@rebasepro/server-core 0.2.4 → 0.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/common/src/collections/default-collections.d.ts +5 -8
- package/dist/index.es.js +150 -169
- package/dist/index.es.js.map +1 -1
- package/dist/index.umd.js +150 -169
- package/dist/index.umd.js.map +1 -1
- package/dist/types/src/controllers/auth.d.ts +2 -2
- package/dist/types/src/controllers/client.d.ts +25 -40
- package/dist/types/src/controllers/data.d.ts +4 -0
- package/dist/types/src/controllers/data_driver.d.ts +5 -0
- package/dist/types/src/types/auth_adapter.d.ts +3 -56
- package/dist/types/src/types/backend.d.ts +2 -2
- package/dist/types/src/types/backend_hooks.d.ts +2 -17
- package/dist/types/src/types/properties.d.ts +7 -5
- package/dist/types/src/types/user_management_delegate.d.ts +16 -53
- package/dist/types/src/users/index.d.ts +0 -1
- package/dist/types/src/users/user.d.ts +0 -1
- package/package.json +5 -5
- package/src/auth/admin-routes.ts +2 -91
- package/src/auth/builtin-auth-adapter.ts +5 -55
- package/src/auth/custom-auth-adapter.ts +1 -1
- package/src/init.ts +19 -1
- package/test/admin-routes.test.ts +0 -169
- package/test/backend-hooks-admin.test.ts +0 -25
- package/test/custom-auth-adapter.test.ts +2 -10
- package/dist/types/src/users/roles.d.ts +0 -14
package/dist/index.umd.js
CHANGED
|
@@ -2534,6 +2534,142 @@
|
|
|
2534
2534
|
};
|
|
2535
2535
|
}
|
|
2536
2536
|
}
|
|
2537
|
+
const defaultUsersCollection = {
|
|
2538
|
+
name: "Users",
|
|
2539
|
+
singularName: "User",
|
|
2540
|
+
slug: "users",
|
|
2541
|
+
table: "users",
|
|
2542
|
+
schema: "rebase",
|
|
2543
|
+
icon: "Users",
|
|
2544
|
+
group: "Settings",
|
|
2545
|
+
openEntityMode: "dialog",
|
|
2546
|
+
disableDefaultActions: ["copy"],
|
|
2547
|
+
sort: ["createdAt", "desc"],
|
|
2548
|
+
properties: {
|
|
2549
|
+
id: {
|
|
2550
|
+
name: "ID",
|
|
2551
|
+
type: "string",
|
|
2552
|
+
isId: "uuid",
|
|
2553
|
+
ui: {
|
|
2554
|
+
readOnly: true
|
|
2555
|
+
}
|
|
2556
|
+
},
|
|
2557
|
+
email: {
|
|
2558
|
+
name: "Email",
|
|
2559
|
+
type: "string",
|
|
2560
|
+
validation: {
|
|
2561
|
+
required: true,
|
|
2562
|
+
unique: true
|
|
2563
|
+
}
|
|
2564
|
+
},
|
|
2565
|
+
displayName: {
|
|
2566
|
+
name: "Name",
|
|
2567
|
+
type: "string",
|
|
2568
|
+
columnName: "display_name",
|
|
2569
|
+
validation: {
|
|
2570
|
+
required: true
|
|
2571
|
+
}
|
|
2572
|
+
},
|
|
2573
|
+
photoURL: {
|
|
2574
|
+
name: "Photo URL",
|
|
2575
|
+
type: "string",
|
|
2576
|
+
columnName: "photo_url",
|
|
2577
|
+
url: "image"
|
|
2578
|
+
},
|
|
2579
|
+
roles: {
|
|
2580
|
+
name: "Roles",
|
|
2581
|
+
type: "array",
|
|
2582
|
+
columnType: "text[]",
|
|
2583
