npm - meadow-endpoints - Versions diffs - 3.0.7 → 4.0.2 - Mend

meadow-endpoints 3.0.7 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

package/test_support/test_old/untitled.js ADDED Viewed

@@ -0,0 +1,88 @@
+/**
+* Test Harness
+*
+* @license     MIT
+*
+* @author      Steven Velozo <steven@velozo.com>
+*/
+////////// Code can go here for easy debugging //////////
+const tmpApplicationSettings = 	(
+{
+	Product: 'MockEndpointServer',
+	ProductVersion: '0.0.0',
+	"UnauthorizedRequestDelay": 100,
+	APIServerPort: 8086,
+	MySQL:
+		{
+			// This is queued up for Travis defaults.
+			Server: "localhost",
+			Port: 3306,
+			User: "root",
+			Password: "123456789",
+//			Password: "",
+			Database: "FableTest",
+			ConnectionPoolLimit: 20
+		}
+});
+// Construct a fable.
+const _Fable = new libFable(tmpApplicationSettings);
+// Connect to SQL, put the connection in the magic location
+_Fable.MeadowMySQLConnectionPool = libMySQL.createPool
+(
+	{
+		connectionLimit: _Fable.settings.MySQL.ConnectionPoolLimit,
+		host: _Fable.settings.MySQL.Server,
+		port: _Fable.settings.MySQL.Port,
+		user: _Fable.settings.MySQL.User,
+		password: _Fable.settings.MySQL.Password,
+		database: _Fable.settings.MySQL.Database,
+		namedPlaceholders: true
+	}
+);
+// Load up a Meadow (pointing at the Animal database)
+const _AnimalSchema = require('../test/Animal.json');
+const _Meadow = libMeadow.new(_Fable, 'FableTest')
+	.setProvider('MySQL')
+	.setSchema(_AnimalSchema.Schema)
+	.setJsonSchema(_AnimalSchema.JsonSchema)
+	.setDefaultIdentifier(_AnimalSchema.DefaultIdentifier)
+	.setDefault(_AnimalSchema.DefaultObject);
+// Instantiate the meadow endpoints with the DAL object constructed above
+const _MeadowEndpoints = new libMeadowEndpoints(_Meadow);
+// Instantiate the service server, using restify
+const _Orator = new libOrator(_Fable, libOratorServiceServerRestify);
+// Prepare the service server for mapping endpoints
+_Orator.initializeServiceServer();
+_MeadowEndpoints.controller.BehaviorInjection.setBehavior('Schema-PreOperation',
+	function (pRequest, pRequestState, fCallback)
+	{
+		this.log.info('I have access to state!', pRequestState);
+		return fCallback();
+	});
+_MeadowEndpoints.controller.BehaviorInjection.setBehavior('Schema-PostOperation',
+	function (pRequest, pRequestState, fCallback)
+	{
+		pRequestState.JSONSchema.PLOT = `GODZILLA WILL EAT YOUR SOUL!`;
+		this.log.info('I can also mutate state before sending!', pRequestState);
+		return fCallback();
+	});
+// Wire the endpoints up
+_MeadowEndpoints.connectRoutes(_Orator.serviceServer);
+// Now start the web server.
+_Orator.startWebServer(_HarnessBehavior);

package/source/Meadow-Authenticator.js DELETED Viewed

@@ -1,31 +0,0 @@
-/**
- * Check that a user is logged in, if enabled
- *
- * @method getAuthenticator
- */
-const getAuthenticator = (pAuthenticatorMode) =>
-{
-	if (pAuthenticatorMode === 'Disabled')
-	{
-		return (pRequest, pResponse, fNext) =>
-		{
-			pRequest.EndpointAuthenticated = true;
-			fNext();
-		};
-	}
-	return (pRequest, pResponse, fNext) =>
-	{
-		if (!pRequest.UserSession.LoggedIn)
-		{
-			pRequest.EndpointAuthenticated = false;
-		}
-		else
-		{
-			pRequest.EndpointAuthenticated = true;
-		}
-		fNext();
-	}
-};
-module.exports = getAuthenticator;

