wdevs/ResolveSpec
5
0
Fork 0
mirror of https://github.com/bitechdev/ResolveSpec.git synced 2026-05-21 19:45:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: wdevs:v1.0.88
Branches Tags
wdevs:main wdevs:copilot/fix-api-null-response wdevs:copilot/sub-pr-9
wdevs:v1.1.1 wdevs:v1.1.0 wdevs:v1.0.114 wdevs:v1.0.113 wdevs:v1.0.112 wdevs:v1.0.111 wdevs:v1.0.110 wdevs:v1.0.109 wdevs:v1.0.108 wdevs:v1.0.107 wdevs:v1.0.106 wdevs:v1.0.105 wdevs:v1.0.104 wdevs:v1.0.103 wdevs:v1.0.102 wdevs:v1.0.101 wdevs:v1.0.100 wdevs:v1.0.99 wdevs:v1.0.98 wdevs:v1.0.97 wdevs:v1.0.96 wdevs:v1.0.95 wdevs:v1.0.94 wdevs:v1.0.93 wdevs:v1.0.92 wdevs:v1.0.91 wdevs:v1.0.90 wdevs:v1.0.89 wdevs:v1.0.88 wdevs:v1.0.87 wdevs:v1.0.86 wdevs:v1.0.85 wdevs:v1.0.84 wdevs:v1.0.83 wdevs:v1.0.82 wdevs:v1.0.81 wdevs:v1.0.80 wdevs:v1.0.79 wdevs:v1.0.78 wdevs:v1.0.77 wdevs:v1.0.76 wdevs:v1.0.75 wdevs:v1.0.74 wdevs:v1.0.73 wdevs:v1.0.72 wdevs:v1.0.71 wdevs:v1.0.70 wdevs:v1.0.69 wdevs:v1.0.68 wdevs:v1.0.67 wdevs:v1.0.66 wdevs:v1.0.65 wdevs:v1.0.64 wdevs:v1.0.63 wdevs:v1.0.62 wdevs:v1.0.61 wdevs:v1.0.60 wdevs:v1.0.59 wdevs:v1.0.58 wdevs:v1.0.57 wdevs:v1.0.56 wdevs:v1.0.55 wdevs:v1.0.54 wdevs:v1.0.53 wdevs:v1.0.52 wdevs:v1.0.51 wdevs:v1.0.50 wdevs:v1.0.49 wdevs:v1.0.48 wdevs:v1.0.47 wdevs:v1.0.46 wdevs:v1.0.45 wdevs:v1.0.44 wdevs:v1.0.43 wdevs:v1.0.42 wdevs:v1.0.41 wdevs:v1.0.40 wdevs:v1.0.39 wdevs:v1.0.38 wdevs:v1.0.37 wdevs:v1.0.36 wdevs:v1.0.35 wdevs:v1.0.34 wdevs:v1.0.33 wdevs:v1.0.32 wdevs:v1.0.31 wdevs:v1.0.30 wdevs:v1.0.29 wdevs:v1.0.28 wdevs:v1.0.27 wdevs:v1.0.26 wdevs:v1.0.25 wdevs:v1.0.24 wdevs:v1.0.23 wdevs:v1.0.22 wdevs:v1.0.21 wdevs:v1.0.20 wdevs:v1.0.19 wdevs:v1.0.18 wdevs:v1.0.17 wdevs:v1.0.16 wdevs:v1.0.15 wdevs:v1.0.14 wdevs:v1.0.13 wdevs:v1.0.12 wdevs:v1.0.11 wdevs:v1.0.10 wdevs:v1.0.9 wdevs:v1.0.8 wdevs:v1.0.7 wdevs:v1.0.6 wdevs:v1.0.5 wdevs:v1.0.4 wdevs:v1.0.3 wdevs:v1.0.2 wdevs:v1.0.1 wdevs:v1.0.0 wdevs:v0.0.122 wdevs:v0.0.121 wdevs:v0.0.120 wdevs:v0.0.119 wdevs:v0.0.118 wdevs:v0.0.117 wdevs:v0.0.116 wdevs:v0.0.115 wdevs:v0.0.114 wdevs:v0.0.113 wdevs:v0.0.112 wdevs:v0.0.111 wdevs:v0.0.110 wdevs:v0.0.109 wdevs:v0.0.108 wdevs:v0.0.107 wdevs:v0.0.106 wdevs:v0.0.105 wdevs:v0.0.104 wdevs:v0.0.103 wdevs:v0.0.102 wdevs:v0.0.101 wdevs:v0.0.100 wdevs:v0.0.99 wdevs:v0.0.98 wdevs:v0.0.97 wdevs:v0.0.96 wdevs:v0.0.95 wdevs:v0.0.94 wdevs:v0.0.93 wdevs:v0.0.92 wdevs:v0.0.91 wdevs:v0.0.90 wdevs:v0.0.89 wdevs:v0.0.88 wdevs:v0.0.87 wdevs:v0.0.86 wdevs:v0.0.85 wdevs:v0.0.84 wdevs:v0.0.83 wdevs:v0.0.82 wdevs:v0.0.81 wdevs:v0.0.80 wdevs:v0.0.79 wdevs:v0.0.78 wdevs:v0.0.77 wdevs:v0.0.76 wdevs:v0.0.75 wdevs:v0.0.74 wdevs:v0.0.73 wdevs:v0.0.72 wdevs:v0.0.71 wdevs:v0.0.70 wdevs:v0.0.69 wdevs:v0.0.68 wdevs:v0.0.67 wdevs:v0.0.66 wdevs:v0.0.65 wdevs:v0.0.64 wdevs:v0.0.63 wdevs:v0.0.62 wdevs:v0.0.61 wdevs:v0.0.60 wdevs:v0.0.59 wdevs:v0.0.58 wdevs:v0.0.57 wdevs:v0.0.56 wdevs:v0.0.55 wdevs:v0.0.54 wdevs:v0.0.53 wdevs:v0.0.52 wdevs:v0.0.51 wdevs:v0.0.50 wdevs:v0.0.49 wdevs:v0.0.48 wdevs:v0.0.47 wdevs:v0.0.46 wdevs:v0.0.45 wdevs:v0.0.44 wdevs:v0.0.43 wdevs:v0.0.42 wdevs:v0.0.41 wdevs:v0.0.40 wdevs:v0.0.39 wdevs:v0.0.38 wdevs:v0.0.37 wdevs:v0.0.36 wdevs:v0.0.35 wdevs:v0.0.34 wdevs:v0.0.33 wdevs:v0.0.32 wdevs:v0.0.31 wdevs:v0.0.30 wdevs:v0.0.29 wdevs:v0.0.28 wdevs:v0.0.27 wdevs:v0.0.26 wdevs:v0.0.25 wdevs:v0.0.24 wdevs:v0.0.23 wdevs:v0.0.22 wdevs:v0.0.21 wdevs:v0.0.20 wdevs:v0.0.19 wdevs:v0.0.18 wdevs:v0.0.17 wdevs:v0.0.16 wdevs:v0.0.15 wdevs:v0.0.14 wdevs:v0.0.13 wdevs:v0.0.12 wdevs:v0.0.11 wdevs:v0.0.10 wdevs:v0.0.9 wdevs:v0.0.8 wdevs:v0.0.7 wdevs:v0.0.6 wdevs:v0.0.5 wdevs:v0.0.4 wdevs:v0.0.3 wdevs:v0.0.2 wdevs:v0.0.1
...
compare: wdevs:v1.1.1
Branches Tags
wdevs:main wdevs:copilot/fix-api-null-response wdevs:copilot/sub-pr-9
wdevs:v1.1.1 wdevs:v1.1.0 wdevs:v1.0.114 wdevs:v1.0.113 wdevs:v1.0.112 wdevs:v1.0.111 wdevs:v1.0.110 wdevs:v1.0.109 wdevs:v1.0.108 wdevs:v1.0.107 wdevs:v1.0.106 wdevs:v1.0.105 wdevs:v1.0.104 wdevs:v1.0.103 wdevs:v1.0.102 wdevs:v1.0.101 wdevs:v1.0.100 wdevs:v1.0.99 wdevs:v1.0.98 wdevs:v1.0.97 wdevs:v1.0.96 wdevs:v1.0.95 wdevs:v1.0.94 wdevs:v1.0.93 wdevs:v1.0.92 wdevs:v1.0.91 wdevs:v1.0.90 wdevs:v1.0.89 wdevs:v1.0.88 wdevs:v1.0.87 wdevs:v1.0.86 wdevs:v1.0.85 wdevs:v1.0.84 wdevs:v1.0.83 wdevs:v1.0.82 wdevs:v1.0.81 wdevs:v1.0.80 wdevs:v1.0.79 wdevs:v1.0.78 wdevs:v1.0.77 wdevs:v1.0.76 wdevs:v1.0.75 wdevs:v1.0.74 wdevs:v1.0.73 wdevs:v1.0.72 wdevs:v1.0.71 wdevs:v1.0.70 wdevs:v1.0.69 wdevs:v1.0.68 wdevs:v1.0.67 wdevs:v1.0.66 wdevs:v1.0.65 wdevs:v1.0.64 wdevs:v1.0.63 wdevs:v1.0.62 wdevs:v1.0.61 wdevs:v1.0.60 wdevs:v1.0.59 wdevs:v1.0.58 wdevs:v1.0.57 wdevs:v1.0.56 wdevs:v1.0.55 wdevs:v1.0.54 wdevs:v1.0.53 wdevs:v1.0.52 wdevs:v1.0.51 wdevs:v1.0.50 wdevs:v1.0.49 wdevs:v1.0.48 wdevs:v1.0.47 wdevs:v1.0.46 wdevs:v1.0.45 wdevs:v1.0.44 wdevs:v1.0.43 wdevs:v1.0.42 wdevs:v1.0.41 wdevs:v1.0.40 wdevs:v1.0.39 wdevs:v1.0.38 wdevs:v1.0.37 wdevs:v1.0.36 wdevs:v1.0.35 wdevs:v1.0.34 wdevs:v1.0.33 wdevs:v1.0.32 wdevs:v1.0.31 wdevs:v1.0.30 wdevs:v1.0.29 wdevs:v1.0.28 wdevs:v1.0.27 wdevs:v1.0.26 wdevs:v1.0.25 wdevs:v1.0.24 wdevs:v1.0.23 wdevs:v1.0.22 wdevs:v1.0.21 wdevs:v1.0.20 wdevs:v1.0.19 wdevs:v1.0.18 wdevs:v1.0.17 wdevs:v1.0.16 wdevs:v1.0.15 wdevs:v1.0.14 wdevs:v1.0.13 wdevs:v1.0.12 wdevs:v1.0.11 wdevs:v1.0.10 wdevs:v1.0.9 wdevs:v1.0.8 wdevs:v1.0.7 wdevs:v1.0.6 wdevs:v1.0.5 wdevs:v1.0.4 wdevs:v1.0.3 wdevs:v1.0.2 wdevs:v1.0.1 wdevs:v1.0.0 wdevs:v0.0.122 wdevs:v0.0.121 wdevs:v0.0.120 wdevs:v0.0.119 wdevs:v0.0.118 wdevs:v0.0.117 wdevs:v0.0.116 wdevs:v0.0.115 wdevs:v0.0.114 wdevs:v0.0.113 wdevs:v0.0.112 wdevs:v0.0.111 wdevs:v0.0.110 wdevs:v0.0.109 wdevs:v0.0.108 wdevs:v0.0.107 wdevs:v0.0.106 wdevs:v0.0.105 wdevs:v0.0.104 wdevs:v0.0.103 wdevs:v0.0.102 wdevs:v0.0.101 wdevs:v0.0.100 wdevs:v0.0.99 wdevs:v0.0.98 wdevs:v0.0.97 wdevs:v0.0.96 wdevs:v0.0.95 wdevs:v0.0.94 wdevs:v0.0.93 wdevs:v0.0.92 wdevs:v0.0.91 wdevs:v0.0.90 wdevs:v0.0.89 wdevs:v0.0.88 wdevs:v0.0.87 wdevs:v0.0.86 wdevs:v0.0.85 wdevs:v0.0.84 wdevs:v0.0.83 wdevs:v0.0.82 wdevs:v0.0.81 wdevs:v0.0.80 wdevs:v0.0.79 wdevs:v0.0.78 wdevs:v0.0.77 wdevs:v0.0.76 wdevs:v0.0.75 wdevs:v0.0.74 wdevs:v0.0.73 wdevs:v0.0.72 wdevs:v0.0.71 wdevs:v0.0.70 wdevs:v0.0.69 wdevs:v0.0.68 wdevs:v0.0.67 wdevs:v0.0.66 wdevs:v0.0.65 wdevs:v0.0.64 wdevs:v0.0.63 wdevs:v0.0.62 wdevs:v0.0.61 wdevs:v0.0.60 wdevs:v0.0.59 wdevs:v0.0.58 wdevs:v0.0.57 wdevs:v0.0.56 wdevs:v0.0.55 wdevs:v0.0.54 wdevs:v0.0.53 wdevs:v0.0.52 wdevs:v0.0.51 wdevs:v0.0.50 wdevs:v0.0.49 wdevs:v0.0.48 wdevs:v0.0.47 wdevs:v0.0.46 wdevs:v0.0.45 wdevs:v0.0.44 wdevs:v0.0.43 wdevs:v0.0.42 wdevs:v0.0.41 wdevs:v0.0.40 wdevs:v0.0.39 wdevs:v0.0.38 wdevs:v0.0.37 wdevs:v0.0.36 wdevs:v0.0.35 wdevs:v0.0.34 wdevs:v0.0.33 wdevs:v0.0.32 wdevs:v0.0.31 wdevs:v0.0.30 wdevs:v0.0.29 wdevs:v0.0.28 wdevs:v0.0.27 wdevs:v0.0.26 wdevs:v0.0.25 wdevs:v0.0.24 wdevs:v0.0.23 wdevs:v0.0.22 wdevs:v0.0.21 wdevs:v0.0.20 wdevs:v0.0.19 wdevs:v0.0.18 wdevs:v0.0.17 wdevs:v0.0.16 wdevs:v0.0.15 wdevs:v0.0.14 wdevs:v0.0.13 wdevs:v0.0.12 wdevs:v0.0.11 wdevs:v0.0.10 wdevs:v0.0.9 wdevs:v0.0.8 wdevs:v0.0.7 wdevs:v0.0.6 wdevs:v0.0.5 wdevs:v0.0.4 wdevs:v0.0.3 wdevs:v0.0.2 wdevs:v0.0.1

32 Commits
v1.0.88 ... v1.1.1

Author SHA1 Message Date
Hein
1ce0ab1ab4 fix(validation): improve preload column validation logic
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Failing after -35m6s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Failing after -35m6s
Details
Build , Vet Test, and Lint / Lint Code (push) Failing after -35m6s
Details
Build , Vet Test, and Lint / Build (push) Failing after -35m6s
Details
Tests / Unit Tests (push) Failing after -35m7s
Details
Tests / Integration Tests (push) Failing after -35m7s
Details
2026-05-21 20:18:01 +02:00
Hein
1f9b230f7f fix(validation): improve preload column validation logic 
* Use related model's validator for filtering preload columns
* Ensure valid columns are checked against the correct validator
 2026-05-21 20:16:53 +02:00
Hein
c42c6b28e3 fix(errortracking): update error context handling in Sentry 
* Replace event.Extra with event.Contexts["extra"] for error and message captures.
* Consolidate extra context handling in CapturePanic method.
 2026-05-21 14:03:01 +02:00
Hein
57e7503389 feat(staticweb): enhance fallback logic for extensionless paths
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Failing after -35m7s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Failing after -35m7s
Details
Build , Vet Test, and Lint / Lint Code (push) Failing after -35m7s
Details
Build , Vet Test, and Lint / Build (push) Failing after -35m7s
Details
Tests / Unit Tests (push) Failing after -35m8s
Details
Tests / Integration Tests (push) Failing after -35m8s
Details 
* Added support for serving index.html for extensionless paths
* Updated isStaticAsset to exclude paths without extensions from static asset checks
 2026-05-21 13:30:39 +02:00
Hein
0308644075 feat(auth): add authenticate callback for fallback logic 
* Implement SetAuthenticateCallback in authenticators
* Update Authenticate methods to use callback on failure
 2026-05-21 11:27:51 +02:00
Hein
e5984f5205 feat(security): add cookie support for login and logout methods 
* Implement LoginWithCookie and LogoutWithCookie in stubAuthenticator, mockAuth, mockSecurityProvider, and MockAuthenticator
* Update tests to use cookie-based authentication
 2026-05-21 09:51:30 +02:00
Hein
76909ae869 feat(security): add cookie support for login and logout methods 
* Implement LoginWithCookie and LogoutWithCookie in CompositeSecurityProvider
* Update Authenticator interface to include cookie methods
* Add cookie support in HeaderAuthenticator and JWTAuthenticator
 2026-05-21 09:48:46 +02:00
Hein
c90c2984ac feat(security): add cookie session support to DatabaseAuthenticator 
* Introduce enableCookieSession option for session management
* Implement LoginWithCookie and LogoutWithCookie methods
* Update Authenticate method to support session token from cookie
 2026-05-21 09:14:50 +02:00
Hein
1ab4ae33e7 feat(security): implement ChainAuthenticator for sequential authentication 2026-05-21 08:35:39 +02:00
Hein
905457964c fix(restheadspec): remove redundant column selection in query 2026-05-21 08:34:09 +02:00
Hein
c42d09238f fix: better error detail for failed sql
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Failing after -35m9s
Details
Build , Vet Test, and Lint / Build (push) Failing after -35m9s
Details
Tests / Unit Tests (push) Failing after -35m10s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Failing after -35m9s
Details
Build , Vet Test, and Lint / Lint Code (push) Failing after -35m9s
Details
Tests / Integration Tests (push) Failing after -35m10s
Details
2026-05-20 13:06:26 +02:00
Hein
0647a88aba fix(restheadspec): qualify primary key and sort columns with table alias 2026-05-20 12:41:16 +02:00
Hein
3d2e11eeed fix(restheadspec): always respond 200 OK regardless of result count in sendFormattedResponse
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Successful in -33m27s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Successful in -32m51s
Details
Build , Vet Test, and Lint / Lint Code (push) Failing after -33m3s
Details
Build , Vet Test, and Lint / Build (push) Successful in -33m10s
Details
Tests / Unit Tests (push) Successful in -33m58s
Details
Tests / Integration Tests (push) Failing after -34m20s
Details
2026-05-19 09:46:25 +02:00
Hein
4493bfa40f feat(reflection): add IsEmptyValue helper; guard CUD ops against missing PK 
Add reflection.IsEmptyValue to detect nil, empty string, and zero numbers.
Use it in recursive CUD processing to skip update/delete when the primary
key is absent, logging a warning instead of proceeding with an invalid operation.
 2026-05-19 09:14:19 +02:00
Hein
b157379ff8 fix(restheadspec): return 200 OK with empty body instead of 204 on zero results 
Frontend clients are sensitive to 204 No Content responses; always return 200
with an empty array/object and rely on X-No-Data-Found header to signal absence
of records.

Also treat "change" as an alias for "update" in recursive CUD processing.
 2026-05-19 08:56:11 +02:00
Hein
52752d9c8b fix(bun): adjust field alignment in BunSelectQuery struct
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Successful in -33m53s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Successful in -33m29s
Details
Build , Vet Test, and Lint / Lint Code (push) Failing after -33m33s
Details
Build , Vet Test, and Lint / Build (push) Successful in -33m41s
Details
Tests / Unit Tests (push) Successful in -34m28s
Details
Tests / Integration Tests (push) Failing after -34m36s
Details
2026-05-18 17:12:32 +02:00
Hein
baca5ad29e fix(bun): add relation alias handling for separate-query preloads 
* implement preloadRelationAlias to rewrite WHERE conditions
* update Where method to handle relation alias in queries
 2026-05-18 17:12:21 +02:00
Hein
53ab22ce02 fix(nestedCUD): handle error in processChildRelations gracefully 2026-05-18 16:14:24 +02:00
Hein
09a3dc92b9 fix(restheadspec): normalize empty results to objects instead of arrays 2026-05-18 14:37:46 +02:00
Hein
6590cd789a fix(nestedCUD): re-select rows after insert/update for accurate state 
* Ensure result.Data reflects DB-generated defaults after insert.
* Update result.Data with current DB state after update.
 2026-05-18 13:10:13 +02:00
Hein
4244e838b1 fix(reflection): enhance GetForeignKeyColumn logic for self-referential models 
* Add support for self-referential models in GetForeignKeyColumn
* Update comments for clarity on foreign key resolution strategies
* Introduce selfRefItem struct for testing self-referential behavior
 2026-05-18 13:03:07 +02:00
Hein
c42fa11c1a fix(reflection): update GetForeignKeyColumn to return multiple columns 
* Change return type to []string for composite keys
* Adjust related logic in injectForeignKeys method
* Update tests to validate new behavior for composite foreign keys
 2026-05-18 12:39:06 +02:00
Hein
85bb0f7874 fix(funcspec): update meta variable replacement in SQL query 2026-05-18 12:13:06 +02:00
Hein
cd65946191 fix(database): add Scan method to insert query interfaces 
* Implement Scan method for BunInsertQuery, GormInsertQuery, and PgSQLInsertQuery
* Update mock implementations to support Scan method
* Introduce GetForeignKeyColumn utility for foreign key resolution
* Add tests for GetForeignKeyColumn functionality
 2026-05-18 12:04:50 +02:00
Hein
cb416d49c4 fix(headers): handle decoding errors in header values
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Successful in -33m58s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Successful in -33m22s
Details
Build , Vet Test, and Lint / Lint Code (push) Failing after -33m34s
Details
Build , Vet Test, and Lint / Build (push) Successful in -33m45s
Details
Tests / Unit Tests (push) Failing after -34m38s
Details
Tests / Integration Tests (push) Failing after -34m48s
Details 
* return original value if decoding fails
* decode base64 strings when appropriate
 2026-05-15 16:59:06 +02:00
Hein
cb921f2c5e fix(websocketspec): add transaction access to HookContext 2026-05-15 14:59:34 +02:00
Hein
1ebe0d7ac3 fix(funcspec): refine filter application logic for SQL queries 
* update filter checks to only consider SELECT list
* add test for function parameters not matching filters
 2026-05-15 14:28:12 +02:00
Hein
ae9e06c98b fix(sql_helpers): strip empty RHS conditions from SQL strings 
* Add regex patterns to identify and remove empty comparisons
* Implement tests for stripping empty RHS conditions
fix(handler): prevent duplicate JOIN aliases from preload
* Skip custom SQL JOINs if alias already provided by preload
* Split multiple JOIN clauses for individual alias handling
 2026-05-15 13:35:24 +02:00
Hein
2ae4d07544 fix(funcspec): remove AllowQueryParamFilters and related logic
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Successful in -26m44s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Successful in -26m26s
Details
Build , Vet Test, and Lint / Build (push) Successful in -34m6s
Details
Build , Vet Test, and Lint / Lint Code (push) Successful in -32m6s
Details
Tests / Integration Tests (push) Failing after -34m50s
Details
Tests / Unit Tests (push) Successful in -30m42s
Details 
* Simplify SqlQueryOptions by removing AllowQueryParamFilters
* Update mergeQueryParams to avoid applying filters for JSON arguments
* Add tests for sqlStripStringLiterals and query param handling
 2026-05-15 09:25:55 +02:00
Hein
49639b6c19 fix(funcspec): add support for query param filters 
* Introduced AllowQueryParamFilters option in SqlQueryOptions
* Implemented applyQueryParamFilters method to handle field filters
 2026-05-15 09:07:21 +02:00
Hein
8733176cba fix(funcspec): enhance quote detection for parameters 2026-05-15 08:26:59 +02:00
Hein
bce27f7ed2 fix: 🐛 Fixed array to slice array resolution on reflection GetRelationType
Some checks failed
Build , Vet Test, and Lint / Run Vet Tests (1.23.x) (push) Failing after -35m20s
Details
Build , Vet Test, and Lint / Run Vet Tests (1.24.x) (push) Failing after -35m20s
Details
Build , Vet Test, and Lint / Lint Code (push) Failing after -35m20s
Details
Build , Vet Test, and Lint / Build (push) Failing after -35m20s
Details
Tests / Unit Tests (push) Failing after -35m21s
Details
Tests / Integration Tests (push) Failing after -35m21s
Details
2026-05-11 14:24:25 +02:00
39 changed files with 1907 additions and 263 deletions
Expand all files Collapse all files

