diff --git a/changelog.md b/changelog.md index 568e9fc..78f9f7e 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,13 @@ # Changelog +## 2026-05-02 - 2.9.0 - feat(server) +add tenant management, health checks, and database export/import APIs + +- adds TypeScript and Rust management commands for creating, listing, deleting, and rotating isolated database tenants +- introduces health reporting with storage, auth, database, collection, and uptime information +- supports exporting and importing single-database snapshots and increases IPC payload size for larger transfers +- adds integration coverage for tenant isolation, password rotation, persistence across restart, and database restore flows + ## 2026-04-29 - 2.8.0 - feat(transactions) add single-node transaction support with session-aware reads, commits, aborts, and transaction metrics diff --git a/rust/crates/rustdb-auth/src/lib.rs b/rust/crates/rustdb-auth/src/lib.rs index 1d6e1d7..0e72f72 100644 --- a/rust/crates/rustdb-auth/src/lib.rs +++ b/rust/crates/rustdb-auth/src/lib.rs @@ -282,6 +282,27 @@ impl AuthEngine { .collect() } + pub fn list_users(&self) -> Vec { + let users = self.users.read().unwrap_or_else(|poisoned| poisoned.into_inner()); + let mut result: Vec = users + .values() + .map(AuthUser::to_authenticated_user) + .collect(); + result.sort_by(|a, b| a.database.cmp(&b.database).then(a.username.cmp(&b.username))); + result + } + + pub fn drop_users_for_database(&self, database: &str) -> Result { + let mut users = self.users.write().unwrap_or_else(|poisoned| poisoned.into_inner()); + let before = users.len(); + users.retain(|_, user| user.database != database); + let dropped = before.saturating_sub(users.len()); + if dropped > 0 { + self.persist_locked(&users)?; + } + Ok(dropped) + } + pub fn start_scram_sha256( &self, database: &str, diff --git a/rust/crates/rustdb/src/lib.rs b/rust/crates/rustdb/src/lib.rs index a7b284c..6f67a1c 100644 --- a/rust/crates/rustdb/src/lib.rs +++ b/rust/crates/rustdb/src/lib.rs @@ -299,6 +299,11 @@ impl RustDb { pub fn ctx(&self) -> &Arc { &self.ctx } + + /// Get the server options used for this instance. + pub fn options(&self) -> &RustDbOptions { + &self.options + } } fn build_tls_acceptor(options: &TlsOptions) -> Result { diff --git a/rust/crates/rustdb/src/management.rs b/rust/crates/rustdb/src/management.rs index b000902..8a45ce8 100644 --- a/rust/crates/rustdb/src/management.rs +++ b/rust/crates/rustdb/src/management.rs @@ -1,10 +1,11 @@ use anyhow::Result; +use bson::{Bson, Document}; use serde::{Deserialize, Serialize}; use tokio::io::{AsyncBufReadExt, BufReader}; use tracing::{info, error}; use crate::RustDb; -use rustdb_config::RustDbOptions; +use rustdb_config::{RustDbOptions, StorageType}; /// A management request from the TypeScript wrapper. #[derive(Debug, Deserialize)] @@ -139,7 +140,19 @@ async fn handle_request( "start" => handle_start(&id, &request.params, db).await, "stop" => handle_stop(&id, db).await, "getStatus" => handle_get_status(&id, db), + "getHealth" => handle_get_health(&id, db).await, "getMetrics" => handle_get_metrics(&id, db).await, + "createDatabaseTenant" => handle_create_database_tenant(&id, &request.params, db).await, + "deleteDatabaseTenant" => handle_delete_database_tenant(&id, &request.params, db).await, + "rotateDatabaseTenantPassword" => { + handle_rotate_database_tenant_password(&id, &request.params, db).await + } + "listDatabaseTenants" => handle_list_database_tenants(&id, db), + "getDatabaseTenantDescriptor" => { + handle_get_database_tenant_descriptor(&id, &request.params, db) + } + "exportDatabase" => handle_export_database(&id, &request.params, db).await, + "importDatabase" => handle_import_database(&id, &request.params, db).await, "getOpLog" => handle_get_oplog(&id, &request.params, db), "getOpLogStats" => handle_get_oplog_stats(&id, db), "revertToSeq" => handle_revert_to_seq(&id, &request.params, db).await, @@ -231,6 +244,42 @@ fn handle_get_status( } } +async fn handle_get_health(id: &str, db: &Option) -> ManagementResponse { + match db.as_ref() { + Some(d) => { + let ctx = d.ctx(); + let (database_count, collection_count) = database_and_collection_counts(ctx).await; + let options = d.options(); + let storage = match &options.storage { + StorageType::Memory => "memory", + StorageType::File => "file", + }; + ManagementResponse::ok( + id.to_string(), + serde_json::json!({ + "running": true, + "storage": storage, + "storagePath": options.storage_path.clone().or_else(|| options.persist_path.clone()), + "authEnabled": ctx.auth.enabled(), + "authUsers": ctx.auth.user_count(), + "usersPathConfigured": options.auth.users_path.is_some(), + "databaseCount": database_count, + "collectionCount": collection_count, + "uptimeSeconds": ctx.start_time.elapsed().as_secs(), + }), + ) + } + None => ManagementResponse::ok( + id.to_string(), + serde_json::json!