@punks/backend-entity-manager 0.0.27 → 0.0.28

package/dist/cjs/types/abstractions/authorization.d.ts

@@ -3,6 +3,7 @@ export interface IAuthorizationResult {
     isAuthorized: boolean;
 }
 export interface IEntityAuthorizationMiddleware<TEntity, TAuthenticationContext extends IAuthenticationContext<TUserContext>, TUserContext> {
+    canSearch(context: TAuthenticationContext): Promise<IAuthorizationResult>;
     canRead(entity: Partial<TEntity>, context: TAuthenticationContext): Promise<IAuthorizationResult>;
     canCreate(entity: Partial<TEntity>, context: TAuthenticationContext): Promise<IAuthorizationResult>;
     canUpdate(entity: Partial<TEntity>, context: TAuthenticationContext): Promise<IAuthorizationResult>;

package/dist/cjs/types/abstractions/errors.d.ts

@@ -5,13 +5,17 @@ export declare enum EntityOperationType {
     Create = 0,
     Update = 1,
     Delete = 2,
-    Read = 3
+    Read = 3,
+    Search = 4
 }
-export declare class EntityOperationUnauthorizedException<TEntity> extends EntityManagerException {
-    private readonly entity;
+export declare abstract class EntityManagerUnauthorizedException extends EntityManagerException {
+    constructor(message: string);
+}
+export declare class EntityOperationUnauthorizedException<TEntity> extends EntityManagerUnauthorizedException {
     private readonly operation;
-    constructor(operationType: EntityOperationType, entity: Partial<TEntity>, entityName: string);
-    get getEntity(): Partial<TEntity>;
+    private readonly entity?;
+    constructor(operationType: EntityOperationType, entityName: string, entity?: Partial<TEntity>);
+    get getEntity(): Partial<TEntity> | undefined;
     get getOperation(): EntityOperationType;
 }
 export declare class EntityNotFoundException<TEntityId> extends EntityManagerException {

package/dist/cjs/types/platforms/nest/__test__/server/entities/foo/authentication.d.ts

@@ -3,6 +3,7 @@ import { NestEntityAuthorizationMiddleware } from "../../../../authentication";
 import { AppAuthContext, AppUserContext } from "../../authentication";
 import { FooEntity } from "./entity";
 export declare class FooAuthMiddleware extends NestEntityAuthorizationMiddleware<FooEntity, AppAuthContext, AppUserContext> {
+    canSearch(context: AppAuthContext): Promise<IAuthorizationResult>;
     canRead(entity: Partial<FooEntity>, context: AppAuthContext): Promise<IAuthorizationResult>;
     canCreate(entity: Partial<FooEntity>, context: AppAuthContext): Promise<IAuthorizationResult>;
     canUpdate(entity: Partial<FooEntity>, context: AppAuthContext): Promise<IAuthorizationResult>;

package/dist/cjs/types/platforms/nest/authentication/entityAuthorizationMiddleware.d.ts

@@ -1,5 +1,6 @@
 import { IAuthenticationContext, IAuthorizationResult, IEntityAuthorizationMiddleware } from "../../../abstractions";
 export declare abstract class NestEntityAuthorizationMiddleware<TEntity, TAuthenticationContext extends IAuthenticationContext<TUserContext>, TUserContext> implements IEntityAuthorizationMiddleware<TEntity, TAuthenticationContext, TUserContext> {
+    abstract canSearch(context: TAuthenticationContext): Promise<IAuthorizationResult>;
     abstract canRead(entity: Partial<TEntity>, context: TAuthenticationContext): Promise<IAuthorizationResult>;
     abstract canCreate(entity: Partial<TEntity>, context: TAuthenticationContext): Promise<IAuthorizationResult>;
     abstract canUpdate(entity: Partial<TEntity>, context: TAuthenticationContext): Promise<IAuthorizationResult>;

package/dist/cjs/types/queries/search.d.ts

@@ -9,4 +9,5 @@ export declare class EntitiesSearchQuery<TEntity, TEntityId, TEntitySearchParame
     execute(request: TEntitySearchParameters): Promise<IEntitiesSearchResults<TEntitySearchParameters, TEntity, TSorting, TCursor, TFacets>>;
     private getContext;
     private filterAllowedEntities;
+    private authorizeSearch;
 }

