feat(ioc): awilix POC

.gitignore

@@ -4,5 +4,7 @@
 .envrc
 .swc
 node_modules
+ca-cert*
+.data/*
 
 dist

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+  "cSpell.words": ["awilix"]
+}

README.md

@@ -19,6 +19,16 @@ it is done with running the SQL command below, and restating the database server
 ALTER SYSTEM SET wal_level = logical;
 ```
 
+When registering a new region on a DigitalOcean postgres server, the default user doesn't have the required roles to set up a subscription.
+On DO we can use [aiven-extras](https://github.com/aiven/aiven-extras) to create subs without root access.
+The current branch is utilizing just that. But it needs a setup step executed on each database, that is registered as a region
+
+Run this in a `psql` shell
+
+```sql
+CREATE EXTENSION aiven_extras;
+```
+
 Note: Postgres subscriptions (which we use) in the same db server don't work that easily; easiest way to get things going is to set up multiple db servers locally.
 
 ## Project description
@@ -52,11 +62,10 @@ Organizations may be granted access to any given region. That action creates a n
 ## Steps to flex this POC
 
 Using the exposed graphql explorer, you can go ahead and
+
 - create a user
 - create an organisation
 - add the user to the organisation
 - create regions & associate them with an organisation
 - create a resource in the default organisation, or for a specific organisation & region
 - etc.
-
-  

aiven_postgres/Dockerfile

@@ -0,0 +1,25 @@
+FROM postgres:14.5-alpine as builder
+
+RUN apk add --no-cache 'git=~2.36' \
+  'build-base=~0.5' \
+  'clang=~13.0' \
+  'llvm13=~13.0'
+
+WORKDIR /
+RUN git clone --branch 1.1.9 https://github.com/aiven/aiven-extras.git aiven-extras
+
+WORKDIR /aiven-extras
+RUN git checkout 36598ab \
+  && git clean -df \
+  && make \
+  && make install
+
+FROM postgres:14.5-alpine
+
+COPY --from=builder /aiven-extras/aiven_extras.control /usr/local/share/postgresql/extension/aiven_extras.control
+COPY --from=builder /aiven-extras/sql/aiven_extras.sql /usr/local/share/postgresql/extension/aiven_extras--1.1.9.sql
+COPY --from=builder /aiven-extras/aiven_extras.so /usr/local/lib/postgresql/aiven_extras.so
+
+EXPOSE 5432
+
+CMD ["postgres"]

docker-compose.yml

@@ -1,35 +1,53 @@
-version: "3.9"
+version: '3.9'
 
 services:
-  postgres:
+  main-db:
-    image: postgres:16-alpine
+    build:
+      context: aiven_postgres
+      dockerfile: Dockerfile
+    volumes:
+      - ./.data/main-db:/var/lib/postgresql/data
     ports:
       - 5454:5432
-    volumes:
-      - ./.postgres-data:/var/lib/postgresql/data
     environment:
       - POSTGRES_PASSWORD=speckle
       - POSTGRES_USER=speckle
-      - POSTGRES_DB=speckle_main
+      - POSTGRES_DB=speckle
+    extra_hosts:
+      - host.docker.internal:host-gateway
 
-  region-1:
+  region-1-db:
-    image: postgres:16-alpine
+    build:
+      context: aiven_postgres
+      dockerfile: Dockerfile
+    volumes:
+      - ./.data/region-1-db:/var/lib/postgresql/data
     ports:
       - 5455:5432
-    volumes:
-      - ./.postgres-region-1:/var/lib/postgresql/data
     environment:
       - POSTGRES_PASSWORD=speckle
       - POSTGRES_USER=speckle
-      - POSTGRES_DB=speckle_main
+      - POSTGRES_DB=speckle
+    depends_on:
+      - main-db
 
-  region-2:
+    extra_hosts:
-    image: postgres:16-alpine
+      - host.docker.internal:host-gateway
+
+  region-2-db:
+    build:
+      context: aiven_postgres
+      dockerfile: Dockerfile
+    volumes:
+      - ./.data/region-2-db:/var/lib/postgresql/data
     ports:
       - 5456:5432
-    volumes:
-      - ./.postgres-region-2:/var/lib/postgresql/data
     environment:
       - POSTGRES_PASSWORD=speckle
       - POSTGRES_USER=speckle
-      - POSTGRES_DB=speckle_main
+      - POSTGRES_DB=speckle
+    depends_on:
+      - main-db
+
+    extra_hosts:
+      - host.docker.internal:host-gateway

knexfile.ts

@@ -1,8 +1,26 @@
-export default {
+import { Knex } from 'knex'
+import fs from 'fs'
+import path from 'path'
+
+console.log(`foobar ${process.env.POSTGRES_CA_CERT_PATH}`)
+
+const config: Knex.Config = {
   client: 'pg',
-  connection: process.env.POSTGRES_URL,
+  connection: {
+    connectionString: process.env.POSTGRES_URL,
+    ssl: process.env.POSTGRES_CA_CERT_PATH
+      ? {
+          ca: fs.readFileSync(
+            path.resolve(__dirname, process.env.POSTGRES_CA_CERT_PATH)
+          ),
+          rejectUnauthorized: true
+        }
+      : undefined
+  },
   migrations: {
     directory: 'src/migrations',
     extension: 'ts'
   }
 }
+
+export default config

package.json

@@ -31,7 +31,9 @@
   },
   "dependencies": {
     "@apollo/server": "^4.10.0",
+    "awilix": "^11.0.0",
     "crypto-random-string": "^3.0.0",
+    "dataloader": "^2.2.2",
     "dotenv": "^16.4.1",
     "graphql": "^16.8.1",
     "graphql-scalars": "^1.22.4",

parse_cert.py

@@ -0,0 +1,8 @@
+from pathlib import Path
+import json
+
+cert = Path("./ca-cert").read_text()
+
+cert_json = json.dumps({"cert": cert})
+
+Path("./ca-cert.json").write_text(cert_json)

src/app.ts

@@ -1,31 +1,31 @@
-import { ApolloServer } from "@apollo/server";
+import { ApolloServer } from '@apollo/server'
-import { resolvers } from "./resolvers";
+import { resolvers } from './resolvers'
-import { startStandaloneServer } from "@apollo/server/standalone";
+import { startStandaloneServer } from '@apollo/server/standalone'
-import { readFileSync } from "fs";
+import { readFileSync } from 'fs'
-import { typeDefs as scalarTypeDefs } from "graphql-scalars";
+import { typeDefs as scalarTypeDefs } from 'graphql-scalars'
-import { migrateAll } from "./services/databaseManagement";
+import { migrateAll } from './services/databaseManagement'
 
-const typeDefs = readFileSync("src/schema.graphql", { encoding: "utf-8" });
+const typeDefs = readFileSync('src/schema.graphql', { encoding: 'utf-8' })
 
 // The ApolloServer constructor requires two parameters: your schema
 // definition and your set of resolvers.
