npm - ghost - Versions diffs - 5.8.3 → 5.9.2 - Mend

ghost 5.8.3 → 5.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (113) hide show

package/core/server/api/shared/pipeline.js DELETED Viewed

@@ -1,259 +0,0 @@
-const debug = require('@tryghost/debug')('api:shared:pipeline');
-const Promise = require('bluebird');
-const _ = require('lodash');
-const shared = require('../shared');
-const errors = require('@tryghost/errors');
-const {sequence} = require('@tryghost/promise');
-const STAGES = {
-    validation: {
-        /**
-         * @description Input validation.
-         *
-         * We call the shared validator which runs the request through:
-         *
-         * 1. Shared validator
-         * 2. Custom API validators
-         *
-         * @param {Object} apiUtils - Local utils of target API version.
-         * @param {Object} apiConfig - Docname & Method of ctrl.
-         * @param {Object} apiImpl -  Controller configuration.
-         * @param {Object} frame
-         * @return {Promise}
-         */
-        input(apiUtils, apiConfig, apiImpl, frame) {
-            debug('stages: validation');
-            const tasks = [];
-            // CASE: do validation completely yourself
-            if (typeof apiImpl.validation === 'function') {
-                debug('validation function call');
-                return apiImpl.validation(frame);
-            }
-            tasks.push(function doValidation() {
-                return shared.validators.handle.input(
-                    Object.assign({}, apiConfig, apiImpl.validation),
-                    apiUtils.validators.input,
-                    frame
-                );
-            });
-            return sequence(tasks);
-        }
-    },
-    serialisation: {
-        /**
-         * @description Input Serialisation.
-         *
-         * We call the shared serializer which runs the request through:
-         *
-         * 1. Shared serializers
-         * 2. Custom API serializers
-         *
-         * @param {Object} apiUtils - Local utils of target API version.
-         * @param {Object} apiConfig - Docname & Method of ctrl.
-         * @param {Object} apiImpl -  Controller configuration.
-         * @param {Object} frame
-         * @return {Promise}
-         */
-        input(apiUtils, apiConfig, apiImpl, frame) {
-            debug('stages: input serialisation');
-            return shared.serializers.handle.input(
-                Object.assign({data: apiImpl.data}, apiConfig),
-                apiUtils.serializers.input,
-                frame
-            );
-        },
-        /**
-         * @description Output Serialisation.
-         *
-         * We call the shared serializer which runs the request through:
-         *
-         * 1. Shared serializers
-         * 2. Custom API serializers
-         *
-         * @param {Object} apiUtils - Local utils of target API version.
-         * @param {Object} apiConfig - Docname & Method of ctrl.
-         * @param {Object} apiImpl -  Controller configuration.
-         * @param {Object} frame
-         * @return {Promise}
-         */
-        output(response, apiUtils, apiConfig, apiImpl, frame) {
-            debug('stages: output serialisation');
-            return shared.serializers.handle.output(response, apiConfig, apiUtils.serializers.output, frame);
-        }
-    },
-    /**
-     * @description Permissions stage.
-     *
-     * We call the target API implementation of permissions.
-     * Permissions implementation can change across API versions.
-     * There is no shared implementation right now.
-     *
-     * @param {Object} apiUtils - Local utils of target API version.
-     * @param {Object} apiConfig - Docname & Method of ctrl.
-     * @param {Object} apiImpl -  Controller configuration.
-     * @param {Object} frame
-     * @return {Promise}
-     */
-    permissions(apiUtils, apiConfig, apiImpl, frame) {
-        debug('stages: permissions');
-        const tasks = [];
-        // CASE: it's required to put the permission key to avoid security holes
-        if (!Object.prototype.hasOwnProperty.call(apiImpl, 'permissions')) {
-            return Promise.reject(new errors.IncorrectUsageError());
-        }
-        // CASE: handle permissions completely yourself
-        if (typeof apiImpl.permissions === 'function') {
-            debug('permissions function call');
-            return apiImpl.permissions(frame);
-        }
-        // CASE: skip stage completely
-        if (apiImpl.permissions === false) {
-            debug('disabled permissions');
-            return Promise.resolve();
-        }
-        if (typeof apiImpl.permissions === 'object' && apiImpl.permissions.before) {
-            tasks.push(function beforePermissions() {
-                return apiImpl.permissions.before(frame);
