axe-api 0.30.0-rc2 → 0.30.0-rc4

package/build/index.d.ts

@@ -1,8 +1,8 @@
 import Server from "./src/Server";
 import Model from "./src/Model";
 import ApiError from "./src/Exceptions/ApiError";
-import { DEFAULT_HANDLERS } from "./src/constants";
-import { IoCService } from "./src/Services";
+import { DEFAULT_HANDLERS, DEFAULT_VERSION_CONFIG } from "./src/constants";
+import { IoCService, allow, deny } from "./src/Services";
 export * from "./src/Enums";
 export * from "./src/Interfaces";
-export { Server, Model, ApiError, DEFAULT_HANDLERS, IoCService };
+export { Server, Model, ApiError, DEFAULT_HANDLERS, DEFAULT_VERSION_CONFIG, IoCService, allow, deny, };

package/build/index.js

@@ -17,7 +17,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.IoCService = exports.DEFAULT_HANDLERS = exports.ApiError = exports.Model = exports.Server = void 0;
+exports.deny = exports.allow = exports.IoCService = exports.DEFAULT_VERSION_CONFIG = exports.DEFAULT_HANDLERS = exports.ApiError = exports.Model = exports.Server = void 0;
 const Server_1 = __importDefault(require("./src/Server"));
 exports.Server = Server_1.default;
 const Model_1 = __importDefault(require("./src/Model"));
@@ -26,7 +26,10 @@ const ApiError_1 = __importDefault(require("./src/Exceptions/ApiError"));
 exports.ApiError = ApiError_1.default;
 const constants_1 = require("./src/constants");
 Object.defineProperty(exports, "DEFAULT_HANDLERS", { enumerable: true, get: function () { return constants_1.DEFAULT_HANDLERS; } });
+Object.defineProperty(exports, "DEFAULT_VERSION_CONFIG", { enumerable: true, get: function () { return constants_1.DEFAULT_VERSION_CONFIG; } });
 const Services_1 = require("./src/Services");
 Object.defineProperty(exports, "IoCService", { enumerable: true, get: function () { return Services_1.IoCService; } });
+Object.defineProperty(exports, "allow", { enumerable: true, get: function () { return Services_1.allow; } });
+Object.defineProperty(exports, "deny", { enumerable: true, get: function () { return Services_1.deny; } });
 __exportStar(require("./src/Enums"), exports);
 __exportStar(require("./src/Interfaces"), exports);

package/build/src/Enums.d.ts

@@ -88,5 +88,35 @@ export declare enum AxeErrorCode {
     UNDEFINED_COLUMN = "UNDEFINED_COLUMN",
     UNDEFINED_RELATION_MODEL = "UNDEFINED_RELATION_MODEL",
     UNDEFINED_HOOK_MODEL_RELATION = "UNDEFINED_HOOK_MODEL_RELATION",
-    UNACCEPTABLE_HOOK_FILE = "UNACCEPTABLE_HOOK_FILE"
+    UNACCEPTABLE_HOOK_FILE = "UNACCEPTABLE_HOOK_FILE",
+    UNDEFINED_RELATION_NAME = "UNDEFINED_RELATION_NAME"
+}
+export declare enum QueryFeatureType {
+    Allow = "Allow",
+    Deny = "Deny"
+}
+export declare enum QueryFeature {
+    All = "all",
+    FieldsAll = "fieldsAll",
+    Sorting = "sorting",
+    Limits = "limits",
+    WhereAll = "where.*",
+    WhereEqual = "where.equal",
+    WhereNotEqual = "where.notEqual",
+    WhereGt = "where.gt",
+    WhereGte = "where.gte",
+    WhereLt = "where.lt",
+    WhereLte = "where.lte",
+    WhereLike = "where.like",
+    WhereNotLike = "where.notLike",
+    WhereIn = "where.in",
+    WhereNotIn = "where.notIn",
+    WhereBetween = "where.between",
+    WhereNotBetween = "where.notBetween",
+    WhereNull = "where.null",
+    WhereNotNull = "where.notNull",
+    Trashed = "trashed",
+    WithAll = "with.*",
+    WithHasOne = "with.hasOne",
+    WithHasMany = "with.hasMany"
 }

