@modular-rest/server 1.8.0 → 1.10.1

package/src/services/data_provider/service.js

@@ -11,6 +11,7 @@ let permissionDefinitions = {};
 
 let triggers = require("../../class/trigger_operator");
 let TypeCasters = require("./typeCasters");
+const { config } = require("../../config");
 
 /**
  *
@@ -66,8 +67,16 @@ function connectToDatabaseByCollectionDefinitionList(
       });
 
       // add trigger
-      if (collectionDefinition.trigger != undefined) {
-        triggers.addTrigger(collectionDefinition.trigger);
+      if (collectionDefinition.triggers != undefined) {
+        if (!Array.isArray(collectionDefinition.triggers)) {
+          throw "Triggers must be an array";
+        }
+
+        collectionDefinition.triggers.forEach((trigger) => {
+          trigger.database = collectionDefinition.database;
+          trigger.collection = collectionDefinition.collection;
+          triggers.addTrigger(trigger);
+        });
       }
     });
 
@@ -132,7 +141,11 @@ function _getPermissionList(db, collection, operationType) {
 
   if (!permissionDefinitions.hasOwnProperty(db)) return permissionList;
 
-  permissionDefinition = permissionDefinitions[db][collection];
+  try {
+    permissionDefinition = permissionDefinitions[db][collection];
+  } catch (error) {
+    return permissionList;
+  }
 
   permissionDefinition.permissionList.forEach((permission) => {
     if (permission.onlyOwnData == true) {
@@ -147,30 +160,40 @@ function _getPermissionList(db, collection, operationType) {
   return permissionList;
 }
 
+/**
+ * Check access to a collection.
+ * @param {string} db - The database name.
+ * @param {string} collection - The collection name.
+ * @param {string} operationType - The operation type.
+ * @param {object} queryOrDoc - The query or document.
+ * @param {import('../../class/user')} user - The user.
+ * @returns {boolean} The access result.
+ */
 function checkAccess(db, collection, operationType, queryOrDoc, user) {
   let key = false;
-  const permissionList = _getPermissionList(db, collection, operationType);
 
-  permissionList.forEach((permission) => {
-    let permissionType = permission.type;
+  const collectionPermissionList = _getPermissionList(
+    db,
+    collection,
+    operationType
+  );
+
+  collectionPermissionList.forEach((permission) => {
+    const collectionPermissionType = permission.type;
 
     if (permission.onlyOwnData == true) {
       const userId = user.id;
 
       try {
-        if (
-          queryOrDoc[permission.ownerIdField].toString() === userId.toString()
-        )
-          key = true;
+        key =
+          queryOrDoc[permission.ownerIdField].toString() === userId.toString();
       } catch (error) {
         key = false;
       }
-    } else if (operationType == AccessTypes.read) {
-      if (permission.read && user.permission[permissionType] == true)
-        key = true;
-    } else if (operationType == AccessTypes.write) {
-      if (permission.write && user.permission[permissionType] == true)
-        key = true;
+    } else if (operationType == AccessTypes.read && permission.read) {
+      key = user.hasPermission(collectionPermissionType);
+    } else if (operationType == AccessTypes.write && permission.write) {
+      key = user.hasPermission(collectionPermissionType);
     }
   });
 

package/src/services/user_manager/db.js

@@ -3,37 +3,17 @@ var Schema = mongoose.Schema;
 
 let CollectionDefinition = require("../../class/collection_definition");
 let { Permission, PermissionTypes } = require("../../class/security");
-
-/**
- * Permission schema
- *
- * This schema is generated dynamically
- * by combining default & custom permissions.
- */
-let permissionSchemaConstructorOption = {
-  title: String,
-  isAnonymous: { type: Boolean, default: false },
-  isDefault: { type: Boolean, default: false },
-};
-Object.keys(new PermissionTypes()).forEach((key) => {
-  let fieldOption = { type: Boolean, default: false };
-  permissionSchemaConstructorOption[key] = fieldOption;
-});
-
-let permissionSchema = new Schema(permissionSchemaConstructorOption);
-permissionSchema.index({ title: 1 }, { unique: true });
+const { config } = require("../../config");
+const triggerOperator = require("./../../class/trigger_operator");
 
 let authSchema = new Schema({
-  permission: {
-    type: Schema.Types.ObjectId,
-    ref: "permission",
-    required: false,
-  },
+  permissionGroup: String,
   email: String,
   phone: String,
   password: String,
   type: { type: String, default: "user", enum: ["user", "anonymous"] },
 });
+
 authSchema.index({ email: 1 }, { unique: true });
 authSchema.pre(["save", "updateOne"], function (next) {
   // Encode the password before saving
@@ -43,6 +23,46 @@ authSchema.pre(["save", "updateOne"], function (next) {
   next();
 });
 
