@kalisio/kdk 2.0.1 → 2.1.1

package/.codeclimate.yml

@@ -1,6 +1,5 @@
 exclude_patterns:
 - "lib/"
-- "**/client/**"
 plugins:
   fixme:
     enabled: true

package/.travis.test.sh

@@ -20,6 +20,9 @@ git clone https://github.com/kalisio/kdk-workspaces workspace
 git clone https://github.com/kalisio/feathers-distributed && cd feathers-distributed && yarn install && yarn link && cd ..
 yarn link @kalisio/feathers-distributed
 
+git clone https://github.com/kalisio/feathers-webpush && cd feathers-webpush && yarn install && yarn link && cd ..
+yarn link @kalisio/feathers-webpush
+
 git clone https://github.com/weacast/weacast && cd weacast && yarn install && cd packages
 cd core && yarn link && cd .. && cd gfs && yarn link && cd .. && cd probe && yarn link && cd ..
 cd ../..

package/core/api/application.js

@@ -89,8 +89,8 @@ export function declareService (name, app, service, serviceOptions = {}) {
 }
 
 export async function configureService (name, service, servicesPath) {
+  let filepath = path.join(servicesPath, name, `${name}.hooks.js`)
   try {
-    const filepath = path.join(servicesPath, name, `${name}.hooks.js`)
     const fileExists = await fs.pathExists(filepath)
     if (fileExists) {
       const hooks = (await import(url.pathToFileURL(filepath))).default
@@ -101,13 +101,13 @@ export async function configureService (name, service, servicesPath) {
     debug('No ' + name + ' service hooks configured on path ' + servicesPath)
     if (error.code !== 'ERR_MODULE_NOT_FOUND') {
       // Log error in this case as this might be linked to a syntax error in required file
-      debug(error)
+      debug(filepath, error)
     }
     // As this is optionnal this require has to fail silently
   }
 
+  filepath = path.join(servicesPath, name, `${name}.channels.js`)
   try {
-    const filepath = path.join(servicesPath, name, `${name}.channels.js`)
     const fileExists = await fs.pathExists(filepath)
     if (fileExists) {
       const channels = (await import(url.pathToFileURL(filepath))).default
@@ -121,7 +121,7 @@ export async function configureService (name, service, servicesPath) {
     debug('No ' + name + ' service channels configured on path ' + servicesPath)
     if (error.code !== 'ERR_MODULE_NOT_FOUND') {
       // Log error in this case as this might be linked to a syntax error in required file
-      debug(error)
+      debug(filepath, error)
     }
     // As this is optionnal this require has to fail silently
   }
@@ -176,7 +176,8 @@ async function createService (name, app, options = {}) {
     whitelist: [
       '$exists', '$and', '$or', '$eq', '$elemMatch', '$distinct', '$groupBy', '$group', '$regex',
       '$text', '$search', '$caseSensitive', '$language', '$diacriticSensitive',
-      '$aggregate', '$near', '$geoIntersects', '$geometry', '$maxDistance'
+      '$aggregate', '$near', '$nearSphere', '$geoIntersects', '$geoWithin',
+      '$maxDistance', '$minDistance', '$geometry', '$box', '$polygon', '$center', '$centerSphere'
     ]
   }, options)
   if (serviceOptions.disabled) return undefined
@@ -199,7 +200,7 @@ async function createService (name, app, options = {}) {
     debug('No ' + fileName + ' service model configured on path ' + serviceOptions.modelsPath)
     if (error.code !== 'ERR_MODULE_NOT_FOUND') {
       // Log error in this case as this might be linked to a syntax error in required file
-      debug(error)
+      debug(fileName, error)
     }
     // As this is optionnal this require has to fail silently
   }
@@ -224,8 +225,8 @@ async function createService (name, app, options = {}) {
   }
   // Optionnally a specific service mixin can be provided, apply it
   if (dbService && serviceOptions.servicesPath) {
+    const filepath = path.join(serviceOptions.servicesPath, fileName, `${fileName}.service.js`)
     try {
-      const filepath = path.join(serviceOptions.servicesPath, fileName, `${fileName}.service.js`)
       const fileExists = await fs.pathExists(filepath)
       if (fileExists) {
         let serviceMixin = (await import(url.pathToFileURL(filepath))).default
@@ -240,7 +241,7 @@ async function createService (name, app, options = {}) {
       debug('No ' + fileName + ' service mixin configured on path ' + serviceOptions.servicesPath)
       // if (error.code !== 'ERR_MODULE_NOT_FOUND') {
       // Log error in this case as this might be linked to a syntax error in required file
-      debug(error)
+      debug(filepath, error)
       // }
       // As this is optionnal this require has to fail silently
     }
@@ -434,7 +435,10 @@ function setupSockets (app) {
             // e.g. like [service_method, service_path, id or data, params]
             // Bypass rate limiting on whitelist
             if ((packet.length > 1) && (typeof packet[1] === 'string')) {
-              const service = app.service(packet[1])
+              // Service path includes API prefix (but without trailing /)
+              // Get name from service path without api prefix
+              const serviceName = packet[1].replace(app.get('apiPath').substring(1) + '/', '')
+              const service = app.getService(serviceName)
               if (service && services(service)) {
                 debugLimiter('By-pass rate limiting on whitelisted service operation', socket.id, socket.conn.remoteAddress, packet[0], packet[1])
                 next()

