@terreno/api 0.13.0 → 0.13.2

package/src/secretProviders.ts

@@ -86,9 +86,10 @@ export class GcpSecretProvider implements SecretProvider {
       const SecretManagerServiceClient =
         mod.SecretManagerServiceClient ?? mod.default?.SecretManagerServiceClient;
       if (!SecretManagerServiceClient) {
-        throw new Error(
-          "SecretManagerServiceClient not found in @google-cloud/secret-manager module"
-        );
+        throw new APIError({
+          status: 500,
+          title: "SecretManagerServiceClient not found in @google-cloud/secret-manager module",
+        });
       }
       this.client = new SecretManagerServiceClient();
     }

package/src/tests.ts

@@ -1,6 +1,6 @@
 import express, {type Express} from "express";
 import mongoose, {type Model, model, Schema} from "mongoose";
-import passportLocalMongoose from "passport-local-mongoose";
+import passportLocalMongoose, {type PassportLocalMongooseDocument} from "passport-local-mongoose";
 import qs from "qs";
 import supertest from "supertest";
 import type TestAgent from "supertest/lib/agent";
@@ -62,19 +62,22 @@ const userSchema = new Schema<User>({
   username: {description: "The user's username", type: String},
 });
 
-userSchema.plugin(passportLocalMongoose as any, {
-  attemptsField: "attempts",
-  interval: process.env.NODE_ENV === "test" ? 1 : 100,
-  limitAttempts: true,
-  maxAttempts: 3,
-  maxInterval: process.env.NODE_ENV === "test" ? 1 : 300000,
-  usernameCaseInsensitive: true,
-  usernameField: "email",
-});
+userSchema.plugin(
+  passportLocalMongoose as unknown as (schema: Schema, options?: Record<string, unknown>) => void,
+  {
+    attemptsField: "attempts",
+    interval: process.env.NODE_ENV === "test" ? 1 : 100,
+    limitAttempts: true,
+    maxAttempts: 3,
+    maxInterval: process.env.NODE_ENV === "test" ? 1 : 300000,
+    usernameCaseInsensitive: true,
+    usernameField: "email",
+  }
+);
 // userSchema.plugin(tokenPlugin);
 userSchema.plugin(createdUpdatedPlugin);
 userSchema.plugin(isDisabledPlugin);
-userSchema.methods.postCreate = async function (body: any) {
+userSchema.methods.postCreate = async function (body: {age?: number}) {
   this.age = body.age;
   return this.save();
 };
@@ -121,6 +124,7 @@ const foodSchema = new Schema<Food>(
         type: Schema.Types.ObjectId,
       },
     ],
+    // noExplicitAny: DateOnly is a custom SchemaType not recognized by Mongoose's built-in type definitions
     expiration: {description: "Expiration date of the food", type: DateOnly as any},
     hidden: {
       default: false,
@@ -221,13 +225,13 @@ export const setupDb = async () => {
       UserModel.create({admin: true, email: "admin@example.com", name: "Admin"}),
       UserModel.create({admin: true, email: "admin+other@example.com", name: "Admin Other"}),
     ]);
-    await (notAdmin as any).setPassword("password");
+    await (notAdmin as unknown as PassportLocalMongooseDocument).setPassword("password");
     await notAdmin.save();
 
-    await (admin as any).setPassword("securePassword");
+    await (admin as unknown as PassportLocalMongooseDocument).setPassword("securePassword");
     await admin.save();
 
-    await (adminOther as any).setPassword("otherPassword");
+    await (adminOther as unknown as PassportLocalMongooseDocument).setPassword("otherPassword");
 
     await adminOther.save();
 

package/src/transformers.ts

@@ -15,7 +15,10 @@ export interface TerrenoTransformer<T> {
   serialize?: (obj: T, user?: User) => Partial<T> | undefined;
 }
 
-function getUserType(user?: User, obj?: any): "anon" | "auth" | "owner" | "admin" {
+const getUserType = (
+  user?: User,
+  obj?: Record<string, unknown>
+): "anon" | "auth" | "owner" | "admin" => {
   if (user?.admin) {
     return "admin";
   }
@@ -26,10 +29,9 @@ function getUserType(user?: User, obj?: any): "anon" | "auth" | "owner" | "admin
     return "auth";
   }
   return "anon";
-}
+};
 
-export function AdminOwnerTransformer<T>(options: {
-  // TODO: do something with KeyOf here.
+export const AdminOwnerTransformer = <T>(options: {
   anonReadFields?: string[];
   authReadFields?: string[];
   ownerReadFields?: string[];
@@ -38,20 +40,20 @@ export function AdminOwnerTransformer<T>(options: {
   authWriteFields?: string[];
   ownerWriteFields?: string[];
   adminWriteFields?: string[];
-}): TerrenoTransformer<T> {
-  function pickFields(obj: Partial<T>, fields: any[]): Partial<T> {
+}): TerrenoTransformer<T> => {
+  const pickFields = (obj: Partial<T>, fields: string[]): Partial<T> => {
     const newData: Partial<T> = {};
     for (const field of fields) {
-      if (obj[field] !== undefined) {
-        newData[field] = obj[field];
+      if ((obj as Record<string, unknown>)[field] !== undefined) {
+        (newData as Record<string, unknown>)[field] = (obj as Record<string, unknown>)[field];
       }
     }
     return newData;
-  }
+  };
 