|
+
of: {
|
|
2584
|
+
name: "Role",
|
|
2585
|
+
type: "string",
|
|
2586
|
+
enum: {
|
|
2587
|
+
admin: "Admin",
|
|
2588
|
+
editor: "Editor",
|
|
2589
|
+
viewer: "Viewer"
|
|
2590
|
+
}
|
|
2591
|
+
}
|
|
2592
|
+
},
|
|
2593
|
+
passwordHash: {
|
|
2594
|
+
name: "Password Hash",
|
|
2595
|
+
type: "string",
|
|
2596
|
+
columnName: "password_hash",
|
|
2597
|
+
ui: {
|
|
2598
|
+
hideFromCollection: true,
|
|
2599
|
+
disabled: {
|
|
2600
|
+
hidden: true
|
|
2601
|
+
}
|
|
2602
|
+
}
|
|
2603
|
+
},
|
|
2604
|
+
emailVerified: {
|
|
2605
|
+
name: "Email Verified",
|
|
2606
|
+
type: "boolean",
|
|
2607
|
+
columnName: "email_verified",
|
|
2608
|
+
defaultValue: false,
|
|
2609
|
+
ui: {
|
|
2610
|
+
hideFromCollection: true,
|
|
2611
|
+
disabled: {
|
|
2612
|
+
hidden: true
|
|
2613
|
+
}
|
|
2614
|
+
}
|
|
2615
|
+
},
|
|
2616
|
+
emailVerificationToken: {
|
|
2617
|
+
name: "Email Verification Token",
|
|
2618
|
+
type: "string",
|
|
2619
|
+
columnName: "email_verification_token",
|
|
2620
|
+
ui: {
|
|
2621
|
+
hideFromCollection: true,
|
|
2622
|
+
disabled: {
|
|
2623
|
+
hidden: true
|
|
2624
|
+
}
|
|
2625
|
+
}
|
|
2626
|
+
},
|
|
2627
|
+
emailVerificationSentAt: {
|
|
2628
|
+
name: "Email Verification Sent At",
|
|
2629
|
+
type: "date",
|
|
2630
|
+
columnName: "email_verification_sent_at",
|
|
2631
|
+
ui: {
|
|
2632
|
+
hideFromCollection: true,
|
|
2633
|
+
disabled: {
|
|
2634
|
+
hidden: true
|
|
2635
|
+
}
|
|
2636
|
+
}
|
|
2637
|
+
},
|
|
2638
|
+
metadata: {
|
|
2639
|
+
name: "Metadata",
|
|
2640
|
+
type: "map",
|
|
2641
|
+
defaultValue: {},
|
|
2642
|
+
ui: {
|
|
2643
|
+
hideFromCollection: true,
|
|
2644
|
+
disabled: {
|
|
2645
|
+
hidden: true
|
|
2646
|
+
}
|
|
2647
|
+
}
|
|
2648
|
+
},
|
|
2649
|
+
createdAt: {
|
|
2650
|
+
name: "Created At",
|
|
2651
|
+
type: "date",
|
|
2652
|
+
columnName: "created_at",
|
|
2653
|
+
ui: {
|
|
2654
|
+
readOnly: true
|
|
2655
|
+
}
|
|
2656
|
+
},
|
|
2657
|
+
updatedAt: {
|
|
2658
|
+
name: "Updated At",
|
|
2659
|
+
type: "date",
|
|
2660
|
+
columnName: "updated_at",
|
|
2661
|
+
autoValue: "on_update",
|
|
2662
|
+
ui: {
|
|
2663
|
+
hideFromCollection: true,
|
|
2664
|
+
disabled: {
|
|
2665
|
+
hidden: true
|
|
2666
|
+
}
|
|
2667
|
+
}
|
|
2668
|
+
}
|
|
2669
|
+
},
|
|
2670
|
+
listProperties: ["displayName", "email", "roles", "createdAt"],
|
|
2671
|
+
propertiesOrder: ["id", "email", "displayName", "roles", "createdAt"]
|
|
2672
|
+
};
|
|
2537
2673
|
function mapOperator$1(op) {
|
|
2538
2674
|
switch (op) {
|
|
2539
2675
|
case "==":
|
|
@@ -13022,11 +13158,6 @@ Si tienes alguna pregunta, no dudes en contactarnos respondiendo a este correo.
