fix: vscode language accidentally bundles prisma packages (zenstackhq…

…#625)

package.json

@@ -1,6 +1,6 @@
 {
     "name": "zenstack-monorepo",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "description": "",
     "scripts": {
         "build": "pnpm -r build",

packages/language/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@zenstackhq/language",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "displayName": "ZenStack modeling language compiler",
     "description": "ZenStack modeling language compiler",
     "homepage": "https://zenstack.dev",

packages/plugins/openapi/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@zenstackhq/openapi",
   "displayName": "ZenStack Plugin and Runtime for OpenAPI",
-  "version": "1.0.0-beta.16",
+  "version": "1.0.0-beta.17",
   "description": "ZenStack plugin and runtime supporting OpenAPI",
   "main": "index.js",
   "repository": {

packages/plugins/swr/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@zenstackhq/swr",
     "displayName": "ZenStack plugin for generating SWR hooks",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "description": "ZenStack plugin for generating SWR hooks",
     "main": "index.js",
     "repository": {

packages/plugins/tanstack-query/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@zenstackhq/tanstack-query",
     "displayName": "ZenStack plugin for generating tanstack-query hooks",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "description": "ZenStack plugin for generating tanstack-query hooks",
     "main": "index.js",
     "exports": {

packages/plugins/trpc/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@zenstackhq/trpc",
     "displayName": "ZenStack plugin for tRPC",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "description": "ZenStack plugin for tRPC",
     "main": "index.js",
     "repository": {

packages/runtime/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@zenstackhq/runtime",
     "displayName": "ZenStack Runtime Library",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "description": "Runtime of ZenStack for both client-side and server-side environments.",
     "repository": {
         "type": "git",

packages/runtime/src/enhancements/policy/policy-utils.ts

@@ -489,16 +489,21 @@ export class PolicyUtil {
                 }
                 // inject extra condition for to-many or nullable to-one relation
                 await this.injectAuthGuard(injectTarget[field], fieldInfo.type, 'read');
+
+                // recurse
+                const subHoisted = await this.injectNestedReadConditions(fieldInfo.type, injectTarget[field]);
+                if (subHoisted.length > 0) {
+                    // we can convert it to a where at this level
+                    injectTarget[field].where = this.and(injectTarget[field].where, ...subHoisted);
+                }
             } else {
                 // hoist non-nullable to-one filter to the parent level
                 hoisted = this.getAuthGuard(fieldInfo.type, 'read');
-            }
-
-            // recurse
-            const subHoisted = await this.injectNestedReadConditions(fieldInfo.type, injectTarget[field]);
-
-            if (subHoisted.length > 0) {
-                hoisted = this.and(hoisted, ...subHoisted);
+                // recurse
+                const subHoisted = await this.injectNestedReadConditions(fieldInfo.type, injectTarget[field]);
+                if (subHoisted.length > 0) {
+                    hoisted = this.and(hoisted, ...subHoisted);
+                }
             }
 
             if (hoisted && !this.isTrue(hoisted)) {

packages/schema/package.json

@@ -3,7 +3,7 @@
     "publisher": "zenstack",
     "displayName": "ZenStack Language Tools",
     "description": "A toolkit for building secure CRUD apps with Next.js + Typescript",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "author": {
         "name": "ZenStack Team"
     },

packages/sdk/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@zenstackhq/sdk",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "description": "ZenStack plugin development SDK",
     "main": "index.js",
     "scripts": {

packages/server/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@zenstackhq/server",
-    "version": "1.0.0-beta.16",
+    "version": "1.0.0-beta.17",
     "displayName": "ZenStack Server-side Adapters",
     "description": "ZenStack server-side adapters",
     "homepage": "https://zenstack.dev",

packages/testtools/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zenstackhq/testtools",
-  "version": "1.0.0-beta.16",
+  "version": "1.0.0-beta.17",
   "description": "ZenStack Test Tools",
   "main": "index.js",
   "publishConfig": {

tests/integration/tests/enhancements/with-policy/nested-to-many.test.ts

@@ -61,6 +61,88 @@ describe('With Policy:nested to-many', () => {
         expect(read.m2).toHaveLength(2);
     });
 
