@volcanicminds/typeorm 2.2.6 → 2.2.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +46 -19
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -4
- package/dist/index.js.map +1 -1
- package/dist/lib/loader/dataBaseManager.js +2 -2
- package/dist/lib/loader/dataBaseManager.js.map +1 -1
- package/dist/lib/query.d.ts +1 -0
- package/dist/lib/query.d.ts.map +1 -1
- package/dist/lib/query.js +45 -11
- package/dist/lib/query.js.map +1 -1
- package/dist/lib/util/crypto.d.ts.map +1 -1
- package/dist/lib/util/crypto.js +32 -16
- package/dist/lib/util/crypto.js.map +1 -1
- package/lib/loader/dataBaseManager.ts +2 -2
- package/lib/query.ts +54 -14
- package/lib/util/crypto.ts +37 -15
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -15,6 +15,9 @@
|
|
|
15
15
|
- Switched to pure ECMAScript Modules (`NodeNext`). CommonJS/`require` is no longer supported.
|
|
16
16
|
- Introduced support for complex boolean logic in filtering using the `_logic` parameter.
|
|
17
17
|
- Enhanced filtering capabilities with additional operators and nested relation queries.
|
|
18
|
+
- **Security Update**: The `:raw` operator is now **disabled by default**. To enable it, you must set `VOLCANIC_CUSTOM_QUERY_OPERATORS=true` in your environment variables. Please use this operator with **extreme caution** to avoid SQL injection vulnerabilities.
|
|
19
|
+
- **Security Update**: Added protection against Prototype Pollution and ReDoS attacks.
|
|
20
|
+
- **Security Update**: Filters on sensitive fields (e.g., `password`, `mfaSecret`) are now blocked by default.
|
|
18
21
|
|
|
19
22
|
## Based on
|
|
20
23
|
|
|
@@ -31,6 +34,7 @@ And, what you see in [package.json](package.json).
|
|
|
31
34
|
- **Complex Boolean Logic**: Construct intricate queries with nested `AND` and `OR` conditions using a powerful `_logic` parameter.
|
|
32
35
|
- **Hybrid Database Support**: Write a single API endpoint that works transparently with both PostgreSQL and MongoDB for standard queries.
|
|
33
36
|
- **Standalone or Integrated**: Use it as a standalone utility with any Node.js framework or enjoy seamless integration with `@volcanicminds/backend`.
|
|
37
|
+
- **Security Hardening**: Built-in protections against SQL Injection (via strict operator control), Prototype Pollution, and ReDoS.
|
|
34
38
|
|
|
35
39
|
## Installation
|
|
36
40
|
|
|
@@ -48,6 +52,22 @@ This allows you to build flexible and powerful data APIs with minimal boilerplat
|
|
|
48
52
|
|
|
49
53
|
## Usage
|
|
50
54
|
|
|
55
|
+
### Configuration (Optional)
|
|
56
|
+
|
|
57
|
+
You can customize the list of sensitive fields that should be blocked from filtering during the initialization.
|
|
58
|
+
|
|
59
|
+
```typescript
|
|
60
|
+
import { start } from '@volcanicminds/typeorm'
|
|
61
|
+
|
|
62
|
+
await start({
|
|
63
|
+
type: 'postgres',
|
|
64
|
+
// ... other TypeORM options
|
|
65
|
+
sensitiveFields: ['password', 'secretKey', 'ssn'] // Overrides default blacklist
|
|
66
|
+
})
|
|
67
|
+
```
|
|
68
|
+
|
|
69
|
+
Default sensitive fields are: `['password', 'mfaSecret', 'resetPasswordToken', 'confirmationToken']`.
|
|
70
|
+
|
|
51
71
|
### Use Case 1: Integrated with `@volcanicminds/backend`
|
|
52
72
|
|
|
53
73
|
This is the most straightforward way to use the library. The `executeFindQuery` function handles everything for you.
|
|
@@ -115,25 +135,26 @@ Filters are applied by using `fieldName:operator=value`. If no operator is speci
|
|
|
115
135
|
|
|
116
136
|
#### Operators Table
|
|
117
137
|
|
|
118
|
-
| Operator | Description
|
|
119
|
-
| :----------- |
|
|
120
|
-
| `:eq` | Equals
|
|
121
|
-
| `:neq` | Not equals
|
|
122
|
-
| `:gt`, `:ge` | Greater than / Greater than or equal
|
|
123
|
-
| `:lt`, `:le` | Less than / Less than or equal
|
|
124
|
-
| `:in` | Included in an array (comma-sep.)
|
|
125
|
-
| `:nin` | Not included in an array
|
|
126
|
-
| `:overlap` | Array overlap (has common elements)
|
|
127
|
-
| `:between` | Is between two values (colon-sep.)
|
|
128
|
-
| `:null` | Is null
|
|
129
|
-
| `:notNull` | Is not null
|
|
130
|
-
| `:contains` | Contains (case-sensitive)
|
|
131
|
-
| `:containsi` | Contains (case-insensitive)
|
|
132
|
-
| `:starts` | Starts with (case-sensitive)
|
|
133
|
-
| `:startsi` | Starts with (case-insensitive)
|
|
134
|
-
| `:ends` | Ends with (case-sensitive)
|
|
135
|
-
| `:endsi` | Ends with (case-insensitive)
|
|
136
|
-
| `:eqi` | Equals (case-insensitive)
|
|
138
|
+
| Operator | Description | Example URL | PostgreSQL | MongoDB |
|
|
139
|
+
| :----------- | :------------------------------------------------------------------------ | :-------------------------------------------- | :--------: | :-----: |
|
|
140
|
+
| `:eq` | Equals | `...&status:eq=active` | ✅ | ✅ |
|
|
141
|
+
| `:neq` | Not equals | `...&status:neq=archived` | ✅ | ✅ |
|
|
142
|
+
| `:gt`, `:ge` | Greater than / Greater than or equal | `...&visits:gt=100` | ✅ | ✅ |
|
|
143
|
+
| `:lt`, `:le` | Less than / Less than or equal | `...&price:lt=99.99` | ✅ | ✅ |
|
|
144
|
+
| `:in` | Included in an array (comma-sep.) | `...&status:in=active,pending` | ✅ | ✅ |
|
|
145
|
+
| `:nin` | Not included in an array | `...&category:nin=old,obsolete` | ✅ | ✅ |
|
|
146
|
+
| `:overlap` | Array overlap (has common elements) | `...&companies:overlap=acme,globex` | ✅ | ✅ |
|
|
147
|
+
| `:between` | Is between two values (colon-sep.) | `...&createdAt:between=2024-01-01:2024-12-31` | ✅ | ✅ |
|
|
148
|
+
| `:null` | Is null | `...&deletedAt:null=true` | ✅ | ✅ |
|
|
149
|
+
| `:notNull` | Is not null | `...&updatedAt:notNull=true` | ✅ | ✅ |
|
|
150
|
+
| `:contains` | Contains (case-sensitive) | `...&name:contains=Corp` | ✅ | ❌ |
|
|
151
|
+
| `:containsi` | Contains (case-insensitive) | `...&name:containsi=corp` | ✅ | ✅ |
|
|
152
|
+
| `:starts` | Starts with (case-sensitive) | `...&code:starts=INV-` | ✅ | ❌ |
|
|
153
|
+
| `:startsi` | Starts with (case-insensitive) | `...&code:startsi=inv-` | ✅ | ✅ |
|
|
154
|
+
| `:ends` | Ends with (case-sensitive) | `...&file:ends=.pdf` | ✅ | ❌ |
|
|
155
|
+
| `:endsi` | Ends with (case-insensitive) | `...&file:endsi=.pdf` | ✅ | ✅ |
|
|
156
|
+
| `:eqi` | Equals (case-insensitive) | `...&country:eqi=it` | ✅ | ✅ |
|
|
157
|
+
| `:raw` | Raw SQL ⚠️ **Dangerous** Raw SQL injection ⚠️ Requires env var to enable. | `...&age:raw=> 18` | ✅ | ✅ |
|
|
137
158
|
|
|
138
159
|
#### Nested Relation Filters
|
|
139
160
|
|
|
@@ -166,6 +187,8 @@ This powerful syntax allows for the construction of virtually any query structur
|
|
|
166
187
|
|
|
167
188
|
## API Reference
|
|
168
189
|
|
|
190
|
+
- **`start(options)`**: Initializes the database connection. `options` can now include `sensitiveFields` (array of strings) to customize blocked filter fields.
|
|
191
|
+
- **`configureSensitiveFields(fields)`**: Helper to update sensitive fields at runtime.
