dzql 0.1.2 → 0.1.4

package/src/compiler/codegen/permission-codegen.js

@@ -0,0 +1,310 @@
+/**
+ * Permission Code Generator
+ * Generates PostgreSQL permission check functions from path ASTs
+ */
+
+import { PathParser } from '../parser/path-parser.js';
+
+export class PermissionCodegen {
+  constructor(tableName, permissionPaths) {
+    this.tableName = tableName;
+    this.permissionPaths = permissionPaths;
+    this.parser = new PathParser();
+  }
+
+  /**
+   * Generate all permission check functions
+   * @returns {string} SQL for permission functions
+   */
+  generate() {
+    const functions = [];
+
+    // Always generate the 4 standard permission functions
+    const standardOperations = ['view', 'create', 'update', 'delete'];
+
+    for (const operation of standardOperations) {
+      // Clean the operation name (remove any comments or special characters)
+      const cleanOperation = this._cleanOperationName(operation);
+
+      // Get paths for this operation (checking both clean and original keys)
+      const paths = this.permissionPaths[operation]
+                    || this.permissionPaths[cleanOperation]
+                    || this._findPathsByPartialMatch(operation);
+
+      if (!paths || paths.length === 0) {
+        // Public access - always returns true
+        functions.push(this._generatePublicPermission(cleanOperation));
+      } else {
+        functions.push(this._generatePermissionFunction(cleanOperation, paths));
+      }
+    }
+
+    return functions.join('\n\n');
+  }
+
+  /**
+   * Clean operation name - remove comments, quotes, newlines
+   * @private
+   */
+  _cleanOperationName(operation) {
+    if (!operation || typeof operation !== 'string') {
+      return 'unknown';
+    }
+
+    // Remove SQL comments (-- ... to end of line)
+    let clean = operation.replace(/--[^\n]*/g, '');
+
+    // Remove quotes
+    clean = clean.replace(/['"]/g, '');
+
+    // Remove newlines and extra whitespace
+    clean = clean.replace(/\s+/g, ' ').trim();
+
+    // Extract just the operation name (view, create, update, delete)
+    // Match common patterns
+    if (clean.includes('view')) return 'view';
+    if (clean.includes('create')) return 'create';
+    if (clean.includes('update')) return 'update';
+    if (clean.includes('delete')) return 'delete';
+
+    // If no match, return the first word
+    const firstWord = clean.split(/\s+/)[0].toLowerCase();
+    return firstWord || 'unknown';
+  }
+
+  /**
+   * Find paths by partial match in permission keys
+   * Handles cases where keys might have comments embedded
+   * @private
+   */
+  _findPathsByPartialMatch(operation) {
+    for (const [key, paths] of Object.entries(this.permissionPaths)) {
+      const cleanKey = this._cleanOperationName(key);
+      if (cleanKey === operation) {
+        return paths;
+      }
+    }
+    return null;
+  }
+
+  /**
+   * Generate a permission function for an operation
+   * @private
+   */
+  _generatePermissionFunction(operation, paths) {
+    const functionName = `can_${operation}_${this.tableName}`;
+    const checks = [];
+
+    for (const path of paths) {
+      const ast = this.parser.parse(path);
+      const sql = this._generatePathSQL(ast);
+      if (sql) {
+        checks.push(sql);
+      }
+    }
+
+    // Combine checks with OR logic
+    const checkSQL = checks.length > 0
+      ? checks.join('\n      OR ')
+      : 'false';
+
+    return `-- Permission check: ${operation} on ${this.tableName}
+CREATE OR REPLACE FUNCTION can_${operation}_${this.tableName}(
+  p_user_id INT,
+  p_record JSONB
+) RETURNS BOOLEAN AS $$
+BEGIN
+  RETURN (
+    ${checkSQL}
+  );
+END;
+$$ LANGUAGE plpgsql STABLE SECURITY DEFINER;`;
+  }
+
+  /**
+   * Generate public permission (always true)
+   * @private
+   */
+  _generatePublicPermission(operation) {
+    return `-- Permission check: ${operation} on ${this.tableName} (public access)
