npm - prostgles-server - Versions diffs - 2.0.266 → 2.0.267 - Mend

prostgles-server 2.0.266 → 2.0.267

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/dist/DboBuilder/runSQL.d.ts +6 -0
package/dist/DboBuilder/runSQL.d.ts.map +1 -0
package/dist/DboBuilder/runSQL.js +104 -0
package/dist/DboBuilder/runSQL.js.map +1 -0
package/dist/DboBuilder.d.ts +2 -2
package/dist/DboBuilder.d.ts.map +1 -1
package/dist/DboBuilder.js +8 -171
package/dist/DboBuilder.js.map +1 -1
package/dist/QueryBuilder.d.ts +3 -1
package/dist/QueryBuilder.d.ts.map +1 -1
package/lib/DboBuilder/runSQL.d.ts +6 -0
package/lib/DboBuilder/runSQL.d.ts.map +1 -0
package/lib/DboBuilder/runSQL.js +103 -0
package/lib/DboBuilder/runSQL.ts +109 -0
package/lib/DboBuilder.d.ts +2 -2
package/lib/DboBuilder.d.ts.map +1 -1
package/lib/DboBuilder.js +8 -171
package/lib/DboBuilder.ts +11 -200
package/package.json +2 -2
package/tests/client/PID.txt +1 -1
package/tests/server/package-lock.json +3 -3

