feat: scope all repo reads/writes to the caller's ownerId
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
@@ -6,6 +6,7 @@ type Sql = ReturnType<typeof postgres>;
|
||||
export interface ListRow {
|
||||
id: string;
|
||||
name: string;
|
||||
owner_id: string | null;
|
||||
}
|
||||
|
||||
export interface TaskRow {
|
||||
@@ -15,52 +16,68 @@ export interface TaskRow {
|
||||
description: string | null;
|
||||
source: string;
|
||||
consumed: boolean;
|
||||
owner_id: string | null;
|
||||
created_at: Date;
|
||||
updated_at: Date;
|
||||
}
|
||||
|
||||
export async function getLists(sql: Sql): Promise<ListRow[]> {
|
||||
return sql<ListRow[]>`select id, name from lists order by name`;
|
||||
// Ownership model: every read/write is scoped to the caller's Zitadel sub (ownerId).
|
||||
// owner_id NULL = legacy row from before multi-user — visible to every authorized user
|
||||
// and adopted (stamped with the caller's sub) by the caller's next write that touches it.
|
||||
// Upserts use `on conflict … where` so they can never modify a row owned by someone else.
|
||||
|
||||
export async function getLists(sql: Sql, ownerId: string): Promise<ListRow[]> {
|
||||
return sql<ListRow[]>`
|
||||
select id, name, owner_id from lists
|
||||
where owner_id = ${ownerId} or owner_id is null
|
||||
order by name`;
|
||||
}
|
||||
|
||||
/** Full-replace catalog: upsert all supplied, delete any list not present (cascades tasks). */
|
||||
/** Full-replace of the caller's catalog: upsert all supplied, delete the caller's (and legacy) lists not present (cascades tasks). */
|
||||
export async function replaceLists(
|
||||
sql: Sql,
|
||||
ownerId: string,
|
||||
lists: { id: string; name: string }[],
|
||||
): Promise<void> {
|
||||
await sql.begin(async (tx) => {
|
||||
for (const l of lists) {
|
||||
await tx`
|
||||
insert into lists (id, name, updated_at)
|
||||
values (${l.id}, ${l.name}, now())
|
||||
on conflict (id) do update set name = excluded.name, updated_at = now()`;
|
||||
insert into lists (id, name, owner_id, updated_at)
|
||||
values (${l.id}, ${l.name}, ${ownerId}, now())
|
||||
on conflict (id) do update set name = excluded.name, owner_id = ${ownerId}, updated_at = now()
|
||||
where lists.owner_id = ${ownerId} or lists.owner_id is null`;
|
||||
}
|
||||
if (lists.length) {
|
||||
const ids = lists.map((l) => l.id);
|
||||
await tx`delete from lists where id <> all(${ids})`;
|
||||
if (ids.length) {
|
||||
await tx`delete from lists where (owner_id = ${ownerId} or owner_id is null) and id <> all(${ids})`;
|
||||
} else {
|
||||
await tx`delete from lists`;
|
||||
await tx`delete from lists where owner_id = ${ownerId} or owner_id is null`;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
export async function listExists(sql: Sql, id: string): Promise<boolean> {
|
||||
const rows = await sql`select 1 from lists where id = ${id}`;
|
||||
export async function listExists(sql: Sql, ownerId: string, id: string): Promise<boolean> {
|
||||
const rows = await sql`
|
||||
select 1 from lists where id = ${id} and (owner_id = ${ownerId} or owner_id is null)`;
|
||||
return rows.length > 0;
|
||||
}
|
||||
|
||||
export async function getTasksForList(sql: Sql, listId: string): Promise<TaskRow[]> {
|
||||
return sql<TaskRow[]>`select * from tasks where list_id = ${listId} order by created_at`;
|
||||
export async function getTasksForList(sql: Sql, ownerId: string, listId: string): Promise<TaskRow[]> {
|
||||
return sql<TaskRow[]>`
|
||||
select * from tasks
|
||||
where list_id = ${listId} and (owner_id = ${ownerId} or owner_id is null)
|
||||
order by created_at`;
|
||||
}
|
||||
|
||||
export async function createWebTask(
