not-node 6.3.0 → 6.3.2

package/src/manifest/route.js

@@ -1,7 +1,7 @@
 const CONST_BEFORE_ACTION = "before";
 const CONST_AFTER_ACTION = "after";
 
-const obsoleteWarning = require("../obsolete");
+const { obsoleteRuleFields, obsoleteActionFields } = require("../obsolete");
 
 const notAppIdentity = require("../identity");
 const Auth = require("../auth"),
@@ -32,17 +32,22 @@ class notRoute {
     /**
      * Cycle throu rules of action and checking user credentials against them
      * If user creds comply to some rule - returns copy of rule
-     * @param {object}   action    action rules object
+     * @param {import('../types').notActionData & import('../types').notRouteRule }   action    action rules object
      * @param {object}   user      user credentials (auth, role, root)
      * @return {object|null}       returns rule or null
      **/
-    static actionAvailableByRule(action, user) {
+    static actionAvailableByRule(action, user, url = "") {
         if (!action) {
             return null;
         }
-        if (Array.isArray(action.rules) && action.rules.length > 0) {
+        if (
+            action.rules &&
+            Array.isArray(action.rules) &&
+            action.rules.length > 0
+        ) {
             return notRoute.cycleThruRules(action.rules, user);
         } else {
+            obsoleteActionFields(action, url);
             if (
                 Auth.checkCredentials(action, user.auth, user.role, user.root)
             ) {
@@ -54,7 +59,7 @@ class notRoute {
 
     static cycleThruRules(rules, user, url = "") {
         for (let i = 0; i < rules.length; i++) {
-            obsoleteWarning(rules[i], url);
+            obsoleteRuleFields(rules[i], url);
             if (
                 Auth.checkCredentials(rules[i], user.auth, user.role, user.root)
             ) {
@@ -66,8 +71,8 @@ class notRoute {
 
     /**
      *	Select rule from available or return null
-     *	@param	{object}	req 	Express Request Object
-     *	@return	{object}	rule or null
+     *	@param	{import('../types').ExtendedExpressRequest}	req 	Express Request Object
+     *	@return	{import('../types').notRouteRule | null}	rule or null
      */
     selectRule(req) {
         const user = notAppIdentity.extractAuthData(req);
@@ -77,8 +82,27 @@ class notRoute {
         return null;
     }
 
-    setRequestRouteData(req, actionName, rule) {
-        req.notRouteData = {
+    /**
+     *
+     *
+     * @param {import('../types').ExtendedExpressRequest}       req
+     * @param {import('../types').notRouteData} notRouteData
+     * @memberof notRoute
+     */
+    setRequestRouteData(req, notRouteData) {
+        req.notRouteData = notRouteData;
+    }
+
+    /**
+     *
+     *
+     * @param {string} actionName
+     * @param {import('../types').notRouteRule} rule
+     * @return {import('../types').notRouteData}
+     * @memberof notRoute
+     */
+    createRequestRouteData(actionName, rule) {
+        return {
             actionName,
             modelName: this.routeName,
             rule: copyObj(rule),
@@ -88,9 +112,9 @@ class notRoute {
 
     /**
      *	Executes route action if such exist
-     *	@param	{object}	req 	Express Request Object
-     *	@param	{object}	res		Express Response Object
-     *	@param	{function}	callback
+     *	@param	{import('../types').ExtendedExpressRequest}	req 	Express Request Object
+     *	@param	{import('express').Response}	res		Express Response Object
+     *	@param	{function}	next
      *	@return {object}	result of execution or HttpError
      **/
     exec(req, res, next) {
@@ -109,7 +133,7 @@ class notRoute {
                 );
             }
             console.log(rule);
-            obsoleteWarning(rule, req.originalUrl);
+            obsoleteRuleFields(rule, req.originalUrl);
             let actionName = this.selectActionName(rule);
             let mod = this.notApp.getModule(this.moduleName);
             if (!mod) {
@@ -126,7 +150,10 @@ class notRoute {
                 );
             }
             let modRoute = mod.getRoute(this.routeName);
-            this.setRequestRouteData(req, actionName, rule);
+            this.setRequestRouteData(
+                req,
+                this.createRequestRouteData(actionName, rule)
+            );
             if (this.routeIsRunnable(modRoute, actionName)) {
                 return this.executeRoute(modRoute, actionName, {
                     req,
@@ -148,6 +175,7 @@ class notRoute {
             }
         } catch (e) {
             this.notApp.report(e);
+            next(e);
         }
     }
 