package/lib/DboBuilder.ts CHANGED Viewed

@@ -8,7 +8,7 @@ import * as Bluebird from "bluebird";
 // declare global { export interface Promise<T> extends Bluebird<T> {} }
 import * as pgPromise from 'pg-promise';
-const { ParameterizedQuery: PQ } = require('pg-promise');
+import { canRunSQL, runSQL } from "./DboBuilder/runSQL";
 import pg = require('pg-promise/typescript/pg-subset');
 import {
     ColumnInfo, ValidatedColumnInfo, FieldFilter, SelectParams, SubscribeParams,
@@ -1091,6 +1091,14 @@ export class ViewHandler {
             }
             if(returnQuery) return (_query as unknown as any[]);
+            if(returnType === "statement"){
+                if(!(await canRunSQL(this.dboBuilder.prostgles, localParams))){
+                    throw `Not allowed:  {returnType: "statement"} requires sql privileges `
+                }
+                return _query as unknown as any[];
+            }
             if(["row", "value"].includes(returnType!)) {
                 return (this.t || this.db).oneOrNone(_query).then(data => {
                     return (data && returnType === "value")? Object.values(data)[0] : data;
@@ -2439,13 +2447,9 @@ export class TableHandler extends ViewHandler {
 }
-let DATA_TYPES: {oid: string, typname: PG_COLUMN_UDT_DATA_TYPE }[] | undefined;
-let USER_TABLES: { relid: string; relname: string; }[] | undefined;
 import { JOIN_TYPES } from "./Prostgles";
 import { BasicSession } from "./AuthHandler";
 import { DBOFullyTyped, getDBSchema } from "./DBSchemaBuilder";
-import { bool } from "aws-sdk/clients/signer";
 export class DboBuilder {
     tablesOrViews?: TableSchema[];   //TableSchema           TableOrViewInfo
@@ -2651,107 +2655,9 @@ export class DboBuilder {
         return this.joinPaths;
     }
-    runSQL = async (query: string, params: any, options: SQLOptions | undefined, localParams?: LocalParams) => {
-        /** Cache types */
-        DATA_TYPES ??= await this.db.any("SELECT oid, typname FROM pg_type") ?? [];
-        USER_TABLES ??= await this.db.any("SELECT relid, relname FROM pg_catalog.pg_statio_user_tables") ?? [];
-        const canRunSQL = async (localParams?: LocalParams) => {
-            if(!localParams?.socket || !localParams?.httpReq) return true;
-            const { socket } = localParams;
-            const publishParams = await this.prostgles.publishParser!.getPublishParams({ socket });
-            let res = await this.prostgles.opts.publishRawSQL?.(publishParams);
-            return Boolean(res && typeof res === "boolean" || res === "*");
-        }
-        if(!(await canRunSQL(localParams))) throw "Not allowed to run SQL";
-        const { returnType, allowListen }: SQLOptions = options || ({} as any);
-        const { socket } = localParams || {};
-        const db = localParams?.tx?.t || this.db;
-        if(returnType === "noticeSubscription"){
-            if(!socket) throw "Only allowed with client socket"
-            return await this.prostgles.dbEventsManager?.addNotice(socket);
-        } else if(returnType === "statement"){
-            try {
-                return pgp.as.format(query, params);
-            } catch (err){
-                throw (err as any).toString();
-            }
-        } else if(db) {
-            let finalQuery = query + "";
-            if(returnType === "arrayMode" && !["listen ", "notify "].find(c => query.toLowerCase().trim().startsWith(c))){
-                finalQuery = new PQ({ text: pgp.as.format(query, params), rowMode: "array" });
-            }
-            let _qres = await db.result(finalQuery, params)
-            const { fields, rows, command } = _qres;
-            /**
-             * Fallback for watchSchema in case not superuser and cannot add db event listener
-             */
-            const { watchSchema, watchSchemaType } = this.prostgles?.opts || {};
-            if(
-                watchSchema &&
-                (!this.prostgles.isSuperUser || watchSchemaType === "prostgles_queries")
-            ){
-                if(["CREATE", "ALTER", "DROP"].includes(command)){
-                    this.prostgles.onSchemaChange({ command, query })
-                } else if(query) {
-                    const cleanedQuery = query.toLowerCase().replace(/\s\s+/g, ' ');
-                    if(PubSubManager.SCHEMA_ALTERING_QUERIES.some(q => cleanedQuery.includes(q.toLowerCase()))){
-                        this.prostgles.onSchemaChange({ command, query })
-                    }
-                }
-            }
-            if(command === "LISTEN"){
-                if(!allowListen) throw new Error(`Your query contains a LISTEN command. Set { allowListen: true } to get subscription hooks. Or ignore this message`)
-                if(!socket) throw "Only allowed with client socket"
-                return await this.prostgles.dbEventsManager?.addNotify(query, socket);
-            } else if(returnType === "rows") {
-                return rows;
-            } else if(returnType === "row") {
-                return rows[0];
-            } else if(returnType === "value") {
-                return Object.values(rows?.[0] || {})?.[0];
-            } else if(returnType === "values") {
-                return rows.map(r => Object.values(r[0]));
-            } else {
-                let qres: SQLResult<typeof returnType> = {
-                    duration: 0,
-                    ..._qres,
-                    fields: fields?.map(f => {
-                        const dataType = DATA_TYPES!.find(dt => +dt.oid === +f.dataTypeID)?.typname ?? "text",
-                            tableName = USER_TABLES!.find(t => +t.relid === +f.tableID),
-                            tsDataType = postgresToTsType(dataType);
-                        return {
-                            ...f,
-                            tsDataType,
-                            dataType,
-                            udt_name: dataType,
-                            tableName: tableName?.relname
-                        }
-                    }) ?? []
-                };
-                return qres;
-            }
-        } else console.error("db missing");
+    private runSQL = async (query: string, params: any, options: SQLOptions | undefined, localParams?: LocalParams) => {
+        return runSQL.bind(this)(query, params, options, localParams);
     }
     async build(): Promise<DBHandlerServer>{
         this.tablesOrViews = await getTablesForSchemaPostgresSQL(this.db);
@@ -2820,101 +2726,6 @@ export class DboBuilder {
