diff --git a/apps/docs/app/[lang]/blog/[[...slug]]/page.tsx b/apps/docs/app/[lang]/blog/[[...slug]]/page.tsx index 1fd6d69eb..224d5a0eb 100644 --- a/apps/docs/app/[lang]/blog/[[...slug]]/page.tsx +++ b/apps/docs/app/[lang]/blog/[[...slug]]/page.tsx @@ -16,6 +16,10 @@ interface BlogPostData { body: React.ComponentType; } +const components = { + ...defaultMdxComponents, +} as any; + export default async function BlogPage({ params, }: { @@ -159,7 +163,7 @@ export default async function BlogPage({ )} - + diff --git a/apps/docs/app/[lang]/page.tsx b/apps/docs/app/[lang]/page.tsx index 864e36453..472339154 100644 --- a/apps/docs/app/[lang]/page.tsx +++ b/apps/docs/app/[lang]/page.tsx @@ -38,37 +38,37 @@ export default async function HomePage({ } title={t.features.objectql.title} - href="/docs/specifications/data/architecture" + href="/docs/objectql" description={t.features.objectql.description} /> } title={t.features.objectui.title} - href="/docs/specifications/ui/sdui-protocol" + href="/docs/objectui" description={t.features.objectui.description} /> } title={t.features.objectos.title} - href="/docs/specifications/server/kernel-architecture" + href="/docs/objectos" description={t.features.objectos.description} /> } title={t.features.security.title} - href="/docs/specifications/server/permission-governance" + href="/docs/objectql/security" description={t.features.security.description} /> } title={t.features.zodFirst.title} - href="/docs/specifications/data/schema-definition" + href="/docs/objectql/schema" description={t.features.zodFirst.description} /> } title={t.features.universal.title} - href="/docs/concepts/architecture" + href="/docs/introduction/architecture" description={t.features.universal.description} /> @@ -83,21 +83,21 @@ export default async function HomePage({ icon={} title={t.personas.architect.title} description={t.personas.architect.description} - href="/docs/concepts/enterprise-patterns" + href="/docs/introduction/architecture" action={t.personas.architect.action} /> } title={t.personas.aiEngineer.title} description={t.personas.aiEngineer.description} - href="/docs/concepts/ai-codex" + href="/docs/introduction/metadata-driven" action={t.personas.aiEngineer.action} /> } title={t.personas.frameworkBuilder.title} description={t.personas.frameworkBuilder.description} - href="/docs/specifications/data/architecture" + href="/docs/developers" action={t.personas.frameworkBuilder.action} /> diff --git a/apps/docs/app/layout.tsx b/apps/docs/app/layout.tsx index 7070de3c7..f60456680 100644 --- a/apps/docs/app/layout.tsx +++ b/apps/docs/app/layout.tsx @@ -18,5 +18,9 @@ export const metadata: Metadata = { export default function RootLayout({ children }: { children: ReactNode }) { // Root layout is only used for redirects with middleware // The actual layout is in [lang]/layout.tsx - return children; + return ( + + {children} + + ); } diff --git a/apps/docs/components/hero-section.tsx b/apps/docs/components/hero-section.tsx index 8133cbc2b..4c93c63bc 100644 --- a/apps/docs/components/hero-section.tsx +++ b/apps/docs/components/hero-section.tsx @@ -52,8 +52,8 @@ export function HeroSection({ badge, title, subtitle, cta, className }: HeroSect {/* CTA Buttons */}
{cta.primary} diff --git a/apps/docs/lib/homepage-i18n.ts b/apps/docs/lib/homepage-i18n.ts index 36727e7bc..f65d0d9f8 100644 --- a/apps/docs/lib/homepage-i18n.ts +++ b/apps/docs/lib/homepage-i18n.ts @@ -86,7 +86,7 @@ export interface HomepageTranslations { export const en: HomepageTranslations = { badge: { status: 'Protocol Specification', - version: 'v1.0', + version: 'v0.3.3 (Draft)', }, hero: { title: { diff --git a/apps/docs/lib/i18n.ts b/apps/docs/lib/i18n.ts index 965705989..977986aaa 100644 --- a/apps/docs/lib/i18n.ts +++ b/apps/docs/lib/i18n.ts @@ -9,7 +9,7 @@ import { defineI18n } from 'fumadocs-core/i18n'; */ export const i18n = defineI18n({ defaultLanguage: 'en', - languages: ['en', 'cn'], + languages: ['en'], // Hide locale prefix for default language (e.g., /docs instead of /en/docs) hideLocale: 'default-locale', }); diff --git a/apps/docs/package.json b/apps/docs/package.json index 158ae15b6..e3b17a5cd 100644 --- a/apps/docs/package.json +++ b/apps/docs/package.json @@ -4,7 +4,7 @@ "private": true, "description": "ObjectStack Protocol Documentation Site", "scripts": { - "site:dev": "next dev", + "dev": "next dev", "build": "NEXT_PRIVATE_BUILD_WORKER=1 next build", "site:start": "next start", "site:lint": "next lint" diff --git a/content/docs/concepts/ai-codex.cn.mdx b/content/docs/concepts/ai-codex.cn.mdx deleted file mode 100644 index f7ce7c0af..000000000 --- a/content/docs/concepts/ai-codex.cn.mdx +++ /dev/null @@ -1,81 +0,0 @@ ---- -title: AI 代码手册 -description: 如何与人工智能协作构建 ObjectStack 应用程序。 ---- - -import { Bot, Terminal, FileJson, Sparkles } from 'lucide-react'; - -ObjectStack 设计为 **AI 原生**。 - -因为我们的基本构建单元是**协议(JSON/YAML Schema)**而不是命令式代码,所以大型语言模型(LLM)在理解和生成 ObjectStack 应用程序方面表现出色。 - -本指南为使用 Copilot、ChatGPT 或 Claude 构建 ObjectStack 应用程序的开发人员提供"系统提示"心智模型。 - -## 为什么 ObjectStack 对 AI 友好 - -| 功能 | 代码优先支持 | ObjectStack 支持 | -| :--- | :--- | :--- | -| **上下文窗口** | 低。需要阅读数千行 TS/SQL。 | 高。Schema 密集且声明性。 | -| **幻觉** | 高。AI 发明不存在的 API。 | 低。Schema 验证(Zod)拒绝无效输出。 | -| **重构** | 困难。需要重写详细逻辑。 | 简单。只需更改 JSON 属性键。 | - -## "首席协议架构师"角色 - -当提示 AI 帮助你构建时,为其分配**首席协议架构师**的角色。 - -### 系统提示 - -将此复制到你的自定义说明中: - -```markdown -你是一位专家 ObjectStack 架构师。 -你的目标是设计声明性协议,而不是命令式代码。 - -1. **Schema 优先:** 始终从定义 ObjectQL Schema(YAML/JSON)开始。 -2. **文件**:当被要求提供功能时,输出相关的 `.object.yml` 或 `.view.yml` 文件。 -3. **不要 SQL/React:** 除非明确要求驱动程序或渲染器实现,否则不要编写 SQL 查询或 React 组件。 -4. **样式:** 对机器名称使用 `snake_case`,对配置键使用 `camelCase`。 -``` - -## 常见任务 - -### 1. 从需求生成 Schema - -**用户:** "我需要一个 CRM 系统来跟踪潜在客户和机会。" - -**AI 响应:** -```yaml -# objects/lead.yml -name: lead -fields: - status: - type: select - options: ['new', 'contacted', 'qualified'] - annual_revenue: - type: currency - scale: 2 - -# objects/opportunity.yml -name: opportunity -fields: - lead_id: - type: lookup - reference_to: lead -``` - -### 2. 生成 UI 布局 - -**用户:** "为销售经理创建一个仪表板。" - -**AI 响应:** -```yaml -# dashboards/sales_overview.yml -layout: grid -widgets: - - type: chart - title: "按月收入" - query: "select sum(amount), month(close_date) from opportunity group by month" - - type: list - object: opportunity - filter: [["stage", "=", "closed_won"]] -``` diff --git a/content/docs/concepts/ai-codex.mdx b/content/docs/concepts/ai-codex.mdx deleted file mode 100644 index 7f51067cd..000000000 --- a/content/docs/concepts/ai-codex.mdx +++ /dev/null @@ -1,81 +0,0 @@ ---- -title: AI Codex -description: How to collaborate with Artificial Intelligence to build ObjectStack applications. ---- - -import { Bot, Terminal, FileJson, Sparkles } from 'lucide-react'; - -ObjectStack is designed to be **AI-Native**. - -Because our fundamental unit of construction is the **Protocol (JSON/YAML Schema)** rather than imperative code, Large Language Models (LLMs) are exceptionally good at understanding and generating ObjectStack applications. - -This guide provides the "System Prompt" mental model for developers working with Copilot, ChatGPT, or Claude to build ObjectStack apps. - -## Why ObjectStack is Friendly to AI - -| Feature | Code-First Support | ObjectStack Support | -| :--- | :--- | :--- | -| **Context Window** | Low. Requires reading thousands of lines of TS/SQL. | High. Schema is dense and declarative. | -| **Hallucination** | High. AI invents APIs that don't exist. | Low. Schema validation (Zod) rejects invalid output. | -| **Refactoring** | Hard. Requires rewriting detailed logic. | Easy. Just change a JSON property key. | - -## The "Chief Protocol Architect" Persona - -When prompting an AI to help you build, assign it the role of **Chief Protocol Architect**. - -### The System Prompt - -Copy this into your custom instructions: - -```markdown -You are an expert ObjectStack Architect. -Your goal is to design declarative protocols, NOT imperative code. - -1. **Schema First:** Always start by defining the ObjectQL Schema (YAML/JSON). -2. **Files**: When asked for a feature, output the relevant `.object.yml` or `.view.yml` files. -3. **No SQL/React:** Do not write SQL queries or React components unless explicitly asked for a Driver or Renderer implementation. -4. **Style:** Use `snake_case` for machine names and `camelCase` for configuration keys. -``` - -## Common Tasks - -### 1. Generating Schema from Requirements - -**User:** "I need a CRM system to track leads and opportunities." - -**AI Response:** -```yaml -# objects/lead.yml -name: lead -fields: - status: - type: select - options: ['new', 'contacted', 'qualified'] - annual_revenue: - type: currency - scale: 2 - -# objects/opportunity.yml -name: opportunity -fields: - lead_id: - type: lookup - reference_to: lead -``` - -### 2. Generating UI Layouts - -**User:** "Create a dashboard for the Sales Manager." - -**AI Response:** -```yaml -# dashboards/sales_overview.yml -layout: grid -widgets: - - type: chart - title: "Revenue by Month" - query: "select sum(amount), month(close_date) from opportunity group by month" - - type: list - object: opportunity - filter: [["stage", "=", "closed_won"]] -``` diff --git a/content/docs/concepts/architecture.cn.mdx b/content/docs/concepts/architecture.cn.mdx deleted file mode 100644 index 54e24e99f..000000000 --- a/content/docs/concepts/architecture.cn.mdx +++ /dev/null @@ -1,185 +0,0 @@ ---- -title: 架构 -description: 理解 ObjectStack 协议架构。11 个协议命名空间如何协作构建企业内核。 ---- - -import { Layers, Database, Layout, ShieldCheck, Lock, Cog, Brain, Cloud, Zap } from 'lucide-react'; - -ObjectStack 不是一个单体框架。它是围绕**协议驱动架构**设计的可组合生态系统。系统被组织成 **11 个协议命名空间**,每个命名空间负责特定的领域。 - -每个协议都是解耦的,并通过使用 Zod 定义的标准 JSON schema 进行通信。这允许你替换实现(例如,将 Postgres 驱动替换为 MongoDB,或将 React 渲染器替换为 Flutter),而不会破坏堆栈的其余部分。 - -## 协议概览 - -ObjectStack 组织成 11 个协议命名空间: - - - } - title="数据协议(Data Protocol)" - description="对象 schema、字段、验证和查询。" - /> - } - title="驱动协议(Driver Protocol)" - description="数据库适配器(Postgres、MongoDB、SQLite 等)。" - /> - } - title="权限协议(Permission Protocol)" - description="对象级、字段级、共享和区域规则。" - /> - } - title="UI 协议(UI Protocol)" - description="应用、视图、仪表板、报表和主题。" - /> - } - title="系统协议(System Protocol)" - description="事件、作业、翻译和审计日志。" - /> - } - title="认证协议(Auth Protocol)" - description="身份、角色、会话和认证策略。" - /> - } - title="内核协议(Kernel Protocol)" - description="插件生命周期、清单、日志和上下文。" - /> - } - title="Hub 协议(Hub Protocol)" - description="市场、许可、租户和部署。" - /> - } - title="AI 协议(AI Protocol)" - description="AI 代理、RAG、NLQ、预测模型和编排。" - /> - } - title="API 协议(API Protocol)" - description="REST 契约、发现、实时和路由。" - /> - } - title="自动化协议(Automation Protocol)" - description="工作流、流程和 Webhook。" - /> - - -## 三层架构 - -虽然 ObjectStack 有 11 个协议命名空间,但它们在逻辑上被分组为三个架构层: - -### 1. 数据层(ObjectQL) -**"通用数据协议"** - -负责**数据定义**和**数据访问**的基础层。 - -**协议:** -* **数据协议:** 对象 schema、字段、验证、查询、过滤器 -* **驱动协议:** 用于 Postgres、MongoDB、SQLite 等的数据库适配器 -* **权限协议:** 对象级 CRUD、字段级安全、共享规则 -* **AI 协议:** AI 代理、RAG 管道、NLQ、预测模型 - -**角色:** 定义*结构*(Schema)和*意图*(查询 AST)。 - -**职责:** 它知道*什么是* "客户" 对象,但它不知道*谁*正在访问它或*如何*显示它。 - -**关键组件:** **编译器**。它接受抽象查询(`find customers where active = true`)并将其转换为特定底层数据库的优化 SQL/NoSQL 查询。 - -### 2. 控制层(ObjectOS) -**"业务内核"** - -负责**运行时**和**治理**的编排层。 - -**协议:** -* **系统协议:** 事件、作业、翻译、审计日志 -* **认证协议:** 身份、角色、会话、认证策略 -* **内核协议:** 插件生命周期、清单、日志、上下文 -* **Hub 协议:** 市场、许可、多租户、部署 -* **自动化协议:** 工作流、流程、Webhook - -**角色:** 管理请求的*生命周期*。 - -**职责:** -* **身份:** "这个用户是谁?"(身份验证) -* **安全:** "他们可以看到这个字段吗?"(RBAC/ACL) -* **同步:** "我们如何合并这些离线更改?"(冲突解决) -* **流程:** "保存此记录后会发生什么?"(工作流/触发器) - -**关键概念:** 它充当网关。不允许直接访问数据库;所有内容都必须通过 OS 内核。 - -### 3. 视图层(ObjectUI) -**"投影引擎"** - -负责**交互**和**渲染**的表示层。 - -**协议:** -* **UI 协议:** 应用、视图、仪表板、报表、主题、操作 -* **API 协议:** REST 契约、发现、实时、路由 - -**角色:** 使用协议来渲染界面。 - -**职责:** 它不包含硬编码的表单。相反,它询问数据层:*"客户的 schema 是什么?"* 并根据该元数据动态渲染布局。 - -**关键概念:** **服务器驱动 UI(SDUI)**。后端规定布局、验证规则和可用操作。前端只是一个高度强大的渲染器。 - ---- - -## 请求生命周期 - -为了理解这些部分如何配合,让我们跟踪一个典型的用户交互——例如,销售代表在离线时更新交易状态。 - -1. **交互(UI 协议):** - * 用户将 "Deal" 拖到看板中的 "Closed Won" 列。 - * UI 乐观地更新屏幕(0ms)。 - * UI 向本地内核分派 `update` 操作。 - -2. **内核守卫(内核协议):** - * 客户端内核通过**认证协议**检查:*用户是否有权编辑 'Status'?* - * 内核执行**数据协议**验证:*'Status' 是否是有效选项?* - * 通过**驱动协议**将事务提交到 SQLite(本地 DB)。 - -3. **同步(系统协议):** - * 后台进程通过**系统事件**检测更改。 - * 根据 **API 契约**将更改压缩为**操作载荷**。 - * 通过 **API 协议**将载荷发送到服务器 API。 - -4. **服务器执行(内核协议):** - * 服务器内核通过**认证协议**验证请求。 - * 服务器内核运行**自动化协议**触发器(例如,检查信用额度)。 - * 服务器将 AST 传递给数据层编译器。 - -5. **持久化(数据 + 驱动协议):** - * **驱动协议**为 PostgreSQL 生成 `UPDATE deals SET status = 'closed_won' ...`。 - * 通过**驱动协议**提交写入。 - * **自动化协议**触发器触发(通过 webhook 向经理发送电子邮件)。 - -## 协议依赖关系 - -协议具有明确的依赖关系,并以结构化的方式交互: - -``` -内核协议(运行时核心) - ├── 认证协议(身份和会话) - ├── 系统协议(事件、作业、审计) - └── Hub 协议(租户、许可) - -数据协议(业务逻辑) - ├── 驱动协议(存储适配器) - ├── 权限协议(访问控制) - └── AI 协议(智能层) - -UI 协议(表示层) - └── API 协议(通信) - -自动化协议(业务流程) - └── 依赖于:数据、系统、API -``` - -每个协议都在 `@objectstack/spec` 中使用 Zod schema 定义,可以独立验证、版本化和演进。 diff --git a/content/docs/concepts/architecture.mdx b/content/docs/concepts/architecture.mdx deleted file mode 100644 index 2605c5de9..000000000 --- a/content/docs/concepts/architecture.mdx +++ /dev/null @@ -1,185 +0,0 @@ ---- -title: Architecture -description: Understanding the ObjectStack Protocol Architecture. How the 11 protocol namespaces collaborate to build the Enterprise Kernel. ---- - -import { Layers, Database, Layout, ShieldCheck, Lock, Cog, Brain, Cloud, Zap } from 'lucide-react'; - -ObjectStack is not a monolithic framework. It is a composable ecosystem designed around a **Protocol-Driven Architecture**. The system is organized into **11 protocol namespaces**, each responsible for a specific domain. - -Each protocol is decoupled and communicates via standard JSON schemas defined with Zod. This allows you to swap out implementations (e.g., swapping the Postgres driver for MongoDB, or the React renderer for Flutter) without breaking the rest of the stack. - -## Protocol Overview - -ObjectStack is organized into 11 protocol namespaces: - - - } - title="Data Protocol" - description="Object schema, fields, validation, and queries." - /> - } - title="Driver Protocol" - description="Database adapters (Postgres, MongoDB, SQLite, etc.)." - /> - } - title="Permission Protocol" - description="Object-level, field-level, sharing, and territory rules." - /> - } - title="UI Protocol" - description="Apps, views, dashboards, reports, and themes." - /> - } - title="System Protocol" - description="Events, jobs, translations, and audit logging." - /> - } - title="Auth Protocol" - description="Identity, roles, sessions, and authentication strategies." - /> - } - title="Kernel Protocol" - description="Plugin lifecycle, manifest, logging, and context." - /> - } - title="Hub Protocol" - description="Marketplace, licensing, tenancy, and deployment." - /> - } - title="AI Protocol" - description="Agents, RAG, NLQ, predictive models, and orchestration." - /> - } - title="API Protocol" - description="REST contracts, discovery, realtime, and routing." - /> - } - title="Automation Protocol" - description="Workflows, flows, and webhooks." - /> - - -## The Three-Layer Architecture - -While ObjectStack has 11 protocol namespaces, they are logically grouped into three architectural layers: - -### 1. Data Layer (ObjectQL) -**"The Universal Data Protocol"** - -The foundation layer responsible for **Data Definition** and **Data Access**. - -**Protocols:** -* **Data Protocol:** Object schema, fields, validation, queries, filters -* **Driver Protocol:** Database adapters for Postgres, MongoDB, SQLite, etc. -* **Permission Protocol:** Object-level CRUD, field-level security, sharing rules -* **AI Protocol:** AI agents, RAG pipelines, NLQ, predictive models - -**Role:** Defines *Structure* (Schema) and *Intent* (Query AST). - -**Responsibility:** It knows *what* a "Customer" object looks like, but it doesn't know *who* is accessing it or *how* it is displayed. - -**Key Component:** The **Compiler**. It takes an abstract query (`find customers where active = true`) and translates it into optimized SQL/NoSQL queries for the specific underlying database. - -### 2. Control Layer (ObjectOS) -**"The Business Kernel"** - -The orchestration layer responsible for **Runtime** and **Governance**. - -**Protocols:** -* **System Protocol:** Events, jobs, translations, audit logging -* **Auth Protocol:** Identity, roles, sessions, authentication strategies -* **Kernel Protocol:** Plugin lifecycle, manifest, logging, context -* **Hub Protocol:** Marketplace, licensing, multi-tenancy, deployment -* **Automation Protocol:** Workflows, flows, webhooks - -**Role:** Manages the *Lifecycle* of a request. - -**Responsibility:** -* **Identity:** "Who is this user?" (Authentication) -* **Security:** "Can they see this field?" (RBAC/ACL) -* **Sync:** "How do we merge these offline changes?" (Conflict Resolution) -* **Process:** "What happens after this record is saved?" (Workflows/Triggers) - -**Key Concept:** It acts as the gateway. No direct database access is allowed; everything must pass through the OS Kernel. - -### 3. View Layer (ObjectUI) -**"The Projection Engine"** - -The presentation layer responsible for **Interaction** and **Rendering**. - -**Protocols:** -* **UI Protocol:** Apps, views, dashboards, reports, themes, actions -* **API Protocol:** REST contracts, discovery, realtime, routing - -**Role:** Consumes the Protocol to render the Interface. - -**Responsibility:** It does not contain hardcoded forms. Instead, it asks the Data Layer: *"What is the schema for a Customer?"* and dynamically renders a layout based on that metadata. - -**Key Concept:** **Server-Driven UI (SDUI)**. The backend dictates the layout, validation rules, and available actions. The frontend is merely a highly capable renderer. - ---- - -## The Request Lifecycle - -To understand how these pieces fit together, let's trace a typical user interaction—for example, a Sales Rep updating a deal status while offline. - -1. **Interaction (UI Protocol):** - * User drags "Deal" to "Closed Won" column in Kanban. - * UI Optimistically updates the screen (0ms). - * UI dispatches an `update` action to the local Kernel. - -2. **Kernel Guard (Kernel Protocol):** - * Client Kernel checks via **Auth Protocol**: *Does user have permission to edit 'Status'?* - * Kernel executes **Data Protocol** validation: *Is 'Status' a valid option?* - * Transaction committed via **Driver Protocol** to SQLite (Local DB). - -3. **Synchronization (System Protocol):** - * Background process detects changes via **System Events**. - * Compresses change into an **Operation Payload** per **API Contract**. - * Sends payload to Server API via **API Protocol**. - -4. **Server Execution (Kernel Protocol):** - * Server Kernel authenticates via **Auth Protocol**. - * Server Kernel runs **Automation Protocol** triggers (e.g., Check credit limit). - * Server passes AST to Data Layer Compiler. - -5. **Persistence (Data + Driver Protocols):** - * **Driver Protocol** generates `UPDATE deals SET status = 'closed_won' ...` for PostgreSQL. - * Write is committed via **Driver Protocol**. - * **Automation Protocol** triggers fire (send email to manager via webhook). - -## Protocol Dependencies - -The protocols have clear dependencies and interact in a structured way: - -``` -Kernel Protocol (Runtime Core) - ├── Auth Protocol (Identity & Sessions) - ├── System Protocol (Events, Jobs, Audit) - └── Hub Protocol (Tenancy, Licensing) - -Data Protocol (Business Logic) - ├── Driver Protocol (Storage Adapters) - ├── Permission Protocol (Access Control) - └── AI Protocol (Intelligence Layer) - -UI Protocol (Presentation) - └── API Protocol (Communication) - -Automation Protocol (Business Processes) - └── Depends on: Data, System, API -``` - -Each protocol is defined with Zod schemas in `@objectstack/spec` and can be independently validated, versioned, and evolved. diff --git a/content/docs/concepts/core-values.cn.mdx b/content/docs/concepts/core-values.cn.mdx deleted file mode 100644 index 693569b2c..000000000 --- a/content/docs/concepts/core-values.cn.mdx +++ /dev/null @@ -1,86 +0,0 @@ ---- -title: 核心价值 -description: 深入了解 ObjectStack 的三大支柱:协议驱动架构、本地优先数据主权和数据库无关性。 ---- - -import { Database, Link, Laptop } from 'lucide-react'; - -ObjectStack 建立在三个不可协商的架构价值之上。这些不仅仅是"功能";它们是指导我们做出的每一个设计决策的约束。 - -## 1. 协议驱动:意图优于实现 - -ObjectStack 的基本论点是**应用程序逻辑应该由声明性数据定义,而不是命令式代码。** - -### "代码优先"的问题 -在现代开发中,"意图"(例如,*"此字段是必填的电子邮件地址"*)通常分散在三层: -1. **数据库:** SQL 约束(`NOT NULL`)。 -2. **后端:** ORM 验证(例如,TypeORM 装饰器)。 -3. **前端:** UI 验证(例如,React Hook Form + Zod)。 - -当业务需求发生变化时,你必须在三个地方更新代码。这就是**实现耦合**。 - -### 协议驱动的解决方案 -ObjectStack 将"意图"集中到单个协议定义(JSON/YAML)中。实现层(React、Node.js、SQL)仅充当解释此协议的**运行时引擎**。 - - -UI 是投影。API 是结果。 - - -* **UI 是投影:** ObjectUI 不"构建"表单;它*投影* ObjectQL schema 到视觉表示。 -* **API 是结果:** 你不编写端点;ObjectOS *生成*基于访问控制协议的安全图。 - -> **类比:** 将 ObjectStack 想象成一个 Web 浏览器。你向它发送 HTML(协议),它渲染一个页面。你不必每次想要更改网站上的文本时都重写浏览器引擎(C++)。 - -## 2. 本地优先:所有权和零延迟 - -在过去的十年中,"云原生"一直是黄金标准。虽然它解决了部署问题,但它引入了一个新问题:**用户租用他们对数据的访问。** - -如果服务器很慢,应用程序就很慢。如果互联网断开,应用程序就死了。 - -### "七跳"问题 -在传统的云应用程序中,一个简单的按钮点击会经过: -`点击 -> Wi-Fi -> ISP -> 云负载均衡器 -> Web 服务器 -> 数据库 -> 查询执行` ……然后一路返回。 - -### 本地优先解决方案 -ObjectStack 应用程序设计为首先读写**本地数据库**(嵌入在客户端环境中)。 -`点击 -> 本地 DB -> UI 更新`(0ms 延迟)。 - -与云的同步在后台异步发生。 - -1. **即时响应:** UI 立即反应(乐观 UI),使企业应用程序感觉像原生桌面软件一样快速。 -2. **离线能力:** 现场工作人员、飞机或不稳定的连接不再是障碍。 -3. **数据主权:** 数据实际存储在用户的设备上。云充当同步中心,而不是唯一的看门人。 - -## 3. 数据库无关性:通用编译器 - -行业分为 SQL(Postgres、MySQL)和 NoSQL(MongoDB、Redis)阵营。开发人员经常将自己锁定在一个供应商的方言中。 - -ObjectStack 引入 **ObjectQL**,这是一种统一的查询语言,可以编译到任何后端。 - -* **供应商锁定自由:** 从 SQLite 开始进行原型设计,迁移到 PostgreSQL 用于生产,并存档到 Snowflake 用于分析——无需重写一行业务逻辑。 -* **一流的驱动程序:** 我们不实现数据库;我们实现*驱动程序*,将数据库视为愚蠢的存储引擎。我们在应用层(内核)处理复杂的逻辑(RBAC、验证)。 - -### 编译器方法 -与运行时包装器(如 ORM)不同,ObjectQL 作为**编译器**运行。 -1. **输入:** ObjectQL 抽象语法树(AST)。 -2. **处理:** 将 AST 编译为特定方言的 SQL。 -3. **输出:** 针对目标的高度优化查询。 - -这种架构允许激进的灵活性: -* **开发:** 在 **SQLite** 上运行(零设置,单个文件)。 -* **生产:** 在 **PostgreSQL** 上运行(稳健,可扩展)。 -* **边缘:** 在 **Cloudflare D1** 上运行(分布式)。 -* **遗留:** 连接到现有的 **Oracle/SQL Server**(集成)。 - -你更改*驱动程序*,而不是*代码*。 - -## 总结 - -| 价值 | 旧方式 | ObjectStack 方式 | -| :--- | :--- | :--- | -| **架构** | 代码驱动(命令式) | 协议驱动(声明式) | -| **逻辑位置** | 分散(DB + API + UI) | 集中(JSON/YAML Schema) | -| **数据访问** | 依赖云(仅在线) | 本地优先(离线 + 同步) | -| **存储** | 锁定到供应商 | 数据库无关 | - -通过坚持这些价值观,我们构建的软件**对变化有弹性**,**尊重用户时间**,并且**技术自主**。 diff --git a/content/docs/concepts/core-values.mdx b/content/docs/concepts/core-values.mdx deleted file mode 100644 index 6811844de..000000000 --- a/content/docs/concepts/core-values.mdx +++ /dev/null @@ -1,93 +0,0 @@ ---- -title: Core Values -description: "Deep dive into the three pillars of ObjectStack: Protocol-Driven Architecture, Local-First Data Sovereignty, and Database Agnosticism." ---- - -import { Database, Link, Laptop } from 'lucide-react'; - -ObjectStack is built upon three non-negotiable architectural values. These are not just "features"; they are the constraints that guide every design decision we make. - -## 1. Protocol-Driven: Intent over Implementation - -The fundamental thesis of ObjectStack is that **application logic should be defined by declarative data, not imperative code.** - -### The Problem with "Code-First" -In modern development, the "Intent" (e.g., *“This field is a required email address”*) is often scattered across three layers: -1. **Database:** SQL constraints (`NOT NULL`). -2. **Backend:** ORM validation (e.g., TypeORM decorators). -3. **Frontend:** UI validation (e.g., React Hook Form + Zod). - -When the business requirement changes, you must update code in three places. This is **Implementation Coupling**. - -### The Protocol-Driven Solution -ObjectStack centralizes the "Intent" into a single Protocol Definition (JSON/YAML). The implementation layers (React, Node.js, SQL) act merely as **Runtime Engines** that interpret this protocol. - - -The UI is a Projection. The API is a Consequence. - - -* **The UI is a Projection:** ObjectUI does not "build" a form; it *projects* the ObjectQL schema into a visual representation. -* **The API is a Consequence:** You do not write endpoints; ObjectOS *generates* the secure graph based on the access control protocol. - -> **Analogy:** Think of ObjectStack as a Web Browser. You send it HTML (Protocol), and it renders a page. You don't rewrite the browser engine (C++) every time you want to change the text on a website. - -## 2. Local-First: Ownership & Zero Latency - -For the past decade, "Cloud-Native" has been the gold standard. While it solved deployment issues, it introduced a new problem: **The User rents their access to data.** - -If the server is slow, the app is slow. If the internet is down, the app is dead. - -### The "Seven Hops" Problem -In a traditional Cloud app, a simple button click travels through: -`Click -> Wi-Fi -> ISP -> Cloud Load Balancer -> Web Server -> Database -> Query Execution` ...and then all the way back. - -### The Local-First Solution -ObjectStack apps are designed to read and write to a **Local Database** (embedded within the client environment) first. -`Click -> Local DB -> UI Update` (0ms Latency). - -The synchronization with the cloud happens in the background, asynchronously. - -1. **Instant Response:** The UI reacts immediately (optimistic UI), making enterprise apps feel as snappy as native desktop software. -2. **Offline Capability:** Field workers, airplanes, or spotty connections are no longer blockers. -3. **Data Sovereignty:** The data physically resides on the user's device. The cloud acts as a synchronization hub, not the sole gatekeeper. - -## 3. Database Agnosticism: The "Super-SQL" - -The industry is fragmented into SQL (Postgres, MySQL) and NoSQL (MongoDB, Redis) camps. Developers often lock themselves into one vendor's dialect. - -ObjectStack introduces **ObjectQL**, a unified query language that compiles to any backend. - -* **Vendor Lock-in Freedom:** Start with SQLite for prototyping, migrate to PostgreSQL for production, and archive to Snowflake for analytics—without rewriting a single line of business logic. -* **Best-in-Class Drivers:** We don't implement databases; we implement *drivers* that treat databases as dumb storage engines. We handle the complex logic (RBAC, Validation) in the Application Layer (The Kernel). - - -## 3. Database Agnostic: The "Universal Compiler" - -Vendor lock-in is the enemy of longevity. A business application usually outlives the database technology it was originally built on. - -ObjectQL treats the underlying database as an **Implementation Detail**. - -### The Compiler Approach -Instead of being a runtime wrapper (like an ORM), ObjectQL functions as a **Compiler**. -1. **Input:** ObjectQL Abstract Syntax Tree (AST). -2. **Process:** Compile AST into dialect-specific SQL. -3. **Output:** Highly optimized queries for the target target. - -This architecture allows for radical flexibility: -* **Dev:** Run on **SQLite** (Zero setup, single file). -* **Prod:** Run on **PostgreSQL** (Robust, scalable). -* **Edge:** Run on **Cloudflare D1** (Distributed). -* **Legacy:** Connect to an existing **Oracle/SQL Server** (Integration). - -You change the *Driver*, not the *Code*. - -## Summary - -| Value | The Old Way | The ObjectStack Way | -| :--- | :--- | :--- | -| **Architecture** | Code-Driven (Imperative) | Protocol-Driven (Declarative) | -| **Logic Location** | Scattered (DB + API + UI) | Centralized (JSON/YAML Schema) | -| **Data Access** | Cloud-Dependent (Online Only) | Local-First (Offline + Sync) | -| **Storage** | Locked to Vendor | Database Agnostic | - -By adhering to these values, we build software that is **resilient to change**, **respectful of user time**, and **technically sovereign**. diff --git a/content/docs/concepts/enterprise-patterns.cn.mdx b/content/docs/concepts/enterprise-patterns.cn.mdx deleted file mode 100644 index 605ba3d59..000000000 --- a/content/docs/concepts/enterprise-patterns.cn.mdx +++ /dev/null @@ -1,95 +0,0 @@ ---- -title: 企业模式 -description: 使用协议驱动方法处理复杂的 ERP/CRM 业务逻辑(状态机、计算、RBAC)。 ---- - -import { Sliders, GitMerge, Calculator, BookOpen } from 'lucide-react'; - -关于"低代码"或"协议驱动"平台的一个常见误解是它们只适用于简单的 CRUD 应用程序。 - -虽然许多可视化构建器确实如此,但 **ObjectStack** 专门为企业资源计划(ERP)和客户关系管理(CRM)系统的复杂性而设计。我们不是通过隐藏复杂性来处理它,而是通过在协议中**显式建模**它来处理。 - -以下是我们如何将常见的企业模式映射到 ObjectStack 架构。 - -## 1. 工作流作为状态机(FSM) - -在企业软件中,记录(例如,"采购订单")很少只是静态数据。它是一个在生命周期中移动的活实体。 - -### 反模式 -在控制器中编写分散的 `if/else` 逻辑: -```javascript -// 不要这样做 -if (order.status === 'draft' && user.role === 'manager') { - order.status = 'approved'; -} -``` - -### ObjectStack 模式 -我们将生命周期定义为自动化协议(工作流)中的**有限状态机(FSM)**。这使业务流程具有确定性和可视化。 - -```yaml -# workflows/purchase_order.yaml -name: purchase_approval -object: purchase_order -states: - draft: - initial: true - on_exit: ['validate_budget'] - transitions: - submit: pending_approval - pending_approval: - transitions: - approve: approved - reject: rejected - guards: - approve: "user.has_permission('approve_budget')" - approved: - final: true -``` - -## 2. 动态汇总(计算字段) - -ERP 系统通常需要"主-明细"数学。*示例:订单的总额是其行项目的总和。* - -### 反模式 -在每个报表中手动编写 SQL `SUM()` 查询,或使用难以调试的数据库触发器。 - -### ObjectStack 模式 -我们在数据协议(对象 schema)中定义**汇总字段**。数据层编译器处理底层复杂性(通过实时 `JOIN` 或后台聚合)。 - -```yaml -# objects/order.yml -fields: - total_amount: - type: summary - summary_object: line_items - summary_field: amount - summary_type: sum -``` - -## 3. 多态关系 - -CRM 系统通常需要"多对任意"关系。*示例:任务可以与潜在客户、联系人或客户相关。* - -### ObjectStack 模式 -我们使用具有多个目标的 `reference` 类型。 - -```yaml -# objects/task.yml -fields: - related_to: - type: lookup - reference_to: ['lead', 'contact', 'account', 'opportunity'] -``` - -这指示数据层编译器生成必要的多态键(例如,`related_to_id` 和 `related_to_type` 列)。 - -## 总结 - -ObjectStack 通过**将模式提升为协议**来处理企业复杂性。 - -| 模式 | 传统代码 | ObjectStack 协议 | -| :--- | :--- | :--- | -| **逻辑** | 意大利面条式 `if/else` | 状态机(YAML) | -| **数学** | 手动循环/SQL | 虚拟/汇总字段 | -| **关系** | 自定义连接表 | 多态引用 | diff --git a/content/docs/concepts/enterprise-patterns.mdx b/content/docs/concepts/enterprise-patterns.mdx deleted file mode 100644 index 4f93dd349..000000000 --- a/content/docs/concepts/enterprise-patterns.mdx +++ /dev/null @@ -1,95 +0,0 @@ ---- -title: Enterprise Patterns -description: Handling complex ERP/CRM business logic (State Machines, Calculations, RBAC) using the Protocol-Driven approach. ---- - -import { Sliders, GitMerge, Calculator, BookOpen } from 'lucide-react'; - -A common misconception about "Low-Code" or "Protocol-Driven" platforms is that they are only suitable for simple CRUD applications. - -While true for many visual builders, **ObjectStack** is architected specifically for the complexity of Enterprise Resource Planning (ERP) and Customer Relationship Management (CRM) systems. We handle complexity not by hiding it, but by **modeling it** explicitly in the protocol. - -Here is how we map common Enterprise Patterns to the ObjectStack architecture. - -## 1. Workflows as State Machines (FSM) - -In enterprise software, a record (e.g., a "Purchase Order") is rarely just static data. It is a living entity that moves through a lifecycle. - -### The Anti-Pattern -Writing scattered `if/else` logic in controllers: -```javascript -// Don't do this -if (order.status === 'draft' && user.role === 'manager') { - order.status = 'approved'; -} -``` - -### The ObjectStack Pattern -We define the lifecycle as a **Finite State Machine (FSM)** in the Automation Protocol (Workflow). This makes the business process deterministic and visualizeable. - -```yaml -# workflows/purchase_order.yaml -name: purchase_approval -object: purchase_order -states: - draft: - initial: true - on_exit: ['validate_budget'] - transitions: - submit: pending_approval - pending_approval: - transitions: - approve: approved - reject: rejected - guards: - approve: "user.has_permission('approve_budget')" - approved: - final: true -``` - -## 2. Dynamic Rollups (Calculated Fields) - -ERP systems often require "Master-Detail" math. *Example: An Order's Total is the sum of its Line Items.* - -### The Anti-Pattern -Writing SQL `SUM()` queries manually in every report, or using Database Triggers that are hard to debug. - -### The ObjectStack Pattern -We define **Summary Fields** in the Data Protocol (Object schema). The Data Layer compiler handles the underlying complexity (either by real-time `JOIN` or background aggregation). - -```yaml -# objects/order.yml -fields: - total_amount: - type: summary - summary_object: line_items - summary_field: amount - summary_type: sum -``` - -## 3. Polymorphic Relationships - -CRM systems often need "Many-to-Any" relationships. *Example: A Task can be related to a Lead, a Contact, OR an Account.* - -### The ObjectStack Pattern -We use the `reference` type with multiple targets. - -```yaml -# objects/task.yml -fields: - related_to: - type: lookup - reference_to: ['lead', 'contact', 'account', 'opportunity'] -``` - -This instructs the Data Layer compiler to generate the necessary polymorphic keys (e.g., `related_to_id` and `related_to_type` columns). - -## Summary - -ObjectStack handles enterprise complexity by **elevating patterns into protocols**. - -| Pattern | Traditional Code | ObjectStack Protocol | -| :--- | :--- | :--- | -| **Logic** | Spaghetti `if/else` | State Machines (YAML) | -| **Math** | Manual Loops/SQL | Virtual/Summary fields | -| **Relations** | Custom Join Tables | Polymorphic References | diff --git a/content/docs/concepts/manifesto.cn.mdx b/content/docs/concepts/manifesto.cn.mdx deleted file mode 100644 index 20636dd0b..000000000 --- a/content/docs/concepts/manifesto.cn.mdx +++ /dev/null @@ -1,102 +0,0 @@ ---- -title: 宣言 -description: 管理 ObjectStack 生态系统的不可动摇的核心原则。后 SaaS 时代的宪法。 ---- - -import { ScrollText, Scale, Database, Code2 } from 'lucide-react'; - -ObjectStack 的存在是为了将企业应用程序开发回归其本质:**数据**。 - -为了维护一个健康、解耦和经得起未来考验的生态系统,我们承诺坚守以下不可动摇的核心原则。这些不是建议;它们是使我们获得自由的约束。 - - - } - title="I. 协议中立性" - description="协议即法律。实现仅仅是一种意见。" - /> - } - title="II. 机制优于策略" - description="提供构建规则的工具,而不是硬编码规则本身。" - /> - } - title="III. 数据主权" - description="数据属于用户,而不是 SaaS 提供商。" - /> - - ---- - -## 原则 I:协议中立性 - -**"协议是中立的。引擎是可替换的。"** - -ObjectQL 不得包含任何特定于特定语言(例如 Node.js)、数据库(例如 PostgreSQL)或运行时(例如浏览器)的逻辑。 - -### 法则 -* **先规范后引擎:** 在规范层(`packages/spec`)编写任何功能之前,必须首先在规范层定义该功能。我们拒绝"先实现,后标准化"的方法。 -* **零泄漏:** 实现细节(如 React Hooks 使用或 SQL 特定语法)绝不能泄漏到协议定义中。 - -### 好处 -这确保了今天定义的 ObjectStack 应用程序理论上可以在以下环境中运行: -* 带 PostgreSQL 的 Node.js 服务器(今天的标准) -* 带 SQLite 的 Python 服务器(AI/数据科学) -* 浏览器中的 Rust WASM 模块(本地优先) - ---- - -## 原则 II:机制优于策略 - -**"给他们物理学,而不是模拟。"** - -ObjectStack 提供**机制**("如何"): -* *"这是你如何定义验证规则。"* -* *"这是你如何定义权限范围。"* - -ObjectStack 从不规定**策略**("什么"): -* *它从不说"密码必须是 8 个字符"。* -* *它从不说"用户必须属于一个部门"。* - -### 关注点分离 -我们清晰地将**定义**与**执行**分离。 - -| 层 | 职责 | 示例 | -| :--- | :--- | :--- | -| **协议(机制)** | 定义能力。 | `allowRead: string`(公式的插槽) | -| **应用(策略)** | 定义业务逻辑。 | `allowRead: "$user.role == 'admin'"` | -| **引擎(执行)** | 执行逻辑。 | 将公式编译为 SQL `WHERE` 子句。 | - ---- - -## 原则 III:单一数据源 - -**"没有'代码'。只有 Schema。"** - -在传统应用程序中,"真相"是分散的: -1. 数据库 Schema(`table.sql`) -2. 后端模型(`User.ts`) -3. 前端验证(`schema.zod.ts`) -4. API 文档(`swagger.json`) - -在 ObjectStack 中,**对象协议是唯一的真相。** -* 数据库是协议的*衍生物*。 -* UI 是协议的*投影*。 -* API 是协议的*结果*。 - -如果你改变了协议,整个系统(DB、API、UI)必须自动适应。 - ---- - -## 原则 IV:默认本地优先 - -**"云是同步对等方,而不是主控方。"** - -我们拒绝软件在互联网连接中断时必须停止工作的观念。 -* **延迟是敌人:** 所有交互都应该是乐观的和即时的(0ms)。 -* **所有权是目标:** 用户的数据实质上存储在他们的设备上。服务器只是备份和协作的中心。 - ---- - -> "我们塑造我们的工具,此后我们的工具塑造我们。" — 马歇尔·麦克卢汉 diff --git a/content/docs/concepts/meta.cn.json b/content/docs/concepts/meta.cn.json deleted file mode 100644 index f7714888b..000000000 --- a/content/docs/concepts/meta.cn.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "title": "概念", - "root": true, - "pages": [ - "manifesto", - "core-values", - "architecture", - "protocol-data", - "protocol-driver", - "protocol-permission", - "protocol-ui", - "protocol-system", - "protocol-auth", - "protocol-kernel", - "protocol-hub", - "protocol-ai", - "protocol-api", - "protocol-automation", - "plugin-architecture", - "security_architecture", - "enterprise-patterns", - "ai-codex", - "terminology" - ] -} diff --git a/content/docs/concepts/meta.json b/content/docs/concepts/meta.json deleted file mode 100644 index 3e6e22122..000000000 --- a/content/docs/concepts/meta.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "title": "Concepts", - "root": true, - "pages": [ - "manifesto", - "core-values", - "architecture", - "protocol-data", - "protocol-driver", - "protocol-permission", - "protocol-ui", - "protocol-system", - "protocol-auth", - "protocol-kernel", - "protocol-hub", - "protocol-ai", - "protocol-api", - "protocol-automation", - "plugin-architecture", - "security_architecture", - "enterprise-patterns", - "ai-codex", - "terminology" - ] -} diff --git a/content/docs/concepts/plugin-architecture.mdx b/content/docs/concepts/plugin-architecture.mdx deleted file mode 100644 index 5cfc4f074..000000000 --- a/content/docs/concepts/plugin-architecture.mdx +++ /dev/null @@ -1,161 +0,0 @@ ---- -title: Plugin Architecture -description: The Extension Model and Microkernel Philosophy of ObjectStack. ---- - -# Plugin Architecture - -ObjectStack follows a strict **Microkernel Architecture**. The core platform provides only the minimal runtime environment (Kernel), while all business capabilities, including standard ones like CRM or Project Management, are delivered as **Packages** (Apps or Plugins). - -## 1. Philosophy: "Kernel + Plugins" - -* **The Kernel**: Responsible for booting, identity, permission enforcement, and loading the manifest. It knows *nothing* about "Leads", "Tasks", or even "Kanban Boards" initially. -* **The Plugins**: Teach the Kernel new tricks. - * **Apps**: Combinations of data and UI for end-users (e.g., "Sales App"). - * **Plugins**: Extensions to the system capabilities (e.g., "BI Engine", "SAML Auth", "Stripe Payment"). - -This separation ensures the platform remains lightweight and un-opinionated, allowing it to evolve indefinitely. - -## 2. Anatomy of a Plugin - -A plugin is defined by its `Manifest` (objectstack.config.ts) and its runtime `Entry` (index.ts). - -### The Manifest (`objectstack.config.ts`) - -Critically, the manifest declares **Dependencies**, **Configuration Rules**, and **Contributions**. - -```typescript -// objectstack.config.ts -import { ObjectStackManifest } from '@objectstack/spec'; - -const plugin: ObjectStackManifest = { - id: 'com.vendor.bi', - version: '1.0.0', - type: 'plugin', - - // 1. Configuration Schema (Settings) - configuration: { - title: 'BI Engine Settings', - properties: { - 'fullQueryMode': { - type: 'boolean', - default: false, - description: 'Allow unrestricted SQL queries' - }, - 'apiKey': { - type: 'string', - secret: true - } - } - }, - - // 2. Dependencies - dependencies: { - 'com.objectstack.core': '^2.0.0' - }, - - // 3. Contributions (Declarative Capabilities) - contributes: { - // Define new Metadata Kinds (File Types) - kinds: [ - { - id: 'bi.dataset', - globs: ['**/*.dataset.json'], - description: 'BI Dataset Definition' - } - ], - // UI Contributions - menus: { - 'global/toolbar': [ - { id: 'open_dashboard', label: 'Open BI Dashboard', command: 'bi.open' } - ] - }, - // Server Actions (Exposed to Flows/API) - actions: [ - { - name: 'generate_forecast', - label: 'Generate Sales Forecast', - input: { startDate: 'date' } - } - ] - }, - - // 4. Runtime Entry - extensions: { - runtime: { entry: './src/index.ts' } - } -} -``` - -## 3. Runtime Context - -Plugins receive a rich strictly-typed `PluginContext` during their lifecycle. This context is the bridge to the host operating system. - -```typescript -// src/index.ts -import { PluginDefinition, PluginContextData } from '@objectstack/spec'; - -const definition: PluginDefinition = { - id: 'com.vendor.bi', - - onEnable: async (context: PluginContextData) => { - // A. Access Type-Safe Context - const { logger, ql, os, app, storage, i18n } = context; - - logger.info('Starting BI Engine...'); - - // B. Use Scoped Storage (KV Store) - const lastRun = await storage.get('last_run_timestamp'); - - // C. Register Runtime Routes - app.router.get('/bi/stats', async () => { - return { active_reports: 10 }; - }); - - // D. Interact with Core Data - const data = await ql.object('account').find({ industry: 'Tech' }); - - // E. Read Configuration - const config = await os.getConfig('com.vendor.bi'); - if (config.fullQueryMode) { - logger.warn('Running in Full Query Mode'); - } - } -} -``` - -## 4. Extension Capabilities - -### A. New Metadata Kinds (CRDs) - -This is the most powerful feature. A plugin can introduce entirely new concepts to the platform. - -* **Example**: A "BI Plugin" introduces `*.dataset.json` and `*.report.json`. -* **Mechanism**: The Kernel uses the `contributes.kinds` registry to map file extensions to the plugin's parser. -* **Result**: The IDE (cursor/vscode) and Runtime automatically recognize these files. - -### B. Service Providers - -Plugins can implement standard interfaces defined by the system. - -* **Auth Providers**: `plugin extends AuthProvider` (SAML, OAuth). -* **Storage Drivers**: `plugin extends StorageDriver` (S3, MinIO). -* **Notification Channels**: `plugin extends NotificationChannel` (Slack, SMS). - -## 4. Plugin Lifecycle - -The runtime manages the plugin states: - -1. **Resolve**: Read Manifest, validate dependencies. -2. **Install (`onInstall`)**: Run migration scripts, setup initial data. -3. **Boot (`onBoot`)**: Register generic services (before App load). -4. **Enable (`onEnable`)**: Active and serving traffic. - -```typescript -export class BiPlugin implements PluginLifecycle { - async onEnable(context: PluginContext) { - // Register the heavy engine only when enabled - context.services.register('bi.engine', new BiAnalysisEngine()); - } -} -``` diff --git a/content/docs/concepts/protocol-ai.mdx b/content/docs/concepts/protocol-ai.mdx deleted file mode 100644 index 1e96925dd..000000000 --- a/content/docs/concepts/protocol-ai.mdx +++ /dev/null @@ -1,175 +0,0 @@ ---- -title: AI Protocol -description: AI agents, RAG pipelines, natural language queries, predictive models, and cost tracking. ---- - -import { Brain, Zap, DollarSign, Users, Target } from 'lucide-react'; - -# AI Protocol - -The **AI Protocol** integrates artificial intelligence capabilities including AI agents, RAG (Retrieval-Augmented Generation) pipelines, natural language querying, and predictive analytics. - -## Why This Protocol Exists - -**Problem:** Every B2B SaaS wants "AI features" but building them is a nightmare: - -- **Data silos:** Your CRM data is in Postgres, docs in S3, knowledge base in Notion—LLMs can't access any of it -- **Cost explosion:** One engineer accidentally racks up $10K OpenAI bill with unoptimized embeddings -- **Context limitations:** GPT-4 has 128K token limit—your sales playbook is 500K tokens -- **Hallucinations:** LLM invents plausible-sounding customer names and revenue numbers that don't exist -- **Integration complexity:** To build "Ask questions about your data," you need: vector DB, embedding pipeline, chunking strategy, retrieval logic, prompt engineering, response streaming, and cost tracking - -Teams spend 6+ months building AI features from scratch—or give up and ship nothing. - -**Solution:** The AI Protocol provides **Copilot-grade AI infrastructure**. Define what data your AI can access (objects, fields, documents), configure an agent, deploy. The protocol handles embeddings, vector search, prompt optimization, cost tracking, and hallucination prevention. - -## Business Value Delivered - - - } - title="Ship AI Features in Days" - description="Natural language search, chatbots, and predictive analytics—no ML expertise required." - /> - } - title="Control AI Costs" - description="Built-in token counting, caching, and rate limiting. $10K/month budget? Hard-capped automatically." - /> - } - title="10x Support Efficiency" - description="AI agents answer 80% of customer questions instantly. Support team focuses on complex issues." - /> - } - title="Increase Sales Win Rate" - description="Predictive models identify which leads are 80% likely to close. Reps focus on hot prospects." - /> - - -## What This Protocol Enables - -### AI Agents with Business Context -Build **autonomous agents** that understand your business data: -- **Customer support agent:** Answers product questions using docs, tickets, and knowledge base -- **Sales assistant:** Searches CRM for accounts, creates opportunities, suggests next steps -- **Data analyst agent:** Generates reports, charts, and insights from business data - -**Example:** User asks "Show me accounts in California with revenue over $1M that haven't been contacted in 30 days." The agent: -1. Translates natural language to ObjectQL query -2. Checks permissions (user can only see their territory) -3. Executes query and formats results -4. Suggests follow-up: "Would you like me to draft outreach emails?" - -**Why it matters:** Traditional chatbots use predefined scripts. AI Protocol agents have **real-time access to your data** with permission enforcement. They don't hallucinate customer names—they query the database. - -**Business impact:** A B2B SaaS company deployed a support agent that resolved 80% of tier-1 tickets instantly. Support costs dropped from $100K/year (3 full-time agents) to $20K/year (1 agent handling escalations). - -### RAG Pipelines for Accurate Answers -**Retrieval-Augmented Generation (RAG)** prevents hallucinations: -1. User asks "What's our refund policy?" -2. Vector search finds relevant docs (product docs, support articles, legal terms) -3. LLM answers using **only retrieved context**, not imagination -4. Response includes citations: "According to Section 3.2 of Terms of Service..." - -**Supported data sources:** -- **Structured data:** Objects in your database (Accounts, Orders, Products) -- **Documents:** PDFs, Word docs, Markdown files in S3/Google Drive -- **Web pages:** Your knowledge base, help center, blog posts -- **APIs:** Live data from Salesforce, HubSpot, Zendesk - -**Real-world value:** A SaaS company embedded their 200-page product manual. Customer success team queries it in natural language: "How do I configure SAML SSO for Azure AD?" Agent returns step-by-step instructions with screenshots—found in 2 seconds vs. 10 minutes of manual searching. - -### Natural Language to SQL/ObjectQL -Convert **plain English** to database queries: -- "Show me top 10 opportunities by value" → `SELECT * FROM opportunities ORDER BY amount DESC LIMIT 10` -- "How many deals did we close last quarter?" → `SELECT COUNT(*) FROM opportunities WHERE stage = 'Closed Won' AND close_date >= '2024-01-01'` -- "Which sales rep has the highest win rate?" → Complex aggregation query with GROUP BY and JOIN - -**Why it matters:** Business users get insights without SQL knowledge. CEOs query revenue dashboards in plain English. Finance generates reports without opening Excel. - -**Safety features:** -- **Permission-aware:** Query results filtered by user's row-level security -- **Read-only:** Natural language can't generate DELETE or UPDATE queries -- **Cost limits:** Expensive queries (full table scans) require approval - -### Predictive Models Without Data Science -Train **machine learning models** on your business data: -- **Churn prediction:** Which customers are 70%+ likely to cancel? -- **Lead scoring:** Which leads are most likely to convert? -- **Revenue forecasting:** Predict next quarter's sales based on pipeline - -**No code required:** Define features (e.g., "last activity date", "support ticket count") and target variable (e.g., "churned = yes/no"). The protocol trains and deploys the model. - -**Example:** A SaaS company trained a churn model: -- **Features:** Last login date, support tickets, feature usage, contract value -- **Result:** Model predicts churn with 85% accuracy -- **Action:** Auto-triggers "win-back" campaign for at-risk customers - -**Value:** Reduced churn from 8% to 5%. $500K/year revenue saved. - -## Real-World Use Cases - -### Customer Support Automation -**Challenge:** A SaaS company gets 500 support tickets/week. 70% are repetitive questions answered in docs. - -**AI Protocol Solution:** Deploy a support agent with access to: -- Product documentation (RAG pipeline) -- Past ticket resolutions (vector search) -- Account data (ObjectQL queries with permission checks) - -Agent auto-responds to tickets with answers + citations. Escalates complex issues to humans. - -**Value:** Support ticket volume reduced by 65%. Response time: instant vs. 4-hour average. $120K/year cost savings. - -### Sales Productivity -**Challenge:** Sales reps waste hours searching CRM for "which accounts in my territory are due for renewal?" - -**AI Protocol Solution:** Sales assistant agent answers natural language queries: -- "Show me accounts in my territory with contracts expiring next month" -- "Which opportunities have been stuck in 'Negotiation' stage for 30+ days?" -- "Draft a follow-up email to Acme Corp about their Q4 budget" - -**Value:** Reps save 5 hours/week on data admin. Close 2 more deals/month. $500K/year revenue increase. - -### Predictive Analytics for Finance -**Challenge:** CFO needs to forecast revenue but relies on manual Excel models that are always wrong. - -**AI Protocol Solution:** Train a **revenue forecasting model**: -- Features: Pipeline value, historical close rates, seasonality, sales rep performance -- Output: Revenue prediction with 90% confidence interval - -Model updates daily as new data arrives. - -**Value:** Forecast accuracy improved from 60% to 92%. Board meetings based on data, not gut feel. - -### Knowledge Base Q&A -**Challenge:** A company has 10 years of internal documentation (Confluence, Google Docs, Notion). New employees can't find anything. - -**AI Protocol Solution:** Index all docs into RAG pipeline. Deploy internal chatbot: -- "How do I submit expense reports?" → Links to HR policy doc -- "What's the process for deploying to production?" → Engineering runbook -- "Who owns the billing system?" → Team directory with contact info - -**Value:** Onboarding time reduced from 4 weeks to 2 weeks. Engineers stop asking repetitive questions in Slack. - -## Integration with Other Protocols - -- **Data Protocol:** Agents query objects with ObjectQL; permissions enforced automatically -- **Permission Protocol:** Users only get AI answers for data they're allowed to see -- **System Protocol:** Agent actions logged for audit (who asked what, when) -- **API Protocol:** Expose AI endpoints as REST APIs (`/api/chat`, `/api/predict`) -- **Automation Protocol:** Agents trigger workflows (e.g., "Create task if churn risk > 80%") - -**Key insight:** AI Protocol enables a **conversational interface** to your data. Instead of writing SQL or clicking dashboards, users **ask questions** and get answers. The protocol translates intent → query → result → natural language response. - -## Technical Reference - -For implementation guides and configuration details, see: - -- [Agent Reference](/docs/references/ai/agent/Agent) - Agent configuration, tools, and knowledge sources -- [RAG Pipeline](/docs/references/ai/rag-pipeline/RAGPipelineConfig) - Vector stores, embedding models, chunking strategies -- [Natural Language Query](/docs/references/ai/nlq/NLQRequest) - Query translation, confidence scoring, and result formatting -- [Predictive Models](/docs/references/ai/predictive-model/PredictiveModel) - Feature engineering, training, and deployment -- [Cost Tracking](/docs/references/ai/cost/CostConfig) - Token counting, budget enforcement, and usage analytics diff --git a/content/docs/concepts/protocol-api.mdx b/content/docs/concepts/protocol-api.mdx deleted file mode 100644 index 2198bdac1..000000000 --- a/content/docs/concepts/protocol-api.mdx +++ /dev/null @@ -1,185 +0,0 @@ ---- -title: API Protocol -description: REST contracts, API discovery, realtime subscriptions, and routing configuration. ---- - -import { Zap, Shield, DollarSign, Users } from 'lucide-react'; - -# API Protocol - -The **API Protocol** defines external communication interfaces including REST contracts, API discovery, realtime subscriptions via WebSocket/SSE, and routing configuration. - -## Why This Protocol Exists - -**Problem:** Modern apps need APIs for everything—web frontends, mobile apps, third-party integrations, webhooks. Building robust APIs is harder than it looks: - -- **Inconsistent contracts:** `/api/users` returns `{ data: [] }` but `/api/accounts` returns `{ results: [] }`—no standard -- **No API discovery:** Developers must read outdated docs or reverse-engineer endpoints from network logs -- **Rate limiting hell:** One power user DOS attacks your API, crashes the server, takes down everyone -- **Realtime complexity:** Building WebSocket servers for live updates requires Redis pub/sub, connection state management, and reconnection logic -- **Versioning nightmares:** API v1 and v2 running side-by-side, different authentication methods, no migration path - -Traditional approach: Write 500 lines of Express/Flask code per endpoint, copy-paste auth middleware, pray you don't introduce bugs. - -**Solution:** The API Protocol **auto-generates REST/GraphQL APIs** from your data model. Every object you define gets CRUD endpoints automatically. Realtime subscriptions, rate limiting, and versioning are configuration, not code. - -## Business Value Delivered - - - } - title="Ship APIs 10x Faster" - description="Define a data object, get REST endpoints instantly. Zero boilerplate code to maintain." - /> - } - title="Zero API Security Bugs" - description="Authentication, authorization, input validation, and rate limiting enforced by protocol—not developer discipline." - /> - } - title="Monetize API Access" - description="Tier-based rate limits (Starter: 10K calls/month, Enterprise: unlimited). Auto-upgrade prompts for power users." - /> - } - title="Enable Third-Party Integrations" - description="Self-documenting APIs let partners build integrations without back-and-forth with your eng team." - /> - - -## What This Protocol Enables - -### Auto-Generated CRUD Endpoints -Define an object in Data Protocol → get REST endpoints automatically: -- `GET /api/data/account` - List accounts -- `POST /api/data/account` - Create account -- `GET /api/data/account/:id` - Get account by ID -- `PATCH /api/data/account/:id` - Update account -- `DELETE /api/data/account/:id` - Delete account - -**Advanced features auto-included:** -- **Filtering:** `GET /api/data/account?filter[industry]=Technology` -- **Sorting:** `GET /api/data/account?sort=-created_at` (descending) -- **Pagination:** `GET /api/data/account?page=2&per_page=25` -- **Field selection:** `GET /api/data/account?fields=name,industry` (reduce payload size) -- **Relations:** `GET /api/data/account?include=opportunities,contacts` (eager loading) - -**Why it matters:** A startup launches with 10 objects (Account, Contact, Opportunity, etc.). That's **50 REST endpoints** automatically. Add a new object? 5 more endpoints appear instantly. Zero code. - -**Real-world impact:** A SaaS company needed a mobile app. Backend team said "3-month API development." CEO found ObjectStack, deployed it, mobile team had APIs in 2 days. App launched 10 weeks early. - -### API Discovery and Self-Documentation -Every API exposes a **discovery endpoint** (`/api/discovery`) that returns: -- Available objects and their schemas -- All endpoints with HTTP methods -- Authentication requirements -- Rate limits -- Example requests/responses - -**Use cases:** -- **Postman collections:** Auto-generate from discovery endpoint -- **SDK generation:** TypeScript/Python/Go SDKs generated from API schema -- **Partner integrations:** Third parties build integrations without asking your team for docs - -**Business value:** A company opens their API to partners. Partners build Zapier/Make.com integrations without 10 email threads asking "what's the schema for orders?" - -### Realtime Data Subscriptions -Support **live updates** without polling: -- **WebSocket:** Bi-directional real-time connection (chat apps, collaborative editing) -- **Server-Sent Events (SSE):** One-way server-to-client streaming (dashboards, notifications) - -**Example:** Subscribe to new opportunities: -```javascript -// Client subscribes -const subscription = api.subscribe('opportunity.created', { - filter: { stage: 'Negotiation' } -}); - -// Server pushes updates -subscription.on('data', (opportunity) => { - console.log('New opportunity:', opportunity); -}); -``` - -**Why it matters:** Traditional polling (`setInterval(() => fetch('/api/opportunities'), 5000)`) wastes bandwidth and delays updates. Realtime subscriptions deliver updates **instantly** with zero overhead. - -**Real-world use case:** A logistics app shows package locations on a map. With polling, map updates every 10 seconds (laggy, wasteful). With subscriptions, map updates the moment a driver scans a package (instant, efficient). - -### Rate Limiting and Quota Enforcement -Prevent API abuse with **declarative rate limits**: -- **Per-endpoint limits:** `/api/data/account` = 100 requests/minute, `/api/export` = 5 requests/hour -- **Per-user limits:** Free tier = 1K calls/month, Pro tier = 100K calls/month -- **Global limits:** Max 10K concurrent connections - -When a user exceeds their quota: -- **Soft limit:** Return `HTTP 429 Too Many Requests` with retry-after header -- **Hard limit:** Block API access until billing cycle resets -- **Auto-upgrade prompt:** "You've used 95% of your API quota. Upgrade to Pro for unlimited calls?" - -**Business value:** A freemium SaaS gives 10K API calls/month for free. Power users hit the limit in 2 weeks and upgrade to $99/month plan. $50K/year revenue from API monetization. - -### API Versioning Without Pain -Run **multiple API versions** simultaneously: -- `GET /api/v1/account` - Legacy format -- `GET /api/v2/account` - New format with breaking changes - -Clients specify version via header: `X-API-Version: 2` or URL: `/api/v2/...` - -**Migration strategy:** -1. Deploy v2 with new schema -2. Support v1 and v2 in parallel for 6 months -3. Send deprecation warnings: `Deprecated: true, sunset: 2025-06-01` -4. Retire v1 - -**Why it matters:** Breaking changes don't break existing integrations. Partners migrate on their schedule, not yours. - -## Real-World Use Cases - -### Mobile App Backend -**Challenge:** A startup needs a backend API for iOS/Android apps. They have no backend engineers. - -**API Protocol Solution:** Define objects (User, Post, Comment), deploy ObjectStack, get REST APIs. Mobile app authenticates via OAuth, calls `/api/data/post` to fetch feed. - -**Value:** Shipped mobile app in 6 weeks with 1 full-stack engineer (vs. 3-month timeline with dedicated backend team). - -### Third-Party Integration Platform -**Challenge:** A CRM vendor wants partners to build integrations (Zapier, Make.com, custom apps). Partners demand a well-documented API. - -**API Protocol Solution:** Enable API discovery. Partners hit `/api/discovery`, get full schema, generate SDKs, build integrations. - -**Value:** 50+ partner integrations built in 6 months. Marketplace ecosystem drives 30% of new customer acquisition. - -### Realtime Dashboard -**Challenge:** A SaaS app has a revenue dashboard that polls `/api/revenue` every 5 seconds. 1,000 concurrent users = 12M API calls/hour, killing the database. - -**API Protocol Solution:** Switch to SSE subscriptions. Server pushes revenue updates only when data changes (e.g., new sale). Clients subscribe once, receive updates passively. - -**Value:** API load reduced by 95%. Database CPU usage dropped from 80% to 10%. $5K/month infrastructure savings. - -### API Monetization -**Challenge:** A data analytics company wants to sell API access: Starter tier (10K calls/month) for $99, Pro tier (1M calls/month) for $499. - -**API Protocol Solution:** Configure rate limits per subscription tier. When users exceed quota, auto-block and show upgrade prompt. - -**Value:** $200K/year revenue from API subscriptions. Zero ops overhead—rate limiting is declarative config. - -## Integration with Other Protocols - -- **Data Protocol:** APIs expose objects defined in Data Protocol; field-level security enforced -- **Permission Protocol:** API calls filtered by user's row-level security and object permissions -- **Auth Protocol:** API authentication via JWT, OAuth, or API keys -- **System Protocol:** API calls logged for audit; rate limit violations trigger alerts -- **Automation Protocol:** Webhooks invoke workflows when API events occur - -**Key insight:** API Protocol is the **interface layer** of ObjectStack. It exposes your business logic (data, workflows, permissions) to the outside world—web apps, mobile apps, partners, IoT devices—with security and scalability built-in. - -## Technical Reference - -For detailed API specifications and implementation guides, see: - -- [REST Contracts](/docs/references/api/contract/BaseResponse) - Request/response envelopes, error codes, and pagination -- [API Discovery](/docs/references/api/discovery/Discovery) - Schema introspection and endpoint metadata -- [Realtime Subscriptions](/docs/references/api/realtime/RealtimeEvent) - WebSocket and SSE event streaming -- [Rate Limiting](/docs/references/api/rate-limit/RateLimitConfig) - Quota enforcement and throttling strategies -- [Routing Configuration](/docs/references/api/routing/RouteDefinition) - Custom endpoints and middleware diff --git a/content/docs/concepts/protocol-auth.mdx b/content/docs/concepts/protocol-auth.mdx deleted file mode 100644 index 6efb6601b..000000000 --- a/content/docs/concepts/protocol-auth.mdx +++ /dev/null @@ -1,150 +0,0 @@ ---- -title: Auth Protocol -description: Identity and access management with multiple authentication strategies, roles, and organization management. ---- - -import { Shield, Zap, DollarSign, Target } from 'lucide-react'; - -# Auth Protocol - -The **Auth Protocol** manages identity, authentication, sessions, roles, and organization structure. It supports multiple authentication strategies including OAuth, SAML, LDAP, and passwordless authentication. - -## Why This Protocol Exists - -**Problem:** Modern applications face an authentication nightmare: - -- **Consumer apps:** Users expect "Sign in with Google/Apple/GitHub"—building OAuth flows from scratch takes weeks -- **Enterprise apps:** Companies demand SAML SSO with Okta/Azure AD—implementing SAML 2.0 spec requires months of debugging XML signatures -- **Security requirements:** Password policies, 2FA, session management, account lockouts, suspicious login detection—each adds weeks of dev time -- **Multi-tenancy:** SaaS apps need per-tenant auth configs (Acme Corp uses Okta, SmallCo uses email/password) - -Traditional solutions: Roll your own auth (6 months of work, guaranteed security bugs), or use Auth0/Firebase Auth ($10K/month for 100K users). Neither is ideal for startups or enterprises with special requirements. - -**Solution:** The Auth Protocol provides **Salesforce/Okta-grade authentication** as infrastructure. OAuth, SAML, LDAP, magic links, passkeys, and 2FA work out-of-the-box. Multi-tenant configurations supported. Security policies (password complexity, session timeouts, IP allowlists) are declarative, not code. - -## Business Value Delivered - - - } - title="Enterprise Sales Ready" - description="Fortune 500 won't buy without SAML SSO. Deploy Okta/Azure AD integration in hours, not months." - /> - } - title="$100K/Year Auth Cost Savings" - description="Auth0 charges $10K/month at scale. ObjectStack's included auth is free—no per-MAU pricing." - /> - } - title="Ship Login Faster" - description="Google/GitHub OAuth in 10 lines of config, not 500 lines of code. Magic links with zero email infrastructure." - /> - } - title="Zero Security Incidents" - description="Bcrypt hashing, session rotation, CSRF protection, rate limiting—all default. No password breaches." - /> - - -## What This Protocol Enables - -### Every Auth Method, One Interface -Support **all authentication methods** without writing integration code: -- **OAuth 2.0:** Google, Microsoft, GitHub, Apple, Facebook, Twitter -- **SAML 2.0:** Okta, Azure AD, OneLogin, Auth0 -- **LDAP/Active Directory:** On-premises enterprise directory services -- **Magic Links:** Passwordless email authentication (Slack-style) -- **Passkeys:** WebAuthn/FIDO2 biometric authentication -- **2FA/MFA:** TOTP (Authenticator apps), SMS, email codes, backup codes - -**Why it matters:** An early-stage startup starts with email/password. As they land enterprise customers, they add Okta SAML. Later, they add Google OAuth for freemium users. **All three work simultaneously** with different user pools—no code changes. - -**Real-world impact:** A B2B SaaS company won a $500K enterprise deal because they deployed Okta SSO in 2 days. Their competitor's bid included "SAML integration: 3-month timeline, $50K additional." - -### Per-Tenant Auth Configuration -In a multi-tenant SaaS, each tenant can have **different auth requirements**: -- **Acme Corp (Enterprise):** Okta SAML required, 2FA enforced, password rotation every 90 days -- **SmallCo (Startup):** Email/password or Google OAuth, optional 2FA -- **FinCorp (Regulated):** Azure AD SAML required, IP allowlist, session timeout after 30 min - -ObjectStack's Auth Protocol lets you define **auth policies per organization**, not globally. - -**Business value:** Win enterprise deals without sacrificing startup-friendly onboarding. Compliance-heavy customers get strict policies; casual users get frictionless signup. - -### Session Management and Security -Built-in protection against every auth attack: -- **Session fixation:** Session IDs regenerated after login -- **Session hijacking:** Detect concurrent sessions from different IPs, force re-login -- **CSRF attacks:** CSRF tokens automatically injected and validated -- **Brute force:** Account locked after 5 failed login attempts -- **Credential stuffing:** Detect login attempts with leaked passwords (HaveIBeenPwned integration) - -**Audit trail:** Every login, logout, failed attempt, password change, and permission escalation is logged with IP, device, and timestamp. - -**Compliance value:** A healthcare company passed SOC 2 Type II audit on first attempt because auth events were logged and tamper-proof. - -### Organization and Team Management -Multi-tenant SaaS requires **organization hierarchies**: -- **Organizations:** Top-level tenant (e.g., "Acme Corp") -- **Roles:** Admin, Member, Billing Manager, Support Agent -- **Invitations:** Email-based invites with expiration and role assignment -- **SSO enforcement:** Require SAML for all org members - -**Real-world scenario:** A company buys your SaaS. Their admin invites 50 employees, assigns roles, and configures Okta SSO. Employees log in via SSO—no password setup needed. - -## Real-World Use Cases - -### Enterprise SSO Requirement -**Challenge:** A startup demos their product to a Fortune 500 company. Procurement says "we need Okta SAML SSO or the deal is off." - -**Auth Protocol Solution:** Configure SAML provider in 10 lines: -``` -saml.entryPoint = "https://okta.bigcorp.com/saml/sso" -saml.cert = "" -``` -Test, deploy, win deal. - -**Value:** $1M ARR deal won. Competitor without SAML lost the deal despite having better features. - -### Passwordless Onboarding -**Challenge:** A consumer app wants Slack-style "magic link" login—no passwords, no OAuth popups, just email. - -**Auth Protocol Solution:** Enable magic link provider. User enters email, receives login link, clicks, authenticated. - -**Value:** 40% higher signup conversion vs. password forms. No "forgot password" support tickets. - -### Multi-Region Compliance -**Challenge:** A fintech app operates in EU (GDPR) and US (SOC 2). EU requires 2FA for all users; US allows optional 2FA. - -**Auth Protocol Solution:** Define **auth policies per tenant**: -- EU tenants: `mfaRequired: true` -- US tenants: `mfaRequired: false` - -**Value:** Passed GDPR audit. $5M fine avoided. No code changes—just configuration. - -### Account Takeover Prevention -**Challenge:** A B2C app detects 10K failed login attempts from a botnet trying credential stuffing (leaked passwords from other breaches). - -**Auth Protocol Solution:** Built-in rate limiting (10 attempts/minute per IP) and account lockout (lock after 5 failures). Suspicious login detection alerts user via email: "Login from new device in Russia—was this you?" - -**Value:** Zero successful account takeovers. Customer trust maintained. $2M in fraud losses prevented. - -## Integration with Other Protocols - -- **Permission Protocol:** Roles defined in Auth Protocol map to object permissions -- **System Protocol:** Authentication events logged for audit compliance -- **API Protocol:** API keys and JWT tokens managed via Auth Protocol -- **UI Protocol:** Login forms and user profile pages auto-generated from auth configuration - -**Key insight:** Auth Protocol is the **front door** to ObjectStack. Every API call, UI interaction, and automation flow starts with authentication. The protocol ensures that "who you are" is verified before "what you can do" is evaluated. - -## Technical Reference - -For detailed configuration and implementation guides, see: - -- [User Identity](/docs/references/auth/identity/User) - User schema, email/phone verification, and profile management -- [Authentication Providers](/docs/references/auth/config/AuthConfig) - OAuth, SAML, LDAP, magic link, and passkey configuration -- [Session Management](/docs/references/auth/session/Session) - Session lifecycle, timeouts, and concurrent session handling -- [Role and Permission Mapping](/docs/references/auth/role/Role) - Role hierarchies and permission assignment -- [Organization Structure](/docs/references/auth/organization/Organization) - Multi-tenant organization, member, and invitation management diff --git a/content/docs/concepts/protocol-automation.mdx b/content/docs/concepts/protocol-automation.mdx deleted file mode 100644 index bd66ccbc9..000000000 --- a/content/docs/concepts/protocol-automation.mdx +++ /dev/null @@ -1,191 +0,0 @@ ---- -title: Automation Protocol -description: Workflows, visual flows, and webhooks for business process automation. ---- - -import { Zap, DollarSign, Users, Target } from 'lucide-react'; - -# Automation Protocol - -The **Automation Protocol** provides business process automation through workflows (state machines), visual flows, and webhooks. - -## Why This Protocol Exists - -**Problem:** Business processes have logic that doesn't belong in code: - -- "When a deal closes, create an invoice, notify accounting, update the forecast, and send a thank-you email" -- "When a support ticket goes 48 hours without response, escalate to a manager" -- "When inventory drops below 100 units, auto-generate a purchase order" - -Traditional solutions force you to: -1. **Hard-code business logic:** Every process change requires developer time, code review, deployment -2. **Use separate tools:** Zapier for simple tasks, Temporal for complex workflows—two systems, no integration -3. **Lack visibility:** When automation breaks, nobody knows why or how to fix it - -**Real-world cost:** A company has 50 "automated processes" scattered across cron jobs, Lambda functions, and Zapier workflows. One breaks every week. Engineers spend 20% of their time debugging automations instead of building features. - -**Solution:** The Automation Protocol provides **Salesforce/ServiceNow-grade workflow automation** as metadata. Define triggers, conditions, and actions declaratively. Visual flow builder for complex processes. Webhooks for third-party integrations. All monitored, versioned, and auditable. - -## Business Value Delivered - - - } - title="Ship Automations 10x Faster" - description="Business analysts build workflows without developer intervention. IT becomes enablers, not bottlenecks." - /> - } - title="$100K/Year Labor Savings" - description="Automate manual tasks: sending emails, updating records, generating reports. 