chyz 2.0.1-rc.3 → 2.0.1-rc.36

package/base/index.ts

@@ -0,0 +1,19 @@
+export {Logs} from "./Logs"
+export {BaseError} from "./BaseError"
+export {ActionFilter} from "./ActionFilter"
+export {Behavior} from "./Behavior"
+export {Component} from "./Component"
+export {Configurable} from "./Configurable"
+export {CWebController} from "./CWebController"
+export {DbConnection} from "./DbConnection"
+export {ForbiddenHttpException} from "./ForbiddenHttpException"
+export {InvalidConfigException} from "./InvalidConfigException"
+export {InvalidArgumentException} from "./InvalidArgumentException"
+export {NotFoundHttpException} from "./NotFoundHttpException"
+export {UnauthorizedHttpException} from "./UnauthorizedHttpException"
+export {DataErrorDbException} from "./DataErrorDbException"
+export {ValidationHttpException} from "./ValidationHttpException"
+export {Model, Relation, DataTypes, NOW} from "./Model"
+export {RestClient} from "./RestClient"
+export {ModelManager} from "./ModelManager"
+export {CEvents} from "./CEvents"

package/decorator/Middleware.ts

@@ -0,0 +1,9 @@
+import "reflect-metadata";
+import { ControllerDecoratorParams } from "./enums/ControllerDecoratorParams";
+import { RequestHandler } from "express";
+
+export function Middleware(middlewares: RequestHandler[]): Function {
+    return function(target: any, propertyKey: string): void {
+        Reflect.defineMetadata(ControllerDecoratorParams.Middleware, middlewares, target, propertyKey);
+    }
+}

package/decorator/{controller.js → controller.ts}

@@ -1,24 +1,22 @@
-"use strict";
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
  * E-mail: cihan@chy.com.tr
  * Github:https://github.com/cihan53/
  */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.controller = void 0;
+
 // @ts-ignore
-require("reflect-metadata");
-const controller = (prefix = '') => {
-    return (target) => {
+import  "reflect-metadata";
+export const controller = (prefix: string = ''): ClassDecorator => {
+    return (target: any) => {
         // @ts-ignore
         Reflect.defineMetadata('prefix', prefix, target);
+
         // Since routes are set by our methods this should almost never be true (except the controller has no methods)
         // @ts-ignore
-        if (!Reflect.hasMetadata('routes', target)) {
+        if (! Reflect.hasMetadata('routes', target)) {
             // @ts-ignore
             Reflect.defineMetadata('routes', [], target);
         }
     };
-};
-exports.controller = controller;
+};

package/decorator/{delete.js → delete.ts}

@@ -1,6 +1,3 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.del = void 0;
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
@@ -8,11 +5,13 @@ exports.del = void 0;
  * Github:https://github.com/cihan53/
  */
 // @ts-ignore
-require("reflect-metadata");
-const del = (path) => {
+import  "reflect-metadata";
+import {RouteDefinition} from '../model/RouteDefinition';
+
+export const del = (path: string): MethodDecorator => {
     // `target` equals our class, `propertyKey` equals our decorated method name
     // @ts-ignore
-    return (target, propertyKey) => {
+    return (target, propertyKey: string): void => {
         // In case this is the first route to be registered the `routes` metadata is likely to be undefined at this point.
         // To prevent any further validation simply set it to an empty array here.
         // @ts-ignore
@@ -20,11 +19,13 @@ const del = (path) => {
             // @ts-ignore
             Reflect.defineMetadata('routes', [], target.constructor);
         }
+
         // Get the routes stored so far, extend it by the new route and re-set the metadata.
         // @ts-ignore
-        const routes = Reflect.getMetadata('routes', target.constructor);
+        const routes = Reflect.getMetadata('routes', target.constructor) as Array<RouteDefinition>;
+
         routes.push({
-            id: "",
+            id:"",
             requestMethod: 'delete',
             path,
             methodName: propertyKey
@@ -33,4 +34,3 @@ const del = (path) => {
         Reflect.defineMetadata('routes', routes, target.constructor);
     };
 };
-exports.del = del;

