@strapi/utils 5.12.1 → 5.12.2

package/dist/sanitize/index.mjs

@@ -0,0 +1,194 @@
+import { isArray, omit, cloneDeep } from 'lodash/fp';
+import { getNonWritableAttributes, constants } from '../content-types.mjs';
+import { pipe } from '../async.mjs';
+import * as index from './visitors/index.mjs';
+export { index as visitors };
+import { defaultSanitizeFilters, defaultSanitizeSort, defaultSanitizeFields, defaultSanitizePopulate, defaultSanitizeOutput } from './sanitizers.mjs';
+import * as sanitizers from './sanitizers.mjs';
+export { sanitizers };
+import traverseEntity from '../traverse-entity.mjs';
+import traverseQueryFilters from '../traverse/query-filters.mjs';
+import traverseQuerySort from '../traverse/query-sort.mjs';
+import traverseQueryPopulate from '../traverse/query-populate.mjs';
+import '../traverse/query-fields.mjs';
+import removeRestrictedFields from './visitors/remove-restricted-fields.mjs';
+import removeRestrictedRelations from './visitors/remove-restricted-relations.mjs';
+
+const createAPISanitizers = (opts)=>{
+    const { getModel } = opts;
+    const sanitizeInput = (data, schema, { auth } = {})=>{
+        if (!schema) {
+            throw new Error('Missing schema in sanitizeInput');
+        }
+        if (isArray(data)) {
+            return Promise.all(data.map((entry)=>sanitizeInput(entry, schema, {
+                    auth
+                })));
+        }
+        const nonWritableAttributes = getNonWritableAttributes(schema);
+        const transforms = [
+            // Remove first level ID in inputs
+            omit(constants.ID_ATTRIBUTE),
+            omit(constants.DOC_ID_ATTRIBUTE),
+            // Remove non-writable attributes
+            traverseEntity(removeRestrictedFields(nonWritableAttributes), {
+                schema,
+                getModel
+            })
+        ];
+        if (auth) {
+            // Remove restricted relations
+            transforms.push(traverseEntity(removeRestrictedRelations(auth), {
+                schema,
+                getModel
+            }));
+        }
+        // Apply sanitizers from registry if exists
+        opts?.sanitizers?.input?.forEach((sanitizer)=>transforms.push(sanitizer(schema)));
+        return pipe(...transforms)(data);
+    };
+    const sanitizeOutput = async (data, schema, { auth } = {})=>{
+        if (!schema) {
+            throw new Error('Missing schema in sanitizeOutput');
+        }
+        if (isArray(data)) {
+            const res = new Array(data.length);
+            for(let i = 0; i < data.length; i += 1){
+                res[i] = await sanitizeOutput(data[i], schema, {
+                    auth
+                });
+            }
+            return res;
+        }
+        const transforms = [
+            (data)=>defaultSanitizeOutput({
+                    schema,
+                    getModel
+                }, data)
+        ];
+        if (auth) {
+            transforms.push(traverseEntity(removeRestrictedRelations(auth), {
+                schema,
+                getModel
+            }));
+        }
+        // Apply sanitizers from registry if exists
+        opts?.sanitizers?.output?.forEach((sanitizer)=>transforms.push(sanitizer(schema)));
+        return pipe(...transforms)(data);
+    };
+    const sanitizeQuery = async (query, schema, { auth } = {})=>{
+        if (!schema) {
+            throw new Error('Missing schema in sanitizeQuery');
+        }
+        const { filters, sort, fields, populate } = query;
+        const sanitizedQuery = cloneDeep(query);
+        if (filters) {
+            Object.assign(sanitizedQuery, {
+                filters: await sanitizeFilters(filters, schema, {
+                    auth
+                })
+            });
+        }
+        if (sort) {
+            Object.assign(sanitizedQuery, {
+                sort: await sanitizeSort(sort, schema, {
+                    auth
+                })
+            });
+        }
+        if (fields) {
+            Object.assign(sanitizedQuery, {
+                fields: await sanitizeFields(fields, schema)
+            });
+        }
+        if (populate) {
+            Object.assign(sanitizedQuery, {
+                populate: await sanitizePopulate(populate, schema)
+            });
+        }
+        return sanitizedQuery;
+    };
+    const sanitizeFilters = (filters, schema, { auth } = {})=>{
+        if (!schema) {
+            throw new Error('Missing schema in sanitizeFilters');
+        }
+        if (isArray(filters)) {
+            return Promise.all(filters.map((filter)=>sanitizeFilters(filter, schema, {
+                    auth
+                })));
+        }
+        const transforms = [
+            defaultSanitizeFilters({
+                schema,
+                getModel
+            })
+        ];
+        if (auth) {
+            transforms.push(traverseQueryFilters(removeRestrictedRelations(auth), {
+                schema,
+                getModel
+            }));
+        }
+        return pipe(...transforms)(filters);
+    };
+    const sanitizeSort = (sort, schema, { auth } = {})=>{
+        if (!schema) {
+            throw new Error('Missing schema in sanitizeSort');
+        }
+        const transforms = [
+            defaultSanitizeSort({
+                schema,
+                getModel
+            })
+        ];
+        if (auth) {
+            transforms.push(traverseQuerySort(removeRestrictedRelations(auth), {
+                schema,
+                getModel
+            }));
+        }
+        return pipe(...transforms)(sort);
+    };
+    const sanitizeFields = (fields, schema)=>{
+        if (!schema) {
+            throw new Error('Missing schema in sanitizeFields');
+        }
+        const transforms = [
+            defaultSanitizeFields({
+                schema,
+                getModel
+            })
+        ];
+        return pipe(...transforms)(fields);
+    };
+    const sanitizePopulate = (populate, schema, { auth } = {})=>{
+        if (!schema) {
+            throw new Error('Missing schema in sanitizePopulate');
+        }
+        const transforms = [
+            defaultSanitizePopulate({
+                schema,
+                getModel
+            })
+        ];
+        if (auth) {
+            transforms.push(traverseQueryPopulate(removeRestrictedRelations(auth), {
+                schema,
+                getModel
+            }));
+        }
+        return pipe(...transforms)(populate);
+    };
+    return {
+        input: sanitizeInput,
+        output: sanitizeOutput,
+        query: sanitizeQuery,
+        filters: sanitizeFilters,
+        sort: sanitizeSort,
+        fields: sanitizeFields,
+        populate: sanitizePopulate
+    };
+};
+
+export { createAPISanitizers };
