@futdevpro/nts-dynamo 1.15.51 → 1.15.53
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.dynamo/logs/cicd-pipeline/output.log +1383 -1432
- package/.dynamo/logs/cicd-pipeline/status.json +191 -191
- package/build/_modules/server/server-status/server-status.controller.d.ts +60 -0
- package/build/_modules/server/server-status/server-status.controller.d.ts.map +1 -1
- package/build/_modules/server/server-status/server-status.controller.js +76 -0
- package/build/_modules/server/server-status/server-status.controller.js.map +1 -1
- package/package.json +2 -2
- package/src/_modules/server/server-status/server-status.controller.spec.ts +78 -0
- package/src/_modules/server/server-status/server-status.controller.ts +112 -5
|
@@ -1,9 +1,36 @@
|
|
|
1
|
+
import { Request, Response } from 'express';
|
|
1
2
|
import { DyFM_Error, DyFM_Errors, DyFM_ServerStatus } from '@futdevpro/fsm-dynamo';
|
|
2
3
|
import { DyNTS_Errors_ControlService } from '../errors/errors.control-service';
|
|
3
4
|
import { DyNTS_Controller } from '../../../_services/route/controller.service';
|
|
4
5
|
import { DyNTS_Endpoint_Params } from '../../../_models/control-models/endpoint-params.control-model';
|
|
5
6
|
import { DyNTS_ServerStatus_ControlService } from './server-status.control-service';
|
|
6
7
|
import { DyNTS_ServerStatusSnapshot_ControlService } from './server-status-snapshot.control-service';
|
|
8
|
+
/**
|
|
9
|
+
* Auth retrofit config a `DyNTS_ServerStatus_Controller`-hez. Opt-in — ha az
|
|
10
|
+
* `authPreProcess` nincs megadva, a controller a regi (auth nelkuli) viselkedest
|
|
11
|
+
* tartja. Ugyanaz a mintazat, mint a `DyNTS_Errors_Controller`-ben, DE biztonsagosabb
|
|
12
|
+
* default-tal: a liveness/readiness/client-version **probak SOHA nem gate-eltek**
|
|
13
|
+
* (orchestrator/LB auth nelkul hivja oket), es a default `protectedEndpoints` csak az
|
|
14
|
+
* admin-adat vegpontokat fedi (NEM a probakat).
|
|
15
|
+
*
|
|
16
|
+
* **Subclass-szintu konfiguracio:** az `authConfig` static, igy az abstract osztaly
|
|
17
|
+
* minden subclass-a kozott OSZTOTT (TypeScript a static field-eket per-class hatarozza meg).
|
|
18
|
+
*/
|
|
19
|
+
export interface DyNTS_ServerStatusController_AuthConfig {
|
|
20
|
+
/**
|
|
21
|
+
* Pre-process fuggveny ami minden vedett endpoint elott fut. Ha hianyzik vagy
|
|
22
|
+
* `undefined`, a controller NEM ad hozza auth-ot semelyik endpoint-hoz (regi
|
|
23
|
+
* viselkedes, opt-in safety).
|
|
24
|
+
*/
|
|
25
|
+
authPreProcess?: (req: Request, res: Response) => Promise<void>;
|
|
26
|
+
/**
|
|
27
|
+
* Vedett endpoint nevek listaja. Ha hianyzik, a default = csak az admin-adat
|
|
28
|
+
* vegpontok (`getServerStatus`, `getErrorStatistics`) — a probak NEM. A
|
|
29
|
+
* `PUBLIC_PROBE_ENDPOINTS` (`getServerHealth`/`getServerReadiness`/
|
|
30
|
+
* `getServerStatusForClient`) MEG explicit listazva sem gate-elheto.
|
|
31
|
+
*/
|
|
32
|
+
protectedEndpoints?: string[];
|
|
33
|
+
}
|
|
7
34
|
/**
|
|
8
35
|
* Endpoints:
|
|
9
36
|
*
|
|
@@ -20,6 +47,39 @@ import { DyNTS_ServerStatusSnapshot_ControlService } from './server-status-snaps
|
|
|
20
47
|
export declare abstract class DyNTS_ServerStatus_Controller<T_ServerStatus extends DyFM_ServerStatus, T_Error extends DyFM_Error, T_Errors extends DyFM_Errors<T_Error>, T_Errors_ControlService extends DyNTS_Errors_ControlService<T_Error, T_Errors>, T_ServerStatusSnapshot extends DyFM_ServerStatus, T_ServerStatusSnapshot_ControlService extends DyNTS_ServerStatusSnapshot_ControlService<T_ServerStatusSnapshot>, T_ServerStatus_ControlService extends DyNTS_ServerStatus_ControlService<T_ServerStatus, T_Error, T_Errors, T_Errors_ControlService, T_ServerStatusSnapshot, T_ServerStatusSnapshot_ControlService>> extends DyNTS_Controller {
|
|
21
48
|
protected abstract readonly server_CS: T_ServerStatus_ControlService;
|
|
22
49
|
protected readonly additionalEndpoints: DyNTS_Endpoint_Params[];
|
|
50
|
+
/**
|
|
51
|
+
* Static auth config — opt-in retrofit. Default ures objektum → NO auth
|
|
52
|
+
* (a meglevo integraciok valtoznatlan viselkedessel folytatodnak).