package/build/src/Enums.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AxeErrorCode = exports.TimestampColumns = exports.SortTypes = exports.Relationships = exports.LogLevels = exports.HttpMethods = exports.Extensions = exports.HookFunctionTypes = exports.HandlerTypes = exports.DependencyTypes = exports.ConditionTypes = void 0;
+exports.QueryFeature = exports.QueryFeatureType = exports.AxeErrorCode = exports.TimestampColumns = exports.SortTypes = exports.Relationships = exports.LogLevels = exports.HttpMethods = exports.Extensions = exports.HookFunctionTypes = exports.HandlerTypes = exports.DependencyTypes = exports.ConditionTypes = void 0;
 var ConditionTypes;
 (function (ConditionTypes) {
     ConditionTypes["NotNull"] = "NotNull";
@@ -103,4 +103,36 @@ var AxeErrorCode;
     AxeErrorCode["UNDEFINED_RELATION_MODEL"] = "UNDEFINED_RELATION_MODEL";
     AxeErrorCode["UNDEFINED_HOOK_MODEL_RELATION"] = "UNDEFINED_HOOK_MODEL_RELATION";
     AxeErrorCode["UNACCEPTABLE_HOOK_FILE"] = "UNACCEPTABLE_HOOK_FILE";
+    AxeErrorCode["UNDEFINED_RELATION_NAME"] = "UNDEFINED_RELATION_NAME";
 })(AxeErrorCode = exports.AxeErrorCode || (exports.AxeErrorCode = {}));
+var QueryFeatureType;
+(function (QueryFeatureType) {
+    QueryFeatureType["Allow"] = "Allow";
+    QueryFeatureType["Deny"] = "Deny";
+})(QueryFeatureType = exports.QueryFeatureType || (exports.QueryFeatureType = {}));
+var QueryFeature;
+(function (QueryFeature) {
+    QueryFeature["All"] = "all";
+    QueryFeature["FieldsAll"] = "fieldsAll";
+    QueryFeature["Sorting"] = "sorting";
+    QueryFeature["Limits"] = "limits";
+    QueryFeature["WhereAll"] = "where.*";
+    QueryFeature["WhereEqual"] = "where.equal";
+    QueryFeature["WhereNotEqual"] = "where.notEqual";
+    QueryFeature["WhereGt"] = "where.gt";
+    QueryFeature["WhereGte"] = "where.gte";
+    QueryFeature["WhereLt"] = "where.lt";
+    QueryFeature["WhereLte"] = "where.lte";
+    QueryFeature["WhereLike"] = "where.like";
+    QueryFeature["WhereNotLike"] = "where.notLike";
+    QueryFeature["WhereIn"] = "where.in";
+    QueryFeature["WhereNotIn"] = "where.notIn";
+    QueryFeature["WhereBetween"] = "where.between";
+    QueryFeature["WhereNotBetween"] = "where.notBetween";
+    QueryFeature["WhereNull"] = "where.null";
+    QueryFeature["WhereNotNull"] = "where.notNull";
+    QueryFeature["Trashed"] = "trashed";
+    QueryFeature["WithAll"] = "with.*";
+    QueryFeature["WithHasOne"] = "with.hasOne";
+    QueryFeature["WithHasMany"] = "with.hasMany";
+})(QueryFeature = exports.QueryFeature || (exports.QueryFeature = {}));

package/build/src/Handlers/AllHandler.js

@@ -14,7 +14,7 @@ const Services_1 = require("../Services");
 const Enums_1 = require("../Enums");
 exports.default = (pack) => __awaiter(void 0, void 0, void 0, function* () {
     const { version, model, req, res, database, relation, parentModel } = pack;
-    const queryParser = new Services_1.QueryService(model, version.modelList.get());
+    const queryParser = new Services_1.QueryService(model, version.modelList.get(), version.config);
     // We should parse URL query string to use as condition in Lucid query
     const conditions = queryParser.get(req.query);
     // Creating a new database query

package/build/src/Handlers/Helpers.d.ts

@@ -14,3 +14,4 @@ export declare const serializeData: (version: IVersion, itemArray: any[] | any,
 export declare const filterHiddenFields: (itemArray: any[], hiddens: string[] | null) => void;
 export declare const addSoftDeleteQuery: (model: IModelService, conditions: IQuery | null, query: Knex.QueryBuilder) => void;
 export declare const getRelatedData: (version: IVersion, data: any[], withArray: IWith[], model: IModelService, modelList: ModelListService, database: Knex | Knex.Transaction, handler: HandlerTypes, request: Request) => Promise<void>;
+export declare const isBoolean: (value: any) => boolean;

