prostgles-server 4.2.347 → 4.2.349

package/lib/DboBuilder/getSubscribeRelatedTables.ts

@@ -1,18 +1,12 @@
-import type {
-  AnyObject,
-  ParsedJoinPath,
-  SubscribeParams} from "prostgles-types";
-import {
-  asName,
-  reverseParsedPath
-} from "prostgles-types";
+import type { AnyObject, ParsedJoinPath, SubscribeParams } from "prostgles-types";
+import { asName, reverseParsedPath } from "prostgles-types";
 import type { ParsedTableRule } from "../PublishParser/PublishParser";
 import type { ViewSubscriptionOptions } from "../PubSubManager/PubSubManager";
 import type { Filter, LocalParams } from "./DboBuilder";
-import { getSerializedClientErrorFromPGError } from "./DboBuilder";
 import type { NewQuery } from "./QueryBuilder/QueryBuilder";
+import type { TableHandler } from "./TableHandler/TableHandler";
 import type { ViewHandler } from "./ViewHandler/ViewHandler";
-import { log } from "../PubSubManager/PubSubManagerUtils";
+import { getViewRelatedTables } from "./ViewRelatedTables/getViewRelatedTables";
 
 type Args = {
   selectParams: Omit<SubscribeParams, "throttle">;
@@ -27,144 +21,12 @@ type Args = {
  * When subscribing to a table: identify joined tables to subscribe to them
  */
 export async function getSubscribeRelatedTables(
-  this: ViewHandler,
+  this: ViewHandler | TableHandler,
   { filter, localParams, newQuery }: Args
 ) {
   let viewOptions: ViewSubscriptionOptions | undefined = undefined;
-  const { condition } = newQuery.whereOpts;
   if (this.is_view) {
-    /** TODO: this needs to be memoized on schema fetch */
-    const viewName = this.name;
-    const viewNameEscaped = this.escapedName;
-    const { current_schema } = await this.db.one<{ current_schema: string }>(
-      "SELECT current_schema"
-    );
-
-    /** Get list of used columns and their parent tables */
-    let { def } = await this.db.one<{ def: string }>("SELECT pg_get_viewdef(${viewName}) as def", {
-      viewName,
-    });
-    def = def.trim();
-    if (def.endsWith(";")) {
-      def = def.slice(0, -1);
-    }
-    if (!def || typeof def !== "string") {
-      throw getSerializedClientErrorFromPGError("Could get view definition", {
-        type: "tableMethod",
-        localParams,
-        view: this,
-      });
-    }
-    const { fields } = await this.dboBuilder.dbo.sql!(
-      `SELECT * FROM ( \n ${def} \n ) prostgles_subscribe_view_definition LIMIT 0`,
-      {},
-      { returnType: "default-with-rollback" }
-    );
-    const tableColumns = fields.filter((f) => f.tableName && f.columnName);
-
-    /** Create exists filters for each table */
-    const tableIds: string[] = Array.from(
-      new Set(tableColumns.map((tc) => tc.tableID!.toString()))
-    );
-    viewOptions = {
-      type: "view",
-      viewName,
-      definition: def,
-      relatedTables: [],
-    };
-    viewOptions.relatedTables = await Promise.all(
-      tableIds.map(async (tableID) => {
-        const table = this.dboBuilder.USER_TABLES!.find((t) => t.relid === +tableID)!;
-        let tableCols = tableColumns.filter((tc) => tc.tableID!.toString() === tableID);
-
-        /** If table has primary keys and they are all in this view then use only primary keys */
-        if (table.pkey_columns?.every((pkey) => tableCols.some((c) => c.columnName === pkey))) {
-          tableCols = tableCols.filter((c) => table.pkey_columns?.includes(c.columnName!));
-        } else {
-          /** Exclude non comparable data types */
-          tableCols = tableCols.filter((c) => !["json", "xml"].includes(c.udt_name));
-        }
-
-        const { relname: tableName, schemaname: tableSchema } = table;
-
-        if (tableCols.length) {
-          const tableNameEscaped =
-            tableSchema === current_schema ?
-              table.relname
-            : [tableSchema, tableName].map((v) => JSON.stringify(v)).join(".");
-
-          const fullCondition = `EXISTS (
-              SELECT 1
-              FROM ${viewNameEscaped}
-              WHERE ${tableCols.map((c) => `${tableNameEscaped}.${JSON.stringify(c.columnName)} = ${viewNameEscaped}.${JSON.stringify(c.name)}`).join(" AND \n")}
-              AND ${condition || "TRUE"}
-            )`;
-
-          try {
-            const { count } = await this.db.one<{ count: number }>(`
-            WITH ${asName(tableName)} AS (
-              SELECT * 
-              FROM ${asName(tableName)}
-              LIMIT 0
-            )
-
-            SELECT COUNT(*) as count
-            FROM (
-              ${def}
-            ) prostgles_view_ref_table_test
-          `);
-
-            const relatedTableSubscription = {
-              tableName: tableName,
-              tableNameEscaped,
-              condition: fullCondition,
-            };
-
-            if (count.toString() === "0") {
-              return relatedTableSubscription;
-            }
-          } catch (e) {
-            log(
-              `Could not not override subscribed view (${this.name}) table (${tableName}). Will not check condition`,
-              e
-            );
-          }
-        }
-
-        return {
-          tableName,
-          tableNameEscaped: JSON.stringify(tableName), // [table.schemaname, table.relname].map(v => JSON.stringify(v)).join("."),
-          condition: "TRUE",
-        };
-      })
-    );
-
-    /** Get list of remaining used inner tables */
-    const allUsedTables: { table_name: string; table_schema: string }[] = await this.db.any(
-      "SELECT distinct table_name, table_schema FROM information_schema.view_column_usage WHERE view_name = ${viewName}",
-      { viewName }
-    );
-
-    /** Remaining tables will have listeners on all records (condition = "TRUE") */
-    const remainingInnerTables = allUsedTables.filter(
-      (at) =>
-        !tableColumns.some(
-          (dc) => dc.tableName === at.table_name && dc.tableSchema === at.table_schema
-        )
-    );
-    viewOptions.relatedTables = [
-      ...viewOptions.relatedTables,
-      ...remainingInnerTables.map((t) => ({
-        tableName: t.table_name,
-        tableNameEscaped: [t.table_name, t.table_schema].map((v) => JSON.stringify(v)).join("."),
-        condition: "TRUE",
-      })),
-    ];
-
-    if (!viewOptions.relatedTables.length) {
-      throw "Could not subscribe to this view: no related tables found";
-    }
-
+    viewOptions = await getViewRelatedTables(this, localParams, newQuery);
     /** Any joined table used within select or filter must also be added a trigger for this recordset */
   } else {
     viewOptions = {

