@punks/backend-entity-manager 0.0.27 → 0.0.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.js +39 -12
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/types/abstractions/authorization.d.ts +1 -0
- package/dist/cjs/types/abstractions/errors.d.ts +9 -5
- package/dist/cjs/types/authorization/allowAll.d.ts +1 -0
- package/dist/cjs/types/platforms/nest/__test__/server/entities/foo/authentication.d.ts +1 -0
- package/dist/cjs/types/platforms/nest/authentication/entityAuthorizationMiddleware.d.ts +1 -0
- package/dist/cjs/types/queries/search.d.ts +1 -0
- package/dist/esm/index.js +39 -13
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/types/abstractions/authorization.d.ts +1 -0
- package/dist/esm/types/abstractions/errors.d.ts +9 -5
- package/dist/esm/types/authorization/allowAll.d.ts +1 -0
- package/dist/esm/types/platforms/nest/__test__/server/entities/foo/authentication.d.ts +1 -0
- package/dist/esm/types/platforms/nest/authentication/entityAuthorizationMiddleware.d.ts +1 -0
- package/dist/esm/types/queries/search.d.ts +1 -0
- package/dist/index.d.ts +12 -6
- package/package.json +1 -1
package/dist/cjs/index.js
CHANGED
|
@@ -23,9 +23,16 @@ exports.EntityOperationType = void 0;
|
|
|
23
23
|
EntityOperationType[EntityOperationType["Update"] = 1] = "Update";
|
|
24
24
|
EntityOperationType[EntityOperationType["Delete"] = 2] = "Delete";
|
|
25
25
|
EntityOperationType[EntityOperationType["Read"] = 3] = "Read";
|
|
26
|
+
EntityOperationType[EntityOperationType["Search"] = 4] = "Search";
|
|
26
27
|
})(exports.EntityOperationType || (exports.EntityOperationType = {}));
|
|
27
|
-
class
|
|
28
|
-
constructor(
|
|
28
|
+
class EntityManagerUnauthorizedException extends EntityManagerException {
|
|
29
|
+
constructor(message) {
|
|
30
|
+
super(message);
|
|
31
|
+
this.name = "EntityManagerUnauthorizedException";
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
class EntityOperationUnauthorizedException extends EntityManagerUnauthorizedException {
|
|
35
|
+
constructor(operationType, entityName, entity) {
|
|
29
36
|
super(`The current user is not authorized to ${operationType} the entity of type ${entityName}.`);
|
|
30
37
|
this.entity = entity;
|
|
31
38
|
this.operation = operationType;
|
|
@@ -497,7 +504,7 @@ class EntityCreateCommand {
|
|
|
497
504
|
const context = await contextService.getContext();
|
|
498
505
|
const authorizationResult = await authorization.canCreate(entity, context);
|
|
499
506
|
if (!authorizationResult.isAuthorized)
|
|
500
|
-
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Create,
|
|
507
|
+
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Create, this.services.getEntityName(), entity);
|
|
501
508
|
}
|
|
502
509
|
}
|
|
503
510
|
|
|
@@ -523,7 +530,7 @@ class EntityDeleteCommand {
|
|
|
523
530
|
const context = await contextService.getContext();
|
|
524
531
|
const authorizationResult = await authorization.canDelete(entity, context);
|
|
525
532
|
if (!authorizationResult.isAuthorized)
|
|
526
|
-
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Delete,
|
|
533
|
+
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Delete, this.services.getEntityName(), entity);
|
|
527
534
|
}
|
|
528
535
|
}
|
|
529
536
|
|
|
@@ -561,7 +568,7 @@ class EntityUpdateCommand {
|
|
|
561
568
|
const context = await contextService.getContext();
|
|
562
569
|
const authorizationResult = await authorization.canUpdate(currentEntity, context);
|
|
563
570
|
if (!authorizationResult.isAuthorized)
|
|
564
|
-
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Create,
|
|
571
|
+
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Create, this.services.getEntityName(), currentEntity);
|
|
565
572
|
}
|
|
566
573
|
}
|
|
567
574
|
|
|
@@ -598,12 +605,12 @@ class EntityUpsertCommand {
|
|
|
598
605
|
if (currentEntity) {
|
|
599
606
|
const updateResult = await authorization.canUpdate(currentEntity, context);
|
|
600
607
|
if (!updateResult.isAuthorized)
|
|
601
|
-
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Update,
|
|
608
|
+
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Update, this.services.getEntityName(), currentEntity);
|
|
602
609
|
return;
|
|
603
610
|
}
|
|
604
611
|
const authorizationResult = await authorization.canCreate(entity, context);
|
|
605
612
|
if (!authorizationResult.isAuthorized)