package/build/src/Handlers/Helpers.js

@@ -12,11 +12,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getRelatedData = exports.addSoftDeleteQuery = exports.filterHiddenFields = exports.serializeData = exports.addForeignKeyQuery = exports.getParentColumn = exports.callHooks = exports.getMergedFormData = exports.bindTimestampValues = void 0;
+exports.isBoolean = exports.getRelatedData = exports.addSoftDeleteQuery = exports.filterHiddenFields = exports.serializeData = exports.addForeignKeyQuery = exports.getParentColumn = exports.callHooks = exports.getMergedFormData = exports.bindTimestampValues = void 0;
 const change_case_1 = require("change-case");
 const Enums_1 = require("../Enums");
 const ApiError_1 = __importDefault(require("../Exceptions/ApiError"));
 const Services_1 = require("../Services");
+const LimitService_1 = require("../Services/LimitService");
+const constants_1 = require("../constants");
 const bindTimestampValues = (formData, columnTypes = [], model) => {
     if (columnTypes.includes(Enums_1.TimestampColumns.CREATED_AT) &&
         model.instance.createdAtColumn) {
@@ -138,8 +140,10 @@ const filterHiddenFields = (itemArray, hiddens) => {
 };
 exports.filterHiddenFields = filterHiddenFields;
 const addSoftDeleteQuery = (model, conditions, query) => {
-    // TODO: Trashed feature will be implemented later
-    // (conditions === null || conditions?.trashed === false)
+    if (conditions !== null && (conditions === null || conditions === void 0 ? void 0 : conditions.trashed) === true) {
+        (0, LimitService_1.valideteQueryFeature)(model, Enums_1.QueryFeature.Trashed);
+        return;
+    }
     if (model.instance.deletedAtColumn) {
         query.whereNull(model.instance.deletedAtColumn);
     }
@@ -162,6 +166,8 @@ const getRelatedData = (version, data, withArray, model, modelList, database, ha
         if (!foreignModel) {
             continue;
         }
+        // Validating the query limit
+        (0, LimitService_1.valideteQueryFeature)(model, constants_1.RelationQueryFeatureMap[definedRelation.type], `${model.instance.table}.${definedRelation.name}`, `${model.instance.table}.${definedRelation.name}`);
         let dataField = "primaryKey";
         let searchField = "foreignKey";
         if (definedRelation.type !== Enums_1.Relationships.HAS_MANY) {
@@ -225,3 +231,14 @@ const getRelatedData = (version, data, withArray, model, modelList, database, ha
     }
 });
 exports.getRelatedData = getRelatedData;
+const isBoolean = (value) => {
+    if (value === undefined || value === null) {
+        return false;
+    }
+    value = (value || "").trim().toLocaleLowerCase();
+    if (value === "true" || value === "1" || value === "on" || value === "yes") {
+        return true;
+    }
+    return false;
+};
+exports.isBoolean = isBoolean;

package/build/src/Handlers/PaginateHandler.js

@@ -14,7 +14,7 @@ const Enums_1 = require("../Enums");
 const Services_1 = require("../Services");
 exports.default = (pack) => __awaiter(void 0, void 0, void 0, function* () {
     const { version, model, req, database, relation, parentModel } = pack;
-    const queryParser = new Services_1.QueryService(model, version.modelList.get());
+    const queryParser = new Services_1.QueryService(model, version.modelList.get(), version.config);
     // We should parse URL query string to use as condition in Lucid query
     const conditions = queryParser.get(req.query);
     // Creating a new database query

package/build/src/Handlers/ShowHandler.js

@@ -18,7 +18,7 @@ const ApiError_1 = __importDefault(require("../Exceptions/ApiError"));
 const Services_1 = require("../Services");
 exports.default = (pack) => __awaiter(void 0, void 0, void 0, function* () {
     const { version, model, req, res, database, relation, parentModel } = pack;
-    const queryParser = new Services_1.QueryService(model, version.modelList.get());
+    const queryParser = new Services_1.QueryService(model, version.modelList.get(), version.config);
     // We should parse URL query string to use as condition in Lucid query
     const conditions = queryParser.get(req.query);
     // Fetching item

