@wxn0brp/vql 0.3.2 → 0.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config.d.ts +10 -2
- package/dist/config.js +12 -7
- package/dist/config.js.map +1 -1
- package/dist/cpu/relation.js +4 -5
- package/dist/cpu/relation.js.map +1 -1
- package/dist/cpu/request.js +3 -4
- package/dist/cpu/request.js.map +1 -1
- package/dist/cpu/utils.d.ts +2 -1
- package/dist/cpu/utils.js +3 -4
- package/dist/cpu/utils.js.map +1 -1
- package/dist/permissions/relation.d.ts +2 -1
- package/dist/permissions/relation.js +7 -8
- package/dist/permissions/relation.js.map +1 -1
- package/dist/permissions/request.d.ts +3 -2
- package/dist/permissions/request.js +8 -10
- package/dist/permissions/request.js.map +1 -1
- package/dist/permissions/utils.d.ts +2 -1
- package/dist/permissions/utils.js +2 -3
- package/dist/permissions/utils.js.map +1 -1
- package/dist/processor.d.ts +6 -4
- package/dist/processor.js +6 -3
- package/dist/processor.js.map +1 -1
- package/dist/types/vql.d.ts +6 -0
- package/dist/valid.d.ts +4 -13
- package/dist/valid.js +4 -5
- package/dist/valid.js.map +1 -1
- package/dist/vql.d.ts +6 -0
- package/package.json +1 -1
package/dist/config.d.ts
CHANGED
|
@@ -1,7 +1,15 @@
|
|
|
1
|
-
export
|
|
1
|
+
export interface VQLConfigInterface {
|
|
2
2
|
hidePath: boolean;
|
|
3
3
|
strictSelect: boolean;
|
|
4
4
|
strictACL: boolean;
|
|
5
5
|
noCheckPermissions: boolean;
|
|
6
6
|
formatAjv: boolean;
|
|
7
|
-
}
|
|
7
|
+
}
|
|
8
|
+
export declare class VQLConfig implements VQLConfigInterface {
|
|
9
|
+
hidePath: boolean;
|
|
10
|
+
strictSelect: boolean;
|
|
11
|
+
strictACL: boolean;
|
|
12
|
+
noCheckPermissions: boolean;
|
|
13
|
+
formatAjv: boolean;
|
|
14
|
+
constructor(config?: Partial<VQLConfigInterface>);
|
|
15
|
+
}
|
package/dist/config.js
CHANGED
|
@@ -1,8 +1,13 @@
|
|
|
1
|
-
export
|
|
2
|
-
hidePath
|
|
3
|
-
strictSelect
|
|
4
|
-
strictACL
|
|
5
|
-
noCheckPermissions
|
|
6
|
-
formatAjv
|
|
7
|
-
|
|
1
|
+
export class VQLConfig {
|
|
2
|
+
hidePath = true;
|
|
3
|
+
strictSelect = true;
|
|
4
|
+
strictACL = true;
|
|
5
|
+
noCheckPermissions = false;
|
|
6
|
+
formatAjv = true;
|
|
7
|
+
constructor(config) {
|
|
8
|
+
if (config) {
|
|
9
|
+
Object.assign(this, config);
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
}
|
|
8
13
|
//# sourceMappingURL=config.js.map
|
package/dist/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAQA,MAAM,OAAO,SAAS;IAClB,QAAQ,GAAG,IAAI,CAAC;IAChB,YAAY,GAAG,IAAI,CAAC;IACpB,SAAS,GAAG,IAAI,CAAC;IACjB,kBAAkB,GAAG,KAAK,CAAC;IAC3B,SAAS,GAAG,IAAI,CAAC;IAEjB,YAAY,MAAoC;QAC5C,IAAI,MAAM,EAAE,CAAC;YACT,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAChC,CAAC;IACL,CAAC;CACJ"}
|
package/dist/cpu/relation.js
CHANGED
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import { checkRelationPermission } from "../permissions/index.js";
|
|
2
2
|
import { parseSelect } from "./utils.js";
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
req.select = parseSelect(req.select || []);
|
|
3
|
+
function standardizeRelationRequest(config, req) {
|
|
4
|
+
req.select = parseSelect(config, req.select || []);
|
|
6
5
|
}
|
|
7
6
|
function checkDBsExist(cpu, req) {
|
|
8
7
|
const db = req.path[0];
|
|
@@ -22,11 +21,11 @@ export async function executeRelation(cpu, query, user) {
|
|
|
22
21
|
const checkDb = checkDBsExist(cpu, query.r);
|
|
23
22
|
if (checkDb.err)
|
|
24
23
|
return checkDb;
|
|
25
|
-
if (!
