@modular-rest/server 1.7.0 → 1.10.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@modular-rest/server",
-  "version": "1.7.0",
+  "version": "1.10.0",
   "description": "a nodejs module based on KOAJS for developing Rest-APIs in a modular solution.",
   "main": "src/index.js",
   "scripts": {
@@ -38,7 +38,9 @@
     "nested-property": "^4.0.0"
   },
   "devDependencies": {
+    "@types/bson": "4.2.0",
     "@types/koa": "^2.14.0",
+    "@types/koa__cors": "^5.0.0",
     "typescript": "^5.3.3"
   }
-}
+}

package/src/application.js

@@ -7,15 +7,21 @@ const Combination = require("./class/combinator");
 const DataProvider = require("./services/data_provider/service");
 const UserService = require("./services/user_manager/service");
 
-let defaultServiceRoot = __dirname + "/services";
+const defaultServiceRoot = __dirname + "/services";
 
 /**
  * @typedef {import('koa')} Koa
+ * @typedef {import('http').Server} server
+ * @typedef {import('@koa/cors').Options} Cors
+ * @typedef {import('./class/security').PermissionGroup} PermissionGroup
  */
 
+const { config, setConfig } = require("./config");
+
 /**
+ * Create a modular REST instance with Koa and MongoDB support.
  * @param {{
- *   cors?: any; // Options for @koa/cors middleware.
+ *   cors?: Cors; // CORS options.
  *   modulesPath?: string; // Root directory of your router.js/db.js files.
  *   staticPath?: {
  *      rootDir?: string; // Root directory of your static files.
@@ -48,10 +54,12 @@ let defaultServiceRoot = __dirname + "/services";
  *   };
  *   verificationCodeGeneratorMethod: () => string; // A method to return a verification code when registering a new user.
  *   collectionDefinitions?: CollectionDefinition[]; // An array of additional collection definitions.
+ *   permissionGroups?: PermissionGroup[]; // An array of additional permission groups.
  * }} options
+ * @returns {Promise<{app: Koa, server: Server}>}
  */
-module.exports = async function createRest(options) {
-  options = {
+async function createRest(options) {
+  setConfig({
     port: 3000,
     dontListen: false,
     mongo: {
@@ -65,19 +73,19 @@ module.exports = async function createRest(options) {
     },
 
     ...options,
-  };
+  });
 
-  let app = new koa();
+  const app = new koa();
 
   /**
    * Plug in Cors
    */
-  app.use(cors(options.cors || {}));
+  app.use(cors(config.cors || {}));
 
   /**
    * Plug in BodyParser
    */
-  let bodyParserOptions = {
+  const bodyParserOptions = {
     multipart: true,
   };
   app.use(koaBody(bodyParserOptions));
@@ -85,14 +93,14 @@ module.exports = async function createRest(options) {
   /**
    * Plug In KoaStatic
    */
-  if (options.staticPath) {
-    app.use(koaStatic(options.staticPath));
+  if (config.staticPath) {
+    app.use(koaStatic(config.staticPath));
   }
 
   /**
    * Run before hook
    */
-  if (options.onBeforeInit) options.onBeforeInit(app);
+  if (config.onBeforeInit) config.onBeforeInit(app);
 
   /**
    * Setup default services
@@ -118,25 +126,29 @@ module.exports = async function createRest(options) {
   // Plug in default databaseDefinitions
   await DataProvider.addCollectionDefinitionByList({
     list: defaultDatabaseDefinitionList,
-    mongoOption: options.mongo,
+    mongoOption: config.mongo,
   });
 
   // Setting up default services
-  await require("./helper/presetup_services").setup(options);
+  try {
+    await require("./helper/presetup_services").setup(options);
+  } catch (e) {
+    return Promise.reject(e);
+  }
 
   /**
    * User Services
    *
    * Plug in routes and database
    */
-  if (options.modulesPath) {
+  if (config.modulesPath) {
     // Plug in user routes
-    await Combination.combineRoutesByFilePath(options.modulesPath, app);
+    await Combination.combineRoutesByFilePath(config.modulesPath, app);
 