package/build/src/Interfaces.d.ts

@@ -1,7 +1,7 @@
 import { Knex } from "knex";
 import { Express, Request, Response, NextFunction } from "express";
 import { Column } from "knex-schema-inspector/lib/types/column";
-import { HandlerTypes, LogLevels, HttpMethods, HookFunctionTypes, Extensions, Relationships, SortTypes, ConditionTypes, DependencyTypes } from "./Enums";
+import { HandlerTypes, LogLevels, HttpMethods, HookFunctionTypes, Extensions, Relationships, SortTypes, ConditionTypes, DependencyTypes, QueryFeature, QueryFeatureType } from "./Enums";
 import Model from "./Model";
 import { SerializationFunction } from "./Types";
 import { ModelListService } from "./Services";
@@ -18,11 +18,26 @@ interface IHandlerBasedSerializer {
     handler: HandlerTypes[];
     serializer: ((data: any, request: Request) => void)[];
 }
+export interface IQueryLimitConfig {
+    feature: QueryFeature;
+    type: QueryFeatureType;
+    key: string | null;
+}
+export interface IQueryDefaultConfig {
+    perPage?: number;
+    minPerPage?: number;
+    maxPerPage?: number;
+}
+export interface IQueryConfig {
+    limits: Array<IQueryLimitConfig[]>;
+    defaults?: IQueryDefaultConfig;
+}
 export interface IVersionConfig {
     transaction: boolean | IHandlerBasedTransactionConfig | IHandlerBasedTransactionConfig[];
     serializers: ((data: any, request: Request) => void)[] | IHandlerBasedSerializer[];
     supportedLanguages: string[];
     defaultLanguage: string;
+    query: IQueryConfig;
 }
 export interface IApplicationConfig extends IConfig {
     env: string;
@@ -104,9 +119,11 @@ export interface IModelService {
     events: Record<HookFunctionTypes, (params: IHookParameter) => void>;
     isRecursive: boolean;
     children: IModelService[];
+    queryLimits: IQueryLimitConfig[];
     serialize: SerializationFunction | null;
     setColumns(columns: IColumn[]): void;
     setExtensions(type: Extensions, hookFunctionType: HookFunctionTypes, data: (params: IHookParameter) => void): void;
+    setQueryLimits(limits: IQueryLimitConfig[]): void;
     setSerialization(callback: SerializationFunction): void;
 }
 export interface IRelation {

package/build/src/Model.d.ts

@@ -1,5 +1,5 @@
 import { Request, Response, NextFunction } from "express";
-import { IRelation, IMethodBaseConfig, IMethodBaseValidations, IHandlerBaseMiddleware, IHandlerBasedTransactionConfig } from "./Interfaces";
+import { IRelation, IMethodBaseConfig, IMethodBaseValidations, IHandlerBaseMiddleware, IHandlerBasedTransactionConfig, IQueryLimitConfig } from "./Interfaces";
 import { HandlerTypes, HttpMethods } from "./Enums";
 declare class Model {
     get primaryKey(): string;
@@ -14,6 +14,7 @@ declare class Model {
     get deletedAtColumn(): string | null;
     get transaction(): boolean | IHandlerBasedTransactionConfig | IHandlerBasedTransactionConfig[] | null;
     get ignore(): boolean;
+    get limits(): Array<IQueryLimitConfig[]>;
     getFillableFields(methodType: HttpMethods): string[];
     getValidationRules(methodType: HttpMethods): Record<string, string> | null;
     getMiddlewares(handlerType: HandlerTypes): ((req: Request, res: Response, next: NextFunction) => void)[];

package/build/src/Model.js

@@ -44,6 +44,9 @@ class Model {
     get ignore() {
         return false;
     }
+    get limits() {
+        return [];
+    }
     getFillableFields(methodType) {
         if (this.fillable === null) {
             return [];

package/build/src/Resolvers/ModelResolver.d.ts

@@ -10,6 +10,7 @@ declare class ModelResolver {
     private getDirectories;
     private checkOldStyleHookFiles;
     private setModelSerializations;
+    private setModelQueryLimits;
     private getInstanceMethods;
 }
 export default ModelResolver;

