kuzzle 2.18.0 → 2.19.1

package/lib/api/controllers/securityController.js

@@ -32,12 +32,17 @@ const formatProcessing = require('../../core/auth/formatProcessing');
 const ApiKey = require('../../model/storage/apiKey');
 const kerror = require('../../kerror');
 const { has } = require('../../util/safeObject');
-const { generateRandomName } = require('../../util/name-generator');
+const { NameGenerator } = require('../../util/name-generator');
 
 /**
  * @class SecurityController
  */
 class SecurityController extends NativeController {
+
+  static userOrSdk (userId) {
+    return userId === null ? 'EmbeddedSDK' : `User "${userId}"`;
+  }
+
   constructor () {
     super([
       'checkRights',
@@ -150,7 +155,7 @@ class SecurityController extends NativeController {
       refresh,
     });
 
-    global.kuzzle.log.info(`[SECURITY] User "${creatorId}" applied action "${request.input.action}" on user "${userId}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(creatorId)} applied action "${request.input.action}" on user "${userId}."`);
     return apiKey.serialize({ includeToken: true });
   }
 
@@ -372,7 +377,7 @@ class SecurityController extends NativeController {
       userId,
     });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on role "${role._id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on role "${role._id}."`);
     return formatProcessing.serializeRole(role);
   }
 
@@ -393,7 +398,7 @@ class SecurityController extends NativeController {
       userId,
     });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on role "${role._id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on role "${role._id}."`);
     return formatProcessing.serializeRole(role);
   }
 
@@ -410,7 +415,7 @@ class SecurityController extends NativeController {
       refresh: request.getRefresh('wait_for')
     });
 
-    global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" applied action "${request.input.action} on role "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} applied action "${request.input.action} on role "${id}."`);
 
     // @todo This avoids a breaking change... but we should really return
     // an acknowledgment.
@@ -473,7 +478,7 @@ class SecurityController extends NativeController {
         userId,
       });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on profile "${profile._id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on profile "${profile._id}."`);
 
     return formatProcessing.serializeProfile(profile);
   }
@@ -502,7 +507,7 @@ class SecurityController extends NativeController {
         userId,
       });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on profile "${profile._id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on profile "${profile._id}."`);
 
     return formatProcessing.serializeProfile(profile);
   }
@@ -523,7 +528,7 @@ class SecurityController extends NativeController {
 
     await this.ask('core:security:profile:delete', id, options);
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on profile "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on profile "${id}."`);
 
     // @todo - replace by an acknowledgement
     return { _id: id };
@@ -603,7 +608,8 @@ class SecurityController extends NativeController {
       ids = request.getBodyArray('ids');
     }
     else {
-      ids = request.getString('ids').split(',');
+      // @deprecated Should be replaced with request.getArray('ids')
+      ids = request.getArrayLegacy('ids');
     }
 
     const users = await this.ask('core:security:user:mGet', ids);
@@ -758,7 +764,7 @@ class SecurityController extends NativeController {
 
     await this.ask('core:security:user:delete', id, options);
 
-    global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" applied action "${request.input.action}" on user "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} applied action "${request.input.action}" on user "${id}."`);
 
     return { _id: id };
   }
@@ -865,7 +871,7 @@ class SecurityController extends NativeController {
       content,
       { refresh: request.getRefresh('wait_for'), userId });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on user "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on user "${id}."`);
 
     return formatProcessing.serializeUser(user);
   }
@@ -888,7 +894,7 @@ class SecurityController extends NativeController {
       userId,
     });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on profile "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on profile "${id}."`);
     return formatProcessing.serializeProfile(updated);
   }
 
@@ -910,7 +916,7 @@ class SecurityController extends NativeController {
       userId,
     });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on role "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on role "${id}."`);
 
     return formatProcessing.serializeRole(updated);
   }
@@ -951,7 +957,7 @@ class SecurityController extends NativeController {
       }
     }
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}".`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}".`);
 
     return user;
   }
@@ -1040,7 +1046,7 @@ class SecurityController extends NativeController {
 
     const createMethod = this.getStrategyMethod(strategy, 'create');
 
-    global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" applied action "${request.input.action}" on user "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} applied action "${request.input.action}" on user "${id}."`);
     return createMethod(request, body, id, strategy);
   }
 
@@ -1064,7 +1070,7 @@ class SecurityController extends NativeController {
 
     const updateMethod = this.getStrategyMethod(strategy, 'update');
 
