@flowerforce/flowerbase 1.2.0 → 1.2.1-beta.2

package/dist/utils/roles/machines/read/D/index.js

@@ -12,6 +12,16 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.STEP_D_STATES = void 0;
 const utils_1 = require("../../utils");
 const validators_1 = require("./validators");
+const runCheckIsValidFieldName = (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation }) {
+    (0, utils_1.logMachineInfo)({
+        enabled: context.enableLog,
+        machine: 'D',
+        step: 2,
+        stepName: 'checkIsValidFieldName'
+    });
+    const document = (0, validators_1.checkIsValidFieldNameFn)(context);
+    return endValidation({ success: !!Object.keys(document).length, document });
+});
 exports.STEP_D_STATES = {
     checkAdditionalFields: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
         (0, utils_1.logMachineInfo)({
@@ -21,16 +31,8 @@ exports.STEP_D_STATES = {
             stepName: 'checkAdditionalFields'
         });
         const check = (0, validators_1.checkAdditionalFieldsFn)(context);
-        return check ? next('checkIsValidFieldName') : endValidation({ success: false });
+        return check ? next('evaluateRead') : endValidation({ success: false });
     }),
-    checkIsValidFieldName: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation }) {
-        (0, utils_1.logMachineInfo)({
-            enabled: context.enableLog,
-            machine: 'D',
-            step: 2,
-            stepName: 'checkIsValidFieldName'
-        });
-        const document = (0, validators_1.checkIsValidFieldNameFn)(context);
-        return endValidation({ success: !!Object.keys(document).length, document });
-    })
+    evaluateRead: runCheckIsValidFieldName,
+    checkIsValidFieldName: runCheckIsValidFieldName
 };

package/dist/utils/rules.d.ts

@@ -1,2 +1,2 @@
-export declare function expandQuery(template: Record<string, unknown>, objs: Record<string, unknown>): any;
+export declare function expandQuery(template: Record<string, unknown>, objs: Record<string, unknown>): Record<string, unknown>;
 //# sourceMappingURL=rules.d.ts.map

package/dist/utils/rules.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"rules.d.ts","sourceRoot":"","sources":["../../src/utils/rules.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,OAqB9B"}
+{"version":3,"file":"rules.d.ts","sourceRoot":"","sources":["../../src/utils/rules.ts"],"names":[],"mappings":"AAkCA,wBAAgB,WAAW,CACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAES,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAC9D"}

package/dist/utils/rules.js

@@ -5,23 +5,32 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.expandQuery = expandQuery;
 const get_1 = __importDefault(require("lodash/get"));
-const removeExtraColons = (val) => {
-    return val === null || val === void 0 ? void 0 : val.toString().replace(/:+/g, ":");
+const resolvePlaceholder = (value, objs) => {
+    if (!value.startsWith('%%'))
+        return value;
+    const path = value.slice(2);
+    const [rootKey, ...rest] = path.split('.');
+    const rootToken = `%%${rootKey}`;
+    const rootValue = objs[rootToken];
+    if (!rest.length) {
+        return rootValue === undefined ? value : rootValue;
+    }
+    const resolved = (0, get_1.default)(rootValue, rest.join('.'));
+    return resolved === undefined ? value : resolved;
 };
-// Funzione che espande dinamicamente i placeholder con supporto per percorsi annidati
+const expandValue = (input, objs) => {
+    if (Array.isArray(input)) {
+        return input.map((item) => expandValue(item, objs));
+    }
+    if (input && typeof input === 'object') {
+        return Object.fromEntries(Object.entries(input).map(([key, val]) => [key, expandValue(val, objs)]));
+    }
+    if (typeof input === 'string') {
+        return resolvePlaceholder(input, objs);
+    }
+    return input;
+};
+// Espande dinamicamente i placeholder con supporto per array e percorsi annidati
 function expandQuery(template, objs) {
-    let expandedQuery = JSON.stringify(template); // Converti l'oggetto in una stringa per sostituire i placeholder
-    const regex = /:\s*"%%([a-zA-Z0-9_.]+)"/g;
-    Object.keys(objs).forEach(() => {
-        // Espandi tutti i placeholder %%values.<nested.property>
-        const callback = (match, path) => {
-            const value = (0, get_1.default)(objs, `%%${path}`); // Recupera il valore annidato da values
-            const finalValue = typeof value === 'string' ? `"${value}"` : value && JSON.stringify(value);
-            // TODO tolto i primi : creava questo tipo di oggetto {"userId"::"%%user.id"}
-            const val = `:${value !== undefined ? finalValue : match}`; // Sostituisci se esiste, altrimenti lascia il placeholder
-            return removeExtraColons(val);
-        };
-        expandedQuery = expandedQuery.replace(regex, callback);
-    });
-    return JSON.parse(expandedQuery); // Converti la stringa JSON di nuovo in un oggetto
+    return expandValue(template, objs);
 }

