kuzzle 2.49.1 → 2.50.0-beta.4

package/dist/bin/copy-protobuf.js

@@ -0,0 +1,17 @@
+#!/usr/bin/env node
+"use strict";
+const fs = require("fs/promises");
+const path = require("path");
+async function main() {
+    const projectRoot = path.join(__dirname, "..");
+    const sourceDir = path.join(projectRoot, "lib", "cluster", "protobuf");
+    const targetDir = path.join(projectRoot, "dist", "lib", "cluster", "protobuf");
+    await fs.mkdir(targetDir, { recursive: true });
+    await fs.cp(sourceDir, targetDir, { recursive: true });
+}
+main().catch((error) => {
+    // eslint-disable-next-line no-console
+    console.error("Failed to copy protobuf definitions:", error);
+    process.exit(1);
+});
+//# sourceMappingURL=copy-protobuf.js.map

package/dist/lib/api/controllers/adminController.d.ts

@@ -0,0 +1,51 @@
+import { NativeController } from "./baseController";
+import { KuzzleRequest } from "../request";
+import { ResetSecurityResult } from "../../types/controllers/adminControlller.type";
+/**
+ * @class AdminController
+ */
+export default class AdminController extends NativeController {
+    protected shuttingDown: boolean;
+    protected logger: any;
+    constructor();
+    refreshIndexCache(): Promise<void>;
+    /**
+     * Reset Redis cache
+     */
+    resetCache(request: KuzzleRequest): Promise<{
+        acknowledge: boolean;
+    }>;
+    /**
+     * Reset all roles, profiles and users
+     */
+    resetSecurity(): Promise<ResetSecurityResult>;
+    /**
+     * Reset all indexes created by users
+     */
+    resetDatabase(): Promise<{
+        acknowledge: boolean;
+    }>;
+    /**
+     * Generate a dump
+     * Kuzzle will throw a PreconditionError if a dump is already running
+     */
+    dump(request: KuzzleRequest): Promise<{
+        acknowledge: boolean;
+    }>;
+    /**
+     * Shutdown Kuzzle
+     */
+    shutdown(): Promise<{
+        acknowledge: boolean;
+    }>;
+    loadFixtures(request: KuzzleRequest): Promise<any>;
+    loadMappings(request: KuzzleRequest): Promise<{
+        acknowledge: boolean;
+    }>;
+    loadSecurities(request: KuzzleRequest): Promise<{
+        acknowledge: boolean;
+    }>;
+    _waitForAction(waitForRefresh: string, promise: Promise<any>): Promise<{
+        acknowledge: boolean;
+    }>;
+}

