aifastdb 2.2.2 → 2.2.6

package/dist/security/server/routes.js

@@ -4,7 +4,7 @@
  * 提供 RESTful API 端点
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.hasAdminAccess = exports.isAdminRequest = exports.matchAdminRoute = exports.adminRoutes = exports.routes = exports.deleteDatabaseHandler = exports.createDatabaseHandler = exports.getDatabaseInfoHandler = exports.listDatabasesHandler = exports.detailedHealthHandler = exports.healthCheckHandler = exports.readinessHandler = exports.livenessHandler = exports.revokeApiKeyHandler = exports.createApiKeyHandler = exports.queryAuditLogsHandler = exports.listUsersHandler = exports.createUserHandler = exports.collectionStatsHandler = exports.listCollectionsHandler = exports.getHandler = exports.forgetHandler = exports.recallHandler = exports.rememberHandler = exports.refreshTokenHandler = exports.logoutHandler = exports.loginHandler = void 0;
+exports.hasAdminAccess = exports.isAdminRequest = exports.matchAdminRoute = exports.adminRoutes = exports.routes = exports.getRecordActionsHandler = exports.updateProtectionHandler = exports.updateCollaboratorHandler = exports.removeCollaboratorHandler = exports.addCollaboratorHandler = exports.updateVisibilityHandler = exports.federationQueryWithAuthHandler = exports.federationWriteWithAuthHandler = exports.deleteDatabaseHandler = exports.createDatabaseHandler = exports.getDatabaseInfoHandler = exports.listDatabasesHandler = exports.detailedHealthHandler = exports.healthCheckHandler = exports.readinessHandler = exports.livenessHandler = exports.revokeApiKeyHandler = exports.createApiKeyHandler = exports.queryAuditLogsHandler = exports.listUsersHandler = exports.createUserHandler = exports.collectionStatsHandler = exports.listCollectionsHandler = exports.getHandler = exports.forgetHandler = exports.recallHandler = exports.rememberHandler = exports.refreshTokenHandler = exports.logoutHandler = exports.loginHandler = void 0;
 exports.matchRoute = matchRoute;
 const intranet_1 = require("../modes/intranet");
 const production_1 = require("../modes/production");
@@ -1062,6 +1062,554 @@ const deleteDatabaseHandler = async (ctx, security, db, root) => {
 };
 exports.deleteDatabaseHandler = deleteDatabaseHandler;
 // ============================================================================
+// 联邦存储 — 记录级权限管理路由 (T15.10)
+// ============================================================================
+/**
+ * 联邦存储：带鉴权写入
+ * POST /api/v2/federation/stores/:alias/write
+ */
+const federationWriteWithAuthHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const { op, accessContext } = ctx.body || {};
+    if (!alias || !op) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Bad Request', message: 'Store alias and write operation are required' },
+        };
+    }
+    try {
+        // Build access context from request body or authenticated user
+        const authCtx = accessContext || {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        const result = federation.writeWithAuth(alias, op, authCtx);
+        return {
+            status: 201,
+            headers: { 'Content-Type': 'application/json' },
+            body: { success: true, data: result },
+        };
+    }
+    catch (error) {
+        const message = error?.message || String(error);
+        const status = message.includes('Permission denied') || message.includes('permission') ? 403 : 400;
+        return {
+            status,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: status === 403 ? 'Forbidden' : 'Bad Request', message },
+        };
+    }
+};
+exports.federationWriteWithAuthHandler = federationWriteWithAuthHandler;
+/**
+ * 联邦存储：带鉴权查询
+ * POST /api/v2/federation/stores/:alias/query
+ */
+const federationQueryWithAuthHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const { target, filters, limit, offset, accessContext } = ctx.body || {};
+    if (!alias || !target) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Bad Request', message: 'Store alias and target type are required' },
+        };
+    }
+    try {
+        const authCtx = accessContext || {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        const result = federation.queryWithAuth(alias, target, authCtx, filters, limit, offset);
+        return {
+            status: 200,
+            headers: { 'Content-Type': 'application/json' },
+            body: { success: true, data: result },
+        };
+    }
+    catch (error) {
+        const message = error?.message || String(error);
+        const status = message.includes('Permission denied') ? 403 : 500;
+        return {
+            status,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: status === 403 ? 'Forbidden' : 'Internal Server Error', message },
+        };
+    }
+};
+exports.federationQueryWithAuthHandler = federationQueryWithAuthHandler;
+/**
+ * 修改记录可见性
