huanld/multiTenancyPoc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add aiven extras to db containers, migrate to new repo pattern

Browse Source
This commit is contained in:
Gergő Jedlicska
2024-09-11 22:37:24 +02:00
parent b806185565
commit daea6d3765
11 changed files with 3784 additions and 3043 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+1
View File
@@ -5,5 +5,6 @@
.swc
node_modules
ca-cert*
.data/*
dist
aiven_postgres/Dockerfile
+25
View File
@@ -0,0 +1,25 @@
FROM postgres:14.5-alpine as builder
RUN apk add --no-cache 'git=~2.36' \
'build-base=~0.5' \
'clang=~13.0' \
'llvm13=~13.0'
WORKDIR /
RUN git clone --branch 1.1.9 https://github.com/aiven/aiven-extras.git aiven-extras
WORKDIR /aiven-extras
RUN git checkout 36598ab \
&& git clean -df \
&& make \
&& make install
FROM postgres:14.5-alpine
COPY --from=builder /aiven-extras/aiven_extras.control /usr/local/share/postgresql/extension/aiven_extras.control
COPY --from=builder /aiven-extras/sql/aiven_extras.sql /usr/local/share/postgresql/extension/aiven_extras--1.1.9.sql
COPY --from=builder /aiven-extras/aiven_extras.so /usr/local/lib/postgresql/aiven_extras.so
EXPOSE 5432
CMD ["postgres"]
docker-compose.yml
+34 -16
View File
@@ -1,35 +1,53 @@
version: "3.9"
version: '3.9'
services:
postgres:
image: postgres:16-alpine
main-db:
build:
context: aiven_postgres
dockerfile: Dockerfile
volumes:
- ./.data/main-db:/var/lib/postgresql/data
ports:
- 5454:5432
volumes:
- ./.postgres-data:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=speckle
- POSTGRES_USER=speckle
- POSTGRES_DB=speckle_main
- POSTGRES_DB=speckle
extra_hosts:
- host.docker.internal:host-gateway
region-1:
image: postgres:16-alpine
region-1-db:
build:
context: aiven_postgres
dockerfile: Dockerfile
volumes:
- ./.data/region-1-db:/var/lib/postgresql/data
ports:
- 5455:5432
volumes:
- ./.postgres-region-1:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=speckle
- POSTGRES_USER=speckle
- POSTGRES_DB=speckle_main
- POSTGRES_DB=speckle
depends_on:
- main-db
region-2:
image: postgres:16-alpine
extra_hosts:
- host.docker.internal:host-gateway
region-2-db:
build:
context: aiven_postgres
dockerfile: Dockerfile
volumes:
- ./.data/region-2-db:/var/lib/postgresql/data
ports:
- 5456:5432
volumes:
- ./.postgres-region-2:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=speckle
- POSTGRES_USER=speckle
- POSTGRES_DB=speckle_main
- POSTGRES_DB=speckle
depends_on:
- main-db
extra_hosts:
- host.docker.internal:host-gateway
package.json
+1
View File
@@ -31,6 +31,7 @@
},
"dependencies": {
"@apollo/server": "^4.10.0",
"awilix": "^11.0.0",
"crypto-random-string": "^3.0.0",
"dataloader": "^2.2.2",
"dotenv": "^16.4.1",
pnpm-lock.yaml
Generated
+3202 -2563
View File
File diff suppressed because it is too large Load Diff
src/repositories.ts
+201 -186
View File
@@ -1,4 +1,4 @@
import { Knex } from 'knex'
import { Knex } from "knex";
import {
UserRecord,
Resource,
@@ -9,239 +9,254 @@ import {
Organization,
OrganizationAcl,
OrganizationResourceAcl,
ResourceRegion
} from './types'
ResourceRegion,
} from "./types";
export class RegionRepo {
db: Knex
export const saveResourceFactory =
({ db }: { db: Knex }) =>
async (resource: Resource): Promise<void> => {
await db<Resource>("resources").insert(resource);
};
constructor (db: Knex) {
this.db = db
}
async saveResource (resource: Resource): Promise<void> {
await this.db<Resource>('resources').insert(resource)
}
async findResource (resourceId: string): Promise<Resource | null> {
export const findResourceFactory =
({ db }: { db: Knex }) =>
async (resourceId: string): Promise<Resource | null> => {
return (
(await this.db<Resource>('resources')
.where({ id: resourceId })
.first()) ?? null
)
}
async saveComment (comment: Comment): Promise<void> {
await this.db<Comment>('comments').insert(comment)
}
async countComments (resourceId: string): Promise<number> {
const [rawCount] = await this.db<Comment>('comments')
.count()
.where({ resourceId })
return parseInt(rawCount.count as string)
}
async queryComments ({
resourceId,
limit,
cursor
}: {
resourceId: string
limit: number
cursor: string | null
}): Promise<Comment[]> {
const query = this.db<Comment>('comments').where({ resourceId })
if (cursor) {
query.andWhere('createdAt', '<', cursor)
}
return await query.limit(limit)
}
}
export class MainRepo extends RegionRepo {
async findUser (userId: string): Promise<UserRecord | null> {
return (
(await this.db<UserRecord>('users').where('id', '=', userId).first()) ??
