@apolitical/server 2.1.0-beta.1 → 2.2.0-rc.fallback.2

package/CHANGELOG.md

@@ -5,9 +5,19 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.2.0] - 2022-02-07
+### Changed
+- Pipeline uses `Node-Publish` template
+
+## [2.1.1] - 2022-01-31
+### Fixed
+- Authorisation logic
+
 ## [2.1.0] - 2022-01-21
 ### Added
 - Prerender middleware
+### Fixed
+- Node.js version
 
 ## [2.0.1] - 2022-01-21
 ### Added

package/README.md

@@ -6,7 +6,7 @@ Node.js module to encapsulate Apolitical's express server setup
 
 Requires the following to run:
 
-- [node.js][node] 16.13.2+
+- [node.js][node] 16.13.0+
 - [yarn][yarn]
 
 [node]: https://nodejs.org/en/download/

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apolitical/server",
-  "version": "2.1.0-beta.1",
+  "version": "2.2.0-rc.fallback.2",
   "description": "Node.js module to encapsulate Apolitical's express server setup",
   "author": "Apolitical Group Limited <engineering@apolitical.co>",
   "license": "MIT",
@@ -24,14 +24,14 @@
     "Node Modules"
   ],
   "dependencies": {
-    "@apolitical/logger": "2.0.0",
+    "@apolitical/logger": "2.0.1",
     "@cloudnative/health-connect": "2.1.0",
-    "awilix": "6.0.0",
+    "awilix": "6.1.0",
     "body-parser": "1.19.1",
     "compression": "1.7.4",
     "cookie-parser": "1.4.6",
     "cors": "2.8.5",
-    "dotenv": "14.2.0",
+    "dotenv": "15.0.0",
     "express": "4.17.2",
     "express-jwt": "6.1.0",
     "http-status-codes": "2.2.0",
@@ -46,18 +46,18 @@
     "swagger-ui-express": "4.3.0"
   },
   "devDependencies": {
-    "@apolitical/eslint-config": "1.0.1",
-    "@apolitical/testing": "1.0.1",
+    "@apolitical/eslint-config": "1.0.2",
+    "@apolitical/testing": "1.0.2",
     "audit-ci": "5.1.2",
     "husky": "7.0.4",
     "jest": "27.4.7",
     "jest-junit": "13.0.0",
-    "lint-staged": "12.2.2",
+    "lint-staged": "12.3.2",
     "mock-jwks": "1.0.1",
     "nock": "13.2.2"
   },
   "engines": {
-    "node": ">=16.13.2"
+    "node": ">=16.13.0"
   },
   "eslintConfig": {
     "extends": "@apolitical/eslint-config/base.config"

package/src/container.js

@@ -36,7 +36,7 @@ const documentationLoader = require('./loaders/documentation.loader');
 const loggerLoader = require('./loaders/logger.loader');
 const middlewaresLoader = require('./loaders/middlewares.loader');
 const probesLoader = require('./loaders/probes.loader');
-const staticLoader = require('./loaders/static.loader');
+const fallbackLoader = require('./loaders/fallback.loader');
 // Middleware
 const authenticationMiddleware = require('./middlewares/authentication.middleware');
 const authorisationMiddleware = require('./middlewares/authorisation.middleware');
@@ -85,7 +85,7 @@ container.register({
   loggerLoader: asFunction(loggerLoader).singleton(),
   middlewaresLoader: asFunction(middlewaresLoader).singleton(),
   probesLoader: asFunction(probesLoader).singleton(),
-  staticLoader: asFunction(staticLoader).singleton(),
+  fallbackLoader: asFunction(fallbackLoader).singleton(),
   // Middlewares
   authenticationMiddleware: asFunction(authenticationMiddleware).singleton(),
   authorisationMiddleware: asFunction(authorisationMiddleware).singleton(),

package/src/loaders/fallback.loader.js

@@ -0,0 +1,21 @@
+'use strict';
+
+module.exports = ({ logger }) => {
+  return function load(app, { fallbackLoader, staticFiles }) {
+    const childLogger = logger.where(__filename, 'load');
+    childLogger.debug('Started');
+
+    if (staticFiles) {
+      const { baseUrl, indexFilePath } = staticFiles;
+      // Load fallback or static content
+      if (fallbackLoader) {
+        app.get(`${baseUrl}*`, fallbackLoader);
+      } else if (indexFilePath) {
+        app.get(`${baseUrl}*`, function (req, res) {
+          res.sendFile(indexFilePath);
+        });
+      }
+    }
+    childLogger.debug('Finished');
+  };
+};

package/src/loaders/middlewares.loader.js

@@ -1,9 +1,18 @@
 'use strict';
 
