dbm-graph-api 1.1.3 → 1.1.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dbm-graph-api",
-  "version": "1.1.3",
+  "version": "1.1.4",
   "main": "index.js",
   "type": "module",
   "scripts": {
@@ -13,7 +13,7 @@
   "dependencies": {
     "@aws-sdk/client-s3": "^3.741.0",
     "@aws-sdk/s3-request-presigner": "^3.741.0",
-    "dbm": "^1.1.2",
+    "dbm": "^1.1.3",
     "ws": "^8.18.0"
   },
   "optionalDependencies": {

package/src/dbm-graph-api/UrlRequest.js

@@ -8,6 +8,19 @@ export default class UrlRequest extends Dbm.core.BaseObject {
 		this._logs = [];
 		this._encodedObjects = [];
 		this._responseData = null;
+
+		this._request = null;
+		this._reply = null;
+
+		this.item.requireProperty("hasLoadedUser", false);
+		this.item.requireProperty("user", null);
+	}
+
+	setup(aRequest, aReply) {
+		this._request = aRequest;
+		this._reply = aReply;
+
+		return null;
 	}
 	
 	async requestUrl(aUrl) {
@@ -98,6 +111,8 @@ export default class UrlRequest extends Dbm.core.BaseObject {
 		let encodeSession = new DbmGraphApi.range.EncodeSession();
 		encodeSession.outputController = this;
 
+		//METODO: check visibility
+
 		await encodeSession.encodeSingleWithTypes(aId, aEncodes);
 
 		encodeSession.destroy();
@@ -132,6 +147,37 @@ export default class UrlRequest extends Dbm.core.BaseObject {
 
 		this._responseData = returnData;
 	}
+
+	async incomingWebhook(aWebhookType, aData) {
+		let encodeSession = new DbmGraphApi.range.EncodeSession();
+		encodeSession.outputController = this;
+
+		let returnObject = {};
+
+		let type = aWebhookType;
+		let data = aData;
+
+		let database = Dbm.getInstance().repository.getItem("graphDatabase").controller;
+				
+		let webhookType = await database.getTypeObject("type/webhookType", type);
+
+		let incomingWebhook = await database.createObject("private", ["incomingWebhook"]);
+		await incomingWebhook.updateField("data", data);
+		await incomingWebhook.addIncomingRelation(webhookType, "for");
+		
+		let actionType = await database.getTypeObject("type/actionType", "incomingWebhook/" + type);
+		let actionStatus = await database.getTypeObject("status/actionStatus", "readyToProcess");
+		
+		let action = await database.createObject("private", ["action"]);
+		await action.addIncomingRelation(actionType, "for");
+		await action.addIncomingRelation(incomingWebhook, "from");
+		await action.addIncomingRelation(actionStatus, "for");
+
+		returnObject["id"] = incomingWebhook.id;
+		returnObject["action"] = action.id;
+
+		this._responseData = returnObject;
+	}
 	
     outputEncodedData(aId, aData, aEncoding) {
         //console.log("UrlRequest::outputEncodedData");
@@ -143,4 +189,50 @@ export default class UrlRequest extends Dbm.core.BaseObject {
 	getResponse() {
 		return {"objects": this._encodedObjects, "data": this._responseData, "logs": this._logs};
 	}
+
+	async _loadUser() {
+		
+		if(this._request.headers.cookie) {
+			let cookies = this._request.headers.cookie.split(";");
+			let currentArray = cookies;
+			let currentArrayLength = currentArray.length;
+			for(let i = 0; i < currentArrayLength; i++) {
+				let [key, value] = currentArray[i].split("=");
+				if(key === "dbm_session" || key === " dbm_session") {
+					let userId = 1*value.split(":")[1];
+					let user = Dbm.getInstance().repository.getItem("graphDatabase").controller.getUser(userId);
+	
+					let isValidSession = await user.verifySession(value);
+
+					if(isValidSession) {
+						let database = Dbm.getInstance().repository.getItem("graphDatabase").controller;
+						
+						let user = database.getUser(userId);
+						this.item.setValue("user", user);
+					}
+					break;
+				}
+			}
+		}
+
+		this.item.setValue("hasLoadedUser", true);
+	}
+
+	async getUser() {
+		if(!this.item.hasLoadedUser) {
+			await this._loadUser();
+		}
+
+		return this.item.user;
+	}
+
+	async requireRole(aRole) {
+		let user = await this.getUser();
+
+		if(!user) {
+			throw("Only signed in users can use this endpoint");
+		}
+
+		return true;
+	}
 }

package/src/dbm-graph-api/WebSocketConnection.js

@@ -6,6 +6,8 @@ export default class WebSocketConnection extends Dbm.core.BaseObject {
         super._construct();
         this._webSocket = null;
 
