not-node 6.5.5 → 6.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/package.json +1 -1
  2. package/src/generic/field.js +3 -3
  3. package/src/init/index.js +1 -1
  4. package/src/manifest/manifest.filter.js +94 -71
  5. package/test/notManifest.js +12 -10
  6. package/test/notManifestFilter.js +109 -118
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "not-node",
3
- "version": "6.5.5",
3
+ "version": "6.5.7",
4
4
  "description": "node complimentary part for client side notFramework.",
5
5
  "main": "index.js",
6
6
  "scripts": {
package/src/generic/field.js CHANGED
@@ -2,13 +2,13 @@ const getApp = require("../getApp");
2
2
  const genericDataField = require("./field._data");
3
3
  const Form = require("../form/form");
4
4
 
5
- const initGenericDataField = (
5
+ const initGenericDataField = ({
6
6
  MODULE_NAME,
7
7
  MODEL_NAME,
8
8
  actionName = "_data",
9
9
  validators = [],
10
- afterExtract = async (input /*, req = null*/) => input
11
- ) => {
10
+ afterExtract = async (input /*, req = null*/) => input,
11
+ }) => {
12
12
  //not-module//modelName._data
13
13
  const fieldGenericPath = Form.createPath(
14
14
  MODULE_NAME,
package/src/init/index.js CHANGED
@@ -191,7 +191,7 @@ class Init {
191
191
  });
192
192
  log?.info("Application initalization finished");
193
193
  } catch (e) {
194
- Init.throwError(e.message, 1);
194
+ log?.error(e.message, 1);
195
195
  }
196
196
  }
197
197
 
package/src/manifest/manifest.filter.js CHANGED
@@ -41,21 +41,22 @@ module.exports = class notManifestFilter {
41
41
  if (!route || !route.actions) {
42
42
  return result;
43
43
  }
44
+ console.log("actions", JSON.stringify(route.actions));
44
45
  for (let actionName in route.actions) {
45
46
  if (!route.actions[actionName]) {
46
47
  continue;
47
48
  }
48
- let actionSet = route.actions[actionName];
49
- notManifestFilter.filterRouteAction(
50
- actionName,
51
- actionSet,
49
+ const resultActionData = notManifestFilter.filterRouteAction(
50
+ route.actions[actionName],
52
51
  auth,
53
52
  role,
54
53
  root,
55
- result,
56
54
  modelName,
57
55
  moduleName
58
56
  );
57
+ if (resultActionData) {
58
+ result.actions[actionName] = resultActionData;
59
+ }
59
60
  }
60
61
  return result;
61
62
  }
@@ -64,22 +65,18 @@ module.exports = class notManifestFilter {
64
65
  *
65
66
  *
66
67
  * @static
67
- * @param {string} actionName
68
68
  * @param {import('../types').notActionData} actionSet
69
69
  * @param {boolean} auth
70
70
  * @param {Array<string>} role
71
71
  * @param {boolean} root
72
- * @param {any} result
73
72
  * @param {string} [modelName=""]
74
73
  * @param {string} [moduleName=""]
75
74
  */
76
75
  static filterRouteAction(
77
- actionName,
78
76
  actionSet,
79
77
  auth,
80
78
  role,
81
79
  root,
82
- result,
83
80
  modelName = "",
84
81
  moduleName = ""
85
82
  ) {
@@ -88,31 +85,8 @@ module.exports = class notManifestFilter {
88
85
  if (
89
86
  Auth.checkCredentials(actionSet.rules[i], auth, role, root)
90
87
  ) {
91
- result.actions[actionName] =
92
- notManifestFilter.clearActionFromRules(
93
- actionSet,
94
- actionSet.rules[i],
95
- {
96
- auth,
97
- role,
98
- root,
99
- modelName,
100
- moduleName,
101
- actionSignature:
102
- notManifestFilter.detectActionSignature(
103
- actionSet
104
- ),
105
- }
106
- );
107
- break;
108
- }
109
- }
110
- } else {
111
- if (Auth.checkCredentials(actionSet, auth, role, root)) {
112
- result.actions[actionName] =
113
- notManifestFilter.clearActionFromRules(
88
+ return notManifestFilter.clearActionFromRules(
114
89
  actionSet,
115
- undefined,
116
90
  {
117
91
  auth,
118
92
  role,
@@ -123,10 +97,29 @@ module.exports = class notManifestFilter {
123
97
  notManifestFilter.detectActionSignature(
124
98
  actionSet
125
99
  ),
126
- }
100
+ },
101
+ actionSet.rules[i]
127
102
  );
103
+ }
104
+ }
105
+ } else {
106
+ if (Auth.checkCredentials(actionSet, auth, role, root)) {
107
+ return notManifestFilter.clearActionFromRules(
108
+ actionSet,
109
+ {
110
+ auth,
111
+ role,
112
+ root,
113
+ modelName,
114
+ moduleName,
115
+ actionSignature:
116
+ notManifestFilter.detectActionSignature(actionSet),
117
+ },
118
+ undefined
119
+ );
128
120
  }
129
121
  }
122
+ return undefined;
130
123
  }
131
124
 
