nodester 0.0.1

package/lib/models/mixins.js

@@ -0,0 +1,369 @@
+/*
+ *	CRUD mixins for any model:
+ */
+// Utils:
+const {
+	modelHasAssociations,
+	getModelAssociationProps,
+	compileModelAssociationData,
+} = require('nodester/utils/modelAssociations.util');
+
+
+module.exports = {
+	implementsCRUD: _implementsCRUD
+}
+
+function _implementsCRUD(modelDefinition) {
+	if (!!modelDefinition) {
+
+		// Create.
+		modelDefinition.createWithIncludes = _createWithIncludes.bind(modelDefinition);
+
+		// Read:
+		modelDefinition.findById = _findById.bind(modelDefinition);
+		modelDefinition.findOneWithIncludes = _findOneWithIncludes.bind(modelDefinition);
+
+		// Update:
+		modelDefinition.updateOne = _updateOne.bind(modelDefinition);
+		modelDefinition.updateById = _updateById.bind(modelDefinition);
+
+		// Delete.
+		modelDefinition.deleteById = _deleteById.bind(modelDefinition);
+
+		// Associations:
+		modelDefinition.getIncludesList = _getIncludesList.bind(modelDefinition);
+	}
+}
+
+/* Main mixinis: */
+async function _createWithIncludes(
+	data={}
+) {
+	try {
+		const instance = await this.create(data);
+
+		if (!instance) {
+			const err = new Error(`Failed to create model.`);
+			err.name = 'CreateRecordError';
+			throw err;
+		}
+
+		// Variable that will contain data from parent instance and associations, mentioned in data.
+		let fullInstanceData = instance.toJSON();
+
+		// If this model has associations:
+		if (modelHasAssociations(this)) {
+			const allModelAssociations = Object.entries(this.associations);
+
+			for (const [ associationName, associationDefinition ] of allModelAssociations) {
+
+				// If data of this association is present:
+				if (!!data[associationName]) {
+					// Preparation to work with association:
+					const {
+						associatedModel,
+						foreignKey,
+						associationType
+					} = getModelAssociationProps(associationDefinition, data);
+
+					// If association type is HasMany or HasOne (We don't work with any other):
+					if (associationType === 'HasMany' || associationType === 'HasOne') {
+
+						// Process current instance.
+						const operationsResults = await _updateOrCreateOrDeleteBasedOnAssociationData({
+							associatedModel: associatedModel,
+							dataOfAssociation: data[associationName],
+							parentModelId: instance.id,
+							parentForeignKey: foreignKey,
+						});
+
+						fullInstanceData[associationName] =_unwrapUpdateOrCreateOrDeleteOperationsResults(
+							operationsResults,
+							associationType
+						);
+					}
+
+					fullInstanceData[associationName] = fullInstanceData[associationName] ?? data[associationName];
+				}
+			}
+
+		}
+
+		// Variable, that is used by _updateById,
+		// but we will also put it here to make API consistent.
+		const isNewRecord = true;
+		return Promise.resolve([ isNewRecord, fullInstanceData ]);
+	}
+	catch(error) {
+		return Promise.reject(error);
+	}
+}
+
+function _findById(
+	id=null,
+	include=[],
+	paranoid=true
+) {
+	const query = {
+		where: { id },
+		include: include,
+		paranoid: !!paranoid
+	};
+	return this.findOne(query);
+}
+
+function _findOneWithIncludes(
+	where={},
+	include=[],
+	paranoid=true
+) {
+	const query = {
+		where: where,
+		include: include,
+		paranoid: !!paranoid
+	};
+	return this.findOne(query);
+}
+
+async function _updateOne(
+	where,
+	data,
+	include=[]
+) {
+	try {
+		const instance = await this.findOneWithIncludes(where, include);
+
+		if (!instance) {
+			const err = new Error(`Model not found`);
+			err.name = 'NotFound';
+			throw err;
+		}
+
+		// Update parent model instance:
+		instance.set({ ...data });
+		const saveResult = await instance.save();
+		const { isNewRecord } = saveResult;
+
+		// Variable that will contain data from parent instance and associations, mentioned in data.
+		let fullInstanceData = instance.toJSON();
+
+		// If this model has associations:
+		if (modelHasAssociations(this)) {
+
+			const associationsEntries = Object.entries(this.associations);
+			for (const [ associationName, associationDefinition ] of associationsEntries) {
+
+				// If data of this association is present:
+				if (!!data[associationName]) {
+					
+					// Preparation to work with association:
+					const {
+						associatedModel,
+						foreignKey,
+						associationType
+					} = getModelAssociationProps(associationDefinition, data);
+
+					// If association type is HasMany or HasOne (We don't work with any other):
+					if (associationType === 'HasMany' || associationType === 'HasOne') {
+
+						// Process current instance.
+						const operationsResults = await _updateOrCreateOrDeleteBasedOnAssociationData({