+        this.item.requireProperty("user", null);
+
         this._callback_errorBound = this._callback_error.bind(this);
         this._callback_messageBound = this._callback_message.bind(this);
 		this._callback_closeBound = this._callback_close.bind(this);
@@ -181,28 +183,39 @@ export default class WebSocketConnection extends Dbm.core.BaseObject {
                 break;
             case "admin/createObject":
                 {
-                    let types = data['types'];
-                    let database = Dbm.getInstance().repository.getItem("graphDatabase").controller;
-                    let visibility = data['visibility'] ? data['visibility'] : 'draft';
-
-                    let draftVisibility = await database.getVisibilityType(visibility);
-
-		            let newObject = await database.createObject(draftVisibility, types);
+                    //METODO: require role
+                    let returnId = 0;
+                    let user = await this.getUser();
+                    if(user) {
+                        let types = data['types'];
+                        let database = Dbm.getInstance().repository.getItem("graphDatabase").controller;
+                        let visibility = data['visibility'] ? data['visibility'] : 'draft';
+    
+                        let draftVisibility = await database.getVisibilityType(visibility);
+    
+                        let newObject = await database.createObject(draftVisibility, types);
+    
+                        if(data.changes) {
+                            await this._applyChanges(newObject, data.changes, request);
+                        }
+                        
+                        if(data.encode) {
+    
+                            let encodeSession = new DbmGraphApi.range.EncodeSession();
+                            encodeSession.outputController = this;
+    
+                            await encodeSession.encodeSingleWithTypes(newObject.id, data.encode);
+    
+                            encodeSession.destroy();
+                        }
 
-                    if(data.changes) {
-                        await this._applyChanges(newObject, data.changes, request);
+                        returnId = newObject.id;
                     }
-                    
-                    if(data.encode) {
-
-                        let encodeSession = new DbmGraphApi.range.EncodeSession();
-                        encodeSession.outputController = this;
-
-                        await encodeSession.encodeSingleWithTypes(newObject.id, data.encode);
-
-                        encodeSession.destroy();
+                    else {
+                        //METODO: add logs
                     }
                     
+                    
                     this._webSocket.send(JSON.stringify({"type": "item/response", "id": newObject.id, "requestId": data["requestId"]}));
                 }
                 break;
@@ -212,20 +225,27 @@ export default class WebSocketConnection extends Dbm.core.BaseObject {
 
                     let theObject = database.getObject(data.id);
 
-                    if(data.changes) {
-                        await this._applyChanges(theObject, data.changes, request);
+                    let user = await this.getUser();
+                    if(user) {
+                        if(data.changes) {
+                            await this._applyChanges(theObject, data.changes, request);
+                        }
+                        
+                        if(data.encode) {
+    
+                            let encodeSession = new DbmGraphApi.range.EncodeSession();
+                            encodeSession.outputController = this;
+    
+                            await encodeSession.encodeSingleWithTypes(theObject.id, data.encode);
+    
+                            encodeSession.destroy();
+                        }
                     }
-                    
-                    if(data.encode) {
-
-                        let encodeSession = new DbmGraphApi.range.EncodeSession();
-                        encodeSession.outputController = this;
-
-                        await encodeSession.encodeSingleWithTypes(theObject.id, data.encode);
-
-                        encodeSession.destroy();
+                    else {
+                        //METODO: add log
                     }
                     