package/dist/lib/api/controllers/adminController.js

@@ -0,0 +1,191 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+/*
+ * Kuzzle, a backend software, self-hostable and ready to use
+ * to power modern apps
+ *
+ * Copyright 2015-2022 Kuzzle
+ * mailto: support AT kuzzle.io
+ * website: http://kuzzle.io
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const bluebird_1 = __importDefault(require("bluebird"));
+const kerror = __importStar(require("../../kerror"));
+const baseController_1 = require("./baseController");
+const mutex_1 = require("../../util/mutex");
+/**
+ * @class AdminController
+ */
+class AdminController extends baseController_1.NativeController {
+    constructor() {
+        super([
+            "dump",
+            "loadFixtures",
+            "loadMappings",
+            "loadSecurities",
+            "refreshIndexCache",
+            "resetCache",
+            "resetDatabase",
+            "resetSecurity",
+            "shutdown",
+        ]);
+        this.shuttingDown = false;
+        this.logger = global.kuzzle.log.child("api:controllers:admin");
+    }
+    async refreshIndexCache() {
+        await global.kuzzle.ask("core:storage:public:cache:refresh");
+    }
+    /**
+     * Reset Redis cache
+     */
+    async resetCache(request) {
+        const database = request.getString("database");
+        // @todo allow only memoryStorage
+        if (database === "internalCache") {
+            await this.ask("core:cache:internal:flushdb");
+        }
+        else if (database === "memoryStorage") {
+            await this.ask("core:cache:public:flushdb");
+        }
+        else {
+            throw kerror.get("services", "cache", "database_not_found", database);
+        }
+        return { acknowledge: true };
+    }
+    /**
+     * Reset all roles, profiles and users
+     */
+    async resetSecurity() {
+        const mutex = new mutex_1.Mutex("resetSecurity", { timeout: 0 });
+        if (!(await mutex.lock())) {
+            throw kerror.get("api", "process", "action_locked", "Kuzzle is already reseting roles, profiles and users.");
+        }
+        const result = {};
+        try {
+            const options = { refresh: "wait_for" };
+            result.deletedUsers = await this.ask("core:security:user:truncate", options);
+            result.deletedProfiles = await this.ask("core:security:profile:truncate", options);
+            result.deletedRoles = await this.ask("core:security:role:truncate", options);
+            await global.kuzzle.internalIndex.createInitialSecurities();
+            await this.ask("core:cache:internal:del", `backend:init:import:permissions`);
+        }
+        finally {
+            await mutex.unlock();
+        }
+        return result;
+    }
+    /**
+     * Reset all indexes created by users
+     */
+    async resetDatabase() {
+        const mutex = new mutex_1.Mutex("resetDatabase", { timeout: 0 });
+        if (!(await mutex.lock())) {
+            throw kerror.get("api", "process", "action_locked", "Kuzzle is already reseting all indexes.");
+        }
+        try {
+            const indexes = await this.ask("core:storage:public:index:list");
+            await this.ask("core:storage:public:index:mDelete", indexes);
+            await this.ask("core:cache:internal:del", `backend:init:import:mappings`);
+            return { acknowledge: true };
+        }
+        finally {
+            await mutex.unlock();
+        }
+    }
+    /**
+     * Generate a dump
+     * Kuzzle will throw a PreconditionError if a dump is already running
+     */
+    dump(request) {
+        const waitForRefresh = request.getRefresh("wait_for");
+        const suffix = request.getString("suffix", "manual-api-action");
+        const promise = global.kuzzle.dump(suffix);
+        return this._waitForAction(waitForRefresh, promise);
+    }
+    /**
+     * Shutdown Kuzzle
+     */
+    async shutdown() {
+        if (this.shuttingDown) {
+            throw kerror.get("api", "process", "action_locked", "Kuzzle is already shutting down.");
+        }
+        global.kuzzle.shutdown();
+        return { acknowledge: true };
+    }
+    loadFixtures(request) {
+        const fixtures = request.getBody();
+        const refresh = request.getRefresh("wait_for");
+        return global.kuzzle.ask("core:storage:public:document:import", fixtures, {
+            refresh,
+        });
+    }
+    loadMappings(request) {
+        const mappings = request.getBody();
+        return this._waitForAction(request.getRefresh("wait_for"), global.kuzzle.ask("core:storage:public:mappings:import", mappings, {
+            rawMappings: true,
+        }));
+    }
+    async loadSecurities(request) {
+        const permissions = request.getBody();
+        const user = request.getUser();
+        const onExistingUsers = request.input.args.onExistingUsers;
+        const force = request.getBoolean("force");
+        const waitForRefresh = request.getRefresh("wait_for");
+        const promise = this.ask("core:security:load", permissions, {
+            force,
+            onExistingUsers,
+            refresh: waitForRefresh,
+            user,
+        });
+        return this._waitForAction(waitForRefresh, promise);
+    }
+    _waitForAction(waitForRefresh, promise) {
+        const result = { acknowledge: true };
+        if (waitForRefresh === "false") {
+            // Attaching an error handler to the provided promise to prevent
+            // uncaught rejections
+            promise.catch((err) => this.logger.error(err));
+            return bluebird_1.default.resolve(result);
+        }
+        return promise.then(() => result);
+    }
+}
+exports.default = AdminController;
+//# sourceMappingURL=adminController.js.map

