@futdevpro/nts-dynamo 1.15.51 → 1.15.53

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,9 +1,36 @@
1
+ import { Request, Response } from 'express';
1
2
  import { DyFM_Error, DyFM_Errors, DyFM_ServerStatus } from '@futdevpro/fsm-dynamo';
2
3
  import { DyNTS_Errors_ControlService } from '../errors/errors.control-service';
3
4
  import { DyNTS_Controller } from '../../../_services/route/controller.service';
4
5
  import { DyNTS_Endpoint_Params } from '../../../_models/control-models/endpoint-params.control-model';
5
6
  import { DyNTS_ServerStatus_ControlService } from './server-status.control-service';
6
7
  import { DyNTS_ServerStatusSnapshot_ControlService } from './server-status-snapshot.control-service';
8
+ /**
9
+ * Auth retrofit config a `DyNTS_ServerStatus_Controller`-hez. Opt-in — ha az
10
+ * `authPreProcess` nincs megadva, a controller a regi (auth nelkuli) viselkedest
11
+ * tartja. Ugyanaz a mintazat, mint a `DyNTS_Errors_Controller`-ben, DE biztonsagosabb
12
+ * default-tal: a liveness/readiness/client-version **probak SOHA nem gate-eltek**
13
+ * (orchestrator/LB auth nelkul hivja oket), es a default `protectedEndpoints` csak az
14
+ * admin-adat vegpontokat fedi (NEM a probakat).
15
+ *
16
+ * **Subclass-szintu konfiguracio:** az `authConfig` static, igy az abstract osztaly
17
+ * minden subclass-a kozott OSZTOTT (TypeScript a static field-eket per-class hatarozza meg).
18
+ */
19
+ export interface DyNTS_ServerStatusController_AuthConfig {
20
+ /**
21
+ * Pre-process fuggveny ami minden vedett endpoint elott fut. Ha hianyzik vagy
22
+ * `undefined`, a controller NEM ad hozza auth-ot semelyik endpoint-hoz (regi
23
+ * viselkedes, opt-in safety).
24
+ */
25
+ authPreProcess?: (req: Request, res: Response) => Promise<void>;
26
+ /**
27
+ * Vedett endpoint nevek listaja. Ha hianyzik, a default = csak az admin-adat
28
+ * vegpontok (`getServerStatus`, `getErrorStatistics`) — a probak NEM. A
29
+ * `PUBLIC_PROBE_ENDPOINTS` (`getServerHealth`/`getServerReadiness`/
30
+ * `getServerStatusForClient`) MEG explicit listazva sem gate-elheto.
31
+ */
32
+ protectedEndpoints?: string[];
33
+ }
7
34
  /**
8
35
  * Endpoints:
9
36
  *
@@ -20,6 +47,39 @@ import { DyNTS_ServerStatusSnapshot_ControlService } from './server-status-snaps
20
47
  export declare abstract class DyNTS_ServerStatus_Controller<T_ServerStatus extends DyFM_ServerStatus, T_Error extends DyFM_Error, T_Errors extends DyFM_Errors<T_Error>, T_Errors_ControlService extends DyNTS_Errors_ControlService<T_Error, T_Errors>, T_ServerStatusSnapshot extends DyFM_ServerStatus, T_ServerStatusSnapshot_ControlService extends DyNTS_ServerStatusSnapshot_ControlService<T_ServerStatusSnapshot>, T_ServerStatus_ControlService extends DyNTS_ServerStatus_ControlService<T_ServerStatus, T_Error, T_Errors, T_Errors_ControlService, T_ServerStatusSnapshot, T_ServerStatusSnapshot_ControlService>> extends DyNTS_Controller {
21
48
  protected abstract readonly server_CS: T_ServerStatus_ControlService;
22
49
  protected readonly additionalEndpoints: DyNTS_Endpoint_Params[];
50
+ /**
51
+ * Static auth config — opt-in retrofit. Default ures objektum → NO auth
52
+ * (a meglevo integraciok valtoznatlan viselkedessel folytatodnak).
53
+ */
54
+ protected static authConfig: DyNTS_ServerStatusController_AuthConfig;
55
+ /**
56
+ * Static config setter. Hivhato a szerver startup-jan az endpoint registration ELOTT.
57
+ *
58
+ * Use case (host app):
59
+ * ```ts
60
+ * ServerStatus_Controller.configure({
61
+ * authPreProcess: async (req, res) => auth.authenticate_tokenAndPermission(req, res, FDP_Permission.X),
62
+ * });
63
+ * ```
64
+ * A probak (`getServerHealth`/`getServerReadiness`/`getServerStatusForClient`) ettol
65
+ * fuggetlenul NYITVA maradnak.
