@balena/pinejs 16.0.0-build--batch-09b8c466600d7df13e6df3eacabaf463d96f652f-1 → 16.0.0-build-fisehara-update-sbvr-types-b58e72aca3193964afac96c955fde178fe39d077-1

package/src/passport-pinejs/passport-pinejs.ts

@@ -10,7 +10,7 @@ import * as permissions from '../sbvr-api/permissions';
 export let login: (
 	fn: (
 		err: any,
-		user: {} | null | false | undefined,
+		user: object | null | false | undefined,
 		req: Express.Request,
 		res: Express.Response,
 		next: Express.NextFunction,
@@ -35,12 +35,13 @@ export const checkPassword: PassportLocal.VerifyFunction = async (
 
 const setup: ConfigLoader.SetupFunction = async (app: Express.Application) => {
 	if (!process.browser) {
+		// eslint-disable-next-line @typescript-eslint/no-var-requires
 		const passport: typeof Passport = require('passport');
 		app.use(passport.initialize());
 		app.use(passport.session());
 
 		const {
-			Strategy: LocalStrategy,
+			Strategy: LocalStrategy, // eslint-disable-next-line @typescript-eslint/no-var-requires
 		}: typeof PassportLocal = require('passport-local');
 
 		passport.serializeUser((user, done) => {
@@ -66,7 +67,10 @@ const setup: ConfigLoader.SetupFunction = async (app: Express.Application) => {
 
 		logout = (req, _res, next) => {
 			req.logout((error) => {
-				error ? next(error) : next();
+				if (error) {
+					return next(error);
+				}
+				next();
 			});
 		};
 	} else {

package/src/pinejs-session-store/pinejs-session-store.ts

@@ -50,7 +50,7 @@ const asCallback = async <T>(
 
 export class PinejsSessionStore extends Store {
 	public get = ((sid, callback) => {
-		asCallback(
+		void asCallback(
 			callback,
 			api.session
 				.get({
@@ -77,7 +77,7 @@ export class PinejsSessionStore extends Store {
 			data,
 			expiry_time: data?.cookie?.expires ?? null,
 		};
-		asCallback(
+		void asCallback(
 			callback,
 			api.session.put({
 				resource: 'session',
@@ -91,7 +91,7 @@ export class PinejsSessionStore extends Store {
 	}) as Store['set'];
 
 	public destroy = ((sid, callback) => {
-		asCallback(
+		void asCallback(
 			callback,
 			api.session.delete({
 				resource: 'session',
@@ -104,7 +104,7 @@ export class PinejsSessionStore extends Store {
 	}) as Store['destroy'];
 
 	public all = ((callback) => {
-		asCallback(
+		void asCallback(
 			callback,
 			api.session
 				.get({
@@ -124,7 +124,7 @@ export class PinejsSessionStore extends Store {
 	}) as Store['all'];
 
 	public clear = ((callback) => {
-		asCallback(
+		void asCallback(
 			callback,
 			// TODO: Use a truncate
 			api.session.delete({
@@ -137,7 +137,7 @@ export class PinejsSessionStore extends Store {
 	}) as Store['clear'];
 
 	public length = ((callback) => {
-		asCallback(
+		void asCallback(
 			callback,
 			api.session.get({
 				resource: 'session/',

package/src/sbvr-api/abstract-sql.ts

@@ -1,18 +1,18 @@
-import * as _ from 'lodash';
+import _ from 'lodash';
 
 import * as AbstractSQLCompiler from '@balena/abstract-sql-compiler';
 import type { BindKey } from '@balena/odata-parser';
 import {
-	ODataBinds,
+	type ODataBinds,
 	odataNameToSqlName,
 	isBindReference,
 } from '@balena/odata-to-abstract-sql';
 import deepFreeze = require('deep-freeze');
-import * as memoize from 'memoizee';
+import memoize from 'memoizee';
 import * as env from '../config-loader/env';
 import { BadRequestError, SqlCompilationError } from './errors';
 import * as sbvrUtils from './sbvr-utils';
-import { ODataRequest } from './uri-parser';
+import type { ODataRequest } from './uri-parser';
 
 const getMemoizedCompileRule = memoize(
 	(engine: AbstractSQLCompiler.Engines) =>
@@ -116,7 +116,7 @@ export const getAndCheckBindValues = async (
 					[dataType, value] = odataBinds[bindValue];
 					field = { dataType };
 				} else if (typeof bindValue === 'string') {
-					if (!odataBinds.hasOwnProperty(bindValue)) {
+					if (!Object.prototype.hasOwnProperty.call(odataBinds, bindValue)) {
 						console.error(
 							`Invalid binding '${bindValue}' for binds: `,
 							odataBinds,

package/src/sbvr-api/cached-compile.ts

@@ -1,6 +1,6 @@
 import type * as Fs from 'fs';
 
