proteum 1.0.0 → 1.0.3

package/server/services/auth/index.ts

@@ -20,10 +20,47 @@ import { InputError, AuthRequired, Forbidden } from '@common/errors';
 - TYPES
 ----------------------------------*/
 
-export type TUserRole = typeof UserRoles[number]
+declare global {
+    /**
+     * Optional app-level role registry.
+     *
+     * Apps can add their own roles (keys are role ids):
+     * `interface ProteumAuthRoleCatalog { GOD: true }`
+     */
+    interface ProteumAuthRoleCatalog {}
+
+    /**
+     * App-level feature catalog consumed by auth permission checks.
+     *
+     * Apps can augment this interface with their own feature map:
+     * `interface ProteumAuthFeatureCatalog extends MyFeatures {}`
+     */
+    interface ProteumAuthFeatureCatalog {}
+
+    /**
+     * Canonical feature keys union used across app + framework.
+     *
+     * Notes:
+     * - If the app does not define a feature catalog, this defaults to `string`.
+     * - Otherwise it becomes the string keys of `ProteumAuthFeatureCatalog`.
+     */
+    type FeatureKeys = (
+        keyof ProteumAuthFeatureCatalog extends never
+            ? string
+            : Extract<keyof ProteumAuthFeatureCatalog, string>
+    );
+}
+
+export type TUserRole = (
+    typeof UserRoles[number]
+    |
+    Extract<keyof ProteumAuthRoleCatalog, string>
+);
 
 export type THttpRequest = express.Request | http.IncomingMessage;
 
+export type TFeatureKey = FeatureKeys;
+
 /*----------------------------------
 - CONFIG
 ----------------------------------*/
@@ -167,7 +204,7 @@ export default abstract class AuthService<
         return session;
     }
 
-    public createSession( session: TJwtSession, request: TRequest ): string {
+    public createSession( session: TJwtSession, request2: TRequest ): string {
 
         this.config.debug && console.info(LogPrefix, `Creating new session:`, session);
 
@@ -175,7 +212,7 @@ export default abstract class AuthService<
 
         this.config.debug && console.info(LogPrefix, `Generated JWT token for session:` + token);
 
-        request.res.cookie('authorization', token, {
+        request2.res.cookie('authorization', token, {
             maxAge: this.config.jwt.expiration,
         });
 
@@ -191,30 +228,28 @@ export default abstract class AuthService<
         request.res.clearCookie('authorization');
     }
 
-    public check( 
-        request: TRequest, 
-        role: TUserRole, 
-        motivation?: string, 
-        dataForDebug?: { [key: string]: any }
-    ): TUser;
-
-    public check( 
-        request: TRequest, 
-        role: false, 
-        motivation?: string, 
-        dataForDebug?: { [key: string]: any }
-    ): null;
-
-    public check( 
-        request: TRequest, 
-        role: TUserRole | false = 'USER', 
-        motivation?: string, 
-        dataForDebug?: { [key: string]: any }
+    public check(
+        request: TRequest,
+        role?: TUserRole | false,
+    ): TUser | null;
+
+    public check(
+        request: TRequest,
+        role: TUserRole | false,
+        feature: FeatureKeys,
+        action?: string,
+    ): TUser | null;
+
+    public check(
+        request: TRequest,
+        role: TUserRole | false = 'USER',
+        feature?: FeatureKeys,
+        action?: string,
     ): TUser | null {
 
         const user = request.user;
 
-        this.config.debug && console.warn(LogPrefix, `Check auth, role = ${role}. Current user =`, user?.name, motivation);
+        this.config.debug && console.warn(LogPrefix, `Check auth, role = ${role}. Current user =`, user?.name, feature);
 
         if (user === undefined) {
 
@@ -223,13 +258,13 @@ export default abstract class AuthService<
         // Shoudln't be logged
         } else if (role === false) {
 
-            return user;
+            return user as TUser;
 
         // Not connected
         } else if (user === null) {
 
             console.warn(LogPrefix, "Refusé pour anonyme (" + request.ip + ")");
-            throw new AuthRequired('Please login to continue', motivation, dataForDebug);
+            throw new AuthRequired('Please login to continue', feature as any, action as any);
             
         // Insufficient permissions
         } else if (!user.roles.includes(role)) {
@@ -244,7 +279,7 @@ export default abstract class AuthService<
 