|
|
53
|
+
*/
|
|
54
|
+
protected static authConfig: DyNTS_ServerStatusController_AuthConfig;
|
|
55
|
+
/**
|
|
56
|
+
* Static config setter. Hivhato a szerver startup-jan az endpoint registration ELOTT.
|
|
57
|
+
*
|
|
58
|
+
* Use case (host app):
|
|
59
|
+
* ```ts
|
|
60
|
+
* ServerStatus_Controller.configure({
|
|
61
|
+
* authPreProcess: async (req, res) => auth.authenticate_tokenAndPermission(req, res, FDP_Permission.X),
|
|
62
|
+
* });
|
|
63
|
+
* ```
|
|
64
|
+
* A probak (`getServerHealth`/`getServerReadiness`/`getServerStatusForClient`) ettol
|
|
65
|
+
* fuggetlenul NYITVA maradnak.
|
|
66
|
+
*/
|
|
67
|
+
static configure(config: DyNTS_ServerStatusController_AuthConfig): void;
|
|
68
|
+
/**
|
|
69
|
+
* Aktualis auth config olvasasa (test/diagnosztika celokra).
|
|
70
|
+
*/
|
|
71
|
+
static getAuthConfig(): DyNTS_ServerStatusController_AuthConfig;
|
|
72
|
+
/**
|
|
73
|
+
* Test-only: visszaallitja az auth config-ot ures objektumra. Production code NE hivja.
|
|
74
|
+
*/
|
|
75
|
+
static _resetAuthConfigForTesting(): void;
|
|
76
|
+
/**
|
|
77
|
+
* Vissza-adja az adott endpoint-hoz tartozo `preProcesses` array-t.
|
|
78
|
+
* - Ha az auth NINCS configurolva → ures (regi viselkedes).
|
|
79
|
+
* - A public probak SOHA nem gate-eltek.
|
|
80
|
+
* - Egyebkent az endpoint a `protectedEndpoints` (default = admin-only) listan van-e.
|
|
81
|
+
*/
|
|
82
|
+
protected getPreProcessesFor(endpointName: string): ((req: Request, res: Response) => Promise<void>)[];
|
|
23
83
|
setupEndpoints(): void;
|
|
24
84
|
}
|
|
25
85
|
//# sourceMappingURL=server-status.controller.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server-status.controller.d.ts","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"server-status.controller.d.ts","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE5C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAwC,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AACzH,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6CAA6C,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,+DAA+D,CAAC;AAEtG,OAAO,EAAqB,iCAAiC,EAAE,MAAM,iCAAiC,CAAC;AACvG,OAAO,EAAE,yCAAyC,EAAE,MAAM,0CAA0C,CAAC;AAGrG;;;;;;;;;;GAUG;AACH,MAAM,WAAW,uCAAuC;IACtD;;;;OAIG;IACH,cAAc,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhE;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AA0BD;;;;;;;;;;;;GAYG;AACH,8BAAsB,6BAA6B,CACjD,cAAc,SAAS,iBAAiB,EACxC,OAAO,SAAS,UAAU,EAC1B,QAAQ,SAAS,WAAW,CAAC,OAAO,CAAC,EACrC,uBAAuB,SAAS,2BAA2B,CAAC,OAAO,EAAE,QAAQ,CAAC,EAC9E,sBAAsB,SAAS,iBAAiB,EAChD,qCAAqC,SAAS,yCAAyC,CAAC,sBAAsB,CAAC,EAC/G,6BAA6B,SAAS,iCAAiC,CACrE,cAAc,EACd,OAAO,EACP,QAAQ,EACR,uBAAuB,EACvB,sBAAsB,EACtB,qCAAqC,CACtC,CACD,SAAQ,gBAAgB;IAMxB,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,6BAA6B,CAAC;IAGrE,SAAS,CAAC,QAAQ,CAAC,mBAAmB,EAAE,qBAAqB,EAAE,CAAM;IAErE;;;OAGG;IACH,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,uCAAuC,CAAM;IAE1E;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,uCAAuC,GAAG,IAAI;IAIvE;;OAEG;IACH,MAAM,CAAC,aAAa,IAAI,uCAAuC;IAI/D;;OAEG;IACH,MAAM,CAAC,0BAA0B,IAAI,IAAI;IAIzC;;;;;OAKG;IACH,SAAS,CAAC,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,EAAE;IAQtG,cAAc,IAAI,IAAI;CAkGvB"}
|
|
@@ -5,6 +5,28 @@ const fsm_dynamo_1 = require("@futdevpro/fsm-dynamo");
|
|
|
5
5
|
const controller_service_1 = require("../../../_services/route/controller.service");
|
|
6
6
|
const endpoint_params_control_model_1 = require("../../../_models/control-models/endpoint-params.control-model");
|
|
7
7
|
const global_settings_const_1 = require("../../../_collections/global-settings.const");
|
|
8
|
+
/**
|
|
9
|
+
* Public probak — orchestrator/LB ÉS a kliens server-status-indikator hivja auth
|
|
10
|
+
* nelkul, ezert SOHA nem gate-eljuk (meg ha a host explicit listazza is a
|
|
11
|
+
* `protectedEndpoints`-ban).
