npm - meadow-endpoints - Versions diffs - 3.0.7 → 4.0.2 - Mend

meadow-endpoints 3.0.7 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

package/source/Meadow-MarshallSessionData.js DELETED Viewed

@@ -1,64 +0,0 @@
-/**
-* Meadow Session Marshaller - Extract session data based on configuration.
-*
-* @license MIT
-*
-* @author Alex Decker <alex.decker@headlight.com>
-* @module Meadow
-*/
-module.exports = (pFable) =>
-{
-	const _Fable = pFable;
-	const _SessionDataSource = _Fable.settings.MeadowEndpointsSessionDataSource || 'Request';
-	return (pRequest, pResponse, fNext) =>
-	{
-		let session;
-		switch (_SessionDataSource)
-		{
-		default:
-			_Fable.log.warn(`Unknown session source configured: ${_SessionDataSource} - defaulting to Request for backward compatibility`);
-		case 'Request':
-			// noop - already set by orator-session
-			session = pRequest.UserSession;
-			break;
-		case 'None':
-			break;
-		case 'Header':
-			try
-			{
-				const sessionStr = pRequest.headers['x-trusted-session'];
-				if (!sessionStr)
-				{
-					break;
-				}
-				session = JSON.parse(sessionStr);
-			}
-			catch (pError)
-			{
-				_Fable.log.error('Error marshalling session data from header.', { Error: pError.message, Stack: pError.stack });
-			}
-			break;
-		}
-		if (!session)
-		{
-			// blank session so things don't break, for now
-			session =
-			{
-				SessionID: '',
-				UserID: 0,
-				UserRole: '',
-				UserRoleIndex: 0,
-				LoggedIn: false,
-				DeviceID: '',
-				CustomerID: 0,
-			};
-		}
-		pRequest.UserSession = session;
-		fNext();
-	}
-};

package/source/Restify-RouteParser.js DELETED Viewed

@@ -1,114 +0,0 @@
-//var assert = require('assert');
-var url = require('url');
-/**
- * given a request, try to match it against the regular expression to
- * get the route params.
- * i.e., /foo/:param1/:param2
- * @private
- * @function matchURL
- * @param	{String | RegExp} re   a string or regular expression
- * @param	{Object}		  req  the request object
- * @returns  {Object}
- */
-function matchURL(re, req) {
-	var i = 0;
-	var result = re.exec(req.path());
-	var params = {};
-	if (!result) {
-		return (false);
-	}
-	// This means the user original specified a regexp match, not a url
-	// string like /:foo/:bar
-	if (!re.restifyParams) {
-		for (i = 1; i < result.length; i++) {
-			params[(i - 1)] = result[i];
-		}
-		return (params);
-	}
-	// This was a static string, like /foo
-	if (re.restifyParams.length === 0) {
-		return (params);
-	}
-	// This was the "normal" case, of /foo/:id
-	re.restifyParams.forEach(function (p) {
-		if (++i < result.length) {
-			params[p] = result[i];
-		}
-	});
-	return (params);
-}
-var _RegexCache = {};
-function compileURL(options) {
-	if (options.url instanceof RegExp)
-		return (options.url);
-	//assert.string(options.url, 'url');
-	if (_RegexCache[options.url])
-	{
-		return _RegexCache[options.url];
-	}
-	var params = [];
-	var pattern = '^';
-	var re;
-	var _url = url.parse(options.url).pathname;
-	_url.split('/').forEach(function (frag) {
-		if (frag.length <= 0)
-			return (false);
-		pattern += '\\/+';
-		if (frag.charAt(0) === ':') {
-			var label = frag;
-			var index = frag.indexOf('(');
-			var subexp;
-			if (index === -1) {
-				if (options.urlParamPattern) {
-					subexp = options.urlParamPattern;
-				} else {
-					subexp = '[^/]*';
-				}
-			} else {
-				label = frag.substring(0, index);
-				subexp = frag.substring(index+1, frag.length-1);
-			}
-			pattern += '(' + subexp + ')';
-			params.push(label.slice(1));
-		} else {
-			pattern += frag;
-		}
-		return (true);
-	});
-	if (pattern === '^')
-		pattern += '\\/';
-	pattern += '$';
-	re = new RegExp(pattern, options.flags);
-	re.restifyParams = params;
-	_RegexCache[options.url] = re;
-	return (re);
-}
-module.exports = function parseParams(pRoute, pRequestPath)
-{
-	var tmpPath = compileURL({url: pRoute});
-	var tmpReq = {
-		path: function()
-		{
-			return pRequestPath;
-		}
-	};
-	return matchURL(tmpPath, tmpReq);
-}