({ + "running": false, + "databaseCount": 0, + "collectionCount": 0, + }), + ), + } +} + async fn handle_get_metrics( id: &str, db: &Option, @@ -267,7 +316,7 @@ async fn handle_get_metrics( } } -fn handle_get_oplog( +async fn handle_create_database_tenant( id: &str, params: &serde_json::Value, db: &Option, @@ -276,6 +325,503 @@ fn handle_get_oplog( Some(d) => d, None => return ManagementResponse::err(id.to_string(), "Server is not running".to_string()), }; + let ctx = d.ctx(); + if !ctx.auth.enabled() { + return ManagementResponse::err( + id.to_string(), + "Authentication must be enabled to create database tenants".to_string(), + ); + } + + let database_name = match string_param(params, "databaseName") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if let Err(message) = validate_database_name(database_name) { + return ManagementResponse::err(id.to_string(), message); + } + let username = match string_param(params, "username") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if let Err(message) = validate_username(username) { + return ManagementResponse::err(id.to_string(), message); + } + let password = match string_param(params, "password") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if password.is_empty() { + return ManagementResponse::err(id.to_string(), "password must not be empty".to_string()); + } + let roles = match roles_param(params) { + Ok(roles) => roles, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + + if let Err(e) = ctx.storage.create_database(database_name).await { + if !is_already_exists(&e.to_string()) { + return ManagementResponse::err( + id.to_string(), + format!("Failed to create database: {e}"), + ); + } + } + + match ctx + .auth + .create_user(database_name, username, password, roles) + { + Ok(()) => { + let users = ctx.auth.users_info(database_name, Some(username)); + match users.first() { + Some(user) => ManagementResponse::ok(id.to_string(), tenant_descriptor_json(user)), + None => ManagementResponse::err( + id.to_string(), + "Tenant user was created but could not be read back".to_string(), + ), + } + } + Err(e) => { + ManagementResponse::err(id.to_string(), format!("Failed to create tenant user: {e}")) + } + } +} + +async fn handle_delete_database_tenant( + id: &str, + params: &serde_json::Value, + db: &Option, +) -> ManagementResponse { + let d = match db.as_ref() { + Some(d) => d, + None => { + return ManagementResponse::err(id.to_string(), "Server is not running".to_string()) + } + }; + let ctx = d.ctx(); + let database_name = match string_param(params, "databaseName") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if let Err(message) = validate_database_name(database_name) { + return ManagementResponse::err(id.to_string(), message); + } + let username = params.get("username").and_then(|v| v.as_str()); + if let Some(username) = username { + if let Err(message) = validate_username(username) { + return ManagementResponse::err(id.to_string(), message); + } + } + + if let Err(e) = ctx.storage.drop_database(database_name).await { + return ManagementResponse::err(id.to_string(), format!("Failed to drop database: {e}")); + } + remove_database_indexes(ctx, database_name); + + let mut deleted_users = 0usize; + if ctx.auth.enabled() { + if let Some(username) = username { + match ctx.auth.drop_user(database_name, username) { + Ok(()) => deleted_users = 1, + Err(rustdb_auth::AuthError::UserNotFound(_)) => deleted_users = 0, + Err(e) => { + return ManagementResponse::err( + id.to_string(), + format!("Failed to drop tenant user: {e}"), + ) + } + } + } else { + match ctx.auth.drop_users_for_database(database_name) { + Ok(count) => deleted_users = count, + Err(e) => { + return ManagementResponse::err( + id.to_string(), + format!("Failed to drop tenant users: {e}"), + ) + } + } + } + } + + ManagementResponse::ok( + id.to_string(), + serde_json::json!({ + "databaseName": database_name, + "deletedUsers": deleted_users, + "databaseDropped": true, + }), + ) +} + +async fn handle_rotate_database_tenant_password( + id: &str, + params: &serde_json::Value, + db: &Option, +) -> ManagementResponse { + let d = match db.as_ref() { + Some(d) => d, + None => { + return ManagementResponse::err(id.to_string(), "Server is not running".to_string()) + } + }; + let ctx = d.ctx(); + if !ctx.auth.enabled() { + return ManagementResponse::err( + id.to_string(), + "Authentication must be enabled to rotate database tenant passwords".to_string(), + ); + } + + let username = match string_param(params, "username") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if let Err(message) = validate_username(username) { + return ManagementResponse::err(id.to_string(), message); + } + let password = match string_param(params, "password") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if password.is_empty() { + return ManagementResponse::err(id.to_string(), "password must not be empty".to_string()); + } + + let matches: Vec<_> = ctx + .auth + .list_users() + .into_iter() + .filter(|user| user.username == username) + .collect(); + if matches.is_empty() { + return ManagementResponse::err( + id.to_string(), + format!