|
|
12
|
+
*
|
|
13
|
+
* FONTOS: `getServerStatus` (/status) IS itt van — a base controller-ben mindharom
|
|
14
|
+
* (`getServerStatus`, `getServerHealth`, `getServerStatusForClient`) UGYANAZT hivja:
|
|
15
|
+
* `server_CS.getServerStatus(issuer)`. Mivel a /health es /status/:version amugy is
|
|
16
|
+
* publikus, a /status gate-elese 0 biztonsagi hasznot adna, viszont eltori a kliens
|
|
17
|
+
* `DyNX` server-status-pollot (401 minden oldalbetolteskor). Csak a `getErrorStatistics`
|
|
18
|
+
* valodi admin-adat.
|
|
19
|
+
*/
|
|
20
|
+
const PUBLIC_PROBE_ENDPOINTS = [
|
|
21
|
+
'getServerStatus', 'getServerHealth', 'getServerReadiness', 'getServerStatusForClient',
|
|
22
|
+
];
|
|
23
|
+
/**
|
|
24
|
+
* Default vedett vegpontok (ha a host nem ad `protectedEndpoints`-t): csak a valodi
|
|
25
|
+
* admin-adat vegpont (`getErrorStatistics`). A status-vegpontok publikusak (lasd fent).
|
|
26
|
+
*/
|
|
27
|
+
const DEFAULT_PROTECTED_ENDPOINTS = [
|
|
28
|
+
'getErrorStatistics',
|
|
29
|
+
];
|
|
8
30
|
/**
|
|
9
31
|
* Endpoints:
|
|
10
32
|
*
|
|
@@ -21,6 +43,55 @@ const global_settings_const_1 = require("../../../_collections/global-settings.c
|
|
|
21
43
|
class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controller {
|
|
22
44
|
/* protected abstract getServerService(): T_ServerStatusService; */
|
|
23
45
|
additionalEndpoints = [];
|
|
46
|
+
/**
|
|
47
|
+
* Static auth config — opt-in retrofit. Default ures objektum → NO auth
|
|
48
|
+
* (a meglevo integraciok valtoznatlan viselkedessel folytatodnak).
|
|
49
|
+
*/
|
|
50
|
+
static authConfig = {};
|
|
51
|
+
/**
|
|
52
|
+
* Static config setter. Hivhato a szerver startup-jan az endpoint registration ELOTT.
|
|
53
|
+
*
|
|
54
|
+
* Use case (host app):
|
|
55
|
+
* ```ts
|
|
56
|
+
* ServerStatus_Controller.configure({
|
|
57
|
+
* authPreProcess: async (req, res) => auth.authenticate_tokenAndPermission(req, res, FDP_Permission.X),
|
|
58
|
+
* });
|
|
59
|
+
* ```
|
|
60
|
+
* A probak (`getServerHealth`/`getServerReadiness`/`getServerStatusForClient`) ettol
|
|
61
|
+
* fuggetlenul NYITVA maradnak.
|
|
62
|
+
*/
|
|
63
|
+
static configure(config) {
|
|
64
|
+
DyNTS_ServerStatus_Controller.authConfig = config;
|
|
65
|
+
}
|
|
66
|
+
/**
|
|
67
|
+
* Aktualis auth config olvasasa (test/diagnosztika celokra).
|
|
68
|
+
*/
|
|
69
|
+
static getAuthConfig() {
|
|
70
|
+
return DyNTS_ServerStatus_Controller.authConfig;
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Test-only: visszaallitja az auth config-ot ures objektumra. Production code NE hivja.
|
|
74
|
+
*/
|
|
75
|
+
static _resetAuthConfigForTesting() {
|
|
76
|
+
DyNTS_ServerStatus_Controller.authConfig = {};
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Vissza-adja az adott endpoint-hoz tartozo `preProcesses` array-t.
|
|
80
|
+
* - Ha az auth NINCS configurolva → ures (regi viselkedes).
|
|
81
|
+
* - A public probak SOHA nem gate-eltek.
|
|
82
|
+
* - Egyebkent az endpoint a `protectedEndpoints` (default = admin-only) listan van-e.
