npm - @drax/settings-back - Versions diffs - 0.28.0 → 0.30.0 - Mend

@drax/settings-back 0.28.0 → 0.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/controller/SettingController.js +23 -5
package/dist/model/SettingsModel.js +13 -12
package/dist/permissions/SettingPermissions.js +1 -0
package/dist/schemas/SettingSchema.js +14 -4
package/package.json +7 -7
package/src/controller/SettingController.ts +29 -7
package/src/model/SettingsModel.ts +13 -12
package/src/permissions/SettingPermissions.ts +1 -0
package/src/schemas/SettingSchema.ts +14 -4
package/tsconfig.tsbuildinfo +1 -1
package/types/controller/SettingController.d.ts +0 -1
package/types/controller/SettingController.d.ts.map +1 -1
package/types/model/SettingsModel.d.ts.map +1 -1
package/types/permissions/SettingPermissions.d.ts +2 -1
package/types/permissions/SettingPermissions.d.ts.map +1 -1
package/types/schemas/SettingSchema.d.ts +37 -3
package/types/schemas/SettingSchema.d.ts.map +1 -1

package/dist/controller/SettingController.js CHANGED Viewed

@@ -1,15 +1,21 @@
 import { SettingPermissions } from "../permissions/SettingPermissions.js";
 import SettingServiceFactory from "../factory/SettingServiceFactory.js";
-import { UnauthorizedError, ValidationError } from "@drax/common-back";
+import { NotFoundError, UnauthorizedError, ValidationError } from "@drax/common-back";
 class SettingController {
     constructor() {
         this.service = SettingServiceFactory();
     }
     async fetchAll(request, reply) {
         try {
-            request.rbac.assertPermission(SettingPermissions.View);
             const settings = await this.service.fetchAll();
-            return settings;
+            if (!request.authUser) {
+                return settings.filter(s => s.public === true && !s.permission);
+            }
+            else {
+                return settings.filter(s => {
+                    return !s.permission || (s.permission && request.rbac.hasPermission(s.permission));
+                });
+            }
         }
         catch (e) {
             console.error(e);
@@ -25,7 +31,7 @@ class SettingController {
     }
     async fetchGrouped(request, reply) {
         try {
-            request.rbac.assertPermission(SettingPermissions.View);
+            request.rbac.assertPermission(SettingPermissions.Manage);
             const settings = await this.service.fetchGrouped();
             return settings;
         }
@@ -43,9 +49,17 @@ class SettingController {
     }
     async findByKey(request, reply) {
         try {
-            request.rbac.assertPermission(SettingPermissions.View);
             const key = request.params.key;
             const setting = await this.service.findByKey(key);
+            if (!setting) {
+                throw new NotFoundError();
+            }
+            if (setting.public === false && !request.authUser) {
+                throw new UnauthorizedError();
+            }
+            if (setting.permission && !request.rbac.hasPermission(setting.permission)) {
+                throw new UnauthorizedError();
+            }
             return setting;
         }
         catch (e) {
@@ -54,6 +68,10 @@ class SettingController {
                 reply.statusCode = e.statusCode;
                 reply.send({ error: e.message });
             }
+            if (e instanceof NotFoundError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
             else {
                 reply.statusCode = 500;
                 reply.send({ error: 'INTERNAL_SERVER_ERROR' });

package/dist/model/SettingsModel.js CHANGED Viewed

@@ -3,18 +3,19 @@ import uniqueValidator from 'mongoose-unique-validator';
 import mongooseLeanVirtuals from 'mongoose-lean-virtuals';
 const SettingSchema = new mongoose.Schema({
     key: { type: String, required: true, unique: true },
-    value: { type: mongoose.Schema.Types.Mixed, required: false, unique: false },
-    //valueList: [{type: String, required: false, unique: false}],
-    label: { type: String, required: false },
-    category: { type: String, required: true },
-    type: { type: String, default: "string", enum: ['string', 'longString', 'number', 'enum', 'boolean', 'password', 'stringList', 'numberList', 'enumList', 'ref', 'secret'], required: false, unique: false },
-    options: [{ type: String }],
-    regex: { type: String },
-    entity: { type: String, required: false },
-    entityValue: { type: String, required: false },
-    entityText: { type: String, required: false, unique: false },
-    prefix: { type: String, required: false },
-    suffix: { type: String, required: false },
+    value: { type: mongoose.Schema.Types.Mixed, required: false, unique: false, index: false },
+    label: { type: String, required: false, index: false },
+    category: { type: String, required: true, index: false },
+    type: { type: String, default: "string", enum: ['string', 'longString', 'number', 'enum', 'boolean', 'password', 'stringList', 'numberList', 'enumList', 'ref', 'secret'], required: false, unique: false, index: false },
+    options: [{ type: String, index: false, required: false }],
+    regex: { type: String, required: false, index: false },
+    entity: { type: String, required: false, index: false },
+    entityValue: { type: String, required: false, index: false },
+    entityText: { type: String, required: false, unique: false, index: false },
+    prefix: { type: String, required: false, index: false },
+    suffix: { type: String, required: false, index: false },
+    permission: { type: String, required: false, index: false },
+    public: { type: Boolean, required: false, default: false, index: false },
 }, { timestamps: true, toJSON: { virtuals: true }, toObject: { virtuals: true } });
 SettingSchema.virtual("id").get(function () {
     return this._id.toString();

