npm - meadow-endpoints - Versions diffs - 3.0.7 → 4.0.3 - Mend

meadow-endpoints 3.0.7 → 4.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

package/source/crud/Meadow-Endpoint-CountBy.js DELETED Viewed

@@ -1,101 +0,0 @@
-/**
-* Meadow Endpoint - Count a Record filtered by a single value
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-var libAsync = require('async');
-/**
-* Count a record using the Meadow DAL object
-*/
-var doAPICountByEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Count;
-	// INJECT: Pre authorization (for instance to change the authorization level)
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	libAsync.waterfall(
-		[
-			// 1. Create the query
-			function (fStageComplete)
-			{
-				pRequest.Query = pRequest.DAL.query;
-				var tmpByField =  pRequest.params.ByField;
-				var tmpByValue =  pRequest.formattedParams.ByValue;
-				// TODO: Validate theat the ByField exists in the current database
-				if (tmpByValue.constructor === Array)
-				{
-					pRequest.Query.addFilter(tmpByField, tmpByValue, 'IN', 'AND', 'RequestByField');
-				}
-				else
-				{
-					// The count tries to match the Reads, since they are called together.
-					pRequest.Query.addFilter(tmpByField, tmpByValue, '=', 'AND', 'RequestByField');
-				}
-				return fStageComplete(false);
-			},
-			// 2: Check if there is an authorizer set for this endpoint and user role combination, and authorize based on that
-			function (fStageComplete)
-			{
-				pRequest.Authorizers.authorizeRequest('CountBy', pRequest, fStageComplete);
-			},
-			// 3. INJECT: Query configuration
-			function (fStageComplete)
-			{
-				pRequest.BehaviorModifications.runBehavior('Reads-QueryConfiguration', pRequest, fStageComplete);
-			},
-			// 4: Check if authorization denies security access to the record
-			function (fStageComplete)
-			{
-				if (pRequest.MeadowAuthorization)
-				{
-					// This will complete the waterfall operation
-					return fStageComplete(false);
-				}
-				// It looks like this record was not authorized.  Send an error.
-				return fStageComplete({Code:405,Message:'UNAUTHORIZED ACCESS IS NOT ALLOWED'});
-			},
-			// 5: Do the count
-			function (fStageComplete)
-			{
-				pRequest.DAL.doCount(pRequest.Query,
-					function(pError, pQuery, pCount)
-					{
-						pRequest.Result = {Count:pCount};
-						return fStageComplete(pError);
-					});
-			}
-		],
-		function(pError)
-		{
-			if (pError)
-			{
-				return pRequest.CommonServices.sendCodedError('Error retreiving a count.', pError, pRequest, pResponse, fNext);
-			}
-			pRequest.CommonServices.log.info('Delivered recordset count of '+pRequest.Result.Count+'.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:pRequest.DAL.scope+'-CountBy'}, pRequest);
-			pResponse.send(pRequest.Result);
-			return fNext();
-		}
-	);
-};
-module.exports = doAPICountByEndpoint;

package/source/crud/Meadow-Endpoint-Create.js DELETED Viewed

@@ -1,77 +0,0 @@
-/**
-* Meadow Endpoint - Create a Record
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-/**
-* Create a record using the Meadow DAL object
-*/
-var libAsync = require('async');
-var doCreate = require('./Meadow-Operation-Create.js');
-var doAPICreateEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Create;
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	// Configure the request for the generic create operation
-	pRequest.CreatedRecords = [];
-	pRequest.MeadowOperation = 'Create';
-	libAsync.waterfall(
-		[
-			function(fStageComplete)
-			{
-				//1. Validate request body to ensure it is a valid record
-				if (typeof(pRequest.body) !== 'object')
-				{
-					return pRequest.CommonServices.sendError('Record create failure - a valid record is required.', pRequest, pResponse, fNext);
-				}
-				return fStageComplete();
-			},
-			function(fStageComplete)
-			{
-				pRequest.Response = pResponse;
-				pRequest.BehaviorModifications.runBehavior('Create-PreRequest', pRequest, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				//4. Do the create operation
-				doCreate(pRequest.body, pRequest, pResponse, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				//5. Respond with the new record
-				// If there was an error, respond with that instead
-				if (pRequest.RecordCreateError)
-					return fStageComplete(pRequest.RecordCreateErrorMessage);
-				pResponse.send(pRequest.Record);
-				return fStageComplete();
-			}
-		], function(pError)
-		{
-			if (pError && pError!='ABORT') //TODO: should have an abort token/const
-			{
-				return pRequest.CommonServices.sendCodedError('Error creating a record.', pError, pRequest, pResponse, fNext);
-			}
-			return fNext();
-		});
-};
-module.exports = doAPICreateEndpoint;