 const server = new ApolloServer({
   typeDefs: [typeDefs, ...scalarTypeDefs],
-  resolvers,
+  resolvers
-});
+})
 
 const startServer = async (): Promise<void> => {
   const { url } = await startStandaloneServer(server, {
-    listen: { port: 4000 },
+    listen: { port: 4000 }
-  });
+  })
 
-  await migrateAll();
+  await migrateAll()
 
-  console.log(`🚀 Server ready at: ${url}`);
+  console.log(`🚀 Server ready at: ${url}`)
-};
+}
 
 startServer()
   .then()
   .catch((err: Error) =>
-    console.log(`🔥 failed to start server ${err.message}`),
+    console.log(`🔥 failed to start server ${err.message}`)
-  );
+  )

src/config.ts

@@ -2,8 +2,7 @@ import 'dotenv/config'
 import { parseEnv } from 'znv'
 import { z } from 'zod'
 
-export const { POSTGRES_URL } = parseEnv(process.env, {
+export const { POSTGRES_URL, POSTGRES_CA_CERT_PATH } = parseEnv(process.env, {
-  POSTGRES_URL: z.string().min(1)
+  POSTGRES_URL: z.string().min(1),
+  POSTGRES_CA_CERT_PATH: z.string().min(1).nullish()
 })
-
-console.log([POSTGRES_URL].join(', '))

src/iocContainer.ts

@@ -0,0 +1,19 @@
+import awilix from 'awilix'
+import { saveResourceAclFactory, saveUserFactory } from './repositories'
+import { Knex } from 'knex'
+import { getMainDbClient } from './services/databaseManagement'
+
+export const container = awilix.createContainer({
+  strict: true,
+  injectionMode: awilix.InjectionMode.PROXY
+})
+
+container.register({
+  db: awilix.asFunction(getMainDbClient).singleton(),
+  saveResource: awilix
+    .asFunction((regionDb: Knex) => saveUserFactory({ db: regionDb }))
+    .scoped(),
+  saveResourceAcl: awilix.asFunction(saveResourceAclFactory).scoped()
+})
+
+container.resolve('saveResource')

src/migrations/20240205145527_organizations.ts

@@ -1,14 +1,14 @@
-import type { Knex } from "knex";
+import type { Knex } from 'knex'
 
-const tableName = "organizations";
+const tableName = 'organizations'
 
-export async function up(knex: Knex): Promise<void> {
+export async function up (knex: Knex): Promise<void> {
   return await knex.schema.createTable(tableName, (table) => {
-    table.text("id").primary();
+    table.text('id').primary()
-    table.text("name");
+    table.text('name')
-  });
+  })
 }
 
-export async function down(knex: Knex): Promise<void> {
+export async function down (knex: Knex): Promise<void> {
-  return await knex.schema.dropTable(tableName);
+  return await knex.schema.dropTable(tableName)
 }

src/migrations/20240205150932_regions.ts

@@ -1,49 +1,49 @@
-import type { Knex } from "knex";
+import type { Knex } from 'knex'
 
-const regionsTableName = "regions";
+const regionsTableName = 'regions'
 
-export async function up(knex: Knex): Promise<void> {
+export async function up (knex: Knex): Promise<void> {
   await knex.schema.createTable(regionsTableName, (table) => {
-    table.text("id").primary();
+    table.text('id').primary()
-    table.text("connectionString");
+    table.text('connectionString')
-  });
+  })
-  await knex.schema.createTable("organizations_regions", (table) => {
+  await knex.schema.createTable('organizations_regions', (table) => {
     table
-      .text("organizationId")
+      .text('organizationId')
-      .references("id")
+      .references('id')
-      .inTable("organizations")
+      .inTable('organizations')
       .notNullable()
-      .onDelete("cascade");
+      .onDelete('cascade')
     table
-      .text("regionId")
+      .text('regionId')
-      .references("id")
+      .references('id')
-      .inTable("regions")
+      .inTable('regions')
       .notNullable()
-      .onDelete("cascade");
+      .onDelete('cascade')
-  });
+  })
-  await knex.schema.createTable("resource_organization_region", (table) => {
+  await knex.schema.createTable('resource_organization_region', (table) => {
     table
-      .text("resourceId")
+      .text('resourceId')
-      .references("id")
+      .references('id')
-      .inTable("resources")
+      .inTable('resources')
       .notNullable()
-      .onDelete("cascade");
+      .onDelete('cascade')
     table
-      .text("organizationId")
+      .text('organizationId')
-      .references("id")
+      .references('id')
-      .inTable("organizations")
+      .inTable('organizations')
       .notNullable()
-      .onDelete("cascade");
+      .onDelete('cascade')
     table
-      .text("regionId")
+      .text('regionId')
-      .references("id")
+      .references('id')
-      .inTable("regions")
+      .inTable('regions')
       .notNullable()
-      .onDelete("cascade");
+      .onDelete('cascade')
-  });
+  })
 }
 
-export async function down(knex: Knex): Promise<void> {
+export async function down (knex: Knex): Promise<void> {
-  await knex.schema.dropTable(regionsTableName);
+  await knex.schema.dropTable(regionsTableName)
-  await knex.schema.dropTable("organizations_regions");
+  await knex.schema.dropTable('organizations_regions')
 }

src/migrations/20240206210140_region_name.ts

@@ -1,15 +1,15 @@
-import type { Knex } from "knex";
+import type { Knex } from 'knex'
 
-const regionsTableName = "regions";
+const regionsTableName = 'regions'
 
-export async function up(knex: Knex): Promise<void> {
+export async function up (knex: Knex): Promise<void> {
   await knex.schema.alterTable(regionsTableName, (table) => {
-    table.text("name").notNullable().defaultTo("region");
+    table.text('name').notNullable().defaultTo('region')
-  });
+  })
 }
 
-export async function down(knex: Knex): Promise<void> {
+export async function down (knex: Knex): Promise<void> {
   await knex.schema.alterTable(regionsTableName, (table) => {
-    table.dropColumn("name");
+    table.dropColumn('name')
-  });
+  })
 }

src/migrations/20240206213031_region_maintenance_db.ts

@@ -1,15 +1,15 @@
-import type { Knex } from "knex";
+import type { Knex } from 'knex'
 
-const regionsTableName = "regions";
+const regionsTableName = 'regions'
 
-export async function up(knex: Knex): Promise<void> {
+export async function up (knex: Knex): Promise<void> {
   await knex.schema.alterTable(regionsTableName, (table) => {
-    table.text("maintenanceDb").notNullable().defaultTo("region");
+    table.text('maintenanceDb').notNullable().defaultTo('region')
-  });
+  })
 }
 
-export async function down(knex: Knex): Promise<void> {
+export async function down (knex: Knex): Promise<void> {
   await knex.schema.alterTable(regionsTableName, (table) => {
-    table.dropColumn("maintenanceDb");
+    table.dropColumn('maintenanceDb')
-  });
+  })
 }

src/migrations/20240207203256_organization_acl.ts

@@ -1,22 +1,22 @@
-import type { Knex } from "knex";
+import type { Knex } from 'knex'
 
-const tableName = "organization_acl";
+const tableName = 'organization_acl'
 
-export async function up(knex: Knex): Promise<void> {
+export async function up (knex: Knex): Promise<void> {
   return await knex.schema.createTable(tableName, (table) => {
     table
-      .string("userId")
+      .string('userId')
-      .references("id")
+      .references('id')
-      .inTable("users")
+      .inTable('users')
-      .onDelete("cascade");
+      .onDelete('cascade')
     table
-      .string("organizationId")
+      .string('organizationId')
-      .references("id")
+      .references('id')
-      .inTable("organizations")
+      .inTable('organizations')
-      .onDelete("cascade");
+      .onDelete('cascade')
-  });
+  })
 }
 
-export async function down(knex: Knex): Promise<void> {
+export async function down (knex: Knex): Promise<void> {
-  return await knex.schema.dropTable(tableName);
+  return await knex.schema.dropTable(tableName)
 }

src/migrations/20240207212311_organization_resource_acl.ts

@@ -1,22 +1,22 @@
-import type { Knex } from "knex";
+import type { Knex } from 'knex'
 
-const tableName = "organization_resource_acl";
+const tableName = 'organization_resource_acl'
 
-export async function up(knex: Knex): Promise<void> {
+export async function up (knex: Knex): Promise<void> {
   return await knex.schema.createTable(tableName, (table) => {
     table
