@balena/pinejs 15.0.0-delete-state-default-user-permissions-8b5de27c634f2e7581f0bcf3600066d2fe4bbf40 → 15.0.0-deprecate-node12-8a99d72ae66d7708293afc56c5d7eb19b39081cd

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@balena/pinejs",
-  "version": "15.0.0-delete-state-default-user-permissions-8b5de27c634f2e7581f0bcf3600066d2fe4bbf40",
+  "version": "15.0.0-deprecate-node12-8a99d72ae66d7708293afc56c5d7eb19b39081cd",
   "main": "out/server-glue/module",
   "repository": "git@github.com:balena-io/pinejs.git",
   "license": "Apache-2.0",
@@ -21,7 +21,7 @@
     "lint": "balena-lint -e js -e ts src build typings Gruntfile.ts && npx tsc --project tsconfig.dev.json --noEmit",
     "test": "npm run lint & npm run build && npm run webpack-build",
     "test:compose": "npm run compose:build && npm run compose:postgres && docker-compose -f docker-compose.test.yml run sut npm run mocha",
-    "test:fast": " npm run compose:postgres && npm run mocha:local",
+    "test:fast": "npm run compose:postgres && npm run mocha:local",
     "mocha": "TS_NODE_FILES=true mocha",
     "mocha:local": "DATABASE_URL=postgres://docker:docker@localhost:5431/postgres npm run mocha",
     "compose:postgres": "docker-compose -f docker-compose.test.yml up -d postgres",
@@ -34,7 +34,7 @@
     "@balena/abstract-sql-to-typescript": "^1.2.0",
     "@balena/lf-to-abstract-sql": "^4.5.1",
     "@balena/odata-parser": "^2.3.0",
-    "@balena/odata-to-abstract-sql": "^5.4.12",
+    "@balena/odata-to-abstract-sql": "^5.4.14",
     "@balena/sbvr-parser": "^1.4.1",
     "@balena/sbvr-types": "^3.4.7",
     "@types/body-parser": "^1.19.2",
@@ -42,20 +42,20 @@
     "@types/cookie-parser": "^1.4.3",
     "@types/deep-freeze": "^0.1.2",
     "@types/express": "^4.17.13",
-    "@types/express-session": "^1.17.4",
+    "@types/express-session": "^1.17.5",
     "@types/lodash": "^4.14.182",
     "@types/memoizee": "^0.4.8",
     "@types/method-override": "^0.0.32",
     "@types/multer": "^1.4.7",
     "@types/mysql": "^2.15.21",
     "@types/node": "^12.20.55",
-    "@types/passport": "^1.0.8",
+    "@types/passport": "^1.0.9",
     "@types/passport-local": "^1.0.34",
     "@types/passport-strategy": "^0.2.35",
     "@types/pg": "^8.6.5",
     "@types/randomstring": "^1.1.8",
     "@types/websql": "^0.0.27",
-    "commander": "^9.3.0",
+    "commander": "^9.4.0",
     "deep-freeze": "^0.0.1",
     "eventemitter3": "^4.0.7",
     "express-session": "^1.17.3",
@@ -92,13 +92,13 @@
     "mocha": "^9.2.2",
     "raw-loader": "^4.0.2",
     "require-npm4-to-publish": "^1.0.0",
-    "supertest": "^6.2.3",
+    "supertest": "^6.2.4",
     "terser-webpack-plugin": "^5.3.3",
-    "ts-loader": "^9.3.0",
-    "ts-node": "^10.8.1",
-    "typescript": "^4.7.3",
+    "ts-loader": "^9.3.1",
+    "ts-node": "^10.9.1",
+    "typescript": "^4.7.4",
     "webpack": "^5.73.0",
-    "webpack-dev-server": "^4.9.2"
+    "webpack-dev-server": "^4.9.3"
   },
   "optionalDependencies": {
     "bcrypt": "^5.0.1",
@@ -116,7 +116,7 @@
     "serve-static": "^1.15.0"
   },
   "engines": {
-    "node": ">=10.0.0",
+    "node": ">=14.0.0",
     "npm": ">=6.0.0"
   },
   "husky": {
@@ -144,6 +144,6 @@
     "recursive": true
   },
   "versionist": {
-    "publishedAt": "2022-07-07T13:01:20.151Z"
+    "publishedAt": "2022-08-02T12:27:59.997Z"
   }
 }

