feat(ioc): awilix POC

.gitignore

@@ -1,8 +1,10 @@
-.postgres-data
+.postgres-*
 .tool-versions
 .env
 .envrc
 .swc
 node_modules
+ca-cert*
+.data/*
 
-dist
+dist

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+  "cSpell.words": ["awilix"]
+}

README.md

@@ -0,0 +1,71 @@
+# Multi tenancy sketches
+
+This project is a synthetic test project for implementing multi tenancy.
+Its a functional graphql api backend, that is easiest to access from the apollo graphql explorer.
+The api and the explorer are available by default at `http://localhost:4000` by default,
+after the app and its dependencies have been started
+
+## Project setup
+
+This project is using [`pnpm`](https://pnpm.io/) as its package manager.
+To start the required databases or other dependencies, run `docker compose up -d`
+
+## About Postgres setup
+
+I had to change the `wal_level` on my local postgres instances
+it is done with running the SQL command below, and restating the database server:
+
+```sql
+ALTER SYSTEM SET wal_level = logical;
+```
+
+When registering a new region on a DigitalOcean postgres server, the default user doesn't have the required roles to set up a subscription.
+On DO we can use [aiven-extras](https://github.com/aiven/aiven-extras) to create subs without root access.
+The current branch is utilizing just that. But it needs a setup step executed on each database, that is registered as a region
+
+Run this in a `psql` shell
+
+```sql
+CREATE EXTENSION aiven_extras;
+```
+
+Note: Postgres subscriptions (which we use) in the same db server don't work that easily; easiest way to get things going is to set up multiple db servers locally.
+
+## Project description
+
+The app has these basic concepts:
+
+### User
+
+A user of the system (obviously). User authn is not implemented, authz is very simplified.
+
+### Resource
+
+This is an abstract object representing a project, that multiple users might work on.
+The notion of work on is currently implemented as the comment create action.
+A resource might belong to an organization or belong to the default (null) organization.
+
+### Comment
+
+A text note, that belongs to a given resource, created by a user.
+
+### Region
+
+A geo-located data storage region, currently implemented as a PostgresSQL database server.
+When providing a connection url to a region, make sure to not include a database name or any trailing `/`-s in the url.
+
+### Organization
+
+A collection of users and an owner of resource. Any user may create organizations.
+Organizations may be granted access to any given region. That action creates a new database in the region DB server. migrates it to the latest DB schema and sets up user and resource publish and subscribe mechanisms.
+
+## Steps to flex this POC
+
+Using the exposed graphql explorer, you can go ahead and
+
+- create a user
+- create an organisation
+- add the user to the organisation
+- create regions & associate them with an organisation
+- create a resource in the default organisation, or for a specific organisation & region
+- etc.

aiven_postgres/Dockerfile

@@ -0,0 +1,25 @@
+FROM postgres:14.5-alpine as builder
+
+RUN apk add --no-cache 'git=~2.36' \
+  'build-base=~0.5' \
+  'clang=~13.0' \
+  'llvm13=~13.0'
+
+WORKDIR /
+RUN git clone --branch 1.1.9 https://github.com/aiven/aiven-extras.git aiven-extras
+
+WORKDIR /aiven-extras
+RUN git checkout 36598ab \
+  && git clean -df \
+  && make \
+  && make install
+
+FROM postgres:14.5-alpine
+
+COPY --from=builder /aiven-extras/aiven_extras.control /usr/local/share/postgresql/extension/aiven_extras.control
+COPY --from=builder /aiven-extras/sql/aiven_extras.sql /usr/local/share/postgresql/extension/aiven_extras--1.1.9.sql
+COPY --from=builder /aiven-extras/aiven_extras.so /usr/local/lib/postgresql/aiven_extras.so
+
+EXPOSE 5432
+
+CMD ["postgres"]

docker-compose.yml

@@ -1,13 +1,53 @@
-version: "3.9"
+version: '3.9'
 
 services:
-  postgres:
+  main-db:
-    image: postgres:16-alpine
+    build:
+      context: aiven_postgres
+      dockerfile: Dockerfile
+    volumes:
+      - ./.data/main-db:/var/lib/postgresql/data
     ports:
       - 5454:5432
-    volumes:
-      - ./.postgres-data:/var/lib/postgresql/data
     environment:
       - POSTGRES_PASSWORD=speckle
       - POSTGRES_USER=speckle
-      - POSTGRES_DB=speckle_main
+      - POSTGRES_DB=speckle
+    extra_hosts:
+      - host.docker.internal:host-gateway
+
+  region-1-db:
+    build:
+      context: aiven_postgres
+      dockerfile: Dockerfile
+    volumes:
+      - ./.data/region-1-db:/var/lib/postgresql/data
+    ports:
+      - 5455:5432
+    environment:
+      - POSTGRES_PASSWORD=speckle
+      - POSTGRES_USER=speckle
+      - POSTGRES_DB=speckle
+    depends_on:
+      - main-db
+
+    extra_hosts:
+      - host.docker.internal:host-gateway
+
+  region-2-db:
+    build:
+      context: aiven_postgres
+      dockerfile: Dockerfile
+    volumes:
+      - ./.data/region-2-db:/var/lib/postgresql/data
+    ports:
+      - 5456:5432
+    environment:
+      - POSTGRES_PASSWORD=speckle
+      - POSTGRES_USER=speckle
+      - POSTGRES_DB=speckle
+    depends_on:
+      - main-db
+
+    extra_hosts:
+      - host.docker.internal:host-gateway

knexfile.ts

@@ -1,8 +1,26 @@
-export default {
+import { Knex } from 'knex'
+import fs from 'fs'
+import path from 'path'
+
+console.log(`foobar ${process.env.POSTGRES_CA_CERT_PATH}`)
+
+const config: Knex.Config = {
   client: 'pg',
-  connection: process.env.POSTGRES_URL,
+  connection: {
+    connectionString: process.env.POSTGRES_URL,
+    ssl: process.env.POSTGRES_CA_CERT_PATH
+      ? {
+          ca: fs.readFileSync(
+            path.resolve(__dirname, process.env.POSTGRES_CA_CERT_PATH)
+          ),
+          rejectUnauthorized: true
+        }
+      : undefined
+  },
   migrations: {
     directory: 'src/migrations',
     extension: 'ts'
   }
 }
+
+export default config

