@flowerforce/flowerbase 1.2.1-beta.2 → 1.2.1-beta.21

package/src/features/functions/controller.ts

@@ -34,6 +34,13 @@ const logFunctionCall = (method: string, user: Record<string, any> | undefined,
   console.log('[functions-debug]', method, user ? { id: user.id, role: user.role, email: user.email } : 'no-user', args)
 }
 
+const formatFunctionExecutionError = (error: unknown) => {
+  const err = error as { message?: string; name?: string }
+  const message = typeof err?.message === 'string' ? err.message : String(error)
+  const name = typeof err?.name === 'string' ? err.name : 'Error'
+  return JSON.stringify({ message, name })
+}
+
 /**
  * > Creates a pre handler for every query
  * @param app -> the fastify instance
@@ -61,7 +68,18 @@ export const functionsController: FunctionController = async (
         if (!serviceFn) {
           throw new Error(`Service "${req.body.service}" does not exist`)
         }
-      const [{ database, collection, query, update, document, documents, pipeline = [] }] = args
+      const [{
+        database,
+        collection,
+        query,
+        filter,
+        update,
+        options,
+        returnNewDocument,
+        document,
+        documents,
+        pipeline = []
+      }] = args
 
       const currentMethod = serviceFn(app, { rules, user })
         .db(database)
@@ -71,7 +89,10 @@ export const functionsController: FunctionController = async (
       const operatorsByType = await executeQuery({
         currentMethod,
         query,
+        filter,
         update,
+        options,
+        returnNewDocument,
         document,
         documents,
         pipeline,
@@ -91,17 +112,26 @@ export const functionsController: FunctionController = async (
     }
 
     logFunctionCall(`function:${method}`, user, args)
-    const result = await GenerateContext({
-      args: req.body.arguments,
-      app,
-      rules,
-      user: { ...user, _id: new ObjectId(user.id) },
-      currentFunction,
-      functionsList,
-      services
-    })
-    res.type('application/json')
-    return JSON.stringify(result)
+    try {
+      const result = await GenerateContext({
+        args: req.body.arguments,
+        app,
+        rules,
+        user: { ...user, _id: new ObjectId(user.id) },
+        currentFunction,
+        functionsList,
+        services
+      })
+      res.type('application/json')
+      return JSON.stringify(result)
+    } catch (error) {
+      res.status(500)
+      res.type('application/json')
+      return JSON.stringify({
+        error: formatFunctionExecutionError(error),
+        error_code: 'FunctionExecutionError'
+      })
+    }
   })
   app.get<{
     Querystring: FunctionCallBase64Dto

package/src/features/functions/dtos.ts

@@ -23,8 +23,11 @@ export type FunctionCallBase64Dto = {
 type ArgumentsData = Arguments<{
   database: string
   collection: string
+  filter?: Document
   query: Parameters<GetOperatorsFunction>
   update: Document
+  options?: Document
+  returnNewDocument?: boolean
   document: Document
   documents: Document[]
   pipeline?: Document[]

package/src/features/functions/interface.ts

@@ -24,6 +24,9 @@ export type ExecuteQueryParams = {
   currentMethod: ReturnType<GetOperatorsFunction>[keyof ReturnType<GetOperatorsFunction>]
   query: Parameters<GetOperatorsFunction>
   update: Document
+  filter?: Document
+  options?: Document
+  returnNewDocument?: boolean
   document: Document
   documents: Document[]
   pipeline: Document[]

