add: server

Author: DanielFGray

.eslintrc.cjs

@@ -1,3 +1,5 @@
+require('dotenv').config()
+
 /** @type {import("eslint").Linter.Config} */
 module.exports = {
   root: true,
@@ -70,6 +72,11 @@ module.exports = {
         project: "./tsconfig.json",
       },
     },
+    {
+      files: ["./server/**/*.ts"],
+      parser: "@typescript-eslint/parser",
+      plugins: ["@typescript-eslint", "@ts-safeql/eslint-plugin"],
+    },
   ],
   rules: {
     "no-undef": "off",
@@ -84,5 +91,21 @@ module.exports = {
     "react/react-in-jsx-scope": "off",
     "@typescript-eslint/no-unused-vars": "off", // typescript does this anyway
     "@typescript-eslint/no-explicit-any": "warn",
+    "@ts-safeql/check-sql": [
+      "error",
+      {
+        connections: [
+          {
+            databaseUrl: process.env.DATABASE_URL,
+            targets: [
+              {
+                tag: "sql",
+                transform: "{type}[]",
+              },
+            ],
+          },
+        ],
+      },
+    ],
   },
 };

.gmrc

@@ -0,0 +1,119 @@
+/*
+ * Graphile Migrate configuration.
+ *
+ * This file is version tracked, do not add any secrets (passwords, etc) to it
+ * - manage these with environmental variables instead.
+ *
+ * This file is in JSON5 format, in VSCode you can use "JSON with comments" as
+ * the file format.
+ */
+
+{
+  /*
+   * Database connections strings are sourced from the DATABASE_URL,
+   * SHADOW_DATABASE_URL and ROOT_DATABASE_URL environmental variables.
+   */
+
+  /*
+   * pgSettings: key-value settings to be automatically loaded into PostgreSQL
+   * before running migrations, using an equivalent of `SET LOCAL <key> TO
+   * <value>`
+   */
+  "pgSettings": {
+    "search_path": "app_public,app_private,app_hidden,public"
+  },
+
+  /*
+   * placeholders: substituted in SQL files when compiled/executed. Placeholder
+   * keys should be prefixed with a colon and in all caps, like
+   * `:COLON_PREFIXED_ALL_CAPS`. Placeholder values should be strings. They
+   * will be replaced verbatim with NO ESCAPING AT ALL (this differs from how
+   * psql handles placeholders) so should only be used with "safe" values. This
+   * is useful for committing migrations where certain parameters can change
+   * between environments (development, staging, production) but you wish to
+   * use the same signed migration files for all.
+   *
+   * The special value "!ENV" can be used to indicate an environmental variable
+   * of the same name should be used.
+   *
+   * Graphile Migrate automatically sets the `:DATABASE_NAME` and
+   * `:DATABASE_OWNER` placeholders, and you should not attempt to override
+   * these.
+   */
+  "placeholders": {
+    ":DATABASE_AUTHENTICATOR": "!ENV",
+    ":DATABASE_VISITOR": "!ENV"
+  },
+
+  /*
+   * Actions allow you to run scripts or commands at certain points in the
+   * migration lifecycle. SQL files are ran against the database directly.
+   * "command" actions are ran with the following environmental variables set:
+   *
+   * - GM_DBURL: the PostgreSQL URL of the database being migrated
+   * - GM_DBNAME: the name of the database from GM_DBURL
+   * - GM_DBUSER: the user from GM_DBURL
+   * - GM_SHADOW: set to 1 if the shadow database is being migrated, left unset
+   *   otherwise
+   *
+   * If "shadow" is unspecified, the actions will run on events to both shadow
+   * and normal databases. If "shadow" is true the action will only run on
+   * actions to the shadow DB, and if false only on actions to the main DB.
+   */
+
+  /*
+   * afterReset: actions executed after a `graphile-migrate reset` command.
+   */
+  "afterReset": [
+    "!afterReset.sql",
+  ],
+
+  /*
+   * afterAllMigrations: actions executed once all migrations are complete.
+   */
+  "afterAllMigrations": [
+    // {
+    //   "_": "command",
+    //   "shadow": false,
+    //   "command": "node scripts/dump-db.js"
+    // }
+  ],
+
+  /*
+   * afterCurrent: actions executed once the current migration has been
+   * evaluated (i.e. in watch mode).
+   */
+  "afterCurrent": [
+    // {
+    //   "_": "command",
+    //   "shadow": false,
+    //   "command": ""
+    // }
+  ],
+
+  /*
+   * blankMigrationContent: content to be written to the current migration
+   * after commit. NOTE: this should only contain comments.
+   */
+  // "blankMigrationContent": "",
+
+  /****************************************************************************\
+  ***                                                                        ***
+  ***         You probably don't want to edit anything below here.           ***
+  ***                                                                        ***
+  \****************************************************************************/
+
+  /*
+   * manageGraphileMigrateSchema: if you set this false, you must be sure to
+   * keep the graphile_migrate schema up to date yourself. We recommend you
+   * leave it at its default.
+   */
+  // "manageGraphileMigrateSchema": true,
+
+  /*
+   * migrationsFolder: path to the folder in which to store your migrations.
+   */
+  // migrationsFolder: "./migrations",
+
+  "//generatedWith": "0.1.0"
+}