|
|
169
192
|
- **`executeFindQuery(repo, relations, data, extraWhere, extraOptions)`**: The main high-level function. Handles a full find-and-count query, processes all parameters, and returns records and pagination headers.
|
|
170
193
|
- **`executeCountQuery(repo, data, extraWhere)`**: A utility to only count records based on filters.
|
|
171
194
|
- **`applyQuery(data, extraWhere, repo)`**: The core translation function. Takes the raw query parameters and returns a TypeORM-compatible query object.
|
|
@@ -179,3 +202,7 @@ This powerful syntax allows for the construction of virtually any query structur
|
|
|
179
202
|
## License
|
|
180
203
|
|
|
181
204
|
This project is licensed under the MIT License.
|
|
205
|
+
|
|
206
|
+
```
|
|
207
|
+
|
|
208
|
+
```
|
package/dist/index.d.ts
CHANGED
|
@@ -6,8 +6,8 @@ import * as dataBaseManager from './lib/loader/dataBaseManager.js';
|
|
|
6
6
|
import { User } from './lib/entities/user.js';
|
|
7
7
|
import { Token } from './lib/entities/token.js';
|
|
8
8
|
import { Change } from './lib/entities/change.js';
|
|
9
|
-
import { applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere } from './lib/query.js';
|
|
9
|
+
import { applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere, configureSensitiveFields } from './lib/query.js';
|
|
10
10
|
declare function start(options: any): Promise<DataSource>;
|
|
11
11
|
export { Database } from './types/global.js';
|
|
12
|
-
export { start, User, Token, Change, userManager, tokenManager, dataBaseManager, DataSource, applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere };
|
|
12
|
+
export { start, User, Token, Change, userManager, tokenManager, dataBaseManager, DataSource, applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere, configureSensitiveFields };
|
|
13
13
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAIA,OAAO,kBAAkB,CAAA;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AAEpC,OAAO,KAAK,WAAW,MAAM,6BAA6B,CAAA;AAC1D,OAAO,KAAK,YAAY,MAAM,8BAA8B,CAAA;AAC5D,OAAO,KAAK,eAAe,MAAM,iCAAiC,CAAA;AAClE,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAA;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAA;AACjD,OAAO,EACL,UAAU,EACV,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,QAAQ,EACR,QAAQ,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAIA,OAAO,kBAAkB,CAAA;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AAEpC,OAAO,KAAK,WAAW,MAAM,6BAA6B,CAAA;AAC1D,OAAO,KAAK,YAAY,MAAM,8BAA8B,CAAA;AAC5D,OAAO,KAAK,eAAe,MAAM,iCAAiC,CAAA;AAClE,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAA;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAA;AACjD,OAAO,EACL,UAAU,EACV,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,QAAQ,EACR,QAAQ,EACR,wBAAwB,EACzB,MAAM,gBAAgB,CAAA;AAIvB,iBAAe,KAAK,CAAC,OAAO,KAAA,uBA+D3B;AAED,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAC5C,OAAO,EACL,KAAK,EACL,IAAI,EACJ,KAAK,EACL,MAAM,EACN,WAAW,EACX,YAAY,EACZ,eAAe,EACf,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,QAAQ,EACR,QAAQ,EACR,wBAAwB,EACzB,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -9,7 +9,7 @@ import * as dataBaseManager from './lib/loader/dataBaseManager.js';
|
|
|
9
9
|
import { User } from './lib/entities/user.js';
|
|
10
10
|
import { Token } from './lib/entities/token.js';
|
|
11
11
|
import { Change } from './lib/entities/change.js';
|
|
12
|
-
import { applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere } from './lib/query.js';
|
|
12
|
+
import { applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere, configureSensitiveFields } from './lib/query.js';
|
|
13
13
|
import * as log from './lib/util/logger.js';
|
|
14
14
|
import yn from './lib/util/yn.js';
|
|
15
15
|
async function start(options) {
|
|
@@ -29,6 +29,9 @@ async function start(options) {
|
|
|
29
29
|
if (options == null || Object.keys(options).length == 0) {
|
|
30
30
|
throw new Error('Volcanic Database: options not specified');
|
|
31
31
|
}
|
|
32
|
+
if (options.sensitiveFields) {
|
|
33
|
+
configureSensitiveFields(options.sensitiveFields);
|
|
34
|
+
}
|
|
32
35
|
const { LOG_DB_LEVEL = 'warn', LOG_COLORIZE = true, DB_SYNCHRONIZE_SCHEMA_AT_STARTUP = false } = process.env;
|
|
33
36
|
const logLevel = LOG_DB_LEVEL === 'trace'
|
|
34
37
|
? 'all'
|
|
@@ -51,9 +54,9 @@ async function start(options) {
|
|
|
51
54
|
const ds = new DataSource(options);
|
|
52
55
|
await ds.initialize();
|
|
53
56
|
if (yn(DB_SYNCHRONIZE_SCHEMA_AT_STARTUP, false)) {
|
|
54
|
-
log.warn('Database schema synchronization started');
|
|
57
|
+
log.warn('Volcanic-TypeORM: Database schema synchronization started');
|
|
55
58
|
await ds.synchronize();
|
|
56
|
-
log.warn('Database schema synchronization finished');
|
|
59
|
+
log.warn('Volcanic-TypeORM: Database schema synchronization finished');
|
|
57
60
|
}
|
|
58
61
|
const repository = {};
|
|
59
62
|
Object.keys(repositories).map((r) => (repository[r] = ds.getRepository(repositories[r])));
|
|
@@ -62,5 +65,5 @@ async function start(options) {
|
|
|
62
65
|
global.repository = repository;
|
|
63
66
|
return ds;
|
|
64
67
|
}
|
|
65
|
-
export { start, User, Token, Change, userManager, tokenManager, dataBaseManager, DataSource, applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere };
|
|
68
|
+
export { start, User, Token, Change, userManager, tokenManager, dataBaseManager, DataSource, applyQuery, executeCountQuery, executeCountView, executeFindQuery, executeFindView, useOrder, useWhere, configureSensitiveFields };
|
|
66
69
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AACA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,MAAM,CAAC,MAAM,EAAE,CAAA;AAEf,OAAO,kBAAkB,CAAA;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AACpC,OAAO,KAAK,cAAc,MAAM,0BAA0B,CAAA;AAC1D,OAAO,KAAK,WAAW,MAAM,6BAA6B,CAAA;AAC1D,OAAO,KAAK,YAAY,MAAM,8BAA8B,CAAA;AAC5D,OAAO,KAAK,eAAe,MAAM,iCAAiC,CAAA;AAClE,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAA;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAA;AACjD,OAAO,EACL,UAAU,EACV,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,QAAQ,EACR,QAAQ,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AACA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,MAAM,CAAC,MAAM,EAAE,CAAA;AAEf,OAAO,kBAAkB,CAAA;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AACpC,OAAO,KAAK,cAAc,MAAM,0BAA0B,CAAA;AAC1D,OAAO,KAAK,WAAW,MAAM,6BAA6B,CAAA;AAC1D,OAAO,KAAK,YAAY,MAAM,8BAA8B,CAAA;AAC5D,OAAO,KAAK,eAAe,MAAM,iCAAiC,CAAA;AAClE,OAAO,EAAE,IAAI,EAAE,MAAM,wBAAwB,CAAA;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAA;AACjD,OAAO,EACL,UAAU,EACV,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,QAAQ,EACR,QAAQ,EACR,wBAAwB,EACzB,MAAM,gBAAgB,CAAA;AACvB,OAAO,KAAK,GAAG,MAAM,sBAAsB,CAAA;AAC3C,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAEjC,KAAK,UAAU,KAAK,CAAC,OAAO;IAC1B,IAAK,MAAc,CAAC,qBAAqB,EAAE,CAAC;QAC1C,OAAO,GAAG;YACR,IAAI,EAAE,UAAU;YAChB,IAAI,EAAE,WAAW;YACjB,IAAI,EAAE,IAAI;YACV,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,IAAI;YACjB,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,EAAE;SACX,CAAA;IACH,CAAC;IAED,IAAI,OAAO,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAA;IAC7D,CAAC;IAED,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,wBAAwB,CAAC,OAAO,CAAC,eAAe,CAAC,CAAA;IACnD,CAAC;IAED,MAAM,EAAE,YAAY,GAAG,MAAM,EAAE,YAAY,GAAG,IAAI,EAAE,gCAAgC,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC,GAAG,CAAA;IAE5G,MAAM,QAAQ,GACZ,YAAY,KAAK,OAAO;QACtB,CAAC,CAAC,KAAK;QACP,CAAC,CAAC,YAAY,KAAK,OAAO;YAC1B,CAAC,CAAC,OAAO;YACT,CAAC,CAAC,YAAY,KAAK,MAAM;gBACzB,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,YAAY,KAAK,MAAM;oBACzB,CAAC,CAAC,MAAM;oBACR,CAAC,CAAC,YAAY,KAAK,OAAO;wBAC1B,CAAC,CAAC,OAAO;wBACT,CAAC,CAAC,YAAY,CAEjB;IAAC,MAAc,CAAC,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,KAAK,CAC7D;IAAC,MAAc,CAAC,gBAAgB,GAAG,OAAO,EAAE,OAAO,IAAI,IAAI,CAAA;IAE5D,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,CAAA;IACvE,OAAO,CAAC,QAAQ,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAA;IACrE,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,gBAAgB,CAAA;IACrE,OAAO,CAAC,OAAO,GAAG,QAAQ,CAAA;IAC1B,OAAO,CAAC,WAAW,GAAG,KAAK,CAAA;IAE3B,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAA;IAClC,MAAM,EAAE,CAAC,UAAU,EAAE,CAAA;IAErB,IAAI,EAAE,CAAC,gCAAgC,EAAE,KAAK,CAAC,EAAE,CAAC;QAChD,GAAG,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAA;QACrE,MAAM,EAAE,CAAC,WAAW,EAAE,CAAA;QACtB,GAAG,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAA;IACxE,CAAC;IAGD,MAAM,UAAU,GAAG,EAAE,CAAA;IACrB,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACxF;IAAC,MAAc,CAAC,UAAU,GAAG,EAAE,CAC/B;IAAC,MAAc,CAAC,MAAM,GAAG,OAAO,CAChC;IAAC,MAAc,CAAC,UAAU,GAAG,UAAU,CAAA;IACxC,OAAO,EAAE,CAAA;AACX,CAAC;AAGD,OAAO,EACL,KAAK,EACL,IAAI,EACJ,KAAK,EACL,MAAM,EACN,WAAW,EACX,YAAY,EACZ,eAAe,EACf,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,QAAQ,EACR,QAAQ,EACR,wBAAwB,EACzB,CAAA"}
