huanld/multiTenancyPoc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: huanld:soft_multi_org
Branches Tags
huanld:main huanld:soft_multi_org huanld:awilix-poc huanld:sketches huanld:multi-region-resource-view huanld:multi_org
..
pull from: huanld:multi-region-resource-view
Branches Tags
huanld:soft_multi_org huanld:awilix-poc huanld:sketches huanld:multi-region-resource-view huanld:multi_org huanld:main

1 Commits
soft_multi_org .. multi-region-resource-view

Author SHA1 Message Date
Alessandro Magionami 024e8eabbc setup resource view for multi region db 2024-05-08 10:23:21 +02:00
38 changed files with 391 additions and 2148 deletions
Expand all files Collapse all files
.gitignore
+1 -3
View File
@@ -1,10 +1,8 @@
.postgres-* .postgres-data
.tool-versions .tool-versions
.env .env
.envrc .envrc
.swc .swc
node_modules node_modules
ca-cert*
.data/*
dist dist
.vscode/settings.json
Vendored
-3
View File
@@ -1,3 +0,0 @@
{
"cSpell.words": ["awilix"]
}
README.md
-71
View File
@@ -1,71 +0,0 @@
# Multi tenancy sketches
This project is a synthetic test project for implementing multi tenancy.
Its a functional graphql api backend, that is easiest to access from the apollo graphql explorer.
The api and the explorer are available by default at `http://localhost:4000` by default,
after the app and its dependencies have been started
## Project setup
This project is using [`pnpm`](https://pnpm.io/) as its package manager.
To start the required databases or other dependencies, run `docker compose up -d`
## About Postgres setup
I had to change the `wal_level` on my local postgres instances
it is done with running the SQL command below, and restating the database server:
```sql
ALTER SYSTEM SET wal_level = logical;
```
When registering a new region on a DigitalOcean postgres server, the default user doesn't have the required roles to set up a subscription.
On DO we can use [aiven-extras](https://github.com/aiven/aiven-extras) to create subs without root access.
The current branch is utilizing just that. But it needs a setup step executed on each database, that is registered as a region
Run this in a `psql` shell
```sql
CREATE EXTENSION aiven_extras;
```
Note: Postgres subscriptions (which we use) in the same db server don't work that easily; easiest way to get things going is to set up multiple db servers locally.
## Project description
The app has these basic concepts:
### User
A user of the system (obviously). User authn is not implemented, authz is very simplified.
### Resource
This is an abstract object representing a project, that multiple users might work on.
The notion of work on is currently implemented as the comment create action.
A resource might belong to an organization or belong to the default (null) organization.
### Comment
A text note, that belongs to a given resource, created by a user.
### Region
A geo-located data storage region, currently implemented as a PostgresSQL database server.
When providing a connection url to a region, make sure to not include a database name or any trailing `/`-s in the url.
### Organization
A collection of users and an owner of resource. Any user may create organizations.
Organizations may be granted access to any given region. That action creates a new database in the region DB server. migrates it to the latest DB schema and sets up user and resource publish and subscribe mechanisms.
## Steps to flex this POC
Using the exposed graphql explorer, you can go ahead and
- create a user
- create an organisation
- add the user to the organisation
- create regions & associate them with an organisation
- create a resource in the default organisation, or for a specific organisation & region
- etc.
aiven_postgres/Dockerfile
-25
View File
@@ -1,25 +0,0 @@
FROM postgres:14.5-alpine as builder
RUN apk add --no-cache 'git=~2.36' \
'build-base=~0.5' \
'clang=~13.0' \
'llvm13=~13.0'
WORKDIR /
RUN git clone --branch 1.1.9 https://github.com/aiven/aiven-extras.git aiven-extras
WORKDIR /aiven-extras
RUN git checkout 36598ab \
&& git clean -df \
&& make \
&& make install
FROM postgres:14.5-alpine
COPY --from=builder /aiven-extras/aiven_extras.control /usr/local/share/postgresql/extension/aiven_extras.control
COPY --from=builder /aiven-extras/sql/aiven_extras.sql /usr/local/share/postgresql/extension/aiven_extras--1.1.9.sql
COPY --from=builder /aiven-extras/aiven_extras.so /usr/local/lib/postgresql/aiven_extras.so
EXPOSE 5432
CMD ["postgres"]
docker-compose.yml
+22 -35
View File
@@ -1,53 +1,40 @@
version: '3.9' version: "3.9"
services: services:
main-db: maindb:
build: image: postgres:16-alpine
context: aiven_postgres
dockerfile: Dockerfile
volumes:
- ./.data/main-db:/var/lib/postgresql/data
ports: ports:
- 5454:5432 - 5454:5432
environment: environment:
- POSTGRES_PASSWORD=speckle - POSTGRES_PASSWORD=speckle
- POSTGRES_USER=speckle - POSTGRES_USER=speckle
- POSTGRES_DB=speckle - POSTGRES_DB=speckle_main
extra_hosts:
- host.docker.internal:host-gateway
region-1-db: eu_db:
build: image: postgres:16-alpine
context: aiven_postgres
dockerfile: Dockerfile
volumes:
- ./.data/region-1-db:/var/lib/postgresql/data
ports: ports:
- 5455:5432 - 5455:5433
environment: environment:
- POSTGRES_PASSWORD=speckle - POSTGRES_PASSWORD=speckle
- POSTGRES_USER=speckle - POSTGRES_USER=speckle
- POSTGRES_DB=speckle - POSTGRES_DB=speckle_eu
depends_on: - PGPORT=5433
- main-db
extra_hosts: us_db:
- host.docker.internal:host-gateway image: postgres:16-alpine
region-2-db:
build:
context: aiven_postgres
dockerfile: Dockerfile
volumes:
- ./.data/region-2-db:/var/lib/postgresql/data
ports: ports:
- 5456:5432 - 5456:5434
environment: environment:
- POSTGRES_PASSWORD=speckle - POSTGRES_PASSWORD=speckle
- POSTGRES_USER=speckle - POSTGRES_USER=speckle
- POSTGRES_DB=speckle - POSTGRES_DB=speckle_us
depends_on: - PGPORT=5434
- main-db
extra_hosts: start_dependencies:
- host.docker.internal:host-gateway image: tehkapa/docker-wait-for-dependencies
depends_on:
- maindb
- eu_db
- us_db
container_name: wait-for-dependencies
command: maindb:5432 eu_db:5433 us_db:5434
knexfile.ts
+36 -17
View File
@@ -1,21 +1,11 @@
import { Knex } from 'knex' export const mainDBConfig = {
import fs from 'fs'
import path from 'path'
console.log(`foobar ${process.env.POSTGRES_CA_CERT_PATH}`)
const config: Knex.Config = {
client: 'pg', client: 'pg',
connection: { connection: {
connectionString: process.env.POSTGRES_URL, host: '127.0.0.1',
ssl: process.env.POSTGRES_CA_CERT_PATH port: 5454,
? { user: 'speckle',
ca: fs.readFileSync( database: 'speckle_main',
path.resolve(__dirname, process.env.POSTGRES_CA_CERT_PATH) password: 'speckle'
),
rejectUnauthorized: true
}
: undefined
}, },
migrations: { migrations: {
directory: 'src/migrations', directory: 'src/migrations',
@@ -23,4 +13,33 @@ const config: Knex.Config = {
} }
} }
export default config
export const euDBConfig = {
client: 'pg',
connection: {
host: '127.0.0.1',
port: 5455,
user: 'speckle',
database: 'speckle_eu',
password: 'speckle'
},
migrations: {
directory: 'src/migrations',
extension: 'ts'
}
}
export const usDBConfig = {
client: 'pg',
connection: {
host: '127.0.0.1',
port: 5456,
user: 'speckle',
database: 'speckle_us',
password: 'speckle'
},
migrations: {
directory: 'src/migrations',
extension: 'ts'
}
}
package.json
+5 -8
View File
@@ -4,11 +4,11 @@