-      .string("resourceId")
+      .string('resourceId')
-      .references("id")
+      .references('id')
-      .inTable("resources")
+      .inTable('resources')
-      .onDelete("cascade");
+      .onDelete('cascade')
     table
-      .string("organizationId")
+      .string('organizationId')
-      .references("id")
+      .references('id')
-      .inTable("organizations")
+      .inTable('organizations')
-      .onDelete("cascade");
+      .onDelete('cascade')
-  });
+  })
 }
 
-export async function down(knex: Knex): Promise<void> {
+export async function down (knex: Knex): Promise<void> {
-  return await knex.schema.dropTable(tableName);
+  return await knex.schema.dropTable(tableName)
 }

src/migrations/20240207214054_resource_region.ts

@@ -1,28 +1,28 @@
-import type { Knex } from "knex";
+import type { Knex } from 'knex'
 
-const tableName = "resource_region_organization";
+const tableName = 'resource_region_organization'
 
-export async function up(knex: Knex): Promise<void> {
+export async function up (knex: Knex): Promise<void> {
   return await knex.schema.createTable(tableName, (table) => {
     table
-      .string("resourceId")
+      .string('resourceId')
-      .references("id")
+      .references('id')
-      .inTable("resources")
+      .inTable('resources')
-      .onDelete("cascade")
+      .onDelete('cascade')
-      .primary();
+      .primary()
     table
-      .string("regionId")
+      .string('regionId')
-      .references("id")
+      .references('id')
-      .inTable("regions")
+      .inTable('regions')
-      .onDelete("cascade");
+      .onDelete('cascade')
     table
-      .string("organizationId")
+      .string('organizationId')
-      .references("id")
+      .references('id')
-      .inTable("organizations")
+      .inTable('organizations')
-      .onDelete("cascade");
+      .onDelete('cascade')
-  });
+  })
 }
 
-export async function down(knex: Knex): Promise<void> {
+export async function down (knex: Knex): Promise<void> {
-  return await knex.schema.dropTable(tableName);
+  return await knex.schema.dropTable(tableName)
 }

src/migrations/20240213175105_region_pruning.ts

@@ -0,0 +1,15 @@
+import type { Knex } from 'knex'
+
+const regionsTableName = 'regions'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.dropColumn('maintenanceDb')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable(regionsTableName, (table) => {
+    table.text('maintenanceDb').notNullable().defaultTo('region')
+  })
+}

src/migrations/20240213214212_split_resource_region_org.ts

@@ -0,0 +1,56 @@
+import type { Knex } from 'knex'
+
+const tableName = 'resource_region_organization'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.dropTable(tableName)
+  await knex.schema.createTable('resource_region', (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+      .primary()
+    table
+      .string('regionId')
+      .references('id')
+      .inTable('regions')
+      .onDelete('cascade')
+  })
+  await knex.schema.createTable('resource_organization', (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+      .primary()
+    table
+      .string('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .onDelete('cascade')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.dropTable('resource_organization')
+  await knex.schema.dropTable('resource_region')
+  await knex.schema.createTable(tableName, (table) => {
+    table
+      .string('resourceId')
+      .references('id')
+      .inTable('resources')
+      .onDelete('cascade')
+      .primary()
+    table
+      .string('regionId')
+      .references('id')
+      .inTable('regions')
+      .onDelete('cascade')
+    table
+      .string('organizationId')
+      .references('id')
+      .inTable('organizations')
+      .onDelete('cascade')
+  })
+}

src/migrations/20240214151340_region_ssl_cert.ts

@@ -0,0 +1,13 @@
+import type { Knex } from 'knex'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.text('sslCaCert').nullable()
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.dropColumn('sslCaCert')
+  })
+}

src/migrations/20240220152312_region_name_unique.ts

@@ -0,0 +1,13 @@
+import type { Knex } from 'knex'
+
+export async function up (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.unique('name')
+  })
+}
+
+export async function down (knex: Knex): Promise<void> {
+  await knex.schema.alterTable('regions', (table) => {
+    table.dropUnique(['name'])
+  })
+}

src/repositories.ts

@@ -1,5 +1,4 @@
-import { Knex } from "knex";
+import { Knex } from 'knex'
-import { knex } from "./db";
 import {
   UserRecord,
   Resource,
@@ -10,191 +9,254 @@ import {
   Organization,
   OrganizationAcl,
   OrganizationResourceAcl,
-  ResourceRegion,
+  ResourceRegion
-  ResourceRegionOrg,
+} from './types'
-} from "./types";
 
-const Users = () => knex<UserRecord>("users");
+export const saveResourceFactory =
-const Resources = () => knex<Resource>("resources");
+  ({ db }: { db: Knex }) =>
-const ResourceAclRepo = () => knex<ResourceAcl>("resource_acl");
+    async (resource: Resource): Promise<void> => {
-
+      await db<Resource>('resources').insert(resource)
-export const queryUser = async (userId: string): Promise<UserRecord | null> => {
-  return (await Users().where("id", "=", userId).first()) ?? null;
-};
-
-export const getUsersFrom = (db: Knex) => async (): Promise<UserRecord[]> => {
-  return await db<UserRecord>("users").select();
-};
-
-export const saveUserTo =
-  (db: Knex) =>
-  async (user: UserRecord): Promise<void> => {
-    await db<UserRecord>("users").insert(user);
-  };
-
-export const saveResourceTo =
-  (db: Knex) =>
-  async (resource: Resource): Promise<void> => {
-    await db<Resource>("resources").insert(resource);
-  };
-
-export const queryResourceFrom =
-  (db: Knex) =>
-  async (resourceId: string): Promise<Resource | null> => {
-    return (
-      (await db<Resource>("resources").where({ id: resourceId }).first()) ??
-      null
-    );
-  };
-
-export const queryResourceAclFrom =
-  (db: Knex) =>
-  async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
-    return (
-      (await db<ResourceAcl>("resource_acl")
-        .where({ userId, resourceId })
-        .first()) ?? null
-    );
-  };
-
-export const saveResourceAclTo =
-  (db: Knex) =>
-  async (resourceAcl: ResourceAcl): Promise<void> => {
-    await db<ResourceAcl>("resource_acl").insert(resourceAcl);
-  };
-
-export const countResources = async (userId: string): Promise<number> => {
-  const [rawCount] = await ResourceAclRepo().count().where({ userId });
-  return parseInt(rawCount.count as string);
-};
-
-export const queryResources = async ({
-  userId,
-  limit,
-  cursor,
-}: {
-  userId: string;
-  limit: number;
-  cursor: string | null;
-}) => {
-  const query = Resources()
-    .join("resource_acl", "resources.id", "resource_acl.resourceId")
-    .where({ userId });
-  if (cursor) {
-    query.andWhere("createdAt", "<", cursor);
-  }
-  return await query.limit(limit);
-};
-
-export const countCommentsIn =
-  (db: Knex) =>
-  async (resourceId: string): Promise<number> => {
-    const [rawCount] = await db<Comment>("comments")
-      .count()
-      .where({ resourceId });
-    return parseInt(rawCount.count as string);
-  };
-
-export const queryCommentsFrom =
-  (db: Knex) =>
-  async ({
-    resourceId,
-    limit,
-    cursor,
-  }: {
-    resourceId: string;
-    limit: number;
-    cursor: string | null;
-  }): Promise<Comment[]> => {
-    const query = db<Comment>("comments").where({ resourceId });
-    if (cursor) {
-      query.andWhere("createdAt", "<", cursor);
     }
-    return await query.limit(limit);
-  };
 
-export const saveCommentTo =
+export const findResourceFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async (comment: Comment): Promise<void> => {
+    async (resourceId: string): Promise<Resource | null> => {
-    await db<Comment>("comments").insert(comment);
+      return (
-  };
+        (await db<Resource>('resources').where({ id: resourceId }).first()) ??
