refactor(microorm-database): add ACL test entities, migrations, and seeders for permissions testing

Author: klerick

libs/microorm-database/src/lib/config-cli.ts

@@ -2,6 +2,7 @@ import { Options } from '@mikro-orm/core';
 import { TSMigrationGenerator } from '@mikro-orm/migrations';
 import { join } from 'node:path';
 import { pgConfig } from './config-pg';
+import { PGlite } from '@electric-sql/pglite';
 
 const config: Options = {
   ...pgConfig,
@@ -16,6 +17,21 @@ const config: Options = {
     emit: 'ts',
     generator: TSMigrationGenerator,
   },
+  seeder: {
+    path: join(__dirname, './seeders'),
+  }
 };
 
-export default config;
+export default Promise.resolve(config).then(async (configR) => {
+
+  // @ts-ignore
+  const {driverOptions: {connection: {pglite: pgLiteCall}}} = configR;
+  const pgLite: PGlite = pgLiteCall();
+  await pgLite.waitReady
+
+  // not parser array
+  // pgLite.parsers[1003] = (...arg: any[]) => arg[0]
+
+
+  return config
+});

libs/microorm-database/src/lib/config-pg/pg-config.ts

@@ -9,7 +9,7 @@ import { PGlite } from '@electric-sql/pglite';
 import { PGliteDriver, PGliteConnectionConfig } from "mikro-orm-pglite";
 import * as allEntities from '../entities';
 
-const pgDir = process.env['TEST'] ? './tmp/pg-test/mikroorm' : './tmp/pg/mikroorm'
+const pgDir = process.env['TEST'] ? './tmp/pg-test/microorm' : './tmp/pg/microorm'
 
 mkdirSync(pgDir, { recursive: true });
 

libs/microorm-database/src/lib/config.ts

@@ -1,8 +1,15 @@
 import { pgConfig } from './config-pg';
+import { ClsServiceManager } from 'nestjs-cls';
+import { EntityManager } from '@mikro-orm/core';
+import { DatabaseLoggerService } from './database-logger.service';
+import type { LoggerOptions } from '@mikro-orm/core';
+export const CONTEXT_STORE_NAME = Symbol('mikroorm-database');
 
 export const config = {
   ...pgConfig,
   contextName: 'default',
+  loggerFactory: (options: LoggerOptions) => new DatabaseLoggerService(options),
+  context: () => ClsServiceManager.getClsService().get<EntityManager>(CONTEXT_STORE_NAME),
   // @ts-ignore
   registerRequestContext: false
 };

libs/microorm-database/src/lib/database-logger.service.ts

@@ -0,0 +1,98 @@
+import { Logger as NestJsLogger } from '@nestjs/common';
+
+import type { LoggerOptions } from '@mikro-orm/core';
+import type { Highlighter } from '@mikro-orm/core';
+import type { LogContext, LoggerNamespace } from '@mikro-orm/postgresql';
+import { DefaultLogger } from '@mikro-orm/postgresql';
+
+export type AnyString = string & {};
+
+export class DatabaseLoggerService extends DefaultLogger {
+  private static logger = new NestJsLogger('MikroOrmDatabaseModule');
+  private useHighlighter: Highlighter | undefined = undefined;
+  private hasReplicas: boolean | undefined = undefined;
+
+  constructor(options: LoggerOptions) {
+    super(options);
+    this.useHighlighter = options.highlighter;
+    this.hasReplicas = options.usesReplicas;
+  }
+
+  override log(
+    namespace: LoggerNamespace | AnyString,
+    message: string,
+    context?: LogContext,
+  ): void {
+    if (namespace === 'info' && !this.useHighlighter) {
+      message = message.replace(
+        // eslint-disable-next-line no-control-regex
+        /\x1b\[[0-9;]*m/g,
+        '',
+      );
+    }
+
+    message = message.replace(/\n/g, '').replace(/ +/g, ' ').trim();
+
+    if (context && 'contextName' in context) {
+      namespace = `${namespace}:${context['contextName']}`;
+    }
+    const messageResult = `(${namespace}) ${message}`;
+    let typeLog: 'debug' | 'error' | 'warn' = 'debug';
+    switch (context?.level) {
+      case 'error':
+        typeLog = 'debug';
+        break;
+      case 'warning':
+        typeLog = 'warn';
+        break;
+    }
+
+    DatabaseLoggerService.logger[typeLog](messageResult);
+  }
+
+  override logQuery(context: { query: string } & LogContext): void {
+    if (this.useHighlighter) {
+      return super.logQuery(context);
+    }
+
+    let msg = context.query;
+
+    if (context.took != null) {
+      const meta = [`took ${context.took} ms`];
+
+      if (context.results != null) {
+        meta.push(
+          `${context.results} result${
+            context.results === 0 || context.results > 1 ? 's' : ''
+          }`,
+        );
+      }
+
+      if (context.affected != null) {
+        meta.push(
+          `${context.affected} row${
+            context.affected === 0 || context.affected > 1 ? 's' : ''
+          } affected`,
+        );
+      }
+
+      msg += ` [${meta.join(', ')}]`;
+    }
+
+    if (this.hasReplicas && context.connection) {
+      msg += ` (via ${context.connection.type} connection '${context.connection.name}')`;
+    }
+
+    return this.log('query', msg, context);
+  }
+
+  // setDebugMode(debugMode: boolean | LoggerNamespace[]): void {
+  //   console.log('setDebugMode', debugMode);
+  //   // throw new Error('Method not implemented.');
+  // }
+  // isEnabled(namespace: LoggerNamespace, context?: LogContext): boolean {
+  //   console.log('isEnabled', namespace, context);
+  //   // throw new Error('Method not implemented.');
+  //   return true;
+  // }
+}