package/dist/esm/index.js

@@ -19,9 +19,16 @@ var EntityOperationType;
     EntityOperationType[EntityOperationType["Update"] = 1] = "Update";
     EntityOperationType[EntityOperationType["Delete"] = 2] = "Delete";
     EntityOperationType[EntityOperationType["Read"] = 3] = "Read";
+    EntityOperationType[EntityOperationType["Search"] = 4] = "Search";
 })(EntityOperationType || (EntityOperationType = {}));
-class EntityOperationUnauthorizedException extends EntityManagerException {
-    constructor(operationType, entity, entityName) {
+class EntityManagerUnauthorizedException extends EntityManagerException {
+    constructor(message) {
+        super(message);
+        this.name = "EntityManagerUnauthorizedException";
+    }
+}
+class EntityOperationUnauthorizedException extends EntityManagerUnauthorizedException {
+    constructor(operationType, entityName, entity) {
         super(`The current user is not authorized to ${operationType} the entity of type ${entityName}.`);
         this.entity = entity;
         this.operation = operationType;
@@ -493,7 +500,7 @@ class EntityCreateCommand {
         const context = await contextService.getContext();
         const authorizationResult = await authorization.canCreate(entity, context);
         if (!authorizationResult.isAuthorized)
-            throw new EntityOperationUnauthorizedException(EntityOperationType.Create, entity, this.services.getEntityName());
+            throw new EntityOperationUnauthorizedException(EntityOperationType.Create, this.services.getEntityName(), entity);
     }
 }
 
@@ -519,7 +526,7 @@ class EntityDeleteCommand {
         const context = await contextService.getContext();
         const authorizationResult = await authorization.canDelete(entity, context);
         if (!authorizationResult.isAuthorized)
-            throw new EntityOperationUnauthorizedException(EntityOperationType.Delete, entity, this.services.getEntityName());
+            throw new EntityOperationUnauthorizedException(EntityOperationType.Delete, this.services.getEntityName(), entity);
     }
 }
 
@@ -557,7 +564,7 @@ class EntityUpdateCommand {
         const context = await contextService.getContext();
         const authorizationResult = await authorization.canUpdate(currentEntity, context);
         if (!authorizationResult.isAuthorized)
-            throw new EntityOperationUnauthorizedException(EntityOperationType.Create, currentEntity, this.services.getEntityName());
+            throw new EntityOperationUnauthorizedException(EntityOperationType.Create, this.services.getEntityName(), currentEntity);
     }
 }
 
@@ -594,12 +601,12 @@ class EntityUpsertCommand {
         if (currentEntity) {
             const updateResult = await authorization.canUpdate(currentEntity, context);
             if (!updateResult.isAuthorized)
-                throw new EntityOperationUnauthorizedException(EntityOperationType.Update, currentEntity, this.services.getEntityName());
+                throw new EntityOperationUnauthorizedException(EntityOperationType.Update, this.services.getEntityName(), currentEntity);
             return;
         }
         const authorizationResult = await authorization.canCreate(entity, context);
         if (!authorizationResult.isAuthorized)
-            throw new EntityOperationUnauthorizedException(EntityOperationType.Create, entity, this.services.getEntityName());
+            throw new EntityOperationUnauthorizedException(EntityOperationType.Create, this.services.getEntityName(), entity);
     }
 }
 
@@ -1077,7 +1084,7 @@ class EntityGetQuery {
         const context = await contextService.getContext();
         const authorizationResult = await authorization.canRead(entity, context);
         if (!authorizationResult.isAuthorized)
-            throw new EntityOperationUnauthorizedException(EntityOperationType.Read, entity, this.services.getEntityName());
+            throw new EntityOperationUnauthorizedException(EntityOperationType.Read, this.services.getEntityName(), entity);
     }
 }
 