+      null
+      )
+    }
 
-export const getRegionsFrom = (db: Knex) => async (): Promise<Array<Region>> =>
+export const saveCommentFactory =
-  await db<Region>("regions").select();
+  ({ db }: { db: Knex }) =>
+    async (comment: Comment): Promise<void> => {
+      await db<Comment>('comments').insert(comment)
+    }
 
-export const getRegionFrom =
+export const countCommentsFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async (id: string): Promise<Region | null> =>
+    async (resourceId: string): Promise<number> => {
-    (await db<Region>("regions").where({ id }).first()) ?? null;
+      const [rawCount] = await db<Comment>('comments')
+        .count()
+        .where({ resourceId })
+      return parseInt(rawCount.count as string)
+    }
 
-export const getOrganizationRegionsFrom =
+export const findUserFactory =
-  (db: Knex) => async (): Promise<Array<OrganizationsRegions>> =>
+  ({ db }: { db: Knex }) =>
-    await db<OrganizationsRegions>("organizations_regions").select();
+    async (userId: string): Promise<UserRecord | null> => {
+      return (
+        (await db<UserRecord>('users').where('id', '=', userId).first()) ?? null
+      )
+    }
 
-export const queryOrganizationRegionsFrom =
+export const queryUsersFactoy =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async ({
+    async (): Promise<UserRecord[]> => {
-    regionId,
+      return await db<UserRecord>('users').select()
-    organizationId,
+    }
-  }: OrganizationsRegions): Promise<OrganizationsRegions | null> =>
-    (await db<OrganizationsRegions>("organizations_regions")
-      .where({ regionId, organizationId })
-      .first()) ?? null;
 
-export const saveRegionTo = (db: Knex) => async (region: Region) =>
+export const saveUserFactory =
-  await db<Region>("regions").insert(region);
+  ({ db }: { db: Knex }) =>
+    async (user: UserRecord): Promise<void> => {
+      await db<UserRecord>('users').insert(user)
+    }
 
-export const saveOrganizationTo =
+export const getUsersResourceAclFactory =
-  (db: Knex) => async (organization: Organization) =>
+  ({ db }: { db: Knex }) =>
-    await db<Organization>("organizations").insert(organization);
+    async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
+      return (
+        (await db<ResourceAcl>('resource_acl')
+          .where({ userId, resourceId })
+          .first()) ?? null
+      )
+    }
 
-export const getOrganizationFrom =
+export const saveResourceAclFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async (id: string): Promise<Organization | null> => {
+    async (resourceAcl: ResourceAcl): Promise<void> => {
-    return (
+      await db<ResourceAcl>('resource_acl').insert(resourceAcl)
-      (await db<Organization>("organizations").where({ id }).first()) ?? null
+    }
-    );
-  };
 
-export const getOrganizationsFrom =
+export const countUsersResourcesFactory =
-  (db: Knex) => async (): Promise<Organization[]> =>
+  ({ db }: { db: Knex }) =>
-    await db<Organization>("organizations").select();
+    async (userId: string): Promise<number> => {
+      const [rawCount] = await db<ResourceAcl>('resource_acl')
+        .count()
+        .where({ userId })
+      return parseInt(rawCount.count as string)
+    }
 
-export const saveOrganizationsRegionsTo =
+export const findUsersResourceFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async (or: OrganizationsRegions): Promise<void> =>
+    async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
-    await db<OrganizationsRegions>("organizations_regions").insert(or);
+      return (
+        (await db<ResourceAcl>('resource_acl')
+          .where({ userId, resourceId })
+          .first()) ?? null
+      )
+    }
 
-export const saveOrganizationAclTo =
+export const queryResourcesFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async (orgAcl: OrganizationAcl): Promise<void> => {
+    async ({
-    await db<OrganizationsRegions>("organization_acl").insert(orgAcl);
+      userId,
-  };
+      limit,
+      cursor
+    }: {
+      userId: string
+      limit: number
+      cursor: string | null
+    }): Promise<Resource[]> => {
+      let query = db<Resource & ResourceAcl>('resources')
+        .join('resource_acl', 'resources.id', 'resource_acl.resourceId')
+        .where({ userId })
+      if (cursor !== null) {
+        query = query.andWhere('createdAt', '<', cursor)
+      }
+      const items = await query.orderBy('createdAt', 'desc').limit(limit)
+      return items
+    }
 
-export const queryOrganizationAclFrom =
+export const countResourceCommentsFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async ({
+    async (resourceId: string): Promise<number> => {
-    userId,
+      const [rawCount] = await db<Comment>('comments')
-    organizationId,
+        .count()
-  }: OrganizationAcl): Promise<OrganizationAcl | null> =>
+        .where({ resourceId })
-    (await db<OrganizationAcl>("organization_acl")
+      return parseInt(rawCount.count as string)
-      .where({ userId, organizationId })
+    }
-      .first()) ?? null;
 
-export const saveOrganizationResourceAclTo =
+export const queryCommentsFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async (item: OrganizationResourceAcl): Promise<void> => {
+    async ({
-    await db<OrganizationResourceAcl>("organization_resource_acl").insert(item);
+      resourceId,
-  };
+      limit,
+      cursor
+    }: {
+      resourceId: string
+      limit: number
+      cursor: string | null
+    }): Promise<Comment[]> => {
+      let query = db<Comment>('comments').where({ resourceId })
+      if (cursor !== null) {
+        query = query.andWhere('createdAt', '<', cursor)
+      }
+      return await query.orderBy('createdAt', 'desc').limit(limit)
+    }
 
-export const saveResourceRegionOrganizationTo =
+export const queryRegionsFactory =
-  (db: Knex) => async (item: ResourceRegionOrg) => {
+  ({ db }: { db: Knex }) =>
-    await db<ResourceRegionOrg>("resource_region_organization").insert(item);
+    async (
-  };
+      params:
+      | {
+        connectionString?: string | undefined
+      }
+      | undefined = undefined
+    ): Promise<Region[]> => {
+      let query = db<Region>('regions')
+      if (params?.connectionString !== undefined) query = query.where(params)
+      return await query.select()
+    }
 
-export const queryResourceRegionOrganizationFrom =
+export const findRegionFactory =
-  (db: Knex) =>
+  ({ db }: { db: Knex }) =>
-  async (resourceId: string): Promise<ResourceRegion | null> =>
+    async (id: string): Promise<Region | null> => {
-    (await db<ResourceRegionOrg>("resource_region_organization")
+      return (await db<Region>('regions').where({ id }).first()) ?? null
-      .where({ resourceId })
+    }
-      .first()) ?? null;
+
+export const queryOrganizationsRegionsFactory =
+  ({ db }: { db: Knex }) =>
+    async (): Promise<OrganizationsRegions[]> => {
+      return await db<OrganizationsRegions>('organizations_regions').select()
+    }
+
+export const findOrganizationRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      regionId,
+      organizationId
+    }: OrganizationsRegions): Promise<OrganizationsRegions | null> => {
+      return (
+        (await db<OrganizationsRegions>('organizations_regions')
+          .where({ regionId, organizationId })
+          .first()) ?? null
+      )
+    }
+
+export const saveRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async (region: Region): Promise<void> => {
+      await db<Region>('regions').insert(region)
+    }
+
+export const saveOrganizationFactory =
+  ({ db }: { db: Knex }) =>
+    async (organization: Organization): Promise<void> => {
+      await db<Organization>('organizations').insert(organization)
+    }
+
+export const findOrganizationFactory =
+  ({ db }: { db: Knex }) =>
+    async (id: string): Promise<Organization | null> => {
+      return (
+        (await db<Organization>('organizations').where({ id }).first()) ?? null
+      )
+    }
+
+export const queryOrganizationsFactory =
+  ({ db }: { db: Knex }) =>
+    async (): Promise<Organization[]> => {
+      return await db<Organization>('organizations').select()
+    }
+
+export const saveOrganizationRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async (or: OrganizationsRegions): Promise<void> => {
+      return await db<OrganizationsRegions>('organizations_regions').insert(or)
+    }
+
+export const saveOrganizationAclFactory =
+  ({ db }: { db: Knex }) =>
+    async (orgAcl: OrganizationAcl): Promise<void> => {
+      await db<OrganizationsRegions>('organization_acl').insert(orgAcl)
+    }
+
+export const findOrganizationAclFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      userId,
+      organizationId
+    }: OrganizationAcl): Promise<OrganizationAcl | null> => {
+      return (
+        (await db<OrganizationAcl>('organization_acl')
+          .where({ userId, organizationId })
+          .first()) ?? null
+      )
+    }
+
+export const saveOrganizationResourceAclFactory =
+  ({ db }: { db: Knex }) =>
+    async (item: OrganizationResourceAcl): Promise<void> => {
+      await db<OrganizationResourceAcl>('organization_resource_acl').insert(item)
+    }
+
+export const findResourceRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async ({
+      resourceId
+    }: {
+      resourceId: string
+    }): Promise<ResourceRegion | null> => {
+      return (
+        (await db<ResourceRegion>('resource_region')
+          .where({ resourceId })
+          .first()) ?? null
+      )
+    }
+
+export const saveResourceRegionFactory =
+  ({ db }: { db: Knex }) =>
+    async (item: ResourceRegion): Promise<void> => {
+      await db<ResourceRegion>('resource_region').insert(item)
+    }

src/resolvers.ts

@@ -1,25 +1,10 @@
+import { getCommentsFactory } from './services/comments'
+import awilix from 'awilix'
 import {
-  getOrganizationsFrom,
+  createResourceFactory,
-  getRegionsFrom,
+  getResourcesFactory
-  queryOrganizationAclFrom,
+} from './services/resources'
-  queryOrganizationRegionsFrom,
+import { GraphQLError } from 'graphql'
-  queryResourceAclFrom,
-  saveOrganizationResourceAclTo,
-  saveOrganizationAclTo,
-  saveResourceAclTo,
-  saveResourceTo,
-  saveResourceRegionOrganizationTo,
-  saveCommentTo,
-  queryResourceFrom,
-  queryUser,
-  countCommentsIn,
-  queryCommentsFrom,
-  getUsersFrom,
-  saveUserTo,
-} from "./repositories";
-import { getComments } from "./services/comments";
-import { createResource, getResources } from "./services/resources";
-import { GraphQLError } from "graphql";
 import {
   Resource,
   UserRecord,
@@ -29,168 +14,196 @@ import {
   OrganizationsRegions,
   OrganizationAcl,
   CommentCreateArgs,
-  UserCreateArgs,
+  UserCreateArgs
-} from "./types";
+} from './types'
 import {
-  bindRegionToOrganization,
   createOrganization,
-  getDbClient,
-  getMainDbClient,
-  getResourceDatabaseConnection,
   registerRegion,
-} from "./services/databaseManagement";
+  getResourceDb,
-import { authorizeUserOrgRegion } from "./services/authz";
+  getMainDbClient,
-import cryptoRandomString from "crypto-random-string";
+  getRegionDb
+} from './services/databaseManagement'
+import { authorizeUserOrgRegionFactory } from './services/authz'
+import cryptoRandomString from 'crypto-random-string'
+import {
+  countCommentsFactory,
+  countUsersResourcesFactory,
+  findOrganizationAclFactory,
+  findOrganizationRegionFactory,
+  findResourceFactory,
+  findUserFactory,
+  getUsersResourceAclFactory,
+  queryCommentsFactory,
+  queryOrganizationsFactory,
+  queryRegionsFactory,
+  queryResourcesFactory,
+  queryUsersFactoy,
+  saveCommentFactory,
+  saveOrganizationAclFactory,
+  saveOrganizationRegionFactory,
+  saveOrganizationResourceAclFactory,
+  saveResourceAclFactory,
+  saveResourceRegionFactory,
+  saveUserFactory
+} from './repositories'
+import { container } from './iocContainer'
 
+const db = getMainDbClient()
 // Resolvers define how to fetch the types defined in your schema.