package/build/src/Resolvers/ModelResolver.js

@@ -33,6 +33,7 @@ class ModelResolver {
             yield this.setModelHooks(modelList, Enums_1.Extensions.Hooks);
             yield this.setModelHooks(modelList, Enums_1.Extensions.Events);
             yield this.setModelSerializations(modelList);
+            yield this.setModelQueryLimits(modelList);
             this.version.modelList = modelList;
             logger.info(`[${this.version.name}] All models have been resolved.`);
         });
@@ -161,6 +162,23 @@ class ModelResolver {
             }
         });
     }
+    setModelQueryLimits(modelList) {
+        return __awaiter(this, void 0, void 0, function* () {
+            for (const model of modelList.get()) {
+                // We should use the full field name like `users.name`
+                const modelLimits = model.instance.limits.flat().map((item) => {
+                    if (item.key) {
+                        item.key = `${model.instance.table}.${item.key}`;
+                    }
+                    return Object.assign({}, item);
+                });
+                model.setQueryLimits([
+                    ...this.version.config.query.limits.flat(),
+                    ...modelLimits,
+                ]);
+            }
+        });
+    }
     getInstanceMethods(obj) {
         const properties = Object.getOwnPropertyNames(obj.instance.constructor.prototype);
         return properties.filter((name) => !constants_1.DEFAULT_METHODS_OF_MODELS.includes(name));

package/build/src/Services/APIService.js

@@ -54,6 +54,9 @@ class APIService {
                 serializers: [],
                 supportedLanguages: ["en"],
                 defaultLanguage: "en",
+                query: {
+                    limits: [],
+                },
             },
             folders: {
                 root,

package/build/src/Services/LimitService.d.ts

@@ -0,0 +1,5 @@
+import { QueryFeature } from "../Enums";
+import { IModelService, IQueryLimitConfig } from "../Interfaces";
+export declare const allow: (feature: QueryFeature, keys?: string[]) => IQueryLimitConfig[];
+export declare const deny: (feature: QueryFeature, keys?: string[]) => IQueryLimitConfig[];
+export declare const valideteQueryFeature: (model: IModelService, feature: QueryFeature, key?: string | null, errorDescription?: string) => void;

