prostgles-server 4.2.192 → 4.2.193

package/lib/Auth/AuthHandler.ts

@@ -1,17 +1,20 @@
 import {
   AnyObject,
+  AuthFailure,
   AuthGuardLocation,
   AuthGuardLocationResponse,
   AuthSocketSchema,
   CHANNELS,
 } from "prostgles-types";
-import { LocalParams, PRGLIOSocket } from "../DboBuilder/DboBuilder";
+import { PRGLIOSocket } from "../DboBuilder/DboBuilder";
 import { DBOFullyTyped } from "../DBSchemaBuilder";
 import { removeExpressRoute } from "../FileManager/FileManager";
 import { DB, DBHandlerServer, Prostgles } from "../Prostgles";
 import {
   Auth,
+  AuthClientRequest,
   AuthResult,
+  AuthResultOrError,
   BasicSession,
   ExpressReq,
   ExpressRes,
@@ -23,6 +26,7 @@ import { getProviders } from "./setAuthProviders";
 import { setupAuthRoutes } from "./setupAuthRoutes";
 import { getClientRequestIPsInfo } from "./utils/getClientRequestIPsInfo";
 import { getReturnUrl } from "./utils/getReturnUrl";
+import { getUserFromRequest } from "./utils/getUserFromRequest";
 
 export { getClientRequestIPsInfo };
 export const HTTP_FAIL_CODES = {
@@ -141,23 +145,35 @@ export class AuthHandler {
     }
   };
 
-  getUser = async (clientReq: { httpReq: ExpressReq }): Promise<AuthResult> => {
-    const sid = clientReq.httpReq.cookies?.[this.sidKeyName];
+  getUserAndHandleError = async (localParams: AuthClientRequest): Promise<AuthResult> => {
+    const sid = this.getSID(localParams);
     if (!sid) return undefined;
-
+    const handlerError = (code: AuthFailure["code"]) => {
+      if (localParams.httpReq) {
+        localParams.res
+          .status(HTTP_FAIL_CODES.BAD_REQUEST)
+          .json({ success: false, code, error: code });
+      }
+      throw code;
+    };
     try {
-      return this.throttledFunc(async () => {
-        return this.opts!.getUser(
+      const userOrErrorCode = await this.throttledFunc(async () => {
+        return this.opts.getUser(
           this.validateSid(sid),
           this.dbo as any,
           this.db,
-          getClientRequestIPsInfo(clientReq)
+          getClientRequestIPsInfo(localParams)
         );
       }, 50);
-    } catch (err) {
-      console.error(err);
+
+      if (typeof userOrErrorCode === "string") {
+        return handlerError(userOrErrorCode);
+      }
+
+      return userOrErrorCode;
+    } catch (_err) {
+      return handlerError("server-error");
     }
-    return undefined;
   };
 
   init = setupAuthRoutes.bind(this);
@@ -265,7 +281,7 @@ export class AuthHandler {
     const start = Date.now();
     const errCodeOrSession = await this.loginThrottledAndValidate(
       loginParams,
-      getClientRequestIPsInfo({ httpReq: req })
+      getClientRequestIPsInfo({ httpReq: req, res })
     );
     const loginResponse =
       typeof errCodeOrSession === "string" ?
@@ -292,21 +308,22 @@ export class AuthHandler {
    *  query params
    * Based on sid names in auth
    */
-  getSID(localParams: LocalParams | undefined): string | undefined {
-    if (!localParams) return undefined;
+  getSID(maybeClientReq: AuthClientRequest | undefined): string | undefined {
+    if (!maybeClientReq) return undefined;
     const { sidKeyName } = this;
-    if (localParams.socket) {
-      const { handshake } = localParams.socket;
+    if (maybeClientReq.socket) {
+      const { handshake } = maybeClientReq.socket;
       const querySid = handshake.auth?.[sidKeyName] || handshake.query?.[sidKeyName];
       let rawSid = querySid;
       if (!rawSid) {
-        const cookie_str = localParams.socket.handshake.headers?.cookie;
+        const cookie_str = maybeClientReq.socket.handshake.headers?.cookie;
         const cookie = parseCookieStr(cookie_str);
         rawSid = cookie[sidKeyName];
       }
       return this.validateSid(rawSid);
-    } else if (localParams.httpReq) {
-      const [tokenType, base64Token] = localParams.httpReq.headers.authorization?.split(" ") ?? [];
+    } else {
+      const [tokenType, base64Token] =
+        maybeClientReq.httpReq.headers.authorization?.split(" ") ?? [];
       let bearerSid: string | undefined;
       if (tokenType && base64Token) {
         if (tokenType.trim() !== "Bearer") {
@@ -314,8 +331,8 @@ export class AuthHandler {
         }
         bearerSid = Buffer.from(base64Token, "base64").toString();
       }
-      return this.validateSid(bearerSid ?? localParams.httpReq.cookies?.[sidKeyName]);
-    } else throw "socket OR httpReq missing from localParams";
+      return this.validateSid(bearerSid ?? maybeClientReq.httpReq.cookies?.[sidKeyName]);
+    }
 
