drapcode-utility 1.5.5 → 1.5.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/encryption/KMS.js +1 -1
- package/build/encryption/crypt.js +3 -3
- package/build/encryption/file.js +4 -4
- package/build/encryption/index.js +26 -22
- package/build/encryption/model.d.ts +2 -2
- package/build/encryption/utility.js +11 -7
- package/build/format-fields/index.d.ts +2 -0
- package/build/format-fields/index.js +72 -3
- package/build/index.js +5 -1
- package/build/middlewares/error-logger.js +6 -6
- package/build/middlewares/interceptor-logger-new.js +6 -6
- package/build/middlewares/interceptor-logger.js +3 -3
- package/build/middlewares/redis/request-log.js +4 -4
- package/build/utils/check-error.js +12 -8
- package/build/utils/date-util.js +3 -3
- package/build/utils/prepare-query.js +9 -9
- package/build/utils/query-parser.js +54 -50
- package/build/utils/query-paser-new.js +48 -44
- package/build/utils/s3-util.d.ts +2 -0
- package/build/utils/s3-util.js +138 -26
- package/build/utils/token.js +3 -3
- package/build/utils/util.d.ts +1 -1
- package/build/utils/util.js +44 -40
- package/build/utils/uuid-generator.js +2 -2
- package/package.json +10 -4
package/build/encryption/KMS.js
CHANGED
|
@@ -14,7 +14,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
14
14
|
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
15
|
function step(op) {
|
|
16
16
|
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
17
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
18
18
|
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
19
|
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
20
|
switch (op[0]) {
|
|
@@ -14,7 +14,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
14
14
|
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
15
|
function step(op) {
|
|
16
16
|
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
17
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
18
18
|
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
19
|
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
20
|
switch (op[0]) {
|
|
@@ -49,7 +49,7 @@ var encryptData = function (data, key) { return __awaiter(void 0, void 0, void 0
|
|
|
49
49
|
iv = Buffer.from("i4mboZDwaNEC38YCzi77lw==", "base64");
|
|
50
50
|
keyBuffer = Buffer.from(key, "base64");
|
|
51
51
|
cipher = crypto_1.default.createCipheriv(defaultAlgorithm, keyBuffer, iv);
|
|
52
|
-
encryptedDataBuffer = cipher.update(""
|
|
52
|
+
encryptedDataBuffer = cipher.update("".concat(data));
|
|
53
53
|
encryptedDataBuffer = Buffer.concat([encryptedDataBuffer, cipher.final()]);
|
|
54
54
|
result = encryptedDataBuffer.toString("base64");
|
|
55
55
|
return [2 /*return*/, handleExtraString(result, true)];
|
|
@@ -88,7 +88,7 @@ var handleExtraString = function (key, append) {
|
|
|
88
88
|
if (append) {
|
|
89
89
|
var start = crypto_1.default.randomBytes(2).toString("hex");
|
|
90
90
|
var end = crypto_1.default.randomBytes(2).toString("hex");
|
|
91
|
-
key = ""
|
|
91
|
+
key = "".concat(start).concat(key).concat(end);
|
|
92
92
|
return key;
|
|
93
93
|
}
|
|
94
94
|
else {
|
package/build/encryption/file.js
CHANGED
|
@@ -14,7 +14,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
14
14
|
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
15
|
function step(op) {
|
|
16
16
|
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
17
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
18
18
|
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
19
|
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
20
|
switch (op[0]) {
|
|
@@ -58,11 +58,11 @@ var processFileEncryptionDecryption = function (data, encryption, decrypt) { ret
|
|
|
58
58
|
return [3 /*break*/, 6];
|
|
59
59
|
case 1:
|
|
60
60
|
if (!decrypt) return [3 /*break*/, 3];
|
|
61
|
-
return [4 /*yield*/, exports.decryptFile(data, dataKey)];
|
|
61
|
+
return [4 /*yield*/, (0, exports.decryptFile)(data, dataKey)];