10 hours/week saved per employee." - /> - } - title="Zero Process Inconsistency" - description="Automations enforce SOP compliance. No 'I forgot to notify the manager' human errors." - /> - } - title="Instant Process Changes" - description="Sales process changes? Update workflow, deploy in minutes. No code changes, no developer sprints." - /> - - -## What This Protocol Enables - -### Declarative Workflow Rules -Build **event-driven automations** that trigger when data changes: - -**Example:** Auto-assign leads based on territory -- **Trigger:** Record created on Lead object -- **Condition:** Lead status = "New" AND State is not blank -- **Actions:** - 1. Update "Owner" field to user in matching territory - 2. Send email notification to new owner - 3. Create follow-up task due in 2 days - -**Why it matters:** Business users configure this in the UI—no code, no developer needed. Marketing changes lead routing rules? Update the workflow and redeploy in 30 seconds. - -**Real-world impact:** A B2B company had leads manually assigned by ops team (20 hours/week). After automating lead assignment, ops team focused on revenue operations strategy. $50K/year labor savings. - -### Visual Flow Builder -For **complex multi-step processes**, use the visual flow builder (think Salesforce Flow or n8n): - -**Example:** Opportunity approval process -1. **Start:** User submits opportunity for approval -2. **Decision:** Is amount > $100K? - - **Yes:** Route to VP Sales for approval - - **No:** Auto-approve -3. **Screen:** VP sees approval form with notes field -4. **Decision:** VP approved? - - **Yes:** Update stage to "Closed Won", create invoice, notify accounting - - **No:** Update stage to "Closed Lost", send rejection email -5. **End** - -**Nodes supported:** Start, Decision (if/then), Screen (user input), Action (call API, update record, send email), Loop, Subflow - -**Why it matters:** Processes that require human input (approvals, multi-step wizards) are trivial to build. Non-developers can build Salesforce-grade automation. - -### Webhooks for External Integrations -Trigger **HTTP callbacks** when events occur: - -**Example:** Notify Slack when high-value deal closes -- **Trigger:** Opportunity record updated -- **Condition:** Stage changed to "Closed Won" AND Amount > $50K -- **Action:** POST to Slack webhook with deal details - -**Supported integrations:** -- **Slack:** Channel notifications -- **Email:** SendGrid, Mailgun, AWS SES -- **CRMs:** Salesforce, HubSpot, Pipedrive -- **Accounting:** QuickBooks, Xero, Stripe -- **Custom:** Any HTTP endpoint - -**Business value:** A company integrated their CRM with QuickBooks. When a deal closes, an invoice is auto-created in QuickBooks. Accounting team saves 5 hours/week on manual data entry. - -### State Machine Workflows -For **complex lifecycle management**, use state machines: - -**Example:** Order fulfillment workflow -- **States:** Pending → Processing → Shipped → Delivered → Completed -- **Transitions:** Can only move from Pending to Processing (not directly to Shipped) -- **Actions on transition:** Pending → Processing triggers "Reserve inventory" action -- **Guards:** Can't transition to Shipped if payment failed - -**Why it matters:** Prevents invalid state transitions. An order can't be marked "Delivered" if it was never "Shipped"—enforced automatically. - -## Real-World Use Cases - -### Sales Process Automation -**Challenge:** A company's sales process has 10 steps from lead to closed deal. Each step requires data entry, email notifications, and CRM updates. Sales reps forget steps, deals stall. - -**Automation Protocol Solution:** -1. Lead created → Auto-assign to territory rep, send welcome email -2. Lead qualified → Create opportunity, notify manager -3. Demo scheduled → Send calendar invite, update stage -4. Proposal sent → Create quote record, set follow-up reminder -5. Deal closed → Create invoice, notify accounting, update forecast - -All automated. Sales reps just move stages; everything else happens automatically. - -**Value:** Sales cycle reduced from 45 days to 30 days. Win rate increased 15% (fewer dropped leads). $1M/year revenue impact. - -### Customer Onboarding -**Challenge:** New customer onboarding has 20 steps (create account, send welcome email, schedule kickoff call, provision environment, etc.). Ops team manually tracks spreadsheets, misses steps. - -**Automation Protocol Solution:** Build onboarding workflow: -1. Customer signs contract → Create account, assign CSM -2. Day 0: Send welcome email with login credentials -3. Day 1: Create Slack channel, invite customer -4. Day 3: Schedule kickoff call -5. Day 7: Send onboarding survey -6. Day 30: Trigger "renewal reminder" task - -**Value:** Onboarding time reduced from 2 weeks to 3 days. Customer satisfaction (CSAT) score increased from 7.5 to 9.2. $200K/year ops savings. - -### Compliance Automation -**Challenge:** A fintech company must send monthly statements to customers, archive for 7 years, and notify regulators if balance > $10K. Manual process, error-prone. - -**Automation Protocol Solution:** -- **Scheduled job:** Generate statements on 1st of each month -- **Workflow:** For each account: - 1. Generate PDF statement - 2. Upload to S3 with 7-year retention - 3. Send email to customer - 4. If balance > $10K, notify compliance team - -**Value:** Significantly reduced compliance violations. Passed audit on first attempt. Avoided potential regulatory fines. - -### Multi-Channel Notifications -**Challenge:** When a critical event occurs (e.g., server down, fraud detected), ops team must be notified via email, Slack, PagerDuty, and SMS. - -**Automation Protocol Solution:** -- **Trigger:** System event "critical_alert" -- **Actions (parallel):** - 1. Send email to ops@company.com - 2. POST to Slack webhook - 3. Create PagerDuty incident - 4. Send SMS via Twilio - -All four channels notified simultaneously, guaranteed delivery. - -**Value:** Incident response time reduced from 15 minutes (someone notices email) to 30 seconds (PagerDuty alert). $2M/year saved from downtime reduction. - -## Integration with Other Protocols - -- **Data Protocol:** Workflows trigger on record create/update/delete events -- **Permission Protocol:** Workflows respect permissions (can't assign record to user without access) -- **System Protocol:** Scheduled workflows run via job scheduler; events logged for audit -- **API Protocol:** Webhooks call external APIs; workflows can be triggered via REST endpoints -- **UI Protocol:** Action buttons in UI trigger workflows (e.g., "Approve" button runs approval flow) - -**Key insight:** Automation Protocol is the **orchestration layer** of ObjectStack. It coordinates actions across data, APIs, and external systems—turning isolated events into cohesive business processes. - -## Technical Reference - -For implementation guides and configuration details, see: - -- [Workflow Rules](/docs/references/automation/workflow/WorkflowRule) - Triggers, conditions, and action configuration -- [Visual Flow Builder](/docs/references/automation/flow/Flow) - Node types, decision logic, and screen flows -- [Webhook Configuration](/docs/references/automation/webhook/Webhook) - HTTP callbacks, retry policies, and payload templates -- [State Machines](/docs/references/automation/state-machine/StateMachine) - State transitions, guards, and lifecycle management diff --git a/content/docs/concepts/protocol-data.mdx b/content/docs/concepts/protocol-data.mdx deleted file mode 100644 index 77e629e49..000000000 --- a/content/docs/concepts/protocol-data.mdx +++ /dev/null @@ -1,134 +0,0 @@ ---- -title: Data Protocol -description: The foundation of ObjectStack - defining business data models, validation rules, and query language. ---- - -import { Database, CheckCircle, Target, Zap } from 'lucide-react'; - -# Data Protocol - -The **Data Protocol** is the foundation of ObjectStack's data layer (ObjectQL). It defines the core business data model including object schemas, field types, validation rules, and the query language. - -## Why This Protocol Exists - -**Problem:** Traditional software development requires developers to manually write database schemas, validation logic, and query code for each database system. When business requirements change, developers must update schemas, migrate data, and modify countless SQL queries across the application. This creates: - -- **Vendor Lock-in:** Switching from PostgreSQL to MongoDB requires rewriting the entire data layer -- **Inconsistent Validation:** Business rules scattered across frontend, backend, and database triggers -- **Slow Iteration:** Schema changes require coordinated deployments and complex migration scripts -- **Poor Developer Experience:** Writing boilerplate CRUD code instead of focusing on business logic - -**Solution:** The Data Protocol provides a **single source of truth** for your business data model. Define your entities once in a declarative, database-agnostic format, and ObjectStack automatically: -- Generates database schemas for any supported backend (SQL, NoSQL, Graph, Time-series) -- Enforces validation rules consistently across all layers -- Migrates data when schemas evolve -- Optimizes queries for the underlying database - -## Business Value Delivered - - - } - title="10x Faster Development" - description="No boilerplate CRUD code. Define objects declaratively and get REST APIs, UIs, and validation automatically." - /> - } - title="Database Portability" - description="Start with SQLite, scale to PostgreSQL, add MongoDB for documents—no code changes required." - /> - } - title="Business Logic as Data" - description="Business analysts can define fields and validation rules without developer intervention." - /> - } - title="Zero Data Inconsistency" - description="Validation enforced at the protocol level prevents bad data at write time, not query time." - /> - - -## What This Protocol Enables - -### Business Entity Definition -**Objects** are business entities like "Customer", "Order", "Invoice", "Project". Instead of writing CREATE TABLE statements, you define what the entity *means* to your business. ObjectStack handles the rest: -- Auto-generates database tables/collections -- Creates REST/GraphQL APIs -- Builds admin UIs with forms and lists -- Enables full-text search -- Tracks field history for compliance - -**Real-world impact:** A 3-person startup can build a CRM with enterprise-grade data modeling capabilities comparable to major platforms, without hiring database architects or DevOps engineers. - -### Rich Field Types -ObjectStack provides **20+ specialized field types** that encode business semantics, not just data types: -- **Lookup Fields:** Relationships that maintain referential integrity (like foreign keys, but smarter) -- **Formula Fields:** Auto-calculated values (e.g., `total = quantity × price`) that update in real-time -- **Rollup Summary:** Aggregate child records (e.g., "Total opportunity value" on Account) -- **Currency Fields:** Store amounts with currency codes, automatic exchange rate conversion -- **Address/Location Fields:** Geocoding, distance calculations, territory assignment - -**Why it matters:** These aren't just data types—they're business logic primitives. A "lookup" field knows it should display a dropdown in the UI, validate referential integrity, and support cascading deletes. You declare the *intent*, ObjectStack handles the *implementation*. - -### Database-Agnostic Query Language -The protocol defines queries as **Abstract Syntax Trees (AST)**, not SQL strings. This means: -- Write one query, run on PostgreSQL, MongoDB, or Excel -- Automatically optimize for the target database (indexes, joins, etc.) -- Type-safe queries validated at compile time -- No SQL injection vulnerabilities - -**Example use case:** A company starts with PostgreSQL, adds MongoDB for product catalogs, and Redis for caching. The same ObjectQL query (`find customers where industry = 'tech'`) works across all three—no code changes. - -### Validation as First-Class Citizen -Business rules are defined alongside the data model, not scattered in application code: -- **Cross-field validation:** "If account type is Enterprise, revenue is required" -- **State machine validation:** "Can't close an opportunity without a quote" -- **Async validation:** "Check if email domain is blacklisted via external API" -- **Custom error messages:** Business-friendly error messages, not database errors - -**Business impact:** Prevent $10M data quality issues caused by invalid records. Validation rules are auditable, testable, and versionable alongside your schema. - -## Real-World Use Cases - -### SaaS Multi-Tenancy -**Challenge:** Building a SaaS product where each customer needs isolated data, but you want to avoid managing hundreds of separate databases. - -**Data Protocol Solution:** Define tenant-scoped objects with automatic row-level isolation. ObjectStack ensures Customer A can never query Customer B's data, even if they share the same PostgreSQL database. - -**Value:** Launch a multi-tenant SaaS in weeks, not months. Add customers without infrastructure changes. - -### Offline-First Mobile Apps -**Challenge:** Sales reps need to access CRM data on planes, in areas with poor connectivity, and must sync changes when back online. - -**Data Protocol Solution:** The same object definitions work with SQLite (on-device) and PostgreSQL (cloud). Queries, validation, and business logic are identical. Conflict resolution is built into the protocol. - -**Value:** Your field team stays productive even when offline. No "save failed" errors that lose $100K deals. - -### Legacy System Migration -**Challenge:** You have data in Oracle, MongoDB, and Excel spreadsheets. You want to unify them without a 2-year ETL project. - -**Data Protocol Solution:** Define a unified object model, then map each legacy system via a Driver. Data stays in place initially, queries federate across all three. Migrate incrementally as needed. - -**Value:** Decouple business logic from legacy tech debt. Retire old systems on your schedule, not the vendor's EOL deadline. - -## Integration with Other Protocols - -The Data Protocol is the foundation that other protocols build upon: - -- **Driver Protocol:** Compiles ObjectQL queries to PostgreSQL, MongoDB, Redis, etc. -- **Permission Protocol:** Enforces "who can see what" at the data layer, before queries execute -- **UI Protocol:** Auto-generates forms, tables, and dashboards from object schemas -- **API Protocol:** Exposes objects as REST/GraphQL endpoints with zero code -- **Automation Protocol:** Triggers workflows when data changes (e.g., "Send email when deal closes") - -**Key insight:** Define your data model once. Everything else—UIs, APIs, permissions, workflows—is auto-generated and stays synchronized. - -## Technical Reference - -For detailed schema definitions, TypeScript interfaces, and implementation examples, see: - -- [Object Schema Reference](/docs/references/data/object/Object) - Complete schema structure and field options -- [Query Language Reference](/docs/references/data/query/Query) - AST structure and filter operators -- [Validation Rules Reference](/docs/references/data/validation/ValidationRule) - Formula syntax and validation types -- [Field Types Guide](/docs/guides/field-types) - All 20+ field types with code examples diff --git a/content/docs/concepts/protocol-driver.mdx b/content/docs/concepts/protocol-driver.mdx deleted file mode 100644 index 278450feb..000000000 --- a/content/docs/concepts/protocol-driver.mdx +++ /dev/null @@ -1,140 +0,0 @@ ---- -title: Driver Protocol -description: Database adapters connecting ObjectStack to PostgreSQL, MongoDB, SQLite, and other storage engines. ---- - -import { Plug, Zap, Target, Shield } from 'lucide-react'; - -# Driver Protocol - -The **Driver Protocol** defines the interface for database adapters that connect ObjectStack's Data Layer to various storage engines. Drivers translate the abstract query AST into database-specific queries (SQL, NoSQL, etc.). - -## Why This Protocol Exists - -**Problem:** Traditional applications hard-code database-specific SQL or NoSQL queries throughout the codebase. This creates devastating vendor lock-in: - -- **Migration nightmares:** Moving from MySQL to PostgreSQL requires rewriting thousands of queries -- **Multi-database impossibility:** Can't use PostgreSQL for transactions AND MongoDB for catalogs in the same app -- **Performance blind spots:** Developers write queries without understanding database-specific optimizations -- **Innovation tax:** Can't adopt new databases (DuckDB, ClickHouse, Turso) without massive rewrites - -**Solution:** The Driver Protocol decouples business logic from database implementation. Your application writes **one** query in ObjectQL AST format. The Driver compiles it to optimized SQL, MongoDB aggregation pipeline, or Redis commands—depending on which database you choose at runtime. - -## Business Value Delivered - - - } - title="Zero Vendor Lock-in" - description="Start with SQLite in dev, deploy PostgreSQL in prod, migrate to PlanetScale later—without code changes." - /> - } - title="Polyglot Persistence" - description="Use the right database for each workload: Postgres for transactions, MongoDB for documents, Redis for caching." - /> - } - title="Automatic Optimization" - description="Drivers generate database-specific query plans. Get MongoDB's $lookup or Postgres's LATERAL joins without knowing either." - /> - } - title="Built-in Security" - description="All drivers use parameterized queries. SQL injection is structurally impossible." - /> - - -## What This Protocol Enables - -### Unified Interface, Diverse Implementations -All drivers implement the same contract: `create()`, `find()`, `update()`, `delete()`. Whether you're talking to PostgreSQL or MongoDB, the interface is identical. This enables: - -- **Development freedom:** Build with SQLite locally, deploy to PostgreSQL/MySQL in production -- **Vendor negotiation leverage:** "We can migrate to Aurora in 2 weeks" is a powerful negotiating position -- **Technology adoption:** Evaluate DuckDB for analytics or Turso for edge deployments—just swap the driver -- **Team productivity:** Developers learn one data access API, not five different database clients - -### Query Compilation, Not Translation -Drivers don't just "convert" queries—they **compile** them: -- **Postgres Driver:** Generates window functions, CTEs, and JSONB operators when beneficial -- **MongoDB Driver:** Uses aggregation pipelines with `$lookup` for joins, `$match` for filters -- **Redis Driver:** Compiles to Redis Search queries for text search, sorted sets for ordering -- **SQLite Driver:** Optimizes for single-threaded I/O, uses WITHOUT ROWID tables when appropriate - -**Example:** The query `find customers where city = 'SF' AND revenue > 1M` becomes: -- **PostgreSQL:** `SELECT * FROM customers WHERE city = 'SF' AND revenue > 1000000 USING INDEX idx_city_revenue` -- **MongoDB:** `db.customers.find({ city: 'SF', revenue: { $gt: 1000000 } }).hint('city_revenue_idx')` -- **Redis:** `FT.SEARCH customers "@city:SF @revenue:[1000000 +inf]"` - -All from the same ObjectQL AST. - -### Driver Capabilities Declaration -Drivers declare what they support (transactions, joins, full-text search, etc.). The ObjectStack runtime: -- **Validates queries at compile time:** If you use window functions but the driver doesn't support them, you get an error before deployment -- **Graceful degradation:** Falls back to in-memory processing for unsupported features (e.g., client-side joins) -- **Capability-aware UI:** Admin UIs only show import/export options if the driver supports bulk operations - -## Real-World Use Cases - -### Startup to Enterprise Migration -**Challenge:** A startup launches with Heroku Postgres (free tier). As they grow, they need to migrate to RDS, then eventually to Aurora with read replicas. - -**Driver Protocol Solution:** Change one line in config: `driver: 'postgres'` → `driver: 'aurora'`. The application code doesn't change. Run the migration during a maintenance window. - -**Value:** Database migration goes from "6-month project with rewrite risk" to "2-hour deployment". Your team stays focused on product features, not infrastructure firefighting. - -### Polyglot Persistence for Performance -**Challenge:** You have transactional data (orders, payments) in PostgreSQL, product catalogs in MongoDB (flexible schemas), and session data in Redis (fast TTL expiry). - -**Driver Protocol Solution:** Define three datasources, each with a different driver. ObjectStack routes queries to the appropriate database based on object configuration. Joins across databases work transparently (federation). - -**Value:** Use the best tool for each job without sacrificing application simplicity. 10x performance improvement on reads, 50% cost savings on infrastructure. - -### Edge Computing with Offline Support -**Challenge:** Building a point-of-sale (POS) system for retail stores. Each store needs local data when the internet goes down, but must sync to a central cloud database when online. - -**Driver Protocol Solution:** -- **In-store:** SQLite driver with local file storage -- **Cloud:** PostgreSQL driver with central database -- **Sync logic:** ObjectStack's built-in replication handles conflict resolution - -**Value:** Stores process $50K/day in sales even during internet outages. No lost transactions, no manual reconciliation. - -### Legacy System Integration Without Migration -**Challenge:** You have customer data in Salesforce, inventory in SAP, and orders in an Oracle database from 2005. You want a unified view without a costly ETL project. - -**Driver Protocol Solution:** Build drivers for each system (Salesforce REST API, SAP RFC, Oracle JDBC). ObjectStack queries federate across all three. Data stays in place—no migration needed. - -**Value:** Deliver a unified dashboard in weeks, not quarters. Retire legacy systems incrementally as business priorities dictate. - // 2. Execute query - const results = await this.executeQuery(nativeQuery); - - // 3. Transform results to standard format - return this.transformResults(results); -## Supported Databases - -ObjectStack provides official drivers for: - -**SQL:** PostgreSQL, MySQL, SQLite, PlanetScale, Neon, Supabase -**NoSQL:** MongoDB, Redis -**Cloud:** Aurora, Cloud SQL, DocumentDB -**Special:** In-memory (testing), Excel files, Airtable, Google Sheets - -**Extensibility:** Create custom drivers for proprietary databases, SaaS APIs, or data warehouses by implementing the `DriverInterface`. - -## Integration with Other Protocols - -- **Data Protocol:** Compiles ObjectQL queries to database-specific queries -- **Permission Protocol:** Injects row-level security filters before query execution -- **System Protocol:** Manages connection pools, monitors query performance -- **API Protocol:** Exposes driver capabilities via API metadata endpoints - -## Technical Reference - -For detailed implementation guides and API documentation, see: - -- [Driver Interface Reference](/docs/references/driver/driver/DriverInterface) - Complete interface specification -- [Custom Driver Guide](/docs/guides/custom-driver) - Build your own driver -- [Datasource Configuration](/docs/references/driver/datasource/Datasource) - Connection and pooling options -- [Technology Compatibility Kit (TCK)](/docs/guides/driver-tck) - Testing framework for drivers diff --git a/content/docs/concepts/protocol-hub.mdx b/content/docs/concepts/protocol-hub.mdx deleted file mode 100644 index b792a14ca..000000000 --- a/content/docs/concepts/protocol-hub.mdx +++ /dev/null @@ -1,170 +0,0 @@ ---- -title: Hub Protocol -description: Multi-tenancy, marketplace, licensing, and deployment management for SaaS distribution. ---- - -import { Zap, DollarSign, Shield, Target } from 'lucide-react'; - -# Hub Protocol - -The **Hub Protocol** provides SaaS and marketplace capabilities including multi-tenancy, licensing, plugin marketplace, and deployment management. - -## Why This Protocol Exists - -**Problem:** Building a B2B SaaS platform requires infrastructure that has nothing to do with your product: - -- **Multi-tenancy:** Isolate Customer A's data from Customer B—with database-level, schema-level, or row-level strategies -- **Usage billing:** Track API calls, storage, users to enforce quotas and generate invoices -- **Licensing:** Feature flags for "Starter vs. Enterprise" plans, trial periods, seat limits -- **Plugin marketplace:** Third-party developers want to sell integrations—you need vetting, payments, and revenue sharing -- **Deployment management:** Customers want dedicated environments (dev, staging, prod) or private cloud deployments - -Building this from scratch takes 12+ months and distracts from your core product. Salesforce, Shopify, and WordPress took years to get this right. - -**Solution:** The Hub Protocol provides **Salesforce-AppExchange-grade infrastructure** out of the box. Multi-tenancy, licensing, and marketplace are configuration, not code. Launch a B2B SaaS in weeks, not years. - -## Business Value Delivered - - - } - title="$500K+ SaaS Revenue, Year One" - description="Launch with tiered pricing (Starter/Pro/Enterprise) from day one. No billing infrastructure to build." - /> - } - title="Onboard Customers in Minutes" - description="New signup creates isolated tenant automatically. Zero manual provisioning, no DevOps tickets." - /> - } - title="Pass Enterprise Security Audits" - description="Database-level isolation proves data separation. SOC 2 auditors love it." - /> - } - title="Ecosystem Revenue Sharing" - description="Third-party plugins sell on your marketplace. You take 30% commission—passive income." - /> - - -## What This Protocol Enables - -### Multi-Tenancy That Scales -Support **three isolation strategies** based on customer requirements: - -**Database-level isolation:** Each tenant gets a dedicated database. Best for regulated industries (healthcare, finance) or massive customers (10M+ records). Example: Acme Corp gets `tenant_acme` database. - -**Schema-level isolation:** Each tenant gets a schema in a shared database. Good balance between isolation and cost. Example: All tenants share one Postgres instance, Acme Corp uses `acme_schema`. - -**Row-level isolation:** All tenants share tables; row-level security filters data by `tenant_id`. Cheapest option, great for SMB SaaS. Example: `SELECT * FROM accounts WHERE tenant_id = 'acme'` enforced automatically. - -**Why it matters:** Start with row-level isolation to minimize costs. Land a Fortune 500 customer who demands database isolation? Migrate them without code changes. The Hub Protocol handles routing. - -**Real-world impact:** A SaaS company with 5,000 SMB customers (row-level) and 10 enterprise customers (database-level) runs on one codebase. $200K/year infrastructure savings vs. separate deployments. - -### Usage-Based Licensing -Enforce **usage quotas and feature flags** per tenant: -- **User limits:** Starter plan = 5 users, Pro plan = 50 users, Enterprise = unlimited -- **Storage limits:** 10GB on Starter, 100GB on Pro, 1TB on Enterprise -- **API rate limits:** 10K calls/month on Starter, 1M on Pro, unlimited on Enterprise -- **Feature flags:** `advanced_analytics`, `custom_branding`, `sso`, `api_access` - -When a tenant exceeds their quota, the protocol **auto-blocks** further usage and prompts an upgrade. - -**Business value:** Monetize power users automatically. A startup on the Starter plan hits 5-user limit? In-app prompt to upgrade to Pro. Conversion happens without sales calls. - -### Plugin Marketplace -Create an **AppExchange-style marketplace** where third-party developers sell plugins: - -**For platform owners:** -- Vet plugins for security/quality before publishing -- Set commission rates (e.g., 30% platform fee) -- Auto-bill customers, auto-pay developers - -**For plugin developers:** -- Reach thousands of customers without building distribution -- Handle billing, licensing, and updates via the marketplace -- Example: "Shopify Sync Pro" plugin sells for $49/month, developer gets $34, platform gets $15 - -**For end users:** -- One-click install from marketplace -- Billing consolidated in platform subscription -- Auto-updates when developers push new versions - -**Real-world impact:** Salesforce's AppExchange generates **$50B+ in ecosystem revenue**. ObjectStack's Hub Protocol enables the same model for your niche. - -### Deployment Spaces -Support **multi-environment workflows** per tenant: -- **Development space:** Developers test changes without affecting production -- **Staging space:** QA tests before prod deployment -- **Production space:** Live customer data - -Each space can run on different infrastructure (local laptop for dev, cloud for prod). - -**Enterprise use case:** A large customer wants **dedicated infrastructure**. The Hub Protocol supports private cloud deployments where one tenant gets their own Kubernetes cluster. Same codebase, isolated infra. - -## Real-World Use Cases - -### SaaS Launch in 30 Days -**Challenge:** A startup wants to build a vertical SaaS for real estate agents. They need multi-tenancy, tiered pricing (Free/Pro/Enterprise), and trial periods—but have no SaaS experience. - -**Hub Protocol Solution:** -- Enable row-level multi-tenancy: `isolationLevel: 'row'` -- Define pricing tiers with usage limits -- Configure 14-day free trial with auto-upgrade prompts -- Deploy - -**Value:** Launched SaaS in 4 weeks. First paying customer in week 6. $50K MRR by month 12. - -### Enterprise Customer with Compliance Requirements -**Challenge:** A healthcare SaaS lands a hospital network. HIPAA requires that patient data be **physically isolated** from other customers. - -**Hub Protocol Solution:** Migrate the hospital to database-level isolation: -``` -tenant: 'hospital_network' -isolationLevel: 'database' -dedicatedInfrastructure: true -``` -Hospital gets their own database on dedicated AWS RDS instance. Audit logs prove isolation. - -**Value:** Passed HIPAA audit, won $2M/year contract. Smaller customers stay on row-level isolation—no cost impact. - -### Plugin Marketplace Revenue -**Challenge:** A B2B SaaS platform has 10K customers. Third-party developers want to sell integrations (Slack, Zoom, QuickBooks) but platform owner doesn't want to build them. - -**Hub Protocol Solution:** -- Open plugin marketplace -- Developer uploads "QuickBooks Sync" plugin, sets price at $29/month -- Platform takes 30% commission -- Customers install with one click - -**Value:** 500 customers install the plugin (500 × $29 = $14.5K/month). Platform earns $4.35K/month passive income. Developer earns $10.15K/month without building distribution. - -### Multi-Region Deployment -**Challenge:** A SaaS company has EU customers who require data residency (GDPR) and US customers who need low latency. - -**Hub Protocol Solution:** -- EU tenants deployed to `eu-west-1` region -- US tenants deployed to `us-east-1` region -- Same codebase, different deployment targets - -**Value:** Compliant with GDPR's data residency requirements. Won $5M in EU contracts that were previously blocked by compliance. - -## Integration with Other Protocols - -- **Auth Protocol:** Per-tenant auth configurations (Acme uses Okta, SmallCo uses email/password) -- **Data Protocol:** Tenant isolation enforced at query level (automatic `WHERE tenant_id = ?` injection) -- **Permission Protocol:** Roles and permissions scoped per tenant -- **Kernel Protocol:** Plugins can be enabled/disabled per tenant - -**Key insight:** Hub Protocol is the **business layer** of ObjectStack. While other protocols handle technical concerns (data, auth, UI), Hub Protocol handles **monetization** (licensing, usage tracking, marketplace revenue). - -## Technical Reference - -For configuration guides and implementation details, see: - -- [Tenant Management](/docs/references/hub/tenant/Tenant) - Isolation strategies, quota enforcement, and tenant lifecycle -- [Licensing System](/docs/references/hub/license/License) - Feature flags, usage limits, and subscription management -- [Marketplace Plugins](/docs/references/hub/marketplace/MarketplacePlugin) - Plugin publishing, pricing, and distribution -- [Deployment Spaces](/docs/references/hub/space/HubSpace) - Multi-environment configuration and infrastructure targeting diff --git a/content/docs/concepts/protocol-kernel.mdx b/content/docs/concepts/protocol-kernel.mdx deleted file mode 100644 index 0cb774ac5..000000000 --- a/content/docs/concepts/protocol-kernel.mdx +++ /dev/null @@ -1,159 +0,0 @@ ---- -title: Kernel Protocol -description: Plugin system, manifest definitions, lifecycle management, and runtime context for ObjectStack extensions. ---- - -import { Zap, Users, DollarSign, Target } from 'lucide-react'; - -# Kernel Protocol - -The **Kernel Protocol** defines the plugin system and runtime management for ObjectStack. It enables a microkernel architecture where the core platform provides minimal runtime, while all capabilities are delivered as plugins. - -## Why This Protocol Exists - -**Problem:** Monolithic platforms (Salesforce, ServiceNow) force you to use their data model, their UI, their workflow engine—even if you only need 10% of features, you deploy 100% of the platform. This creates: - -- **Bloat:** 500MB Docker images with dependencies you'll never use -- **Vendor lock-in:** Can't swap out their workflow engine for Temporal without forking the entire platform -- **Slow innovation:** Want AI-powered search? Wait for the vendor's roadmap (or never get it) -- **License costs:** Pay $150/user/month for "Enterprise Edition" just to get SSO - -**Solution:** The Kernel Protocol implements a **microkernel architecture** like Linux or Kubernetes. The core runtime is <10MB and does almost nothing—just loads plugins. Every feature (data access, UI, workflows, AI) is a plugin. Don't need dashboards? Don't load the dashboard plugin. Want better analytics? Replace the default plugin with your own. - -## Business Value Delivered - - - } - title="Ship Custom Features in Days" - description="Build a plugin to integrate Stripe billing or Twilio SMS. Deploy without forking ObjectStack core." - /> - } - title="Pay for What You Use" - description="Disable unused plugins to reduce memory/CPU costs. 50% smaller deployments, 30% lower AWS bills." - /> - } - title="Ecosystem Marketplace" - description="Download plugins from the marketplace: Shopify sync, DocuSign, Slack, Calendly—one-click install." - /> - } - title="Zero Core Upgrades" - description="Core runtime rarely changes. Upgrade plugins independently without breaking dependencies." - /> - - -## What This Protocol Enables - -### Plugin Isolation and Composability -Each plugin is a **self-contained module** with: -- **Manifest:** Declares what it provides (objects, views, actions) and what it needs (dependencies, configuration) -- **Lifecycle hooks:** `onInstall`, `onEnable`, `onDisable`, `onUninstall` for setup and teardown -- **Scoped context:** Plugins can't access each other's data or crash each other - -**Why it matters:** A startup builds their CRM with "Sales" and "Support" plugins. Later, they add "Marketing Automation." The new plugin can **reference sales objects** without modifying sales plugin code. This is composability. - -**Real-world impact:** An ISV (independent software vendor) sells vertical-specific CRMs (real estate, legal, healthcare). They maintain one core platform and **industry-specific plugin packages**. New vertical? Build a plugin, no core changes. - -### Marketplace Economy -The Kernel Protocol enables a **plugin marketplace** like VS Code extensions or Salesforce AppExchange: -- **Plugin developers** build integrations (Stripe, QuickBooks, Zapier) and sell them -- **Platform users** install plugins with one click—no custom code needed -- **Revenue sharing** incentivizes third-party innovation - -**Example:** Need Shopify integration? Search marketplace, find "Shopify Sync Pro" plugin ($29/month), install, configure API key, done. 15-minute setup vs. 2-week custom integration. - -### Dependency Management -Plugins declare dependencies: -``` -dependencies: { - '@objectstack/core': '^2.0.0', - 'com.vendor.calendar': '>=1.5.0' -} -``` -The runtime ensures **compatible versions** are loaded. Incompatible plugins fail fast at install time, not at runtime. - -**Business value:** A company uses 10 third-party plugins. Core platform upgrades from v2.0 to v3.0. The runtime auto-checks which plugins are compatible. Incompatible plugins are disabled until vendors release updates. No surprise crashes. - -### Resource Isolation -Plugins get **scoped storage and logging**: -- **Storage:** `context.storage.set('config', {...})` only affects this plugin's namespace -- **Logging:** `context.logger.info()` tags logs with plugin ID for debugging -- **Secrets:** Plugin configuration includes `secret: true` fields that are encrypted at rest - -**Security impact:** A malicious plugin can't read another plugin's API keys or database credentials. Sandboxing prevents supply chain attacks. - -## Real-World Use Cases - -### SaaS Vertical Expansion -**Challenge:** A horizontal CRM vendor wants to sell to dentists, lawyers, and car dealerships. Each industry needs custom objects (Patient, Case, Vehicle) but shares core CRM. - -**Kernel Protocol Solution:** Build industry-specific plugins: -- **Dental Plugin:** Patient object, appointment scheduling, insurance claims -- **Legal Plugin:** Case object, billable hours, court calendar integration -- **Auto Plugin:** Vehicle object, service history, DMV integration - -Core CRM stays the same. Sell industry bundles. - -**Value:** 3x revenue growth by entering new verticals. $0 additional platform maintenance cost. - -### Custom Integration Without Vendor Approval -**Challenge:** A company uses ObjectStack but needs to integrate with an internal ERP system. Vendor doesn't support it. - -**Kernel Protocol Solution:** Build a custom plugin: -``` -onEnable(context) { - // Sync data from ERP every hour - context.scheduler.cron('0 * * * *', syncERPData); - - // Register custom API endpoint - context.router.post('/api/erp/sync', handleSyncRequest); -} -``` -Deploy the plugin. No pull request to ObjectStack core needed. - -**Value:** Integration delivered in 1 week vs. 6-month vendor roadmap wait. - -### Multi-Tenant Plugin Configuration -**Challenge:** A SaaS app has 1,000 tenants. Some use Stripe for billing, others use PayPal or manual invoicing. - -**Kernel Protocol Solution:** Build a "Billing" plugin with **per-tenant configuration**: -- **Tenant A:** `billingProvider: 'stripe', stripeApiKey: 'sk_...'` -- **Tenant B:** `billingProvider: 'paypal', paypalClientId: 'AX...'` -- **Tenant C:** `billingProvider: 'manual'` - -One plugin, three configurations. - -**Value:** Support multiple payment providers without code forks. Win enterprise deals that require specific billing systems. - -### Zero-Downtime Plugin Updates -**Challenge:** A critical bug is found in the "Email Notifications" plugin. Fix must deploy without taking the app offline. - -**Kernel Protocol Solution:** -1. Upload new plugin version: `email-notifications@1.2.1` -2. Runtime performs **hot reload**: disables v1.2.0, enables v1.2.1 -3. Active requests finish on old version, new requests use new version - -**Value:** Fix deployed in 30 seconds, zero downtime. Traditional approach: deploy entire app, 5-minute outage. - -## Integration with Other Protocols - -- **Data Protocol:** Plugins contribute new objects via their manifest -- **UI Protocol:** Plugins register views, dashboards, and actions -- **Automation Protocol:** Plugins define workflows and flows -- **System Protocol:** Plugins schedule jobs and emit events -- **API Protocol:** Plugins register custom REST endpoints - -**Key insight:** The Kernel Protocol is ObjectStack's **module system**. Just like Linux uses kernel modules (device drivers, file systems), ObjectStack uses plugins for everything. The core is stable; innovation happens at the plugin layer. - -## Technical Reference - -For implementation guides and API documentation, see: - -- [Plugin Architecture](/docs/concepts/plugin-architecture) - Design principles and best practices -- [Manifest Reference](/docs/references/kernel/manifest/Manifest) - Package metadata, dependencies, and contribution declarations -- [Plugin Context API](/docs/references/kernel/plugin/PluginContext) - Runtime context with logger, storage, router, and scheduler -- [Lifecycle Hooks](/docs/references/kernel/plugin/Plugin) - onInstall, onEnable, onDisable, onUninstall event handlers -- [Logger Configuration](/docs/references/kernel/logger/LoggerConfig) - Log levels, formats, and output destinations diff --git a/content/docs/concepts/protocol-permission.mdx b/content/docs/concepts/protocol-permission.mdx deleted file mode 100644 index ecb3fcf82..000000000 --- a/content/docs/concepts/protocol-permission.mdx +++ /dev/null @@ -1,304 +0,0 @@ ---- -title: Permission Protocol -description: Fine-grained access control with object permissions, field-level security, sharing rules, and territory management. ---- - -import { Shield, Lock, Users, Globe } from 'lucide-react'; - -# Permission Protocol - -The **Permission Protocol** provides comprehensive access control for ObjectStack applications. It includes object-level permissions (CRUD), field-level security (FLS), sharing rules, and territory-based access management. - -## Overview - -ObjectStack implements a multi-layered permission model similar to enterprise platforms like Salesforce. Access is evaluated through multiple checks, from object-level down to individual fields. - - - } - title="Object Permissions" - description="CRUD permissions at the object level via roles and permission sets." - /> - } - title="Field-Level Security" - description="Control access to individual fields, independent of object permissions." - /> - } - title="Sharing Rules" - description="Grant access to specific records based on ownership or criteria." - /> - } - title="Territory Management" - description="Geographic or organizational hierarchy-based access control." - /> - - -## Key Concepts - -### 1. Object Permissions - -Object permissions control CRUD operations at the object level: - -```typescript -import { Permission } from '@objectstack/spec'; - -const objectPermission: Permission.ObjectPermission = { - object: 'account', - allowCreate: true, - allowRead: true, - allowUpdate: true, - allowDelete: false, - viewAllRecords: false, - modifyAllRecords: false -}; -``` - -**Permission Levels:** -- `allowCreate` - Can create new records -- `allowRead` - Can view records (filtered by sharing) -- `allowUpdate` - Can edit records they have access to -- `allowDelete` - Can delete records they have access to -- `viewAllRecords` - Bypass sharing rules for read -- `modifyAllRecords` - Bypass sharing rules for write - -### 2. Field-Level Security (FLS) - -Field-level security controls access to individual fields: - -```typescript -const fieldPermission: Permission.FieldPermission = { - object: 'account', - field: 'annual_revenue', - readable: true, - editable: false -}; -``` - -**Use Cases:** -- Hide sensitive data (SSN, salary) from certain roles -- Make fields read-only for specific users -- Require special permissions to edit critical fields - -### 3. Organization-Wide Defaults (OWD) - -OWD defines the baseline sharing level for each object: - -```typescript -const owdModel: Permission.OWDModel = { - object: 'account', - internalAccess: 'private', // private | read_only | read_write - externalAccess: 'private' // For portal users -}; -``` - -**Sharing Levels:** -- `private` - Only owner can access -- `read_only` - All users can read, only owner can edit -- `read_write` - All users can read and edit - -### 4. Sharing Rules - -Sharing rules grant additional access beyond OWD: - -#### Ownership-Based Sharing - -```typescript -const ownerSharingRule: Permission.OwnerSharingRule = { - name: 'share_accounts_with_managers', - object: 'account', - ownedBy: { - type: 'role', - value: 'sales_rep' - }, - sharedWith: { - type: 'role', - value: 'sales_manager' - }, - accessLevel: 'read_only' -}; -``` - -#### Criteria-Based Sharing - -```typescript -const criteriaSharingRule: Permission.CriteriaSharingRule = { - name: 'share_enterprise_accounts', - object: 'account', - criteria: { - and: [ - { field: 'type', operator: 'equals', value: 'Enterprise' }, - { field: 'annual_revenue', operator: 'greaterThan', value: 10000000 } - ] - }, - sharedWith: { - type: 'public_group', - value: 'enterprise_sales_team' - }, - accessLevel: 'read_write' -}; -``` - -### 5. Territory Management - -Territories provide hierarchical, rule-based access: - -```typescript -const territory: Permission.Territory = { - name: 'north_america', - label: 'North America', - parentTerritory: 'global', - rules: [ - { - field: 'billing_country', - operator: 'in', - values: ['USA', 'Canada', 'Mexico'] - } - ] -}; - -const territoryModel: Permission.TerritoryModel = { - object: 'account', - enabled: true, - assignmentPriority: 'most_specific' -}; -``` - -## Permission Evaluation Flow - -When a user requests access to a record, the system evaluates: - -``` -1. Object Permission - ├─ Does user's role have READ permission on Account? - │ ├─ YES → Continue - │ └─ NO → DENY (403) - │ -2. Record-Level Access (Sharing) - ├─ Is user the owner? - │ └─ YES → GRANT - ├─ Does OWD grant access? - │ └─ YES → GRANT - ├─ Do sharing rules grant access? - │ └─ YES → GRANT - ├─ Does user have "View All" permission? - │ └─ YES → GRANT - └─ Otherwise → DENY (404 - hide existence) - │ -3. Field-Level Security - ├─ For each field in response: - │ ├─ Is field readable by user? - │ │ ├─ YES → Include in response - │ │ └─ NO → Exclude from response - │ -4. Final Response - └─ Return record with allowed fields only -``` - -## Permission Sets - -Permission sets bundle multiple permissions: - -```typescript -const permissionSet: Permission.PermissionSet = { - name: 'sales_manager_permissions', - label: 'Sales Manager Permissions', - objectPermissions: [ - { - object: 'account', - allowCreate: true, - allowRead: true, - allowUpdate: true, - allowDelete: false, - viewAllRecords: true - }, - { - object: 'opportunity', - allowCreate: true, - allowRead: true, - allowUpdate: true, - allowDelete: true, - modifyAllRecords: true - } - ], - fieldPermissions: [ - { - object: 'account', - field: 'annual_revenue', - readable: true, - editable: true - } - ] -}; -``` - -## Role Hierarchy - -Roles inherit permissions from parent roles: - -``` -CEO (can see everything) - └── VP Sales (can see sales data) - ├── Sales Manager West (can see west region) - │ └── Sales Rep West - └── Sales Manager East (can see east region) - └── Sales Rep East -``` - -Users in parent roles automatically get access to records visible to child roles. - -## Best Practices - -1. **Start with restrictive OWD** - Use 'private' as default, grant access via sharing rules -2. **Use permission sets for temporary access** - Assign additional permissions without changing roles -3. **Leverage criteria-based sharing** - Automatic sharing based on field values -4. **Implement territory management for geographic sales** - Cleaner than manual sharing rules -5. **Audit permission changes** - Track who granted/revoked access and when -6. **Test with different user profiles** - Verify permissions work as expected - -## Common Patterns - -### Read-Only Access for External Users - -```typescript -const externalOWD: Permission.OWDModel = { - object: 'case', - internalAccess: 'private', - externalAccess: 'read_only' // Portal users can read their cases -}; -``` - -### Manager Access to Team Records - -```typescript -const managerRule: Permission.OwnerSharingRule = { - name: 'manager_team_access', - object: 'opportunity', - ownedBy: { type: 'role_and_subordinates', value: 'sales_rep' }, - sharedWith: { type: 'role', value: 'sales_manager' }, - accessLevel: 'read_write' -}; -``` - -### Temporary Project Access - -```typescript -const projectPermissionSet: Permission.PermissionSet = { - name: 'project_alpha_access', - label: 'Project Alpha Access (Temporary)', - objectPermissions: [{ - object: 'confidential_project', - allowRead: true - }] -}; -// Assign to specific users, revoke when project ends -``` - -## Learn More - -- [Object Permission Reference](/docs/references/permission/permission/ObjectPermission) -- [Sharing Rules Guide](/docs/references/permission/sharing/SharingRule) -- [Territory Management](/docs/references/permission/territory/Territory) -- [Field-Level Security](/docs/references/permission/permission/FieldPermission) diff --git a/content/docs/concepts/protocol-system.mdx b/content/docs/concepts/protocol-system.mdx deleted file mode 100644 index 65937c9ff..000000000 --- a/content/docs/concepts/protocol-system.mdx +++ /dev/null @@ -1,150 +0,0 @@ ---- -title: System Protocol -description: Infrastructure services including event bus, job scheduling, translations, and audit logging. ---- - -import { Zap, Globe, Shield, DollarSign } from 'lucide-react'; - -# System Protocol - -The **System Protocol** provides core infrastructure services that support the ObjectStack runtime. It includes event management, background job scheduling, internationalization (i18n), and audit logging. - -## Why This Protocol Exists - -**Problem:** Enterprise applications need "plumbing" that has nothing to do with business logic: - -- **Event handling:** When an order ships, trigger 5 different downstream systems (inventory, email, analytics, CRM, warehouse) -- **Background jobs:** Generate reports at 3 AM, sync data from Salesforce every 15 minutes, clean up temp files hourly -- **Multi-language support:** Same app must work in English, Spanish, Mandarin, Arabic—with proper date formats and number formatting -- **Audit trails:** Regulators demand proof of "who changed what, when" for the last 7 years - -Traditional solutions force developers to cobble together disparate libraries: RabbitMQ for events, Cron for jobs, i18next for translations, custom logging for audits. Each has different configuration, monitoring, and failure modes. Integration is a nightmare. - -**Solution:** The System Protocol provides **batteries-included infrastructure**. Events, jobs, translations, and audit logging all work the same way—declarative definitions, consistent monitoring, unified error handling. No external dependencies (Redis/RabbitMQ optional), no YAML hell, no 500-line Spring Boot XML configs. - -## Business Value Delivered - - - } - title="Pass Audits the First Time" - description="SOC 2, GDPR, HIPAA compliance built-in. Auditors get tamper-proof logs showing who accessed what data." - /> - } - title="Zero Infrastructure Complexity" - description="No Kafka clusters to tune, no RabbitMQ nodes to monitor. Event bus scales from 10 to 10M events/sec without config changes." - /> - } - title="Go Global in Days, Not Months" - description="Add a new language by uploading a translation file. No code changes, no redeployment." - /> - } - title="$50K/Year Savings on Ops" - description="No dedicated Kafka engineers, no RabbitMQ consultants. One junior dev manages all infrastructure." - /> - - -## What This Protocol Enables - -### Event-Driven Architecture Without Kafka -Build loosely-coupled systems where components communicate via events, not direct API calls: -- **Order created** → Trigger inventory reservation, send confirmation email, update analytics, notify warehouse -- **Payment failed** → Retry billing, send dunning email, pause service, alert finance team - -**Why it matters:** When a sales rep closes a deal, 10 different things must happen (update forecast, notify manager, create invoice, log in analytics, etc.). With traditional code, that's 10 function calls scattered across the codebase. With System Protocol events, it's **one event publish** and 10 independent handlers. Add a new side effect? Register a new handler—no changes to the original code. - -**Real-world impact:** A B2B SaaS company reduced deployment risk by 80% when they moved from monolithic "order processing" code to event-driven handlers. One broken email template no longer crashes order fulfillment. - -### Background Jobs Without Infrastructure -Schedule tasks with **cron syntax** or **intervals**—no external job scheduler needed: -- Generate monthly invoices on the 1st at 2 AM -- Sync CRM data from Salesforce every 15 minutes -- Clean up temp files every hour -- Send abandoned cart emails 24 hours after cart creation - -**Retry policies built-in:** Job fails? Automatically retry with exponential backoff. Third attempt fails? Trigger dead-letter queue and alert ops. - -**Business value:** A fintech company saved $100K/year by eliminating their AWS Batch infrastructure. ObjectStack's built-in scheduler handles 50K daily jobs with zero ops overhead. - -### Global Apps Without Localization Complexity -Support **unlimited languages** with declarative translation bundles: -- **Field labels:** "Account Name" → "名称" (Chinese) → "Nombre de cuenta" (Spanish) -- **Error messages:** "Email is required" → "电子邮件是必填项" → "El correo electrónico es obligatorio" -- **Date/number formats:** US uses MM/DD/YYYY and 1,000.00 → Europe uses DD/MM/YYYY and 1.000,00 - -**Dynamic switching:** User changes language preference at 3 PM? Next page load shows the new language. No redeployment. - -**Real-world impact:** An e-commerce company expanded to 12 new countries in Q1 by shipping translation files, not rewriting code. Revenue grew 3x without hiring international dev teams. - -### Tamper-Proof Audit Trails -Automatically log **every data change** with full context: -- **Who:** User ID, name, IP address, device -- **What:** Object, record ID, field changes (old value → new value) -- **When:** ISO 8601 timestamp with millisecond precision -- **Why:** Session ID, request ID, source (web UI vs. API vs. automation) - -**Suspicious activity detection:** Failed login from new country? Account locked and security team alerted. - -**Compliance value:** A healthcare provider passed HIPAA audit on first try because audit logs proved no unauthorized access to patient records. $2M fine avoided. - -## Real-World Use Cases - -### Microservices Communication -**Challenge:** A company is migrating from a monolith to microservices. Services need to notify each other when data changes, but HTTP calls create tight coupling. - -**System Protocol Solution:** Order Service publishes `order.created` event. Inventory Service, Email Service, and Analytics Service subscribe independently. Add a new service? It subscribes to existing events—no changes to Order Service. - -**Value:** Migration completed in 6 months vs. 18-month estimate. Services deployed independently without breaking downstream consumers. - -### Multi-Region Compliance -**Challenge:** A SaaS app must comply with GDPR (EU), CCPA (California), and LGPD (Brazil). Each jurisdiction has different audit retention requirements (1-10 years). - -**System Protocol Solution:** Configure **audit retention policies** per tenant: -- EU tenants: 7-year retention, encrypted storage, right-to-deletion support -- US tenants: 3-year retention -- Brazil tenants: 5-year retention with data residency enforcement - -**Value:** Passed regulatory audits in 15 jurisdictions. $5M in fines avoided. Customer trust maintained. - -### 24/7 Operations with No Ops Team -**Challenge:** A startup needs to run nightly batch jobs (reports, data cleanup, syncs) but can't afford a DevOps engineer. - -**System Protocol Solution:** Define jobs in metadata: -``` -Daily Sales Report: cron("0 2 * * *"), retry 3 times -Cleanup Temp Files: interval(1 hour) -Sync Shopify Orders: cron("*/15 * * * *") -``` -Jobs run automatically. Failures trigger Slack alerts. Dead-letter queue captures repeated failures. - -**Value:** $120K/year saved by not hiring ops staff. Founder sleeps well knowing jobs run reliably. - -### International Expansion Without Code Forks -**Challenge:** A productivity app launches in Japan. Japanese users need date pickers in YYYY年MM月DD日 format, currency in ¥, and vertical text support. - -**System Protocol Solution:** Add `ja_JP` locale with custom date/number formats. Upload translation bundle. Deploy. - -**Value:** Japan launch completed in 2 weeks. $500K revenue in month one. No code changes to the app—just configuration. - -## Integration with Other Protocols - -- **Data Protocol:** Object changes automatically emit events (`record.created`, `record.updated`, `record.deleted`) -- **Automation Protocol:** Workflows trigger on events; jobs invoke automation flows -- **API Protocol:** API calls logged for audit; rate limits enforced via quota tracking -- **Permission Protocol:** Audit logs show who had access to what data via permission checks -- **UI Protocol:** Translation bundles localize all UI labels, buttons, and error messages - -**Key insight:** System Protocol is the **nervous system** of ObjectStack. Data flows through APIs, business logic runs in workflows, permissions enforce security—but the System Protocol coordinates it all via events, executes scheduled tasks, translates UIs, and records everything for compliance. - -## Technical Reference - -For detailed schema definitions and configuration options, see: - -- [Event Bus Reference](/docs/references/system/events/Event) - Event structure, handlers, and routing -- [Job Scheduler Reference](/docs/references/system/job/Job) - Cron syntax, retry policies, and timeout configuration -- [Translation System](/docs/references/system/translation/TranslationBundle) - Locale management and translation bundles -- [Audit Configuration](/docs/references/system/audit/AuditConfig) - Retention policies, storage options, and compliance settings - diff --git a/content/docs/concepts/protocol-ui.mdx b/content/docs/concepts/protocol-ui.mdx deleted file mode 100644 index 4b6de313b..000000000 --- a/content/docs/concepts/protocol-ui.mdx +++ /dev/null @@ -1,138 +0,0 @@ ---- -title: UI Protocol -description: Server-Driven UI specification for building dynamic, metadata-driven user interfaces. ---- - -import { Zap, Users, DollarSign, Shield } from 'lucide-react'; - -# UI Protocol - -The **UI Protocol** defines how user interfaces are described and rendered in ObjectStack. It follows the Server-Driven UI (SDUI) pattern where the backend dictates the layout, structure, and behavior, while the frontend acts as a renderer. - -## Why This Protocol Exists - -**Problem:** Traditional UI development hard-codes every form, table, and dashboard in React/Vue components. When business requirements change, developers must: - -- Manually update dozens of components across web, mobile, and desktop apps -- Wait for app store approvals to fix a simple form layout bug -- Duplicate validation logic between frontend and backend -- Rebuild and redeploy entire applications just to add a new field to a form - -This creates **months of lag** between business needs and software delivery. Even worse, business analysts can't configure UIs themselves—they must open tickets and wait for developer sprints. - -**Solution:** The UI Protocol defines interfaces as **metadata**, not code. Describe your forms, dashboards, and reports in a declarative format. The frontend runtime reads these definitions at runtime and dynamically renders them. Change a form layout? Update metadata, deploy in seconds. Add a dashboard widget? No code changes, no app store submission. - -## Business Value Delivered - - - } - title="Ship UI Changes in Seconds" - description="Update forms, dashboards, and reports without rebuilding apps. No app store approvals, no deployment pipelines." - /> - } - title="Empower Business Users" - description="Analysts configure dashboards and reports themselves. IT becomes enablers, not bottlenecks." - /> - } - title="50% Lower Frontend Costs" - description="Write UI rendering logic once. Reuse across web, iOS, Android, desktop. One definition, infinite renderers." - /> - } - title="Consistent UX Across Platforms" - description="Same form layout on web, mobile, and desktop. Validation rules enforced everywhere automatically." - /> - - -## What This Protocol Enables - -### One Definition, Every Platform -Define a form layout **once** in metadata. The UI Protocol's renderer architecture automatically adapts it: -- **Web:** React/Vue components with responsive CSS -- **Mobile:** Native iOS/Android widgets with platform-specific gestures -- **Desktop:** Electron/Tauri apps with keyboard shortcuts -- **Voice:** Alexa/Google Assistant skills with conversational flows - -**Why it matters:** A startup ships a CRM with web and mobile apps in weeks, not quarters. Add a "notes" field to the Contact form? It appears everywhere instantly. No code reviews, no QA cycles, no 2-week iOS app approval wait. - -### Business User Configurability -**Dashboards:** Sales managers build their own pipeline dashboards—no SQL, no BI tool expertise required. Drag widgets, set filters, done. - -**Reports:** Finance creates matrix reports with cross-tabs and aggregations. IT doesn't need to write Crystal Reports or Power BI queries. - -**Forms:** HR reconfigures the employee onboarding wizard when compliance rules change. Add a step, reorder fields, change validation—all in the UI. - -**Real-world impact:** A SaaS company reduced IT backlog by 60% when they gave department heads dashboard configurability. The CEO created a real-time P&L dashboard at 11 PM without opening a ticket. - -### Dynamic Runtime Updates -Traditional apps burn UI logic into JavaScript bundles. Every change requires: -1. Code change → 2. Build → 3. Test → 4. Deploy → 5. (iOS) Wait for Apple approval - -**Server-Driven UI changes this:** -1. Update metadata → 2. Deploy (seconds) - -**Use case:** Black Friday sale. Marketing needs to add a "promo code" field to checkout. With traditional UIs: 2-day deploy cycle, miss the sale. With UI Protocol: 30-second metadata update, deployed before lunch. - -### Multi-Variant Experimentation -Run A/B tests on form layouts without developer involvement: -- **Variant A:** Single-page form with all fields visible -- **Variant B:** Wizard form with progress indicator - -The protocol dynamically serves different `FormView` definitions to different user cohorts. Conversion metrics determine the winner. - -**Business impact:** An e-commerce company increased checkout completion by 23% after testing 5 form layouts in a single week—previously impossible with hard-coded UIs. - -## Real-World Use Cases - -### SaaS White-Label Customization -**Challenge:** A CRM vendor sells to 500 customers. Each wants custom branding (logo, colors) and slightly different form layouts. Managing 500 React codebases is impossible. - -**UI Protocol Solution:** Each tenant gets a custom **App** definition with their branding and **FormView** layouts. Same codebase serves all 500 customers with different UIs. - -**Value:** Launch new customers in hours, not weeks. $2M/year saved on custom development work. - -### Regulatory Compliance Agility -**Challenge:** A fintech company operates in 50 countries. Each country has different KYC (Know Your Customer) form requirements. EU requires GDPR consent checkboxes, India requires Aadhaar number, etc. - -**UI Protocol Solution:** Define locale-specific **FormView** variants. The app dynamically shows the right form based on user location. Regulatory change? Update metadata, deploy immediately. - -**Value:** Avoided $500K fine for non-compliance. New market entry time reduced from 3 months to 1 week. - -### Offline-First Mobile Apps -**Challenge:** Field service technicians use a mobile app in areas with no connectivity. The app must work offline, sync when online, and match the web app's UI exactly. - -**UI Protocol Solution:** Ship the same `ListView` and `FormView` definitions to mobile and web. Mobile app renders them natively (SwiftUI/Jetpack Compose). When forms change, push metadata updates via background sync. - -**Value:** UI consistency eliminated $100K/year in support tickets caused by "why does mobile look different?" confusion. - -### Rapid Prototyping for Startups -**Challenge:** A 2-person startup needs to validate 5 different product ideas. Building custom UIs for each idea would take months. - -**UI Protocol Solution:** Define objects (Customer, Order, Product) and let ObjectStack auto-generate forms, tables, and dashboards. Iterate on product by tweaking metadata, not rewriting code. - -**Value:** Shipped 3 MVPs in 6 weeks. Found product-market fit before running out of runway. - -## Integration with Other Protocols - -- **Data Protocol:** Forms automatically validate against field types and rules. No duplicate validation logic. -- **Permission Protocol:** Forms hide/disable fields based on field-level security. Action buttons disappear if user lacks permissions. -- **API Protocol:** Every UI component knows which REST endpoint to call. No manual wiring. -- **Automation Protocol:** Action buttons trigger workflows. "Approve" button runs approval flow automatically. - -**Key insight:** The UI Protocol doesn't just define layouts—it's a **semantic layer** that connects user interactions to business logic. Click "Save" on a form? The protocol knows to validate, check permissions, call the API, trigger workflows, and refresh the dashboard—all without custom code. - -## Technical Reference - -For detailed schema definitions, component specifications, and implementation examples, see: - -- [App Configuration](/docs/references/ui/app/App) - Navigation structure, branding, and app-level settings -- [ListView Reference](/docs/references/ui/view/ListView) - Grid, kanban, calendar, and gantt view configurations -- [FormView Reference](/docs/references/ui/view/FormView) - Form layouts with simple, tabbed, and wizard modes -- [Dashboard Reference](/docs/references/ui/dashboard/Dashboard) - Widget positioning and dashboard composition -- [Report Builder](/docs/references/ui/report/Report) - Tabular, summary, and matrix report types -- [Action Reference](/docs/references/ui/action/Action) - Button configuration and custom action definitions -- [Theme Customization](/docs/references/ui/theme/Theme) - Color schemes, typography, and styling options - diff --git a/content/docs/concepts/security_architecture.cn.mdx b/content/docs/concepts/security_architecture.cn.mdx deleted file mode 100644 index 1d8da62dd..000000000 --- a/content/docs/concepts/security_architecture.cn.mdx +++ /dev/null @@ -1,97 +0,0 @@ ---- -title: 安全架构 -description: '"纵深防御"模型。为什么我们选择元数据驱动的安全性而不是基于代码的安全性。' ---- - -import { ShieldAlert, Users, key, Lock } from 'lucide-react'; - -# ObjectStack 安全模型:"纵深防御"架构 - -ObjectStack 采用 **"Salesforce 风格"** 的元数据驱动安全模型。之所以选择它而不是 Microsoft(Dataverse)模型,是因为它具有卓越的粒度和解耦性,这对于复杂的企业场景至关重要。 - -## 1. 主要模型比较 - -| 层 | ObjectStack / Salesforce | Microsoft Dataverse (Dynamics) | 为什么我们选择 ObjectStack 的方式? | -| :--- | :--- | :--- | :--- | -| **这是谁?** | **用户 + 身份** | 用户 + Azure AD | 标准 OIDC/SAML 集成。 | -| **他们能做什么?**
(功能) | **权限集 / 配置文件**
*(布尔标志)* | **安全角色**
*("点阵")* | 将功能权利(例如,"导出数据")与数据范围解耦,可以实现更灵活的分配。 | -| **他们坐在哪里?**
(层次结构) | **角色**
*(报告线)* | **业务单元**
*(部门树)* | "角色"意味着逻辑报告(VP 可以看到经理),而"BU"意味着僵化的部门孤岛。 | -| **他们可以看到什么数据?**
(可见性) | **共享规则**
*(标准和所有权)* | **访问团队**
*(临时)* | **共享规则**是"杀手级功能"。它们允许诸如"将 > 100 万的交易与财务共享"之类的逻辑,而 Microsoft 的静态层次结构无法轻松表达。 | -| **超级访问** | **查看全部 / 修改全部** | **组织级别**(绿点) | 将"超级访问"与标准"读取"分开可防止意外数据泄漏。 | - -## 2. 协议 - -该模型通过三个关键协议实现: - -### A. 配置文件和权限集 -* **什么:** 定义对象和字段的"CRUD"访问权限。 -* **类比:** 你的门禁卡。它说"你可以打开 3 层的门"。 -* **示例:** `leads: { read: true, edit: false }`。 - -### B. OWD(组织范围默认值) -* **什么:** 你*不拥有*的记录的基线可见性。 -* **类比:** 办公室门的默认状态。它们是锁定的(私有)还是打开的(公共只读)? -* **示例:** `Quote: Private`(只有所有者看到它)。 - -### C. 共享规则 -* **什么:** OWD 的例外,用于开放访问权限。 -* **类比:** "如果你是销售副总裁,你可以进入 CEO 的办公室。" -* **示例:** `IF amount > 1,000,000 SHARE WITH Group:Executives READ/WRITE`。 - -## 3. 执行流程 - -每个查询都通过**安全内核**。 - -```mermaid -graph TD - A[用户请求] --> B{配置文件检查} - B -- 拒绝 --> X[403 禁止] - B -- 允许 --> C{字段级安全} - C -- 剥离字段 --> D{共享计算} - D -- 添加 WHERE 子句 --> E[最终查询] -``` - -### A. 功能权限(`src/data/permission.zod.ts`) -定义**基线**。 -* 如果 `allowRead = false`,则用户无法看到*任何*记录,无论共享如何。 -* 如果 `allowRead = true`,则用户可以看到*他们自己的*记录(所有权)。 - -### B. 结构层次结构(`src/system/role.zod.ts`) -定义**报告线**。 -* 用户被分配到一个角色(例如,"销售经理")。 -* **自动继承**:"销售经理"隐式看到"销售代表"拥有的数据。 -* *注意:这最接近 Microsoft 的"业务单元"概念。* - -### C. 数据访问范围(`src/data/sharing.zod.ts`) -定义**扩展**。 -* 我们从"私有"(OWD)开始。 -* 我们通过**共享规则**扩展访问权限。 - * **基于标准**:"如果状态 = '已发布',则与所有内部用户共享。" - * **基于所有者**:"将'西部地区'记录与'西部 VP'共享。" - -## 3. 术语映射 - -如果你来自 Microsoft/Dynamics 生态系统: - -* **安全角色(用户级别)** -> `allowRead: true` -* **安全角色(BU 级别)** -> `allowRead: true` + `共享规则(与角色共享)` -* **安全角色(组织级别)** -> `viewAllRecords: true` -* **业务单元** -> `角色`(功能层次结构) - -## 4. 高级:矩阵管理(区域管理) - -对于单一报告线("角色")不足的大型全球企业,ObjectStack 实现了**区域管理**协议(`src/system/territory.zod.ts`)。 - -这在不破坏严格角色层次结构的情况下解决了"矩阵组织"问题。 - -* **角色层次结构(HR/报告)**:"谁向谁报告?"(稳定) - * 示例:销售代表向销售经理报告。 -* **区域层次结构(市场/收入)**:"谁拥有哪个市场?"(灵活,多重分配) - * 示例:销售代表可能被分配到"西海岸(地理)"和"医疗保健(行业)"。 - -**工作原理:** -1. **客户/交易**根据规则分配给**区域**(例如,`State = 'CA'`)。 -2. **用户**被分配给**区域**。 -3. 用户可以访问其区域中的记录,*无论*其角色如何。 - -这与 **Salesforce 企业区域管理**和 **Oracle Sales Cloud** 的最佳实践保持一致。 diff --git a/content/docs/concepts/security_architecture.mdx b/content/docs/concepts/security_architecture.mdx deleted file mode 100644 index e4880cbc5..000000000 --- a/content/docs/concepts/security_architecture.mdx +++ /dev/null @@ -1,100 +0,0 @@ ---- -title: Security Architecture -description: The "Defense in Depth" Model. Why we chose Metadata-Driven Security over Code-Based Security. ---- - -import { ShieldAlert, Users, key, Lock } from 'lucide-react'; - -# ObjectStack Security Model: The "Defense in Depth" Architecture - -ObjectStack adopts the **"Salesforce-style"** metadata-driven security model. This is chosen over the Microsoft (Dataverse) model for its superior granularity and decoupling, which is essential for complex enterprise scenarios. - -## 1. Comparison of Major Models - -| Layer | ObjectStack / Salesforce | Microsoft Dataverse (Dynamics) | Why we chose ObjectStack's way? | -| :--- | :--- | :--- | :--- | -| **Who is this?** | **User + Identity** | User + Azure AD | Standard OIDC/SAML integration. | -| **What can they do?**
(Functionality) | **Permission Set / Profile**
*(Boolean Flags)* | **Security Role**
*(The "Matrix" of Dots)* | Decoupling functional rights (e.g., "Export Data") from data scope allows more flexible assignment. | -| **Where do they sit?**
(Hierarchy) | **Role**
*(Reporting Line)* | **Business Unit**
*(Department Tree)* | "Role" implies logical reporting (VP can see Manager), whereas "BU" implies rigid department silos. | -| **What data can they see?**
(Visibility) | **Sharing Rules**
*(Criteria & Ownership)* | **Access Teams**
*(Ad-hoc)* | **Sharing Rules** are the "Killer Feature". They allow logic like "Share Deal > 1M with Finance", which Microsoft's static hierarchy cannot easily express. | -| **Super Access** | **View All / Modify All** | **Organization Level** (Green Dot) | Separating "Super Access" from standard "Read" prevents accidental data leaks. | - -## 2. The Protocols - -The Model is implemented via three key protocols: - -### A. Profiles & Permission Sets -* **What:** Defines "CRUD" access on Objects and Fields. -* **Analogy:** Your Keycard. It says "You can open doors on Level 3". -* **Example:** `leads: { read: true, edit: false }`. - -### B. OWD (Organization-Wide Defaults) -* **What:** The baseline visibility for records you *do not own*. -* **Analogy:** The default state of the office doors. Are they locked (Private) or open (Public Read Only)? -* **Example:** `Quote: Private` (Only owner sees it). - -### C. Sharing Rules -* **What:** Exceptions to the OWD to open up access. -* **Analogy:** "You can enter the CEO's office IF you are the VP of Sales." -* **Example:** `IF amount > 1,000,000 SHARE WITH Group:Executives READ/WRITE`. - -## 3. The Enforcement Flow - -Every query passes through the **Security Kernel**. - -```mermaid -graph TD - A[User Request] --> B{Profile Check} - B -- Deny --> X[403 Forbidden] - B -- Allow --> C{Field Level Security} - C -- Strip Fields --> D{Sharing Calculation} - D -- Add WHERE Clause --> E[Final Query] -``` - - -### A. Functional permissions (`src/data/permission.zod.ts`) -Defines the **Baseline**. -* If `allowRead = false`, the user cannot see *any* record, regardless of sharing. -* If `allowRead = true`, the user can see *their own* records (Ownership). - -### B. Structural Hierarchy (`src/system/role.zod.ts`) -Defines the **Reporting Line**. -* A user is assigned to one Role (e.g., "Sales Manager"). -* **Automatic Inheritance**: The "Sales Manager" implicitly sees data owned by "Sales Rep". -* *Note: This is closest to Microsoft's "Business Unit" concept.* - -### C. Data Access Scope (`src/data/sharing.zod.ts`) -Defines the **Expansion**. -* We start with "Private" (OWD). -* We expand access via **Sharing Rules**. - * **Criteria-based**: "If Status = 'Published', share with All Internal Users." - * **Owner-based**: "Share 'Western Region' records with 'Western VP'." - -## 3. Terminology Map - -If you are coming from the Microsoft/Dynamics ecosystem: - -* **Security Role (User Level)** -> `allowRead: true` -* **Security Role (BU Level)** -> `allowRead: true` + `Sharing Rule (Share with Role)` -* **Security Role (Org Level)** -> `viewAllRecords: true` -* **Business Unit** -> `Role` (Functional Hierarchy) - -## 4. Advanced: Matrix Management (Territory Management) - -For large global enterprises where a single reporting line ("Role") is insufficient, ObjectStack implements the **Territory Management** protocol (`src/system/territory.zod.ts`). - -This solves the "Matrix Organization" problem without breaking the strict Role hierarchy. - -* **Role Hierarchy (HR/Reporting)**: "Who reports to whom?" (Stable) - * Example: A Sales Rep reports to a Sales Manager. -* **Territory Hierarchy (Market/Revenue)**: "Who owns which market?" (Flexible, Multi-assignment) - * Example: A Sales Rep might be assigned to both "West Coast (Geo)" and "Healthcare (Industry)". - -**How it works:** -1. **Accounts/Deals** are assigned to **Territories** based on rules (e.g., `State = 'CA'`). -2. **Users** are assigned to **Territories**. -3. Users gain access to records in their Territories, *regardless* of their Role. - -This aligns with best practices from **Salesforce Enterprise Territory Management** and **Oracle Sales Cloud**. - - diff --git a/content/docs/concepts/terminology.cn.mdx b/content/docs/concepts/terminology.cn.mdx deleted file mode 100644 index 1ffc39517..000000000 --- a/content/docs/concepts/terminology.cn.mdx +++ /dev/null @@ -1,125 +0,0 @@ ---- -title: 术语表 -description: ObjectStack 生态系统的词汇表。使用相同的语言。 ---- - -import { Book, Server, Code, Database } from 'lucide-react'; - -为了有效地浏览 ObjectStack 生态系统,了解我们使用的特定词汇是有帮助的。虽然许多术语在计算机科学中是标准的,但在我们的"协议驱动"上下文中,有些术语具有特定的细微差别。 - -## 生态系统 - -### ObjectStack -整个协议和参考实现套件的总称。它被组织成分组到三个架构层的 **11 个协议命名空间**。 - -### 协议命名空间(Protocol Namespace) -使用 Zod 定义的相关 schema 和类型的逻辑分组。ObjectStack 有 11 个协议命名空间:数据(Data)、驱动(Driver)、权限(Permission)、UI、系统(System)、认证(Auth)、内核(Kernel)、Hub、AI、API 和自动化(Automation)。 - ---- - -## 11 个协议命名空间 - -### 数据协议(Data Protocol) -定义核心业务数据模型。包括对象 schema、字段类型、验证规则、查询 AST 和过滤条件。这是 ObjectQL 的基础。 - -### 驱动协议(Driver Protocol) -用于连接各种存储引擎(PostgreSQL、MongoDB、SQLite、Redis 等)的数据库适配器接口。驱动实现 CRUD 操作和查询执行的标准接口。 - -### 权限协议(Permission Protocol) -访问控制系统,包括对象级权限(CRUD)、字段级安全(FLS)、共享规则和区域管理。确定谁可以查看和修改哪些数据。 - -### UI 协议(UI Protocol) -用于构建用户界面的服务器驱动 UI 规范。包括应用结构、视图(列表/表单/看板/日历)、仪表板、报表、主题和操作。 - -### 系统协议(System Protocol) -基础设施服务,包括事件总线、作业调度、翻译(i18n)和审计日志。管理系统级关注点。 - -### 认证协议(Auth Protocol) -身份和访问管理,包括用户账户、会话、角色、组织结构以及各种认证策略(OAuth、SAML、LDAP 等)。 - -### 内核协议(Kernel Protocol) -插件系统和运行时管理。包括插件生命周期、清单定义、日志配置和运行时上下文。ObjectOS 的核心。 - -### Hub 协议(Hub Protocol) -SaaS 和市场功能,包括多租户、许可、市场插件和部署配置。实现商业分发。 - -### AI 协议(AI Protocol) -人工智能功能,包括 AI 代理、RAG 管道、自然语言查询(NLQ)、预测模型、成本跟踪和编排。 - -### API 协议(API Protocol) -外部通信层,包括 REST 契约、API 发现、实时订阅(WebSocket/SSE)和路由配置。 - -### 自动化协议(Automation Protocol) -业务流程自动化,包括工作流(状态机)、流程(可视化逻辑)和 Webhook(HTTP 回调)。 - ---- - -## 架构概念 - -### 协议驱动(Protocol-Driven) -一种开发范式,其中逻辑在静态声明性数据格式(JSON/YAML)中使用 Zod schema 定义,而不是命令式代码。目标是将**意图**(业务逻辑)与**实现**(技术堆栈)分离。 - -### 本地优先(Local-First) -一种架构模式,其中应用程序首先读取和写入嵌入在用户设备(客户端)上的数据库。网络同步在后台进行。这确保了零延迟交互和离线可用性。 - -### 数据库编译器(Database Compiler) -一个系统,它接受高级查询 AST(抽象语法树)并将其编译为优化的数据库查询字符串(例如,SQL)。这与 ORM 形成对比,ORM 通常充当运行时包装器对象。 - -### 虚拟字段(Virtual Field) -在数据协议 schema 中定义的字段,该字段在数据库表中不物理存在,而是即时计算的。 -* *示例:* 在编译时注入到 `SELECT` 语句中的 SQL 子查询或表达式。 - ---- - -## 数据和 Schema - -### 对象(Object/Entity) -ObjectStack 中数据建模的基本单元。大致相当于 SQL 中的"表"或 NoSQL 中的"集合"。对象定义包括字段、操作、触发器和权限。 - -### 驱动程序(Driver) -允许数据层与特定底层存储引擎通信的适配器插件(驱动协议)。 -* *示例:* `@objectstack/driver-postgres`、`@objectstack/driver-mongodb`、`@objectstack/driver-sqlite`。 - -### AST(抽象语法树) -查询或 schema 的中间表示。数据协议在驱动将其转换为 SQL/NoSQL 查询之前,将 JSON 请求解析为 AST。这允许在执行之前进行安全验证和优化。 - -### 清单(Manifest) -ObjectStack 插件的入口点配置文件(内核协议)。它使用清单 schema 声明依赖项、资源和扩展。 - ---- - -## 界面和逻辑 - -### 布局(Layout) -在 UI 协议中定义的 JSON 结构,描述组件的视觉排列。布局可以嵌套和动态(例如,主-明细、网格、看板)。 - -### 工作流(Workflow) -定义为**有限状态机(FSM)**的业务流程(自动化协议)。它由状态(例如,`draft`、`approved`)、转换和守卫组成。 - -### 流程(Flow) -可视化逻辑自动化工具(自动化协议),允许使用基于节点的编辑器构建业务流程。支持屏幕流程、自动启动流程和计划流程。 - -### 操作(Action) -可以由用户(UI 按钮)或系统事件(工作流转换)触发的离散逻辑单元(UI 协议)。操作定义按钮行为和导航。 - -### 组件注册表(Component Registry) -UI 运行时中的映射,它将字符串标识符(例如,`"chart.bar"`)链接到真实的 React 组件。这允许 UI 协议动态实例化 UI 元素。 - ---- - -## 治理 - -### 空间(Space/Workspace) -多租户的逻辑隔离单元(Hub 协议)。单个 ObjectStack 实例可以托管多个空间。数据通过租户隔离策略物理隔离。 - -### FLS(字段级安全) -一种细粒度权限模型(权限协议),其中访问控制应用于单个字段(列),而不仅仅是整个对象(行)。 - -### OWD(组织范围默认值) -对象中记录的默认共享级别(权限协议)。在应用共享规则之前确定基线访问级别。 - -### 区域(Territory) -分层访问控制模型(权限协议),根据地理或组织边界授予数据访问权限。 - -### TCK(技术兼容性工具包) -一套测试,验证驱动程序或渲染器是否符合官方 ObjectStack 协议。如果新驱动程序通过 TCK,则认证为兼容。 diff --git a/content/docs/developers/cli-tools.mdx b/content/docs/developers/cli-tools.mdx new file mode 100644 index 000000000..428429081 --- /dev/null +++ b/content/docs/developers/cli-tools.mdx @@ -0,0 +1,1062 @@ +--- +title: CLI Tools +description: Master the objectstack-cli for project scaffolding, code generation, validation, and deployment. +--- + +# CLI Tools + +The **objectstack-cli** is your command-line companion for building, managing, and deploying ObjectStack applications. It provides code generators, validators, migration tools, and deployment utilities. + +Think of it as the **"rails" or "create-react-app"** for ObjectStack - automating repetitive tasks and enforcing best practices. + +--- + +## 🎯 What Can CLI Do? + + + + Initialize new projects with best-practice structure + + + + Generate objects, fields, views, and plugins from templates + + + + Lint and validate metadata schemas + + + + Build, package, and deploy to ObjectStack Cloud or self-hosted + + + + Generate and run database migrations + + + + Interactive shell for querying and testing + + + +--- + +## 📋 Prerequisites + +- **Node.js** 18+ and **npm** 9+ +- Basic command-line knowledge +- ObjectStack project (or create one with CLI) + +--- + +## 🚀 Installation + +### Global Installation (Recommended) + +```bash +npm install -g @objectstack/cli + +# Verify installation +objectstack --version +# or shorthand +os --version +``` + +### Project-Specific Installation + +```bash +npm install --save-dev @objectstack/cli + +# Use via npx +npx objectstack --version +``` + +--- + +## 🏗️ Project Initialization + +### Create a New Project + +```bash +# Interactive mode +objectstack init + +# Or specify project name +objectstack init my-app + +# With template +objectstack init my-app --template=crm +``` + +**Available Templates:** + +- `blank` - Minimal setup (default) +- `crm` - Customer relationship management +- `ecommerce` - E-commerce platform +- `saas` - Multi-tenant SaaS starter +- `helpdesk` - Ticketing system + +**Project Structure:** + +``` +my-app/ +├── src/ +│ ├── objects/ # Object definitions +│ ├── views/ # UI views +│ ├── flows/ # Business logic flows +│ ├── plugins/ # Custom plugins +│ └── index.ts # Entry point +├── tests/ +├── objectstack.config.ts # Project configuration +├── package.json +└── tsconfig.json +``` + +--- + +## 🔧 Configuration + +### objectstack.config.ts + +```typescript +import { defineConfig } from '@objectstack/cli'; + +export default defineConfig({ + // ============================================================================ + // Project Metadata + // ============================================================================ + + name: 'my_app', + version: '1.0.0', + description: 'My ObjectStack Application', + + // ============================================================================ + // Build Settings + // ============================================================================ + + build: { + outDir: './dist', + sourcemap: true, + minify: true, + target: 'node18', + }, + + // ============================================================================ + // Database Configuration + // ============================================================================ + + datasources: { + default: { + driver: 'postgres', + host: process.env.DB_HOST || 'localhost', + port: parseInt(process.env.DB_PORT || '5432'), + database: process.env.DB_NAME || 'myapp', + user: process.env.DB_USER || 'postgres', + password: process.env.DB_PASSWORD, + }, + }, + + // ============================================================================ + // Plugin Configuration + // ============================================================================ + + plugins: [ + '@objectstack/plugin-auth', + '@objectstack/plugin-email', + './src/plugins/custom-integration', + ], + + // ============================================================================ + // Development Server + // ============================================================================ + + dev: { + port: 3000, + host: '0.0.0.0', + watch: true, + hotReload: true, + }, + + // ============================================================================ + // Deployment + // ============================================================================ + + deploy: { + target: 'cloud', // 'cloud' | 'self-hosted' | 'docker' + region: 'us-east-1', + }, +}); +``` + +--- + +## 📝 Code Generation + +### Generate Object + +```bash +# Interactive mode +objectstack generate object + +# With options +objectstack generate object Contact \ + --fields="first_name:text,last_name:text,email:email" \ + --relationships="account:lookup" \ + --icon="user" + +# Shorthand +os g object Contact +``` + +**Generated File:** + +```typescript +// src/objects/contact.object.ts +import { ObjectSchema, Field } from '@objectstack/spec'; + +export const Contact = ObjectSchema.create({ + name: 'contact', + label: 'Contact', + pluralLabel: 'Contacts', + icon: 'user', + + fields: { + first_name: Field.text({ label: 'First Name', required: true }), + last_name: Field.text({ label: 'Last Name', required: true }), + email: Field.email({ label: 'Email' }), + account: Field.lookup('account', { label: 'Account' }), + }, + + enable: { + apiEnabled: true, + trackHistory: true, + }, +}); +``` + +### Generate Field + +```bash +# Add a field to existing object +objectstack generate field Contact.phone \ + --type=phone \ + --label="Phone Number" \ + --required + +# Multiple fields at once +objectstack generate field Contact \ + --fields="mobile:phone,fax:phone,birthday:date" +``` + +### Generate View + +```bash +# List view +objectstack generate view Contact.list \ + --type=grid \ + --columns="first_name,last_name,email,account" + +# Form view +objectstack generate view Contact.form \ + --type=simple \ + --sections="basic:first_name,last_name|contact:email,phone" + +# Kanban view +objectstack generate view Task.kanban \ + --type=kanban \ + --groupBy=status +``` + +### Generate Plugin + +```bash +# Create new plugin +objectstack generate plugin my-integration \ + --with-routes \ + --with-jobs \ + --with-events + +cd plugins/my-integration +npm install +``` + +### Generate Widget + +```bash +# Create custom widget +objectstack generate widget rich-editor \ + --framework=react \ + --type=field + +cd widgets/rich-editor +npm install +``` + +### Generate Flow + +```bash +# Create automation flow +objectstack generate flow send-welcome-email \ + --type=autolaunched \ + --trigger="contact.created" +``` + +--- + +## ✅ Validation & Linting + +### Validate Schemas + +```bash +# Validate all schemas +objectstack validate + +# Validate specific files +objectstack validate src/objects/contact.object.ts + +# Validate with strict mode +objectstack validate --strict + +# Output JSON report +objectstack validate --format=json > report.json +``` + +**Example Output:** + +``` +✓ src/objects/account.object.ts +✓ src/objects/contact.object.ts +✗ src/objects/task.object.ts + × Field "due_date" has invalid type + × Missing required field "nameField" + +2 files valid, 1 file with errors +``` + +### Lint Code + +```bash +# Run ESLint with ObjectStack rules +objectstack lint + +# Fix auto-fixable issues +objectstack lint --fix + +# Check specific files +objectstack lint src/objects/**/*.ts +``` + +### Type Check + +```bash +# Run TypeScript compiler +objectstack typecheck + +# Watch mode +objectstack typecheck --watch +``` + +--- + +## 🔍 Interactive REPL + +Launch an interactive shell for testing and debugging: + +```bash +objectstack repl + +# Or with specific environment +objectstack repl --env=production +``` + +**REPL Commands:** + +```javascript +// Query objects +> await ql.object('contact').find({ status: 'active' }) + +// Create records +> await ql.object('contact').create({ + first_name: 'John', + last_name: 'Doe', + email: 'john@example.com' + }) + +// Update records +> await ql.object('contact').update('contact-123', { + status: 'inactive' + }) + +// Test formulas +> await ql.evaluate('CONCAT(first_name, " ", last_name)', { + first_name: 'John', + last_name: 'Doe' + }) + +// Inspect schema +> await os.getObjectSchema('contact') + +// List objects +> await os.listObjects() + +// Exit +> .exit +``` + +--- + +## 🗄️ Database Migrations + +### Generate Migration + +```bash +# Auto-generate from schema changes +objectstack migrate:generate + +# Named migration +objectstack migrate:generate add-phone-to-contact + +# With custom SQL +objectstack migrate:generate --sql +``` + +**Generated Migration:** + +```typescript +// migrations/20240126_add_phone_to_contact.ts +import { Migration } from '@objectstack/cli'; + +export const up: Migration = async (db) => { + await db.schema.alterTable('contact', (table) => { + table.string('phone'); + }); +}; + +export const down: Migration = async (db) => { + await db.schema.alterTable('contact', (table) => { + table.dropColumn('phone'); + }); +}; +``` + +### Run Migrations + +```bash +# Run pending migrations +objectstack migrate + +# Rollback last migration +objectstack migrate:rollback + +# Rollback all +objectstack migrate:rollback --all + +# Show migration status +objectstack migrate:status +``` + +### Seed Data + +```bash +# Run seeders +objectstack db:seed + +# Specific seeder +objectstack db:seed --file=contacts.seed.ts + +# Reset database and seed +objectstack db:reset --seed +``` + +**Seeder Example:** + +```typescript +// seeds/contacts.seed.ts +import { Seeder } from '@objectstack/cli'; + +export const seed: Seeder = async (ql) => { + await ql.object('contact').bulkCreate([ + { first_name: 'Alice', last_name: 'Smith', email: 'alice@example.com' }, + { first_name: 'Bob', last_name: 'Jones', email: 'bob@example.com' }, + ]); +}; +``` + +--- + +## 🏃 Development Server + +### Start Dev Server + +```bash +# Start with hot reload +objectstack dev + +# Custom port +objectstack dev --port=4000 + +# Open browser +objectstack dev --open + +# With specific config +objectstack dev --config=objectstack.dev.ts +``` + +**Console Output:** + +``` +ObjectStack Dev Server + + ➜ Local: http://localhost:3000 + ➜ Network: http://192.168.1.10:3000 + + ✓ Ready in 1.2s + + Objects: 12 loaded + Plugins: 3 enabled + Views: 8 registered +``` + +### Build for Production + +```bash +# Build project +objectstack build + +# Build with specific environment +objectstack build --env=production + +# Build and analyze bundle +objectstack build --analyze + +# Output directory +objectstack build --outDir=./dist +``` + +--- + +## 📊 Analyze & Inspect + +### Inspect Schema + +```bash +# Show all objects +objectstack inspect objects + +# Show specific object +objectstack inspect object Contact + +# Show fields +objectstack inspect fields Contact + +# Show relationships +objectstack inspect relationships Contact + +# Output as JSON +objectstack inspect object Contact --format=json +``` + +**Example Output:** + +``` +Object: Contact + +Name: contact +Label: Contact +Plural: Contacts +Icon: user + +Fields: + - first_name (text) *required + - last_name (text) *required + - email (email) *unique + - phone (phone) + - account (lookup → account) + +Relationships: + ← tasks (Task.contact) + ← opportunities (Opportunity.contact) + +Capabilities: + ✓ API Enabled + ✓ Track History + ✓ Search Enabled +``` + +### Dependency Graph + +```bash +# Show plugin dependencies +objectstack graph plugins + +# Show object relationships +objectstack graph objects + +# Export as DOT file +objectstack graph objects --format=dot > graph.dot +``` + +--- + +## 🚀 Deployment + +### Deploy to ObjectStack Cloud + +```bash +# Login +objectstack login + +# Deploy +objectstack deploy + +# Deploy to specific environment +objectstack deploy --env=production + +# Deploy with custom name +objectstack deploy --name=my-app-v2 + +# Dry run +objectstack deploy --dry-run +``` + +**Deployment Process:** + +``` +✓ Validating schemas... +✓ Building project... +✓ Running tests... +✓ Uploading assets... +✓ Creating deployment... +✓ Running migrations... +✓ Starting services... + +Deployed to: https://my-app.objectstack.app +``` + +### Deploy to Self-Hosted + +```bash +# Generate Docker image +objectstack docker:build + +# Run locally +objectstack docker:run + +# Generate docker-compose.yml +objectstack docker:compose + +# Deploy to Kubernetes +objectstack k8s:deploy +``` + +**Generated docker-compose.yml:** + +```yaml +version: '3.8' +services: + app: + image: my-app:latest + ports: + - "3000:3000" + environment: + - DB_HOST=postgres + - DB_NAME=myapp + depends_on: + - postgres + - redis + + postgres: + image: postgres:15 + environment: + POSTGRES_DB: myapp + POSTGRES_USER: postgres + POSTGRES_PASSWORD: ${DB_PASSWORD} + volumes: + - postgres_data:/var/lib/postgresql/data + + redis: + image: redis:7 + volumes: + - redis_data:/data + +volumes: + postgres_data: + redis_data: +``` + +--- + +## 🧪 Testing + +### Run Tests + +```bash +# Run all tests +objectstack test + +# Watch mode +objectstack test --watch + +# Coverage report +objectstack test --coverage + +# Specific test file +objectstack test tests/contact.test.ts + +# E2E tests +objectstack test:e2e +``` + +### Generate Tests + +```bash +# Generate test for object +objectstack generate test Contact + +# Generate integration test +objectstack generate test Contact --type=integration +``` + +**Generated Test:** + +```typescript +// tests/contact.test.ts +import { describe, it, expect } from 'vitest'; +import { createTestContext } from '@objectstack/testing'; + +describe('Contact Object', () => { + it('should create contact', async () => { + const ctx = await createTestContext(); + + const contact = await ctx.ql.object('contact').create({ + first_name: 'John', + last_name: 'Doe', + email: 'john@example.com', + }); + + expect(contact.id).toBeDefined(); + expect(contact.first_name).toBe('John'); + }); +}); +``` + +--- + +## 🔌 Plugin Management + +### Install Plugin + +```bash +# Install from npm +objectstack plugin:install @objectstack/plugin-auth + +# Install from local path +objectstack plugin:install ./plugins/my-plugin + +# Install and enable +objectstack plugin:install @objectstack/plugin-auth --enable +``` + +### List Plugins + +```bash +# Show all plugins +objectstack plugin:list + +# Show enabled plugins +objectstack plugin:list --enabled + +# Show plugin details +objectstack plugin:info @objectstack/plugin-auth +``` + +### Enable/Disable Plugin + +```bash +# Enable plugin +objectstack plugin:enable @objectstack/plugin-auth + +# Disable plugin +objectstack plugin:disable @objectstack/plugin-auth +``` + +--- + +## 🌍 Environment Management + +### List Environments + +```bash +objectstack env:list +``` + +### Switch Environment + +```bash +objectstack env:use production +``` + +### Create Environment + +```bash +objectstack env:create staging \ + --db-host=staging-db.example.com \ + --db-name=myapp_staging +``` + +--- + +## 📦 Package Management + +### Create Package + +```bash +# Create distributable package +objectstack package + +# With specific version +objectstack package --version=1.2.0 + +# Include dependencies +objectstack package --include-deps +``` + +### Publish Package + +```bash +# Publish to npm +objectstack publish + +# Publish to ObjectStack Hub +objectstack publish --registry=hub.objectstack.dev + +# Publish with tag +objectstack publish --tag=beta +``` + +--- + +## ⚙️ Advanced Commands + +### Export Schema + +```bash +# Export to JSON +objectstack export --format=json > schema.json + +# Export to YAML +objectstack export --format=yaml > schema.yaml + +# Export specific objects +objectstack export --objects=Contact,Account +``` + +### Import Schema + +```bash +# Import from file +objectstack import schema.json + +# Import with merge +objectstack import schema.json --merge + +# Dry run +objectstack import schema.json --dry-run +``` + +### Sync from Database + +```bash +# Generate objects from existing database +objectstack sync:from-db + +# Specific tables +objectstack sync:from-db --tables=users,orders + +# Preview changes +objectstack sync:from-db --preview +``` + +--- + +## 🛠️ Custom Scripts + +Add custom scripts to `objectstack.config.ts`: + +```typescript +export default defineConfig({ + scripts: { + 'seed:prod': 'objectstack db:seed --env=production', + 'deploy:staging': 'objectstack deploy --env=staging', + 'backup': 'pg_dump $DB_NAME > backup.sql', + }, +}); +``` + +Run custom scripts: + +```bash +objectstack run seed:prod +objectstack run deploy:staging +objectstack run backup +``` + +--- + +## 📚 CLI Reference + +### Global Options + +```bash +--version Show version +--help Show help +--config Use specific config file +--env Use specific environment +--verbose Show detailed logs +--quiet Suppress output +--no-color Disable colors +``` + +### Command Categories + +| Category | Commands | Description | +|----------|----------|-------------| +| **Project** | `init`, `build`, `dev` | Project management | +| **Generate** | `generate object`, `generate field`, etc. | Code generation | +| **Database** | `migrate`, `db:seed`, `db:reset` | Database operations | +| **Validation** | `validate`, `lint`, `typecheck` | Quality checks | +| **Deploy** | `deploy`, `docker:build`, `k8s:deploy` | Deployment | +| **Plugin** | `plugin:install`, `plugin:list` | Plugin management | +| **Inspect** | `inspect objects`, `inspect object` | Schema inspection | + +--- + +## ✅ Best Practices + +### 1. Use Environment Variables + +```bash +# .env.local +DB_HOST=localhost +DB_PORT=5432 +DB_NAME=myapp_dev +DB_USER=postgres +DB_PASSWORD=secret +``` + +```typescript +// objectstack.config.ts +export default defineConfig({ + datasources: { + default: { + host: process.env.DB_HOST, + port: parseInt(process.env.DB_PORT!), + database: process.env.DB_NAME, + user: process.env.DB_USER, + password: process.env.DB_PASSWORD, + }, + }, +}); +``` + +### 2. Version Control Migrations + +```bash +# Always commit migrations +git add migrations/ +git commit -m "Add phone field to contact" +``` + +### 3. Validate Before Deploying + +```bash +# Pre-deployment checklist +objectstack validate --strict +objectstack test +objectstack build +objectstack deploy --dry-run +objectstack deploy +``` + +### 4. Use TypeScript Strict Mode + +```json +{ + "compilerOptions": { + "strict": true, + "noImplicitAny": true, + "strictNullChecks": true + } +} +``` + +### 5. Automate with Scripts + +```json +{ + "scripts": { + "dev": "objectstack dev", + "build": "objectstack build", + "test": "objectstack test", + "validate": "objectstack validate && objectstack lint", + "deploy": "npm run validate && npm test && objectstack deploy" + } +} +``` + +--- + +## 🔗 Related Resources + +- [Project Structure Guide](/docs/guides/project-structure) +- [Plugin Development](/docs/development/writing-plugins) +- [Deployment Guide](/docs/transport) + +--- + +## 🆘 Troubleshooting + +### Command Not Found + +```bash +# Ensure CLI is installed globally +npm install -g @objectstack/cli + +# Or use npx +npx @objectstack/cli --version +``` + +### Validation Errors + +```bash +# Get detailed error messages +objectstack validate --verbose + +# Show line numbers +objectstack validate --show-line-numbers +``` + +### Migration Failures + +```bash +# Rollback and retry +objectstack migrate:rollback +objectstack migrate + +# Force migration (use with caution) +objectstack migrate --force +``` + +### Build Errors + +```bash +# Clean build cache +objectstack clean + +# Rebuild +objectstack build +``` + +--- + +Ready to master the CLI? Start with `objectstack init` and explore the commands! 🚀 diff --git a/content/docs/developers/custom-widgets.mdx b/content/docs/developers/custom-widgets.mdx new file mode 100644 index 000000000..8c9582e32 --- /dev/null +++ b/content/docs/developers/custom-widgets.mdx @@ -0,0 +1,1136 @@ +--- +title: Custom Widgets +description: Build React, Vue, or Svelte components for custom field rendering and encapsulate them as ObjectWidgets. +--- + +# Custom Widgets + +Custom Widgets allow you to **extend the ObjectStack UI** with your own React, Vue, or Svelte components. Build rich form controls, data visualizations, or specialized input methods that integrate seamlessly with the ObjectStack form system. + +Examples: Rich text editors, date pickers, color selectors, signature pads, map selectors, kanban boards, etc. + +--- + +## 🎯 What Are Widgets? + +Widgets are **UI components** that render field values in forms and views. ObjectStack provides built-in widgets for common field types (text, number, select), but you can create custom widgets for specialized use cases. + + + + Custom input controls for form fields + + + + Read-only visualizations (charts, gauges, maps) + + + + Custom sections or containers in forms + + + +--- + +## 📋 Prerequisites + +- **React** 18+, **Vue** 3+, or **Svelte** 4+ knowledge +- **TypeScript** familiarity +- Understanding of [ObjectUI Protocol](/docs/protocols/objectui) +- Node.js 18+ and npm 9+ + +--- + +## 🚀 Quick Start + +### Step 1: Create a Widget Project + +```bash +# Using the official generator +npm create @objectstack/widget my-rich-editor + +cd my-rich-editor +npm install +``` + +**Choose your framework:** +- React (recommended for most cases) +- Vue 3 +- Svelte + +The generator creates: + +``` +my-rich-editor/ +├── src/ +│ ├── RichEditor.tsx # Widget component +│ ├── index.ts # Widget registration +│ ├── types.ts # TypeScript types +│ └── styles.css # Component styles +├── package.json +├── tsconfig.json +├── vite.config.ts # Build configuration +└── README.md +``` + +### Step 2: Implement the Widget Component + +```typescript +// src/RichEditor.tsx +import React, { useCallback } from 'react'; +import { FieldWidgetProps } from '@objectstack/spec'; +import { Editor } from '@tiptap/react'; +import StarterKit from '@tiptap/starter-kit'; + +export function RichEditor(props: FieldWidgetProps) { + const { value, onChange, readonly, required, error, field } = props; + + // Initialize TipTap editor + const editor = useEditor({ + extensions: [StarterKit], + content: value || '', + editable: !readonly, + onUpdate: ({ editor }) => { + onChange(editor.getHTML()); + }, + }); + + return ( +
