meadow-endpoints 2.0.12 → 3.0.0

package/Dockerfile

@@ -0,0 +1,32 @@
+# Use the codercom/code-server image
+FROM codercom/code-server:latest
+MAINTAINER steven velozo
+
+VOLUME /home/coder/.config
+VOLUME /home/coder/.vscode
+
+RUN echo "...installing debian dependencies..."
+RUN sudo apt update
+RUN sudo apt install vim curl tmux -y
+
+RUN echo "Building RETOLD development image..."
+
+
+RUN echo "...mapping library specific volumes..."
+# Volume mappings for RETOLD:Meadow Endpoints library
+VOLUME /home/coder/meadow-endpoints
+# VOLUME /home/coder/meadow-endpoints/node_modules
+
+SHELL ["/bin/bash", "-c"]
+USER coder
+
+RUN echo "...installing node version manager..."
+# Because there is a .bashrc chicken/egg problem, we will create one here to simulate logging in.  This is not great.
+RUN touch ~/.bashrc && chmod +x ~/.bashrc
+RUN curl https://raw.githubusercontent.com/creationix/nvm/master/install.sh | bash
+
+RUN echo "...installing node version 14 as the default..."
+RUN . ~/.nvm/nvm.sh && source ~/.bashrc && nvm install 14
+RUN . ~/.nvm/nvm.sh && source ~/.bashrc && nvm alias default 14
+
+WORKDIR /home/coder/meadow-endpoints

package/README.md

@@ -16,4 +16,33 @@ The design philosophy is not to cover every possible use case, but to cover the
 
 To best use this library, it should be in conjunction with [stricture](https://github.com/stevenvelozo/stricture) and [orator](https://github.com/stevenvelozo/orator).
 
-Multiple organizations have been using these libraries in medium to high load production environments for over a year.
+
+### Docker Development Environment
+
+1. Run this command to build this image:
+```
+docker build ./ -t retold/meadow-endpoints:local
+```
+
+alternatively you can use npm to run this
+
+```
+npm run docker-dev-build-image
+```
+
+2. Run this command to build the local container:
+```
+docker run -it --name meadow-endpoints-dev -p 127.0.0.1:12343:8080 -v "$PWD/.config:/home/coder/.config"  -v "$PWD:/home/coder/meadow-endpoints" -u "$(id -u):$(id -g)" -e "DOCKER_USER=$USER" retold/meadow-endpoints:local
+```
+
+alternatively you can use npm to run this
+
+```
+npm run docker-dev-run
+```
+
+3. Go to http://localhost:12343/ in a web browser
+
+4. The password is "retold"
+
+5. Right now you (may) need to delete the `node_modules` folders and regenerate it for Linux.

package/package.json

@@ -1,12 +1,32 @@
 {
   "name": "meadow-endpoints",
-  "version": "2.0.12",
+  "version": "3.0.0",
   "description": "Automatic API endpoints for Meadow data.",
   "main": "source/Meadow-Endpoints.js",
   "scripts": {
     "start": "node source/Meadow-Endpoints.js",
     "coverage": "nyc npm run test && nyc report --reporter=lcov",
-    "test": "./node_modules/mocha/bin/_mocha --exit -u tdd -R spec"
+    "test": "./node_modules/.bin/mocha --exit -u tdd -R spec",
+    "docker-dev-build-image": "docker build ./ -t retold/meadow-endpoints:local",
+    "docker-dev-run": "docker run -it -d --name meadow-endpoints-dev -p 127.0.0.1:12343:8080 -v \"$PWD/.config:/home/coder/.config\"  -v \"$PWD:/home/coder/meadow-endpoints\" -u \"$(id -u):$(id -g)\" -e \"DOCKER_USER=$USER\" retold/meadow-endpoints:local"
+  },
+  "mocha": {
+    "diff": true,
+    "extension": [
+      "js"
+    ],
+    "package": "./package.json",
+    "reporter": "spec",
+    "slow": "75",
+    "timeout": "5000",
+    "ui": "tdd",
+    "watch-files": [
+      "source/**/*.js",
+      "test/**/*.js"
+    ],
+    "watch-ignore": [
+      "lib/vendor"
+    ]
   },
   "repository": {
     "type": "git",
@@ -24,18 +44,18 @@
   "homepage": "https://github.com/stevenvelozo/meadow-endpoints",
   "devDependencies": {
     "chai": "4.1.2",
-    "codeclimate-test-reporter": "0.5.0",
-    "coveralls": "3.0.2",
+    "chance": "^1.1.8",
     "fable": "^2.0.1",
-    "mocha": "5.2.0",
+    "mocha": "9.2.2",
+    "mysql2": "1.6.1",
     "nyc": "^15.1.0",
     "supertest": "3.1.0"
   },
   "dependencies": {
     "async": "2.6.1",
     "JSONStream": "^1.3.5",
-    "meadow": "~1.0.30",
-    "mysql2": "1.6.1",
+    "meadow": "~1.0.32",
+    "meadow-filter": "^1.0.1",
     "orator": "~2.0.2",
     "underscore": "1.9.1"
   }