+    it('read condition hoisting', async () => {
+        const { withPolicy } = await loadSchema(
+            `
+        model M1 {
+            id String @id @default(uuid())
+            m2 M2[]
+        
+            @@allow('all', true)
+        }
+        
+        model M2 {
+            id String @id @default(uuid())
+            value Int
+
+            m1 M1 @relation(fields: [m1Id], references:[id])
+            m1Id String
+
+            m3 M3 @relation(fields: [m3Id], references:[id])
+            m3Id String @unique
+
+            m4 M4 @relation(fields: [m4Id], references:[id])
+            m4Id String
+        
+            @@allow('create', true)
+            @@allow('read', value > 0)
+        }
+
+        model M3 {
+            id String @id @default(uuid())
+            value Int
+            m2 M2?
+        
+            @@allow('create', true)
+            @@allow('read', value > 1)
+        }
+
+        model M4 {
+            id String @id @default(uuid())
+            value Int
+            m2 M2[]
+        
+            @@allow('create', true)
+            @@allow('read', value > 1)
+        }
+        `
+        );
+
+        const db = withPolicy();
+
+        await db.m1.create({
+            include: { m2: true },
+            data: {
+                id: '1',
+                m2: {
+                    create: [
+                        { id: 'm2-1', value: 1, m3: { create: { value: 1 } }, m4: { create: { value: 1 } } },
+                        { id: 'm2-2', value: 1, m3: { create: { value: 2 } }, m4: { create: { value: 2 } } },
+                    ],
+                },
+            },
+        });
+
+        let read = await db.m1.findFirst({ include: { m2: true } });
+        expect(read.m2).toHaveLength(2);
+        read = await db.m1.findFirst({ select: { m2: { select: { id: true } } } });
+        expect(read.m2).toHaveLength(2);
+
+        // check m2-m3 filtering
+        // including m3 causes m2 to be filtered since m3 is not nullable
+        read = await db.m1.findFirst({ include: { m2: { include: { m3: true } } } });
+        expect(read.m2).toHaveLength(1);
+        read = await db.m1.findFirst({ select: { m2: { select: { m3: true } } } });
+        expect(read.m2).toHaveLength(1);
+
+        // check m2-m4 filtering
+        // including m3 causes m2 to be filtered since m4 is not nullable
+        read = await db.m1.findFirst({ include: { m2: { include: { m4: true } } } });
+        expect(read.m2).toHaveLength(1);
+        read = await db.m1.findFirst({ select: { m2: { select: { m4: true } } } });
+        expect(read.m2).toHaveLength(1);
+    });
+
     it('create simple', async () => {
         const { withPolicy } = await loadSchema(
             `

tests/integration/tests/enhancements/with-policy/nested-to-one.test.ts

@@ -99,6 +99,59 @@ describe('With Policy:nested to-one', () => {
         await expect(db.m2.findMany({ include: { m1: true } })).toResolveTruthy();
     });
 
+    it('read condition hoisting', async () => {
+        const { withPolicy } = await loadSchema(
+            `
+        model M1 {
+            id String @id @default(uuid())
+            m2 M2 @relation(fields: [m2Id], references:[id])
+            m2Id String @unique
+        
+            @@allow('all', true)
+        }
+        
+        model M2 {
+            id String @id @default(uuid())
+            value Int
+
+            m1 M1?
+
+            m3 M3 @relation(fields: [m3Id], references:[id])
+            m3Id String @unique
+
+            @@allow('create', true)
+            @@allow('read', value > 0)
+        }
+
+        model M3 {
+            id String @id @default(uuid())
+            value Int
+            m2 M2?
+        
+            @@allow('create', true)
+            @@allow('read', value > 1)
+        }
+        `
+        );
+
+        const db = withPolicy();
+
+        await db.m1.create({
+            include: { m2: true },
+            data: {
+                id: '1',
+                m2: {
+                    create: { id: 'm2-1', value: 1, m3: { create: { value: 1 } } },
+                },
+            },
+        });
+
+        // check m2-m3 filtering
+        // including m3 causes m1 to be filtered due to hosting
+        await expect(db.m1.findFirst({ include: { m2: { include: { m3: true } } } })).toResolveNull();
+        await expect(db.m1.findFirst({ select: { m2: { select: { m3: true } } } })).toResolveNull();
+    });
+
     it('create and update tests', async () => {
         const { withPolicy } = await loadSchema(
             `