package/source/Meadow-Authorizers.js DELETED Viewed

@@ -1,214 +0,0 @@
-/**
-* The Meadow Security Authorizor Collection
-*
-* Provide a set of security authorizers, and give the API consumer the ability to add to or modify them.
-*
-* @class MeadowAuthorizers
-* @constructor
-*/
-var libUnderscore = require('underscore');
-var libAsync = require('async');
-var MeadowAuthorizers = function()
-{
-	function createNew(pMeadow)
-	{
-		// If a valid fable object isn't passed in, return a constructor
-		if ((typeof(pMeadow) !== 'object') || !('fable' in pMeadow))
-		{
-			return {new: createNew};
-		}
-		const _AuthorizationMode = pMeadow.fable.settings.MeadowAuthorizationMode || 'Disabled';
-		// An object to hold modifications to specific authorizers.
-		var _AuthorizerFunctions = {};
-		/**
-		* Set a specific authorizer.
-		*
-		* The anatomy of a authorizer function is as follows:
-		*
-		* var someAuthorizer = function(pRequest, fComplete)
-		* {
-		*      // Do some stuff with pRequest...
-		*      if (pRequest.UserSession.UserRoleIndex < 5)
-		*          pRequest.MeadowAuthorization = pRequest.MeadowAuthorization && false;
-		*
-		*      return fComplete(false);
-		* }
-		*
-		* It is important to note that the fComplete function expects false if no error, or a string message if there is one.
-		*/
-		var setAuthorizer = function(pAuthorizerHash, fAuthorizer)
-		{
-			_AuthorizerFunctions[pAuthorizerHash] = fAuthorizer;
-		};
-		/**
-		* Get a specific authorizer.
-		*/
-		var getAuthorizer = function(pAuthorizerHash)
-		{
-			return _AuthorizerFunctions[pAuthorizerHash];
-		};
-		if (_AuthorizationMode === 'SimpleOwnership')
-		{
-			// Map in the authorizers for simple ownership mode
-			setAuthorizer('Allow', require(__dirname+'/authorizers/Meadow-Authorizer-Allow.js'));
-			setAuthorizer('Deny', require(__dirname+'/authorizers/Meadow-Authorizer-Deny.js'));
-			setAuthorizer('Mine', require(__dirname+'/authorizers/Meadow-Authorizer-Mine.js'));
-			setAuthorizer('MyCustomer', require(__dirname+'/authorizers/Meadow-Authorizer-MyCustomer.js'));
-		}
-		/**
-		* This method runs a authorizer at a specific hash, and returns true.
-		* Or it returns false if there was no authorizer there.
-		* Authorizers should expect their state to be in the pRequest object, per the example in setAuthorizer
-		*/
-		var authorize = function(pAuthorizerHash, pRequest, fComplete)
-		{
-			// Add the authorization value to the request object if it doesn't exist yet
-			if (!pRequest.hasOwnProperty('MeadowAuthorization'))
-			{
-				pRequest.MeadowAuthorization = true;
-			}
-			// authorize all behaviors if authorization is disabled
-			if (_AuthorizationMode === 'Disabled')
-			{
-				return fComplete();
-			}
-			//FIXME: Get rid of this...
-			if (pRequest.Satchel &&
-				pRequest.Satchel.AuthorizeOverride)
-				return fComplete(false);
-			// Run an injected authorizer (if it exists)
-			if (_AuthorizerFunctions.hasOwnProperty(pAuthorizerHash))
-			{
-				if (!pRequest.Record &&
-					pRequest.Records)
-				{
-					// Run the authorizer for multiple records
-					libAsync.eachSeries(pRequest.Records, function(pRecord, fNext)
-					{
-						pRequest.Record = pRecord;