package/source/Meadow-Authenticator.js

@@ -1,21 +1,31 @@
 /**
- * Check that a user is logged in
+ * Check that a user is logged in, if enabled
  *
- * @method checkAuthentication
+ * @method getAuthenticator
  */
-var checkAuthentication = function(pRequest, pResponse, fNext)
+const getAuthenticator = (pAuthenticatorMode) =>
 {
-	if (!pRequest.UserSession.LoggedIn)
+	if (pAuthenticatorMode === 'Disabled')
 	{
-		pRequest.EndpointAuthenticated = false;
+		return (pRequest, pResponse, fNext) =>
+		{
+			pRequest.EndpointAuthenticated = true;
+			fNext();
+		};
 	}
-	else
+	return (pRequest, pResponse, fNext) =>
 	{
-		pRequest.EndpointAuthenticated = true;
-	}
+		if (!pRequest.UserSession.LoggedIn)
+		{
+			pRequest.EndpointAuthenticated = false;
+		}
+		else
+		{
+			pRequest.EndpointAuthenticated = true;
+		}
 
-	// This doesn't call next in chain because SendError does that for us.
-	fNext();
+		fNext();
+	}
 };
 
-module.exports = checkAuthentication;
+module.exports = getAuthenticator;

package/source/Meadow-Authorizers.js

@@ -19,6 +19,8 @@ var MeadowAuthorizers = function()
 			return {new: createNew};
 		}
 
+		const _AuthorizationMode = pMeadow.fable.settings.MeadowAuthorizationMode || 'Disabled';
+
 		// An object to hold modifications to specific authorizers.
 		var _AuthorizerFunctions = {};
 
@@ -44,12 +46,14 @@ var MeadowAuthorizers = function()
 			_AuthorizerFunctions[pAuthorizerHash] = fAuthorizer;
 		};
 
-
-		// Map in the default authorizers
-		setAuthorizer('Allow', require(__dirname+'/authorizers/Meadow-Authorizer-Allow.js'));
-		setAuthorizer('Deny', require(__dirname+'/authorizers/Meadow-Authorizer-Deny.js'));
-		setAuthorizer('Mine', require(__dirname+'/authorizers/Meadow-Authorizer-Mine.js'));
-		setAuthorizer('MyCustomer', require(__dirname+'/authorizers/Meadow-Authorizer-MyCustomer.js'));
+		if (_AuthorizationMode === 'SimpleOwnership')
+		{
+			// Map in the authorizers for simple ownership mode
+			setAuthorizer('Allow', require(__dirname+'/authorizers/Meadow-Authorizer-Allow.js'));
+			setAuthorizer('Deny', require(__dirname+'/authorizers/Meadow-Authorizer-Deny.js'));
+			setAuthorizer('Mine', require(__dirname+'/authorizers/Meadow-Authorizer-Mine.js'));
+			setAuthorizer('MyCustomer', require(__dirname+'/authorizers/Meadow-Authorizer-MyCustomer.js'));
+		}
 