package.json

@@ -4,7 +4,7 @@
   "description": "",
   "main": "src/app.ts",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1",
+    "test": "vitest",
     "lint": "ts-standard",
     "tsx": "tsx",
     "lint:fix": "ts-standard --fix",
@@ -26,10 +26,14 @@
     "ts-node": "^10.9.2",
     "ts-standard": "^12.0.2",
     "tsx": "^4.7.0",
-    "typescript": "^5.3.3"
+    "typescript": "^5.3.3",
+    "vitest": "^1.2.2"
   },
   "dependencies": {
     "@apollo/server": "^4.10.0",
+    "awilix": "^11.0.0",
+    "crypto-random-string": "^3.0.0",
+    "dataloader": "^2.2.2",
     "dotenv": "^16.4.1",
     "graphql": "^16.8.1",
     "graphql-scalars": "^1.22.4",

parse_cert.py

@@ -0,0 +1,8 @@
+from pathlib import Path
+import json
+
+cert = Path("./ca-cert").read_text()
+
+cert_json = json.dumps({"cert": cert})
+
+Path("./ca-cert.json").write_text(cert_json)

src/app.ts

@@ -3,7 +3,7 @@ import { resolvers } from './resolvers'
 import { startStandaloneServer } from '@apollo/server/standalone'
 import { readFileSync } from 'fs'
 import { typeDefs as scalarTypeDefs } from 'graphql-scalars'
-import { knex } from './db'
+import { migrateAll } from './services/databaseManagement'
 
 const typeDefs = readFileSync('src/schema.graphql', { encoding: 'utf-8' })
 
@@ -19,18 +19,7 @@ const startServer = async (): Promise<void> => {
     listen: { port: 4000 }
   })
 
-  const plannedMigrations: Array<{ file: string }> = (
+  await migrateAll()
-    await knex.migrate.list()
-  )[1]
-  if (plannedMigrations.length > 0) {
-    console.log(
-      `🕰️  planning migrations: ${plannedMigrations
-        .map((m) => m.file)
-        .join(',')}`
-    )
-  }
-
-  await knex.migrate.latest()
 
   console.log(`🚀 Server ready at: ${url}`)
 }

src/config.ts

@@ -2,8 +2,7 @@ import 'dotenv/config'
 import { parseEnv } from 'znv'
 import { z } from 'zod'
 
-export const { POSTGRES_URL } = parseEnv(process.env, {
+export const { POSTGRES_URL, POSTGRES_CA_CERT_PATH } = parseEnv(process.env, {
-  POSTGRES_URL: z.string().min(1)
+  POSTGRES_URL: z.string().min(1),
+  POSTGRES_CA_CERT_PATH: z.string().min(1).nullish()
 })
-
-console.log([POSTGRES_URL].join(', '))

src/iocContainer.ts

@@ -0,0 +1,19 @@
+import awilix from 'awilix'
+import { saveResourceAclFactory, saveUserFactory } from './repositories'
+import { Knex } from 'knex'
+import { getMainDbClient } from './services/databaseManagement'
+
+export const container = awilix.createContainer({
+  strict: true,
+  injectionMode: awilix.InjectionMode.PROXY
+})
+
+container.register({
+  db: awilix.asFunction(getMainDbClient).singleton(),
+  saveResource: awilix
+    .asFunction((regionDb: Knex) => saveUserFactory({ db: regionDb }))
+    .scoped(),
+  saveResourceAcl: awilix.asFunction(saveResourceAclFactory).scoped()
+})
+
+container.resolve('saveResource')

src/migrations/20240205145527_organizations.ts

@@ -0,0 +1,14 @@
+import type { Knex } from 'knex'
+
+const tableName = 'organizations'
+
+export async function up (knex: Knex): Promise<void> {
+  return await knex.schema.createTable(tableName, (table) => {
+    table.text('id').primary()
+    table.text('name')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  return await knex.schema.dropTable(tableName)
+}

src/migrations/20240205150932_regions.ts

@@ -0,0 +1,49 @@
+import type { Knex } from 'knex'
+
+const regionsTableName = 'regions'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.createTable(regionsTableName, (table) => {
+    table.text('id').primary()
+    table.text('connectionString')
+  })
+  await knex.schema.createTable('organizations_regions', (table) => {
+    table
+      .text('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .notNullable()
+      .onDelete('cascade')
+    table
+      .text('regionId')
+      .references('id')
+      .inTable('regions')
+      .notNullable()
+      .onDelete('cascade')
+  })
+  await knex.schema.createTable('resource_organization_region', (table) => {
+    table
+      .text('resourceId')
+      .references('id')
+      .inTable('resources')
+      .notNullable()
+      .onDelete('cascade')
+    table
+      .text('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .notNullable()
+      .onDelete('cascade')
+    table
+      .text('regionId')
+      .references('id')
+      .inTable('regions')
+      .notNullable()
+      .onDelete('cascade')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.dropTable(regionsTableName)
+  await knex.schema.dropTable('organizations_regions')
+}

src/migrations/20240206210140_region_name.ts

@@ -0,0 +1,15 @@
+import type { Knex } from 'knex'
+
+const regionsTableName = 'regions'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.text('name').notNullable().defaultTo('region')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.dropColumn('name')
+  })
+}

src/migrations/20240206213031_region_maintenance_db.ts

@@ -0,0 +1,15 @@
+import type { Knex } from 'knex'
+
+const regionsTableName = 'regions'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.text('maintenanceDb').notNullable().defaultTo('region')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.dropColumn('maintenanceDb')
+  })
+}

src/migrations/20240207203256_organization_acl.ts

@@ -0,0 +1,22 @@
+import type { Knex } from 'knex'
+
+const tableName = 'organization_acl'
+
+export async function up (knex: Knex): Promise<void> {
+  return await knex.schema.createTable(tableName, (table) => {
+    table
+      .string('userId')
+      .references('id')
+      .inTable('users')
+      .onDelete('cascade')
+    table
+      .string('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .onDelete('cascade')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  return await knex.schema.dropTable(tableName)
+}

src/migrations/20240207212311_organization_resource_acl.ts

@@ -0,0 +1,22 @@
+import type { Knex } from 'knex'
+
+const tableName = 'organization_resource_acl'
+
+export async function up (knex: Knex): Promise<void> {
+  return await knex.schema.createTable(tableName, (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+    table
+      .string('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .onDelete('cascade')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  return await knex.schema.dropTable(tableName)
+}