 // This resolver retrieves books from the "books" array above.
 export const resolvers = {
   Query: {
-    async users() {
+    async users () {
-      return await getUsersFrom(getMainDbClient())();
+      return await queryUsersFactoy({ db })()
     },
-    async user(_: unknown, args: { id: string }) {
+    async user (_: unknown, args: { id: string }) {
-      return await queryUser(args.id);
+      return await findUserFactory({ db })(args.id)
     },
-    async resource(
+    async resource (
       _: unknown,
-      args: { id: string; userId: string },
+      args: { id: string, userId: string }
     ): Promise<Resource> {
-      const mainDb = getMainDbClient();
+      const maybeAcl = await getUsersResourceAclFactory({ db })({
-      const maybeAcl = await queryResourceAclFrom(mainDb)({
         userId: args.userId,
-        resourceId: args.id,
+        resourceId: args.id
-      });
+      })
       if (maybeAcl == null) {
         throw new GraphQLError(
           "The user doesn't have access to the given resource",
           {
             extensions: {
-              code: "FORBIDDEN",
+              code: 'FORBIDDEN'
-            },
+            }
-          },
+          }
-        );
+        )
       }
-      const db = await getResourceDatabaseConnection(args.id);
+      const resourceDb = await getResourceDb(args.id)
-      const maybeResource = await queryResourceFrom(db)(args.id);
+      const maybeResource = await findResourceFactory({ db: resourceDb })(
+        args.id
+      )
       if (maybeResource == null) {
-        throw new GraphQLError("Resource not found", {
+        throw new GraphQLError('Resource not found', {
-          extensions: { code: "RESOURCE_NOT_FOUND" },
+          extensions: { code: 'RESOURCE_NOT_FOUND' }
-        });
+        })
       }
-      return maybeResource;
+      return maybeResource
     },
-    async organizations() {
+    async organizations () {
-      return await getOrganizationsFrom(getMainDbClient())();
+      return await queryOrganizationsFactory({ db })()
-    },
-    async regions() {
-      return await getRegionsFrom(getMainDbClient())();
     },
+    async regions () {
+      return await queryRegionsFactory({ db })()
+    }
   },
   User: {
-    async resources(parent: UserRecord, args: PaginationArgs) {
+    async resources (parent: UserRecord, args: PaginationArgs) {
-      return await getResources({ userId: parent.id, ...args });
+      return await getResourcesFactory(
-    },
+        countUsersResourcesFactory({ db }),
+        queryResourcesFactory({ db })
+      )({ userId: parent.id, ...args })
+    }
   },
   Resource: {
-    async comments(
+    async comments (
       parent: Resource,
-      { limit, cursor }: PaginationArgs,
+      { limit, cursor }: PaginationArgs
     ): Promise<CommentCollection> {
-      const db = await getResourceDatabaseConnection(parent.id);
+      const resourceDb = await getResourceDb(parent.id)
-      return await getComments(
+      return await getCommentsFactory(
-        countCommentsIn(db),
+        countCommentsFactory({ db: resourceDb }),
-        queryCommentsFrom(db),
+        queryCommentsFactory({ db: resourceDb })
       )({
         resourceId: parent.id,
         limit,
-        cursor,
+        cursor
-      });
+      })
-    },
+    }
   },
   Mutation: {
-    async createUser(
+    async createUser (
       _: unknown,
-      { input: { name } }: { input: UserCreateArgs },
+      { input: { name } }: { input: UserCreateArgs }
     ) {
-      const id = cryptoRandomString({ length: 10 });
+      const id = cryptoRandomString({ length: 10 })
-      await saveUserTo(getMainDbClient())({ id, name });
+      await saveUserFactory({ db })({ id, name })
-      return id;
+      return id
     },
-    async registerRegion(
+    async registerRegion (
       _: unknown,
       args: {
-        name: string;
+        name: string
-        connectionString: string;
+        connectionString: string
-        maintenanceDb: string;
+        sslCaCert: string | null
-      },
-    ) {
-      return await registerRegion(args);
-    },
-    async createOrganization(_: unknown, args: { name: string }) {
-      return await createOrganization(args.name);
-    },
-    async addRegionToOrganization(_: unknown, args: OrganizationsRegions) {
-      await bindRegionToOrganization(args);
-    },
-    async addUserToOrganization(
-      _: unknown,
-      { input: args }: { input: OrganizationAcl },
-    ) {
-      await saveOrganizationAclTo(getMainDbClient())(args);
-    },
-    async createResource(
-      _: unknown,
-      { input: args }: { input: ResourceCreateArgs },
-    ) {
-      const mainDb = getMainDbClient();
-      await authorizeUserOrgRegion(
-        queryOrganizationAclFrom(mainDb),
-        queryOrganizationRegionsFrom(mainDb),
-      )(args);
-
-      const db =
-        args.regionId && args.organizationId
-          ? await getDbClient({
-              regionId: args.regionId,
-              organizationId: args.organizationId,
-            })
-          : mainDb;
-
-      const resourceId = await createResource(
-        saveResourceTo(db),
-        saveResourceAclTo(mainDb),
-      )(args);
-
-      if (args.organizationId) {
-        await saveOrganizationResourceAclTo(mainDb)({
-          organizationId: args.organizationId,
-          resourceId,
-        });
-        await saveResourceRegionOrganizationTo(mainDb)({
-          resourceId,
-          organizationId: args.organizationId,
-          // i know its not null here, the authz function ensures it
-          regionId: args.regionId!,
-        });
       }
-      return resourceId;
-    },
-    async addComment(
-      _: unknown,
-      { input: args }: { input: CommentCreateArgs },
     ) {
-      const mainDb = getMainDbClient();
+      return await registerRegion(args)
-      const resourceAcl = await queryResourceAclFrom(mainDb)(args);
-      if (!resourceAcl)
-        throw new Error("The user doesn't have access to the given resource");
-      //2. get resource db client
-      const db = await getResourceDatabaseConnection(args.resourceId);
-      //3. save comment to db
-      const id = cryptoRandomString({ length: 10 });
-      const createdAt = new Date();
-      await saveCommentTo(db)({ id, createdAt, ...args });
-      return id;
     },
-  },
+    async createOrganization (_: unknown, args: { name: string }) {
-};
+      return await createOrganization(args.name)
+    },
+    async addRegionToOrganization (_: unknown, args: OrganizationsRegions) {
+      await saveOrganizationRegionFactory({ db })(args)
+    },
+    async addUserToOrganization (
+      _: unknown,
+      { input: args }: { input: OrganizationAcl }
+    ) {
+      await saveOrganizationAclFactory({ db })(args)
+    },
+    async createResource (
+      _: unknown,
+      { input: args }: { input: ResourceCreateArgs }
+    ) {
+      await authorizeUserOrgRegionFactory(
+        findOrganizationAclFactory({ db }),
+        findOrganizationRegionFactory({ db })
+      )(args)
+
+      const resourceDb =
+        args.regionId !== null
+          ? await getRegionDb({ regionId: args.regionId })
+          : db
+
+      const requestContainer = container.createScope()
+      requestContainer.register({ resourceDb: awilix.asValue(resourceDb) })
+
+      const saveResource = requestContainer.resolve('saveResource')
+
+      const resourceId = await createResourceFactory({
+        saveResource,
+        saveResourceAcl: saveResourceAclFactory({ db })
+      })(args)
+
+      if (args.organizationId !== null) {
+        await saveOrganizationResourceAclFactory({ db })({
+          organizationId: args.organizationId,
+          resourceId
+        })
+        if (args.regionId !== null) {
+          await saveResourceRegionFactory({ db })({
+            resourceId,
+            // i know its not null here, the authz function ensures it
+            regionId: args.regionId
+          })
+        }
+      }
+      return resourceId
+    },
+    async addComment (
+      _: unknown,
+      { input: args }: { input: CommentCreateArgs }
+    ) {
+      const resourceAcl = await getUsersResourceAclFactory({ db })(args)
+      if (resourceAcl == null) {
+        throw new Error("The user doesn't have access to the given resource")
+      }
+      // 2. get resource db client
+      const resourceDb = await getResourceDb(args.resourceId)
+      // 3. save comment to db
+      const id = cryptoRandomString({ length: 10 })
+      const createdAt = new Date()
+      await saveCommentFactory({ db: resourceDb })({ id, createdAt, ...args })
+      return id
+    }
+  }
+}

src/schema.graphql

@@ -38,7 +38,6 @@ type Organization {
 type Region {
   id: String!
