@design-edito/cli 0.0.78 → 0.0.80

package/make-template/assets/express-api/src/errors/index.ts

@@ -0,0 +1,128 @@
+import {
+  FilterQuery as MongooseFilterQuery,
+  Model as MongooseModel
+} from 'mongoose'
+import { Errors } from '@design-edito/tools/agnostic/errors'
+import { Outcome } from '@design-edito/tools/agnostic/misc/outcome'
+
+export enum Codes {
+  // UNKNOWN
+  UNKNOWN_ERROR = 'unknown-error',
+
+  // AUTH
+  USER_NOT_AUTHENTICATED = 'user-not-authenticated',
+  USER_NOT_AUTHORIZED = 'user-not-authorized',
+  USER_DOES_NOT_EXIST = 'user-does-not-exist',
+  USER_EMAIL_DOES_NOT_EXIST = 'user-email-does-not-exist',
+  USERNAME_ALREADY_TAKEN = 'username-already-taken',
+  EMAIL_ADDRESS_ALREADY_TAKEN = 'email-address-already-taken',
+  USER_EMAIL_VERIFICATION_TOKEN_NOT_PROVIDED = 'user-email-verification-token-not-provided',
+  USER_EMAIL_VERIFICATION_TOKEN_DOES_NOT_EXIST = 'user-email-verification-token-does-not-exist',
+  USER_EMAIL_VERIFICATION_PROCESS_FAILED = 'user-email-verification-process-failed',
+  USER_EMAIL_ALREADY_VERIFIED = 'user-email-already-verified',
+  INVALID_CREDENTIALS = 'invalid-credentials',
+  USER_PASSWORD_RENEWAL_TOKEN_DOES_NOT_EXIST = 'user-password-renewal-token-does-not-exist',
+
+  // REQUESTS
+  INVALID_REQUEST_BODY = 'invalid-request-body',
+
+  // DATABASE
+  DB_ERROR = 'db-error',
+  DB_NO_DOCUMENT_MATCHES_FILTER = 'db-no-document-matches-filter'
+}
+
+export const source = Errors.Register.makeSource({
+  [Codes.UNKNOWN_ERROR]: {
+    message: 'An unknown error occured',
+    detailsMaker: (details?: string) => details
+  },
+
+  [Codes.USER_NOT_AUTHENTICATED]: {
+    message: 'User must be authenticated.',
+    detailsMaker: (details?: string) => details
+  },
+
+  [Codes.USER_NOT_AUTHORIZED]: {
+    message: 'User has not sufficient permissions',
+    detailsMaker: (details?: string) => details
+  },
+
+  [Codes.USER_DOES_NOT_EXIST]: {
+    message: 'Impossible to retreive user information',
+    detailsMaker: (userId: string) => ({ userId })
+  },
+
+  [Codes.USER_EMAIL_DOES_NOT_EXIST]: {
+    message: 'This email is not tied to any user account.',
+    detailsMaker: (email: string) => ({ email })
+  },
+
+  [Codes.USERNAME_ALREADY_TAKEN]: {
+    message: 'This username is already taken',
+    detailsMaker: (username: string) => ({ username })
+  },
+
+  [Codes.EMAIL_ADDRESS_ALREADY_TAKEN]: {
+    message: 'This email address is already taken',
+    detailsMaker: (email: string) => ({ email })
+  },
+
+  [Codes.USER_EMAIL_VERIFICATION_TOKEN_NOT_PROVIDED]: {
+    message: 'This endpoint expects a token in the URL to process the validation',
+    detailsMaker: () => undefined
+  },
+
+  [Codes.USER_EMAIL_VERIFICATION_TOKEN_DOES_NOT_EXIST]: {
+    message: 'The email verification token provided does not exist',
+    detailsMaker: () => undefined
+  },
+
+  [Codes.USER_EMAIL_VERIFICATION_PROCESS_FAILED]: {
+    message: 'Something went wrong while updating the user verification status',
+    detailsMaker: (details: string) => details
+  },
+
+  [Codes.USER_EMAIL_ALREADY_VERIFIED]: {
+    message: 'This user already verified their email',
+    detailsMaker: (email: string) => ({ email })
+  },
+
+  [Codes.INVALID_CREDENTIALS]: {
+    message: 'The provided credentials are invalid',
+    detailsMaker: () => undefined
+  },
+
+  [Codes.USER_PASSWORD_RENEWAL_TOKEN_DOES_NOT_EXIST]: {
+    message: 'The password renewal token provided does not exist',
+    detailsMaker: (email: string, token: string) => ({ email, token })
+  },
+
+  [Codes.INVALID_REQUEST_BODY]: {
+    message: 'The request body provided could not be used for the operation',
+    detailsMaker: ((body: any, error: string) => ({ body, error }))
+  },
+
+  [Codes.DB_ERROR]: {
+    message: 'The database returned an error',
+    detailsMaker: ((dbError: string) => ({ dbError }))
+  },
+
+  [Codes.DB_NO_DOCUMENT_MATCHES_FILTER]: {
+    message: 'No document matches the provided filter',
+    detailsMaker: <M extends MongooseModel<any>>(
+      model: M,
+      filter: MongooseFilterQuery<M extends MongooseModel<infer DocType> ? DocType : never>
+    ) => ({ collection: model.name, filter })
+  }
+} as const)
+
+export const register = Errors.Register.from(source)
+
+export type ErrorData<Code extends Codes> = Errors.Register.ErrorData<typeof source, Code>
+
+export function makeFailureOutcome<Code extends Codes> (
+  code: Code,
+  ...params: Errors.Register.DetailsMakerParams<typeof register.source, Code>) {
+  const errData = register.getErrorData(code, ...params)
+  return Outcome.makeFailure(errData)
+}