 
 		/**
@@ -65,6 +69,13 @@ var MeadowAuthorizers = function()
 				pRequest.MeadowAuthorization = true;
 			}
 
+			// authorize all behaviors if authorization is disabled
+			if (_AuthorizationMode === 'Disabled')
+			{
+				return fComplete();
+			}
+
+			//FIXME: Get rid of this...
 			if (pRequest.Satchel &&
 				pRequest.Satchel.AuthorizeOverride)
 				return fComplete(false);
@@ -125,10 +136,15 @@ var MeadowAuthorizers = function()
 				pRequest.MeadowAuthorization = true;
 			}
 
+			// authorize all behaviors if authorization is disabled
+			if (_AuthorizationMode === 'Disabled')
+			{
+				return fComplete();
+			}
+
 			// Attach authorizer hash in case the invoked authorizer needs the endpoint context
 			pRequest.EndpointHash = pRequestHash;
 
-
 			// See if there is an authorizer collection for the role of the user
 			var tmpRoleAuthorizer = pRequest.DAL.schemaFull.authorizer[pRequest.DAL.getRoleName(pRequest.UserSession.UserRoleIndex)];
 			if (!tmpRoleAuthorizer)

package/source/Meadow-CommonServices.js

@@ -8,7 +8,7 @@
 */
 var MeadowCommonServices = function()
 {
-	function createNew(pMeadow)
+	function createNew(pMeadow, pAuthenticationMode)
 	{
 		// If a valid fable object isn't passed in, return a constructor
 		if ((typeof(pMeadow) !== 'object') || !('fable' in pMeadow))
@@ -17,6 +17,7 @@ var MeadowCommonServices = function()
 		}
 
 		var _Meadow = pMeadow;
+		const _AuthenticationMode = pAuthenticationMode;
 		var _Log = _Meadow.fable.log;
 
 		var libRestify = require('restify');
@@ -106,21 +107,25 @@ var MeadowCommonServices = function()
 			}
 
 			// Check that the user has a valid ID.
-			var tmpIDUser = pRequest.UserSession.UserID;
-			if (tmpIDUser < 1)
+			if (_AuthenticationMode !== 'Disabled')
 			{
-				_Log.warn('Invalid session when attempting to get a secured resource - IDUser is not valid.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APISecurity'}, pRequest);
-				sendNotAuthorized('You must be authenticated to access this resource.', pRequest, pResponse, fNext);
-				return false;
-			}
-
-			// Check that the authentication level is valid.
-			if (pRequest.UserSession.UserRoleIndex < pRequest.EndpointAuthorizationRequirement)
-			{
-				_Log.warn('Invalid permission level when attempting to get a secured resource.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APISecurity', RequiredUserLevel:pRequest.EndpointAuthorizationRequirement, 				ActualUserLevel:pRequest.UserSession.UserRoleIndex}, pRequest);
-				// TODO: Send the proper http status code
-				sendNotAuthorized('You must be appropriately authenticated to access this resource.', pRequest, pResponse, fNext);
-				return false;
+				//TODO: do we need this code anymore?
+				const tmpIDUser = pRequest.UserSession.UserID;
+				if (tmpIDUser < 1)
+				{
+					_Log.warn('Invalid session when attempting to get a secured resource - IDUser is not valid.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APISecurity'}, pRequest);
+					sendNotAuthorized('You must be authenticated to access this resource.', pRequest, pResponse, fNext);
+					return false;
+				}
+
+				// Check that the authentication level is valid.
+				if (pRequest.UserSession.UserRoleIndex < pRequest.EndpointAuthorizationRequirement)
+				{
+					_Log.warn('Invalid permission level when attempting to get a secured resource.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APISecurity', RequiredUserLevel:pRequest.EndpointAuthorizationRequirement, 				ActualUserLevel:pRequest.UserSession.UserRoleIndex}, pRequest);
+					// TODO: Send the proper http status code
+					sendNotAuthorized('You must be appropriately authenticated to access this resource.', pRequest, pResponse, fNext);
+					return false;
+				}
 			}
 