102
go.mod
View File

@@ -1,48 +1,46 @@
module github.com/bitechdev/ResolveSpec
go 1.24.0
toolchain go1.24.6
go 1.25.7
require (
github.com/DATA-DOG/go-sqlmock v1.5.2
github.com/bradfitz/gomemcache v0.0.0-20250403215159-8d39553ac7cf
github.com/bradfitz/gomemcache v0.0.0-20260422231931-4d751bb6e37c
github.com/eclipse/paho.mqtt.golang v1.5.1
github.com/getsentry/sentry-go v0.40.0
github.com/getsentry/sentry-go v0.46.2
github.com/glebarez/sqlite v1.11.0
github.com/google/uuid v1.6.0
github.com/gorilla/mux v1.8.1
github.com/gorilla/websocket v1.5.3
github.com/jackc/pgx/v5 v5.8.0
github.com/klauspost/compress v1.18.2
github.com/mark3labs/mcp-go v0.46.0
github.com/mattn/go-sqlite3 v1.14.33
github.com/microsoft/go-mssqldb v1.9.5
github.com/jackc/pgx/v5 v5.9.2
github.com/klauspost/compress v1.18.6
github.com/mark3labs/mcp-go v0.54.0
github.com/mattn/go-sqlite3 v1.14.44
github.com/microsoft/go-mssqldb v1.10.0
github.com/mochi-mqtt/server/v2 v2.7.9
github.com/nats-io/nats.go v1.48.0
github.com/nats-io/nats.go v1.52.0
github.com/prometheus/client_golang v1.23.2
github.com/redis/go-redis/v9 v9.17.2
github.com/redis/go-redis/v9 v9.19.0
github.com/spf13/viper v1.21.0
github.com/stretchr/testify v1.11.1
github.com/testcontainers/testcontainers-go v0.40.0
github.com/tidwall/gjson v1.18.0
github.com/tidwall/gjson v1.19.0
github.com/tidwall/sjson v1.2.5
github.com/uptrace/bun v1.2.16
github.com/uptrace/bun v1.2.18
github.com/uptrace/bun/dialect/mssqldialect v1.2.16
github.com/uptrace/bun/dialect/pgdialect v1.2.16
github.com/uptrace/bun/dialect/sqlitedialect v1.2.16
github.com/uptrace/bun/driver/sqliteshim v1.2.16
github.com/uptrace/bunrouter v1.0.23
go.mongodb.org/mongo-driver v1.17.6
go.opentelemetry.io/otel v1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0
go.opentelemetry.io/otel/sdk v1.38.0
go.opentelemetry.io/otel/trace v1.38.0
go.uber.org/zap v1.27.1
golang.org/x/crypto v0.46.0
golang.org/x/oauth2 v0.34.0
golang.org/x/time v0.14.0
go.mongodb.org/mongo-driver v1.17.9
go.opentelemetry.io/otel v1.43.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.43.0
go.opentelemetry.io/otel/sdk v1.43.0
go.opentelemetry.io/otel/trace v1.43.0
go.uber.org/zap v1.28.0
golang.org/x/crypto v0.51.0
golang.org/x/oauth2 v0.36.0
golang.org/x/time v0.15.0
gorm.io/driver/postgres v1.6.0
gorm.io/driver/sqlite v1.6.0
gorm.io/driver/sqlserver v1.6.3
@@ -62,7 +60,7 @@ require (
github.com/containerd/log v0.1.0 // indirect
github.com/containerd/platforms v0.2.1 // indirect
github.com/cpuguy83/dockercfg v0.3.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/distribution/reference v0.6.0 // indirect
github.com/docker/docker v28.5.1+incompatible // indirect
@@ -71,17 +69,17 @@ require (
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/ebitengine/purego v0.8.4 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.9.0 // indirect
github.com/fsnotify/fsnotify v1.10.1 // indirect
github.com/glebarez/go-sqlite v1.22.0 // indirect
github.com/go-logr/logr v1.4.3 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-ole/go-ole v1.2.6 // indirect
github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
github.com/go-viper/mapstructure/v2 v2.5.0 // indirect
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
github.com/golang-sql/sqlexp v0.1.0 // indirect
github.com/golang/snappy v1.0.0 // indirect
github.com/google/jsonschema-go v0.4.2 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 // indirect
github.com/google/jsonschema-go v0.4.3 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
github.com/jackc/puddle/v2 v2.2.2 // indirect
@@ -89,7 +87,7 @@ require (
github.com/jinzhu/now v1.1.5 // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/magiconair/properties v1.8.10 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-isatty v0.0.22 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/moby/go-archive v0.1.0 // indirect
github.com/moby/patternmatcher v0.6.0 // indirect
@@ -97,25 +95,26 @@ require (
github.com/moby/sys/user v0.4.0 // indirect
github.com/moby/sys/userns v0.1.0 // indirect
github.com/moby/term v0.5.0 // indirect
github.com/montanaflynn/stats v0.7.1 // indirect
github.com/montanaflynn/stats v0.9.0 // indirect
github.com/morikuni/aec v1.0.0 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/nats-io/nkeys v0.4.11 // indirect
github.com/nats-io/nkeys v0.4.15 // indirect
github.com/nats-io/nuid v1.0.1 // indirect
github.com/ncruces/go-strftime v1.0.0 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.1 // indirect
github.com/pelletier/go-toml/v2 v2.2.4 // indirect
github.com/pelletier/go-toml/v2 v2.3.1 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
github.com/prometheus/client_model v0.6.2 // indirect
github.com/prometheus/common v0.67.4 // indirect
github.com/prometheus/procfs v0.19.2 // indirect
github.com/prometheus/common v0.67.5 // indirect
github.com/prometheus/procfs v0.20.1 // indirect
github.com/puzpuzpuz/xsync/v3 v3.5.1 // indirect
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
github.com/rs/xid v1.4.0 // indirect
github.com/rs/xid v1.6.0 // indirect
github.com/sagikazarmark/locafero v0.12.0 // indirect
github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 // indirect
github.com/shirou/gopsutil/v4 v4.25.6 // indirect
github.com/shopspring/decimal v1.4.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
@@ -137,28 +136,29 @@ require (
github.com/yosida95/uritemplate/v3 v3.0.2 // indirect
github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
go.opentelemetry.io/otel/metric v1.38.0 // indirect
go.opentelemetry.io/proto/otlp v1.7.1 // indirect
go.opentelemetry.io/otel/metric v1.43.0 // indirect
go.opentelemetry.io/proto/otlp v1.10.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.yaml.in/yaml/v2 v2.4.3 // indirect
go.yaml.in/yaml/v2 v2.4.4 // indirect
go.yaml.in/yaml/v3 v3.0.4 // indirect
golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93 // indirect
golang.org/x/mod v0.31.0 // indirect
golang.org/x/net v0.48.0 // indirect
golang.org/x/sync v0.19.0 // indirect
golang.org/x/sys v0.39.0 // indirect
golang.org/x/text v0.32.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5 // indirect
google.golang.org/grpc v1.75.0 // indirect
golang.org/x/exp v0.0.0-20260508232706-74f9aab9d74a // indirect
golang.org/x/mod v0.36.0 // indirect
golang.org/x/net v0.54.0 // indirect
golang.org/x/sync v0.20.0 // indirect
golang.org/x/sys v0.44.0 // indirect
golang.org/x/text v0.37.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20260519071638-aa98bba5eb94 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260519071638-aa98bba5eb94 // indirect
google.golang.org/grpc v1.81.1 // indirect
google.golang.org/protobuf v1.36.11 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
modernc.org/libc v1.67.4 // indirect
modernc.org/libc v1.72.3 // indirect
modernc.org/mathutil v1.7.1 // indirect
modernc.org/memory v1.11.0 // indirect
modernc.org/sqlite v1.42.2 // indirect
modernc.org/sqlite v1.50.1 // indirect
)
replace github.com/uptrace/bun => github.com/warkanum/bun v1.2.17

