@hitchy/plugin-odem-rest 0.9.2 → 0.9.3

package/api/services/odem-rest/cors.js

@@ -33,7 +33,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * Generates function for use as a routing policy filtering CORS-related
 		 * aspects of requests without relation to some particular model.
 		 *
-		 * @returns {HitchyRequestPolicyHandler} generated function suitable for registering as routing policy handler
+		 * @returns {Hitchy.Core.RequestPolicyHandler} generated function suitable for registering as routing policy handler
 		 */
 		static getCommonRequestFilter() {
 			return ( req, res, next ) => {
@@ -56,7 +56,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * Generates function for use as a routing policy filtering CORS-related
 		 * aspects of requests for all models' schemata.
 		 *
-		 * @returns {HitchyRequestPolicyHandler} generated function suitable for registering as routing policy handler
+		 * @returns {Hitchy.Core.RequestPolicyHandler} generated function suitable for registering as routing policy handler
 		 */
 		static getRequestFilterForSchemata() {
 			return ( req, res, next ) => {
@@ -76,13 +76,13 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * Generates function for use as a routing policy filtering CORS-related
 		 * aspects of requests in scope of provided model.
 		 *
-		 * @param {class<Model>} model class of particular model
-		 * @returns {HitchyRequestPolicyHandler} generated function suitable for registering as routing policy handler
+		 * @param {Class<Model>} model class of particular model
+		 * @returns {Hitchy.Core.RequestPolicyHandler} generated function suitable for registering as routing policy handler
 		 */
 		static getRequestFilterForModel( model ) {
 			return ( req, res, next ) => {
 				if ( !res.headersSent ) {
-					if ( Services.OdemSchema.mayBeExposed( req, model ) ) {
+					if ( Services.OdemSchema.mayBeExposed( req.user, model ) ) {
 						this.handleMethods( model, null, req, res, Accepted.model.methods );
 
 						if ( res.hasHeader( "Access-Control-Allow-Origin" ) ) {
@@ -104,13 +104,13 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * Generates function for use as a routing policy filtering CORS-related
 		 * aspects of requests in scope of provided model.
 		 *
-		 * @param {class<Model>} model class of particular model
-		 * @returns {HitchyRequestPolicyHandler} generated function suitable for registering as routing policy handler
+		 * @param {Class<Model>} model class of particular model
+		 * @returns {Hitchy.Core.RequestPolicyHandler} generated function suitable for registering as routing policy handler
 		 */
 		static getRequestFilterForModelSchema( model ) {
 			return ( req, res, next ) => {
 				if ( !res.headersSent ) {
-					if ( Services.OdemSchema.mayBeExposed( req, model ) ) {
+					if ( Services.OdemSchema.mayBeExposed( req.user, model ) ) {
 						this.handleMethods( model, null, req, res, Accepted.schema.methods );
 
 						if ( res.hasHeader( "Access-Control-Allow-Origin" ) ) {
@@ -132,13 +132,13 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * Generates function for use as a routing policy filtering CORS-related
 		 * aspects of requests in scope of provided model.
 		 *
-		 * @param {class<Model>} model class of particular model
-		 * @returns {HitchyRequestPolicyHandler} generated function suitable for registering as routing policy handler
+		 * @param {Class<Model>} model class of particular model
+		 * @returns {Hitchy.Core.RequestPolicyHandler} generated function suitable for registering as routing policy handler
 		 */
 		static getRequestFilterForModelItem( model ) {
 			return ( req, res, next ) => {
 				if ( !res.headersSent && req.params.uuid !== ".schema" ) {
-					if ( Services.OdemSchema.mayBeExposed( req, model ) ) {
+					if ( Services.OdemSchema.mayBeExposed( req.user, model ) ) {
 						this.handleMethods( model, req.params.uuid, req, res, Accepted.item.methods );
 