package/jest.config.ts

@@ -4,21 +4,11 @@ module.exports = {
     '^.+\\.[tj]s$': [
       'ts-jest',
       {
-        tsconfig: './tsconfig.json'
+        tsconfig: '<rootDir>/tsconfig.json'
       }
     ]
   },
-  collectCoverage: false,
-  collectCoverageFrom: ['./**/*.ts'],
-  coverageDirectory: 'coverage',
-  coverageThreshold: {
-    global: {
-      branches: 50,
-      functions: 90,
-      lines: 90,
-      statements: 90
-    }
-  },
+  setupFilesAfterEnv: ['<rootDir>/jest.setup.ts'],
   testEnvironment: 'node',
   testMatch: ['./**/*.test.ts']
 }

package/jest.setup.ts

@@ -0,0 +1,28 @@
+import { Blob as NodeBlob } from 'buffer'
+import path from 'node:path'
+
+if (!process.env.FLOWERBASE_APP_PATH) {
+  process.env.FLOWERBASE_APP_PATH = path.resolve(__dirname, '../../tests/e2e/app')
+}
+
+const BaseBlob = typeof globalThis.Blob !== 'undefined' ? globalThis.Blob : NodeBlob
+
+type PolyfillFilePropertyBag = FilePropertyBag & {
+  name?: string
+}
+
+class FilePolyfill extends BaseBlob {
+  lastModified: number
+  name: string
+
+  constructor(bits?: Iterable<BlobPart>, options?: FilePropertyBag) {
+    super(bits, options as FilePropertyBag)
+    const fileOptions = options as PolyfillFilePropertyBag
+    this.name = fileOptions?.name ?? ''
+    this.lastModified = fileOptions?.lastModified ?? Date.now()
+  }
+}
+
+if (typeof globalThis.File === 'undefined') {
+  globalThis.File = FilePolyfill as unknown as typeof File
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.2.0",
+  "version": "1.2.1-beta.2",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/controller.ts

@@ -26,6 +26,9 @@ export async function authController(app: FastifyInstance) {
    * @returns {Promise<Object>} A promise resolving with the user's profile data.
    */
   app.get(AUTH_ENDPOINTS.PROFILE, async function (req) {
+    if (req.user.typ !== 'access') {
+      throw new Error('Access token required')
+    }
     const user = await db
       .collection<Record<string, unknown>>(authCollection)
       .findOne({ _id: ObjectId.createFromHexString(req.user.id) })

package/src/auth/providers/custom-function/controller.ts

@@ -77,18 +77,21 @@ export async function customFunctionController(app: FastifyInstance) {
 
       if (res.id) {
         const user = await handleUserRegistration(app, { run_as_system: true, skipUserCheck: true, provider: PROVIDER.CUSTOM_FUNCTION })({ email: res.id, password: generatePassword() })
+        if (!user?.insertedId) {
+          throw new Error('Failed to register custom user')
+        }
 
         const currentUserData = {
           _id: user.insertedId,
           user_data: {
-            _id: user.insertedId,
+            _id: user.insertedId
           }
         }
         return {
           access_token: this.createAccessToken(currentUserData),
           refresh_token: this.createRefreshToken(currentUserData),
           device_id: '',
-          user_id: user.insertedId.toString(),
+          user_id: user.insertedId.toString()
         }
       }
 

package/src/auth/providers/local-userpass/controller.ts

@@ -55,8 +55,13 @@ export async function localUserPassController(app: FastifyInstance) {
 
       const result = await handleUserRegistration(app, { run_as_system: true, provider: PROVIDER.LOCAL_USERPASS })({ email: req.body.email.toLowerCase(), password: req.body.password })
 