|
|
24
|
+
if (!cpu.config.noCheckPermissions && !await checkRelationPermission(cpu.config, cpu.gw, user, query)) {
|
|
26
25
|
return { err: true, msg: "Permission denied", c: 403 };
|
|
27
26
|
}
|
|
28
27
|
const req = query.r;
|
|
29
|
-
standardizeRelationRequest(req);
|
|
28
|
+
standardizeRelationRequest(cpu.config, req);
|
|
30
29
|
const { path, search, relations, select } = req;
|
|
31
30
|
if (req.many) {
|
|
32
31
|
return await cpu.relation.find(path, search, relations, select, req.options);
|
package/dist/cpu/relation.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"relation.js","sourceRoot":"","sources":["../../src/cpu/relation.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,uBAAuB,EAAE,MAAM,gBAAgB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"relation.js","sourceRoot":"","sources":["../../src/cpu/relation.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,uBAAuB,EAAE,MAAM,gBAAgB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAGtC,SAAS,0BAA0B,CAAC,MAAiB,EAAE,GAAgD;IACnG,GAAG,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;AACvD,CAAC;AAED,SAAS,aAAa,CAAC,GAAiB,EAAE,GAAgD;IACtF,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEvB,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,CAAC;QAC9B,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,uBAAuB,EAAE,aAAa,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;IAC9E,CAAC;IAED,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;QAChB,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAClD,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YACzC,IAAI,GAAG,CAAC,GAAG;gBAAE,OAAO,GAAG,CAAC;QAC5B,CAAC;IACL,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;AAC1B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAiB,EAAE,KAAoB,EAAE,IAAS;IACpF,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;IAC5C,IAAI,OAAO,CAAC,GAAG;QAAE,OAAO,OAAO,CAAC;IAEhC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,kBAAkB,IAAI,CAAC,MAAM,uBAAuB,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC;QACpG,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,mBAAmB,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;IAC3D,CAAC;IAED,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC;IACpB,0BAA0B,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAE5C,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEhD,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QACX,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;IACjF,CAAC;SAAM,CAAC;QACJ,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IACvE,CAAC;AACL,CAAC"}
|
package/dist/cpu/request.js
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import { VQLConfig } from "../config.js";
|
|
2
1
|
import { checkRequestPermission } from "../permissions/index.js";
|
|
3
2
|
import { parseSelect } from "./utils.js";
|
|
4
3
|
export async function executeQuery(cpu, query, user) {
|
|
@@ -6,19 +5,19 @@ export async function executeQuery(cpu, query, user) {
|
|
|
6
5
|
return { err: true, msg: `Invalid query - db "${query.db || "undefined"}" not found`, c: 400 };
|
|
7
6
|
const db = cpu.dbInstances[query.db];
|
|
8
7
|
const operation = Object.keys(query.d)[0];
|
|
9
|
-
if (!
|
|
8
|
+
if (!cpu.config.noCheckPermissions && !await checkRequestPermission(cpu.config, cpu.gw, user, query)) {
|
|
10
9
|
return { err: true, msg: "Permission denied", c: 403 };
|
|
11
10
|
}
|
|
12
11
|
if (operation === "find") {
|
|
13
12
|
const params = query.d[operation];
|
|
14
|
-
const select = parseSelect(params.fields || params.select || {});
|
|
13
|
+
const select = parseSelect(cpu.config, params.fields || params.select || {});
|
|
15
14
|
if (select && typeof select === "object" && Object.keys(select).length !== 0)
|
|
16
15
|
params.searchOpts = { ...params.searchOpts, select };
|
|
17
16
|
return db.find(params.collection, params.search, {}, params.options || {}, params.searchOpts);
|
|
18
17
|
}
|
|
19
18
|
else if (operation === "findOne" || operation === "f") {
|
|
20
19
|
const params = query.d[operation];
|
|
21
|
-
const select = parseSelect(params.fields || params.select || {});
|
|
20
|
+
const select = parseSelect(cpu.config, params.fields || params.select || {});
|
|
22
21
|
if (select && typeof select === "object" && Object.keys(select).length !== 0)
|
|
23
22
|
params.searchOpts = { ...params.searchOpts, select };
|
|
24
23
|
return db.findOne(params.collection, params.search, {}, params.searchOpts);
|
package/dist/cpu/request.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../src/cpu/request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../src/cpu/request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AAexD,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,GAAiB,EAAE,KAAiB,EAAE,IAAS;IAC9E,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;QACvC,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,uBAAuB,KAAK,CAAC,EAAE,IAAI,WAAW,aAAa,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;IAEnG,MAAM,EAAE,GAAG,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAErC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAmB,CAAC;IAE5D,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,kBAAkB,IAAI,CAAC,MAAM,sBAAsB,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC;QACnG,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,mBAAmB,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;IAC3D,CAAC;IAED,IAAI,SAAS,KAAK,MAAM,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAY,CAAC;QAC7C,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QAC7E,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,CAAC,UAAU,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAEnI,OAAO,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;IAClG,CAAC;SAAM,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;QACtD,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAe,CAAC;QAChD,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QAC7E,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,CAAC,UAAU,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAEnI,OAAO,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;IAC/E,CAAC;SAAM,IAAI,SAAS,KAAK,KAAK,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAW,CAAC;QAC5C,OAAO,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,CAAC;IACzE,CAAC;SAAM,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAc,CAAC;QAC/C,OAAO,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACvE,CAAC;SAAM,IAAI,SAAS,KAAK,WAAW,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAiB,CAAC;QAClD,OAAO,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC1E,CAAC;SAAM,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAc,CAAC;QAC/C,OAAO,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;SAAM,IAAI,SAAS,KAAK,WAAW,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAiB,CAAC;QAClD,OAAO,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1D,CAAC;SAAM,IAAI,SAAS,KAAK,gBAAgB,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAsB,CAAC;QACvD,OAAO,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,CAAC;IAChI,CAAC;SAAM,IAAI,SAAS,KAAK,kBAAkB,EAAE,CAAC;QAC1C,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAA2B,CAAC;QAC5D,OAAO,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAClD,CAAC;SAAM,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAA2B,CAAC;QAC5D,OAAO,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACjD,CAAC;SAAM,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAA2B,CAAC;QAC5D,OAAO,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACjD,CAAC;SAAM,IAAI,SAAS,KAAK,gBAAgB,EAAE,CAAC;QACxC,OAAO,EAAE,CAAC,cAAc,EAAE,CAAC;IAC/B,CAAC;SAAM,CAAC;QACJ,MAAM,CAAC,GAAU,SAAS,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,oBAAoB,GAAG,CAAC,CAAC,CAAC;IAC9C,CAAC;AACL,CAAC"}
|
package/dist/cpu/utils.d.ts
CHANGED
|
@@ -1 +1,2 @@
|
|
|
1
|
-
|
|
1
|
+
import { VQLConfig } from "../config.js";
|
|
2
|
+
export declare function parseSelect(config: VQLConfig, select: object | object[]): any[];
|
package/dist/cpu/utils.js
CHANGED
|
@@ -1,13 +1,12 @@
|
|
|
1
|
-
|
|
2
|
-
export function parseSelect(select) {
|
|
1
|
+
export function parseSelect(config, select) {
|
|
3
2
|
if (Array.isArray(select)) {
|
|
4
|
-
if (!
