                LEFT JOIN projects p ON c.project_id = p.id
-                LEFT JOIN database_groups g ON c.group_id = g.id
-                WHERE c.server_id = ?
-                ORDER BY c.name
-                `).all(serverId);
+  canAccess(connectionId, userContext) {
+    if (userContext.isAdmin)
+      return true;
+    const row = this.db.prepare("SELECT created_by FROM connections WHERE id = ?").get(connectionId);
+    if (!row)
+      return false;
+    return row.created_by === null || row.created_by === userContext.userId;
+  }
+  /**
+   * Find connections by server ID (filtered by user unless admin)
+   */
+  findByServerId(serverId, userContext) {
+    let query = `
+            SELECT c.*,
+                s.name as server_name,
+                p.name as project_name,
+                g.name as group_name
+            FROM connections c
+            LEFT JOIN servers s ON c.server_id = s.id
+            LEFT JOIN projects p ON c.project_id = p.id
+            LEFT JOIN database_groups g ON c.group_id = g.id
+            WHERE c.server_id = ?
+        `;
+    const params = [serverId];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY c.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToConnection(row));
   }
 };
@@ -33963,21 +34095,22 @@ var ServerRepository = class {
       stopCommand: row.stop_command ?? void 0,
       createdAt: new Date(row.created_at),
       updatedAt: new Date(row.updated_at),
+      createdBy: row.created_by ?? void 0,
       databaseCount: row.database_count
     };
   }
   /**
    * Create a new server
    */
-  create(input) {
+  create(input, userId) {
     const id = MetadataDatabase.generateId();
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const encryptedPwd = input.password ? encryptPassword(input.password) : null;
     const connectionType = input.connectionType || this.inferConnectionType(input.host);
     this.db.prepare(`
-                INSERT INTO servers (id, name, engine, connection_type, host, port, username, encrypted_password, ssl, tags, start_command, stop_command, created_at, updated_at)
-                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-                `).run(id, input.name, input.engine, connectionType, input.host, input.port, input.username, encryptedPwd, input.ssl ? 1 : 0, JSON.stringify(input.tags ?? []), input.startCommand ?? null, input.stopCommand ?? null, now, now);
+                INSERT INTO servers (id, name, engine, connection_type, host, port, username, encrypted_password, ssl, tags, start_command, stop_command, created_by, created_at, updated_at)
+                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+                `).run(id, input.name, input.engine, connectionType, input.host, input.port, input.username, encryptedPwd, input.ssl ? 1 : 0, JSON.stringify(input.tags ?? []), input.startCommand ?? null, input.stopCommand ?? null, userId || null, now, now);
     return this.findById(id);
   }
   /**
@@ -34005,30 +34138,53 @@ var ServerRepository = class {
     return row ? this.rowToServer(row) : null;
   }
   /**
-   * Find all servers
+   * Find all servers (filtered by user unless admin)
    */
-  findAll() {
-    const rows = this.db.prepare(`
-                SELECT s.*,
-                    (SELECT COUNT(*) FROM connections c WHERE c.server_id = s.id) as database_count
-                FROM servers s
-                ORDER BY s.name
-                `).all();
+  findAll(userContext) {
+    let query = `
+            SELECT s.*,
+                (SELECT COUNT(*) FROM connections c WHERE c.server_id = s.id) as database_count
+            FROM servers s
+        `;
+    const params = [];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` WHERE s.created_by = ? OR s.created_by IS NULL`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY s.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToServer(row));
   }
   /**
-   * Find servers by engine
+   * Find servers by engine (filtered by user unless admin)
    */
-  findByEngine(engine) {
-    const rows = this.db.prepare(`
-                SELECT s.*,
-                    (SELECT COUNT(*) FROM connections c WHERE c.server_id = s.id) as database_count
-                FROM servers s
-                WHERE s.engine = ?
-                ORDER BY s.name
-                `).all(engine);
+  findByEngine(engine, userContext) {
+    let query = `
+            SELECT s.*,
+                (SELECT COUNT(*) FROM connections c WHERE c.server_id = s.id) as database_count
+            FROM servers s
+            WHERE s.engine = ?
+        `;
+    const params = [engine];
+    if (userContext && !userContext.isAdmin && userContext.userId) {
+      query += ` AND (s.created_by = ? OR s.created_by IS NULL)`;
+      params.push(userContext.userId);
+    }
+    query += ` ORDER BY s.name`;
+    const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToServer(row));
   }
+  /**
+   * Check if user can access a server
+   */
+  canAccess(serverId, userContext) {
+    if (userContext.isAdmin)
+      return true;
+    const row = this.db.prepare("SELECT created_by FROM servers WHERE id = ?").get(serverId);
+    if (!row)
+      return false;
+    return row.created_by === null || row.created_by === userContext.userId;
+  }
   /**
    * Update a server
    */
@@ -34123,7 +34279,7 @@ var ServerRepository = class {
 };
 // apps/cli/dist/version.js
-var VERSION = true ? "0.3.1" : "0.1.10";
+var VERSION = true ? "0.4.0" : "0.1.10";
 // apps/cli/dist/commands/init.js
 function loadEnvFile(cwd) {