npm - @drax/crud-back - Versions diffs - 3.13.0 → 3.14.0 - Mend

@drax/crud-back 3.13.0 → 3.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/controllers/AbstractFastifyController.js +27 -15
package/package.json +4 -4
package/src/controllers/AbstractFastifyController.ts +31 -15
package/tsconfig.tsbuildinfo +1 -1
package/types/controllers/AbstractFastifyController.d.ts +4 -0
package/types/controllers/AbstractFastifyController.d.ts.map +1 -1

package/dist/controllers/AbstractFastifyController.js CHANGED Viewed

@@ -204,9 +204,21 @@ class AbstractFastifyController extends CommonController {
         }
         return 'Unknown import error';
     }
+    assertCreatePermission(request) {
+        request.rbac.assertPermission(this.permission.Create);
+    }
+    assertReadPermission(request) {
+        request.rbac.assertPermission(this.permission.View);
+    }
+    assertUpdatePermission(request) {
+        request.rbac.assertPermission(this.permission.Update);
+    }
+    assertDeletePermission(request) {
+        request.rbac.assertPermission(this.permission.Delete);
+    }
     async create(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.Create);
+            this.assertCreatePermission(request);
             const payload = await this.prepareCreatePayload(request, request.body);
             let item = await this.service.create(payload);
             this.onCreated(request, item);
@@ -225,7 +237,7 @@ class AbstractFastifyController extends CommonController {
     }
     async update(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.Update);
+            this.assertUpdatePermission(request);
             if (!request.params.id) {
                 reply.statusCode = 400;
                 reply.send({ error: 'BAD REQUEST' });
@@ -298,7 +310,7 @@ class AbstractFastifyController extends CommonController {
     }
     async updatePartial(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.Update);
+            this.assertUpdatePermission(request);
             if (!request.params.id) {
                 reply.statusCode = 400;
                 reply.send({ error: 'BAD REQUEST' });
@@ -345,7 +357,7 @@ class AbstractFastifyController extends CommonController {
     }
     async delete(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.Delete);
+            this.assertDeletePermission(request);
             if (!request.params.id) {
                 reply.statusCode = 400;
                 reply.send({ error: 'BAD REQUEST' });
@@ -377,7 +389,7 @@ class AbstractFastifyController extends CommonController {
     }
     async findById(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             if (!request.params.id) {
                 reply.statusCode = 400;
                 reply.send({ error: 'BAD REQUEST' });
@@ -400,7 +412,7 @@ class AbstractFastifyController extends CommonController {
     }
     async findByIds(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             if (!request.params.ids) {
                 reply.statusCode = 400;
                 reply.send({ error: 'BAD REQUEST' });
@@ -420,7 +432,7 @@ class AbstractFastifyController extends CommonController {
     async find(request, reply) {
         var _a;
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             if (request.query.limit > this.maximumLimit) {
                 throw new LimitError(this.maximumLimit, request.query.limit);
             }
@@ -442,7 +454,7 @@ class AbstractFastifyController extends CommonController {
     async findOne(request, reply) {
         var _a;
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             const search = (_a = request.query).search ?? (_a.search = undefined);
             let filters = this.parseFilters(request.query.filters);
             filters = await this.preRead(request, filters);
@@ -457,7 +469,7 @@ class AbstractFastifyController extends CommonController {
     }
     async findBy(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             if (!request.params.field || !request.params.value) {
                 reply.statusCode = 400;
                 reply.send({ error: 'BAD REQUEST' });
@@ -478,7 +490,7 @@ class AbstractFastifyController extends CommonController {
     }
     async findOneBy(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             if (!request.params.field || !request.params.value) {
                 reply.statusCode = 400;
                 reply.send({ error: 'BAD REQUEST' });
@@ -498,7 +510,7 @@ class AbstractFastifyController extends CommonController {
     }
     async search(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             const search = request.query.search;
             let filters = [];
             const limit = this.defaultLimit;
@@ -514,7 +526,7 @@ class AbstractFastifyController extends CommonController {
     }
     async paginate(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             if (request.query.limit > this.maximumLimit) {
                 throw new LimitError(this.maximumLimit, request.query.limit);
             }
@@ -536,7 +548,7 @@ class AbstractFastifyController extends CommonController {
     }
     async export(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             const format = request.query.format || 'JSON';
             const headers = request.query.headers ? request.query.headers.split(",") : [];
             const headersTranslate = request.query.headersTranslate ? request.query.headersTranslate.split(",") : [];
@@ -581,7 +593,7 @@ class AbstractFastifyController extends CommonController {
     }
     async import(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.Create);
+            this.assertCreatePermission(request);
             const data = await request.file();
             if (!data) {
                 throw new BadRequestError('Import file is required');
@@ -676,7 +688,7 @@ class AbstractFastifyController extends CommonController {
     }
     async groupBy(request, reply) {
         try {
-            request.rbac.assertPermission(this.permission.View);
+            this.assertReadPermission(request);
             const fields = request.query.fields ?
                 request.query.fields.split(',').map(f => f.trim()).filter(f => f.length > 0) :
                 [];