+							associatedModel: associatedModel,
+							dataOfAssociation: data[associationName],
+							parentModelId: instance.id,
+							parentForeignKey: foreignKey,
+						});
+
+						fullInstanceData[associationName] = _unwrapUpdateOrCreateOrDeleteOperationsResults(
+							operationsResults,
+							associationType
+						);
+					}
+
+					fullInstanceData[associationName] = fullInstanceData[associationName] ?? data[associationName];
+				}
+			}
+
+		}
+		
+		// Select this instance again, if includes was set:
+		if (include?.length > 0) {
+			const updatedInstance = await this.findOneWithIncludes(where, include);
+			fullInstanceData = updatedInstance.toJSON();
+		}
+
+		return Promise.resolve([ isNewRecord, fullInstanceData ]);
+	}
+	catch(error) {
+		return Promise.reject(error);
+	}
+}
+
+async function _updateById(
+	id=null,
+	data={},
+	include=[]
+) {
+	const where = { id };
+	return this.updateOne(
+		where,
+		data,
+		include
+	);
+}
+
+function _deleteById(
+	id=null
+) {
+	const query = {
+		where: { id }
+	};
+	return this.destroy(query);
+}
+/* Main mixinis\ */
+
+/* Association mixins: */
+function _getIncludesList(facadeData=null) {
+	// console.log({ facadeData, model: this });
+
+	const result = [];
+
+	const associations = this.associations;
+	const associationEntries = Object.entries(associations);
+
+	associationEntries.forEach(([
+		associationName,
+		associationDefinition
+	]) => {
+		const a = { association: associationName };
+
+		if (!!facadeData) {
+			// If facade data is set, go deeper:
+			const keys = Object.keys( facadeData );
+			if (keys.indexOf(associationName) > 0) {
+				const associationModel = associationDefinition.target;
+
+				const a = { association: associationName };
+				if (Object.entries(associationModel.associations).length > 0) {
+					const deepData = facadeData[ associationName ];
+					a.include = associationModel.getIncludesList(Array.isArray(deepData) ? deepData[0] : deepData);
+				}
+
+				result.push( a );
+			}
+		}
+		else {
+			result.push( a );
+		}
+	});
+
+	// console.log('getIncludesList', result);
+
+	return result;
+}
+/* Association mixins\ */
+
+/* Subfunctions: */
+async function _updateOrCreateOrDelete(
+	modelDefinition,
+	data
+) {
+	try {
+		let operation = 'skipped';
+		let newInstance = null;
+
+		// If this instance has an id, update it,
+		// if no, create from data:
+		if (!isNaN(data?.id)) {
+			// If marked for deletion, delete:
+			if (!!data?.should_delete) {
+				operation = 'deleted';
+				await _deleteById.bind(modelDefinition)(data.id);
+			}
+			else {
+				operation = 'updated';
+				newInstance = await _updateById.bind(modelDefinition)(data.id, data);
+			}
+		}
+		else {
+			operation = 'created';
+			newInstance = await _createWithIncludes.bind(modelDefinition)(data);
+		}
+
+		return Promise.resolve({
+			newInstance,
+			operation,
+		});
+	}
+	catch(error) {
+		return Promise.reject(error);
+	}
+}
+
+async function _updateOrCreateOrDeleteBasedOnAssociationData({
+	associatedModel,
+	dataOfAssociation,
+	parentModelId,
+	parentForeignKey,
+}) {
+	try {
+		let result = [];
+
+		// Detect data type.
+		const isSingleInstance = Array.isArray(dataOfAssociation) === false;
+
+		// If single instance of associated model:
+		if (isSingleInstance) {
+			const operationResult = await _updateOrCreateOrDelete(
+				associatedModel, 
+				compileModelAssociationData({
+					dataOfAssociation,
+					parentForeignKey,
+					parentModelId,
+				})
+			);
+
+			result = [ operationResult ];
+		}
+		// If multiple instances of associated model:
+		else {
+			// Update or create each:
+			const promises = dataOfAssociation.map(
+				(data) => _updateOrCreateOrDelete(
+					associatedModel, 
+					compileModelAssociationData({
+						dataOfAssociation: data,
+						parentForeignKey: parentForeignKey,
+						parentModelId: parentModelId,
+					})
+				)
+			);
+
+			// Wait untill all instances go through process.
+			result = await Promise.all(promises);
+		}
+
+		return Promise.resolve(result);
+	}
+	catch(error) {
+		return Promise.reject(error);
+	}
+}
+
+function _unwrapUpdateOrCreateOrDeleteOperationsResults(
+	operationsResults,
+	associationType
+) {
+	// If instance was not deleted, add it to final array.
+	const result = operationsResults.filter(({ operation }) => operation !== 'deleted')
+																	.map(({ newInstance }) => newInstance[1]);
+
+	// If this association referenced only certain record,
+	// unwrap "result" array and send first element:
+	if (associationType === 'HasOne') {
+		return result[0];
+	}
+
+	return result;
+}
+/* Subfunctions\ */

