@friggframework/core 2.0.0-next.41 → 2.0.0-next.43

package/database/mongo.js

@@ -1,171 +0,0 @@
-// Best Practices Connecting from AWS Lambda:
-// https://dev.to/adnanrahic/building-a-serverless-rest-api-with-nodejs-and-mongodb-43db
-// https://mongoosejs.com/docs/lambda.html
-// https://www.mongodb.com/blog/post/optimizing-aws-lambda-performance-with-mongodb-atlas-and-nodejs
-const { Encrypt } = require('../encrypt');
-const { mongoose } = require('./mongoose');
-const { debug, flushDebugLog } = require('../logs');
-const { findNearestBackendPackageJson } = require('../utils');
-const path = require('path');
-const fs = require('fs');
-
-mongoose.plugin(Encrypt);
-mongoose.set('applyPluginsToDiscriminators', true); // Needed for LHEncrypt
-
-// Load app definition to check for DocumentDB configuration
-let appDefinition = {};
-let mongoConfig = {
-    useNewUrlParser: true,
-    bufferCommands: false, // Disable mongoose buffering
-    autoCreate: false, // Disable because auto creation does not work without buffering
-    useUnifiedTopology: true,
-    serverSelectionTimeoutMS: 5000,
-};
-
-const checkIsConnected = () => mongoose.connection?.readyState > 0;
-
-const connectToDatabase = async () => {
-    if (checkIsConnected()) {
-        debug('=> using existing database connection');
-        return;
-    }
-
-    console.log('🔗 Connecting to database...');
-
-    // Load appDefinition inside the function
-    try {
-        console.log(
-            '🔍 Loading app definition for DocumentDB configuration...'
-        );
-
-        const backendPath = findNearestBackendPackageJson();
-        if (!backendPath) {
-            throw new Error('Could not find backend package.json');
-        }
-
-        const backendDir = path.dirname(backendPath);
-        const backendFilePath = path.join(backendDir, 'index.js');
-        if (!fs.existsSync(backendFilePath)) {
-            throw new Error('Could not find index.js');
-        }
-
-        const backend = require(backendFilePath);
-        appDefinition = backend.Definition;
-
-        console.log('📁 AppDefinition content:', JSON.stringify(appDefinition));
-
-        // Add DocumentDB TLS configuration if enabled
-        if (appDefinition.database?.documentDB?.enable === true) {
-            console.log('📄 DocumentDB configuration detected, enabling TLS');
-            console.log('📁 Current working directory:', process.cwd());
-            console.log(
-                '📋 App definition database config:',
-                JSON.stringify(appDefinition.database, null, 2)
-            );
-
-            mongoConfig.tls = true;
-
-            // Set TLS CA file path if specified
-            if (appDefinition.database.documentDB.tlsCAFile) {
-                const tlsCAFile = appDefinition.database.documentDB.tlsCAFile;
-
-                // Basic safety: reject obviously dangerous paths
-                if (tlsCAFile.includes('..') || path.isAbsolute(tlsCAFile)) {
-                    console.warn(
-                        '⚠️  Rejecting potentially unsafe tlsCAFile path:',
-                        tlsCAFile
-                    );
-                } else {
-                    const tlsCAFilePath = path.resolve(
-                        process.cwd(),
-                        tlsCAFile
-                    );
-
-                    console.log('📄 DocumentDB TLS CA file configured:');
-                    console.log('   📎 Original path:', tlsCAFile);
-                    console.log('   📎 Resolved path:', tlsCAFilePath);
-                    console.log(
-                        '   📄 File exists:',
-                        fs.existsSync(tlsCAFilePath)
-                    );
-
-                    // Only set tlsCAFile if the file actually exists
-                    if (fs.existsSync(tlsCAFilePath)) {
-                        mongoConfig.tlsCAFile = tlsCAFilePath;
-                        console.log('✅ TLS CA file configured successfully');
-                    } else {
-                        throw new Error(
-                            `TLS CA file not found at ${tlsCAFilePath}`
-                        );
-                    }
-
-                    // Debug directory listing (only in development)
-                    if (process.env.NODE_ENV !== 'production') {
-                        try {
-                            console.log('📁 Current directory contents:');
-                            fs.readdirSync(process.cwd()).forEach((item) => {
-                                const stats = fs.statSync(
-                                    path.join(process.cwd(), item)
-                                );
-                                console.log(
-                                    `   ${
-                                        stats.isDirectory() ? '📁' : '📄'
-                                    } ${item}`
-                                );
-                            });
-
-                            const securityDir = path.join(
-                                process.cwd(),
-                                'security'
-                            );
-                            if (fs.existsSync(securityDir)) {
-                                console.log('📁 Security directory contents:');
-                                fs.readdirSync(securityDir).forEach((item) => {
-                                    console.log(`   📄 ${item}`);
-                                });
-                            } else {
-                                console.log(
-                                    '❌ Security directory does not exist at:',
-                                    securityDir
-                                );
-                            }
-                        } catch (error) {
-                            console.log(
-                                '❌ Error listing directory contents:',
-                                error.message
-                            );
-                        }
-                    }
-                }
-            }
-        } else {
-            console.log(
-                '📄 DocumentDB not enabled, using standard MongoDB configuration'
-            );
-        }
-    } catch (error) {
-        console.error('❌ Error loading app definition:', error.message);
-        debug(
-            'Could not load app definition for DocumentDB configuration:',
-            error.message
-        );
-    }
-
-    console.log('🔗 MongoDB URI:', process.env.MONGO_URI ? 'SET' : 'NOT SET');
-    console.log('🔧 Final mongoConfig:', JSON.stringify(mongoConfig, null, 2));
-
-    debug('=> using new database connection');
-    await mongoose.connect(process.env.MONGO_URI, mongoConfig);
-    debug('Connection state:', mongoose.STATES[mongoose.connection.readyState]);
-    mongoose.connection.on('error', (error) => flushDebugLog(error));
-};
-
-const disconnectFromDatabase = async () => mongoose.disconnect();
-
-const createObjectId = () => new mongoose.Types.ObjectId();
-
-module.exports = {
-    connectToDatabase,
-    disconnectFromDatabase,
-    createObjectId,
-};

