not-node 6.5.7 → 6.5.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/package.json +1 -1
  2. package/src/generic/field._data.js +1 -1
  3. package/src/generic/manifest.js +3 -0
  4. package/src/identity/index.js +12 -8
  5. package/src/manifest/manifest.filter.js +27 -20
  6. package/src/manifest/route.js +15 -7
  7. package/test/fakes.js +21 -0
  8. package/test/notManifest.js +2 -0
  9. package/test/notManifestFilter.js +25 -0
  10. package/test/notRoute.js +13 -10
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "not-node",
3
- "version": "6.5.7",
3
+ "version": "6.5.9",
4
4
  "description": "node complimentary part for client side notFramework.",
5
5
  "main": "index.js",
6
6
  "scripts": {
package/src/generic/field._data.js CHANGED
@@ -22,7 +22,7 @@ const initGenericDataForm = ({
22
22
  });
23
23
  const App = getApp();
24
24
  App.getModule(MODULE_NAME).setFormConstructor(formName, cls);
25
- App.getModule(MODULE_NAME).setForm(formName, new cls(App));
25
+ App.getModule(MODULE_NAME).setForm(formName, new cls({ app: App }));
26
26
  return true;
27
27
  } catch (e) {
28
28
  getApp().logger.error(e);
package/src/generic/manifest.js CHANGED
@@ -1,4 +1,5 @@
1
1
  const ACTION_SIGNATURES = require("../auth/const").ACTION_SIGNATURES;
2
+ const notManifestRouteResultFilter = require("../manifest/result.filter");
2
3
 
3
4
  const extraActionsBuilder = (
4
5
  MODULE_NAME,
@@ -72,6 +73,8 @@ module.exports = (MODULE_NAME, modelName, FIELDS = [], actions = {}) => {
72
73
  rules: [
73
74
  {
74
75
  root: true,
76
+ [notManifestRouteResultFilter.PROP_NAME_RETURN_ROOT]:
77
+ "list",
75
78
  },
76
79
  ],
77
80
  },
package/src/identity/index.js CHANGED
@@ -12,13 +12,7 @@ module.exports = class notAppIdentity {
12
12
  return this.#identity;
13
13
  }
14
14
 
15
- /**
16
- * Collects various authentification and authorization data from request object
17
- * @param {import('../types').notNodeExpressRequest} req ExpressRequest
18
- * @return {import('../types').notAppIdentityData} various authentification data for actor { root:boolean, auth: boolean, role: [string], uid: ObjectId, sid: string, ip:string }
19
- */
20
- static extractAuthData(req) {
21
- const identity = this.#identity.of(req);
15
+ static identityToAuthData(identity, req) {
22
16
  return {
23
17
  root: identity.isRoot(),
24
18
  admin: identity.isAdmin(),
@@ -27,11 +21,21 @@ module.exports = class notAppIdentity {
27
21
  primaryRole: identity.getPrimaryRole(),
28
22
  uid: identity.getUserId(),
29
23
  sid: identity.getSessionId(),
30
- ip: getIP(req),
24
+ ip: req ? getIP(req) : undefined,
31
25
  provider: identity.constructor.name,
32
26
  };
33
27
  }
34
28
 
29
+ /**
30
+ * Collects various authentification and authorization data from request object
31
+ * @param {import('../types').notNodeExpressRequest} req ExpressRequest
32
+ * @return {import('../types').notAppIdentityData} various authentification data for actor { root:boolean, auth: boolean, role: [string], uid: ObjectId, sid: string, ip:string }
33
+ */
34
+ static extractAuthData(req) {
35
+ const identity = this.#identity.of(req);
36
+ return this.identityToAuthData(identity, req);
37
+ }
38
+
35
39
  /**
36
40
  *
37
41
  * @param {import('../types').notNodeExpressRequest} req
package/src/manifest/manifest.filter.js CHANGED
@@ -18,6 +18,7 @@ const DIRTY_FIELDS = [
18
18
 
19
19
  //allow access to safe (for a specific user auth status) fields only
20
20
  const DEFAULT_FIELDS_SET = ["@safe"];
21
+ const DEFAULT_RETURN_SET = ["@id", "@ID", "@safe"];
21
22
 