 			return true;

package/source/Meadow-Endpoints.js

@@ -7,9 +7,6 @@
 * @module Meadow
 */
 
-//Meadow needs to connect some general route handlers, this ensures it is done lazily, and only once.
-var _AttachedRequestHandlers = false;
-
 /**
 * Meadow Data Broker Library
 *
@@ -31,7 +28,9 @@ var MeadowEndpoints = function()
 		var libAsync = require('async');
 		var libRestRouteParse = require('./Restify-RouteParser.js');
 
-		var _CommonServices = require('./Meadow-CommonServices.js').new(pMeadow);
+		const _AuthenticationMode = _Fable.settings.MeadowAuthenticationMode || 'Disabled';
+
+		var _CommonServices = require('./Meadow-CommonServices.js').new(pMeadow, _AuthenticationMode);
 
 		// This holds any changed behaviors.
 		var _BehaviorModifications = require('./Meadow-BehaviorModifications.js').new(pMeadow);
@@ -40,7 +39,7 @@ var MeadowEndpoints = function()
 		var _Authorizers = require('./Meadow-Authorizers.js').new(pMeadow);
 
 		// This checks that the user is authenticated.  In the future, it will be overloadable.
-		var _Authenticator = require('./Meadow-Authenticator.js');
+		var _Authenticator = require('./Meadow-Authenticator.js')(_AuthenticationMode);
 
 		// The default endpoints
 		var _Endpoints = (
@@ -56,6 +55,7 @@ var MeadowEndpoints = function()
 
 			ReadSelectList: require('./crud/Meadow-Endpoint-ReadSelectList.js'),
 			ReadLiteList: require('./crud/Meadow-Endpoint-ReadLiteList.js'),
+			ReadDistinctList: require('./crud/Meadow-Endpoint-ReadDistinctList.js'),
 
 			Update: require('./crud/Meadow-Endpoint-Update.js'),
 			Updates: require('./crud/Meadow-Endpoint-BulkUpdate.js'),
@@ -172,6 +172,10 @@ var MeadowEndpoints = function()
 			// GET  [/1.0/SomeEndpoint/LiteExtended/:ExtraColumns/:Begin/:Cap]
 			// GET  [/1.0/SomeEndpoint/LiteExtended/:ExtraColumns/FilteredTo/:Filter]
 			// GET  [/1.0/SomeEndpoint/LiteExtended/:ExtraColumns/FilteredTo/:Filter/:Begin/:Cap]
+			// GET  [/1.0/SomeEndpoint/Distinct/:Columns]
+			// GET  [/1.0/SomeEndpoint/Distinct/:Columns/:Begin/:Cap]
+			// GET  [/1.0/SomeEndpoint/Distinct/:Columns/FilteredTo/:Filter]
+			// GET  [/1.0/SomeEndpoint/Distinct/:Columns/FilteredTo/:Filter/:Begin/:Cap]
 
 			Update: true,
 			// PUT [/1.0/SomeEndpoint]
@@ -290,35 +294,40 @@ var MeadowEndpoints = function()
 		var connectRoutes = function(pRestServer)
 		{
 			// TODO: Pull version from the config file.
-			var tmpEndpointVersion = '1.0';
+			const tmpEndpointVersion = _Fable.settings.MeadowEndpointVersion || '1.0';
 			// TODO: Allow the user to override the endpoint "name" eventually.
-			var tmpEndpointName = _Meadow.scope;
+			const tmpEndpointName = _Meadow.scope;
 
