doc: v2 to v3 migration guide

Author: ymc9

src/pages/index.tsx

@@ -32,13 +32,19 @@ function Header() {
                             A TypeScript toolkit that enhances Prisma ORM with flexible Authorization and
                             auto-generated, type-safe APIs/hooks, simplifying full-stack development
                         </p>
-                        <div className={styles.buttons}>
+                        <div className="flex flex-wrap justify-center gap-4">
                             <Link
                                 className="button button--secondary button--lg lg:text-2xl lg:px-8 lg:py-4"
                                 to="/docs/welcome"
                             >
                                 Get Started →
                             </Link>
+                            <a
+                                href="/v3"
+                                className="button button--outline button--lg border-solid lg:text-2xl lg:px-8 lg:py-4 hover:text-gray-200 dark:hover:text-gray-600"
+                            >
+                                Check V3 Beta
+                            </a>
                         </div>
                     </div>
                 </div>

versioned_docs/version-3.x/migrate-prisma.md

@@ -1,6 +1,6 @@
 ---
 description: How to migrate from a Prisma project to ZenStack v3
-sidebar_position: 10
+sidebar_position: 11
 ---
 
 import PackageInstall from './_components/PackageInstall';
@@ -260,7 +260,7 @@ export const db = new ZenStackClient(schema, {
 
 A key difference is that ZenStack's computed fields are evaluated on the database side, which much more efficient and flexible than client-side computation. Read more in the [Computed Fields](./orm/computed-fields.md) documentation.
 
-## Feature Gap
+## Feature Gaps
 
 Here's a list of Prisma features that are not supported in ZenStack v3:
 

