not-node 6.5.50 → 6.5.53
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +2 -2
- package/src/auth/const.js +11 -0
- package/src/auth/fields.js +3 -3
- package/src/core/safety.protocols.js +30 -20
- package/src/domain.js +21 -4
- package/src/fields/index.js +1 -1
- package/src/manifest/const.js +5 -0
- package/src/manifest/module.js +12 -0
- package/src/manifest/route.js +6 -1
- package/src/model/default.js +7 -3
- package/src/model/routine.js +2 -5
- package/src/model/versioning.js +2 -2
- package/test/filter.js +8 -5
- package/test/notManifestFilter.js +1 -1
package/package.json
CHANGED
package/src/auth/const.js
CHANGED
|
@@ -11,6 +11,16 @@ const ACTION_SIGNATURE_UPDATE = "update";
|
|
|
11
11
|
const ACTION_SIGNATURE_DELETE = "delete";
|
|
12
12
|
const ACTION_SIGNATURE_ANY = "any";
|
|
13
13
|
|
|
14
|
+
const ACCESS_SPECIAL_ALL = "@*";
|
|
15
|
+
const ACCESS_SPECIAL_OWNER = "@owner";
|
|
16
|
+
const ACCESS_SPECIAL_SYSTEM = "@system";
|
|
17
|
+
|
|
18
|
+
const ACCESS_SPECIALS = {
|
|
19
|
+
ALL: ACCESS_SPECIAL_ALL,
|
|
20
|
+
OWNER: ACCESS_SPECIAL_OWNER,
|
|
21
|
+
SYSTEM: ACCESS_SPECIAL_SYSTEM,
|
|
22
|
+
};
|
|
23
|
+
|
|
14
24
|
const ACTION_SIGNATURES = {
|
|
15
25
|
CREATE: ACTION_SIGNATURE_CREATE,
|
|
16
26
|
READ: ACTION_SIGNATURE_READ,
|
|
@@ -45,4 +55,5 @@ module.exports = {
|
|
|
45
55
|
DOCUMENT_SESSION_FIELD_NAME,
|
|
46
56
|
ACTION_SIGNATURES,
|
|
47
57
|
METHOD_SIGNAURES,
|
|
58
|
+
ACCESS_SPECIALS,
|
|
48
59
|
};
|
package/src/auth/fields.js
CHANGED
|
@@ -43,16 +43,16 @@ function isOwner(
|
|
|
43
43
|
}
|
|
44
44
|
|
|
45
45
|
/**
|
|
46
|
-
* Checks if safe field rule is some sort variant of wild card
|
|
46
|
+
* Checks if safe field rule is some sort variant of wild card "@*" or "*"
|
|
47
47
|
* @param {string|Array<string>} safeFor safe field rule
|
|
48
48
|
* @return {boolean} if it's wildcard
|
|
49
49
|
*
|
|
50
50
|
*/
|
|
51
51
|
function ruleIsWildcard(safeFor) {
|
|
52
52
|
if (Array.isArray(safeFor)) {
|
|
53
|
-
return safeFor.includes("*");
|
|
53
|
+
return safeFor.includes("@*") || safeFor.includes("*");
|
|
54
54
|
} else {
|
|
55
|
-
return safeFor === "*";
|
|
55
|
+
return safeFor === "@*" || safeFor === "*";
|
|
56
56
|
}
|
|
57
57
|
}
|
|
58
58
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
const { ACTION_SIGNATURES } = require("../auth/const");
|
|
1
|
+
const { ACTION_SIGNATURES, ACCESS_SPECIALS } = require("../auth/const");
|
|
2
2
|
|
|
3
3
|
module.exports.rootAdmin = Object.freeze({
|
|
4
4
|
[ACTION_SIGNATURES.CREATE]: ["root", "admin"],
|
|
@@ -9,14 +9,14 @@ module.exports.rootAdmin = Object.freeze({
|
|
|
9
9
|
|
|
