graphile-presigned-url-plugin 0.7.0 → 0.9.0

package/preset.js

@@ -3,8 +3,8 @@
  * PostGraphile v5 Presigned URL Preset
  *
  * Provides a convenient preset for including presigned URL upload support
- * in PostGraphile. Combines the main mutation plugin (requestUploadUrl,
- * confirmUpload) with the downloadUrl computed field plugin.
+ * in PostGraphile. Combines the main mutation plugin (requestUploadUrl)
+ * with the downloadUrl computed field plugin.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PresignedUrlPreset = PresignedUrlPreset;

package/s3-signer.d.ts

@@ -30,8 +30,7 @@ export declare function generatePresignedGetUrl(s3Config: S3Config, key: string,
 /**
  * Check if an object exists in S3 and optionally verify its content-type.
  *
- * Used by confirmUpload to verify the file was actually uploaded to S3
- * and that the content-type matches what was declared.
+ * Checks whether an object exists in S3 and retrieves its content-type.
  *
  * @param s3Config - S3 client and bucket configuration
  * @param key - S3 object key

package/s3-signer.js

@@ -61,8 +61,7 @@ async function generatePresignedGetUrl(s3Config, key, expiresIn = 3600, filename
 /**
  * Check if an object exists in S3 and optionally verify its content-type.
  *
- * Used by confirmUpload to verify the file was actually uploaded to S3
- * and that the content-type matches what was declared.
+ * Checks whether an object exists in S3 and retrieves its content-type.
  *
  * @param s3Config - S3 client and bucket configuration
  * @param key - S3 object key

package/storage-module-cache.d.ts

@@ -43,7 +43,6 @@ export declare function getStorageModuleConfigForOwner(pgClient: {
 /**
  * Resolve the storage module that owns a specific file by probing all file tables.
  *
- * Used by confirmUpload when only a fileId (UUID) is available.
  * Since UUIDs are globally unique, exactly one table will contain the file.
  *
  * @param pgClient - A pg client from the Graphile context
@@ -64,7 +63,6 @@ export declare function resolveStorageModuleByFileId(pgClient: {
         id: string;
         key: string;
         mime_type: string;
-        status: string;
         bucket_id: string;
     };
 } | null>;