(await db<Resource>("resources").where({ id: resourceId }).first()) ??
null
)
}
);
};
async queryUsers (): Promise<UserRecord[]> {
return await this.db<UserRecord>('users').select()
}
export const saveCommentFactory =
({ db }: { db: Knex }) =>
async (comment: Comment): Promise<void> => {
await db<Comment>("comments").insert(comment);
};
async saveUser (user: UserRecord): Promise<void> {
await this.db<UserRecord>('users').insert(user)
}
async getUsersResourceAcl ({
resourceId,
userId
}: ResourceAcl): Promise<ResourceAcl | null> {
return (
(await this.db<ResourceAcl>('resource_acl')
.where({ userId, resourceId })
.first()) ?? null
)
}
async saveResourceAcl (resourceAcl: ResourceAcl): Promise<void> {
await this.db<ResourceAcl>('resource_acl').insert(resourceAcl)
}
async countUsersResources (userId: string): Promise<number> {
const [rawCount] = await this.db<ResourceAcl>('resource_acl')
export const countCommentsFactory =
({ db }: { db: Knex }) =>
async (resourceId: string): Promise<number> => {
const [rawCount] = await db<Comment>("comments")
.count()
.where({ userId })
return parseInt(rawCount.count as string)
}
.where({ resourceId });
return parseInt(rawCount.count as string);
};
async findUsersResource ({
resourceId,
userId
}: ResourceAcl): Promise<ResourceAcl | null> {
export const findUserFactory =
({ db }: { db: Knex }) =>
async (userId: string): Promise<UserRecord | null> => {
return (
(await this.db<ResourceAcl>('resource_acl')
(await db<UserRecord>("users").where("id", "=", userId).first()) ?? null
);
};
export const queryUsersFactoy =
({ db }: { db: Knex }) =>
async (): Promise<UserRecord[]> => {
return await db<UserRecord>("users").select();
};
export const saveUserFactory =
({ db }: { db: Knex }) =>
async (user: UserRecord): Promise<void> => {
await db<UserRecord>("users").insert(user);
};
export const getUsersResourceAclFactory =
({ db }: { db: Knex }) =>
async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
return (
(await db<ResourceAcl>("resource_acl")
.where({ userId, resourceId })
.first()) ?? null
)
}
);
};
async queryResources ({
export const saveResourceAclFactory =
({ db }: { db: Knex }) =>
async (resourceAcl: ResourceAcl): Promise<void> => {
await db<ResourceAcl>("resource_acl").insert(resourceAcl);
};
export const countUsersResourcesFactory =
({ db }: { db: Knex }) =>
async (userId: string): Promise<number> => {
const [rawCount] = await db<ResourceAcl>("resource_acl")
.count()
.where({ userId });
return parseInt(rawCount.count as string);
};
export const findUsersResourceFactory =
({ db }: { db: Knex }) =>
async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
return (
(await db<ResourceAcl>("resource_acl")
.where({ userId, resourceId })
.first()) ?? null
);
};
export const queryResourcesFactory =
({ db }: { db: Knex }) =>
async ({
userId,
limit,
cursor
cursor,
}: {
userId: string
limit: number
cursor: string | null
}): Promise<Resource[]> {
let query = this.db<Resource & ResourceAcl>('resources')
.join('resource_acl', 'resources.id', 'resource_acl.resourceId')
.where({ userId })
if (cursor) {
query = query.andWhere('createdAt', '<', cursor)
userId: string;
limit: number;
cursor: string | null;
}): Promise<Resource[]> => {
let query = db<Resource & ResourceAcl>("resources")
.join("resource_acl", "resources.id", "resource_acl.resourceId")
.where({ userId });
if (cursor !== null) {
query = query.andWhere("createdAt", "<", cursor);
}
const items = await query.orderBy('createdAt', 'desc').limit(limit)
return items
}
const items = await query.orderBy("createdAt", "desc").limit(limit);
return items;
};
async countResourceComments (resourceId: string): Promise<number> {
const [rawCount] = await this.db<Comment>('comments')
export const countResourceCommentsFactory =
({ db }: { db: Knex }) =>
async (resourceId: string): Promise<number> => {
const [rawCount] = await db<Comment>("comments")
.count()
.where({ resourceId })
return parseInt(rawCount.count as string)
}
.where({ resourceId });
return parseInt(rawCount.count as string);
};
async queryComments ({
export const queryCommentsFactory =
({ db }: { db: Knex }) =>
async ({
resourceId,
limit,
cursor
cursor,
}: {
resourceId: string
limit: number
cursor: string | null
}): Promise<Comment[]> {
let query = this.db<Comment>('comments').where({ resourceId })
if (cursor) {
query = query.andWhere('createdAt', '<', cursor)