|
||||
sql: Sql,
|
||||
ownerId: string,
|
||||
t: { listId: string; title: string; description: string | null },
|
||||
): Promise<TaskRow> {
|
||||
const id = randomUUID();
|
||||
const [row] = await sql<TaskRow[]>`
|
||||
insert into tasks (id, list_id, title, description, source, consumed)
|
||||
values (${id}, ${t.listId}, ${t.title}, ${t.description}, 'web', false)
|
||||
insert into tasks (id, list_id, title, description, source, consumed, owner_id)
|
||||
values (${id}, ${t.listId}, ${t.title}, ${t.description}, 'web', false, ${ownerId})
|
||||
returning *`;
|
||||
return row;
|
||||
}
|
||||
@@ -68,64 +85,76 @@ export async function createWebTask(
|
||||
/** Idempotent upsert of a desktop Idle task by id. Returns whether a row was inserted. */
|
||||
export async function upsertDesktopTask(
|
||||
sql: Sql,
|
||||
ownerId: string,
|
||||
id: string,
|
||||
t: { listId: string; title: string; description?: string | null },
|
||||
): Promise<{ created: boolean }> {
|
||||
const [row] = await sql<{ created: boolean }[]>`
|
||||
insert into tasks (id, list_id, title, description, source)
|
||||
values (${id}, ${t.listId}, ${t.title}, ${t.description ?? null}, 'desktop')
|
||||
insert into tasks (id, list_id, title, description, source, owner_id)
|
||||
values (${id}, ${t.listId}, ${t.title}, ${t.description ?? null}, 'desktop', ${ownerId})
|
||||
on conflict (id) do update set
|
||||
list_id = excluded.list_id,
|
||||
title = excluded.title,
|
||||
description = excluded.description,
|
||||
owner_id = ${ownerId},
|
||||
updated_at = now()
|
||||
where tasks.owner_id = ${ownerId} or tasks.owner_id is null
|
||||
returning (xmax = 0) as created`;
|
||||
return { created: row.created };
|
||||
// row is undefined when the id exists but belongs to another user: blocked no-op.
|
||||
return { created: row?.created ?? false };
|
||||
}
|
||||
|
||||
/**
|
||||
* Full-replace of the desktop-owned partition (the desktop's current Idle backlog).
|
||||
* Full-replace of the caller's desktop-owned partition (their current Idle backlog).
|
||||
* Mirrors `replaceLists`: upsert every supplied task as desktop-owned (consumed=true), and
|
||||
* delete any desktop-owned (consumed=true) task not in the payload. Web-created tasks still
|
||||
* awaiting pull (consumed=false) are left untouched. An empty array clears the partition.
|
||||
* delete any of the caller's (or legacy) desktop-owned tasks not in the payload. Web-created
|
||||
* tasks still awaiting pull (consumed=false) and other users' rows are left untouched.
|
||||
*/
|
||||
export async function mirrorDesktopTasks(
|
||||
sql: Sql,
|
||||
ownerId: string,
|
||||
items: { id: string; listId: string; title: string; description?: string | null }[],
|
||||
): Promise<void> {
|
||||
await sql.begin(async (tx) => {
|
||||
for (const t of items) {
|
||||
await tx`
|
||||
insert into tasks (id, list_id, title, description, source, consumed)
|
||||
values (${t.id}, ${t.listId}, ${t.title}, ${t.description ?? null}, 'desktop', true)
|
||||
insert into tasks (id, list_id, title, description, source, consumed, owner_id)
|
||||
values (${t.id}, ${t.listId}, ${t.title}, ${t.description ?? null}, 'desktop', true, ${ownerId})
|
||||
on conflict (id) do update set
|
||||
list_id = excluded.list_id,
|
||||
title = excluded.title,
|
||||
description = excluded.description,
|
||||
source = 'desktop',
|
||||
consumed = true,
|
||||
updated_at = now()`;
|
||||
owner_id = ${ownerId},
|
||||
updated_at = now()
|
||||
where tasks.owner_id = ${ownerId} or tasks.owner_id is null`;
|
||||
}
|
||||
const ids = items.map((t) => t.id);
|
||||
if (ids.length) {
|
||||
