@modular-rest/server 1.11.14 → 1.11.15

package/src/class/cms_trigger.ts

@@ -1,3 +1,5 @@
+import { DatabaseTriggerContext } from './database_trigger';
+
 /**
  * Type for CMS operations that can trigger a callback
  * @typedef {('update-one' | 'insert-one' | 'remove-one')} CmsOperation
@@ -8,17 +10,6 @@
  */
 export type CmsOperation = 'update-one' | 'insert-one' | 'remove-one';
 
-/**
- * Context interface for CMS trigger callbacks
- * @interface CmsTriggerContext
- * @property {Record<string, any>} query - The query parameters used in the CMS operation
- * @property {any} queryResult - The result of the CMS operation
- */
-export interface CmsTriggerContext {
-  query: Record<string, any>;
-  queryResult: any;
-}
-
 /**
  * Defines a callback to be executed on specific CMS operations
  * @class CmsTrigger
@@ -28,7 +19,7 @@ export interface CmsTriggerContext {
  * ```typescript
  * const trigger = new CmsTrigger('insert-one', (context) => {
  *   console.log('New CMS document inserted:', context.queryResult);
- *   // Perform additional actions after CMS document insertion
+ *   // Perform additional actions after CMS document insertion.
  * });
  *
  * // Use the trigger in RestOptions
@@ -40,7 +31,7 @@ export interface CmsTriggerContext {
  */
 export class CmsTrigger {
   operation: CmsOperation;
-  callback: (context: CmsTriggerContext) => void;
+  callback: (context: DatabaseTriggerContext) => void;
 
   /**
    * Creates a new CmsTrigger instance
@@ -59,7 +50,10 @@ export class CmsTrigger {
    * });
    * ```
    */
-  constructor(operation: CmsOperation, callback: (context: CmsTriggerContext) => void = () => {}) {
+  constructor(
+    operation: CmsOperation,
+    callback: (context: DatabaseTriggerContext) => void = () => {}
+  ) {
     this.operation = operation;
     this.callback = callback;
   }

package/src/class/database_trigger.ts

@@ -13,12 +13,18 @@ export type DatabaseOperation =
 /**
  * Context interface for database trigger callbacks
  * @interface DatabaseTriggerContext
- * @property {Record<string, any>} query - The query parameters used in the database operation
- * @property {any | any[]} queryResult - The result of the database operation
+ * @property {Record<string, any>} doc - The document data for insert/update operations
+ * @property {Record<string, any>} query - The query data for find/find-one operations
+ * @property {Record<string, any>} update - The update data for update operations
+ * @property {Record<string, any>[]} pipelines - The aggregation pipelines for aggregate operations
+ * @property {Record<string, any> } queryResult - The result of the database operation
  */
 export interface DatabaseTriggerContext {
-  query: Record<string, any>;
-  queryResult: any | any[];
+  doc?: Record<string, any>;
+  query?: Record<string, any>;
+  update?: Record<string, any>;
+  pipelines?: Record<string, any>[];
+  queryResult: Record<string, any>;
 }
 
 /**

package/src/class/user.ts

@@ -48,7 +48,7 @@ export class User {
     phone: string,
     email: string,
     password: string,
-    type: string,
+    type: 'user' | 'anonymous',
     model: any
   ) {
     this.id = id;

package/src/services/data_provider/router.ts

@@ -6,6 +6,7 @@ import nestedProperty from 'nested-property';
 import * as service from './service';
 import * as middleware from '../../middlewares';
 import { Context, Next } from 'koa';
+import mongoose from 'mongoose';
 
 const name = 'data-provider';
 
@@ -91,6 +92,12 @@ dataProvider.post('/find', async (ctx: Context) => {
   await queryRequest
     .exec()
     .then(async docs => {
+      // Call trigger
+      service.triggers.call('find', body.database, body.collection, {
+        query: body.query,
+        queryResult: docs,
+      });
+
       ctx.body = { data: docs };
     })
     .catch(err => {
@@ -144,6 +151,12 @@ dataProvider.post('/find-one', async (ctx: Context) => {