resourceId: string;
limit: number;
cursor: string | null;
}): Promise<Comment[]> => {
let query = db<Comment>("comments").where({ resourceId });
if (cursor !== null) {
query = query.andWhere("createdAt", "<", cursor);
}
return await query.orderBy('createdAt', 'desc').limit(limit)
}
return await query.orderBy("createdAt", "desc").limit(limit);
};
async queryRegions (
export const queryRegionsFactory =
({ db }: { db: Knex }) =>
async (
params:
| {
connectionString?: string | undefined
}
| undefined = undefined
): Promise<Region[]> {
const query = this.db<Region>('regions')
if ((params != null) && params.connectionString) query.where(params)
return await query.select()
}
| {
connectionString?: string | undefined;
}
| undefined = undefined,
): Promise<Region[]> => {
let query = db<Region>("regions");
if (params?.connectionString !== undefined) query = query.where(params);
return await query.select();
};
async findRegion (id: string): Promise<Region | null> {
return (await this.db<Region>('regions').where({ id }).first()) ?? null
}
export const findRegionFactory =
({ db }: { db: Knex }) =>
async (id: string): Promise<Region | null> => {
return (await db<Region>("regions").where({ id }).first()) ?? null;
};
async queryOrganizationsRegions (): Promise<OrganizationsRegions[]> {
return await this.db<OrganizationsRegions>('organizations_regions').select()
}
export const queryOrganizationsRegionsFactory =
({ db }: { db: Knex }) =>
async (): Promise<OrganizationsRegions[]> => {
return await db<OrganizationsRegions>("organizations_regions").select();
};
async findOrganizationRegion ({
export const findOrganizationRegionFactory =
({ db }: { db: Knex }) =>
async ({
regionId,
organizationId
}: OrganizationsRegions): Promise<OrganizationsRegions | null> {
organizationId,
}: OrganizationsRegions): Promise<OrganizationsRegions | null> => {
return (
(await this.db<OrganizationsRegions>('organizations_regions')
(await db<OrganizationsRegions>("organizations_regions")
.where({ regionId, organizationId })
.first()) ?? null
)
}
);
};
async saveRegion (region: Region): Promise<void> {
await this.db<Region>('regions').insert(region)
}
export const saveRegionFactory =
({ db }: { db: Knex }) =>
async (region: Region): Promise<void> => {
await db<Region>("regions").insert(region);
};
async saveOrganization (organization: Organization) {
await this.db<Organization>('organizations').insert(organization)
}
export const saveOrganizationFactory =
({ db }: { db: Knex }) =>
async (organization: Organization): Promise<void> => {
await db<Organization>("organizations").insert(organization);
};
async findOrganization (id: string): Promise<Organization | null> {
export const findOrganizationFactory =
({ db }: { db: Knex }) =>
async (id: string): Promise<Organization | null> => {
return (
(await this.db<Organization>('organizations').where({ id }).first()) ??
null
)
}
(await db<Organization>("organizations").where({ id }).first()) ?? null
);
};
async queryOrganizations (): Promise<Organization[]> {
return await this.db<Organization>('organizations').select()
}
export const queryOrganizationsFactory =
({ db }: { db: Knex }) =>
async (): Promise<Organization[]> => {
return await db<Organization>("organizations").select();
};
async saveOrganizationRegion (or: OrganizationsRegions): Promise<void> {
return await this.db<OrganizationsRegions>('organizations_regions').insert(
or
)
}
export const saveOrganizationRegionFactory =
({ db }: { db: Knex }) =>
async (or: OrganizationsRegions): Promise<void> => {
return await db<OrganizationsRegions>("organizations_regions").insert(or);
};
async saveOrganizationAcl (orgAcl: OrganizationAcl): Promise<void> {
await this.db<OrganizationsRegions>('organization_acl').insert(orgAcl)
}
export const saveOrganizationAclFactory =
({ db }: { db: Knex }) =>
async (orgAcl: OrganizationAcl): Promise<void> => {
await db<OrganizationsRegions>("organization_acl").insert(orgAcl);
};
async findOrganizationAcl ({
export const findOrganizationAclFactory =
({ db }: { db: Knex }) =>
async ({
userId,
organizationId
}: OrganizationAcl): Promise<OrganizationAcl | null> {
organizationId,
}: OrganizationAcl): Promise<OrganizationAcl | null> => {
return (
(await this.db<OrganizationAcl>('organization_acl')
(await db<OrganizationAcl>("organization_acl")
.where({ userId, organizationId })
.first()) ?? null
)
}
);
};