-            });
-        }
-        tasks.push(function doPermissions() {
-            return apiUtils.permissions.handle(
-                Object.assign({}, apiConfig, apiImpl.permissions),
-                frame
-            );
-        });
-        return sequence(tasks);
-    },
-    /**
-     * @description Execute controller & receive model response.
-     *
-     * @param {Object} apiUtils - Local utils of target API version.
-     * @param {Object} apiConfig - Docname & Method of ctrl.
-     * @param {Object} apiImpl -  Controller configuration.
-     * @param {Object} frame
-     * @return {Promise}
-     */
-    query(apiUtils, apiConfig, apiImpl, frame) {
-        debug('stages: query');
-        if (!apiImpl.query) {
-            return Promise.reject(new errors.IncorrectUsageError());
-        }
-        return apiImpl.query(frame);
-    }
-};
-/**
- * @description The pipeline runs the request through all stages (validation, serialisation, permissions).
- *
- * The target API version calls the pipeline and wraps the actual ctrl implementation to be able to
- * run the request through various stages before hitting the controller.
- *
- * The stages are executed in the following order:
- *
- * 1. Input validation - General & schema validation
- * 2. Input serialisation - Modification of incoming data e.g. force filters, auto includes, url transformation etc.
- * 3. Permissions - Runs after validation & serialisation because the body structure must be valid (see unsafeAttrs)
- * 4. Controller - Execute the controller implementation & receive model response.
- * 5. Output Serialisation - Output formatting, Deprecations, Extra attributes etc...
- *
- * @param {Function} apiController
- * @param {Object} apiUtils - Local utils (validation & serialisation) from target API version
- * @param {String} [apiType] - Content or Admin API access
- * @return {Function}
- */
-const pipeline = (apiController, apiUtils, apiType) => {
-    const keys = Object.keys(apiController);
-    // CASE: api controllers are objects with configuration.
-    //       We have to ensure that we expose a functional interface e.g. `api.posts.add` has to be available.
-    return keys.reduce((obj, key) => {
-        const docName = apiController.docName;
-        const method = key;
-        const apiImpl = _.cloneDeep(apiController)[key];
-        obj[key] = function wrapper() {
-            const apiConfig = {docName, method};
-            let options;
-            let data;
-            let frame;
-            if (arguments.length === 2) {
-                data = arguments[0];
-                options = arguments[1];
-            } else if (arguments.length === 1) {
-                options = arguments[0] || {};
-            } else {
-                options = {};
-            }
-            // CASE: http helper already creates it's own frame.
-            if (!(options instanceof shared.Frame)) {
-                debug(`Internal API request for ${docName}.${method}`);
-                frame = new shared.Frame({
-                    body: data,
-                    options: _.omit(options, 'context'),
-                    context: options.context || {}
-                });
-                frame.configure({
-                    options: apiImpl.options,
-                    data: apiImpl.data
-                });
-            } else {
-                frame = options;
-            }
-            // CASE: api controller *can* be a single function, but it's not recommended to disable the framework.
-            if (typeof apiImpl === 'function') {
-                debug('ctrl function call');
-                return apiImpl(frame);
-            }
-            frame.apiType = apiType;
-            frame.docName = docName;
-            frame.method = method;
-            return Promise.resolve()
-                .then(() => {
-                    return STAGES.validation.input(apiUtils, apiConfig, apiImpl, frame);
-                })
-                .then(() => {
-                    return STAGES.serialisation.input(apiUtils, apiConfig, apiImpl, frame);
-                })
-                .then(() => {
-                    return STAGES.permissions(apiUtils, apiConfig, apiImpl, frame);
-                })
-                .then(() => {
-                    return STAGES.query(apiUtils, apiConfig, apiImpl, frame);
-                })
-                .then((response) => {
-                    return STAGES.serialisation.output(response, apiUtils, apiConfig, apiImpl, frame);
-                })
-                .then(() => {
-                    return frame.response;
-                });
-        };
-        Object.assign(obj[key], apiImpl);
-        return obj;
-    }, {});
-};
-module.exports = pipeline;
-module.exports.STAGES = STAGES;