|
|
83
|
+
*/
|
|
84
|
+
getPreProcessesFor(endpointName) {
|
|
85
|
+
const cfg = DyNTS_ServerStatus_Controller.authConfig;
|
|
86
|
+
if (!cfg.authPreProcess) {
|
|
87
|
+
return [];
|
|
88
|
+
}
|
|
89
|
+
if (PUBLIC_PROBE_ENDPOINTS.includes(endpointName)) {
|
|
90
|
+
return [];
|
|
91
|
+
}
|
|
92
|
+
const protectedNames = cfg.protectedEndpoints ?? DEFAULT_PROTECTED_ENDPOINTS;
|
|
93
|
+
return protectedNames.includes(endpointName) ? [cfg.authPreProcess] : [];
|
|
94
|
+
}
|
|
24
95
|
setupEndpoints() {
|
|
25
96
|
/* if (!this.getServerService) {
|
|
26
97
|
throw new DyFM_Error({
|
|
@@ -40,6 +111,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
|
|
|
40
111
|
name: 'getServerStatus',
|
|
41
112
|
type: fsm_dynamo_1.DyFM_HttpCallType.get,
|
|
42
113
|
endpoint: '/status',
|
|
114
|
+
preProcesses: this.getPreProcessesFor('getServerStatus'),
|
|
43
115
|
tasks: [
|
|
44
116
|
async (req, res, issuer) => {
|
|
45
117
|
res.send(await this.server_CS.getServerStatus(issuer));
|
|
@@ -50,6 +122,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
|
|
|
50
122
|
name: 'getServerHealth',
|
|
51
123
|
type: fsm_dynamo_1.DyFM_HttpCallType.get,
|
|
52
124
|
endpoint: '/health',
|
|
125
|
+
preProcesses: this.getPreProcessesFor('getServerHealth'),
|
|
53
126
|
tasks: [
|
|
54
127
|
async (req, res, issuer) => {
|
|
55
128
|
res.send(await this.server_CS.getServerStatus(issuer));
|
|
@@ -62,6 +135,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
|
|
|
62
135
|
name: 'getServerReadiness',
|
|
63
136
|
type: fsm_dynamo_1.DyFM_HttpCallType.get,
|
|
64
137
|
endpoint: '/readiness',
|
|
138
|
+
preProcesses: this.getPreProcessesFor('getServerReadiness'),
|
|
65
139
|
tasks: [
|
|
66
140
|
async (req, res, issuer) => {
|
|
67
141
|
const readiness = await this.server_CS.checkDbReadiness();
|
|
@@ -73,6 +147,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
|
|
|
73
147
|
name: 'getServerStatusForClient',
|
|
74
148
|
type: fsm_dynamo_1.DyFM_HttpCallType.get,
|
|
75
149
|
endpoint: '/status/:version',
|
|
150
|
+
preProcesses: this.getPreProcessesFor('getServerStatusForClient'),
|
|
76
151
|
tasks: [
|
|
77
152
|
async (req, res, issuer) => {
|
|
78
153
|
res.send(await this.server_CS.getServerStatus(issuer, req.params.version));
|
|
@@ -83,6 +158,7 @@ class DyNTS_ServerStatus_Controller extends controller_service_1.DyNTS_Controlle
|
|
|
83
158
|
name: 'getErrorStatistics',
|
|
84
159
|
type: fsm_dynamo_1.DyFM_HttpCallType.get,
|
|
85
160
|
endpoint: '/statistics/error/:range',
|
|
161
|
+
preProcesses: this.getPreProcessesFor('getErrorStatistics'),
|
|
86
162
|
tasks: [
|
|
87
163
|
async (req, res, issuer) => {
|
|
88
164
|
res.send(await this.server_CS.getErrorStatistics(req.params.range, issuer));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server-status.controller.js","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":";;;AAGA,sDAAyH;AAEzH,oFAA+E;AAC/E,iHAAsG;AACtG,uFAAoF;
|
|
1
|
+
{"version":3,"file":"server-status.controller.js","sourceRoot":"","sources":["../../../../src/_modules/server/server-status/server-status.controller.ts"],"names":[],"mappings":";;;AAGA,sDAAyH;AAEzH,oFAA+E;AAC/E,iHAAsG;AACtG,uFAAoF;AAiCpF;;;;;;;;;;;GAWG;AACH,MAAM,sBAAsB,GAAa;IACvC,iBAAiB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,0BAA0B;CACvF,CAAC;AAEF;;;GAGG;AACH,MAAM,2BAA2B,GAAa;IAC5C,oBAAoB;CACrB,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,MAAsB,6BAepB,SAAQ,qCAAgB;IAQxB,mEAAmE;IAChD,mBAAmB,GAA4B,EAAE,CAAC;IAErE;;;OAGG;IACO,MAAM,CAAC,UAAU,GAA4C,EAAE,CAAC;IAE1E;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,SAAS,CAAC,MAA+C;QAC9D,6BAA6B,CAAC,UAAU,GAAG,MAAM,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa;QAClB,OAAO,6BAA6B,CAAC,UAAU,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,0BAA0B;QAC/B,6BAA6B,CAAC,UAAU,GAAG,EAAE,CAAC;IAChD,CAAC;IAED;;;;;OAKG;IACO,kBAAkB,CAAC,YAAoB;QAC/C,MAAM,GAAG,GAA4C,6BAA6B,CAAC,UAAU,CAAC;QAC9F,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;YAAC,OAAO,EAAE,CAAC;QAAC,CAAC;QACvC,IAAI,sBAAsB,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YAAC,OAAO,EAAE,CAAC;QAAC,CAAC;QACjE,MAAM,cAAc,GAAa,GAAG,CAAC,kBAAkB,IAAI,2BAA2B,CAAC;QACvF,OAAO,cAAc,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC;IAED,cAAc;QACZ;;;;;YAKI;QAEJ,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC9B,MAAM,IAAI,uBAAU,CAAC;gBACnB,OAAO,EAAE,iEAAiE;gBAC1E,SAAS,EAAE,GAAG,6CAAqB,CAAC,mBAAmB,gBAAgB;aACxE,CAAC,CAAC;QACL,CAAC;QAED,mDAAmD;QAEnD,IAAI,CAAC,SAAS,GAAG;YACf,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,SAAS;gBACnB,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,CAAC;gBACxD,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,CAAC,CAC7C,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,SAAS;gBACnB,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,CAAC;gBACxD,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,CAAC,CAC7C,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,qFAAqF;YACrF,uFAAuF;YACvF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,YAAY;gBACtB,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC;gBAC3D,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBACnE,MAAM,SAAS,GAAsB,MAAM,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,CAAC;wBAE7E,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;oBAC1D,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,0BAA0B;gBAChC,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAAC;gBACjE,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAiB,EAAE;wBAEnE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CACjE,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,IAAI,qDAAqB,CAAC;gBACxB,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,8BAAiB,CAAC,GAAG;gBAC3B,QAAQ,EAAE,0BAA0B;gBACpC,YAAY,EAAE,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC;gBAC3D,KAAK,EAAE;oBACL,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,MAAc,EAAkB,EAAE;wBAEpE,GAAG,CAAC,IAAI,CACN,MAAM,IAAI,CAAC,SAAS,CAAC,kBAAkB,CACrC,GAAG,CAAC,MAAM,CAAC,KAA0B,EACrC,MAAM,CACP,CACF,CAAC;oBACJ,CAAC;iBACF;aACF,CAAC;YAEF,GAAG,IAAI,CAAC,mBAAmB;SAC5B,CAAC;IACJ,CAAC;;AA7KH,sEA8KC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@futdevpro/nts-dynamo",
|
|
3
|
-
"version": "01.15.
|
|
3
|
+
"version": "01.15.53",
|
|
4
4
|
"description": "Dynamic NodeTS (NodeJS-Typescript), MongoDB Backend System Framework by Future Development Program Ltd.",
|
|
5
5
|
"DyBu_settings": {
|
|
6
6
|
"packageType": "server-package",
|
|
@@ -332,7 +332,7 @@
|
|
|
332
332
|
"ts-node": "~10.9.2"
|
|
333
333
|
},
|
|
334
334
|
"devDependencies": {
|
|
335
|
-
"@futdevpro/dynamo-eslint": "1.15.
|
|
335
|
+
"@futdevpro/dynamo-eslint": "1.15.16",
|
|
336
336
|
"@discordjs/opus": "^0.10.0",
|
|
337
337
|
"@discordjs/voice": "^0.18.0",
|
|
338
338
|
"@types/jasmine": "~4.3.5",
|
|
@@ -158,5 +158,83 @@ describe('| DyNTS_ServerStatus_Controller', () => {
|
|
|
158
158
|
}).toThrow();
|
|
159
159
|
});
|
|
160
160
|
});
|
|
161
|
+
|
|
162
|
+
describe('| opt-in admin auth retrofit', (): void => {
|
|
163
|
+
afterEach((): void => {
|
|
164
|
+
DyNTS_ServerStatus_Controller._resetAuthConfigForTesting();
|
|
165
|
+
});
|
|
166
|
+
|
|
167
|
+
const preCount = (controller: any, name: string): number => {
|
|
168
|
+
const ep: any = controller.endpoints.find((e: any) => e.name === name);
|
|
169
|
+
return (ep?.preProcesses ?? []).length;
|
|
170
|
+
};
|
|
171
|
+
|
|
172
|
+
it('| default: NO preProcesses on any endpoint (backwards compatible)', (): void => {
|
|
173
|
+
controller.setupEndpoints();
|
|
174
|
+
for (const ep of controller.endpoints) {
|
|
175
|
+
const pre: any = (ep as any).preProcesses;
|
|
176
|
+
expect(pre === undefined || pre.length === 0).toBe(true);
|
|
177
|
+
}
|
|
178
|
+
});
|
|
179
|
+
|
|
180
|
+
it('| configure({ authPreProcess }) → csak getErrorStatistics gated, a status-vegpontok NEM', (): void => {
|
|
181
|
+
const fakeAuth = async (): Promise<void> => { /* noop */ };
|
|
182
|
+
DyNTS_ServerStatus_Controller.configure({ authPreProcess: fakeAuth });
|
|
183
|
+
const c: any = new (TestServerStatusController as any)();
|
|
184
|
+
c.setupEndpoints();
|
|
185
|
+
|
|
186
|
+
// admin-adat → gated
|
|
187
|
+
expect(preCount(c, 'getErrorStatistics')).toBe(1);
|
|
188
|
+
// status-vegpontok (a kliens-indikator hivja, /health-tel adat-ekvivalens) → SOHA nem gated