async saveOrganizationResourceAcl (
item: OrganizationResourceAcl
): Promise<void> {
await this.db<OrganizationResourceAcl>('organization_resource_acl').insert(
item
)
}
export const saveOrganizationResourceAclFactory =
({ db }: { db: Knex }) =>
async (item: OrganizationResourceAcl): Promise<void> => {
await db<OrganizationResourceAcl>("organization_resource_acl").insert(item);
};
async findResourceRegion ({
resourceId
export const findResourceRegionFactory =
({ db }: { db: Knex }) =>
async ({
resourceId,
}: {
resourceId: string
}): Promise<ResourceRegion | null> {
resourceId: string;
}): Promise<ResourceRegion | null> => {
return (
(await this.db<ResourceRegion>('resource_region')
(await db<ResourceRegion>("resource_region")
.where({ resourceId })
.first()) ?? null
)
}
);
};
async saveResourceRegion (item: ResourceRegion): Promise<void> {
await this.db<ResourceRegion>('resource_region').insert(item)
}
}
export const saveResourceRegionFactory =
({ db }: { db: Knex }) =>
async (item: ResourceRegion): Promise<void> => {
await db<ResourceRegion>("resource_region").insert(item);
};
src/resolvers.ts
+133 -107
View File
@@ -1,7 +1,9 @@
import { RegionRepo, MainRepo } from './repositories'
import { getComments } from './services/comments'
import { createResource, getResources } from './services/resources'
import { GraphQLError } from 'graphql'
import { getCommentsFactory } from "./services/comments";
import {
createResourceFactory,
getResourcesFactory,
} from "./services/resources";
import { GraphQLError } from "graphql";
import {
Resource,
UserRecord,
@@ -11,167 +13,191 @@ import {
OrganizationsRegions,
OrganizationAcl,
CommentCreateArgs,
UserCreateArgs
} from './types'
UserCreateArgs,
} from "./types";
import {
createOrganization,
registerRegion,
getMainRepo,
getRegionRepo,
getResourceRepo
} from './services/databaseManagement'
import { authorizeUserOrgRegion } from './services/authz'
import cryptoRandomString from 'crypto-random-string'
getResourceDb,
getMainDbClient,
getRegionDb,
} from "./services/databaseManagement";
import { authorizeUserOrgRegionFactory } from "./services/authz";
import cryptoRandomString from "crypto-random-string";
import {
countCommentsFactory,
countUsersResourcesFactory,
findOrganizationAclFactory,
findOrganizationRegionFactory,
findResourceFactory,
findUserFactory,
getUsersResourceAclFactory,
queryCommentsFactory,
queryOrganizationsFactory,
queryRegionsFactory,
queryResourcesFactory,
queryUsersFactoy,
saveCommentFactory,
saveOrganizationAclFactory,
saveOrganizationRegionFactory,
saveOrganizationResourceAclFactory,
saveResourceAclFactory,
saveResourceFactory,
saveResourceRegionFactory,
saveUserFactory,
} from "./repositories";
const db = getMainDbClient();
// Resolvers define how to fetch the types defined in your schema.
// This resolver retrieves books from the "books" array above.
export const resolvers = {
Query: {
async users () {
return await getMainRepo().queryUsers()
async users() {
return await queryUsersFactoy({ db })();
},
async user (_: unknown, args: { id: string }) {
return await getMainRepo().findUser(args.id)
async user(_: unknown, args: { id: string }) {
return await findUserFactory({ db })(args.id);
},
async resource (
async resource(
_: unknown,
args: { id: string, userId: string }
args: { id: string; userId: string },
): Promise<Resource> {
const mainRepo = getMainRepo()
const maybeAcl = await mainRepo.getUsersResourceAcl({
const maybeAcl = await getUsersResourceAclFactory({ db })({
userId: args.userId,
resourceId: args.id
})
resourceId: args.id,
});
if (maybeAcl == null) {
throw new GraphQLError(
"The user doesn't have access to the given resource",
{
extensions: {
code: 'FORBIDDEN'
}
}
)
code: "FORBIDDEN",
},
},
);
}
const resourceRepo = await getResourceRepo(args.id)
const maybeResource = await resourceRepo.findResource(args.id)
const resourceDb = await getResourceDb(args.id);
const maybeResource = await findResourceFactory({ db: resourceDb })(
args.id,
);
if (maybeResource == null) {
throw new GraphQLError('Resource not found', {
extensions: { code: 'RESOURCE_NOT_FOUND' }
})
throw new GraphQLError("Resource not found", {
extensions: { code: "RESOURCE_NOT_FOUND" },
});
}
return maybeResource
return maybeResource;
},
async organizations () {
return await getMainRepo().queryOrganizations()
async organizations() {
return await queryOrganizationsFactory({ db })();