package/decorator/enums/ControllerDecoratorParams.ts

@@ -0,0 +1,5 @@
+export enum ControllerDecoratorParams {
+    Path = 'path',
+    Method = 'method',
+    Middleware = 'middleware'
+}

package/decorator/{get.js → get.ts}

@@ -1,6 +1,3 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.get = void 0;
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
@@ -8,11 +5,13 @@ exports.get = void 0;
  * Github:https://github.com/cihan53/
  */
 // @ts-ignore
-require("reflect-metadata");
-const get = (path) => {
+import "reflect-metadata";
+import {RouteDefinition} from '../model/RouteDefinition';
+
+export const get = (path: string): MethodDecorator => {
     // `target` equals our class, `propertyKey` equals our decorated method name
     // @ts-ignore
-    return (target, propertyKey) => {
+    return (target, propertyKey: string): void => {
         // In case this is the first route to be registered the `routes` metadata is likely to be undefined at this point.
         // To prevent any further validation simply set it to an empty array here.
         // @ts-ignore
@@ -20,17 +19,19 @@ const get = (path) => {
             // @ts-ignore
             Reflect.defineMetadata('routes', [], target.constructor);
         }
+
         // Get the routes stored so far, extend it by the new route and re-set the metadata.
         // @ts-ignore
-        const routes = Reflect.getMetadata('routes', target.constructor);
+        const routes = Reflect.getMetadata('routes', target.constructor) as Array<RouteDefinition>;
+
         routes.push({
-            id: "",
+            id:"",
             requestMethod: 'get',
             path,
             methodName: propertyKey
         });
+
         // @ts-ignore
         Reflect.defineMetadata('routes', routes, target.constructor);
     };
-};
-exports.get = get;
+};

package/decorator/index.ts

@@ -0,0 +1,5 @@
+export {controller} from "./controller"
+export {get} from "./get"
+export {post} from "./post"
+export {put} from "./put"
+export {del} from "./delete"

package/decorator/{post.js → post.ts}

@@ -1,6 +1,3 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.post = void 0;
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
@@ -8,11 +5,13 @@ exports.post = void 0;
  * Github:https://github.com/cihan53/
  */
 // @ts-ignore
-require("reflect-metadata");
-const post = (path) => {
+import  "reflect-metadata";
+import {RouteDefinition} from '../model/RouteDefinition';
+
+export const post = (path: string): MethodDecorator => {
     // `target` equals our class, `propertyKey` equals our decorated method name
     // @ts-ignore
-    return (target, propertyKey) => {
+    return (target, propertyKey: string): void => {
         // In case this is the first route to be registered the `routes` metadata is likely to be undefined at this point.
         // To prevent any further validation simply set it to an empty array here.
         // @ts-ignore
@@ -20,11 +19,13 @@ const post = (path) => {
             // @ts-ignore
             Reflect.defineMetadata('routes', [], target.constructor);
         }
+
         // Get the routes stored so far, extend it by the new route and re-set the metadata.
         // @ts-ignore
-        const routes = Reflect.getMetadata('routes', target.constructor);
+        const routes = Reflect.getMetadata('routes', target.constructor) as Array<RouteDefinition>;
+
         routes.push({
-            id: "",
+            id:"",
             requestMethod: 'post',
             path,
             methodName: propertyKey
@@ -32,5 +33,4 @@ const post = (path) => {
         // @ts-ignore
         Reflect.defineMetadata('routes', routes, target.constructor);
     };
-};
-exports.post = post;
+};