   await queryRequest
     .exec()
     .then(async doc => {
+      // Call trigger
+      service.triggers.call('find-one', body.database, body.collection, {
+        query: body.query,
+        queryResult: doc,
+      });
+
       ctx.body = { data: doc };
     })
     .catch(err => {
@@ -179,7 +192,14 @@ dataProvider.post('/count', async (ctx: Context) => {
 
   await collection
     .countDocuments(body.query)
+    .exec()
     .then(count => {
+      // Call trigger
+      service.triggers.call('count', body.database, body.collection, {
+        query: body.query,
+        queryResult: count,
+      });
+
       ctx.body = { data: count };
     })
     .catch(err => {
@@ -188,4 +208,277 @@ dataProvider.post('/count', async (ctx: Context) => {
     });
 });
 
+dataProvider.post('/update-one', async (ctx: Context) => {
+  const body = ctx.request.body;
+  const bodyValidate = validateObject(body, 'database collection query update');
+
+  // fields validation
+  if (!bodyValidate.isValid) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: bodyValidate.requires })));
+  }
+
+  // access validation
+  const hasAccess = service.checkAccess(
+    body.database,
+    body.collection,
+    AccessTypes.write,
+    body.query,
+    ctx.state.user
+  );
+  if (!hasAccess) ctx.throw(403, 'access denied');
+
+  // collection validation
+  const collection = service.getCollection(body.database, body.collection);
+  if (collection == null) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: 'wrong database or collection' })));
+  }
+
+  // get removing doc as output for triggers
+  const output: any = await collection.findOne(body.query).exec().then();
+
+  // operate on db
+  await collection
+    .updateOne(body.query, body.update, body.options)
+    .exec()
+    .then(writeOpResult => {
+      // Call trigger
+      service.triggers.call('update-one', body.database, body.collection, {
+        query: body.query,
+        update: body.update,
+        queryResult: writeOpResult,
+      });
+
+      ctx.body = { data: writeOpResult };
+    })
+    .catch(err => {
+      ctx.status = err.status || 500;
+      ctx.body = err.message;
+    });
+});
+
+dataProvider.post('/insert-one', async (ctx: Context) => {
+  const body = ctx.request.body;
+  const bodyValidate = validateObject(body, 'database collection doc');
+
+  // fields validation
+  if (!bodyValidate.isValid) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: bodyValidate.requires })));
+  }
+
+  // access validation
+  const hasAccess = service.checkAccess(
+    body.database,
+    body.collection,
+    AccessTypes.write,
+    body.doc,
+    ctx.state.user
+  );
+  if (!hasAccess) {
+    console.log(body);
+    console.log(ctx.state.user.permission);
+    ctx.throw(403, 'access denied');
+  }
+
+  // collection validation
+  const collection = service.getCollection(body.database, body.collection);
+  if (collection == null) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: 'wrong database or collection' })));
+  }
+
+  // operate on db
+  await new collection(body.doc)
+    .save()
+    .then(async newDoc => {
+      // Call trigger
+      service.triggers.call('insert-one', body.database, body.collection, {
+        doc: body.doc,
+        queryResult: newDoc,
+      });
+
+      ctx.body = { data: newDoc };
+    })
+    .catch(err => {
+      ctx.status = err.status || 500;
+      ctx.body = err.message;
+    });
+});
+
+dataProvider.post('/remove-one', async (ctx: Context) => {
+  const body = ctx.request.body;
+  const bodyValidate = validateObject(body, 'database collection query');
+
+  // fields validation
+  if (!bodyValidate.isValid) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: bodyValidate.requires })));
+  }
+
+  // access validation
+  const hasAccess = service.checkAccess(
+    body.database,
+    body.collection,
+    AccessTypes.write,
+    body.query,
+    ctx.state.user