("tenant user not found: {username}"), + ); + } + if matches.len() > 1 { + return ManagementResponse::err( + id.to_string(), + format!("tenant username is ambiguous across databases: {username}"), + ); + } + let user = &matches[0]; + match ctx + .auth + .update_user(&user.database, username, Some(password), None) + { + Ok(()) => { + let users = ctx.auth.users_info(&user.database, Some(username)); + match users.first() { + Some(user) => ManagementResponse::ok(id.to_string(), tenant_descriptor_json(user)), + None => ManagementResponse::err( + id.to_string(), + "Tenant user was updated but could not be read back".to_string(), + ), + } + } + Err(e) => ManagementResponse::err( + id.to_string(), + format!("Failed to rotate tenant password: {e}"), + ), + } +} + +fn handle_list_database_tenants(id: &str, db: &Option) -> ManagementResponse { + let d = match db.as_ref() { + Some(d) => d, + None => { + return ManagementResponse::err(id.to_string(), "Server is not running".to_string()) + } + }; + let tenants: Vec = d + .ctx() + .auth + .list_users() + .into_iter() + .filter(|user| user.database != "admin") + .map(|user| tenant_descriptor_json(&user)) + .collect(); + ManagementResponse::ok(id.to_string(), serde_json::json!({ "tenants": tenants })) +} + +fn handle_get_database_tenant_descriptor( + id: &str, + params: &serde_json::Value, + db: &Option, +) -> ManagementResponse { + let d = match db.as_ref() { + Some(d) => d, + None => { + return ManagementResponse::err(id.to_string(), "Server is not running".to_string()) + } + }; + let database_name = match string_param(params, "databaseName") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + let username = match string_param(params, "username") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + let users = d.ctx().auth.users_info(database_name, Some(username)); + match users.first() { + Some(user) => ManagementResponse::ok(id.to_string(), tenant_descriptor_json(user)), + None => ManagementResponse::err( + id.to_string(), + format!("tenant user not found: {database_name}.{username}"), + ), + } +} + +async fn handle_export_database( + id: &str, + params: &serde_json::Value, + db: &Option, +) -> ManagementResponse { + let d = match db.as_ref() { + Some(d) => d, + None => { + return ManagementResponse::err(id.to_string(), "Server is not running".to_string()) + } + }; + let ctx = d.ctx(); + let database_name = match string_param(params, "databaseName") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if let Err(message) = validate_database_name(database_name) { + return ManagementResponse::err(id.to_string(), message); + } + match ctx.storage.database_exists(database_name).await { + Ok(true) => {} + Ok(false) => { + return ManagementResponse::err( + id.to_string(), + format!("database not found: {database_name}"), + ) + } + Err(e) => { + return ManagementResponse::err( + id.to_string(), + format!("Failed to check database: {e}"), + ) + } + } + + let collection_names = match ctx.storage.list_collections(database_name).await { + Ok(collections) => collections, + Err(e) => { + return ManagementResponse::err( + id.to_string(), + format!("Failed to list collections: {e}"), + ) + } + }; + let mut collections = Vec::with_capacity(collection_names.len()); + for collection_name in collection_names { + let documents = match ctx.storage.find_all(database_name, &collection_name).await { + Ok(docs) => docs + .into_iter() + .map(|doc| bson_doc_to_json(&doc)) + .collect::>(), + Err(e) => { + return ManagementResponse::err( + id.to_string(), + format!("Failed to export collection '{collection_name}': {e}"), + ) + } + }; + let indexes = match ctx + .storage + .get_indexes(database_name, &collection_name) + .await + { + Ok(specs) => specs + .into_iter() + .map(|doc| bson_doc_to_json(&doc)) + .collect::>(), + Err(_) => Vec::new(), + }; + collections.push(serde_json::json!({ + "name": collection_name, + "documents": documents, + "indexes": indexes, + })); + } + + ManagementResponse::ok( + id.to_string(), + serde_json::json!({ + "format": "smartdb.database.export.v1", + "databaseName": database_name, + "exportedAtMs": now_ms(), + "collections": collections, + }), + ) +} + +async fn handle_import_database( + id: &str, + params: &serde_json::Value, + db: &Option, +) -> ManagementResponse { + let d = match db.as_ref() { + Some(d) => d, + None => { + return ManagementResponse::err(id.to_string(), "Server is not running".to_string()) + } + }; + let ctx = d.ctx(); + let database_name = match string_param(params, "databaseName") { + Ok(value) => value, + Err(message) => return ManagementResponse::err(id.to_string(), message), + }; + if let Err(message) = validate_database_name(database_name) { + return ManagementResponse::err(id.to_string(), message); + } + let source = match params.get("source") { + Some(value) => value, + None => { + return ManagementResponse::err( + id.to_string(), + "Missing 'source' parameter".to_string(), + ) + } + }; + let source_collections = match source.get("collections").and_then(|value| value.as_array()) { + Some(collections) => collections, + None => { + return ManagementResponse::err( + id.to_string(), + "source.collections must be an array".to_string(), + ) + } + }; + + if let Err(e) = ctx.storage.drop_database(database_name).await { + return ManagementResponse::err( + id.to_string(), + format!("Failed to clear database before import: {e}"), + ); + } + remove_database_indexes(ctx, database_name); + if let Err(e) = ctx.storage.create_database(database_name).await { + if !is_already_exists(&e.to_string()) { + return ManagementResponse::err( + id.to_string(), + format!("Failed to create database: {e}"), + ); + } + } + + let mut imported_collections = 0usize; + let mut imported_documents = 0usize; + for collection in source_collections { + let collection_name = match collection.get("name").and_then(|value| value.as_str()) { + Some(value) => value, + None => { + return ManagementResponse::err( + id.to_string(), + "source collection is missing a string 'name'".to_string(), + ) + } + }; + if let Err(message) = validate_collection_name(collection_name) { + return ManagementResponse::err(id.to_string(), message); + } + if let Err(e) = ctx + .storage + .create_collection(database_name, collection_name) + .await + { + if !is_already_exists(&e.to_string()) { + return ManagementResponse::err( + id.to_string(), + format!("Failed to create collection '{collection_name}': {e}"), + ); + } + } + + if let Some(documents) = collection + .get("documents") + .and_then(|value| value.as_array()) + { + for document_value in documents { + let document = match json_to_bson_doc(document_value) { + Ok(document) => document, + Err(message) => { + return ManagementResponse::err( + id.to_string(), + format!("Invalid document in '{collection_name}': {message}"), + ) + } + }; + if let Err(e) = ctx + .storage + .insert_one(database_name, collection_name, document) + .await + { + return ManagementResponse::err( + id.to_string(), + format!("Failed to import document into '{collection_name}': {e}"), + ); + } + imported_documents += 1; + } + } + + if let Some(indexes) = collection.get("indexes").and_then(|value| value.as_array()) { + for index_value in indexes { + let index_doc = match json_to_bson_doc(index_value) { + Ok(document) => document, + Err(message) => { + return ManagementResponse::err( + id.to_string(), + format!("Invalid index in '{collection_name}': {message}"), + ) + } + }; + let name = index_doc.get_str("name").unwrap_or("_id_").to_string(); + if let Err(e) = ctx + .storage + .save_index(database_name, collection_name, &name, index_doc) + .await + { + return ManagementResponse::err( + id.to_string(), + format!("Failed to import index '{name}' into '{collection_name}': {e}"), + ); + } + } + } + + imported_collections += 1; + } + + ManagementResponse::ok( + id.to_string(), + serde_json::json!({ + "databaseName": database_name, + "collections": imported_collections, + "documents": imported_documents, + }), + ) +} + +fn handle_get_oplog( + id: &str, + params: &serde_json::Value, + db: &Option, +) -> ManagementResponse { + let d = match db.as_ref() { + Some(d) => d, + None => { + return ManagementResponse::err(id.to_string(), "Server is not running".to_string()) + } + }; let ctx = d.ctx(); let since_seq = params.get("sinceSeq").and_then(|v| v.as_u64()).unwrap_or(1); @@ -559,6 +1105,129 @@ async fn handle_get_documents( ) } +async fn database_and_collection_counts(ctx: &rustdb_commands::CommandContext) -> (usize, u64) { + let databases = ctx.storage.list_databases().await.unwrap_or_default(); + let mut collections = 0u64; + for database in &databases { + if let Ok(database_collections) = ctx.storage.list_collections(database).await { + collections += database_collections.len() as u64; + } + } + (databases.len(), collections) +} + +fn remove_database_indexes(ctx: &rustdb_commands::CommandContext, database_name: &str) { + let prefix = format!("{}.", database_name); + let keys_to_remove: Vec = ctx + .indexes + .iter() + .filter(|entry| entry.key().starts_with(&prefix)) + .map(|entry| entry.key().clone()) + .collect(); + for key in keys_to_remove { + ctx.indexes.remove(&key); + } +} + +fn tenant_descriptor_json(user: &rustdb_auth::AuthenticatedUser) -> serde_json::Value { + serde_json::json!({ + "databaseName": user.database.clone(), + "username": user.username.clone(), + "roles": user.roles.clone(), + "authSource": user.database.clone(), + }) +} + +fn string_param<'a>(params: &'a serde_json::Value, key: &str) -> Result<&'a str, String> { + params + .get(key) + .and_then(|value| value.as_str()) + .ok_or_else(|| format!("Missing '{key}' parameter")) +} + +fn roles_param(params: &serde_json::Value) -> Result, String> { + let Some(value) = params.get("roles") else { + return Ok(vec!