package/decorator/{put.js → put.ts}

@@ -1,6 +1,3 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.put = void 0;
 /*
  * Copyright (c) 2021. Chy Bilgisayar Bilisim
  * Author: Cihan Ozturk
@@ -8,11 +5,13 @@ exports.put = void 0;
  * Github:https://github.com/cihan53/
  */
 // @ts-ignore
-require("reflect-metadata");
-const put = (path) => {
+import  "reflect-metadata";
+import {RouteDefinition} from '../model/RouteDefinition';
+
+export const put = (path: string): MethodDecorator => {
     // `target` equals our class, `propertyKey` equals our decorated method name
     // @ts-ignore
-    return (target, propertyKey) => {
+    return (target, propertyKey: string): void => {
         // In case this is the first route to be registered the `routes` metadata is likely to be undefined at this point.
         // To prevent any further validation simply set it to an empty array here.
         // @ts-ignore
@@ -20,11 +19,13 @@ const put = (path) => {
             // @ts-ignore
             Reflect.defineMetadata('routes', [], target.constructor);
         }
+
         // Get the routes stored so far, extend it by the new route and re-set the metadata.
         // @ts-ignore
-        const routes = Reflect.getMetadata('routes', target.constructor);
+        const routes = Reflect.getMetadata('routes', target.constructor) as Array<RouteDefinition>;
+
         routes.push({
-            id: "",
+            id:"",
             requestMethod: 'put',
             path,
             methodName: propertyKey
@@ -33,4 +34,3 @@ const put = (path) => {
         Reflect.defineMetadata('routes', routes, target.constructor);
     };
 };
-exports.put = put;

package/filters/AccessControl.ts

@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+import {Request,Response,BaseChyz} from "../index";
+import {ForbiddenHttpException} from "../base";
+import {ActionFilter} from "../base";
+import {AccessRule} from "./AccessRule";
+import {WebUser} from "../web/WebUser";
+import {Utils} from "../requiments/Utils";
+
+
+export class AccessControl extends ActionFilter {
+
+    public user: any = null;
+    public rules: any;
+    public denyCallback: any = null;
+
+    public init() {
+        super.init()
+
+        if (this.user == undefined) {
+            this.user = Utils.cloneDeep(BaseChyz.getComponent("user")) ?? new WebUser();
+        }
+
+
+        this.rules.forEach((rule: any, index: number) => {
+            if (rule === Object(rule)) {
+                this.rules[index] = Utils.createObject(new AccessRule(), rule);
+            }
+        })
+    }
+
+
+    public async beforeAction(action: any, request: Request,res:Response)  {
+        let allow;
+        // @ts-ignore
+        let user = request.user ?? this.user;
+        // @ts-ignore
+        user.identity = request.identity ?? null;
+
+        for (const rulesKey in this.rules) {
+            let rule = this.rules[rulesKey];
+            if ((allow = await rule.allows(action, user, request))) {
+                return true;
+            } else if (allow === false) {
+                if (this.denyCallback != null) {
+                    rule.denyCallback.apply(rule, action);
+                } else {
+                    this.denyAccess(user);
+                }
+                return false;
+            }
+        }
+
+
+        if (this.denyCallback != null) {
+            this.denyCallback.apply(null, action);
+        } else {
+            this.denyAccess(user);
+        }
+
+        return false;
+    }
+
+    public denyAccess(user: WebUser) {
+        if (user != undefined && user.getIsGuest()) {
+            user.loginRequired();
+        } else throw new ForbiddenHttpException(BaseChyz.t('You are not allowed to perform this action.'));
+    }
+
+}

