feat(ensapi): operator-based filter inputs for events and permissions

[shrugs]

Reviewer Focus

• find-events-resolver.ts set/range helpers + empty in: [] → no matches (mirrors filter-by-name-in.ts).
• EventsTimestampFilter zod refines (≥1 bound; gt/gte mutex; lt/lte mutex; inverted-range rejected) — not expressible via @oneOf.

Problem & Motivation

extends the @oneOf operator pattern from Domain.name to the rest of Omnigraph's filter args where multiple operators have a real use case today. tight scope; expand on demand.

What Changed

1. new @oneOf { eq, in } filters (in: max 10): EventsSelectorFilter, EventsFromFilter, EventsSenderFilter, DomainPermissionsUserFilter.
2. new flat range filter EventsTimestampFilter { gt?, gte?, lt?, lte? }.
3. EventsWhereInput / AccountEventsWhereInput / DomainPermissionsWhereInput reshaped to use them.
4. Account.permissions(in: AccountIdInput) → Account.permissions(where: { contract }).
5. event inputs extracted to event-inputs.ts.

Design

set-membership = @oneOf { eq, in }; range = flat (bounds combine, can't be @oneOf). per-field-named inputs (no shared generics). empty in: [] matches nothing rather than 400 — matches DomainsNameFilter precedent + search-page consumer DX.

Self-Review

• reverted a mid-iteration minLength: 1 on in: that would have forced consumers to special-case empty UI state.
• streamlined Domain.permissions userScope to mirror setFilterCondition's in ?? [eq] pattern.
• extracted event inputs to event-inputs.ts for symmetry with domain-inputs.ts.

Cross-Codebase Alignment

grepped selector_in, timestamp_gte/_lte, EventsWhereInput, AccountEventsWhereInput, DomainPermissionsWhereInput, permissions(in:. no live references in apps/ensadmin, packages/ensnode-sdk, packages/ensnode-react, docs/ensnode.io, examples/. subgraph API intentionally untouched (compat).

Downstream Impact

breaking Omnigraph schema. SDL regenerated. no in-repo consumers affected. changeset added (minor, ensapi only).

Testing

typecheck clean, lint clean, 98 unit + 295 integration pass.

gap: timestamp cross-field refines not asserted by integration tests (zod-layer behavior).

Scope Reductions

no eq/in for timestamp, no negation, no version-filter extension, no shared generic filter types. open on demand.

Risk

pre-1.0 API. blast radius: ensapi GraphQL clients. rollback = revert.
named owner: @shrugs.

Pre-Review Checklist

• I reviewed every line of this diff and understand it end-to-end
• I'm prepared to defend this PR line-by-line in review
• I'm comfortable being the on-call owner for this change
• Relevant changesets are included (or explicitly not required)

[changeset-bot]

🦋 Changeset detected

Latest commit: 49305ae

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 24 packages

Name	Type
ensapi	Minor
ensindexer	Minor
ensadmin	Minor
ensrainbow	Minor
fallback-ensapi	Minor
enssdk	Minor
enscli	Minor
enskit	Minor
ensskills	Minor
@ensnode/datasources	Minor
@ensnode/ensrainbow-sdk	Minor
@ensnode/ensdb-sdk	Minor
@ensnode/ensnode-sdk	Minor
@ensnode/integration-test-env	Minor
@ensnode/ponder-sdk	Minor
@ensnode/ponder-subgraph	Minor
@ensnode/shared-configs	Minor
@docs/ensnode	Minor
@docs/ensrainbow	Minor
@namehash/ens-referrals	Minor
@namehash/namehash-ui	Minor
@ensnode/ensindexer-perf-testing	Minor
@ensnode/enskit-react-example	Patch
@ensnode/enssdk-example	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
enskit-react-example.ensnode.io	Ready	Preview, Comment	May 18, 2026 3:03pm

3 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
admin.ensnode.io	Skipped		May 18, 2026 3:03pm
ensnode.io	Skipped		May 18, 2026 3:03pm
ensrainbow.io	Skipped		May 18, 2026 3:03pm

[coderabbitai]

Warning

Rate limit exceeded

@shrugs has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 29 minutes and 32 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 41bc351d-a26c-4286-a0d8-81caa9c39c57

📥 Commits

Reviewing files that changed from the base of the PR and between 61439a3 and 49305ae.

