@bedrockio/model 0.1.33 → 0.2.0

package/src/delete-hooks.js

@@ -0,0 +1,343 @@
+import mongoose from 'mongoose';
+import { groupBy } from 'lodash';
+
+import { ReferenceError } from './errors';
+import { getInnerField } from './utils';
+
+const { ObjectId: SchemaObjectId } = mongoose.Schema.Types;
+
+export function applyDeleteHooks(schema, definition) {
+  let { onDelete: deleteHooks } = definition;
+
+  if (!deleteHooks) {
+    return;
+  }
+
+  const cleanLocal = validateCleanLocal(deleteHooks, schema);
+  const cleanForeign = validateCleanForeign(deleteHooks);
+  const errorHook = validateError(deleteHooks);
+
+  let references;
+
+  const deleteFn = schema.methods.delete;
+  const restoreFn = schema.methods.restore;
+
+  schema.method('delete', async function () {
+    if (errorHook) {
+      references ||= getAllReferences(this);
+      await errorOnForeignReferences(this, {
+        errorHook,
+        cleanForeign,
+        references,
+      });
+    }
+    try {
+      await deleteLocalReferences(this, cleanLocal);
+      await deleteForeignReferences(this, cleanForeign);
+    } catch (error) {
+      await restoreLocalReferences(this, cleanLocal);
+      await restoreForeignReferences(this);
+      throw error;
+    }
+    await deleteFn.apply(this, arguments);
+  });
+
+  schema.method('restore', async function () {
+    await restoreLocalReferences(this, cleanLocal);
+    await restoreForeignReferences(this);
+    await restoreFn.apply(this, arguments);
+  });
+
+  schema.add({
+    deletedRefs: [
+      {
+        _id: 'ObjectId',
+        ref: 'String',
+      },
+    ],
+  });
+}
+
+// Clean Hook
+
+function validateCleanLocal(deleteHooks, schema) {
+  let { local } = deleteHooks.clean || {};
+  if (!local) {
+    return;
+  }
+  if (typeof local !== 'string' && !Array.isArray(local)) {
+    throw new Error('Local delete hook must be an array.');
+  }
+  if (typeof local === 'string') {
+    local = [local];
+  }
+  for (let name of local) {
+    const pathType = schema.pathType(name);
+    if (pathType !== 'real') {
+      throw new Error(`Delete hook has invalid local reference "${name}".`);
+    }
+  }
+  return local;
+}
+
+function validateCleanForeign(deleteHooks) {
+  const { foreign } = deleteHooks.clean || {};
+  if (!foreign) {
+    return;
+  }
+  if (typeof foreign !== 'object') {
+    throw new Error('Foreign delete hook must be an object.');
+  }
+  for (let [modelName, arg] of Object.entries(foreign)) {
+    if (typeof arg === 'object') {
+      const { $and, $or } = arg;
+      if ($and && $or) {
+        throw new Error(
+          `Cannot define both $or and $and in a delete hook for model ${modelName}.`
+        );
+      }
+    }
+  }
+  return foreign;
+}
+
+function validateError(deleteHooks) {
+  let { errorOnReferenced } = deleteHooks;
+  if (!errorOnReferenced) {
+    return;
+  }
+
+  if (errorOnReferenced === true) {
+    errorOnReferenced = {};
+  }
+
+  return errorOnReferenced;
+}
+
+// Error on references
+
+async function errorOnForeignReferences(doc, options) {
+  const { errorHook, cleanForeign, references } = options;
+
+  if (!errorHook) {
+    return;
+  }
+
+  const { only, except } = errorHook;
+
+  assertModelNames(only);
+  assertModelNames(except);
+
+  const results = [];
+
+  for (let { model, paths } of references) {
+    if (referenceIsAllowed(errorHook, model)) {
+      continue;
+    }
+
+    const $or = paths
+      .filter((path) => {
+        if (cleanForeign) {
+          return cleanForeign[model.modelName] !== path;
+        }
+        return true;
+      })
+      .map((path) => {
+        return {
+          [path]: doc.id,
+        };
+      });
+
+    if (!$or.length) {
+      continue;
+    }
+
+    const docs = await model.find({ $or }, { _id: 1 }).lean();
+
+    if (docs.length > 0) {
+      const ids = docs.map((doc) => {
+        return String(doc._id);
+      });
+      results.push({
+        ids,
+        model,
+        count: ids.length,
+      });
+    }
+  }
+
+  if (results.length) {
+    const { modelName } = doc.constructor;