package/core/server/api/shared/serializers/handle.js DELETED Viewed

@@ -1,140 +0,0 @@
-const debug = require('@tryghost/debug')('api:shared:serializers:handle');
-const Promise = require('bluebird');
-const {sequence} = require('@tryghost/promise');
-const errors = require('@tryghost/errors');
-/**
- * @description Shared input serialization handler.
- *
- * The shared input handler runs the request through all the validation steps.
- *
- * 1. Shared serialization
- * 2. API serialization
- *
- * @param {Object} apiConfig - Docname + method of the ctrl
- * @param {Object} apiSerializers - Target API serializers
- * @param {Object} frame
- */
-module.exports.input = (apiConfig, apiSerializers, frame) => {
-    debug('input');
-    const tasks = [];
-    const sharedSerializers = require('./input');
-    if (!apiConfig) {
-        return Promise.reject(new errors.IncorrectUsageError());
-    }
-    if (!apiSerializers) {
-        return Promise.reject(new errors.IncorrectUsageError());
-    }
-    // ##### SHARED ALL SERIALIZATION
-    tasks.push(function serializeAllShared() {
-        return sharedSerializers.all.all(apiConfig, frame);
-    });
-    if (sharedSerializers.all[apiConfig.method]) {
-        tasks.push(function serializeAllShared() {
-            return sharedSerializers.all[apiConfig.method](apiConfig, frame);
-        });
-    }
-    // ##### API VERSION RESOURCE SERIALIZATION
-    if (apiSerializers.all) {
-        tasks.push(function serializeOptionsShared() {
-            return apiSerializers.all(apiConfig, frame);
-        });
-    }
-    if (apiSerializers[apiConfig.docName]) {
-        if (apiSerializers[apiConfig.docName].all) {
-            tasks.push(function serializeOptionsShared() {
-                return apiSerializers[apiConfig.docName].all(apiConfig, frame);
-            });
-        }
-        if (apiSerializers[apiConfig.docName][apiConfig.method]) {
-            tasks.push(function serializeOptionsShared() {
-                return apiSerializers[apiConfig.docName][apiConfig.method](apiConfig, frame);
-            });
-        }
-    }
-    debug(tasks);
-    return sequence(tasks);
-};
-const getBestMatchSerializer = function (apiSerializers, docName, method) {
-    if (apiSerializers[docName] && apiSerializers[docName][method]) {
-        debug(`Calling ${docName}.${method}`);
-        return apiSerializers[docName][method].bind(apiSerializers[docName]);
-    } else if (apiSerializers[docName] && apiSerializers[docName].all) {
-        debug(`Calling ${docName}.all`);
-        return apiSerializers[docName].all.bind(apiSerializers[docName]);
-    }
-    debug(`Returning as-is`);
-    return false;
-};
-/**
- * @description Shared output serialization handler.
- *
- * The shared output handler runs the request through all the validation steps.
- *
- * 1. Shared serialization
- * 2. API serialization
- *
- * @param {Object} response - API response
- * @param {Object} apiConfig - Docname + method of the ctrl
- * @param {Object} apiSerializers - Target API serializers
- * @param {Object} frame
- */
-module.exports.output = (response = {}, apiConfig, apiSerializers, frame) => {
-    debug('output');
-    const tasks = [];
-    if (!apiConfig) {
-        return Promise.reject(new errors.IncorrectUsageError());
-    }
-    if (!apiSerializers) {
-        return Promise.reject(new errors.IncorrectUsageError());
-    }
-    // ##### API VERSION RESOURCE SERIALIZATION
-    if (apiSerializers.all && apiSerializers.all.before) {
-        tasks.push(function allSerializeBefore() {
-            return apiSerializers.all.before(response, apiConfig, frame);
-        });
-    }
-    const customSerializer = getBestMatchSerializer(apiSerializers, apiConfig.docName, apiConfig.method);
-    const defaultSerializer = getBestMatchSerializer(apiSerializers, 'default', apiConfig.method);
-    if (customSerializer) {
-        // CASE: custom serializer exists
-        tasks.push(function doCustomSerializer() {
-            return customSerializer(response, apiConfig, frame);
-        });
-    } else if (defaultSerializer) {
-        // CASE: Fall back to default serializer
-        tasks.push(function doDefaultSerializer() {
-            return defaultSerializer(response, apiConfig, frame);
-        });
-    }
-    if (apiSerializers.all && apiSerializers.all.after) {
-        tasks.push(function allSerializeAfter() {
-            return apiSerializers.all.after(apiConfig, frame);
-        });
-    }
-    debug(tasks);
-    return sequence(tasks);
-};

package/core/server/api/shared/serializers/index.js DELETED Viewed

@@ -1,13 +0,0 @@
-module.exports = {
-    get handle() {
-        return require('./handle');
-    },
-    get input() {
-        return require('./input');
-    },
-    get output() {
-        return require('./output');
-    }
-};