|
|
189
|
+
expect(preCount(c, 'getServerStatus')).toBe(0);
|
|
190
|
+
expect(preCount(c, 'getServerHealth')).toBe(0);
|
|
191
|
+
expect(preCount(c, 'getServerReadiness')).toBe(0);
|
|
192
|
+
expect(preCount(c, 'getServerStatusForClient')).toBe(0);
|
|
193
|
+
});
|
|
194
|
+
|
|
195
|
+
it('| a status-vegpontokat (getServerStatus is) explicit protectedEndpoints-lista SEM gate-eli', (): void => {
|
|
196
|
+
const fakeAuth = async (): Promise<void> => { /* noop */ };
|
|
197
|
+
DyNTS_ServerStatus_Controller.configure({
|
|
198
|
+
authPreProcess: fakeAuth,
|
|
199
|
+
protectedEndpoints: [ 'getServerHealth', 'getServerReadiness', 'getServerStatusForClient', 'getServerStatus', 'getErrorStatistics' ],
|
|
200
|
+
});
|
|
201
|
+
const c: any = new (TestServerStatusController as any)();
|
|
202
|
+
c.setupEndpoints();
|
|
203
|
+
|
|
204
|
+
expect(preCount(c, 'getServerStatus')).toBe(0);
|
|
205
|
+
expect(preCount(c, 'getServerHealth')).toBe(0);
|
|
206
|
+
expect(preCount(c, 'getServerReadiness')).toBe(0);
|
|
207
|
+
expect(preCount(c, 'getServerStatusForClient')).toBe(0);
|
|
208
|
+
// a valodi admin-adat viszont gated
|
|
209
|
+
expect(preCount(c, 'getErrorStatistics')).toBe(1);
|
|
210
|
+
});
|
|
211
|
+
|
|
212
|
+
it('| protectedEndpoints subset → csak a megadott (nem-proba) neveken aktiv', (): void => {
|
|
213
|
+
const fakeAuth = async (): Promise<void> => { /* noop */ };
|
|
214
|
+
DyNTS_ServerStatus_Controller.configure({
|
|
215
|
+
authPreProcess: fakeAuth,
|
|
216
|
+
protectedEndpoints: [ 'getErrorStatistics' ],
|
|
217
|
+
});
|
|
218
|
+
const c: any = new (TestServerStatusController as any)();
|
|
219
|
+
c.setupEndpoints();
|
|
220
|
+
|
|
221
|
+
expect(preCount(c, 'getErrorStatistics')).toBe(1);
|
|
222
|
+
expect(preCount(c, 'getServerStatus')).toBe(0);
|
|
223
|
+
});
|
|
224
|
+
|
|
225
|
+
it('| getAuthConfig() returns the active config', (): void => {
|
|
226
|
+
const fakeAuth = async (): Promise<void> => { /* noop */ };
|
|
227
|
+
DyNTS_ServerStatus_Controller.configure({ authPreProcess: fakeAuth, protectedEndpoints: [ 'getErrorStatistics' ] });
|
|
228
|
+
const cfg = DyNTS_ServerStatus_Controller.getAuthConfig();
|
|
229
|
+
expect(cfg.authPreProcess).toBe(fakeAuth);
|
|
230
|
+
expect(cfg.protectedEndpoints).toEqual([ 'getErrorStatistics' ]);
|
|
231
|
+
});
|
|
232
|
+
|
|
233
|
+
it('| _resetAuthConfigForTesting() clears the config', (): void => {
|
|
234
|
+
DyNTS_ServerStatus_Controller.configure({ authPreProcess: async (): Promise<void> => { /* noop */ } });
|
|
235
|
+
DyNTS_ServerStatus_Controller._resetAuthConfigForTesting();
|
|
236
|
+
expect(DyNTS_ServerStatus_Controller.getAuthConfig().authPreProcess).toBeUndefined();
|
|
237
|
+
});
|
|
238
|
+
});
|
|
161
239
|
});
|
|
162
240
|
|
|
@@ -10,18 +10,70 @@ import { DyNTS_DbReadiness, DyNTS_ServerStatus_ControlService } from './server-s
|
|
|
10
10
|
import { DyNTS_ServerStatusSnapshot_ControlService } from './server-status-snapshot.control-service';
|
|
11
11
|
|
|
12
12
|
|
|
13
|
+
/**
|
|
14
|
+
* Auth retrofit config a `DyNTS_ServerStatus_Controller`-hez. Opt-in — ha az
|
|
15
|
+
* `authPreProcess` nincs megadva, a controller a regi (auth nelkuli) viselkedest
|
|
16
|
+
* tartja. Ugyanaz a mintazat, mint a `DyNTS_Errors_Controller`-ben, DE biztonsagosabb
|
|
17
|
+
* default-tal: a liveness/readiness/client-version **probak SOHA nem gate-eltek**
|
|
18
|
+
* (orchestrator/LB auth nelkul hivja oket), es a default `protectedEndpoints` csak az
|
|
19
|
+
* admin-adat vegpontokat fedi (NEM a probakat).
|
|
20
|
+
*
|
|
21
|
+
* **Subclass-szintu konfiguracio:** az `authConfig` static, igy az abstract osztaly
|
|
22
|
+
* minden subclass-a kozott OSZTOTT (TypeScript a static field-eket per-class hatarozza meg).
|
|
23
|
+
*/
|
|
24
|
+
export interface DyNTS_ServerStatusController_AuthConfig {
|
|
25
|
+
/**
|
|
26
|
+
* Pre-process fuggveny ami minden vedett endpoint elott fut. Ha hianyzik vagy
|
|
27
|
+
* `undefined`, a controller NEM ad hozza auth-ot semelyik endpoint-hoz (regi
|
|
28
|
+
* viselkedes, opt-in safety).
