@generazioneai/genquery 0.11.0 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/entity-policy-builder.d.ts +60 -0
- package/dist/entity-policy-builder.d.ts.map +1 -0
- package/dist/entity-policy-builder.js +62 -0
- package/dist/entity-policy-builder.js.map +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -1
- package/dist/index.js.map +1 -1
- package/dist/tests/entity-policy-builder.test.d.ts +2 -0
- package/dist/tests/entity-policy-builder.test.d.ts.map +1 -0
- package/dist/tests/entity-policy-builder.test.js +68 -0
- package/dist/tests/entity-policy-builder.test.js.map +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* EntityPolicy builder — DENY-based, derived from a Prisma DMMF datamodel + resource
|
|
3
|
+
* manifests. Centralizes the boilerplate every backend duplicated in
|
|
4
|
+
* `src/authz/genquery-policy.ts`.
|
|
5
|
+
*
|
|
6
|
+
* Model: PERMISSIVE by default — every scalar/enum is filterable/sortable/selectable
|
|
7
|
+
* and every relation is includable/filterableRelations, MINUS the secret fields and
|
|
8
|
+
* an optional per-model `deny`. maxPerPage is taken from the matching manifest's
|
|
9
|
+
* `autoquery.pagination.max`, else `defaultMaxPerPage`. Keyed by DMMF model name
|
|
10
|
+
* (PascalCase) so it maps 1:1 onto the Schema. Pass the result as `schema.policy`
|
|
11
|
+
* (or to {@link applyPolicy}).
|
|
12
|
+
*/
|
|
13
|
+
import type { EntityPolicy } from "./schema";
|
|
14
|
+
/**
|
|
15
|
+
* Canonical credential/secret field names — NEVER filterable/sortable/selectable on
|
|
16
|
+
* ANY model. Single source of truth: a backend gets the full set automatically and
|
|
17
|
+
* can only ADD via `extraSecretFields` (no per-service drift / forgotten fields).
|
|
18
|
+
* NB: `hash` is intentionally NOT here (e.g. Media dedup queries by hash; the value
|
|
19
|
+
* is still kept out of responses by entity serialization / findOne select-stripping).
|
|
20
|
+
*/
|
|
21
|
+
export declare const DEFAULT_SECRET_FIELDS: ReadonlySet<string>;
|
|
22
|
+
/** Minimal structural shape of a DMMF field (Prisma.dmmf.datamodel.models[].fields). */
|
|
23
|
+
type DMField = {
|
|
24
|
+
name: string;
|
|
25
|
+
kind: string;
|
|
26
|
+
};
|
|
27
|
+
/** Minimal structural shape of a DMMF model. */
|
|
28
|
+
type DMModel = {
|
|
29
|
+
name: string;
|
|
30
|
+
fields: readonly DMField[];
|
|
31
|
+
};
|
|
32
|
+
/** Structural manifest shape consumed here (a `ResourceManifest` satisfies it). */
|
|
33
|
+
export interface PolicyManifestLike {
|
|
34
|
+
prismaModel?: string;
|
|
35
|
+
autoquery?: {
|
|
36
|
+
pagination?: {
|
|
37
|
+
max?: number;
|
|
38
|
+
};
|
|
39
|
+
};
|
|
40
|
+
}
|
|
41
|
+
export interface BuildGenQueryPolicyOptions {
|
|
42
|
+
/** Prisma DMMF datamodel — `{ models: [...] }` or a bare models array. */
|
|
43
|
+
datamodel: {
|
|
44
|
+
models: readonly DMModel[];
|
|
45
|
+
} | readonly DMModel[];
|
|
46
|
+
/** Resource manifests (structural) → per-model maxPerPage from autoquery.pagination.max. */
|
|
47
|
+
manifests?: readonly PolicyManifestLike[];
|
|
48
|
+
/** Per-model extra deny beyond secrets: fields/relations not queryable. */
|
|
49
|
+
deny?: Record<string, {
|
|
50
|
+
fields?: readonly string[];
|
|
51
|
+
relations?: readonly string[];
|
|
52
|
+
}>;
|
|
53
|
+
/** Extra secret field names added to {@link DEFAULT_SECRET_FIELDS}. */
|
|