-module.exports = ({ bodyParser: { json, urlencoded }, compression, cors, cookieParser, config, logger }) => {
+module.exports = ({
+  bodyParser: { json, urlencoded },
+  express,
+  compression,
+  cors,
+  cookieParser,
+  prerender,
+  config,
+  logger,
+}) => {
   const { BODY_PARSER_OPTIONS, CORS_OPTIONS } = config.SERVER;
 
-  return function load(app, { corsOptions }) {
+  return function load(app, { staticFiles, corsOptions, prerenderToken }) {
     const childLogger = logger.where(__filename, 'load');
     childLogger.debug('Started');
     // Load useful middlewares
@@ -12,6 +21,13 @@ module.exports = ({ bodyParser: { json, urlencoded }, compression, cors, cookieP
     app.use(urlencoded(BODY_PARSER_OPTIONS));
     app.use(cors(Object.assign({}, CORS_OPTIONS, corsOptions)));
     app.use(compression());
+    if (prerenderToken) {
+      app.use(prerender.set('prerenderToken', prerenderToken));
+    }
+    if (staticFiles) {
+      const { baseUrl, folderPath } = staticFiles;
+      app.use(baseUrl, express.static(folderPath));
+    }
     childLogger.debug('Finished');
   };
 };

package/src/middlewares/authorisation.middleware.js

@@ -8,21 +8,21 @@ module.exports = ({ logger, serverError: { Forbidden }, config }) => {
     return function handler(req, res, next) {
       const childLogger = logger.where(__filename, 'handler');
       childLogger.debug('Started');
-      let isNotMyselfSlug = false;
       let isNotAdmin = false;
-      // Check myself param
-      if (myselfSource) {
-        isNotMyselfSlug = req.params[myselfSource] !== MYSELF_SLUG;
-      }
+      let isNotMyselfSlug = false;
       // Check user role (from JWT)
       if (!allowNonAdmin) {
         isNotAdmin = req.user && req.user.role !== ADMIN_ROLE;
       }
+      // Check myself param
+      if (myselfSource) {
+        isNotMyselfSlug = req.params[myselfSource] !== MYSELF_SLUG;
+      }
       // Check permissions and prevent unauthorised requests
       let unauthorised = false;
-      if (isNotMyselfSlug && myselfSource && isNotAdmin && !allowNonAdmin) {
+      if (!allowNonAdmin && isNotAdmin && isNotMyselfSlug) {
         unauthorised = true;
-      } else if (isNotAdmin && !allowNonAdmin) {
+      } else if (!allowNonAdmin && isNotAdmin && !myselfSource) {
         unauthorised = true;
       }
       if (unauthorised) {

package/src/services/server.service.js

@@ -11,7 +11,7 @@ module.exports = ({
   errorMiddleware,
   middlewaresLoader,
   probesLoader,
-  staticLoader,
+  fallbackLoader,
   jwtService,
   serverError,
 }) => {
@@ -52,10 +52,10 @@ module.exports = ({
       }
       // Load documentation
       documentationLoader(app, opts);
-      // Load static resources
-      if (opts.staticFiles) {
-        staticLoader(app, opts);
-      }
+
+      // Load static resources or fallback
+      fallbackLoader(app, opts);
+
       // Use error handler
       if (opts.handleErrors) {
         app.use(errorMiddleware(opts));

package/src/loaders/static.loader.js

@@ -1,19 +0,0 @@
-'use strict';
-
-module.exports = ({ express, prerender, logger }) => {
-  return function load(app, { staticFiles: { baseUrl, folderPath, indexFilePath } }) {
-    const childLogger = logger.where(__filename, 'load');
-    childLogger.debug('Started');
-    // Use prerendering middleware
-    app.use(prerender);
-    // Use Express built-in middleware
-    app.use(baseUrl, express.static(folderPath));
-    // Load static endpoint
-    if (indexFilePath) {
-      app.get(`${baseUrl}*`, function (req, res) {
-        res.sendFile(indexFilePath);
-      });
-    }
-    childLogger.debug('Finished');
-  };
-};