package/src/model/default.js

@@ -327,7 +327,7 @@ function countWithFilter(filter) {
  *	Starts add routine
  *	@static
  *	@param	{object} 		data		data
- *	@return {Promise<MongooseDocument>}					Promise of saved document
+ *	@return {Promise<import('mongoose').Document>}					Promise of saved document
  */
 function add(data) {
     return routine.add(this, data);

package/src/model/proto.js

@@ -164,7 +164,7 @@ module.exports = class ModelFabricate {
                 //creating unique indexes
                 ModelFabricate.createIndexesForFields(schema, fieldsForIndexes);
                 ModelFabricate.createIndexesForText(schema, targetModule);
-                //adding specific fields and indetificators
+                //adding specific fields and identificators
                 ModelFabricate.markFor(schema, targetModule);
                 //extending schema methods, statics, virtuals by user defined and default content
                 ModelFabricate.extendBySource(schema, targetModule);

package/src/obsolete.js

@@ -1,14 +1,30 @@
 const log = require("not-log")(module, "Auth");
 
-module.exports = function (rule, url = "") {
+const obsoleteRuleFields = function (rule, url = "") {
     if (Object.prototype.hasOwnProperty.call(rule, "user")) {
-        log.error(
-            `Missformed rule, field "user" is not allowed, use "auth" instead: ${url}`
-        );
+        log &&
+            log.error(
+                `Missformed rule, field "user" is not allowed, use "auth" instead: ${url}`
+            );
     }
     if (Object.prototype.hasOwnProperty.call(rule, "admin")) {
-        log.error(
-            `Missformed rule, field "admin" is obsolete, use "root" instead: ${url}`
-        );
+        log &&
+            log.error(
+                `Missformed rule, field "admin" is obsolete, use "root" instead: ${url}`
+            );
     }
 };
+
+const obsoleteActionFields = function (action, url = "") {
+    if (!Object.prototype.hasOwnProperty.call(action, "rules")) {
+        log &&
+            log.error(
+                `Missformed action, access rule should be moved to object inside property 'rules' (array<object>): ${url}`
+            );
+    }
+};
+
+module.exports = {
+    obsoleteRuleFields,
+    obsoleteActionFields,
+};

package/src/types.js

@@ -0,0 +1,83 @@
+/**
+ * @typedef {object} Query
+ * @property {number} skip
+ * @property {number} size
+ * @property {object} sorter
+ * @property {object} [filter]
+ * @property {string} [search]
+ */
+
+/**
+ * @typedef    {Object}    PreparedData
+ * @property   {Object}    [data]
+ * @property   {string}     [action]
+ * @property   {Query}     [query]
+ * @property   {number}    [targetID]       target item ID
+ * @property   {Object}    [activeUser]     current user info
+ * @property   {import('mongoose').Types.ObjectId}   [activeUserId]       current user document objectId
+ * @property   {import('mongoose').Types.ObjectId}   [targetId]       target item objectId
+ * @property   {string}    [ip]             current user ip
+ * @property   {boolean}   [root]           current user is root
+ * @property   {boolean}   [shouldOwn]      if user should be owner of targ
+ *
+ */
+
+/**
+ * @typedef    {object}    notRouteRule
+ * @property   {string}    [actionName]
+ * @property   {string}    [actionPrefix]
+ * @property   {string}    [actionSignature]
+ * @property   {boolean}   [root]
+ * @property   {boolean}   [admin]
+ * @property   {string|Array<string>}    [role]
+ * @property   {boolean}   [safe]
+ * @property   {boolean}   [auth]
+ * @property   {boolean}   [user]
+ * @property   {Array<string | Array<string>>}  [fields]
+ * @property   {Array<string>}                  [return]
+ */
+
+/**
+ * @typedef    {object}                         notActionData
+ * @property   {string}                         [method]
+ * @property   {string}                         [actionSignature]
+ * @property   {string}                         [postFix]
+ * @property   {Array<notRouteRule>}               rules
+ * @property   {boolean}                        [ws]
+ * @property   {Array<string & Array<string>>}  [fields]
+ * @property   {Array<string>}                  [return]
+ * @property   {boolean}                        [isArray]
+ * @property   {Array<string>}                  [data]
+ * @property   {string}                         [title]
+ */
+
+/**
+ * @typedef    {Object}       notRouteData
+ * @property   {string}       actionName
+ * @property   {string}       modelName
+ * @property   {notRouteRule}    rule
+ * @property   {notActionData}   actionData
+ */
+
+/**
+ * @typedef    {object}                            notUserDocumentProperties
+ * @property   {import('mongoose').Types.ObjectId} _id
+ * @property   {function}                          isRoot
+ * @property   {function}                          isAdmin
+ */
+
+/**
+ * @typedef {import('mongoose').Document & notUserDocumentProperties} notUserDocument
+ */
+
+/**
+ * @typedef    {object}          notNodeExpressRequestProperties
+ * @property   {notRouteData}    notRouteData
+ * @property   {notUserDocument} user
+ */
+
+/**
+ * @typedef     {import('express').Request & notNodeExpressRequestProperties}    notNodeExpressRequest
+ */
+
+module.exports = {};