package/lib/DboBuilder/schema/getTablesForSchemaPostgresSQL.ts

@@ -227,6 +227,7 @@ export async function getTablesForSchemaPostgresSQL(
         table.parent_tables =
           getViewParentTables.data?.parent_tables.find((vr) => vr.oid === table.oid)?.table_names ??
           [];
+
         return table;
       });
       return { tablesAndViews };

package/lib/Prostgles.ts

@@ -6,7 +6,7 @@
 import type * as pgPromise from "pg-promise";
 import { AuthHandler } from "./Auth/AuthHandler";
 import { FileManager } from "./FileManager/FileManager";
-import type { OnInitReason} from "./initProstgles";
+import type { OnInitReason } from "./initProstgles";
 import { initProstgles } from "./initProstgles";
 import type { SchemaWatch } from "./SchemaWatch/SchemaWatch";
 import { getClientSchema } from "./WebsocketAPI/getClientSchema";
@@ -148,7 +148,7 @@ export class Prostgles {
       console.error(`Unrecognised ProstglesInitOptions params: ${unknownParams.join()}`);
     }
 
-    Object.assign(this.opts, params);
+    this.opts = { ...this.opts, ...params };
 
     /* set defaults */
     if (this.opts.fileTable) {
@@ -164,7 +164,12 @@ export class Prostgles {
   destroyed = false;
 
   checkDb() {
-    if (!this.db || !(this.db as any).connect) throw "something went wrong getting a db connection";
+    if (
+      !this.db ||
+      // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
+      !this.db.connect
+    )
+      throw "something went wrong getting a db connection";
   }
 
   getTSFileName() {

package/lib/PubSubManager/PubSubManager.ts

@@ -19,18 +19,11 @@ import { initPubSubManager } from "./init/initPubSubManager";
 import { initialiseEventTriggers } from "./initialiseEventTriggers";
 import { refreshTriggers } from "./refreshTriggers";
 