|
|
3
|
+
if (!config.strictSelect && select.length === 0)
|
|
5
4
|
return undefined;
|
|
6
5
|
return select;
|
|
7
6
|
}
|
|
8
7
|
else {
|
|
9
8
|
const keys = Object.keys(select);
|
|
10
|
-
if (!
|
|
9
|
+
if (!config.strictSelect && keys.length === 0)
|
|
11
10
|
return undefined;
|
|
12
11
|
return keys.filter(k => !!select[k]);
|
|
13
12
|
}
|
package/dist/cpu/utils.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/cpu/utils.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/cpu/utils.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,WAAW,CAAC,MAAiB,EAAE,MAAyB;IACpE,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;QAClE,OAAO,MAAM,CAAC;IAClB,CAAC;SAAM,CAAC;QACJ,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;QAChE,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;AACL,CAAC"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
1
|
import { GateWarden } from "@wxn0brp/gate-warden";
|
|
2
2
|
import { RelationQuery } from "../types/vql.js";
|
|
3
|
-
|
|
3
|
+
import { VQLConfig } from "../config.js";
|
|
4
|
+
export declare function checkRelationPermission(config: VQLConfig, gw: GateWarden<any>, user: any, query: RelationQuery): Promise<boolean>;
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
import { PermCRUD } from "../types/perm.js";
|
|
2
2
|
import { extractPathsFromData, hashKey } from "./utils.js";
|
|
3
|
-
|
|
4
|
-
export async function checkRelationPermission(gw, user, query) {
|
|
3
|
+
export async function checkRelationPermission(config, gw, user, query) {
|
|
5
4
|
const { path, search, relations, select } = query.r;
|
|
6
5
|
// Helper function to recursively check permissions with fallback mechanism
|
|
7
6
|
const checkPermissionRecursively = async (entityId, fallbackLevels = []) => {
|
|
@@ -11,22 +10,22 @@ export async function checkRelationPermission(gw, user, query) {
|
|
|
11
10
|
return true;
|
|
12
11
|
}
|
|
13
12
|
// If the result is "entity-404", check the next fallback level
|
|
14
|
-
if (!
|
|
15
|
-
const nextFallbackEntityId = hashKey(fallbackLevels.slice(0, -1));
|
|
13
|
+
if (!config.strictACL && result.via === "entity-404" && fallbackLevels.length > 0) {
|
|
14
|
+
const nextFallbackEntityId = hashKey(config, fallbackLevels.slice(0, -1));
|
|
16
15
|
return checkPermissionRecursively(nextFallbackEntityId, fallbackLevels.slice(0, -2));
|
|
17
16
|
}
|
|
18
17
|
// If no fallback levels are left or the result is not "entity-404", deny access
|
|
19
18
|
return false;
|
|
20
19
|
};
|
|
21
20
|
// Check permission for the relation field in the parent collection
|
|
22
|
-
if (!await checkPermissionRecursively(hashKey(path), path)) {
|
|
21
|
+
if (!await checkPermissionRecursively(hashKey(config, path), path)) {
|
|
23
22
|
return false;
|
|
24
23
|
}
|
|
25
24
|
// Check permissions for search fields
|
|
26
25
|
const searchPaths = extractPathsFromData(search || {});
|
|
27
26
|
for (const searchPath of searchPaths) {
|
|
28
27
|
const key = [...path, ...searchPath.path, searchPath.key];
|
|
29
|
-
if (!await checkPermissionRecursively(hashKey(key), key)) {
|
|
28
|
+
if (!await checkPermissionRecursively(hashKey(config, key), key)) {
|
|
30
29
|
return false;
|
|
31
30
|
}
|
|
32
31
|
}
|
|
@@ -34,7 +33,7 @@ export async function checkRelationPermission(gw, user, query) {
|
|
|
34
33
|
if (select) {
|
|
35
34
|
for (const fieldPath of select) {
|
|
36
35
|
const key = [...path, fieldPath];
|
|
37
|
-
if (!await checkPermissionRecursively(hashKey(key), key)) {
|
|
36
|
+
if (!await checkPermissionRecursively(hashKey(config, key), key)) {
|
|
38
37
|
return false;
|
|
39
38
|
}
|
|
40
39
|
}
|
|
@@ -43,7 +42,7 @@ export async function checkRelationPermission(gw, user, query) {
|
|
|
43
42
|
if (relations) {
|
|
44
43
|
for (const relationKey in relations) {
|
|
45
44
|
const r = relations[relationKey];
|
|
46
|
-
if (!await checkRelationPermission(gw, user, { r })) {
|
|
45
|
+
if (!await checkRelationPermission(config, gw, user, { r })) {
|
|
47
46
|
return false;
|
|
48
47
|
}
|
|
49
48