package/{lib → dist/lib}/api/controllers/authController.d.ts

@@ -1,7 +1,9 @@
 import Bluebird from "bluebird";
 import { KuzzleRequest } from "../request";
 import { NativeController } from "./baseController";
-export declare class AuthController extends NativeController {
+import { User } from "../../model/security/user";
+import { Token } from "../../model/security/token";
+export default class AuthController extends NativeController {
     private anonymousId;
     private readonly logger;
     /**
@@ -15,7 +17,7 @@ export declare class AuthController extends NativeController {
      *
      * @returns {Promise}
      */
-    init(): Promise<void>;
+    init(): Promise<any>;
     createToken(request: KuzzleRequest): Promise<{
         expiresAt: number;
         singleUse: boolean;
@@ -25,26 +27,26 @@ export declare class AuthController extends NativeController {
     /**
      * Checks if an API action can be executed by the current user
      */
-    checkRights(request: any): Promise<{
-        allowed: any;
+    checkRights(request: KuzzleRequest): Promise<{
+        allowed: boolean;
     }>;
     /**
      * Creates a new API key for the user
      * @param {KuzzleRequest} request
      */
-    createApiKey(request: any): Promise<any>;
+    createApiKey(request: KuzzleRequest): Promise<any>;
     /**
      * Search in the user API keys
      */
-    searchApiKeys(request: any): Promise<{
-        hits: any;
-        total: any;
+    searchApiKeys(request: KuzzleRequest): Promise<{
+        hits: any[];
+        total: number;
     }>;
     /**
      * Deletes an API key
      */
-    deleteApiKey(request: any): Promise<{
-        _id: any;
+    deleteApiKey(request: KuzzleRequest): Promise<{
+        _id: string;
     }>;
     /**
      * Logs the current user out
@@ -52,20 +54,8 @@ export declare class AuthController extends NativeController {
      * @param {KuzzleRequest} request
      * @returns {Promise<object>}
      */
-    logout(request: any): Promise<{
-        acknowledged: boolean;
-    }>;
-    _sendToken(token: any, request: any): Promise<{
-        _id: any;
-        expiresAt: any;
-        ttl: any;
-        jwt?: undefined;
-    } | {
-        _id: any;
-        expiresAt: any;
-        jwt: any;
-        ttl: any;
-    }>;
+    logout(request: KuzzleRequest): Promise<object>;
+    _sendToken(token: Token, request: KuzzleRequest): Promise<Token>;
     /**
      * Attempts a login with request informations against the provided strategy;
      * local is used if strategy is not provided.
@@ -73,21 +63,21 @@ export declare class AuthController extends NativeController {
      * @param {KuzzleRequest} request
      * @returns {Promise<Token>}
      */
-    login(request: any): Promise<any>;
+    login(request: KuzzleRequest): Promise<Token>;
     /**
      * Returns the user identified by the given jwt token
      *
      * @param {KuzzleRequest} request
      * @returns {Promise<Object>}
      */
-    getCurrentUser(request: any): Bluebird<any>;
+    getCurrentUser(request: KuzzleRequest): Promise<object>;
     /**
      * Returns the rights of the user identified by the given jwt token
      *
      * @param {KuzzleRequest} request
      * @returns {Promise<object>}
      */
-    getMyRights(request: any): any;
+    getMyRights(request: KuzzleRequest): Promise<object>;
     /**
      * Checks the validity of a token.
      *
@@ -111,13 +101,13 @@ export declare class AuthController extends NativeController {
      * @param {KuzzleRequest} request
      * @returns {Promise<object>}
      */
-    updateSelf(request: any): Promise<any>;
+    updateSelf(request: any): Promise<import("../../types/core/auth/formatProcessing.type").Serialized<User>>;
     /**
      * List authentication strategies
      *
      * @returns {Promise.<string[]>}
      */
-    getStrategies(): Bluebird<any>;
+    getStrategies(): Bluebird<string[]>;
     /**
      * @param {KuzzleRequest} request
      * @returns {Promise.<Object>}
@@ -151,16 +141,6 @@ export declare class AuthController extends NativeController {
     /**
      * @param {KuzzleRequest} request
      */
-    refreshToken(request: any): Promise<{
-        _id: any;
-        expiresAt: any;
-        ttl: any;
-        jwt?: undefined;
-    } | {
-        _id: any;
-        expiresAt: any;
-        jwt: any;
-        ttl: any;
-    }>;
+    refreshToken(request: any): Promise<Token>;
     assertIsAuthenticated(request: any): void;
 }

