@flowerforce/flowerbase 1.7.6-beta.0 → 1.7.6-beta.10

package/src/features/rules/interface.ts

@@ -1,4 +1,6 @@
 import { Document } from 'mongodb'
+export type PermissionExpression = boolean | Record<string, unknown>
+
 export interface Filter {
   name: string
   query: Record<string, unknown>
@@ -9,11 +11,11 @@ export type Projection = Record<string, 0 | 1>
 export interface Role {
   name: string
   apply_when: Record<string, unknown>
-  insert: boolean
-  delete: boolean
-  search: boolean
-  read: boolean
-  write: boolean
+  insert: PermissionExpression
+  delete: PermissionExpression
+  search: PermissionExpression
+  read: PermissionExpression
+  write: PermissionExpression
 }
 
 export interface RulesConfig {
@@ -21,7 +23,6 @@ export interface RulesConfig {
   collection: string
   filters: Filter[]
   roles: Role[]
-
 }
 
 export type Rules = Record<string, RulesConfig>
@@ -38,21 +39,21 @@ export type AggregationPipelineStage =
   | { $unionWith: UnionWithStage }
 
 export interface LookupStage {
-  from: string;
-  localField?: string;
-  foreignField?: string;
-  as: string;
-  let?: Record<string, unknown>;
-  pipeline?: AggregationPipelineStage[];
+  from: string
+  localField?: string
+  foreignField?: string
+  as: string
+  let?: Record<string, unknown>
+  pipeline?: AggregationPipelineStage[]
 }
 
 export type AggregationPipeline = Document[]
 
 export type UnionWithStage = string | UnionWithNestedStage
-type UnionWithNestedStage = { coll: string, pipeline: AggregationPipelineStage[] }
+type UnionWithNestedStage = { coll: string; pipeline: AggregationPipelineStage[] }
 
 export enum STAGES_TO_SEARCH {
-  LOOKUP = "$lookup",
-  UNION_WITH = "$unionWith",
-  FACET = "$facet"
-}
+  LOOKUP = '$lookup',
+  UNION_WITH = '$unionWith',
+  FACET = '$facet'
+}

package/src/features/rules/utils.ts

@@ -1,19 +1,9 @@
-import fs from 'fs'
 import path from 'node:path'
-import { readJsonContent } from '../../utils'
+import { readJsonContent, recursivelyCollectFiles } from '../../utils'
 import { Rules, RulesConfig } from './interface'
 
 export const loadRules = async (rootDir = process.cwd()): Promise<Rules> => {
   const rulesRoot = path.join(rootDir, 'data_sources', 'mongodb-atlas')
-  const recursivelyCollectFiles = (dir: string): string[] => {
-    return fs.readdirSync(dir, { withFileTypes: true }).flatMap((entry) => {
-      const fullPath = path.join(dir, entry.name)
-      if (entry.isDirectory()) {
-        return recursivelyCollectFiles(fullPath)
-      }
-      return entry.isFile() ? [fullPath] : []
-    })
-  }
   const files = recursivelyCollectFiles(rulesRoot)
   const rulesFiles = files.filter((x) => (x as string).endsWith('rules.json'))
 

package/src/features/triggers/__tests__/index.test.ts

@@ -9,9 +9,9 @@ jest.mock('../../../constants', () => ({
 
 jest.mock('../utils', () => ({
   TRIGGER_HANDLERS: {
-    SCHEDULED: jest.fn(async () => {}),
-    DATABASE: jest.fn(async () => {}),
-    AUTHENTICATION: jest.fn(async () => {})
+    SCHEDULED: jest.fn(async () => { }),
+    DATABASE: jest.fn(async () => { }),
+    AUTHENTICATION: jest.fn(async () => { })
   }
 }))
 