     function parseCookieStr(cookie_str: string | undefined): any {
       if (!cookie_str || typeof cookie_str !== "string") {
@@ -336,91 +353,16 @@ export class AuthHandler {
   /**
    * Used for logging
    */
-  getSIDNoError = (localParams: LocalParams | undefined): string | undefined => {
-    if (!localParams) return undefined;
+  getSIDNoError = (clientReq: AuthClientRequest | undefined): string | undefined => {
+    if (!clientReq) return undefined;
     try {
-      return this.getSID(localParams);
+      return this.getSID(clientReq);
     } catch {
       return undefined;
     }
   };
 
-  /**
-   * For a given sid return the user data if available
-   */
-  async getClientInfo(
-    localParams: Pick<LocalParams, "socket" | "httpReq">
-  ): Promise<AuthResult<any>> {
-    /**
-     * Get cached session if available
-     */
-    const getSession = this.opts.cacheSession?.getSession;
-    const isSocket = "socket" in localParams;
-    if (isSocket && getSession && localParams.socket?.__prglCache) {
-      const { session, user, clientUser } = localParams.socket.__prglCache;
-      const isValid = this.isNonExpiredSocketSession(localParams.socket, session);
-      if (isValid) {
-        return {
-          sid: session.sid,
-          user,
-          clientUser,
-        };
-      } else
-        return {
-          sid: session.sid,
-        };
-    }
-
-    /**
-     * Get sid from request and fetch user data
-     */
-    const authStart = Date.now();
-    const clientInfo = await this.throttledFunc(async () => {
-      const { getUser } = this.opts;
-
-      if (localParams.httpReq || localParams.socket) {
-        const sid = this.getSID(localParams);
-        const clientReq =
-          localParams.httpReq ? { httpReq: localParams.httpReq } : { socket: localParams.socket! };
-        let user, clientUser;
-        if (sid) {
-          const clientInfo = await getUser(
-            sid,
-            this.dbo as any,
-            this.db,
-            getClientRequestIPsInfo(clientReq)
-          );
-          if (typeof clientInfo === "string") throw clientInfo;
-          user = clientInfo?.user;
-          clientUser = clientInfo?.clientUser;
-        }
-        if (getSession && isSocket) {
-          const session = await getSession(sid, this.dbo as any, this.db);
-          if (session && session.expires && user && clientUser && localParams.socket) {
-            localParams.socket.__prglCache = {
-              session,
-              user,
-              clientUser,
-            };
-          }
-        }
-        if (sid) {
-          return { sid, user, clientUser };
-        }
-      }
-
-      return {};
-    }, 5);
-
-    await this.prostgles.opts.onLog?.({
-      type: "auth",
-      command: "getClientInfo",
-      duration: Date.now() - authStart,
-      sid: clientInfo.sid,
-      socketId: localParams.socket?.id,
-    });
-    return clientInfo;
-  }
+  getUserFromRequest = getUserFromRequest.bind(this);
 
   isNonExpiredSocketSession = (
     socket: PRGLIOSocket,
@@ -442,8 +384,8 @@ export class AuthHandler {
   };
 
   getClientAuth = async (
-    clientReq: Pick<LocalParams, "socket" | "httpReq">
-  ): Promise<{ auth: AuthSocketSchema; userData: AuthResult }> => {
+    clientReq: AuthClientRequest
+  ): Promise<{ auth: AuthSocketSchema; userData: AuthResultOrError }> => {
     let pathGuard = false;
     if (this.opts.expressConfig?.publicRoutes && !this.opts.expressConfig.disableSocketAuthGuard) {
       pathGuard = true;
@@ -473,7 +415,7 @@ export class AuthHandler {
                 pathname &&
                 typeof pathname === "string" &&
                 this.isUserRoute(pathname) &&
-                !(await this.getClientInfo({ socket }))?.user
+                !(await this.getUserFromRequest({ socket }))?.user
               ) {
                 cb(null, { shouldReload: true });
               } else {
@@ -488,7 +430,7 @@ export class AuthHandler {
       }
     }
 