+ {/* Label */} + + + {/* Toolbar */} + {!readonly && ( +
+ + + +
+ )} + + {/* Editor Content */} + + + {/* Error Message */} + {error && {error}} + + {/* Help Text */} + {field.description && ( + {field.description} + )} +
+ ); +} +``` + +### Step 3: Register the Widget + +```typescript +// src/index.ts +import { defineWidget } from '@objectstack/spec'; +import { RichEditor } from './RichEditor'; + +export default defineWidget({ + name: 'rich_editor', + label: 'Rich Text Editor', + description: 'WYSIWYG editor with formatting toolbar', + version: '1.0.0', + author: 'Your Name', + + // Supported field types + supportedTypes: ['text', 'textarea', 'longtext'], + + // Widget component + component: RichEditor, + + // Configuration options + settings: { + toolbar: { + type: 'select', + label: 'Toolbar Style', + options: [ + { label: 'Full', value: 'full' }, + { label: 'Minimal', value: 'minimal' }, + ], + default: 'full', + }, + maxLength: { + type: 'number', + label: 'Max Length', + default: 10000, + }, + }, +}); +``` + +### Step 4: Build & Test + +```bash +# Development mode with hot reload +npm run dev + +# Build for production +npm run build + +# Output: dist/index.js, dist/index.css +``` + +--- + +## 🧩 Widget Props Interface + +Every widget receives the `FieldWidgetProps` interface: + +```typescript +import { FieldWidgetProps } from '@objectstack/spec'; + +interface FieldWidgetProps { + // ============================================================================ + // Value & Change Handling + // ============================================================================ + + /** + * Current field value. + * Type depends on field type (string, number, boolean, array, object). + */ + value: any; + + /** + * Callback to update the field value. + * Call this when user interaction changes the value. + */ + onChange: (newValue: any) => void; + + // ============================================================================ + // Field State + // ============================================================================ + + /** + * Whether the field is read-only. + * When true, display the value but don't allow editing. + */ + readonly: boolean; + + /** + * Whether the field is required. + * Show visual indicator (e.g., asterisk) when true. + */ + required: boolean; + + /** + * Validation error message. + * Display this in your widget's error UI. + */ + error?: string; + + // ============================================================================ + // Metadata + // ============================================================================ + + /** + * Complete field definition from schema. + * Contains type, label, description, constraints, etc. + */ + field: Field; + + /** + * The complete record being edited. + * Useful for conditional logic and cross-field dependencies. + */ + record?: Record; + + /** + * Custom options passed to the widget. + * Configured in field definition or widget settings. + */ + options?: Record; +} +``` + +--- + +## 🎨 Widget Examples + +### Example 1: Color Picker + +```typescript +// src/ColorPicker.tsx +import React from 'react'; +import { FieldWidgetProps } from '@objectstack/spec'; +import { HexColorPicker } from 'react-colorful'; + +export function ColorPicker(props: FieldWidgetProps) { + const { value, onChange, readonly, required, error, field } = props; + + return ( +
+ + + {readonly ? ( + // Read-only mode: just show the color +
+ ) : ( + // Edit mode: show picker + + )} + + {/* Hex input */} + {!readonly && ( + onChange(e.target.value)} + pattern="^#[0-9A-Fa-f]{6}$" + /> + )} + + {error && {error}} +
+ ); +} +``` + +**Usage in Field Definition:** + +```typescript +import { Field } from '@objectstack/spec'; + +const fields = { + brand_color: Field.text({ + label: 'Brand Color', + widget: 'color_picker', + }), +}; +``` + +--- + +### Example 2: Signature Pad + +```typescript +// src/SignaturePad.tsx +import React, { useRef, useEffect } from 'react'; +import { FieldWidgetProps } from '@objectstack/spec'; +import SignatureCanvas from 'react-signature-canvas'; + +export function SignaturePad(props: FieldWidgetProps) { + const { value, onChange, readonly, field } = props; + const sigCanvas = useRef(null); + + useEffect(() => { + if (value && sigCanvas.current) { + sigCanvas.current.fromDataURL(value); + } + }, [value]); + + const handleSave = () => { + if (sigCanvas.current) { + const dataUrl = sigCanvas.current.toDataURL(); + onChange(dataUrl); + } + }; + + const handleClear = () => { + sigCanvas.current?.clear(); + onChange(null); + }; + + return ( +
+ + + {readonly ? ( + // Read-only: display signature image + value ? Signature :

No signature

+ ) : ( + // Edit mode: canvas + <> + +
+ +
+ + )} +
+ ); +} +``` + +--- + +### Example 3: Map Location Picker + +```typescript +// src/MapPicker.tsx +import React, { useState } from 'react'; +import { FieldWidgetProps } from '@objectstack/spec'; +import { MapContainer, TileLayer, Marker, useMapEvents } from 'react-leaflet'; + +function LocationMarker({ position, onPositionChange }) { + useMapEvents({ + click(e) { + onPositionChange(e.latlng); + }, + }); + + return position ? : null; +} + +export function MapPicker(props: FieldWidgetProps) { + const { value, onChange, readonly, field } = props; + + const [position, setPosition] = useState( + value ? { lat: value.latitude, lng: value.longitude } : null + ); + + const handlePositionChange = (latlng) => { + setPosition(latlng); + onChange({ + latitude: latlng.lat, + longitude: latlng.lng, + }); + }; + + return ( +
+ + + + + {!readonly && ( + + )} + {readonly && position && } + + + {position && ( +

+ Lat: {position.lat.toFixed(6)}, Lng: {position.lng.toFixed(6)} +

+ )} +
+ ); +} +``` + +--- + +### Example 4: Rating Stars + +```typescript +// src/StarRating.tsx +import React from 'react'; +import { FieldWidgetProps } from '@objectstack/spec'; +import { Star } from 'lucide-react'; + +export function StarRating(props: FieldWidgetProps) { + const { value, onChange, readonly, field, options } = props; + const maxStars = options?.maxStars || 5; + + return ( +
+ + +
+ {[...Array(maxStars)].map((_, index) => { + const starValue = index + 1; + return ( + + ); + })} +
+ + {value > 0 && {value} / {maxStars}} +
+ ); +} +``` + +--- + +### Example 5: JSON Editor + +```typescript +// src/JsonEditor.tsx +import React, { useState } from 'react'; +import { FieldWidgetProps } from '@objectstack/spec'; +import CodeMirror from '@uiw/react-codemirror'; +import { json } from '@codemirror/lang-json'; + +export function JsonEditor(props: FieldWidgetProps) { + const { value, onChange, readonly, error, field } = props; + const [jsonError, setJsonError] = useState(null); + + const handleChange = (jsonString: string) => { + try { + const parsed = JSON.parse(jsonString); + onChange(parsed); + setJsonError(null); + } catch (e) { + setJsonError('Invalid JSON syntax'); + } + }; + + const jsonString = typeof value === 'string' + ? value + : JSON.stringify(value, null, 2); + + return ( +
+ + + + + {(error || jsonError) && ( + {error || jsonError} + )} +
+ ); +} +``` + +--- + +## 🎛️ Widget Configuration + +Widgets can accept custom options: + +```typescript +// Widget definition +export default defineWidget({ + name: 'star_rating', + component: StarRating, + + settings: { + maxStars: { + type: 'number', + label: 'Maximum Stars', + default: 5, + min: 1, + max: 10, + }, + allowHalf: { + type: 'checkbox', + label: 'Allow Half Stars', + default: false, + }, + }, +}); +``` + +**Usage in Field:** + +```typescript +const fields = { + satisfaction: Field.number({ + label: 'Satisfaction Rating', + widget: 'star_rating', + widgetOptions: { + maxStars: 5, + allowHalf: false, + }, + }), +}; +``` + +--- + +## 🔄 Handling Complex Values + +### Arrays + +```typescript +// Tags widget +export function TagsWidget(props: FieldWidgetProps) { + const { value = [], onChange } = props; + + const addTag = (tag: string) => { + onChange([...value, tag]); + }; + + const removeTag = (index: number) => { + onChange(value.filter((_, i) => i !== index)); + }; + + return ( +
+ {value.map((tag, i) => ( + + {tag} + + + ))} + { + if (e.key === 'Enter') { + addTag(e.currentTarget.value); + e.currentTarget.value = ''; + } + }} + placeholder="Add tag..." + /> +
+ ); +} +``` + +### Objects + +```typescript +// Address widget +export function AddressWidget(props: FieldWidgetProps) { + const { value = {}, onChange } = props; + + const updateField = (field: string, fieldValue: any) => { + onChange({ ...value, [field]: fieldValue }); + }; + + return ( +
+ updateField('street', e.target.value)} + /> + updateField('city', e.target.value)} + /> + updateField('state', e.target.value)} + /> + updateField('zip', e.target.value)} + /> +
+ ); +} +``` + +--- + +## 🌐 Vue & Svelte Examples + +### Vue 3 Widget + +```vue + + + + +``` + +### Svelte Widget + +```svelte + + + +
+ + + {#if !readonly} +
+ + +
+ {/if} + +
+ + {#if error} + {error} + {/if} +
+``` + +--- + +## 🎨 Styling Widgets + +### CSS Modules + +```typescript +// src/RichEditor.module.css +.widget { + display: flex; + flex-direction: column; + gap: 8px; +} + +.label { + font-weight: 600; + color: var(--color-text-primary); +} + +.toolbar { + display: flex; + gap: 4px; + padding: 8px; + background: var(--color-bg-secondary); + border-radius: 4px; +} + +.error { + color: var(--color-error); + font-size: 12px; +} +``` + +```typescript +// src/RichEditor.tsx +import styles from './RichEditor.module.css'; + +export function RichEditor(props: FieldWidgetProps) { + return ( +
+ + {/* ... */} +
+ ); +} +``` + +### Tailwind CSS + +```typescript +export function RichEditor(props: FieldWidgetProps) { + return ( +
+ +
+ {/* Editor content */} +
+ {props.error && ( + {props.error} + )} +
+ ); +} +``` + +--- + +## 📦 Building & Distributing + +### Build Configuration + +```typescript +// vite.config.ts +import { defineConfig } from 'vite'; +import react from '@vitejs/plugin-react'; + +export default defineConfig({ + plugins: [react()], + build: { + lib: { + entry: './src/index.ts', + name: 'MyWidget', + formats: ['es', 'umd'], + fileName: (format) => `index.${format}.js`, + }, + rollupOptions: { + external: ['react', 'react-dom', '@objectstack/spec'], + output: { + globals: { + react: 'React', + 'react-dom': 'ReactDOM', + '@objectstack/spec': 'ObjectStack', + }, + }, + }, + }, +}); +``` + +### Package.json + +```json +{ + "name": "@mycompany/objectstack-widget-richeditor", + "version": "1.0.0", + "main": "./dist/index.umd.js", + "module": "./dist/index.es.js", + "types": "./dist/index.d.ts", + "exports": { + ".": { + "import": "./dist/index.es.js", + "require": "./dist/index.umd.js", + "types": "./dist/index.d.ts" + }, + "./style.css": "./dist/style.css" + }, + "files": ["dist"], + "keywords": ["objectstack", "widget", "richeditor"], + + "objectstack": { + "type": "widget", + "entry": "./dist/index.es.js", + "styles": "./dist/style.css" + }, + + "peerDependencies": { + "@objectstack/spec": "^1.0.0", + "react": "^18.0.0", + "react-dom": "^18.0.0" + } +} +``` + +--- + +## 🧪 Testing Widgets + +### Component Tests + +```typescript +// tests/RichEditor.test.tsx +import { render, screen, fireEvent } from '@testing-library/react'; +import { RichEditor } from '../src/RichEditor'; + +describe('RichEditor Widget', () => { + it('renders label', () => { + render( + {}} + field={{ label: 'Description' }} + readonly={false} + required={false} + /> + ); + + expect(screen.getByText('Description')).toBeInTheDocument(); + }); + + it('calls onChange on input', () => { + const onChange = vi.fn(); + + render( + + ); + + // Simulate typing + // ... + + expect(onChange).toHaveBeenCalled(); + }); + + it('shows error message', () => { + render( + {}} + field={{ label: 'Description' }} + error="This field is required" + readonly={false} + required={true} + /> + ); + + expect(screen.getByText('This field is required')).toBeInTheDocument(); + }); +}); +``` + +--- + +## ✅ Best Practices + +### 1. Handle All States + +```typescript +// ✅ Good: Handle all props +export function MyWidget(props: FieldWidgetProps) { + const { value, onChange, readonly, required, error, field } = props; + + return ( +
+ + onChange(e.target.value)} + disabled={readonly} + /> + {error && {error}} + {field.description && {field.description}} +
+ ); +} +``` + +### 2. Debounce Expensive Operations + +```typescript +import { useDebouncedCallback } from 'use-debounce'; + +export function MyWidget(props: FieldWidgetProps) { + const debouncedChange = useDebouncedCallback( + (value) => props.onChange(value), + 300 + ); + + return debouncedChange(e.target.value)} />; +} +``` + +### 3. Validate Input + +```typescript +export function NumberWidget(props: FieldWidgetProps) { + const { value, onChange, field } = props; + + const handleChange = (newValue: string) => { + const num = parseFloat(newValue); + + // Validate against field constraints + if (field.min !== undefined && num < field.min) return; + if (field.max !== undefined && num > field.max) return; + + onChange(num); + }; + + return handleChange(e.target.value)} />; +} +``` + +### 4. Support Accessibility + +```typescript +export function MyWidget(props: FieldWidgetProps) { + const { field, error, required } = props; + const inputId = `field-${field.name}`; + const errorId = `${inputId}-error`; + + return ( +
+ + + {error && {error}} +
+ ); +} +``` + +### 5. Optimize Re-renders + +```typescript +import { memo } from 'react'; + +export const MyWidget = memo((props: FieldWidgetProps) => { + // Component implementation +}, (prevProps, nextProps) => { + // Custom comparison + return prevProps.value === nextProps.value && + prevProps.error === nextProps.error && + prevProps.readonly === nextProps.readonly; +}); +``` + +--- + +## 🔗 Related Resources + +- [ObjectUI Protocol](/docs/protocols/objectui) +- [Field Types Reference](/docs/guides/field-types) +- [Plugin Development](/docs/development/writing-plugins) + +--- + +## 🆘 Troubleshooting + +### Widget Not Rendering + +Check that it's registered properly: + +```typescript +export default defineWidget({ + name: 'my_widget', + component: MyWidget, + supportedTypes: ['text'], +}); +``` + +### onChange Not Working + +Ensure you're calling it correctly: + +```typescript +onChange(newValue); // ✅ Correct +onChange({ target: { value: newValue } }); // ❌ Wrong +``` + +### Styles Not Loading + +Import CSS in your entry point: + +```typescript +import './styles.css'; +export { MyWidget } from './MyWidget'; +``` + +--- + +Ready to build your custom widget? Start with the [Quick Start](#quick-start) guide! 🎨 diff --git a/content/docs/developers/index.mdx b/content/docs/developers/index.mdx new file mode 100644 index 000000000..c78ad0d2f --- /dev/null +++ b/content/docs/developers/index.mdx @@ -0,0 +1,371 @@ +--- +title: Development & Extension +description: Extend ObjectStack with plugins, custom widgets, and drivers to build powerful business applications. +--- + +# Development & Extension + +ObjectStack is designed for **extensibility at every layer**. Whether you're building a custom field widget, integrating a third-party API, or creating an entirely new database driver, the platform provides clean interfaces and powerful abstractions. + +## 🎯 What You Can Extend + + + + Add new objects, routes, scheduled jobs, and business logic + + + + Build React/Vue components for custom field rendering + + + + Connect to any database or data source (SQL, NoSQL, APIs) + + + + Manage projects, generate code, and deploy with objectstack-cli + + + +--- + +## 📐 Architecture Overview + +ObjectStack follows a **layered, protocol-driven architecture**: + +``` +┌─────────────────────────────────────────┐ +│ Your Application Code │ +│ (Objects, Flows, Views, Plugins) │ +├─────────────────────────────────────────┤ +│ ObjectStack Kernel │ +│ • Plugin System • Event Bus │ +│ • Lifecycle Mgmt • Dependency DI │ +├─────────────────────────────────────────┤ +│ Protocol Layer │ +│ • ObjectQL • ObjectUI • ObjectOS │ +├─────────────────────────────────────────┤ +│ Driver Layer │ +│ • PostgreSQL • MongoDB • Redis │ +│ • MySQL • Memory • Custom │ +└─────────────────────────────────────────┘ +``` + +### Key Principles + +1. **Everything is Metadata** - Define structure declaratively, execute dynamically +2. **Zod-First Design** - All schemas are validated at runtime and compile-time +3. **Protocol Contracts** - Strict interfaces ensure interoperability +4. **Local-First** - Own your data, run anywhere + +--- + +## 🚀 Quick Start Paths + +### For Frontend Developers + +Start with **Custom Widgets** to enhance the UI layer: + +```bash +npm create @objectstack/widget my-rich-editor +cd my-rich-editor +npm install +npm run dev +``` + +Build React/Vue components that integrate seamlessly with ObjectStack forms and views. + +[→ Custom Widgets Guide](/docs/development/custom-widgets) + +--- + +### For Backend Developers + +Start with **Plugins** to add business logic: + +```bash +npm create @objectstack/plugin my-api-integration +cd my-api-integration +npm install +npm run build +``` + +Create custom Objects, API routes, scheduled jobs, and event listeners. + +[→ Plugin Development Guide](/docs/development/writing-plugins) + +--- + +### For Database Engineers + +Start with **Drivers** to connect new data sources: + +```bash +npm create @objectstack/driver my-custom-db +cd my-custom-db +npm install +npm run build +``` + +Implement the `DriverInterface` to bridge ObjectQL with any database. + +[→ Driver Development Guide](/docs/development/server-drivers) + +--- + +## 🛠️ Development Workflow + +### 1. Project Initialization + +```bash +# Create a new ObjectStack project +npx @objectstack/cli init my-project + +# Or add to existing project +npm install @objectstack/spec @objectstack/kernel +``` + +### 2. Define Metadata + +All ObjectStack resources are defined as **TypeScript files** using Zod schemas: + +```typescript +// src/objects/task.object.ts +import { ObjectSchema, Field } from '@objectstack/spec'; + +export const Task = ObjectSchema.create({ + name: 'task', + label: 'Task', + fields: { + title: Field.text({ label: 'Title', required: true }), + status: Field.select({ + label: 'Status', + options: [ + { label: 'To Do', value: 'todo' }, + { label: 'Done', value: 'done' }, + ], + }), + }, +}); +``` + +### 3. Build & Deploy + +```bash +# Validate schemas +npm run validate + +# Build for production +npm run build + +# Deploy to ObjectStack Cloud or self-hosted +objectstack deploy +``` + +--- + +## 📦 Extension Types Compared + +| Extension Type | Use Case | Language | Runtime | +|----------------|----------|----------|---------| +| **Plugin** | Add objects, routes, jobs, logic | TypeScript/JavaScript | Server | +| **Widget** | Custom field rendering | React, Vue, Svelte | Browser | +| **Driver** | Database connectivity | TypeScript/JavaScript | Server | +| **Flow Action** | Custom automation steps | TypeScript/JavaScript | Server | +| **API Adapter** | External service integration | TypeScript/JavaScript | Server | + +--- + +## 🎓 Learning Resources + + + + +### Understand the Core Protocols + +Before building extensions, familiarize yourself with the three core protocols: + +- [ObjectQL](/docs/protocols/objectql) - Data modeling and queries +- [ObjectUI](/docs/protocols/objectui) - User interface definitions +- [ObjectOS](/docs/protocols/objectos) - System runtime and plugin architecture + + + + +### Study Examples + +Explore reference implementations: + +- `examples/plugin-crm` - Full-featured CRM plugin +- `examples/widget-rich-text` - Custom WYSIWYG editor widget +- `examples/driver-mongodb` - MongoDB driver implementation +- `examples/flow-action-email` - Email sending flow action + + + + +### Build Your Extension + +Follow the step-by-step guides for your extension type: + +1. [Writing Plugins](/docs/development/writing-plugins) +2. [Custom Widgets](/docs/development/custom-widgets) +3. [Server Drivers](/docs/development/server-drivers) +4. [CLI Tools](/docs/development/cli-tools) + + + + + +--- + +## 🔐 Security & Best Practices + +### Input Validation + +Always validate user input using Zod schemas: + +```typescript +import { z } from 'zod'; + +const CreateTaskSchema = z.object({ + title: z.string().min(1).max(200), + priority: z.enum(['low', 'medium', 'high']), +}); + +// In your plugin +export default { + onEnable: async (context) => { + context.router.post('/api/tasks', async (req, res) => { + const data = CreateTaskSchema.parse(req.body); // Throws if invalid + // Safe to use data... + }); + }, +}; +``` + +### Permission Checks + +Enforce access control using ObjectStack's permission system: + +```typescript +// Check object-level permissions +const canCreate = await context.os.checkPermission('task', 'create'); + +// Check field-level permissions +const canEditStatus = await context.os.checkFieldPermission( + 'task', + 'status', + 'edit' +); +``` + +### Error Handling + +Use structured error responses: + +```typescript +import { ObjectStackError } from '@objectstack/kernel'; + +throw new ObjectStackError('VALIDATION_ERROR', { + message: 'Invalid task status', + field: 'status', + code: 'INVALID_STATUS', +}); +``` + +--- + +## 🧪 Testing Your Extensions + +### Unit Testing + +Test your business logic in isolation: + +```typescript +import { describe, it, expect } from 'vitest'; +import { validateTask } from './validators'; + +describe('Task Validation', () => { + it('should reject empty titles', () => { + expect(() => validateTask({ title: '' })).toThrow(); + }); +}); +``` + +### Integration Testing + +Test against a real ObjectStack runtime: + +```typescript +import { createTestContext } from '@objectstack/testing'; + +const context = await createTestContext({ + plugins: ['./my-plugin'], +}); + +const result = await context.ql.object('task').create({ + title: 'Test Task', +}); + +expect(result.id).toBeDefined(); +``` + +--- + +## 🌍 Publishing Extensions + +### NPM Packages + +Publish plugins and drivers as npm packages: + +```json +{ + "name": "@mycompany/objectstack-plugin-crm", + "version": "1.0.0", + "keywords": ["objectstack", "plugin", "crm"], + "objectstack": { + "type": "plugin", + "entry": "./dist/index.js" + } +} +``` + +### ObjectStack Hub + +Submit your extension to the official marketplace: + +```bash +objectstack publish --registry hub.objectstack.dev +``` + +--- + +## 📚 Next Steps + + + + Complete API documentation for all protocols + + + + Production-ready example projects + + + + Get help from the community + + + +--- + +## 🆘 Getting Help + +- **Documentation**: [docs.objectstack.dev](https://docs.objectstack.dev) +- **Discord**: [discord.gg/objectstack](https://discord.gg/objectstack) +- **GitHub Discussions**: [github.com/objectstack/spec/discussions](https://github.com/objectstack/spec/discussions) +- **Stack Overflow**: Tag your questions with `objectstack` + +--- + +Ready to start building? Pick your extension type and dive into the guides! 🚀 diff --git a/content/docs/developers/meta.json b/content/docs/developers/meta.json new file mode 100644 index 000000000..456a1fe79 --- /dev/null +++ b/content/docs/developers/meta.json @@ -0,0 +1,10 @@ +{ + "title": "🔧 Development & Extension", + "root": true, + "pages": [ + "writing-plugins", + "custom-widgets", + "server-drivers", + "cli-tools" + ] +} diff --git a/content/docs/developers/server-drivers.mdx b/content/docs/developers/server-drivers.mdx new file mode 100644 index 000000000..f7783c166 --- /dev/null +++ b/content/docs/developers/server-drivers.mdx @@ -0,0 +1,1107 @@ +--- +title: Server Drivers +description: Connect ObjectStack to any database or data source by implementing the DriverInterface protocol. +--- + +# Server Drivers + +Drivers are the **bridge between ObjectQL and your data storage**. By implementing the `DriverInterface`, you can connect ObjectStack to any database (SQL, NoSQL, in-memory, or even external APIs). + +ObjectStack comes with built-in drivers for PostgreSQL, MySQL, MongoDB, and Redis, but you can create custom drivers for proprietary databases, legacy systems, or specialized data sources. + +--- + +## 🎯 What Are Drivers? + +Drivers translate **ObjectQL queries** into database-specific operations and normalize results back into the ObjectStack protocol format. + + + + PostgreSQL, MySQL, SQL Server, Oracle + + + + MongoDB, Cassandra, DynamoDB, Firestore + + + + Redis, Memcached, In-Memory + + + + Salesforce, Airtable, REST APIs, GraphQL + + + +--- + +## 📋 Prerequisites + +- **TypeScript** knowledge +- Understanding of [ObjectQL Protocol](/docs/protocols/objectql) +- Familiarity with target database (SQL, MongoDB, etc.) +- Node.js 18+ and npm 9+ + +--- + +## 🚀 Quick Start + +### Step 1: Create a Driver Project + +```bash +# Using the official generator +npm create @objectstack/driver my-custom-db + +cd my-custom-db +npm install +``` + +This generates: + +``` +my-custom-db/ +├── src/ +│ ├── index.ts # Driver entry point +│ ├── driver.ts # Driver implementation +│ ├── query-builder.ts # Query translation +│ ├── connection.ts # Connection management +│ └── types.ts # TypeScript types +├── tests/ +│ └── driver.test.ts +├── package.json +└── tsconfig.json +``` + +### Step 2: Implement the DriverInterface + +```typescript +// src/driver.ts +import { + DriverInterface, + DriverOptions, + DriverCapabilities, +} from '@objectstack/spec'; +import { Query, QueryResult } from '@objectstack/objectql'; + +export class MyCustomDriver implements DriverInterface { + name = 'MyCustomDB'; + version = '1.0.0'; + + private connection: any; + + // ============================================================================ + // Connection Management + // ============================================================================ + + async connect(config: any): Promise { + this.connection = await createConnection(config); + } + + async disconnect(): Promise { + await this.connection.close(); + } + + async ping(): Promise { + return this.connection.isAlive(); + } + + // ============================================================================ + // Capabilities Declaration + // ============================================================================ + + getCapabilities(): DriverCapabilities { + return { + // Transaction support + transactions: true, + + // Query features + queryFilters: true, + queryAggregations: true, + querySorting: true, + queryPagination: true, + queryJoins: true, + + // Data operations + bulkInsert: true, + bulkUpdate: true, + bulkDelete: true, + + // Advanced features + fullTextSearch: true, + geospatialQueries: false, + jsonQuerying: true, + }; + } + + // ============================================================================ + // CRUD Operations (See below) + // ============================================================================ + + async find(object: string, query: Query, options?: DriverOptions): Promise { + // Implementation + } + + async findOne(object: string, id: string, options?: DriverOptions): Promise { + // Implementation + } + + async insert(object: string, data: any, options?: DriverOptions): Promise { + // Implementation + } + + async update(object: string, id: string, data: any, options?: DriverOptions): Promise { + // Implementation + } + + async delete(object: string, id: string, options?: DriverOptions): Promise { + // Implementation + } +} +``` + +--- + +## 🔍 Implementing CRUD Operations + +### Find (Query) + +The `find` method receives a `Query` object and returns matching records: + +```typescript +async find( + object: string, + query: Query, + options?: DriverOptions +): Promise { + const { filters, sort, limit, offset, fields } = query; + + // ============================================================================ + // 1. Build the database query + // ============================================================================ + + let dbQuery = this.connection.from(object); + + // Apply filters + if (filters) { + dbQuery = this.applyFilters(dbQuery, filters); + } + + // Apply sorting + if (sort) { + for (const [field, direction] of Object.entries(sort)) { + dbQuery = dbQuery.orderBy(field, direction); + } + } + + // Apply pagination + if (limit) { + dbQuery = dbQuery.limit(limit); + } + if (offset) { + dbQuery = dbQuery.offset(offset); + } + + // Select specific fields + if (fields && fields.length > 0) { + dbQuery = dbQuery.select(fields); + } + + // ============================================================================ + // 2. Execute the query + // ============================================================================ + + const results = await dbQuery.execute(); + + // ============================================================================ + // 3. Normalize IDs + // ============================================================================ + + return results.map(record => this.normalizeRecord(record)); +} + +/** + * Normalize database-specific IDs to ObjectStack format. + * All records MUST have a string `id` field. + */ +private normalizeRecord(record: any): any { + // Example for MongoDB-like databases with _id + if (record._id) { + return { + ...record, + id: record._id.toString(), // Convert to string + _id: undefined, // Remove internal ID + }; + } + + // Example for SQL databases with numeric IDs + if (typeof record.id === 'number') { + return { + ...record, + id: record.id.toString(), // Convert to string + }; + } + + return record; +} +``` + +### Apply Filters + +Convert ObjectQL filters to database-specific syntax: + +```typescript +private applyFilters(dbQuery: any, filters: any): any { + for (const [field, condition] of Object.entries(filters)) { + if (typeof condition === 'object') { + // Complex conditions + for (const [operator, value] of Object.entries(condition)) { + switch (operator) { + case '$eq': + dbQuery = dbQuery.where(field, '=', value); + break; + case '$ne': + dbQuery = dbQuery.where(field, '!=', value); + break; + case '$gt': + dbQuery = dbQuery.where(field, '>', value); + break; + case '$gte': + dbQuery = dbQuery.where(field, '>=', value); + break; + case '$lt': + dbQuery = dbQuery.where(field, '<', value); + break; + case '$lte': + dbQuery = dbQuery.where(field, '<=', value); + break; + case '$in': + dbQuery = dbQuery.whereIn(field, value); + break; + case '$nin': + dbQuery = dbQuery.whereNotIn(field, value); + break; + case '$like': + dbQuery = dbQuery.where(field, 'LIKE', value); + break; + case '$regex': + dbQuery = dbQuery.whereRaw(`${field} ~ ?`, [value]); + break; + } + } + } else { + // Simple equality + dbQuery = dbQuery.where(field, '=', condition); + } + } + + return dbQuery; +} +``` + +### FindOne (Get by ID) + +```typescript +async findOne( + object: string, + id: string, + options?: DriverOptions +): Promise { + const result = await this.connection + .from(object) + .where('id', '=', id) + .first(); + + if (!result) { + throw new Error(`Record not found: ${object}/${id}`); + } + + return this.normalizeRecord(result); +} +``` + +### Insert (Create) + +```typescript +async insert( + object: string, + data: any, + options?: DriverOptions +): Promise { + // ============================================================================ + // 1. Generate ID if not provided + // ============================================================================ + + if (!data.id) { + data.id = this.generateId(); + } + + // ============================================================================ + // 2. Add timestamps + // ============================================================================ + + const now = new Date(); + const recordWithMeta = { + ...data, + created_at: now, + updated_at: now, + }; + + // ============================================================================ + // 3. Insert into database + // ============================================================================ + + await this.connection + .into(object) + .insert(recordWithMeta); + + // ============================================================================ + // 4. Return the created record + // ============================================================================ + + return this.normalizeRecord(recordWithMeta); +} + +private generateId(): string { + // Use UUID, ULID, or database-specific ID generation + return crypto.randomUUID(); +} +``` + +### Update + +```typescript +async update( + object: string, + id: string, + data: any, + options?: DriverOptions +): Promise { + // ============================================================================ + // 1. Add updated timestamp + // ============================================================================ + + const updates = { + ...data, + updated_at: new Date(), + }; + + // Remove id from updates (can't update primary key) + delete updates.id; + + // ============================================================================ + // 2. Execute update + // ============================================================================ + + const result = await this.connection + .table(object) + .where('id', '=', id) + .update(updates); + + if (result === 0) { + throw new Error(`Record not found: ${object}/${id}`); + } + + // ============================================================================ + // 3. Return updated record + // ============================================================================ + + return this.findOne(object, id, options); +} +``` + +### Delete + +```typescript +async delete( + object: string, + id: string, + options?: DriverOptions +): Promise { + const result = await this.connection + .table(object) + .where('id', '=', id) + .delete(); + + if (result === 0) { + throw new Error(`Record not found: ${object}/${id}`); + } +} +``` + +--- + +## 🔄 Transaction Support + +If your database supports transactions, implement these methods: + +```typescript +export class MyCustomDriver implements DriverInterface { + // ... other methods + + async beginTransaction(options?: DriverOptions): Promise { + const tx = await this.connection.transaction(); + return tx; + } + + async commit(transaction: any): Promise { + await transaction.commit(); + } + + async rollback(transaction: any): Promise { + await transaction.rollback(); + } +} +``` + +**Usage:** + +```typescript +const tx = await driver.beginTransaction(); + +try { + await driver.insert('account', { name: 'Acme' }, { transaction: tx }); + await driver.insert('contact', { account: 'acme-id' }, { transaction: tx }); + await driver.commit(tx); +} catch (error) { + await driver.rollback(tx); + throw error; +} +``` + +--- + +## 📊 Advanced Features + +### Aggregations + +```typescript +async aggregate( + object: string, + aggregations: any, + options?: DriverOptions +): Promise { + let query = this.connection.from(object); + + const results: any = {}; + + for (const [alias, agg] of Object.entries(aggregations)) { + const { function: fn, field } = agg as any; + + switch (fn) { + case 'COUNT': + results[alias] = await query.count(field || '*'); + break; + case 'SUM': + results[alias] = await query.sum(field); + break; + case 'AVG': + results[alias] = await query.avg(field); + break; + case 'MIN': + results[alias] = await query.min(field); + break; + case 'MAX': + results[alias] = await query.max(field); + break; + } + } + + return results; +} +``` + +### Full-Text Search + +```typescript +async search( + object: string, + searchTerm: string, + fields: string[], + options?: DriverOptions +): Promise { + // PostgreSQL example using tsvector + const results = await this.connection + .from(object) + .whereRaw( + `to_tsvector('english', ${fields.join(' || ')}) @@ plainto_tsquery('english', ?)`, + [searchTerm] + ); + + return results.map(r => this.normalizeRecord(r)); +} +``` + +### Geospatial Queries + +```typescript +async findNearby( + object: string, + coordinates: { lat: number; lng: number }, + radiusKm: number, + options?: DriverOptions +): Promise { + // PostGIS example + const results = await this.connection + .from(object) + .whereRaw( + `ST_DWithin(location::geography, ST_MakePoint(?, ?)::geography, ?)`, + [coordinates.lng, coordinates.lat, radiusKm * 1000] + ); + + return results.map(r => this.normalizeRecord(r)); +} +``` + +--- + +## 🏗️ Example: In-Memory Driver + +Complete implementation of a simple in-memory driver: + +```typescript +// src/memory-driver.ts +import { DriverInterface, DriverCapabilities } from '@objectstack/spec'; +import { Query, QueryResult } from '@objectstack/objectql'; + +export class InMemoryDriver implements DriverInterface { + name = 'InMemory'; + version = '1.0.0'; + + // Storage: Map> + private store = new Map>(); + + // ============================================================================ + // Connection (No-op for in-memory) + // ============================================================================ + + async connect(): Promise { + // Nothing to connect + } + + async disconnect(): Promise { + this.store.clear(); + } + + async ping(): Promise { + return true; + } + + // ============================================================================ + // Capabilities + // ============================================================================ + + getCapabilities(): DriverCapabilities { + return { + transactions: false, // No transaction support + queryFilters: true, // Basic filtering + queryAggregations: true, // In-memory aggregations + querySorting: true, // In-memory sorting + queryPagination: true, // Simple pagination + queryJoins: false, // No joins + bulkInsert: true, + bulkUpdate: true, + bulkDelete: true, + fullTextSearch: false, + geospatialQueries: false, + jsonQuerying: true, + }; + } + + // ============================================================================ + // CRUD Operations + // ============================================================================ + + async find(object: string, query: Query): Promise { + const table = this.store.get(object) || new Map(); + let records = Array.from(table.values()); + + // Apply filters + if (query.filters) { + records = records.filter(record => this.matchesFilters(record, query.filters)); + } + + // Apply sorting + if (query.sort) { + records = this.sortRecords(records, query.sort); + } + + // Apply pagination + const offset = query.offset || 0; + const limit = query.limit || records.length; + records = records.slice(offset, offset + limit); + + // Select fields + if (query.fields && query.fields.length > 0) { + records = records.map(record => + query.fields!.reduce((acc, field) => { + acc[field] = record[field]; + return acc; + }, {} as any) + ); + } + + return records; + } + + async findOne(object: string, id: string): Promise { + const table = this.store.get(object); + if (!table) { + throw new Error(`Object not found: ${object}`); + } + + const record = table.get(id); + if (!record) { + throw new Error(`Record not found: ${object}/${id}`); + } + + return record; + } + + async insert(object: string, data: any): Promise { + if (!this.store.has(object)) { + this.store.set(object, new Map()); + } + + const table = this.store.get(object)!; + + const id = data.id || this.generateId(); + const record = { + ...data, + id, + created_at: new Date(), + updated_at: new Date(), + }; + + table.set(id, record); + + return record; + } + + async update(object: string, id: string, data: any): Promise { + const table = this.store.get(object); + if (!table || !table.has(id)) { + throw new Error(`Record not found: ${object}/${id}`); + } + + const existing = table.get(id)!; + const updated = { + ...existing, + ...data, + id, + created_at: existing.created_at, + updated_at: new Date(), + }; + + table.set(id, updated); + + return updated; + } + + async delete(object: string, id: string): Promise { + const table = this.store.get(object); + if (!table || !table.has(id)) { + throw new Error(`Record not found: ${object}/${id}`); + } + + table.delete(id); + } + + // ============================================================================ + // Bulk Operations + // ============================================================================ + + async bulkInsert(object: string, records: any[]): Promise { + return Promise.all(records.map(r => this.insert(object, r))); + } + + async bulkUpdate(object: string, updates: Array<{ id: string; data: any }>): Promise { + return Promise.all(updates.map(u => this.update(object, u.id, u.data))); + } + + async bulkDelete(object: string, ids: string[]): Promise { + await Promise.all(ids.map(id => this.delete(object, id))); + } + + // ============================================================================ + // Helper Methods + // ============================================================================ + + private matchesFilters(record: any, filters: any): boolean { + for (const [field, condition] of Object.entries(filters)) { + const value = record[field]; + + if (typeof condition === 'object') { + for (const [operator, filterValue] of Object.entries(condition)) { + switch (operator) { + case '$eq': + if (value !== filterValue) return false; + break; + case '$ne': + if (value === filterValue) return false; + break; + case '$gt': + if (!(value > filterValue)) return false; + break; + case '$gte': + if (!(value >= filterValue)) return false; + break; + case '$lt': + if (!(value < filterValue)) return false; + break; + case '$lte': + if (!(value <= filterValue)) return false; + break; + case '$in': + if (!filterValue.includes(value)) return false; + break; + case '$nin': + if (filterValue.includes(value)) return false; + break; + } + } + } else { + if (value !== condition) return false; + } + } + + return true; + } + + private sortRecords(records: any[], sort: any): any[] { + return records.sort((a, b) => { + for (const [field, direction] of Object.entries(sort)) { + const aVal = a[field]; + const bVal = b[field]; + + if (aVal < bVal) return direction === 'asc' ? -1 : 1; + if (aVal > bVal) return direction === 'asc' ? 1 : -1; + } + return 0; + }); + } + + private generateId(): string { + return crypto.randomUUID(); + } +} +``` + +--- + +## 🗄️ Example: PostgreSQL Driver + +```typescript +// src/postgres-driver.ts +import { Pool } from 'pg'; +import { DriverInterface } from '@objectstack/spec'; +import { Query } from '@objectstack/objectql'; + +export class PostgresDriver implements DriverInterface { + name = 'PostgreSQL'; + version = '1.0.0'; + + private pool: Pool; + + async connect(config: any): Promise { + this.pool = new Pool({ + host: config.host, + port: config.port, + database: config.database, + user: config.user, + password: config.password, + }); + } + + async disconnect(): Promise { + await this.pool.end(); + } + + async find(object: string, query: Query): Promise { + const { sql, params } = this.buildSelectQuery(object, query); + const result = await this.pool.query(sql, params); + return result.rows.map(row => ({ + ...row, + id: row.id.toString(), + })); + } + + async insert(object: string, data: any): Promise { + const id = data.id || crypto.randomUUID(); + const fields = Object.keys(data); + const values = Object.values(data); + + const placeholders = values.map((_, i) => `$${i + 1}`).join(', '); + + const sql = ` + INSERT INTO ${object} (id, ${fields.join(', ')}, created_at, updated_at) + VALUES ($${values.length + 1}, ${placeholders}, NOW(), NOW()) + RETURNING * + `; + + const result = await this.pool.query(sql, [...values, id]); + return result.rows[0]; + } + + private buildSelectQuery(object: string, query: Query): { sql: string; params: any[] } { + let sql = `SELECT * FROM ${object}`; + const params: any[] = []; + + // WHERE clause + if (query.filters) { + const { clause, filterParams } = this.buildWhereClause(query.filters); + sql += ` WHERE ${clause}`; + params.push(...filterParams); + } + + // ORDER BY clause + if (query.sort) { + const orderBy = Object.entries(query.sort) + .map(([field, dir]) => `${field} ${dir}`) + .join(', '); + sql += ` ORDER BY ${orderBy}`; + } + + // LIMIT and OFFSET + if (query.limit) { + sql += ` LIMIT $${params.length + 1}`; + params.push(query.limit); + } + if (query.offset) { + sql += ` OFFSET $${params.length + 1}`; + params.push(query.offset); + } + + return { sql, params }; + } + + private buildWhereClause(filters: any): { clause: string; filterParams: any[] } { + const conditions: string[] = []; + const filterParams: any[] = []; + + for (const [field, condition] of Object.entries(filters)) { + if (typeof condition === 'object') { + for (const [operator, value] of Object.entries(condition)) { + const paramIndex = filterParams.length + 1; + + switch (operator) { + case '$eq': + conditions.push(`${field} = $${paramIndex}`); + filterParams.push(value); + break; + case '$gt': + conditions.push(`${field} > $${paramIndex}`); + filterParams.push(value); + break; + case '$in': + conditions.push(`${field} = ANY($${paramIndex})`); + filterParams.push(value); + break; + } + } + } else { + const paramIndex = filterParams.length + 1; + conditions.push(`${field} = $${paramIndex}`); + filterParams.push(condition); + } + } + + return { + clause: conditions.join(' AND '), + filterParams, + }; + } +} +``` + +--- + +## 🧪 Testing Drivers + +```typescript +// tests/driver.test.ts +import { describe, it, expect, beforeAll, afterAll } from 'vitest'; +import { InMemoryDriver } from '../src/memory-driver'; + +describe('InMemoryDriver', () => { + let driver: InMemoryDriver; + + beforeAll(async () => { + driver = new InMemoryDriver(); + await driver.connect(); + }); + + afterAll(async () => { + await driver.disconnect(); + }); + + it('should insert and find records', async () => { + const record = await driver.insert('account', { + name: 'Acme Corp', + status: 'active', + }); + + expect(record.id).toBeDefined(); + expect(record.name).toBe('Acme Corp'); + + const found = await driver.findOne('account', record.id); + expect(found.name).toBe('Acme Corp'); + }); + + it('should filter records', async () => { + await driver.insert('account', { name: 'A', status: 'active' }); + await driver.insert('account', { name: 'B', status: 'inactive' }); + + const results = await driver.find('account', { + filters: { status: 'active' }, + }); + + expect(results.length).toBe(1); + expect(results[0].name).toBe('A'); + }); + + it('should update records', async () => { + const record = await driver.insert('account', { name: 'Old Name' }); + + const updated = await driver.update('account', record.id, { name: 'New Name' }); + + expect(updated.name).toBe('New Name'); + }); + + it('should delete records', async () => { + const record = await driver.insert('account', { name: 'To Delete' }); + + await driver.delete('account', record.id); + + await expect(driver.findOne('account', record.id)).rejects.toThrow(); + }); +}); +``` + +--- + +## 📦 Packaging & Distribution + +```json +{ + "name": "@mycompany/objectstack-driver-custom", + "version": "1.0.0", + "main": "./dist/index.js", + "types": "./dist/index.d.ts", + "keywords": ["objectstack", "driver", "database"], + "files": ["dist"], + + "objectstack": { + "type": "driver", + "entry": "./dist/index.js" + }, + + "dependencies": { + "@objectstack/spec": "^1.0.0" + } +} +``` + +--- + +## ✅ Best Practices + +### 1. Always Normalize IDs + +```typescript +// ✅ Good +return records.map(r => ({ ...r, id: r.id.toString() })); + +// ❌ Bad +return records; // IDs might be numbers or ObjectIds +``` + +### 2. Handle Errors Gracefully + +```typescript +try { + await this.connection.query(sql); +} catch (error) { + if (error.code === 'UNIQUE_VIOLATION') { + throw new ObjectStackError('DUPLICATE_RECORD', { field: 'email' }); + } + throw error; +} +``` + +### 3. Use Connection Pooling + +```typescript +// ✅ Good +this.pool = new Pool({ max: 20 }); + +// ❌ Bad +const connection = await connect(); // New connection per request +``` + +### 4. Implement Bulk Operations + +```typescript +async bulkInsert(object: string, records: any[]): Promise { + // ✅ Single query + return this.connection.insert(object).values(records); + + // ❌ Multiple queries + // return Promise.all(records.map(r => this.insert(object, r))); +} +``` + +### 5. Support Transactions + +```typescript +const tx = await driver.beginTransaction(); +try { + // Operations use transaction + await driver.commit(tx); +} catch (error) { + await driver.rollback(tx); +} +``` + +--- + +## 🔗 Related Resources + +- [ObjectQL Protocol](/docs/protocols/objectql) +- [Plugin Development](/docs/development/writing-plugins) +- [Query Reference](/docs/99-reference/objectql/query) + +--- + +## 🆘 Troubleshooting + +### Connection Issues + +```typescript +async ping(): Promise { + try { + await this.connection.query('SELECT 1'); + return true; + } catch { + return false; + } +} +``` + +### ID Mapping Problems + +Ensure all IDs are strings: + +```typescript +// MongoDB +id: doc._id.toString() + +// SQL with numeric IDs +id: row.id.toString() + +// UUID +id: row.id // Already a string +``` + +--- + +Ready to build your driver? Start with the [Quick Start](#quick-start) guide! 🚀 diff --git a/content/docs/developers/writing-plugins.mdx b/content/docs/developers/writing-plugins.mdx new file mode 100644 index 000000000..6fcdee61d --- /dev/null +++ b/content/docs/developers/writing-plugins.mdx @@ -0,0 +1,830 @@ +--- +title: Writing Plugins +description: Build powerful server-side extensions with custom objects, routes, scheduled jobs, and event listeners. +--- + +# Writing Plugins + +Plugins are the **primary extension mechanism** in ObjectStack. They allow you to add custom business logic, integrate external services, define new Objects, register API routes, schedule background jobs, and respond to system events. + +Think of plugins as **microservices within your ObjectStack runtime** - isolated, versioned, and composable. + +--- + +## 🎯 What Can Plugins Do? + + + + Create custom business entities with fields, relationships, and validations + + + + Register custom HTTP endpoints for webhooks or integrations + + + + Run background tasks on cron schedules + + + + React to data changes (onCreate, onUpdate, onDelete) + + + + Connect to external databases or data sources + + + + Implement custom authorization rules + + + +--- + +## 📋 Prerequisites + +Before building a plugin, ensure you have: + +- **Node.js** 18+ and **npm** 9+ +- **TypeScript** 5+ knowledge +- **Zod** familiarity (schema validation library) +- Understanding of [ObjectQL](/docs/protocols/objectql) and [ObjectOS](/docs/protocols/objectos) + +--- + +## 🚀 Quick Start + +### Step 1: Create a Plugin Project + +```bash +# Using the official generator +npm create @objectstack/plugin my-crm-plugin + +cd my-crm-plugin +npm install +``` + +This generates a project structure: + +``` +my-crm-plugin/ +├── src/ +│ ├── index.ts # Plugin entry point +│ ├── objects/ # Object definitions +│ │ └── account.object.ts +│ ├── routes/ # API route handlers +│ │ └── webhooks.ts +│ ├── jobs/ # Scheduled tasks +│ │ └── sync.ts +│ └── events/ # Event listeners +│ └── account-created.ts +├── package.json +├── tsconfig.json +└── objectstack.config.ts # Plugin manifest +``` + +### Step 2: Define Your Plugin Manifest + +The **manifest** (`objectstack.config.ts`) declares your plugin's metadata: + +```typescript +// objectstack.config.ts +import { defineManifest } from '@objectstack/spec'; + +export default defineManifest({ + name: 'my_crm_plugin', + version: '1.0.0', + label: 'My CRM Plugin', + description: 'Customer relationship management for ObjectStack', + author: 'Your Name', + license: 'MIT', + + // Dependencies + dependencies: { + '@objectstack/core': '^1.0.0', + }, + + // Permissions required + permissions: [ + 'object.create', + 'object.read', + 'api.register', + 'schedule.create', + ], + + // Configuration schema + settings: { + apiKey: { + type: 'text', + label: 'API Key', + required: true, + sensitive: true, + }, + syncInterval: { + type: 'number', + label: 'Sync Interval (minutes)', + default: 60, + }, + }, +}); +``` + +### Step 3: Implement the Plugin Lifecycle + +```typescript +// src/index.ts +import { PluginContext } from '@objectstack/spec'; +import { Account } from './objects/account.object'; +import { registerWebhooks } from './routes/webhooks'; +import { startSyncJob } from './jobs/sync'; + +export default { + /** + * Called when the plugin is enabled. + * Register objects, routes, jobs, and event listeners here. + */ + onEnable: async (context: PluginContext) => { + const { ql, os, logger, router, scheduler, storage } = context; + + logger.info('My CRM Plugin enabled'); + + // Register custom objects + await ql.registerObject(Account); + + // Register API routes + registerWebhooks(router); + + // Schedule background jobs + const interval = await os.getConfig('my_crm_plugin.syncInterval'); + scheduler.schedule('sync-accounts', `*/${interval} * * * *`, () => { + return startSyncJob(context); + }); + + // Listen to events + ql.on('account.created', async (event) => { + logger.info('New account created', { id: event.record.id }); + await storage.set(`last_account_id`, event.record.id); + }); + }, + + /** + * Called when the plugin is disabled. + * Clean up resources here. + */ + onDisable: async (context: PluginContext) => { + context.logger.info('My CRM Plugin disabled'); + // Unregister listeners, close connections, etc. + }, + + /** + * Called when plugin settings are updated. + */ + onSettingsChange: async (context: PluginContext, oldSettings, newSettings) => { + context.logger.info('Settings updated', { oldSettings, newSettings }); + }, +}; +``` + +--- + +## 🗂️ Defining Custom Objects + +Objects are the **core data model** of ObjectStack. Define them using `ObjectSchema`: + +```typescript +// src/objects/account.object.ts +import { ObjectSchema, Field } from '@objectstack/spec'; + +export const Account = ObjectSchema.create({ + name: 'account', + label: 'Account', + pluralLabel: 'Accounts', + icon: 'building', + description: 'Customer organizations', + + // Primary display field + nameField: 'company_name', + + fields: { + // ============================================================================ + // Basic Information + // ============================================================================ + + company_name: Field.text({ + label: 'Company Name', + required: true, + maxLength: 200, + unique: true, + }), + + website: Field.url({ + label: 'Website', + }), + + industry: Field.select({ + label: 'Industry', + options: [ + { label: 'Technology', value: 'tech' }, + { label: 'Healthcare', value: 'healthcare' }, + { label: 'Finance', value: 'finance' }, + { label: 'Retail', value: 'retail' }, + ], + }), + + // ============================================================================ + // Contact Information + // ============================================================================ + + phone: Field.phone({ + label: 'Phone', + }), + + email: Field.email({ + label: 'Email', + }), + + billing_address: Field.address({ + label: 'Billing Address', + }), + + // ============================================================================ + // Business Metrics + // ============================================================================ + + annual_revenue: Field.currency({ + label: 'Annual Revenue', + currency: 'USD', + }), + + employee_count: Field.number({ + label: 'Employee Count', + min: 1, + }), + + // ============================================================================ + // Status & Lifecycle + // ============================================================================ + + status: Field.select({ + label: 'Status', + options: [ + { label: 'Prospect', value: 'prospect', default: true }, + { label: 'Customer', value: 'customer' }, + { label: 'Churned', value: 'churned' }, + ], + }), + + active: Field.checkbox({ + label: 'Active', + default: true, + }), + + // ============================================================================ + // Relationships + // ============================================================================ + + parent_account: Field.lookup('account', { + label: 'Parent Account', + description: 'Parent organization (for subsidiaries)', + }), + + owner: Field.lookup('user', { + label: 'Account Owner', + required: true, + defaultValue: '$currentUser', + }), + + // ============================================================================ + // Calculated Fields + // ============================================================================ + + lifetime_value: Field.formula({ + label: 'Lifetime Value', + returnType: 'number', + expression: 'SUM(opportunities.amount WHERE stage = "closed_won")', + }), + + days_since_created: Field.formula({ + label: 'Days Since Created', + returnType: 'number', + expression: 'DATEDIFF(NOW(), created_at)', + }), + }, + + // ============================================================================ + // Object Capabilities + // ============================================================================ + + enable: { + apiEnabled: true, + trackHistory: true, + allowComments: true, + allowAttachments: true, + searchEnabled: true, + }, + + // ============================================================================ + // Indexes for Performance + // ============================================================================ + + indexes: [ + { fields: ['company_name'], unique: true }, + { fields: ['status', 'active'] }, + { fields: ['owner', 'status'] }, + ], +}); +``` + +--- + +## 🌐 Registering API Routes + +Add custom HTTP endpoints for webhooks, integrations, or custom APIs: + +```typescript +// src/routes/webhooks.ts +import { Router } from '@objectstack/spec'; +import { z } from 'zod'; + +const WebhookPayloadSchema = z.object({ + event: z.enum(['account.created', 'account.updated']), + data: z.record(z.any()), + timestamp: z.string(), +}); + +export function registerWebhooks(router: Router) { + + // ============================================================================ + // POST /api/webhooks/account + // ============================================================================ + + router.post('/api/webhooks/account', async (req, res) => { + try { + // Validate webhook payload + const payload = WebhookPayloadSchema.parse(req.body); + + // Verify webhook signature (example) + const signature = req.headers['x-webhook-signature']; + if (!verifySignature(signature, req.body)) { + return res.status(401).json({ error: 'Invalid signature' }); + } + + // Process the webhook + if (payload.event === 'account.created') { + await handleAccountCreated(payload.data); + } + + res.status(200).json({ success: true }); + + } catch (error) { + res.status(400).json({ error: error.message }); + } + }); + + // ============================================================================ + // GET /api/integrations/sync + // ============================================================================ + + router.get('/api/integrations/sync', async (req, res) => { + const { ql, logger } = req.context; + + try { + // Fetch accounts from external API + const externalAccounts = await fetchFromExternalAPI(); + + // Sync to ObjectStack + for (const account of externalAccounts) { + await ql.object('account').upsert({ + external_id: account.id, + company_name: account.name, + website: account.website, + }); + } + + logger.info('Sync completed', { count: externalAccounts.length }); + + res.json({ + success: true, + synced: externalAccounts.length, + }); + + } catch (error) { + logger.error('Sync failed', { error }); + res.status(500).json({ error: 'Sync failed' }); + } + }); +} + +// Helper functions +function verifySignature(signature: string, body: any): boolean { + // Implement HMAC verification + return true; +} + +async function handleAccountCreated(data: any) { + // Send notification, trigger workflow, etc. +} + +async function fetchFromExternalAPI() { + // Call external API + return []; +} +``` + +--- + +## ⏰ Scheduling Background Jobs + +Run tasks periodically using cron expressions: + +```typescript +// src/jobs/sync.ts +import { PluginContext } from '@objectstack/spec'; + +export async function startSyncJob(context: PluginContext) { + const { ql, os, logger, storage } = context; + + logger.info('Starting account sync job'); + + try { + // Get last sync timestamp + const lastSync = await storage.get('last_sync_time'); + + // Fetch updated accounts from external source + const apiKey = await os.getConfig('my_crm_plugin.apiKey'); + const accounts = await fetchAccountsSince(apiKey, lastSync); + + // Upsert to ObjectStack + let syncedCount = 0; + for (const account of accounts) { + await ql.object('account').upsert({ + external_id: account.id, + company_name: account.name, + website: account.website, + annual_revenue: account.revenue, + }); + syncedCount++; + } + + // Update last sync time + await storage.set('last_sync_time', new Date().toISOString()); + + logger.info('Sync job completed', { synced: syncedCount }); + + } catch (error) { + logger.error('Sync job failed', { error }); + throw error; + } +} + +async function fetchAccountsSince(apiKey: string, since: string) { + // Implement external API call + return []; +} +``` + +Register the job in `onEnable`: + +```typescript +scheduler.schedule('sync-accounts', '*/30 * * * *', () => { + return startSyncJob(context); +}); +``` + +**Cron Expression Examples:** + +- `*/15 * * * *` - Every 15 minutes +- `0 */2 * * *` - Every 2 hours +- `0 9 * * 1-5` - 9 AM Monday-Friday +- `0 0 * * 0` - Every Sunday at midnight + +--- + +## 🎧 Event Listeners + +React to data changes in real-time: + +```typescript +// src/events/account-created.ts +import { PluginContext } from '@objectstack/spec'; + +export function registerEventListeners(context: PluginContext) { + const { ql, logger } = context; + + // ============================================================================ + // Listen to account creation + // ============================================================================ + + ql.on('account.created', async (event) => { + logger.info('Account created', { id: event.record.id }); + + // Send welcome email + await sendWelcomeEmail(event.record); + + // Create default opportunities + await ql.object('opportunity').create({ + name: `${event.record.company_name} - Discovery`, + account: event.record.id, + stage: 'discovery', + }); + }); + + // ============================================================================ + // Listen to status changes + // ============================================================================ + + ql.on('account.updated', async (event) => { + const { oldValues, newValues } = event; + + // Check if status changed to "customer" + if (oldValues.status !== 'customer' && newValues.status === 'customer') { + logger.info('Account converted to customer', { id: event.record.id }); + + // Trigger onboarding workflow + await triggerOnboarding(event.record); + } + }); + + // ============================================================================ + // Prevent deletion of active accounts + // ============================================================================ + + ql.on('account.beforeDelete', async (event) => { + if (event.record.active) { + throw new Error('Cannot delete active accounts'); + } + }); +} + +async function sendWelcomeEmail(account: any) { + // Send email +} + +async function triggerOnboarding(account: any) { + // Start onboarding flow +} +``` + +**Available Events:** + +- `{object}.beforeCreate` - Before record creation +- `{object}.created` - After record created +- `{object}.beforeUpdate` - Before update +- `{object}.updated` - After update +- `{object}.beforeDelete` - Before deletion +- `{object}.deleted` - After deletion + +--- + +## 💾 Using Scoped Storage + +Each plugin has isolated key-value storage: + +```typescript +// Save data +await context.storage.set('api_token', 'abc123'); +await context.storage.set('sync_count', 42); + +// Retrieve data +const token = await context.storage.get('api_token'); +const count = await context.storage.get('sync_count'); + +// Delete data +await context.storage.delete('api_token'); + +// Store complex objects (automatically JSON-serialized) +await context.storage.set('config', { + enabled: true, + lastRun: new Date(), + settings: { foo: 'bar' }, +}); +``` + +--- + +## 🧪 Testing Your Plugin + +### Unit Tests + +```typescript +// tests/account.test.ts +import { describe, it, expect } from 'vitest'; +import { Account } from '../src/objects/account.object'; + +describe('Account Object', () => { + it('should have required fields', () => { + expect(Account.fields.company_name.required).toBe(true); + }); + + it('should validate industry options', () => { + const validIndustries = Account.fields.industry.options.map(o => o.value); + expect(validIndustries).toContain('tech'); + }); +}); +``` + +### Integration Tests + +```typescript +// tests/integration.test.ts +import { createTestContext } from '@objectstack/testing'; +import MyPlugin from '../src/index'; + +describe('Plugin Integration', () => { + it('should register account object', async () => { + const context = await createTestContext({ + plugins: [MyPlugin], + }); + + const account = await context.ql.object('account').create({ + company_name: 'Acme Corp', + status: 'prospect', + }); + + expect(account.id).toBeDefined(); + expect(account.company_name).toBe('Acme Corp'); + }); + + it('should trigger event on creation', async () => { + const context = await createTestContext({ + plugins: [MyPlugin], + }); + + let eventFired = false; + context.ql.on('account.created', () => { + eventFired = true; + }); + + await context.ql.object('account').create({ + company_name: 'Test Inc', + }); + + expect(eventFired).toBe(true); + }); +}); +``` + +--- + +## 📦 Building & Packaging + +### Build for Production + +```bash +# Compile TypeScript +npm run build + +# Output: dist/index.js +``` + +### Package Structure + +```json +{ + "name": "@mycompany/objectstack-plugin-crm", + "version": "1.0.0", + "main": "./dist/index.js", + "types": "./dist/index.d.ts", + "keywords": ["objectstack", "plugin", "crm"], + "files": ["dist", "README.md", "LICENSE"], + + "objectstack": { + "type": "plugin", + "entry": "./dist/index.js", + "manifest": "./dist/objectstack.config.js" + }, + + "dependencies": { + "@objectstack/spec": "^1.0.0" + }, + + "peerDependencies": { + "@objectstack/kernel": "^1.0.0" + } +} +``` + +--- + +## 🚀 Publishing + +### To NPM + +```bash +npm login +npm publish --access public +``` + +### To ObjectStack Hub + +```bash +objectstack login +objectstack publish --registry hub.objectstack.dev +``` + +--- + +## ✅ Best Practices + +### 1. Use Zod for Validation + +```typescript +import { z } from 'zod'; + +const SettingsSchema = z.object({ + apiUrl: z.string().url(), + timeout: z.number().min(1000).max(30000), +}); + +const settings = SettingsSchema.parse(userInput); +``` + +### 2. Handle Errors Gracefully + +```typescript +try { + await externalAPI.call(); +} catch (error) { + context.logger.error('External API failed', { error }); + // Fallback or retry logic +} +``` + +### 3. Use Transactions + +```typescript +const tx = await context.ql.beginTransaction(); + +try { + await tx.object('account').create({ ... }); + await tx.object('contact').create({ ... }); + await tx.commit(); +} catch (error) { + await tx.rollback(); + throw error; +} +``` + +### 4. Optimize Queries + +```typescript +// Bad: N+1 queries +for (const account of accounts) { + const contacts = await ql.object('contact').find({ account: account.id }); +} + +// Good: Single query with relationships +const accounts = await ql.object('account').find({ + include: ['contacts'], +}); +``` + +### 5. Document Your Plugin + +Include comprehensive README with: +- Installation instructions +- Configuration options +- API endpoints +- Event triggers +- Examples + +--- + +## 🔗 Related Resources + +- [ObjectQL Protocol](/docs/protocols/objectql) +- [ObjectOS Plugin System](/docs/protocols/objectos) +- [Custom Drivers](/docs/development/server-drivers) +- [API Reference](/docs/99-reference) + +--- + +## 🆘 Troubleshooting + +### Plugin Not Loading + +Check the manifest: + +```bash +objectstack validate ./objectstack.config.ts +``` + +### Events Not Firing + +Ensure you registered listeners in `onEnable`: + +```typescript +ql.on('account.created', handler); // ✅ Correct +``` + +### Permission Denied + +Add required permissions to manifest: + +```typescript +permissions: ['object.create', 'api.register'] +``` + +--- + +Ready to build your plugin? Start with the [Quick Start](#quick-start) guide! 🚀 diff --git a/content/docs/faq.mdx b/content/docs/faq.mdx deleted file mode 100644 index c1d875970..000000000 --- a/content/docs/faq.mdx +++ /dev/null @@ -1,312 +0,0 @@ ---- -title: FAQ -description: Frequently Asked Questions about ObjectStack Protocol. ---- - -## General Questions - -### What is ObjectStack? - -ObjectStack is a **metadata-driven protocol** for building enterprise applications. It lets you define your entire application—data models, business logic, and UI—as type-safe JSON/TypeScript configurations instead of writing code. - -Think of it as the "Salesforce Platform" or "ServiceNow Platform" but: -- ✅ Open source -- ✅ Self-hosted -- ✅ Type-safe (TypeScript + Zod) -- ✅ Database agnostic - -### Is ObjectStack a framework or a library? - -Neither! ObjectStack is a **protocol** (like HTTP or SQL). It defines: -1. **Schemas** (what data looks like) -2. **Contracts** (how systems communicate) -3. **Standards** (naming conventions, best practices) - -You can build **implementations** of the protocol in any language (Node.js, Go, Python, etc.). - -### How is ObjectStack different from Prisma/TypeORM? - -| Feature | Prisma/TypeORM | ObjectStack | -| :--- | :--- | :--- | -| **Scope** | ORM (database only) | Full platform (data + UI + logic) | -| **Business Logic** | Code-based | Declarative (formulas, workflows) | -| **UI Generation** | None | Server-driven UI included | -| **Validation** | Manual | Built-in validation rules | -| **Multi-DB** | Schema-based | Driver-based (easier to extend) | - -**Use Prisma if:** You just need a type-safe ORM. -**Use ObjectStack if:** You want a complete metadata-driven platform. - -### How is ObjectStack different from Strapi/Directus? - -| Feature | Strapi/Directus | ObjectStack | -| :--- | :--- | :--- | -| **Focus** | Headless CMS | Enterprise platform | -| **Business Logic** | Code plugins | Declarative (no-code) | -| **Type Safety** | Partial | Full (Zod schemas) | -| **Formulas** | None | Yes (like Excel/Salesforce) | -| **Workflows** | Basic | Advanced (state machines) | -| **Offline-First** | No | Yes | - -**Use Strapi if:** You're building a content website. -**Use ObjectStack if:** You're building CRUD-heavy apps (CRM, ERP, internal tools). - -### Can I use ObjectStack with my existing database? - -**Yes!** You have two options: - -1. **Generate ObjectStack schemas from your DB:** - ```bash - objectstack import --from postgres://... - ``` - -2. **Write a custom driver** to wrap your existing DB. - -### Is ObjectStack production-ready? - -ObjectStack is currently in **beta**. The protocol is stable, but implementations are evolving. - -**Stable:** -- ✅ Schema definitions (`@objectstack/spec`) -- ✅ TypeScript types -- ✅ JSON Schema export - -**In Development:** -- 🚧 Reference Kernel implementation -- 🚧 React renderer -- 🚧 PostgreSQL driver - -**Recommendation:** Use for internal tools and non-critical applications. Wait for v1.0 for production SaaS. - -## Technical Questions - -### What databases are supported? - -ObjectStack uses a **driver model**. Official drivers: - -- ✅ **In-Memory Driver** (development/testing) -- 🚧 **PostgreSQL Driver** (in progress) -- 🚧 **MySQL Driver** (planned) -- 🚧 **MongoDB Driver** (planned) - -You can build custom drivers for: -- Any SQL database -- Any NoSQL database -- SaaS APIs (Salesforce, Airtable, etc.) -- Excel files, CSV, etc. - -### Does ObjectStack support GraphQL? - -**Yes!** ObjectStack auto-generates both REST and GraphQL APIs from your schema definitions. - -### Can I customize the generated UI? - -**Yes!** You have multiple levels of customization: - -1. **Theme-level:** Colors, fonts, spacing -2. **Component-level:** Override specific components (Button, Input, etc.) -3. **Layout-level:** Change view configurations -4. **Complete custom renderer:** Build your own UI that consumes ObjectStack APIs - -### How do I handle complex business logic? - -ObjectStack provides multiple ways: - -1. **Formula Fields:** Excel-like formulas for calculations - ```typescript - Field.formula({ expression: 'amount * (1 - discount / 100)' }) - ``` - -2. **Validation Rules:** Declarative constraints - ```typescript - ValidationRule.create({ condition: 'due_date > TODAY()' }) - ``` - -3. **Workflows:** Trigger actions on events - ```typescript - Workflow.create({ trigger: 'after_update', actions: [...] }) - ``` - -4. **Custom Code:** For truly complex logic, write TypeScript plugins - -### How does authentication work? - -ObjectStack supports **pluggable authentication providers**: - -- OAuth 2.0 / OIDC -- SAML -- JWT tokens -- API keys -- Custom providers - -Configure in your app manifest: - -```typescript -Manifest.create({ - authentication: { - provider: 'oauth2', - config: { /* provider config */ }, - }, -}); -``` - -### Is ObjectStack multi-tenant? - -**Yes!** ObjectStack supports multiple multi-tenancy strategies: - -1. **Schema-per-tenant:** Each tenant gets their own database schema -2. **Row-level security:** Single schema with tenant isolation via RLS -3. **Database-per-tenant:** Complete isolation - -Configure based on your needs. - -### How do I deploy ObjectStack apps? - -ObjectStack apps are standard Node.js applications. Deploy like any Node app: - -- **Docker:** `docker build` → `docker run` -- **Kubernetes:** Standard K8s deployment -- **Serverless:** AWS Lambda, Google Cloud Functions -- **PaaS:** Heroku, Railway, Render - -See the [Deployment Guide](/docs/guides/deployment) for details. - -## Development Questions - -### Do I need to know Zod? - -**Helpful but not required.** If you've used Yup, Joi, or similar validation libraries, Zod will feel familiar. - -Basic example: -```typescript -import { z } from 'zod'; - -const schema = z.object({ - name: z.string(), - age: z.number().min(0), -}); -``` - -ObjectStack provides helper functions to hide Zod complexity: - -```typescript -// Instead of raw Zod -const raw = z.object({ title: z.string() }); - -// Use ObjectStack helpers -const Task = ObjectSchema.create({ - fields: { - title: Field.text({ label: 'Title' }), - } -}); -``` - -### How do I debug ObjectStack apps? - -1. **Schema validation errors:** Zod provides detailed error messages -2. **Runtime logs:** ObjectStack kernel logs all operations -3. **Query debugging:** Enable query logging to see generated SQL -4. **UI debugging:** Inspect JSON configs in browser devtools - -### Can I use ObjectStack with React/Vue/Svelte? - -**Yes!** ObjectStack is UI-framework agnostic. - -**Option 1:** Use official renderers -- `@objectstack/react-renderer` (recommended) -- `@objectstack/vue-renderer` (planned) - -**Option 2:** Consume REST/GraphQL APIs from any framework - -```tsx -// React example -function TaskList() { - const { data } = useFetch('/api/v1/objects/task'); - return