+  );
+  if (!hasAccess) ctx.throw(403, 'access denied');
+
+  // collection validation
+  const collection = service.getCollection(body.database, body.collection);
+  if (collection == null) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: 'wrong database or collection' })));
+  }
+
+  // get removing doc as output for triggers
+  const output: any = await collection.findOne(body.query).exec().then();
+
+  // operate on db
+  await collection
+    .deleteOne(body.query)
+    .exec()
+    .then(async (result: any) => {
+      // Call trigger
+      service.triggers.call('remove-one', body.database, body.collection, {
+        query: body.query,
+        queryResult: result,
+      });
+
+      ctx.body = { data: result };
+    })
+    .catch((err: Error) => {
+      ctx.status = (err as any).status || 500;
+      ctx.body = err.message;
+    });
+});
+
+dataProvider.post('/aggregate', async (ctx: Context) => {
+  const body = ctx.request.body;
+  const bodyValidate = validateObject(body, 'database collection accessQuery');
+
+  // fields validation
+  if (!bodyValidate.isValid) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: bodyValidate.requires })));
+  }
+
+  // access validation
+  const hasAccess = service.checkAccess(
+    body.database,
+    body.collection,
+    AccessTypes.read,
+    body.accessQuery,
+    ctx.state.user
+  );
+  if (!hasAccess) ctx.throw(403, 'access denied');
+
+  // collection validation
+  const collection = service.getCollection(body.database, body.collection);
+  if (collection == null) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: 'wrong database or collection' })));
+  }
+
+  // operate on db
+  await collection
+    .aggregate(body.pipelines)
+    .exec()
+    .then(async (result: any) => {
+      // Call trigger
+      service.triggers.call('aggregate', body.database, body.collection, {
+        pipelines: body.pipelines,
+        queryResult: result,
+      });
+
+      ctx.body = { data: result };
+    })
+    .catch((err: any) => {
+      ctx.status = err.status || 500;
+      ctx.body = err.message;
+    });
+});
+
+dataProvider.post('/findByIds', async (ctx: Context, next: Next) => {
+  const body = ctx.request.body;
+  const bodyValidate = validateObject(body, 'database collection ids');
+
+  // fields validation
+  if (!bodyValidate.isValid) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: bodyValidate.requires })));
+  }
+
+  // access validation
+  const hasAccess = service.checkAccess(
+    body.database,
+    body.collection,
+    AccessTypes.read,
+    body.accessQuery || {},
+    ctx.state.user
+  );
+  if (!hasAccess) ctx.throw(403, 'access denied');
+
+  // collection validation
+  const collection = service.getCollection(body.database, body.collection);
+  if (collection == null) {
+    ctx.throw(412, JSON.stringify(reply('e', { error: 'wrong database or collection' })));
+  }
+
+  const or: Array<{ _id: any }> = [];
+
+  try {
+    body.ids.forEach((id: any) => {
+      const castedid = service.getAsID(id);
+      or.push({ _id: castedid });
+    });
+  } catch (e) {
+    console.log('ids.forEach', e);
+  }
+
+  const pipelines = [
+    {
+      $match: { $or: or },
+    },
+    // {
+    //     $sort: body.sort || { _id: 1 }
+    // }
+  ];
+
+  // operate on db
+  await collection
+    .aggregate(pipelines)
+    .exec()
+    .then(async (result: any[]) => {
+      ctx.state = { data: result };
+      await next();
+    })
+    .catch((err: Error) => {
+      ctx.status = (err as any).status || 500;
+      ctx.body = err.message;
+    });
+});
+
+// Final middleware for converting mongoose documents to JSON
+dataProvider.use('/', async (ctx: Context, next: Next) => {
+  // this event is responsible to covert whole mongoose doc to json form
+  // including getters, public properties
+  // each mongoose doc must have a "toJson" method being defined on its own Schema.