-    const userData = await this.getClientInfo(clientReq);
+    const userData = await this.getUserFromRequest(clientReq);
     const { email } = this.opts.expressConfig?.registrations ?? {};
     const auth: AuthSocketSchema = {
       providers: getProviders.bind(this)(),

package/lib/Auth/AuthTypes.ts

@@ -46,9 +46,10 @@ export type BasicSession = {
   /** On expired */
   onExpiration: "redirect" | "show_error";
 };
-export type AuthClientRequest =
-  | { socket: PRGLIOSocket; httpReq?: undefined }
-  | { httpReq: ExpressReq; socket?: undefined };
+
+type SocketClientRequest = { socket: PRGLIOSocket; httpReq?: undefined };
+type HttpClientRequest = { httpReq: ExpressReq; res: ExpressRes; socket?: undefined };
+export type AuthClientRequest = SocketClientRequest | HttpClientRequest;
 
 type ThirdPartyProviders = {
   facebook?: Pick<FacebookStrategy, "clientID" | "clientSecret"> & {
@@ -239,20 +240,30 @@ export type SessionUser<
   clientUser: ClientUser;
 };
 
-export type AuthResult<SU = SessionUser> =
-  | AuthFailure["code"]
+export type AuthResultWithSID<SU = SessionUser> =
   | (SU & { sid: string })
   | {
+      sid?: string | undefined;
       user?: undefined;
+      sessionFields?: undefined;
+      clientUser?: undefined;
+    }
+  | undefined;
+
+export type AuthResult<SU = SessionUser> =
+  | SU
+  | {
+      user?: undefined;
+      sessionFields?: undefined;
       clientUser?: undefined;
-      sid?: string | undefined;
     }
   | undefined;
+export type AuthResultOrError<SU = SessionUser> = AuthFailure["code"] | AuthResult<SU>;
 
 export type AuthRequestParams<S, SUser extends SessionUser> = {
   db: DB;
   dbo: DBOFullyTyped<S>;
-  getUser: () => Promise<AuthResult<SUser>>;
+  getUser: () => Promise<AuthResultOrError<SUser>>;
 };
 
 export type Auth<S = void, SUser extends SessionUser = SessionUser> = {
@@ -270,7 +281,7 @@ export type Auth<S = void, SUser extends SessionUser = SessionUser> = {
     dbo: DBOFullyTyped<S>,
     db: DB,
     client: AuthClientRequest & LoginClientInfo
-  ) => Awaitable<AuthResult<SUser>>;
+  ) => Awaitable<AuthResultOrError<SUser>>;
 
   /**
    * Will setup auth routes

package/lib/Auth/authProviders/setOAuthProviders.ts

@@ -56,7 +56,7 @@ export function setOAuthProviders(
 
     app.get(callbackPath, async (req, res) => {
       try {
-        const clientInfo = getClientRequestIPsInfo({ httpReq: req });
+        const clientInfo = getClientRequestIPsInfo({ httpReq: req, res });
         const db = this.db;
         const dbo = this.dbo as any;
         const args = { provider: providerName, req, res, clientInfo, db, dbo };

package/lib/Auth/endpoints/getConfirmEmailRequestHandler.ts

@@ -23,7 +23,7 @@ export const getConfirmEmailRequestHandler = (
       if (!id || typeof id !== "string") {
         return res.send({ success: false, code: "something-went-wrong", message: "Invalid code" });
       }
-      const { httpReq, ...clientInfo } = getClientRequestIPsInfo({ httpReq: req });
+      const { httpReq, ...clientInfo } = getClientRequestIPsInfo({ httpReq: req, res });
       await emailAuthConfig.onEmailConfirmation({
         confirmationCode: id,
         clientInfo,

package/lib/Auth/endpoints/getRegisterRequestHandler.ts

@@ -40,7 +40,7 @@ export const getRegisterRequestHandler = ({
       }
     }
     try {
-      const { httpReq, ...clientInfo } = getClientRequestIPsInfo({ httpReq: req });
+      const { httpReq, ...clientInfo } = getClientRequestIPsInfo({ httpReq: req, res });
       const { smtp } = emailAuthConfig;
       const errCodeOrResult =
         emailAuthConfig.signupType === "withPassword" ?