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"relation.js","sourceRoot":"","sources":["../../src/permissions/relation.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"relation.js","sourceRoot":"","sources":["../../src/permissions/relation.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGxD,MAAM,CAAC,KAAK,UAAU,uBAAuB,CACzC,MAAiB,EACjB,EAAmB,EACnB,IAAS,EACT,KAAoB;IAEpB,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC;IAEpD,2EAA2E;IAC3E,MAAM,0BAA0B,GAAG,KAAK,EACpC,QAAgB,EAChB,iBAA2B,EAAE,EACb,EAAE;QAClB,qDAAqD;QACrD,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEpE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,+DAA+D;QAC/D,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,GAAG,KAAK,YAAY,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChF,MAAM,oBAAoB,GAAG,OAAO,CAAC,MAAM,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1E,OAAO,0BAA0B,CAAC,oBAAoB,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACzF,CAAC;QAED,gFAAgF;QAChF,OAAO,KAAK,CAAC;IACjB,CAAC,CAAC;IAEF,mEAAmE;IACnE,IAAI,CAAC,MAAM,0BAA0B,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC;QACjE,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,oBAAoB,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;IACvD,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACnC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,UAAU,CAAC,IAAI,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,MAAM,0BAA0B,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;YAC/D,OAAO,KAAK,CAAC;QACjB,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,IAAI,MAAM,EAAE,CAAC;QACT,KAAK,MAAM,SAAS,IAAI,MAAM,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,EAAE,SAAS,CAAa,CAAC;YAC7C,IAAI,CAAC,MAAM,0BAA0B,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;gBAC/D,OAAO,KAAK,CAAC;YACjB,CAAC;QACL,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,IAAI,SAAS,EAAE,CAAC;QACZ,KAAK,MAAM,WAAW,IAAI,SAAS,EAAE,CAAC;YAClC,MAAM,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;YACjC,IAAI,CAAC,MAAM,uBAAuB,CAAC,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,EAAS,CAAC,EAAE,CAAC;gBACjE,OAAO,KAAK,CAAC;YACjB,CAAC;QACL,CAAC;IACL,CAAC;IAED,OAAO,IAAI,CAAC;AAChB,CAAC"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { GateWarden } from "@wxn0brp/gate-warden";
|
|
2
2
|
import { PermCRUD } from "../types/perm.js";
|
|
3
3
|
import { VQLRequest } from "../types/vql.js";
|
|
4
|
-
|
|
4
|
+
import { VQLConfig } from "../config.js";
|
|
5
|
+
export declare function extractPaths(config: VQLConfig, query: VQLRequest): {
|
|
5
6
|
db: string;
|
|
6
7
|
c: string;
|
|
7
8
|
paths: {
|
|
@@ -15,4 +16,4 @@ export declare function processFieldPath(pathObj: {
|
|
|
15
16
|
path: string[];
|
|
16
17
|
key: string;
|
|
17
18
|
}): string[];
|
|
18
|
-
export declare function checkRequestPermission(gw: GateWarden<any>, user: any, query: VQLRequest): Promise<boolean>;
|
|
19
|
+
export declare function checkRequestPermission(config: VQLConfig, gw: GateWarden<any>, user: any, query: VQLRequest): Promise<boolean>;
|
|
@@ -1,11 +1,10 @@
|
|
|
1
1
|
import { PermCRUD } from "../types/perm.js";
|
|
2
2
|
import { extractPathsFromData, hashKey } from "./utils.js";
|
|
3
|
-
|
|
4
|
-
export function extractPaths(query) {
|
|
3
|
+
export function extractPaths(config, query) {
|
|
5
4
|
const operation = Object.keys(query.d)[0];
|
|
6
5
|
const collection = query.d[operation].collection;
|
|
7
6
|
const permPaths = {
|
|
8
|
-
db: hashKey(query.db),
|
|
7
|
+
db: hashKey(config, query.db),
|
|
9
8
|
c: collection,
|
|
10
9
|
paths: []
|
|
11
10
|
};
|
|
@@ -47,7 +46,7 @@ export function extractPaths(query) {
|
|
|
47
46
|
return path;
|
|
48
47
|
return path.filed.map(filed => {
|
|
49
48
|
const processedPath = [query.db, collection, ...processFieldPath(filed)];
|
|
50
|
-
return { filed: hashKey(processedPath), path: processedPath, p: path.p };
|
|
49
|
+
return { filed: hashKey(config, processedPath), path: processedPath, p: path.p };
|
|
51
50
|
});
|
|
52
51
|
}).flat();
|
|
53
52
|
return permPaths;
|
|
@@ -80,10 +79,10 @@ export function processFieldPath(pathObj) {
|
|
|
80
79
|
}
|
|
81
80
|
return processedPath;
|
|
82
81
|
}
|
|
83
|
-
export async function checkRequestPermission(gw, user, query) {
|
|
82
|
+
export async function checkRequestPermission(config, gw, user, query) {
|
|
84
83
|
if (!query)
|
|
85
84
|
return false;
|
|
86
|
-
const permPaths = extractPaths(query);
|
|
85
|
+
const permPaths = extractPaths(config, query);
|
|
87
86
|
// Helper function to recursively check permissions
|
|
88
87
|
const checkPermissionRecursively = async (entityId, requiredPerm, fallbackLevels = []) => {
|
|
89
88
|
// Check if the user has access to the current entity
|
|
@@ -92,14 +91,13 @@ export async function checkRequestPermission(gw, user, query) {
|
|
|
92
91
|
return true;
|
|
93
92
|
}
|
|
94
93
|
// If the result is "entity-404", check the next fallback level
|
|
95
|
-
if (!
