@modular-rest/server 1.11.14 → 1.11.15

package/dist/services/data_provider/router.js

@@ -0,0 +1,412 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.main = exports.name = void 0;
+const security_1 = require("../../class/security");
+const koa_router_1 = __importDefault(require("koa-router"));
+const validator_1 = require("../../class/validator");
+const reply_1 = require("../../class/reply");
+const nested_property_1 = __importDefault(require("nested-property"));
+const service = __importStar(require("./service"));
+const middleware = __importStar(require("../../middlewares"));
+const name = 'data-provider';
+exports.name = name;
+const dataProvider = new koa_router_1.default();
+exports.main = dataProvider;
+dataProvider.use('/', middleware.auth, async (ctx, next) => {
+    const body = ctx.request.body;
+    const bodyValidated = (0, validator_1.validateObject)(body, 'database collection');
+    // fields validation
+    if (!bodyValidated.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidated.requires })));
+    }
+    // type caster
+    if (body.types && body.hasOwnProperty(body.bodyKey || '.')) {
+        const bodyKey = body.bodyKey;
+        for (const key in body.types) {
+            if (body.types.hasOwnProperty(key) && typeof body.types[key] == 'object') {
+                const typeDetail = body.types[key];
+                try {
+                    const value = nested_property_1.default.get(body[bodyKey], typeDetail.path);
+                    const newProperty = service.TypeCasters[typeDetail.type](value);
+                    nested_property_1.default.set(body[bodyKey], typeDetail.path, newProperty);
+                    console.log('newProperty', newProperty, JSON.stringify(body[bodyKey]));
+                }
+                catch (e) {
+                    console.log('type caster error', e);
+                }
+            }
+        }
+    }
+    await next();
+});
+dataProvider.post('/find', async (ctx) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection query');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.read, body.query, ctx.state.user);
+    if (!hasAccess) {
+        console.log(body);
+        console.log(ctx.state.user.permission);
+        ctx.throw(403, 'access denied');
+    }
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    // operate on db
+    let queryRequest = collection.find(body.query, body.projection);
+    if (body.options) {
+        queryRequest = service.performAdditionalOptionsToQueryObject(queryRequest, body.options);
+    }
+    if (body.populates) {
+        try {
+            queryRequest = service.performPopulateToQueryObject(queryRequest, body.populates);
+        }
+        catch (err) {
+            ctx.status = 412;
+            ctx.body = err;
+        }
+    }
+    await queryRequest
+        .exec()
+        .then(async (docs) => {
+        // Call trigger
+        service.triggers.call('find', body.database, body.collection, {
+            query: body.query,
+            queryResult: docs,
+        });
+        ctx.body = { data: docs };
+    })
+        .catch(err => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+dataProvider.post('/find-one', async (ctx) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection query');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.read, body.query, ctx.state.user);
+    if (!hasAccess)
+        ctx.throw(403, 'access denied');
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    // operate on db
+    let queryRequest = collection.findOne(body.query, body.projection, body.options);
+    if (body.options) {
+        queryRequest = service.performAdditionalOptionsToQueryObject(queryRequest, body.options);
+    }
+    if (body.populates) {
+        try {
+            queryRequest = service.performPopulateToQueryObject(queryRequest, body.populates);
+        }
+        catch (err) {
+            ctx.status = 412;
+            ctx.body = err;
+        }
+    }
+    // operate on db
+    await queryRequest
+        .exec()
+        .then(async (doc) => {
+        // Call trigger
+        service.triggers.call('find-one', body.database, body.collection, {
+            query: body.query,
+            queryResult: doc,
+        });
+        ctx.body = { data: doc };
+    })
+        .catch(err => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+dataProvider.post('/count', async (ctx) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection query');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.read, body.query, ctx.state.user);
+    if (!hasAccess)
+        ctx.throw(403, 'access denied');
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    await collection
+        .countDocuments(body.query)
+        .exec()
+        .then(count => {
+        // Call trigger
+        service.triggers.call('count', body.database, body.collection, {
+            query: body.query,
+            queryResult: count,
+        });
+        ctx.body = { data: count };
+    })
+        .catch(err => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+dataProvider.post('/update-one', async (ctx) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection query update');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.write, body.query, ctx.state.user);
