@aeriajs/builtins 0.0.230 → 0.0.232
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authentication.d.ts +4 -4
- package/dist/authentication.js +4 -5
- package/dist/authentication.mjs +4 -5
- package/dist/collections/file/download.d.ts +7 -8
- package/dist/collections/file/download.js +4 -5
- package/dist/collections/file/download.mjs +4 -5
- package/dist/collections/file/index.d.ts +18 -18
- package/dist/collections/file/remove.d.ts +12 -12
- package/dist/collections/file/removeAll.d.ts +2 -2
- package/dist/collections/user/activate.d.ts +17 -17
- package/dist/collections/user/activate.js +10 -11
- package/dist/collections/user/activate.mjs +10 -11
- package/dist/collections/user/authenticate.d.ts +7 -8
- package/dist/collections/user/createAccount.d.ts +9 -10
- package/dist/collections/user/createAccount.js +5 -6
- package/dist/collections/user/createAccount.mjs +5 -6
- package/dist/collections/user/editProfile.d.ts +3 -3
- package/dist/collections/user/getActivationLink.d.ts +13 -14
- package/dist/collections/user/getCurrentUser.d.ts +5 -5
- package/dist/collections/user/getCurrentUser.js +5 -6
- package/dist/collections/user/getCurrentUser.mjs +5 -6
- package/dist/collections/user/getInfo.d.ts +13 -13
- package/dist/collections/user/getInfo.js +9 -10
- package/dist/collections/user/getInfo.mjs +9 -10
- package/dist/collections/user/getRedefinePasswordLink.d.ts +11 -12
- package/dist/collections/user/index.d.ts +79 -79
- package/dist/collections/user/insert.d.ts +9 -10
- package/dist/collections/user/insert.js +21 -19
- package/dist/collections/user/insert.mjs +21 -19
- package/dist/collections/user/redefinePassword.d.ts +17 -17
- package/dist/collections/user/redefinePassword.js +10 -11
- package/dist/collections/user/redefinePassword.mjs +10 -11
- package/dist/functions/describe.d.ts +9 -9
- package/dist/index.d.ts +97 -97
- package/package.json +17 -17
|
@@ -218,19 +218,19 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
218
218
|
readonly error: undefined;
|
|
219
219
|
readonly result: import("mongodb").WithId<Omit<import("@aeriajs/types").PackReferences<import("@aeriajs/types").SchemaWithId<import("@aeriajs/types").Description>>, "_id">> | null;
|
|
220
220
|
} | import("@aeriajs/types").Result.Error<{
|
|
221
|
-
readonly code:
|
|
221
|
+
readonly code: "RESOURCE_NOT_FOUND";
|
|
222
222
|
} & {
|
|
223
|
-
httpStatus:
|
|
223
|
+
httpStatus: 404;
|
|
224
224
|
}> | import("@aeriajs/types").Result.Error<{
|
|
225
|
-
readonly code:
|
|
225
|
+
readonly code: "OWNERSHIP_ERROR";
|
|
226
226
|
} & {
|
|
227
|
-
httpStatus:
|
|
227
|
+
httpStatus: 403;
|
|
228
228
|
}>>;
|
|
229
229
|
readonly upload: (payload: unknown, context: Omit<Context, "token">) => Promise<import("@aeriajs/types").Result.Error<{
|
|
230
|
-
readonly code:
|
|
230
|
+
readonly code: "MALFORMED_INPUT";
|
|
231
231
|
readonly details: import("@aeriajs/types").ValidationError | import("@aeriajs/types").PropertyValidationError;
|
|
232
232
|
} & {
|
|
233
|
-
httpStatus:
|
|
233
|
+
httpStatus: 400;
|
|
234
234
|
}> | {
|
|
235
235
|
readonly _tag: "Result";