package/make-template/assets/express-api/src/index.ts

@@ -0,0 +1,42 @@
+import path from 'node:path'
+import { fileURLToPath } from 'node:url'
+import cookieParser from 'cookie-parser'
+import cors from 'cors'
+import express from 'express'
+import logger from 'morgan'
+import * as Api from './api'
+import { makeRouter } from './api/utils'
+import * as Jwt from './jwt'
+import * as Database from'./database'
+import * as Init from './init'
+import { serve } from './www'
+
+// Prepare to gracefully shutdon the server if needed
+Init.captureTerminationSignals()
+
+// App setup
+const app = express()
+app.use(cors()) // [WIP] configure cors and allowed origins
+app.use(logger('dev')) // [WIP] configure logger for prod an all
+app.use(express.json())
+app.use(express.urlencoded({ extended: false }))
+app.use(cookieParser())
+
+// Static files
+const ROOT = path.dirname(fileURLToPath(import.meta.url))
+const PUBLIC = path.join(ROOT, 'public')
+app.use(express.static(PUBLIC))
+
+// Authentication
+app.use(Jwt.authenticate)
+
+// API endpoints
+app.use('/', makeRouter(Api.Endpoints))
+
+// Database connection
+await Database.connect()
+await Init.ensureRootUser()
+await Init.scheduleCronTasks()
+
+// Start server
+serve(app)