package/lib/Auth/setupAuthRoutes.ts

@@ -2,7 +2,7 @@ import { RequestHandler, Response } from "express";
 import { AuthResponse } from "prostgles-types";
 import { DBOFullyTyped } from "../DBSchemaBuilder";
 import { AUTH_ROUTES_AND_PARAMS, AuthHandler, HTTP_FAIL_CODES } from "./AuthHandler";
-import { AuthClientRequest, ExpressReq, ExpressRes, LoginParams } from "./AuthTypes";
+import { Auth, AuthClientRequest, ExpressReq, ExpressRes, LoginParams } from "./AuthTypes";
 import { setAuthProviders, upsertNamedExpressMiddleware } from "./setAuthProviders";
 import { getClientRequestIPsInfo } from "./utils/getClientRequestIPsInfo";
 import { getReturnUrl } from "./utils/getReturnUrl";
@@ -33,7 +33,7 @@ export async function setupAuthRoutes(this: AuthHandler) {
         req,
         res,
         next,
-        getUser: () => this.getUser({ httpReq: req }) as any,
+        getUser: () => this.getUserAndHandleError({ httpReq: req, res }),
         dbo: this.dbo as DBOFullyTyped,
         db: this.db,
       });
@@ -61,7 +61,7 @@ export async function setupAuthRoutes(this: AuthHandler) {
                 id,
                 this.dbo as any,
                 this.db,
-                getClientRequestIPsInfo({ httpReq: req })
+                getClientRequestIPsInfo({ httpReq: req, res })
               );
             });
             if (!response.session) {
@@ -108,8 +108,15 @@ export async function setupAuthRoutes(this: AuthHandler) {
 
   /* Redirect if not logged in and requesting non public content */
   app.get(AUTH_ROUTES_AND_PARAMS.catchAll, async (req: ExpressReq, res: ExpressRes, next) => {
-    const clientReq: AuthClientRequest = { httpReq: req };
-    const getUser = this.getUser;
+    const clientReq: AuthClientRequest = { httpReq: req, res };
+    const getUser = async () => {
+      const userOrCode = await this.getUserAndHandleError(clientReq);
+      if (typeof userOrCode === "string") {
+        res.status(HTTP_FAIL_CODES.BAD_REQUEST).json({ success: false, code: userOrCode });
+        throw userOrCode;
+      }
+      return userOrCode;
+    };
     if (this.prostgles.restApi) {
       if (
         Object.values(this.prostgles.restApi.routes).some((restRoute) =>
@@ -137,7 +144,7 @@ export async function setupAuthRoutes(this: AuthHandler) {
        */
       if (this.isUserRoute(req.path)) {
         /* Check auth. Redirect to login if unauthorized */
-        const u = await getUser(clientReq);
+        const u = await getUser();
         if (!u) {
           res.redirect(
             `${AUTH_ROUTES_AND_PARAMS.login}?returnURL=${encodeURIComponent(req.originalUrl)}`
@@ -146,21 +153,18 @@ export async function setupAuthRoutes(this: AuthHandler) {
         }
 
         /* If authorized and going to returnUrl then redirect. Otherwise serve file */
-      } else if (returnURL && (await getUser(clientReq))) {
+      } else if (returnURL && (await getUser())) {
         res.redirect(returnURL);
         return;
 
         /** If Logged in and requesting login then redirect to main page */
-      } else if (
-        this.matchesRoute(AUTH_ROUTES_AND_PARAMS.login, req.path) &&
-        (await getUser(clientReq))
-      ) {
+      } else if (this.matchesRoute(AUTH_ROUTES_AND_PARAMS.login, req.path) && (await getUser())) {
         res.redirect("/");
         return;
       }
 
       onGetRequestOK?.(req, res, {
-        getUser: () => getUser(clientReq),
+        getUser,
         dbo: this.dbo as DBOFullyTyped,
         db: this.db,
       });
@@ -170,7 +174,7 @@ export async function setupAuthRoutes(this: AuthHandler) {
         typeof error === "string" ? error
         : error instanceof Error ? error.message
         : "";
-      res.status(HTTP_FAIL_CODES.UNAUTHORIZED).json({
+      res.status(HTTP_FAIL_CODES.BAD_REQUEST).json({
         error:
           "Something went wrong when processing your request" +
           (errorMessage ? ": " + errorMessage : ""),