|
|
236
236
|
readonly error: undefined;
|
|
@@ -243,29 +243,29 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
243
243
|
readonly error: undefined;
|
|
244
244
|
readonly result: any;
|
|
245
245
|
} | import("@aeriajs/types").Result.Error<{
|
|
246
|
-
readonly code:
|
|
246
|
+
readonly code: "OWNERSHIP_ERROR";
|
|
247
247
|
} & {
|
|
248
|
-
httpStatus:
|
|
248
|
+
httpStatus: 403;
|
|
249
249
|
}>>;
|
|
250
250
|
readonly insert: (payload: NoInfer<import("@aeriajs/types").InsertPayload<import("@aeriajs/types").SchemaWithId<import("@aeriajs/types").Description>>>, context: Omit<Context, "token">) => Promise<import("@aeriajs/types").Result.Error<{
|
|
251
|
-
readonly code:
|
|
251
|
+
readonly code: "AUTHORIZATION_ERROR";
|
|
252
252
|
readonly message: "user is not allowed to edit other users roles";
|
|
253
253
|
} & {
|
|
254
|
-
httpStatus:
|
|
254
|
+
httpStatus: 403;
|
|
255
255
|
}> | import("@aeriajs/types").Result.Error<{
|
|
256
|
-
readonly code:
|
|
256
|
+
readonly code: "AUTHORIZATION_ERROR";
|
|
257
257
|
readonly message: "tried to set unallowed roles";
|
|
258
258
|
} & {
|
|
259
|
-
httpStatus:
|
|
259
|
+
httpStatus: 403;
|
|
260
260
|
}> | import("@aeriajs/types").Result.Error<{
|
|
261
|
-
readonly code:
|
|
261
|
+
readonly code: "RESOURCE_NOT_FOUND";
|
|
262
262
|
} & {
|
|
263
|
-
httpStatus:
|
|
263
|
+
httpStatus: 404;
|
|
264
264
|
}> | import("@aeriajs/types").Result.Error<{
|
|
265
|
-
readonly code:
|
|
266
|
-
readonly message: "tried to edit an user with a
|
|
265
|
+
readonly code: "AUTHORIZATION_ERROR";
|
|
266
|
+
readonly message: "tried to edit an user with a role higher in the hierarchy";
|
|
267
267
|
} & {
|
|
268
|
-
httpStatus:
|
|
268
|
+
httpStatus: 403;
|
|
269
269
|
}> | import("@aeriajs/types").InsertReturnType<import("@aeriajs/types").SchemaWithId<import("@aeriajs/types").Description>>>;
|
|
270
270
|
readonly editProfile: (payload: Partial<import("@aeriajs/types").PackReferences<import("@aeriajs/types").SchemaWithId<{
|
|
271
271
|
readonly $id: "user";
|
|
@@ -476,9 +476,9 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
476
476
|
};
|
|
477
477
|
};
|
|
478
478
|
}>> | import("@aeriajs/types").Result.Error<{
|
|
479
|
-
readonly code:
|
|
479
|
+
readonly code: "TARGET_IMMUTABLE";
|
|
480
480
|
} & {
|
|
481
|
-
httpStatus:
|
|
481
|
+
httpStatus: 403;
|
|
482
482
|
}>>;
|
|
483
483
|
readonly authenticate: (payload: {
|
|
484
484
|
email: string;
|
|
@@ -487,9 +487,9 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
487
487
|
token?: import("@aeriajs/types").TokenRecipient;
|
|
488
488
|
revalidate: true;
|
|
489
489
|
}, context: Omit<Context, "token">) => Promise<import("@aeriajs/types").Result.Error<{
|
|
490
|
-
readonly code:
|
|
490
|
+
readonly code: "AUTHORIZATION_ERROR";
|
|
491
491
|
} & {
|
|
492
|
-
httpStatus:
|
|
492
|
+
httpStatus: 401;
|
|
493
493
|
}> | {
|
|
494
494
|
readonly _tag: "Result";
|
|
495
495
|
readonly error: undefined;
|
|
@@ -511,38 +511,38 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
511
511
|
readonly error: undefined;
|
|
512