66
+ */
67
+ static configure(config: DyNTS_ServerStatusController_AuthConfig): void;
68
+ /**
69
+ * Aktualis auth config olvasasa (test/diagnosztika celokra).
70
+ */
71
+ static getAuthConfig(): DyNTS_ServerStatusController_AuthConfig;
72
+ /**
73
+ * Test-only: visszaallitja az auth config-ot ures objektumra. Production code NE hivja.
74
+ */
75
+ static _resetAuthConfigForTesting(): void;
76
+ /**
77
+ * Vissza-adja az adott endpoint-hoz tartozo `preProcesses` array-t.
78
+ * - Ha az auth NINCS configurolva → ures (regi viselkedes).
79
+ * - A public probak SOHA nem gate-eltek.
80
+ * - Egyebkent az endpoint a `protectedEndpoints` (default = admin-only) listan van-e.
81
+ */
82
+ protected getPreProcessesFor(endpointName: string): ((req: Request, res: Response) => Promise<void>)[];
23
83
  setupEndpoints(): void;
24
84
  }
25
85
  //# sourceMappingURL=server-status.controller.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"server-status.controller.d.ts","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAwC,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AACzH,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6CAA6C,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,+DAA+D,CAAC;AAEtG,OAAO,EAAqB,iCAAiC,EAAE,MAAM,iCAAiC,CAAC;AACvG,OAAO,EAAE,yCAAyC,EAAE,MAAM,0CAA0C,CAAC;AAGrG;;;;;;;;;;;;GAYG;AACH,8BAAsB,6BAA6B,CACjD,cAAc,SAAS,iBAAiB,EACxC,OAAO,SAAS,UAAU,EAC1B,QAAQ,SAAS,WAAW,CAAC,OAAO,CAAC,EACrC,uBAAuB,SAAS,2BAA2B,CAAC,OAAO,EAAE,QAAQ,CAAC,EAC9E,sBAAsB,SAAS,iBAAiB,EAChD,qCAAqC,SAAS,yCAAyC,CAAC,sBAAsB,CAAC,EAC/G,6BAA6B,SAAS,iCAAiC,CACrE,cAAc,EACd,OAAO,EACP,QAAQ,EACR,uBAAuB,EACvB,sBAAsB,EACtB,qCAAqC,CACtC,CACD,SAAQ,gBAAgB;IAMxB,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,6BAA6B,CAAC;IAGrE,SAAS,CAAC,QAAQ,CAAC,mBAAmB,EAAE,qBAAqB,EAAE,CAAM;IAErE,cAAc,IAAI,IAAI;CA6FvB"}
1
+ {"version":3,"file":"server-status.controller.d.ts","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE5C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAwC,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AACzH,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6CAA6C,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,+DAA+D,CAAC;AAEtG,OAAO,EAAqB,iCAAiC,EAAE,MAAM,iCAAiC,CAAC;AACvG,OAAO,EAAE,yCAAyC,EAAE,MAAM,0CAA0C,CAAC;AAGrG;;;;;;;;;;GAUG;AACH,MAAM,WAAW,uCAAuC;IACtD;;;;OAIG;IACH,cAAc,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhE;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AA0BD;;;;;;;;;;;;GAYG;AACH,8BAAsB,6BAA6B,CACjD,cAAc,SAAS,iBAAiB,EACxC,OAAO,SAAS,UAAU,EAC1B,QAAQ,SAAS,WAAW,CAAC,OAAO,CAAC,EACrC,uBAAuB,SAAS,2BAA2B,CAAC,OAAO,EAAE,QAAQ,CAAC,EAC9E,sBAAsB,SAAS,iBAAiB,EAChD,qCAAqC,SAAS,yCAAyC,CAAC,sBAAsB,CAAC,EAC/G,6BAA6B,SAAS,iCAAiC,CACrE,cAAc,EACd,OAAO,EACP,QAAQ,EACR,uBAAuB,EACvB,sBAAsB,EACtB,qCAAqC,CACtC,CACD,SAAQ,gBAAgB;IAMxB,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,6BAA6B,CAAC;IAGrE,SAAS,CAAC,QAAQ,CAAC,mBAAmB,EAAE,qBAAqB,EAAE,CAAM;IAErE;;;OAGG;IACH,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,uCAAuC,CAAM;IAE1E;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,uCAAuC,GAAG,IAAI;IAIvE;;OAEG;IACH,MAAM,CAAC,aAAa,IAAI,uCAAuC;IAI/D;;OAEG;IACH,MAAM,CAAC,0BAA0B,IAAI,IAAI;IAIzC;;;;;OAKG;IACH,SAAS,CAAC,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,EAAE;IAQtG,cAAc,IAAI,IAAI;CAkGvB"}
@@ -5,6 +5,28 @@ const fsm_dynamo_1 = require("@futdevpro/fsm-dynamo");
5
5
  const controller_service_1 = require("../../../_services/route/controller.service");
6
6
  const endpoint_params_control_model_1 = require("../../../_models/control-models/endpoint-params.control-model");
7
7
  const global_settings_const_1 = require("../../../_collections/global-settings.const");
8
+ /**
9
+ * Public probak — orchestrator/LB ÉS a kliens server-status-indikator hivja auth
10
+ * nelkul, ezert SOHA nem gate-eljuk (meg ha a host explicit listazza is a
11
+ * `protectedEndpoints`-ban).
