1use proc_macro::TokenStream;
2use quote::{format_ident, quote};
3use std::collections::HashSet;
4use syn::{
5 Attribute, Data, DeriveInput, Error, Field, Fields, GenericArgument, Meta, PathArguments, Type,
6 TypePath, parse_macro_input,
7};
8
9#[proc_macro_derive(Sensitive, attributes(secure, crypto))]
10pub fn derive_sensitive(input: TokenStream) -> TokenStream {
11 match derive_sensitive_impl(parse_macro_input!(input as DeriveInput)) {
12 Ok(tokens) => tokens.into(),
13 Err(err) => err.to_compile_error().into(),
14 }
15}
16
17#[proc_macro_derive(Store, attributes(unique, secure, foreign, table_as, crypto, relate))]
18pub fn derive_store(input: TokenStream) -> TokenStream {
19 match derive_store_impl(parse_macro_input!(input as DeriveInput)) {
20 Ok(tokens) => tokens.into(),
21 Err(err) => err.to_compile_error().into(),
22 }
23}
24
25#[proc_macro_derive(Relation, attributes(relation))]
26pub fn derive_relation(input: TokenStream) -> TokenStream {
27 match derive_relation_impl(parse_macro_input!(input as DeriveInput)) {
28 Ok(tokens) => tokens.into(),
29 Err(err) => err.to_compile_error().into(),
30 }
31}
32
33#[proc_macro_derive(Bridge)]
34pub fn derive_bridge(input: TokenStream) -> TokenStream {
35 match derive_bridge_impl(parse_macro_input!(input as DeriveInput)) {
36 Ok(tokens) => tokens.into(),
37 Err(err) => err.to_compile_error().into(),
38 }
39}
40
41fn derive_store_impl(input: DeriveInput) -> syn::Result<proc_macro2::TokenStream> {
42 let struct_ident = input.ident;
43 let vis = input.vis.clone();
44 let table_alias = table_alias_target(&input.attrs)?;
45
46 let named_fields = match input.data {
47 Data::Struct(data) => match data.fields {
48 Fields::Named(fields) => fields.named,
49 _ => {
50 return Err(Error::new_spanned(
51 struct_ident,
52 "Store can only be derived for structs with named fields",
53 ));
54 }
55 },
56 _ => {
57 return Err(Error::new_spanned(
58 struct_ident,
59 "Store can only be derived for structs",
60 ));
61 }
62 };
63
64 let id_fields = named_fields
65 .iter()
66 .filter(|field| is_id_type(&field.ty))
67 .map(|field| field.ident.clone().expect("named field"))
68 .collect::<Vec<_>>();
69
70 let secure_fields = named_fields
71 .iter()
72 .filter(|field| has_secure_attr(&field.attrs))
73 .map(|field| field.ident.clone().expect("named field"))
74 .collect::<Vec<_>>();
75
76 let unique_fields = named_fields
77 .iter()
78 .filter(|field| has_unique_attr(&field.attrs))
79 .map(|field| field.ident.clone().expect("named field"))
80 .collect::<Vec<_>>();
81
82 if id_fields.len() > 1 {
83 return Err(Error::new_spanned(
84 struct_ident,
85 "Store supports at most one `Id` field for automatic HasId generation",
86 ));
87 }
88
89 if let Some(invalid_field) = named_fields
90 .iter()
91 .find(|field| has_secure_attr(&field.attrs) && has_unique_attr(&field.attrs))
92 {
93 let ident = invalid_field.ident.as_ref().expect("named field");
94 return Err(Error::new_spanned(
95 ident,
96 "#[secure] fields cannot be used as #[unique] lookup keys",
97 ));
98 }
99
100 let foreign_fields = named_fields
101 .iter()
102 .filter_map(|field| match field_foreign_attr(field) {
103 Ok(Some(attr)) => Some(parse_foreign_field(field, attr)),
104 Ok(None) => None,
105 Err(err) => Some(Err(err)),
106 })
107 .collect::<syn::Result<Vec<_>>>()?;
108
109 let relate_fields = named_fields
110 .iter()
111 .filter_map(|field| match field_relate_attr(field) {
112 Ok(Some(attr)) => Some(parse_relate_field(field, attr)),
113 Ok(None) => None,
114 Err(err) => Some(Err(err)),
115 })
116 .collect::<syn::Result<Vec<_>>>()?;
117
118 if let Some(non_store_child) = foreign_fields
119 .iter()
120 .find_map(|field| invalid_foreign_leaf_type(&field.kind.original_ty))
121 {
122 return Err(Error::new_spanned(
123 non_store_child,
124 BINDREF_BRIDGE_STORE_ONLY,
125 ));
126 }
127
128 if let Some(invalid_field) = named_fields.iter().find(|field| {
129 field_foreign_attr(field).ok().flatten().is_some() && has_unique_attr(&field.attrs)
130 }) {
131 let ident = invalid_field.ident.as_ref().expect("named field");
132 return Err(Error::new_spanned(
133 ident,
134 "#[foreign] fields cannot be used as #[unique] lookup keys",
135 ));
136 }
137
138 if let Some(invalid_field) = named_fields.iter().find(|field| {
139 field_relate_attr(field).ok().flatten().is_some() && has_unique_attr(&field.attrs)
140 }) {
141 let ident = invalid_field.ident.as_ref().expect("named field");
142 return Err(Error::new_spanned(
143 ident,
144 "#[relate(...)] fields cannot be used as #[unique] lookup keys",
145 ));
146 }
147
148 if let Some(invalid_field) = named_fields.iter().find(|field| {
149 field_relate_attr(field).ok().flatten().is_some() && has_secure_attr(&field.attrs)
150 }) {
151 let ident = invalid_field.ident.as_ref().expect("named field");
152 return Err(Error::new_spanned(
153 ident,
154 "#[relate(...)] fields cannot be marked #[secure]",
155 ));
156 }
157
158 if let Some(invalid_field) = named_fields.iter().find(|field| {
159 field_relate_attr(field).ok().flatten().is_some()
160 && field_foreign_attr(field).ok().flatten().is_some()
161 }) {
162 let ident = invalid_field.ident.as_ref().expect("named field");
163 return Err(Error::new_spanned(
164 ident,
165 "#[relate(...)] cannot be combined with #[foreign]",
166 ));
167 }
168
169 let mut seen_relation_names = HashSet::new();
170 for field in &relate_fields {
171 if !seen_relation_names.insert(field.relation_name.clone()) {
172 return Err(Error::new_spanned(
173 &field.ident,
174 "duplicate #[relate(...)] relation name is not supported within one Store model",
175 ));
176 }
177 }
178
179 let auto_has_id_impl = id_fields.first().map(|field| {
180 quote! {
181 impl ::appdb::model::meta::HasId for #struct_ident {
182 fn id(&self) -> ::surrealdb::types::RecordId {
183 ::surrealdb::types::RecordId::new(
184 <Self as ::appdb::model::meta::ModelMeta>::storage_table(),
185 self.#field.clone(),
186 )
187 }
188 }
189 }
190 });
191
192 let resolve_record_id_impl = if let Some(field) = id_fields.first() {
193 quote! {
194 #[::async_trait::async_trait]
195 impl ::appdb::model::meta::ResolveRecordId for #struct_ident {
196 async fn resolve_record_id(&self) -> ::anyhow::Result<::surrealdb::types::RecordId> {
197 Ok(::surrealdb::types::RecordId::new(
198 <Self as ::appdb::model::meta::ModelMeta>::storage_table(),
199 self.#field.clone(),
200 ))
201 }
202 }
203 }
204 } else {
205 quote! {
206 #[::async_trait::async_trait]
207 impl ::appdb::model::meta::ResolveRecordId for #struct_ident {
208 async fn resolve_record_id(&self) -> ::anyhow::Result<::surrealdb::types::RecordId> {
209 ::appdb::repository::Repo::<Self>::find_unique_id_for(self).await
210 }
211 }
212 }
213 };
214
215 let resolved_table_name_expr = if let Some(target_ty) = &table_alias {
216 quote! { <#target_ty as ::appdb::model::meta::ModelMeta>::table_name() }
217 } else {
218 quote! {
219 {
220 let table = ::appdb::model::meta::default_table_name(stringify!(#struct_ident));
221 ::appdb::model::meta::register_table(stringify!(#struct_ident), table)
222 }
223 }
224 };
225
226 let unique_schema_impls = unique_fields.iter().map(|field| {
227 let field_name = field.to_string();
228 let index_name = format!(
229 "{}_{}_unique",
230 resolved_schema_table_name(&struct_ident, table_alias.as_ref()),
231 field_name
232 );
233 let ddl = format!(