@@ -1088,12 +1095,20 @@ class EntitiesSearchQuery {
     // @ts-ignore
     async execute(request) {
         const context = await this.getContext();
+        await this.authorizeSearch(context);
         const result = await this.services
             .resolveQueryBuilder()
             .search(request, context);
+        const filteredEntities = await this.filterAllowedEntities(result.items, context);
         return {
             ...result,
-            items: await this.filterAllowedEntities(result.items),
+            items: filteredEntities,
+            paging: result.paging
+                ? {
+                    ...result.paging,
+                    totPageItems: filteredEntities.length,
+                }
+                : undefined,
         };
     }
     async getContext() {
@@ -1104,13 +1119,11 @@ class EntitiesSearchQuery {
         const contextService = this.services.resolveAuthenticationContextProvider();
         return await contextService.getContext();
     }
-    async filterAllowedEntities(entities) {
+    async filterAllowedEntities(entities, context) {
         const authorization = this.services.resolveAuthorizationMiddleware();
         if (!authorization) {
             return entities;
         }
-        const contextService = this.services.resolveAuthenticationContextProvider();
-        const context = await contextService.getContext();
         const filteredEntities = await Promise.all(entities.map(async (entity) => {
             const authorizationResult = await authorization.canRead(entity, context);
             if (!authorizationResult.isAuthorized) {
@@ -1120,6 +1133,16 @@ class EntitiesSearchQuery {
         }));
         return filteredEntities.filter((entity) => entity !== null);
     }
+    async authorizeSearch(context) {
+        const authorization = this.services.resolveAuthorizationMiddleware();
+        if (!authorization) {
+            return;
+        }
+        const { isAuthorized } = await authorization.canSearch(context);
+        if (!isAuthorized) {
+            throw new EntityOperationUnauthorizedException(EntityOperationType.Search, this.services.getEntityName());
+        }
+    }
 }
 
 var ConnectorMode;
@@ -18924,6 +18947,9 @@ class AppExceptionsFilterBase {
         if (exception instanceof EntityOperationUnauthorizedException) {
             return HttpStatus.UNAUTHORIZED;
         }
+        if (exception instanceof EntityNotFoundException) {
+            return HttpStatus.NOT_FOUND;
+        }
         if (exception instanceof HttpException) {
             return exception.getStatus();
         }
@@ -19121,5 +19147,5 @@ EntityManagerModule = __decorate([
 
 const newUuid = newUuid$1;
 
-export { AppExceptionsFilterBase, AppSessionMiddleware, AppSessionService, AuthenticationModule, EntityManagerException, EntityManagerInitializer, EntityManagerModule, EntityManagerRegistry, EntityManagerSymbols, EntityNotFoundException, EntityOperationType, EntityOperationUnauthorizedException, ModulesContainerProvider, MultiTenancyModule, MultipleEntitiesFoundException, NestEntityActions, NestEntityAuthorizationMiddleware, NestEntityManager, NestTypeOrmQueryBuilder, NestTypeOrmRepository, QueryBuilderBase, ReplicationMode, SortDirection, WpEntity, WpEntityActions, WpEntityAdapter, WpEntityAuthMiddleware, WpEntityConnector, WpEntityConverter, WpEntityManager, WpEntityQueryBuilder, WpEntityRepository, newUuid };
+export { AppExceptionsFilterBase, AppSessionMiddleware, AppSessionService, AuthenticationModule, EntityManagerException, EntityManagerInitializer, EntityManagerModule, EntityManagerRegistry, EntityManagerSymbols, EntityManagerUnauthorizedException, EntityNotFoundException, EntityOperationType, EntityOperationUnauthorizedException, ModulesContainerProvider, MultiTenancyModule, MultipleEntitiesFoundException, NestEntityActions, NestEntityAuthorizationMiddleware, NestEntityManager, NestTypeOrmQueryBuilder, NestTypeOrmRepository, QueryBuilderBase, ReplicationMode, SortDirection, WpEntity, WpEntityActions, WpEntityAdapter, WpEntityAuthMiddleware, WpEntityConnector, WpEntityConverter, WpEntityManager, WpEntityQueryBuilder, WpEntityRepository, newUuid };
 //# sourceMappingURL=index.js.map