+ * PUT /api/v2/federation/stores/:alias/records/:id/visibility
+ */
+const updateVisibilityHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const recordsIdx = pathParts.indexOf('records');
+    const recordId = pathParts[recordsIdx + 1];
+    const { visibility, userIds, roles } = ctx.body || {};
+    if (!alias || !recordId || !visibility) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Bad Request', message: 'Store alias, record ID, and visibility are required' },
+        };
+    }
+    try {
+        // Get current record to check ownership
+        const authCtx = {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        const actions = federation.getRecordActions(alias, recordId, authCtx);
+        if (actions && !actions.canShare) {
+            return {
+                status: 403,
+                headers: { 'Content-Type': 'application/json' },
+                body: { error: 'Forbidden', message: 'Only the owner or admin can modify visibility' },
+            };
+        }
+        // Persist visibility change via NAPI
+        federation.updateVisibility(alias, recordId, {
+            visibilityType: visibility,
+            userIds: userIds || undefined,
+            roles: roles || undefined,
+        }, authCtx);
+        return {
+            status: 200,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                success: true,
+                data: {
+                    id: recordId,
+                    visibility,
+                    userIds: userIds || [],
+                    roles: roles || [],
+                    updatedBy: authCtx.caller,
+                },
+            },
+        };
+    }
+    catch (error) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: error?.message || String(error) },
+        };
+    }
+};
+exports.updateVisibilityHandler = updateVisibilityHandler;
+/**
+ * 添加协作者
+ * POST /api/v2/federation/stores/:alias/records/:id/collaborators
+ */
+const addCollaboratorHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const recordsIdx = pathParts.indexOf('records');
+    const recordId = pathParts[recordsIdx + 1];
+    const { userId, permissions } = ctx.body || {};
+    if (!alias || !recordId || !userId || !permissions) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                error: 'Bad Request',
+                message: 'Store alias, record ID, userId, and permissions are required',
+            },
+        };
+    }
+    try {
+        const authCtx = {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        const actions = federation.getRecordActions(alias, recordId, authCtx);
+        if (actions && !actions.canShare) {
+            return {
+                status: 403,
+                headers: { 'Content-Type': 'application/json' },
+                body: { error: 'Forbidden', message: 'Only the owner or admin can manage collaborators' },
+            };
+        }
+        // Persist collaborator addition via NAPI
+        const grantedAt = Date.now();
+        federation.addCollaborator(alias, recordId, {
+            userId,
+            permissions,
+            grantedAt,
+            grantedBy: authCtx.caller,
+        }, authCtx);
+        return {
+            status: 201,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                success: true,
+                data: {
+                    id: recordId,
+                    collaborator: {
+                        userId,
+                        permissions,
+                        grantedAt,
+                        grantedBy: authCtx.caller,
+                    },
+                },
+            },
+        };
+    }
+    catch (error) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: error?.message || String(error) },
+        };
+    }
+};
+exports.addCollaboratorHandler = addCollaboratorHandler;
+/**
+ * 移除协作者
+ * DELETE /api/v2/federation/stores/:alias/records/:id/collaborators/:userId
+ */
+const removeCollaboratorHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const recordsIdx = pathParts.indexOf('records');
+    const recordId = pathParts[recordsIdx + 1];
+    const collaboratorsIdx = pathParts.indexOf('collaborators');
+    const targetUserId = pathParts[collaboratorsIdx + 1];
+    if (!alias || !recordId || !targetUserId) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Bad Request', message: 'Store alias, record ID, and user ID are required' },
+        };
+    }
+    try {
+        const authCtx = {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        const actions = federation.getRecordActions(alias, recordId, authCtx);
+        if (actions && !actions.canShare) {
+            return {
+                status: 403,
+                headers: { 'Content-Type': 'application/json' },
+                body: { error: 'Forbidden', message: 'Only the owner or admin can manage collaborators' },