"description": "", "description": "",
"main": "src/app.ts", "main": "src/app.ts",
"scripts": { "scripts": {
"test": "vitest", "test": "echo \"Error: no test specified\" && exit 1",
"lint": "ts-standard", "lint": "ts-standard",
"tsx": "tsx", "tsx": "docker compose up start_dependencies && tsx watch --clear-screen=false --conditions=typescript ./src/app.ts",
"lint:fix": "ts-standard --fix", "lint:fix": "ts-standard --fix",
"migration:make": "NODE_OPTIONS='--loader ts-node/esm' knex migrate:make", "migration:make": "NODE_OPTIONS='--import tsx' knex migrate:make",
"dev:old": "nodemon --ext ts,graphql --exec node --inspect -r @swc/register src/bin/www.ts", "dev:old": "nodemon --ext ts,graphql --exec node --inspect -r @swc/register src/bin/www.ts",
"build": "tsc", "build": "tsc",
"start": "node dist/app.js", "start": "node dist/app.js",
@@ -18,6 +18,7 @@
"author": "", "author": "",
"license": "ISC", "license": "ISC",
"devDependencies": { "devDependencies": {
"@ducktors/tsconfig": "^1.0.0",
"@types/node": "^20.11.13", "@types/node": "^20.11.13",
"@typescript-eslint/eslint-plugin": "^6.20.0", "@typescript-eslint/eslint-plugin": "^6.20.0",
"@typescript-eslint/parser": "^6.20.0", "@typescript-eslint/parser": "^6.20.0",
@@ -26,14 +27,10 @@
"ts-node": "^10.9.2", "ts-node": "^10.9.2",
"ts-standard": "^12.0.2", "ts-standard": "^12.0.2",
"tsx": "^4.7.0", "tsx": "^4.7.0",
"typescript": "^5.3.3", "typescript": "^5.3.3"
"vitest": "^1.2.2"
}, },
"dependencies": { "dependencies": {
"@apollo/server": "^4.10.0", "@apollo/server": "^4.10.0",
"awilix": "^11.0.0",
"crypto-random-string": "^3.0.0",
"dataloader": "^2.2.2",
"dotenv": "^16.4.1", "dotenv": "^16.4.1",
"graphql": "^16.8.1", "graphql": "^16.8.1",
"graphql-scalars": "^1.22.4", "graphql-scalars": "^1.22.4",
parse_cert.py
-8
View File
@@ -1,8 +0,0 @@
from pathlib import Path
import json
cert = Path("./ca-cert").read_text()
cert_json = json.dumps({"cert": cert})
Path("./ca-cert.json").write_text(cert_json)
pnpm-lock.yaml
Generated
+19 -691
View File
File diff suppressed because it is too large Load Diff
src/app.ts
+23 -2
View File
@@ -3,7 +3,9 @@ import { resolvers } from './resolvers'
import { startStandaloneServer } from '@apollo/server/standalone' import { startStandaloneServer } from '@apollo/server/standalone'
import { readFileSync } from 'fs' import { readFileSync } from 'fs'
import { typeDefs as scalarTypeDefs } from 'graphql-scalars' import { typeDefs as scalarTypeDefs } from 'graphql-scalars'
import { migrateAll } from './services/databaseManagement' import { getDB } from './db'
import { Regions } from './regions'
import { initListeners } from './listeners'
const typeDefs = readFileSync('src/schema.graphql', { encoding: 'utf-8' }) const typeDefs = readFileSync('src/schema.graphql', { encoding: 'utf-8' })
@@ -19,8 +21,27 @@ const startServer = async (): Promise<void> => {
listen: { port: 4000 } listen: { port: 4000 }
}) })
await migrateAll() const mainDB = getDB()
const regionDBs = Regions.map(region => getDB(region))
const databases = [mainDB, ...regionDBs]
for (const db of databases) {
const plannedMigrations: Array<{ file: string }> = (
await db.migrate.list()
)[1]
if (plannedMigrations.length > 0) {
console.log(
`🕰️ planning migrations: ${plannedMigrations
.map((m) => m.file)
.join(',')}`
)
}
await db.migrate.latest()
}
await initListeners()
console.log(`🚀 Server ready at: ${url}`) console.log(`🚀 Server ready at: ${url}`)
} }
src/config.ts
+4 -3
View File
@@ -2,7 +2,8 @@ import 'dotenv/config'
import { parseEnv } from 'znv' import { parseEnv } from 'znv'
import { z } from 'zod' import { z } from 'zod'
export const { POSTGRES_URL, POSTGRES_CA_CERT_PATH } = parseEnv(process.env, { export const { POSTGRES_URL } = parseEnv(process.env, {
POSTGRES_URL: z.string().min(1), POSTGRES_URL: z.string().min(1)
POSTGRES_CA_CERT_PATH: z.string().min(1).nullish()
}) })
console.log([POSTGRES_URL].join(', '))
src/db.ts
+18 -3
View File
@@ -1,4 +1,19 @@
import Knex from 'knex' import Knex, { Knex as KnexClient } from 'knex'
import config from '../knexfile' import { mainDBConfig, euDBConfig, usDBConfig } from '../knexfile'
import { Region } from './regions'
export const knex = Knex(config) const mainDB = Knex(mainDBConfig)
const regionDBs = new Map<Region, KnexClient>([['eu', Knex(euDBConfig)], ['us', Knex(usDBConfig)]])
export function getDB(region?: Region) {
if (!region) {
return mainDB
}
const db = regionDBs.get(region)
if (!db) {
throw new Error('Region not supported')
}
return db
}
src/iocContainer.ts
-19
View File
@@ -1,19 +0,0 @@
import awilix from 'awilix'
import { saveResourceAclFactory, saveUserFactory } from './repositories'
import { Knex } from 'knex'
import { getMainDbClient } from './services/databaseManagement'
export const container = awilix.createContainer({
strict: true,
injectionMode: awilix.InjectionMode.PROXY
})
container.register({
db: awilix.asFunction(getMainDbClient).singleton(),
saveResource: awilix
.asFunction((regionDb: Knex) => saveUserFactory({ db: regionDb }))
.scoped(),
saveResourceAcl: awilix.asFunction(saveResourceAclFactory).scoped()
})
container.resolve('saveResource')
src/listeners.ts
+27
View File
@@ -0,0 +1,27 @@
import { Knex } from "knex";
import { getDB } from "./db";
import { Regions } from "./regions";
import { upsertResourceView } from "./repositories";
export async function initListeners() {
for (const region of Regions) {
const db = getDB(region)
const connection = await (db.client as Knex.Client).acquireRawConnection()
connection.query('LISTEN notifications')
connection.on('notification', async (data: { payload: string }) => {
console.log(JSON.parse(data.payload))
await upsertResourceView(region, JSON.parse(data.payload))
});
// connection.on('end', (err) => {
// reconnectClient(knex);
// })
connection.on('error', (err) => {
console.log(err);
})
}
}
src/migrations/20240205145527_organizations.ts
-14
View File
@@ -1,14 +0,0 @@
import type { Knex } from 'knex'
const tableName = 'organizations'
export async function up (knex: Knex): Promise<void> {
return await knex.schema.createTable(tableName, (table) => {
table.text('id').primary()
table.text('name')
})
}
export async function down (knex: Knex): Promise<void> {
return await knex.schema.dropTable(tableName)
}
src/migrations/20240205150932_regions.ts
-49
View File
@@ -1,49 +0,0 @@
import type { Knex } from 'knex'
const regionsTableName = 'regions'
export async function up (knex: Knex): Promise<void> {
await knex.schema.createTable(regionsTableName, (table) => {
table.text('id').primary()
table.text('connectionString')
})
await knex.schema.createTable('organizations_regions', (table) => {
table
.text('organizationId')
.references('id')
.inTable('organizations')
.notNullable()
.onDelete('cascade')
table
.text('regionId')
.references('id')
.inTable('regions')
.notNullable()
.onDelete('cascade')
})
await knex.schema.createTable('resource_organization_region', (table) => {
table
.text('resourceId')
.references('id')
.inTable('resources')
.notNullable()
.onDelete('cascade')
table
.text('organizationId')
.references('id')
.inTable('organizations')
.notNullable()
.onDelete('cascade')
table
.text('regionId')
.references('id')
.inTable('regions')
.notNullable()
.onDelete('cascade')
})
}
export async function down (knex: Knex): Promise<void> {