54
|
+
extraSecretFields?: Iterable<string>;
|
|
55
|
+
/** Fallback maxPerPage when a manifest declares none. Default 200. */
|
|
56
|
+
defaultMaxPerPage?: number;
|
|
57
|
+
}
|
|
58
|
+
export declare function buildGenQueryPolicy(opts: BuildGenQueryPolicyOptions): Record<string, EntityPolicy>;
|
|
59
|
+
export {};
|
|
60
|
+
//# sourceMappingURL=entity-policy-builder.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-policy-builder.d.ts","sourceRoot":"","sources":["../src/entity-policy-builder.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AACH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAE7C;;;;;;GAMG;AACH,eAAO,MAAM,qBAAqB,EAAE,WAAW,CAAC,MAAM,CAWpD,CAAC;AAEH,wFAAwF;AACxF,KAAK,OAAO,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC;AAC9C,gDAAgD;AAChD,KAAK,OAAO,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,SAAS,OAAO,EAAE,CAAA;CAAE,CAAC;AAE5D,mFAAmF;AACnF,MAAM,WAAW,kBAAkB;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE;YAAE,GAAG,CAAC,EAAE,MAAM,CAAA;SAAE,CAAA;KAAE,CAAC;CAC/C;AAED,MAAM,WAAW,0BAA0B;IACzC,0EAA0E;IAC1E,SAAS,EAAE;QAAE,MAAM,EAAE,SAAS,OAAO,EAAE,CAAA;KAAE,GAAG,SAAS,OAAO,EAAE,CAAC;IAC/D,4FAA4F;IAC5F,SAAS,CAAC,EAAE,SAAS,kBAAkB,EAAE,CAAC;IAC1C,2EAA2E;IAC3E,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;QAAC,SAAS,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;IACrF,uEAAuE;IACvE,iBAAiB,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IACrC,sEAAsE;IACtE,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAID,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,0BAA0B,GAC/B,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAwC9B"}
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.DEFAULT_SECRET_FIELDS = void 0;
|
|
4
|
+
exports.buildGenQueryPolicy = buildGenQueryPolicy;
|
|
5
|
+
/**
|
|
6
|
+
* Canonical credential/secret field names — NEVER filterable/sortable/selectable on
|
|
7
|
+
* ANY model. Single source of truth: a backend gets the full set automatically and
|
|
8
|
+
* can only ADD via `extraSecretFields` (no per-service drift / forgotten fields).
|
|
9
|
+
* NB: `hash` is intentionally NOT here (e.g. Media dedup queries by hash; the value
|
|
10
|
+
* is still kept out of responses by entity serialization / findOne select-stripping).
|
|
11
|
+
*/
|
|
12
|
+
exports.DEFAULT_SECRET_FIELDS = new Set([
|
|
13
|
+
"password",
|
|
14
|
+
"totpSecret",
|
|
15
|
+
"mfaSecret",
|
|
16
|
+
"clientSecret",
|
|
17
|
+
"secret",
|
|
18
|
+
"tokenHash",
|
|
19
|
+
"refreshTokenHash",
|
|
20
|
+
"apiKeyHash",
|
|
21
|
+
"webauthnCredId",
|
|
22
|
+
"webauthnPubKey",
|
|
23
|
+
]);
|
|
24
|
+
const pascal = (s) => (s ? s.charAt(0).toUpperCase() + s.slice(1) : s);
|
|
25
|
+
function buildGenQueryPolicy(opts) {
|
|
26
|
+
const src = opts.datamodel;
|
|
27
|
+
const models = (Array.isArray(src) ? src : src?.models) ?? [];
|
|
28
|
+
const secrets = new Set(exports.DEFAULT_SECRET_FIELDS);
|
|
29
|
+
for (const f of opts.extraSecretFields ?? [])
|
|
30
|
+
secrets.add(f);
|
|
31
|
+
const deny = opts.deny ?? {};
|
|
32
|
+
const fallbackMax = opts.defaultMaxPerPage ?? 200;
|
|
33
|
+
const maxByModel = {};
|
|
34
|
+
for (const m of opts.manifests ?? []) {
|
|
35
|
+
const max = m.autoquery?.pagination?.max;
|
|
36
|
+
const key = pascal(m.prismaModel ?? "");
|
|
37
|
+
if (key && typeof max === "number")
|
|
38
|
+
maxByModel[key] = max;
|
|
39
|
+
}
|