     // Collect user CollectionDefinitions (db.js files)
     let userDatabaseDetail = [];
     userDatabaseDetail = await Combination.combineModulesByFilePath({
-      rootDirectory: options.modulesPath,
+      rootDirectory: config.modulesPath,
       filename: {
         name: "db",
         extension: ".js",
@@ -144,21 +156,21 @@ module.exports = async function createRest(options) {
       combineWithRoot: true,
     });
 
-    // combine additional CollectionDefinitions
-    if (options.collectionDefinitions) {
-      userDatabaseDetail.concat(options.collectionDefinitions);
+    // Combine additional CollectionDefinitions
+    if (config.collectionDefinitions) {
+      userDatabaseDetail.concat(config.collectionDefinitions);
     }
 
     // Plug in user CollectionDefinitions
     await DataProvider.addCollectionDefinitionByList({
       list: userDatabaseDetail || [],
-      mongoOption: options.mongo,
+      mongoOption: config.mongo,
     });
 
     // Plug in Verification method
-    if (typeof options.verificationCodeGeneratorMethod == "function") {
+    if (typeof config.verificationCodeGeneratorMethod == "function") {
       UserService.main.setCustomVerificationCodeGeneratorMethod(
-        options.verificationCodeGeneratorMethod
+        config.verificationCodeGeneratorMethod
       );
     }
   }
@@ -169,23 +181,29 @@ module.exports = async function createRest(options) {
    * return KOA app object
    */
   return new Promise((done, reject) => {
-    let server;
-
-    if (!options.dontListen) {
-      server = app.listen(options.port);
-      console.log(
-        "\x1b[35m",
-        `KOAS has been launched on: localhost:${options.port}`
-      );
+    try {
+      let server;
+
+      if (!config.dontListen) {
+        server = app.listen(config.port);
+
+        console.log(
+          "\x1b[35m",
+          `KOAS has been launched on: localhost:${config.port}`
+        );
+      }
+
+      // on after init
+      if (config.onAfterInit) config.onAfterInit(app);
+
+      done({
+        app,
+        server,
+      });
+    } catch (err) {
+      reject(err);
     }
-
-    // on after init
-    if (options.onAfterInit) options.onAfterInit(app);
-
-    //done
-    done({
-      app,
-      server,
-    });
   });
-};
+}
+
+module.exports = createRest;

package/src/class/collection_definition.js

@@ -14,7 +14,7 @@ class CollectionDefinition {
    * @param {string} option.collection - Collection name
    * @param {Object} option.schema - Mongoose schema
    * @param {Array<Permission>} option.permissions - A list of permissions for this collection
-   * @param {Array<DatabaseTrigger>} option.trigger - A database trigger
+   * @param {Array<DatabaseTrigger>=} option.trigger - A database trigger
    */
   constructor({ db, collection, schema, permissions, trigger }) {
     // string

package/src/class/database_trigger.js

@@ -7,10 +7,8 @@ class DatabaseTrigger {
   /**
    * Creates a new instance of `DatabaseTrigger`.
    *
-   * @param {string} operation - The name of the operation on which the callback should be triggered.
-   * @param {function} [callback=(query, queryResult) => {}] - The callback function to be triggered. It accepts two parameters:
-   * 1. `query` - The query that is being executed.
-   * 2. `queryResult` - The result of the query execution.
+   * @param {'find' | 'find-one' | 'count' | 'update-one' | 'insert-one' | 'remove-one' | 'aggregate'} operation - The operation to be triggered. Supported operations are:
+   * @param {function(query, queryResult)} callback - The callback to be called when the operation is executed.
    */
   constructor(operation, callback = (query, queryResult) => {}) {
     this.operation = operation;

package/src/class/directory.js

@@ -1,66 +1,65 @@
-const fs = require('fs');
-const path = require('path');
+const fs = require("fs");
+const path = require("path");
 