|
|
29
|
+
*/
|
|
30
|
+
authPreProcess?: (req: Request, res: Response) => Promise<void>;
|
|
31
|
+
|
|
32
|
+
/**
|
|
33
|
+
* Vedett endpoint nevek listaja. Ha hianyzik, a default = csak az admin-adat
|
|
34
|
+
* vegpontok (`getServerStatus`, `getErrorStatistics`) — a probak NEM. A
|
|
35
|
+
* `PUBLIC_PROBE_ENDPOINTS` (`getServerHealth`/`getServerReadiness`/
|
|
36
|
+
* `getServerStatusForClient`) MEG explicit listazva sem gate-elheto.
|
|
37
|
+
*/
|
|
38
|
+
protectedEndpoints?: string[];
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
/**
|
|
42
|
+
* Public probak — orchestrator/LB ÉS a kliens server-status-indikator hivja auth
|
|
43
|
+
* nelkul, ezert SOHA nem gate-eljuk (meg ha a host explicit listazza is a
|
|
44
|
+
* `protectedEndpoints`-ban).
|
|
45
|
+
*
|
|
46
|
+
* FONTOS: `getServerStatus` (/status) IS itt van — a base controller-ben mindharom
|
|
47
|
+
* (`getServerStatus`, `getServerHealth`, `getServerStatusForClient`) UGYANAZT hivja:
|
|
48
|
+
* `server_CS.getServerStatus(issuer)`. Mivel a /health es /status/:version amugy is
|
|
49
|
+
* publikus, a /status gate-elese 0 biztonsagi hasznot adna, viszont eltori a kliens
|
|
50
|
+
* `DyNX` server-status-pollot (401 minden oldalbetolteskor). Csak a `getErrorStatistics`
|
|
51
|
+
* valodi admin-adat.
|
|
52
|
+
*/
|
|
53
|
+
const PUBLIC_PROBE_ENDPOINTS: string[] = [
|
|
54
|
+
'getServerStatus', 'getServerHealth', 'getServerReadiness', 'getServerStatusForClient',
|
|
55
|
+
];
|
|
56
|
+
|
|
57
|
+
/**
|
|
58
|
+
* Default vedett vegpontok (ha a host nem ad `protectedEndpoints`-t): csak a valodi
|
|
59
|
+
* admin-adat vegpont (`getErrorStatistics`). A status-vegpontok publikusak (lasd fent).
|
|
60
|
+
*/
|
|
61
|
+
const DEFAULT_PROTECTED_ENDPOINTS: string[] = [
|
|
62
|
+
'getErrorStatistics',
|
|
63
|
+
];
|
|
64
|
+
|
|
13
65
|
/**
|
|
14
66
|
* Endpoints:
|
|
15
|
-
*
|
|
67
|
+
*
|
|
16
68
|
* getServerStatus
|
|
17
69
|
* GET /status
|
|
18
|
-
*
|
|
70
|
+
*
|
|
19
71
|
* getServerStatusForClient
|
|
20
72
|
* GET /status/:version
|
|
21
|
-
*
|
|
73
|
+
*
|
|
22
74
|
* getErrorStatistics
|
|
23
75
|
* GET /statistics/error/:range
|
|
24
|
-
*
|
|
76
|
+
*
|
|
25
77
|
*/
|
|
26
78
|
export abstract class DyNTS_ServerStatus_Controller<
|
|
27
79
|
T_ServerStatus extends DyFM_ServerStatus,
|
|
@@ -45,10 +97,60 @@ export abstract class DyNTS_ServerStatus_Controller<
|
|
|
45
97
|
} */
|
|
46
98
|
|
|
47
99
|
protected abstract readonly server_CS: T_ServerStatus_ControlService;
|
|
48
|
-
|
|
100
|
+
|
|
49
101
|
/* protected abstract getServerService(): T_ServerStatusService; */
|
|
50
102
|
protected readonly additionalEndpoints: DyNTS_Endpoint_Params[] = [];
|
|
51
103
|
|
|
104
|
+
/**
|
|
105
|
+
* Static auth config — opt-in retrofit. Default ures objektum → NO auth
|
|
106
|
+
* (a meglevo integraciok valtoznatlan viselkedessel folytatodnak).
|
|
107
|
+
*/
|
|
108
|
+
protected static authConfig: DyNTS_ServerStatusController_AuthConfig = {};
|
|
109
|
+
|
|
110
|
+
/**
|
|
111
|
+
* Static config setter. Hivhato a szerver startup-jan az endpoint registration ELOTT.
|
|
112
|
+
*
|
|
113
|
+
* Use case (host app):
|
|
114
|
+
* ```ts
|
|
115
|
+
* ServerStatus_Controller.configure({
|
|
116
|
+
* authPreProcess: async (req, res) => auth.authenticate_tokenAndPermission(req, res, FDP_Permission.X),
|
|
117
|
+
* });
|
|
118
|
+
* ```
|
|
119
|
+
* A probak (`getServerHealth`/`getServerReadiness`/`getServerStatusForClient`) ettol
|
|
120
|
+
* fuggetlenul NYITVA maradnak.