await tx`delete from tasks where consumed = true and id <> all(${ids})`;
|
||||
await tx`delete from tasks
|
||||
where consumed = true and (owner_id = ${ownerId} or owner_id is null) and id <> all(${ids})`;
|
||||
} else {
|
||||
await tx`delete from tasks where consumed = true`;
|
||||
await tx`delete from tasks where consumed = true and (owner_id = ${ownerId} or owner_id is null)`;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/** Web-created tasks the desktop has not yet imported. */
|
||||
export async function getUnconsumed(sql: Sql): Promise<TaskRow[]> {
|
||||
/** The caller's web-created tasks the desktop has not yet imported. */
|
||||
export async function getUnconsumed(sql: Sql, ownerId: string): Promise<TaskRow[]> {
|
||||
return sql<TaskRow[]>`
|
||||
select * from tasks where source = 'web' and consumed = false order by created_at`;
|
||||
select * from tasks
|
||||
where source = 'web' and consumed = false and (owner_id = ${ownerId} or owner_id is null)
|
||||
order by created_at`;
|
||||
}
|
||||
|
||||
export async function consume(sql: Sql, id: string): Promise<boolean> {
|
||||
const res = await sql`update tasks set consumed = true, updated_at = now() where id = ${id}`;
|
||||
export async function consume(sql: Sql, ownerId: string, id: string): Promise<boolean> {
|
||||
const res = await sql`
|
||||
update tasks set consumed = true, updated_at = now()
|
||||
where id = ${id} and (owner_id = ${ownerId} or owner_id is null)`;
|
||||
return res.count > 0;
|
||||
}
|
||||
|
||||
export async function deleteTask(sql: Sql, id: string): Promise<void> {
|
||||
await sql`delete from tasks where id = ${id}`;
|
||||
export async function deleteTask(sql: Sql, ownerId: string, id: string): Promise<void> {
|
||||
await sql`delete from tasks where id = ${id} and (owner_id = ${ownerId} or owner_id is null)`;
|
||||
}
|
||||
|
||||
@@ -4,6 +4,9 @@ import * as repo from "../server/utils/repo";
|
||||
|
||||
const sql = postgres(process.env.DATABASE_URL!, { max: 1, onnotice: () => {} });
|
||||
|
||||
const U1 = "user-1";
|
||||
const U2 = "user-2";
|
||||
|
||||
beforeEach(async () => {
|
||||
await sql`truncate lists cascade`;
|
||||
});
|
||||
@@ -14,54 +17,56 @@ afterAll(async () => {
|
||||
|
||||
describe("lists", () => {
|
||||
it("full-replace upserts supplied and deletes missing", async () => {
|
||||
await repo.replaceLists(sql, [
|
||||
await repo.replaceLists(sql, U1, [
|
||||
{ id: "a", name: "A" },
|
||||
{ id: "b", name: "B" },
|
||||
]);
|
||||
await repo.replaceLists(sql, [{ id: "a", name: "A2" }]); // b removed, a renamed
|
||||
const got = await repo.getLists(sql);
|
||||
expect(got).toEqual([{ id: "a", name: "A2" }]);
|
||||
await repo.replaceLists(sql, U1, [{ id: "a", name: "A2" }]); // b removed, a renamed
|
||||
const got = await repo.getLists(sql, U1);
|
||||
expect(got).toEqual([{ id: "a", name: "A2", owner_id: U1 }]);
|
||||
});
|
||||
|
||||
it("empty payload clears all lists", async () => {
|
||||
await repo.replaceLists(sql, [{ id: "a", name: "A" }]);
|
||||
await repo.replaceLists(sql, []);
|
||||
expect(await repo.getLists(sql)).toEqual([]);
|
||||
it("empty payload clears all my lists", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "a", name: "A" }]);
|
||||
await repo.replaceLists(sql, U1, []);
|
||||
expect(await repo.getLists(sql, U1)).toEqual([]);
|
||||
});
|
||||
|
||||
it("deleting a list cascades its tasks", async () => {
|
||||
await repo.replaceLists(sql, [{ id: "a", name: "A" }]);
|
||||
await repo.upsertDesktopTask(sql, "t1", { listId: "a", title: "x" });
|
||||
await repo.replaceLists(sql, []); // removes a + cascades t1
|
||||
expect(await repo.getUnconsumed(sql)).toEqual([]);
|
||||