 						if ( res.hasHeader( "Access-Control-Allow-Origin" ) ) {
@@ -159,7 +159,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		/**
 		 * Ends preflight requests.
 		 *
-		 * @returns {HitchyRequestPolicyHandler} generated function suitable for registering as routing policy handler
+		 * @returns {Hitchy.Core.RequestPolicyHandler} generated function suitable for registering as routing policy handler
 		 */
 		static finishPreflight() {
 			return ( req, res, next ) => {
@@ -175,10 +175,10 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * Injects response header describing available request methods for URL
 		 * processing selected model and optionally addressed item.
 		 *
-		 * @param {class<Model>} model implementation of model selected by request URL
+		 * @param {Class<Model>} model implementation of model selected by request URL
 		 * @param {string} item UUID of model's item addressed in request URL
-		 * @param {HitchyIncomingMessage} req request descriptor
-		 * @param {HitchyServerResponse} res response manager
+		 * @param {Hitchy.Core.IncomingMessage} req request descriptor
+		 * @param {Hitchy.Core.ServerResponse} res response manager
 		 * @param {string[]} accepted comma-separated list of methods to accept by default
 		 * @returns {void}
 		 * @protected
@@ -212,10 +212,10 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * Injects response header describing available request headers for URL
 		 * processing selected model and optionally addressed item.
 		 *
-		 * @param {class<Model>} model implementation of model selected by request URL
+		 * @param {Class<Model>} model implementation of model selected by request URL
 		 * @param {string} item UUID of model's item addressed in request URL
-		 * @param {HitchyIncomingMessage} req request descriptor
-		 * @param {HitchyServerResponse} res response manager
+		 * @param {Hitchy.Core.IncomingMessage} req request descriptor
+		 * @param {Hitchy.Core.ServerResponse} res response manager
 		 * @param {string[]} accepted comma-separated list of accepted headers
 		 * @returns {void}
 		 * @protected

package/index.js

@@ -98,7 +98,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 	 * @param {Map<string,function(IncomingMessage,ServerResponse):Promise>} routes maps
 	 *        route patterns into function handling requests matching that pattern
 	 * @param {string} urlPrefix common prefix to use on every route regarding any model-related processing
-	 * @param {Object<string,class<Model>>} models lists all currently available models
+	 * @param {Object<string,Class<Model>>} models lists all currently available models
 	 * @returns {void}
 	 */
 	function addGlobalRoutes( routes, urlPrefix, models ) {
@@ -128,8 +128,8 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 				const model = models[modelKeys[i]];
 
 				if ( model.prototype instanceof BaseModel &&
-				     OdemSchema.mayBeExposed( req, model ) &&
-				     OdemSchema.mayBePromoted( req, model ) ) {
+				     OdemSchema.mayBeExposed( req.user, model ) &&
+				     OdemSchema.mayBePromoted( req.user, model ) ) {
 					const slug = pascalToKebab( model.name );
 
 					result[slug] = OdemSchema.extractPublicData( model );
@@ -200,7 +200,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		 * @returns {void}
 		 */
 		function reqSuccess( req, res ) {
-			if ( Schema.mayBeExposed( req, Model ) ) {
+			if ( Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 200 ).send();
 			} else {
 				res.status( 403 ).send();
@@ -230,7 +230,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqFetchSchema( req, res ) {
 			logDebug( "got request fetching schema" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}
@@ -254,7 +254,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqCheckItem( req, res ) {
 			logDebug( "got request checking if some item exists" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}
@@ -292,7 +292,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqFetchItem( req, res ) {
 			logDebug( "got request fetching some item" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}
@@ -311,7 +311,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 			const item = new Model( uuid ).withContext( this );
 
 			await item.load()
-				.then( loaded => res.json( Schema.filterItem( serializeItem( loaded, true ), req, Model, "read" ) ) )
+				.then( loaded => res.json( Schema.filterItem( serializeItem( loaded, true ), req.user, Model, "read" ) ) )
 				.catch( error => {
 					logError( "fetching %s:", routeName, error );
 
@@ -339,7 +339,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqFetchItems( req, res ) {
 			logDebug( "got request fetching items" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}
@@ -455,14 +455,14 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 
 			const meta = count || req.headers["x-count"] ? {} : null;
 
-			await Model.find( Schema.checkQuery( parsedQuery, req, Model ), { offset, limit, sortBy, sortAscendingly: !descending }, {
+			await Model.find( Schema.checkQuery( parsedQuery, req.user, Model ), { offset, limit, sortBy, sortAscendingly: !descending }, {
 				metaCollector: meta,
 				loadRecords,
 				context: this,
 			} )
 				.then( matches => {
 					const result = {
-						items: matches.map( item => Schema.filterItem( serializeItem( item, false ), req, Model, "list" ) ),
+						items: matches.map( item => Schema.filterItem( serializeItem( item, false ), req.user, Model, "list" ) ),
 					};
 
 					if ( meta ) {
@@ -501,7 +501,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 			}, { loadRecords, metaCollector: meta, context: this } )
 				.then( matches => {
 					const result = {
-						items: matches.map( item => Schema.filterItem( serializeItem( item, false ), req, Model, "list" ) ),
+						items: matches.map( item => Schema.filterItem( serializeItem( item, false ), req.user, Model, "list" ) ),
 					};
 
 					if ( meta ) {
@@ -528,7 +528,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqCreateItem( req, res ) {
 			logDebug( "got request creating item" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}
@@ -549,7 +549,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 							return undefined;
 						}
 