package/src/bin/utils.ts

@@ -87,7 +87,7 @@ export const getAbstractSqlModelFromFile = (
 	let lfModel;
 	try {
 		lfModel = generateLfModel(seModel);
-	} catch (e) {
+	} catch (e: any) {
 		throw new Error(
 			`Got '${e.message}' whilst trying to parse the model file as sbvr, if you're using a transpiled language for the model file you will need to either transpile in advance or run via its loader`,
 		);

package/src/config-loader/config-loader.ts

@@ -44,7 +44,7 @@ export interface Model {
 export interface User {
 	username: string;
 	password: string;
-	permissions: string[];
+	permissions?: string[];
 }
 export interface Config {
 	models: Model[];
@@ -81,7 +81,7 @@ const getOrCreatePermission = async (
 ) => {
 	try {
 		return await getOrCreate(authApiTx, 'permission', { name: permissionName });
-	} catch (e) {
+	} catch (e: any) {
 		e.message = `Could not create or find permission "${permissionName}": ${e.message}`;
 		throw e;
 	}
@@ -103,20 +103,17 @@ export const setup = (app: Express.Application) => {
 				const permissionsCache: {
 					[index: string]: Promise<number>;
 				} = {};
-				users.forEach((user) => {
+				for (const user of users) {
 					if (user.permissions == null) {
-						return;
+						continue;
 					}
-					user.permissions.forEach((permissionName) => {
-						if (permissionsCache[permissionName] != null) {
-							return;
-						}
-						permissionsCache[permissionName] = getOrCreatePermission(
+					for (const permissionName of user.permissions) {
+						permissionsCache[permissionName] ??= getOrCreatePermission(
 							authApiTx,
 							permissionName,
 						);
-					});
-				});
+					}
+				}
 
 				await Promise.all(
 					users.map(async (user) => {
@@ -132,34 +129,17 @@ export const setup = (app: Express.Application) => {
 								},
 							);
 							if (user.permissions != null) {
-								const permissionIds = await Promise.all(
+								await Promise.all(
 									user.permissions.map(async (permissionName) => {
 										const permissionID = await permissionsCache[permissionName];
 										await getOrCreate(authApiTx, 'user__has__permission', {
 											user: userID,
 											permission: permissionID,
 										});
-										return permissionID;
 									}),
 								);
-
-								await authApiTx.delete({
-									resource: 'user__has__permission',
-									options: {
-										$filter: {
-											user: userID,
-											...(permissionIds.length > 0 && {
-												$not: {
-													permission: {
-														$in: permissionIds,
-													},
-												},
-											}),
-										},
-									},
-								});
 							}
-						} catch (e) {
+						} catch (e: any) {
 							e.message = `Could not create or find user "${user.username}": ${e.message}`;
 							throw e;
 						}
@@ -186,7 +166,7 @@ export const setup = (app: Express.Application) => {
 							console.info(
 								'Successfully executed ' + model.modelName + ' model.',
 							);
-						} catch (err) {
+						} catch (err: any) {
 							const message = `Failed to execute ${model.modelName} model from ${model.modelFile}`;
 							if (_.isError(err)) {
 								err.message = message;
@@ -200,11 +180,11 @@ export const setup = (app: Express.Application) => {
 						if (typeof model.customServerCode === 'string') {
 							try {
 								customCode = nodeRequire(model.customServerCode).setup;
-							} catch (e) {
+							} catch (e: any) {
 								e.message = `Error loading custom server code: '${e.message}'`;
 								throw e;
 							}
-						} else if (_.isObject(model.customServerCode)) {
+						} else if (typeof model.customServerCode === 'object') {
 							customCode = model.customServerCode.setup;
 						} else {
 							throw new Error(
@@ -238,7 +218,7 @@ export const setup = (app: Express.Application) => {
 			} else if (typeof config === 'string') {
 				root = path.dirname(config);
 				configObj = await loadConfigFile(config);
-			} else if (_.isObject(config)) {
+			} else if (typeof config === 'object') {
 				root = process.cwd();
 				configObj = config;
 			} else {
@@ -344,7 +324,7 @@ export const setup = (app: Express.Application) => {
 				}),
 			);
 			await loadConfig(configObj);
-		} catch (err) {
+		} catch (err: any) {
 			console.error('Error loading application config', err, err.stack);
 			process.exit(1);
 		}