|
|
62
62
|
case 2:
|
|
63
63
|
_b = _c.sent();
|
|
64
64
|
return [3 /*break*/, 5];
|
|
65
|
-
case 3: return [4 /*yield*/, exports.encryptFile(data, dataKey)];
|
|
65
|
+
case 3: return [4 /*yield*/, (0, exports.encryptFile)(data, dataKey)];
|
|
66
66
|
case 4:
|
|
67
67
|
_b = _c.sent();
|
|
68
68
|
_c.label = 5;
|
|
@@ -117,7 +117,7 @@ var decryptFile = function (encryptedFilePath, key) { return __awaiter(void 0, v
|
|
|
117
117
|
decipher = crypto_1.default.createDecipheriv(defaultAlgorithm, keyBuffer, iv);
|
|
118
118
|
decryptedBuffer = decipher.update(encryptedData);
|
|
119
119
|
decryptedBuffer = Buffer.concat([decryptedBuffer, decipher.final()]);
|
|
120
|
-
decryptedFilePath = encryptedFilePath.slice(0, -4)
|
|
120
|
+
decryptedFilePath = "".concat(encryptedFilePath.slice(0, -4), ".dec");
|
|
121
121
|
return [4 /*yield*/, fs_1.default.promises.writeFile(decryptedFilePath, decryptedBuffer)];
|
|
122
122
|
case 2:
|
|
123
123
|
_a.sent();
|
|
@@ -14,7 +14,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
14
14
|
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
15
|
function step(op) {
|
|
16
16
|
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
17
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
18
18
|
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
19
|
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
20
|
switch (op[0]) {
|
|
@@ -35,10 +35,14 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
35
35
|
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
|
-
var __spreadArray = (this && this.__spreadArray) || function (to, from) {
|
|
39
|
-
for (var i = 0,
|
|
40
|
-
|
|
41
|
-
|
|
38
|
+
var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
|
|
39
|
+
if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
|
|
40
|
+
if (ar || !(i in from)) {
|
|
41
|
+
if (!ar) ar = Array.prototype.slice.call(from, 0, i);
|
|
42
|
+
ar[i] = from[i];
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
return to.concat(ar || Array.prototype.slice.call(from));
|
|
42
46
|
};
|
|
43
47
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
44
48
|
exports.processKMSDecryption = exports.cryptFile = exports.drapcodeEncryptDecrypt = exports.decryptDataWithKMS = exports.encryptDataWithKMS = exports.createKMSDataKey = exports.processDataEncryptionDecryption = exports.processItemEncryptDecrypt = exports.crypt = void 0;
|
|
@@ -61,7 +65,7 @@ var crypt = function (data, fields, encryption, decrypt, encrypedRefCollections)
|
|
|
61
65
|
accessKeyId: accessKeyId,
|
|
62
66
|
secretAccessKey: secretAccessKey,
|
|
63
67
|
};
|
|
64
|
-
return [4 /*yield*/, exports.processKMSDecryption(config, encryption.dataKey, {})];
|
|
68
|
+
return [4 /*yield*/, (0, exports.processKMSDecryption)(config, encryption.dataKey, {})];
|
|
65
69
|
case 1:
|
|
66
70
|
plainTextData = _b.sent();
|
|
67
71
|
if (plainTextData.status === "FAILED") {
|
|
@@ -72,13 +76,13 @@ var crypt = function (data, fields, encryption, decrypt, encrypedRefCollections)
|
|
|
72
76
|
case 2:
|
|
73
77
|
if (!Array.isArray(data)) return [3 /*break*/, 4];
|
|
74
78
|
promises = data.map(function (item) {
|
|
75
|
-
return exports.processItemEncryptDecrypt(item, fields, encryption, decrypt, encrypedRefCollections);
|
|
79
|
+
return (0, exports.processItemEncryptDecrypt)(item, fields, encryption, decrypt, encrypedRefCollections);
|
|
76
80
|
});
|
|
77
81
|
return [4 /*yield*/, Promise.all(promises)];
|
|
78
82
|
case 3:
|
|
79
83
|
data = _b.sent();
|
|
80
84
|
return [3 /*break*/, 6];
|
|
81
|
-
case 4: return [4 /*yield*/, exports.processItemEncryptDecrypt(data, fields, encryption, decrypt, encrypedRefCollections)];
|
|
85
|
+
case 4: return [4 /*yield*/, (0, exports.processItemEncryptDecrypt)(data, fields, encryption, decrypt, encrypedRefCollections)];
|
|
82
86
|
case 5:
|
|
83
87
|
