feat(cli): type-safe permissions callback and improved relationship types

[ChiragAgg5k]

Summary

• Replace Permission[] with a type-safe callback pattern for permissions, similar to how queries work
• Use branded RoleString type to enforce that only RoleBuilder methods can be passed to permission methods
• Inline type definitions for better IntelliSense (shows all available methods on hover)
• Fix relationship types to use Create suffix for input types, avoiding requirement for internal fields like $id, $tableId
• Allow passing existing row ID string to link relationships instead of creating new child rows

Changes

Permissions callback pattern:

// Before
permissions: [Permission.read(Role.any())]

// After  
permissions: (p, r) => [
  p.read(r.any()),
  p.update(r.team("admins")),
]

Relationship types:

// Now allows:
// 1. Create new child with data
comments: [{ title: "...", content: "..." }]

// 2. Create with custom ID/permissions
comments: [{ $id: "custom-id", title: "..." }]

// 3. Link to existing row by ID
comments: ["existing-row-id"]

Test plan

• Generate SDK and verify permissions callback works with type safety
• Verify permission.read("invalid") shows type error (must use role builder)
• Verify relationship fields accept both create objects and ID strings
• Verify IntelliSense shows all available methods for permissions and queries

Summary by CodeRabbit

Release Notes

• New Features

  • Added builder-based permissions API for database operations, providing a more ergonomic interface for specifying permissions and roles.

• Chores

  • Improved type generation to differentiate between Create and Row operations.
  • Enhanced database method signatures with inline typed callbacks for better type safety.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

This pull request refactors the TypeScript code generation to introduce a builder-based permission API and separate type generation for Create versus Row operations. Key changes include: adding inline type constants (PERMISSION_CALLBACK_INLINE and getQueryCallbackInline) to the database generator, splitting attribute generation into createAttributes and rowAttributes controlled by a forCreate flag, updating method signatures to use the new inline permission and query callback types, and extending the type utility to conditionally generate relationship types based on the Create context. New exported types (RoleString, RoleBuilder, PermissionBuilder, PermissionCallback) support the builder pattern for permissions and roles.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: introducing type-safe permissions callback and improving relationship types to support Create-suffixed input types and ID linking.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}