package/source/authorizers/Meadow-Authorizer-Allow.js DELETED Viewed

@@ -1,17 +0,0 @@
-// ##### Part of the **[retold](https://stevenvelozo.github.io/retold/)** system
-/**
-* @license MIT
-* @author <steven@velozo.com>
-*/
-/**
-* Meadow Authorizer - Always Allow Access
-*/
-var doAuthorize = function(pRequest, fNext)
-{
-	pRequest.MeadowAuthorization = true;
-	return fNext();
-};
-module.exports = doAuthorize;

package/source/authorizers/Meadow-Authorizer-Deny.js DELETED Viewed

@@ -1,17 +0,0 @@
-// ##### Part of the **[retold](https://stevenvelozo.github.io/retold/)** system
-/**
-* @license MIT
-* @author <steven@velozo.com>
-*/
-/**
-* Meadow Authorizer - Always Deny Access
-*/
-var doAuthorize = function(pRequest, fNext)
-{
-	pRequest.MeadowAuthorization = false;
-	return fNext();
-};
-module.exports = doAuthorize;

package/source/authorizers/Meadow-Authorizer-Mine.js DELETED Viewed

@@ -1,47 +0,0 @@
-// ##### Part of the **[retold](https://stevenvelozo.github.io/retold/)** system
-/**
-* @license MIT
-* @author <steven@velozo.com>
-*/
-/**
-* Meadow Authorizer - Records from My Customer
-*/
-var doAuthorize = function(pRequest, fNext)
-{
-	if (pRequest.EndpointHash === 'Count' ||
-		pRequest.EndpointHash === 'CountBy')
-	{
-		pRequest.MeadowAuthorization = true;
-		return fNext();
-	}
-	if (typeof(pRequest.Record) !== 'object')
-	{
-		// If there is no record, fail.
-		pRequest.MeadowAuthorization = false;
-		return fNext();
-	}
-	if (pRequest.Record.hasOwnProperty('CreatingIDUser'))
-	{
-		if (pRequest.Record.CreatingIDUser === pRequest.UserSession.UserID)
-		{
-			// If the UserID matches
-			pRequest.MeadowAuthorization = (true && pRequest.MeadowAuthorization);
-		}
-		else
-		{
-			// DENY If the user IDs don't match
-			pRequest.MeadowAuthorization = false;
-		}
-	}
-	else
-	{
-		// This will pass records that don't have a CreatingIDUser.  Do we want that?
-		pRequest.MeadowAuthorization = true;
-	}
-	return fNext();
-};
-module.exports = doAuthorize;

package/source/authorizers/Meadow-Authorizer-MyCustomer.js DELETED Viewed

@@ -1,48 +0,0 @@
-// ##### Part of the **[retold](https://stevenvelozo.github.io/retold/)** system
-/**
-* @license MIT
-* @author <steven@velozo.com>
-*/
-/**
-* Meadow Authorizer - Records from My Customer
-*/
-var doAuthorize = function(pRequest, fNext)
-{
-	if (pRequest.EndpointHash === 'Count' ||
-		pRequest.EndpointHash === 'CountBy')
-	{
-		pRequest.MeadowAuthorization = true;
-		return fNext();
-	}
-	if (typeof(pRequest.Record) !== 'object')
-	{
-		// If there is no record, fail.
-		pRequest.MeadowAuthorization = false;
-		return fNext();
-	}
-	if (pRequest.Record.hasOwnProperty('IDCustomer'))
-	{
-		if (pRequest.Record.IDCustomer === 0 ||
-			pRequest.Record.IDCustomer === pRequest.UserSession.CustomerID)
-		{
-			// If the customer matches
-			pRequest.MeadowAuthorization = (true && pRequest.MeadowAuthorization);
-		}
-		else
-		{
-			// Deny if Customer ID's don't match
-			pRequest.MeadowAuthorization = false;
-		}
-	}
-	else
-	{
-		// This will pass records that don't have a CustomerID.  Do we want that?
-		pRequest.MeadowAuthorization = true;
-	}
-	return fNext();
-};
-module.exports = doAuthorize;