+CREATE OR REPLACE FUNCTION can_${operation}_${this.tableName}(
+  p_user_id INT,
+  p_record JSONB
+) RETURNS BOOLEAN AS $$
+BEGIN
+  RETURN true;  -- Public access
+END;
+$$ LANGUAGE plpgsql STABLE SECURITY DEFINER;`;
+  }
+
+  /**
+   * Generate SQL for a path AST
+   * @private
+   */
+  _generatePathSQL(ast) {
+    switch (ast.type) {
+      case 'empty':
+        return 'true';  // No restriction
+
+      case 'direct_field':
+        return this._generateDirectFieldCheck(ast);
+
+      case 'traversal':
+        return this._generateTraversalCheck(ast);
+
+      case 'dot_path':
+        return this._generateDotPathCheck(ast);
+
+      default:
+        console.warn('Unknown AST type:', ast.type);
+        return 'false';
+    }
+  }
+
+  /**
+   * Generate direct field check: @owner_id
+   * @private
+   */
+  _generateDirectFieldCheck(ast) {
+    return `(p_record->>'${ast.field}')::int = p_user_id`;
+  }
+
+  /**
+   * Generate traversal check: @org_id->acts_for[org_id=$]{active}.user_id
+   * @private
+   */
+  _generateTraversalCheck(ast) {
+    const steps = ast.steps;
+
+    // Extract components from the path
+    let sourceField = null;
+    let targetTable = null;
+    let targetField = null;
+    let filters = [];
+    let temporal = false;
+
+    for (const step of steps) {
+      if (step.type === 'field_ref') {
+        if (!sourceField) {
+          // First field reference is the source
+          sourceField = step.field;
+        } else {
+          // Last field reference is the target
+          targetField = step.field;
+        }
+      } else if (step.type === 'table_ref') {
+        targetTable = step.table;
+
+        // Collect filter conditions
+        if (step.filter) {
+          filters = step.filter;
+        }
+
+        // Check for temporal marker
+        if (step.temporal) {
+          temporal = true;
+        }
+
+        // Get target field if specified in table ref
+        if (step.targetField) {
+          targetField = step.targetField;
+        }
+      }
+    }
+
+    // Build WHERE conditions
+    const conditions = [];
+
+    // Add filter conditions
+    for (const filter of filters) {
+      if (filter.operator === '=' && filter.value.type === 'param') {
+        // field=$ means match the record's field value
+        conditions.push(`${targetTable}.${filter.field} = (p_record->>'${sourceField}')::int`);
+      } else if (filter.operator === '=') {
+        const value = this._formatValue(filter.value);
+        conditions.push(`${targetTable}.${filter.field} = ${value}`);
+      }
+    }
+
+    // Add temporal condition
+    if (temporal) {
+      conditions.push(`${targetTable}.valid_to IS NULL`);
+    }
+
+    // Add user_id check (final target)
+    if (targetField) {
+      conditions.push(`${targetTable}.${targetField} = p_user_id`);
+    }
+
+    // Build EXISTS query
+    const whereClause = conditions.length > 0
+      ? 'WHERE ' + conditions.join('\n          AND ')
+      : '';
+
+    return `EXISTS (
+        SELECT 1 FROM ${targetTable}
+        ${whereClause}
+      )`;
+  }
+
+  /**
+   * Generate filter condition SQL
+   * @private
+   */
+  _generateFilterCondition(condition, tableAlias) {
+    const field = `${tableAlias}.${condition.field}`;
+    const value = this._formatValue(condition.value);
+
+    switch (condition.operator) {
+      case '=':
+        if (condition.value.type === 'param') {
+          // Special case: field=$ means use the record's value
+          return `${field} = (p_record->>'${condition.field}')::int`;
+        }
+        return `${field} = ${value}`;
+
+      default:
+        return `${field} ${condition.operator} ${value}`;
+    }
+  }
+
+  /**
+   * Format a value for SQL
+   * @private
+   */
+  _formatValue(value) {
+    switch (value.type) {
+      case 'literal':
+        return `'${value.value}'`;
+      case 'number':