|
40
|
+
const policy = {};
|
|
41
|
+
for (const model of models) {
|
|
42
|
+
const d = deny[model.name] ?? {};
|
|
43
|
+
const denyFields = new Set([...secrets, ...(d.fields ?? [])]);
|
|
44
|
+
const denyRelations = new Set(d.relations ?? []);
|
|
45
|
+
const scalars = model.fields
|
|
46
|
+
.filter((f) => (f.kind === "scalar" || f.kind === "enum") && !denyFields.has(f.name))
|
|
47
|
+
.map((f) => f.name);
|
|
48
|
+
const relations = model.fields
|
|
49
|
+
.filter((f) => f.kind === "object" && !denyRelations.has(f.name))
|
|
50
|
+
.map((f) => f.name);
|
|
51
|
+
policy[model.name] = {
|
|
52
|
+
filterable: scalars,
|
|
53
|
+
sortable: scalars,
|
|
54
|
+
selectable: scalars,
|
|
55
|
+
includable: relations,
|
|
56
|
+
filterableRelations: relations,
|
|
57
|
+
maxPerPage: maxByModel[model.name] ?? fallbackMax,
|
|
58
|
+
};
|
|
59
|
+
}
|
|
60
|
+
return policy;
|
|
61
|
+
}
|
|
62
|
+
//# sourceMappingURL=entity-policy-builder.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-policy-builder.js","sourceRoot":"","sources":["../src/entity-policy-builder.ts"],"names":[],"mappings":";;;AA4DA,kDA0CC;AAxFD;;;;;;GAMG;AACU,QAAA,qBAAqB,GAAwB,IAAI,GAAG,CAAC;IAChE,UAAU;IACV,YAAY;IACZ,WAAW;IACX,cAAc;IACd,QAAQ;IACR,WAAW;IACX,kBAAkB;IAClB,YAAY;IACZ,gBAAgB;IAChB,gBAAgB;CACjB,CAAC,CAAC;AA0BH,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAE/E,SAAgB,mBAAmB,CACjC,IAAgC;IAEhC,MAAM,GAAG,GAAQ,IAAI,CAAC,SAAS,CAAC;IAChC,MAAM,MAAM,GAAuB,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;IAElF,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,6BAAqB,CAAC,CAAC;IACvD,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,iBAAiB,IAAI,EAAE;QAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAE7D,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,IAAI,GAAG,CAAC;IAElD,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,CAAC,SAAS,EAAE,UAAU,EAAE,GAAG,CAAC;QACzC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;QACxC,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,UAAU,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IAC5D,CAAC;IAED,MAAM,MAAM,GAAiC,EAAE,CAAC;IAChD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QACjC,MAAM,UAAU,GAAG,IAAI,GAAG,CAAS,CAAC,GAAG,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACtE,MAAM,aAAa,GAAG,IAAI,GAAG,CAAS,CAAC,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;QAEzD,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM;aACzB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;aACpF,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACtB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM;aAC3B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;aAChE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAEtB,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG;YACnB,UAAU,EAAE,OAAO;YACnB,QAAQ,EAAE,OAAO;YACjB,UAAU,EAAE,OAAO;YACnB,UAAU,EAAE,SAAS;YACrB,mBAAmB,EAAE,SAAS;YAC9B,UAAU,EAAE,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,WAAW;SAClD,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -3,6 +3,7 @@ export * from "./parsed";
|
|
|
3
3
|
export * from "./schema";
|
|
4
4
|
export * from "./errors";
|
|
5
5
|
export { parseQuery } from "./parser";
|
|
6
|
+
export { buildGenQueryPolicy, DEFAULT_SECRET_FIELDS, type BuildGenQueryPolicyOptions, type PolicyManifestLike, } from "./entity-policy-builder";
|
|
6
7
|