await knex.schema.dropTable(regionsTableName)
await knex.schema.dropTable('organizations_regions')
}
src/migrations/20240206210140_region_name.ts
-15
View File
@@ -1,15 +0,0 @@
import type { Knex } from 'knex'
const regionsTableName = 'regions'
export async function up (knex: Knex): Promise<void> {
await knex.schema.alterTable(regionsTableName, (table) => {
table.text('name').notNullable().defaultTo('region')
})
}
export async function down (knex: Knex): Promise<void> {
await knex.schema.alterTable(regionsTableName, (table) => {
table.dropColumn('name')
})
}
src/migrations/20240206213031_region_maintenance_db.ts
-15
View File
@@ -1,15 +0,0 @@
import type { Knex } from 'knex'
const regionsTableName = 'regions'
export async function up (knex: Knex): Promise<void> {
await knex.schema.alterTable(regionsTableName, (table) => {
table.text('maintenanceDb').notNullable().defaultTo('region')
})
}
export async function down (knex: Knex): Promise<void> {
await knex.schema.alterTable(regionsTableName, (table) => {
table.dropColumn('maintenanceDb')
})
}
src/migrations/20240207203256_organization_acl.ts
-22
View File
@@ -1,22 +0,0 @@
import type { Knex } from 'knex'
const tableName = 'organization_acl'
export async function up (knex: Knex): Promise<void> {
return await knex.schema.createTable(tableName, (table) => {
table
.string('userId')
.references('id')
.inTable('users')
.onDelete('cascade')
table
.string('organizationId')
.references('id')
.inTable('organizations')
.onDelete('cascade')
})
}
export async function down (knex: Knex): Promise<void> {
return await knex.schema.dropTable(tableName)
}
src/migrations/20240207212311_organization_resource_acl.ts
-22
View File
@@ -1,22 +0,0 @@
import type { Knex } from 'knex'
const tableName = 'organization_resource_acl'
export async function up (knex: Knex): Promise<void> {
return await knex.schema.createTable(tableName, (table) => {
table
.string('resourceId')
.references('id')
.inTable('resources')
.onDelete('cascade')
table
.string('organizationId')
.references('id')
.inTable('organizations')
.onDelete('cascade')
})
}
export async function down (knex: Knex): Promise<void> {
return await knex.schema.dropTable(tableName)
}
src/migrations/20240207214054_resource_region.ts
-28
View File
@@ -1,28 +0,0 @@
import type { Knex } from 'knex'
const tableName = 'resource_region_organization'
export async function up (knex: Knex): Promise<void> {
return await knex.schema.createTable(tableName, (table) => {
table
.string('resourceId')
.references('id')
.inTable('resources')
.onDelete('cascade')
.primary()
table
.string('regionId')
.references('id')
.inTable('regions')
.onDelete('cascade')
table
.string('organizationId')
.references('id')
.inTable('organizations')
.onDelete('cascade')
})
}
export async function down (knex: Knex): Promise<void> {
return await knex.schema.dropTable(tableName)
}
src/migrations/20240213175105_region_pruning.ts
-15
View File
@@ -1,15 +0,0 @@
import type { Knex } from 'knex'
const regionsTableName = 'regions'
export async function up (knex: Knex): Promise<void> {
await knex.schema.alterTable(regionsTableName, (table) => {
table.dropColumn('maintenanceDb')
})
}
export async function down (knex: Knex): Promise<void> {
await knex.schema.alterTable(regionsTableName, (table) => {
table.text('maintenanceDb').notNullable().defaultTo('region')
})
}
src/migrations/20240213214212_split_resource_region_org.ts
-56
View File
@@ -1,56 +0,0 @@
import type { Knex } from 'knex'
const tableName = 'resource_region_organization'
export async function up (knex: Knex): Promise<void> {
await knex.schema.dropTable(tableName)
await knex.schema.createTable('resource_region', (table) => {
table
.string('resourceId')
.references('id')
.inTable('resources')
.onDelete('cascade')
.primary()
table
.string('regionId')
.references('id')
.inTable('regions')
.onDelete('cascade')
})
await knex.schema.createTable('resource_organization', (table) => {
table
.string('resourceId')
.references('id')
.inTable('resources')
.onDelete('cascade')
.primary()
table
.string('organizationId')
.references('id')
.inTable('organizations')
.onDelete('cascade')
})
}
export async function down (knex: Knex): Promise<void> {
await knex.schema.dropTable('resource_organization')
await knex.schema.dropTable('resource_region')
await knex.schema.createTable(tableName, (table) => {
table
.string('resourceId')
.references('id')
.inTable('resources')
.onDelete('cascade')
.primary()
table
.string('regionId')
.references('id')
.inTable('regions')
.onDelete('cascade')
table
.string('organizationId')
.references('id')
.inTable('organizations')
.onDelete('cascade')
})
}
src/migrations/20240214151340_region_ssl_cert.ts
-13
View File
@@ -1,13 +0,0 @@
import type { Knex } from 'knex'
export async function up (knex: Knex): Promise<void> {
await knex.schema.alterTable('regions', (table) => {
table.text('sslCaCert').nullable()
})
}
export async function down (knex: Knex): Promise<void> {
await knex.schema.alterTable('regions', (table) => {
table.dropColumn('sslCaCert')
})
}
src/migrations/20240220152312_region_name_unique.ts
-13
View File
@@ -1,13 +0,0 @@
import type { Knex } from 'knex'
export async function up (knex: Knex): Promise<void> {
await knex.schema.alterTable('regions', (table) => {
table.unique('name')
})
}
export async function down (knex: Knex): Promise<void> {
await knex.schema.alterTable('regions', (table) => {
table.dropUnique(['name'])
})
}
src/migrations/20240507155726_create-resource-views-table.ts
+16
View File
@@ -0,0 +1,16 @@
import type { Knex } from 'knex'
const tableName = 'resource_views'
export async function up(knex: Knex): Promise<void> {
return await knex.schema.createTable(tableName, (table) => {
table.string('resourceId').primary()
table.string('region')
table.string('resourceName')
table.datetime('resourceCreatedAt')
})
}
export async function down(knex: Knex): Promise<void> {
return await knex.schema.dropTable(tableName)
}
src/regions.ts
+2
View File
@@ -0,0 +1,2 @@
export type Region = 'eu' | 'us'
export const Regions: Region[] = ['eu', 'us']
src/repositories.ts
+83 -253
View File
@@ -1,262 +1,92 @@
import { Knex } from 'knex' import { getDB } from "./db";
import { import { Region } from "./regions";
UserRecord, import { UserRecord, Resource, ResourceAcl, Comment, ResourceView } from "./types";
Resource,
ResourceAcl,
Comment,
Region,
OrganizationsRegions,
Organization,
OrganizationAcl,
OrganizationResourceAcl,
ResourceRegion
} from './types'
export const saveResourceFactory = const Users = () => getDB()<UserRecord>("users");
({ db }: { db: Knex }) => const Resources = (region: Region) => getDB(region)<Resource>("resources");
async (resource: Resource): Promise<void> => { const ResourceViews = () => getDB()<ResourceView>("resource_views");
await db<Resource>('resources').insert(resource) const ResourceAclRepo = () => getDB()<ResourceAcl>("resource_acl");
} const Comments = () => getDB()<Comment>("comments");
export const findResourceFactory = export const queryUser = async (userId: string): Promise<UserRecord | null> => {
({ db }: { db: Knex }) => return (await Users().where("id", "=", userId).first()) ?? null;
async (resourceId: string): Promise<Resource | null> => { };
return (
(await db<Resource>('resources').where({ id: resourceId }).first()) ??
