@entity-access/entity-access 1.0.2 → 1.0.5

package/src/model/events/EntityEvents.ts

@@ -0,0 +1,92 @@
+import { IClassOf } from "../../decorators/IClassOf.js";
+import NameParser from "../../decorators/parser/NameParser.js";
+import Inject from "../../di/di.js";
+import type  EntityType from "../../entity-query/EntityType.js";
+import type EntityContext from "../EntityContext.js";
+import { IEntityQuery } from "../IFilterWithParameter.js";
+import ChangeEntry from "../changes/ChangeEntry.js";
+
+const done = Promise.resolve() as Promise<void>;
+
+export class ForeignKeyFilter<T = any> {
+
+    public type: EntityType;
+    public name: string;
+    public fkName: string;
+
+    private events: EntityEvents<any>;
+    private context: EntityContext;
+
+    constructor(p: Partial<ForeignKeyFilter> & { context: EntityContext, events: EntityEvents<any> }) {
+        Object.setPrototypeOf(p, ForeignKeyFilter.prototype);
+        return p as any as ForeignKeyFilter;
+    }
+
+    public is<TR>(fx: (x: T) => TR): boolean {
+        const name = NameParser.parseMember(fx);
+        return name === this.fkName || name === this.name;
+    }
+
+    public read() {
+        const read = this.context.query(this.type.typeClass);
+        return this.events.filter(read);
+    }
+
+    public modify() {
+        const read = this.context.query(this.type.typeClass);
+        return this.events.modify(read);
+    }
+}
+
+
+export default abstract class EntityEvents<T> {
+
+    filter(query: IEntityQuery<T>) {
+        return query;
+    }
+
+    includeFilter(query: IEntityQuery<T>, type?: any, key?: string) {
+        return this.filter(query);
+    }
+
+    modify(query: IEntityQuery<T>) {
+        return this.filter(query);
+    }
+
+    delete(query: IEntityQuery<T>) {
+        return this.modify(query);
+    }
+
+    beforeInsert(entity: T, entry: ChangeEntry) {
+        return done;
+    }
+
+    onForeignKeyFilter(filter: ForeignKeyFilter<T>) {
+        return filter.modify();
+    }
+
+    afterInsert(entity: T, entry: ChangeEntry) {
+        return done;
+    }
+
+    beforeUpdate(entity: T, entry: ChangeEntry) {
+        return done;
+    }
+
+    afterUpdate(entity: T, entry: ChangeEntry) {
+        return done;
+    }
+
+    beforeDelete(entity: T, entry: ChangeEntry) {
+        return done;
+    }
+
+    afterDelete(entity: T, entry: ChangeEntry) {
+        return done;
+    }
+
+    beforeJson(entity: T) {
+        return entity;
+    }
+
+}

package/src/model/{IdentityService.ts → identity/IdentityService.ts}

@@ -1,4 +1,4 @@
-import SchemaRegistry from "../decorators/SchemaRegistry.js";
+import SchemaRegistry from "../../decorators/SchemaRegistry.js";
 
 export default class IdentityService {
 

package/src/model/symbols.ts

@@ -0,0 +1 @@
+export const existsQuery = Symbol("existsQuery");

