An extremely simple and explicit ORM for TypeScript

Kiss-ORM is a new, very opinionated ORM for TypeScript

Information

Category: Node.js / Database
Watchers: 4
Star: 402
Fork: 0
Last update: Sep 5, 2020

Resource links

https://github.com/Seb-C/kiss-orm

README
Issues 7

Kiss-ORM

Introduction
Compatibility
Basics
Getting started
Events
Cascade
Scoping
Soft delete
Migrations
Relationships
Eager loading for relationships
Autoloading relationships
Advanced typings
Transactions

Introduction

Kiss-ORM is a new, very opinionated ORM for TypeScript. Here is a description of it's design philosophy:

No query builder (you can use the full power and expressiveness of SQL)
Security: Kiss-ORM allows you to write and concatenate SQL queries without worrying about SQL injections
Fully tested
Sane dependency-injection (and dependencies!)
Data-mapper pattern rather than active-record
Immutability of the objects
No magic. Everything is explicit. No database operation is done unless explicitly requested.
Proper separation of concerns for your repositories
Simplicity: the architecture is ridiculously simple. If you need complex operations, you have the freedom to write it without worries.
No mappings: Kiss-ORM always assumes that the column and JS properties have the same name.

Compatibility

Currently, Kiss-ORM is only compatible with PostgreSQL via node-postgres, but there is an abstraction layer that will allows compatibility with other databases in the future. You are welcome to contribute :) .

Basics

Kiss-ORM uses the template-strings tagging feature to secure all the queries.

Here is the basic query syntax:

database.query(sql`
    SELECT *
    FROM "Users"
    WHERE "email" = ${unsafeInputs.email}
    AND "password" = CRYPT(${unsafeInputs.password})
`);

Did you notice the sql tag? This internally transforms the query safely into something like this:

{
    query: 'SELECT * FROM "Users" WHERE "email" = $1 AND "password" = CRYPT($2)',
    params: ['[email protected]', '123456'],
}

For security reasons, the query method does not accept raw strings, so you cannot forget to use the sql tag.

You can also safely include and concatenate queries:

const conditions = sql`"role" = ${'admin'} AND "blocked" = ${false}`;
database.query(sql`SELECT * FROM "Users" WHERE ${conditions};`);

Result:

{
    query: 'SELECT * FROM "Users" WHERE "role" = $1 AND "blocked" = $2',
    params: ['admin', false],
}

Getting started

Installation:

    npm install kiss-orm --save

import {
    sql,
    PgSqlDatabase,
    CrudRepository,
} from 'kiss-orm';

class UserModel {
    public readonly id!: number;
    public readonly email!: string;
    public readonly isBlocked!: boolean;
}

class UserRepository extends CrudRepository<UserModel> {
    constructor(database: PgSqlDatabase) {
        super({
            database,
            table: 'Users',
            primaryKey: 'id',
            model: UserModel,
        });
    }
}

// [...]

const db = new PgSqlDatabase({
    // https://node-postgres.com/api/client#new-clientconfig-object
    // https://node-postgres.com/api/pool#new-poolconfig-object
});

// Note: You can alternatively inject a Pool object to the `PgSqlDatabase` constructor if you need.

const repository = new UserRepository(db);

const user = await repository.get(2);
const blockedUsers: User[] = await repository.search(
    sql`"isBlocked" OR "email" LIKE ${'%@' + bannedDomain}`,
    sql`"email" ASC`,
);

const updatedUser = await repository.update(user, {
    isBlocked: false,
});

const newUser = await repository.create({
    email: '[email protected]',
    isBlocked: false,
});

await repository.delete(user);

await db.disconnect();

Events

There is no specific feature for the events, because the repositories allows you to do it in an explicit way:

class UsersRepository extends CrudRepository<UserModel> {
    public async create(attributes: any): Promise<UserModel> {
        doSomeThingBeforeInsert();
        const user = await super.create(attributes);
        doSomeThingAfterInsert();
        return user;
    }

    public async update(user: UserModel, attributes: any): Promise<UserModel> {
        doSomeThingBeforeUpdate();
        const newUser = await super.update(user, attributes);
        doSomeThingAfterUpdate();
        return newUser;
    }

    public async delete(user: UserModel) {
        doSomeThingBeforeDelete();
        await super.delete(user);
        doSomeThingAfterDelete();
    }
}

Cascade

Cascade operations are not supported by Kiss-ORM, but your database engine does it pretty well already :) .