null
)
}
export const saveCommentFactory = export const queryResource = async (
({ db }: { db: Knex }) => resourceId: string,
async (comment: Comment): Promise<void> => { ): Promise<Resource | null> => {
await db<Comment>('comments').insert(comment) const resourceLocation = await ResourceViews().where('resourceId', '=', resourceId).first()
} if (!resourceLocation?.region) {
return null
}
return await Resources(resourceLocation.region).where("id", "=", resourceId).first() || null;
};
export const countCommentsFactory = export const queryResourceAcl = async ({
({ db }: { db: Knex }) => resourceId,
async (resourceId: string): Promise<number> => { userId,
const [rawCount] = await db<Comment>('comments') }: {
.count() resourceId: string;
.where({ resourceId }) userId: string;
return parseInt(rawCount.count as string) }): Promise<ResourceAcl | null> => {
} return (
(await ResourceAclRepo()
.where("userId", "=", userId)
.andWhere("resourceId", "=", resourceId)
.first()) ?? null
);
};
export const findUserFactory = export const countResources = async (userId: string): Promise<number> => {
({ db }: { db: Knex }) => const [rawCount] = await ResourceAclRepo().count().where({ userId });
async (userId: string): Promise<UserRecord | null> => { return parseInt(rawCount.count as string);
return ( };
(await db<UserRecord>('users').where('id', '=', userId).first()) ?? null
)
}
export const queryUsersFactoy = export const queryResources = async ({
({ db }: { db: Knex }) => userId,
async (): Promise<UserRecord[]> => { limit,
return await db<UserRecord>('users').select() cursor,
} }: {
userId: string;
limit: number;
cursor: string | null;
}) => {
const query = ResourceViews()
.join("resource_acl", "resource_views.resourceId", "resource_acl.resourceId")
.where({ userId });
if (cursor) {
query.andWhere("resourceCreatedAt", "<", cursor);
}
return query.limit(limit);
};
export const saveUserFactory = export const countComments = async (resourceId: string): Promise<number> => {
({ db }: { db: Knex }) => const [rawCount] = await Comments().count().where({ resourceId });
async (user: UserRecord): Promise<void> => { return parseInt(rawCount.count as string);
await db<UserRecord>('users').insert(user) };
}
export const getUsersResourceAclFactory = export const queryComments = async ({
({ db }: { db: Knex }) => resourceId,
async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => { limit,
return ( cursor,
(await db<ResourceAcl>('resource_acl') }: {
.where({ userId, resourceId }) resourceId: string;
.first()) ?? null limit: number;
) cursor: string | null;
} }): Promise<Comment[]> => {
const query = Comments().where({ resourceId });
if (cursor) {
query.andWhere("createdAt", "<", cursor);
}
return query.limit(limit);
};
export const saveResourceAclFactory = export async function upsertResourceView(region: Region, resource: Resource) {
({ db }: { db: Knex }) => return ResourceViews().insert({
async (resourceAcl: ResourceAcl): Promise<void> => { resourceId: resource.id,
await db<ResourceAcl>('resource_acl').insert(resourceAcl) resourceName: resource.name,
} resourceCreatedAt: resource.createdAt,
region: region,
export const countUsersResourcesFactory = }).onConflict('resourceId')
({ db }: { db: Knex }) => .merge()
async (userId: string): Promise<number> => { }
const [rawCount] = await db<ResourceAcl>('resource_acl')
.count()
.where({ userId })
return parseInt(rawCount.count as string)
}
export const findUsersResourceFactory =
({ db }: { db: Knex }) =>
async ({ resourceId, userId }: ResourceAcl): Promise<ResourceAcl | null> => {
return (
(await db<ResourceAcl>('resource_acl')
.where({ userId, resourceId })
.first()) ?? null
)
}
export const queryResourcesFactory =
({ db }: { db: Knex }) =>
async ({
userId,
limit,
cursor
}: {
userId: string
limit: number
cursor: string | null
}): Promise<Resource[]> => {
let query = db<Resource & ResourceAcl>('resources')
.join('resource_acl', 'resources.id', 'resource_acl.resourceId')
.where({ userId })
if (cursor !== null) {
query = query.andWhere('createdAt', '<', cursor)
}
const items = await query.orderBy('createdAt', 'desc').limit(limit)
return items
}
export const countResourceCommentsFactory =
({ db }: { db: Knex }) =>
async (resourceId: string): Promise<number> => {
const [rawCount] = await db<Comment>('comments')
.count()
.where({ resourceId })
return parseInt(rawCount.count as string)
}
export const queryCommentsFactory =
({ db }: { db: Knex }) =>
async ({
resourceId,
limit,
cursor
}: {
resourceId: string
limit: number
cursor: string | null
}): Promise<Comment[]> => {
let query = db<Comment>('comments').where({ resourceId })
if (cursor !== null) {
query = query.andWhere('createdAt', '<', cursor)
}
return await query.orderBy('createdAt', 'desc').limit(limit)
}
export const queryRegionsFactory =
({ db }: { db: Knex }) =>
async (
params:
| {
connectionString?: string | undefined
}
| undefined = undefined
): Promise<Region[]> => {
let query = db<Region>('regions')
if (params?.connectionString !== undefined) query = query.where(params)
return await query.select()
}
export const findRegionFactory =
({ db }: { db: Knex }) =>
async (id: string): Promise<Region | null> => {
return (await db<Region>('regions').where({ id }).first()) ?? null
}
export const queryOrganizationsRegionsFactory =
({ db }: { db: Knex }) =>
async (): Promise<OrganizationsRegions[]> => {
return await db<OrganizationsRegions>('organizations_regions').select()
}
export const findOrganizationRegionFactory =
({ db }: { db: Knex }) =>
async ({
regionId,
organizationId
}: OrganizationsRegions): Promise<OrganizationsRegions | null> => {
return (
(await db<OrganizationsRegions>('organizations_regions')
.where({ regionId, organizationId })
.first()) ?? null
)
}
export const saveRegionFactory =
({ db }: { db: Knex }) =>
async (region: Region): Promise<void> => {
await db<Region>('regions').insert(region)
}
export const saveOrganizationFactory =
({ db }: { db: Knex }) =>
async (organization: Organization): Promise<void> => {
await db<Organization>('organizations').insert(organization)
}
export const findOrganizationFactory =
({ db }: { db: Knex }) =>
async (id: string): Promise<Organization | null> => {
return (
(await db<Organization>('organizations').where({ id }).first()) ?? null
)
}
export const queryOrganizationsFactory =
({ db }: { db: Knex }) =>
async (): Promise<Organization[]> => {
return await db<Organization>('organizations').select()
}
export const saveOrganizationRegionFactory =
({ db }: { db: Knex }) =>
async (or: OrganizationsRegions): Promise<void> => {
return await db<OrganizationsRegions>('organizations_regions').insert(or)
}
export const saveOrganizationAclFactory =
({ db }: { db: Knex }) =>
async (orgAcl: OrganizationAcl): Promise<void> => {
await db<OrganizationsRegions>('organization_acl').insert(orgAcl)
}
export const findOrganizationAclFactory =
({ db }: { db: Knex }) =>
async ({
userId,
organizationId
}: OrganizationAcl): Promise<OrganizationAcl | null> => {
return (
(await db<OrganizationAcl>('organization_acl')
.where({ userId, organizationId })
.first()) ?? null
)
}
