fix(encryption): fixes for createMany and createManyAndReturn operations

[ymc9]

No description provided.

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request introduces a new constant ACTIONS_WITH_WRITE_PAYLOAD in the runtime package, which centralizes the definition of Prisma actions that involve write operations. The changes span multiple files, primarily focusing on replacing hardcoded action lists with this new constant. The modifications affect authentication, encryption, and password handling modules, providing a more flexible and maintainable approach to identifying write-related actions across different enhancement handlers.

Changes

File	Change Summary
packages/runtime/src/constants.ts	Added new constant ACTIONS_WITH_WRITE_PAYLOAD defining write-related Prisma actions
packages/runtime/src/cross/nested-write-visitor.ts	Updated visitSubPayload method to use enumerate for more flexible payload iteration
packages/runtime/src/enhancements/node/default-auth.ts	Replaced hardcoded action list with ACTIONS_WITH_WRITE_PAYLOAD in preprocessArgs
packages/runtime/src/enhancements/node/encryption.ts	Replaced hardcoded actionsOfInterest with ACTIONS_WITH_WRITE_PAYLOAD
packages/runtime/src/enhancements/node/password.ts	Replaced hardcoded action list with ACTIONS_WITH_WRITE_PAYLOAD in preprocessArgs
tests/integration/tests/enhancements/with-encrypted/with-encrypted.test.ts	Added comprehensive test cases for encrypted field operations
tests/integration/tests/enhancements/with-password/with-password.test.ts	Enhanced password-related tests with createMany and createManyAndReturn scenarios

Sequence Diagram

sequenceDiagram
    participant Constants as constants.ts
    participant Handler as Enhancement Handlers
    participant Visitor as NestedWriteVisitor

    Constants->>Handler: Export ACTIONS_WITH_WRITE_PAYLOAD
    Handler->>Handler: Check action against constant
    Handler->>Visitor: Process write payload
    Visitor->>Visitor: Iterate payload using enumerate

Loading

Possibly related PRs

• refactor: refactor policy definition and generation code #1468: Changes to constants.ts that might have laid groundwork for this constant
• fix(delegate): enforcing concrete model policies when read from a delegate base #1726: Modifications to enhancement creation that could interact with action processing
• test(delegate): add @password interaction test #1721: Testing password interactions that may be affected by action handling
• fix(delegate): delegate model's guards are not properly including concrete models #1932: Delegate model guard issues that could relate to action processing
• feat(encryption): support providing multiple decryption keys for key rotation #1942: Encryption functionality enhancements potentially impacted by write action definitions

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7ed9841 and d43a287.

📒 Files selected for processing (7)

• packages/runtime/src/constants.ts (1 hunks)
• packages/runtime/src/cross/nested-write-visitor.ts (2 hunks)
• packages/runtime/src/enhancements/node/default-auth.ts (2 hunks)
• packages/runtime/src/enhancements/node/encryption.ts (2 hunks)
• packages/runtime/src/enhancements/node/password.ts (2 hunks)
• tests/integration/tests/enhancements/with-encrypted/with-encrypted.test.ts (1 hunks)
• tests/integration/tests/enhancements/with-password/with-password.test.ts (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (5)

• GitHub Check: build-test (20.x)
• GitHub Check: build-test (20.x)
• GitHub Check: dependency-review
• GitHub Check: build-test (20.x)
• GitHub Check: OSSAR-Scan

🔇 Additional comments (10)

packages/runtime/src/constants.ts (1)

71-81: LGTM! Well-structured constant definition.

The ACTIONS_WITH_WRITE_PAYLOAD constant provides a comprehensive and maintainable list of Prisma actions that involve write operations. The inclusion of both createMany and createManyAndReturn aligns with the PR's objectives.

packages/runtime/src/enhancements/node/password.ts (1)

4-4: LGTM! Improved maintainability.

The changes effectively utilize the centralized ACTIONS_WITH_WRITE_PAYLOAD constant, making the code more maintainable while preserving the existing password hashing functionality.

Also applies to: 42-42

tests/integration/tests/enhancements/with-password/with-password.test.ts (1)

42-61: LGTM! Comprehensive test coverage for bulk operations.

The new test cases thoroughly verify:

1. Password hashing for bulk operations
2. Access control preventing raw password exposure
3. Both createMany and createManyAndReturn functionality

packages/runtime/src/enhancements/node/default-auth.ts (1)

4-4: LGTM! Consistent implementation.

The changes align with the pattern used in other handlers, utilizing the centralized ACTIONS_WITH_WRITE_PAYLOAD constant while preserving the existing auth preprocessing logic.

Also applies to: 54-57

packages/runtime/src/enhancements/node/encryption.ts (1)

5-5: LGTM! Good refactoring to use centralized constant.

The change to use ACTIONS_WITH_WRITE_PAYLOAD improves maintainability by centralizing the list of write actions. The implementation correctly handles all write operations including createMany and createManyAndReturn.

Also applies to: 215-217

packages/runtime/src/cross/nested-write-visitor.ts (1)

7-7: LGTM! Good use of enumerate utility.

The refactoring to use enumerate utility improves the code by:

1. Handling both arrays and single objects more flexibly
2. Making the code more consistent with other parts of the codebase
3. Maintaining clear separation between model fields and data model handling

Also applies to: 313-339

tests/integration/tests/enhancements/with-encrypted/with-encrypted.test.ts (4)

62-73: LGTM! Good test coverage for update operation.

The test properly verifies that:

1. Updated encrypted values are correctly stored
2. Raw database values differ from the input
3. Retrieved values are correctly decrypted

---

75-111: LGTM! Comprehensive upsert test cases.

Tests thoroughly cover both create and update paths of upsert operation, verifying:

1. Creation of new records
2. Update of existing records
3. Proper encryption/decryption in both cases

---

113-146: LGTM! Good coverage of bulk operations.

Tests properly verify:

1. createMany with multiple records
2. createManyAndReturn functionality
3. Proper encryption/decryption for bulk operations

---

149-178: LGTM! Important edge case coverage.

Good addition of tests for nullish values:

1. Empty strings
2. Explicit null values
3. Implicit null values (omitted fields)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

‼️ IMPORTANT
Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.