@flowerforce/flowerbase 1.4.2-beta.3 → 1.4.2-beta.5

package/dist/auth/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/auth/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAQzC;;;;GAIG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,eAAe,iBA+IxD"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/auth/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAQzC;;;;GAIG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,eAAe,iBA0JxD"}

package/dist/auth/controller.js

@@ -31,6 +31,14 @@ function authController(app) {
         catch (error) {
             console.error('Failed to ensure refresh token TTL index', error);
         }
+        try {
+            yield db.collection(authCollection).createIndex({ email: 1 }, {
+                unique: true
+            });
+        }
+        catch (error) {
+            console.error('Failed to ensure auth email unique index', error);
+        }
         app.addHook(HANDLER_TYPE, app.jwtAuthentication);
         /**
          * Endpoint to retrieve the authenticated user's profile.

package/dist/auth/providers/anon-user/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/anon-user/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,eAAe,iBA8E5D"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/anon-user/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,eAAe,iBAmE5D"}

package/dist/auth/providers/anon-user/controller.js

@@ -10,9 +10,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.anonUserController = anonUserController;
+const bson_1 = require("bson");
 const constants_1 = require("../../../constants");
-const crypto_1 = require("../../../utils/crypto");
 const handleUserRegistration_model_1 = require("../../../shared/models/handleUserRegistration.model");
+const crypto_1 = require("../../../utils/crypto");
 const utils_1 = require("../../utils");
 /**
  * Controller for handling anonymous user login.
@@ -41,30 +42,23 @@ function anonUserController(app) {
                     throw new Error('Anonymous authentication disabled');
                 }
                 const now = new Date();
-                const insertResult = yield db.collection(authCollection).insertOne({
+                const userId = new bson_1.ObjectId();
+                const anonEmail = `anon-${userId.toString()}@users.invalid`;
+                yield db.collection(authCollection).insertOne({
+                    _id: userId,
+                    email: anonEmail,
                     status: 'confirmed',
                     createdAt: now,
                     custom_data: {},
                     identities: [
                         {
+                            id: userId.toString(),
+                            provider_id: userId.toString(),
                             provider_type: handleUserRegistration_model_1.PROVIDER.ANON_USER,
                             provider_data: {}
                         }
                     ]
                 });
-                const userId = insertResult.insertedId;
-                yield db.collection(authCollection).updateOne({ _id: userId }, {
-                    $set: {
-                        identities: [
-                            {
-                                id: userId.toString(),
-                                provider_id: userId.toString(),
-                                provider_type: handleUserRegistration_model_1.PROVIDER.ANON_USER,
-                                provider_data: {}
-                            }
-                        ]
-                    }
-                });
                 const currentUserData = {
                     _id: userId,
                     user_data: {}

package/dist/auth/utils.js

@@ -15,10 +15,10 @@ exports.LOGIN_SCHEMA = {
             username: {
                 type: 'string',
                 pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-                minLength: 3,
+                minLength: 5,
                 maxLength: 254
             },
-            password: { type: 'string', minLength: 8, maxLength: 128 }
+            password: { type: 'string', minLength: 6, maxLength: 128 }
         },
         required: ['username', 'password']
     }
@@ -30,7 +30,7 @@ exports.RESET_SEND_SCHEMA = {
             email: {
                 type: 'string',
                 pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-                minLength: 3,
+                minLength: 5,
                 maxLength: 254
             }
         },
@@ -44,10 +44,10 @@ exports.RESET_CALL_SCHEMA = {
             email: {
                 type: 'string',
                 pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-                minLength: 3,
+                minLength: 5,
                 maxLength: 254
             },
-            password: { type: 'string', minLength: 8, maxLength: 128 },
+            password: { type: 'string', minLength: 6, maxLength: 128 },
             arguments: { type: 'array' }
         },
         required: ['email', 'password']
@@ -57,7 +57,7 @@ exports.CONFIRM_RESET_SCHEMA = {
     body: {
         type: 'object',
         properties: {
-            password: { type: 'string', minLength: 8, maxLength: 128 },
+            password: { type: 'string', minLength: 6, maxLength: 128 },
             token: { type: 'string' },
             tokenId: { type: 'string' }
         },
@@ -82,10 +82,10 @@ exports.REGISTRATION_SCHEMA = {
             email: {
                 type: 'string',
                 pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-                minLength: 3,
+                minLength: 5,
                 maxLength: 254
             },
-            password: { type: 'string', minLength: 8, maxLength: 128 }
+            password: { type: 'string', minLength: 6, maxLength: 128 }
         },
         required: ['email', 'password']
     }

package/dist/features/functions/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../src/features/functions/controller.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AA2ChD;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,EAAE,kBAwJjC,CAAA"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../src/features/functions/controller.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AA2ChD;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,EAAE,kBA0JjC,CAAA"}

package/dist/features/functions/controller.js

@@ -67,7 +67,7 @@ const functionsController = (app_1, _a) => __awaiter(void 0, [app_1, _a], void 0
                 if (!serviceFn) {
                     throw new Error(`Service "${req.body.service}" does not exist`);
                 }
-            const [{ database, collection, query, filter, update, options, returnNewDocument, document, documents, pipeline = [] }] = args;
+            const [{ database, collection, query, filter, update, projection, options, returnNewDocument, document, documents, pipeline = [] }] = args;
             const currentMethod = serviceFn(app, { rules, user })
                 .db(database)
                 .collection(collection)[method];
@@ -77,6 +77,7 @@ const functionsController = (app_1, _a) => __awaiter(void 0, [app_1, _a], void 0
                 query,
                 filter,
                 update,
+                projection,
                 options,
                 returnNewDocument,
                 document,

package/dist/features/functions/dtos.d.ts

@@ -20,6 +20,7 @@ type ArgumentsData = Arguments<{
     filter?: Document;
     query: Parameters<GetOperatorsFunction>;
     update: Document;
+    projection?: Document;
     options?: Document;
     returnNewDocument?: boolean;
     document: Document;