|
|
606
|
-
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Create,
|
|
613
|
+
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Create, this.services.getEntityName(), entity);
|
|
607
614
|
}
|
|
608
615
|
}
|
|
609
616
|
|
|
@@ -1081,7 +1088,7 @@ class EntityGetQuery {
|
|
|
1081
1088
|
const context = await contextService.getContext();
|
|
1082
1089
|
const authorizationResult = await authorization.canRead(entity, context);
|
|
1083
1090
|
if (!authorizationResult.isAuthorized)
|
|
1084
|
-
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Read,
|
|
1091
|
+
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Read, this.services.getEntityName(), entity);
|
|
1085
1092
|
}
|
|
1086
1093
|
}
|
|
1087
1094
|
|
|
@@ -1092,12 +1099,20 @@ class EntitiesSearchQuery {
|
|
|
1092
1099
|
// @ts-ignore
|
|
1093
1100
|
async execute(request) {
|
|
1094
1101
|
const context = await this.getContext();
|
|
1102
|
+
await this.authorizeSearch(context);
|
|
1095
1103
|
const result = await this.services
|
|
1096
1104
|
.resolveQueryBuilder()
|
|
1097
1105
|
.search(request, context);
|
|
1106
|
+
const filteredEntities = await this.filterAllowedEntities(result.items, context);
|
|
1098
1107
|
return {
|
|
1099
1108
|
...result,
|
|
1100
|
-
items:
|
|
1109
|
+
items: filteredEntities,
|
|
1110
|
+
paging: result.paging
|
|
1111
|
+
? {
|
|
1112
|
+
...result.paging,
|
|
1113
|
+
totPageItems: filteredEntities.length,
|
|
1114
|
+
}
|
|
1115
|
+
: undefined,
|
|
1101
1116
|
};
|
|
1102
1117
|
}
|
|
1103
1118
|
async getContext() {
|
|
@@ -1108,13 +1123,11 @@ class EntitiesSearchQuery {
|
|
|
1108
1123
|
const contextService = this.services.resolveAuthenticationContextProvider();
|
|
1109
1124
|
return await contextService.getContext();
|
|
1110
1125
|
}
|
|
1111
|
-
async filterAllowedEntities(entities) {
|
|
1126
|
+
async filterAllowedEntities(entities, context) {
|
|
1112
1127
|
const authorization = this.services.resolveAuthorizationMiddleware();
|
|
1113
1128
|
if (!authorization) {
|
|
1114
1129
|
return entities;
|
|
1115
1130
|
}
|
|
1116
|
-
const contextService = this.services.resolveAuthenticationContextProvider();
|
|
1117
|
-
const context = await contextService.getContext();
|
|
1118
1131
|
const filteredEntities = await Promise.all(entities.map(async (entity) => {
|
|
1119
1132
|
const authorizationResult = await authorization.canRead(entity, context);
|
|
1120
1133
|
if (!authorizationResult.isAuthorized) {
|
|
@@ -1124,6 +1137,16 @@ class EntitiesSearchQuery {
|
|
|
1124
1137
|
}));
|
|
1125
1138
|
return filteredEntities.filter((entity) => entity !== null);
|
|
1126
1139
|
}
|
|
1140
|
+
async authorizeSearch(context) {
|
|
1141
|
+
const authorization = this.services.resolveAuthorizationMiddleware();
|
|
1142
|
+
if (!authorization) {
|
|
1143
|
+
return;
|
|
1144
|
+
}
|
|
1145
|
+
const { isAuthorized } = await authorization.canSearch(context);
|
|
1146
|
+
if (!isAuthorized) {
|
|
1147
|
+
throw new EntityOperationUnauthorizedException(exports.EntityOperationType.Search, this.services.getEntityName());
|
|
1148
|
+
}
|
|
1149
|
+
}
|
|
1127
1150
|
}
|
|
1128
1151
|
|
|
1129
1152
|
var ConnectorMode;
|
|
@@ -18928,6 +18951,9 @@ class AppExceptionsFilterBase {
|
|
|
18928
18951
|
if (exception instanceof EntityOperationUnauthorizedException) {
|
|
18929
18952
|
return common.HttpStatus.UNAUTHORIZED;
|
|
18930
18953
|
}
|
|
18954
|
+
if (exception instanceof EntityNotFoundException) {
|
|
18955
|
+
return common.HttpStatus.NOT_FOUND;
|
|
18956
|
+
}
|
|
18931
18957
|
if (exception instanceof common.HttpException) {
|
|
18932
18958
|
return exception.getStatus();
|
|
18933
18959
|
}
|
|
@@ -19128,6 +19154,7 @@ const newUuid = backendCore.newUuid;
|
|
|
19128
19154
|
exports.AppExceptionsFilterBase = AppExceptionsFilterBase;
|
|
19129
19155
|
exports.EntityManagerException = EntityManagerException;
|
|
19130
19156
|
exports.EntityManagerSymbols = EntityManagerSymbols;
|
|
19157
|
+
exports.EntityManagerUnauthorizedException = EntityManagerUnauthorizedException;
|
|
19131
19158
|
exports.EntityNotFoundException = EntityNotFoundException;
|
|
19132
19159
|
exports.EntityOperationUnauthorizedException = EntityOperationUnauthorizedException;
|
|
19133
19160
|
exports.MultipleEntitiesFoundException = MultipleEntitiesFoundException;
|