package/{lib → dist/lib}/api/controllers/authController.js

@@ -26,7 +26,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthController = void 0;
 /*
  * Kuzzle, a backend software, self-hostable and ready to use
  * to power modern apps
@@ -87,8 +86,8 @@ class AuthController extends baseController_1.NativeController {
             "updateSelf",
             "validateMyCredentials",
         ]);
-        this.logger = global.kuzzle.log.child("api:controllers:auth");
         this.anonymousId = null;
+        this.logger = global.kuzzle.log.child("api:controllers:auth");
     }
     /**
      * Controller initialization: we need the anonymous user identifier for the
@@ -225,6 +224,12 @@ class AuthController extends baseController_1.NativeController {
     }
     // Used to send the Token using different ways when in cookieAuth mode. (DRY)
     async _sendToken(token, request) {
+        const tokenResponse = {
+            _id: token.userId,
+            expiresAt: token.expiresAt,
+            jwt: token.jwt,
+            ttl: token.ttl,
+        };
         // Only if the support of Browser Cookie as Authentication Token is enabled
         // otherwise we should send a normal response because
         // even if the SDK / Browser can handle the cookie,
@@ -244,18 +249,9 @@ class AuthController extends baseController_1.NativeController {
                     }),
                 },
             });
-            return {
-                _id: token.userId,
-                expiresAt: token.expiresAt,
-                ttl: token.ttl,
-            };
+            delete tokenResponse.jwt;
         }
-        return {
-            _id: token.userId,
-            expiresAt: token.expiresAt,
-            jwt: token.jwt,
-            ttl: token.ttl,
-        };
+        return tokenResponse;
     }
     /**
      * Attempts a login with request informations against the provided strategy;
@@ -331,8 +327,13 @@ class AuthController extends baseController_1.NativeController {
      * @param {KuzzleRequest} request
      * @returns {Promise<Object>}
      */
-    getCurrentUser(request) {
-        const userId = request.context.token.userId, formattedUser = formatProcessing_1.default.serializeUser(request.context.user), promises = [];
+    async getCurrentUser(request) {
+        const promises = [];
+        const userId = request.context.token.userId;
+        const formattedUser = {
+            ...formatProcessing_1.default.serializeUser(request.context.user),
+            strategies: [],
+        };
         if (this.anonymousId === userId) {
             promises.push(bluebird_1.default.resolve([]));
         }
@@ -344,12 +345,11 @@ class AuthController extends baseController_1.NativeController {
                     .catch((err) => wrapPluginError(err)));
             }
         }
-        return bluebird_1.default.all(promises).then((strategies) => {
-            if (strategies.length > 0) {
-                formattedUser.strategies = strategies.filter((item) => item !== null);
-            }
-            return formattedUser;
-        });
+        const strategies = await bluebird_1.default.all(promises);
+        if (strategies.length > 0) {
+            formattedUser.strategies = strategies.filter((item) => item !== null);
+        }
+        return formattedUser;
     }
     /**
      * Returns the rights of the user identified by the given jwt token
@@ -359,7 +359,7 @@ class AuthController extends baseController_1.NativeController {
      */
     getMyRights(request) {
         return request.context.user
-            .getRights(global.kuzzle)
+            .getRights()
             .then((rights) => Object.keys(rights).reduce((array, item) => array.concat(rights[item]), []))
             .then((rights) => ({ hits: rights, total: rights.length }));
     }
@@ -505,12 +505,11 @@ class AuthController extends baseController_1.NativeController {
         }
     }
 }
-exports.AuthController = AuthController;
+exports.default = AuthController;
 function wrapPluginError(error) {
     if (!(error instanceof errors_1.KuzzleError)) {
         throw kerror.getFrom(error, "plugin", "runtime", "unexpected_error", error.message);
     }
     throw error;
 }
-module.exports = AuthController;
 //# sourceMappingURL=authController.js.map

package/dist/lib/api/controllers/bulkController.d.ts

@@ -0,0 +1,46 @@
+export = BulkController;
+/**
+ * @class BulkController
+ */
+declare class BulkController extends NativeController {
+    constructor();
+    /**
+     * Perform a bulk import
+     *
+     * @param {Request} request
+     * @returns {Promise}
+     */
+    import(request: Request): Promise<any>;
+    /**
+     * Write a document without adding metadata or performing data validation.
+     */
+    write(request: any): Promise<{
+        _id: any;
+        _source: any;
+        _version: any;
+    }>;
+    /**
+     * Write several documents without adding metadata or performing data validation.
+     */
+    mWrite(request: any): Promise<{
+        errors: any;
+        successes: any;
+    }>;
+    /**
+     * Directly deletes every documents matching the search query without:
+     *  - applying max documents write limit
+     *  - fetching deleted documents
+     *  - triggering realtime notifications
+     */
+    deleteByQuery(request: any): Promise<{
+        deleted: any;
+    }>;
+    /**
+     * Directly update every document matching the search query without:
+     *  - Applying max documents write limit
+     *  - Injecting Kuzzle metadata
+     *  - Triggering realtime notifications
+     */
+    updateByQuery(request: any): Promise<any>;
+}
+import { NativeController } from "./baseController";