package/src/model/verification/VerificationSession.ts

@@ -0,0 +1,173 @@
+import EntityAccessError from "../../common/EntityAccessError.js";
+import Logger from "../../common/Logger.js";
+import { TypeInfo } from "../../common/TypeInfo.js";
+import { IEntityRelation } from "../../decorators/IColumn.js";
+import { ServiceProvider } from "../../di/di.js";
+import EntityType from "../../entity-query/EntityType.js";
+import { ConditionalExpression, Constant, ExistsExpression, Expression, Identifier, ParameterExpression, QuotedLiteral, SelectStatement, TemplateLiteral, ValuesStatement } from "../../query/ast/Expressions.js";
+import EntityContext from "../EntityContext.js";
+import EntityQuery from "../EntityQuery.js";
+import ChangeEntry from "../changes/ChangeEntry.js";
+import EntityEvents, { ForeignKeyFilter } from "../events/EntityEvents.js";
+
+type KeyValueArray = [string, any][];
+
+export default class VerificationSession {
+
+    private select: SelectStatement;
+
+    private field: ConditionalExpression[];
+
+    constructor(private context: EntityContext) {
+
+        this.select = SelectStatement.create({});
+    }
+
+    queueVerification(change: ChangeEntry, events: EntityEvents<any>) {
+        const { type, entity } = change;
+        if (change.status !== "inserted") {
+            // verify access to the entity
+            const keys = [] as KeyValueArray;
+            for (const iterator of type.keys) {
+                const key = entity[iterator.name];
+                if (key === void 0) {
+                    break;
+                }
+                keys.push([iterator.columnName, key]);
+            }
+            if (keys.length === type.keys.length) {
+                this.queueEntityKey(change, keys, events);
+            }
+        }
+
+        if (change.status === "deleted") {
+            return;
+        }
+
+        // for modified or inserted
+        // we need to verify access to each foreign key
+
+        for (const relation of type.relations) {
+            if (relation.isCollection) {
+                continue;
+            }
+
+            const fk = relation.fkColumn;
+            if (!fk) {
+                continue;
+            }
+
+            const fkValue = entity[fk.name];
+            if (fkValue === void 0) {
+                // not set... ignore..
+                continue;
+            }
+            this.queueEntityForeignKey(change, relation, fkValue);
+        }
+    }
+    queueEntityForeignKey(change: ChangeEntry, relation: IEntityRelation, value) {
+        const relatedModel = relation.relatedEntity;
+        const type = relation.relatedEntity.typeClass;
+        const events = this.context.eventsFor(change.type.typeClass);
+        const relatedEvents = this.context.eventsFor(relation.relatedEntity.typeClass);
+        const context = this.context;
+        const fk = new ForeignKeyFilter({
+            context,
+            events: relatedEvents,
+            type: relatedModel,
+            name: relation.name,
+            fkName: relation.fkColumn.name
+        });
+        let query = events.onForeignKeyFilter(fk);
+        if (query === void 0) {
+            query = fk.modify();
+        }
+        if (query === null) {
+            return;
+        }
+
+        const eq = query as EntityQuery;
+        const compare = Expression.equal(
+            Expression.member(eq.selectStatement.as, relatedModel.keys[0].columnName),
+            Expression.constant(value)
+        );
+        const typeName  = TypeInfo.nameOfType(type);
+        this.addError(query as EntityQuery, compare , `Unable to access entity ${typeName} through foreign key ${TypeInfo.nameOfType(change.type)}.${relation.name}.\n`);
+    }
+
+    queueEntityKey(change: ChangeEntry, keys: KeyValueArray, events: EntityEvents<any>) {
+        const type = change.type.typeClass;
+        let query = this.context.query(type);
+        query = change.status === "modified" ? events.modify(query) : events.delete(query);
+        if (!query) {
+            return;
+        }
+        let compare: Expression;
+        const eq = query as EntityQuery;
+        for (const [key, value] of keys) {
+            const test = Expression.equal(
+                Expression.member(eq.selectStatement.as, Expression.quotedLiteral(key)),
+                Expression.constant(value)
+            );
+            compare = compare
+                ? Expression.logicalAnd(compare, test)
+                : test;
+        }
+        const typeName = TypeInfo.nameOfType(type);
+        this.addError(query  as EntityQuery, compare, `Unable to access entity ${typeName}.\n`);
+    }
+
+    async verifyAsync(): Promise<any> {
+        if (!this.field?.length) {
+            return;
+        }
+        this.select.fields =[
+            Expression.as(Expression.templateLiteral(this.field), "error")
+        ];
+        this.select.as = ParameterExpression.create({ name: "x"});
+        const source = ValuesStatement.create({
+            values: [
+                [Identifier.create({ value: "1"})]
+            ],
+            as: QuotedLiteral.create({ literal: "a"}),
+            fields: [QuotedLiteral.create({ literal: "a"})]
+        });
+        this.select.source = source;
+        const compiler = this.context.driver.compiler;
+        const query = compiler.compileExpression(null, this.select);
+        const logger = ServiceProvider.resolve(this.context, Logger);
+        const session = logger.newSession();
+        try {
+            const { rows: [ { error }]} = await this.context.driver.executeQuery(query);
+            if (error) {
+                session.error(`Failed executing ${query.text}\n[${query.values.join(",")}]\n${error?.stack ?? error}`);
+                EntityAccessError.throw(error);
+            }
+        } finally {
+            session.dispose();
+        }
+    }
+
+    addError(query: EntityQuery, compare: Expression, error: string) {
+        const select = { ... query.selectStatement};
+        select.fields = [
+            Expression.identifier("1")
+        ];
+
+        const where = select.where
+            ? Expression.logicalAnd(select.where, compare)
+            : compare;
+
+        select.where = where;
+
+        const text = ConditionalExpression.create({
+            test: ExistsExpression.create({
+                target: select
+            }),
+            consequent: Expression.constant(""),
+            alternate: Expression.constant(error),
+        });
+
+        (this.field ??=[]).push(text);
+    }
+}

