dbnexus 0.4.0 → 0.5.0

package/dist/cli.js

@@ -33113,7 +33113,7 @@ var import_dotenv = __toESM(require_main(), 1);
 import Database from "better-sqlite3";
 
 // packages/metadata/dist/schema.js
-var SCHEMA_VERSION = 21;
+var SCHEMA_VERSION = 22;
 var MIGRATIONS = [
   // Version 1: Initial schema
   `
@@ -33598,6 +33598,50 @@ var MIGRATIONS = [
   CREATE INDEX IF NOT EXISTS idx_backups_created_by ON backups(created_by);
 
   UPDATE schema_version SET version = 21;
+  `,
+  // Version 22: Add is_public to resources + rename settings to user_preferences with user_id
+  `
+  -- Create system user for storing system-wide preferences (if not exists)
+  INSERT OR IGNORE INTO users (id, email, password_hash, role, created_at, updated_at)
+  VALUES ('system', 'system@internal', '', 'admin', datetime('now'), datetime('now'));
+
+  -- Ensure settings table exists (even if empty) to avoid errors in migration
+  CREATE TABLE IF NOT EXISTS settings (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL,
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+
+  -- Create user_preferences table (replaces settings)
+  CREATE TABLE IF NOT EXISTS user_preferences (
+    id TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    key TEXT NOT NULL,
+    value TEXT NOT NULL,
+    updated_at TEXT NOT NULL DEFAULT (datetime('now')),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+    UNIQUE(user_id, key)
+  );
+
+  -- Migrate existing settings as system defaults (user_id = 'system')
+  INSERT OR IGNORE INTO user_preferences (id, user_id, key, value, updated_at)
+  SELECT hex(randomblob(16)), 'system', key, value, updated_at FROM settings;
+
+  -- Drop old settings table
+  DROP TABLE IF EXISTS settings;
+
+  -- Create index for user preferences
+  CREATE INDEX IF NOT EXISTS idx_user_preferences_user ON user_preferences(user_id);
+  CREATE INDEX IF NOT EXISTS idx_user_preferences_key ON user_preferences(user_id, key);
+
+  -- Add is_public to resources (default 0 = private, only owner can see)
+  ALTER TABLE connections ADD COLUMN is_public INTEGER NOT NULL DEFAULT 0;
+  ALTER TABLE servers ADD COLUMN is_public INTEGER NOT NULL DEFAULT 0;
+  ALTER TABLE projects ADD COLUMN is_public INTEGER NOT NULL DEFAULT 0;
+  ALTER TABLE database_groups ADD COLUMN is_public INTEGER NOT NULL DEFAULT 0;
+  ALTER TABLE saved_queries ADD COLUMN is_public INTEGER NOT NULL DEFAULT 0;
+
+  UPDATE schema_version SET version = 22;
   `
 ];
 
@@ -33717,9 +33761,9 @@ var ConnectionRepository = class {
     const encryptedPwd = input.password ? encryptPassword(input.password) : null;
     const connectionType = input.connectionType || this.inferConnectionType(input.host);
     this.db.prepare(`
-      INSERT INTO connections (id, name, engine, connection_type, host, port, database, username, encrypted_password, ssl, default_schema, tags, read_only, server_id, project_id, group_id, created_by, created_at, updated_at)
-      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-    `).run(id, input.name, input.engine, connectionType, input.host, input.port, input.database, input.username, encryptedPwd, input.ssl ? 1 : 0, input.defaultSchema || null, JSON.stringify(input.tags ?? []), input.readOnly ? 1 : 0, input.serverId || null, input.projectId || null, input.groupId || null, userId || null, now, now);
+      INSERT INTO connections (id, name, engine, connection_type, host, port, database, username, encrypted_password, ssl, default_schema, tags, read_only, server_id, project_id, group_id, is_public, created_by, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `).run(id, input.name, input.engine, connectionType, input.host, input.port, input.database, input.username, encryptedPwd, input.ssl ? 1 : 0, input.defaultSchema || null, JSON.stringify(input.tags ?? []), input.readOnly ? 1 : 0, input.serverId || null, input.projectId || null, input.groupId || null, input.isPublic ? 1 : 0, userId || null, now, now);
     return this.findById(id);
   }
   /**
@@ -33775,7 +33819,7 @@ var ConnectionRepository = class {
         `;
     const params = [];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` WHERE c.created_by = ? OR c.created_by IS NULL`;
+      query += ` WHERE (c.created_by = ? OR c.created_by IS NULL OR c.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY p.name, dg.name, c.name`;
@@ -33800,7 +33844,7 @@ var ConnectionRepository = class {
         `;
     const params = [projectId];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL OR c.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY dg.name, c.name`;
@@ -33825,7 +33869,7 @@ var ConnectionRepository = class {
         `;
     const params = [groupId];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL OR c.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY c.name`;
@@ -33850,7 +33894,7 @@ var ConnectionRepository = class {
         `;
     const params = [];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL OR c.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY c.name`;
@@ -33874,7 +33918,7 @@ var ConnectionRepository = class {
         `;
     const params = [];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` WHERE c.created_by = ? OR c.created_by IS NULL`;
+      query += ` WHERE (c.created_by = ? OR c.created_by IS NULL OR c.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY c.name`;
@@ -33949,6 +33993,10 @@ var ConnectionRepository = class {
       updates.push("server_id = ?");
       values.push(input.serverId);
     }
+    if (input.isPublic !== void 0) {
+      updates.push("is_public = ?");
+      values.push(input.isPublic ? 1 : 0);
+    }
     if (updates.length > 0) {
       updates.push("updated_at = ?");
       values.push((/* @__PURE__ */ new Date()).toISOString());
@@ -34020,21 +34068,23 @@ var ConnectionRepository = class {
       projectId: row.project_id || void 0,
       groupId: row.group_id || void 0,
       createdBy: row.created_by || void 0,
+      isPublic: row.is_public === 1,
       serverName: row.server_name,
       projectName: row.project_name,
       groupName: row.group_name
     };
   }
   /**
-   * Check if user can access a connection
+   * Check if user can access (view) a connection
+   * Accessible if: owner, admin, not private, or created_by is null (legacy)
    */
   canAccess(connectionId, userContext) {
     if (userContext.isAdmin)
       return true;
-    const row = this.db.prepare("SELECT created_by FROM connections WHERE id = ?").get(connectionId);
+    const row = this.db.prepare("SELECT created_by, is_public FROM connections WHERE id = ?").get(connectionId);
     if (!row)
       return false;
-    return row.created_by === null || row.created_by === userContext.userId;
+    return row.created_by === null || row.created_by === userContext.userId || row.is_public === 1;
   }
   /**
    * Find connections by server ID (filtered by user unless admin)
@@ -34053,13 +34103,25 @@ var ConnectionRepository = class {
         `;
     const params = [serverId];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` AND (c.created_by = ? OR c.created_by IS NULL)`;
+      query += ` AND (c.created_by = ? OR c.created_by IS NULL OR c.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY c.name`;
     const rows = this.db.prepare(query).all(...params);
     return rows.map((row) => this.rowToConnection(row));
   }
+  /**
+   * Check if user can modify (update/delete) a connection
+   * Only owner or admin can modify
+   */
+  canModify(connectionId, userContext) {
+    if (userContext.isAdmin)
+      return true;
+    const row = this.db.prepare("SELECT created_by FROM connections WHERE id = ?").get(connectionId);
+    if (!row)
+      return false;
+    return row.created_by === null || row.created_by === userContext.userId;
+  }
 };
 