22
23
  module.exports = class notManifestFilter {
23
24
  static schemaLoader = (name) => getApp().getModelSchema(name);
@@ -41,7 +42,6 @@ module.exports = class notManifestFilter {
41
42
  if (!route || !route.actions) {
42
43
  return result;
43
44
  }
44
- console.log("actions", JSON.stringify(route.actions));
45
45
  for (let actionName in route.actions) {
46
46
  if (!route.actions[actionName]) {
47
47
  continue;
@@ -136,7 +136,7 @@ module.exports = class notManifestFilter {
136
136
  **/
137
137
 
138
138
  static filter(manifest, auth, role, root, moduleName = "") {
139
- var result = {};
139
+ const result = {};
140
140
  for (let routeName in manifest) {
141
141
  let routeMan = notManifestFilter.filterRoute(
142
142
  manifest[routeName],
@@ -264,14 +264,17 @@ module.exports = class notManifestFilter {
264
264
  return returnSet;
265
265
  }
266
266
 
267
+ static getFieldsPropertyFromRuleSet(ruleSet) {
268
+ return notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
269
+ ? [...ruleSet.fields]
270
+ : DEFAULT_FIELDS_SET;
271
+ }
272
+
267
273
  static filterFieldsPropOfActionRule(
268
274
  actionRule,
269
275
  { modelSchema, modelName, ruleSet, actionSignature, role, auth, root }
270
276
  ) {
271
- const fields = notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
272
- ? [...ruleSet.fields]
273
- : DEFAULT_FIELDS_SET;
274
-
277
+ const fields = notManifestFilter.getFieldsPropertyFromRuleSet(ruleSet);
275
278
  actionRule.fields = notFieldsFilter.filter(fields, modelSchema, {
276
279
  action: actionSignature,
277
280
  roles: role,
@@ -286,23 +289,27 @@ module.exports = class notManifestFilter {
286
289
  }
287
290
  }
288
291
 
292
+ static getReturnPropertyFromRuleSet(ruleSet) {
293
+ return ruleSet && Object.hasOwn(ruleSet, "return") && ruleSet.return
294
+ ? ruleSet.return
295
+ : DEFAULT_RETURN_SET;
296
+ }
297
+
289
298
  static filterReturnPropOfActionRule(
290
299
  actionRule,
291
300
  { modelSchema, modelName, ruleSet, actionSignature, role, auth, root }
292
301
  ) {
293
- if (ruleSet && ruleSet.return) {
294
- actionRule.return = notManifestFilter.filterReturnSet(
295
- ruleSet.return,
296
- modelSchema,
297
- {
298
- auth,
299
- role,
300
- root,
301
- modelName,
302
- actionSignature,
303
- }
304
- );
305
- }
302
+ actionRule.return = notManifestFilter.filterReturnSet(
303
+ notManifestFilter.getReturnPropertyFromRuleSet(ruleSet),
304
+ modelSchema,
305
+ {
306
+ auth,
307
+ role,
308
+ root,
309
+ modelName,
310
+ actionSignature,
311
+ }
312
+ );
306
313
  }
307
314
 