data = _b.sent();
|
|
84
88
|
_b.label = 6;
|
|
@@ -105,16 +109,16 @@ var processItemEncryptDecrypt = function (item, fields, encryption, decrypt, enc
|
|
|
105
109
|
if (!(field && field.encrypted)) return [3 /*break*/, 2];
|
|
106
110
|
_c = item;
|
|
107
111
|
_d = fieldName;
|
|
108
|
-
return [4 /*yield*/, exports.processDataEncryptionDecryption(item[fieldName], encryption, decrypt)];
|
|
112
|
+
return [4 /*yield*/, (0, exports.processDataEncryptionDecryption)(item[fieldName], encryption, decrypt)];
|
|
109
113
|
case 1:
|
|
110
114
|
_c[_d] = _j.sent();
|
|
111
115
|
_j.label = 2;
|
|
112
116
|
case 2:
|
|
113
117
|
if (!decrypt) return [3 /*break*/, 6];
|
|
114
|
-
if (!__spreadArray(__spreadArray([], drapcode_constant_1.onlyReferenceField), [
|
|
118
|
+
if (!__spreadArray(__spreadArray([], drapcode_constant_1.onlyReferenceField, true), [
|
|
115
119
|
drapcode_constant_1.FieldTypes.createdBy.id,
|
|
116
120
|
drapcode_constant_1.FieldTypes.belongsTo.id,
|
|
117
|
-
]).includes(field === null || field === void 0 ? void 0 : field.type)) return [3 /*break*/, 4];
|
|
121
|
+
], false).includes(field === null || field === void 0 ? void 0 : field.type)) return [3 /*break*/, 4];
|
|
118
122
|
refField = field;
|
|
119
123
|
if (!refField.refCollection &&
|
|
120
124
|
field.type === drapcode_constant_1.FieldTypes.createdBy.id) {
|
|
@@ -174,11 +178,11 @@ var processDataEncryptionDecryption = function (data, encryption, decrypt) { ret
|
|
|
174
178
|
return [3 /*break*/, 6];
|
|
175
179
|
case 1:
|
|
176
180
|
if (!decrypt) return [3 /*break*/, 3];
|
|
177
|
-
return [4 /*yield*/, crypt_1.decryptData(data, dataKey)];
|
|
181
|
+
return [4 /*yield*/, (0, crypt_1.decryptData)(data, dataKey)];
|
|
178
182
|
case 2:
|
|
179
183
|
_b = _c.sent();
|
|
180
184
|
return [3 /*break*/, 5];
|
|
181
|
-
case 3: return [4 /*yield*/, crypt_1.encryptData(data, dataKey)];
|
|
185
|
+
case 3: return [4 /*yield*/, (0, crypt_1.encryptData)(data, dataKey)];
|
|
182
186
|
case 4:
|
|
183
187
|
_b = _c.sent();
|
|
184
188
|
_c.label = 5;
|
|
@@ -199,7 +203,7 @@ var processReferenceItemDecrypt = function (data, encryption, decrypt, refField,
|
|
|
199
203
|
if (!refCollection) return [3 /*break*/, 2];
|
|
200
204
|
if (!Array.isArray(data)) return [3 /*break*/, 2];
|
|
201
205
|
promises = data.map(function (item) {
|
|
202
|
-
return exports.processItemEncryptDecrypt(item, refCollection.fields, encryption, decrypt);
|
|
206
|
+
return (0, exports.processItemEncryptDecrypt)(item, refCollection.fields, encryption, decrypt);
|
|
203
207
|
});
|
|
204
208
|
return [4 /*yield*/, Promise.all(promises)];
|
|
205
209
|
case 1:
|
|
@@ -220,7 +224,7 @@ var processDynamicFieldDecrypt = function (data, encryption, decrypt, refField,
|
|
|
220
224
|
if (!(refCollectionField && refCollectionField.encrypted)) return [3 /*break*/, 2];
|
|
221
225
|
if (!Array.isArray(data)) return [3 /*break*/, 2];
|
|
222
226
|
promises = data.map(function (item) {
|
|
223
|
-
return exports.processDataEncryptionDecryption(item, encryption, decrypt);
|
|
227
|
+
return (0, exports.processDataEncryptionDecryption)(item, encryption, decrypt);
|
|
224
228
|
});
|
|
225
229
|
return [4 /*yield*/, Promise.all(promises)];
|
|
226
230
|
case 1:
|
|
@@ -251,7 +255,7 @@ var createKMSDataKey = function (config, arn) { return __awaiter(void 0, void 0,
|
|
|
251
255
|
var dataKeyRes;
|
|
252
256
|
return __generator(this, function (_a) {
|
|
253
257
|
switch (_a.label) {
|
|
254
|
-
case 0: return [4 /*yield*/, KMS_1.processKMSGenerateDataKey(config, arn)];
|
|
258
|
+
case 0: return [4 /*yield*/, (0, KMS_1.processKMSGenerateDataKey)(config, arn)];
|
|
255
259
|
case 1:
|
|
256
260
|
dataKeyRes = _a.sent();
|
|
257
261
|
return [2 /*return*/, dataKeyRes];
|
|
@@ -272,7 +276,7 @@ var encryptDataWithKMS = function (config, arn, plainText, context) { return __a
|
|
|
