@hitchy/plugin-odem-rest 0.7.0 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/index.js +33 -43
  2. package/package.json +1 -1
  3. package/readme.md +1 -1
package/index.js CHANGED
@@ -202,7 +202,7 @@ module.exports = function() {
202
202
  * @returns {void}
203
203
  */
204
204
  function reqSuccess( req, res ) {
205
- if ( Services.OdemSchema.mayBeExposed( req, Model ) ) {
205
+ if ( Schema.mayBeExposed( req, Model ) ) {
206
206
  res.status( 200 ).send();
207
207
  } else {
208
208
  res.status( 403 ).send();
@@ -232,13 +232,13 @@ module.exports = function() {
232
232
  async function reqFetchSchema( req, res ) {
233
233
  logDebug( "got request fetching schema" );
234
234
 
235
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.schema` ) ) {
236
- resAccessForbidden( res );
235
+ if ( !Schema.mayBeExposed( req, Model ) ) {
236
+ res.status( 403 ).json( { error: "access forbidden by model" } );
237
237
  return;
238
238
  }
239
239
 
240
- if ( !Services.OdemSchema.mayBeExposed( req, Model ) ) {
241
- res.status( 403 ).json( { error: "access forbidden by model" } );
240
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.schema` ) ) {
241
+ resAccessForbidden( res );
242
242
  return;
243
243
  }
244
244
 
@@ -256,13 +256,13 @@ module.exports = function() {
256
256
  async function reqCheckItem( req, res ) {
257
257
  logDebug( "got request checking if some item exists" );
258
258
 
259
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.check` ) ) {
260
- resAccessForbidden( res );
259
+ if ( !Schema.mayBeExposed( req, Model ) ) {
260
+ res.status( 403 ).json( { error: "access forbidden by model" } );
261
261
  return;
262
262
  }
263
263
 
264
- if ( !Schema.mayBeExposed( req, Model ) ) {
265
- res.status( 403 ).json( { error: "access forbidden by model" } );
264
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.check` ) ) {
265
+ resAccessForbidden( res );
266
266
  return;
267
267
  }
268
268
 
@@ -294,13 +294,13 @@ module.exports = function() {
294
294
  async function reqFetchItem( req, res ) {
295
295
  logDebug( "got request fetching some item" );
296
296
 
297
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.read` ) ) {
298
- resAccessForbidden( res );
297
+ if ( !Schema.mayBeExposed( req, Model ) ) {
298
+ res.status( 403 ).json( { error: "access forbidden by model" } );
299
299
  return;
300
300
  }
301
301
 
302
- if ( !Schema.mayBeExposed( req, Model ) ) {
303
- res.status( 403 ).json( { error: "access forbidden by model" } );
302
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.read` ) ) {
303
+ resAccessForbidden( res );
304
304
  return;
305
305
  }
306
306
 
@@ -341,13 +341,13 @@ module.exports = function() {
341
341
  async function reqFetchItems( req, res ) {
342
342
  logDebug( "got request fetching items" );
343
343
 
344
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.list` ) ) {
345
- resAccessForbidden( res );
344
+ if ( !Schema.mayBeExposed( req, Model ) ) {
345
+ res.status( 403 ).json( { error: "access forbidden by model" } );
346
346
  return;
347
347
  }
348
348
 
349
- if ( !Schema.mayBeExposed( req, Model ) ) {
350
- res.status( 403 ).json( { error: "access forbidden by model" } );
349
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.list` ) ) {
350
+ resAccessForbidden( res );
351
351
  return;
352
352
  }
353
353
 
@@ -406,11 +406,6 @@ module.exports = function() {
406
406
  async function reqListMatches( req, res ) {
407
407
  logDebug( "got request listing matching items" );
408
408
 
409
- if ( !Schema.mayBeExposed( req, Model ) ) {
410
- res.status( 403 ).json( { error: "access forbidden by model" } );
411
- return;
412
- }
413
-
414
409
  const {
415
410
  q: simpleQuery = "",
416
411
  offset = 0,
@@ -496,11 +491,6 @@ module.exports = function() {
496
491
  async function reqListAll( req, res ) {
497
492
  logDebug( "got request listing all items" );
498
493
 
499
- if ( !Schema.mayBeExposed( req, Model ) ) {
500
- res.status( 403 ).json( { error: "access forbidden by model" } );
501
- return;
502
- }
503
-
504
494
  const { offset = 0, limit = Infinity, sortBy = null, descending = false, loadRecords = true, count = false } = req.query;
505
495
  const meta = count || req.headers["x-count"] ? {} : null;
506
496
 