512
|
readonly result: import("../../authentication.js").SuccessfulAuthentication;
|
|
513
513
|
} | import("@aeriajs/types").Result.Error<{
|
|
514
|
-
readonly code:
|
|
514
|
+
readonly code: "INVALID_CREDENTIALS";
|
|
515
515
|
} & {
|
|
516
|
-
httpStatus:
|
|
516
|
+
httpStatus: 401;
|
|
517
517
|
}> | import("@aeriajs/types").Result.Error<{
|
|
518
|
-
readonly code:
|
|
518
|
+
readonly code: "INACTIVE_USER";
|
|
519
519
|
} & {
|
|
520
|
-
httpStatus:
|
|
520
|
+
httpStatus: 401;
|
|
521
521
|
}>>;
|
|
522
522
|
readonly activate: (payload: {
|
|
523
523
|
password?: string;
|
|
524
524
|
userId?: string;
|
|
525
525
|
token?: string;
|
|
526
526
|
}, context: Omit<Context, "token">) => Promise<import("@aeriajs/types").Result.Error<{
|
|
527
|
-
readonly code:
|
|
527
|
+
readonly code: "INVALID_LINK";
|
|
528
528
|
} & {
|
|
529
|
-
httpStatus:
|
|
529
|
+
httpStatus: 404;
|
|
530
530
|
}> | import("@aeriajs/types").Result.Error<{
|
|
531
|
-
readonly code:
|
|
531
|
+
readonly code: "USER_NOT_FOUND";
|
|
532
532
|
} & {
|
|
533
|
-
httpStatus:
|
|
533
|
+
httpStatus: 404;
|
|
534
534
|
}> | import("@aeriajs/types").Result.Error<{
|
|
535
|
-
readonly code:
|
|
535
|
+
readonly code: "ALREADY_ACTIVE_USER";
|
|
536
536
|
} & {
|
|
537
|
-
httpStatus:
|
|
537
|
+
httpStatus: 403;
|
|
538
538
|
}> | import("@aeriajs/types").Result.Error<{
|
|
539
|
-
readonly code:
|
|
539
|
+
readonly code: "INVALID_TOKEN";
|
|
540
540
|
} & {
|
|
541
|
-
httpStatus:
|
|
541
|
+
httpStatus: 401;
|
|
542
542
|
}> | import("@aeriajs/types").Result.Error<{
|
|
543
|
-
readonly code:
|
|
543
|
+
readonly code: "MALFORMED_INPUT";
|
|
544
544
|
} & {
|
|
545
|
-
httpStatus:
|
|
545
|
+
httpStatus: 422;
|
|
546
546
|
}> | {
|
|
547
547
|
readonly _tag: "Result";
|
|
548
548
|
readonly error: undefined;
|
|
@@ -655,18 +655,18 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
655
655
|
};
|
|
656
656
|
};
|
|
657
657
|
}>>> & Record<string, unknown>, context: Omit<Context, "token">) => Promise<import("@aeriajs/types").Result.Error<{
|
|
658
|
-
readonly code:
|
|
658
|
+
readonly code: "SIGNUP_DISALLOWED";
|
|
659
659
|
} & {
|
|
660
|
-
httpStatus:
|
|
660
|
+
httpStatus: 403;
|
|
661
661
|
}> | import("@aeriajs/types").Result.Error<{
|
|
662
|
-
readonly code:
|
|
662
|
+
readonly code: "MALFORMED_INPUT";
|
|
663
663
|
readonly details: import("@aeriajs/types").PropertyValidationError | import("@aeriajs/types").ValidationError;
|
|
664
664
|
} & {
|
|
665
|
-
httpStatus:
|
|
665
|
+
httpStatus: 400;
|
|
666
666
|
}> | import("@aeriajs/types").Result.Error<{
|
|
667
|
-
readonly code:
|
|
667
|
+
readonly code: "OWNERSHIP_ERROR";
|
|
668
668
|
} & {
|
|
669
|
-
httpStatus:
|
|
669
|
+
httpStatus: 403;
|
|
670
670
|
}> | import("@aeriajs/types").InsertReturnType<import("@aeriajs/types").SchemaWithId<{
|
|
671
671
|
readonly $id: "user";
|
|
672
672
|
readonly icon: "users";
|
|
@@ -776,17 +776,17 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
776
776
|
userId: string;
|
|
777
777
|
token: string;
|
|
778
778
|