package/dist/features/functions/dtos.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../src/features/functions/dtos.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAClC,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA;AAEzE,KAAK,UAAU,GAAG,OAAO,CAAC,MAAM,UAAU,CAAC,oBAAoB,CAAC,EAAE,OAAO,CAAC,CAAA;AAE1E,MAAM,MAAM,eAAe,GACvB;IACA,IAAI,EAAE,UAAU,CAAA;IAChB,SAAS,EAAE,aAAa,CAAA;CACzB,GACC;IACA,SAAS,EAAE,aAAa,CAAA;IACxB,IAAI,EAAE,UAAU,CAAA;IAChB,OAAO,EAAE,eAAe,CAAA;CACzB,CAAA;AAEH,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,KAAK,aAAa,GAAG,SAAS,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,QAAQ,CAAA;IACjB,KAAK,EAAE,UAAU,CAAC,oBAAoB,CAAC,CAAA;IACvC,MAAM,EAAE,QAAQ,CAAA;IAChB,OAAO,CAAC,EAAE,QAAQ,CAAA;IAClB,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,QAAQ,EAAE,QAAQ,CAAA;IAClB,SAAS,EAAE,QAAQ,EAAE,CAAA;IACrB,QAAQ,CAAC,EAAE,QAAQ,EAAE,CAAA;CACtB,CAAC,CAAA;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,QAAQ,EAAE,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,KAAK,QAAQ,GAAG;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA"}
+{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../src/features/functions/dtos.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAClC,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA;AAEzE,KAAK,UAAU,GAAG,OAAO,CAAC,MAAM,UAAU,CAAC,oBAAoB,CAAC,EAAE,OAAO,CAAC,CAAA;AAE1E,MAAM,MAAM,eAAe,GACvB;IACA,IAAI,EAAE,UAAU,CAAA;IAChB,SAAS,EAAE,aAAa,CAAA;CACzB,GACC;IACA,SAAS,EAAE,aAAa,CAAA;IACxB,IAAI,EAAE,UAAU,CAAA;IAChB,OAAO,EAAE,eAAe,CAAA;CACzB,CAAA;AAEH,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,KAAK,aAAa,GAAG,SAAS,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,QAAQ,CAAA;IACjB,KAAK,EAAE,UAAU,CAAC,oBAAoB,CAAC,CAAA;IACvC,MAAM,EAAE,QAAQ,CAAA;IAChB,UAAU,CAAC,EAAE,QAAQ,CAAA;IACrB,OAAO,CAAC,EAAE,QAAQ,CAAA;IAClB,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,QAAQ,EAAE,QAAQ,CAAA;IAClB,SAAS,EAAE,QAAQ,EAAE,CAAA;IACrB,QAAQ,CAAC,EAAE,QAAQ,EAAE,CAAA;CACtB,CAAC,CAAA;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,QAAQ,EAAE,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,KAAK,QAAQ,GAAG;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA"}

package/dist/features/functions/interface.d.ts

@@ -22,6 +22,7 @@ export type ExecuteQueryParams = {
     query: Parameters<GetOperatorsFunction>;
     update: Document;
     filter?: Document;
+    projection?: Document;
     options?: Document;
     returnNewDocument?: boolean;
     document: Document;

package/dist/features/functions/interface.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/features/functions/interface.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAClC,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA;AACzE,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAE1C,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B;AAED,MAAM,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,MAAM,CAAC,GAAG;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAA;AAEtE,MAAM,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;AAEhD,MAAM,MAAM,uBAAuB,GAAG;IACpC,GAAG,EAAE,eAAe,CAAA;IACpB,aAAa,EAAE,SAAS,CAAA;IACxB,SAAS,EAAE,KAAK,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,aAAa,EAAE,UAAU,CAAC,oBAAoB,CAAC,CAAC,MAAM,UAAU,CAAC,oBAAoB,CAAC,CAAC,CAAA;IACvF,KAAK,EAAE,UAAU,CAAC,oBAAoB,CAAC,CAAA;IACvC,MAAM,EAAE,QAAQ,CAAA;IAChB,MAAM,CAAC,EAAE,QAAQ,CAAA;IACjB,OAAO,CAAC,EAAE,QAAQ,CAAA;IAClB,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,QAAQ,EAAE,QAAQ,CAAA;IAClB,SAAS,EAAE,QAAQ,EAAE,CAAA;IACrB,QAAQ,EAAE,QAAQ,EAAE,CAAA;IACpB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB,CAAA;AAED,KAAK,0BAA0B,GAAG;IAChC,aAAa,EAAE,SAAS,CAAA;IACxB,KAAK,EAAE,KAAK,CAAA;CACb,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG,CAC/B,GAAG,EAAE,eAAe,EACpB,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,0BAA0B,KACjD,OAAO,CAAC,IAAI,CAAC,CAAA"}
+{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/features/functions/interface.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAClC,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA;AACzE,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAE1C,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B;AAED,MAAM,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,MAAM,CAAC,GAAG;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAA;AAEtE,MAAM,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;AAEhD,MAAM,MAAM,uBAAuB,GAAG;IACpC,GAAG,EAAE,eAAe,CAAA;IACpB,aAAa,EAAE,SAAS,CAAA;IACxB,SAAS,EAAE,KAAK,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,aAAa,EAAE,UAAU,CAAC,oBAAoB,CAAC,CAAC,MAAM,UAAU,CAAC,oBAAoB,CAAC,CAAC,CAAA;IACvF,KAAK,EAAE,UAAU,CAAC,oBAAoB,CAAC,CAAA;IACvC,MAAM,EAAE,QAAQ,CAAA;IAChB,MAAM,CAAC,EAAE,QAAQ,CAAA;IACjB,UAAU,CAAC,EAAE,QAAQ,CAAA;IACrB,OAAO,CAAC,EAAE,QAAQ,CAAA;IAClB,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,QAAQ,EAAE,QAAQ,CAAA;IAClB,SAAS,EAAE,QAAQ,EAAE,CAAA;IACrB,QAAQ,EAAE,QAAQ,EAAE,CAAA;IACpB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB,CAAA;AAED,KAAK,0BAA0B,GAAG;IAChC,aAAa,EAAE,SAAS,CAAA;IACxB,KAAK,EAAE,KAAK,CAAA;CACb,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG,CAC/B,GAAG,EAAE,eAAe,EACpB,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,0BAA0B,KACjD,OAAO,CAAC,IAAI,CAAC,CAAA"}

package/dist/features/functions/utils.d.ts

@@ -11,11 +11,11 @@ export declare const loadFunctions: (rootDir?: string) => Promise<Functions>;
  * @param query -> the query data
  * @param update -> the update Document that should be deserialized
  */
-export declare const executeQuery: ({ currentMethod, query, update, filter, options, returnNewDocument, document, documents, pipeline, isClient }: ExecuteQueryParams) => Promise<{
+export declare const executeQuery: ({ currentMethod, query, update, filter, projection, options, returnNewDocument, document, documents, pipeline, isClient }: ExecuteQueryParams) => Promise<{
     find: () => Promise<any[]>;
     findOne: () => Promise<unknown>;
     count: () => Promise<number>;
-    deleteOne: () => Promise<unknown>;
+    deleteOne: () => Promise<import("mongodb").DeleteResult>;
     insertOne: () => Promise<import("mongodb").InsertOneResult<Document>>;
     updateOne: () => Promise<unknown> | import("mongodb").FindCursor<any> | import("mongodb").ChangeStream<Document, Document> | import("mongodb").AggregationCursor<Document>;
     findOneAndUpdate: () => Promise<Document | null>;