234 "DEFINE INDEX IF NOT EXISTS {index_name} ON {} FIELDS {field_name} UNIQUE;",
235 resolved_schema_table_name(&struct_ident, table_alias.as_ref())
236 );
237
238 quote! {
239 ::inventory::submit! {
240 ::appdb::model::schema::SchemaItem {
241 ddl: #ddl,
242 }
243 }
244 }
245 });
246
247 let lookup_fields = if unique_fields.is_empty() {
248 named_fields
249 .iter()
250 .filter_map(|field| {
251 let ident = field.ident.as_ref()?;
252 if ident == "id"
253 || secure_fields.iter().any(|secure| secure == ident)
254 || foreign_fields.iter().any(|foreign| foreign.ident == *ident)
255 || relate_fields.iter().any(|relate| relate.ident == *ident)
256 {
257 None
258 } else {
259 Some(ident.to_string())
260 }
261 })
262 .collect::<Vec<_>>()
263 } else {
264 unique_fields
265 .iter()
266 .map(|field| field.to_string())
267 .collect::<Vec<_>>()
268 };
269
270 let foreign_field_literals = foreign_fields
271 .iter()
272 .map(|field| field.ident.to_string())
273 .map(|field| quote! { #field })
274 .collect::<Vec<_>>();
275 let relate_field_literals = relate_fields
276 .iter()
277 .map(|field| field.ident.to_string())
278 .map(|field| quote! { #field })
279 .collect::<Vec<_>>();
280 if id_fields.is_empty() && lookup_fields.is_empty() {
281 return Err(Error::new_spanned(
282 struct_ident,
283 "Store requires an `Id` field or at least one non-secure lookup field for automatic record resolution",
284 ));
285 }
286 let lookup_field_literals = lookup_fields.iter().map(|field| quote! { #field });
287
288 let stored_model_impl = if !foreign_fields.is_empty() {
289 quote! {}
290 } else if secure_field_count(&named_fields) > 0 {
291 quote! {
292 impl ::appdb::StoredModel for #struct_ident {
293 type Stored = <Self as ::appdb::Sensitive>::Encrypted;
294
295 fn into_stored(self) -> ::anyhow::Result<Self::Stored> {
296 <Self as ::appdb::Sensitive>::encrypt_with_runtime_resolver(&self)
297 .map_err(::anyhow::Error::from)
298 }
299
300 fn from_stored(stored: Self::Stored) -> ::anyhow::Result<Self> {
301 <Self as ::appdb::Sensitive>::decrypt_with_runtime_resolver(&stored)
302 .map_err(::anyhow::Error::from)
303 }
304
305 fn supports_create_return_id() -> bool {
306 false
307 }
308 }
309 }
310 } else {
311 quote! {
312 impl ::appdb::StoredModel for #struct_ident {
313 type Stored = Self;
314
315 fn into_stored(self) -> ::anyhow::Result<Self::Stored> {
316 ::std::result::Result::Ok(self)
317 }
318
319 fn from_stored(stored: Self::Stored) -> ::anyhow::Result<Self> {
320 ::std::result::Result::Ok(stored)
321 }
322 }
323 }
324 };
325
326 let stored_fields = named_fields.iter().map(|field| {
327 let ident = field.ident.clone().expect("named field");
328 let ty = stored_field_type(field, &foreign_fields);
329 if is_record_id_type(&ty) {
330 quote! {
331 #[serde(deserialize_with = "::appdb::serde_utils::id::deserialize_record_id_or_compat_string")]
332 #ident: #ty
333 }
334 } else {
335 quote! { #ident: #ty }
336 }
337 });
338
339 let into_stored_assignments = named_fields.iter().map(|field| {
340 let ident = field.ident.clone().expect("named field");
341 match foreign_field_kind(&ident, &foreign_fields) {
342 Some(ForeignFieldKind { original_ty, .. }) => quote! {
343 #ident: <#original_ty as ::appdb::ForeignShape>::persist_foreign_shape(value.#ident).await?
344 },
345 None => quote! { #ident: value.#ident },
346 }
347 });
348
349 let from_stored_assignments = named_fields.iter().map(|field| {
350 let ident = field.ident.clone().expect("named field");
351 match foreign_field_kind(&ident, &foreign_fields) {
352 Some(ForeignFieldKind { original_ty, .. }) => quote! {
353 #ident: <#original_ty as ::appdb::ForeignShape>::hydrate_foreign_shape(stored.#ident).await?
354 },
355 None => quote! { #ident: stored.#ident },
356 }
357 });
358
359 let decode_foreign_fields = foreign_fields.iter().map(|field| {
360 let ident = field.ident.to_string();
361 quote! {
362 if let ::std::option::Option::Some(value) = map.get_mut(#ident) {
363 ::appdb::decode_stored_record_links(value);
364 }
365 }
366 });
367
368 let relation_methods_impl = if relate_fields.is_empty() {
369 quote! {}
370 } else {
371 let strip_relation_fields = relate_fields.iter().map(|field| {
372 let ident = field.ident.to_string();
373 quote! {
374 map.remove(#ident);
375 }
376 });
377
378 let inject_relation_values_from_model = relate_fields.iter().map(|field| {
379 let ident = &field.ident;
380 let name = ident.to_string();
381 quote! {
382 map.insert(#name.to_owned(), ::serde_json::to_value(&self.#ident)?);
383 }
384 });
385
386 let prepare_relation_writes = relate_fields.iter().map(|field| {
387 let ident = &field.ident;
388 let relation_name = &field.relation_name;
389 let field_ty = &field.field_ty;
390 quote! {
391 {
392 let ids = <#field_ty as ::appdb::RelateShape>::persist_relate_shape(self.#ident.clone()).await?;
393 writes.push(::appdb::RelationWrite {
394 relation: #relation_name,
395 record: record.clone(),
396 edges: ids
397 .into_iter()
398 .enumerate()
399 .map(|(position, out)| ::appdb::graph::OrderedRelationEdge {
400 _in: ::std::option::Option::Some(record.clone()),
401 out,
402 position: position as i64,
403 })
404 .collect(),
405 });
406 }
407 }
408 });
409
410 let inject_relation_values_from_db = relate_fields.iter().map(|field| {
411 let relation_name = &field.relation_name;
412 let field_ty = &field.field_ty;
413 let ident = field.ident.to_string();
414 quote! {
415 {
416 let edges = ::appdb::graph::GraphRepo::out_edges(record.clone(), #relation_name).await?;
417 let value = <#field_ty as ::appdb::RelateShape>::hydrate_relate_shape(
418 edges.into_iter().map(|edge| edge.out).collect(),
419 )
420 .await?;
421 map.insert(#ident.to_owned(), ::serde_json::to_value(value)?);
422 }
423 }
424 });
425
426 quote! {
427 fn has_relation_fields() -> bool {
428 true
429 }
430
431 fn relation_field_names() -> &'static [&'static str] {
432 &[ #( #relate_field_literals ),* ]
433 }
434
435 fn strip_relation_fields(row: &mut ::serde_json::Value) {
436 if let ::serde_json::Value::Object(map) = row {
437 #( #strip_relation_fields )*
438 }
439 }
440
441 fn inject_relation_values_from_model(
442 &self,
443 row: &mut ::serde_json::Value,
444 ) -> ::anyhow::Result<()> {
445 if let ::serde_json::Value::Object(map) = row {
446 #( #inject_relation_values_from_model )*
447 }
448 Ok(())
449 }
450
451 fn prepare_relation_writes(
452 &self,
453 record: ::surrealdb::types::RecordId,
454 ) -> impl ::std::future::Future<Output = ::anyhow::Result<::std::vec::Vec<::appdb::RelationWrite>>> + Send {
455 async move {
456 let mut writes = ::std::vec::Vec::new();
457 #( #prepare_relation_writes )*
458 Ok(writes)
459 }
460 }
461
462 fn inject_relation_values_from_db(
463 record: ::surrealdb::types::RecordId,
464 row: &mut ::serde_json::Value,
465 ) -> impl ::std::future::Future<Output = ::anyhow::Result<()>> + Send {
466 async move {
467 if let ::serde_json::Value::Object(map) = row {
468 #( #inject_relation_values_from_db )*
469 }
470 Ok(())
471 }
472 }
473 }
474 };
475
476 let foreign_model_impl = if foreign_fields.is_empty() {
477 quote! {
478 impl ::appdb::ForeignModel for #struct_ident {
479 async fn persist_foreign(value: Self) -> ::anyhow::Result<Self::Stored> {
480 <Self as ::appdb::StoredModel>::into_stored(value)
481 }
482
483 async fn hydrate_foreign(stored: Self::Stored) -> ::anyhow::Result<Self> {
484 <Self as ::appdb::StoredModel>::from_stored(stored)