|
|
96
|
-
const nextFallbackEntityId = hashKey(fallbackLevels.slice(0, -1));
|
|
94
|
+
if (!config.strictACL && result.via === "entity-404" && fallbackLevels.length > 0) {
|
|
95
|
+
const nextFallbackEntityId = hashKey(config, fallbackLevels.slice(0, -1));
|
|
97
96
|
return checkPermissionRecursively(nextFallbackEntityId, requiredPerm, fallbackLevels.slice(0, -2));
|
|
98
97
|
}
|
|
99
98
|
// If no fallback levels are left or the result is not "entity-404", deny access
|
|
100
99
|
return false;
|
|
101
100
|
};
|
|
102
|
-
debugger;
|
|
103
101
|
// Check each required permission
|
|
104
102
|
const results = [];
|
|
105
103
|
for (const path of permPaths.paths) {
|
|
@@ -108,7 +106,7 @@ export async function checkRequestPermission(gw, user, query) {
|
|
|
108
106
|
let fallbackLevels = [];
|
|
109
107
|
if ("c" in path) {
|
|
110
108
|
// Collection-level permission: hash the combination of db and collection
|
|
111
|
-
entityId = hashKey([query.db, permPaths.c]);
|
|
109
|
+
entityId = hashKey(config, [query.db, permPaths.c]);
|
|
112
110
|
requiredPerm = path.c;
|
|
113
111
|
// Fallback to database level if needed
|
|
114
112
|
fallbackLevels = [query.db];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../src/permissions/request.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../src/permissions/request.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGxD,MAAM,UAAU,YAAY,CAAC,MAAiB,EAAE,KAAiB;IAU7D,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAmB,CAAC;IAC5D,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC;IACjD,MAAM,SAAS,GAAG;QACd,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;QAC7B,CAAC,EAAE,UAAU;QACb,KAAK,EAAE,EAAE;KACZ,CAAA;IAED,QAAQ,SAAS,EAAE,CAAC;QAChB,KAAK,GAAG,CAAC;QACT,KAAK,MAAM,CAAC;QACZ,KAAK,SAAS;YACV,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAyB,CAAC;YACtD,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YACnF,MAAM;QACV,KAAK,KAAK;YACN,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAC7C,MAAM;QACV,KAAK,QAAQ,CAAC;QACd,KAAK,WAAW;YACZ,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAA6B,CAAC;YAC1D,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YACnF,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACtF,MAAM;QACV,KAAK,QAAQ,CAAC;QACd,KAAK,WAAW;YACZ,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAC7C,MAAM;QACV,KAAK,gBAAgB;YACjB,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAsB,CAAC;YACnD,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAC7C,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YACnF,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACtF,MAAM;QACV,KAAK,iBAAiB,CAAC;QACvB,KAAK,gBAAgB,CAAC;QACtB,KAAK,iBAAiB,CAAC;QACvB,KAAK,kBAAkB;YACnB,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;YACjD,MAAM;IACd,CAAC;IAED,SAAS,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;QACzC,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAE7B,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC1B,MAAM,aAAa,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,UAAU,EAAE,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;YACzE,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;QACrF,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAEV,OAAO,SAAS,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,OAAwC;IACrE,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,MAAM,aAAa,GAAa,EAAE,CAAC;IAEnC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QAC9B,IAAI,UAAU,EAAE,CAAC;YACb,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7B,CAAC;aAAM,CAAC;YACJ,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACrB,UAAU,GAAG,IAAI,CAAC;gBACtB,CAAC;YACL,CAAC;iBAAM,CAAC;gBACJ,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;QACL,CAAC;IACL,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACb,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC;SAAM,CAAC;QACJ,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/B,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACpC,CAAC;IACL,CAAC;IAED,OAAO,aAAa,CAAC;AACzB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CACxC,MAAiB,EACjB,EAAmB,EACnB,IAAS,EACT,KAAiB;IAEjB,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IAEzB,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAE9C,mDAAmD;IACnD,MAAM,0BAA0B,GAAG,KAAK,EACpC,QAAgB,EAChB,YAAoB,EACpB,iBAA2B,EAAE,EACb,EAAE;QAClB,qDAAqD;QACrD,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAEnE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,+DAA+D;QAC/D,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