+//# sourceMappingURL=index.mjs.map

package/dist/sanitize/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","sources":["../../src/sanitize/index.ts"],"sourcesContent":["import { CurriedFunction1 } from 'lodash';\nimport { isArray, cloneDeep, omit } from 'lodash/fp';\n\nimport { constants, getNonWritableAttributes } from '../content-types';\nimport { pipe as pipeAsync } from '../async';\n\nimport * as visitors from './visitors';\nimport * as sanitizers from './sanitizers';\nimport traverseEntity from '../traverse-entity';\n\nimport { traverseQueryFilters, traverseQuerySort, traverseQueryPopulate } from '../traverse';\nimport type { Model, Data } from '../types';\n\nexport interface Options {\n  auth?: unknown;\n}\n\nexport interface Sanitizer {\n  (schema: Model): CurriedFunction1<Data, Promise<Data>>;\n}\nexport interface SanitizeFunc {\n  (data: unknown, schema: Model, options?: Options): Promise<unknown>;\n}\n\nexport interface APIOptions {\n  sanitizers?: Sanitizers;\n  getModel: (model: string) => Model;\n}\n\nexport interface Sanitizers {\n  input?: Sanitizer[];\n  output?: Sanitizer[];\n}\n\nconst createAPISanitizers = (opts: APIOptions) => {\n  const { getModel } = opts;\n\n  const sanitizeInput: SanitizeFunc = (data: unknown, schema: Model, { auth } = {}) => {\n    if (!schema) {\n      throw new Error('Missing schema in sanitizeInput');\n    }\n    if (isArray(data)) {\n      return Promise.all(data.map((entry) => sanitizeInput(entry, schema, { auth })));\n    }\n\n    const nonWritableAttributes = getNonWritableAttributes(schema);\n\n    const transforms = [\n      // Remove first level ID in inputs\n      omit(constants.ID_ATTRIBUTE),\n      omit(constants.DOC_ID_ATTRIBUTE),\n      // Remove non-writable attributes\n      traverseEntity(visitors.removeRestrictedFields(nonWritableAttributes), { schema, getModel }),\n    ];\n\n    if (auth) {\n      // Remove restricted relations\n      transforms.push(\n        traverseEntity(visitors.removeRestrictedRelations(auth), { schema, getModel })\n      );\n    }\n\n    // Apply sanitizers from registry if exists\n    opts?.sanitizers?.input?.forEach((sanitizer: Sanitizer) => transforms.push(sanitizer(schema)));\n\n    return pipeAsync(...transforms)(data as Data);\n  };\n\n  const sanitizeOutput: SanitizeFunc = async (data, schema: Model, { auth } = {}) => {\n    if (!schema) {\n      throw new Error('Missing schema in sanitizeOutput');\n    }\n    if (isArray(data)) {\n      const res = new Array(data.length);\n      for (let i = 0; i < data.length; i += 1) {\n        res[i] = await sanitizeOutput(data[i], schema, { auth });\n      }\n      return res;\n    }\n\n    const transforms = [\n      (data: Data) => sanitizers.defaultSanitizeOutput({ schema, getModel }, data),\n    ];\n\n    if (auth) {\n      transforms.push(\n        traverseEntity(visitors.removeRestrictedRelations(auth), { schema, getModel })\n      );\n    }\n\n    // Apply sanitizers from registry if exists\n    opts?.sanitizers?.output?.forEach((sanitizer: Sanitizer) => transforms.push(sanitizer(schema)));\n\n    return pipeAsync(...transforms)(data as Data);\n  };\n\n  const sanitizeQuery = async (\n    query: Record<string, unknown>,\n    schema: Model,\n    { auth }: Options = {}\n  ) => {\n    if (!schema) {\n      throw new Error('Missing schema in sanitizeQuery');\n    }\n    const { filters, sort, fields, populate } = query;\n\n    const sanitizedQuery = cloneDeep(query);\n\n    if (filters) {\n      Object.assign(sanitizedQuery, { filters: await sanitizeFilters(filters, schema, { auth }) });\n    }\n\n    if (sort) {\n      Object.assign(sanitizedQuery, { sort: await sanitizeSort(sort, schema, { auth }) });\n    }\n\n    if (fields) {\n      Object.assign(sanitizedQuery, { fields: await sanitizeFields(fields, schema) });\n    }\n\n    if (populate) {\n      Object.assign(sanitizedQuery, { populate: await sanitizePopulate(populate, schema) });\n    }\n\n    return sanitizedQuery;\n  };\n\n  const sanitizeFilters: SanitizeFunc = (filters, schema: Model, { auth } = {}) => {\n    if (!schema) {\n      throw new Error('Missing schema in sanitizeFilters');\n    }\n    if (isArray(filters)) {\n      return Promise.all(filters.map((filter) => sanitizeFilters(filter, schema, { auth })));\n    }\n\n    const transforms = [sanitizers.defaultSanitizeFilters({ schema, getModel })];\n\n    if (auth) {\n      transforms.push(\n        traverseQueryFilters(visitors.removeRestrictedRelations(auth), { schema, getModel })\n      );\n    }\n\n    return pipeAsync(...transforms)(filters);\n  };\n\n  const sanitizeSort: SanitizeFunc = (sort, schema: Model, { auth } = {}) => {\n    if (!schema) {\n      throw new Error('Missing schema in sanitizeSort');\n    }\n    const transforms = [sanitizers.defaultSanitizeSort({ schema, getModel })];\n\n    if (auth) {\n      transforms.push(\n        traverseQuerySort(visitors.removeRestrictedRelations(auth), { schema, getModel })\n      );\n    }\n\n    return pipeAsync(...transforms)(sort);\n  };\n\n  const sanitizeFields: SanitizeFunc = (fields, schema: Model) => {\n    if (!schema) {\n      throw new Error('Missing schema in sanitizeFields');\n    }\n    const transforms = [sanitizers.defaultSanitizeFields({ schema, getModel })];\n\n    return pipeAsync(...transforms)(fields);\n  };\n\n  const sanitizePopulate: SanitizeFunc = (populate, schema: Model, { auth } = {}) => {\n    if (!schema) {\n      throw new Error('Missing schema in sanitizePopulate');\n    }\n    const transforms = [sanitizers.defaultSanitizePopulate({ schema, getModel })];\n\n    if (auth) {\n      transforms.push(\n        traverseQueryPopulate(visitors.removeRestrictedRelations(auth), { schema, getModel })\n      );\n    }\n\n    return pipeAsync(...transforms)(populate);\n  };\n\n  return {\n    input: sanitizeInput,\n    output: sanitizeOutput,\n    query: sanitizeQuery,\n    filters: sanitizeFilters,\n    sort: sanitizeSort,\n    fields: sanitizeFields,\n    populate: sanitizePopulate,\n  };\n};\n\nexport { createAPISanitizers, sanitizers, visitors };\n\nexport type APISanitiers = ReturnType<typeof