package/src/data-server/sbvr-server.js

@@ -228,7 +228,7 @@ export async function setup(app, sbvrUtils, db) {
 					await setupModels(tx);
 				});
 				res.status(200).end();
-			} catch (err) {
+			} catch (/** @type any */ err) {
 				console.error('Error clearing db', err, err.stack);
 				res.status(503).end();
 			}
@@ -255,7 +255,7 @@ export async function setup(app, sbvrUtils, db) {
 					}
 				});
 				res.status(200).end();
-			} catch (err) {
+			} catch (/** @type any */ err) {
 				console.error('Error importing db', err, err.stack);
 				res.status(404).end();
 			}
@@ -278,11 +278,11 @@ export async function setup(app, sbvrUtils, db) {
 								'SELECT * FROM "' + tableName + '";',
 							);
 							let insQuery = '';
-							result.rows.forEach((currRow) => {
+							for (const currRow of result.rows) {
 								let notFirst = false;
 								insQuery += 'INSERT INTO "' + tableName + '" (';
 								let valQuery = '';
-								for (let propName of Object.keys(currRow)) {
+								for (const propName of Object.keys(currRow)) {
 									if (notFirst) {
 										insQuery += ',';
 										valQuery += ',';
@@ -293,13 +293,13 @@ export async function setup(app, sbvrUtils, db) {
 									valQuery += "'" + currRow[propName] + "'";
 								}
 								insQuery += ') values (' + valQuery + ');\n';
-							});
+							}
 							exported += insQuery;
 						}),
 					);
 				});
 				res.json(exported);
-			} catch (err) {
+			} catch (/** @type any */ err) {
 				console.error('Error exporting db', err, err.stack);
 				res.status(503).end();
 			}
@@ -329,7 +329,7 @@ export async function setup(app, sbvrUtils, db) {
 					);
 				});
 				res.status(200).end();
-			} catch (err) {
+			} catch (/** @type any */ err) {
 				console.error('Error backing up db', err, err.stack);
 				res.status(404).end();
 			}
@@ -358,7 +358,7 @@ export async function setup(app, sbvrUtils, db) {
 					);
 				});
 				res.status(200).end();
-			} catch (err) {
+			} catch (/** @type any */ err) {
 				console.error('Error restoring db', err, err.stack);
 				res.status(404).end();
 			}

package/src/database-layer/db.ts

@@ -36,7 +36,7 @@ const isSqlError = (value: any): value is SQLError => {
 };
 