package/core/api/db.js

@@ -33,43 +33,47 @@ export function createObjectID (id) {
 }
 
 // Utility function used to convert from string to MongoDB IDs as required eg by queries
+// It only processes _id properties or operators (eg $ne, $in) to be converted
+// If you have others properties to be converted use toObjectIDs
 export function objectifyIDs (object) {
-  _.forOwn(object, (value, key) => {
-    // Process current attributes or recurse
-    // Take care to nested fields like 'field._id'
-    if (key === '_id' || key.endsWith('._id') || key === '$ne') {
-      if (typeof value === 'string') {
-        debug('Objectify ID ' + key)
-        const id = createObjectID(value)
-        if (id) {
-          object[key] = id
-        }
-      } else if (Array.isArray(value)) {
+  // Avoid destructuring already transformed Date, ObjectID or arrays
+  if (_.isPlainObject(object)) {
+    _.forOwn(object, (value, key) => {
+      // Process current attributes or recurse
+      // Take care to nested fields like 'field._id'
+      if (key === '_id' || key.endsWith('._id') || key === '$ne') {
+        if (typeof value === 'string') {
+          const id = createObjectID(value)
+          if (id) {
+            object[key] = id
+          }
+          debug('Objectify ID ' + key, id)
+        } else if (Array.isArray(value)) {
+          debug('Objectify ID array ' + key)
+          object[key] = value.map(id => createObjectID(id)).filter(id => id)
+        } else objectifyIDs(value)
+      } else if (['$in', '$nin'].includes(key)) {
         debug('Objectify ID array ' + key)
-        object[key] = value.map(id => createObjectID(id)).filter(id => id)
-      } else if ((typeof value === 'object') && !isObjectID(value)) objectifyIDs(value) // Avoid jumping inside an already transformed ObjectID
-    } else if (['$in', '$nin'].includes(key)) {
-      debug('Objectify ID array ' + key)
-      const ids = value.map(id => createObjectID(id)).filter(id => id)
-      // Take care that $in/$nin can be used for others types than Object IDs so conversion might fail
-      if (ids.length > 0) object[key] = ids
-    } else if (key === '$or') {
-      value.forEach(entry => objectifyIDs(entry))
-      // Avoid jumping inside an already transformed Date, ObjectID or arrays
-    } else if ((typeof value === 'object') && !(value instanceof Date) && !isObjectID(value) && !Array.isArray(value)) {
-      objectifyIDs(value)
-    }
-  })
+        const ids = value.map(id => createObjectID(id)).filter(id => id)
+        // Take care that $in/$nin can be used for others types than Object IDs so conversion might fail
+        if (ids.length > 0) object[key] = ids
+      } else if ((key === '$or') || (key === '$and')) {
+        value.forEach(entry => objectifyIDs(entry))
+      } else {
+        if (!Array.isArray(value)) objectifyIDs(value)
+        else value.forEach(entry => objectifyIDs(entry))
+      }
+    })
+  }
   return object
 }
 
-// Utility function used to convert from string to MongoDB IDs a fixed set of properties on a given object
+// Utility function used to convert a fixed set of properties on a given object from string to MongoDB IDs
 export function toObjectIDs (object, properties) {
   properties.forEach(property => {
-    const id = createObjectID(_.get(object, property))
-    if (id) {
-      _.set(object, property, id)
-    }
+    const value = _.get(object, property)
+    const id = createObjectID(value)
+    if (id) _.set(object, property, id)
   })
 }
 

package/core/api/hooks/hooks.authentication.js

@@ -1,7 +1,9 @@
 import makeDebug from 'debug'
+import common from 'feathers-hooks-common'
 import local from '@feathersjs/authentication-local'
 
 const debug = makeDebug('kdk:core:authentication:hooks')
+const { discard } = common
 
