add drizzle-seed

Author: rphlmr

apps/drizzle-run/.eslintrc.cjs

@@ -5,5 +5,9 @@ module.exports = {
   parserOptions: {
     project: true,
   },
-  ignorePatterns: ["app/registry/*/presets", "**/*/_blank"],
+  ignorePatterns: [
+    "app/registry/dialects/*/presets",
+    "app/registry/dialects/*/core",
+    "**/*/_blank",
+  ],
 };

apps/drizzle-run/app/modules/playground/machine.client.ts

@@ -688,6 +688,7 @@ async function fetchNodeModules(
 
   const imports = new Map<string, Promise<Record<string, unknown>>>([
     ["drizzle-orm", import("drizzle-orm")],
+    ["drizzle-seed", import("drizzle-seed")],
     ["@drizzle-lab/api/pg", import("@drizzle-lab/api/pg")],
     ["@drizzle-lab/api/sqlite", import("@drizzle-lab/api/sqlite")],
   ]);

apps/drizzle-run/app/registry/build.ts

@@ -17,6 +17,7 @@ const typesToBundle = [
   "valibot",
   "@electric-sql/pglite",
   "@libsql",
+  "drizzle-seed",
 ] as const;
 
 console.log("Building registry");

apps/drizzle-run/app/registry/dialects/postgresql/core/seed.ts

@@ -4,5 +4,10 @@
  * 💡Tip: you can use the `$` global variable to access goodies
  */
 
+import { seed } from "drizzle-seed";
+
 import { db } from "./db";
-import {} from "./schema";
+import * as schema from "./schema";
+
+// doc: https://orm.drizzle.team/docs/seed-overview
+await seed(db, schema);

apps/drizzle-run/app/registry/dialects/postgresql/presets/rls/index.ts

@@ -3,15 +3,54 @@
  * 💡Tip: you can use the `$` global variable to access goodies
  */
 
-import { db } from "./db";
-import {} from "./schema";
+import { eq } from "drizzle-orm";
+import { drizzle } from "drizzle-orm/pglite";
 
-// 💡 This playground run a seed code in the Seed tab
+import { db as admin } from "./db";
+import * as schema from "./schema";
+import { createDrizzle } from "./utils";
 
-const result = await db.query.users.findMany({
-  with: {
-    posts: true,
+const userId1 = $.random.uuid();
+const userId2 = $.random.uuid();
+
+const client = drizzle({
+  client: admin.$client,
+  schema,
+  casing: "snake_case",
+});
+
+const db = createDrizzle({ role: "authenticated", sub: userId1 }, { admin, client });
+
+await db.admin.insert(schema.authUsers).values([
+  {
+    id: userId1,
+  },
+  {
+    id: userId2,
   },
+]);
+
+await db.admin.insert(schema.profiles).values({
+  id: userId1,
+  email: "[email protected]",
 });
 
-console.log(result);
+console.log(
+  "insert allowed",
+  await db.rls(async (tx) => tx.insert(schema.rooms).values({ topic: "user room" }).returning()),
+);
+
+console.log(
+  "user can not edit other profile. Before",
+  await db.admin.query.profiles.findMany(),
+  await db.rls(async (tx) => {
+    await tx.update(schema.profiles).set({ email: "nope" }).where(eq(schema.profiles.id, userId2));
+  }),
+  "after",
+  await db.admin.query.profiles.findMany(),
+);
+
+const dbAnonymous = createDrizzle({ role: "anon" }, { admin, client });
+
+console.log("anonymous can not read");
+console.log(await dbAnonymous.rls(async (tx) => tx.select().from(schema.rooms)));

apps/drizzle-run/app/registry/dialects/postgresql/presets/rls/manifest.json

@@ -1,5 +1,5 @@
 {
   "$schema": "../../../manifest.schema.json",
-  "name": "Starter 01",
-  "description": "A starter demo"
+  "name": "(Experimental) Row Level Security (RLS)",
+  "description": "A demo of RLS with a Supabase emulator"
 }

apps/drizzle-run/app/registry/dialects/postgresql/presets/rls/schema.ts

@@ -1,31 +1,123 @@
-/**
- * This is the schema for the database.
- * 💡Tip: you can use the `$` global variable to access goodies
- * Do not forget to `export` your tables 😅
- */
+import { sql, eq, getTableColumns } from "drizzle-orm";
+import {
+  bigint,
+  foreignKey,
+  pgTable,
+  text,
+  timestamp,
+  unique,
+  uuid,
+  pgPolicy,
+  pgView,
+  pgSchema,
+  pgRole,
+} from "drizzle-orm/pg-core";
 