-import * as _ from 'lodash';
+import _ from 'lodash';
 
 const cacheFile = process.env.PINEJS_CACHE_FILE || '.pinejs-cache.json';
 let cache: null | {
@@ -12,7 +12,6 @@ let cache: null | {
 } = null;
 let fs: undefined | typeof Fs;
 try {
-	// tslint:disable-next-line:no-var-requires
 	fs = require('fs');
 } catch (e) {
 	// Ignore error

package/src/sbvr-api/common-types.ts

@@ -1,4 +1,4 @@
-export { AnyObject, Dictionary } from 'pinejs-client-core';
+export type { AnyObject, Dictionary } from 'pinejs-client-core';
 
 type Overwrite<T, U> = Pick<T, Exclude<keyof T, keyof U>> & U;
 export type RequiredField<T, F extends keyof T> = Overwrite<

package/src/sbvr-api/control-flow.ts

@@ -1,6 +1,6 @@
 import type { Resolvable } from './common-types';
 
-import * as _ from 'lodash';
+import _ from 'lodash';
 import { TypedError } from 'typed-error';
 
 export type MappingFunction = <T, U>(

package/src/sbvr-api/express-extension.ts

@@ -1,13 +1,17 @@
 // Augment express.js with pinejs-specific attributes via declaration merging.
 
-// tslint:disable-next-line:no-namespace
-declare namespace Express {
-	type PineUser = import('./sbvr-utils').User;
+declare global {
+	// eslint-disable-next-line @typescript-eslint/no-namespace
+	namespace Express {
+		type PineUser = import('./sbvr-utils').User;
 
-	// tslint:disable-next-line:no-empty-interface
-	interface User extends PineUser {}
-	interface Request {
-		user?: User;
-		apiKey?: import('./sbvr-utils').ApiKey;
+		// Augment Express.User to include the props of our PineUser.
+		// eslint-disable-next-line @typescript-eslint/no-empty-interface
+		interface User extends PineUser {}
+
+		interface Request {
+			user?: User;
+			apiKey?: import('./sbvr-utils').ApiKey;
+		}
 	}
 }

package/src/sbvr-api/hooks.ts

@@ -5,17 +5,17 @@ import type { AnyObject } from 'pinejs-client-core';
 import type { TypedError } from 'typed-error';
 import type { SupportedMethod } from '@balena/odata-to-abstract-sql';
 
-import * as _ from 'lodash';
+import _ from 'lodash';
 import { settleMapSeries } from './control-flow';
-import * as memoize from 'memoizee';
+import memoize from 'memoizee';
 import {
-	PinejsClient,
-	User,
-	ApiKey,
+	type PinejsClient,
+	type User,
+	type ApiKey,
 	resolveSynonym,
 	getAbstractSqlModel,
 	api,
-	Response,
+	type Response,
 } from './sbvr-utils';
 
 export interface HookReq {
@@ -29,6 +29,7 @@ export interface HookReq {
 	custom?: AnyObject;
 	tx?: Tx;
 	hooks?: InstantiatedHooks;
+	is?: (type: string | string[]) => string | false | null;
 }
 export interface HookArgs {
 	req: HookReq;
@@ -55,7 +56,7 @@ export interface Hooks {
 	) => HookResponse;
 	/** These are run in reverse translation order from newest to oldest */
 	'POSTRUN-ERROR'?: (
-		options: HookArgs & { error: TypedError | any },
+		options: HookArgs & { tx: Tx; error: TypedError | any },
 	) => HookResponse;
 }
 export type HookBlueprints = {
@@ -101,7 +102,7 @@ class SideEffectHook<T extends HookFn> extends Hook<T> {
 