+authSchema.post("save", function (doc, next) {
+  triggerOperator.call("insert-one", "cms", "auth", {
+    query: null,
+    queryResult: doc._doc,
+  });
+  next();
+});
+
+authSchema.post("findOneAndUpdate", function (doc, next) {
+  triggerOperator.call("update-one", "cms", "auth", {
+    query: null,
+    queryResult: doc._doc,
+  });
+  next();
+});
+
+authSchema.post("updateOne", function (result, next) {
+  triggerOperator.call("update-one", "cms", "auth", {
+    query: null,
+    queryResult: doc._doc,
+  });
+  next();
+});
+
+authSchema.post("findOneAndDelete", function (doc, next) {
+  triggerOperator.call("remove-one", "cms", "auth", {
+    query: null,
+    queryResult: doc._doc,
+  });
+  next();
+});
+
+authSchema.post("deleteOne", function (result, next) {
+  triggerOperator.call("remove-one", "cms", "auth", {
+    query: null,
+    queryResult: doc._doc,
+  });
+  next();
+});
+
 module.exports = [
   new CollectionDefinition({
     db: "cms",
@@ -55,18 +75,6 @@ module.exports = [
         write: true,
       }),
     ],
-  }),
-
-  new CollectionDefinition({
-    db: "cms",
-    collection: "permission",
-    schema: permissionSchema,
-    permissions: [
-      new Permission({
-        type: PermissionTypes.advanced_settings,
-        read: true,
-        write: true,
-      }),
-    ],
+    triggers: config.authTriggers || [],
   }),
 ];

package/src/services/user_manager/permissionManager.js

@@ -0,0 +1,43 @@
+const { config } = require("../../config");
+
+function getDefaultPermissionGroups() {
+  const defaultPermissionGroups = config.permissionGroups.find(
+    (group) => group.isDefault
+  );
+
+  if (defaultPermissionGroups == null) {
+    throw new Error("Default permission group not found");
+  }
+
+  return defaultPermissionGroups;
+}
+
+function getDefaultAnonymousPermissionGroup() {
+  const anonymousPermission = config.permissionGroups.find(
+    (group) => group.isAnonymous
+  );
+
+  if (anonymousPermission == null) {
+    throw new Error("Anonymous permission group not found");
+  }
+
+  return anonymousPermission;
+}
+
+function getDefaultAdministratorPermissionGroup() {
+  const administratorPermission = config.permissionGroups.find(
+    (group) => group.title.toString() == "administrator"
+  );
+
+  if (administratorPermission == null) {
+    throw new Error("Administrator permission group not found");
+  }
+
+  return administratorPermission;
+}
+
+module.exports = {
+  getDefaultPermissionGroups,
+  getDefaultAnonymousPermissionGroup,
+  getDefaultAdministratorPermissionGroup,
+};

package/src/services/user_manager/service.js

@@ -1,6 +1,12 @@
-let User = require("../../class/user");
+const User = require("../../class/user");
 const DataProvider = require("../data_provider/service");
 const JWT = require("../jwt/service");
+const { getDefaultPermissionGroups } = require("./permissionManager");
+
+/**
+ * import user type
+ * @typedef {import('../../class/user')} User
+ */
 
 class UserManager {
   constructor() {
@@ -42,7 +48,6 @@ class UserManager {
       let userDoc = await userModel
         .findOne({ _id: id })
         .select({ password: 0 })
-        .populate("permission")
         .exec()
         .catch(reject);
 
@@ -75,7 +80,6 @@ class UserManager {
       let userDoc = await userModel
         .findOne(query)
         .select({ password: 0 })
-        .populate("permission")
         .exec()
         .catch(reject);
 
@@ -93,21 +97,10 @@ class UserManager {
    * Get a user by their token.
    * @param {string} token - The token of the user.
    * @returns {Promise<User>} A promise that resolves to the user.
-   * @throws {string} If the user has a wrong permission.
    */
-  getUserByToken(token) {
-    return JWT.main.verify(token).then(async (payload) => {
-      let user = payload;
-      let permission = await DataProvider.getCollection("cms", "permission")
-        .findOne({ _id: user.permission })
-        .exec()
-        .then();
-
-      if (!permission) throw "user has a wrong permission";
-
-      user.permission = permission;
-      return user;
-    });
+  async getUserByToken(token) {
+    const { id } = await JWT.main.verify(token);
+    return this.getUserById(id);
   }
 
   /**
@@ -155,11 +148,7 @@ class UserManager {
       else if (idType == "email") query["email"] = id;
 
       // Get from database
-      const gottenFromDB = await userModel
-        .findOne(query)
-        .populate("permission")
-        .exec()
-        .catch(reject);
+      const gottenFromDB = await userModel.findOne(query).exec().catch(reject);
 
       if (!gottenFromDB) reject("user not found");
       // Token
@@ -193,11 +182,7 @@ class UserManager {
       const query = { email: email };
 
       // Get from database
-      const gottenFromDB = await userModel
-        .findOne(query)
-        .populate("permission")
-        .exec()
-        .catch(reject);
+      const gottenFromDB = await userModel.findOne(query).exec().catch(reject);
 
       if (!gottenFromDB) reject("user not found");
 
@@ -230,7 +215,6 @@ class UserManager {
       // Get from database
       let gottenFromDB = await userModel
         .findOne(query)
-        .populate("permission")
         .exec()
         .then()
         .catch(reject);
@@ -333,20 +317,14 @@ class UserManager {
   registerUser(detail) {
     return new Promise(async (done, reject) => {
       // get default permission
-      let permissionId;
-      let perM = DataProvider.getCollection("cms", "permission");
-
-      let pQuery = { isDefault: true };
-
-      if (detail.type == "anonymous") pQuery = { isAnonymous: true };
-
-      await perM
-        .findOne(pQuery, "_id")
-        .exec()
-        .then((doc) => (permissionId = doc._id))
-        .catch(reject);
+      if (!detail.permissionGroup) {
+        detail.permissionGroup = getDefaultPermissionGroups().title;
+      }
 
-      detail.permission = permissionId;
+      if (!detail.permissionGroup) {
+        reject("default permission group not found");
+        return;
+      }
 
       let authM = DataProvider.getCollection("cms", "auth");
       return User.createFromModel(authM, detail)