npm - @memberjunction/server - Versions diffs - 5.12.0 → 5.13.0 - Mend

@memberjunction/server 5.12.0 → 5.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/dist/index.d.ts +2 -3
package/dist/index.d.ts.map +1 -1
package/dist/index.js +92 -88
package/dist/index.js.map +1 -1
package/dist/middleware/BaseServerMiddleware.d.ts +103 -0
package/dist/middleware/BaseServerMiddleware.d.ts.map +1 -0
package/dist/middleware/BaseServerMiddleware.js +104 -0
package/dist/middleware/BaseServerMiddleware.js.map +1 -0
package/dist/middleware/MJTenantFilterMiddleware.d.ts +22 -0
package/dist/middleware/MJTenantFilterMiddleware.d.ts.map +1 -0
package/dist/middleware/MJTenantFilterMiddleware.js +41 -0
package/dist/middleware/MJTenantFilterMiddleware.js.map +1 -0
package/dist/middleware/index.d.ts +3 -0
package/dist/middleware/index.d.ts.map +1 -0
package/dist/middleware/index.js +3 -0
package/dist/middleware/index.js.map +1 -0
package/package.json +59 -59
package/src/__tests__/bcsaas-integration.test.ts +1 -1
package/src/index.ts +109 -95
package/src/middleware/BaseServerMiddleware.ts +141 -0
package/src/middleware/MJTenantFilterMiddleware.ts +39 -0
package/src/middleware/index.ts +2 -0
package/dist/hooks.d.ts +0 -65
package/dist/hooks.d.ts.map +0 -1
package/dist/hooks.js +0 -14
package/dist/hooks.js.map +0 -1
package/dist/test-dynamic-plugin.d.ts +0 -6
package/dist/test-dynamic-plugin.d.ts.map +0 -1
package/dist/test-dynamic-plugin.js +0 -18
package/dist/test-dynamic-plugin.js.map +0 -1
package/src/hooks.ts +0 -77
package/src/test-dynamic-plugin.ts +0 -36

package/src/middleware/MJTenantFilterMiddleware.ts ADDED Viewed

@@ -0,0 +1,39 @@
+/**
+ * MJ's built-in multi-tenancy middleware.
+ *
+ * Registers with key 'mj:tenantFilter' so that downstream layers (e.g., BCSaaS)
+ * can replace it by registering with the same key at higher ClassFactory priority.
+ *
+ * Conditionally enabled via configInfo.multiTenancy?.enabled.
+ */
+import { RegisterClass } from '@memberjunction/global';
+import { BaseServerMiddleware } from './BaseServerMiddleware.js';
+import { configInfo } from '../config.js';
+import { createTenantMiddleware, createTenantPreRunViewHook, createTenantPreSaveHook } from '../multiTenancy/index.js';
+import type { RequestHandler } from 'express';
+import type { RunViewParams, UserInfo, BaseEntity } from '@memberjunction/core';
+@RegisterClass(BaseServerMiddleware, 'mj:tenantFilter')
+export class MJTenantFilterMiddleware extends BaseServerMiddleware {
+    get Label(): string { return 'mj:tenantFilter'; }
+    /**
+     * Only active when multiTenancy is enabled in config.
+     */
+    get Enabled(): boolean {
+        return configInfo.multiTenancy?.enabled ?? false;
+    }
+    GetPostAuthMiddleware(): RequestHandler[] {
+        return [createTenantMiddleware(configInfo.multiTenancy!)];
+    }
+    PreRunView(params: RunViewParams, contextUser: UserInfo | undefined): RunViewParams | Promise<RunViewParams> {
+        return createTenantPreRunViewHook(configInfo.multiTenancy!)(params, contextUser);
+    }
+    PreSave(entity: BaseEntity, contextUser: UserInfo | undefined): boolean | string | Promise<boolean | string> {
+        return createTenantPreSaveHook(configInfo.multiTenancy!)(entity, contextUser);
+    }
+}

package/src/middleware/index.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './BaseServerMiddleware.js';
2	+ export * from './MJTenantFilterMiddleware.js';