package/core/server/api/shared/serializers/input/all.js DELETED Viewed

@@ -1,41 +0,0 @@
-const debug = require('@tryghost/debug')('api:shared:serializers:input:all');
-const _ = require('lodash');
-const utils = require('../../utils');
-const INTERNAL_OPTIONS = ['transacting', 'forUpdate'];
-/**
- * @description Shared serializer for all requests.
- *
- * Transforms certain options from API notation into model readable language/notation.
- *
- * e.g. API uses "include", but model layer uses "withRelated".
- */
-module.exports = {
-    all(apiConfig, frame) {
-        debug('serialize all');
-        if (frame.options.include) {
-            frame.options.withRelated = utils.options.trimAndLowerCase(frame.options.include);
-            delete frame.options.include;
-        }
-        if (frame.options.fields) {
-            frame.options.columns = utils.options.trimAndLowerCase(frame.options.fields);
-            delete frame.options.fields;
-        }
-        if (frame.options.formats) {
-            frame.options.formats = utils.options.trimAndLowerCase(frame.options.formats);
-        }
-        if (frame.options.formats && frame.options.columns) {
-            frame.options.columns = frame.options.columns.concat(frame.options.formats);
-        }
-        if (!frame.options.context.internal) {
-            debug('omit internal options');
-            frame.options = _.omit(frame.options, INTERNAL_OPTIONS);
-        }
-    }
-};

package/core/server/api/shared/serializers/input/index.js DELETED Viewed

@@ -1,5 +0,0 @@
-module.exports = {
-    get all() {
-        return require('./all');
-    }
-};

package/core/server/api/shared/serializers/output/index.js DELETED Viewed

	@@ -1 +0,0 @@
1	- module.exports = {};

package/core/server/api/shared/utils/index.js DELETED Viewed

@@ -1,5 +0,0 @@
-module.exports = {
-    get options() {
-        return require('./options');
-    }
-};

package/core/server/api/shared/utils/options.js DELETED Viewed

@@ -1,23 +0,0 @@
-const _ = require('lodash');
-/**
- * @description Helper function to prepare params for internal usages.
- *
- * e.g. "a,B,c" -> ["a", "b", "c"]
- *
- * @param {String} params
- * @return {Array}
- */
-const trimAndLowerCase = (params) => {
-    params = params || '';
-    if (_.isString(params)) {
-        params = params.split(',');
-    }
-    return params.map((item) => {
-        return item.trim().toLowerCase();
-    });
-};
-module.exports.trimAndLowerCase = trimAndLowerCase;

package/core/server/api/shared/validators/handle.js DELETED Viewed

@@ -1,68 +0,0 @@
-const debug = require('@tryghost/debug')('api:shared:validators:handle');
-const Promise = require('bluebird');
-const errors = require('@tryghost/errors');
-const {sequence} = require('@tryghost/promise');
-/**
- * @description Shared input validation handler.
- *
- * The shared validation handler runs the request through all the validation steps.
- *
- * 1. Shared validation
- * 2. API validation
- *
- * @param {Object} apiConfig - Docname + method of the ctrl
- * @param {Object} apiValidators - Target API validators
- * @param {Object} frame
- */
-module.exports.input = (apiConfig, apiValidators, frame) => {
-    debug('input begin');
-    const tasks = [];
-    const sharedValidators = require('./input');
-    if (!apiValidators) {
-        return Promise.reject(new errors.IncorrectUsageError());
-    }
-    if (!apiConfig) {
-        return Promise.reject(new errors.IncorrectUsageError());
-    }
-    // ##### SHARED ALL VALIDATION
-    tasks.push(function allShared() {
-        return sharedValidators.all.all(apiConfig, frame);
-    });
-    if (sharedValidators.all[apiConfig.method]) {
-        tasks.push(function allShared() {
-            return sharedValidators.all[apiConfig.method](apiConfig, frame);
-        });
-    }
-    // ##### API VERSION VALIDATION
-    if (apiValidators.all) {
-        tasks.push(function allAPIVersion() {
-            return apiValidators.all[apiConfig.method](apiConfig, frame);
-        });
-    }
-    if (apiValidators[apiConfig.docName]) {
-        if (apiValidators[apiConfig.docName].all) {
-            tasks.push(function docNameAll() {
-                return apiValidators[apiConfig.docName].all(apiConfig, frame);
-            });
-        }
-        if (apiValidators[apiConfig.docName][apiConfig.method]) {
-            tasks.push(function docNameMethod() {
-                return apiValidators[apiConfig.docName][apiConfig.method](apiConfig, frame);
-            });
-        }
-    }
-    debug('input ready');
-    return sequence(tasks);
-};

package/core/server/api/shared/validators/index.js DELETED Viewed

@@ -1,9 +0,0 @@
-module.exports = {
-    get handle() {
-        return require('./handle');
-    },
-    get input() {
-        return require('./input');
-    }
-};