If you have more complex or specific needs, you will have to specifically implement it with the proper transactions.

Scoping

Scoping allows you to apply a global filter to all SELECT queries.

class AdminUsersRepository extends CrudRepository<UserModel> {
    constructor(database: PgSqlDatabase) {
        super({
            // [...]
            scope: sql`"role" = 'admin'`,
        });
    }
}

Soft delete

Soft-delete can be implemented with the scoping feature

class UsersRepository extends CrudRepository<UserModel> {
    constructor(database: PgSqlDatabase) {
        super({
            // [...]
            scope: sql`NOT("deletedFlag")`,
        });
    }
}

When you do this, the delete method will still trigger a database DELETE operation. If you want to change this behaviour, you can override it:

class UsersRepository extends CrudRepository<UserModel> {
    public async delete(user: UserModel) {
        await this.update(user, { deletedFlag: true });
    }
}

Migrations

Kiss-ORM comes with a simple migration system. You can execute this whenever you want (when your server starts for example). Since this is a Javascript object, you can choose to organize your migrations however you want (for example import it for a big unique file, or split it).

await db.migrate({
    'createUserTable': sql`
        CREATE TABLE "User" (
            "id" UUID PRIMARY KEY NOT NULL,
            "email" TEXT NOT NULL
        );
    `,
    'addUserEmailIndex': sql`
        CREATE UNIQUE INDEX "User_email_index" ON "User"("email");
    `,
});

Relationships

Relationships are defined in the repositories and must be explicitly loaded

one-to-one

class RoleModel {
    // [...]
}

class UserModel {
    // [...]
    public readonly roleId!: number;

    public readonly role?: RoleModel;
}

class RoleRepository extends CrudRepository<RoleModel> {
    // [...]
}

class UserRepository extends CrudRepository<UserModel> {
    constructor(database: PgSqlDatabase) {
        super({
            // [...]
            relationships: {
                role: (user: UserModel) => (new RoleRepository(database)).get(user.roleId),
            },
        });
    }
}

const repository = new UserRepository(database);
let user = await repository.get(1);
// Currently. user.role is `undefined`. You explicitly need to load it
user = await repository.loadRelationship(user, 'role');
// `user.role` is now populated with a `RoleModel`.

one-to-many

class RoleModel {
    // [...]
    public readonly users?: UserModel[];
}

class RoleRepository extends CrudRepository<RoleModel> {
    constructor(database: PgSqlDatabase) {
        super({
            // [...]
            relationships: {
                users: (role: RoleModel) => (new UserRepository(database)).search(sql`"roleId" = ${role.id}`),
            },
        });
    }
}

const repository = new RoleRepository(database);
let role = await repository.get(1);
role = await repository.loadRelationship(role, 'users');
// role.users is now populated with an array of `UserModel`

many-to-many

class ArticleModel {
    // [...]
    public readonly authors?: UserModel[];
}

class UserModel {
    // [...]
    public readonly articles?: ArticleModel[];
}

class ArticleRepository extends CrudRepository<ArticleModel> {
    constructor(database: PgSqlDatabase) {
        super({
            // [...]
            relationships: {
                authors: (article: ArticleModel) => (new UserRepository(database)).search(sql`
                    "id" IN (
                        SELECT "userId"
                        FROM "ArticleAuthors"
                        WHERE "articleId" = ${article.id}
                    )
                `),
            },
        });
    }
}

class UserRepository extends CrudRepository<UserModel> {
    constructor(database: PgSqlDatabase) {
        super({
            // [...]
            relationships: {
                articles: (user: UserModel) => (new AuthorRepository(database)).search(sql`
                    "id" IN (
                        SELECT "articleId"
                        FROM "ArticleAuthors"
                        WHERE "userId" = ${user.id}
                    )
                `),
            },
        });
    }
}

const repository = new UserRepository(database);
let user = await repository.get(1);
user = await repository.loadRelationship(user, 'articles');
// `user.articles` is now populated with an array of `ArticleModel`.

const repository = new ArticleRepository(database);
let article = await repository.get(1);
article = await repository.loadRelationship(article, 'authors');
// `user.authors` is now populated with an array of `UserModel`.