}, context: Omit<Context, "token">) => Promise<import("@aeriajs/types").Result.Error<{
|
|
779
|
-
readonly code:
|
|
779
|
+
readonly code: "INVALID_LINK";
|
|
780
780
|
} & {
|
|
781
|
-
httpStatus:
|
|
781
|
+
httpStatus: 404;
|
|
782
782
|
}> | import("@aeriajs/types").Result.Error<{
|
|
783
|
-
readonly code:
|
|
783
|
+
readonly code: "USER_NOT_FOUND";
|
|
784
784
|
} & {
|
|
785
|
-
httpStatus:
|
|
785
|
+
httpStatus: 404;
|
|
786
786
|
}> | import("@aeriajs/types").Result.Error<{
|
|
787
|
-
readonly code:
|
|
787
|
+
readonly code: "INVALID_TOKEN";
|
|
788
788
|
} & {
|
|
789
|
-
httpStatus:
|
|
789
|
+
httpStatus: 401;
|
|
790
790
|
}> | {
|
|
791
791
|
readonly _tag: "Result";
|
|
792
792
|
readonly error: undefined;
|
|
@@ -922,10 +922,10 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
922
922
|
readonly _tag: "Error";
|
|
923
923
|
readonly error: Pick<{} & Omit<Readonly<import("@aeriajs/types").FilterReadonlyProperties<{
|
|
924
924
|
readonly httpStatus: {
|
|
925
|
-
readonly enum: [
|
|
925
|
+
readonly enum: [403, 404, 400];
|
|
926
926
|
};
|
|
927
927
|
readonly code: {
|
|
928
|
-
readonly enum: [
|
|
928
|
+
readonly enum: ["RESOURCE_NOT_FOUND", "OWNERSHIP_ERROR", "INSECURE_OPERATOR", "MALFORMED_INPUT"];
|
|
929
929
|
};
|
|
930
930
|
readonly message: {
|
|
931
931
|
readonly type: "string";
|
|
@@ -935,16 +935,16 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
935
935
|
readonly additionalProperties: true;
|
|
936
936
|
};
|
|
937
937
|
}>> & {
|
|
938
|
-
code:
|
|
939
|
-
httpStatus:
|
|
938
|
+
code: "RESOURCE_NOT_FOUND" | "INSECURE_OPERATOR" | "OWNERSHIP_ERROR" | "MALFORMED_INPUT";
|
|
939
|
+
httpStatus: 403 | 400 | 404;
|
|
940
940
|
message: string;
|
|
941
941
|
details: any;
|
|
942
942
|
}, never>, "code" | "httpStatus"> & Partial<{} & Omit<Readonly<import("@aeriajs/types").FilterReadonlyProperties<{
|
|
943
943
|
readonly httpStatus: {
|
|
944
|
-
readonly enum: [
|
|
944
|
+
readonly enum: [403, 404, 400];
|
|
945
945
|
};
|
|
946
946
|
readonly code: {
|
|
947
|
-
readonly enum: [
|
|
947
|
+
readonly enum: ["RESOURCE_NOT_FOUND", "OWNERSHIP_ERROR", "INSECURE_OPERATOR", "MALFORMED_INPUT"];
|
|
948
948
|
};
|
|
949
949
|
readonly message: {
|
|
950
950
|
readonly type: "string";
|
|
@@ -954,20 +954,20 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
954
954
|
readonly additionalProperties: true;
|
|
955
955
|
};
|
|
956
956
|
}>> & {
|
|
957
|
-
code:
|
|
958
|
-
httpStatus:
|
|
957
|
+
code: "RESOURCE_NOT_FOUND" | "INSECURE_OPERATOR" | "OWNERSHIP_ERROR" | "MALFORMED_INPUT";
|
|
958
|
+
httpStatus: 403 | 400 | 404;
|
|
959
959
|
message: string;
|
|
960
960
|
details: any;
|
|
961
961
|
}, never>>;
|
|
962
962
|
readonly result: undefined;
|
|
963
963
|
} | import("@aeriajs/types").Result.Error<{
|
|
964
|
-
readonly code:
|
|
964
|
+
readonly code: "INVALID_LINK";
|
|
965
965
|
} & {
|
|
966
|
-
httpStatus:
|
|
966
|
+
httpStatus: 400;
|
|
967
967
|
}> | import("@aeriajs/types").Result.Error<{
|
|
968
|
-
readonly code:
|
|
968
|
+
readonly code: "ALREADY_ACTIVE_USER";
|
|
969
969
|
} & {
|
|
970
|
-
httpStatus:
|
|
970
|