+        return value.value;
+      case 'field':
+        return `(p_record->>'${value.value}')`;
+      case 'param':
+        return '?';  // Will be replaced by caller
+      default:
+        return 'NULL';
+    }
+  }
+
+  /**
+   * Generate dot path check (less common)
+   * @private
+   */
+  _generateDotPathCheck(ast) {
+    // For now, treat as a field reference to the last field
+    const lastField = ast.fields[ast.fields.length - 1];
+    return `(p_record->>'${lastField}')::int = p_user_id`;
+  }
+}
+
+/**
+ * Generate permission check functions for an entity
+ * @param {string} tableName - Table name
+ * @param {Object} permissionPaths - Permission paths object
+ * @returns {string} SQL for permission functions
+ */
+export function generatePermissionFunctions(tableName, permissionPaths) {
+  const codegen = new PermissionCodegen(tableName, permissionPaths);
+  return codegen.generate();
+}

package/src/compiler/compiler.js

@@ -0,0 +1,228 @@
+/**
+ * DZQL Compiler
+ * Main compiler class that orchestrates parsing and code generation
+ */
+
+import { EntityParser } from './parser/entity-parser.js';
+import { generatePermissionFunctions } from './codegen/permission-codegen.js';
+import { generateOperations } from './codegen/operation-codegen.js';
+import { generateNotificationFunction } from './codegen/notification-codegen.js';
+import { generateGraphRuleFunctions } from './codegen/graph-rules-codegen.js';
+import crypto from 'crypto';
+
+export class DZQLCompiler {
+  constructor(options = {}) {
+    this.options = {
+      includeComments: true,
+      includeChecksums: true,
+      ...options
+    };
+    this.parser = new EntityParser();
+  }
+
+  /**
+   * Compile an entity definition to SQL
+   * @param {Object} entity - Entity configuration
+   * @returns {Object} Compilation result
+   */
+  compile(entity) {
+    const startTime = Date.now();
+
+    // Normalize entity configuration
+    const normalizedEntity = this.parser.parseFromObject(entity);
+
+    // Generate SQL sections
+    const sections = [];
+
+    // Header
+    if (this.options.includeComments) {
+      sections.push(this._generateHeader(normalizedEntity));
+    }
+
+    // Permission functions
+    const permissionSQL = generatePermissionFunctions(
+      normalizedEntity.tableName,
+      normalizedEntity.permissionPaths
+    );
+    sections.push(permissionSQL);
+
+    // Operation functions
+    const operationSQL = generateOperations(normalizedEntity);
+    sections.push(operationSQL);
+
+    // Notification path resolution (if needed)
+    if (normalizedEntity.notificationPaths &&
+        Object.keys(normalizedEntity.notificationPaths).length > 0) {
+      sections.push(this._generateNotificationFunction(normalizedEntity));
+    }
+
+    // Graph rules (if needed)
+    if (normalizedEntity.graphRules &&
+        Object.keys(normalizedEntity.graphRules).length > 0) {
+      sections.push(this._generateGraphRuleFunctions(normalizedEntity));
+    }
+
+    // Combine all sections
+    const sql = sections.join('\n\n');
+
+    // Calculate checksum
+    const checksum = this._calculateChecksum(sql);
+
+    const result = {
+      tableName: normalizedEntity.tableName,
+      sql,
+      checksum,
+      compilationTime: Date.now() - startTime,
+      generatedAt: new Date().toISOString()
+    };
+
+    return result;
+  }
+
+  /**
+   * Compile multiple entities
+   * @param {Array} entities - Array of entity configurations
+   * @returns {Object} Compilation results
+   */
+  compileAll(entities) {
+    const results = [];
+    const errors = [];
+
+    for (const entity of entities) {
+      try {
+        const result = this.compile(entity);
+        results.push(result);
+      } catch (error) {
+        errors.push({
+          entity: entity.tableName || 'unknown',
+          error: error.message
+        });
+      }
+    }
+
+    return {