12
+ *
13
+ * FONTOS: `getServerStatus` (/status) IS itt van — a base controller-ben mindharom
14
+ * (`getServerStatus`, `getServerHealth`, `getServerStatusForClient`) UGYANAZT hivja:
15
+ * `server_CS.getServerStatus(issuer)`. Mivel a /health es /status/:version amugy is
16
+ * publikus, a /status gate-elese 0 biztonsagi hasznot adna, viszont eltori a kliens
17
+ * `DyNX` server-status-pollot (401 minden oldalbetolteskor). Csak a `getErrorStatistics`
18
+ * valodi admin-adat.
19
+ */
20
+ const PUBLIC_PROBE_ENDPOINTS = [
21
+ 'getServerStatus', 'getServerHealth', 'getServerReadiness', 'getServerStatusForClient',
22
+ ];
23
+ /**
24
+ * Default vedett vegpontok (ha a host nem ad `protectedEndpoints`-t): csak a valodi
25
+ * admin-adat vegpont (`getErrorStatistics`). A status-vegpontok publikusak (lasd fent).
26
+ */
27
+ const DEFAULT_PROTECTED_ENDPOINTS = [
28
+ 'getErrorStatistics',
29
+ ];
8
30
  /**
9
31
  * Endpoints:
10
32
  *
@@ -21,6 +43,55 @@ const global_settings_const_1 = require("../../../_collections/global-settings.c
21
43
  class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controller {
22
44
  /* protected abstract getServerService(): T_ServerStatusService; */
23
45
  additionalEndpoints = [];
46
+ /**
47
+ * Static auth config — opt-in retrofit. Default ures objektum → NO auth
48
+ * (a meglevo integraciok valtoznatlan viselkedessel folytatodnak).
49
+ */
50
+ static authConfig = {};
51
+ /**
52
+ * Static config setter. Hivhato a szerver startup-jan az endpoint registration ELOTT.
53
+ *
54
+ * Use case (host app):
55
+ * ```ts
56
+ * ServerStatus_Controller.configure({
57
+ * authPreProcess: async (req, res) => auth.authenticate_tokenAndPermission(req, res, FDP_Permission.X),
58
+ * });
59
+ * ```
60
+ * A probak (`getServerHealth`/`getServerReadiness`/`getServerStatusForClient`) ettol
61
+ * fuggetlenul NYITVA maradnak.
62
+ */
63
+ static configure(config) {
64
+ DyNTS_ServerStatus_Controller.authConfig = config;
65
+ }
66
+ /**
67
+ * Aktualis auth config olvasasa (test/diagnosztika celokra).
68
+ */
69
+ static getAuthConfig() {
70
+ return DyNTS_ServerStatus_Controller.authConfig;
71
+ }
72
+ /**
73
+ * Test-only: visszaallitja az auth config-ot ures objektumra. Production code NE hivja.
74
+ */
75
+ static _resetAuthConfigForTesting() {
76
+ DyNTS_ServerStatus_Controller.authConfig = {};
77
+ }
78
+ /**
79
+ * Vissza-adja az adott endpoint-hoz tartozo `preProcesses` array-t.
80
+ * - Ha az auth NINCS configurolva → ures (regi viselkedes).
81
+ * - A public probak SOHA nem gate-eltek.
82
+ * - Egyebkent az endpoint a `protectedEndpoints` (default = admin-only) listan van-e.