272
276
|
var cryptData;
|
|
273
277
|
return __generator(this, function (_a) {
|
|
274
278
|
switch (_a.label) {
|
|
275
|
-
case 0: return [4 /*yield*/, KMS_1.processKMSEncryption(config, arn, plainText, context)];
|
|
279
|
+
case 0: return [4 /*yield*/, (0, KMS_1.processKMSEncryption)(config, arn, plainText, context)];
|
|
276
280
|
case 1:
|
|
277
281
|
cryptData = _a.sent();
|
|
278
282
|
return [2 /*return*/, cryptData];
|
|
@@ -292,7 +296,7 @@ var decryptDataWithKMS = function (config, cipherText, context) { return __await
|
|
|
292
296
|
var plainTextData;
|
|
293
297
|
return __generator(this, function (_a) {
|
|
294
298
|
switch (_a.label) {
|
|
295
|
-
case 0: return [4 /*yield*/, exports.processKMSDecryption(config, cipherText, context)];
|
|
299
|
+
case 0: return [4 /*yield*/, (0, exports.processKMSDecryption)(config, cipherText, context)];
|
|
296
300
|
case 1:
|
|
297
301
|
plainTextData = _a.sent();
|
|
298
302
|
return [2 /*return*/, plainTextData];
|
|
@@ -331,7 +335,7 @@ var drapcodeEncryptDecrypt = function (data, encrypt) { return __awaiter(void 0,
|
|
|
331
335
|
accessKeyId: accessKey,
|
|
332
336
|
secretAccessKey: secretKey,
|
|
333
337
|
};
|
|
334
|
-
return [4 /*yield*/, exports.processKMSDecryption(config, privateDataKey, {})];
|
|
338
|
+
return [4 /*yield*/, (0, exports.processKMSDecryption)(config, privateDataKey, {})];
|
|
335
339
|
case 1:
|
|
336
340
|
plainTextData = _a.sent();
|
|
337
341
|
if (plainTextData.status === "FAILED") {
|
|
@@ -341,13 +345,13 @@ var drapcodeEncryptDecrypt = function (data, encrypt) { return __awaiter(void 0,
|
|
|
341
345
|
response = null;
|
|
342
346
|
if (!encrypt) return [3 /*break*/, 3];
|
|
343
347
|
console.log("Encrypting");
|
|
344
|
-
return [4 /*yield*/, crypt_1.encryptData(data, publicKey)];
|
|
348
|
+
return [4 /*yield*/, (0, crypt_1.encryptData)(data, publicKey)];
|
|
345
349
|
case 2:
|
|
346
350
|
response = _a.sent();
|
|
347
351
|
return [3 /*break*/, 5];
|
|
348
352
|
case 3:
|
|
349
353
|
console.log("Decrypting");
|
|
350
|
-
return [4 /*yield*/, crypt_1.decryptData(data, publicKey)];
|
|
354
|
+
return [4 /*yield*/, (0, crypt_1.decryptData)(data, publicKey)];
|
|
351
355
|
case 4:
|
|
352
356
|
response = _a.sent();
|
|
353
357
|
_a.label = 5;
|
|
@@ -360,7 +364,7 @@ var cryptFile = function (filePath, encryption, decrypt) { return __awaiter(void
|
|
|
360
364
|
var data;
|
|
361
365
|
return __generator(this, function (_a) {
|
|
362
366
|
switch (_a.label) {
|
|
363
|
-
case 0: return [4 /*yield*/, file_1.processFileEncryptionDecryption(filePath, encryption, decrypt)];
|
|
367
|
+
case 0: return [4 /*yield*/, (0, file_1.processFileEncryptionDecryption)(filePath, encryption, decrypt)];
|
|
364
368
|
case 1:
|
|
365
369
|
data = _a.sent();
|
|
366
370
|
return [2 /*return*/, data];
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
export
|
|
1
|
+
export type AwsConfig = {
|
|
2
2
|
accessKeyId: string;
|
|
3
3
|
secretAccessKey: string;
|
|
4
4
|
region: string;
|
|
5
5
|
};
|
|
6
|
-
export
|
|
6
|
+
export type Encryption = {
|
|
7
7
|
encryptionType: string;
|
|
8
8
|
algorithm: string;
|
|
9
9
|
dataKey: string;
|
|
@@ -1,8 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __spreadArray = (this && this.__spreadArray) || function (to, from) {
|
|
3
|
-
for (var i = 0,
|
|
4
|
-
|
|
5
|
-
|
|
2
|
+
var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
|
|
3
|
+
if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
|
|
4
|
+
if (ar || !(i in from)) {
|
|
5
|
+
if (!ar) ar = Array.prototype.slice.call(from, 0, i);
|
|
6
|
+
ar[i] = from[i];
|
|
7
|
+
}
|
|
8
|
+
}
|
|
9
|
+
return to.concat(ar || Array.prototype.slice.call(from));
|
|
6
10
|
};
|
|
7
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
8
12
|
exports.getEncryptedReferenceFieldsQuery = void 0;
|
|