 export class DatabaseError extends TypedError {
-	public code: number | string;
+	public code?: number | string;
 	constructor(message?: string | CodedError | SQLError) {
 		if (isSqlError(message)) {
 			// If this is a SQLError we have to handle it specially (since it's not actually an instance of Error)
@@ -309,7 +309,7 @@ export abstract class Tx {
 		const t0 = Date.now();
 		try {
 			return await this._executeSql(sql, bindings, ...args);
-		} catch (err) {
+		} catch (err: any) {
 			throw wrapDatabaseError(err);
 		} finally {
 			this.automaticClose.decrementPending();
@@ -420,7 +420,7 @@ const createTransaction = (createFunc: CreateTransactionFn): TransactionFn => {
 		let tx;
 		try {
 			tx = await createFunc(stackTraceErr);
-		} catch (err) {
+		} catch (err: any) {
 			throw wrapDatabaseError(err);
 		}
 		if (fn) {
@@ -428,7 +428,7 @@ const createTransaction = (createFunc: CreateTransactionFn): TransactionFn => {
 				const result = await fn(tx);
 				await tx.end();
 				return result;
-			} catch (err) {
+			} catch (err: any) {
 				try {
 					await tx.rollback();
 				} catch {
@@ -559,7 +559,7 @@ if (maybePg != null) {
 						text: sql,
 						values: bindings,
 					});
-				} catch (err) {
+				} catch (err: any) {
 					if (err.code === PG_UNIQUE_VIOLATION) {
 						throw new UniqueConstraintError(err);
 					}
@@ -584,12 +584,12 @@ if (maybePg != null) {
 					const queryQueue = this.db.queryQueue as Pg.Query[];
 					if (queryQueue.length > 0) {
 						const err = new DatabaseError('Rolling back transaction');
-						queryQueue.forEach((query) => {
+						for (const query of queryQueue) {
 							process.nextTick(() => {
 								// @ts-expect-error typings do not include this function
 								query.handleError(err, this.db.connection);
 							});
-						});
+						}
 						queryQueue.length = 0;
 					}
 					await timeout(
@@ -598,7 +598,7 @@ if (maybePg != null) {
 						'Rolling back transaction timed out',
 					);
 					this.db.release();
-				} catch (err) {
+				} catch (err: any) {
 					err = wrapDatabaseError(err);
 					this.db.release(err);
 					throw err;
@@ -609,7 +609,7 @@ if (maybePg != null) {
 				try {
 					await this.$executeSql('COMMIT;');
 					this.db.release();
-				} catch (err) {
+				} catch (err: any) {
 					this.db.release(err);
 					throw err;
 				}
@@ -719,7 +719,7 @@ if (maybeMysql != null) {
 					result = await fromCallback<MysqlRowArray>((callback) => {
 						this.db.query(sql, bindings, callback);
 					});
-				} catch (err) {
+				} catch (err: any) {
 					if (err.code === MYSQL_UNIQUE_VIOLATION) {
 						// We know that the type is an IError for mysql, but typescript doesn't like the catch obj sugar
 						throw new UniqueConstraintError(err as Mysql.MysqlError);
@@ -852,7 +852,7 @@ if (typeof window !== 'undefined' && window.openDatabase != null) {
 				let result;
 				try {
 					result = await this.tx.executeSql(sql, bindings);
-				} catch (err) {
+				} catch (err: any) {
 					if (err.code === WEBSQL_CONSTRAINT_ERR) {
 						throw new ConstraintError('Constraint failed.');
 					}

package/src/express-emulator/express.js

@@ -49,7 +49,7 @@ const app = (function () {
 			match,
 			paramName,
 			// Flatten middleware list to handle arrays of middleware in the arg list.
-			middleware: _.flattenDeep(middleware),
+			middleware: middleware.flat(Infinity),
 		});
 	};
 	const process = async function (

package/src/http-transactions/transactions.js

@@ -54,7 +54,7 @@ SELECT NOT EXISTS(
 ) AS result;`,
 						[request.resourceName, id],
 					);
-				} catch (err) {
+				} catch (/** @type any */ err) {
 					logger.error('Unable to check resource locks', err, err.stack);
 					throw new Error('Unable to check resource locks');
 				}
@@ -137,7 +137,7 @@ WHERE "conditional resource"."transaction" = ?;\
 					[transactionID],
 				);
 
-				conditionalResources.rows.forEach((conditionalResource) => {
+				for (const conditionalResource of conditionalResources.rows) {
 					const { placeholder } = conditionalResource;
 					if (placeholder != null && placeholder.length > 0) {
 						/** @type {Function} */
@@ -151,7 +151,7 @@ WHERE "conditional resource"."transaction" = ?;\
 						// @ts-ignore
 						placeholders[placeholder] = { promise, resolve, reject };
 					}
-				});
+				}
 