createAPISanitizers>;\n"],"names":["createAPISanitizers","opts","getModel","sanitizeInput","data","schema","auth","Error","isArray","Promise","all","map","entry","nonWritableAttributes","getNonWritableAttributes","transforms","omit","constants","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","traverseEntity","visitors","push","sanitizers","input","forEach","sanitizer","pipeAsync","sanitizeOutput","res","Array","length","i","output","sanitizeQuery","query","filters","sort","fields","populate","sanitizedQuery","cloneDeep","Object","assign","sanitizeFilters","sanitizeSort","sanitizeFields","sanitizePopulate","filter","traverseQueryFilters","traverseQuerySort","traverseQueryPopulate"],"mappings":";;;;;;;;;;;;;;;;AAkCA,MAAMA,sBAAsB,CAACC,IAAAA,GAAAA;IAC3B,MAAM,EAAEC,QAAQ,EAAE,GAAGD,IAAAA;IAErB,MAAME,aAAAA,GAA8B,CAACC,IAAeC,EAAAA,MAAAA,EAAe,EAAEC,IAAI,EAAE,GAAG,EAAE,GAAA;AAC9E,QAAA,IAAI,CAACD,MAAQ,EAAA;AACX,YAAA,MAAM,IAAIE,KAAM,CAAA,iCAAA,CAAA;AAClB;AACA,QAAA,IAAIC,QAAQJ,IAAO,CAAA,EAAA;YACjB,OAAOK,OAAAA,CAAQC,GAAG,CAACN,IAAKO,CAAAA,GAAG,CAAC,CAACC,KAAAA,GAAUT,aAAcS,CAAAA,KAAAA,EAAOP,MAAQ,EAAA;AAAEC,oBAAAA;AAAK,iBAAA,CAAA,CAAA,CAAA;AAC7E;AAEA,QAAA,MAAMO,wBAAwBC,wBAAyBT,CAAAA,MAAAA,CAAAA;AAEvD,QAAA,MAAMU,UAAa,GAAA;;AAEjBC,YAAAA,IAAAA,CAAKC,UAAUC,YAAY,CAAA;AAC3BF,YAAAA,IAAAA,CAAKC,UAAUE,gBAAgB,CAAA;;YAE/BC,cAAeC,CAAAA,sBAA+B,CAACR,qBAAwB,CAAA,EAAA;AAAER,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA;AAC3F,SAAA;AAED,QAAA,IAAII,IAAM,EAAA;;AAERS,YAAAA,UAAAA,CAAWO,IAAI,CACbF,cAAAA,CAAeC,yBAAkC,CAACf,IAAO,CAAA,EAAA;AAAED,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA,CAAA,CAAA;AAEhF;;QAGAD,IAAMsB,EAAAA,UAAAA,EAAYC,OAAOC,OAAQ,CAAA,CAACC,YAAyBX,UAAWO,CAAAA,IAAI,CAACI,SAAUrB,CAAAA,MAAAA,CAAAA,CAAAA,CAAAA;AAErF,QAAA,OAAOsB,QAAaZ,UAAYX,CAAAA,CAAAA,IAAAA,CAAAA;AAClC,KAAA;IAEA,MAAMwB,cAAAA,GAA+B,OAAOxB,IAAMC,EAAAA,MAAAA,EAAe,EAAEC,IAAI,EAAE,GAAG,EAAE,GAAA;AAC5E,QAAA,IAAI,CAACD,MAAQ,EAAA;AACX,YAAA,MAAM,IAAIE,KAAM,CAAA,kCAAA,CAAA;AAClB;AACA,QAAA,IAAIC,QAAQJ,IAAO,CAAA,EAAA;AACjB,YAAA,MAAMyB,GAAM,GAAA,IAAIC,KAAM1B,CAAAA,IAAAA,CAAK2B,MAAM,CAAA;YACjC,IAAK,IAAIC,IAAI,CAAGA,EAAAA,CAAAA,GAAI5B,KAAK2B,MAAM,EAAEC,KAAK,CAAG,CAAA;gBACvCH,GAAG,CAACG,EAAE,GAAG,MAAMJ,eAAexB,IAAI,CAAC4B,CAAE,CAAA,EAAE3B,MAAQ,EAAA;AAAEC,oBAAAA;AAAK,iBAAA,CAAA;AACxD;YACA,OAAOuB,GAAAA;AACT;AAEA,QAAA,MAAMd,UAAa,GAAA;YACjB,CAACX,IAAAA,GAAemB,qBAAgC,CAAC;AAAElB,oBAAAA,MAAAA;AAAQH,oBAAAA;iBAAYE,EAAAA,IAAAA;AACxE,SAAA;AAED,QAAA,IAAIE,IAAM,EAAA;AACRS,YAAAA,UAAAA,CAAWO,IAAI,CACbF,cAAAA,CAAeC,yBAAkC,CAACf,IAAO,CAAA,EAAA;AAAED,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA,CAAA,CAAA;AAEhF;;QAGAD,IAAMsB,EAAAA,UAAAA,EAAYU,QAAQR,OAAQ,CAAA,CAACC,YAAyBX,UAAWO,CAAAA,IAAI,CAACI,SAAUrB,CAAAA,MAAAA,CAAAA,CAAAA,CAAAA;AAEtF,QAAA,OAAOsB,QAAaZ,UAAYX,CAAAA,CAAAA,IAAAA,CAAAA;AAClC,KAAA;IAEA,MAAM8B,aAAAA,GAAgB,OACpBC,KACA9B,EAAAA,MAAAA,EACA,EAAEC,IAAI,EAAW,GAAG,EAAE,GAAA;AAEtB,QAAA,IAAI,CAACD,MAAQ,EAAA;AACX,YAAA,MAAM,IAAIE,KAAM,CAAA,iCAAA,CAAA;AAClB;QACA,MAAM,EAAE6B,OAAO,EAAEC,IAAI,EAAEC,MAAM,EAAEC,QAAQ,EAAE,GAAGJ,KAAAA;AAE5C,QAAA,MAAMK,iBAAiBC,SAAUN,CAAAA,KAAAA,CAAAA;AAEjC,QAAA,IAAIC,OAAS,EAAA;YACXM,MAAOC,CAAAA,MAAM,CAACH,cAAgB,EAAA;gBAAEJ,OAAS,EAAA,MAAMQ,eAAgBR,CAAAA,OAAAA,EAAS/B,MAAQ,EAAA;AAAEC,oBAAAA;AAAK,iBAAA;AAAG,aAAA,CAAA;AAC5F;AAEA,QAAA,IAAI+B,IAAM,EAAA;YACRK,MAAOC,CAAAA,MAAM,CAACH,cAAgB,EAAA;gBAAEH,IAAM,EAAA,MAAMQ,YAAaR,CAAAA,IAAAA,EAAMhC,MAAQ,EAAA;AAAEC,oBAAAA;AAAK,iBAAA;AAAG,aAAA,CAAA;AACnF;AAEA,QAAA,IAAIgC,MAAQ,EAAA;YACVI,MAAOC,CAAAA,MAAM,CAACH,cAAgB,EAAA;gBAAEF,MAAQ,EAAA,MAAMQ,eAAeR,MAAQjC,EAAAA,MAAAA;AAAQ,aAAA,CAAA;AAC/E;AAEA,QAAA,IAAIkC,QAAU,EAAA;YACZG,MAAOC,CAAAA,MAAM,CAACH,cAAgB,EAAA;gBAAED,QAAU,EAAA,MAAMQ,iBAAiBR,QAAUlC,EAAAA,MAAAA;AAAQ,aAAA,CAAA;AACrF;QAEA,OAAOmC,cAAAA;AACT,KAAA;IAEA,MAAMI,eAAAA,GAAgC,CAACR,OAAS/B,EAAAA,MAAAA,EAAe,EAAEC,IAAI,EAAE,GAAG,EAAE,GAAA;AAC1E,QAAA,IAAI,CAACD,MAAQ,EAAA;AACX,YAAA,MAAM,IAAIE,KAAM,CAAA,mCAAA,CAAA;AAClB;AACA,QAAA,IAAIC,QAAQ4B,OAAU,CAAA,EAAA;YACpB,OAAO3B,OAAAA,CAAQC,GAAG,CAAC0B,OAAQzB,CAAAA,GAAG,CAAC,CAACqC,MAAAA,GAAWJ,eAAgBI,CAAAA,MAAAA,EAAQ3C,MAAQ,EAAA;AAAEC,oBAAAA;AAAK,iBAAA,CAAA,CAAA,CAAA;AACpF;AAEA,QAAA,MAAMS,UAAa,GAAA;AAACQ,YAAAA,sBAAiC,CAAC;AAAElB,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA;AAAG,SAAA;AAE5E,QAAA,IAAII,IAAM,EAAA;AACRS,YAAAA,UAAAA,CAAWO,IAAI,CACb2B,oBAAAA,CAAqB5B,yBAAkC,CAACf,IAAO,CAAA,EAAA;AAAED,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA,CAAA,CAAA;AAEtF;AAEA,QAAA,OAAOyB,QAAaZ,UAAYqB,CAAAA,CAAAA,OAAAA,CAAAA;AAClC,KAAA;IAEA,MAAMS,YAAAA,GAA6B,CAACR,IAAMhC,EAAAA,MAAAA,EAAe,EAAEC,IAAI,EAAE,GAAG,EAAE,GAAA;AACpE,QAAA,IAAI,CAACD,MAAQ,EAAA;AACX,YAAA,MAAM,IAAIE,KAAM,CAAA,gCAAA,CAAA;AAClB;AACA,QAAA,MAAMQ,UAAa,GAAA;AAACQ,YAAAA,mBAA8B,CAAC;AAAElB,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA;AAAG,SAAA;AAEzE,QAAA,IAAII,IAAM,EAAA;AACRS,YAAAA,UAAAA,CAAWO,IAAI,CACb4B,iBAAAA,CAAkB7B,yBAAkC,CAACf,IAAO,CAAA,EAAA;AAAED,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA,CAAA,CAAA;AAEnF;AAEA,QAAA,OAAOyB,QAAaZ,UAAYsB,CAAAA,CAAAA,IAAAA,CAAAA;AAClC,KAAA;IAEA,MAAMS,cAAAA,GAA+B,CAACR,MAAQjC,EAAAA,MAAAA,GAAAA;AAC5C,QAAA,IAAI,CAACA,MAAQ,EAAA;AACX,YAAA,MAAM,IAAIE,KAAM,CAAA,kCAAA,CAAA;AAClB;AACA,QAAA,MAAMQ,UAAa,GAAA;AAACQ,YAAAA,qBAAgC,CAAC;AAAElB,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA;AAAG,SAAA;AAE3E,QAAA,OAAOyB,QAAaZ,UAAYuB,CAAAA,CAAAA,MAAAA,CAAAA;AAClC,KAAA;IAEA,MAAMS,gBAAAA,GAAiC,CAACR,QAAUlC,EAAAA,MAAAA,EAAe,EAAEC,IAAI,EAAE,GAAG,EAAE,GAAA;AAC5E,QAAA,IAAI,CAACD,MAAQ,EAAA;AACX,YAAA,MAAM,IAAIE,KAAM,CAAA,oCAAA,CAAA;AAClB;AACA,QAAA,MAAMQ,UAAa,GAAA;AAACQ,YAAAA,uBAAkC,CAAC;AAAElB,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA;AAAG,SAAA;AAE7E,QAAA,IAAII,IAAM,EAAA;AACRS,YAAAA,UAAAA,CAAWO,IAAI,CACb6B,qBAAAA,CAAsB9B,yBAAkC,CAACf,IAAO,CAAA,EAAA;AAAED,gBAAAA,MAAAA;AAAQH,gBAAAA;AAAS,aAAA,CAAA,CAAA;AAEvF;AAEA,QAAA,OAAOyB,QAAaZ,UAAYwB,CAAAA,CAAAA,QAAAA,CAAAA;AAClC,KAAA;IAEA,OAAO;QACLf,KAAOrB,EAAAA,aAAAA;QACP8B,MAAQL,EAAAA,cAAAA;QACRO,KAAOD,EAAAA,aAAAA;QACPE,OAASQ,EAAAA,eAAAA;QACTP,IAAMQ,EAAAA,YAAAA;QACNP,MAAQQ,EAAAA,cAAAA;QACRP,QAAUQ,EAAAA;AACZ,KAAA;AACF;;;;"}

package/dist/sanitize/sanitizers.js

@@ -0,0 +1,173 @@
+'use strict';
+
+var fp = require('lodash/fp');
+var async = require('../async.js');
+var traverseEntity = require('../traverse-entity.js');
+var contentTypes = require('../content-types.js');
+var queryFilters = require('../traverse/query-filters.js');
+var querySort = require('../traverse/query-sort.js');
+var queryPopulate = require('../traverse/query-populate.js');
+var queryFields = require('../traverse/query-fields.js');
+var removePassword = require('./visitors/remove-password.js');
+var removePrivate = require('./visitors/remove-private.js');
+var removeMorphToRelations = require('./visitors/remove-morph-to-relations.js');
+var removeDynamicZones = require('./visitors/remove-dynamic-zones.js');
+var expandWildcardPopulate = require('./visitors/expand-wildcard-populate.js');
+var operators = require('../operators.js');
+
+const { ID_ATTRIBUTE, DOC_ID_ATTRIBUTE } = contentTypes.constants;
+const sanitizePasswords = (ctx)=>async (entity)=>{
+        if (!ctx.schema) {
+            throw new Error('Missing schema in sanitizePasswords');
+        }
+        return traverseEntity(removePassword, ctx, entity);
+    };
+const defaultSanitizeOutput = async (ctx, entity)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeOutput');
+    }
+    return traverseEntity((...args)=>{
+        removePassword(...args);
+        removePrivate(...args);
+    }, ctx, entity);
+};
