chore: reenable post-update test cases (#277)

Author: ymc9

TODO.md

@@ -101,6 +101,7 @@
     - [ ] Short-circuit pre-create check for scalar-field only policies
     - [x] Inject "on conflict do update"
     - [x] `check` function
+    - [ ] Custom functions
     - [ ] Accessing tables not in the schema
 - [x] Migration
 - [ ] Databases

packages/runtime/src/plugins/policy/expression-transformer.ts

@@ -523,7 +523,6 @@ export class ExpressionTransformer<Schema extends SchemaDef> {
                 });
 
                 if (currNode) {
-                    invariant(SelectQueryNode.is(currNode), 'expected select query node');
                     currNode = {
                         ...relation,
                         selections: [

packages/runtime/test/policy/migrated/multi-id-fields.test.ts

@@ -57,8 +57,7 @@ describe('Policy tests multiple id fields', () => {
         ).toResolveTruthy();
     });
 
-    // TODO: `future()` support
-    it.skip('multi-id fields id update', async () => {
+    it('multi-id fields id update', async () => {
         const db = await createPolicyTestClient(
             `
         model A {
@@ -70,7 +69,8 @@ describe('Policy tests multiple id fields', () => {
 
             @@allow('read', true)
             @@allow('create', value > 0)
-            @@allow('update', value > 0 && future().value > 1)
+            @@allow('update', value > 0)
+            @@allow('post-update', value > 1)
         }
 
         model B {
@@ -319,8 +319,7 @@ describe('Policy tests multiple id fields', () => {
         expect(await db.c.findUnique({ where: { id: 1 } })).toEqual(expect.objectContaining({ v: 6 }));
     });
 
-    // TODO: `future()` support
-    it.skip('multi-id fields nested id update', async () => {
+    it('multi-id fields nested id update', async () => {
         const db = await createPolicyTestClient(
             `
         model A {
@@ -333,7 +332,8 @@ describe('Policy tests multiple id fields', () => {
 
             @@allow('read', true)
             @@allow('create', value > 0)
-            @@allow('update', value > 0 && future().value > 1)
+            @@allow('update', value > 0)
+            @@allow('post-update', value > 1)
         }
 
         model B {
@@ -369,7 +369,7 @@ describe('Policy tests multiple id fields', () => {
                         upsert: {
                             where: { x_y: { x: '2', y: 2 } },
                             update: { x: '3', y: 3, value: 0 },
-                            create: { x: '4', y: '4', value: 4 },
+                            create: { x: '4', y: 4, value: 4 },
                         },
                     },
                 },
@@ -384,7 +384,7 @@ describe('Policy tests multiple id fields', () => {
                         upsert: {
                             where: { x_y: { x: '2', y: 2 } },
                             update: { x: '3', y: 3, value: 3 },
-                            create: { x: '4', y: '4', value: 4 },
+                            create: { x: '4', y: 4, value: 4 },
                         },
                     },
                 },

packages/runtime/test/policy/migrated/nested-to-one.test.ts

@@ -197,8 +197,7 @@ describe('With Policy:nested to-one', () => {
         ).toBeRejectedNotFound();
     });
 
-    // TODO: `future()` support
-    it.skip('nested update id tests', async () => {
+    it('nested update id tests', async () => {
         const db = await createPolicyTestClient(
             `
         model M1 {
@@ -216,7 +215,8 @@ describe('With Policy:nested to-one', () => {
         
             @@allow('read', true)
             @@allow('create', value > 0)
-            @@allow('update', value > 1 && future().value > 2)
+            @@allow('update', value > 1)
+            @@allow('post-update', value > 2)
         }
         `,
         );

packages/runtime/test/policy/migrated/petstore-sample.test.ts

@@ -2,8 +2,7 @@ import { describe, expect, it } from 'vitest';
 import { createPolicyTestClient } from '../utils';
 import { schema } from '../../schemas/petstore/schema';
 