132
125
  /**
@@ -223,14 +216,11 @@ module.exports = class notManifestFilter {
223
216
  switch (action?.method?.toLocaleLowerCase()) {
224
217
  case "get":
225
218
  return Auth.ACTION_SIGNATURES.READ;
226
-
227
219
  case "post":
228
220
  case "patch":
229
221
  return Auth.ACTION_SIGNATURES.UPDATE;
230
-
231
222
  case "put":
232
223
  return Auth.ACTION_SIGNATURES.CREATE;
233
-
234
224
  case "delete":
235
225
  return Auth.ACTION_SIGNATURES.DELETE;
236
226
 
@@ -274,10 +264,50 @@ module.exports = class notManifestFilter {
274
264
  return returnSet;
275
265
  }
276
266
 
267
+ static filterFieldsPropOfActionRule(
268
+ actionRule,
269
+ { modelSchema, modelName, ruleSet, actionSignature, role, auth, root }
270
+ ) {
271
+ const fields = notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
272
+ ? [...ruleSet.fields]
273
+ : DEFAULT_FIELDS_SET;
274
+
275
+ actionRule.fields = notFieldsFilter.filter(fields, modelSchema, {
276
+ action: actionSignature,
277
+ roles: role,
278
+ auth,
279
+ root,
280
+ modelName,
281
+ });
282
+
283
+ //remove fields property if list is empty
284
+ if (actionRule.fields.length == 0) {
285
+ delete actionRule.fields;
286
+ }
287
+ }
288
+
289
+ static filterReturnPropOfActionRule(
290
+ actionRule,
291
+ { modelSchema, modelName, ruleSet, actionSignature, role, auth, root }
292
+ ) {
293
+ if (ruleSet && ruleSet.return) {
294
+ actionRule.return = notManifestFilter.filterReturnSet(
295
+ ruleSet.return,
296
+ modelSchema,
297
+ {
298
+ auth,
299
+ role,
300
+ root,
301
+ modelName,
302
+ actionSignature,
303
+ }
304
+ );
305
+ }
306
+ }
307
+
277
308
  /**
278
309
  * Clear action definition from rules of access
279
310
  * @param {object} action action data
280
- * @param {object} [ruleSet] specific set of rules for this action
281
311
  * @param {object} mods specific set of rules for this action
282
312
  * @param {boolean} mods.auth
283
313
  * @param {boolean} mods.root
@@ -285,11 +315,11 @@ module.exports = class notManifestFilter {
285
315
  * @param {string} mods.modelName
286
316
  * @param {string} mods.moduleName
287
317
  * @param {string|undefined} mods.actionSignature create/read/update/delete
318
+ * @param {object} [ruleSet] specific set of rules for this action
288
319
  * @return {object} clean action data
289
320
  **/
290
321
  static clearActionFromRules(
291
322
  action,
292
- ruleSet = null,
293
323
  {
294
324
  auth = false,
295
325
  role = [Auth.DEFAULT_USER_ROLE_FOR_GUEST],
@@ -304,46 +334,39 @@ module.exports = class notManifestFilter {
304
334
  modelName: "",
305
335
  moduleName: "",
306
336
  actionSignature: undefined,
307
- }
337
+ },
338
+ ruleSet = null
308
339
  ) {
309
- let copy = merge({}, action);
310
- notManifestFilter.clearFromDirtyFields(copy);
340
+ //full copy
341
+ let actionRule = merge({}, action);
342
+ //removes server side or secret information (full list of access rules)
343
+ notManifestFilter.clearFromDirtyFields(actionRule);
344
+ //retrives model schema
345
+ const fullModelName = this.composeFullModelName(moduleName, modelName);
346
+ const modelSchema = this.loadSchema(fullModelName);
311
347
  //copy fields list from rule to action if it exists
312
348
  //fields list is used to restrict fields of data that could be accessed via
313
349
  //this action
314
- const fullModelName = this.composeFullModelName(moduleName, modelName);
315
- const modelSchema = this.loadSchema(fullModelName);
316
- const fields = notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
317
- ? [...ruleSet.fields]
318
- : DEFAULT_FIELDS_SET;
319
-
320
- copy.fields = notFieldsFilter.filter(fields, modelSchema, {
321
- action: actionSignature,
322
- roles: role,
350
+ this.filterFieldsPropOfActionRule(actionRule, {
351
+ modelName,
352
+ modelSchema,
353
+ ruleSet,
354
+ actionSignature,
355
+ role,
323
356
  auth,
324
357
  root,
358
+ });
359
+ //
360
+ this.filterReturnPropOfActionRule(actionRule, {
325
361
  modelName,
362
+ modelSchema,
363
+ ruleSet,
364
+ actionSignature,
365
+ role,
366
+ auth,
367
+ root,
326
368
  });
327
- //remove fields property if list is empty
328
- if (copy.fields.length == 0) {
329
- delete copy.fields;
330
- }
331
-
332
- if (ruleSet && ruleSet.return) {
333
- copy.return = notManifestFilter.filterReturnSet(
334
- ruleSet.return,
335
- modelSchema,
336
- {
337
- auth,
338
- role,
339
- root,
340
- modelName,
341
- moduleName,
342
- actionSignature,
343
- }
344
- );
345
- }
346
- return copy;
369
+ return actionRule;
347
370
  }
348
371
 
349
372
  /**
package/test/notManifest.js CHANGED
@@ -1,5 +1,6 @@
1
1
  const expect = require("chai").expect,
2
2
  notManifest = require("../src/manifest/manifest"),
3
+ notManifestFilter = require("../src/manifest/manifest.filter"),
3
4
  manifest = new notManifest();
4
5
 