package/source/crud/Meadow-Endpoint-Delete.js DELETED Viewed

@@ -1,139 +0,0 @@
-/**
-* Meadow Endpoint - Delete a Record
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-/**
-* Delete a record using the Meadow DAL object
-*/
-var libAsync = require('async');
-var doAPIDeleteEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Delete;
-	// INJECT: Pre authorization (for instance to change the authorization level)
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	// INJECT: Pre endpoint operation
-	var tmpIDRecord = 0;
-	if (typeof(pRequest.params.IDRecord) === 'string')
-	{
-		tmpIDRecord = pRequest.params.IDRecord;
-	}
-	else if (typeof(pRequest.body[pRequest.DAL.defaultIdentifier]) === 'number')
-	{
-		tmpIDRecord = pRequest.body[pRequest.DAL.defaultIdentifier];
-	}
-	else if (typeof(pRequest.body[pRequest.DAL.defaultIdentifier]) === 'string')
-	{
-		tmpIDRecord = pRequest.body[pRequest.DAL.defaultIdentifier];
-	}
-	// Although the delete request does allow multiple deletes, we require an identifier.
-	if (tmpIDRecord < 1)
-	{
-		return pRequest.CommonServices.sendError('Record delete failure - a valid record ID is required in the passed-in record.', pRequest, pResponse, fNext);
-	}
-	var tmpRecordCount = {};
-	var tmpQuery;
-	libAsync.waterfall(
-		[
-			function(fStageComplete)
-			{
-				tmpQuery = pRequest.DAL.query;
-				// INJECT: Query configuration and population
-				// This is not overloadable.`
-				tmpQuery.addFilter(pRequest.DAL.defaultIdentifier, tmpIDRecord);
-				tmpQuery.setIDUser(pRequest.UserSession.UserID);
-				return fStageComplete();
-			},
-			function(fStageComplete)
-			{
-				// Load the record so we can do security checks on it
-				pRequest.DAL.doRead(tmpQuery,
-					function(pError, pQuery, pRecord)
-					{
-						if (!pRecord)
-						{
-							tmpRecordCount = {Count:0};
-							return fStageComplete("NO_RECORD_FOUND");
-						}
-						pRequest.Record = pRecord;
-						return fStageComplete();
-					});
-			},
-			function(fStageComplete)
-			{
-				pRequest.Authorizers.authorizeRequest('Delete', pRequest, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				// INJECT: Once we've check the authorizer and are ready to Delete, invoke an injected behavior before we execute the actuall delete operation
-				return pRequest.BehaviorModifications.runBehavior('Delete-PreOperation', pRequest, fStageComplete);
-			},
-			function(fStageComplete)
-			{
-				// INJECT: Record modification before delete
-				if (pRequest.MeadowAuthorization)
-				{
-					return fStageComplete(false);
-				}
-				// It looks like this record was not authorized.  Send an error.
-				return fStageComplete({Code:405,Message:'UNAUTHORIZED ACCESS IS NOT ALLOWED'});
-			},
-			function(fStageComplete)
-			{
-				// Do the delete
-				pRequest.DAL.doDelete(tmpQuery,
-					function(pError, pQuery, pCount)
-					{
-						// It returns the number of rows deleted
-						tmpRecordCount = {Count:pCount};
-						return fStageComplete(pError);
-					});
-			},
-			function(fStageComplete)
-			{
-				// INJECT: After the delete count is grabbed, let the user alter the response content
-				return pRequest.BehaviorModifications.runBehavior('Delete-PostOperation', pRequest, fStageComplete);
-			}
-		], function(pError)
-		{
-			if (pError &&
-				pError !== "NO_RECORD_FOUND")
-			{
-				return pRequest.CommonServices.sendCodedError('Error deleting a record.', pError, pRequest, pResponse, fNext);
-			}
-			pRequest.CommonServices.log.info('Deleted '+tmpRecordCount.Count+' records with ID '+tmpIDRecord+'.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:pRequest.DAL.scope+'-Delete'}, pRequest);
-			pResponse.send(tmpRecordCount);
-			return fNext();
-		}
-	);
-};
-module.exports = doAPIDeleteEndpoint;

