@terreno/api 0.9.2 → 0.10.0

package/bunfig.unit.toml

@@ -0,0 +1,3 @@
+[test]
+root = "./src"
+preload = []

package/dist/api.d.ts

@@ -19,6 +19,26 @@ export declare function addPopulateToQuery(builtQuery: mongoose.Query<any[], any
  * @returns The sum of `a` and `b`
  */
 export type RESTMethod = "list" | "create" | "read" | "update" | "delete";
+/**
+ * Interface for the vendored @wesleytodd/openapi Express middleware.
+ * Provides methods for building OpenAPI documentation from Express routes.
+ */
+export interface OpenApiMiddleware {
+    /** The middleware itself is callable as Express middleware. */
+    (req: express.Request, res: express.Response, next: express.NextFunction): void;
+    /** Register a path-level OpenAPI schema, returning an Express middleware that attaches the schema to the route. */
+    path: (schema?: Record<string, unknown>) => express.RequestHandler;
+    /** Register or retrieve an OpenAPI component definition (schemas, responses, parameters, etc). */
+    component: (type: string, name?: string, description?: Record<string, unknown>) => OpenApiMiddleware | {
+        $ref: string;
+    } | Record<string, unknown> | undefined;
+    /** Shorthand for component("schemas", ...) */
+    schema: (name?: string, description?: Record<string, unknown>) => OpenApiMiddleware | {
+        $ref: string;
+    } | Record<string, unknown> | undefined;
+    /** The generated OpenAPI document */
+    document: Record<string, unknown>;
+}
 /**
  * This is the main configuration.
  * @param T - the base document type. This should not include Mongoose models, just the types of the object.
@@ -55,7 +75,7 @@ export interface ModelRouterOptions<T> {
      * You can transform the given query params by returning different values.
      * If the query is acceptable as-is, return `query` as-is.
      */
-    queryFilter?: (user?: User, query?: Record<string, any>) => Record<string, any> | null | Promise<Record<string, any> | null>;
+    queryFilter?: (user?: User, query?: Record<string, unknown>) => Record<string, unknown> | null | Promise<Record<string, unknown> | null>;
     /**
      * Transformers allow data to be transformed before actions are executed,
      * and serialized before being returned to the user.
@@ -83,9 +103,7 @@ export interface ModelRouterOptions<T> {
      * list queries. Accepts any Mongoose-style queries, and runs for all user types.
      *    defaultQueryParams: \{hidden: false\} // By default, don't show objects with hidden=true
      * These can be overridden by the user if not disallowed by queryFilter. */
-    defaultQueryParams?: {
-        [key: string]: any;
-    };
+    defaultQueryParams?: Record<string, unknown>;
     /**
      * Manages Mongoose populations before returning from all methods (list, read, create, etc).
      * For each population:
@@ -109,14 +127,14 @@ export interface ModelRouterOptions<T> {
      *  or 500. */
     maxLimit?: number;
     /** Custom route setup function. Receives the router and optionally the full options (including openApi). */
-    endpoints?: (router: any, options?: Partial<ModelRouterOptions<T>>) => void;
+    endpoints?: (router: express.Router, options?: Partial<ModelRouterOptions<T>>) => void;
     /**
      * Hook that runs after `transformer.transform` but before the object is created.
      * Can update the body fields based on the request or the user.
      * Return null to return a generic 403 error. Throw an APIError to return a 400 with specific
      * error information.
      */
-    preCreate?: (value: any, request: express.Request) => T | Promise<T> | null;
+    preCreate?: (value: Partial<T> | (Partial<T> | undefined)[] | null | undefined, request: express.Request) => T | Promise<T> | null;
     /**
      * Hook that runs after `transformer.transform` but before changes are made for update operations.
      * Can update the body fields based on the request or the user.
@@ -185,17 +203,17 @@ export interface ModelRouterOptions<T> {
     /**
      * The OpenAPI generator for this server. This is used to generate the OpenAPI documentation.
      */
-    openApi?: any;
+    openApi?: OpenApiMiddleware;
     /**
      * Overwrite parts of the configuration for the OpenAPI generator.
      * This will be merged with the generated configuration.
      */
     openApiOverwrite?: {
-        get?: any;
-        list?: any;
-        create?: any;
-        update?: any;
-        delete?: any;
+        get?: Record<string, unknown>;
+        list?: Record<string, unknown>;
+        create?: Record<string, unknown>;
+        update?: Record<string, unknown>;
+        delete?: Record<string, unknown>;
     };
     /**
      * Overwrite parts of the model properties for the OpenAPI generator.
@@ -203,7 +221,7 @@ export interface ModelRouterOptions<T> {
      * This is useful if you add custom properties to the model during serialize, for example,
      * that you want to be documented and typed in the SDK.
      */
-    openApiExtraModelProperties?: any;
+    openApiExtraModelProperties?: Record<string, unknown>;
     /**
      * Enable runtime validation of request bodies against the OpenAPI schema.
      * When enabled, requests that don't match the documented schema will return 400 errors.