package/dist/hooks.d.ts DELETED Viewed

@@ -1,65 +0,0 @@
-/**
- * Server-level extensibility types for MJServer.
- *
- * Provider-level hook types (PreRunViewHook, PostRunViewHook, PreSaveHook)
- * are defined and exported from @memberjunction/core (hookRegistry.ts) so
- * that ProviderBase and BaseEntity can reference them without depending
- * on @memberjunction/server.
- *
- * This file re-exports those types for convenience and adds the
- * server-specific extensibility options (Express middleware, Apollo plugins,
- * schema transformers).
- */
-export type { PreRunViewHook, PostRunViewHook, PreSaveHook, HookName, HookRegistrationOptions } from '@memberjunction/core';
-import type { PreRunViewHook, PostRunViewHook, PreSaveHook } from '@memberjunction/core';
-import type { RequestHandler, ErrorRequestHandler, Application } from 'express';
-import type { ApolloServerPlugin } from '@apollo/server';
-import type { GraphQLSchema } from 'graphql';
-/**
- * A hook entry that includes the hook function plus optional registration metadata.
- * Dynamic packages use this format to declare hooks with priority and namespace.
- */
-export interface HookWithOptions<T> {
-    hook: T;
-    Priority?: number;
-    Namespace?: string;
-}
-/** A hook value is either a plain function or a function with registration options */
-export type HookOrEntry<T> = T | HookWithOptions<T>;
-/**
- * Extensibility options that can be passed to `serve()` (via MJServerOptions)
- * or to `createMJServer()` (via MJServerConfig).
- *
- * All properties are optional — when omitted, zero behavior change (backward compatible).
- */
-export interface ServerExtensibilityOptions {
-    /** Express middleware applied after compression but before OAuth/REST/GraphQL routes */
-    ExpressMiddlewareBefore?: RequestHandler[];
-    /** Express middleware/error handlers applied after all routes (catch-alls, error handlers) */
-    ExpressMiddlewareAfter?: (RequestHandler | ErrorRequestHandler)[];
-    /** Escape hatch for advanced Express app configuration (CORS, trust proxy, etc.) */
-    ConfigureExpressApp?: (app: Application) => void | Promise<void>;
-    /** Additional Apollo Server plugins merged with the built-in drain/cleanup plugins */
-    ApolloPlugins?: ApolloServerPlugin[];
-    /** Schema transformers applied after built-in directive transformers */
-    SchemaTransformers?: ((schema: GraphQLSchema) => GraphQLSchema)[];
-    /**
-     * Express middleware that runs AFTER authentication has resolved UserInfo
-     * onto the request. Use this for middleware that needs the authenticated
-     * user (e.g., tenant context resolution, org membership loading).
-     *
-     * The authenticated user payload is available at `req.userPayload`.
-     * Middleware in this array runs in registration order.
-     */
-    ExpressMiddlewarePostAuth?: RequestHandler[];
-    /** Hooks that modify RunViewParams before query execution (e.g., tenant filter injection).
-     * Each entry can be a plain hook function or a `{ hook, Priority, Namespace }` object. */
-    PreRunViewHooks?: HookOrEntry<PreRunViewHook>[];
-    /** Hooks that modify RunViewResult after query execution (e.g., data masking).
-     * Each entry can be a plain hook function or a `{ hook, Priority, Namespace }` object. */
-    PostRunViewHooks?: HookOrEntry<PostRunViewHook>[];
-    /** Hooks that validate/reject Save operations before they hit the database.
-     * Each entry can be a plain hook function or a `{ hook, Priority, Namespace }` object. */
-    PreSaveHooks?: HookOrEntry<PreSaveHook>[];
-}
-//# sourceMappingURL=hooks.d.ts.map

package/dist/hooks.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"hooks.d.ts","sourceRoot":"","sources":["../src/hooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,WAAW,EAAE,QAAQ,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAE5H,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,WAAW,EAA2B,MAAM,sBAAsB,CAAC;AAClH,OAAO,KAAK,EAAE,cAAc,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAChF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACzD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C;;;GAGG;AACH,MAAM,WAAW,eAAe,CAAC,CAAC;IAChC,IAAI,EAAE,CAAC,CAAC;IACR,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,sFAAsF;AACtF,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;AAEpD;;;;;GAKG;AACH,MAAM,WAAW,0BAA0B;IACzC,wFAAwF;IACxF,uBAAuB,CAAC,EAAE,cAAc,EAAE,CAAC;IAE3C,8FAA8F;IAC9F,sBAAsB,CAAC,EAAE,CAAC,cAAc,GAAG,mBAAmB,CAAC,EAAE,CAAC;IAElE,oFAAoF;IACpF,mBAAmB,CAAC,EAAE,CAAC,GAAG,EAAE,WAAW,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE,sFAAsF;IACtF,aAAa,CAAC,EAAE,kBAAkB,EAAE,CAAC;IAErC,wEAAwE;IACxE,kBAAkB,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,aAAa,KAAK,aAAa,CAAC,EAAE,CAAC;IAElE;;;;;;;OAOG;IACH,yBAAyB,CAAC,EAAE,cAAc,EAAE,CAAC;IAE7C;8FAC0F;IAC1F,eAAe,CAAC,EAAE,WAAW,CAAC,cAAc,CAAC,EAAE,CAAC;IAEhD;8FAC0F;IAC1F,gBAAgB,CAAC,EAAE,WAAW,CAAC,eAAe,CAAC,EAAE,CAAC;IAElD;8FAC0F;IAC1F,YAAY,CAAC,EAAE,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC;CAC3C"}