["readWrite".to_string(), "dbAdmin".to_string()]); + }; + let roles = value + .as_array() + .ok_or_else(|| "roles must be an array of strings".to_string())?; + let mut result = Vec::with_capacity(roles.len()); + for role in roles { + let Some(role_name) = role.as_str() else { + return Err("roles must be an array of strings".to_string()); + }; + if role_name.is_empty() { + return Err("roles must not contain empty role names".to_string()); + } + result.push(role_name.to_string()); + } + Ok(result) +} + +fn validate_database_name(name: &str) -> Result<(), String> { + if name.is_empty() { + return Err("databaseName must not be empty".to_string()); + } + if name == "." + || name == ".." + || name.contains('/') + || name.contains('\\') + || name.contains('\0') + { + return Err(format!( + "databaseName contains invalid path characters: {name}" + )); + } + Ok(()) +} + +fn validate_collection_name(name: &str) -> Result<(), String> { + if name.is_empty() { + return Err("collection name must not be empty".to_string()); + } + if name == "." + || name == ".." + || name.contains('/') + || name.contains('\\') + || name.contains('\0') + { + return Err(format!( + "collection name contains invalid path characters: {name}" + )); + } + Ok(()) +} + +fn validate_username(username: &str) -> Result<(), String> { + if username.is_empty() { + return Err("username must not be empty".to_string()); + } + if username.contains('\0') { + return Err("username must not contain NUL bytes".to_string()); + } + Ok(()) +} + +fn is_already_exists(message: &str) -> bool { + message.contains("AlreadyExists") || message.contains("already exists") +} + +fn json_to_bson_doc(value: &serde_json::Value) -> Result { + let bson_value: Bson = serde_json::from_value(value.clone()).map_err(|e| e.to_string())?; + match bson_value { + Bson::Document(document) => Ok(document), + _ => Err("expected BSON document".to_string()), + } +} + +fn now_ms() -> u64 { + std::time::SystemTime::now() + .duration_since(std::time::UNIX_EPOCH) + .unwrap_or_default() + .as_millis() as u64 +} + /// Convert a BSON Document to a serde_json::Value. fn bson_doc_to_json(doc: &bson::Document) -> serde_json::Value { // Use bson's built-in relaxed extended JSON serialization. diff --git a/test/test.tenants.ts b/test/test.tenants.ts new file mode 100644 index 0000000..62df77e --- /dev/null +++ b/test/test.tenants.ts @@ -0,0 +1,232 @@ +import { expect, tap } from '@git.zone/tstest/tapbundle'; +import * as smartdb from '../ts/index.js'; +import { MongoClient } from 'mongodb'; +import * as fs from 'fs'; +import * as os from 'os'; +import * as path from 'path'; + +let server: smartdb.SmartdbServer; +let tmpDir: string; +let storagePath: string; +let usersPath: string; +const port = 27129; +const openedClients: MongoClient[] = []; + +let tenantA: smartdb.ISmartDbDatabaseTenantDescriptor; +let tenantB: smartdb.ISmartDbDatabaseTenantDescriptor; +let exportedTenantA: smartdb.ISmartDbDatabaseExport; + +function makeTmpDir(): string { + return fs.mkdtempSync(path.join(os.tmpdir(), 'smartdb-tenants-test-')); +} + +function cleanTmpDir(dir: string): void { + if (fs.existsSync(dir)) { + fs.rmSync(dir, { recursive: true, force: true }); + } +} + +async function connect(uri: string): Promise { + const client = new MongoClient(uri, { + directConnection: true, + serverSelectionTimeoutMS: 5000, + }); + await client.connect(); + openedClients.push(client); + return client; +} + +async function expectConnectionToFail(uri: string): Promise { + const client = new MongoClient(uri, { + directConnection: true, + serverSelectionTimeoutMS: 5000, + }); + let threw = false; + try { + await client.connect(); + await client.db('tenant_a').command({ ping: 1 }); + } catch { + threw = true; + } finally { + await client.close().catch(() => undefined); + } + expect(threw).toBeTrue(); +} + +async function closeOpenedClients(): Promise { + while (openedClients.length > 0) { + const client = openedClients.pop(); + await client?.close().catch(() => undefined); + } +} + +function createServer(): smartdb.SmartdbServer { + return new smartdb.SmartdbServer({ + port, + storage: 'file', + storagePath, + auth: { + enabled: true, + usersPath, + scramIterations: 4096, + users: [ + { + username: 'root', + password: 'secret', + database: 'admin', + roles: ['root'], + }, + ], + }, + }); +} + +tap.test('tenants: should start durable authenticated service', async () => { + tmpDir = makeTmpDir(); + storagePath = path.join(tmpDir, 'data'); + usersPath = path.join(tmpDir, 'users.json'); + server = createServer(); + await server.start(); + expect(server.running).toBeTrue(); +}); + +tap.test('tenants: should create isolated database tenants', async () => { + tenantA = await server.createDatabaseTenant({ + databaseName: 'tenant_a', + username: 'tenant_a_user', + password: 'tenant-a-pass-1', + }); + tenantB = await server.createDatabaseTenant({ + databaseName: 'tenant_b', + username: 'tenant_b_user', + password: 'tenant-b-pass-1', + }); + + expect(tenantA.databaseName).toEqual('tenant_a'); + expect(tenantA.authSource).toEqual('tenant_a'); + expect(tenantA.roles.includes('readWrite')).toBeTrue(); + expect(tenantA.roles.includes('dbAdmin')).toBeTrue(); + expect(typeof tenantA.mongodbUri).toEqual('string'); + + const