485 }
486
487 fn decode_stored_row(
488 row: ::surrealdb::types::Value,
489 ) -> ::anyhow::Result<Self::Stored>
490 where
491 Self::Stored: ::serde::de::DeserializeOwned,
492 {
493 Ok(::serde_json::from_value(row.into_json_value())?)
494 }
495
496 #relation_methods_impl
497 }
498 }
499 } else {
500 let stored_struct_ident = format_ident!("AppdbStored{}", struct_ident);
501 quote! {
502 #[derive(
503 Debug,
504 Clone,
505 ::serde::Serialize,
506 ::serde::Deserialize,
507 ::surrealdb::types::SurrealValue,
508 )]
509 #vis struct #stored_struct_ident {
510 #( #stored_fields, )*
511 }
512
513 impl ::appdb::StoredModel for #struct_ident {
514 type Stored = #stored_struct_ident;
515
516 fn into_stored(self) -> ::anyhow::Result<Self::Stored> {
517 unreachable!("foreign fields require async persist_foreign")
518 }
519
520 fn from_stored(_stored: Self::Stored) -> ::anyhow::Result<Self> {
521 unreachable!("foreign fields require async hydrate_foreign")
522 }
523 }
524
525 impl ::appdb::ForeignModel for #struct_ident {
526 async fn persist_foreign(value: Self) -> ::anyhow::Result<Self::Stored> {
527 let value = value;
528 Ok(#stored_struct_ident {
529 #( #into_stored_assignments, )*
530 })
531 }
532
533 async fn hydrate_foreign(stored: Self::Stored) -> ::anyhow::Result<Self> {
534 Ok(Self {
535 #( #from_stored_assignments, )*
536 })
537 }
538
539 fn has_foreign_fields() -> bool {
540 true
541 }
542
543 fn foreign_field_names() -> &'static [&'static str] {
544 &[ #( #foreign_field_literals ),* ]
545 }
546
547 fn decode_stored_row(
548 row: ::surrealdb::types::Value,
549 ) -> ::anyhow::Result<Self::Stored>
550 where
551 Self::Stored: ::serde::de::DeserializeOwned,
552 {
553 let mut row = row.into_json_value();
554 if let ::serde_json::Value::Object(map) = &mut row {
555 #( #decode_foreign_fields )*
556 }
557 Ok(::serde_json::from_value(row)?)
558 }
559
560 #relation_methods_impl
561 }
562 }
563 };
564
565 let store_marker_ident = format_ident!("AppdbStoreMarker{}", struct_ident);
566
567 Ok(quote! {
568 #[doc(hidden)]
569 #vis struct #store_marker_ident;
570
571 impl ::appdb::model::meta::ModelMeta for #struct_ident {
572 fn storage_table() -> &'static str {
573 #resolved_table_name_expr
574 }
575
576 fn table_name() -> &'static str {
577 static TABLE_NAME: ::std::sync::OnceLock<&'static str> = ::std::sync::OnceLock::new();
578 TABLE_NAME.get_or_init(|| {
579 let table = #resolved_table_name_expr;
580 ::appdb::model::meta::register_table(stringify!(#struct_ident), table)
581 })
582 }
583 }
584
585 impl ::appdb::model::meta::StoreModelMarker for #struct_ident {}
586 impl ::appdb::model::meta::StoreModelMarker for #store_marker_ident {}
587
588 impl ::appdb::model::meta::UniqueLookupMeta for #struct_ident {
589 fn lookup_fields() -> &'static [&'static str] {
590 &[ #( #lookup_field_literals ),* ]
591 }
592
593 fn foreign_fields() -> &'static [&'static str] {
594 &[ #( #foreign_field_literals ),* ]
595 }
596 }
597 #stored_model_impl
598 #foreign_model_impl
599
600 #auto_has_id_impl
601 #resolve_record_id_impl
602
603 #( #unique_schema_impls )*
604
605 impl ::appdb::repository::Crud for #struct_ident {}
606
607 impl #struct_ident {
608 pub async fn save(self) -> ::anyhow::Result<Self> {
614 <Self as ::appdb::repository::Crud>::save(self).await
615 }
616
617 pub async fn save_many(data: ::std::vec::Vec<Self>) -> ::anyhow::Result<::std::vec::Vec<Self>> {
619 <Self as ::appdb::repository::Crud>::save_many(data).await
620 }
621
622 pub async fn get<T>(id: T) -> ::anyhow::Result<Self>
623 where
624 ::surrealdb::types::RecordIdKey: From<T>,
625 T: Send,
626 {
627 ::appdb::repository::Repo::<Self>::get(id).await
628 }
629
630 pub async fn list() -> ::anyhow::Result<::std::vec::Vec<Self>> {
631 ::appdb::repository::Repo::<Self>::list().await
632 }
633
634 pub async fn list_limit(count: i64) -> ::anyhow::Result<::std::vec::Vec<Self>> {
635 ::appdb::repository::Repo::<Self>::list_limit(count).await
636 }
637
638 pub async fn delete_all() -> ::anyhow::Result<()> {
639 ::appdb::repository::Repo::<Self>::delete_all().await
640 }
641
642 pub async fn find_one_id(
643 k: &str,
644 v: &str,
645 ) -> ::anyhow::Result<::surrealdb::types::RecordId> {
646 ::appdb::repository::Repo::<Self>::find_one_id(k, v).await
647 }
648
649 pub async fn list_record_ids() -> ::anyhow::Result<::std::vec::Vec<::surrealdb::types::RecordId>> {
650 ::appdb::repository::Repo::<Self>::list_record_ids().await
651 }
652
653 pub async fn create_at(
654 id: ::surrealdb::types::RecordId,
655 data: Self,
656 ) -> ::anyhow::Result<Self> {
657 ::appdb::repository::Repo::<Self>::create_at(id, data).await
658 }
659
660 pub async fn upsert_at(
661 id: ::surrealdb::types::RecordId,
662 data: Self,
663 ) -> ::anyhow::Result<Self> {
664 ::appdb::repository::Repo::<Self>::upsert_at(id, data).await
665 }
666
667 pub async fn update_at(
668 self,
669 id: ::surrealdb::types::RecordId,
670 ) -> ::anyhow::Result<Self> {
671 ::appdb::repository::Repo::<Self>::update_at(id, self).await
672 }
673
674
675 pub async fn delete<T>(id: T) -> ::anyhow::Result<()>
676 where
677 ::surrealdb::types::RecordIdKey: From<T>,
678 T: Send,
679 {
680 ::appdb::repository::Repo::<Self>::delete(id).await
681 }
682 }
683 })
684}
685
686fn derive_bridge_impl(input: DeriveInput) -> syn::Result<proc_macro2::TokenStream> {
687 let enum_ident = input.ident;
688
689 let variants = match input.data {
690 Data::Enum(data) => data.variants,
691 _ => {
692 return Err(Error::new_spanned(
693 enum_ident,
694 "Bridge can only be derived for enums",
695 ));
696 }
697 };
698
699 let payloads = variants
700 .iter()
701 .map(parse_bridge_variant)
702 .collect::<syn::Result<Vec<_>>>()?;
703
704 let from_impls = payloads.iter().map(|variant| {
705 let variant_ident = &variant.variant_ident;
706 let payload_ty = &variant.payload_ty;
707
708 quote! {
709 impl ::std::convert::From<#payload_ty> for #enum_ident {
710 fn from(value: #payload_ty) -> Self {
711 Self::#variant_ident(value)
712 }
713 }
714 }
715 });
716
717 let persist_match_arms = payloads.iter().map(|variant| {
718 let variant_ident = &variant.variant_ident;
719
720 quote! {
721 Self::#variant_ident(value) => <_ as ::appdb::Bridge>::persist_foreign(value).await,
722 }
723 });
724
725 let hydrate_match_arms = payloads.iter().map(|variant| {
726 let variant_ident = &variant.variant_ident;
