monastery 1.31.7 → 1.32.2

package/changelog.md

@@ -2,6 +2,28 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.32.2](https://github.com/boycce/monastery/compare/1.32.1...1.32.2) (2022-03-04)
+
+
+### Bug Fixes
+
+* missing original non-validated this.data in beforeUpdate ([4b4002d](https://github.com/boycce/monastery/commit/4b4002d3d4d2609025cbb22cacecf948252be38b))
+
+### [1.32.1](https://github.com/boycce/monastery/compare/1.32.0...1.32.1) (2022-03-01)
+
+
+### Bug Fixes
+
+* processAfterFind bug ([3183b79](https://github.com/boycce/monastery/commit/3183b79fc288665000b63e0221fbe8acf6f482aa))
+
+## [1.32.0](https://github.com/boycce/monastery/compare/1.31.7...1.32.0) (2022-02-28)
+
+
+### Features
+
+* added getSignedUrl(s) ([3552a4d](https://github.com/boycce/monastery/commit/3552a4d0b21c192a256a590e3ac1cb48b31c6564))
+* added image optiosn filename, and params ([353b2f0](https://github.com/boycce/monastery/commit/353b2f09ed429a5cd8d74a3b2e94493650fb52e4))
+
 ### [1.31.7](https://github.com/boycce/monastery/compare/1.31.6...1.31.7) (2022-02-28)
 
 
@@ -14,6 +36,7 @@ All notable changes to this project will be documented in this file. See [standa
 
 ### Bug Fixes
 
+* Fixed validateUndefined ([58daed1](https://github.com/boycce/monastery/commit/58daed1ca5317c061a4ddde280bf45b0a134ab30))
 * added partial unqiue index tests ([ff6f193](https://github.com/boycce/monastery/commit/ff6f1938e333407ee17895873d2b42fa5263d7e3))
 * scripts ([bc32680](https://github.com/boycce/monastery/commit/bc326809098ae24686158a0386fbbd6671d86c98))
 

package/docs/image-plugin.md

@@ -26,9 +26,12 @@ Then in your model schema, e.g.
 ```js
 let user = db.model('user', { fields: {
   logo:  {
-    type: 'image',
-    formats: ['bmp', 'gif', 'jpg', 'jpeg', 'png', 'tiff'], // optional plugin rule
-    fileSize: 1000 * 1000 * 5 // optional plugin rule, size in bytes
+    type: 'image', // required
+    formats: ['bmp', 'gif', 'jpg', 'jpeg', 'png', 'tiff'],
+    filename: 'avatar',
+    filesize: 1000 * 1000 * 5, // max size in bytes
+    getSignedUrl: true, // get a s3 signed url after every `find()` operation (can be overridden per request)
+    params: {}, // upload params, https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#upload-property
   },
   logos: [{
     type: 'image'
@@ -61,4 +64,3 @@ user.update({
 Due to known limitations, we are inaccurately able to validate non-binary file types (e.g. txt, svg) before uploading to S3, and rely on their file processing to remove any malicious files.
 
 ...to be continued
-

package/docs/model/find.md

@@ -15,6 +15,7 @@ Find document(s) in a collection and call related hook: `schema.afterFind`
 - [[`options.populate`](#populate)] *(array)*
 - [`options.sort`] *(string\|array\|object)*: same as the mongodb option, but allows string parsing e.g. 'name', 'name:1'
 - [`options.blacklist`] *(array\|string\|false)*: augment `schema.findBL`. `false` will remove all blacklisting
+- [`options.getSignedUrls`] *(boolean)*: get signed urls for all image objects
 - [`options.project`] *(string\|array\|object)*: return only these fields, ignores blacklisting
 - [[`any mongodb option`](http://mongodb.github.io/node-mongodb-native/3.2/api/Collection.html#find)] *(any)*
 

package/lib/model-crud.js

@@ -28,11 +28,11 @@ module.exports = {
       ])
 
       // Validate
-      opts.data = await this.validate(opts.data||{}, { ...opts })
+      let data = await this.validate(opts.data||{}, { ...opts })
 
       // Insert
-      await util.runSeries(this.beforeInsert.map(f => f.bind(opts, opts.data)))
-      let response = await this._insert(opts.data, options)
+      await util.runSeries(this.beforeInsert.map(f => f.bind(opts, data)))
+      let response = await this._insert(data, options)
       await util.runSeries(this.afterInsert.map(f => f.bind(opts, response)))
 