-import type {
-  AnyObject,
-  FieldFilter,
-  SelectParams,
-  WAL} from "prostgles-types";
-import {
-  CHANNELS,
-  type SubscribeOptions,
-} from "prostgles-types";
+import type { AnyObject, FieldFilter, SelectParams, WAL } from "prostgles-types";
+import { CHANNELS, type SubscribeOptions } from "prostgles-types";
 
 import { find, pickKeys } from "prostgles-types";
-import type { LocalFuncs} from "../DboBuilder/ViewHandler/subscribe";
+import type { LocalFuncs } from "../DboBuilder/ViewHandler/subscribe";
 import { getOnDataFunc, matchesLocalFuncs } from "../DboBuilder/ViewHandler/subscribe";
 import type { EventTypes } from "../Logging";
 import type { ParsedTableRule } from "../PublishParser/PublishParser";

package/lib/PublishParser/PublishParser.ts

@@ -1,4 +1,4 @@
-import type { Method} from "prostgles-types";
+import type { Method } from "prostgles-types";
 import { getObjectEntries, isObject } from "prostgles-types";
 import type { AuthClientRequest, AuthResultWithSID, SessionUser } from "../Auth/AuthTypes";
 import type { DBOFullyTyped } from "../DBSchemaBuilder/DBSchemaBuilder";
@@ -14,7 +14,8 @@ import type {
   DboTableCommand,
   ParsedTableRule,
   PublishMethods,
-  PublishParams} from "./publishTypesAndUtils";
+  PublishParams,
+} from "./publishTypesAndUtils";
 import {
   RULE_TO_METHODS,
   parsePublishTableRule,
@@ -72,18 +73,15 @@ export class PublishParser {
     return getV2Methods(publishMethods);
   }
 
-  async getAllowedMethods(
-    clientReq: AuthClientRequest,
-    userData: AuthResultWithSID | undefined
-  ): Promise<{ [key: string]: Method }> {
-    const methods: { [key: string]: Method } = {};
+  async getAllowedMethods(clientReq: AuthClientRequest, userData: AuthResultWithSID | undefined) {
+    const methods: Map<string, Method> = new Map();
 
     const publishParams = await this.getPublishParams(clientReq, userData);
     const v2Methods = this.publishMethodsV2;
     if (v2Methods) {
       for (const [name, method] of Object.entries(v2Methods)) {
         if (await method.isAllowed(publishParams)) {
-          methods[name] = method;
+          methods.set(name, method);
         }
       }
       return methods;
@@ -92,6 +90,9 @@ export class PublishParser {
     const _methods = await applyParamsIfFunc(this.publishMethods, publishParams);
     if (!_methods) return methods;
     getObjectEntries(_methods).map(([key, method]) => {
+      if (typeof key !== "string") {
+        throw `invalid publishMethods key -> ${String(key)} \n Expecting a string`;
+      }
       const isFuncLike = (maybeFunc: VoidFunction | Promise<void> | Promise<any>) =>
         typeof maybeFunc === "function" || typeof maybeFunc.then === "function";
       if (
@@ -99,7 +100,7 @@ export class PublishParser {
         // @ts-ignore
         (isObject(method) && isFuncLike(method.run))
       ) {
-        methods[key] = _methods[key]!;
+        methods.set(key, method);
       } else {
         throw `invalid publishMethods item -> ${key} \n Expecting a function or promise`;
       }

package/lib/PublishParser/getTableRulesWithoutFileTable.ts

@@ -9,11 +9,9 @@ import type {
   ParsedPublishTable,
   PublishTableRule,
   PublishViewRule,
-  SubscribeRule} from "./publishTypesAndUtils";
-import {
-  type PublishObject,
-  RULE_TO_METHODS
+  SubscribeRule,
 } from "./publishTypesAndUtils";
+import { type PublishObject, RULE_TO_METHODS } from "./publishTypesAndUtils";
 