docker-compose.yml

@@ -0,0 +1,21 @@
+services:
+  db:
+    image: postgres:16-alpine
+    environment:
+      - POSTGRES_USER=${ROOT_DATABASE_USER}
+      - POSTGRES_PASSWORD=${ROOT_DATABASE_PASSWORD}
+    command: postgres
+      -c shared_preload_libraries=pg_stat_statements
+      -c pg_stat_statements.track=all
+      -c log_destination=stderr
+    volumes:
+      - /var/run/postgresql:/var/run/postgresql
+    #   - ./pgscripts:/docker-entrypoint-initdb.d
+    #   - ./data:/var/lib/postgresql/data
+    networks:
+      - appnet
+    ports:
+      - ${DATABASE_PORT}:5432
+
+networks:
+  appnet:

index.html

@@ -4,7 +4,7 @@
     <meta charset="UTF-8" />
     <link rel="icon" type="image/svg+xml" href="/vite.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>pg-fiddle</title>
+    <title>postgres-playground</title>
   </head>
   <body class="h-full bg-primary-100 text-primary-900 dark:text-primary-100 dark:bg-primary-900 ">
     <div class="h-full" id="appRoot"></div>

migrations/afterReset.sql

@@ -0,0 +1,15 @@
+BEGIN;
+GRANT CONNECT ON DATABASE :DATABASE_NAME TO :DATABASE_OWNER;
+GRANT CONNECT ON DATABASE :DATABASE_NAME TO :DATABASE_AUTHENTICATOR;
+GRANT ALL ON DATABASE :DATABASE_NAME TO :DATABASE_OWNER;
+ALTER SCHEMA public OWNER TO :DATABASE_OWNER;
+
+-- Some extensions require superuser privileges, so we create them before migration time.
+CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp" WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS citext WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS btree_gin WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS pgcrypto WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS pg_trgm WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS fuzzystrmatch WITH SCHEMA public;
+COMMIT;

migrations/current/0001-reset.sql

@@ -0,0 +1,10 @@
+/*
+ * Graphile Migrate will run our `current/...` migrations in one batch. Since
+ * this is our first migration it's defining the entire database, so we first
+ * drop anything that may have previously been created
+ * (app_public/app_hidden/app_private) so that we can start from scratch.
+ */
+
+drop schema if exists app_public cascade;
+drop schema if exists app_hidden cascade;
+drop schema if exists app_private cascade;

migrations/current/0010-public_permissions.sql

@@ -0,0 +1,20 @@
+/*
+ * The `public` *schema* contains things like PostgreSQL extensions. We
+ * deliberately do not install application logic into the public schema
+ * (instead storing it to app_public/app_hidden/app_private as appropriate),
+ * but none the less we don't want untrusted roles to be able to install or
+ * modify things into the public schema.
+ *
+ * The `public` *role* is automatically inherited by all other roles; we only
+ * want specific roles to be able to access our database so we must revoke
+ * access to the `public` role.
+ */
+
+revoke all on schema public from public;
+
+alter default privileges revoke all on sequences from public;
+alter default privileges revoke all on functions from public;
+
+-- Of course we want our database owner to be able to do anything inside the
+-- database, so we grant access to the `public` schema:
+grant all on schema public to :DATABASE_OWNER;

migrations/current/0020-schemas.sql

@@ -0,0 +1,25 @@
+/*
+ * Read about our app_public/app_hidden/app_private schemas here:
+ * https://www.graphile.org/postgraphile/namespaces/#advice
+ *
+ * Note this pattern is not required to use PostGraphile, it's merely the
+ * preference of the author of this package.
+ */
+
+create schema app_public;
+create schema app_hidden;
+create schema app_private;
+
+-- The 'visitor' role (used by PostGraphile to represent an end user) may
+-- access the public, app_public and app_hidden schemas (but _NOT_ the
+-- app_private schema).
+grant usage on schema public, app_public, app_hidden to :DATABASE_VISITOR;
+
+-- We want the `visitor` role to be able to insert rows (`serial` data type
+-- creates sequences, so we need to grant access to that).
+alter default privileges in schema public, app_public, app_hidden
+  grant usage, select on sequences to :DATABASE_VISITOR;
+
+-- And the `visitor` role should be able to call functions too.
+alter default privileges in schema public, app_public, app_hidden
+  grant execute on functions to :DATABASE_VISITOR;