package/dist/features/functions/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/features/functions/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAGlC,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAE3D;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAU,gBAAuB,KAAG,OAAO,CAAC,SAAS,CAwB9E,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,YAAY,GAAU,+GAWhC,kBAAkB;;;;;;;;;;;;EA4EpB,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/features/functions/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAGlC,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAE3D;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAU,gBAAuB,KAAG,OAAO,CAAC,SAAS,CAwB9E,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,YAAY,GAAU,2HAYhC,kBAAkB;;;;;;;;;;;;EA4FpB,CAAA"}

package/dist/features/functions/utils.js

@@ -58,7 +58,7 @@ exports.loadFunctions = loadFunctions;
  * @param query -> the query data
  * @param update -> the update Document that should be deserialized
  */
-const executeQuery = (_a) => __awaiter(void 0, [_a], void 0, function* ({ currentMethod, query, update, filter, options, returnNewDocument, document, documents, pipeline, isClient = false }) {
+const executeQuery = (_a) => __awaiter(void 0, [_a], void 0, function* ({ currentMethod, query, update, filter, projection, options, returnNewDocument, document, documents, pipeline, isClient = false }) {
     const resolvedQuery = typeof query !== 'undefined'
         ? query
         : typeof filter !== 'undefined'
@@ -71,10 +71,18 @@ const executeQuery = (_a) => __awaiter(void 0, [_a], void 0, function* ({ curren
             ? { returnDocument: returnNewDocument ? 'after' : 'before' }
             : undefined;
     const parsedOptions = resolvedOptions ? bson_1.EJSON.deserialize(resolvedOptions) : undefined;
+    const parsedProjection = typeof projection !== 'undefined' ? bson_1.EJSON.deserialize(projection) : undefined;
+    const resolvedProjection = typeof projection !== 'undefined'
+        ? parsedProjection
+        : parsedOptions &&
+            typeof parsedOptions === 'object' &&
+            'projection' in parsedOptions
+            ? parsedOptions.projection
+            : undefined;
     return {
         find: () => __awaiter(void 0, void 0, void 0, function* () {
             return yield (() => {
-                const cursor = currentMethod(bson_1.EJSON.deserialize(resolvedQuery));
+                const cursor = currentMethod(bson_1.EJSON.deserialize(resolvedQuery), resolvedProjection, parsedOptions);
                 if (parsedOptions === null || parsedOptions === void 0 ? void 0 : parsedOptions.sort) {
                     cursor.sort(parsedOptions.sort);
                 }
@@ -87,9 +95,9 @@ const executeQuery = (_a) => __awaiter(void 0, [_a], void 0, function* ({ curren
                 return cursor.toArray();
             })();
         }),
-        findOne: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery)),
+        findOne: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery), resolvedProjection, parsedOptions),
         count: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery), parsedOptions),
-        deleteOne: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery)),
+        deleteOne: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery), parsedOptions),
         insertOne: () => currentMethod(bson_1.EJSON.deserialize(document)),
         updateOne: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery), bson_1.EJSON.deserialize(resolvedUpdate)),
         findOneAndUpdate: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery), bson_1.EJSON.deserialize(resolvedUpdate), parsedOptions),
@@ -99,7 +107,7 @@ const executeQuery = (_a) => __awaiter(void 0, [_a], void 0, function* ({ curren
         }),
         insertMany: () => currentMethod(bson_1.EJSON.deserialize(documents)),
         updateMany: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery), bson_1.EJSON.deserialize(resolvedUpdate)),
-        deleteMany: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery))
+        deleteMany: () => currentMethod(bson_1.EJSON.deserialize(resolvedQuery), parsedOptions)
     };
 });
 exports.executeQuery = executeQuery;

package/dist/services/mongodb-atlas/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/index.ts"],"names":[],"mappings":"AAcA,OAAO,EAAyC,oBAAoB,EAAE,MAAM,SAAS,CAAA;AA60BrF,QAAA,MAAM,YAAY,EAAE,oBAsBlB,CAAA;AAEF,eAAe,YAAY,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/index.ts"],"names":[],"mappings":"AAcA,OAAO,EAAyC,oBAAoB,EAAE,MAAM,SAAS,CAAA;AAm2BrF,QAAA,MAAM,YAAY,EAAE,oBAsBlB,CAAA;AAEF,eAAe,YAAY,CAAA"}