308
315
  /**
@@ -338,7 +345,7 @@ module.exports = class notManifestFilter {
338
345
  ruleSet = null
339
346
  ) {
340
347
  //full copy
341
- let actionRule = merge({}, action);
348
+ const actionRule = merge({}, action);
342
349
  //removes server side or secret information (full list of access rules)
343
350
  notManifestFilter.clearFromDirtyFields(actionRule);
344
351
  //retrives model schema
package/src/manifest/route.js CHANGED
@@ -80,10 +80,9 @@ class notRoute {
80
80
  * @param {import('../types').notNodeExpressRequest} req Express Request Object
81
81
  * @return {import('../types').notRouteRule | null} rule or null
82
82
  */
83
- selectRule(req) {
84
- const user = notAppIdentity.extractAuthData(req);
83
+ selectRule(identity) {
85
84
  if (this.actionData) {
86
- return notRoute.actionAvailableByRule(this.actionData, user);
85
+ return notRoute.actionAvailableByRule(this.actionData, identity);
87
86
  }
88
87
  return null;
89
88
  }
@@ -107,7 +106,15 @@ class notRoute {
107
106
  * @return {import('../types').notRouteData}
108
107
  * @memberof notRoute
109
108
  */
110
- createRequestRouteData(actionName, rule) {
109
+ createRequestRouteData(actionName, rule, identity) {
110
+ const actionRule = notManifestFilter.filterRouteAction(
111
+ this.actionData,
112
+ identity.auth,
113
+ identity.role,
114
+ identity.root,
115
+ this.routeName,
116
+ this.moduleName
117
+ );
111
118
  return {
112
119
  actionName,
113
120
  modelName: this.routeName,
@@ -116,7 +123,7 @@ class notRoute {
116
123
  this.routeName
117
124
  )}`,
118
125
  rule: copyObj(rule),
119
- actionData: copyObj(this.actionData),
126
+ actionData: actionRule,
120
127
  actionSignature: notManifestFilter.detectActionSignature(
121
128
  this.actionData
122
129
  ),
@@ -132,7 +139,8 @@ class notRoute {
132
139
  **/
133
140
  exec(req, res, next) {
134
141
  try {
135
- let rule = this.selectRule(req);
142
+ const identity = notAppIdentity.extractAuthData(req);
143
+ const rule = this.selectRule(identity);
136
144
  if (!rule) {
137
145
  return next(
138
146
  new HttpError(
@@ -166,7 +174,7 @@ class notRoute {
166
174
  const modRoute = mod.getRoute(this.routeName);
167
175
  this.setRequestRouteData(
168
176
  req,
169
- this.createRequestRouteData(actionName, rule)
177
+ this.createRequestRouteData(actionName, rule, identity)
170
178
  );
171
179
  if (this.routeIsRunnable(modRoute, actionName)) {
172
180
  return this.executeRoute(modRoute, actionName, {
package/test/fakes.js CHANGED
@@ -10,6 +10,27 @@ module.exports = {
10
10
  }
11
11
  };
12
12
  },
13
+ fakeAuthData: ({
14
+ root = false,
15
+ admin = false,
16
+ auth = false,
17
+ role = [DEFAULT_USER_ROLE_FOR_GUEST],
18
+ primaryRole = DEFAULT_USER_ROLE_FOR_GUEST,
19
+ uid = undefined,
20
+ sid = undefined,
21
+ ip = undefined,
22
+ }) => {
23
+ return {
24
+ root,
25
+ admin,
26
+ auth,
27
+ role,
28
+ primaryRole,
29
+ uid,
30
+ sid,
31
+ ip,
32
+ };
33
+ },
13
34
  fakeIdentity: (
14
35
  id = {
15
36
  root: false,
package/test/notManifest.js CHANGED
@@ -230,6 +230,7 @@ describe("Manifest", function () {
230
230
  actions: {
231
231
  list: {
232
232
  method: "get",
233
+ return: ["_id", "postID"],
233
234
  },
234
235
  },
235
236
  },
@@ -239,6 +240,7 @@ describe("Manifest", function () {
239
240
  actions: {
240
241
  profile: {
241
242
  method: "get",
243
+ return: ["_id", "userID"],
242
244
  },
243
245
  },
244
246
  },
package/test/notManifestFilter.js CHANGED
@@ -164,6 +164,7 @@ describe("notManifestFilter", function () {
164
164
  expect(result).to.deep.equal({
165
165
  modelName: "jelly",
166
166
  fields: ["name", "email"], //if fields ommited, it replaced by ["@safe"], __version is not safe to everyone but system invoked operations
167
+ return: ["_id", "jellyID", "name", "email"],
167
168
  });
168
169
  });
169
170
 