       // Success/error
@@ -193,31 +193,32 @@ module.exports = {
     }
     try {
       opts = await this._queryObject(opts, 'update')
+      let data = opts.data
       let response = null
       let operators = util.pluck(opts, [/^\$/])
       let options = util.omit(opts, ['data', 'query', 'respond', 'validateUndefined', 'skipValidation', 'blacklist'])
 
       // Validate
-      if (util.isDefined(opts.data)) opts.data = await this.validate(opts.data, { ...opts })
-      if (!util.isDefined(opts.data) && util.isEmpty(operators)) {
+      if (util.isDefined(data)) data = await this.validate(opts.data, { ...opts })
+      if (!util.isDefined(data) && util.isEmpty(operators)) {
         throw new Error(`Please pass an update operator to ${this.name}.update(), e.g. data, $unset, etc`)
       }
-      if (util.isDefined(opts.data) && (!opts.data || util.isEmpty(opts.data))) {
+      if (util.isDefined(data) && (!data || util.isEmpty(data))) {
         throw new Error(`No valid data passed to ${this.name}.update({ data: .. })`)
       }
-      // Hook: beforeUpdate
-      await util.runSeries(this.beforeUpdate.map(f => f.bind(opts, opts.data||{})))
-      if (opts.data && operators['$set']) {
+      // Hook: beforeUpdate (has access to original, non-validated opts.data)
+      await util.runSeries(this.beforeUpdate.map(f => f.bind(opts, data||{})))
+      if (data && operators['$set']) {
         this.warn(`'$set' fields take precedence over the data fields for \`${this.name}.update()\``)
       }
-      if (opts.data || operators['$set']) {
-        operators['$set'] = { ...opts.data, ...(operators['$set'] || {}) }
+      if (data || operators['$set']) {
+        operators['$set'] = { ...data, ...(operators['$set'] || {}) }
       }
       // Update
       let update = await this._update(opts.query, operators, options)
       if (update.n) response = Object.assign(Object.create({ _output: update }), operators['$set']||{})
 
-      // Hook: afterUpdate
+      // Hook: afterUpdate (doesn't have access to validated data)
       if (update.n) await util.runSeries(this.afterUpdate.map(f => f.bind(opts, response)))
 
       // Success
@@ -238,6 +239,7 @@ module.exports = {
      * @param {object} opts
      *     @param {object} <opts.query> - mongodb query object
      *     @param {boolean} <opts.respond> - automatically call res.json/error (requires opts.req)
+     *     @param {boolean=true} <opts.multi> - set to false to limit the deletion to just one document
      *     @param {any} <opts.any> - any mongodb option
      * @param {function} <cb> - execute cb(err, data) instead of responding
      * @this model
@@ -304,7 +306,7 @@ module.exports = {
       opts.query = util.removeUndefined(opts.query)
 
       // Query options
-      opts.limit = opts.one? 1 : parseInt(opts.limit || (type == 'remove' ? 1 : this.manager.limit || 0))
+      opts.limit = opts.one? 1 : parseInt(opts.limit || this.manager.limit || 0)
       opts.skip = Math.max(0, opts.skip || 0)
       opts.sort = opts.sort || { 'createdAt': -1 }
       if (util.isString(opts.sort)) {
@@ -324,7 +326,7 @@ module.exports = {
     return opts
   },
 
-  _processAfterFind: function(data, projection, afterFindContext) {
+  _processAfterFind: function(data, projection={}, afterFindContext={}) {
     /**
      * Todo: Maybe make this method public?
      * Recurses through fields that are models and populates missing default-fields and calls model.afterFind([fn,..])

package/lib/model-validate.js

@@ -290,9 +290,9 @@ module.exports = {
   },
 
   _ignoredRules: [ // todo: change name? i.e. 'specialFields'
-    // Need to remove fileSize and formats..
-    'default', 'defaultOverride', 'fileSize', 'formats', 'image', 'index', 'insertOnly', 'model',
-    'nullObject', 'timestampField', 'type', 'virtual'
+    // Need to remove filesize and formats..