10
10
|
module.exports.rootAdminCRUD_ownerR = Object.freeze({
|
|
11
11
|
[ACTION_SIGNATURES.CREATE]: ["root", "admin"],
|
|
12
|
-
[ACTION_SIGNATURES.READ]: ["root", "admin",
|
|
12
|
+
[ACTION_SIGNATURES.READ]: ["root", "admin", ACCESS_SPECIALS.OWNER],
|
|
13
13
|
[ACTION_SIGNATURES.UPDATE]: ["root", "admin"],
|
|
14
14
|
[ACTION_SIGNATURES.DELETE]: ["root", "admin"],
|
|
15
15
|
});
|
|
16
16
|
|
|
17
17
|
module.exports.rootAdminCRUD_allR = Object.freeze({
|
|
18
18
|
[ACTION_SIGNATURES.CREATE]: ["root", "admin"],
|
|
19
|
-
[ACTION_SIGNATURES.READ]: ["root", "admin",
|
|
19
|
+
[ACTION_SIGNATURES.READ]: ["root", "admin", ACCESS_SPECIALS.ALL],
|
|
20
20
|
[ACTION_SIGNATURES.UPDATE]: ["root", "admin"],
|
|
21
21
|
[ACTION_SIGNATURES.DELETE]: ["root", "admin"],
|
|
22
22
|
});
|
|
@@ -26,20 +26,25 @@ module.exports.rootAdminCRUD_allR = Object.freeze({
|
|
|
26
26
|
* root, admin - any own and any of client, user, guest
|
|
27
27
|
*/
|
|
28
28
|
module.exports.ownerRootAdmin = Object.freeze({
|
|
29
|
-
[ACTION_SIGNATURES.CREATE]: [
|
|
30
|
-
[ACTION_SIGNATURES.READ]: [
|
|
31
|
-
[ACTION_SIGNATURES.UPDATE]: [
|
|
32
|
-
[ACTION_SIGNATURES.DELETE]: [
|
|
29
|
+
[ACTION_SIGNATURES.CREATE]: [ACCESS_SPECIALS.OWNER, "root", "admin"],
|
|
30
|
+
[ACTION_SIGNATURES.READ]: [ACCESS_SPECIALS.OWNER, "root", "admin"],
|
|
31
|
+
[ACTION_SIGNATURES.UPDATE]: [ACCESS_SPECIALS.OWNER, "root", "admin"],
|
|
32
|
+
[ACTION_SIGNATURES.DELETE]: [ACCESS_SPECIALS.OWNER, "root", "admin"],
|
|
33
33
|
});
|
|
34
34
|
|
|
35
35
|
/**
|
|
36
36
|
* same as above but client can create new documents
|
|
37
37
|
*/
|
|
38
38
|
module.exports.ownerRootAdminCRUD_clientC = Object.freeze({
|
|
39
|
-
[ACTION_SIGNATURES.CREATE]: [
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
39
|
+
[ACTION_SIGNATURES.CREATE]: [
|
|
40
|
+
ACCESS_SPECIALS.OWNER,
|
|
41
|
+
"root",
|
|
42
|
+
"admin",
|
|
43
|
+
"client",
|
|
44
|
+
],
|
|
45
|
+
[ACTION_SIGNATURES.READ]: [ACCESS_SPECIALS.OWNER, "root", "admin"],
|
|
46
|
+
[ACTION_SIGNATURES.UPDATE]: [ACCESS_SPECIALS.OWNER, "root", "admin"],
|
|
47
|
+
[ACTION_SIGNATURES.DELETE]: [ACCESS_SPECIALS.OWNER, "root", "admin"],
|
|
43
48
|
});
|
|
44
49
|
|
|
45
50
|
/**
|
|
@@ -47,17 +52,22 @@ module.exports.ownerRootAdminCRUD_clientC = Object.freeze({
|
|
|
47
52
|
* owner, root, admin could read
|
|
48
53
|
*/
|
|
49
54
|
module.exports.systemManageable = Object.freeze({
|
|
50
|
-
[ACTION_SIGNATURES.CREATE]: [
|
|
51
|
-
[ACTION_SIGNATURES.READ]: [
|
|
52
|
-
|
|
53
|
-
|
|
55
|
+
[ACTION_SIGNATURES.CREATE]: [ACCESS_SPECIALS.SYSTEM],
|
|
56
|
+
[ACTION_SIGNATURES.READ]: [
|