 				// get conditional resources (if exist)
 				await Promise.all(
@@ -255,7 +255,7 @@ WHERE "conditional resource"."transaction" = ?;\
 					await endTransaction(id);
 
 					res.status(200).end();
-				} catch (err) {
+				} catch (/** @type any */ err) {
 					console.error('Error ending transaction', err, err.stack);
 					res.status(404).json(err);
 				}

package/src/migrator/sync.ts

@@ -3,7 +3,6 @@ import {
 	MigrationTuple,
 	MigrationError,
 	defaultMigrationCategory,
-	checkModelAlreadyExists,
 	setExecutedMigrations,
 	getExecutedMigrations,
 	lockMigrations,
@@ -24,17 +23,16 @@ export const postRun = async (tx: Tx, model: ApiRootModel): Promise<void> => {
 	}
 
 	const modelName = model.apiRoot;
-
-	const exists = await checkModelAlreadyExists(tx, modelName);
-	if (!exists) {
+	const modelIsNew = await sbvrUtils.isModelNew(tx, modelName);
+	if (modelIsNew) {
 		(sbvrUtils.api.migrations?.logger.info ?? console.info)(
-			'First time executing, running init script',
+			`First time executing '${modelName}', running init script`,
 		);
 
 		await lockMigrations(tx, modelName, async () => {
 			try {
 				await tx.executeSql(initSql);
-			} catch (err) {
+			} catch (err: any) {
 				(sbvrUtils.api.migrations?.logger.error ?? console.error)(
 					`initSql execution error ${err} `,
 				);
@@ -69,10 +67,10 @@ const $run = async (
 
 	// migrations only run if the model has been executed before,
 	// to make changes that can't be automatically applied
-	const exists = await checkModelAlreadyExists(tx, modelName);
-	if (!exists) {
+	const modelIsNew = await sbvrUtils.isModelNew(tx, modelName);
+	if (modelIsNew) {
 		(sbvrUtils.api.migrations?.logger.info ?? console.info)(
-			'First time model has executed, skipping migrations',
+			`First time model '${modelName}' has executed, skipping migrations`,
 		);
 
 		return await setExecutedMigrations(tx, modelName, Object.keys(migrations));
@@ -96,7 +94,7 @@ const $run = async (
 				...executedMigrations,
 				...newlyExecutedMigrations,
 			]);
-		} catch (err) {
+		} catch (err: any) {
 			(sbvrUtils.api.migrations?.logger.error ?? console.error)(
 				`Failed to executed synchronous migrations from api root model ${err}`,
 			);
@@ -124,7 +122,7 @@ const executeMigrations = async (
 		for (const migration of migrations) {
 			await executeMigration(tx, migration);
 		}
-	} catch (err) {
+	} catch (err: any) {
 		(sbvrUtils.api.migrations?.logger.error ?? console.error)(
 			'Error while executing migrations, rolled back',
 		);

package/src/migrator/utils.ts

@@ -51,7 +51,11 @@ export const lockMigrations = async <T>(
 	tx: Tx,
 	modelName: string,
 	fn: () => Promise<T>,
-): Promise<T> => {
+): Promise<T | undefined> => {
+	if (!(await migrationTablesExist(tx))) {
+		return;
+	}
+
 	try {
 		await tx.executeSql(
 			binds`
@@ -66,7 +70,7 @@ INSERT INTO "migration lock" ("model name")
 VALUES (${1})`,
 			[modelName],
 		);
-	} catch (err) {
+	} catch (err: any) {
 		await delay(migratorEnv.lockFailDelay);
 		throw err;
 	}
@@ -88,26 +92,6 @@ WHERE "model name" = ${1}`,
 	}
 };
 
-export const checkModelAlreadyExists = async (
-	tx: Tx,
-	modelName: string,
-): Promise<boolean> => {
-	const result = await tx.tableList("name = 'migration'");
-	if (result.rows.length === 0) {
-		return false;
-	}
-	const { rows } = await tx.executeSql(
-		binds`
-SELECT 1
-FROM "model"
-WHERE "model"."is of-vocabulary" = ${1}
-LIMIT 1`,
-		[modelName],
-	);
-
-	return rows.length > 0;
-};
-
 export const setExecutedMigrations = async (
 	tx: Tx,
 	modelName: string,
@@ -115,8 +99,7 @@ export const setExecutedMigrations = async (
 ): Promise<void> => {
 	const stringifiedMigrations = JSON.stringify(executedMigrations);
 