+                    
                     this._webSocket.send(JSON.stringify({"type": "item/response", "id": theObject.id, "requestId": data["requestId"]}));
                 }
                 break;
@@ -240,7 +260,9 @@ export default class WebSocketConnection extends Dbm.core.BaseObject {
                     let userId = 0;
                     if(isVerified) {
                         //METODO: set user for connection
+                        
                         userId = user.id;
+                        this.item.setValue("user", user);
                     }
 
                     this._webSocket.send(JSON.stringify({"type": "currentUser/response", "id": userId, "requestId": data["requestId"]}));
@@ -298,8 +320,25 @@ export default class WebSocketConnection extends Dbm.core.BaseObject {
 
     setInitialUser(aId) {
 
-        //METODO: set the user for connection
+        let database = Dbm.getInstance().repository.getItem("graphDatabase").controller;
+
+        let user = database.getUser(aId);
+        this.item.setValue("user", user);
 
         this._webSocket.send(JSON.stringify({"type": "connectionReady", "user": aId}));
     }
+
+    async getUser() {
+        return this.item.user;
+    }
+
+    async requireRole(aRole) {
+		let user = await this.getUser();
+
+		if(!user) {
+			throw("Only signed in users can use this endpoint");
+		}
+
+		return true;
+	}
 }

package/src/dbm-graph-api/admin/edit/ClearCloudflareCache.js

@@ -0,0 +1,41 @@
+import Dbm from "dbm";
+import EditBaseObject from "./EditBaseObject.js";
+
+export default class ClearCloudflareCache extends EditBaseObject {
+    _construct() {
+        super._construct();
+    }
+
+    async performChange(aObject, aData, aRequest) {
+
+        let cloudflare = Dbm.getInstance().repository.getItem("cloudflare");
+        let url = await aObject.getUrl();
+
+        if(cloudflare.domain && cloudflare.zone) {
+            let fullUrl = cloudflare.domain + url;
+    
+            let requestUrl = "https://api.cloudflare.com/client/v4/zones/" + cloudflare.zone + "/purge_cache";
+    
+            let body = {
+              "files": [fullUrl]
+            }
+    
+            let headers = {
+                "Content-Type": "application/json",
+                'Authorization': 'Bearer ' + cloudflare.cacheToken
+            }
+            
+            let response = await fetch(requestUrl, {
+                method: "DELETE",
+                headers: headers,
+                body: JSON.stringify(body),
+            });
+    
+            let data = await response.json();
+        }
+        else {
+            //METODO: report error log
+        }
+        
+    }
+}

package/src/dbm-graph-api/admin/edit/index.js

@@ -6,6 +6,7 @@ export {default as SetIdentifier} from "./SetIdentifier.js";
 export {default as SetUrl} from "./SetUrl.js";
 export {default as AddIncomingRelation} from "./AddIncomingRelation.js";
 export {default as AddOutgoingRelation} from "./AddOutgoingRelation.js";
+export {default as ClearCloudflareCache} from "./ClearCloudflareCache.js";
 
 export const fullSetup = function() {
     let prefix = "graphApi/admin/edit/";
@@ -38,4 +39,10 @@ export const fullSetup = function() {
         let currentSelect = new DbmGraphApi.admin.edit.AddOutgoingRelation();
         currentSelect.item.register(prefix + name);
     }
+
+    {
+        let name = "clearCache";
+        let currentSelect = new DbmGraphApi.admin.edit.ClearCloudflareCache();
+        currentSelect.item.register(prefix + name);
+    }
 }

package/src/dbm-graph-api/data/AltText.js

@@ -6,6 +6,9 @@ export default class SeoSummary extends Dbm.core.BaseObject {
     }
 
     async getData(aData, aEncodeSession) {
+
+      await aEncodeSession.outputController.requireRole("admin");
+
         let returnObject = {};
 
         let imageId = aData["id"];

package/src/dbm-graph-api/data/FreeUrl.js

@@ -6,6 +6,9 @@ export default class Example extends Dbm.core.BaseObject {
     }
 
     async getData(aData, aEncodeSession) {
+
+        await aEncodeSession.outputController.requireRole("admin");
+
         let returnObject = {};
 
         let requestedUrl = aData["url"];

package/src/dbm-graph-api/data/SeoSummary.js

@@ -6,6 +6,9 @@ export default class SeoSummary extends Dbm.core.BaseObject {
     }
 
     async getData(aData, aEncodeSession) {
+
+        await aEncodeSession.outputController.requireRole("admin");
+
         let returnObject = {};
 
         let content = aData["value"];