127
go.sum
View File

@@ -7,27 +7,33 @@ github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.1/go.mod h1:bjGvMhVMb+EEm3VRNQ
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1/go.mod h1:a6xsAQUZg+VsS3TJ05SRp524Hs4pZ/AeFSr5ENf0Yjo=
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U=
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM=
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.1 h1:jHb/wfvRikGdxMXYV3QG/SzUOPYN9KEUUuC0Yd0/vC0=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.1/go.mod h1:uE9zaUfEQT/nbQjVi2IblCG9iaLtZsuYZ8ne+PuQ02M=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0/go.mod h1:9kIvujWAA58nmPmWB1m23fyWic1kYZMxD9CxaWn4Qpg=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.1 h1:Hk5QBxZQC1jb2Fwj6mpzme37xbCDdNTxU7O9eb5+LB4=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0/go.mod h1:4OG6tQ9EOP/MT0NMjDlRzWoVFxfu9rN9B2X+tlSVktg=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.12.0 h1:fhqpLE3UEXi9lPaBRpQ6XuRW0nU7hgg4zlmZZa+a9q4=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1/go.mod h1:GpPjLhVR9dnUoJMyHWSPy71xY9/lcmpzIPZXmF0FCVY=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.1 h1:Wgf5rZba3YZqeTNJPtvqZoBu1sBN/L4sry+u2U3Y75w=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.1/go.mod h1:xxCBG/f/4Vbmh2XQJBsOmNdxWUY5j/s27jujKPbQf14=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.4.0 h1:E4MgwLBGeVB5f2MdcIVD3ELVAWpr+WD6MUe1i+tM/PA=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0/go.mod h1:bTSOgj05NGRuHHhQwAdPnYr9TOdNmKlZTgGLL6nyAdI=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 h1:bFWuoEKg+gImo7pvkiQEFAc8ocibADgXeiLAxWhWmkI=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1/go.mod h1:Vih/3yc6yac2JzU4hzpaDupBJP0Flaia9rXXrU8xyww=
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 h1:nCYfgcSyHZXJI8J0IWE5MsCGlb2xp9fJiXyxWgmOFg4=
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJe7PpYPXT5A29ZkwJaPqcva7BVeemZOZs=
github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0 h1:XRzhVemXdgvJqCH0sFfrBUTnUJSBrBf7++ypk+twtRs=
github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU=
github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU=
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
@@ -36,6 +42,8 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/bradfitz/gomemcache v0.0.0-20250403215159-8d39553ac7cf h1:TqhNAT4zKbTdLa62d2HDBFdvgSbIGB3eJE8HqhgiL9I=
github.com/bradfitz/gomemcache v0.0.0-20250403215159-8d39553ac7cf/go.mod h1:r5xuitiExdLAJ09PR7vBVENGvp4ZuTBeWTGtxuX3K+c=
github.com/bradfitz/gomemcache v0.0.0-20260422231931-4d751bb6e37c h1:6Gpm9YYUEQx2T9zMsYolQhr6sjwwGtFitSA0pQsa7a8=
github.com/bradfitz/gomemcache v0.0.0-20260422231931-4d751bb6e37c/go.mod h1:r5xuitiExdLAJ09PR7vBVENGvp4ZuTBeWTGtxuX3K+c=
github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
@@ -62,6 +70,8 @@ github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
@@ -86,8 +96,12 @@ github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHk
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
github.com/fsnotify/fsnotify v1.10.1 h1:b0/UzAf9yR5rhf3RPm9gf3ehBPpf0oZKIjtpKrx59Ho=
github.com/fsnotify/fsnotify v1.10.1/go.mod h1:TLheqan6HD6GBK6PrDWyDPBaEV8LspOxvPSjC+bVfgo=
github.com/getsentry/sentry-go v0.40.0 h1:VTJMN9zbTvqDqPwheRVLcp0qcUcM+8eFivvGocAaSbo=
github.com/getsentry/sentry-go v0.40.0/go.mod h1:eRXCoh3uvmjQLY6qu63BjUZnaBu5L5WhMV1RwYO8W5s=
github.com/getsentry/sentry-go v0.46.2 h1:1jhYwrKGa3sIpo/y5iDNXS5wDoT7I1KNzMHrnK6ojns=
github.com/getsentry/sentry-go v0.46.2/go.mod h1:evVbw2qotNUdYG8KxXbAdjOQWWvWIwKxpjdZZIvcIPw=
github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ=
github.com/glebarez/go-sqlite v1.22.0/go.mod h1:PlBIdHe0+aUEFn+r2/uthrWq4FxbzugL0L8Li6yQJbc=
github.com/glebarez/sqlite v1.11.0 h1:wSG0irqzP6VurnMEpFGer5Li19RpIRi2qvQz++w0GMw=
@@ -103,11 +117,14 @@ github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs=
github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
github.com/go-viper/mapstructure/v2 v2.5.0 h1:vM5IJoUAy3d7zRSVtIwQgBj7BiWtMPfmPEgAXnvj1Ro=
github.com/go-viper/mapstructure/v2 v2.5.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
github.com/golang-jwt/jwt/v5 v5.3.1 h1:kYf81DTWFe7t+1VvL7eS+jKFVWaUnK9cB1qbwn63YCY=
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0ktxqI+Sida1w446QrXBRJ0nee3SNZlA=
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A=
@@ -122,6 +139,8 @@ github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/jsonschema-go v0.4.2 h1:tmrUohrwoLZZS/P3x7ex0WAVknEkBZM46iALbcqoRA8=
github.com/google/jsonschema-go v0.4.2/go.mod h1:r5quNTdLOYEz95Ru18zA0ydNbBuYoo9tgaYcxEYhJVE=
github.com/google/jsonschema-go v0.4.3 h1:/DBOLZTfDow7pe2GmaJNhltueGTtDKICi8V8p+DQPd0=
github.com/google/jsonschema-go v0.4.3/go.mod h1:r5quNTdLOYEz95Ru18zA0ydNbBuYoo9tgaYcxEYhJVE=
github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e h1:ijClszYn+mADRFY17kjQEVQ1XRhq2/JR1M3sGqeJoxs=
github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -135,6 +154,8 @@ github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aN
github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 h1:8Tjv8EJ+pM1xP8mK6egEbD1OgnVTyacbefKhmbLhIhU=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2/go.mod h1:pkJQ2tZHJ0aFOVEEot6oZmaVEZcRme73eIFmhiVuRWs=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0 h1:5VipnvEpbqr2gA2VbM+nYVbkIF28c5ZQfqCBQ5g2xfk=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0/go.mod h1:Hyl3n6Twe1hvtd9XUXDec4pTvgMSEixRuQKPTMH2bNs=
github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
@@ -145,6 +166,8 @@ github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7Ulw
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
github.com/jackc/pgx/v5 v5.8.0 h1:TYPDoleBBme0xGSAX3/+NujXXtpZn9HBONkQC7IEZSo=
github.com/jackc/pgx/v5 v5.8.0/go.mod h1:QVeDInX2m9VyzvNeiCJVjCkNFqzsNb43204HshNSZKw=
github.com/jackc/pgx/v5 v5.9.2 h1:3ZhOzMWnR4yJ+RW1XImIPsD1aNSz4T4fyP7zlQb56hw=
github.com/jackc/pgx/v5 v5.9.2/go.mod h1:mal1tBGAFfLHvZzaYh77YS/eC6IX9OWbRV1QIIM0Jn4=
github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs=
@@ -162,6 +185,8 @@ github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/
github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE=
github.com/klauspost/compress v1.18.2 h1:iiPHWW0YrcFgpBYhsA6D1+fqHssJscY/Tm/y2Uqnapk=
github.com/klauspost/compress v1.18.2/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
github.com/klauspost/compress v1.18.6 h1:2jupLlAwFm95+YDR+NwD2MEfFO9d4z4Prjl1XXDjuao=
github.com/klauspost/compress v1.18.6/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
@@ -177,13 +202,21 @@ github.com/magiconair/properties v1.8.10 h1:s31yESBquKXCV9a/ScB3ESkOjUYYv+X0rg8S
github.com/magiconair/properties v1.8.10/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
github.com/mark3labs/mcp-go v0.46.0 h1:8KRibF4wcKejbLsHxCA/QBVUr5fQ9nwz/n8lGqmaALo=
github.com/mark3labs/mcp-go v0.46.0/go.mod h1:JKTC7R2LLVagkEWK7Kwu7DbmA6iIvnNAod6yrHiQMag=
github.com/mark3labs/mcp-go v0.54.0 h1:PZhQvd+5xrT43cUoiaKn/hDcvLUhcLc1twSEKYPTcTA=
github.com/mark3labs/mcp-go v0.54.0/go.mod h1:+8WclSK1ZUweCP3hvktSji8n8ABG/95QaEkeVE/Uwas=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mattn/go-isatty v0.0.22 h1:j8l17JJ9i6VGPUFUYoTUKPSgKe/83EYU2zBC7YNKMw4=
github.com/mattn/go-isatty v0.0.22/go.mod h1:ZXfXG4SQHsB/w3ZeOYbR0PrPwLy+n6xiMrJlRFqopa4=
github.com/mattn/go-sqlite3 v1.14.33 h1:A5blZ5ulQo2AtayQ9/limgHEkFreKj1Dv226a1K73s0=
github.com/mattn/go-sqlite3 v1.14.33/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/mattn/go-sqlite3 v1.14.44 h1:3VSe+xafpbzsLbdr2AWlAZk9yRHiBhTBakioXaCKTF8=
github.com/mattn/go-sqlite3 v1.14.44/go.mod h1:pjEuOr8IwzLJP2MfGeTb0A35jauH+C2kbHKBr7yXKVQ=
github.com/microsoft/go-mssqldb v1.8.2/go.mod h1:vp38dT33FGfVotRiTmDo3bFyaHq+p3LektQrjTULowo=
github.com/microsoft/go-mssqldb v1.9.5 h1:orwya0X/5bsL1o+KasupTkk2eNTNFkTQG0BEe/HxCn0=
github.com/microsoft/go-mssqldb v1.9.5/go.mod h1:VCP2a0KEZZtGLRHd1PsLavLFYy/3xX2yJUPycv3Sr2Q=
github.com/microsoft/go-mssqldb v1.10.0 h1:pHEt+Qz6YFPWqREq10mqSE524QQo+/QremwTCQht7TY=
github.com/microsoft/go-mssqldb v1.10.0/go.mod h1:mnG7lGa9iYJbzJqGCXyuQCegStKMr3kogDLD6+bmggg=
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ=
@@ -206,14 +239,20 @@ github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3P
github.com/montanaflynn/stats v0.7.0/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
github.com/montanaflynn/stats v0.7.1 h1:etflOAAHORrCC44V+aR6Ftzort912ZU+YLiSTuV8eaE=
github.com/montanaflynn/stats v0.7.1/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
github.com/montanaflynn/stats v0.9.0 h1:tsBJ0RXwph9BmAuFoCmqGv6e8xa0MENQ8m0ptKq29mQ=
github.com/montanaflynn/stats v0.9.0/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/nats-io/nats.go v1.48.0 h1:pSFyXApG+yWU/TgbKCjmm5K4wrHu86231/w84qRVR+U=
github.com/nats-io/nats.go v1.48.0/go.mod h1:iRWIPokVIFbVijxuMQq4y9ttaBTMe0SFdlZfMDd+33g=
github.com/nats-io/nats.go v1.52.0 h1:n3avV4VBsCgsdwh71TppsTwtv+QdPs7ntSKM8qJLGsc=
github.com/nats-io/nats.go v1.52.0/go.mod h1:26HypzazeOkyO3/mqd1zZd53STJN0EjCYF9Uy2ZOBno=
github.com/nats-io/nkeys v0.4.11 h1:q44qGV008kYd9W1b1nEBkNzvnWxtRSQ7A8BoqRrcfa0=
github.com/nats-io/nkeys v0.4.11/go.mod h1:szDimtgmfOi9n25JpfIdGw12tZFYXqhGxjhVxsatHVE=
github.com/nats-io/nkeys v0.4.15 h1:JACV5jRVO9V856KOapQ7x+EY8Jo3qw1vJt/9Jpwzkk4=
github.com/nats-io/nkeys v0.4.15/go.mod h1:CpMchTXC9fxA5zrMo4KpySxNjiDVvr8ANOSZdiNfUrs=
github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
github.com/ncruces/go-strftime v1.0.0 h1:HMFp8mLCTPp341M/ZnA4qaf7ZlsbTc+miZjCLOFAw7w=
@@ -224,6 +263,8 @@ github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJw
github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
github.com/pelletier/go-toml/v2 v2.3.1 h1:MYEvvGnQjeNkRF1qUuGolNtNExTDwct51yp7olPtrEc=
github.com/pelletier/go-toml/v2 v2.3.1/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
github.com/pingcap/errors v0.11.4 h1:lFuQV/oaUMGcD2tqt+01ROSmJs75VG1ToEOkZIZ4nE4=
github.com/pingcap/errors v0.11.4/go.mod h1:Oi8TUi2kEtXXLMJk9l1cGmz20kV3TaQ0usTwv5KuLY8=
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
@@ -242,22 +283,33 @@ github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNw
github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
github.com/prometheus/common v0.67.4 h1:yR3NqWO1/UyO1w2PhUvXlGQs/PtFmoveVO0KZ4+Lvsc=
github.com/prometheus/common v0.67.4/go.mod h1:gP0fq6YjjNCLssJCQp0yk4M8W6ikLURwkdd/YKtTbyI=
github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4=
github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw=
github.com/prometheus/procfs v0.19.2 h1:zUMhqEW66Ex7OXIiDkll3tl9a1ZdilUOd/F6ZXw4Vws=
github.com/prometheus/procfs v0.19.2/go.mod h1:M0aotyiemPhBCM0z5w87kL22CxfcH05ZpYlu+b4J7mw=
github.com/prometheus/procfs v0.20.1 h1:XwbrGOIplXW/AU3YhIhLODXMJYyC1isLFfYCsTEycfc=
github.com/prometheus/procfs v0.20.1/go.mod h1:o9EMBZGRyvDrSPH1RqdxhojkuXstoe4UlK79eF5TGGo=
github.com/puzpuzpuz/xsync/v3 v3.5.1 h1:GJYJZwO6IdxN/IKbneznS6yPkVC+c3zyY/j19c++5Fg=
github.com/puzpuzpuz/xsync/v3 v3.5.1/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
github.com/redis/go-redis/v9 v9.17.2 h1:P2EGsA4qVIM3Pp+aPocCJ7DguDHhqrXNhVcEp4ViluI=
github.com/redis/go-redis/v9 v9.17.2/go.mod h1:u410H11HMLoB+TP67dz8rL9s6QW2j76l0//kSOd3370=
github.com/redis/go-redis/v9 v9.19.0 h1:XPVaaPSnG6RhYf7p+rmSa9zZfeVAnWsH5h3lxthOm/k=
github.com/redis/go-redis/v9 v9.19.0/go.mod h1:v/M13XI1PVCDcm01VtPFOADfZtHf8YW3baQf57KlIkA=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
github.com/rs/xid v1.4.0 h1:qd7wPTDkN6KQx2VmMBLrpHkiyQwgFXRnkOLacUiaSNY=
github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
github.com/rs/xid v1.6.0 h1:fV591PaemRlL6JfRxGDEPl69wICngIQ3shQtzfy2gxU=
github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0=
github.com/sagikazarmark/locafero v0.12.0 h1:/NQhBAkUb4+fH1jivKHWusDYFjMOOKU88eegjfxfHb4=
github.com/sagikazarmark/locafero v0.12.0/go.mod h1:sZh36u/YSZ918v0Io+U9ogLYQJ9tLLBmM4eneO6WwsI=
github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 h1:KRzFb2m7YtdldCEkzs6KqmJw4nqEVZGK7IN2kJkjTuQ=
github.com/santhosh-tekuri/jsonschema/v6 v6.0.2/go.mod h1:JXeL+ps8p7/KNMjDQk3TCwPpBy0wYklyWTfbkIzdIFU=
github.com/shirou/gopsutil/v4 v4.25.6 h1:kLysI2JsKorfaFPcYmcJqbzROzsBWEOAtw6A7dIfqXs=
github.com/shirou/gopsutil/v4 v4.25.6/go.mod h1:PfybzyydfZcN+JMMjkF6Zb8Mq1A/VcogFFg7hj50W9c=
github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k=
@@ -294,6 +346,8 @@ github.com/testcontainers/testcontainers-go v0.40.0/go.mod h1:FSXV5KQtX2HAMlm7U3
github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
github.com/tidwall/gjson v1.18.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tidwall/gjson v1.19.0 h1:xwxm7n691Uf3u5OFjzngavjGTh55KX5q/9w9xHW88JU=
github.com/tidwall/gjson v1.19.0/go.mod h1:V37/opeE/JbLUOfH0QTXiNez2l0RUjYUhpT4szFQAfc=
github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
github.com/tidwall/match v1.2.0 h1:0pt8FlkOwjN2fPt4bIl4BoNxb98gGHN2ObFEDkrfZnM=
github.com/tidwall/match v1.2.0/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
@@ -310,10 +364,22 @@ github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc h1:9lRDQMhESg+zvGYm
github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc/go.mod h1:bciPuU6GHm1iF1pBvUfxfsH0Wmnc2VbpgvbI9ZWuIRs=
github.com/uptrace/bun/dialect/mssqldialect v1.2.16 h1:rKv0cKPNBviXadB/+2Y/UedA/c1JnwGzUWZkdN5FdSQ=
github.com/uptrace/bun/dialect/mssqldialect v1.2.16/go.mod h1:J5U7tGKWDsx2Q7MwDZF2417jCdpD6yD/ZMFJcCR80bk=
github.com/uptrace/bun/dialect/mssqldialect v1.2.17 h1:xEUH4WamuY9rXT9d8wHVZanhmLJCrc4s4v7frDH/PMc=
github.com/uptrace/bun/dialect/mssqldialect v1.2.17/go.mod h1:i1NRx/5cz1nivwtV7FEb/gP3CIbRTj4AQC9/Q0lNVno=
github.com/uptrace/bun/dialect/mssqldialect v1.2.18 h1:nYzHoyJKJlIyl5i95Exi8ZTK8ooKWG+o3z3f404d/yQ=
github.com/uptrace/bun/dialect/mssqldialect v1.2.18/go.mod h1:Su45Je7z66sfeZ3d1ZsnOQEK8xfzGgaMzBvtoE8yFhk=
github.com/uptrace/bun/dialect/pgdialect v1.2.16 h1:KFNZ0LxAyczKNfK/IJWMyaleO6eI9/Z5tUv3DE1NVL4=
github.com/uptrace/bun/dialect/pgdialect v1.2.16/go.mod h1:IJdMeV4sLfh0LDUZl7TIxLI0LipF1vwTK3hBC7p5qLo=
github.com/uptrace/bun/dialect/pgdialect v1.2.17 h1:DFmhOollvbYHvooxoS8ZIbiGC0wXIzstKeFUmWs+TP4=
github.com/uptrace/bun/dialect/pgdialect v1.2.17/go.mod h1:ej8ZDsvLETvyELlRDfUtIoA57sWnATv1GhOEVsuVG/k=
github.com/uptrace/bun/dialect/pgdialect v1.2.18 h1:IZ6nM2+OYrL8lkEAy7UkSEZvoa3vluTAUlZfPtlRB2k=
github.com/uptrace/bun/dialect/pgdialect v1.2.18/go.mod h1:Tqdf4QP1okrGYpXfodXvCOK6Ob1OOTwSaoAzCgBB3IU=
github.com/uptrace/bun/dialect/sqlitedialect v1.2.16 h1:6wVAiYLj1pMibRthGwy4wDLa3D5AQo32Y8rvwPd8CQ0=
github.com/uptrace/bun/dialect/sqlitedialect v1.2.16/go.mod h1:Z7+5qK8CGZkDQiPMu+LSdVuDuR1I5jcwtkB1Pi3F82E=
github.com/uptrace/bun/dialect/sqlitedialect v1.2.17 h1:ZipEoNr+wQJQleGy2poKSSoaQDavzc+nXTDp3ZzkA0E=
github.com/uptrace/bun/dialect/sqlitedialect v1.2.17/go.mod h1:phXmrxxeYqUhMU09FgazbfNxq9LlArdqjZqHc1ILy9U=
github.com/uptrace/bun/dialect/sqlitedialect v1.2.18 h1:Z33SY/U++XK9uGWqS4h8OZVxfCXguIG+sU9cYq2PGFQ=
github.com/uptrace/bun/dialect/sqlitedialect v1.2.18/go.mod h1:1MVOS/Ncy4FZbkJcgUFH6OqYoQinYNjkEwsmNQEXz2A=
github.com/uptrace/bun/driver/sqliteshim v1.2.16 h1:M6Dh5kkDWFbUWBrOsIE1g1zdZ5JbSytTD4piFRBOUAI=
github.com/uptrace/bun/driver/sqliteshim v1.2.16/go.mod h1:iKdJ06P3XS+pwKcONjSIK07bbhksH3lWsw3mpfr0+bY=
github.com/uptrace/bunrouter v1.0.23 h1:Bi7NKw3uCQkcA/GUCtDNPq5LE5UdR9pe+UyWbjHB/wU=
@@ -339,36 +405,61 @@ github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo
github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
go.mongodb.org/mongo-driver v1.17.6 h1:87JUG1wZfWsr6rIz3ZmpH90rL5tea7O3IHuSwHUpsss=
go.mongodb.org/mongo-driver v1.17.6/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ=
go.mongodb.org/mongo-driver v1.17.9 h1:IexDdCuuNJ3BHrELgBlyaH9p60JXAvdzWR128q+U5tU=
go.mongodb.org/mongo-driver v1.17.9/go.mod h1:LlOhpH5NUEfhxcAwG0UEkMqwYcc4JU18gtCdGudk/tQ=
go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw=
go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8=
go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM=
go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I=
go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 h1:GqRJVj7UmLjCVyVJ3ZFLdPRmhDUp2zFmQe3RHIOsw24=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0/go.mod h1:ri3aaHSmCTVYu2AWv44YMauwAQc0aqI9gHKIcSbI1pU=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0 h1:88Y4s2C8oTui1LGM6bTWkw0ICGcOLCAI5l6zsD1j20k=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0/go.mod h1:Vl1/iaggsuRlrHf/hfPJPvVag77kKyvrLeD10kpMl+A=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 h1:lwI4Dc5leUqENgGuQImwLo4WnuXFPetmPpkLi2IrX54=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0/go.mod h1:Kz/oCE7z5wuyhPxsXDuaPteSWqjSBD5YaSdbxZYGbGk=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.43.0 h1:RAE+JPfvEmvy+0LzyUA25/SGawPwIUbZ6u0Wug54sLc=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.43.0/go.mod h1:AGmbycVGEsRx9mXMZ75CsOyhSP6MFIcj/6dnG+vhVjk=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0 h1:IeMeyr1aBvBiPVYihXIaeIZba6b8E1bYp7lbdxK8CQg=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0/go.mod h1:oVdCUtjq9MK9BlS7TtucsQwUcXcymNiEDjgDD2jMtZU=
go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA=
go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI=
go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM=
go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY=
go.opentelemetry.io/otel/sdk v1.38.0 h1:l48sr5YbNf2hpCUj/FoGhW9yDkl+Ma+LrVl8qaM5b+E=
go.opentelemetry.io/otel/sdk v1.38.0/go.mod h1:ghmNdGlVemJI3+ZB5iDEuk4bWA3GkTpW+DOoZMYBVVg=
go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg=
go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg=
go.opentelemetry.io/otel/sdk/metric v1.38.0 h1:aSH66iL0aZqo//xXzQLYozmWrXxyFkBJ6qT5wthqPoM=
go.opentelemetry.io/otel/sdk/metric v1.38.0/go.mod h1:dg9PBnW9XdQ1Hd6ZnRz689CbtrUp0wMMs9iPcgT9EZA=
go.opentelemetry.io/otel/sdk/metric v1.43.0 h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw=
go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE=
go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A=
go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0=
go.opentelemetry.io/proto/otlp v1.7.1 h1:gTOMpGDb0WTBOP8JaO72iL3auEZhVmAQg4ipjOVAtj4=
go.opentelemetry.io/proto/otlp v1.7.1/go.mod h1:b2rVh6rfI/s2pHWNlB7ILJcRALpcNDzKhACevjI+ZnE=
go.opentelemetry.io/proto/otlp v1.10.0 h1:IQRWgT5srOCYfiWnpqUYz9CVmbO8bFmKcwYxpuCSL2g=
go.opentelemetry.io/proto/otlp v1.10.0/go.mod h1:/CV4QoCR/S9yaPj8utp3lvQPoqMtxXdzn7ozvvozVqk=
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc=
go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
go.uber.org/zap v1.28.0 h1:IZzaP1Fv73/T/pBMLk4VutPl36uNC+OSUh3JLG3FIjo=
go.uber.org/zap v1.28.0/go.mod h1:rDLpOi171uODNm/mxFcuYWxDsqWSAVkFdX4XojSKg/Q=
go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
go.yaml.in/yaml/v2 v2.4.4 h1:tuyd0P+2Ont/d6e2rl3be67goVK4R6deVxCUX5vyPaQ=
go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ=
go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -385,8 +476,12 @@ golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v
golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
golang.org/x/crypto v0.51.0 h1:IBPXwPfKxY7cWQZ38ZCIRPI50YLeevDLlLnyC5wRGTI=
golang.org/x/crypto v0.51.0/go.mod h1:8AdwkbraGNABw2kOX6YFPs3WM22XqI4EXEd8g+x7Oc8=
golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93 h1:fQsdNF2N+/YewlRZiricy4P1iimyPKZ/xwniHj8Q2a0=
golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93/go.mod h1:EPRbTFwzwjXj9NpYyyrvenVh9Y+GFeEvMNh7Xuz7xgU=
golang.org/x/exp v0.0.0-20260508232706-74f9aab9d74a h1:+3jdDGGB8NGb1Zktc737jlt3/A5f6UlwSzmvqUuufxw=
golang.org/x/exp v0.0.0-20260508232706-74f9aab9d74a/go.mod h1:d2fgXJLVs4dYDHUk5lwMIfzRzSrWCfGZb0ZqeLa/Vcw=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
@@ -395,6 +490,8 @@ golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
golang.org/x/mod v0.36.0 h1:JJjpVx6myfUsUdAzZuOSTTmRE0PfZeNWzzvKrP7amb4=
golang.org/x/mod v0.36.0/go.mod h1:moc6ELqsWcOw5Ef3xVprK5ul/MvtVvkIXLziUOICjUQ=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
@@ -414,8 +511,12 @@ golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
golang.org/x/net v0.54.0 h1:2zJIZAxAHV/OHCDTCOHAYehQzLfSXuf/5SoL/Dv6w/w=
golang.org/x/net v0.54.0/go.mod h1:Sj4oj8jK6XmHpBZU/zWHw3BV3abl4Kvi+Ut7cQcY+cQ=
golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw=
golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs=
golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -425,6 +526,8 @@ golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -450,6 +553,8 @@ golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/sys v0.44.0 h1:ildZl3J4uzeKP07r2F++Op7E9B29JRUy+a27EibtBTQ=
golang.org/x/sys v0.44.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -467,6 +572,7 @@ golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0=
golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
golang.org/x/term v0.43.0 h1:S4RLU2sB31O/NCl+zFN9Aru9A/Cq2aqKpTZJ6B+DwT4=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
@@ -483,8 +589,12 @@ golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
golang.org/x/text v0.37.0 h1:Cqjiwd9eSg8e0QAkyCaQTNHFIIzWtidPahFWR83rTrc=
golang.org/x/text v0.37.0/go.mod h1:a5sjxXGs9hsn/AJVwuElvCAo9v8QYLzvavO5z2PiM38=
golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI=
golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4=
golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U=
golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
@@ -493,16 +603,24 @@ golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
golang.org/x/tools v0.45.0 h1:18qN3FAooORvApf5XjCXgsuayZOEtXf6JK18I3+ONa8=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4=
google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 h1:BIRfGDEjiHRrk0QKZe3Xv2ieMhtgRGeLcZQ0mIVn4EY=
google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5/go.mod h1:j3QtIyytwqGr1JUDtYXwtMXWPKsEa5LtzIFN1Wn5WvE=
google.golang.org/genproto/googleapis/api v0.0.0-20260519071638-aa98bba5eb94 h1:DddG61lE5LkX6144z22i0gma9BMBs5aZ9B8lZLobxyw=
google.golang.org/genproto/googleapis/api v0.0.0-20260519071638-aa98bba5eb94/go.mod h1:1dCETSCY2YKZNXQE3h4fun3TYwF5p8jejRKZgfWAgAY=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5 h1:eaY8u2EuxbRv7c3NiGK0/NedzVsCcV6hDuU5qPX5EGE=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5/go.mod h1:M4/wBTSeyLxupu3W3tJtOgB14jILAS/XWPSSa3TAlJc=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260519071638-aa98bba5eb94 h1:eZCjr/aAF8c5ccm5pb6T4EXgIei5MlAAPWPJk+5ArfY=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260519071638-aa98bba5eb94/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
google.golang.org/grpc v1.75.0 h1:+TW+dqTd2Biwe6KKfhE5JpiYIBWq865PhKGSXiivqt4=
google.golang.org/grpc v1.75.0/go.mod h1:JtPAzKiq4v1xcAB2hydNlWI2RnF85XXcV0mhKXr2ecQ=
google.golang.org/grpc v1.81.1 h1:VnnIIZ88UzOOKLukQi+ImGz8O1Wdp8nAGGnvOfEIWQQ=
google.golang.org/grpc v1.81.1/go.mod h1:xGH9GfzOyMTGIOXBJmXt+BX/V0kcdQbdcuwQ/zNw42I=
google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -528,28 +646,37 @@ gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA=
modernc.org/cc/v4 v4.27.1 h1:9W30zRlYrefrDV2JE2O8VDtJ1yPGownxciz5rrbQZis=
modernc.org/cc/v4 v4.27.1/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
modernc.org/cc/v4 v4.28.2 h1:3tQ0lf2ADtoby2EtSP+J7IE2SHwEJdP8ioR59wx7XpY=
modernc.org/ccgo/v4 v4.30.1 h1:4r4U1J6Fhj98NKfSjnPUN7Ze2c6MnAdL0hWw6+LrJpc=
modernc.org/ccgo/v4 v4.30.1/go.mod h1:bIOeI1JL54Utlxn+LwrFyjCx2n2RDiYEaJVSrgdrRfM=
modernc.org/ccgo/v4 v4.34.0 h1:yRLPFZieg532OT4rp4JFNIVcquwalMX26G95WQDqwCQ=
modernc.org/fileutil v1.3.40 h1:ZGMswMNc9JOCrcrakF1HrvmergNLAmxOPjizirpfqBA=
modernc.org/fileutil v1.3.40/go.mod h1:HxmghZSZVAz/LXcMNwZPA/DRrQZEVP9VX0V4LQGQFOc=
modernc.org/fileutil v1.4.0 h1:j6ZzNTftVS054gi281TyLjHPp6CPHr2KCxEXjEbD6SM=
modernc.org/gc/v2 v2.6.5 h1:nyqdV8q46KvTpZlsw66kWqwXRHdjIlJOhG6kxiV/9xI=
modernc.org/gc/v2 v2.6.5/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
modernc.org/gc/v3 v3.1.1 h1:k8T3gkXWY9sEiytKhcgyiZ2L0DTyCQ/nvX+LoCljoRE=
modernc.org/gc/v3 v3.1.1/go.mod h1:HFK/6AGESC7Ex+EZJhJ2Gni6cTaYpSMmU/cT9RmlfYY=
modernc.org/gc/v3 v3.1.2 h1:ZtDCnhonXSZexk/AYsegNRV1lJGgaNZJuKjJSWKyEqo=
modernc.org/goabi0 v0.2.0 h1:HvEowk7LxcPd0eq6mVOAEMai46V+i7Jrj13t4AzuNks=
modernc.org/goabi0 v0.2.0/go.mod h1:CEFRnnJhKvWT1c1JTI3Avm+tgOWbkOu5oPA8eH8LnMI=
modernc.org/libc v1.67.4 h1:zZGmCMUVPORtKv95c2ReQN5VDjvkoRm9GWPTEPuvlWg=
modernc.org/libc v1.67.4/go.mod h1:QvvnnJ5P7aitu0ReNpVIEyesuhmDLQ8kaEoyMjIFZJA=
modernc.org/libc v1.72.3 h1:ZnDF4tXn4NBXFutMMQC4vtbTFSXhhKzR73fv0beZEAU=
modernc.org/libc v1.72.3/go.mod h1:dn0dZNnnn1clLyvRxLxYExxiKRZIRENOfqQ8XEeg4Qs=
modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=
modernc.org/memory v1.11.0/go.mod h1:/JP4VbVC+K5sU2wZi9bHoq2MAkCnrt2r98UGeSK7Mjw=
modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8=
modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns=
modernc.org/opt v0.2.0 h1:tGyef5ApycA7FSEOMraay9SaTk5zmbx7Tu+cJs4QKZg=
modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w=
modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE=
modernc.org/sqlite v1.42.2 h1:7hkZUNJvJFN2PgfUdjni9Kbvd4ef4mNLOu0B9FGxM74=
modernc.org/sqlite v1.42.2/go.mod h1:+VkC6v3pLOAE0A0uVucQEcbVW0I5nHCeDaBf+DpsQT8=
modernc.org/sqlite v1.50.1 h1:l+cQvn0sd0zJJtfygGHuQJ5AjlrwXmWPw4KP3ZMwr9w=
modernc.org/sqlite v1.50.1/go.mod h1:tcNzv5p84E0skkmJn038y+hWJbLQXQqEnQfeh5r2JLM=
modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0=
modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A=
modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=