|
57
|
+
ACCESS_SPECIALS.SYSTEM,
|
|
58
|
+
ACCESS_SPECIALS.OWNER,
|
|
59
|
+
"root",
|
|
60
|
+
"admin",
|
|
61
|
+
],
|
|
62
|
+
[ACTION_SIGNATURES.UPDATE]: [ACCESS_SPECIALS.SYSTEM],
|
|
63
|
+
[ACTION_SIGNATURES.DELETE]: [ACCESS_SPECIALS.SYSTEM],
|
|
54
64
|
});
|
|
55
65
|
|
|
56
66
|
module.exports.systemManageableSecret = Object.freeze({
|
|
57
|
-
[ACTION_SIGNATURES.CREATE]: [
|
|
58
|
-
[ACTION_SIGNATURES.READ]: [
|
|
59
|
-
[ACTION_SIGNATURES.UPDATE]: [
|
|
60
|
-
[ACTION_SIGNATURES.DELETE]: [
|
|
67
|
+
[ACTION_SIGNATURES.CREATE]: [ACCESS_SPECIALS.SYSTEM],
|
|
68
|
+
[ACTION_SIGNATURES.READ]: [ACCESS_SPECIALS.SYSTEM],
|
|
69
|
+
[ACTION_SIGNATURES.UPDATE]: [ACCESS_SPECIALS.SYSTEM],
|
|
70
|
+
[ACTION_SIGNATURES.DELETE]: [ACCESS_SPECIALS.SYSTEM],
|
|
61
71
|
});
|
|
62
72
|
|
|
63
73
|
/**
|
|
@@ -65,7 +75,7 @@ module.exports.systemManageableSecret = Object.freeze({
|
|
|
65
75
|
*/
|
|
66
76
|
module.exports.publicReadable = Object.freeze({
|
|
67
77
|
[ACTION_SIGNATURES.CREATE]: [],
|
|
68
|
-
[ACTION_SIGNATURES.READ]: [
|
|
78
|
+
[ACTION_SIGNATURES.READ]: [ACCESS_SPECIALS.ALL],
|
|
69
79
|
[ACTION_SIGNATURES.UPDATE]: [],
|
|
70
80
|
[ACTION_SIGNATURES.DELETE]: [],
|
|
71
81
|
});
|
package/src/domain.js
CHANGED
|
@@ -9,6 +9,8 @@ const {
|
|
|
9
9
|
objHas,
|
|
10
10
|
firstLetterToUpper,
|
|
11
11
|
} = require("./common");
|
|
12
|
+
|
|
13
|
+
const { RESOURCES_PATH_SPLITTER } = require("./manifest/const");
|
|
12
14
|
const { error } = require("not-log")(module, "domain");
|
|
13
15
|
const Env = require("./env");
|
|
14
16
|
const notModule = require("./manifest/module"),
|
|
@@ -142,7 +144,9 @@ class notDomain extends EventEmitter {
|
|
|
142
144
|
**/
|
|
143
145
|
getRoute(name) {
|
|
144
146
|
if (name.indexOf("//") > 0) {
|
|
145
|
-
let [moduleName, routeName, routeFunctionName] = name.split(
|
|
147
|
+
let [moduleName, routeName, routeFunctionName] = name.split(
|
|
148
|
+
RESOURCES_PATH_SPLITTER
|
|
149
|
+
);
|
|
146
150
|
if (this.modules && objHas(this.modules, moduleName)) {
|
|
147
151
|
let route = this.getModule(moduleName).getRoute(routeName);
|
|
148
152
|
if (objHas(route, routeFunctionName)) {
|
|
@@ -186,8 +190,20 @@ class notDomain extends EventEmitter {
|
|
|
186
190
|
return this.getByPath(name, type);
|
|
187
191
|
}
|
|
188
192
|
|
|
193
|
+
getModelsNames(full = false) {
|
|
194
|
+
const list = [];
|
|
195
|
+
Object.values(this.modules).forEach((mod) => {
|
|
196
|
+
list.push(...mod.getModelsNames(full));
|
|
197
|
+
});
|
|
198
|
+
return list;
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
getFullModelsNames() {
|
|
202
|
+
