feat: Plugin architecture

feat: Plugin architecture

Author: Brayden

plugins/studio/handler.ts

@@ -0,0 +1,152 @@
+interface HandleStudioRequestOption {
+    username: string
+    password: string
+    apiKey: string
+}
+
+function createStudioHTML(apiKey: string): string {
+    return `<!doctype>
+<html>
+<head>
+<style>
+  html, body {
+    padding: 0;
+    margin: 0;
+    width: 100vw;
+    height: 100vh;
+  }
+
+  iframe {
+    width: 100vw;
+    height: 100vh;
+    overflow: hidden;
+    border: 0;
+  }
+</style>
+<title>Your Starbase - Outerbase Studio</title>
+<link rel="icon" type="image/x-icon" href="https://studio.outerbase.com/icons/outerbase.ico">
+</head>
+<body>
+<script>
+  function handler(e) {
+    if (e.data.type !== "query" && e.data.type !== "transaction") return;
+      let requestBody = e.data.type === 'transaction' ? 
+          { transaction: e.data.statements.map(t => ({sql: t})) } :
+          { sql: e.data.statement };
+
+      fetch("/query/raw", {
+          method: "post",
+          headers: {
+              "Content-Type": "application/json",
+              "Authorization": "Bearer ${apiKey}"
+          },
+          body: JSON.stringify(requestBody)
+      }).then(r => {
+          if (!r.ok) {
+              document.getElementById('editor').contentWindow.postMessage({
+                  id: e.data.id,
+                  type: e.data.type,
+                  error: "Something went wrong",
+              }, "*");
+              throw new Error("Something went wrong");
+          }
+          return r.json()
+      }).then(r => {
+          const response = {
+              id: e.data.id,
+              type: e.data.type,
+              data: Array.isArray(r.result) ? r.result.map(transformRawResult) : transformRawResult(r.result),
+          };
+
+          document.getElementById('editor').contentWindow.postMessage(response, "*");
+      }).catch(console.error)
+  }
+
+  function transformRawResult(raw) {
+      const columns = raw.columns ?? [];
+      const values = raw.rows;
+      const headerSet = new Set();
+
+      const headers = columns.map((colName) => {
+          let renameColName = colName;
+
+          for (let i = 0; i < 20; i++) {
+          if (!headerSet.has(renameColName)) break;
+              renameColName = \`__\${colName}_\${i}\`;
+          }
+
+          return {
+              name: renameColName,
+              displayName: colName,
+              originalType: "text",
+              type: undefined,
+          };
+      });
+
+      const rows = values
+          ? values.map((r) =>
+              headers.reduce((a, b, idx) => {
+                  a[b.name] = r[idx];
+                  return a;
+              }, {})
+          )
+          : [];
+
+      return {
+          rows,
+          stat: {
+              queryDurationMs: 0,
+              rowsAffected: 0,
+              rowsRead: raw.meta.rows_read,
+              rowsWritten: raw.meta.rows_written,
+          },
+          headers,
+      };
+  }
+
+  window.addEventListener("message", handler);
+</script>
+
+<iframe
+  id="editor"
+  src="https://studio.outerbase.com/embed/starbase"
+/>
+</body>
+</html>`
+}
+
+export async function handleStudioRequest(
+    request: Request,
+    options: HandleStudioRequestOption
+): Promise<Response> {
+    // Check for basic authorization
+    const auth = request.headers.get('Authorization')
+
+    if (!auth || !auth.startsWith('Basic ')) {
+        return new Response('Unauthorized', {
+            status: 401,
+            headers: {
+                'WWW-Authenticate': 'Basic realm="Access to the studio"',
+            },
+        })
+    }
+
+    // base64 auth
+    const base64Auth = auth.split('Basic ')[1]
+    const decodedAuth = atob(base64Auth)
+    const [username, password] = decodedAuth.split(':')
+
+    if (username !== options.username || password !== options.password) {
+        return new Response('Unauthorized', {
+            status: 401,
+            headers: {
+                'WWW-Authenticate': 'Basic realm="Access to the studio"',
+            },
+        })
+    }
+
+    // Proceed with the request
+    return new Response(createStudioHTML(options.apiKey), {
+        headers: { 'Content-Type': 'text/html' },
+    })
+}