+
httpStatus: 403;
|
|
971
971
|
}> | {
|
|
972
972
|
readonly _tag: "Result";
|
|
973
973
|
readonly error: undefined;
|
|
@@ -982,10 +982,10 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
982
982
|
readonly _tag: "Error";
|
|
983
983
|
readonly error: Pick<{} & Omit<Readonly<import("@aeriajs/types").FilterReadonlyProperties<{
|
|
984
984
|
readonly httpStatus: {
|
|
985
|
-
readonly enum: [
|
|
985
|
+
readonly enum: [403, 404, 400];
|
|
986
986
|
};
|
|
987
987
|
readonly code: {
|
|
988
|
-
readonly enum: [
|
|
988
|
+
readonly enum: ["RESOURCE_NOT_FOUND", "OWNERSHIP_ERROR", "INSECURE_OPERATOR", "MALFORMED_INPUT"];
|
|
989
989
|
};
|
|
990
990
|
readonly message: {
|
|
991
991
|
readonly type: "string";
|
|
@@ -995,16 +995,16 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
995
995
|
readonly additionalProperties: true;
|
|
996
996
|
};
|
|
997
997
|
}>> & {
|
|
998
|
-
code:
|
|
999
|
-
httpStatus:
|
|
998
|
+
code: "RESOURCE_NOT_FOUND" | "INSECURE_OPERATOR" | "OWNERSHIP_ERROR" | "MALFORMED_INPUT";
|
|
999
|
+
httpStatus: 403 | 400 | 404;
|
|
1000
1000
|
message: string;
|
|
1001
1001
|
details: any;
|
|
1002
1002
|
}, never>, "code" | "httpStatus"> & Partial<{} & Omit<Readonly<import("@aeriajs/types").FilterReadonlyProperties<{
|
|
1003
1003
|
readonly httpStatus: {
|
|
1004
|
-
readonly enum: [
|
|
1004
|
+
readonly enum: [403, 404, 400];
|
|
1005
1005
|
};
|
|
1006
1006
|
readonly code: {
|
|
1007
|
-
readonly enum: [
|
|
1007
|
+
readonly enum: ["RESOURCE_NOT_FOUND", "OWNERSHIP_ERROR", "INSECURE_OPERATOR", "MALFORMED_INPUT"];
|
|
1008
1008
|
};
|
|
1009
1009
|
readonly message: {
|
|
1010
1010
|
readonly type: "string";
|
|
@@ -1014,16 +1014,16 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
1014
1014
|
readonly additionalProperties: true;
|
|
1015
1015
|
};
|
|
1016
1016
|
}>> & {
|
|
1017
|
-
code:
|
|
1018
|
-
httpStatus:
|
|
1017
|
+
code: "RESOURCE_NOT_FOUND" | "INSECURE_OPERATOR" | "OWNERSHIP_ERROR" | "MALFORMED_INPUT";
|
|
1018
|
+
httpStatus: 403 | 400 | 404;
|
|
1019
1019
|
message: string;
|
|
1020
1020
|
details: any;
|
|
1021
1021
|
}, never>>;
|
|
1022
1022
|
readonly result: undefined;
|
|
1023
1023
|
} | import("@aeriajs/types").Result.Error<{
|
|
1024
|
-
readonly code:
|
|
1024
|
+
readonly code: "USER_NOT_ACTIVE";
|
|
1025
1025
|
} & {
|
|
1026
|
-
httpStatus:
|
|
1026
|
+
httpStatus: 403;
|
|
1027
1027
|
}> | {
|
|
1028
1028
|
readonly _tag: "Result";
|
|
1029
1029
|
readonly error: undefined;
|
|
@@ -1036,25 +1036,25 @@ export declare const user: Omit<Collection<never>, "functions" | "description" |
|
|
|
1036
1036
|
userId?: string;
|
|
1037
1037
|
token?: string;
|
|
1038
1038
|
}, context: Omit<Context, "token">) => Promise<import("@aeriajs/types").Result.Error<{
|
|
1039
|
-
readonly code:
|
|
1039
|
+
readonly code: "INVALID_LINK";
|
|
1040
1040
|
} & {
|
|
1041
|
-
httpStatus:
|
|
1041
|
+
httpStatus: 404;
|
|
1042
1042
|
}> | import("@aeriajs/types").Result.Error<{
|
|
1043
|
-
readonly code:
|
|
1043
|
+
readonly code: "USER_NOT_FOUND";
|
|
1044
1044
|
} & {
|
|
1045
|
-
httpStatus:
|
|