tenants = await server.listDatabaseTenants(); + expect(tenants.some((tenant) => tenant.databaseName === 'tenant_a')).toBeTrue(); + expect(tenants.some((tenant) => tenant.databaseName === 'tenant_b')).toBeTrue(); + + const descriptor = await server.getDatabaseTenantDescriptor({ + databaseName: 'tenant_a', + username: 'tenant_a_user', + }); + expect(descriptor.username).toEqual('tenant_a_user'); +}); + +tap.test('tenants: should work with official MongoDB driver and enforce auth isolation', async () => { + const clientA = await connect(tenantA.mongodbUri!); + const clientB = await connect(tenantB.mongodbUri!); + + const ping = await clientA.db('tenant_a').command({ ping: 1 }); + expect(ping.ok).toEqual(1); + + await clientA.db('tenant_a').collection('notes').insertOne({ title: 'tenant a note' }); + await clientA.db('tenant_a').collection('notes').createIndex({ title: 1 }); + await clientB.db('tenant_b').collection('notes').insertOne({ title: 'tenant b note' }); + + let threw = false; + try { + await clientA.db('tenant_b').collection('notes').findOne({ title: 'tenant b note' }); + } catch (err: any) { + threw = true; + expect(err.code).toEqual(13); + } + expect(threw).toBeTrue(); +}); + +tap.test('tenants: should expose health and metrics for readiness checks', async () => { + const health = await server.getHealth(); + expect(health.running).toBeTrue(); + expect(health.storagePath).toEqual(storagePath); + expect(health.authEnabled).toBeTrue(); + expect(health.databaseCount >= 2).toBeTrue(); + expect(health.collectionCount >= 2).toBeTrue(); + + const metrics = await server.getMetrics(); + expect(metrics.authEnabled).toBeTrue(); + expect(metrics.databases >= 2).toBeTrue(); + expect(metrics.collections >= 2).toBeTrue(); +}); + +tap.test('tenants: should rotate password without restart', async () => { + const oldUri = tenantA.mongodbUri!; + await closeOpenedClients(); + + tenantA = await server.rotateDatabaseTenantPassword({ + username: 'tenant_a_user', + password: 'tenant-a-pass-2', + }); + expect(typeof tenantA.mongodbUri).toEqual('string'); + + await expectConnectionToFail(oldUri); + const rotatedClient = await connect(tenantA.mongodbUri!); + const doc = await rotatedClient.db('tenant_a').collection('notes').findOne({ title: 'tenant a note' }); + expect(doc).toBeTruthy(); +}); + +tap.test('tenants: should persist runtime users and file-backed data across restart', async () => { + await closeOpenedClients(); + await server.stop(); + + server = createServer(); + await server.start(); + + const clientA = await connect(tenantA.mongodbUri!); + const clientB = await connect(tenantB.mongodbUri!); + const docA = await clientA.db('tenant_a').collection('notes').findOne({ title: 'tenant a note' }); + const docB = await clientB.db('tenant_b').collection('notes').findOne({ title: 'tenant b note' }); + expect(docA).toBeTruthy(); + expect(docB).toBeTruthy(); +}); + +tap.test('tenants: should export and restore one database without unrelated tenants', async () => { + exportedTenantA = await server.exportDatabase({ databaseName: 'tenant_a' }); + expect(exportedTenantA.databaseName).toEqual('tenant_a'); + expect(exportedTenantA.collections.length).toEqual(1); + expect(JSON.stringify(exportedTenantA).includes('tenant b note')).toBeFalse(); + + await closeOpenedClients(); + const deleteResult = await server.deleteDatabaseTenant({ + databaseName: 'tenant_a', + username: 'tenant_a_user', + }); + expect(deleteResult.databaseDropped).toBeTrue(); + expect(deleteResult.deletedUsers).toEqual(1); + + await expectConnectionToFail(tenantA.mongodbUri!); + + const importResult = await server.importDatabase({ + databaseName: 'tenant_a', + source: exportedTenantA, + }); + expect(importResult.databaseName).toEqual('tenant_a'); + expect(importResult.documents).toEqual(1); + + tenantA = await server.createDatabaseTenant({ + databaseName: 'tenant_a', + username: 'tenant_a_user', + password: 'tenant-a-pass-3', + }); + const restoredClient = await connect(tenantA.mongodbUri!); + const restoredDoc = await restoredClient.db('tenant_a').collection('notes').findOne({ title: 'tenant a note' }); + expect(restoredDoc).toBeTruthy(); + + const clientB = await connect(tenantB.mongodbUri!); + const unrelatedDoc = await clientB.db('tenant_b').collection('notes').findOne({ title: 'tenant b note' }); + expect(unrelatedDoc).toBeTruthy(); +}); + +tap.test('tenants: cleanup', async () => { + await closeOpenedClients(); + await server.stop(); + expect(server.running).toBeFalse(); + cleanTmpDir(tmpDir); +}); + +export default tap.start(); diff --git a/ts/00_commitinfo_data.ts b/ts/00_commitinfo_data.ts index 47b21cd..c156b57 100644 --- a/ts/00_commitinfo_data.ts +++ b/ts/00_commitinfo_data.ts @@ -3,6 +3,6 @@ */ export const commitinfo = { name: '@push.rocks/smartdb', - version: '2.8.0', + version: '2.9.0', description: 'A MongoDB-compatible embedded database server with wire protocol support, backed by a high-performance Rust engine.' } diff --git a/ts/index.ts b/ts/index.ts