5
6
  const rawRoutesManifest = {
@@ -25,31 +26,32 @@ const rawRoutesManifest = {
25
26
  method: "get",
26
27
  rules: [
27
28
  {
28
- auth: false,
29
+ root: true,
30
+ actionName: "listForAdmin",
29
31
  },
30
32
  {
31
33
  auth: true,
32
34
  actionPrefix: "user",
33
35
  },
36
+
34
37
  {
35
- root: true,
36
- actionName: "listForAdmin",
38
+ auth: false,
37
39
  },
38
40
  ],
39
41
  },
40
42
  listAll: {
41
43
  method: "get",
42
44
  rules: [
43
- {
44
- auth: true,
45
- role: ["manager"],
46
- actionName: "managerListAll",
47
- },
48
45
  {
49
46
  root: true,
50
47
  actionPrefix: "__",
51
48
  actionName: "listForAdmin",
52
49
  },
50
+ {
51
+ auth: true,
52
+ role: ["manager"],
53
+ actionName: "managerListAll",
54
+ },
53
55
  ],
54
56
  },
55
57
  },
@@ -70,10 +72,10 @@ const rawRoutesManifest = {
70
72
  method: "get",
71
73
  rules: [
72
74
  {
73
- auth: true,
75
+ root: true,
74
76
  },
75
77
  {
76
- root: true,
78
+ auth: true,
77
79
  },
78
80
  ],
79
81
  },
package/test/notManifestFilter.js CHANGED
@@ -1,4 +1,5 @@
1
1
  const { notFieldsFilter } = require("..");
2
+
2
3
  const {
3
4
  DEFAULT_USER_ROLE_FOR_GUEST,
4
5
  ACTION_SIGNATURES,
@@ -31,31 +32,31 @@ const rawRoutesManifest = {
31
32
  method: "get",
32
33
  rules: [
33
34
  {
34
- auth: false,
35
+ root: true,
36
+ actionName: "listForAdmin",
35
37
  },
36
38
  {
37
39
  auth: true,
38
40
  actionPrefix: "user",
39
41
  },
40
42
  {
41
- root: true,
42
- actionName: "listForAdmin",
43
+ auth: false,
43
44
  },
44
45
  ],
45
46
  },
46
47
  listAll: {
47
48
  method: "get",
48
49
  rules: [
49
- {
50
- auth: true,
51
- role: ["manager"],
52
- actionName: "managerListAll",
53
- },
54
50
  {
55
51
  root: true,
56
52
  actionPrefix: "__",
57
53
  actionName: "listForAdmin",
58
54
  },
55
+ {
56
+ auth: true,
57
+ role: ["manager"],
58
+ actionName: "managerListAll",
59
+ },
59
60
  ],
60
61
  },
61
62
  },
@@ -76,10 +77,10 @@ const rawRoutesManifest = {
76
77
  method: "get",
77
78
  rules: [
78
79
  {
79
- auth: true,
80
+ root: true,
80
81
  },
81
82
  {
82
- root: true,
83
+ auth: true,
83
84
  },
84
85
  ],
85
86
  },
@@ -96,27 +97,73 @@ const rawRoutesManifest = {
96
97
 
97
98