-						_AuthorizerFunctions[pAuthorizerHash](pRequest, function(err)
-						{
-							if (err)
-								return fNext({Error: err});
-							// If MeadowAuthorization fails, keep the state and pass it on
-							return fNext(!pRequest.MeadowAuthorization);
-						});
-					},
-					function(pCancelled)
-					{
-						delete pRequest['Record']; //remove this property as it should only contains 'Records'
-						if (pCancelled &&
-							pCancelled.Error)
-						{
-							return fComplete(pCancelled.Error);
-						}
-						return fComplete(false);
-					});
-				}
-				else
-				{
-					// Run the authorizer for one record
-					return _AuthorizerFunctions[pAuthorizerHash](pRequest, fComplete);
-				}
-			}
-			else
-			{
-				return fComplete(false);
-			}
-		};
-		// Try to execute any defined authorizers on the proper endpoint
-		var authorizeRequest = function(pRequestHash, pRequest, fComplete)
-		{
-			// Add the authorization value to the request object if it doesn't exist yet
-			if (!pRequest.hasOwnProperty('MeadowAuthorization'))
-			{
-				pRequest.MeadowAuthorization = true;
-			}
-			// authorize all behaviors if authorization is disabled
-			if (_AuthorizationMode === 'Disabled')
-			{
-				return fComplete();
-			}
-			// Attach authorizer hash in case the invoked authorizer needs the endpoint context
-			pRequest.EndpointHash = pRequestHash;
-			// See if there is an authorizer collection for the role of the user
-			var tmpRoleAuthorizer = pRequest.DAL.schemaFull.authorizer[pRequest.DAL.getRoleName(pRequest.UserSession.UserRoleIndex)];
-			if (!tmpRoleAuthorizer)
-			{
-				// Fallback to default definition, if present
-				tmpRoleAuthorizer = pRequest.DAL.schemaFull.authorizer['__DefaultAPISecurity'];
-			}
-			// Authorizing Endpoint
-			//console.log(pRequestHash + ' >>> '+pRequest.DAL.getRoleName(pRequest.UserSession.UserRoleIndex)+'   -   '+pRequest.UserSession.UserRoleIndex+' Authorization Configuration: '+JSON.stringify(tmpRoleAuthorizer));
-			if ((typeof(tmpRoleAuthorizer) === 'object') && tmpRoleAuthorizer.hasOwnProperty(pRequestHash))
-			{
-				// Authorizing Endpoint
-				//console.log(' >>> Authorizing Endpoint: '+JSON.stringify(tmpRoleAuthorizer));
-				// If there is an authorizer collection in the DAL and it has this request hash as a property in it, execute the authorizer(s)
-				if (typeof(tmpRoleAuthorizer[pRequestHash]) === 'string')
-				{
-					// Execute the single authorizer
-					authorize(tmpRoleAuthorizer[pRequestHash], pRequest, fComplete);
-				}
-				else
-				{
-					// Execute every authorizer in the array
-					libAsync.eachSeries(tmpRoleAuthorizer[pRequestHash],
-						function(pAuthorizerHash, fCallback)
-						{
-							authorize(pAuthorizerHash, pRequest, fCallback);
-						},
-						fComplete);
-				}
-			}
-			else
-			{
-				fComplete();
-			}
-		}
-		/**
-		* Container Object for our Factory Pattern
-		*/
-		var tmpNewMeadowAuthorizer = (
-		{
-			setAuthorizer: setAuthorizer,
-			getAuthorizer: getAuthorizer,
-			authorize: authorize,
-			authorizeRequest: authorizeRequest,
-			new: createNew
-		});
-		return tmpNewMeadowAuthorizer;
-	}
-	return createNew();
-};
-module.exports = new MeadowAuthorizers();