package/storage-module-cache.js

@@ -18,14 +18,16 @@ const DEFAULT_DOWNLOAD_URL_EXPIRY_SECONDS = 3600; // 1 hour
 const DEFAULT_MAX_FILE_SIZE = 200 * 1024 * 1024; // 200MB
 const DEFAULT_MAX_FILENAME_LENGTH = 1024;
 const DEFAULT_CACHE_TTL_SECONDS = process.env.NODE_ENV === 'development' ? 300 : 3600;
+const DEFAULT_MAX_BULK_FILES = 100;
+const DEFAULT_MAX_BULK_TOTAL_SIZE = 1073741824; // 1GB
 const FIVE_MINUTES_MS = 1000 * 60 * 5;
 const ONE_HOUR_MS = 1000 * 60 * 60;
 /**
  * LRU cache for per-database StorageModuleConfig.
  *
  * Each PostGraphile instance serves a single database, but the presigned URL
- * plugin needs to know the generated table names (buckets, files,
- * upload_requests) and their schemas. This cache avoids re-querying metaschema
+ * plugin needs to know the generated table names (buckets, files)
+ * and their schemas. This cache avoids re-querying metaschema
  * on every request.
  *
  * Pattern: same as graphile-cache's LRU with TTL-based eviction.
@@ -52,8 +54,6 @@ const APP_STORAGE_MODULE_QUERY = `
     bt.name AS buckets_table,
     fs.schema_name AS files_schema,
     ft.name AS files_table,
-    urs.schema_name AS upload_requests_schema,
-    urt.name AS upload_requests_table,
     sm.endpoint,
     sm.public_url_prefix,
     sm.provider,
@@ -63,6 +63,9 @@ const APP_STORAGE_MODULE_QUERY = `
     sm.default_max_file_size,
     sm.max_filename_length,
     sm.cache_ttl_seconds,
+    sm.max_bulk_files,
+    sm.max_bulk_total_size,
+    sm.has_path_shares,
     NULL AS entity_schema,
     NULL AS entity_table
   FROM metaschema_modules_public.storage_module sm
@@ -70,8 +73,6 @@ const APP_STORAGE_MODULE_QUERY = `
   JOIN metaschema_public.schema bs ON bs.id = bt.schema_id
   JOIN metaschema_public.table ft ON ft.id = sm.files_table_id
   JOIN metaschema_public.schema fs ON fs.id = ft.schema_id
-  JOIN metaschema_public.table urt ON urt.id = sm.upload_requests_table_id
-  JOIN metaschema_public.schema urs ON urs.id = urt.schema_id
   WHERE sm.database_id = $1
     AND sm.membership_type IS NULL
   LIMIT 1
@@ -91,8 +92,6 @@ const ALL_STORAGE_MODULES_QUERY = `
     bt.name AS buckets_table,
     fs.schema_name AS files_schema,
     ft.name AS files_table,
-    urs.schema_name AS upload_requests_schema,
-    urt.name AS upload_requests_table,
     sm.endpoint,
     sm.public_url_prefix,
     sm.provider,
@@ -102,6 +101,9 @@ const ALL_STORAGE_MODULES_QUERY = `
     sm.default_max_file_size,
     sm.max_filename_length,
     sm.cache_ttl_seconds,
+    sm.max_bulk_files,
+    sm.max_bulk_total_size,
+    sm.has_path_shares,
     es.schema_name AS entity_schema,
     et.name AS entity_table
   FROM metaschema_modules_public.storage_module sm
@@ -109,8 +111,6 @@ const ALL_STORAGE_MODULES_QUERY = `
   JOIN metaschema_public.schema bs ON bs.id = bt.schema_id
   JOIN metaschema_public.table ft ON ft.id = sm.files_table_id
   JOIN metaschema_public.schema fs ON fs.id = ft.schema_id
-  JOIN metaschema_public.table urt ON urt.id = sm.upload_requests_table_id
-  JOIN metaschema_public.schema urs ON urs.id = urt.schema_id
   LEFT JOIN metaschema_public.table et ON et.id = sm.entity_table_id
   LEFT JOIN metaschema_public.schema es ON es.id = et.schema_id
   WHERE sm.database_id = $1
@@ -124,11 +124,9 @@ function buildConfig(row) {
         id: row.id,
         bucketsQualifiedName: quotes_1.QuoteUtils.quoteQualifiedIdentifier(row.buckets_schema, row.buckets_table),
         filesQualifiedName: quotes_1.QuoteUtils.quoteQualifiedIdentifier(row.files_schema, row.files_table),
-        uploadRequestsQualifiedName: quotes_1.QuoteUtils.quoteQualifiedIdentifier(row.upload_requests_schema, row.upload_requests_table),
         schemaName: row.buckets_schema,
         bucketsTableName: row.buckets_table,
         filesTableName: row.files_table,
-        uploadRequestsTableName: row.upload_requests_table,
         membershipType: row.membership_type,
         entityTableId: row.entity_table_id,
         entityQualifiedName: row.entity_schema && row.entity_table
@@ -143,6 +141,9 @@ function buildConfig(row) {
         defaultMaxFileSize: row.default_max_file_size ?? DEFAULT_MAX_FILE_SIZE,
         maxFilenameLength: row.max_filename_length ?? DEFAULT_MAX_FILENAME_LENGTH,
         cacheTtlSeconds,
+        hasPathShares: row.has_path_shares ?? false,
+        maxBulkFiles: row.max_bulk_files ?? DEFAULT_MAX_BULK_FILES,
+        maxBulkTotalSize: row.max_bulk_total_size ?? DEFAULT_MAX_BULK_TOTAL_SIZE,
     };
 }
 /**
@@ -239,7 +240,6 @@ async function getStorageModuleConfigForOwner(pgClient, databaseId, ownerId) {
 /**
  * Resolve the storage module that owns a specific file by probing all file tables.
  *
- * Used by confirmUpload when only a fileId (UUID) is available.
  * Since UUIDs are globally unique, exactly one table will contain the file.
  *
  * @param pgClient - A pg client from the Graphile context
@@ -254,7 +254,7 @@ async function resolveStorageModuleByFileId(pgClient, databaseId, fileId) {
     // Probe each module's files table for the fileId
     for (const config of allConfigs) {
         const fileResult = await pgClient.query({
-            text: `SELECT id, key, mime_type, status, bucket_id
+            text: `SELECT id, key, mime_type, bucket_id
        FROM ${config.filesQualifiedName}
        WHERE id = $1
        LIMIT 1`,
@@ -312,11 +312,11 @@ async function getBucketConfig(pgClient, storageConfig, databaseId, bucketKey, o
     const hasOwner = ownerId && storageConfig.membershipType !== null;
     const result = await pgClient.query({
         text: hasOwner
-            ? `SELECT id, key, type, is_public, owner_id, allowed_mime_types, max_file_size
+            ? `SELECT id, key, type, is_public, owner_id, allowed_mime_types, max_file_size, allow_custom_keys
          FROM ${storageConfig.bucketsQualifiedName}
          WHERE key = $1 AND owner_id = $2
          LIMIT 1`
-            : `SELECT id, key, type, is_public, ${storageConfig.membershipType !== null ? 'owner_id,' : ''} allowed_mime_types, max_file_size
+            : `SELECT id, key, type, is_public, ${storageConfig.membershipType !== null ? 'owner_id,' : ''} allowed_mime_types, max_file_size, allow_custom_keys
          FROM ${storageConfig.bucketsQualifiedName}
          WHERE key = $1
          LIMIT 1`,
@@ -334,6 +334,7 @@ async function getBucketConfig(pgClient, storageConfig, databaseId, bucketKey, o
         owner_id: row.owner_id ?? null,
         allowed_mime_types: row.allowed_mime_types,
         max_file_size: row.max_file_size,
+        allow_custom_keys: row.allow_custom_keys ?? false,
     };
     bucketCache.set(cacheKey, config);
     log.debug(`Cached bucket config for ${databaseId}:${bucketKey} (id=${config.id}, scope=${storageConfig.membershipType ?? 'app'})`);

