database: migrate "base"

Author: haraldschilly

src/packages/database/DB_DEVELOPMENT.md

@@ -59,6 +59,9 @@ required = defaults.required
 
 metrics = require('@cocalc/backend/metrics')
 
+# Group 1: Database Utilities - TypeScript implementations
+UtilTS = require('./postgres/core/util')
+
 exports.PUBLIC_PROJECT_COLUMNS = ['project_id',  'last_edited', 'title', 'description', 'deleted',  'created', 'env']
 exports.PROJECT_COLUMNS = ['users'].concat(exports.PUBLIC_PROJECT_COLUMNS)
 
@@ -115,7 +118,7 @@ class exports.PostgreSQL extends EventEmitter    # emits a 'connect' event whene
             @connect()  # start trying to connect
 
     clear_cache: =>
-        @_query_cache?.clear()
+        UtilTS.clearCache(@)
 
     close: =>
         if @_state == 'closed'
@@ -153,7 +156,7 @@ class exports.PostgreSQL extends EventEmitter    # emits a 'connect' event whene
             clearInterval(@_test_query)
             delete @_test_query
 
-    engine: -> 'postgresql'
+    engine: -> UtilTS.engine()
 
     connect: (opts) =>
         opts = defaults opts,
@@ -396,24 +399,10 @@ class exports.PostgreSQL extends EventEmitter    # emits a 'connect' event whene
         return db?.query.bind(db)
 
     _dbg: (f) =>
-        if @_debug
-            return (m) => winston.debug("PostgreSQL.#{f}: #{misc.trunc_middle(JSON.stringify(m), 250)}")
-        else
-            return ->
+        return UtilTS.dbg(@, f)
 
     _init_metrics: =>
-        # initialize metrics
-        try
-            @query_time_histogram = metrics.newHistogram('db', 'query_ms_histogram', 'db queries'
-                buckets : [1, 5, 10, 20, 50, 100, 200, 500, 1000, 5000, 10000]
-                labels: ['table']
-            )
-            @concurrent_counter = metrics.newCounter('db', 'concurrent_total',
-                'Concurrent queries (started and finished)',
-                ['state']
-            )
-        catch err
-            @_dbg("_init_metrics")("WARNING -- #{err}")
+        UtilTS.initMetrics(@)
 
     async_query: (opts) =>
         return await callback2(@_query.bind(@), opts)
@@ -864,32 +853,7 @@ class exports.PostgreSQL extends EventEmitter    # emits a 'connect' event whene
         return true
 
     _ensure_database_exists: (cb) =>
-        dbg = @_dbg("_ensure_database_exists")
-        dbg("ensure database '#{@_database}' exists")
-        args = ['--user', @_user, '--host', @_host.split(',')[0], '--port', @_port, '--list', '--tuples-only']
-        sslEnv = sslConfigToPsqlEnv(@_ssl)
-        dbg("psql #{args.join(' ')}")
-        misc_node.execute_code
-            command : 'psql'
-            args    : args
-            env     : Object.assign sslEnv,
-                  PGPASSWORD : @_password
-            cb      : (err, output) =>
-                if err
-                    cb(err)
-                    return
-                databases = (x.split('|')[0].trim() for x in output.stdout.split('\n') when x)
-                if @_database in databases
-                    dbg("database '#{@_database}' already exists")
-                    cb()
-                    return
-                dbg("creating database '#{@_database}'")
-                misc_node.execute_code
-                    command : 'createdb'
-                    args    : ['--host', @_host, '--port', @_port, @_database]
-                    env     :
-                        PGPASSWORD : @_password
-                    cb      : cb
+        return UtilTS.ensureDatabaseExists(@, cb)
 
     _confirm_delete: (opts) =>
         opts = defaults opts,
@@ -1026,10 +990,10 @@ class exports.PostgreSQL extends EventEmitter    # emits a 'connect' event whene
 
     # Return the number of outstanding concurrent queries.
     concurrent: =>
-        return @_concurrent_queries ? 0
+        return UtilTS.concurrent(@)
 
     is_heavily_loaded: =>
-        return @_concurrent_queries >= @_concurrent_heavily_loaded
+        return UtilTS.isHeavilyLoaded(@)
 
     # Compute the sha1 hash (in hex) of the input arguments, which are
     # converted to strings (via json) if they are not strings, then concatenated.
@@ -1038,8 +1002,7 @@ class exports.PostgreSQL extends EventEmitter    # emits a 'connect' event whene
     # wouldn't be the end of the world.  There is a similar client-only slower version
     # of this function (in schema.coffee), so don't change it willy nilly.
     sha1: (args...) ->
-        v = ((if typeof(x) == 'string' then x else JSON.stringify(x)) for x in args).join('')
-        return misc_node.sha1(v)
+        return UtilTS.sha1Hash(args...)
 