+            };
+        }
+        // Persist collaborator removal via NAPI
+        federation.removeCollaborator(alias, recordId, targetUserId, authCtx);
+        return {
+            status: 200,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                success: true,
+                data: {
+                    id: recordId,
+                    removedUserId: targetUserId,
+                    removedBy: authCtx.caller,
+                },
+            },
+        };
+    }
+    catch (error) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: error?.message || String(error) },
+        };
+    }
+};
+exports.removeCollaboratorHandler = removeCollaboratorHandler;
+/**
+ * 修改协作者权限
+ * PUT /api/v2/federation/stores/:alias/records/:id/collaborators/:userId
+ *
+ * 更新指定协作者的权限列表。仅记录所有者或管理员可操作。
+ * 如果 permissions 为空数组，等同于移除该协作者。
+ *
+ * Request body: { permissions: string[] }
+ * permissions: ['read', 'write', 'delete', 'share']
+ */
+const updateCollaboratorHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const recordsIdx = pathParts.indexOf('records');
+    const recordId = pathParts[recordsIdx + 1];
+    const collaboratorsIdx = pathParts.indexOf('collaborators');
+    const targetUserId = pathParts[collaboratorsIdx + 1];
+    const { permissions } = ctx.body || {};
+    if (!alias || !recordId || !targetUserId || !Array.isArray(permissions)) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                error: 'Bad Request',
+                message: 'Store alias, record ID, user ID, and permissions array are required',
+            },
+        };
+    }
+    // Validate permission values
+    const validPermissions = ['read', 'write', 'delete', 'share'];
+    const invalidPerms = permissions.filter((p) => !validPermissions.includes(p));
+    if (invalidPerms.length > 0) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                error: 'Bad Request',
+                message: `Invalid permissions: ${invalidPerms.join(', ')}. Valid values: ${validPermissions.join(', ')}`,
+            },
+        };
+    }
+    try {
+        const authCtx = {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        // Use the NAPI updateCollaborator method which checks share permission internally
+        federation.updateCollaborator(alias, recordId, {
+            userId: targetUserId,
+            permissions,
+            grantedBy: authCtx.caller,
+        }, authCtx);
+        return {
+            status: 200,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                success: true,
+                data: {
+                    id: recordId,
+                    userId: targetUserId,
+                    permissions,
+                    updatedBy: authCtx.caller,
+                },
+            },
+        };
+    }
+    catch (error) {
+        // Distinguish permission errors from other errors
+        if (error?.message?.includes('Permission denied')) {
+            return {
+                status: 403,
+                headers: { 'Content-Type': 'application/json' },
+                body: { error: 'Forbidden', message: error.message },
+            };
+        }
+        if (error?.message?.includes('not found')) {
+            return {
+                status: 404,
+                headers: { 'Content-Type': 'application/json' },
+                body: { error: 'Not Found', message: error.message },
+            };
+        }
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: error?.message || String(error) },
+        };
+    }
+};
+exports.updateCollaboratorHandler = updateCollaboratorHandler;
+/**
+ * 修改记录保护级别 (仅 Admin)
+ * PUT /api/v2/federation/stores/:alias/records/:id/protection
+ */
+const updateProtectionHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const recordsIdx = pathParts.indexOf('records');
+    const recordId = pathParts[recordsIdx + 1];
+    const { protection } = ctx.body || {};
+    if (!alias || !recordId || !protection) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Bad Request', message: 'Store alias, record ID, and protection level are required' },
+        };
+    }
+    // Reject setting protection to "system" via API
+    if (protection === 'system') {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                error: 'PROTECTION_ERROR',
+                message: 'Cannot set protection level to "system" via API. Use system_override internally.',
+            },
+        };
+    }
+    try {
+        const authCtx = {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        federation.downgradeProtection(alias, recordId, protection, authCtx);
+        return {
+            status: 200,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                success: true,
+                data: {
+                    id: recordId,
+                    protection,
+                    updatedBy: authCtx.caller,