src/migrations/20240207214054_resource_region.ts

@@ -0,0 +1,28 @@
+import type { Knex } from 'knex'
+
+const tableName = 'resource_region_organization'
+
+export async function up (knex: Knex): Promise<void> {
+  return await knex.schema.createTable(tableName, (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+      .primary()
+    table
+      .string('regionId')
+      .references('id')
+      .inTable('regions')
+      .onDelete('cascade')
+    table
+      .string('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .onDelete('cascade')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  return await knex.schema.dropTable(tableName)
+}

src/migrations/20240213175105_region_pruning.ts

@@ -0,0 +1,15 @@
+import type { Knex } from 'knex'
+
+const regionsTableName = 'regions'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.dropColumn('maintenanceDb')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.text('maintenanceDb').notNullable().defaultTo('region')
+  })
+}

src/migrations/20240213214212_split_resource_region_org.ts

@@ -0,0 +1,56 @@
+import type { Knex } from 'knex'
+
+const tableName = 'resource_region_organization'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.dropTable(tableName)
+  await knex.schema.createTable('resource_region', (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+      .primary()
+    table
+      .string('regionId')
+      .references('id')
+      .inTable('regions')
+      .onDelete('cascade')
+  })
+  await knex.schema.createTable('resource_organization', (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+      .primary()
+    table
+      .string('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .onDelete('cascade')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.dropTable('resource_organization')
+  await knex.schema.dropTable('resource_region')
+  await knex.schema.createTable(tableName, (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+      .primary()
+    table
+      .string('regionId')
+      .references('id')
+      .inTable('regions')
+      .onDelete('cascade')
+    table
+      .string('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .onDelete('cascade')
+  })
+}

src/migrations/20240214151340_region_ssl_cert.ts

@@ -0,0 +1,13 @@
+import type { Knex } from 'knex'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.text('sslCaCert').nullable()
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.dropColumn('sslCaCert')
+  })
+}

src/migrations/20240220152312_region_name_unique.ts

@@ -0,0 +1,13 @@
+import type { Knex } from 'knex'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.unique('name')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.dropUnique(['name'])
+  })
+}

src/repositories.ts

@@ -1,76 +1,262 @@
-import { knex } from "./db";
+import { Knex } from 'knex'
-import { UserRecord, Resource, ResourceAcl, Comment } from "./types";
+import {
+  UserRecord,
+  Resource,
+  ResourceAcl,
+  Comment,
+  Region,
+  OrganizationsRegions,
+  Organization,
+  OrganizationAcl,
+  OrganizationResourceAcl,
+  ResourceRegion
+} from './types'
 
-const Users = () => knex<UserRecord>("users");
+export const saveResourceFactory =
-const Resources = () => knex<Resource>("resources");
+  ({ db }: { db: Knex }) =>
-const ResourceAclRepo = () => knex<ResourceAcl>("resource_acl");
+    async (resource: Resource): Promise<void> => {
-const Comments = () => knex<Comment>("comments");
+      await db<Resource>('resources').insert(resource)
+    }
 
-export const queryUser = async (userId: string): Promise<UserRecord | null> => {
+export const findResourceFactory =
-  return (await Users().where("id", "=", userId).first()) ?? null;
+  ({ db }: { db: Knex }) =>
-};
+    async (resourceId: string): Promise<Resource | null> => {
+      return (
+        (await db<Resource>('resources').where({ id: resourceId }).first()) ??
+      null
+      )
+    }
 
-export const queryResource = async (
+export const saveCommentFactory =
-  resourceId: string,
+  ({ db }: { db: Knex }) =>
-): Promise<Resource | null> => {
+    async (comment: Comment): Promise<void> => {
-  return (await Resources().where("id", "=", resourceId).first()) ?? null;
+      await db<Comment>('comments').insert(comment)
-};
+    }
 
-export const queryResourceAcl = async ({
+export const countCommentsFactory =
-  resourceId,
+  ({ db }: { db: Knex }) =>
-  userId,
+    async (resourceId: string): Promise<number> => {
-}: {
+      const [rawCount] = await db<Comment>('comments')
-  resourceId: string;
+        .count()
-  userId: string;
+        .where({ resourceId })
-}): Promise<ResourceAcl | null> => {
+      return parseInt(rawCount.count as string)
-  return (
+    }
-    (await ResourceAclRepo()
-      .where("userId", "=", userId)
-      .andWhere("resourceId", "=", resourceId)
-      .first()) ?? null
-  );
-};
 
-export const countResources = async (userId: string): Promise<number> => {
+export const findUserFactory =
-  const [rawCount] = await ResourceAclRepo().count().where({ userId });
+  ({ db }: { db: Knex }) =>
-  return parseInt(rawCount.count as string);
+    async (userId: string): Promise<UserRecord | null> => {
-};
+      return (
+        (await db<UserRecord>('users').where('id', '=', userId).first()) ?? null
+      )
+    }
 
-export const queryResources = async ({
+export const queryUsersFactoy =
-  userId,
+  ({ db }: { db: Knex }) =>
-  limit,
+    async (): Promise<UserRecord[]> => {
-  cursor,
+      return await db<UserRecord>('users').select()
-}: {
+    }
-  userId: string;
-  limit: number;
-  cursor: string | null;
-}) => {
-  const query = Resources()
-    .join("resource_acl", "resources.id", "resource_acl.resourceId")
-    .where({ userId });
-  if (cursor) {
-    query.andWhere("createdAt", "<", cursor);
-  }
-  return await query.limit(limit);
-};
 
-export const countComments = async (resourceId: string): Promise<number> => {
+export const saveUserFactory =
-  const [rawCount] = await Comments().count().where({ resourceId });
+  ({ db }: { db: Knex }) =>
-  return parseInt(rawCount.count as string);
+    async (user: UserRecord): Promise<void> => {
-};
+      await db<UserRecord>('users').insert(user)
+    }
 