{/* your UI */}
; -} -``` - -### How do I contribute to ObjectStack? - -See the [Contributing Guide](https://github.com/objectstack-ai/spec/blob/main/CONTRIBUTING.md). - -We welcome: -- Bug reports -- Documentation improvements -- Driver implementations -- Renderer implementations -- Example applications - -## Business Questions - -### What's the license? - -**Apache 2.0** (open source, permissive). - -You can: -- ✅ Use commercially -- ✅ Modify and distribute -- ✅ Use in proprietary software -- ✅ Sublicense - -### Is there commercial support? - -Not yet. Commercial support and managed hosting are planned for the future. - -For now: -- Community support via GitHub Discussions -- Professional consulting available (contact team) - -### Can I build a SaaS product with ObjectStack? - -**Absolutely!** ObjectStack is designed for multi-tenant SaaS platforms. - -Many use cases: -- Internal developer platforms -- Vertical SaaS (industry-specific apps) -- White-label solutions -- Agency client portals - -### Who is behind ObjectStack? - -ObjectStack is an **open-source project** created by the ObjectStack AI team. See [GitHub Contributors](https://github.com/objectstack-ai/spec/graphs/contributors). - -## Common Errors - -### "Schema validation failed" - -**Cause:** Your schema definition doesn't match the Zod schema. - -**Solution:** Check the error message for which field failed. Common issues: -- Missing required fields -- Wrong field type -- Invalid enum value - -### "Driver not found" - -**Cause:** Kernel can't find the database driver. - -**Solution:** -```typescript -import { MemoryDriver } from '@objectstack/driver-memory'; - -kernel.registerDriver('memory', new MemoryDriver()); -``` - -### "Circular dependency in lookup fields" - -**Cause:** Two objects reference each other, creating a cycle. - -**Solution:** Use lazy references: -```typescript -Field.lookup({ - reference: () => import('./other-object'), -}) -``` - -## Still Have Questions? - -- 📖 Check the [Guides](/docs/guides/getting-started) -- 💬 Ask in [GitHub Issues](https://github.com/objectstack-ai/spec/issues) -- 🐛 Report bugs in [GitHub Issues](https://github.com/objectstack-ai/spec/issues) -- 📧 Email: support@objectstack.dev (for urgent issues) diff --git a/content/docs/guides/advanced/ai-integration-guide.mdx b/content/docs/guides/advanced/ai-integration-guide.mdx deleted file mode 100644 index 344f70ef7..000000000 --- a/content/docs/guides/advanced/ai-integration-guide.mdx +++ /dev/null @@ -1,809 +0,0 @@ ---- -title: AI Integration Guide -description: Complete guide to building AI-powered ObjectStack applications ---- - -# AI Integration Guide - -> **Complete guide to building AI-powered ObjectStack applications** - -## Table of Contents - -1. [Introduction](#introduction) -2. [AI Protocols Overview](#ai-protocols-overview) -3. [Getting Started](#getting-started) -4. [Building AI Agents](#building-ai-agents) -5. [Implementing RAG](#implementing-rag) -6. [Natural Language Queries](#natural-language-queries) -7. [Model Registry](#model-registry) -8. [Production Best Practices](#production-best-practices) -9. [Example Applications](#example-applications) - ---- - -## Introduction - -ObjectStack provides a comprehensive AI protocol suite enabling you to build intelligent, context-aware applications. This guide covers all AI capabilities from RAG pipelines to natural language query processing. - -### What You Can Build - -- **Intelligent Assistants**: Context-aware chatbots with function calling -- **Natural Language Interfaces**: Query data using plain English -- **Code Generators**: Generate ObjectStack apps from descriptions -- **Smart Automation**: AI-powered workflows and decision making - ---- - -## AI Protocols Overview - -ObjectStack includes four core AI protocols: - -### 1. Agent Protocol (`@objectstack/spec/ai/agent`) -Define autonomous AI agents with: -- Model configuration -- Function calling (tools) -- Knowledge base access (RAG) -- Access control - -### 2. Model Registry Protocol (`@objectstack/spec/ai/model-registry`) -Centralized LLM management: -- Model configurations -- Prompt templates -- Fallback handling -- Health monitoring - -### 3. RAG Pipeline Protocol (`@objectstack/spec/ai/rag-pipeline`) -Retrieval-Augmented Generation: -- Vector store configuration -- Embedding models -- Chunking strategies -- Retrieval methods (similarity, MMR, hybrid) - -### 4. Natural Language Query Protocol (`@objectstack/spec/ai/nlq`) -Transform natural language to ObjectQL: -- Intent detection -- Entity recognition -- Timeframe parsing -- Field mapping - ---- - -## Getting Started - -### Installation - -```bash -npm install @objectstack/spec -``` - -### Basic Agent - -```typescript -import { Agent } from '@objectstack/spec'; - -const myAgent: Agent = { - name: 'my_assistant', - label: 'My AI Assistant', - role: 'Customer Support Specialist', - instructions: 'You are a helpful assistant.', - - model: { - provider: 'openai', - model: 'gpt-4-turbo-preview', - temperature: 0.7, - }, - - active: true, -}; -``` - ---- - -## Building AI Agents - -### Agent Components - -#### 1. Identity & Role -```typescript -const agent: Agent = { - name: 'support_agent', // snake_case identifier - label: 'Support Agent', // Display name - avatar: '/avatars/bot.png', // Optional avatar - role: 'Customer Support', // Agent persona -}; -``` - -#### 2. Instructions (System Prompt) -```typescript -instructions: `You are an experienced customer support agent. - -Your responsibilities: -- Answer questions professionally -- Create support tickets when needed -- Escalate complex issues - -Always be polite and solution-oriented.` -``` - -#### 3. Model Configuration -```typescript -model: { - provider: 'openai', - model: 'gpt-4-turbo-preview', - temperature: 0.7, // Creativity (0-2) - maxTokens: 2048, // Response length - topP: 0.9, // Nucleus sampling -} -``` - -#### 4. Tools (Function Calling) -```typescript -tools: [ - { - type: 'action', - name: 'create_ticket', - description: 'Create a new support ticket', - }, - { - type: 'query', - name: 'search_tickets', - description: 'Search existing tickets', - }, - { - type: 'vector_search', - name: 'kb_search', - description: 'Search knowledge base', - }, - { - type: 'flow', - name: 'escalate_to_human', - description: 'Transfer to human agent', - }, -] -``` - -#### 5. Knowledge Base (RAG) -```typescript -knowledge: { - topics: ['product_docs', 'faq', 'troubleshooting'], - indexes: ['support_kb_v2'], -} -``` - -#### 6. Access Control -```typescript -access: ['support_team', 'customers'], -active: true, -``` - -### Advanced Agent Example - -```typescript -import { Agent } from '@objectstack/spec'; - -export const DataAnalystAgent: Agent = { - name: 'data_analyst_ai', - label: 'AI Data Analyst', - avatar: '/avatars/analyst.png', - role: 'Business Intelligence Analyst', - - instructions: `You are a data analyst helping users understand business metrics. - -Skills: -- Interpret natural language questions about data -- Generate ObjectQL queries -- Create visualizations -- Provide actionable insights - -Be precise, data-driven, and clear.`, - - model: { - provider: 'openai', - model: 'gpt-4', - temperature: 0.3, // Lower for precision - maxTokens: 4096, - }, - - tools: [ - { - type: 'query', - name: 'execute_objectql', - description: 'Execute ObjectQL queries on data', - }, - { - type: 'action', - name: 'create_dashboard', - description: 'Generate dashboard from metrics', - }, - { - type: 'action', - name: 'generate_chart', - description: 'Create visualizations', - }, - ], - - knowledge: { - topics: ['sql_guides', 'metrics_definitions'], - indexes: ['analytics_kb'], - }, - - access: ['analysts', 'executives', 'managers'], - active: true, -}; -``` - ---- - -## Implementing RAG - -### Why RAG? - -RAG (Retrieval-Augmented Generation) enables AI to: -- Access up-to-date information -- Reduce hallucinations -- Provide source citations -- Scale beyond context windows - -### RAG Pipeline Configuration - -```typescript -import { RAGPipelineConfig } from '@objectstack/spec'; - -const myRAG: RAGPipelineConfig = { - name: 'knowledge_base', - label: 'Knowledge Base RAG', - description: 'RAG for product documentation', - - // 1. Embedding Model - embedding: { - provider: 'openai', - model: 'text-embedding-3-large', - dimensions: 3072, - batchSize: 100, - }, - - // 2. Vector Store - vectorStore: { - provider: 'pinecone', - indexName: 'kb-prod', - namespace: 'v2', - dimensions: 3072, - metric: 'cosine', - }, - - // 3. Chunking Strategy - chunking: { - type: 'markdown', - maxChunkSize: 1000, - respectHeaders: true, - respectCodeBlocks: true, - }, - - // 4. Retrieval Method - retrieval: { - type: 'mmr', // Maximal Marginal Relevance - topK: 5, - fetchK: 20, - lambda: 0.7, // Balance relevance vs diversity - }, - - // 5. Optional Reranking - reranking: { - enabled: true, - model: 'rerank-english-v3.0', - provider: 'cohere', - topK: 3, - }, - - // 6. Document Loaders - loaders: [ - { - type: 'directory', - source: '/docs', - fileTypes: ['.md', '.txt', '.pdf'], - recursive: true, - }, - ], - - maxContextTokens: 6000, - enableCache: true, - cacheTTL: 3600, -}; -``` - -### Chunking Strategies - -#### Fixed Size -```typescript -chunking: { - type: 'fixed', - chunkSize: 512, - chunkOverlap: 50, - unit: 'tokens', -} -``` - -#### Semantic Chunking -```typescript -chunking: { - type: 'semantic', - minChunkSize: 100, - maxChunkSize: 1000, -} -``` - -#### Recursive Text Splitting -```typescript -chunking: { - type: 'recursive', - separators: ['\n\n', '\n', '. ', ' '], - chunkSize: 1000, - chunkOverlap: 100, -} -``` - -#### Markdown-Aware -```typescript -chunking: { - type: 'markdown', - maxChunkSize: 1500, - respectHeaders: true, - respectCodeBlocks: true, -} -``` - -### Retrieval Methods - -#### Similarity Search -```typescript -retrieval: { - type: 'similarity', - topK: 5, - scoreThreshold: 0.7, -} -``` - -#### MMR (Diverse Results) -```typescript -retrieval: { - type: 'mmr', - topK: 5, - fetchK: 20, - lambda: 0.5, // 0=diverse, 1=relevant -} -``` - -#### Hybrid (Vector + Keyword) -```typescript -retrieval: { - type: 'hybrid', - topK: 10, - vectorWeight: 0.7, - keywordWeight: 0.3, -} -``` - -### Querying RAG - -```typescript -import { RAGQueryRequest } from '@objectstack/spec'; - -const request: RAGQueryRequest = { - query: 'How do I configure authentication?', - pipelineName: 'knowledge_base', - topK: 5, - metadataFilters: { - category: 'security', - }, - includeMetadata: true, - includeSources: true, - executeQuery: false, // Just retrieve, don't generate -}; -``` - ---- - -## Natural Language Queries - -### NLQ Configuration - -```typescript -import { NLQModelConfig } from '@objectstack/spec'; - -const nlqConfig: NLQModelConfig = { - modelId: 'gpt-4-turbo', - - // Prompt Engineering - systemPrompt: `Convert natural language to ObjectQL. - Available objects: account, opportunity, task`, - - includeSchema: true, - includeExamples: true, - - // Features - enableIntentDetection: true, - enableEntityRecognition: true, - enableFuzzyMatching: true, - enableTimeframeDetection: true, - - // Caching - enableCaching: true, - cacheTTL: 3600, -}; -``` - -### Field Synonyms - -Help NLQ understand natural variations: - -```typescript -import { FieldSynonymConfig } from '@objectstack/spec'; - -const synonyms: FieldSynonymConfig[] = [ - { - object: 'account', - field: 'name', - synonyms: [ - 'customer name', - 'company name', - 'organization name', - 'account name', - ], - examples: [ - 'show accounts by customer name', - 'find companies with name containing Acme', - ], - }, - { - object: 'opportunity', - field: 'amount', - synonyms: [ - 'value', - 'deal size', - 'revenue', - 'worth', - ], - }, -]; -``` - -### Query Templates - -Pre-built patterns for common queries: - -```typescript -import { QueryTemplate } from '@objectstack/spec'; - -const topNTemplate: QueryTemplate = { - id: 'top-n-by-field', - name: 'top_n_by_field', - label: 'Top N Records', - - pattern: 'top {n} {object} by {field}', - - variables: [ - { name: 'n', type: 'value', required: true }, - { name: 'object', type: 'object', required: true }, - { name: 'field', type: 'field', required: true }, - ], - - astTemplate: { - object: '{object}', - sort: [{ field: '{field}', order: 'desc' }], - limit: '{n}', - }, - - examples: [ - 'top 10 accounts by revenue', - 'top 5 opportunities by amount', - ], -}; -``` - -### Processing NLQ Requests - -```typescript -import { NLQRequest, NLQResponse } from '@objectstack/spec'; - -const request: NLQRequest = { - query: 'show me all high priority tickets from last week', - - context: { - userId: 'user-123', - currentObject: 'ticket', - defaultLimit: 100, - }, - - includeAlternatives: true, - maxAlternatives: 3, - minConfidence: 0.7, - - executeQuery: true, - maxResults: 50, -}; - -// Response includes: -// - Parsed intent, entities, timeframe -// - Generated ObjectQL AST -// - Optional: Query results -// - Confidence scores -// - Alternative interpretations -``` - ---- - -## Model Registry - -### Registry Configuration - -```typescript -import { ModelRegistry } from '@objectstack/spec'; - -const registry: ModelRegistry = { - name: 'production_registry', - - models: { - 'gpt-4-turbo': { - model: { - id: 'gpt-4-turbo', - name: 'GPT-4 Turbo', - version: 'gpt-4-turbo-2024-04-09', - provider: 'openai', - - capabilities: { - textGeneration: true, - functionCalling: true, - reasoning: true, - }, - - limits: { - maxTokens: 4096, - contextWindow: 128000, - rateLimit: { - requestsPerMinute: 100, - }, - }, - - pricing: { - inputCostPer1kTokens: 0.01, - outputCostPer1kTokens: 0.03, - }, - }, - - status: 'active', - priority: 10, - fallbackModels: ['gpt-3.5-turbo'], - - healthCheck: { - enabled: true, - intervalSeconds: 300, - status: 'healthy', - }, - }, - }, - - defaultModel: 'gpt-4-turbo', - enableAutoFallback: true, -}; -``` - -### Prompt Templates - -Reusable prompts with variables: - -```typescript -promptTemplates: { - support_response: { - id: 'support-v1', - name: 'support_response', - label: 'Support Response', - - system: 'You are a helpful support agent.', - user: `Customer: {{customer_name}} -Question: {{question}} -Context: {{context}}`, - - variables: [ - { name: 'customer_name', type: 'string', required: true }, - { name: 'question', type: 'string', required: true }, - { name: 'context', type: 'string', required: false }, - ], - - modelId: 'gpt-4-turbo', - temperature: 0.7, - maxTokens: 2048, - - examples: [ - { - input: { - customer_name: 'John Doe', - question: 'How do I reset my password?', - }, - output: 'To reset your password...', - }, - ], - }, -} -``` - ---- - -## Production Best Practices - -### 1. Model Selection - -- **Reasoning tasks**: GPT-4, Claude 3 Opus -- **Simple tasks**: GPT-3.5, Claude 3 Haiku -- **Embeddings**: text-embedding-3-large -- **Creative writing**: Claude 3 Sonnet - -### 2. Cost Optimization - -- Use smaller models for simple tasks -- Enable caching for repeated queries -- Batch embedding requests -- Set appropriate token limits - -### 3. Error Handling - -```typescript -{ - status: 'active', - priority: 10, - fallbackModels: ['backup-model'], - healthCheck: { - enabled: true, - intervalSeconds: 300, - }, -} -``` - -### 4. Security - -- Store API keys in environment variables -- Use access control on agents -- Validate user inputs -- Implement rate limiting -- Monitor for abuse - -### 5. Monitoring - -Track: -- Response times -- Token usage -- Error rates -- User satisfaction -- Cache hit rates - -### 6. Testing - -```typescript -import { NLQTrainingExample } from '@objectstack/spec'; - -const trainingExamples: NLQTrainingExample[] = [ - { - query: 'show all accounts created last month', - expectedIntent: 'select', - expectedObject: 'account', - expectedAST: { - object: 'account', - filters: [['created_date', '>=', '2023-12-01']], - }, - }, -]; -``` - ---- - -## Example Applications - -### 1. AI Support Assistant -[View Example](/docs/guides/examples/ai-support) - -**Features:** -- RAG knowledge base -- Ticket management -- Escalation workflows -- Customer satisfaction tracking - -**Architecture:** -``` -Customer → GPT-4 Agent → RAG (Pinecone) → Actions → ObjectQL -``` - -### 2. AI Data Analyst -[View Example](/docs/guides/examples/ai-analyst) - -**Features:** -- Natural language queries -- Auto-generate dashboards -- Time-based analysis -- Query templates - -### 3. AI Code Generator -[View Example](/docs/guides/examples/ai-codegen) - -**Features:** -- Generate ObjectStack apps -- Schema validation -- Best practices enforcement -- RAG for documentation - -### 4. AI Sales Assistant -[View Example](/docs/guides/examples/ai-sales) - -**Features:** -- Lead qualification -- Email personalization -- Competitive intelligence -- Deal insights - ---- - -## FAQ - -### When should I use RAG vs fine-tuning? - -**Use RAG when:** -- Information changes frequently -- You need source citations -- Data is too large for context window -- Privacy/compliance requirements - -**Use fine-tuning when:** -- Teaching specific writing style -- Domain-specific terminology -- Consistent behavior needed -- Cost optimization for high volume - -### How do I handle low confidence queries? - -```typescript -if (response.parseResult.confidence < 0.7) { - if (response.needsClarification) { - // Ask user for clarification - showSuggestions(response.suggestions); - } else { - // Show alternative interpretations - showAlternatives(response.parseResult.alternatives); - } -} -``` - -### What vector database should I use? - -- **Pinecone**: Managed, easy to use -- **Weaviate**: Open source, flexible -- **Qdrant**: High performance, Rust-based -- **pgvector**: PostgreSQL extension -- **Chroma**: Local development - -### How do I optimize RAG performance? - -1. Use appropriate chunk sizes (500-1000 tokens) -2. Enable reranking for accuracy -3. Use MMR for diverse results -4. Cache frequently accessed chunks -5. Filter by metadata when possible -6. Monitor retrieval metrics - ---- - -## Resources - -- [ObjectStack Documentation](https://docs.objectstack.ai) -- [AI Protocol Reference](/docs/guides/packages/spec/src/ai) -- [Example Applications](/docs/guides/examples) -- [Discord Community](https://discord.gg/objectstack) - ---- - -## Next Steps - -1. Start with a simple agent -2. Add RAG for your knowledge base -3. Implement natural language queries -4. Deploy to production -5. Monitor and optimize - -Happy building! 🚀 diff --git a/content/docs/guides/advanced/ai-integration/meta.json b/content/docs/guides/advanced/ai-integration/meta.json deleted file mode 100644 index 921f7be38..000000000 --- a/content/docs/guides/advanced/ai-integration/meta.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "title": "AI Integration", - "pages": [ - "quick-start" - ] -} diff --git a/content/docs/guides/advanced/ai-integration/quick-start.mdx b/content/docs/guides/advanced/ai-integration/quick-start.mdx deleted file mode 100644 index c6e793980..000000000 --- a/content/docs/guides/advanced/ai-integration/quick-start.mdx +++ /dev/null @@ -1,178 +0,0 @@ ---- -title: AI Integration Quick Start -description: Quick guide to integrating AI features into ObjectStack applications ---- - -# AI Integration Quick Start - -> Quick guide to integrating AI features into ObjectStack applications - -## Overview - -ObjectStack provides built-in AI capabilities through the AI Protocol. This guide covers the essentials. - -## Agent Setup - -### 1. Define an AI Agent - -```typescript -const agent = { - name: 'sales_assistant', - label: 'Sales Assistant', - model: { - provider: 'openai', - modelName: 'gpt-4', - temperature: 0.7, - }, - tools: [ - 'query_records', - 'create_record', - 'send_email', - ], - systemPrompt: 'You are a helpful sales assistant...', -}; -``` - -### 2. Configure Model Registry - -```typescript -const modelRegistry = { - models: [ - { - id: 'gpt-4', - provider: 'openai', - capabilities: ['chat', 'function_calling'], - limits: { - maxTokens: 8192, - maxContextLength: 128000, - }, - }, - ], -}; -``` - -## RAG Pipeline - -### Basic RAG Configuration - -```typescript -const ragConfig = { - knowledgeBases: ['product_docs', 'sales_playbook'], - - chunking: { - strategy: 'semantic', - chunkSize: 512, - overlap: 50, - }, - - embedding: { - model: 'text-embedding-ada-002', - provider: 'openai', - }, - - vectorStore: { - provider: 'pinecone', - config: { - apiKey: process.env.PINECONE_API_KEY, - environment: 'production', - }, - }, - - retrieval: { - topK: 5, - minScore: 0.7, - }, -}; -``` - -## Natural Language Queries - -### Enable NLQ for Objects - -```typescript -const nlqConfig = { - enabled: true, - objects: ['customer_account', 'opportunity'], - - fieldMappings: [ - { - synonyms: ['revenue', 'sales', 'income'], - field: 'annual_revenue', - }, - { - synonyms: ['company', 'business', 'organization'], - field: 'account_name', - }, - ], - - examples: [ - { - query: 'show me high value customers', - intent: 'list', - filters: [{ field: 'annual_revenue', operator: 'gt', value: 1000000 }], - }, - ], -}; -``` - -## Using AI Tools - -### Query with Natural Language - -```typescript -const result = await ai.query({ - prompt: 'Show me all accounts in the technology industry with revenue over $1M', - object: 'customer_account', -}); - -// Returns: QueryResult with structured data -``` - -### Generate with AI - -```typescript -const generated = await ai.generate({ - prompt: 'Write a follow-up email for this customer', - context: { - customer: customerData, - lastInteraction: interactionData, - }, -}); -``` - -## Best Practices - -1. **Prompt Engineering** - - Be specific and clear - - Provide context - - Use examples - -2. **Model Selection** - - Use appropriate model for task - - Balance cost vs. capability - - Consider latency requirements - -3. **RAG Optimization** - - Chunk documents semantically - - Use appropriate embedding models - - Filter results by relevance score - -4. **Error Handling** - - Handle model failures gracefully - - Implement retry logic - - Provide fallbacks - -## Examples - -See the following example implementations: - -- [AI Sales Assistant](/docs/examples/ai-sales/) -- [AI Support Agent](/docs/examples/ai-support/) -- [AI Code Generator](/docs/examples/ai-codegen/) -- [AI Analyst](/docs/examples/ai-analyst/) - -For complete documentation, see [AI_INTEGRATION_GUIDE.md](/docs/guides/AI_INTEGRATION_GUIDE.md) - ---- - -**Last Updated**: 2026-01-22 diff --git a/content/docs/guides/advanced/meta.json b/content/docs/guides/advanced/meta.json deleted file mode 100644 index 624f5b38e..000000000 --- a/content/docs/guides/advanced/meta.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "title": "Advanced Guides", - "pages": [ - "ai-integration-guide", - "ai-integration", - "security", - "performance" - ] -} diff --git a/content/docs/guides/advanced/performance/meta.json b/content/docs/guides/advanced/performance/meta.json deleted file mode 100644 index e4f6c882d..000000000 --- a/content/docs/guides/advanced/performance/meta.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "title": "Performance", - "pages": [ - "optimization" - ] -} diff --git a/content/docs/guides/advanced/performance/optimization.mdx b/content/docs/guides/advanced/performance/optimization.mdx deleted file mode 100644 index b8bb38703..000000000 --- a/content/docs/guides/advanced/performance/optimization.mdx +++ /dev/null @@ -1,140 +0,0 @@ ---- -title: Performance Optimization -description: Strategies for optimizing ObjectStack Protocol implementations ---- - -# Performance Optimization Guide - -> Strategies for optimizing ObjectStack Protocol implementations - -## Query Optimization - -### Select Only Needed Fields -```typescript -// ✅ Good -const query = { - select: ['id', 'name', 'email'], - from: 'customer_account', -}; - -// ❌ Bad -const query = { - select: ['*'], // Unnecessary data - from: 'customer_account', -}; -``` - -### Use Efficient Filters -- Apply filters at database level -- Use indexed fields in WHERE clauses -- Implement pagination - -### Avoid N+1 Queries -- Use joins instead of loops -- Batch load related data -- Use DataLoader pattern - -## Caching Strategies - -### Metadata Caching -- Cache object/field definitions (1 hour TTL) -- Cache user permissions (10 minutes TTL) -- Use Redis for distributed caching - -### Query Result Caching -```typescript -const cacheKey = `query:${JSON.stringify(query)}`; -const cached = await redis.get(cacheKey); -if (cached) return JSON.parse(cached); - -const results = await executeQuery(query); -await redis.setEx(cacheKey, 300, JSON.stringify(results)); -``` - -### Cache Invalidation -- Invalidate on data changes -- Use cache tags/patterns -- Implement TTL strategies - -## Database Indexing - -### Index Strategy -```typescript -const indexes = [ - { fields: ['email'], unique: true }, - { fields: ['status'] }, - { fields: ['industry', 'revenue'] }, // Composite -]; -``` - -### Best Practices -- Index frequently queried fields -- Use composite indexes for multi-field queries -- Monitor and remove unused indexes - -## API Performance - -### Connection Pooling -```typescript -const pool = new Pool({ - min: 2, - max: 10, - idleTimeoutMillis: 30000, -}); -``` - -### Response Compression -- Enable gzip compression -- Only compress responses > 1KB -- Use level 6 compression - -### Async Operations -```typescript -// Parallel execution -const [accounts, opportunities] = await Promise.all([ - queryAccounts(), - queryOpportunities(), -]); -``` - -## Frontend Optimization - -### Lazy Loading -- Load components on demand -- Code splitting -- Dynamic imports - -### Virtualization -- Use virtual scrolling for long lists -- Render only visible items -- Implement infinite scroll - -### Memoization -- Cache expensive computations -- Use React.memo for components -- useMemo for derived data - -## Monitoring - -### Performance Metrics -- Track query duration -- Log slow queries (> 1s) -- Monitor cache hit rates - -### Profiling -- Use EXPLAIN ANALYZE for queries -- Profile application code -- Monitor resource usage - -## Performance Targets - -| Metric | Target | -|--------|--------| -| API Response (p95) | < 500ms | -| Database Query (p95) | < 200ms | -| Page Load | < 2s | -| Cache Hit Rate | > 80% | - ---- - -**Last Updated**: 2026-01-22 diff --git a/content/docs/guides/advanced/security/best-practices.mdx b/content/docs/guides/advanced/security/best-practices.mdx deleted file mode 100644 index 9a3823d44..000000000 --- a/content/docs/guides/advanced/security/best-practices.mdx +++ /dev/null @@ -1,105 +0,0 @@ ---- -title: Security Best Practices -description: Comprehensive security guidelines for ObjectStack Protocol implementations ---- - -# Security Best Practices Guide - -> Comprehensive security guidelines for ObjectStack Protocol implementations - -## Authentication & Authorization - -### Strong Authentication -```typescript -const authConfig = { - providers: [ - { - type: 'email_password', - passwordPolicy: { - minLength: 12, - requireUppercase: true, - requireNumbers: true, - requireSpecialChars: true, - }, - }, - ], - twoFactor: { - enabled: true, - required: true, - }, -}; -``` - -### Session Management -- Use short session lifetimes (1-24 hours) -- Set secure cookie flags (httpOnly, secure, sameSite) -- Invalidate sessions on password change - -### RBAC -- Implement least privilege principle -- Use role-based access control -- Apply field-level security - -## Data Protection - -### Encryption -- Encrypt sensitive fields at rest -- Use HTTPS/TLS for all traffic -- Implement proper key management - -### Data Masking -- Mask sensitive data in logs -- Sanitize error messages -- Redact PII in responses - -## API Security - -### Rate Limiting -- Limit API requests per user -- Block brute force attacks -- Implement exponential backoff - -### Input Validation -- Validate all inputs with Zod schemas -- Use parameterized queries -- Prevent SQL/NoSQL injection - -### CORS & CSRF -- Configure CORS properly -- Enable CSRF protection -- Validate origin headers - -## Secrets Management - -- Store secrets in environment variables -- Never commit secrets to git -- Rotate secrets regularly -- Use secret management services - -## Audit & Compliance - -### Audit Logging -- Log security events -- Track data access -- Monitor authentication attempts - -### Compliance -- GDPR data export/erasure -- HIPAA encryption requirements -- SOC2 audit trails - -## Security Checklist - -- [ ] HTTPS enforced -- [ ] MFA enabled -- [ ] Rate limiting configured -- [ ] Input validation on all endpoints -- [ ] Secrets in environment variables -- [ ] Audit logging enabled -- [ ] Regular security updates - -For detailed information, see [AUTHENTICATION_STANDARD.md](/docs/AUTHENTICATION_STANDARD.md) - ---- - -**Last Updated**: 2026-01-22 diff --git a/content/docs/guides/advanced/security/meta.json b/content/docs/guides/advanced/security/meta.json deleted file mode 100644 index 8e41b7a1f..000000000 --- a/content/docs/guides/advanced/security/meta.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "title": "Security", - "pages": [ - "best-practices" - ] -} diff --git a/content/docs/guides/custom-driver.cn.mdx b/content/docs/guides/custom-driver.cn.mdx deleted file mode 100644 index 2c7416f12..000000000 --- a/content/docs/guides/custom-driver.cn.mdx +++ /dev/null @@ -1,136 +0,0 @@ ---- -title: 构建自定义驱动 -description: 学习如何使用驱动接口为 ObjectStack 实现自定义数据库驱动。 ---- - -# 构建自定义驱动 - -驱动程序(Driver)是 **ObjectQL** 引擎与底层数据存储(SQL、NoSQL、API 等)之间的桥梁。通过实现 `DriverInterface`,您可以将 ObjectStack 连接到任何数据源。 - -本指南将以创建一个简单的 **内存驱动(In-Memory Driver)** 为例进行讲解。 - -## 先决条件 - -- 现有的 ObjectStack 工作区或插件包。 -- 依赖 `@objectstack/objectql` 和 `@objectstack/spec`。 - -## 1. 驱动接口 (Driver Interface) - -所有驱动程序必须实现规范中定义的 `DriverInterface`。 - -### 重要:ID 兼容性规范 - -ObjectStack 协议强制要求所有记录必须包含一个类型为 `string` 的 `id` 字段。 -底层数据库可能使用不同的惯例(例如 MongoDB 使用 `_id`,SQL 使用 `int` 类型的 ID)。 -**驱动程序负责将这些转换为标准的字符串 `id`。** - -- **输入**: 当 `update` 或 `delete` 方法接收 `id` 参数时,将其视为唯一主键。 -- **输出**: 当 `find`、`create` 或 `update` 返回记录时,确保: - - 必须包含 `id` 字段(字符串)。 - - 应移除或映射实现特定的 ID(如 `_id`)。 - -```typescript -import { DriverInterface, DriverOptions } from '@objectstack/spec'; -import { QueryAST, QueryResult } from '@objectstack/objectql'; - -export class MyCustomDriver implements DriverInterface { - name = 'MyCustomDriver'; - - async connect() { - // 初始化连接 - } - - async disconnect() { - // 关闭连接 - } - - // ... CRUD 方法 -} -``` - -## 2. 实现 CRUD 操作 - -您需要实现 `find`(查询)、`insert`(插入)、`update`(更新)和 `delete`(删除)方法。 - -### Find (查询) - -`find` 方法接收一个 `QueryAST` 对象,其中包含结构化的查询信息(过滤、排序、分页)。 - -```typescript -async find(object: string, query: QueryAST, options?: DriverOptions): Promise { - // 1. 将 QueryAST 转换为数据库的查询语言(例如 SQL) - // 2. 执行查询 - const results = await db.query(...); - - // 3. 规范化 ID (MongoDB 风格示例) - return results.map(doc => ({ - ...doc, - id: doc._id.toString(), // 映射 _id -> id - _id: undefined // 隐藏实现细节 - })); -} -``` - -### Insert (插入) - -```typescript -async insert(object: string, data: Record, options?: DriverOptions) { - // 将数据插入存储 - return data; -} -``` - -### Update (更新) - -```typescript -async update(object: string, id: string, data: Record, options?: DriverOptions) { - // 更新由 `id` 标识的记录 - return { id, ...data }; -} -``` - -### Delete (删除) - -```typescript -async delete(object: string, id: string, options?: DriverOptions) { - // 删除记录 -} -``` - -## 3. 类型处理 - -使用 `@objectstack/objectql` 提供的类型以确保兼容性。 - -- `QueryAST`: 通用的查询抽象语法树。 -- `QueryResult`: `Record[]`. - -## 4. 注册驱动 - -在插件的运行时入口点(例如 `index.ts`)导出驱动程序,以便引擎使用。 - -```typescript -import { MyCustomDriver } from './my-driver'; - -export default { - drivers: [new MyCustomDriver()] -}; -``` - -## 示例:内存驱动 - -请参考 `examples/plugin-driver-memory` 中的参考实现。 - -```typescript -// examples/plugin-driver-memory/src/memory-driver.ts -export class InMemoryDriver implements DriverInterface { - name = 'InMemory'; - private store = new Map>(); - - async find(object: string, query: QueryAST) { - const table = this.store.get(object) || new Map(); - // 简单的过滤实现... - return Array.from(table.values()); - } - // ... -} -``` diff --git a/content/docs/guides/custom-driver.mdx b/content/docs/guides/custom-driver.mdx deleted file mode 100644 index 61fda057b..000000000 --- a/content/docs/guides/custom-driver.mdx +++ /dev/null @@ -1,136 +0,0 @@ ---- -title: Building a Custom Driver -description: Learn how to implement a custom database driver for ObjectStack using the Driver Interface. ---- - -# Building a Custom Driver - -Drivers are the bridge between the **ObjectQL** engine and the underlying data storage (SQL, NoSQL, APIs, etc.). By implementing the `DriverInterface`, you can connect ObjectStack to any data source. - -In this guide, we will walk through creating a simple **In-Memory Driver** as an example. - -## Prerequisites - -- Existing ObjectStack workspace or plugin package. -- Dependency on `@objectstack/objectql` and `@objectstack/spec`. - -## 1. The Driver Interface - -All drivers must implement the `DriverInterface` defined in the specification. - -### Important: ID Compatibility - -The ObjectStack protocol mandates that all records MUST have an `id` field of type `string`. -Underlying databases might use different conventions (e.g., `_id` in MongoDB, `int` IDs in SQL). -**The Driver is responsible for mapping these to the standard string `id`.** - -- **Input:** When receiving an `id` in `update` or `delete`, treat it as the primary key. -- **Output:** When returning records from `find`, `create`, or `update`, ensure: - - There is an `id` field (string). - - Implementation-specific IDs (like `_id`) should be removed or mapped. - -```typescript -import { DriverInterface, DriverOptions } from '@objectstack/spec'; -import { QueryAST, QueryResult } from '@objectstack/objectql'; - -export class MyCustomDriver implements DriverInterface { - name = 'MyCustomDriver'; - - async connect() { - // Initialize connection - } - - async disconnect() { - // Close connection - } - - // ... CRUD Methods -} -``` - -## 2. Implementing CRUD Operations - -You need to implement `find`, `insert`, `update`, and `delete` methods. - -### Find (Query) - -The `find` method receives a `QueryAST` object, which contains structured query information (filters, sorting, pagination). - -```typescript -async find(object: string, query: QueryAST, options?: DriverOptions): Promise { - // 1. Convert QueryAST to your database's query language (e.g., SQL) - // 2. Execute query - const results = await db.query(...); - - // 3. Normalize ID (Example for Mongo-like DB) - return results.map(doc => ({ - ...doc, - id: doc._id.toString(), // Map _id -> id - _id: undefined // Hide implementation details - })); -} -``` - -### Insert (Create) - -```typescript -async insert(object: string, data: Record, options?: DriverOptions) { - // Insert data into the storage - return data; -} -``` - -### Update - -```typescript -async update(object: string, id: string, data: Record, options?: DriverOptions) { - // Update the record identified by `id` - return { id, ...data }; -} -``` - -### Delete - -```typescript -async delete(object: string, id: string, options?: DriverOptions) { - // Remove the record -} -``` - -## 3. Handling Types - -Use the types provided by `@objectstack/objectql` to ensure compatibility. - -- `QueryAST`: The universal abstract syntax tree for queries. -- `QueryResult`: `Record[]`. - -## 4. Registering the Driver - -In your plugin's runtime entry point (e.g., `index.ts`), export the driver so it can be used by the engine. - -```typescript -import { MyCustomDriver } from './my-driver'; - -export default { - drivers: [new MyCustomDriver()] -}; -``` - -## Example: In-Memory Driver - -See the reference implementation in `examples/plugin-driver-memory`. - -```typescript -// examples/plugin-driver-memory/src/memory-driver.ts -export class InMemoryDriver implements DriverInterface { - name = 'InMemory'; - private store = new Map>(); - - async find(object: string, query: QueryAST) { - const table = this.store.get(object) || new Map(); - // Simple filter implementation... - return Array.from(table.values()); - } - // ... -} -``` diff --git a/content/docs/guides/field-types.cn.mdx b/content/docs/guides/field-types.cn.mdx deleted file mode 100644 index 2f90e4668..000000000 --- a/content/docs/guides/field-types.cn.mdx +++ /dev/null @@ -1,755 +0,0 @@ ---- -title: 字段类型参考 -description: ObjectStack 所有字段类型的完整指南,包含示例和配置选项 ---- - - -# 字段类型参考 - -ObjectStack 支持 **35 种字段类型**,涵盖文本、数字、日期、选择、关联、媒体、计算和增强类型。本指南为每种类型提供实用示例。 - -## 核心文本字段 - -### Text (文本) -单行文本输入,用于短字符串。 - -```typescript -import { Field } from '@objectstack/spec'; - -// 基础文本字段 -name: Field.text({ - label: '姓名', - required: true, - maxLength: 255, -}) - -// 可搜索文本字段 -account_name: Field.text({ - label: '账户名称', - searchable: true, - unique: true, -}) -``` - -**配置选项:** -- `required` - 设为必填字段 -- `maxLength` - 最大字符限制 -- `minLength` - 最小字符限制 -- `searchable` - 启用全文搜索 -- `unique` - 强制唯一性约束 -- `defaultValue` - 设置默认值 - ---- - -### Textarea (多行文本) -多行文本输入,用于较长内容。 - -```typescript -description: Field.textarea({ - label: '描述', - maxLength: 5000, - rows: 5, // UI 初始高度提示 -}) -``` - ---- - -### Email (电子邮件) -带验证的电子邮件地址字段。 - -```typescript -email: Field.email({ - label: '电子邮件', - required: true, - unique: true, -}) -``` - -> ℹ️ **Info:** - 自动验证邮箱格式:`user@domain.com` - - ---- - -### URL (网址) -网站/链接字段,带 URL 验证。 - -```typescript -website: Field.url({ - label: '网站', - placeholder: 'https://example.com', -}) -``` - ---- - -### Phone (电话) -带格式验证的电话号码字段。 - -```typescript -phone: Field.phone({ - label: '电话号码', - format: 'international', // 或 'us', 'uk' -}) -``` - ---- - -### Password (密码) -带加密的安全密码字段。 - -```typescript -api_key: Field.password({ - label: 'API 密钥', - encryption: true, // 静态加密 - readonly: true, -}) -``` - -> ⚠️ **Warning:** - 密码字段在 UI 中自动掩码,如果 `encryption: true` 则加密存储 - - ---- - -## 富内容字段 - -### Markdown -支持预览的 Markdown 文本编辑器。 - -```typescript -documentation: Field.markdown({ - label: '文档', - description: '支持完整 Markdown 语法', -}) -``` - ---- - -### HTML -原始 HTML 编辑器(谨慎使用)。 - -```typescript -html_content: Field.html({ - label: 'HTML 内容', - description: '原始 HTML - 渲染前需要净化', -}) -``` - -> ⚠️ **Warning:** - 渲染前务必净化 HTML 内容,防止 XSS 攻击 - - ---- - -### Rich Text (富文本) -带格式化工具栏的所见即所得编辑器。 - -```typescript -notes: Field.richtext({ - label: '备注', - description: '富文本支持格式化、列表、链接', -}) -``` - -**支持:** -- 粗体、斜体、下划线 -- 标题、列表、引用 -- 链接和图片 -- 表格 - ---- - -## 数字字段 - -### Number (数字) -整数或小数的数值字段。 - -```typescript -quantity: Field.number({ - label: '数量', - min: 0, - max: 1000, - defaultValue: 1, -}) - -// 小数 -temperature: Field.number({ - label: '温度', - precision: 5, // 总位数 - scale: 2, // 小数位 -}) -``` - ---- - -### Currency (货币) -带货币符号的金额值。 - -```typescript -annual_revenue: Field.currency({ - label: '年收入', - precision: 18, - scale: 2, - min: 0, -}) -``` - -**显示:** `$1,234.56`(带货币符号格式化) - ---- - -### Percent (百分比) -百分比值(0-100 或 0-1)。 - -```typescript -probability: Field.percent({ - label: '赢单概率', - min: 0, - max: 100, - scale: 1, // 一位小数 -}) -``` - -**显示:** `75.5%` - ---- - -## 日期和时间字段 - -### Date (日期) -日期选择器(无时间组件)。 - -```typescript -due_date: Field.date({ - label: '截止日期', - defaultValue: 'today', -}) - -birthday: Field.date({ - label: '生日', - min: '1900-01-01', - max: 'today', -}) -``` - -**格式:** `YYYY-MM-DD` - ---- - -### DateTime (日期时间) -支持时区的日期时间选择器。 - -```typescript -created_at: Field.datetime({ - label: '创建时间', - readonly: true, - defaultValue: 'now', -}) -``` - -**格式:** `YYYY-MM-DD HH:mm:ss` - ---- - -### Time (时间) -时间选择器(无日期组件)。 - -```typescript -meeting_time: Field.time({ - label: '会议时间', - format: '24h', // 或 '12h' -}) -``` - -**格式:** `HH:mm:ss` - ---- - -## 布尔字段 - -### Boolean (布尔值) -真/假值的复选框。 - -```typescript -is_active: Field.boolean({ - label: '激活', - defaultValue: true, -}) - -is_completed: Field.boolean({ - label: '已完成', - defaultValue: false, -}) -``` - -**显示:** 复选框或切换开关 - ---- - -## 选择字段 - -### Select (选择) -带预定义选项的下拉菜单。 - -```typescript -// 简单选项(字符串数组) -priority: Field.select({ - label: '优先级', - options: ['低', '中', '高', '紧急'], -}) - -// 高级选项(带值和颜色) -status: Field.select({ - label: '状态', - options: [ - { label: '开放', value: 'open', color: '#00AA00', default: true }, - { label: '进行中', value: 'in_progress', color: '#FFA500' }, - { label: '已关闭', value: 'closed', color: '#999999' }, - ], -}) - -// 多选 -tags: Field.select({ - label: '标签', - multiple: true, // 允许多选 - options: ['错误', '功能', '增强', '文档'], -}) -``` - -**配置:** -- `options` - 字符串标签数组或选项对象 -- `multiple` - 允许多选(存储为数组) -- `color` - 徽章和图表的颜色 - ---- - -## 关联字段 - -### Lookup (查找) -引用另一个对象(多对一)。 - -```typescript -// 基础查找 -account: Field.lookup('account', { - label: '账户', - required: true, -}) - -// 过滤查找 -contact: Field.lookup('contact', { - label: '联系人', - referenceFilters: ['account_id = $parent.account_id'], // 按父记录过滤 -}) - -// 多重查找 -related_cases: Field.lookup('case', { - label: '相关案例', - multiple: true, // 多对多 -}) -``` - -**配置:** -- `reference` - 目标对象名称(snake_case) -- `referenceFilters` - 查找对话框的过滤条件 -- `deleteBehavior` - `'set_null'`、`'cascade'` 或 `'restrict'` -- `multiple` - 允许多个引用 - ---- - -### Master-Detail (主从) -带级联删除的父子关系。 - -```typescript -account: Field.masterDetail('account', { - label: '账户', - required: true, - deleteBehavior: 'cascade', // 删除父记录时删除子记录 - writeRequiresMasterRead: true, // 安全强制 -}) -``` - -> ℹ️ **Info:** - **主从关系 vs 查找:** - - **主从关系:** 紧密耦合,级联删除,子记录继承安全性 - - **查找:** 松散耦合,删除时置空,独立安全性 - - ---- - -## 媒体字段 - -### Image (图片) -带预览的图片上传。 - -```typescript -product_image: Field.image({ - label: '产品图片', - multiple: false, - maxFileSize: 5 * 1024 * 1024, // 5MB - acceptedFormats: ['image/jpeg', 'image/png', 'image/webp'], -}) - -// 多图片 -gallery: Field.image({ - label: '图库', - multiple: true, - maxFiles: 10, -}) -``` - ---- - -### File (文件) -任意文件类型的文件上传字段。 - -```typescript -attachment: Field.file({ - label: '附件', - maxFileSize: 25 * 1024 * 1024, // 25MB - acceptedFormats: ['application/pdf', 'application/msword'], -}) -``` - ---- - -### Avatar (头像) -个人资料图片/头像上传。 - -```typescript -profile_picture: Field.avatar({ - label: '头像', - maxFileSize: 2 * 1024 * 1024, // 2MB - cropAspectRatio: 1, // 正方形裁剪 -}) -``` - ---- - -## 计算字段 - -### Formula (公式) -基于表达式的计算字段。 - -```typescript -full_name: Field.formula({ - label: '全名', - expression: 'CONCAT(first_name, " ", last_name)', - readonly: true, -}) - -full_address: Field.formula({ - label: '完整地址', - expression: 'CONCAT(street, ", ", city, ", ", state, " ", postal_code)', -}) - -days_open: Field.formula({ - label: '开放天数', - expression: 'DAYS_BETWEEN(created_at, NOW())', - type: 'number', -}) -``` - -> ℹ️ **Info:** - 公式字段自动计算且只读。可用函数请参见 [公式函数](/docs/references/data/formulas)。 - - ---- - -### Summary (汇总) -从关联记录聚合数据。 - -```typescript -total_opportunities: Field.summary({ - label: '总机会金额', - summaryOperations: { - object: 'opportunity', - field: 'amount', - function: 'sum', - }, -}) - -open_cases_count: Field.summary({ - label: '开放案例数', - summaryOperations: { - object: 'case', - field: 'id', - function: 'count', - }, -}) -``` - -**可用函数:** -- `count` - 计数关联记录 -- `sum` - 求和数值字段 -- `avg` - 平均数值字段 -- `min` - 最小值 -- `max` - 最大值 - ---- - -### Autonumber (自动编号) -自动递增的唯一标识符。 - -```typescript -account_number: Field.autonumber({ - label: '账户编号', - format: 'ACC-{0000}', // ACC-0001, ACC-0002, 等 -}) - -case_id: Field.autonumber({ - label: '案例 ID', - format: 'CASE-{YYYY}-{00000}', // CASE-2024-00001 -}) -``` - -**格式标记:** -- `{0000}` - 补零数字 -- `{YYYY}` - 年份 -- `{MM}` - 月份 -- `{DD}` - 日期 - ---- - -## 增强字段类型 - -### Location (位置) -带地图显示的 GPS 坐标。 - -```typescript -coordinates: Field.location({ - label: '位置', - displayMap: true, - allowGeocoding: true, // 将地址转换为坐标 -}) -``` - -**数据结构:** -```typescript -{ - latitude: 37.7749, - longitude: -122.4194, - altitude: 100, // 可选 - accuracy: 10, // 可选(米) -} -``` - ---- - -### Address (地址) -结构化地址字段。 - -```typescript -billing_address: Field.address({ - label: '账单地址', - addressFormat: 'us', // 'us'、'uk' 或 'international' -}) -``` - -**数据结构:** -```typescript -{ - street: '123 Main St', - city: 'San Francisco', - state: 'CA', - postalCode: '94105', - country: 'United States', - countryCode: 'US', - formatted: '123 Main St, San Francisco, CA 94105', -} -``` - ---- - -### Code (代码) -带语法高亮的代码编辑器。 - -```typescript -code_snippet: Field.code('javascript', { - label: '代码片段', - lineNumbers: true, - theme: 'monokai', -}) - -sql_query: Field.code('sql', { - label: 'SQL 查询', - readonly: false, -}) -``` - -**支持的语言:** -- `javascript`、`typescript`、`python`、`java`、`sql`、`html`、`css`、`json`、`yaml`、`markdown` 等 - ---- - -### Color (颜色) -支持多种格式的颜色选择器。 - -```typescript -category_color: Field.color({ - label: '分类颜色', - colorFormat: 'hex', // 'hex'、'rgb'、'rgba'、'hsl' - presetColors: ['#FF0000', '#00FF00', '#0000FF', '#FFFF00'], - allowAlpha: false, -}) - -theme_color: Field.color({ - label: '主题颜色', - colorFormat: 'rgba', - allowAlpha: true, // 支持透明度 -}) -``` - ---- - -### Rating (评分) -星级评分字段。 - -```typescript -priority: Field.rating(3, { - label: '优先级', - description: '1-3 星', -}) - -satisfaction: Field.rating(5, { - label: '客户满意度', - allowHalf: true, // 允许 0.5 增量 -}) -``` - -**配置:** -- 第一个参数:`maxRating`(默认:5) -- `allowHalf` - 允许半星评分(例如 3.5) - ---- - -### Signature (签名) -数字签名捕获。 - -```typescript -customer_signature: Field.signature({ - label: '客户签名', - required: true, - readonly: false, -}) -``` - -**存储为:** Base64 编码的图片数据 - ---- - -## 字段配置参考 - -### 通用属性 - -所有字段都支持这些通用属性: - -```typescript -{ - // 标识 - name: 'field_name', // snake_case 机器名称 - label: '字段标签', // 人类可读标签 - description: '帮助文本', // 工具提示/帮助文本 - - // 约束 - required: false, // 是否必填 - unique: false, // 强制唯一性 - defaultValue: null, // 默认值 - - // UI 行为 - hidden: false, // 从默认 UI 隐藏 - readonly: false, // UI 中只读 - searchable: false, // 启用搜索索引 - - // 数据库 - index: false, // 创建数据库索引 - externalId: false, // 用于 upsert 操作 - encryption: false, // 静态加密 -} -``` - ---- - -## 最佳实践 - -### 命名约定 - -```typescript -// ✅ 正确:字段名使用 snake_case -account_name: Field.text({ label: '账户名称' }) -annual_revenue: Field.currency({ label: '年收入' }) - -// ❌ 错误:camelCase 或 PascalCase -accountName: Field.text({ label: '账户名称' }) -AnnualRevenue: Field.currency({ label: '年收入' }) -``` - -### 必填字段 - -```typescript -// ✅ 正确:必填关键字段 -name: Field.text({ - label: '名称', - required: true, - maxLength: 255, -}) - -// ✅ 正确:可选字段提供灵活性 -middle_name: Field.text({ - label: '中间名', - required: false, -}) -``` - -### 可搜索字段 - -```typescript -// ✅ 正确:关键字段可搜索 -account_name: Field.text({ - searchable: true, - label: '账户名称', -}) - -// ❌ 错误:不要索引大文本字段 -description: Field.textarea({ - searchable: true, // 可能影响性能 -}) -``` - -### 默认值 - -```typescript -// ✅ 正确:使用有意义的默认值 -status: Field.select({ - options: [ - { label: '开放', value: 'open', default: true }, - { label: '关闭', value: 'closed' }, - ], -}) - -created_at: Field.datetime({ - defaultValue: 'now', - readonly: true, -}) -``` - ---- - -## CRM 示例 - -参见 **[CRM 示例](https://github.com/objectstack-ai/spec/tree/main/examples/crm)** 了解所有字段类型的实际使用: - -- **账户:** 自动编号、公式、货币、带颜色的选择 -- **联系人:** 主从关系、公式(全名)、头像、电子邮件、电话 -- **机会:** 工作流自动化、状态机、百分比、日期时间 -- **案例:** 评分(满意度)、SLA 跟踪、公式计算 -- **任务:** 代码、颜色、评分、位置、签名 - ---- - -## 下一步 - -- [对象架构指南](/docs/guides/object-schema) -- [验证规则](/docs/guides/validation-rules) -- [工作流自动化](/docs/guides/workflows) -- [字段 API 参考](/docs/references/data/core/Field) diff --git a/content/docs/guides/field-types.mdx b/content/docs/guides/field-types.mdx deleted file mode 100644 index b90a58d90..000000000 --- a/content/docs/guides/field-types.mdx +++ /dev/null @@ -1,817 +0,0 @@ ---- -title: Field Types Reference -description: Complete guide to all ObjectStack field types with examples and configuration options ---- - - -# Field Types Reference - -ObjectStack supports **35 field types** covering text, numbers, dates, selections, relationships, media, calculations, and enhanced types. This guide provides practical examples for each type. - -## Core Text Fields - -### Text -Single-line text input for short strings. - -```typescript -import { Field } from '@objectstack/spec'; - -// Basic text field -name: Field.text({ - label: 'Full Name', - required: true, - maxLength: 255, -}) - -// Searchable text field -account_name: Field.text({ - label: 'Account Name', - searchable: true, - unique: true, -}) -``` - -**Configuration Options:** -- `required` - Make field mandatory -- `maxLength` - Maximum character limit -- `minLength` - Minimum character limit -- `searchable` - Enable full-text search -- `unique` - Enforce uniqueness constraint -- `defaultValue` - Set default value - ---- - -### Textarea -Multi-line text input for longer content. - -```typescript -description: Field.textarea({ - label: 'Description', - maxLength: 5000, - rows: 5, // UI hint for initial height -}) -``` - ---- - -### Email -Email address field with validation. - -```typescript -email: Field.email({ - label: 'Email Address', - required: true, - unique: true, -}) -``` - -> ℹ️ **Info:** - Automatically validates email format: `user@domain.com` - - ---- - -### URL -Website/link field with URL validation. - -```typescript -website: Field.url({ - label: 'Website', - placeholder: 'https://example.com', -}) -``` - ---- - -### Phone -Phone number field with format validation. - -```typescript -phone: Field.phone({ - label: 'Phone Number', - format: 'international', // or 'us', 'uk' -}) -``` - ---- - -### Password -Secure password field with encryption. - -```typescript -api_key: Field.password({ - label: 'API Key', - encryption: true, // Encrypt at rest - readonly: true, -}) -``` - -> ⚠️ **Warning:** - Password fields are automatically masked in UI and encrypted if `encryption: true` - - ---- - -## Rich Content Fields - -### Markdown -Markdown text editor with preview. - -```typescript -documentation: Field.markdown({ - label: 'Documentation', - description: 'Supports full Markdown syntax', -}) -``` - ---- - -### HTML -Raw HTML editor (use with caution). - -```typescript -html_content: Field.html({ - label: 'HTML Content', - description: 'Raw HTML - sanitize before rendering', -}) -``` - -> ⚠️ **Warning:** - Always sanitize HTML content before rendering to prevent XSS attacks - - ---- - -### Rich Text -WYSIWYG editor with formatting toolbar. - -```typescript -notes: Field.richtext({ - label: 'Notes', - description: 'Rich text with formatting, lists, links', -}) -``` - -**Supports:** -- Bold, italic, underline -- Headings, lists, quotes -- Links and images -- Tables - ---- - -## Number Fields - -### Number -Numeric field for integers or decimals. - -```typescript -quantity: Field.number({ - label: 'Quantity', - min: 0, - max: 1000, - defaultValue: 1, -}) - -// Decimal numbers -temperature: Field.number({ - label: 'Temperature', - precision: 5, // Total digits - scale: 2, // Decimal places -}) -``` - ---- - -### Currency -Monetary value with currency symbol. - -```typescript -annual_revenue: Field.currency({ - label: 'Annual Revenue', - precision: 18, - scale: 2, - min: 0, -}) -``` - -**Display:** `$1,234.56` (formatted with currency symbol) - ---- - -### Percent -Percentage value (0-100 or 0-1). - -```typescript -probability: Field.percent({ - label: 'Win Probability', - min: 0, - max: 100, - scale: 1, // One decimal place -}) -``` - -**Display:** `75.5%` - ---- - -## Date & Time Fields - -### Date -Date picker (no time component). - -```typescript -due_date: Field.date({ - label: 'Due Date', - defaultValue: 'today', -}) - -birthday: Field.date({ - label: 'Birthday', - min: '1900-01-01', - max: 'today', -}) -``` - -**Format:** `YYYY-MM-DD` - ---- - -### DateTime -Date and time picker with timezone support. - -```typescript -created_at: Field.datetime({ - label: 'Created At', - readonly: true, - defaultValue: 'now', -}) -``` - -**Format:** `YYYY-MM-DD HH:mm:ss` - ---- - -### Time -Time picker (no date component). - -```typescript -meeting_time: Field.time({ - label: 'Meeting Time', - format: '24h', // or '12h' -}) -``` - -**Format:** `HH:mm:ss` - ---- - -## Boolean Field - -### Boolean -Checkbox for true/false values. - -```typescript -is_active: Field.boolean({ - label: 'Active', - defaultValue: true, -}) - -is_completed: Field.boolean({ - label: 'Completed', - defaultValue: false, -}) -``` - -**Display:** Checkbox or toggle switch - ---- - -## Selection Fields - -### Select -Dropdown with predefined options. - -```typescript -// Simple options (string array) -priority: Field.select({ - label: 'Priority', - options: ['Low', 'Medium', 'High', 'Critical'], -}) - -// Advanced options (with values and colors) -status: Field.select({ - label: 'Status', - options: [ - { label: 'Open', value: 'open', color: '#00AA00', default: true }, - { label: 'In Progress', value: 'in_progress', color: '#FFA500' }, - { label: 'Closed', value: 'closed', color: '#999999' }, - ], -}) - -// Multi-select -tags: Field.select({ - label: 'Tags', - multiple: true, // Allow multiple selections - options: ['Bug', 'Feature', 'Enhancement', 'Documentation'], -}) -``` - -**Configuration:** -- `options` - Array of string labels or option objects -- `multiple` - Allow multiple selections (stores as array) -- `color` - Color for badges and charts - ---- - -## Relational Fields - -### Lookup -Reference to another object (many-to-one). - -```typescript -// Basic lookup -account: Field.lookup('account', { - label: 'Account', - required: true, -}) - -// Filtered lookup -contact: Field.lookup('contact', { - label: 'Contact', - referenceFilters: ['account_id = $parent.account_id'], // Filter by parent -}) - -// Multiple lookup -related_cases: Field.lookup('case', { - label: 'Related Cases', - multiple: true, // Many-to-many -}) -``` - -**Configuration:** -- `reference` - Target object name (snake_case) -- `referenceFilters` - Filter criteria for lookup dialog -- `deleteBehavior` - `'set_null'`, `'cascade'`, or `'restrict'` -- `multiple` - Allow multiple references - ---- - -### Master-Detail -Parent-child relationship with cascade delete. - -```typescript -account: Field.masterDetail('account', { - label: 'Account', - required: true, - deleteBehavior: 'cascade', // Delete children when parent deleted - writeRequiresMasterRead: true, // Security enforcement -}) -``` - -> ℹ️ **Info:** - **Master-Detail vs Lookup:** - - **Master-Detail:** Tight coupling, cascade deletes, child inherits security - - **Lookup:** Loose coupling, set null on delete, independent security - - ---- - -## Media Fields - -### Image -Image upload with preview. - -```typescript -product_image: Field.image({ - label: 'Product Image', - multiple: false, - maxFileSize: 5 * 1024 * 1024, // 5MB - acceptedFormats: ['image/jpeg', 'image/png', 'image/webp'], -}) - -// Multiple images -gallery: Field.image({ - label: 'Gallery', - multiple: true, - maxFiles: 10, -}) -``` - ---- - -### File -File upload field for any file type. - -```typescript -attachment: Field.file({ - label: 'Attachment', - maxFileSize: 25 * 1024 * 1024, // 25MB - acceptedFormats: ['application/pdf', 'application/msword'], -}) -``` - ---- - -### Avatar -Profile picture/avatar upload. - -```typescript -profile_picture: Field.avatar({ - label: 'Profile Picture', - maxFileSize: 2 * 1024 * 1024, // 2MB - cropAspectRatio: 1, // Square crop -}) -``` - ---- - -## Calculated Fields - -### Formula -Calculated field based on expression. - -```typescript -full_name: Field.formula({ - label: 'Full Name', - expression: 'CONCAT(first_name, " ", last_name)', - readonly: true, -}) - -full_address: Field.formula({ - label: 'Full Address', - expression: 'CONCAT(street, ", ", city, ", ", state, " ", postal_code)', -}) - -days_open: Field.formula({ - label: 'Days Open', - expression: 'DAYS_BETWEEN(created_at, NOW())', - type: 'number', -}) -``` - -> ℹ️ **Info:** - Formula fields are automatically calculated and readonly. See [Formula Functions](/docs/references/data/formulas) for available functions. - - ---- - -### Summary (Rollup) -Aggregate data from related records. - -```typescript -total_opportunities: Field.summary({ - label: 'Total Opportunities', - summaryOperations: { - object: 'opportunity', - field: 'amount', - function: 'sum', - }, -}) - -open_cases_count: Field.summary({ - label: 'Open Cases', - summaryOperations: { - object: 'case', - field: 'id', - function: 'count', - }, -}) -``` - -**Available Functions:** -- `count` - Count related records -- `sum` - Sum numeric field -- `avg` - Average numeric field -- `min` - Minimum value -- `max` - Maximum value - ---- - -### Autonumber -Auto-incrementing unique identifier. - -```typescript -account_number: Field.autonumber({ - label: 'Account Number', - format: 'ACC-{0000}', // ACC-0001, ACC-0002, etc. -}) - -case_id: Field.autonumber({ - label: 'Case ID', - format: 'CASE-{YYYY}-{00000}', // CASE-2024-00001 -}) -``` - -**Format Tokens:** -- `{0000}` - Zero-padded number -- `{YYYY}` - Year -- `{MM}` - Month -- `{DD}` - Day - ---- - -## Enhanced Field Types - -### Location -GPS coordinates with map display. - -```typescript -coordinates: Field.location({ - label: 'Location', - displayMap: true, - allowGeocoding: true, // Convert address to coordinates -}) -``` - -> **Note:** `geolocation` is an alternative name for the `location` field type. Both refer to the same GPS coordinate field. - -**Data Structure:** -```typescript -{ - latitude: 37.7749, - longitude: -122.4194, - altitude: 100, // Optional - accuracy: 10, // Optional (meters) -} -``` - ---- - -### Address -Structured address field. - -```typescript -billing_address: Field.address({ - label: 'Billing Address', - addressFormat: 'us', // 'us', 'uk', or 'international' -}) -``` - -**Data Structure:** -```typescript -{ - street: '123 Main St', - city: 'San Francisco', - state: 'CA', - postalCode: '94105', - country: 'United States', - countryCode: 'US', - formatted: '123 Main St, San Francisco, CA 94105', -} -``` - ---- - -### Code -Code editor with syntax highlighting. - -```typescript -code_snippet: Field.code('javascript', { - label: 'Code Snippet', - lineNumbers: true, - theme: 'monokai', -}) - -sql_query: Field.code('sql', { - label: 'SQL Query', - readonly: false, -}) -``` - -**Supported Languages:** -- `javascript`, `typescript`, `python`, `java`, `sql`, `html`, `css`, `json`, `yaml`, `markdown`, and more - ---- - -### Color -Color picker with multiple formats. - -```typescript -category_color: Field.color({ - label: 'Category Color', - colorFormat: 'hex', // 'hex', 'rgb', 'rgba', 'hsl' - presetColors: ['#FF0000', '#00FF00', '#0000FF', '#FFFF00'], - allowAlpha: false, -}) - -theme_color: Field.color({ - label: 'Theme Color', - colorFormat: 'rgba', - allowAlpha: true, // Support transparency -}) -``` - ---- - -### Rating -Star rating field. - -```typescript -priority: Field.rating(3, { - label: 'Priority', - description: '1-3 stars', -}) - -satisfaction: Field.rating(5, { - label: 'Customer Satisfaction', - allowHalf: true, // Allow 0.5 increments -}) -``` - -**Configuration:** -- First parameter: `maxRating` (default: 5) -- `allowHalf` - Allow half-star ratings (e.g., 3.5) - ---- - -### Signature -Digital signature capture. - -```typescript -customer_signature: Field.signature({ - label: 'Customer Signature', - required: true, - readonly: false, -}) -``` - -**Stored as:** Base64-encoded image data - ---- - -### Slider -Numeric slider for visual value selection. - -```typescript -volume: Field.slider({ - label: 'Volume Level', - min: 0, - max: 100, - step: 1, - defaultValue: 50, -}) - -price_range: Field.slider({ - label: 'Price Range', - min: 0, - max: 10000, - step: 100, - marks: { 0: '$0', 5000: '$5K', 10000: '$10K' }, -}) -``` - -**Configuration:** -- `min` - Minimum value -- `max` - Maximum value -- `step` - Increment step size -- `marks` - Optional labeled markers on the slider - ---- - -### QR Code -QR code / Barcode field for scanning and generation. - -```typescript -product_barcode: Field.qrcode({ - label: 'Product Barcode', - format: 'qr', // 'qr', 'barcode', 'ean13', 'code128' - readonly: false, -}) - -ticket_code: Field.qrcode({ - label: 'Event Ticket', - format: 'qr', - autoGenerate: true, // Generate on record creation -}) -``` - -**Supported Formats:** -- `qr` - QR Code (2D matrix barcode, best for URLs, text, and complex data) -- `barcode` - Standard 1D barcode (linear format for simple numeric/text data) -- `ean13` - EAN-13 barcode (13-digit product identifier, commonly used in retail) -- `code128` - Code 128 barcode (high-density 1D format supporting full ASCII character set) - -**Use Cases:** -- Product SKUs and inventory management (ean13, code128) -- Event tickets and access control (qr) -- Document tracking and verification (qr) -- Shipping labels and logistics (code128) - ---- - -## Field Configuration Reference - -### Common Properties - -All fields support these common properties: - -```typescript -{ - // Identity - name: 'field_name', // snake_case machine name - label: 'Field Label', // Human-readable label - description: 'Help text', // Tooltip/help text - - // Constraints - required: false, // Is mandatory - unique: false, // Enforce uniqueness - defaultValue: null, // Default value - - // UI Behavior - hidden: false, // Hide from default UI - readonly: false, // Read-only in UI - searchable: false, // Enable search indexing - - // Database - index: false, // Create database index - externalId: false, // Use for upsert operations - encryption: false, // Encrypt at rest -} -``` - ---- - -## Best Practices - -### Naming Conventions - -```typescript -// ✅ GOOD: snake_case for field names -account_name: Field.text({ label: 'Account Name' }) -annual_revenue: Field.currency({ label: 'Annual Revenue' }) - -// ❌ BAD: camelCase or PascalCase -accountName: Field.text({ label: 'Account Name' }) -AnnualRevenue: Field.currency({ label: 'Annual Revenue' }) -``` - -### Required Fields - -```typescript -// ✅ GOOD: Require essential fields -name: Field.text({ - label: 'Name', - required: true, - maxLength: 255, -}) - -// ✅ GOOD: Optional fields for flexibility -middle_name: Field.text({ - label: 'Middle Name', - required: false, -}) -``` - -### Searchable Fields - -```typescript -// ✅ GOOD: Make key fields searchable -account_name: Field.text({ - searchable: true, - label: 'Account Name', -}) - -// ❌ BAD: Don't index large text fields -description: Field.textarea({ - searchable: true, // Can impact performance -}) -``` - -### Default Values - -```typescript -// ✅ GOOD: Use meaningful defaults -status: Field.select({ - options: [ - { label: 'Open', value: 'open', default: true }, - { label: 'Closed', value: 'closed' }, - ], -}) - -created_at: Field.datetime({ - defaultValue: 'now', - readonly: true, -}) -``` - ---- - -## Examples from CRM - -See the **[CRM Example](https://github.com/objectstack-ai/spec/tree/main/examples/crm)** for real-world usage of all field types: - -- **Account:** Autonumber, formula, currency, select with colors -- **Contact:** Master-detail, formula (full_name), avatar, email, phone -- **Opportunity:** Workflow automation, state machine, percent, datetime -- **Case:** Rating (satisfaction), SLA tracking, formula calculations -- **Task:** Code, color, rating, location, signature - ---- - -## Next Steps - -- [Object Schema Guide](/docs/guides/object-schema) -- [Validation Rules](/docs/guides/validation-rules) -- [Workflow Automation](/docs/guides/workflows) -- [Field API Reference](/docs/references/data/core/Field) diff --git a/content/docs/guides/getting-started.cn.mdx b/content/docs/guides/getting-started.cn.mdx deleted file mode 100644 index 26771d352..000000000 --- a/content/docs/guides/getting-started.cn.mdx +++ /dev/null @@ -1,289 +0,0 @@ ---- -title: 快速开始 -description: 5 分钟内构建你的第一个 ObjectStack 应用程序 ---- - -ObjectStack 是协议优先的平台。`@objectstack/spec` 包提供了 Zod 模式和严格的 TypeScript 类型来构建有效的元数据定义。 - - - - -## 初始化项目 - -你可以从头开始或将 ObjectStack 添加到现有的 TypeScript 项目中。 - -```bash -mkdir my-app -cd my-app -npm init -y -npm install typescript zod @objectstack/spec -npx tsc --init -``` - - - -## 定义第一个对象 - -创建文件 `src/domains/crm/contact.object.ts`。 -这就是 **Zod 优先定义** 的强大之处。你可以获得开箱即用的自动完成和验证。 - -```typescript -import { ObjectSchema, Field } from '@objectstack/spec'; - -export const Contact = ObjectSchema.create({ - name: 'contact', - label: '联系人', - pluralLabel: '联系人', - icon: 'user', - description: '与账户关联的人员', - nameField: 'full_name', - - fields: { - // 基本信息 - first_name: Field.text({ - label: '名', - required: true, - maxLength: 100, - }), - - last_name: Field.text({ - label: '姓', - required: true, - maxLength: 100, - }), - - // 公式字段 - 自动计算 - full_name: Field.formula({ - label: '全名', - expression: 'CONCAT(first_name, " ", last_name)', - }), - - // 联系信息 - email: Field.email({ - label: '电子邮件', - unique: true, - }), - - phone: Field.phone({ - label: '电话', - }), - - // 带预定义选项的选择字段 - type: Field.select({ - label: '联系人类型', - options: [ - { label: '客户', value: 'customer', default: true }, - { label: '合作伙伴', value: 'partner' }, - { label: '供应商', value: 'vendor' }, - ], - }), - - // 与账户的关系 - account: Field.masterDetail('account', { - label: '账户', - required: true, - deleteBehavior: 'cascade', - }), - }, - - enable: { - apiEnabled: true, - trackHistory: true, - } -}); -``` - - - -## 添加账户对象 - -创建 `src/domains/crm/account.object.ts` 作为父对象: - -```typescript -import { ObjectSchema, Field } from '@objectstack/spec'; - -export const Account = ObjectSchema.create({ - name: 'account', - label: '账户', - pluralLabel: '账户', - icon: 'building', - nameField: 'name', - - fields: { - // 自动编号字段 - account_number: Field.autonumber({ - label: '账户编号', - format: 'ACC-{0000}', - }), - - name: Field.text({ - label: '账户名称', - required: true, - searchable: true, - maxLength: 255, - }), - - // 货币字段 - annual_revenue: Field.currency({ - label: '年收入', - min: 0, - }), - - // 带自定义颜色的选择字段(用于看板) - type: Field.select({ - label: '账户类型', - options: [ - { label: '潜在客户', value: 'prospect', color: '#FFA500', default: true }, - { label: '客户', value: 'customer', color: '#00AA00' }, - { label: '合作伙伴', value: 'partner', color: '#0000FF' }, - ], - }), - }, - - enable: { - apiEnabled: true, - trackHistory: true, - } -}); -``` - - - -## 创建应用程序清单 - -创建 `objectstack.config.ts` 将对象打包到应用中: - -```typescript -import { defineManifest } from '@objectstack/spec'; -import { Account } from './src/domains/crm/account.object'; -import { Contact } from './src/domains/crm/contact.object'; - -export default defineManifest({ - name: 'my_crm', - label: '我的 CRM', - version: '1.0.0', - description: '简单的 CRM 应用程序', - - objects: [Account, Contact], - - navigation: { - tabs: [ - { - label: '销售', - items: [ - { type: 'object', object: 'account' }, - { type: 'object', object: 'contact' }, - ], - }, - ], - }, -}); -``` - - - -## 验证协议 - -创建构建脚本 `src/build.ts` 来验证你的定义: - -```typescript -import config from '../objectstack.config'; - -// 如果模式无效,这将抛出 ZodError -console.log(`✅ 应用 '${config.label}' 有效!`); -console.log(`📦 对象: ${config.objects.map(o => o.name).join(', ')}`); - -// 导出为 JSON 供运行时使用 -import fs from 'fs'; -fs.writeFileSync( - 'dist/manifest.json', - JSON.stringify(config, null, 2) -); -``` - -运行它: - -```bash -npx tsx src/build.ts -``` - - - -## 探索高级功能 - -现在你有了一个可工作的应用,探索高级功能: - -### 1. 添加验证规则 - -```typescript -validations: [ - { - name: 'unique_email', - type: 'unique', - fields: ['email'], - message: '电子邮件已存在', - }, - { - name: 'positive_revenue', - type: 'script', - expression: 'annual_revenue >= 0', - message: '收入必须为正数', - }, -] -``` - -### 2. 添加工作流规则 - -```typescript -workflows: [ - { - name: 'update_last_activity', - trigger: 'on_update', - actions: [ - { - type: 'field_update', - field: 'last_activity_date', - value: 'TODAY()', - }, - ], - }, -] -``` - -### 3. 配置视图 - -```typescript -views: { - list: { - type: 'grid', - columns: ['account_number', 'name', 'type', 'annual_revenue'], - filters: [ - { field: 'type', operator: '=', value: 'customer' } - ], - }, - kanban: { - type: 'kanban', - groupBy: 'type', - columns: ['name', 'annual_revenue'], - }, -} -``` - - - -## 下一步 - -现在你有了有效的元数据,你可以: - -1. **探索示例**:查看 [CRM 示例](https://github.com/objectstack-ai/spec/tree/main/examples/crm) 了解完整功能实现 -2. **学习字段类型**:参见 [字段类型指南](/docs/guides/field-types) 了解所有 35 种字段类型 -3. **构建 UI**:使用 ObjectStack 运行时的元数据来生成界面 -4. **部署**:推送到 ObjectStack 内核用于生产环境 - -**其他资源:** -- [对象模式参考](/docs/references/data/core/Object) -- [验证规则](/docs/guides/validation-rules) -- [工作流自动化](/docs/guides/workflows) - - - diff --git a/content/docs/guides/getting-started.mdx b/content/docs/guides/getting-started.mdx deleted file mode 100644 index 92cadb420..000000000 --- a/content/docs/guides/getting-started.mdx +++ /dev/null @@ -1,289 +0,0 @@ ---- -title: Getting Started -description: Build your first ObjectStack application in 5 minutes. ---- - -ObjectStack is a protocol-first platform. The `@objectstack/spec` package provides Zod schemas and strict TypeScript types to build valid metadata definitions. - - - - -## Initialize your project - -You can start from scratch or add ObjectStack to an existing TypeScript project. - -```bash -mkdir my-app -cd my-app -npm init -y -npm install typescript zod @objectstack/spec -npx tsc --init -``` - - - -## Define your first Object - -Create a file named `src/domains/crm/contact.object.ts`. -This is where the power of **Zod-First Definition** comes in. You get autocomplete and validation out of the box. - -```typescript -import { ObjectSchema, Field } from '@objectstack/spec'; - -export const Contact = ObjectSchema.create({ - name: 'contact', - label: 'Contact', - pluralLabel: 'Contacts', - icon: 'user', - description: 'People associated with accounts', - nameField: 'full_name', - - fields: { - // Basic Information - first_name: Field.text({ - label: 'First Name', - required: true, - maxLength: 100, - }), - - last_name: Field.text({ - label: 'Last Name', - required: true, - maxLength: 100, - }), - - // Formula field - automatically calculated - full_name: Field.formula({ - label: 'Full Name', - expression: 'CONCAT(first_name, " ", last_name)', - }), - - // Contact Information - email: Field.email({ - label: 'Email', - unique: true, - }), - - phone: Field.phone({ - label: 'Phone', - }), - - // Selection with predefined options - type: Field.select({ - label: 'Contact Type', - options: [ - { label: 'Customer', value: 'customer', default: true }, - { label: 'Partner', value: 'partner' }, - { label: 'Vendor', value: 'vendor' }, - ], - }), - - // Relationship to Account - account: Field.masterDetail('account', { - label: 'Account', - required: true, - deleteBehavior: 'cascade', - }), - }, - - enable: { - apiEnabled: true, - trackHistory: true, - } -}); -``` - - - -## Add an Account Object - -Create `src/domains/crm/account.object.ts` for the parent object: - -```typescript -import { ObjectSchema, Field } from '@objectstack/spec'; - -export const Account = ObjectSchema.create({ - name: 'account', - label: 'Account', - pluralLabel: 'Accounts', - icon: 'building', - nameField: 'name', - - fields: { - // Autonumber field - account_number: Field.autonumber({ - label: 'Account Number', - format: 'ACC-{0000}', - }), - - name: Field.text({ - label: 'Account Name', - required: true, - searchable: true, - maxLength: 255, - }), - - // Currency field - annual_revenue: Field.currency({ - label: 'Annual Revenue', - min: 0, - }), - - // Select with custom colors (for kanban boards) - type: Field.select({ - label: 'Account Type', - options: [ - { label: 'Prospect', value: 'prospect', color: '#FFA500', default: true }, - { label: 'Customer', value: 'customer', color: '#00AA00' }, - { label: 'Partner', value: 'partner', color: '#0000FF' }, - ], - }), - }, - - enable: { - apiEnabled: true, - trackHistory: true, - } -}); -``` - - - -## Create Application Manifest - -Create `objectstack.config.ts` to bundle your objects into an app: - -```typescript -import { defineManifest } from '@objectstack/spec'; -import { Account } from './src/domains/crm/account.object'; -import { Contact } from './src/domains/crm/contact.object'; - -export default defineManifest({ - name: 'my_crm', - label: 'My CRM', - version: '1.0.0', - description: 'Simple CRM application', - - objects: [Account, Contact], - - navigation: { - tabs: [ - { - label: 'Sales', - items: [ - { type: 'object', object: 'account' }, - { type: 'object', object: 'contact' }, - ], - }, - ], - }, -}); -``` - - - -## Validate the Protocol - -Create a build script `src/build.ts` to verify your definitions: - -```typescript -import config from '../objectstack.config'; - -// This will throw a ZodError if your schema is invalid -console.log(`✅ App '${config.label}' is valid!`); -console.log(`📦 Objects: ${config.objects.map(o => o.name).join(', ')}`); - -// Export as JSON for runtime use -import fs from 'fs'; -fs.writeFileSync( - 'dist/manifest.json', - JSON.stringify(config, null, 2) -); -``` - -Run it: - -```bash -npx tsx src/build.ts -``` - - - -## Explore Advanced Features - -Now that you have a working app, explore advanced features: - -### 1. Add Validation Rules - -```typescript -validations: [ - { - name: 'unique_email', - type: 'unique', - fields: ['email'], - message: 'Email already exists', - }, - { - name: 'positive_revenue', - type: 'script', - expression: 'annual_revenue >= 0', - message: 'Revenue must be positive', - }, -] -``` - -### 2. Add Workflow Rules - -```typescript -workflows: [ - { - name: 'update_last_activity', - trigger: 'on_update', - actions: [ - { - type: 'field_update', - field: 'last_activity_date', - value: 'TODAY()', - }, - ], - }, -] -``` - -### 3. Configure Views - -```typescript -views: { - list: { - type: 'grid', - columns: ['account_number', 'name', 'type', 'annual_revenue'], - filters: [ - { field: 'type', operator: '=', value: 'customer' } - ], - }, - kanban: { - type: 'kanban', - groupBy: 'type', - columns: ['name', 'annual_revenue'], - }, -} -``` - - - -## Next Steps - -Now that you have valid metadata, you can: - -1. **Explore Examples**: Check out the [CRM Example](https://github.com/objectstack-ai/spec/tree/main/examples/crm) for a full-featured implementation -2. **Learn Field Types**: See the [Field Types Guide](/docs/guides/field-types) for all 35 field types -3. **Build UI**: Use the metadata with ObjectStack runtime to generate interfaces -4. **Deploy**: Push to an ObjectStack kernel for production use - -**Additional Resources:** -- [Object Schema Reference](/docs/references/data/core/Object) -- [Validation Rules](/docs/guides/validation-rules) -- [Workflow Automation](/docs/guides/workflows) - - - diff --git a/content/docs/guides/installation.cn.mdx b/content/docs/guides/installation.cn.mdx deleted file mode 100644 index 3ba52a7b8..000000000 --- a/content/docs/guides/installation.cn.mdx +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: 安装 -description: 安装 ObjectStack SDK 和 CLI ---- - -## 系统要求 - -* Node.js 18+ -* TypeScript 5+ - -## 包安装 - -`@objectstack/spec` 包包含核心 Zod 定义和类型接口。 - -### npm - -```bash -npm install @objectstack/spec -``` - -### pnpm - -```bash -pnpm add @objectstack/spec -``` - -### yarn - -```bash -yarn add @objectstack/spec -``` - -## CLI 安装(可选) - -CLI 工具帮助构建新对象并验证现有元数据。 - -```bash -npm install -g @objectstack/cli -``` - -## 版本控制 - -协议遵循语义化版本控制。 -* **主版本 (1.x)**:协议的破坏性更改(JSON 结构)。 -* **次版本 (1.1.x)**:新的字段类型或配置选项。 -* **补丁版本 (1.1.1)**:Zod 验证或类型推断中的错误修复。 diff --git a/content/docs/guides/installation.mdx b/content/docs/guides/installation.mdx deleted file mode 100644 index 9186a370b..000000000 --- a/content/docs/guides/installation.mdx +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: Installation -description: Installing the ObjectStack SDK and CLI. ---- - -## Requirements - -* Node.js 18+ -* TypeScript 5+ - -## Package Installation - -The `@objectstack/spec` package contains the core Zod Definitions and Type Interfaces. - -### npm - -```bash -npm install @objectstack/spec -``` - -### pnpm - -```bash -pnpm add @objectstack/spec -``` - -### yarn - -```bash -yarn add @objectstack/spec -``` - -## CLI Installation (Optional) - -The CLI tool helps scaffold new objects and validate existing metadata. - -```bash -npm install -g @objectstack/cli -``` - -## Versioning - -The Protocol follows Semantic Versioning. -* **Major (1.x)**: Breaking changes to the Protocol (JSON Structure). -* **Minor (1.1.x)**: New Field Types or Configuration Options. -* **Patch (1.1.1)**: Bug fixes in Zod validation or Type inference. diff --git a/content/docs/guides/meta.cn.json b/content/docs/guides/meta.cn.json deleted file mode 100644 index 2c44b3f41..000000000 --- a/content/docs/guides/meta.cn.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "title": "开发者指南", - "root": true, - "pages": [ - "getting-started", - "installation", - "project-structure", - "field-types", - "view-configuration", - "workflows-validation", - "custom-driver", - "advanced", - "migration" - ] -} \ No newline at end of file diff --git a/content/docs/guides/meta.json b/content/docs/guides/meta.json deleted file mode 100644 index c6e96d3e8..000000000 --- a/content/docs/guides/meta.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "title": "Developer Guides", - "root": true, - "pages": [ - "getting-started", - "installation", - "project-structure", - "field-types", - "view-configuration", - "workflows-validation", - "custom-driver", - "advanced", - "migration" - ] -} \ No newline at end of file diff --git a/content/docs/guides/migration/index.mdx b/content/docs/guides/migration/index.mdx deleted file mode 100644 index 3b0ec014e..000000000 --- a/content/docs/guides/migration/index.mdx +++ /dev/null @@ -1,26 +0,0 @@ ---- -title: Migration Guides -description: Guides for migrating between versions ---- - -# Migration Guides - -This section contains guides for migrating your applications between different versions of the ObjectStack Protocol. - -## Available Guides - -### [Version 0.x to 1.x Migration](/docs/guides/migration/v0-to-v1) -Complete guide for migrating from version 0.x to 1.x, including: -- Breaking changes -- New features -- Migration steps -- Code examples - -## Migration Best Practices - -1. **Read the Full Guide**: Understand all changes before starting -2. **Backup Your Data**: Always create backups before migration -3. **Test in Development**: Test the migration in a development environment first -4. **Update Dependencies**: Ensure all dependencies are compatible -5. **Review Breaking Changes**: Pay special attention to breaking changes -6. **Run Tests**: Verify all tests pass after migration diff --git a/content/docs/guides/migration/meta.json b/content/docs/guides/migration/meta.json deleted file mode 100644 index 71ec673bc..000000000 --- a/content/docs/guides/migration/meta.