package/dist/services/mongodb-atlas/index.js

@@ -75,6 +75,8 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
        * Finds a single document in a MongoDB collection with optional role-based filtering and validation.
        *
        * @param {Filter<Document>} query - The MongoDB query used to match the document.
+       * @param {Document} [projection] - Optional projection to select returned fields.
+       * @param {FindOneOptions} [options] - Optional settings for the findOne operation.
        * @returns {Promise<Document | {} | null>} A promise resolving to the document if found and permitted, an empty object if access is denied, or `null` if not found.
        *
        * @description
@@ -86,12 +88,15 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
        *  - Validates the result using `checkValidation` to ensure read permission.
        *  - If validation fails, returns an empty object; otherwise returns the validated document.
        */
-        findOne: (query) => __awaiter(void 0, void 0, void 0, function* () {
+        findOne: (...args_1) => __awaiter(void 0, [...args_1], void 0, function* (query = {}, projection, options) {
             var _a;
+            const resolvedOptions = projection || options
+                ? Object.assign(Object.assign({}, (options !== null && options !== void 0 ? options : {})), (projection ? { projection } : {})) : undefined;
+            const resolvedQuery = query !== null && query !== void 0 ? query : {};
             if (!run_as_system) {
                 (0, utils_2.checkDenyOperation)(normalizedRules, collection.collectionName, model_1.CRUD_OPERATIONS.READ);
                 // Apply access control filters to the query
-                const formattedQuery = (0, utils_2.getFormattedQuery)(filters, query, user);
+                const formattedQuery = (0, utils_2.getFormattedQuery)(filters, resolvedQuery, user);
                 logDebug('update formattedQuery', {
                     collection: collName,
                     query,
@@ -106,7 +111,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
                 logService('findOne query', { collName, formattedQuery });
                 const safeQuery = (0, utils_2.normalizeQuery)(formattedQuery);
                 logService('findOne normalizedQuery', { collName, safeQuery });
-                const result = yield collection.findOne({ $and: safeQuery });
+                const result = yield collection.findOne({ $and: safeQuery }, resolvedOptions);
                 logDebug('findOne result', {
                     collection: collName,
                     result
@@ -130,12 +135,13 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
                 return Promise.resolve(status ? document : {});
             }
             // System mode: no validation applied
-            return collection.findOne(query);
+            return collection.findOne(resolvedQuery, resolvedOptions);
         }),
         /**
          * Deletes a single document from a MongoDB collection with optional role-based validation.
          *
          * @param {Filter<Document>} [query={}] - The MongoDB query used to match the document to delete.
+         * @param {DeleteOptions} [options] - Optional settings for the delete operation.
          * @returns {Promise<DeleteResult>} A promise resolving to the result of the delete operation.
          *
          * @throws {Error} If the user is not authorized to delete the document.
@@ -149,7 +155,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
          *  - If validation fails, throws an error.
          *  - If validation passes, deletes the document using the filtered query.
          */
-        deleteOne: (...args_1) => __awaiter(void 0, [...args_1], void 0, function* (query = {}) {
+        deleteOne: (...args_1) => __awaiter(void 0, [...args_1], void 0, function* (query = {}, options) {
             var _a;
             if (!run_as_system) {
                 (0, utils_2.checkDenyOperation)(normalizedRules, collection.collectionName, model_1.CRUD_OPERATIONS.DELETE);
@@ -174,10 +180,10 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
                 if (!status) {
                     throw new Error('Delete not permitted');
                 }
-                return collection.deleteOne({ $and: formattedQuery });
+                return collection.deleteOne({ $and: formattedQuery }, options);
             }
             // System mode: bypass access control
-            return collection.deleteOne(query);
+            return collection.deleteOne(query, options);
         }),
         /**
          * Inserts a single document into a MongoDB collection with optional role-based validation.
@@ -372,6 +378,9 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
          * Finds documents in a MongoDB collection with optional role-based access control and post-query validation.
          *
          * @param {Filter<Document>} query - The MongoDB query to filter documents.
+         * @param {Document} [projection] - Optional projection to select returned fields.
+         * @param {FindOptions} [options] - Optional settings for the find operation.
+         * @param {FindOptions} [options] - Optional settings for the find operation.
          * @returns {FindCursor} A customized `FindCursor` that includes additional access control logic in its `toArray()` method.
          *
          * @description
@@ -385,14 +394,16 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
          *
          * This ensures that both pre-query filtering and post-query validation are applied consistently.
          */
-        find: (query) => {
+        find: (query = {}, projection, options) => {
+            const resolvedOptions = projection || options
+                ? Object.assign(Object.assign({}, (options !== null && options !== void 0 ? options : {})), (projection ? { projection } : {})) : undefined;
             if (!run_as_system) {
                 (0, utils_2.checkDenyOperation)(normalizedRules, collection.collectionName, model_1.CRUD_OPERATIONS.READ);
                 // Pre-query filtering based on access control rules
                 const formattedQuery = (0, utils_2.getFormattedQuery)(filters, query, user);
                 const currentQuery = formattedQuery.length ? { $and: formattedQuery } : {};
                 // aggiunto filter per evitare questo errore: $and argument's entries must be objects
-                const cursor = collection.find(currentQuery);
+                const cursor = collection.find(currentQuery, resolvedOptions);
                 const originalToArray = cursor.toArray.bind(cursor);
                 /**
                  * Overridden `toArray` method that validates each document for read access.
@@ -425,7 +436,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
                 return cursor;
             }
             // System mode: return original unfiltered cursor
-            return collection.find(query);
+            return collection.find(query, resolvedOptions);
         },
         count: (query, options) => {
             if (!run_as_system) {
@@ -640,6 +651,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
          * Deletes multiple documents from a MongoDB collection with role-based access control and validation.
          *
          * @param query - The initial MongoDB query to filter documents to be deleted.
+         * @param {DeleteOptions} [options] - Optional settings for the delete operation.
          * @returns {Promise<{ acknowledged: boolean, deletedCount: number }>} A promise resolving to the deletion result.
          *
          * @description
@@ -650,7 +662,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
          *  - Validates each document against user roles.
          *  - Deletes only the documents that the current user has permission to delete.
          */
-        deleteMany: (...args_1) => __awaiter(void 0, [...args_1], void 0, function* (query = {}) {
+        deleteMany: (...args_1) => __awaiter(void 0, [...args_1], void 0, function* (query = {}, options) {
             if (!run_as_system) {
                 (0, utils_2.checkDenyOperation)(normalizedRules, collection.collectionName, model_1.CRUD_OPERATIONS.DELETE);
                 // Apply access control filters
@@ -682,10 +694,10 @@ const getOperators = (collection, { rules, collName, user, run_as_system }) => {
                 const deleteQuery = {
                     $and: [...formattedQuery, { _id: { $in: elementsToDelete } }]
                 };
-                return collection.deleteMany(deleteQuery);
+                return collection.deleteMany(deleteQuery, options);
             }
             // If running as system, bypass access control and delete directly
-            return collection.deleteMany(query);
+            return collection.deleteMany(query, options);
         })
     };
 };

package/dist/services/mongodb-atlas/model.d.ts

@@ -1,5 +1,5 @@
 import { FastifyInstance } from 'fastify';
-import { Collection, Document, FindCursor, FindOneAndUpdateOptions, Filter as MongoFilter, UpdateFilter, WithId } from 'mongodb';
+import { Collection, Document, FindCursor, FindOneAndUpdateOptions, FindOneOptions, FindOptions, Filter as MongoFilter, UpdateFilter, WithId } from 'mongodb';
 import { User } from '../../auth/dtos';
 import { Filter, Rules } from '../../features/rules/interface';
 import { Role } from '../../utils/roles/interface';
@@ -24,12 +24,12 @@ export type GetOperatorsFunction = (collection: Collection<Document>, { rules, c
     run_as_system?: boolean;
     collName: string;
 }) => {
-    findOne: (...params: Parameters<Method<'findOne'>>) => ReturnType<Method<'findOne'>>;
-    deleteOne: (...params: Parameters<Method<'findOne'>>) => ReturnType<Method<'findOne'>>;
+    findOne: (filter?: MongoFilter<Document>, projection?: Document, options?: FindOneOptions) => ReturnType<Method<'findOne'>>;
+    deleteOne: (...params: Parameters<Method<'deleteOne'>>) => ReturnType<Method<'deleteOne'>>;
     insertOne: (...params: Parameters<Method<'insertOne'>>) => ReturnType<Method<'insertOne'>>;
     updateOne: (...params: Parameters<Method<'updateOne'>>) => ReturnType<Method<'updateOne'>>;
     findOneAndUpdate: (filter: MongoFilter<Document>, update: UpdateFilter<Document> | Document[], options?: FindOneAndUpdateOptions) => Promise<Document | null>;
-    find: (...params: Parameters<Method<'find'>>) => FindCursor;
+    find: (filter?: MongoFilter<Document>, projection?: Document, options?: FindOptions) => FindCursor;
     count: (...params: Parameters<Method<'countDocuments'>>) => ReturnType<Method<'countDocuments'>>;
     watch: (...params: Parameters<Method<'watch'>>) => ReturnType<Method<'watch'>>;
     aggregate: (...params: [...Parameters<Method<'aggregate'>>, isClient: boolean]) => ReturnType<Method<'aggregate'>>;

