javascript-solid-server 0.0.9 → 0.0.10

package/src/utils/conditional.js

@@ -0,0 +1,153 @@
+/**
+ * Conditional Request Utilities
+ *
+ * Implements HTTP conditional request headers:
+ * - If-Match: Proceed only if ETag matches (for safe updates)
+ * - If-None-Match: Proceed only if ETag doesn't match (for caching/create-only)
+ */
+
+/**
+ * Normalize an ETag value (remove weak prefix and quotes)
+ * @param {string} etag
+ * @returns {string}
+ */
+function normalizeEtag(etag) {
+  if (!etag) return '';
+  // Remove weak prefix W/
+  let normalized = etag.replace(/^W\//, '');
+  // Remove surrounding quotes
+  normalized = normalized.replace(/^"(.*)"$/, '$1');
+  return normalized;
+}
+
+/**
+ * Parse an If-Match or If-None-Match header value
+ * @param {string} headerValue
+ * @returns {string[]} Array of ETags, or ['*'] for wildcard
+ */
+function parseEtagHeader(headerValue) {
+  if (!headerValue) return [];
+  if (headerValue.trim() === '*') return ['*'];
+
+  // Split by comma and normalize each ETag
+  return headerValue.split(',').map(etag => normalizeEtag(etag.trim()));
+}
+
+/**
+ * Check If-Match header
+ * Returns true if the request should proceed, false if it should be rejected (412)
+ *
+ * @param {string} ifMatchHeader - The If-Match header value
+ * @param {string|null} currentEtag - Current ETag of the resource (null if doesn't exist)
+ * @returns {{ ok: boolean, status?: number, error?: string }}
+ */
+export function checkIfMatch(ifMatchHeader, currentEtag) {
+  if (!ifMatchHeader) {
+    return { ok: true }; // No If-Match header, proceed
+  }
+
+  const etags = parseEtagHeader(ifMatchHeader);
+
+  // If resource doesn't exist, If-Match always fails
+  if (currentEtag === null) {
+    return {
+      ok: false,
+      status: 412,
+      error: 'Precondition Failed: Resource does not exist'
+    };
+  }
+
+  // Wildcard matches any existing resource
+  if (etags.includes('*')) {
+    return { ok: true };
+  }
+
+  // Check if any ETag matches
+  const normalizedCurrent = normalizeEtag(currentEtag);
+  const matches = etags.some(etag => etag === normalizedCurrent);
+
+  if (!matches) {
+    return {
+      ok: false,
+      status: 412,
+      error: 'Precondition Failed: ETag mismatch'
+    };
+  }
+
+  return { ok: true };
+}
+
+/**
+ * Check If-None-Match header for GET/HEAD (caching)
+ * Returns true if the request should proceed, false if 304 Not Modified
+ *
+ * @param {string} ifNoneMatchHeader - The If-None-Match header value
+ * @param {string|null} currentEtag - Current ETag of the resource
+ * @returns {{ ok: boolean, notModified?: boolean }}
+ */
+export function checkIfNoneMatchForGet(ifNoneMatchHeader, currentEtag) {
+  if (!ifNoneMatchHeader || currentEtag === null) {
+    return { ok: true }; // No header or no resource, proceed
+  }
+
+  const etags = parseEtagHeader(ifNoneMatchHeader);
+
+  // Wildcard matches any existing resource
+  if (etags.includes('*')) {
+    return { ok: false, notModified: true };
+  }
+
+  // Check if any ETag matches
+  const normalizedCurrent = normalizeEtag(currentEtag);
+  const matches = etags.some(etag => etag === normalizedCurrent);
+
+  if (matches) {
+    return { ok: false, notModified: true };
+  }
+
+  return { ok: true };
+}
+
+/**
+ * Check If-None-Match header for PUT/POST (create-only semantics)
+ * Returns true if the request should proceed, false if 412 Precondition Failed
+ *
+ * @param {string} ifNoneMatchHeader - The If-None-Match header value
+ * @param {string|null} currentEtag - Current ETag of the resource (null if doesn't exist)
+ * @returns {{ ok: boolean, status?: number, error?: string }}
+ */
+export function checkIfNoneMatchForWrite(ifNoneMatchHeader, currentEtag) {
+  if (!ifNoneMatchHeader) {
+    return { ok: true }; // No header, proceed
+  }
+
+  const etags = parseEtagHeader(ifNoneMatchHeader);
+
+  // If-None-Match: * means "only if resource doesn't exist"
+  if (etags.includes('*')) {
+    if (currentEtag !== null) {
+      return {
+        ok: false,
+        status: 412,
+        error: 'Precondition Failed: Resource already exists'
+      };
+    }
+    return { ok: true };
+  }
+
+  // Check if any ETag matches (if so, fail)
+  if (currentEtag !== null) {
+    const normalizedCurrent = normalizeEtag(currentEtag);
+    const matches = etags.some(etag => etag === normalizedCurrent);
+
+    if (matches) {
+      return {
+        ok: false,
+        status: 412,
+        error: 'Precondition Failed: ETag matches'
+      };
+    }
+  }
+
+  return { ok: true };
+}

package/test/conditional.test.js

@@ -0,0 +1,250 @@
+/**
+ * Conditional Request Tests
+ *
+ * Tests If-Match and If-None-Match header support.