package/dist/errors.js

@@ -112,7 +112,13 @@ var APIError = /** @class */ (function (_super) {
             _this.meta.fields = fields;
         }
         _this.error = error;
-        logger_1.logger.error("APIError(".concat(status, "): ").concat(title, " ").concat(detail ? detail : "").concat(((_a = data.error) === null || _a === void 0 ? void 0 : _a.stack) ? "\n".concat((_b = data.error) === null || _b === void 0 ? void 0 : _b.stack) : ""));
+        var logMessage = "APIError(".concat(status, "): ").concat(title, " ").concat(detail ? detail : "").concat(((_a = data.error) === null || _a === void 0 ? void 0 : _a.stack) ? "\n".concat((_b = data.error) === null || _b === void 0 ? void 0 : _b.stack) : "");
+        if (data.disableExternalErrorTracking) {
+            logger_1.logger.warn(logMessage);
+        }
+        else {
+            logger_1.logger.error(logMessage);
+        }
         return _this;
     }
     return APIError;

package/dist/expressServer.d.ts

@@ -6,7 +6,7 @@ import { type UserModel as UserMongooseModel } from "./auth";
 import { type GitHubAuthOptions } from "./githubAuth";
 import { type LoggingOptions } from "./logger";
 export declare function setupEnvironment(): void;
-export type AddRoutes = (router: Router, options?: Partial<ModelRouterOptions<any>>) => void;
+export type AddRoutes = (router: Router, options?: Partial<ModelRouterOptions<unknown>>) => void;
 export declare function logRequests(req: any, res: any, next: any): void;
 export declare function createRouter(rootPath: string, addRoutes: AddRoutes, middleware?: any[]): any[];
 export declare function createRouterWithAuth(rootPath: string, addRoutes: (router: Router) => void, middleware?: any[]): any[];

package/dist/expressServer.js

@@ -341,16 +341,10 @@ function setupServer(options) {
 }
 // Convenience method to execute cronjobs with an always-running server.
 function cronjob(name, schedule, callback) {
-    var _cronSchedule = schedule;
-    if (schedule === "hourly") {
-        _cronSchedule = "0 * * * *";
-    }
-    else if (schedule === "minutely") {
-        _cronSchedule = "* * * * *";
-    }
-    logger_1.logger.info("Adding cronjob ".concat(name, ", running at: ").concat(schedule));
+    var cronSchedule = schedule === "hourly" ? "0 * * * *" : schedule === "minutely" ? "* * * * *" : schedule;
+    logger_1.logger.info("Adding cronjob ".concat(name, ", running at: ").concat(cronSchedule));
     try {
-        new cron_1.default.CronJob(schedule, callback, null, true, "America/Chicago");
+        new cron_1.default.CronJob(cronSchedule, callback, null, true, "America/Chicago");
     }
     catch (error) {
         throw new Error("Failed to create cronjob: ".concat(error));