|
|
@@ -17,7 +17,7 @@ export async function retrieveBy(entityName, entityId) {
|
|
|
17
17
|
}
|
|
18
18
|
catch (error) {
|
|
19
19
|
if (!(entityName in global.entity)) {
|
|
20
|
-
log.error(
|
|
20
|
+
log.error(`Volcanic-TypeORM: ${entityName} not found in global.entity`);
|
|
21
21
|
}
|
|
22
22
|
throw error;
|
|
23
23
|
}
|
|
@@ -29,7 +29,7 @@ export async function addChange(entityName, entityId, status, userId, contents,
|
|
|
29
29
|
}
|
|
30
30
|
catch (error) {
|
|
31
31
|
if (!(changeEntity in global.entity)) {
|
|
32
|
-
log.error(
|
|
32
|
+
log.error(`Volcanic-TypeORM: ${changeEntity} not found in global.entity`);
|
|
33
33
|
}
|
|
34
34
|
throw error;
|
|
35
35
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dataBaseManager.js","sourceRoot":"","sources":["../../../lib/loader/dataBaseManager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,mBAAmB,CAAA;AAExC,MAAM,UAAU,aAAa;IAC3B,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,UAAU,CAAC,WAAW,EAAE,CAAA;QACrC,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,KAAK,CAAA;IACb,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,UAAU,EAAE,QAAQ;IACnD,IAAI,CAAC;QACH,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,CAAC,UAAU,IAAI,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,GAAG,CAAC,KAAK,CAAC,
|
|
1
|
+
{"version":3,"file":"dataBaseManager.js","sourceRoot":"","sources":["../../../lib/loader/dataBaseManager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,mBAAmB,CAAA;AAExC,MAAM,UAAU,aAAa;IAC3B,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,UAAU,CAAC,WAAW,EAAE,CAAA;QACrC,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,KAAK,CAAA;IACb,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,UAAU,EAAE,QAAQ;IACnD,IAAI,CAAC;QACH,OAAO,MAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,CAAC,UAAU,IAAI,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,GAAG,CAAC,KAAK,CAAC,qBAAqB,UAAU,6BAA6B,CAAC,CAAA;QACzE,CAAC;QACD,MAAM,KAAK,CAAA;IACb,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,GAAG,QAAQ;IACrG,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC9G,OAAO,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACpD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,CAAC,YAAY,IAAI,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,GAAG,CAAC,KAAK,CAAC,qBAAqB,YAAY,6BAA6B,CAAC,CAAA;QAC3E,CAAC;QACD,MAAM,KAAK,CAAA;IACb,CAAC;AACH,CAAC"}
|
package/dist/lib/query.d.ts
CHANGED
package/dist/lib/query.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"query.d.ts","sourceRoot":"","sources":["../../lib/query.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"query.d.ts","sourceRoot":"","sources":["../../lib/query.ts"],"names":[],"mappings":"AAuBA,eAAO,MAAM,wBAAwB,GAAI,QAAQ,MAAM,EAAE,SAKxD,CAAA;AAUD,eAAO,MAAM,QAAQ,GAAI,QAAO,MAAM,EAAO,OA4B5C,CAAA;AAWD,eAAO,MAAM,QAAQ,GAAI,OAAO,GAAG,EAAE,OAAO,GAAG;;;CAwG9C,CAAA;AAED,wBAAgB,UAAU,CAAC,IAAI,KAAA,EAAE,UAAU,KAAA,EAAE,IAAI,KAAA;WAQtC,MAAM;WACN,MAAM;YACL,MAAM;YACN,MAAM,GAAG,MAAM,EAAE;EAmC5B;AAED,wBAAsB,gBAAgB,CACpC,IAAI,EAAE,GAAG,EACT,SAAS,GAAE,GAAQ,EACnB,IAAI,GAAE,GAAQ,EACd,UAAU,GAAE,GAAQ,EACpB,YAAY,GAAE,GAAQ;;;;;;;;;GAoBvB;AAED,wBAAsB,eAAe,CAAC,UAAU,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,UAAU,GAAE,GAAQ,EAAE,YAAY,GAAE,GAAQ;;;;;;;;;GAkBlH;AAED,wBAAsB,iBAAiB,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,KAAK,EAAE,UAAU,GAAE,GAAQ,gBAGjF;AAED,wBAAsB,gBAAgB,CAAC,UAAU,EAAE,GAAG,EAAE,IAAI,KAAK,EAAE,UAAU,GAAE,GAAQ,gBAGtF"}
|
package/dist/lib/query.js
CHANGED
|
@@ -1,7 +1,20 @@
|
|
|
1
1
|
import { Not, Like, ILike, Raw, Equal, IsNull, In, Between, MoreThan, MoreThanOrEqual, LessThan, LessThanOrEqual } from 'typeorm';
|
|
2
|
+
import yn from './util/yn.js';
|
|
3
|
+
import * as log from './util/logger.js';
|
|
2
4
|
import { parseLogicExpression } from './query/parser.js';
|
|
3
5
|
import { buildWhereFromAst } from './query/builder.js';
|
|
6
|
+
let sensitiveFields = ['password', 'mfaSecret', 'resetPasswordToken', 'confirmationToken'];
|
|
7
|
+
export const configureSensitiveFields = (fields) => {
|
|
8
|
+
if (fields && Array.isArray(fields)) {
|
|
9
|
+
log.info(`Volcanic-TypeORM: Overrided sensitive fields: ${fields.join(', ')}`);
|
|
10
|
+
sensitiveFields = fields;
|
|
11
|
+
}
|
|
12
|
+
};
|
|
4
13
|
const evalOrder = (val = '') => (['desc', 'd', 'false', '1'].includes(val.toLowerCase()) ? 'desc' : 'asc');
|
|
14
|
+
const escapeRegExp = (string) => {
|
|
15
|
+
return string.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
|
|
16
|
+
};
|
|
17
|
+
const hasProtoRisk = (str) => hasProtoRisk(str);
|
|
5
18
|
export const useOrder = (order = []) => {
|
|
6
19
|
const result = {};
|
|
7
20
|
order
|
|
@@ -13,9 +26,15 @@ export const useOrder = (order = []) => {
|
|
|
13
26
|
let target = result;
|
|
14
27
|
while (fieldFullPath.length > 1) {
|
|
15
28
|
const fieldPath = fieldFullPath.shift() || '';
|
|
29
|
+
if (hasProtoRisk(fieldPath)) {
|
|
30
|
+
continue;
|
|
31
|
+
}
|
|
16
32
|
target = target[fieldPath] = target[fieldPath] || {};
|
|
17
33
|
}
|
|
18
34
|
const fieldName = fieldFullPath[0];
|
|
35
|
+
if (hasProtoRisk(fieldName)) {
|
|
36
|
+
return;
|
|
37
|
+
}
|
|
19
38
|
target[fieldName] = sortType;
|
|
20
39
|
});
|
|
21
40
|
return result;
|
|
@@ -39,16 +58,15 @@ export const useWhere = (where, repo) => {
|
|
|
39
58
|
const reservedOperators = {
|
|
40
59
|
':null': (v) => (typecastValue(v) === false ? Not(IsNull()) : IsNull()),
|
|
41
60
|
':notNull': (v) => (typecastValue(v) === true ? Not(IsNull()) : IsNull()),
|
|
42
|
-
':raw': (v) => Raw((alias) => `${alias} ${v}`),
|
|
43
61
|
':in': (v) => In(val(v).split(',').map(typecastValue)),
|
|
44
62
|
':nin': (v) => Not(In(val(v).split(',').map(typecastValue))),
|
|
45
|
-
':likei': (v) => (isTargetMongo ? new RegExp(val(v), 'i') : ILike(`%${val(v)}%`)),
|
|
46
|
-
':containsi': (v) => (isTargetMongo ? new RegExp(val(v), 'i') : ILike(`%${val(v)}%`)),
|
|
47
|
-
':ncontainsi': (v) => (isTargetMongo ? Not(new RegExp(val(v), 'i')) : Not(ILike(`%${val(v)}%`))),
|
|
48
|
-
':startsi': (v) => (isTargetMongo ? new RegExp(`^${val(v)}`, 'i') : ILike(`${val(v)}%`)),
|
|
49
|
-
':endsi': (v) => (isTargetMongo ? new RegExp(`${val(v)}$`, 'i') : ILike(`%${val(v)}`)),
|
|
50
|
-
':eqi': (v) => (isTargetMongo ? new RegExp(`^${val(v)}$`, 'i') : ILike(v)),
|
|
51
|
-
':neqi': (v) => (isTargetMongo ? Not(new RegExp(`^${val(v)}$`, 'i')) : Not(ILike(v))),
|
|
63
|
+
':likei': (v) => (isTargetMongo ? new RegExp(escapeRegExp(val(v)), 'i') : ILike(`%${val(v)}%`)),
|
|
64
|
+
':containsi': (v) => (isTargetMongo ? new RegExp(escapeRegExp(val(v)), 'i') : ILike(`%${val(v)}%`)),
|
|
65
|
+
':ncontainsi': (v) => (isTargetMongo ? Not(new RegExp(escapeRegExp(val(v)), 'i')) : Not(ILike(`%${val(v)}%`))),
|
|
66
|
+
':startsi': (v) => (isTargetMongo ? new RegExp(`^${escapeRegExp(val(v))}`, 'i') : ILike(`${val(v)}%`)),
|
|
67
|
+
':endsi': (v) => (isTargetMongo ? new RegExp(`${escapeRegExp(val(v))}$`, 'i') : ILike(`%${val(v)}`)),
|
|
68
|
+
':eqi': (v) => (isTargetMongo ? new RegExp(`^${escapeRegExp(val(v))}$`, 'i') : ILike(v)),