+
+  const state = ctx.state;
+  // let result;
+
+  // // array
+  // if(!isNaN(state.length)) {
+  //     result = [];
+
+  //     for (let index = 0; index < state.length; index++) {
+  //         const element = state[index];
+  //         if(element.hasOwnProperty('toJson'))
+  //             result.push(element.toJson());
+  //         else result.push(element);
+  //     }
+  // }
+  // // object
+  // else {
+  //     result = state.toJson();
+  // }
+
+  ctx.body = state;
+});
+
 export { name, dataProvider as main };

package/src/services/data_provider/service.ts

@@ -302,4 +302,5 @@ export function performAdditionalOptionsToQueryObject<T = any>(
   return queryObj;
 }
 
-export { TypeCasters };
+// Instead, export triggerOperator as triggers
+export { triggerOperator as triggers, TypeCasters };

package/src/services/functions/router.ts

@@ -25,9 +25,10 @@ functionRouter.post('/run', middleware.auth, async (ctx: Context) => {
 
   try {
     const result = await service.runFunction(name, args, ctx.state.user);
-    ctx.body = JSON.stringify(reply('s', { data: result }));
+    ctx.body = reply('s', { data: result });
   } catch (e) {
-    ctx.throw(400, JSON.stringify(reply('e', { error: (e as Error).message })));
+    ctx.status = 400;
+    ctx.body = reply('e', { message: (e as Error).message });
   }
 });
 

package/src/services/user_manager/db.ts

@@ -12,11 +12,11 @@ interface AuthDocument extends mongoose.Document {
 
 const authSchema = new Schema(
   {
-    permissionGroup: String,
-    email: String,
-    phone: String,
-    password: String,
-    type: { type: String, default: 'user', enum: ['user', 'anonymous'] },
+    permissionGroup: { type: String, required: true },
+    email: { type: String, required: false },
+    phone: { type: String, required: false },
+    password: { type: String, required: true },
+    type: { type: String, required: true, default: 'user', enum: ['user', 'anonymous'] },
   },
   { timestamps: true }
 );

package/src/services/user_manager/service.ts

@@ -391,17 +391,22 @@ class UserManager {
       }
 
       try {
-        // Create anonymous user document
-        const anonymousUserDoc = await userModel.create({
-          type: 'anonymous',
-          permissionGroup: getDefaultAnonymousPermissionGroup().title,
-          phone: '',
-          email: '',
-          password: '',
-        });
+        // Check if anonymous user already exists
+        let anonymousUser = await userModel.findOne({ type: 'anonymous' }).exec();
+
+        if (!anonymousUser) {
+          // Create anonymous user document
+          anonymousUser = await userModel.create({
+            type: 'anonymous',
+            permissionGroup: getDefaultAnonymousPermissionGroup().title,
+            phone: '',
+            email: 'anonymous',
+            password: '',
+          });
+        }
 
         // Load user from document
-        const user = await User.loadFromModel(anonymousUserDoc);
+        const user = await User.loadFromModel(anonymousUser);
 
         // Get token payload
         const payload = user.getBrief();
@@ -490,7 +495,7 @@ class UserManager {
       const user = await User.loadFromModel(gottenFromDB);
 
       // Update password
-      user.password = Buffer.from(password).toString('base64');
+      user.password = password;
 
       // Save to database
       await user.save();
@@ -563,7 +568,7 @@ class UserManager {
       const user = await User.loadFromModel(gottenFromDB);
 
       // Update password
-      user.password = Buffer.from(password).toString('base64');
+      user.password = password;
 
       // Save to database
       await user.save();
@@ -619,9 +624,9 @@ class UserManager {
           ...detail,
           type: detail.type || 'user',
           permissionGroup: detail.permissionGroup || getDefaultPermissionGroups().title,
-          phone: detail.phone || '',
-          email: detail.email || '',
-          password: detail.password ? Buffer.from(detail.password).toString('base64') : '',
+          phone: detail.phone || undefined,
+          email: detail.email || undefined,
+          password: detail.password || undefined,
         });
 
         // Load user from document
@@ -674,7 +679,7 @@ class UserManager {
     }
 
     const user = await User.loadFromModel(userDoc);
-    user.password = Buffer.from(newPass).toString('base64');
+    user.password = newPass;
     await user.save();
   }