📒 Files selected for processing (3)

• apps/ensapi/src/omnigraph-api/lib/find-events/find-events-resolver.ts
• apps/ensapi/src/omnigraph-api/schema/domain.integration.test.ts
• apps/ensapi/src/omnigraph-api/schema/event-inputs.ts

📝 Walkthrough

Walkthrough

Refactors omnigraph API event and permission filtering from flat field structures to operator-based input objects. Event filters use set membership (selector.eq/selector.in) and range operators (timestamp.gt/gte/lt/lte); address filters use from.{eq|in} and sender.{eq|in}. Permission user filters use user.{eq|in}. Includes resolver updates, validation constraints, and comprehensive test coverage.

Changes

Event and Permission Filter Operator-Based Refactoring

Layer / File(s)	Summary
Event filter input type contracts apps/ensapi/src/omnigraph-api/schema/event-inputs.ts, apps/ensapi/src/omnigraph-api/schema/event.ts, apps/ensapi/src/omnigraph-api/schema/permissions.ts, apps/ensapi/src/omnigraph-api/schema/resolver.ts	New input types EventsSelectorFilter, EventsFromFilter, EventsSenderFilter, EventsTimestampFilter, EventsWhereInput, and AccountEventsWhereInput replace flat fields with operator-based eq/in and gt/gte/lt/lte structures. Legacy types removed from event.ts. Schema imports updated to reference new location.
Permission filter input type contracts apps/ensapi/src/omnigraph-api/schema/domain-inputs.ts, apps/ensapi/src/omnigraph-api/schema/account.ts	DomainPermissionsUserFilter added with eq/in operators and max-length validation. AccountPermissionsWhereInput introduced for Account.permissions connection filtering via where.contract.
Event resolver filter implementation apps/ensapi/src/omnigraph-api/lib/find-events/find-events-resolver.ts, apps/ensapi/src/omnigraph-api/lib/find-domains/layers/filter-by-name-in.ts	Generic SetFilter and RangeFilter types and condition builders (setFilterCondition, rangeFilterCondition) translate new filter shapes into SQL. eventsWhereConditions refactored to compose conditions from the new input structure. Empty-list short-circuit documented to prevent inArray([]) errors.
Account events and permissions schema resolution apps/ensapi/src/omnigraph-api/schema/account.ts	Account.events resolver applies sender filter using { eq: parent.id } structure. Account.permissions resolver refactored to use where.contract argument with optional chainId/address filtering.
Domain permissions schema resolution apps/ensapi/src/omnigraph-api/schema/domain.ts	Domain.permissions resolver refactored to support user.in set membership via inArray with explicit short-circuit for empty lists. Drizzle ORM imports updated to include inArray, sql, and getTableColumns.
Integration test updates apps/ensapi/src/omnigraph-api/schema/account.integration.test.ts, apps/ensapi/src/omnigraph-api/schema/domain.integration.test.ts, apps/ensapi/src/omnigraph-api/schema/permissions.integration.test.ts	All event and permission filtering tests migrated to nested filter syntax: selector.{eq|in}, timestamp.{gte|lte}, from.eq, user.{eq|in}. Added coverage for in variants and edge cases (empty lists, unknown values).
Breaking change announcement .changeset/events-filters-oneof.md	Changeset entry documents omnigraph API breaking change: event/permission filter arguments restructured with operator-based inputs, 10-item in limit, timestamp range validation (at least one bound, no mixed gt+gte, lower < upper).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• namehash/ensnode#2014: Earlier PR that adds HCA-aware Event.sender field and switches Account.events to filter by sender; main PR refactors the same event filtering machinery to use the new operator-based filter model.
• namehash/ensnode#1745: Prior PR that introduces DomainPermissionsWhereInput for the Domain permissions connection; main PR restructures the user field within that type to support eq/in operators with item limits.

