@loomcore/api 0.1.38 → 0.1.41

package/dist/databases/postgres/postgres.database.js

@@ -68,23 +68,23 @@ export class PostgresDatabase {
     }
     async getUserAuthorizations(userId, orgId) {
         const now = new Date();
-        let query = `
-            SELECT DISTINCT
-                ur."userId" as "userId",
-                r."name" as "role",
-                f."name" as "feature",
-                a."config",
-                a."_id",
-                a."_orgId"
-            FROM "user_roles" ur
-            INNER JOIN "roles" r ON ur."roleId" = r."_id"
-            INNER JOIN "authorizations" a ON r."_id" = a."roleId"
-            INNER JOIN "features" f ON a."featureId" = f."_id"
-            WHERE ur."userId" = $1
-                AND ur."_deleted" IS NULL
-                AND a."_deleted" IS NULL
-                AND (a."startDate" IS NULL OR a."startDate" <= $2)
-                AND (a."endDate" IS NULL OR a."endDate" >= $2)
+        let query = `
+            SELECT DISTINCT
+                ur."userId" as "userId",
+                r."name" as "role",
+                f."name" as "feature",
+                a."config",
+                a."_id",
+                a."_orgId"
+            FROM "user_roles" ur
+            INNER JOIN "roles" r ON ur."roleId" = r."_id"
+            INNER JOIN "authorizations" a ON r."_id" = a."roleId"
+            INNER JOIN "features" f ON a."featureId" = f."_id"
+            WHERE ur."userId" = $1
+                AND ur."_deleted" IS NULL
+                AND a."_deleted" IS NULL
+                AND (a."startDate" IS NULL OR a."startDate" <= $2)
+                AND (a."endDate" IS NULL OR a."endDate" >= $2)
         `;
         const values = [userId, now];
         if (orgId) {

package/dist/databases/postgres/utils/build-select-clause.js

@@ -1,11 +1,11 @@
 import { Join } from '../../operations/join.operation.js';
 async function getTableColumns(client, tableName) {
-    const result = await client.query(`
-            SELECT column_name
-            FROM information_schema.columns
-            WHERE table_schema = current_schema()
-              AND table_name = $1
-            ORDER BY ordinal_position
+    const result = await client.query(`
+            SELECT column_name
+            FROM information_schema.columns
+            WHERE table_schema = current_schema()
+              AND table_name = $1
+            ORDER BY ordinal_position
         `, [tableName]);
     return result.rows.map(row => row.column_name);
 }

package/dist/databases/postgres/utils/does-table-exist.util.js

@@ -1,8 +1,8 @@
 export async function doesTableExist(client, tableName) {
-    const result = await client.query(`
-        SELECT EXISTS (
-            SELECT 1 FROM information_schema.tables WHERE table_schema = current_schema() AND table_name = $1
-        )
+    const result = await client.query(`
+        SELECT EXISTS (
+            SELECT 1 FROM information_schema.tables WHERE table_schema = current_schema() AND table_name = $1
+        )
     `, [tableName]);
     return result.rows[0].exists;
 }

package/dist/middleware/index.d.ts

@@ -1,3 +1,3 @@
 export * from './error-handler.js';
-export * from './is-authenticated.js';
+export * from './is-authorized.js';
 export * from './ensure-user-context.js';

package/dist/middleware/index.js

@@ -1,3 +1,3 @@
 export * from './error-handler.js';
-export * from './is-authenticated.js';
+export * from './is-authorized.js';
 export * from './ensure-user-context.js';

package/dist/middleware/is-authorized.d.ts

@@ -0,0 +1,3 @@
+import { Request, Response, NextFunction } from 'express';
+declare const isAuthorized: (allowedFeatures?: string[]) => (req: Request, res: Response, next: NextFunction) => void;
+export { isAuthorized };

package/dist/middleware/is-authorized.js

@@ -0,0 +1,40 @@
+import { UserContextSpec } from '@loomcore/common/models';
+import { UnauthenticatedError, UnauthorizedError } from '../errors/index.js';
+import { JwtService } from '../services/index.js';
+import { config } from '../config/index.js';
+const isAuthorized = (allowedFeatures) => {
+    return (req, res, next) => {
+        let token = null;
+        if (req.headers?.authorization) {
+            let authHeader = req.headers.authorization;
+            const authHeaderArray = authHeader.split('Bearer ');
+            if (authHeaderArray?.length > 1) {
+                token = authHeaderArray[1];
+            }
+        }
+        if (!token) {
+            throw new UnauthenticatedError();
+        }
+        try {
+            const rawPayload = JwtService.verify(token, config.clientSecret);
+            const userContext = UserContextSpec.decode(rawPayload);
+            req.userContext = userContext;
+            if (userContext.authorizations.some(authorization => authorization.feature === 'admin')) {
+                next();
+            }
+            else if (allowedFeatures && allowedFeatures.length) {
+                if (!userContext.authorizations.some(authorization => allowedFeatures?.includes(authorization.feature))) {
+                    throw new UnauthorizedError();
+                }
+                next();
+            }
+            else {
+                next();
+            }
+        }
+        catch (err) {
+            throw new UnauthenticatedError();
+        }
+    };
+};
+export { isAuthorized };