package/filters/AccessRule.ts

@@ -0,0 +1,182 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+import {WebUser} from "../web/WebUser";
+import {Component} from "../base";
+import {InvalidConfigException} from "../base";
+import {Request} from "express";
+import {Utils} from "../requiments/Utils";
+
+
+export class AccessRule extends Component {
+
+    /**
+     * @var allow whether this is an 'allow' rule or 'deny' rule.
+     */
+    public allow: any;
+    /**
+     * @var array list of action IDs that this rule applies to. The comparison is case-sensitive.
+     * If not set or empty, it means this rule applies to all actions.
+     */
+    public actions: any;
+
+    /**
+     *  @var array list of the controller IDs that this rule applies to.
+     */
+    public controllers: any;
+
+    /**
+     * - `?`: matches a guest user (not authenticated yet)
+     * - `@`: matches an authenticated user
+     */
+
+    public roles: any;
+
+    /**
+     * @var array list of RBAC (Role-Based Access Control) permissions that this rules applies to.
+     */
+    public permissions: any;
+
+    /**
+     * @var array|Closure parameters to pass to the [[User::can()]] function for evaluating
+     * user permissions in [[$roles]].
+     *
+     * If this is an array, it will be passed directly to [[User::can()]]. For example for passing an
+     * ID from the current request, you may use the following:
+     *
+     * ```php
+     * ['postId' => Yii::$app->request->get('id')]
+     * ```
+     *
+     * You may also specify a closure that returns an array. This can be used to
+     * evaluate the array values only if they are needed, for example when a model needs to be
+     * loaded like in the following code:
+     *
+     * ```php
+     * 'rules' => [
+     *     [
+     *         'allow' => true,
+     *         'actions' => ['update'],
+     *         'roles' => ['updatePost'],
+     *         'roleParams' => function($rule) {
+     *             return ['post' => Post::findOne(Yii::$app->request->get('id'))];
+     *         },
+     *     ],
+     * ],
+     * ```
+     *
+     * A reference to the [[AccessRule]] instance will be passed to the closure as the first parameter.
+     *
+     * @see roles
+     * @since 2.0.12
+     */
+    public roleParams: any = [];
+
+
+    /**
+     * @var array list of user IP addresses that this rule applies to. An IP address
+     * can contain the wildcard `*` at the end so that it matches IP addresses with the same prefix.
+     * For example, '192.168.*' matches all IP addresses in the segment '192.168.'.
+     * It may also contain a pattern/mask like '172.16.0.0/12' which would match all IPs from the
+     * 20-bit private network block in RFC1918.
+     * If not set or empty, it means this rule applies to all IP addresses.
+     */
+    public ips: any;
+
+
+    public async allows(action: any, user: WebUser, request: Request) {
+        if (
+            this.matchAction(action)
+            && await this.matchRole(user)
+        ) {
+            return this.allow
+        }
+        //     if (this.matchAction($action)
+        //         && this.matchRole($user)
+        // && this.matchIP($request->getUserIP())
+        // && this.matchVerb($request->getMethod())
+        // && this.matchController($action->controller)
+        // && this.matchCustom($action)
+        // ) {
+        //     return $this->allow ? true : false;
+        // }
+
+        return null;
+    }
+
+    /**
+     * @param action $action the action
+     * @return bool whether the rule applies to the action
+     */
+    protected matchAction(action: any) {
+        return Utils.isEmpty(this.actions) || this.actions.includes(action.id);
+    }
+
+    /**
+     * @param controller $controller the controller
+     * @return bool whether the rule applies to the controller
+     */
+    protected matchController(controller: any) {
+        //     if (empty($this->controllers)) {
+        //         return true;
+        //     }
+        //
+        //     $id = $controller->getUniqueId();
+        //     foreach ($this->controllers as $pattern) {
+        //     if (StringHelper::matchWildcard($pattern, $id)) {
+        //         return true;
+        //     }
+        // }
+
+        return false;
+    }
+
+    protected async matchRole(user: WebUser) {
+        let items = Utils.isEmpty(this.roles) ? [] : this.roles;
+
+        if (!Utils.isEmpty(this.permissions)) {
+            items = Utils.merge(items, this.permissions);
+        }
+
+        if (Utils.isEmpty(items)) {
+            return true;
+        }
+
+
+        if (!user) {
+            throw new InvalidConfigException('The user application component must be available to specify roles in AccessRule.');
+        }
+
+        // @ts-ignore
+        let roleParams: any = [];
+        for (const itemsKey in items) {
+            let item = items[itemsKey];
+            if (item === '?') {
+                if (user.getIsGuest()) {
+                    return true;
+                }
+            } else if (item === '@') {
+                if (!user.getIsGuest()) {
+                    return true;
+                }
+            } else {
+                //role-params
+                if (!Utils.isEmpty(this.roleParams)) {
+                    roleParams = !Utils.isArray(this.roleParams) ? this.roleParams.apply(this) : this.roleParams;
+                }
+
+                if (await user.can(item, this.roleParams)) {
+                    return true;
+                }
+            }
+        }
+
+
+        return false;
+    }
+
+
+}