83
+ */
84
+ getPreProcessesFor(endpointName) {
85
+ const cfg = DyNTS_ServerStatus_Controller.authConfig;
86
+ if (!cfg.authPreProcess) {
87
+ return [];
88
+ }
89
+ if (PUBLIC_PROBE_ENDPOINTS.includes(endpointName)) {
90
+ return [];
91
+ }
92
+ const protectedNames = cfg.protectedEndpoints ?? DEFAULT_PROTECTED_ENDPOINTS;
93
+ return protectedNames.includes(endpointName) ? [cfg.authPreProcess] : [];
94
+ }
24
95
  setupEndpoints() {
25
96
  /* if (!this.getServerService) {
26
97
  throw new DyFM_Error({
@@ -40,6 +111,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
40
111
  name: 'getServerStatus',
41
112
  type: fsm_dynamo_1.DyFM_HttpCallType.get,
42
113
  endpoint: '/status',
114
+ preProcesses: this.getPreProcessesFor('getServerStatus'),
43
115
  tasks: [
44
116
  async (req, res, issuer) => {
45
117
  res.send(await this.server_CS.getServerStatus(issuer));
@@ -50,6 +122,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
50
122
  name: 'getServerHealth',
51
123
  type: fsm_dynamo_1.DyFM_HttpCallType.get,
52
124
  endpoint: '/health',
125
+ preProcesses: this.getPreProcessesFor('getServerHealth'),
53
126
  tasks: [
54
127
  async (req, res, issuer) => {
55
128
  res.send(await this.server_CS.getServerStatus(issuer));
@@ -62,6 +135,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
62
135
  name: 'getServerReadiness',
63
136
  type: fsm_dynamo_1.DyFM_HttpCallType.get,
64
137
  endpoint: '/readiness',
138
+ preProcesses: this.getPreProcessesFor('getServerReadiness'),
65
139
  tasks: [
66
140
  async (req, res, issuer) => {
67
141
  const readiness = await this.server_CS.checkDbReadiness();
@@ -73,6 +147,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
73
147
  name: 'getServerStatusForClient',
74
148
  type: fsm_dynamo_1.DyFM_HttpCallType.get,
75
149
  endpoint: '/status/:version',
150
+ preProcesses: this.getPreProcessesFor('getServerStatusForClient'),
76
151
  tasks: [
77
152
  async (req, res, issuer) => {
78
153
  res.send(await this.server_CS.getServerStatus(issuer, req.params.version));
@@ -83,6 +158,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
83
158
  name: 'getErrorStatistics',
84
159
  type: fsm_dynamo_1.DyFM_HttpCallType.get,
85
160
  endpoint: '/statistics/error/:range',
161
+ preProcesses: this.getPreProcessesFor('getErrorStatistics'),
86
162
  tasks: [
87
163
  async (req, res, issuer) => {
88
164
  res.send(await this.server_CS.getErrorStatistics(req.params.range, issuer));
@@ -1 +1 @@
1
- {"version":3,"file":"server-status.controller.js","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":";;;AAGA,sDAAyH;AAEzH,oFAA+E;AAC/E,iHAAsG;AACtG,uFAAoF;AAKpF;;;;;;;;;;;;GAYG;AACH,MAAsB,6BAepB,SAAQ,qCAAgB;IAQxB,mEAAmE;IAChD,mBAAmB,GAA4B,EAAE,CAAC;IAErE,cAAc;QACZ;;;;;YAKI;QAEJ,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC9B,MAAM,IAAI,uBAAU,CAAC;gBACnB,OAAO,EAAE,iEAAiE;gBAC1E,SAAS,EAAE,GAAG,6CAAqB,CAAC,mBAAmB,gBAAgB;aACxE,CAAC,CAAC;QACL,CAAC;QAED,mDAAmD;QAEnD,IAAI,CAAC,SAAS,GAAG;YACf,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,CAAC,CAC7C,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,CAAC,CAC7C,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,qFAAqF;YACrF,uFAAuF;YACvF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,YAAY;gBACtB,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,MAAM,SAAS,GAAsB,MAAM,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;wBAE7E,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;oBAC1D,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,0BAA0B;gBAChC,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,kBAAkB;gBAC5B,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBAEnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CACjE,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,0BAA0B;gBACpC,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAkB,EAAE;wBAEpE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,kBAAkB,CACrC,GAAG,CAAC,MAAM,CAAC,KAA0B,EACrC,MAAM,CACP,CACF,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,GAAG,IAAI,CAAC,mBAAmB;SAC5B,CAAC;IACJ,CAAC;CACF;AAvHD,sEAuHC"}