package/test/auth/fields.js

@@ -156,7 +156,7 @@ module.exports = ({ Auth, expect }) => {
                 expect(result).to.deep.equal(false);
             });
 
-            it("field.safe.action:Array<string> with special, action:string, roles:Array<string>, special:Array<string>", () => {
+            it("field.safe.action:Array<string> with special, action:string, roles:Array<string>, special:Array<string> = ['@owner']", () => {
                 const field = {
                         safe: {
                             update: ["root", "@owner"],
@@ -169,7 +169,7 @@ module.exports = ({ Auth, expect }) => {
                 expect(result).to.deep.equal(true);
             });
 
-            it("field.safe.action:Array<string> with special, action:string, roles:Array<string>, special:Array<string>", () => {
+            it("field.safe.action:Array<string> with special, action:string, roles:Array<string>, special:Array<string> = ['@system']", () => {
                 const field = {
                         safe: {
                             update: ["root", "@owner"],

package/test/auth/obsolete.js

@@ -1,13 +1,20 @@
-const obsolete = require('../../src/obsolete');
+const obsolete = require("../../src/obsolete");
 module.exports = () => {
-  describe('Obsolete params warnings', () => {
-    it('user', ()=>{
-      const obj = {
-          user: false
-        };
-      obsolete(obj);
+    describe("Obsolete rules params warnings", () => {
+        it("'user' field presented", () => {
+            const obj = {
+                user: false,
+            };
+            obsolete.obsoleteRuleFields(obj);
+        });
     });
 
-  });
-
+    describe("Obsolete action params warnings", () => {
+        it("'rules' field not presented", () => {
+            const obj = {
+                user: false,
+            };
+            obsolete.obsoleteActionFields(obj);
+        });
+    });
 };

package/test/extractors.js

@@ -0,0 +1,60 @@
+const expect = require("chai").expect,
+    extractors = require("../src/form/extractors");
+
+describe("Form//Extractors", () => {
+    describe("activeUserId", () => {
+        it("user object exists ", () => {
+            const _id = Math.random();
+            const res = extractors.activeUserId({ user: { _id } });
+            expect(_id).to.be.equal(res);
+        });
+        it("user object doesnt exists ", () => {
+            const res = extractors.activeUserId({});
+            expect(res).to.be.undefined;
+        });
+    });
+
+    it("activeUserModelName", () => {
+        const res = extractors.activeUserModelName();
+        expect("User").to.be.equal(res);
+    });
+
+    it("fromBody", () => {
+        const req = {
+            body: {
+                a: 1,
+                b: 2,
+                c: 3,
+                d: 4,
+            },
+        };
+        expect(extractors.fromBody(req, "b")).to.be.equal(2);
+        expect(extractors.fromBody(req, "e")).to.be.undefined;
+    });
+
+    it("fromParams", () => {
+        const req = {
+            params: {
+                a: 1,
+                b: 2,
+                c: 3,
+                d: 4,
+            },
+        };
+        expect(extractors.fromParams(req, "b")).to.be.equal(2);
+        expect(extractors.fromParams(req, "e")).to.be.undefined;
+    });
+
+    it("fromQuery", () => {
+        const req = {
+            query: {
+                a: 1,
+                b: 2,
+                c: 3,
+                d: 4,
+            },
+        };
+        expect(extractors.fromQuery(req, "b")).to.be.equal(2);
+        expect(extractors.fromQuery(req, "e")).to.be.undefined;
+    });
+});

