fix(orm): recurse into composite expressions in bindWhereExpr, reject invalid HAVING predicates

bindWhereExpr: 6 composite expression handlers (subquery, operation,
aggregate, jsonObject, jsonArrayAgg, list) were incorrectly implemented
as passthroughs, skipping binding of nested SelectAsts. Now they call
bindExpression to recursively bind inner expressions.

validateGroupedHavingExpr: 10 passthrough handlers silently allowed
expression types that are not valid HAVING predicates (columnRef,
identifierRef, subquery, operation, aggregate, jsonObject, jsonArrayAgg,
literal, param, list). Now they throw, consistent with the existing
exists rejection. ParamRef throws with the specific ParamRef message.

Added exhaustive tests for both functions covering all expression types,
edge cases, error paths, and nested logical expressions.

Author: SevInf

packages/3-extensions/sql-orm-client/src/query-plan-aggregate.ts

@@ -60,38 +60,24 @@ function validateGroupedMetricExpr(expr: AnyExpression): AggregateExpr {
   return expr;
 }
 
+function rejectHavingExpr(expr: { kind: string }): never {
+  throw new Error(`Unsupported grouped having expression kind "${expr.kind}"`);
+}
+
 function validateGroupedHavingExpr(expr: AnyExpression): AnyExpression {
   return expr.accept<AnyExpression>({
-    columnRef(expr) {
-      return expr;
-    },
-    identifierRef(expr) {
-      return expr;
-    },
-    subquery(expr) {
-      return expr;
-    },
-    operation(expr) {
-      return expr;
-    },
-    aggregate(expr) {
-      return expr;
-    },
-    jsonObject(expr) {
-      return expr;
-    },
-    jsonArrayAgg(expr) {
-      return expr;
-    },
-    literal(expr) {
-      return expr;
-    },
-    param(expr) {
-      return expr;
-    },
-    list(expr) {
-      return expr;
+    columnRef: rejectHavingExpr,
+    identifierRef: rejectHavingExpr,
+    subquery: rejectHavingExpr,
+    operation: rejectHavingExpr,
+    aggregate: rejectHavingExpr,
+    jsonObject: rejectHavingExpr,
+    jsonArrayAgg: rejectHavingExpr,
+    literal: rejectHavingExpr,
+    param() {
+      throw new Error('ParamRef is not supported in grouped having expressions');
     },
+    list: rejectHavingExpr,
     and(expr) {
       return AndExpr.of(expr.exprs.map((child) => validateGroupedHavingExpr(child)));
     },

packages/3-extensions/sql-orm-client/src/where-binding.ts

@@ -36,19 +36,19 @@ function bindWhereExprNode(contract: SqlContract<SqlStorage>, expr: AnyExpressio
       return expr;
     },
     subquery(expr) {
-      return expr;
+      return bindExpression(contract, expr);
     },
     operation(expr) {
-      return expr;
+      return bindExpression(contract, expr);
     },
     aggregate(expr) {
-      return expr;
+      return bindExpression(contract, expr);
     },
     jsonObject(expr) {
-      return expr;
+      return bindExpression(contract, expr);
     },
     jsonArrayAgg(expr) {
-      return expr;
+      return bindExpression(contract, expr);
     },
     literal(expr) {
       return expr;
@@ -57,7 +57,7 @@ function bindWhereExprNode(contract: SqlContract<SqlStorage>, expr: AnyExpressio
       return expr;
     },
     list(expr) {
-      return expr;
+      return bindExpression(contract, expr);
     },
     binary(expr) {
       const left = bindExpression(contract, expr.left);

packages/3-extensions/sql-orm-client/test/query-plan-aggregate.test.ts

@@ -1,23 +1,38 @@
 import {
   AggregateExpr,
   AndExpr,
+  type AnyExpression,
   BinaryExpr,
   ColumnRef,
   ExistsExpr,
+  IdentifierRef,
+  JsonArrayAggExpr,
+  JsonObjectExpr,
   ListExpression,
   LiteralExpr,
+  NotExpr,
   NullCheckExpr,
+  OperationExpr,
   OrExpr,
   ParamRef,
   ProjectionItem,
   SelectAst,
+  SubqueryExpr,
   TableSource,
 } from '@prisma-next/sql-relational-core/ast';
 import { describe, expect, it } from 'vitest';
 import { compileAggregate, compileGroupedAggregate } from '../src/query-plan';
 import { bindWhereExpr } from '../src/where-binding';
 import { baseContract } from './collection-fixtures';
 