1
+ {"version":3,"file":"server-status.controller.js","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":";;;AAGA,sDAAyH;AAEzH,oFAA+E;AAC/E,iHAAsG;AACtG,uFAAoF;AAiCpF;;;;;;;;;;;GAWG;AACH,MAAM,sBAAsB,GAAa;IACvC,iBAAiB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,0BAA0B;CACvF,CAAC;AAEF;;;GAGG;AACH,MAAM,2BAA2B,GAAa;IAC5C,oBAAoB;CACrB,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,MAAsB,6BAepB,SAAQ,qCAAgB;IAQxB,mEAAmE;IAChD,mBAAmB,GAA4B,EAAE,CAAC;IAErE;;;OAGG;IACO,MAAM,CAAC,UAAU,GAA4C,EAAE,CAAC;IAE1E;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,SAAS,CAAC,MAA+C;QAC9D,6BAA6B,CAAC,UAAU,GAAG,MAAM,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa;QAClB,OAAO,6BAA6B,CAAC,UAAU,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,0BAA0B;QAC/B,6BAA6B,CAAC,UAAU,GAAG,EAAE,CAAC;IAChD,CAAC;IAED;;;;;OAKG;IACO,kBAAkB,CAAC,YAAoB;QAC/C,MAAM,GAAG,GAA4C,6BAA6B,CAAC,UAAU,CAAC;QAC9F,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;YAAC,OAAO,EAAE,CAAC;QAAC,CAAC;QACvC,IAAI,sBAAsB,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YAAC,OAAO,EAAE,CAAC;QAAC,CAAC;QACjE,MAAM,cAAc,GAAa,GAAG,CAAC,kBAAkB,IAAI,2BAA2B,CAAC;QACvF,OAAO,cAAc,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC;IAED,cAAc;QACZ;;;;;YAKI;QAEJ,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC9B,MAAM,IAAI,uBAAU,CAAC;gBACnB,OAAO,EAAE,iEAAiE;gBAC1E,SAAS,EAAE,GAAG,6CAAqB,CAAC,mBAAmB,gBAAgB;aACxE,CAAC,CAAC;QACL,CAAC;QAED,mDAAmD;QAEnD,IAAI,CAAC,SAAS,GAAG;YACf,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,SAAS;gBACnB,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,CAAC;gBACxD,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,CAAC,CAC7C,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,SAAS;gBACnB,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,CAAC;gBACxD,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,CAAC,CAC7C,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,qFAAqF;YACrF,uFAAuF;YACvF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,YAAY;gBACtB,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC;gBAC3D,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,MAAM,SAAS,GAAsB,MAAM,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;wBAE7E,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;oBAC1D,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,0BAA0B;gBAChC,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAAC;gBACjE,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBAEnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CACjE,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,0BAA0B;gBACpC,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC;gBAC3D,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAkB,EAAE;wBAEpE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,kBAAkB,CACrC,GAAG,CAAC,MAAM,CAAC,KAA0B,EACrC,MAAM,CACP,CACF,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,GAAG,IAAI,CAAC,mBAAmB;SAC5B,CAAC;IACJ,CAAC;;AA7KH,sEA8KC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@futdevpro/nts-dynamo",
3
- "version": "01.15.51",
3
+ "version": "01.15.53",
4
4
  "description": "Dynamic NodeTS (NodeJS-Typescript), MongoDB Backend System Framework by Future Development Program Ltd.",
5
5
  "DyBu_settings": {
6
6
  "packageType": "server-package",
@@ -332,7 +332,7 @@
332
332
  "ts-node": "~10.9.2"
333
333
  },
334
334
  "devDependencies": {
335
- "@futdevpro/dynamo-eslint": "1.15.15",
335
+ "@futdevpro/dynamo-eslint": "1.15.16",
336
336
  "@discordjs/opus": "^0.10.0",
337
337
  "@discordjs/voice": "^0.18.0",
338
338
  "@types/jasmine": "~4.3.5",
@@ -158,5 +158,83 @@ describe('| DyNTS_ServerStatus_Controller', () => {
158
158
  }).toThrow();
159
159
  });
160
160
  });
161
+
162
+ describe('| opt-in admin auth retrofit', (): void => {
163
+ afterEach((): void => {
164
+ DyNTS_ServerStatus_Controller._resetAuthConfigForTesting();
165
+ });
166
+
167
+ const preCount = (controller: any, name: string): number => {
168
+ const ep: any = controller.endpoints.find((e: any) => e.name === name);
169
+ return (ep?.preProcesses ?? []).length;