package/build/src/Services/LimitService.js

@@ -0,0 +1,116 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.valideteQueryFeature = exports.deny = exports.allow = void 0;
+const Enums_1 = require("../Enums");
+const ApiError_1 = __importDefault(require("../Exceptions/ApiError"));
+const QueryFeatureMap = {
+    [Enums_1.QueryFeature.All]: [
+        Enums_1.QueryFeature.FieldsAll,
+        Enums_1.QueryFeature.Sorting,
+        Enums_1.QueryFeature.Limits,
+        Enums_1.QueryFeature.WhereEqual,
+        Enums_1.QueryFeature.WhereNotEqual,
+        Enums_1.QueryFeature.WhereGt,
+        Enums_1.QueryFeature.WhereGte,
+        Enums_1.QueryFeature.WhereLt,
+        Enums_1.QueryFeature.WhereLte,
+        Enums_1.QueryFeature.WhereLike,
+        Enums_1.QueryFeature.WhereNotLike,
+        Enums_1.QueryFeature.WhereIn,
+        Enums_1.QueryFeature.WhereNotIn,
+        Enums_1.QueryFeature.WhereBetween,
+        Enums_1.QueryFeature.WhereNotBetween,
+        Enums_1.QueryFeature.WhereNull,
+        Enums_1.QueryFeature.WhereNotNull,
+        Enums_1.QueryFeature.Trashed,
+        Enums_1.QueryFeature.WithHasOne,
+        Enums_1.QueryFeature.WithHasMany,
+    ],
+    [Enums_1.QueryFeature.FieldsAll]: [Enums_1.QueryFeature.FieldsAll],
+    [Enums_1.QueryFeature.Sorting]: [Enums_1.QueryFeature.Sorting],
+    [Enums_1.QueryFeature.Limits]: [Enums_1.QueryFeature.Limits],
+    [Enums_1.QueryFeature.WhereAll]: [
+        Enums_1.QueryFeature.WhereEqual,
+        Enums_1.QueryFeature.WhereNotEqual,
+        Enums_1.QueryFeature.WhereGt,
+        Enums_1.QueryFeature.WhereGte,
+        Enums_1.QueryFeature.WhereLt,
+        Enums_1.QueryFeature.WhereLte,
+        Enums_1.QueryFeature.WhereLike,
+        Enums_1.QueryFeature.WhereNotLike,
+        Enums_1.QueryFeature.WhereIn,
+        Enums_1.QueryFeature.WhereNotIn,
+        Enums_1.QueryFeature.WhereBetween,
+        Enums_1.QueryFeature.WhereNotBetween,
+        Enums_1.QueryFeature.WhereNull,
+        Enums_1.QueryFeature.WhereNotNull,
+    ],
+    [Enums_1.QueryFeature.WhereEqual]: [Enums_1.QueryFeature.WhereEqual],
+    [Enums_1.QueryFeature.WhereNotEqual]: [Enums_1.QueryFeature.WhereNotEqual],
+    [Enums_1.QueryFeature.WhereGt]: [Enums_1.QueryFeature.WhereGt],
+    [Enums_1.QueryFeature.WhereGte]: [Enums_1.QueryFeature.WhereGte],
+    [Enums_1.QueryFeature.WhereLt]: [Enums_1.QueryFeature.WhereLt],
+    [Enums_1.QueryFeature.WhereLte]: [Enums_1.QueryFeature.WhereLte],
+    [Enums_1.QueryFeature.WhereLike]: [Enums_1.QueryFeature.WhereLike],
+    [Enums_1.QueryFeature.WhereNotLike]: [Enums_1.QueryFeature.WhereNotLike],
+    [Enums_1.QueryFeature.WhereIn]: [Enums_1.QueryFeature.WhereIn],
+    [Enums_1.QueryFeature.WhereNotIn]: [Enums_1.QueryFeature.WhereNotIn],
+    [Enums_1.QueryFeature.WhereBetween]: [Enums_1.QueryFeature.WhereBetween],
+    [Enums_1.QueryFeature.WhereNotBetween]: [Enums_1.QueryFeature.WhereNotBetween],
+    [Enums_1.QueryFeature.WhereNull]: [Enums_1.QueryFeature.WhereNull],
+    [Enums_1.QueryFeature.WhereNotNull]: [Enums_1.QueryFeature.WhereNotNull],
+    [Enums_1.QueryFeature.Trashed]: [Enums_1.QueryFeature.Trashed],
+    [Enums_1.QueryFeature.WithAll]: [Enums_1.QueryFeature.WithHasOne, Enums_1.QueryFeature.WithHasMany],
+    [Enums_1.QueryFeature.WithHasOne]: [Enums_1.QueryFeature.WithHasOne],
+    [Enums_1.QueryFeature.WithHasMany]: [Enums_1.QueryFeature.WithHasMany],
+};
+const generatePermission = (type, feature, keys = []) => {
+    const features = QueryFeatureMap[feature];
+    if (keys.length === 0) {
+        keys = [null];
+    }
+    return features
+        .map((subFeature) => {
+        return keys.map((key) => {
+            return {
+                type,
+                feature: subFeature,
+                key,
+            };
+        });
+    })
+        .flat();
+};
+const allow = (feature, keys = []) => {
+    return generatePermission(Enums_1.QueryFeatureType.Allow, feature, keys);
+};
+exports.allow = allow;
+const deny = (feature, keys = []) => {
+    return generatePermission(Enums_1.QueryFeatureType.Deny, feature, keys);
+};
+exports.deny = deny;
+const valideteQueryFeature = (model, feature, key = null, errorDescription) => {
+    const errorDetail = errorDescription ? ` (${errorDescription})` : "";
+    const rules = model.queryLimits.filter((limit) => limit.feature === feature && limit.key === null);
+    if (key) {
+        const keyRules = model.queryLimits.filter((limit) => limit.feature === feature && limit.key === key);
+        if (keyRules.length > 0) {
+            const lastKeyRule = keyRules[keyRules.length - 1];
+            if ((lastKeyRule === null || lastKeyRule === void 0 ? void 0 : lastKeyRule.type) === Enums_1.QueryFeatureType.Deny) {
+                throw new ApiError_1.default(`Unsupported query feature${errorDetail}: ${feature.toString()} [${key}]`);
+            }
+            return;
+        }
+    }
+    if (rules.length === 0) {
+        throw new ApiError_1.default(`Unsupported query feature${errorDetail}: ${feature.toString()}`);
+    }
+    const lastRule = rules[rules.length - 1];
+    if ((lastRule === null || lastRule === void 0 ? void 0 : lastRule.type) === Enums_1.QueryFeatureType.Deny) {
+        throw new ApiError_1.default(`Unsupported query feature${errorDetail}: ${feature.toString()}`);
+    }
+};
+exports.valideteQueryFeature = valideteQueryFeature;