package/src/features/functions/utils.ts

@@ -44,29 +44,51 @@ export const executeQuery = async ({
   currentMethod,
   query,
   update,
+  filter,
+  options,
+  returnNewDocument,
   document,
   documents,
   pipeline,
   isClient = false
 }: ExecuteQueryParams) => {
+  const resolvedQuery =
+    typeof query !== 'undefined'
+      ? query
+      : typeof filter !== 'undefined'
+        ? filter
+        : {}
+  const resolvedUpdate = typeof update !== 'undefined' ? update : {}
+  const resolvedOptions =
+    typeof options !== 'undefined'
+      ? options
+      : typeof returnNewDocument === 'boolean'
+        ? { returnDocument: returnNewDocument ? 'after' : 'before' }
+        : undefined
   return {
     find: async () =>
       await (currentMethod as ReturnType<GetOperatorsFunction>['find'])(
-        EJSON.deserialize(query)
+        EJSON.deserialize(resolvedQuery)
       ).toArray(),
     findOne: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['findOne'])(
-        EJSON.deserialize(query)
+        EJSON.deserialize(resolvedQuery)
       ),
     deleteOne: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['deleteOne'])(
-        EJSON.deserialize(query)
+        EJSON.deserialize(resolvedQuery)
       ),
     insertOne: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['insertOne'])(
         EJSON.deserialize(document)
       ),
-    updateOne: () => currentMethod(EJSON.deserialize(query), EJSON.deserialize(update)),
+    updateOne: () => currentMethod(EJSON.deserialize(resolvedQuery), EJSON.deserialize(resolvedUpdate)),
+    findOneAndUpdate: () =>
+      (currentMethod as ReturnType<GetOperatorsFunction>['findOneAndUpdate'])(
+        EJSON.deserialize(resolvedQuery),
+        EJSON.deserialize(resolvedUpdate),
+        resolvedOptions ? EJSON.deserialize(resolvedOptions) : undefined
+      ),
     aggregate: async () =>
       (await (currentMethod as ReturnType<GetOperatorsFunction>['aggregate'])(
         EJSON.deserialize(pipeline),
@@ -79,13 +101,12 @@ export const executeQuery = async ({
       ),
     updateMany: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['updateMany'])(
-        EJSON.deserialize(query),
-        EJSON.deserialize(update)
+        EJSON.deserialize(resolvedQuery),
+        EJSON.deserialize(resolvedUpdate)
       ),
     deleteMany: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['deleteMany'])(
-        EJSON.deserialize(query)
+        EJSON.deserialize(resolvedQuery)
       )
   }
 }
-

package/src/features/triggers/index.ts

@@ -1,3 +1,4 @@
+import { AUTH_CONFIG, DB_NAME } from '../../constants'
 import { services } from '../../services'
 import { Function, Functions } from '../functions/interface'
 import { ActivateTriggersParams } from './dtos'
@@ -17,7 +18,49 @@ export const activateTriggers = async ({
 }: ActivateTriggersParams) => {
   console.log('START ACTIVATION TRIGGERS')
   try {
-    for await (const trigger of triggersList) {
+    const triggersToActivate = [...triggersList]
+    if (AUTH_CONFIG.on_user_creation_function_name) {
+      const alreadyDeclared = triggersToActivate.some(
+        (trigger) =>
+          trigger.content.type === 'AUTHENTICATION' &&
+          trigger.content.event_processors?.FUNCTION?.config?.function_name ===
+          AUTH_CONFIG.on_user_creation_function_name
+      )
+      if (!alreadyDeclared) {
+        triggersToActivate.push({
+          fileName: '__auto_on_user_creation_trigger__.json',
+          content: {
+            name: 'onUserCreation',
+            type: 'AUTHENTICATION',
+            disabled: false,
+            config: {
+              isAutoTrigger: true,
+              collection: AUTH_CONFIG.authCollection ?? 'auth_users',
+              database: DB_NAME,
+              full_document: true,
+              full_document_before_change: false,
+              match: {},
+              operation_types: ['insert', 'update', 'replace'],
+              project: {},
+              service_name: 'mongodb-atlas',
+              skip_catchup_events: false,
+              tolerate_resume_errors: false,
+              unordered: false,
+              schedule: ''
+            },
+            event_processors: {
+              FUNCTION: {
+                config: {
+                  function_name: AUTH_CONFIG.on_user_creation_function_name
+                }
+              }
+            }
+          }
+        })
+      }
+    }
+
+    for await (const trigger of triggersToActivate) {
       const { content } = trigger
       const { type, config, event_processors } = content
 