+const defaultSanitizeFilters = fp.curry((ctx, filters)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeFilters');
+    }
+    return async.pipe(// Remove keys that are not attributes or valid operators
+    queryFilters(({ key, attribute }, { remove })=>{
+        const isAttribute = !!attribute;
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not checking it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (!isAttribute && !operators.isOperator(key)) {
+            remove(key);
+        }
+    }, ctx), // Remove dynamic zones from filters
+    queryFilters(removeDynamicZones, ctx), // Remove morpTo relations from filters
+    queryFilters(removeMorphToRelations, ctx), // Remove passwords from filters
+    queryFilters(removePassword, ctx), // Remove private from filters
+    queryFilters(removePrivate, ctx), // Remove empty objects
+    queryFilters(({ key, value }, { remove })=>{
+        if (fp.isObject(value) && fp.isEmpty(value)) {
+            remove(key);
+        }
+    }, ctx))(filters);
+});
+const defaultSanitizeSort = fp.curry((ctx, sort)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeSort');
+    }
+    return async.pipe(// Remove non attribute keys
+    querySort(({ key, attribute }, { remove })=>{
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not checking it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (!attribute) {
+            remove(key);
+        }
+    }, ctx), // Remove dynamic zones from sort
+    querySort(removeDynamicZones, ctx), // Remove morpTo relations from sort
+    querySort(removeMorphToRelations, ctx), // Remove private from sort
+    querySort(removePrivate, ctx), // Remove passwords from filters
+    querySort(removePassword, ctx), // Remove keys for empty non-scalar values
+    querySort(({ key, attribute, value }, { remove })=>{
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not removing it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (!contentTypes.isScalarAttribute(attribute) && fp.isEmpty(value)) {
+            remove(key);
+        }
+    }, ctx))(sort);
+});
+const defaultSanitizeFields = fp.curry((ctx, fields)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeFields');
+    }
+    return async.pipe(// Only keep scalar attributes
+    queryFields(({ key, attribute }, { remove })=>{
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not checking it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (fp.isNil(attribute) || !contentTypes.isScalarAttribute(attribute)) {
+            remove(key);
+        }
+    }, ctx), // Remove private fields
+    queryFields(removePrivate, ctx), // Remove password fields
+    queryFields(removePassword, ctx), // Remove nil values from fields array
+    (value)=>fp.isArray(value) ? value.filter((field)=>!fp.isNil(field)) : value)(fields);
+});
+const defaultSanitizePopulate = fp.curry((ctx, populate)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizePopulate');
+    }
+    return async.pipe(queryPopulate(expandWildcardPopulate, ctx), queryPopulate(async ({ key, value, schema, attribute, getModel, path }, { set })=>{
+        if (attribute) {
+            return;
+        }
+        const parent = {
+            key,
+            path,
+            schema,
+            attribute
+        };
+        if (key === 'sort') {
+            set(key, await defaultSanitizeSort({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+        if (key === 'filters') {
+            set(key, await defaultSanitizeFilters({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+        if (key === 'fields') {
+            set(key, await defaultSanitizeFields({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+        if (key === 'populate') {
+            set(key, await defaultSanitizePopulate({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+    }, ctx), // Remove private fields
+    queryPopulate(removePrivate, ctx))(populate);
+});
+
+exports.defaultSanitizeFields = defaultSanitizeFields;
+exports.defaultSanitizeFilters = defaultSanitizeFilters;
+exports.defaultSanitizeOutput = defaultSanitizeOutput;
+exports.defaultSanitizePopulate = defaultSanitizePopulate;
+exports.defaultSanitizeSort = defaultSanitizeSort;
+exports.sanitizePasswords = sanitizePasswords;
+//# sourceMappingURL=sanitizers.js.map

package/dist/sanitize/sanitizers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizers.js","sources":["../../src/sanitize/sanitizers.ts"],"sourcesContent":["import { curry, isEmpty, isNil, isArray, isObject } from 'lodash/fp';\n\nimport { pipe as pipeAsync } from '../async';\nimport traverseEntity from '../traverse-entity';\nimport { isScalarAttribute, constants } from '../content-types';\n\nimport {\n  traverseQueryFilters,\n  traverseQuerySort,\n  traverseQueryPopulate,\n  traverseQueryFields,\n} from '../traverse';\n\nimport {\n  removePassword,\n  removePrivate,\n  removeDynamicZones,\n  removeMorphToRelations,\n  expandWildcardPopulate,\n} from './visitors';\nimport { isOperator } from '../operators';\n\nimport type { Model, Data } from '../types';\nimport type { Parent } from '../traverse/factory';\n\ninterface Context {\n  schema: Model;\n  getModel: (model: string) => Model;\n  parent?: Parent;\n}\n\nconst { ID_ATTRIBUTE, DOC_ID_ATTRIBUTE } = constants;\n\nconst sanitizePasswords = (ctx: Context) => async (entity: Data) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in sanitizePasswords');\n  }\n\n  return traverseEntity(removePassword, ctx, entity);\n};\n\nconst defaultSanitizeOutput = async (ctx: Context, entity: Data) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeOutput');\n  }\n\n  return traverseEntity(\n    (...args) => {\n      removePassword(...args);\n      removePrivate(...args);\n    },\n    ctx,\n    entity\n  );\n};\n\nconst defaultSanitizeFilters = curry((ctx: Context, filters: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeFilters');\n  }\n\n  return pipeAsync(\n    // Remove keys that are not attributes or valid operators\n    traverseQueryFilters(({ key, attribute }, { remove }) => {\n      const isAttribute = !!attribute;\n\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!isAttribute && !isOperator(key)) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove dynamic zones from filters\n    traverseQueryFilters(removeDynamicZones, ctx),\n    // Remove morpTo relations from filters\n    traverseQueryFilters(removeMorphToRelations, ctx),\n    // Remove passwords from filters\n    traverseQueryFilters(removePassword, ctx),\n    // Remove private from filters\n    traverseQueryFilters(removePrivate, ctx),\n    // Remove empty objects\n    traverseQueryFilters(({ key, value }, { remove }) => {\n      if (isObject(value) && isEmpty(value)) {\n        remove(key);\n      }\n    }, ctx)\n  )(filters);\n});\n\nconst defaultSanitizeSort = curry((ctx: Context, sort: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeSort');\n  }\n\n  return pipeAsync(\n    // Remove non attribute keys\n    traverseQuerySort(({ key, attribute }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!attribute) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove dynamic zones from sort\n    traverseQuerySort(removeDynamicZones, ctx),\n    // Remove morpTo relations from sort\n    traverseQuerySort(removeMorphToRelations, ctx),\n    // Remove private from sort\n    traverseQuerySort(removePrivate, ctx),\n    // Remove passwords from filters\n    traverseQuerySort(removePassword, ctx),\n    // Remove keys for empty non-scalar values\n    traverseQuerySort(({ key, attribute, value }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not removing it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!isScalarAttribute(attribute) && isEmpty(value)) {\n        remove(key);\n      }\n    }, ctx)\n  )(sort);\n});\n\nconst defaultSanitizeFields = curry((ctx: Context, fields: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeFields');\n  }\n\n  return pipeAsync(\n    // Only keep scalar attributes\n    traverseQueryFields(({ key, attribute }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (isNil(attribute) || !isScalarAttribute(attribute)) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove private fields\n    traverseQueryFields(removePrivate, ctx),\n    // Remove password fields\n    traverseQueryFields(removePassword, ctx),\n    // Remove nil values from fields array\n    (value) => (isArray(value) ? value.filter((field) => !isNil(field)) : value)\n  )(fields);\n});\n\nconst defaultSanitizePopulate = curry((ctx: Context, populate: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizePopulate');\n  }\n\n  return pipeAsync(\n    traverseQueryPopulate(expandWildcardPopulate, ctx),\n    traverseQueryPopulate(async ({ key, value, schema, attribute, getModel, path }, { set }) => {\n      if (attribute) {\n        return;\n      }\n\n      const parent = { key, path, schema, attribute } satisfies Parent;\n\n      if (key === 'sort') {\n        set(key, await defaultSanitizeSort({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'filters') {\n        set(key, await defaultSanitizeFilters({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'fields') {\n        set(key, await defaultSanitizeFields({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'populate') {\n        set(key, await defaultSanitizePopulate({ schema, getModel, parent }, value));\n      }\n    }, ctx),\n    // Remove private fields\n    traverseQueryPopulate(removePrivate, ctx)\n  )(populate);\n});\n\nexport {\n  sanitizePasswords,\n  defaultSanitizeOutput,\n  defaultSanitizeFilters,\n  defaultSanitizeSort,\n  defaultSanitizeFields,\n  defaultSanitizePopulate,\n};\n"],"names":["ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","constants","sanitizePasswords","ctx","entity","schema","Error","traverseEntity","removePassword","defaultSanitizeOutput","args","removePrivate","defaultSanitizeFilters","curry","filters","pipeAsync","traverseQueryFilters","key","attribute","remove","isAttribute","includes","isOperator","removeDynamicZones","removeMorphToRelations","value","isObject","isEmpty","defaultSanitizeSort","sort","traverseQuerySort","isScalarAttribute","defaultSanitizeFields","fields","traverseQueryFields","isNil","isArray","filter","field","defaultSanitizePopulate","populate","traverseQueryPopulate","expandWildcardPopulate","getModel","path","set","parent"],"mappings":";;;;;;;;;;;;;;;;;AA+BA,MAAM,EAAEA,YAAY,EAAEC,gBAAgB,EAAE,GAAGC,sBAAAA;AAErCC,MAAAA,iBAAAA,GAAoB,CAACC,GAAAA,GAAiB,OAAOC,MAAAA,GAAAA;QACjD,IAAI,CAACD,GAAIE,CAAAA,MAAM,EAAE;AACf,YAAA,MAAM,IAAIC,KAAM,CAAA,qCAAA,CAAA;AAClB;QAEA,OAAOC,cAAAA,CAAeC,gBAAgBL,GAAKC,EAAAA,MAAAA,CAAAA;AAC7C;AAEMK,MAAAA,qBAAAA,GAAwB,OAAON,GAAcC,EAAAA,MAAAA,GAAAA;IACjD,IAAI,CAACD,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,yCAAA,CAAA;AAClB;IAEA,OAAOC,cAAAA,CACL,CAAC,GAAGG,IAAAA,GAAAA;QACFF,cAAkBE,CAAAA,GAAAA,IAAAA,CAAAA;QAClBC,aAAiBD,CAAAA,GAAAA,IAAAA,CAAAA;AACnB,KAAA,EACAP,GACAC,EAAAA,MAAAA,CAAAA;AAEJ;AAEMQ,MAAAA,sBAAAA,GAAyBC,QAAM,CAAA,CAACV,GAAcW,EAAAA,OAAAA,GAAAA;IAClD,IAAI,CAACX,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,0CAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELC,YAAqB,CAAA,CAAC,EAAEC,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;QAClD,MAAMC,WAAAA,GAAc,CAAC,CAACF,SAAAA;;;QAItB,IAAI;AAACnB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACG,WAAAA,IAAe,CAACE,oBAAAA,CAAWL,GAAM,CAAA,EAAA;YACpCE,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEHa,YAAqBO,CAAAA,kBAAAA,EAAoBpB;IAEzCa,YAAqBQ,CAAAA,sBAAAA,EAAwBrB;IAE7Ca,YAAqBR,CAAAA,cAAAA,EAAgBL;IAErCa,YAAqBL,CAAAA,aAAAA,EAAeR;IAEpCa,YAAqB,CAAA,CAAC,EAAEC,GAAG,EAAEQ,KAAK,EAAE,EAAE,EAAEN,MAAM,EAAE,GAAA;QAC9C,IAAIO,WAAAA,CAASD,KAAUE,CAAAA,IAAAA,UAAAA,CAAQF,KAAQ,CAAA,EAAA;YACrCN,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd,GACHW,CAAAA,CAAAA,CAAAA,OAAAA,CAAAA;AACJ,CAAA;AAEMc,MAAAA,mBAAAA,GAAsBf,QAAM,CAAA,CAACV,GAAc0B,EAAAA,IAAAA,GAAAA;IAC/C,IAAI,CAAC1B,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,uCAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELe,SAAkB,CAAA,CAAC,EAAEb,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;;;QAG/C,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACC,SAAW,EAAA;YACdC,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEH2B,SAAkBP,CAAAA,kBAAAA,EAAoBpB;IAEtC2B,SAAkBN,CAAAA,sBAAAA,EAAwBrB;IAE1C2B,SAAkBnB,CAAAA,aAAAA,EAAeR;IAEjC2B,SAAkBtB,CAAAA,cAAAA,EAAgBL;IAElC2B,SAAkB,CAAA,CAAC,EAAEb,GAAG,EAAEC,SAAS,EAAEO,KAAK,EAAE,EAAE,EAAEN,MAAM,EAAE,GAAA;;;QAGtD,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACc,8BAAAA,CAAkBb,SAAcS,CAAAA,IAAAA,UAAAA,CAAQF,KAAQ,CAAA,EAAA;YACnDN,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd,GACH0B,CAAAA,CAAAA,CAAAA,IAAAA,CAAAA;AACJ,CAAA;AAEMG,MAAAA,qBAAAA,GAAwBnB,QAAM,CAAA,CAACV,GAAc8B,EAAAA,MAAAA,GAAAA;IACjD,IAAI,CAAC9B,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,yCAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELmB,WAAoB,CAAA,CAAC,EAAEjB,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;;;QAGjD,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAIkB,QAAMjB,CAAAA,SAAAA,CAAAA,IAAc,CAACa,8BAAAA,CAAkBb,SAAY,CAAA,EAAA;YACrDC,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEH+B,WAAoBvB,CAAAA,aAAAA,EAAeR;IAEnC+B,WAAoB1B,CAAAA,cAAAA,EAAgBL;IAEpC,CAACsB,KAAAA,GAAWW,UAAQX,CAAAA,KAAAA,CAAAA,GAASA,KAAMY,CAAAA,MAAM,CAAC,CAACC,KAAU,GAAA,CAACH,QAAMG,CAAAA,KAAAA,CAAAA,CAAAA,GAAUb,KACtEQ,CAAAA,CAAAA,MAAAA,CAAAA;AACJ,CAAA;AAEMM,MAAAA,uBAAAA,GAA0B1B,QAAM,CAAA,CAACV,GAAcqC,EAAAA,QAAAA,GAAAA;IACnD,IAAI,CAACrC,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,2CAAA,CAAA;AAClB;IAEA,OAAOS,UAAAA,CACL0B,cAAsBC,sBAAwBvC,EAAAA,GAAAA,CAAAA,EAC9CsC,cAAsB,OAAO,EAAExB,GAAG,EAAEQ,KAAK,EAAEpB,MAAM,EAAEa,SAAS,EAAEyB,QAAQ,EAAEC,IAAI,EAAE,EAAE,EAAEC,GAAG,EAAE,GAAA;AACrF,QAAA,IAAI3B,SAAW,EAAA;AACb,YAAA;AACF;AAEA,QAAA,MAAM4B,MAAS,GAAA;AAAE7B,YAAAA,GAAAA;AAAK2B,YAAAA,IAAAA;AAAMvC,YAAAA,MAAAA;AAAQa,YAAAA;AAAU,SAAA;AAE9C,QAAA,IAAID,QAAQ,MAAQ,EAAA;YAClB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMW,mBAAoB,CAAA;AAAEvB,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACnE;AAEA,QAAA,IAAIR,QAAQ,SAAW,EAAA;YACrB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAML,sBAAuB,CAAA;AAAEP,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACtE;AAEA,QAAA,IAAIR,QAAQ,QAAU,EAAA;YACpB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMe,qBAAsB,CAAA;AAAE3B,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACrE;AAEA,QAAA,IAAIR,QAAQ,UAAY,EAAA;YACtB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMsB,uBAAwB,CAAA;AAAElC,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACvE;AACF,KAAA,EAAGtB;AAEHsC,IAAAA,aAAAA,CAAsB9B,eAAeR,GACrCqC,CAAAA,CAAAA,CAAAA,QAAAA,CAAAA;AACJ,CAAA;;;;;;;;;"}

package/dist/sanitize/sanitizers.mjs

@@ -0,0 +1,166 @@
+import { curry, isObject, isEmpty, isNil, isArray } from 'lodash/fp';
+import { pipe } from '../async.mjs';
+import traverseEntity from '../traverse-entity.mjs';
+import { isScalarAttribute, constants } from '../content-types.mjs';
+import traverseQueryFilters from '../traverse/query-filters.mjs';
+import traverseQuerySort from '../traverse/query-sort.mjs';
+import traverseQueryPopulate from '../traverse/query-populate.mjs';
+import traverseQueryFields from '../traverse/query-fields.mjs';
+import visitor$1 from './visitors/remove-password.mjs';
+import visitor from './visitors/remove-private.mjs';
+import visitor$2 from './visitors/remove-morph-to-relations.mjs';
+import visitor$3 from './visitors/remove-dynamic-zones.mjs';
+import visitor$4 from './visitors/expand-wildcard-populate.mjs';
+import { isOperator } from '../operators.mjs';
+
+const { ID_ATTRIBUTE, DOC_ID_ATTRIBUTE } = constants;
+const sanitizePasswords = (ctx)=>async (entity)=>{
+        if (!ctx.schema) {
+            throw new Error('Missing schema in sanitizePasswords');
+        }
+        return traverseEntity(visitor$1, ctx, entity);
+    };
+const defaultSanitizeOutput = async (ctx, entity)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeOutput');
+    }
+    return traverseEntity((...args)=>{
+        visitor$1(...args);
+        visitor(...args);
+    }, ctx, entity);
+};
+const defaultSanitizeFilters = curry((ctx, filters)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeFilters');
+    }
+    return pipe(// Remove keys that are not attributes or valid operators
+    traverseQueryFilters(({ key, attribute }, { remove })=>{
+        const isAttribute = !!attribute;
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not checking it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (!isAttribute && !isOperator(key)) {
+            remove(key);
+        }
+    }, ctx), // Remove dynamic zones from filters
+    traverseQueryFilters(visitor$3, ctx), // Remove morpTo relations from filters
+    traverseQueryFilters(visitor$2, ctx), // Remove passwords from filters
+    traverseQueryFilters(visitor$1, ctx), // Remove private from filters
+    traverseQueryFilters(visitor, ctx), // Remove empty objects
+    traverseQueryFilters(({ key, value }, { remove })=>{
+        if (isObject(value) && isEmpty(value)) {
+            remove(key);
+        }
+    }, ctx))(filters);
+});
+const defaultSanitizeSort = curry((ctx, sort)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeSort');
+    }
+    return pipe(// Remove non attribute keys
+    traverseQuerySort(({ key, attribute }, { remove })=>{
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not checking it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (!attribute) {
+            remove(key);
+        }
+    }, ctx), // Remove dynamic zones from sort
+    traverseQuerySort(visitor$3, ctx), // Remove morpTo relations from sort
+    traverseQuerySort(visitor$2, ctx), // Remove private from sort
+    traverseQuerySort(visitor, ctx), // Remove passwords from filters
+    traverseQuerySort(visitor$1, ctx), // Remove keys for empty non-scalar values
+    traverseQuerySort(({ key, attribute, value }, { remove })=>{
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not removing it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (!isScalarAttribute(attribute) && isEmpty(value)) {
+            remove(key);
+        }
+    }, ctx))(sort);
+});
+const defaultSanitizeFields = curry((ctx, fields)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizeFields');
+    }
+    return pipe(// Only keep scalar attributes
+    traverseQueryFields(({ key, attribute }, { remove })=>{
+        // ID is not an attribute per se, so we need to make
+        // an extra check to ensure we're not checking it
+        if ([
+            ID_ATTRIBUTE,
+            DOC_ID_ATTRIBUTE
+        ].includes(key)) {
+            return;
+        }
+        if (isNil(attribute) || !isScalarAttribute(attribute)) {
+            remove(key);
+        }
+    }, ctx), // Remove private fields
+    traverseQueryFields(visitor, ctx), // Remove password fields
+    traverseQueryFields(visitor$1, ctx), // Remove nil values from fields array
+    (value)=>isArray(value) ? value.filter((field)=>!isNil(field)) : value)(fields);
+});
+const defaultSanitizePopulate = curry((ctx, populate)=>{
+    if (!ctx.schema) {
+        throw new Error('Missing schema in defaultSanitizePopulate');
+    }
+    return pipe(traverseQueryPopulate(visitor$4, ctx), traverseQueryPopulate(async ({ key, value, schema, attribute, getModel, path }, { set })=>{
+        if (attribute) {
+            return;
+        }
+        const parent = {
+            key,
+            path,
+            schema,
+            attribute
+        };
+        if (key === 'sort') {
+            set(key, await defaultSanitizeSort({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+        if (key === 'filters') {
+            set(key, await defaultSanitizeFilters({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+        if (key === 'fields') {
+            set(key, await defaultSanitizeFields({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+        if (key === 'populate') {
+            set(key, await defaultSanitizePopulate({
+                schema,
+                getModel,
+                parent
+            }, value));
+        }
+    }, ctx), // Remove private fields
+    traverseQueryPopulate(visitor, ctx))(populate);
+});
+
+export { defaultSanitizeFields, defaultSanitizeFilters, defaultSanitizeOutput, defaultSanitizePopulate, defaultSanitizeSort, sanitizePasswords };
+//# sourceMappingURL=sanitizers.mjs.map