1045
|
+
httpStatus: 404;
|
|
1046
1046
|
}> | import("@aeriajs/types").Result.Error<{
|
|
1047
|
-
readonly code:
|
|
1047
|
+
readonly code: "USER_NOT_ACTIVE";
|
|
1048
1048
|
} & {
|
|
1049
|
-
httpStatus:
|
|
1049
|
+
httpStatus: 403;
|
|
1050
1050
|
}> | import("@aeriajs/types").Result.Error<{
|
|
1051
|
-
readonly code:
|
|
1051
|
+
readonly code: "INVALID_TOKEN";
|
|
1052
1052
|
} & {
|
|
1053
|
-
httpStatus:
|
|
1053
|
+
httpStatus: 401;
|
|
1054
1054
|
}> | import("@aeriajs/types").Result.Error<{
|
|
1055
|
-
readonly code:
|
|
1055
|
+
readonly code: "MALFORMED_INPUT";
|
|
1056
1056
|
} & {
|
|
1057
|
-
httpStatus:
|
|
1057
|
+
httpStatus: 422;
|
|
1058
1058
|
}> | {
|
|
1059
1059
|
readonly _tag: "Result";
|
|
1060
1060
|
readonly error: undefined;
|
|
@@ -1,22 +1,21 @@
|
|
|
1
1
|
import type { Context, SchemaWithId, InsertPayload, Description } from '@aeriajs/types';
|
|
2
|
-
import { HTTPStatus, ACError } from '@aeriajs/types';
|
|
3
2
|
export declare const insert: <TDescription extends Description, TInsertPayload extends InsertPayload<SchemaWithId<TDescription>>>(payload: NoInfer<TInsertPayload>, context: Context<TDescription>) => Promise<import("@aeriajs/types").Result.Error<{
|
|
4
|
-
readonly code:
|
|
3
|
+
readonly code: "AUTHORIZATION_ERROR";
|
|
5
4
|
readonly message: "user is not allowed to edit other users roles";
|
|
6
5
|
} & {
|
|
7
|
-
httpStatus:
|
|
6
|
+
httpStatus: 403;
|
|
8
7
|
}> | import("@aeriajs/types").Result.Error<{
|
|
9
|
-
readonly code:
|
|
8
|
+
readonly code: "AUTHORIZATION_ERROR";
|
|
10
9
|
readonly message: "tried to set unallowed roles";
|
|
11
10
|
} & {
|
|
12
|
-
httpStatus:
|
|
11
|
+
httpStatus: 403;
|
|
13
12
|
}> | import("@aeriajs/types").Result.Error<{
|
|
14
|
-
readonly code:
|
|
13
|
+
readonly code: "RESOURCE_NOT_FOUND";
|
|
15
14
|
} & {
|
|
16
|
-
httpStatus:
|
|
15
|
+
httpStatus: 404;
|
|
17
16
|
}> | import("@aeriajs/types").Result.Error<{
|
|
18
|
-
readonly code:
|
|
19
|
-
readonly message: "tried to edit an user with a
|
|
17
|
+
readonly code: "AUTHORIZATION_ERROR";
|
|
18
|
+
readonly message: "tried to edit an user with a role higher in the hierarchy";
|
|
20
19
|
} & {
|
|
21
|
-
httpStatus:
|
|
20
|
+
httpStatus: 403;
|
|
22
21
|
}> | import("@aeriajs/types").InsertReturnType<SchemaWithId<TDescription>>>;
|
|
@@ -6,7 +6,10 @@ const common_1 = require("@aeriajs/common");
|
|
|
6
6
|
const core_1 = require("@aeriajs/core");
|
|
7
7
|
const bcrypt = require("bcrypt");
|
|
8
8
|
const isRoleAllowed = (targetRole, context) => {
|
|
9
|
-
if (!context.config.security.rolesHierarchy
|
|
9
|
+
if (!context.config.security.rolesHierarchy) {
|
|
10
|
+
return true;
|
|
11
|
+
}
|
|
12
|
+
if (!context.token.authenticated) {
|
|
10
13
|
throw new Error;
|
|
11
14
|
}
|
|
12
15
|
for (const role of context.token.roles) {
|
|
@@ -43,24 +46,23 @@ const insert = async (payload, context) => {
|
|
|
43
46
|
});
|
|
44
47
|
}
|
|
45
48
|
}
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
}
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