+ */
+
+import { describe, it, before, after } from 'node:test';
+import assert from 'node:assert';
+import {
+  startTestServer,
+  stopTestServer,
+  request,
+  createTestPod,
+  assertStatus
+} from './helpers.js';
+
+describe('Conditional Requests', () => {
+  before(async () => {
+    await startTestServer();
+    await createTestPod('condtest');
+  });
+
+  after(async () => {
+    await stopTestServer();
+  });
+
+  describe('If-None-Match on GET', () => {
+    it('should return 304 Not Modified when ETag matches', async () => {
+      // Create a resource
+      await request('/condtest/public/etag-test.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#test', 'http://example.org/value': 1 }),
+        auth: 'condtest'
+      });
+
+      // Get the ETag
+      const res1 = await request('/condtest/public/etag-test.json');
+      const etag = res1.headers.get('ETag');
+      assert.ok(etag, 'Response should have ETag');
+
+      // Request with matching If-None-Match
+      const res2 = await request('/condtest/public/etag-test.json', {
+        headers: { 'If-None-Match': etag }
+      });
+      assertStatus(res2, 304);
+    });
+
+    it('should return 200 when ETag does not match', async () => {
+      const res = await request('/condtest/public/etag-test.json', {
+        headers: { 'If-None-Match': '"different-etag"' }
+      });
+      assertStatus(res, 200);
+    });
+
+    it('should return 304 with If-None-Match: *', async () => {
+      const res = await request('/condtest/public/etag-test.json', {
+        headers: { 'If-None-Match': '*' }
+      });
+      assertStatus(res, 304);
+    });
+  });
+
+  describe('If-Match on PUT', () => {
+    it('should succeed when ETag matches', async () => {
+      // Create resource
+      await request('/condtest/public/match-test.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#test', 'http://example.org/v': 1 }),
+        auth: 'condtest'
+      });
+
+      // Get ETag
+      const res1 = await request('/condtest/public/match-test.json');
+      const etag = res1.headers.get('ETag');
+
+      // Update with matching If-Match
+      const res2 = await request('/condtest/public/match-test.json', {
+        method: 'PUT',
+        headers: {
+          'Content-Type': 'application/ld+json',
+          'If-Match': etag
+        },
+        body: JSON.stringify({ '@id': '#test', 'http://example.org/v': 2 }),
+        auth: 'condtest'
+      });
+      assertStatus(res2, 204);
+    });
+
+    it('should return 412 when ETag does not match', async () => {
+      const res = await request('/condtest/public/match-test.json', {
+        method: 'PUT',
+        headers: {
+          'Content-Type': 'application/ld+json',
+          'If-Match': '"wrong-etag"'
+        },
+        body: JSON.stringify({ '@id': '#test', 'http://example.org/v': 3 }),
+        auth: 'condtest'
+      });
+      assertStatus(res, 412);
+    });
+
+    it('should succeed with If-Match: * on existing resource', async () => {
+      const res = await request('/condtest/public/match-test.json', {
+        method: 'PUT',
+        headers: {
+          'Content-Type': 'application/ld+json',
+          'If-Match': '*'
+        },
+        body: JSON.stringify({ '@id': '#test', 'http://example.org/v': 4 }),
+        auth: 'condtest'
+      });
+      assertStatus(res, 204);
+    });
+
+    it('should return 412 with If-Match: * on non-existent resource', async () => {
+      const res = await request('/condtest/public/nonexistent.json', {
+        method: 'PUT',
+        headers: {
+          'Content-Type': 'application/ld+json',
+          'If-Match': '*'
+        },
+        body: JSON.stringify({ '@id': '#new' }),
+        auth: 'condtest'
+      });
+      assertStatus(res, 412);
+    });
+  });
+
+  describe('If-None-Match on PUT', () => {
+    it('should succeed with If-None-Match: * on new resource', async () => {
+      const res = await request('/condtest/public/create-only.json', {
+        method: 'PUT',
+        headers: {
+          'Content-Type': 'application/ld+json',
+          'If-None-Match': '*'
+        },
+        body: JSON.stringify({ '@id': '#new' }),
+        auth: 'condtest'
+      });
+      assertStatus(res, 201);
+    });
+