+    'default', 'defaultOverride', 'filename', 'filesize', 'formats', 'image', 'index', 'insertOnly',
+    'model', 'nullObject', 'params', 'getSignedUrl', 'timestampField', 'type', 'virtual'
   ]
 
 }

package/lib/model.js

@@ -188,9 +188,12 @@ Model.prototype._setupFields = function(fields) {
 
       // Rule doesn't exist
       util.forEach(field, (rule, ruleName) => {
+        if ((this.rules[ruleName] || rules[ruleName]) && this._ignoredRules.indexOf(ruleName) != -1) {
+          this.error(`The rule name "${ruleName}" for the model "${this.name}" is a reserved keyword, ignoring rule.`)
+        }
         if (!this.rules[ruleName] && !rules[ruleName] && this._ignoredRules.indexOf(ruleName) == -1) {
           // console.log(field)
-          this.error(`No rule "${ruleName}" exists for model "${this.name}". Ignoring rule.`)
+          this.error(`No rule "${ruleName}" exists for model "${this.name}", ignoring rule.`)
           delete field[ruleName]
         }
       }, this)

package/package.json

@@ -2,7 +2,7 @@
   "name": "monastery",
   "description": "⛪ A straight forward MongoDB ODM built around Monk",
   "author": "Ricky Boyce",
-  "version": "1.31.7",
+  "version": "1.32.2",
   "license": "MIT",
   "repository": "github:boycce/monastery",
   "homepage": "https://boycce.github.io/monastery/",

package/plugins/images/index.js

@@ -32,7 +32,9 @@ let plugin = module.exports = {
       return
     }
 
-    // Create s3 service instance
+    // Create s3 'service' instance
+    // https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#constructor-property
+    manager.getSignedUrl = this._getSignedUrl
     this.s3 = new S3({
       credentials: {
         accessKeyId: this.awsAccessKeyId,
@@ -71,6 +73,9 @@ let plugin = module.exports = {
       model.afterInsert.push(function(data, n) {
         plugin.addImages(this, data).then(() => n(null, data)).catch(e => n(e))
       })
+      model.afterFind.push(function(data, n) {
+        plugin.getSignedUrls.call(model, this, data).then(() => n(null, data)).catch(e => n(e))
+      })
     }
   },
 
@@ -121,16 +126,17 @@ let plugin = module.exports = {
         return Promise.all(filesArr.map(file => {
           return new Promise((resolve, reject) => {
             let uid = nanoid.nanoid()
+            let pathFilename = filesArr.imageField.filename ? '/' + filesArr.imageField.filename : ''
             let image = {
-              bucket: this.awsBucket,
-              date: this.manager.useMilliseconds? Date.now() : Math.floor(Date.now() / 1000),
+              bucket: plugin.awsBucket,
+              date: plugin.manager.useMilliseconds? Date.now() : Math.floor(Date.now() / 1000),
               filename: file.name,
               filesize: file.size,
-              path: `${plugin.bucketDir}/${uid}.${file.ext}`,
+              path: `${plugin.bucketDir}/${uid}${pathFilename}.${file.ext}`,
               // sizes: ['large', 'medium', 'small'],
-              uid: uid
+              uid: uid,
             }
-            this.manager.info(
+            plugin.manager.info(
               `Uploading '${image.filename}' to '${image.bucket}/${image.path}'`
             )
             if (test) {
@@ -138,10 +144,14 @@ let plugin = module.exports = {
               resolve()
             } else {
               plugin.s3.upload({
-                Bucket: this.awsBucket,
+                Bucket: plugin.awsBucket,
                 Key: image.path,
                 Body: file.data,
-                ACL: 'public-read'
+                // The IAM permission "s3:PutObjectACL" must be included in the appropriate policy
+                ACL: 'public-read',
+                // upload params,https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#upload-property
+                ...filesArr.imageField.params,
+
               }, (err, response) => {
                 if (err) return reject(err)
                 plugin._addImageObjectsToData(filesArr.inputPath, data, image)
@@ -161,7 +171,7 @@ let plugin = module.exports = {
       return model._update(
         idquery,
         { '$set': prunedData },
-        { 'multi': options.multi || options.create }
+        { 'multi': options.multi || options.create },
       )
 
     // If errors, remove inserted documents to prevent double ups when the user resaves.
@@ -172,6 +182,30 @@ let plugin = module.exports = {
     })
   },
 
+  getSignedUrls: async function(options, data) {
+    /**
+     * Get signed urls for all image objects in data
+     * @param {object} options - monastery operation options {model, query, files, ..}
+     * @param {object} data
+     * @return promise(data)
+     * @this model
+     */
+    // Not wanting signed urls for this operation?