package/make-template/assets/express-api/src/init/index.ts

@@ -0,0 +1,156 @@
+import Agenda from 'agenda'
+import { Types as MongooseTypes } from 'mongoose'
+import { Logs } from '@design-edito/tools/agnostic/misc/logs'
+import { unknownToString } from '@design-edito/tools/agnostic/errors/unknown-to-string'
+import { Duration } from '@design-edito/tools/agnostic/time/duration'
+import * as Database from'../database'
+import {
+  ROOT_USER_ID,
+  ROOT_USER_PWD,
+  ROOT_USER_EMAIL,
+  ROOT_USER_NAME,
+  DB_RESERVED_AGENDA_JOBS_COLLECTION_NAME,
+  REFRESH_TOKEN_EXPIRATION_SECONDS
+} from '../env'
+import * as User from '../schema/user'
+import { UserEmailValidationTokenModel } from '../schema/user-email-validation-token'
+import { UserPasswordRenewalTokenModel } from '../schema/user-password-renewal-token'
+import { UserRevokedTokenModel } from '../schema/user-revoked-auth-token'
+
+export async function ensureRootUser () {
+  console.log(Logs.styles.info('Ensuring ROOT user...'))
+  try {
+    // [WIP] use Database helpers here ?
+    const rootUsersViaRole = await User.LocalUserModel.find({ role: User.Role.ROOT }).exec()
+    const rootUsersViaId = await User.LocalUserModel.find({ _id: ROOT_USER_ID }).exec()
+    const rootUsersWithDuplicates = [...rootUsersViaRole, ...rootUsersViaId]
+    const rootUsersIdsSet = new Set(rootUsersWithDuplicates.map(usr => usr._id.toString()))
+
+    // No ROOT user found
+    if (rootUsersIdsSet.size === 0) {
+      const newRootUser = new User.LocalUserModel({
+        _id: new MongooseTypes.ObjectId(ROOT_USER_ID),
+        username: ROOT_USER_NAME,
+        email: ROOT_USER_EMAIL,
+        password: ROOT_USER_PWD,
+        role: User.Role.ROOT,
+        status: User.Status.ACTIVE,
+        verified: true
+      })
+      const rootUserInserted = await Database.insertOne<User.ILocalUser>(
+        User.LocalUserModel,
+        newRootUser,
+        { initiatorId: ROOT_USER_ID }
+      )
+      if (!rootUserInserted.success) {
+        console.log(Logs.styles.danger('Something went wrong while creating ROOT user. Shutting down'))
+        const { message, details } = rootUserInserted.error
+        console.log(Logs.styles.error(message))
+        console.log(Logs.styles.error(details.dbError))
+        return await shutdown(1)
+      }
+      console.log(Logs.styles.important('ROOT user created'))
+      return
+    }
+
+    // Many ROOT users found
+    if (rootUsersIdsSet.size > 1) {
+      console.log(Logs.styles.danger('Multiple ROOT users found, shutting down'))
+      return await shutdown(1)
+    }
+
+    // Single ROOT user found
+    console.log(Logs.styles.regular('ROOT user exists'))
+
+  } catch (err) {
+    console.log(Logs.styles.danger('An unknown error occured while initing the database'))
+    console.log(Logs.styles.error(unknownToString(err)))
+    return await shutdown(1)
+  }
+}
+
+let agenda: Agenda | null = null
+async function startAgenda (): Promise<void> {
+  if (agenda !== null) return;
+  agenda = new Agenda()
+  agenda.database(Database.connectionString, DB_RESERVED_AGENDA_JOBS_COLLECTION_NAME)
+  agenda.processEvery('1 minute')
+  await new Promise<void>((resolve, reject) => {
+    agenda!.once('ready', resolve)
+    agenda!.once('error', reject)
+  })
+  await agenda.start()
+}
+
+async function scheduleCronTask (name: string, interval: string, worker: () => void | Promise<void>) {
+  try {
+    await startAgenda()
+    agenda!.define(name, worker)
+    await agenda!.every(interval, name)
+  } catch (err) {
+    console.log(Logs.styles.danger('An unknown error occured while initing the cron tasks'))
+    console.log(Logs.styles.error(unknownToString(err)))
+    return await shutdown(1)
+  }
+}
+
+export async function scheduleCronTasks () {
+  await scheduleCronTask('ENSURE_ROOT_USER', '1 minute', () => ensureRootUser())
+  await scheduleCronTask('CLEANUP_USER_EMAIL_VERIFICATION_TOKENS', '5 minutes', async () => {
+    const now = new Date()
+    const deleted = await Database.deleteMany(
+      UserEmailValidationTokenModel,
+      { expiresOn: { $lt: now } },
+      { initiatorId: ROOT_USER_ID }
+    )
+    if (!deleted.success) return; // [WIP] what to do with the error ? Send mail ?
+    return
+  })
+  await scheduleCronTask('CLEANUP_USER_REVOKED_AUTH_TOKENS', '5 minutes', async () => {
+    const now = Date.now()
+    const refreshTokenLifetimeSeconds = REFRESH_TOKEN_EXPIRATION_SECONDS
+    const refreshTokenLifetimeMs = Duration.seconds(refreshTokenLifetimeSeconds).toMilliseconds()
+    const oldEnoughRevokedTokensThreshold = new Date(now - (refreshTokenLifetimeMs * 5))
+    const deleted = await Database.deleteMany(
+      UserRevokedTokenModel,
+      { revokedOn: { $lt: oldEnoughRevokedTokensThreshold } },
+      { initiatorId: ROOT_USER_ID }
+    )
+    if (!deleted.success) return; // [WIP] what to do with the error ? Send mail ?
+    return
+  })
+  await scheduleCronTask('CLEANUP_USER_PASSWORD_RENEWAL_TOKENS', '5 minutes', async () => {
+    const now = new Date()
+    const deleted = await Database.deleteMany(
+      UserPasswordRenewalTokenModel,
+      { expiresOn: { $lt: now } },
+      { initiatorId: ROOT_USER_ID }
+    )
+    if (!deleted.success) return; // [WIP] what to do with the error ? Send mail ?
+    return
+  })
+}
+
+export function captureTerminationSignals () {
+  process.on('SIGINT', async () => {
+    console.log('SIGINT received.')
+    await shutdown(0)
+  })
+
+  process.on('SIGTERM', async () => {
+    console.log('SIGTERM received.')
+    await shutdown(0)
+  })
+}
+
+export async function gracefulShutdown () {
+  if (agenda !== null) await agenda.stop()
+  await Database.disconnect()
+}
+
+export async function shutdown (code: number) {
+  console.log('Running cleanup tasks...')
+  await gracefulShutdown()
+  console.log('Cleanup complete. Exiting...')
+  process.exit(code)
+}

