@restura/core 0.1.2 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +17 -0
- package/dist/index.d.ts +17 -0
- package/dist/index.js +20 -9
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +20 -9
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -572,7 +572,15 @@ var ResponseValidator = class _ResponseValidator {
|
|
|
572
572
|
return { validator: map, isArray: route.type === "ARRAY" };
|
|
573
573
|
}
|
|
574
574
|
getFieldResponseType(field, tableName) {
|
|
575
|
-
if (field.
|
|
575
|
+
if (field.type) {
|
|
576
|
+
if (_ResponseValidator.validatorIsValidString(field.type)) {
|
|
577
|
+
return { validator: field.type };
|
|
578
|
+
}
|
|
579
|
+
if (field.type.includes("|")) {
|
|
580
|
+
return { validator: this.parseValidationEnum(field.type) };
|
|
581
|
+
}
|
|
582
|
+
return { validator: "object" };
|
|
583
|
+
} else if (field.selector) {
|
|
576
584
|
return this.getTypeFromTable(field.selector, tableName);
|
|
577
585
|
} else if (field.subquery) {
|
|
578
586
|
const table = this.database.find((t) => t.name == tableName);
|
|
@@ -798,7 +806,9 @@ var ApiTree = class _ApiTree {
|
|
|
798
806
|
}
|
|
799
807
|
getNameAndType(p, routeBaseTable, joins) {
|
|
800
808
|
let responseType = "any", isNullable = false, array = false;
|
|
801
|
-
if (p.
|
|
809
|
+
if (p.type) {
|
|
810
|
+
responseType = p.type;
|
|
811
|
+
} else if (p.selector) {
|
|
802
812
|
({ responseType, isNullable } = this.getTypeFromTable(p.selector, p.name));
|
|
803
813
|
const selectorKey = p.selector.split(".")[0];
|
|
804
814
|
if (selectorKey !== routeBaseTable) {
|
|
@@ -1082,7 +1092,8 @@ var responseDataSchema = z3.object({
|
|
|
1082
1092
|
// Explicit type for the lazy schema
|
|
1083
1093
|
groupBy: groupBySchema.optional(),
|
|
1084
1094
|
orderBy: orderBySchema.optional()
|
|
1085
|
-
}).optional()
|
|
1095
|
+
}).optional(),
|
|
1096
|
+
type: z3.string().optional()
|
|
1086
1097
|
}).strict();
|
|
1087
1098
|
var routeDataBaseSchema = z3.object({
|
|
1088
1099
|
method: z3.enum(["GET", "POST", "PUT", "PATCH", "DELETE"]),
|
|
@@ -1714,7 +1725,7 @@ import { ObjectUtils as ObjectUtils3 } from "@redskytech/core-utils";
|
|
|
1714
1725
|
var SqlEngine = class {
|
|
1715
1726
|
async runQueryForRoute(req, routeData, schema) {
|
|
1716
1727
|
if (!this.doesRoleHavePermissionToTable(req.requesterDetails.role, schema, routeData.table))
|
|
1717
|
-
throw new RsError("
|
|
1728
|
+
throw new RsError("FORBIDDEN", "You do not have permission to access this table");
|
|
1718
1729
|
switch (routeData.method) {
|
|
1719
1730
|
case "POST":
|
|
1720
1731
|
return this.executeCreateRequest(req, routeData, schema);
|
|
@@ -1733,6 +1744,7 @@ var SqlEngine = class {
|
|
|
1733
1744
|
return tableSchema;
|
|
1734
1745
|
}
|
|
1735
1746
|
doesRoleHavePermissionToColumn(role, schema, item, joins) {
|
|
1747
|
+
if (item.type) return true;
|
|
1736
1748
|
if (item.selector) {
|
|
1737
1749
|
let tableName = item.selector.split(".")[0];
|
|
1738
1750
|
const columnName = item.selector.split(".")[1];
|
|
@@ -2207,7 +2219,7 @@ var PsqlEngine = class extends SqlEngine {
|
|
|
2207
2219
|
if (item.subquery || this.doesRoleHavePermissionToColumn(userRole, schema, item, routeData.joins))
|
|
2208
2220
|
selectColumns.push(item);
|
|
2209
2221
|
});
|
|
2210
|
-
if (!selectColumns.length) throw new RsError("
|
|
2222
|
+
if (!selectColumns.length) throw new RsError("FORBIDDEN", `You do not have permission to access this data.`);
|
|
2211
2223
|
let selectStatement = "SELECT \n";
|
|
2212
2224
|
selectStatement += ` ${selectColumns.map((item) => {
|
|
2213
2225
|
if (item.subquery) {
|
|
@@ -2215,7 +2227,7 @@ var PsqlEngine = class extends SqlEngine {
|
|
|
2215
2227
|
item.name
|
|
2216
2228
|
)}`;
|
|
2217
2229
|
}
|
|
2218
|
-
return `${escapeColumnName(item.selector)} AS ${escapeColumnName(item.name)}`;
|
|
2230
|
+
return `${item.type ? item.selector : escapeColumnName(item.selector)} AS ${escapeColumnName(item.name)}`;
|
|
2219
2231
|
}).join(",\n ")}
|
|
2220
2232
|
`;
|
|
2221
2233
|
sqlStatement += `FROM "${routeData.table}"
|
|
@@ -2315,7 +2327,7 @@ DELETE FROM "${routeData.table}" ${joinStatement} ${whereClause}`;
|
|
|
2315
2327
|
let joinStatements = "";
|
|
2316
2328
|
joins.forEach((item) => {
|
|
2317
2329
|
if (!this.doesRoleHavePermissionToTable(userRole, schema, item.table))
|
|
2318
|
-
throw new RsError("
|
|
2330
|
+
throw new RsError("FORBIDDEN", "You do not have permission to access this table");
|
|
2319
2331
|
if (item.custom) {
|
|
2320
2332
|
const customReplaced = this.replaceParamKeywords(item.custom, routeData, req, sqlParams);
|
|
2321
2333
|
joinStatements += ` ${item.type} JOIN ${escapeColumnName(item.table)}${item.alias ? `AS "${item.alias}"` : ""} ON ${customReplaced}
|
|
@@ -2958,8 +2970,7 @@ var ResturaEngine = class {
|
|
|
2958
2970
|
validateAuthorization(req, routeData) {
|
|
2959
2971
|
const role = req.requesterDetails.role;
|
|
2960
2972
|
if (routeData.roles.length === 0 || !role) return;
|
|
2961
|
-
if (!routeData.roles.includes(role))
|
|
2962
|
-
throw new RsError("UNAUTHORIZED", "Not authorized to access this endpoint");
|
|
2973
|
+
if (!routeData.roles.includes(role)) throw new RsError("FORBIDDEN", "Not authorized to access this endpoint");
|
|
2963
2974
|
}
|
|
2964
2975
|
getRouteData(method, baseUrl, path5) {
|
|
2965
2976
|
const endpoint = this.schema.endpoints.find((item) => {
|