package/dist/hooks.js DELETED Viewed

@@ -1,14 +0,0 @@
-/**
- * Server-level extensibility types for MJServer.
- *
- * Provider-level hook types (PreRunViewHook, PostRunViewHook, PreSaveHook)
- * are defined and exported from @memberjunction/core (hookRegistry.ts) so
- * that ProviderBase and BaseEntity can reference them without depending
- * on @memberjunction/server.
- *
- * This file re-exports those types for convenience and adds the
- * server-specific extensibility options (Express middleware, Apollo plugins,
- * schema transformers).
- */
-export {};
-//# sourceMappingURL=hooks.js.map

package/dist/hooks.js.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"hooks.js","sourceRoot":"","sources":["../src/hooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG"}

package/dist/test-dynamic-plugin.d.ts DELETED Viewed

@@ -1,6 +0,0 @@
-/**
- * Startup function called by DynamicPackageLoader.
- * Returns extensibility config that gets merged into server options.
- */
-export declare function LoadTestPlugin(): Record<string, unknown>;
-//# sourceMappingURL=test-dynamic-plugin.d.ts.map

package/dist/test-dynamic-plugin.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"test-dynamic-plugin.d.ts","sourceRoot":"","sources":["../src/test-dynamic-plugin.ts"],"names":[],"mappings":"AA0BA;;;GAGG;AACH,wBAAgB,cAAc,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAKxD"}

package/dist/test-dynamic-plugin.js DELETED Viewed

@@ -1,18 +0,0 @@
-/** Post-auth middleware that logs authenticated requests */
-const testPostAuthMiddleware = (req, _res, next) => {
-    const userPayload = req.userPayload;
-    const email = userPayload?.email ?? 'unknown';
-    console.log(`[TestPlugin] Post-auth middleware: ${req.method} ${req.path} (user: ${email})`);
-    next();
-};
-/**
- * Startup function called by DynamicPackageLoader.
- * Returns extensibility config that gets merged into server options.
- */
-export function LoadTestPlugin() {
-    console.log('[TestPlugin] Startup function called');
-    return {
-        ExpressMiddlewarePostAuth: [testPostAuthMiddleware],
-    };
-}
-//# sourceMappingURL=test-dynamic-plugin.js.map

package/dist/test-dynamic-plugin.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"test-dynamic-plugin.js","sourceRoot":"","sources":["../src/test-dynamic-plugin.ts"],"names":[],"mappings":"AAkBA,4DAA4D;AAC5D,MAAM,sBAAsB,GAAmB,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;IACjE,MAAM,WAAW,GAAI,GAAqC,CAAC,WAAW,CAAC;IACvE,MAAM,KAAK,GAAG,WAAW,EAAE,KAAK,IAAI,SAAS,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,sCAAsC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,WAAW,KAAK,GAAG,CAAC,CAAC;IAC7F,IAAI,EAAE,CAAC;AACT,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,cAAc;IAC5B,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACpD,OAAO;QACL,yBAAyB,EAAE,CAAC,sBAAsB,CAAC;KACpD,CAAC;AACJ,CAAC"}

