npm - @aeriajs/security - Versions diffs - 0.0.164 → 0.0.166 - Mend

@aeriajs/security 0.0.164 → 0.0.166

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/middleware/applyReadMiddlewares.d.ts +2 -4
package/dist/middleware/applyReadMiddlewares.js +6 -5
package/dist/middleware/applyReadMiddlewares.mjs +6 -5
package/dist/middleware/applyWriteMiddlewares.d.ts +2 -4
package/dist/middleware/applyWriteMiddlewares.js +6 -5
package/dist/middleware/applyWriteMiddlewares.mjs +6 -5
package/dist/middlewares/immutability.js +6 -0
package/dist/middlewares/immutability.mjs +6 -0
package/dist/middlewares/ownership.js +3 -0
package/dist/middlewares/ownership.mjs +3 -0
package/dist/rateLimiting.d.ts +61 -7
package/dist/rateLimiting.js +1 -1
package/dist/rateLimiting.mjs +1 -1
package/package.json +4 -4

package/dist/middleware/applyReadMiddlewares.d.ts CHANGED Viewed

@@ -1,4 +1,2 @@
-import type { Context, Collection, GetReturnType, GetAllReturnType, CountReturnType, CollectionReadPayload } from '@aeriajs/types';
-export declare const applyReadMiddlewares: <TContext extends Context>(payload: CollectionReadPayload, context: TContext & {
-    collection: Collection;
-}, fn: (p: typeof payload, context: Context) => Promise<GetReturnType<unknown> | GetAllReturnType<unknown> | CountReturnType>) => Promise<import("@aeriajs/types").Result.Either<any, any>>;
+import type { Context, GetReturnType, GetAllReturnType, CountReturnType, CollectionReadPayload } from '@aeriajs/types';
+export declare const applyReadMiddlewares: <TContext extends Context>(payload: CollectionReadPayload, context: TContext, fn: (p: typeof payload, context: Context) => Promise<GetReturnType<unknown> | GetAllReturnType<unknown> | CountReturnType>) => Promise<import("@aeriajs/types").Result.Either<any, any>>;

package/dist/middleware/applyReadMiddlewares.js CHANGED Viewed

@@ -3,14 +3,15 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.applyReadMiddlewares = void 0;
 const iterableMiddlewares_js_1 = require("./iterableMiddlewares.js");
 const applyReadMiddlewares = (payload, context, fn) => {
-    if (context.collection.middlewares) {
-        if (Array.isArray(context.collection.middlewares)) {
-            const readMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeRead).filter((fn) => !!fn);
+    const { middlewares } = context.collection;
+    if (middlewares) {
+        if (Array.isArray(middlewares)) {
+            const readMiddlewares = middlewares.map((middleware) => middleware.beforeRead).filter((fn) => !!fn);
             const start = (0, iterableMiddlewares_js_1.iterableMiddlewares)(readMiddlewares, fn);
             return start(payload, context);
         }
-        if (context.collection.middlewares.beforeRead) {
-            return context.collection.middlewares.beforeRead(payload, context, fn);
+        if (middlewares.beforeRead) {
+            return middlewares.beforeRead(payload, context, fn);
         }
     }
     return fn(payload, context);

package/dist/middleware/applyReadMiddlewares.mjs CHANGED Viewed

@@ -1,17 +1,18 @@
 "use strict";
 import { iterableMiddlewares } from "./iterableMiddlewares.mjs";
 export const applyReadMiddlewares = (payload, context, fn) => {
-  if (context.collection.middlewares) {
-    if (Array.isArray(context.collection.middlewares)) {
-      const readMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeRead).filter((fn2) => !!fn2);
+  const { middlewares } = context.collection;
+  if (middlewares) {
+    if (Array.isArray(middlewares)) {
+      const readMiddlewares = middlewares.map((middleware) => middleware.beforeRead).filter((fn2) => !!fn2);
       const start = iterableMiddlewares(
         readMiddlewares,
         fn
       );
       return start(payload, context);
     }
-    if (context.collection.middlewares.beforeRead) {
-      return context.collection.middlewares.beforeRead(payload, context, fn);
+    if (middlewares.beforeRead) {
+      return middlewares.beforeRead(payload, context, fn);
     }
   }
   return fn(payload, context);