-import { relations } from "drizzle-orm";
-import { integer, text, pgTable, timestamp } from "drizzle-orm/pg-core";
+/* ------------------------------ Supabase emulation ------------------------------ */
 
-export const users = pgTable("users", {
-  id: integer("id").primaryKey().generatedByDefaultAsIdentity(),
-  name: text("name").notNull(),
-  createdAt: timestamp("created_at", { precision: 3 }).notNull().defaultNow(),
+export const anonRole = pgRole("anon");
+export const authenticatedRole = pgRole("authenticated");
+export const serviceRole = pgRole("service_role");
+export const supabaseAuthAdminRole = pgRole("supabase_auth_admin");
+export const auth = pgSchema("auth");
+export const authUsers = auth.table("users", {
+  id: uuid().primaryKey().notNull(),
 });
+const authUid = sql`(select auth.uid())`;
 
-export const usersRelations = relations(users, ({ many }) => ({
-  posts: many(posts),
-}));
+/* ------------------------------ public schema; ------------------------------ */
 
-export const posts = pgTable("posts", {
-  id: integer("id").primaryKey().generatedByDefaultAsIdentity(),
-  content: text("content").notNull(),
-  authorId: integer("author_id")
-    .notNull()
-    .references(() => users.id),
-  createdAt: timestamp("created_at", { precision: 3 }).notNull().defaultNow(),
-});
+export const rooms = pgTable(
+  "rooms",
+  {
+    id: bigint({ mode: "number" }).primaryKey().generatedByDefaultAsIdentity(),
+    topic: text().notNull(),
+  },
+  (table) => [
+    unique("rooms_topic_key").on(table.topic),
+    pgPolicy("authenticated can read rooms", {
+      for: "select",
+      to: authenticatedRole,
+      using: sql`true`,
+    }),
+    pgPolicy("authenticated can add rooms", {
+      for: "insert",
+      to: authenticatedRole,
+      withCheck: sql`true`,
+    }),
+  ],
+);
+
+export const profiles = pgTable(
+  "profiles",
+  {
+    id: uuid()
+      .primaryKey()
+      .notNull()
+      .references(() => authUsers.id, { onDelete: "cascade" }),
+    email: text().notNull(),
+  },
+  (table) => [
+    pgPolicy("authenticated can view all profiles", {
+      for: "select",
+      to: authenticatedRole,
+      using: sql`true`,
+    }),
+    pgPolicy("owner can update profile", {
+      for: "update",
+      to: authenticatedRole,
+      using: eq(table.id, authUid),
+      withCheck: eq(table.id, authUid),
+    }),
+  ],
+);
+
+export const roomsUsers = pgTable(
+  "rooms_users",
+  {
+    userId: uuid().notNull(),
+    roomTopic: text().notNull(),
+    joinedAt: timestamp({
+      mode: "string",
+      precision: 3,
+    })
+      .notNull()
+      .defaultNow(),
+  },
+  (table) => [
+    foreignKey({
+      columns: [table.userId],
+      foreignColumns: [authUsers.id],
+      name: "rooms_users_user_id_fk",
+    }),
+    foreignKey({
+      columns: [table.roomTopic],
+      foreignColumns: [rooms.topic],
+      name: "rooms_users_room_topic_fk",
+    }),
+    pgPolicy("authenticated can read rooms_users", {
+      for: "select",
+      to: authenticatedRole,
+      using: sql`true`,
+    }),
+    pgPolicy("authenticated can add rooms_users", {
+      for: "insert",
+      to: authenticatedRole,
+      withCheck: sql`true`,
+    }),
+  ],
+);
 
