pylon-plugin 0.3.5

Pylon — realtime backend as a single Rust binary. Schema, policies, server functions, live queries, auth — one process.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

use crate::{Plugin, PluginError};
use pylon_auth::AuthContext;

/// Soft delete plugin. Converts deletes to updates that set `deletedAt`.
/// Adds a before_delete hook that rejects the actual delete and instead
/// sets a timestamp. The application should filter out soft-deleted rows.
pub struct SoftDeletePlugin {
    pub field: String,
    /// Entity names to apply soft delete to. Empty = all entities.
    pub entities: Vec<String>,
}

impl SoftDeletePlugin {
    pub fn new() -> Self {
        Self {
            field: "deletedAt".into(),
            entities: vec![],
        }
    }

    pub fn for_entities(entities: Vec<String>) -> Self {
        Self {
            field: "deletedAt".into(),
            entities,
        }
    }

    fn applies_to(&self, entity: &str) -> bool {
        self.entities.is_empty() || self.entities.iter().any(|e| e == entity)
    }
}

#[allow(dead_code)]
fn now_iso() -> String {
    use std::time::{SystemTime, UNIX_EPOCH};
    let ts = SystemTime::now()
        .duration_since(UNIX_EPOCH)
        .unwrap_or_default()
        .as_secs();
    format!("{ts}Z")
}

impl Plugin for SoftDeletePlugin {
    fn name(&self) -> &str {
        "soft-delete"
    }

    fn before_delete(
        &self,
        entity: &str,
        id: &str,
        _auth: &AuthContext,
    ) -> Result<(), PluginError> {
        if self.applies_to(entity) {
            // Block the real delete — the server should instead update with deletedAt.
            Err(PluginError {
                code: "SOFT_DELETE".into(),
                message: format!(
                    "Entity {} uses soft delete. Set {}.{} instead of deleting row {}.",
                    entity, entity, self.field, id
                ),
                status: 400,
            })
        } else {
            Ok(())
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn blocks_delete_for_all_entities() {
        let plugin = SoftDeletePlugin::new();
        let result = plugin.before_delete("Todo", "t1", &AuthContext::anonymous());
        assert!(result.is_err());
        assert_eq!(result.unwrap_err().code, "SOFT_DELETE");
    }

    #[test]
    fn blocks_delete_for_specific_entities() {
        let plugin = SoftDeletePlugin::for_entities(vec!["Todo".into()]);
        assert!(plugin
            .before_delete("Todo", "t1", &AuthContext::anonymous())
            .is_err());
        assert!(plugin
            .before_delete("User", "u1", &AuthContext::anonymous())
            .is_ok());
    }

    #[test]
    fn allows_delete_for_non_matching() {
        let plugin = SoftDeletePlugin::for_entities(vec!["Todo".into()]);
        let result = plugin.before_delete("Comment", "c1", &AuthContext::anonymous());
        assert!(result.is_ok());
    }
}