-export const queryComments = async ({
+export const getUsersResourceAclFactory =
-  resourceId,
+  ({ db }: { db: Knex }) =>
-  limit,
+    async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
-  cursor,
+      return (
-}: {
+        (await db<ResourceAcl>('resource_acl')
-  resourceId: string;
+          .where({ userId, resourceId })
-  limit: number;
+          .first()) ?? null
-  cursor: string | null;
+      )
-}): Promise<Comment[]> => {
+    }
-  const query = Comments().where({ resourceId });
+
-  if (cursor) {
+export const saveResourceAclFactory =
-    query.andWhere("createdAt", "<", cursor);
+  ({ db }: { db: Knex }) =>
-  }
+    async (resourceAcl: ResourceAcl): Promise<void> => {
-  return await query.limit(limit);
+      await db<ResourceAcl>('resource_acl').insert(resourceAcl)
-};
+    }
+
+export const countUsersResourcesFactory =
+  ({ db }: { db: Knex }) =>
+    async (userId: string): Promise<number> => {
+      const [rawCount] = await db<ResourceAcl>('resource_acl')
+        .count()
+        .where({ userId })
+      return parseInt(rawCount.count as string)
+    }
+
+export const findUsersResourceFactory =
+  ({ db }: { db: Knex }) =>
+    async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
+      return (
+        (await db<ResourceAcl>('resource_acl')
+          .where({ userId, resourceId })
+          .first()) ?? null
+      )
+    }
+
+export const queryResourcesFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      userId,
+      limit,
+      cursor
+    }: {
+      userId: string
+      limit: number
+      cursor: string | null
+    }): Promise<Resource[]> => {
+      let query = db<Resource & ResourceAcl>('resources')
+        .join('resource_acl', 'resources.id', 'resource_acl.resourceId')
+        .where({ userId })
+      if (cursor !== null) {
+        query = query.andWhere('createdAt', '<', cursor)
+      }
+      const items = await query.orderBy('createdAt', 'desc').limit(limit)
+      return items
+    }
+
+export const countResourceCommentsFactory =
+  ({ db }: { db: Knex }) =>
+    async (resourceId: string): Promise<number> => {
+      const [rawCount] = await db<Comment>('comments')
+        .count()
+        .where({ resourceId })
+      return parseInt(rawCount.count as string)
+    }
+
+export const queryCommentsFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      resourceId,
+      limit,
+      cursor
+    }: {
+      resourceId: string
+      limit: number
+      cursor: string | null
+    }): Promise<Comment[]> => {
+      let query = db<Comment>('comments').where({ resourceId })
+      if (cursor !== null) {
+        query = query.andWhere('createdAt', '<', cursor)
+      }
+      return await query.orderBy('createdAt', 'desc').limit(limit)
+    }
+
+export const queryRegionsFactory =
+  ({ db }: { db: Knex }) =>
+    async (
+      params:
+      | {
+        connectionString?: string | undefined
+      }
+      | undefined = undefined
+    ): Promise<Region[]> => {
+      let query = db<Region>('regions')
+      if (params?.connectionString !== undefined) query = query.where(params)
+      return await query.select()
+    }
+
+export const findRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async (id: string): Promise<Region | null> => {
+      return (await db<Region>('regions').where({ id }).first()) ?? null
+    }
+
+export const queryOrganizationsRegionsFactory =
+  ({ db }: { db: Knex }) =>
+    async (): Promise<OrganizationsRegions[]> => {
+      return await db<OrganizationsRegions>('organizations_regions').select()
+    }
+
+export const findOrganizationRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      regionId,
+      organizationId
+    }: OrganizationsRegions): Promise<OrganizationsRegions | null> => {
+      return (
+        (await db<OrganizationsRegions>('organizations_regions')
+          .where({ regionId, organizationId })
+          .first()) ?? null
+      )
+    }
+
+export const saveRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async (region: Region): Promise<void> => {
+      await db<Region>('regions').insert(region)
+    }
+
+export const saveOrganizationFactory =
+  ({ db }: { db: Knex }) =>
+    async (organization: Organization): Promise<void> => {
+      await db<Organization>('organizations').insert(organization)
+    }
+
+export const findOrganizationFactory =
+  ({ db }: { db: Knex }) =>
+    async (id: string): Promise<Organization | null> => {
+      return (
+        (await db<Organization>('organizations').where({ id }).first()) ?? null
+      )
+    }
+
+export const queryOrganizationsFactory =
+  ({ db }: { db: Knex }) =>
+    async (): Promise<Organization[]> => {
+      return await db<Organization>('organizations').select()
+    }
+
+export const saveOrganizationRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async (or: OrganizationsRegions): Promise<void> => {
+      return await db<OrganizationsRegions>('organizations_regions').insert(or)
+    }
+
+export const saveOrganizationAclFactory =
+  ({ db }: { db: Knex }) =>
+    async (orgAcl: OrganizationAcl): Promise<void> => {
+      await db<OrganizationsRegions>('organization_acl').insert(orgAcl)
+    }
+
+export const findOrganizationAclFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      userId,
+      organizationId
+    }: OrganizationAcl): Promise<OrganizationAcl | null> => {
+      return (
+        (await db<OrganizationAcl>('organization_acl')
+          .where({ userId, organizationId })
+          .first()) ?? null
+      )
+    }
+
+export const saveOrganizationResourceAclFactory =
+  ({ db }: { db: Knex }) =>
+    async (item: OrganizationResourceAcl): Promise<void> => {
+      await db<OrganizationResourceAcl>('organization_resource_acl').insert(item)
+    }
+
+export const findResourceRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      resourceId
+    }: {
+      resourceId: string
+    }): Promise<ResourceRegion | null> => {
+      return (
+        (await db<ResourceRegion>('resource_region')
+          .where({ resourceId })
+          .first()) ?? null
+      )
+    }
+
+export const saveResourceRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async (item: ResourceRegion): Promise<void> => {
+      await db<ResourceRegion>('resource_region').insert(item)
+    }