     # Go through every table in the schema with a column called "expire", and
     # delete every entry where expire is <= right now.
@@ -1084,7 +1047,7 @@ class exports.PostgreSQL extends EventEmitter    # emits a 'connect' event whene
 
     # sanitize strings before inserting them into a query string
     sanitize: (s) =>
-        escapeString(s)
+        return UtilTS.sanitize(s)
 
 ###
 Other misc functions

src/packages/database/postgres-base.coffee

@@ -1,15 +1,7 @@
 /*
- * decaffeinate suggestions:
- * DS002: Fix invalid constructor
- * DS101: Remove unnecessary use of Array.from
- * DS102: Remove unnecessary code created because of implicit returns
- * DS207: Consider shorter variations of null checks
- * Full docs: https://github.com/decaffeinate/decaffeinate/blob/main/docs/suggestions.md
+ *  This file is part of CoCalc: Copyright © 2025 Sagemath, Inc.
+ *  License: MS-RSL – see LICENSE.md for details
  */
-//########################################################################
-// This file is part of CoCalc: Copyright © 2020 Sagemath, Inc.
-// License: MS-RSL – see LICENSE.md for details
-//########################################################################
 
 /*
 PostgreSQL -- implementation of all the queries needed for the backend servers

src/packages/database/postgres-server-queries.ts

@@ -0,0 +1,250 @@
+/*
+ *  This file is part of CoCalc: Copyright © 2025 Sagemath, Inc.
+ *  License: MS-RSL – see LICENSE.md for details
+ */
+
+/*
+Group 1: Database Utilities - Core utility methods for PostgreSQL class
+
+Tests for 9 utility methods:
+- _dbg(f) - Debug logger factory
+- _init_metrics() - Initialize Prometheus metrics
+- concurrent() - Get concurrent query count
+- is_heavily_loaded() - Check if heavily loaded
+- sha1(...args) - Generate SHA1 hash
+- sanitize(s) - Escape string for SQL
+- clear_cache() - Clear LRU cache
+- engine() - Return 'postgresql'
+- _ensure_database_exists(cb) - Create database if missing
+
+TDD Workflow:
+- USE_TYPESCRIPT = false: Test against CoffeeScript implementation (db())
+- USE_TYPESCRIPT = true: Test against TypeScript implementation (direct import)
+*/
+
+import { db } from "@cocalc/database";
+import { initEphemeralDatabase } from "@cocalc/database/pool";
+import { testCleanup } from "@cocalc/database/test-utils";
+
+// These tests call CoffeeScript methods via db(), which now delegate to TypeScript implementations
+
+describe("Database Utilities - Group 1", () => {
+  let database: any; // Singleton database instance
+
+  beforeAll(async () => {
+    await initEphemeralDatabase({});
+    database = db(); // Get the singleton
+  }, 15000);
+
+  afterAll(async () => {
+    await testCleanup();
+  });
+
+  describe("_dbg - Debug logger factory", () => {
+    it("returns a debug function when debug is enabled", () => {
+      const dbgFn = database._dbg("test_method");
+      expect(typeof dbgFn).toBe("function");
+    });
+
+    it("returns a no-op function when debug is disabled", () => {
+      const database = db();
+      // Save original debug state
+      const originalDebug = database._debug;
+
+      // Disable debug
+      database._debug = false;
+      const dbgFn = database._dbg("test_method");
+      expect(typeof dbgFn).toBe("function");
+
+      // Calling it should not throw
+      expect(() => dbgFn("test message")).not.toThrow();
+
+      // Restore original state
+      database._debug = originalDebug;
+    });
+
+    it("logs messages with method name prefix", () => {
+      const database = db();
+      const originalDebug = database._debug;
+
+      database._debug = true;
+      const dbgFn = database._dbg("test_method");
+
+      // Should not throw when called
+      expect(() => dbgFn({ test: "data" })).not.toThrow();
+
+      database._debug = originalDebug;
+    });
+  });
+
+  describe("_init_metrics - Initialize Prometheus metrics", () => {
+    it("initializes metrics without error", () => {
+      const database = db();
+      expect(() => database._init_metrics()).not.toThrow();
+    });
+
+    it("creates query_time_histogram metric", () => {
+      const database = db();
+      database._init_metrics();
+      expect(database.query_time_histogram).toBeDefined();
+    });
+
+    it("creates concurrent_counter metric", () => {
+      const database = db();
+      database._init_metrics();
+      expect(database.concurrent_counter).toBeDefined();
+    });
+
+    it("handles metric initialization errors gracefully", () => {
+      const database = db();
+      // Should not throw even if metrics are already initialized
+      expect(() => database._init_metrics()).not.toThrow();
+      expect(() => database._init_metrics()).not.toThrow();
