feat: implement database schema with Prisma ORM
Add PostgreSQL schema with 8 models (User, Session, McpServer, McpProfile,
Project, ProjectMcpProfile, McpInstance, AuditLog), comprehensive model
tests (31 passing), seed data for default MCP servers, and package exports.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 04:10:40 +00:00
|
|
|
import { PrismaClient } from '@prisma/client';
|
|
|
|
|
import { execSync } from 'node:child_process';
|
|
|
|
|
|
|
|
|
|
const TEST_DATABASE_URL = process.env['DATABASE_URL'] ??
|
|
|
|
|
'postgresql://mcpctl:mcpctl_test@localhost:5433/mcpctl_test';
|
|
|
|
|
|
|
|
|
|
let prisma: PrismaClient | undefined;
|
|
|
|
|
let schemaReady = false;
|
|
|
|
|
|
|
|
|
|
export function getTestClient(): PrismaClient {
|
|
|
|
|
if (!prisma) {
|
|
|
|
|
prisma = new PrismaClient({
|
|
|
|
|
datasources: { db: { url: TEST_DATABASE_URL } },
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
return prisma;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function setupTestDb(): Promise<PrismaClient> {
|
|
|
|
|
const client = getTestClient();
|
|
|
|
|
|
|
|
|
|
// Only push schema once per process (multiple test files share the worker)
|
|
|
|
|
if (!schemaReady) {
|
|
|
|
|
execSync('npx prisma db push --force-reset --skip-generate', {
|
|
|
|
|
cwd: new URL('..', import.meta.url).pathname,
|
|
|
|
|
env: {
|
|
|
|
|
...process.env,
|
|
|
|
|
DATABASE_URL: TEST_DATABASE_URL,
|
|
|
|
|
// Consent required when Prisma detects AI agent context.
|
|
|
|
|
// This targets the ephemeral test database (tmpfs-backed, port 5433).
|
|
|
|
|
PRISMA_USER_CONSENT_FOR_DANGEROUS_AI_ACTION: 'yes',
|
|
|
|
|
},
|
|
|
|
|
stdio: 'pipe',
|
|
|
|
|
});
|
|
|
|
|
schemaReady = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return client;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function cleanupTestDb(): Promise<void> {
|
|
|
|
|
if (prisma) {
|
|
|
|
|
await prisma.$disconnect();
|
|
|
|
|
prisma = undefined;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function clearAllTables(client: PrismaClient): Promise<void> {
|
|
|
|
|
// Delete in order respecting foreign keys
|
|
|
|
|
await client.auditLog.deleteMany();
|
|
|
|
|
await client.mcpInstance.deleteMany();
|
feat: granular RBAC with resource/operation bindings, users, groups
- Replace admin role with granular roles: view, create, delete, edit, run
- Two binding types: resource bindings (role+resource+optional name) and
operation bindings (role:run + action like backup, logs, impersonate)
- Name-scoped resource bindings for per-instance access control
- Remove role from project members (all permissions via RBAC)
- Add users, groups, RBAC CRUD endpoints and CLI commands
- describe user/group shows all RBAC access (direct + inherited)
- create rbac supports --subject, --binding, --operation flags
- Backup/restore handles users, groups, RBAC definitions
- mcplocal project-based MCP endpoint discovery
- Full test coverage for all new functionality
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 11:05:19 +00:00
|
|
|
await client.projectServer.deleteMany();
|
|
|
|
|
await client.projectMember.deleteMany();
|
feat: replace profiles with kubernetes-style secrets
Replace the confused Profile abstraction with a dedicated Secret resource
following Kubernetes conventions. Servers now have env entries with inline
values or secretRef references. Env vars are resolved and passed to
containers at startup (fixes existing gap).
- Add Secret CRUD (model, repo, service, routes, CLI commands)
- Server env: {name, value} or {name, valueFrom: {secretRef: {name, key}}}
- Add env-resolver utility shared by instance startup and config generation
- Remove all profile-related code (models, services, routes, CLI, tests)
- Update backup/restore for secrets instead of profiles
- describe secret masks values by default, --show-values to reveal
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-22 18:40:58 +00:00
|
|
|
await client.secret.deleteMany();
|
feat: implement database schema with Prisma ORM
Add PostgreSQL schema with 8 models (User, Session, McpServer, McpProfile,
Project, ProjectMcpProfile, McpInstance, AuditLog), comprehensive model
tests (31 passing), seed data for default MCP servers, and package exports.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 04:10:40 +00:00
|
|
|
await client.session.deleteMany();
|
|
|
|
|
await client.project.deleteMany();
|
|
|
|
|
await client.mcpServer.deleteMany();
|
2026-02-22 22:24:35 +00:00
|
|
|
await client.mcpTemplate.deleteMany();
|
feat: granular RBAC with resource/operation bindings, users, groups
- Replace admin role with granular roles: view, create, delete, edit, run
- Two binding types: resource bindings (role+resource+optional name) and
operation bindings (role:run + action like backup, logs, impersonate)
- Name-scoped resource bindings for per-instance access control
- Remove role from project members (all permissions via RBAC)
- Add users, groups, RBAC CRUD endpoints and CLI commands
- describe user/group shows all RBAC access (direct + inherited)
- create rbac supports --subject, --binding, --operation flags
- Backup/restore handles users, groups, RBAC definitions
- mcplocal project-based MCP endpoint discovery
- Full test coverage for all new functionality
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 11:05:19 +00:00
|
|
|
await client.groupMember.deleteMany();
|
|
|
|
|
await client.group.deleteMany();
|
|
|
|
|
await client.rbacDefinition.deleteMany();
|
feat: implement database schema with Prisma ORM
Add PostgreSQL schema with 8 models (User, Session, McpServer, McpProfile,
Project, ProjectMcpProfile, McpInstance, AuditLog), comprehensive model
tests (31 passing), seed data for default MCP servers, and package exports.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 04:10:40 +00:00
|
|
|
await client.user.deleteMany();
|
|
|
|
|
}
|