@@ -27,7 +27,9 @@ describe('activateTriggers', () => {
     }
 
     await activateTriggers({
-      fastify: {} as never,
+      fastify: {
+        mongo: {}
+      } as any,
       functionsList,
       triggersList: [
         {

package/src/features/triggers/index.ts

@@ -1,4 +1,4 @@
-import { AUTH_CONFIG, AUTH_DB_NAME } from '../../constants'
+import { AUTH_CONFIG, AUTH_DB_NAME, CHANGESTREAM } from '../../constants'
 import { services } from '../../services'
 import { Function, Functions } from '../functions/interface'
 import { ActivateTriggersParams } from './dtos'
@@ -18,6 +18,10 @@ export const activateTriggers = async ({
 }: ActivateTriggersParams) => {
   console.log('START ACTIVATION TRIGGERS')
   try {
+    // Ensure the changestream MongoDB client exist, or use the main client
+    if (!fastify.mongo[CHANGESTREAM]) {
+      fastify.mongo[CHANGESTREAM] = fastify.mongo
+    }
     const triggersToActivate = [...triggersList]
     if (AUTH_CONFIG.on_user_creation_function_name) {
       const alreadyDeclared = triggersToActivate.some(

package/src/features/triggers/interface.ts

@@ -24,7 +24,7 @@ type Config = {
   isAutoTrigger?: boolean
   match: Record<string, unknown>
   operation_types: string[]
-  operation_type?: 'CREATE' | 'DELETE' | 'LOGOUT'
+  operation_type?: 'CREATE' | 'DELETE' | 'LOGIN' | 'LOGOUT'
   providers?: string[]
   project: Record<string, unknown>
   service_name: string

package/src/features/triggers/utils.ts

@@ -1,7 +1,7 @@
 import fs from 'fs'
 import path from 'node:path'
 import cron from 'node-cron'
-import { AUTH_CONFIG, AUTH_DB_NAME, DB_NAME } from '../../constants'
+import { AUTH_CONFIG, AUTH_DB_NAME, DB_NAME, CHANGESTREAM } from '../../constants'
 import { createEventId, sanitize } from '../../monitoring/utils'
 import { StateManager } from '../../state'
 import { readJsonContent } from '../../utils'
@@ -172,6 +172,7 @@ const handleCronTrigger = async ({
 const mapOpInverse = {
   CREATE: ['insert', 'update', 'replace'],
   DELETE: ['delete'],
+  LOGIN: ['insert', 'update'],
   LOGOUT: ['update'],
 }
 
@@ -246,7 +247,7 @@ const handleAuthenticationTrigger = async ({
   const { database, isAutoTrigger, operation_types = [], operation_type } = config
   const providerFilter = normalizeProviders(config.providers ?? [])
   const authCollection = AUTH_CONFIG.authCollection ?? 'auth_users'
-  const collection = app.mongo.client.db(database || AUTH_DB_NAME).collection(authCollection)
+  const collection = app.mongo[CHANGESTREAM].client.db(database || AUTH_DB_NAME).collection(authCollection)
   const operationCandidates = operation_type ? mapOpInverse[operation_type] : operation_types
   const normalizedOps = normalizeOperationTypes(operationCandidates)
   const baseMeta = {
@@ -277,17 +278,6 @@ const handleAuthenticationTrigger = async ({
   changeStream.on('error', (error) => {
     if (shouldIgnoreStreamError(error)) return
     console.error('Authentication trigger change stream error', error)
-    emitTriggerEvent({
-      status: 'error',
-      triggerName,
-      triggerType,
-      functionName,
-      meta: {
-        ...baseMeta,
-        event: 'CHANGE_STREAM'
-      },
-      error
-    })
   })
   changeStream.on('change', async function (change) {
     const operationType = change['operationType' as keyof typeof change] as
@@ -317,6 +307,8 @@ const handleAuthenticationTrigger = async ({
     const isUpdate = operationType === 'update'
     const isReplace = operationType === 'replace'
     const isDelete = operationType === 'delete'
+    const isLoginInsert = isInsert && !!(fullDocument as Record<string, unknown> | null)?.lastLoginAt
+    const isLoginUpdate = isUpdate && !!updatedFields && 'lastLoginAt' in updatedFields
     const isLogoutUpdate = isUpdate && !!updatedFields && 'lastLogoutAt' in updatedFields
 