-function walk(dir, settings, done)
-{
-    let results = [];
+function walk(dir, settings, done) {
+  let results = [];
 
-    //read director fild and folders
-    fs.readdir(dir, function (err, list) {
-        if (err) return done(err, results);
+  // Read director file and folders
+  fs.readdir(dir, function (err, list) {
+    if (err) return done(err, results);
 
-        var pending = list.length;
-        if (!pending) return done(null, results);
+    var pending = list.length;
+    if (!pending) return done(null, results);
 
-        list.forEach(function (file) {
-            file = path.join(dir, file);
-            fs.stat(file, function (err, stat) {
-                // If directory, execute a recursive call
-                if (stat && stat.isDirectory()) {
-                    // Add directory to array [comment if you need to remove the directories from the array]
-                    //results.push(file);
-                    walk(file, settings, function (err, res) {
-                        results = results.concat(res);
-                        if (!--pending) done(null, results);
-                    });
-                }
-                else {
-                    //file filter
-                    var extension = path.extname(file);
-                    var fileName = path.basename(file).split('.')[0];
-                    var fileNameKey = true;
+    list.forEach(function (file) {
+      file = path.join(dir, file);
+      fs.stat(file, function (err, stat) {
+        // If directory, execute a recursive call
+        if (stat && stat.isDirectory()) {
+          // Add directory to array [comment if you need to remove the directories from the array]
+          // results.push(file);
+          walk(file, settings, function (err, res) {
+            results = results.concat(res);
+            if (!--pending) done(null, results);
+          });
+        } else {
+          // file filter
+          var extension = path.extname(file);
+          var fileName = path.basename(file).split(".")[0];
+          var fileNameKey = true;
 
-                    //name filter
-                    if (settings.name && settings.name === fileName) fileNameKey = true;
-                    else fileNameKey = false;
+          // name filter
+          if (settings.name && settings.name === fileName) fileNameKey = true;
+          else fileNameKey = false;
 
-                    //extention filter
-                    if (settings.filter && fileNameKey) {
-                        settings.filter.forEach(function (element) {
-                            if (element.toLowerCase() === extension.toLowerCase())
-                                results.push(file);
-                        }, this);
-                    }
+          // extension filter
+          if (settings.filter && fileNameKey) {
+            settings.filter.forEach(function (element) {
+              if (element.toLowerCase() === extension.toLowerCase())
+                results.push(file);
+            }, this);
+          }
 
-                    //push any file if no option
-                    else if (fileNameKey) results.push(file);
+          // push any file if no option
+          else if (fileNameKey) results.push(file);
 
-                    if (!--pending) done(null, results);
-                }
-            });
-        });
+          if (!--pending) done(null, results);
+        }
+      });
     });
-};
+  });
+}
 
 function find(dir, settings) {
-    return new Promise((don, reject) => {
-        walk(dir, settings, (err, result) => {
-            if (err) reject(err);
-            else don(result);
-        });
+  return new Promise((don, reject) => {
+    walk(dir, settings, (err, result) => {
+      if (err) reject(err);
+      else don(result);
     });
+  });
 }
 
 module.exports = {
-    walk, find,
-}
+  walk,
+  find,
+};

package/src/class/security.js

@@ -17,7 +17,7 @@ class AccessDefinition {
 }
 
 /**
- * @typedef {('god_access'|'user_access'|'delete'|'upload_file_access'|'remove_file_access'|'anonymous_access')} PermissionType
+ * @typedef {('user_access'|'upload_file_access'|'remove_file_access'|'anonymous_access'|'advanced_settings')} PermissionType
  */
 