,GAAG,KAAK,YAAY,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChF,MAAM,oBAAoB,GAAG,OAAO,CAAC,MAAM,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1E,OAAO,0BAA0B,CAAC,oBAAoB,EAAE,YAAY,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACvG,CAAC;QAED,gFAAgF;QAChF,OAAO,KAAK,CAAC;IACjB,CAAC,CAAC;IAEF,iCAAiC;IACjC,MAAM,OAAO,GAAc,EAAE,CAAC;IAC9B,KAAK,MAAM,IAAI,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;QACjC,IAAI,QAAgB,CAAC;QACrB,IAAI,YAAoB,CAAC;QACzB,IAAI,cAAc,GAAa,EAAE,CAAC;QAElC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;YACd,yEAAyE;YACzE,QAAQ,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;YACpD,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC;YAEtB,uCAAuC;YACvC,cAAc,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAChC,CAAC;aAAM,CAAC;YACJ,oDAAoD;YACpD,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC;YACtB,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC;YAEtB,2DAA2D;YAC3D,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC;QAC/B,CAAC;QAED,gCAAgC;QAChC,MAAM,MAAM,GAAG,MAAM,0BAA0B,CAAC,QAAQ,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC;QACxF,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACzB,CAAC;IAED,kCAAkC;IAClC,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;AAC3C,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
|
|
1
|
+
import { VQLConfig } from "../config.js";
|
|
2
|
+
export declare function hashKey(config: VQLConfig, path: any): string;
|
|
2
3
|
export declare function extractPathsFromData(data: any, stack?: string[]): {
|
|
3
4
|
path: string[];
|
|
4
5
|
key: string;
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import crypto from "crypto";
|
|
2
|
-
|
|
3
|
-
export function hashKey(path) {
|
|
2
|
+
export function hashKey(config, path) {
|
|
4
3
|
const json = JSON.stringify(path);
|
|
5
|
-
if (
|
|
4
|
+
if (config.hidePath)
|
|
6
5
|
return crypto.createHash("sha256").update(json).digest("hex");
|
|
7
6
|
else
|
|
8
7
|
return json;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/permissions/utils.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/permissions/utils.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAG5B,MAAM,UAAU,OAAO,CAAC,MAAiB,EAAE,IAAS;IAChD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClC,IAAI,MAAM,CAAC,QAAQ;QACf,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;;QAE9D,OAAO,IAAI,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,IAAS,EAAE,QAAkB,EAAE;IAChE,MAAM,KAAK,GAAsC,EAAE,CAAC;IACpD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;QACxB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,KAAK,EAAE,CAAC,GAAG,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QAChE,CAAC;aAAM,CAAC;YACJ,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;QACrC,CAAC;IACL,CAAC;IACD,OAAO,KAAK,CAAC;AACjB,CAAC"}
|
package/dist/processor.d.ts
CHANGED
|
@@ -1,13 +1,15 @@
|
|
|
1
1
|
import { Relation, ValtheraCompatible } from "@wxn0brp/db";
|
|
2
2
|
import { GateWarden } from "@wxn0brp/gate-warden";
|
|
3
|
-
import { VQL, VQLR, VQLRef } from "./types/vql.js";
|
|
3
|
+
import { VQL, VQLError, VQLR, VQLRef } from "./types/vql.js";
|
|
4
|
+
import { VQLConfig } from "./config.js";
|
|
4
5
|
export declare class VQLProcessor<GW = any> {
|
|
5
6
|
dbInstances: Record<string, ValtheraCompatible>;
|
|
6
7
|
gw: GateWarden<GW>;
|
|
8
|
+
config: VQLConfig;
|
|
7
9
|
relation: Relation;
|
|
8
10
|
preDefinedSheets: Map<string, VQL>;
|
|
9
|
-
constructor(dbInstances: Record<string, ValtheraCompatible>, gw?: GateWarden<GW
|
|
10
|
-
execute(queryRaw: VQLR | string | {
|
|
11
|
+
constructor(dbInstances: Record<string, ValtheraCompatible>, gw?: GateWarden<GW>, config?: VQLConfig);
|
|
12
|
+
execute<T = any>(queryRaw: VQLR | string | {
|
|
11
13
|
query: string;
|
|
12
|
-
} & VQLRef, user: any): Promise<
|
|
14
|
+
} & VQLRef, user: any): Promise<T | VQLError>;
|
|
13
15
|
}
|
package/dist/processor.js
CHANGED
|
@@ -5,14 +5,17 @@ import { executeQuery } from "./cpu/request.js";
|
|
|
5
5
|
import { executeRelation } from "./cpu/relation.js";
|
|
6
6
|
import { parseStringQuery } from "./cpu/string/index.js";
|
|
7
7
|
import logger from "./logger.js";
|
|
8
|
+
import { VQLConfig } from "./config.js";
|
|
8
9
|
export class VQLProcessor {
|
|
9
10
|
dbInstances;
|
|
10
11
|
gw;
|
|
12
|
+
config;
|
|
11
13
|
relation;
|
|
12
14
|
preDefinedSheets = new Map();
|
|
13
|
-
constructor(dbInstances, gw = null) {
|
|
15
|
+
constructor(dbInstances, gw = null, config = new VQLConfig()) {