package/src/features/triggers/interface.ts

@@ -21,6 +21,7 @@ type Config = {
   database: string
   full_document: boolean
   full_document_before_change: boolean
+  isAutoTrigger?: boolean
   match: Record<string, unknown>
   operation_types: string[]
   project: Record<string, unknown>

package/src/features/triggers/utils.ts

@@ -110,55 +110,107 @@ const handleAuthenticationTrigger = async ({
   services,
   app
 }: HandlerParams) => {
-  const { database } = config
+  const { database, isAutoTrigger } = config
+  const authCollection = AUTH_CONFIG.authCollection ?? 'auth_users'
+  const collection = app.mongo.client.db(database || DB_NAME).collection(authCollection)
   const pipeline = [
     {
       $match: {
-        operationType: { $in: ['insert'] }
+        operationType: { $in: ['insert', 'update', 'replace'] }
       }
     }
   ]
-  const changeStream = app.mongo.client
-    .db(database || DB_NAME)
-    .collection(AUTH_CONFIG.authCollection)
-    .watch(pipeline, {
-      fullDocument: 'whenAvailable'
-    })
+  const changeStream = collection.watch(pipeline, {
+    fullDocument: 'whenAvailable'
+  })
   changeStream.on('error', (error) => {
     if (shouldIgnoreStreamError(error)) return
     console.error('Authentication trigger change stream error', error)
   })
   changeStream.on('change', async function (change) {
-    const document = change['fullDocument' as keyof typeof change] as Record<
-      string,
-      string
-    > //TODO -> define user type
-
-    if (document) {
-      delete document.password
-
-      const currentUser = { ...document }
-      delete currentUser.password
-      await GenerateContext({
-        args: [{
-          user: {
-            ...currentUser,
-            id: currentUser._id.toString(),
-            data: {
-              _id: currentUser._id.toString(),
-              email: currentUser.email
-            }
-          }
-        }],
-        app,
-        rules: StateManager.select("rules"),
-        user: {},  // TODO from currentUser ??
-        currentFunction: triggerHandler,
-        functionsList,
-        services,
-        runAsSystem: true
-      })
+    const operationType = change['operationType' as keyof typeof change] as string | undefined
+    const documentKey = change['documentKey' as keyof typeof change] as
+      | { _id?: unknown }
+      | undefined
+    const fullDocument = change['fullDocument' as keyof typeof change] as
+      | Record<string, unknown>
+      | null
+    if (!documentKey?._id) {
+      return
     }
+
+    const updateDescription = change[
+      'updateDescription' as keyof typeof change
+    ] as { updatedFields?: Record<string, unknown> } | undefined
+    const updatedStatus = updateDescription?.updatedFields?.status
+    let confirmedCandidate = false
+    let confirmedDocument =
+      fullDocument as Record<string, unknown> | null
+
+    if (operationType === 'update') {
+      if (updatedStatus === 'confirmed') {
+        confirmedCandidate = true
+      } else if (updatedStatus === undefined) {
+        const fetched = await collection.findOne({
+          _id: documentKey._id
+        }) as Record<string, unknown> | null
+        confirmedDocument = fetched ?? confirmedDocument
+        confirmedCandidate = (confirmedDocument as { status?: string } | null)?.status === 'confirmed'
+      }
+    } else {
+      confirmedCandidate = (confirmedDocument as { status?: string } | null)?.status === 'confirmed'
+    }
+
+    if (!confirmedCandidate) {
+      return
+    }
+
+    const updateResult = await collection.findOneAndUpdate(
+      {
+        _id: documentKey._id,
+        status: 'confirmed',
+        on_user_creation_triggered_at: { $exists: false }
+      },
+      {
+        $set: {
+          on_user_creation_triggered_at: new Date()
+        }
+      },
+      {
+        returnDocument: 'after'
+      }
+    )
+
+    const document =
+      (updateResult?.value as Record<string, unknown> | null) ?? confirmedDocument
+    if (!document) {
+      return
+    }
+
+    delete (document as { password?: unknown }).password
+
+    const currentUser = { ...document }
+    delete (currentUser as { password?: unknown }).password
+
+    const userData = {
+      ...currentUser,
+      id: (currentUser as { _id: { toString: () => string } })._id.toString(),
+      data: {
+        _id: (currentUser as { _id: { toString: () => string } })._id.toString(),
+        email: (currentUser as { email?: string }).email
+      }
+    }
+    // TODO change va ripulito
+    await GenerateContext({
+      args: isAutoTrigger ? [userData] : [{ user: userData /*, ...change */ }],
+      app,
+      rules: StateManager.select("rules"),
+      user: {},  // TODO from currentUser ??
+      currentFunction: triggerHandler,
+      functionsList,
+      services,
+      runAsSystem: true
+    })
   })
   registerOnClose(
     app,