|
|
69
|
+
':neqi': (v) => (isTargetMongo ? Not(new RegExp(`^${escapeRegExp(val(v))}$`, 'i')) : Not(ILike(v))),
|
|
52
70
|
':like': (v) => Like(`${val(v)}`),
|
|
53
71
|
':contains': (v) => Like(`%${val(v)}%`),
|
|
54
72
|
':ncontains': (v) => Not(Like(`%${val(v)}%`)),
|
|
@@ -77,12 +95,19 @@ export const useWhere = (where, repo) => {
|
|
|
77
95
|
return Raw((alias) => `${alias} && ARRAY[:...overlapValues]::text[]`, { overlapValues: values });
|
|
78
96
|
}
|
|
79
97
|
};
|
|
98
|
+
if (yn(process.env.VOLCANIC_CUSTOM_QUERY_OPERATORS, false)) {
|
|
99
|
+
log.warn('Volcanic-TypeORM: Custom query operators (:raw) enabled. SECURITY RISK!');
|
|
100
|
+
reservedOperators[':raw'] = (v) => Raw((alias) => `${alias} ${v}`);
|
|
101
|
+
}
|
|
80
102
|
const reservedWords = Object.keys(reservedOperators).join('|');
|
|
81
103
|
const aliasRegex = /\[([^\]]+)\]$/;
|
|
82
104
|
const allConditions = {};
|
|
83
105
|
for (const rawKey in where) {
|
|
84
106
|
let alias = '';
|
|
85
107
|
let key = rawKey;
|
|
108
|
+
if (hasProtoRisk(rawKey)) {
|
|
109
|
+
continue;
|
|
110
|
+
}
|
|
86
111
|
const aliasMatch = rawKey.match(aliasRegex);
|
|
87
112
|
if (aliasMatch) {
|
|
88
113
|
alias = aliasMatch[1];
|
|
@@ -95,6 +120,9 @@ export const useWhere = (where, repo) => {
|
|
|
95
120
|
const operator = m?.length ? m[0] : ':eq';
|
|
96
121
|
const fullPath = key.replace(operator, '');
|
|
97
122
|
const parts = fullPath.split('.');
|
|
123
|
+
if (sensitiveFields.some((field) => fullPath.includes(field))) {
|
|
124
|
+
continue;
|
|
125
|
+
}
|
|
98
126
|
let value = where[rawKey];
|
|
99
127
|
if (operator && reservedOperators[operator]) {
|
|
100
128
|
value = reservedOperators[operator](value);
|
|
@@ -103,11 +131,17 @@ export const useWhere = (where, repo) => {
|
|
|
103
131
|
let target = condition;
|
|
104
132
|
while (parts.length > 1) {
|
|
105
133
|
const part = parts.shift() || '';
|
|
134
|
+
if (hasProtoRisk(part)) {
|
|
135
|
+
break;
|
|
136
|
+
}
|
|
106
137
|
target = target[part] = target[part] || {};
|
|
107
138
|
}
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
139
|
+
const finalFieldName = parts[0];
|
|
140
|
+
if (!hasProtoRisk(finalFieldName)) {
|
|
141
|
+
target[finalFieldName] = value;
|
|
142
|
+
aliasMap.set(alias, condition);
|
|
143
|
+
Object.assign(allConditions, condition);
|
|
144
|
+
}
|
|
111
145
|
}
|
|
112
146
|
return { allConditions, aliasMap };
|
|
113
147
|
};
|
package/dist/lib/query.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"query.js","sourceRoot":"","sources":["../../lib/query.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,GAAG,EACH,IAAI,EACJ,KAAK,EACL,GAAG,EACH,KAAK,EACL,MAAM,EACN,EAAE,EACF,OAAO,EACP,QAAQ,EACR,eAAe,EACf,QAAQ,EACR,eAAe,EAChB,MAAM,SAAS,CAAA;AAChB,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAEtD,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;AAElH,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,QAAkB,EAAE,EAAE,EAAE;IAC/C,MAAM,MAAM,GAAG,EAAE,CAAA;IACjB,KAAK;SACF,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;SAClB,OAAO,CAAC,CAAC,CAAS,EAAE,EAAE;QACrB,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC1B,MAAM,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzC,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAEpC,IAAI,MAAM,GAAG,MAAM,CAAA;QACnB,OAAO,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,SAAS,GAAW,aAAa,CAAC,KAAK,EAAE,IAAI,EAAE,CAAA;YACrD,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,EAAE,CAAA;QACtD,CAAC;QAED,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;QAElC,MAAM,CAAC,SAAS,CAAC,GAAG,QAAQ,CAAA;IAC9B,CAAC,CAAC,CAAA;IAEJ,OAAO,MAAM,CAAA;AACf,CAAC,CAAA;AAED,MAAM,aAAa,GAAG,CAAC,KAAU,EAAE,EAAE;IACnC,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,EAAE,CAAA;IACtC,IAAI,UAAU,KAAK,MAAM;QAAE,OAAO,IAAI,CAAA;IACtC,IAAI,UAAU,KAAK,OAAO;QAAE,OAAO,KAAK,CAAA;IACxC,IAAI,UAAU,KAAK,MAAM;QAAE,OAAO,IAAI,CAAA;IACtC,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,KAAU,EAAE,IAAU,EAAE,EAAE;IACjD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAe,CAAA;IACvC,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IACnC,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,UAAU,CAAA;IAElC,MAAM,iBAAiB,GAAG;QACxB,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACvE,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACzE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,EAAE,CAAC;QAC9C,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACtD,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;QAC5D,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACjF,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrF,aAAa,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChG,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACxF,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACtF,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC1E,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACrF,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACjC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QACvC,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC7C,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QACpC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAClC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE;YACX,MAAM,UAAU,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;YACnC,IAAI,UAAU,KAAK,IAAI;gBAAE,OAAO,MAAM,EAAE,CAAA;YACxC,OAAO,aAAa,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACvD,CAAC;QACD,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACzB,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC;QAChC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACzB,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC;QAChC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;YAChB,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAA;YACvB,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACjD,CAAC;QACD,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;YAChB,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;YACnD,IAAI,aAAa,EAAE,CAAC;gBAElB,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAA;YACxB,CAAC;YAED,OAAO,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,KAAK,sCAAsC,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAA;QAClG,CAAC;KACF,CAAA;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAC9D,MAAM,UAAU,GAAG,eAAe,CAAA;IAElC,MAAM,aAAa,GAAG,EAAE,CAAA;IAExB,KAAK,MAAM,MAAM,IAAI,KAAK,EAAE,CAAC;QAC3B,IAAI,KAAK,GAAG,EAAE,CAAA;QACd,IAAI,GAAG,GAAG,MAAM,CAAA;QAEhB,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QAC3C,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;YACrB,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAA;QACtC,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,GAAG,CAAA;QACb,CAAC;QAED,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,IAAI,aAAa,MAAM,EAAE,IAAI,CAAC,CAAC,CAAA;QAC9D,MAAM,QAAQ,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QACzC,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;QAC1C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACjC,IAAI,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAA;QAEzB,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5C,KAAK,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAA;QAC5C,CAAC;QAED,IAAI,SAAS,GAAG,EAAE,CAAA;QAClB,IAAI,MAAM,GAAG,SAAS,CAAA;QACtB,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,GAAW,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,CAAA;YACxC,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAA;QAC5C,CAAC;QACD,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAA;QAExB,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;QAC9B,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,SAAS,CAAC,CAAA;IACzC,CAAC;IAED,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAA;AACpC,CAAC,CAAA;AAED,MAAM,UAAU,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI;IAC/C,MAAM,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,QAAQ,GAAG,EAAE,EAAE,IAAI,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,KAAK,EAAE,GAAG,IAAI,CAAA;IAClG,MAAM,IAAI,GAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,IAAI,GAAW,EAAE,IAAI,QAAQ,CAAA;IACnC,MAAM,IAAI,GAAW,EAAE,IAAI,IAAI,GAAG,QAAQ,CAAA;IAC1C,MAAM,KAAK,GAAa,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IAEnD,MAAM,KAAK,GAAG,EAKb,CAAA;IAED,IAAI,IAAI;QAAE,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;IAC3B,IAAI,IAAI;QAAE,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;IAC3B,IAAI,KAAK;QAAE,KAAK,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;IAExC,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,GAAG,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;IAEzD,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAA;YACxC,KAAK,CAAC,KAAK,GAAG,iBAAiB,CAAC,GAAG,EAAE,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAA;QAC/D,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,mDAAmD,EAAE,CAAC,CAAC,CAAA;YACrE,KAAK,CAAC,KAAK,GAAG,aAAa,CAAA;QAC7B,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,KAAK,GAAG,aAAa,CAAA;IAC7B,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;QACrE,IAAI,KAAK,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvD,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClB,KAAK,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,eAAe,CAAC,EAAE,CAAA;YACxD,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,KAAK,GAAG,EAAE,GAAG,KAAK,CAAC,KAAK,EAAE,GAAG,eAAe,EAAE,CAAA;YACtD,CAAC;QACH,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,KAAK,GAAG,eAAe,CAAA;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,IAAS,EACT,YAAiB,EAAE,EACnB,OAAY,EAAE,EACd,aAAkB,EAAE,EACpB,eAAoB,EAAE;IAEtB,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IAEhD,MAAM,CAAC,OAAO,GAAG,EAAE,EAAE,UAAU,CAAC,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;QACzD,SAAS,EAAE,SAAS;QACpB,GAAG,KAAK;QACR,GAAG,YAAY;KAChB,CAAC,CAAA;IAEF,OAAO;QACL,OAAO;QACP,OAAO,EAAE;YACP,SAAS,EAAE,OAAO,CAAC,MAAM;YACzB,SAAS,EAAE,UAAU;YACrB,QAAQ,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;YACxB,YAAY,EAAE,KAAK,CAAC,IAAI;YACxB,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnE;KACF,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,UAAe,EAAE,OAAY,EAAE,EAAE,aAAkB,EAAE,EAAE,eAAoB,EAAE;IACjH,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IAEhD,MAAM,CAAC,OAAO,GAAG,EAAE,EAAE,UAAU,CAAC,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,UAAU,EAAE;QAC1F,GAAG,KAAK;QACR,GAAG,YAAY;KAChB,CAAC,CAAA;IAEF,OAAO;QACL,OAAO;QACP,OAAO,EAAE;YACP,SAAS,EAAE,OAAO,CAAC,MAAM;YACzB,SAAS,EAAE,UAAU;YACrB,QAAQ,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;YACxB,YAAY,EAAE,KAAK,CAAC,IAAI;YACxB,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnE;KACF,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAAS,EAAE,IAAI,GAAG,EAAE,EAAE,aAAkB,EAAE;IAChF,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IACzD,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;AACnE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,UAAe,EAAE,IAAI,GAAG,EAAE,EAAE,aAAkB,EAAE;IACrF,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IACzD,OAAO,MAAM,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;AAC5E,CAAC;AAED,SAAS,OAAO,CAAC,IAAI;IACnB,OAAO,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,CAAA;AACzD,CAAC;AAED,SAAS,OAAO,CAAC,IAAI;IACnB,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,SAAS,CAAA;AACpC,CAAC"}
|
|
1
|
+
{"version":3,"file":"query.js","sourceRoot":"","sources":["../../lib/query.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,GAAG,EACH,IAAI,EACJ,KAAK,EACL,GAAG,EACH,KAAK,EACL,MAAM,EACN,EAAE,EACF,OAAO,EACP,QAAQ,EACR,eAAe,EACf,QAAQ,EACR,eAAe,EAChB,MAAM,SAAS,CAAA;AAChB,OAAO,EAAE,MAAM,cAAc,CAAA;AAC7B,OAAO,KAAK,GAAG,MAAM,kBAAkB,CAAA;AACvC,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAEtD,IAAI,eAAe,GAAG,CAAC,UAAU,EAAE,WAAW,EAAE,oBAAoB,EAAE,mBAAmB,CAAC,CAAA;AAE1F,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,MAAgB,EAAE,EAAE;IAC3D,IAAI,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACpC,GAAG,CAAC,IAAI,CAAC,iDAAiD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAC9E,eAAe,GAAG,MAAM,CAAA;IAC1B,CAAC;AACH,CAAC,CAAA;AAED,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;AAElH,MAAM,YAAY,GAAG,CAAC,MAAM,EAAE,EAAE;IAC9B,OAAO,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAA;AACtD,CAAC,CAAA;AAED,MAAM,YAAY,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;AAEvD,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,QAAkB,EAAE,EAAE,EAAE;IAC/C,MAAM,MAAM,GAAG,EAAE,CAAA;IACjB,KAAK;SACF,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;SAClB,OAAO,CAAC,CAAC,CAAS,EAAE,EAAE;QACrB,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC1B,MAAM,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzC,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAEpC,IAAI,MAAM,GAAG,MAAM,CAAA;QACnB,OAAO,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,SAAS,GAAW,aAAa,CAAC,KAAK,EAAE,IAAI,EAAE,CAAA;YACrD,IAAI,YAAY,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC5B,SAAQ;YACV,CAAC;YAED,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,EAAE,CAAA;QACtD,CAAC;QAED,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;QAClC,IAAI,YAAY,CAAC,SAAS,CAAC,EAAE,CAAC;YAC5B,OAAM;QACR,CAAC;QAED,MAAM,CAAC,SAAS,CAAC,GAAG,QAAQ,CAAA;IAC9B,CAAC,CAAC,CAAA;IAEJ,OAAO,MAAM,CAAA;AACf,CAAC,CAAA;AAED,MAAM,aAAa,GAAG,CAAC,KAAU,EAAE,EAAE;IACnC,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,EAAE,CAAA;IACtC,IAAI,UAAU,KAAK,MAAM;QAAE,OAAO,IAAI,CAAA;IACtC,IAAI,UAAU,KAAK,OAAO;QAAE,OAAO,KAAK,CAAA;IACxC,IAAI,UAAU,KAAK,MAAM;QAAE,OAAO,IAAI,CAAA;IACtC,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,KAAU,EAAE,IAAU,EAAE,EAAE;IACjD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAe,CAAA;IACvC,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IACnC,MAAM,GAAG,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,UAAU,CAAA;IAElC,MAAM,iBAAiB,GAAG;QACxB,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACvE,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACzE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACtD,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;QAC5D,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC/F,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnG,aAAa,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9G,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACtG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACpG,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxF,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACnG,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACjC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QACvC,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC7C,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QACpC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAClC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE;YACX,MAAM,UAAU,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;YACnC,IAAI,UAAU,KAAK,IAAI;gBAAE,OAAO,MAAM,EAAE,CAAA;YACxC,OAAO,aAAa,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACvD,CAAC;QACD,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACzB,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC;QAChC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACzB,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC;QAChC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;YAChB,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAA;YACvB,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACjD,CAAC;QACD,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;YAChB,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;YACnD,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAA;YACxB,CAAC;YACD,OAAO,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,KAAK,sCAAsC,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAA;QAClG,CAAC;KACF,CAAA;IAED,IAAI,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,KAAK,CAAC,EAAE,CAAC;QAC3D,GAAG,CAAC,IAAI,CAAC,yEAAyE,CAAC