 export async function getTableRulesWithoutFileTable(
   this: PublishParser,
@@ -21,7 +19,7 @@ export async function getTableRulesWithoutFileTable(
   clientInfo: AuthResultWithSID | undefined,
   overridenPublish?: PublishObject
 ): Promise<ParsedPublishTable | undefined> {
-  if (!tableName) throw new Error("publish OR socket OR dbo OR tableName are missing");
+  if (!tableName) throw new Error("tableName is missing in getTableRules");
 
   const publish =
     overridenPublish ?? (clientReq && (await this.getPublishAsObject(clientReq, clientInfo)));

package/lib/WebsocketAPI/getClientSchema.ts

@@ -62,7 +62,7 @@ export async function getClientSchema(
     const methodSchema: ClientSchema["methods"] =
       !methods ?
         []
-      : Object.entries(methods)
+      : Array.from(methods.entries())
           .map(([methodName, method]) => {
             if (isObject(method) && "run" in method) {
               return {

package/lib/WebsocketAPI/onSocketConnected.ts

@@ -1,5 +1,5 @@
-import type { AnyObject} from "prostgles-types";
-import { CHANNELS } from "prostgles-types";
+import type { AnyObject } from "prostgles-types";
+import { CHANNELS, getSerialisableError, isObject } from "prostgles-types";
 import type { Prostgles, TABLE_METHODS } from "../Prostgles";
 import type { PRGLIOSocket } from "../DboBuilder/DboBuilderTypes";
 import { runClientMethod, runClientRequest } from "../runClientRequest";
@@ -151,7 +151,8 @@ export async function onSocketConnected(this: Prostgles, socket: PRGLIOSocket) {
 }
 
 export function makeSocketError(cb: (err: AnyObject) => void, err: any) {
-  cb(getErrorAsObject(err));
+  const serializedError = getSerialisableError(err);
+  cb(isObject(serializedError) ? serializedError : { serializedError });
 }
 
 type SocketRequestParams = {

package/lib/initProstgles.ts

@@ -367,10 +367,6 @@ const getDbConnection = function ({
   pgp.pg.types.setTypeParser(pgp.pg.types.builtins.TIMESTAMPTZ, (v) => v); // timestamp with time zone
   pgp.pg.types.setTypeParser(pgp.pg.types.builtins.DATE, (v) => v); // date
 
-  // if (dbOptions) {
-  //   Object.assign(pgp.pg.defaults, dbOptions);
-  // }
-
   return {
     db: pgp(dbConnection),
     pgp,

package/lib/runClientRequest.ts

@@ -1,8 +1,6 @@
-import type {
-  SQLRequest,
-  TableHandler,
-  UserLike} from "prostgles-types";
+import type { SQLRequest, TableHandler, UserLike } from "prostgles-types";
 import {
+  getJSONBObjectSchemaValidationError,
   getKeys,
   pickKeys,
   type AnyObject,
@@ -13,7 +11,7 @@ import type { TableHandler as TableHandlerServer } from "./DboBuilder/TableHandl
 import { parseFieldFilter } from "./DboBuilder/ViewHandler/parseFieldFilter";
 import { canRunSQL } from "./DboBuilder/runSQL";
 import type { Prostgles } from "./Prostgles";
-import type { ParsedTableRule} from "./PublishParser/publishTypesAndUtils";
+import type { ParsedTableRule } from "./PublishParser/publishTypesAndUtils";
 import { type PermissionScope } from "./PublishParser/publishTypesAndUtils";
 
 const TABLE_METHODS = {
@@ -41,11 +39,11 @@ const SOCKET_ONLY_COMMANDS = [
 ] as const satisfies typeof TABLE_METHODS_KEYS;
 
 type Args = {
-  tableName: string;
-  command: string;
-  param1: any;
-  param2: any;
-  param3: any;
+  tableName: unknown;
+  command: unknown;
+  param1: unknown;
+  param2: unknown;
+  param3: unknown;
 };
 
 type TableMethodFunctionWithRulesAndLocalParams = (
@@ -58,7 +56,7 @@ type TableMethodFunctionWithRulesAndLocalParams = (
 
 export const runClientRequest = async function (
   this: Prostgles,
-  args: Args,
+  nonValidatedArgs: Args,
   clientReq: AuthClientRequest,
   scope: PermissionScope | undefined
 ) {
@@ -67,11 +65,22 @@ export const runClientRequest = async function (
     throw "socket/httpReq or authhandler missing";
   }
 