-			_Fable.log.trace('Creating endpoint', {Version:tmpEndpointVersion, Name:tmpEndpointName});
+			_Fable.log.trace('Creating endpoint', { Version: tmpEndpointVersion, Name: tmpEndpointName });
 
-			if (!_AttachedRequestHandlers)
+			const tmpEndpointPrefix = `/${tmpEndpointVersion}/${tmpEndpointName}`;
+
+			if (!pRestServer._AttachedMeadowEndpointsRequestHandlers)
 			{
-				_AttachedRequestHandlers = true;
+				pRestServer._AttachedMeadowEndpointsRequestHandlers = true;
 				// Connect the common services to the route
 				pRestServer.use(wireCommonServices);
 
 				// Build formattedParams route parameters
 				pRestServer.use(formatRouteParams);
+
+				// Marshall session data in, if needed / configured
+				pRestServer.use(require('./Meadow-MarshallSessionData')(_Fable));
 			}
 
 			// These special schema services must come in the route table before the READ because they
 			// technically block out the routes for the IDRecord 'Schema' (e.g. /1.0/EntityName/Schema)
 			if (_EnabledBehaviors.Schema)
 			{
-				pRestServer.get('/1.0/'+tmpEndpointName+'/Schema', _EndpointAuthenticators.Schema, wireState, _Endpoints.Schema);
+				pRestServer.get(`${tmpEndpointPrefix}/Schema`, _EndpointAuthenticators.Schema, wireState, _Endpoints.Schema);
 			}
 			if (_EnabledBehaviors.New)
 			{
-				pRestServer.get('/1.0/'+tmpEndpointName+'/Schema/New', _EndpointAuthenticators.New, wireState, _Endpoints.New);
+				pRestServer.get(`${tmpEndpointPrefix}/Schema/New`, _EndpointAuthenticators.New, wireState, _Endpoints.New);
 			}
 			if (_EnabledBehaviors.Validate)
 			{
-				pRestServer.post('/1.0/'+tmpEndpointName+'/Schema/Validate', _CommonServices.bodyParser(), _EndpointAuthenticators.Validate, wireState, _Endpoints.Validate);
+				pRestServer.post(`${tmpEndpointPrefix}/Schema/Validate`, _CommonServices.bodyParser(), _EndpointAuthenticators.Validate, wireState, _Endpoints.Validate);
 			}
 