package/dist/middleware/applyWriteMiddlewares.d.ts CHANGED Viewed

@@ -1,4 +1,2 @@
-import type { Context, Collection, CollectionWritePayload, InsertReturnType } from '@aeriajs/types';
-export declare const applyWriteMiddlewares: <TDocument, TContext extends Context>(payload: CollectionWritePayload, context: TContext & {
-    collection: Collection;
-}, fn: (p: typeof payload, context: Context) => Promise<InsertReturnType<TDocument>>) => Promise<import("@aeriajs/types").Result.Either<any, any>>;
+import type { Context, CollectionWritePayload, InsertReturnType } from '@aeriajs/types';
+export declare const applyWriteMiddlewares: <TDocument, TContext extends Context>(payload: CollectionWritePayload, context: TContext, fn: (p: typeof payload, context: Context) => Promise<InsertReturnType<TDocument>>) => Promise<import("@aeriajs/types").Result.Either<any, any>>;

package/dist/middleware/applyWriteMiddlewares.js CHANGED Viewed

@@ -3,14 +3,15 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.applyWriteMiddlewares = void 0;
 const iterableMiddlewares_js_1 = require("./iterableMiddlewares.js");
 const applyWriteMiddlewares = (payload, context, fn) => {
-    if (context.collection.middlewares) {
-        if (Array.isArray(context.collection.middlewares)) {
-            const writeMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeWrite).filter((fn) => !!fn);
+    const { middlewares } = context.collection;
+    if (middlewares) {
+        if (Array.isArray(middlewares)) {
+            const writeMiddlewares = middlewares.map((middleware) => middleware.beforeWrite).filter((fn) => !!fn);
             const start = (0, iterableMiddlewares_js_1.iterableMiddlewares)(writeMiddlewares, fn);
             return start(payload, context);
         }
-        if (context.collection.middlewares.beforeWrite) {
-            return context.collection.middlewares.beforeWrite(payload, context, fn);
+        if (middlewares.beforeWrite) {
+            return middlewares.beforeWrite(payload, context, fn);
         }
     }
     return fn(payload, context);

package/dist/middleware/applyWriteMiddlewares.mjs CHANGED Viewed

@@ -1,17 +1,18 @@
 "use strict";
 import { iterableMiddlewares } from "./iterableMiddlewares.mjs";
 export const applyWriteMiddlewares = (payload, context, fn) => {
-  if (context.collection.middlewares) {
-    if (Array.isArray(context.collection.middlewares)) {
-      const writeMiddlewares = context.collection.middlewares.map((middleware) => middleware.beforeWrite).filter((fn2) => !!fn2);
+  const { middlewares } = context.collection;
+  if (middlewares) {
+    if (Array.isArray(middlewares)) {
+      const writeMiddlewares = middlewares.map((middleware) => middleware.beforeWrite).filter((fn2) => !!fn2);
       const start = iterableMiddlewares(
         writeMiddlewares,
         fn
       );
       return start(payload, context);
     }
-    if (context.collection.middlewares.beforeWrite) {
-      return context.collection.middlewares.beforeWrite(payload, context, fn);
+    if (middlewares.beforeWrite) {
+      return middlewares.beforeWrite(payload, context, fn);
     }
   }
   return fn(payload, context);

package/dist/middlewares/immutability.js CHANGED Viewed

@@ -26,6 +26,12 @@ const checkImmutability = async (docId, props, context) => {
 };
 const checkImmutabilityRead = async (props, context, next) => {
     const { payload: originalPayload } = props.result;
+    if (Array.isArray(originalPayload.filters)) {
+        return props;
+    }
+    if (!(originalPayload.filters._id instanceof mongodb_1.ObjectId)) {
+        throw new Error;
+    }
     const { result: payload, error } = await checkImmutability(originalPayload.filters._id, props.result, context);
     if (error) {
         return types_1.Result.error(error);

package/dist/middlewares/immutability.mjs CHANGED Viewed

@@ -22,6 +22,12 @@ const checkImmutability = async (docId, props, context) => {
 };
 export const checkImmutabilityRead = async (props, context, next) => {
   const { payload: originalPayload } = props.result;
+  if (Array.isArray(originalPayload.filters)) {
+    return props;
+  }
+  if (!(originalPayload.filters._id instanceof ObjectId)) {
+    throw new Error();
+  }
   const { result: payload, error } = await checkImmutability(originalPayload.filters._id, props.result, context);
   if (error) {
     return Result.error(error);

package/dist/middlewares/ownership.js CHANGED Viewed

@@ -5,6 +5,9 @@ const types_1 = require("@aeriajs/types");
 const checkOwnershipRead = async (props, context, next) => {
     const { token, description } = context;
     const { payload } = props.result;
+    if (Array.isArray(payload.filters)) {
+        return props;
+    }
     if (token.authenticated && description.owned && description.owned !== 'on-write') {
         if (!token.roles.includes('root')) {
             payload.filters.owner = token.sub;

