@casl/prisma - npm Package Compare versions

Comparing version 1.0.3 to 2.0.0-alpha.1

dist/types/accessibleBy.d.ts

@@ -1,8 +0,7 @@
-import { Prisma } from '@prisma/client';
 import { PrismaAbility } from './PrismaAbility';
-import { WhereInput } from './prisma/PrismaQuery';
+import { WhereInput, ModelName } from '.prisma/casl-adapter';
 declare type AccessibleQuery = {
-    [K in Prisma.ModelName]: WhereInput<K>;
+    [K in ModelName]: WhereInput<K>;
 };
 export declare function accessibleBy(ability: PrismaAbility<any, any>, action?: string): AccessibleQuery;
 export {};

dist/types/prisma/PrismaQuery.d.ts

@@ -1,14 +0,8 @@
-import type { PrismaClient, Prisma } from '@prisma/client';
 import { ForcedSubject, hkt } from '@casl/ability';
-declare type ModelDelegates = {
-    [K in Prisma.ModelName]: Uncapitalize<K> extends keyof PrismaClient ? PrismaClient[Uncapitalize<K>] : never;
-};
-export declare type WhereInput<TModelName extends Prisma.ModelName> = Extract<Extract<Parameters<ModelDelegates[TModelName]['findFirst']>[0], {
-    where?: any;
-}>['where'], Record<any, any>>;
+import type { WhereInput, ModelName } from '.prisma/casl-adapter';
 declare type ExtractModelName<T> = T extends {
-    kind: Prisma.ModelName;
-} ? T['kind'] : T extends ForcedSubject<Prisma.ModelName> ? T['__caslSubjectType__'] : T extends {
-    __typename: Prisma.ModelName;
-} ? T['__typename'] : Prisma.ModelName;
+    kind: ModelName;
+} ? T['kind'] : T extends ForcedSubject<ModelName> ? T['__caslSubjectType__'] : T extends {
+    __typename: ModelName;
+} ? T['__typename'] : ModelName;
 interface PrismaQueryTypeFactory extends hkt.GenericFactory {
@@ -18,6 +12,6 @@ produce: WhereInput<ExtractModelName<this[0]>>;
 export declare type Model<T, TName extends string> = T & ForcedSubject<TName>;
-export declare type Subjects<T extends Partial<Record<Prisma.ModelName, Record<string, unknown>>>> = keyof T | {
+export declare type Subjects<T extends Partial<Record<ModelName, Record<string, unknown>>>> = keyof T | {
     [K in keyof T]: Model<T[K], K & string>;
 }[keyof T];
-declare type PrismaModel = Model<Record<string, any>, Prisma.ModelName>;
+declare type PrismaModel = Model<Record<string, any>, ModelName>;
 export declare type PrismaQuery<T extends PrismaModel = PrismaModel> = WhereInput<ExtractModelName<T>> & hkt.Container<PrismaQueryTypeFactory>;
@@ -24,0 +18,0 @@ export declare const prismaQuery: (query: {

dist/types/PrismaAbility.d.ts

@@ -1,8 +0,8 @@
-import { Prisma } from '@prisma/client';
 import { AbilityOptions, AbilityTuple, PureAbility, RawRuleFrom } from '@casl/ability';
+import { ModelName } from '.prisma/casl-adapter';
 import { PrismaQuery } from './prisma/PrismaQuery';
 declare type ExtendedAbilityTuple<T extends AbilityTuple> = [T[0], 'all' | T[1]];
-export declare class PrismaAbility<A extends AbilityTuple = [string, Prisma.ModelName], C extends PrismaQuery = PrismaQuery> extends PureAbility<ExtendedAbilityTuple<A>, C> {
+export declare class PrismaAbility<A extends AbilityTuple = [string, ModelName], C extends PrismaQuery = PrismaQuery> extends PureAbility<ExtendedAbilityTuple<A>, C> {
     constructor(rules?: RawRuleFrom<ExtendedAbilityTuple<A>, C>[], options?: AbilityOptions<ExtendedAbilityTuple<A>, C>);
 }
 export {};