+    });
+  });
+
+  describe("concurrent - Get concurrent query count", () => {
+    it("returns 0 when no queries are running", () => {
+      const database = db();
+      const count = database.concurrent();
+      expect(count).toBe(0);
+    });
+
+    it("returns a non-negative number", () => {
+      const database = db();
+      const count = database.concurrent();
+      expect(typeof count).toBe("number");
+      expect(count).toBeGreaterThanOrEqual(0);
+    });
+  });
+
+  describe("is_heavily_loaded - Check if heavily loaded", () => {
+    it("returns false when concurrent queries are low", () => {
+      const database = db();
+      const loaded = database.is_heavily_loaded();
+      expect(typeof loaded).toBe("boolean");
+      // With no queries running, should not be heavily loaded
+      expect(loaded).toBe(false);
+    });
+
+    it("returns a boolean value", () => {
+      const database = db();
+      const loaded = database.is_heavily_loaded();
+      expect(typeof loaded).toBe("boolean");
+    });
+  });
+
+  describe("sha1 - Generate SHA1 hash", () => {
+    it("generates consistent hash for same input", () => {
+      const database = db();
+      const hash1 = database.sha1("test", "data");
+      const hash2 = database.sha1("test", "data");
+      expect(hash1).toBe(hash2);
+    });
+
+    it("generates different hashes for different inputs", () => {
+      const database = db();
+      const hash1 = database.sha1("test", "data");
+      const hash2 = database.sha1("different", "data");
+      expect(hash1).not.toBe(hash2);
+    });
+
+    it("handles object inputs by JSON stringifying", () => {
+      const database = db();
+      const hash = database.sha1({ foo: "bar" }, { baz: 123 });
+      expect(typeof hash).toBe("string");
+      expect(hash.length).toBe(40); // SHA1 produces 40 hex characters
+    });
+
+    it("handles mixed string and object inputs", () => {
+      const database = db();
+      const hash = database.sha1("prefix", { data: "value" }, "suffix");
+      expect(typeof hash).toBe("string");
+      expect(hash.length).toBe(40);
+    });
+
+    it("produces valid hex string", () => {
+      const database = db();
+      const hash = database.sha1("test");
+      expect(hash).toMatch(/^[0-9a-f]{40}$/);
+    });
+  });
+
+  describe("sanitize - Escape string for SQL", () => {
+    it("sanitizes simple strings", () => {
+      const database = db();
+      const result = database.sanitize("test string");
+      expect(typeof result).toBe("string");
+    });
+
+    it("escapes single quotes", () => {
+      const database = db();
+      const result = database.sanitize("test's string");
+      // SQL escaping uses doubled single quotes
+      expect(result).toBe("'test''s string'");
+    });
+
+    it("handles empty string", () => {
+      const database = db();
+      const result = database.sanitize("");
+      expect(typeof result).toBe("string");
+    });
+
+    it("prevents SQL injection attempts", () => {
+      const database = db();
+      const malicious = "'; DROP TABLE users; --";
+      const result = database.sanitize(malicious);
+      // Should be safely escaped
+      expect(result).not.toBe(malicious);
+    });
+  });
+
+  describe("clear_cache - Clear LRU cache", () => {
+    it("clears cache without error", () => {
+      const database = db();
+      expect(() => database.clear_cache()).not.toThrow();
+    });
+
+    it("can be called multiple times", () => {
+      const database = db();
+      expect(() => {
+        database.clear_cache();
+        database.clear_cache();
+        database.clear_cache();
+      }).not.toThrow();
+    });
+  });
+
+  describe("engine - Return database engine identifier", () => {
+    it("returns 'postgresql'", () => {
+      const database = db();
+      expect(database.engine()).toBe("postgresql");
+    });
+  });
+
+  describe("_ensure_database_exists - Create database if missing", () => {
+    it("completes without error for existing database", async () => {
+      const database = db();
+
+      await new Promise<void>((resolve, reject) => {
+        database._ensure_database_exists((err) => {
+          if (err) {
+            reject(err);
+          } else {
+            resolve();
+          }
+        });
+      });
+    });
+
+    it("uses callback pattern correctly", (done) => {
+      const database = db();
+
+      database._ensure_database_exists((_err) => {
+        // Should complete (may succeed or fail depending on environment)
+        // The important thing is the callback is called
+        done();
+      });
+    }, 10000); // Longer timeout for shell commands
+  });
+});