package/source/crud/Meadow-Endpoint-Read.js DELETED Viewed

@@ -1,109 +0,0 @@
-/**
-* Meadow Endpoint - Read a Record
-*
-* @license MIT
-*
-* @author Steven Velozo <steven@velozo.com>
-* @module Meadow
-*/
-var libAsync = require('async');
-/**
-* Get a specific record from a DAL.
-*/
-var doAPIReadEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Read;
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	libAsync.waterfall(
-		[
-			// 1. Create the query
-			function (fStageComplete)
-			{
-				pRequest.Query = pRequest.DAL.query;
-				fStageComplete(false);
-			},
-			// 2. Set the query up with the record ID
-			function (fStageComplete)
-			{
-				if (!pRequest.params.IDRecord &&
-					pRequest.params.GUIDRecord)
-				{
-					// We use a custon name for this (RequestDefaultIdentifier) in case there is a query with a dot in the default identifier.
-					pRequest.Query.addFilter(pRequest.DAL.defaultGUIdentifier, pRequest.params.GUIDRecord, '=', 'AND', 'RequestDefaultIdentifier');
-				}
-				else
-				{
-					var tmpIDRecord =  pRequest.params.IDRecord;
-					// We use a custon name for this (RequestDefaultIdentifier) in case there is a query with a dot in the default identifier.
-					pRequest.Query.addFilter(pRequest.DAL.defaultIdentifier, tmpIDRecord, '=', 'AND', 'RequestDefaultIdentifier');
-				}
-				return fStageComplete(false);
-			},
-			// 3. INJECT: Query configuration
-			function (fStageComplete)
-			{
-				pRequest.BehaviorModifications.runBehavior('Read-QueryConfiguration', pRequest, fStageComplete);
-			},
-			// 4. Execute the query
-			function (fStageComplete)
-			{
-				pRequest.DAL.doRead(pRequest.Query, fStageComplete);
-			},
-			// 5. Post processing of the records
-			function (pQuery, pRecord, fStageComplete)
-			{
-				if (!pRecord)
-				{
-					pRequest.CommonServices.log.info('Record not found', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:pRequest.DAL.scope+'-Read'}, pRequest);
-					return fStageComplete('Record not found');
-				}
-				pRequest.Record = pRecord;
-				fStageComplete(false);
-			},
-			// 5.5: Check if there is an authorizer set for this endpoint and user role combination, and authorize based on that
-			function (fStageComplete)
-			{
-				pRequest.Authorizers.authorizeRequest('Read', pRequest, fStageComplete);
-			},
-			// 6. INJECT: Post process the record, tacking on or altering anything we want to.
-			function (fStageComplete)
-			{
-				pRequest.BehaviorModifications.runBehavior('Read-PostOperation', pRequest, fStageComplete);
-			},
-			// 6.5: Check if authorization or post processing denied security access to the record
-			function (fStageComplete)
-			{
-				if (pRequest.MeadowAuthorization)
-				{
-					// This will complete the waterfall operation
-					return fStageComplete(false);
-				}
-				// It looks like this record was not authorized.  Send an error.
-				return fStageComplete({Code:405,Message:'UNAUTHORIZED ACCESS IS NOT ALLOWED'});
-			},
-		],
-		// 3. Return the results to the user
-		function(pError)
-		{
-			if (pError)
-			{
-				return pRequest.CommonServices.sendCodedError('Error retreiving a record.', pError, pRequest, pResponse, fNext);
-			}
-			pRequest.CommonServices.log.info('Read a record with ID '+pRequest.params.IDRecord+'.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:pRequest.DAL.scope+'-Read'}, pRequest);
-			pResponse.send(pRequest.Record);
-			return fNext();
-		}
-	);
-};
-module.exports = doAPIReadEndpoint;

