not-node 6.3.48 → 6.3.49
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/auth/const.js +8 -0
- package/src/form/form.js +60 -3
- package/src/manifest/manifest.filter.js +1 -1
- package/src/types.js +18 -18
package/package.json
CHANGED
package/src/auth/const.js
CHANGED
|
@@ -19,6 +19,13 @@ const ACTION_SIGNATURES = {
|
|
|
19
19
|
ANY: ACTION_SIGNATURE_ANY,
|
|
20
20
|
};
|
|
21
21
|
|
|
22
|
+
const METHOD_SIGNAURES = {
|
|
23
|
+
GET: ACTION_SIGNATURES.READ,
|
|
24
|
+
PUT: ACTION_SIGNATURES.CREATE,
|
|
25
|
+
POST: ACTION_SIGNATURES.UPDATE,
|
|
26
|
+
DELETE: ACTION_SIGNATURES.DELETE,
|
|
27
|
+
};
|
|
28
|
+
|
|
22
29
|
const OBJECT_STRING = "[object String]";
|
|
23
30
|
|
|
24
31
|
const DOCUMENT_OWNER_FIELD_NAME = "owner";
|
|
@@ -32,4 +39,5 @@ module.exports = {
|
|
|
32
39
|
DEFAULT_USER_ROLE_FOR_ADMIN,
|
|
33
40
|
DOCUMENT_OWNER_FIELD_NAME,
|
|
34
41
|
ACTION_SIGNATURES,
|
|
42
|
+
METHOD_SIGNAURES,
|
|
35
43
|
};
|
package/src/form/form.js
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
const validator = require("validator");
|
|
2
2
|
const notPath = require("not-path");
|
|
3
3
|
const FormFabric = require("./fabric");
|
|
4
|
+
const Auth = require("../auth");
|
|
4
5
|
const { createSchemaFromFields } = require("../fields");
|
|
5
|
-
|
|
6
|
+
const notFieldsFilter = require("../fields/filter.js");
|
|
7
|
+
const getApp = require("../getApp.js");
|
|
6
8
|
const {
|
|
7
9
|
objHas,
|
|
8
10
|
isFunc,
|
|
@@ -27,6 +29,7 @@ const {
|
|
|
27
29
|
const DEFAULT_EXTRACTORS = require("./extractors");
|
|
28
30
|
const DEFAULT_ID_EXTRACTORS = require("./env_extractors");
|
|
29
31
|
const DEFAULT_TRANSFORMERS = require("./transformers");
|
|
32
|
+
const notAppIdentity = require("../identity/index.js");
|
|
30
33
|
|
|
31
34
|
/**
|
|
32
35
|
* Generic form validation class
|
|
@@ -41,6 +44,7 @@ class Form {
|
|
|
41
44
|
form: [],
|
|
42
45
|
forms: {},
|
|
43
46
|
};
|
|
47
|
+
#MODEL_SCHEMA;
|
|
44
48
|
/**
|
|
45
49
|
* @prop {string} name of form
|
|
46
50
|
**/
|
|
@@ -521,7 +525,7 @@ class Form {
|
|
|
521
525
|
/**
|
|
522
526
|
*
|
|
523
527
|
* @param {import('../types').notNodeExpressRequest} req Express Request
|
|
524
|
-
* @returns {Array<string
|
|
528
|
+
* @returns {Array<string>}
|
|
525
529
|
*/
|
|
526
530
|
extractActionFieldsFromRequest(req) {
|
|
527
531
|
if (
|
|
@@ -539,6 +543,51 @@ class Form {
|
|
|
539
543
|
return [];
|
|
540
544
|
}
|
|
541
545
|
|
|
546
|
+
/**
|
|
547
|
+
*
|
|
548
|
+
* @param {import('../types.js').notActionData} actionData
|
|
549
|
+
* @returns
|
|
550
|
+
*/
|
|
551
|
+
getActionSignature(actionData) {
|
|
552
|
+
if (actionData.actionSignature) {
|
|
553
|
+
return actionData.actionSignature;
|
|
554
|
+
} else if (actionData.method && typeof actionData.method === "string") {
|
|
555
|
+
const METHOD = actionData.method.toUpperCase();
|
|
556
|
+
if (objHas(Auth.METHOD_SIGNAURES, METHOD)) {
|
|
557
|
+
return Auth.METHOD_SIGNAURES[METHOD];
|
|
558
|
+
}
|
|
559
|
+
}
|
|
560
|
+
return Auth.ACTION_SIGNATURES.ANY;
|
|
561
|
+
}
|
|
562
|
+
|
|
563
|
+
/**
|
|
564
|
+
*
|
|
565
|
+
* @param {import('../types.js').notNodeExpressRequest} req
|
|
566
|
+
* @returns {import('../fields/filter.js').FieldsFilteringModificators}
|
|
567
|
+
*/
|
|
568
|
+
extractActionMods(req) {
|
|
569
|
+
const authData = notAppIdentity.extractAuthData(req);
|
|
570
|
+
/**
|
|
571
|
+
* @type {import('../types.js').notRouteData}
|
|
572
|
+
*/
|
|
573
|
+
const routeData = req.notRouteData;
|
|
574
|
+
let action = this.getActionSignature(req.notRouteData.actionData);
|
|
575
|
+
if (
|
|
576
|
+
action === Auth.ACTION_SIGNATURES.ANY &&