+      if (!result?.insertedId) {
+        res?.status(500)
+        throw new Error('Failed to register user')
+      }
+
       res?.status(201)
-      return { userId: result?.insertedId.toString() }
+      return { userId: result.insertedId.toString() }
     }
   )
 
@@ -98,7 +103,12 @@ export async function localUserPassController(app: FastifyInstance) {
           : {}
       delete authUser?.password
 
-      const userWithCustomData = { ...authUser, user_data: user, id: authUser._id.toString() }
+      const userWithCustomData = {
+        ...authUser,
+        user_data: { ...(user || {}), _id: authUser._id },
+        data: { email: authUser.email },
+        id: authUser._id.toString()
+      }
 
       if (authUser && authUser.status === 'pending') {
         try {
@@ -123,14 +133,7 @@ export async function localUserPassController(app: FastifyInstance) {
       ) {
         try {
           await GenerateContext({
-            args: [
-              {
-                operationType: 'CREATE',
-                providers: 'local-userpass',
-                user: userWithCustomData,
-                time: new Date().getTime()
-              }
-            ],
+            args: [userWithCustomData],
             app,
             rules: {},
             user: userWithCustomData,

package/src/auth/utils.ts

@@ -115,13 +115,16 @@ export interface CustomUserDataConfig {
   on_user_creation_function_name: string
 }
 
+const resolveAppPath = () =>
+  process.env.FLOWERBASE_APP_PATH ?? require.main?.path ?? process.cwd()
+
 
 /**
  * > Loads the auth config json file
  * @testable
  */
 export const loadAuthConfig = (): AuthConfig => {
-  const authPath = path.join(require.main!.path, 'auth/providers.json')
+  const authPath = path.join(resolveAppPath(), 'auth/providers.json')
   return JSON.parse(fs.readFileSync(authPath, 'utf-8'))
 }
 
@@ -130,7 +133,7 @@ export const loadAuthConfig = (): AuthConfig => {
  * @testable
  */
 export const loadCustomUserData = (): CustomUserDataConfig => {
-  const userDataPath = path.join(require.main!.path, 'auth/custom_user_data.json')
+  const userDataPath = path.join(resolveAppPath(), 'auth/custom_user_data.json')
   return JSON.parse(fs.readFileSync(userDataPath, 'utf-8'))
 }
 
@@ -205,4 +208,4 @@ export const getMailConfig = (
 export const generatePassword = (length = 20) => {
   const bytes = crypto.randomBytes(length);
   return Array.from(bytes, (b) => CHARSET[b % CHARSET.length]).join("");
-}
+}

package/src/constants.ts

@@ -1,4 +1,5 @@
 import { loadAuthConfig, loadCustomUserData } from './auth/utils'
+import { ALLOWED_METHODS } from './'
 
 const {
   database_name,
@@ -15,7 +16,11 @@ export const DEFAULT_CONFIG = {
   API_VERSION: process.env.API_VERSION || 'v2.0',
   HTTPS_SCHEMA: process.env.HTTPS_SCHEMA || 'https',
   HOST: process.env.HOST || '0.0.0.0',
-  ENABLE_LOGGER: process.env.ENABLE_LOGGER
+  ENABLE_LOGGER: process.env.ENABLE_LOGGER,
+  CORS_OPTIONS: {
+    origin: "*",
+    methods: ["GET", "POST", "PUT", "DELETE"] as ALLOWED_METHODS[]
+  }
 }
 export const API_VERSION = `/api/client/${DEFAULT_CONFIG.API_VERSION}`
 export const HTTPS_SCHEMA = DEFAULT_CONFIG.HTTPS_SCHEMA
@@ -39,4 +44,4 @@ export const AUTH_CONFIG = {
 export const S3_CONFIG = {
   ACCESS_KEY_ID: process.env.S3_ACCESS_KEY_ID,
   SECRET_ACCESS_KEY: process.env.S3_SECRET_ACCESS_KEY
-}
+}