package/make-template/assets/express-api/src/jwt/index.ts

@@ -0,0 +1,105 @@
+import { Request, Response, NextFunction } from 'express'
+import jwt from 'jsonwebtoken'
+import { Outcome } from '@design-edito/tools/agnostic/misc/outcome'
+import { isNonNullObject } from '@design-edito/tools/agnostic/objects/is-object'
+import * as Database from '../database'
+import {
+  MODE,
+  JWT_SECRET,
+  ACCESS_TOKEN_EXPIRATION_SECONDS,
+  REFRESH_TOKEN_EXPIRATION_SECONDS,
+  ACCESS_TOKEN_RENEWAL_THRESHOLD_SECONDS,
+  ACCESS_TOKEN_MAX_REFRESH_COUNT,
+  ROOT_USER_ID
+} from '../env'
+import { BaseUserModel } from '../schema/user'
+import { UserRevokedTokenModel } from '../schema/user-revoked-auth-token'
+
+declare global {
+  namespace Express {
+    interface Locals {
+      accessTokenSigned?: string
+      accessTokenPayload?: Payload
+      refreshTokenSigned?: string
+      refreshTokenPayload?: Payload
+    }
+  }
+}
+
+type Payload = {
+  userId: string
+  exp: number
+  refreshCount: number
+}
+
+export function isValidPayload (payload: unknown): payload is Payload {
+  if (!isNonNullObject(payload)) return false
+  if (!('userId' in payload)) return false
+  if (typeof payload.userId !== 'string') return false
+  if (!('exp' in payload)) return false
+  if (typeof payload.exp !== 'number') return false
+  if (!('refreshCount' in payload)) return false
+  if (typeof payload.refreshCount !== 'number') return false
+  return true
+}
+
+export async function generateAccessToken (userId: string, refreshCount: number) {
+  const foundUser = await Database.findOne(BaseUserModel, { _id: userId }, { initiatorId: ROOT_USER_ID })
+  if (!foundUser.success) return foundUser
+  const payload: Omit<Payload, 'exp'> = { userId, refreshCount }
+  const options: jwt.SignOptions = { expiresIn: ACCESS_TOKEN_EXPIRATION_SECONDS }
+  return Outcome.makeSuccess(jwt.sign(payload, JWT_SECRET, options))
+}
+
+export async function generateRefreshToken (userId: string, refreshCount: number) {
+  const foundUser = await Database.findOne(BaseUserModel, { _id: userId }, { initiatorId: ROOT_USER_ID })
+  if (!foundUser.success) return foundUser
+  const payload: Omit<Payload, 'exp'> = { userId, refreshCount }
+  const options: jwt.SignOptions = { expiresIn: REFRESH_TOKEN_EXPIRATION_SECONDS }
+  return Outcome.makeSuccess(jwt.sign(payload, JWT_SECRET, options))
+}
+
+export async function authenticate (req: Request, res: Response, next: NextFunction) {
+  const authHeader = req.headers.authorization
+  if (authHeader === undefined || !authHeader.startsWith('Bearer ')) return next()
+  const token = authHeader.split(' ')[1]
+  if (token === undefined) return next()
+  try {
+    const decoded = jwt.verify(token, JWT_SECRET)
+    const validated = isValidPayload(decoded)
+    if (!validated) return next()
+    const now = Math.floor(Date.now() / 1000)
+    const { userId, exp, refreshCount } = decoded
+    const accessTokenAlmostStale = exp - now < ACCESS_TOKEN_RENEWAL_THRESHOLD_SECONDS
+    const accessTokenCanRenew = refreshCount < ACCESS_TOKEN_MAX_REFRESH_COUNT
+    const accessTokenShouldRenew = accessTokenAlmostStale && accessTokenCanRenew
+    if (accessTokenShouldRenew) {
+      const foundRevokedToken = await Database.findOne(
+        UserRevokedTokenModel,
+        { value: token },
+        { initiatorId: ROOT_USER_ID }
+      )
+      if (foundRevokedToken.success) return next()
+      const newToken = generateAccessToken(userId, refreshCount + 1)
+      res.setHeader('Authorization', `Bearer ${newToken}`)
+    }
+    res.locals.accessTokenSigned = token
+    res.locals.accessTokenPayload = decoded
+    return next()
+  } catch (err) {
+    // [WIP] Maybe log something ?
+    return next()
+  }
+}
+
+export function attachAccessTokenToRes (res: Response, token: string) {
+  res.setHeader('Authorization', `Bearer ${token}`)
+}
+
+export function attachRefreshTokenToRes (res: Response, token: string) {
+  res.cookie('refreshToken', token, {
+    httpOnly: true,
+    secure: MODE === 'production',
+    sameSite: 'strict'
+  })
+}