-	const result = await tx.tableList("name = 'migration'");
-	if (result.rows.length === 0) {
+	if (!(await migrationTablesExist(tx))) {
 		return;
 	}
 
@@ -143,6 +126,10 @@ export const getExecutedMigrations = async (
 	tx: Tx,
 	modelName: string,
 ): Promise<string[]> => {
+	if (!(await migrationTablesExist(tx))) {
+		return [];
+	}
+
 	const { rows } = await tx.executeSql(
 		binds`
 SELECT "migration"."executed migrations" AS "executed_migrations"
@@ -158,3 +145,10 @@ WHERE "migration"."model name" = ${1}`,
 
 	return JSON.parse(data.executed_migrations) as string[];
 };
+
+export const migrationTablesExist = async (tx: Tx) => {
+	const tables = ['migration', 'migration lock'];
+	const where = tables.map((tableName) => `name = '${tableName}'`).join(' OR ');
+	const result = await tx.tableList(where);
+	return result.rows.length === tables.length;
+};

package/src/odata-metadata/odata-metadata-generator.ts

@@ -21,17 +21,14 @@ const forEachUniqueTable = <T>(
 	const usedTableNames: { [tableName: string]: true } = {};
 
 	const result = [];
-	for (const key in model) {
-		if (model.hasOwnProperty(key)) {
-			const table = model[key];
-			if (
-				typeof table !== 'string' &&
-				!table.primitive &&
-				!usedTableNames[table.name]
-			) {
-				usedTableNames[table.name] = true;
-				result.push(callback(key, table));
-			}
+	for (const [key, table] of Object.entries(model)) {
+		if (
+			typeof table !== 'string' &&
+			!table.primitive &&
+			!usedTableNames[table.name]
+		) {
+			usedTableNames[table.name] = true;
+			result.push(callback(key, table));
 		}
 	}
 	return result;

package/src/sbvr-api/abstract-sql.ts

@@ -47,7 +47,7 @@ export const compileRequest = (request: ODataRequest) => {
 			);
 			request.sqlQuery = sqlQuery;
 			request.modifiedFields = modifiedFields;
-		} catch (err) {
+		} catch (err: any) {
 			sbvrUtils.api[request.vocabulary].logger.error(
 				'Failed to compile abstract sql: ',
 				request.abstractSqlQuery,
@@ -139,7 +139,7 @@ export const getAndCheckBindValues = async (
 
 			try {
 				return await AbstractSQLCompiler[engine].dataTypeValidate(value, field);
-			} catch (err) {
+			} catch (err: any) {
 				throw new BadRequestError(`"${fieldName}" ${err.message}`);
 			}
 		}),
@@ -173,7 +173,10 @@ const checkModifiedFields = (
 };
 export const isRuleAffected = (
 	rule: AbstractSQLCompiler.SqlRule,
-	request?: ODataRequest,
+	request?: Pick<
+		ODataRequest,
+		'abstractSqlQuery' | 'modifiedFields' | 'method' | 'vocabulary'
+	>,
 ) => {
 	// If there is no abstract sql query then nothing was modified
 	if (request?.abstractSqlQuery == null) {

package/src/sbvr-api/control-flow.ts

@@ -24,7 +24,7 @@ export const settleMapSeries: MappingFunction = async <T, U>(
 	await mapSeries(a, async (p) => {
 		try {
 			return await fn(p);
-		} catch (err) {
+		} catch (err: any) {
 			return ensureError(err);
 		}
 	});
@@ -49,7 +49,7 @@ const mapTill: MappingFunction = async <T, U>(
 		try {
 			const result = await fn(p);
 			results.push(result);
-		} catch (err) {
+		} catch (err: any) {
 			results.push(ensureError(err));
 			break;
 		}