package/src/index.ts

@@ -49,24 +49,34 @@ export async function initialize({
   corsConfig = DEFAULT_CONFIG.CORS_OPTIONS,
   basePath
 }: InitializeConfig) {
+  if (!jwtSecret || jwtSecret.trim().length === 0) {
+    throw new Error('JWT secret missing: set JWT_SECRET or pass jwtSecret to initialize()')
+  }
+
   const resolvedBasePath = basePath ?? require.main?.path ?? process.cwd()
   const fastify = Fastify({
     logger: !!DEFAULT_CONFIG.ENABLE_LOGGER
   })
 
-  console.log("BASE PATH", resolvedBasePath)
+  const isTest = process.env.NODE_ENV === 'test' || process.env.JEST_WORKER_ID !== undefined
+  const logInfo = (...args: unknown[]) => {
+    if (!isTest) {
+      console.log(...args)
+    }
+  }
 
-  console.log("CURRENT PORT", port)
-  console.log("CURRENT HOST", host)
+  logInfo("BASE PATH", resolvedBasePath)
+  logInfo("CURRENT PORT", port)
+  logInfo("CURRENT HOST", host)
 
   const functionsList = await loadFunctions(resolvedBasePath)
-  console.log("Functions LOADED")
+  logInfo("Functions LOADED")
   const triggersList = await loadTriggers(resolvedBasePath)
-  console.log("Triggers LOADED")
+  logInfo("Triggers LOADED")
   const endpointsList = await loadEndpoints(resolvedBasePath)
-  console.log("Endpoints LOADED")
+  logInfo("Endpoints LOADED")
   const rulesList = await loadRules(resolvedBasePath)
-  console.log("Rules LOADED")
+  logInfo("Rules LOADED")
 
   const stateConfig = {
     functions: functionsList,
@@ -90,7 +100,33 @@ export async function initialize({
       deepLinking: false
     },
     uiHooks: {
-      onRequest: function (request, reply, next) { next() },
+      onRequest: function (request, reply, next) {
+        const swaggerUser = DEFAULT_CONFIG.SWAGGER_UI_USER
+        const swaggerPassword = DEFAULT_CONFIG.SWAGGER_UI_PASSWORD
+        if (!swaggerUser && !swaggerPassword) {
+          next()
+          return
+        }
+        const authHeader = request.headers.authorization
+        if (!authHeader || !authHeader.startsWith('Basic ')) {
+          reply
+            .code(401)
+            .header('WWW-Authenticate', 'Basic realm="Swagger UI"')
+            .send({ message: 'Unauthorized' })
+          return
+        }
+        const encoded = authHeader.slice('Basic '.length)
+        const decoded = Buffer.from(encoded, 'base64').toString('utf8')
+        const [user, pass] = decoded.split(':')
+        if (user !== swaggerUser || pass !== swaggerPassword) {
+          reply
+            .code(401)
+            .header('WWW-Authenticate', 'Basic realm="Swagger UI"')
+            .send({ message: 'Unauthorized' })
+          return
+        }
+        next()
+      },
       preHandler: function (request, reply, next) { next() }
     },
     staticCSP: true,
@@ -107,15 +143,15 @@ export async function initialize({
     corsConfig
   })
 