+    it('should return 412 with If-None-Match: * on existing resource', async () => {
+      const res = await request('/condtest/public/create-only.json', {
+        method: 'PUT',
+        headers: {
+          'Content-Type': 'application/ld+json',
+          'If-None-Match': '*'
+        },
+        body: JSON.stringify({ '@id': '#update' }),
+        auth: 'condtest'
+      });
+      assertStatus(res, 412);
+    });
+  });
+
+  describe('If-Match on DELETE', () => {
+    it('should succeed when ETag matches', async () => {
+      // Create resource
+      await request('/condtest/public/delete-match.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#delete' }),
+        auth: 'condtest'
+      });
+
+      // Get ETag
+      const res1 = await request('/condtest/public/delete-match.json');
+      const etag = res1.headers.get('ETag');
+
+      // Delete with matching If-Match
+      const res2 = await request('/condtest/public/delete-match.json', {
+        method: 'DELETE',
+        headers: { 'If-Match': etag },
+        auth: 'condtest'
+      });
+      assertStatus(res2, 204);
+    });
+
+    it('should return 412 when ETag does not match', async () => {
+      // Create resource
+      await request('/condtest/public/delete-nomatch.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#delete' }),
+        auth: 'condtest'
+      });
+
+      const res = await request('/condtest/public/delete-nomatch.json', {
+        method: 'DELETE',
+        headers: { 'If-Match': '"wrong-etag"' },
+        auth: 'condtest'
+      });
+      assertStatus(res, 412);
+    });
+  });
+
+  describe('If-Match on PATCH', () => {
+    it('should succeed when ETag matches', async () => {
+      // Create resource
+      await request('/condtest/public/patch-match.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#test', 'http://example.org/name': 'Original' }),
+        auth: 'condtest'
+      });
+
+      // Get ETag
+      const res1 = await request('/condtest/public/patch-match.json');
+      const etag = res1.headers.get('ETag');
+
+      // Patch with matching If-Match
+      const patch = `
+        @prefix solid: <http://www.w3.org/ns/solid/terms#>.
+        _:patch a solid:InsertDeletePatch;
+          solid:inserts { <#test> <http://example.org/updated> "true" }.
+      `;
+      const res2 = await request('/condtest/public/patch-match.json', {
+        method: 'PATCH',
+        headers: {
+          'Content-Type': 'text/n3',
+          'If-Match': etag
+        },
+        body: patch,
+        auth: 'condtest'
+      });
+      assertStatus(res2, 204);
+    });
+
+    it('should return 412 when ETag does not match', async () => {
+      const patch = `
+        @prefix solid: <http://www.w3.org/ns/solid/terms#>.
+        _:patch a solid:InsertDeletePatch;
+          solid:inserts { <#test> <http://example.org/bad> "true" }.
+      `;
+      const res = await request('/condtest/public/patch-match.json', {
+        method: 'PATCH',
+        headers: {
+          'Content-Type': 'text/n3',
+          'If-Match': '"wrong-etag"'
+        },
+        body: patch,
+        auth: 'condtest'
+      });
+      assertStatus(res, 412);
+    });
+  });
+});

package/test/sparql-update.test.js

@@ -0,0 +1,219 @@
+/**
+ * SPARQL Update Tests
+ *
+ * Tests SPARQL Update support via PATCH method.
+ */
+
+import { describe, it, before, after } from 'node:test';
+import assert from 'node:assert';
+import {
+  startTestServer,
+  stopTestServer,
+  request,
+  createTestPod,
+  assertStatus
+} from './helpers.js';
+
+describe('SPARQL Update', () => {
+  before(async () => {
+    await startTestServer();
+    await createTestPod('sparqltest');
+  });
+
+  after(async () => {
+    await stopTestServer();
+  });
+
+  describe('INSERT DATA', () => {
+    it('should insert a triple into existing resource', async () => {
+      // Create a resource
+      await request('/sparqltest/public/insert-test.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#item', 'http://example.org/name': 'Original' }),
+        auth: 'sparqltest'
+      });
+
+      // Insert new data via SPARQL Update
+      const sparql = `
+        PREFIX ex: <http://example.org/>
+        INSERT DATA {
+          <#item> ex:status "active" .