|
|
577
|
+
routeData.actionName &&
|
|
578
|
+
routeData.actionName.length
|
|
579
|
+
) {
|
|
580
|
+
action = routeData.actionName;
|
|
581
|
+
}
|
|
582
|
+
return {
|
|
583
|
+
auth: authData.auth,
|
|
584
|
+
roles: authData.role,
|
|
585
|
+
root: authData.root,
|
|
586
|
+
modelName: routeData.modelName,
|
|
587
|
+
action,
|
|
588
|
+
};
|
|
589
|
+
}
|
|
590
|
+
|
|
542
591
|
/**
|
|
543
592
|
*
|
|
544
593
|
* @param {import('../types.js').notNodeExpressRequest} req
|
|
@@ -553,7 +602,15 @@ class Form {
|
|
|
553
602
|
) {
|
|
554
603
|
const result = {};
|
|
555
604
|
const fields = this.extractActionFieldsFromRequest(req);
|
|
556
|
-
|
|
605
|
+
const schema = getApp().getModelSchema(
|
|
606
|
+
`${this.getModuleName()}//${this.getModelName(req)}`
|
|
607
|
+
);
|
|
608
|
+
const filteredFields = notFieldsFilter.filter(
|
|
609
|
+
fields,
|
|
610
|
+
schema,
|
|
611
|
+
this.extractActionMods(req)
|
|
612
|
+
);
|
|
613
|
+
filteredFields.forEach((fieldName) => {
|
|
557
614
|
if (objHas(exceptions, fieldName)) {
|
|
558
615
|
result[fieldName] = exceptions[fieldName];
|
|
559
616
|
} else {
|
|
@@ -194,7 +194,7 @@ module.exports = class notManifestFilter {
|
|
|
194
194
|
* @param {Array<string>} mods.role
|
|
195
195
|
* @param {string} mods.modelName
|
|
196
196
|
* @param {string} mods.moduleName
|
|
197
|
-
* @param {string|undefined}
|
|
197
|
+
* @param {string|undefined} mods.actionSignature create/read/update/delete
|
|
198
198
|
* @return {object} clean action data
|
|
199
199
|
**/
|
|
200
200
|
static clearActionFromRules(
|
package/src/types.js
CHANGED
|
@@ -49,24 +49,24 @@
|
|
|
49
49
|
|
|
50
50
|
/**
|
|
51
51
|
* @typedef {object} notActionData
|
|
52
|
-
* @property {string} [method]
|
|
53
|
-
* @property {string} [actionSignature]
|
|
54
|
-
* @property {string} [postFix]
|
|
55
|
-
* @property {Array<notRouteRule>} rules
|
|
56
|
-
* @property {boolean} [ws]
|
|
57
|
-
* @property {Array<string & Array<string>>} [fields]
|
|
58
|
-
* @property {Array<string>} [return]
|
|
59
|
-
* @property {boolean} [isArray]
|
|
60
|
-
* @property {Array<string>} [data]
|
|
61
|
-
* @property {string} [title]
|
|
62
|
-
*/
|
|
63
|
-
|
|
64
|
-
/**
|
|
65
|
-
* @typedef {Object}
|
|
66
|
-
* @property {string}
|
|
67
|
-
* @property {string}
|
|
68
|
-
* @property {notRouteRule}
|
|
69
|
-
* @property {notActionData}
|
|
52
|
+
* @property {string} [method] HTTP method name GET,PUT,POST,DELETE
|
|
53
|
+
* @property {string} [actionSignature] one of create,read,update,delete,any
|
|
54
|
+
* @property {string} [postFix] uri rule
|
|
55
|
+
* @property {Array<notRouteRule>} rules access rules
|
|
56
|
+
* @property {boolean} [ws] use WS routers for this actions
|
|
57
|
+
* @property {Array<string & Array<string>>} [fields] array of fields names or fields set aliases, used in form generators, validators
|
|
58
|
+
* @property {Array<string>} [return] rule to filter results, used to exclude from response sensetive data
|
|
59
|
+
* @property {boolean} [isArray] obsolete
|
|
60
|
+
* @property {Array<string>} [data] list consisting of sources (pager,sorter,search,record) for request generation on client side
|
|
61
|
+
* @property {string} [title] used in form generators
|
|
62
|
+
*/
|
|
63
|
+
|
|
64
|
+
/**
|
|
65
|
+
* @typedef {Object} notRouteData
|
|
66
|
+
* @property {string} actionName name of action
|
|
67
|
+
* @property {string} modelName first letter should not be not capital
|
|
68
|
+
* @property {notRouteRule} rule current rule
|
|
69
|
+
* @property {notActionData} actionData action details
|
|
70
70
|
*/
|
|
71
71
|
|
|
72
72
|
/**
|