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "title": "Migration Guides", - "pages": [ - "index", - "v0-to-v1" - ] -} diff --git a/content/docs/guides/migration/v0-to-v1.mdx b/content/docs/guides/migration/v0-to-v1.mdx deleted file mode 100644 index d5c35b8d2..000000000 --- a/content/docs/guides/migration/v0-to-v1.mdx +++ /dev/null @@ -1,154 +0,0 @@ ---- -title: Version 0.1.x to 1.0.0 Migration -description: Guide for migrating from version 0.1.x to 1.0.0 ---- - -# Migration Guide: v0.1.x to v1.0.0 - -> Guide for migrating from version 0.1.x to 1.0.0 - -## Overview - -This guide helps you migrate your ObjectStack Protocol implementation from version 0.1.x to 1.0.0. - -## Breaking Changes - -### 1. Naming Convention Changes - -**Configuration keys now use camelCase:** - -```typescript -// Before (0.1.x) -const field = { - max_length: 100, - is_required: true, - default_value: '', -}; - -// After (1.0.0) -const field = { - maxLength: 100, - isRequired: true, - defaultValue: '', -}; -``` - -**Machine names still use snake_case:** - -```typescript -// Correct in both versions -const object = { - name: 'customer_account', // snake_case for machine names - fields: { - first_name: { // snake_case for field names - maxLength: 100, // camelCase for config - } - } -}; -``` - -### 2. Schema Changes - -**Field type changes:** - -```typescript -// Before (0.1.x) -type: 'string' - -// After (1.0.0) -type: 'text' -``` - -### 3. API Response Structure - -**New envelope format:** - -```typescript -// Before (0.1.x) -{ - data: { /* response */ }, - error: null -} - -// After (1.0.0) -{ - success: true, - data: { /* response */ }, - metadata: { - timestamp: "2026-01-22T10:00:00Z", - requestId: "req_123" - } -} -``` - -## Migration Steps - -### Step 1: Update Dependencies - -```bash -# Update package.json -pnpm update @objectstack/spec@^1.0.0 - -# Install dependencies -pnpm install -``` - -### Step 2: Update Schema Definitions - -Run the migration script: - -```bash -pnpm migrate:schemas -``` - -Or manually update: - -```typescript -// Update all configuration keys to camelCase -// Keep machine names in snake_case -``` - -### Step 3: Update API Calls - -```typescript -// Update response handling -const response = await api.createRecord({ - object: 'customer_account', - data: { /* ... */ } -}); - -// Before -if (!response.error) { /* ... */ } - -// After -if (response.success) { /* ... */ } -``` - -### Step 4: Test Your Application - -```bash -# Run tests -pnpm test - -# Build -pnpm build -``` - -## Deprecation Warnings - -The following features are deprecated and will be removed in v2.0.0: - -- `old_api_format` - Use new envelope format -- `snake_case_configs` - Use camelCase for configuration - -## Getting Help - -If you encounter issues: - -1. Check the [CHANGELOG.md](/docs/CHANGELOG.md) -2. Review [CONTRIBUTING.md](/docs/CONTRIBUTING.md) -3. Open an issue on GitHub - ---- - -**Last Updated**: 2026-01-22 diff --git a/content/docs/guides/project-structure.cn.mdx b/content/docs/guides/project-structure.cn.mdx deleted file mode 100644 index 23097f2b8..000000000 --- a/content/docs/guides/project-structure.cn.mdx +++ /dev/null @@ -1,45 +0,0 @@ ---- -title: 项目结构 -description: ObjectStack 项目的推荐目录布局 ---- - -为了保持元数据的组织性,我们推荐以下文件夹结构("领域模式")。 - - - - - - - - - - - - - - - - - - - - - - - - - - - - -## 核心概念 - -### 领域 - -按业务领域(CRM、财务、人力资源)而不是技术类型组织你的对象。这与**领域驱动设计(DDD)**原则保持一致。 - -### 命名约定 - -* **文件**:`kebab-case.suffix.ts`(例如,`project-task.object.ts`、`main-dashboard.view.ts`) -* **变量**:`PascalCase`(例如,`ProjectTask`、`MainDashboard`) -* **机器名称**:定义内使用 `snake_case`(例如,`name: 'project_task'`) diff --git a/content/docs/guides/project-structure.mdx b/content/docs/guides/project-structure.mdx deleted file mode 100644 index b37b5887c..000000000 --- a/content/docs/guides/project-structure.mdx +++ /dev/null @@ -1,44 +0,0 @@ ---- -title: Project Structure -description: Recommended directory layout for ObjectStack projects. ---- - -To keep your metadata organized, we recommend the following folder structure ("The Domain Pattern"). - - - - - - - - - - - - - - - - - - - - - - - - - - - - -## Key Concepts - -### Domains -Organize your Objects by Business Domain (CRM, Finance, HR) rather than by technical type. This aligns with **Domain-Driven Design (DDD)** principles. - -### Naming Conventions - -* **Files**: `kebab-case.suffix.ts` (e.g., `project-task.object.ts`, `main-dashboard.view.ts`) -* **Variables**: `PascalCase` (e.g., `ProjectTask`, `MainDashboard`) -* **Machine Names**: `snake_case` inside the definition (e.g., `name: 'project_task'`) diff --git a/content/docs/guides/view-configuration.mdx b/content/docs/guides/view-configuration.mdx deleted file mode 100644 index 31c0f5139..000000000 --- a/content/docs/guides/view-configuration.mdx +++ /dev/null @@ -1,806 +0,0 @@ ---- -title: View Configuration -description: Complete guide to configuring Grid, Kanban, Calendar, Gantt views and forms in ObjectStack ---- - - -# View Configuration Guide - -ObjectStack provides **5 list view types** and **3 form layouts** to visualize and interact with data. This guide covers all configuration options with practical examples. - -## List View Types - -1. **Grid** - Traditional table/spreadsheet view -2. **Kanban** - Card-based workflow board -3. **Calendar** - Date-based visualization -4. **Gantt** - Timeline/project management view -5. **Map** - Geographic location view - ---- - -## 1. Grid View - -Traditional table view with rows and columns. - -### Basic Configuration - -```typescript -import { ObjectSchema, Field } from '@objectstack/spec'; - -export const Account = ObjectSchema.create({ - name: 'account', - label: 'Account', - - fields: { - account_number: Field.autonumber({ label: 'Account Number', format: 'ACC-{0000}' }), - name: Field.text({ label: 'Account Name' }), - type: Field.select({ - label: 'Type', - options: [ - { label: 'Customer', value: 'customer' }, - { label: 'Partner', value: 'partner' }, - ], - }), - annual_revenue: Field.currency({ label: 'Annual Revenue' }), - industry: Field.select({ label: 'Industry', options: ['Tech', 'Finance', 'Healthcare'] }), - created_at: Field.datetime({ label: 'Created' }), - }, - - views: { - list: { - type: 'grid', - columns: ['account_number', 'name', 'type', 'annual_revenue', 'industry'], - sort: [ - { field: 'created_at', order: 'desc' } - ], - }, - }, -}); -``` - -### Advanced Grid Configuration - -```typescript -views: { - // Default grid view - list: { - type: 'grid', - columns: ['name', 'type', 'annual_revenue', 'owner'], - - // Filter configuration - filter: [ - { field: 'type', operator: '=', value: 'customer' }, - { field: 'annual_revenue', operator: '>', value: 100000 }, - ], - - // Sorting - sort: [ - { field: 'annual_revenue', order: 'desc' }, - { field: 'name', order: 'asc' }, - ], - - // Search configuration - searchableFields: ['name', 'account_number'], - }, - - // Additional named views - listViews: { - // High-value customers - high_value: { - name: 'high_value', - label: 'High Value Customers', - type: 'grid', - columns: ['name', 'annual_revenue', 'owner', 'last_activity'], - filter: [ - { field: 'type', operator: '=', value: 'customer' }, - { field: 'annual_revenue', operator: '>=', value: 500000 }, - ], - sort: [{ field: 'annual_revenue', order: 'desc' }], - }, - - // Recently created - recent: { - name: 'recent', - label: 'Recently Created', - type: 'grid', - columns: ['name', 'type', 'created_at', 'owner'], - sort: [{ field: 'created_at', order: 'desc' }], - }, - }, -} -``` - -### Filter Operators - -Available filter operators: - -```typescript -// Comparison -{ field: 'amount', operator: '=', value: 1000 } -{ field: 'amount', operator: '!=', value: 0 } -{ field: 'amount', operator: '>', value: 5000 } -{ field: 'amount', operator: '>=', value: 1000 } -{ field: 'amount', operator: '<', value: 10000 } -{ field: 'amount', operator: '<=', value: 50000 } - -// String -{ field: 'name', operator: 'contains', value: 'tech' } -{ field: 'name', operator: 'startsWith', value: 'A' } -{ field: 'name', operator: 'endsWith', value: 'Inc' } - -// NULL checks -{ field: 'description', operator: 'isNull' } -{ field: 'description', operator: 'isNotNull' } - -// Multi-value -{ field: 'type', operator: 'in', value: ['customer', 'partner'] } -{ field: 'type', operator: 'notIn', value: ['former'] } -``` - ---- - -## 2. Kanban View - -Card-based workflow board grouped by a select field. - -### Basic Configuration - -```typescript -export const Opportunity = ObjectSchema.create({ - name: 'opportunity', - label: 'Opportunity', - - fields: { - name: Field.text({ label: 'Opportunity Name' }), - stage: Field.select({ - label: 'Stage', - options: [ - { label: 'Prospecting', value: 'prospecting', color: '#FFA500' }, - { label: 'Qualification', value: 'qualification', color: '#FFD700' }, - { label: 'Proposal', value: 'proposal', color: '#4169E1' }, - { label: 'Negotiation', value: 'negotiation', color: '#9370DB' }, - { label: 'Closed Won', value: 'closed_won', color: '#00AA00' }, - { label: 'Closed Lost', value: 'closed_lost', color: '#DC143C' }, - ], - }), - amount: Field.currency({ label: 'Amount' }), - account: Field.lookup('account', { label: 'Account' }), - close_date: Field.date({ label: 'Close Date' }), - }, - - views: { - list: { - type: 'kanban', - columns: ['name', 'account', 'amount', 'close_date'], // Fields shown on cards - - kanban: { - groupByField: 'stage', // Creates columns for each stage - summarizeField: 'amount', // Sum amounts at top of each column - }, - }, - }, -}); -``` - -### Advanced Kanban - -```typescript -views: { - listViews: { - sales_pipeline: { - name: 'sales_pipeline', - label: 'Sales Pipeline', - type: 'kanban', - - // Card fields - columns: ['name', 'account', 'amount', 'probability', 'owner'], - - // Kanban configuration - kanban: { - groupByField: 'stage', - summarizeField: 'amount', // Show total $ per column - }, - - // Filter to active opportunities only - filter: [ - { field: 'is_active', operator: '=', value: true }, - ], - - // Sort cards within columns - sort: [ - { field: 'amount', order: 'desc' }, - ], - }, - }, -} -``` - -### Kanban Features - -- **Drag & Drop**: Users can drag cards between columns (updates `groupByField`) -- **Column Headers**: Show count and sum (if `summarizeField` defined) -- **Colors**: Use option colors from select field for column headers -- **Filters**: Apply filters to show subset of records - ---- - -## 3. Calendar View - -Date-based visualization for events, tasks, and deadlines. - -### Basic Configuration - -```typescript -export const Event = ObjectSchema.create({ - name: 'event', - label: 'Event', - - fields: { - title: Field.text({ label: 'Event Title' }), - start_date: Field.datetime({ label: 'Start Date' }), - end_date: Field.datetime({ label: 'End Date' }), - event_type: Field.select({ - label: 'Type', - options: [ - { label: 'Meeting', value: 'meeting', color: '#4169E1' }, - { label: 'Webinar', value: 'webinar', color: '#00AA00' }, - { label: 'Conference', value: 'conference', color: '#FFA500' }, - ], - }), - location: Field.text({ label: 'Location' }), - }, - - views: { - list: { - type: 'calendar', - columns: ['title', 'location'], // Extra fields shown in tooltip - - calendar: { - startDateField: 'start_date', // Required - endDateField: 'end_date', // Optional (single-day events if omitted) - titleField: 'title', // Event label - colorField: 'event_type', // Color events by type - }, - }, - }, -}); -``` - -### Single-Day Events - -For tasks or activities without end dates: - -```typescript -export const Task = ObjectSchema.create({ - name: 'task', - label: 'Task', - - fields: { - subject: Field.text({ label: 'Subject' }), - due_date: Field.date({ label: 'Due Date' }), - priority: Field.select({ - options: [ - { label: 'High', value: 'high', color: '#DC143C' }, - { label: 'Normal', value: 'normal', color: '#4169E1' }, - { label: 'Low', value: 'low', color: '#999999' }, - ], - }), - }, - - views: { - list: { - type: 'calendar', - columns: ['subject'], - - calendar: { - startDateField: 'due_date', - // No endDateField - shows as single-day events - titleField: 'subject', - colorField: 'priority', - }, - }, - }, -}); -``` - -### Calendar Features - -- **Multiple Views**: Month, Week, Day, Agenda -- **Color Coding**: By select field option colors -- **Multi-Day Events**: Span multiple days if `endDateField` provided -- **Drag & Drop**: Update dates by dragging events -- **Filters**: Show subset of events - ---- - -## 4. Gantt View - -Timeline/project management view for tasks with dependencies. - -### Configuration - -```typescript -export const ProjectTask = ObjectSchema.create({ - name: 'project_task', - label: 'Project Task', - - fields: { - task_name: Field.text({ label: 'Task Name' }), - start_date: Field.date({ label: 'Start Date' }), - end_date: Field.date({ label: 'End Date' }), - progress: Field.percent({ label: 'Progress' }), - dependencies: Field.text({ label: 'Dependencies' }), // Comma-separated task IDs - assigned_to: Field.lookup('user', { label: 'Assigned To' }), - }, - - views: { - list: { - type: 'gantt', - columns: ['task_name', 'assigned_to'], // Shown in left panel - - gantt: { - startDateField: 'start_date', // Required - endDateField: 'end_date', // Required - titleField: 'task_name', // Bar label - progressField: 'progress', // Optional (shows % complete) - dependenciesField: 'dependencies', // Optional (draws arrows) - }, - - sort: [ - { field: 'start_date', order: 'asc' }, - ], - }, - }, -}); -``` - -### Gantt Features - -- **Timeline Bars**: Visual representation of task duration -- **Progress Indicator**: Shows completion percentage -- **Dependencies**: Arrows between related tasks -- **Critical Path**: Highlight blocking tasks -- **Drag & Drop**: Adjust dates and dependencies -- **Zoom Levels**: Day, Week, Month, Quarter, Year - ---- - -## 5. Map View - -Geographic visualization for location-based data. - -### Configuration - -```typescript -export const Store = ObjectSchema.create({ - name: 'store', - label: 'Store', - - fields: { - store_name: Field.text({ label: 'Store Name' }), - address: Field.address({ label: 'Address' }), - location: Field.location({ label: 'Coordinates' }), - store_type: Field.select({ - options: [ - { label: 'Flagship', value: 'flagship', color: '#FFD700' }, - { label: 'Standard', value: 'standard', color: '#4169E1' }, - { label: 'Outlet', value: 'outlet', color: '#999999' }, - ], - }), - }, - - views: { - list: { - type: 'map', - columns: ['store_name', 'address'], // Info shown in popup - - map: { - locationField: 'location', // GPS coordinates - titleField: 'store_name', - colorField: 'store_type', // Marker color - }, - }, - }, -}); -``` - ---- - -## Form Views - -Three layout types for record detail pages: - -1. **Simple** - Single page with sections -2. **Tabbed** - Multiple tabs for grouped fields -3. **Wizard** - Step-by-step multi-page form - ---- - -## 1. Simple Form - -Single-page layout with collapsible sections. - -### Configuration - -```typescript -export const Contact = ObjectSchema.create({ - name: 'contact', - label: 'Contact', - - fields: { - // ... field definitions - }, - - views: { - form: { - type: 'simple', - sections: [ - { - label: 'Basic Information', - columns: 2, // 2-column layout - fields: ['first_name', 'last_name', 'email', 'phone'], - }, - { - label: 'Address', - columns: 2, - collapsible: true, - collapsed: false, - fields: ['street', 'city', 'state', 'postal_code', 'country'], - }, - { - label: 'Additional Details', - columns: 1, // Full-width fields - collapsible: true, - collapsed: true, // Collapsed by default - fields: ['notes', 'description'], - }, - ], - }, - }, -}); -``` - -### Section Configuration - -```typescript -{ - label: 'Section Title', // Optional header - columns: 2, // 1, 2, 3, or 4 columns - collapsible: true, // Can be collapsed - collapsed: false, // Initial state - fields: ['field1', 'field2'], // Fields to include -} -``` - ---- - -## 2. Tabbed Form - -Multi-tab layout for complex objects with many fields. - -### Configuration - -```typescript -export const Account = ObjectSchema.create({ - name: 'account', - label: 'Account', - - fields: { - // ... many fields - }, - - views: { - form: { - type: 'tabbed', - sections: [ - { - label: 'Overview', // Tab 1 - columns: 2, - fields: [ - 'account_number', - 'name', - 'type', - 'industry', - 'annual_revenue', - 'website', - ], - }, - { - label: 'Contact Information', // Tab 2 - columns: 2, - fields: [ - 'phone', - 'email', - 'billing_address', - 'shipping_address', - ], - }, - { - label: 'Description', // Tab 3 - columns: 1, - fields: ['description', 'notes'], - }, - ], - }, - }, -}); -``` - ---- - -## 3. Wizard Form - -Multi-step form for guided data entry. - -### Configuration - -```typescript -export const Lead = ObjectSchema.create({ - name: 'lead', - label: 'Lead', - - fields: { - // ... field definitions - }, - - views: { - form: { - type: 'wizard', - sections: [ - { - label: 'Step 1: Basic Info', // Wizard step 1 - fields: ['first_name', 'last_name', 'company', 'title'], - }, - { - label: 'Step 2: Contact Details', // Step 2 - fields: ['email', 'phone', 'address'], - }, - { - label: 'Step 3: Qualification', // Step 3 - fields: ['lead_source', 'industry', 'annual_revenue', 'status'], - }, - ], - }, - }, -}); -``` - -### Wizard Features - -- **Progress Indicator**: Shows current step -- **Navigation**: Previous/Next buttons -- **Validation**: Each step validated before proceeding -- **Summary**: Review all data before submit - ---- - -## Multiple Views - -Define multiple views for different use cases. - -### Example - -```typescript -export const Opportunity = ObjectSchema.create({ - name: 'opportunity', - label: 'Opportunity', - - fields: { - // ... fields - }, - - views: { - // Default list view (Grid) - list: { - type: 'grid', - columns: ['name', 'account', 'amount', 'stage', 'close_date'], - sort: [{ field: 'close_date', order: 'asc' }], - }, - - // Default form view - form: { - type: 'tabbed', - sections: [ - { label: 'Details', fields: ['name', 'account', 'amount'] }, - { label: 'Timeline', fields: ['stage', 'close_date'] }, - ], - }, - - // Additional list views - listViews: { - // Kanban pipeline - pipeline: { - name: 'pipeline', - label: 'Sales Pipeline', - type: 'kanban', - columns: ['name', 'amount', 'close_date'], - kanban: { - groupByField: 'stage', - summarizeField: 'amount', - }, - }, - - // Calendar of close dates - timeline: { - name: 'timeline', - label: 'Timeline', - type: 'calendar', - columns: ['name', 'amount'], - calendar: { - startDateField: 'close_date', - titleField: 'name', - colorField: 'stage', - }, - }, - - // My opportunities - my_opportunities: { - name: 'my_opportunities', - label: 'My Opportunities', - type: 'grid', - columns: ['name', 'account', 'amount', 'stage'], - filter: [ - { field: 'owner', operator: '=', value: '$current_user' }, - ], - }, - }, - - // Additional form views - formViews: { - // Quick create form - quick_create: { - type: 'simple', - sections: [ - { - label: 'Essential Fields', - columns: 2, - fields: ['name', 'account', 'amount', 'close_date', 'stage'], - }, - ], - }, - }, - }, -}); -``` - ---- - -## Best Practices - -### List Views - -1. **Column Selection**: Show 4-7 columns for optimal readability -2. **Default Sort**: Always define a default sort order -3. **Filters**: Pre-filter common views (e.g., "My Records", "Active Only") -4. **Searchable**: Enable search on key text fields -5. **Named Views**: Create specific views for common use cases - -### Kanban - -1. **Group Field**: Use select fields with 3-7 options (too many = cluttered) -2. **Card Fields**: Show 3-5 key fields on cards -3. **Colors**: Define colors for select options -4. **Summarize**: Add monetary totals for sales/revenue tracking - -### Calendar - -1. **Date Fields**: Use datetime for multi-day events, date for single-day -2. **Color Coding**: Use select field with meaningful colors -3. **Title Field**: Choose concise, descriptive field -4. **Filters**: Allow filtering by type, owner, etc. - -### Gantt - -1. **Dependencies**: Use structured format (comma-separated IDs or JSON) -2. **Progress**: Percentage field (0-100) -3. **Sort**: Sort by start date for logical flow -4. **Granularity**: Choose appropriate zoom level (day/week/month) - -### Forms - -1. **Sections**: Group related fields logically -2. **Columns**: Use 2 columns for most sections, 1 for wide fields (textarea, rich text) -3. **Collapsible**: Make optional sections collapsible -4. **Tabs**: Use tabs when >15 fields -5. **Wizard**: Use for complex multi-step processes - ---- - -## Real-World Example - -Complete view configuration for CRM Opportunity: - -```typescript -export const Opportunity = ObjectSchema.create({ - name: 'opportunity', - label: 'Opportunity', - pluralLabel: 'Opportunities', - - fields: { - name: Field.text({ label: 'Name' }), - account: Field.lookup('account', { label: 'Account' }), - amount: Field.currency({ label: 'Amount' }), - stage: Field.select({ - label: 'Stage', - options: [ - { label: 'Prospecting', value: 'prospecting', color: '#FFA500' }, - { label: 'Qualification', value: 'qualification', color: '#FFD700' }, - { label: 'Proposal', value: 'proposal', color: '#4169E1' }, - { label: 'Closed Won', value: 'closed_won', color: '#00AA00' }, - { label: 'Closed Lost', value: 'closed_lost', color: '#DC143C' }, - ], - }), - probability: Field.percent({ label: 'Probability' }), - close_date: Field.date({ label: 'Close Date' }), - owner: Field.lookup('user', { label: 'Owner' }), - description: Field.textarea({ label: 'Description' }), - }, - - views: { - // Default grid - list: { - type: 'grid', - columns: ['name', 'account', 'amount', 'stage', 'close_date', 'owner'], - sort: [{ field: 'close_date', order: 'asc' }], - searchableFields: ['name', 'account'], - }, - - // Default form - form: { - type: 'simple', - sections: [ - { - label: 'Opportunity Information', - columns: 2, - fields: ['name', 'account', 'amount', 'close_date'], - }, - { - label: 'Stage & Forecast', - columns: 2, - fields: ['stage', 'probability', 'owner'], - }, - { - label: 'Description', - columns: 1, - fields: ['description'], - }, - ], - }, - - // Named views - listViews: { - pipeline: { - type: 'kanban', - columns: ['name', 'amount', 'close_date'], - kanban: { - groupByField: 'stage', - summarizeField: 'amount', - }, - filter: [ - { field: 'stage', operator: 'notIn', value: ['closed_won', 'closed_lost'] }, - ], - }, - - closing_soon: { - type: 'grid', - columns: ['name', 'account', 'amount', 'close_date', 'probability'], - filter: [ - { field: 'close_date', operator: '<=', value: '$30_days_from_now' }, - { field: 'stage', operator: '!=', value: 'closed_won' }, - { field: 'stage', operator: '!=', value: 'closed_lost' }, - ], - sort: [{ field: 'close_date', order: 'asc' }], - }, - }, - }, -}); -``` - ---- - -## Next Steps - -- [Field Types Guide](/docs/guides/field-types) -- [Workflows & Validation](/docs/guides/workflows-validation) -- [Dashboard Configuration](/docs/guides/dashboards) -- [CRM Example](https://github.com/objectstack-ai/spec/tree/main/examples/crm) - See all view types in action diff --git a/content/docs/guides/workflows-validation.mdx b/content/docs/guides/workflows-validation.mdx deleted file mode 100644 index a3cf47afc..000000000 --- a/content/docs/guides/workflows-validation.mdx +++ /dev/null @@ -1,733 +0,0 @@ ---- -title: Validation Rules & Workflows -description: Complete guide to validation rules and workflow automation in ObjectStack ---- - - -# Validation Rules & Workflows - -ObjectStack provides powerful **validation rules** and **workflow automation** to enforce business logic and automate repetitive tasks. This guide covers all validation types and workflow patterns with practical examples. - -## Validation Rules - -Validation rules ensure data quality by checking record values before save. They can be defined at the object level and execute automatically. - -### Types of Validation Rules - -ObjectStack supports **7 validation types**, each optimized for specific use cases: - -1. **Script Validation** - Generic formula-based validation -2. **Uniqueness Validation** - Enforce unique constraints -3. **State Machine Validation** - Control state transitions -4. **Format Validation** - Regex or format checking -5. **Cross-Field Validation** - Compare multiple fields -6. **Async Validation** - Remote API validation -7. **Custom Validator** - User-defined functions - ---- - -## 1. Script Validation - -Generic formula-based validation for any business logic. - -### Configuration - -```typescript -import { ObjectSchema, Field } from '@objectstack/spec'; - -export const Opportunity = ObjectSchema.create({ - name: 'opportunity', - label: 'Opportunity', - - fields: { - amount: Field.currency({ label: 'Amount' }), - probability: Field.percent({ label: 'Probability' }), - close_date: Field.date({ label: 'Close Date' }), - }, - - validations: [ - { - name: 'positive_amount', - type: 'script', - condition: 'amount < 0', // When TRUE, validation FAILS - message: 'Amount must be greater than or equal to 0', - severity: 'error', - active: true, - }, - { - name: 'probability_range', - type: 'script', - condition: 'probability < 0 OR probability > 100', - message: 'Probability must be between 0 and 100', - severity: 'error', - }, - { - name: 'future_close_date', - type: 'script', - condition: 'close_date < TODAY()', - message: 'Close date cannot be in the past', - severity: 'warning', // Warning instead of error - }, - ], -}); -``` - -> ℹ️ **Info:** - **Important:** The `condition` is inverted logic - it defines when validation **FAILS**. If the condition evaluates to `TRUE`, the validation error is shown. - - -### Expression Examples - -```typescript -// Number comparisons -condition: 'revenue < 1000' -condition: 'quantity <= 0' -condition: 'discount > 50' - -// String checks -condition: 'LEN(name) < 3' -condition: 'ISBLANK(description)' -condition: 'NOT(CONTAINS(email, "@"))' - -// Date validations -condition: 'end_date < start_date' -condition: 'due_date < TODAY()' -condition: 'DAYS_BETWEEN(start_date, end_date) > 365' - -// Complex logic -condition: 'stage = "Closed Won" AND amount = 0' -condition: '(priority = "High" OR priority = "Critical") AND NOT(ISBLANK(assigned_to))' -``` - ---- - -## 2. Uniqueness Validation - -Optimized validation for enforcing unique constraints, better than script validation for uniqueness checks. - -### Configuration - -```typescript -export const Account = ObjectSchema.create({ - name: 'account', - label: 'Account', - - fields: { - name: Field.text({ label: 'Account Name' }), - email: Field.email({ label: 'Email' }), - account_number: Field.text({ label: 'Account Number' }), - active: Field.boolean({ label: 'Active' }), - }, - - validations: [ - // Single field uniqueness - { - name: 'unique_email', - type: 'unique', - fields: ['email'], - message: 'Email address already exists', - caseSensitive: false, // Ignore case - }, - - // Compound uniqueness (multiple fields) - { - name: 'unique_account_number', - type: 'unique', - fields: ['account_number'], - message: 'Account number must be unique', - caseSensitive: true, - }, - - // Scoped uniqueness (unique within subset) - { - name: 'unique_name_active', - type: 'unique', - fields: ['name'], - scope: 'active = true', // Only check uniqueness among active accounts - message: 'Active account with this name already exists', - }, - ], -}); -``` - -### Use Cases - -- Email addresses -- Username fields -- Product SKUs -- Invoice numbers -- Unique combinations (e.g., name + region) - ---- - -## 3. State Machine Validation - -Control allowed state transitions to prevent invalid workflow progressions. - -### Configuration - -```typescript -export const Opportunity = ObjectSchema.create({ - name: 'opportunity', - label: 'Opportunity', - - fields: { - stage: Field.select({ - label: 'Stage', - options: [ - { label: 'Prospecting', value: 'prospecting' }, - { label: 'Qualification', value: 'qualification' }, - { label: 'Proposal', value: 'proposal' }, - { label: 'Negotiation', value: 'negotiation' }, - { label: 'Closed Won', value: 'closed_won' }, - { label: 'Closed Lost', value: 'closed_lost' }, - ], - }), - }, - - validations: [ - { - name: 'stage_transition', - type: 'state_machine', - field: 'stage', - message: 'Invalid stage transition', - transitions: { - // From -> To (allowed states) - 'prospecting': ['qualification', 'closed_lost'], - 'qualification': ['prospecting', 'proposal', 'closed_lost'], - 'proposal': ['qualification', 'negotiation', 'closed_lost'], - 'negotiation': ['proposal', 'closed_won', 'closed_lost'], - 'closed_won': [], // No transitions allowed (terminal state) - 'closed_lost': [], // No transitions allowed (terminal state) - }, - }, - ], -}); -``` - -### Diagram - -``` -Prospecting → Qualification → Proposal → Negotiation → Closed Won - ↓ ↓ ↓ ↓ - Closed Lost ← Closed Lost ← Closed Lost ← Closed Lost -``` - ---- - -## 4. Format Validation - -Validate field formats using regex or predefined patterns. - -### Configuration - -```typescript -export const Contact = ObjectSchema.create({ - name: 'contact', - label: 'Contact', - - fields: { - phone: Field.phone({ label: 'Phone' }), - website: Field.url({ label: 'Website' }), - postal_code: Field.text({ label: 'Postal Code' }), - json_data: Field.textarea({ label: 'JSON Data' }), - }, - - validations: [ - // Regex validation - { - name: 'us_postal_code', - type: 'format', - field: 'postal_code', - regex: '^\\d{5}(-\\d{4})?$', // 12345 or 12345-6789 - message: 'Invalid US postal code format', - }, - - // Predefined format - { - name: 'valid_phone', - type: 'format', - field: 'phone', - format: 'phone', - message: 'Invalid phone number format', - }, - - { - name: 'valid_json', - type: 'format', - field: 'json_data', - format: 'json', - message: 'Invalid JSON format', - }, - ], -}); -``` - -### Available Formats - -- `email` - Email address -- `url` - Website URL -- `phone` - Phone number -- `json` - Valid JSON - ---- - -## 5. Cross-Field Validation - -Validate relationships between multiple fields. - -### Configuration - -```typescript -export const Event = ObjectSchema.create({ - name: 'event', - label: 'Event', - - fields: { - start_date: Field.datetime({ label: 'Start Date' }), - end_date: Field.datetime({ label: 'End Date' }), - min_attendees: Field.number({ label: 'Min Attendees' }), - max_attendees: Field.number({ label: 'Max Attendees' }), - budget: Field.currency({ label: 'Budget' }), - actual_cost: Field.currency({ label: 'Actual Cost' }), - }, - - validations: [ - { - name: 'end_after_start', - type: 'cross_field', - fields: ['start_date', 'end_date'], - condition: 'end_date <= start_date', - message: 'End date must be after start date', - }, - - { - name: 'max_greater_than_min', - type: 'cross_field', - fields: ['min_attendees', 'max_attendees'], - condition: 'max_attendees < min_attendees', - message: 'Maximum attendees must be greater than minimum', - }, - - { - name: 'budget_check', - type: 'cross_field', - fields: ['budget', 'actual_cost'], - condition: 'actual_cost > budget', - message: 'Actual cost exceeds budget', - severity: 'warning', // Allow save but warn - }, - ], -}); -``` - ---- - -## 6. Async Validation - -Validate data against external APIs or databases. - -### Configuration - -```typescript -export const User = ObjectSchema.create({ - name: 'user', - label: 'User', - - fields: { - username: Field.text({ label: 'Username' }), - tax_id: Field.text({ label: 'Tax ID' }), - }, - - validations: [ - { - name: 'check_username_availability', - type: 'async', - field: 'username', - validatorUrl: '/api/validate/username', - timeout: 5000, - debounce: 500, // Wait 500ms after typing stops - message: 'Username is already taken', - params: { - minLength: 3, - }, - }, - - { - name: 'verify_tax_id', - type: 'async', - field: 'tax_id', - validatorFunction: 'validateTaxId', // Custom function - timeout: 10000, - message: 'Invalid tax ID', - }, - ], -}); -``` - ---- - -## 7. Custom Validator - -User-defined validation logic with code references. - -### Configuration - -```typescript -export const Order = ObjectSchema.create({ - name: 'order', - label: 'Order', - - fields: { - items: Field.textarea({ label: 'Order Items (JSON)' }), - total: Field.currency({ label: 'Total' }), - }, - - validations: [ - { - name: 'validate_order_total', - type: 'custom', - validatorFunction: 'validateOrderTotal', - message: 'Order total does not match line items', - params: { - includeTax: true, - includeShipping: true, - }, - }, - ], -}); -``` - ---- - -## Workflow Automation - -Workflows automate actions when records are created, updated, or deleted. - -### Workflow Components - -1. **Trigger** - When to execute (on_create, on_update, on_delete, schedule) -2. **Criteria** - Condition to check (optional) -3. **Actions** - What to execute (field_update, email_alert, etc.) - ---- - -## Workflow Examples - -### 1. Field Update on Create - -```typescript -export const Lead = ObjectSchema.create({ - name: 'lead', - label: 'Lead', - - fields: { - status: Field.select({ - options: ['New', 'Contacted', 'Qualified', 'Converted'], - }), - created_date: Field.datetime({ label: 'Created Date' }), - last_contacted: Field.datetime({ label: 'Last Contacted' }), - }, - - workflows: [ - { - name: 'set_default_status', - objectName: 'lead', - triggerType: 'on_create', - actions: [ - { - name: 'set_status_new', - type: 'field_update', - field: 'status', - value: 'New', - }, - { - name: 'set_created_date', - type: 'field_update', - field: 'created_date', - value: 'NOW()', - }, - ], - active: true, - }, - ], -}); -``` - ---- - -### 2. Conditional Workflow - -```typescript -export const Opportunity = ObjectSchema.create({ - name: 'opportunity', - label: 'Opportunity', - - fields: { - stage: Field.select({ options: ['...'] }), - amount: Field.currency({ label: 'Amount' }), - owner: Field.lookup('user', { label: 'Owner' }), - approved: Field.boolean({ label: 'Approved' }), - }, - - workflows: [ - { - name: 'require_approval_large_deals', - objectName: 'opportunity', - triggerType: 'on_update', - criteria: 'amount > 100000 AND stage = "Closed Won"', // Only for big deals - actions: [ - { - name: 'set_approval_required', - type: 'field_update', - field: 'approved', - value: 'false', - }, - { - name: 'notify_manager', - type: 'email_alert', - template: 'approval_required_email', - recipients: ['sales_manager@company.com'], - }, - ], - active: true, - }, - ], -}); -``` - ---- - -### 3. Email Alert Workflow - -```typescript -export const Case = ObjectSchema.create({ - name: 'case', - label: 'Case', - - fields: { - priority: Field.select({ options: ['Low', 'Medium', 'High', 'Critical'] }), - status: Field.select({ options: ['Open', 'In Progress', 'Resolved'] }), - contact: Field.lookup('contact', { label: 'Contact' }), - }, - - workflows: [ - { - name: 'escalate_critical_cases', - objectName: 'case', - triggerType: 'on_create_or_update', - criteria: 'priority = "Critical" AND status = "Open"', - actions: [ - { - name: 'notify_support_team', - type: 'email_alert', - template: 'critical_case_alert', - recipients: ['support_team@company.com', 'manager@company.com'], - }, - ], - active: true, - }, - ], -}); -``` - ---- - -### 4. Update Timestamp Workflow - -```typescript -export const Account = ObjectSchema.create({ - name: 'account', - label: 'Account', - - fields: { - last_activity_date: Field.datetime({ label: 'Last Activity' }), - last_modified_date: Field.datetime({ label: 'Last Modified' }), - }, - - workflows: [ - { - name: 'update_last_activity', - objectName: 'account', - triggerType: 'on_update', - actions: [ - { - name: 'set_last_activity', - type: 'field_update', - field: 'last_activity_date', - value: 'NOW()', - }, - ], - active: true, - }, - ], -}); -``` - ---- - -## Best Practices - -### Validation Rules - -1. **Use Specific Types**: Use `unique` instead of `script` for uniqueness, `state_machine` instead of complex conditions -2. **Clear Messages**: Provide actionable error messages that guide users -3. **Severity Levels**: Use `warning` for soft validations, `error` for hard stops -4. **Performance**: Avoid complex formulas in validations, use indexes for uniqueness checks -5. **Testing**: Test all edge cases and state transitions - -### Workflows - -1. **Criteria First**: Use criteria to limit workflow execution, not blanket triggers -2. **Avoid Loops**: Be careful with `on_update` workflows that update the same record -3. **Batch-Safe**: Ensure workflows can handle bulk operations -4. **Error Handling**: Workflows should not block saves on non-critical failures -5. **Audit Trail**: Use field updates to maintain audit logs (last_modified_by, etc.) - ---- - -## Formula Functions Reference - -Common functions used in validation conditions and workflow criteria: - -### String Functions -- `CONCAT(str1, str2, ...)` - Concatenate strings -- `LEN(str)` - String length -- `ISBLANK(str)` - Check if empty -- `CONTAINS(str, substring)` - Check if contains -- `UPPER(str)`, `LOWER(str)` - Case conversion - -### Date Functions -- `TODAY()` - Current date -- `NOW()` - Current datetime -- `DAYS_BETWEEN(date1, date2)` - Days between dates -- `ADDDAYS(date, num)` - Add days to date - -### Logic Functions -- `AND(cond1, cond2, ...)` - Logical AND -- `OR(cond1, cond2, ...)` - Logical OR -- `NOT(cond)` - Logical NOT -- `IF(condition, true_value, false_value)` - Conditional - -### Number Functions -- `ABS(num)` - Absolute value -- `ROUND(num, decimals)` - Round number -- `MAX(num1, num2, ...)` - Maximum -- `MIN(num1, num2, ...)` - Minimum - ---- - -## Real-World Example: CRM Opportunity - -Complete example combining validations and workflows: - -```typescript -export const Opportunity = ObjectSchema.create({ - name: 'opportunity', - label: 'Opportunity', - - fields: { - name: Field.text({ label: 'Name', required: true }), - account: Field.lookup('account', { label: 'Account', required: true }), - amount: Field.currency({ label: 'Amount' }), - close_date: Field.date({ label: 'Close Date' }), - probability: Field.percent({ label: 'Probability' }), - stage: Field.select({ - options: [ - { label: 'Prospecting', value: 'prospecting' }, - { label: 'Qualification', value: 'qualification' }, - { label: 'Proposal', value: 'proposal' }, - { label: 'Negotiation', value: 'negotiation' }, - { label: 'Closed Won', value: 'closed_won' }, - { label: 'Closed Lost', value: 'closed_lost' }, - ], - }), - approved: Field.boolean({ label: 'Approved' }), - last_stage_change: Field.datetime({ label: 'Last Stage Change' }), - }, - - validations: [ - // Basic validations - { - name: 'positive_amount', - type: 'script', - condition: 'amount < 0', - message: 'Amount must be positive', - }, - - // State machine - { - name: 'stage_progression', - type: 'state_machine', - field: 'stage', - message: 'Invalid stage transition', - transitions: { - 'prospecting': ['qualification', 'closed_lost'], - 'qualification': ['prospecting', 'proposal', 'closed_lost'], - 'proposal': ['qualification', 'negotiation', 'closed_lost'], - 'negotiation': ['proposal', 'closed_won', 'closed_lost'], - 'closed_won': [], - 'closed_lost': [], - }, - }, - - // Cross-field validation - { - name: 'probability_stage_match', - type: 'cross_field', - fields: ['stage', 'probability'], - condition: 'stage = "Closed Won" AND probability < 100', - message: 'Closed Won opportunities must have 100% probability', - }, - ], - - workflows: [ - // Update timestamp on stage change - { - name: 'track_stage_changes', - objectName: 'opportunity', - triggerType: 'on_update', - criteria: 'ISCHANGED(stage)', - actions: [ - { - name: 'update_timestamp', - type: 'field_update', - field: 'last_stage_change', - value: 'NOW()', - }, - ], - }, - - // Require approval for large deals - { - name: 'large_deal_approval', - objectName: 'opportunity', - triggerType: 'on_update', - criteria: 'amount > 500000 AND stage = "Negotiation"', - actions: [ - { - name: 'request_approval', - type: 'field_update', - field: 'approved', - value: 'false', - }, - { - name: 'notify_exec_team', - type: 'email_alert', - template: 'large_deal_approval', - recipients: ['ceo@company.com', 'cfo@company.com'], - }, - ], - }, - ], -}); -``` - ---- - -## Next Steps - -- [Field Types Guide](/docs/guides/field-types) -- [Object Schema Reference](/docs/references/data/core/Object) -- [Formula Functions](/docs/references/data/formulas) -- [CRM Example](https://github.com/objectstack-ai/spec/tree/main/examples/crm) - See validations and workflows in action diff --git a/content/docs/index.cn.mdx b/content/docs/index.cn.mdx deleted file mode 100644 index e2058a915..000000000 --- a/content/docs/index.cn.mdx +++ /dev/null @@ -1,71 +0,0 @@ ---- -title: 欢迎使用 ObjectStack -description: 后 SaaS 时代的元数据驱动协议。 ---- - -import { Book, Compass, FileText, Layers } from 'lucide-react'; - -**ObjectStack** 不仅仅是一个框架;它是一个用于构建企业软件的**协议**。 -它将*业务意图*(用 JSON/YAML 定义)与*技术执行*(由内核处理)解耦。 - -本文档是 ObjectStack 协议的权威参考。 - -## 如何导航 - - - } - title="快速开始" - href="/docs/guides/getting-started" - description="5 分钟内构建你的第一个对象。通过实际示例学习基础知识。" - /> - } - title="概念" - href="/docs/concepts/manifesto" - description="理解「意图优于实现」和「本地优先」架构的理念。" - /> - } - title="规范" - href="/docs/specifications/data/architecture" - description="架构蓝图。深入了解 ObjectQL(数据)、ObjectUI(视图)和 ObjectOS(控制)。" - /> - } - title="协议参考" - href="/docs/references/data/core/Object" - description="字典。每个模式、字段类型和配置选项的全面参考。" - /> - - -## 快速链接 - -### 基础指南 -- **[字段类型](/docs/guides/field-types)** - 35 种字段类型及示例(文本、数字、选择、查找、公式等) -- **[视图配置](/docs/guides/view-configuration)** - 网格、看板、日历、甘特图和表单布局 -- **[工作流与验证](/docs/guides/workflows-validation)** - 业务规则和自动化 -- **[项目结构](/docs/guides/project-structure)** - 组织代码的最佳实践 - -### 示例 -- **[CRM 示例](https://github.com/objectstack-ai/spec/tree/main/examples/crm)** - 全功能应用,包含 6 个对象、工作流、视图、仪表板 -- **[Todo 示例](https://github.com/objectstack-ai/spec/tree/main/examples/todo)** - 快速入门最小化示例 - -## "五位一体"架构 - -ObjectStack 建立在五个协同工作的核心模块之上: - -| 模块 | 协议 | 职责 | -| :--- | :--- | :--- | -| **数据层** | **[ObjectQL](/docs/specifications/data/architecture)** | 定义数据的形状(`Object`、`Field`)以及如何访问它(`Query AST`)。与 SQL/NoSQL 无关。 | -| **UI 层** | **[ObjectUI](/docs/specifications/ui/sdui-protocol)** | 投影层。将用户界面定义为抽象的 JSON 布局(视图、仪表板、操作)。 | -| **控制层** | **[ObjectOS](/docs/specifications/server/kernel-architecture)** | 内核。处理身份、安全、同步和自动化。 | -| **AI 层** | **AI 协议** | AI 代理定义、工具、知识库和模型配置。 | -| **API 层** | **API 协议** | 标准化的 REST/GraphQL 契约,带请求/响应封装。 | - -## 适用对象 - -* **平台架构师:** 想要构建可扩展的内部开发者平台(IDP)。 -* **协议实现者:** 想要为 ObjectQL 编写新的驱动(例如,用于 FoundationDB)或为 ObjectUI 编写新的渲染器(例如,用于 Flutter)。 -* **AI 代理开发者:** 需要一种确定性、结构化的通用语言来让 AI 生成软件。 -* **低代码构建者:** 想要一个强大的元数据驱动平台来快速应用开发。 diff --git a/content/docs/index.mdx b/content/docs/index.mdx index 618114453..18a84c58b 100644 --- a/content/docs/index.mdx +++ b/content/docs/index.mdx @@ -3,94 +3,62 @@ title: Welcome to ObjectStack description: The Metadata-Driven Protocol for the Post-SaaS Era. --- -import { Book, Compass, FileText, Layers } from 'lucide-react'; +import { Book, Compass, FileText, Layers, Database, Layout, Cpu, Code2 } from 'lucide-react'; **ObjectStack** is not just a framework; it is a **Protocol** for building enterprise software. It decouples the *Business Intent* (defined in JSON/YAML) from the *Technical Execution* (handled by the Kernel). This documentation is the authoritative reference for the ObjectStack Protocol. -## How to navigate +## The Three Pillars + +ObjectStack is built on three foundational protocols that work together as a unified system: } - title="Quick Start" - href="/docs/quick-start" - description="Get started in under 5 minutes. Choose your learning path based on your role." - /> - } - title="Tutorials" - href="/docs/tutorials" - description="Hands-on step-by-step tutorials to build real applications and learn by doing." + icon={} + title="ObjectQL" + href="/docs/objectql" + description="The Data Protocol. Define your Data Model (Objects, Fields) and query it abstractly." /> } - title="Concepts" - href="/docs/concepts/manifesto" - description="Understand the philosophy of 'Intent over Implementation' and the 'Local-First' architecture." + icon={} + title="ObjectUI" + href="/docs/objectui" + description="The UI Protocol. Define your User Interfaces (Views, Actions) as pure data." /> } - title="Specifications" - href="/docs/specifications" - description="The Architecture Blueprints. Deep dive into ObjectQL (Data), ObjectUI (View), and ObjectOS (Control)." + icon={} + title="ObjectOS" + href="/docs/objectos" + description="The System Protocol. The Kernel that handles Identity, Transport, and Plugins." /> -## Additional Resources +## Getting Started } - title="Developer Guides" - href="/docs/guides/getting-started" - description="Comprehensive guides for building with ObjectStack. Field types, views, workflows, and more." - /> - } - title="API Reference" - href="/docs/references/data/core/Object" - description="Complete API documentation for every schema, field type, and configuration option." - /> - } - title="FAQ" - href="/docs/faq" - description="Frequently asked questions about ObjectStack and how to use it." + icon={} + title="Introduction" + href="/docs/introduction" + description="Understand the philosophy: 'Intent over Implementation' and Metadata-Driven Architecture." /> } - title="Troubleshooting" - href="/docs/troubleshooting" - description="Common issues and how to resolve them." + icon={} + title="Developers" + href="/docs/developers" + description="Guides for writing plugins, creating custom widgets, and using the CLI tools." /> -## Quick Links - -### Essential Guides -- **[Field Types](/docs/guides/field-types)** - 35 field types with examples (text, number, select, lookup, formula, etc.) -- **[View Configuration](/docs/guides/view-configuration)** - Grid, Kanban, Calendar, Gantt, and Form layouts -- **[Workflows & Validation](/docs/guides/workflows-validation)** - Business rules and automation -- **[Project Structure](/docs/guides/project-structure)** - Best practices for organizing your code - -### Examples -- **[CRM Example](https://github.com/objectstack-ai/spec/tree/main/examples/crm)** - Full-featured application with 6 objects, workflows, views, dashboards -- **[Todo Example](https://github.com/objectstack-ai/spec/tree/main/examples/todo)** - Quick-start minimal example - -## The "Trinity" Architecture - -ObjectStack is built on five core modules that work in unison: +## Why ObjectStack? | Module | Protocol | Responsibility | | :--- | :--- | :--- | -| **Data Layer** | **[ObjectQL](/docs/specifications/data/architecture)** | Defines the shape of data (`Object`, `Field`) and how to access it (`Query AST`). Agnostic to SQL/NoSQL. | -| **UI Layer** | **[ObjectUI](/docs/specifications/ui/sdui-protocol)** | The Projection. Defines User Interfaces as abstract JSON layouts (Views, Dashboards, Actions). | -| **Control Layer** | **[ObjectOS](/docs/specifications/server/kernel-architecture)** | The Kernel. Handles Identity, Security, Sync, and Automation. | -| **AI Layer** | **AI Protocol** | AI agent definitions, tools, knowledge bases, and model configurations. | -| **API Layer** | **API Protocol** | Standardized REST/GraphQL contracts with request/response envelopes. | +| **Data Layer** | **[ObjectQL](/docs/objectql)** | Defines the shape of data (`Object`, `Field`) and how to access it. Agnostic to SQL/NoSQL. | +| **UI Layer** | **[ObjectUI](/docs/objectui)** | The Projection. Defines User Interfaces as abstract JSON layouts (Views, Forms). | +| **System Layer** | **[ObjectOS](/docs/objectos)** | The Kernel. Handles Identity, Security, Sync, and Lifecycle. | ## For whom is this? diff --git a/content/docs/introduction/architecture.mdx b/content/docs/introduction/architecture.mdx new file mode 100644 index 000000000..7746304e6 --- /dev/null +++ b/content/docs/introduction/architecture.mdx @@ -0,0 +1,505 @@ +--- +title: The Stack - ObjectQL + ObjectUI + ObjectOS +description: How the three protocols work together as one cohesive system +--- + +import { Database, Layout, Cpu, ArrowRight, CheckCircle, Workflow } from 'lucide-react'; + +# The Three-Layer Stack + +ObjectStack is built on three foundational protocols that work together as a unified system: + + + } + title="ObjectQL" + description="Data Protocol - Structure and queries" + /> + } + title="ObjectOS" + description="Control Protocol - Runtime and governance" + /> + } + title="ObjectUI" + description="View Protocol - Presentation and interaction" + /> + + +## Why Three Layers? + +Traditional applications tightly couple data, business logic, and presentation. This creates **Implementation Coupling** — changing one layer forces changes across the entire stack. + +ObjectStack enforces **Separation of Concerns** through protocol boundaries: + +``` +┌─────────────────────────────────────────┐ +│ ObjectUI (View Layer) │ +│ Apps, Views, Dashboards, Reports │ +│ "How do users interact?" │ +└──────────────┬──────────────────────────┘ + │ API Protocol +┌──────────────┴──────────────────────────┐ +│ ObjectOS (Control Layer) │ +│ Auth, Permissions, Workflows, Events │ +│ "Who can do what, when?" │ +└──────────────┬──────────────────────────┘ + │ Query Protocol +┌──────────────┴──────────────────────────┐ +│ ObjectQL (Data Layer) │ +│ Objects, Fields, Queries, Drivers │ +│ "What is the data structure?" │ +└─────────────────────────────────────────┘ +``` + +## Layer 1: ObjectQL (Data Protocol) + +**Role:** Define the **Structure** and **Intent** of data. + +**Responsibilities:** +- Object schema definitions (what is a "Customer"?) +- Field types and validation rules +- Query language (filtering, sorting, aggregation) +- Database drivers (Postgres, MongoDB, SQLite) + +**Key Principle:** ObjectQL knows **nothing** about users, permissions, or UI. It only cares about data structure and queries. + +### Example: Defining a Customer Object + +```typescript +// packages/crm/src/objects/customer.object.ts +import { Object, Field } from '@objectstack/spec'; + +export const Customer = Object({ + name: 'customer', + label: 'Customer', + fields: { + name: Field.text({ + label: 'Company Name', + required: true, + maxLength: 120, + }), + industry: Field.select({ + label: 'Industry', + options: ['technology', 'finance', 'healthcare', 'retail'], + }), + annual_revenue: Field.currency({ + label: 'Annual Revenue', + }), + primary_contact: Field.lookup({ + label: 'Primary Contact', + object: 'contact', + }), + }, +}); +``` + +This definition is **pure metadata**. It doesn't know: +- Who can see this data +- How to render a form +- When to trigger workflows + +That's the job of the other layers. + +## Layer 2: ObjectOS (Control Protocol) + +**Role:** Manage the **Lifecycle** and **Governance** of requests. + +**Responsibilities:** +- Authentication (who is this user?) +- Authorization (can they access this field?) +- Workflows and automations (what happens after save?) +- Event processing (audit logs, notifications) +- Multi-tenancy and data isolation + +**Key Principle:** ObjectOS acts as the **Gateway**. No layer can directly access the database; all requests must pass through the OS Kernel. + +### Example: Permission Rules + +```typescript +// packages/crm/src/permissions/customer.permission.ts +import { Permission } from '@objectstack/spec'; + +export const CustomerPermission = Permission({ + object: 'customer', + rules: [ + { + profile: 'sales_rep', + crud: { + create: true, + read: true, + update: true, + delete: false, // Only managers can delete + }, + fieldPermissions: { + annual_revenue: { read: true, edit: false }, // Read-only + }, + }, + { + profile: 'sales_manager', + crud: { + create: true, + read: true, + update: true, + delete: true, + }, + }, + ], +}); +``` + +### Example: Workflow Automation + +```typescript +// packages/crm/src/workflows/customer.workflow.ts +import { Workflow } from '@objectstack/spec'; + +export const CustomerWorkflow = Workflow({ + object: 'customer', + trigger: 'after_create', + conditions: [ + { field: 'annual_revenue', operator: 'greaterThan', value: 1000000 }, + ], + actions: [ + { + type: 'assign_owner', + params: { owner: 'enterprise_sales_team' }, + }, + { + type: 'send_email', + params: { + template: 'high_value_customer_alert', + to: 'sales-leadership@company.com', + }, + }, + ], +}); +``` + +ObjectOS **orchestrates** these rules at runtime, independent of the data structure or UI. + +## Layer 3: ObjectUI (View Protocol) + +**Role:** Render the **Presentation** and handle **User Interaction**. + +**Responsibilities:** +- App navigation and branding +- List views (grid, kanban, calendar) +- Form layouts (simple, tabbed, wizard) +- Dashboards and reports +- Actions and buttons + +**Key Principle:** ObjectUI is a **Rendering Engine**, not a hardcoded interface. It asks ObjectQL *"What is the schema?"* and dynamically generates the UI. + +### Example: List View + +```typescript +// packages/crm/src/views/customer_list.view.ts +import { ListView } from '@objectstack/spec'; + +export const CustomerListView = ListView({ + object: 'customer', + label: 'All Customers', + type: 'grid', + columns: [ + { field: 'name', width: 200 }, + { field: 'industry', width: 150 }, + { field: 'annual_revenue', width: 150 }, + { field: 'primary_contact', width: 180 }, + ], + filters: [ + { field: 'industry', operator: 'equals' }, + { field: 'annual_revenue', operator: 'greaterThan' }, + ], + defaultSort: { field: 'name', direction: 'asc' }, +}); +``` + +### Example: Form View + +```typescript +// packages/crm/src/views/customer_form.view.ts +import { FormView } from '@objectstack/spec'; + +export const CustomerFormView = FormView({ + object: 'customer', + label: 'Customer Details', + type: 'tabbed', + tabs: [ + { + label: 'Overview', + sections: [ + { + label: 'Company Information', + fields: ['name', 'industry', 'annual_revenue'], + }, + { + label: 'Contact', + fields: ['primary_contact'], + }, + ], + }, + { + label: 'Related Records', + sections: [ + { + label: 'Opportunities', + component: 'related_list', + object: 'opportunity', + filter: { customer: '$recordId' }, + }, + ], + }, + ], +}); +``` + +The UI doesn't "know" the field types. It asks ObjectQL for the schema and renders accordingly: +- `Field.text` → Text input +- `Field.select` → Dropdown +- `Field.lookup` → Autocomplete lookup +- `Field.currency` → Number input with currency formatting + +## How They Work Together + +Let's trace a **real-world scenario**: A sales rep creates a new high-value customer. + +### Step 1: User Action (ObjectUI) + +``` +User fills out the "Create Customer" form: +- Name: "Acme Corp" +- Industry: "Technology" +- Annual Revenue: $5,000,000 +- Primary Contact: "John Doe" + +User clicks "Save" +``` + +### Step 2: UI Layer Sends Request + +```typescript +// ObjectUI dispatches an action to ObjectOS +const request = { + action: 'create', + object: 'customer', + data: { + name: 'Acme Corp', + industry: 'technology', + annual_revenue: 5000000, + primary_contact: 'contact_12345', + }, +}; +``` + +### Step 3: ObjectOS Validates Permissions + +```typescript +// Kernel checks: Does this user have permission? +const user = await Auth.getCurrentUser(); +const canCreate = await Permission.check({ + user, + object: 'customer', + operation: 'create', +}); + +if (!canCreate) { + throw new Error('Permission denied'); +} +``` + +### Step 4: ObjectOS Validates Data + +```typescript +// Kernel asks ObjectQL: Is this data valid? +const schema = ObjectQL.getSchema('customer'); +const validation = schema.validate(request.data); + +if (!validation.success) { + throw new ValidationError(validation.errors); +} +``` + +### Step 5: ObjectQL Writes to Database + +```typescript +// ObjectQL compiles the request into a database operation +const driver = ObjectQL.getDriver(); // Postgres, MongoDB, etc. +const result = await driver.insert('customer', { + name: 'Acme Corp', + industry: 'technology', + annual_revenue: 5000000, + primary_contact_id: 'contact_12345', +}); +``` + +### Step 6: ObjectOS Triggers Workflows + +```typescript +// Kernel checks: Are there any workflows for this event? +const workflows = Workflow.getTriggersFor('customer', 'after_create'); + +for (const workflow of workflows) { + if (workflow.conditionsMet(result)) { + await workflow.execute(result); + } +} + +// In this case: +// ✅ Annual revenue > $1M +// → Assign to enterprise sales team +// → Send alert email to leadership +``` + +### Step 7: ObjectUI Updates Display + +```typescript +// Kernel returns success response +// UI optimistically updates the screen +// UI shows toast notification: "Customer created successfully" +// UI navigates to the new customer detail page +``` + +## The Full Stack in Action + +Here's how all three protocols collaborate for a **Kanban Board** feature: + +### 1. ObjectQL: Define the Data + +```typescript +export const Opportunity = Object({ + name: 'opportunity', + fields: { + title: Field.text({ required: true }), + stage: Field.select({ + options: ['prospecting', 'qualification', 'proposal', 'closed_won'], + }), + amount: Field.currency(), + customer: Field.lookup({ object: 'customer' }), + }, +}); +``` + +### 2. ObjectOS: Define Business Rules + +```typescript +export const OpportunityWorkflow = Workflow({ + object: 'opportunity', + trigger: 'field_update', + conditions: [ + { field: 'stage', operator: 'equals', value: 'closed_won' }, + ], + actions: [ + { type: 'create_invoice', params: { object: 'invoice' } }, + { type: 'send_notification', params: { to: 'sales_team' } }, + ], +}); +``` + +### 3. ObjectUI: Define the Kanban View + +```typescript +export const OpportunityKanban = ListView({ + object: 'opportunity', + type: 'kanban', + groupBy: 'stage', + columns: [ + { field: 'title' }, + { field: 'amount' }, + { field: 'customer' }, + ], + enableDragDrop: true, +}); +``` + +### The Result + +When a user **drags an opportunity card** from "Proposal" to "Closed Won": + +1. **ObjectUI** captures the drag-drop event +2. **ObjectOS** checks if the user has permission to update the `stage` field +3. **ObjectQL** validates that `"closed_won"` is a valid option +4. **ObjectQL** writes the update to the database +5. **ObjectOS** triggers the workflow (create invoice, send notification) +6. **ObjectUI** updates the kanban board to reflect the new state + +**All from metadata. Zero hardcoded logic.** + +## Benefits of the Three-Layer Architecture + +### 1. Technology Independence + +Swap implementations without breaking the system: + +``` +Same Metadata Definitions + ↓ +┌─────────┼─────────┐ +ObjectQL: │ │ +Postgres │ MongoDB + │ +ObjectOS: │ +Node.js │ Python + │ +ObjectUI: │ +React │ Flutter +``` + +### 2. Parallel Development + +Teams can work independently on each layer: + +- **Data Team:** Define objects in ObjectQL +- **Backend Team:** Build workflows in ObjectOS +- **Frontend Team:** Create views in ObjectUI + +All communicate through **protocol contracts**, not code dependencies. + +### 3. Incremental Migration + +Adopt ObjectStack gradually: + +- **Phase 1:** Use ObjectQL as an ORM replacement +- **Phase 2:** Add ObjectOS for permissions and workflows +- **Phase 3:** Build ObjectUI views to replace custom forms + +Each layer is independently useful. + +### 4. Testability + +Mock any layer for testing: + +```typescript +// Test ObjectOS workflows without a real database +const mockObjectQL = { + getSchema: () => CustomerSchema, + insert: jest.fn(), +}; + +// Test ObjectUI rendering without a real backend +const mockObjectOS = { + checkPermission: () => true, + executeQuery: () => mockData, +}; +``` + +## Summary + +| Layer | Role | Knows About | Doesn't Know About | +| :--- | :--- | :--- | :--- | +| **ObjectQL** | Data structure & queries | Schema, fields, drivers | Users, permissions, UI | +| **ObjectOS** | Runtime & governance | Auth, workflows, events | Data structure, UI layout | +| **ObjectUI** | Presentation & interaction | Layout, navigation, actions | Business logic, data storage | + +The three protocols are **loosely coupled** but **tightly integrated**: +- They communicate through **standard contracts** (Zod schemas) +- They can be **swapped or upgraded** independently +- They form a **complete system** when combined + +## Next Steps + +- [Object Model](/docs/core-concepts/object-model) - Deep dive into ObjectQL's universal object model +- [ObjectQL Protocol](/docs/protocols/objectql) - Full data protocol specification +- [ObjectOS Protocol](/docs/protocols/objectos) - Full control protocol specification +- [ObjectUI Protocol](/docs/protocols/objectui) - Full view protocol specification diff --git a/content/docs/introduction/design-principles.mdx b/content/docs/introduction/design-principles.mdx new file mode 100644 index 000000000..0baf615b5 --- /dev/null +++ b/content/docs/introduction/design-principles.mdx @@ -0,0 +1,161 @@ +--- +title: Design Principles +description: The unshakable core principles that govern the ObjectStack ecosystem - The Constitution of the Post-SaaS Era +--- + +import { Scale, Code2, Database, ScrollText } from 'lucide-react'; + +# Design Principles + +ObjectStack exists to return enterprise application development to its essence: **Data**. + +To maintain a healthy, decoupled, and future-proof ecosystem, we uphold the following core principles. These are not suggestions; they are the constraints that enable our freedom. + + + } + title="I. Protocol Neutrality" + description="The Protocol is law. The Implementation is merely an opinion." + /> + } + title="II. Mechanism over Policy" + description="Provide the tools to build rules, do not hardcode the rules themselves." + /> + } + title="III. Single Source of Truth" + description="There is no 'Code'. There is only Schema." + /> + } + title="IV. Local-First by Default" + description="The Cloud is a sync peer, not a master." + /> + + +--- + +## Principle I: Protocol Neutrality + +**"The Protocol is neutral. The Engine is replaceable."** + +ObjectQL must not contain any logic specific to a particular language (e.g., Node.js), database (e.g., PostgreSQL), or runtime (e.g., Browser). + +### The Law + +- **Spec before Engine:** Any feature must first be defined in the Specification layer (`packages/spec`) before a single line of code is written in the Engine layer. We reject the "implement first, standardize later" approach. +- **Zero Leakage:** Implementation details (like React Hooks usage, or SQL specific syntax) must never leak into the Protocol definition. + +### The Benefit + +This ensures that an ObjectStack application defined today can theoretically run on: + +- A Node.js server with PostgreSQL (Today's Standard) +- A Python server with SQLite (AI/Data Science) +- A Rust WASM module in the browser (Local-First) + +--- + +## Principle II: Mechanism over Policy + +**"Give them the physics, not the simulation."** + +ObjectStack provides the **Mechanisms** (The "How"): + +- *"Here is how you define a validation rule."* +- *"Here is how you define a permission scope."* + +ObjectStack never dictates the **Policy** (The "What"): + +- *It never says "Passwords must be 8 characters".* +- *It never says "Users must belong to a Department".* + +### Separation of Concerns + +We cleanly separate the **Definition** from the **Execution**. + +| Layer | Responsibility | Example | +| :--- | :--- | :--- | +| **Protocol (Mechanism)** | Defines the capabilities. | `allowRead: string` (A slot for a formula) | +| **App (Policy)** | Defines the business logic. | `allowRead: "$user.role == 'admin'"` | +| **Engine (Execution)** | Enforces the logic. | Compiles formula to SQL `WHERE` clause. | + +--- + +## Principle III: The Single Source of Truth + +**"There is no 'Code'. There is only Schema."** + +In a traditional application, the "truth" is scattered: + +1. Database Schema (`table.sql`) +2. Backend Models (`User.ts`) +3. Frontend Validation (`schema.zod.ts`) +4. API Documentation (`swagger.json`) + +In ObjectStack, **The Object Protocol is the only truth.** + +- The Database is a *derivative* of the Protocol. +- The UI is a *projection* of the Protocol. +- The API is a *consequence* of the Protocol. + +If you change the Protocol, the entire system (DB, API, UI) must adapt automatically. + +--- + +## Principle IV: Local-First by Default + +**"The Cloud is a sync peer, not a master."** + +We reject the notion that software must stop working when the internet connection drops. + +- **Latency is the enemy:** All interactions should be optimistic and instant (0ms). +- **Ownership is the goal:** The user's data essentially lives on their device. The server is just a hub for backup and collaboration. + +### The "Seven Hops" Problem + +In a traditional Cloud app, a simple button click travels through: + +``` +Click → Wi-Fi → ISP → Cloud Load Balancer → Web Server → Database → Query Execution +``` + +...and then all the way back. + +### The Local-First Solution + +ObjectStack apps are designed to read and write to a **Local Database** (embedded within the client environment) first. + +``` +Click → Local DB → UI Update (0ms Latency) +``` + +The synchronization with the cloud happens in the background, asynchronously. + +**Benefits:** + +1. **Instant Response:** The UI reacts immediately (optimistic UI) +2. **Offline Capability:** Field workers, airplanes, or spotty connections are no longer blockers +3. **Data Sovereignty:** The data physically resides on the user's device + +--- + +## Summary + +These principles guide every design decision in ObjectStack: + +| Principle | What it Means | +| :--- | :--- | +| **Protocol Neutrality** | The spec is separate from implementation. ObjectStack can run anywhere. | +| **Mechanism over Policy** | We provide the tools, you define the rules. | +| **Single Source of Truth** | The schema is the application. Everything else derives from it. | +| **Local-First** | Users own their data. The cloud is just for sync. | + +By adhering to these values, we build software that is **resilient to change**, **respectful of user time**, and **technically sovereign**. + +## Next Steps + +- [Architecture](/docs/introduction/architecture) - See how these principles shape the system +- [Glossary](/docs/introduction/glossary) - Understand key terms +- [Core Concepts](/docs/core-concepts) - Learn about metadata-driven development diff --git a/content/docs/introduction/index.mdx b/content/docs/introduction/index.mdx new file mode 100644 index 000000000..d0979257e --- /dev/null +++ b/content/docs/introduction/index.mdx @@ -0,0 +1,105 @@ +--- +title: Overview +description: ObjectStack is What? A Full-Stack Metadata Protocol for Building Enterprise Applications +--- + +import { Database, Layout, Cog } from 'lucide-react'; + +# What is ObjectStack? + +**ObjectStack** is not just a framework; it is a **Protocol** for building enterprise software. It decouples the *Business Intent* (defined in JSON/YAML) from the *Technical Execution* (handled by the Kernel). + +## The Problem + +In traditional development, application logic is scattered: + +1. **Database Schema** (`table.sql`) +2. **Backend Models** (`User.ts`) +3. **Frontend Validation** (`schema.zod.ts`) +4. **API Documentation** (`swagger.json`) + +When requirements change, you update code in multiple places. This is **Implementation Coupling**. + +## The Solution + +ObjectStack centralizes the "Intent" into a single Protocol Definition (JSON/YAML). The implementation layers (React, Node.js, SQL) act merely as **Runtime Engines** that interpret this protocol. + + + } + title="ObjectQL (Data Layer)" + description="Define data structures, queries, and business logic. Database-agnostic abstraction layer." + /> + } + title="ObjectUI (Presentation Layer)" + description="Server-driven UI definitions. Express interfaces as JSON, not code." + /> + } + title="ObjectOS (Control Layer)" + description="Runtime kernel, plugins, security, and integration. The platform foundation." + /> + + +## The "Stack" Analogy + +Think of ObjectStack as: + +- **Kubernetes** for business applications - Declarative configuration over imperative code +- **Terraform** for data modeling - Infrastructure as code, but for data +- **GraphQL + React Server Components** - Schema-driven data + UI rendering combined + +## Key Features + +### 1. Protocol-Driven Architecture + +**The UI is a Projection. The API is a Consequence.** + +- ObjectUI does not "build" a form; it *projects* the ObjectQL schema into a visual representation +- You do not write endpoints; ObjectOS *generates* the secure graph based on the access control protocol + +### 2. Local-First by Default + +**"The Cloud is a sync peer, not a master."** + +- All interactions are optimistic and instant (0ms latency) +- Data lives on the user's device +- The server is just a hub for backup and collaboration + +### 3. Database Agnostic + +**ObjectQL treats the database as an Implementation Detail.** + +- Start with SQLite for prototyping +- Migrate to PostgreSQL for production +- Archive to Snowflake for analytics +- **No code changes required** + +## Real-World Benefits + +| Traditional Approach | ObjectStack Approach | +| :--- | :--- | +| Write SQL migrations manually | Schema changes sync automatically | +| Build CRUD APIs by hand | REST/GraphQL generated from schema | +| Duplicate validation logic 3x | Define once, enforce everywhere | +| Lock into one database vendor | Swap databases without code changes | +| Offline = broken app | Offline-first with background sync | + +## Who Should Use ObjectStack? + +### Enterprise Developers +Building internal tools, CRMs, ERPs, or admin panels? ObjectStack eliminates 80% of the boilerplate. + +### Platform Builders +Creating a SaaS product or multi-tenant application? ObjectStack provides enterprise-grade security and isolation. + +### Integration Engineers +Connecting multiple systems? ObjectStack's protocol-driven approach makes it easy to map and transform data. + +## Next Steps + +- [Design Principles](/docs/introduction/design-principles) - Understand the philosophy +- [Architecture](/docs/introduction/architecture) - Deep dive into the system +- [Glossary](/docs/introduction/glossary) - Learn key terminology +- [Core Concepts](/docs/core-concepts) - Metadata-driven development explained diff --git a/content/docs/concepts/manifesto.mdx b/content/docs/introduction/manifesto.mdx similarity index 100% rename from content/docs/concepts/manifesto.mdx rename to content/docs/introduction/manifesto.mdx diff --git a/content/docs/introduction/meta.json b/content/docs/introduction/meta.json new file mode 100644 index 000000000..236d84595 --- /dev/null +++ b/content/docs/introduction/meta.json @@ -0,0 +1,12 @@ +{ + "title": "Introduction", + "root": true, + "pages": [ + "index", + "manifesto", + "metadata-driven", + "architecture", + "design-principles", + "terminology" + ] +} diff --git a/content/docs/introduction/metadata-driven.mdx b/content/docs/introduction/metadata-driven.mdx new file mode 100644 index 000000000..1fce5a8b0 --- /dev/null +++ b/content/docs/introduction/metadata-driven.mdx @@ -0,0 +1,253 @@ +--- +title: Metadata-Driven Development +description: Understanding the core philosophy of defining business logic through metadata instead of code +--- + +import { Database, Code, Link, Laptop } from 'lucide-react'; + +# What is Metadata-Driven Development? + +Metadata-driven development is a paradigm shift where **application logic is defined by declarative data (metadata), not imperative code.** + +## The Problem with Code-First + +In traditional development, the "Intent" (e.g., *"This field is a required email address"*) is scattered across multiple layers: + +1. **Database:** SQL constraints (`NOT NULL`, `CHECK`) +2. **Backend:** ORM validation (TypeORM decorators, Prisma schemas) +3. **Frontend:** UI validation (React Hook Form + Zod) +4. **Documentation:** API specs (OpenAPI/Swagger) + +When a business requirement changes, you must update code in **three or four places**. This is **Implementation Coupling**. + +### Example: Adding a "Phone Number" Field + +**Traditional Approach:** + +```sql +-- 1. Database migration +ALTER TABLE users ADD COLUMN phone VARCHAR(20); +``` + +```typescript +// 2. Backend model +class User { + @Column() + @IsPhoneNumber() + phone: string; +} +``` + +```typescript +// 3. Frontend validation +const schema = z.object({ + phone: z.string().regex(/^\+?[1-9]\d{1,14}$/), +}); +``` + +```yaml +# 4. API documentation +components: + schemas: + User: + properties: + phone: + type: string + pattern: '^\+?[1-9]\d{1,14}$' +``` + +**4 files to change. 4 places to keep in sync. 4 opportunities for bugs.** + +## The Metadata-Driven Solution + +ObjectStack centralizes the "Intent" into a **single Protocol Definition**. The implementation layers act as **Runtime Engines** that interpret this protocol. + +### Example: The ObjectStack Way + +```typescript +// ONE definition (in objectstack.config.ts) +export const User = Object({ + name: 'user', + fields: { + phone: Field.phone({ + label: 'Phone Number', + required: true, + }), + }, +}); +``` + +From this single definition, ObjectStack automatically: + +✅ Generates database schema +✅ Creates validation rules +✅ Builds CRUD APIs +✅ Renders form fields +✅ Produces API documentation + +## The Three Truths + +In metadata-driven development, we embrace three core truths: + +### 1. The UI is a Projection + +**Traditional:** Build a form component manually +**ObjectStack:** The form is a *projection* of the schema + +The UI doesn't "build" a form; it **projects** the Object schema into visual components. + +```typescript +// The schema IS the form +const TaskForm = +// No manual JSX needed +``` + +### 2. The API is a Consequence + +**Traditional:** Write REST endpoints by hand +**ObjectStack:** APIs are *generated* from the schema + +You don't write controllers or routes. ObjectOS *generates* the entire API graph based on your Object definitions and permission rules. + +```bash +# Automatically available after defining the object: +GET /api/v1/task +POST /api/v1/task +GET /api/v1/task/:id +PATCH /api/v1/task/:id +DELETE /api/v1/task/:id +``` + +### 3. The Schema is the Application + +**Traditional:** The "application" is code scattered across many files +**ObjectStack:** The "application" is a collection of metadata files + +Your entire business logic lives in: +- Object definitions (`.object.ts`) +- View configurations (`.view.ts`) +- Workflow rules (`.workflow.ts`) + +The Kernel simply **interprets** these definitions. + +## Benefits of Metadata-Driven + +### 1. Single Source of Truth + +Change the metadata once, everything updates automatically. + +```typescript +// Change this: +phone: Field.phone({ required: true }) + +// To this: +phone: Field.phone({ required: false }) + +// ✅ Database constraint updates +// ✅ API validation updates +// ✅ UI form updates +// ✅ Documentation updates +``` + +### 2. Type Safety by Default + +All metadata is defined with Zod schemas: + +```typescript +// Source: Zod schema +const FieldSchema = z.object({ + name: z.string(), + type: z.enum(['text', 'number', 'date']), +}); + +// Derived: TypeScript type +type Field = z.infer; + +// Derived: JSON Schema (for IDE autocomplete) +const jsonSchema = zodToJsonSchema(FieldSchema); +``` + +### 3. Technology Agnostic + +Because logic is declarative, you can swap implementations: + +``` +Same Metadata Definition + ↓ +┌─────────┴─────────┐ +│ │ +PostgreSQL MongoDB +Node.js Python +React Flutter +``` + +### 4. Reduced Boilerplate + +**Traditional:** ~300 lines of code for a simple CRUD feature +**ObjectStack:** ~30 lines of metadata + +```typescript +// All you need: +export const Task = Object({ + name: 'task', + fields: { + title: Field.text({ required: true }), + status: Field.select({ + options: ['todo', 'in_progress', 'done'], + }), + assignee: Field.lookup({ object: 'user' }), + }, +}); + +// That's it. Full CRUD functionality is ready. +``` + +## Real-World Analogy + +Think of metadata-driven development like **HTML vs Canvas**: + +### HTML (Declarative) +```html +

Hello World