package/src/query/ast/DebugStringVisitor.ts

@@ -0,0 +1,128 @@
+import { ArrowFunctionExpression, BigIntLiteral, BinaryExpression, BooleanLiteral, CallExpression, CoalesceExpression, ConditionalExpression, Constant, DeleteStatement, Expression, ExpressionAs, Identifier, MemberExpression, NewObjectExpression, NullExpression, NumberLiteral, ParameterExpression, QuotedLiteral, StringLiteral, TableLiteral, TemplateElement, TemplateLiteral } from "./Expressions.js";
+import Visitor from "./Visitor.js";
+
+const isBinary = (type) => /^(BinaryExpression|CoalesceExpression)$/.test(type);
+
+export default class DebugStringVisitor extends Visitor<string> {
+
+    static expressionToString(e: Expression) {
+        const dsv = new DebugStringVisitor();
+        return dsv.visit(e);
+    }
+
+    visitArrowFunctionExpression(e: ArrowFunctionExpression) {
+        return `(${this.visitArray(e.params)}) => ${this.visit(e.body)}`;
+    }
+
+    visitBigIntLiteral(e: BigIntLiteral): string {
+        return e.value.toString() + "n";
+    }
+
+    visitBinaryExpression(e: BinaryExpression): string {
+        const left = isBinary(e.left.type)
+            ? `(${this.visit(e.left)})`
+            : this.visit(e.left);
+        const right = isBinary(e.right.type)
+            ? `(${this.visit(e.right)})`
+            : this.visit(e.right);
+        return `${left} ${e.operator} ${right}`;
+    }
+
+    visitBooleanLiteral(e: BooleanLiteral): string {
+        return String(e.value);
+    }
+
+    visitCallExpression(e: CallExpression): string {
+        return `${this.visit(e.callee)}(${this.visitArray(e.arguments)})`;
+    }
+
+    visitCoalesceExpression(e: CoalesceExpression): string {
+        const left = isBinary(e.left.type)
+            ? `(${this.visit(e.left)})`
+            : this.visit(e.left);
+        const right = isBinary(e.right.type)
+            ? `(${this.visit(e.right)})`
+            : this.visit(e.right);
+        return `${left} ?? ${right}`;
+    }
+
+    visitConditionalExpression(e: ConditionalExpression): string {
+        return `${e.test} ? ${e.consequent} : ${e.alternate}`;
+    }
+
+    visitConstant(e: Constant): string {
+        return `"Constant:${e.value}"`;
+    }
+
+    visitExpressionAs(e: ExpressionAs): string {
+        return `${e.expression} as ${e.alias}`;
+    }
+
+    visitIdentifier(e: Identifier): string {
+        return e.value;
+    }
+
+    visitMemberExpression(e: MemberExpression): string {
+        return `${this.visit(e.target)}.${this.visit(e.property)}`;
+    }
+
+    visitTableLiteral(e: TableLiteral): string {
+        if (!e.schema) {
+            return this.visit(e.name);
+        }
+        return `${this.visit(e.schema)}.${this.visit(e.name)}`;
+    }
+
+    visitNewObjectExpression(e: NewObjectExpression): string {
+        return `({${this.visitArray(e.properties)}})`;
+    }
+
+    visitNullExpression(e: NullExpression): string {
+        return "null";
+    }
+
+    visitNumberLiteral(e: NumberLiteral): string {
+        return e.value.toString();
+    }
+
+    visitParameterExpression(e: ParameterExpression): string {
+        return e.name;
+    }
+
+    visitQuotedLiteral(e: QuotedLiteral): string {
+        return `"${e.literal}"`;
+    }
+
+    visitStringLiteral(e: StringLiteral): string {
+        return `"${e.value}"`;
+    }
+
+    visitTemplateElement(e: TemplateElement): string {
+        return `${e.value.cooked}`;
+    }
+
+    visitTemplateLiteral(e: TemplateLiteral): string {
+        const items = [];
+        if (e.quasis?.length) {
+            for (let i = 0; i<e.quasis.length; i++) {
+                items.push(this.visit(e.quasis[i]));
+                if (i<e.value.length) {
+                    items.push("${" + this.visit(e.value[i]) + "}" );
+                }
+            }
+        } else {
+            for (const iterator of e.value) {
+                if (iterator.type === "StringLiteral") {
+                    items.push((iterator as StringLiteral).value as string);
+                    continue;
+                }
+                items.push("${" + this.visit(iterator) + "}" );
+            }
+        }
+        return "`" + items.join("") + "`";
+    }
+
+    private visitArray(e: Expression[], separator = ", ") {
+        return e.map((x) => this.visit(x)).join(separator);
+    }
+}