package/source/crud/Meadow-Endpoint-BulkCreate.js DELETED Viewed

@@ -1,67 +0,0 @@
-/**
-* Meadow Endpoint - Create a set of Record in Bulk
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-/**
-* Bulk Create records using the Meadow DAL object
-*/
-var libAsync = require('async');
-var doCreate = require('./Meadow-Operation-Create.js');
-const streamRecordsToResponse = require('./Meadow-StreamRecordArray');
-var doAPIBulkCreateEndpoint = function(pRequest, pResponse, fNext)
-{
-	// Configure the request for the generic create operation
-	pRequest.CreatedRecords = [];
-	pRequest.MeadowOperation = 'CreateBulk';
-	libAsync.waterfall(
-		[
-			function(fStageComplete)
-			{
-				//1. Validate request body to ensure it is a valid record
-				if (!Array.isArray(pRequest.body))
-				{
-					return pRequest.CommonServices.sendError('Bulk record create failure - a valid array of records is required.', pRequest, pResponse, fNext);
-				}
-				pRequest.BulkRecords = pRequest.body;
-				return fStageComplete(null);
-			},
-			function(fStageComplete)
-			{
-				pRequest.Response = pResponse;
-				pRequest.BehaviorModifications.runBehavior('Create-PreRequest', pRequest, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				libAsync.eachSeries(pRequest.BulkRecords,
-					function (pRecord, fCallback)
-					{
-						doCreate(pRecord, pRequest, pResponse, fCallback);
-					}, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				//5. Respond with the new records
-				return streamRecordsToResponse(pResponse, pRequest.CreatedRecords, fStageComplete);
-			}
-		], function(pError)
-		{
-			if (pError)
-			{
-				return pRequest.CommonServices.sendCodedError('Error bulk creating a record.', pError, pRequest, pResponse, fNext);
-			}
-			return fNext();
-		});
-};
-module.exports = doAPIBulkCreateEndpoint;

package/source/crud/Meadow-Endpoint-BulkUpdate.js DELETED Viewed

@@ -1,74 +0,0 @@
-/**
-* Meadow Endpoint - Update a set of Records
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-/**
-* Update a set of records using the Meadow DAL object
-*/
-var libAsync = require('async');
-var doUpdate = require('./Meadow-Operation-Update.js');
-const streamRecordsToResponse = require('./Meadow-StreamRecordArray');
-var doAPIUpdateEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Update;
-	// INJECT: Pre authorization (for instance to change the authorization level)
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	// Configure the request for the generic update operation
-	pRequest.UpdatedRecords = [];
-	pRequest.MeadowOperation = 'UpdateBulk';
-	libAsync.waterfall(
-		[
-			function(fStageComplete)
-			{
-				//1. Validate request body to ensure it is a valid record
-				if (!Array.isArray(pRequest.body))
-				{
-					return pRequest.CommonServices.sendError('Record update failure - a valid record is required.', pRequest, pResponse, fNext);
-				}
-				pRequest.BulkRecords = pRequest.body;
-				return fStageComplete(null);
-			},
-			function(fStageComplete)
-			{
-				libAsync.eachSeries(pRequest.BulkRecords,
-					function (pRecord, fCallback)
-					{
-						doUpdate(pRecord, pRequest, pResponse, fCallback);
-					}, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				//5. Respond with the new record
-				return streamRecordsToResponse(pResponse, pRequest.UpdatedRecords, fStageComplete);
-			}
-		], function(pError)
-		{
-			if (pError)
-			{
-				return pRequest.CommonServices.sendCodedError('Error bulk updating records.', pError, pRequest, pResponse, fNext);
-			}
-			return fNext();
-		});
-};
-module.exports = doAPIUpdateEndpoint;