     let confirmedCandidate = false
@@ -376,6 +368,13 @@ const handleAuthenticationTrigger = async ({
         updateDescription
       }
       try {
+        emitTriggerEvent({
+          status: 'fired',
+          triggerName,
+          triggerType,
+          functionName,
+          meta: { ...baseMeta, event: 'LOGOUT' }
+        })
         await GenerateContext({
           args: [{ user: userData, ...op }],
           app,
@@ -387,12 +386,62 @@ const handleAuthenticationTrigger = async ({
           services,
           runAsSystem: true
         })
+      } catch (error) {
+        emitTriggerEvent({
+          status: 'error',
+          triggerName,
+          triggerType,
+          functionName,
+          meta: { ...baseMeta, event: 'LOGOUT' },
+          error
+        })
+        console.log("🚀 ~ handleAuthenticationTrigger ~ error:", error)
+      }
+      return
+    }
+
+    if (operation_type === 'LOGIN') {
+      if (!isLoginInsert && !isLoginUpdate) {
+        return
+      }
+      let loginDocument = fullDocument ?? confirmedDocument
+      if (!loginDocument && documentKey?._id) {
+        loginDocument = await collection.findOne({
+          _id: documentKey._id
+        }) as Record<string, unknown> | null
+      }
+      if (!matchesProviderFilter(loginDocument, providerFilter)) {
+        return
+      }
+      const userData = buildUserData(loginDocument)
+      if (!userData) {
+        return
+      }
+      const op = {
+        operationType: 'LOGIN',
+        fullDocument,
+        fullDocumentBeforeChange,
+        documentKey,
+        updateDescription
+      }
+      try {
         emitTriggerEvent({
           status: 'fired',
           triggerName,
           triggerType,
           functionName,
-          meta: { ...baseMeta, event: 'LOGOUT' }
+          meta: { ...baseMeta, event: 'LOGIN' }
+        })
+        await GenerateContext({
+          args: [{ user: userData, ...op }],
+          app,
+          rules: StateManager.select("rules"),
+          user: {},  // TODO from currentUser ??
+          currentFunction: triggerHandler,
+          functionName,
+          functionsList,
+          services,
+          runAsSystem: true
         })
       } catch (error) {
         emitTriggerEvent({
@@ -400,7 +449,7 @@ const handleAuthenticationTrigger = async ({
           triggerName,
           triggerType,
           functionName,
-          meta: { ...baseMeta, event: 'LOGOUT' },
+          meta: { ...baseMeta, event: 'LOGIN' },
           error
         })
         console.log("🚀 ~ handleAuthenticationTrigger ~ error:", error)
@@ -428,6 +477,13 @@ const handleAuthenticationTrigger = async ({
         updateDescription
       }
       try {
+        emitTriggerEvent({
+          status: 'fired',
+          triggerName,
+          triggerType,
+          functionName,
+          meta: { ...baseMeta, event: 'DELETE' }
+        })
         await GenerateContext({
           args: isAutoTrigger ? [userData] : [{ user: userData, ...op }],
           app,
@@ -439,13 +495,6 @@ const handleAuthenticationTrigger = async ({
           services,
           runAsSystem: true
         })
-        emitTriggerEvent({
-          status: 'fired',
-          triggerName,
-          triggerType,
-          functionName,
-          meta: { ...baseMeta, event: 'DELETE' }
-        })
       } catch (error) {
         emitTriggerEvent({
           status: 'error',
@@ -482,6 +531,13 @@ const handleAuthenticationTrigger = async ({
         updateDescription
       }
       try {
+        emitTriggerEvent({
+          status: 'fired',
+          triggerName,
+          triggerType,
+          functionName,
+          meta: { ...baseMeta, event: 'UPDATE' }
+        })
         await GenerateContext({
           args: isAutoTrigger ? [userData] : [{ user: userData, ...op }],
           app,
@@ -493,13 +549,6 @@ const handleAuthenticationTrigger = async ({
           services,
           runAsSystem: true
         })
-        emitTriggerEvent({
-          status: 'fired',
-          triggerName,
-          triggerType,
-          functionName,
-          meta: { ...baseMeta, event: 'UPDATE' }
-        })
       } catch (error) {
         emitTriggerEvent({
           status: 'error',
@@ -586,6 +635,13 @@ const handleAuthenticationTrigger = async ({
     }
 