+                },
+            },
+        };
+    }
+    catch (error) {
+        const message = error?.message || String(error);
+        const isProtectionError = message.includes('protection') || message.includes('Protection')
+            || message.includes('admin') || message.includes('Admin');
+        return {
+            status: isProtectionError ? 403 : 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: {
+                error: isProtectionError ? 'PROTECTION_ERROR' : 'Internal Server Error',
+                message,
+            },
+        };
+    }
+};
+exports.updateProtectionHandler = updateProtectionHandler;
+/**
+ * 获取记录可用操作
+ * GET /api/v2/federation/stores/:alias/records/:id/actions
+ */
+const getRecordActionsHandler = async (ctx, security, db, root) => {
+    const federation = root?.federation;
+    if (!federation) {
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message: 'Federation not available' },
+        };
+    }
+    const pathParts = ctx.path.split('/');
+    const storesIdx = pathParts.indexOf('stores');
+    const alias = pathParts[storesIdx + 1];
+    const recordsIdx = pathParts.indexOf('records');
+    const recordId = pathParts[recordsIdx + 1];
+    if (!alias || !recordId) {
+        return {
+            status: 400,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Bad Request', message: 'Store alias and record ID are required' },
+        };
+    }
+    try {
+        const authCtx = {
+            caller: ctx.security?.user?.id || 'anonymous',
+            roles: ctx.security?.user?.role ? [ctx.security.user.role] : [],
+            storeAlias: alias,
+            systemOverride: false,
+        };
+        const actions = federation.getRecordActions(alias, recordId, authCtx);
+        return {
+            status: 200,
+            headers: { 'Content-Type': 'application/json' },
+            body: { success: true, data: { actions } },
+        };
+    }
+    catch (error) {
+        const message = error?.message || String(error);
+        if (message.includes('not found')) {
+            return {
+                status: 404,
+                headers: { 'Content-Type': 'application/json' },
+                body: { error: 'Not Found', message },
+            };
+        }
+        return {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+            body: { error: 'Internal Server Error', message },
+        };
+    }
+};
+exports.getRecordActionsHandler = getRecordActionsHandler;
+// ============================================================================
 // 路由表
 // ============================================================================
 /**
@@ -1098,6 +1646,25 @@ exports.routes = [
     { method: 'GET', path: '/api/v1/databases/:name', handler: exports.getDatabaseInfoHandler, requireAuth: true, permissions: ['read'] },
     { method: 'POST', path: '/api/v1/databases', handler: exports.createDatabaseHandler, requireAuth: true, permissions: ['write'] },
     { method: 'DELETE', path: '/api/v1/databases/:name', handler: exports.deleteDatabaseHandler, requireAuth: true, permissions: ['delete'] },
+    // ================================================================
+    // 联邦存储 v2 — 记录级权限管理路由 (T15.10)
+    // ================================================================
+    // 联邦带鉴权写入
+    { method: 'POST', path: '/api/v2/federation/stores/:alias/write', handler: exports.federationWriteWithAuthHandler, requireAuth: true, permissions: ['write'] },
+    // 联邦带鉴权查询
+    { method: 'POST', path: '/api/v2/federation/stores/:alias/query', handler: exports.federationQueryWithAuthHandler, requireAuth: true, permissions: ['read'] },
+    // 修改记录可见性
+    { method: 'PUT', path: '/api/v2/federation/stores/:alias/records/:id/visibility', handler: exports.updateVisibilityHandler, requireAuth: true, permissions: ['write'] },
+    // 添加协作者
+    { method: 'POST', path: '/api/v2/federation/stores/:alias/records/:id/collaborators', handler: exports.addCollaboratorHandler, requireAuth: true, permissions: ['write'] },
+    // 移除协作者
+    { method: 'DELETE', path: '/api/v2/federation/stores/:alias/records/:id/collaborators/:userId', handler: exports.removeCollaboratorHandler, requireAuth: true, permissions: ['write'] },
+    // 修改协作者权限
+    { method: 'PUT', path: '/api/v2/federation/stores/:alias/records/:id/collaborators/:userId', handler: exports.updateCollaboratorHandler, requireAuth: true, permissions: ['write'] },
+    // 修改记录保护级别
+    { method: 'PUT', path: '/api/v2/federation/stores/:alias/records/:id/protection', handler: exports.updateProtectionHandler, requireAuth: true, permissions: ['write'] },
+    // 获取记录可用操作
+    { method: 'GET', path: '/api/v2/federation/stores/:alias/records/:id/actions', handler: exports.getRecordActionsHandler, requireAuth: true, permissions: ['read'] },
 ];
 /**
  * 路由匹配器