package/source/Meadow-BehaviorModifications.js DELETED Viewed

@@ -1,170 +0,0 @@
-/**
-* The Meadow Behavior Modification Object
-*
-* Provide a sane mechanism for overloading or injecting behaviors into request endpoints.
-*
-* @class MeadowBehaviorModifications
-* @constructor
-*/
-var libUnderscore = require('underscore');
-var MeadowBehaviorModifications = function()
-{
-	function createNew(pMeadow)
-	{
-		// If a valid fable object isn't passed in, return a constructor
-		if ((typeof(pMeadow) !== 'object') || !('fable' in pMeadow))
-		{
-			return {new: createNew};
-		}
-		var libAsync = require('async');
-		// An object to hold modifications to specific behaviors.
-		var _BehaviorFunctions = {};
-		// A set of objects to hold the specific templates and their compiled functions
-		var _Templates = {};
-		var _TemplateFunctions = {};
-		/**
-		* Set a specific behavior.
-		*
-		* The anatomy of a behavior function is as follows:
-		*
-		* var someBehavior = function(pRequest, fComplete)
-		* {
-		*      // Do some stuff with pRequest...
-		*      if (pRequest.UserSession.UserRoleIndex < 5)
-		*          pRequest.Query.addFilter('Customer', pRequest.UserSession.IDCustomer);
-		*      return fComplete(false);
-		* }
-		*
-		* It is important to note that the fComplete function expects false if no error, or a string message if there is one.
-		*/
-		var setBehavior = function(pBehaviorHash, fBehavior)
-		{
-			_BehaviorFunctions[pBehaviorHash] = fBehavior;
-		};
-		/**
-		* This method runs a behavior at a specific hash, and returns true.
-		* Or it returns false if there was no behavior there.
-		* Behaviors should expect their state to be in the pRequest object, per the example in setBehavior
-		*/
-		var runBehavior = function(pBehaviorHash, pRequest, fComplete)
-		{
-			// Run an injected behavior (if it exists)
-			if (_BehaviorFunctions.hasOwnProperty(pBehaviorHash) &&
-				_BehaviorFunctions[pBehaviorHash])
-			{
-				//Array of functions. Aborts on first error.
-				if (Array.isArray(_BehaviorFunctions[pBehaviorHash]))
-				{
-					libAsync.timesLimit(_BehaviorFunctions[pBehaviorHash].length, 1, function(idx, fNext)
-					{
-						_BehaviorFunctions[pBehaviorHash][idx](pRequest, fNext);
-					},
-					function complete(err)
-					{
-						return fComplete(err);
-					});
-				}
-				else
-				{
-					//Single function
-					return _BehaviorFunctions[pBehaviorHash](pRequest, fComplete);
-				}
-			}
-			else
-			{
-				return fComplete(false);
-			}
-		};
-		/**
-		* Set a template.
-		*/
-		var setTemplate = function(pTemplateHash, pTemplate)
-		{
-			// Store both the cached text as well as the function
-			_Templates[pTemplateHash] = pTemplate;
-			_TemplateFunctions[pTemplateHash] = libUnderscore.template(pTemplate);
-		};
-		/**
-		* Get a template.
-		*/
-		var getTemplate = function(pTemplateHash)
-		{
-			if (_Templates.hasOwnProperty(pTemplateHash))
-			{
-				return _Templates[pTemplateHash];
-			}
-			else
-			{
-				return false;
-			}
-		};
-		/**
-		* Get a template function.
-		*/
-		var getTemplateFunction = function(pTemplateHash)
-		{
-			if (_TemplateFunctions.hasOwnProperty(pTemplateHash))
-			{
-				return _TemplateFunctions[pTemplateHash];
-			}
-			else
-			{
-				return false;
-			}
-		};
-		/**
-		* Process a template at a hash, and return the result.
-		*/
-		var processTemplate = function(pTemplateHash, pTemplateData, pDefaultTemplate)
-		{
-			var tmpTemplateFunction = getTemplateFunction(pTemplateHash);
-			var tmpTemplateData = (typeof(pTemplateData) === 'undefined') ? {} : pTemplateData;
-			// This makes the function fairly laziliy loading.
-			if (tmpTemplateFunction === false)
-			{
-				// If the template doesn't exist, try to use the passed-in default and set that as the template.
-				// Otherwise make it empty.
-				setTemplate(pTemplateHash, (typeof(pDefaultTemplate) === 'undefined') ? '' : pDefaultTemplate);
-				tmpTemplateFunction = getTemplateFunction(pTemplateHash);
-			}
-			// Now process and return the underscore template.
-			return tmpTemplateFunction(tmpTemplateData);
-		};
-		/**
-		* Container Object for our Factory Pattern
-		*/
-		var tmpNewMeadowBehaviorModifications = (
-		{
-			setBehavior: setBehavior,
-			runBehavior: runBehavior,
-			setTemplate: setTemplate,
-			getTemplate: getTemplate,
-			getTemplateFunction: getTemplateFunction,
-			processTemplate: processTemplate,
-			new: createNew
-		});
-		return tmpNewMeadowBehaviorModifications;
-	}
-	return createNew();
-};
-module.exports = new MeadowBehaviorModifications();

