feat(database): refactor CLI, add column whitelist, and SSL config

- Add `ZEN_DB_SSL_DISABLED` env variable to allow disabling SSL for database connections
- Refactor database CLI to split init logic into `initFeatures` and `initModules` for modular table initialization, with graceful fallback when modules are absent
- Extract `printHelp` and `askConfirmation` helpers for cleaner CLI structure
- Ensure `closePool` is called on both success and error paths in CLI
- Add `filterAllowedColumns` utility in `crud.js` to enforce column whitelists, preventing mass-assignment of privileged fields (e.g. `role`, `email_verified`)
- Update drop command description from "auth tables" to "all tables"
This commit is contained in:
2026-04-13 16:35:23 -04:00
parent 6521179e10
commit a3921a0b98
11 changed files with 691 additions and 295 deletions
+59 -43
View File
@@ -16,15 +16,12 @@ dotenv.config({ path: resolve(process.cwd(), '.env.local') });
// The CLI always runs locally, so default to development to use ZEN_DATABASE_URL_DEV if set
process.env.NODE_ENV = process.env.NODE_ENV || 'development';
import { initDatabase, dropAuthTables, testConnection, closePool } from '../core/database/index.js';
import { testConnection, closePool } from '../core/database/index.js';
import readline from 'readline';
import { step, done, warn, fail } from '../shared/lib/logger.js';
async function runCLI() {
const command = process.argv[2];
if (!command) {
console.log(`
function printHelp() {
console.log(`
Zen Database CLI
Usage:
@@ -33,22 +30,59 @@ Usage:
Commands:
init Initialize database (create all required tables)
test Test database connection
drop Drop all authentication tables (DANGER!)
drop Drop all tables (DANGER!)
help Show this help message
Example:
npx zen-db init
`);
`);
}
/**
* Prompt the user for a confirmation answer.
* @param {string} question
* @returns {Promise<string>} The trimmed, lowercased answer
*/
function askConfirmation(question) {
return new Promise((resolve) => {
const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
rl.question(question, (answer) => {
rl.close();
resolve(answer.trim().toLowerCase());
});
});
}
async function runCLI() {
const command = process.argv[2];
if (!command) {
printHelp();
process.exit(0);
}
try {
switch (command) {
case 'init':
case 'init': {
step('Initializing database...');
const result = await initDatabase();
done(`Created ${result.created.length} tables, skipped ${result.skipped.length} existing tables`);
const { initFeatures } = await import('../features/init.js');
const featuresResult = await initFeatures();
// Module tables are initialized per-module, if present
let modulesResult = { created: [], skipped: [] };
try {
const { initModules } = await import('../modules/init.js');
modulesResult = await initModules();
} catch {
// Modules may not be present in all project setups — silently skip
}
const totalCreated = featuresResult.created.length + modulesResult.created.length;
const totalSkipped = featuresResult.skipped.length + modulesResult.skipped.length;
done(`DB ready — ${totalCreated} tables created, ${totalSkipped} skipped`);
break;
}
case 'test':
step('Testing database connection...');
@@ -61,40 +95,22 @@ Example:
}
break;
case 'drop':
warn('This will delete all authentication tables!');
case 'drop': {
warn('This will delete all tables!');
process.stdout.write(' Type "yes" to confirm or Ctrl+C to cancel...\n');
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout
});
rl.question('Confirm (yes/no): ', async (answer) => {
if (answer.toLowerCase() === 'yes') {
await dropAuthTables();
done('Tables dropped successfully');
} else {
warn('Operation cancelled');
}
rl.close();
process.exit(0);
});
return; // Don't close the process yet
const answer = await askConfirmation('Confirm (yes/no): ');
if (answer === 'yes') {
const { dropFeatures } = await import('../features/init.js');
await dropFeatures();
done('Tables dropped successfully');
} else {
warn('Operation cancelled');
}
break;
}
case 'help':
console.log(`
Zen Database CLI
Commands:
init Initialize database (create all required tables)
test Test database connection
drop Drop all authentication tables (DANGER!)
help Show this help message
Usage:
npx zen-db <command>
`);
printHelp();
break;
default:
@@ -103,12 +119,12 @@ Usage:
process.exit(1);
}
// Close the database connection pool
await closePool();
process.exit(0);
} catch (error) {
fail(`Error: ${error.message}`);
await closePool();
process.exit(1);
}
}