package/dist/sanitize/sanitizers.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizers.mjs","sources":["../../src/sanitize/sanitizers.ts"],"sourcesContent":["import { curry, isEmpty, isNil, isArray, isObject } from 'lodash/fp';\n\nimport { pipe as pipeAsync } from '../async';\nimport traverseEntity from '../traverse-entity';\nimport { isScalarAttribute, constants } from '../content-types';\n\nimport {\n  traverseQueryFilters,\n  traverseQuerySort,\n  traverseQueryPopulate,\n  traverseQueryFields,\n} from '../traverse';\n\nimport {\n  removePassword,\n  removePrivate,\n  removeDynamicZones,\n  removeMorphToRelations,\n  expandWildcardPopulate,\n} from './visitors';\nimport { isOperator } from '../operators';\n\nimport type { Model, Data } from '../types';\nimport type { Parent } from '../traverse/factory';\n\ninterface Context {\n  schema: Model;\n  getModel: (model: string) => Model;\n  parent?: Parent;\n}\n\nconst { ID_ATTRIBUTE, DOC_ID_ATTRIBUTE } = constants;\n\nconst sanitizePasswords = (ctx: Context) => async (entity: Data) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in sanitizePasswords');\n  }\n\n  return traverseEntity(removePassword, ctx, entity);\n};\n\nconst defaultSanitizeOutput = async (ctx: Context, entity: Data) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeOutput');\n  }\n\n  return traverseEntity(\n    (...args) => {\n      removePassword(...args);\n      removePrivate(...args);\n    },\n    ctx,\n    entity\n  );\n};\n\nconst defaultSanitizeFilters = curry((ctx: Context, filters: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeFilters');\n  }\n\n  return pipeAsync(\n    // Remove keys that are not attributes or valid operators\n    traverseQueryFilters(({ key, attribute }, { remove }) => {\n      const isAttribute = !!attribute;\n\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!isAttribute && !isOperator(key)) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove dynamic zones from filters\n    traverseQueryFilters(removeDynamicZones, ctx),\n    // Remove morpTo relations from filters\n    traverseQueryFilters(removeMorphToRelations, ctx),\n    // Remove passwords from filters\n    traverseQueryFilters(removePassword, ctx),\n    // Remove private from filters\n    traverseQueryFilters(removePrivate, ctx),\n    // Remove empty objects\n    traverseQueryFilters(({ key, value }, { remove }) => {\n      if (isObject(value) && isEmpty(value)) {\n        remove(key);\n      }\n    }, ctx)\n  )(filters);\n});\n\nconst defaultSanitizeSort = curry((ctx: Context, sort: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeSort');\n  }\n\n  return pipeAsync(\n    // Remove non attribute keys\n    traverseQuerySort(({ key, attribute }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!attribute) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove dynamic zones from sort\n    traverseQuerySort(removeDynamicZones, ctx),\n    // Remove morpTo relations from sort\n    traverseQuerySort(removeMorphToRelations, ctx),\n    // Remove private from sort\n    traverseQuerySort(removePrivate, ctx),\n    // Remove passwords from filters\n    traverseQuerySort(removePassword, ctx),\n    // Remove keys for empty non-scalar values\n    traverseQuerySort(({ key, attribute, value }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not removing it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (!isScalarAttribute(attribute) && isEmpty(value)) {\n        remove(key);\n      }\n    }, ctx)\n  )(sort);\n});\n\nconst defaultSanitizeFields = curry((ctx: Context, fields: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizeFields');\n  }\n\n  return pipeAsync(\n    // Only keep scalar attributes\n    traverseQueryFields(({ key, attribute }, { remove }) => {\n      // ID is not an attribute per se, so we need to make\n      // an extra check to ensure we're not checking it\n      if ([ID_ATTRIBUTE, DOC_ID_ATTRIBUTE].includes(key)) {\n        return;\n      }\n\n      if (isNil(attribute) || !isScalarAttribute(attribute)) {\n        remove(key);\n      }\n    }, ctx),\n    // Remove private fields\n    traverseQueryFields(removePrivate, ctx),\n    // Remove password fields\n    traverseQueryFields(removePassword, ctx),\n    // Remove nil values from fields array\n    (value) => (isArray(value) ? value.filter((field) => !isNil(field)) : value)\n  )(fields);\n});\n\nconst defaultSanitizePopulate = curry((ctx: Context, populate: unknown) => {\n  if (!ctx.schema) {\n    throw new Error('Missing schema in defaultSanitizePopulate');\n  }\n\n  return pipeAsync(\n    traverseQueryPopulate(expandWildcardPopulate, ctx),\n    traverseQueryPopulate(async ({ key, value, schema, attribute, getModel, path }, { set }) => {\n      if (attribute) {\n        return;\n      }\n\n      const parent = { key, path, schema, attribute } satisfies Parent;\n\n      if (key === 'sort') {\n        set(key, await defaultSanitizeSort({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'filters') {\n        set(key, await defaultSanitizeFilters({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'fields') {\n        set(key, await defaultSanitizeFields({ schema, getModel, parent }, value));\n      }\n\n      if (key === 'populate') {\n        set(key, await defaultSanitizePopulate({ schema, getModel, parent }, value));\n      }\n    }, ctx),\n    // Remove private fields\n    traverseQueryPopulate(removePrivate, ctx)\n  )(populate);\n});\n\nexport {\n  sanitizePasswords,\n  defaultSanitizeOutput,\n  defaultSanitizeFilters,\n  defaultSanitizeSort,\n  defaultSanitizeFields,\n  defaultSanitizePopulate,\n};\n"],"names":["ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","constants","sanitizePasswords","ctx","entity","schema","Error","traverseEntity","removePassword","defaultSanitizeOutput","args","removePrivate","defaultSanitizeFilters","curry","filters","pipeAsync","traverseQueryFilters","key","attribute","remove","isAttribute","includes","isOperator","removeDynamicZones","removeMorphToRelations","value","isObject","isEmpty","defaultSanitizeSort","sort","traverseQuerySort","isScalarAttribute","defaultSanitizeFields","fields","traverseQueryFields","isNil","isArray","filter","field","defaultSanitizePopulate","populate","traverseQueryPopulate","expandWildcardPopulate","getModel","path","set","parent"],"mappings":";;;;;;;;;;;;;;;AA+BA,MAAM,EAAEA,YAAY,EAAEC,gBAAgB,EAAE,GAAGC,SAAAA;AAErCC,MAAAA,iBAAAA,GAAoB,CAACC,GAAAA,GAAiB,OAAOC,MAAAA,GAAAA;QACjD,IAAI,CAACD,GAAIE,CAAAA,MAAM,EAAE;AACf,YAAA,MAAM,IAAIC,KAAM,CAAA,qCAAA,CAAA;AAClB;QAEA,OAAOC,cAAAA,CAAeC,WAAgBL,GAAKC,EAAAA,MAAAA,CAAAA;AAC7C;AAEMK,MAAAA,qBAAAA,GAAwB,OAAON,GAAcC,EAAAA,MAAAA,GAAAA;IACjD,IAAI,CAACD,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,yCAAA,CAAA;AAClB;IAEA,OAAOC,cAAAA,CACL,CAAC,GAAGG,IAAAA,GAAAA;QACFF,SAAkBE,CAAAA,GAAAA,IAAAA,CAAAA;QAClBC,OAAiBD,CAAAA,GAAAA,IAAAA,CAAAA;AACnB,KAAA,EACAP,GACAC,EAAAA,MAAAA,CAAAA;AAEJ;AAEMQ,MAAAA,sBAAAA,GAAyBC,KAAM,CAAA,CAACV,GAAcW,EAAAA,OAAAA,GAAAA;IAClD,IAAI,CAACX,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,0CAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELC,oBAAqB,CAAA,CAAC,EAAEC,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;QAClD,MAAMC,WAAAA,GAAc,CAAC,CAACF,SAAAA;;;QAItB,IAAI;AAACnB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACG,WAAAA,IAAe,CAACE,UAAAA,CAAWL,GAAM,CAAA,EAAA;YACpCE,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEHa,oBAAqBO,CAAAA,SAAAA,EAAoBpB;IAEzCa,oBAAqBQ,CAAAA,SAAAA,EAAwBrB;IAE7Ca,oBAAqBR,CAAAA,SAAAA,EAAgBL;IAErCa,oBAAqBL,CAAAA,OAAAA,EAAeR;IAEpCa,oBAAqB,CAAA,CAAC,EAAEC,GAAG,EAAEQ,KAAK,EAAE,EAAE,EAAEN,MAAM,EAAE,GAAA;QAC9C,IAAIO,QAAAA,CAASD,KAAUE,CAAAA,IAAAA,OAAAA,CAAQF,KAAQ,CAAA,EAAA;YACrCN,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd,GACHW,CAAAA,CAAAA,CAAAA,OAAAA,CAAAA;AACJ,CAAA;AAEMc,MAAAA,mBAAAA,GAAsBf,KAAM,CAAA,CAACV,GAAc0B,EAAAA,IAAAA,GAAAA;IAC/C,IAAI,CAAC1B,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,uCAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELe,iBAAkB,CAAA,CAAC,EAAEb,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;;;QAG/C,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACC,SAAW,EAAA;YACdC,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEH2B,iBAAkBP,CAAAA,SAAAA,EAAoBpB;IAEtC2B,iBAAkBN,CAAAA,SAAAA,EAAwBrB;IAE1C2B,iBAAkBnB,CAAAA,OAAAA,EAAeR;IAEjC2B,iBAAkBtB,CAAAA,SAAAA,EAAgBL;IAElC2B,iBAAkB,CAAA,CAAC,EAAEb,GAAG,EAAEC,SAAS,EAAEO,KAAK,EAAE,EAAE,EAAEN,MAAM,EAAE,GAAA;;;QAGtD,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAI,CAACc,iBAAAA,CAAkBb,SAAcS,CAAAA,IAAAA,OAAAA,CAAQF,KAAQ,CAAA,EAAA;YACnDN,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd,GACH0B,CAAAA,CAAAA,CAAAA,IAAAA,CAAAA;AACJ,CAAA;AAEMG,MAAAA,qBAAAA,GAAwBnB,KAAM,CAAA,CAACV,GAAc8B,EAAAA,MAAAA,GAAAA;IACjD,IAAI,CAAC9B,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,yCAAA,CAAA;AAClB;AAEA,IAAA,OAAOS;IAELmB,mBAAoB,CAAA,CAAC,EAAEjB,GAAG,EAAEC,SAAS,EAAE,EAAE,EAAEC,MAAM,EAAE,GAAA;;;QAGjD,IAAI;AAACpB,YAAAA,YAAAA;AAAcC,YAAAA;SAAiB,CAACqB,QAAQ,CAACJ,GAAM,CAAA,EAAA;AAClD,YAAA;AACF;AAEA,QAAA,IAAIkB,KAAMjB,CAAAA,SAAAA,CAAAA,IAAc,CAACa,iBAAAA,CAAkBb,SAAY,CAAA,EAAA;YACrDC,MAAOF,CAAAA,GAAAA,CAAAA;AACT;AACF,KAAA,EAAGd;IAEH+B,mBAAoBvB,CAAAA,OAAAA,EAAeR;IAEnC+B,mBAAoB1B,CAAAA,SAAAA,EAAgBL;IAEpC,CAACsB,KAAAA,GAAWW,OAAQX,CAAAA,KAAAA,CAAAA,GAASA,KAAMY,CAAAA,MAAM,CAAC,CAACC,KAAU,GAAA,CAACH,KAAMG,CAAAA,KAAAA,CAAAA,CAAAA,GAAUb,KACtEQ,CAAAA,CAAAA,MAAAA,CAAAA;AACJ,CAAA;AAEMM,MAAAA,uBAAAA,GAA0B1B,KAAM,CAAA,CAACV,GAAcqC,EAAAA,QAAAA,GAAAA;IACnD,IAAI,CAACrC,GAAIE,CAAAA,MAAM,EAAE;AACf,QAAA,MAAM,IAAIC,KAAM,CAAA,2CAAA,CAAA;AAClB;IAEA,OAAOS,IAAAA,CACL0B,sBAAsBC,SAAwBvC,EAAAA,GAAAA,CAAAA,EAC9CsC,sBAAsB,OAAO,EAAExB,GAAG,EAAEQ,KAAK,EAAEpB,MAAM,EAAEa,SAAS,EAAEyB,QAAQ,EAAEC,IAAI,EAAE,EAAE,EAAEC,GAAG,EAAE,GAAA;AACrF,QAAA,IAAI3B,SAAW,EAAA;AACb,YAAA;AACF;AAEA,QAAA,MAAM4B,MAAS,GAAA;AAAE7B,YAAAA,GAAAA;AAAK2B,YAAAA,IAAAA;AAAMvC,YAAAA,MAAAA;AAAQa,YAAAA;AAAU,SAAA;AAE9C,QAAA,IAAID,QAAQ,MAAQ,EAAA;YAClB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMW,mBAAoB,CAAA;AAAEvB,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACnE;AAEA,QAAA,IAAIR,QAAQ,SAAW,EAAA;YACrB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAML,sBAAuB,CAAA;AAAEP,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACtE;AAEA,QAAA,IAAIR,QAAQ,QAAU,EAAA;YACpB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMe,qBAAsB,CAAA;AAAE3B,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACrE;AAEA,QAAA,IAAIR,QAAQ,UAAY,EAAA;YACtB4B,GAAI5B,CAAAA,GAAAA,EAAK,MAAMsB,uBAAwB,CAAA;AAAElC,gBAAAA,MAAAA;AAAQsC,gBAAAA,QAAAA;AAAUG,gBAAAA;aAAUrB,EAAAA,KAAAA,CAAAA,CAAAA;AACvE;AACF,KAAA,EAAGtB;AAEHsC,IAAAA,qBAAAA,CAAsB9B,SAAeR,GACrCqC,CAAAA,CAAAA,CAAAA,QAAAA,CAAAA;AACJ,CAAA;;;;"}

package/dist/sanitize/visitors/expand-wildcard-populate.js

@@ -0,0 +1,20 @@
+'use strict';
+
+const visitor = ({ schema, key, value }, { set })=>{
+    if (key === '' && value === '*') {
+        const { attributes } = schema;
+        const newPopulateQuery = Object.entries(attributes).filter(([, attribute])=>[
+                'relation',
+                'component',
+                'media',
+                'dynamiczone'
+            ].includes(attribute.type)).reduce((acc, [key])=>({
+                ...acc,
+                [key]: true
+            }), {});
+        set('', newPopulateQuery);
+    }
+};
+
+module.exports = visitor;
+//# sourceMappingURL=expand-wildcard-populate.js.map

package/dist/sanitize/visitors/expand-wildcard-populate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"expand-wildcard-populate.js","sources":["../../../src/sanitize/visitors/expand-wildcard-populate.ts"],"sourcesContent":["import type { Visitor } from '../../traverse/factory';\n\nconst visitor: Visitor = ({ schema, key, value }, { set }) => {\n  if (key === '' && value === '*') {\n    const { attributes } = schema;\n\n    const newPopulateQuery = Object.entries(attributes)\n      .filter(([, attribute]) =>\n        ['relation', 'component', 'media', 'dynamiczone'].includes(attribute.type)\n      )\n      .reduce<Record<string, true>>((acc, [key]) => ({ ...acc, [key]: true }), {});\n\n    set('', newPopulateQuery);\n  }\n};\n\nexport default visitor;\n"],"names":["visitor","schema","key","value","set","attributes","newPopulateQuery","Object","entries","filter","attribute","includes","type","reduce","acc"],"mappings":";;AAEA,MAAMA,OAAmB,GAAA,CAAC,EAAEC,MAAM,EAAEC,GAAG,EAAEC,KAAK,EAAE,EAAE,EAAEC,GAAG,EAAE,GAAA;IACvD,IAAIF,GAAAA,KAAQ,EAAMC,IAAAA,KAAAA,KAAU,GAAK,EAAA;QAC/B,MAAM,EAAEE,UAAU,EAAE,GAAGJ,MAAAA;QAEvB,MAAMK,gBAAAA,GAAmBC,MAAOC,CAAAA,OAAO,CAACH,UAAAA,CAAAA,CACrCI,MAAM,CAAC,CAAC,GAAGC,SAAAA,CAAU,GACpB;AAAC,gBAAA,UAAA;AAAY,gBAAA,WAAA;AAAa,gBAAA,OAAA;AAAS,gBAAA;AAAc,aAAA,CAACC,QAAQ,CAACD,SAAUE,CAAAA,IAAI,CAE1EC,CAAAA,CAAAA,MAAM,CAAuB,CAACC,GAAK,EAAA,CAACZ,GAAI,CAAA,IAAM;AAAE,gBAAA,GAAGY,GAAG;AAAE,gBAAA,CAACZ,MAAM;AAAK,aAAA,GAAI,EAAC,CAAA;AAE5EE,QAAAA,GAAAA,CAAI,EAAIE,EAAAA,gBAAAA,CAAAA;AACV;AACF;;;;"}

package/dist/sanitize/visitors/expand-wildcard-populate.mjs

@@ -0,0 +1,18 @@
+const visitor = ({ schema, key, value }, { set })=>{
+    if (key === '' && value === '*') {
+        const { attributes } = schema;
+        const newPopulateQuery = Object.entries(attributes).filter(([, attribute])=>[
+                'relation',
+                'component',
+                'media',
+                'dynamiczone'
+            ].includes(attribute.type)).reduce((acc, [key])=>({
+                ...acc,
+                [key]: true
+            }), {});
+        set('', newPopulateQuery);
+    }
+};
+
+export { visitor as default };
+//# sourceMappingURL=expand-wildcard-populate.mjs.map