versioned_docs/version-3.x/migrate-v2.md

@@ -0,0 +1,217 @@
+---
+description: How to migrate from a ZenStack v2 project to v3
+sidebar_position: 10
+---
+
+import PackageInstall from './_components/PackageInstall';
+
+# Migrating From ZenStack V2
+
+## Overview
+
+ZenStack v3 is a major rewrite of v2, with a focus on simplicity and flexibility. It replaced Prisma ORM with its own ORM component built above [Kysely](https://kysely.dev/), resulting in a much more light-weighted architecture and the level extensibility that we couldn't achieve in v2.
+
+A few v3 design decisions should make an upgrade much less painful:
+
+- The ZModel schema is essentially compatible with v2.
+- The ORM query API compatible with that of `PrismaClient`, thus compatible with v2.
+
+However, given the architectural changes, some effort is required to adapt to the new system. This guide will help you migrate an existing ZenStack v2 project.
+
+## Compatibility Check
+
+Here are a few important items to verify before preparing your migration:
+
+- Database support
+   
+   V3 only supports PostgreSQL and SQLite databases for now. MySQL will be added later.
+
+   For PostgreSQL, only native the traditional TCP-based connection is supported. Newer HTTP-based protocols like supported by newer providers like Neon and Prisma PG are not supported yet, but will be in the future.
+
+- Prisma feature gaps
+
+   A few Prisma ORM's features are not implemented or not planned. Please check the [Prisma Feature Gaps](./migrate-prisma.md#feature-gaps) for details.
+
+- V2 feature gaps
+
+   A few ZenStack v2's features are not implemented. Some less popular features are planned to be dropped. Please check the [Feature Gaps](#feature-gaps) for details.
+
+## Migrating Prisma
+
+Since ZenStack v3 is not based on Prisma ORM anymore, the first thing to do is to replace Prisma dependencies with ZenStack and update code where `PrismaClient` is created. Please follow the [Prisma Migration Guide](./migrate-prisma.md) for detailed instructions.
+
+## Migrating Access Policies
+
+Since v3's ZModel language is backward compatible with v2, no much work is needed in ZModel files. One change necessary is that, if you use access policies (`@@allow`, `@@deny`, etc.), they are now in self-contained plugins, and you need to install the package separately, add a plugin declaration in ZModel, and install the plugin at runtime.
+
+1. Install the package
+
+  <PackageInstall dependencies={["@zenstackhq/plugin-policy"]} />
+
+2. Add a plugin declaration in ZModel
+
+  ```zmodel title="schema.zmodel"
+
+  // adding the plugin makes attributes like `@@allow` and `@@deny` work
+  plugin policy {
+      provider = '@zenstackhq/plugin-policy'
+  }
+
+  ```
+
+3. Install the plugin at runtime
+
+```ts title="db.ts"
+import { PolicyPlugin } from '@zenstackhq/plugin-policy';
+
+// ORM client without access control
+export const db = new ZenStackClient({ ... });
+
+// ORM client with access control
+export const authDb = db.$use(new PolicyPlugin());
+```
+
+When you need to query the database with a specific user identity, call the `$setAuth()` method on the ORM client (with the access policy plugin installed) to get a user-bound instance.
+
+```ts
+async function processRequest(request: Request) {
+  // get the validated user identity from your auth system
+  const user = await getCurrentUser(request);
+
+  // create a user-bound ORM client
+  const userDb = authDb.$setAuth(user);
+
+  // process the request with `userDb`
+  ...
+}
+```
+
+The policy rules in ZModel are mostly backward compatible, except for a breaking change about post-update policies. In v3, post-update rules are expressed with its own "post-update" policy type and separate from regular "update" rules. Inside "post-update" rules, by default fields refer to the entity's "after-update" state, and you can use the `before()` function to refer to the "before-update" state. See [Post Update Rules](./orm/access-control/post-update.md) for more details.
+
+Here's a quick example for how to migrate:
+
+V2:
+
+```zmodel
+model Post {
+   ...
+   ownerId Int
+   owner   User @relation(fields: [ownerId], references: [id])
+
+   // update is not allowed to change the owner
+   @@deny('update', future().ownerId != ownerId)
+}
+```
+
+V3:
+```zmodel
+model Post {
+   ...
+   ownerId Int
+   owner   User @relation(fields: [ownerId], references: [id])
+
+   // update is not allowed to change the owner
+   @@deny('post-update', ownerId != before().ownerId)
+}
+```
+
+## Migrating Server Adapters
+
+Server adapters are mostly backward compatible. One small change needed is that, when creating a server adapter, it's now mandatory to explicitly pass in an API handler instance (RPC or RESTful). The API handlers are now created with the `schema` object as input. See [Server Adapters](./service/server-adapter.md) for more details.
+
+Here's an example with Express.js:
+
+```ts
+import { schema } from '~/zenstack/schema';
+import { authDb } from '~/db';
+
+app.use(
+  '/api/model',
+  ZenStackMiddleware({
+    // an API handler needs to be explicitly passed in
+    apiHandler: new RPCApiHandler({ schema }),
+
+    // `getPrisma` is renamed to `getClient` in v3
+    getClient: (request) => getClientForRequest(request),
+  })
+);
+
+function getClientForRequest(request: Request) {
+  const user = getCurrentUser(request);
+  return authDb.$setAuth(user);
+}
+```
+
+## Migrating Client-Side Hooks
+
+V3 brings a new implementation of [TanStack Query](https://tanstack.com/query) implementation that doesn't require code generation. Instead, TS types are fully inferred from the schema type at compile time, and the runtime logic is based on interpretation of the schema object. As a result, the new integration becomes a simple library that you call, and no plugin is involved.
+
+To support such an architecture change. Query hooks are now grouped into an object that mirrors the API style of the ORM client. You need to adjust v2 code (that uses the flat `useFindMany[Model]` style hooks) into this new structure.
+
+V2:
+```ts
+import { useFindManyUser } from '~/hooks';
+
+export function MyComponent() {
+  const { data } = useFindManyUser({ ... });
+  ...
+}
+```
+
+V3:
+```ts
+import { useClientQueries } from '@zenstackhq/tanstack-query';
+import { schema } from '~/zenstack/schema';
+
+export function MyComponent() {
+  const client = useClientQueries(schema);
+  const { data } = client.user.useFindMany({ ... });
+  ...
+}
+```
+
+[SWR](https://swr.vercel.app/) support has been dropped due to low popularity.
+
+## Migration Custom Plugins
+
+V3 comes with a completely revised plugin system that offers great power and flexibility. You can check the concepts in the [Data Model Plugin](./modeling/plugin.md) and [ORM Plugin](./orm/plugins/) documentation.
+
+The plugin development document is still WIP. This part of the migration guide will be added later when it's ready.
+
+## Feature Gaps
+
+This section lists v2 features that haven't been migrated to v3 yet, or that are planned to be removed in v3. Please feel free to share your thoughts about these decisions in [Discord](https://discord.gg/Ykhr738dUe) and we'll be happy to discuss them.
+
+### Automatic password hashing
+
+The `@password` attribute is removed in v3. We believe most people will use a more sophisticated authentication system than a simple id/password mechanism.
+
+### Field-level access control
+
+Not supported yet but will be added soon with some design changes.
+
+### Zod integration
+
+Not supported yet but will be added soon with some design changes.
+
+### Checking permissions without querying the database
+
+The [check()](/docs/guides/check-permission) feature is removed due to low popularity.
+
+### tRPC integration
+
+[TRPC](https://trpc.io/) is TypeScript inference heavy, and stacking it over ZenStack generates additional complexities and pressure to the compiler. We're evaluating the best way to integrate it in v3, and no concrete plan is in place yet. At least there's no plan to directly migrate the code-generation based approach in v2.
+
+### OpenAPI spec generation
+
+The [OpenAPI plugin](/docs/reference/plugins/openapi) is not migrated to v3 yet and will be added later with some redesign.
+
+### SWR integration
+
+The [SWR plugin](https://swr.vercel.app/) is removed due to low popularity.
+
+## FAQ
+
+### Is data migration needed?
+
+No. From database schema point of view, v3 is fully backward compatible with v2.