|
|
|
13022
13158
|
const results = await Promise.all(users.map((u) => applyUserAfterRead(u, ctx)));
|
|
13023
13159
|
return results.filter((u) => u !== null);
|
|
13024
13160
|
}
|
|
13025
|
-
async function applyRoleAfterReadBatch(roles, ctx) {
|
|
13026
|
-
if (!hooks?.roles?.afterRead) return roles;
|
|
13027
|
-
const results = await Promise.all(roles.map((r) => hooks.roles.afterRead(r, ctx)));
|
|
13028
|
-
return results.filter((r) => r !== null);
|
|
13029
|
-
}
|
|
13030
13161
|
function toAdminUser(u, roles) {
|
|
13031
13162
|
return {
|
|
13032
13163
|
uid: u.id,
|
|
@@ -13385,90 +13516,6 @@ Si tienes alguna pregunta, no dudes en contactarnos respondiendo a este correo.
|
|
|
13385
13516
|
success: true
|
|
13386
13517
|
});
|
|
13387
13518
|
});
|
|
13388
|
-
router.get("/roles", requireAdmin, async (c) => {
|
|
13389
|
-
const roles = await authRepo.listRoles();
|
|
13390
|
-
const hookCtx = buildHookContext(c, "GET");
|
|
13391
|
-
let adminRoles = roles.map((r) => ({
|
|
13392
|
-
id: r.id,
|
|
13393
|
-
name: r.name,
|
|
13394
|
-
isAdmin: r.isAdmin,
|
|
13395
|
-
defaultPermissions: r.defaultPermissions
|
|
13396
|
-
}));
|
|
13397
|
-
adminRoles = await applyRoleAfterReadBatch(adminRoles, hookCtx);
|
|
13398
|
-
return c.json({
|
|
13399
|
-
roles: adminRoles
|
|
13400
|
-
});
|
|
13401
|
-
});
|
|
13402
|
-
router.get("/roles/:roleId", requireAdmin, async (c) => {
|
|
13403
|
-
const roleId = c.req.param("roleId");
|
|
13404
|
-
const role = await authRepo.getRoleById(roleId);
|
|
13405
|
-
if (!role) {
|
|
13406
|
-
throw ApiError.notFound("Role not found");
|
|
13407
|
-
}
|
|
13408
|
-
return c.json({
|
|
13409
|
-
role
|
|
13410
|
-
});
|
|
13411
|
-
});
|
|
13412
|
-
router.post("/roles", requireAdmin, async (c) => {
|
|
13413
|
-
const body = await c.req.json();
|
|
13414
|
-
const {
|
|
13415
|
-
id,
|
|
13416
|
-
name: name2,
|
|
13417
|
-
isAdmin,
|
|
13418
|
-
defaultPermissions
|
|
13419
|
-
} = body;
|
|
13420
|
-
if (!id || !name2) {
|
|
13421
|
-
throw ApiError.badRequest("Role ID and name are required", "INVALID_INPUT");
|
|
13422
|
-
}
|
|
13423
|
-
const existing = await authRepo.getRoleById(id);
|
|
13424
|
-
if (existing) {
|
|
13425
|
-
throw ApiError.conflict("Role already exists", "ROLE_EXISTS");
|
|
13426
|
-
}
|
|
13427
|
-
const role = await authRepo.createRole({
|
|
13428
|
-
id,
|
|
13429
|
-
name: name2,
|
|
13430
|
-
isAdmin: isAdmin ?? false,
|
|
13431
|
-
defaultPermissions: defaultPermissions ?? null
|
|
13432
|
-
});
|
|
13433
|
-
return c.json({
|
|
13434
|
-
role
|
|
13435
|
-
}, 201);
|
|
13436
|
-
});
|
|
13437
|
-
router.put("/roles/:roleId", requireAdmin, async (c) => {
|
|
13438
|
-
const roleId = c.req.param("roleId");
|
|
13439
|
-
const body = await c.req.json();
|
|
13440
|
-
const {
|
|
13441
|
-
name: name2,
|