   name: String!
-  maintenanceDb: String!
 }
 
 type Query {
@@ -78,7 +77,7 @@ type Mutation {
   registerRegion(
     name: String!
     connectionString: String!
-    maintenanceDb: String!
+    sslCaCert: String
   ): String!
   createOrganization(name: String!): String!
   addRegionToOrganization(organizationId: String!, regionId: String!): Boolean

src/services/authz.ts

@@ -1,26 +1,29 @@
 import {
   OrganizationAcl,
   OrganizationsRegions,
-  UserOrgRegionArgs,
+  UserOrgRegionArgs
-} from "../types";
+} from '../types'
 
-export const authorizeUserOrgRegion =
+export const authorizeUserOrgRegionFactory =
   (
     orgAclGetter: (params: OrganizationAcl) => Promise<OrganizationAcl | null>,
     orgRegionGetter: (
       params: OrganizationsRegions,
-    ) => Promise<OrganizationsRegions | null>,
+    ) => Promise<OrganizationsRegions | null>
   ) =>
-  async ({ userId, regionId, organizationId }: UserOrgRegionArgs) => {
+    async ({ userId, regionId, organizationId }: UserOrgRegionArgs) => {
-    if (!organizationId && regionId)
+      if (!organizationId && regionId) {
-      throw new Error("public org doesn't support regions");
+        throw new Error("public org doesn't support regions")
-    if (organizationId) {
+      }
-      if (!regionId) throw new Error("organizations can only write to regions");
+      if (organizationId) {
-      const orgAcl = await orgAclGetter({ organizationId, userId });
+        if (!regionId) throw new Error('organizations can only write to regions')
-      if (!orgAcl)
+        const orgAcl = await orgAclGetter({ organizationId, userId })
-        throw new Error("user doesn't have access to this organization");
+        if (orgAcl == null) {
-      const orgRegion = await orgRegionGetter({ organizationId, regionId });
+          throw new Error("user doesn't have access to this organization")
-      if (!orgRegion)
+        }
-        throw new Error("organization doesnt have access to this region");
+        const orgRegion = await orgRegionGetter({ organizationId, regionId })
+        if (orgRegion == null) {
+          throw new Error('organization doesnt have access to this region')
+        }
+      }
     }
-  };

src/services/comments.ts

@@ -1,25 +1,25 @@
-import { CommentCollection, PaginationArgs, Comment } from "../types";
+import { CommentCollection, PaginationArgs, Comment } from '../types'
 
 interface GetCommentsArgs extends PaginationArgs {
-  resourceId: string;
+  resourceId: string
 }
 
-export const getComments =
+export const getCommentsFactory =
   (
     countComments: (resourceId: string) => Promise<number>,
-    queryComments: (params: GetCommentsArgs) => Promise<Comment[]>,
+    queryComments: (params: GetCommentsArgs) => Promise<Comment[]>
   ) =>
-  async (params: GetCommentsArgs): Promise<CommentCollection> => {
+    async (params: GetCommentsArgs): Promise<CommentCollection> => {
     // yes, i should be doing base64 de and encoding with the cursor...
-    const totalCount = await countComments(params.resourceId);
+      const totalCount = await countComments(params.resourceId)
-    const items = await queryComments(params);
+      const items = await queryComments(params)
-    let cursor = null;
+      let cursor = null
-    if (items.length > 0) {
+      if (items.length > 0) {
-      cursor = items.slice(-1)[0].createdAt.toISOString();
+        cursor = items.slice(-1)[0].createdAt.toISOString()
+      }
+      return {
+        totalCount,
+        items,
+        cursor
+      }
     }
-    return {
-      totalCount,
-      items,
-      cursor,
-    };
-  };

src/services/databaseManagement.ts

@@ -1,243 +1,222 @@
-import { POSTGRES_URL } from "../config";
+import { POSTGRES_URL } from '../config'
+import knex, { Knex } from 'knex'
+import cryptoRandomString from 'crypto-random-string'
 import {
-  getOrganizationFrom,
+  findRegionFactory,
-  getOrganizationRegionsFrom,
+  findResourceRegionFactory,
-  getRegionFrom,
+  queryRegionsFactory,
-  queryResourceRegionOrganizationFrom,
+  saveOrganizationFactory,
-  saveOrganizationTo,
+  saveRegionFactory
-  saveOrganizationsRegionsTo,
+} from '../repositories'
-  saveRegionTo,
-} from "../repositories";
-import { OrganizationsRegions, Region } from "../types";
-import knex, { Knex } from "knex";
-import cryptoRandomString from "crypto-random-string";
 
-const migrateToLatest = async (client: Knex): Promise<void> => {
+const migrateToLatest = async (db: Knex): Promise<void> => {
   const plannedMigrations: Array<{ file: string }> = (
-    await client.migrate.list()
+    await db.migrate.list()
-  )[1];
+  )[1]
   if (plannedMigrations.length > 0) {
     console.log(
       `🕰️  planning migrations: ${plannedMigrations
         .map((m) => m.file)
-        .join(",")}`,
+        .join(',')}`
-    );
+    )
   } else {
-    console.log("no migrations are planned");
+    console.log('no migrations are planned')
   }
   // TODO: make sure if a migration fails, all migrations are rolled back
-  await client.migrate.latest();
+  await db.migrate.latest()
-};
-
-export const migrateAll = async (): Promise<void> => {
-  await migrateToLatest(mainClient);
-  const databaseSchemas = await getAllDatabaseSchemaConnections();
-
-  await Promise.all([
-    ...databaseSchemas.map(async (sc) => await migrateToLatest(sc)),
-  ]);
-  // 1. get all regions from main DB
-  // 2. construct region specific knex clients and cache them by
-  // 3. structure the cache so that it accomodates client creation by resource id
-  // 4. get all organization regions from main DB
-  // 5. for in all regions for all organizations, run the migration
-  // 6. do not forget the migration for the main DB
-  //
-};
-
-const createDatabaseConfig = (connectionString: string): Knex.Config => {
-  return {
-    client: "pg",
-    connection: {
-      connectionString,
-    },
-    // connection: connectionString,
-    migrations: {
-      directory: "src/migrations",
-      extension: "ts",
-    },
-  };
-};
-
-const mainClient = knex(createDatabaseConfig(POSTGRES_URL));
-
-const _connectionStore: Map<string, Knex> = new Map();
-
-interface RegionWithMaybeOrganization {
-  regionId: string;
-  organizationId?: string | undefined;
 }
 
-const _createConnectionKey = ({