package/source/Meadow-CommonServices.js DELETED Viewed

@@ -1,206 +0,0 @@
-/**
-* The Meadow Common Services Provider
-*
-* This class aims to provide anything that every request will need.
-*
-* @class MeadowCommonServices
-* @constructor
-*/
-var MeadowCommonServices = function()
-{
-	function createNew(pMeadow, pAuthenticationMode)
-	{
-		// If a valid fable object isn't passed in, return a constructor
-		if ((typeof(pMeadow) !== 'object') || !('fable' in pMeadow))
-		{
-			return {new: createNew};
-		}
-		var _Meadow = pMeadow;
-		const _AuthenticationMode = pAuthenticationMode;
-		var _Log = _Meadow.fable.log;
-		var libRestify = require('restify');
-		/**
-		 * Send an Error Code and Error Message to the client, and log it as an error in the log files.
-		 *
-		 * @method sendCodedError
-		 */
-		var sendCodedError = function(pDefaultMessage, pError, pRequest, pResponse, fNext)
-		{
-			var tmpErrorMessage = pDefaultMessage;
-			var tmpErrorCode = 1;
-			var tmpScope = null;
-			var tmpParams = null;
-			var tmpSessionID = null;
-			if (typeof(pError) === 'object')
-			{
-				tmpErrorMessage = pError.Message;
-				if (pError.Code)
-					tmpErrorCode = pError.Code;
-			}
-			else if (typeof(pError) === 'string')
-			{
-				tmpErrorMessage += ' ' + pError;
-			}
-			if (pRequest.DAL)
-			{
-				tmpScope = pRequest.DAL.scope;
-			}
-			if (pRequest.params)
-			{
-				tmpParams = pRequest.params;
-			}
-			if (pRequest.UserSession)
-			{
-				tmpSessionID = pRequest.UserSession.SessionID;
-			}
-			_Log.warn('API Error: '+tmpErrorMessage, {SessionID: tmpSessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Scope: tmpScope, Parameters: tmpParams, Action:'APIError'}, pRequest);
-			pResponse.send({Error:tmpErrorMessage, ErrorCode: tmpErrorCode});
-			return fNext();
-		};
-		/**
-		 * Send an Error to the client, and log it as an error in the log files.
-		 *
-		 * @method sendError
-		 */
-		var sendError = function(pMessage, pRequest, pResponse, fNext)
-		{
-			var tmpSessionID = null;
-			if (pRequest.UserSession)
-			{
-				tmpSessionID = pRequest.UserSession.SessionID;
-			}
-			_Log.warn('API Error: '+pMessage, {SessionID: tmpSessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APIError'}, pRequest);
-			pResponse.send({Error:pMessage});
-			return fNext();
-		};
-		/**
-		 * Check that the user has an appropriate user level to use the current endpoint
-		 *
-		 * @method authorizeEndpoint
-		 */
-		var authorizeEndpoint = function(pRequest, pResponse, fNext)
-		{
-			if (!pRequest.EndpointAuthenticated)
-			{
-				pRequest.CommonServices.log.warn('Unauthenticated user attempting to get a secured resource.', {RequestID:pRequest.RequestUUID}, pRequest);
-				sendNotAuthorized('You must be authenticated to access this resource.', pRequest, pResponse, fNext);
-				return false;
-			}
-			//Check if endpoint is being invoked programmatically, in which case
-			// we bypass session authentication checks
-			if (pRequest.EndpointInvoked)
-			{
-				return true;
-			}
-			// Check that the user has a valid ID.
-			if (_AuthenticationMode !== 'Disabled')