src/resolvers.ts

@@ -1,63 +1,209 @@
-import { queryResourceAcl } from "./repositories";
+import { getCommentsFactory } from './services/comments'
-import { getUser, getResource, getComments, getResources } from "./services";
+import awilix from 'awilix'
-import { GraphQLError } from "graphql";
+import {
+  createResourceFactory,
+  getResourcesFactory
+} from './services/resources'
+import { GraphQLError } from 'graphql'
 import {
   Resource,
-  ResourceCollection,
   UserRecord,
   CommentCollection,
   PaginationArgs,
-} from "./types";
+  ResourceCreateArgs,
+  OrganizationsRegions,
+  OrganizationAcl,
+  CommentCreateArgs,
+  UserCreateArgs
+} from './types'
+import {
+  createOrganization,
+  registerRegion,
+  getResourceDb,
+  getMainDbClient,
+  getRegionDb
+} from './services/databaseManagement'
+import { authorizeUserOrgRegionFactory } from './services/authz'
+import cryptoRandomString from 'crypto-random-string'
+import {
+  countCommentsFactory,
+  countUsersResourcesFactory,
+  findOrganizationAclFactory,
+  findOrganizationRegionFactory,
+  findResourceFactory,
+  findUserFactory,
+  getUsersResourceAclFactory,
+  queryCommentsFactory,
+  queryOrganizationsFactory,
+  queryRegionsFactory,
+  queryResourcesFactory,
+  queryUsersFactoy,
+  saveCommentFactory,
+  saveOrganizationAclFactory,
+  saveOrganizationRegionFactory,
+  saveOrganizationResourceAclFactory,
+  saveResourceAclFactory,
+  saveResourceRegionFactory,
+  saveUserFactory
+} from './repositories'
+import { container } from './iocContainer'
 
+const db = getMainDbClient()
 // Resolvers define how to fetch the types defined in your schema.
 // This resolver retrieves books from the "books" array above.
 export const resolvers = {
   Query: {
-    async user(_: unknown, args: { id: string }) {
+    async users () {
-      return await getUser(args.id);
+      return await queryUsersFactoy({ db })()
     },
-    async resource(
+    async user (_: unknown, args: { id: string }) {
+      return await findUserFactory({ db })(args.id)
+    },
+    async resource (
       _: unknown,
-      args: { id: string; userId: string },
+      args: { id: string, userId: string }
     ): Promise<Resource> {
-      const maybeAcl = await queryResourceAcl({
+      const maybeAcl = await getUsersResourceAclFactory({ db })({
         userId: args.userId,
-        resourceId: args.id,
+        resourceId: args.id
-      });
+      })
       if (maybeAcl == null) {
         throw new GraphQLError(
           "The user doesn't have access to the given resource",
           {
             extensions: {
-              code: "FORBIDDEN",
+              code: 'FORBIDDEN'
-            },
+            }
-          },
+          }
-        );
+        )
       }
-      const maybeResource = await getResource(args.id);
+      const resourceDb = await getResourceDb(args.id)
+      const maybeResource = await findResourceFactory({ db: resourceDb })(
+        args.id
+      )
       if (maybeResource == null) {
-        throw new GraphQLError("Resource not found", {
+        throw new GraphQLError('Resource not found', {
-          extensions: { code: "RESOURCE_NOT_FOUND" },
+          extensions: { code: 'RESOURCE_NOT_FOUND' }
-        });
+        })
       }
-      return maybeResource;
+      return maybeResource
     },
+    async organizations () {
+      return await queryOrganizationsFactory({ db })()
+    },
+    async regions () {
+      return await queryRegionsFactory({ db })()
+    }
   },
   User: {
-    async resources(parent: UserRecord, args: PaginationArgs) {
+    async resources (parent: UserRecord, args: PaginationArgs) {
-      return await getResources({ userId: parent.id, ...args });
+      return await getResourcesFactory(
-    },
+        countUsersResourcesFactory({ db }),
+        queryResourcesFactory({ db })
+      )({ userId: parent.id, ...args })
+    }
   },
   Resource: {
-    async comments(
+    async comments (
       parent: Resource,
-      { limit, cursor }: PaginationArgs,
+      { limit, cursor }: PaginationArgs
     ): Promise<CommentCollection> {
-      return await getComments({
+      const resourceDb = await getResourceDb(parent.id)
+      return await getCommentsFactory(
+        countCommentsFactory({ db: resourceDb }),
+        queryCommentsFactory({ db: resourceDb })
+      )({
         resourceId: parent.id,
         limit,
-        cursor,
+        cursor
-      });
+      })
-    },
+    }
   },
-};
+  Mutation: {
+    async createUser (
+      _: unknown,
+      { input: { name } }: { input: UserCreateArgs }
+    ) {
+      const id = cryptoRandomString({ length: 10 })
+      await saveUserFactory({ db })({ id, name })
+      return id
+    },
+    async registerRegion (
+      _: unknown,
+      args: {
+        name: string
+        connectionString: string
+        sslCaCert: string | null
+      }
+    ) {
+      return await registerRegion(args)
+    },
+    async createOrganization (_: unknown, args: { name: string }) {
+      return await createOrganization(args.name)
+    },
+    async addRegionToOrganization (_: unknown, args: OrganizationsRegions) {
+      await saveOrganizationRegionFactory({ db })(args)
+    },
+    async addUserToOrganization (
+      _: unknown,
+      { input: args }: { input: OrganizationAcl }
+    ) {
+      await saveOrganizationAclFactory({ db })(args)
+    },
+    async createResource (
+      _: unknown,
+      { input: args }: { input: ResourceCreateArgs }
+    ) {
+      await authorizeUserOrgRegionFactory(
+        findOrganizationAclFactory({ db }),
+        findOrganizationRegionFactory({ db })
+      )(args)
+
+      const resourceDb =
+        args.regionId !== null
+          ? await getRegionDb({ regionId: args.regionId })
+          : db
+
+      const requestContainer = container.createScope()
+      requestContainer.register({ resourceDb: awilix.asValue(resourceDb) })
+
+      const saveResource = requestContainer.resolve('saveResource')
+
+      const resourceId = await createResourceFactory({
+        saveResource,
+        saveResourceAcl: saveResourceAclFactory({ db })
+      })(args)
+
+      if (args.organizationId !== null) {
+        await saveOrganizationResourceAclFactory({ db })({
+          organizationId: args.organizationId,
+          resourceId
+        })
+        if (args.regionId !== null) {
+          await saveResourceRegionFactory({ db })({
+            resourceId,
+            // i know its not null here, the authz function ensures it
+            regionId: args.regionId
+          })
+        }
+      }
+      return resourceId
+    },
+    async addComment (
+      _: unknown,
+      { input: args }: { input: CommentCreateArgs }
+    ) {
+      const resourceAcl = await getUsersResourceAclFactory({ db })(args)
+      if (resourceAcl == null) {
+        throw new Error("The user doesn't have access to the given resource")
+      }
+      // 2. get resource db client
+      const resourceDb = await getResourceDb(args.resourceId)
+      // 3. save comment to db
+      const id = cryptoRandomString({ length: 10 })
+      const createdAt = new Date()
+      await saveCommentFactory({ db: resourceDb })({ id, createdAt, ...args })
+      return id
+    }
+  }
+}

src/schema.graphql

@@ -30,8 +30,58 @@ type User {
   resources(limit: Int! = 10, cursor: String = null): ResourceCollection!
 }
 