+    if (!hasAccess)
+        ctx.throw(403, 'access denied');
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    // get removing doc as output for triggers
+    const output = await collection.findOne(body.query).exec().then();
+    // operate on db
+    await collection
+        .updateOne(body.query, body.update, body.options)
+        .exec()
+        .then(writeOpResult => {
+        // Call trigger
+        service.triggers.call('update-one', body.database, body.collection, {
+            query: body.query,
+            update: body.update,
+            queryResult: writeOpResult,
+        });
+        ctx.body = { data: writeOpResult };
+    })
+        .catch(err => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+dataProvider.post('/insert-one', async (ctx) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection doc');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.write, body.doc, ctx.state.user);
+    if (!hasAccess) {
+        console.log(body);
+        console.log(ctx.state.user.permission);
+        ctx.throw(403, 'access denied');
+    }
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    // operate on db
+    await new collection(body.doc)
+        .save()
+        .then(async (newDoc) => {
+        // Call trigger
+        service.triggers.call('insert-one', body.database, body.collection, {
+            doc: body.doc,
+            queryResult: newDoc,
+        });
+        ctx.body = { data: newDoc };
+    })
+        .catch(err => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+dataProvider.post('/remove-one', async (ctx) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection query');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.write, body.query, ctx.state.user);
+    if (!hasAccess)
+        ctx.throw(403, 'access denied');
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    // get removing doc as output for triggers
+    const output = await collection.findOne(body.query).exec().then();
+    // operate on db
+    await collection
+        .deleteOne(body.query)
+        .exec()
+        .then(async (result) => {
+        // Call trigger
+        service.triggers.call('remove-one', body.database, body.collection, {
+            query: body.query,
+            queryResult: result,
+        });
+        ctx.body = { data: result };
+    })
+        .catch((err) => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+dataProvider.post('/aggregate', async (ctx) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection accessQuery');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.read, body.accessQuery, ctx.state.user);
+    if (!hasAccess)
+        ctx.throw(403, 'access denied');
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    // operate on db
+    await collection
+        .aggregate(body.pipelines)
+        .exec()
+        .then(async (result) => {
+        // Call trigger
+        service.triggers.call('aggregate', body.database, body.collection, {
+            pipelines: body.pipelines,
+            queryResult: result,
+        });
+        ctx.body = { data: result };
+    })
+        .catch((err) => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+dataProvider.post('/findByIds', async (ctx, next) => {
+    const body = ctx.request.body;
+    const bodyValidate = (0, validator_1.validateObject)(body, 'database collection ids');
+    // fields validation
+    if (!bodyValidate.isValid) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: bodyValidate.requires })));
+    }
+    // access validation
+    const hasAccess = service.checkAccess(body.database, body.collection, security_1.AccessTypes.read, body.accessQuery || {}, ctx.state.user);
+    if (!hasAccess)
+        ctx.throw(403, 'access denied');
+    // collection validation
+    const collection = service.getCollection(body.database, body.collection);
+    if (collection == null) {
+        ctx.throw(412, JSON.stringify((0, reply_1.create)('e', { error: 'wrong database or collection' })));
+    }
+    const or = [];
+    try {
+        body.ids.forEach((id) => {
+            const castedid = service.getAsID(id);
+            or.push({ _id: castedid });
+        });
+    }
+    catch (e) {
+        console.log('ids.forEach', e);
+    }
+    const pipelines = [
+        {
+            $match: { $or: or },
+        },
+        // {
+        //     $sort: body.sort || { _id: 1 }
+        // }
+    ];
+    // operate on db
+    await collection
+        .aggregate(pipelines)
+        .exec()
+        .then(async (result) => {
+        ctx.state = { data: result };
+        await next();
+    })
+        .catch((err) => {
+        ctx.status = err.status || 500;
+        ctx.body = err.message;
+    });
+});
+// Final middleware for converting mongoose documents to JSON
+dataProvider.use('/', async (ctx, next) => {
+    // this event is responsible to covert whole mongoose doc to json form
+    // including getters, public properties
+    // each mongoose doc must have a "toJson" method being defined on its own Schema.