package/source/crud/Meadow-Endpoint-BulkUpsert.js DELETED Viewed

@@ -1,76 +0,0 @@
-/**
-* Meadow Endpoint - Upsert a set of Records
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-/**
-* Upsert a set of records using the Meadow DAL object
-*/
-var libAsync = require('async');
-var doUpsert = require('./Meadow-Operation-Upsert.js');
-var marshalLiteList = require('./Meadow-Marshal-LiteList.js');
-const streamRecordsToResponse = require('./Meadow-StreamRecordArray');
-var doAPIUpsertEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Update;
-	// INJECT: Pre authorization (for instance to change the authorization level)
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	// Configure the request for the generic upsert operation
-	pRequest.CreatedRecords = [];
-	pRequest.UpdatedRecords = [];
-	pRequest.UpsertedRecords = [];
-	pRequest.MeadowOperation = 'UpsertBulk';
-	libAsync.waterfall(
-		[
-			function(fStageComplete)
-			{
-				//1. Validate request body to ensure it is a valid record
-				if (!Array.isArray(pRequest.body))
-				{
-					return pRequest.CommonServices.sendError('Record upsert failure - a valid record is required.', pRequest, pResponse, fNext);
-				}
-				pRequest.BulkRecords = pRequest.body;
-				return fStageComplete(null);
-			},
-			function(fStageComplete)
-			{
-				libAsync.eachSeries(pRequest.BulkRecords,
-					function (pRecord, fCallback)
-					{
-						doUpsert(pRecord, pRequest, pResponse, fCallback);
-					}, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				//5. Respond with the new records
-				return streamRecordsToResponse(pResponse, marshalLiteList(pRequest.UpsertedRecords, pRequest), fStageComplete);
-			}
-		], function(pError)
-		{
-			if (pError)
-			{
-				return pRequest.CommonServices.sendCodedError('Error bulk upserting records.', pError, pRequest, pResponse, fNext);
-			}
-			return fNext();
-		});
-};
-module.exports = doAPIUpsertEndpoint;

package/source/crud/Meadow-Endpoint-Count.js DELETED Viewed

@@ -1,93 +0,0 @@
-/**
-* Meadow Endpoint - Count a Record
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-var libAsync = require('async');
-const meadowFilterParser = require('meadow-filter').parse;
-/**
-* Count a record using the Meadow DAL object
-*/
-var doAPICountEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Count;
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	libAsync.waterfall(
-		[
-			// 1: Create the query
-			function (fStageComplete)
-			{
-				pRequest.Query = pRequest.DAL.query;
-				if (typeof(pRequest.params.Filter) === 'string')
-				{
-					// If a filter has been passed in, parse it and add the values to the query.
-					meadowFilterParser(pRequest.params.Filter, pRequest.Query);
-				}
-				else if (pRequest.params.Filter)
-				{
-					pRequest.Query.setFilter(pRequest.params.Filter);
-				}
-				fStageComplete(false);
-			},
-			// 2: Check if there is an authorizer set for this endpoint and user role combination, and authorize based on that
-			function (fStageComplete)
-			{
-				pRequest.Authorizers.authorizeRequest('Count', pRequest, fStageComplete);
-			},
-			// 3. INJECT: Query configuration
-			function (fStageComplete)
-			{
-				pRequest.BehaviorModifications.runBehavior('Reads-QueryConfiguration', pRequest, fStageComplete);
-			},
-			// 4: Check if authorization or post processing denied security access to the record
-			function (fStageComplete)
-			{
-				if (pRequest.MeadowAuthorization)
-				{
-					// This will complete the waterfall operation
-					return fStageComplete(false);
-				}
-				// It looks like this record was not authorized.  Send an error.
-				return fStageComplete({Code:405,Message:'UNAUTHORIZED ACCESS IS NOT ALLOWED'});
-			},
-			// 5: Do the count
-			function (fStageComplete)
-			{
-				pRequest.DAL.doCount(pRequest.Query,
-					function(pError, pQuery, pCount)
-					{
-						pRequest.Result = {Count:pCount};
-						return fStageComplete(pError);
-					});
-			}
-		],
-		// 6. Return the results to the user
-		function(pError)
-		{
-			if (pError)
-			{
-				return pRequest.CommonServices.sendCodedError('Error retreiving a count.', pError, pRequest, pResponse, fNext);
-			}
-			pRequest.CommonServices.log.info('Delivered recordset count of ' + pRequest.Result.Count + '.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:pRequest.DAL.scope+'-Count'}, pRequest);
-			pResponse.send(pRequest.Result);
-			return fNext();
-		}
-	);
-};
-module.exports = doAPICountEndpoint;