await repo.replaceLists(sql, U1, [{ id: "a", name: "A" }]);
|
||||
await repo.upsertDesktopTask(sql, U1, "t1", { listId: "a", title: "x" });
|
||||
await repo.replaceLists(sql, U1, []); // removes a + cascades t1
|
||||
expect(await repo.getUnconsumed(sql, U1)).toEqual([]);
|
||||
});
|
||||
|
||||
it("listExists validates listId", async () => {
|
||||
await repo.replaceLists(sql, [{ id: "L", name: "List" }]);
|
||||
expect(await repo.listExists(sql, "L")).toBe(true);
|
||||
expect(await repo.listExists(sql, "ghost")).toBe(false);
|
||||
it("listExists validates listId within the caller's scope", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "L", name: "List" }]);
|
||||
expect(await repo.listExists(sql, U1, "L")).toBe(true);
|
||||
expect(await repo.listExists(sql, U1, "ghost")).toBe(false);
|
||||
expect(await repo.listExists(sql, U2, "L")).toBe(false); // not my list
|
||||
});
|
||||
});
|
||||
|
||||
describe("tasks", () => {
|
||||
beforeEach(async () => {
|
||||
await repo.replaceLists(sql, [{ id: "L", name: "List" }]);
|
||||
await repo.replaceLists(sql, U1, [{ id: "L", name: "List" }]);
|
||||
});
|
||||
|
||||
it("web create returns generated GUID, source=web, consumed=false", async () => {
|
||||
const t = await repo.createWebTask(sql, { listId: "L", title: "buy milk", description: null });
|
||||
it("web create returns generated GUID, source=web, consumed=false, stamped owner", async () => {
|
||||
const t = await repo.createWebTask(sql, U1, { listId: "L", title: "buy milk", description: null });
|
||||
expect(t.id).toMatch(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/);
|
||||
expect(t.source).toBe("web");
|
||||
expect(t.consumed).toBe(false);
|
||||
expect(t.title).toBe("buy milk");
|
||||
expect(t.owner_id).toBe(U1);
|
||||
});
|
||||
|
||||
it("desktop upsert is idempotent by id; source=desktop on insert", async () => {
|
||||
const a = await repo.upsertDesktopTask(sql, "fixed-id", { listId: "L", title: "one" });
|
||||
const a = await repo.upsertDesktopTask(sql, U1, "fixed-id", { listId: "L", title: "one" });
|
||||
expect(a.created).toBe(true);
|
||||
const b = await repo.upsertDesktopTask(sql, "fixed-id", { listId: "L", title: "two", description: "d" });
|
||||
const b = await repo.upsertDesktopTask(sql, U1, "fixed-id", { listId: "L", title: "two", description: "d" });
|
||||
expect(b.created).toBe(false);
|
||||
const tasks = await repo.getTasksForList(sql, "L");
|
||||
const tasks = await repo.getTasksForList(sql, U1, "L");
|
||||
expect(tasks).toHaveLength(1);
|
||||
expect(tasks[0].title).toBe("two");
|
||||
expect(tasks[0].description).toBe("d");
|
||||
@@ -69,90 +74,165 @@ describe("tasks", () => {
|
||||
});
|
||||
|
||||
it("getUnconsumed returns only web tasks with consumed=false", async () => {
|
||||
await repo.createWebTask(sql, { listId: "L", title: "web1", description: null });
|
||||
await repo.upsertDesktopTask(sql, "d1", { listId: "L", title: "desk1" });
|
||||
const u = await repo.getUnconsumed(sql);
|
||||
await repo.createWebTask(sql, U1, { listId: "L", title: "web1", description: null });
|
||||
await repo.upsertDesktopTask(sql, U1, "d1", { listId: "L", title: "desk1" });
|
||||
const u = await repo.getUnconsumed(sql, U1);
|
||||
expect(u).toHaveLength(1);
|
||||
expect(u[0].title).toBe("web1");
|
||||
});
|
||||
|
||||
it("consume sets consumed=true and is reflected in getUnconsumed", async () => {
|
||||
const t = await repo.createWebTask(sql, { listId: "L", title: "c", description: null });
|
||||
expect(await repo.consume(sql, t.id)).toBe(true);
|
||||
expect(await repo.getUnconsumed(sql)).toEqual([]);
|
||||
const t = await repo.createWebTask(sql, U1, { listId: "L", title: "c", description: null });