🐰 Filter forms bloom in structured shapes,
Operators nested, no more flat gaps!
Timestamp bounds dance with gentle grace,
Where clauses find their rightful place! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: introducing operator-based filter inputs (eq/in pattern) for events and permissions in the ensapi module.
Description check	✅ Passed	The description is comprehensive and well-structured, covering problem, changes, design rationale, testing, and pre-review checklist, though it diverges somewhat from the template's simpler structure.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/eq-extension

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR updates the Omnigraph GraphQL API to use operator-based filter input objects for events and permissions, aligning multiple fields with the existing @oneOf filter approach and adding a timestamp range filter with zod refinements. It rewires resolver SQL where-building to support { eq | in } set-membership filters and { gt/gte/lt/lte } timestamp ranges, regenerates the SDL, and updates integration tests accordingly.

Changes:

• Introduces per-field @oneOf set filters (eq/in) for event selector/from/sender and domain-permissions user filtering, plus a refined timestamp range filter.
• Refactors find-events-resolver to use shared setFilterCondition / rangeFilterCondition helpers (including empty-in: [] short-circuit semantics).
• Updates GraphQL schema wiring (imports, new inputs) and integration tests; adds a Changeset entry.

Reviewed changes

Copilot reviewed 13 out of 15 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
packages/enssdk/src/omnigraph/generated/schema.graphql	Regenerated SDL reflecting new operator-based filter input shapes and argument rename(s).
apps/ensapi/src/omnigraph-api/schema/resolver.ts	Switches EventsWhereInput import to the new event-inputs module.
apps/ensapi/src/omnigraph-api/schema/permissions.ts	Switches EventsWhereInput import to the new event-inputs module.
apps/ensapi/src/omnigraph-api/schema/permissions.integration.test.ts	Updates event-filter queries to new shapes; adds Domain.permissions user in test.
apps/ensapi/src/omnigraph-api/schema/event.ts	Removes event-related input definitions (leaving EventRef).
apps/ensapi/src/omnigraph-api/schema/event-inputs.ts	Adds new event filter inputs and zod refinements; defines EventsWhereInput / AccountEventsWhereInput.
apps/ensapi/src/omnigraph-api/schema/domain.ts	Updates Domain.permissions resolver to support `{ eq
apps/ensapi/src/omnigraph-api/schema/domain.integration.test.ts	Updates event-filter queries to the new where shapes.
apps/ensapi/src/omnigraph-api/schema/domain-inputs.ts	Adds DomainPermissionsUserFilter and updates DomainPermissionsWhereInput.user to use it.
apps/ensapi/src/omnigraph-api/schema/account.ts	Updates Account.events sender filter shape; renames Account.permissions arg to where and adds AccountPermissionsWhereInput.
apps/ensapi/src/omnigraph-api/schema/account.integration.test.ts	Updates Account.events filter tests to new operator-based input shapes.
apps/ensapi/src/omnigraph-api/lib/find-events/find-events-resolver.ts	Refactors event WHERE building to generic helpers; implements empty-in short-circuit and range filters.
apps/ensapi/src/omnigraph-api/lib/find-domains/layers/filter-by-name-in.ts	Minor comment adjustment; preserves empty-inArray([]) short-circuit semantics.
.changeset/events-filters-oneof.md	Declares a minor release note describing the breaking Omnigraph filter shape changes.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[greptile-apps]

Greptile Summary

This PR extends ENSapi's Omnigraph filter layer from a single @oneOf pattern on Domain.name to all remaining filter arguments on *.events and *.permissions connections. It introduces set-membership filters (EventsSelectorFilter, EventsFromFilter, EventsSenderFilter, DomainPermissionsUserFilter) using @oneOf { eq | in } and a flat range filter (EventsTimestampFilter { gt?, gte?, lt?, lte? }) with four Zod cross-field refines.