@@ -10,11 +14,11 @@ var drapcode_constant_1 = require("drapcode-constant");
|
|
|
10
14
|
var getEncryptedReferenceFieldsQuery = function (collectionFields, projectId) {
|
|
11
15
|
var collectionsNamesArr = [];
|
|
12
16
|
collectionFields.map(function (field) {
|
|
13
|
-
if (__spreadArray(__spreadArray([], drapcode_constant_1.onlyReferenceField), [
|
|
17
|
+
if (__spreadArray(__spreadArray([], drapcode_constant_1.onlyReferenceField, true), [
|
|
14
18
|
drapcode_constant_1.FieldTypes.dynamic_option.id,
|
|
15
19
|
drapcode_constant_1.FieldTypes.createdBy.id,
|
|
16
20
|
drapcode_constant_1.FieldTypes.belongsTo.id,
|
|
17
|
-
]).includes(field.type)) {
|
|
21
|
+
], false).includes(field.type)) {
|
|
18
22
|
if (!field.refCollection && field.type === drapcode_constant_1.FieldTypes.createdBy.id) {
|
|
19
23
|
collectionsNamesArr.push("user");
|
|
20
24
|
}
|
|
@@ -28,7 +32,7 @@ var getEncryptedReferenceFieldsQuery = function (collectionFields, projectId) {
|
|
|
28
32
|
{
|
|
29
33
|
$match: {
|
|
30
34
|
projectId: projectId,
|
|
31
|
-
collectionName: { $in: __spreadArray([], collectionsNamesArr) },
|
|
35
|
+
collectionName: { $in: __spreadArray([], collectionsNamesArr, true) },
|
|
32
36
|
fields: { $elemMatch: { encrypted: true } },
|
|
33
37
|
},
|
|
34
38
|
},
|
|
@@ -1,2 +1,4 @@
|
|
|
1
1
|
export declare const formatFieldsOfItem: (item: any, fields: any) => any;
|
|
2
2
|
export declare const getFormatFieldData: (fieldData: any, fieldType: string) => any;
|
|
3
|
+
export declare const xssSanitizer: (req: any, res: any, next: any) => void;
|
|
4
|
+
export declare const cleanXssValuesFromData: (data: any, fields?: any) => any;
|
|
@@ -1,7 +1,18 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.getFormatFieldData = exports.formatFieldsOfItem = void 0;
|
|
6
|
+
exports.cleanXssValuesFromData = exports.xssSanitizer = exports.getFormatFieldData = exports.formatFieldsOfItem = void 0;
|
|
4
7
|
var drapcode_constant_1 = require("drapcode-constant");
|
|
8
|
+
var jsdom_1 = require("jsdom");
|
|
9
|
+
var dompurify_1 = __importDefault(require("dompurify"));
|
|
10
|
+
var window = new jsdom_1.JSDOM("").window;
|
|
11
|
+
var domPurify = (0, dompurify_1.default)(window);
|
|
12
|
+
domPurify.setConfig({
|
|
13
|
+
ALLOWED_TAGS: [],
|
|
14
|
+
ALLOWED_ATTR: [],
|
|
15
|
+
});
|
|
5
16
|
var formatFieldsOfItem = function (item, fields) {
|
|
6
17
|
if (!item)
|
|
7
18
|
return item;
|
|
@@ -17,10 +28,11 @@ var formatFieldsOfItem = function (item, fields) {
|
|
|
17
28
|
exports.formatFieldsOfItem = formatFieldsOfItem;
|
|
18
29
|
var formatField = function (itemData, fields) {
|
|
19
30
|
var newItemData = {};
|
|
31
|
+
itemData = (0, exports.cleanXssValuesFromData)(itemData, fields);
|
|
20
32
|
Object.keys(itemData).forEach(function (key) {
|
|
21
33
|
var field = fields.find(function (field) { return field.fieldName === key; });
|
|
22
34
|
newItemData[key] = field
|
|
23
|
-
? exports.getFormatFieldData(itemData[key], field.type)
|
|
35
|
+
? (0, exports.getFormatFieldData)(itemData[key], field.type)
|
|
24
36
|
: itemData[key];
|
|
25
37
|
});
|
|
26
38
|
return newItemData;
|
|
@@ -64,7 +76,7 @@ var getFormatFieldData = function (fieldData, fieldType) {
|
|
|
64
76
|
fieldData = fieldData.toLowerCase();
|
|
65
77
|
}
|
|
66
78
|
var trueValues = ["true", "1", 1];
|
|
67
|
-
var falseValues = ["false", "0", 0];
|
|
79
|
+
var falseValues = ["false", "0", 0, ""];
|
|
68
80
|
if (trueValues.includes(fieldData)) {
|
|
69
81
|
fieldData = true;
|
|
70
82
|
}
|
|
@@ -81,3 +93,60 @@ var getFormatFieldData = function (fieldData, fieldType) {
|
|
|
81
93
|
return fieldData;
|
|
82
94
|
};
|
|
83
95
|
exports.getFormatFieldData = getFormatFieldData;
|
|
96
|
+
// Middleware
|
|
97
|
+
var xssSanitizer = function (req, res, next) {
|
|
98
|
+
try {
|
|
99
|
+
if (req.params && Object.keys(req.params))
|
|
100
|
+