export const saveOrganizationResourceAclFactory =
({ db }: { db: Knex }) =>
async (item: OrganizationResourceAcl): Promise<void> => {
await db<OrganizationResourceAcl>('organization_resource_acl').insert(item)
}
export const findResourceRegionFactory =
({ db }: { db: Knex }) =>
async ({
resourceId
}: {
resourceId: string
}): Promise<ResourceRegion | null> => {
return (
(await db<ResourceRegion>('resource_region')
.where({ resourceId })
.first()) ?? null
)
}
export const saveResourceRegionFactory =
({ db }: { db: Knex }) =>
async (item: ResourceRegion): Promise<void> => {
await db<ResourceRegion>('resource_region').insert(item)
}
src/resolvers.ts
+31 -178
View File
@@ -1,209 +1,62 @@
import { getCommentsFactory } from './services/comments' import { queryResourceAcl } from "./repositories";
import awilix from 'awilix' import { getUser, getResource, getComments, getResources } from "./services";
import { import { GraphQLError } from "graphql";
createResourceFactory,
getResourcesFactory
} from './services/resources'
import { GraphQLError } from 'graphql'
import { import {
Resource, Resource,
UserRecord, UserRecord,
CommentCollection, CommentCollection,
PaginationArgs, PaginationArgs,
ResourceCreateArgs, } from "./types";
OrganizationsRegions,
OrganizationAcl,
CommentCreateArgs,
UserCreateArgs
} from './types'
import {
createOrganization,
registerRegion,
getResourceDb,
getMainDbClient,
getRegionDb
} from './services/databaseManagement'
import { authorizeUserOrgRegionFactory } from './services/authz'
import cryptoRandomString from 'crypto-random-string'
import {
countCommentsFactory,
countUsersResourcesFactory,
findOrganizationAclFactory,
findOrganizationRegionFactory,
findResourceFactory,
findUserFactory,
getUsersResourceAclFactory,
queryCommentsFactory,
queryOrganizationsFactory,
queryRegionsFactory,
queryResourcesFactory,
queryUsersFactoy,
saveCommentFactory,
saveOrganizationAclFactory,
saveOrganizationRegionFactory,
saveOrganizationResourceAclFactory,
saveResourceAclFactory,
saveResourceRegionFactory,
saveUserFactory
} from './repositories'
import { container } from './iocContainer'
const db = getMainDbClient()
// Resolvers define how to fetch the types defined in your schema. // Resolvers define how to fetch the types defined in your schema.
// This resolver retrieves books from the "books" array above. // This resolver retrieves books from the "books" array above.
export const resolvers = { export const resolvers = {
Query: { Query: {
async users () { async user(_: unknown, args: { id: string }) {
return await queryUsersFactoy({ db })() return await getUser(args.id);
}, },
async user (_: unknown, args: { id: string }) { async resource(
return await findUserFactory({ db })(args.id)
},
async resource (
_: unknown, _: unknown,
args: { id: string, userId: string } args: { id: string; userId: string },
): Promise<Resource> { ): Promise<Resource> {
const maybeAcl = await getUsersResourceAclFactory({ db })({ const maybeAcl = await queryResourceAcl({
userId: args.userId, userId: args.userId,
resourceId: args.id resourceId: args.id,
}) });
if (maybeAcl == null) { if (maybeAcl == null) {
throw new GraphQLError( throw new GraphQLError(
"The user doesn't have access to the given resource", "The user doesn't have access to the given resource",
{ {
extensions: { extensions: {
code: 'FORBIDDEN' code: "FORBIDDEN",
} },
} },
) );
} }
const resourceDb = await getResourceDb(args.id) const maybeResource = await getResource(args.id);
const maybeResource = await findResourceFactory({ db: resourceDb })(
args.id
)
if (maybeResource == null) { if (maybeResource == null) {
throw new GraphQLError('Resource not found', { throw new GraphQLError("Resource not found", {
extensions: { code: 'RESOURCE_NOT_FOUND' } extensions: { code: "RESOURCE_NOT_FOUND" },
}) });
} }
return maybeResource return maybeResource;
}, },
async organizations () {
return await queryOrganizationsFactory({ db })()
},
async regions () {
return await queryRegionsFactory({ db })()
}
}, },
User: { User: {
async resources (parent: UserRecord, args: PaginationArgs) { async resources(parent: UserRecord, args: PaginationArgs) {
return await getResourcesFactory( return await getResources({ userId: parent.id, ...args });
countUsersResourcesFactory({ db }), },
queryResourcesFactory({ db })
)({ userId: parent.id, ...args })
}
}, },
Resource: { ResourceDetail: {
async comments ( async comments(
parent: Resource, parent: Resource,
{ limit, cursor }: PaginationArgs { limit, cursor }: PaginationArgs,
): Promise<CommentCollection> { ): Promise<CommentCollection> {
const resourceDb = await getResourceDb(parent.id) return await getComments({
return await getCommentsFactory(
countCommentsFactory({ db: resourceDb }),
queryCommentsFactory({ db: resourceDb })
)({
resourceId: parent.id, resourceId: parent.id,
limit, limit,
cursor cursor,
}) });
} },
}, },
Mutation: { };
async createUser (
_: unknown,
{ input: { name } }: { input: UserCreateArgs }
) {
const id = cryptoRandomString({ length: 10 })
await saveUserFactory({ db })({ id, name })
return id
},
async registerRegion (
_: unknown,
args: {
name: string
connectionString: string
sslCaCert: string | null
}
) {
return await registerRegion(args)
},
async createOrganization (_: unknown, args: { name: string }) {
return await createOrganization(args.name)
},
async addRegionToOrganization (_: unknown, args: OrganizationsRegions) {
await saveOrganizationRegionFactory({ db })(args)
},
async addUserToOrganization (
_: unknown,
{ input: args }: { input: OrganizationAcl }
) {
await saveOrganizationAclFactory({ db })(args)
},
async createResource (
_: unknown,
{ input: args }: { input: ResourceCreateArgs }
) {
await authorizeUserOrgRegionFactory(
findOrganizationAclFactory({ db }),
findOrganizationRegionFactory({ db })
)(args)
const resourceDb =
args.regionId !== null
? await getRegionDb({ regionId: args.regionId })
: db
const requestContainer = container.createScope()
requestContainer.register({ resourceDb: awilix.asValue(resourceDb) })
const saveResource = requestContainer.resolve('saveResource')
const resourceId = await createResourceFactory({
saveResource,
saveResourceAcl: saveResourceAclFactory({ db })
})(args)
if (args.organizationId !== null) {
await saveOrganizationResourceAclFactory({ db })({
organizationId: args.organizationId,
resourceId
})
if (args.regionId !== null) {
await saveResourceRegionFactory({ db })({
resourceId,
// i know its not null here, the authz function ensures it
regionId: args.regionId
})
}
}
return resourceId
},
async addComment (
_: unknown,
{ input: args }: { input: CommentCreateArgs }
) {
const resourceAcl = await getUsersResourceAclFactory({ db })(args)
if (resourceAcl == null) {
throw new Error("The user doesn't have access to the given resource")
}
// 2. get resource db client
const resourceDb = await getResourceDb(args.resourceId)
// 3. save comment to db
const id = cryptoRandomString({ length: 10 })
const createdAt = new Date()
await saveCommentFactory({ db: resourceDb })({ id, createdAt, ...args })
return id
}
}
}
src/schema.graphql
+7 -51
View File
@@ -15,6 +15,12 @@ type Resource {
id: String! id: String!