+    const state = ctx.state;
+    // let result;
+    // // array
+    // if(!isNaN(state.length)) {
+    //     result = [];
+    //     for (let index = 0; index < state.length; index++) {
+    //         const element = state[index];
+    //         if(element.hasOwnProperty('toJson'))
+    //             result.push(element.toJson());
+    //         else result.push(element);
+    //     }
+    // }
+    // // object
+    // else {
+    //     result = state.toJson();
+    // }
+    ctx.body = state;
+});

package/dist/services/data_provider/service.d.ts

@@ -0,0 +1,132 @@
+import mongoose, { Model, PopulateOptions, Query } from 'mongoose';
+import triggerOperator from '../../class/trigger_operator';
+import TypeCasters from './typeCasters';
+import { CollectionDefinition } from '../../class/collection_definition';
+import { User } from '../../class/user';
+/**
+ * Service name constant
+ * @constant {string}
+ */
+export declare const name = "dataProvider";
+/**
+ * MongoDB connection options
+ * @interface MongoOption
+ * @property {string} [dbPrefix] - Prefix for database names
+ * @property {string} mongoBaseAddress - MongoDB connection URL
+ */
+export interface MongoOption {
+    dbPrefix?: string;
+    mongoBaseAddress: string;
+}
+/**
+ * Collection definition options
+ * @interface CollectionDefinitionOption
+ * @property {CollectionDefinition[]} list - List of collection definitions
+ * @property {MongoOption} mongoOption - MongoDB connection options
+ */
+interface CollectionDefinitionListOption {
+    list: CollectionDefinition[];
+    mongoOption: MongoOption;
+}
+/**
+ * Adds collection definitions and connects to their respective databases
+ * @function addCollectionDefinitionByList
+ * @param {CollectionDefinitionListOption} options - Collection definition options
+ * @returns {Promise<void>} A promise that resolves when all collections are set up
+ * @example
+ * ```typescript
+ * await addCollectionDefinitionByList({
+ *   list: [
+ *     new CollectionDefinition({
+ *       database: 'myapp',
+ *       collection: 'users',
+ *       schema: userSchema,
+ *       permissions: [new Permission({ type: 'user_access', read: true })]
+ *     })
+ *   ],
+ *   mongoOption: {
+ *     mongoBaseAddress: 'mongodb://localhost:27017',
+ *     dbPrefix: 'myapp_'
+ *   }
+ * });
+ * ```
+ */
+export declare function addCollectionDefinitionByList({ list, mongoOption, }: CollectionDefinitionListOption): Promise<void>;
+/**
+ * Gets a Mongoose model for a specific collection
+ * @function getCollection
+ * @param {string} db - Database name
+ * @param {string} collection - Collection name
+ * @returns {Model<T>} Mongoose model for the collection
+ * @throws {Error} If the collection doesn't exist
+ * @example
+ * ```typescript
+ * const userModel = getCollection('myapp', 'users');
+ * const users = await userModel.find();
+ * ```
+ */
+export declare function getCollection<T>(db: string, collection: string): Model<T>;
+/**
+ * Checks if a user has access to perform an operation on a collection
+ * @function checkAccess
+ * @param {string} db - Database name
+ * @param {string} collection - Collection name
+ * @param {string} operationType - Type of operation (read/write)
+ * @param {Record<string, any>} queryOrDoc - Query or document being accessed
+ * @param {User} user - User performing the operation
+ * @returns {boolean} Whether the user has access
+ * @example
+ * ```typescript
+ * const hasAccess = checkAccess('myapp', 'users', 'read', {}, currentUser);
+ * if (hasAccess) {
+ *   const users = await getCollection('myapp', 'users').find();
+ * }
+ * ```
+ */
+export declare function checkAccess(db: string, collection: string, operationType: string, queryOrDoc: Record<string, any>, user: User): boolean;
+/**
+ * Converts a string ID to a MongoDB ObjectId
+ * @function getAsID
+ * @param {string} strId - String ID to convert
+ * @returns {mongoose.Types.ObjectId | undefined} MongoDB ObjectId or undefined if invalid
+ * @example
+ * ```typescript
+ * const id = getAsID('507f1f77bcf86cd799439011');
+ * if (id) {
+ *   const doc = await collection.findById(id);
+ * }
+ * ```
+ */
+export declare function getAsID(strId: string): mongoose.Types.ObjectId | undefined;
+/**
+ * Applies populate options to a Mongoose query
+ * @function performPopulateToQueryObject
+ * @param {Query<T, any>} queryObj - Mongoose query object
+ * @param {PopulateOptions[]} [popArr=[]] - Array of populate options
+ * @returns {Query<T, any>} Query with populate options applied
+ * @example
+ * ```typescript
+ * const query = collection.find();
+ * const populatedQuery = performPopulateToQueryObject(query, [
+ *   { path: 'author', select: 'name email' }
+ * ]);
+ * ```
+ */
+export declare function performPopulateToQueryObject<T = any>(queryObj: Query<T, any>, popArr?: PopulateOptions[]): Query<T, any>;
+/**
+ * Applies additional options to a Mongoose query
+ * @function performAdditionalOptionsToQueryObject
+ * @param {Query<T, any>} queryObj - Mongoose query object
+ * @param {Record<string, any>} options - Additional query options
+ * @returns {Query<T, any>} Query with additional options applied
+ * @example
+ * ```typescript
+ * const query = collection.find();
+ * const queryWithOptions = performAdditionalOptionsToQueryObject(query, {
+ *   sort: { createdAt: -1 },
+ *   limit: 10
+ * });
+ * ```
+ */
+export declare function performAdditionalOptionsToQueryObject<T = any>(queryObj: Query<T, any>, options: Record<string, any>): Query<T, any>;
+export { triggerOperator as triggers, TypeCasters };