727 let payload_ty = &variant.payload_ty;
728
729 quote! {
730 table if table == <#payload_ty as ::appdb::model::meta::ModelMeta>::storage_table() => {
731 ::std::result::Result::Ok(Self::#variant_ident(
732 <#payload_ty as ::appdb::Bridge>::hydrate_foreign(id).await?,
733 ))
734 }
735 }
736 });
737
738 Ok(quote! {
739 #( #from_impls )*
740
741 #[::async_trait::async_trait]
742 impl ::appdb::Bridge for #enum_ident {
743 async fn persist_foreign(self) -> ::anyhow::Result<::surrealdb::types::RecordId> {
744 match self {
745 #( #persist_match_arms )*
746 }
747 }
748
749 async fn hydrate_foreign(
750 id: ::surrealdb::types::RecordId,
751 ) -> ::anyhow::Result<Self> {
752 match id.table.to_string().as_str() {
753 #( #hydrate_match_arms, )*
754 table => ::anyhow::bail!(
755 "unsupported foreign table `{table}` for enum dispatcher `{}`",
756 ::std::stringify!(#enum_ident)
757 ),
758 }
759 }
760 }
761 })
762}
763
764#[derive(Clone)]
765struct BridgeVariant {
766 variant_ident: syn::Ident,
767 payload_ty: Type,
768}
769
770fn parse_bridge_variant(variant: &syn::Variant) -> syn::Result<BridgeVariant> {
771 let payload_ty = match &variant.fields {
772 Fields::Unnamed(fields) if fields.unnamed.len() == 1 => {
773 fields.unnamed.first().expect("single field").ty.clone()
774 }
775 Fields::Unnamed(_) => {
776 return Err(Error::new_spanned(
777 &variant.ident,
778 "Bridge variants must be single-field tuple variants",
779 ));
780 }
781 Fields::Unit => {
782 return Err(Error::new_spanned(
783 &variant.ident,
784 "Bridge does not support unit variants",
785 ));
786 }
787 Fields::Named(_) => {
788 return Err(Error::new_spanned(
789 &variant.ident,
790 "Bridge does not support struct variants",
791 ));
792 }
793 };
794
795 let payload_path = match &payload_ty {
796 Type::Path(path) => path,
797 _ => {
798 return Err(Error::new_spanned(
799 &payload_ty,
800 "Bridge payload must implement appdb::Bridge",
801 ));
802 }
803 };
804
805 let segment = payload_path.path.segments.last().ok_or_else(|| {
806 Error::new_spanned(&payload_ty, "Bridge payload must implement appdb::Bridge")
807 })?;
808
809 if !matches!(segment.arguments, PathArguments::None) {
810 return Err(Error::new_spanned(
811 &payload_ty,
812 "Bridge payload must implement appdb::Bridge",
813 ));
814 }
815
816 Ok(BridgeVariant {
817 variant_ident: variant.ident.clone(),
818 payload_ty,
819 })
820}
821
822fn derive_relation_impl(input: DeriveInput) -> syn::Result<proc_macro2::TokenStream> {
823 let struct_ident = input.ident;
824 let relation_name = relation_name_override(&input.attrs)?
825 .unwrap_or_else(|| to_snake_case(&struct_ident.to_string()));
826
827 match input.data {
828 Data::Struct(data) => match data.fields {
829 Fields::Unit | Fields::Named(_) => {}
830 _ => {
831 return Err(Error::new_spanned(
832 struct_ident,
833 "Relation can only be derived for unit structs or structs with named fields",
834 ));
835 }
836 },
837 _ => {
838 return Err(Error::new_spanned(
839 struct_ident,
840 "Relation can only be derived for structs",
841 ));
842 }
843 }
844
845 Ok(quote! {
846 impl ::appdb::model::relation::RelationMeta for #struct_ident {
847 fn relation_name() -> &'static str {
848 static REL_NAME: ::std::sync::OnceLock<&'static str> = ::std::sync::OnceLock::new();
849 REL_NAME.get_or_init(|| ::appdb::model::relation::register_relation(#relation_name))
850 }
851 }
852
853 impl #struct_ident {
854 pub async fn relate<A, B>(a: &A, b: &B) -> ::anyhow::Result<()>
855 where
856 A: ::appdb::model::meta::ResolveRecordId + Send + Sync,
857 B: ::appdb::model::meta::ResolveRecordId + Send + Sync,
858 {
859 ::appdb::graph::relate_at(a.resolve_record_id().await?, b.resolve_record_id().await?, <Self as ::appdb::model::relation::RelationMeta>::relation_name()).await
860 }
861
862 pub async fn unrelate<A, B>(a: &A, b: &B) -> ::anyhow::Result<()>
863 where
864 A: ::appdb::model::meta::ResolveRecordId + Send + Sync,
865 B: ::appdb::model::meta::ResolveRecordId + Send + Sync,
866 {
867 ::appdb::graph::unrelate_at(a.resolve_record_id().await?, b.resolve_record_id().await?, <Self as ::appdb::model::relation::RelationMeta>::relation_name()).await
868 }
869
870 pub async fn out_ids<A>(a: &A, out_table: &str) -> ::anyhow::Result<::std::vec::Vec<::surrealdb::types::RecordId>>
871 where
872 A: ::appdb::model::meta::ResolveRecordId + Send + Sync,
873 {
874 ::appdb::graph::out_ids(a.resolve_record_id().await?, <Self as ::appdb::model::relation::RelationMeta>::relation_name(), out_table).await
875 }
876
877 pub async fn in_ids<B>(b: &B, in_table: &str) -> ::anyhow::Result<::std::vec::Vec<::surrealdb::types::RecordId>>
878 where
879 B: ::appdb::model::meta::ResolveRecordId + Send + Sync,
880 {
881 ::appdb::graph::in_ids(b.resolve_record_id().await?, <Self as ::appdb::model::relation::RelationMeta>::relation_name(), in_table).await
882 }
883 }
884 })
885}
886
887fn derive_sensitive_impl(input: DeriveInput) -> syn::Result<proc_macro2::TokenStream> {
888 let struct_ident = input.ident;
889 let encrypted_ident = format_ident!("Encrypted{}", struct_ident);
890 let vis = input.vis;
891 let type_crypto_config = type_crypto_config(&input.attrs)?;
892 let named_fields = match input.data {
893 Data::Struct(data) => match data.fields {
894 Fields::Named(fields) => fields.named,
895 _ => {
896 return Err(Error::new_spanned(
897 struct_ident,
898 "Sensitive can only be derived for structs with named fields",
899 ));
900 }
901 },
902 _ => {
903 return Err(Error::new_spanned(
904 struct_ident,
905 "Sensitive can only be derived for structs",
906 ));
907 }
908 };
909
910 let mut secure_field_count = 0usize;
911 let mut encrypted_fields = Vec::new();
912 let mut encrypt_assignments = Vec::new();
913 let mut decrypt_assignments = Vec::new();
914 let mut runtime_encrypt_assignments = Vec::new();
915 let mut runtime_decrypt_assignments = Vec::new();
916 let mut field_tag_structs = Vec::new();
917 let mut secure_field_meta_entries = Vec::new();
918
919 for field in named_fields.iter() {
920 let ident = field.ident.clone().expect("named field");
921 let field_vis = field.vis.clone();
922 let secure = has_secure_attr(&field.attrs);
923 let field_crypto_config = field_crypto_config(&field.attrs)?;
924
925 if !secure && field_crypto_config.is_present() {
926 return Err(Error::new_spanned(
927 ident,