+export const migrateAll = async (): Promise<void> => {
-  organizationId,
+  await migrateToLatest(db)
-  regionId,
+  const dbClients = await getAllDbClients()
-}: RegionWithMaybeOrganization): string => {
-  return organizationId ? `${organizationId}@${regionId}` : regionId;
-};
 
-export const getDbClient = async ({
+  await Promise.all([
-  regionId,
+    ...dbClients.map(async (db) => await migrateToLatest(db))
-  organizationId,
+  ])
-}: RegionWithMaybeOrganization): Promise<Knex> => {
+}
-  const connectionKey = _createConnectionKey({ organizationId, regionId });
-  const maybeClient = _connectionStore.get(connectionKey);
-  if (maybeClient) return maybeClient;
-  const maybeRegion = await mainClient<Region>("regions")
-    .select()
-    .where({ id: regionId })
-    .first();
-  if (!maybeRegion) throw Error(`region ${regionId} not found`);
-  const connectionString = organizationId
-    ? `${maybeRegion.connectionString}/${organizationId}`
-    : `${maybeRegion.connectionString}/${maybeRegion.maintenanceDb}`;
-  const client = knex(createDatabaseConfig(connectionString));
-  _connectionStore.set(connectionKey, client);
-  return client;
-};
 
-export const getMainDbClient = (): Knex => mainClient;
+const createDatabaseConfig = (
+  connectionString: string,
+  sslCaCert: string | null
+): Knex.Config => {
+  const config: Knex.Config = {
+    client: 'pg',
+    connection: {
+      connectionString,
+      ssl: sslCaCert
+        ? {
+            ca: sslCaCert,
+            rejectUnauthorized: true
+          }
+        : undefined
+    },
+    migrations: {
+      directory: 'src/migrations',
+      extension: 'ts'
+    }
+  }
+  return config
+}
+
+const db = knex(createDatabaseConfig(POSTGRES_URL, null))
+
+const dbClientStore: Map<string, Knex> = new Map()
+
+const findRegion = findRegionFactory({ db })
+
+export const getRegionDb = async ({
+  regionId
+}: {
+  regionId: string | undefined
+}): Promise<Knex> => {
+  if (!regionId) return db
+  const maybeClient = dbClientStore.get(regionId)
+  if (maybeClient != null) return maybeClient
+  const maybeRegion = await findRegion(regionId)
+  if (maybeRegion == null) throw Error(`region ${regionId} not found`)
+  const client = knex(
+    createDatabaseConfig(maybeRegion.connectionString, maybeRegion.sslCaCert)
+  )
+  dbClientStore.set(regionId, client)
+  return client
+}
+
+export const getMainDbClient = (): Knex => db
+
+const queryRegions = queryRegionsFactory({ db })
+const saveRegion = saveRegionFactory({ db })
 
 export const registerRegion = async ({
   name,
   connectionString,
-  maintenanceDb,
+  sslCaCert
 }: {
-  name: string;
+  name: string
-  connectionString: string;
+  connectionString: string
-  maintenanceDb: string;
+  sslCaCert: string | null
 }): Promise<string> => {
-  // TODO: validate the connectionString, so that the knex client can connect to it
+  const regions = await queryRegions({ connectionString })
-  const id = cryptoRandomString({ length: 10 });
+  if (regions.length > 0) throw new Error('This region is already registered')
-  await saveRegionTo(mainClient)({
+  const id = cryptoRandomString({ length: 10 })
+  const newDb = knex(createDatabaseConfig(connectionString, sslCaCert))
+  await migrateToLatest(newDb)
+  dbClientStore.set(id, newDb)
+
+  const sslmode = sslCaCert ? 'require' : 'disable'
+  await setUpUserReplication({
+    from: db,
+    to: newDb,
+    regionName: name,
+    sslmode
+  })
+  await setUpResourceReplication({
+    from: newDb,
+    to: db,
+    regionName: name,
+    sslmode
+  })
+
+  await saveRegion({
     id,
     name,
     connectionString,
-    maintenanceDb,
+    sslCaCert
-  });
+  })
-  return id;
+  return id
-};
+}
+
+const saveOrganization = saveOrganizationFactory({ db })
 
 export const createOrganization = async (name: string): Promise<string> => {
-  const id = cryptoRandomString({ length: 10 });
+  const id = cryptoRandomString({ length: 10 })
-  await saveOrganizationTo(mainClient)({ id, name });
+  await saveOrganization({ id, name })
-  return id;
+  return id
-};
+}
 
-const createDb = async (client: Knex, name: string): Promise<void> => {
+interface ReplicationArgs {
-  try {
+  from: Knex
-    await client.raw(`create database "${name}"`);
+  to: Knex
-  } catch (err) {
+  sslmode: string
-    if (!(err instanceof Error)) throw err;
+  regionName: string
-    if (!err.message.includes("already exists")) throw err;
+}
-  }
-};
 
 const setUpUserReplication = async ({
   from,
   to,
-}: {
+  sslmode,
-  from: Knex;
+  regionName
-  to: Knex;
+}: ReplicationArgs): Promise<void> => {
-}): Promise<void> => {
   // TODO: ensure its created...
-  const connectionString: string =
-    from.client.config.connection.connectionString;
   try {
-    await from.raw("CREATE PUBLICATION userspub FOR TABLE users;");
+    await from.raw('CREATE PUBLICATION userspub FOR TABLE users;')
   } catch (err) {
-    if (!(err instanceof Error)) throw err;
+    if (!(err instanceof Error)) throw err
-    if (!err.message.includes("already exists")) throw err;
+    if (!err.message.includes('already exists')) throw err
   }
+
+  const fromUrl = new URL(from.client.config.connection.connectionString)
+  const fromDbName = fromUrl.pathname.replace('/', '')
+  const subName = `userssub_${regionName}`
+  const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
+    '${subName}',
+    'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
+    'userspub', 
+    '${subName}',
+    TRUE,
+    TRUE
+  );`
   try {
-    const toUrl = new URL(to.client.config.connection.connectionString);
+    await to.raw(rawSqeel)
-    await to.raw(
-      `CREATE SUBSCRIPTION userssub_${toUrl.pathname.replace("/", "")} CONNECTION '${connectionString}' PUBLICATION userspub;`,
-    );
   } catch (err) {
-    if (!(err instanceof Error)) throw err;
+    if (!(err instanceof Error)) throw err
-    if (!err.message.includes("already exists")) throw err;
+    if (!err.message.includes('already exists')) throw err
   }
-};
+}
 
 const setUpResourceReplication = async ({
   from,
-  fromRegionName,
   to,
-}: {
+  regionName,
-  from: Knex;
+  sslmode
-  fromRegionName: string;
+}: ReplicationArgs): Promise<void> => {
-  to: Knex;
-}): Promise<void> => {
   // TODO: ensure its created...