+    const refNames = results.map((reference) => {
+      return reference.model.modelName;
+    });
+    throw new ReferenceError(
+      `Refusing to delete ${modelName} referenced by ${refNames}.`,
+      results
+    );
+  }
+}
+
+function referenceIsAllowed(errorHook, model) {
+  const { only, except } = errorHook;
+  if (only) {
+    return !only.includes(model.modelName);
+  } else if (except) {
+    return except.includes(model.modelName);
+  } else {
+    return false;
+  }
+}
+
+function assertModelNames(arr = []) {
+  for (let val of arr) {
+    if (!mongoose.models[val]) {
+      throw new Error(`Unknown model "${val}".`);
+    }
+  }
+}
+
+function getAllReferences(doc) {
+  const targetName = doc.constructor.modelName;
+  return Object.values(mongoose.models)
+    .map((model) => {
+      const paths = getModelReferences(model, targetName);
+      return { model, paths };
+    })
+    .filter(({ paths }) => {
+      return paths.length > 0;
+    });
+}
+
+function getModelReferences(model, targetName) {
+  const paths = [];
+  model.schema.eachPath((schemaPath, schemaType) => {
+    if (schemaType instanceof SchemaObjectId && schemaPath[0] !== '_') {
+      const { ref, refPath } = schemaType.options;
+      let refs;
+      if (ref) {
+        refs = [ref];
+      } else if (refPath) {
+        refs = model.schema.path(refPath).options.enum;
+      } else {
+        throw new Error(
+          `Cannot derive refs for ${model.modelName}#${schemaPath}.`
+        );
+      }
+      if (refs.includes(targetName)) {
+        paths.push(schemaPath);
+      }
+    }
+  });
+  return paths;
+}
+
+// Deletion
+
+async function deleteLocalReferences(doc, arr) {
+  if (!arr) {
+    return;
+  }
+  for (let name of arr) {
+    await doc.populate(name);
+    const value = doc.get(name);
+    const arr = Array.isArray(value) ? value : [value];
+
+    for (let sub of arr) {
+      await sub.delete();
+    }
+  }
+}
+
+async function deleteForeignReferences(doc, refs) {
+  if (!refs) {
+    return;
+  }
+  const { id } = doc;
+  if (!id) {
+    throw new Error(`Refusing to apply delete hook to document without id.`);
+  }
+  for (let [modelName, arg] of Object.entries(refs)) {
+    const Model = mongoose.models[modelName];
+    if (typeof arg === 'string') {
+      await runDeletes(Model, doc, {
+        [arg]: id,
+      });
+    } else {
+      const { $and, $or } = arg;
+      if ($and) {
+        await runDeletes(Model, doc, {
+          $and: mapArrayQuery($and, id),
+        });
+      } else if ($or) {
+        await runDeletes(Model, doc, {
+          $or: mapArrayQuery($or, id),
+        });
+      }
+    }
+  }
+}
+
+async function runDeletes(Model, refDoc, query) {
+  const docs = await Model.find(query);
+  for (let doc of docs) {
+    await doc.delete();
+    refDoc.deletedRefs.push({
+      _id: doc.id,
+      ref: doc.constructor.modelName,
+    });
+  }
+}
+
+function mapArrayQuery(arr, id) {
+  return arr.map((refName) => {
+    return {
+      [refName]: id,
+    };
+  });
+}
+
+// Restore
+
+async function restoreLocalReferences(refDoc, arr) {
+  if (!arr) {
+    return;
+  }
+  for (let name of arr) {
+    const { ref } = getInnerField(refDoc.constructor.schema.obj, name);
+    const value = refDoc.get(name);
+    const ids = Array.isArray(value) ? value : [value];
+    const Model = mongoose.models[ref];
+
+    // @ts-ignore
+    const docs = await Model.findDeleted({
+      _id: { $in: ids },
+    });
+
+    for (let doc of docs) {
+      await doc.restore();
+    }
+  }
+}
+
+async function restoreForeignReferences(refDoc) {
+  const grouped = groupBy(refDoc.deletedRefs, 'ref');
+
+  for (let [modelName, refs] of Object.entries(grouped)) {
+    const ids = refs.map((ref) => {
+      return ref._id;
+    });
+    const Model = mongoose.models[modelName];
+
+    // @ts-ignore
+    const docs = await Model.findDeleted({
+      _id: { $in: ids },
+    });
+
+    for (let doc of docs) {
+      await doc.restore();
+    }
+  }
+
+  refDoc.deletedRefs = [];
+}