req.params = (0, exports.cleanXssValuesFromData)(req.params);
|
|
101
|
+
if (req.query && Object.keys(req.query))
|
|
102
|
+
req.query = (0, exports.cleanXssValuesFromData)(req.query);
|
|
103
|
+
if (req.headers && Object.keys(req.headers))
|
|
104
|
+
req.headers = (0, exports.cleanXssValuesFromData)(req.headers);
|
|
105
|
+
}
|
|
106
|
+
catch (error) {
|
|
107
|
+
console.log("\n error :>> ", error);
|
|
108
|
+
}
|
|
109
|
+
next();
|
|
110
|
+
};
|
|
111
|
+
exports.xssSanitizer = xssSanitizer;
|
|
112
|
+
var cleanXssValuesFromData = function (data, fields) {
|
|
113
|
+
if (fields === void 0) { fields = null; }
|
|
114
|
+
var exceptionFields = [];
|
|
115
|
+
try {
|
|
116
|
+
if (fields) {
|
|
117
|
+
fields.forEach(function (field) {
|
|
118
|
+
if (field.type === drapcode_constant_1.FieldTypes.large_text.id)
|
|
119
|
+
exceptionFields.push(field.fieldName);
|
|
120
|
+
});
|
|
121
|
+
}
|
|
122
|
+
if (Array.isArray(data)) {
|
|
123
|
+
data = data.map(function (item) { return processXssData(item, exceptionFields); });
|
|
124
|
+
}
|
|
125
|
+
else
|
|
126
|
+
data = processXssData(data, exceptionFields);
|
|
127
|
+
return data;
|
|
128
|
+
}
|
|
129
|
+
catch (error) {
|
|
130
|
+
console.log("\n error :>> ", error);
|
|
131
|
+
}
|
|
132
|
+
};
|
|
133
|
+
exports.cleanXssValuesFromData = cleanXssValuesFromData;
|
|
134
|
+
var processXssData = function (item, exceptionFields) {
|
|
135
|
+
if (exceptionFields === void 0) { exceptionFields = []; }
|
|
136
|
+
var keys = Object.keys(item);
|
|
137
|
+
if (keys.length) {
|
|
138
|
+
for (var _i = 0, keys_1 = keys; _i < keys_1.length; _i++) {
|
|
139
|
+
var fieldName = keys_1[_i];
|
|
140
|
+
if (!exceptionFields.includes(fieldName)) {
|
|
141
|
+
if (Array.isArray(item[fieldName])) {
|
|
142
|
+
item[fieldName] = item[fieldName].map(function (val) {
|
|
143
|
+
return domPurify.sanitize(val);
|
|
144
|
+
});
|
|
145
|
+
}
|
|
146
|
+
else
|
|
147
|
+
item[fieldName] = domPurify.sanitize(item[fieldName]);
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
return item;
|
|
152
|
+
};
|
package/build/index.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -32,16 +32,16 @@ var errorLogger = function (err, req, res, next) {
|
|
|
32
32
|
var originalUrl = req.originalUrl, method = req.method, body = req.body, params = req.params, query = req.query, db = req.db, projectName = req.projectName, projectId = req.projectId, ip = req.ip;
|
|
33
33
|
var PreviouseFilePath;
|
|
34
34
|
if (projectName) {
|
|
35
|
-
loggerPath = loggerPath
|
|
36
|
-
PreviouseFilePath = loggerPath
|
|
35
|
+
loggerPath = "".concat(loggerPath, "/").concat(projectName, "/").concat((0, date_util_1.createLoggerDateFormat)(), "/output");
|
|
36
|
+
PreviouseFilePath = "".concat(loggerPath, "/").concat(projectName, "/").concat((0, date_util_1.createLoggerPreviouseDateFormat)(), "/");
|
|
37
37
|
}
|
|
38
38
|
else if (projectId) {
|
|
39
|
-
loggerPath = loggerPath
|
|
40
|
-
PreviouseFilePath = loggerPath
|
|
39
|
+
loggerPath = "".concat(loggerPath, "/").concat(projectId, "/").concat((0, date_util_1.createLoggerDateFormat)(), "/output");
|
|
40
|
+
PreviouseFilePath = "".concat(loggerPath, "/").concat(projectId, "/").concat((0, date_util_1.createLoggerPreviouseDateFormat)(), "/");
|
|
41
41
|
}
|
|
42
42
|
else {
|
|
43
|
-
loggerPath = loggerPath
|
|
44
|
-
PreviouseFilePath = loggerPath
|
|
43
|
+
loggerPath = "".concat(loggerPath, "/").concat((0, date_util_1.createLoggerDateFormat)(), "/output");
|
|
44
|
+
PreviouseFilePath = "".concat(loggerPath, "/").concat((0, date_util_1.createLoggerPreviouseDateFormat)(), "/");
|
|
45
45
|
}
|
|
46
46
|
if (fs_1.default.existsSync(PreviouseFilePath)) {
|
|
47
47
|
fs_1.default.rmSync(PreviouseFilePath, { recursive: true, force: true });
|
|
@@ -27,16 +27,16 @@ var interceptLoggerNew = function (req, res, next) {
|
|
|
27
27
|
}
|