package/test/filter.js

@@ -0,0 +1,286 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+const expect = require("chai").expect,
+    notFieldsFilter = require("../src/fields/filter");
+
+const SCHEMA = () => {
+    return {
+        role: {
+            type: [String],
+            required: true,
+            searchable: true,
+            default: ["user"],
+            validate: [],
+            safe: {
+                update: ["root", "admin"],
+                read: ["@owner", "root", "admin"],
+            },
+        },
+        name: {
+            type: String,
+            safe: {
+                update: ["@system", "@owner", "root", "admin"],
+                read: ["*"],
+            },
+        },
+        salt: {
+            type: String,
+            required: true,
+        },
+        telephone: {
+            type: String,
+            unique: false,
+            searchable: true,
+            required: false,
+            safe: {
+                update: ["@owner", "root", "admin"],
+                read: ["@owner", "root", "admin"],
+            },
+        },
+        username: {
+            type: String,
+            unique: true,
+            searchable: true,
+            required: true,
+            safe: {
+                read: ["*"],
+            },
+        },
+        confirm: {
+            type: Schema.Types.Mixed,
+            required: false,
+            searchable: true,
+            safe: {
+                update: ["@system", "root", "admin"],
+            },
+        },
+        code: {
+            type: String,
+            searchable: true,
+            required: true,
+        },
+        country: {
+            type: String,
+            required: false,
+            searchable: true,
+            default: "ru",
+            safe: {
+                update: ["@system", "@owner", "root", "admin"],
+                read: ["*"],
+            },
+        },
+        email: {
+            type: String,
+            unique: true,
+            searchable: true,
+            required: true,
+            safe: {
+                update: ["@owner", "root", "admin"],
+                read: ["@owner", "root", "admin"],
+            },
+        },
+    };
+};
+
+describe("Fields/notFieldsFilter", function () {
+    describe("userSets", () => {
+        it("static getter", () => {
+            expect(notFieldsFilter.userSets).to.be.deep.equal({});
+        });
+    });
+
+    describe("addSet", () => {
+        it("add new", () => {
+            const result = notFieldsFilter.addSet("test1", [
+                "field1",
+                "-field2",
+            ]);
+            expect(result).to.be.true;
+            expect(notFieldsFilter.userSets).to.have.key("test1");
+            expect(notFieldsFilter.userSets.test1).to.be.deep.equal([
+                "field1",
+                "-field2",
+            ]);
+        });
+
+        it("add new with faulty items, discarded", () => {
+            const result = notFieldsFilter.addSet("test2", [123123, "-field2"]);
+            expect(result).to.be.false;
+            expect(notFieldsFilter.userSets).to.not.have.key("test2");
+        });
+
+        it("add new with restricted name, discarded", () => {
+            const result = notFieldsFilter.addSet("*", ["-field2"]);
+            expect(result).to.be.false;
+            expect(notFieldsFilter.userSets).to.not.have.key("test2");
+        });
+    });
+
+    describe("removeSet", () => {
+        it("set exists", () => {
+            const result = notFieldsFilter.removeSet("test1");
+            expect(result).to.be.true;
+        });
+
+        it("set not exists", () => {
+            const result = notFieldsFilter.removeSet("test1");
+            expect(result).to.be.false;
+        });
+    });
+
+    describe("isSpecialSet", () => {
+        it("exclude special set", () => {
+            const name = "-@*";
+            const result = notFieldsFilter.isSpecialSet(name);
+            expect(result).to.be.true;
+        });
+    });
+    describe("specials", () => {
+        it("static specials getter", () => {
+            const result = notFieldsFilter.specials;
+            expect(result).to.be.instanceOf(Object);
+            expect(result).to.have.all.keys([
+                "ALL",
+                "SAFE",
+                "UNSAFE",
+                "TIMESTAMPS",
+                "OWNAGE",
+                "VERSIONING",
+                "ID_NUMERIC",
+                "ID_UUID",
+            ]);
+        });
+
+        it("SPECIAL_SET_SAFE; action=update other undefined", () => {
+            const result = notFieldsFilter.getSpecialSetContent(
+                notFieldsFilter.specials.SAFE,
+                SCHEMA(),
+                { action: "update" }