versioned_docs/version-3.x/orm/errors.md

@@ -5,22 +5,101 @@ description: ORM Errors
 
 # Errors
 
-The ORM uses the following error classes from `@zenstackhq/orm` to represent different types of failures:
+The ORM throws an `ORMError` in case of failures. The class has the following fields:
 
-## `InputValidationError`
+```ts
+/**
+ * ZenStack ORM error.
+ */
+export class ORMError extends Error {
+    /**
+     * The name of the model that the error pertains to.
+     */
+    model?: string;
 
-This error is thrown when the argument passed to the ORM methods is invalid, e.g., missing required fields, or containing unknown fields. The `cause` property is set to the original error thrown during validation.
+    /**
+     * The error code given by the underlying database driver.
+     */
+    dbErrorCode?: unknown;
 
-If [input validation](../orm/validation.md) is used, this error is also thrown when the validation rules are violated.
+    /**
+     * The error message given by the underlying database driver.
+     */
+    dbErrorMessage?: string;
 
-## `NotFoundError`
+    /**
+     * The reason code for policy rejection. Only available when `reason` is `REJECTED_BY_POLICY`.
+     */
+    rejectedByPolicyReason?: RejectedByPolicyReason;
 
-This error is thrown when a requested record is not found in the database, e.g., when calling `findUniqueOrThrow`, `update`, etc.
+    /**
+     * The SQL query that was executed. Only available when `reason` is `DB_QUERY_ERROR`.
+     */
+    sql?: string;
 
-## `QueryError`
+    /**
+     * The parameters used in the SQL query. Only available when `reason` is `DB_QUERY_ERROR`.
+     */
+    sqlParams?: readonly unknown[];
+}
 
-This error is used to encapsulate all other errors thrown from the underlying database driver. The `cause` property is set to the original error thrown.
+/**
+ * Reason code for ORM errors.
+ */
+export enum ORMErrorReason {
+    /**
+     * ORM client configuration error.
+     */
+    CONFIG_ERROR = 'config-error',
 
-## `RejectedByPolicyError`
+    /**
+     * Invalid input error.
+     */
+    INVALID_INPUT = 'invalid-input',
 
-This error is thrown when an operation is rejected by [access control policies](../orm/access-control/index.md).
+    /**
+     * The specified record was not found.
+     */
+    NOT_FOUND = 'not-found',
+
+    /**
+     * Operation is rejected by access policy.
+     */
+    REJECTED_BY_POLICY = 'rejected-by-policy',
+
+    /**
+     * Error was thrown by the underlying database driver.
+     */
+    DB_QUERY_ERROR = 'db-query-error',
+
+    /**
+     * The requested operation is not supported.
+     */
+    NOT_SUPPORTED = 'not-supported',
+
+    /**
+     * An internal error occurred.
+     */
+    INTERNAL_ERROR = 'internal-error',
+}
+
+/**
+ * Reason code for policy rejection.
+ */
+export enum RejectedByPolicyReason {
+    /**
+     * Rejected because the operation is not allowed by policy.
+     */
+    NO_ACCESS = 'no-access',
+
+    /**
+     * Rejected because the result cannot be read back after mutation due to policy.
+     */
+    CANNOT_READ_BACK = 'cannot-read-back',
+
+    /**
+     * Other reasons.
+     */
+    OTHER = 'other',
+}
+```

versioned_docs/version-3.x/roadmap.md

@@ -10,10 +10,10 @@ This is a list of major features that are planned for the future releases of Zen
 - [x] Data Validation
 - [x] Performance benchmark
 - [x] Query-as-a-Service (automatic CRUD API)
-- [ ] TanStack Query integration
+- [x] TanStack Query integration
 - [ ] Zod utility
 - [ ] Custom functions
 - [ ] Custom procedures
 - [ ] Field encryption
 - [ ] Soft delete
-- [ ] Audit trail
+- [ ] Audit trail

versioned_docs/version-3.x/service/api-handler/rest.md

@@ -949,6 +949,7 @@ An error response is an object containing the following fields:
     - title: `string`, error title
     - detail: `string`, detailed error message
     - reason: `string`, extra reason for the error
+    - dbErrorCode: `unknown`, the error code given by the underlying database driver
 
 ### Example