-						const filtered = Schema.filterItem( record, req, Model, "create" );
+						const filtered = Schema.filterItem( record, req.user, Model, "create" );
 						const definedProps = Model.schema.props;
 						const definedComputed = Model.schema.computed;
 
@@ -581,7 +581,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqModifyItem( req, res ) {
 			logDebug( "got request to modify some item" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}
@@ -612,7 +612,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 					] )
 						.then( ( [ loaded, record ] ) => {
 							if ( record ) {
-								const filtered = Schema.filterItem( record, req, Model, "write" );
+								const filtered = Schema.filterItem( record, req.user, Model, "write" );
 								const definedProps = Model.schema.props;
 								const definedComputed = Model.schema.computed;
 
@@ -625,7 +625,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 
 							return loaded.save()
 								.then( saved => {
-									res.json( Schema.filterItem( serializeItem( saved, false ), req, Model, "read" ) );
+									res.json( Schema.filterItem( serializeItem( saved, false ), req.user, Model, "read" ) );
 								} );
 						} );
 				} )
@@ -646,7 +646,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqReplaceItem( req, res ) {
 			logDebug( "got request replacing some item" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}
@@ -672,7 +672,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 
 						const computedNames = Object.keys( Model.schema.computed );
 						const numComputedNames = computedNames.length;
-						const filtered = Schema.filterItem( record, req, Model, "write" );
+						const filtered = Schema.filterItem( record, req.user, Model, "write" );
 
 						// update properties, drop those missing in provided record
 						for ( let i = 0; i < numPropNames; i++ ) {
@@ -692,7 +692,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 					} );
 				} )
 				.then( saved => {
-					res.json( Schema.filterItem( serializeItem( saved, false ), req, Model, "read" ) );
+					res.json( Schema.filterItem( serializeItem( saved, false ), req.user, Model, "read" ) );
 				} )
 				.catch( error => {
 					logError( "updating %s:", routeName, error );
@@ -710,7 +710,7 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
 		async function reqRemoveItem( req, res ) {
 			logDebug( "got request removing some item" );
 
-			if ( !Schema.mayBeExposed( req, Model ) ) {
+			if ( !Schema.mayBeExposed( req.user, Model ) ) {
 				res.status( 403 ).json( { error: "access forbidden by model" } );
 				return;
 			}

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@hitchy/plugin-odem-rest",
-	"version": "0.9.2",
+	"version": "0.9.3",
 	"description": "HTTP REST API for Hitchy's document-oriented database",
 	"main": "index.js",
 	"scripts": {
@@ -20,18 +20,18 @@
 	"bugs": "https://gitlab.com/hitchy/plugin-odem-rest/-/issues",
 	"homepage": "https://gitlab.com/hitchy/plugin-odem-rest#plugin-odem-rest",
 	"peerDependencies": {
-		"@hitchy/core": "1.x",
-		"@hitchy/plugin-odem": "^0.13.2",
-		"@hitchy/plugin-auth": "0.6.x"
+		"@hitchy/core": "^1.5.5",
+		"@hitchy/plugin-odem": "^0.14.0",
+		"@hitchy/plugin-auth": "^0.6.3"
 	},
 	"devDependencies": {
 		"@hitchy/types": "^0.1.3",
-		"@hitchy/core": "^1.1.4",
-		"@hitchy/server-dev-tools": "^0.8.6",
+		"@hitchy/core": "^1.5.5",
+		"@hitchy/server-dev-tools": "^0.9.6",
 		"c8": "^10.1.3",
-		"eslint": "^9.23.0",
+		"eslint": "^9.39.2",
 		"eslint-config-cepharum": "^2.0.2",
-		"mocha": "^11.1.0",
+		"mocha": "^11.7.5",
 		"should": "^13.2.3",
 		"should-http": "^0.1.1"
 	},