kuzzle 2.16.8 → 2.17.0

package/lib/kerror/codes/4-plugin.json

@@ -93,6 +93,12 @@
           "code": 15,
           "message": "Plugin \"%s\" not found.%s",
           "class": "NotFoundError"
+        },
+        "invalid_openapi_schema": {
+          "description": "OpenAPI specification is invalid",
+          "code": 16,
+          "message": "Invalid OpenAPI specification: \"%s\"",
+          "class": "PluginImplementationError"
         }
       }
     },

package/lib/kerror/codes/index.js

@@ -43,7 +43,7 @@ const domains = {
  *  @param {object} - error config file domain
  */
 
-function checkErrors(subdomain, domain, options) {
+function checkErrors (subdomain, domain, options) {
   const codes = new Set();
 
   for (const [name, error] of Object.entries(subdomain.errors)) {
@@ -57,7 +57,7 @@ function checkErrors(subdomain, domain, options) {
       error.code > 0x0000 && error.code <= 0xFFFF,
       `Error configuration file : Field 'code' must be between 1 and 65535 (domain: ${domain.code}, subdomain: ${subdomain.code}, error: ${name}).`);
     assert(
-      !codes.has(error.code),
+      ! codes.has(error.code),
       `Error configuration file : code ${error.code} for error '${name}' is not unique (domain: ${domain.code}, subdomain: ${subdomain.code}).`);
 
     codes.add(error.code);
@@ -80,7 +80,7 @@ function checkErrors(subdomain, domain, options) {
       `Error configuration file : Field 'class' must target a known KuzzleError object (domain: ${domain.code}, subdomain: ${subdomain.code}, error: ${name}), '${name.class}' does not exist.`);
 
     // plugin errors aren't required to have descriptions
-    if (!options.plugin) {
+    if (! options.plugin) {
       assert(
         typeof error.description === 'string' && error.description.length > 0,
         `Error configuration file : Field 'description' must be a non-empty string (domain: ${domain.code}, subdomain: ${subdomain.code}, error: ${name}).`);
@@ -94,19 +94,19 @@ function checkErrors(subdomain, domain, options) {
   }
 }
 
-function checkSubdomains(domain, options) {
+function checkSubdomains (domain, options) {
   const subdomainCodes = new Set();
 
   for (const subdomainName of Object.keys(domain.subdomains)) {
     const subdomain = domain.subdomains[subdomainName];
 
     // Subdomain code for plugins is not required and is automatically set to 0
-    if (!options.plugin) {
+    if (! options.plugin) {
       assert(
         has(subdomain, 'code'),
         `Error configuration file : Missing required 'code' field (domain: ${domain.code}, subdomain: ${subdomainName}).`);
     }
-    else if (!has(subdomain, 'code')) {
+    else if (! has(subdomain, 'code')) {
       subdomain.code = 0;
     }
 
@@ -117,11 +117,11 @@ function checkSubdomains(domain, options) {
       subdomain.code >= 0x00 && subdomain.code <= 0xFF,
       `Error configuration file : Field 'code' must be between 0 and 255 (domain: ${domain.code}, subdomain: ${subdomainName}).`);
     assert(
-      !subdomainCodes.has(subdomain.code),
+      ! subdomainCodes.has(subdomain.code),
       `Error configuration file : code ${subdomain.code} for subdomain '${subdomainName}' is not unique (domain: ${domain.code}).`);
 
     // We don't allow duplicates, except for defaulted plugin subdomain codes
-    if (!options.plugin || subdomain.code > 0) {
+    if (! options.plugin || subdomain.code > 0) {
       subdomainCodes.add(subdomain.code);
     }
 
@@ -136,7 +136,7 @@ function checkSubdomains(domain, options) {
   }
 }
 
-function checkDomains(errorCodesFiles, options = {plugin: false}) {
+function checkDomains (errorCodesFiles, options = { plugin: false }) {
   const domainCodes = new Set();
 
   for (const domainName of Object.keys(errorCodesFiles)) {
@@ -152,7 +152,7 @@ function checkDomains(errorCodesFiles, options = {plugin: false}) {
       domain.code >= 0x00 && domain.code <= 0xFF,
       `Error configuration file : Field 'code' must be between 0 and 255. (domain: '${domainName}').`);
     assert(
-      !domainCodes.has(domain.code),
+      ! domainCodes.has(domain.code),
       `Error configuration file : code ${domain.code} for domain ${domainName} is not unique.`);
 
     domainCodes.add(domain.code);
@@ -168,7 +168,7 @@ function checkDomains(errorCodesFiles, options = {plugin: false}) {
   }
 }
 