         }
 
-        return user;
+        return user as TUser;
     }
 
-}
+}

package/server/services/auth/router/request.ts

@@ -8,7 +8,6 @@ import jwt from 'jsonwebtoken';
 // Core
 import type { default as Router, Request as ServerRequest, TAnyRouter } from '@server/services/router';
 import RequestService from '@server/services/router/request/service';
-import { InputError, AuthRequired, Forbidden } from '@common/errors';
 
 // Specific
 import type AuthenticationRouterService from '.';
@@ -45,10 +44,22 @@ export default class UsersRequestService<
         return this.users.logout( this.request );
     }
 
+    public check(): TUser;
+
     // TODO: return user type according to entity
-    public check(role: TUserRole, motivation?: string, dataForDebug?: {}): TUser;
-    public check(role: false, motivation?: string, dataForDebug?: {}): null;
-    public check(role: TUserRole | boolean = 'USER', motivation?: string, dataForDebug?: {}): TUser | null {
-        return this.users.check( this.request, role, motivation, dataForDebug );
+    public check(role: TUserRole, feature: null): TUser;
+
+    public check(role: false): null;
+
+    public check(role: TUserRole, feature: FeatureKeys, action?: string): TUser;
+
+    public check(role: false, feature: FeatureKeys, action?: string): null;
+
+    public check(
+        role: TUserRole | false = 'USER',
+        feature?: FeatureKeys | null,
+        action?: string
+    ) {
+        return this.users.check( this.request, role, feature, action ) as any;
     }
-}
+}

package/server/services/router/http/index.ts

@@ -115,7 +115,7 @@ export default class HttpServer {
         routes.use('/public', cors());
         routes.use(
             '/public',
-            express.static( Container.path.root + '/bin/public', {
+            express.static( path.join(Container.path.root, APP_OUTPUT_DIR, 'public'), {
                 dotfiles: 'deny',
                 setHeaders: function setCustomCacheControl(res, path) {
 
@@ -193,7 +193,7 @@ export default class HttpServer {
 
         routes.use( csp.expressCspHeader({
             directives: {
-                'script-src': [csp.INLINE, csp.SELF, 
+                'script-src': [csp.INLINE, csp.SELF, csp.UNSAFE_EVAL,
                    ...this.config.csp.scripts
                 ]
             }
@@ -214,4 +214,4 @@ export default class HttpServer {
     public async cleanup() {
         this.http.close();
     }
-}
+}

package/server/services/router/response/index.ts

@@ -52,7 +52,7 @@ export type TRouterContext<TRouter extends TServerRouter> = (
         Router: TRouter,
     }
     & TRouterContextServices<TRouter>
-    //& TRouterRequestContext<TRouter>
+    & TRouterRequestContext<TRouter>
 )
 
 export type TRouterContextServices< 

package/server/services/schema/request.ts

@@ -4,7 +4,6 @@
 
 // Npm
 import zod from 'zod';
-import { SomeType } from 'zod/v4/core';
  
 // Core
 import { 
@@ -24,6 +23,18 @@ export type TConfig = {
     debug?: boolean
 }
 
+type TValidationSchema = zod.ZodTypeAny;
+type TValidationShape = zod.ZodRawShape;
+
+const isZodSchema = (fields: unknown): fields is TValidationSchema => {
+    return (
+        typeof fields === 'object'
+        && fields !== null
+        && 'safeParse' in fields
+        && typeof (fields as TValidationSchema).safeParse === 'function'
+    );
+}
+
 /*----------------------------------
 - SERVICE
 ----------------------------------*/
@@ -32,18 +43,25 @@ export default(
     config: TConfig,
     router = request.router,
     app = router.app
-) => ({
-
-    ...schema,
+) => {
 
-    validate( fields: zod.ZodSchema | { [key: string]: zod.ZodSchema } ) {
+    function validate<TSchema extends TValidationSchema>( fields: TSchema ): zod.output<TSchema>;
+    function validate<TShape extends TValidationShape>( fields: TShape ): zod.output<zod.ZodObject<TShape>>;
+    function validate( fields: TValidationSchema | TValidationShape ) {
 
         config.debug && console.log(LogPrefix, "Validate request data:", request.data);
 
-        const schema = typeof fields === 'object' ? zod.object(fields) : fields;
+        const validationSchema = isZodSchema(fields) ? fields : zod.object(fields);
 
-        const preprocessedSchema = preprocessSchema(schema);
+        //const preprocessedSchema = preprocessSchema(validationSchema);
 