package/dist/services/mongodb-atlas/model.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"model.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/model.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AACzC,OAAO,EACL,UAAU,EACV,QAAQ,EACR,UAAU,EACV,uBAAuB,EACvB,MAAM,IAAI,WAAW,EACrB,YAAY,EACZ,MAAM,EACP,MAAM,SAAS,CAAA;AAChB,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,gCAAgC,CAAA;AAC9D,OAAO,EAAE,IAAI,EAAE,MAAM,6BAA6B,CAAA;AAElD,MAAM,MAAM,oBAAoB,GAAG,CACjC,GAAG,EAAE,eAAe,EACpB,EACE,KAAK,EACL,IAAI,EACJ,aAAa,EACd,EAAE;IACD,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB,KACE;IACH,EAAE,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK;QACtB,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,UAAU,CAAC,oBAAoB,CAAC,CAAA;KACnE,CAAA;CACF,CAAA;AAED,MAAM,MAAM,kBAAkB,CAAC,CAAC,SAAS,IAAI,GAAG,MAAM,IAAI;IACxD,OAAO,EAAE,CAAC,EAAE,CAAA;IACZ,IAAI,EAAE,IAAI,CAAA;IACV,MAAM,CAAC,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,QAAQ,GAAG,IAAI,CAAA;CAC5C,CAAA;AACD,KAAK,MAAM,CAAC,CAAC,SAAS,MAAM,UAAU,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAA;AAE3E,MAAM,MAAM,oBAAoB,GAAG,CACjC,UAAU,EAAE,UAAU,CAAC,QAAQ,CAAC,EAChC,EACE,KAAK,EACL,QAAQ,EACR,IAAI,EACJ,aAAa,EACd,EAAE;IACD,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,EAAE,MAAM,CAAA;CACjB,KACE;IACH,OAAO,EAAE,CAAC,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAA;IACpF,SAAS,EAAE,CAAC,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAA;IACtF,SAAS,EAAE,CACT,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KACvC,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;IACpC,SAAS,EAAE,CACT,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KACvC,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;IACpC,gBAAgB,EAAE,CAChB,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,EAC7B,MAAM,EAAE,YAAY,CAAC,QAAQ,CAAC,GAAG,QAAQ,EAAE,EAC3C,OAAO,CAAC,EAAE,uBAAuB,KAC9B,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAA;IAC7B,IAAI,EAAE,CAAC,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,UAAU,CAAA;IAC3D,KAAK,EAAE,CACL,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,KAC5C,UAAU,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAA;IACzC,KAAK,EAAE,CAAC,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;IAC9E,SAAS,EAAE,CACT,GAAG,MAAM,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,KAC/D,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;IACpC,UAAU,EAAE,CACV,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KACxC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;IACrC,UAAU,EAAE,CACV,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KACxC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;IACrC,UAAU,EAAE,CACV,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KACxC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;CACtC,CAAA;AAGD,oBAAY,eAAe;IACzB,MAAM,WAAW;IACjB,IAAI,SAAS;IACb,MAAM,WAAW;IACjB,MAAM,WAAW;CAElB"}
+{"version":3,"file":"model.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/model.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AACzC,OAAO,EACL,UAAU,EACV,QAAQ,EACR,UAAU,EACV,uBAAuB,EACvB,cAAc,EACd,WAAW,EACX,MAAM,IAAI,WAAW,EACrB,YAAY,EACZ,MAAM,EACP,MAAM,SAAS,CAAA;AAChB,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,gCAAgC,CAAA;AAC9D,OAAO,EAAE,IAAI,EAAE,MAAM,6BAA6B,CAAA;AAElD,MAAM,MAAM,oBAAoB,GAAG,CACjC,GAAG,EAAE,eAAe,EACpB,EACE,KAAK,EACL,IAAI,EACJ,aAAa,EACd,EAAE;IACD,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB,KACE;IACH,EAAE,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK;QACtB,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,UAAU,CAAC,oBAAoB,CAAC,CAAA;KACnE,CAAA;CACF,CAAA;AAED,MAAM,MAAM,kBAAkB,CAAC,CAAC,SAAS,IAAI,GAAG,MAAM,IAAI;IACxD,OAAO,EAAE,CAAC,EAAE,CAAA;IACZ,IAAI,EAAE,IAAI,CAAA;IACV,MAAM,CAAC,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,QAAQ,GAAG,IAAI,CAAA;CAC5C,CAAA;AACD,KAAK,MAAM,CAAC,CAAC,SAAS,MAAM,UAAU,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAA;AAE3E,MAAM,MAAM,oBAAoB,GAAG,CACjC,UAAU,EAAE,UAAU,CAAC,QAAQ,CAAC,EAChC,EACE,KAAK,EACL,QAAQ,EACR,IAAI,EACJ,aAAa,EACd,EAAE;IACD,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,EAAE,MAAM,CAAA;CACjB,KACE;IACH,OAAO,EAAE,CACP,MAAM,CAAC,EAAE,WAAW,CAAC,QAAQ,CAAC,EAC9B,UAAU,CAAC,EAAE,QAAQ,EACrB,OAAO,CAAC,EAAE,cAAc,KACrB,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAA;IAClC,SAAS,EAAE,CAAC,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KAAK,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;IAC1F,SAAS,EAAE,CACT,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KACvC,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;IACpC,SAAS,EAAE,CACT,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KACvC,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;IACpC,gBAAgB,EAAE,CAChB,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,EAC7B,MAAM,EAAE,YAAY,CAAC,QAAQ,CAAC,GAAG,QAAQ,EAAE,EAC3C,OAAO,CAAC,EAAE,uBAAuB,KAC9B,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAA;IAC7B,IAAI,EAAE,CACJ,MAAM,CAAC,EAAE,WAAW,CAAC,QAAQ,CAAC,EAC9B,UAAU,CAAC,EAAE,QAAQ,EACrB,OAAO,CAAC,EAAE,WAAW,KAClB,UAAU,CAAA;IACf,KAAK,EAAE,CACL,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,KAC5C,UAAU,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAA;IACzC,KAAK,EAAE,CAAC,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;IAC9E,SAAS,EAAE,CACT,GAAG,MAAM,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,KAC/D,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;IACpC,UAAU,EAAE,CACV,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KACxC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;IACrC,UAAU,EAAE,CACV,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KACxC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;IACrC,UAAU,EAAE,CACV,GAAG,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,KACxC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;CACtC,CAAA;AAGD,oBAAY,eAAe;IACzB,MAAM,WAAW;IACjB,IAAI,SAAS;IACb,MAAM,WAAW;IACjB,MAAM,WAAW;CAElB"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.4.2-beta.3",
+  "version": "1.4.2-beta.5",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/__tests__/controller.test.ts