package/encrypt/Cryptor.test.js

@@ -1,32 +0,0 @@
-const { Cryptor } = require('./Cryptor');
-
-describe('Cryptor', () => {
-    describe('Permutations', () => {
-        it('calculates permutations correctly', async () => {
-            // Given a nested field, we want all possible paths that could access it.
-            const cryptor = new Cryptor({ fields: ['a.b.c.d', 'e'] });
-            expect(cryptor.permutationsByField).toEqual({
-                'a.b.c.d': [
-                    ['a', 'b', 'c', 'd'],
-                    ['a', 'b', 'c.d'],
-                    ['a', 'b.c', 'd'],
-                    ['a', 'b.c.d'],
-                    ['a.b', 'c', 'd'],
-                    ['a.b', 'c.d'],
-                    ['a.b.c', 'd'],
-                    ['a.b.c.d'],
-                ],
-                e: [['e']],
-            });
-        });
-    });
-
-    describe('Keys', () => {
-        it('raises error on missing environment', () => {
-            const cryptor = new Cryptor({ fields: ['a.b.c.d', 'e'] });
-            expect(cryptor.getKeyFromEnvironment).toThrow(
-                'No encryption key found with ID "undefined"'
-            );
-        });
-    });
-});

package/encrypt/encrypt.js

@@ -1,104 +0,0 @@
-const { Cryptor } = require('./Cryptor');
-
-const updateOneEvents = [
-    'updateOne',
-    'replaceOne',
-    'findOneAndUpdate',
-    'findOneAndReplace',
-];
-const findOneEvents = [
-    'findOne',
-    'findOneAndDelete',
-    'findOneAndRemove',
-    'findOneAndUpdate',
-    'findOneAndReplace',
-];
-
-const shouldBypassEncryption = (STAGE) => {
-    const defaultBypassStages = ['dev', 'test', 'local'];
-    return defaultBypassStages.includes(STAGE);
-};
-
-function Encrypt(schema) {
-    const { STAGE, KMS_KEY_ARN, AES_KEY_ID } = process.env;
-
-    if (shouldBypassEncryption(STAGE)) {
-        return;
-    }
-
-    const hasAES = AES_KEY_ID && AES_KEY_ID.trim() !== '';
-    const hasKMS = KMS_KEY_ARN && KMS_KEY_ARN.trim() !== '' && !hasAES;
-
-    const fields = Object.values(schema.paths)
-        .map(({ path, options }) => (options.lhEncrypt === true ? path : ''))
-        .filter(Boolean);
-
-    if (!fields.length) {
-        return;
-    }
-
-    const cryptor = new Cryptor({
-        shouldUseAws: hasKMS,
-        fields: fields,
-    });
-
-    schema.pre('save', async function encryptionPreSave() {
-        await cryptor.encryptFieldsInDocuments([this]);
-    });
-
-    schema.pre(
-        'insertMany',
-        async function encryptionPreInsertMany(_, docs, options) {
-            if (options?.rawResult) {
-                throw new Error(
-                    'Raw result not supported for insertMany with Encrypt plugin'
-                );
-            }
-
-            await cryptor.encryptFieldsInDocuments(docs);
-        }
-    );
-
-    schema.pre(updateOneEvents, async function encryptionPreUpdateOne() {
-        await cryptor.encryptFieldsInQuery(this);
-    });
-
-    schema.pre('updateMany', async function encryptionPreUpdateMany() {
-        cryptor.expectNotToUpdateManyEncrypted(this.getUpdate());
-    });
-
-    schema.pre('update', async function encryptionPreUpdate() {
-        const { multiple } = this.getOptions();
-
-        if (multiple) {
-            cryptor.expectNotToUpdateManyEncrypted(this.getUpdate());
-            return;
-        }
-
-        await cryptor.encryptFieldsInQuery(this);
-    });
-
-    schema.post('save', async function encryptionPreSave() {
-        await cryptor.decryptFieldsInDocuments([this]);
-    });
-
-    schema.post(findOneEvents, async function encryptionPostFindOne(doc) {
-        const { rawResult } = this.getOptions();
-
-        if (rawResult) {
-            return;
-        }
-
-        await cryptor.decryptFieldsInDocuments([doc]);
-    });
-
-    schema.post('find', async function encryptionPostFind(docs) {
-        await cryptor.decryptFieldsInDocuments(docs);
-    });
-
-    schema.post('insertMany', async function encryptionPostInsertMany(docs) {
-        await cryptor.decryptFieldsInDocuments(docs);
-    });
-}
-
-module.exports = { Encrypt };