170
+ };
171
+
172
+ it('| default: NO preProcesses on any endpoint (backwards compatible)', (): void => {
173
+ controller.setupEndpoints();
174
+ for (const ep of controller.endpoints) {
175
+ const pre: any = (ep as any).preProcesses;
176
+ expect(pre === undefined || pre.length === 0).toBe(true);
177
+ }
178
+ });
179
+
180
+ it('| configure({ authPreProcess }) → csak getErrorStatistics gated, a status-vegpontok NEM', (): void => {
181
+ const fakeAuth = async (): Promise<void> => { /* noop */ };
182
+ DyNTS_ServerStatus_Controller.configure({ authPreProcess: fakeAuth });
183
+ const c: any = new (TestServerStatusController as any)();
184
+ c.setupEndpoints();
185
+
186
+ // admin-adat → gated
187
+ expect(preCount(c, 'getErrorStatistics')).toBe(1);
188
+ // status-vegpontok (a kliens-indikator hivja, /health-tel adat-ekvivalens) → SOHA nem gated
189
+ expect(preCount(c, 'getServerStatus')).toBe(0);
190
+ expect(preCount(c, 'getServerHealth')).toBe(0);
191
+ expect(preCount(c, 'getServerReadiness')).toBe(0);
192
+ expect(preCount(c, 'getServerStatusForClient')).toBe(0);
193
+ });
194
+
195
+ it('| a status-vegpontokat (getServerStatus is) explicit protectedEndpoints-lista SEM gate-eli', (): void => {
196
+ const fakeAuth = async (): Promise<void> => { /* noop */ };
197
+ DyNTS_ServerStatus_Controller.configure({
198
+ authPreProcess: fakeAuth,
199
+ protectedEndpoints: [ 'getServerHealth', 'getServerReadiness', 'getServerStatusForClient', 'getServerStatus', 'getErrorStatistics' ],
200
+ });
201
+ const c: any = new (TestServerStatusController as any)();
202
+ c.setupEndpoints();
203
+
204
+ expect(preCount(c, 'getServerStatus')).toBe(0);
205
+ expect(preCount(c, 'getServerHealth')).toBe(0);
206
+ expect(preCount(c, 'getServerReadiness')).toBe(0);
207
+ expect(preCount(c, 'getServerStatusForClient')).toBe(0);
208
+ // a valodi admin-adat viszont gated
209
+ expect(preCount(c, 'getErrorStatistics')).toBe(1);
210
+ });
211
+
212
+ it('| protectedEndpoints subset → csak a megadott (nem-proba) neveken aktiv', (): void => {
213
+ const fakeAuth = async (): Promise<void> => { /* noop */ };
214
+ DyNTS_ServerStatus_Controller.configure({
215
+ authPreProcess: fakeAuth,
216
+ protectedEndpoints: [ 'getErrorStatistics' ],
217
+ });
218
+ const c: any = new (TestServerStatusController as any)();
219
+ c.setupEndpoints();
220
+
221
+ expect(preCount(c, 'getErrorStatistics')).toBe(1);
222
+ expect(preCount(c, 'getServerStatus')).toBe(0);
223
+ });
224
+
225
+ it('| getAuthConfig() returns the active config', (): void => {
226
+ const fakeAuth = async (): Promise<void> => { /* noop */ };
227
+ DyNTS_ServerStatus_Controller.configure({ authPreProcess: fakeAuth, protectedEndpoints: [ 'getErrorStatistics' ] });
228
+ const cfg = DyNTS_ServerStatus_Controller.getAuthConfig();
229
+ expect(cfg.authPreProcess).toBe(fakeAuth);
230
+ expect(cfg.protectedEndpoints).toEqual([ 'getErrorStatistics' ]);
231
+ });
232
+
233
+ it('| _resetAuthConfigForTesting() clears the config', (): void => {
234
+ DyNTS_ServerStatus_Controller.configure({ authPreProcess: async (): Promise<void> => { /* noop */ } });
235
+ DyNTS_ServerStatus_Controller._resetAuthConfigForTesting();
236
+ expect(DyNTS_ServerStatus_Controller.getAuthConfig().authPreProcess).toBeUndefined();
237
+ });
238
+ });
161
239
  });
162
240
 
@@ -10,18 +10,70 @@ import { DyNTS_DbReadiness, DyNTS_ServerStatus_ControlService } from './server-s
10
10
  import { DyNTS_ServerStatusSnapshot_ControlService } from './server-status-snapshot.control-service';
11
11
 
12
12
 
13
+ /**
14
+ * Auth retrofit config a `DyNTS_ServerStatus_Controller`-hez. Opt-in — ha az
15
+ * `authPreProcess` nincs megadva, a controller a regi (auth nelkuli) viselkedest
16
+ * tartja. Ugyanaz a mintazat, mint a `DyNTS_Errors_Controller`-ben, DE biztonsagosabb
17
+ * default-tal: a liveness/readiness/client-version **probak SOHA nem gate-eltek**
18
+ * (orchestrator/LB auth nelkul hivja oket), es a default `protectedEndpoints` csak az
19
+ * admin-adat vegpontokat fedi (NEM a probakat).