-  const connectionString: string =
-    from.client.config.connection.connectionString;
-  const connUrl = new URL(connectionString);
   try {
-    await from.raw("CREATE PUBLICATION resourcepub FOR TABLE resources;");
+    await from.raw('CREATE PUBLICATION resourcepub FOR TABLE resources;')
   } catch (err) {
-    if (!(err instanceof Error)) throw err;
+    if (!(err instanceof Error)) throw err
-    if (!err.message.includes("already exists")) throw err;
+    if (!err.message.includes('already exists')) throw err
   }
+
+  const fromUrl = new URL(from.client.config.connection.connectionString)
+  const fromDbName = fromUrl.pathname.replace('/', '')
+  const subName = `resourcesub_${regionName}`
+  const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
+    '${subName}',
+    'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
+    'resourcepub', 
+    '${subName}',
+    TRUE,
+    TRUE
+  );`
   try {
-    await to.raw(
+    await to.raw(rawSqeel)
-      `CREATE SUBSCRIPTION "resroucesub_${fromRegionName.replace(
-        " ",
-        "",
-      )}_${connUrl.pathname.replace(
-        "/",
-        "",
-      )}" CONNECTION '${connectionString}' PUBLICATION resourcepub;`,
-    );
   } catch (err) {
-    if (!(err instanceof Error)) throw err;
+    if (!(err instanceof Error)) throw err
-    if (!err.message.includes("already exists")) throw err;
+    if (!err.message.includes('already exists')) throw err
   }
-};
+}
 
-export const bindRegionToOrganization = async ({
+export const getAllDbClients = async (): Promise<Knex[]> => {
-  regionId,
+  const regions = await queryRegions({})
-  organizationId,
+  const regionClients = await Promise.all(
-}: OrganizationsRegions): Promise<void> => {
+    regions.map(async (region) => await getRegionDb({ regionId: region.id }))
-  const region = await getRegionFrom(mainClient)(regionId);
+  )
-  if (!region) throw Error(`region ${regionId} not found`);
+  return [db, ...regionClients]
-  const organization = await getOrganizationFrom(mainClient)(organizationId);
+}
-  if (!organization) throw Error(`organization ${organizationId} not found`);
 
-  const regionClient = await getDbClient({ regionId });
+const findResourceRegion = findResourceRegionFactory({ db })
 
-  await createDb(regionClient, organizationId);
+export const getResourceDb = async (resourceId: string): Promise<Knex> => {
-
+  const resourceRegion = await findResourceRegion({ resourceId })
-  const client = await getDbClient({ organizationId, regionId });
+  return resourceRegion != null ? await getRegionDb(resourceRegion) : db
-  const connectionKey = _createConnectionKey({ organizationId, regionId });
+}
-
-  await migrateToLatest(client);
-
-  await setUpUserReplication({ from: mainClient, to: client });
-  await setUpResourceReplication({
-    from: client,
-    fromRegionName: region.name,
-    to: mainClient,
-  });
-
-  _connectionStore.set(connectionKey, client);
-  await saveOrganizationsRegionsTo(mainClient)({ organizationId, regionId });
-};
-
-export const getAllDatabaseSchemaConnections = async (): Promise<Knex[]> => {
-  const organizationRegions = await getOrganizationRegionsFrom(mainClient)();
-  const clients = await Promise.all(
-    organizationRegions.map(async (or) => {
-      const client = await getDbClient(or);
-      return client;
-    }),
-  );
-  return [mainClient, ...clients];
-};
-
-export const getResourceDatabaseConnection = async (
-  resourceId: string,
-): Promise<Knex> => {
-  const resourceRegionOrg =
-    await queryResourceRegionOrganizationFrom(mainClient)(resourceId);
-  return resourceRegionOrg ? await getDbClient(resourceRegionOrg) : mainClient;
-};

src/services/resources.ts

@@ -1,45 +1,50 @@
-import cryptoRandomString from "crypto-random-string";
+import cryptoRandomString from 'crypto-random-string'
-import { countResources, queryResources } from "../repositories";
 import {
   Resource,
   PaginationArgs,
   ResourceCollection,
   ResourceCreateArgs,
-  ResourceAcl,
+  ResourceAcl
-} from "../types";
+} from '../types'
 
 interface GetResourcesArgs extends PaginationArgs {
-  userId: string;
+  userId: string
 }
-export const getResources = async (
+export const getResourcesFactory =
-  params: GetResourcesArgs,
-): Promise<ResourceCollection> => {
-  const totalCount = await countResources(params.userId);
-  const items = await queryResources(params);
-  let cursor = null;
-  if (items.length > 0) {
-    cursor = items.slice(-1)[0].createdAt.toISOString();
-  }
-  return {
-    totalCount,
-    items,
-    cursor,
-  };
-};
-
-export const createResource =
   (
-    resourceSaver: (resource: Resource) => Promise<void>,
+    countResources: (userId: string) => Promise<number>,
-    resourceAclSaver: (resourceAcl: ResourceAcl) => Promise<void>,
+    queryResources: (params: GetResourcesArgs) => Promise<Resource[]>
   ) =>
-  async ({ userId, name }: ResourceCreateArgs): Promise<string> => {
+    async (params: GetResourcesArgs): Promise<ResourceCollection> => {
-    //1. if no org, create project in main region, validate that, regionId is null
+      const totalCount = await countResources(params.userId)
-    //2. if org, validate if user has access to the org
+      const items = await queryResources(params)
-    //3. if org and region, validate if org has access to region
+      let cursor = null
-    //4. create resource
+      if (items.length > 0) {
-    const id = cryptoRandomString({ length: 10 });
+        cursor = items.slice(-1)[0].createdAt.toISOString()
-    const resource = { id, name, createdAt: new Date() };
+      }
-    await resourceSaver(resource);
+      return {
-    await resourceAclSaver({ resourceId: id, userId });
+        totalCount,
-    return id;
+        items,
-  };
+        cursor
+      }
+    }
+
+export const createResourceFactory =
+  ({
+    saveResource,
+    saveResourceAcl
+  }: {
+    saveResource: (resource: Resource) => Promise<void>
+    saveResourceAcl: (resourceAcl: ResourceAcl) => Promise<void>
+  }) =>
+    async ({ userId, name }: ResourceCreateArgs): Promise<string> => {
+    // 1. if no org, create project in main region, validate that, regionId is null
+    // 2. if org, validate if user has access to the org
+    // 3. if org and region, validate if org has access to region
+    // 4. create resource
+      const id = cryptoRandomString({ length: 10 })
+      const resource = { id, name, createdAt: new Date() }
+      await saveResource(resource)
+      await saveResourceAcl({ resourceId: id, userId })
+      return id
+    }

src/types.ts

@@ -1,98 +1,99 @@
 export interface CommentCreateArgs {
-  userId: string;
+  userId: string
-  content: string;
+  content: string
-  resourceId: string;
+  resourceId: string
 }
 
 export interface Comment extends CommentCreateArgs {
-  id: string;
+  id: string
-  createdAt: Date;
+  createdAt: Date
 }
 
 export interface PaginationArgs {
-  limit: number;
+  limit: number
-  cursor: string | null;
+  cursor: string | null
 }
 
 interface Collection<T> {
-  totalCount: number;
+  totalCount: number
-  cursor: string | null;
+  cursor: string | null
-  items: T[];
+  items: T[]
 }
 
 export interface CommentCollection extends Collection<Comment> {}
 
 export interface UserOrgRegionArgs {
-  userId: string;
+  userId: string
-  organizationId: string | null;
+  organizationId: string | null
-  regionId: string | null;
+  regionId: string | null
 }
 
 export interface ResourceCreateArgs extends UserOrgRegionArgs {
-  name: string;
+  name: string
 }
 
 export interface Resource {
-  id: string;
+  id: string
-  name: string;
+  name: string
-  createdAt: Date;
+  createdAt: Date
 }
 
 export interface ResourceCollection extends Collection<Resource> {}
 
 export interface UserCreateArgs {
-  name: string;
+  name: string
 }
 
 export interface UserRecord extends UserCreateArgs {
-  id: string;
+  id: string
 }
 
 export interface User extends UserRecord {
   resources: {
-    cursor: string | null;
+    cursor: string | null
-    totalCount: number;
+    totalCount: number
-    items: Resource[];
+    items: Resource[]
-  };
+  }
 }
 
 export interface ResourceAcl {
-  userId: string;
+  userId: string
-  resourceId: string;
+  resourceId: string
 }
 
 export interface Region {
-  id: string;
+  id: string
-  name: string;
+  name: string
-  connectionString: string;
+  connectionString: string
-  maintenanceDb: string;
+  sslCaCert: string | null
 }
 
 export interface Organization {
-  id: string;
+  id: string
-  name: string;
+  name: string
 }
 
 export interface OrganizationAcl {
-  userId: string;
+  userId: string
-  organizationId: string;
+  organizationId: string
 }
 
 export interface OrganizationsRegions {
-  organizationId: string;
+  organizationId: string
-  regionId: string;
+  regionId: string
 }
 
 export interface OrganizationResourceAcl {
-  organizationId: string;
+  organizationId: string
-  resourceId: string;
+  resourceId: string
 }
 
 export interface ResourceRegion {
-  resourceId: string;
+  resourceId: string
-  regionId: string;
+  regionId: string
 }
 
-export interface ResourceRegionOrg extends ResourceRegion {
+export interface ResourceOrganization {
-  organizationId: string;
+  resourceId: string
+  organizationId: string
 }

tests/integration/regions.spec.ts

@@ -1,29 +0,0 @@
-import { expect, beforeAll, describe, it } from "vitest";
-import {
-  getOrganizationRegionsFrom,
-  getRegionsFrom,
-} from "../../src/repositories";
-import {
-  getMainDbClient,
-  migrateAll,
-} from "../../src/services/databaseManagement";
-import { Knex } from "knex";
-
-describe("regions", () => {
-  let dbClient: Knex;
-
-  beforeAll(async () => {
-    dbClient = await getMainDbClient();
-  });
-  it("gets all regions", async () => {
-    const regions = await getRegionsFrom(dbClient)();
-    expect(regions.length).toBeGreaterThan(0);
-  });
-  it("gets organizations regions", async () => {
-    const orgRegions = await getOrganizationRegionsFrom(dbClient)();
-    expect(orgRegions.length).toBeGreaterThan(0);
-  });
-  it("migrates all", async () => {
-    await migrateAll();
-  });
-});

vitest.config.ts

@@ -1,7 +1,7 @@
-import { defineConfig } from "vitest/config";
+import { defineConfig } from 'vitest/config'
 
 export default defineConfig({
   test: {
-    dir: "tests",
+    dir: 'tests'
-  },
+  }
-});
+})