   return {
     serialize: (obj: T, user?: User) => {
-      const userType = getUserType(user, obj);
+      const userType = getUserType(user, obj as Record<string, unknown>);
       if (userType === "admin") {
         return pickFields(obj, [...(options.adminReadFields ?? []), "id"]);
       }
@@ -63,10 +65,9 @@ export function AdminOwnerTransformer<T>(options: {
       }
       return pickFields(obj, [...(options.anonReadFields ?? []), "id"]);
     },
-    // TODO: Migrate AdminOwnerTransform to use pre-hooks.
     transform: (obj: Partial<T>, _method: "create" | "update", user?: User) => {
-      const userType = getUserType(user, obj);
-      let allowedFields: any;
+      const userType = getUserType(user, obj as Record<string, unknown>);
+      let allowedFields: string[];
       if (userType === "admin") {
         allowedFields = options.adminWriteFields ?? [];
       } else if (userType === "owner") {
@@ -78,21 +79,22 @@ export function AdminOwnerTransformer<T>(options: {
       }
       const unallowedFields = Object.keys(obj).filter((k) => !allowedFields.includes(k));
       if (unallowedFields.length) {
-        throw new Error(
-          `User of type ${userType} cannot write fields: ${unallowedFields.join(", ")}`
-        );
+        throw new APIError({
+          status: 403,
+          title: `User of type ${userType} cannot write fields: ${unallowedFields.join(", ")}`,
+        });
       }
       return obj;
     },
   };
-}
+};
 
-export function transform<T>(
+export const transform = <T>(
   options: ModelRouterOptions<T>,
   data: Partial<T> | Partial<T>[],
   method: "create" | "update",
   user?: User
-) {
+) => {
   if (!options.transformer?.transform) {
     return data;
   }
@@ -108,16 +110,16 @@ export function transform<T>(
     return transformFn(data, method, user);
   }
   return data.map((d) => transformFn(d, method, user));
-}
+};
 
-export function serialize<T>(
+export const serialize = <T>(
   req: express.Request,
   options: ModelRouterOptions<T>,
-  data: (Document<any, any, any> & T) | (Document<any, any, any> & T)[]
-) {
-  const serializeFn = (serializeData: Document<any, any, any> & T, serializeUser?: User) => {
+  data: (Document & T) | (Document & T)[]
+) => {
+  const serializeFn = (serializeData: Document & T, serializeUser?: User) => {
     const dataObject = serializeData.toObject() as T;
-    (dataObject as any).id = serializeData._id;
+    (dataObject as Record<string, unknown>).id = serializeData._id;
 
     // Search for any value that is a Map and transform it to a plain object.
     // Otherwise Express drops the contents.
@@ -143,18 +145,18 @@ export function serialize<T>(
     return serializeFn(data, req.user);
   }
   return data.map((d) => serializeFn(d, req.user));
-}
+};
 
 /**
  * Default response handler for modelRouter. Calls toObject on each doc and returns the result,
  * using transformers.serializer if provided.
  */
-export async function defaultResponseHandler<T>(
-  doc: (Document<any, any, any> & T) | (Document<any, any, any> & T)[] | null,
+export const defaultResponseHandler = async <T>(
+  doc: (Document & T) | (Document & T)[] | null,
   method: "list" | "create" | "read" | "update",
   request: express.Request,
   options: ModelRouterOptions<T>
-) {
+) => {
   if (!doc) {
     return null;
   }
@@ -168,4 +170,4 @@ export async function defaultResponseHandler<T>(
       title: `Error serializing ${method} response: ${errorObj.message}`,
     });
   }
-}
+};

package/src/utils.ts

@@ -1,5 +1,6 @@
 import mongoose, {Types} from "mongoose";
 
+import {APIError} from "./errors";
 import {logger} from "./logger";
 
 // A better version of mongoose's ObjectId.isValid,
@@ -31,17 +32,26 @@ export const checkModelsStrict = (ignoredModels: string[] = []): void => {
     const schema = mongoose.model(model).schema;
 
     if (schema.get("toObject")?.virtuals !== true) {
-      throw new Error(`Model ${model} toObject.virtuals not set to true`);
+      throw new APIError({
+        status: 500,
+        title: `Model ${model} toObject.virtuals not set to true`,
+      });
     }
     if (schema.get("toJSON")?.virtuals !== true) {
-      throw new Error(`Model ${model} toJSON.virtuals not set to true`);
+      throw new APIError({
+        status: 500,
+        title: `Model ${model} toJSON.virtuals not set to true`,
+      });
     }
 
     if (ignoredModels.includes(model)) {
       continue;
     }
     if (schema.get("strict") !== "throw") {
-      throw new Error(`Model ${model} is not set to strict mode.`);
+      throw new APIError({
+        status: 500,
+        title: `Model ${model} is not set to strict mode.`,
+      });
     }
   }
 };