|
||||
expect(await repo.consume(sql, U1, t.id)).toBe(true);
|
||||
expect(await repo.getUnconsumed(sql, U1)).toEqual([]);
|
||||
});
|
||||
|
||||
it("consume on unknown id returns false", async () => {
|
||||
expect(await repo.consume(sql, "nope")).toBe(false);
|
||||
expect(await repo.consume(sql, U1, "nope")).toBe(false);
|
||||
});
|
||||
|
||||
it("deleteTask is idempotent", async () => {
|
||||
const t = await repo.createWebTask(sql, { listId: "L", title: "c", description: null });
|
||||
await repo.deleteTask(sql, t.id);
|
||||
await repo.deleteTask(sql, t.id); // no throw on absent
|
||||
expect(await repo.getTasksForList(sql, "L")).toEqual([]);
|
||||
const t = await repo.createWebTask(sql, U1, { listId: "L", title: "c", description: null });
|
||||
await repo.deleteTask(sql, U1, t.id);
|
||||
await repo.deleteTask(sql, U1, t.id); // no throw on absent
|
||||
expect(await repo.getTasksForList(sql, U1, "L")).toEqual([]);
|
||||
});
|
||||
});
|
||||
|
||||
describe("mirrorDesktopTasks (desktop Idle full-replace)", () => {
|
||||
beforeEach(async () => {
|
||||
await repo.replaceLists(sql, [
|
||||
await repo.replaceLists(sql, U1, [
|
||||
{ id: "L", name: "List" },
|
||||
{ id: "L2", name: "List 2" },
|
||||
]);
|
||||
});
|
||||
|
||||
it("inserts items as desktop-owned (consumed=true, source=desktop)", async () => {
|
||||
await repo.mirrorDesktopTasks(sql, [
|
||||
it("inserts items as desktop-owned (consumed=true, source=desktop, stamped owner)", async () => {
|
||||
await repo.mirrorDesktopTasks(sql, U1, [
|
||||
{ id: "m1", listId: "L", title: "one", description: "d1" },
|
||||
{ id: "m2", listId: "L2", title: "two" },
|
||||
]);
|
||||
const t = await repo.getTasksForList(sql, "L");
|
||||
const t = await repo.getTasksForList(sql, U1, "L");
|
||||
expect(t).toHaveLength(1);
|
||||
expect(t[0]).toMatchObject({ id: "m1", title: "one", description: "d1", source: "desktop", consumed: true });
|
||||
expect(await repo.getTasksForList(sql, "L2")).toHaveLength(1);
|
||||
expect(t[0]).toMatchObject({ id: "m1", title: "one", description: "d1", source: "desktop", consumed: true, owner_id: U1 });
|
||||
expect(await repo.getTasksForList(sql, U1, "L2")).toHaveLength(1);
|
||||
});
|
||||
|
||||
it("upserts existing items by id (title/listId/description)", async () => {
|
||||
await repo.mirrorDesktopTasks(sql, [{ id: "m1", listId: "L", title: "one" }]);
|
||||
await repo.mirrorDesktopTasks(sql, [{ id: "m1", listId: "L2", title: "renamed", description: "x" }]);
|
||||
const onL = await repo.getTasksForList(sql, "L");
|
||||
const onL2 = await repo.getTasksForList(sql, "L2");
|
||||
await repo.mirrorDesktopTasks(sql, U1, [{ id: "m1", listId: "L", title: "one" }]);
|
||||
await repo.mirrorDesktopTasks(sql, U1, [{ id: "m1", listId: "L2", title: "renamed", description: "x" }]);
|
||||
const onL = await repo.getTasksForList(sql, U1, "L");
|
||||
const onL2 = await repo.getTasksForList(sql, U1, "L2");
|
||||
expect(onL).toHaveLength(0);
|
||||
expect(onL2).toHaveLength(1);
|
||||
expect(onL2[0]).toMatchObject({ title: "renamed", description: "x" });
|
||||
});
|
||||
|
||||
it("deletes desktop tasks whose id is not in the array", async () => {
|
||||
await repo.mirrorDesktopTasks(sql, [
|
||||
await repo.mirrorDesktopTasks(sql, U1, [
|
||||
{ id: "m1", listId: "L", title: "one" },
|
||||
{ id: "m2", listId: "L", title: "two" },
|
||||
]);
|
||||
await repo.mirrorDesktopTasks(sql, [{ id: "m1", listId: "L", title: "one" }]); // m2 dropped
|
||||
const t = await repo.getTasksForList(sql, "L");
|
||||
await repo.mirrorDesktopTasks(sql, U1, [{ id: "m1", listId: "L", title: "one" }]); // m2 dropped