migrations/current/0030-common_triggers.sql

@@ -0,0 +1,84 @@
+/*
+ * These triggers are commonly used across many tables.
+ */
+
+/*
+ * This trigger is used on tables with created_at and updated_at to ensure that
+ * these timestamps are kept valid (namely: `created_at` cannot be changed, and
+ * `updated_at` must be monotonically increasing).
+ */
+create function app_private.tg__timestamps() returns trigger as $$
+begin
+  NEW.created_at = (case when TG_OP = 'INSERT' then NOW() else OLD.created_at end);
+  NEW.updated_at = (case when TG_OP = 'UPDATE' and OLD.updated_at >= NOW() then OLD.updated_at + interval '1 millisecond' else NOW() end);
+  return NEW;
+end;
+$$ language plpgsql volatile set search_path to pg_catalog, public, pg_temp;
+
+-- Used for queueing jobs easily; relies on the fact that every table we have
+-- has a primary key 'id' column; this won't work if you rename your primary
+-- key columns.
+create function app_private.tg__add_job() returns trigger as $$
+begin
+  perform graphile_worker.add_job(tg_argv[0], json_build_object('id', NEW.id));
+  return NEW;
+end;
+$$ language plpgsql volatile security definer set search_path to pg_catalog, public, pg_temp;
+
+-- This trigger is used to queue a job to inform a user that a significant
+-- security change has been made to their account (e.g. adding a new email
+-- address, linking a new social login).
+create function app_private.tg__add_audit_job() returns trigger as $$
+declare
+  v_user_id uuid;
+  v_type text = TG_ARGV[0];
+  v_user_id_attribute text = TG_ARGV[1];
+  v_extra_attribute1 text = TG_ARGV[2];
+  v_extra_attribute2 text = TG_ARGV[3];
+  v_extra_attribute3 text = TG_ARGV[4];
+  v_extra1 text;
+  v_extra2 text;
+  v_extra3 text;
+begin
+  if v_user_id_attribute is null then
+    raise exception 'Invalid tg__add_audit_job call';
+  end if;
+
+  execute 'select ($1.' || quote_ident(v_user_id_attribute) || ')::uuid'
+    using (case when TG_OP = 'INSERT' then NEW else OLD end)
+    into v_user_id;
+
+  if v_extra_attribute1 is not null then
+    execute 'select ($1.' || quote_ident(v_extra_attribute1) || ')::text'
+      using (case when TG_OP = 'DELETE' then OLD else NEW end)
+      into v_extra1;
+  end if;
+  if v_extra_attribute2 is not null then
+    execute 'select ($1.' || quote_ident(v_extra_attribute2) || ')::text'
+      using (case when TG_OP = 'DELETE' then OLD else NEW end)
+      into v_extra2;
+  end if;
+  if v_extra_attribute3 is not null then
+    execute 'select ($1.' || quote_ident(v_extra_attribute3) || ')::text'
+      using (case when TG_OP = 'DELETE' then OLD else NEW end)
+      into v_extra3;
+  end if;
+
+  if v_user_id is not null then
+    perform graphile_worker.add_job(
+      'user__audit',
+      json_build_object(
+        'type', v_type,
+        'user_id', v_user_id,
+        'extra1', v_extra1,
+        'extra2', v_extra2,
+        'extra3', v_extra3,
+        'current_user_id', app_public.current_user_id(),
+        'schema', TG_TABLE_SCHEMA,
+        'table', TG_TABLE_NAME
+      ));
+  end if;
+
+  return NEW;
+end;
+$$ language plpgsql volatile security definer set search_path to pg_catalog, public, pg_temp;

migrations/current/0110-sessions.sql

@@ -0,0 +1,18 @@
+create table app_private.sessions (
+  id text primary key,
+  user_id uuid not null,
+  expires_at timestamptz not null default now()
+);
+
+create index sessions_user_id_idx on app_private.sessions (user_id);
+
+alter table app_private.sessions enable row level security;
+
+create function app_public.current_session_id() returns text as $$
+  select nullif(pg_catalog.current_setting('jwt.claims.session_id', true), '');
+$$ language sql stable;
+
+create function app_public.current_user_id() returns uuid as $$
+  select user_id from app_private.sessions
+  where id = app_public.current_session_id();
+$$ language sql stable security definer set search_path to pg_catalog, public, pg_temp;