},
async regions() {
return await queryRegionsFactory({ db })();
},
async regions () {
return await getMainRepo().queryRegions()
}
},
User: {
async resources (parent: UserRecord, args: PaginationArgs) {
const mainRepo = getMainRepo()
return await getResources(
mainRepo.countUsersResources.bind(mainRepo),
mainRepo.queryResources.bind(mainRepo)
)({ userId: parent.id, ...args })
}
async resources(parent: UserRecord, args: PaginationArgs) {
return await getResourcesFactory(
countUsersResourcesFactory({ db }),
queryResourcesFactory({ db }),
)({ userId: parent.id, ...args });
},
},
Resource: {
async comments (
async comments(
parent: Resource,
{ limit, cursor }: PaginationArgs
{ limit, cursor }: PaginationArgs,
): Promise<CommentCollection> {
const resourceRepo = await getResourceRepo(parent.id)
return await getComments(
resourceRepo.countComments.bind(resourceRepo),
resourceRepo.queryComments.bind(resourceRepo)
const resourceDb = await getResourceDb(parent.id);
return await getCommentsFactory(
countCommentsFactory({ db: resourceDb }),
queryCommentsFactory({ db: resourceDb }),
)({
resourceId: parent.id,
limit,
cursor
})
}
cursor,
});
},
},
Mutation: {
async createUser (
async createUser(
_: unknown,
{ input: { name } }: { input: UserCreateArgs }
{ input: { name } }: { input: UserCreateArgs },
) {
const id = cryptoRandomString({ length: 10 })
await getMainRepo().saveUser({ id, name })
return id
const id = cryptoRandomString({ length: 10 });
await saveUserFactory({ db })({ id, name });
return id;
},
async registerRegion (
async registerRegion(
_: unknown,
args: {
name: string
connectionString: string
sslCaCert: string | null
}
name: string;
connectionString: string;
sslCaCert: string | null;
},
) {
return await registerRegion(args)
return await registerRegion(args);
},
async createOrganization (_: unknown, args: { name: string }) {
return await createOrganization(args.name)
async createOrganization(_: unknown, args: { name: string }) {
return await createOrganization(args.name);
},
async addRegionToOrganization (_: unknown, args: OrganizationsRegions) {
await getMainRepo().saveOrganizationRegion(args)
async addRegionToOrganization(_: unknown, args: OrganizationsRegions) {
await saveOrganizationRegionFactory({ db })(args);
},
async addUserToOrganization (
async addUserToOrganization(
_: unknown,
{ input: args }: { input: OrganizationAcl }
{ input: args }: { input: OrganizationAcl },
) {
await getMainRepo().saveOrganizationAcl(args)
await saveOrganizationAclFactory({ db })(args);
},
async createResource (
async createResource(
_: unknown,
{ input: args }: { input: ResourceCreateArgs }
{ input: args }: { input: ResourceCreateArgs },
) {
const mainRepo = getMainRepo()
await authorizeUserOrgRegion(
mainRepo.findOrganizationAcl.bind(mainRepo),
mainRepo.findOrganizationRegion.bind(mainRepo)
)(args)
await authorizeUserOrgRegionFactory(
findOrganizationAclFactory({ db }),
findOrganizationRegionFactory({ db }),
)(args);
const repo = args.regionId
? await getRegionRepo({ regionId: args.regionId })
: mainRepo
const resourceDb =
args.regionId !== null
? await getRegionDb({ regionId: args.regionId })
: db;
const resourceId = await createResource(
repo.saveResource.bind(repo),
mainRepo.saveResourceAcl.bind(mainRepo)
)(args)
const resourceId = await createResourceFactory(
saveResourceFactory({ db: resourceDb }),
saveResourceAclFactory({ db }),
)(args);
if (args.organizationId) {
await mainRepo.saveOrganizationResourceAcl({
if (args.organizationId !== null) {
await saveOrganizationResourceAclFactory({ db })({
organizationId: args.organizationId,
resourceId
})
if (args.regionId) {
await mainRepo.saveResourceRegion({
resourceId,
});
if (args.regionId !== null) {
await saveResourceRegionFactory({ db })({
resourceId,
// i know its not null here, the authz function ensures it
regionId: args.regionId
})
regionId: args.regionId,
});
}
}
return resourceId
return resourceId;
},
async addComment (
async addComment(
_: unknown,
{ input: args }: { input: CommentCreateArgs }
{ input: args }: { input: CommentCreateArgs },
) {
const mainRepo = getMainRepo()
const resourceAcl = await mainRepo.getUsersResourceAcl(args)
if (resourceAcl == null) { throw new Error("The user doesn't have access to the given resource") }
const resourceAcl = await getUsersResourceAclFactory({ db })(args);
if (resourceAcl == null) {