+            );
+            expect(result).to.be.deep.equal([]);
+        });
+
+        it("SPECIAL_SET_SAFE; action=read other undefined", () => {
+            const result = notFieldsFilter.getSpecialSetContent(
+                notFieldsFilter.specials.SAFE,
+                SCHEMA(),
+                { action: "read" }
+            );
+            expect(result).to.be.deep.equal(["name", "username", "country"]);
+        });
+    });
+
+    describe("specialsToPlain", () => {
+        it("get all fields ['@*']", () => {
+            const result = notFieldsFilter.specialsToPlain(["@*"], SCHEMA(), {
+                modelName: "SomeModel",
+            });
+            const target = ["_id", "someModelID", ...Object.keys(SCHEMA())];
+            expect(Array.isArray(result)).to.be.true;
+            expect(result.length).to.be.equal(target.length);
+            expect(result).to.be.deep.equal(target);
+        });
+
+        it("get all fields ['@*']", () => {
+            const result = notFieldsFilter.specialsToPlain(["@*"], SCHEMA(), {
+                modelName: "SomeModel",
+            });
+            const target = ["_id", "someModelID", ...Object.keys(SCHEMA())];
+            expect(Array.isArray(result)).to.be.true;
+            expect(result.length).to.be.equal(target.length);
+            expect(result).to.be.deep.equal(target);
+        });
+
+        it("list with special set exclusions", () => {
+            const list = ["id", "name", "-@versioning"];
+            const result = notFieldsFilter.specialsToPlain(list, SCHEMA(), {
+                modelName: "SomeModel",
+            });
+            expect(result).to.be.deep.equal([
+                "id",
+                "name",
+                "-__version",
+                "-__versions",
+                "-__closed",
+                "-__latest",
+                "-__v",
+            ]);
+        });
+    });
+
+    describe("removeExcludedFields", () => {
+        it("empty list", () => {
+            const list = [];
+            const result = notFieldsFilter.removeExcludedFields(list);
+            expect(result).to.be.deep.equal([]);
+        });
+
+        it("list without exclusions", () => {
+            const list = ["id", "name"];
+            const result = notFieldsFilter.removeExcludedFields(list);
+            expect(result).to.be.deep.equal(["id", "name"]);
+        });
+
+        it("list with exclusions but no target fields presentation in list", () => {
+            const list = ["-gag", "id", "name", "-data", "-time"];
+            const result = notFieldsFilter.removeExcludedFields(list);
+            expect(result).to.be.deep.equal(["id", "name"]);
+        });
+
+        it("list with exclusions predicating includsions", () => {
+            const list = ["-id", "id", "name", "-name", "-time"];
+            const result = notFieldsFilter.removeExcludedFields(list);
+            expect(result).to.be.deep.equal(["id"]);
+        });
+
+        it("list with exclusions, end up empty", () => {
+            const list = ["id", "-id", "name", "-name", "-time"];
+            const result = notFieldsFilter.removeExcludedFields(list);
+            expect(result).to.be.deep.equal([]);
+        });
+
+        it("list with exclusions, but later inclusions", () => {
+            const list = ["id", "-id", "name", "-name", "id"];
+            const result = notFieldsFilter.removeExcludedFields(list);
+            expect(result).to.be.deep.equal(["id"]);
+        });
+    });
+
+    describe("fieldsListIsNotPlain", () => {
+        it("plain list", () => {
+            const fields = ["field1", "field2"];
+            expect(notFieldsFilter.fieldsListIsNotPlain(fields)).to.be.false;
+        });
+
+        it("not plain list, exlusion", () => {
+            const fields = ["field1", "-field2"];
+            expect(notFieldsFilter.fieldsListIsNotPlain(fields)).to.be.true;
+        });
+
+        it("not plain list, special set", () => {
+            const fields = ["@safe"];
+            expect(notFieldsFilter.fieldsListIsNotPlain(fields)).to.be.true;
+        });
+    });
+
+    describe("filter", () => {
+        it("complex operations exclude/include with deep of 3", () => {
+            notFieldsFilter.addSet("user1", ["-@safe"]);
+            notFieldsFilter.addSet("user2", ["-@user1"]);
+            const result = notFieldsFilter.filter(
+                ["id", "name", "@user2"],
+                SCHEMA(),
+                {
+                    action: "read",
+                }
+            );
+            expect(result).to.be.deep.equal([
+                "id",
+                "name",
+                "name",
+                "username",
+                "country",
+            ]);
+        });
+    });
+});