package/lib/Auth/utils/getUserFromRequest.ts

@@ -0,0 +1,71 @@
+import { AuthHandler, getClientRequestIPsInfo } from "../AuthHandler";
+import { AuthClientRequest, AuthResultWithSID } from "../AuthTypes";
+
+/**
+ * For a given sid return the user data if available
+ */
+export async function getUserFromRequest(
+  this: AuthHandler,
+  maybeClientReq: AuthClientRequest | undefined
+): Promise<AuthResultWithSID> {
+  if (!maybeClientReq) return undefined;
+  /**
+   * Get cached session if available
+   */
+  const getSession = this.opts.cacheSession?.getSession;
+  if (maybeClientReq.socket && getSession && maybeClientReq.socket.__prglCache) {
+    const { session, user, clientUser } = maybeClientReq.socket.__prglCache;
+    const isValid = this.isNonExpiredSocketSession(maybeClientReq.socket, session);
+    if (isValid) {
+      return {
+        sid: session.sid,
+        user,
+        clientUser,
+      };
+    } else
+      return {
+        sid: session.sid,
+      };
+  }
+
+  /**
+   * Get sid from request and fetch user data
+   */
+  const authStart = Date.now();
+  const result = await this.throttledFunc(async () => {
+    const { getUser } = this.opts;
+
+    const sid = this.getSID(maybeClientReq);
+    const clientInfoOrErr =
+      !sid ? undefined : (
+        await getUser(sid, this.dbo as any, this.db, getClientRequestIPsInfo(maybeClientReq))
+      );
+    if (typeof clientInfoOrErr === "string") throw clientInfoOrErr;
+    const clientInfo = clientInfoOrErr;
+    if (getSession && maybeClientReq.socket) {
+      const session = await getSession(sid, this.dbo as any, this.db);
+      if (session && session.expires && clientInfo?.user) {
+        maybeClientReq.socket.__prglCache = {
+          session,
+          user: clientInfo.user,
+          clientUser: clientInfo.clientUser,
+        };
+      }
+    }
+
+    if (clientInfo?.user && sid) {
+      return { sid, ...clientInfo };
+    }
+
+    return { sid };
+  }, 5);
+
+  await this.prostgles.opts.onLog?.({
+    type: "auth",
+    command: "getClientInfo",
+    duration: Date.now() - authStart,
+    sid: result.sid,
+    socketId: maybeClientReq.socket?.id,
+  });
+  return result;
+}

package/lib/DboBuilder/DboBuilder.ts

@@ -188,7 +188,7 @@ export class DboBuilder {
     query: string,
     params: any,
     options: SQLOptions | undefined,
-    localParams?: LocalParams
+    localParams: LocalParams | undefined
   ) => {
     return runSQL
       .bind(this)(query, params, options, localParams)
@@ -325,8 +325,12 @@ export class DboBuilder {
         const handlerClass = tov.is_view ? ViewHandler : TableHandler;
         dbTX[tov.name] = new handlerClass(this.db, tov, this, { t, dbTX }, this.shortestJoinPaths);
       });
-      dbTX.sql = (q, args, opts, localP) =>
-        this.runSQL(q, args, opts, { tx: { dbTX, t }, ...(localP ?? {}) });
+      dbTX.sql = (q, args, opts, localParams) => {
+        if (localParams?.tx) {
+          throw "Cannot run transaction within transaction";
+        }
+        return this.runSQL(q, args, opts, { ...localParams, tx: { dbTX, t } });
+      };
 
       return cb(dbTX, t);
     });

package/lib/DboBuilder/DboBuilderTypes.ts

@@ -15,7 +15,7 @@ import {
   TableInfo as TInfo,
   UserLike,
 } from "prostgles-types";
-import { BasicSession, ExpressReq } from "../Auth/AuthTypes";
+import { AuthClientRequest, BasicSession } from "../Auth/AuthTypes";
 import { BasicCallback } from "../PubSubManager/PubSubManager";
 import { PublishAllOrNothing } from "../PublishParser/PublishParser";
 import { FieldSpec } from "./QueryBuilder/Functions";
@@ -105,21 +105,15 @@ export type DbTxTableHandlers = {
   [key: string]: Omit<Partial<TableHandler>, "dbTx"> | Omit<TableHandler, "dbTx">;
 };
 
+type SQLHandlerServer = SQLHandler<LocalParams>;
+
 export type DBHandlerServerExtra<TH = TableHandlers, WithTransactions = true> = {
-  sql: SQLHandler;
+  sql: SQLHandlerServer;
 } & (WithTransactions extends true ? { tx: TX<TH> } : Record<string, never>);
 