@@ -177,6 +178,7 @@ describe("notManifestFilter", function () {
177
178
  const result = notManifestFilter.clearActionFromRules(input);
178
179
  expect(result).to.deep.equal({
179
180
  modelName: "jelly",
181
+ return: ["_id", "ID"],
180
182
  });
181
183
  });
182
184
  });
@@ -224,6 +226,7 @@ describe("notManifestFilter", function () {
224
226
  actions: {
225
227
  list: {
226
228
  postFix: ":actionName",
229
+ return: ["_id", "ID"],
227
230
  },
228
231
  },
229
232
  });
@@ -240,9 +243,11 @@ describe("notManifestFilter", function () {
240
243
  actions: {
241
244
  list: {
242
245
  postFix: ":actionName",
246
+ return: ["_id", "ID"],
243
247
  },
244
248
  get: {
245
249
  formData: true,
250
+ return: ["_id", "ID"],
246
251
  },
247
252
  },
248
253
  });
@@ -259,6 +264,7 @@ describe("notManifestFilter", function () {
259
264
  actions: {
260
265
  list: {
261
266
  postFix: ":actionName",
267
+ return: ["_id", "ID"],
262
268
  },
263
269
  },
264
270
  });
@@ -275,9 +281,11 @@ describe("notManifestFilter", function () {
275
281
  actions: {
276
282
  list: {
277
283
  postFix: ":actionName",
284
+ return: ["_id", "ID"],
278
285
  },
279
286
  update: {
280
287
  formData: false,
288
+ return: ["_id", "ID"],
281
289
  },
282
290
  },
283
291
  });
@@ -293,9 +301,11 @@ describe("notManifestFilter", function () {
293
301
  actions: {
294
302
  list: {
295
303
  method: "get",
304
+ return: ["_id", "userID"],
296
305
  },
297
306
  profile: {
298
307
  method: "get",
308
+ return: ["_id", "userID"],
299
309
  },
300
310
  },
301
311
  },
@@ -305,9 +315,11 @@ describe("notManifestFilter", function () {
305
315
  actions: {
306
316
  list: {
307
317
  method: "get",
318
+ return: ["_id", "postID"],
308
319
  },
309
320
  listAll: {
310
321
  method: "get",
322
+ return: ["_id", "postID"],
311
323
  },
312
324
  },
313
325
  },
@@ -317,6 +329,7 @@ describe("notManifestFilter", function () {
317
329
  actions: {
318
330
  reboot: {
319
331
  method: "post",
332
+ return: ["_id", "adminID"],
320
333
  },
321
334
  },
322
335
  },
@@ -328,6 +341,7 @@ describe("notManifestFilter", function () {
328
341
  actions: {
329
342
  profile: {
330
343
  method: "get",
344
+ return: ["_id", "userID"],
331
345
  },
332
346
  },
333
347
  },
@@ -337,6 +351,7 @@ describe("notManifestFilter", function () {
337
351
  actions: {
338
352
  list: {
339
353
  method: "get",
354
+ return: ["_id", "postID"],
340
355
  },
341
356
  },
342
357
  },
@@ -348,6 +363,7 @@ describe("notManifestFilter", function () {
348
363
  actions: {
349
364
  list: {
350
365
  method: "get",
366
+ return: ["_id", "postID"],
351
367
  },
352
368
  },
353
369
  },
@@ -359,6 +375,7 @@ describe("notManifestFilter", function () {
359
375
  actions: {
360
376
  activate: {
361
377
  method: "get",
378
+ return: ["_id", "userID"],
362
379
  },
363
380
  },
364
381
  },
@@ -368,6 +385,7 @@ describe("notManifestFilter", function () {
368
385
  actions: {
369
386
  list: {
370
387
  method: "get",
388
+ return: ["_id", "postID"],
371
389
  },
372
390
  },
373
391
  },
@@ -379,6 +397,7 @@ describe("notManifestFilter", function () {
379
397
  actions: {
380
398
  profile: {
381
399
  method: "get",
400
+ return: ["_id", "userID"],
382
401
  },
383
402
  },
384
403
  },
@@ -388,9 +407,11 @@ describe("notManifestFilter", function () {
388
407
  actions: {
389
408
  list: {
390
409
  method: "get",
410
+ return: ["_id", "postID"],
391
411
  },
392
412
  listAll: {
393
413
  method: "get",
414
+ return: ["_id", "postID"],
394
415
  },
395
416
  },
396
417
  },
@@ -555,6 +576,7 @@ describe("notManifestFilter", function () {
555
576
  const targetResult = {
556
577
  method: "get",
557
578
  fields: ["name", "username", "country"],
579
+ return: ["_id", "userID", "name", "username", "country"],
558
580
  };
559
581
  const result = notManifestFilter.filterRouteAction(
560
582
  actionData,
@@ -596,6 +618,7 @@ describe("notManifestFilter", function () {
596
618
  "country",
597
619
  "email",
598
620
  ],
621
+ return: ["_id", "userID", "name", "username", "country"],
599
622
  };
600
623
  const result = notManifestFilter.filterRouteAction(
601
624
  actionData,
@@ -635,6 +658,7 @@ describe("notManifestFilter", function () {
635
658
  "code",
636
659
  "email",
637
660
  ],
661
+ return: ["_id", "userID", "name", "username", "country"],
638
662
  };
639
663
  const result = notManifestFilter.filterRouteAction(
640
664
  actionData,
@@ -715,6 +739,7 @@ describe("notManifestFilter", function () {
715
739
  const targetResult = {
716
740
  method: "get",
717
741
  fields: ["userID", "name", "username", "country"],
742
+ return: ["_id", "userID", "name", "username", "country"],
718
743
  };
719
744
  const result = notManifestFilter.filterRouteAction(
720
745
  actionData,
package/test/notRoute.js CHANGED
@@ -27,21 +27,23 @@ describe("notRoute", function () {
27
27
 