|
|
121
|
+
*/
|
|
122
|
+
static configure(config: DyNTS_ServerStatusController_AuthConfig): void {
|
|
123
|
+
DyNTS_ServerStatus_Controller.authConfig = config;
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
/**
|
|
127
|
+
* Aktualis auth config olvasasa (test/diagnosztika celokra).
|
|
128
|
+
*/
|
|
129
|
+
static getAuthConfig(): DyNTS_ServerStatusController_AuthConfig {
|
|
130
|
+
return DyNTS_ServerStatus_Controller.authConfig;
|
|
131
|
+
}
|
|
132
|
+
|
|
133
|
+
/**
|
|
134
|
+
* Test-only: visszaallitja az auth config-ot ures objektumra. Production code NE hivja.
|
|
135
|
+
*/
|
|
136
|
+
static _resetAuthConfigForTesting(): void {
|
|
137
|
+
DyNTS_ServerStatus_Controller.authConfig = {};
|
|
138
|
+
}
|
|
139
|
+
|
|
140
|
+
/**
|
|
141
|
+
* Vissza-adja az adott endpoint-hoz tartozo `preProcesses` array-t.
|
|
142
|
+
* - Ha az auth NINCS configurolva → ures (regi viselkedes).
|
|
143
|
+
* - A public probak SOHA nem gate-eltek.
|
|
144
|
+
* - Egyebkent az endpoint a `protectedEndpoints` (default = admin-only) listan van-e.
|
|
145
|
+
*/
|
|
146
|
+
protected getPreProcessesFor(endpointName: string): ((req: Request, res: Response) => Promise<void>)[] {
|
|
147
|
+
const cfg: DyNTS_ServerStatusController_AuthConfig = DyNTS_ServerStatus_Controller.authConfig;
|
|
148
|
+
if (!cfg.authPreProcess) { return []; }
|
|
149
|
+
if (PUBLIC_PROBE_ENDPOINTS.includes(endpointName)) { return []; }
|
|
150
|
+
const protectedNames: string[] = cfg.protectedEndpoints ?? DEFAULT_PROTECTED_ENDPOINTS;
|
|
151
|
+
return protectedNames.includes(endpointName) ? [cfg.authPreProcess] : [];
|
|
152
|
+
}
|
|
153
|
+
|
|
52
154
|
setupEndpoints(): void {
|
|
53
155
|
/* if (!this.getServerService) {
|
|
54
156
|
throw new DyFM_Error({
|
|
@@ -71,6 +173,7 @@ export abstract class DyNTS_ServerStatus_Controller<
|
|
|
71
173
|
name: 'getServerStatus',
|
|
72
174
|
type: DyFM_HttpCallType.get,
|
|
73
175
|
endpoint: '/status',
|
|
176
|
+
preProcesses: this.getPreProcessesFor('getServerStatus'),
|
|
74
177
|
tasks: [
|
|
75
178
|
async (req: Request, res: Response, issuer: string): Promise<void> => {
|
|
76
179
|
res.send(
|
|
@@ -84,6 +187,7 @@ export abstract class DyNTS_ServerStatus_Controller<
|
|
|
84
187
|
name: 'getServerHealth',
|
|
85
188
|
type: DyFM_HttpCallType.get,
|
|
86
189
|
endpoint: '/health',
|
|
190
|
+
preProcesses: this.getPreProcessesFor('getServerHealth'),
|
|
87
191
|
tasks: [
|
|
88
192
|
async (req: Request, res: Response, issuer: string): Promise<void> => {
|
|
89
193
|
res.send(
|
|
@@ -99,6 +203,7 @@ export abstract class DyNTS_ServerStatus_Controller<
|
|
|
99
203
|
name: 'getServerReadiness',
|
|
100
204
|
type: DyFM_HttpCallType.get,
|
|
101
205
|
endpoint: '/readiness',
|
|
206
|
+
preProcesses: this.getPreProcessesFor('getServerReadiness'),
|
|
102
207
|
tasks: [
|
|
103
208
|
async (req: Request, res: Response, issuer: string): Promise<void> => {
|
|
104
209
|
const readiness: DyNTS_DbReadiness = await this.server_CS.checkDbReadiness();
|
|
@@ -112,6 +217,7 @@ export abstract class DyNTS_ServerStatus_Controller<
|
|
|
112
217
|
name: 'getServerStatusForClient',
|
|
113
218
|
type: DyFM_HttpCallType.get,
|
|
114
219
|
endpoint: '/status/:version',
|
|
220
|
+
preProcesses: this.getPreProcessesFor('getServerStatusForClient'),
|
|
115
221
|
tasks: [
|
|
116
222
|
async (req: Request, res: Response, issuer: string): Promise<void> => {
|
|
117
223
|
|
|
@@ -126,6 +232,7 @@ export abstract class DyNTS_ServerStatus_Controller<
|
|
|
126
232
|
name: 'getErrorStatistics',
|
|
127
233
|
type: DyFM_HttpCallType.get,
|
|
128
234
|
endpoint: '/statistics/error/:range',
|
|
235
|
+
preProcesses: this.getPreProcessesFor('getErrorStatistics'),
|
|
129
236
|
tasks: [
|
|
130
237
|
async (req: Request, res: Response, issuer: string) : Promise<void> => {
|
|
131
238
|
|