|
||||
const t = await repo.getTasksForList(sql, U1, "L");
|
||||
expect(t.map((x) => x.id)).toEqual(["m1"]);
|
||||
});
|
||||
|
||||
it("empty array deletes all desktop tasks", async () => {
|
||||
await repo.mirrorDesktopTasks(sql, [{ id: "m1", listId: "L", title: "one" }]);
|
||||
await repo.mirrorDesktopTasks(sql, []);
|
||||
expect(await repo.getTasksForList(sql, "L")).toEqual([]);
|
||||
it("empty array deletes all my desktop tasks", async () => {
|
||||
await repo.mirrorDesktopTasks(sql, U1, [{ id: "m1", listId: "L", title: "one" }]);
|
||||
await repo.mirrorDesktopTasks(sql, U1, []);
|
||||
expect(await repo.getTasksForList(sql, U1, "L")).toEqual([]);
|
||||
});
|
||||
|
||||
it("does NOT touch web-created tasks awaiting pull (consumed=false)", async () => {
|
||||
const web = await repo.createWebTask(sql, { listId: "L", title: "web", description: null });
|
||||
await repo.mirrorDesktopTasks(sql, [{ id: "m1", listId: "L", title: "desk" }]);
|
||||
// web task survives the mirror (and is still unconsumed)
|
||||
const unconsumed = await repo.getUnconsumed(sql);
|
||||
const web = await repo.createWebTask(sql, U1, { listId: "L", title: "web", description: null });
|
||||
await repo.mirrorDesktopTasks(sql, U1, [{ id: "m1", listId: "L", title: "desk" }]);
|
||||
const unconsumed = await repo.getUnconsumed(sql, U1);
|
||||
expect(unconsumed.map((x) => x.id)).toEqual([web.id]);
|
||||
expect((await repo.getTasksForList(sql, "L")).map((x) => x.id).sort()).toEqual([web.id, "m1"].sort());
|
||||
expect((await repo.getTasksForList(sql, U1, "L")).map((x) => x.id).sort()).toEqual([web.id, "m1"].sort());
|
||||
});
|
||||
|
||||
it("claims a web task when its id is mirrored (becomes consumed=true)", async () => {
|
||||
const web = await repo.createWebTask(sql, { listId: "L", title: "web", description: null });
|
||||
await repo.mirrorDesktopTasks(sql, [{ id: web.id, listId: "L", title: "web (imported)" }]);
|
||||
expect(await repo.getUnconsumed(sql)).toEqual([]); // no longer awaiting pull
|
||||
const t = await repo.getTasksForList(sql, "L");
|
||||
const web = await repo.createWebTask(sql, U1, { listId: "L", title: "web", description: null });
|
||||
await repo.mirrorDesktopTasks(sql, U1, [{ id: web.id, listId: "L", title: "web (imported)" }]);
|
||||
expect(await repo.getUnconsumed(sql, U1)).toEqual([]); // no longer awaiting pull
|
||||
const t = await repo.getTasksForList(sql, U1, "L");
|
||||
expect(t[0]).toMatchObject({ id: web.id, title: "web (imported)", consumed: true });
|
||||
});
|
||||
});
|
||||
|
||||
describe("owner isolation", () => {
|
||||
it("lists are invisible to other users; legacy (NULL owner) lists visible to everyone", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "mine", name: "Mine" }]);
|
||||
await sql`insert into lists (id, name) values ('legacy', 'Old')`; // pre-multi-user row
|
||||
expect((await repo.getLists(sql, U1)).map((l) => l.id).sort()).toEqual(["legacy", "mine"]);
|
||||
expect((await repo.getLists(sql, U2)).map((l) => l.id)).toEqual(["legacy"]);
|
||||
});
|
||||
|
||||
it("replaceLists never deletes or renames another user's lists", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "a", name: "A" }]);
|
||||
await repo.replaceLists(sql, U2, [{ id: "b", name: "B" }]); // U2's full catalog: just b
|
||||
expect((await repo.getLists(sql, U1)).map((l) => l.id)).toEqual(["a"]);
|
||||
expect((await repo.getLists(sql, U2)).map((l) => l.id)).toEqual(["b"]);
|
||||
// U2 upserting U1's id must not steal/rename it
|
||||
await repo.replaceLists(sql, U2, [{ id: "a", name: "stolen" }, { id: "b", name: "B" }]);
|
||||
const u1Lists = await repo.getLists(sql, U1);
|
||||