+type Organization {
+  id: String!
+  name: String!
+}
+
+type Region {
+  id: String!
+  name: String!
+}
+
 type Query {
   user(id: String!): User
+  users: [User!]
 
   resource(id: String!, userId: String!): Resource
+
+  organizations: [Organization!]
+  regions: [Region!]
+}
+
+input ResourceCreateInput {
+  userId: String!
+  name: String!
+  organizationId: String = null
+  regionId: String = null
+}
+
+input OrganizationAcl {
+  userId: String!
+  organizationId: String!
+}
+
+input CommentInput {
+  userId: String!
+  content: String!
+  resourceId: String!
+}
+
+input UserCreateArgs {
+  name: String!
+}
+
+type Mutation {
+  createUser(input: UserCreateArgs!): String!
+  registerRegion(
+    name: String!
+    connectionString: String!
+    sslCaCert: String
+  ): String!
+  createOrganization(name: String!): String!
+  addRegionToOrganization(organizationId: String!, regionId: String!): Boolean
+  addUserToOrganization(input: OrganizationAcl!): Boolean
+  createResource(input: ResourceCreateInput!): String!
+  addComment(input: CommentInput!): String!
 }

src/services.ts

@@ -1,61 +0,0 @@
-import {
-  queryUser,
-  queryResource,
-  countComments,
-  queryComments,
-  countResources,
-  queryResources,
-} from "./repositories";
-import {
-  UserRecord,
-  Resource,
-  CommentCollection,
-  PaginationArgs,
-  ResourceCollection,
-} from "./types";
-
-export const getUser = async (id: string): Promise<UserRecord | null> => {
-  return await queryUser(id);
-};
-
-export const getResource = async (id: string): Promise<Resource | null> => {
-  return await queryResource(id);
-};
-
-interface GetResourcesArgs extends PaginationArgs {
-  userId: string;
-}
-export const getResources = async (
-  params: GetResourcesArgs,
-): Promise<ResourceCollection> => {
-  const totalCount = await countResources(params.userId);
-  const items = await queryResources(params);
-  let cursor = null;
-  if (items.length > 0) {
-    cursor = items.slice(-1)[0].createdAt.toISOString();
-  }
-  return {
-    totalCount,
-    items,
-    cursor,
-  };
-};
-
-export const getComments = async (params: {
-  resourceId: string;
-  limit: number;
-  cursor: string | null;
-}): Promise<CommentCollection> => {
-  // yes, i should be doing base64 de and encoding with the cursor...
-  const totalCount = await countComments(params.resourceId);
-  const items = await queryComments(params);
-  let cursor = null;
-  if (items.length > 0) {
-    cursor = items.slice(-1)[0].createdAt.toISOString();
-  }
-  return {
-    totalCount,
-    items,
-    cursor,
-  };
-};

src/services/authz.ts

@@ -0,0 +1,29 @@
+import {
+  OrganizationAcl,
+  OrganizationsRegions,
+  UserOrgRegionArgs
+} from '../types'
+
+export const authorizeUserOrgRegionFactory =
+  (
+    orgAclGetter: (params: OrganizationAcl) => Promise<OrganizationAcl | null>,
+    orgRegionGetter: (
+      params: OrganizationsRegions,
+    ) => Promise<OrganizationsRegions | null>
+  ) =>
+    async ({ userId, regionId, organizationId }: UserOrgRegionArgs) => {
+      if (!organizationId && regionId) {
+        throw new Error("public org doesn't support regions")
+      }
+      if (organizationId) {
+        if (!regionId) throw new Error('organizations can only write to regions')
+        const orgAcl = await orgAclGetter({ organizationId, userId })
+        if (orgAcl == null) {
+          throw new Error("user doesn't have access to this organization")
+        }
+        const orgRegion = await orgRegionGetter({ organizationId, regionId })
+        if (orgRegion == null) {
+          throw new Error('organization doesnt have access to this region')
+        }
+      }
+    }

src/services/comments.ts

@@ -0,0 +1,25 @@
+import { CommentCollection, PaginationArgs, Comment } from '../types'
+
+interface GetCommentsArgs extends PaginationArgs {
+  resourceId: string
+}
+
+export const getCommentsFactory =
+  (
+    countComments: (resourceId: string) => Promise<number>,
+    queryComments: (params: GetCommentsArgs) => Promise<Comment[]>
+  ) =>
+    async (params: GetCommentsArgs): Promise<CommentCollection> => {
+    // yes, i should be doing base64 de and encoding with the cursor...
+      const totalCount = await countComments(params.resourceId)
+      const items = await queryComments(params)
+      let cursor = null
+      if (items.length > 0) {
+        cursor = items.slice(-1)[0].createdAt.toISOString()
+      }
+      return {
+        totalCount,
+        items,
+        cursor
+      }
+    }

