Merge pull request #654 from objectstack-ai/copilot/fix-user-filters-refresh-issue

Author: hotlong

ROADMAP.md

@@ -217,6 +217,8 @@ Full adoption of Cloud namespace, contracts/integration/security/studio modules,
 - [x] Implement selection and pagination spec alignment
 - [x] Implement `quickFilters` and `userFilters` spec properties
 - [x] Auto-derive `userFilters` from objectDef (select/multi-select/boolean fields) when not explicitly configured
+- [x] Fix `userFilters` AST filter conditions not evaluated by ValueDataSource (in-memory)
+- [x] Fix demo guest user missing admin role (all features now accessible when auth is disabled)
 - [x] Implement `hiddenFields` and `fieldOrder` spec properties
 - [x] Implement `emptyState` spec property
 

packages/auth/src/AuthProvider.tsx

@@ -105,11 +105,13 @@ export function AuthProvider({
     }
 
     if (!enabled) {
-      // When auth is disabled, set a guest user and mark as loaded
+      // When auth is disabled, set a guest user with admin role and mark as loaded.
+      // Admin role ensures all features are accessible in demo/dev environments.
       setUser({
         id: 'guest',
         email: 'guest@local',
         name: 'Guest User',
+        role: 'admin',
       });
       setSession({
         token: 'guest-token',

packages/auth/src/__tests__/AuthProvider.disabled.test.tsx

@@ -96,4 +96,25 @@ describe('AuthProvider with enabled prop', () => {
 
     expect(screen.getByTestId('has-expiry').textContent).toBe('true');
   });
+
+  it('should assign admin role to guest user when auth is disabled', async () => {
+    function RoleTestComponent() {
+      const auth = useAuth();
+      return (
+        <div>
+          <div data-testid="user-role">{auth.user?.role || 'null'}</div>
+        </div>
+      );
+    }
+
+    render(
+      <AuthProvider authUrl="/api/auth" enabled={false}>
+        <RoleTestComponent />
+      </AuthProvider>
+    );
+
+    await waitFor(() => {
+      expect(screen.getByTestId('user-role').textContent).toBe('admin');
+    });
+  });
 });

packages/core/src/adapters/ValueDataSource.ts

@@ -36,6 +36,69 @@ function getRecordId(record: any, idField?: string): string | number | undefined
   return record._id ?? record.id;
 }
 
+/**
+ * Evaluate an AST-format filter node against a record.
+ * Supports conditions like ['field', 'op', value] and logical
+ * combinations like ['and', ...conditions] or ['or', ...conditions].
+ */
+function matchesASTFilter(record: any, filterNode: any[]): boolean {
+  if (!filterNode || filterNode.length === 0) return true;
+
+  const head = filterNode[0];
+
+  // Logical operators: ['and', ...conditions] or ['or', ...conditions]
+  if (head === 'and') {
+    return filterNode.slice(1).every((sub: any) => matchesASTFilter(record, sub));
+  }
+  if (head === 'or') {
+    return filterNode.slice(1).some((sub: any) => matchesASTFilter(record, sub));
+  }
+
+  // Condition node: [field, operator, value]
+  if (filterNode.length === 3 && typeof head === 'string') {
+    const [field, operator, target] = filterNode;
+    const value = record[field];
+
+    switch (operator) {
+      case '=':
+        return value === target;
+      case '!=':
+        return value !== target;
+      case '>':
+        return value > target;
+      case '>=':
+        return value >= target;
+      case '<':
+        return value < target;
+      case '<=':
+        return value <= target;
+      case 'in':
+        return Array.isArray(target) && target.includes(value);
+      case 'not in':
+      case 'notin': // alias used by convertFiltersToAST
+        return Array.isArray(target) && !target.includes(value);
+      case 'contains': {
+        const lv = typeof value === 'string' ? value.toLowerCase() : '';
+        return typeof value === 'string' && lv.includes(String(target).toLowerCase());
+      }
+      case 'notcontains': {
+        const lv = typeof value === 'string' ? value.toLowerCase() : '';
+        return typeof value === 'string' && !lv.includes(String(target).toLowerCase());
+      }
+      case 'startswith': {
+        const lv = typeof value === 'string' ? value.toLowerCase() : '';
+        return typeof value === 'string' && lv.startsWith(String(target).toLowerCase());
+      }
+      case 'between':
+        return Array.isArray(target) && target.length === 2 && value >= target[0] && value <= target[1];
+      default:
+        return true;
+    }
+  }
+
+  return true;
+}
+
 /**
  * Simple in-memory filter evaluation.
  * Supports flat key-value equality and basic operators ($gt, $gte, $lt, $lte, $ne, $in).
@@ -177,9 +240,13 @@ export class ValueDataSource<T = any> implements DataSource<T> {
   async find(_resource: string, params?: QueryParams): Promise<QueryResult<T>> {
     let result = [...this.items];
 