package/dist/middlewares/ownership.mjs CHANGED Viewed

@@ -3,6 +3,9 @@ import { Result, ACError } from "@aeriajs/types";
 export const checkOwnershipRead = async (props, context, next) => {
   const { token, description } = context;
   const { payload } = props.result;
+  if (Array.isArray(payload.filters)) {
+    return props;
+  }
   if (token.authenticated && description.owned && description.owned !== "on-write") {
     if (!token.roles.includes("root")) {
       payload.filters.owner = token.sub;

package/dist/rateLimiting.d.ts CHANGED Viewed

@@ -1,12 +1,66 @@
 import type { RouteContext, RateLimitingParams } from '@aeriajs/types';
 import { Result, HTTPStatus, RateLimitingError } from '@aeriajs/types';
-export declare const getOrCreateUsageEntry: (params: RateLimitingParams, context: RouteContext) => Promise<import("@aeriajs/types").WithId<Omit<import("@aeriajs/types").PackReferences<import("@aeriajs/types").SchemaWithId<import("@aeriajs/types").Description>>, "_id">>>;
-export declare const limitRate: (params: RateLimitingParams, context: RouteContext) => Promise<{
-    readonly _tag: "Result";
-    readonly error: undefined;
-    readonly result: any;
-} | Result.Error<{
+export declare const getOrCreateUsageEntry: (params: RateLimitingParams, context: RouteContext) => Promise<import("mongodb").WithId<Omit<import("@aeriajs/types").PackReferences<import("@aeriajs/types").SchemaWithId<{
+    readonly $id: "resourceUsage";
+    readonly icon: "wrench";
+    readonly required: readonly ["usage"];
+    readonly properties: {
+        readonly user: {
+            readonly $ref: "user";
+        };
+        readonly address: {
+            readonly type: "string";
+        };
+        readonly usage: {
+            readonly type: "object";
+            readonly additionalProperties: {
+                readonly type: "object";
+                readonly properties: {
+                    readonly hits: {
+                        readonly type: "integer";
+                    };
+                    readonly points: {
+                        readonly type: "integer";
+                    };
+                    readonly last_reach: {
+                        readonly type: "string";
+                        readonly format: "date-time";
+                    };
+                    readonly last_maximum_reach: {
+                        readonly type: "string";
+                        readonly format: "date-time";
+                    };
+                };
+            };
+        };
+    };
+}>>, "_id">>>;
+export declare const limitRate: (params: RateLimitingParams, context: RouteContext) => Promise<Result.Error<{
     readonly code: RateLimitingError.LimitReached;
 } & {
     httpStatus: HTTPStatus.TooManyRequests;
-}>>;
+}> | {
+    readonly _tag: "Result";
+    readonly error: undefined;
+    readonly result: import("@aeriajs/types").PackReferences<{} & Omit<Readonly<import("@aeriajs/types").FilterReadonlyProperties<{
+        readonly hits: {
+            readonly type: "integer";
+        };
+        readonly points: {
+            readonly type: "integer";
+        };
+        readonly last_reach: {
+            readonly type: "string";
+            readonly format: "date-time";
+        };
+        readonly last_maximum_reach: {
+            readonly type: "string";
+            readonly format: "date-time";
+        };
+    }>> & {
+        hits: number;
+        points: number;
+        last_reach: Date;
+        last_maximum_reach: Date;
+    }, never>>;
+}>;

package/dist/rateLimiting.js CHANGED Viewed

@@ -62,7 +62,7 @@ const limitRate = async (params, context) => {
     }, {
         returnDocument: 'after',
     });
-    if (!newEntry) {
+    if (!newEntry || !newEntry.usage[resourceName]) {
         throw new Error();
     }
     return types_1.Result.result(newEntry.usage[resourceName]);

package/dist/rateLimiting.mjs CHANGED Viewed

@@ -67,7 +67,7 @@ export const limitRate = async (params, context) => {
       returnDocument: "after"
     }
   );
-  if (!newEntry) {
+  if (!newEntry || !newEntry.usage[resourceName]) {
     throw new Error();
   }
   return Result.result(newEntry.usage[resourceName]);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aeriajs/security",
-  "version": "0.0.164",
+  "version": "0.0.166",
   "description": "",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -28,9 +28,9 @@
     "mongodb": "^6.5.0"
   },
   "peerDependencies": {
-    "@aeriajs/core": "^0.0.164",
-    "@aeriajs/common": "^0.0.100",
-    "@aeriajs/types": "^0.0.86",
+    "@aeriajs/core": "^0.0.166",
+    "@aeriajs/common": "^0.0.102",
+    "@aeriajs/types": "^0.0.87",
     "mongodb": "^6.5.0"
   },
   "scripts": {