928 "#[crypto(...)] on a field requires #[secure] on the same field",
929 ));
930 }
931
932 if secure {
933 secure_field_count += 1;
934 let secure_kind = secure_kind(field)?;
935 let encrypted_ty = secure_kind.encrypted_type();
936 let field_tag_ident = format_ident!(
937 "AppdbSensitiveFieldTag{}{}",
938 struct_ident,
939 to_pascal_case(&ident.to_string())
940 );
941 let field_tag_literal = ident.to_string();
942 let effective_account = field_crypto_config
943 .field_account
944 .clone()
945 .or_else(|| type_crypto_config.account.clone());
946 let service_override = type_crypto_config.service.clone();
947 let account_literal = effective_account
948 .as_ref()
949 .map(|value| quote! { ::std::option::Option::Some(#value) })
950 .unwrap_or_else(|| quote! { ::std::option::Option::None });
951 let service_literal = service_override
952 .as_ref()
953 .map(|value| quote! { ::std::option::Option::Some(#value) })
954 .unwrap_or_else(|| quote! { ::std::option::Option::None });
955 let encrypt_expr = secure_kind.encrypt_with_context_expr(&ident);
956 let decrypt_expr = secure_kind.decrypt_with_context_expr(&ident);
957 let runtime_encrypt_expr =
958 secure_kind.encrypt_with_runtime_expr(&ident, &field_tag_ident);
959 let runtime_decrypt_expr =
960 secure_kind.decrypt_with_runtime_expr(&ident, &field_tag_ident);
961 encrypted_fields.push(quote! { #field_vis #ident: #encrypted_ty });
962 encrypt_assignments.push(quote! { #ident: #encrypt_expr });
963 decrypt_assignments.push(quote! { #ident: #decrypt_expr });
964 runtime_encrypt_assignments.push(quote! { #ident: #runtime_encrypt_expr });
965 runtime_decrypt_assignments.push(quote! { #ident: #runtime_decrypt_expr });
966 secure_field_meta_entries.push(quote! {
967 ::appdb::crypto::SensitiveFieldMetadata {
968 model_tag: ::std::concat!(::std::module_path!(), "::", ::std::stringify!(#struct_ident)),
969 field_tag: #field_tag_literal,
970 service: #service_literal,
971 account: #account_literal,
972 secure_fields: &[],
973 }
974 });
975 field_tag_structs.push(quote! {
976 #[doc(hidden)]
977 #vis struct #field_tag_ident;
978
979 impl ::appdb::crypto::SensitiveFieldTag for #field_tag_ident {
980 fn model_tag() -> &'static str {
981 <#struct_ident as ::appdb::crypto::SensitiveModelTag>::model_tag()
982 }
983
984 fn field_tag() -> &'static str {
985 #field_tag_literal
986 }
987
988 fn crypto_metadata() -> &'static ::appdb::crypto::SensitiveFieldMetadata {
989 static FIELD_META: ::std::sync::OnceLock<::appdb::crypto::SensitiveFieldMetadata> = ::std::sync::OnceLock::new();
990 FIELD_META.get_or_init(|| ::appdb::crypto::SensitiveFieldMetadata {
991 model_tag: <#struct_ident as ::appdb::crypto::SensitiveModelTag>::model_tag(),
992 field_tag: #field_tag_literal,
993 service: #service_literal,
994 account: #account_literal,
995 secure_fields: &#struct_ident::SECURE_FIELDS,
996 })
997 }
998 }
999 });
1000 } else {
1001 let ty = field.ty.clone();
1002 encrypted_fields.push(quote! { #field_vis #ident: #ty });
1003 encrypt_assignments.push(quote! { #ident: self.#ident.clone() });
1004 decrypt_assignments.push(quote! { #ident: encrypted.#ident.clone() });
1005 runtime_encrypt_assignments.push(quote! { #ident: self.#ident.clone() });
1006 runtime_decrypt_assignments.push(quote! { #ident: encrypted.#ident.clone() });
1007 }
1008 }
1009
1010 if secure_field_count == 0 {
1011 return Err(Error::new_spanned(
1012 struct_ident,
1013 "Sensitive requires at least one #[secure] field",
1014 ));
1015 }
1016
1017 Ok(quote! {
1018 #[derive(
1019 Debug,
1020 Clone,
1021 ::serde::Serialize,
1022 ::serde::Deserialize,
1023 ::surrealdb::types::SurrealValue,
1024 )]
1025 #vis struct #encrypted_ident {
1026 #( #encrypted_fields, )*
1027 }
1028
1029 impl ::appdb::crypto::SensitiveModelTag for #struct_ident {
1030 fn model_tag() -> &'static str {
1031 ::std::concat!(::std::module_path!(), "::", ::std::stringify!(#struct_ident))
1032 }
1033 }
1034
1035 #( #field_tag_structs )*
1036
1037 impl ::appdb::Sensitive for #struct_ident {
1038 type Encrypted = #encrypted_ident;
1039
1040 fn encrypt(
1041 &self,
1042 context: &::appdb::crypto::CryptoContext,
1043 ) -> ::std::result::Result<Self::Encrypted, ::appdb::crypto::CryptoError> {
1044 ::std::result::Result::Ok(#encrypted_ident {
1045 #( #encrypt_assignments, )*
1046 })
1047 }
1048
1049 fn decrypt(
1050 encrypted: &Self::Encrypted,
1051 context: &::appdb::crypto::CryptoContext,
1052 ) -> ::std::result::Result<Self, ::appdb::crypto::CryptoError> {
1053 ::std::result::Result::Ok(Self {
1054 #( #decrypt_assignments, )*
1055 })
1056 }
1057
1058 fn encrypt_with_runtime_resolver(
1059 &self,
1060 ) -> ::std::result::Result<Self::Encrypted, ::appdb::crypto::CryptoError> {
1061 ::std::result::Result::Ok(#encrypted_ident {
1062 #( #runtime_encrypt_assignments, )*
1063 })
1064 }
1065
1066 fn decrypt_with_runtime_resolver(
1067 encrypted: &Self::Encrypted,
1068 ) -> ::std::result::Result<Self, ::appdb::crypto::CryptoError> {
1069 ::std::result::Result::Ok(Self {
1070 #( #runtime_decrypt_assignments, )*
1071 })
1072 }
1073
1074 fn secure_fields() -> &'static [::appdb::crypto::SensitiveFieldMetadata] {
1075 &Self::SECURE_FIELDS
1076 }
1077 }
1078
1079 impl #struct_ident {
1080 pub const SECURE_FIELDS: [::appdb::crypto::SensitiveFieldMetadata; #secure_field_count] = [
1081 #( #secure_field_meta_entries, )*
1082 ];
1083
1084 pub fn encrypt(
1085 &self,
1086 context: &::appdb::crypto::CryptoContext,
1087 ) -> ::std::result::Result<#encrypted_ident, ::appdb::crypto::CryptoError> {
1088 <Self as ::appdb::Sensitive>::encrypt(self, context)
1089 }
1090 }
1091
1092 impl #encrypted_ident {
1093 pub fn decrypt(
1094 &self,
1095 context: &::appdb::crypto::CryptoContext,
1096 ) -> ::std::result::Result<#struct_ident, ::appdb::crypto::CryptoError> {
1097 <#struct_ident as ::appdb::Sensitive>::decrypt(self, context)
1098 }
1099 }
1100 })
1101}
1102
1103fn has_secure_attr(attrs: &[Attribute]) -> bool {
1104 attrs.iter().any(|attr| attr.path().is_ident("secure"))
1105}
1106
1107fn has_unique_attr(attrs: &[Attribute]) -> bool {
1108 attrs.iter().any(|attr| attr.path().is_ident("unique"))
1109}
1110
1111#[derive(Default, Clone)]
1112struct TypeCryptoConfig {
1113 service: Option<String>,
1114 account: Option<String>,
1115}
1116
1117#[derive(Default, Clone)]
1118struct FieldCryptoConfig {
1119 field_account: Option<String>,
1120}
