Updated dataset permission tests to expect the full DatasetAccessResult
object instead of just a boolean value in cache operations. This aligns
with the PR feedback to cache the complete access result including
accessPath and userRole.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Optimized N+1 query in get-permissioned-datasets.ts using inArray for batch lookup
- Removed unused bulkRemoveAssetPermissions import
- Fixed import organization in find-user-by-email.ts
- Updated CLAUDE.md to reflect tests are written and fixed API example
- Clarified TODO comment in lookup.ts to prevent potential infinite recursion
These are style and performance improvements that don't affect functionality.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed permission hierarchy: full_access (5) now correctly ranks higher than viewer (3)
- Removed 'querier' role from admin permission check as it was too permissive
- Added organizationId parameter to dashboard access checks to prevent unauthorized access
- Fixed public dashboard expiry date check to verify dates are in the future
- Added cycle detection for collection permissions to prevent infinite recursion
- Fixed bulk remove permissions to correctly filter by identityIds array
- Updated date comparison to use ISO string format for PostgreSQL timestamp columns
These fixes address critical security and logic issues identified in the PR review.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed AssetTypeSchema to include all active asset types (excluding deprecated 'metric' and 'dashboard')
- Added missing 'restricted_querier' role to UserOrganizationRole type
- Fixed dataset access caching to store full result object including accessPath and userRole
- Updated count query to use SQL COUNT for better performance
- Fixed IdentityType consistency across dataset permissions
- Removed unused 'ne' import from list-asset-permissions.ts
- Updated comments to correctly reference 6 access paths instead of 5
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
This PR migrates the Rust and libraries to TypeScript in the new package.
## Changes
### New Access Controls Package
- Implemented complete asset permissions system with CRUD operations
- Added dataset permissions with all 5 access paths (admin, direct user, user→group, team→direct, team→group, org→default)
- Implemented cascading permissions (metrics inherit from dashboards/chats/collections)
- Added LRU caching to replace Redis (30-second TTL)
- Comprehensive test coverage (148 tests passing, 3 skipped pending createUser)
### Database Package Updates
- Fixed AssetType enum to include all 14 asset types
- Added missing database queries for permissions
- Fixed timestamp fields to use ISO strings
- Added getUserOrganizationsByUserId function
- Created organized query structure by table
### AI Package Updates
- Updated getPermissionedDatasets API calls to new format
- Changed property references from ymlFile to ymlContent
- Fixed all test mocks to match new API structure
### Trigger App Updates
- Updated to use new access controls API
- Fixed test mocks to match DatasetListResult structure
- Added proper type imports
### Server Shared Updates
- Added request/response types for access control endpoints
- Exported types for API consistency
## Testing
- All packages build successfully with turbo build:dry-run
- All tests pass with turbo test:unit
- Full type safety maintained throughout
## Migration Notes
- Drop-in replacement for Rust libraries
- Same permission model and roles
- Cache invalidation strategies implemented
- Soft delete pattern maintained
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Simplified import statements in web-search-tool.ts and web-search-tool.test.ts for better readability.
- Updated error messages in sql-parser-helpers.test.ts to provide clearer feedback regarding wildcard usage on physical tables.
- Update package.json dependencies in ai and trigger packages
- Fix import statements in web-search-tool.ts and web-search-tool.test.ts
- Update pnpm-lock.yaml to reflect correct package references
- Resolves CI build failure due to missing module '@buster-tools/web-tools'
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Update createWorkflowAwareHealingMessage to include next workflow step info and transition descriptions
- Replace SQL wildcard error message with more user-friendly text
- Maintain existing function signatures and return structures
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Changed test query from 'OpenAI GPT' to 'Buster Data' with an increased limit of 10.
- Reorganized import statements in web-search-tool.ts for better readability.
- Enhanced formatting in permission-validator.test.ts for improved code clarity.
- Add webSearch method to FirecrawlService with WebSearchOptions, WebSearchResult, and WebSearchResponse interfaces
- Export new types from web-tools package
- Create web-search-tool in AI package with proper input/output schemas
- Add comprehensive unit tests for webSearch method (16 tests total)
- Add tool tests with mocking (4 tests)
- Add integration tests (skipped when no API key)
- Update package exports and dependencies
- Default search limit: 5, default format: markdown, content scraping enabled
- Proper error handling using CompanyResearchError
- AI package has no direct Firecrawl dependency
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
The Snowflake adapter implementation transforms column names to lowercase
for consistency, but the tests were expecting uppercase column names.
This commit updates the tests to match the implementation:
- Update test expectations to use lowercase column names (id, name)
- Fix hasMoreRows assertions to match implementation logic (only true when rowCount > limit)
- Ensure all Snowflake-related tests pass with the current adapter behavior
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Increased allowed variance in cached query time checks to accommodate network fluctuations.
- Corrected property name in test assertions to match expected lowercase format.
- Enhanced SnowflakeAdapter to transform column names to lowercase and adjusted logic for determining if more rows are available from the stream.
- Implemented a custom fetch function in both anthropic.ts and vertex.ts to modify the request body.
- If tool_choice is present, added disable_parallel_tool_use to the request body.
- Included error handling for JSON parsing to ensure fallback to original request on failure.
- Added tests for handling AbortError scenarios in both memory-safe and standard streaming models.
- Updated the FallbackModel to gracefully handle intentional aborts without retrying or causing errors.
- Ensured that the controller closes properly on AbortError and that no fallback to subsequent models occurs.
- Enhanced mock models to simulate AbortError conditions for comprehensive testing.
- Replace SELECT * with explicit column names in permission validation tests
- Update CTE test to use explicit columns in final SELECT
- Maintain test intent while aligning with new wildcard security validation
- Ensure all tests pass with new wildcard blocking behavior
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Updated references across multiple files to reflect the new tool name.
- Adjusted unit tests and schemas to ensure compatibility with the renamed tool.
- Removed the old respondWithoutAnalysis tool implementation and its associated tests.
- Ensured backward compatibility for existing functionality using the old tool name.
dal
Nate Kelley
Devin AI