 // Make it more easy to acces
 export const hashPassword = local.hooks.hashPassword
@@ -61,3 +63,12 @@ export async function consentGuest (hook) {
 
   return hook
 }
+
+export function discardAuthenticationProviders (hook) {
+  const providers = hook.app.authenticationProviders || []
+  
+  // Iterate through known providers
+  for (const provider of providers) {
+    discard(provider)(hook)
+  }
+}

package/core/api/hooks/hooks.authorisations.js

@@ -8,7 +8,7 @@ import {
   hasServiceAbilities, hasResourceAbilities, getQueryForAbilities,
   Roles, RoleNames, countSubjectsForResource
 } from '../../common/permissions.js'
-import { isTagEqual } from './hooks.tags.js'
+import { isTagEqual } from '../utils.js'
 
 const { getItems, replaceItems } = common
 const { Forbidden } = errors
@@ -233,7 +233,11 @@ export async function authorise (hook) {
     // this has to be implemented by the service itself
     } else if (typeof hook.service.get === 'function') {
       // In this case (single get/update/patch/remove) we need to fetch the item first
-      const resource = await hook.service.get(hook.id, Object.assign({ checkAuthorisation: false }, hook.params))
+      // Take care we might have additional query parameters to be "catched" by before hooks,
+      // however at this stage these query parameters might cause get to fail
+      const params = Object.assign({ checkAuthorisation: false }, hook.params)
+      _.unset(params, 'query')
+      const resource = await hook.service.get(hook.id, params)
       debug('Target resource is', resource)
       // Then check against the object we'd like to manage
       if (!hasResourceAbilities(abilities, operation, resourceType, context, resource)) {
@@ -362,7 +366,7 @@ export async function removeOrganisationTagsAuthorisations (hook) {
     const notFromOrg = _.differenceWith(tags, orgTags, isTagEqual)
     // Update subject if required
     if (fromOrg.length > 0) {
-      promises.push(subjectService.patch(subject._id.toString(), { tags: notFromOrg, devices: subject.devices }))
+      promises.push(subjectService.patch(subject._id.toString(), { tags: notFromOrg }))
     }
   })
   // Perform subject updates in parallel

package/core/api/hooks/hooks.model.js

@@ -7,7 +7,7 @@ import { marshallTimes, unmarshallTimes } from '../marshall.js'
 import common from 'feathers-hooks-common'
 import makeDebug from 'debug'
 
-const { Conflict } = errors
+const { Conflict, BadRequest } = errors
 const { discard, disallow, getItems, replaceItems } = common
 const sift = siftModule.default
 const debug = makeDebug('kdk:core:model:hooks')
@@ -36,47 +36,6 @@ export function unprocessTimes (properties) {
   }
 }
 
-export function processPerspectives (hook) {
-  const params = hook.params
-  const query = params.query
-  const service = hook.service
-
-  // Test if some perspectives are defined on the model
-  if (!service.options || !service.options.perspectives) return
-
-  // Iterate through known perspectives of the model
-  service.options.perspectives.forEach(perspective => {
-    // Only discard if not explicitely asked by $select
-    let filterPerspective = true
-    if (!_.isNil(query) && !_.isNil(query.$select)) {
-      // Transform to array to unify processing
-      const selectedFields = (typeof query.$select === 'string' ? [query.$select] : query.$select)
-      if (Array.isArray(selectedFields)) {
-        selectedFields.forEach(field => {
-          // Take care that we might only ask for a subset of perspective fields like ['perspective.fieldName']
-          if ((field === perspective) || field.startsWith(perspective + '.')) {
-            filterPerspective = false
-          }
-        })
-      }
-    }
-    if (filterPerspective) {
-      discard(perspective)(hook)
-    }
-  })
-}
-
-// When perspectives are present we disallow update in order to avoid erase them.
-// Indeed when requesting an object they are not retrieved by default
-export function preventUpdatePerspectives (hook) {
-  const service = hook.service
-
-  // Test if some perspectives are defined on the model
-  if (!service.options || !service.options.perspectives) return
-
-  disallow()(hook)
-}
-
 // The hook serialize allows to copy/move some properties within the objects holded by the hook
 // It applies an array of rules defined by:
 // - source: the path to the property to be copied
@@ -108,8 +67,10 @@ export function serialize (rules, options = {}) {
   }
 }
 
