insforge 1.2.10 → 1.3.0

package/backend/src/utils/sql-parser.ts

@@ -1,7 +1,97 @@
 import splitSqlQuery from '@databases/split-sql-query';
 import sql from '@databases/sql';
+import { parseSync, loadModule } from 'libpg-query';
 import logger from './logger.js';
 
+let initialized = false;
+
+/**
+ * Initialize the SQL parser WASM module.
+ * Must be called and awaited before using analyzeQuery().
+ */
+export async function initSqlParser(): Promise<void> {
+  if (initialized) {
+    return;
+  }
+  await loadModule();
+  initialized = true;
+  logger.info('SQL parser initialized');
+}
+
+export interface DatabaseResourceUpdate {
+  type: 'tables' | 'table' | 'records' | 'index' | 'trigger' | 'policy' | 'function' | 'extension';
+  name?: string;
+}
+
+const STMT_TYPES: Record<string, DatabaseResourceUpdate['type']> = {
+  InsertStmt: 'records',
+  UpdateStmt: 'records',
+  DeleteStmt: 'records',
+  CreateStmt: 'tables',
+  AlterTableStmt: 'table',
+  RenameStmt: 'table',
+  IndexStmt: 'index',
+  CreateTrigStmt: 'trigger',
+  CreatePolicyStmt: 'policy',
+  AlterPolicyStmt: 'policy',
+  CreateFunctionStmt: 'function',
+  CreateExtensionStmt: 'extension',
+};
+
+const DROP_TYPES: Record<string, DatabaseResourceUpdate['type']> = {
+  OBJECT_TABLE: 'tables',
+  OBJECT_INDEX: 'index',
+  OBJECT_TRIGGER: 'trigger',
+  OBJECT_POLICY: 'policy',
+  OBJECT_FUNCTION: 'function',
+  OBJECT_EXTENSION: 'extension',
+};
+
+export function analyzeQuery(query: string): DatabaseResourceUpdate[] {
+  try {
+    const { stmts } = parseSync(query);
+    const changes = stmts
+      .map((s: { stmt: Record<string, unknown> }) => extractChange(s.stmt))
+      .filter((c: DatabaseResourceUpdate | null): c is DatabaseResourceUpdate => c !== null);
+
+    // Deduplicate by type+name
+    const seen = new Set<string>();
+    return changes.filter((c: DatabaseResourceUpdate) => {
+      const key = `${c.type}:${c.name ?? ''}`;
+      if (seen.has(key)) {
+        return false;
+      }
+      seen.add(key);
+      return true;
+    });
+  } catch (e) {
+    logger.warn('SQL parse error:', e);
+    return [];
+  }
+}
+
+function extractChange(stmt: Record<string, unknown>): DatabaseResourceUpdate | null {
+  const [stmtType, data] = Object.entries(stmt)[0] as [string, Record<string, unknown>];
+
+  if (stmtType === 'DropStmt') {
+    const type = DROP_TYPES[data.removeType as string];
+    return type ? { type } : null;
+  }
+
+  const type = STMT_TYPES[stmtType];
+  if (!type) {
+    return null;
+  }
+
+  // Only include name for 'table' (ALTER) and 'records' (DML)
+  if (type === 'table' || type === 'records') {
+    const name = (data.relation as Record<string, unknown>)?.relname as string;
+    return { type, name };
+  }
+
+  return { type };
+}
+
 /**
  * Parse a SQL string into individual statements, properly handling:
  * - String literals with embedded semicolons