,CAAA;QACnF,iBAAiB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAC9D,MAAM,UAAU,GAAG,eAAe,CAAA;IAElC,MAAM,aAAa,GAAG,EAAE,CAAA;IAExB,KAAK,MAAM,MAAM,IAAI,KAAK,EAAE,CAAC;QAC3B,IAAI,KAAK,GAAG,EAAE,CAAA;QACd,IAAI,GAAG,GAAG,MAAM,CAAA;QAChB,IAAI,YAAY,CAAC,MAAM,CAAC,EAAE,CAAC;YACzB,SAAQ;QACV,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QAC3C,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;YACrB,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAA;QACtC,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,GAAG,CAAA;QACb,CAAC;QAED,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,IAAI,aAAa,MAAM,EAAE,IAAI,CAAC,CAAC,CAAA;QAC9D,MAAM,QAAQ,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;QACzC,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;QAC1C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAEjC,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YAC9D,SAAQ;QACV,CAAC;QAED,IAAI,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAA;QACzB,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5C,KAAK,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAA;QAC5C,CAAC;QAED,IAAI,SAAS,GAAG,EAAE,CAAA;QAClB,IAAI,MAAM,GAAG,SAAS,CAAA;QACtB,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,GAAW,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,CAAA;YACxC,IAAI,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,MAAK;YACP,CAAC;YAED,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAA;QAC5C,CAAC;QAED,MAAM,cAAc,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAC/B,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,EAAE,CAAC;YAClC,MAAM,CAAC,cAAc,CAAC,GAAG,KAAK,CAAA;YAC9B,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;YAC9B,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,SAAS,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;IAED,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAA;AACpC,CAAC,CAAA;AAED,MAAM,UAAU,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI;IAC/C,MAAM,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,QAAQ,GAAG,EAAE,EAAE,IAAI,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,KAAK,EAAE,GAAG,IAAI,CAAA;IAClG,MAAM,IAAI,GAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,IAAI,GAAW,EAAE,IAAI,QAAQ,CAAA;IACnC,MAAM,IAAI,GAAW,EAAE,IAAI,IAAI,GAAG,QAAQ,CAAA;IAC1C,MAAM,KAAK,GAAa,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IAEnD,MAAM,KAAK,GAAG,EAKb,CAAA;IAED,IAAI,IAAI;QAAE,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;IAC3B,IAAI,IAAI;QAAE,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;IAC3B,IAAI,KAAK;QAAE,KAAK,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;IAExC,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,GAAG,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;IAEzD,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAA;YACxC,KAAK,CAAC,KAAK,GAAG,iBAAiB,CAAC,GAAG,EAAE,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAA;QAC/D,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,mDAAmD,EAAE,CAAC,CAAC,CAAA;YACrE,KAAK,CAAC,KAAK,GAAG,aAAa,CAAA;QAC7B,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,KAAK,GAAG,aAAa,CAAA;IAC7B,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;QACrE,IAAI,KAAK,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvD,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClB,KAAK,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,eAAe,CAAC,EAAE,CAAA;YACxD,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,KAAK,GAAG,EAAE,GAAG,KAAK,CAAC,KAAK,EAAE,GAAG,eAAe,EAAE,CAAA;YACtD,CAAC;QACH,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,KAAK,GAAG,eAAe,CAAA;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,IAAS,EACT,YAAiB,EAAE,EACnB,OAAY,EAAE,EACd,aAAkB,EAAE,EACpB,eAAoB,EAAE;IAEtB,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IAEhD,MAAM,CAAC,OAAO,GAAG,EAAE,EAAE,UAAU,CAAC,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;QACzD,SAAS,EAAE,SAAS;QACpB,GAAG,KAAK;QACR,GAAG,YAAY;KAChB,CAAC,CAAA;IAEF,OAAO;QACL,OAAO;QACP,OAAO,EAAE;YACP,SAAS,EAAE,OAAO,CAAC,MAAM;YACzB,SAAS,EAAE,UAAU;YACrB,QAAQ,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;YACxB,YAAY,EAAE,KAAK,CAAC,IAAI;YACxB,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnE;KACF,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,UAAe,EAAE,OAAY,EAAE,EAAE,aAAkB,EAAE,EAAE,eAAoB,EAAE;IACjH,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IAEhD,MAAM,CAAC,OAAO,GAAG,EAAE,EAAE,UAAU,CAAC,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,UAAU,EAAE;QAC1F,GAAG,KAAK;QACR,GAAG,YAAY;KAChB,CAAC,CAAA;IAEF,OAAO;QACL,OAAO;QACP,OAAO,EAAE;YACP,SAAS,EAAE,OAAO,CAAC,MAAM;YACzB,SAAS,EAAE,UAAU;YACrB,QAAQ,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC;YACxB,YAAY,EAAE,KAAK,CAAC,IAAI;YACxB,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;SACnE;KACF,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAAS,EAAE,IAAI,GAAG,EAAE,EAAE,aAAkB,EAAE;IAChF,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IACzD,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;AACnE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,UAAe,EAAE,IAAI,GAAG,EAAE,EAAE,aAAkB,EAAE;IACrF,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;IACzD,OAAO,MAAM,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;AAC5E,CAAC;AAED,SAAS,OAAO,CAAC,IAAI;IACnB,OAAO,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,CAAA;AACzD,CAAC;AAED,SAAS,OAAO,CAAC,IAAI;IACnB,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,SAAS,CAAA;AACpC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../lib/util/crypto.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../lib/util/crypto.ts"],"names":[],"mappings":"AAcA,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAQ5C;AAED,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CA2B5C"}
|
package/dist/lib/util/crypto.js
CHANGED
|
@@ -1,30 +1,46 @@
|
|
|
1
1
|
import * as crypto from 'crypto';
|
|
2
|
-
const
|
|
3
|
-
const
|
|
4
|
-
const
|
|
2
|
+
const ALGORITHM_NEW = 'aes-256-gcm';
|
|
3
|
+
const ALGORITHM_OLD = 'aes-256-cbc';
|
|
4
|
+
const SECRET_KEY = process.env.MFA_DB_SECRET || process.env.JWT_SECRET;
|
|
5
|
+
const IV_LENGTH_NEW = 12;
|
|
5
6
|
function getKey() {
|
|
6
|
-
|
|
7
|
+
if (!SECRET_KEY) {
|
|
8
|
+
throw new Error('Secret key is not defined in environment variables.');
|
|
9
|
+
}
|
|
10
|
+
return crypto.createHash('sha256').update(String(SECRET_KEY)).digest('base64').substring(0, 32);
|
|
7
11
|
}
|
|
8
12
|
export function encrypt(text) {
|
|
9
13
|
if (!text)
|
|
10
14
|
return text;
|
|
11
|
-
const iv = crypto.randomBytes(
|
|
12
|
-
const cipher = crypto.createCipheriv(
|
|
13
|
-
let encrypted = cipher.update(text);
|
|
15
|
+
const iv = crypto.randomBytes(IV_LENGTH_NEW);
|
|
16
|
+
const cipher = crypto.createCipheriv(ALGORITHM_NEW, Buffer.from(getKey()), iv);
|
|
17
|
+
let encrypted = cipher.update(text, 'utf8');
|
|
14
18
|
encrypted = Buffer.concat([encrypted, cipher.final()]);
|
|
15
|
-
|
|
19
|
+
const authTag = cipher.getAuthTag();
|
|
20
|
+
return iv.toString('hex') + ':' + authTag.toString('hex') + ':' + encrypted.toString('hex');
|
|
16
21
|
}
|
|
17
22
|
export function decrypt(text) {
|
|
18
23
|
if (!text)
|
|
19
24
|
return text;
|
|
20
25
|
const textParts = text.split(':');
|
|
21
|
-
if (textParts.length
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
26
|
+
if (textParts.length === 2) {
|
|
27
|
+
const iv = Buffer.from(textParts[0], 'hex');
|
|
28
|
+
const encryptedText = Buffer.from(textParts[1], 'hex');
|
|
29
|
+
const decipher = crypto.createDecipheriv(ALGORITHM_OLD, Buffer.from(getKey()), iv);
|
|
30
|
+
let decrypted = decipher.update(encryptedText);
|
|
31
|
+
decrypted = Buffer.concat([decrypted, decipher.final()]);
|
|
32
|
+
return decrypted.toString();
|
|
33
|
+
}
|
|
34
|
+
if (textParts.length === 3) {
|
|
35
|
+
const iv = Buffer.from(textParts[0], 'hex');
|
|
36
|
+
const authTag = Buffer.from(textParts[1], 'hex');
|
|
37
|
+
const encryptedText = Buffer.from(textParts[2], 'hex');
|
|
38
|
+
