fix name mapper

ymc9 · ymc9 · commit 48a955569201 · 2026-01-04T22:10:30.000+08:00
diff --git a/packages/orm/src/client/executor/name-mapper.ts b/packages/orm/src/client/executor/name-mapper.ts
@@ -78,16 +78,19 @@ export class QueryNameMapper extends OperationNodeTransformer {
         // process "from" clauses
         const processedFroms = node.from.froms.map((from) => this.processSelectTable(from));
 
-        // process "join" clauses, note that "from" needs to be added as scopes since join conditions
-        // can refer to "from" tables
-        const processedJoins = this.withScopes([...processedFroms.map(({ scope }) => scope)], () =>
-            (node.joins ?? []).map((join) => this.processSelectTable(join.table)),
-        );
+        // process "join" clauses, note that "from" and previous joins need to be added as scopes since join conditions
+        // can refer to "from" tables and previous joins
+        const processedJoins: ReturnType<typeof this.processSelectTable>[] = [];
+        const cumulativeScopes = [...processedFroms.map(({ scope }) => scope)];
+        for (const join of node.joins ?? []) {
+            const processedJoin = this.withScopes(cumulativeScopes, () => this.processSelectTable(join.table));
+            processedJoins.push(processedJoin);
+            cumulativeScopes.push(processedJoin.scope);
+        }
 
         // merge the scopes of froms and joins since they're all visible in the query body
-        const scopes = [...processedFroms.map(({ scope }) => scope), ...processedJoins.map(({ scope }) => scope)];
 
-        return this.withScopes(scopes, () => {
+        return this.withScopes(cumulativeScopes, () => {
             // transform join clauses, "on" is transformed within the scopes
             const joins = node.joins
                 ? node.joins.map((join, i) => ({
diff --git a/packages/plugins/policy/src/policy-handler.ts b/packages/plugins/policy/src/policy-handler.ts
@@ -98,7 +98,7 @@ export class PolicyHandler<Schema extends SchemaDef> extends OperationNodeTransf
         // reject non-existing model
         this.tryRejectNonexistentModel(mutationModel);
 
-        // --- Pre mutation work ---
+        // #region Pre mutation work
 
         if (InsertQueryNode.is(node)) {
             // pre-create policy evaluation happens before execution of the query
@@ -128,11 +128,15 @@ export class PolicyHandler<Schema extends SchemaDef> extends OperationNodeTransf
             beforeUpdateInfo = await this.loadBeforeUpdateEntities(mutationModel, node.where, proceed);
         }
 
-        // proceed with query
+        // #endregion
+
+        // #region query execution
 
         const result = await proceed(this.transformNode(node));
 
-        // --- Post mutation work ---
+        // #endregion
+
+        // #region Post mutation work
 
         if (hasPostUpdatePolicies && result.rows.length > 0) {
             // verify if before-update rows and post-update rows still id-match
@@ -210,9 +214,11 @@ export class PolicyHandler<Schema extends SchemaDef> extends OperationNodeTransf
                     'some or all updated rows failed to pass post-update policy check',
                 );
             }
+
+            // #endregion
         }
 
-        // --- Read back ---
+        // #region Read back
 
         if (!node.returning || this.onlyReturningId(node)) {
             // no need to check read back
@@ -228,6 +234,8 @@ export class PolicyHandler<Schema extends SchemaDef> extends OperationNodeTransf
             }
             return readBackResult;
         }
+
+        // #endregion
     }
 
     // #endregion
@@ -292,8 +300,8 @@ export class PolicyHandler<Schema extends SchemaDef> extends OperationNodeTransf
             // when there's no field-level policies, we merge model-level policy filters into where clause directly
             // for generating simpler SQL
 
-            let whereNode = this.transformNode(node.where);
-            const policyFilter = this.createPolicyFilterForFrom(node.from);
+            let whereNode = result.where;
+            const policyFilter = this.createPolicyFilterForFrom(result.from);
             if (policyFilter && !isTrueNode(policyFilter)) {
                 whereNode = WhereNode.create(
                     whereNode?.where ? conjunction(this.dialect, [whereNode.where, policyFilter]) : policyFilter,
@@ -538,7 +546,10 @@ export class PolicyHandler<Schema extends SchemaDef> extends OperationNodeTransf
             selections,
         };
 
-        return { hasPolicies, query: AliasNode.create(nestedQuery, IdentifierNode.create(alias ?? model)) };
+        return {
+            hasPolicies,
+            query: AliasNode.create(ParensNode.create(nestedQuery), IdentifierNode.create(alias ?? model)),
+        };
     }
 
     private createFieldSelectionWithPolicy(model: string, field: string, operation: FieldLevelPolicyOperations) {
@@ -559,7 +570,7 @@ export class PolicyHandler<Schema extends SchemaDef> extends OperationNodeTransf
         return { hasPolicies: true, selection: SelectionNode.create(selection) };
     }
 
-    private hasFieldLevelPolicies(model: string): unknown {
+    private hasFieldLevelPolicies(model: string) {
         const modelDef = QueryUtils.getModel(this.client.$schema, model);
         if (!modelDef) {
             return false;
diff --git a/tests/e2e/orm/policy/migrated/field-level-policy.test.ts b/tests/e2e/orm/policy/migrated/field-level-policy.test.ts
@@ -31,7 +31,7 @@ describe('field-level policy tests', () => {
 
             let r;
 
-            // y and x are unreadable
+            // y and z are unreadable
 
             // create read-back
             r = await db.model.create({
@@ -472,7 +472,7 @@ describe('field-level policy tests', () => {
             let r;
 
             // y is unreadable
-            r = await db.model.create({
+            await db.model.create({
                 data: {
                     id: 1,
                     x: 0,
@@ -590,7 +590,7 @@ describe('field-level policy tests', () => {
     });
 
     describe.skip('update tests', () => {
-        it('update simple', async () => {
+        it('works with simple updates', async () => {
             const db = await createPolicyTestClient(
                 `
         model User {
@@ -625,13 +625,7 @@ describe('field-level policy tests', () => {
                     where: { id: 1 },
                     data: { y: 2 },
                 }),
-            ).toBeRejectedByPolicy();
-            await expect(
-                db.model.update({
-                    where: { id: 1 },
-                    data: { x: 2 },
-                }),
-            ).toBeRejectedByPolicy();
+            ).toBeRejectedNotFound();
 
             await db.model.create({
                 data: { id: 2, x: 0, y: 1, ownerId: 1 },
@@ -660,7 +654,8 @@ describe('field-level policy tests', () => {
             ).toResolveTruthy();
         });
 
-        it('update with override', async () => {
+        // TODO: field-level policy override
+        it.skip('update with override', async () => {
             const db = await createPolicyTestClient(
                 `
         model Model {
@@ -1143,7 +1138,8 @@ describe('field-level policy tests', () => {
             );
         });
 
-        it('updateMany override', async () => {
+        // TODO: field-level policy override
+        it.skip('updateMany override', async () => {
             const db = await createPolicyTestClient(
                 `
         model Model {