 /**
@@ -31,12 +31,20 @@ class Permission {
    * @param {boolean} [options.read=false] - The read access of the permission.
    * @param {boolean} [options.write=false] - The write access of the permission.
    * @param {boolean} [options.onlyOwnData=false] - If true, users can perform CRUD on documents that they created already.
+   * @param {string} [options.ownerIdField='refId'] - The name of the field that contains the owner's id of the document.
    */
-  constructor({ type, read = false, write = false, onlyOwnData = false }) {
+  constructor({
+    type,
+    read = false,
+    write = false,
+    onlyOwnData = false,
+    ownerIdField = "refId",
+  }) {
     this.type = type;
     this.read = read;
     this.write = write;
     this.onlyOwnData = onlyOwnData;
+    this.ownerIdField = ownerIdField;
   }
 }
 
@@ -45,18 +53,6 @@ class Permission {
  * Each static getter returns a string that represents a specific type of permission.
  */
 class PermissionTypes {
-  /**
-   * Create permission types.
-   * Each property represents a specific type of permission.
-   */
-  constructor() {
-    this.god_access = "god_access"; // Represents god access permission type
-    this.user_access = "user_access"; // Represents user access permission type
-    this.upload_file_access = "upload_file_access"; // Represents upload file access permission type
-    this.remove_file_access = "remove_file_access"; // Represents remove file access permission type
-    this.anonymous_access = "anonymous_access"; // Represents anonymous access permission type
-  }
-
   /**
    * Get the string representing god access permission type.
    * @return {string} The god access permission type.
@@ -65,6 +61,14 @@ class PermissionTypes {
     return "god_access";
   }
 
+  /**
+   * Get the string representing advanced settings permission type.
+   * @return {string} The advanced settings permission type.
+   */
+  static get advanced_settings() {
+    return "advanced_settings";
+  }
+
   /**
    * Get the string representing user access permission type.
    * @return {string} The user access permission type.
@@ -88,13 +92,31 @@ class PermissionTypes {
   static get remove_file_access() {
     return "remove_file_access";
   }
+}
 
+class PermissionGroup {
   /**
-   * Get the string representing anonymous access permission type.
-   * @return {string} The anonymous access permission type.
+   * Create a permission group.
+   * @param {Object} options - The options for the permission group.
+   * @param {string} options.title - The title of the permission group.
+   * @param {boolean} [options.isDefault=false] - If true, the permission group is the default permission group.
+   * @param {boolean} [options.isAnonymous=false] - If true, the permission group is the anonymous permission group.
+   * @param {Array.<PermissionType>} [options.validPermissionTypes=[]] - The valid permission types of the permission group.
+   * @return {PermissionGroup} The created permission group.
    */
-  static get anonymous_access() {
-    return "anonymous_access";
+  constructor({
+    title,
+    isDefault = false,
+    isAnonymous = false,
+    validPermissionTypes = [],
+  }) {
+    //
+    this.title = title;
+
+    this.isDefault = isDefault;
+    this.isAnonymous = isAnonymous;
+
+    this.validPermissionTypes = validPermissionTypes;
   }
 }
 
@@ -114,5 +136,6 @@ module.exports = {
   AccessDefinition,
   Permission,
   PermissionTypes,
+  PermissionGroup,
   AccessTypes,
 };

package/src/class/user.js

@@ -1,97 +1,112 @@
-let validateObject = require('./validator')
+const { config } = require("../config");
+let validateObject = require("./validator");
 
 module.exports = class User {
+  constructor(id, permissionGroup, phone, email, password, type, model) {
+    this.id = id;
+    this.permissionGroup = permissionGroup;
+    this.email = email;
+    this.phone = phone;
+    this.password = password;
+    this.type = type;
+    this.dbModel = model;
+  }
 
-    constructor(id, permission, phone, email, password, type, model)
-    {
-        this.id         = id;
-        this.permission = permission;
-        this.email      = email;
-        this.phone      = phone;
-        this.password   = password;
-        this.type       = type;
-        this.dbModel    = model;
-    }
+  getBrief() {
+    const permissionGroup = config.permissionGroups.find(
+      (group) => group.title == this.permissionGroup
+    );
 