 	public registerRollback(fn: RollbackAction): void {
 		if (this.rolledBack) {
-			(async () => {
+			void (async () => {
 				try {
 					await fn();
 				} catch {
@@ -140,7 +141,7 @@ export const rollbackRequestHooks = <T extends InstantiatedHooks>(
 	if (sideEffectHooks.length === 0) {
 		return;
 	}
-	settleMapSeries(sideEffectHooks, async (hook) => {
+	void settleMapSeries(sideEffectHooks, async (hook) => {
 		await hook.rollback();
 	});
 };
@@ -391,8 +392,7 @@ const getReadOnlyArgs = <T extends keyof Hooks>(
 		// If we don't have a tx then read-only/writable is irrelevant
 		return args;
 	}
-	let readOnlyArgs: typeof args;
-	readOnlyArgs = { ...args, tx: args.tx.asReadOnly() };
+	const readOnlyArgs: typeof args = { ...args, tx: args.tx.asReadOnly() };
 	if ((args as HookArgs).request != null) {
 		defineApi(modelName, readOnlyArgs as HookArgs);
 	}

package/src/sbvr-api/odata-response.ts

@@ -1,24 +1,30 @@
+import type {
+	AbstractSqlModel,
+	AbstractSqlTable,
+} from '@balena/abstract-sql-compiler';
+
+// Augment express.js with pinejs-specific attributes via declaration merging.
 declare module '@balena/abstract-sql-compiler' {
-	interface AbstractSqlTable {
+	export interface AbstractSqlTable {
 		fetchProcessingFields?: {
 			[field: string]: NonNullable<SbvrType['fetchProcessing']>;
 		};
 		localFields?: {
 			[odataName: string]: true;
 		};
+		webresourceFields?: {
+			[odataName: string]: true;
+		};
 	}
 }
 
-import type {
-	AbstractSqlModel,
-	AbstractSqlTable,
-} from '@balena/abstract-sql-compiler';
 import type { Result, Row } from '../database-layer/db';
 
 import { sqlNameToODataName } from '@balena/odata-to-abstract-sql';
-import sbvrTypes, { SbvrType } from '@balena/sbvr-types';
-import * as _ from 'lodash';
+import sbvrTypes, { type SbvrType } from '@balena/sbvr-types';
+import _ from 'lodash';
 import { resolveNavigationResource, resolveSynonym } from './sbvr-utils';
+import { getWebresourceHandler } from '../webresource-handler';
 
 const checkForExpansion = async (
 	vocab: string,
@@ -96,6 +102,20 @@ const getLocalFields = (table: AbstractSqlTable) => {
 	}
 	return table.localFields;
 };
+
+const getWebResourceFields = (table: AbstractSqlTable) => {
+	if (table.webresourceFields == null) {
+		table.webresourceFields = {};
+		for (const { fieldName, dataType } of table.fields) {
+			if (dataType === 'WebResource') {
+				const odataName = sqlNameToODataName(fieldName);
+				table.webresourceFields[odataName] = true;
+			}
+		}
+	}
+	return table.webresourceFields;
+};
+
 const getFetchProcessingFields = (table: AbstractSqlTable) => {
 	return (table.fetchProcessingFields ??= _(table.fields)
 		.filter(
@@ -138,20 +158,27 @@ export const process = async (
 		vocabulary: vocab,
 		resourceName,
 	});
+	const configuredWebResourceHandler = getWebresourceHandler();
 	const table = abstractSqlModel.tables[sqlResourceName];
 
 	const fieldNames = Object.keys(rows[0]);
 
 	const fetchProcessingFields = getFetchProcessingFields(table);
 	const processedFields = fieldNames.filter((fieldName) =>
-		fetchProcessingFields.hasOwnProperty(fieldName),
+		Object.prototype.hasOwnProperty.call(fetchProcessingFields, fieldName),
 	);
 
 	const localFields = getLocalFields(table);
 	// We check that it's not a local field, rather than that it is a foreign key because of the case where the foreign key is on the other resource
 	// and hence not known to this resource
 	const expandableFields = fieldNames.filter(
-		(fieldName) => !localFields.hasOwnProperty(fieldName),
+		(fieldName) =>
+			!Object.prototype.hasOwnProperty.call(localFields, fieldName),
+	);
+
+	const webresourceFields = getWebResourceFields(table);
+	const requiredSigningFields = fieldNames.filter((fieldName) =>
+		Object.prototype.hasOwnProperty.call(webresourceFields, fieldName),
 	);
 
 	const odataIdField = sqlNameToODataName(table.idField);
@@ -166,6 +193,25 @@ export const process = async (
 		}
 	}
 