if ('_id' in payload.what && typeof payload.what._id === 'string') {
|
|
52
|
+
const user = await context.collections.user.model.findOne({
|
|
53
|
+
_id: new core_1.ObjectId(payload.what._id),
|
|
54
|
+
});
|
|
55
|
+
if (!user) {
|
|
56
|
+
return context.error(types_1.HTTPStatus.NotFound, {
|
|
57
|
+
code: types_1.ACError.ResourceNotFound,
|
|
58
|
+
});
|
|
59
|
+
}
|
|
60
|
+
const allowed = user.roles.every((role) => isRoleAllowed(role, context));
|
|
61
|
+
if (!allowed) {
|
|
62
|
+
return context.error(types_1.HTTPStatus.Forbidden, {
|
|
63
|
+
code: types_1.ACError.AuthorizationError,
|
|
64
|
+
message: 'tried to edit an user with a role higher in the hierarchy',
|
|
65
|
+
});
|
|
64
66
|
}
|
|
65
67
|
}
|
|
66
68
|
if ('password' in payload.what && typeof payload.what.password === 'string') {
|
|
@@ -4,7 +4,10 @@ import { arraysIntersect } from "@aeriajs/common";
|
|
|
4
4
|
import { ObjectId, insert as originalInsert } from "@aeriajs/core";
|
|
5
5
|
import * as bcrypt from "bcrypt";
|
|
6
6
|
const isRoleAllowed = (targetRole, context) => {
|
|
7
|
-
if (!context.config.security.rolesHierarchy
|
|
7
|
+
if (!context.config.security.rolesHierarchy) {
|
|
8
|
+
return true;
|
|
9
|
+
}
|
|
10
|
+
if (!context.token.authenticated) {
|
|
8
11
|
throw new Error();
|
|
9
12
|
}
|
|
10
13
|
for (const role of context.token.roles) {
|
|
@@ -41,24 +44,23 @@ export const insert = async (payload, context) => {
|
|
|
41
44
|
});
|
|
42
45
|
}
|
|
43
46
|
}
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
}
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
if ("_id" in payload.what && typeof payload.what._id === "string") {
|
|
50
|
+
const user = await context.collections.user.model.findOne({
|
|
51
|
+
_id: new ObjectId(payload.what._id)
|
|
52
|
+
});
|
|
53
|
+
if (!user) {
|
|
54
|
+
return context.error(HTTPStatus.NotFound, {
|
|
55
|
+
code: ACError.ResourceNotFound
|
|
56
|
+
});
|
|
57
|
+
}
|
|
58
|
+
const allowed = user.roles.every((role) => isRoleAllowed(role, context));
|
|
59
|
+
if (!allowed) {
|
|
60
|
+
return context.error(HTTPStatus.Forbidden, {
|
|
61
|
+
code: ACError.AuthorizationError,
|
|
62
|
+
message: "tried to edit an user with a role higher in the hierarchy"
|
|
63
|
+
});
|
|
62
64
|
}
|
|
63
65
|
}
|
|
64
66
|
if ("password" in payload.what && typeof payload.what.password === "string") {
|
|
@@ -1,37 +1,37 @@
|
|
|
1
1
|
import type { Context } from '@aeriajs/types';
|
|
2
2
|
import type { description } from './description.js';
|
|
3
3
|
import { ObjectId } from '@aeriajs/core';
|
|
4
|
-
import { Result
|
|
5
|
-
export declare
|
|
6
|
-
UserNotFound
|
|
7
|
-
UserNotActive
|
|
8
|
-
InvalidLink
|
|
9
|
-
InvalidToken
|
|
10
|
-
}
|
|
4
|
+
import { Result } from '@aeriajs/types';
|
|
5
|
+
export declare const ActivationError: {
|
|
6
|
+
readonly UserNotFound: "USER_NOT_FOUND";
|
|
7
|
+
readonly UserNotActive: "USER_NOT_ACTIVE";
|
|
8
|
+
readonly InvalidLink: "INVALID_LINK";
|
|
9
|
+
readonly InvalidToken: "INVALID_TOKEN";
|
|
10
|
+
};
|
|
11
11
|
export declare const redefinePassword: (payload: {
|
|
12
12
|
password?: string;
|
|
13
13
|
userId?: string;
|
|
14
14
|
token?: string;
|
|
15
15
|
}, context: Context<typeof description>) => Promise<Result.Error<{
|
|
16
|
-
readonly code:
|
|
16
|
+
readonly code: "INVALID_LINK";
|
|
17
17
|
} & {
|
|
18
|
-
httpStatus:
|
|
18
|
+
httpStatus: 404;
|
|
19
19
|
}> | Result.Error<{
|
|
20
|
-
readonly code:
|
|
20
|
+
readonly code: "USER_NOT_FOUND";
|
|
21
21
|
} & {
|
|
22
|
-
httpStatus:
|
|
22
|
+
httpStatus: 404;
|
|
23
23
|
}> | Result.Error<{
|
|
24
|
-
readonly code:
|
|
24
|
+
readonly code: "USER_NOT_ACTIVE";
|
|
25
25
|
} & {
|
|
26
|
-
httpStatus:
|
|
26
|
+
httpStatus: 403;
|
|
27
27
|
}> | Result.Error<{
|
|
28
|
-
readonly code:
|
|
28
|
+
readonly code: "INVALID_TOKEN";
|
|
29
29
|
} & {
|
|
30
|
-
httpStatus:
|
|
30
|
+
httpStatus: 401;
|
|
31
31
|
}> | Result.Error<{
|
|
32
|
-
readonly code:
|
|
32
|
+
readonly code: "MALFORMED_INPUT";
|
|
33
33
|
} & {
|
|
34
|
-
httpStatus:
|
|
34
|
+
httpStatus: 422;
|
|
35
35
|
}> | {
|
|
36
36
|
readonly _tag: "Result";
|
|
37
37
|
readonly error: undefined;
|
|
@@ -4,13 +4,12 @@ exports.redefinePassword = exports.ActivationError = void 0;
|
|
|
4
4
|
const core_1 = require("@aeriajs/core");
|
|
5
5
|
const types_1 = require("@aeriajs/types");
|
|
6
6
|
const bcrypt = require("bcrypt");
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
})(ActivationError || (exports.ActivationError = ActivationError = {}));
|
|
7
|
+
exports.ActivationError = {
|
|
8
|
+
UserNotFound: 'USER_NOT_FOUND',
|
|
9
|
+
UserNotActive: 'USER_NOT_ACTIVE',
|
|
10
|
+
InvalidLink: 'INVALID_LINK',
|
|
11
|
+
InvalidToken: 'INVALID_TOKEN',
|
|
12
|
+
};
|
|
14
13
|
const redefinePassword = async (payload, context) => {
|
|
15
14
|
const { userId, token, password, } = payload;
|
|
16
15
|
if (!context.config.secret) {
|
|
@@ -18,7 +17,7 @@ const redefinePassword = async (payload, context) => {
|
|
|
18
17
|
}
|
|
19
18
|
if (!userId || !token) {
|
|
20
19
|
return context.error(types_1.HTTPStatus.NotFound, {
|
|
21
|
-
code: ActivationError.InvalidLink,
|
|
20
|
+
code: exports.ActivationError.InvalidLink,
|
|
22
21
|
});
|
|
23
22
|
}
|
|
24
23
|
const user = await context.collection.model.findOne({
|
|
@@ -31,18 +30,18 @@ const redefinePassword = async (payload, context) => {
|
|
|
31
30
|
});
|
|
32
31
|
if (!user) {
|
|
33
32
|
return context.error(types_1.HTTPStatus.NotFound, {
|
|
34
|
-
code: ActivationError.UserNotFound,
|
|
33
|
+
code: exports.ActivationError.UserNotFound,
|
|
35
34
|
});
|
|
36
35
|
}
|
|
37
36
|
if (!user.active) {
|
|
38
37
|
return context.error(types_1.HTTPStatus.Forbidden, {
|
|
39
|
-
code: ActivationError.UserNotActive,
|
|
38
|
+
code: exports.ActivationError.UserNotActive,
|
|
40
39
|
});
|
|
41
40
|
}
|
|
42
41
|
const decoded = await (0, core_1.decodeToken)(token, context.config.secret);
|
|
43
42
|
if (!decoded) {
|
|
44
43
|
return context.error(types_1.HTTPStatus.Unauthorized, {
|
|
45
|
-
code: ActivationError.InvalidToken,
|
|
44
|
+
code: exports.ActivationError.InvalidToken,
|
|
46
45
|
});
|
|
47
46
|
}
|
|
48
47
|
if (!password) {
|