     try {
+      emitTriggerEvent({
+        status: 'fired',
+        triggerName,
+        triggerType,
+        functionName,
+        meta: { ...baseMeta, event: 'CREATE' }
+      })
       await GenerateContext({
         args: isAutoTrigger ? [userData] : [{ user: userData, ...op }],
         app,
@@ -597,13 +653,6 @@ const handleAuthenticationTrigger = async ({
         services,
         runAsSystem: true
       })
-      emitTriggerEvent({
-        status: 'fired',
-        triggerName,
-        triggerType,
-        functionName,
-        meta: { ...baseMeta, event: 'CREATE' }
-      })
     } catch (error) {
       emitTriggerEvent({
         status: 'error',
@@ -663,7 +712,7 @@ const handleDataBaseTrigger = async ({
 
   const normalizedOperations = normalizeOperationTypes(operation_types)
 
-  const collection = app.mongo.client.db(database).collection(collectionName)
+  const collection = app.mongo[CHANGESTREAM].client.db(database).collection(collectionName)
   const pipeline = [
     {
       $match: {

package/src/index.ts

@@ -6,12 +6,14 @@ import { loadEndpoints } from './features/endpoints/utils'
 import { registerFunctions } from './features/functions'
 import { loadFunctions } from './features/functions/utils'
 import { loadRules } from './features/rules/utils'
+import { loadEncryptionSchemas } from './features/encryption/utils'
 import { activateTriggers } from './features/triggers'
 import { loadTriggers } from './features/triggers/utils'
 import { services } from './services'
 import { StateManager } from './state'
 import { exposeRoutes } from './utils/initializer/exposeRoutes'
 import { registerPlugins } from './utils/initializer/registerPlugins'
+import { type MongoDbEncryptionConfig } from './utils/initializer/mongodbCSFLE'
 export * from './model'
 
 
@@ -30,6 +32,7 @@ export type InitializeConfig = {
   host?: string
   corsConfig?: CorsConfig
   basePath?: string
+  mongodbEncryptionConfig?: MongoDbEncryptionConfig
 }
 
 /**
@@ -47,7 +50,8 @@ export async function initialize({
   port = DEFAULT_CONFIG.PORT,
   mongodbUrl = DEFAULT_CONFIG.MONGODB_URL,
   corsConfig = DEFAULT_CONFIG.CORS_OPTIONS,
-  basePath
+  basePath,
+  mongodbEncryptionConfig
 }: InitializeConfig) {
   if (!jwtSecret || jwtSecret.trim().length === 0) {
     throw new Error('JWT secret missing: set JWT_SECRET or pass jwtSecret to initialize()')
@@ -77,6 +81,8 @@ export async function initialize({
   logInfo("Endpoints LOADED")
   const rulesList = await loadRules(resolvedBasePath)
   logInfo("Rules LOADED")
+  const encryptionSchemas = await loadEncryptionSchemas(resolvedBasePath)
+  logInfo("Encryption schemas LOADED")
 
   const stateConfig = {
     functions: functionsList,
@@ -152,7 +158,9 @@ export async function initialize({
     mongodbUrl,
     jwtSecret,
     functionsList,
-    corsConfig
+    corsConfig,
+    encryptionSchemas,
+    mongodbEncryptionConfig
   })
 
   logInfo('Plugins registration COMPLETED')

package/src/monitoring/plugin.ts

@@ -2,6 +2,7 @@ import fastifyWebsocket from '@fastify/websocket'
 import type { FastifyInstance, FastifyReply, FastifyRequest } from 'fastify'
 import fp from 'fastify-plugin'
 import '@fastify/websocket'
+import fs from 'fs'
 import { DEFAULT_CONFIG } from '../constants'
 import { StateManager } from '../state'
 import { registerCollectionRoutes } from './routes/collections'
@@ -316,6 +317,38 @@ const createMonitoringPlugin = fp(async (
     })
   })
 