export { GenQueryEngine, type GenQueryEngineOptions } from "./engine";
|
|
7
8
|
export type { Adapter } from "./adapters/base";
|
|
8
9
|
export { parseDateTime } from "./datetime";
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,UAAU,CAAC;AACzB,cAAc,UAAU,CAAC;AACzB,cAAc,UAAU,CAAC;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,MAAM,UAAU,CAAC;AACtE,YAAY,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,qBAAqB,EACrB,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,mBAAmB,EACnB,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,EAC1B,KAAK,eAAe,EACpB,KAAK,oBAAoB,EACzB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,KAAK,QAAQ,EACb,KAAK,iBAAiB,GACvB,MAAM,cAAc,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,UAAU,CAAC;AACzB,cAAc,UAAU,CAAC;AACzB,cAAc,UAAU,CAAC;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,KAAK,0BAA0B,EAC/B,KAAK,kBAAkB,GACxB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,MAAM,UAAU,CAAC;AACtE,YAAY,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,qBAAqB,EACrB,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,mBAAmB,EACnB,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,EAC1B,KAAK,eAAe,EACpB,KAAK,oBAAoB,EACzB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,KAAK,QAAQ,EACb,KAAK,iBAAiB,GACvB,MAAM,cAAc,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -14,13 +14,16 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
exports.FederationPlanError = exports.pluralizeCamel = exports.mergeFederatedRows = exports.collectForeignIds = exports.planFederatedIncludes = exports.buildFederationIndex = exports.toFederatedShape = exports.parseDateTime = exports.GenQueryEngine = exports.parseQuery = void 0;
|
|
17
|
+
exports.FederationPlanError = exports.pluralizeCamel = exports.mergeFederatedRows = exports.collectForeignIds = exports.planFederatedIncludes = exports.buildFederationIndex = exports.toFederatedShape = exports.parseDateTime = exports.GenQueryEngine = exports.DEFAULT_SECRET_FIELDS = exports.buildGenQueryPolicy = exports.parseQuery = void 0;
|
|
18
18
|
__exportStar(require("./types"), exports);
|
|
19
19
|
__exportStar(require("./parsed"), exports);
|
|
20
20
|
__exportStar(require("./schema"), exports);
|
|
21
21
|
__exportStar(require("./errors"), exports);
|
|
22
22
|
var parser_1 = require("./parser");
|
|
23
23
|
Object.defineProperty(exports, "parseQuery", { enumerable: true, get: function () { return parser_1.parseQuery; } });
|
|
24
|
+
var entity_policy_builder_1 = require("./entity-policy-builder");
|
|
25
|
+
Object.defineProperty(exports, "buildGenQueryPolicy", { enumerable: true, get: function () { return entity_policy_builder_1.buildGenQueryPolicy; } });
|
|
26
|
+
Object.defineProperty(exports, "DEFAULT_SECRET_FIELDS", { enumerable: true, get: function () { return entity_policy_builder_1.DEFAULT_SECRET_FIELDS; } });
|
|
24
27
|
var engine_1 = require("./engine");
|
|
25
28
|
Object.defineProperty(exports, "GenQueryEngine", { enumerable: true, get: function () { return engine_1.GenQueryEngine; } });
|
|
26
29
|
var datetime_1 = require("./datetime");
