@base44-preview/cli 0.0.50-pr.481.d091ce8 → 0.0.50-pr.481.dbe6b4f

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/cli/index.js +29 -43
  2. package/dist/cli/index.js.map +4 -4
  3. package/package.json +1 -1
package/dist/cli/index.js CHANGED
@@ -253962,6 +253962,8 @@ function evaluateOperator(recordValue, operator) {
253962
253962
  return false;
253963
253963
  }
253964
253964
  break;
253965
+ default:
253966
+ return false;
253965
253967
  }
253966
253968
  }
253967
253969
  return true;
@@ -254216,9 +254218,15 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254216
254218
  const parseBody = import_express4.json();
254217
254219
  function withCollection(handler) {
254218
254220
  return async (req, res) => {
254219
- const collection = db2.getCollection(req.params.entityName);
254221
+ const { entityName } = req.params;
254222
+ const collection = db2.getCollection(entityName);
254220
254223
  if (!collection) {
254221
- res.status(404).json({ error: `Entity "${req.params.entityName}" not found` });
254224
+ res.status(404).json({ error: `Entity "${entityName}" not found` });
254225
+ return;
254226
+ }
254227
+ const schema10 = db2.getSchema(entityName);
254228
+ if (!schema10) {
254229
+ res.status(404).json({ error: `Schema for "${entityName}" not found` });
254222
254230
  return;
254223
254231
  }
254224
254232
  let currentUser;
@@ -254227,7 +254235,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254227
254235
  const { payload } = import_jsonwebtoken3.default.decode(auth2.replace("Bearer ", ""), { complete: true }) ?? {};
254228
254236
  currentUser = await db2.getCollection(USER_COLLECTION)?.findOneAsync({ email: payload?.sub });
254229
254237
  } catch {}
254230
- await handler(req, res, collection, currentUser);
254238
+ await handler(req, res, collection, schema10, currentUser);
254231
254239
  };
254232
254240
  }
254233
254241
  function emit(appId, entityName, type, data) {
@@ -254247,7 +254255,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254247
254255
  }
254248
254256
  const userRouter = createUserRouter(db2, logger2);
254249
254257
  router.use("/User", userRouter);
254250
- router.get("/:entityName/:id", withCollection(async (req, res, collection, currentUser) => {
254258
+ router.get("/:entityName/:id", withCollection(async (req, res, collection, schema10, currentUser) => {
254251
254259
  const { entityName, id: id2 } = req.params;
254252
254260
  try {
254253
254261
  const doc2 = await collection.findOneAsync({ id: id2 });
@@ -254255,38 +254263,27 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254255
254263
  res.status(404).json({ error: `Record with id "${id2}" not found` });
254256
254264
  return;
254257
254265
  }
254258
- const schema10 = db2.getSchema(entityName);
254259
- if (!checkRLS(schema10?.rls?.read, doc2, currentUser)) {
254266
+ if (!checkRLS(schema10.rls?.read, doc2, currentUser)) {
254260
254267
  res.status(404).json({
254261
254268
  message: `Entity ${entityName} with ID ${id2} not found`
254262
254269
  });
254263
254270
  return;
254264
254271
  }
254265
- let result = stripInternalFields(doc2);
254266
- if (schema10) {
254267
- result = applyFLS(result, schema10, currentUser, "read");
254268
- }
254272
+ const result = applyFLS(stripInternalFields(doc2), schema10, currentUser, "read");
254269
254273
  res.json(result);
254270
254274
  } catch (error48) {
254271
254275
  logger2.error(`Error in GET /${entityName}/${id2}:`, error48);
254272
254276
  res.status(500).json({ error: "Internal server error" });
254273
254277
  }
254274
254278
  }));
254275
- router.get("/:entityName", withCollection(async (req, res, collection, currentUser) => {
254279
+ router.get("/:entityName", withCollection(async (req, res, collection, schema10, currentUser) => {
254276
254280
  const { entityName } = req.params;
254277
254281
  try {
254278