-// The hook allows to transform the values bound to '_id' like keys as strings into Mongo ObjectIds
+// This hook allows to transform the values bound to '_id' like keys or
+// operators (eg $ne, $in) provided as strings into Mongo ObjectIds
 // It inspects hook data as well as query data
+// If you have others properties to be converted use convertObjectIDs
 export function processObjectIDs (hook) {
   let items = getItems(hook)
   const isArray = Array.isArray(items)
@@ -299,3 +260,31 @@ export function checkUnique (options = {}) {
     return hook
   }
 }
+
+// Prevent patch service calls from changing certain fields.
+// Based on https://hooks-common.feathersjs.com/hooks.html#preventchanges
+// but updated to handle dot notation
+export function preventChanges(ifThrow, fieldNames) {
+  return (hook) => {
+    if ((hook.type !== 'before') || (hook.method !== 'patch')) {
+      throw new Error('The \'preventChanges\' hook should only be used as a \'before\' patch hook.')
+    }
+
+    let data = { ...hook.data }
+    // Check all data fields
+    _.forOwn(hook.data, (value, key) => {
+      fieldNames.forEach(name => {
+        // If a prevented field is found or dot notation with a prevented field is used
+        if ((key === name) || key.startsWith(`${name}.`)) {
+          if (ifThrow) {
+            throw new BadRequest(`Field ${name} may not be patched. (preventChanges)`);
+          }
+          delete data[key]
+        }
+      })
+    })
+    hook.data = data
+
+    return hook
+  }
+}

package/core/api/hooks/hooks.organisations.js

@@ -5,21 +5,6 @@ const debug = makeDebug('kdk:core:organisations:hooks')
 
 const { Forbidden } = errors
 
-export function addOrganisationPlan (hook) {
-  if (hook.type !== 'before') {
-    throw new Error('The \'addOrganisationPlan\' hook should only be used as a \'before\' hook.')
-  }
-
-  const plans = _.keys(hook.app.get('plans') || {})
-  const plan = _.get(hook.data, 'billing.plan')
-  if (!plan && (plans.length > 0)) {
-    // Add defaul plan
-    _.set(hook.data, 'billing.plan', plans[0])
-    debug('Added default plan to organisation: ', hook.data)
-  }
-  return hook
-}
-
 export async function createOrganisationServices (hook) {
   if (hook.type !== 'after') {
     throw new Error('The \'createOrganisationServices\' hook should only be used as a \'after\' hook.')
@@ -119,10 +104,14 @@ export function updateOrganisationResource (resourceScope) {
     if (hook.type !== 'after') {
       throw new Error('The \'updateOrganisationResource\' hook should only be used as a \'after\' hook.')
     }
+    // Only applicable to update/remove operations
+    if ((hook.method === 'get' || hook.method === 'find' || hook.method === 'create')) return hook
 
     const app = hook.app
     // Retrieve the list of members
-    const orgMembersService = app.getService('members', hook.service.getContextId())
+    const context = hook.service.getContextId()
+    // Use members service if any or global users service
+    const orgMembersService = (context ? app.getService('members', context) : app.getService('users'))
     const members = await orgMembersService.find({
       query: { [resourceScope]: { $elemMatch: { _id: hook.result._id } } },
       paginate: false
@@ -130,13 +119,15 @@ export function updateOrganisationResource (resourceScope) {
     // Update each members
     await Promise.all(members.map(member => {
       const resources = _.get(member, resourceScope, [])
-      const resource = _.find(resources, { _id: hook.result._id })
-      if (resource) {
-        Object.assign(resource, hook.result)
-        return orgMembersService.patch(member._id, { [resourceScope]: resources })
+      const resource = _.find(resources, item => item._id.toString() === hook.result._id.toString())
+      if (!resource) return Promise.resolve()
+      // Check for removal or update
+      if (hook.method === 'remove') {
+        _.remove(resources, item => resource._id.toString() === item._id.toString())
       } else {
-        return Promise.resolve()
+        Object.assign(resource, hook.result)
       }
+      return orgMembersService.patch(member._id, { [resourceScope]: resources })
     }))
 
     debug(`Updated resource ${hook.result._id} on scope ${resourceScope} for members of organisation ` + hook.result._id)
@@ -144,103 +135,22 @@ export function updateOrganisationResource (resourceScope) {
   }
 }
 