name: String! name: String!
createdAt: DateTime! createdAt: DateTime!
}
type ResourceDetail {
id: String!
name: String!
createdAt: DateTime!
comments(limit: Int! = 10, cursor: String = null): CommentCollection! comments(limit: Int! = 10, cursor: String = null): CommentCollection!
} }
@@ -30,58 +36,8 @@ type User {
resources(limit: Int! = 10, cursor: String = null): ResourceCollection! resources(limit: Int! = 10, cursor: String = null): ResourceCollection!
} }
type Organization {
id: String!
name: String!
}
type Region {
id: String!
name: String!
}
type Query { type Query {
user(id: String!): User user(id: String!): User
users: [User!]
resource(id: String!, userId: String!): Resource resource(id: String!): ResourceDetail
organizations: [Organization!]
regions: [Region!]
}
input ResourceCreateInput {
userId: String!
name: String!
organizationId: String = null
regionId: String = null
}
input OrganizationAcl {
userId: String!
organizationId: String!
}
input CommentInput {
userId: String!
content: String!
resourceId: String!
}
input UserCreateArgs {
name: String!
}
type Mutation {
createUser(input: UserCreateArgs!): String!
registerRegion(
name: String!
connectionString: String!
sslCaCert: String
): String!
createOrganization(name: String!): String!
addRegionToOrganization(organizationId: String!, regionId: String!): Boolean
addUserToOrganization(input: OrganizationAcl!): Boolean
createResource(input: ResourceCreateInput!): String!
addComment(input: CommentInput!): String!
} }
src/services.ts
+61
View File
@@ -0,0 +1,61 @@
import {
queryUser,
queryResource,
countComments,
queryComments,
countResources,
queryResources,
} from "./repositories";
import {
UserRecord,
Resource,
CommentCollection,
PaginationArgs,
ResourceCollection,
} from "./types";
export const getUser = async (id: string): Promise<UserRecord | null> => {
return queryUser(id);
};
export const getResource = async (id: string): Promise<Resource | null> => {
return queryResource(id);
};
interface GetResourcesArgs extends PaginationArgs {
userId: string;
}
export const getResources = async (
params: GetResourcesArgs,
): Promise<ResourceCollection> => {
const totalCount = await countResources(params.userId);
const items = await queryResources(params);
let cursor = null;
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString();
}
return {
totalCount,
items,
cursor,
};
};
export const getComments = async (params: {
resourceId: string;
limit: number;
cursor: string | null;
}): Promise<CommentCollection> => {
// yes, i should be doing base64 de and encoding with the cursor...
const totalCount = await countComments(params.resourceId);
const items = await queryComments(params);
let cursor = null;
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString();
}
return {
totalCount,
items,
cursor,
};
};
src/services/authz.ts
-29
View File
@@ -1,29 +0,0 @@
import {
OrganizationAcl,
OrganizationsRegions,
UserOrgRegionArgs
} from '../types'
export const authorizeUserOrgRegionFactory =
(
orgAclGetter: (params: OrganizationAcl) => Promise<OrganizationAcl | null>,
orgRegionGetter: (
params: OrganizationsRegions,
) => Promise<OrganizationsRegions | null>
) =>
async ({ userId, regionId, organizationId }: UserOrgRegionArgs) => {
if (!organizationId && regionId) {
throw new Error("public org doesn't support regions")
}
if (organizationId) {
if (!regionId) throw new Error('organizations can only write to regions')
const orgAcl = await orgAclGetter({ organizationId, userId })
if (orgAcl == null) {
throw new Error("user doesn't have access to this organization")
}
const orgRegion = await orgRegionGetter({ organizationId, regionId })
if (orgRegion == null) {
throw new Error('organization doesnt have access to this region')
}
}
}
src/services/comments.ts
-25
View File
@@ -1,25 +0,0 @@
import { CommentCollection, PaginationArgs, Comment } from '../types'
interface GetCommentsArgs extends PaginationArgs {
resourceId: string
}
export const getCommentsFactory =
(
countComments: (resourceId: string) => Promise<number>,
queryComments: (params: GetCommentsArgs) => Promise<Comment[]>
) =>
async (params: GetCommentsArgs): Promise<CommentCollection> => {
// yes, i should be doing base64 de and encoding with the cursor...