• New event-inputs.ts centralises all events input types; EventsWhereInput / AccountEventsWhereInput / DomainPermissionsWhereInput are reshaped to use them, and Account.permissions(in:) is replaced with Account.permissions(where: { contract }).
• setFilterCondition and rangeFilterCondition helpers in find-events-resolver.ts implement the runtime SQL translation; the empty-in: [] short-circuit mirrors the existing filter-by-name-in.ts precedent.
• The PR description notes a gap in timestamp cross-field refine tests — this is outdated; domain.integration.test.ts adds tests for all four Zod refines.

Confidence Score: 5/5

All changed code paths are well-scoped to the ENSapi Omnigraph schema layer with no in-repo downstream consumers affected; the logic is internally consistent and thoroughly tested.

The filter helpers are straightforward and correct, Zod refines use <= for the inverted-range check, the empty-in short-circuit is consistent, and integration tests cover all validation paths including pin-point equal bounds.

No files require special attention.

Important Files Changed

Filename	Overview
apps/ensapi/src/omnigraph-api/schema/event-inputs.ts	New file defining all events input types; Zod refines on EventsTimestampFilter correctly use <= for the range check and cover all four mutual-exclusion / at-least-one cases.
apps/ensapi/src/omnigraph-api/lib/find-events/find-events-resolver.ts	Refactored to use SetFilter/RangeFilter helpers; setFilterCondition and rangeFilterCondition are correct, empty-in short-circuit to sqlfalse is consistent with the design intent.
apps/ensapi/src/omnigraph-api/schema/domain.ts	ENSv2Domain.permissions now accepts DomainPermissionsWhereInput; the inline user.in ?? [user.eq] pattern mirrors setFilterCondition and correctly handles empty-in short-circuit.
apps/ensapi/src/omnigraph-api/schema/account.ts	Account.events now uses AccountEventsWhereInput; Account.permissions reshaped from flat in: to where: { contract } with correct internal Drizzle scoping.
apps/ensapi/src/omnigraph-api/schema/domain.integration.test.ts	Adds comprehensive Domain.events filter tests including all four Zod cross-field refine assertions and the pin-point equal-bounds case.

_{Reviews (10): Last reviewed commit: "test(ensapi): EventsTimestampFilter vali..." | Re-trigger Greptile}

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

apps/ensapi/src/omnigraph-api/schema/account.integration.test.ts (1)

234-313: 🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Add negative integration cases for timestamp filter validation.

This block only asserts valid timestamp paths. Please also assert rejection for invalid EventsTimestampFilter combinations ({}, { gt, gte }, { lt, lte }, and inverted ranges) so schema/refine regressions are caught at the API boundary.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@apps/ensapi/src/omnigraph-api/schema/account.integration.test.ts` around
lines 234 - 313, Add negative integration tests in the same test suite (near the
existing "filters by timestamp ..." cases) that call the GraphQL query symbol
AccountEventsFiltered via request<AccountEventsResult> with invalid
EventsTimestampFilter combinations and assert the API rejects them: test an
empty timestamp object (where: { timestamp: {} }), conflicting bounds ({
timestamp: { gt: midTs, gte: midTs } } and { timestamp: { lt: midTs, lte: midTs
} }), and inverted ranges ({ timestamp: { gte: highTs, lte: lowTs } }); locate
the helpers in this file (request, AccountEventsFiltered, allEvents) and for
each invalid input assert the request returns GraphQL errors or throws (e.g.
result.errors?.length > 0 or expect(request(...)).rejects.toThrow()), ensuring
the API surface validation fails these inputs.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.changeset/events-filters-oneof.md:
- Line 5: Refactor the long single-line breaking-change description in
.changeset/events-filters-oneof.md into a structured, readable format: split the
changes into bullet points or short paragraphs and list each API change
separately (referencing EventsWhereInput / AccountEventsWhereInput and the
selector_in → selector change, timestamp_gte/timestamp_lte → timestamp with
{gt,gte,lt,lte}, from/sender → {eq|in}, DomainPermissionsWhereInput.user →
{eq|in}, and the Account.permissions signature change to
Account.permissions(where: { contract: AccountIdInput })), and add a distinct
constraints section that calls out the set-membership in cap (10 items) and the
timestamp range rules (require ≥1 bound; disallow gt+gte and lt+lte and inverted
bounds) so downstream consumers can scan each change and constraint easily.