package/package.json

@@ -1,88 +1,88 @@
-{
-  "name": "@loomcore/api",
-  "version": "0.1.38",
-  "private": false,
-  "description": "Loom Core Api - An opinionated Node.js api using Typescript, Express, and MongoDb or PostgreSQL",
-  "scripts": {
-    "clean": "rm -rf dist",
-    "tsc": "tsc --project tsconfig.prod.json",
-    "build": "npm-run-all -s clean tsc",
-    "add": "git add .",
-    "commit": "git commit -m \"Updates\"",
-    "patch": "npm version patch",
-    "push": "git push",
-    "publishMe": "npm publish --access public",
-    "pub": "npm-run-all -s add commit patch build push publishMe",
-    "update-lib-versions": "npx --yes npm-check-updates -u -f @loomcore/common",
-    "install-updated-libs": "npm i @loomcore/common",
-    "update-libs": "npm-run-all -s update-lib-versions install-updated-libs",
-    "typecheck": "tsc",
-    "test": "npm-run-all -s test:postgres test:mongodb",
-    "test:postgres": "cross-env NODE_ENV=test TEST_DATABASE=postgres vitest run",
-    "test:mongodb": "cross-env NODE_ENV=test TEST_DATABASE=mongodb vitest run",
-    "test:ci": "npm-run-all -s test:ci:postgres test:ci:mongodb",
-    "test:ci:postgres": "cross-env NODE_ENV=test TEST_DATABASE=postgres vitest run --reporter=json --outputFile=test-results-postgres.json",
-    "test:ci:mongodb": "cross-env NODE_ENV=test TEST_DATABASE=mongodb vitest run --reporter=json --outputFile=test-results-mongodb.json",
-    "test:watch": "cross-env NODE_ENV=test vitest",
-    "coverage": "npm-run-all -s coverage:postgres coverage:mongodb",
-    "coverage:postgres": "cross-env NODE_ENV=test TEST_DATABASE=postgres vitest run --coverage",
-    "coverage:mongodb": "cross-env NODE_ENV=test TEST_DATABASE=mongodb vitest run --coverage"
-  },
-  "author": "Tim Hardy",
-  "license": "Apache 2.0",
-  "main": "dist/index.js",
-  "type": "module",
-  "types": "dist/index.d.ts",
-  "files": [
-    "dist/**/*"
-  ],
-  "exports": {
-    "./__tests__": "./dist/__tests__/index.js",
-    "./config": "./dist/config/index.js",
-    "./controllers": "./dist/controllers/index.js",
-    "./databases": "./dist/databases/index.js",
-    "./errors": "./dist/errors/index.js",
-    "./middleware": "./dist/middleware/index.js",
-    "./models": "./dist/models/index.js",
-    "./services": "./dist/services/index.js",
-    "./utils": "./dist/utils/index.js"
-  },
-  "dependencies": {
-    "jsonwebtoken": "^9.0.2",
-    "node-mailjet": "^6.0.8",
-    "qs": "^6.14.0"
-  },
-  "peerDependencies": {
-    "@loomcore/common": "^0.0.32",
-    "@sinclair/typebox": "0.34.33",
-    "cookie-parser": "^1.4.6",
-    "cors": "^2.8.5",
-    "express": "^5.1.0",
-    "lodash": "^4.17.21",
-    "moment": "^2.30.1",
-    "mongodb": "^6.16.0",
-    "pg": "^8.15.6",
-    "rxjs": "^7.8.0",
-    "umzug": "^3.8.2"
-  },
-  "devDependencies": {
-    "@types/cookie-parser": "^1.4.7",
-    "@types/cors": "^2.8.18",
-    "@types/express": "^5.0.1",
-    "@types/jsonwebtoken": "^9.0.9",
-    "@types/lodash": "^4.17.13",
-    "@types/pg": "^8.15.6",
-    "@types/qs": "^6.14.0",
-    "@types/supertest": "^6.0.3",
-    "@vitest/coverage-v8": "^3.0.9",
-    "cross-env": "^7.0.3",
-    "mongodb-memory-server": "^9.3.0",
-    "npm-run-all": "^4.1.5",
-    "pg-mem": "^3.0.5",
-    "rxjs": "^7.8.0",
-    "supertest": "^7.1.0",
-    "typescript": "^5.8.3",
-    "vite": "^6.2.5",
-    "vitest": "^3.0.9"
-  }
-}
+{
+  "name": "@loomcore/api",
+  "version": "0.1.41",
+  "private": false,
+  "description": "Loom Core Api - An opinionated Node.js api using Typescript, Express, and MongoDb or PostgreSQL",
+  "scripts": {
+    "clean": "rm -rf dist",
+    "tsc": "tsc --project tsconfig.prod.json",
+    "build": "npm-run-all -s clean tsc",
+    "add": "git add .",
+    "commit": "git commit -m \"Updates\"",
+    "patch": "npm version patch",
+    "push": "git push",
+    "publishMe": "npm publish --access public",
+    "pub": "npm-run-all -s add commit patch build push publishMe",