package/dist/permissions/SettingPermissions.js CHANGED Viewed

@@ -3,6 +3,7 @@ var SettingPermissions;
     SettingPermissions["Update"] = "setting:update";
     SettingPermissions["View"] = "setting:view";
     SettingPermissions["Manage"] = "setting:manage";
+    SettingPermissions["Sensitive"] = "setting:sensitive";
 })(SettingPermissions || (SettingPermissions = {}));
 export default SettingPermissions;
 export { SettingPermissions };

package/dist/schemas/SettingSchema.js CHANGED Viewed

@@ -1,7 +1,17 @@
-import { object, string } from "zod";
-const settingSchema = object({
-    key: string({ required_error: "validation.required" })
-        .min(1, "validation.required"),
+import z from "zod";
+const settingSchema = z.object({
+    key: z.string({ required_error: "validation.required" }).min(1, "validation.required"),
+    label: z.string().optional().nullable(),
+    category: z.string().optional().nullable(),
+    type: z.enum(['string', 'longString', 'number', 'enum', 'boolean', 'password', 'stringList', 'numberList', 'enumList', 'ref', 'secret']),
+    regex: z.string().optional().nullable(),
+    entity: z.string().optional().nullable(),
+    entityValue: z.string().optional().nullable(),
+    entityText: z.string().optional().nullable(),
+    prefix: z.string().optional().nullable(),
+    suffix: z.string().optional().nullable(),
+    permission: z.string().optional().nullable(),
+    public: z.boolean().optional().nullable(),
 });
 export default settingSchema;
 export { settingSchema };

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.28.0",
+  "version": "0.30.0",
   "description": "Setting module for nice management options.",
   "main": "dist/index.js",
   "types": "types/index.d.ts",
@@ -28,11 +28,11 @@
   "author": "Cristian Incarnato & Drax Team",
   "license": "ISC",
   "dependencies": {
-    "@drax/common-back": "^0.28.0",
-    "@drax/crud-back": "^0.28.0",
-    "@drax/crud-share": "^0.28.0",
-    "@drax/email-back": "^0.28.0",
-    "@drax/identity-share": "^0.28.0"
+    "@drax/common-back": "^0.30.0",
+    "@drax/crud-back": "^0.30.0",
+    "@drax/crud-share": "^0.30.0",
+    "@drax/email-back": "^0.30.0",
+    "@drax/identity-share": "^0.30.0"
   },
   "peerDependencies": {
     "better-sqlite3": "^11.0.0",
@@ -57,5 +57,5 @@
       "debug": "0"
     }
   },
-  "gitHead": "062c6d15dbbf8b6e337869549ab0bdbc27200a9e"
+  "gitHead": "f7f06578327be29f20dcb7e2c8a2eac9e9145cab"
 }