const decipher = crypto.createDecipheriv(ALGORITHM_NEW, Buffer.from(getKey()), iv);
|
|
39
|
+
decipher.setAuthTag(authTag);
|
|
40
|
+
let decrypted = decipher.update(encryptedText, undefined, 'utf8');
|
|
41
|
+
decrypted += decipher.final('utf8');
|
|
42
|
+
return decrypted;
|
|
43
|
+
}
|
|
44
|
+
return text;
|
|
29
45
|
}
|
|
30
46
|
//# sourceMappingURL=crypto.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../lib/util/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAEhC,MAAM,
|
|
1
|
+
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../lib/util/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAEhC,MAAM,aAAa,GAAG,aAAa,CAAA;AACnC,MAAM,aAAa,GAAG,aAAa,CAAA;AACnC,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAA;AACtE,MAAM,aAAa,GAAG,EAAE,CAAA;AAExB,SAAS,MAAM;IACb,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;IACxE,CAAC;IACD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;AACjG,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,IAAY;IAClC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAA;IACtB,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,CAAA;IAC5C,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;IAC9E,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IAC3C,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;IACtD,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;IACnC,OAAO,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AAC7F,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,IAAY;IAClC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAA;IACtB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAEjC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAA;QAC3C,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAA;QACtD,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;QAClF,IAAI,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAC9C,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;QACxD,OAAO,SAAS,CAAC,QAAQ,EAAE,CAAA;IAC7B,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAA;QAC3C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAA;QAChD,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAA;QAEtD,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;QAClF,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAA;QAE5B,IAAI,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;QACjE,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QACnC,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC"}
|
|
@@ -19,7 +19,7 @@ export async function retrieveBy(entityName, entityId) {
|
|
|
19
19
|
return await global.entity[entityName].findOneById(entityId)
|
|
20
20
|
} catch (error) {
|
|
21
21
|
if (!(entityName in global.entity)) {
|
|
22
|
-
log.error(
|
|
22
|
+
log.error(`Volcanic-TypeORM: ${entityName} not found in global.entity`)
|
|
23
23
|
}
|
|
24
24
|
throw error
|
|
25
25
|
}
|
|
@@ -31,7 +31,7 @@ export async function addChange(entityName, entityId, status, userId, contents,
|
|
|
31
31
|
return global.entity[changeEntity].save(newChange)
|
|
32
32
|
} catch (error) {
|
|
33
33
|
if (!(changeEntity in global.entity)) {
|
|
34
|
-
log.error(
|
|
34
|
+
log.error(`Volcanic-TypeORM: ${changeEntity} not found in global.entity`)
|
|
35
35
|
}
|
|
36
36
|
throw error
|
|
37
37
|
}
|
package/lib/query.ts
CHANGED
|
@@ -14,11 +14,28 @@ import {
|
|
|
14
14
|
LessThan,
|
|
15
15
|
LessThanOrEqual
|
|
16
16
|
} from 'typeorm'
|
|
17
|
+
import yn from './util/yn.js'
|
|
18
|
+
import * as log from './util/logger.js'
|
|
17
19
|
import { parseLogicExpression } from './query/parser.js'
|
|
18
20
|
import { buildWhereFromAst } from './query/builder.js'
|
|
19
21
|
|
|
22
|
+
let sensitiveFields = ['password', 'mfaSecret', 'resetPasswordToken', 'confirmationToken']
|
|
23
|
+
|
|
24
|
+
export const configureSensitiveFields = (fields: string[]) => {
|
|
25
|
+
if (fields && Array.isArray(fields)) {
|
|
26
|
+
log.info(`Volcanic-TypeORM: Overrided sensitive fields: ${fields.join(', ')}`)
|
|
27
|
+
sensitiveFields = fields
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
|
|
20
31
|
const evalOrder = (val: string = '') => (['desc', 'd', 'false', '1'].includes(val.toLowerCase()) ? 'desc' : 'asc')
|
|
21
32
|
|
|
33
|
+
const escapeRegExp = (string) => {
|
|
34
|
+
return string.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
const hasProtoRisk = (str: string) => hasProtoRisk(str)
|
|
38
|
+
|
|
22
39
|
export const useOrder = (order: string[] = []) => {
|
|
23
40
|
const result = {}
|
|
24
41
|
order
|
|
@@ -31,10 +48,17 @@ export const useOrder = (order: string[] = []) => {
|
|
|
31
48
|
let target = result
|
|
32
49
|
while (fieldFullPath.length > 1) {
|
|
33
50
|
const fieldPath: string = fieldFullPath.shift() || ''
|
|
51
|
+
if (hasProtoRisk(fieldPath)) {
|
|
52
|
+
continue
|
|
53
|
+
}
|
|
54
|
+
|
|
34
55
|
target = target[fieldPath] = target[fieldPath] || {}
|
|
35
56
|
}
|
|
36
57
|
|
|
37
58
|
const fieldName = fieldFullPath[0]
|
|
59
|
+
if (hasProtoRisk(fieldName)) {
|
|
60
|
+
return
|
|
61
|
+
}
|
|
38
62
|
|
|
39
63
|
target[fieldName] = sortType
|
|
40
64
|
})
|
|
@@ -59,16 +83,15 @@ export const useWhere = (where: any, repo?: any) => {
|
|
|
59
83
|
const reservedOperators = {
|
|
60
84
|
':null': (v) => (typecastValue(v) === false ? Not(IsNull()) : IsNull()),
|
|
61
85
|
':notNull': (v) => (typecastValue(v) === true ? Not(IsNull()) : IsNull()),
|
|
62
|
-
':raw': (v) => Raw((alias) => `${alias} ${v}`),
|
|
63
86
|
':in': (v) => In(val(v).split(',').map(typecastValue)),
|
|
64
87
|
':nin': (v) => Not(In(val(v).split(',').map(typecastValue))),
|
|
65
|
-
':likei': (v) => (isTargetMongo ? new RegExp(val(v), 'i') : ILike(`%${val(v)}%`)),
|
|
66
|
-
':containsi': (v) => (isTargetMongo ? new RegExp(val(v), 'i') : ILike(`%${val(v)}%`)),
|
|
67
|
-
':ncontainsi': (v) => (isTargetMongo ? Not(new RegExp(val(v), 'i')) : Not(ILike(`%${val(v)}%`))),
|
|
68
|
-
':startsi': (v) => (isTargetMongo ? new RegExp(`^${val(v)}`, 'i') : ILike(`${val(v)}%`)),
|
|
69
|
-
':endsi': (v) => (isTargetMongo ? new RegExp(`${val(v)}$`, 'i') : ILike(`%${val(v)}`)),
|
|
70
|
-
':eqi': (v) => (isTargetMongo ? new RegExp(`^${val(v)}$`, 'i') : ILike(v)),
|
|
71
|
-
':neqi': (v) => (isTargetMongo ? Not(new RegExp(`^${val(v)}$`, 'i')) : Not(ILike(v))),
|
|
88
|
+
':likei': (v) => (isTargetMongo ? new RegExp(escapeRegExp(val(v)), 'i') : ILike(`%${val(v)}%`)),
|
|
89
|
+
':containsi': (v) => (isTargetMongo ? new RegExp(escapeRegExp(val(v)), 'i') : ILike(`%${val(v)}%`)),
|
|
90
|
+
':ncontainsi': (v) => (isTargetMongo ? Not(new RegExp(escapeRegExp(val(v)), 'i')) : Not(ILike(`%${val(v)}%`))),
|
|
91
|
+
':startsi': (v) => (isTargetMongo ? new RegExp(`^${escapeRegExp(val(v))}`, 'i') : ILike(`${val(v)}%`)),
|
|
92
|
+
':endsi': (v) => (isTargetMongo ? new RegExp(`${escapeRegExp(val(v))}$`, 'i') : ILike(`%${val(v)}`)),
|
|
93
|
+
':eqi': (v) => (isTargetMongo ? new RegExp(`^${escapeRegExp(val(v))}$`, 'i') : ILike(v)),
|
|
94
|
+
':neqi': (v) => (isTargetMongo ? Not(new RegExp(`^${escapeRegExp(val(v))}$`, 'i')) : Not(ILike(v))),
|
|
72
95
|
':like': (v) => Like(`${val(v)}`),
|
|
73
96
|
':contains': (v) => Like(`%${val(v)}%`),
|
|
74
97
|
':ncontains': (v) => Not(Like(`%${val(v)}%`)),
|
|
@@ -91,14 +114,17 @@ export const useWhere = (where: any, repo?: any) => {
|
|
|
91
114
|
':overlap': (v) => {
|
|
92
115
|
const values = val(v).split(',').map(typecastValue)
|
|
93
116
|
if (isTargetMongo) {
|
|
94
|
-
// MongoDB: usa $in per trovare documenti dove l'array contiene almeno uno dei valori
|
|
95
117
|
return { $in: values }
|
|
96
118
|
}
|
|
97
|
-
// PostgreSQL: usa l'operatore && per array overlap
|
|
98
119
|
return Raw((alias) => `${alias} && ARRAY[:...overlapValues]::text[]`, { overlapValues: values })
|
|
99
120
|
}
|
|
100
121
|
}
|
|
101
122
|
|
|
123
|
+
if (yn(process.env.VOLCANIC_CUSTOM_QUERY_OPERATORS, false)) {
|
|
124
|
+
log.warn('Volcanic-TypeORM: Custom query operators (:raw) enabled. SECURITY RISK!')