+``` +You describe **what** you want. The browser handles **how** to render it. + +### Canvas (Imperative) +```javascript +ctx.font = '32px Arial'; +ctx.fillText('Hello World', 10, 50); +``` +You specify **exactly how** to draw each pixel. + +**ObjectStack is the "HTML" of enterprise applications.** + +## When to Use Metadata-Driven + +✅ **Use metadata-driven when:** +- Building CRUD-heavy applications +- Need rapid prototyping and iteration +- Want database flexibility (may change backends) +- Building multi-tenant SaaS platforms +- Require strict type safety and validation + +❌ **Don't use metadata-driven when:** +- Building highly custom, pixel-perfect UIs +- Need real-time 3D graphics or games +- The problem domain is too unique for abstraction +- Performance requires hand-optimized algorithms + +## Summary + +| Aspect | Traditional | Metadata-Driven | +| :--- | :--- | :--- | +| **Definition** | Code in multiple files | Single metadata definition | +| **Changes** | Update 3-4 places | Update once | +| **Type Safety** | Manual synchronization | Automatic from Zod | +| **Flexibility** | Locked to tech stack | Technology agnostic | +| **Boilerplate** | High (300+ lines) | Low (30 lines) | + +## Next Steps + +- [The Stack](/docs/core-concepts/the-stack) - How the three protocols work together +- [Object Model](/docs/core-concepts/object-model) - Deep dive into the universal object model +- [ObjectQL Protocol](/docs/protocols/objectql) - Learn the data protocol specification diff --git a/content/docs/concepts/terminology.mdx b/content/docs/introduction/terminology.mdx similarity index 100% rename from content/docs/concepts/terminology.mdx rename to content/docs/introduction/terminology.mdx diff --git a/content/docs/meta.cn.json b/content/docs/meta.cn.json deleted file mode 100644 index 917b274ea..000000000 --- a/content/docs/meta.cn.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "title": "文档", - "pages": [ - "quick-start", - "tutorials", - "guides", - "concepts", - "specifications", - "standards", - "references", - "faq", - "troubleshooting" - ] -} diff --git a/content/docs/meta.json b/content/docs/meta.json index f2db74f18..bca8af934 100644 --- a/content/docs/meta.json +++ b/content/docs/meta.json @@ -1,14 +1,11 @@ { "title": "Documentation", "pages": [ - "quick-start", - "tutorials", - "guides", - "concepts", - "specifications", - "standards", - "references", - "faq", - "troubleshooting" + "introduction", + "objectql", + "objectui", + "objectos", + "developers", + "references" ] -} \ No newline at end of file +} diff --git a/content/docs/objectos/config-resolution.mdx b/content/docs/objectos/config-resolution.mdx new file mode 100644 index 000000000..0d0578287 --- /dev/null +++ b/content/docs/objectos/config-resolution.mdx @@ -0,0 +1,878 @@ +--- +title: Configuration Resolution +description: Hierarchical config merging, precedence rules, environment overrides, and tenant isolation +--- + +import { Settings, Layers, Lock, Users, FileCode, Shield } from 'lucide-react'; + +# Configuration Resolution + +ObjectOS uses a **hierarchical configuration system** that merges settings from multiple sources with clear **precedence rules**. This enables environment-specific overrides, tenant isolation, and user preferences—all from a single unified API. + +## The Configuration Problem + +Traditional applications struggle with configuration management: + +```javascript +// Where does apiKey come from? 🤷 +const apiKey = + process.env.API_KEY || // Environment variable? + config.stripe.apiKey || // Config file? + tenantSettings.apiKey || // Database? + userPrefs.apiKey || // User override? + 'fallback-key'; // Hardcoded default? + +// Which value wins if multiple sources define it? +// How do you handle tenant-specific overrides? +// How do you validate that the value is correct? +``` + +**Result:** Configuration chaos. Developers spend hours debugging "works on my machine" issues caused by conflicting config sources. + +## Configuration Sources + +ObjectOS defines **six configuration sources** with strict precedence: + +``` +┌─────────────────────────────────────────────────────────────┐ +│ 1. RUNTIME │ +│ Programmatic overrides (context.config.set()) │ +│ Highest priority, temporary │ +└─────────────────────────────────────────────────────────────┘ + ↓ overrides +┌─────────────────────────────────────────────────────────────┐ +│ 2. USER PREFERENCES │ +│ Per-user settings (language, theme, etc.) │ +│ Stored in database, user-specific │ +└─────────────────────────────────────────────────────────────┘ + ↓ overrides +┌─────────────────────────────────────────────────────────────┐ +│ 3. TENANT │ +│ Multi-tenant overrides (per-customer config) │ +│ Stored in database, tenant-scoped │ +└─────────────────────────────────────────────────────────────┘ + ↓ overrides +┌─────────────────────────────────────────────────────────────┐ +│ 4. ENVIRONMENT │ +│ Environment variables (OS_*, NODE_ENV, etc.) │ +│ Set by deployment platform (Kubernetes, Docker) │ +└─────────────────────────────────────────────────────────────┘ + ↓ overrides +┌─────────────────────────────────────────────────────────────┐ +│ 5. FILE │ +│ Configuration files (objectstack.config.yml) │ +│ Checked into Git, environment-specific │ +└─────────────────────────────────────────────────────────────┘ + ↓ overrides +┌─────────────────────────────────────────────────────────────┐ +│ 6. PLUGIN DEFAULTS │ +│ Default values from plugin manifests │ +│ Lowest priority, fallback values │ +└─────────────────────────────────────────────────────────────┘ +``` + +**Precedence Rule:** Higher source **always wins** when same key is defined. + +## Configuration API + +### Reading Configuration + +```typescript +// Access configuration via context +const config = context.config; + +// Get single value +const apiKey = config.get('stripe.apiKey'); +// Returns: Value from highest-priority source that defines 'stripe.apiKey' + +// Get with default +const timeout = config.get('http.timeout', 30_000); +// Returns: 30000 if 'http.timeout' not defined in any source + +// Get typed value (with Zod schema) +const stripeConfig = config.get('stripe', stripeConfigSchema); +// Returns: Validated and typed value +// Throws: ZodError if value doesn't match schema + +// Get required value (throw if missing) +const requiredKey = config.require('stripe.apiKey'); +// Throws: ConfigError if 'stripe.apiKey' not defined in any source + +// Get all config for namespace +const allStripeConfig = config.getNamespace('stripe'); +// Returns: { apiKey: '...', webhookSecret: '...', ... } + +// Check if key exists +if (config.has('stripe.apiKey')) { + // Key is defined in at least one source +} +``` + +### Writing Configuration + +```typescript +// Set runtime value (highest priority, temporary) +config.set('feature.newUI', true); + +// Set user preference (persisted to database) +await config.setUserPreference('theme', 'dark'); + +// Set tenant config (multi-tenant SaaS) +await config.setTenant('stripe.apiKey', 'sk_test_tenant123'); + +// Batch set +config.merge({ + 'stripe.apiKey': 'sk_test_...', + 'stripe.webhookSecret': 'whsec_...', +}); +``` + +## Source Details + +### 1. Runtime (Programmatic) + +**Use Case:** Temporary overrides for testing, feature flags toggled at runtime. + +```typescript +// Example: Enable feature for A/B test +context.config.set('feature.newCheckout', true); + +// Config is ephemeral (not persisted) +// Lost on server restart +``` + +**Storage:** In-memory Map (per-request context) + +### 2. User Preferences + +**Use Case:** Per-user settings (language, timezone, UI theme). + +```typescript +// User changes language preference +await context.config.setUserPreference('locale', 'de'); + +// Next request from this user +const locale = context.config.get('locale'); +// Returns: 'de' (from user preferences) +``` + +**Storage:** Database table + +```sql +CREATE TABLE objectstack_user_preferences ( + user_id UUID NOT NULL, + key TEXT NOT NULL, + value JSONB NOT NULL, + updated_at TIMESTAMP NOT NULL, + PRIMARY KEY (user_id, key) +); +``` + +### 3. Tenant (Multi-Tenant) + +**Use Case:** Customer-specific configuration in multi-tenant SaaS. + +```typescript +// Tenant "acme-corp" has custom Stripe key +await context.config.setTenant('stripe.apiKey', 'sk_live_acme...', { + tenantId: 'acme-corp', +}); + +// Request from Acme Corp user +const apiKey = context.config.get('stripe.apiKey'); +// Returns: 'sk_live_acme...' (tenant-specific) + +// Request from different tenant +// Returns: Default Stripe key (from lower-priority source) +``` + +**Storage:** Database table + +```sql +CREATE TABLE objectstack_tenant_config ( + tenant_id UUID NOT NULL, + key TEXT NOT NULL, + value JSONB NOT NULL, + updated_at TIMESTAMP NOT NULL, + PRIMARY KEY (tenant_id, key) +); +``` + +**Isolation:** Tenant config is **automatically scoped** to current tenant in request context. + +### 4. Environment Variables + +**Use Case:** Deployment-specific config (API keys, database URLs, feature flags). + +```bash +# .env.production +OS_STRIPE_API_KEY=sk_live_... +OS_DATABASE_URL=postgresql://prod-db:5432/objectstack +OS_FEATURE_NEW_UI=true +NODE_ENV=production +``` + +**Naming Convention:** +- Prefix with `OS_` for ObjectOS config +- Use `__` for nested keys: `OS_STRIPE__API_KEY` → `stripe.apiKey` +- Use `_` for snake_case: `OS_DATABASE_URL` → `databaseUrl` + +```typescript +// Environment variables are auto-loaded at boot +const apiKey = config.get('stripe.apiKey'); +// Reads from: process.env.OS_STRIPE_API_KEY + +const dbUrl = config.get('databaseUrl'); +// Reads from: process.env.OS_DATABASE_URL +``` + +**Type Coercion:** +```bash +OS_HTTP_TIMEOUT=30000 # → number: 30000 +OS_FEATURE_NEW_UI=true # → boolean: true +OS_ALLOWED_ORIGINS=a,b,c # → array: ['a', 'b', 'c'] +``` + +### 5. Configuration Files + +**Use Case:** Environment-specific defaults checked into Git. + +#### File Locations + +ObjectOS loads config files in this order: + +``` +1. objectstack.config.ts (TypeScript, recommended) +2. objectstack.config.js (JavaScript) +3. objectstack.config.yml (YAML) +4. objectstack.config.json (JSON) + +5. objectstack.config.{env}.ts (Environment-specific) + - objectstack.config.production.ts + - objectstack.config.staging.ts + - objectstack.config.development.ts +``` + +#### TypeScript Config (Recommended) + +```typescript +// objectstack.config.ts +import { defineConfig } from '@objectstack/core'; + +export default defineConfig({ + // Database + database: { + url: 'postgresql://localhost:5432/objectstack', + pool: { + min: 2, + max: 10, + }, + }, + + // Plugins + plugins: { + enabled: [ + '@objectstack/core', + '@mycompany/crm', + ], + }, + + // HTTP server + http: { + port: 3000, + cors: { + origins: ['http://localhost:3000'], + }, + }, + + // Feature flags + features: { + newUI: false, + aiAssistant: true, + }, + + // Plugin-specific config + stripe: { + apiKey: process.env.STRIPE_API_KEY, + webhookSecret: process.env.STRIPE_WEBHOOK_SECRET, + }, +}); +``` + +#### Environment-Specific Config + +```typescript +// objectstack.config.production.ts +import { defineConfig } from '@objectstack/core'; + +export default defineConfig({ + database: { + url: process.env.DATABASE_URL, + pool: { + min: 10, + max: 50, + }, + }, + + http: { + port: process.env.PORT || 8080, + cors: { + origins: ['https://app.mycompany.com'], + }, + }, + + features: { + newUI: true, // Enabled in production + }, +}); +``` + +**File Selection:** Based on `NODE_ENV`: +```bash +NODE_ENV=production → loads objectstack.config.production.ts +NODE_ENV=staging → loads objectstack.config.staging.ts +NODE_ENV=development → loads objectstack.config.development.ts +``` + +#### YAML Config (Alternative) + +```yaml +# objectstack.config.yml +database: + url: postgresql://localhost:5432/objectstack + pool: + min: 2 + max: 10 + +plugins: + enabled: + - '@objectstack/core' + - '@mycompany/crm' + +http: + port: 3000 + cors: + origins: + - http://localhost:3000 + +features: + newUI: false + aiAssistant: true +``` + +### 6. Plugin Defaults + +**Use Case:** Default values defined by plugin authors. + +```typescript +// @mycompany/crm plugin manifest +export default definePlugin({ + name: '@mycompany/crm', + + config: { + defaults: { + maxAccountsPerUser: 1000, + enableScoring: true, + syncInterval: 'daily', + }, + }, +}); + +// In application code (no config set) +const maxAccounts = config.get('crm.maxAccountsPerUser'); +// Returns: 1000 (from plugin defaults) +``` + +**Storage:** In-memory (loaded from plugin manifest at boot) + +## Merge Strategies + +When multiple sources define the same key, ObjectOS uses **deep merge** for objects and **replace** for primitives. + +### Replace (Primitives) + +```typescript +// Plugin defaults +{ stripe: { apiKey: 'sk_test_default' } } + +// File config +{ stripe: { apiKey: 'sk_test_file' } } + +// Environment variable +OS_STRIPE__API_KEY=sk_test_env + +// Result +config.get('stripe.apiKey') +// Returns: 'sk_test_env' (highest priority source) +``` + +### Deep Merge (Objects) + +```typescript +// Plugin defaults +{ + http: { + port: 3000, + timeout: 30000, + cors: { + origins: ['*'], + credentials: false, + }, + }, +} + +// File config +{ + http: { + port: 8080, + cors: { + origins: ['https://app.example.com'], + }, + }, +} + +// Result (deep merge) +config.get('http') +// Returns: +{ + port: 8080, // From file (overrides default) + timeout: 30000, // From defaults (not overridden) + cors: { + origins: ['https://app.example.com'], // From file + credentials: false, // From defaults (not overridden) + }, +} +``` + +### Array Merge (Replace, Not Concat) + +Arrays are **replaced**, not concatenated: + +```typescript +// Defaults +{ plugins: { enabled: ['@objectstack/core', '@mycompany/base'] } } + +// File config +{ plugins: { enabled: ['@objectstack/core', '@mycompany/crm'] } } + +// Result +config.get('plugins.enabled') +// Returns: ['@objectstack/core', '@mycompany/crm'] +// (File config replaces defaults, does NOT concat) +``` + +## Tenant Isolation + +In multi-tenant SaaS, each tenant can have **isolated configuration**. + +### Automatic Scoping + +```typescript +// Request from Tenant A +context.tenantId = 'tenant-a'; +const apiKey = context.config.get('stripe.apiKey'); +// Checks: tenant-a config → env → file → defaults + +// Request from Tenant B +context.tenantId = 'tenant-b'; +const apiKey = context.config.get('stripe.apiKey'); +// Checks: tenant-b config → env → file → defaults +``` + +### Setting Tenant Config + +```typescript +// Admin API: Set tenant-specific config +await admin.setTenantConfig('tenant-a', { + 'stripe.apiKey': 'sk_live_tenantA...', + 'features.newUI': true, +}); + +await admin.setTenantConfig('tenant-b', { + 'stripe.apiKey': 'sk_live_tenantB...', + 'features.newUI': false, +}); +``` + +### Tenant Config UI + +```typescript +// ObjectUI admin panel for tenant config +export default defineView({ + name: 'tenant_config', + type: 'form', + + fields: [ + { + name: 'stripe.apiKey', + label: 'Stripe API Key', + type: 'text', + secret: true, + }, + { + name: 'features.newUI', + label: 'Enable New UI', + type: 'boolean', + }, + ], + + onSave: async ({ values, context }) => { + await context.config.setTenant(values, { + tenantId: context.tenantId, + }); + }, +}); +``` + +## Secrets Management + +Sensitive configuration (API keys, passwords) requires special handling. + +### Marking Secrets + +```typescript +// Plugin config schema +export const configSchema = z.object({ + apiKey: z.string() + .describe('Stripe API Key') + .meta({ secret: true }), // ← Mark as secret + + webhookSecret: z.string() + .describe('Webhook Secret') + .meta({ secret: true }), +}); +``` + +### Secret Storage + +**Secrets are encrypted at rest** using AES-256-GCM: + +```sql +CREATE TABLE objectstack_secrets ( + key TEXT PRIMARY KEY, + encrypted_value BYTEA NOT NULL, + encryption_key_id UUID NOT NULL, + created_at TIMESTAMP NOT NULL +); +``` + +### Secret Access + +```typescript +// Secrets are automatically decrypted when accessed +const apiKey = config.get('stripe.apiKey'); +// ObjectOS decrypts value transparently + +// Secrets are redacted in logs +logger.info('Config loaded', { config: config.getAll() }); +// Output: { stripe: { apiKey: '[REDACTED]', ... } } +``` + +### External Secret Stores + +ObjectOS integrates with external secret managers: + +```typescript +// objectstack.config.ts +export default defineConfig({ + secrets: { + provider: 'aws-secrets-manager', + + // Map config keys to secret ARNs + mappings: { + 'stripe.apiKey': 'arn:aws:secretsmanager:us-east-1:123:secret:stripe-key', + 'database.password': 'arn:aws:secretsmanager:us-east-1:123:secret:db-pass', + }, + }, +}); + +// Access works the same +const apiKey = config.get('stripe.apiKey'); +// ObjectOS fetches from AWS Secrets Manager transparently +``` + +**Supported Providers:** +- AWS Secrets Manager +- Google Cloud Secret Manager +- Azure Key Vault +- HashiCorp Vault +- Environment variables (fallback) + +## Configuration Validation + +ObjectOS validates configuration against **Zod schemas** at boot. + +### Schema Definition + +```typescript +// Plugin defines config schema +export const configSchema = z.object({ + maxAccountsPerUser: z.number() + .min(1) + .max(10000) + .default(1000), + + enableScoring: z.boolean() + .default(true), + + syncInterval: z.enum(['hourly', 'daily', 'weekly']) + .default('daily'), + + apiKey: z.string() + .min(1) + .describe('API Key is required') + .meta({ secret: true }), +}); +``` + +### Boot-Time Validation + +```typescript +// ObjectOS validates config during boot +export async function onBoot({ context }) { + // Get and validate config + const config = context.config.get('crm', configSchema); + // If config is invalid, ObjectOS throws ZodError with details +} +``` + +### Validation Error Example + +``` +ConfigValidationError: Invalid configuration for plugin @mycompany/crm + +Errors: + - crm.apiKey: Required + - crm.maxAccountsPerUser: Expected number, received string + - crm.syncInterval: Invalid enum value. Expected 'hourly' | 'daily' | 'weekly', received 'monthly' + +Fix these errors in: + 1. Environment variable: OS_CRM__API_KEY + 2. Config file: objectstack.config.ts + 3. Plugin defaults: @mycompany/crm/plugin.manifest.ts +``` + +## Configuration Inspection + +### CLI Commands + +```bash +# Show all configuration (merged result) +objectstack config show + +# Show config for specific namespace +objectstack config show stripe + +# Show which source provides each value +objectstack config sources + +# Validate configuration +objectstack config validate + +# Export configuration (for backup) +objectstack config export > backup.json + +# Import configuration +objectstack config import backup.json +``` + +### Programmatic Inspection + +```typescript +// Get config with source attribution +const configWithSources = config.inspect('stripe.apiKey'); +// Returns: +{ + value: 'sk_live_...', + source: 'environment', // Which source provided the value + sources: { + runtime: undefined, + user: undefined, + tenant: undefined, + environment: 'sk_live_...', + file: 'sk_test_...', + defaults: 'sk_test_default', + }, +} + +// List all config keys +const allKeys = config.keys(); +// Returns: ['stripe.apiKey', 'stripe.webhookSecret', ...] + +// Get config schema +const schema = config.getSchema('stripe'); +// Returns: Zod schema for 'stripe' namespace +``` + +## Real-World Examples + +### Example 1: Feature Flags + +```typescript +// Plugin defaults (features disabled by default) +{ + features: { + newUI: false, + aiAssistant: false, + }, +} + +// File config (enable in staging) +// objectstack.config.staging.ts +{ + features: { + newUI: true, // Test in staging + }, +} + +// Tenant override (enable for specific customer) +await admin.setTenantConfig('beta-customer', { + 'features.aiAssistant': true, +}); + +// User preference (user opts into beta) +await context.config.setUserPreference('features.newUI', true); + +// In application code +if (config.get('features.newUI')) { + return ; +} +``` + +### Example 2: Multi-Region Deployment + +```typescript +// Base config (shared) +// objectstack.config.ts +{ + database: { + pool: { min: 2, max: 10 }, + }, +} + +// US region +// objectstack.config.us.ts +{ + database: { + url: process.env.DATABASE_URL_US, + }, + stripe: { + apiKey: process.env.STRIPE_KEY_US, + }, +} + +// EU region +// objectstack.config.eu.ts +{ + database: { + url: process.env.DATABASE_URL_EU, + }, + stripe: { + apiKey: process.env.STRIPE_KEY_EU, + }, +} + +// Deploy with region-specific config +NODE_ENV=us node server.js # Loads objectstack.config.us.ts +NODE_ENV=eu node server.js # Loads objectstack.config.eu.ts +``` + +### Example 3: Development Overrides + +```typescript +// Production config +{ + stripe: { + apiKey: process.env.STRIPE_API_KEY, // Live key + }, + email: { + provider: 'sendgrid', + fromAddress: 'noreply@company.com', + }, +} + +// Development override +// objectstack.config.development.ts +{ + stripe: { + apiKey: 'sk_test_...', // Test key + }, + email: { + provider: 'console', // Log emails instead of sending + }, +} + +// Developer can further override with .env.local +OS_EMAIL__PROVIDER=mailhog # Use local Mailhog for testing +``` + +## Best Practices + +### 1. Never Hardcode Secrets +```typescript +// ✗ BAD: Hardcoded API key +const apiKey = 'sk_live_abc123'; + +// ✓ GOOD: Load from config +const apiKey = config.require('stripe.apiKey'); +``` + +### 2. Use Environment-Specific Files +```typescript +// ✓ GOOD: Separate configs for each environment +objectstack.config.production.ts # Production settings +objectstack.config.staging.ts # Staging settings +objectstack.config.development.ts # Development settings +``` + +### 3. Validate Early +```typescript +// ✓ GOOD: Validate during boot, not at runtime +export async function onBoot({ context }) { + const config = context.config.get('myPlugin', myConfigSchema); + // Throws clear error if invalid +} + +// ✗ BAD: Validate on first use (fails in production) +export async function someHandler({ context }) { + const config = context.config.get('myPlugin', myConfigSchema); + // Error only occurs when handler is called! +} +``` + +### 4. Provide Sensible Defaults +```typescript +// ✓ GOOD: Plugin works out-of-box with defaults +export default definePlugin({ + config: { + defaults: { + maxRetries: 3, + timeout: 30000, + }, + }, +}); +``` + +### 5. Document Configuration +```typescript +// ✓ GOOD: Use Zod descriptions +export const configSchema = z.object({ + apiKey: z.string() + .describe('API key from Stripe Dashboard > Developers > API Keys'), + + webhookSecret: z.string() + .describe('Webhook signing secret for verifying webhook payloads'), +}); +``` + +## Summary + +ObjectOS configuration resolution: +- **Six sources** with clear precedence (runtime > user > tenant > environment > file > defaults) +- **Deep merge** for objects, **replace** for primitives +- **Tenant isolation** for multi-tenant SaaS +- **Secret encryption** with external secret store integration +- **Boot-time validation** using Zod schemas +- **Inspection tools** for debugging config issues + +**Next:** Learn about internationalization in [i18n Standard](/docs/protocols/objectos/i18n-standard). diff --git a/content/docs/objectos/i18n-standard.mdx b/content/docs/objectos/i18n-standard.mdx new file mode 100644 index 000000000..072f72057 --- /dev/null +++ b/content/docs/objectos/i18n-standard.mdx @@ -0,0 +1,841 @@ +--- +title: Internationalization Standard +description: Translation bundles, locale resolution, pluralization, date/number formatting, and dynamic loading +--- + +import { Globe, Languages, Calendar, Hash, FileText, MapPin } from 'lucide-react'; + +# Internationalization (i18n) Standard + +ObjectOS provides **built-in internationalization** that enables applications to support multiple languages, locales, and regional formats without external libraries or complex configuration. + +## The i18n Problem + +Traditional i18n implementations require integrating multiple libraries: + +```javascript +// Typical i18n setup requires 3+ libraries +import i18next from 'i18next'; // Translation engine +import { formatNumber } from 'numeral'; // Number formatting +import { formatDate } from 'date-fns'; // Date formatting +import pluralize from 'pluralize'; // Pluralization + +// Each library has different APIs, config, and quirks +i18next.t('messages.welcome', { name: 'John' }); +formatNumber(1234.56, '0,0.00'); +formatDate(new Date(), 'PP'); +pluralize('item', 5); +``` + +**Result:** 500KB+ of dependencies, inconsistent APIs, and hours of configuration. + +## ObjectOS i18n Solution + +ObjectOS provides a **unified i18n API** with batteries included: + +```typescript +// Single API for all i18n needs +const { t, formatNumber, formatDate, plural } = context.i18n; + +t('messages.welcome', { name: 'John' }); // Translation +formatNumber(1234.56); // Locale-aware number formatting +formatDate(new Date(), 'medium'); // Locale-aware date formatting +plural('item', 5); // Pluralization +``` + +**Benefits:** +- ✅ Zero external dependencies +- ✅ Consistent API across all i18n operations +- ✅ Automatic locale detection +- ✅ Plugin-based translation bundles +- ✅ Less than 50KB total footprint + +## Locale Resolution + +ObjectOS automatically determines the user's locale using a **fallback chain**: + +``` +┌─────────────────────────────────────────────────────────────┐ +│ 1. USER PREFERENCE │ +│ Explicit user setting (saved in database) │ +│ Example: User selects "Deutsch" in profile settings │ +└─────────────────────────────────────────────────────────────┘ + ↓ fallback +┌─────────────────────────────────────────────────────────────┐ +│ 2. TENANT DEFAULT │ +│ Organization-wide locale setting │ +│ Example: German company sets 'de' as tenant default │ +└─────────────────────────────────────────────────────────────┘ + ↓ fallback +┌─────────────────────────────────────────────────────────────┐ +│ 3. ACCEPT-LANGUAGE HEADER │ +│ Browser sends preferred languages │ +│ Example: 'de-AT, de;q=0.9, en;q=0.8' │ +└─────────────────────────────────────────────────────────────┘ + ↓ fallback +┌─────────────────────────────────────────────────────────────┐ +│ 4. IP GEOLOCATION │ +│ Detect country from IP address │ +│ Example: IP from Austria → 'de-AT' │ +└─────────────────────────────────────────────────────────────┘ + ↓ fallback +┌─────────────────────────────────────────────────────────────┐ +│ 5. SYSTEM DEFAULT │ +│ Configured in objectstack.config.ts │ +│ Example: 'en' for US-based companies │ +└─────────────────────────────────────────────────────────────┘ +``` + +### Locale Format + +Locales follow **BCP 47** standard: `language-REGION` + +Examples: +- `en` — English (generic) +- `en-US` — English (United States) +- `en-GB` — English (United Kingdom) +- `de` — German (generic) +- `de-DE` — German (Germany) +- `de-AT` — German (Austria) +- `zh-CN` — Chinese (Simplified, China) +- `zh-TW` — Chinese (Traditional, Taiwan) + +### Locale Fallback + +If exact locale not found, ObjectOS falls back to **language-only** locale: + +``` +User requests: de-AT (German, Austria) + ↓ +Check for translation: de-AT ✗ (not found) + ↓ +Fallback to: de ✓ (found) + ↓ +Use: de (German generic) +``` + +If language not found, fall back to **system default**: + +``` +User requests: pt-BR (Portuguese, Brazil) + ↓ +Check for translation: pt-BR ✗ (not found) + ↓ +Fallback to: pt ✗ (not found) + ↓ +Fallback to: en (system default) ✓ +``` + +## Translation Bundles + +Translations are stored in **JSON files** organized by locale and namespace. + +### Directory Structure + +``` +my-plugin/ + i18n/ + en/ + common.json # Common translations + account.json # Account object translations + errors.json # Error messages + de/ + common.json + account.json + errors.json + es/ + common.json + account.json + errors.json +``` + +### Translation File Format + +```json +// i18n/en/account.json +{ + // Simple strings + "account": "Account", + "accounts": "Accounts", + + // Nested keys + "fields": { + "name": "Account Name", + "industry": "Industry", + "revenue": "Annual Revenue" + }, + + // Interpolation + "welcome": "Welcome, {{name}}!", + "accountCount": "You have {{count}} accounts", + + // Pluralization + "itemCount": "{{count}} item", + "itemCount_plural": "{{count}} items", + + // Context-specific + "delete": "Delete", + "delete_confirm": "Are you sure you want to delete {{name}}?", + + // Rich formatting + "lastUpdated": "Last updated {{date, datetime}}", + "totalValue": "Total: {{amount, currency}}", + + // Arrays (for select options, etc.) + "industries": [ + { "value": "technology", "label": "Technology" }, + { "value": "finance", "label": "Finance" }, + { "value": "healthcare", "label": "Healthcare" } + ] +} +``` + +```json +// i18n/de/account.json +{ + "account": "Konto", + "accounts": "Konten", + + "fields": { + "name": "Kontoname", + "industry": "Branche", + "revenue": "Jahresumsatz" + }, + + "welcome": "Willkommen, {{name}}!", + "accountCount": "Sie haben {{count}} Konten", + + "itemCount": "{{count}} Artikel", + "itemCount_plural": "{{count}} Artikel", + + "delete": "Löschen", + "delete_confirm": "Möchten Sie {{name}} wirklich löschen?", + + "lastUpdated": "Zuletzt aktualisiert am {{date, datetime}}", + "totalValue": "Gesamt: {{amount, currency}}", + + "industries": [ + { "value": "technology", "label": "Technologie" }, + { "value": "finance", "label": "Finanzen" }, + { "value": "healthcare", "label": "Gesundheitswesen" } + ] +} +``` + +## Translation API + +### Basic Translation + +```typescript +// Get translation for current locale +const message = context.i18n.t('account.welcome', { name: 'John' }); +// en: "Welcome, John!" +// de: "Willkommen, John!" + +// Get translation with namespace +const fieldLabel = context.i18n.t('account.fields.name'); +// en: "Account Name" +// de: "Kontoname" + +// Provide default if translation missing +const label = context.i18n.t('account.fields.unknown', { + defaultValue: 'Unknown Field', +}); +``` + +### Pluralization + +```typescript +// Automatic plural handling +const message = context.i18n.t('account.itemCount', { count: 1 }); +// en: "1 item" + +const message = context.i18n.t('account.itemCount', { count: 5 }); +// en: "5 items" +// de: "5 Artikel" +``` + +**Plural Forms:** +- English: `key`, `key_plural` +- Other languages may have more forms (e.g., Polish has 5) + +ObjectOS uses **Unicode CLDR plural rules** to select correct form. + +### Context-Based Translation + +```typescript +// Different translations based on context +const deleteButton = context.i18n.t('account.delete'); +// "Delete" + +const deleteConfirmation = context.i18n.t('account.delete_confirm', { + name: 'Acme Corp', +}); +// "Are you sure you want to delete Acme Corp?" +``` + +### Fallback Translation + +```typescript +// Try multiple keys, use first found +const message = context.i18n.t([ + 'account.customMessage', // Try custom first + 'common.defaultMessage', // Fallback to common +], { defaultValue: 'No translation found' }); +``` + +## Date and Time Formatting + +ObjectOS provides **locale-aware date/time formatting** using Unicode CLDR data. + +### Date Formatting + +```typescript +const date = new Date('2024-01-15T14:30:00Z'); + +// Predefined formats +context.i18n.formatDate(date, 'short'); +// en-US: "1/15/24" +// en-GB: "15/01/24" +// de-DE: "15.01.24" + +context.i18n.formatDate(date, 'medium'); +// en-US: "Jan 15, 2024" +// de-DE: "15. Jan. 2024" + +context.i18n.formatDate(date, 'long'); +// en-US: "January 15, 2024" +// de-DE: "15. Januar 2024" + +context.i18n.formatDate(date, 'full'); +// en-US: "Monday, January 15, 2024" +// de-DE: "Montag, 15. Januar 2024" + +// Custom format (ICU pattern) +context.i18n.formatDate(date, { pattern: 'yyyy-MM-dd' }); +// "2024-01-15" (same across locales) +``` + +### Time Formatting + +```typescript +const time = new Date('2024-01-15T14:30:00Z'); + +context.i18n.formatTime(time, 'short'); +// en-US: "2:30 PM" +// de-DE: "14:30" + +context.i18n.formatTime(time, 'medium'); +// en-US: "2:30:00 PM" +// de-DE: "14:30:00" + +context.i18n.formatTime(time, 'long'); +// en-US: "2:30:00 PM GMT" +// de-DE: "14:30:00 GMT" +``` + +### DateTime Formatting + +```typescript +const dateTime = new Date('2024-01-15T14:30:00Z'); + +context.i18n.formatDateTime(dateTime, 'short'); +// en-US: "1/15/24, 2:30 PM" +// de-DE: "15.01.24, 14:30" + +context.i18n.formatDateTime(dateTime, 'medium'); +// en-US: "Jan 15, 2024, 2:30:00 PM" +// de-DE: "15. Jan. 2024, 14:30:00" +``` + +### Relative Time + +```typescript +const pastDate = new Date(Date.now() - 3600000); // 1 hour ago + +context.i18n.formatRelativeTime(pastDate); +// en: "1 hour ago" +// de: "vor 1 Stunde" + +const futureDate = new Date(Date.now() + 86400000); // 1 day from now + +context.i18n.formatRelativeTime(futureDate); +// en: "in 1 day" +// de: "in 1 Tag" +``` + +### Timezone Handling + +```typescript +// Format in specific timezone +context.i18n.formatDateTime(date, 'medium', { + timeZone: 'America/New_York', +}); +// "Jan 15, 2024, 9:30:00 AM" + +// Format in user's timezone (from context) +context.i18n.formatDateTime(date, 'medium', { + timeZone: context.user.timezone, // e.g., 'Europe/Berlin' +}); +``` + +## Number Formatting + +ObjectOS provides **locale-aware number formatting** for decimals, currency, and percentages. + +### Decimal Numbers + +```typescript +const number = 1234567.89; + +context.i18n.formatNumber(number); +// en-US: "1,234,567.89" +// de-DE: "1.234.567,89" +// fr-FR: "1 234 567,89" + +// Control decimal places +context.i18n.formatNumber(number, { + minimumFractionDigits: 2, + maximumFractionDigits: 2, +}); +// en-US: "1,234,567.89" +``` + +### Currency + +```typescript +const amount = 1234.56; + +context.i18n.formatCurrency(amount, 'USD'); +// en-US: "$1,234.56" +// de-DE: "1.234,56 $" +// ja-JP: "$1,234.56" + +context.i18n.formatCurrency(amount, 'EUR'); +// en-US: "€1,234.56" +// de-DE: "1.234,56 €" +// fr-FR: "1 234,56 €" + +// Control symbol display +context.i18n.formatCurrency(amount, 'USD', { + currencyDisplay: 'code', +}); +// "USD 1,234.56" + +context.i18n.formatCurrency(amount, 'USD', { + currencyDisplay: 'name', +}); +// "1,234.56 US dollars" +``` + +### Percentages + +```typescript +const percent = 0.1234; + +context.i18n.formatPercent(percent); +// en-US: "12.34%" +// de-DE: "12,34 %" + +// Control decimal places +context.i18n.formatPercent(percent, { + minimumFractionDigits: 0, + maximumFractionDigits: 0, +}); +// en-US: "12%" +``` + +### Compact Notation + +```typescript +const bigNumber = 1234567; + +context.i18n.formatNumber(bigNumber, { + notation: 'compact', +}); +// en-US: "1.2M" +// de-DE: "1,2 Mio." + +const smallNumber = 1234; + +context.i18n.formatNumber(smallNumber, { + notation: 'compact', + compactDisplay: 'short', +}); +// en-US: "1.2K" +``` + +## Plugin Integration + +Plugins register translation bundles in their manifest: + +```typescript +// plugin.manifest.ts +export default definePlugin({ + name: '@mycompany/crm', + + metadata: { + // Translation files + translations: [ + 'i18n/**/*.json', + ], + }, +}); +``` + +### Translation File Registration + +``` +@mycompany/crm/ + i18n/ + en/ + account.json → Namespace: crm.account + contact.json → Namespace: crm.contact + de/ + account.json + contact.json +``` + +**Namespace Convention:** `{pluginName}.{filename}` + +### Using Plugin Translations + +```typescript +// In plugin code +const label = context.i18n.t('crm.account.fields.name'); +// en: "Account Name" +// de: "Kontoname" + +// In other plugins (cross-plugin translation access) +const label = context.i18n.t('crm.account.welcome'); +// Works if @mycompany/crm plugin is installed +``` + +## ObjectQL Integration + +ObjectQL objects and fields can be **automatically translated**: + +```typescript +// Object definition +export default defineObject({ + name: 'account', + label: 'account.label', // Translation key + pluralLabel: 'account.pluralLabel', + + fields: { + name: { + type: 'text', + label: 'account.fields.name', // Translation key + }, + industry: { + type: 'select', + label: 'account.fields.industry', + options: 'account.industries', // Translation key for array + }, + }, +}); +``` + +```json +// i18n/en/account.json +{ + "label": "Account", + "pluralLabel": "Accounts", + "fields": { + "name": "Account Name", + "industry": "Industry" + }, + "industries": [ + { "value": "technology", "label": "Technology" }, + { "value": "finance", "label": "Finance" } + ] +} +``` + +**ObjectQL automatically resolves translations** when rendering: + +```typescript +// Get object metadata with translations +const objectMeta = await ObjectQL.getMetadata('account', { + locale: context.locale, +}); + +console.log(objectMeta.label); +// en: "Account" +// de: "Konto" + +console.log(objectMeta.fields.name.label); +// en: "Account Name" +// de: "Kontoname" +``` + +## ObjectUI Integration + +ObjectUI automatically translates labels, placeholders, and error messages: + +```typescript +// View definition +export default defineView({ + name: 'account_list', + object: 'account', + type: 'list', + + layout: { + title: 'account.list.title', // Translation key + columns: [ + { + field: 'name', + // Label auto-translated from ObjectQL field definition + }, + ], + actions: [ + { + type: 'create', + label: 'account.actions.create', // Translation key + }, + ], + }, +}); +``` + +```json +// i18n/en/account.json +{ + "list": { + "title": "Accounts" + }, + "actions": { + "create": "New Account" + } +} +``` + +```json +// i18n/de/account.json +{ + "list": { + "title": "Konten" + }, + "actions": { + "create": "Neues Konto" + } +} +``` + +## Dynamic Locale Switching + +Users can change locale **without reloading** the page: + +### Server-Side + +```typescript +// Update user locale preference +await context.i18n.setUserLocale('de'); + +// Next request automatically uses new locale +const message = context.i18n.t('welcome'); +// "Willkommen!" (German) +``` + +### Client-Side (ObjectUI) + +```typescript +// ObjectUI locale switcher component +export default defineAction({ + name: 'switch_locale', + type: 'custom', + + handler: async ({ context, value }) => { + // Update user preference + await context.i18n.setUserLocale(value); + + // Reload UI with new locale + await context.ui.reload(); + }, +}); +``` + +## Translation Management + +### CLI Tools + +```bash +# Extract translation keys from code +objectstack i18n extract --output i18n/keys.json + +# Validate translations (check for missing keys) +objectstack i18n validate + +# Merge translations (combine multiple files) +objectstack i18n merge --input i18n/en/*.json --output i18n/en.json + +# Export translations (for translators) +objectstack i18n export --format xlsx --output translations.xlsx + +# Import translations +objectstack i18n import translations.xlsx +``` + +### Translation Coverage + +```bash +# Check translation coverage +objectstack i18n coverage + +Output: + en: 100% (450/450 keys) + de: 95% (428/450 keys) - Missing: 22 keys + es: 80% (360/450 keys) - Missing: 90 keys + + Missing keys in de: + - account.fields.new_field + - account.actions.bulk_delete + ... +``` + +### Translation Service Integration + +ObjectOS integrates with professional translation services: + +```typescript +// objectstack.config.ts +export default defineConfig({ + i18n: { + translationService: { + provider: 'google-translate', + apiKey: process.env.GOOGLE_TRANSLATE_API_KEY, + + // Auto-translate missing keys + autoTranslate: true, + + // Target languages + languages: ['de', 'es', 'fr', 'ja', 'zh-CN'], + }, + }, +}); +``` + +**Supported Services:** +- Google Cloud Translation +- AWS Translate +- DeepL +- Microsoft Translator + +## Best Practices + +### 1. Use Namespaces for Organization + +```json +// ✓ GOOD: Organized by feature +{ + "account": { "label": "Account" }, + "contact": { "label": "Contact" }, + "opportunity": { "label": "Opportunity" } +} + +// ✗ BAD: Flat structure +{ + "accountLabel": "Account", + "contactLabel": "Contact", + "opportunityLabel": "Opportunity" +} +``` + +### 2. Provide Context in Keys + +```json +// ✓ GOOD: Context clear +{ + "delete_button": "Delete", + "delete_confirm_message": "Are you sure?" +} + +// ✗ BAD: Ambiguous +{ + "delete": "Delete", + "confirm": "Are you sure?" +} +``` + +### 3. Don't Translate Technical Identifiers + +```json +// ✓ GOOD: Labels translated, values not +{ + "industries": [ + { "value": "technology", "label": "Technology" }, + { "value": "finance", "label": "Finance" } + ] +} + +// ✗ BAD: Values translated (breaks code) +{ + "industries": [ + { "value": "technologie", "label": "Technologie" } + ] +} +``` + +### 4. Use ICU MessageFormat for Complex Messages + +```json +{ + "accountStatus": "{count, plural, =0 {No accounts} =1 {One account} other {# accounts}}" +} +``` + +### 5. Test All Locales + +```typescript +// ✓ GOOD: Test with actual locales +describe('Account View', () => { + it('should display in German', async () => { + const context = createContext({ locale: 'de' }); + const view = await renderView('account_list', { context }); + expect(view.title).toBe('Konten'); + }); +}); +``` + +## Configuration + +```typescript +// objectstack.config.ts +export default defineConfig({ + i18n: { + // Default locale + defaultLocale: 'en', + + // Supported locales + supportedLocales: ['en', 'de', 'es', 'fr', 'ja', 'zh-CN'], + + // Fallback chain + fallbackLocale: 'en', + + // Load translations on demand? + lazyLoad: true, + + // Cache translations? + cache: true, + + // Translation service + translationService: { + provider: 'google-translate', + apiKey: process.env.GOOGLE_TRANSLATE_API_KEY, + }, + }, +}); +``` + +## Summary + +ObjectOS i18n provides: +- **Automatic locale resolution** with fallback chain +- **Translation bundles** in JSON format with namespaces +- **Locale-aware formatting** for dates, times, numbers, and currency +- **Plugin integration** for modular translation management +- **ObjectQL/ObjectUI integration** for automatic metadata translation +- **Dynamic locale switching** without page reload +- **Translation management tools** for extraction, validation, and coverage + +**Result:** Build globally-ready applications without wrestling with i18n libraries. Support 50+ languages with less than 100 lines of configuration. diff --git a/content/docs/objectos/index.mdx b/content/docs/objectos/index.mdx new file mode 100644 index 000000000..b5a8ddd09 --- /dev/null +++ b/content/docs/objectos/index.mdx @@ -0,0 +1,530 @@ +--- +title: ObjectOS Overview +description: The runtime orchestration layer - Lifecycle, plugins, configuration, and system services +--- + +import { Server, Cog, Package, Zap, Shield, Globe, Network, Box, Layers } from 'lucide-react'; + +# ObjectOS: The System Protocol + +**ObjectOS** is ObjectStack's runtime orchestration layer that manages the complete lifecycle of the platform. It provides the "operating system" services that coordinate ObjectQL (data) and ObjectUI (interface) into a cohesive application runtime. + +## The Core Problem + +Traditional enterprise platforms tightly couple infrastructure concerns with business logic: + +- **Deployment Hell:** Change one configuration file? Rebuild entire monolith, redeploy all services, pray nothing breaks +- **Plugin Chaos:** Want to add Stripe billing? Write custom integration code, manage dependencies manually, debug version conflicts +- **Configuration Drift:** Dev environment uses JSON files, staging uses environment variables, prod uses database config. Which is the source of truth? +- **Lifecycle Management:** Installing a package requires 47-step runbook: create database tables, run migrations, configure permissions, restart services +- **Multi-Tenancy Nightmare:** Each customer tenant needs isolated configuration, but they all run the same codebase. How do you manage 500 tenant-specific settings? + +**Result:** DevOps teams spend 60% of their time on deployment mechanics instead of building features. Configuration errors cause 80% of production incidents. + +## The ObjectOS Solution + + + } + title="Declarative Lifecycle" + description="Define system state in manifests. ObjectOS ensures runtime matches declaration—no manual runbooks." + /> + } + title="Plugin Isolation" + description="Microkernel architecture: Core runtime <10MB. All features are plugins with dependency management." + /> + } + title="Unified Configuration" + description="Single source of truth: Merge environment vars, config files, tenant settings, user preferences—deterministically." + /> + } + title="Built-in i18n" + description="Multi-language support at the platform level. No library integration, no translation service APIs." + /> + + +## Architecture Overview + +``` +┌──────────────────────────────────────────────────────────────────┐ +│ Application Layer │ +│ ObjectQL (Data) + ObjectUI (Interface) + Business Logic │ +└─────────────────────────┬────────────────────────────────────────┘ + │ +┌─────────────────────────▼────────────────────────────────────────┐ +│ ObjectOS │ +│ ┌────────────────┐ ┌────────────────┐ ┌──────────────────┐ │ +│ │ Lifecycle Mgmt │ │ Plugin Registry │ │ Config Resolver │ │ +│ │ Boot/Install │ │ Dependencies │ │ Merge Strategy │ │ +│ │ Upgrade │ │ Versioning │ │ Multi-tenant │ │ +│ └────────────────┘ └────────────────┘ └──────────────────┘ │ +│ ┌────────────────┐ ┌────────────────┐ ┌──────────────────┐ │ +│ │ i18n Engine │ │ Event Bus │ │ Job Scheduler │ │ +│ │ Translations │ │ Pub/Sub │ │ Cron/Interval │ │ +│ └────────────────┘ └────────────────┘ └──────────────────┘ │ +│ ┌────────────────┐ ┌────────────────┐ ┌──────────────────┐ │ +│ │ Audit Logger │ │ Secret Store │ │ Tenant Isolator │ │ +│ │ Change Track │ │ Encryption │ │ Multi-org │ │ +│ └────────────────┘ └────────────────┘ └──────────────────┘ │ +└───────────────────────────────────────────────────────────────────┘ + │ + ┌─────────┴─────────┐ + ▼ ▼ + ┌──────────────┐ ┌──────────────┐ + │ PostgreSQL │ │ Redis │ + │ (Primary) │ │ (Cache) │ + └──────────────┘ └──────────────┘ +``` + +**Key Insight:** ObjectOS is the **control plane**. ObjectQL and ObjectUI are the **data plane**. Separating concerns allows independent evolution. + +## Core Components + + + } + title="Lifecycle Management" + href="/docs/protocols/objectos/lifecycle" + description="Boot sequence, plugin installation, zero-downtime upgrades, rollback strategies" + /> + } + title="Plugin Specification" + href="/docs/protocols/objectos/plugin-spec" + description="Manifest structure, dependency graph, versioning semantics, distribution format" + /> + } + title="Configuration Resolution" + href="/docs/protocols/objectos/config-resolution" + description="Merge strategies, precedence rules, environment overrides, tenant isolation" + /> + } + title="i18n Standard" + href="/docs/protocols/objectos/i18n-standard" + description="Translation bundles, locale resolution, date/number formatting, dynamic loading" + /> + + +## Why ObjectOS Exists + +### Problem: Deployment Complexity Kills Agility + +**Traditional Approach:** +```bash +# 47-step deployment runbook +1. Pull latest code +2. Run database migrations (hope they don't fail) +3. Update config.yaml (which version?) +4. Restart service 1, wait 30s +5. Restart service 2, wait 30s +... +47. Pray to the demo gods +``` + +**ObjectOS Approach:** +```bash +# Declarative deployment +objectstack deploy @mycompany/crm@2.0.0 +# ✓ Validated dependencies +# ✓ Applied schema changes +# ✓ Updated configuration +# ✓ Zero-downtime restart +# Done in 12 seconds. +``` + +**Business Value:** A SaaS company reduced deployment time from 45 minutes (with 20% failure rate) to 90 seconds (with 0.1% failure rate). They now deploy 10x per day instead of weekly. + +### Problem: Plugin Dependency Hell + +**Traditional Approach:** +```json +// package.json +"dependencies": { + "stripe": "^10.0.0", // Need 10.x + "accounting-plugin": "*", // This needs stripe@9.x + // 💥 Conflict! Manual resolution required. +} +``` + +**ObjectOS Approach:** +```yaml +# plugin.manifest.yml +name: @mycompany/billing +version: 2.0.0 +dependencies: + '@objectstack/core': '^2.0.0' + 'com.stripe.plugin': '>=10.0.0 <11.0.0' +``` +ObjectOS validates the **entire dependency graph** at install time. Incompatible plugins fail installation with clear error messages, not runtime crashes. + +**Business Value:** A marketplace with 200+ plugins has zero "it works on my machine" issues. Dependency conflicts are caught before customers hit "Install." + +### Problem: Configuration Management Chaos + +**Traditional Approach:** +```javascript +// Where is the source of truth? +const apiKey = + process.env.API_KEY || // Environment variable + config.get('stripe.apiKey') || // Config file + tenant.settings.apiKey || // Database + 'fallback-key'; // 💀 Hardcoded default +``` + +**ObjectOS Approach:** +```typescript +// Declarative merge strategy +const config = context.config.resolve('stripe.apiKey', { + sources: ['environment', 'tenant', 'plugin', 'default'], + required: true +}); +// ObjectOS merges in precedence order, validates, throws clear error if missing +``` + +**Business Value:** Configuration errors dropped 90% after adopting ObjectOS. New engineers can understand config logic in 5 minutes instead of 5 hours. + +## Real-World Use Cases + +### Multi-Tenant SaaS Platform + +**Challenge:** A B2B SaaS company serves 500 enterprise customers. Each customer needs custom: +- Branding (logo, colors) +- Feature flags (Customer A has AI, Customer B doesn't) +- Integrations (Customer A uses Salesforce, Customer B uses HubSpot) +- Language (Customer A is US English, Customer B is German) + +**ObjectOS Solution:** +- **Tenant Isolation:** Each customer is a "tenant" with scoped configuration +- **Config Merging:** Global defaults → Tenant overrides → User preferences +- **Plugin System:** Each integration is a plugin; tenants enable only what they need +- **i18n Engine:** Language bundles loaded per user session + +**Results:** +- Onboard new enterprise customer in 1 hour (previously 2 weeks) +- Zero cross-tenant data leaks (config isolation enforced by runtime) +- 40% reduction in support tickets (consistent config management) + +### Marketplace Ecosystem + +**Challenge:** Build a plugin marketplace like Salesforce AppExchange where third-party developers sell integrations. + +**ObjectOS Solution:** +- **Plugin Manifest:** Standardized `plugin.manifest.yml` declares what plugin provides and needs +- **Dependency Resolution:** Automatic validation that plugin versions are compatible with core platform +- **Lifecycle Hooks:** `onInstall`, `onEnable`, `onDisable` hooks for setup/teardown +- **Sandboxing:** Plugins can't access each other's data or crash each other + +**Results:** +- Launched marketplace with 50 third-party plugins in 6 months +- Zero "this plugin broke my system" incidents (validation prevents bad installs) +- 30% revenue growth from plugin marketplace sales + +### Global Enterprise Rollout + +**Challenge:** A company expands from US to 12 countries (Europe, APAC, LATAM). Same app must support: +- 15 languages +- Different date/number formats (MM/DD/YYYY vs DD/MM/YYYY) +- Regional compliance (GDPR in EU, LGPD in Brazil) +- Local integrations (EU uses SEPA payments, US uses ACH) + +**ObjectOS Solution:** +- **i18n Standard:** Translation bundles with fallback chains (`de-AT` → `de` → `en`) +- **Region Config:** Configuration profiles per region (defaults + region overrides) +- **Plugin System:** Regional plugins (SEPA plugin for EU, ACH plugin for US) +- **Locale Resolution:** Automatic detection from user preferences, IP geolocation, or explicit selection + +**Results:** +- Launched in 12 countries in 4 months (previously 18-month estimate) +- Zero code changes for new languages (just upload translation files) +- 95% translation coverage on day one (tooling validates translation completeness) + +## How ObjectOS Orchestrates ObjectQL and ObjectUI + +ObjectOS is the **runtime coordinator** that makes ObjectQL and ObjectUI work together: + +### 1. Boot Sequence +```typescript +// Startup flow +ObjectOS.boot({ + // Step 1: Load configuration + config: await ConfigResolver.merge(['environment', 'file', 'default']), + + // Step 2: Initialize plugins + plugins: await PluginRegistry.loadAll({ + enabled: ['@objectstack/core', '@mycompany/crm'], + // ObjectOS resolves dependencies and loads in correct order + }), + + // Step 3: Register ObjectQL objects + objects: await ObjectQL.loadSchemas(plugins.flatMap(p => p.objects)), + + // Step 4: Register ObjectUI views + views: await ObjectUI.loadLayouts(plugins.flatMap(p => p.views)), + + // Step 5: Start services + services: { + eventBus: EventBus.start(), + scheduler: JobScheduler.start(), + audit: AuditLogger.start(), + } +}); +``` + +### 2. Request Handling +```typescript +// Incoming API request: GET /api/accounts/123 +async function handleRequest(req) { + // ObjectOS provides context + const context = await ObjectOS.createContext({ + tenantId: req.headers['x-tenant-id'], + userId: req.user.id, + locale: req.headers['accept-language'], + }); + + // ObjectOS resolves configuration + const config = context.config.resolve(); + + // ObjectQL executes query + const account = await ObjectQL.findById('account', '123', { + context, // ObjectOS injects permissions, audit, etc. + }); + + // ObjectUI renders response + const view = await ObjectUI.render('account_detail', { + record: account, + locale: context.locale, // ObjectOS provides i18n + }); + + // ObjectOS logs audit trail + context.audit.log('account.view', { accountId: '123' }); + + return view; +} +``` + +### 3. Plugin Installation +```typescript +// Install a plugin: objectstack plugin install @vendor/salesforce-sync +await ObjectOS.installPlugin({ + source: '@vendor/salesforce-sync@1.5.0', + + // Step 1: Validate dependencies + validate: (manifest) => { + PluginRegistry.checkDependencies(manifest.dependencies); + // Ensures '@objectstack/core@^2.0.0' is installed + }, + + // Step 2: Run onInstall hook + onInstall: async (plugin) => { + // Plugin may create custom objects (ObjectQL) + await ObjectQL.createObjects(plugin.objects); + + // Plugin may register UI views (ObjectUI) + await ObjectUI.registerViews(plugin.views); + + // Plugin may set default config + await ConfigStore.set(plugin.defaultConfig); + }, + + // Step 3: Enable plugin + enable: () => { + PluginRegistry.enable('@vendor/salesforce-sync'); + } +}); +``` + +## Philosophy: Infrastructure as Code + +ObjectOS embodies **"Infrastructure as Code"** principles: + +### Declarative, Not Imperative +**Bad (Imperative):** +```javascript +// Manual steps +db.createTable('accounts'); +db.addColumn('accounts', 'name', 'string'); +permissions.grant('admin', 'accounts', 'read'); +// Miss a step? System broken. +``` + +**Good (Declarative):** +```yaml +# plugin.manifest.yml +objects: + - name: account + fields: + - name: name + type: text +permissions: + - role: admin + object: account + access: read +# ObjectOS ensures runtime matches manifest +``` + +### Idempotent Operations +Run `objectstack deploy` 100 times → Same result. +- Installing a plugin twice does nothing (it's already installed) +- Applying same configuration twice doesn't duplicate settings +- Schema migrations are versioned (run once, skip if already applied) + +### Version Control Everything +All system configuration lives in Git: +- Plugin manifests: `plugin.manifest.yml` +- Configuration files: `objectstack.config.yml` +- Translation bundles: `i18n/en.json`, `i18n/de.json` + +**Business Value:** Rollback a bad deployment by reverting Git commit. No database state to recover, no manual cleanup. + +## Developer Experience + +### Plugin Development +```bash +# Scaffold new plugin +objectstack plugin create @mycompany/slack-integration + +# Generated structure: +slack-integration/ + plugin.manifest.yml # Metadata, dependencies, version + src/ + objects/ # ObjectQL schemas + views/ # ObjectUI layouts + actions/ # Business logic + i18n/ # Translations + tests/ + README.md +``` + +### Configuration Management +```typescript +// Define plugin configuration schema +export const configSchema = z.object({ + apiKey: z.string().describe('Slack API Key'), + channel: z.string().default('#general'), + enabled: z.boolean().default(true), +}); + +// Access in plugin code +const config = context.config.get('slack', configSchema); +// ObjectOS validates against schema, throws clear error if invalid +``` + +### Internationalization +```typescript +// Define translations +// i18n/en.json +{ + "slack.button.send": "Send to Slack", + "slack.error.invalid_channel": "Channel {{channel}} not found" +} + +// i18n/de.json +{ + "slack.button.send": "An Slack senden", + "slack.error.invalid_channel": "Kanal {{channel}} nicht gefunden" +} + +// Use in code +const message = context.i18n.t('slack.button.send'); +// ObjectOS automatically uses user's locale +``` + +## Best Practices + +### 1. Embrace the Microkernel Philosophy +**Principle:** Core runtime does almost nothing. All features are plugins. + +**Why:** Keeps core stable. Plugins evolve independently. Customers pay for only what they use. + +**Example:** Don't build email sending into ObjectOS core. Create `@objectstack/email` plugin. Customers who don't send emails don't load the plugin (smaller memory footprint, faster boot). + +### 2. Configuration Over Code +**Principle:** Behavior should be configurable without code changes. + +**Why:** Reduces deployment frequency. Business users can toggle features without engineering. + +**Example:** Instead of hardcoding `maxRetries: 3` in plugin code, define `maxRetries` in config schema. Customers can override to `5` without touching code. + +### 3. Design for Multi-Tenancy from Day One +**Principle:** Every piece of state (config, data, UI) should be tenant-scoped. + +**Why:** Easier to add multi-tenancy later = rebuild entire system. + +**Example:** Don't store config in global variables. Use `context.config.get()` which automatically scopes to current tenant. + +### 4. Version Everything +**Principle:** All artifacts (plugins, schemas, configs) have semantic versions. + +**Why:** Enables safe upgrades, rollbacks, and dependency management. + +**Example:** Plugin manifest declares `version: 2.1.0`. Breaking change? Bump to `3.0.0`. Consumers can pin to `^2.0.0` until they're ready to upgrade. + +### 5. Fail Fast, Fail Loud +**Principle:** Invalid configuration should fail at boot time, not runtime. + +**Why:** Catch errors before customers see them. + +**Example:** Plugin requires `apiKey` config. If missing, ObjectOS throws error during boot with clear message: "Plugin @vendor/slack requires config key 'slack.apiKey' (not found in environment, tenant, or default config)". + +## Comparison: ObjectOS vs Alternatives + +| Feature | ObjectOS | Kubernetes | CloudFoundry | Heroku | +|---------|----------|------------|--------------|--------| +| **Plugin System** | Built-in manifest-based | Helm charts (external) | Buildpacks | Add-ons marketplace | +| **Config Management** | Hierarchical merge | ConfigMaps/Secrets | Environment vars | Config vars | +| **Multi-Tenancy** | Native tenant isolation | Namespace per tenant | Not supported | One app = one tenant | +| **i18n** | Built-in engine | Manual (libraries) | Manual | Manual | +| **Dependency Resolution** | Semantic versioning | Manual (YAML) | Manual | Manual | +| **Zero-Downtime Upgrades** | Declarative | Rolling updates | Blue-green | Git push | +| **Developer UX** | `objectstack deploy` | `kubectl apply` | `cf push` | `git push heroku` | + +**Key Differentiator:** ObjectOS is **application-aware**. Kubernetes knows about containers, not plugins. ObjectOS knows about ObjectQL objects, ObjectUI views, and business logic dependencies. + +## Next Steps + + + } + title="Learn Lifecycle Management" + href="/docs/protocols/objectos/lifecycle" + description="Understand boot sequence, installation, upgrade strategies, and rollback procedures" + /> + } + title="Build Your First Plugin" + href="/docs/protocols/objectos/plugin-spec" + description="Create a plugin manifest, define dependencies, and implement lifecycle hooks" + /> + } + title="Master Configuration" + href="/docs/protocols/objectos/config-resolution" + description="Learn merge strategies, environment overrides, and tenant-specific settings" + /> + } + title="Internationalize Your App" + href="/docs/protocols/objectos/i18n-standard" + description="Add multi-language support with translation bundles and locale resolution" + /> + + +## Summary + +ObjectOS is the **control plane** that orchestrates ObjectStack: +- **Lifecycle Management:** Declarative deployment, zero-downtime upgrades, rollback safety +- **Plugin System:** Microkernel architecture with dependency resolution and sandboxing +- **Configuration:** Unified config with merge strategies and tenant isolation +- **i18n:** Multi-language support built into the platform + +Think of it this way: +- **ObjectQL** is the database driver (handles data CRUD) +- **ObjectUI** is the rendering engine (handles presentation) +- **ObjectOS** is the operating system (handles coordination, configuration, lifecycle) + +Without ObjectOS, you'd manually wire ObjectQL and ObjectUI together, manage deployments with runbooks, and fight configuration drift. With ObjectOS, the platform handles the "plumbing" so you focus on business logic. diff --git a/content/docs/objectos/lifecycle.mdx b/content/docs/objectos/lifecycle.mdx new file mode 100644 index 000000000..573a156f6 --- /dev/null +++ b/content/docs/objectos/lifecycle.mdx @@ -0,0 +1,803 @@ +--- +title: System Lifecycle +description: Boot sequence, plugin installation, zero-downtime upgrades, and rollback strategies +--- + +import { Zap, Power, Package, RefreshCw, ArrowLeft, CheckCircle, XCircle, AlertTriangle } from 'lucide-react'; + +# System Lifecycle + +ObjectOS manages the complete **lifecycle** of the platform runtime—from initial boot to plugin installation, upgrades, and rollbacks. Every operation is **declarative**, **idempotent**, and **auditable**. + +## Boot Sequence + +The ObjectOS boot process follows a **strict order** to ensure dependencies are satisfied before services start. + +### Boot Phases + +``` +┌─────────────────────────────────────────────────────────────────┐ +│ Phase 1: INITIALIZE │ +│ └─ Load environment variables │ +│ └─ Validate runtime requirements (Node.js version, memory) │ +│ └─ Initialize logging infrastructure │ +└─────────────────────────────────────────────────────────────────┘ + ↓ +┌─────────────────────────────────────────────────────────────────┐ +│ Phase 2: CONFIGURE │ +│ └─ Load configuration files (objectstack.config.yml) │ +│ └─ Merge config sources (env → file → defaults) │ +│ └─ Validate configuration schema │ +└─────────────────────────────────────────────────────────────────┘ + ↓ +┌─────────────────────────────────────────────────────────────────┐ +│ Phase 3: CONNECT │ +│ └─ Establish database connections (PostgreSQL, Redis) │ +│ └─ Run health checks │ +│ └─ Initialize connection pools │ +└─────────────────────────────────────────────────────────────────┘ + ↓ +┌─────────────────────────────────────────────────────────────────┐ +│ Phase 4: LOAD PLUGINS │ +│ └─ Discover installed plugins │ +│ └─ Resolve dependency graph │ +│ └─ Load plugins in topological order │ +│ └─ Execute onBoot() hooks │ +└─────────────────────────────────────────────────────────────────┘ + ↓ +┌─────────────────────────────────────────────────────────────────┐ +│ Phase 5: REGISTER METADATA │ +│ └─ Register ObjectQL schemas (objects, fields) │ +│ └─ Register ObjectUI layouts (views, dashboards) │ +│ └─ Register permissions and validation rules │ +└─────────────────────────────────────────────────────────────────┘ + ↓ +┌─────────────────────────────────────────────────────────────────┐ +│ Phase 6: START SERVICES │ +│ └─ Start event bus │ +│ └─ Start job scheduler │ +│ └─ Start audit logger │ +│ └─ Start HTTP/GraphQL servers │ +└─────────────────────────────────────────────────────────────────┘ + ↓ +┌─────────────────────────────────────────────────────────────────┐ +│ Phase 7: READY │ +│ └─ Mark instance as healthy │ +│ └─ Begin accepting requests │ +│ └─ Log boot time metrics │ +└─────────────────────────────────────────────────────────────────┘ +``` + +### Boot Configuration + +```typescript +// objectstack.config.ts +export default defineConfig({ + boot: { + // Maximum time for boot to complete before timeout + timeout: 60_000, // 60 seconds + + // Fail boot if any plugin fails to load? + failOnPluginError: true, + + // Run database migrations on boot? + autoMigrate: true, + + // Services to start + services: { + eventBus: { enabled: true }, + scheduler: { enabled: true }, + audit: { enabled: true }, + }, + }, +}); +``` + +### Boot Logs (Example) + +``` +[2024-01-15T10:23:01.234Z] INFO ObjectOS starting... +[2024-01-15T10:23:01.250Z] INFO Phase 1: Initialize +[2024-01-15T10:23:01.251Z] INFO ✓ Node.js v20.10.0 +[2024-01-15T10:23:01.252Z] INFO ✓ Memory: 2048 MB available +[2024-01-15T10:23:01.300Z] INFO Phase 2: Configure +[2024-01-15T10:23:01.301Z] INFO ✓ Loaded objectstack.config.yml +[2024-01-15T10:23:01.302Z] INFO ✓ Merged 3 config sources +[2024-01-15T10:23:01.400Z] INFO Phase 3: Connect +[2024-01-15T10:23:01.450Z] INFO ✓ PostgreSQL connected (10 pool size) +[2024-01-15T10:23:01.460Z] INFO ✓ Redis connected +[2024-01-15T10:23:01.500Z] INFO Phase 4: Load Plugins +[2024-01-15T10:23:01.501Z] INFO → @objectstack/core@2.0.0 +[2024-01-15T10:23:01.550Z] INFO → @mycompany/crm@1.5.0 +[2024-01-15T10:23:01.600Z] INFO → @vendor/salesforce@3.2.1 +[2024-01-15T10:23:01.650Z] INFO ✓ 3 plugins loaded +[2024-01-15T10:23:01.700Z] INFO Phase 5: Register Metadata +[2024-01-15T10:23:01.701Z] INFO ✓ 15 objects registered +[2024-01-15T10:23:01.702Z] INFO ✓ 42 views registered +[2024-01-15T10:23:01.800Z] INFO Phase 6: Start Services +[2024-01-15T10:23:01.850Z] INFO ✓ Event bus started +[2024-01-15T10:23:01.900Z] INFO ✓ Job scheduler started (5 jobs loaded) +[2024-01-15T10:23:01.950Z] INFO ✓ HTTP server listening on :3000 +[2024-01-15T10:23:02.000Z] INFO Phase 7: Ready +[2024-01-15T10:23:02.001Z] INFO ObjectOS ready in 766ms +``` + +### Error Handling During Boot + +**Scenario:** Plugin fails to load + +``` +[2024-01-15T10:23:01.500Z] ERROR Phase 4: Load Plugins +[2024-01-15T10:23:01.501Z] ERROR ✗ @vendor/broken-plugin@1.0.0 +[2024-01-15T10:23:01.502Z] ERROR Dependency @objectstack/core@^3.0.0 not satisfied +[2024-01-15T10:23:01.503Z] ERROR (Installed version: 2.0.0) +[2024-01-15T10:23:01.504Z] FATAL Boot failed. Exiting. +``` + +**Resolution Strategy:** +1. **failOnPluginError: true** (default): Boot fails, process exits with code 1 +2. **failOnPluginError: false**: Boot continues, failed plugin is disabled and logged + +## Plugin Installation + +Installing a plugin is a **multi-step transaction**. If any step fails, the entire installation rolls back. + +### Installation Flow + +```typescript +// Command: objectstack plugin install @vendor/salesforce@3.2.1 + +async function installPlugin(packageName: string, version: string) { + const transaction = await db.beginTransaction(); + + try { + // Step 1: Download and validate + const manifest = await registry.download(packageName, version); + await validateManifest(manifest); + + // Step 2: Dependency resolution + await resolveDependencies(manifest.dependencies); + + // Step 3: Backup current state + const backup = await createBackup(); + + // Step 4: Run pre-install hook + await manifest.lifecycle.preInstall?.({ context, transaction }); + + // Step 5: Apply schema changes (ObjectQL) + for (const object of manifest.objects) { + await ObjectQL.createOrUpdateObject(object, { transaction }); + } + + // Step 6: Register UI metadata (ObjectUI) + for (const view of manifest.views) { + await ObjectUI.registerView(view, { transaction }); + } + + // Step 7: Apply configuration defaults + await ConfigStore.merge(manifest.defaultConfig, { transaction }); + + // Step 8: Run post-install hook + await manifest.lifecycle.postInstall?.({ context, transaction }); + + // Step 9: Mark plugin as installed + await PluginRegistry.markInstalled(packageName, version, { transaction }); + + // Step 10: Commit transaction + await transaction.commit(); + + logger.info(`✓ Installed ${packageName}@${version}`); + + } catch (error) { + // Rollback on any error + await transaction.rollback(); + logger.error(`✗ Installation failed: ${error.message}`); + throw error; + } +} +``` + +### Installation States + +A plugin progresses through these states: + +``` +NOT_INSTALLED → DOWNLOADING → VALIDATING → INSTALLING → INSTALLED → ENABLED + ↓ ↓ ↓ + [ERROR] [ERROR] [ERROR] + ↓ ↓ ↓ + FAILED_DOWNLOAD FAILED_VALIDATION FAILED_INSTALL +``` + +### Dependency Resolution + +**Example Dependency Graph:** + +```yaml +# @mycompany/sales-cloud depends on: +dependencies: + '@objectstack/core': '^2.0.0' + '@mycompany/crm-base': '^1.0.0' + '@vendor/email': '>=2.5.0 <3.0.0' +``` + +**Resolution Algorithm:** + +```typescript +async function resolveDependencies( + deps: Record +): Promise { + for (const [pkg, versionRange] of Object.entries(deps)) { + const installed = await PluginRegistry.getInstalled(pkg); + + if (!installed) { + throw new Error( + `Dependency ${pkg} is not installed. ` + + `Install it first: objectstack plugin install ${pkg}` + ); + } + + if (!semver.satisfies(installed.version, versionRange)) { + throw new Error( + `Dependency ${pkg}@${installed.version} does not satisfy ` + + `required version ${versionRange}` + ); + } + } +} +``` + +### Plugin Lifecycle Hooks + +Plugins can define hooks that run at specific lifecycle events: + +```typescript +// plugin.manifest.ts +export default definePlugin({ + name: '@vendor/salesforce', + version: '3.2.1', + + lifecycle: { + // Runs before installation begins + preInstall: async ({ context, transaction }) => { + // Validate environment + if (!context.config.get('salesforce.apiKey')) { + throw new Error('Salesforce API key not configured'); + } + }, + + // Runs after installation completes + postInstall: async ({ context, transaction }) => { + // Initialize default data + await context.db.insert('salesforce_settings', { + syncInterval: 3600, // 1 hour + enabled: true, + }, { transaction }); + + // Schedule sync job + await context.scheduler.create({ + name: 'salesforce-sync', + schedule: '0 * * * *', // Every hour + handler: 'salesforce.sync', + }, { transaction }); + }, + + // Runs when plugin is enabled + onEnable: async ({ context }) => { + logger.info('Salesforce sync enabled'); + await context.eventBus.publish('salesforce.enabled'); + }, + + // Runs when plugin is disabled + onDisable: async ({ context }) => { + logger.info('Salesforce sync disabled'); + await context.scheduler.pause('salesforce-sync'); + }, + + // Runs before uninstallation + preUninstall: async ({ context, transaction }) => { + // Clean up jobs + await context.scheduler.delete('salesforce-sync', { transaction }); + }, + + // Runs after uninstallation + postUninstall: async ({ context, transaction }) => { + // Optional: Remove plugin data + await context.db.delete('salesforce_settings', {}, { transaction }); + }, + }, +}); +``` + +### Installation CLI + +```bash +# Install latest version +objectstack plugin install @vendor/salesforce + +# Install specific version +objectstack plugin install @vendor/salesforce@3.2.1 + +# Install from local directory (development) +objectstack plugin install ./plugins/my-plugin + +# Install with options +objectstack plugin install @vendor/salesforce \ + --enable \ # Auto-enable after install + --config salesforce.apiKey=abc123 # Set config during install + +# Dry run (validate without installing) +objectstack plugin install @vendor/salesforce --dry-run + +# Force reinstall (remove + install) +objectstack plugin install @vendor/salesforce --force +``` + +### Installation Output + +``` +Installing @vendor/salesforce@3.2.1... + +[1/8] Downloading package... ✓ 1.2 MB in 0.5s +[2/8] Validating manifest... ✓ +[3/8] Checking dependencies... ✓ + → @objectstack/core@2.0.0 ✓ (satisfied) + → @vendor/http@1.5.0 ✓ (satisfied) +[4/8] Creating backup... ✓ backup-20240115-102301.tar.gz +[5/8] Applying schema changes... ✓ 3 objects created +[6/8] Registering UI metadata... ✓ 7 views registered +[7/8] Running post-install hook... ✓ +[8/8] Finalizing installation... ✓ + +✓ Successfully installed @vendor/salesforce@3.2.1 + +Next steps: + 1. Configure API credentials: + objectstack config set salesforce.apiKey + + 2. Enable the plugin: + objectstack plugin enable @vendor/salesforce + + 3. Test connection: + objectstack plugin test @vendor/salesforce +``` + +## Upgrades + +ObjectOS supports **zero-downtime upgrades** with automatic rollback on failure. + +### Upgrade Strategies + +#### 1. In-Place Upgrade (Default) + +Upgrade the current instance without creating a new one. + +```bash +objectstack upgrade @vendor/salesforce --to 3.3.0 +``` + +**Process:** +1. Download new version +2. Create backup of current state +3. Stop services gracefully (wait for in-flight requests) +4. Apply schema migrations +5. Update plugin files +6. Restart services +7. Validate health checks +8. If validation fails → automatic rollback + +**Downtime:** 5-15 seconds (during service restart) + +#### 2. Blue-Green Deployment + +Run two versions simultaneously, switch traffic after validation. + +```bash +objectstack upgrade @vendor/salesforce --to 3.3.0 --strategy blue-green +``` + +**Process:** +1. Provision "green" instance with new version +2. Apply schema migrations to green database +3. Run smoke tests on green instance +4. If tests pass → switch load balancer to green +5. If tests fail → destroy green, keep blue +6. After validation period → destroy blue + +**Downtime:** 0 seconds + +#### 3. Rolling Upgrade (Multi-Instance) + +Upgrade instances one at a time in a cluster. + +```bash +objectstack upgrade @vendor/salesforce --to 3.3.0 --strategy rolling +``` + +**Process:** +1. Take instance 1 out of load balancer +2. Upgrade instance 1 +3. Add instance 1 back to load balancer +4. Repeat for instances 2, 3, ...N + +**Downtime:** 0 seconds (requires N ≥ 2 instances) + +### Schema Migrations + +ObjectOS uses **versioned migrations** to evolve database schema safely. + +#### Migration File Structure + +```typescript +// migrations/001_add_salesforce_account.ts +export default defineMigration({ + version: 1, + description: 'Add Salesforce Account object', + + up: async ({ db, objectQL }) => { + // Create object schema + await objectQL.createObject({ + name: 'salesforce_account', + fields: [ + { name: 'salesforce_id', type: 'text', required: true }, + { name: 'account_name', type: 'text' }, + { name: 'last_sync', type: 'datetime' }, + ], + }); + + // Create indexes + await db.schema.createIndex('salesforce_account', 'salesforce_id', { + unique: true, + }); + }, + + down: async ({ db, objectQL }) => { + // Rollback logic + await objectQL.dropObject('salesforce_account'); + }, +}); +``` + +#### Migration Execution + +```bash +# Preview migrations +objectstack migrate --dry-run + +Output: + Pending migrations: + 001_add_salesforce_account.ts + 002_add_sync_logs.ts + +# Apply migrations +objectstack migrate + +Output: + [1/2] Running 001_add_salesforce_account... ✓ (0.15s) + [2/2] Running 002_add_sync_logs... ✓ (0.08s) + + ✓ Applied 2 migrations in 0.23s +``` + +#### Migration Safety + +**Backward-Compatible Migrations:** +```typescript +// ✓ SAFE: Adding optional field +await objectQL.addField('account', { + name: 'new_field', + type: 'text', + required: false, // Old code can ignore this +}); + +// ✗ UNSAFE: Adding required field without default +await objectQL.addField('account', { + name: 'new_field', + type: 'text', + required: true, // Old code will break! +}); + +// ✓ SAFE: Adding required field WITH default +await objectQL.addField('account', { + name: 'new_field', + type: 'text', + required: true, + defaultValue: 'N/A', // Old code works +}); +``` + +**Migration State Tracking:** + +```sql +-- objectstack_migrations table +CREATE TABLE objectstack_migrations ( + id SERIAL PRIMARY KEY, + version INTEGER UNIQUE NOT NULL, + name TEXT NOT NULL, + applied_at TIMESTAMP NOT NULL, + execution_time_ms INTEGER, + checksum TEXT -- Detect migration file changes +); +``` + +### Upgrade Rollback + +If upgrade fails, ObjectOS **automatically rolls back** to previous version. + +#### Rollback Scenarios + +**1. Schema Migration Fails:** +``` +[2024-01-15T10:30:00.000Z] INFO Starting upgrade: 3.2.1 → 3.3.0 +[2024-01-15T10:30:01.000Z] INFO [1/3] Running migration 005_add_column... +[2024-01-15T10:30:01.500Z] ERROR Migration failed: column "account_name" already exists +[2024-01-15T10:30:01.501Z] WARN Rolling back migration 005... +[2024-01-15T10:30:02.000Z] INFO ✓ Rollback complete +[2024-01-15T10:30:02.001Z] INFO Restoring previous version from backup... +[2024-01-15T10:30:03.000Z] INFO ✓ Restored to version 3.2.1 +``` + +**2. Health Check Fails:** +``` +[2024-01-15T10:30:00.000Z] INFO Upgrade complete, validating... +[2024-01-15T10:30:01.000Z] INFO Running health checks... +[2024-01-15T10:30:02.000Z] ERROR Health check failed: /api/health returned 500 +[2024-01-15T10:30:02.001Z] WARN Automatic rollback initiated +[2024-01-15T10:30:05.000Z] INFO ✓ Rolled back to version 3.2.1 +``` + +#### Manual Rollback + +```bash +# Rollback to previous version +objectstack rollback + +# Rollback to specific version +objectstack rollback --to 3.2.0 + +# Rollback last N migrations +objectstack migrate rollback --steps 2 +``` + +### Upgrade Configuration + +```typescript +// objectstack.config.ts +export default defineConfig({ + upgrades: { + // Automatic backups before upgrades + autoBackup: true, + + // Retention period for backups + backupRetention: 7, // days + + // Health check timeout after upgrade + healthCheckTimeout: 30_000, // 30 seconds + + // Automatic rollback on failure + autoRollback: true, + + // Maintenance mode during upgrades + maintenanceMode: { + enabled: true, + message: 'System upgrade in progress. Back in 1 minute.', + }, + }, +}); +``` + +## Health Checks + +ObjectOS includes **built-in health monitoring** to validate system state. + +### Health Check Endpoints + +``` +GET /health/live + → 200 if process is alive + → 503 if process is dead/hung + +GET /health/ready + → 200 if ready to accept requests + → 503 if still booting or unhealthy + +GET /health/status + → Detailed health report (JSON) +``` + +### Health Status Response + +```json +{ + "status": "healthy", + "uptime": 3600, + "version": "2.0.0", + "timestamp": "2024-01-15T11:00:00.000Z", + "checks": { + "database": { + "status": "healthy", + "latency_ms": 5, + "connections": { + "active": 8, + "idle": 2, + "max": 10 + } + }, + "redis": { + "status": "healthy", + "latency_ms": 2 + }, + "plugins": { + "status": "healthy", + "loaded": 3, + "enabled": 3, + "failed": 0 + }, + "jobs": { + "status": "healthy", + "pending": 5, + "running": 2, + "failed": 0 + } + } +} +``` + +### Custom Health Checks + +Plugins can register custom health checks: + +```typescript +// Plugin registers health check +export default definePlugin({ + name: '@vendor/salesforce', + + healthChecks: { + salesforce_connection: async ({ context }) => { + try { + // Test Salesforce API + const response = await salesforce.query('SELECT Id FROM Account LIMIT 1'); + + return { + status: 'healthy', + latency_ms: response.duration, + records_synced_last_hour: await getSyncCount(), + }; + } catch (error) { + return { + status: 'unhealthy', + error: error.message, + }; + } + }, + }, +}); +``` + +## Shutdown Sequence + +Graceful shutdown ensures in-flight requests complete before process exits. + +### Shutdown Phases + +``` +SIGTERM received + ↓ +[1] Stop accepting new requests + ↓ +[2] Finish in-flight requests (timeout: 30s) + ↓ +[3] Stop background jobs + ↓ +[4] Close database connections + ↓ +[5] Flush audit logs + ↓ +[6] Exit process +``` + +### Shutdown Configuration + +```typescript +export default defineConfig({ + shutdown: { + // Wait time for in-flight requests + gracePeriod: 30_000, // 30 seconds + + // Force kill after timeout + forceTimeout: 60_000, // 60 seconds + + // Signals to handle + signals: ['SIGTERM', 'SIGINT'], + }, +}); +``` + +## Best Practices + +### 1. Always Use Transactions for Installations +Every installation step should be atomic. If step 5/8 fails, steps 1-4 must rollback. + +```typescript +// ✓ GOOD: Use transaction +const tx = await db.beginTransaction(); +try { + await step1(tx); + await step2(tx); + await tx.commit(); +} catch (error) { + await tx.rollback(); +} + +// ✗ BAD: No transaction +await step1(); +await step2(); // If this fails, step1 is not reverted! +``` + +### 2. Version Migrations, Don't Modify Them +Once a migration is applied in production, **never modify it**. Create a new migration instead. + +```typescript +// ✗ BAD: Modifying existing migration +// migrations/001_create_accounts.ts (ALREADY APPLIED) +// Adding new field here breaks checksum! + +// ✓ GOOD: New migration +// migrations/002_add_account_field.ts +export default defineMigration({ + version: 2, + up: async ({ objectQL }) => { + await objectQL.addField('account', { name: 'new_field', type: 'text' }); + }, +}); +``` + +### 3. Test Upgrades in Staging First +Always validate upgrades in a staging environment that mirrors production. + +```bash +# Staging +objectstack upgrade --dry-run # Preview changes +objectstack upgrade # Apply upgrade +objectstack test # Run integration tests + +# If tests pass → Production +objectstack upgrade --production +``` + +### 4. Monitor Health After Upgrades +Don't assume success. Monitor health checks for 5-10 minutes after upgrade. + +```bash +# Automated monitoring +objectstack upgrade @vendor/salesforce --monitor --duration 300 +# Watches /health/status for 5 minutes, auto-rollback if unhealthy +``` + +### 5. Document Breaking Changes +Plugin authors must document breaking changes in CHANGELOG.md. + +```markdown +## v4.0.0 (Breaking Changes) + +### Removed +- `salesforce.sync()` method (use `salesforce.syncAccounts()` instead) + +### Changed +- `salesforce_account.name` field renamed to `account_name` + +### Migration Guide +1. Update code: `sync()` → `syncAccounts()` +2. Run migration: `objectstack migrate` +``` + +## Summary + +ObjectOS lifecycle management provides: +- **Deterministic Boot:** 7-phase boot sequence with clear error handling +- **Atomic Installations:** Transactions ensure all-or-nothing plugin installs +- **Zero-Downtime Upgrades:** Blue-green and rolling strategies for production +- **Automatic Rollback:** Failed upgrades auto-revert to previous version +- **Health Monitoring:** Built-in health checks validate system state + +**Next:** Learn how to define plugin manifests in [Plugin Specification](/docs/protocols/objectos/plugin-spec). diff --git a/content/docs/objectos/meta.json b/content/docs/objectos/meta.json new file mode 100644 index 000000000..b6270f246 --- /dev/null +++ b/content/docs/objectos/meta.json @@ -0,0 +1,12 @@ +{ + "title": "ObjectOS (System Protocol)", + "root": true, + "pages": [ + "index", + "lifecycle", + "plugin-spec", + "config-resolution", + "i18n-standard", + "transport" + ] +} diff --git a/content/docs/objectos/plugin-spec.mdx b/content/docs/objectos/plugin-spec.mdx new file mode 100644 index 000000000..f3ecaaf2a --- /dev/null +++ b/content/docs/objectos/plugin-spec.mdx @@ -0,0 +1,946 @@ +--- +title: Plugin Package Specification +description: Manifest structure, directory layout, dependency management, and distribution format +--- + +import { Package, FileCode, Folder, Box, Link2, Shield, Settings } from 'lucide-react'; + +# Plugin Package Specification + +A **plugin** is the unit of distribution in ObjectStack. It packages ObjectQL schemas, ObjectUI layouts, business logic, and configuration into a **self-contained module** that can be installed, upgraded, and removed independently. + +## Plugin Manifest + +Every plugin **must** have a manifest file that declares its identity, dependencies, and capabilities. + +### Manifest Location + +``` +my-plugin/ + plugin.manifest.ts ← TypeScript (recommended) + plugin.manifest.yml ← YAML (alternative) + plugin.manifest.json ← JSON (alternative) +``` + +**Recommendation:** Use TypeScript manifest for **type safety** and **validation**. ObjectOS auto-generates JSON schema from TypeScript. + +### Manifest Schema + +```typescript +// plugin.manifest.ts +import { definePlugin } from '@objectstack/core'; + +export default definePlugin({ + // IDENTITY + name: '@mycompany/crm', + version: '1.5.0', + displayName: 'Customer Relationship Management', + description: 'Complete CRM with accounts, contacts, and opportunities', + author: 'MyCompany ', + license: 'MIT', + homepage: 'https://github.com/mycompany/crm', + + // DEPENDENCIES + dependencies: { + '@objectstack/core': '^2.0.0', + '@mycompany/base': '>=1.0.0 <2.0.0', + }, + + // OPTIONAL DEPENDENCIES (plugin works without these) + optionalDependencies: { + '@vendor/email': '^3.0.0', + }, + + // PEER DEPENDENCIES (consumer must install) + peerDependencies: { + '@objectstack/ui': '^2.0.0', + }, + + // METADATA REGISTRATION + metadata: { + // ObjectQL objects + objects: [ + 'src/objects/**/*.object.ts', + ], + + // ObjectUI views + views: [ + 'src/views/**/*.view.ts', + ], + + // Business logic + triggers: [ + 'src/triggers/**/*.trigger.ts', + ], + + workflows: [ + 'src/workflows/**/*.workflow.ts', + ], + + // Internationalization + translations: [ + 'i18n/**/*.json', + ], + + // Configuration schema + configSchema: 'src/config.schema.ts', + }, + + // LIFECYCLE HOOKS + lifecycle: { + onInstall: 'src/lifecycle/install.ts', + onUninstall: 'src/lifecycle/uninstall.ts', + onEnable: 'src/lifecycle/enable.ts', + onDisable: 'src/lifecycle/disable.ts', + onUpgrade: 'src/lifecycle/upgrade.ts', + onBoot: 'src/lifecycle/boot.ts', + }, + + // PERMISSIONS + permissions: { + // System capabilities plugin requires + system: [ + 'network.http', // Make HTTP requests + 'storage.database', // Database access + 'storage.cache', // Redis/cache access + ], + + // Objects plugin creates/manages + objects: [ + 'account', + 'contact', + 'opportunity', + ], + }, + + // CONFIGURATION + config: { + // Default values + defaults: { + maxAccountsPerUser: 1000, + enableOpportunityScoring: true, + }, + + // Secrets (encrypted at rest) + secrets: [ + 'apiKey', + 'webhookSecret', + ], + }, + + // MARKETPLACE METADATA + marketplace: { + // Category for marketplace listing + category: 'crm', + + // Screenshots + screenshots: [ + 'assets/screenshot-1.png', + 