plugins/studio/index.ts

@@ -0,0 +1,39 @@
+import { StarbaseApp } from '../../src/handler'
+import { StarbasePlugin } from '../../src/plugin'
+import { handleStudioRequest } from './handler'
+
+export class StudioPlugin extends StarbasePlugin {
+    private username: string
+    private password: string
+    private apiKey: string
+
+    constructor(options: {
+        username?: string
+        password?: string
+        apiKey: string
+        prefix?: string
+    }) {
+        super(
+            'starbasedb:studio',
+            {
+                requiresAuth: false,
+            },
+            options.prefix ?? '/studio'
+        )
+        this.username = options.username || ''
+        this.password = options.password || ''
+        this.apiKey = options.apiKey
+    }
+
+    override async register(app: StarbaseApp) {
+        if (!this.pathPrefix) return
+
+        app.get(this.pathPrefix, async (c) => {
+            return handleStudioRequest(c.req.raw, {
+                username: this.username,
+                password: this.password,
+                apiKey: this.apiKey,
+            })
+        })
+    }
+}

plugins/websocket/index.ts

@@ -0,0 +1,53 @@
+import { StarbaseApp, StarbaseContext } from '../../src/handler'
+import { StarbasePlugin } from '../../src/plugin'
+
+export class WebSocketPlugin extends StarbasePlugin {
+    private prefix = '/socket'
+
+    constructor(opts?: { prefix?: string }) {
+        super('starbasedb:websocket', {
+            requiresAuth: true,
+        })
+        this.prefix = opts?.prefix ?? this.prefix
+    }
+
+    override async register(app: StarbaseApp) {
+        app.all(this.prefix, (c) => {
+            return this.upgrade(c)
+        })
+    }
+
+    private upgrade(ctx: StarbaseContext): Response {
+        if (ctx.req.header('upgrade') !== 'websocket') {
+            return new Response('Expected upgrade request', { status: 400 })
+        }
+
+        const config = ctx.get('config')
+        const dataSource = ctx.get('dataSource')
+        const { executeQuery } = ctx.get('operations')
+
+        const webSocketPair = new WebSocketPair()
+        const [client, server] = Object.values(webSocketPair)
+
+        server.accept()
+        server.addEventListener('message', (event) => {
+            const { sql, params, action } = JSON.parse(event.data as string)
+
+            if (action === 'query') {
+                const executeQueryWrapper = async () => {
+                    const response = await executeQuery({
+                        sql,
+                        params,
+                        isRaw: false,
+                        dataSource,
+                        config,
+                    })
+                    server.send(JSON.stringify(response))
+                }
+                executeQueryWrapper()
+            }
+        })
+
+        return new Response(null, { status: 101, webSocket: client })
+    }
+}

src/allowlist/index.ts

@@ -16,8 +16,7 @@ function normalizeSQL(sql: string) {
 
 async function loadAllowlist(dataSource: DataSource): Promise<string[]> {
     try {
-        const statement =
-            'SELECT sql_statement, source FROM tmp_allowlist_queries'
+        const statement = `SELECT sql_statement, source FROM tmp_allowlist_queries WHERE source="${dataSource.source}"`
         const result = (await dataSource.rpc.executeQuery({
             sql: statement,
         })) as QueryResult[]

src/cors.ts

@@ -1,6 +1,6 @@
 export const corsHeaders = {
     'Access-Control-Allow-Origin': '*',
-    'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+    'Access-Control-Allow-Methods': 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
     'Access-Control-Allow-Headers':
         'Authorization, Content-Type, X-Starbase-Source, X-Data-Source',
     'Access-Control-Max-Age': '86400',