|
|
14
16
|
this.dbInstances = dbInstances;
|
|
15
17
|
this.gw = gw;
|
|
18
|
+
this.config = config;
|
|
16
19
|
this.relation = new Relation(dbInstances);
|
|
17
20
|
}
|
|
18
21
|
async execute(queryRaw, user) {
|
|
@@ -40,14 +43,14 @@ export class VQLProcessor {
|
|
|
40
43
|
logger.info("Incoming object query");
|
|
41
44
|
logger.debug("Raw query: ", queryRaw);
|
|
42
45
|
}
|
|
43
|
-
const validateRawResult = validateRaw(queryRaw);
|
|
46
|
+
const validateRawResult = validateRaw(this.config, queryRaw);
|
|
44
47
|
if (validateRawResult !== true) {
|
|
45
48
|
logger.warn("Raw validation failed:", validateRawResult);
|
|
46
49
|
return validateRawResult;
|
|
47
50
|
}
|
|
48
51
|
const query = executeSheet(queryRaw, this.preDefinedSheets);
|
|
49
52
|
logger.debug("Executed sheet (expanded query):", query);
|
|
50
|
-
const validateVqlResult = validateVql(query);
|
|
53
|
+
const validateVqlResult = validateVql(this.config, query);
|
|
51
54
|
if (validateVqlResult !== true) {
|
|
52
55
|
logger.warn("VQL validation failed:", validateVqlResult);
|
|
53
56
|
return validateVqlResult;
|
package/dist/processor.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"processor.js","sourceRoot":"","sources":["../src/processor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAsB,MAAM,aAAa,CAAC;AAG3D,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,MAAM,MAAM,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"processor.js","sourceRoot":"","sources":["../src/processor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAsB,MAAM,aAAa,CAAC;AAG3D,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,MAAM,MAAM,UAAU,CAAC;AAC9B,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC,MAAM,OAAO,YAAY;IAKV;IACA;IACA;IANJ,QAAQ,CAAW;IACnB,gBAAgB,GAAqB,IAAI,GAAG,EAAE,CAAC;IAEtD,YACW,WAA+C,EAC/C,KAAqB,IAAI,EACzB,SAAoB,IAAI,SAAS,EAAE;QAFnC,gBAAW,GAAX,WAAW,CAAoC;QAC/C,OAAE,GAAF,EAAE,CAAuB;QACzB,WAAM,GAAN,MAAM,CAA6B;QAE1C,IAAI,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC;IAED,KAAK,CAAC,OAAO,CAAQ,QAAoD,EAAE,IAAS;QAChF,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACrC,MAAM,CAAC,GAAM,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACtE,MAAM,IAAI,GAAG,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;YAChE,MAAM,GAAG,GAAI,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;YAChE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAEhB,IAAI,CAAC;gBACD,QAAQ,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;gBAC/B,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,QAAQ,CAAC,CAAC;YAClD,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACT,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC3E,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,+BAA+B,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC;YACxG,CAAC;YAED,IAAI,IAAI;gBAAE,QAAQ,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;YAChD,IAAI,GAAG;gBAAE,QAAQ,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,EAAE,CAAC;YACzC,MAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE,QAAQ,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACJ,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACrC,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC1C,CAAC;QAED,MAAM,iBAAiB,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAC7D,IAAI,iBAAiB,KAAK,IAAI,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,iBAAiB,CAAC,CAAC;YACzD,OAAO,iBAAiB,CAAC;QAC7B,CAAC;QAED,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC5D,MAAM,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QAExD,MAAM,iBAAiB,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC1D,IAAI,iBAAiB,KAAK,IAAI,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,iBAAiB,CAAC,CAAC;YACzD,OAAO,iBAAiB,CAAC;QAC7B,CAAC;QAED,IAAI,GAAG,IAAI,KAAK,EAAE,CAAC;YACf,OAAO,MAAM,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACpD,CAAC;aAAM,IAAI,GAAG,IAAI,KAAK,EAAE,CAAC;YACtB,OAAO,MAAM,YAAY,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACJ,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;QACvD,CAAC;IACL,CAAC;CACJ"}
|
package/dist/types/vql.d.ts
CHANGED
|
@@ -123,4 +123,10 @@ type DeepPartial<T> = {
|
|
|
123
123
|
};
|
|
124
124
|
export type VQL = (VQLRequest | RelationQuery) & VQLRef;
|
|
125
125
|
export type VQLR = VQL | (DeepPartial<VQL> & VQLRefRequired) | VQLRefRequired;
|
|
126
|
+
export interface VQLError {
|
|
127
|
+
err: true;
|
|
128
|
+
msg: string;
|
|
129
|
+
c: number;
|
|
130
|
+
why?: string;
|
|
131
|
+