129
pkg/common/adapters/database/bun.go
View File

@@ -289,19 +289,20 @@ func (b *BunAdapter) DriverName() string {
// BunSelectQuery implements SelectQuery for Bun
type BunSelectQuery struct {
query *bun.SelectQuery
db bun.IDB // Store DB connection for count queries
hasModel bool // Track if Model() was called
schema string // Separated schema name
tableName string // Just the table name, without schema
entity string
tableAlias string
driverName string // Database driver name (postgres, sqlite, mssql)
inJoinContext bool // Track if we're in a JOIN relation context
joinTableAlias string // Alias to use for JOIN conditions
skipAutoDetect bool // Skip auto-detection to prevent circular calls
customPreloads map[string][]func(common.SelectQuery) common.SelectQuery // Relations to load with custom implementation
metricsEnabled bool
query *bun.SelectQuery
db bun.IDB // Store DB connection for count queries
hasModel bool // Track if Model() was called
schema string // Separated schema name
tableName string // Just the table name, without schema
entity string
tableAlias string
driverName string // Database driver name (postgres, sqlite, mssql)
inJoinContext bool // Track if we're in a JOIN relation context
joinTableAlias string // Alias to use for JOIN conditions
skipAutoDetect bool // Skip auto-detection to prevent circular calls
preloadRelationAlias string // Relation alias used in separate-query preloads (e.g. "tprp" for relation "TPRP")
customPreloads map[string][]func(common.SelectQuery) common.SelectQuery // Relations to load with custom implementation
metricsEnabled bool
}
func (b *BunSelectQuery) Model(model interface{}) common.SelectQuery {
@@ -346,12 +347,14 @@ func (b *BunSelectQuery) ColumnExpr(query string, args ...interface{}) common.Se
}
func (b *BunSelectQuery) Where(query string, args ...interface{}) common.SelectQuery {
// If we're in a JOIN context, add table prefix to unqualified columns
if b.inJoinContext && b.joinTableAlias != "" {
query = addTablePrefix(query, b.joinTableAlias)
} else if b.preloadRelationAlias != "" && b.tableName != "" {
// Separate-query preload: the caller may have written conditions using the
// relation name as a prefix (e.g. "TPRP.col"). Bun uses the real table name
// as the alias, so rewrite any such references to use tableName instead.
query = replaceRelationAlias(query, b.preloadRelationAlias, b.tableName)
} else if b.tableAlias != "" && b.tableName != "" {
// If we have a table alias defined, check if the query references a different alias
// This can happen in preloads where the user expects a certain alias but Bun generates another
query = normalizeTableAlias(query, b.tableAlias, b.tableName)
}
b.query = b.query.Where(query, args...)
@@ -487,6 +490,38 @@ func normalizeTableAlias(query, expectedAlias, tableName string) string {
return modified
}
// replaceRelationAlias rewrites WHERE conditions written with a relation alias prefix
// (e.g. "TPRP.col") to use the real table name that bun uses in separate queries
// (e.g. "t_proposalinstance.col"). Only called for separate-query preload wrappers.
func replaceRelationAlias(query, relationAlias, tableName string) string {
if relationAlias == "" || tableName == "" || query == "" {
return query
}
parts := strings.FieldsFunc(query, func(r rune) bool {
return r == ' ' || r == '(' || r == ')' || r == ','
})
modified := query
for _, part := range parts {
if dotIndex := strings.Index(part, "."); dotIndex > 0 {
prefix := part[:dotIndex]
column := part[dotIndex+1:]
if strings.EqualFold(prefix, relationAlias) {
logger.Debug("Replacing relation alias '%s' with table name '%s' in preload WHERE condition", prefix, tableName)
modified = strings.ReplaceAll(modified, part, tableName+"."+column)
}
}
}
return modified
}
func isJoinKeyword(word string) bool {
switch strings.ToUpper(word) {
case "JOIN", "INNER", "LEFT", "RIGHT", "FULL", "OUTER", "CROSS":
return true
}
return false
}
func (b *BunSelectQuery) WhereOr(query string, args ...interface{}) common.SelectQuery {
b.query = b.query.WhereOr(query, args...)
return b
@@ -517,7 +552,7 @@ func (b *BunSelectQuery) Join(query string, args ...interface{}) common.SelectQu
if prefix != "" && !strings.Contains(strings.ToUpper(query), " AS ") {
// If query doesn't already have AS, check if it's a simple table name
parts := strings.Fields(query)
if len(parts) > 0 && !strings.HasPrefix(strings.ToUpper(parts[0]), "JOIN") {
if len(parts) > 0 && !isJoinKeyword(parts[0]) {
// Simple table name, add prefix: "table AS prefix"
joinClause = fmt.Sprintf("%s AS %s", parts[0], prefix)
if len(parts) > 1 {
@@ -552,7 +587,7 @@ func (b *BunSelectQuery) LeftJoin(query string, args ...interface{}) common.Sele
joinClause := query
if prefix != "" && !strings.Contains(strings.ToUpper(query), " AS ") {
parts := strings.Fields(query)
if len(parts) > 0 && !strings.HasPrefix(strings.ToUpper(parts[0]), "LEFT") && !strings.HasPrefix(strings.ToUpper(parts[0]), "JOIN") {
if len(parts) > 0 && !isJoinKeyword(parts[0]) {
joinClause = fmt.Sprintf("%s AS %s", parts[0], prefix)
if len(parts) > 1 {
joinClause += " " + strings.Join(parts[1:], " ")
@@ -668,8 +703,20 @@ func (b *BunSelectQuery) PreloadRelation(relation string, apply ...func(common.S
wrapper.tableAlias = provider.TableAlias()
logger.Debug("Preload relation '%s' using table alias: %s", relation, wrapper.tableAlias)
}
}
// Fallback: if the model didn't provide a table name, ask bun directly.
if wrapper.tableName == "" {
wrapper.schema, wrapper.tableName = parseTableName(sq.GetTableName(), b.driverName)
}
// For separate-query preloads (has-many), bun aliases the related table using
// the actual table name, not the relation name. Record the relation alias so
// Where() can rewrite conditions like "TPRP.col" to "t_proposalinstance.col".
wrapper.preloadRelationAlias = strings.ToLower(relation)
logger.Debug("Preload relation '%s' registered alias '%s' for separate-query WHERE rewriting", relation, wrapper.preloadRelationAlias)
// Start with the interface value (not pointer)
current := common.SelectQuery(wrapper)
@@ -1268,6 +1315,7 @@ func (b *BunSelectQuery) Scan(ctx context.Context, dest interface{}) (err error)
if err != nil {
sqlStr := b.query.String()
logger.Error("BunSelectQuery.Scan failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
return err
}
@@ -1324,7 +1372,7 @@ func (b *BunSelectQuery) ScanModel(ctx context.Context) (err error) {
if err != nil {
sqlStr := b.query.String()
logger.Error("BunSelectQuery.ScanModel failed. SQL: %s. Error: %v", sqlStr, err)
return err
return common.WrapSQLError(err, sqlStr)
}
// After main query, load custom preloads using separate queries
@@ -1354,6 +1402,7 @@ func (b *BunSelectQuery) Count(ctx context.Context) (count int, err error) {
if err != nil {
sqlStr := b.query.String()
logger.Error("BunSelectQuery.Count failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
return
}
@@ -1367,6 +1416,7 @@ func (b *BunSelectQuery) Count(ctx context.Context) (count int, err error) {
if err != nil {
sqlStr := countQuery.String()
logger.Error("BunSelectQuery.Count (subquery) failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
return
}
@@ -1384,6 +1434,7 @@ func (b *BunSelectQuery) Exists(ctx context.Context) (exists bool, err error) {
if err != nil {
sqlStr := b.query.String()
logger.Error("BunSelectQuery.Exists failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
return
}
@@ -1443,6 +1494,18 @@ func (b *BunInsertQuery) Returning(columns ...string) common.InsertQuery {
return b
}
func (b *BunInsertQuery) prepareValues() {
if len(b.values) > 0 {
if !b.hasModel {
b.query = b.query.Model(&b.values)
} else {
for k, v := range b.values {
b.query = b.query.Value(k, "?", v)
}
}
}
}
func (b *BunInsertQuery) Exec(ctx context.Context) (res common.Result, err error) {
defer func() {
if r := recover(); r != nil {
@@ -1450,23 +1513,25 @@ func (b *BunInsertQuery) Exec(ctx context.Context) (res common.Result, err error
}
}()
startedAt := time.Now()
if len(b.values) > 0 {
if !b.hasModel {
// If no model was set, use the values map as the model
// Bun can insert map[string]interface{} directly
b.query = b.query.Model(&b.values)
} else {
// If model was set, use Value() to add individual values
for k, v := range b.values {
b.query = b.query.Value(k, "?", v)
}
}
}
b.prepareValues()
result, err := b.query.Exec(ctx)
recordQueryMetrics(b.metricsEnabled, "INSERT", b.schema, b.entity, b.tableName, startedAt, err)
return &BunResult{result: result}, err
}
func (b *BunInsertQuery) Scan(ctx context.Context, dest interface{}) (err error) {
defer func() {
if r := recover(); r != nil {
err = logger.HandlePanic("BunInsertQuery.Scan", r)
}
}()
startedAt := time.Now()
b.prepareValues()
err = b.query.Scan(ctx, dest)
recordQueryMetrics(b.metricsEnabled, "INSERT", b.schema, b.entity, b.tableName, startedAt, err)
return err
}
// BunUpdateQuery implements UpdateQuery for Bun
type BunUpdateQuery struct {
query *bun.UpdateQuery
@@ -1558,6 +1623,7 @@ func (b *BunUpdateQuery) Exec(ctx context.Context) (res common.Result, err error
// Log SQL string for debugging
sqlStr := b.query.String()
logger.Error("BunUpdateQuery.Exec failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(b.metricsEnabled, "UPDATE", b.schema, b.entity, b.tableName, startedAt, err)
return &BunResult{result: result}, err
@@ -1609,6 +1675,7 @@ func (b *BunDeleteQuery) Exec(ctx context.Context) (res common.Result, err error
// Log SQL string for debugging
sqlStr := b.query.String()
logger.Error("BunDeleteQuery.Exec failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(b.metricsEnabled, "DELETE", b.schema, b.entity, b.tableName, startedAt, err)
return &BunResult{result: result}, err

99
pkg/common/adapters/database/gorm.go
View File

@@ -3,11 +3,13 @@ package database
import (
"context"
"fmt"
"reflect"
"strings"
"sync"
"time"
"gorm.io/gorm"
"gorm.io/gorm/clause"
"github.com/bitechdev/ResolveSpec/pkg/common"
"github.com/bitechdev/ResolveSpec/pkg/logger"
@@ -581,6 +583,7 @@ func (g *GormSelectQuery) Scan(ctx context.Context, dest interface{}) (err error
return tx.Find(dest)
})
logger.Error("GormSelectQuery.Scan failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(g.metricsEnabled, "SELECT", g.schema, g.entity, g.tableName, startedAt, err)
return err
@@ -611,6 +614,7 @@ func (g *GormSelectQuery) ScanModel(ctx context.Context) (err error) {
return tx.Find(g.db.Statement.Model)
})
logger.Error("GormSelectQuery.ScanModel failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(g.metricsEnabled, "SELECT", g.schema, g.entity, g.tableName, startedAt, err)
return err
@@ -640,6 +644,7 @@ func (g *GormSelectQuery) Count(ctx context.Context) (count int, err error) {
return tx.Count(&count64)
})
logger.Error("GormSelectQuery.Count failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(g.metricsEnabled, "COUNT", g.schema, g.entity, g.tableName, startedAt, err)
return int(count64), err
@@ -669,6 +674,7 @@ func (g *GormSelectQuery) Exists(ctx context.Context) (exists bool, err error) {
return tx.Limit(1).Count(&count)
})
logger.Error("GormSelectQuery.Exists failed. SQL: %s. Error: %v", sqlStr, err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(g.metricsEnabled, "EXISTS", g.schema, g.entity, g.tableName, startedAt, err)
return count > 0, err
@@ -676,15 +682,16 @@ func (g *GormSelectQuery) Exists(ctx context.Context) (exists bool, err error) {
// GormInsertQuery implements InsertQuery for GORM
type GormInsertQuery struct {
db *gorm.DB
reconnect func(...*gorm.DB) error
model interface{}
values map[string]interface{}
schema string
tableName string
entity string
driverName string
metricsEnabled bool
db *gorm.DB
reconnect func(...*gorm.DB) error
model interface{}
values map[string]interface{}
schema string
tableName string
entity string
driverName string
metricsEnabled bool
returningColumns []string
}
func (g *GormInsertQuery) Model(model interface{}) common.InsertQuery {
@@ -718,7 +725,7 @@ func (g *GormInsertQuery) OnConflict(action string) common.InsertQuery {
}
func (g *GormInsertQuery) Returning(columns ...string) common.InsertQuery {
// GORM doesn't have explicit RETURNING, but updates the model
g.returningColumns = columns
return g
}
@@ -749,6 +756,76 @@ func (g *GormInsertQuery) Exec(ctx context.Context) (res common.Result, err erro
return &GormResult{result: result}, result.Error
}
func (g *GormInsertQuery) Scan(ctx context.Context, dest interface{}) (err error) {
defer func() {
if r := recover(); r != nil {
err = logger.HandlePanic("GormInsertQuery.Scan", r)
}
}()
startedAt := time.Now()
var returningCols []clause.Column
for _, col := range g.returningColumns {
returningCols = append(returningCols, clause.Column{Name: col})
}
db := g.db.WithContext(ctx)
if len(returningCols) > 0 {
db = db.Clauses(clause.Returning{Columns: returningCols})
}
var result *gorm.DB
switch {
case g.model != nil:
result = db.Create(g.model)
case g.values != nil:
result = db.Create(g.values)
default:
result = db.Create(map[string]interface{}{})
}
if isDBClosed(result.Error) && g.reconnect != nil {
if reconnErr := g.reconnect(g.db); reconnErr == nil {
result = db.Create(g.model)
}
}
recordQueryMetrics(g.metricsEnabled, "INSERT", g.schema, g.entity, g.tableName, startedAt, result.Error)
if result.Error != nil {
return result.Error
}
// Extract the returning column value from the model or values map
if len(g.returningColumns) == 1 {
col := g.returningColumns[0]
if g.model != nil {
val := reflect.ValueOf(g.model)
if val.Kind() == reflect.Ptr {
val = val.Elem()
}
if val.Kind() == reflect.Struct {
for i := 0; i < val.NumField(); i++ {
f := val.Type().Field(i)
dbTag := strings.Split(f.Tag.Get("bun"), ",")[0]
jsonTag := strings.Split(f.Tag.Get("json"), ",")[0]
if strings.EqualFold(f.Name, col) || dbTag == col || jsonTag == col {
reflect.ValueOf(dest).Elem().Set(val.Field(i))
return nil
}
}
}
}
if g.values != nil {
if v, ok := g.values[col]; ok {
reflect.ValueOf(dest).Elem().Set(reflect.ValueOf(v))
return nil
}
}
}
return nil
}
// GormUpdateQuery implements UpdateQuery for GORM
type GormUpdateQuery struct {
db *gorm.DB
@@ -858,6 +935,7 @@ func (g *GormUpdateQuery) Exec(ctx context.Context) (res common.Result, err erro
return tx.Updates(g.updates)
})
logger.Error("GormUpdateQuery.Exec failed. SQL: %s. Error: %v", sqlStr, result.Error)
return &GormResult{result: result}, common.WrapSQLError(result.Error, sqlStr)
}
recordQueryMetrics(g.metricsEnabled, "UPDATE", g.schema, g.entity, g.tableName, startedAt, result.Error)
return &GormResult{result: result}, result.Error
@@ -919,6 +997,7 @@ func (g *GormDeleteQuery) Exec(ctx context.Context) (res common.Result, err erro
return tx.Delete(g.model)
})
logger.Error("GormDeleteQuery.Exec failed. SQL: %s. Error: %v", sqlStr, result.Error)
return &GormResult{result: result}, common.WrapSQLError(result.Error, sqlStr)
}
recordQueryMetrics(g.metricsEnabled, "DELETE", g.schema, g.entity, g.tableName, startedAt, result.Error)
return &GormResult{result: result}, result.Error

80
pkg/common/adapters/database/pgsql.go
View File

@@ -138,7 +138,7 @@ func (p *PgSQLAdapter) Exec(ctx context.Context, query string, args ...interface
if err != nil {
logger.Error("PgSQL Exec failed: %v", err)
recordQueryMetrics(p.metricsEnabled, operation, schema, entity, table, startedAt, err)
return nil, err
return nil, common.WrapSQLError(err, query)
}
recordQueryMetrics(p.metricsEnabled, operation, schema, entity, table, startedAt, nil)
return &PgSQLResult{result: result}, nil
@@ -164,7 +164,7 @@ func (p *PgSQLAdapter) Query(ctx context.Context, dest interface{}, query string
if err != nil {
logger.Error("PgSQL Query failed: %v", err)
recordQueryMetrics(p.metricsEnabled, operation, schema, entity, table, startedAt, err)
return err
return common.WrapSQLError(err, query)
}
defer rows.Close()
@@ -511,7 +511,7 @@ func (p *PgSQLSelectQuery) Scan(ctx context.Context, dest interface{}) (err erro
if err != nil {
logger.Error("PgSQL SELECT failed: %v", err)
recordQueryMetrics(p.metricsEnabled, "SELECT", p.schema, p.entity, p.tableName, startedAt, err)
return err
return common.WrapSQLError(err, query)
}
defer rows.Close()
@@ -534,8 +534,8 @@ func (p *PgSQLSelectQuery) ScanModel(ctx context.Context) error {
return p.Scan(ctx, p.model)
}
// countInternal executes the COUNT query and returns the result without recording metrics.
func (p *PgSQLSelectQuery) countInternal(ctx context.Context) (int, error) {
// countInternal executes the COUNT query and returns the result and the SQL string without recording metrics.
func (p *PgSQLSelectQuery) countInternal(ctx context.Context) (rowCount int, querySQL string, retErr error) {
var sb strings.Builder
sb.WriteString("SELECT COUNT(*) FROM ")
sb.WriteString(p.tableName)
@@ -571,9 +571,9 @@ func (p *PgSQLSelectQuery) countInternal(ctx context.Context) (int, error) {
var count int
if err := row.Scan(&count); err != nil {
return 0, err
return 0, query, err
}
return count, nil
return count, query, nil
}
func (p *PgSQLSelectQuery) Count(ctx context.Context) (count int, err error) {
@@ -584,9 +584,11 @@ func (p *PgSQLSelectQuery) Count(ctx context.Context) (count int, err error) {
}
}()
startedAt := time.Now()
count, err = p.countInternal(ctx)
var sqlStr string
count, sqlStr, err = p.countInternal(ctx)
if err != nil {
logger.Error("PgSQL COUNT failed: %v", err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(p.metricsEnabled, "COUNT", p.schema, p.entity, p.tableName, startedAt, err)
return count, err
@@ -600,9 +602,11 @@ func (p *PgSQLSelectQuery) Exists(ctx context.Context) (exists bool, err error)
}
}()
startedAt := time.Now()
count, err := p.countInternal(ctx)
var sqlStr string
count, sqlStr, err := p.countInternal(ctx)
if err != nil {
logger.Error("PgSQL EXISTS failed: %v", err)
err = common.WrapSQLError(err, sqlStr)
}
recordQueryMetrics(p.metricsEnabled, "EXISTS", p.schema, p.entity, p.tableName, startedAt, err)
return count > 0, err
@@ -702,12 +706,60 @@ func (p *PgSQLInsertQuery) Exec(ctx context.Context) (res common.Result, err err
if err != nil {
logger.Error("PgSQL INSERT failed: %v", err)
return nil, err
return nil, common.WrapSQLError(err, query)
}
return &PgSQLResult{result: result}, nil
}
func (p *PgSQLInsertQuery) Scan(ctx context.Context, dest interface{}) (err error) {
startedAt := time.Now()
defer func() {
if r := recover(); r != nil {
err = logger.HandlePanic("PgSQLInsertQuery.Scan", r)
}
recordQueryMetrics(p.metricsEnabled, "INSERT", p.schema, p.entity, p.tableName, startedAt, err)
}()
if len(p.values) == 0 {
return fmt.Errorf("no values to insert")
}
columns := make([]string, 0, len(p.values))
placeholders := make([]string, 0, len(p.values))
args := make([]interface{}, 0, len(p.values))
i := 1
for _, col := range p.valueOrder {
columns = append(columns, col)
placeholders = append(placeholders, fmt.Sprintf("$%d", i))
args = append(args, p.values[col])
i++
}
query := fmt.Sprintf("INSERT INTO %s (%s) VALUES (%s)",
p.tableName,
strings.Join(columns, ", "),
strings.Join(placeholders, ", "))
if len(p.returning) > 0 {
query += " RETURNING " + strings.Join(p.returning, ", ")
}
logger.Debug("PgSQL INSERT (Scan): %s [args: %v]", query, args)
var row *sql.Row
if p.tx != nil {
row = p.tx.QueryRowContext(ctx, query, args...)
} else {
row = p.db.QueryRowContext(ctx, query, args...)
}
if err := row.Scan(dest); err != nil {
return common.WrapSQLError(err, query)
}
return nil
}
// PgSQLUpdateQuery implements UpdateQuery for PostgreSQL
type PgSQLUpdateQuery struct {
db *sql.DB
@@ -884,7 +936,7 @@ func (p *PgSQLUpdateQuery) Exec(ctx context.Context) (res common.Result, err err
if err != nil {
logger.Error("PgSQL UPDATE failed: %v", err)
return nil, err
return nil, common.WrapSQLError(err, query)
}
return &PgSQLResult{result: result}, nil
@@ -962,7 +1014,7 @@ func (p *PgSQLDeleteQuery) Exec(ctx context.Context) (res common.Result, err err
if err != nil {
logger.Error("PgSQL DELETE failed: %v", err)
return nil, err
return nil, common.WrapSQLError(err, query)
}
return &PgSQLResult{result: result}, nil
@@ -1043,7 +1095,7 @@ func (p *PgSQLTxAdapter) Exec(ctx context.Context, query string, args ...interfa
if err != nil {
logger.Error("PgSQL Tx Exec failed: %v", err)
recordQueryMetrics(p.metricsEnabled, operation, schema, entity, table, startedAt, err)
return nil, err
return nil, common.WrapSQLError(err, query)
}
recordQueryMetrics(p.metricsEnabled, operation, schema, entity, table, startedAt, nil)
return &PgSQLResult{result: result}, nil
@@ -1057,7 +1109,7 @@ func (p *PgSQLTxAdapter) Query(ctx context.Context, dest interface{}, query stri
if err != nil {
logger.Error("PgSQL Tx Query failed: %v", err)
recordQueryMetrics(p.metricsEnabled, operation, schema, entity, table, startedAt, err)
return err
return common.WrapSQLError(err, query)
}
defer rows.Close()

1
pkg/common/interfaces.go
View File

@@ -75,6 +75,7 @@ type InsertQuery interface {
// Execution
Exec(ctx context.Context) (Result, error)
Scan(ctx context.Context, dest interface{}) error
}
// UpdateQuery interface for building UPDATE queries