|
28
28
|
var PreviouseFilePath;
|
|
29
29
|
if (projectName) {
|
|
30
|
-
loggerPath = loggerPath
|
|
31
|
-
PreviouseFilePath = loggerPath
|
|
30
|
+
loggerPath = "".concat(loggerPath, "/").concat(projectName, "/").concat((0, date_util_1.createLoggerDateFormat)(), "/output");
|
|
31
|
+
PreviouseFilePath = "".concat(loggerPath, "/").concat(projectName, "/").concat((0, date_util_1.createLoggerPreviouseDateFormat)(), "/");
|
|
32
32
|
}
|
|
33
33
|
else if (projectId) {
|
|
34
|
-
loggerPath = loggerPath
|
|
35
|
-
PreviouseFilePath = loggerPath
|
|
34
|
+
loggerPath = "".concat(loggerPath, "/").concat(projectId, "/").concat((0, date_util_1.createLoggerDateFormat)(), "/output");
|
|
35
|
+
PreviouseFilePath = "".concat(loggerPath, "/").concat(projectId, "/").concat((0, date_util_1.createLoggerPreviouseDateFormat)(), "/");
|
|
36
36
|
}
|
|
37
37
|
else {
|
|
38
|
-
loggerPath = loggerPath
|
|
39
|
-
PreviouseFilePath = loggerPath
|
|
38
|
+
loggerPath = "".concat(loggerPath, "/").concat((0, date_util_1.createLoggerDateFormat)(), "/output");
|
|
39
|
+
PreviouseFilePath = "".concat(loggerPath, "/").concat((0, date_util_1.createLoggerPreviouseDateFormat)(), "/");
|
|
40
40
|
}
|
|
41
41
|
if (fs_1.default.existsSync(PreviouseFilePath)) {
|
|
42
42
|
fs_1.default.rmSync(PreviouseFilePath, { recursive: true, force: true });
|
|
@@ -21,13 +21,13 @@ var interceptLogger = function (req, res, next) {
|
|
|
21
21
|
reqObject["dbName"] = db.name;
|
|
22
22
|
}
|
|
23
23
|
if (projectName) {
|
|
24
|
-
loggerPath = loggerPath
|
|
24
|
+
loggerPath = "".concat(loggerPath, "/").concat(projectName, "/").concat((0, date_util_1.createLoggerDateFormat)());
|
|
25
25
|
}
|
|
26
26
|
else if (projectId) {
|
|
27
|
-
loggerPath = loggerPath
|
|
27
|
+
loggerPath = "".concat(loggerPath, "/").concat(projectId, "/").concat((0, date_util_1.createLoggerDateFormat)());
|
|
28
28
|
}
|
|
29
29
|
else {
|
|
30
|
-
loggerPath = loggerPath
|
|
30
|
+
loggerPath = "".concat(loggerPath, "/").concat((0, date_util_1.createLoggerDateFormat)());
|
|
31
31
|
}
|
|
32
32
|
var logger = new drapcode_logger_1.FileLogger(loggerPath).createLogger();
|
|
33
33
|
var oldSend = res.send;
|
|
@@ -14,7 +14,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
14
14
|
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
15
|
function step(op) {
|
|
16
16
|
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
17
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
18
18
|
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
19
|
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
20
|
switch (op[0]) {
|
|
@@ -47,7 +47,7 @@ var saveRequest = function (req, res) {
|
|
|
47
47
|
return __generator(this, function (_a) {
|
|
48
48
|
switch (_a.label) {
|
|
49
49
|
case 0:
|
|
50
|
-
req.body = util_1.isEmpty(req.body) ? req.query : req.body;
|
|
50
|
+
req.body = (0, util_1.isEmpty)(req.body) ? req.query : req.body;
|
|
51
51
|
ip = req.headers["x-forwarded-for"] ||
|
|
52
52
|
req.connection.remoteAddress ||
|
|
53
53
|
req.socket.remoteAddress ||
|
|
@@ -62,13 +62,13 @@ var saveRequest = function (req, res) {
|
|
|
62
62
|
response: JSON.stringify(res),
|
|
63
63
|
ipAddress: ip,
|
|
64
64
|
};
|
|
65
|
-
return [4 /*yield*/, drapcode_redis_1.redis_get_method("requestLog")];
|
|
65
|
+
return [4 /*yield*/, (0, drapcode_redis_1.redis_get_method)("requestLog")];
|
|
66
66
|
case 1:
|
|
67
67
|
redisData = _a.sent();
|
|
68
68
|
if (!redisData)
|
|
69
69
|
redisData = [];
|
|
70
70
|
redisData.push(respObj);
|
|
71
|
-
return [4 /*yield*/, drapcode_redis_1.redis_set_method("requestLog", redisData)];
|
|
71
|
+
return [4 /*yield*/, (0, drapcode_redis_1.redis_set_method)("requestLog", redisData)];
|
|
72
72
|
case 2:
|
|
73
73
|
_a.sent();
|
|
74
74
|
return [2 /*return*/];
|
|
@@ -14,7 +14,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
14