|
13442
|
-
isAdmin,
|
|
13443
|
-
defaultPermissions
|
|
13444
|
-
} = body;
|
|
13445
|
-
const existing = await authRepo.getRoleById(roleId);
|
|
13446
|
-
if (!existing) {
|
|
13447
|
-
throw ApiError.notFound("Role not found");
|
|
13448
|
-
}
|
|
13449
|
-
const role = await authRepo.updateRole(roleId, {
|
|
13450
|
-
name: name2,
|
|
13451
|
-
isAdmin,
|
|
13452
|
-
defaultPermissions
|
|
13453
|
-
});
|
|
13454
|
-
return c.json({
|
|
13455
|
-
role
|
|
13456
|
-
});
|
|
13457
|
-
});
|
|
13458
|
-
router.delete("/roles/:roleId", requireAdmin, async (c) => {
|
|
13459
|
-
const roleId = c.req.param("roleId");
|
|
13460
|
-
if (["admin", "editor", "viewer"].includes(roleId)) {
|
|
13461
|
-
throw ApiError.badRequest("Cannot delete built-in roles", "BUILTIN_ROLE");
|
|
13462
|
-
}
|
|
13463
|
-
const existing = await authRepo.getRoleById(roleId);
|
|
13464
|
-
if (!existing) {
|
|
13465
|
-
throw ApiError.notFound("Role not found");
|
|
13466
|
-
}
|
|
13467
|
-
await authRepo.deleteRole(roleId);
|
|
13468
|
-
return c.json({
|
|
13469
|
-
success: true
|
|
13470
|
-
});
|
|
13471
|
-
});
|
|
13472
13519
|
return router;
|
|
13473
13520
|
}
|
|
13474
13521
|
function createBuiltinAuthAdapter(config) {
|
|
@@ -13512,8 +13559,7 @@ Si tienes alguna pregunta, no dudes en contactarnos respondiendo a este correo.
|
|
|
13512
13559
|
const extendedPayload = payload;
|
|
13513
13560
|
let roles = payload.roles || [];
|
|
13514
13561
|
try {
|
|
13515
|
-
|
|
13516
|
-
roles = userRoles.map((r) => r.id);
|
|
13562
|
+
roles = await authRepository.getUserRoleIds(payload.userId);
|
|
13517
13563
|
} catch {
|
|
13518
13564
|
}
|
|
13519
13565
|
const isAdmin = roles.some((r) => r === "admin" || r === "schema-admin");
|
|
@@ -13543,8 +13589,7 @@ Si tienes alguna pregunta, no dudes en contactarnos respondiendo a este correo.
|
|
|
13543
13589
|
const extendedPayload = payload;
|
|
13544
13590
|
let roles = payload.roles || [];
|
|
13545
13591
|
try {
|
|
13546
|
-
|
|
13547
|
-
roles = userRoles.map((r) => r.id);
|
|
13592
|
+
roles = await authRepository.getUserRoleIds(payload.userId);
|
|
13548
13593
|
} catch {
|
|
13549
13594
|
}
|
|
13550
13595
|
const isAdmin = roles.some((r) => r === "admin" || r === "schema-admin");
|
|
@@ -13558,7 +13603,6 @@ Si tienes alguna pregunta, no dudes en contactarnos respondiendo a este correo.
|
|
|
13558
13603
|
};
|
|
13559
13604
|
},
|
|
13560
13605
|
userManagement: createUserManagementFromRepo(authRepository, resolvedOps, authHooks),
|
|
13561
|
-
roleManagement: createRoleManagementFromRepo(authRepository),
|
|
13562
13606
|
createAuthRoutes() {
|
|
13563
13607
|
return createAuthRoutes({
|
|
13564
13608
|
authRepo: authRepository,
|
|
@@ -13674,43 +13718,13 @@ Si tienes alguna pregunta, no dudes en contactarnos respondiendo a este correo.