Eager loading for relationships

Kiss-ORM only supports lazy-loading (on-demand). If you need something more complex, you should implement the queries specifically.

Autoloading relationships

class UserRepository extends CrudRepository<UserModel> {
    // [...]

    // This function is called everytime an object is created by Kiss-ORM
    // I don't recommend to do this because it will result in a lot of unnecessary queries...
    protected async createModelFromAttributes(attributes: any): Promise<UserModel> {
        const user = super.createModelFromAttributes(attributes);
        await this.loadRelationship(user, 'role');
        await this.loadRelationship(user, 'articles');
        return user;
    }
}

Advanced typings

By default, the type of the primary key (for the get method) and the parameters of the create and update methods is any, but you can specify it.

When you are using a serial / auto-increment id, you should not specify the id in the properties list.

class UserRepository extends CrudRepository<
    UserModel, // Object returned by the methods
    { email: string, isBlocked: boolean },
    number, // Type of the primary key (id)
> {
    // [...]
}

Handling uuids or automatically filled columns is a bit more tricky, but possible:

type UserParams = {
    uuid: SqlQuery,
    email: string,
    // [...]
    createdAt: Date,
};

type AllowedUserParams = Omit<UserParams, 'id' | 'createdAt'>;

export default class User extends CrudRepository<UserModel, UserParams, string> {
    // [...]

    async create (attributes: AllowedUserParams): Promise<UserModel> {
        return super.create({
            ...attributes,
            uuid: sql`gen_random_uuid()`,
            createdAt: new Date(),
        });
    }
}

Transactions

The sequence method can be used to run transactions. It ensures that all the queries are done on the same connection and that the connection is dedicated (no other async process can execute a query on this connection during the sequence).

await database.sequence(async query => {
    await query(sql`BEGIN;`);
    // [...]
    await query(sql`COMMIT;`);
});

5 Open More issues

Closed

Please add support for sqlite and sql.js

To use it in Ionic mobile apps Thanks

enhancement

opened Sep 3, 2020 by MuhAssar 7

Closed

CrudRepository is postgres only

here you use RETURNING which for example wont work with sqlite. Is CrudRepository meant to be postgres only?

opened Nov 26, 2020 by farfromrefug 5

Closed

es2017 build

Could you make you plugin compatible with es2017? You could use rollup to do that. It is pretty easy to setup build for esm and es5 https://stackoverflow.com/questions/63441311/rollup-esm-and-umd-builds-with-typescript-plugin-and-declarations-not-possible

wontfix

opened Nov 23, 2020 by farfromrefug 5

Closed

Add MySQL support

opened Dec 30, 2020 by Seb-C 3

Closed

How do you handle nullable/optional fields in Create?

I have a model that has a number of nullable fields that should be optional to pass when calling create on the repository:

class UserReportModel {
  public readonly id!: number;
  public readonly projectId!: string;
  public readonly createdAt!: Date;
  public readonly description?: string;
  public readonly version?: string;
}

The id is a serial so I'm doing the suggested removing it from params:

type UserReportParams = Omit<UserReportModel, 'id'>;

class UserReportRepository extends CrudRepository<UserReportModel, UserReportParams, number> {
  constructor(database: PgSqlDatabase) {
    super({
      database,
      table: 'UserReport',
      primaryKey: 'id',
      model: UserReportModel,
    });
  }
}

When I go to create I get type errors:

  await userReportRepository.create({
    projectId: report.ProjectIdentifier,
    createdAt: new Date(),
    description: report.Summary
  });

(property) description: string
Type 'string | undefined' is not assignable to type 'string'.
  Type 'undefined' is not assignable to type 'string'.

Looks like because the create attributes are Required here: https://github.com/Seb-C/kiss-orm/blob/master/src/Repositories/CrudRepository.ts#L97

question

opened Sep 12, 2020 by dshook 3

Closed

Can't use parameter when searching JSONB column

Hi, I'm trying to use a parameter to search a JSONB column (named fields in this case) that has an array of name/value objects.