const totalCount = await countComments(params.resourceId)
const items = await queryComments(params)
let cursor = null
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString()
}
return {
totalCount,
items,
cursor
}
}
src/services/databaseManagement.ts
-222
View File
@@ -1,222 +0,0 @@
import { POSTGRES_URL } from '../config'
import knex, { Knex } from 'knex'
import cryptoRandomString from 'crypto-random-string'
import {
findRegionFactory,
findResourceRegionFactory,
queryRegionsFactory,
saveOrganizationFactory,
saveRegionFactory
} from '../repositories'
const migrateToLatest = async (db: Knex): Promise<void> => {
const plannedMigrations: Array<{ file: string }> = (
await db.migrate.list()
)[1]
if (plannedMigrations.length > 0) {
console.log(
`🕰️ planning migrations: ${plannedMigrations
.map((m) => m.file)
.join(',')}`
)
} else {
console.log('no migrations are planned')
}
// TODO: make sure if a migration fails, all migrations are rolled back
await db.migrate.latest()
}
export const migrateAll = async (): Promise<void> => {
await migrateToLatest(db)
const dbClients = await getAllDbClients()
await Promise.all([
...dbClients.map(async (db) => await migrateToLatest(db))
])
}
const createDatabaseConfig = (
connectionString: string,
sslCaCert: string | null
): Knex.Config => {
const config: Knex.Config = {
client: 'pg',
connection: {
connectionString,
ssl: sslCaCert
? {
ca: sslCaCert,
rejectUnauthorized: true
}
: undefined
},
migrations: {
directory: 'src/migrations',
extension: 'ts'
}
}
return config
}
const db = knex(createDatabaseConfig(POSTGRES_URL, null))
const dbClientStore: Map<string, Knex> = new Map()
const findRegion = findRegionFactory({ db })
export const getRegionDb = async ({
regionId
}: {
regionId: string | undefined
}): Promise<Knex> => {
if (!regionId) return db
const maybeClient = dbClientStore.get(regionId)
if (maybeClient != null) return maybeClient
const maybeRegion = await findRegion(regionId)
if (maybeRegion == null) throw Error(`region ${regionId} not found`)
const client = knex(
createDatabaseConfig(maybeRegion.connectionString, maybeRegion.sslCaCert)
)
dbClientStore.set(regionId, client)
return client
}
export const getMainDbClient = (): Knex => db
const queryRegions = queryRegionsFactory({ db })
const saveRegion = saveRegionFactory({ db })
export const registerRegion = async ({
name,
connectionString,
sslCaCert
}: {
name: string
connectionString: string
sslCaCert: string | null
}): Promise<string> => {
const regions = await queryRegions({ connectionString })
if (regions.length > 0) throw new Error('This region is already registered')
const id = cryptoRandomString({ length: 10 })
const newDb = knex(createDatabaseConfig(connectionString, sslCaCert))
await migrateToLatest(newDb)
dbClientStore.set(id, newDb)
const sslmode = sslCaCert ? 'require' : 'disable'
await setUpUserReplication({
from: db,
to: newDb,
regionName: name,
sslmode
})
await setUpResourceReplication({
from: newDb,
to: db,
regionName: name,
sslmode
})
await saveRegion({
id,
name,
connectionString,
sslCaCert
})
return id
}
const saveOrganization = saveOrganizationFactory({ db })
export const createOrganization = async (name: string): Promise<string> => {
const id = cryptoRandomString({ length: 10 })
await saveOrganization({ id, name })
return id
}
interface ReplicationArgs {
from: Knex
to: Knex
sslmode: string
regionName: string
}
const setUpUserReplication = async ({
from,
to,
sslmode,
regionName
}: ReplicationArgs): Promise<void> => {
// TODO: ensure its created...
try {
await from.raw('CREATE PUBLICATION userspub FOR TABLE users;')
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
}
const fromUrl = new URL(from.client.config.connection.connectionString)
const fromDbName = fromUrl.pathname.replace('/', '')
const subName = `userssub_${regionName}`
const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
'${subName}',
'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
'userspub',
'${subName}',
TRUE,
TRUE
);`
try {
await to.raw(rawSqeel)
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
}
}
const setUpResourceReplication = async ({
from,
to,
regionName,
sslmode
}: ReplicationArgs): Promise<void> => {
// TODO: ensure its created...
try {
await from.raw('CREATE PUBLICATION resourcepub FOR TABLE resources;')
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
}
const fromUrl = new URL(from.client.config.connection.connectionString)
const fromDbName = fromUrl.pathname.replace('/', '')
const subName = `resourcesub_${regionName}`
const rawSqeel = `SELECT * FROM aiven_extras.pg_create_subscription(
'${subName}',
'dbname=${fromDbName} host=${fromUrl.hostname} port=${fromUrl.port} sslmode=${sslmode} user=${fromUrl.username} password=${fromUrl.password}',
'resourcepub',
'${subName}',
TRUE,
TRUE
);`
try {
await to.raw(rawSqeel)
} catch (err) {
if (!(err instanceof Error)) throw err
if (!err.message.includes('already exists')) throw err
}
}
export const getAllDbClients = async (): Promise<Knex[]> => {
const regions = await queryRegions({})
const regionClients = await Promise.all(
regions.map(async (region) => await getRegionDb({ regionId: region.id }))
)
return [db, ...regionClients]
}
const findResourceRegion = findResourceRegionFactory({ db })
export const getResourceDb = async (resourceId: string): Promise<Knex> => {
const resourceRegion = await findResourceRegion({ resourceId })
return resourceRegion != null ? await getRegionDb(resourceRegion) : db
}
src/services/resources.ts
-50
View File
@@ -1,50 +0,0 @@
import cryptoRandomString from 'crypto-random-string'
import {
Resource,
PaginationArgs,
ResourceCollection,
ResourceCreateArgs,
ResourceAcl
} from '../types'
interface GetResourcesArgs extends PaginationArgs {
userId: string
}
export const getResourcesFactory =
(
countResources: (userId: string) => Promise<number>,
queryResources: (params: GetResourcesArgs) => Promise<Resource[]>
) =>
async (params: GetResourcesArgs): Promise<ResourceCollection> => {
const totalCount = await countResources(params.userId)
const items = await queryResources(params)
let cursor = null
if (items.length > 0) {
cursor = items.slice(-1)[0].createdAt.toISOString()
}
return {
totalCount,
items,
cursor
}
}
export const createResourceFactory =
({
saveResource,
saveResourceAcl
}: {
saveResource: (resource: Resource) => Promise<void>
saveResourceAcl: (resourceAcl: ResourceAcl) => Promise<void>
}) =>
async ({ userId, name }: ResourceCreateArgs): Promise<string> => {
// 1. if no org, create project in main region, validate that, regionId is null
// 2. if org, validate if user has access to the org
// 3. if org and region, validate if org has access to region
// 4. create resource
const id = cryptoRandomString({ length: 10 })
const resource = { id, name, createdAt: new Date() }
await saveResource(resource)
await saveResourceAcl({ resourceId: id, userId })
return id
}
src/types.ts
+31 -75
View File
@@ -1,99 +1,55 @@
export interface CommentCreateArgs { import { Region } from "./regions";
userId: string
content: string
resourceId: string
}
export interface Comment extends CommentCreateArgs { export interface Comment {
id: string id: string;
createdAt: Date userId: string;
content: string;
createdAt: Date;
resourceId: string;
} }
export interface PaginationArgs { export interface PaginationArgs {
limit: number limit: number;
cursor: string | null cursor: string | null;
} }
interface Collection<T> { interface Collection<T> {
totalCount: number totalCount: number;
cursor: string | null cursor: string | null;
items: T[] items: T[];
} }
export interface CommentCollection extends Collection<Comment> {} export interface CommentCollection extends Collection<Comment> { }
export interface UserOrgRegionArgs {
userId: string
organizationId: string | null
regionId: string | null
}
export interface ResourceCreateArgs extends UserOrgRegionArgs {
name: string
}
export interface Resource { export interface Resource {
id: string id: string;
name: string name: string;
createdAt: Date createdAt: Date;
} }
export interface ResourceCollection extends Collection<Resource> {} export interface ResourceCollection extends Collection<Resource> { }
export interface UserCreateArgs { export interface UserRecord {
name: string id: string;
} name: string;
export interface UserRecord extends UserCreateArgs {
id: string
} }
export interface User extends UserRecord { export interface User extends UserRecord {
resources: { resources: {
cursor: string | null cursor: string | null;
totalCount: number totalCount: number;
items: Resource[] items: Resource[];
} };
} }
export interface ResourceAcl { export interface ResourceAcl {
userId: string userId: string;
resourceId: string resourceId: string;
} }
export interface Region { export interface ResourceView {
id: string region: Region;
name: string resourceId: string;
connectionString: string resourceName: string;
sslCaCert: string | null resourceCreatedAt: Date;
}
export interface Organization {
id: string
name: string
}