package/backend/tests/README.md

@@ -1,134 +1,134 @@
-# Insforge Backend Tests
-
-This directory contains all test scripts for the Insforge backend.
-
-## Prerequisites
-
-- Backend server running on `http://localhost:7130`
-- Admin credentials: `admin@example.com` / `change-this-password`
-- API key for storage operations
-
-## Environment Variables
-
-Set these before running tests:
-
-```bash
-# Required for API authentication
-export ACCESS_API_KEY="your_api_key_here"
-
-# Optional - defaults shown
-export ADMIN_EMAIL="admin@example.com"
-export ADMIN_PASSWORD="change-this-password"
-export TEST_API_BASE="http://localhost:7130/api"
-
-# Required for cloud/S3 tests
-export AWS_S3_BUCKET="your-s3-bucket"
-export AWS_REGION="us-east-1"
-export AWS_ACCESS_KEY_ID="your-access-key"
-export AWS_SECRET_ACCESS_KEY="your-secret-key"
-export APP_KEY="app12345"  # 7-9 character tenant identifier
-```
-
-## Test Organization
-
-Tests are organized into two categories:
-
-### Local Tests (`./local/`)
-Tests for local Docker deployment with local file storage:
-- `test-auth-router.sh` - Authentication and JWT tests
-- `test-database-router.sh` - Database CRUD operations
-- `test-e2e.sh` - End-to-end workflows
-- `test-public-bucket.sh` - Local storage bucket tests
-- `test-config.sh` - Configuration management
-- `test-oauth-config.sh` - OAuth configuration
-- `comprehensive-curl-tests.sh` - Comprehensive API tests
-
-### Cloud Tests (`./cloud/`)
-Tests for cloud deployment with S3 multi-tenant storage:
-- `test-s3-multitenant.sh` - S3 storage with APP_KEY folder structure
-
-## Running Tests
-
-### Run all tests
-```bash
-./run-all-tests.sh
-```
-
-### Run local tests only
-```bash
-cd local && for test in test-*.sh; do ./$test; done
-```
-
-### Run cloud tests only
-```bash
-cd cloud && for test in test-*.sh; do ./$test; done
-```
-
-### Run individual test
-```bash
-./local/test-auth-router.sh
-./cloud/test-s3-multitenant.sh
-```
-
-## Test Data Cleanup
-
-All tests automatically clean up after themselves by:
-- Deleting test users (email prefix: `testuser_`)
-- Removing test tables
-- Deleting test storage buckets
-
-### Manual cleanup
-
-To remove ALL test data from the system:
-
-```bash
-./cleanup-all-test-data.sh
-```
-
-This will prompt for confirmation and then delete:
-- All users with email prefix `testuser_`
-- All tables containing `test_`, `temp_`, `_test`, `_temp`
-- All buckets containing `test`, `temp`, `public-images-`, `private-docs-`
-- All API keys with "test" in their name
-
-## Test Configuration
-
-All tests source `test-config.sh` which provides:
-- Shared configuration and environment variables
-- Color output utilities
-- Automatic cleanup functions
-- Error tracking
-
-## Writing New Tests
-
-1. Create a new shell script in the appropriate subdirectory (`local/` or `cloud/`)
-2. Source the test configuration:
-   ```bash
-   source "$SCRIPT_DIR/test-config.sh"
-   ```
-3. Register resources for cleanup:
-   ```bash
-   register_test_user "$email"
-   register_test_table "$table_name"
-   register_test_bucket "$bucket_name"
-   ```
-4. Use utility functions:
-   ```bash
-   print_success "Test passed"
-   print_fail "Test failed"
-   print_info "Running test..."
-   ```
-5. Tests will automatically clean up on exit
-
-## Authentication
-
-- **Auth endpoints** (users, profiles): Use JWT tokens via `Authorization: Bearer $token`
-- **Database endpoints**: Use JWT tokens via `Authorization: Bearer $token`
-- **Storage endpoints**: Use API keys via `x-api-key: $api_key`
-
-## Exit Codes
-
-- `0`: All tests passed
-- `1`: One or more tests failed
-