index 6b3feb7..36ae88f 100644 --- a/ts/index.ts +++ b/ts/index.ts @@ -22,4 +22,14 @@ export type { ICollectionInfo, IDocumentsResult, ISmartDbMetrics, + ISmartDbHealth, + ISmartDbDatabaseTenantInput, + ISmartDbDeleteDatabaseTenantInput, + ISmartDbRotateDatabaseTenantPasswordInput, + ISmartDbDatabaseTenantDescriptor, + ISmartDbDeleteDatabaseTenantResult, + ISmartDbDatabaseExportCollection, + ISmartDbDatabaseExport, + ISmartDbImportDatabaseInput, + ISmartDbImportDatabaseResult, } from './ts_smartdb/index.js'; diff --git a/ts/ts_smartdb/index.ts b/ts/ts_smartdb/index.ts index 5a17387..9978237 100644 --- a/ts/ts_smartdb/index.ts +++ b/ts/ts_smartdb/index.ts @@ -21,4 +21,14 @@ export type { ICollectionInfo, IDocumentsResult, ISmartDbMetrics, + ISmartDbHealth, + ISmartDbDatabaseTenantInput, + ISmartDbDeleteDatabaseTenantInput, + ISmartDbRotateDatabaseTenantPasswordInput, + ISmartDbDatabaseTenantDescriptor, + ISmartDbDeleteDatabaseTenantResult, + ISmartDbDatabaseExportCollection, + ISmartDbDatabaseExport, + ISmartDbImportDatabaseInput, + ISmartDbImportDatabaseResult, } from './rust-db-bridge.js'; diff --git a/ts/ts_smartdb/rust-db-bridge.ts b/ts/ts_smartdb/rust-db-bridge.ts index 13f18a0..a08f6d2 100644 --- a/ts/ts_smartdb/rust-db-bridge.ts +++ b/ts/ts_smartdb/rust-db-bridge.ts @@ -83,6 +83,73 @@ export interface ISmartDbMetrics { uptimeSeconds: number; } +export interface ISmartDbHealth { + running: boolean; + storage?: 'memory' | 'file'; + storagePath?: string; + authEnabled?: boolean; + authUsers?: number; + usersPathConfigured?: boolean; + databaseCount: number; + collectionCount: number; + uptimeSeconds?: number; +} + +export interface ISmartDbDatabaseTenantInput { + databaseName: string; + username: string; + password: string; + roles?: string[]; +} + +export interface ISmartDbDeleteDatabaseTenantInput { + databaseName: string; + username?: string; +} + +export interface ISmartDbRotateDatabaseTenantPasswordInput { + username: string; + password: string; +} + +export interface ISmartDbDatabaseTenantDescriptor { + databaseName: string; + username: string; + roles: string[]; + authSource: string; + mongodbUri?: string; +} + +export interface ISmartDbDeleteDatabaseTenantResult { + databaseName: string; + deletedUsers: number; + databaseDropped: boolean; +} + +export interface ISmartDbDatabaseExportCollection { + name: string; + documents: Record[]; + indexes: Record[]; +} + +export interface ISmartDbDatabaseExport { + format: 'smartdb.database.export.v1'; + databaseName: string; + exportedAtMs: number; + collections: ISmartDbDatabaseExportCollection[]; +} + +export interface ISmartDbImportDatabaseInput { + databaseName: string; + source: ISmartDbDatabaseExport; +} + +export interface ISmartDbImportDatabaseResult { + databaseName: string; + collections: number; + documents: number; +} + /** * Type-safe command definitions for the RustDb IPC protocol. */ @@ -90,7 +157,36 @@ type TSmartDbCommands = { start: { params: { config: ISmartDbRustConfig }; result: { connectionUri: string } }; stop: { params: Record; result: void }; getStatus: { params: Record; result: { running: boolean } }; + getHealth: { params: Record; result: ISmartDbHealth }; getMetrics: { params: Record; result: ISmartDbMetrics }; + createDatabaseTenant: { + params: ISmartDbDatabaseTenantInput; + result: ISmartDbDatabaseTenantDescriptor; + }; + deleteDatabaseTenant: { + params: ISmartDbDeleteDatabaseTenantInput; + result: ISmartDbDeleteDatabaseTenantResult; + }; + rotateDatabaseTenantPassword: { + params: ISmartDbRotateDatabaseTenantPasswordInput; + result: ISmartDbDatabaseTenantDescriptor; + }; + listDatabaseTenants: { + params: Record; + result: { tenants: ISmartDbDatabaseTenantDescriptor[] }; + }; + getDatabaseTenantDescriptor: { + params: { databaseName: string; username: string }; + result: ISmartDbDatabaseTenantDescriptor; + }; + exportDatabase: { + params: { databaseName: string }; + result: ISmartDbDatabaseExport; + }; + importDatabase: { + params: ISmartDbImportDatabaseInput; + result: ISmartDbImportDatabaseResult; + }; getOpLog: { params: { sinceSeq?: number; limit?: number; db?: string; collection?: string }; result: IOpLogResult; @@ -202,7 +298,7 @@ export class RustDbBridge extends EventEmitter { envVarName: 'SMARTDB_RUST_BINARY', platformPackagePrefix: '@push.rocks/smartdb', localPaths: buildLocalPaths(), - maxPayloadSize: 10 * 1024 * 1024, // 10 MB + maxPayloadSize: 100 * 1024 * 1024, // database exports/imports can be larger than command replies }); // Forward events from the inner bridge @@ -251,6 +347,48 @@ export class RustDbBridge extends EventEmitter { return this.bridge.sendCommand('getMetrics', {} as Record) as Promise; } + public async getHealth(): Promise { + return this.bridge.sendCommand('getHealth', {} as Record) as Promise; + } + + public async createDatabaseTenant( + params: ISmartDbDatabaseTenantInput, + ): Promise { + return this.bridge.sendCommand('createDatabaseTenant', params) as Promise; + } + + public async