export interface OrganizationAcl {
userId: string
organizationId: string
}
export interface OrganizationsRegions {
organizationId: string
regionId: string
}
export interface OrganizationResourceAcl {
organizationId: string
resourceId: string
}
export interface ResourceRegion {
resourceId: string
regionId: string
}
export interface ResourceOrganization {
resourceId: string
organizationId: string
} }
tsconfig.json
+4 -107
View File
@@ -1,109 +1,6 @@
{ {
"compilerOptions": { "extends": "@ducktors/tsconfig",
/* Visit https://aka.ms/tsconfig to read more about this file */ "include": [
"**/*.ts"
/* Projects */ ]
// "incremental": true, /* Save .tsbuildinfo files to allow for incremental compilation of projects. */
// "composite": true, /* Enable constraints that allow a TypeScript project to be used with project references. */
// "tsBuildInfoFile": "./.tsbuildinfo", /* Specify the path to .tsbuildinfo incremental compilation file. */
// "disableSourceOfProjectReferenceRedirect": true, /* Disable preferring source files instead of declaration files when referencing composite projects. */
// "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */
// "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */
/* Language and Environment */
"target": "es2016" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */,
// "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */
// "jsx": "preserve", /* Specify what JSX code is generated. */
// "experimentalDecorators": true, /* Enable experimental support for legacy experimental decorators. */
// "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */
// "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h'. */
// "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */
// "jsxImportSource": "", /* Specify module specifier used to import the JSX factory functions when using 'jsx: react-jsx*'. */
// "reactNamespace": "", /* Specify the object invoked for 'createElement'. This only applies when targeting 'react' JSX emit. */
// "noLib": true, /* Disable including any library files, including the default lib.d.ts. */
// "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */
// "moduleDetection": "auto", /* Control what method is used to detect module-format JS files. */
/* Modules */
"module": "commonjs" /* Specify what module code is generated. */,
// "rootDir": "./", /* Specify the root folder within your source files. */
// "moduleResolution": "node10", /* Specify how TypeScript looks up a file from a given module specifier. */
// "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */
// "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */
// "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */
// "typeRoots": [], /* Specify multiple folders that act like './node_modules/@types'. */
// "types": [], /* Specify type package names to be included without being referenced in a source file. */
// "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */
// "moduleSuffixes": [], /* List of file name suffixes to search when resolving a module. */
// "allowImportingTsExtensions": true, /* Allow imports to include TypeScript file extensions. Requires '--moduleResolution bundler' and either '--noEmit' or '--emitDeclarationOnly' to be set. */
// "resolvePackageJsonExports": true, /* Use the package.json 'exports' field when resolving package imports. */
// "resolvePackageJsonImports": true, /* Use the package.json 'imports' field when resolving imports. */
// "customConditions": [], /* Conditions to set in addition to the resolver-specific defaults when resolving imports. */
// "resolveJsonModule": true, /* Enable importing .json files. */
// "allowArbitraryExtensions": true, /* Enable importing files with any extension, provided a declaration file is present. */
// "noResolve": true, /* Disallow 'import's, 'require's or '<reference>'s from expanding the number of files TypeScript should add to a project. */
/* JavaScript Support */
// "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the 'checkJS' option to get errors from these files. */
// "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */
// "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from 'node_modules'. Only applicable with 'allowJs'. */
/* Emit */
// "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */
// "declarationMap": true, /* Create sourcemaps for d.ts files. */
// "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */
// "sourceMap": true, /* Create source map files for emitted JavaScript files. */
// "inlineSourceMap": true, /* Include sourcemap files inside the emitted JavaScript. */
// "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If 'declaration' is true, also designates a file that bundles all .d.ts output. */
// "outDir": "./", /* Specify an output folder for all emitted files. */
// "removeComments": true, /* Disable emitting comments. */
// "noEmit": true, /* Disable emitting files from a compilation. */
// "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
// "importsNotUsedAsValues": "remove", /* Specify emit/checking behavior for imports that are only used for types. */
// "downlevelIteration": true, /* Emit more compliant, but verbose and less performant JavaScript for iteration. */
// "sourceRoot": "", /* Specify the root path for debuggers to find the reference source code. */
// "mapRoot": "", /* Specify the location where debugger should locate map files instead of generated locations. */
// "inlineSources": true, /* Include source code in the sourcemaps inside the emitted JavaScript. */
// "emitBOM": true, /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */
// "newLine": "crlf", /* Set the newline character for emitting files. */
// "stripInternal": true, /* Disable emitting declarations that have '@internal' in their JSDoc comments. */
// "noEmitHelpers": true, /* Disable generating custom helper functions like '__extends' in compiled output. */
// "noEmitOnError": true, /* Disable emitting files if any type checking errors are reported. */
// "preserveConstEnums": true, /* Disable erasing 'const enum' declarations in generated code. */
// "declarationDir": "./", /* Specify the output directory for generated declaration files. */
// "preserveValueImports": true, /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */
/* Interop Constraints */
// "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */
// "verbatimModuleSyntax": true, /* Do not transform or elide any imports or exports not marked as type-only, ensuring they are written in the output file's format based on the 'module' setting. */
// "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */
"esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */,
// "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
"forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
/* Type Checking */
"strict": true /* Enable all strict type-checking options. */,
// "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied 'any' type. */
// "strictNullChecks": true, /* When type checking, take into account 'null' and 'undefined'. */
// "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
// "strictBindCallApply": true, /* Check that the arguments for 'bind', 'call', and 'apply' methods match the original function. */
// "strictPropertyInitialization": true, /* Check for class properties that are declared but not set in the constructor. */
// "noImplicitThis": true, /* Enable error reporting when 'this' is given the type 'any'. */
// "useUnknownInCatchVariables": true, /* Default catch clause variables as 'unknown' instead of 'any'. */
// "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */
// "noUnusedLocals": true, /* Enable error reporting when local variables aren't read. */
// "noUnusedParameters": true, /* Raise an error when a function parameter isn't read. */
// "exactOptionalPropertyTypes": true, /* Interpret optional property types as written, rather than adding 'undefined'. */
// "noImplicitReturns": true, /* Enable error reporting for codepaths that do not explicitly return in a function. */
// "noFallthroughCasesInSwitch": true, /* Enable error reporting for fallthrough cases in switch statements. */
// "noUncheckedIndexedAccess": true, /* Add 'undefined' to a type when accessed using an index. */
// "noImplicitOverride": true, /* Ensure overriding members in derived classes are marked with an override modifier. */
// "noPropertyAccessFromIndexSignature": true, /* Enforces using indexed accessors for keys declared using an indexed type. */
// "allowUnusedLabels": true, /* Disable error reporting for unused labels. */
// "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */
/* Completeness */
// "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */
"skipLibCheck": true /* Skip type checking all .d.ts files. */,
},
} }
vitest.config.ts
-7
View File
@@ -1,7 +0,0 @@
import { defineConfig } from 'vitest/config'
export default defineConfig({
test: {
dir: 'tests'
}
})