logaritmisk/biggus-dickus
1
0
Fork 0
Code Issues 17 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(db): add catalogue object create/read/list with audit on create

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Anders Olsson
2026-06-02 09:24:03 +02:00
parent 95357f01dd
commit e0c0187f29
4 changed files with 262 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
crates/db/src/catalog.rs
+183
View File
@@ -0,0 +1,183 @@
//! Catalogue objects (the inventory-minimum core). Writes record audit entries
//! on the caller's connection, so the change and its audit entry commit together.
use domain::{
AuditAction, AuditActor, CatalogueObject, FieldChange, NewAuditEvent, ObjectId, ObjectInput,
Visibility,
};
use serde_json::{Value, json};
use sqlx::Row;
use crate::audit;
/// The entity_type recorded in the audit log for catalogue objects.
const ENTITY_TYPE: &str = "object";
const SELECT_OBJECT_BY_ID: &str = "SELECT id, object_number, object_name, number_of_objects, brief_description, \
current_location, current_owner, recorder, recording_date, visibility, \
created_at, updated_at FROM object WHERE id = $1";
const SELECT_OBJECTS_ORDERED: &str = "SELECT id, object_number, object_name, number_of_objects, brief_description, \
current_location, current_owner, recorder, recording_date, visibility, \
created_at, updated_at FROM object ORDER BY object_number";
/// Create an object and record a `created` audit entry, both on `conn`
/// (pass a transaction connection `&mut *tx` so they commit atomically).
pub async fn create_object(
conn: &mut sqlx::PgConnection,
actor: AuditActor,
input: &ObjectInput,
) -> Result<ObjectId, sqlx::Error> {
let id = ObjectId::new();
sqlx::query(
"INSERT INTO object \
(id, object_number, object_name, number_of_objects, brief_description, \
current_location, current_owner, recorder, recording_date, visibility) \
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)",
)
.bind(id.to_uuid())
.bind(&input.object_number)
.bind(&input.object_name)
.bind(input.number_of_objects)
.bind(input.brief_description.as_deref())
.bind(input.current_location.as_deref())
.bind(input.current_owner.as_deref())
.bind(input.recorder.as_deref())
.bind(input.recording_date)
.bind(input.visibility.as_str())
.execute(&mut *conn)
.await?;
let changes = creation_changes(input);
audit::record(
&mut *conn,
&NewAuditEvent {
actor,
action: AuditAction::Created,
entity_type: ENTITY_TYPE.to_owned(),
entity_id: id.to_uuid(),
changes,
},
)
.await?;
Ok(id)
}
/// Fetch one object by id.
pub async fn object_by_id<'e, E>(
executor: E,
id: ObjectId,
) -> Result<Option<CatalogueObject>, sqlx::Error>
where
E: sqlx::PgExecutor<'e>,
{
let row = sqlx::query(SELECT_OBJECT_BY_ID)
.bind(id.to_uuid())
.fetch_optional(executor)
.await?;
row.map(map_object).transpose()
}
/// List all objects, ordered by object number.
pub async fn list_objects<'e, E>(executor: E) -> Result<Vec<CatalogueObject>, sqlx::Error>
where
E: sqlx::PgExecutor<'e>,
{
// TODO: add LIMIT/keyset pagination before exposing this via the API.
let rows = sqlx::query(SELECT_OBJECTS_ORDERED)
.fetch_all(executor)
.await?;
rows.into_iter().map(map_object).collect()
}
fn map_object(row: sqlx::postgres::PgRow) -> Result<CatalogueObject, sqlx::Error> {
let visibility_str: String = row.try_get("visibility")?;
let visibility = Visibility::from_db(&visibility_str).ok_or_else(|| {
sqlx::Error::Decode(format!("unknown visibility: {visibility_str}").into())
})?;
Ok(CatalogueObject {
id: ObjectId::from_uuid(row.try_get("id")?),
object_number: row.try_get("object_number")?,
object_name: row.try_get("object_name")?,
number_of_objects: row.try_get("number_of_objects")?,
brief_description: row.try_get("brief_description")?,
current_location: row.try_get("current_location")?,
current_owner: row.try_get("current_owner")?,
recorder: row.try_get("recorder")?,
recording_date: row.try_get("recording_date")?,
visibility,
created_at: row.try_get("created_at")?,
updated_at: row.try_get("updated_at")?,
})
}
/// The mutable fields as `(name, value)` pairs, for building audit diffs.
/// `None` means the field is unset (NULL).
fn field_values(input: &ObjectInput) -> Vec<(&'static str, Option<Value>)> {
vec![
("object_number", Some(json!(input.object_number))),
("object_name", Some(json!(input.object_name))),
("number_of_objects", Some(json!(input.number_of_objects))),
(
"brief_description",
input.brief_description.as_ref().map(|v| json!(v)),
),
(
"current_location",
input.current_location.as_ref().map(|v| json!(v)),
),
(
"current_owner",
input.current_owner.as_ref().map(|v| json!(v)),
),
("recorder", input.recorder.as_ref().map(|v| json!(v))),
(
"recording_date",
input
.recording_date
.and_then(|d| serde_json::to_value(d).ok()),
),
("visibility", Some(json!(input.visibility.as_str()))),
]
}
/// Audit changes for a newly created object: every set field as an `after` value.
fn creation_changes(input: &ObjectInput) -> Vec<FieldChange> {
field_values(input)
.into_iter()
.filter_map(|(field, after)| {
after.map(|a| FieldChange {
field: field.to_owned(),
before: None,
after: Some(a),
})
})
.collect()
}
/// Audit changes between two field sets: only the fields whose value changed.
/// (Used by `update_object` in the next task.)
#[allow(dead_code)]
fn update_changes(old: &ObjectInput, new: &ObjectInput) -> Vec<FieldChange> {
field_values(old)
.into_iter()
.zip(field_values(new))
.filter_map(|((field, before), (_, after))| {
if before != after {
Some(FieldChange {
field: field.to_owned(),
before,
after,
})
} else {
None
}
})
.collect()
}