+        }
+      `;
+
+      const res = await request('/sparqltest/public/insert-test.json', {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'application/sparql-update' },
+        body: sparql,
+        auth: 'sparqltest'
+      });
+      assertStatus(res, 204);
+
+      // Verify the data was inserted
+      const getRes = await request('/sparqltest/public/insert-test.json');
+      const data = await getRes.json();
+      assert.strictEqual(data['http://example.org/status'], 'active');
+      assert.strictEqual(data['http://example.org/name'], 'Original');
+    });
+
+    it('should insert multiple triples', async () => {
+      await request('/sparqltest/public/multi-insert.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#thing' }),
+        auth: 'sparqltest'
+      });
+
+      const sparql = `
+        PREFIX ex: <http://example.org/>
+        INSERT DATA {
+          <#thing> ex:prop1 "value1" .
+          <#thing> ex:prop2 "value2" .
+        }
+      `;
+
+      const res = await request('/sparqltest/public/multi-insert.json', {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'application/sparql-update' },
+        body: sparql,
+        auth: 'sparqltest'
+      });
+      assertStatus(res, 204);
+
+      const getRes = await request('/sparqltest/public/multi-insert.json');
+      const data = await getRes.json();
+      assert.strictEqual(data['http://example.org/prop1'], 'value1');
+      assert.strictEqual(data['http://example.org/prop2'], 'value2');
+    });
+  });
+
+  describe('DELETE DATA', () => {
+    it('should delete a triple from existing resource', async () => {
+      await request('/sparqltest/public/delete-test.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({
+          '@id': '#item',
+          'http://example.org/keep': 'yes',
+          'http://example.org/remove': 'this'
+        }),
+        auth: 'sparqltest'
+      });
+
+      const sparql = `
+        PREFIX ex: <http://example.org/>
+        DELETE DATA {
+          <#item> ex:remove "this" .
+        }
+      `;
+
+      const res = await request('/sparqltest/public/delete-test.json', {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'application/sparql-update' },
+        body: sparql,
+        auth: 'sparqltest'
+      });
+      assertStatus(res, 204);
+
+      const getRes = await request('/sparqltest/public/delete-test.json');
+      const data = await getRes.json();
+      assert.strictEqual(data['http://example.org/keep'], 'yes');
+      assert.strictEqual(data['http://example.org/remove'], undefined);
+    });
+  });
+
+  describe('DELETE/INSERT WHERE', () => {
+    it('should delete and insert in single operation', async () => {
+      await request('/sparqltest/public/update-test.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({
+          '@id': '#item',
+          'http://example.org/version': '1'
+        }),
+        auth: 'sparqltest'
+      });
+
+      const sparql = `
+        PREFIX ex: <http://example.org/>
+        DELETE { <#item> ex:version "1" }
+        INSERT { <#item> ex:version "2" }
+        WHERE { <#item> ex:version "1" }
+      `;
+
+      const res = await request('/sparqltest/public/update-test.json', {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'application/sparql-update' },
+        body: sparql,
+        auth: 'sparqltest'
+      });
+      assertStatus(res, 204);
+
+      const getRes = await request('/sparqltest/public/update-test.json');
+      const data = await getRes.json();
+      assert.strictEqual(data['http://example.org/version'], '2');
+    });
+  });
+
+  describe('Error handling', () => {
+    it('should return 404 for non-existent resource', async () => {
+      const sparql = `INSERT DATA { <#x> <http://example.org/p> "v" }`;
+      const res = await request('/sparqltest/public/nonexistent.json', {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'application/sparql-update' },
+        body: sparql,
+        auth: 'sparqltest'
+      });
+      assertStatus(res, 404);
+    });
+
+    it('should return 415 for unsupported content type', async () => {
+      await request('/sparqltest/public/content-type-test.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#test' }),
+        auth: 'sparqltest'
+      });
+
+      const res = await request('/sparqltest/public/content-type-test.json', {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'text/plain' },
+        body: 'not a valid patch',
+        auth: 'sparqltest'
+      });
+      assertStatus(res, 415);
+    });
+  });
+
+  describe('Typed literals', () => {
+    it('should handle integer literals', async () => {
+      await request('/sparqltest/public/typed-test.json', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/ld+json' },
+        body: JSON.stringify({ '@id': '#data' }),
+        auth: 'sparqltest'
+      });
+
+      const sparql = `
+        PREFIX ex: <http://example.org/>
+        PREFIX xsd: <http://www.w3.org/2001/XMLSchema#>
+        INSERT DATA {
+          <#data> ex:count "42"^^xsd:integer .
+        }
+      `;
+
+      const res = await request('/sparqltest/public/typed-test.json', {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'application/sparql-update' },
+        body: sparql,
+        auth: 'sparqltest'
+      });
+      assertStatus(res, 204);
+
+      const getRes = await request('/sparqltest/public/typed-test.json');
+      const data = await getRes.json();
+      assert.ok(data['http://example.org/count']);
+    });
+  });
+});