-    global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" applied action "${request.input.action}" on user "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} applied action "${request.input.action}" on user "${id}."`);
 
     return updateMethod(request, body, id, strategy);
   }
@@ -1117,7 +1123,7 @@ class SecurityController extends NativeController {
 
     await deleteMethod(request, id, strategy);
 
-    global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" applied action "${request.input.action}" on user "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} applied action "${request.input.action}" on user "${id}."`);
 
     return { acknowledged: true };
   }
@@ -1228,10 +1234,10 @@ class SecurityController extends NativeController {
     }
 
     if (successes.length > 1000) {
-      global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" deleted the following ${type}s: ${successes.slice(0, 1000).join(', ')}... (${successes.length - 1000} more users deleted)."`);
+      global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} deleted the following ${type}s: ${successes.slice(0, 1000).join(', ')}... (${successes.length - 1000} more users deleted)."`);
     }
     else {
-      global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" deleted the following ${type}s: ${successes.join(', ')}."`);
+      global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} deleted the following ${type}s: ${successes.join(', ')}."`);
     }
 
     return successes;
@@ -1253,7 +1259,7 @@ class SecurityController extends NativeController {
         userId,
       });
 
-    global.kuzzle.log.info(`[SECURITY] User "${userId}" applied action "${request.input.action}" on user "${id}."`);
+    global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(userId)} applied action "${request.input.action}" on user "${id}."`);
 
     return formatProcessing.serializeUser(updated);
   }
@@ -1267,7 +1273,7 @@ class SecurityController extends NativeController {
     const credentials = request.getBodyObject('credentials', {});
     const strategies = Object.keys(credentials);
     const generator = humanReadableId
-      ? () => generateRandomName('kuid')
+      ? () => NameGenerator.generateRandomName({ prefix: 'kuid' })
       : () => 'kuid-' + uuidv4();
 
     let id = '';
@@ -1347,7 +1353,7 @@ class SecurityController extends NativeController {
     }
 
     if (creationFailure === null) {
-      global.kuzzle.log.info(`[SECURITY] User "${request.getKuid()}" applied action "${request.input.action}" on user "${id}."`);
+      global.kuzzle.log.info(`[SECURITY] ${SecurityController.userOrSdk(request.getKuid())} applied action "${request.input.action}" on user "${id}."`);
       return createdUser;
     }
 

package/lib/api/controllers/serverController.js

@@ -188,7 +188,8 @@ class ServerController extends NativeController {
 
     let services;
     if (typeof request.input.args.services === 'string') {
-      services = request.input.args.services.split(',');
+      // @deprecated Should be replaced with request.getArray('services')
+      services = request.getArrayLegacy('services');
     }
     if (! services || services.includes('internalCache')) {
       try {

package/lib/api/documentExtractor.js

@@ -26,6 +26,27 @@ const kerror = require('../kerror');
 const assertionError = kerror.wrap('api', 'assert');
 
 const extractors = ([
+  {
+    methods: {
+      extractFromRequest: request => [
+        {
+          _id: request.input.args._id,
+          _source: request.input.body.fields,
+        },
+      ],
+      extractFromResult: request => [request.result],
+      insertInRequest: ([documents], request) => {
+        request.input.args._id = documents._id;
+        request.input.body.fields = documents._source;
+        return request;
+      },
+      insertInResult: ([document], request) => {
+        request.setResult(document, { status: request.status });
+        return request;
+      },
+    },
+    targets: [ 'deleteFields' ]
+  },
   {
     methods: {
       extractFromRequest: request => [{ _id: request.input.args._id }],
@@ -39,7 +60,7 @@ const extractors = ([
         return request;
       }
     },
-    targets: ['delete', 'get']
+    targets: [ 'delete', 'get', 'exists' ]
   },
   {
     methods: {
@@ -56,7 +77,8 @@ const extractors = ([
             ids = request.input.args.ids;
           }
           else if (typeof request.input.args.ids === 'string') {
-            ids = request.input.args.ids.split(',');
+            // @deprecated Should be replaced with request.getArray('ids')
+            ids = request.getArrayLegacy('ids');
           }
           else {
             throw assertionError.get(
@@ -117,7 +139,7 @@ const extractors = ([
         return request;
       }
     },
-    targets: ['mDelete', 'mGet']
+    targets: [ 'mDelete', 'mGet', 'mExists' ]
   },
   {
     methods: {
@@ -127,21 +149,41 @@ const extractors = ([
         for (let it = 0; it < request.input.body.documents.length; it++) {
           const document = request.input.body.documents[it];
 