102
pkg/common/recursive_crud.go
View File

@@ -125,6 +125,13 @@ func (p *NestedCUDProcessor) ProcessNestedCUD(
result.AffectedRows = 1
result.Data = regularData
// Re-select the inserted row so result.Data reflects DB-generated defaults.
if row, err := p.processSelect(ctx, tableName, id); err != nil {
logger.Warn("Select after insert failed: table=%s, id=%v, error=%v", tableName, id, err)
} else if len(row) > 0 {
result.Data = row
}
// Process child relations after parent insert (to get parent ID)
if err := p.processChildRelations(ctx, "insert", id, relationFields, result.RelationData, modelType, parentIDs); err != nil {
logger.Error("Failed to process child relations after insert: table=%s, parentID=%v, relations=%+v, error=%v", tableName, id, relationFields, err)
@@ -134,8 +141,12 @@ func (p *NestedCUDProcessor) ProcessNestedCUD(
logger.Debug("Skipping insert for %s - no data columns besides _request", tableName)
}
case "update":
case "update", "change":
// Only perform update if we have data to update
if reflection.IsEmptyValue(data[pkName]) {
logger.Warn("Skipping update for %s - no primary key", tableName)
return result, nil
}
if hasData {
rows, err := p.processUpdate(ctx, regularData, tableName, data[pkName])
if err != nil {
@@ -146,9 +157,16 @@ func (p *NestedCUDProcessor) ProcessNestedCUD(
result.AffectedRows = rows
result.Data = regularData
// Re-select the updated row so result.Data reflects current DB state.
if row, err := p.processSelect(ctx, tableName, result.ID); err != nil {
logger.Warn("Select after update failed: table=%s, id=%v, error=%v", tableName, result.ID, err)
} else if len(row) > 0 {
result.Data = row
}
// Process child relations for update
if err := p.processChildRelations(ctx, "update", data[pkName], relationFields, result.RelationData, modelType, parentIDs); err != nil {
logger.Error("Failed to process child relations after update: table=%s, parentID=%v, relations=%+v, error=%v", tableName, data[pkName], relationFields, err)
logger.Error("Failed to process child relations after update: table=%s, parentID=%v, relations=%+v, error=%v", tableName, data[pkName], regularData, err)
return nil, fmt.Errorf("failed to process child relations: %w", err)
}
} else {
@@ -157,10 +175,15 @@ func (p *NestedCUDProcessor) ProcessNestedCUD(
}
case "delete":
if reflection.IsEmptyValue(data[pkName]) {
logger.Warn("Skipping delete for %s - no primary key", tableName)
return result, nil
}
// Process child relations first (for referential integrity)
if err := p.processChildRelations(ctx, "delete", data[pkName], relationFields, result.RelationData, modelType, parentIDs); err != nil {
logger.Error("Failed to process child relations before delete: table=%s, id=%v, relations=%+v, error=%v", tableName, data[pkName], relationFields, err)
return nil, fmt.Errorf("failed to process child relations before delete: %w", err)
return nil, fmt.Errorf("failed to process child relations: %w", err)
}
rows, err := p.processDelete(ctx, tableName, data[pkName])
@@ -234,27 +257,37 @@ func (p *NestedCUDProcessor) injectForeignKeys(data map[string]interface{}, mode
return
}
// Iterate through model fields to find foreign key fields
for i := 0; i < modelType.NumField(); i++ {
field := modelType.Field(i)
jsonTag := field.Tag.Get("json")
jsonName := strings.Split(jsonTag, ",")[0]
pkCol := reflection.GetPrimaryKeyName(reflect.New(modelType).Interface())
// Check if this field is a foreign key and we have a parent ID for it
// Common patterns: DepartmentID, ManagerID, ProjectID, etc.
for parentKey, parentID := range parentIDs {
// Match field name patterns like "department_id" with parent key "department"
if strings.EqualFold(jsonName, parentKey+"_id") ||
strings.EqualFold(jsonName, parentKey+"id") ||
strings.EqualFold(field.Name, parentKey+"ID") {
// Use the DB column name as the key, since data is keyed by DB column names
dbColName := reflection.GetColumnName(field)
if _, exists := data[dbColName]; !exists {
logger.Debug("Injecting foreign key: %s = %v", dbColName, parentID)
data[dbColName] = parentID
for parentKey, parentID := range parentIDs {
dbColNames := reflection.GetForeignKeyColumn(modelType, parentKey)
if len(dbColNames) == 0 {
// No explicit tag found — fall back to naming convention by scanning scalar fields.
for i := 0; i < modelType.NumField(); i++ {
field := modelType.Field(i)
jsonName := strings.Split(field.Tag.Get("json"), ",")[0]
if strings.EqualFold(jsonName, "rid"+parentKey) ||
strings.EqualFold(jsonName, "rid_"+parentKey) ||
strings.EqualFold(jsonName, "id_"+parentKey) ||
strings.EqualFold(jsonName, parentKey+"_id") ||
strings.EqualFold(jsonName, parentKey+"id") ||
strings.EqualFold(field.Name, parentKey+"ID") {
dbColNames = []string{reflection.GetColumnName(field)}
break
}
}
}
for _, dbColName := range dbColNames {
if pkCol != "" && strings.EqualFold(dbColName, pkCol) {
continue
}
if _, exists := data[dbColName]; !exists {
logger.Debug("Injecting foreign key: %s = %v", dbColName, parentID)
data[dbColName] = parentID
}
}
}
}
@@ -272,27 +305,32 @@ func (p *NestedCUDProcessor) processInsert(
query = query.Value(key, ConvertSliceForBun(value))
}
pkName := reflection.GetPrimaryKeyName(tableName)
// Add RETURNING clause to get the inserted ID
query = query.Returning(pkName)
result, err := query.Exec(ctx)
if err != nil {
var id interface{}
if err := query.Scan(ctx, &id); err != nil {
logger.Error("Insert execution failed: table=%s, data=%+v, error=%v", tableName, data, err)
return nil, fmt.Errorf("insert exec failed: %w", err)
}
// Try to get the ID
var id interface{}
if lastID, err := result.LastInsertId(); err == nil && lastID > 0 {
id = lastID
} else if data[pkName] != nil {
id = data[pkName]
}
logger.Debug("Insert successful, ID: %v, rows affected: %d", id, result.RowsAffected())
logger.Debug("Insert successful, ID: %v", id)
return id, nil
}
// processSelect fetches the row identified by id from tableName into a flat map.
// Used to populate result.Data with the actual DB state after insert/update.
func (p *NestedCUDProcessor) processSelect(ctx context.Context, tableName string, id interface{}) (map[string]interface{}, error) {
pkName := reflection.GetPrimaryKeyName(tableName)
var row map[string]interface{}
if err := p.db.NewSelect().
Table(tableName).
Where(fmt.Sprintf("%s = ?", QuoteIdent(pkName)), id).
Scan(ctx, &row); err != nil {
return nil, fmt.Errorf("select after write failed: %w", err)
}
return row, nil
}
// processUpdate handles update operation
func (p *NestedCUDProcessor) processUpdate(
ctx context.Context,

8
pkg/common/recursive_crud_test.go
View File

@@ -101,12 +101,18 @@ func (m *mockInsertQuery) Value(column string, value interface{}) InsertQuery {
func (m *mockInsertQuery) OnConflict(action string) InsertQuery { return m }
func (m *mockInsertQuery) Returning(columns ...string) InsertQuery { return m }
func (m *mockInsertQuery) Exec(ctx context.Context) (Result, error) {
// Record the insert call
m.db.insertCalls = append(m.db.insertCalls, m.values)
m.db.lastID++
return &mockResult{lastID: m.db.lastID, rowsAffected: 1}, nil
}
func (m *mockInsertQuery) Scan(ctx context.Context, dest interface{}) error {
m.db.insertCalls = append(m.db.insertCalls, m.values)
m.db.lastID++
reflect.ValueOf(dest).Elem().Set(reflect.ValueOf(m.db.lastID))
return nil
}
// Mock UpdateQuery
type mockUpdateQuery struct {
db *mockDatabase

46
pkg/common/sql_helpers.go
View File

@@ -59,6 +59,38 @@ func IsSQLExpression(cond string) bool {
return false
}
// reEmptyCompMid matches a simple column comparison with an empty RHS that is immediately
// followed by AND/OR (only whitespace between the operator and the next keyword).
// Removing the match leaves the preceding AND/OR connector intact.
// Example: "cond1 and col = \n and cond2" → "cond1 and cond2"
var reEmptyCompMid = regexp.MustCompile(`(?i)[\w.]+\s*(?:=|<>|!=|>=|<=|>|<)\s+(?:and|or)\s+`)
// reEmptyCompEnd matches AND/OR + a simple column comparison with an empty RHS at the end
// of the string (or sub-clause).
// Example: "cond1 and col = " → "cond1"
var reEmptyCompEnd = regexp.MustCompile(`(?i)\s+(?:and|or)\s+[\w.]+\s*(?:=|<>|!=|>=|<=|>|<)\s*$`)
// stripEmptyComparisonClauses removes comparison conditions that have no right-hand side
// value from a raw SQL string. Operates on the whole string so it also cleans up conditions
// inside subqueries, not just top-level AND splits.
func stripEmptyComparisonClauses(sql string) string {
sql = reEmptyCompMid.ReplaceAllLiteralString(sql, "")
sql = reEmptyCompEnd.ReplaceAllLiteralString(sql, "")
return sql
}
// hasEmptyRHS returns true when a condition ends with a comparison operator and has no
// right-hand side value — e.g., "col = ", "com.rid_parent = ", "col >= ".
func hasEmptyRHS(cond string) bool {
cond = strings.TrimSpace(cond)
for _, op := range []string{"<>", "!=", ">=", "<=", "=", ">", "<"} {
if strings.HasSuffix(cond, op) {
return true
}
}
return false
}
// IsTrivialCondition checks if a condition is trivial and always evaluates to true
// These conditions should be removed from WHERE clauses as they have no filtering effect
func IsTrivialCondition(cond string) bool {
@@ -147,6 +179,14 @@ func SanitizeWhereClause(where string, tableName string, options ...*RequestOpti
return ""
}
// Strip comparison conditions with empty RHS throughout the SQL string (including
// inside subqueries), before condition splitting.
where = stripEmptyComparisonClauses(where)
if where == "" {
return ""
}
where = strings.TrimSpace(where)
// Check if the original clause has outer parentheses and contains OR operators
// If so, we need to preserve the outer parentheses to prevent OR logic from escaping
hasOuterParens := false
@@ -212,6 +252,12 @@ func SanitizeWhereClause(where string, tableName string, options ...*RequestOpti
continue
}
// Skip conditions with no right-hand side value (e.g. "col = " with empty value)
if hasEmptyRHS(condToCheck) {
logger.Debug("Removing condition with empty value: '%s'", cond)
continue
}
// If tableName is provided and the condition HAS a table prefix, check if it's correct
if tableName != "" && hasTablePrefix(condToCheck) {
// Extract the current prefix and column name

24
pkg/common/sql_helpers_test.go
View File

@@ -134,6 +134,30 @@ func TestSanitizeWhereClause(t *testing.T) {
tableName: "apiprovider",
expected: "apiprovider.type in ('softphone') AND (apiprovider.rid_apiprovider in (select l.rid_apiprovider from core.apiproviderlink l where l.rid_hub = 2576))",
},
{
name: "empty RHS stripped mid-clause",
where: "com.tableprefix = 'tcli' and com.rid_parent = \n and com.status = 'Active'",
tableName: "",
expected: "com.tableprefix = 'tcli' AND com.status = 'Active'",
},
{
name: "empty RHS stripped at end of clause",
where: "com.tableprefix = 'tcli' and com.rid_parent =",
tableName: "",
expected: "com.tableprefix = 'tcli'",
},
{
name: "non-empty value not stripped",
where: "com.tableprefix = 'tcli' and com.rid_parent = 123 and com.status = 'Active'",
tableName: "",
expected: "com.tableprefix = 'tcli' AND com.rid_parent = 123 AND com.status = 'Active'",
},
{
name: "empty RHS inside subquery stripped",
where: "a = 1 and b in (select x from t where c.rid = \n and d = 2)",
tableName: "",
expected: "a = 1 AND b in (select x from t where d = 2)",
},
}
for _, tt := range tests {

19
pkg/common/types.go
View File

@@ -1,5 +1,23 @@
package common
// SQLError wraps a database error together with the SQL that caused it,
// so callers can surface the query in API error responses for easier debugging.
type SQLError struct {
Err error
SQL string
}
func (e *SQLError) Error() string { return e.Err.Error() }
func (e *SQLError) Unwrap() error { return e.Err }
// WrapSQLError wraps err with the given SQL. If err is nil it returns nil.
func WrapSQLError(err error, sql string) error {
if err == nil {
return nil
}
return &SQLError{Err: err, SQL: sql}
}
type RequestBody struct {
Operation string `json:"operation"`
Data interface{} `json:"data"`
@@ -104,6 +122,7 @@ type APIError struct {
Message string `json:"message"`
Details interface{} `json:"details,omitempty"`
Detail string `json:"detail,omitempty"`
SQL string `json:"sql,omitempty"`
}
type Column struct {

21
pkg/common/validation.go
View File

@@ -266,11 +266,24 @@ func (v *ColumnValidator) FilterRequestOptions(options RequestOptions) RequestOp
// Filter Preload columns
validPreloads := make([]PreloadOption, 0, len(options.Preload))
modelType := reflect.TypeOf(v.model)
if modelType != nil && modelType.Kind() == reflect.Ptr {
modelType = modelType.Elem()
}
for idx := range options.Preload {
preload := options.Preload[idx]
filteredPreload := preload
filteredPreload.Columns = v.FilterValidColumns(preload.Columns)
filteredPreload.OmitColumns = v.FilterValidColumns(preload.OmitColumns)
// Use the related model's validator for preload columns/filters/sorts
preloadValidator := v
if modelType != nil {
if relInfo := GetRelationshipInfo(modelType, preload.Relation); relInfo != nil && relInfo.RelatedModel != nil {
preloadValidator = NewColumnValidator(relInfo.RelatedModel)
}
}
filteredPreload.Columns = preloadValidator.FilterValidColumns(preload.Columns)
filteredPreload.OmitColumns = preloadValidator.FilterValidColumns(preload.OmitColumns)
// Preserve SqlJoins and JoinAliases for preloads with custom joins
filteredPreload.SqlJoins = preload.SqlJoins
@@ -279,7 +292,7 @@ func (v *ColumnValidator) FilterRequestOptions(options RequestOptions) RequestOp
// Filter preload filters
validPreloadFilters := make([]FilterOption, 0, len(preload.Filters))
for _, filter := range preload.Filters {
if v.IsValidColumn(filter.Column) {
if preloadValidator.IsValidColumn(filter.Column) {
validPreloadFilters = append(validPreloadFilters, filter)
} else {
// Check if the filter column references a joined table alias
@@ -302,7 +315,7 @@ func (v *ColumnValidator) FilterRequestOptions(options RequestOptions) RequestOp
// Filter preload sort columns
validPreloadSorts := make([]SortOption, 0, len(preload.Sort))
for _, sort := range preload.Sort {
if v.IsValidColumn(sort.Column) {
if preloadValidator.IsValidColumn(sort.Column) {
validPreloadSorts = append(validPreloadSorts, sort)
} else if strings.HasPrefix(sort.Column, "(") && strings.HasSuffix(sort.Column, ")") {
// Allow sort by expression/subquery, but validate for security

81
pkg/common/validation_test.go
View File

@@ -464,3 +464,84 @@ func TestFilterRequestOptions_WithSortExpressions(t *testing.T) {
t.Errorf("Expected third sort to be 'name', got '%s'", filtered.Sort[2].Column)
}
}
// RelatedModel is used by PreloadParentModel to test preload column validation.
type RelatedModel struct {
RelatedID int64 `bun:"related_id,pk"`
Functionname string `bun:"functionname"`
}
// PreloadParentModel has a has-one relation to RelatedModel. The json tag on
// the relation field is the name used in x-preload headers.
type PreloadParentModel struct {
ID int64 `bun:"id,pk"`
Name string `bun:"name"`
RELATED *RelatedModel `json:"RELATED" bun:"rel:has-one,join:id=related_id"`
}
// TestFilterRequestOptions_PreloadColumnsValidatedAgainstRelatedModel verifies
// that preload columns are validated against the related model's fields, not the
// parent model's fields. This is the fix for the bug where specifying a column
// that exists only on the relation (e.g. "functionname") was incorrectly filtered
// out because it doesn't exist on the parent model.
func TestFilterRequestOptions_PreloadColumnsValidatedAgainstRelatedModel(t *testing.T) {
validator := NewColumnValidator(PreloadParentModel{})
options := RequestOptions{
Preload: []PreloadOption{
{
Relation: "RELATED",
// "functionname" exists on RelatedModel but NOT on PreloadParentModel.
// "name" exists on PreloadParentModel but NOT on RelatedModel.
// "nonexistent" exists on neither.
Columns: []string{"functionname", "name", "nonexistent"},
},
},
}
filtered := validator.FilterRequestOptions(options)
if len(filtered.Preload) != 1 {
t.Fatalf("Expected 1 preload, got %d", len(filtered.Preload))
}
cols := filtered.Preload[0].Columns
// Only "functionname" should survive: it belongs to RelatedModel.
if len(cols) != 1 {
t.Errorf("Expected 1 preload column, got %d: %v", len(cols), cols)
}
if len(cols) > 0 && cols[0] != "functionname" {
t.Errorf("Expected preload column 'functionname', got '%s'", cols[0])
}
}
// TestFilterRequestOptions_PreloadColumnsParentModelFallback verifies that when
// a preload relation is not found on the parent model, column validation falls
// back to the parent model's validator (no panic, no silent pass-through).
func TestFilterRequestOptions_PreloadColumnsParentModelFallback(t *testing.T) {
validator := NewColumnValidator(PreloadParentModel{})
options := RequestOptions{
Preload: []PreloadOption{
{
Relation: "UNKNOWN_RELATION",
Columns: []string{"id", "functionname"},
},
},
}
filtered := validator.FilterRequestOptions(options)
if len(filtered.Preload) != 1 {
t.Fatalf("Expected 1 preload, got %d", len(filtered.Preload))
}
cols := filtered.Preload[0].Columns
// Falls back to parent model: only "id" is valid on PreloadParentModel.
if len(cols) != 1 {
t.Errorf("Expected 1 preload column (fallback to parent), got %d: %v", len(cols), cols)
}
if len(cols) > 0 && cols[0] != "id" {
t.Errorf("Expected preload column 'id', got '%s'", cols[0])
}
}

15
pkg/errortracking/sentry.go
View File

@@ -66,7 +66,7 @@ func (s *SentryProvider) CaptureError(ctx context.Context, err error, severity S
}
if extra != nil {
event.Extra = extra
event.Contexts["extra"] = sentry.Context(extra)
}
hub.CaptureEvent(event)
@@ -88,7 +88,7 @@ func (s *SentryProvider) CaptureMessage(ctx context.Context, message string, sev
event.Message = message
if extra != nil {
event.Extra = extra
event.Contexts["extra"] = sentry.Context(extra)
}
hub.CaptureEvent(event)
@@ -115,12 +115,15 @@ func (s *SentryProvider) CapturePanic(ctx context.Context, recovered interface{}
},
}
if extra != nil {
event.Extra = extra
extraCtx := sentry.Context{}
for k, v := range extra {
extraCtx[k] = v
}
if stackTrace != nil {
event.Extra["stack_trace"] = string(stackTrace)
extraCtx["stack_trace"] = string(stackTrace)
}
if len(extraCtx) > 0 {
event.Contexts["extra"] = extraCtx
}
hub.CaptureEvent(event)

61
pkg/funcspec/function_api.go
View File

@@ -3,6 +3,7 @@ package funcspec
import (
"context"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
@@ -168,9 +169,16 @@ func (h *Handler) SqlQueryList(sqlquery string, options SqlQueryOptions) HTTPFun
// Replace meta variables in SQL
sqlquery = h.replaceMetaVariables(sqlquery, r, userCtx, metainfo, variables)
// Remove unused input variables
if options.BlankParams {
for _, kw := range inputvars {
// Replace variables from provided values, then blank any remaining unused ones
for _, kw := range inputvars {
varName := kw[1 : len(kw)-1] // strip [ and ]
if val, ok := variables[varName]; ok {
if strVal := fmt.Sprintf("%v", val); strVal != "" {
sqlquery = strings.ReplaceAll(sqlquery, kw, ValidSQL(strVal, "colvalue"))
continue
}
}
if options.BlankParams {
replacement := getReplacementForBlankParam(sqlquery, kw)
sqlquery = strings.ReplaceAll(sqlquery, kw, replacement)
logger.Debug("Replaced unused variable %s with: %s", kw, replacement)
@@ -520,9 +528,16 @@ func (h *Handler) SqlQuery(sqlquery string, options SqlQueryOptions) HTTPFuncTyp
}
}
// Remove unused input variables
if options.BlankParams {
for _, kw := range inputvars {
// Replace variables from provided values, then blank any remaining unused ones
for _, kw := range inputvars {
varName := kw[1 : len(kw)-1] // strip [ and ]
if val, ok := variables[varName]; ok {
if strVal := fmt.Sprintf("%v", val); strVal != "" {
sqlquery = strings.ReplaceAll(sqlquery, kw, ValidSQL(strVal, "colvalue"))
continue
}
}
if options.BlankParams {
replacement := getReplacementForBlankParam(sqlquery, kw)
sqlquery = strings.ReplaceAll(sqlquery, kw, replacement)
logger.Debug("Replaced unused variable %s with: %s", kw, replacement)
@@ -715,8 +730,10 @@ func (h *Handler) mergeQueryParams(r *http.Request, sqlquery string, variables m
propQry[parmk] = val
}
// Apply filters if allowed
if allowFilter && len(parmk) > 1 && strings.Contains(strings.ToLower(sqlquery), strings.ToLower(parmk)) {
// Apply filters if allowed — check only the SELECT list to avoid matching function
// parameters in the FROM clause (e.g. [p_rid_doctype] in a set-returning function call)
// or names inside quoted string arguments.
if allowFilter && len(parmk) > 1 && strings.Contains(sqlSelectList(sqlStripStringLiterals(sqlquery)), strings.ToLower(parmk)) {
if len(parmv) > 1 {
// Sanitize each value in the IN clause with appropriate quoting
sanitizedValues := make([]string, len(parmv))
@@ -824,6 +841,26 @@ func (h *Handler) mergeHeaderParams(r *http.Request, sqlquery string, variables
return sqlquery
}
// sqlStripStringLiterals removes the contents of single-quoted string literals from SQL,
// leaving the structural identifiers (column names, table names) intact.
// Used to check column presence without matching inside string arguments.
func sqlStripStringLiterals(sql string) string {
re := regexp.MustCompile(`'(?:[^']|'')*'`)
return re.ReplaceAllString(sql, "''")
}
// sqlSelectList returns the column list portion of a SELECT query (between SELECT and FROM).
// Returns the full query lowercased if no clear SELECT…FROM boundary is found.
func sqlSelectList(sql string) string {
lower := strings.ToLower(sql)
selectPos := strings.Index(lower, "select ")
fromPos := strings.Index(lower, " from ")
if selectPos < 0 || fromPos <= selectPos {
return lower
}
return lower[selectPos+7 : fromPos]
}
// replaceMetaVariables replaces meta variables like [rid_user], [user], etc. in the SQL query
func (h *Handler) replaceMetaVariables(sqlquery string, r *http.Request, userCtx *security.UserContext, metainfo map[string]interface{}, variables map[string]interface{}) string {
if strings.Contains(sqlquery, "[p_meta_default]") {
@@ -991,8 +1028,8 @@ func getReplacementForBlankParam(sqlquery, param string) string {
charAfter = sqlquery[endIdx]
}
// Check if parameter is surrounded by quotes (single quote or dollar sign for PostgreSQL dollar-quoted strings)
if (charBefore == '\'' || charBefore == '$') && (charAfter == '\'' || charAfter == '$') {
// Check if parameter is surrounded by quotes (single quote, dollar sign for PostgreSQL dollar-quoted strings, or double quote for JSON string values)
if (charBefore == '\'' || charBefore == '$' || charBefore == '"') && (charAfter == '\'' || charAfter == '$' || charAfter == '"') {
// Parameter is in quotes, return empty string
return ""
}
@@ -1035,6 +1072,10 @@ func sendError(w http.ResponseWriter, status int, code, message string, err erro
}
if err != nil {
errObj.Detail = err.Error()
var sqlErr *common.SQLError
if errors.As(err, &sqlErr) {
errObj.SQL = sqlErr.SQL
}
}
data, _ := json.Marshal(map[string]interface{}{