return this.getModelsNames(true);
|
|
203
|
+
}
|
|
204
|
+
|
|
189
205
|
getByFullPath(name, type) {
|
|
190
|
-
let [moduleName, resourceName] = name.split(
|
|
206
|
+
let [moduleName, resourceName] = name.split(RESOURCES_PATH_SPLITTER);
|
|
191
207
|
if (this.modules && objHas(this.modules, moduleName)) {
|
|
192
208
|
return this.getModule(moduleName)[`get${firstLetterToUpper(type)}`](
|
|
193
209
|
resourceName
|
|
@@ -255,7 +271,7 @@ class notDomain extends EventEmitter {
|
|
|
255
271
|
}
|
|
256
272
|
|
|
257
273
|
getByPath(name, type) {
|
|
258
|
-
if (name.indexOf(
|
|
274
|
+
if (name.indexOf(RESOURCES_PATH_SPLITTER) > 0) {
|
|
259
275
|
return this.getByFullPath(name, type);
|
|
260
276
|
} else {
|
|
261
277
|
return this.getByShortPath(name, type);
|
|
@@ -471,7 +487,8 @@ class notDomain extends EventEmitter {
|
|
|
471
487
|
for (let t of ["routes", "models", "actions", "forms"]) {
|
|
472
488
|
stats[t].list.push(
|
|
473
489
|
...modStatus[t].list.map(
|
|
474
|
-
(itmName) =>
|
|
490
|
+
(itmName) =>
|
|
491
|
+
`${modName}${RESOURCES_PATH_SPLITTER}${itmName}`
|
|
475
492
|
)
|
|
476
493
|
);
|
|
477
494
|
}
|
package/src/fields/index.js
CHANGED
|
@@ -138,7 +138,7 @@ const filterOutPrivateFieldsFromNormalizedFieldDescription = (
|
|
|
138
138
|
};
|
|
139
139
|
};
|
|
140
140
|
|
|
141
|
-
const normalizeFieldsDescriptionsList = (list) => {
|
|
141
|
+
const normalizeFieldsDescriptionsList = (list = []) => {
|
|
142
142
|
return list.map(parseFieldDescription);
|
|
143
143
|
};
|
|
144
144
|
module.exports.normalizeFieldsDescriptionsList =
|
package/src/manifest/const.js
CHANGED
|
@@ -5,6 +5,7 @@ const ACTION_DATA_TYPE_FILTER = "filter";
|
|
|
5
5
|
const ACTION_DATA_TYPE_SEARCH = "search";
|
|
6
6
|
const ACTION_DATA_TYPE_RETURN = "return";
|
|
7
7
|
|
|
8
|
+
|
|
8
9
|
const ACTION_DATA_TYPES = Object.freeze({
|
|
9
10
|
DATA: ACTION_DATA_TYPE_DATA,
|
|
10
11
|
PAGER: ACTION_DATA_TYPE_PAGER,
|
|
@@ -16,3 +17,7 @@ const ACTION_DATA_TYPES = Object.freeze({
|
|
|
16
17
|
|
|
17
18
|
module.exports.ACTION_DATA_TYPES = ACTION_DATA_TYPES;
|
|
18
19
|
module.exports.ACTION_DATA_TYPES_VALUES = Object.values(ACTION_DATA_TYPES);
|
|
20
|
+
|
|
21
|
+
|
|
22
|
+
const RESOURCES_PATH_SPLITTER = "//";
|
|
23
|
+
module.exports.RESOURCES_PATH_SPLITTER = RESOURCES_PATH_SPLITTER;
|
package/src/manifest/module.js
CHANGED
|
@@ -8,6 +8,8 @@ const fs = require("fs"),
|
|
|
8
8
|
notModuleInitializator = require("./initializator"),
|
|
9
9
|
{ objHas, mapBind, executeObjectFunction } = require("../common");
|
|
10
10
|
|
|
11
|
+
const {RESOURCES_PATH_SPLITTER} = require('./const.js');