-function loadPluginsErrors(pluginManifest, pluginCode) {
+function loadPluginsErrors (pluginManifest, pluginCode) {
   // @todo this should be in its own, independant domain
   domains.plugin.subdomains[pluginManifest.name] = {
     code: pluginCode,

package/lib/kerror/index.js

@@ -122,7 +122,7 @@ function cleanStackTrace (error) {
       }
 
       // filter all lines related to the kerror object
-      return !line.includes(currentFileName);
+      return ! line.includes(currentFileName);
     })
     .map(hilightUserCode);
 

package/lib/kuzzle/dumpGenerator.js

@@ -175,7 +175,7 @@ class DumpGenerator {
     // dumping Kuzzle's stats
     global.kuzzle.log.info('> dumping kuzzle\'s stats');
     const statistics = await global.kuzzle.statistics.getAllStats(
-      new Request({action: 'getAllStats', controller: 'statistics'}));
+      new Request({ action: 'getAllStats', controller: 'statistics' }));
 
     fs.writeFileSync(
       path.join(dumpPath, 'statistics.json'),
@@ -197,14 +197,14 @@ class DumpGenerator {
     try {
       fs.accessSync(dumpPath, fs.constants.R_OK | fs.constants.W_OK | fs.constants.X_OK);
     }
-    catch(e) {
+    catch (e) {
       return;
     }
 
     const dumps = fs.readdirSync(dumpPath)
       .map(file => {
         const filepath = `${dumpPath}/${file}`;
-        return {path: filepath, stat: fs.statSync(filepath)};
+        return { path: filepath, stat: fs.statSync(filepath) };
       })
       .filter(prop => prop.stat.isDirectory())
       .sort((a, b) => {

package/lib/kuzzle/event/kuzzleEventEmitter.js

@@ -80,7 +80,7 @@ class KuzzleEventEmitter extends EventEmitter {
   onPipe (event, fn) {
     assert(typeof fn === 'function', `Cannot listen to pipe event ${event}: "${fn}" is not a function`);
 
-    if (!this.corePipes.has(event)) {
+    if (! this.corePipes.has(event)) {
       this.corePipes.set(event, []);
     }
 
@@ -96,7 +96,7 @@ class KuzzleEventEmitter extends EventEmitter {
    */
   onAsk (event, fn) {
     assert(typeof fn === 'function', `Cannot listen to ask event "${event}": "${fn}" is not a function`);
-    assert(!this.coreAnswerers.has(event), `Cannot add a listener to the ask event "${event}": event has already an answerer`);
+    assert(! this.coreAnswerers.has(event), `Cannot add a listener to the ask event "${event}": event has already an answerer`);
 
     this.coreAnswerers.set(event, fn);
   }
@@ -143,7 +143,7 @@ class KuzzleEventEmitter extends EventEmitter {
     let callback = null;
 
     // safe: a pipe's payload can never contain functions
-    if (payload.length > 0 && typeof payload[payload.length-1] === 'function') {
+    if (payload.length > 0 && typeof payload[payload.length - 1] === 'function') {
       callback = payload.pop();
     }
 
@@ -185,7 +185,7 @@ class KuzzleEventEmitter extends EventEmitter {
 
     const fn = this.coreAnswerers.get(event);
 
-    if (!fn) {
+    if (! fn) {
       throw kerror.get('core', 'fatal', 'assertion_failed', `the requested ask event '${event}' doesn't have an answerer`);
     }
 

package/lib/kuzzle/event/pipeRunner.js

@@ -40,7 +40,7 @@ const kerror = require('../../kerror').wrap('plugin', 'runtime');
 function waterfallCallback (error, result) {
   this.instance.running--;
 
-  if (!this.instance.buffer.isEmpty()) {
+  if (! this.instance.buffer.isEmpty()) {
     setImmediate(this.instance._boundRunNext);
   }
 

package/lib/kuzzle/event/waterfall.js

@@ -28,7 +28,7 @@ class WaterfallContext {
    * @param  {Function} cb     - end of waterfall callback
    * @param  {Object}   cbCtx  - functions context
    */
-  constructor(chain, args, cb, cbCtx) {
+  constructor (chain, args, cb, cbCtx) {
     this.chain = chain;
     this.cb = cb;
     this.cbCtx = cbCtx;
@@ -55,7 +55,7 @@ class WaterfallContext {
 
   next (cb) {
     this.index++;
-    this.chain[this.index-1](...this.args, cb);
+    this.chain[this.index - 1](...this.args, cb);
   }
 
   reject (error) {
@@ -69,7 +69,7 @@ class WaterfallContext {
 }
 
 /* eslint-disable no-invalid-this */
-function waterfallCB(err, res) {
+function waterfallCB (err, res) {
   if (err) {
     this.reject(err);
   }
@@ -80,8 +80,8 @@ function waterfallCB(err, res) {
 }
 /* eslint-enable no-invalid-this */
 