throw new Error("The user doesn't have access to the given resource");
}
// 2. get resource db client
const resourceRepo = await getResourceRepo(args.resourceId)
const resourceDb = await getResourceDb(args.resourceId);
// 3. save comment to db
const id = cryptoRandomString({ length: 10 })
const createdAt = new Date()
await resourceRepo.saveComment({ id, createdAt, ...args })
return id
}
}
}
const id = cryptoRandomString({ length: 10 });
const createdAt = new Date();
await saveCommentFactory({ db: resourceDb })({ id, createdAt, ...args });
return id;
},
},
};
src/services/authz.ts
+18 -12
View File
@@ -1,23 +1,29 @@
import {
OrganizationAcl,
OrganizationsRegions,
UserOrgRegionArgs
} from '../types'
UserOrgRegionArgs,
} from "../types";
export const authorizeUserOrgRegion =
export const authorizeUserOrgRegionFactory =
(
orgAclGetter: (params: OrganizationAcl) => Promise<OrganizationAcl | null>,
orgRegionGetter: (
params: OrganizationsRegions,
) => Promise<OrganizationsRegions | null>
) => Promise<OrganizationsRegions | null>,
) =>
async ({ userId, regionId, organizationId }: UserOrgRegionArgs) => {
if (!organizationId && regionId) { throw new Error("public org doesn't support regions") }
if (organizationId) {
if (!regionId) throw new Error('organizations can only write to regions')
const orgAcl = await orgAclGetter({ organizationId, userId })
if (orgAcl == null) { throw new Error("user doesn't have access to this organization") }
const orgRegion = await orgRegionGetter({ organizationId, regionId })
if (orgRegion == null) { throw new Error('organization doesnt have access to this region') }
async ({ userId, regionId, organizationId }: UserOrgRegionArgs) => {
if (!organizationId && regionId) {
throw new Error("public org doesn't support regions");
}
if (organizationId) {
if (!regionId) throw new Error("organizations can only write to regions");
const orgAcl = await orgAclGetter({ organizationId, userId });
if (orgAcl == null) {
throw new Error("user doesn't have access to this organization");
}
const orgRegion = await orgRegionGetter({ organizationId, regionId });
if (orgRegion == null) {
throw new Error("organization doesnt have access to this region");
}
}
};
src/services/comments.ts
+16 -16
View File
@@ -1,25 +1,25 @@
import { CommentCollection, PaginationArgs, Comment } from '../types'
import { CommentCollection, PaginationArgs, Comment } from "../types";
interface GetCommentsArgs extends PaginationArgs {
resourceId: string
resourceId: string;
}
export const getComments =
export const getCommentsFactory =
(
countComments: (resourceId: string) => Promise<number>,
queryComments: (params: GetCommentsArgs) => Promise<Comment[]>
queryComments: (params: GetCommentsArgs) => Promise<Comment[]>,
) =>
async (params: GetCommentsArgs): Promise<CommentCollection> => {
async (params: GetCommentsArgs): Promise<CommentCollection> => {
// yes, i should be doing base64 de and encoding with the cursor...
const totalCount = await countComments(params.resourceId)
const items = await queryComments(params)
let cursor = null
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString()
}
return {
totalCount,
items,
cursor
}
const totalCount = await countComments(params.resourceId);
const items = await queryComments(params);
let cursor = null;
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString();
}
return {
totalCount,
items,
cursor,
};
};
src/services/databaseManagement.ts
+126 -116
View File
@@ -1,152 +1,162 @@
import { POSTGRES_URL } from '../config'
import { RegionRepo, MainRepo } from '../repositories'
import knex, { Knex } from 'knex'
import cryptoRandomString from 'crypto-random-string'
import { POSTGRES_URL } from "../config";
import knex, { Knex } from "knex";
import cryptoRandomString from "crypto-random-string";
import {
findRegionFactory,
findResourceRegionFactory,
queryRegionsFactory,
saveOrganizationFactory,
saveRegionFactory,
} from "../repositories";
const migrateToLatest = async (db: Knex): Promise<void> => {
const plannedMigrations: Array<{ file: string }> = (
await db.migrate.list()
)[1]
)[1];
if (plannedMigrations.length > 0) {
console.log(
`🕰️ planning migrations: ${plannedMigrations
.map((m) => m.file)
.join(',')}`
)
.join(",")}`,
);
} else {
console.log('no migrations are planned')
console.log("no migrations are planned");
}
// TODO: make sure if a migration fails, all migrations are rolled back