|
|
125
|
+
reservedOperators[':raw'] = (v) => Raw((alias) => `${alias} ${v}`)
|
|
126
|
+
}
|
|
127
|
+
|
|
102
128
|
const reservedWords = Object.keys(reservedOperators).join('|')
|
|
103
129
|
const aliasRegex = /\[([^\]]+)\]$/
|
|
104
130
|
|
|
@@ -107,6 +133,9 @@ export const useWhere = (where: any, repo?: any) => {
|
|
|
107
133
|
for (const rawKey in where) {
|
|
108
134
|
let alias = ''
|
|
109
135
|
let key = rawKey
|
|
136
|
+
if (hasProtoRisk(rawKey)) {
|
|
137
|
+
continue
|
|
138
|
+
}
|
|
110
139
|
|
|
111
140
|
const aliasMatch = rawKey.match(aliasRegex)
|
|
112
141
|
if (aliasMatch) {
|
|
@@ -120,8 +149,12 @@ export const useWhere = (where: any, repo?: any) => {
|
|
|
120
149
|
const operator = m?.length ? m[0] : ':eq'
|
|
121
150
|
const fullPath = key.replace(operator, '')
|
|
122
151
|
const parts = fullPath.split('.')
|
|
123
|
-
let value = where[rawKey]
|
|
124
152
|
|
|
153
|
+
if (sensitiveFields.some((field) => fullPath.includes(field))) {
|
|
154
|
+
continue
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
let value = where[rawKey]
|
|
125
158
|
if (operator && reservedOperators[operator]) {
|
|
126
159
|
value = reservedOperators[operator](value)
|
|
127
160
|
}
|
|
@@ -130,12 +163,19 @@ export const useWhere = (where: any, repo?: any) => {
|
|
|
130
163
|
let target = condition
|
|
131
164
|
while (parts.length > 1) {
|
|
132
165
|
const part: string = parts.shift() || ''
|
|
166
|
+
if (hasProtoRisk(part)) {
|
|
167
|
+
break
|
|
168
|
+
}
|
|
169
|
+
|
|
133
170
|
target = target[part] = target[part] || {}
|
|
134
171
|
}
|
|
135
|
-
target[parts[0]] = value
|
|
136
172
|
|
|
137
|
-
|
|
138
|
-
|
|
173
|
+
const finalFieldName = parts[0]
|
|
174
|
+
if (!hasProtoRisk(finalFieldName)) {
|
|
175
|
+
target[finalFieldName] = value
|
|
176
|
+
aliasMap.set(alias, condition)
|
|
177
|
+
Object.assign(allConditions, condition)
|
|
178
|
+
}
|
|
139
179
|
}
|
|
140
180
|
|
|
141
181
|
return { allConditions, aliasMap }
|
package/lib/util/crypto.ts
CHANGED
|
@@ -1,30 +1,52 @@
|
|
|
1
1
|
import * as crypto from 'crypto'
|
|
2
2
|
|
|
3
|
-
const
|
|
4
|
-
const
|
|
5
|
-
const
|
|
3
|
+
const ALGORITHM_NEW = 'aes-256-gcm'
|
|
4
|
+
const ALGORITHM_OLD = 'aes-256-cbc'
|
|
5
|
+
const SECRET_KEY = process.env.MFA_DB_SECRET || process.env.JWT_SECRET
|
|
6
|
+
const IV_LENGTH_NEW = 12
|
|
6
7
|
|
|
7
8
|
function getKey() {
|
|
8
|
-
|
|
9
|
+
if (!SECRET_KEY) {
|
|
10
|
+
throw new Error('Secret key is not defined in environment variables.')
|
|
11
|
+
}
|
|
12
|
+
return crypto.createHash('sha256').update(String(SECRET_KEY)).digest('base64').substring(0, 32)
|
|
9
13
|
}
|
|
10
14
|
|
|
11
15
|
export function encrypt(text: string): string {
|
|
12
16
|
if (!text) return text
|
|
13
|
-
const iv = crypto.randomBytes(
|
|
14
|
-
const cipher = crypto.createCipheriv(
|
|
15
|
-
let encrypted = cipher.update(text)
|
|
17
|
+
const iv = crypto.randomBytes(IV_LENGTH_NEW)
|
|
18
|
+
const cipher = crypto.createCipheriv(ALGORITHM_NEW, Buffer.from(getKey()), iv)
|
|
19
|
+
let encrypted = cipher.update(text, 'utf8')
|
|
16
20
|
encrypted = Buffer.concat([encrypted, cipher.final()])
|
|
17
|
-
|
|
21
|
+
const authTag = cipher.getAuthTag()
|
|
22
|
+
return iv.toString('hex') + ':' + authTag.toString('hex') + ':' + encrypted.toString('hex')
|
|
18
23
|
}
|
|
19
24
|
|
|
20
25
|
export function decrypt(text: string): string {
|
|
21
26
|
if (!text) return text
|
|
22
27
|
const textParts = text.split(':')
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
28
|
+
|
|
29
|
+
if (textParts.length === 2) {
|
|
30
|
+
const iv = Buffer.from(textParts[0], 'hex')
|
|
31
|
+
const encryptedText = Buffer.from(textParts[1], 'hex')
|
|
32
|
+
const decipher = crypto.createDecipheriv(ALGORITHM_OLD, Buffer.from(getKey()), iv)
|
|
33
|
+
let decrypted = decipher.update(encryptedText)
|
|
34
|
+
decrypted = Buffer.concat([decrypted, decipher.final()])
|
|
35
|
+
return decrypted.toString()
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
if (textParts.length === 3) {
|
|
39
|
+
const iv = Buffer.from(textParts[0], 'hex')
|
|
40
|
+
const authTag = Buffer.from(textParts[1], 'hex')
|
|
41
|
+
const encryptedText = Buffer.from(textParts[2], 'hex')
|
|
42
|
+
|
|
43
|
+
const decipher = crypto.createDecipheriv(ALGORITHM_NEW, Buffer.from(getKey()), iv)
|
|
44
|
+
decipher.setAuthTag(authTag)
|
|
45
|
+
|
|
46
|
+
let decrypted = decipher.update(encryptedText, undefined, 'utf8')
|
|
47
|
+
decrypted += decipher.final('utf8')
|
|
48
|
+
return decrypted
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
return text
|
|
30
52
|
}
|