package/src/hooks.ts DELETED Viewed

@@ -1,77 +0,0 @@
-/**
- * Server-level extensibility types for MJServer.
- *
- * Provider-level hook types (PreRunViewHook, PostRunViewHook, PreSaveHook)
- * are defined and exported from @memberjunction/core (hookRegistry.ts) so
- * that ProviderBase and BaseEntity can reference them without depending
- * on @memberjunction/server.
- *
- * This file re-exports those types for convenience and adds the
- * server-specific extensibility options (Express middleware, Apollo plugins,
- * schema transformers).
- */
-export type { PreRunViewHook, PostRunViewHook, PreSaveHook, HookName, HookRegistrationOptions } from '@memberjunction/core';
-import type { PreRunViewHook, PostRunViewHook, PreSaveHook, HookRegistrationOptions } from '@memberjunction/core';
-import type { RequestHandler, ErrorRequestHandler, Application } from 'express';
-import type { ApolloServerPlugin } from '@apollo/server';
-import type { GraphQLSchema } from 'graphql';
-/**
- * A hook entry that includes the hook function plus optional registration metadata.
- * Dynamic packages use this format to declare hooks with priority and namespace.
- */
-export interface HookWithOptions<T> {
-  hook: T;
-  Priority?: number;
-  Namespace?: string;
-}
-/** A hook value is either a plain function or a function with registration options */
-export type HookOrEntry<T> = T | HookWithOptions<T>;
-/**
- * Extensibility options that can be passed to `serve()` (via MJServerOptions)
- * or to `createMJServer()` (via MJServerConfig).
- *
- * All properties are optional — when omitted, zero behavior change (backward compatible).
- */
-export interface ServerExtensibilityOptions {
-  /** Express middleware applied after compression but before OAuth/REST/GraphQL routes */
-  ExpressMiddlewareBefore?: RequestHandler[];
-  /** Express middleware/error handlers applied after all routes (catch-alls, error handlers) */
-  ExpressMiddlewareAfter?: (RequestHandler | ErrorRequestHandler)[];
-  /** Escape hatch for advanced Express app configuration (CORS, trust proxy, etc.) */
-  ConfigureExpressApp?: (app: Application) => void | Promise<void>;
-  /** Additional Apollo Server plugins merged with the built-in drain/cleanup plugins */
-  ApolloPlugins?: ApolloServerPlugin[];
-  /** Schema transformers applied after built-in directive transformers */
-  SchemaTransformers?: ((schema: GraphQLSchema) => GraphQLSchema)[];
-  /**
-   * Express middleware that runs AFTER authentication has resolved UserInfo
-   * onto the request. Use this for middleware that needs the authenticated
-   * user (e.g., tenant context resolution, org membership loading).
-   *
-   * The authenticated user payload is available at `req.userPayload`.
-   * Middleware in this array runs in registration order.
-   */
-  ExpressMiddlewarePostAuth?: RequestHandler[];
-  /** Hooks that modify RunViewParams before query execution (e.g., tenant filter injection).
-   * Each entry can be a plain hook function or a `{ hook, Priority, Namespace }` object. */
-  PreRunViewHooks?: HookOrEntry<PreRunViewHook>[];
-  /** Hooks that modify RunViewResult after query execution (e.g., data masking).
-   * Each entry can be a plain hook function or a `{ hook, Priority, Namespace }` object. */
-  PostRunViewHooks?: HookOrEntry<PostRunViewHook>[];
-  /** Hooks that validate/reject Save operations before they hit the database.
-   * Each entry can be a plain hook function or a `{ hook, Priority, Namespace }` object. */
-  PreSaveHooks?: HookOrEntry<PreSaveHook>[];
-}

package/src/test-dynamic-plugin.ts DELETED Viewed

@@ -1,36 +0,0 @@
-/**
- * Test Dynamic Plugin for Phase 2 DynamicPackageLoader testing.
- *
- * This simple plugin validates the DynamicPackageLoader → MJServer pipeline:
- * - Startup function is called and returns extensibility config
- * - Post-auth middleware is injected and runs on each authenticated request
- * - Middleware has access to the authenticated user via req.userPayload
- *
- * To enable: add to dynamicPackages.server in packages/MJAPI/mj.config.cjs
- * To disable: set Enabled: false or remove the entry
- */
-import type { RequestHandler } from 'express';
-interface UserPayload {
-  email?: string;
-  userRecord?: { ID?: string };
-}
-/** Post-auth middleware that logs authenticated requests */
-const testPostAuthMiddleware: RequestHandler = (req, _res, next) => {
-  const userPayload = (req as { userPayload?: UserPayload }).userPayload;
-  const email = userPayload?.email ?? 'unknown';
-  console.log(`[TestPlugin] Post-auth middleware: ${req.method} ${req.path} (user: ${email})`);
-  next();
-};
-/**
- * Startup function called by DynamicPackageLoader.
- * Returns extensibility config that gets merged into server options.
- */
-export function LoadTestPlugin(): Record<string, unknown> {
-  console.log('[TestPlugin] Startup function called');
-  return {
-    ExpressMiddlewarePostAuth: [testPostAuthMiddleware],
-  };
-}