-          documents.push({ _id: document._id, _source: document.body });
+          if (request.input.action === 'mUpsert') {
+            documents.push({
+              _id: document._id,
+              _source: document.changes,
+            });
+          }
+          else {
+            documents.push({ _id: document._id, _source: document.body });
+          }
         }
 
         return documents;
       },
       extractFromResult: request => request.result.successes,
       insertInRequest: (documents, request) => {
+        const tmpDocuments = request.input.body.documents;
+
         request.input.body.documents = [];
 
         for (let it = 0; it < documents.length; it++) {
           const document = documents[it];
 
-          request.input.body.documents.push({
-            _id: document._id,
-            body: document._source });
+          if (request.input.action === 'mUpsert') {
+            request.input.body.documents.push({
+              _id: document._id,
+              changes: document._source,
+              default: tmpDocuments[it].default,
+            });
+          }
+          else {
+            request.input.body.documents.push({
+              _id: document._id,
+              body: document._source,
+            });
+          }
         }
 
         return request;
@@ -157,7 +199,7 @@ const extractors = ([
         return request;
       }
     },
-    targets: ['mCreate', 'mCreateOrReplace', 'mReplace', 'mUpdate', 'updateByQuery']
+    targets: [ 'mCreate', 'mCreateOrReplace', 'mReplace', 'mUpdate', 'updateByQuery', 'mUpsert' ]
   },
   {
     methods: {
@@ -177,7 +219,7 @@ const extractors = ([
         return request;
       },
     },
-    targets: ['search', 'deleteByQuery'],
+    targets: [ 'search', 'deleteByQuery', 'export' ],
   },
   {
     methods: {

package/lib/api/funnel.js

@@ -33,6 +33,7 @@ const {
   BulkController,
   ClusterController,
   CollectionController,
+  DebugController,
   DocumentController,
   IndexController,
   MemoryStorageController,
@@ -40,7 +41,7 @@ const {
   SecurityController,
   ServerController,
 } = require('./controllers');
-const documentEventAliases = require('../config/documentEventAliases');
+const { documentEventAliases } = require('../config/documentEventAliases');
 const DocumentExtractor = require('./documentExtractor');
 const sdkCompatibility = require('../config/sdkCompatibility');
 const RateLimiter = require('./rateLimiter');
@@ -115,6 +116,7 @@ class Funnel {
     this.controllers.set('bulk', new BulkController());
     this.controllers.set('cluster', new ClusterController());
     this.controllers.set('collection', new CollectionController());
+    this.controllers.set('debug', new DebugController());
     this.controllers.set('document', new DocumentController());
     this.controllers.set('index', new IndexController());
     this.controllers.set('realtime', new RealtimeController());
@@ -344,19 +346,39 @@ class Funnel {
                     modifiedRequest.id,
                     processResult);
 
-                  callback(null, processResult);
-
-                  // disables a bluebird warning in dev. mode triggered when
-                  // a promise is created and not returned
-                  return null;
+                  return global.kuzzle.pipe(
+                    'request:afterExecution',
+                    { 
+                      request: _request,
+                      result: processResult,
+                      success: true,
+                    })
+                    .then(pipeEvent => { 
+                      callback(null, pipeEvent.result);
+
+                      // disables a bluebird warning in dev. mode triggered when
+                      // a promise is created and not returned
+                      return null;
+                    });
                 }).catch(err => {
                   debug('Error processing request %s: %a', modifiedRequest.id, err);
-                  return this._executeError(err, modifiedRequest, true, callback);
+                  return global.kuzzle.pipe(
+                    'request:afterExecution',
+                    {
+                      error: err,
+                      request: modifiedRequest,
+                      success: false,
+                    }).then(pipeEvent => this._executeError(pipeEvent.error, pipeEvent.request, true, callback));
                 });
             })
             .catch(err => {
               debug('Error processing request %s: %a', req.id, err);
-              return this._executeError(err, req, true, callback);
+              return global.kuzzle.pipe('request:afterExecution',
+                {
+                  error: err,
+                  request: req,
+                  success: false,
+                }).then(pipeEvent => this._executeError(pipeEvent.error, pipeEvent.request, true, callback));
             });
         });
       }, this, request);

