@teamplay/backend 0.2.3 → 0.2.5

package/features/accessControl.js

@@ -0,0 +1,50 @@
+import sharedbAccess, { registerOrmRules } from '@teamplay/sharedb-access'
+import { isAccessControl } from '@teamplay/utils/accessControl'
+
+export default function accessControl (
+  backend,
+  { models = {}, dontUseOldDocs = true, ...options } = {}
+) {
+  sharedbAccess(backend, { dontUseOldDocs, ...options })
+
+  for (const modelPattern in models) {
+    const { access, factory } = models[modelPattern]
+
+    if (factory) {
+      // TODO: implement checking access from factory
+      throw Error('accessControl factory model: NOT IMPLEMENTED')
+    } else if (access) {
+      const collectionName = modelPattern
+      if (/\./.test(collectionName)) throw Error(ERRORS.onlyTopLevelCollections(modelPattern))
+      if (!isAccessControl(access)) throw Error(ERRORS.improperAccessControlProps(collectionName, access))
+      registerOrmRules(backend, collectionName, access)
+    }
+  }
+
+  console.log('✓ Security: Access Control for DB collections on backend is enabled')
+}
+
+const ERRORS = {
+  onlyTopLevelCollections: (modelPattern) => `
+    accessControl: you can only define 'access' for access control rules in the top-level collection models
+      (i.e. 'model/items.js')
+      Found 'access' in '${modelPattern}'.
+      Move it to the top-level collection model: 'models/${modelPattern.split('.')[0]}.js'
+  `,
+  improperAccessControlProps: (collectionName, props) => `
+    accessControl: received incorrect 'access' object for accessControl.
+    Possibly not wrapped into an \`accessControl()\` call.
+
+    Make sure you wrap your 'access' object into an \`accessControl({})\` call:
+    Example:
+      import { accessControl } from 'startupjs'
+      export const access = accessControl({
+        create: () => true,
+        ...
+      })
+
+    Collection name: '${collectionName}'
+    Got:
+      ${JSON.stringify(props)}
+  `
+}

package/features/serverAggregate.js

@@ -1,8 +1,8 @@
 import _serverAggregate from '@teamplay/server-aggregate'
 import { isAggregationFunction } from '@teamplay/utils/aggregation'
 
-export default function serverAggregate (backend, { customCheck, models = {} } = {}) {
-  _serverAggregate(backend, { customCheck })
+export default function serverAggregate (backend, { models = {}, ...options } = {}) {
+  _serverAggregate(backend, options)
 
   for (const modelPattern in models) {
     for (const aggregationName in models[modelPattern]) {

package/features/validateSchema.js

@@ -1,8 +1,13 @@
 import sharedbSchema from '@teamplay/sharedb-schema'
 import { transformSchema } from '@teamplay/schema'
 
-export default function validateSchema (backend, { models = {} } = {}) {
-  const schemaPerCollection = { schemas: {}, formats: {}, validators: {} }
+export default function validateSchema (backend, { models = {}, ...options } = {}) {
+  options = {
+    schemas: {},
+    formats: {},
+    validators: {},
+    ...options
+  }
 
   for (const modelPattern in models) {
     let { schema, factory } = models[modelPattern]
@@ -16,18 +21,18 @@ export default function validateSchema (backend, { models = {} } = {}) {
       if (/\./.test(collectionName)) throw Error(ERRORS.onlyTopLevelCollections(modelPattern))
       // transform schema from simplified format to full format
       schema = transformSchema(schema, { collectionName })
-      schemaPerCollection.schemas[collectionName] = schema
+      options.schemas[collectionName] = schema
     }
 
     // allow any 'service' collection structure
     // since 'service' collection is used in our startupjs libraries
     // and we don't have a tool to collect scheme from all packages right now
-    schemaPerCollection.schemas.service = transformSchema({
+    options.schemas.service = transformSchema({
       type: 'object', properties: {}, additionalProperties: true
     })
   }
 