package/types.d.ts

@@ -10,6 +10,7 @@ export interface BucketConfig {
     owner_id: string | null;
     allowed_mime_types: string[] | null;
     max_file_size: number | null;
+    allow_custom_keys: boolean;
 }
 /**
  * Storage module configuration resolved from metaschema for a given database.
@@ -21,16 +22,12 @@ export interface StorageModuleConfig {
     bucketsQualifiedName: string;
     /** Resolved schema.table for files */
     filesQualifiedName: string;
-    /** Resolved schema.table for upload_requests */
-    uploadRequestsQualifiedName: string;
     /** Schema name (e.g., "app_public") */
     schemaName: string;
     /** Buckets table name */
     bucketsTableName: string;
     /** Files table name */
     filesTableName: string;
-    /** Upload requests table name */
-    uploadRequestsTableName: string;
     /** Membership type (NULL for app-level, non-NULL for entity-scoped) */
     membershipType: number | null;
     /** Entity table ID for entity-scoped storage (NULL for app-level) */
@@ -55,6 +52,12 @@ export interface StorageModuleConfig {
     maxFilenameLength: number;
     /** Cache TTL in seconds for this config entry (default: 300 dev / 3600 prod) */
     cacheTtlSeconds: number;
+    /** Whether this storage module uses ltree path + path shares (determines if path column exists on files) */
+    hasPathShares: boolean;
+    /** Max files per requestBulkUploadUrls batch (default: 100) */
+    maxBulkFiles: number;
+    /** Max total size per bulk upload batch in bytes (default: 1GB) */
+    maxBulkTotalSize: number;
 }
 /**
  * Input for the requestUploadUrl mutation.
@@ -77,6 +80,13 @@ export interface RequestUploadUrlInput {
     size: number;
     /** Original filename (optional, for display/Content-Disposition) */
     filename?: string;
+    /**
+     * Custom S3 key for the file (only allowed when bucket has allow_custom_keys=true).
+     * When omitted, key defaults to contentHash (content-addressed dedup).
+     * When provided, the file is stored at this key; dedup is bypassed.
+     * Max 1024 chars. Must not contain path traversal (.. or leading /).
+     */
+    key?: string;
 }
 /**
  * Result of the requestUploadUrl mutation.
@@ -92,26 +102,8 @@ export interface RequestUploadUrlPayload {
     deduplicated: boolean;
     /** Presigned URL expiry time (null if deduplicated) */
     expiresAt: string | null;
-    /** File status — 'pending' for fresh uploads, 'ready' or 'processed' for deduplicated files */
-    status: string;
-}
-/**
- * Input for the confirmUpload mutation.
- */
-export interface ConfirmUploadInput {
-    /** The file ID returned by requestUploadUrl */
-    fileId: string;
-}
-/**
- * Result of the confirmUpload mutation.
- */
-export interface ConfirmUploadPayload {
-    /** The confirmed file ID */
-    fileId: string;
-    /** New file status (should be 'ready') */
-    status: string;
-    /** Whether confirmation succeeded */
-    success: boolean;
+    /** ID of the previous version (set when re-uploading to an existing custom key) */
+    previousVersionId: string | null;
 }
 /**
  * S3 configuration for the presigned URL plugin.