- const schema10 = db2.getSchema(entityName);
254279
- if (schema10?.rls?.read === false) {
254280
- res.json([]);
254281
- return;
254282
- }
254283
254282
  let results = stripInternalFields(await queryEntity(collection, req.query));
254284
- if (schema10?.rls?.read && schema10.rls.read !== true) {
254283
+ if (schema10.rls?.read && schema10.rls.read !== true) {
254285
254284
  results = results.filter((doc2) => checkRLS(schema10.rls.read, doc2, currentUser));
254286
254285
  }
254287
- if (schema10) {
254288
- results = results.map((doc2) => applyFLS(doc2, schema10, currentUser, "read"));
254289
- }
254286
+ results = results.map((doc2) => applyFLS(doc2, schema10, currentUser, "read"));
254290
254287
  res.json(results);
254291
254288
  } catch (error48) {
254292
254289
  if (error48 instanceof InvalidInputError) {
@@ -254297,12 +254294,11 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254297
254294
  }
254298
254295
  }
254299
254296
  }));
254300
- router.post("/:entityName", parseBody, withCollection(async (req, res, collection, currentUser) => {
254297
+ router.post("/:entityName", parseBody, withCollection(async (req, res, collection, schema10, currentUser) => {
254301
254298
  const { appId, entityName } = req.params;
254302
254299
  try {
254303
254300
  const now = new Date().toISOString();
254304
254301
  const { _id, ...body } = req.body;
254305
- const schema10 = db2.getSchema(entityName);
254306
254302
  if (!checkRLS(schema10?.rls?.create, {
254307
254303
  ...body,
254308
254304
  created_by: currentUser?.email,
@@ -254311,10 +254307,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254311
254307
  res.status(403).json({ error: "Permission denied" });
254312
254308
  return;
254313
254309
  }
254314
- let filteredBody = db2.prepareRecord(entityName, body);
254315
- if (schema10) {
254316
- filteredBody = applyFLS(filteredBody, schema10, currentUser, "write");
254317
- }
254310
+ const filteredBody = applyFLS(db2.prepareRecord(entityName, body), schema10, currentUser, "write");
254318
254311
  db2.validate(entityName, filteredBody);
254319
254312
  const record2 = {
254320
254313
  ...filteredBody,
@@ -254324,7 +254317,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254324
254317
  created_date: now,
254325
254318
  updated_date: now
254326
254319
  };
254327
- const inserted = stripInternalFields(await collection.insertAsync(record2));
254320
+ const inserted = applyFLS(stripInternalFields(await collection.insertAsync(record2)), schema10, currentUser, "read");
254328
254321
  emit(appId, entityName, "create", inserted);
254329
254322
  res.status(201).json(inserted);
254330
254323
  } catch (error48) {
@@ -254336,7 +254329,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254336
254329
  res.status(500).json({ error: "Internal server error" });
254337
254330
  }
254338
254331
  }));
254339
- router.post("/:entityName/bulk", parseBody, withCollection(async (req, res, collection, currentUser) => {
254332
+ router.post("/:entityName/bulk", parseBody, withCollection(async (req, res, collection, schema10, currentUser) => {
254340
254333
  const { appId, entityName } = req.params;
254341
254334
  if (!Array.isArray(req.body)) {
254342
254335
  res.status(400).json({ error: "Request body must be an array" });
@@ -254344,7 +254337,6 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254344
254337
  }
254345
254338
  try {
254346
254339
  const now = new Date().toISOString();
254347
- const schema10 = db2.getSchema(entityName);
254348
254340
  const records = [];
254349
254341
  for (const record2 of req.body) {
254350
254342
  if (!checkRLS(schema10?.rls?.create, {
@@ -254381,12 +254373,11 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254381
254373
  res.status(500).json({ error: "Internal server error" });
254382
254374
  }
254383
254375
  }));
254384