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,0CAAwB;AACxB,2CAAyB;AACzB,2CAAyB;AACzB,2CAAyB;AACzB,mCAAsC;AAA7B,oGAAA,UAAU,OAAA;AACnB,mCAAsE;AAA7D,wGAAA,cAAc,OAAA;AAEvB,uCAA2C;AAAlC,yGAAA,aAAa,OAAA;AACtB,2CAgBsB;AAfpB,8GAAA,gBAAgB,OAAA;AAChB,kHAAA,oBAAoB,OAAA;AACpB,mHAAA,qBAAqB,OAAA;AACrB,+GAAA,iBAAiB,OAAA;AACjB,gHAAA,kBAAkB,OAAA;AAClB,4GAAA,cAAc,OAAA;AACd,iHAAA,mBAAmB,OAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,0CAAwB;AACxB,2CAAyB;AACzB,2CAAyB;AACzB,2CAAyB;AACzB,mCAAsC;AAA7B,oGAAA,UAAU,OAAA;AACnB,iEAKiC;AAJ/B,4HAAA,mBAAmB,OAAA;AACnB,8HAAA,qBAAqB,OAAA;AAIvB,mCAAsE;AAA7D,wGAAA,cAAc,OAAA;AAEvB,uCAA2C;AAAlC,yGAAA,aAAa,OAAA;AACtB,2CAgBsB;AAfpB,8GAAA,gBAAgB,OAAA;AAChB,kHAAA,oBAAoB,OAAA;AACpB,mHAAA,qBAAqB,OAAA;AACrB,+GAAA,iBAAiB,OAAA;AACjB,gHAAA,kBAAkB,OAAA;AAClB,4GAAA,cAAc,OAAA;AACd,iHAAA,mBAAmB,OAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-policy-builder.test.d.ts","sourceRoot":"","sources":["../../src/tests/entity-policy-builder.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
const node_test_1 = __importDefault(require("node:test"));
|
|
7
|
+
const strict_1 = __importDefault(require("node:assert/strict"));
|
|
8
|
+
const entity_policy_builder_1 = require("../entity-policy-builder");
|
|
9
|
+
const datamodel = {
|
|
10
|
+
models: [
|
|
11
|
+
{
|
|
12
|
+
name: "User",
|
|
13
|
+
fields: [
|
|
14
|
+
{ name: "id", kind: "scalar" },
|
|
15
|
+
{ name: "username", kind: "scalar" },
|
|
16
|
+
{ name: "password", kind: "scalar" },
|
|
17
|
+
{ name: "tokenHash", kind: "scalar" },
|
|
18
|
+
{ name: "individual", kind: "object" },
|
|
19
|
+
],
|
|
20
|
+
},
|
|
21
|
+
{
|
|
22
|
+
name: "Media",
|
|
23
|
+
fields: [
|
|
24
|
+
{ name: "id", kind: "scalar" },
|
|
25
|
+
{ name: "hash", kind: "scalar" },
|
|
26
|
+
],
|
|
27
|
+
},
|
|
28
|
+
],
|
|
29
|
+
};
|
|
30
|
+
(0, node_test_1.default)("buildGenQueryPolicy esclude i SECRET_FIELDS da filter/sort/select", () => {
|
|
31
|
+
const policy = (0, entity_policy_builder_1.buildGenQueryPolicy)({ datamodel });
|
|
32
|
+
const u = policy.User;
|
|
33
|
+
strict_1.default.deepEqual(u.filterable, ["id", "username"]); // password/tokenHash esclusi
|
|
34
|
+
strict_1.default.deepEqual(u.selectable, ["id", "username"]);
|
|
35
|
+
strict_1.default.deepEqual(u.sortable, ["id", "username"]);
|
|
36
|
+
strict_1.default.deepEqual(u.includable, ["individual"]);
|
|
37
|
+
strict_1.default.ok(!u.selectable.includes("password"));
|
|
38
|
+
strict_1.default.ok(!u.selectable.includes("tokenHash"));
|
|
39
|
+
});
|
|
40
|
+
(0, node_test_1.default)("hash NON è segreto di default (resta queryable)", () => {
|
|
41
|
+
strict_1.default.ok(!entity_policy_builder_1.DEFAULT_SECRET_FIELDS.has("hash"));
|
|
42
|
+
const policy = (0, entity_policy_builder_1.buildGenQueryPolicy)({ datamodel });
|
|
43
|
+
strict_1.default.deepEqual(policy.Media.filterable, ["id", "hash"]);
|
|
44
|
+
});
|
|
45
|
+
(0, node_test_1.default)("maxPerPage dal manifest, fallback al default", () => {
|
|
46
|
+
const policy = (0, entity_policy_builder_1.buildGenQueryPolicy)({
|
|
47
|
+
datamodel,
|
|
48
|
+
manifests: [{ prismaModel: "user", autoquery: { pagination: { max: 50 } } }],
|
|
49
|
+
defaultMaxPerPage: 200,
|
|
50
|
+
});
|
|
51
|
+
strict_1.default.equal(policy.User.maxPerPage, 50); // dal manifest (user → User)
|
|
52
|
+
strict_1.default.equal(policy.Media.maxPerPage, 200); // fallback
|
|
53
|
+
});
|
|
54
|
+
(0, node_test_1.default)("deny per-modello + extraSecretFields", () => {
|
|
55
|
+
const policy = (0, entity_policy_builder_1.buildGenQueryPolicy)({
|
|
56
|
+
datamodel,
|
|
57
|
+
deny: { User: { fields: ["username"], relations: ["individual"] } },
|
|
58
|
+
