not-node 6.5.20 → 6.5.22

package/eslint.config.cjs

@@ -19,9 +19,9 @@ module.exports = [
         ],
     },
     ...compat.extends(
-        "eslint:recommended",
+        "eslint:recommended"
         //"plugin:node/recommended",
-        "plugin:sonarjs/recommended-legacy"
+        //"plugin:sonarjs/recommended-legacy"
     ),
     {
         languageOptions: {

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "not-node",
-	"version": "6.5.20",
+	"version": "6.5.22",
 	"description": "node complimentary part for client side notFramework.",
 	"main": "index.js",
 	"scripts": {
@@ -12,7 +12,7 @@
 		"watch:build:cover:dev": "npm-run-all --parallel js-watch",
 		"cover": "nyc npm test",
 		"clear:playground": "rm -rf ./playground",
-		"prepare": "husky install"
+		"prepare": "husky"
 	},
 	"bin": {
 		"not-node": "bin/not-node.js",
@@ -59,7 +59,7 @@
 		"mongoose-validator": "*",
 		"nconf": "*",
 		"not-config": "*",
-		"not-filter": "*",
+		"not-filter": "^0.3.15",
 		"not-inform": "*",
 		"not-locale": "^0.0.22",
 		"not-log": "*",

package/src/auth/const.js

@@ -29,7 +29,10 @@ const METHOD_SIGNAURES = {
 
 const OBJECT_STRING = "[object String]";
 
+//document owned by registered user
 const DOCUMENT_OWNER_FIELD_NAME = "owner";
+//document owned by guest user
+const DOCUMENT_SESSION_FIELD_NAME = "session";
 const TOKEN_TTL = 3600;
 
 module.exports = {
@@ -39,6 +42,7 @@ module.exports = {
     DEFAULT_USER_ROLE_FOR_ROOT,
     DEFAULT_USER_ROLE_FOR_ADMIN,
     DOCUMENT_OWNER_FIELD_NAME,
+    DOCUMENT_SESSION_FIELD_NAME,
     ACTION_SIGNATURES,
     METHOD_SIGNAURES,
 };

package/src/common.js

@@ -486,3 +486,13 @@ const findSignature = (obj, signatures, strict = true, typeStrict = true) => {
     });
 };
 module.exports.findSignature = findSignature;
+
+const isAction = (action) =>
+    action &&
+    (typeof action.run === "function" || typeof action === "function");
+
+module.exports.isAction = isAction;
+
+const isArrayOfActions = (list) => list.every(isAction);
+
+module.exports.isArrayOfActions = isArrayOfActions;

package/src/core/locales/ru.json

@@ -76,5 +76,6 @@
   "select_from_list_label": "Выберите из списка...",
   "field_actions_label": "Действия",
   "form_exception_field_extractor_is_undefined": "Экстрактор для поля входных данных отсутствует",
+  "form_exception_identity_or_query_is_undefined": "Identity или Query отсутствуют",
   "versioning_error_same_old_data": "Данные не изменились, сохранение отклонено."
 }

package/src/exceptions/form.js

@@ -34,3 +34,16 @@ class FormExceptionTooManyRequests extends HttpExceptionTooManyRequests {
 }
 
 module.exports.FormExceptionTooManyRequests = FormExceptionTooManyRequests;
+
+Error("no prepared identity or query");
+
+class FormExceptionIdentityOrQueryIsUndefined extends notRequestError {
+    constructor(formName) {
+        super("not-node:form_exception_identity_or_query_is_undefined", {
+            params: { formName },
+        });
+    }
+}
+
+module.exports.FormExceptionIdentityOrQueryIsUndefined =
+    FormExceptionIdentityOrQueryIsUndefined;

package/src/fields/filter.js

@@ -8,6 +8,7 @@ const { getSafeFieldsForRoleAction } = require("../auth/fields");
 const {
     DEFAULT_USER_ROLE_FOR_GUEST,
     ACTION_SIGNATURES,
+    DOCUMENT_SESSION_FIELD_NAME,
 } = require("../auth/const");
 /**
  * notFieldsFilter.filter(fields, getApp().getModelSchema(MODEL_NAME), {action});
@@ -144,7 +145,11 @@ class notFieldsFilter {
                     system
                 );
             },
-            [SPECIAL_SET_UNSAFE]: ["salt", "password", "session"],
+            [SPECIAL_SET_UNSAFE]: [
+                "salt",
+                "password",
+                DOCUMENT_SESSION_FIELD_NAME,
+            ],
             [SPECIAL_SET_TIMESTAMPS]: ["createdAt", "updatedAt"],
             [SPECIAL_SET_OWNAGE]: (schema) => {
                 const inSchema = Object.keys(schema);

package/src/generic/form.js

@@ -15,6 +15,7 @@ function createDefaultInstance({
     MODULE_NAME,
     MODEL_NAME,
     actionName,
+    config,
     /* validators = [],
     dataValidators = [],*/
 }) {
@@ -23,7 +24,7 @@ function createDefaultInstance({
         ["data", `${MODULE_NAME}//_${Common.firstLetterToLower(MODEL_NAME)}`],
     ];
     const FORM_NAME = Form.createName(MODULE_NAME, MODEL_NAME, actionName);
-    return new Form({ FIELDS, FORM_NAME, app, MODULE_NAME });
+    return new Form({ FIELDS, FORM_NAME, app, MODULE_NAME, config });
 }
 
 module.exports = createDefaultInstance;

package/src/generic/forms/form._data.js

@@ -5,9 +5,16 @@ const Form = require("../../form/form");
  * @param {object} param0
  * @param {string} param0.MODULE_NAME
  * @param {string} param0.MODEL_NAME
- * @param {string} param0.actionName
- * @param {Array<function>} param0.validators
- * @param {function} param0.afterExtract
+ * @param {string} [param0.actionName = '_data']
+ * @param {Array<function>} [param0.validators=[]]
+ * @param {function} [param0.afterExtract = async (input, req = null) => input || req]
+ * @param {import('../../types.js').notAppConfigReader} [param0.config]
+ * @param {Object.<string, Function>} [param0.EXTRACTORS]
+ * @param {Object.<string, Function>} [param0.TRANSFORMERS]
+ * @param {import('../../types.js').notAppFormProcessingPipe} [param0.INSTRUCTIONS]
+ * @param {Array<Function>} [param0.AFTER_EXTRACT_TRANSFORMERS]
+ * @param {Object.<string, import('../../types.js').notAppFormEnvExtractor>} [param0.ENV_EXTRACTORS]
+ * @param   {import('../../types.js').notAppFormRateLimiterOptions}    [param0.rate]
  * @returns
  */
 module.exports = ({
@@ -16,15 +23,34 @@ module.exports = ({
     actionName = "_data",
     validators = [],
     afterExtract = async (input, req = null) => input || req,
+    EXTRACTORS = {},
+    ENV_EXTRACTORS = {},
+    TRANSFORMERS = {},
+    INSTRUCTIONS = undefined,
+    AFTER_EXTRACT_TRANSFORMERS = [],
+    rate = undefined,
 }) => {
     return class extends Form {
         /**
          *
          * @param {object} param0
          * @param {import('../../app')} param0.app
+         * @param {import('../../types.js').notAppConfigReader} param0.config
          */
-        constructor({ app }) {
-            super({ app, MODULE_NAME, MODEL_NAME, actionName });
+        constructor({ app, config }) {
+            super({
+                app,
+                config,
+                MODULE_NAME,
+                MODEL_NAME,
+                actionName,
+                EXTRACTORS,
+                ENV_EXTRACTORS,
+                TRANSFORMERS,
+                INSTRUCTIONS,
+                AFTER_EXTRACT_TRANSFORMERS,
+                rate,
+            });
         }
 
         extract(data) {

package/src/generic/forms/form.list.js

@@ -1,8 +1,10 @@
 const Form = require("../../form/form");
-
+const {
+    DOCUMENT_OWNER_FIELD_NAME,
+    DOCUMENT_SESSION_FIELD_NAME,
+} = require("../../auth/const");
 const notFilter = require("not-filter");
-const notAppIdentity = require("../../identity");
-
+const FormExceptions = require("../../exceptions/form");
 const FIELDS = [
     ["query", `not-filter//_filterQuery`],
     ["identity", "not-node//identity"],
@@ -30,29 +32,41 @@ const FactoryFormList = ({ MODULE_NAME, MODEL_NAME, actionName = "list" }) => {
         }
 
         /**
-         *
-         *
+         * Adds owner id or session to query.filter
+         * @param {import('../../types').PreparedData}  prepared
          * @param {import('../../types').notNodeExpressRequest} req
          * @return {Promise<import('../../types').PreparedData>}
          */
-        async extract(req) {
-            const envs = this.extractRequestEnvs(req);
-            const user = notAppIdentity.extractAuthData(req);
-            if (user.auth && !user.root && !user.admin) {
-                if (!envs.query.filter) {
-                    envs.query.filter = notFilter.filter.createFilter();
-                }
-                envs.query.filter = notFilter.filter.modifyRules(
-                    envs.query.filter,
+        async afterExtract(prepared, req) {
+            prepared = await super.afterExtract(prepared, req);
+            if (!prepared.identity || !prepared.query) {
+                throw new FormExceptions.FormExceptionIdentityOrQueryIsUndefined(
+                    this.FORM_NAME
+                );
+            }
+            if (!prepared.query.filter) {
+                prepared.query.filter = notFilter.filter.createANDFilter();
+            }
+            if (
+                prepared.identity.auth &&
+                !prepared.identity.root &&
+                !prepared.identity.admin
+            ) {
+                prepared.query.filter = notFilter.filter.modifyRules(
+                    prepared.query.filter,
                     {
-                        owner: user.uid,
+                        [DOCUMENT_OWNER_FIELD_NAME]: prepared.identity.uid,
+                    }
+                );
+            } else if (!prepared.identity.auth && prepared.identity.sid) {
+                prepared.query.filter = notFilter.filter.modifyRules(
+                    prepared.query.filter,
+                    {
+                        [DOCUMENT_SESSION_FIELD_NAME]: prepared.identity.sid,
                     }
                 );
             }
-
-            return {
-                ...envs,
-            };
+            return prepared;
         }
     };
 };

package/src/generic/forms/form.listAndCount.js

@@ -1,63 +1,8 @@
-const Form = require("../../form/form");
+const FactoryFormList = require("./form.list");
 
-const notFilter = require("not-filter");
-const notAppIdentity = require("../../identity");
-
-const FIELDS = [
-    ["query", `not-filter//_filterQuery`],
-    ["identity", "not-node//identity"],
-];
-
-/**
- * Generates generic form to get perform list and count action
- *
- * @param {object}  params
- * @param {string}  params.MODULE_NAME  //module name
- * @param {string}  params.MODEL_NAME   //model name
- * @param {string}  params.actionName   //action name
- * @return {Form}   form class definition
- */
-const FactoryFormListAndCount = ({
-    MODULE_NAME,
-    MODEL_NAME,
-    actionName = "listAndCount",
-}) => {
-    return class extends Form {
-        constructor(params) {
-            super({
-                ...params,
-                FIELDS,
-                MODULE_NAME,
-                MODEL_NAME,
-                actionName,
-            });
-        }
-
-        /**
-         *
-         *
-         * @param {import('../../types').notNodeExpressRequest} req
-         * @return {Promise<import('../../types').PreparedData>}
-         */
-        async extract(req) {
-            const envs = this.extractRequestEnvs(req);
-            const user = notAppIdentity.extractAuthData(req);
-            if (user.auth && !user.root && !user.admin) {
-                if (!envs.query.filter) {
-                    envs.query.filter = notFilter.filter.createFilter();
-                }
-                envs.query.filter = notFilter.filter.modifyRules(
-                    envs.query.filter,
-                    {
-                        owner: user.uid,
-                    }
-                );
-            }
-            return {
-                ...envs,
-            };
-        }
-    };
+module.exports = (params) => {
+    if (!params.actionName) {
+        params.actionName = "listAndCount";
+    }
+    return FactoryFormList(params);
 };
-
-module.exports = FactoryFormListAndCount;

package/src/logic/actions.before/index.js

@@ -4,5 +4,6 @@ const ActionsBefore = new ActionsSetsLibrary();
 
 ActionsBefore.add("ownage", require("./ownage"));
 ActionsBefore.add("standartQueries", require("./standart.queries.js"));
+ActionsBefore.add("populate", require("./populate"));
 
 module.exports = ActionsBefore;

package/src/logic/actions.before/ownage/ownage.js

@@ -1,5 +1,8 @@
 const notFilter = require("not-filter");
-const { DOCUMENT_OWNER_FIELD_NAME } = require("../../../auth/const.js");
+const {
+    DOCUMENT_OWNER_FIELD_NAME,
+    DOCUMENT_SESSION_FIELD_NAME,
+} = require("../../../auth/const.js");
 const {
     OwnageExceptionIdentityUserIdIsNotDefined,
 } = require("../../../exceptions/action.js");
@@ -8,50 +11,107 @@ const ModelRoutine = require("../../../model/routine.js");
 //checks that
 module.exports = class OwnageBeforeAction {
     static #ownerFieldName = DOCUMENT_OWNER_FIELD_NAME;
+    static #sessionFieldName = DOCUMENT_SESSION_FIELD_NAME;
 
     static get ownerFieldName() {
         return this.#ownerFieldName;
     }
 
-    static async run(logic, actionName, args) {
-        const { identity, data, query, targetId, targetID } = args;
-        if (identity.uid) {
-            //if searching, counting, listing and so on
-            //adding condition of ownership by this excat user
-            let { filter, search } = query;
-            if (filter) {
-                filter = notFilter.filter.modifyRules(filter, {
-                    [OwnageBeforeAction.ownerFieldName]: identity?.uid,
-                });
-                if (search) {
-                    search = notFilter.filter.modifyRules(search, filter);
-                }
+    static get sessionFieldName() {
+        return this.#sessionFieldName;
+    }
+
+    static setOwnage(logic, actionName, args, ownageFilter) {
+        const { query, targetId, targetID } = args;
+        let { filter, search } = query;
+        if (filter) {
+            filter = notFilter.filter.modifyRules(filter, ownageFilter);
+            if (search) {
+                search = notFilter.filter.modifyRules(search, filter);
             }
-            args.defaultQueryById = {
-                _id: targetId,
-                [OwnageBeforeAction.ownerFieldName]: identity?.uid,
+        }
+        args.defaultQueryById = {
+            _id: targetId,
+            ...ownageFilter,
+        };
+        const Model = logic.getModel();
+        const incFieldName = ModelRoutine.incremental(Model);
+        if (incFieldName) {
+            args.defaultQueryByID = {
+                [incFieldName]: targetID,
+                ...ownageFilter,
             };
-            const Model = logic.getModel();
-            const incFieldName = ModelRoutine.incremental(Model);
-            if (incFieldName) {
-                args.defaultQueryByID = {
-                    [incFieldName]: targetID,
-                    [OwnageBeforeAction.ownerFieldName]: identity?.uid,
-                };
-            }
+        }
 
-            args.defaultQueryMany = {
-                [OwnageBeforeAction.ownerFieldName]: identity?.uid,
-            };
-            //mark data as owned by
-            if (data) {
-                data[OwnageBeforeAction.ownerFieldName] = identity.uid;
-            }
+        args.defaultQueryMany = {
+            ...ownageFilter,
+        };
+        //mark data as owned by
+        if (typeof args.data == "object" && args.data) {
+            Object.assign(args.data, ownageFilter);
+        }
+    }
+
+    static createOwnageFilterForUser(identity) {
+        return Object.freeze({
+            [OwnageBeforeAction.ownerFieldName]: identity.uid,
+        });
+    }
+
+    static createOwnageFilterForSession(identity) {
+        return Object.freeze({
+            [OwnageBeforeAction.sessionFieldName]: identity.sid,
+        });
+    }
+
+    /**
+     * Returns object with filtering conditions to restrict access by owner or session
+     *
+     * @static
+     * @param {import('../../../types.js').notAppIdentityData} identity
+     * @return {object}
+     */
+    static getOwnageFilterForIdentity(identity) {
+        if (identity.uid) {
+            return OwnageBeforeAction.createOwnageFilterForUser(identity);
+        } else if (identity.sid) {
+            return OwnageBeforeAction.createOwnageFilterForSession(identity);
         } else {
+            return null;
+        }
+    }
+
+    /**
+     *
+     *
+     * @static
+     * @param {import('../../logic.js')} logic
+     * @param {String} actionName
+     * @param {import('../../../types.js').PreparedData} args
+     */
+    static async run(logic, actionName, args) {
+        if (!args.identity) {
             throw new OwnageExceptionIdentityUserIdIsNotDefined(
                 actionName,
-                identity
+                undefined
             );
         }
+        const ownageFilter = OwnageBeforeAction.getOwnageFilterForIdentity(
+            args.identity
+        );
+        if (ownageFilter === null) {
+            throw new OwnageExceptionIdentityUserIdIsNotDefined(
+                actionName,
+                args.identity
+            );
+        }
+        OwnageBeforeAction.setOwnage(logic, actionName, args, ownageFilter);
+    }
+
+    static ifActionNameEndsWith_Own() {
+        return Object.freeze({
+            condition: (actionName) => actionName.endsWith("Own"),
+            action: OwnageBeforeAction,
+        });
     }
 };

package/src/logic/actions.before/populate/populate.js

@@ -1,3 +1,12 @@
 module.exports = class PopulateBeforeAction {
-    static async run(/*logic, actionName, args*/) {}
+    static async run(logic, actionName, args) {
+        try {
+            const { identity } = args;
+            args.populate = await logic.getPopulate(actionName, {
+                identity,
+            });
+        } catch (e) {
+            logic.log.error(e);
+        }
+    }
 };

package/src/logic/actions.before/standart.queries.js

@@ -5,9 +5,11 @@ module.exports = class StandartQueriesBeforeAction {
     static async run(logic, actionName, args) {
         try {
             const { targetId, targetID } = args;
-            args.defaultQueryById = {
-                _id: targetId,
-            };
+            if (targetId) {
+                args.defaultQueryById = {
+                    _id: targetId,
+                };
+            }
             const Model = logic.getModel();
             const incFieldName = ModelRoutine.incremental(Model);
             if (

package/src/logic/generic.js

@@ -11,8 +11,15 @@ module.exports = ({
     actionsSets = ["standart"],
     actions = {},
     beforeActions = {},
-    beforeActionsAll = [require("./actions.before/standart.queries.js")],
+    beforeActionsOnCondition = [
+        require("./actions.before/ownage/ownage.js").ifActionNameEndsWith_Own(),
+    ], //each item = {condition: (actionName)=>boolean, action}
+    beforeActionsAll = [
+        require("./actions.before/standart.queries.js"),
+        require("./actions.before/populate/populate.js"),
+    ],
     afterActions = {},
+    afterActionsOnCondition = [], //each item = {condition: (actionName)=>boolean, action}
     populateBuilders = {},
     afterActionsAll = [],
     defaultPopulate = [],
@@ -36,11 +43,28 @@ module.exports = ({
         defaultPopulate,
     });
 
+    //adds before/after to all
     beforeActionsAll.forEach((action) => {
         Logic.onBefore(undefined, action);
     });
+
     afterActionsAll.forEach((action) => Logic.onAfter(undefined, action));
 
+    //adds before/after to as many as satisfies condition
+    Object.keys(ACTIONS).forEach((actionName) => {
+        beforeActionsOnCondition.forEach(({ condition, action }) => {
+            if (condition(actionName)) {
+                Logic.onBefore(actionName, action);
+            }
+        });
+        afterActionsOnCondition.forEach(({ condition, action }) => {
+            if (condition(actionName)) {
+                Logic.onAfter(actionName, action);
+            }
+        });
+    });
+
+    //adds before/after per actionName
     Object.keys(beforeActions).forEach((actionName) =>
         beforeActions[actionName].forEach((action) =>
             Logic.onBefore(actionName, action)

package/src/logic/logic.js

@@ -17,8 +17,8 @@ class LogicProxied {
     actions = new Map();
     actionRunner = ActionRunner;
 
-    populateBuilders = {};
-    defaultPopulate = [];
+    #populateBuilders = {};
+    #defaultPopulate = [];
 
     MODEL_NAME;
     MODULE_NAME;
@@ -32,7 +32,6 @@ class LogicProxied {
     logAction;
     logDebugAction;
 
-    
     constructor(
         actions = {},
         actionRunner = ActionRunner,
@@ -48,9 +47,15 @@ class LogicProxied {
         this.MODEL_NAME = MODEL_NAME;
         this.MODULE_NAME = MODULE_NAME;
         this.USER_MODEL_NAME = USER_MODEL_NAME;
+        if (defaultPopulate) {
+            this.#defaultPopulate = defaultPopulate;
+        }
+        Object.freeze(this.#defaultPopulate);
 
-        defaultPopulate && (this.defaultPopulate = defaultPopulate);
-        populateBuilders && (this.populateBuilders = populateBuilders);
+        if (populateBuilders) {
+            this.#populateBuilders = populateBuilders;
+        }
+        Object.freeze(this.#populateBuilders);
 
         actionRunner && (this.actionRunner = actionRunner);
         this.afterPipes = new NamedActionPipes(
@@ -70,7 +75,7 @@ class LogicProxied {
 
         // proxy logic, do something before each call of all methods inside class
         // like if arg passed is 3, print something additionally
-        return  this.#proxy = new Proxy(this, {
+        return (this.#proxy = new Proxy(this, {
             get(target, prop) {
                 if (target.actions.has(prop)) {
                     return target.#getActionRunner(prop);
@@ -78,7 +83,7 @@ class LogicProxied {
                     return target[prop];
                 }
             },
-        });
+        }));
     }
 
     #initTools(target) {
@@ -105,9 +110,7 @@ class LogicProxied {
             this.log &&
                 this.log.debug(
                     new Date(),
-                    `${this.MODULE_NAME}//Logic//${
-                        this.MODEL_NAME
-                    }//${action}`,
+                    `${this.MODULE_NAME}//Logic//${this.MODEL_NAME}//${action}`,
                     identity?.ip,
                     identity?.root
                 );
@@ -132,16 +135,16 @@ class LogicProxied {
 
     async getPopulate(actionName, prepared) {
         if (
-            this.populateBuilders &&
-            objHas(this.populateBuilders, actionName) &&
-            isFunc(this.populateBuilders[actionName])
+            this.#populateBuilders &&
+            objHas(this.#populateBuilders, actionName) &&
+            isFunc(this.#populateBuilders[actionName])
         ) {
             return await executeFunctionAsAsync(
-                this.populateBuilders[actionName],
+                this.#populateBuilders[actionName],
                 [prepared]
             );
         }
-        return this.defaultPopulate;
+        return [...this.#defaultPopulate];
     }
 
     #getActionRunner(actionName) {