  describe("notManifestFilter", function () {
98
99
  describe("clearActionFromRules", function () {
100
+ const spGuestC = Object.freeze({
101
+ [ACTION_SIGNATURES.CREATE]: ["root", "admin", "@*"],
102
+ [ACTION_SIGNATURES.READ]: ["root", "admin"],
103
+ [ACTION_SIGNATURES.UPDATE]: ["root", "admin"],
104
+ [ACTION_SIGNATURES.DELETE]: ["root", "admin"],
105
+ });
106
+
107
+ const spSystem = Object.freeze({
108
+ [ACTION_SIGNATURES.CREATE]: ["@system"],
109
+ [ACTION_SIGNATURES.READ]: ["@system"],
110
+ [ACTION_SIGNATURES.UPDATE]: ["@system"],
111
+ [ACTION_SIGNATURES.DELETE]: ["@system"],
112
+ });
113
+
99
114
  it("with rules", function () {
115
+ notManifestFilter.schemaLoader = (schemaName) => {
116
+ console.log("schema getter", schemaName);
117
+ switch (schemaName) {
118
+ case "Jelly":
119
+ return {
120
+ name: {
121
+ type: String,
122
+ safe: spGuestC,
123
+ },
124
+ email: {
125
+ type: String,
126
+ safe: spGuestC,
127
+ },
128
+ __version: {
129
+ type: String,
130
+ safe: spSystem,
131
+ },
132
+ };
133
+ case "Post":
134
+ return [];
135
+ }
136
+ return undefined;
137
+ };
100
138
  const input = {
101
139
  modelName: "jelly",
102
140
  rules: [
103
141
  {
104
- auth: true,
105
- fields: ["name"],
142
+ root: true,
106
143
  },
107
144
  {
108
- root: true,
109
- fields: ["name", "email"],
145
+ auth: true,
110
146
  },
111
147
  ],
112
148
  };
113
- const result = notManifestFilter.clearActionFromRules(input, {
114
- root: true,
115
- fields: ["name", "email"],
116
- });
149
+ const result = notManifestFilter.clearActionFromRules(
150
+ //raw actionData
151
+ input,
152
+ //current user statem model name, action name and action signature - minimum if you want to filter
153
+ {
154
+ root: true,
155
+ role: ["root"],
156
+ modelName: "Jelly",
157
+ actionSignature: ACTION_SIGNATURES.READ,
158
+ },
159
+ {
160
+ //what earlier were selected as best suited rule
161
+ root: true,
162
+ }
163
+ );
117
164
  expect(result).to.deep.equal({
118
165
  modelName: "jelly",
119
- fields: ["name", "email"],
166
+ fields: ["name", "email"], //if fields ommited, it replaced by ["@safe"], __version is not safe to everyone but system invoked operations
120
167
  });
121
168
  });
122
169
 