package/dist/expressServer.test.js

@@ -383,16 +383,13 @@ var tests_1 = require("./tests");
             var callback = function () { };
             (0, bun_test_1.expect)(function () { return (0, expressServer_1.cronjob)("test-invalid", "invalid-cron", callback); }).toThrow("Failed to create cronjob");
         });
-        // Note: The "hourly" and "minutely" aliases have a bug - they convert the
-        // schedule to a cron expression but then use the original schedule string.
-        // This test documents that current (buggy) behavior.
-        (0, bun_test_1.it)("hourly alias fails due to bug in implementation", function () {
+        (0, bun_test_1.it)("accepts hourly alias", function () {
             var callback = function () { };
-            (0, bun_test_1.expect)(function () { return (0, expressServer_1.cronjob)("test-hourly-alias", "hourly", callback); }).toThrow("Failed to create cronjob");
+            (0, bun_test_1.expect)(function () { return (0, expressServer_1.cronjob)("test-hourly-alias", "hourly", callback); }).not.toThrow();
         });
-        (0, bun_test_1.it)("minutely alias fails due to bug in implementation", function () {
+        (0, bun_test_1.it)("accepts minutely alias", function () {
             var callback = function () { };
-            (0, bun_test_1.expect)(function () { return (0, expressServer_1.cronjob)("test-minutely-alias", "minutely", callback); }).toThrow("Failed to create cronjob");
+            (0, bun_test_1.expect)(function () { return (0, expressServer_1.cronjob)("test-minutely-alias", "minutely", callback); }).not.toThrow();
         });
     });
     (0, bun_test_1.describe)("createRouter routePathMiddleware", function () {

package/dist/openApi.d.ts

@@ -1,3 +1,4 @@
+import type express from "express";
 import type { Model } from "mongoose";
 import type { ModelRouterOptions } from "./api";
 export declare const apiErrorContent: {
@@ -52,9 +53,9 @@ export declare const defaultOpenApiErrorResponses: {
         description: string;
     };
 };
-export declare function getOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): any;
-export declare function listOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): any;
-export declare function createOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): any;
-export declare function patchOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): any;
-export declare function deleteOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): any;
+export declare function getOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): express.RequestHandler;
+export declare function listOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): express.RequestHandler;
+export declare function createOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): express.RequestHandler;
+export declare function patchOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): express.RequestHandler;
+export declare function deleteOpenApiMiddleware<T>(model: Model<T>, options: Partial<ModelRouterOptions<T>>): express.RequestHandler;
 export declare function readOpenApiMiddleware<T>(options: Partial<ModelRouterOptions<T>>, properties: any, required: string[], queryParameters: any): any;

package/dist/openApi.test.js

@@ -74,6 +74,9 @@ var expressServer_1 = require("./expressServer");
 var permissions_1 = require("./permissions");
 var tests_1 = require("./tests");
 function getMessageSummaryOpenApiMiddleware(options) {
+    if (!options.openApi) {
+        throw new Error("Expected openApi to be configured for test routes");
+    }
     return options.openApi.path({
         parameters: [
             {
@@ -292,7 +295,8 @@ function addRoutes(router, options) {
     }); });
 });
 function addRoutesPopulate(router, options) {
-    options === null || options === void 0 ? void 0 : options.openApi.component("schemas", "LimitedUser", {
+    var _a;
+    (_a = options === null || options === void 0 ? void 0 : options.openApi) === null || _a === void 0 ? void 0 : _a.component("schemas", "LimitedUser", {
         properties: {
             email: {
                 description: "LimitedUser's email",

