cellular/jspg
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

jspg masking system installed

Browse Source
This commit is contained in:
Alex Groleau
2026-02-18 13:45:40 -05:00
parent 944675d669
commit 29c5160b49
8 changed files with 789 additions and 325 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
GEMINI.md
View File

@ -31,6 +31,17 @@ Loads and compiles the entire schema registry into the session's memory, atomica
* Compiles schemas into validators.
* **Returns**: `{"response": "success"}` or an error object.
### `mask_json_schema(schema_id text, instance jsonb) -> jsonb`
Validates a JSON instance and returns a new JSON object with unknown properties removed (pruned) based on the schema.
* **Inputs**:
* `schema_id`: The `$id` of the schema to mask against.
* `instance`: The JSON data to mask.
* **Returns**:
* On success: A `Drop` containing the **masked data**.
* On failure: A `Drop` containing validation errors.
### `validate_json_schema(schema_id text, instance jsonb) -> jsonb`
Validates a JSON instance against a pre-compiled schema.
@ -83,6 +94,16 @@ JSPG enforces a "Secure by Default" philosophy. All schemas are treated as if `u
### 4. Format Leniency for Empty Strings
To simplify frontend form logic, the format validators for `uuid`, `date-time`, and `email` explicitly allow empty strings (`""`). This treats an empty string as "present but unset" rather than "invalid format".
### 5. Masking (Constructive Validation)
JSPG supports a "Constructive Validation" mode via `mask_json_schema`. This is designed for high-performance API responses where the schema dictates the exact shape of the returned data.
* **Mechanism**: The validator traverses the instance against the schema.
* **Valid Fields**: Kept in the output.
* **Unknown/Extra Fields**: Silently removed (pruned) if `extensible: false` (default).
* **Invalid Fields**: Still trigger standard validation errors.
This allows the database to return "raw" joined rows (e.g. `SELECT * FROM person JOIN organization ...`) and have JSPG automatically shape the result into the expected API response, removing any internal or unrelated columns not defined in the schema.
## 🏗️ Architecture
The extension is written in Rust using `pgrx` and structures its schema parser to mirror the Punc Generator's design: