@aeriajs/security 0.0.162 → 0.0.163

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/dist/index.d.ts +1 -1
  2. package/dist/index.js +1 -1
  3. package/dist/index.mjs +1 -1
  4. package/dist/middleware/applyReadMiddlewares.d.ts +4 -0
  5. package/dist/middleware/applyReadMiddlewares.js +18 -0
  6. package/dist/middleware/applyReadMiddlewares.mjs +18 -0
  7. package/dist/middleware/applyWriteMiddlewares.d.ts +4 -0
  8. package/dist/middleware/applyWriteMiddlewares.js +18 -0
  9. package/dist/middleware/applyWriteMiddlewares.mjs +18 -0
  10. package/dist/middleware/define.d.ts +2 -0
  11. package/dist/middleware/define.js +7 -0
  12. package/dist/middleware/define.mjs +4 -0
  13. package/dist/middleware/index.d.ts +4 -0
  14. package/dist/middleware/index.js +20 -0
  15. package/dist/middleware/index.mjs +5 -0
  16. package/dist/middleware/iterableMiddlewares.d.ts +2 -0
  17. package/dist/{middleware.js → middleware/iterableMiddlewares.js} +5 -5
  18. package/dist/{middleware.mjs → middleware/iterableMiddlewares.mjs} +5 -5
  19. package/dist/middlewares/immutability.d.ts +3 -4
  20. package/dist/middlewares/immutability.js +16 -10
  21. package/dist/middlewares/immutability.mjs +16 -10
  22. package/dist/middlewares/ownership.d.ts +3 -4
  23. package/dist/middlewares/ownership.js +14 -10
  24. package/dist/middlewares/ownership.mjs +14 -10
  25. package/dist/middlewares/pagination.d.ts +2 -3
  26. package/dist/middlewares/pagination.js +15 -6
  27. package/dist/middlewares/pagination.mjs +16 -6
  28. package/dist/rateLimiting.d.ts +7 -61
  29. package/dist/use.d.ts +23 -5
  30. package/dist/use.js +18 -11
  31. package/dist/use.mjs +14 -7
  32. package/package.json +5 -5
  33. package/dist/middleware.d.ts +0 -2
  34. package/dist/types.d.ts +0 -9
  35. package/dist/types.js +0 -2
  36. package/dist/types.mjs +0 -1
package/dist/index.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  export * from './define.js';
2
- export * from './middleware.js';
2
+ export * from './middleware/index.js';
3
3
  export * from './middlewares/index.js';
4
4
  export * from './rateLimiting.js';
5
5
  export * from './use.js';
package/dist/index.js CHANGED
@@ -15,7 +15,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
15
15
  };
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
17
  __exportStar(require("./define.js"), exports);
18
- __exportStar(require("./middleware.js"), exports);
18
+ __exportStar(require("./middleware/index.js"), exports);
19
19
  __exportStar(require("./middlewares/index.js"), exports);
20
20
  __exportStar(require("./rateLimiting.js"), exports);
21
21
  __exportStar(require("./use.js"), exports);
package/dist/index.mjs CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  export * from "./define.mjs";
3
- export * from "./middleware.mjs";
3
+ export * from "./middleware/index.mjs";
4
4
  export * from "./middlewares/index.mjs";
5
5
  export * from "./rateLimiting.mjs";
6
6
  export * from "./use.mjs";
package/dist/middleware/applyReadMiddlewares.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ import type { Context, Collection, GetReturnType, GetAllReturnType, CountReturnType, CollectionReadPayload } from '@aeriajs/types';
2
+ export declare const applyReadMiddlewares: <TContext extends Context>(payload: CollectionReadPayload, context: TContext & {
3
+ collection: Collection;
4
+ }, fn: (p: typeof payload, context: Context) => Promise<GetReturnType<unknown> | GetAllReturnType<unknown> | CountReturnType>) => Promise<import("@aeriajs/types").Result.Either<any, any>>;
package/dist/middleware/applyReadMiddlewares.js ADDED
@@ -0,0 +1,18 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.applyReadMiddlewares = void 0;
4
+ const iterableMiddlewares_js_1 = require("./iterableMiddlewares.js");
5
+ const applyReadMiddlewares = (payload, context, fn) => {
6
+ if (context.collection.middlewares) {
7
+ if (Array.isArray(context.collection.middlewares)) {
8
+ const readMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeRead).filter((fn) => !!fn);
9
+ const start = (0, iterableMiddlewares_js_1.iterableMiddlewares)(readMiddlewares, fn);
10
+ return start(payload, context);
11
+ }
12
+ if (context.collection.middlewares.beforeRead) {
13
+ return context.collection.middlewares.beforeRead(payload, context, fn);
14
+ }
15
+ }
16
+ return fn(payload, context);
17
+ };
18
+ exports.applyReadMiddlewares = applyReadMiddlewares;
package/dist/middleware/applyReadMiddlewares.mjs ADDED
@@ -0,0 +1,18 @@
1
+ "use strict";
2
+ import { iterableMiddlewares } from "./iterableMiddlewares.mjs";
3
+ export const applyReadMiddlewares = (payload, context, fn) => {
4
+ if (context.collection.middlewares) {
5
+ if (Array.isArray(context.collection.middlewares)) {
6
+ const readMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeRead).filter((fn2) => !!fn2);
7
+ const start = iterableMiddlewares(
8
+ readMiddlewares,
9
+ fn
10
+ );
11
+ return start(payload, context);
12
+ }
13
+ if (context.collection.middlewares.beforeRead) {
14
+ return context.collection.middlewares.beforeRead(payload, context, fn);
15
+ }
16
+ }
17
+ return fn(payload, context);
18
+ };
package/dist/middleware/applyWriteMiddlewares.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ import type { Context, Collection, CollectionWritePayload, InsertReturnType } from '@aeriajs/types';
2
+ export declare const applyWriteMiddlewares: <TDocument, TContext extends Context>(payload: CollectionWritePayload, context: TContext & {
3
+ collection: Collection;
4
+ }, fn: (p: typeof payload, context: Context) => Promise<InsertReturnType<TDocument>>) => Promise<import("@aeriajs/types").Result.Either<any, any>>;
package/dist/middleware/applyWriteMiddlewares.js ADDED
@@ -0,0 +1,18 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.applyWriteMiddlewares = void 0;
4
+ const iterableMiddlewares_js_1 = require("./iterableMiddlewares.js");
5
+ const applyWriteMiddlewares = (payload, context, fn) => {
6
+ if (context.collection.middlewares) {
7
+ if (Array.isArray(context.collection.middlewares)) {
8
+ const writeMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeWrite).filter((fn) => !!fn);
9
+ const start = (0, iterableMiddlewares_js_1.iterableMiddlewares)(writeMiddlewares, fn);
10
+ return start(payload, context);
11
+ }
12
+ if (context.collection.middlewares.beforeWrite) {
13
+ return context.collection.middlewares.beforeWrite(payload, context, fn);
14
+ }
15
+ }
16
+ return fn(payload, context);
17
+ };
18
+ exports.applyWriteMiddlewares = applyWriteMiddlewares;
package/dist/middleware/applyWriteMiddlewares.mjs ADDED
@@ -0,0 +1,18 @@
1
+ "use strict";
2
+ import { iterableMiddlewares } from "./iterableMiddlewares.mjs";
3
+ export const applyWriteMiddlewares = (payload, context, fn) => {
4
+ if (context.collection.middlewares) {
5
+ if (Array.isArray(context.collection.middlewares)) {
6
+ const writeMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeWrite).filter((fn2) => !!fn2);
7
+ const start = iterableMiddlewares(
8
+ writeMiddlewares,
9
+ fn
10
+ );
11
+ return start(payload, context);
12
+ }
13
+ if (context.collection.middlewares.beforeWrite) {
14
+ return context.collection.middlewares.beforeWrite(payload, context, fn);
15
+ }
16
+ }
17
+ return fn(payload, context);
18
+ };
package/dist/middleware/define.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { CollectionMiddleware } from '@aeriajs/types';
2
+ export declare const defineCollectionMiddleware: <TCollectionMiddleware extends CollectionMiddleware<unknown>>(middleware: TCollectionMiddleware) => TCollectionMiddleware;
package/dist/middleware/define.js ADDED
@@ -0,0 +1,7 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.defineCollectionMiddleware = void 0;
4
+ const defineCollectionMiddleware = (middleware) => {
5
+ return middleware;
6
+ };
7
+ exports.defineCollectionMiddleware = defineCollectionMiddleware;
package/dist/middleware/define.mjs ADDED
@@ -0,0 +1,4 @@
1
+ "use strict";
2
+ export const defineCollectionMiddleware = (middleware) => {
3
+ return middleware;
4
+ };
package/dist/middleware/index.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ export * from './define.js';
2
+ export * from './iterableMiddlewares.js';
3
+ export * from './applyReadMiddlewares.js';
4
+ export * from './applyWriteMiddlewares.js';
package/dist/middleware/index.js ADDED
@@ -0,0 +1,20 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
+ for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
+ };
16
+ Object.defineProperty(exports, "__esModule", { value: true });
17
+ __exportStar(require("./define.js"), exports);
18
+ __exportStar(require("./iterableMiddlewares.js"), exports);
19
+ __exportStar(require("./applyReadMiddlewares.js"), exports);
20
+ __exportStar(require("./applyWriteMiddlewares.js"), exports);
package/dist/middleware/index.mjs ADDED
@@ -0,0 +1,5 @@
1
+ "use strict";
2
+ export * from "./define.mjs";
3
+ export * from "./iterableMiddlewares.mjs";
4
+ export * from "./applyReadMiddlewares.mjs";
5
+ export * from "./applyWriteMiddlewares.mjs";
package/dist/middleware/iterableMiddlewares.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { Middleware, MiddlewareNext, GenericMiddlewareNext, Context } from '@aeriajs/types';
2
+ export declare const iterableMiddlewares: <TPayload, TReturn, TReturnNext extends GenericMiddlewareNext<TPayload, TReturn> = MiddlewareNext>(middlewares: Middleware<TPayload, TReturn, TReturnNext>[], end?: (payload: TPayload, _context: Context) => any) => (payload: TPayload, context: Context) => TReturn;
package/dist/{middleware.js → middleware/iterableMiddlewares.js} RENAMED
@@ -1,19 +1,19 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.iterableMiddlewares = void 0;
4
- const iterableMiddlewares = function (middlewares, end = (_, initial) => initial) {
4
+ const iterableMiddlewares = function (middlewares, end = (payload, _context) => payload) {
5
5
  const [first, ...subsequent] = middlewares;
6
6
  const it = function* () {
7
7
  for (const middleware of subsequent.concat([end])) {
8
- yield (payload, initial, context) => {
8
+ yield (payload, context) => {
9
9
  const { value: next } = it.next();
10
- return middleware(payload, initial, context, next);
10
+ return middleware(Object.assign({}, payload), context, next);
11
11
  };
12
12
  }
13
13
  }();
14
- return (payload, initial, context) => {
14
+ return (payload, context) => {
15
15
  const { value: next } = it.next();
16
- return first(payload, initial, context, next);
16
+ return first(Object.assign({}, payload), context, next);
17
17
  };
18
18
  };
19
19
  exports.iterableMiddlewares = iterableMiddlewares;
package/dist/{middleware.mjs → middleware/iterableMiddlewares.mjs} RENAMED
@@ -1,16 +1,16 @@
1
1
  "use strict";
2
- export const iterableMiddlewares = function(middlewares, end = (_, initial) => initial) {
2
+ export const iterableMiddlewares = function(middlewares, end = (payload, _context) => payload) {
3
3
  const [first, ...subsequent] = middlewares;
4
4
  const it = function* () {
5
5
  for (const middleware of subsequent.concat([end])) {
6
- yield (payload, initial, context) => {
6
+ yield (payload, context) => {
7
7
  const { value: next } = it.next();
8
- return middleware(payload, initial, context, next);
8
+ return middleware(Object.assign({}, payload), context, next);
9
9
  };
10
10
  }
11
11
  }();
12
- return (payload, initial, context) => {
12
+ return (payload, context) => {
13
13
  const { value: next } = it.next();
14
- return first(payload, initial, context, next);
14
+ return first(Object.assign({}, payload), context, next);
15
15
  };
16
16
  };
package/dist/middlewares/immutability.d.ts CHANGED
@@ -1,12 +1,11 @@
1
- import type { Context, CollectionHookProps, GenericMiddlewareNext } from '@aeriajs/types';
2
- import type { CollectionHookReadPayload, CollectionHookWritePayload } from '../types.js';
1
+ import type { Context, CollectionProps, GenericMiddlewareNext, CollectionReadPayload, CollectionWritePayload } from '@aeriajs/types';
3
2
  import { Result, ACError } from '@aeriajs/types';
4
- export declare const checkImmutabilityRead: <T extends CollectionHookReadPayload>(props: CollectionHookProps<T>, initial: Result.Either<unknown, T>, context: Context, next: GenericMiddlewareNext<Result.Result<T>, CollectionHookProps<T>>) => Promise<Result.Result<T> | {
3
+ export declare const checkImmutabilityRead: <T extends CollectionReadPayload>(props: Result.Result<CollectionProps<T>>, context: Context, next: GenericMiddlewareNext<typeof props, typeof props>) => Promise<Result.Result<CollectionProps<T>> | {
5
4
  readonly _tag: "Error";
6
5
  readonly error: ACError.TargetImmutable | ACError.ResourceNotFound;
7
6
  readonly result: undefined;
8
7
  }>;
9
- export declare const checkImmutabilityWrite: <T extends CollectionHookWritePayload>(props: CollectionHookProps<T>, initial: Result.Either<unknown, T>, context: Context, next: GenericMiddlewareNext<Result.Result<T>, CollectionHookProps<T>>) => Promise<Result.Result<T> | {
8
+ export declare const checkImmutabilityWrite: <T extends CollectionWritePayload>(props: Result.Result<CollectionProps<T>>, context: Context, next: GenericMiddlewareNext<typeof props, typeof props>) => Promise<Result.Result<CollectionProps<T>> | {
10
9
  readonly _tag: "Error";
11
10
  readonly error: ACError.TargetImmutable | ACError.ResourceNotFound;
12
11
  readonly result: undefined;
package/dist/middlewares/immutability.js CHANGED
@@ -1,8 +1,8 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.checkImmutabilityWrite = exports.checkImmutabilityRead = void 0;
4
+ const mongodb_1 = require("mongodb");
4
5
  const types_1 = require("@aeriajs/types");
5
- const common_1 = require("@aeriajs/common");
6
6
  const checkImmutability = async (docId, props, context) => {
7
7
  if (!context.description.immutable) {
8
8
  return types_1.Result.result(props.payload);
@@ -10,7 +10,7 @@ const checkImmutability = async (docId, props, context) => {
10
10
  if (docId) {
11
11
  if (typeof context.description.immutable === 'function') {
12
12
  const doc = await context.collection.model.findOne({
13
- _id: docId,
13
+ _id: new mongodb_1.ObjectId(docId),
14
14
  });
15
15
  if (!doc) {
16
16
  return types_1.Result.error(types_1.ACError.ResourceNotFound);
@@ -24,21 +24,27 @@ const checkImmutability = async (docId, props, context) => {
24
24
  }
25
25
  return types_1.Result.result(props.payload);
26
26
  };
27
- const checkImmutabilityRead = async (props, initial, context, next) => {
28
- const originalPayload = (0, common_1.throwIfError)(initial);
29
- const { result: payload, error } = await checkImmutability(originalPayload.filters._id, props, context);
27
+ const checkImmutabilityRead = async (props, context, next) => {
28
+ const { payload: originalPayload } = props.result;
29
+ const { result: payload, error } = await checkImmutability(originalPayload.filters._id, props.result, context);
30
30
  if (error) {
31
31
  return types_1.Result.error(error);
32
32
  }
33
- return next(payload, types_1.Result.result(payload), context);
33
+ return next(types_1.Result.result({
34
+ ...props.result,
35
+ payload,
36
+ }), context);
34
37
  };
35
38
  exports.checkImmutabilityRead = checkImmutabilityRead;
36
- const checkImmutabilityWrite = async (props, initial, context, next) => {
37
- const originalPayload = (0, common_1.throwIfError)(initial);
38
- const { result: payload, error } = await checkImmutability(originalPayload.what._id, props, context);
39
+ const checkImmutabilityWrite = async (props, context, next) => {
40
+ const { payload: originalPayload } = props.result;
41
+ const { result: payload, error } = await checkImmutability(originalPayload.what._id, props.result, context);
39
42
  if (error) {
40
43
  return types_1.Result.error(error);
41
44
  }
42
- return next(payload, types_1.Result.result(payload), context);
45
+ return next(types_1.Result.result({
46
+ ...props.result,
47
+ payload,
48
+ }), context);
43
49
  };
44
50
  exports.checkImmutabilityWrite = checkImmutabilityWrite;
package/dist/middlewares/immutability.mjs CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
+ import { ObjectId } from "mongodb";
2
3
  import { Result, ACError } from "@aeriajs/types";
3
- import { throwIfError } from "@aeriajs/common";
4
4
  const checkImmutability = async (docId, props, context) => {
5
5
  if (!context.description.immutable) {
6
6
  return Result.result(props.payload);
@@ -8,7 +8,7 @@ const checkImmutability = async (docId, props, context) => {
8
8
  if (docId) {
9
9
  if (typeof context.description.immutable === "function") {
10
10
  const doc = await context.collection.model.findOne({
11
- _id: docId
11
+ _id: new ObjectId(docId)
12
12
  });
13
13
  if (!doc) {
14
14
  return Result.error(ACError.ResourceNotFound);
@@ -20,19 +20,25 @@ const checkImmutability = async (docId, props, context) => {
20
20
  }
21
21
  return Result.result(props.payload);
22
22
  };
23
- export const checkImmutabilityRead = async (props, initial, context, next) => {
24
- const originalPayload = throwIfError(initial);
25
- const { result: payload, error } = await checkImmutability(originalPayload.filters._id, props, context);
23
+ export const checkImmutabilityRead = async (props, context, next) => {
24
+ const { payload: originalPayload } = props.result;
25
+ const { result: payload, error } = await checkImmutability(originalPayload.filters._id, props.result, context);
26
26
  if (error) {
27
27
  return Result.error(error);
28
28
  }
29
- return next(payload, Result.result(payload), context);
29
+ return next(Result.result({
30
+ ...props.result,
31
+ payload
32
+ }), context);
30
33
  };
31
- export const checkImmutabilityWrite = async (props, initial, context, next) => {
32
- const originalPayload = throwIfError(initial);
33
- const { result: payload, error } = await checkImmutability(originalPayload.what._id, props, context);
34
+ export const checkImmutabilityWrite = async (props, context, next) => {
35
+ const { payload: originalPayload } = props.result;
36
+ const { result: payload, error } = await checkImmutability(originalPayload.what._id, props.result, context);
34
37
  if (error) {
35
38
  return Result.error(error);
36
39
  }
37
- return next(payload, Result.result(payload), context);
40
+ return next(Result.result({
41
+ ...props.result,
42
+ payload
43
+ }), context);
38
44
  };
package/dist/middlewares/ownership.d.ts CHANGED
@@ -1,8 +1,7 @@
1
- import type { GenericMiddlewareNext, Context, CollectionHookProps } from '@aeriajs/types';
2
- import type { CollectionHookReadPayload, CollectionHookWritePayload } from '../types.js';
1
+ import type { GenericMiddlewareNext, Context, CollectionProps, CollectionReadPayload, CollectionWritePayload } from '@aeriajs/types';
3
2
  import { Result, ACError } from '@aeriajs/types';
4
- export declare const checkOwnershipRead: <T extends CollectionHookReadPayload>(props: CollectionHookProps<T>, initial: Result.Either<unknown, T>, context: Context, next: GenericMiddlewareNext<Result.Result<T>, CollectionHookProps<T>>) => Promise<Result.Result<T>>;
5
- export declare const checkOwnershipWrite: <T extends CollectionHookWritePayload>(props: CollectionHookProps<T>, initial: Result.Either<unknown, T>, context: Context, next: GenericMiddlewareNext<Result.Result<T>, CollectionHookProps<T>>) => Promise<Result.Result<T> | {
3
+ export declare const checkOwnershipRead: <T extends CollectionReadPayload>(props: Result.Result<CollectionProps<T>>, context: Context, next: GenericMiddlewareNext<typeof props, typeof props>) => Promise<Result.Result<CollectionProps<T>>>;
4
+ export declare const checkOwnershipWrite: <T extends CollectionWritePayload>(props: Result.Result<CollectionProps<T>>, context: Context, next: GenericMiddlewareNext<typeof props, typeof props>) => Promise<Result.Result<CollectionProps<T>> | {
6
5
  readonly _tag: "Error";
7
6
  readonly error: ACError.OwnershipError;
8
7
  readonly result: undefined;
package/dist/middlewares/ownership.js CHANGED
@@ -2,33 +2,37 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.checkOwnershipWrite = exports.checkOwnershipRead = void 0;
4
4
  const types_1 = require("@aeriajs/types");
5
- const common_1 = require("@aeriajs/common");
6
- const checkOwnershipRead = async (props, initial, context, next) => {
5
+ const checkOwnershipRead = async (props, context, next) => {
7
6
  const { token, description } = context;
8
- const payload = (0, common_1.throwIfError)(initial);
9
- if (token.authenticated && description.owned) {
7
+ const { payload } = props.result;
8
+ if (token.authenticated && description.owned && description.owned !== 'on-write') {
10
9
  if (!token.roles.includes('root')) {
11
10
  payload.filters.owner = token.sub;
12
11
  }
13
12
  }
14
- return next(props, types_1.Result.result(payload), context);
13
+ return next(types_1.Result.result({
14
+ ...props.result,
15
+ payload,
16
+ }), context);
15
17
  };
16
18
  exports.checkOwnershipRead = checkOwnershipRead;
17
- const checkOwnershipWrite = async (props, initial, context, next) => {
19
+ const checkOwnershipWrite = async (props, context, next) => {
18
20
  const { token, description } = context;
19
- const { parentId } = props;
20
- const payload = (0, common_1.throwIfError)(initial);
21
+ const { payload, parentId } = props.result;
21
22
  if (token.authenticated && description.owned) {
22
23
  if (!payload.what._id || description.owned === 'always') {
23
24
  payload.what.owner = token.sub;
24
25
  }
25
26
  else {
26
- return next(props, types_1.Result.result(payload), context);
27
+ return next(props, context);
27
28
  }
28
29
  }
29
30
  if ((!payload.what.owner && !parentId) && context.description.owned) {
30
31
  return types_1.Result.error(types_1.ACError.OwnershipError);
31
32
  }
32
- return next(props, types_1.Result.result(payload), context);
33
+ return next(types_1.Result.result({
34
+ ...props.result,
35
+ payload,
36
+ }), context);
33
37
  };
34
38
  exports.checkOwnershipWrite = checkOwnershipWrite;
package/dist/middlewares/ownership.mjs CHANGED
@@ -1,29 +1,33 @@
1
1
  "use strict";
2
2
  import { Result, ACError } from "@aeriajs/types";
3
- import { throwIfError } from "@aeriajs/common";
4
- export const checkOwnershipRead = async (props, initial, context, next) => {
3
+ export const checkOwnershipRead = async (props, context, next) => {
5
4
  const { token, description } = context;
6
- const payload = throwIfError(initial);
7
- if (token.authenticated && description.owned) {
5
+ const { payload } = props.result;
6
+ if (token.authenticated && description.owned && description.owned !== "on-write") {
8
7
  if (!token.roles.includes("root")) {
9
8
  payload.filters.owner = token.sub;
10
9
  }
11
10
  }
12
- return next(props, Result.result(payload), context);
11
+ return next(Result.result({
12
+ ...props.result,
13
+ payload
14
+ }), context);
13
15
  };
14
- export const checkOwnershipWrite = async (props, initial, context, next) => {
16
+ export const checkOwnershipWrite = async (props, context, next) => {
15
17
  const { token, description } = context;
16
- const { parentId } = props;
17
- const payload = throwIfError(initial);
18
+ const { payload, parentId } = props.result;
18
19
  if (token.authenticated && description.owned) {
19
20
  if (!payload.what._id || description.owned === "always") {
20
21
  payload.what.owner = token.sub;
21
22
  } else {
22
- return next(props, Result.result(payload), context);
23
+ return next(props, context);
23
24
  }
24
25
  }
25
26
  if (!payload.what.owner && !parentId && context.description.owned) {
26
27
  return Result.error(ACError.OwnershipError);
27
28
  }
28
- return next(props, Result.result(payload), context);
29
+ return next(Result.result({
30
+ ...props.result,
31
+ payload
32
+ }), context);
29
33
  };
package/dist/middlewares/pagination.d.ts CHANGED
@@ -1,7 +1,6 @@
1
- import type { CollectionHookProps, GenericMiddlewareNext, Context } from '@aeriajs/types';
2
- import type { CollectionHookReadPayload } from '../types.js';
1
+ import type { CollectionProps, GenericMiddlewareNext, Context, CollectionReadPayload } from '@aeriajs/types';
3
2
  import { Result, ACError } from '@aeriajs/types';
4
- export declare const checkPagination: <T extends CollectionHookReadPayload>(props: CollectionHookProps<T>, initial: Result.Either<unknown, T>, context: Context, next: GenericMiddlewareNext<Result.Result<T>, CollectionHookProps<T>>) => Promise<Result.Result<T> | {
3
+ export declare const checkPagination: <T extends CollectionReadPayload>(props: Result.Result<CollectionProps<T>>, context: Context, next: GenericMiddlewareNext<typeof props, typeof props>) => Promise<Result.Result<CollectionProps<T>> | {
5
4
  readonly _tag: "Error";
6
5
  readonly error: ACError.InvalidLimit;
7
6
  readonly result: undefined;
package/dist/middlewares/pagination.js CHANGED
@@ -2,14 +2,23 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.checkPagination = void 0;
4
4
  const types_1 = require("@aeriajs/types");
5
- const common_1 = require("@aeriajs/common");
6
- const checkPagination = async (props, initial, context, next) => {
7
- const payload = (0, common_1.throwIfError)(initial);
8
- if (payload.limit) {
9
- if (payload.limit <= 0 || payload.limit > 150) {
5
+ const checkPagination = async (props, context, next) => {
6
+ const { payload } = props.result;
7
+ switch (typeof payload.limit) {
8
+ case 'undefined': break;
9
+ case 'number': {
10
+ if (payload.limit <= 0) {
11
+ return types_1.Result.error(types_1.ACError.InvalidLimit);
12
+ }
13
+ if (context.config.security.paginationLimit && payload.limit > context.config.security.paginationLimit) {
14
+ return types_1.Result.error(types_1.ACError.InvalidLimit);
15
+ }
16
+ break;
17
+ }
18
+ default: {
10
19
  return types_1.Result.error(types_1.ACError.InvalidLimit);
11
20
  }
12
21
  }
13
- return next(props, types_1.Result.result(payload), context);
22
+ return next(props, context);
14
23
  };
15
24
  exports.checkPagination = checkPagination;
package/dist/middlewares/pagination.mjs CHANGED
@@ -1,12 +1,22 @@
1
1
  "use strict";
2
2
  import { Result, ACError } from "@aeriajs/types";
3
- import { throwIfError } from "@aeriajs/common";
4
- export const checkPagination = async (props, initial, context, next) => {
5
- const payload = throwIfError(initial);
6
- if (payload.limit) {
7
- if (payload.limit <= 0 || payload.limit > 150) {
3
+ export const checkPagination = async (props, context, next) => {
4
+ const { payload } = props.result;
5
+ switch (typeof payload.limit) {
6
+ case "undefined":
7
+ break;
8
+ case "number": {
9
+ if (payload.limit <= 0) {
10
+ return Result.error(ACError.InvalidLimit);
11
+ }
12
+ if (context.config.security.paginationLimit && payload.limit > context.config.security.paginationLimit) {
13
+ return Result.error(ACError.InvalidLimit);
14
+ }
15
+ break;
16
+ }
17
+ default: {
8
18
  return Result.error(ACError.InvalidLimit);
9
19
  }
10
20
  }
11
- return next(props, Result.result(payload), context);
21
+ return next(props, context);
12
22
  };
package/dist/rateLimiting.d.ts CHANGED
@@ -1,66 +1,12 @@
1
1
  import type { RouteContext, RateLimitingParams } from '@aeriajs/types';
2
2
  import { Result, HTTPStatus, RateLimitingError } from '@aeriajs/types';
3
- export declare const getOrCreateUsageEntry: (params: RateLimitingParams, context: RouteContext) => Promise<import("@aeriajs/types").WithId<Omit<import("@aeriajs/types").PackReferences<import("@aeriajs/types").SchemaWithId<{
4
- readonly $id: "resourceUsage";
5
- readonly icon: "wrench";
6
- readonly required: readonly ["usage"];
7
- readonly properties: {
8
- readonly user: {
9
- readonly $ref: "user";
10
- };
11
- readonly address: {
12
- readonly type: "string";
13
- };
14
- readonly usage: {
15
- readonly type: "object";
16
- readonly additionalProperties: {
17
- readonly type: "object";
18
- readonly properties: {
19
- readonly hits: {
20
- readonly type: "integer";
21
- };
22
- readonly points: {
23
- readonly type: "integer";
24
- };
25
- readonly last_reach: {
26
- readonly type: "string";
27
- readonly format: "date-time";
28
- };
29
- readonly last_maximum_reach: {
30
- readonly type: "string";
31
- readonly format: "date-time";
32
- };
33
- };
34
- };
35
- };
36
- };
37
- }>>, "_id">>>;
38
- export declare const limitRate: (params: RateLimitingParams, context: RouteContext) => Promise<Result.Error<{
3
+ export declare const getOrCreateUsageEntry: (params: RateLimitingParams, context: RouteContext) => Promise<import("@aeriajs/types").WithId<Omit<import("@aeriajs/types").PackReferences<import("@aeriajs/types").SchemaWithId<import("@aeriajs/types").Description>>, "_id">>>;
4
+ export declare const limitRate: (params: RateLimitingParams, context: RouteContext) => Promise<{
5
+ readonly _tag: "Result";
6
+ readonly error: undefined;
7
+ readonly result: any;
8
+ } | Result.Error<{
39
9
  readonly code: RateLimitingError.LimitReached;
40
10
  } & {
41
11
  httpStatus: HTTPStatus.TooManyRequests;
42
- }> | {
43
- readonly _tag: "Result";
44
- readonly error: undefined;
45
- readonly result: import("@aeriajs/types").PackReferences<{} & Omit<Readonly<import("@aeriajs/types").FilterReadonlyProperties<{
46
- readonly hits: {
47
- readonly type: "integer";
48
- };
49
- readonly points: {
50
- readonly type: "integer";
51
- };
52
- readonly last_reach: {
53
- readonly type: "string";
54
- readonly format: "date-time";
55
- };
56
- readonly last_maximum_reach: {
57
- readonly type: "string";
58
- readonly format: "date-time";
59
- };
60
- }>> & {
61
- hits: number;
62
- points: number;
63
- last_reach: Date;
64
- last_maximum_reach: Date;
65
- }, never>>;
66
- }>;
12
+ }>>;
package/dist/use.d.ts CHANGED
@@ -1,7 +1,25 @@
1
- import type { Context, Description, ACError } from '@aeriajs/types';
2
- import type { CollectionHookReadPayload, CollectionHookWritePayload } from './types.js';
3
- import { Result } from '@aeriajs/types';
1
+ import type { Context, Description, ACError, CollectionReadPayload, CollectionWritePayload } from '@aeriajs/types';
4
2
  export declare const useSecurity: <TDescription extends Description>(context: Context<TDescription>) => {
5
- secureReadPayload: <TPayload extends Partial<CollectionHookReadPayload>>(payload?: TPayload) => Promise<Result.Either<ACError.InvalidLimit | ACError.OwnershipError, TPayload & CollectionHookReadPayload>>;
6
- secureWritePayload: <TPayload extends CollectionHookWritePayload>(payload?: TPayload) => Promise<Result.Either<ACError.TargetImmutable | ACError.OwnershipError | ACError.ResourceNotFound, TPayload>>;
3
+ secureReadPayload: <TPayload extends Partial<CollectionReadPayload>>(payload?: TPayload) => Promise<{
4
+ readonly _tag: "Error";
5
+ readonly error: ACError.InvalidLimit | ACError.OwnershipError;
6
+ readonly result: undefined;
7
+ } | {
8
+ readonly _tag: "Result";
9
+ readonly error: undefined;
10
+ readonly result: {
11
+ filters: {};
12
+ } & TPayload;
13
+ }>;
14
+ secureWritePayload: <TPayload extends CollectionWritePayload>(payload?: TPayload) => Promise<{
15
+ readonly _tag: "Error";
16
+ readonly error: ACError.TargetImmutable | ACError.OwnershipError | ACError.ResourceNotFound;
17
+ readonly result: undefined;
18
+ } | {
19
+ readonly _tag: "Result";
20
+ readonly error: undefined;
21
+ readonly result: {
22
+ what: {};
23
+ } & TPayload;
24
+ }>;
7
25
  };
package/dist/use.js CHANGED
@@ -2,8 +2,8 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.useSecurity = void 0;
4
4
  const types_1 = require("@aeriajs/types");
5
- const middleware_js_1 = require("./middleware.js");
6
- const index_js_1 = require("./middlewares/index.js");
5
+ const index_js_1 = require("./middleware/index.js");
6
+ const index_js_2 = require("./middlewares/index.js");
7
7
  const useSecurity = (context) => {
8
8
  const secureReadPayload = async (payload) => {
9
9
  const newPayload = Object.assign({
@@ -12,12 +12,15 @@ const useSecurity = (context) => {
12
12
  const props = {
13
13
  payload: newPayload,
14
14
  };
15
- const middlewares = [index_js_1.checkPagination];
16
- if (context.description.owned !== 'on-write') {
17
- middlewares.push(index_js_1.checkOwnershipRead);
15
+ const start = (0, index_js_1.iterableMiddlewares)([
16
+ index_js_2.checkPagination,
17
+ index_js_2.checkOwnershipRead,
18
+ ]);
19
+ const { error, result } = await start(types_1.Result.result(props), context);
20
+ if (error) {
21
+ return types_1.Result.error(error);
18
22
  }
19
- const start = (0, middleware_js_1.iterableMiddlewares)(middlewares);
20
- return start(props, types_1.Result.result(newPayload), context);
23
+ return types_1.Result.result(result.payload);
21
24
  };
22
25
  const secureWritePayload = async (payload) => {
23
26
  const newPayload = Object.assign({
@@ -26,11 +29,15 @@ const useSecurity = (context) => {
26
29
  const props = {
27
30
  payload: newPayload,
28
31
  };
29
- const start = (0, middleware_js_1.iterableMiddlewares)([
30
- index_js_1.checkOwnershipWrite,
31
- index_js_1.checkImmutabilityWrite,
32
+ const start = (0, index_js_1.iterableMiddlewares)([
33
+ index_js_2.checkOwnershipWrite,
34
+ index_js_2.checkImmutabilityWrite,
32
35
  ]);
33
- return start(props, types_1.Result.result(newPayload), context);
36
+ const { error, result } = await start(types_1.Result.result(props), context);
37
+ if (error) {
38
+ return types_1.Result.error(error);
39
+ }
40
+ return types_1.Result.result(result.payload);
34
41
  };
35
42
  return {
36
43
  secureReadPayload,
package/dist/use.mjs CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  import { Result } from "@aeriajs/types";
3
- import { iterableMiddlewares } from "./middleware.mjs";
3
+ import { iterableMiddlewares } from "./middleware/index.mjs";
4
4
  import {
5
5
  checkImmutabilityWrite,
6
6
  checkOwnershipRead,
@@ -15,12 +15,15 @@ export const useSecurity = (context) => {
15
15
  const props = {
16
16
  payload: newPayload
17
17
  };
18
- const middlewares = [checkPagination];
19
- if (context.description.owned !== "on-write") {
20
- middlewares.push(checkOwnershipRead);
18
+ const start = iterableMiddlewares([
19
+ checkPagination,
20
+ checkOwnershipRead
21
+ ]);
22
+ const { error, result } = await start(Result.result(props), context);
23
+ if (error) {
24
+ return Result.error(error);
21
25
  }
22
- const start = iterableMiddlewares(middlewares);
23
- return start(props, Result.result(newPayload), context);
26
+ return Result.result(result.payload);
24
27
  };
25
28
  const secureWritePayload = async (payload) => {
26
29
  const newPayload = Object.assign({
@@ -33,7 +36,11 @@ export const useSecurity = (context) => {
33
36
  checkOwnershipWrite,
34
37
  checkImmutabilityWrite
35
38
  ]);
36
- return start(props, Result.result(newPayload), context);
39
+ const { error, result } = await start(Result.result(props), context);
40
+ if (error) {
41
+ return Result.error(error);
42
+ }
43
+ return Result.result(result.payload);
37
44
  };
38
45
  return {
39
46
  secureReadPayload,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aeriajs/security",
3
- "version": "0.0.162",
3
+ "version": "0.0.163",
4
4
  "description": "",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.mjs",
@@ -28,13 +28,13 @@
28
28
  "mongodb": "^6.5.0"
29
29
  },
30
30
  "peerDependencies": {
31
- "@aeriajs/core": "^0.0.162",
32
- "@aeriajs/common": "^0.0.98",
33
- "@aeriajs/types": "^0.0.84",
31
+ "@aeriajs/core": "^0.0.163",
32
+ "@aeriajs/common": "^0.0.99",
33
+ "@aeriajs/types": "^0.0.85",
34
34
  "mongodb": "^6.5.0"
35
35
  },
36
36
  "scripts": {
37
- "test": "echo skipping",
37
+ "test": "vitest run",
38
38
  "lint": "eslint src",
39
39
  "lint:fix": "eslint src --fix",
40
40
  "build": "pnpm build:cjs && pnpm build:esm",
package/dist/middleware.d.ts DELETED
@@ -1,2 +0,0 @@
1
- import type { Middleware, MiddlewareNext, GenericMiddlewareNext, Context } from '@aeriajs/types';
2
- export declare const iterableMiddlewares: <TReturn, TPayload, TReturnNext extends GenericMiddlewareNext<TReturn, TPayload> = MiddlewareNext>(middlewares: Middleware<TReturn, TPayload, TReturnNext>[], end?: (_: unknown, initial: TReturn) => TReturn) => (payload: TPayload, initial: TReturn, context: Context) => TReturn | Promise<TReturn>;
package/dist/types.d.ts DELETED
@@ -1,9 +0,0 @@
1
- export type CollectionHookReadPayload = {
2
- filters: Record<string, any>;
3
- sort?: Record<string, any>;
4
- limit?: number;
5
- offset?: number;
6
- };
7
- export type CollectionHookWritePayload = {
8
- what: Record<string, any>;
9
- };
package/dist/types.js DELETED
@@ -1,2 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
package/dist/types.mjs DELETED
@@ -1 +0,0 @@
1
- "use strict";