extraSecretFields: ["id"],
|
|
59
|
+
});
|
|
60
|
+
strict_1.default.deepEqual(policy.User.filterable, []); // id(extra-secret)+username(deny) tolti
|
|
61
|
+
strict_1.default.deepEqual(policy.User.includable, []); // individual in deny.relations
|
|
62
|
+
});
|
|
63
|
+
(0, node_test_1.default)("accetta datamodel come array nudo di models", () => {
|
|
64
|
+
const policy = (0, entity_policy_builder_1.buildGenQueryPolicy)({ datamodel: datamodel.models });
|
|
65
|
+
strict_1.default.ok(policy.User);
|
|
66
|
+
strict_1.default.deepEqual(policy.Media.filterable, ["id", "hash"]);
|
|
67
|
+
});
|
|
68
|
+
//# sourceMappingURL=entity-policy-builder.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-policy-builder.test.js","sourceRoot":"","sources":["../../src/tests/entity-policy-builder.test.ts"],"names":[],"mappings":";;;;;AAAA,0DAA6B;AAC7B,gEAAwC;AACxC,oEAAsF;AAEtF,MAAM,SAAS,GAAG;IAChB,MAAM,EAAE;QACN;YACE,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC9B,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACpC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACpC,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACrC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,QAAQ,EAAE;aACvC;SACF;QACD;YACE,IAAI,EAAE,OAAO;YACb,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC9B,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE;aACjC;SACF;KACF;CACF,CAAC;AAEF,IAAA,mBAAI,EAAC,mEAAmE,EAAE,GAAG,EAAE;IAC7E,MAAM,MAAM,GAAG,IAAA,2CAAmB,EAAC,EAAE,SAAS,EAAE,CAAC,CAAC;IAClD,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC;IACtB,gBAAM,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,6BAA6B;IACjF,gBAAM,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IACnD,gBAAM,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IACjD,gBAAM,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC;IAC/C,gBAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;IAC/C,gBAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;AAClD,CAAC,CAAC,CAAC;AAEH,IAAA,mBAAI,EAAC,iDAAiD,EAAE,GAAG,EAAE;IAC3D,gBAAM,CAAC,EAAE,CAAC,CAAC,6CAAqB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;IAC9C,MAAM,MAAM,GAAG,IAAA,2CAAmB,EAAC,EAAE,SAAS,EAAE,CAAC,CAAC;IAClD,gBAAM,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEH,IAAA,mBAAI,EAAC,8CAA8C,EAAE,GAAG,EAAE;IACxD,MAAM,MAAM,GAAG,IAAA,2CAAmB,EAAC;QACjC,SAAS;QACT,SAAS,EAAE,CAAC,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,UAAU,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;QAC5E,iBAAiB,EAAE,GAAG;KACvB,CAAC,CAAC;IACH,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC,6BAA6B;IACvE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,WAAW;AACzD,CAAC,CAAC,CAAC;AAEH,IAAA,mBAAI,EAAC,sCAAsC,EAAE,GAAG,EAAE;IAChD,MAAM,MAAM,GAAG,IAAA,2CAAmB,EAAC;QACjC,SAAS;QACT,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,CAAC,UAAU,CAAC,EAAE,SAAS,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE;QACnE,iBAAiB,EAAE,CAAC,IAAI,CAAC;KAC1B,CAAC,CAAC;IACH,gBAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC,wCAAwC;IACtF,gBAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC,+BAA+B;AAC/E,CAAC,CAAC,CAAC;AAEH,IAAA,mBAAI,EAAC,6CAA6C,EAAE,GAAG,EAAE;IACvD,MAAM,MAAM,GAAG,IAAA,2CAAmB,EAAC,EAAE,SAAS,EAAE,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IACpE,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACvB,gBAAM,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC"}
|