+    if (util.isDefined(options.getSignedUrls) && !options.getSignedUrls) return
+
+    // Find all image objects in data
+    for (let doc of util.toArray(data)) {
+      for (let imageField of this.imageFields) {
+        if (options.getSignedUrls || imageField.getSignedUrl) {
+          let images = plugin._findImagesInData(doc, imageField, 0, '').filter(o => o.image)
+          for (let image of images) {
+            image.image.signedUrl = plugin._getSignedUrl(image.image.path)
+          }
+        }
+      }
+    }
+  },
+
   keepImagePlacement: async function(options, data) {
     /**
      * Hook before update/remove
@@ -303,7 +337,7 @@ let plugin = module.exports = {
         { Key: `medium/${key}.jpg` },
         { Key: `large/${key}.jpg` }
       )
-      this.manager.info(
+      plugin.manager.info(
         `Removing '${pre.image.filename}' from '${pre.image.bucket}/${pre.image.path}'`
       )
     }
@@ -376,7 +410,7 @@ let plugin = module.exports = {
       return Promise.all(filesArr.map((file, i) => {
         return new Promise((resolve, reject) => {
           fileType.fromBuffer(file.data).then(res => {
-            let maxSize = filesArr.imageField.fileSize
+            let maxSize = filesArr.imageField.filesize
             let formats = filesArr.imageField.formats || plugin.formats
             let allowAny = util.inArray(formats, 'any')
             file.format = res? res.ext : ''
@@ -421,17 +455,20 @@ let plugin = module.exports = {
       // Subdocument field
       if (util.isSubdocument(field)) {//schema.isObject
         // log(`Recurse 1: ${path2}`)
-        list = list.concat(this._findAndTransformImageFields(field, path2))
+        list = list.concat(plugin._findAndTransformImageFields(field, path2))
 
       // Array field
       } else if (util.isArray(field)) {//schema.isArray
         // log(`Recurse 2: ${path2}`)
-        list = list.concat(this._findAndTransformImageFields(field, path2))
+        list = list.concat(plugin._findAndTransformImageFields(field, path2))
 
       // Image field. Test for field.image as field.type may be 'any'
       } else if (field.type == 'image' || field.image) {
         let formats = field.formats
-        let fileSize = field.fileSize
+        let filesize = field.filesize || field.fileSize // old <= v1.31.7
+        let filename = field.filename
+        let getSignedUrl = field.getSignedUrl
+        let params = { ...field.params||{} }
         // Convert image field to subdocument
         fields[fieldName] = {
           bucket: { type: 'string' },
@@ -440,13 +477,16 @@ let plugin = module.exports = {
           filesize: { type: 'number' },
           path: { type: 'string' },
           schema: { image: true, nullObject: true, isImageObject: true },
-          uid: { type: 'string' }
+          uid: { type: 'string' },
         }
         list.push({
           fullPath: path2,
           fullPathRegex: new RegExp('^' + path2.replace(/\.[0-9]+/g, '.[0-9]+').replace(/\./g, '\\.') + '$'),
           formats: formats,
-          fileSize: fileSize
+          filesize: filesize,
+          filename: filename,
+          getSignedUrl: getSignedUrl,
+          params: params,
         })
       }
     })
@@ -474,7 +514,7 @@ let plugin = module.exports = {
           if (`${dataPath}.${m}`.match(imageField.fullPathRegex)) {
             list.push({ imageField: imageField, dataPath: `${dataPath}.${m}`, image: target[m] })
           } else {
-            list.push(...this._findImagesInData(
+            list.push(...plugin._findImagesInData(
               target[m],
               imageField,
               imageFieldChunkIndex+i+1,
@@ -495,6 +535,16 @@ let plugin = module.exports = {
     }
 
     return list
-  }
+  },
+
+  _getSignedUrl: (path, expires=3600) => {
+    // https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#getSignedUrl-property
+    let signedUrl = plugin.s3.getSignedUrl('getObject', {
+      Bucket: plugin.awsBucket,
+      Key: path,
+      Expires: expires
+    })
+    return signedUrl
+  },
 
 }

package/test/crud.js

@@ -415,6 +415,40 @@ module.exports = function(monastery, opendb) {
     db.close()
   })
 
+  test('remove basics', async () => {
+    let db = (await opendb(null)).db
+    let user = db.model('user', {
+      fields: {
+        name: { type: 'string' },
+      },
+    })
+
+    // Insert multiple
+    let inserted2 = await user.insert({ data: [{ name: 'Martin' }, { name: 'Martin' }, { name: 'Martin' }]})