@@ -0,0 +1,51 @@
+import { authController } from '../controller'
+
+jest.mock('../../constants', () => ({
+  AUTH_CONFIG: {
+    authCollection: 'auth_users',
+    refreshTokensCollection: 'refresh_tokens',
+    userCollection: 'users',
+    user_id_field: 'id'
+  },
+  DB_NAME: 'test-db',
+  DEFAULT_CONFIG: {
+    REFRESH_TOKEN_TTL_DAYS: 1
+  }
+}))
+
+describe('authController', () => {
+  it('creates a unique email index on the auth collection', async () => {
+    const authCollection = {
+      createIndex: jest.fn().mockResolvedValue('ok')
+    }
+    const refreshCollection = {
+      createIndex: jest.fn().mockResolvedValue('ok')
+    }
+    const db = {
+      collection: jest.fn((name: string) => {
+        if (name === 'auth_users') {
+          return authCollection
+        }
+        if (name === 'refresh_tokens') {
+          return refreshCollection
+        }
+        return { createIndex: jest.fn().mockResolvedValue('ok') }
+      })
+    }
+    const app = {
+      mongo: { client: { db: jest.fn().mockReturnValue(db) } },
+      addHook: jest.fn(),
+      get: jest.fn(),
+      post: jest.fn(),
+      delete: jest.fn(),
+      jwtAuthentication: jest.fn()
+    }
+
+    await authController(app as unknown as never)
+
+    expect(authCollection.createIndex).toHaveBeenCalledWith(
+      { email: 1 },
+      { unique: true }
+    )
+  })
+})

package/src/auth/controller.ts

@@ -27,6 +27,17 @@ export async function authController(app: FastifyInstance) {
     console.error('Failed to ensure refresh token TTL index', error)
   }
 
+  try {
+    await db.collection(authCollection).createIndex(
+      { email: 1 },
+      {
+        unique: true
+      }
+    )
+  } catch (error) {
+    console.error('Failed to ensure auth email unique index', error)
+  }
+
   app.addHook(HANDLER_TYPE, app.jwtAuthentication)
 
   /**

package/src/auth/providers/anon-user/__tests__/controller.test.ts

@@ -0,0 +1,82 @@
+import { anonUserController } from '../controller'
+import { PROVIDER } from '../../../../shared/models/handleUserRegistration.model'
+
+jest.mock('../../../../constants', () => ({
+  AUTH_CONFIG: {
+    authCollection: 'auth_users',
+    refreshTokensCollection: 'refresh_tokens',
+    providers: {
+      'anon-user': { disabled: false }
+    }
+  },
+  DB_NAME: 'test-db',
+  DEFAULT_CONFIG: {
+    REFRESH_TOKEN_TTL_DAYS: 1,
+    ANON_USER_TTL_SECONDS: 3600
+  }
+}))
+
+describe('anonUserController', () => {
+  it('inserts anon users with a generated email', async () => {
+    let insertedDoc: Record<string, unknown> | undefined
+    const authCollection = {
+      createIndex: jest.fn().mockResolvedValue('ok'),
+      insertOne: jest.fn(async (doc: Record<string, unknown>) => {
+        insertedDoc = doc
+        return { insertedId: doc._id }
+      })
+    }
+    const refreshCollection = {
+      insertOne: jest.fn().mockResolvedValue({})
+    }
+    const db = {
+      collection: jest.fn((name: string) => {
+        if (name === 'auth_users') {
+          return authCollection
+        }
+        if (name === 'refresh_tokens') {
+          return refreshCollection
+        }
+        return authCollection
+      })
+    }
+
+    let loginHandler: ((...args: unknown[]) => unknown) | undefined
+    const app = {
+      mongo: { client: { db: jest.fn().mockReturnValue(db) } },
+      post: jest.fn((path: string, handler: (...args: unknown[]) => unknown) => {
+        loginHandler = handler
+      })
+    }
+
+    await anonUserController(app as unknown as never)
+
+    const context = {
+      createRefreshToken: jest.fn(() => 'refresh'),
+      createAccessToken: jest.fn(() => 'access')
+    }
+
+    await (loginHandler as (...args: unknown[]) => Promise<unknown>).call(context, {})
+
+    const doc = insertedDoc as {
+      _id: { toString: () => string }
+      email: string
+      identities: Array<{
+        id?: string
+        provider_id?: string
+        provider_type?: string
+        provider_data?: Record<string, unknown>
+      }>
+    }
+
+    expect(doc.email).toBe(`anon-${doc._id.toString()}@users.invalid`)
+    expect(doc.identities[0]).toEqual(
+      expect.objectContaining({
+        id: doc._id.toString(),
+        provider_id: doc._id.toString(),
+        provider_type: PROVIDER.ANON_USER,
+        provider_data: {}
+      })
+    )
+  })
+})

package/src/auth/providers/anon-user/controller.ts

@@ -1,7 +1,8 @@
+import { ObjectId } from 'bson'
 import { FastifyInstance } from 'fastify'
 import { AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../../../constants'
-import { hashToken } from '../../../utils/crypto'
 import { PROVIDER } from '../../../shared/models/handleUserRegistration.model'
+import { hashToken } from '../../../utils/crypto'
 import { AUTH_ENDPOINTS } from '../../utils'
 import { LoginDto } from './dtos'
 
@@ -37,35 +38,24 @@ export async function anonUserController(app: FastifyInstance) {
       }
 
       const now = new Date()
-      const insertResult = await db.collection(authCollection!).insertOne({
+      const userId = new ObjectId()
+      const anonEmail = `anon-${userId.toString()}@users.invalid`
+      await db.collection(authCollection!).insertOne({
+        _id: userId,
+        email: anonEmail,
         status: 'confirmed',
         createdAt: now,
         custom_data: {},
         identities: [
           {
+            id: userId.toString(),
+            provider_id: userId.toString(),
             provider_type: PROVIDER.ANON_USER,
             provider_data: {}
           }
         ]
       })
 