src/services/databaseManagement.ts

@@ -0,0 +1,222 @@
+import { POSTGRES_URL } from '../config'
+import knex, { Knex } from 'knex'
+import cryptoRandomString from 'crypto-random-string'
+import {
+  findRegionFactory,
+  findResourceRegionFactory,
+  queryRegionsFactory,
+  saveOrganizationFactory,
+  saveRegionFactory
+} from '../repositories'
+
+const migrateToLatest = async (db: Knex): Promise<void> => {
+  const plannedMigrations: Array<{ file: string }> = (
+    await db.migrate.list()
+  )[1]
+  if (plannedMigrations.length > 0) {
+    console.log(
+      `🕰️  planning migrations: ${plannedMigrations
+        .map((m) => m.file)
+        .join(',')}`
+    )
+  } else {
+    console.log('no migrations are planned')
+  }
+  // TODO: make sure if a migration fails, all migrations are rolled back
+  await db.migrate.latest()
+}
+
+export const migrateAll = async (): Promise<void> => {
+  await migrateToLatest(db)
+  const dbClients = await getAllDbClients()
+
+  await Promise.all([
+    ...dbClients.map(async (db) => await migrateToLatest(db))
+  ])
+}
+
+const createDatabaseConfig = (
+  connectionString: string,
+  sslCaCert: string | null
+): Knex.Config => {
+  const config: Knex.Config = {
+    client: 'pg',
+    connection: {
+      connectionString,
+      ssl: sslCaCert
+        ? {
+            ca: sslCaCert,
+            rejectUnauthorized: true
+          }
+        : undefined
+    },
+    migrations: {
+      directory: 'src/migrations',
+      extension: 'ts'
+    }
+  }
+  return config
+}
+
+const db = knex(createDatabaseConfig(POSTGRES_URL, null))
+
+const dbClientStore: Map<string, Knex> = new Map()
+
+const findRegion = findRegionFactory({ db })
+
+export const getRegionDb = async ({
+  regionId
+}: {
+  regionId: string | undefined
+}): Promise<Knex> => {
+  if (!regionId) return db
+  const maybeClient = dbClientStore.get(regionId)
+  if (maybeClient != null) return maybeClient
+  const maybeRegion = await findRegion(regionId)
+  if (maybeRegion == null) throw Error(`region ${regionId} not found`)
+  const client = knex(
+    createDatabaseConfig(maybeRegion.connectionString, maybeRegion.sslCaCert)
+  )
+  dbClientStore.set(regionId, client)
+  return client
+}
+
+export const getMainDbClient = (): Knex => db
+
+const queryRegions = queryRegionsFactory({ db })
+const saveRegion = saveRegionFactory({ db })
+
+export const registerRegion = async ({
+  name,
+  connectionString,
+  sslCaCert
+}: {
+  name: string
+  connectionString: string
+  sslCaCert: string | null
+}): Promise<string> => {
+  const regions = await queryRegions({ connectionString })
+  if (regions.length > 0) throw new Error('This region is already registered')
+  const id = cryptoRandomString({ length: 10 })
+  const newDb = knex(createDatabaseConfig(connectionString, sslCaCert))
+  await migrateToLatest(newDb)
+  dbClientStore.set(id, newDb)
+
+  const sslmode = sslCaCert ? 'require' : 'disable'
+  await setUpUserReplication({
+    from: db,
+    to: newDb,
+    regionName: name,
+    sslmode
+  })
+  await setUpResourceReplication({
+    from: newDb,
+    to: db,
+    regionName: name,
+    sslmode
+  })
+
+  await saveRegion({
+    id,
+    name,
+    connectionString,
+    sslCaCert
+  })
+  return id
+}
+
+const saveOrganization = saveOrganizationFactory({ db })
+
+export const createOrganization = async (name: string): Promise<string> => {
+  const id = cryptoRandomString({ length: 10 })
+  await saveOrganization({ id, name })
+  return id
+}
+
+interface ReplicationArgs {
+  from: Knex
+  to: Knex
+  sslmode: string
+  regionName: string
+}
+
+const setUpUserReplication = async ({
+  from,
+  to,
+  sslmode,
+  regionName
+}: ReplicationArgs): Promise<void> => {
+  // TODO: ensure its created...
+  try {
+    await from.raw('CREATE PUBLICATION userspub FOR TABLE users;')
+  } catch (err) {
+    if (!(err instanceof Error)) throw err
+    if (!err.message.includes('already exists')) throw err
+  }
+
+  const fromUrl = new URL(from.client.config.connection.connectionString)
+  const fromDbName = fromUrl.pathname.replace('/', '')
+  const subName = `userssub_${regionName}`
+  const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
+    '${subName}',
+    'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
+    'userspub', 
+    '${subName}',
+    TRUE,
+    TRUE
+  );`
+  try {
+    await to.raw(rawSqeel)
+  } catch (err) {
+    if (!(err instanceof Error)) throw err
+    if (!err.message.includes('already exists')) throw err
+  }
+}
+
+const setUpResourceReplication = async ({
+  from,
+  to,
+  regionName,
+  sslmode
+}: ReplicationArgs): Promise<void> => {
+  // TODO: ensure its created...
+  try {
+    await from.raw('CREATE PUBLICATION resourcepub FOR TABLE resources;')
+  } catch (err) {
+    if (!(err instanceof Error)) throw err
+    if (!err.message.includes('already exists')) throw err
+  }
+
+  const fromUrl = new URL(from.client.config.connection.connectionString)
+  const fromDbName = fromUrl.pathname.replace('/', '')
+  const subName = `resourcesub_${regionName}`
+  const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
+    '${subName}',
+    'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
+    'resourcepub', 
+    '${subName}',
+    TRUE,
+    TRUE
+  );`
+  try {
+    await to.raw(rawSqeel)
+  } catch (err) {
+    if (!(err instanceof Error)) throw err
+    if (!err.message.includes('already exists')) throw err
+  }
+}
+
+export const getAllDbClients = async (): Promise<Knex[]> => {
+  const regions = await queryRegions({})
+  const regionClients = await Promise.all(
+    regions.map(async (region) => await getRegionDb({ regionId: region.id }))
+  )
+  return [db, ...regionClients]
+}
+
+const findResourceRegion = findResourceRegionFactory({ db })
+
+export const getResourceDb = async (resourceId: string): Promise<Knex> => {
+  const resourceRegion = await findResourceRegion({ resourceId })
+  return resourceRegion != null ? await getRegionDb(resourceRegion) : db
+}