|
|
|
13674
13718
|
}
|
|
13675
13719
|
},
|
|
13676
13720
|
async getUserRoles(userId) {
|
|
13677
|
-
|
|
13678
|
-
return roles.map(toAuthRoleData);
|
|
13721
|
+
return repo.getUserRoleIds(userId);
|
|
13679
13722
|
},
|
|
13680
13723
|
async setUserRoles(userId, roleIds) {
|
|
13681
13724
|
await repo.setUserRoles(userId, roleIds);
|
|
13682
13725
|
}
|
|
13683
13726
|
};
|
|
13684
13727
|
}
|
|
13685
|
-
function createRoleManagementFromRepo(repo) {
|
|
13686
|
-
return {
|
|
13687
|
-
async listRoles() {
|
|
13688
|
-
const roles = await repo.listRoles();
|
|
13689
|
-
return roles.map(toAuthRoleData);
|
|
13690
|
-
},
|
|
13691
|
-
async getRoleById(id) {
|
|
13692
|
-
const role = await repo.getRoleById(id);
|
|
13693
|
-
return role ? toAuthRoleData(role) : null;
|
|
13694
|
-
},
|
|
13695
|
-
async createRole(data) {
|
|
13696
|
-
const role = await repo.createRole({
|
|
13697
|
-
id: data.id,
|
|
13698
|
-
name: data.name,
|
|
13699
|
-
isAdmin: data.isAdmin,
|
|
13700
|
-
defaultPermissions: data.defaultPermissions,
|
|
13701
|
-
collectionPermissions: data.collectionPermissions
|
|
13702
|
-
});
|
|
13703
|
-
return toAuthRoleData(role);
|
|
13704
|
-
},
|
|
13705
|
-
async updateRole(id, data) {
|
|
13706
|
-
const role = await repo.updateRole(id, data);
|
|
13707
|
-
return role ? toAuthRoleData(role) : null;
|
|
13708
|
-
},
|
|
13709
|
-
async deleteRole(id) {
|
|
13710
|
-
await repo.deleteRole(id);
|
|
13711
|
-
}
|
|
13712
|
-
};
|
|
13713
|
-
}
|
|
13714
13728
|
function toAuthUserData(user) {
|
|
13715
13729
|
return {
|
|
13716
13730
|
id: user.id,
|
|
@@ -13723,15 +13737,6 @@ Si tienes alguna pregunta, no dudes en contactarnos respondiendo a este correo.
|
|
|
13723
13737
|
updatedAt: user.updatedAt
|
|
13724
13738
|
};
|
|
13725
13739
|
}
|
|
13726
|
-
function toAuthRoleData(role) {
|
|
13727
|
-
return {
|
|
13728
|
-
id: role.id,
|
|
13729
|
-
name: role.name,
|
|
13730
|
-
isAdmin: role.isAdmin,
|
|
13731
|
-
defaultPermissions: role.defaultPermissions,
|
|
13732
|
-
collectionPermissions: role.collectionPermissions
|
|
13733
|
-
};
|
|
13734
|
-
}
|
|
13735
13740
|
function configureLogLevel(logLevel) {
|
|
13736
13741
|
const LOG_LEVEL = logLevel || process.env.LOG_LEVEL || "info";
|
|
13737
13742
|
const logLevels = {
|
|
@@ -24914,7 +24919,6 @@ ${credentialScope}
|
|
|
24914
24919
|
verifyRequest: options2.verifyRequest,
|
|
24915
24920
|
verifyToken: resolvedVerifyToken,
|
|
24916
24921
|
userManagement: options2.userManagement,
|
|
24917
|
-
roleManagement: options2.roleManagement,
|
|
24918
24922
|
getCapabilities() {
|
|
24919
24923
|
return defaultCapabilities;
|
|
24920
24924
|
}
|
|
@@ -26961,33 +26965,6 @@ ${credentialScope}
|
|
|
26961
26965
|
method: "DELETE"
|
|
26962
26966
|
});
|
|
26963
26967
|
}
|
|
26964
|
-
async function listRoles() {
|
|
26965
|
-
return transport.request(adminPath + "/roles", {
|
|
26966
|
-
method: "GET"
|
|
26967
|
-
});
|
|