package/dist/openApiBuilder.d.ts

@@ -209,7 +209,7 @@ export declare class OpenApiMiddlewareBuilder {
      *
      * @param options - Router options containing the OpenAPI path configuration
      */
-    constructor(options: Partial<ModelRouterOptions<any>>);
+    constructor(options: Partial<ModelRouterOptions<unknown>>);
     /**
      * Sets the tags for the OpenAPI operation.
      *
@@ -484,4 +484,4 @@ export declare class OpenApiMiddlewareBuilder {
  * router.get("/analytics/stats", statsMiddleware, getStatsHandler);
  * ```
  */
-export declare function createOpenApiBuilder(options: Partial<ModelRouterOptions<any>>): OpenApiMiddlewareBuilder;
+export declare function createOpenApiBuilder(options: Partial<ModelRouterOptions<unknown>>): OpenApiMiddlewareBuilder;

package/dist/openApiEtag.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/openApiEtag.test.js

@@ -0,0 +1,86 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+var bun_test_1 = require("bun:test");
+var node_crypto_1 = __importDefault(require("node:crypto"));
+var openApiEtag_1 = require("./openApiEtag");
+var buildRequest = function (options) {
+    if (options === void 0) { options = {}; }
+    var ifNoneMatch = options.ifNoneMatch, _a = options.method, method = _a === void 0 ? "GET" : _a, _b = options.path, path = _b === void 0 ? "/openapi.json" : _b;
+    return {
+        get: function (header) {
+            return header === "If-None-Match" ? ifNoneMatch : undefined;
+        },
+        method: method,
+        path: path,
+    };
+};
+var buildResponse = function () {
+    var originalJson = (0, bun_test_1.mock)(function (body) { return ({ body: body }); });
+    var resObject = {
+        json: originalJson,
+    };
+    var set = (0, bun_test_1.mock)(function () { return resObject; });
+    var status = (0, bun_test_1.mock)(function () { return resObject; });
+    var end = (0, bun_test_1.mock)(function () { return resObject; });
+    resObject.set = set;
+    resObject.status = status;
+    resObject.end = end;
+    return {
+        end: end,
+        originalJson: originalJson,
+        res: resObject,
+        set: set,
+        status: status,
+    };
+};
+(0, bun_test_1.describe)("openApiEtagMiddleware", function () {
+    (0, bun_test_1.it)("skips non-openapi requests", function () {
+        var req = buildRequest({ method: "POST", path: "/health" });
+        var _a = buildResponse(), res = _a.res, originalJson = _a.originalJson;
+        var next = (0, bun_test_1.mock)(function () { });
+        (0, openApiEtag_1.openApiEtagMiddleware)(req, res, next);
+        (0, bun_test_1.expect)(next).toHaveBeenCalledTimes(1);
+        (0, bun_test_1.expect)(res.json).toBe(originalJson);
+    });
+    (0, bun_test_1.it)("skips GET requests for non-openapi.json paths", function () {
+        var req = buildRequest({ method: "GET", path: "/health" });
+        var _a = buildResponse(), res = _a.res, originalJson = _a.originalJson;
+        var next = (0, bun_test_1.mock)(function () { });
+        (0, openApiEtag_1.openApiEtagMiddleware)(req, res, next);
+        (0, bun_test_1.expect)(next).toHaveBeenCalledTimes(1);
+        (0, bun_test_1.expect)(res.json).toBe(originalJson);
+    });
+    (0, bun_test_1.it)("sets ETag and returns json body when no matching If-None-Match header is provided", function () {
+        var req = buildRequest();
+        var _a = buildResponse(), res = _a.res, originalJson = _a.originalJson, set = _a.set, status = _a.status, end = _a.end;
+        var next = (0, bun_test_1.mock)(function () { });
+        var body = { openapi: "3.0.0", paths: { "/todos": { get: {} } } };
+        (0, openApiEtag_1.openApiEtagMiddleware)(req, res, next);
+        var result = res.json(body);
+        var expectedEtag = "\"".concat(node_crypto_1.default.createHash("sha256").update(JSON.stringify(body)).digest("hex").substring(0, 16), "\"");
+        (0, bun_test_1.expect)(next).toHaveBeenCalledTimes(1);
+        (0, bun_test_1.expect)(set).toHaveBeenCalledWith("ETag", expectedEtag);
+        (0, bun_test_1.expect)(originalJson).toHaveBeenCalledWith(body);
+        (0, bun_test_1.expect)(status).toHaveBeenCalledTimes(0);
+        (0, bun_test_1.expect)(end).toHaveBeenCalledTimes(0);
+        (0, bun_test_1.expect)(result).toEqual({ body: body });
+    });
+    (0, bun_test_1.it)("returns 304 when If-None-Match matches generated ETag", function () {
+        var body = { openapi: "3.0.0", paths: { "/users": { post: {} } } };
+        var etag = "\"".concat(node_crypto_1.default.createHash("sha256").update(JSON.stringify(body)).digest("hex").substring(0, 16), "\"");
+        var req = buildRequest({ ifNoneMatch: etag });
+        var _a = buildResponse(), res = _a.res, originalJson = _a.originalJson, set = _a.set, status = _a.status, end = _a.end;
+        var next = (0, bun_test_1.mock)(function () { });
+        (0, openApiEtag_1.openApiEtagMiddleware)(req, res, next);
+        var result = res.json(body);
+        (0, bun_test_1.expect)(next).toHaveBeenCalledTimes(1);
+        (0, bun_test_1.expect)(set).toHaveBeenCalledWith("ETag", etag);
+        (0, bun_test_1.expect)(status).toHaveBeenCalledWith(304);
+        (0, bun_test_1.expect)(end).toHaveBeenCalledTimes(1);
+        (0, bun_test_1.expect)(originalJson).toHaveBeenCalledTimes(0);
+        (0, bun_test_1.expect)(result).toBe(res);
+    });
+});

package/dist/permissions.middleware.test.d.ts

@@ -0,0 +1 @@
+export {};