+    expect(inserted2).toEqual([
+      {
+        _id: expect.any(Object),
+        name: 'Martin'
+      }, {
+        _id: expect.any(Object),
+        name: 'Martin'
+      }, {
+        _id: expect.any(Object),
+        name: 'Martin'
+      }
+    ])
+
+    // Remove one
+    await expect(user.remove({ query: { name: 'Martin' }, multi: false }))
+      .resolves.toMatchObject({ deletedCount: 1, result: { n: 1, ok: 1 }})
+
+    // Remove many (default)
+    await expect(user.remove({ query: { name: 'Martin' } }))
+      .resolves.toMatchObject({ deletedCount: 2, result: { n: 2, ok: 1 }})
+
+    db.close()
+  })
+
   test('hooks', async () => {
     let db = (await opendb(null)).db
     let user = db.model('user', {
@@ -482,6 +516,26 @@ module.exports = function(monastery, opendb) {
       last: 'Luther'
     })
 
+    // beforeUpdate/beforeInsert should have access to the original non-validated data
+    let user2 = db.model('user2', {
+      fields: {
+        first: { type: 'string' },
+      },
+      beforeInsert: [function (data, next) {
+        if (this.data.bad === true && !data.bad) next(new Error('error1'))
+        else next()
+      }],
+      beforeUpdate: [function (data, next) {
+        if (this.data.bad === true && !data.bad) next(new Error('error2'))
+        else next()
+      }],
+    })
+    let userDoc2 = await user2._insert({ first: 'M' })
+    await expect(user2.insert({ data: { first: 'M' } })).resolves.toMatchObject({ first: 'M' })
+    await expect(user2.insert({ data: { first: 'M', bad: true } })).rejects.toThrow('error1')
+    await expect(user2.update({ query: userDoc2._id, data: { first: 'M',  } })).resolves.toEqual({ first: 'M' })
+    await expect(user2.update({ query: userDoc2._id, data: { first: 'M', bad: true } })).rejects.toThrow('error2')
+
     db.close()
   })
 

package/test/model.js

@@ -115,6 +115,29 @@ module.exports = function(monastery, opendb) {
     })
   })
 
+  test('model reserved rules', async () => {
+    // Setup
+    let db = (await opendb(false, {})).db
+    db.error = () => {} // hiding debug error
+    let user = db.model('user', {
+      fields: {
+        name: {
+          type: 'string',
+          params: {}, // reserved keyword (image plugin)
+          paramsUnreserved: {}
+        },
+      },
+      rules: {
+        params: (value) => {
+          return false // shouldn'r run
+        }
+      }
+    })
+    await expect(user.validate({ name: 'Martin' })).resolves.toMatchObject({
+      name: 'Martin',
+    })
+  })
+
   test('model indexes', async () => {
     // Setup: Need to test different types of indexes
     let db = (await opendb(null)).db

package/test/plugin-images.js

@@ -707,4 +707,57 @@ module.exports = function(monastery, opendb) {
     db.close()
   })
 
+  test('images getSignedUrls', async () => {
+    // latest (2022.02)
+    let db = (await opendb(null, {
+      timestamps: false,
+      serverSelectionTimeoutMS: 2000,
+      imagePlugin: { awsBucket: 'fake', awsAccessKeyId: 'fake', awsSecretAccessKey: 'fake' }
+    })).db
+
+    db.model('user', { fields: {
+      photos: [{ type: 'image' }],
+      photos2: [{ type: 'image', getSignedUrl: true }],
+    }})
+
+    let image = {
+      bucket: 'test',
+      date: 1234,
+      filename: 'lion1.png',
+      filesize: 1234,
+      path: 'test/lion1.png',
+      uid: 'lion1'
+    }
+
+    let userInserted = await db.user._insert({
+      photos: [image, image],
+      photos2: [image, image],
+    })
+
+    // Find signed URL via query option
+    let imageWithSignedUrl = { ...image, signedUrl: expect.stringMatching(/^https/) }
+    await expect(db.user.findOne({ query: userInserted._id, getSignedUrls: true })).resolves.toEqual({
+      _id: expect.any(Object),
+      photos: [imageWithSignedUrl, imageWithSignedUrl],
+      photos2: [imageWithSignedUrl, imageWithSignedUrl],
+    })
+
+    // Find signed URL via schema option
+    await expect(db.user.findOne({ query: userInserted._id })).resolves.toEqual({
+      _id: expect.any(Object),
+      photos: [image, image],
+      photos2: [imageWithSignedUrl, imageWithSignedUrl],
+    })
+
+    // Works with _processAfterFind
+    let rawUser = await db.user._findOne({ _id: userInserted._id })
+    await expect(db.user._processAfterFind(rawUser)).resolves.toEqual({
+      _id: expect.any(Object),
+      photos: [image, image],
+      photos2: [imageWithSignedUrl, imageWithSignedUrl],
+    })
+
+    db.close()
+  })
+
 }