In `@apps/ensapi/src/omnigraph-api/lib/find-events/find-events-resolver.ts`:
- Around line 32-49: The two filter declarations use interface syntax but should
be type aliases per the coding guideline; replace the interface declarations for
SetFilter<T> and RangeFilter<T> with equivalent type aliases (e.g., "type
SetFilter<T> = { ... }" and "type RangeFilter<T> = { ... }") preserving the same
properties and optional/null annotations and the JSDoc comments, and keep the
generic parameter names and member names (SetFilter, RangeFilter, eq, in, gt,
gte, lt, lte) unchanged so downstream code continues to type-check.

---

Outside diff comments:
In `@apps/ensapi/src/omnigraph-api/schema/account.integration.test.ts`:
- Around line 234-313: Add negative integration tests in the same test suite
(near the existing "filters by timestamp ..." cases) that call the GraphQL query
symbol AccountEventsFiltered via request<AccountEventsResult> with invalid
EventsTimestampFilter combinations and assert the API rejects them: test an
empty timestamp object (where: { timestamp: {} }), conflicting bounds ({
timestamp: { gt: midTs, gte: midTs } } and { timestamp: { lt: midTs, lte: midTs
} }), and inverted ranges ({ timestamp: { gte: highTs, lte: lowTs } }); locate
the helpers in this file (request, AccountEventsFiltered, allEvents) and for
each invalid input assert the request returns GraphQL errors or throws (e.g.
result.errors?.length > 0 or expect(request(...)).rejects.toThrow()), ensuring
the API surface validation fails these inputs.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 3b0a8b22-d829-4dcd-bdcd-12be295b9274

📥 Commits

Reviewing files that changed from the base of the PR and between f6ef397 and 61439a3.

⛔ Files ignored due to path filters (2)

• packages/enssdk/src/omnigraph/generated/introspection.ts is excluded by !**/generated/**
• packages/enssdk/src/omnigraph/generated/schema.graphql is excluded by !**/generated/**

📒 Files selected for processing (13)

• .changeset/events-filters-oneof.md
• apps/ensapi/src/omnigraph-api/lib/find-domains/layers/filter-by-name-in.ts
• apps/ensapi/src/omnigraph-api/lib/find-events/find-events-resolver.ts
• apps/ensapi/src/omnigraph-api/schema/account.integration.test.ts
• apps/ensapi/src/omnigraph-api/schema/account.ts
• apps/ensapi/src/omnigraph-api/schema/domain-inputs.ts
• apps/ensapi/src/omnigraph-api/schema/domain.integration.test.ts
• apps/ensapi/src/omnigraph-api/schema/domain.ts
• apps/ensapi/src/omnigraph-api/schema/event-inputs.ts
• apps/ensapi/src/omnigraph-api/schema/event.ts
• apps/ensapi/src/omnigraph-api/schema/permissions.integration.test.ts
• apps/ensapi/src/omnigraph-api/schema/permissions.ts
• apps/ensapi/src/omnigraph-api/schema/resolver.ts

💤 Files with no reviewable changes (1)

• apps/ensapi/src/omnigraph-api/schema/event.ts

[shrugs]

@greptile review

[Copilot]

Pull request overview

Copilot reviewed 13 out of 15 changed files in this pull request and generated 2 comments.

[shrugs]

@greptile review

[shrugs]

@greptile review

[Copilot]

Pull request overview

Copilot reviewed 13 out of 15 changed files in this pull request and generated 2 comments.

[shrugs]

@greptile review

[lightwalker-eth]

@shrugs Looks super! Nice work 🚀 Please merge when ready 👍