1121
1122impl FieldCryptoConfig {
1123 fn is_present(&self) -> bool {
1124 self.field_account.is_some()
1125 }
1126}
1127
1128fn type_crypto_config(attrs: &[Attribute]) -> syn::Result<TypeCryptoConfig> {
1129 let mut config = TypeCryptoConfig::default();
1130 let mut seen = HashSet::new();
1131
1132 for attr in attrs {
1133 if !attr.path().is_ident("crypto") {
1134 continue;
1135 }
1136
1137 attr.parse_nested_meta(|meta| {
1138 let key = meta
1139 .path
1140 .get_ident()
1141 .cloned()
1142 .ok_or_else(|| meta.error("unsupported crypto attribute"))?;
1143
1144 if !seen.insert(key.to_string()) {
1145 return Err(meta.error("duplicate crypto attribute key"));
1146 }
1147
1148 let value = meta.value()?;
1149 let literal: syn::LitStr = value.parse()?;
1150 match key.to_string().as_str() {
1151 "service" => config.service = Some(literal.value()),
1152 "account" => config.account = Some(literal.value()),
1153 _ => {
1154 return Err(
1155 meta.error("unsupported crypto attribute; expected `service` or `account`")
1156 );
1157 }
1158 }
1159 Ok(())
1160 })?;
1161 }
1162
1163 Ok(config)
1164}
1165
1166fn field_crypto_config(attrs: &[Attribute]) -> syn::Result<FieldCryptoConfig> {
1167 let mut config = FieldCryptoConfig::default();
1168 let mut seen = HashSet::new();
1169
1170 for attr in attrs {
1171 if attr.path().is_ident("crypto") {
1172 attr.parse_nested_meta(|meta| {
1173 let key = meta
1174 .path
1175 .get_ident()
1176 .cloned()
1177 .ok_or_else(|| meta.error("unsupported crypto attribute"))?;
1178
1179 if !seen.insert(key.to_string()) {
1180 return Err(meta.error("duplicate crypto attribute key"));
1181 }
1182
1183 let value = meta.value()?;
1184 let literal: syn::LitStr = value.parse()?;
1185 match key.to_string().as_str() {
1186 "field_account" => config.field_account = Some(literal.value()),
1187 _ => {
1188 return Err(meta.error(
1189 "unsupported field crypto attribute; expected `field_account`",
1190 ));
1191 }
1192 }
1193 Ok(())
1194 })?;
1195 } else if attr.path().is_ident("secure") && matches!(attr.meta, Meta::List(_)) {
1196 return Err(Error::new_spanned(
1197 attr,
1198 "#[secure] does not accept arguments; use #[crypto(field_account = \"...\")] on the field",
1199 ));
1200 }
1201 }
1202
1203 Ok(config)
1204}
1205
1206fn table_alias_target(attrs: &[Attribute]) -> syn::Result<Option<Type>> {
1207 let mut target = None;
1208
1209 for attr in attrs {
1210 if !attr.path().is_ident("table_as") {
1211 continue;
1212 }
1213
1214 if target.is_some() {
1215 return Err(Error::new_spanned(
1216 attr,
1217 "duplicate #[table_as(...)] attribute is not supported",
1218 ));
1219 }
1220
1221 let parsed: Type = attr.parse_args().map_err(|_| {
1222 Error::new_spanned(attr, "#[table_as(...)] requires exactly one target type")
1223 })?;
1224
1225 match parsed {
1226 Type::Path(TypePath { ref path, .. }) if !path.segments.is_empty() => {
1227 target = Some(parsed);
1228 }
1229 _ => {
1230 return Err(Error::new_spanned(
1231 parsed,
1232 "#[table_as(...)] target must be a type path",
1233 ));
1234 }
1235 }
1236 }
1237
1238 Ok(target)
1239}
1240
1241fn resolved_schema_table_name(struct_ident: &syn::Ident, table_alias: Option<&Type>) -> String {
1242 match table_alias {
1243 Some(Type::Path(type_path)) => type_path
1244 .path
1245 .segments
1246 .last()
1247 .map(|segment| to_snake_case(&segment.ident.to_string()))
1248 .unwrap_or_else(|| to_snake_case(&struct_ident.to_string())),
1249 Some(_) => to_snake_case(&struct_ident.to_string()),
1250 None => to_snake_case(&struct_ident.to_string()),
1251 }
1252}
1253
1254fn field_foreign_attr(field: &Field) -> syn::Result<Option<&Attribute>> {
1255 let mut foreign_attr = None;
1256
1257 for attr in &field.attrs {
1258 if !attr.path().is_ident("foreign") {
1259 continue;
1260 }
1261
1262 if foreign_attr.is_some() {
1263 return Err(Error::new_spanned(
1264 attr,
1265 "duplicate nested-ref attribute is not supported",
1266 ));
1267 }
1268
1269 foreign_attr = Some(attr);
1270 }
1271
1272 Ok(foreign_attr)
1273}
1274
1275fn field_relate_attr(field: &Field) -> syn::Result<Option<&Attribute>> {
1276 let mut relate_attr = None;
1277
1278 for attr in &field.attrs {
1279 if !attr.path().is_ident("relate") {
1280 continue;
1281 }
1282
1283 if relate_attr.is_some() {
1284 return Err(Error::new_spanned(
1285 attr,
1286 "duplicate #[relate(...)] attribute is not supported",
1287 ));
1288 }
1289
1290 relate_attr = Some(attr);
1291 }
1292
1293 Ok(relate_attr)
1294}
1295
1296fn validate_foreign_field(field: &Field, attr: &Attribute) -> syn::Result<Type> {
1297 if attr.path().is_ident("foreign") {
1298 return foreign_leaf_type(&field.ty)
1299 .ok_or_else(|| Error::new_spanned(&field.ty, BINDREF_ACCEPTED_SHAPES));
1300 }
1301
1302 Err(Error::new_spanned(attr, "unsupported foreign attribute"))
1303}
1304
1305const BINDREF_ACCEPTED_SHAPES: &str = "#[foreign] supports recursive Option<_> / Vec<_> shapes whose leaf type implements appdb::Bridge";
1306
1307const BINDREF_BRIDGE_STORE_ONLY: &str =
1308 "#[foreign] leaf types must derive Store or #[derive(Bridge)] dispatcher enums";
1309
1310const RELATE_ACCEPTED_SHAPES: &str = "#[relate(\"...\")] supports direct Child / Option<Child> / Vec<Child> shapes whose leaf type implements appdb::Bridge";
1311
1312#[derive(Clone)]
1313struct ForeignField {
1314 ident: syn::Ident,
1315 kind: ForeignFieldKind,
1316}
1317
1318#[derive(Clone)]
1319struct ForeignFieldKind {
1320 original_ty: Type,
1321 stored_ty: Type,
1322}
1323
1324#[derive(Clone)]
1325struct RelateField {
1326 ident: syn::Ident,
1327 relation_name: String,
1328 field_ty: Type,
1329}
1330
1331fn parse_foreign_field(field: &Field, attr: &Attribute) -> syn::Result<ForeignField> {
1332 validate_foreign_field(field, attr)?;
1333 let ident = field.ident.clone().expect("named field");
1334
1335 let kind = ForeignFieldKind {
1336 original_ty: field.ty.clone(),
1337 stored_ty: foreign_stored_type(&field.ty)
1338 .ok_or_else(|| Error::new_spanned(&field.ty, BINDREF_ACCEPTED_SHAPES))?,
1339 };
1340
1341 Ok(ForeignField { ident, kind })
1342}
1343
1344fn parse_relate_field(field: &Field, attr: &Attribute) -> syn::Result<RelateField> {
1345 let relation_name = attr
1346 .parse_args::<syn::LitStr>()
1347 .map_err(|_| {
1348 Error::new_spanned(
1349 attr,
1350 "#[relate(\"...\")] requires exactly one string literal",
1351 )
1352 })?