package/filters/auth/{AuthInterface.d.ts → AuthInterface.ts}

@@ -1,5 +1,12 @@
-import { Request, Response } from "express";
-export interface AuthInterface {
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+import {Request, Response} from "express";
+
+export interface AuthInterface{
     /**
      * Authenticates the current user.
      * @param User $user
@@ -8,19 +15,20 @@ export interface AuthInterface {
      * @return IdentityInterface the authenticated user identity. If authentication information is not provided, null will be returned.
      * @throws UnauthorizedHttpException if authentication information is provided but is invalid.
      */
-    authenticate(user: any, request: Request, response: Response): any;
+     authenticate(user:any, request:Request, response:Response):any;
+
     /**
      * Generates challenges upon authentication failure.
      * For example, some appropriate HTTP headers may be generated.
      * @param Response $response
      */
-    challenge(response: Response): Response;
+     challenge(response:Response):Response;
+
     /**
      * Handles authentication failure.
      * The implementation should normally throw UnauthorizedHttpException to indicate authentication failure.
      * @param Response $response
      * @throws UnauthorizedHttpException
      */
-    handleFailure(response: Response): Response;
-}
-//# sourceMappingURL=AuthInterface.d.ts.map
+     handleFailure(response:Response):Response;
+}

package/filters/auth/AuthMethod.ts

@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+
+import {ActionFilter} from "../../base";
+import {AuthInterface} from "./AuthInterface";
+import {UnauthorizedHttpException} from "../../base";
+import {WebUser} from "../../web/WebUser";
+import {Request, Response} from "express";
+
+export abstract class AuthMethod extends ActionFilter implements AuthInterface {
+
+    /**
+     * @var user the user object representing the user authentication status. If not set, the `user` application component will be used.
+     */
+    public user: WebUser | undefined;
+
+    /**
+     * @var Request the current request. If not set, the `request` application component will be used.
+     */
+    public request: Request | undefined;
+
+    /**
+     * @var Response the response to be sent. If not set, the `response` application component will be used.
+     */
+    public response: Response | undefined;
+
+
+    public optional = [];
+
+    /**
+     *
+     * @param action
+     * @param request
+     * @param response
+     */
+    public async beforeAction(action: any, request: Request, response: Response) {
+        let identity =await this.authenticate(
+            this.user ?? new WebUser(),
+            request,
+            response
+        )
+
+        // @ts-ignore
+        request.identity = identity;
+
+        if (identity !== null) {
+            return true;
+        }
+
+        this.challenge(response);
+        this.handleFailure(response);
+        return false;
+    }
+
+    /**
+     *
+     * @param user
+     * @param request
+     * @param response
+     */
+    authenticate(user: WebUser, request: Request, response: Response) {
+
+    }
+
+    // @ts-ignore
+    challenge(response: Response): Response {
+
+    }
+
+    // @ts-ignore
+    handleFailure(response: Response): Response {
+        throw new UnauthorizedHttpException('Your request was made with invalid credentials.');
+    }
+
+    getHeaderByKey(headers: any, findKey: any) {
+        let key = Object.keys(headers).find(key => key.toLowerCase() === findKey.toLowerCase())
+        if (key) {
+            return headers[key];
+        }
+
+        return null
+    }
+
+    patternCheck(headerText: any, pattern: RegExp) {
+        if (pattern) {
+            let matches = headerText.match(pattern)
+            if (matches && matches.length > 0) {
+                return matches;
+            } else {
+                return null
+            }
+        }
+
+        return null
+    }
+}