package/lib/policies/Role.js

@@ -0,0 +1,77 @@
+// Reponse protocol generator.
+const APIResponseFactory = require('nodester/factories/responses/api');
+
+
+module.exports = class RolePolicy {
+	constructor({
+		roleName,
+		jwtFacade,
+		apiResponseFactory,
+	}) {
+		if (!roleName)
+			throw new Error('"roleName" argument is invalid.');
+		
+		if (!jwtFacade)
+			throw new Error('"jwtFacade" argument is invalid.');
+
+		this.roleName = roleName;
+		this.jwtFacade = jwtFacade;
+
+		// Init standard API response factory.
+		const standardAPIResponseFactory = new APIResponseFactory();
+		
+		// Set response factory:
+		this.createOKResponse = apiResponseFactory?.createOKResponse ?? 
+														standardAPIResponseFactory.createOKResponse.bind(standardAPIResponseFactory);;
+		this.createErrorResponse = apiResponseFactory?.createErrorResponse ??
+															 standardAPIResponseFactory.createErrorResponse.bind(standardAPIResponseFactory);;
+	}
+
+	async dryRun(req, res, next) {
+		try {
+			const jwtService = this.jwtFacade.service;
+
+			// Get token either from header, query or body.
+			const token = jwtService.extractTokenFromRequest(req);
+
+			// Verifys and parses token. On failed validation will throw error.
+			const parsedToken = await jwtService.verifyAccessToken(token);
+
+			// Check role:
+			if (parsedToken.role !== this.roleName) {
+				const err = new Error(`Unauthorized.`);
+				err.name = 'UnauthorizedError';
+				err.status = 401;
+				throw err;
+			}
+
+			// Everything's good, procceed:
+			req.token = {
+				parsed: parsedToken,
+				initial: token
+			}
+			
+			return Promise.resolve();
+		}
+		catch(error) {
+			// If error is not 401
+			// or
+			// error is not "NoToken",
+			// log it:
+			if (
+				['NoToken', 'UnauthorizedError'].indexOf(error?.name) === -1
+			) {
+				console.error(`${ this.roleName }.policy error:`, error);
+			}
+
+			const statusCode = error?.status ?? 401;
+
+			const err = new Error(error.message);
+			err.name = error.name ?? 'UnknownError';
+			err.details = { message: 'Unauthorized.' }
+			err.status = statusCode;
+
+			return Promise.reject(err);
+		}
+	}
+}

package/lib/policies/RoleExtracting.js

@@ -0,0 +1,97 @@
+// Format for Role header.
+const CLAIMED_ROLE_HEADER_NAME = 'x-claimed-role';
+// Reponse protocol generator.
+const APIResponseFactory = require('nodester/factories/responses/api');
+
+
+module.exports = class RoleExtractingPolicy {
+	constructor({
+		jwtFacade,
+		apiResponseFactory,
+		name
+	}) {
+		
+		if (!jwtFacade)
+			throw new Error('"jwtFacade" argument is invalid.');
+
+		this.jwtFacade = jwtFacade;
+		this.name = name ?? 'RoleExtracting';
+
+		// Init standard API response factory.
+		const standardAPIResponseFactory = new APIResponseFactory();
+		
+		// Set response factory:
+		this.createOKResponse = apiResponseFactory?.createOKResponse ?? 
+														standardAPIResponseFactory.createOKResponse.bind(standardAPIResponseFactory);;
+		this.createErrorResponse = apiResponseFactory?.createErrorResponse ??
+															 standardAPIResponseFactory.createErrorResponse.bind(standardAPIResponseFactory);;
+	}
+
+	async dryRun(req, res, next) {
+		try {
+			// Get claimed role.
+			const claimedRole = req.header(CLAIMED_ROLE_HEADER_NAME);
+
+			// If claimed role is not set or it's a visitor:
+			if (!claimedRole || claimedRole === 'visitor') {
+				// Set role as 'visitor'.
+				req.user = { role: 'visitor' };
+
+				return Promise.resolve();
+			}
+
+			// Unwrap JWT service.
+			const jwtService = this.jwtFacade.service;
+
+			try {
+				// Get access token either from header, query or body.
+				const token = jwtService.extractTokenFromRequest(req);
+
+				// Verifys and parses token. On failed validation will throw error.
+				const parsedToken = await jwtService.verifyAccessToken(token);
+
+				// If parsed token's role is not the same as claimed role,
+				// immediately throw error:
+				if ( parsedToken?.role !== claimedRole ) {
+					const err = new Error('Roles do not match');
+					err.name = 'RolesMismatch';
+					err.details = { message: 'Unauthorized.' }
+					err.status = 401;
+					return Promise.reject(err);
+				}
+
+				// Everything's good, procceed:
+				req.token = {
+					parsed: parsedToken,
+					initial: token
+				}
+
+				req.user = { role: parsedToken?.role };
+			}
+			catch(accessTokenError) {
+				// If error is not "NoToken", something bad has happened:
+				if (accessTokenError?.name !== 'NoToken') {
+					throw accessTokenError;
+				}
+
+				// If error is "NoToken":
+				//	Set role as 'visitor'.
+				req.user = { role: 'visitor' };
+			}
+			
+			return Promise.resolve();
+		}
+		catch(error) {
+			console.error(`${ this.name }.policy error:`, error);
+
+			const statusCode = error?.status ?? 401;
+
+			const err = new Error(error.message);
+			err.name = error.name ?? 'UnknownError';
+			err.details = { message: 'Unauthorized.' }
+			err.status = statusCode;
+
+			return Promise.reject(err);
+		}
+	}
+}