14
|
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
15
|
function step(op) {
|
|
16
16
|
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
17
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
18
18
|
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
19
|
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
20
|
switch (op[0]) {
|
|
@@ -35,10 +35,14 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
35
35
|
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
|
-
var __spreadArray = (this && this.__spreadArray) || function (to, from) {
|
|
39
|
-
for (var i = 0,
|
|
40
|
-
|
|
41
|
-
|
|
38
|
+
var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
|
|
39
|
+
if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
|
|
40
|
+
if (ar || !(i in from)) {
|
|
41
|
+
if (!ar) ar = Array.prototype.slice.call(from, 0, i);
|
|
42
|
+
ar[i] = from[i];
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
return to.concat(ar || Array.prototype.slice.call(from));
|
|
42
46
|
};
|
|
43
47
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
44
48
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
@@ -114,7 +118,7 @@ var handleMultErrorConfig = function (error, result, status) {
|
|
|
114
118
|
var apiErrorMessage;
|
|
115
119
|
var apiErrorValue;
|
|
116
120
|
if (result && result !== "undefined" && result !== "null") {
|
|
117
|
-
console.log("handleMultErrorConfig result :>> "
|
|
121
|
+
console.log("handleMultErrorConfig result :>> ".concat(Object.keys(result)));
|
|
118
122
|
apiErrorMessage = lodash_1.default.get(result, message);
|
|
119
123
|
if (apiErrorMessage) {
|
|
120
124
|
console.log("*** utility 3 ***");
|
|
@@ -144,7 +148,7 @@ var handleMultErrorConfig = function (error, result, status) {
|
|
|
144
148
|
apiErrorValue = status;
|
|
145
149
|
}
|
|
146
150
|
console.log("apiErrorValue", apiErrorValue);
|
|
147
|
-
apiErrorValue = ""
|
|
151
|
+
apiErrorValue = "".concat(apiErrorValue);
|
|
148
152
|
console.log("apiErrorMessage", apiErrorMessage);
|
|
149
153
|
console.log("apiErrorValue", apiErrorValue);
|
|
150
154
|
if (value && apiErrorValue == value) {
|
|
@@ -181,7 +185,7 @@ var nestedValue = function (data, messages) {
|
|
|
181
185
|
messages.push(value);
|
|
182
186
|
}
|
|
183
187
|
else if (Array.isArray(value)) {
|
|
184
|
-
messages = __spreadArray(__spreadArray([], messages), value);
|
|
188
|
+
messages = __spreadArray(__spreadArray([], messages, true), value, true);
|
|
185
189
|
}
|
|
186
190
|
else {
|
|
187
191
|
if (Object.keys(value).length) {
|
package/build/utils/date-util.js
CHANGED
|
@@ -29,11 +29,11 @@ exports.createLogsDateFormat = createLogsDateFormat;
|
|
|
29
29
|
var getDateValue = function (value, timezone) {
|
|
30
30
|
if (timezone === void 0) { timezone = ""; }
|
|
31
31
|
if (!value)
|
|
32
|
-
return exports.createLogsDateFormat(timezone);
|
|
32
|
+
return (0, exports.createLogsDateFormat)(timezone);
|
|
33
33
|
var dateFormat = "YYYY-MM-DDTHH:mm:ss.SSS";
|
|
34
34
|
var _a = value.split(":"), type = _a[0], number = _a[1], unit = _a[2];
|
|
35
35
|
if (!["ADD", "SUB"].includes(type))
|
|
36
|
-
return exports.createLogsDateFormat(timezone);
|
|
36
|
+
return (0, exports.createLogsDateFormat)(timezone);
|
|
37
37
|
var dateUnit = getDateUnit(unit);
|
|
38
38
|
var result;
|
|
39
39
|
if (type === "ADD") {
|
|
@@ -80,7 +80,7 @@ var timezoneDateParse = function (value, nextDay, prevDay) {
|
|
|
80
80
|
if (prevDay && value.length <= 10) {
|
|
81
81
|
timeZoneDate = timeZoneDate.subtract(1, "days");
|
|
82
82
|
}
|
|
83
|
-
console.log("If it was for end date "
|
|
83
|
+
console.log("If it was for end date ".concat(nextDay, " then"), timeZoneDate);
|
|
84
84
|
timeZoneDate = timeZoneDate.format("YYYY-MM-DDTHH:mm:ss");
|
|
85
85
|
console.log("Format Date into date string", timeZoneDate);
|
|
86
86
|
return new Date(timeZoneDate);
|