-    // Filter
-    if (params?.$filter && Object.keys(params.$filter).length > 0) {
-      result = result.filter((r) => matchesFilter(r, params.$filter!));
+    // Filter — support both MongoDB-style objects and AST-format arrays
+    if (params?.$filter) {
+      if (Array.isArray(params.$filter) && params.$filter.length > 0) {
+        result = result.filter((r) => matchesASTFilter(r, params.$filter as any[]));
+      } else if (!Array.isArray(params.$filter) && Object.keys(params.$filter).length > 0) {
+        result = result.filter((r) => matchesFilter(r, params.$filter!));
+      }
     }
 
     // Search (simple text search across all string fields)

packages/core/src/adapters/__tests__/ValueDataSource.test.ts

@@ -157,6 +157,96 @@ describe('ValueDataSource — find', () => {
   });
 });
 
+// ---------------------------------------------------------------------------
+// AST-format filter support
+// ---------------------------------------------------------------------------
+
+describe('ValueDataSource — AST filter', () => {
+  it('should filter with simple AST equality condition', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['role', '=', 'admin'] as any,
+    });
+    expect(result.data).toHaveLength(2);
+    expect(result.data.every((r: any) => r.role === 'admin')).toBe(true);
+  });
+
+  it('should filter with AST "in" operator', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['role', 'in', ['admin', 'guest']] as any,
+    });
+    expect(result.data).toHaveLength(3);
+  });
+
+  it('should filter with AST "and" logical operator', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['and', ['role', '=', 'admin'], ['age', '>', 30]] as any,
+    });
+    expect(result.data).toHaveLength(1);
+    expect(result.data[0].name).toBe('Charlie');
+  });
+
+  it('should filter with AST "or" logical operator', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['or', ['role', '=', 'guest'], ['name', '=', 'Alice']] as any,
+    });
+    expect(result.data).toHaveLength(2);
+  });
+
+  it('should filter with AST "!=" operator', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['role', '!=', 'admin'] as any,
+    });
+    expect(result.data).toHaveLength(3);
+  });
+
+  it('should filter with AST "not in" operator', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['role', 'not in', ['admin', 'guest']] as any,
+    });
+    expect(result.data).toHaveLength(2);
+    expect(result.data.every((r: any) => r.role === 'user')).toBe(true);
+  });
+
+  it('should filter with AST "contains" operator', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['name', 'contains', 'li'] as any,
+    });
+    expect(result.data).toHaveLength(2); // Alice, Charlie
+  });
+
+  it('should filter with nested AST (and with in operator)', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['and', ['role', 'in', ['admin', 'user']], ['age', '>=', 28]] as any,
+    });
+    expect(result.data).toHaveLength(3); // Alice (30, admin), Charlie (35, admin), Diana (28, user)
+  });
+
+  it('should return all items with empty AST filter', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', { $filter: [] as any });
+    expect(result.data).toHaveLength(5);
+  });
+
+  it('should combine AST filter with sort', async () => {
+    const ds = createDS();
+    const result = await ds.find('users', {
+      $filter: ['role', '=', 'admin'] as any,
+      $orderby: { age: 'asc' },
+    });
+    expect(result.data).toHaveLength(2);
+    expect(result.data[0].name).toBe('Alice');
+    expect(result.data[1].name).toBe('Charlie');
+  });
+});
+
 // ---------------------------------------------------------------------------
 // findOne
 // ---------------------------------------------------------------------------