|
|
12
|
+
|
|
11
13
|
/**
|
|
12
14
|
* Standart splitter of module resources paths
|
|
13
15
|
* @constant
|
|
@@ -146,6 +148,16 @@ class notModule {
|
|
|
146
148
|
return this.models;
|
|
147
149
|
}
|
|
148
150
|
|
|
151
|
+
getModelsNames(full = false){
|
|
152
|
+
const list = Object.keys(this.models);
|
|
153
|
+
if(full){
|
|
154
|
+
const moduleName = this.getName();
|
|
155
|
+
return list.map(name=> `${moduleName}${RESOURCES_PATH_SPLITTER}${name}`);
|
|
156
|
+
}else{
|
|
157
|
+
return list;
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
|
|
149
161
|
getLogicFile(logicName) {
|
|
150
162
|
if (this.logics && objHas(this.logics, logicName)) {
|
|
151
163
|
return this.logics[logicName];
|
package/src/manifest/route.js
CHANGED
|
@@ -231,7 +231,7 @@ class notRoute {
|
|
|
231
231
|
try {
|
|
232
232
|
let prepared = undefined;
|
|
233
233
|
//waiting preparation
|
|
234
|
-
if (modRoute[
|
|
234
|
+
if (modRoute[CONST_BEFORE_ACTION]) {
|
|
235
235
|
prepared = await this.executeFunction(
|
|
236
236
|
modRoute,
|
|
237
237
|
CONST_BEFORE_ACTION,
|
|
@@ -255,6 +255,11 @@ class notRoute {
|
|
|
255
255
|
itm && itm.toObject ? itm.toObject() : itm
|
|
256
256
|
);
|
|
257
257
|
}
|
|
258
|
+
if (Object.hasOwn(result, 'list') && Array.isArray(result.list)) {
|
|
259
|
+
result.list = result.list.map((itm) =>
|
|
260
|
+
itm && itm.toObject ? itm.toObject() : itm
|
|
261
|
+
);
|
|
262
|
+
}
|
|
258
263
|
notManifestRouteResultFilter.filter(
|
|
259
264
|
req.notRouteData,
|
|
260
265
|
result,
|
package/src/model/default.js
CHANGED
|
@@ -273,11 +273,15 @@ function listAll(filter = null) {
|
|
|
273
273
|
* By default sorts by _id in DESC
|
|
274
274
|
* @static
|
|
275
275
|
* @param {object|array} populate populate rules
|
|
276
|
+
* @param {object|array} filter filter rules
|
|
276
277
|
* @return {Promise} Promise
|
|
277
278
|
*/
|
|
278
|
-
function listAllAndPopulate(populate) {
|
|
279
|
-
let by = defaultFilter(this)
|
|
280
|
-
|
|
279
|
+
function listAllAndPopulate(populate, filter = null) {
|
|
280
|
+
let by = defaultFilter(this);
|
|
281
|
+
if (filter) {
|
|
282
|
+
by = notQuery.filter.modifyRules(by, filter);
|
|
283
|
+
}
|
|
284
|
+
const query = this.find(by);
|
|
281
285
|
query.sort(defaultSorter());
|
|
282
286
|
populateQuery(query, populate, this.schema.statics.__versioning);
|
|
283
287
|
return query.exec();
|
package/src/model/routine.js
CHANGED
|
@@ -81,7 +81,6 @@ class ModelRoutine {
|
|
|
81
81
|
{
|
|
82
82
|
returnOriginal: false,
|
|
83
83
|
returnDocument: "after",
|
|
84
|
-
new: true,
|
|
85
84
|
}
|
|
86
85
|
)
|
|
87
86
|