-      const userId = insertResult.insertedId
-      await db.collection(authCollection!).updateOne(
-        { _id: userId },
-        {
-          $set: {
-            identities: [
-              {
-                id: userId.toString(),
-                provider_id: userId.toString(),
-                provider_type: PROVIDER.ANON_USER,
-                provider_data: {}
-              }
-            ]
-          }
-        }
-      )
-
       const currentUserData = {
         _id: userId,
         user_data: {}

package/src/auth/utils.ts

@@ -11,10 +11,10 @@ export const LOGIN_SCHEMA = {
       username: {
         type: 'string',
         pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-        minLength: 3,
+        minLength: 5,
         maxLength: 254
       },
-      password: { type: 'string', minLength: 8, maxLength: 128 }
+      password: { type: 'string', minLength: 6, maxLength: 128 }
     },
     required: ['username', 'password']
   }
@@ -27,7 +27,7 @@ export const RESET_SEND_SCHEMA = {
       email: {
         type: 'string',
         pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-        minLength: 3,
+        minLength: 5,
         maxLength: 254
       }
     },
@@ -42,10 +42,10 @@ export const RESET_CALL_SCHEMA = {
       email: {
         type: 'string',
         pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-        minLength: 3,
+        minLength: 5,
         maxLength: 254
       },
-      password: { type: 'string', minLength: 8, maxLength: 128 },
+      password: { type: 'string', minLength: 6, maxLength: 128 },
       arguments: { type: 'array' }
     },
     required: ['email', 'password']
@@ -56,7 +56,7 @@ export const CONFIRM_RESET_SCHEMA = {
   body: {
     type: 'object',
     properties: {
-      password: { type: 'string', minLength: 8, maxLength: 128 },
+      password: { type: 'string', minLength: 6, maxLength: 128 },
       token: { type: 'string' },
       tokenId: { type: 'string' }
     },
@@ -84,10 +84,10 @@ export const REGISTRATION_SCHEMA = {
       email: {
         type: 'string',
         pattern: '^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$',
-        minLength: 3,
+        minLength: 5,
         maxLength: 254
       },
-      password: { type: 'string', minLength: 8, maxLength: 128 }
+      password: { type: 'string', minLength: 6, maxLength: 128 }
     },
     required: ['email', 'password']
   }

package/src/features/functions/controller.ts

@@ -81,6 +81,7 @@ export const functionsController: FunctionController = async (
         query,
         filter,
         update,
+        projection,
         options,
         returnNewDocument,
         document,
@@ -98,6 +99,7 @@ export const functionsController: FunctionController = async (
         query,
         filter,
         update,
+        projection,
         options,
         returnNewDocument,
         document,

package/src/features/functions/dtos.ts

@@ -26,6 +26,7 @@ type ArgumentsData = Arguments<{
   filter?: Document
   query: Parameters<GetOperatorsFunction>
   update: Document
+  projection?: Document
   options?: Document
   returnNewDocument?: boolean
   document: Document

package/src/features/functions/interface.ts

@@ -25,6 +25,7 @@ export type ExecuteQueryParams = {
   query: Parameters<GetOperatorsFunction>
   update: Document
   filter?: Document
+  projection?: Document
   options?: Document
   returnNewDocument?: boolean
   document: Document

package/src/features/functions/utils.ts

@@ -46,6 +46,7 @@ export const executeQuery = async ({
   query,
   update,
   filter,
+  projection,
   options,
   returnNewDocument,
   document,
@@ -67,11 +68,23 @@ export const executeQuery = async ({
         ? { returnDocument: returnNewDocument ? 'after' : 'before' }
         : undefined
   const parsedOptions = resolvedOptions ? EJSON.deserialize(resolvedOptions) : undefined
+  const parsedProjection =
+    typeof projection !== 'undefined' ? EJSON.deserialize(projection) : undefined
+  const resolvedProjection =
+    typeof projection !== 'undefined'
+      ? parsedProjection
+      : parsedOptions &&
+          typeof parsedOptions === 'object' &&
+          'projection' in parsedOptions
+        ? (parsedOptions as Document).projection
+        : undefined
   return {
     find: async () =>
       await (() => {
         const cursor = (currentMethod as ReturnType<GetOperatorsFunction>['find'])(
-          EJSON.deserialize(resolvedQuery)
+          EJSON.deserialize(resolvedQuery),
+          resolvedProjection,
+          parsedOptions
         )
         if (parsedOptions?.sort) {
           cursor.sort(parsedOptions.sort as Document)
@@ -86,7 +99,9 @@ export const executeQuery = async ({
       })(),
     findOne: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['findOne'])(
-        EJSON.deserialize(resolvedQuery)
+        EJSON.deserialize(resolvedQuery),
+        resolvedProjection,
+        parsedOptions
       ),
     count: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['count'])(
@@ -95,7 +110,8 @@ export const executeQuery = async ({
       ),
     deleteOne: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['deleteOne'])(
-        EJSON.deserialize(resolvedQuery)
+        EJSON.deserialize(resolvedQuery),
+        parsedOptions
       ),
     insertOne: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['insertOne'])(
@@ -125,7 +141,8 @@ export const executeQuery = async ({
       ),
     deleteMany: () =>
       (currentMethod as ReturnType<GetOperatorsFunction>['deleteMany'])(
-        EJSON.deserialize(resolvedQuery)
+        EJSON.deserialize(resolvedQuery),
+        parsedOptions
       )
   }
 }

package/src/services/mongodb-atlas/index.ts

@@ -89,6 +89,8 @@ const getOperators: GetOperatorsFunction = (
    * Finds a single document in a MongoDB collection with optional role-based filtering and validation.
    *
    * @param {Filter<Document>} query - The MongoDB query used to match the document.
+   * @param {Document} [projection] - Optional projection to select returned fields.
+   * @param {FindOneOptions} [options] - Optional settings for the findOne operation.
    * @returns {Promise<Document | {} | null>} A promise resolving to the document if found and permitted, an empty object if access is denied, or `null` if not found.
    *
    * @description
@@ -100,11 +102,19 @@ const getOperators: GetOperatorsFunction = (
    *  - Validates the result using `checkValidation` to ensure read permission.
    *  - If validation fails, returns an empty object; otherwise returns the validated document.
    */
-    findOne: async (query) => {
+    findOne: async (query = {}, projection, options) => {
+      const resolvedOptions =
+        projection || options
+          ? {
+            ...(options ?? {}),
+            ...(projection ? { projection } : {})
+          }
+          : undefined
+      const resolvedQuery = query ?? {}
       if (!run_as_system) {
         checkDenyOperation(normalizedRules, collection.collectionName, CRUD_OPERATIONS.READ)
         // Apply access control filters to the query
-        const formattedQuery = getFormattedQuery(filters, query, user)
+        const formattedQuery = getFormattedQuery(filters, resolvedQuery, user)
         logDebug('update formattedQuery', {
           collection: collName,
           query,
@@ -120,7 +130,7 @@ const getOperators: GetOperatorsFunction = (
         logService('findOne query', { collName, formattedQuery })
         const safeQuery = normalizeQuery(formattedQuery)
         logService('findOne normalizedQuery', { collName, safeQuery })
-        const result = await collection.findOne({ $and: safeQuery })
+        const result = await collection.findOne({ $and: safeQuery }, resolvedOptions)
         logDebug('findOne result', {
           collection: collName,
           result
@@ -151,12 +161,13 @@ const getOperators: GetOperatorsFunction = (
         return Promise.resolve(status ? document : {})
       }
       // System mode: no validation applied
-      return collection.findOne(query)
+      return collection.findOne(resolvedQuery, resolvedOptions)
     },
     /**
      * Deletes a single document from a MongoDB collection with optional role-based validation.
      *
      * @param {Filter<Document>} [query={}] - The MongoDB query used to match the document to delete.
+     * @param {DeleteOptions} [options] - Optional settings for the delete operation.
      * @returns {Promise<DeleteResult>} A promise resolving to the result of the delete operation.
      *
      * @throws {Error} If the user is not authorized to delete the document.
@@ -170,7 +181,7 @@ const getOperators: GetOperatorsFunction = (
      *  - If validation fails, throws an error.
      *  - If validation passes, deletes the document using the filtered query.
      */
-    deleteOne: async (query = {}) => {
+    deleteOne: async (query = {}, options) => {
       if (!run_as_system) {
         checkDenyOperation(normalizedRules, collection.collectionName, CRUD_OPERATIONS.DELETE)
         // Apply access control filters
@@ -202,10 +213,10 @@ const getOperators: GetOperatorsFunction = (
           throw new Error('Delete not permitted')
         }
 