package/lib/api/httpRoutes.js

@@ -52,6 +52,12 @@ const routes = [
   { verb: 'get', path: '/credentials/:strategy/_me', controller: 'auth', action: 'getMyCredentials', deprecated: { since: '2.4.0', message: 'Use this route instead: http://kuzzle:7512/_me/credentials/:strategy' } }, // @deprecated
   { verb: 'get', path: '/credentials/:strategy/_me/_exists', controller: 'auth', action: 'credentialsExist', deprecated: { since: '2.4.0', message: 'Use this route instead: http://kuzzle:7512/_me/credentials/:strategy/_exists' } }, // @deprecated
 
+  { verb: 'get', path: '/debug/_nodeVersion', controller: 'debug', action: 'nodeVersion' },
+  { verb: 'post', path: '/debug/_post', controller: 'debug', action: 'post' },
+  { verb: 'post', path: '/debug/_enable', controller: 'debug', action: 'enable' },
+  { verb: 'post', path: '/debug/_disable', controller: 'debug', action: 'disable' },
+
+
   // We need to expose a GET method for "login" action in order to make authentication protocol like Oauth2 or CAS work:
   { verb: 'get', path: '/_login/:strategy', controller: 'auth', action: 'login' },
 

package/lib/api/request/kuzzleRequest.d.ts

@@ -258,6 +258,9 @@ export declare class KuzzleRequest {
     /**
      * Gets a parameter from a request arguments and checks that it is an array
      *
+     * If the request argument is a JSON String instead of an array, it will be parsed
+     * and returned if it is a valid JSON array, otherwise it will @throws {api.assert.invalid_type}.
+     *
      * @param name parameter name
      * @param def default value to return if the parameter is not set
      *
@@ -266,9 +269,29 @@ export declare class KuzzleRequest {
      * @throws {api.assert.invalid_type} If the fetched parameter is not an array
      */
     getArray(name: string, def?: [] | undefined): any[];
+    /**
+     * @deprecated do not use, Use getArray instead
+     *
+     * Gets a parameter from a request arguments and checks that it is an array
+     *
+     * If the request argument is a String instead of an array, it will be JSON parsed
+     * and returned if it is a valid JSON array, otherwise it will return the string splitted on `,`.
+     *
+     *
+     * @param name parameter name
+     * @param def default value to return if the parameter is not set
+     *
+     * @throws {api.assert.missing_argument} If parameter not found and no default
+     *                                       value provided
+     * @throws {api.assert.invalid_type} If the fetched parameter is not an array or a string
+     */
+    getArrayLegacy(name: string, def?: [] | undefined): any[];
     /**
      * Gets a parameter from a request arguments and checks that it is an object
      *
+     * If the request argument is a JSON String instead of an object, it will be parsed
+     * and returned if it is a valid JSON object, otherwise it will @throws {api.assert.invalid_type}.
+     *
      * @param name parameter name
      * @param def default value to return if the parameter is not set
      *
@@ -301,11 +324,15 @@ export declare class KuzzleRequest {
     /**
      * Returns the index specified in the request
      */
-    getIndex(): string;
+    getIndex({ required }?: {
+        required?: boolean;
+    }): string;
     /**
      * Returns the collection specified in the request
      */
-    getCollection(): string;
+    getCollection({ required }?: {
+        required?: boolean;
+    }): string;
     /**
      * Returns the index and collection specified in the request
      */
@@ -343,8 +370,8 @@ export declare class KuzzleRequest {
      */
     getUser(): User | null;
     /**
-    * Returns the search body query according to the http method
-    */
+     * Returns the search body query according to the http method
+     */
     getSearchBody(): JSONObject;
     /**
      * Returns the search params.
@@ -374,6 +401,7 @@ export declare class KuzzleRequest {
      * @param obj container object
      * @param name parameter name
      * @param errorName name to use in error messages
+     * @param querystring if true, the object is expected to be found in a querystring
      */
     private _getBoolean;
     /**
@@ -419,8 +447,13 @@ export declare class KuzzleRequest {
      * @param name parameter name
      * @param errorName name to use in error messages
      * @param def default value
+     * @param querystring if true, the object is expected to be found in a querystring
      */
     private _getObject;
+    /**
+     * Throw `missing_argument` when this one is required
+     */
+    private checkRequired;
 }
 export declare class Request extends KuzzleRequest {
 }