-  sharedbSchema(backend, schemaPerCollection)
+  sharedbSchema(backend, options)
   console.log('✓ Security: JSON-schema validation of DB collections on backend is enabled')
 }
 

package/index.js

@@ -1,6 +1,3 @@
-import ShareDbAccess, {
-  registerOrmRules
-} from '@teamplay/sharedb-access'
 import ShareDB from 'sharedb'
 import shareDbHooks from 'sharedb-hooks'
 import { pubsub } from './redis/index.js'
@@ -8,12 +5,12 @@ import { db } from './db/index.js'
 import maybeFlushRedis from './redis/maybeFlushRedis.js'
 import initValidateSchema from './features/validateSchema.js'
 import initServerAggregate from './features/serverAggregate.js'
+import initAccessControl from './features/accessControl.js'
 
 export { redis, redlock, Redlock } from './redis/index.js'
 export { db, mongo, mongoClient, createMongoIndex, sqlite } from './db/index.js'
 
 const usersConnectionCounter = {}
-global.__clients = {}
 
 export default function createBackend ({
   secure = false,
@@ -46,39 +43,16 @@ export default function createBackend ({
 
   if (hooks) hooks(backend)
 
-  const ORM = global.STARTUP_JS_ORM || {}
-
-  // sharedb-access
   if (accessControl) {
-    // eslint-disable-next-line
-    new ShareDbAccess(backend, { dontUseOldDocs: true })
-
-    for (const path in ORM) {
-      const ormEntity = ORM[path].OrmEntity
-
-      const { access } = ormEntity
-      const isFactory = !!ormEntity.factory
-
-      // TODO:
-      //   - move registerOrmRulesFromFactory and registerOrmRules to this library
-      //   - rewrite factories check to not use model anymore
-      if (isFactory) {
-        throw Error('Sharedb-access does not support ORM factories yet')
-        // registerOrmRulesFromFactory(backend, path, ormEntity)
-      } else if (access) {
-        registerOrmRules(backend, path, access)
-      }
-    }
-
-    console.log('sharedb-access is working')
+    initAccessControl(backend, { models, ...(typeof accessControl === 'object' ? accessControl : {}) })
   }
 
   if (serverAggregate) {
-    initServerAggregate(backend, { customCheck: serverAggregate?.customCheck, models })
+    initServerAggregate(backend, { models, ...(typeof serverAggregate === 'object' ? serverAggregate : {}) })
   }
 
   if (validateSchema && process.env.NODE_ENV !== 'production') {
-    initValidateSchema(backend, { models })
+    initValidateSchema(backend, { models, ...(typeof validateSchema === 'object' ? validateSchema : {}) })
   }
 
   backend.on('client', (client, reject) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@teamplay/backend",
-  "version": "0.2.3",
+  "version": "0.2.5",
   "description": "Create new ShareDB backend instance",
   "type": "module",
   "main": "index.js",
@@ -12,11 +12,11 @@
     ".": "./index.js"
   },
   "dependencies": {
-    "@teamplay/schema": "^0.2.3",
-    "@teamplay/server-aggregate": "^0.2.3",
-    "@teamplay/sharedb-access": "^0.2.3",
-    "@teamplay/sharedb-schema": "^0.2.3",
-    "@teamplay/utils": "^0.2.3",
+    "@teamplay/schema": "^0.2.5",
+    "@teamplay/server-aggregate": "^0.2.5",
+    "@teamplay/sharedb-access": "^0.2.5",
+    "@teamplay/sharedb-schema": "^0.2.5",
+    "@teamplay/utils": "^0.2.5",
     "@types/ioredis-mock": "^8.2.5",
     "ioredis": "^5.3.2",
     "ioredis-mock": "^8.9.0",
@@ -29,5 +29,5 @@
     "sharedb-redis-pubsub": "^2.0.1",
     "sqlite3": "^5.1.6"
   },
-  "gitHead": "3bed63304ff5ae506931e076b07c772ec5951509"
+  "gitHead": "e4ea7de3c12214a24928af14b882651b3aeb5599"
 }