-			{
-				//TODO: do we need this code anymore?
-				const tmpIDUser = pRequest.UserSession.UserID;
-				if (tmpIDUser < 1)
-				{
-					_Log.warn('Invalid session when attempting to get a secured resource - IDUser is not valid.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APISecurity'}, pRequest);
-					sendNotAuthorized('You must be authenticated to access this resource.', pRequest, pResponse, fNext);
-					return false;
-				}
-				// Check that the authentication level is valid.
-				if (pRequest.UserSession.UserRoleIndex < pRequest.EndpointAuthorizationRequirement)
-				{
-					_Log.warn('Invalid permission level when attempting to get a secured resource.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APISecurity', RequiredUserLevel:pRequest.EndpointAuthorizationRequirement, 				ActualUserLevel:pRequest.UserSession.UserRoleIndex}, pRequest);
-					// TODO: Send the proper http status code
-					sendNotAuthorized('You must be appropriately authenticated to access this resource.', pRequest, pResponse, fNext);
-					return false;
-				}
-			}
-			return true;
-		};
-		/**
-		 * Send a not authorized response to the client, and log it in the log files.
-		 *
-		 * @method sendNotAuthorized
-		 */
-		var sendNotAuthorized = function(pMessage, pRequest, pResponse, fNext)
-		{
-			// TODO: Use the proper http code
-			_Log.trace('API Unauthorized Attempt: '+pMessage, {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:'APIUnauthorized'}, pRequest);
-			//cause a delay to mitigate DoS type attacks against endpoints
-			setTimeout(function()
-			{
-				pResponse.send({Error:pMessage});
-				return fNext();
-			}, (_Meadow.fable.settings.UnauthorizedRequestDelay ? _Meadow.fable.settings.UnauthorizedRequestDelay : 15000));
-		};
-		/**
-		* Container Object for our Factory Pattern
-		*/
-		var tmpNewMeadowCommonServices = (
-		{
-			authorizeEndpoint: authorizeEndpoint,
-			sendCodedError: sendCodedError,
-			sendError: sendError,
-			sendNotAuthorized: sendNotAuthorized,
-			// Restify body parser passed through, for any POST and PUT requests
-			bodyParser: libRestify.plugins.bodyParser,
-			new: createNew
-		});
-		// Turn the common services object into a first-class Fable object
-		// addServices removed in fable 2.x
-		if (typeof(_Meadow.fable.addServices) === 'function')
-		{
-			_Meadow.fable.addServices(tmpNewMeadowCommonServices);
-		}
-		else
-		{
-			// bring over addServices implementation from Fable 1.x for backward compatibility
-			Object.defineProperty(tmpNewMeadowCommonServices, 'fable',
-			{
-				get: function() { return _Meadow.fable; },
-				enumerable: false,
-			});
-			Object.defineProperty(tmpNewMeadowCommonServices, 'settings',
-			{
-				get: function() { return _Meadow.fable.settings; },
-				enumerable: false,
-			});
-			Object.defineProperty(tmpNewMeadowCommonServices, 'log',
-			{
-				get: function() { return _Meadow.fable.log; },
-				enumerable: false,
-			});
-		}
-		return tmpNewMeadowCommonServices;
-	}
-	return createNew();
-};
-module.exports = new MeadowCommonServices();