package.json

 {
   "name": "@casl/prisma",
-  "version": "1.0.3",
+  "version": "2.0.0-alpha.1",
   "description": "Allows to query accessible records using Prisma client based on CASL rules",
@@ -12,2 +12,5 @@ "main": "dist/es6c/index.js",
       "require": "./dist/es6c/index.js"
+    },
+    "./generator": {
+      "require": "./generator.js"
     }
@@ -25,5 +28,7 @@ },
   "scripts": {
-    "prebuild": "rm -rf dist/* && npm run build.types",
+    "prebuild": "rm -rf dist/* && npm run build.types && npm run build.generator",
     "build": "BUILD_TYPES=es6m,es6c dx rollup -e @casl/ability/extra,@casl/ability,@prisma/client,@ucast/core,@ucast/js",
     "build.types": "dx tsc",
+    "build.generator": "BUILD_TYPES=es6c dx rollup -i src/prismaGenerator.ts -e ../package.json,@prisma/generator-helper,path,fs/promises",
+    "postbuild.generator": "mv dist/es6c/prismaGenerator.* dist",
     "lint": "dx eslint src/ spec/",
@@ -33,3 +38,3 @@ "test": "dx jest",
     "release": "dx semantic-release",
-    "prepare": "prisma generate"
+    "prepare": "npm run build.generator && prisma generate"
   },
@@ -59,5 +64,6 @@ "keywords": [
     "*.d.ts",
-    "index.js"
+    "generator.js"
   ],
   "dependencies": {
+    "@prisma/generator-helper": "^4.1.0",
     "@ucast/core": "^1.10.0",
@@ -64,0 +70,0 @@ "@ucast/js": "^3.0.1"

README.md

@@ -24,4 +24,27 @@ # CASL Prisma
 
-This package is a bit different from all others because it provides a custom `PrismaAbility` class that is configured to check permissions using Prisma [WhereInput](https://www.prisma.io/docs/reference/api-reference/prisma-client-reference#where):
+First of all, you need to add custom casl generator to your Prisma schema. The main purpose of this generator is to expose Prisma types to CASL and allow to provide [custom path for prisma generated types](https://www.prisma.io/docs/concepts/components/prisma-client/working-with-prismaclient/generating-prisma-client#using-a-custom-output-path):
 
+```prisma
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+}
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+generator caslAdapter {
+  provider = "node @casl/prisma/generator.js" // <--- important to add this
+  clientLib = "@my-custom/prisma-client" // optional and by default equals to @prisma/client
+}
+
+model User {
+  id     Int     @id
+  name   String
+}
+```
+
+Now we are ready to code! This package is a bit different from all others because it provides a custom `PrismaAbility` class that is configured to check permissions using Prisma [WhereInput](https://www.prisma.io/docs/reference/api-reference/prisma-client-reference#where):
+
 ```ts
@@ -28,0 +51,0 @@ import { User, Post, Prisma } from '@prisma/client';

New alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

70609

increased by5.78%

Number of package files

17

increased by21.43%

Lines of code

140

increased by28.44%

Number of lines in readme file

169

increased by15.75%

Worsened metrics

Dependency count

5

increased by25%

Number of low quality alerts

2

increased by100%

Number of low supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Added@prisma/generator-helper@^4.1.0

• + Added@prisma/debug@4.16.2(transitive)

• + Added@prisma/generator-helper@4.16.2(transitive)

• + Added@types/cross-spawn@6.0.2(transitive)

• + Added@types/debug@4.1.8(transitive)

• + Added@types/ms@2.1.0(transitive)

• + Added@types/node@22.13.0(transitive)

• + Addedansi-regex@5.0.1(transitive)

• + Addedcross-spawn@7.0.3(transitive)

• + Addeddebug@4.3.4(transitive)

• + Addedisexe@2.0.0(transitive)

• + Addedkleur@4.1.5(transitive)

• + Addedms@2.1.2(transitive)

• + Addedpath-key@3.1.1(transitive)

• + Addedshebang-command@2.0.0(transitive)

• + Addedshebang-regex@3.0.0(transitive)

• + Addedstrip-ansi@6.0.1(transitive)

• + Addedundici-types@6.20.0(transitive)

• + Addedwhich@2.0.2(transitive)