- router.put("/:entityName/:id", parseBody, withCollection(async (req, res, collection, currentUser) => {
254376
+ router.put("/:entityName/:id", parseBody, withCollection(async (req, res, collection, schema10, currentUser) => {
254385
254377
  const { appId, entityName, id: id2 } = req.params;
254386
254378
  const { id: _id, created_date: _created_date, ...body } = req.body;
254387
254379
  try {
254388
- const schema10 = db2.getSchema(entityName);
254389
- if (schema10?.rls?.update !== undefined) {
254380
+ if (schema10.rls?.update !== undefined) {
254390
254381
  const existing = await collection.findOneAsync({ id: id2 });
254391
254382
  if (!existing) {
254392
254383
  res.status(404).json({ error: `Record with id "${id2}" not found` });
@@ -254399,10 +254390,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254399
254390
  return;
254400
254391
  }
254401
254392
  }
254402
- let filteredBody = db2.prepareRecord(entityName, body, true);
254403
- if (schema10) {
254404
- filteredBody = applyFLS(filteredBody, schema10, currentUser, "write");
254405
- }
254393
+ const filteredBody = applyFLS(db2.prepareRecord(entityName, body, true), schema10, currentUser, "write");
254406
254394
  db2.validate(entityName, filteredBody, true);
254407
254395
  const updateData = {
254408
254396
  ...filteredBody,
@@ -254413,7 +254401,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254413
254401
  res.status(404).json({ error: `Record with id "${id2}" not found` });
254414
254402
  return;
254415
254403
  }
254416
- const updated = stripInternalFields(result.affectedDocuments);
254404
+ const updated = applyFLS(stripInternalFields(result.affectedDocuments), schema10, currentUser, "read");
254417
254405
  emit(appId, entityName, "update", updated);
254418
254406
  res.json(updated);
254419
254407
  } catch (error48) {
@@ -254425,7 +254413,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254425
254413
  res.status(500).json({ error: "Internal server error" });
254426
254414
  }
254427
254415
  }));
254428
- router.delete("/:entityName/:id", withCollection(async (req, res, collection, currentUser) => {
254416
+ router.delete("/:entityName/:id", withCollection(async (req, res, collection, schema10, currentUser) => {
254429
254417
  const { appId, entityName, id: id2 } = req.params;
254430
254418
  try {
254431
254419
  const doc2 = await collection.findOneAsync({ id: id2 });
@@ -254433,8 +254421,7 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254433
254421
  res.status(404).json({ error: `Record with id "${id2}" not found` });
254434
254422
  return;
254435
254423
  }
254436
- const schema10 = db2.getSchema(entityName);
254437
- if (!checkRLS(schema10?.rls?.delete, doc2, currentUser)) {
254424
+ if (!checkRLS(schema10.rls?.delete, doc2, currentUser)) {
254438
254425
  res.status(404).json({
254439
254426
  message: `Entity ${entityName} with ID ${id2} not found`
254440
254427
  });
@@ -254448,11 +254435,10 @@ async function createEntityRoutes(db2, logger2, broadcast) {
254448
254435
  res.status(500).json({ error: "Internal server error" });
254449
254436
  }
254450
254437
  }));
254451
- router.delete("/:entityName", parseBody, withCollection(async (req, res, collection, currentUser) => {
254438
+ router.delete("/:entityName", parseBody, withCollection(async (req, res, collection, schema10, currentUser) => {
254452
254439
  const { entityName } = req.params;
254453
254440
  try {
254454
254441
  const query = req.body || {};
254455
- const schema10 = db2.getSchema(entityName);
254456
254442
  const rlsDelete = schema10?.rls?.delete;
254457
254443
  if (rlsDelete !== undefined && rlsDelete !== true) {
254458
254444
  if (rlsDelete === false) {
@@ -260882,4 +260868,4 @@ export {
260882
260868
  CLIExitError
260883
260869
  };
260884
260870
 
260885
- //# debugId=18683176A875C40664756E2164756E21
260871
+ //# debugId=731CCB72EF64A04D64756E2164756E21