package/dist/lib/api/controllers/bulkController.js

@@ -0,0 +1,132 @@
+/*
+ * Kuzzle, a backend software, self-hostable and ready to use
+ * to power modern apps
+ *
+ * Copyright 2015-2022 Kuzzle
+ * mailto: support AT kuzzle.io
+ * website: http://kuzzle.io
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+"use strict";
+const { NativeController } = require("./baseController");
+const actionEnum = require("../../core/realtime/actionEnum");
+const kerror = require("../../kerror");
+/**
+ * @class BulkController
+ */
+class BulkController extends NativeController {
+    constructor() {
+        super(["import", "write", "mWrite", "deleteByQuery", "updateByQuery"]);
+    }
+    /**
+     * Perform a bulk import
+     *
+     * @param {Request} request
+     * @returns {Promise}
+     */
+    async import(request) {
+        const userId = request.getKuid();
+        const { index, collection } = request.getIndexAndCollection();
+        const strict = request.getBoolean("strict");
+        const refresh = request.getRefresh();
+        const bulkData = request.getBodyArray("bulkData");
+        const options = {
+            refresh,
+            userId,
+        };
+        const { items, errors } = await this.ask("core:storage:public:document:bulk", index, collection, bulkData, options);
+        if (strict && errors.length) {
+            throw kerror.get("api", "process", "incomplete_multiple_request", "import", errors);
+        }
+        // @todo next major release: if (successes.length === 0) then throw (no matter strict value)
+        return {
+            errors,
+            successes: items,
+        };
+    }
+    /**
+     * Write a document without adding metadata or performing data validation.
+     */
+    async write(request) {
+        const { index, collection } = request.getIndexAndCollection();
+        const id = request.getId({ ifMissing: "ignore" });
+        const content = request.getBody();
+        const refresh = request.getRefresh();
+        const notify = request.getBoolean("notify");
+        const result = await this.ask("core:storage:public:document:createOrReplace", index, collection, id, content, { injectKuzzleMeta: false, refresh });
+        if (notify) {
+            await this.ask("core:realtime:document:notify", request, actionEnum.WRITE, result);
+        }
+        return {
+            _id: result._id,
+            _source: result._source,
+            _version: result._version,
+        };
+    }
+    /**
+     * Write several documents without adding metadata or performing data validation.
+     */
+    async mWrite(request) {
+        const { index, collection } = request.getIndexAndCollection();
+        const documents = request.getBodyArray("documents");
+        const strict = request.getBoolean("strict");
+        const refresh = request.getRefresh();
+        const notify = request.getBoolean("notify");
+        const { items, errors } = await this.ask("core:storage:public:document:mCreateOrReplace", index, collection, documents, { injectKuzzleMeta: false, limits: false, refresh });
+        if (strict && errors.length) {
+            throw kerror.get("api", "process", "incomplete_multiple_request", "write", errors);
+        }
+        // @todo next major release: if (successes.length === 0) then throw (no matter strict value)
+        if (notify) {
+            await global.kuzzle.ask("core:realtime:document:mNotify", request, actionEnum.WRITE, items);
+        }
+        const successes = items.map((item) => ({
+            _id: item._id,
+            _source: item._source,
+            _version: item._version,
+        }));
+        return {
+            errors,
+            successes,
+        };
+    }
+    /**
+     * Directly deletes every documents matching the search query without:
+     *  - applying max documents write limit
+     *  - fetching deleted documents
+     *  - triggering realtime notifications
+     */
+    async deleteByQuery(request) {
+        const { index, collection } = request.getIndexAndCollection();
+        const query = request.getBodyObject("query");
+        const refresh = request.getRefresh();
+        const { deleted } = await this.ask("core:storage:public:document:deleteByQuery", index, collection, query, { fetch: false, refresh, size: -1 });
+        return { deleted };
+    }
+    /**
+     * Directly update every document matching the search query without:
+     *  - Applying max documents write limit
+     *  - Injecting Kuzzle metadata
+     *  - Triggering realtime notifications
+     */
+    async updateByQuery(request) {
+        const { index, collection } = request.getIndexAndCollection();
+        const query = request.getBodyObject("query");
+        const changes = request.getBodyObject("changes");
+        const refresh = request.getRefresh();
+        return this.ask("core:storage:public:bulk:updateByQuery", index, collection, query, changes, { refresh });
+    }
+}
+module.exports = BulkController;
+//# sourceMappingURL=bulkController.js.map

package/dist/lib/api/controllers/clusterController.d.ts

@@ -0,0 +1,6 @@
+export = ClusterController;
+declare class ClusterController extends NativeController {
+    constructor();
+    status(): Promise<any>;
+}
+import { NativeController } from "./baseController";