-  const { tableName, command: nonValidatedCommand, param1, param2, param3 } = args;
-  if (!TABLE_METHODS_KEYS.some((v) => v === nonValidatedCommand)) {
-    throw `Invalid command: ${nonValidatedCommand}. Expecting one of: ${TABLE_METHODS_KEYS.join(", ")};`;
+  const validation = getJSONBObjectSchemaValidationError(
+    {
+      tableName: { type: "string" },
+      command: { enum: TABLE_METHODS_KEYS },
+      param1: { type: "any", optional: true },
+      param2: { type: "any", optional: true },
+      param3: { type: "any", optional: true },
+    },
+    nonValidatedArgs,
+    "tableName"
+  );
+  if (validation.error !== undefined) {
+    throw validation.error;
   }
-  const command = nonValidatedCommand as keyof TableHandler;
+  const { tableName, command, param1, param2, param3 } = validation.data;
+
   if (!clientReq.socket && SOCKET_ONLY_COMMANDS.some((v) => v === command)) {
     throw (
       "The following commands cannot be completed over a non-websocket connection: " +
@@ -79,6 +88,10 @@ export const runClientRequest = async function (
     );
   }
 
+  if (!this.dboBuilder.dboMap.has(tableName)) {
+    throw `tableName ${tableName} is invalid or not allowed`;
+  }
+
   const clientInfo = await this.authHandler?.getSidAndUserFromRequest(clientReq);
   if (clientInfo === "new-session-redirect") {
     throw clientInfo;
@@ -159,7 +172,7 @@ export const clientCanRunSqlRequest = async function (
 
 export const runClientSqlRequest = async function (
   this: Prostgles,
-  reqData: SQLRequest,
+  unvalidatedArgs: SQLRequest,
   clientReq: AuthClientRequest
 ) {
   const { allowed } = await clientCanRunSqlRequest.bind(this)(clientReq);
@@ -167,23 +180,48 @@ export const runClientSqlRequest = async function (
     throw "Not allowed to execute sql";
   }
   if (!this.dbo?.sql) throw "Internal error: sql handler missing";
+  const validation = getJSONBObjectSchemaValidationError(
+    {
+      query: { type: "string" },
+      params: { type: "any", optional: true },
+      options: { type: "any", optional: true },
+    },
+    unvalidatedArgs,
+    "query"
+  );
+  if (validation.error !== undefined) {
+    throw validation.error;
+  }
+  const reqData = validation.data;
   const { query, params, options } = reqData;
   return this.dbo.sql(query, params, options, { clientReq });
 };
 
 type ArgsMethod = {
-  method: string;
+  method: unknown;
   params?: any[];
 };
 export const runClientMethod = async function (
   this: Prostgles,
-  reqArgs: ArgsMethod,
+  unvalidatedArgs: ArgsMethod,
   clientReq: AuthClientRequest
 ) {
+  const validation = getJSONBObjectSchemaValidationError(
+    {
+      method: { type: "string" },
+      params: { type: "any[]", optional: true },
+    },
+    unvalidatedArgs,
+    "method"
+  );
+  if (validation.error !== undefined) {
+    throw validation.error;
+  }
+  const reqArgs = validation.data;
   const { method, params = [] } = reqArgs;
   const methods = await this.publishParser?.getAllowedMethods(clientReq, undefined);
 
-  const methodDef = methods?.[method];
+  const methodDef = methods?.get(method);
   if (!methods || !methodDef) {
     throw "Disallowed/missing method " + JSON.stringify(method);
   }

package/lib/shortestPath.ts

@@ -25,7 +25,7 @@ export const findShortestPath = (
   // establish object for recording distances from the start node
   let distances: AnyObject = {};
   distances[endNode] = "Infinity";
-  distances = Object.assign(distances, graph[startNode]);
+  distances = { ...distances, ...graph[startNode] };
 
   // track paths
   const parents: AnyObject = { endNode: null };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prostgles-server",
-  "version": "4.2.347",
+  "version": "4.2.349",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -57,7 +57,7 @@
     "pg": "^8.15.6",
     "pg-cursor": "^2.14.6",
     "pg-promise": "^11.13.0",
-    "prostgles-types": "^4.0.182"
+    "prostgles-types": "^4.0.183"
   },
   "devDependencies": {
     "@eslint/js": "^9.22.0",