not-node 6.4.8 → 6.4.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/src/generic/manifest.js +146 -0
  3. package/src/manifest/manifest.filter.js +18 -6
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "not-node",
3
- "version": "6.4.8",
3
+ "version": "6.4.10",
4
4
  "description": "node complimentary part for client side notFramework.",
5
5
  "main": "index.js",
6
6
  "scripts": {
package/src/generic/manifest.js ADDED
@@ -0,0 +1,146 @@
1
+ const ACTION_SIGNATURES = require("../auth/const").ACTION_SIGNATURES;
2
+
3
+ const extraActionsBuilder = (
4
+ MODULE_NAME,
5
+ modelName,
6
+ FIELDS,
7
+ actionsBuilders = {}
8
+ ) => {
9
+ const actions = {};
10
+ Object.keys(actionsBuilders).forEach((actionName) => {
11
+ actions[actionName] = actionsBuilders[actionName](
12
+ MODULE_NAME,
13
+ modelName,
14
+ FIELDS
15
+ );
16
+ });
17
+ return actions;
18
+ };
19
+
20
+ const POST_FIX_RECORD_ID = "/:record[_id]";
21
+ const POST_FIX_ACTION_NAME = "/:actionName";
22
+
23
+ module.exports = (MODULE_NAME, modelName, FIELDS, actions = {}) => {
24
+ return {
25
+ model: modelName,
26
+ url: "/api/:modelName",
27
+ fields: FIELDS,
28
+ actions: {
29
+ //ключи это название действий
30
+ create: {
31
+ method: "PUT",
32
+ actionSignature: ACTION_SIGNATURES.CREATE,
33
+ data: ["data"],
34
+ rules: [
35
+ {
36
+ root: true,
37
+ },
38
+ ],
39
+ title: `${MODULE_NAME}:${modelName}_form_create_title`,
40
+ },
41
+ update: {
42
+ method: "POST",
43
+ actionSignature: ACTION_SIGNATURES.UPDATE,
44
+ //добавка к url'у, вид такой :record[название поля без кавычек]
45
+ postFix: POST_FIX_RECORD_ID,
46
+ data: ["data"],
47
+ //должен быть авторизован или нет
48
+ formData: true,
49
+ //должен быть суперпользователем или нет
50
+ rules: [
51
+ {
52
+ root: true,
53
+ },
54
+ ],
55
+ title: `${MODULE_NAME}:${modelName}_form_update_title`,
56
+ },
57
+ list: {
58
+ method: "GET",
59
+ actionSignature: ACTION_SIGNATURES.READ,
60
+ data: ["pager", "sorter", "filter"],
61
+ rules: [
62
+ {
63
+ root: true,
64
+ },
65
+ ],
66
+ },
67
+ listAndCount: {
68
+ method: "GET",
69
+ actionSignature: ACTION_SIGNATURES.READ,
70
+ postFix: POST_FIX_ACTION_NAME,
71
+ data: ["pager", "sorter", "filter", "searcher", "return"],
72
+ rules: [
73
+ {
74
+ root: true,
75
+ },
76
+ ],
77
+ },
78
+ listAll: {
79
+ method: "GET",
80
+ actionSignature: ACTION_SIGNATURES.READ,
81
+ postFix: "/:actionName",
82
+ rules: [
83
+ {
84
+ root: true,
85
+ },
86
+ ],
87
+ },
88
+ count: {
89
+ method: "GET",
90
+ actionSignature: ACTION_SIGNATURES.READ,
91
+ postFix: POST_FIX_ACTION_NAME,
92
+ data: ["filter"],
93
+ rules: [
94
+ {
95
+ root: true,
96
+ },
97
+ ],
98
+ },
99
+ get: {
100
+ method: "GET",
101
+ actionSignature: ACTION_SIGNATURES.READ,
102
+ postFix: POST_FIX_RECORD_ID,
103
+ rules: [
104
+ {
105
+ root: true,
106
+ },
107
+ ],
108
+ title: `${MODULE_NAME}:${modelName}_form_details_title`,
109
+ },
110
+ getByID: {
111
+ method: "GET",
112
+ actionSignature: ACTION_SIGNATURES.READ,
113
+ postFix: `/:record[${modelName}ID]/:actionName`,
114
+ rules: [
115
+ {
116
+ root: true,
117
+ },
118
+ {
119
+ auth: false,
120
+ },
121
+ ],
122
+ },
123
+ getRaw: {
124
+ method: "GET",
125
+ actionSignature: ACTION_SIGNATURES.READ,
126
+ postFix: "/:record[_id]/:actionName",
127
+ rules: [
128
+ {
129
+ root: true,
130
+ },
131
+ ],
132
+ },
133
+ delete: {
134
+ method: "DELETE",
135
+ actionSignature: ACTION_SIGNATURES.READ,
136
+ postFix: POST_FIX_RECORD_ID,
137
+ rules: [
138
+ {
139
+ root: true,
140
+ },
141
+ ],
142
+ },
143
+ ...extraActionsBuilder(MODULE_NAME, modelName, FIELDS, actions),
144
+ },
145
+ };
146
+ };
package/src/manifest/manifest.filter.js CHANGED
@@ -16,6 +16,9 @@ const DIRTY_FIELDS = [
16
16
  "actionSignature",
17
17
  ];
18
18
 
19
+ //allow access to safe (for a specific user auth status) fields only
20
+ const DEFAULT_FIELDS_SET = ["@safe"];
21
+
19
22
  module.exports = class notManifestFilter {
20
23
  static schemaLoader = (name) => getApp().getModelSchema(name);
21
24
 
@@ -310,13 +313,22 @@ module.exports = class notManifestFilter {
310
313
  //this action
311
314
  const fullModelName = this.composeFullModelName(moduleName, modelName);
312
315
  const modelSchema = this.loadSchema(fullModelName);
313
- if (notManifestFilter.ruleSetHasFieldsDirective(ruleSet)) {
314
- copy.fields = notFieldsFilter.filter(
315
- [...ruleSet.fields],
316
- modelSchema,
317
- { action: actionSignature, roles: role, auth, root, modelName }
318
- );
316
+ const fields = notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
317
+ ? [...ruleSet.fields]
318
+ : DEFAULT_FIELDS_SET;
319
+
320
+ copy.fields = notFieldsFilter.filter(fields, modelSchema, {
321
+ action: actionSignature,
322
+ roles: role,
323
+ auth,
324
+ root,
325
+ modelName,
326
+ });
327
+ //remove fields property if list is empty
328
+ if (copy.fields.length == 0) {
329
+ delete copy.fields;
319
330
  }
331
+
320
332
  if (ruleSet && ruleSet.return) {
321
333
  copy.return = notManifestFilter.filterReturnSet(
322
334
  ruleSet.return,