         if(!this.dbo.sql){
             this.dbo.sql = this.runSQL;
-            // this.dbo.sql = async (query: string, params: any, options: SQLOptions | undefined, localParams?: LocalParams) => {
-            //     const canRunSQL = async (localParams?: LocalParams) => {
-            //         if(!localParams?.socket || !localParams?.httpReq) return true;
-            //         const { socket } = localParams;
-            //         const publishParams = await this.prostgles.publishParser!.getPublishParams({ socket });
-            //         let res = await this.prostgles.opts.publishRawSQL?.(publishParams);
-            //         return Boolean(res && typeof res === "boolean" || res === "*");
-            //     }
-            //     if(!(await canRunSQL(localParams))) throw "Not allowed to run SQL";
-            //     const { returnType, allowListen }: SQLOptions = options || ({} as any);
-            //     const { socket } = localParams || {};
-            //     if(returnType === "noticeSubscription"){
-            //         if(!socket) throw "Only allowed with client socket"
-            //         return await this.prostgles.dbEventsManager?.addNotice(socket);
-            //     } else if(returnType === "statement"){
-            //         try {
-            //             return pgp.as.format(query, params);
-            //         } catch (err){
-            //             throw (err as any).toString();
-            //         }
-            //     } else if(this.db) {
-            //         let finalQuery = query + "";
-            //         if(returnType === "arrayMode" && !["listen ", "notify "].find(c => query.toLowerCase().trim().startsWith(c))){
-            //             finalQuery = new PQ({ text: pgp.as.format(query, params), rowMode: "array" });
-            //         }
-            //         let _qres = await this.db.result(finalQuery, params)
-            //         const { fields, rows, command } = _qres;
-            //         /**
-            //          * Fallback for watchSchema in case not superuser and cannot add db event listener
-            //          */
-            //         const { watchSchema, watchSchemaType } = this.prostgles?.opts || {};
-            //         if(
-            //             watchSchema &&
-            //             (!this.prostgles.isSuperUser || watchSchemaType === "prostgles_queries")
-            //         ){
-            //             if(["CREATE", "ALTER", "DROP"].includes(command)){
-            //                 this.prostgles.onSchemaChange({ command, query })
-            //             } else if(query) {
-            //                 const cleanedQuery = query.toLowerCase().replace(/\s\s+/g, ' ');
-            //                 if(PubSubManager.SCHEMA_ALTERING_QUERIES.some(q => cleanedQuery.includes(q.toLowerCase()))){
-            //                     this.prostgles.onSchemaChange({ command, query })
-            //                 }
-            //             }
-            //         }
-            //         if(command === "LISTEN"){
-            //             if(!allowListen) throw new Error(`Your query contains a LISTEN command. Set { allowListen: true } to get subscription hooks. Or ignore this message`)
-            //             if(!socket) throw "Only allowed with client socket"
-            //             return await this.prostgles.dbEventsManager?.addNotify(query, socket);
-            //         } else if(returnType === "rows") {
-            //             return rows;
-            //         } else if(returnType === "row") {
-            //             return rows[0];
-            //         } else if(returnType === "value") {
-            //             return Object.values(rows?.[0] || {})?.[0];
-            //         } else if(returnType === "values") {
-            //             return rows.map(r => Object.values(r[0]));
-            //         } else {
-            //             let qres: SQLResult<typeof returnType> = {
-            //                 duration: 0,
-            //                 ..._qres,
-            //                 fields: fields?.map(f => {
-            //                     const dataType = DATA_TYPES.find(dt => +dt.oid === +f.dataTypeID)?.typname ?? "text",
-            //                         tableName = USER_TABLES.find(t => +t.relid === +f.tableID),
-            //                         tsDataType = postgresToTsType(dataType);
-            //                     return {
-            //                         ...f,
-            //                         tsDataType,
-            //                         dataType,
-            //                         udt_name: dataType,
-            //                         tableName: tableName?.relname
-            //                     }
-            //                 }) ?? []
-            //             };
-            //             return qres;
-            //         }
-            //     } else console.error("db missing");
-            // }
         } else {
             console.warn(`Could not create dbo.sql handler because there is already a table named "sql"`)
         }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "prostgles-server",
-  "version": "2.0.266",
+  "version": "2.0.267",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -31,7 +31,7 @@
     "check-disk-space": "^3.3.1",
     "file-type": "^17.1.4",
     "pg-promise": "^10.11.1",
-    "prostgles-types": "^1.5.171",
+    "prostgles-types": "^1.5.174",
     "sharp": "^0.30.7"
   },
   "devDependencies": {

package/tests/client/PID.txt CHANGED Viewed

	@@ -1 +1 @@
1	- ~~20976~~
1	+ 14047

package/tests/server/package-lock.json CHANGED Viewed

@@ -21,7 +21,7 @@
     },
     "../..": {
       "name": "prostgles-server",
-      "version": "2.0.265",
+      "version": "2.0.266",
       "license": "MIT",
       "dependencies": {
         "@aws-sdk/client-s3": "^3.121.0",
@@ -31,7 +31,7 @@
         "check-disk-space": "^3.3.1",
         "file-type": "^17.1.4",
         "pg-promise": "^10.11.1",
-        "prostgles-types": "^1.5.171",
+        "prostgles-types": "^1.5.174",
         "sharp": "^0.30.7"
       },
       "devDependencies": {
@@ -1375,7 +1375,7 @@
         "check-disk-space": "^3.3.1",
         "file-type": "^17.1.4",
         "pg-promise": "^10.11.1",
-        "prostgles-types": "^1.5.171",
+        "prostgles-types": "^1.5.174",
         "sharp": "^0.30.7",
         "typescript": "^4.7.4"
       }