-  console.log('Plugins registration COMPLETED')
+  logInfo('Plugins registration COMPLETED')
   await exposeRoutes(fastify)
-  console.log('APP Routes registration COMPLETED')
+  logInfo('APP Routes registration COMPLETED')
   await registerFunctions({ app: fastify, functionsList, rulesList })
-  console.log('Functions registration COMPLETED')
+  logInfo('Functions registration COMPLETED')
   await generateEndpoints({ app: fastify, functionsList, endpointsList, rulesList })
-  console.log('HTTP Endpoints registration COMPLETED')
+  logInfo('HTTP Endpoints registration COMPLETED')
   fastify.ready(() => {
-    console.log("FASTIFY IS READY")
+    logInfo("FASTIFY IS READY")
     if (triggersList?.length > 0) activateTriggers({ fastify, triggersList, functionsList })
   })
   await fastify.listen({ port, host })

package/src/services/mongodb-atlas/__tests__/findOneAndUpdate.test.ts

@@ -0,0 +1,95 @@
+import { Document, ObjectId } from 'mongodb'
+import MongoDbAtlas from '..'
+import { Role, Rules } from '../../../features/rules/interface'
+
+const createAppWithCollection = (collection: Record<string, unknown>) => ({
+  mongo: {
+    client: {
+      db: jest.fn().mockReturnValue({
+        collection: jest.fn().mockReturnValue(collection)
+      })
+    }
+  }
+})
+
+const createRules = (roleOverrides: Partial<Role> = {}): Rules => ({
+  todos: {
+    database: 'db',
+    collection: 'todos',
+    filters: [],
+    roles: [
+      {
+        name: 'owner',
+        apply_when: {},
+        insert: true,
+        delete: true,
+        search: true,
+        read: true,
+        write: true,
+        ...roleOverrides
+      }
+    ]
+  }
+})
+
+describe('mongodb-atlas findOneAndUpdate', () => {
+  it('applies write/read validation and returns the updated document', async () => {
+    const id = new ObjectId()
+    const existingDoc = { _id: id, title: 'Old', userId: 'user-1' }
+    const updatedDoc = { _id: id, title: 'New', userId: 'user-1' }
+    const findOne = jest.fn().mockResolvedValue(existingDoc)
+    const aggregate = jest.fn().mockReturnValue({
+      toArray: jest.fn().mockResolvedValue([updatedDoc])
+    })
+    const findOneAndUpdate = jest.fn().mockResolvedValue(updatedDoc)
+    const collection = {
+      collectionName: 'todos',
+      findOne,
+      aggregate,
+      findOneAndUpdate
+    }
+
+    const app = createAppWithCollection(collection)
+    const operators = MongoDbAtlas(app as any, {
+      rules: createRules(),
+      user: { id: 'user-1' }
+    })
+      .db('db')
+      .collection('todos')
+
+    const result = await operators.findOneAndUpdate({ _id: id }, { $set: { title: 'New' } })
+
+    expect(findOne).toHaveBeenCalled()
+    expect(aggregate).toHaveBeenCalled()
+    expect(findOneAndUpdate).toHaveBeenCalledWith(
+      { $and: [{ _id: id }] },
+      { $set: { title: 'New' } }
+    )
+    expect(result).toEqual(updatedDoc)
+  })
+
+  it('rejects updates when write permission is denied', async () => {
+    const id = new ObjectId()
+    const existingDoc = { _id: id, title: 'Old', userId: 'user-1' }
+    const findOne = jest.fn().mockResolvedValue(existingDoc)
+    const findOneAndUpdate = jest.fn()
+    const collection = {
+      collectionName: 'todos',
+      findOne,
+      findOneAndUpdate
+    }
+
+    const app = createAppWithCollection(collection)
+    const operators = MongoDbAtlas(app as any, {
+      rules: createRules({ write: false }),
+      user: { id: 'user-1' }
+    })
+      .db('db')
+      .collection('todos')
+
+    await expect(
+      operators.findOneAndUpdate({ _id: id }, { title: 'Denied' } as Document)
+    ).rejects.toThrow('Update not permitted')
+    expect(findOneAndUpdate).not.toHaveBeenCalled()
+  })
+})