package/src/fastify.d.ts

@@ -1,7 +1,33 @@
-import { FastifyRequest as FastifyRequestType } from 'fastify'
+import { FastifyRequest as FastifyRequestType, FastifyReply } from 'fastify'
 
 type User = Record<string, unknown>
 type UserData = Record<string, unknown>
+type JwtUserData = UserData
+
+type JwtAccessPayload = {
+  typ: 'access'
+  id: string
+  user_data: JwtUserData
+  data: JwtUserData
+  custom_data?: JwtUserData
+}
+
+type JwtRefreshPayload = {
+  typ: 'refresh'
+  baas_id: string
+}
+
+type JwtPayload = JwtAccessPayload | JwtRefreshPayload
+
+type JwtAccessUser = JwtAccessPayload & {
+  sub: string
+}
+
+type JwtRefreshUser = JwtRefreshPayload & {
+  sub: string
+}
+
+type JwtUser = JwtAccessUser | JwtRefreshUser
 
 declare module 'fastify' {
   interface FastifyInstance {
@@ -9,20 +35,11 @@ declare module 'fastify' {
     createAccessToken(user: User): string
     createRefreshToken(user: User): string
   }
+}
 
-  interface FastifyRequest {
-    user:
-      | {
-          id: string
-          typ: 'refresh'
-          sub: string
-          user_data: UserData
-          user: User
-        }
-      | {
-          typ: 'access'
-          user_data: UserData
-          id: string
-        }
+declare module '@fastify/jwt' {
+  interface FastifyJWT {
+    payload: JwtPayload
+    user: JwtUser
   }
 }

package/src/features/functions/controller.ts

@@ -1,5 +1,6 @@
 import { ObjectId } from 'bson'
 import { ChangeStream, Document } from 'mongodb';
+import type { FastifyRequest } from 'fastify'
 import { services } from '../../services'
 import { StateManager } from '../../state'
 import { GenerateContext } from '../../utils/context'
@@ -7,7 +8,31 @@ import { Base64Function, FunctionCallBase64Dto, FunctionCallDto } from './dtos'
 import { FunctionController } from './interface'
 import { executeQuery } from './utils'
 
+const normalizeUser = (payload: Record<string, any> | undefined) => {
+  if (!payload) return undefined
+  const nestedUser =
+    payload.data ?? payload.user_data ?? payload.custom_data ?? payload
+  const flattened =
+    typeof nestedUser === 'object' && nestedUser !== null ? nestedUser : {}
+
+  return {
+    ...payload,
+    ...flattened,
+    custom_data: payload.custom_data ?? flattened,
+    user_data: payload.user_data ?? flattened,
+    data: payload.data ?? flattened
+  }
+}
+
+const getRequestUser = (req: FastifyRequest) => {
+  const candidate = req.user as Record<string, any> | undefined
+  return normalizeUser(candidate)
+}
 
+const logFunctionCall = (method: string, user: Record<string, any> | undefined, args: unknown[]) => {
+  if (process.env.DEBUG_FUNCTIONS !== 'true') return
+  console.log('[functions-debug]', method, user ? { id: user.id, role: user.role, email: user.email } : 'no-user', args)
+}
 
 /**
  * > Creates a pre handler for every query
@@ -24,7 +49,10 @@ export const functionsController: FunctionController = async (
   const streams = {} as Record<string, ChangeStream<Document, Document>>
 
   app.post<{ Body: FunctionCallDto }>('/call', async (req, res) => {
-    const { user } = req
+    const user = getRequestUser(req)
+    if (!user || user.typ !== 'access') {
+      throw new Error('Access token required')
+    }
     const { name: method, arguments: args } = req.body
 
     if ('service' in req.body) {
@@ -39,6 +67,7 @@ export const functionsController: FunctionController = async (
         .db(database)
         .collection(collection)[method]
 