package/lib/preprocessors/BodyPreprocessor.js

@@ -0,0 +1,61 @@
+// Constants.
+const VISITOR = 'visitor';
+
+// Custom error.
+const { Err } = require('nodester/factories/errors');
+
+
+module.exports = class BodyPreprocessor {
+	constructor(
+		availableParamsForRoles,
+		staticParamsForRoles,
+		customProcessFunction
+	) {
+		this.availableParamsForRoles = availableParamsForRoles ?? {};
+		this.staticParamsForRoles = staticParamsForRoles ?? {};
+
+		this.customProcessFunction = customProcessFunction ? customProcessFunction : ()=>{};
+	}
+
+	async extract(
+		req,
+		role
+	) {
+		try {
+			const requestBody = req.body;
+
+			if (!requestBody || typeof requestBody !== 'object') {
+				const err = new Err();
+				err.name = 'ValidationError';
+				throw err;
+			}
+
+			// Get role or set "visitor"
+			const _role = typeof role === 'string' && role.length > 1 ? role : VISITOR;
+
+			const resultBody = {};
+
+			const params = this.availableParamsForRoles[_role] ?? [];
+			const staticValues = this.staticParamsForRoles[_role] ?? {};
+
+			params.forEach((param) => {
+				// If such param is set in body:
+				if (!!requestBody[param]) {
+					resultBody[param] = staticValues[param] ?? requestBody[param];
+				}
+				// If such param is not set, but we have a "static" for it:
+				else if (!requestBody[param] && !!staticValues[param]) {
+					resultBody[param] = staticValues[param];
+				}
+			});
+
+			// Make further preprocessing using customly defined function.
+			await this.customProcessFunction.call(this, req, role, resultBody);
+
+			return Promise.resolve(resultBody);
+		}
+		catch(error) {
+			return Promise.reject(error);
+		}
+	}
+}

package/lib/preprocessors/IncludesPreprocessor.js

@@ -0,0 +1,55 @@
+// Constants:
+const VISITOR = 'visitor';
+const DefaultAvailableParamsForRoles = { [VISITOR]: [] };
+const DefaultStaticParamsForRoles = { [VISITOR]: [] };
+
+// Custom error.
+const { Err } = require('nodester/factories/errors');
+
+
+module.exports = class IncludesPreprocessor {
+
+	constructor(
+		availableParamsForRoles,
+		staticParamsForRoles,
+		customProcessFunction=()=>{}
+	) {
+		this.availableParamsForRoles = availableParamsForRoles ?? DefaultAvailableParamsForRoles;
+		this.staticParamsForRoles = staticParamsForRoles ?? DefaultStaticParamsForRoles;
+
+		this.customProcessFunction = customProcessFunction ? customProcessFunction : ()=>{};
+	}
+
+	async extract(
+		req,
+		role
+	) {
+		const requestIncludes = req.query?.includes ?? [];
+
+		if (!requestQuery || typeof requestQuery !== 'object') {
+			const err = new Err();
+			err.name = 'ValidationError';
+			throw err;
+		}
+
+		// Get role or set "visitor"
+		const _role = typeof role === 'string' && role.length > 1 ? role : VISITOR;
+
+		const resultIncludes = [];
+
+		const params = this.availableParamsForRoles[_role] ?? [];
+		const staticValues = this.staticParamsForRoles[_role] ?? [];
+
+		params.forEach((param) => {
+			// If such param is set in query:
+			if (requestIncludes.indexOf(param) !== -1) {
+				resultIncludes.push(param);
+			}
+		});
+
+		// Make further preprocessing using custom defined function.
+		await this.customProcessFunction.call(this, req, role, resultIncludes);
+
+		return resultIncludes;
+	}
+}