deleteDatabaseTenant( + params: ISmartDbDeleteDatabaseTenantInput, + ): Promise { + return this.bridge.sendCommand('deleteDatabaseTenant', params) as Promise; + } + + public async rotateDatabaseTenantPassword( + params: ISmartDbRotateDatabaseTenantPasswordInput, + ): Promise { + return this.bridge.sendCommand('rotateDatabaseTenantPassword', params) as Promise; + } + + public async listDatabaseTenants(): Promise { + const result = await this.bridge.sendCommand('listDatabaseTenants', {} as Record) as { tenants: ISmartDbDatabaseTenantDescriptor[] }; + return result.tenants; + } + + public async getDatabaseTenantDescriptor(params: { + databaseName: string; + username: string; + }): Promise { + return this.bridge.sendCommand('getDatabaseTenantDescriptor', params) as Promise; + } + + public async exportDatabase(params: { databaseName: string }): Promise { + return this.bridge.sendCommand('exportDatabase', params) as Promise; + } + + public async importDatabase(params: ISmartDbImportDatabaseInput): Promise { + return this.bridge.sendCommand('importDatabase', params) as Promise; + } + public async getOpLog(params: { sinceSeq?: number; limit?: number; diff --git a/ts/ts_smartdb/server/SmartdbServer.ts b/ts/ts_smartdb/server/SmartdbServer.ts index 4a68b34..2b5ff94 100644 --- a/ts/ts_smartdb/server/SmartdbServer.ts +++ b/ts/ts_smartdb/server/SmartdbServer.ts @@ -8,6 +8,15 @@ import type { ICollectionInfo, IDocumentsResult, ISmartDbMetrics, + ISmartDbHealth, + ISmartDbDatabaseTenantInput, + ISmartDbDeleteDatabaseTenantInput, + ISmartDbRotateDatabaseTenantPasswordInput, + ISmartDbDatabaseTenantDescriptor, + ISmartDbDeleteDatabaseTenantResult, + ISmartDbDatabaseExport, + ISmartDbImportDatabaseInput, + ISmartDbImportDatabaseResult, } from '../rust-db-bridge.js'; /** @@ -204,6 +213,85 @@ export class SmartdbServer { return this.options.host ?? '127.0.0.1'; } + /** + * Create an isolated database/user pair for an application tenant. + */ + async createDatabaseTenant( + params: ISmartDbDatabaseTenantInput, + ): Promise { + const descriptor = await this.bridge.createDatabaseTenant(params); + return this.withTenantMongoUri(descriptor, params.password); + } + + /** + * Delete a tenant database and its tenant user(s). + */ + async deleteDatabaseTenant( + params: ISmartDbDeleteDatabaseTenantInput, + ): Promise { + return this.bridge.deleteDatabaseTenant(params); + } + + /** + * Rotate a tenant user's password without restarting the server. + */ + async rotateDatabaseTenantPassword( + params: ISmartDbRotateDatabaseTenantPasswordInput, + ): Promise { + const descriptor = await this.bridge.rotateDatabaseTenantPassword(params); + return this.withTenantMongoUri(descriptor, params.password); + } + + /** + * List known database tenants. + */ + async listDatabaseTenants(): Promise { + return this.bridge.listDatabaseTenants(); + } + + /** + * Get a tenant descriptor without exposing a password. + */ + async getDatabaseTenantDescriptor(params: { + databaseName: string; + username: string; + }): Promise { + return this.bridge.getDatabaseTenantDescriptor(params); + } + + /** + * Export one database as an Extended JSON snapshot. + */ + async exportDatabase(params: { databaseName: string }): Promise { + return this.bridge.exportDatabase(params); + } + + /** + * Replace one database with a previously exported snapshot. + */ + async importDatabase(params: ISmartDbImportDatabaseInput): Promise { + return this.bridge.importDatabase(params); + } + + /** + * Get readiness/health details for long-running service use. + */ + async getHealth(): Promise { + if (!this.isRunning) { + return { + running: false, + storage: this.options.storage, + storagePath: this.options.storage === 'file' ? this.options.storagePath : this.options.persistPath, + authEnabled: Boolean(this.options.auth?.enabled), + authUsers: this.options.auth?.users?.length ?? 0, + usersPathConfigured: Boolean(this.options.auth?.usersPath), + databaseCount: 0, + collectionCount: 0, + }; + } + return this.bridge.getHealth(); + } + // --- OpLog / Debug API --- /** @@ -258,4 +346,26 @@ export class SmartdbServer { async getMetrics(): Promise { return this.bridge.getMetrics(); } + + private withTenantMongoUri( + descriptor: ISmartDbDatabaseTenantDescriptor, + password: string, + ): ISmartDbDatabaseTenantDescriptor { + return { + ...descriptor, + mongodbUri: this.buildTenantMongoUri(descriptor.databaseName, descriptor.username, password), + }; + } + + private buildTenantMongoUri(databaseName: string, username: string, password: string): string { + const host = this.options.socketPath + ? encodeURIComponent(this.options.socketPath) + : `${this.options.host ?? '127.0.0.1'}:${this.options.port ?? 27017}`; + const auth = `${encodeURIComponent(username)}:${encodeURIComponent(password)}@`; + const query = new URLSearchParams({ authSource: databaseName }); + if (this.options.tls?.enabled) { + query.set('tls', 'true'); + } + return `mongodb://${auth}${host}/${encodeURIComponent(databaseName)}?${query.toString()}`; + } }