await db.migrate.latest()
}
await db.migrate.latest();
};
export const migrateAll = async (): Promise<void> => {
await migrateToLatest(mainRepo.db)
const repos = await getAllRepositories()
await migrateToLatest(db);
const dbClients = await getAllDbClients();
await Promise.all([
...repos.map(async (repo) => await migrateToLatest(repo.db))
])
}
...dbClients.map(async (db) => await migrateToLatest(db)),
]);
};
const createDatabaseConfig = (
connectionString: string,
sslCaCert: string | null
sslCaCert: string | null,
): Knex.Config => {
const config: Knex.Config = {
client: 'pg',
client: "pg",
connection: {
connectionString,
ssl: sslCaCert
? {
ca: sslCaCert,
rejectUnauthorized: true
rejectUnauthorized: true,
}
: undefined
: undefined,
},
migrations: {
directory: 'src/migrations',
extension: 'ts'
}
}
return config
}
directory: "src/migrations",
extension: "ts",
},
};
return config;
};
const mainRepo = new MainRepo(knex(createDatabaseConfig(POSTGRES_URL, null)))
const db = knex(createDatabaseConfig(POSTGRES_URL, null));
const _repoStore: Map<string, RegionRepo> = new Map()
export const getRegionRepo = async ({
regionId
const dbClientStore: Map<string, Knex> = new Map();
const findRegion = findRegionFactory({ db });
export const getRegionDb = async ({
regionId,
}: {
regionId: string | undefined
}): Promise<RegionRepo> => {
if (!regionId) return mainRepo
const maybeRepo = _repoStore.get(regionId)
if (maybeRepo != null) return maybeRepo
const maybeRegion = await mainRepo.findRegion(regionId)
if (maybeRegion == null) throw Error(`region ${regionId} not found`)
const repo = new RegionRepo(
knex(
createDatabaseConfig(maybeRegion.connectionString, maybeRegion.sslCaCert)
)
)
_repoStore.set(regionId, repo)
return repo
}
regionId: string | undefined;
}): Promise<Knex> => {
if (!regionId) return db;
const maybeClient = dbClientStore.get(regionId);
if (maybeClient != null) return maybeClient;
const maybeRegion = await findRegion(regionId);
if (maybeRegion == null) throw Error(`region ${regionId} not found`);
const client = knex(
createDatabaseConfig(maybeRegion.connectionString, maybeRegion.sslCaCert),
);
dbClientStore.set(regionId, client);
return client;
};
export const getMainRepo = (): MainRepo => mainRepo
export const getMainDbClient = (): Knex => db;
const queryRegions = queryRegionsFactory({ db });
const saveRegion = saveRegionFactory({ db });
export const registerRegion = async ({
name,
connectionString,
sslCaCert
sslCaCert,
}: {
name: string
connectionString: string
sslCaCert: string | null
name: string;
connectionString: string;
sslCaCert: string | null;
}): Promise<string> => {
const regions = await mainRepo.queryRegions({ connectionString })
if (regions.length > 0) throw new Error('This region is already registered')
const id = cryptoRandomString({ length: 10 })
const repo = new RegionRepo(
knex(createDatabaseConfig(connectionString, sslCaCert))
)
await migrateToLatest(repo.db)
_repoStore.set(id, repo)
const regions = await queryRegions({ connectionString });
if (regions.length > 0) throw new Error("This region is already registered");
const id = cryptoRandomString({ length: 10 });
const newDb = knex(createDatabaseConfig(connectionString, sslCaCert));
await migrateToLatest(newDb);
dbClientStore.set(id, newDb);
const sslmode = sslCaCert ? 'require' : 'disable'
const sslmode = sslCaCert ? "require" : "disable";
await setUpUserReplication({
from: mainRepo.db,
to: repo.db,
from: db,
to: newDb,
regionName: name,
sslmode
})
sslmode,
});
await setUpResourceReplication({
from: repo.db,
to: mainRepo.db,
from: newDb,
to: db,
regionName: name,
sslmode
})
sslmode,
});
await mainRepo.saveRegion({
await saveRegion({
id,
name,
connectionString,
sslCaCert
})
return id
}
sslCaCert,
});
return id;
};
const saveOrganization = saveOrganizationFactory({ db });
export const createOrganization = async (name: string): Promise<string> => {
const id = cryptoRandomString({ length: 10 })
await mainRepo.saveOrganization({ id, name })
return id
}
const id = cryptoRandomString({ length: 10 });
await saveOrganization({ id, name });
return id;
};
interface ReplicationArgs {
from: Knex
to: Knex
sslmode: string
regionName: string
from: Knex;
to: Knex;
sslmode: string;
regionName: string;
}
const setUpUserReplication = async ({
from,
to,
sslmode,
regionName
regionName,
}: ReplicationArgs): Promise<void> => {
// TODO: ensure its created...