-        return preprocessedSchema.parse(request.data);
-    },
-})
+        return validationSchema.parse(request.data);
+    }
+
+    return {
+
+        ...schema,
+
+        validate,
+    }
+}

package/server/utils/slug.ts

@@ -7,9 +7,6 @@ import escapeStringRegexp from 'escape-regexp';
 import slugify from 'slugify';
 import { removeStopwords, eng } from 'stopword';
 
-// Core
-import type SQL from "@server/services/database";
-
 /*----------------------------------
 - TYPES
 ----------------------------------*/

package/tsconfig.common.json

@@ -40,5 +40,6 @@
             "react/jsx-runtime": ["preact/jsx-runtime"]
         },
     },
-    "include": ["."]
+    "include": ["."],
+    "exclude": ["cli"]
 }

package/types/global/constants.d.ts

@@ -0,0 +1,12 @@
+declare const __DEV__: boolean;
+declare const SERVER: boolean;
+
+declare const CORE_VERSION: string;
+declare const CORE_PATH: string;
+
+declare const BUILD_DATE: string;
+declare const BUILD_ID: number;
+
+declare const APP_PATH: string;
+declare const APP_NAME: string;
+declare const APP_OUTPUT_DIR: string;

package/changelog.md

@@ -1,5 +0,0 @@
-# 01/01/2023:
-
-* Redesigned systems service. Pass app instance servces list through constructor attribute instead of importing instance
-* Update babel-plugn-glob-import
-* 