'assets/screenshot-2.png', + ], + + // Pricing + pricing: { + model: 'subscription', + price: 29.99, + currency: 'USD', + interval: 'month', + }, + + // Compatibility + compatibility: { + objectstack: '>=2.0.0 <3.0.0', + node: '>=18.0.0', + }, + }, +}); +``` + +## Directory Structure + +A well-organized plugin follows this **standard structure**: + +``` +@mycompany/crm/ +├── plugin.manifest.ts # Plugin manifest (required) +├── package.json # NPM package metadata +├── README.md # Documentation +├── CHANGELOG.md # Version history +├── LICENSE # License text +│ +├── src/ +│ ├── objects/ # ObjectQL schemas +│ │ ├── account.object.ts +│ │ ├── contact.object.ts +│ │ └── opportunity.object.ts +│ │ +│ ├── views/ # ObjectUI layouts +│ │ ├── account_list.view.ts +│ │ ├── account_detail.view.ts +│ │ └── opportunity_kanban.view.ts +│ │ +│ ├── triggers/ # Business logic triggers +│ │ ├── account_validation.trigger.ts +│ │ └── opportunity_scoring.trigger.ts +│ │ +│ ├── workflows/ # Visual workflows +│ │ └── opportunity_approval.workflow.ts +│ │ +│ ├── actions/ # Custom actions +│ │ └── send_proposal.action.ts +│ │ +│ ├── api/ # Custom API endpoints +│ │ └── sync.endpoint.ts +│ │ +│ ├── jobs/ # Background jobs +│ │ └── cleanup.job.ts +│ │ +│ ├── config.schema.ts # Configuration schema (Zod) +│ │ +│ └── lifecycle/ # Lifecycle hooks +│ ├── install.ts +│ ├── boot.ts +│ └── upgrade.ts +│ +├── i18n/ # Translations +│ ├── en.json +│ ├── de.json +│ └── es.json +│ +├── migrations/ # Database migrations +│ ├── 001_create_objects.ts +│ └── 002_add_indexes.ts +│ +├── tests/ # Unit and integration tests +│ ├── objects/ +│ ├── triggers/ +│ └── integration/ +│ +├── assets/ # Static files (icons, images) +│ ├── icon.svg +│ └── screenshots/ +│ +└── dist/ # Compiled output (generated) +``` + +## Metadata Definitions + +### ObjectQL Schemas + +Define database objects using ObjectQL schema syntax: + +```typescript +// src/objects/account.object.ts +import { defineObject } from '@objectstack/core'; + +export default defineObject({ + name: 'account', + label: 'Account', + pluralLabel: 'Accounts', + + fields: { + name: { + type: 'text', + label: 'Account Name', + required: true, + maxLength: 255, + }, + + industry: { + type: 'select', + label: 'Industry', + options: [ + { value: 'technology', label: 'Technology' }, + { value: 'finance', label: 'Finance' }, + { value: 'healthcare', label: 'Healthcare' }, + ], + }, + + annual_revenue: { + type: 'currency', + label: 'Annual Revenue', + precision: 2, + }, + + primary_contact: { + type: 'lookup', + label: 'Primary Contact', + reference: 'contact', + }, + + opportunities: { + type: 'reverse_lookup', + label: 'Opportunities', + reference: 'opportunity', + referenceField: 'account', + }, + }, + + enable: { + trackHistory: true, + search: true, + apiEnabled: true, + }, +}); +``` + +### ObjectUI Views + +Define user interfaces using ObjectUI layout DSL: + +```typescript +// src/views/account_list.view.ts +import { defineView } from '@objectstack/core'; + +export default defineView({ + name: 'account_list', + object: 'account', + type: 'list', + + layout: { + type: 'grid', + columns: [ + { field: 'name', width: 200 }, + { field: 'industry', width: 150 }, + { field: 'annual_revenue', width: 150 }, + { field: 'primary_contact', width: 200 }, + { field: 'created_at', width: 150 }, + ], + + filters: [ + { field: 'industry', operator: 'equals' }, + { field: 'annual_revenue', operator: 'greaterThan' }, + ], + + actions: [ + { type: 'create', label: 'New Account' }, + { type: 'export', label: 'Export to CSV' }, + ], + }, +}); +``` + +### Triggers + +Define business logic that executes on data changes: + +```typescript +// src/triggers/account_validation.trigger.ts +import { defineTrigger } from '@objectstack/core'; + +export default defineTrigger({ + name: 'account_validation', + object: 'account', + when: 'beforeInsert', + + execute: async ({ record, context }) => { + // Validation: Annual revenue must be positive + if (record.annual_revenue < 0) { + throw new Error('Annual revenue cannot be negative'); + } + + // Auto-populate: Generate account number + if (!record.account_number) { + record.account_number = await generateAccountNumber(context); + } + + // Enrichment: Fetch company data from external API + if (record.website) { + const companyData = await enrichCompanyData(record.website); + record.industry = record.industry || companyData.industry; + record.employee_count = companyData.employeeCount; + } + + return record; + }, +}); +``` + +### Configuration Schema + +Define plugin configuration with Zod for validation: + +```typescript +// src/config.schema.ts +import { z } from 'zod'; + +export const configSchema = z.object({ + // API keys (marked as secret) + apiKey: z.string() + .describe('API Key for external service') + .meta({ secret: true }), + + // Feature flags + enableOpportunityScoring: z.boolean() + .default(true) + .describe('Enable AI-powered opportunity scoring'), + + // Limits + maxAccountsPerUser: z.number() + .min(1) + .max(10000) + .default(1000) + .describe('Maximum accounts a user can own'), + + // URLs + webhookUrl: z.string() + .url() + .optional() + .describe('Webhook URL for account changes'), + + // Enums + syncInterval: z.enum(['hourly', 'daily', 'weekly']) + .default('daily') + .describe('Data sync frequency'), +}); + +export type PluginConfig = z.infer; +``` + +## Dependency Management + +### Dependency Types + +#### 1. **Dependencies (Required)** +Plugin **cannot function** without these. + +```typescript +dependencies: { + '@objectstack/core': '^2.0.0', + '@mycompany/base': '>=1.0.0 <2.0.0', +} +``` + +#### 2. **Optional Dependencies** +Plugin **can function** without these, but features are enhanced if present. + +```typescript +optionalDependencies: { + '@vendor/email': '^3.0.0', +} + +// In plugin code +if (context.plugins.isInstalled('@vendor/email')) { + await email.send({ to: contact.email, subject: 'Welcome' }); +} +``` + +#### 3. **Peer Dependencies** +Plugin expects **consumer** to install these (not bundled). + +```typescript +peerDependencies: { + '@objectstack/ui': '^2.0.0', +} +``` + +Use for large dependencies (React, Vue) that should be shared across plugins. + +### Version Constraints + +ObjectOS uses **semantic versioning (semver)** with these operators: + +```typescript +dependencies: { + // Exact version + 'plugin-a': '1.0.0', + + // Patch updates allowed (1.0.x) + 'plugin-b': '~1.0.0', + + // Minor updates allowed (1.x.x) + 'plugin-c': '^1.0.0', + + // Version range + 'plugin-d': '>=1.0.0 <2.0.0', + + // Latest version + 'plugin-e': '*', // ⚠️ Not recommended for production +} +``` + +### Dependency Resolution + +ObjectOS builds a **dependency graph** and loads plugins in **topological order**: + +``` +@objectstack/core (no deps) + ↓ +@mycompany/base (depends on core) + ↓ +@mycompany/crm (depends on base) + ↓ +@mycompany/sales (depends on crm) +``` + +**Load Order:** core → base → crm → sales + +**Conflict Resolution:** +If two plugins require incompatible versions of the same dependency, installation fails with error: + +``` +Error: Dependency conflict + @mycompany/sales requires @objectstack/core@^2.0.0 + @vendor/analytics requires @objectstack/core@^3.0.0 + +Cannot satisfy both constraints. + +Solutions: + 1. Upgrade @mycompany/sales to version compatible with core@3.x + 2. Downgrade @vendor/analytics to version compatible with core@2.x + 3. Contact plugin authors to update dependencies +``` + +## Lifecycle Hooks + +Plugins can define hooks that execute at specific lifecycle events: + +### Hook Signatures + +```typescript +// src/lifecycle/install.ts +export async function onInstall({ context, transaction }) { + // Runs after plugin files are extracted, before metadata is registered + + // Example: Create default data + await context.db.insert('crm_settings', { + maxAccountsPerUser: 1000, + enableScoring: true, + }, { transaction }); +} + +// src/lifecycle/uninstall.ts +export async function onUninstall({ context, transaction }) { + // Runs before plugin is removed + + // Example: Archive plugin data instead of deleting + await context.db.update('account', + { where: { plugin: 'crm' }}, + { archived: true }, + { transaction } + ); +} + +// src/lifecycle/enable.ts +export async function onEnable({ context }) { + // Runs when plugin is enabled (after install or manual enable) + + // Example: Start background sync + await context.scheduler.create({ + name: 'crm-sync', + schedule: '0 * * * *', // Every hour + handler: 'crm.sync', + }); +} + +// src/lifecycle/disable.ts +export async function onDisable({ context }) { + // Runs when plugin is disabled (before uninstall or manual disable) + + // Example: Stop background jobs + await context.scheduler.pause('crm-sync'); +} + +// src/lifecycle/upgrade.ts +export async function onUpgrade({ context, fromVersion, toVersion, transaction }) { + // Runs during plugin upgrade + + // Example: Data migration + if (fromVersion === '1.0.0' && toVersion === '2.0.0') { + await context.db.query(` + UPDATE account + SET account_number = CONCAT('ACC-', id::text) + WHERE account_number IS NULL + `, { transaction }); + } +} + +// src/lifecycle/boot.ts +export async function onBoot({ context }) { + // Runs every time ObjectOS boots (after plugin is loaded) + + // Example: Validate configuration + const config = context.config.get('crm'); + if (!config.apiKey) { + context.logger.warn('CRM API key not configured'); + } + + // Example: Register custom services + context.services.register('crm', new CRMService(config)); +} +``` + +### Hook Execution Order + +During **installation**: +``` +1. onInstall +2. Register metadata (objects, views, etc.) +3. onEnable (if --enable flag) +``` + +During **upgrade**: +``` +1. onUpgrade +2. Apply migrations +3. Update metadata +``` + +During **boot**: +``` +1. Load all plugins +2. Resolve dependencies +3. onBoot (for each plugin in dependency order) +4. Start services +``` + +## Permissions + +Plugins must **declare permissions** they require. ObjectOS enforces these at runtime. + +### System Permissions + +```typescript +permissions: { + system: [ + // Network access + 'network.http', // Make HTTP requests + 'network.websocket', // Use WebSockets + + // Storage access + 'storage.database', // Query database + 'storage.cache', // Use Redis/cache + 'storage.filesystem', // Read/write files + + // System capabilities + 'system.cron', // Schedule jobs + 'system.email', // Send emails + 'system.events', // Publish/subscribe events + + // Security + 'security.encrypt', // Encrypt data + 'security.sign', // Sign JWTs + ], +} +``` + +If plugin attempts operation without permission, ObjectOS throws error: + +```javascript +// Plugin tries to make HTTP request without permission +await fetch('https://api.example.com/data'); + +// Error: PermissionDenied +// Plugin @mycompany/crm does not have permission 'network.http' +// Add to plugin.manifest.ts: +// permissions: { system: ['network.http'] } +``` + +### Object Permissions + +Declare which objects plugin creates and manages: + +```typescript +permissions: { + objects: [ + 'account', // Full control + 'contact', + 'opportunity', + ], +} +``` + +ObjectOS uses this for: +- **Dependency tracking:** Can't uninstall plugin if other plugins reference its objects +- **Security:** Plugin can only modify its own objects (not objects from other plugins) +- **Cleanup:** Uninstalling plugin can optionally remove its objects + +## Distribution Format + +### NPM Package + +Plugins are distributed as **NPM packages** for easy versioning and distribution. + +```json +// package.json +{ + "name": "@mycompany/crm", + "version": "1.5.0", + "description": "Customer Relationship Management", + "main": "dist/index.js", + "types": "dist/index.d.ts", + + "scripts": { + "build": "tsc", + "test": "jest", + "lint": "eslint src/", + "package": "objectstack plugin package" + }, + + "files": [ + "dist/", + "plugin.manifest.ts", + "i18n/", + "assets/", + "README.md", + "LICENSE" + ], + + "dependencies": { + "@objectstack/core": "^2.0.0" + }, + + "devDependencies": { + "@objectstack/cli": "^2.0.0", + "typescript": "^5.0.0" + }, + + "keywords": [ + "objectstack", + "objectstack-plugin", + "crm" + ], + + "repository": { + "type": "git", + "url": "https://github.com/mycompany/crm" + } +} +``` + +### Publishing to NPM + +```bash +# Build plugin +npm run build + +# Package plugin (validates manifest, bundles assets) +objectstack plugin package + +# Publish to NPM +npm publish + +# Or publish to private registry +npm publish --registry=https://npm.mycompany.com +``` + +### Plugin Archive (.ospkg) + +For air-gapped environments or marketplaces, plugins can be packaged as **.ospkg** files: + +```bash +# Create .ospkg archive +objectstack plugin package --format ospkg --output crm-1.5.0.ospkg + +# Install from .ospkg +objectstack plugin install ./crm-1.5.0.ospkg +``` + +**.ospkg format:** Tarball containing: +- Plugin files (dist/, i18n/, assets/) +- Manifest (plugin.manifest.json) +- Checksums (SHA256) +- Signature (for marketplace verification) + +## Plugin Testing + +### Unit Tests + +```typescript +// tests/triggers/account_validation.test.ts +import { createTestContext } from '@objectstack/testing'; +import accountValidation from '../../src/triggers/account_validation'; + +describe('Account Validation Trigger', () => { + it('should reject negative revenue', async () => { + const context = createTestContext(); + const record = { annual_revenue: -1000 }; + + await expect( + accountValidation.execute({ record, context }) + ).rejects.toThrow('Annual revenue cannot be negative'); + }); + + it('should generate account number', async () => { + const context = createTestContext(); + const record = { name: 'Acme Corp' }; + + const result = await accountValidation.execute({ record, context }); + + expect(result.account_number).toMatch(/^ACC-\d{6}$/); + }); +}); +``` + +### Integration Tests + +```typescript +// tests/integration/crm_workflow.test.ts +import { createTestEnvironment } from '@objectstack/testing'; + +describe('CRM Workflow', () => { + let env; + + beforeAll(async () => { + env = await createTestEnvironment({ + plugins: ['@mycompany/crm'], + }); + }); + + it('should create account with contacts', async () => { + // Create account + const account = await env.objectQL.create('account', { + name: 'Test Corp', + industry: 'technology', + }); + + // Create contact + const contact = await env.objectQL.create('contact', { + first_name: 'John', + last_name: 'Doe', + account: account.id, + }); + + // Verify relationship + const accountWithContacts = await env.objectQL.findById('account', account.id, { + include: ['contacts'], + }); + + expect(accountWithContacts.contacts).toHaveLength(1); + expect(accountWithContacts.contacts[0].id).toBe(contact.id); + }); +}); +``` + +## Plugin Development Workflow + +### 1. Scaffold Plugin + +```bash +objectstack plugin create @mycompany/crm + +? Plugin name: @mycompany/crm +? Description: Customer Relationship Management +? Author: MyCompany +? License: MIT + +✓ Created plugin at @mycompany/crm/ +✓ Generated plugin.manifest.ts +✓ Generated package.json +✓ Installed dependencies + +Next steps: + cd @mycompany/crm + npm run dev +``` + +### 2. Develop Locally + +```bash +cd @mycompany/crm + +# Watch mode (auto-rebuild on changes) +npm run dev + +# In another terminal, link plugin to test instance +objectstack plugin link . + +# Test instance now uses local plugin +objectstack dev +``` + +### 3. Test Plugin + +```bash +# Run unit tests +npm test + +# Run linter +npm run lint + +# Validate manifest +objectstack plugin validate + +# Test installation +objectstack plugin install . --dry-run +``` + +### 4. Build & Publish + +```bash +# Build production bundle +npm run build + +# Package plugin +objectstack plugin package + +# Publish to NPM +npm publish +``` + +## Best Practices + +### 1. Use Semantic Versioning Strictly +- **Patch (1.0.x):** Bug fixes, no breaking changes +- **Minor (1.x.0):** New features, backward compatible +- **Major (x.0.0):** Breaking changes + +### 2. Document Breaking Changes +Always include migration guide in CHANGELOG.md for major versions. + +```markdown +## v2.0.0 (Breaking Changes) + +### Removed +- `account.owner` field (use `account.owner_id` instead) + +### Migration +Run: `objectstack migrate --plugin @mycompany/crm` +``` + +### 3. Pin Core Dependencies +Use exact version for `@objectstack/core` to avoid surprises: + +```typescript +dependencies: { + '@objectstack/core': '2.0.0', // Not '^2.0.0' +} +``` + +### 4. Validate Configuration Early +Use Zod schema to validate config during boot, not at runtime: + +```typescript +export async function onBoot({ context }) { + const config = context.config.get('crm', configSchema); + // Throws clear error if config is invalid +} +``` + +### 5. Clean Up on Uninstall +Always provide `onUninstall` hook to clean up resources: + +```typescript +export async function onUninstall({ context, transaction }) { + // Stop jobs + await context.scheduler.delete('crm-sync', { transaction }); + + // Archive data (don't delete!) + await context.db.update('account', + { plugin: 'crm' }, + { archived: true }, + { transaction } + ); +} +``` + +## Summary + +Plugin packages in ObjectOS: +- **Manifest-driven:** `plugin.manifest.ts` is the source of truth +- **Self-contained:** Bundle objects, views, logic, and config +- **Dependency-managed:** Semantic versioning with conflict detection +- **Lifecycle-aware:** Hooks for install, upgrade, boot, and uninstall +- **NPM-compatible:** Distribute via NPM or .ospkg archives + +**Next:** Learn how configuration is resolved in [Configuration Resolution](/docs/protocols/objectos/config-resolution). diff --git a/content/docs/objectos/transport/error-handling.mdx b/content/docs/objectos/transport/error-handling.mdx new file mode 100644 index 000000000..d269d49f4 --- /dev/null +++ b/content/docs/objectos/transport/error-handling.mdx @@ -0,0 +1,1058 @@ +--- +title: Error Handling +description: Global error codes, response formats, and debugging strategies for ObjectStack APIs +--- + +import { AlertCircle, Bug, Shield, Info, AlertTriangle, XCircle, Radio, Zap } from 'lucide-react'; + +# Error Handling + +The **Error Handling Protocol** defines standardized error codes, response formats, and debugging strategies across all ObjectStack APIs (HTTP, WebSocket, GraphQL). + +## Why Standardized Errors Matter + +**Problem:** Traditional APIs return errors inconsistently: + +```javascript +// Different error structures across endpoints 😱 +API 1: { error: "Not found" } +API 2: { errors: [{ message: "Not found" }] } +API 3: { success: false, msg: "Not found", code: 404 } +API 4: HTTP 200 OK with { status: "error", ... } +``` + +**Developer pain:** +- Every endpoint requires custom error handling logic +- Difficult to show user-friendly messages +- Debugging is nightmare (where did this error originate?) +- Monitoring/alerting is inconsistent + +**Solution:** ObjectStack enforces a **single error format** across all communication channels. Every error has a machine-readable code, human-readable message, and context for debugging. + +## Business Value Delivered + + + } + title="Better User Experience" + description="Consistent error messages guide users to resolution. No generic 'Something went wrong' nonsense." + /> + } + title="Faster Debugging" + description="Error codes + request IDs = find root cause in seconds. Save hours of log hunting." + /> + } + title="Automated Monitoring" + description="Alert on specific error codes (e.g., RATE_LIMITED spikes = upgrade prompts working)." + /> + } + title="Security Hardening" + description="Never leak sensitive info in errors. Attackers can't probe your system via error messages." + /> + + +## Standard Error Response + +Every error follows this structure: + +```json +{ + "success": false, + "error": { + "code": "ERROR_CODE", + "message": "Human-readable description", + "details": { /* Additional context */ }, + "request_id": "req_abc123", + "timestamp": "2024-01-16T14:30:00Z" + } +} +``` + +**Fields:** +- `success`: Always `false` for errors +- `error.code`: Machine-readable error code (use for conditionals) +- `error.message`: Human-readable message (show to users or developers) +- `error.details`: Additional context (field names, constraints, etc.) +- `error.request_id`: Unique request identifier for debugging +- `error.timestamp`: When error occurred (ISO 8601) + +## HTTP Status Codes + +ObjectStack uses standard HTTP status codes: + +| Status | Meaning | When Used | +|--------|---------|-----------| +| **400** | Bad Request | Invalid input, validation failure | +| **401** | Unauthorized | Authentication required or failed | +| **403** | Forbidden | Authenticated but insufficient permissions | +| **404** | Not Found | Resource doesn't exist | +| **409** | Conflict | Resource already exists or version mismatch | +| **422** | Unprocessable Entity | Business logic validation failed | +| **429** | Too Many Requests | Rate limit exceeded | +| **500** | Internal Server Error | Server-side error | +| **503** | Service Unavailable | Server overloaded or maintenance | + +**Important:** Even on error, response body always includes JSON error object. + +## Error Codes + +### Authentication & Authorization + +#### `UNAUTHORIZED` +**HTTP Status:** 401 +**Meaning:** No authentication credentials provided or invalid credentials + +**Example:** +```json +{ + "success": false, + "error": { + "code": "UNAUTHORIZED", + "message": "Authentication required", + "details": { + "hint": "Include 'Authorization: Bearer ' header" + } + } +} +``` + +**How to fix:** +- Include valid JWT token in `Authorization` header +- Refresh expired tokens +- Re-authenticate user + +#### `INVALID_TOKEN` +**HTTP Status:** 401 +**Meaning:** Token is malformed or invalid + +**Example:** +```json +{ + "success": false, + "error": { + "code": "INVALID_TOKEN", + "message": "JWT token is invalid", + "details": { + "reason": "signature_verification_failed" + } + } +} +``` + +**How to fix:** +- Check token hasn't been tampered with +- Verify token is meant for this API (check `aud` claim) +- Ensure server secret key is correct + +#### `TOKEN_EXPIRED` +**HTTP Status:** 401 +**Meaning:** JWT token has expired + +**Example:** +```json +{ + "success": false, + "error": { + "code": "TOKEN_EXPIRED", + "message": "JWT token expired", + "details": { + "expired_at": "2024-01-16T10:00:00Z", + "current_time": "2024-01-16T14:30:00Z" + } + } +} +``` + +**How to fix:** +- Refresh token using refresh token flow +- Re-authenticate user +- Check token lifetime settings (typically 15-60 minutes) + +#### `FORBIDDEN` +**HTTP Status:** 403 +**Meaning:** Authenticated but insufficient permissions + +**Example:** +```json +{ + "success": false, + "error": { + "code": "FORBIDDEN", + "message": "Insufficient permissions to access this resource", + "details": { + "required_permission": "account:write", + "user_permissions": ["account:read"] + } + } +} +``` + +**How to fix:** +- Request permission from administrator +- Check row-level security rules +- Verify user role assignments + +### Validation Errors + +#### `VALIDATION_ERROR` +**HTTP Status:** 400 +**Meaning:** Input validation failed (schema validation) + +**Example:** +```json +{ + "success": false, + "error": { + "code": "VALIDATION_ERROR", + "message": "Validation failed for 2 fields", + "details": { + "fields": [ + { + "field": "email", + "message": "Invalid email format", + "constraint": "format", + "value": "not-an-email" + }, + { + "field": "age", + "message": "Must be at least 18", + "constraint": "min", + "value": 15, + "expected": 18 + } + ] + } + } +} +``` + +**How to fix:** +- Check field constraints in object schema (`GET /api/meta/objects/{object}`) +- Validate input client-side before submission +- Show field-specific errors in UI + +**Client-side handling:** +```javascript +if (error.code === 'VALIDATION_ERROR') { + error.details.fields.forEach(({ field, message }) => { + showFieldError(field, message); + }); +} +``` + +#### `REQUIRED_FIELD` +**HTTP Status:** 400 +**Meaning:** Required field is missing + +**Example:** +```json +{ + "success": false, + "error": { + "code": "REQUIRED_FIELD", + "message": "Missing required field: name", + "details": { + "field": "name", + "constraint": "required" + } + } +} +``` + +#### `INVALID_TYPE` +**HTTP Status:** 400 +**Meaning:** Field value has wrong type + +**Example:** +```json +{ + "success": false, + "error": { + "code": "INVALID_TYPE", + "message": "Field 'age' must be a number", + "details": { + "field": "age", + "expected_type": "number", + "actual_type": "string", + "value": "twenty-five" + } + } +} +``` + +### Resource Errors + +#### `NOT_FOUND` +**HTTP Status:** 404 +**Meaning:** Requested resource doesn't exist + +**Example:** +```json +{ + "success": false, + "error": { + "code": "NOT_FOUND", + "message": "Account with id 'acc_999' not found", + "details": { + "resource": "account", + "resource_id": "acc_999" + } + } +} +``` + +**How to fix:** +- Verify resource ID is correct +- Check user has permission to see resource (row-level security) +- Resource may have been deleted + +#### `ALREADY_EXISTS` +**HTTP Status:** 409 +**Meaning:** Resource with unique constraint already exists + +**Example:** +```json +{ + "success": false, + "error": { + "code": "ALREADY_EXISTS", + "message": "Account with email 'john@acme.com' already exists", + "details": { + "resource": "account", + "constraint": "unique", + "field": "email", + "value": "john@acme.com" + } + } +} +``` + +**How to fix:** +- Check for existing resource before creating +- Update existing resource instead of creating new one +- Use different value for unique field + +#### `CONSTRAINT_VIOLATION` +**HTTP Status:** 409 +**Meaning:** Operation violates database constraint + +**Example:** +```json +{ + "success": false, + "error": { + "code": "CONSTRAINT_VIOLATION", + "message": "Cannot delete account with active opportunities", + "details": { + "resource": "account", + "resource_id": "acc_123", + "constraint": "foreign_key", + "related_object": "opportunity", + "related_count": 5 + } + } +} +``` + +**How to fix:** +- Delete related records first +- Enable cascade delete on object schema +- Archive instead of delete (soft delete) + +### Rate Limiting + +#### `RATE_LIMITED` +**HTTP Status:** 429 +**Meaning:** Too many requests, rate limit exceeded + +**Example:** +```json +{ + "success": false, + "error": { + "code": "RATE_LIMITED", + "message": "Rate limit exceeded", + "details": { + "limit": 1000, + "window": "1m", + "retry_after": 45, + "quota_reset": "2024-01-16T14:31:00Z" + } + } +} +``` + +**HTTP Headers:** +```http +HTTP/1.1 429 Too Many Requests +X-RateLimit-Limit: 1000 +X-RateLimit-Remaining: 0 +X-RateLimit-Reset: 1705412460 +Retry-After: 45 +``` + +**How to fix:** +- Implement exponential backoff +- Batch requests to reduce call count +- Upgrade to higher tier for increased limits +- Cache responses to avoid repeated calls + +**Client-side handling:** +```javascript +async function fetchWithRetry(url, options = {}, maxRetries = 3) { + for (let i = 0; i < maxRetries; i++) { + const response = await fetch(url, options); + + if (response.status !== 429) { + return response; + } + + const retryAfter = response.headers.get('Retry-After'); + await sleep(retryAfter * 1000); + } + + throw new Error('Max retries exceeded'); +} +``` + +#### `QUOTA_EXCEEDED` +**HTTP Status:** 429 +**Meaning:** Monthly/daily quota exceeded + +**Example:** +```json +{ + "success": false, + "error": { + "code": "QUOTA_EXCEEDED", + "message": "Monthly API quota exceeded", + "details": { + "quota": 10000, + "used": 10000, + "period": "monthly", + "reset": "2024-02-01T00:00:00Z", + "upgrade_url": "https://app.acme.com/billing/upgrade" + } + } +} +``` + +**How to fix:** +- Wait for quota reset +- Upgrade to higher plan +- Optimize API usage + +### Business Logic Errors + +#### `BUSINESS_RULE_VIOLATION` +**HTTP Status:** 422 +**Meaning:** Operation violates business logic rule + +**Example:** +```json +{ + "success": false, + "error": { + "code": "BUSINESS_RULE_VIOLATION", + "message": "Cannot close opportunity without selecting a stage reason", + "details": { + "rule": "opportunity_close_validation", + "field": "stage_reason", + "required_when": "stage === 'Closed Won' || stage === 'Closed Lost'" + } + } +} +``` + +**How to fix:** +- Check validation rules in object schema +- Provide required fields +- Follow business process workflow + +#### `WORKFLOW_ERROR` +**HTTP Status:** 422 +**Meaning:** Workflow/automation failed + +**Example:** +```json +{ + "success": false, + "error": { + "code": "WORKFLOW_ERROR", + "message": "Approval workflow rejected the request", + "details": { + "workflow": "purchase_order_approval", + "step": "manager_approval", + "reason": "Amount exceeds manager approval limit", + "limit": 10000, + "requested": 15000 + } + } +} +``` + +### Server Errors + +#### `SERVER_ERROR` +**HTTP Status:** 500 +**Meaning:** Internal server error + +**Example:** +```json +{ + "success": false, + "error": { + "code": "SERVER_ERROR", + "message": "An internal error occurred", + "details": { + "request_id": "req_abc123", + "support_url": "https://support.acme.com/request/req_abc123" + } + } +} +``` + +**Important:** Never leak stack traces or sensitive internals to clients. + +**How to fix:** +- Retry request (may be transient) +- Check server status page +- Contact support with `request_id` + +#### `SERVICE_UNAVAILABLE` +**HTTP Status:** 503 +**Meaning:** Server temporarily unavailable + +**Example:** +```json +{ + "success": false, + "error": { + "code": "SERVICE_UNAVAILABLE", + "message": "Service temporarily unavailable", + "details": { + "reason": "database_maintenance", + "retry_after": 300, + "estimated_completion": "2024-01-16T15:00:00Z" + } + } +} +``` + +**HTTP Headers:** +```http +HTTP/1.1 503 Service Unavailable +Retry-After: 300 +``` + +### WebSocket-Specific Errors + +#### `CONNECTION_LIMIT_EXCEEDED` +**Meaning:** Too many concurrent WebSocket connections + +**Example:** +```json +{ + "type": "error", + "error": { + "code": "CONNECTION_LIMIT_EXCEEDED", + "message": "Maximum 5 concurrent connections per user", + "details": { + "limit": 5, + "current": 5 + } + } +} +``` + +**How to fix:** +- Close unused connections +- Implement connection pooling +- Use fewer browser tabs + +#### `SUBSCRIPTION_LIMIT_EXCEEDED` +**Meaning:** Too many subscriptions per connection + +**Example:** +```json +{ + "type": "error", + "subscription_id": "sub_99", + "error": { + "code": "SUBSCRIPTION_LIMIT_EXCEEDED", + "message": "Maximum 50 subscriptions per connection", + "details": { + "limit": 50, + "current": 50 + } + } +} +``` + +**How to fix:** +- Unsubscribe from unused subscriptions +- Use broader filters instead of many narrow subscriptions +- Combine related subscriptions + +#### `INVALID_MESSAGE` +**Meaning:** WebSocket message is malformed + +**Example:** +```json +{ + "type": "error", + "error": { + "code": "INVALID_MESSAGE", + "message": "Invalid JSON in WebSocket message", + "details": { + "reason": "unexpected_token", + "position": 42 + } + } +} +``` + +## Error Response Examples + +### Validation Error (Multiple Fields) + +**Request:** +```http +POST /api/v1/data/account +Content-Type: application/json + +{ + "name": "", + "email": "not-an-email", + "revenue": -1000 +} +``` + +**Response:** +```http +HTTP/1.1 400 Bad Request +Content-Type: application/json + +{ + "success": false, + "error": { + "code": "VALIDATION_ERROR", + "message": "Validation failed for 3 fields", + "details": { + "fields": [ + { + "field": "name", + "message": "Name is required", + "constraint": "required", + "value": "" + }, + { + "field": "email", + "message": "Invalid email format", + "constraint": "format", + "value": "not-an-email" + }, + { + "field": "revenue", + "message": "Revenue must be positive", + "constraint": "min", + "value": -1000, + "expected": 0 + } + ] + }, + "request_id": "req_abc123", + "timestamp": "2024-01-16T14:30:00Z" + } +} +``` + +### Permission Denied + +**Request:** +```http +DELETE /api/v1/data/account/acc_123 +Authorization: Bearer +``` + +**Response:** +```http +HTTP/1.1 403 Forbidden +Content-Type: application/json + +{ + "success": false, + "error": { + "code": "FORBIDDEN", + "message": "Insufficient permissions to delete accounts", + "details": { + "resource": "account", + "resource_id": "acc_123", + "required_permission": "account:delete", + "user_permissions": ["account:read", "account:write"], + "hint": "Contact your administrator to request delete permission" + }, + "request_id": "req_def456", + "timestamp": "2024-01-16T14:35:00Z" + } +} +``` + +### Rate Limit Exceeded + +**Request:** +```http +GET /api/v1/data/task +Authorization: Bearer +``` + +**Response:** +```http +HTTP/1.1 429 Too Many Requests +X-RateLimit-Limit: 1000 +X-RateLimit-Remaining: 0 +X-RateLimit-Reset: 1705412460 +Retry-After: 45 +Content-Type: application/json + +{ + "success": false, + "error": { + "code": "RATE_LIMITED", + "message": "Rate limit exceeded: 1000 requests per minute", + "details": { + "limit": 1000, + "window": "1m", + "retry_after": 45, + "quota_reset": "2024-01-16T14:31:00Z", + "upgrade_url": "https://app.acme.com/billing/upgrade" + }, + "request_id": "req_ghi789", + "timestamp": "2024-01-16T14:30:15Z" + } +} +``` + +## Error Handling Best Practices + +### ✅ Use Error Codes, Not Messages + +**Bad:** +```javascript +if (error.message.includes('not found')) { + // Brittle - breaks if message changes +} +``` + +**Good:** +```javascript +if (error.code === 'NOT_FOUND') { + // Reliable - code never changes +} +``` + +### ✅ Show User-Friendly Messages + +**Bad:** +```javascript +alert(error.message); // "VALIDATION_ERROR: Field 'email' constraint 'format' failed" +``` + +**Good:** +```javascript +const userMessages = { + 'VALIDATION_ERROR': 'Please check your input and try again', + 'UNAUTHORIZED': 'Please log in to continue', + 'RATE_LIMITED': 'Too many requests. Please wait a moment.', +}; + +showToast(userMessages[error.code] || 'An error occurred'); +``` + +### ✅ Handle Field-Specific Validation Errors + +**Good:** +```javascript +async function handleSubmit(data) { + try { + const response = await api.createAccount(data); + return response.data; + } catch (error) { + if (error.code === 'VALIDATION_ERROR') { + // Show errors next to fields + error.details.fields.forEach(({ field, message }) => { + setFieldError(field, message); + }); + } else { + // Show general error + showToast(error.message, 'error'); + } + throw error; + } +} +``` + +### ✅ Implement Retry Logic + +**Good:** +```javascript +async function fetchWithRetry(url, options = {}, maxRetries = 3) { + let lastError; + + for (let attempt = 0; attempt < maxRetries; attempt++) { + try { + const response = await fetch(url, options); + const data = await response.json(); + + if (!response.ok) { + // Check if error is retryable + if (data.error.code === 'RATE_LIMITED') { + const retryAfter = data.error.details.retry_after || 1; + await sleep(retryAfter * 1000); + continue; + } else if (data.error.code === 'SERVER_ERROR') { + // Exponential backoff + await sleep(Math.pow(2, attempt) * 1000); + continue; + } else { + // Don't retry validation errors, auth errors, etc. + throw new APIError(data.error); + } + } + + return data; + } catch (error) { + lastError = error; + } + } + + throw lastError; +} +``` + +### ✅ Log Request IDs for Debugging + +**Good:** +```javascript +try { + await api.createAccount(data); +} catch (error) { + console.error('Account creation failed', { + request_id: error.request_id, + code: error.code, + message: error.message, + timestamp: error.timestamp + }); + + // Send to error tracking service + Sentry.captureException(error, { + extra: { request_id: error.request_id } + }); +} +``` + +### ✅ Handle Network Errors + +**Good:** +```javascript +try { + const response = await fetch('/api/data/task'); + const data = await response.json(); + + if (!data.success) { + throw new APIError(data.error); + } + + return data.data; +} catch (error) { + if (error instanceof TypeError && error.message === 'Failed to fetch') { + // Network error - server unreachable + showToast('Network error. Please check your connection.', 'error'); + } else if (error instanceof APIError) { + // API returned error + handleAPIError(error); + } else { + // Unknown error + console.error('Unexpected error:', error); + showToast('An unexpected error occurred', 'error'); + } +} +``` + +## Debugging with Request IDs + +Every API response includes a `request_id` for debugging: + +**Request:** +```http +POST /api/v1/data/account +Content-Type: application/json +X-Request-ID: my-custom-id-123 + +{ "name": "Acme Corp" } +``` + +**Response:** +```json +{ + "success": true, + "data": { ... }, + "request_id": "my-custom-id-123" +} +``` + +**Server logs:** +``` +[2024-01-16T14:30:00Z] INFO [my-custom-id-123] POST /api/v1/data/account +[2024-01-16T14:30:00Z] DEBUG [my-custom-id-123] Validating input +[2024-01-16T14:30:00Z] DEBUG [my-custom-id-123] Executing query: INSERT INTO accounts... +[2024-01-16T14:30:00Z] INFO [my-custom-id-123] Request completed in 45ms +``` + +**Use request IDs to:** +- Trace request through logs +- Debug distributed systems +- Report issues to support +- Correlate frontend errors with backend logs + +## Monitoring & Alerting + +### Error Rate Monitoring + +Track error rates by code: + +```javascript +// Metrics dashboard +{ + "error_rates": { + "VALIDATION_ERROR": 0.05, // 5% of requests + "UNAUTHORIZED": 0.02, // 2% of requests + "RATE_LIMITED": 0.01, // 1% of requests + "SERVER_ERROR": 0.0001 // 0.01% of requests (🚨 alert if > 0.01%) + } +} +``` + +### Alert Conditions + +**Critical alerts:** +- `SERVER_ERROR` rate > 0.1% +- `SERVICE_UNAVAILABLE` > 0 +- Database connection failures + +**Warning alerts:** +- `RATE_LIMITED` spike (may indicate DDoS or integration bug) +- `UNAUTHORIZED` spike (credential leakage?) +- `VALIDATION_ERROR` spike on new form (bad client-side validation) + +### Error Budgets + +Set error budgets per service: + +```yaml +error_budget: + target_success_rate: 99.9% + measurement_window: 30d + budget_remaining: 97.2% # Still have 97.2% of error budget left +``` + +**When budget exhausted:** +- Freeze feature releases +- Focus on reliability improvements +- Investigate root causes + +## Security Considerations + +### ❌ Never Leak Sensitive Info + +**Bad:** +```json +{ + "error": { + "code": "UNAUTHORIZED", + "message": "Password incorrect for user john@acme.com", + "details": { + "attempted_password": "Password123!", // 🚨 NEVER DO THIS + "actual_password_hash": "bcrypt$..." // 🚨 NEVER DO THIS + } + } +} +``` + +**Good:** +```json +{ + "error": { + "code": "UNAUTHORIZED", + "message": "Invalid credentials", + "details": null + } +} +``` + +### ❌ Don't Confirm Resource Existence + +**Bad:** +```json +// Attacker probes: DELETE /api/data/account/acc_123 +{ + "error": { + "code": "FORBIDDEN", + "message": "You don't have permission to delete this account" + } +} +// Attacker learns: Account acc_123 exists! 🚨 +``` + +**Good:** +```json +// Return NOT_FOUND for both "doesn't exist" and "exists but no permission" +{ + "error": { + "code": "NOT_FOUND", + "message": "Account not found" + } +} +``` + +### ✅ Rate Limit Error Responses + +Even error responses can be abused: + +```javascript +// Attacker tries to enumerate user emails +for (let i = 0; i < 1000000; i++) { + await register({ email: `user${i}@example.com` }); + // Response: "ALREADY_EXISTS" or "VALIDATION_ERROR" +} +``` + +**Solution:** Rate limit failed registration attempts: +```json +{ + "error": { + "code": "RATE_LIMITED", + "message": "Too many failed registration attempts" + } +} +``` + +## Next Steps + + + } + title="HTTP API" + description="Learn REST endpoint conventions and CRUD operations" + href="/docs/transport/http-api" + /> + } + title="Real-Time Protocols" + description="Implement WebSocket subscriptions and event streaming" + href="/docs/transport/realtime" + /> + diff --git a/content/docs/objectos/transport/http-api.mdx b/content/docs/objectos/transport/http-api.mdx new file mode 100644 index 000000000..ff1e49ecd --- /dev/null +++ b/content/docs/objectos/transport/http-api.mdx @@ -0,0 +1,933 @@ +--- +title: HTTP API +description: Standard REST mapping rules, CRUD operations, and request/response formats for ObjectStack +--- + +import { Radio, Code, Database, Lock, Zap, CheckCircle, AlertCircle } from 'lucide-react'; + +# HTTP API + +The **HTTP API** defines how ObjectStack maps data operations to RESTful HTTP endpoints. Every object you define automatically gets a complete set of CRUD (Create, Read, Update, Delete) operations with consistent request/response formats. + +## Core Principles + +1. **Convention over Configuration:** REST endpoints follow predictable patterns +2. **Consistency:** Every object uses the same URL structure and response format +3. **Discoverability:** API schema available via discovery endpoint +4. **Security First:** Authentication and permissions enforced on every request +5. **Performance:** Built-in caching, pagination, and field selection + +## API Discovery + +### Discovery Endpoint + +Before making any API calls, clients should request the discovery endpoint to learn about available services: + +**Request:** +```http +GET /.well-known/objectstack HTTP/1.1 +Host: api.acme.com +``` + +**Alternative endpoint:** +```http +GET /api/v1/discovery HTTP/1.1 +``` + +**Response:** +```json +{ + "name": "Acme CRM Production", + "version": "2.1.0", + "environment": "production", + "routes": { + "data": "/api/v1/data", + "metadata": "/api/v1/meta", + "auth": "/api/v1/auth", + "actions": "/api/v1/actions", + "storage": "/api/v1/storage", + "graphql": "/api/v1/graphql", + "realtime": "wss://api.acme.com/ws" + }, + "features": { + "graphql": true, + "websocket": true, + "search": true, + "files": true, + "batch": true, + "webhooks": true + }, + "limits": { + "max_page_size": 100, + "default_page_size": 25, + "max_batch_size": 50, + "rate_limit": 1000, + "rate_window": "1m" + }, + "locale": { + "default": "en-US", + "supported": ["en-US", "zh-CN", "es-ES", "fr-FR"], + "timezone": "America/Los_Angeles" + }, + "documentation": "https://docs.acme.com/api" +} +``` + +**Why discovery matters:** +- **Environment agnostic:** Works across dev, staging, production without hardcoding URLs +- **Version tolerance:** API routes can change without breaking clients +- **Feature detection:** Clients enable/disable features based on server capabilities +- **Automatic configuration:** SDKs auto-configure from discovery response + +## Standard Data API + +All data operations use the base path from `routes.data` (default: `/api/v1/data`). + +### URL Structure + +``` +{base_path}/{object_name}/{record_id?} +``` + +**Examples:** +- `/api/v1/data/account` - Account collection +- `/api/v1/data/account/acc_123` - Specific account +- `/api/v1/data/project_task` - Project task collection (snake_case) + +### Authentication + +All requests require authentication via one of these methods: + +**1. Bearer Token (JWT):** +```http +GET /api/v1/data/task +Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... +``` + +**2. API Key:** +```http +GET /api/v1/data/task +X-API-Key: sk_live_abc123... +``` + +**3. Session Cookie:** +```http +GET /api/v1/data/task +Cookie: session_id=xyz789... +``` + +### Query Operations (List/Search) + +Retrieve multiple records from an object. + +**Endpoint:** +```http +GET /{base_path}/{object_name} +``` + +**Query Parameters:** + +| Parameter | Type | Description | Example | +|-----------|------|-------------|---------| +| `select` | string | Comma-separated field list | `id,name,status` | +| `filter` | JSON | Filter criteria (see Filtering section) | `{"status":"active"}` | +| `sort` | string | Sort fields (prefix `-` for desc) | `-created_at,name` | +| `page` | number | Page number (1-indexed) | `2` | +| `per_page` | number | Items per page (max from limits) | `50` | +| `include` | string | Related objects to embed | `assignee,comments` | + +**Example Request:** +```http +GET /api/v1/data/task?select=id,title,status&filter={"assignee_id":"user_123"}&sort=-created_at&page=1&per_page=25 +Authorization: Bearer +``` + +**Success Response:** +```json +{ + "success": true, + "data": [ + { + "id": "task_456", + "title": "Implement login page", + "status": "in_progress", + "created_at": "2024-01-15T10:30:00Z" + }, + { + "id": "task_789", + "title": "Fix navigation bug", + "status": "todo", + "created_at": "2024-01-14T16:20:00Z" + } + ], + "pagination": { + "page": 1, + "per_page": 25, + "total": 47, + "total_pages": 2, + "has_next": true, + "has_prev": false + } +} +``` + +### Filtering + +Filters are passed as JSON in the `filter` query parameter. + +**Basic equality:** +```json +{ "status": "active" } +``` +```http +GET /api/data/account?filter={"status":"active"} +``` + +**Multiple conditions (AND):** +```json +{ + "status": "active", + "industry": "Technology" +} +``` + +**Operators:** +```json +{ + "revenue": { "$gte": 100000 }, + "employees": { "$lte": 500 }, + "name": { "$contains": "Tech" }, + "created_at": { "$between": ["2024-01-01", "2024-12-31"] } +} +``` + +**Supported operators:** +- `$eq` - Equals (default) +- `$ne` - Not equals +- `$gt` - Greater than +- `$gte` - Greater than or equal +- `$lt` - Less than +- `$lte` - Less than or equal +- `$in` - In array +- `$nin` - Not in array +- `$contains` - String contains +- `$startsWith` - String starts with +- `$endsWith` - String ends with +- `$between` - Between two values +- `$null` - Is null +- `$notNull` - Is not null + +**OR conditions:** +```json +{ + "$or": [ + { "status": "urgent" }, + { "priority": "high" } + ] +} +``` + +**Complex nested filters:** +```json +{ + "$and": [ + { "status": "active" }, + { + "$or": [ + { "industry": "Technology" }, + { "industry": "SaaS" } + ] + }, + { "revenue": { "$gte": 1000000 } } + ] +} +``` + +### Sorting + +Sort by one or more fields using the `sort` parameter: + +**Single field ascending:** +```http +GET /api/data/account?sort=name +``` + +**Single field descending (prefix with `-`):** +```http +GET /api/data/account?sort=-created_at +``` + +**Multiple fields:** +```http +GET /api/data/account?sort=-priority,created_at +``` +First sort by priority descending, then by created_at ascending. + +### Pagination + +ObjectStack uses offset-based pagination: + +**Request page 2 with 50 items:** +```http +GET /api/data/account?page=2&per_page=50 +``` + +**Response includes pagination metadata:** +```json +{ + "success": true, + "data": [...], + "pagination": { + "page": 2, + "per_page": 50, + "total": 247, + "total_pages": 5, + "has_next": true, + "has_prev": true + } +} +``` + +**Pagination limits:** +- Default page size: 25 (from discovery `limits.default_page_size`) +- Maximum page size: 100 (from discovery `limits.max_page_size`) +- Requesting `per_page > max_page_size` returns HTTP 400 + +### Field Selection + +Request only the fields you need to reduce payload size: + +**Request:** +```http +GET /api/data/account?select=id,name,industry,revenue +``` + +**Response:** +```json +{ + "success": true, + "data": [ + { + "id": "acc_123", + "name": "Acme Corp", + "industry": "Technology", + "revenue": 5000000 + } + ] +} +``` + +**Benefits:** +- Reduced bandwidth (especially for mobile) +- Faster response times +- Lower server CPU usage + +**Note:** System fields (`id`, `created_at`, `updated_at`) are always included even if not in `select`. + +### Including Related Objects + +Embed related objects to avoid N+1 queries: + +**Request:** +```http +GET /api/data/task?include=assignee,project +``` + +**Response:** +```json +{ + "success": true, + "data": [ + { + "id": "task_123", + "title": "Implement API", + "assignee_id": "user_456", + "project_id": "proj_789", + "assignee": { + "id": "user_456", + "name": "John Doe", + "email": "john@acme.com" + }, + "project": { + "id": "proj_789", + "name": "CRM Rebuild", + "status": "active" + } + } + ] +} +``` + +**Multiple levels:** +```http +GET /api/data/task?include=assignee.department,project.owner +``` + +**Limits:** +- Maximum include depth: 3 levels +- Maximum included relations: 5 per request + +### Retrieve Single Record + +Get a specific record by ID. + +**Endpoint:** +```http +GET /{base_path}/{object_name}/{record_id} +``` + +**Example Request:** +```http +GET /api/v1/data/account/acc_123 +Authorization: Bearer +``` + +**Success Response (HTTP 200):** +```json +{ + "success": true, + "data": { + "id": "acc_123", + "name": "Acme Corporation", + "industry": "Technology", + "revenue": 5000000, + "status": "active", + "owner_id": "user_456", + "created_at": "2024-01-10T14:30:00Z", + "updated_at": "2024-01-15T09:20:00Z" + } +} +``` + +**Not Found (HTTP 404):** +```json +{ + "success": false, + "error": { + "code": "NOT_FOUND", + "message": "Account with id 'acc_999' not found", + "resource": "account", + "resource_id": "acc_999" + } +} +``` + +### Create Record + +Create a new record. + +**Endpoint:** +```http +POST /{base_path}/{object_name} +``` + +**Request:** +```http +POST /api/v1/data/account +Authorization: Bearer +Content-Type: application/json + +{ + "name": "TechStart Inc", + "industry": "SaaS", + "revenue": 250000, + "owner_id": "user_789" +} +``` + +**Success Response (HTTP 201):** +```json +{ + "success": true, + "data": { + "id": "acc_124", + "name": "TechStart Inc", + "industry": "SaaS", + "revenue": 250000, + "status": "active", + "owner_id": "user_789", + "created_at": "2024-01-16T10:15:00Z", + "updated_at": "2024-01-16T10:15:00Z" + } +} +``` + +**Validation Error (HTTP 400):** +```json +{ + "success": false, + "error": { + "code": "VALIDATION_ERROR", + "message": "Validation failed", + "fields": [ + { + "field": "name", + "message": "Name is required", + "constraint": "required" + }, + { + "field": "industry", + "message": "Must be one of: Technology, SaaS, Healthcare, Finance", + "constraint": "enum", + "value": "InvalidIndustry" + } + ] + } +} +``` + +### Update Record + +Update an existing record (partial update). + +**Endpoint:** +```http +PATCH /{base_path}/{object_name}/{record_id} +``` + +**Request:** +```http +PATCH /api/v1/data/account/acc_123 +Authorization: Bearer +Content-Type: application/json + +{ + "revenue": 6000000, + "status": "vip" +} +``` + +**Success Response (HTTP 200):** +```json +{ + "success": true, + "data": { + "id": "acc_123", + "name": "Acme Corporation", + "industry": "Technology", + "revenue": 6000000, + "status": "vip", + "owner_id": "user_456", + "created_at": "2024-01-10T14:30:00Z", + "updated_at": "2024-01-16T11:45:00Z" + } +} +``` + +**Note:** Only fields included in the request body are updated. Other fields remain unchanged. + +**Read-only fields:** +Attempting to update read-only fields (e.g., `id`, `created_at`) returns HTTP 400: + +```json +{ + "success": false, + "error": { + "code": "VALIDATION_ERROR", + "message": "Cannot update read-only fields", + "fields": [ + { + "field": "created_at", + "message": "Field is read-only" + } + ] + } +} +``` + +### Delete Record + +Delete a record by ID. + +**Endpoint:** +```http +DELETE /{base_path}/{object_name}/{record_id} +``` + +**Request:** +```http +DELETE /api/v1/data/account/acc_123 +Authorization: Bearer +``` + +**Success Response (HTTP 200):** +```json +{ + "success": true, + "data": { + "id": "acc_123", + "deleted": true + } +} +``` + +**Soft Delete (if enabled):** +If object has `enable.softDelete`, record is marked deleted but not removed: + +```json +{ + "success": true, + "data": { + "id": "acc_123", + "deleted": true, + "deleted_at": "2024-01-16T12:00:00Z", + "deleted_by": "user_456" + } +} +``` + +**Cascade Considerations:** +If object has related records and cascade delete is not enabled: + +```json +{ + "success": false, + "error": { + "code": "CONSTRAINT_VIOLATION", + "message": "Cannot delete account with active opportunities", + "constraint": "foreign_key", + "related_object": "opportunity", + "related_count": 5 + } +} +``` + +## Batch Operations + +Perform multiple operations in a single request. + +**Endpoint:** +```http +POST /{base_path}/_batch +``` + +**Request:** +```http +POST /api/v1/data/_batch +Authorization: Bearer +Content-Type: application/json + +{ + "operations": [ + { + "method": "POST", + "path": "/account", + "body": { "name": "Company A", "industry": "Tech" } + }, + { + "method": "PATCH", + "path": "/account/acc_123", + "body": { "status": "active" } + }, + { + "method": "DELETE", + "path": "/account/acc_456" + } + ] +} +``` + +**Response:** +```json +{ + "success": true, + "results": [ + { + "success": true, + "status": 201, + "data": { "id": "acc_789", "name": "Company A" } + }, + { + "success": true, + "status": 200, + "data": { "id": "acc_123", "status": "active" } + }, + { + "success": true, + "status": 200, + "data": { "id": "acc_456", "deleted": true } + } + ] +} +``` + +**Limits:** +- Maximum batch size: 50 operations (from `limits.max_batch_size`) +- Operations are executed sequentially +- Failure of one operation doesn't stop others (non-transactional by default) + +**Transactional batch:** +```json +{ + "operations": [...], + "atomic": true +} +``` +If `atomic: true`, all operations execute in a transaction. If any fails, all are rolled back. + +## Metadata API + +Retrieve object schemas and configuration. + +**Base path:** From `routes.metadata` (default: `/api/v1/meta`) + +### List All Objects + +**Request:** +```http +GET /api/v1/meta/objects +Authorization: Bearer +``` + +**Response:** +```json +{ + "success": true, + "data": [ + { + "name": "account", + "label": "Account", + "plural_label": "Accounts", + "description": "Business accounts and customers", + "api_enabled": true, + "searchable": true + }, + { + "name": "contact", + "label": "Contact", + "plural_label": "Contacts", + "api_enabled": true, + "searchable": true + } + ] +} +``` + +### Get Object Schema + +**Request:** +```http +GET /api/v1/meta/objects/account +Authorization: Bearer +``` + +**Response:** +```json +{ + "success": true, + "data": { + "name": "account", + "label": "Account", + "plural_label": "Accounts", + "fields": { + "id": { + "name": "id", + "label": "ID", + "type": "text", + "readonly": true, + "required": true + }, + "name": { + "name": "name", + "label": "Account Name", + "type": "text", + "required": true, + "maxLength": 255 + }, + "industry": { + "name": "industry", + "label": "Industry", + "type": "select", + "options": ["Technology", "SaaS", "Healthcare", "Finance"] + }, + "revenue": { + "name": "revenue", + "label": "Annual Revenue", + "type": "number", + "format": "currency" + } + }, + "enable": { + "trackHistory": true, + "apiEnabled": true, + "softDelete": true + } + } +} +``` + +## Request Headers + +### Standard Headers + +**Required:** +```http +Authorization: Bearer +Content-Type: application/json # For POST/PATCH +``` + +**Optional:** +```http +Accept-Language: en-US # Preferred language +X-Request-ID: uuid # Request tracking +X-API-Version: 2 # API version preference +``` + +### CORS Headers + +ObjectStack sends CORS headers automatically: + +```http +Access-Control-Allow-Origin: https://app.acme.com +Access-Control-Allow-Methods: GET, POST, PATCH, DELETE, OPTIONS +Access-Control-Allow-Headers: Authorization, Content-Type +Access-Control-Max-Age: 86400 +``` + +**Preflight request:** +```http +OPTIONS /api/v1/data/account +Origin: https://app.acme.com +Access-Control-Request-Method: POST +``` + +**Preflight response:** +```http +HTTP/1.1 204 No Content +Access-Control-Allow-Origin: https://app.acme.com +Access-Control-Allow-Methods: POST +Access-Control-Max-Age: 86400 +``` + +## Caching + +ObjectStack supports HTTP caching for GET requests: + +**Response with cache headers:** +```http +HTTP/1.1 200 OK +Cache-Control: private, max-age=60 +ETag: "abc123def456" +Last-Modified: Wed, 15 Jan 2024 10:30:00 GMT +``` + +**Conditional request:** +```http +GET /api/v1/data/account/acc_123 +If-None-Match: "abc123def456" +``` + +**Not modified response:** +```http +HTTP/1.1 304 Not Modified +ETag: "abc123def456" +``` + +**Cache behavior:** +- GET requests: Cacheable with ETags +- POST/PATCH/DELETE: Not cacheable +- Cache duration: Configurable per object (default 60 seconds) + +## Rate Limiting + +Requests include rate limit headers: + +```http +HTTP/1.1 200 OK +X-RateLimit-Limit: 1000 +X-RateLimit-Remaining: 847 +X-RateLimit-Reset: 1705324800 +``` + +**When limit exceeded:** +```http +HTTP/1.1 429 Too Many Requests +Retry-After: 45 +X-RateLimit-Limit: 1000 +X-RateLimit-Remaining: 0 +X-RateLimit-Reset: 1705324800 + +{ + "success": false, + "error": { + "code": "RATE_LIMITED", + "message": "Rate limit exceeded", + "retry_after": 45, + "limit": 1000, + "window": "1m" + } +} +``` + +See [Error Handling](/docs/transport/error-handling) for more details. + +## Best Practices + +### Use Field Selection +❌ **Bad:** Fetch all fields when you only need a few +```http +GET /api/data/account +``` + +✅ **Good:** Request only needed fields +```http +GET /api/data/account?select=id,name,status +``` + +### Use Includes for Relations +❌ **Bad:** N+1 queries +```javascript +const tasks = await fetch('/api/data/task'); +for (const task of tasks.data) { + task.assignee = await fetch(`/api/data/user/${task.assignee_id}`); +} +``` + +✅ **Good:** Single query with includes +```javascript +const tasks = await fetch('/api/data/task?include=assignee'); +``` + +### Respect Rate Limits +✅ **Good:** Check headers and implement backoff +```javascript +const response = await fetch('/api/data/task'); +const remaining = response.headers.get('X-RateLimit-Remaining'); + +if (remaining < 10) { + console.warn('Approaching rate limit'); + await sleep(1000); +} +``` + +### Handle Errors Gracefully +✅ **Good:** Parse error structure +```javascript +const response = await fetch('/api/data/task', { method: 'POST', body: data }); +const result = await response.json(); + +if (!result.success) { + if (result.error.code === 'VALIDATION_ERROR') { + result.error.fields.forEach(field => { + showFieldError(field.field, field.message); + }); + } +} +``` + +## Next Steps + + + } + title="Real-Time Protocols" + description="Learn WebSocket subscriptions and event streaming" + href="/docs/transport/realtime" + /> + } + title="Error Handling" + description="Master error codes and debugging strategies" + href="/docs/transport/error-handling" + /> + diff --git a/content/docs/objectos/transport/index.mdx b/content/docs/objectos/transport/index.mdx new file mode 100644 index 000000000..399b04bf9 --- /dev/null +++ b/content/docs/objectos/transport/index.mdx @@ -0,0 +1,440 @@ +--- +title: Transport & Interaction +description: HTTP, WebSocket, and real-time communication protocols for ObjectStack +--- + +import { Radio, Zap, Network, Shield, Globe, Code, AlertCircle } from 'lucide-react'; + +# Transport & Interaction + +The **Transport & Interaction Protocol** defines how clients communicate with ObjectStack servers through standardized HTTP/REST APIs, real-time WebSocket connections, and event streaming interfaces. + +## Why This Protocol Exists + +**Problem:** Modern applications need multiple communication channels—REST for CRUD operations, WebSockets for live updates, webhooks for external integrations. Each requires different infrastructure: + +- **REST APIs:** Developers write hundreds of routes manually, struggle with inconsistent response formats, forget to validate inputs +- **Real-time updates:** Building WebSocket servers requires Redis pub/sub, connection pooling, heartbeat logic, reconnection handling +- **Error handling:** Every endpoint returns errors differently—some use status codes, others embed errors in `200 OK` responses +- **API evolution:** Adding a field breaks clients, removing a field breaks others, versioning becomes a nightmare +- **Security gaps:** One forgotten `if (!authenticated)` check creates a data breach + +Traditional approach: Write thousands of lines of Express/FastAPI/Spring Boot code, maintain separate REST and WebSocket codebases, pray nothing breaks during deployments. + +**Solution:** The Transport Protocol **auto-generates REST and WebSocket endpoints** from your data model. Every object you define gets CRUD operations, real-time subscriptions, and error handling automatically. Communication patterns are configuration, not code. + +## Business Value Delivered + + + } + title="Ship APIs 10x Faster" + description="Define a data object, get REST + WebSocket endpoints instantly. Zero boilerplate code to write or maintain." + /> + } + title="Zero Transport-Layer Bugs" + description="Authentication, validation, error handling, and rate limiting enforced by protocol—not developer discipline." + /> + } + title="Multi-Channel by Default" + description="Every object supports REST, GraphQL, WebSocket, and webhooks. One definition, four communication channels." + /> + } + title="Production-Grade from Day One" + description="Built-in CORS, compression, caching, retry logic, and connection pooling. No DevOps required." + /> + + +## What This Protocol Enables + +### 1. Auto-Generated REST Endpoints + +Define an object in Data Protocol → get REST endpoints automatically: + +```typescript +// Define object +const TaskObject = defineObject({ + name: 'task', + label: 'Task', + fields: { + title: text({ required: true }), + status: select({ + options: ['todo', 'in_progress', 'done'] + }), + assignee: lookup({ reference: 'user' }) + } +}); +``` + +**Auto-generated endpoints:** +- `GET /api/data/task` - List tasks +- `POST /api/data/task` - Create task +- `GET /api/data/task/:id` - Get task by ID +- `PATCH /api/data/task/:id` - Update task +- `DELETE /api/data/task/:id` - Delete task + +**Advanced features included:** +- **Filtering:** `GET /api/data/task?filter[status]=todo` +- **Sorting:** `GET /api/data/task?sort=-created_at` +- **Pagination:** `GET /api/data/task?page=2&per_page=25` +- **Field selection:** `GET /api/data/task?fields=title,status` +- **Relations:** `GET /api/data/task?include=assignee` + +**Real-world impact:** A project management SaaS launches with 15 objects (Task, Project, User, Comment, etc.). That's **75 REST endpoints** automatically. Add a new object? 5 more endpoints appear instantly. Zero code written. + +### 2. Real-Time WebSocket Subscriptions + +Subscribe to live data updates without polling: + +```javascript +// Client subscribes to task updates +const subscription = ws.subscribe('task', { + filter: { assignee_id: currentUser.id }, + events: ['created', 'updated'] +}); + +subscription.on('message', (event) => { + console.log('Task updated:', event.data); + updateUI(event.data); +}); +``` + +**Server pushes updates automatically:** +- When a task is created: `{ event: 'created', object: 'task', data: {...} }` +- When a task is updated: `{ event: 'updated', object: 'task', data: {...} }` +- When a task is deleted: `{ event: 'deleted', object: 'task', id: '...' }` + +**Why it matters:** Traditional polling (`setInterval(() => fetch('/api/tasks'), 5000)`) wastes bandwidth and delays updates. WebSocket subscriptions deliver updates **instantly** with 95% less network overhead. + +**Real-world use case:** A collaborative task board has 50 concurrent users. With polling (5-second intervals), that's **36,000 requests/hour** hitting the database. With WebSockets, users subscribe once and receive push updates—**50 connections total**, 99% reduction in server load. + +### 3. Standardized Error Handling + +Every API response follows a consistent format: + +**Success Response:** +```json +{ + "success": true, + "data": { + "id": "task_123", + "title": "Implement API", + "status": "in_progress" + } +} +``` + +**Error Response:** +```json +{ + "success": false, + "error": { + "code": "VALIDATION_ERROR", + "message": "Title is required", + "field": "title", + "details": { + "constraint": "required", + "value": null + } + } +} +``` + +**Standard error codes:** +- `VALIDATION_ERROR` - Input validation failed +- `NOT_FOUND` - Resource doesn't exist +- `UNAUTHORIZED` - Authentication required +- `FORBIDDEN` - Insufficient permissions +- `RATE_LIMITED` - Too many requests +- `SERVER_ERROR` - Internal server error + +**Business value:** Frontend developers write error handling once. Every API call uses the same error structure. No more `if (response.error || response.errors || response.message)` conditional spaghetti. + +### 4. API Discovery and Self-Documentation + +Every ObjectStack server exposes a discovery endpoint that returns all available APIs: + +```http +GET /.well-known/objectstack +``` + +```json +{ + "name": "Acme CRM Production", + "version": "2.1.0", + "environment": "production", + "routes": { + "data": "/api/v1/data", + "metadata": "/api/v1/meta", + "auth": "/api/v1/auth", + "realtime": "wss://api.acme.com/ws", + "graphql": "/api/v1/graphql" + }, + "features": { + "graphql": true, + "websocket": true, + "webhooks": true, + "batch": true + }, + "limits": { + "max_page_size": 100, + "rate_limit": 1000, + "rate_window": "1m" + } +} +``` + +**Use cases:** +- **Client initialization:** Apps request discovery on startup to configure API URLs +- **SDK generation:** Auto-generate TypeScript/Python/Go SDKs from schema +- **Partner integrations:** Third parties build integrations without outdated documentation + +**Real-world impact:** A company opens their API to partners. Instead of maintaining API docs (always outdated), partners hit `/api/discovery`, get current schema, build integrations without asking engineering for help. + +### 5. Rate Limiting and Quota Enforcement + +Prevent API abuse with declarative rate limits: + +```typescript +// Configure rate limits per object +const TaskObject = defineObject({ + name: 'task', + api: { + rateLimit: { + query: { requests: 100, window: '1m' }, + create: { requests: 10, window: '1m' }, + update: { requests: 50, window: '1m' } + } + } +}); +``` + +**When limits are exceeded:** +```http +HTTP/1.1 429 Too Many Requests +Content-Type: application/json +Retry-After: 45 + +{ + "success": false, + "error": { + "code": "RATE_LIMITED", + "message": "Too many requests", + "retry_after": 45, + "limit": 100, + "window": "1m" + } +} +``` + +**Per-user quota tracking:** +- Free tier: 10,000 API calls/month +- Pro tier: 1,000,000 API calls/month +- Enterprise: Unlimited + +**Business value:** A freemium SaaS gives 10K API calls/month for free. Power users hit the limit in 2 weeks and upgrade to $99/month. Result: $50K/year revenue from API monetization. + +## Communication Channels + +ObjectStack supports multiple transport mechanisms: + +### HTTP/REST +**Best for:** CRUD operations, stateless requests, third-party integrations + +**Characteristics:** +- Request/response pattern +- Stateless (each request independent) +- Cacheable responses +- Firewall-friendly (port 80/443) + +**Use cases:** +- Mobile app fetching user profile +- External system creating records via webhook +- Browser-based CRUD operations + +### WebSocket +**Best for:** Real-time dashboards, collaborative editing, live notifications + +**Characteristics:** +- Bi-directional persistent connection +- Low latency (no HTTP overhead per message) +- Server can push without client request +- Requires connection state management + +**Use cases:** +- Chat applications +- Live data dashboards +- Multiplayer collaboration +- IoT device communication + +### Server-Sent Events (SSE) +**Best for:** One-way server-to-client streaming, simple real-time updates + +**Characteristics:** +- Unidirectional (server to client only) +- Automatic reconnection built-in +- Works over HTTP (easier to proxy) +- Less overhead than WebSocket for read-only updates + +**Use cases:** +- Notification feeds +- Live activity streams +- Server status monitoring +- Progress indicators + +### GraphQL +**Best for:** Complex queries, mobile apps with bandwidth constraints + +**Characteristics:** +- Query exactly the fields you need +- Batch multiple resources in one request +- Strongly typed schema +- Client controls response shape + +**Use cases:** +- Mobile apps minimizing payload size +- Complex nested data fetching +- Frontend-driven API exploration + +## Security Considerations + +### Authentication +Every request requires authentication: + +```http +GET /api/data/task +Authorization: Bearer +``` + +Supported auth methods: +- **JWT tokens:** Stateless authentication +- **API keys:** Third-party integrations +- **OAuth 2.0:** External services +- **Session cookies:** Browser-based apps + +### CORS Configuration +Configure allowed origins: + +```typescript +const api = defineApi({ + cors: { + origins: ['https://app.acme.com', 'https://admin.acme.com'], + methods: ['GET', 'POST', 'PATCH', 'DELETE'], + credentials: true, + maxAge: 86400 + } +}); +``` + +### Input Validation +All requests validated against schema: + +```http +POST /api/data/task +Content-Type: application/json + +{ + "title": "", // ❌ Validation fails + "status": "invalid" // ❌ Not in enum +} +``` + +```json +{ + "success": false, + "error": { + "code": "VALIDATION_ERROR", + "message": "Validation failed", + "fields": [ + { "field": "title", "message": "Title is required" }, + { "field": "status", "message": "Must be one of: todo, in_progress, done" } + ] + } +} +``` + +### Permission Enforcement +Row-level security applied to all operations: + +```typescript +// User can only see their own tasks +const query = { + object: 'task', + filter: { assignee_id: currentUser.id } // Auto-injected +}; +``` + +Even if a client sends: +```http +GET /api/data/task?filter[assignee_id]=other_user_id +``` + +Permission layer rewrites to: +```sql +WHERE assignee_id = 'current_user_id' -- Enforced by server +``` + +## Real-World Use Cases + +### Case 1: Mobile App Backend +**Challenge:** A startup needs a backend API for iOS/Android apps. They have no backend engineers. + +**Transport Protocol Solution:** Define objects (User, Post, Comment), deploy ObjectStack, get REST APIs + WebSocket support. Mobile app authenticates via OAuth, calls `/api/data/post` to fetch feed, subscribes to WebSocket for live updates. + +**Value:** Shipped mobile app in 6 weeks with 1 full-stack engineer (vs. 3-month timeline with dedicated backend team). + +### Case 2: Real-Time Dashboard +**Challenge:** A SaaS app has a revenue dashboard that polls `/api/revenue` every 5 seconds. 1,000 concurrent users = 12M API calls/hour, killing the database. + +**Transport Protocol Solution:** Switch dashboard to WebSocket subscriptions. Server pushes revenue updates only when data changes (e.g., new sale). Clients subscribe once, receive updates passively. + +**Value:** API load reduced by 95%. Database CPU usage dropped from 80% to 10%. $5K/month infrastructure savings. + +### Case 3: Third-Party Integration Platform +**Challenge:** A CRM vendor wants partners to build integrations (Zapier, Make.com). Partners demand well-documented APIs. + +**Transport Protocol Solution:** Enable API discovery. Partners hit `/.well-known/objectstack`, get full schema, generate SDKs, build integrations without contacting engineering team. + +**Value:** 50+ partner integrations built in 6 months. Marketplace ecosystem drives 30% of new customer acquisition. + +## Integration with Other Protocols + +- **Data Protocol:** Transport exposes objects defined in Data Protocol; APIs auto-generated from schemas +- **Permission Protocol:** Every API call filtered by user's row-level security and object permissions +- **Auth Protocol:** Transport layer validates JWT tokens, API keys, OAuth credentials +- **System Protocol:** API calls logged for audit; rate limit violations trigger alerts +- **Automation Protocol:** Webhooks invoke workflows when API events occur + +**Key insight:** Transport Protocol is the **interface layer** of ObjectStack. It exposes your business logic (data, workflows, permissions) to the outside world—web apps, mobile apps, partners, IoT devices—with security and scalability built-in. + +## Next Steps + + + } + title="HTTP API" + description="Learn REST endpoint conventions, request/response formats, and CRUD operations" + href="/docs/transport/http-api" + /> + } + title="Real-Time Protocols" + description="Implement WebSocket subscriptions, SSE streams, and event-driven updates" + href="/docs/transport/realtime" + /> + } + title="Error Handling" + description="Master error codes, response formats, and debugging strategies" + href="/docs/transport/error-handling" + /> + } + title="API Reference" + description="Explore detailed API specifications and code examples" + href="/docs/references/api" + /> + diff --git a/content/docs/objectos/transport/meta.json b/content/docs/objectos/transport/meta.json new file mode 100644 index 000000000..dc631a0b3 --- /dev/null +++ b/content/docs/objectos/transport/meta.json @@ -0,0 +1,8 @@ +{ + "title": "Transport & Interaction", + "pages": [ + "http-api", + "realtime", + "error-handling" + ] +} diff --git a/content/docs/objectos/transport/realtime.mdx b/content/docs/objectos/transport/realtime.mdx new file mode 100644 index 000000000..874d9a6cc --- /dev/null +++ b/content/docs/objectos/transport/realtime.mdx @@ -0,0 +1,1021 @@ +--- +title: Real-Time Protocols +description: WebSocket subscriptions, Server-Sent Events, and event-driven communication in ObjectStack +--- + +import { Zap, Radio, Activity, Bell, Users, Gauge, AlertCircle } from 'lucide-react'; + +# Real-Time Protocols + +The **Real-Time Protocol** enables live data synchronization between clients and servers using WebSocket connections and Server-Sent Events (SSE). Get instant updates when data changes without polling. + +## Why Real-Time Matters + +**Problem:** Traditional REST APIs require polling to detect changes: + +```javascript +// ❌ Polling approach - wasteful and laggy +setInterval(async () => { + const response = await fetch('/api/data/task'); + const tasks = await response.json(); + updateUI(tasks); +}, 5000); // Check every 5 seconds +``` + +**Costs of polling:** +- **Latency:** Updates delayed by polling interval (5 seconds = 5-second lag) +- **Bandwidth waste:** 99% of requests return "no changes" +- **Server load:** 1,000 users polling every 5s = 12M requests/hour +- **Database strain:** Constant query execution even when nothing changed +- **Battery drain:** Mobile devices make unnecessary network calls + +**Solution:** Real-time subscriptions push updates instantly when data changes. Clients subscribe once, server pushes updates. Zero polling, zero lag. + +## Business Value Delivered + + + } + title="Instant User Experience" + description="Changes appear immediately across all connected clients. No refresh required." + /> + } + title="95% Less Server Load" + description="Replace millions of polling requests with persistent connections. Massive infrastructure savings." + /> + } + title="Enable Collaboration" + description="Multiple users editing the same data see each other's changes in real-time. Google Docs-style UX." + /> + } + title="Live Notifications" + description="Deliver alerts, messages, and updates the moment they happen. No missed events." + /> + + +## Communication Channels + +ObjectStack supports two real-time protocols: + +### WebSocket (Bi-Directional) + +**Best for:** Interactive applications requiring two-way communication + +**Characteristics:** +- Full-duplex communication (client and server both send) +- Low latency (no HTTP overhead per message) +- Persistent connection +- Binary and text messages supported + +**Use cases:** +- Chat applications +- Collaborative editing (Google Docs, Figma) +- Multiplayer games +- Live dashboards with user interactions +- IoT device communication + +### Server-Sent Events (SSE) (Server-to-Client) + +**Best for:** One-way server-to-client streaming + +**Characteristics:** +- Unidirectional (server pushes only) +- Works over HTTP (easier firewall traversal) +- Automatic reconnection built-in +- Text-based (JSON messages) + +**Use cases:** +- Activity feeds +- Notification streams +- Live status updates +- Progress indicators +- Read-only dashboards + +## WebSocket Connection + +### Connection Endpoint + +Get WebSocket URL from discovery: + +```http +GET /.well-known/objectstack +``` + +```json +{ + "routes": { + "realtime": "wss://api.acme.com/ws" + } +} +``` + +### Establishing Connection + +**Client-side (JavaScript):** +```javascript +const ws = new WebSocket('wss://api.acme.com/ws'); + +ws.onopen = () => { + console.log('Connected to ObjectStack'); + + // Authenticate + ws.send(JSON.stringify({ + type: 'auth', + token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' + })); +}; + +ws.onmessage = (event) => { + const message = JSON.parse(event.data); + console.log('Received:', message); +}; + +ws.onerror = (error) => { + console.error('WebSocket error:', error); +}; + +ws.onclose = (event) => { + console.log('Connection closed:', event.code, event.reason); +}; +``` + +### Authentication + +Send authentication message immediately after connection: + +**Request:** +```json +{ + "type": "auth", + "token": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." +} +``` + +**Success Response:** +```json +{ + "type": "auth_success", + "user_id": "user_123", + "session_id": "session_abc", + "expires_at": "2024-01-16T22:30:00Z" +} +``` + +**Failure Response:** +```json +{ + "type": "auth_error", + "error": { + "code": "INVALID_TOKEN", + "message": "JWT token expired" + } +} +``` + +**Connection closes on auth failure:** Server closes WebSocket if authentication fails within 10 seconds. + +## Subscriptions + +### Subscribe to Object Events + +Subscribe to changes on a specific object: + +**Request:** +```json +{ + "type": "subscribe", + "subscription_id": "sub_1", + "object": "task", + "events": ["created", "updated", "deleted"], + "filter": { + "assignee_id": "user_123" + } +} +``` + +**Parameters:** +- `subscription_id`: Client-generated unique ID for this subscription +- `object`: Object name to subscribe to +- `events`: Array of events to listen for (default: all) +- `filter`: Optional filter (same syntax as HTTP API filters) + +**Success Response:** +```json +{ + "type": "subscribed", + "subscription_id": "sub_1", + "object": "task", + "events": ["created", "updated", "deleted"] +} +``` + +**Error Response:** +```json +{ + "type": "error", + "subscription_id": "sub_1", + "error": { + "code": "FORBIDDEN", + "message": "No permission to subscribe to 'task' object" + } +} +``` + +### Event Types + +| Event | Triggered When | Payload | +|-------|---------------|---------| +| `created` | New record created | Full record data | +| `updated` | Record modified | Changed fields + record ID | +| `deleted` | Record deleted | Record ID only | +| `restored` | Soft-deleted record restored | Full record data | + +### Receiving Events + +When subscribed data changes, server pushes events: + +**Created Event:** +```json +{ + "type": "event", + "subscription_id": "sub_1", + "event": "created", + "object": "task", + "data": { + "id": "task_456", + "title": "New task assigned to you", + "status": "todo", + "assignee_id": "user_123", + "created_at": "2024-01-16T14:30:00Z" + } +} +``` + +**Updated Event:** +```json +{ + "type": "event", + "subscription_id": "sub_1", + "event": "updated", + "object": "task", + "data": { + "id": "task_456", + "status": "in_progress", + "updated_at": "2024-01-16T15:00:00Z" + }, + "changes": { + "status": { + "old": "todo", + "new": "in_progress" + } + } +} +``` + +**Deleted Event:** +```json +{ + "type": "event", + "subscription_id": "sub_1", + "event": "deleted", + "object": "task", + "data": { + "id": "task_456", + "deleted_at": "2024-01-16T16:00:00Z" + } +} +``` + +### Unsubscribe + +Stop receiving events for a subscription: + +**Request:** +```json +{ + "type": "unsubscribe", + "subscription_id": "sub_1" +} +``` + +**Response:** +```json +{ + "type": "unsubscribed", + "subscription_id": "sub_1" +} +``` + +### Subscribe to Specific Record + +Watch a single record for changes: + +**Request:** +```json +{ + "type": "subscribe", + "subscription_id": "sub_2", + "object": "task", + "record_id": "task_456", + "events": ["updated", "deleted"] +} +``` + +**Use case:** Detail pages that need to reflect live changes to the currently viewed record. + +### Subscribe to Query Results + +Subscribe to a dynamic set of records matching a query: + +**Request:** +```json +{ + "type": "subscribe", + "subscription_id": "sub_3", + "object": "task", + "query": { + "filter": { + "status": "todo", + "assignee_id": "user_123" + }, + "sort": "-priority" + }, + "events": ["created", "updated", "deleted"] +} +``` + +**Behavior:** +- Receive `created` events when records matching query are created +- Receive `updated` events when subscribed records change +- Receive `deleted` events when subscribed records are deleted +- Automatically receive events when records enter/exit the query filter + +**Example:** Task enters subscription: +```json +{ + "type": "event", + "subscription_id": "sub_3", + "event": "updated", + "object": "task", + "data": { + "id": "task_789", + "status": "todo", // Changed from "in_progress" to "todo" + "assignee_id": "user_123" + }, + "reason": "entered_query" +} +``` + +**Example:** Task exits subscription: +```json +{ + "type": "event", + "subscription_id": "sub_3", + "event": "updated", + "object": "task", + "data": { + "id": "task_456", + "status": "done" // No longer matches "todo" filter + }, + "reason": "exited_query" +} +``` + +## Server-Sent Events (SSE) + +### Connection Endpoint + +**GET request with Accept header:** +```http +GET /api/v1/stream +Authorization: Bearer +Accept: text/event-stream +``` + +**Response:** +```http +HTTP/1.1 200 OK +Content-Type: text/event-stream +Cache-Control: no-cache +Connection: keep-alive +``` + +### Subscription via Query Parameters + +Subscribe using URL parameters: + +```http +GET /api/v1/stream?object=task&events=created,updated&filter={"assignee_id":"user_123"} +Authorization: Bearer +Accept: text/event-stream +``` + +### Event Format + +SSE sends events as text: + +``` +id: event_123 +event: task.created +data: {"id":"task_456","title":"New task","status":"todo"} + +id: event_124 +event: task.updated +data: {"id":"task_456","status":"in_progress"} +``` + +**Client-side (JavaScript):** +```javascript +const eventSource = new EventSource( + '/api/v1/stream?object=task&events=created,updated', + { + headers: { + 'Authorization': 'Bearer ' + token + } + } +); + +eventSource.addEventListener('task.created', (event) => { + const task = JSON.parse(event.data); + console.log('Task created:', task); +}); + +eventSource.addEventListener('task.updated', (event) => { + const task = JSON.parse(event.data); + console.log('Task updated:', task); +}); + +eventSource.onerror = (error) => { + console.error('SSE error:', error); + eventSource.close(); +}; +``` + +### Automatic Reconnection + +SSE clients automatically reconnect when connection drops: + +``` +id: event_200 +event: task.created +data: {...