src/services/resources.ts

@@ -0,0 +1,50 @@
+import cryptoRandomString from 'crypto-random-string'
+import {
+  Resource,
+  PaginationArgs,
+  ResourceCollection,
+  ResourceCreateArgs,
+  ResourceAcl
+} from '../types'
+
+interface GetResourcesArgs extends PaginationArgs {
+  userId: string
+}
+export const getResourcesFactory =
+  (
+    countResources: (userId: string) => Promise<number>,
+    queryResources: (params: GetResourcesArgs) => Promise<Resource[]>
+  ) =>
+    async (params: GetResourcesArgs): Promise<ResourceCollection> => {
+      const totalCount = await countResources(params.userId)
+      const items = await queryResources(params)
+      let cursor = null
+      if (items.length > 0) {
+        cursor = items.slice(-1)[0].createdAt.toISOString()
+      }
+      return {
+        totalCount,
+        items,
+        cursor
+      }
+    }
+
+export const createResourceFactory =
+  ({
+    saveResource,
+    saveResourceAcl
+  }: {
+    saveResource: (resource: Resource) => Promise<void>
+    saveResourceAcl: (resourceAcl: ResourceAcl) => Promise<void>
+  }) =>
+    async ({ userId, name }: ResourceCreateArgs): Promise<string> => {
+    // 1. if no org, create project in main region, validate that, regionId is null
+    // 2. if org, validate if user has access to the org
+    // 3. if org and region, validate if org has access to region
+    // 4. create resource
+      const id = cryptoRandomString({ length: 10 })
+      const resource = { id, name, createdAt: new Date() }
+      await saveResource(resource)
+      await saveResourceAcl({ resourceId: id, userId })
+      return id
+    }

src/types.ts

@@ -1,46 +1,99 @@
-export interface Comment {
+export interface CommentCreateArgs {
-  id: string;
+  userId: string
-  userId: string;
+  content: string
-  content: string;
+  resourceId: string
-  createdAt: Date;
+}
-  resourceId: string;
+
+export interface Comment extends CommentCreateArgs {
+  id: string
+  createdAt: Date
 }
 
 export interface PaginationArgs {
-  limit: number;
+  limit: number
-  cursor: string | null;
+  cursor: string | null
 }
 
 interface Collection<T> {
-  totalCount: number;
+  totalCount: number
-  cursor: string | null;
+  cursor: string | null
-  items: T[];
+  items: T[]
 }
 
 export interface CommentCollection extends Collection<Comment> {}
 
+export interface UserOrgRegionArgs {
+  userId: string
+  organizationId: string | null
+  regionId: string | null
+}
+
+export interface ResourceCreateArgs extends UserOrgRegionArgs {
+  name: string
+}
+
 export interface Resource {
-  id: string;
+  id: string
-  name: string;
+  name: string
-  createdAt: Date;
+  createdAt: Date
 }
 
 export interface ResourceCollection extends Collection<Resource> {}
 
-export interface UserRecord {
+export interface UserCreateArgs {
-  id: string;
+  name: string
-  name: string;
+}
+
+export interface UserRecord extends UserCreateArgs {
+  id: string
 }
 
 export interface User extends UserRecord {
   resources: {
-    cursor: string | null;
+    cursor: string | null
-    totalCount: number;
+    totalCount: number
-    items: Resource[];
+    items: Resource[]
-  };
+  }
 }
 
 export interface ResourceAcl {
-  userId: string;
+  userId: string
-  resourceId: string;
+  resourceId: string
+}
+
+export interface Region {
+  id: string
+  name: string
+  connectionString: string
+  sslCaCert: string | null
+}
+
+export interface Organization {
+  id: string
+  name: string
+}
+
+export interface OrganizationAcl {
+  userId: string
+  organizationId: string
+}
+
+export interface OrganizationsRegions {
+  organizationId: string
+  regionId: string
+}
+
+export interface OrganizationResourceAcl {
+  organizationId: string
+  resourceId: string
+}
+
+export interface ResourceRegion {
+  resourceId: string
+  regionId: string
+}
+
+export interface ResourceOrganization {
+  resourceId: string
+  organizationId: string
 }

tsconfig.json

@@ -11,7 +11,7 @@
     // "disableReferencedProjectLoad": true,             /* Reduce the number of projects loaded automatically by TypeScript. */
 
     /* Language and Environment */
-    "target": "es2016",                                  /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */
+    "target": "es2016" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */,
     // "lib": [],                                        /* Specify a set of bundled library declaration files that describe the target runtime environment. */
     // "jsx": "preserve",                                /* Specify what JSX code is generated. */
     // "experimentalDecorators": true,                   /* Enable experimental support for legacy experimental decorators. */
@@ -25,7 +25,7 @@
     // "moduleDetection": "auto",                        /* Control what method is used to detect module-format JS files. */
 
     /* Modules */
-    "module": "commonjs",                                /* Specify what module code is generated. */
+    "module": "commonjs" /* Specify what module code is generated. */,
     // "rootDir": "./",                                  /* Specify the root folder within your source files. */
     // "moduleResolution": "node10",                     /* Specify how TypeScript looks up a file from a given module specifier. */
     // "baseUrl": "./",                                  /* Specify the base directory to resolve non-relative module names. */
@@ -77,12 +77,12 @@
     // "isolatedModules": true,                          /* Ensure that each file can be safely transpiled without relying on other imports. */
     // "verbatimModuleSyntax": true,                     /* Do not transform or elide any imports or exports not marked as type-only, ensuring they are written in the output file's format based on the 'module' setting. */
     // "allowSyntheticDefaultImports": true,             /* Allow 'import x from y' when a module doesn't have a default export. */
-    "esModuleInterop": true,                             /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */
+    "esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */,
     // "preserveSymlinks": true,                         /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
-    "forceConsistentCasingInFileNames": true,            /* Ensure that casing is correct in imports. */
+    "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
 
     /* Type Checking */
-    "strict": true,                                      /* Enable all strict type-checking options. */
+    "strict": true /* Enable all strict type-checking options. */,
     // "noImplicitAny": true,                            /* Enable error reporting for expressions and declarations with an implied 'any' type. */
     // "strictNullChecks": true,                         /* When type checking, take into account 'null' and 'undefined'. */
     // "strictFunctionTypes": true,                      /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
@@ -104,6 +104,6 @@
 
     /* Completeness */
     // "skipDefaultLibCheck": true,                      /* Skip type checking .d.ts files that are included with TypeScript. */
-    "skipLibCheck": true                                 /* Skip type checking all .d.ts files. */
+    "skipLibCheck": true /* Skip type checking all .d.ts files. */,
-  }
+  },
 }

vitest.config.ts

@@ -0,0 +1,7 @@
+import { defineConfig } from 'vitest/config'
+
+export default defineConfig({
+  test: {
+    dir: 'tests'
+  }
+})