@@ -491,7 +538,6 @@ describe("notManifestFilter", function () {
491
538
  });
492
539
 
493
540
  it("filterRouteAction @safe for READ", () => {
494
- const actionName = "get";
495
541
  const actionData = {
496
542
  actionSignature: ACTION_SIGNATURES.READ,
497
543
  method: "get",
@@ -505,32 +551,23 @@ describe("notManifestFilter", function () {
505
551
  const auth = false;
506
552
  const root = false;
507
553
  const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
508
- const routeMan = {
509
- actions: {},
510
- };
554
+
511
555
  const targetResult = {
512
- actions: {
513
- get: {
514
- method: "get",
515
- fields: ["name", "username", "country"],
516
- },
517
- },
556
+ method: "get",
557
+ fields: ["name", "username", "country"],
518
558
  };
519
- notManifestFilter.filterRouteAction(
520
- actionName,
559
+ const result = notManifestFilter.filterRouteAction(
521
560
  actionData,
522
561
  auth,
523
562
  roles,
524
563
  root,
525
- routeMan,
526
564
  modelName,
527
565
  moduleName
528
566
  );
529
- expect(routeMan).to.be.deep.equal(targetResult);
567
+ expect(result).to.be.deep.equal(targetResult);
530
568
  });
531
569
 
532
570
  it("filterRouteAction @* for READ", () => {
533
- const actionName = "get";
534
571
  const actionData = {
535
572
  actionSignature: ACTION_SIGNATURES.READ,
536
573
  method: "get",
@@ -544,44 +581,34 @@ describe("notManifestFilter", function () {
544
581
  const auth = false;
545
582
  const root = false;
546
583
  const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
547
- const routeMan = {
548
- actions: {},
549
- };
550
584
  const targetResult = {
551
- actions: {
552
- get: {
553
- method: "get",
554
- fields: [
555
- "_id",
556
- "userID",
557
- "role",
558
- "name",
559
- "salt",
560
- "telephone",
561
- "username",
562
- "confirm",
563
- "code",
564
- "country",
565
- "email",
566
- ],
567
- },
568
- },
585
+ method: "get",
586
+ fields: [
587
+ "_id",
588
+ "userID",
589
+ "role",
590
+ "name",
591
+ "salt",
592
+ "telephone",
593
+ "username",
594
+ "confirm",
595
+ "code",
596
+ "country",
597
+ "email",
598
+ ],
569
599
  };
570
- notManifestFilter.filterRouteAction(
571
- actionName,
600
+ const result = notManifestFilter.filterRouteAction(
572
601
  actionData,
573
602
  auth,
574
603
  roles,
575
604
  root,
576
- routeMan,
577
605
  modelName,
578
606
  moduleName
579
607
  );
580
- expect(routeMan).to.be.deep.equal(targetResult);
608
+ expect(result).to.be.deep.equal(targetResult);
581
609
  });
582
610
 