28
28
  describe("selectRule", function () {
29
29
  it("User(auth) request, post.list action", function () {
30
- notAppIdentity.identity = require("./fakes").fakeIdentity({
30
+ const authData = require("./fakes").fakeAuthData({
31
31
  auth: true,
32
+ role: ["user"],
33
+ primaryRole: "user",
32
34
  });
33
35
  let req = {},
34
36
  actionData = {
35
37
  method: "get",
36
38
  rules: [
37
39
  {
38
- auth: false,
40
+ root: true,
39
41
  },
40
42
  {
41
43
  auth: true,
42
44
  },
43
45
  {
44
- root: true,
46
+ auth: false,
45
47
  },
46
48
  ],
47
49
  },
@@ -52,12 +54,12 @@ describe("notRoute", function () {
52
54
  "list",
53
55
  actionData
54
56
  );
55
- expect(routerAction.selectRule(req)).to.deep.equal({
57
+ expect(routerAction.selectRule(authData)).to.deep.equal({
56
58
  auth: true,
57
59
  });
58
60
  });
59
61
  it("User(!auth) request, post.list action", function () {
60
- notAppIdentity.identity = require("./fakes").fakeIdentity({
62
+ const authData = require("./fakes").fakeAuthData({
61
63
  auth: false,
62
64
  });
63
65
  let req = {},
@@ -82,7 +84,7 @@ describe("notRoute", function () {
82
84
  "list",
83
85
  actionData
84
86
  );
85
- expect(routerAction.selectRule(req)).to.deep.equal({
87
+ expect(routerAction.selectRule(authData)).to.deep.equal({
86
88
  auth: false,
87
89
  });
88
90
  });
@@ -112,9 +114,10 @@ describe("notRoute", function () {
112
114
  });
113
115
 
114
116
  it("User(auth, manager) request, post.listAll action", function () {
115
- notAppIdentity.identity = require("./fakes").fakeIdentity({
117
+ const authData = require("./fakes").fakeAuthData({
116
118
  auth: true,
117
119
  role: ["manager"],
120
+ primaryRole: "admin",
118
121
  });
119
122
  let req = {},
120
123
  actionData = {
@@ -136,14 +139,14 @@ describe("notRoute", function () {
136
139
  "listAll",
137
140
  actionData
138
141
  );
139
- expect(routerAction.selectRule(req)).to.deep.equal({
142
+ expect(routerAction.selectRule(authData)).to.deep.equal({
140
143
  auth: true,
141
144
  role: ["manager"],
142
145
  });
143
146
  });
144
147
 
145
148
  it("Admin request, post.listAll action", function () {
146
- notAppIdentity.identity = require("./fakes").fakeIdentity({
149
+ const authData = require("./fakes").fakeAuthData({
147
150
  auth: true,
148
151
  root: true,
149
152
  primaryRole: DEFAULT_USER_ROLE_FOR_ROOT,
@@ -169,7 +172,7 @@ describe("notRoute", function () {
169
172
  "listAll",
170
173
  actionData
171
174
  );
172
- expect(routerAction.selectRule(req)).to.deep.equal({
175
+ expect(routerAction.selectRule(authData)).to.deep.equal({
173
176
  root: true,
174
177
  });
175
178
  });