try {
await from.raw('CREATE PUBLICATION userspub FOR TABLE users;')
await from.raw("CREATE PUBLICATION userspub FOR TABLE users;");
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
if (!(err instanceof Error)) throw err;
if (!err.message.includes("already exists")) throw err;
}
const fromUrl = new URL(from.client.config.connection.connectionString)
const fromDbName = fromUrl.pathname.replace('/', '')
const subName = `userssub_${regionName}`
const fromUrl = new URL(from.client.config.connection.connectionString);
const fromDbName = fromUrl.pathname.replace("/", "");
const subName = `userssub_${regionName}`;
const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
'${subName}',
'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
@@ -154,32 +164,32 @@ const setUpUserReplication = async ({
'${subName}',
TRUE,
TRUE
);`
);`;
try {
await to.raw(rawSqeel)
await to.raw(rawSqeel);
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
if (!(err instanceof Error)) throw err;
if (!err.message.includes("already exists")) throw err;
}
}
};
const setUpResourceReplication = async ({
from,
to,
regionName,
sslmode
sslmode,
}: ReplicationArgs): Promise<void> => {
// TODO: ensure its created...
try {
await from.raw('CREATE PUBLICATION resourcepub FOR TABLE resources;')
await from.raw("CREATE PUBLICATION resourcepub FOR TABLE resources;");
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
if (!(err instanceof Error)) throw err;
if (!err.message.includes("already exists")) throw err;
}
const fromUrl = new URL(from.client.config.connection.connectionString)
const fromDbName = fromUrl.pathname.replace('/', '')
const subName = `resourcesub_${regionName}`
const fromUrl = new URL(from.client.config.connection.connectionString);
const fromDbName = fromUrl.pathname.replace("/", "");
const subName = `resourcesub_${regionName}`;
const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
'${subName}',
'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
@@ -187,26 +197,26 @@ const setUpResourceReplication = async ({
'${subName}',
TRUE,
TRUE
);`
);`;
try {
await to.raw(rawSqeel)
await to.raw(rawSqeel);
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
if (!(err instanceof Error)) throw err;
if (!err.message.includes("already exists")) throw err;
}
}
};
export const getAllRepositories = async (): Promise<RegionRepo[]> => {
const regions = await mainRepo.queryRegions({})
const regionRepos = await Promise.all(
regions.map(async (region) => await getRegionRepo({ regionId: region.id }))
)
return [mainRepo, ...regionRepos]
}
export const getAllDbClients = async (): Promise<Knex[]> => {
const regions = await queryRegions({});
const regionClients = await Promise.all(
regions.map(async (region) => await getRegionDb({ regionId: region.id })),
);
return [db, ...regionClients];
};
export const getResourceRepo = async (
resourceId: string
): Promise<RegionRepo> => {
const resourceRegion = await mainRepo.findResourceRegion({ resourceId })
return (resourceRegion != null) ? await getRegionRepo(resourceRegion) : getMainRepo()
}
const findResourceRegion = findResourceRegionFactory({ db });
export const getResourceDb = async (resourceId: string): Promise<Knex> => {
const resourceRegion = await findResourceRegion({ resourceId });
return resourceRegion != null ? await getRegionDb(resourceRegion) : db;
};
src/services/resources.ts
+27 -27
View File
@@ -1,47 +1,47 @@
import cryptoRandomString from 'crypto-random-string'
import cryptoRandomString from "crypto-random-string";
import {
Resource,
PaginationArgs,
ResourceCollection,
ResourceCreateArgs,
ResourceAcl
} from '../types'
ResourceAcl,
} from "../types";
interface GetResourcesArgs extends PaginationArgs {
userId: string
userId: string;
}
export const getResources =
export const getResourcesFactory =
(
countResources: (userId: string) => Promise<number>,
queryResources: (params: GetResourcesArgs) => Promise<Resource[]>
queryResources: (params: GetResourcesArgs) => Promise<Resource[]>,
) =>
async (params: GetResourcesArgs): Promise<ResourceCollection> => {
const totalCount = await countResources(params.userId)
const items = await queryResources(params)
let cursor = null
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString()
}
return {
totalCount,
items,
cursor
}
async (params: GetResourcesArgs): Promise<ResourceCollection> => {
const totalCount = await countResources(params.userId);
const items = await queryResources(params);
let cursor = null;
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString();
}
return {
totalCount,
items,
cursor,
};
};
export const createResource =
export const createResourceFactory =
(
resourceSaver: (resource: Resource) => Promise<void>,
resourceAclSaver: (resourceAcl: ResourceAcl) => Promise<void>
resourceAclSaver: (resourceAcl: ResourceAcl) => Promise<void>,
) =>
async ({ userId, name }: ResourceCreateArgs): Promise<string> => {
async ({ userId, name }: ResourceCreateArgs): Promise<string> => {
// 1. if no org, create project in main region, validate that, regionId is null
// 2. if org, validate if user has access to the org
// 3. if org and region, validate if org has access to region
// 4. create resource
const id = cryptoRandomString({ length: 10 })
const resource = { id, name, createdAt: new Date() }
await resourceSaver(resource)
await resourceAclSaver({ resourceId: id, userId })
return id
}
const id = cryptoRandomString({ length: 10 });
const resource = { id, name, createdAt: new Date() };
await resourceSaver(resource);
await resourceAclSaver({ resourceId: id, userId });
return id;
};