package/build/src/Services/ModelService.d.ts

@@ -1,5 +1,5 @@
 import { HookFunctionTypes, Extensions } from "../Enums";
-import { IColumn, IHookParameter, IModelService, IRelation } from "../Interfaces";
+import { IColumn, IHookParameter, IModelService, IQueryLimitConfig, IRelation } from "../Interfaces";
 import Model from "./../Model";
 import { SerializationFunction } from "../Types";
 declare class ModelService implements IModelService {
@@ -12,10 +12,12 @@ declare class ModelService implements IModelService {
     events: Record<HookFunctionTypes, (params: IHookParameter) => void>;
     children: IModelService[];
     isRecursive: boolean;
+    queryLimits: IQueryLimitConfig[];
     serialize: SerializationFunction | null;
     constructor(name: string, instance: Model);
     setColumns(columns: IColumn[]): void;
     setExtensions(type: Extensions, hookFunctionType: HookFunctionTypes, data: (params: IHookParameter) => void): void;
+    setQueryLimits(limits: IQueryLimitConfig[]): void;
     setSerialization(callback: SerializationFunction): void;
     private setHooks;
     private setEvents;

package/build/src/Services/ModelService.js

@@ -12,6 +12,7 @@ class ModelService {
         this.columnNames = [];
         this.children = [];
         this.isRecursive = false;
+        this.queryLimits = [];
         this.serialize = null;
     }
     setColumns(columns) {
@@ -29,6 +30,9 @@ class ModelService {
             throw new Error("Undefined hook type.");
         }
     }
+    setQueryLimits(limits) {
+        this.queryLimits = limits;
+    }
     setSerialization(callback) {
         this.serialize = callback;
     }

package/build/src/Services/QueryService.d.ts

@@ -1,4 +1,4 @@
-import { IQuery, ISortField, NestedWhere, IWhere, IModelService } from "../Interfaces";
+import { IQuery, ISortField, NestedWhere, IWhere, IModelService, IVersionConfig } from "../Interfaces";
 import { Knex } from "knex";
 declare class QueryService {
     model: IModelService;
@@ -6,7 +6,8 @@ declare class QueryService {
     usedConditionColumns: string[];
     relationColumns: string[];
     createdJoins: string[];
-    constructor(model: IModelService, models: IModelService[]);
+    config: IVersionConfig;
+    constructor(model: IModelService, models: IModelService[], config: IVersionConfig);
     applyFields(query: Knex.QueryBuilder, fields: string[]): void;
     applySorting(query: Knex.QueryBuilder, sort: ISortField[]): void;
     applyWheresInsideGroup(sub: Knex.QueryBuilder, ruleSet: NestedWhere | IWhere): void;