 			// Custom single record endpoints
@@ -326,52 +335,56 @@ var MeadowEndpoints = function()
 			// Standard CRUD and Count endpoints
 			if (_EnabledBehaviors.Create)
 			{
-				pRestServer.post('/1.0/'+tmpEndpointName, _CommonServices.bodyParser(), _EndpointAuthenticators.Create, wireState, _Endpoints.Create);
-				pRestServer.post('/1.0/'+tmpEndpointName+'s', _CommonServices.bodyParser(), _EndpointAuthenticators.Create, wireState, _Endpoints.Creates);
+				pRestServer.post(`${tmpEndpointPrefix}`, _CommonServices.bodyParser(), _EndpointAuthenticators.Create, wireState, _Endpoints.Create);
+				pRestServer.post(`${tmpEndpointPrefix}s`, _CommonServices.bodyParser(), _EndpointAuthenticators.Create, wireState, _Endpoints.Creates);
 			}
 			if (_EnabledBehaviors.Read)
 			{
-				pRestServer.get('/1.0/'+tmpEndpointName+'/Max/:ColumnName', _EndpointAuthenticators.Read, wireState, _Endpoints.ReadMax);
-				pRestServer.get('/1.0/'+tmpEndpointName+'/:IDRecord', _EndpointAuthenticators.Read, wireState, _Endpoints.Read);
+				pRestServer.get(`${tmpEndpointPrefix}/Max/:ColumnName`, _EndpointAuthenticators.Read, wireState, _Endpoints.ReadMax);
+				pRestServer.get(`${tmpEndpointPrefix}/:IDRecord`, _EndpointAuthenticators.Read, wireState, _Endpoints.Read);
 			}
 			if (_EnabledBehaviors.Reads)
 			{
-				pRestServer.get('/1.0/'+tmpEndpointName+'s', _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/By/:ByField/:ByValue', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadsBy);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/By/:ByField/:ByValue/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadsBy);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/FilteredTo/:Filter', _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/FilteredTo/:Filter/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
-				pRestServer.get('/1.0/'+tmpEndpointName+'Select', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'Select/FilteredTo/:Filter', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'Select/FilteredTo/:Filter/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'Select/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/Lite', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/Lite/FilteredTo/:Filter', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/Lite/FilteredTo/:Filter/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/Lite/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/LiteExtended/:ExtraColumns', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/LiteExtended/:ExtraColumns/FilteredTo/:Filter', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/LiteExtended/:ExtraColumns/FilteredTo/:Filter/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/LiteExtended/:ExtraColumns/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/:Begin/:Cap', _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
+				pRestServer.get(`${tmpEndpointPrefix}s`, _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
+				pRestServer.get(`${tmpEndpointPrefix}s/By/:ByField/:ByValue`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadsBy);
+				pRestServer.get(`${tmpEndpointPrefix}s/By/:ByField/:ByValue/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadsBy);
+				pRestServer.get(`${tmpEndpointPrefix}s/FilteredTo/:Filter`, _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
+				pRestServer.get(`${tmpEndpointPrefix}s/FilteredTo/:Filter/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
+				pRestServer.get(`${tmpEndpointPrefix}Select`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
+				pRestServer.get(`${tmpEndpointPrefix}Select/FilteredTo/:Filter`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
+				pRestServer.get(`${tmpEndpointPrefix}Select/FilteredTo/:Filter/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
+				pRestServer.get(`${tmpEndpointPrefix}Select/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadSelectList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Lite`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Lite/FilteredTo/:Filter`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Lite/FilteredTo/:Filter/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Lite/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/LiteExtended/:ExtraColumns`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/LiteExtended/:ExtraColumns/FilteredTo/:Filter`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/LiteExtended/:ExtraColumns/FilteredTo/:Filter/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/LiteExtended/:ExtraColumns/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadLiteList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Distinct/:Columns`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadDistinctList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Distinct/:Columns/FilteredTo/:Filter`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadDistinctList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Distinct/:Columns/FilteredTo/:Filter/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadDistinctList);
+				pRestServer.get(`${tmpEndpointPrefix}s/Distinct/:Columns/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.ReadDistinctList);
+				pRestServer.get(`${tmpEndpointPrefix}s/:Begin/:Cap`, _EndpointAuthenticators.Reads, wireState, _Endpoints.Reads);
 			}
 			if (_EnabledBehaviors.Update)
 			{
-				pRestServer.put('/1.0/'+tmpEndpointName, _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Update);
-				pRestServer.put('/1.0/'+tmpEndpointName+'s', _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Updates);
-				pRestServer.put('/1.0/'+tmpEndpointName+'/Upsert', _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Upsert);
-				pRestServer.put('/1.0/'+tmpEndpointName+'/Upserts', _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Upserts);
+				pRestServer.put(`${tmpEndpointPrefix}`, _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Update);
+				pRestServer.put(`${tmpEndpointPrefix}s`, _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Updates);
+				pRestServer.put(`${tmpEndpointPrefix}/Upsert`, _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Upsert);
+				pRestServer.put(`${tmpEndpointPrefix}/Upserts`, _CommonServices.bodyParser(), _EndpointAuthenticators.Update, wireState, _Endpoints.Upserts);
 			}
 			if (_EnabledBehaviors.Delete)
 			{
-				pRestServer.del('/1.0/'+tmpEndpointName, _CommonServices.bodyParser(), _EndpointAuthenticators.Delete, wireState, _Endpoints.Delete);
-				pRestServer.del('/1.0/'+tmpEndpointName+'/:IDRecord', _EndpointAuthenticators.Delete, wireState, _Endpoints.Delete);
+				pRestServer.del(`${tmpEndpointPrefix}`, _CommonServices.bodyParser(), _EndpointAuthenticators.Delete, wireState, _Endpoints.Delete);
+				pRestServer.del(`${tmpEndpointPrefix}/:IDRecord`, _EndpointAuthenticators.Delete, wireState, _Endpoints.Delete);
 			}
 			if (_EnabledBehaviors.Count)
 			{
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/Count', _EndpointAuthenticators.Count, wireState, _Endpoints.Count);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/Count/By/:ByField/:ByValue', _EndpointAuthenticators.Count, wireState, _Endpoints.CountBy);
-				pRestServer.get('/1.0/'+tmpEndpointName+'s/Count/FilteredTo/:Filter', _EndpointAuthenticators.Count, wireState, _Endpoints.Count);
+				pRestServer.get(`${tmpEndpointPrefix}s/Count`, _EndpointAuthenticators.Count, wireState, _Endpoints.Count);
+				pRestServer.get(`${tmpEndpointPrefix}s/Count/By/:ByField/:ByValue`, _EndpointAuthenticators.Count, wireState, _Endpoints.CountBy);
+				pRestServer.get(`${tmpEndpointPrefix}s/Count/FilteredTo/:Filter`, _EndpointAuthenticators.Count, wireState, _Endpoints.Count);
 			}
 		};
 