-// TODO: `future()` support
-describe.skip('Pet Store Policy Tests', () => {
+describe('Pet Store Policy Tests', () => {
     it('crud', async () => {
         const petData = [
             {

packages/runtime/test/policy/migrated/todo-sample.test.ts

@@ -370,8 +370,7 @@ describe('Todo Policy Tests', () => {
         expect(r1.lists).toHaveLength(1);
     });
 
-    // TODO: `future()` support
-    it.skip('post-update checks', async () => {
+    it('post-update checks', async () => {
         await createSpaceAndUsers(db.$unuseAll());
 
         const user1Db = db.$setAuth({ id: user1.id });

packages/runtime/test/policy/migrated/toplevel-operations.test.ts

@@ -133,8 +133,7 @@ describe('Policy toplevel operations tests', () => {
         ).toBeTruthy();
     });
 
-    // TODO: `future()` support
-    it.skip('update id tests', async () => {
+    it('update id tests', async () => {
         const db = await createPolicyTestClient(
             `
         model Model {
@@ -143,7 +142,8 @@ describe('Policy toplevel operations tests', () => {
         
             @@allow('read', value > 1)
             @@allow('create', value > 0)
-            @@allow('update', value > 1 && future().value > 2)
+            @@allow('update', value > 1)
+            @@allow('post-update', value > 2)
         }
         `,
         );
@@ -164,7 +164,7 @@ describe('Policy toplevel operations tests', () => {
                     value: 1,
                 },
             }),
-        ).toBeRejectedNotFound();
+        ).toBeRejectedByPolicy();
 
         // update success
         await expect(

packages/runtime/test/policy/todo-sample.test.ts

@@ -383,8 +383,7 @@ describe('todo sample tests', () => {
         expect(r1?.lists).toHaveLength(1);
     });
 
-    // TODO: `future()` support
-    it.skip('works with post-update checks', async () => {
+    it('works with post-update checks', async () => {
         const anonDb = await createPolicyTestClient(schema);
         await createSpaceAndUsers(anonDb.$unuseAll());
 

packages/runtime/test/schemas/petstore/schema.ts

@@ -92,6 +92,7 @@ export const schema = {
             },
             attributes: [
                 { name: "@@allow", args: [{ name: "operation", value: ExpressionUtils.literal("read") }, { name: "condition", value: ExpressionUtils.binary(ExpressionUtils.binary(ExpressionUtils.field("orderId"), "==", ExpressionUtils._null()), "||", ExpressionUtils.binary(ExpressionUtils.member(ExpressionUtils.field("order"), ["user"]), "==", ExpressionUtils.call("auth"))) }] },
+                { name: "@@allow", args: [{ name: "operation", value: ExpressionUtils.literal("update") }, { name: "condition", value: ExpressionUtils.binary(ExpressionUtils.call("auth"), "!=", ExpressionUtils._null()) }] },
                 { name: "@@allow", args: [{ name: "operation", value: ExpressionUtils.literal("post-update") }, { name: "condition", value: ExpressionUtils.binary(ExpressionUtils.binary(ExpressionUtils.binary(ExpressionUtils.member(ExpressionUtils.call("before"), ["name"]), "==", ExpressionUtils.field("name")), "&&", ExpressionUtils.binary(ExpressionUtils.member(ExpressionUtils.call("before"), ["category"]), "==", ExpressionUtils.field("category"))), "&&", ExpressionUtils.binary(ExpressionUtils.member(ExpressionUtils.call("before"), ["orderId"]), "==", ExpressionUtils._null())) }] }
             ],
             idFields: ["id"],

packages/runtime/test/schemas/petstore/schema.zmodel

@@ -35,6 +35,8 @@ model Pet {
     // unsold pets are readable to all; sold ones are readable to buyers only
     @@allow('read', orderId == null || order.user == auth())
 
+    @@allow('update', auth() != null)
+
     // only allow update to 'orderId' field if it's not set yet (unsold)
     @@allow('post-update', before().name == name && before().category == category && before().orderId == null)
 }