20
+ *
21
+ * **Subclass-szintu konfiguracio:** az `authConfig` static, igy az abstract osztaly
22
+ * minden subclass-a kozott OSZTOTT (TypeScript a static field-eket per-class hatarozza meg).
23
+ */
24
+ export interface DyNTS_ServerStatusController_AuthConfig {
25
+ /**
26
+ * Pre-process fuggveny ami minden vedett endpoint elott fut. Ha hianyzik vagy
27
+ * `undefined`, a controller NEM ad hozza auth-ot semelyik endpoint-hoz (regi
28
+ * viselkedes, opt-in safety).
29
+ */
30
+ authPreProcess?: (req: Request, res: Response) => Promise<void>;
31
+
32
+ /**
33
+ * Vedett endpoint nevek listaja. Ha hianyzik, a default = csak az admin-adat
34
+ * vegpontok (`getServerStatus`, `getErrorStatistics`) — a probak NEM. A
35
+ * `PUBLIC_PROBE_ENDPOINTS` (`getServerHealth`/`getServerReadiness`/
36
+ * `getServerStatusForClient`) MEG explicit listazva sem gate-elheto.
37
+ */
38
+ protectedEndpoints?: string[];
39
+ }
40
+
41
+ /**
42
+ * Public probak — orchestrator/LB ÉS a kliens server-status-indikator hivja auth
43
+ * nelkul, ezert SOHA nem gate-eljuk (meg ha a host explicit listazza is a
44
+ * `protectedEndpoints`-ban).
45
+ *
46
+ * FONTOS: `getServerStatus` (/status) IS itt van — a base controller-ben mindharom
47
+ * (`getServerStatus`, `getServerHealth`, `getServerStatusForClient`) UGYANAZT hivja:
48
+ * `server_CS.getServerStatus(issuer)`. Mivel a /health es /status/:version amugy is
49
+ * publikus, a /status gate-elese 0 biztonsagi hasznot adna, viszont eltori a kliens
50
+ * `DyNX` server-status-pollot (401 minden oldalbetolteskor). Csak a `getErrorStatistics`
51
+ * valodi admin-adat.
52
+ */
53
+ const PUBLIC_PROBE_ENDPOINTS: string[] = [
54
+ 'getServerStatus', 'getServerHealth', 'getServerReadiness', 'getServerStatusForClient',
55
+ ];
56
+
57
+ /**
58
+ * Default vedett vegpontok (ha a host nem ad `protectedEndpoints`-t): csak a valodi
59
+ * admin-adat vegpont (`getErrorStatistics`). A status-vegpontok publikusak (lasd fent).
60
+ */
61
+ const DEFAULT_PROTECTED_ENDPOINTS: string[] = [
62
+ 'getErrorStatistics',
63
+ ];
64
+
13
65
  /**
14
66
  * Endpoints:
15
- *
67
+ *
16
68
  * getServerStatus
17
69
  * GET /status
18
- *
70
+ *
19
71
  * getServerStatusForClient
20
72
  * GET /status/:version
21
- *
73
+ *
22
74
  * getErrorStatistics
23
75
  * GET /statistics/error/:range
24
- *
76
+ *
25
77
  */
26
78
  export abstract class DyNTS_ServerStatus_Controller<
27
79
  T_ServerStatus extends DyFM_ServerStatus,
@@ -45,10 +97,60 @@ export abstract class DyNTS_ServerStatus_Controller<
45
97
  } */
46
98
 
47
99
  protected abstract readonly server_CS: T_ServerStatus_ControlService;
48
-
100
+
49
101
  /* protected abstract getServerService(): T_ServerStatusService; */
50
102
  protected readonly additionalEndpoints: DyNTS_Endpoint_Params[] = [];
51
103
 
104
+ /**
105
+ * Static auth config — opt-in retrofit. Default ures objektum → NO auth
106
+ * (a meglevo integraciok valtoznatlan viselkedessel folytatodnak).
107
+ */
108
+ protected static authConfig: DyNTS_ServerStatusController_AuthConfig = {};
109
+
110
+ /**
111
+ * Static config setter. Hivhato a szerver startup-jan az endpoint registration ELOTT.