package/make-template/assets/express-api/src/public/index.css

@@ -0,0 +1,7 @@
+html {
+  font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;
+}
+
+button {
+  cursor: pointer;
+}

package/make-template/assets/express-api/src/public/index.html

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <script type="module" src="./index.js"></script>
+    <link rel="stylesheet" href="./index.css">
+  </head>
+  <body>
+    <h1>LM-Publisher</h1>
+
+    <button class="create-random-project">Create random project</button>
+
+  </body>
+</html>

package/make-template/assets/express-api/src/public/index.js

@@ -0,0 +1,31 @@
+const $responses = document.querySelector('.requests')
+const $createRandomProject = document.querySelector('.create-random-project')
+
+async function fetchAndLog (url, method, body) {
+  const id = Math.random().toString(36).slice(2)
+  console.log('%cSending request...', 'font-weight: 600')
+  console.log('id:', id)
+  console.log(`${method}:`, url)
+  const response = await window.fetch(url, {
+    method,
+    body: JSON.stringify(body),
+    headers: { 'Content-Type': 'application/json' }
+  })
+  const json = await response.json()
+  console.log('%cReceived response', 'font-weight: 600')
+  console.log('id:', id)
+  console.log(`${method}:`, url)
+  console.log('body:', body)
+  console.log('response:', response)
+  console.log('json:', json)
+}
+
+$createRandomProject.addEventListener('click', () => {
+  fetchAndLog('http://localhost:3000/projects/create', 'POST', {
+    name: 'Mon premier projet :\')',
+    publicationTargetDate: Date.now(),
+    sourcesIds: [],
+    articlesIds: [],
+    assetsIds: [],
+  })
+})