} + +# Connection lost + +# Client reconnects with Last-Event-ID header +GET /api/v1/stream?object=task +Last-Event-ID: event_200 + +# Server resumes from event_201 +id: event_201 +event: task.updated +data: {...} +``` + +## Heartbeat & Keep-Alive + +### Server Heartbeat + +Server sends periodic ping messages to detect disconnections: + +**WebSocket ping (every 30 seconds):** +```json +{ + "type": "ping", + "timestamp": "2024-01-16T14:30:00Z" +} +``` + +**Client should respond with pong:** +```json +{ + "type": "pong", + "timestamp": "2024-01-16T14:30:00Z" +} +``` + +**SSE heartbeat (comment):** +``` +: heartbeat +``` + +### Client Reconnection + +Handle disconnections gracefully: + +```javascript +class ObjectStackClient { + constructor(url, token) { + this.url = url; + this.token = token; + this.subscriptions = new Map(); + this.reconnectDelay = 1000; // Start with 1 second + this.maxReconnectDelay = 30000; // Max 30 seconds + } + + connect() { + this.ws = new WebSocket(this.url); + + this.ws.onopen = () => { + console.log('Connected'); + this.reconnectDelay = 1000; // Reset backoff + this.authenticate(); + this.resubscribe(); + }; + + this.ws.onclose = () => { + console.log('Disconnected, reconnecting in', this.reconnectDelay); + setTimeout(() => this.connect(), this.reconnectDelay); + this.reconnectDelay = Math.min( + this.reconnectDelay * 2, + this.maxReconnectDelay + ); + }; + } + + authenticate() { + this.send({ type: 'auth', token: this.token }); + } + + resubscribe() { + this.subscriptions.forEach((config, id) => { + this.send({ ...config, subscription_id: id }); + }); + } + + subscribe(config) { + const id = `sub_${Date.now()}`; + this.subscriptions.set(id, config); + this.send({ ...config, type: 'subscribe', subscription_id: id }); + return id; + } + + send(message) { + this.ws.send(JSON.stringify(message)); + } +} + +// Usage +const client = new ObjectStackClient('wss://api.acme.com/ws', token); +client.connect(); +``` + +## Permission Enforcement + +Real-time subscriptions respect object-level and row-level permissions: + +**Scenario:** User subscribes to all tasks: +```json +{ + "type": "subscribe", + "subscription_id": "sub_1", + "object": "task", + "events": ["created", "updated"] +} +``` + +**Permission enforcement:** +- Server applies row-level security filter automatically +- User only receives events for tasks they have permission to see +- If a task becomes visible (e.g., gets assigned to user), they receive an `updated` event +- If a task becomes hidden (e.g., assigned to someone else), no more events sent + +**Example:** User has rule "see only assigned tasks": + +```javascript +// User is assigned task_456 +{ + "type": "event", + "event": "updated", + "object": "task", + "data": { "id": "task_456", "assignee_id": "user_123" }, + "reason": "entered_query" +} + +// Task reassigned to someone else +// No event sent - task is now invisible to user +``` + +## Scaling Considerations + +### Connection Limits + +Each WebSocket connection consumes server resources: + +**Per-user limits:** +- Maximum concurrent WebSocket connections: 5 +- Maximum subscriptions per connection: 50 +- Maximum subscriptions per user: 100 + +**Exceeding limits:** +```json +{ + "type": "error", + "error": { + "code": "TOO_MANY_SUBSCRIPTIONS", + "message": "Maximum 50 subscriptions per connection", + "current": 50, + "max": 50 + } +} +``` + +### Load Balancing + +WebSocket connections are sticky sessions: + +``` +Client → Load Balancer → Server A + (remembers) + +Client reconnects → Server A (same server) +``` + +**Why sticky sessions:** +- Subscription state lives in server memory +- Reconnecting to different server would lose subscriptions +- Load balancer uses session ID cookie to route to same server + +### Horizontal Scaling with Redis + +For multi-server deployments, ObjectStack uses Redis pub/sub: + +``` +Server A ←→ Redis Pub/Sub ←→ Server B + ↓ ↓ +Client 1 Client 2 + +# Data changes on Server A +Server A publishes to Redis → Server B receives → Client 2 gets update +``` + +**How it works:** +1. User A (connected to Server A) updates a task +2. Server A publishes event to Redis channel `objectstack:task:updated` +3. Server B (subscribed to Redis) receives event +4. Server B pushes event to User B via WebSocket + +**Result:** Multi-server deployments with real-time sync across all servers. + +## Real-World Use Cases + +### Case 1: Collaborative Task Board + +**Challenge:** Team of 20 uses Kanban board. When one person moves a task, others see stale state until they refresh. + +**Real-Time Solution:** +```javascript +// Each client subscribes to tasks +ws.subscribe({ + object: 'task', + events: ['created', 'updated', 'deleted'], + filter: { project_id: currentProject.id } +}); + +// When any user drags task to new column +await api.updateTask(taskId, { status: 'in_progress' }); + +// All 20 clients instantly see the task move +ws.on('task.updated', (task) => { + moveTaskOnBoard(task.id, task.status); +}); +``` + +**Value:** Zero conflicts. Everyone sees same board state in real-time. No "refresh to see latest" UX. + +### Case 2: Customer Support Dashboard + +**Challenge:** Support agents answer tickets. When agent A claims a ticket, agent B tries to claim the same ticket 2 seconds later (both see it as "unclaimed"). + +**Real-Time Solution:** +```javascript +// All agents subscribe to ticket updates +ws.subscribe({ + object: 'support_ticket', + events: ['updated'], + filter: { status: 'open' } +}); + +// Agent A claims ticket +await api.updateTicket(ticketId, { + assigned_to: 'agent_a', + status: 'in_progress' +}); + +// Agent B's dashboard instantly updates +ws.on('ticket.updated', (ticket) => { + if (ticket.status !== 'open') { + removeFromAvailableQueue(ticket.id); + } +}); +``` + +**Value:** Zero duplicate work. Tickets disappear from queue the instant they're claimed. + +### Case 3: Live Notifications + +**Challenge:** Users need instant alerts for mentions, assignments, approvals. + +**Real-Time Solution:** +```javascript +// Subscribe to user's notification stream +ws.subscribe({ + object: 'notification', + events: ['created'], + filter: { recipient_id: currentUser.id } +}); + +ws.on('notification.created', (notification) => { + showToast(notification.title, notification.message); + updateNotificationBadge(); + playSound(); +}); +``` + +**Value:** Instant notifications. No 5-second polling delay. Lower server load. + +### Case 4: IoT Device Monitoring + +**Challenge:** Factory has 500 IoT sensors. Dashboard needs to show live temperature, pressure, vibration data. + +**Real-Time Solution:** +```javascript +// Subscribe to all sensor readings +ws.subscribe({ + object: 'sensor_reading', + events: ['created'], + filter: { factory_id: 'factory_123' } +}); + +ws.on('sensor_reading.created', (reading) => { + updateGauge(reading.sensor_id, reading.value); + + if (reading.value > reading.threshold) { + triggerAlert(reading.sensor_id, 'THRESHOLD_EXCEEDED'); + } +}); +``` + +**Value:** Real-time monitoring. Instant alerts when thresholds exceeded. No polling 500 sensors every second. + +## Debugging Real-Time Connections + +### Connection State + +Check WebSocket connection state: + +```javascript +console.log(ws.readyState); +// 0: CONNECTING +// 1: OPEN +// 2: CLOSING +// 3: CLOSED +``` + +### Message Logging + +Enable debug logging: + +```javascript +ws.onmessage = (event) => { + const message = JSON.parse(event.data); + console.log('[RX]', message.type, message); +}; + +const originalSend = ws.send.bind(ws); +ws.send = (data) => { + const message = JSON.parse(data); + console.log('[TX]', message.type, message); + originalSend(data); +}; +``` + +### Server-Side Events + +Request server event log: + +```http +GET /api/v1/realtime/events?subscription_id=sub_1&limit=100 +Authorization: Bearer +``` + +**Response:** +```json +{ + "success": true, + "data": [ + { + "id": "event_123", + "subscription_id": "sub_1", + "event": "created", + "object": "task", + "timestamp": "2024-01-16T14:30:00Z", + "delivered": true + }, + { + "id": "event_124", + "subscription_id": "sub_1", + "event": "updated", + "object": "task", + "timestamp": "2024-01-16T14:35:00Z", + "delivered": false, + "reason": "client_disconnected" + } + ] +} +``` + +### Common Issues + +**Problem:** Events not received after reconnection + +**Solution:** Client should resubscribe after authentication: +```javascript +ws.onopen = () => { + authenticate().then(() => { + subscriptions.forEach(sub => subscribe(sub)); + }); +}; +``` + +**Problem:** Duplicate events + +**Solution:** Use subscription IDs to deduplicate: +```javascript +const seenEvents = new Set(); + +ws.on('event', (event) => { + if (seenEvents.has(event.id)) { + return; // Skip duplicate + } + seenEvents.add(event.id); + processEvent(event); +}); +``` + +**Problem:** Memory leak from subscriptions + +**Solution:** Unsubscribe when component unmounts: +```javascript +useEffect(() => { + const subId = ws.subscribe({ object: 'task', ... }); + + return () => { + ws.unsubscribe(subId); + }; +}, []); +``` + +## Best Practices + +### ✅ Subscribe to Specific Queries +**Bad:** Subscribe to entire object, filter client-side +```javascript +ws.subscribe({ object: 'task' }); // Receive ALL tasks +ws.on('task.created', (task) => { + if (task.assignee_id === currentUser.id) { // Filter client-side + showTask(task); + } +}); +``` + +**Good:** Subscribe with server-side filter +```javascript +ws.subscribe({ + object: 'task', + filter: { assignee_id: currentUser.id } +}); +``` + +### ✅ Implement Reconnection Logic +**Bad:** No reconnection handling +```javascript +const ws = new WebSocket(url); +// Connection drops → User sees stale data forever +``` + +**Good:** Automatic reconnection with exponential backoff +```javascript +class ReconnectingWebSocket { + connect() { + this.ws = new WebSocket(this.url); + this.ws.onclose = () => { + setTimeout(() => this.connect(), this.backoff()); + }; + } +} +``` + +### ✅ Unsubscribe When Not Needed +**Bad:** Keep subscriptions active on hidden tabs +```javascript +ws.subscribe({ object: 'task' }); +// User switches tabs → Still receiving events and processing +``` + +**Good:** Pause/resume subscriptions based on visibility +```javascript +document.addEventListener('visibilitychange', () => { + if (document.hidden) { + ws.unsubscribe(subId); + } else { + subId = ws.subscribe({ object: 'task' }); + } +}); +``` + +### ✅ Handle Permission Changes +**Good:** React to visibility changes +```javascript +ws.on('task.updated', (task) => { + if (task.reason === 'exited_query') { + removeFromUI(task.id); // User no longer has access + } else if (task.reason === 'entered_query') { + addToUI(task); // User gained access + } else { + updateInUI(task); + } +}); +``` + +## Security Considerations + +### Authentication Required +All WebSocket connections must authenticate within 10 seconds: + +```javascript +ws.onopen = () => { + ws.send(JSON.stringify({ + type: 'auth', + token: getToken() + })); +}; + +// Server closes connection if no auth within 10 seconds +``` + +### Token Expiration +Handle JWT expiration gracefully: + +```json +{ + "type": "error", + "error": { + "code": "TOKEN_EXPIRED", + "message": "JWT token expired", + "expires_at": "2024-01-16T14:30:00Z" + } +} +``` + +**Client response:** Refresh token and reconnect +```javascript +ws.onmessage = async (event) => { + const msg = JSON.parse(event.data); + if (msg.error?.code === 'TOKEN_EXPIRED') { + const newToken = await refreshToken(); + ws.close(); + reconnect(newToken); + } +}; +``` + +### Rate Limiting +WebSocket messages are rate-limited: + +```json +{ + "type": "error", + "error": { + "code": "RATE_LIMITED", + "message": "Too many messages", + "retry_after": 5, + "limit": 100, + "window": "1m" + } +} +``` + +**Limits:** +- Max 100 messages per minute per connection +- Max 10 subscriptions per minute per connection + +## Next Steps + + + } + title="HTTP API" + description="Learn REST endpoint conventions and CRUD operations" + href="/docs/transport/http-api" + /> + } + title="Error Handling" + description="Master error codes and debugging strategies" + href="/docs/transport/error-handling" + /> + diff --git a/content/docs/objectql/index.mdx b/content/docs/objectql/index.mdx new file mode 100644 index 000000000..91c2c93bc --- /dev/null +++ b/content/docs/objectql/index.mdx @@ -0,0 +1,409 @@ +--- +title: ObjectQL Overview +description: The database-agnostic data abstraction layer - Define once, run anywhere +--- + +import { Database, Zap, Shield, GitBranch, Target, CheckCircle } from 'lucide-react'; + +# ObjectQL: The Data Protocol + +**ObjectQL** (Object Query Language) is ObjectStack's database-agnostic data abstraction layer. It provides a single, declarative way to define business data models, validation rules, and queries that work consistently across SQL, NoSQL, Graph, and Time-series databases. + +## The Core Problem + +Traditional software development chains you to specific database technologies: + +- **PostgreSQL → MongoDB Migration:** Rewrite thousands of SQL queries +- **Schema Evolution:** Coordinate complex migration scripts across environments +- **Multi-Database Systems:** Maintain separate codebases for each database +- **Business Logic Scatter:** Validation rules duplicated in frontend, backend, and database triggers +- **Vendor Lock-in:** Switching databases requires months of rewrites + +## The ObjectQL Solution + + + } + title="Write Once, Run Anywhere" + description="Define objects in .object.yml. ObjectStack compiles to PostgreSQL, MongoDB, Redis, or Excel—no code changes." + /> + } + title="Schema as Code" + description="Version control your data model. Automatic migrations. Rollback schema changes like Git commits." + /> + } + title="Type Safety" + description="Runtime validation with Zod schemas. TypeScript types auto-generated. Catch errors before production." + /> + } + title="Business Semantics" + description="Fields encode intent: 'lookup' means relationship, 'formula' means calculated. Drivers optimize accordingly." + /> + + +## Architecture Overview + +``` +┌─────────────────────────────────────────────────────────────┐ +│ APPLICATION LAYER │ +│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │ +│ │ REST API │ │ GraphQL │ │ UI Forms │ │ +│ └──────┬──────┘ └──────┬──────┘ └──────┬──────┘ │ +└─────────┼─────────────────┼─────────────────┼───────────────┘ + │ │ │ + └─────────────────┼─────────────────┘ + │ + ┌─────────────────▼─────────────────┐ + │ ObjectQL Runtime │ + │ ┌──────────────────────────────┐ │ + │ │ Query Planner & Optimizer │ │ + │ └──────────┬───────────────────┘ │ + │ │ │ + │ ┌──────────▼───────────────────┐ │ + │ │ Driver Layer (Adapters) │ │ + │ └──┬────────┬────────┬─────────┘ │ + └─────┼────────┼────────┼────────────┘ + │ │ │ + ┌────────▼──┐ ┌──▼─────┐ │ ┌──────────┐ + │ PostgreSQL│ │MongoDB │ │ │ Redis │ + └───────────┘ └────────┘ │ └──────────┘ + │ + ┌──────▼───┐ + │ Excel │ + └──────────┘ +``` + +## Key Concepts + +### 1. Objects: Business Entities + +Objects are your business entities—not just database tables. They represent real-world concepts like `Customer`, `Order`, `Project`. + +```yaml +# customer.object.yml +name: customer +label: Customer +icon: standard:account +enable: + audit: true # Track field history + full_text_search: true # Global search + api: true # REST/GraphQL endpoints +fields: + company_name: + type: text + label: Company Name + required: true + industry: + type: select + options: + - { value: tech, label: Technology } + - { value: finance, label: Finance } +``` + +**What you get automatically:** +- Database table/collection created +- REST API endpoints: `GET/POST/PUT/DELETE /api/customer` +- Admin UI with list view and form +- Full-text search index +- Field history tracking +- TypeScript types + +### 2. Fields: Rich Type System + +ObjectQL provides 20+ field types that encode business semantics: + +| Field Type | Business Meaning | Example | +|------------|------------------|---------| +| `lookup` | Relationship | `account_id` references `account` | +| `formula` | Calculated value | `total = quantity * price` | +| `summary` | Aggregate children | `total_opportunities` counts child records | +| `currency` | Money with exchange rates | `{amount: 1000, currency: 'USD'}` | +| `address` | Geocoding & distance | `{street, city, lat, lng}` | + +See [Types Reference](/docs/protocols/objectql/types) for complete list. + +### 3. Query Language: Database-Agnostic AST + +Queries are expressed as **Abstract Syntax Trees (AST)**, not SQL strings: + +```typescript +// TypeScript Query +const query: Query = { + object: 'customer', + filters: [ + ['industry', '=', 'tech'], + ['annual_revenue', '>', 1000000] + ], + fields: ['company_name', 'industry', 'owner.name'], + sort: [{ field: 'created_at', order: 'desc' }], + limit: 10 +}; +``` + +**Runtime compilation to different databases:** + +```sql +-- PostgreSQL (with JOIN) +SELECT c.company_name, c.industry, u.name AS "owner.name" +FROM customer c +LEFT JOIN user u ON c.owner_id = u._id +WHERE c.industry = 'tech' AND c.annual_revenue > 1000000 +ORDER BY c.created_at DESC +LIMIT 10; +``` + +```javascript +// MongoDB +db.customer.aggregate([ + { + $match: { + industry: 'tech', + annual_revenue: { $gt: 1000000 } + } + }, + { + $lookup: { + from: 'user', + localField: 'owner_id', + foreignField: '_id', + as: 'owner' + } + }, + { $sort: { created_at: -1 } }, + { $limit: 10 } +]); +``` + +### 4. Validation: Business Rules as Data + +Validation rules are declared alongside the schema: + +```yaml +validation_rules: + - name: end_after_start + condition: "end_date < start_date" + message: "End date must be after start date" + + - name: enterprise_requires_contract + condition: "account_type = 'Enterprise' AND contract_value = null" + message: "Enterprise accounts require contract value" +``` + +**Validation executes:** +- Before database write (server-side) +- In UI forms (compiled to JavaScript) +- In API requests (REST/GraphQL) +- In bulk imports (CSV, Excel) + +## Real-World Use Cases + +### Multi-Database Architecture + +**Scenario:** E-commerce platform with: +- PostgreSQL: Transactional data (orders, payments) +- MongoDB: Product catalog (flexible schemas) +- Redis: Session cache +- Elasticsearch: Product search + +**ObjectQL Solution:** +```yaml +# order.object.yml +name: order +datasource: postgres_main +fields: + customer_id: + type: lookup + reference_to: customer # Also in PostgreSQL + +# product.object.yml +name: product +datasource: mongodb_catalog +fields: + attributes: + type: json # Flexible product attributes +``` + +**Result:** One query API works across all databases: +```typescript +// Same code, different databases +const orders = await ObjectQL.query({ object: 'order' }); +const products = await ObjectQL.query({ object: 'product' }); +``` + +### Schema Evolution + +**Challenge:** Add a new field to `customer` object with 10M records. + +**Traditional Approach:** +```sql +-- Manual migration, downtime required +ALTER TABLE customer ADD COLUMN credit_score INTEGER; +-- Backfill historical data +UPDATE customer SET credit_score = 0 WHERE credit_score IS NULL; +``` + +**ObjectQL Approach:** +```yaml +# Edit customer.object.yml +fields: + credit_score: + type: number + default_value: 0 + migration: + backfill: true # Automatically backfill existing records +``` + +```bash +# Deploy (zero downtime) +objectstack deploy --migrate +``` + +**What happens:** +1. ObjectQL analyzes schema diff +2. Generates database-specific migration +3. Applies changes online (no downtime) +4. Backfills data in background +5. Updates API/UI automatically + +### Offline-First Mobile + +**Challenge:** Field sales app needs to work offline. + +**ObjectQL Solution:** +```yaml +# Same object definition +name: opportunity +enable: + offline_sync: true # Enable offline support +``` + +**Runtime:** +- **Server:** PostgreSQL (production database) +- **Mobile:** SQLite (on-device database) +- **Sync:** Conflict resolution built into protocol + +**Code is identical:** +```typescript +// Works online or offline +const opportunities = await ObjectQL.query({ + object: 'opportunity', + filters: [['owner_id', '=', currentUser.id]] +}); +``` + +## Integration with Other Protocols + +ObjectQL is the foundation for other protocols: + +``` +ObjectQL (Data Layer) + ↓ + ├→ ObjectUI (UI Protocol) + │ └→ Auto-generate forms, tables, dashboards + │ + ├→ Permission Protocol + │ └→ Row-level security, field-level access + │ + ├→ API Protocol + │ └→ REST/GraphQL endpoints + │ + └→ Automation Protocol + └→ Triggers, workflows, scheduled jobs +``` + +## Performance Characteristics + +### Query Optimization + +ObjectQL analyzes queries and applies database-specific optimizations: + +- **Index Selection:** Chooses best index based on filters +- **Join Strategy:** Hash join vs nested loop based on data size +- **Projection Pushdown:** Only fetches requested fields +- **Filter Pushdown:** Applies filters at database level + +**Example:** +```typescript +// This query +const query = { + object: 'customer', + filters: [['industry', '=', 'tech']], + fields: ['company_name'] +}; + +// Optimizes to (PostgreSQL) +SELECT company_name FROM customer WHERE industry = 'tech'; +// NOT: SELECT * FROM customer WHERE industry = 'tech'; +``` + +### Caching Strategy + +- **Schema Cache:** Object definitions cached in memory +- **Query Plan Cache:** Compiled queries reused +- **Result Cache:** Redis/Memcached for frequently accessed data + +## Security Model + +ObjectQL enforces security at the **data layer**, before queries execute: + +```typescript +// User requests data +const query = { object: 'account' }; + +// ObjectQL applies permissions +const securedQuery = { + object: 'account', + filters: [ + ...query.filters, + ['owner_id', '=', currentUser.id] // Row-level security + ], + fields: query.fields.filter(f => + currentUser.hasFieldAccess('account', f) // Field-level security + ) +}; +``` + +See [Security Protocol](/docs/protocols/objectql/security) for details. + +## Learning Path + +**Start Here:** +1. [Schema Definition](/docs/protocols/objectql/schema) - Learn to define objects and fields +2. [Type System](/docs/protocols/objectql/types) - Understand field types and relationships + +**Intermediate:** +3. [Query Syntax](/docs/protocols/objectql/query-syntax) - Master the query language +4. [Security](/docs/protocols/objectql/security) - Implement access control + +**Advanced:** +5. [Driver Protocol](/docs/specifications/data/architecture) - Build custom database drivers +6. [Analytics Protocol](/docs/specifications/data/analytics-protocol) - OLAP queries + +## Technical References + +- **Zod Schemas:** `packages/spec/src/data/*.zod.ts` +- **TypeScript Types:** `packages/spec/src/data/*.ts` +- **Driver Implementations:** `packages/driver-*` + +## Next Steps + + + + + + diff --git a/content/docs/objectql/meta.json b/content/docs/objectql/meta.json new file mode 100644 index 000000000..9ca74e64d --- /dev/null +++ b/content/docs/objectql/meta.json @@ -0,0 +1,10 @@ +{ + "title": "ObjectQL (Data Protocol)", + "root": true, + "pages": [ + "schema", + "types", + "query-syntax", + "security" + ] +} diff --git a/content/docs/objectql/query-syntax.mdx b/content/docs/objectql/query-syntax.mdx new file mode 100644 index 000000000..8c0eb8518 --- /dev/null +++ b/content/docs/objectql/query-syntax.mdx @@ -0,0 +1,952 @@ +--- +title: Query Syntax +description: Database-agnostic query language with filters, joins, aggregations, and sorting +--- + +import { Search, Filter, GitMerge, BarChart } from 'lucide-react'; + +# ObjectQL Query Syntax + +ObjectQL queries are expressed as **Abstract Syntax Trees (AST)** in JSON format. This enables database-agnostic querying—write once, compile to PostgreSQL, MongoDB, Redis, or any supported driver. + +## Query Philosophy + +**Traditional SQL:** +```sql +-- Tightly coupled to PostgreSQL +SELECT c.name, c.email, a.company_name +FROM contact c +LEFT JOIN account a ON c.account_id = a.id +WHERE c.is_active = true AND a.industry = 'tech' +ORDER BY c.created_at DESC +LIMIT 10; +``` + +**ObjectQL:** +```typescript +// Database-agnostic AST +const query: Query = { + object: 'contact', + fields: ['name', 'email', 'account.company_name'], + filters: [ + ['is_active', '=', true], + ['account.industry', '=', 'tech'] + ], + sort: [{ field: 'created_at', order: 'desc' }], + limit: 10 +}; +``` + +**Runtime compilation:** +- PostgreSQL → Optimized SQL with JOINs +- MongoDB → Aggregation pipeline with $lookup +- Redis → Key pattern matching + Lua script +- Excel → Filter + VLOOKUP formulas + +--- + +## Query Structure + +### The Query AST + +```typescript +interface Query { + object: string; // Target object (required) + fields?: string[]; // Projection (SELECT) + filters?: FilterNode[]; // Predicates (WHERE) + sort?: SortNode[]; // Ordering (ORDER BY) + limit?: number; // Max records (LIMIT) + offset?: number; // Skip records (OFFSET) + expand?: string[]; // Relationships (JOIN) + group_by?: string[]; // Grouping (GROUP BY) + having?: FilterNode[]; // Group filters (HAVING) +} +``` + +--- + +## 1. Basic Queries + +### Select All Records + +```typescript +const customers = await ObjectQL.query({ + object: 'customer' +}); + +// SQL: SELECT * FROM customer; +// MongoDB: db.customer.find({}) +``` + +### Select Specific Fields + +```typescript +const customers = await ObjectQL.query({ + object: 'customer', + fields: ['company_name', 'industry', 'annual_revenue'] +}); + +// SQL: SELECT company_name, industry, annual_revenue FROM customer; +// MongoDB: db.customer.find({}, { company_name: 1, industry: 1, annual_revenue: 1 }) +``` + +### Limit and Offset + +```typescript +const customers = await ObjectQL.query({ + object: 'customer', + limit: 10, + offset: 20 // Skip first 20, get next 10 +}); + +// SQL: SELECT * FROM customer LIMIT 10 OFFSET 20; +// MongoDB: db.customer.find().skip(20).limit(10) +``` + +--- + +## 2. Filtering + +Filters use a **tuple syntax**: `[field, operator, value]` + +### Simple Filters + +```typescript +// Equality +const query = { + object: 'customer', + filters: [ + ['industry', '=', 'tech'] + ] +}; + +// Not equal +const query = { + object: 'customer', + filters: [ + ['status', '!=', 'inactive'] + ] +}; + +// Comparison +const query = { + object: 'customer', + filters: [ + ['annual_revenue', '>', 1000000] + ] +}; +``` + +**SQL compilation:** +```sql +WHERE industry = 'tech' +WHERE status != 'inactive' +WHERE annual_revenue > 1000000 +``` + +### Supported Operators + +| Operator | Description | Example | +|----------|-------------|---------| +| `=` | Equal | `['status', '=', 'active']` | +| `!=` | Not equal | `['status', '!=', 'closed']` | +| `>` | Greater than | `['revenue', '>', 10000]` | +| `>=` | Greater or equal | `['score', '>=', 80]` | +| `<` | Less than | `['age', '<', 65]` | +| `<=` | Less or equal | `['discount', '<=', 20]` | +| `in` | In list | `['stage', 'in', ['proposal', 'negotiation']]` | +| `not_in` | Not in list | `['status', 'not_in', ['deleted', 'archived']]` | +| `contains` | String contains | `['name', 'contains', 'Inc']` | +| `starts_with` | String starts with | `['email', 'starts_with', 'admin']` | +| `ends_with` | String ends with | `['domain', 'ends_with', '.com']` | +| `is_null` | Field is null | `['manager_id', 'is_null']` | +| `is_not_null` | Field is not null | `['phone', 'is_not_null']` | +| `between` | Range | `['created_at', 'between', ['2024-01-01', '2024-12-31']]` | + +### Multiple Filters (AND Logic) + +```typescript +const query = { + object: 'opportunity', + filters: [ + ['stage', '=', 'Closed Won'], + ['amount', '>', 50000], + ['close_date', '>=', '2024-01-01'] + ] +}; + +// SQL: WHERE stage = 'Closed Won' AND amount > 50000 AND close_date >= '2024-01-01' +``` + +**Default:** Multiple filters are combined with **AND** logic. + +### OR Logic + +Use nested arrays with `'or'` operator: + +```typescript +const query = { + object: 'contact', + filters: [ + ['or', + ['title', 'contains', 'CEO'], + ['title', 'contains', 'President'], + ['title', 'contains', 'Founder'] + ] + ] +}; + +// SQL: WHERE (title LIKE '%CEO%' OR title LIKE '%President%' OR title LIKE '%Founder%') +``` + +### Complex Logic (AND + OR) + +```typescript +const query = { + object: 'opportunity', + filters: [ + ['account.industry', '=', 'tech'], // AND (industry = tech) + ['or', // AND ( + ['amount', '>', 100000], // amount > 100000 + ['is_strategic', '=', true] // OR is_strategic = true + ] // ) + ] +}; + +// SQL: WHERE account.industry = 'tech' +// AND (amount > 100000 OR is_strategic = true) +``` + +### NOT Logic + +```typescript +const query = { + object: 'customer', + filters: [ + ['not', + ['status', 'in', ['deleted', 'suspended']] + ] + ] +}; + +// SQL: WHERE NOT (status IN ('deleted', 'suspended')) +``` + +### Date Filters + +```typescript +// Specific date +filters: [ + ['created_at', '=', '2024-01-15'] +] + +// Date range +filters: [ + ['created_at', 'between', ['2024-01-01', '2024-12-31']] +] + +// Relative dates (using formulas) +filters: [ + ['due_date', '<', '{{TODAY()}}'] // Past due +] + +filters: [ + ['created_at', '>', '{{TODAY() - 30}}'] // Last 30 days +] +``` + +### Null Checks + +```typescript +// Is null +filters: [ + ['manager_id', 'is_null'] +] + +// Is not null +filters: [ + ['phone', 'is_not_null'] +] + +// Has value (not null and not empty string) +filters: [ + ['email', '!=', null], + ['email', '!=', ''] +] +``` + +### Array Filters + +```typescript +// Array contains value +filters: [ + ['tags', 'contains', 'important'] +] + +// Array contains any of values +filters: [ + ['tags', 'contains_any', ['urgent', 'high-priority']] +] + +// Array contains all of values +filters: [ + ['tags', 'contains_all', ['customer', 'enterprise']] +] + +// Array length +filters: [ + ['tags.length', '>', 3] +] +``` + +### JSON Field Filters + +```typescript +// Query nested JSON properties +filters: [ + ['metadata.color', '=', 'red'], + ['metadata.size', 'in', ['M', 'L', 'XL']] +] + +// JSON path syntax (PostgreSQL JSONB) +filters: [ + ['attributes.dimensions.width', '>', 100] +] +``` + +--- + +## 3. Sorting + +### Single Field Sort + +```typescript +const query = { + object: 'customer', + sort: [ + { field: 'company_name', order: 'asc' } + ] +}; + +// SQL: ORDER BY company_name ASC +``` + +### Multiple Fields + +```typescript +const query = { + object: 'opportunity', + sort: [ + { field: 'priority', order: 'desc' }, + { field: 'created_at', order: 'asc' } + ] +}; + +// SQL: ORDER BY priority DESC, created_at ASC +``` + +### Sort on Related Fields + +```typescript +const query = { + object: 'contact', + sort: [ + { field: 'account.company_name', order: 'asc' } + ] +}; + +// SQL: ORDER BY account.company_name ASC +// (Requires JOIN with account table) +``` + +### Null Handling + +```typescript +const query = { + object: 'task', + sort: [ + { field: 'due_date', order: 'asc', nulls: 'last' } + ] +}; + +// SQL: ORDER BY due_date ASC NULLS LAST +``` + +**Null options:** +- `first`: Null values appear first +- `last`: Null values appear last + +--- + +## 4. Relationships (Joins) + +### Basic Lookup + +```typescript +const query = { + object: 'opportunity', + fields: ['name', 'amount', 'account.company_name'], + expand: ['account'] +}; + +// Result: +// [ +// { +// name: 'Big Deal', +// amount: 100000, +// account: { +// company_name: 'Acme Corp' +// } +// } +// ] +``` + +**SQL compilation:** +```sql +SELECT + o.name, + o.amount, + a.company_name AS "account.company_name" +FROM opportunity o +LEFT JOIN account a ON o.account_id = a._id +``` + +### Multiple Relationships + +```typescript +const query = { + object: 'opportunity', + fields: ['name', 'account.company_name', 'owner.name'], + expand: ['account', 'owner'] +}; +``` + +### Deep Relationships + +```typescript +const query = { + object: 'contact', + fields: ['name', 'account.owner.name'], + expand: ['account.owner'] // Nested lookup +}; + +// SQL: JOIN account, then JOIN user +// MongoDB: Nested $lookup +``` + +### Filtering on Related Fields + +```typescript +const query = { + object: 'opportunity', + filters: [ + ['account.industry', '=', 'tech'], + ['account.annual_revenue', '>', 1000000] + ], + expand: ['account'] +}; +``` + +### Child Records (Reverse Lookup) + +```typescript +// Get account with all opportunities +const query = { + object: 'account', + fields: ['company_name', 'opportunities'], + expand: ['opportunities'] // One-to-many +}; + +// Result: +// { +// company_name: 'Acme Corp', +// opportunities: [ +// { name: 'Deal 1', amount: 50000 }, +// { name: 'Deal 2', amount: 75000 } +// ] +// } +``` + +--- + +## 5. Aggregations + +### Count + +```typescript +const count = await ObjectQL.count({ + object: 'customer', + filters: [ + ['industry', '=', 'tech'] + ] +}); + +// SQL: SELECT COUNT(*) FROM customer WHERE industry = 'tech' +// Result: 42 +``` + +### Group By + +```typescript +const query = { + object: 'opportunity', + group_by: ['stage'], + aggregate: { + count: { function: 'count' }, + total_amount: { function: 'sum', field: 'amount' } + } +}; + +// Result: +// [ +// { stage: 'Prospecting', count: 10, total_amount: 500000 }, +// { stage: 'Qualification', count: 5, total_amount: 250000 } +// ] +``` + +**SQL compilation:** +```sql +SELECT + stage, + COUNT(*) as count, + SUM(amount) as total_amount +FROM opportunity +GROUP BY stage +``` + +### Aggregate Functions + +```typescript +const query = { + object: 'opportunity', + aggregate: { + count: { function: 'count' }, + total: { function: 'sum', field: 'amount' }, + average: { function: 'avg', field: 'amount' }, + min: { function: 'min', field: 'amount' }, + max: { function: 'max', field: 'amount' } + } +}; + +// Result: +// { +// count: 100, +// total: 5000000, +// average: 50000, +// min: 10000, +// max: 500000 +// } +``` + +### Group By Multiple Fields + +```typescript +const query = { + object: 'opportunity', + group_by: ['stage', 'owner.name'], + aggregate: { + count: { function: 'count' }, + total: { function: 'sum', field: 'amount' } + } +}; +``` + +### HAVING Clause + +Filter groups after aggregation: + +```typescript +const query = { + object: 'opportunity', + group_by: ['account_id'], + aggregate: { + total: { function: 'sum', field: 'amount' } + }, + having: [ + ['total', '>', 1000000] // Only accounts with >$1M pipeline + ] +}; + +// SQL: HAVING SUM(amount) > 1000000 +``` + +--- + +## 6. Advanced Queries + +### Distinct Values + +```typescript +const industries = await ObjectQL.distinct({ + object: 'account', + field: 'industry' +}); + +// SQL: SELECT DISTINCT industry FROM account +// Result: ['tech', 'finance', 'healthcare'] +``` + +### Exists (Subquery) + +```typescript +const query = { + object: 'account', + filters: [ + ['exists', { + object: 'opportunity', + filters: [ + ['account_id', '=', '{{parent._id}}'], + ['stage', '=', 'Closed Won'] + ] + }] + ] +}; + +// SQL: WHERE EXISTS ( +// SELECT 1 FROM opportunity +// WHERE opportunity.account_id = account._id +// AND opportunity.stage = 'Closed Won' +// ) +``` + +### Not Exists + +```typescript +const query = { + object: 'account', + filters: [ + ['not_exists', { + object: 'opportunity', + filters: [ + ['account_id', '=', '{{parent._id}}'] + ] + }] + ] +}; + +// Find accounts with no opportunities +``` + +### Full-Text Search + +```typescript +const query = { + object: 'article', + search: 'ObjectStack tutorial', + search_fields: ['title', 'content', 'tags'] +}; + +// PostgreSQL: Uses tsvector/tsquery +// MongoDB: Uses $text index +// Elasticsearch: Uses match query +``` + +### Geospatial Queries + +```typescript +// Find stores within 10 miles +const query = { + object: 'store', + filters: [ + ['location', 'near', { + latitude: 37.7749, + longitude: -122.4194, + distance: 10, + unit: 'miles' + }] + ] +}; + +// PostgreSQL: Uses ST_Distance +// MongoDB: Uses $near +``` + +### Case-Insensitive Search + +```typescript +const query = { + object: 'customer', + filters: [ + ['company_name', 'icontains', 'acme'] // Case-insensitive + ] +}; + +// SQL: WHERE LOWER(company_name) LIKE LOWER('%acme%') +``` + +### Regular Expression + +```typescript +const query = { + object: 'user', + filters: [ + ['email', 'regex', '^admin@.*\\.com$'] + ] +}; + +// PostgreSQL: WHERE email ~ '^admin@.*\.com$' +// MongoDB: { email: { $regex: /^admin@.*\.com$/ } } +``` + +--- + +## 7. Query Optimization + +### Index Hints + +```typescript +const query = { + object: 'customer', + filters: [ + ['email', '=', 'john@example.com'] + ], + use_index: 'idx_email' // Force specific index +}; +``` + +### Projection Pushdown + +ObjectQL automatically optimizes field selection: + +```typescript +// You write: +const query = { + object: 'customer', + fields: ['company_name', 'email'] +}; + +// ObjectQL compiles to: +// SELECT company_name, email FROM customer +// NOT: SELECT * FROM customer (wasteful) +``` + +### Filter Pushdown + +Filters applied at database level, not in application: + +```typescript +const query = { + object: 'opportunity', + filters: [['amount', '>', 50000]], + expand: ['account'] +}; + +// SQL: WHERE amount > 50000 +// Filter runs BEFORE join (better performance) +``` + +### Query Plan Analysis + +```typescript +const plan = await ObjectQL.explain({ + object: 'customer', + filters: [['industry', '=', 'tech']] +}); + +// Returns database-specific execution plan +// PostgreSQL: EXPLAIN output +// MongoDB: explain() results +``` + +--- + +## 8. Pagination + +### Offset-Based Pagination + +```typescript +// Page 1 (records 0-9) +const page1 = await ObjectQL.query({ + object: 'customer', + limit: 10, + offset: 0 +}); + +// Page 2 (records 10-19) +const page2 = await ObjectQL.query({ + object: 'customer', + limit: 10, + offset: 10 +}); +``` + +**Drawback:** Slow for large offsets (database still scans all skipped rows). + +### Cursor-Based Pagination + +```typescript +// First page +const result = await ObjectQL.query({ + object: 'customer', + limit: 10, + sort: [{ field: '_id', order: 'asc' }] +}); + +// Next page (use last _id as cursor) +const nextResult = await ObjectQL.query({ + object: 'customer', + filters: [ + ['_id', '>', result[result.length - 1]._id] + ], + limit: 10, + sort: [{ field: '_id', order: 'asc' }] +}); +``` + +**Advantage:** Consistent performance regardless of page depth. + +--- + +## 9. Query Shortcuts + +ObjectQL provides convenience methods for common patterns: + +### Find by ID + +```typescript +const customer = await ObjectQL.findOne('customer', '123'); + +// Equivalent to: +await ObjectQL.query({ + object: 'customer', + filters: [['_id', '=', '123']], + limit: 1 +}); +``` + +### Find by Unique Field + +```typescript +const customer = await ObjectQL.findBy('customer', { email: 'john@example.com' }); + +// Equivalent to: +await ObjectQL.query({ + object: 'customer', + filters: [['email', '=', 'john@example.com']], + limit: 1 +}); +``` + +### Find or Create + +```typescript +const customer = await ObjectQL.findOrCreate('customer', + { email: 'john@example.com' }, // Search criteria + { company_name: 'Acme Corp' } // Default values if creating +); +``` + +--- + +## 10. Error Handling + +### Invalid Query + +```typescript +try { + await ObjectQL.query({ + object: 'customer', + filters: [ + ['invalid_field', '=', 'value'] // Field doesn't exist + ] + }); +} catch (error) { + // QueryValidationError: Field 'invalid_field' does not exist on object 'customer' +} +``` + +### Security Violations + +```typescript +try { + await ObjectQL.query({ + object: 'account', + filters: [['owner_id', '!=', currentUser.id]] + }); +} catch (error) { + // PermissionError: Access denied to object 'account' +} +``` + +--- + +## Real-World Examples + +### CRM: Open Opportunities + +```typescript +const openOpportunities = await ObjectQL.query({ + object: 'opportunity', + filters: [ + ['stage', 'not_in', ['Closed Won', 'Closed Lost']], + ['owner_id', '=', currentUser.id] + ], + sort: [ + { field: 'amount', order: 'desc' } + ], + fields: ['name', 'amount', 'close_date', 'account.company_name'], + expand: ['account'] +}); +``` + +### E-Commerce: Product Search + +```typescript +const products = await ObjectQL.query({ + object: 'product', + search: searchTerm, + filters: [ + ['is_active', '=', true], + ['inventory_qty', '>', 0], + ['category_id', 'in', selectedCategories], + ['price', 'between', [minPrice, maxPrice]] + ], + sort: [ + { field: 'popularity_score', order: 'desc' } + ], + limit: 20 +}); +``` + +### Analytics: Revenue by Month + +```typescript +const monthlyRevenue = await ObjectQL.query({ + object: 'order', + group_by: ['DATE_TRUNC(created_at, month)'], + aggregate: { + revenue: { function: 'sum', field: 'total_amount' }, + order_count: { function: 'count' }, + avg_order: { function: 'avg', field: 'total_amount' } + }, + filters: [ + ['status', '=', 'completed'], + ['created_at', '>=', '2024-01-01'] + ], + sort: [ + { field: 'created_at', order: 'asc' } + ] +}); +``` + +--- + +## Next Steps + + + + + + diff --git a/content/docs/objectql/schema.mdx b/content/docs/objectql/schema.mdx new file mode 100644 index 000000000..2d560a98f --- /dev/null +++ b/content/docs/objectql/schema.mdx @@ -0,0 +1,906 @@ +--- +title: Schema Definition +description: The complete specification for defining objects, fields, and relationships in ObjectQL +--- + +import { FileCode, Database, Layers, Package } from 'lucide-react'; + +# Schema Definition + +In ObjectStack, **data structure is configuration, not code**. The Schema Definition Protocol governs how you declare your data model using declarative `.object.yml` files. + +> **Single Source of Truth:** This schema drives database DDL, API generation, UI form layouts, permission scopes, and validation rules. + +## File Structure + +### The .object.yml Convention + +Each business entity is defined in a separate file: + +``` +my-app/ +├── objects/ +│ ├── customer.object.yml # Customer entity +│ ├── order.object.yml # Order entity +│ ├── product.object.yml # Product entity +│ └── invoice.object.yml # Invoice entity +├── objectstack.config.ts # Package manifest +└── package.json +``` + +**Why separate files?** +- Version control: Git shows clear diffs when objects change +- Team collaboration: Developers can work on different objects simultaneously +- Code generation: Each file → Database table + API + UI +- Deployment: Selective schema deployment (only changed objects) + +### Alternative Formats + +ObjectStack supports multiple schema formats: + +```yaml +# YAML (Recommended for readability) +name: customer +label: Customer + +# JSON (Machine-generated) +{ "name": "customer", "label": "Customer" } + +# TypeScript (Programmatic) +export default defineObject({ + name: 'customer', + label: 'Customer' +}); +``` + +## Object Definition + +### Minimal Example + +```yaml +name: project +label: Project +``` + +This 2-line definition creates: +- Database table `project` with system fields (`_id`, `created_at`, `updated_at`) +- REST API: `GET/POST/PUT/DELETE /api/project` +- Admin UI: List view + Form +- TypeScript types + +### Complete Example + +```yaml +name: project +label: Project +plural_label: Projects +description: "A business project or initiative" +icon: standard:case +color: "#4A90E2" +bucket: main +datasource: postgres_primary +enable: + audit: true + workflow: true + full_text_search: true + api: true + offline_sync: true +fields: + name: + type: text + label: Project Name + required: true + max_length: 255 + status: + type: select + label: Status + options: + - { value: draft, label: Draft } + - { value: active, label: Active } + - { value: completed, label: Completed } + default_value: draft + budget: + type: currency + label: Budget + scale: 2 + precision: 18 + account_id: + type: lookup + label: Account + reference_to: account + required: true +validation_rules: + - name: budget_positive + condition: "budget < 0" + message: "Budget must be positive" +``` + +### Object Properties Reference + +| Property | Type | Required | Description | +|----------|------|----------|-------------| +| `name` | `string` | ✅ | **Machine name.** Must be `snake_case`, unique across the system. | +| `label` | `string` | ✅ | **Display name** for UI (singular form). | +| `plural_label` | `string` | ❌ | Plural form for lists. Defaults to `label + "s"`. | +| `description` | `string` | ❌ | Human-readable description for documentation. | +| `icon` | `string` | ❌ | Icon identifier (e.g., `standard:case`, `custom:project`). | +| `color` | `string` | ❌ | Hex color for UI theming. | +| `bucket` | `string` | ❌ | Database shard/bucket key for horizontal scaling. | +| `datasource` | `string` | ❌ | External datasource ID. If omitted, uses default database. | +| `enable` | `object` | ❌ | Feature flags (see [Capabilities](#capabilities)). | +| `fields` | `object` | ❌ | Field definitions (see [Field Definition](#field-definition)). | +| `validation_rules` | `array` | ❌ | Business validation rules (see [Validation](#validation-rules)). | +| `triggers` | `array` | ❌ | Database triggers (before/after insert/update/delete). | +| `indexes` | `array` | ❌ | Composite indexes for query optimization. | + +### Naming Conventions + +**Object Names (Machine Identifiers):** +- **Format:** `snake_case` (lowercase, underscores) +- **Pattern:** `/^[a-z][a-z0-9_]*$/` +- **Examples:** ✅ `customer`, `project_task`, `sales_order` +- **Invalid:** ❌ `Customer`, `projectTask`, `123project` + +**Object Labels (Display Names):** +- **Format:** Title Case, human-readable +- **Examples:** ✅ `Customer`, `Project Task`, `Sales Order` + +### Capabilities + +The `enable` object controls which features are active: + +```yaml +enable: + # Data Management + audit: true # Track field history (who changed what, when) + full_text_search: true # Index for global search + versioning: true # Keep record versions for rollback + + # API & Integration + api: true # Generate REST/GraphQL endpoints + webhooks: true # Allow outbound webhooks + + # Business Logic + workflow: true # Enable process builder/flows + approval: true # Approval processes + + # Advanced Features + offline_sync: true # Mobile offline support + realtime: true # WebSocket subscriptions + ai_enabled: true # AI features (sentiment, summarization) +``` + +**Performance Impact:** +- `audit: true` adds ~15% write overhead (additional inserts to audit table) +- `full_text_search: true` adds search indexes (~10% storage overhead) +- `versioning: true` stores full record copies on each update + +**When to enable:** +- **Audit:** Regulated industries (finance, healthcare), compliance requirements +- **Full-text search:** User-facing search features +- **Versioning:** Critical data that may need rollback (legal contracts, pricing) + +## Field Definition + +Fields are the columns/attributes of your object. Each field has a type and configuration. + +### Basic Field Structure + +```yaml +fields: + field_name: + type: text # Field type (required) + label: Field Label # Display label (required) + required: false # Validation + default_value: null # Default when creating records + help_text: "Helper text for users" + placeholder: "Enter value..." +``` + +### Field Properties Reference + +| Property | Type | Applies To | Description | +|----------|------|------------|-------------| +| `type` | `string` | All | **Required.** Field type (see [Types](/docs/protocols/objectql/types)). | +| `label` | `string` | All | **Required.** Display label in UI. | +| `required` | `boolean` | All | Validation: Field must have a value. | +| `unique` | `boolean` | All | Enforce uniqueness at database level. | +| `index` | `boolean` | All | Create database index for faster queries. | +| `default_value` | `any` | All | Default value when creating new records. | +| `help_text` | `string` | All | Tooltip text in forms. | +| `placeholder` | `string` | Input fields | Placeholder text in input fields. | +| `read_only` | `boolean` | All | Field cannot be edited after creation. | +| `deprecated` | `boolean` | All | Mark field as deprecated (still queryable). | +| `max_length` | `number` | `text`, `textarea` | Maximum character length. | +| `min_value` | `number` | `number`, `currency` | Minimum numeric value. | +| `max_value` | `number` | `number`, `currency` | Maximum numeric value. | +| `scale` | `number` | `number`, `currency` | Decimal places (e.g., `2` for cents). | +| `precision` | `number` | `number`, `currency` | Total digits (including scale). | +| `options` | `array` | `select`, `radio` | List of valid values. | +| `multiple` | `boolean` | `select`, `lookup` | Allow multiple selections. | +| `reference_to` | `string` | `lookup`, `master_detail` | Target object for relationships. | +| `formula` | `string` | `formula` | Calculation expression. | +| `summary_type` | `string` | `summary` | Aggregation type (`count`, `sum`, `min`, `max`). | + +### System Fields + +Every object automatically includes system fields: + +```yaml +# Auto-generated (not defined in .object.yml) +_id: + type: id + label: Record ID + read_only: true + +created_at: + type: datetime + label: Created At + read_only: true + +updated_at: + type: datetime + label: Updated At + read_only: true + +created_by: + type: lookup + reference_to: user + label: Created By + read_only: true + +updated_by: + type: lookup + reference_to: user + label: Updated By + read_only: true +``` + +**Customizing system fields:** +```yaml +# Override system field behavior +fields: + created_at: + index: true # Add index to created_at +``` + +### Field Examples by Type + +#### Text Fields + +```yaml +company_name: + type: text + label: Company Name + required: true + max_length: 255 + index: true + +description: + type: textarea + label: Description + max_length: 5000 + rows: 10 + +bio: + type: html + label: Biography + sanitize: true # Remove dangerous HTML tags +``` + +#### Numeric Fields + +```yaml +quantity: + type: number + label: Quantity + min_value: 0 + max_value: 9999 + default_value: 1 + +discount_rate: + type: percent + label: Discount + scale: 2 + min_value: 0 + max_value: 100 + +revenue: + type: currency + label: Annual Revenue + scale: 2 + precision: 18 + default_value: { amount: 0, currency: 'USD' } +``` + +#### Date/Time Fields + +```yaml +start_date: + type: date + label: Start Date + required: true + +due_datetime: + type: datetime + label: Due Date & Time + default_value: "{{NOW() + 7}}" # 7 days from now +``` + +#### Boolean Fields + +```yaml +is_active: + type: boolean + label: Active + default_value: true + +email_opt_in: + type: checkbox + label: Subscribe to Newsletter + default_value: false +``` + +#### Selection Fields + +```yaml +priority: + type: select + label: Priority + options: + - { value: low, label: Low, color: green } + - { value: medium, label: Medium, color: yellow } + - { value: high, label: High, color: orange } + - { value: critical, label: Critical, color: red } + default_value: medium + +tags: + type: multi_select + label: Tags + options: + - { value: customer, label: Customer } + - { value: partner, label: Partner } + - { value: vendor, label: Vendor } + multiple: true +``` + +#### Relationship Fields + +```yaml +account_id: + type: lookup + label: Account + reference_to: account + required: true + reference_filters: + - ['is_active', '=', true] # Only show active accounts + +project_id: + type: master_detail + label: Project + reference_to: project + cascade_delete: true # Delete tasks when project is deleted +``` + +## Validation Rules + +Validation rules enforce business logic at the data layer: + +```yaml +validation_rules: + # Simple comparison + - name: end_after_start + condition: "end_date < start_date" + message: "End date must be after start date" + severity: error + + # Cross-field validation + - name: discount_requires_approval + condition: "discount > 20 AND approved_by = null" + message: "Discounts over 20% require manager approval" + severity: error + + # Conditional validation + - name: enterprise_contract_required + condition: "account_type = 'Enterprise' AND contract_value = null" + message: "Enterprise accounts must have a contract value" + severity: error + active: true + + # Warning (non-blocking) + - name: budget_threshold_warning + condition: "budget > 1000000" + message: "Large budget. Please verify approval." + severity: warning +``` + +### Validation Formula Syntax + +Formulas use Excel-like syntax: + +**Operators:** +- Comparison: `=`, `!=`, `>`, `<`, `>=`, `<=` +- Logical: `AND`, `OR`, `NOT` +- Arithmetic: `+`, `-`, `*`, `/`, `^` (power) +- String: `&` (concatenate) + +**Functions:** +- `ISBLANK(field)`: Check if field is empty +- `LEN(field)`: String length +- `CONTAINS(field, "text")`: Substring check +- `REGEX(field, "pattern")`: Regular expression +- `TODAY()`: Current date +- `NOW()`: Current datetime + +**Examples:** +```yaml +# Date validation +"start_date > TODAY()" + +# String validation +"LEN(email) > 0 AND CONTAINS(email, '@')" + +# Null check +"NOT(ISBLANK(manager_id))" + +# Complex logic +"(status = 'Closed' AND close_date != null) OR status != 'Closed'" +``` + +## Indexes + +Optimize query performance with indexes: + +```yaml +indexes: + # Single-field index (also via field.index: true) + - fields: [email] + unique: true + + # Composite index + - fields: [account_id, status] + name: idx_account_status + + # Full-text search index + - fields: [name, description] + type: fulltext + + # Geospatial index + - fields: [location] + type: geo +``` + +**Index Strategy:** +- **Add indexes for:** + - Foreign keys (lookup fields) + - Fields used in `WHERE` clauses + - Fields used in `ORDER BY` + - Unique constraints +- **Avoid indexes for:** + - Low-cardinality fields (boolean, status with 2-3 values) + - Fields that change frequently + - Large text fields (use full-text search instead) + +## Triggers + +Execute code on data changes: + +```yaml +triggers: + # Before insert + - event: before_insert + handler: set_owner + code: | + record.owner_id = context.user.id; + + # After insert + - event: after_insert + handler: send_welcome_email + async: true + code: | + await emailService.send({ + to: record.email, + template: 'welcome' + }); + + # Before update + - event: before_update + handler: validate_status_change + condition: "old.status != new.status" + code: | + if (old.status === 'Closed' && new.status !== 'Closed') { + throw new Error('Cannot reopen closed records'); + } +``` + +**Event Types:** +- `before_insert`: Before creating a record +- `after_insert`: After creating a record +- `before_update`: Before updating a record +- `after_update`: After updating a record +- `before_delete`: Before deleting a record +- `after_delete`: After deleting a record + +## Advanced Features + +### Inheritance (Mixins) + +Reuse field definitions across objects: + +```yaml +# mixins/auditable.mixin.yml +fields: + created_at: + type: datetime + label: Created At + read_only: true + updated_at: + type: datetime + label: Updated At + read_only: true + +# customer.object.yml +name: customer +extends: [auditable] # Inherit fields from mixin +fields: + company_name: + type: text +``` + +### Polymorphic References + +Reference multiple object types: + +```yaml +# activity.object.yml +parent_id: + type: polymorphic + label: Related To + reference_to: [account, contact, opportunity] +``` + +Query polymorphic fields: +```typescript +const activity = await ObjectQL.findOne('activity', id); +// activity.parent_id = { _id: '123', _type: 'account' } +``` + +### Computed Fields (Virtual) + +Fields calculated at query time (not stored): + +```yaml +full_name: + type: formula + label: Full Name + formula: "first_name & ' ' & last_name" + virtual: true # Not stored in database +``` + +### Multi-Tenant Schemas + +Isolate data by tenant: + +```yaml +name: customer +tenant_scope: true # Automatically filter by tenant_id +fields: + tenant_id: + type: lookup + reference_to: tenant + required: true + default_value: "{{CURRENT_TENANT()}}" +``` + +**Runtime behavior:** +```typescript +// User in Tenant A queries customers +const customers = await ObjectQL.query({ object: 'customer' }); + +// ObjectQL automatically adds: WHERE tenant_id = 'tenant_a' +// User CANNOT access Tenant B's data +``` + +## Schema Versioning + +### Migration Strategy + +When schemas change, ObjectQL generates migrations: + +**Before:** +```yaml +# v1: customer.object.yml +fields: + name: + type: text +``` + +**After:** +```yaml +# v2: customer.object.yml +fields: + first_name: + type: text + migration: + from: name + transform: "SPLIT(name, ' ')[0]" + + last_name: + type: text + migration: + from: name + transform: "SPLIT(name, ' ')[1]" +``` + +**Generated migration:** +```sql +-- PostgreSQL +ALTER TABLE customer ADD COLUMN first_name TEXT; +ALTER TABLE customer ADD COLUMN last_name TEXT; + +UPDATE customer SET + first_name = SPLIT_PART(name, ' ', 1), + last_name = SPLIT_PART(name, ' ', 2); + +ALTER TABLE customer DROP COLUMN name; +``` + +### Deployment Workflow + +```bash +# 1. Detect schema changes +objectstack diff + +# 2. Generate migration plan +objectstack migrate:plan + +# 3. Review migration SQL +cat .objectstack/migrations/001_add_customer_name.sql + +# 4. Apply migration +objectstack deploy --migrate + +# 5. Rollback if needed +objectstack migrate:rollback +``` + +## Best Practices + +### Naming Conventions + +```yaml +# ✅ Good +name: project_task +fields: + assigned_to_id: # Suffix _id for lookups + type: lookup + is_active: # Prefix is_ for booleans + type: boolean + total_amount: # Descriptive, specific + type: currency + +# ❌ Bad +name: ProjectTask # Not snake_case +fields: + user: # Ambiguous (assigned? created?) + type: lookup + active: # Missing is_ prefix + type: boolean + amount: # Too generic + type: currency +``` + +### Field Organization + +Group related fields: + +```yaml +fields: + # Identity + name: + type: text + description: + type: textarea + + # Relationships + account_id: + type: lookup + owner_id: + type: lookup + + # Status & Lifecycle + status: + type: select + stage: + type: select + + # Financial + budget: + type: currency + actual_cost: + type: currency +``` + +### Performance Optimization + +```yaml +# Index frequently queried fields +email: + type: text + index: true + unique: true + +# Use appropriate field types +status: + type: select # Better than text for fixed values + options: [...] + +# Avoid large text in main table +file_content: + type: text + store: blob_storage # Store in separate table/S3 +``` + +## Examples: Real-World Schemas + +### CRM: Account Object + +```yaml +name: account +label: Account +plural_label: Accounts +icon: standard:account +enable: + audit: true + full_text_search: true + api: true + +fields: + # Company Information + company_name: + type: text + label: Company Name + required: true + max_length: 255 + index: true + + website: + type: url + label: Website + + industry: + type: select + label: Industry + options: + - { value: tech, label: Technology } + - { value: finance, label: Financial Services } + - { value: healthcare, label: Healthcare } + - { value: retail, label: Retail } + + # Contact Info + billing_address: + type: address + label: Billing Address + + phone: + type: phone + label: Phone + + # Financial + annual_revenue: + type: currency + label: Annual Revenue + scale: 2 + precision: 18 + + # Relationships + owner_id: + type: lookup + label: Account Owner + reference_to: user + required: true + + parent_account_id: + type: lookup + label: Parent Account + reference_to: account + + # Metrics (Computed) + total_opportunities: + type: summary + label: Total Opportunities + summary_object: opportunity + summary_type: count + + total_opportunity_value: + type: summary + label: Total Opportunity Value + summary_object: opportunity + summary_field: amount + summary_type: sum + +validation_rules: + - name: enterprise_revenue_required + condition: "industry = 'finance' AND annual_revenue = null" + message: "Financial services accounts must have revenue" +``` + +### E-Commerce: Product Object + +```yaml +name: product +label: Product +icon: standard:product +datasource: mongodb_catalog # Use MongoDB for flexible schema + +fields: + sku: + type: text + label: SKU + required: true + unique: true + index: true + + name: + type: text + label: Product Name + required: true + max_length: 255 + + description: + type: html + label: Description + + category_id: + type: lookup + label: Category + reference_to: category + + price: + type: currency + label: Price + required: true + + inventory_qty: + type: number + label: Inventory Quantity + min_value: 0 + + attributes: + type: json + label: Product Attributes + schema: + color: string + size: string + weight: number + + is_active: + type: boolean + label: Active + default_value: true + +indexes: + - fields: [category_id, is_active] + - fields: [name, description] + type: fulltext +``` + +## Next Steps + + + + + + diff --git a/content/docs/objectql/security.mdx b/content/docs/objectql/security.mdx new file mode 100644 index 000000000..b655127a3 --- /dev/null +++ b/content/docs/objectql/security.mdx @@ -0,0 +1,902 @@ +--- +title: Security & Access Control +description: Comprehensive security model - ACL, field-level security, row-level permissions, and data isolation +--- + +import { Shield, Lock, Users, Eye } from 'lucide-react'; + +# Security Protocol + +ObjectQL implements a **multi-layered security model** that enforces access control at the data layer, before queries execute. Security is declarative—defined in configuration, not scattered in application code. + +## Security Philosophy + +**Traditional approach:** +```javascript +// Security in application code (easily bypassed) +app.get('/api/accounts', (req, res) => { + // Developer must remember to check permissions + if (!req.user.hasPermission('read_account')) { + return res.status(403).json({ error: 'Forbidden' }); + } + + // Easy to forget row-level filtering + const accounts = await db.query('SELECT * FROM account'); + res.json(accounts); +}); +``` + +**ObjectQL approach:** +```yaml +# Security as configuration (enforced automatically) +name: account +permissions: + read: + - role: sales_rep + filters: + - ['owner_id', '=', '{{CURRENT_USER_ID}}'] +``` + +```typescript +// Security enforced automatically +const accounts = await ObjectQL.query({ object: 'account' }); +// WHERE owner_id = current_user_id (injected by ObjectQL) +``` + +--- + +## Security Layers + + + } + title="Object-Level Security (ACL)" + description="Who can Create, Read, Update, Delete which objects" + /> + } + title="Field-Level Security" + description="Control access to individual fields (e.g., hide salary from non-managers)" + /> + } + title="Row-Level Security" + description="Filter which records users can see (e.g., see only own accounts)" + /> + } + title="Data Masking" + description="Obfuscate sensitive data (e.g., show last 4 digits of SSN)" + /> + + +--- + +## 1. Object-Level Security (CRUD Permissions) + +### Basic ACL + +```yaml +# account.object.yml +name: account +permissions: + create: + - role: sales_rep + - role: account_manager + + read: + - role: sales_rep + - role: account_manager + - role: executive + + update: + - role: account_manager + + delete: + - role: admin +``` + +**Behavior:** +- **Sales Rep:** Can create and read accounts +- **Account Manager:** Can create, read, and update accounts +- **Executive:** Can read accounts (read-only) +- **Admin:** Full access (CRUD) + +### Permission Check Flow + +``` +User requests: GET /api/account/123 + ↓ +1. Check Object-Level Permission + ✓ User has 'read' on 'account'? + ↓ +2. Apply Row-Level Filters + ✓ User can see record 123? + ↓ +3. Apply Field-Level Security + ✓ Remove restricted fields + ↓ +Return filtered result +``` + +--- + +## 2. Row-Level Security + +### Owner-Based Access + +```yaml +# Only see records you own +name: opportunity +permissions: + read: + - role: sales_rep + filters: + - ['owner_id', '=', '{{CURRENT_USER_ID}}'] +``` + +**Runtime behavior:** +```typescript +// User queries opportunities +const opportunities = await ObjectQL.query({ object: 'opportunity' }); + +// ObjectQL injects filter automatically: +// WHERE owner_id = 'user_123' +``` + +### Team-Based Access + +```yaml +# See records owned by your team +name: account +permissions: + read: + - role: sales_rep + filters: + - ['owner.team_id', '=', '{{CURRENT_USER.team_id}}'] +``` + +### Territory-Based Access + +```yaml +# See accounts in your territory +name: account +permissions: + read: + - role: sales_rep + filters: + - ['territory_id', 'in', '{{CURRENT_USER.territory_ids}}'] +``` + +### Hierarchical Access + +```yaml +# Managers see their records + subordinates' records +name: opportunity +permissions: + read: + - role: sales_manager + filters: + - ['or', + ['owner_id', '=', '{{CURRENT_USER_ID}}'], + ['owner.manager_id', '=', '{{CURRENT_USER_ID}}'] + ] +``` + +### Multi-Tenant Isolation + +```yaml +# Strict tenant isolation +name: customer +tenant_scope: true # Auto-inject tenant filter +permissions: + read: + - role: user + filters: + - ['tenant_id', '=', '{{CURRENT_TENANT_ID}}'] +``` + +**Guarantee:** User in Tenant A **cannot** access Tenant B's data, even with direct API calls or SQL injection attempts. + +### Conditional Filters + +```yaml +# Different filters for different roles +name: account +permissions: + read: + # Sales reps: Own accounts only + - role: sales_rep + filters: + - ['owner_id', '=', '{{CURRENT_USER_ID}}'] + + # Managers: Team accounts + - role: manager + filters: + - ['owner.team_id', '=', '{{CURRENT_USER.team_id}}'] + + # Executives: All accounts + - role: executive + filters: [] # No restrictions +``` + +--- + +## 3. Field-Level Security + +### Hide Sensitive Fields + +```yaml +name: user +fields: + salary: + type: currency + label: Salary + visibility: + read: + - role: hr_manager + - role: executive + update: + - role: hr_manager + + ssn: + type: text + label: Social Security Number + visibility: + read: + - role: hr_admin + update: + - role: hr_admin +``` + +**Behavior:** +```typescript +// Sales manager queries user +const user = await ObjectQL.findOne('user', '123'); + +// Result (salary/ssn stripped): +// { +// _id: '123', +// name: 'John Doe', +// email: 'john@example.com' +// // salary: REMOVED +// // ssn: REMOVED +// } + +// HR manager queries same user +const user = await ObjectQL.findOne('user', '123'); + +// Result (salary visible): +// { +// _id: '123', +// name: 'John Doe', +// email: 'john@example.com', +// salary: { amount: 120000, currency: 'USD' } +// // ssn: STILL REMOVED (not hr_admin) +// } +``` + +### Field-Level Permissions Reference + +```yaml +fields: + field_name: + visibility: + read: [role1, role2] # Who can see the field + update: [role1] # Who can modify the field + create: [role1, role2] # Who can set on creation +``` + +### Computed Field Security + +```yaml +fields: + commission_rate: + type: percent + label: Commission Rate + visibility: + read: [sales_manager, hr_admin] + + total_commission: + type: formula + formula: "total_sales * commission_rate" + # Visibility inherited from commission_rate + # Users who can't see commission_rate can't see this +``` + +--- + +## 4. Data Masking + +### Partial Masking + +```yaml +fields: + ssn: + type: text + label: SSN + masking: + mode: partial + visible_chars: 4 + position: end + mask_char: '*' +``` + +**Display:** +- **Actual value:** `123-45-6789` +- **Masked value:** `***-**-6789` + +### Full Masking + +```yaml +fields: + credit_card: + type: text + label: Credit Card + masking: + mode: full + mask_char: '*' +``` + +**Display:** +- **Actual value:** `4111111111111111` +- **Masked value:** `****************` + +### Conditional Masking + +```yaml +fields: + salary: + type: currency + label: Salary + masking: + # Show full value to HR, masked to others + roles_with_access: [hr_manager, hr_admin] + mode: partial + mask_char: 'X' +``` + +### Hash Masking + +```yaml +fields: + email: + type: email + label: Email + masking: + mode: hash + algorithm: sha256 + # Returns: 5d41402abc4b2a76b9719d911017c592 +``` + +--- + +## 5. Advanced Security Patterns + +### Sharing Rules + +Grant additional access beyond base permissions: + +```yaml +name: account +permissions: + read: + - role: sales_rep + filters: [['owner_id', '=', '{{CURRENT_USER_ID}}']] + +sharing_rules: + # Share enterprise accounts with all sales reps + - name: share_enterprise_accounts + criteria: + - ['account_type', '=', 'Enterprise'] + access_level: read + shared_with: + - role: sales_rep +``` + +**Effect:** Sales reps see: +1. Their own accounts (base permission) +2. All enterprise accounts (sharing rule) + +### Record-Level Sharing + +```yaml +# Manual sharing via junction object +name: account_share +fields: + account_id: + type: lookup + reference_to: account + + user_id: + type: lookup + reference_to: user + + access_level: + type: select + options: [read, write] +``` + +**Query with sharing:** +```typescript +const accounts = await ObjectQL.query({ + object: 'account', + // User sees: + // 1. Own accounts (owner_id = user) + // 2. Shared accounts (via account_share) +}); +``` + +### Time-Based Access + +```yaml +permissions: + read: + - role: contractor + filters: + - ['contract_start', '<=', '{{TODAY()}}'] + - ['contract_end', '>=', '{{TODAY()}}'] +``` + +**Effect:** Contractors only see data during contract period. + +### IP-Based Restrictions + +```yaml +permissions: + read: + - role: user + ip_whitelist: + - 192.168.1.0/24 + - 10.0.0.0/8 +``` + +### Device-Based Access + +```yaml +permissions: + update: + - role: user + require_mfa: true # Require multi-factor authentication + allowed_devices: [desktop, mobile_app] + # Block: web_browser on mobile +``` + +--- + +## 6. Permission Evaluation + +### Priority Rules + +When multiple permission rules match: + +1. **Most specific wins** + - Field-level > Object-level > Global + +2. **Deny overrides allow** + - Explicit deny > Explicit allow + +3. **Role hierarchy** + - Admin > Manager > User + +**Example:** +```yaml +# Global default: No access +default_access: none + +# Object level: Sales can read +permissions: + read: [sales_rep] + +# Field level: Salary hidden +fields: + salary: + visibility: + read: [hr_manager] + +# Result for sales_rep: +# - Can read account (object-level) +# - Cannot see salary (field-level override) +``` + +### Permission Functions + +```yaml +filters: + # Current user + - ['owner_id', '=', '{{CURRENT_USER_ID}}'] + + # Current user's team + - ['team_id', '=', '{{CURRENT_USER.team_id}}'] + + # Current tenant + - ['tenant_id', '=', '{{CURRENT_TENANT_ID}}'] + + # Current date/time + - ['created_at', '>', '{{TODAY() - 30}}'] + + # User attributes + - ['territory', 'in', '{{CURRENT_USER.territories}}'] +``` + +--- + +## 7. Security Auditing + +### Audit Log + +Track all data access: + +```yaml +name: account +enable: + audit: true # Enable audit logging + audit_fields: [owner_id, annual_revenue, status] +``` + +**Audit log captures:** +- **Who:** User ID, role, IP address +- **What:** Object, record ID, fields changed +- **When:** Timestamp +- **How:** Old value → New value + +**Example log:** +```json +{ + "timestamp": "2024-01-15T14:30:00Z", + "user_id": "user_123", + "user_role": "sales_rep", + "action": "update", + "object": "account", + "record_id": "acc_456", + "changes": { + "annual_revenue": { + "old": 1000000, + "new": 1500000 + } + }, + "ip_address": "192.168.1.100" +} +``` + +### Access Logs + +Log all query attempts: + +```yaml +name: account +enable: + access_log: true +``` + +**Captures:** +- Failed permission checks (security violations) +- Successful queries (for compliance) +- Export operations (GDPR requirements) + +--- + +## 8. Data Encryption + +### At-Rest Encryption + +```yaml +fields: + ssn: + type: text + label: SSN + encrypt: true + encryption_key: ssn_master_key +``` + +**Storage:** +- Database stores encrypted value +- Application decrypts on read (if user has permission) +- Encryption key stored in secure vault (not in database) + +### In-Transit Encryption + +All ObjectQL communication uses TLS 1.3: +- API requests: HTTPS +- Database connections: SSL/TLS +- Internal services: mTLS (mutual TLS) + +### Field-Level Encryption + +```yaml +fields: + credit_card: + type: text + encrypt: true + encryption_algorithm: AES-256-GCM + key_rotation: 90 # Rotate key every 90 days +``` + +--- + +## 9. Compliance Features + +### GDPR: Right to be Forgotten + +```yaml +name: customer +enable: + gdpr_erasure: true + +fields: + email: + pii: true # Mark as personally identifiable + + name: + pii: true +``` + +**Erasure request:** +```typescript +await ObjectQL.gdprErase('customer', 'customer_123'); + +// Result: +// - PII fields set to null +// - Audit log preserved (who requested, when) +// - Related records handled per cascade rules +``` + +### HIPAA: PHI Protection + +```yaml +name: patient +compliance: hipaa + +fields: + medical_record_number: + type: text + phi: true # Protected Health Information + encrypt: true + audit: true +``` + +**Automatic enforcement:** +- Encryption at rest +- Access logging +- Minimum necessary principle (field-level security) +- Audit trail + +### SOC 2: Access Controls + +```yaml +name: financial_record +compliance: soc2 + +permissions: + read: + - role: accountant + require_mfa: true + session_timeout: 900 # 15 minutes + ip_whitelist: [corporate_network] +``` + +--- + +## 10. Security Testing + +### Permission Dry Run + +```typescript +// Check if user can access before querying +const canAccess = await ObjectQL.checkPermission({ + user: currentUser, + action: 'read', + object: 'account', + record_id: 'acc_123' +}); + +if (!canAccess) { + // Show error message, don't attempt query +} +``` + +### Security Assertions + +```typescript +// In tests +await expect( + ObjectQL.query({ + object: 'salary_data', + user: salesRepUser + }) +).toThrow(PermissionError); +``` + +### Penetration Testing + +ObjectQL provides security test helpers: + +```typescript +// Test all permission combinations +await ObjectQL.testSuite.runSecurityTests({ + objects: ['account', 'opportunity', 'contact'], + users: [admin, manager, salesRep, guest], + scenarios: ['create', 'read', 'update', 'delete'] +}); + +// Report: +// ✓ Admin: Full access to all objects +// ✓ Manager: Read access to team accounts +// ✗ Sales Rep: SECURITY ISSUE - Can read salary field +// ✓ Guest: No access (as expected) +``` + +--- + +## Real-World Examples + +### SaaS Multi-Tenancy + +```yaml +name: customer +tenant_scope: true + +permissions: + read: + - role: user + filters: + - ['tenant_id', '=', '{{CURRENT_TENANT_ID}}'] + - ['or', + ['owner_id', '=', '{{CURRENT_USER_ID}}'], + ['shared_with', 'contains', '{{CURRENT_USER_ID}}'] + ] +``` + +### Healthcare: Patient Records + +```yaml +name: patient_record +compliance: hipaa + +permissions: + read: + # Doctors: Own patients + - role: doctor + filters: + - ['assigned_doctor_id', '=', '{{CURRENT_USER_ID}}'] + + # Nurses: Same department + - role: nurse + filters: + - ['department_id', '=', '{{CURRENT_USER.department_id}}'] + + # Patient: Own record only + - role: patient + filters: + - ['patient_id', '=', '{{CURRENT_USER.patient_id}}'] + +fields: + diagnosis: + visibility: + read: [doctor, nurse] # Hidden from patient + + treatment_notes: + visibility: + read: [doctor] # Hidden from nurse and patient +``` + +### Banking: Transaction Security + +```yaml +name: transaction +compliance: pci_dss + +permissions: + read: + - role: account_holder + filters: + - ['account.owner_id', '=', '{{CURRENT_USER_ID}}'] + require_mfa: true + + update: + - role: admin + require_approval: true # Transactions require 2-person approval + +fields: + card_number: + type: text + encrypt: true + masking: + mode: partial + visible_chars: 4 + position: end + + cvv: + type: text + encrypt: true + masking: + mode: full +``` + +--- + +## Best Practices + +### 1. Principle of Least Privilege + +```yaml +# ❌ Bad: Grant broad access by default +permissions: + read: [user] # All users can read everything + +# ✅ Good: Restrict by default, grant explicitly +permissions: + read: + - role: account_owner + filters: [['owner_id', '=', '{{CURRENT_USER_ID}}']] +``` + +### 2. Defense in Depth + +```yaml +# Multiple security layers +permissions: + read: + - role: user + filters: [['owner_id', '=', '{{CURRENT_USER_ID}}']] + require_mfa: true + ip_whitelist: [corporate_network] + +fields: + sensitive_data: + encrypt: true + masking: { mode: partial } + audit: true +``` + +### 3. Security by Default + +```yaml +# Auto-inject security fields +name: project +fields: + owner_id: + type: lookup + reference_to: user + default_value: '{{CURRENT_USER_ID}}' # Auto-assign owner + + tenant_id: + type: lookup + reference_to: tenant + default_value: '{{CURRENT_TENANT_ID}}' # Auto-assign tenant +``` + +### 4. Regular Audits + +```bash +# Generate security report +objectstack security:audit + +# Output: +# Objects with no permissions: 3 +# Users with admin access: 5 +# Unencrypted PII fields: 2 +# Shared records: 42 +``` + +--- + +## Next Steps + + + + + + diff --git a/content/docs/objectql/types.mdx b/content/docs/objectql/types.mdx new file mode 100644 index 000000000..68538ab48 --- /dev/null +++ b/content/docs/objectql/types.mdx @@ -0,0 +1,1091 @@ +--- +title: Type System +description: Complete reference for ObjectQL field types - Scalars, relationships, computed fields, and advanced types +--- + +import { Type, Link, Calculator, Database } from 'lucide-react'; + +# ObjectQL Type System + +ObjectQL provides **20+ specialized field types** that encode business semantics, not just data storage primitives. Each type understands its purpose and automatically configures database schemas, UI renderers, validation rules, and API serialization. + +## Type Philosophy + +**Traditional databases:** +```sql +-- Just stores data +CREATE TABLE customer ( + revenue DECIMAL(18,2) -- Is this USD? EUR? Monthly? Annual? +); +``` + +**ObjectQL:** +```yaml +# Encodes business meaning +revenue: + type: currency + label: Annual Revenue + scale: 2 + precision: 18 + # Automatically knows: + # - Store amount + currency code + # - UI shows currency symbol + # - Validate numeric precision + # - Format for display ($1,234.56) +``` + +## Type Categories + + + } + title="Scalar Types" + description="Primitive values: text, numbers, dates, booleans" + /> + } + title="Relationship Types" + description="Lookups, master-detail, polymorphic references" + /> + } + title="Computed Types" + description="Formulas, rollup summaries, auto-numbers" + /> + } + title="Complex Types" + description="JSON, arrays, geolocation, file attachments" + /> + + +--- + +## 1. Scalar Types + +### Text Types + +#### `text` +Single-line text field. + +```yaml +company_name: + type: text + label: Company Name + max_length: 255 + required: true + index: true +``` + +**Database mapping:** +- PostgreSQL: `VARCHAR(max_length)` or `TEXT` +- MongoDB: `String` +- Redis: `String` + +**UI rendering:** +```html + +``` + +**Use cases:** +- Names, titles, identifiers +- Email addresses, phone numbers +- Short descriptions + +--- + +#### `textarea` +Multi-line plain text. + +```yaml +description: + type: textarea + label: Description + max_length: 5000 + rows: 10 +``` + +**Database mapping:** +- PostgreSQL: `TEXT` +- MongoDB: `String` + +**UI rendering:** +```html + +``` + +**Use cases:** +- Comments, notes +- Descriptions +- Plain text content + +--- + +#### `html` +Rich text with HTML markup. + +```yaml +bio: + type: html + label: Biography + sanitize: true # Remove dangerous tags + allowed_tags: [p, br, strong, em, ul, li] +``` + +**Database mapping:** +- PostgreSQL: `TEXT` +- MongoDB: `String` + +**Sanitization:** +- Removes `