@@ -539,13 +529,13 @@ module.exports = function() {
539
529
  async function reqCreateItem( req, res ) {
540
530
  logDebug( "got request creating item" );
541
531
 
542
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.create` ) ) {
543
- resAccessForbidden( res );
532
+ if ( !Schema.mayBeExposed( req, Model ) ) {
533
+ res.status( 403 ).json( { error: "access forbidden by model" } );
544
534
  return;
545
535
  }
546
536
 
547
- if ( !Schema.mayBeExposed( req, Model ) ) {
548
- res.status( 403 ).json( { error: "access forbidden by model" } );
537
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.create` ) ) {
538
+ resAccessForbidden( res );
549
539
  return;
550
540
  }
551
541
 
@@ -592,13 +582,13 @@ module.exports = function() {
592
582
  async function reqModifyItem( req, res ) {
593
583
  logDebug( "got request to modify some item" );
594
584
 
595
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.write` ) ) {
596
- resAccessForbidden( res );
585
+ if ( !Schema.mayBeExposed( req, Model ) ) {
586
+ res.status( 403 ).json( { error: "access forbidden by model" } );
597
587
  return;
598
588
  }
599
589
 
600
- if ( !Schema.mayBeExposed( req, Model ) ) {
601
- res.status( 403 ).json( { error: "access forbidden by model" } );
590
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.write` ) ) {
591
+ resAccessForbidden( res );
602
592
  return;
603
593
  }
604
594
 
@@ -657,13 +647,13 @@ module.exports = function() {
657
647
  async function reqReplaceItem( req, res ) {
658
648
  logDebug( "got request replacing some item" );
659
649
 
660
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.write` ) ) {
661
- resAccessForbidden( res );
650
+ if ( !Schema.mayBeExposed( req, Model ) ) {
651
+ res.status( 403 ).json( { error: "access forbidden by model" } );
662
652
  return;
663
653
  }
664
654
 
665
- if ( !Schema.mayBeExposed( req, Model ) ) {
666
- res.status( 403 ).json( { error: "access forbidden by model" } );
655
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.write` ) ) {
656
+ resAccessForbidden( res );
667
657
  return;
668
658
  }
669
659
 
@@ -721,13 +711,13 @@ module.exports = function() {
721
711
  async function reqRemoveItem( req, res ) {
722
712
  logDebug( "got request removing some item" );
723
713
 
724
- if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.remove` ) ) {
725
- resAccessForbidden( res );
714
+ if ( !Schema.mayBeExposed( req, Model ) ) {
715
+ res.status( 403 ).json( { error: "access forbidden by model" } );
726
716
  return;
727
717
  }
728
718
 
729
- if ( !Schema.mayBeExposed( req, Model ) ) {
730
- res.status( 403 ).json( { error: "access forbidden by model" } );
719
+ if ( api.plugins.authentication && !await Services.Authorization.mayAccess( req.user, `@hitchy.odem.model.${modelName}.remove` ) ) {
720
+ resAccessForbidden( res );
731
721
  return;
732
722
  }
733
723
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hitchy/plugin-odem-rest",
3
- "version": "0.7.0",
3
+ "version": "0.7.1",
4
4
  "description": "HTTP REST API for Hitchy's document-oriented database",
5
5
  "main": "index.js",
6
6
  "scripts": {
package/readme.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  HTTP REST API for [Hitchy's](https://core.hitchy.org/) [document-oriented database](https://odem.hitchy.org/)
4
4
 
5
- [Hitchy](http://core.hitchy.org/) is a server-side framework for developing web applications with [Node.js](https://nodejs.org/). [Odem](https://www.npmjs.com/package/@hitchy/plugin-odem) is a plugin for Hitchy implementing a document-oriented database using data backends like regular file systems, LevelDBs and temporary in-memory databases.
5
+ [Hitchy](http://core.hitchy.org/) is a server-side framework for developing web applications with [Node.js](https://nodejs.org/). [Odem](https://www.npmjs.com/package/@hitchy/plugin-odem) is a plugin for Hitchy implementing a document-oriented database using data backends like regular file systems, temporary in-memory databases and third-party key-value stores.
6
6
 
7
7
  This plugin is defining blueprint routes for accessing data managed in document-oriented database using REST API.
8
8