.exec()
|
|
@@ -104,10 +103,8 @@ class ModelRoutine {
|
|
|
104
103
|
const updateResult = await ModelConstructor.findOneAndUpdate(
|
|
105
104
|
filter,
|
|
106
105
|
{ $set: data },
|
|
107
|
-
{
|
|
108
|
-
|
|
109
|
-
returnDocument: "after",
|
|
110
|
-
new: true,
|
|
106
|
+
{
|
|
107
|
+
returnDocument: "after"
|
|
111
108
|
}
|
|
112
109
|
);
|
|
113
110
|
if (updateResult) {
|
package/src/model/versioning.js
CHANGED
|
@@ -103,7 +103,7 @@ class ModelVersioning {
|
|
|
103
103
|
await versionDoc.save();
|
|
104
104
|
//updating history
|
|
105
105
|
let originalDoc = await ModelConstructor.findOne({ _id: id });
|
|
106
|
-
originalDoc.__version = preservedVersionNumber + 1;
|
|
106
|
+
originalDoc.__version = preservedVersionNumber + 1;
|
|
107
107
|
ModelVersioning.addVersionToHistory(originalDoc, versionDoc);
|
|
108
108
|
return await originalDoc.save();
|
|
109
109
|
}
|
|
@@ -128,7 +128,7 @@ class ModelVersioning {
|
|
|
128
128
|
//const findById = getFunc(thisModel,'findById');
|
|
129
129
|
let originalDoc = await ModelConstructor.findOne({ _id: id });
|
|
130
130
|
//first version
|
|
131
|
-
originalDoc.__version = 1;
|
|
131
|
+
originalDoc.__version = 1;
|
|
132
132
|
//adding to history
|
|
133
133
|
ModelVersioning.addVersionToHistory(originalDoc, versionDoc);
|
|
134
134
|
return await originalDoc.save();
|
package/test/filter.js
CHANGED
|
@@ -22,7 +22,7 @@ const SCHEMA = () => {
|
|
|
22
22
|
type: String,
|
|
23
23
|
safe: {
|
|
24
24
|
update: ["@system", "@owner", "root", "admin"],
|
|
25
|
-
read: ["
|
|
25
|
+
read: ["@*"],
|
|
26
26
|
},
|
|
27
27
|
},
|
|
28
28
|
salt: {
|
|
@@ -66,10 +66,13 @@ const SCHEMA = () => {
|
|
|
66
66
|
required: false,
|
|
67
67
|
searchable: true,
|
|
68
68
|
default: "ru",
|
|
69
|
-
safe:
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
69
|
+
safe: notFieldsFilter.mergeSafetyProtocols(
|
|
70
|
+
{
|
|
71
|
+
update: ["@system", "@owner", "root", "admin"],
|
|
72
|
+
read: "*",
|
|
73
|
+
},
|
|
74
|
+
safetyProtocols.publicReadable
|
|
75
|
+
),
|
|
73
76
|
},
|
|
74
77
|
email: {
|
|
75
78
|
type: String,
|
|
@@ -98,7 +98,7 @@ const rawRoutesManifest = {
|
|
|
98
98
|
describe("notManifestFilter", function () {
|
|
99
99
|
describe("clearActionFromRules", function () {
|
|
100
100
|
const spGuestC = Object.freeze({
|
|
101
|
-
[ACTION_SIGNATURES.CREATE]: ["root", "admin", "
|
|
101
|
+
[ACTION_SIGNATURES.CREATE]: ["root", "admin", "*"],
|
|
102
102
|
[ACTION_SIGNATURES.READ]: ["root", "admin"],
|
|
103
103
|
[ACTION_SIGNATURES.UPDATE]: ["root", "admin"],
|
|
104
104
|
[ACTION_SIGNATURES.DELETE]: ["root", "admin"],
|