-export const postsRelations = relations(posts, ({ one }) => ({
-  author: one(users, { fields: [posts.authorId], references: [users.id] }),
-}));
+export const roomsUsersProfiles = pgView("rooms_users_profiles")
+  .with({
+    securityInvoker: true,
+  })
+  .as((qb) =>
+    qb
+      .select({
+        ...getTableColumns(roomsUsers),
+        email: profiles.email,
+      })
+      .from(roomsUsers)
+      .innerJoin(profiles, eq(roomsUsers.userId, profiles.id)),
+  );

apps/drizzle-run/app/registry/dialects/postgresql/presets/rls/seed.ts

@@ -4,21 +4,16 @@
  * 💡Tip: you can use the `$` global variable to access goodies
  */
 
-import { db } from "./db";
-import { posts, users } from "./schema";
-
-/* ------------------------------- Create user ------------------------------ */
+import { sql } from "drizzle-orm";
 
-const [{ userId }] = await db
-  .insert(users)
-  .values({
-    name: $.random.fullName(),
-  })
-  .returning({ userId: users.id });
+import { db } from "./db";
 
-/* ------------------------------- Create post ------------------------------ */
+await db.execute(sql`
+create or replace function auth.uid() returns uuid as $$
+  select nullif(current_setting('request.jwt.claim.sub', true), '')::uuid;
+$$ language sql stable;
+`);
 
-await db.insert(posts).values({
-  authorId: userId,
-  content: $.random.lorem(),
-});
+await db.execute(sql`
+GRANT postgres TO authenticated;
+`);

apps/drizzle-run/app/registry/dialects/postgresql/presets/starter-01/utils.ts apps/drizzle-run/app/registry/dialects/postgresql/presets/rls/utils.ts

@@ -3,54 +3,15 @@
  * 💡Tip: you can use the `$` global variable to access goodies
  */
 
-import { eq } from "drizzle-orm";
-import { drizzle } from "drizzle-orm/pglite";
+import { db } from "./db";
+import {} from "./schema";
 
-import { db as admin } from "./db";
-import * as schema from "./schema";
-import { createDrizzle } from "./utils";
+// 💡 This playground run a seed code in the Seed tab
 
-const userId1 = $.random.uuid();
-const userId2 = $.random.uuid();
-
-const client = drizzle({
-  client: admin.$client,
-  schema,
-  casing: "snake_case",
-});
-
-const db = createDrizzle({ role: "authenticated", sub: userId1 }, { admin, client });
-
-await db.admin.insert(schema.authUsers).values([
-  {
-    id: userId1,
-  },
-  {
-    id: userId2,
+const result = await db.query.users.findMany({
+  with: {
+    posts: true,
   },
-]);
-
-await db.admin.insert(schema.profiles).values({
-  id: userId1,
-  email: "[email protected]",
 });
 
-console.log(
-  "insert allowed",
-  await db.rls(async (tx) => tx.insert(schema.rooms).values({ topic: "user room" }).returning()),
-);
-
-console.log(
-  "user can not edit other profile. Before",
-  await db.admin.query.profiles.findMany(),
-  await db.rls(async (tx) => {
-    await tx.update(schema.profiles).set({ email: "nope" }).where(eq(schema.profiles.id, userId2));
-  }),
-  "after",
-  await db.admin.query.profiles.findMany(),
-);
-
-const dbAnonymous = createDrizzle({ role: "anon" }, { admin, client });
-
-console.log("anonymous can not read");
-console.log(await dbAnonymous.rls(async (tx) => tx.select().from(schema.rooms)));
+console.log(result);

apps/drizzle-run/app/registry/dialects/postgresql/presets/starter-01/index.ts

@@ -1,5 +1,5 @@
 {
   "$schema": "../../../manifest.schema.json",
-  "name": "(Experimental) Row Level Security (RLS)",
-  "description": "A demo of RLS with a Supabase emulator"
+  "name": "Simple example",
+  "description": "A simple example to start with"
 }