package/src/dbm-graph-api/data/UploadS3.js

@@ -18,6 +18,9 @@ export default class UploadS3 extends Dbm.core.BaseObject {
     }
 
     async getData(aData, aEncodeSession) {
+
+        await aEncodeSession.outputController.requireRole("admin");
+
         let returnObject = {};
 
         let originalFileName = aData["fileName"];

package/src/dbm-graph-api/index.js

@@ -262,6 +262,7 @@ let setupEndpoints = function(aServer) {
 		console.log(url);
         //METODO: check visibility in database
 		let request = new UrlRequest();
+        request.setup(aRequest, aReply);
 
 		await request.requestUrl(url);
 		
@@ -284,6 +285,7 @@ let setupEndpoints = function(aServer) {
         }
 
         let request = new UrlRequest();
+        request.setup(aRequest, aReply);
 
         await request.requestRange(selects, encodes, params);
 
@@ -296,6 +298,7 @@ let setupEndpoints = function(aServer) {
         let encodes = aRequest.params.encodes.split(",");
 
         let request = new UrlRequest();
+        request.setup(aRequest, aReply);
 
         await request.requestItem(itemId, encodes);
 
@@ -305,6 +308,7 @@ let setupEndpoints = function(aServer) {
     aServer.get('/api/data/*', async function handler (aRequest, aReply) {
         let params = {...aRequest.query};
         let request = new UrlRequest();
+        request.setup(aRequest, aReply);
 
         let currentUrl = url.parse(aRequest.url);
         let functionName = currentUrl.pathname.substring("/api/data/".length);
@@ -318,6 +322,7 @@ let setupEndpoints = function(aServer) {
         
         let params = {...aRequest.query};
         let request = new UrlRequest();
+        request.setup(aRequest, aReply);
 
         let currentUrl = url.parse(aRequest.url);
         let functionName = currentUrl.pathname.substring("/api/action/".length);
@@ -330,6 +335,7 @@ let setupEndpoints = function(aServer) {
     aServer.post('/api/action/*', async function handler (aRequest, aReply) {
         let params = {...aRequest.body};
         let request = new UrlRequest();
+        request.setup(aRequest, aReply);
 
         let currentUrl = url.parse(aRequest.url);
         let functionName = currentUrl.pathname.substring("/api/action/".length);
@@ -341,6 +347,33 @@ let setupEndpoints = function(aServer) {
 
     //METODO: setup raw data posts
 
+    aServer.get('/api/webhook/*', async function handler (aRequest, aReply) {
+        
+        let params = {...aRequest.query};
+        let request = new UrlRequest();
+        request.setup(aRequest, aReply);
+
+        let currentUrl = url.parse(aRequest.url);
+        let webhookType = currentUrl.pathname.substring("/api/incomingWebhook/".length);
+
+        await request.incomingWebhook(webhookType, params);
+
+        return request.getResponse();
+    });
+
+    aServer.post('/api/webhook/*', async function handler (aRequest, aReply) {
+        let params = {...aRequest.body};
+        let request = new UrlRequest();
+        request.setup(aRequest, aReply);
+
+        let currentUrl = url.parse(aRequest.url);
+        let webhookType = currentUrl.pathname.substring("/api/incomingWebhook/".length);
+
+        await request.incomingWebhook(webhookType, params);
+
+        return request.getResponse();
+    });
+
     //METODO: setup edit
 
     aServer.get('/api/', async function handler (aRequest, aResponse) {

package/src/dbm-graph-api/range/select/IncludePrivate.js

@@ -9,6 +9,9 @@ export default class IncludePrivate extends SelectBaseObject {
 
     async select(aQuery, aData, aRequest) {
         //METODO: check that we are allowed
+
+        await aRequest.connection.requireRole("admin");
+
         aQuery.includePrivate();
     }
 

package/src/dbm-graph-api/admin/edit/PurgeCache.js

@@ -1,13 +0,0 @@
-import Dbm from "dbm";
-import EditBaseObject from "./EditBaseObject.js";
-
-export default class PurgeCache extends EditBaseObject {
-    _construct() {
-        super._construct();
-    }
-
-    async performChange(aObject, aData, aRequest) {
-        let url = await aObject.getUrl();
-        console.log(url);
-    }
-}