-export function removeOrganisationGroups (hook) {
-  if (hook.type !== 'after') {
-    throw new Error('The \'removeOrganisationGroups\' hook should only be used as a \'after\' hook.')
-  }
-
-  const app = hook.app
-  const orgGroupService = app.getService('groups', hook.result)
-  return orgGroupService.find({ paginate: false })
-    .then(groups => {
-      return Promise.all(groups.map(group => {
-        return orgGroupService.remove(group._id.toString(), {
-          user: hook.params.user
-        })
-      }))
-    })
-    .then(groups => {
-      debug('Removed groups for organisation ' + hook.result._id)
-      return hook
-    })
-}
-
-export async function removeOrganisationTags (hook) {
-  if (hook.type !== 'after') {
-    throw new Error('The \'removeOrganisationTags\' hook should only be used as a \'after\' hook.')
-  }
-
-  const app = hook.app
-  // Retrieve the list of tags
-  const orgTagsService = app.getService('tags', hook.result)
-  const tags = await orgTagsService.find({ paginate: false })
-  // Retrieve the list of members
-  const orgMembersService = app.getService('members', hook.result)
-  const members = await orgMembersService.find({ paginate: false })
-  // Update each members
-  for (const i in members) {
-    const member = members[i]
-    if (member.tags) {
-      const filteredTagsMember = _.filter(member.tags, (tag) => {
-        return _.findIndex(tags, { _id: tag._id }) === -1
-      })
-      await orgMembersService.patch(member._id, { tags: filteredTagsMember })
+export function removeOrganisationResources (resourceScope) {
+  return async function (hook) {
+    if (hook.type !== 'after') {
+      throw new Error('The \'removeOrganisationResources\' hook should only be used as a \'after\' hook.')
     }
-  }
-
-  debug('Removed tags from organisation ' + hook.result._id)
-  return hook
-}
 
-export async function createPrivateOrganisation (hook) {
-  if (hook.type !== 'after') {
-    throw new Error('The \'createPrivateOrganisation\' hook should only be used as a \'after\' hook.')
-  }
-
-  const app = hook.app
-  const organisationService = app.getService('organisations')
-  // Create a private organisation for the user
-  await organisationService.create({
-    _id: hook.result._id, // Same ID as user, fine because in another service
-    name: hook.result.profile.name // Same name as user
-  }, {
-    user: hook.result
-  })
-
-  debug('Private organisation created for user ' + hook.result._id)
-  return hook
-}
-
-export async function removePrivateOrganisation (hook) {
-  if (hook.type !== 'after') {
-    throw new Error('The \'removePrivateOrganisation\' hook should only be used as a \'after\' hook.')
+    const app = hook.app
+    const orgResourceService = app.getService(resourceScope, hook.result)
+    const resources = await orgResourceService.find({ paginate: false })
+    await Promise.all(resources.map(resource => {
+      return orgResourceService.remove(resource._id.toString(), {
+        user: hook.params.user
+      })
+    }))
+    debug(`Removed ${resourceScope} for organisation ` + hook.result._id)
+    return hook
   }
-
-  const app = hook.app
-  const organisationService = app.getService('organisations')
-  // Remove the private user's organisation
-  await organisationService.remove(hook.result._id.toString(), {
-    user: hook.result
-  })
-
-  debug('Private organisation removed for user ' + hook.result._id)
-  return hook
 }
 
-export async function preventRemoveOrganisation (hook) {
-  if (hook.type !== 'before') {
-    throw new Error('The \'preventRemoveOrganisations\' hook should only be used as a \'before\' hook.')
-  }
-
-  // By pass check ?
-  if (hook.params.force) return hook
-  const app = hook.app
-  const orgGroupService = app.getService('groups', hook.id)
-  const result = await orgGroupService.find({ $limit: 0 })
-  if (result.total > 0) {
-    throw new Forbidden('You are not allowed to delete the organisation', {
-      translation: { key: 'CANNOT_REMOVE_ORGANISATION' }
-    })
-  }
-  return hook
-}