+    "update-lib-versions": "npx --yes npm-check-updates -u -f @loomcore/common",
+    "install-updated-libs": "npm i @loomcore/common",
+    "update-libs": "npm-run-all -s update-lib-versions install-updated-libs",
+    "typecheck": "tsc",
+    "test": "npm-run-all -s test:postgres test:mongodb",
+    "test:postgres": "cross-env NODE_ENV=test TEST_DATABASE=postgres vitest run",
+    "test:mongodb": "cross-env NODE_ENV=test TEST_DATABASE=mongodb vitest run",
+    "test:ci": "npm-run-all -s test:ci:postgres test:ci:mongodb",
+    "test:ci:postgres": "cross-env NODE_ENV=test TEST_DATABASE=postgres vitest run --reporter=json --outputFile=test-results-postgres.json",
+    "test:ci:mongodb": "cross-env NODE_ENV=test TEST_DATABASE=mongodb vitest run --reporter=json --outputFile=test-results-mongodb.json",
+    "test:watch": "cross-env NODE_ENV=test vitest",
+    "coverage": "npm-run-all -s coverage:postgres coverage:mongodb",
+    "coverage:postgres": "cross-env NODE_ENV=test TEST_DATABASE=postgres vitest run --coverage",
+    "coverage:mongodb": "cross-env NODE_ENV=test TEST_DATABASE=mongodb vitest run --coverage"
+  },
+  "author": "Tim Hardy",
+  "license": "Apache 2.0",
+  "main": "dist/index.js",
+  "type": "module",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist/**/*"
+  ],
+  "exports": {
+    "./__tests__": "./dist/__tests__/index.js",
+    "./config": "./dist/config/index.js",
+    "./controllers": "./dist/controllers/index.js",
+    "./databases": "./dist/databases/index.js",
+    "./errors": "./dist/errors/index.js",
+    "./middleware": "./dist/middleware/index.js",
+    "./models": "./dist/models/index.js",
+    "./services": "./dist/services/index.js",
+    "./utils": "./dist/utils/index.js"
+  },
+  "dependencies": {
+    "jsonwebtoken": "^9.0.2",
+    "node-mailjet": "^6.0.8",
+    "qs": "^6.14.0"
+  },
+  "peerDependencies": {
+    "@loomcore/common": "^0.0.32",
+    "@sinclair/typebox": "0.34.33",
+    "cookie-parser": "^1.4.6",
+    "cors": "^2.8.5",
+    "express": "^5.1.0",
+    "lodash": "^4.17.21",
+    "moment": "^2.30.1",
+    "mongodb": "^6.16.0",
+    "pg": "^8.15.6",
+    "rxjs": "^7.8.0",
+    "umzug": "^3.8.2"
+  },
+  "devDependencies": {
+    "@types/cookie-parser": "^1.4.7",
+    "@types/cors": "^2.8.18",
+    "@types/express": "^5.0.1",
+    "@types/jsonwebtoken": "^9.0.9",
+    "@types/lodash": "^4.17.13",
+    "@types/pg": "^8.15.6",
+    "@types/qs": "^6.14.0",
+    "@types/supertest": "^6.0.3",
+    "@vitest/coverage-v8": "^3.0.9",
+    "cross-env": "^7.0.3",
+    "mongodb-memory-server": "^9.3.0",
+    "npm-run-all": "^4.1.5",
+    "pg-mem": "^3.0.5",
+    "rxjs": "^7.8.0",
+    "supertest": "^7.1.0",
+    "typescript": "^5.8.3",
+    "vite": "^6.2.5",
+    "vitest": "^3.0.9"
+  }
+}

package/dist/middleware/is-authenticated.d.ts

@@ -1,2 +0,0 @@
-import { Request, Response, NextFunction } from 'express';
-export declare const isAuthenticated: (req: Request, res: Response, next: NextFunction) => void;

package/dist/middleware/is-authenticated.js

@@ -1,27 +0,0 @@
-import { UserContextSpec } from '@loomcore/common/models';
-import { UnauthenticatedError } from '../errors/index.js';
-import { JwtService } from '../services/index.js';
-import { config } from '../config/index.js';
-export const isAuthenticated = (req, res, next) => {
-    let token = null;
-    if (req.headers?.authorization) {
-        let authHeader = req.headers.authorization;
-        const authHeaderArray = authHeader.split('Bearer ');
-        if (authHeaderArray?.length > 1) {
-            token = authHeaderArray[1];
-        }
-    }
-    if (token) {
-        try {
-            const rawPayload = JwtService.verify(token, config.clientSecret);
-            req.userContext = UserContextSpec.decode(rawPayload);
-            next();
-        }
-        catch (err) {
-            throw new UnauthenticatedError();
-        }
-    }
-    else {
-        throw new UnauthenticatedError();
-    }
-};