package/src/controller/SettingController.ts CHANGED Viewed

@@ -1,12 +1,11 @@
 import {SettingPermissions} from "../permissions/SettingPermissions.js";
 import SettingService from "../services/SettingService.js";
 import SettingServiceFactory from "../factory/SettingServiceFactory.js";
-import {UnauthorizedError, ValidationError} from "@drax/common-back";
+import {NotFoundError, UnauthorizedError, ValidationError} from "@drax/common-back";
 class SettingController {
     protected service: SettingService
-    protected permission
     constructor() {
         this.service = SettingServiceFactory()
@@ -14,9 +13,16 @@ class SettingController {
     async fetchAll(request, reply) {
         try {
-            request.rbac.assertPermission(SettingPermissions.View)
             const settings = await this.service.fetchAll()
-            return settings
+            if(!request.authUser){
+                return settings.filter(s => s.public === true && !s.permission)
+            }else{
+                return settings.filter(s => {
+                    return !s.permission || (s.permission && request.rbac.hasPermission(s.permission));
+                } )
+            }
         } catch (e) {
             console.error(e)
             if (e instanceof UnauthorizedError) {
@@ -31,8 +37,9 @@ class SettingController {
     async fetchGrouped(request, reply) {
         try {
-            request.rbac.assertPermission(SettingPermissions.View)
+            request.rbac.assertPermission(SettingPermissions.Manage)
             const settings = await this.service.fetchGrouped()
             return settings
         } catch (e) {
             console.error(e)
@@ -48,16 +55,31 @@ class SettingController {
     async findByKey(request, reply) {
         try {
-            request.rbac.assertPermission(SettingPermissions.View)
             const key = request.params.key
             const setting = await this.service.findByKey(key)
+            if(!setting){
+                throw new NotFoundError()
+            }
+            if(setting.public === false && !request.authUser ){
+                throw new UnauthorizedError()
+            }
+            if(setting.permission && !request.rbac.hasPermission(setting.permission)){
+                throw new UnauthorizedError()
+            }
             return setting
         } catch (e) {
             console.error(e)
             if (e instanceof UnauthorizedError) {
                 reply.statusCode = e.statusCode
                 reply.send({error: e.message})
-            } else {
+            }if (e instanceof NotFoundError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message})
+            }else {
                 reply.statusCode = 500
                 reply.send({error: 'INTERNAL_SERVER_ERROR'})
             }

package/src/model/SettingsModel.ts CHANGED Viewed

@@ -7,18 +7,19 @@ import {ISetting} from "@drax/settings-share";
 const SettingSchema = new mongoose.Schema<ISetting>({
     key: {type: String, required: true, unique: true},
-    value: {type: mongoose.Schema.Types.Mixed, required: false, unique: false},
-    //valueList: [{type: String, required: false, unique: false}],
-    label: {type: String, required: false},
-    category: {type: String, required: true},
-    type: {type: String, default: "string", enum: ['string','longString','number','enum','boolean', 'password', 'stringList','numberList', 'enumList', 'ref', 'secret'], required: false, unique: false},
-    options: [{type: String}],
-    regex: {type: String},
-    entity: {type: String, required: false},
-    entityValue: {type: String, required: false},
-    entityText: {type: String, required: false, unique: false},
-    prefix: {type: String, required: false},
-    suffix: {type: String, required: false},
+    value: {type: mongoose.Schema.Types.Mixed, required: false, unique: false, index: false},
+    label: {type: String, required: false, index: false},
+    category: {type: String, required: true, index: false},
+    type: {type: String, default: "string", enum: ['string','longString','number','enum','boolean', 'password', 'stringList','numberList', 'enumList', 'ref', 'secret'], required: false, unique: false, index: false},
+    options: [{type: String, index: false, required: false}],
+    regex: {type: String, required: false, index: false},
+    entity: {type: String, required: false, index: false},
+    entityValue: {type: String, required: false, index: false},
+    entityText: {type: String, required: false, unique: false, index: false},
+    prefix: {type: String, required: false, index: false},
+    suffix: {type: String, required: false, index: false},
+    permission: {type: String, required: false, index: false},
+    public: {type: Boolean, required: false, default: false, index: false},
 }, {timestamps: true, toJSON: {  virtuals: true}, toObject: {virtuals: true} })
 SettingSchema.virtual("id").get(function () {

package/src/permissions/SettingPermissions.ts CHANGED Viewed

@@ -2,6 +2,7 @@ enum SettingPermissions {
     Update = "setting:update",
     View = "setting:view",
     Manage = "setting:manage",
+    Sensitive = "setting:sensitive",
 }

package/src/schemas/SettingSchema.ts CHANGED Viewed

@@ -1,8 +1,18 @@
-import { object, string } from "zod"
+import z from "zod"
-const settingSchema = object({
-    key: string({ required_error: "validation.required" })
-        .min(1, "validation.required"),
+const settingSchema = z.object({
+    key: z.string({required_error: "validation.required"}).min(1, "validation.required"),
+    label: z.string().optional().nullable(),
+    category: z.string().optional().nullable(),
+    type: z.enum(['string','longString','number','enum','boolean', 'password', 'stringList','numberList', 'enumList', 'ref', 'secret']),
+    regex: z.string().optional().nullable(),
+    entity: z.string().optional().nullable(),
+    entityValue: z.string().optional().nullable(),
+    entityText: z.string().optional().nullable(),
+    prefix: z.string().optional().nullable(),
+    suffix: z.string().optional().nullable(),
+    permission: z.string().optional().nullable(),
+    public: z.boolean().optional().nullable(),
 })