112
+ *
113
+ * Use case (host app):
114
+ * ```ts
115
+ * ServerStatus_Controller.configure({
116
+ * authPreProcess: async (req, res) => auth.authenticate_tokenAndPermission(req, res, FDP_Permission.X),
117
+ * });
118
+ * ```
119
+ * A probak (`getServerHealth`/`getServerReadiness`/`getServerStatusForClient`) ettol
120
+ * fuggetlenul NYITVA maradnak.
121
+ */
122
+ static configure(config: DyNTS_ServerStatusController_AuthConfig): void {
123
+ DyNTS_ServerStatus_Controller.authConfig = config;
124
+ }
125
+
126
+ /**
127
+ * Aktualis auth config olvasasa (test/diagnosztika celokra).
128
+ */
129
+ static getAuthConfig(): DyNTS_ServerStatusController_AuthConfig {
130
+ return DyNTS_ServerStatus_Controller.authConfig;
131
+ }
132
+
133
+ /**
134
+ * Test-only: visszaallitja az auth config-ot ures objektumra. Production code NE hivja.
135
+ */
136
+ static _resetAuthConfigForTesting(): void {
137
+ DyNTS_ServerStatus_Controller.authConfig = {};
138
+ }
139
+
140
+ /**
141
+ * Vissza-adja az adott endpoint-hoz tartozo `preProcesses` array-t.
142
+ * - Ha az auth NINCS configurolva → ures (regi viselkedes).
143
+ * - A public probak SOHA nem gate-eltek.
144
+ * - Egyebkent az endpoint a `protectedEndpoints` (default = admin-only) listan van-e.
145
+ */
146
+ protected getPreProcessesFor(endpointName: string): ((req: Request, res: Response) => Promise<void>)[] {
147
+ const cfg: DyNTS_ServerStatusController_AuthConfig = DyNTS_ServerStatus_Controller.authConfig;
148
+ if (!cfg.authPreProcess) { return []; }
149
+ if (PUBLIC_PROBE_ENDPOINTS.includes(endpointName)) { return []; }
150
+ const protectedNames: string[] = cfg.protectedEndpoints ?? DEFAULT_PROTECTED_ENDPOINTS;
151
+ return protectedNames.includes(endpointName) ? [cfg.authPreProcess] : [];
152
+ }
153
+
52
154
  setupEndpoints(): void {
53
155
  /* if (!this.getServerService) {
54
156
  throw new DyFM_Error({
@@ -71,6 +173,7 @@ export abstract class DyNTS_ServerStatus_Controller<
71
173
  name: 'getServerStatus',
72
174
  type: DyFM_HttpCallType.get,
73
175
  endpoint: '/status',
176
+ preProcesses: this.getPreProcessesFor('getServerStatus'),
74
177
  tasks: [
75
178
  async (req: Request, res: Response, issuer: string): Promise<void> => {
76
179
  res.send(
@@ -84,6 +187,7 @@ export abstract class DyNTS_ServerStatus_Controller<
84
187
  name: 'getServerHealth',
85
188
  type: DyFM_HttpCallType.get,
86
189
  endpoint: '/health',
190
+ preProcesses: this.getPreProcessesFor('getServerHealth'),
87
191
  tasks: [
88
192
  async (req: Request, res: Response, issuer: string): Promise<void> => {
89
193
  res.send(
@@ -99,6 +203,7 @@ export abstract class DyNTS_ServerStatus_Controller<
99
203
  name: 'getServerReadiness',
100
204
  type: DyFM_HttpCallType.get,
101
205
  endpoint: '/readiness',
206
+ preProcesses: this.getPreProcessesFor('getServerReadiness'),
102
207
  tasks: [
103
208
  async (req: Request, res: Response, issuer: string): Promise<void> => {
104
209
  const readiness: DyNTS_DbReadiness = await this.server_CS.checkDbReadiness();
@@ -112,6 +217,7 @@ export abstract class DyNTS_ServerStatus_Controller<
112
217
  name: 'getServerStatusForClient',
113
218
  type: DyFM_HttpCallType.get,
114
219
  endpoint: '/status/:version',
220
+ preProcesses: this.getPreProcessesFor('getServerStatusForClient'),
115
221
  tasks: [
116
222
  async (req: Request, res: Response, issuer: string): Promise<void> => {
117
223
 
@@ -126,6 +232,7 @@ export abstract class DyNTS_ServerStatus_Controller<
126
232
  name: 'getErrorStatistics',
127
233
  type: DyFM_HttpCallType.get,
128
234
  endpoint: '/statistics/error/:range',
235
+ preProcesses: this.getPreProcessesFor('getErrorStatistics'),
129
236
  tasks: [
130
237
  async (req: Request, res: Response, issuer: string) : Promise<void> => {
131
238