-        return collection.deleteOne({ $and: formattedQuery })
+        return collection.deleteOne({ $and: formattedQuery }, options)
       }
       // System mode: bypass access control
-      return collection.deleteOne(query)
+      return collection.deleteOne(query, options)
     },
     /**
      * Inserts a single document into a MongoDB collection with optional role-based validation.
@@ -438,6 +449,9 @@ const getOperators: GetOperatorsFunction = (
      * Finds documents in a MongoDB collection with optional role-based access control and post-query validation.
      *
      * @param {Filter<Document>} query - The MongoDB query to filter documents.
+     * @param {Document} [projection] - Optional projection to select returned fields.
+     * @param {FindOptions} [options] - Optional settings for the find operation.
+     * @param {FindOptions} [options] - Optional settings for the find operation.
      * @returns {FindCursor} A customized `FindCursor` that includes additional access control logic in its `toArray()` method.
      *
      * @description
@@ -451,14 +465,21 @@ const getOperators: GetOperatorsFunction = (
      *
      * This ensures that both pre-query filtering and post-query validation are applied consistently.
      */
-    find: (query) => {
+    find: (query = {}, projection, options) => {
+      const resolvedOptions =
+        projection || options
+          ? {
+            ...(options ?? {}),
+            ...(projection ? { projection } : {})
+          }
+          : undefined
       if (!run_as_system) {
         checkDenyOperation(normalizedRules, collection.collectionName, CRUD_OPERATIONS.READ)
         // Pre-query filtering based on access control rules
         const formattedQuery = getFormattedQuery(filters, query, user)
         const currentQuery = formattedQuery.length ? { $and: formattedQuery } : {}
         // aggiunto filter per evitare questo errore: $and argument's entries must be objects
-        const cursor = collection.find(currentQuery)
+        const cursor = collection.find(currentQuery, resolvedOptions)
         const originalToArray = cursor.toArray.bind(cursor)
 
         /**
@@ -502,7 +523,7 @@ const getOperators: GetOperatorsFunction = (
         return cursor
       }
       // System mode: return original unfiltered cursor
-      return collection.find(query)
+      return collection.find(query, resolvedOptions)
     },
     count: (query, options) => {
       if (!run_as_system) {
@@ -793,6 +814,7 @@ const getOperators: GetOperatorsFunction = (
      * Deletes multiple documents from a MongoDB collection with role-based access control and validation.
      *
      * @param query - The initial MongoDB query to filter documents to be deleted.
+     * @param {DeleteOptions} [options] - Optional settings for the delete operation.
      * @returns {Promise<{ acknowledged: boolean, deletedCount: number }>} A promise resolving to the deletion result.
      *
      * @description
@@ -803,7 +825,7 @@ const getOperators: GetOperatorsFunction = (
      *  - Validates each document against user roles.
      *  - Deletes only the documents that the current user has permission to delete.
      */
-    deleteMany: async (query = {}) => {
+    deleteMany: async (query = {}, options) => {
       if (!run_as_system) {
         checkDenyOperation(normalizedRules, collection.collectionName, CRUD_OPERATIONS.DELETE)
         // Apply access control filters
@@ -849,10 +871,10 @@ const getOperators: GetOperatorsFunction = (
         const deleteQuery = {
           $and: [...formattedQuery, { _id: { $in: elementsToDelete } }]
         }
-        return collection.deleteMany(deleteQuery)
+        return collection.deleteMany(deleteQuery, options)
       }
       // If running as system, bypass access control and delete directly
-      return collection.deleteMany(query)
+      return collection.deleteMany(query, options)
     }
   }
 }

package/src/services/mongodb-atlas/model.ts

@@ -4,6 +4,8 @@ import {
   Document,
   FindCursor,
   FindOneAndUpdateOptions,
+  FindOneOptions,
+  FindOptions,
   Filter as MongoFilter,
   UpdateFilter,
   WithId
@@ -50,8 +52,12 @@ export type GetOperatorsFunction = (
     collName: string
   }
 ) => {
-  findOne: (...params: Parameters<Method<'findOne'>>) => ReturnType<Method<'findOne'>>
-  deleteOne: (...params: Parameters<Method<'findOne'>>) => ReturnType<Method<'findOne'>>
+  findOne: (
+    filter?: MongoFilter<Document>,
+    projection?: Document,
+    options?: FindOneOptions
+  ) => ReturnType<Method<'findOne'>>
+  deleteOne: (...params: Parameters<Method<'deleteOne'>>) => ReturnType<Method<'deleteOne'>>
   insertOne: (
     ...params: Parameters<Method<'insertOne'>>
   ) => ReturnType<Method<'insertOne'>>
@@ -63,7 +69,11 @@ export type GetOperatorsFunction = (
     update: UpdateFilter<Document> | Document[],
     options?: FindOneAndUpdateOptions
   ) => Promise<Document | null>
-  find: (...params: Parameters<Method<'find'>>) => FindCursor
+  find: (
+    filter?: MongoFilter<Document>,
+    projection?: Document,
+    options?: FindOptions
+  ) => FindCursor
   count: (
     ...params: Parameters<Method<'countDocuments'>>
   ) => ReturnType<Method<'countDocuments'>>