package/source/crud/Meadow-Endpoint-ReadDistinctList.js DELETED Viewed

@@ -1,146 +0,0 @@
-/**
-* Meadow Endpoint - Read a list of Records with a specified set of columns, distinct by those columns.
-*
-* @license MIT
-*
-* @author Alex Decker <alex.decker@headlight.com>
-* @module Meadow
-*/
-const libAsync = require('async');
-const meadowFilterParser = require('meadow-filter').parse;
-const marshalDistinctList = require('./Meadow-Marshal-DistinctList.js');
-const streamRecordsToResponse = require('./Meadow-StreamRecordArray');
-/**
-* Get a set of records from a DAL.
-*/
-const doAPIReadDistinctEndpoint = function(pRequest, pResponse, fNext)
-{
-	// This state is the requirement for the UserRoleIndex value in the UserSession object... processed by default as >=
-	// The default here is that any authenticated user can use this endpoint.
-	pRequest.EndpointAuthorizationRequirement = pRequest.EndpointAuthorizationLevels.Reads;
-	// INJECT: Pre authorization (for instance to change the authorization level)
-	if (pRequest.CommonServices.authorizeEndpoint(pRequest, pResponse, fNext) === false)
-	{
-		// If this endpoint fails, it's sent an error automatically.
-		return;
-	}
-	let tmpDistinctColumns;
-	libAsync.waterfall(
-		[
-			// 1a. Get the records
-			function (fStageComplete)
-			{
-				pRequest.Query = pRequest.DAL.query.setDistinct(true);
-				// TODO: Limit the query to the columns we need for the templated expression
-				let tmpCap = false;
-				let tmpBegin = false;
-				if (typeof(pRequest.params.Begin) === 'string' ||
-					typeof(pRequest.params.Begin) === 'number')
-				{
-					tmpBegin = parseInt(pRequest.params.Begin, 10);
-				}
-				if (typeof(pRequest.params.Cap) === 'string' ||
-					typeof(pRequest.params.Cap) === 'number')
-				{
-					tmpCap = parseInt(pRequest.params.Cap, 10);
-				}
-				else
-				{
-					//maximum number of records to return by default on Read queries. Override via "MeadowDefaultMaxCap" fable setting.
-					tmpCap = pRequest.DEFAULT_MAX_CAP;
-				}
-				pRequest.Query.setCap(tmpCap).setBegin(tmpBegin);
-				if (typeof(pRequest.params.Filter) === 'string')
-				{
-					// If a filter has been passed in, parse it and add the values to the query.
-					meadowFilterParser(pRequest.params.Filter, pRequest.Query);
-				}
-				else if (pRequest.params.Filter)
-				{
-					pRequest.Query.setFilter(pRequest.params.Filter);
-				}
-				if (typeof(pRequest.params.Columns) === 'string')
-				{
-					tmpDistinctColumns = pRequest.params.Columns.split(',');
-					if (!tmpDistinctColumns)
-					{
-						return fStageComplete({Code:400,Message:'Columns to distinct on must be provided.'});
-					}
-					pRequest.Query.setDataElements(tmpDistinctColumns);
-				}
-				fStageComplete(false);
-			},
-			// 1b. INJECT: Query configuration
-			function (fStageComplete)
-			{
-				pRequest.BehaviorModifications.runBehavior('Reads-QueryConfiguration', pRequest, fStageComplete);
-			},
-			// 1b2. INJECT: Query pre-authorization behavior (ex. if authorizer needs fields to be included, it can add them)
-			function (fStageComplete)
-			{
-				pRequest.BehaviorModifications.runBehavior('Reads-PreAuth', pRequest, fStageComplete);
-			},
-			// 1c. Do the record read
-			function (fStageComplete)
-			{
-				pRequest.DAL.doReads(pRequest.Query, fStageComplete);
-			},
-			// 2. Post processing of the records
-			function (pQuery, pRecords, fStageComplete)
-			{
-				if (pRecords.length < 1)
-				{
-					pRecords = [];
-				}
-				pRequest.Records = pRecords;
-				// Complete the waterfall operation
-				fStageComplete(false);
-			},
-			// 2.5: Check if there is an authorizer set for this endpoint and user role combination, and authorize based on that
-			function (fStageComplete)
-			{
-				// shared permission with reads
-				pRequest.Authorizers.authorizeRequest('Reads', pRequest, fStageComplete);
-			},
-			// 2.6: Check if authorization or post processing denied security access to the record
-			function (fStageComplete)
-			{
-				if (pRequest.MeadowAuthorization)
-				{
-					return fStageComplete(false);
-				}
-				// It looks like this record was not authorized.  Send an error.
-				return fStageComplete({Code:405,Message:'UNAUTHORIZED ACCESS IS NOT ALLOWED'});
-			},
-			// 3. Marshalling of records into the hash list, using underscore templates.
-			function (fStageComplete)
-			{
-				fStageComplete(false, marshalDistinctList(pRequest.Records, pRequest, tmpDistinctColumns));
-			}
-		],
-		// 3. Return the results to the user
-		function(pError, pResultRecords)
-		{
-			// Remove 'Records' object from pRequest, instead return template results (pResultRecords) for the records
-			delete pRequest['Records'];
-			if (pError)
-			{
-				return pRequest.CommonServices.sendCodedError('Error retreiving a recordset.', pError, pRequest, pResponse, fNext);
-			}
-			pRequest.CommonServices.log.info('Read a recordset lite list with '+pResultRecords.length+' results.', {SessionID:pRequest.UserSession.SessionID, RequestID:pRequest.RequestUUID, RequestURL:pRequest.url, Action:pRequest.DAL.scope+'-ReadDistinct'}, pRequest);
-			return streamRecordsToResponse(pResponse, pResultRecords, fNext);
-		}
-	);
-};
-module.exports = doAPIReadDistinctEndpoint;