281
pkg/funcspec/function_api_test.go
View File

@@ -821,7 +821,7 @@ func TestReplaceMetaVariables(t *testing.T) {
name: "Replace [user]",
sqlQuery: "SELECT * FROM audit WHERE username = [user]",
expectedCheck: func(result string) bool {
return strings.Contains(result, "'testuser'")
return strings.Contains(result, "$USR$testuser$USR$")
},
},
{
@@ -851,6 +851,285 @@ func TestReplaceMetaVariables(t *testing.T) {
}
}
// TestSqlStripStringLiterals tests that single-quoted string literals are removed
func TestSqlStripStringLiterals(t *testing.T) {
tests := []struct {
name string
input string
expected string
}{
{
name: "No string literals",
input: "SELECT rid, rid_parent FROM users",
expected: "SELECT rid, rid_parent FROM users",
},
{
name: "Simple string literal",
input: "SELECT * FROM users WHERE mode = 'admin'",
expected: "SELECT * FROM users WHERE mode = ''",
},
{
name: "JSON argument containing column names",
input: `SELECT rid, rid_parent FROM crm_get_menu(1,'mode', '{"rid_parent":"[rid_parent]","CF:STARTDATE":"[cf_startdate]"}')`,
expected: `SELECT rid, rid_parent FROM crm_get_menu(1,'', '')`,
},
{
name: "Escaped single quotes inside literal",
input: "SELECT * FROM t WHERE name = 'O''Brien'",
expected: "SELECT * FROM t WHERE name = ''",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := sqlStripStringLiterals(tt.input)
if result != tt.expected {
t.Errorf("sqlStripStringLiterals() =\n %q\nwant\n %q", result, tt.expected)
}
})
}
}
// TestAllowFilterDoesNotMatchInsideJsonArgument verifies that AllowFilter will add WHERE
// clauses for real output columns (rid, rid_parent) but not for names that only appear
// inside a JSON string argument (cf_startdate, cf_rid_branch).
func TestAllowFilterDoesNotMatchInsideJsonArgument(t *testing.T) {
handler := NewHandler(&MockDatabase{})
sqlQuery := `select rid, rid_parent, description
from crm_get_menu([rid_user],'[p_mode]', 0, '', '{"rid_parent":"[rid_parent]", "CF:STARTDATE": "[cf_startdate]", "CF:RID_BRANCH": "[cf_rid_branch]"}')`
tests := []struct {
name string
queryParams map[string]string
checkResult func(t *testing.T, result string)
}{
{
name: "rid_parent=0 is a real column — filter applied",
queryParams: map[string]string{"rid_parent": "0"},
checkResult: func(t *testing.T, result string) {
if !strings.Contains(strings.ToLower(result), "where") {
t.Error("Expected WHERE clause to be added for rid_parent")
}
if !strings.Contains(result, "rid_parent = 0 OR") && !strings.Contains(result, "rid_parent IS NULL") {
t.Errorf("Expected null-safe filter for rid_parent=0, got:\n%s", result)
}
},
},
{
name: "cf_startdate only appears in JSON string — no filter applied",
queryParams: map[string]string{"cf_startdate": "2024-01-01"},
checkResult: func(t *testing.T, result string) {
if strings.Contains(strings.ToLower(result), "where") {
t.Errorf("Expected no WHERE clause for cf_startdate (only in JSON arg), got:\n%s", result)
}
},
},
{
name: "cf_rid_branch only appears in JSON string — no filter applied",
queryParams: map[string]string{"cf_rid_branch": "5"},
checkResult: func(t *testing.T, result string) {
if strings.Contains(strings.ToLower(result), "where") {
t.Errorf("Expected no WHERE clause for cf_rid_branch (only in JSON arg), got:\n%s", result)
}
},
},
{
name: "description is a real column — filter applied",
queryParams: map[string]string{"description": "test"},
checkResult: func(t *testing.T, result string) {
if !strings.Contains(strings.ToLower(result), "where") {
t.Error("Expected WHERE clause for description")
}
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
req := createTestRequest("GET", "/test", tt.queryParams, nil, nil)
variables := make(map[string]interface{})
propQry := make(map[string]string)
result := handler.mergeQueryParams(req, sqlQuery, variables, true, propQry)
tt.checkResult(t, result)
})
}
}
// TestAllowFilterDoesNotMatchFunctionParams verifies that query params that appear only
// as function call arguments in the FROM clause (e.g. [p_rid_doctype]) are not treated
// as column filters, since they are not in the SELECT list.
func TestAllowFilterDoesNotMatchFunctionParams(t *testing.T) {
handler := NewHandler(&MockDatabase{})
sqlQuery := `select rid, rid_parent, description, row_cnt, filterstring, tableprefix, rid_table, tooltip, additionalfilter, haschildren
from crm_get_doc_menu($JQ$[p_tableprefix]$JQ$,[p_rid_parent],[p_rid_doctype],[p_removedup],[p_showall]) r`
tests := []struct {
name string
queryParams map[string]string
checkResult func(t *testing.T, result string)
}{
{
name: "p_rid_doctype is a function param, not a column — no filter applied",
queryParams: map[string]string{"p_rid_doctype": "0"},
checkResult: func(t *testing.T, result string) {
if strings.Contains(strings.ToLower(result), "where") {
t.Errorf("Expected no WHERE clause for p_rid_doctype (function arg, not SELECT column), got:\n%s", result)
}
},
},
{
name: "p_showall is a function param, not a column — no filter applied",
queryParams: map[string]string{"p_showall": "1"},
checkResult: func(t *testing.T, result string) {
if strings.Contains(strings.ToLower(result), "where") {
t.Errorf("Expected no WHERE clause for p_showall (function arg, not SELECT column), got:\n%s", result)
}
},
},
{
name: "rid is a SELECT column — filter applied",
queryParams: map[string]string{"rid": "42"},
checkResult: func(t *testing.T, result string) {
if !strings.Contains(strings.ToLower(result), "where") {
t.Error("Expected WHERE clause for rid (real SELECT column)")
}
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
req := createTestRequest("GET", "/test", tt.queryParams, nil, nil)
variables := make(map[string]interface{})
propQry := make(map[string]string)
result := handler.mergeQueryParams(req, sqlQuery, variables, true, propQry)
tt.checkResult(t, result)
})
}
}
// TestGetReplacementForBlankParamDoubleQuote verifies that placeholders surrounded by
// double quotes (as in JSON string values) are blanked to "" not NULL.
func TestGetReplacementForBlankParamDoubleQuote(t *testing.T) {
tests := []struct {
name string
sqlQuery string
param string
expected string
}{
{
name: "Parameter in double quotes (JSON value)",
sqlQuery: `SELECT * FROM f(1, '{"key":"[myparam]"}')`,
param: "[myparam]",
expected: "",
},
{
name: "Parameter not in any quotes",
sqlQuery: `SELECT * FROM f([myparam])`,
param: "[myparam]",
expected: "NULL",
},
{
name: "Parameter in single quotes",
sqlQuery: `SELECT * FROM f('[myparam]')`,
param: "[myparam]",
expected: "",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := getReplacementForBlankParam(tt.sqlQuery, tt.param)
if result != tt.expected {
t.Errorf("getReplacementForBlankParam() = %q, want %q\nquery: %s", result, tt.expected, tt.sqlQuery)
}
})
}
}
// TestVariableReplacementFromQueryParams verifies that query params matching [placeholder]
// tokens are substituted even when they don't have the p- prefix.
func TestVariableReplacementFromQueryParams(t *testing.T) {
handler := NewHandler(&MockDatabase{})
sqlQuery := `select rid, rid_parent from crm_get_menu([rid_user],'[p_mode]', 0, '', '{"rid_parent":"[rid_parent]","CF:STARTDATE":"[cf_startdate]"}')`
tests := []struct {
name string
queryParams map[string]string
checkResult func(t *testing.T, result string)
}{
{
name: "rid_parent replaced from query param",
queryParams: map[string]string{"rid_parent": "42"},
checkResult: func(t *testing.T, result string) {
if strings.Contains(result, "[rid_parent]") {
t.Errorf("Expected [rid_parent] to be replaced, still present in:\n%s", result)
}
if !strings.Contains(result, "42") {
t.Errorf("Expected value 42 in query, got:\n%s", result)
}
},
},
{
name: "cf_startdate replaced from query param",
queryParams: map[string]string{"cf_startdate": "2024-01-01"},
checkResult: func(t *testing.T, result string) {
if strings.Contains(result, "[cf_startdate]") {
t.Errorf("Expected [cf_startdate] to be replaced, still present in:\n%s", result)
}
if !strings.Contains(result, "2024-01-01") {
t.Errorf("Expected date value in query, got:\n%s", result)
}
},
},
{
name: "missing param blanked to empty string inside JSON (double-quoted)",
queryParams: map[string]string{},
checkResult: func(t *testing.T, result string) {
// [cf_startdate] is surrounded by " in the JSON — should blank to ""
if strings.Contains(result, "[cf_startdate]") {
t.Errorf("Expected [cf_startdate] to be blanked, still present in:\n%s", result)
}
if strings.Contains(result, "NULL") && strings.Contains(result, "cf_startdate") {
t.Errorf("Expected empty string (not NULL) for double-quoted placeholder, got:\n%s", result)
}
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
inputvars := make([]string, 0)
q := handler.extractInputVariables(sqlQuery, &inputvars)
req := createTestRequest("GET", "/test", tt.queryParams, nil, nil)
variables := make(map[string]interface{})
propQry := make(map[string]string)
q = handler.mergeQueryParams(req, q, variables, false, propQry)
// Simulate the variable replacement + blank-param loop (mirrors function_api.go)
for _, kw := range inputvars {
varName := kw[1 : len(kw)-1]
if val, ok := variables[varName]; ok {
if strVal := strings.TrimSpace(val.(string)); strVal != "" {
q = strings.ReplaceAll(q, kw, ValidSQL(strVal, "colvalue"))
continue
}
}
replacement := getReplacementForBlankParam(q, kw)
q = strings.ReplaceAll(q, kw, replacement)
}
tt.checkResult(t, q)
})
}
}
// TestGetReplacementForBlankParam tests the blank parameter replacement logic
func TestGetReplacementForBlankParam(t *testing.T) {
tests := []struct {

36
pkg/reflection/helpers.go
View File

@@ -51,6 +51,31 @@ func ExtractTableNameOnly(fullName string) string {
return fullName[startIndex:]
}
// IsEmptyValue reports whether v is nil, an empty string, or a zero number.
func IsEmptyValue(v any) bool {
if v == nil {
return true
}
rv := reflect.ValueOf(v)
if rv.Kind() == reflect.Ptr {
if rv.IsNil() {
return true
}
rv = rv.Elem()
}
switch rv.Kind() {
case reflect.String:
return rv.String() == ""
case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
return rv.Int() == 0
case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
return rv.Uint() == 0
case reflect.Float32, reflect.Float64:
return rv.Float() == 0
}
return false
}
// GetPointerElement returns the element type if the provided reflect.Type is a pointer.
// If the type is a slice of pointers, it returns the element type of the pointer within the slice.
// If neither condition is met, it returns the original type.
@@ -76,9 +101,14 @@ func GetJSONNameForField(modelType reflect.Type, fieldName string) string {
return ""
}
// Handle pointer types
if modelType.Kind() == reflect.Ptr {
modelType = modelType.Elem()
// Unwrap pointer and slice indirections to reach the struct type
for {
switch modelType.Kind() {
case reflect.Ptr, reflect.Slice:
modelType = modelType.Elem()
continue
}
break
}
if modelType.Kind() != reflect.Struct {

162
pkg/reflection/model_utils.go
View File

@@ -541,9 +541,14 @@ func collectSQLColumnsFromType(typ reflect.Type, columns *[]string, scanOnlyEmbe
func IsColumnWritable(model any, columnName string) bool {
modelType := reflect.TypeOf(model)
// Unwrap pointers to get to the base struct type
for modelType != nil && modelType.Kind() == reflect.Pointer {
modelType = modelType.Elem()
// Unwrap pointers and slices to get to the base struct type
for modelType != nil {
switch modelType.Kind() {
case reflect.Ptr, reflect.Slice:
modelType = modelType.Elem()
continue
}
break
}
// Validate that we have a struct type
@@ -878,8 +883,14 @@ func GetRelationType(model interface{}, fieldName string) RelationType {
return RelationUnknown
}
if modelType.Kind() == reflect.Ptr {
modelType = modelType.Elem()
// Unwrap pointer → slice → pointer chains to reach the underlying struct
for {
switch modelType.Kind() {
case reflect.Ptr, reflect.Slice:
modelType = modelType.Elem()
continue
}
break
}
if modelType == nil || modelType.Kind() != reflect.Struct {
@@ -962,6 +973,108 @@ func GetRelationType(model interface{}, fieldName string) RelationType {
return RelationUnknown
}
// GetForeignKeyColumn returns the DB column names of the foreign key(s) that
// relate parentKey to modelType. Composite keys (e.g. bun "join:a=b,join:c=d"
// or GORM "foreignKey:ColA,ColB") yield multiple entries. Returns nil when no
// tag is found (caller should fall back to convention).
//
// Two lookup strategies are tried in order:
//
// 1. Relation-field match: find a field whose name/json equals parentKey, then
// read its bun join: or GORM foreignKey: tag and return the local columns.
// e.g. parentKey="department", field `Department bun:"join:dept_id=id"` → ["dept_id"]
//
// 2. Join left-side scan: scan every bun join tag in the struct for pairs whose
// left side equals parentKey and return the right-side (child FK) columns.
// e.g. parentKey="rid_mastertaskitem", field `Children bun:"join:rid_mastertaskitem=rid_parentmastertaskitem"` → ["rid_parentmastertaskitem"]
// Strategy 1 is skipped if the matched field is a declared relation (rel:) or
// has a GORM tag but carries no explicit FK — callers should use convention.
func GetForeignKeyColumn(modelType reflect.Type, parentKey string) []string {
for modelType.Kind() == reflect.Ptr || modelType.Kind() == reflect.Slice {
modelType = modelType.Elem()
}
if modelType.Kind() != reflect.Struct {
return nil
}
// Strategy 1: match parentKey against a field's name/json tag.
for i := 0; i < modelType.NumField(); i++ {
field := modelType.Field(i)
name := field.Name
jsonName := strings.Split(field.Tag.Get("json"), ",")[0]
if !strings.EqualFold(name, parentKey) && !strings.EqualFold(jsonName, parentKey) {
continue
}
bunTag := field.Tag.Get("bun")
// Bun: join:local_col=foreign_col (one join: part per pair)
var bunCols []string
for _, part := range strings.Split(bunTag, ",") {
part = strings.TrimSpace(part)
if strings.HasPrefix(part, "join:") {
pair := strings.TrimPrefix(part, "join:")
if idx := strings.Index(pair, "="); idx > 0 {
bunCols = append(bunCols, pair[:idx])
}
}
}
if len(bunCols) > 0 {
return bunCols
}
// GORM: foreignKey:FieldA,FieldB
for _, part := range strings.Split(field.Tag.Get("gorm"), ";") {
part = strings.TrimSpace(part)
if strings.HasPrefix(part, "foreignKey:") {
var cols []string
for _, fkFieldName := range strings.Split(strings.TrimPrefix(part, "foreignKey:"), ",") {
fkFieldName = strings.TrimSpace(fkFieldName)
if fkField, ok := modelType.FieldByName(fkFieldName); ok {
cols = append(cols, getColumnNameFromField(fkField))
}
}
if len(cols) > 0 {
return cols
}
}
}
// The field matched by name/json but has no explicit FK tag. If it is a
// declared relation field (rel:) or carries a GORM tag, the caller should
// use naming convention — don't fall through to strategy 2. Otherwise the
// matched field is a plain scalar column; proceed to the join left-side scan.
if strings.Contains(bunTag, "rel:") || field.Tag.Get("gorm") != "" {
return nil
}
break
}
// Strategy 2: scan every field's bun join tag for pairs whose left side (the
// parent's column) matches parentKey; the right side is the child FK column.
// This handles cases where parentKey is a raw column name rather than a
// relation field name (e.g. self-referential or has-many relationships).
seen := map[string]bool{}
var cols []string
for i := 0; i < modelType.NumField(); i++ {
for _, part := range strings.Split(modelType.Field(i).Tag.Get("bun"), ",") {
part = strings.TrimSpace(part)
if strings.HasPrefix(part, "join:") {
pair := strings.TrimPrefix(part, "join:")
if idx := strings.Index(pair, "="); idx > 0 {
left, right := pair[:idx], pair[idx+1:]
if strings.EqualFold(left, parentKey) && !seen[right] {
seen[right] = true
cols = append(cols, right)
}
}
}
}
}
return cols // nil if empty
}
// GetRelationModel gets the model type for a relation field
// It searches for the field by name in the following order (case-insensitive):
// 1. Actual field name
@@ -1472,9 +1585,14 @@ func convertToFloat64(value interface{}) (float64, bool) {
func GetValidJSONFieldNames(modelType reflect.Type) map[string]bool {
validFields := make(map[string]bool)
// Unwrap pointers to get to the base struct type
for modelType != nil && modelType.Kind() == reflect.Pointer {
modelType = modelType.Elem()
// Unwrap pointers and slices to get to the base struct type
for modelType != nil {
switch modelType.Kind() {
case reflect.Ptr, reflect.Slice:
modelType = modelType.Elem()
continue
}
break
}
if modelType == nil || modelType.Kind() != reflect.Struct {
@@ -1535,8 +1653,13 @@ func getRelationModelSingleLevel(model interface{}, fieldName string) interface{
return nil
}
if modelType.Kind() == reflect.Ptr {
modelType = modelType.Elem()
for {
switch modelType.Kind() {
case reflect.Ptr, reflect.Slice:
modelType = modelType.Elem()
continue
}
break
}
if modelType == nil || modelType.Kind() != reflect.Struct {
@@ -1599,17 +1722,16 @@ func getRelationModelSingleLevel(model interface{}, fieldName string) interface{
return nil
}
if targetType.Kind() == reflect.Slice {
targetType = targetType.Elem()
if targetType == nil {
return nil
}
}
if targetType.Kind() == reflect.Ptr {
targetType = targetType.Elem()
if targetType == nil {
return nil
for {
switch targetType.Kind() {
case reflect.Ptr, reflect.Slice:
targetType = targetType.Elem()
if targetType == nil {
return nil
}
continue
}
break
}
if targetType.Kind() != reflect.Struct {

168
pkg/reflection/model_utils_foreign_key_test.go Normal file
View File

@@ -0,0 +1,168 @@
package reflection
import (
"reflect"
"testing"
)
// --- local test models ---
type fkDept struct{}
// bunEmployee uses bun join: tag to declare the FK column explicitly.
type bunEmployee struct {
DeptID string `bun:"dept_id" json:"dept_id"`
Department *fkDept `bun:"rel:belongs-to,join:dept_id=id" json:"department"`
}
// bunCompositeEmployee has a composite bun join: (two join: parts).
type bunCompositeEmployee struct {
DeptID string `bun:"dept_id" json:"dept_id"`
TenantID string `bun:"tenant_id" json:"tenant_id"`
Department *fkDept `bun:"rel:belongs-to,join:dept_id=id,join:tenant_id=id" json:"department"`
}
// gormEmployee uses gorm foreignKey: tag (mirrors testmodels.Employee).
type gormEmployee struct {
DepartmentID string `json:"department_id"`
ManagerID string `json:"manager_id"`
Department *fkDept `gorm:"foreignKey:DepartmentID;references:ID" json:"department"`
Manager *fkDept `gorm:"foreignKey:ManagerID;references:ID" json:"manager"`
}
// gormCompositeEmployee has a composite GORM foreignKey.
type gormCompositeEmployee struct {
DeptID string `json:"dept_id"`
TenantID string `json:"tenant_id"`
Department *fkDept `gorm:"foreignKey:DeptID,TenantID" json:"department"`
}
// selfRefItem mimics a self-referential model (like mastertaskitem) where the
// parent PK column appears as the left side of a has-many join tag.
type selfRefItem struct {
RidItem int32 `json:"rid_item" bun:"rid_item,type:integer,pk"`
RidParentItem int32 `json:"rid_parentitem" bun:"rid_parentitem,type:integer"`
// has-one (single parent pointer)
Parent *selfRefItem `json:"Parent,omitempty" bun:"rel:has-one,join:rid_item=rid_parentitem"`
// has-many (child collection) — same join, duplicate right-side must be deduped
Children []*selfRefItem `json:"Children,omitempty" bun:"rel:has-many,join:rid_item=rid_parentitem"`
}
// conventionEmployee has no explicit FK tag — relies on naming convention.
type conventionEmployee struct {
DepartmentID string `json:"department_id"`
Department *fkDept `json:"department"`
}
// noTagEmployee has a relation field with no FK tag and no convention match.
type noTagEmployee struct {
Unrelated *fkDept `json:"unrelated"`
}
func TestGetForeignKeyColumn(t *testing.T) {
tests := []struct {
name string
modelType reflect.Type
parentKey string
want []string
}{
// Bun join: tag
{
name: "bun join tag returns local column",
modelType: reflect.TypeOf(bunEmployee{}),
parentKey: "department",
want: []string{"dept_id"},
},
{
name: "bun join tag matched via json tag (case-insensitive)",
modelType: reflect.TypeOf(bunEmployee{}),
parentKey: "Department",
want: []string{"dept_id"},
},
{
name: "bun composite join returns all local columns",
modelType: reflect.TypeOf(bunCompositeEmployee{}),
parentKey: "department",
want: []string{"dept_id", "tenant_id"},
},
// GORM foreignKey: tag
{
name: "gorm foreignKey resolves to column name",
modelType: reflect.TypeOf(gormEmployee{}),
parentKey: "department",
want: []string{"department_id"},
},
{
name: "gorm foreignKey resolves second relation",
modelType: reflect.TypeOf(gormEmployee{}),
parentKey: "manager",
want: []string{"manager_id"},
},
{
name: "gorm foreignKey matched case-insensitively",
modelType: reflect.TypeOf(gormEmployee{}),
parentKey: "Department",
want: []string{"department_id"},
},
{
name: "gorm composite foreignKey returns all columns",
modelType: reflect.TypeOf(gormCompositeEmployee{}),
parentKey: "department",
want: []string{"dept_id", "tenant_id"},
},
// Join left-side scan (parentKey is a raw column name, not a relation field name)
{
name: "self-referential: parent PK column returns child FK column",
modelType: reflect.TypeOf(selfRefItem{}),
parentKey: "rid_item",
want: []string{"rid_parentitem"},
},
// Pointer and slice unwrapping
{
name: "pointer to struct is unwrapped",
modelType: reflect.TypeOf(&gormEmployee{}),
parentKey: "department",
want: []string{"department_id"},
},
{
name: "slice of struct is unwrapped",
modelType: reflect.TypeOf([]gormEmployee{}),
parentKey: "department",
want: []string{"department_id"},
},
// No tag — returns nil so caller can fall back to convention
{
name: "relation with no FK tag returns nil",
modelType: reflect.TypeOf(conventionEmployee{}),
parentKey: "department",
want: nil,
},
// Unknown parent key
{
name: "unknown parent key returns nil",
modelType: reflect.TypeOf(gormEmployee{}),
parentKey: "nonexistent",
want: nil,
},
{
name: "non-struct type returns nil",
modelType: reflect.TypeOf(""),
parentKey: "department",
want: nil,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got := GetForeignKeyColumn(tt.modelType, tt.parentKey)
if !reflect.DeepEqual(got, tt.want) {
t.Errorf("GetForeignKeyColumn(%v, %q) = %v, want %v", tt.modelType, tt.parentKey, got, tt.want)
}
})
}
}