-// export type DBHandlerServer<TH = TableHandlers> =
-//   TH &
-//   Partial<DbJoinMaker> & {
-//     sql?: SQLHandler
-//   } & {
-//     tx?: TX<TH>
-//   }
-
 export type DBHandlerServer<TH = TableHandlers> = TH &
   Partial<DbJoinMaker> & {
-    sql?: SQLHandler;
+    sql?: SQLHandlerServer;
   } & {
     tx?: TX<TH>;
   };
@@ -187,16 +181,15 @@ export type PRGLIOSocket = {
 };
 
 export type LocalParams = {
-  httpReq?: ExpressReq;
-  socket?: PRGLIOSocket;
-  func?: () => any;
+  // httpReq?: ExpressReq;
+  // socket?: PRGLIOSocket;
+  clientReq?: AuthClientRequest | undefined;
   isRemoteRequest?: {
     user?: UserLike | undefined;
   };
+  func?: () => any;
   testRule?: boolean;
   tableAlias?: string;
-  // subOne?: boolean;
-
   tx?: {
     dbTX: TableHandlers;
     t: pgPromise.ITask<{}>;
@@ -207,9 +200,18 @@ export type LocalParams = {
 
   returnQuery?: boolean | "noRLS" | "where-condition";
   returnNewQuery?: boolean;
-  /** Used for count/size queries */
+
+  /**
+   * Used for count/size queries
+   * */
   bypassLimit?: boolean;
 
+  /**
+   * Used to allow inserting linked data.
+   * For example, if we have users( id, name ) and user_emails( id, user_id, email )
+   * and we want to insert a user and an email in a single transaction we can just:
+   *    db.users.insert({ name: "John", emails: [{ email: "john@abc.com" }] })
+   */
   nestedInsert?: {
     depth: number;
     previousData: AnyObject;

package/lib/DboBuilder/QueryBuilder/getNewQuery.ts

@@ -173,12 +173,12 @@ export async function getNewQuery(
     }
 
     let isLocal = true;
-    if (localParams && (localParams.socket || localParams.httpReq)) {
+    if (localParams && localParams.clientReq) {
       isLocal = false;
       j_tableRules = await _this.dboBuilder.publishParser?.getValidatedRequestRuleWusr({
         tableName: jTable,
         command: "find",
-        localParams,
+        clientReq: localParams.clientReq,
       });
     }
 

package/lib/DboBuilder/QueryStreamer.ts

@@ -112,7 +112,7 @@ export class QueryStreamer {
 
         const errorWithoutQuery = getSerializedClientErrorFromPGError(rawError, {
           type: "sql",
-          localParams: { socket },
+          localParams: { clientReq: { socket } },
         });
         // For some reason query is not present on the error object from sql stream mode
         const error = { ...errorWithoutQuery, query: query.query };

package/lib/DboBuilder/TableHandler/TableHandler.ts

@@ -146,8 +146,8 @@ export class TableHandler extends ViewHandler {
       }
 
       // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
-      if (!localParams) throw "Sync not allowed within the server code";
-      const { socket } = localParams;
+      if (!localParams.clientReq) throw "Sync not allowed within the server code";
+      const { socket } = localParams.clientReq;
       if (!socket) throw "socket missing";
 
       // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
@@ -212,7 +212,6 @@ export class TableHandler extends ViewHandler {
             condition,
             id_fields,
             synced_field,
-            // allow_delete,
             socket,
             table_rules,
             filter: { ...filter },

package/lib/DboBuilder/TableHandler/insert.ts

@@ -23,8 +23,8 @@ export async function insert(
   const ACTION = "insert";
   const start = Date.now();
   try {
-    const { removeDisallowedFields = false } = insertParams || {};
-    const { returnQuery = false, nestedInsert } = localParams || {};
+    const { removeDisallowedFields = false } = insertParams ?? {};
+    const { returnQuery = false, nestedInsert } = localParams ?? {};
 
     const finalDBtx = this.getFinalDBtx(localParams);
     const rule = tableRules?.[ACTION];

package/lib/DboBuilder/TableHandler/update.ts

@@ -115,7 +115,7 @@ export async function update(
             throw `nestedInsert Tablehandler not found for ${nestedInsert.tableName}`;
           const refTableRules =
             !localParams ? undefined : (
-              await getInsertTableRules(this, nestedInsert.tableName, localParams)
+              await getInsertTableRules(this, nestedInsert.tableName, localParams.clientReq)
             );
           const nestedLocalParams: LocalParams = {
             ...localParams,