26968
|
-
}
|
|
26969
|
-
async function getRole(roleId) {
|
|
26970
|
-
return transport.request(adminPath + "/roles/" + encodeURIComponent(roleId), {
|
|
26971
|
-
method: "GET"
|
|
26972
|
-
});
|
|
26973
|
-
}
|
|
26974
|
-
async function createRole(data) {
|
|
26975
|
-
return transport.request(adminPath + "/roles", {
|
|
26976
|
-
method: "POST",
|
|
26977
|
-
body: JSON.stringify(data)
|
|
26978
|
-
});
|
|
26979
|
-
}
|
|
26980
|
-
async function updateRole(roleId, data) {
|
|
26981
|
-
return transport.request(adminPath + "/roles/" + encodeURIComponent(roleId), {
|
|
26982
|
-
method: "PUT",
|
|
26983
|
-
body: JSON.stringify(data)
|
|
26984
|
-
});
|
|
26985
|
-
}
|
|
26986
|
-
async function deleteRole(roleId) {
|
|
26987
|
-
return transport.request(adminPath + "/roles/" + encodeURIComponent(roleId), {
|
|
26988
|
-
method: "DELETE"
|
|
26989
|
-
});
|
|
26990
|
-
}
|
|
26991
26968
|
async function bootstrap() {
|
|
26992
26969
|
return transport.request(adminPath + "/bootstrap", {
|
|
26993
26970
|
method: "POST"
|
|
@@ -27000,11 +26977,6 @@ ${credentialScope}
|
|
|
27000
26977
|
createUser,
|
|
27001
26978
|
updateUser,
|
|
27002
26979
|
deleteUser,
|
|
27003
|
-
listRoles,
|
|
27004
|
-
getRole,
|
|
27005
|
-
createRole,
|
|
27006
|
-
updateRole,
|
|
27007
|
-
deleteRole,
|
|
27008
26980
|
bootstrap
|
|
27009
26981
|
};
|
|
27010
26982
|
}
|
|
@@ -38549,6 +38521,9 @@ ${credentialScope}
|
|
|
38549
38521
|
dir: config.collectionsDir
|
|
38550
38522
|
});
|
|
38551
38523
|
}
|
|
38524
|
+
if (config.auth) {
|
|
38525
|
+
activeCollections = Array.from(new Map([defaultUsersCollection, ...activeCollections].map((c) => [c.slug, c])).values());
|
|
38526
|
+
}
|
|
38552
38527
|
const realtimeServices = {};
|
|
38553
38528
|
const delegates = {};
|
|
38554
38529
|
let bootstrappers = config.bootstrappers || [];
|
|
@@ -38617,8 +38592,7 @@ ${credentialScope}
|
|
|
38617
38592
|
id: authAdapter.id
|
|
38618
38593
|
});
|
|
38619
38594
|
authConfigResult = {
|
|
38620
|
-
userService: authAdapter.userManagement ?? {}
|
|
38621
|
-
roleService: authAdapter.roleManagement ?? {}
|
|
38595
|
+
userService: authAdapter.userManagement ?? {}
|
|
38622
38596
|
};
|
|
38623
38597
|
} else {
|
|
38624
38598
|
const safeAuthConfig = config.auth;
|
|
@@ -38964,6 +38938,13 @@ ${credentialScope}
|
|
|
38964
38938
|
configured: emailService.isConfigured()
|
|
38965
38939
|
});
|
|
38966
38940
|
}
|
|
38941
|
+
const driverAdmin = defaultBootstrapper.getAdmin?.(defaultDriverResult);
|
|
38942
|
+
if (isSQLAdmin(driverAdmin)) {
|
|
38943
|
+
Object.assign(serverClient, {
|
|
38944
|
+
sql: (query, options2) => driverAdmin.executeSql(query, options2)
|
|
38945
|
+
});
|
|
38946
|
+
logger.info("SQL capability attached to singleton");
|
|
38947
|
+
}
|
|
38967
38948
|
_initRebase(serverClient);
|
|
38968
38949
|
logger.info("Rebase singleton initialized");
|
|
38969
38950
|
if (defaultDriverResult.internals) {
|