@@ -493,7 +506,7 @@ var MeadowEndpoints = function()
 
 			connectRoutes: connectRoutes,
 
-			parseFilter: require(__dirname+'/crud/Meadow-Filter-Parse.js'),
+			parseFilter: require('meadow-filter').parse,
 
 			// Expose the DAL
 			DAL: _Meadow,

package/source/Meadow-MarshallSessionData.js

@@ -0,0 +1,64 @@
+/**
+* Meadow Session Marshaller - Extract session data based on configuration.
+*
+* @license MIT
+*
+* @author Alex Decker <alex.decker@headlight.com>
+* @module Meadow
+*/
+
+module.exports = (pFable) =>
+{
+	const _Fable = pFable;
+	const _SessionDataSource = _Fable.settings.MeadowEndpointsSessionDataSource || 'Request';
+
+	return (pRequest, pResponse, fNext) =>
+	{
+		let session;
+
+		switch (_SessionDataSource)
+		{
+		default:
+			_Fable.log.warn(`Unknown session source configured: ${_SessionDataSource} - defaulting to Request for backward compatibility`);
+		case 'Request':
+			// noop - already set by orator-session
+			session = pRequest.UserSession;
+			break;
+		case 'None':
+			break;
+		case 'Header':
+			try
+			{
+				const sessionStr = pRequest.headers['x-trusted-session'];
+				if (!sessionStr)
+				{
+					break;
+				}
+				session = JSON.parse(sessionStr);
+			}
+			catch (pError)
+			{
+				_Fable.log.error('Error marshalling session data from header.', { Error: pError.message, Stack: pError.stack });
+			}
+			break;
+		}
+
+		if (!session)
+		{
+			// blank session so things don't break, for now
+			session =
+			{
+				SessionID: '',
+				UserID: 0,
+				UserRole: '',
+				UserRoleIndex: 0,
+				LoggedIn: false,
+				DeviceID: '',
+				CustomerID: 0,
+			};
+		}
+
+		pRequest.UserSession = session;
+		fNext();
+	}
+};

package/source/crud/Meadow-Endpoint-Count.js

@@ -8,7 +8,7 @@
 */
 
 var libAsync = require('async');
-var meadowFilterParser = require('./Meadow-Filter-Parse.js');
+const meadowFilterParser = require('meadow-filter').parse;
 /**
 * Count a record using the Meadow DAL object
 */