+      results,
+      errors,
+      summary: {
+        total: entities.length,
+        successful: results.length,
+        failed: errors.length
+      }
+    };
+  }
+
+  /**
+   * Compile from SQL file
+   * @param {string} sqlContent - SQL file content
+   * @returns {Object} Compilation results
+   */
+  compileFromSQL(sqlContent) {
+    const registerCalls = sqlContent.match(/dzql\.register_entity\s*\([\s\S]*?\);/gi);
+
+    if (!registerCalls) {
+      return {
+        results: [],
+        errors: [],
+        summary: { total: 0, successful: 0, failed: 0 }
+      };
+    }
+
+    const entities = [];
+    for (const call of registerCalls) {
+      try {
+        const entity = this.parser.parseFromSQL(call);
+        entities.push(entity);
+      } catch (error) {
+        console.warn('Failed to parse entity:', error.message);
+      }
+    }
+
+    return this.compileAll(entities);
+  }
+
+  /**
+   * Generate file header
+   * @private
+   */
+  _generateHeader(entity) {
+    return `-- ============================================================================
+-- DZQL Compiled Functions for: ${entity.tableName}
+-- Generated: ${new Date().toISOString()}
+--
+-- This file was automatically generated by the DZQL Compiler.
+-- Do not edit directly - regenerate from entity definition.
+-- ============================================================================`;
+  }
+
+  /**
+   * Generate notification path resolution function
+   * @private
+   */
+  _generateNotificationFunction(entity) {
+    return generateNotificationFunction(
+      entity.tableName,
+      entity.notificationPaths
+    );
+  }
+
+  /**
+   * Generate graph rule functions
+   * @private
+   */
+  _generateGraphRuleFunctions(entity) {
+    return generateGraphRuleFunctions(
+      entity.tableName,
+      entity.graphRules
+    );
+  }
+
+  /**
+   * Calculate SHA-256 checksum of SQL
+   * @private
+   */
+  _calculateChecksum(sql) {
+    return crypto.createHash('sha256').update(sql).digest('hex');
+  }
+
+  /**
+   * Format SQL with proper indentation (basic)
+   * @private
+   */
+  _formatSQL(sql) {
+    // Basic formatting - could be enhanced
+    return sql.trim();
+  }
+}
+
+/**
+ * Compile a single entity
+ * @param {Object} entity - Entity configuration
+ * @param {Object} options - Compiler options
+ * @returns {Object} Compilation result
+ */
+export function compile(entity, options = {}) {
+  const compiler = new DZQLCompiler(options);
+  return compiler.compile(entity);
+}
+
+/**
+ * Compile multiple entities
+ * @param {Array} entities - Array of entity configurations
+ * @param {Object} options - Compiler options
+ * @returns {Object} Compilation results
+ */
+export function compileAll(entities, options = {}) {
+  const compiler = new DZQLCompiler(options);
+  return compiler.compileAll(entities);
+}
+
+/**
+ * Compile from SQL file content
+ * @param {string} sqlContent - SQL file content
+ * @param {Object} options - Compiler options
+ * @returns {Object} Compilation results
+ */
+export function compileFromSQL(sqlContent, options = {}) {
+  const compiler = new DZQLCompiler(options);
+  return compiler.compileFromSQL(sqlContent);
+}

package/src/compiler/index.js

@@ -0,0 +1,11 @@
+/**
+ * DZQL Compiler
+ * Transforms declarative entity definitions into optimized PostgreSQL stored procedures
+ */
+
+export { DZQLCompiler, compile, compileAll, compileFromSQL } from './compiler.js';
+export { EntityParser, parseEntitiesFromSQL } from './parser/entity-parser.js';
+export { PathParser, parsePath, parsePaths } from './parser/path-parser.js';
+export { PermissionCodegen, generatePermissionFunctions } from './codegen/permission-codegen.js';
+export { OperationCodegen, generateOperations } from './codegen/operation-codegen.js';
+export { NotificationCodegen, generateNotificationFunction } from './codegen/notification-codegen.js';