package/core/api/hooks/hooks.push.js

@@ -0,0 +1,56 @@
+import emails from 'email-templates'
+import path from 'path'
+import makeDebug from 'debug'
+import _ from 'lodash'
+
+const debug = makeDebug('kdk:core:push:hooks')
+
+// Helper functions to be used in iff hooks
+export function disallowExternalPush (hook) {
+  return _.get(hook.app.get('push'), 'disallowExternalPush', true)
+}
+
+export async function sendNewSubscriptionEmail (hook) {
+  if (hook.type !== 'after') {
+    throw new Error('The \'sendNewSubscriptionEmail\' hook should only be used as a \'after\' hook.')
+  }
+
+  // Check for a new subscription if any
+  const updatedUser = hook.result
+  const previousUser = hook.params.user
+  // If we can't compare abort, eg f-a-m might patch user to update tokens
+  if (!updatedUser || !previousUser) return hook
+  const newSubscription = _.differenceBy(_.get(updatedUser, 'subscriptions', []), _.get(previousUser, 'subscriptions', []), 'endpoint')
+  if (_.size(newSubscription) !== 1) return
+
+  // Data
+  const app = hook.app
+  const mailerService = app.getService('mailer')
+  const domainPath = app.get('domain') + '/#/'
+  const email = {
+    subject: 'Security alert - new browser detected',
+    from: mailerService.options.auth.user,
+    // When changing email send to the new one so that it can be verified
+    to: updatedUser.email,
+    link: domainPath,
+    domainPath
+  }
+
+  // Build the subject & link to the app to perform the different actions
+  const templateDir = path.join(mailerService.options.templateDir, 'newSubscription')
+  const template = new emails.EmailTemplate(templateDir)
+  // Errors does not seem to be correctly catched by the caller
+  // so we catch them here to avoid any problem
+  try {
+    const emailContent = await template.render({ email, user: updatedUser, subscription: _.first(newSubscription) }, updatedUser.locale || 'en-us')
+    // Update compiled content
+    email.html = emailContent.html
+    debug('Sending email ', email)
+    await mailerService.create(email)
+  } catch (error) {
+    debug('Sending email failed', error)
+    app.logger.error(error)
+  }
+
+  return hook
+}

package/core/api/hooks/hooks.query.js

@@ -97,9 +97,6 @@ export function populateObject (options) {
       if (options.throwOnNotFound) throw new Error(`Cannot find the ${options.idField} to dynamically populate.`)
       else return hook
     }
-    // Then the perspective if any
-    const perspective = _.get(data, options.perspectiveField) || _.get(query, options.perspectiveField)
-
     debug(`Populating ${idProperty} with ID ${id}`)
     // Set the retrieved service on the same field or given one in hook params
     _.set(params, serviceProperty, service)
@@ -110,11 +107,9 @@ export function populateObject (options) {
       try {
         // Get by ID or name ?
         if (ObjectID.isValid(id)) {
-          if (perspective) Object.assign(args, { query: { $select: [perspective] } })
           object = await service.get(id.toString(), args)
         } else {
           Object.assign(args, { query: { name: id.toString() }, paginate: false })
-          if (perspective) Object.assign(args.query, { $select: [perspective] })
           const results = await service.find(args)
           if (results.length >= 0) object = results[0]
         }

package/core/api/hooks/hooks.schemas.js

@@ -1,3 +1,4 @@
+import _ from 'lodash'
 import makeDebug from 'debug'
 import errors from '@feathersjs/errors'
 import commonHooks from 'feathers-hooks-common'
@@ -24,9 +25,27 @@ export function validateData (schema) {
     items = await Promise.allSettled(items.map((item) => schema.validate(item)))
     // Keep track of validation errors, even if invalid data will be filtered this ensure
     // original data with validation error will be "tagged"
-    items.forEach(item => {
+
+    items.forEach((item, index) => {
       if (item.status === 'rejected') {
-        item.validationError = (item.reason.ajv ? new BadRequest(item.reason.message, item.reason.errors) : item.reason)
+        console.log(item.reason)
+        item.validationError = {
+          message: item.reason.message,
+          data: item.reason.data.map(error => {
+            // retrieve the data corresponding to the item
+            const data = isArray ? hook.data[index] : hook.data
+            // compute the property path
+            let propertyPath = error.instancePath
+            if (_.startsWith(propertyPath, '/')) propertyPath = propertyPath.substring(1)
+            propertyPath = propertyPath.replace('/', '.')
+            // return the error
+            return {
+              message: error.message,
+              propertyPath: error.instancePath,
+              propertyValue: _.get(data, propertyPath)
+            }
+          })
+        }
       }
     })
     // Filter errors/valid data
@@ -39,8 +58,9 @@ export function validateData (schema) {
     const hasError = (errors.length > 0)
     if (hasError) {
       const firstError = errors[0]
+      console.log(firstError)
       // Single item case => raise the error
-      if (!isArray) throw firstError
+      if (!isArray) throw new BadRequest(firstError.message, firstError.data)
       // Multiple items case => raise if no valid data found
       else if (!hasValidData) {
         // Keep track of all errors