Skip to content

fix: scope yates roles to active database #127

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
LucianBuzzo merged 3 commits into from
Nov 15, 2025
Merged

fix: scope yates roles to active database #127

LucianBuzzo merged 3 commits into from
Nov 15, 2025

Conversation

@LucianBuzzo
Copy link
Contributor

@LucianBuzzo LucianBuzzo commented Nov 15, 2025

Summary

  • determine the active database during setup so role management can be scoped per instance
  • include the database scope when generating ability and role identifiers to avoid collisions
  • ensure setup and role creation initialize the scope before issuing grants or revocations

Testing

  • npm test

Codex Task

@github-actions
Copy link
Contributor

github-actions bot commented Nov 15, 2025
edited
Loading

Published beta package version: 3.7.2-beta.dangerous.0952f83

@LucianBuzzo LucianBuzzo force-pushed the codex/scope-role-creation-and-grants-by-database branch from b34c418 to 0b6a4f3 Compare November 15, 2025 08:36
Copilot AI reviewed Nov 15, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds database scoping to Yates roles to support multi-tenant setups where multiple Prisma clients connect to different databases on the same server. The changes ensure that role and ability identifiers include the database name to prevent collisions between tenants.

Key changes:

  • Database scope is determined during initialization by querying the current database name
  • Role and ability identifiers now include the database scope as a prefix to avoid naming conflicts
  • Setup process initializes the database scope before creating roles or granting permissions

Reviewed Changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
src/index.ts Refactored role management into a Yates class with database scoping support; moved utility functions to instance methods
test/integration/multi-tenant-db.spec.ts Added integration test verifying isolation between tenants using different databases
prisma/schema2.prisma Added second Prisma schema for multi-tenant testing with subset of models
package.json Updated setup script to generate and migrate both schemas
docker-compose.yml Configured second database instance for multi-tenant testing
docker-init/setup-databases.sh Added script to create multiple PostgreSQL databases during Docker initialization
biome.json Excluded generated Prisma client files from linting
prisma/migrations/20251115091853_init/migration.sql Migration file removing unused tables from schema

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

src/index.ts
}
};

const createRoleName = this.createRoleName.bind(this);
Copy link

Copilot AI Nov 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This binding appears unnecessary since createRoleName is already an arrow function property of the class, which automatically binds this. The variable is also unused in the subsequent code.

Suggested change
const createRoleName = this.createRoleName.bind(this);

Copilot uses AI. Check for mistakes.
@LucianBuzzo LucianBuzzo force-pushed the codex/scope-role-creation-and-grants-by-database branch from 85e073c to 11ec72b Compare November 15, 2025 09:37
@LucianBuzzo LucianBuzzo force-pushed the codex/scope-role-creation-and-grants-by-database branch 3 times, most recently from 73e1cf6 to 6a5a627 Compare November 15, 2025 17:52
@LucianBuzzo LucianBuzzo force-pushed the codex/scope-role-creation-and-grants-by-database branch from 6a5a627 to 6a97f46 Compare November 15, 2025 17:56
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 15, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
40.7% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

@LucianBuzzo LucianBuzzo merged commit b35e2ed into master Nov 15, 2025
7 of 8 checks passed
@LucianBuzzo LucianBuzzo deleted the codex/scope-role-creation-and-grants-by-database branch November 15, 2025 17:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@SarjuHansaliya SarjuHansaliya SarjuHansaliya approved these changes

@Pehesi97 Pehesi97 Pehesi97 approved these changes

@sebmellen sebmellen Awaiting requested review from sebmellen

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@LucianBuzzo @SarjuHansaliya @Pehesi97