+  const resolveCodeMirrorAsset = (internalPath: string) => {
+    try {
+      return require.resolve(`codemirror/${internalPath}`)
+    } catch {
+      return ''
+    }
+  }
+
+  const codemirrorAssets: Record<string, string> = {
+    'codemirror.js': resolveCodeMirrorAsset('lib/codemirror.js'),
+    'codemirror.css': resolveCodeMirrorAsset('lib/codemirror.css'),
+    'javascript.js': resolveCodeMirrorAsset('mode/javascript/javascript.js'),
+    'foldcode.js': resolveCodeMirrorAsset('addon/fold/foldcode.js'),
+    'foldgutter.js': resolveCodeMirrorAsset('addon/fold/foldgutter.js'),
+    'brace-fold.js': resolveCodeMirrorAsset('addon/fold/brace-fold.js'),
+    'comment-fold.js': resolveCodeMirrorAsset('addon/fold/comment-fold.js'),
+    'foldgutter.css': resolveCodeMirrorAsset('addon/fold/foldgutter.css')
+  }
+
+  Object.entries(codemirrorAssets).forEach(([assetName, relativePath]) => {
+    app.get(`${prefix}/vendor/codemirror/${assetName}`, async (_req, reply) => {
+      const assetPath = relativePath || ''
+      if (!assetPath || !fs.existsSync(assetPath)) {
+        reply.code(404).send(`${assetName} not found`)
+        return
+      }
+      const asset = fs.readFileSync(assetPath, 'utf8')
+      reply.header('Cache-Control', 'no-store')
+      reply.type(assetName.endsWith('.css') ? 'text/css' : 'application/javascript').send(asset)
+    })
+  })
+
   app.get(`${prefix}/ws`, { websocket: true }, (connection) => {
     const socket =
       (connection as {

package/src/monitoring/ui.collections.js

@@ -91,7 +91,7 @@
     collectionTabButtons,
     collectionTabPanels
   } = dom;
-  const { api, parseJsonObject, highlightJson, safeStringify } = utils;
+  const { api, parseJsonObject, highlightJson, renderJsonViewer, clearJsonViewer, safeStringify } = utils;
 
   const TABLE_TRUNCATE_LIMIT = 200;
 
@@ -337,22 +337,21 @@
     const highlight = state.collectionResultHighlight;
     if (payload === null || payload === undefined) {
       collectionResult.classList.remove('table-view', 'json-highlight');
-      collectionResult.textContent = '';
+      clearJsonViewer(collectionResult, '');
       return;
     }
     if (state.collectionResultView === 'table') {
+      clearJsonViewer(collectionResult, '');
       renderCollectionTable(payload);
       return;
     }
     collectionResult.classList.remove('table-view');
     if (highlight) {
       const text = typeof payload === 'string' ? payload : JSON.stringify(payload, null, 2);
-      collectionResult.classList.add('json-highlight');
-      collectionResult.innerHTML = highlightJson(text || '');
+      renderJsonViewer(collectionResult, text || '', { collapsible: true });
       return;
     }
-    collectionResult.classList.remove('json-highlight');
-    collectionResult.textContent = typeof payload === 'string' ? payload : String(payload ?? '');
+    clearJsonViewer(collectionResult, typeof payload === 'string' ? payload : String(payload ?? ''));
   };
 
   const setCollectionResult = (value, highlight) => {
@@ -365,12 +364,10 @@
     if (!collectionRules) return;
     if (highlight) {
       const text = typeof value === 'string' ? value : JSON.stringify(value, null, 2);
-      collectionRules.classList.add('json-highlight');
-      collectionRules.innerHTML = highlightJson(text || '');
+      renderJsonViewer(collectionRules, text || '', { collapsible: true });
       return;
     }
-    collectionRules.classList.remove('json-highlight');
-    collectionRules.textContent = typeof value === 'string' ? value : String(value ?? '');
+    clearJsonViewer(collectionRules, typeof value === 'string' ? value : String(value ?? ''));
   };
 
   const updateCollectionModeView = () => {