+	if (
+		requiredSigningFields.length > 0 &&
+		configuredWebResourceHandler != null
+	) {
+		await Promise.all(
+			rows.map(async (row) => {
+				await Promise.all(
+					requiredSigningFields.map(async (fieldName) => {
+						if (row[fieldName] != null) {
+							row[fieldName] = await configuredWebResourceHandler.onPreRespond(
+								row[fieldName],
+							);
+						}
+					}),
+				);
+			}),
+		);
+	}
+
 	if (expandableFields.length > 0) {
 		await Promise.all(
 			rows.map(async (row) => {
@@ -192,5 +238,6 @@ export const prepareModel = (abstractSqlModel: AbstractSqlModel) => {
 	_.forEach(abstractSqlModel.tables, (table) => {
 		getLocalFields(table);
 		getFetchProcessingFields(table);
+		getWebResourceFields(table);
 	});
 };

package/src/sbvr-api/permissions.ts

@@ -28,17 +28,17 @@ import {
 	isBindReference,
 	type OData2AbstractSQL,
 	odataNameToSqlName,
-	ResourceFunction,
+	type ResourceFunction,
 	sqlNameToODataName,
 } from '@balena/odata-to-abstract-sql';
 import * as ODataParser from '@balena/odata-parser';
 
-import * as _ from 'lodash';
-import * as memoize from 'memoizee';
+import _ from 'lodash';
+import memoize from 'memoizee';
 import * as randomstring from 'randomstring';
 import * as env from '../config-loader/env';
 import * as sbvrUtils from '../sbvr-api/sbvr-utils';
-import { HookReq, addPureHook, addHook } from './hooks';
+import { type HookReq, addPureHook, addHook } from './hooks';
 import {
 	BadRequestError,
 	PermissionError,
@@ -48,11 +48,11 @@ import {
 	memoizedGetOData2AbstractSQL,
 	memoizedParseOdata,
 	metadataEndpoints,
-	ODataRequest,
+	type ODataRequest,
 } from './uri-parser';
 import memoizeWeak = require('memoizee/weak');
 
-// tslint:disable-next-line:no-var-requires
+// eslint-disable-next-line @typescript-eslint/no-var-requires
 const userModel: string = require('./user.sbvr');
 
 const DEFAULT_ACTOR_BIND = '@__ACTOR_ID';
@@ -87,7 +87,7 @@ interface NestedCheckOr<T> {
 interface NestedCheckAnd<T> {
 	and: NestedCheckArray<T>;
 }
-interface NestedCheckArray<T> extends Array<NestedCheck<T>> {}
+type NestedCheckArray<T> = Array<NestedCheck<T>>;
 type NestedCheck<T> =
 	| NestedCheckOr<T>
 	| NestedCheckAnd<T>
@@ -95,20 +95,18 @@ type NestedCheck<T> =
 	| T;
 type PermissionCheck = NestedCheck<string>;
 
-type MappedType<I, O> = O extends NestedCheck<infer T>
-	? Exclude<Exclude<I, string> | T, boolean>
-	: Exclude<Exclude<I, string> | O, boolean>;
-type MappedNestedCheck<
-	T extends NestedCheck<I>,
-	I,
-	O,
-> = T extends NestedCheckOr<I>
-	? NestedCheckOr<MappedType<I, O>>
-	: T extends NestedCheckAnd<I>
-	? NestedCheckAnd<MappedType<I, O>>
-	: T extends NestedCheckArray<I>
-	? NestedCheckArray<MappedType<I, O>>
-	: Exclude<I, string> | O;
+type MappedType<I, O> =
+	O extends NestedCheck<infer T>
+		? Exclude<Exclude<I, string> | T, boolean>
+		: Exclude<Exclude<I, string> | O, boolean>;
+type MappedNestedCheck<T extends NestedCheck<I>, I, O> =
+	T extends NestedCheckOr<I>
+		? NestedCheckOr<MappedType<I, O>>
+		: T extends NestedCheckAnd<I>
+			? NestedCheckAnd<MappedType<I, O>>
+			: T extends NestedCheckArray<I>
+				? NestedCheckArray<MappedType<I, O>>
+				: Exclude<I, string> | O;
 