expect(u1Lists).toEqual([{ id: "a", name: "A", owner_id: U1 }]);
|
||||
});
|
||||
|
||||
it("replaceLists adopts legacy lists (stamps the caller as owner)", async () => {
|
||||
await sql`insert into lists (id, name) values ('legacy', 'Old')`;
|
||||
await repo.replaceLists(sql, U1, [{ id: "legacy", name: "Old" }]);
|
||||
expect((await repo.getLists(sql, U2)).map((l) => l.id)).toEqual([]); // no longer legacy
|
||||
expect((await repo.getLists(sql, U1))[0]).toMatchObject({ id: "legacy", owner_id: U1 });
|
||||
});
|
||||
|
||||
it("tasks are invisible to other users; legacy tasks visible to everyone", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "L", name: "List" }]);
|
||||
await repo.createWebTask(sql, U1, { listId: "L", title: "mine", description: null });
|
||||
await sql`insert into tasks (id, list_id, title, source) values ('legacy-t', 'L', 'old', 'web')`;
|
||||
expect((await repo.getUnconsumed(sql, U2)).map((t) => t.id)).toEqual(["legacy-t"]);
|
||||
expect((await repo.getTasksForList(sql, U2, "L")).map((t) => t.id)).toEqual(["legacy-t"]);
|
||||
expect(await repo.getUnconsumed(sql, U1)).toHaveLength(2);
|
||||
});
|
||||
|
||||
it("one user's mirror never deletes another user's desktop tasks", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "L1", name: "U1 List" }]);
|
||||
await repo.replaceLists(sql, U2, [{ id: "L2", name: "U2 List" }]);
|
||||
await repo.mirrorDesktopTasks(sql, U1, [{ id: "m1", listId: "L1", title: "u1 task" }]);
|
||||
await repo.mirrorDesktopTasks(sql, U2, [{ id: "m2", listId: "L2", title: "u2 task" }]);
|
||||
// U2's full-replace (only m2) must not have wiped U1's m1:
|
||||
expect((await repo.getTasksForList(sql, U1, "L1")).map((t) => t.id)).toEqual(["m1"]);
|
||||
// and an empty mirror from U2 clears only U2's partition:
|
||||
await repo.mirrorDesktopTasks(sql, U2, []);
|
||||
expect((await repo.getTasksForList(sql, U1, "L1")).map((t) => t.id)).toEqual(["m1"]);
|
||||
expect(await repo.getTasksForList(sql, U2, "L2")).toEqual([]);
|
||||
});
|
||||
|
||||
it("mirror upsert cannot claim another user's task by id", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "L1", name: "U1 List" }]);
|
||||
await repo.replaceLists(sql, U2, [{ id: "L2", name: "U2 List" }]);
|
||||
const web = await repo.createWebTask(sql, U1, { listId: "L1", title: "u1 web", description: null });
|
||||
await repo.mirrorDesktopTasks(sql, U2, [{ id: web.id, listId: "L2", title: "hijack" }]);
|
||||
// U1's web task is untouched and still awaiting pull:
|
||||
const u1 = await repo.getUnconsumed(sql, U1);
|
||||
expect(u1.map((t) => t.id)).toEqual([web.id]);
|
||||
expect(u1[0].title).toBe("u1 web");
|
||||
});
|
||||
|
||||
it("upsertDesktopTask cannot overwrite another user's task", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "L", name: "List" }]);
|
||||
await repo.upsertDesktopTask(sql, U1, "shared-id", { listId: "L", title: "u1 owns this" });
|
||||
const res = await repo.upsertDesktopTask(sql, U2, "shared-id", { listId: "L", title: "u2 steal" });
|
||||
expect(res.created).toBe(false);
|
||||
expect((await repo.getTasksForList(sql, U1, "L"))[0].title).toBe("u1 owns this");
|
||||
});
|
||||
|
||||
it("consume and delete are scoped to the caller", async () => {
|
||||
await repo.replaceLists(sql, U1, [{ id: "L", name: "List" }]);
|
||||
const t = await repo.createWebTask(sql, U1, { listId: "L", title: "w", description: null });
|
||||
expect(await repo.consume(sql, U2, t.id)).toBe(false);
|
||||
await repo.deleteTask(sql, U2, t.id); // no-op for U2
|
||||
expect((await repo.getUnconsumed(sql, U1)).map((x) => x.id)).toEqual([t.id]);
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user