}
|
|
126
132
|
export {};
|
package/dist/valid.d.ts
CHANGED
|
@@ -1,15 +1,6 @@
|
|
|
1
1
|
import Ajv from "ajv";
|
|
2
|
-
import {
|
|
2
|
+
import { VQLConfig } from "./config.js";
|
|
3
|
+
import { VQL, VQLError, VQLR } from "./types/vql.js";
|
|
3
4
|
export declare const ajv: Ajv;
|
|
4
|
-
export declare function validateRaw(query: VQLR): true |
|
|
5
|
-
|
|
6
|
-
msg: string;
|
|
7
|
-
c: number;
|
|
8
|
-
why: any;
|
|
9
|
-
};
|
|
10
|
-
export declare function validateVql(query: VQL): true | {
|
|
11
|
-
err: boolean;
|
|
12
|
-
msg: string;
|
|
13
|
-
c: number;
|
|
14
|
-
why: any;
|
|
15
|
-
};
|
|
5
|
+
export declare function validateRaw(config: VQLConfig, query: VQLR): true | VQLError;
|
|
6
|
+
export declare function validateVql(config: VQLConfig, query: VQL): true | VQLError;
|
package/dist/valid.js
CHANGED
|
@@ -3,7 +3,6 @@ import Ajv from "ajv";
|
|
|
3
3
|
import ajvFormat from "ajv-formats";
|
|
4
4
|
import { readFileSync } from "fs";
|
|
5
5
|
import { buildAjvErrorTree } from "./ajv.js";
|
|
6
|
-
import { VQLConfig } from "./config.js";
|
|
7
6
|
const filePath = import.meta.dirname + "/schema.json";
|
|
8
7
|
const schema = JSON.parse(readFileSync(filePath, "utf-8"));
|
|
9
8
|
export const ajv = new Ajv({
|
|
@@ -19,19 +18,19 @@ modSchema.anyOf = [
|
|
|
19
18
|
}
|
|
20
19
|
];
|
|
21
20
|
const validVQL = ajv.compile(modSchema);
|
|
22
|
-
export function validateRaw(query) {
|
|
21
|
+
export function validateRaw(config, query) {
|
|
23
22
|
if (!validVQLR(query)) {
|
|
24
23
|
let why = validVQLR.errors;
|
|
25
|
-
why =
|
|
24
|
+
why = config.formatAjv ? buildAjvErrorTree(why) : why;
|
|
26
25
|
why = deepMerge(why, query);
|
|
27
26
|
return { err: true, msg: "Invalid query raw", c: 400, why };
|
|
28
27
|
}
|
|
29
28
|
return true;
|
|
30
29
|
}
|
|
31
|
-
export function validateVql(query) {
|
|
30
|
+
export function validateVql(config, query) {
|
|
32
31
|
if (!validVQL(query)) {
|
|
33
32
|
let why = validVQL.errors;
|
|
34
|
-
why =
|
|
33
|
+
why = config.formatAjv ? buildAjvErrorTree(why) : why;
|
|
35
34
|
why = deepMerge(why, query);
|
|
36
35
|
return { err: true, msg: "Invalid query", c: 400, why };
|
|
37
36
|
}
|
package/dist/valid.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"valid.js","sourceRoot":"","sources":["../src/valid.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,SAAS,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAClC,OAAO,EAAE,iBAAiB,EAAE,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"valid.js","sourceRoot":"","sources":["../src/valid.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,SAAS,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAClC,OAAO,EAAE,iBAAiB,EAAE,MAAM,OAAO,CAAC;AAI1C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC;AACtD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;AAE3D,MAAM,CAAC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC;IACvB,eAAe,EAAE,IAAI;IACrB,MAAM,EAAE,KAAK;CAChB,CAAC,CAAC;AACH,SAAS,CAAC,GAAG,CAAC,CAAC;AAEf,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;AAEtC,MAAM,SAAS,GAAG,MAAM,CAAC;AACzB,SAAS,CAAC,KAAK,GAAG;IACd;QACI,MAAM,EAAE,mBAAmB;KAC9B;CACJ,CAAA;AACD,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAExC,MAAM,UAAU,WAAW,CAAC,MAAgB,EAAE,KAAW;IACrD,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;QACpB,IAAI,GAAG,GAAQ,SAAS,CAAC,MAAM,CAAC;QAChC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACtD,GAAG,GAAG,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC5B,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,mBAAmB,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IAChE,CAAC;IACD,OAAO,IAAI,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAgB,EAAE,KAAU;IACpD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnB,IAAI,GAAG,GAAQ,QAAQ,CAAC,MAAM,CAAC;QAC/B,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACtD,GAAG,GAAG,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC5B,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IAC5D,CAAC;IACD,OAAO,IAAI,CAAC;AAChB,CAAC"}
|
package/dist/vql.d.ts
CHANGED
|
@@ -324,5 +324,11 @@ export type DeepPartial<T> = {
|
|
|
324
324
|
};
|
|
325
325
|
export type VQL = (VQLRequest | RelationQuery) & VQLRef;
|
|
326
326
|
export type VQLR = VQL | (DeepPartial<VQL> & VQLRefRequired) | VQLRefRequired;
|
|
327
|
+
export interface VQLError {
|
|
328
|
+
err: true;
|
|
329
|
+
msg: string;
|
|
330
|
+
c: number;
|
|
331
|
+
why?: string;
|
|
332
|
+
}
|
|
327
333
|
|
|
328
334
|
export {};
|