If I specify the value I'm searching for directly it works:

  const results = await db.query(sql`
select * from "UserReport" where "fields" @> '[{"Name": "Category", "Value": "Performance"}]'
  `);

But when I try to use a parameter to specify what I'm searching for I get an error.

  const results = await db.query(sql`
select * from "UserReport" where "fields" @> '[{"Name": "Category", "Value": "${req.query.category}"}]'
  `);```

error: bind message supplies 1 parameters, but prepared statement "" requires 0```

Error directly from the db:

db_1      | 2020-12-28 04:03:24.099 UTC [74] ERROR:  bind message supplies 1 parameters, but prepared statement "" requires 0
db_1      | 2020-12-28 04:03:24.099 UTC [74] STATEMENT:
db_1      |     select * from "UserReport" where "fields" @> '[{"Name": "Category", "Value": "$1"}]'
db_1      |

I've done quite a bit of different quoting alternatives and also made sure all the parameters are there by logging them out in the queryPoolOrClient function and they're there so I'm not sure what's going on.

Thanks for the package and taking a look!

opened Dec 27, 2020 by dshook 2

Open

Bump minimist from 1.2.5 to 1.2.6

Bumps minimist from 1.2.5 to 1.2.6.

Commits

7efb22a 1.2.6
ef88b93 security notice for additional prototype pollution issue
c2b9819 isConstructorOrProto adapted from PR
bc8ecee test from prototype pollution PR
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies

opened Mar 28, 2022 by dependabot[bot] 0

FreeSql is a powerful O/RM component, supports .NET Core 2.1+, .NET Framework 4.0+, and Xamarin.

Analogue ORM : Data Mapper ORM for Laravel/PHP

Familiar asyncio ORM for python, built with relations in mind

An ORM for Swift, built on Codable

vuex-orm-apollo - Apollo/GraphQL integration for Vuex-ORM.

Content Provider Orm - This is a little orm that functions by using android content providers

Improved Laravel dot notation for explicit array keys.

EVA ORM - Simple asynchronous ORM for SQL databases

A small, simple and immutable ORM to manage relational data in your Redux store.

ORM package is an async ORM for Python, with support for Postgres, MySQL, and SQLite

Python without ifs and buts - an ORM layer for Python objects, inspired by Django

ORM library for Go Golang

GINO Is Not ORM - a Python asyncio ORM on SQLAlchemy core.

vuex-orm - The Vuex plugin to enable Object-Relational Mapping access to the Vuex Store.

PHP DataMapper, ORM

The benchmark to compare performance of PHP ORM solutions.

Mikro-orm：TypeScript ORM for Node.js based on Data Mapper

A simple, modern and secure encryption tool with small explicit keys, no config options, and UNIX-style composability.

A simple DynamoDB ORM for python, based on boto2

a small, expressive orm -- supports postgresql, mysql and sqlite

Active Record, Django-like queries, nested eager load and beauty __repr__ for SQLAlchemy

Share this repo

Related Repos

Database

1.2k

TypeORM module for Nest framework (node.js) 🍇

A progressive Node.js framework for building efficient and scalable server-side applications.

Database

Very fast in memory object DB for Node.JS.

Database

702

An implementation of the exact same app in Firestore, AWS Datastore, PouchDB, RxDB and Wat...

An implementation of the exact same app in Firestore, AWS Datastore, PouchDB, RxDB and WatermelonDB

Database

149

A tasty tool that lets you save, load and share postgres snapshots with ease

Database

🥭 Zero Config MongoDB Server for Node.js

Database

papr is a lightweight library built around the MongoDB NodeJS driver, written in TypeScrip...

papr is a lightweight library built around the MongoDB NodeJS driver, written in TypeScript.

Database

The fastest NixOS install there is! 🏎️🏁

nixos-up nixos-up is a dead-simple install wizard for NixOS. It's the fastest way to get from ISO to working installation. From the NixOS installation

Database

Dump anonymized PostgreSQL database with a NodeJS CLI

Export your PostgreSQL database anonymized. Replace all sensitive data thanks to faker. Output to a file that you can easily import with psql.

Database

1.3k

A node.js redlock implementation for distributed, highly-available redis locks

Database

Easy Wrapper for TypeORM Query Builder

TypeORM is one of ORM that can run in NodeJS, Browser, Cordova, PhoneGap, Ionic, React Native, NativeScript, Expo, and Electron platforms and can be used with TypeScript and JavaScript.