1353 .value();
1354 if relation_name.is_empty() {
1355 return Err(Error::new_spanned(
1356 attr,
1357 "#[relate(\"...\")] relation name must not be empty",
1358 ));
1359 }
1360
1361 validate_relate_field(field, attr)?;
1362
1363 Ok(RelateField {
1364 ident: field.ident.clone().expect("named field"),
1365 relation_name,
1366 field_ty: field.ty.clone(),
1367 })
1368}
1369
1370fn validate_relate_field(field: &Field, attr: &Attribute) -> syn::Result<Type> {
1371 if !attr.path().is_ident("relate") {
1372 return Err(Error::new_spanned(attr, "unsupported relate attribute"));
1373 }
1374
1375 let accepted = direct_store_child_type(&field.ty)
1376 .cloned()
1377 .map(Type::Path)
1378 .or_else(|| {
1379 option_inner_type(&field.ty)
1380 .and_then(|inner| direct_store_child_type(inner).cloned().map(Type::Path))
1381 })
1382 .or_else(|| {
1383 vec_inner_type(&field.ty)
1384 .and_then(|inner| direct_store_child_type(inner).cloned().map(Type::Path))
1385 });
1386
1387 accepted.ok_or_else(|| Error::new_spanned(&field.ty, RELATE_ACCEPTED_SHAPES))
1388}
1389
1390fn foreign_field_kind<'a>(
1391 ident: &syn::Ident,
1392 fields: &'a [ForeignField],
1393) -> Option<&'a ForeignFieldKind> {
1394 fields
1395 .iter()
1396 .find(|field| field.ident == *ident)
1397 .map(|field| &field.kind)
1398}
1399
1400fn stored_field_type(field: &Field, foreign_fields: &[ForeignField]) -> Type {
1401 let ident = field.ident.as_ref().expect("named field");
1402 match foreign_field_kind(ident, foreign_fields) {
1403 Some(ForeignFieldKind { stored_ty, .. }) => stored_ty.clone(),
1404 None => field.ty.clone(),
1405 }
1406}
1407
1408fn foreign_stored_type(ty: &Type) -> Option<Type> {
1409 if let Some(inner) = option_inner_type(ty) {
1410 let inner = foreign_stored_type(inner)?;
1411 return Some(syn::parse_quote!(::std::option::Option<#inner>));
1412 }
1413
1414 if let Some(inner) = vec_inner_type(ty) {
1415 let inner = foreign_stored_type(inner)?;
1416 return Some(syn::parse_quote!(::std::vec::Vec<#inner>));
1417 }
1418
1419 direct_store_child_type(ty)
1420 .cloned()
1421 .map(|_| syn::parse_quote!(::surrealdb::types::RecordId))
1422}
1423
1424fn foreign_leaf_type(ty: &Type) -> Option<Type> {
1425 if let Some(inner) = option_inner_type(ty) {
1426 return foreign_leaf_type(inner);
1427 }
1428
1429 if let Some(inner) = vec_inner_type(ty) {
1430 return foreign_leaf_type(inner);
1431 }
1432
1433 direct_store_child_type(ty).cloned().map(Type::Path)
1434}
1435
1436fn invalid_foreign_leaf_type(ty: &Type) -> Option<Type> {
1437 let leaf = foreign_leaf_type(ty)?;
1438 match &leaf {
1439 Type::Path(type_path) => {
1440 let segment = type_path.path.segments.last()?;
1441 if matches!(segment.arguments, PathArguments::None) {
1442 None
1443 } else {
1444 Some(leaf)
1445 }
1446 }
1447 _ => Some(leaf),
1448 }
1449}
1450
1451fn direct_store_child_type(ty: &Type) -> Option<&TypePath> {
1452 let Type::Path(type_path) = ty else {
1453 return None;
1454 };
1455
1456 let segment = type_path.path.segments.last()?;
1457 if !matches!(segment.arguments, PathArguments::None) {
1458 return None;
1459 }
1460
1461 if is_id_type(ty) || is_string_type(ty) || is_common_non_store_leaf_type(ty) {
1462 return None;
1463 }
1464
1465 Some(type_path)
1466}
1467
1468fn is_common_non_store_leaf_type(ty: &Type) -> bool {
1469 matches!(
1470 ty,
1471 Type::Path(TypePath { path, .. })
1472 if path.is_ident("bool")
1473 || path.is_ident("u8")
1474 || path.is_ident("u16")
1475 || path.is_ident("u32")
1476 || path.is_ident("u64")
1477 || path.is_ident("u128")
1478 || path.is_ident("usize")
1479 || path.is_ident("i8")
1480 || path.is_ident("i16")
1481 || path.is_ident("i32")
1482 || path.is_ident("i64")
1483 || path.is_ident("i128")
1484 || path.is_ident("isize")
1485 || path.is_ident("f32")
1486 || path.is_ident("f64")
1487 || path.is_ident("char")
1488 )
1489}
1490
1491fn secure_field_count(fields: &syn::punctuated::Punctuated<Field, syn::token::Comma>) -> usize {
1492 fields
1493 .iter()
1494 .filter(|field| has_secure_attr(&field.attrs))
1495 .count()
1496}
1497
1498fn relation_name_override(attrs: &[Attribute]) -> syn::Result<Option<String>> {
1499 for attr in attrs {
1500 if !attr.path().is_ident("relation") {
1501 continue;
1502 }
1503
1504 let mut name = None;
1505 attr.parse_nested_meta(|meta| {
1506 if meta.path.is_ident("name") {
1507 let value = meta.value()?;
1508 let literal: syn::LitStr = value.parse()?;
1509 name = Some(literal.value());
1510 Ok(())
1511 } else {
1512 Err(meta.error("unsupported relation attribute"))
1513 }
1514 })?;
1515 return Ok(name);
1516 }
1517
1518 Ok(None)
1519}
1520
1521enum SecureKind {
1522 Shape(Type),
1523}
1524
1525impl SecureKind {
1526 fn encrypted_type(&self) -> proc_macro2::TokenStream {
1527 match self {
1528 SecureKind::Shape(ty) => quote! { <#ty as ::appdb::SensitiveShape>::Encrypted },
1529 }
1530 }
1531
1532 fn encrypt_with_context_expr(&self, ident: &syn::Ident) -> proc_macro2::TokenStream {
1533 match self {
1534 SecureKind::Shape(ty) => {
1535 quote! { <#ty as ::appdb::SensitiveShape>::encrypt_with_context(&self.#ident, context)? }
1536 }
1537 }
1538 }
1539
1540 fn decrypt_with_context_expr(&self, ident: &syn::Ident) -> proc_macro2::TokenStream {
1541 match self {
1542 SecureKind::Shape(ty) => {
1543 quote! { <#ty as ::appdb::SensitiveShape>::decrypt_with_context(&encrypted.#ident, context)? }
1544 }
1545 }
1546 }
1547
1548 fn encrypt_with_runtime_expr(
1549 &self,
1550 ident: &syn::Ident,
1551 field_tag_ident: &syn::Ident,
1552 ) -> proc_macro2::TokenStream {
1553 match self {
1554 SecureKind::Shape(ty) => {
1555 quote! {{
1556 let context = ::appdb::crypto::resolve_crypto_context_for::<#field_tag_ident>()?;
1557 <#ty as ::appdb::SensitiveShape>::encrypt_with_context(&self.#ident, context.as_ref())?