package/src/disallowed.js

@@ -1,27 +1,6 @@
 import warn from './warn';
 
 export function applyDisallowed(schema) {
-  schema.method(
-    'remove',
-    function () {
-      warn(
-        'The "remove" method on documents is disallowed due to ambiguity.',
-        'To permanently delete a document use "destroy", otherwise "delete".'
-      );
-      throw new Error('Method not allowed.');
-    },
-    {
-      suppressWarning: true,
-    }
-  );
-
-  schema.method('update', function () {
-    warn(
-      'The "update" method on documents is deprecated. Use "updateOne" instead.'
-    );
-    throw new Error('Method not allowed.');
-  });
-
   schema.method('deleteOne', function () {
     warn(
       'The "deleteOne" method on documents is disallowed due to ambiguity',
@@ -30,14 +9,6 @@ export function applyDisallowed(schema) {
     throw new Error('Method not allowed.');
   });
 
-  schema.static('remove', function () {
-    warn(
-      'The "remove" method on models is disallowed due to ambiguity.',
-      'To permanently delete a document use "destroyMany", otherwise "deleteMany".'
-    );
-    throw new Error('Method not allowed.');
-  });
-
   schema.static('findOneAndRemove', function () {
     warn(
       'The "findOneAndRemove" method on models is disallowed due to ambiguity.',

package/src/query.js

@@ -0,0 +1,15 @@
+// Wrapper that allows a mongoose query object to be returned
+// to access chained methods while still resolving with a
+// transformed value. Allows methods to behave like other find
+// methods and importantly allow custom population with the same API.
+export function wrapQuery(query, fn) {
+  const runQuery = query.then.bind(query);
+  query.then = async (resolve, reject) => {
+    try {
+      resolve(await fn(runQuery()));
+    } catch (err) {
+      reject(err);
+    }
+  };
+  return query;
+}

package/src/schema.js

@@ -8,8 +8,8 @@ import { applySlug } from './slug';
 import { applySearch } from './search';
 import { applyAssign } from './assign';
 import { applyInclude } from './include';
-import { applyReferences } from './references';
 import { applySoftDelete } from './soft-delete';
+import { applyDeleteHooks } from './delete-hooks';
 import { applyDisallowed } from './disallowed';
 
 import {
@@ -37,7 +37,10 @@ export function createSchema(definition, options = {}) {
       createdAt: 'Date',
       updatedAt: 'Date',
       deletedAt: 'Date',
-      deleted: { type: 'Boolean', default: false },
+      deleted: {
+        type: 'Boolean',
+        default: false,
+      },
     }),
     {
       timestamps: true,
@@ -47,10 +50,12 @@ export function createSchema(definition, options = {}) {
     }
   );
 
+  // Soft Delete needs to be applied
+  // first for hooks to work correctly.
+  applySoftDelete(schema);
   applyValidation(schema, definition);
+  applyDeleteHooks(schema, definition);
   applySearch(schema, definition);
-  applySoftDelete(schema);
-  applyReferences(schema);
   applyDisallowed(schema);
   applyInclude(schema);
   applyAssign(schema);

package/src/search.js

@@ -7,6 +7,7 @@ import { isDateField, isNumberField, getField } from './utils';
 import { SEARCH_DEFAULTS } from './const';
 import { OBJECT_ID_SCHEMA } from './validation';
 import { debug } from './env';
+import { wrapQuery } from './query';
 
 import warn from './warn';
 
@@ -48,33 +49,20 @@ export function applySearch(schema, definition) {
       .skip(skip)
       .limit(limit);
 
-    // The following construct is awkward but it allows the mongoose query
-    // object to be returned while still ultimately resolving with metadata
-    // so that this method can behave like other find methods and importantly
-    // allow custom population with the same API.
-
-    const runQuery = mQuery.then.bind(mQuery);
-
-    mQuery.then = async (resolve, reject) => {
-      try {
-        const [data, total] = await Promise.all([
-          runQuery(),
-          this.countDocuments(query),
-        ]);
-        resolve({
-          data,
-          meta: {
-            total,
-            skip,
-            limit,
-          },
-        });
-      } catch (err) {
-        reject(err);
-      }
-    };
-
-    return mQuery;
+    return wrapQuery(mQuery, async (promise) => {
+      const [data, total] = await Promise.all([
+        promise,
+        this.countDocuments(query),
+      ]);
+      return {
+        data,
+        meta: {
+          total,
+          skip,
+          limit,
+        },
+      };
+    });
   });
 }
 

package/src/serialization.js

@@ -4,6 +4,8 @@ import { checkSelects } from './include';
 import { hasReadAccess } from './access';
 import { getField, getInnerField } from './utils';
 
+const DISALLOWED_FIELDS = ['deleted', 'deletedRefs'];
+
 export const serializeOptions = {
   getters: true,
   versionKey: false,
@@ -18,6 +20,8 @@ function transformField(obj, field, options) {
   if (Array.isArray(obj)) {
     for (let el of obj) {
       transformField(el, field, options);
+      // Delete ids in array elements.
+      delete el.id;
     }
   } else if (isPlainObject(obj)) {
     for (let [key, val] of Object.entries(obj)) {
@@ -34,7 +38,7 @@ function isAllowedField(key, field, options) {
   if (key[0] === '_') {
     // Strip internal keys like _id and __v
     return false;
-  } else if (key === 'deleted') {
+  } else if (DISALLOWED_FIELDS.includes(key)) {
     // Strip "deleted" field which defaults
     // to false and should not be exposed.
     return false;