package/make-template/assets/express-api/src/schema/_history/index.ts

@@ -0,0 +1,124 @@
+import Zlib from 'node:zlib'
+import {
+  Types as MongooseTypes,
+  Schema as MongooseSchema,
+  Document as MongooseDocument,
+  CallbackWithoutResultAndOptionalError as MongooseCallbackWithoutResultAndOptionalError
+} from 'mongoose'
+import { unknownToString } from '@design-edito/tools/agnostic/errors/unknown-to-string'
+import { DocumentWithLocals, QueryWithLocals } from '../../database'
+
+// Document
+export type IHistoryItem = {
+  updationTime: Date
+  updaterId: MongooseTypes.ObjectId,
+  stringifiedDocument: string
+}
+export type IHistory = Array<IHistoryItem>
+
+export type WithHistory<T> = T & { _history: IHistory }
+export type WithoutHistory<T> = Omit<T, '_history'> & { _history?: undefined }
+
+// Schema
+export const HistoryItemSchema = new MongooseSchema<IHistoryItem>({
+  updationTime: { type: Date, required: true },
+  updaterId: { type: MongooseSchema.ObjectId, required: true },
+  stringifiedDocument: { type: String, required: true }
+})
+
+export async function makeHistoryItem (document: MongooseDocument, initiatorObjectId: MongooseTypes.ObjectId): Promise<IHistoryItem> {
+  const docAsObject = document.toObject()
+  const coreEntries = Object.entries(docAsObject).filter(([key]) => !key.startsWith('_'))
+  const strippedToCore = Object.fromEntries(coreEntries)
+  const stringified = JSON.stringify(strippedToCore)
+  const compressed = await new Promise<Buffer>((resolve, reject) => {
+    Zlib.gzip(stringified, (err, compressed) => {
+      if (err !== null) return reject(err)
+      return resolve(compressed)
+    })
+  })
+  const base64 = compressed.toString('base64')
+  const historyItem: IHistoryItem = {
+    updationTime: new Date(),
+    updaterId: initiatorObjectId,
+    stringifiedDocument: base64
+  }
+  return historyItem
+}
+
+export function withHistory<T extends Object> (inputSchema: MongooseSchema<T>): MongooseSchema<WithHistory<T>> {
+  const schema = inputSchema.clone() as MongooseSchema<WithHistory<T>>
+  schema.add(new MongooseSchema<WithHistory<{}>>({
+    _history: {
+      type: [HistoryItemSchema],
+      required: true,
+      default: []
+    }
+  }))
+  schema.pre('save', handleSave)
+  schema.pre('insertMany', handleInsertMany)
+  schema.pre('updateOne', handleUpdate)
+  schema.pre('findOneAndUpdate', handleUpdate)
+
+  async function handleSave (
+    this: WithHistory<DocumentWithLocals<{}>>,
+    next: MongooseCallbackWithoutResultAndOptionalError
+  ) {
+    const context = this.$locals?.context
+    const initiatorId = context?.initiatorId ?? null
+    const initiatorObjectId = initiatorId !== null ? new MongooseTypes.ObjectId(initiatorId) : null
+    if (initiatorObjectId === null) return next(new Error('initiatorId is required in context for save operation.'))
+    try {
+      const historyItem = await makeHistoryItem(this, initiatorObjectId)
+      if (this.isNew) { this._history = [historyItem] }
+      else this._history.push(historyItem)
+      next()
+    } catch (err) {
+      const errStr = unknownToString(err)
+      next(new Error(errStr))
+    }
+  }
+
+  async function handleInsertMany (
+    next: MongooseCallbackWithoutResultAndOptionalError,
+    docs: WithHistory<DocumentWithLocals<{}>>[]
+  ) {
+    try {
+      for (const doc of docs) {
+        const context = doc.$locals?.context
+        const initiatorId = context?.initiatorId ?? null
+        const initiatorObjectId = initiatorId !== null ? new MongooseTypes.ObjectId(initiatorId) : null
+        if (initiatorObjectId === null) return next(new Error('initiatorId is required in context for insertMany operation.'))
+        const historyItem = await makeHistoryItem(doc, initiatorObjectId)
+        doc._history = [historyItem]
+      }
+      next()
+    } catch (err) {
+      const errStr = unknownToString(err)
+      next(new Error(errStr))
+    }
+  }
+
+  async function handleUpdate (
+    this: QueryWithLocals<WithHistory<{}>>,
+    next: MongooseCallbackWithoutResultAndOptionalError
+  ) {
+    const context = this.getOptions().$locals?.context;
+    const initiatorId = context?.initiatorId ?? null;
+    const initiatorObjectId = initiatorId !== null ? new MongooseTypes.ObjectId(initiatorId) : null;
+    if (initiatorObjectId === null) return next(new Error('initiatorId is required in context for update operation.'))
+    try {
+      const docPromise = this.model.findOne(this.getFilter()).exec() as Promise<WithHistory<MongooseDocument> | null>
+      const doc = await docPromise
+      if (doc === null) return next(new Error('Document not found for update.'))
+      const historyItem = await makeHistoryItem(doc, initiatorObjectId)
+      doc._history.push(historyItem)
+      this.set({ _history: doc._history })
+      next()
+    } catch (err) {
+      const errStr = unknownToString(err)
+      next(new Error(errStr))
+    }
+  }
+  return schema
+}