+      logFunctionCall(`service:${req.body.service}:${method}`, user, args)
       const operatorsByType = await executeQuery({
         currentMethod,
         query,
@@ -61,6 +90,7 @@ export const functionsController: FunctionController = async (
       throw new Error(`Function "${req.body.name}" is private`)
     }
 
+    logFunctionCall(`function:${method}`, user, args)
     const result = await GenerateContext({
       args: req.body.arguments,
       app,
@@ -76,7 +106,11 @@ export const functionsController: FunctionController = async (
   app.get<{
     Querystring: FunctionCallBase64Dto
   }>('/call', async (req, res) => {
-    const { query, user } = req
+    const { query } = req
+    const user = getRequestUser(req)
+    if (!user || user.typ !== 'access') {
+      throw new Error('Access token required')
+    }
     const { baas_request, stitch_request } = query
 
     const config: Base64Function = JSON.parse(

package/src/features/rules/utils.ts

@@ -5,11 +5,20 @@ import { Rules, RulesConfig } from './interface'
 
 export const loadRules = async (rootDir = process.cwd()): Promise<Rules> => {
   const rulesRoot = path.join(rootDir, 'data_sources', 'mongodb-atlas')
-  const files = fs.readdirSync(rulesRoot, { recursive: true }) as string[]
+  const recursivelyCollectFiles = (dir: string): string[] => {
+    return fs.readdirSync(dir, { withFileTypes: true }).flatMap((entry) => {
+      const fullPath = path.join(dir, entry.name)
+      if (entry.isDirectory()) {
+        return recursivelyCollectFiles(fullPath)
+      }
+      return entry.isFile() ? [fullPath] : []
+    })
+  }
+  const files = recursivelyCollectFiles(rulesRoot)
   const rulesFiles = files.filter((x) => (x as string).endsWith('rules.json'))
 
   const rulesByCollection = rulesFiles.reduce((acc, rulesFile) => {
-    const filePath = path.join(rulesRoot, rulesFile)
+    const filePath = rulesFile
     const collectionRules = readJsonContent(filePath) as RulesConfig
     acc[collectionRules.collection] = collectionRules
 

package/src/features/triggers/utils.ts

@@ -7,6 +7,41 @@ import { readJsonContent } from '../../utils'
 import { GenerateContext } from '../../utils/context'
 import { HandlerParams, Trigger, Triggers } from './interface'
 
+const registerOnClose = (
+  app: HandlerParams['app'],
+  handler: () => Promise<void> | void,
+  label: string
+) => {
+  if (app.server) {
+    app.server.once('close', () => {
+      Promise.resolve(handler()).catch((error) => {
+        console.error(`${label} close error`, error)
+      })
+    })
+    return
+  }
+
+  try {
+    app.addHook('onClose', async () => {
+      try {
+        await handler()
+      } catch (error) {
+        console.error(`${label} close error`, error)
+      }
+    })
+  } catch (error) {
+    console.error(`${label} hook registration error`, error)
+  }
+}
+
+const shouldIgnoreStreamError = (error: unknown) => {
+  const err = error as { name?: string; message?: string }
+  if (err?.name === 'MongoClientClosedError') return true
+  if (err?.message?.includes('client was closed')) return true
+  if (err?.message?.includes('Client is closed')) return true
+  return false
+}
+
 /**
  * Loads trigger files from the specified directory and returns them as an array of objects.
  * Each object contains the file name and the parsed JSON content.
@@ -54,7 +89,7 @@ const handleCronTrigger = async ({
   services,
   app
 }: HandlerParams) => {
-  cron.schedule(config.schedule, async () => {
+  const task = cron.schedule(config.schedule, async () => {
     await GenerateContext({
       args: [],
       app,
@@ -65,6 +100,7 @@ const handleCronTrigger = async ({
       services
     })
   })
+  registerOnClose(app, () => task.stop(), 'Scheduled trigger')
 }
 