libs/microorm-database/src/lib/entities/acl-test/article.entity.ts

@@ -0,0 +1,173 @@
+import {
+  Entity,
+  PrimaryKey,
+  Property,
+  ManyToOne,
+  Enum,
+  ArrayType,
+} from '@mikro-orm/core';
+import { UsersAcl, IUsersAcl } from './user.entity';
+
+export enum ArticleStatus {
+  DRAFT = 'draft',
+  REVIEW = 'review',
+  PUBLISHED = 'published',
+}
+
+export enum ArticleVisibility {
+  PUBLIC = 'public',
+  PRIVATE = 'private',
+  UNLISTED = 'unlisted',
+}
+
+export interface ArticleMetadata {
+  readTime: number;
+  featured: boolean;
+  premium: boolean;
+}
+
+export type IArticleAcl = ArticleAcl;
+
+/**
+ * Article entity for ACL testing - Complex scenarios
+ *
+ * ACL Test Cases:
+ * - Multiple owners (authorId OR coAuthorIds.includes(userId))
+ * - Array conditions (checking if userId in coAuthorIds array)
+ * - Nested object conditions (metadata.premium)
+ * - Time-based access (expiresAt > now)
+ * - Complex workflows (draft -> review -> published)
+ * - Editor role (separate from author)
+ * - Template: ${@input.coAuthorIds}, ${metadata.premium}, ${currentTime}
+ */
+@Entity({
+  tableName: 'acl_articles',
+})
+export class ArticleAcl {
+  @PrimaryKey({
+    autoincrement: true,
+  })
+  public id!: number;
+
+  @Property({
+    type: 'varchar',
+    length: 255,
+    nullable: false,
+  })
+  public title!: string;
+
+  @Property({
+    type: 'text',
+    nullable: false,
+  })
+  public content!: string;
+
+  /**
+   * Primary author (ownership)
+   */
+  @ManyToOne(() => UsersAcl, {
+    nullable: false,
+    fieldName: 'author_id',
+  })
+  public author!: IUsersAcl;
+
+  /**
+   * Co-authors array for multiple ownership testing
+   * ACL: Check if currentUserId in this array
+   */
+  @Property({
+    name: 'co_author_ids',
+    type: ArrayType<number>,
+    columnType: 'integer[]',
+    default: [],
+  })
+  public coAuthorIds!: number[];
+
+  /**
+   * Editor (different from author/co-authors)
+   * Can edit but not delete
+   */
+  @ManyToOne(() => UsersAcl, {
+    nullable: true,
+    fieldName: 'editor_id',
+  })
+  public editor!: IUsersAcl | null;
+
+  /**
+   * Workflow status
+   */
+  @Enum(() => ArticleStatus)
+  @Property({
+    type: 'varchar',
+    length: 20,
+    default: ArticleStatus.DRAFT,
+  })
+  public status!: ArticleStatus;
+
+  /**
+   * Visibility control
+   */
+  @Enum(() => ArticleVisibility)
+  @Property({
+    type: 'varchar',
+    length: 20,
+    default: ArticleVisibility.PUBLIC,
+  })
+  public visibility!: ArticleVisibility;
+
+  /**
+   * Metadata as JSON object
+   * ACL: Check nested properties like metadata.premium
+   */
+  @Property({
+    type: 'json',
+    nullable: false,
+    default: '{"readTime": 0, "featured": false, "premium": false}',
+  })
+  public metadata!: ArticleMetadata;
+
+  /**
+   * Publish date for time-based access
+   */
+  @Property({
+    length: 0,
+    name: 'published_at',
+    nullable: true,
+    columnType: 'timestamp(0) without time zone',
+    type: 'timestamp',
+  })
+  public publishedAt!: Date | null;
+
+  /**
+   * Expiration date for temporary access
+   * ACL: Check if current time < expiresAt
+   */
+  @Property({
+    length: 0,
+    name: 'expires_at',
+    nullable: true,
+    columnType: 'timestamp(0) without time zone',
+    type: 'timestamp',
+  })
+  public expiresAt!: Date | null;
+
+  @Property({
+    length: 0,
+    name: 'created_at',
+    nullable: false,
+    defaultRaw: 'CURRENT_TIMESTAMP(0)',
+    columnType: 'timestamp(0) without time zone',
+    type: 'timestamp',
+  })
+  createdAt: Date = new Date();
+
+  @Property({
+    length: 0,
+    onUpdate: () => new Date(),
+    name: 'updated_at',
+    nullable: false,
+    columnType: 'timestamp(0) without time zone',
+    defaultRaw: 'CURRENT_TIMESTAMP(0)',
+  })
+  updatedAt: Date = new Date();
+}