24
pkg/resolvespec/handler.go
View File

@@ -4,6 +4,7 @@ import (
"context"
"database/sql"
"encoding/json"
"errors"
"fmt"
"net/http"
"reflect"
@@ -1757,18 +1758,21 @@ func (h *Handler) sendResponse(w common.ResponseWriter, data interface{}, metada
}
func (h *Handler) sendError(w common.ResponseWriter, status int, code, message string, details interface{}) {
apiErr := &common.APIError{
Code: code,
Message: message,
Details: details,
Detail: fmt.Sprintf("%v", details),
}
if asErr, ok := details.(error); ok {
var sqlErr *common.SQLError
if errors.As(asErr, &sqlErr) {
apiErr.SQL = sqlErr.SQL
}
}
w.SetHeader("Content-Type", "application/json")
w.WriteHeader(status)
err := w.WriteJSON(common.Response{
Success: false,
Error: &common.APIError{
Code: code,
Message: message,
Details: details,
Detail: fmt.Sprintf("%v", details),
},
})
if err != nil {
if err := w.WriteJSON(common.Response{Success: false, Error: apiErr}); err != nil {
logger.Error("Error sending response: %v", err)
}
}

38
pkg/restheadspec/empty_result_test.go
View File

@@ -9,29 +9,29 @@ import (
"github.com/bitechdev/ResolveSpec/pkg/common"
)
// Test that normalizeResultArray returns empty array when no records found without ID
// Test that normalizeResultArray returns empty object when no records found (single-record mode)
func TestNormalizeResultArray_EmptyArrayWhenNoID(t *testing.T) {
handler := &Handler{}
tests := []struct {
name string
input interface{}
shouldBeEmptyArr bool
shouldBeEmptyObj bool
}{
{
name: "nil should return empty array",
name: "nil should return empty object",
input: nil,
shouldBeEmptyArr: true,
shouldBeEmptyObj: true,
},
{
name: "empty slice should return empty array",
name: "empty slice should return empty object",
input: []*EmptyTestModel{},
shouldBeEmptyArr: true,
shouldBeEmptyObj: true,
},
{
name: "single element should return the element",
input: []*EmptyTestModel{{ID: 1, Name: "test"}},
shouldBeEmptyArr: false,
shouldBeEmptyObj: false,
},
{
name: "multiple elements should return the slice",
@@ -39,7 +39,7 @@ func TestNormalizeResultArray_EmptyArrayWhenNoID(t *testing.T) {
{ID: 1, Name: "test1"},
{ID: 2, Name: "test2"},
},
shouldBeEmptyArr: false,
shouldBeEmptyObj: false,
},
}
@@ -47,25 +47,25 @@ func TestNormalizeResultArray_EmptyArrayWhenNoID(t *testing.T) {
t.Run(tt.name, func(t *testing.T) {
result := handler.normalizeResultArray(tt.input)
// For cases that should return empty array
if tt.shouldBeEmptyArr {
emptyArr, ok := result.([]interface{})
// For cases that should return empty object
if tt.shouldBeEmptyObj {
emptyObj, ok := result.(map[string]interface{})
if !ok {
t.Errorf("Expected empty array []interface{}{}, got %T: %v", result, result)
t.Errorf("Expected empty object map[string]interface{}{}, got %T: %v", result, result)
return
}
if len(emptyArr) != 0 {
t.Errorf("Expected empty array with length 0, got length %d", len(emptyArr))
if len(emptyObj) != 0 {
t.Errorf("Expected empty object with length 0, got length %d", len(emptyObj))
}
// Verify it serializes to [] and not null
// Verify it serializes to {} and not null
jsonBytes, err := json.Marshal(result)
if err != nil {
t.Errorf("Failed to marshal result: %v", err)
return
}
if string(jsonBytes) != "[]" {
t.Errorf("Expected JSON '[]', got '%s'", string(jsonBytes))
if string(jsonBytes) != "{}" {
t.Errorf("Expected JSON '{}', got '%s'", string(jsonBytes))
}
}
})
@@ -138,12 +138,12 @@ func TestSendResponseWithOptions_NoDataFoundHeader(t *testing.T) {
t.Errorf("Expected X-No-Data-Found header to be 'true', got '%s'", mockWriter.headers["X-No-Data-Found"])
}
// Check status code is 200
// Check status code is 200 even when no records found
if mockWriter.statusCode != 200 {
t.Errorf("Expected status code 200, got %d", mockWriter.statusCode)
}
// Verify the body is an empty array
// Verify the body is an empty array (list request, SingleRecordAsObject not set)
if mockWriter.body == nil {
t.Error("Expected body to be set, got nil")
} else {

64
pkg/restheadspec/handler.go
View File

@@ -4,6 +4,7 @@ import (
"context"
"database/sql"
"encoding/json"
"errors"
"fmt"
"net/http"
"reflect"
@@ -575,11 +576,25 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
}
}
// Apply custom SQL JOIN clauses
// Apply custom SQL JOIN clauses, skipping any whose alias is already provided by a
// preload LEFT JOIN (to prevent "table name specified more than once" errors).
if len(options.CustomSQLJoin) > 0 {
for _, joinClause := range options.CustomSQLJoin {
preloadAliasSet := make(map[string]bool, len(options.Preload))
for i := range options.Preload {
if alias := common.RelationPathToBunAlias(options.Preload[i].Relation); alias != "" {
preloadAliasSet[alias] = true
}
}
for i, joinClause := range options.CustomSQLJoin {
if i < len(options.JoinAliases) && options.JoinAliases[i] != "" {
alias := strings.ToLower(options.JoinAliases[i])
if preloadAliasSet[alias] {
logger.Debug("Skipping custom SQL JOIN (alias '%s' already joined by preload): %s", alias, joinClause)
continue
}
}
logger.Debug("Applying custom SQL JOIN: %s", joinClause)
// Joins are already sanitized during parsing, so we can apply them directly
query = query.Join(joinClause)
}
}
@@ -605,16 +620,19 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
logger.Debug("FetchRowNumber: Row number %d for PK %s = %s", rowNum, pkName, fetchRowNumberPKValue)
// Now filter the main query to this specific primary key
query = query.Where(fmt.Sprintf("%s = ?", common.QuoteIdent(pkName)), fetchRowNumberPKValue)
tableAlias := reflection.ExtractTableNameOnly(tableName)
query = query.Where(fmt.Sprintf("%s.%s = ?", common.QuoteIdent(tableAlias), common.QuoteIdent(pkName)), fetchRowNumberPKValue)
} else if id != "" {
// If ID is provided (and not FetchRowNumber), filter by ID
pkName := reflection.GetPrimaryKeyName(model)
logger.Debug("Filtering by ID=%s: %s", pkName, id)
query = query.Where(fmt.Sprintf("%s = ?", common.QuoteIdent(pkName)), id)
tableAlias := reflection.ExtractTableNameOnly(tableName)
query = query.Where(fmt.Sprintf("%s.%s = ?", common.QuoteIdent(tableAlias), common.QuoteIdent(pkName)), id)
}
// Apply sorting
tableAlias := reflection.ExtractTableNameOnly(tableName)
for _, sort := range options.Sort {
direction := "ASC"
if strings.EqualFold(sort.Direction, "desc") {
@@ -626,9 +644,12 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
if strings.HasPrefix(sort.Column, "(") && strings.HasSuffix(sort.Column, ")") {
// For expressions, pass as raw SQL to prevent auto-quoting
query = query.OrderExpr(fmt.Sprintf("%s %s", sort.Column, direction))
} else if strings.Contains(sort.Column, ".") {
// Already qualified (e.g. alias.column) - pass as raw expression to preserve the dot
query = query.OrderExpr(fmt.Sprintf("%s %s", sort.Column, direction))
} else {
// Regular column - let Bun handle quoting
query = query.Order(fmt.Sprintf("%s %s", sort.Column, direction))
// Unqualified column - prefix with main table alias to avoid ambiguity on JOINs
query = query.OrderExpr(fmt.Sprintf("%s.%s %s", common.QuoteIdent(tableAlias), common.QuoteIdent(sort.Column), direction))
}
}
@@ -1346,7 +1367,7 @@ func (h *Handler) handleUpdate(ctx context.Context, w common.ResponseWriter, id
// First, read the existing record from the database
existingRecord := reflect.New(reflection.GetPointerElement(reflect.TypeOf(model))).Interface()
selectQuery := tx.NewSelect().Model(existingRecord).Column("*").Where(fmt.Sprintf("%s = ?", common.QuoteIdent(pkName)), targetID)
selectQuery := tx.NewSelect().Model(existingRecord).Where(fmt.Sprintf("%s = ?", common.QuoteIdent(pkName)), targetID)
if err := selectQuery.ScanModel(ctx); err != nil {
if err == sql.ErrNoRows {
return fmt.Errorf("record not found with ID: %v", targetID)
@@ -2488,14 +2509,12 @@ func (h *Handler) sendResponseWithOptions(w common.ResponseWriter, data interfac
w.SetHeader("X-No-Data-Found", "true")
}
w.WriteHeader(http.StatusOK)
// Normalize single-record arrays to objects if requested
if options != nil && options.SingleRecordAsObject {
data = h.normalizeResultArray(data)
}
// Return data as-is without wrapping in common.Response
w.WriteHeader(http.StatusOK)
if err := w.WriteJSON(data); err != nil {
logger.Error("Failed to write JSON response: %v", err)
@@ -2506,7 +2525,7 @@ func (h *Handler) sendResponseWithOptions(w common.ResponseWriter, data interfac
// Returns the single element if data is a slice/array with exactly one element, otherwise returns data unchanged
func (h *Handler) normalizeResultArray(data interface{}) interface{} {
if data == nil {
return []interface{}{}
return map[string]interface{}{}
}
// Use reflection to check if data is a slice or array
@@ -2521,15 +2540,15 @@ func (h *Handler) normalizeResultArray(data interface{}) interface{} {
// Return the single element
return dataValue.Index(0).Interface()
} else if dataValue.Len() == 0 {
// Keep empty array as empty array, don't convert to empty object
return []interface{}{}
// Single-record request with no result → empty object
return map[string]interface{}{}
}
}
if dataValue.Kind() == reflect.String {
str := dataValue.String()
if str == "" || str == "null" {
return []interface{}{}
return map[string]interface{}{}
}
}
@@ -2538,9 +2557,6 @@ func (h *Handler) normalizeResultArray(data interface{}) interface{} {
// sendFormattedResponse sends response with formatting options
func (h *Handler) sendFormattedResponse(w common.ResponseWriter, data interface{}, metadata *common.Metadata, options ExtendedRequestOptions) {
// Normalize single-record arrays to objects if requested
httpStatus := http.StatusOK
// Handle nil data - convert to empty array
if data == nil {
data = []interface{}{}
@@ -2577,7 +2593,7 @@ func (h *Handler) sendFormattedResponse(w common.ResponseWriter, data interface{
switch options.ResponseFormat {
case "simple":
// Simple format: just return the data array
w.WriteHeader(httpStatus)
w.WriteHeader(http.StatusOK)
if err := w.WriteJSON(data); err != nil {
logger.Error("Failed to write JSON response: %v", err)
}
@@ -2589,7 +2605,7 @@ func (h *Handler) sendFormattedResponse(w common.ResponseWriter, data interface{
if metadata != nil {
response["count"] = metadata.Total
}
w.WriteHeader(httpStatus)
w.WriteHeader(http.StatusOK)
if err := w.WriteJSON(response); err != nil {
logger.Error("Failed to write JSON response: %v", err)
}
@@ -2600,7 +2616,7 @@ func (h *Handler) sendFormattedResponse(w common.ResponseWriter, data interface{
Data: data,
Metadata: metadata,
}
w.WriteHeader(httpStatus)
w.WriteHeader(http.StatusOK)
if err := w.WriteJSON(response); err != nil {
logger.Error("Failed to write JSON response: %v", err)
}
@@ -2630,6 +2646,12 @@ func (h *Handler) sendError(w common.ResponseWriter, statusCode int, code, messa
"_error": errorMsg,
"_retval": 1,
}
var sqlErr *common.SQLError
if errors.As(err, &sqlErr) {
response["_sql"] = sqlErr.SQL
}
w.SetHeader("Content-Type", "application/json")
w.WriteHeader(statusCode)
if jsonErr := w.WriteJSON(response); jsonErr != nil {

55
pkg/restheadspec/headers.go
View File

@@ -5,8 +5,10 @@ import (
"encoding/json"
"fmt"
"reflect"
"regexp"
"strconv"
"strings"
"unicode/utf8"
"github.com/bitechdev/ResolveSpec/pkg/common"
"github.com/bitechdev/ResolveSpec/pkg/logger"
@@ -63,7 +65,10 @@ type ExpandOption struct {
// decodeHeaderValue decodes base64 encoded header values
// Supports ZIP_ and __ prefixes for base64 encoding
func decodeHeaderValue(value string) string {
str, _ := DecodeParam(value)
str, err := DecodeParam(value)
if err != nil {
return value
}
return str
}
@@ -97,6 +102,11 @@ func DecodeParam(pStr string) (string, error) {
if strings.HasPrefix(code, "ZIP_") || strings.HasPrefix(code, "__") {
code, _ = DecodeParam(code)
} else {
strDat, err := base64.StdEncoding.DecodeString(code)
if err == nil && utf8.Valid(strDat) {
code = string(strDat)
}
}
return code, nil
@@ -501,6 +511,31 @@ func (h *Handler) parseExpand(options *ExtendedRequestOptions, value string) {
}
}
// reMultiJoinBoundary finds the start of each individual JOIN clause within a string that
// may contain multiple consecutive JOIN clauses (e.g., "INNER JOIN ... LEFT OUTER JOIN ...").
var reMultiJoinBoundary = regexp.MustCompile(`(?i)(?:inner|left(?:\s+outer)?|right(?:\s+outer)?|full(?:\s+outer)?|cross)\s+join\b`)
// splitJoinClauses splits a SQL string that may contain multiple JOIN clauses into
// individual clauses. A plain pipe-separated segment may itself contain several JOINs;
// this function splits them so each gets its own alias entry.
func splitJoinClauses(joinStr string) []string {
indices := reMultiJoinBoundary.FindAllStringIndex(joinStr, -1)
if len(indices) <= 1 {
return []string{strings.TrimSpace(joinStr)}
}
parts := make([]string, 0, len(indices))
for i, idx := range indices {
end := len(joinStr)
if i+1 < len(indices) {
end = indices[i+1][0]
}
if part := strings.TrimSpace(joinStr[idx[0]:end]); part != "" {
parts = append(parts, part)
}
}
return parts
}
// parseCustomSQLJoin parses x-custom-sql-join header
// Format: Single JOIN clause or multiple JOIN clauses separated by |
// Example: "LEFT JOIN departments d ON d.id = employees.department_id"
@@ -533,17 +568,19 @@ func (h *Handler) parseCustomSQLJoin(options *ExtendedRequestOptions, value stri
continue
}
// Extract table alias from the JOIN clause
alias := extractJoinAlias(sanitizedJoin)
if alias != "" {
// Split into individual JOIN clauses so each clause gets its own alias entry.
// CustomSQLJoin and JoinAliases are kept parallel (one entry per individual clause).
for _, clause := range splitJoinClauses(sanitizedJoin) {
alias := extractJoinAlias(clause)
// Keep arrays parallel; use empty string when alias cannot be extracted.
options.JoinAliases = append(options.JoinAliases, alias)
// Also add to the embedded RequestOptions for validation
options.RequestOptions.JoinAliases = append(options.RequestOptions.JoinAliases, alias)
logger.Debug("Extracted join alias: %s", alias)
if alias != "" {
logger.Debug("Extracted join alias: %s", alias)
}
logger.Debug("Adding custom SQL join: %s", clause)
options.CustomSQLJoin = append(options.CustomSQLJoin, clause)
}
logger.Debug("Adding custom SQL join: %s", sanitizedJoin)
options.CustomSQLJoin = append(options.CustomSQLJoin, sanitizedJoin)
}
}

57
pkg/security/chain.go Normal file
View File

@@ -0,0 +1,57 @@
package security
import (
"context"
"fmt"
"net/http"
)
// ChainAuthenticator tries each authenticator in order, returning the first success.
// Login and Logout are delegated to the primary authenticator.
type ChainAuthenticator struct {
authenticators []Authenticator
authenticateCallback func(r *http.Request) (*UserContext, error)
}
// NewChainAuthenticator creates a ChainAuthenticator from the given authenticators.
// At least one authenticator is required; the first is treated as primary for Login/Logout.
func NewChainAuthenticator(primary Authenticator, rest ...Authenticator) *ChainAuthenticator {
return &ChainAuthenticator{
authenticators: append([]Authenticator{primary}, rest...),
}
}
func (c *ChainAuthenticator) Authenticate(r *http.Request) (*UserContext, error) {
var lastErr error
for _, a := range c.authenticators {
if uc, err := a.Authenticate(r); err == nil {
return uc, nil
} else {
lastErr = err
}
}
if c.authenticateCallback != nil {
return c.authenticateCallback(r)
}
return nil, fmt.Errorf("all authenticators failed; last error: %w", lastErr)
}
func (c *ChainAuthenticator) SetAuthenticateCallback(fn func(r *http.Request) (*UserContext, error)) {
c.authenticateCallback = fn
}
func (c *ChainAuthenticator) Login(ctx context.Context, req LoginRequest) (*LoginResponse, error) {
return c.authenticators[0].Login(ctx, req)
}
func (c *ChainAuthenticator) LoginWithCookie(ctx context.Context, req LoginRequest, w http.ResponseWriter) (*LoginResponse, error) {
return c.authenticators[0].LoginWithCookie(ctx, req, w)
}
func (c *ChainAuthenticator) Logout(ctx context.Context, req LogoutRequest) error {
return c.authenticators[0].Logout(ctx, req)
}
func (c *ChainAuthenticator) LogoutWithCookie(ctx context.Context, req LogoutRequest, w http.ResponseWriter) error {
return c.authenticators[0].LogoutWithCookie(ctx, req, w)
}

127
pkg/security/chain_test.go Normal file
View File

@@ -0,0 +1,127 @@
package security
import (
"context"
"fmt"
"net/http"
"net/http/httptest"
"testing"
)
// stubAuthenticator is a configurable Authenticator for testing.
type stubAuthenticator struct {
userCtx *UserContext
err error
}
func (s *stubAuthenticator) Authenticate(_ *http.Request) (*UserContext, error) {
return s.userCtx, s.err
}
func (s *stubAuthenticator) Login(_ context.Context, _ LoginRequest) (*LoginResponse, error) {
if s.err != nil {
return nil, s.err
}
return &LoginResponse{Token: "tok"}, nil
}
func (s *stubAuthenticator) LoginWithCookie(ctx context.Context, req LoginRequest, _ http.ResponseWriter) (*LoginResponse, error) {
return s.Login(ctx, req)
}
func (s *stubAuthenticator) Logout(_ context.Context, _ LogoutRequest) error {
return s.err
}
func (s *stubAuthenticator) LogoutWithCookie(ctx context.Context, req LogoutRequest, _ http.ResponseWriter) error {
return s.Logout(ctx, req)
}
func (s *stubAuthenticator) SetAuthenticateCallback(_ func(r *http.Request) (*UserContext, error)) {}
func TestChainAuthenticator_Authenticate(t *testing.T) {
successCtx := &UserContext{UserID: 42, UserName: "alice"}
failStub := &stubAuthenticator{err: fmt.Errorf("no token")}
okStub := &stubAuthenticator{userCtx: successCtx}
t.Run("primary succeeds", func(t *testing.T) {
chain := NewChainAuthenticator(okStub, failStub)
req := httptest.NewRequest("GET", "/", nil)
uc, err := chain.Authenticate(req)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
if uc.UserID != 42 {
t.Errorf("expected UserID 42, got %d", uc.UserID)
}
})
t.Run("primary fails, secondary succeeds", func(t *testing.T) {
chain := NewChainAuthenticator(failStub, okStub)
req := httptest.NewRequest("GET", "/", nil)
uc, err := chain.Authenticate(req)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
if uc.UserID != 42 {
t.Errorf("expected UserID 42, got %d", uc.UserID)
}
})
t.Run("all fail", func(t *testing.T) {
chain := NewChainAuthenticator(failStub, failStub)
req := httptest.NewRequest("GET", "/", nil)
_, err := chain.Authenticate(req)
if err == nil {
t.Fatal("expected error when all authenticators fail")
}
})
t.Run("three in chain, first two fail", func(t *testing.T) {
chain := NewChainAuthenticator(failStub, failStub, okStub)
req := httptest.NewRequest("GET", "/", nil)
uc, err := chain.Authenticate(req)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
if uc.UserName != "alice" {
t.Errorf("expected UserName alice, got %s", uc.UserName)
}
})
}
func TestChainAuthenticator_LoginLogout(t *testing.T) {
primary := &stubAuthenticator{userCtx: &UserContext{UserID: 1}}
secondary := &stubAuthenticator{userCtx: &UserContext{UserID: 2}}
chain := NewChainAuthenticator(primary, secondary)
ctx := context.Background()
t.Run("login delegates to primary", func(t *testing.T) {
resp, err := chain.Login(ctx, LoginRequest{Username: "u", Password: "p"})
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
if resp.Token != "tok" {
t.Errorf("expected token from primary, got %s", resp.Token)
}
})
t.Run("logout delegates to primary", func(t *testing.T) {
if err := chain.Logout(ctx, LogoutRequest{}); err != nil {
t.Fatalf("expected no error, got %v", err)
}
})
t.Run("login error from primary is returned", func(t *testing.T) {
failPrimary := &stubAuthenticator{err: fmt.Errorf("db down")}
chain2 := NewChainAuthenticator(failPrimary, secondary)
_, err := chain2.Login(ctx, LoginRequest{})
if err == nil {
t.Fatal("expected error from primary login failure")
}
})
}