+const defaultAggSpec = {
+  totalViews: { kind: 'aggregate' as const, fn: 'sum' as const, column: 'views' },
+};
+
+function compileWithHaving(having: AnyExpression) {
+  return compileGroupedAggregate(baseContract, 'posts', [], ['user_id'], defaultAggSpec, having);
+}
+
 describe('query plan aggregate', () => {
   const filteredViews = bindWhereExpr(
     baseContract,
@@ -182,4 +197,161 @@ describe('query plan aggregate', () => {
       },
     ]);
   });
+
+  describe('validateGroupedHavingExpr rejects non-predicate expression types', () => {
+    it('rejects ColumnRef', () => {
+      expect(() => compileWithHaving(ColumnRef.of('posts', 'views'))).toThrow(
+        'Unsupported grouped having expression kind "column-ref"',
+      );
+    });
+
+    it('rejects IdentifierRef', () => {
+      expect(() => compileWithHaving(IdentifierRef.of('some_name'))).toThrow(
+        'Unsupported grouped having expression kind "identifier-ref"',
+      );
+    });
+
+    it('rejects SubqueryExpr', () => {
+      const sub = SubqueryExpr.of(
+        SelectAst.from(TableSource.named('posts')).withProjection([
+          ProjectionItem.of('id', ColumnRef.of('posts', 'id')),
+        ]),
+      );
+      expect(() => compileWithHaving(sub)).toThrow(
+        'Unsupported grouped having expression kind "subquery"',
+      );
+    });
+
+    it('rejects OperationExpr', () => {
+      const op = OperationExpr.function({
+        method: 'contains',
+        forTypeId: 'pg/text@1',
+        self: ColumnRef.of('posts', 'title'),
+        args: [LiteralExpr.of('test')],
+        returns: { kind: 'builtin', type: 'boolean' },
+        template: 'position({1} in {0}) > 0',
+      });
+      expect(() => compileWithHaving(op)).toThrow(
+        'Unsupported grouped having expression kind "operation"',
+      );
+    });
+
+    it('rejects bare AggregateExpr', () => {
+      expect(() => compileWithHaving(AggregateExpr.count())).toThrow(
+        'Unsupported grouped having expression kind "aggregate"',
+      );
+    });
+
+    it('rejects JsonObjectExpr', () => {
+      const json = JsonObjectExpr.fromEntries([
+        JsonObjectExpr.entry('x', ColumnRef.of('posts', 'id')),
+      ]);
+      expect(() => compileWithHaving(json)).toThrow(
+        'Unsupported grouped having expression kind "json-object"',
+      );
+    });
+
+    it('rejects JsonArrayAggExpr', () => {
+      const agg = JsonArrayAggExpr.of(ColumnRef.of('posts', 'id'));
+      expect(() => compileWithHaving(agg)).toThrow(
+        'Unsupported grouped having expression kind "json-array-agg"',
+      );
+    });
+
+    it('rejects LiteralExpr', () => {
+      expect(() => compileWithHaving(LiteralExpr.of(true))).toThrow(
+        'Unsupported grouped having expression kind "literal"',
+      );
+    });
+
+    it('rejects top-level ParamRef', () => {
+      expect(() => compileWithHaving(ParamRef.of(1, { name: 'x', codecId: 'pg/int4@1' }))).toThrow(
+        'ParamRef is not supported in grouped having expressions',
+      );
+    });
+
+    it('rejects ListExpression', () => {
+      expect(() =>
+        compileWithHaving(ListExpression.of([LiteralExpr.of(1), LiteralExpr.of(2)])),
+      ).toThrow('Unsupported grouped having expression kind "list"');
+    });
+  });
+
+  describe('validateGroupedHavingExpr rejects invalid expressions inside logical operators', () => {
+    it('rejects invalid expression inside AND', () => {
+      expect(() =>
+        compileWithHaving(
+          AndExpr.of([
+            BinaryExpr.gte(AggregateExpr.count(), LiteralExpr.of(5)),
+            ColumnRef.of('posts', 'views'),
+          ]),
+        ),
+      ).toThrow('Unsupported grouped having expression kind "column-ref"');
+    });
+
+    it('rejects invalid expression inside OR', () => {
+      expect(() =>
+        compileWithHaving(
+          OrExpr.of([
+            BinaryExpr.gte(AggregateExpr.count(), LiteralExpr.of(5)),
+            LiteralExpr.of(true),
+          ]),
+        ),
+      ).toThrow('Unsupported grouped having expression kind "literal"');
+    });
+
+    it('rejects invalid expression inside NOT', () => {
+      expect(() => compileWithHaving(new NotExpr(AggregateExpr.count()))).toThrow(
+        'Unsupported grouped having expression kind "aggregate"',
+      );
+    });
+  });
+
+  describe('validateGroupedHavingExpr accepts valid predicate expressions', () => {
+    it('accepts NOT wrapping a valid binary', () => {
+      const plan = compileWithHaving(
+        new NotExpr(BinaryExpr.gte(AggregateExpr.count(), LiteralExpr.of(5))),
+      );
+      expect((plan.ast as SelectAst).having).toBeInstanceOf(NotExpr);
+    });
+
+    it('accepts NOT wrapping NullCheck', () => {
+      const plan = compileWithHaving(
+        new NotExpr(NullCheckExpr.isNull(AggregateExpr.sum(ColumnRef.of('posts', 'views')))),
+      );
+      expect((plan.ast as SelectAst).having).toBeInstanceOf(NotExpr);
+    });
+
+    it('accepts nested NOT(AND(binary, binary))', () => {
+      const plan = compileWithHaving(
+        new NotExpr(
+          AndExpr.of([
+            BinaryExpr.gte(AggregateExpr.count(), LiteralExpr.of(1)),
+            BinaryExpr.lte(AggregateExpr.sum(ColumnRef.of('posts', 'views')), LiteralExpr.of(100)),
+          ]),
+        ),
+      );
+      expect((plan.ast as SelectAst).having).toBeInstanceOf(NotExpr);
+    });
+  });
+
+  describe('validateGroupedComparable rejects invalid right-side expressions', () => {
+    it('rejects SubqueryExpr on right side of binary', () => {
+      const sub = SubqueryExpr.of(
+        SelectAst.from(TableSource.named('posts')).withProjection([
+          ProjectionItem.of('id', ColumnRef.of('posts', 'id')),
+        ]),
+      );
+      expect(() => compileWithHaving(BinaryExpr.gte(AggregateExpr.count(), sub))).toThrow(
+        'Unsupported comparable kind in grouped having: "subquery"',
+      );
+    });
+
+    it('rejects JsonObjectExpr on right side of binary', () => {
+      const json = JsonObjectExpr.fromEntries([JsonObjectExpr.entry('x', LiteralExpr.of(1))]);
+      expect(() => compileWithHaving(BinaryExpr.gte(AggregateExpr.count(), json))).toThrow(
+        'Unsupported comparable kind in grouped having: "json-object"',
+      );
+    });
+  });
 });