-    getBrief()
-    {
-        let brief = {
-            id : this.id,
-            permission : this.permission,
-            phone : this.phone, 
-            email : this.email,
-            type  : this.type,
-        }
-
-        return brief;
-    }
+    const brief = {
+      id: this.id,
+      permissionGroup: permissionGroup,
+      phone: this.phone,
+      email: this.email,
+      type: this.type,
+    };
 
-    setNewDetail(detail)
-    {
-        if(detail.phone)    this.phone      = detail.phone;
-        if(detail.email)    this.email      = detail.email;
-        if(detail.password) this.password   = detail.password;
-    }
+    return brief;
+  }
 
-    hasPermission(permissionField)
-    {
-        let key = false;
+  setNewDetail(detail) {
+    if (detail.phone) this.phone = detail.phone;
+    if (detail.email) this.email = detail.email;
+    if (detail.password) this.password = detail.password;
+  }
 
-        if(this.permission[permissionField] == null)
-            return key;
+  hasPermission(permissionField) {
+    const permissionGroup = config.permissionGroups.find(
+      (group) => group.title == this.permissionGroup
+    );
 
-        key = this.permission[permissionField];
-        return key;
-    }
+    if (permissionGroup == null) return false;
 
-    async save()
-    {
-        this.mode['permission'] =  this.permission;
-        this.mode['phone']      =  this.phone;
-        this.mode['email']      =  this.email;
-        this.mode['password']   =  this.password;
+    let key = false;
 
-        await mode.save();
-    }
+    for (let i = 0; i < permissionGroup.validPermissionTypes.length; i++) {
+      const userPermissionType = permissionGroup.validPermissionTypes[i];
 
-    static loadFromModel(model)
-    {
-        return new Promise((done, reject) => 
-        {
-            // check required fields
-            let isValidData = validateObject(model, 'fullname email password permission');
-            if(!isValidData) 
-                reject(User.notValid(detail));
-
-            let id         = model.id;
-            let permission = model.permission; 
-            let phone      = model.phone;
-            let email      = model.email;
-            let password   = model.password;
-            let type       = model.type; 
-
-            //create user
-            let newUser = new User(id, permission, phone, email, password, type, model);
-            done(newUser);
-        });
+      if (userPermissionType == permissionField) {
+        key = true;
+        break;
+      }
     }
 
-    static createFromModel(model, detail)
-    {
-        return new Promise( async (done, reject) => 
-        {
-            //create user
-            await new model(detail).save()
-                .then(newUser => 
-                    done(User.loadFromModel(newUser)))
-                .catch(reject);
-        });
-    }
+    return key;
+  }
 
-    static notValid(object)
-    {
-        let error = `user detail are not valid ${object}`;
-        console.error(error);
-        return error;
-    }
-}
+  async save() {
+    this.mode["permissionGroup"] = this.permissionGroup;
+    this.mode["phone"] = this.phone;
+    this.mode["email"] = this.email;
+    this.mode["password"] = this.password;
+
+    await mode.save();
+  }
+
+  static loadFromModel(model) {
+    return new Promise((done, reject) => {
+      // check required fields
+      let isValidData = validateObject(
+        model,
+        "fullname email password permission"
+      );
+      if (!isValidData) reject(User.notValid(detail));
+
+      let id = model.id;
+      let permissionGroup = model.permissionGroup;
+      let phone = model.phone;
+      let email = model.email;
+      let password = model.password;
+      let type = model.type;
+
+      //create user
+      let newUser = new User(
+        id,
+        permissionGroup,
+        phone,
+        email,
+        password,
+        type,
+        model
+      );
+      done(newUser);
+    });
+  }
+
+  static createFromModel(model, detail) {
+    return new Promise(async (done, reject) => {
+      //create user
+      await new model(detail)
+        .save()
+        .then((newUser) => done(User.loadFromModel(newUser)))
+        .catch(reject);
+    });
+  }
+
+  static notValid(object) {
+    let error = `user detail are not valid ${object}`;
+    console.error(error);
+    return error;
+  }
+};