583
611
  it("filterRouteAction @*,-@safe for READ", () => {
584
- const actionName = "get";
585
612
  const actionData = {
586
613
  actionSignature: ACTION_SIGNATURES.READ,
587
614
  method: "get",
@@ -595,41 +622,32 @@ describe("notManifestFilter", function () {
595
622
  const auth = false;
596
623
  const root = false;
597
624
  const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
598
- const routeMan = {
599
- actions: {},
600
- };
625
+
601
626
  const targetResult = {
602
- actions: {
603
- get: {
604
- method: "get",
605
- fields: [
606
- "_id",
607
- "userID",
608
- "role",
609
- "salt",
610
- "telephone",
611
- "confirm",
612
- "code",
613
- "email",
614
- ],
615
- },
616
- },
627
+ method: "get",
628
+ fields: [
629
+ "_id",
630
+ "userID",
631
+ "role",
632
+ "salt",
633
+ "telephone",
634
+ "confirm",
635
+ "code",
636
+ "email",
637
+ ],
617
638
  };
618
- notManifestFilter.filterRouteAction(
619
- actionName,
639
+ const result = notManifestFilter.filterRouteAction(
620
640
  actionData,
621
641
  auth,
622
642
  roles,
623
643
  root,
624
- routeMan,
625
644
  modelName,
626
645
  moduleName
627
646
  );
628
- expect(routeMan).to.be.deep.equal(targetResult);
647
+ expect(result).to.be.deep.equal(targetResult);
629
648
  });
630
649
 
631
650
  it("filterRouteAction @* for UPDATE as guest", () => {
632
- const actionName = "update";
633
651
  const actionData = {
634
652
  actionSignature: ACTION_SIGNATURES.UPDATE,
635
653
  method: "post",
@@ -643,27 +661,18 @@ describe("notManifestFilter", function () {
643
661
  const auth = false;
644
662
  const root = false;
645
663
  const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
646
- const routeMan = {
647
- actions: {},
648
- };
649
- const targetResult = {
650
- actions: {},
651
- };
652
- notManifestFilter.filterRouteAction(
653
- actionName,
664
+ const result = notManifestFilter.filterRouteAction(
654
665
  actionData,
655
666
  auth,
656
667
  roles,
657
668
  root,
658
- routeMan,
659
669
  modelName,
660
670
  moduleName
661
671
  );
662
- expect(routeMan).to.be.deep.equal(targetResult);
672
+ expect(result).to.be.undefined;
663
673
  });
664
674
 
665
675
  it("filterRouteAction @safe for CREATE as guest", () => {
666
- const actionName = "create";
667
676
  const actionData = {
668
677
  actionSignature: ACTION_SIGNATURES.CREATE,
669
678
  method: "put",
@@ -677,27 +686,18 @@ describe("notManifestFilter", function () {
677
686
  const auth = false;
678
687
  const root = false;
679
688
  const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
680
- const routeMan = {
681
- actions: {},
682
- };
683
- const targetResult = {
684
- actions: {},
685
- };
686
- notManifestFilter.filterRouteAction(
687
- actionName,
689
+ const result = notManifestFilter.filterRouteAction(
688
690
  actionData,
689
691
  auth,
690
692
  roles,
691
693
  root,
692
- routeMan,
693
694
  modelName,
694
695
  moduleName
695
696
  );
696
- expect(routeMan).to.be.deep.equal(targetResult);
697
+ expect(result).to.be.undefined;
697
698
  });
698
699
 
699
700
  it("filterRouteAction @listFields for READ", () => {
700
- const actionName = "list";
701
701
  notFieldsFilter.addSet("listFields", ["@ID", "@safe"]);
702
702
  const actionData = {
703
703
  actionSignature: ACTION_SIGNATURES.READ,
@@ -712,28 +712,19 @@ describe("notManifestFilter", function () {
712
712
  const auth = false;
713
713
  const root = false;
714
714
  const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
715
- const routeMan = {
716
- actions: {},
717
- };
718
715
  const targetResult = {
719
- actions: {
720
- list: {
721
- method: "get",
722
- fields: ["userID", "name", "username", "country"],
723
- },
724
- },
716
+ method: "get",
717
+ fields: ["userID", "name", "username", "country"],
725
718
  };
726
- notManifestFilter.filterRouteAction(
727
- actionName,
719
+ const result = notManifestFilter.filterRouteAction(
728
720
  actionData,
729
721
  auth,
730
722
  roles,
731
723
  root,
732
- routeMan,
733
724
  modelName,
734
725
  moduleName
735
726
  );
736
- expect(routeMan).to.be.deep.equal(targetResult);
727
+ expect(result).to.be.deep.equal(targetResult);
737
728
  });
738
729
  });
739
730
  });