-function waterfallNext(ctx) {
-  if (!ctx.hasNext()) {
+function waterfallNext (ctx) {
+  if (! ctx.hasNext()) {
     ctx.resolve();
     return;
   }
@@ -94,7 +94,7 @@ function waterfallNext(ctx) {
   }
 }
 
-function waterfall(chain, args, cb, context) {
+function waterfall (chain, args, cb, context) {
   const ctx = new WaterfallContext(chain, args, cb, context);
 
   waterfallNext(ctx);

package/lib/kuzzle/kuzzle.js

@@ -53,6 +53,8 @@ const security_1 = __importDefault(require("../core/security"));
 const realtime_1 = __importDefault(require("../core/realtime"));
 const cluster_1 = __importDefault(require("../cluster"));
 const package_json_1 = require("../../package.json");
+const name_generator_1 = require("../util/name-generator");
+const openapi_1 = require("../api/openapi");
 const BACKEND_IMPORT_KEY = 'backend:init:import';
 let _kuzzle = null;
 Reflect.defineProperty(global, 'kuzzle', {
@@ -103,7 +105,7 @@ class Kuzzle extends kuzzleEventEmitter_1.default {
     /**
      * Initializes all the needed components of Kuzzle.
      *
-     * @param {Application} - Application instance
+     * @param {Application} - Application Plugin instance
      * @param {Object} - Additional options (import, installations, plugins, secretsFile, support, vaultKey)
      *
      * @this {Kuzzle}
@@ -124,7 +126,8 @@ class Kuzzle extends kuzzleEventEmitter_1.default {
             await (new realtime_1.default()).init();
             await this.internalIndex.init();
             await (new security_1.default()).init();
-            this.id = await (new cluster_1.default()).init();
+            // This will init the cluster module if enabled
+            this.id = await this.initKuzzleNode();
             // Secret used to generate JWTs
             this.secret = await this.internalIndex.getSecret();
             this.vault = vault_1.default.load(options.vaultKey, options.secretsFile);
@@ -141,11 +144,13 @@ class Kuzzle extends kuzzleEventEmitter_1.default {
             this.log.info(`[✔] Successfully loaded ${this.pluginsManager.loadedPlugins.length} plugins: ${this.pluginsManager.loadedPlugins.join(', ')}`);
             // Authentification plugins must be loaded before users import to avoid
             // credentials related error which would prevent Kuzzle from starting
-            await this.import(options.import, options.support);
+            await this.loadInitialState(options.import, options.support);
             await this.ask('core:security:verify');
             this.router.init();
             this.log.info('[✔] Core components loaded');
             await this.install(options.installations);
+            this.log.info(`[✔] Start "${this.pluginsManager.application.name}" application`);
+            this.openApiManager = new openapi_1.OpenApiManager(application.openApi, this.config.http.routes, this.pluginsManager.routes);
             // @deprecated
             await this.pipe('kuzzle:start');
             await this.pipe('kuzzle:state:live');
@@ -161,6 +166,23 @@ class Kuzzle extends kuzzleEventEmitter_1.default {
             throw error;
         }
     }
+    /**
+     * Generates the node ID.
+     *
+     * This will init the cluster if it's enabled.
+     */
+    async initKuzzleNode() {
+        let id;
+        if (this.config.cluster.enabled) {
+            id = await (new cluster_1.default()).init();
+            this.log.info('[✔] Cluster initialized');
+        }
+        else {
+            id = (0, name_generator_1.generateRandomName)('knode');
+            this.log.info('[X] Cluster disabled: single node mode.');
+        }
+        return id;
+    }
     /**
      * Gracefully exits after processing remaining requests
      *
@@ -340,7 +362,17 @@ class Kuzzle extends kuzzleEventEmitter_1.default {
      *
      * @returns {Promise<void>}
      */
-    async import(toImport = {}, toSupport = {}) {
+    async loadInitialState(toImport = {}, toSupport = {}) {
+        if (lodash_1.default.isEmpty(toImport.mappings)
+            && lodash_1.default.isEmpty(toImport.profiles)
+            && lodash_1.default.isEmpty(toImport.roles)
+            && lodash_1.default.isEmpty(toImport.userMappings)
+            && lodash_1.default.isEmpty(toImport.users)
+            && lodash_1.default.isEmpty(toSupport.fixtures)
+            && lodash_1.default.isEmpty(toSupport.mappings)
+            && lodash_1.default.isEmpty(toSupport.securities)) {
+            return;
+        }
         const lockedMutex = [];
         try {
             for (const [type, importMethod] of Object.entries(this.importTypes)) {
@@ -357,7 +389,6 @@ class Kuzzle extends kuzzleEventEmitter_1.default {
                     await this.ask('core:cache:internal:store', `${BACKEND_IMPORT_KEY}:${type}`, 1, { ttl: 5 * 60 * 1000 });
                 }
             }
-            this.log.info('[✔] Waiting for imports to be finished');
             await this._waitForImportToFinish();
             this.log.info('[✔] Import successful');
         }