1558 }}
1559 }
1560 }
1561 }
1562
1563 fn decrypt_with_runtime_expr(
1564 &self,
1565 ident: &syn::Ident,
1566 field_tag_ident: &syn::Ident,
1567 ) -> proc_macro2::TokenStream {
1568 match self {
1569 SecureKind::Shape(ty) => {
1570 quote! {{
1571 let context = ::appdb::crypto::resolve_crypto_context_for::<#field_tag_ident>()?;
1572 <#ty as ::appdb::SensitiveShape>::decrypt_with_context(&encrypted.#ident, context.as_ref())?
1573 }}
1574 }
1575 }
1576 }
1577}
1578
1579fn secure_kind(field: &Field) -> syn::Result<SecureKind> {
1580 if secure_shape_supported(&field.ty) {
1581 return Ok(SecureKind::Shape(field.ty.clone()));
1582 }
1583
1584 Err(Error::new_spanned(
1585 &field.ty,
1586 secure_shape_error_message(&field.ty),
1587 ))
1588}
1589
1590fn secure_shape_supported(ty: &Type) -> bool {
1591 if is_string_type(ty) {
1592 return true;
1593 }
1594
1595 if sensitive_value_wrapper_inner_type(ty).is_some() {
1596 return true;
1597 }
1598
1599 if let Some(inner) = option_inner_type(ty) {
1600 return secure_shape_supported(inner);
1601 }
1602
1603 if let Some(inner) = vec_inner_type(ty) {
1604 return secure_shape_supported(inner);
1605 }
1606
1607 direct_sensitive_child_type(ty).is_some()
1608}
1609
1610fn secure_shape_error_message(ty: &Type) -> &'static str {
1611 if invalid_secure_leaf_type(ty).is_some() {
1612 "#[secure] child shapes require a direct named Sensitive type leaf with only Option<_> and Vec<_> wrappers"
1613 } else {
1614 "#[secure] supports String, appdb::SensitiveValueOf<T>, and recursive Child / Option<Child> / Vec<Child> shapes where Child implements appdb::Sensitive"
1615 }
1616}
1617
1618fn direct_sensitive_child_type(ty: &Type) -> Option<&TypePath> {
1619 let Type::Path(type_path) = ty else {
1620 return None;
1621 };
1622
1623 let segment = type_path.path.segments.last()?;
1624 if !matches!(segment.arguments, PathArguments::None) {
1625 return None;
1626 }
1627
1628 if is_id_type(ty) || is_string_type(ty) || is_common_non_store_leaf_type(ty) {
1629 return None;
1630 }
1631
1632 Some(type_path)
1633}
1634
1635fn invalid_secure_leaf_type(ty: &Type) -> Option<Type> {
1636 if let Some(inner) = option_inner_type(ty) {
1637 return invalid_secure_leaf_type(inner);
1638 }
1639
1640 if let Some(inner) = vec_inner_type(ty) {
1641 return invalid_secure_leaf_type(inner);
1642 }
1643
1644 let leaf = direct_sensitive_child_type(ty)?.clone();
1645 let segment = leaf.path.segments.last()?;
1646 if matches!(segment.arguments, PathArguments::None) {
1647 None
1648 } else {
1649 Some(Type::Path(leaf))
1650 }
1651}
1652
1653fn is_string_type(ty: &Type) -> bool {
1654 match ty {
1655 Type::Path(TypePath { path, .. }) => path.is_ident("String"),
1656 _ => false,
1657 }
1658}
1659
1660fn is_id_type(ty: &Type) -> bool {
1661 match ty {
1662 Type::Path(TypePath { path, .. }) => path.segments.last().is_some_and(|segment| {
1663 let ident = segment.ident.to_string();
1664 ident == "Id"
1665 }),
1666 _ => false,
1667 }
1668}
1669
1670fn is_record_id_type(ty: &Type) -> bool {
1671 match ty {
1672 Type::Path(TypePath { path, .. }) => path.segments.last().is_some_and(|segment| {
1673 let ident = segment.ident.to_string();
1674 ident == "RecordId"
1675 }),
1676 _ => false,
1677 }
1678}
1679
1680fn option_inner_type(ty: &Type) -> Option<&Type> {
1681 let Type::Path(TypePath { path, .. }) = ty else {
1682 return None;
1683 };
1684 let segment = path.segments.last()?;
1685 if segment.ident != "Option" {
1686 return None;
1687 }
1688 let PathArguments::AngleBracketed(args) = &segment.arguments else {
1689 return None;
1690 };
1691 let GenericArgument::Type(inner) = args.args.first()? else {
1692 return None;
1693 };
1694 Some(inner)
1695}
1696
1697fn vec_inner_type(ty: &Type) -> Option<&Type> {
1698 let Type::Path(TypePath { path, .. }) = ty else {
1699 return None;
1700 };
1701 let segment = path.segments.last()?;
1702 if segment.ident != "Vec" {
1703 return None;
1704 }
1705 let PathArguments::AngleBracketed(args) = &segment.arguments else {
1706 return None;
1707 };
1708 let GenericArgument::Type(inner) = args.args.first()? else {
1709 return None;
1710 };
1711 Some(inner)
1712}
1713
1714fn sensitive_value_wrapper_inner_type(ty: &Type) -> Option<&Type> {
1715 let Type::Path(TypePath { path, .. }) = ty else {
1716 return None;
1717 };
1718 let segment = path.segments.last()?;
1719 if segment.ident != "SensitiveValueOf" {
1720 return None;
1721 }
1722 let PathArguments::AngleBracketed(args) = &segment.arguments else {
1723 return None;
1724 };
1725 let GenericArgument::Type(inner) = args.args.first()? else {
1726 return None;
1727 };
1728 Some(inner)
1729}
1730
1731fn to_snake_case(input: &str) -> String {
1732 let mut out = String::with_capacity(input.len() + 4);
1733 let mut prev_is_lower_or_digit = false;
1734
1735 for ch in input.chars() {
1736 if ch.is_ascii_uppercase() {
1737 if prev_is_lower_or_digit {
1738 out.push('_');
1739 }
1740 out.push(ch.to_ascii_lowercase());
1741 prev_is_lower_or_digit = false;
1742 } else {
1743 out.push(ch);
1744 prev_is_lower_or_digit = ch.is_ascii_lowercase() || ch.is_ascii_digit();
1745 }
1746 }
1747
1748 out
1749}
1750
1751fn to_pascal_case(input: &str) -> String {
1752 let mut out = String::with_capacity(input.len());
1753 let mut uppercase_next = true;
1754
1755 for ch in input.chars() {
1756 if ch == '_' || ch == '-' {
1757 uppercase_next = true;
1758 continue;
1759 }
1760
1761 if uppercase_next {
1762 out.push(ch.to_ascii_uppercase());
1763 uppercase_next = false;
1764 } else {
1765 out.push(ch);
1766 }
1767 }
1768
1769 out
1770}