chore: sync playground with upstream

Author: danielroe

README.md

@@ -26,7 +26,7 @@ import { useQuery } from 'zero-vue'
 // see docs: https://zero.rocicorp.dev/docs/introduction
 const z = new Zero({
   userID,
-  server: import.meta.env.VITE_ZERO_SERVER,
+  server: import.meta.env.VITE_PUBLIC_SERVER,
   schema,
   kvStore: 'mem',
 })

playground/.env

@@ -4,4 +4,4 @@ ZERO_CHANGE_DB="postgresql://user:[email protected]:5430/zstart_cdb"
 ZERO_AUTH_SECRET="secretkey"
 ZERO_REPLICA_FILE="/tmp/zstart_replica.db"
 
-VITE_ZERO_SERVER='http://localhost:4848'
+VITE_PUBLIC_SERVER='http://localhost:4848'

playground/docker/docker-compose.yml

@@ -5,7 +5,7 @@ services:
     user: postgres
     restart: always
     healthcheck:
-      test: pg_isready -U user --dbname=postgres
+      test: 'pg_isready -U user --dbname=postgres'
       interval: 10s
       timeout: 5s
       retries: 5

playground/docker/seed.sql

@@ -17,8 +17,8 @@ CREATE TABLE "medium" (
 
 CREATE TABLE "message" (
   "id" VARCHAR PRIMARY KEY,
-  "senderID" VARCHAR REFERENCES "user"(id),
-  "mediumID" VARCHAR REFERENCES "medium"(id),
+  "sender_id" VARCHAR REFERENCES "user"(id),
+  "medium_id" VARCHAR REFERENCES "medium"(id),
   "body" VARCHAR NOT NULL,
   "timestamp" TIMESTAMP not null
 );

playground/src/app.vue

@@ -18,7 +18,7 @@ const userID = decodedJWT?.sub ? (decodedJWT.sub as string) : 'anon'
 const z = new Zero({
   userID,
   auth: () => encodedJWT || undefined,
-  server: import.meta.env.VITE_ZERO_SERVER,
+  server: import.meta.env.VITE_PUBLIC_SERVER,
   schema,
   // This is often easier to develop with if you're frequently changing
   // the schema. Switch to 'idb' for local-persistence.

playground/src/db/schema.ts

@@ -5,13 +5,12 @@
 // See https://github.com/rocicorp/mono/blob/main/apps/zbugs/src/domain/schema.ts
 // for more complex examples, including many-to-many.
 
-import type { ExpressionBuilder, Row } from '@rocicorp/zero'
+import type { ExpressionBuilder, PermissionsConfig, Row } from '@rocicorp/zero'
 import {
   ANYONE_CAN,
   boolean,
   createSchema,
   definePermissions,
-  NOBODY_CAN,
   number,
   relationships,
   string,
@@ -36,8 +35,8 @@ const medium = table('medium')
 const message = table('message')
   .columns({
     id: string(),
-    senderID: string(),
-    mediumID: string(),
+    senderID: string().from('sender_id'),
+    mediumID: string().from('medium_id'),
     body: string(),
     timestamp: number(),
   })
@@ -85,33 +84,29 @@ export const permissions = definePermissions<AuthData, Schema>(schema, () => {
   return {
     medium: {
       row: {
-        insert: NOBODY_CAN,
-        update: {
-          preMutation: NOBODY_CAN,
-        },
-        delete: NOBODY_CAN,
+        select: ANYONE_CAN,
       },
     },
     user: {
       row: {
-        insert: NOBODY_CAN,
-        update: {
-          preMutation: NOBODY_CAN,
-        },
-        delete: NOBODY_CAN,
+        select: ANYONE_CAN,
       },
     },
     message: {
       row: {
         // anyone can insert
         insert: ANYONE_CAN,
-        // only sender can edit their own messages
         update: {
+          // sender can only edit own messages
           preMutation: [allowIfMessageSender],
+          // sender can only edit messages to be owned by self
+          postMutation: [allowIfMessageSender],
         },
         // must be logged in to delete
         delete: [allowIfLoggedIn],
+        // everyone can read current messages
+        select: ANYONE_CAN,
       },
     },
-  }
+  } satisfies PermissionsConfig<AuthData, Schema>
 })