package/build/src/Services/QueryService.js

@@ -6,10 +6,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const Enums_1 = require("../Enums");
 const ApiError_1 = __importDefault(require("../Exceptions/ApiError"));
 const Resolvers_1 = require("../Resolvers");
+const constants_1 = require("../constants");
+const LimitService_1 = require("./LimitService");
+const Helpers_1 = require("../Handlers/Helpers");
 class QueryService {
-    constructor(model, models) {
+    constructor(model, models, config) {
         this.model = model;
         this.models = models;
+        this.config = config;
         this.createdJoins = [];
         this.relationColumns = [];
         this.usedConditionColumns = [];
@@ -17,6 +21,7 @@ class QueryService {
     applyFields(query, fields) {
         // Users should be able to select some fields to show.
         if (fields.length === 0 || (fields.length === 1 && fields[0] === "*")) {
+            (0, LimitService_1.valideteQueryFeature)(this.model, Enums_1.QueryFeature.FieldsAll);
             query.select(`${this.model.instance.table}.*`);
         }
         else {
@@ -33,7 +38,9 @@ class QueryService {
         if (sort.length === 0) {
             return;
         }
+        (0, LimitService_1.valideteQueryFeature)(this.model, Enums_1.QueryFeature.Sorting);
         sort.forEach((item) => {
+            (0, LimitService_1.valideteQueryFeature)(this.model, Enums_1.QueryFeature.Sorting, `${this.model.instance.table}.${item.name}`);
             query.orderBy(item.name, item.type);
         });
     }
@@ -156,6 +163,7 @@ class QueryService {
         this.createdJoins.push(relation.name);
     }
     parseSections(sections) {
+        var _a, _b, _c, _d;
         if (sections.q) {
             const queryContent = sections.q.replace(/%20/g, "").replace(/ /g, "");
             // Users can send an unacceptable query string. We shouldn't allow them to
@@ -175,10 +183,14 @@ class QueryService {
             sort: this.parseSortingOptions(sections.sort),
             q: this.parseCondition(sections.q),
             with: withQueryResolver.resolve((sections === null || sections === void 0 ? void 0 : sections.with) || ""),
-            trashed: (sections === null || sections === void 0 ? void 0 : sections.trashed)
-                ? sections.trashed.trim() === "true" || sections.trashed.trim() === "1"
-                : false,
+            trashed: (sections === null || sections === void 0 ? void 0 : sections.trashed) ? (0, Helpers_1.isBoolean)(sections.trashed) : false,
         };
+        const configPerPage = ((_b = (_a = this.config) === null || _a === void 0 ? void 0 : _a.query.defaults) === null || _b === void 0 ? void 0 : _b.perPage) ||
+            ((_d = (_c = constants_1.DEFAULT_VERSION_CONFIG.query) === null || _c === void 0 ? void 0 : _c.defaults) === null || _d === void 0 ? void 0 : _d.perPage) ||
+            10;
+        if (query.per_page !== configPerPage) {
+            (0, LimitService_1.valideteQueryFeature)(this.model, Enums_1.QueryFeature.Limits);
+        }
         this.addRelationColumns(query.with);
         return query;
     }
@@ -193,9 +205,21 @@ class QueryService {
         return value;
     }
     parsePerPage(content) {
-        const value = parseInt(content);
-        if (isNaN(value) || value <= 1 || value > 10000) {
-            return 10;
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
+        const value = parseInt(content ||
+            ((_b = (_a = this.config.query) === null || _a === void 0 ? void 0 : _a.defaults) === null || _b === void 0 ? void 0 : _b.perPage) ||
+            ((_c = constants_1.DEFAULT_VERSION_CONFIG.query.defaults) === null || _c === void 0 ? void 0 : _c.perPage) ||
+            10);
+        const minPerPage = ((_e = (_d = this.config.query) === null || _d === void 0 ? void 0 : _d.defaults) === null || _e === void 0 ? void 0 : _e.minPerPage) ||
+            ((_f = constants_1.DEFAULT_VERSION_CONFIG.query.defaults) === null || _f === void 0 ? void 0 : _f.minPerPage) ||
+            1;
+        const maxPerPage = ((_h = (_g = this.config.query) === null || _g === void 0 ? void 0 : _g.defaults) === null || _h === void 0 ? void 0 : _h.maxPerPage) ||
+            ((_j = constants_1.DEFAULT_VERSION_CONFIG.query.defaults) === null || _j === void 0 ? void 0 : _j.maxPerPage) ||
+            100;
+        if (isNaN(value) || value <= minPerPage || value > maxPerPage) {
+            return (((_l = (_k = this.config.query) === null || _k === void 0 ? void 0 : _k.defaults) === null || _l === void 0 ? void 0 : _l.perPage) ||
+                ((_m = constants_1.DEFAULT_VERSION_CONFIG.query.defaults) === null || _m === void 0 ? void 0 : _m.perPage) ||
+                10);
         }
         return value;
     }
@@ -332,6 +356,7 @@ class QueryService {
             where.relation = relation;
             where.field = field;
         }
+        (0, LimitService_1.valideteQueryFeature)(this.model, constants_1.ConditionQueryFeatureMap[where.condition], `${where.table}.${where.field}`);
         this.shouldBeAcceptableColumn(where.field);
         this.usedConditionColumns.push(`${where.table}.${where.field}`);
         return where;

package/build/src/Services/SchemaValidatorService.d.ts

@@ -4,6 +4,10 @@ declare class SchemaValidatorService {
     constructor(version: IVersion);
     validate(): Promise<void>;
     private checkModelColumnsOrFail;
+    private checkRelationNamesOrFail;
+    private getQueryLimitRelations;
+    private getQueryLimitColumns;
+    private getQueryLimitKeyByFilter;
     private getModelFillableColumns;
     private getModelFormValidationColumns;
     private getModelHiddenColumns;