 const handleAuthenticationTrigger = async ({
@@ -88,6 +124,10 @@ const handleAuthenticationTrigger = async ({
     .watch(pipeline, {
       fullDocument: 'whenAvailable'
     })
+  changeStream.on('error', (error) => {
+    if (shouldIgnoreStreamError(error)) return
+    console.error('Authentication trigger change stream error', error)
+  })
   changeStream.on('change', async function (change) {
     const document = change['fullDocument' as keyof typeof change] as Record<
       string,
@@ -120,6 +160,13 @@ const handleAuthenticationTrigger = async ({
       })
     }
   })
+  registerOnClose(
+    app,
+    async () => {
+      await changeStream.close()
+    },
+    'Authentication trigger'
+  )
 }
 
 /**
@@ -175,6 +222,10 @@ const handleDataBaseTrigger = async ({
       ? 'whenAvailable'
       : undefined
   })
+  changeStream.on('error', (error) => {
+    if (shouldIgnoreStreamError(error)) return
+    console.error('Database trigger change stream error', error)
+  })
   changeStream.on('change', async function ({ clusterTime, ...change }) {
     await GenerateContext({
       args: [change],
@@ -186,7 +237,13 @@ const handleDataBaseTrigger = async ({
       services
     })
   })
-  // TODO -> gestire close dello stream
+  registerOnClose(
+    app,
+    async () => {
+      await changeStream.close()
+    },
+    'Database trigger'
+  )
 }
 
 export const TRIGGER_HANDLERS = {

package/src/index.ts

@@ -14,12 +14,22 @@ import { exposeRoutes } from './utils/initializer/exposeRoutes'
 import { registerPlugins } from './utils/initializer/registerPlugins'
 export * from './model'
 
+
+export type ALLOWED_METHODS = "GET" | "POST" | "PUT" | "DELETE"
+
+export type CorsConfig = {
+  origin: string
+  methods: ALLOWED_METHODS[]
+}
+
 export type InitializeConfig = {
   projectId: string
   mongodbUrl?: string
   jwtSecret?: string
   port?: number
   host?: string
+  corsConfig?: CorsConfig
+  basePath?: string
 }
 
 /**
@@ -35,25 +45,27 @@ export async function initialize({
   host = DEFAULT_CONFIG.HOST,
   jwtSecret = DEFAULT_CONFIG.JWT_SECRET,
   port = DEFAULT_CONFIG.PORT,
-  mongodbUrl = DEFAULT_CONFIG.MONGODB_URL
+  mongodbUrl = DEFAULT_CONFIG.MONGODB_URL,
+  corsConfig = DEFAULT_CONFIG.CORS_OPTIONS,
+  basePath
 }: InitializeConfig) {
+  const resolvedBasePath = basePath ?? require.main?.path ?? process.cwd()
   const fastify = Fastify({
     logger: !!DEFAULT_CONFIG.ENABLE_LOGGER
   })
 
-  const basePath = require.main?.path
-  console.log("BASE PATH", basePath)
+  console.log("BASE PATH", resolvedBasePath)
 
   console.log("CURRENT PORT", port)
   console.log("CURRENT HOST", host)
 
-  const functionsList = await loadFunctions(basePath)
+  const functionsList = await loadFunctions(resolvedBasePath)
   console.log("Functions LOADED")
-  const triggersList = await loadTriggers(basePath)
+  const triggersList = await loadTriggers(resolvedBasePath)
   console.log("Triggers LOADED")
-  const endpointsList = await loadEndpoints(basePath)
+  const endpointsList = await loadEndpoints(resolvedBasePath)
   console.log("Endpoints LOADED")
-  const rulesList = await loadRules(basePath)
+  const rulesList = await loadRules(resolvedBasePath)
   console.log("Rules LOADED")
 
   const stateConfig = {
@@ -91,7 +103,8 @@ export async function initialize({
     register: fastify.register,
     mongodbUrl,
     jwtSecret,
-    functionsList
+    functionsList,
+    corsConfig
   })
 
   console.log('Plugins registration COMPLETED')