15
pkg/security/composite.go
View File

@@ -43,16 +43,31 @@ func (c *CompositeSecurityProvider) Login(ctx context.Context, req LoginRequest)
return c.auth.Login(ctx, req)
}
// LoginWithCookie delegates to the authenticator
func (c *CompositeSecurityProvider) LoginWithCookie(ctx context.Context, req LoginRequest, w http.ResponseWriter) (*LoginResponse, error) {
return c.auth.LoginWithCookie(ctx, req, w)
}
// Logout delegates to the authenticator
func (c *CompositeSecurityProvider) Logout(ctx context.Context, req LogoutRequest) error {
return c.auth.Logout(ctx, req)
}
// LogoutWithCookie delegates to the authenticator
func (c *CompositeSecurityProvider) LogoutWithCookie(ctx context.Context, req LogoutRequest, w http.ResponseWriter) error {
return c.auth.LogoutWithCookie(ctx, req, w)
}
// Authenticate delegates to the authenticator
func (c *CompositeSecurityProvider) Authenticate(r *http.Request) (*UserContext, error) {
return c.auth.Authenticate(r)
}
// SetAuthenticateCallback delegates to the authenticator
func (c *CompositeSecurityProvider) SetAuthenticateCallback(fn func(r *http.Request) (*UserContext, error)) {
c.auth.SetAuthenticateCallback(fn)
}
// GetColumnSecurity delegates to the column security provider
func (c *CompositeSecurityProvider) GetColumnSecurity(ctx context.Context, userID int, schema, table string) ([]ColumnSecurity, error) {
return c.colSec.GetColumnSecurity(ctx, userID, schema, table)

10
pkg/security/composite_test.go
View File

@@ -23,14 +23,24 @@ func (m *mockAuth) Login(ctx context.Context, req LoginRequest) (*LoginResponse,
return m.loginResp, m.loginErr
}
func (m *mockAuth) LoginWithCookie(ctx context.Context, req LoginRequest, _ http.ResponseWriter) (*LoginResponse, error) {
return m.Login(ctx, req)
}
func (m *mockAuth) Logout(ctx context.Context, req LogoutRequest) error {
return m.logoutErr
}
func (m *mockAuth) LogoutWithCookie(ctx context.Context, req LogoutRequest, _ http.ResponseWriter) error {
return m.Logout(ctx, req)
}
func (m *mockAuth) Authenticate(r *http.Request) (*UserContext, error) {
return m.authUser, m.authErr
}
func (m *mockAuth) SetAuthenticateCallback(_ func(r *http.Request) (*UserContext, error)) {}
// Optional interface implementations
func (m *mockAuth) RefreshToken(ctx context.Context, refreshToken string) (*LoginResponse, error) {
if !m.supportsRefresh {

14
pkg/security/interfaces.go
View File

@@ -83,12 +83,26 @@ type Authenticator interface {
// Login authenticates credentials and returns a token
Login(ctx context.Context, req LoginRequest) (*LoginResponse, error)
// LoginWithCookie authenticates credentials and, when cookie sessions are enabled,
// writes the session cookie to w. Implementations that do not support cookies
// should delegate to Login and ignore w.
LoginWithCookie(ctx context.Context, req LoginRequest, w http.ResponseWriter) (*LoginResponse, error)
// Logout invalidates a user's session/token
Logout(ctx context.Context, req LogoutRequest) error
// LogoutWithCookie invalidates a user's session/token and, when cookie sessions are
// enabled, clears the session cookie on w. Implementations that do not support cookies
// should delegate to Logout and ignore w.
LogoutWithCookie(ctx context.Context, req LogoutRequest, w http.ResponseWriter) error
// Authenticate extracts and validates user from HTTP request
// Returns UserContext or error if authentication fails
Authenticate(r *http.Request) (*UserContext, error)
// SetAuthenticateCallback registers a fallback called when primary authentication fails.
// If the callback returns a non-nil UserContext, that result is used instead of the error.
SetAuthenticateCallback(fn func(r *http.Request) (*UserContext, error))
}
// Registrable allows providers to support user registration

26
pkg/security/keystore_authenticator.go
View File

@@ -17,8 +17,9 @@ import (
// 2. Authorization: ApiKey <key>
// 3. X-API-Key header
type KeyStoreAuthenticator struct {
keyStore KeyStore
keyType KeyType // empty = accept any type
keyStore KeyStore
keyType KeyType // empty = accept any type
authenticateCallback func(r *http.Request) (*UserContext, error)
}
// NewKeyStoreAuthenticator creates a KeyStoreAuthenticator.
@@ -32,21 +33,42 @@ func (a *KeyStoreAuthenticator) Login(_ context.Context, _ LoginRequest) (*Login
return nil, fmt.Errorf("keystore authenticator does not support login")
}
// LoginWithCookie is not supported for keystore authentication.
func (a *KeyStoreAuthenticator) LoginWithCookie(_ context.Context, _ LoginRequest, _ http.ResponseWriter) (*LoginResponse, error) {
return nil, fmt.Errorf("keystore authenticator does not support login")
}
// Logout is not supported for keystore authentication.
func (a *KeyStoreAuthenticator) Logout(_ context.Context, _ LogoutRequest) error {
return nil
}
// LogoutWithCookie is not supported for keystore authentication.
func (a *KeyStoreAuthenticator) LogoutWithCookie(_ context.Context, _ LogoutRequest, _ http.ResponseWriter) error {
return nil
}
// SetAuthenticateCallback registers a fallback called when key authentication fails.
func (a *KeyStoreAuthenticator) SetAuthenticateCallback(fn func(r *http.Request) (*UserContext, error)) {
a.authenticateCallback = fn
}
// Authenticate extracts an API key from the request and validates it against the KeyStore.
// Returns a UserContext built from the matching UserKey on success.
func (a *KeyStoreAuthenticator) Authenticate(r *http.Request) (*UserContext, error) {
rawKey := extractAPIKey(r)
if rawKey == "" {
if a.authenticateCallback != nil {
return a.authenticateCallback(r)
}
return nil, fmt.Errorf("API key required (Authorization: Bearer/ApiKey <key> or X-API-Key header)")
}
userKey, err := a.keyStore.ValidateKey(r.Context(), rawKey, a.keyType)
if err != nil {
if a.authenticateCallback != nil {
return a.authenticateCallback(r)
}
return nil, fmt.Errorf("invalid API key: %w", err)
}

10
pkg/security/provider_test.go
View File

@@ -22,14 +22,24 @@ func (m *mockSecurityProvider) Login(ctx context.Context, req LoginRequest) (*Lo
return m.loginResponse, m.loginError
}
func (m *mockSecurityProvider) LoginWithCookie(ctx context.Context, req LoginRequest, _ http.ResponseWriter) (*LoginResponse, error) {
return m.Login(ctx, req)
}
func (m *mockSecurityProvider) Logout(ctx context.Context, req LogoutRequest) error {
return m.logoutError
}
func (m *mockSecurityProvider) LogoutWithCookie(ctx context.Context, req LogoutRequest, _ http.ResponseWriter) error {
return m.Logout(ctx, req)
}
func (m *mockSecurityProvider) Authenticate(r *http.Request) (*UserContext, error) {
return m.authUser, m.authError
}
func (m *mockSecurityProvider) SetAuthenticateCallback(_ func(r *http.Request) (*UserContext, error)) {}
func (m *mockSecurityProvider) GetColumnSecurity(ctx context.Context, userID int, schema, table string) ([]ColumnSecurity, error) {
return m.columnSecurity, nil
}

98
pkg/security/providers.go
View File

@@ -30,10 +30,18 @@ func (a *HeaderAuthenticator) Login(ctx context.Context, req LoginRequest) (*Log
return nil, fmt.Errorf("header authentication does not support login")
}
func (a *HeaderAuthenticator) LoginWithCookie(ctx context.Context, req LoginRequest, w http.ResponseWriter) (*LoginResponse, error) {
return a.Login(ctx, req)
}
func (a *HeaderAuthenticator) Logout(ctx context.Context, req LogoutRequest) error {
return nil
}
func (a *HeaderAuthenticator) LogoutWithCookie(ctx context.Context, req LogoutRequest, w http.ResponseWriter) error {
return a.Logout(ctx, req)
}
func (a *HeaderAuthenticator) Authenticate(r *http.Request) (*UserContext, error) {
userIDStr := r.Header.Get("X-User-ID")
if userIDStr == "" {
@@ -70,12 +78,19 @@ type DatabaseAuthenticator struct {
cacheTTL time.Duration
sqlNames *SQLNames
// Cookie session support (optional, gated by enableCookieSession)
enableCookieSession bool
cookieOptions SessionCookieOptions
// OAuth2 providers registry (multiple providers supported)
oauth2Providers map[string]*OAuth2Provider
oauth2ProvidersMutex sync.RWMutex
// Passkey provider (optional)
passkeyProvider PasskeyProvider
// Optional fallback called when primary authentication fails
authenticateCallback func(r *http.Request) (*UserContext, error)
}
// DatabaseAuthenticatorOptions configures the database authenticator
@@ -93,6 +108,18 @@ type DatabaseAuthenticatorOptions struct {
// DBFactory is called to obtain a fresh *sql.DB when the existing connection is closed.
// If nil, reconnection is disabled.
DBFactory func() (*sql.DB, error)
// EnableCookieSession enables cookie-based session management.
// When true, Authenticate reads the session token from the cookie named by
// CookieOptions.Name (default "session_token") in addition to the Authorization header,
// and LoginWithCookie / LogoutWithCookie automatically set / clear the cookie.
EnableCookieSession bool
// CookieOptions configures the session cookie written by LoginWithCookie.
// Only used when EnableCookieSession is true.
CookieOptions SessionCookieOptions
// AuthenticateCallback is a fallback called when the primary authentication (database
// session lookup) fails. If non-nil and the callback returns a non-nil UserContext,
// that result is used in place of the failure.
AuthenticateCallback func(r *http.Request) (*UserContext, error)
}
func NewDatabaseAuthenticator(db *sql.DB) *DatabaseAuthenticator {
@@ -114,12 +141,15 @@ func NewDatabaseAuthenticatorWithOptions(db *sql.DB, opts DatabaseAuthenticatorO
sqlNames := MergeSQLNames(DefaultSQLNames(), opts.SQLNames)
return &DatabaseAuthenticator{
db: db,
dbFactory: opts.DBFactory,
cache: cacheInstance,
cacheTTL: opts.CacheTTL,
sqlNames: sqlNames,
passkeyProvider: opts.PasskeyProvider,
db: db,
dbFactory: opts.DBFactory,
cache: cacheInstance,
cacheTTL: opts.CacheTTL,
sqlNames: sqlNames,
passkeyProvider: opts.PasskeyProvider,
enableCookieSession: opts.EnableCookieSession,
cookieOptions: opts.CookieOptions,
authenticateCallback: opts.AuthenticateCallback,
}
}
@@ -159,6 +189,10 @@ func (a *DatabaseAuthenticator) runDBOpWithReconnect(run func(*sql.DB) error) er
return err
}
func (a *DatabaseAuthenticator) SetAuthenticateCallback(fn func(r *http.Request) (*UserContext, error)) {
a.authenticateCallback = fn
}
func (a *DatabaseAuthenticator) Login(ctx context.Context, req LoginRequest) (*LoginResponse, error) {
// Convert LoginRequest to JSON
reqJSON, err := json.Marshal(req)
@@ -265,6 +299,33 @@ func (a *DatabaseAuthenticator) Logout(ctx context.Context, req LogoutRequest) e
return nil
}
// LoginWithCookie performs a login and, when EnableCookieSession is true, writes the
// session cookie to w using the configured CookieOptions. The LoginResponse is returned
// regardless of whether cookie sessions are enabled.
func (a *DatabaseAuthenticator) LoginWithCookie(ctx context.Context, req LoginRequest, w http.ResponseWriter) (*LoginResponse, error) {
resp, err := a.Login(ctx, req)
if err != nil {
return nil, err
}
if a.enableCookieSession {
SetSessionCookie(w, resp, a.cookieOptions)
}
return resp, nil
}
// LogoutWithCookie performs a logout and, when EnableCookieSession is true, clears the
// session cookie on w. The logout itself is performed regardless of the cookie flag.
func (a *DatabaseAuthenticator) LogoutWithCookie(ctx context.Context, req LogoutRequest, w http.ResponseWriter) error {
err := a.Logout(ctx, req)
if err != nil {
return err
}
if a.enableCookieSession {
ClearSessionCookie(w, a.cookieOptions)
}
return nil
}
func (a *DatabaseAuthenticator) Authenticate(r *http.Request) (*UserContext, error) {
// Extract session token from header or cookie
sessionToken := r.Header.Get("Authorization")
@@ -272,10 +333,11 @@ func (a *DatabaseAuthenticator) Authenticate(r *http.Request) (*UserContext, err
var tokens []string
if sessionToken == "" {
// Try cookie
if token := GetSessionCookie(r); token != "" {
tokens = []string{token}
reference = "cookie"
if a.enableCookieSession {
if token := GetSessionCookie(r, a.cookieOptions); token != "" {
tokens = []string{token}
reference = "cookie"
}
}
} else {
// Parse Authorization header which may contain multiple comma-separated tokens
@@ -295,6 +357,9 @@ func (a *DatabaseAuthenticator) Authenticate(r *http.Request) (*UserContext, err
}
if len(tokens) == 0 {
if a.authenticateCallback != nil {
return a.authenticateCallback(r)
}
return nil, fmt.Errorf("session token required")
}
@@ -357,7 +422,10 @@ func (a *DatabaseAuthenticator) Authenticate(r *http.Request) (*UserContext, err
return &userCtx, nil
}
// All tokens failed
// All tokens failed — try callback before returning error
if a.authenticateCallback != nil {
return a.authenticateCallback(r)
}
if lastErr != nil {
return nil, lastErr
}
@@ -583,6 +651,14 @@ func (a *JWTAuthenticator) Logout(ctx context.Context, req LogoutRequest) error
return nil
}
func (a *JWTAuthenticator) LoginWithCookie(ctx context.Context, req LoginRequest, w http.ResponseWriter) (*LoginResponse, error) {
return a.Login(ctx, req)
}
func (a *JWTAuthenticator) LogoutWithCookie(ctx context.Context, req LogoutRequest, w http.ResponseWriter) error {
return a.Logout(ctx, req)
}
func (a *JWTAuthenticator) Authenticate(r *http.Request) (*UserContext, error) {
authHeader := r.Header.Get("Authorization")
if authHeader == "" {

6
pkg/security/providers_test.go
View File

@@ -511,6 +511,10 @@ func TestDatabaseAuthenticator(t *testing.T) {
})
t.Run("authenticate with cookie", func(t *testing.T) {
cookieAuth := NewDatabaseAuthenticatorWithOptions(db, DatabaseAuthenticatorOptions{
EnableCookieSession: true,
})
req := httptest.NewRequest("GET", "/test", nil)
req.AddCookie(&http.Cookie{
Name: "session_token",
@@ -524,7 +528,7 @@ func TestDatabaseAuthenticator(t *testing.T) {
WithArgs("cookie-token-456", "cookie").
WillReturnRows(rows)
userCtx, err := auth.Authenticate(req)
userCtx, err := cookieAuth.Authenticate(req)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}

10
pkg/security/totp_integration_test.go
View File

@@ -43,14 +43,24 @@ func (m *MockAuthenticator) Login(ctx context.Context, req security.LoginRequest
}, nil
}
func (m *MockAuthenticator) LoginWithCookie(ctx context.Context, req security.LoginRequest, _ http.ResponseWriter) (*security.LoginResponse, error) {
return m.Login(ctx, req)
}
func (m *MockAuthenticator) Logout(ctx context.Context, req security.LogoutRequest) error {
return nil
}
func (m *MockAuthenticator) LogoutWithCookie(ctx context.Context, req security.LogoutRequest, _ http.ResponseWriter) error {
return m.Logout(ctx, req)
}
func (m *MockAuthenticator) Authenticate(r *http.Request) (*security.UserContext, error) {
return m.users["testuser"], nil
}
func (m *MockAuthenticator) SetAuthenticateCallback(_ func(r *http.Request) (*security.UserContext, error)) {}
func TestTwoFactorAuthenticator_Setup(t *testing.T) {
baseAuth := NewMockAuthenticator()
provider := security.NewMemoryTwoFactorProvider(nil)

12
pkg/server/staticweb/mount.go
View File

@@ -75,11 +75,21 @@ func (m *mountPoint) ServeHTTP(w http.ResponseWriter, r *http.Request) {
fallbackPath := m.fallbackStrategy.GetFallbackPath(filePath)
file, err = m.provider.Open(strings.TrimPrefix(fallbackPath, "/"))
if err == nil {
// Successfully opened fallback file
defer file.Close()
m.serveFile(w, r, fallbackPath, file)
return
}
// For extensionless paths, also try path/index.html
if path.Ext(filePath) == "" {
indexFallback := path.Join(filePath, "index.html")
file, err = m.provider.Open(strings.TrimPrefix(indexFallback, "/"))
if err == nil {
defer file.Close()
m.serveFile(w, r, indexFallback, file)
return
}
}
}
// No fallback or fallback failed - return 404

10
pkg/server/staticweb/policies/fallback.go
View File

@@ -49,9 +49,15 @@ func (f *HTMLFallbackStrategy) GetFallbackPath(filePath string) string {
return f.indexFile
}
// isStaticAsset checks if the path looks like a static asset (has a file extension).
// isStaticAsset checks if the path looks like a static asset (has a non-HTML file extension).
// Paths with no extension are not considered static assets so fallback logic can resolve
// them to path.html or path/index.html.
func (f *HTMLFallbackStrategy) isStaticAsset(filePath string) bool {
return path.Ext(filePath) != ""
ext := strings.ToLower(path.Ext(filePath))
if ext == "" || ext == ".html" || ext == ".htm" {
return false
}
return true
}
// ExtensionBasedFallback implements a fallback strategy that skips fallback for known static file extensions.

21
pkg/websocketspec/handler.go
View File

@@ -3,6 +3,7 @@ package websocketspec
import (
"context"
"encoding/json"
"errors"
"fmt"
"net/http"
"reflect"
@@ -17,6 +18,17 @@ import (
"github.com/bitechdev/ResolveSpec/pkg/reflection"
)
// newErrorResponseFromErr creates an error response from a Go error, including the SQL
// query in the error info when the error is a database SQLError.
func newErrorResponseFromErr(id, code string, err error) *ResponseMessage {
resp := NewErrorResponse(id, code, err.Error())
var sqlErr *common.SQLError
if errors.As(err, &sqlErr) {
resp.Error.SQL = sqlErr.SQL
}
return resp
}
// Handler handles WebSocket connections and messages
type Handler struct {
db common.Database
@@ -174,6 +186,7 @@ func (h *Handler) handleRequest(conn *Connection, msg *Message) {
Options: msg.Options,
ID: recordID,
Data: msg.Data,
Tx: h.db,
Metadata: make(map[string]interface{}),
}
@@ -235,7 +248,7 @@ func (h *Handler) handleRead(conn *Connection, msg *Message, hookCtx *HookContex
if err != nil {
logger.Error("[WebSocketSpec] Read operation failed: %v", err)
errResp := NewErrorResponse(msg.ID, "read_error", err.Error())
errResp := newErrorResponseFromErr(msg.ID, "read_error", err)
_ = conn.SendJSON(errResp)
return
}
@@ -271,7 +284,7 @@ func (h *Handler) handleCreate(conn *Connection, msg *Message, hookCtx *HookCont
data, err := h.create(hookCtx)
if err != nil {
logger.Error("[WebSocketSpec] Create operation failed: %v", err)
errResp := NewErrorResponse(msg.ID, "create_error", err.Error())
errResp := newErrorResponseFromErr(msg.ID, "create_error", err)
_ = conn.SendJSON(errResp)
return
}
@@ -309,7 +322,7 @@ func (h *Handler) handleUpdate(conn *Connection, msg *Message, hookCtx *HookCont
data, err := h.update(hookCtx)
if err != nil {
logger.Error("[WebSocketSpec] Update operation failed: %v", err)
errResp := NewErrorResponse(msg.ID, "update_error", err.Error())
errResp := newErrorResponseFromErr(msg.ID, "update_error", err)
_ = conn.SendJSON(errResp)
return
}
@@ -347,7 +360,7 @@ func (h *Handler) handleDelete(conn *Connection, msg *Message, hookCtx *HookCont
err := h.delete(hookCtx)
if err != nil {
logger.Error("[WebSocketSpec] Delete operation failed: %v", err)
errResp := NewErrorResponse(msg.ID, "delete_error", err.Error())
errResp := newErrorResponseFromErr(msg.ID, "delete_error", err)
_ = conn.SendJSON(errResp)
return
}

5
pkg/websocketspec/handler_test.go
View File

@@ -239,6 +239,11 @@ func (m *MockInsertQuery) Exec(ctx context.Context) (common.Result, error) {
return args.Get(0).(common.Result), args.Error(1)
}
func (m *MockInsertQuery) Scan(ctx context.Context, dest interface{}) error {
args := m.Called(ctx, dest)
return args.Error(0)
}
// MockUpdateQuery is a mock implementation of common.UpdateQuery
type MockUpdateQuery struct {
mock.Mock

3
pkg/websocketspec/hooks.go
View File

@@ -111,6 +111,9 @@ type HookContext struct {
AbortMessage string // Message to return if aborted
AbortCode int // HTTP status code if aborted
// Tx provides access to the database/transaction for executing additional SQL
Tx common.Database
// Metadata is additional context data
Metadata map[string]interface{}
}

3
pkg/websocketspec/message.go
View File

@@ -99,6 +99,9 @@ type ErrorInfo struct {
// Details contains additional error context
Details map[string]interface{} `json:"details,omitempty"`
// SQL is the query that caused the error, populated for database errors
SQL string `json:"sql,omitempty"`
}
// RequestMessage represents a client request