+# Insforge Backend Tests
+
+This directory contains all test scripts for the Insforge backend.
+
+## Prerequisites
+
+- Backend server running on `http://localhost:7130`
+- Admin credentials: `admin@example.com` / `change-this-password`
+- API key for storage operations
+
+## Environment Variables
+
+Set these before running tests:
+
+```bash
+# Required for API authentication
+export ACCESS_API_KEY="your_api_key_here"
+
+# Optional - defaults shown
+export ADMIN_EMAIL="admin@example.com"
+export ADMIN_PASSWORD="change-this-password"
+export TEST_API_BASE="http://localhost:7130/api"
+
+# Required for cloud/S3 tests
+export AWS_S3_BUCKET="your-s3-bucket"
+export AWS_REGION="us-east-1"
+export AWS_ACCESS_KEY_ID="your-access-key"
+export AWS_SECRET_ACCESS_KEY="your-secret-key"
+export APP_KEY="app12345"  # 7-9 character tenant identifier
+```
+
+## Test Organization
+
+Tests are organized into two categories:
+
+### Local Tests (`./local/`)
+Tests for local Docker deployment with local file storage:
+- `test-auth-router.sh` - Authentication and JWT tests
+- `test-database-router.sh` - Database CRUD operations
+- `test-e2e.sh` - End-to-end workflows
+- `test-public-bucket.sh` - Local storage bucket tests
+- `test-config.sh` - Configuration management
+- `test-oauth-config.sh` - OAuth configuration
+- `comprehensive-curl-tests.sh` - Comprehensive API tests
+
+### Cloud Tests (`./cloud/`)
+Tests for cloud deployment with S3 multi-tenant storage:
+- `test-s3-multitenant.sh` - S3 storage with APP_KEY folder structure
+
+## Running Tests
+
+### Run all tests
+```bash
+./run-all-tests.sh
+```
+
+### Run local tests only
+```bash
+cd local && for test in test-*.sh; do ./$test; done
+```
+
+### Run cloud tests only
+```bash
+cd cloud && for test in test-*.sh; do ./$test; done
+```
+
+### Run individual test
+```bash
+./local/test-auth-router.sh
+./cloud/test-s3-multitenant.sh
+```
+
+## Test Data Cleanup
+
+All tests automatically clean up after themselves by:
+- Deleting test users (email prefix: `testuser_`)
+- Removing test tables
+- Deleting test storage buckets
+
+### Manual cleanup
+
+To remove ALL test data from the system:
+
+```bash
+./cleanup-all-test-data.sh
+```
+
+This will prompt for confirmation and then delete:
+- All users with email prefix `testuser_`
+- All tables containing `test_`, `temp_`, `_test`, `_temp`
+- All buckets containing `test`, `temp`, `public-images-`, `private-docs-`
+- All API keys with "test" in their name
+
+## Test Configuration
+
+All tests source `test-config.sh` which provides:
+- Shared configuration and environment variables
+- Color output utilities
+- Automatic cleanup functions
+- Error tracking
+
+## Writing New Tests
+
+1. Create a new shell script in the appropriate subdirectory (`local/` or `cloud/`)
+2. Source the test configuration:
+   ```bash
+   source "$SCRIPT_DIR/test-config.sh"
+   ```
+3. Register resources for cleanup:
+   ```bash
+   register_test_user "$email"
+   register_test_table "$table_name"
+   register_test_bucket "$bucket_name"
+   ```
+4. Use utility functions:
+   ```bash
+   print_success "Test passed"
+   print_fail "Test failed"
+   print_info "Running test..."
+   ```
+5. Tests will automatically clean up on exit
+
+## Authentication
+
+- **Auth endpoints** (users, profiles): Use JWT tokens via `Authorization: Bearer $token`
+- **Database endpoints**: Use JWT tokens via `Authorization: Bearer $token`
+- **Storage endpoints**: Use API keys via `x-api-key: $api_key`
+
+## Exit Codes
+
+- `0`: All tests passed
+- `1`: One or more tests failed
+
 Tests track failures and return appropriate exit codes for CI/CD integration.