 const methodPermissions: {
 	[method in Exclude<SupportedMethod, 'OPTIONS'>]: PermissionCheck;
@@ -175,22 +173,26 @@ const isAnd = <T>(x: any): x is NestedCheckAnd<T> =>
 	typeof x === 'object' && 'and' in x;
 const isOr = <T>(x: any): x is NestedCheckOr<T> =>
 	typeof x === 'object' && 'or' in x;
-export function nestedCheck<I extends {}, O>(
-	check: string,
+export function nestedCheck<I extends string, O>(
+	check: I,
 	stringCallback: (s: string) => O,
 ): O;
-export function nestedCheck<I extends {}, O>(
-	check: boolean,
+export function nestedCheck<I extends boolean, O>(
+	check: I,
 	stringCallback: (s: string) => O,
 ): boolean;
-export function nestedCheck<I extends {}, O>(
+export function nestedCheck<I extends NonNullable<unknown>, O>(
 	check: NestedCheck<I>,
 	stringCallback: (s: string) => O,
 ): Exclude<I, string> | O | MappedNestedCheck<typeof check, I, O>;
-export function nestedCheck<I extends {}, O>(
-	check: NestedCheck<I>,
+export function nestedCheck<I extends object, O>(
+	check: NestedCheck<I> | string | boolean,
 	stringCallback: (s: string) => O,
-): boolean | Exclude<I, string> | O | MappedNestedCheck<typeof check, I, O> {
+):
+	| boolean
+	| Exclude<I, string>
+	| O
+	| MappedNestedCheck<Exclude<typeof check, string | boolean>, I, O> {
 	if (typeof check === 'string') {
 		return stringCallback(check);
 	}
@@ -228,10 +230,11 @@ export function nestedCheck<I extends {}, O>(
 		}
 		const checkType = checkTypes[0];
 		switch (checkType.toUpperCase()) {
-			case 'AND':
+			case 'AND': {
 				const and = (check as NestedCheckAnd<I>)[checkType as 'and'];
 				return nestedCheck(and, stringCallback);
-			case 'OR':
+			}
+			case 'OR': {
 				const or = (check as NestedCheckOr<I>)[checkType as 'or'];
 				let results: any[] = [];
 				for (const subcheck of or) {
@@ -255,6 +258,7 @@ export function nestedCheck<I extends {}, O>(
 					};
 				}
 				return false;
+			}
 			default:
 				throw new Error('Cannot parse required checking logic: ' + checkType);
 		}
@@ -425,7 +429,7 @@ const convertToLambda = (filter: AnyObject, identifier: string) => {
 			}
 		}
 
-		if (object.hasOwnProperty('name')) {
+		if (Object.prototype.hasOwnProperty.call(object, 'name')) {
 			object.property = { ...object };
 			object.name = identifier;
 			delete object.lambda;
@@ -721,7 +725,7 @@ const deepFreezeExceptDefinition = (obj: AnyObject) => {
 		// We skip the definition because we know it's a property we've defined that will throw an error in some cases
 		if (
 			prop !== 'definition' &&
-			obj.hasOwnProperty(prop) &&
+			Object.prototype.hasOwnProperty.call(obj, prop) &&
 			obj[prop] !== null &&
 			!['object', 'function'].includes(typeof obj[prop])
 		) {
@@ -1030,9 +1034,14 @@ const getBoundConstrainedMemoizer = memoizeWeak(
 							if (!permissionsJSON) {
 								return;
 							}
-							const permissions = JSON.parse(permissionsJSON);
 
 							const table = tables[`${resourceName}$bypass`];
+							if (table == null) {
+								// If the table we're based upon doesn't exist then this table also shouldn't exist
+								return;
+							}
+
+							const permissions = JSON.parse(permissionsJSON);
 
 							const permissionsTable = (tables[permissionResourceName] = {
 								...table,
@@ -1508,7 +1517,7 @@ export const resolveApiKey = async (
 	tx?: Tx,
 ): Promise<PermissionReq['apiKey']> => {
 	const apiKey =
-		req.params?.[paramName] ?? req.body?.[paramName] ?? req.query?.[paramName];
+		req.params[paramName] ?? req.body[paramName] ?? req.query[paramName];
 	if (apiKey == null) {
 		return;
 	}