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "3.13.0",
+  "version": "3.14.0",
   "description": "Crud utils across modules",
   "main": "dist/index.js",
   "types": "types/index.d.ts",
@@ -22,10 +22,10 @@
   "author": "Cristian Incarnato & Drax Team",
   "license": "ISC",
   "dependencies": {
-    "@drax/common-back": "^3.10.0",
+    "@drax/common-back": "^3.14.0",
     "@drax/common-share": "^3.0.0",
     "@drax/identity-share": "^3.0.0",
-    "@drax/media-back": "^3.13.0",
+    "@drax/media-back": "^3.14.0",
     "@graphql-tools/load-files": "^7.0.0",
     "@graphql-tools/merge": "^9.0.4",
     "mongoose": "^8.23.0",
@@ -47,5 +47,5 @@
     "typescript": "^5.9.3",
     "vitest": "^3.2.4"
   },
-  "gitHead": "5f68eefbcb01c876471e387a815fee1040489c2c"
+  "gitHead": "cec0f824be0bfff0965d7bc7b95241406c53c04d"
 }

package/src/controllers/AbstractFastifyController.ts CHANGED Viewed

@@ -300,9 +300,25 @@ class AbstractFastifyController<T, C, U> extends CommonController {
         return 'Unknown import error'
     }
+    protected assertCreatePermission(request: CustomRequest) {
+        request.rbac.assertPermission(this.permission.Create)
+    }
+    protected assertReadPermission(request: CustomRequest) {
+        request.rbac.assertPermission(this.permission.View)
+    }
+    protected assertUpdatePermission(request: CustomRequest) {
+        request.rbac.assertPermission(this.permission.Update)
+    }
+    protected assertDeletePermission(request: CustomRequest) {
+        request.rbac.assertPermission(this.permission.Delete)
+    }
     async create(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.Create)
+            this.assertCreatePermission(request)
             const payload = await this.prepareCreatePayload(request, request.body)
             let item = await this.service.create(payload as C)
             this.onCreated(request, item)
@@ -323,7 +339,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async update(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.Update)
+            this.assertUpdatePermission(request)
             if (!request.params.id) {
                 reply.statusCode = 400
                 reply.send({error: 'BAD REQUEST'})
@@ -418,7 +434,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async updatePartial(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.Update)
+            this.assertUpdatePermission(request)
             if (!request.params.id) {
                 reply.statusCode = 400
                 reply.send({error: 'BAD REQUEST'})
@@ -477,7 +493,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async delete(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.Delete)
+            this.assertDeletePermission(request)
             if (!request.params.id) {
                 reply.statusCode = 400
                 reply.send({error: 'BAD REQUEST'})
@@ -519,7 +535,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async findById(request: CustomRequest, reply: FastifyReply): Promise<T> {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             if (!request.params.id) {
                 reply.statusCode = 400
                 reply.send({error: 'BAD REQUEST'})
@@ -549,7 +565,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async findByIds(request: CustomRequest, reply: FastifyReply): Promise<T[]> {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             if (!request.params.ids) {
                 reply.statusCode = 400
                 reply.send({error: 'BAD REQUEST'})
@@ -571,7 +587,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async find(request: CustomRequest, reply: FastifyReply): Promise<T[]> {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             if (request.query.limit > this.maximumLimit) {
                 throw new LimitError(this.maximumLimit, request.query.limit)
@@ -597,7 +613,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async findOne(request: CustomRequest, reply: FastifyReply): Promise<T> {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             const search = request.query.search ??= undefined
             let filters = this.parseFilters(request.query.filters)
@@ -617,7 +633,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async findBy(request: CustomRequest, reply: FastifyReply): Promise<T[]> {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             if (!request.params.field || !request.params.value) {
                 reply.statusCode = 400
                 reply.send({error: 'BAD REQUEST'})
@@ -644,7 +660,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async findOneBy(request: CustomRequest, reply: FastifyReply): Promise<T> {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             if (!request.params.field || !request.params.value) {
                 reply.statusCode = 400
                 reply.send({error: 'BAD REQUEST'})
@@ -671,7 +687,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async search(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             const search = request.query.search
             let filters = []
             const limit = this.defaultLimit
@@ -689,7 +705,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async paginate(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             if (request.query.limit > this.maximumLimit) {
@@ -716,7 +732,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async export(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             const format = request.query.format as 'CSV' | 'JSON' || 'JSON'
             const headers = request.query.headers ? request.query.headers.split(",") : []
@@ -773,7 +789,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async import(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.Create)
+            this.assertCreatePermission(request)
             const data = await (request as any).file()
             if (!data) {
@@ -879,7 +895,7 @@ class AbstractFastifyController<T, C, U> extends CommonController {
     async groupBy(request: CustomRequest, reply: FastifyReply) {
         try {
-            request.rbac.assertPermission(this.permission.View)
+            this.assertReadPermission(request)
             const fields: string[] = request.query.fields ?
                 request.query.fields.split(',').map(f => f.trim()).filter(f => f.length > 0) :