 // packages/metadata/dist/repositories/server.repository.js
@@ -34096,6 +34158,7 @@ var ServerRepository = class {
       createdAt: new Date(row.created_at),
       updatedAt: new Date(row.updated_at),
       createdBy: row.created_by ?? void 0,
+      isPublic: row.is_public === 1,
       databaseCount: row.database_count
     };
   }
@@ -34148,7 +34211,7 @@ var ServerRepository = class {
         `;
     const params = [];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` WHERE s.created_by = ? OR s.created_by IS NULL`;
+      query += ` WHERE (s.created_by = ? OR s.created_by IS NULL OR s.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY s.name`;
@@ -34167,7 +34230,7 @@ var ServerRepository = class {
         `;
     const params = [engine];
     if (userContext && !userContext.isAdmin && userContext.userId) {
-      query += ` AND (s.created_by = ? OR s.created_by IS NULL)`;
+      query += ` AND (s.created_by = ? OR s.created_by IS NULL OR s.is_public = 1)`;
       params.push(userContext.userId);
     }
     query += ` ORDER BY s.name`;
@@ -34175,9 +34238,20 @@ var ServerRepository = class {
     return rows.map((row) => this.rowToServer(row));
   }
   /**
-   * Check if user can access a server
+   * Check if user can access (view) a server
    */
   canAccess(serverId, userContext) {
+    if (userContext.isAdmin)
+      return true;
+    const row = this.db.prepare("SELECT created_by, is_public FROM servers WHERE id = ?").get(serverId);
+    if (!row)
+      return false;
+    return row.created_by === null || row.created_by === userContext.userId || row.is_public === 1;
+  }
+  /**
+   * Check if user can modify (update/delete) a server
+   */
+  canModify(serverId, userContext) {
     if (userContext.isAdmin)
       return true;
     const row = this.db.prepare("SELECT created_by FROM servers WHERE id = ?").get(serverId);
@@ -34235,6 +34309,10 @@ var ServerRepository = class {
       updates.push("stop_command = ?");
       values.push(input.stopCommand || null);
     }
+    if (input.isPublic !== void 0) {
+      updates.push("is_public = ?");
+      values.push(input.isPublic ? 1 : 0);
+    }
     if (updates.length === 0) {
       return existing;
     }
@@ -34279,7 +34357,7 @@ var ServerRepository = class {
 };
 
 // apps/cli/dist/version.js
-var VERSION = true ? "0.4.0" : "0.1.10";
+var VERSION = true ? "0.5.0" : "0.1.10";
 
 // apps/cli/dist/commands/init.js
 function loadEnvFile(cwd) {
@@ -34751,7 +34829,7 @@ var PostgresConnector = class {
         port: this.config.port,
         database: this.config.database,
         user: this.config.username,
-        password: this.config.password,
+        password: this.config.password ?? "",
         ssl: this.config.ssl ? { rejectUnauthorized: this.config.sslVerify ?? false } : false,
         connectionTimeoutMillis: 5e3,
         max: 1
@@ -34783,7 +34861,7 @@ var PostgresConnector = class {
       port: this.config.port,
       database: this.config.database,
       user: this.config.username,
-      password: this.config.password,
+      password: this.config.password ?? "",
       ssl: this.config.ssl ? { rejectUnauthorized: this.config.sslVerify ?? false } : false,
       max: 10,
       idleTimeoutMillis: 3e4,