package/lib/kuzzle/log.js

@@ -22,7 +22,7 @@
 'use strict';
 
 class Logger {
-  constructor() {
+  constructor () {
     this.logMethods = ['info', 'warn', 'error', 'silly', 'debug', 'verbose'];
 
     this.failsafeModeString = global.kuzzle.config.plugins.common.failsafeMode
@@ -34,7 +34,7 @@ class Logger {
     global.kuzzle.once('core:kuzzleStart', this._useLogger.bind(this));
   }
 
-  _useConsole() {
+  _useConsole () {
     // until kuzzle has started, use the console to print logs
     for (const method of this.logMethods) {
       this[method] = message => {
@@ -46,7 +46,7 @@ class Logger {
     }
   }
 
-  _useLogger() {
+  _useLogger () {
 
     // when kuzzle has started, use the event to dispatch logs
     for (const method of this.logMethods) {

package/lib/kuzzle/vault.js

@@ -38,7 +38,7 @@ function load (vaultKey, secretsFile) {
     secretsFile || process.env.KUZZLE_SECRETS_FILE || defaultEncryptedSecretsFile;
 
   let key = vaultKey;
-  if (_.isEmpty(vaultKey) && !_.isEmpty(process.env.KUZZLE_VAULT_KEY)) {
+  if (_.isEmpty(vaultKey) && ! _.isEmpty(process.env.KUZZLE_VAULT_KEY)) {
     key = process.env.KUZZLE_VAULT_KEY;
   }
 
@@ -53,13 +53,13 @@ function load (vaultKey, secretsFile) {
   // Abort if a secret file is found (default or custom)
   // but no vault key has been provided
   assert(
-    !(fileExists && _.isEmpty(key)),
+    ! (fileExists && _.isEmpty(key)),
     'A secret file has been provided but Kuzzle cannot find the Vault key. Aborting.');
 
   // Abort if a vault key has been provided
   // but no secrets file can be loaded (default or custom)
   assert(
-    !(! _.isEmpty(key) && ! fileExists),
+    ! (! _.isEmpty(key) && ! fileExists),
     `A Vault key is present but Kuzzle cannot find the secret file at "${encryptedSecretsFile}". Aborting.`);
 
   const vault = new Vault(key);

package/lib/model/security/profile.d.ts

@@ -0,0 +1,54 @@
+import { Policy, OptimizedPolicy, OptimizedPolicyRestrictions } from '../../types/index';
+import { Role } from './role';
+import { KuzzleRequest } from '../../../index';
+/** @internal */
+declare type InternalProfilePolicy = {
+    role: Role;
+    restrictedTo: OptimizedPolicyRestrictions;
+};
+/**
+ * @class Profile
+ */
+export declare class Profile {
+    _id: string;
+    policies: Policy[];
+    optimizedPolicies: OptimizedPolicy[];
+    rateLimit: number;
+    constructor();
+    /**
+     * @param {Kuzzle} kuzzle
+     *
+     * @returns {Promise}
+     */
+    getPolicies(): Promise<InternalProfilePolicy[]>;
+    /**
+     * @param {Request} request
+     * @returns {Promise}
+     */
+    getAllowedPolicies(request: KuzzleRequest): Promise<InternalProfilePolicy[]>;
+    /**
+     * @param {Request} request
+     * @returns {Promise<boolean>}
+     */
+    isActionAllowed(request: KuzzleRequest): Promise<boolean>;
+    /**
+     * Validates the Profile format
+     *
+     * @param {Object} [options]
+     * @param {boolean} [options.strict] - If true, only allows resctrictions on
+     *                                     existing indexes/collections
+     * @returns {Promise}
+     */
+    validateDefinition({ strict }?: {
+        strict?: boolean;
+    }): Promise<boolean>;
+    /**
+     * Resolves an array of rights related to the profile's roles.
+     *
+     * @returns {Promise}
+     */
+    getRights(): Promise<{}>;
+    static _hash(): boolean;
+    validateRateLimit(): void;
+}
+export {};