package/client/components/Button.tsx

@@ -1,298 +0,0 @@
-/*----------------------------------
-- DEPENDANCES
-----------------------------------*/
-
-// Npm
-import React from 'react';
-import { VNode, RefObject,ComponentChild } from 'preact';
-
-// Core
-import { shouldOpenNewTab } from '@client/services/router/components/Link';
-import { history } from '@client/services/router/request/history';
-import useContext from '@/client/context';
-
-/*----------------------------------
-- TYPES
-----------------------------------*/
-
-export type Props = {
-
-    id?: string,
-    refElem?: RefObject<HTMLElement>,
-
-    icon?: ComponentChild,
-    iconR?: ComponentChild,
-
-    prefix?: ComponentChild,
-    suffix?: ComponentChild,
-    
-    tag?: "a" | "button",
-    type?: 'guide' | 'primary' | 'secondary' | 'link',
-    shape?: 'default' | 'icon' | 'tile' | 'pill' | 'custom',
-    size?: TComponentSize,
-    class?: string,
-
-    state?: [string, React.StateUpdater<string>],
-    active?: boolean,
-    selected?: boolean,
-    disabled?: boolean,
-    loading?: boolean,
-    autoFocus?: boolean,
-    onClick?: (e: MouseEvent) => any,
-    async?: boolean,
-
-    submenu?: ComponentChild,
-    nav?: boolean | 'exact'
-
-// SEO: if icon only, should provinde a hint (aria-label)
-} & ({ 
-    hint: string,
-    children?: ComponentChild | ComponentChild[],
-} | { 
-    children: ComponentChild | ComponentChild[],
-    hint?: string,
-}) & (TButtonProps | TLinkProps)
-
-export type TButtonProps = React.JSX.HTMLAttributes<HTMLButtonElement>
-
-export type TLinkProps = React.JSX.HTMLAttributes<HTMLAnchorElement>
-
-/*----------------------------------
-- HELPERS
-----------------------------------*/
-const trimSlash = (str: string): string => {
-    return str.endsWith('/') ? str.slice(0, -1) : str;
-}
-
-const isCurrentUrl = (currentUrl: string, url: string, exact?: boolean) => {
-    return (
-        (exact && (url === currentUrl || trimSlash(url) === currentUrl))
-        ||
-        (!exact && currentUrl.startsWith(url))
-    )
-}
-
-/*----------------------------------
-- CONTROLEUR
-----------------------------------*/
-export default ({
-
-    id,
-
-    // Content
-    icon, prefix, 
-    children, 
-    iconR, suffix,
-    submenu,
-    nav,
-    hint,
-
-    // Style
-    class: className,
-    shape,
-    size,
-    type,
-
-    // Interactions
-    active,
-    selected,
-    state: stateUpdater,
-    disabled,
-    loading,
-    //autoFocus,
-    async,
-
-    // HTML attributes
-    tag: Tag,
-    refElem,
-    ...props
-
-}: Props) => {
-
-    const ctx = useContext();
-    let [isSelected, setIsSelected] = React.useState(false);
-    let [isActive, setIsActive] = React.useState(false);
-    const [isLoading, setLoading] = React.useState(false);
-
-    if (isLoading || loading) {
-        icon = <i src="spin" />
-        iconR = undefined;
-        disabled = true;
-    }
-
-    if (stateUpdater && id !== undefined) {
-        const [active, setActive] = stateUpdater;
-        if (id === active)
-            isSelected = true;
-        props.onClick = () => setActive(id);
-    }
-
-    // Hint
-    if (hint !== undefined) {
-        props['aria-label'] = hint;
-        props.title = hint;
-    }
-
-    // Shape classes
-    const classNames: string[] = ['btn'];
-    if (className)
-        classNames.push(className);
-
-    if (shape !== undefined) {
-        if (shape === 'tile')
-            classNames.push('col');
-        else
-            classNames.push(shape);
-    }
-
-    if (size !== undefined)
-        classNames.push(size);
-
-    if (icon) {
-        if (children === undefined)
-            classNames.push('icon');
-    }
-
-    // state classes
-    const [isMouseDown, setMouseDown] = React.useState(false);
-    props.onMouseDown = () => setMouseDown(true);
-    props.onMouseUp = () => setMouseDown(false);
-    props.onMouseLeave = () => setMouseDown(false);
-
-    // Theming & state
-    if (isMouseDown)
-        classNames.push('pressed');
-    else if (selected || isSelected === true)
-        classNames.push('bg accent');
-    else if (type !== undefined)
-        classNames.push(type === 'link' ? type : (' bg ' + type));
-    
-    if (active || isActive === true)
-        classNames.push('active');
-
-    // Icon
-    if (prefix === undefined && icon !== undefined)
-        prefix = typeof icon === "string" ? <i class={"svg-" + icon} /> : icon;
-    if (suffix === undefined && iconR !== undefined)
-        suffix = typeof iconR === "string" ? <i class={"svg-" + iconR} /> : iconR;
-
-    // Render
-    if ('link' in props || Tag === "a") {
-
-        // Link (only if enabled)
-        if (!disabled) {
-
-            props.href = props.link;
-            
-            // External = open in new tab by default
-            if (shouldOpenNewTab( props.href, props.target ))
-                props.target = '_blank';
-        }
-
-        // Nav
-        if (nav && props.target === undefined) {
-
-            const checkIfCurrentUrl = (url: string) => 
-                isCurrentUrl(url, props.link, nav === 'exact');
-
-            React.useEffect(() => {
-
-                // Init
-                if (checkIfCurrentUrl(ctx.request.path))
-                    setIsActive(true);
-
-                // On location change
-                return history?.listen(({ location }) => {
-
-                    setIsActive( checkIfCurrentUrl(location.pathname) );
-
-                })
-
-            }, []);
-        }
-
-        Tag = 'a';
-
-    } else {
-        Tag = 'button';
-
-        // Avoid to trigget onclick when presing enter
-        if (type !== 'primary')
-            props.type = 'button';
-        else
-            props.type = 'submit';
-    }
-
-    let render: VNode = (
-        <Tag {...props} id={id} class={classNames.join(' ')} disabled={disabled} ref={refElem} onClick={(e: MouseEvent) => {
-
-            // annulation si:
-            // - Pas clic gauche
-            // - Event annulé
-            if (e.button !== 0)
-                return;
-
-            // Disabled
-            if (disabled)
-                return false;
-
-            // Custom event
-            if (props.onClick !== undefined) {
-
-                const returned = props.onClick(e);
-                if (async && returned?.then) {
-                    setLoading(true);
-                    returned.finally(() => setLoading(false));
-                }
-            }
-
-            // Link
-            let nativeEvent: boolean = false;
-            if (('link' in props) && !e.defaultPrevented) {
-
-                // Nouvelle fenetre = event par defaut
-                if (props.target === '_blank') {
-
-                    nativeEvent = true;
-
-                // Page change = loading indicator
-                } else if (props.target === "_self") {
-
-                    setLoading(true);
-                    window.location.href = props.link;
-
-                } else {
-
-                    history?.push(props.link);
-                }
-            }
-
-            if (!nativeEvent) {
-                e.preventDefault();
-                return false;
-            }       
-        }}>
-            {prefix}
-            {children === undefined 
-                ? null 
-                : shape === 'custom' 
-                ? children : (
-                    <span class={"label"}>
-                        {children}
-                    </span>
-                )}
-            {suffix}
-        </Tag>
-    )
-
-    if (Tag === "li" || submenu) {
-        render = (
-            <li>
-                {render}
-                {submenu}
-            </li>
-        )
-    }
-
-    return render;
-}