npm - proto.io - Versions diffs - 0.0.228 → 0.0.229 - Mend

proto.io 0.0.228 → 0.0.229

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

package/README.md +1017 -0
package/dist/adapters/file/aliyun-oss.d.mts +26 -0
package/dist/adapters/file/aliyun-oss.d.mts.map +1 -0
package/dist/adapters/file/aliyun-oss.d.ts +3 -3
package/dist/adapters/file/database.d.mts +23 -0
package/dist/adapters/file/database.d.mts.map +1 -0
package/dist/adapters/file/database.d.ts +2 -2
package/dist/adapters/file/database.js +1 -1
package/dist/adapters/file/database.mjs +1 -1
package/dist/adapters/file/filesystem.d.mts +25 -0
package/dist/adapters/file/filesystem.d.mts.map +1 -0
package/dist/adapters/file/filesystem.d.ts +3 -3
package/dist/adapters/file/google-cloud-storage.d.mts +29 -0
package/dist/adapters/file/google-cloud-storage.d.mts.map +1 -0
package/dist/adapters/file/google-cloud-storage.d.ts +3 -3
package/dist/adapters/storage/postgres.d.mts +299 -0
package/dist/adapters/storage/postgres.d.mts.map +1 -0
package/dist/adapters/storage/postgres.d.ts +5 -1
package/dist/adapters/storage/postgres.d.ts.map +1 -1
package/dist/adapters/storage/postgres.js +182 -74
package/dist/adapters/storage/postgres.js.map +1 -1
package/dist/adapters/storage/postgres.mjs +182 -74
package/dist/adapters/storage/postgres.mjs.map +1 -1
package/dist/client.d.mts +16 -0
package/dist/client.d.mts.map +1 -0
package/dist/client.d.ts +3 -3
package/dist/client.js +1 -1
package/dist/client.mjs +2 -2
package/dist/index.d.mts +151 -0
package/dist/index.d.mts.map +1 -0
package/dist/index.d.ts +3 -3
package/dist/index.js +50 -7
package/dist/index.js.map +1 -1
package/dist/index.mjs +51 -8
package/dist/index.mjs.map +1 -1
package/dist/internals/{base-CW4QHAo3.d.ts → base-Bhrj5Pq1.d.ts} +2 -2
package/dist/internals/{base-CW4QHAo3.d.ts.map → base-Bhrj5Pq1.d.ts.map} +1 -1
package/dist/internals/base-CiZHXD0o.d.mts +27 -0
package/dist/internals/base-CiZHXD0o.d.mts.map +1 -0
package/dist/internals/chunk-Cp2QN7ug.d.mts +17 -0
package/dist/internals/chunk-Cp2QN7ug.d.mts.map +1 -0
package/dist/internals/{chunk-DPgxK2_o.d.ts → chunk-o7lWIP-f.d.ts} +3 -3
package/dist/internals/{chunk-DPgxK2_o.d.ts.map → chunk-o7lWIP-f.d.ts.map} +1 -1
package/dist/internals/{index-vOFh8pVc.js → index-B0TO6h9r.js} +8 -1
package/dist/internals/index-B0TO6h9r.js.map +1 -0
package/dist/internals/{index-CywcwPk-.d.ts → index-B710pfTH.d.ts} +2 -2
package/dist/internals/{index-CywcwPk-.d.ts.map → index-B710pfTH.d.ts.map} +1 -1
package/dist/internals/{index-BWZIV3_T.mjs → index-DG2-4tQ1.mjs} +8 -1
package/dist/internals/index-DG2-4tQ1.mjs.map +1 -0
package/dist/internals/index-DwjvuRyl.d.mts +92 -0
package/dist/internals/index-DwjvuRyl.d.mts.map +1 -0
package/dist/internals/index-OwgXw07h.d.mts +2107 -0
package/dist/internals/index-OwgXw07h.d.mts.map +1 -0
package/dist/internals/{index-h4KGKuhq.d.ts → index-OwgXw07h.d.ts} +45 -3
package/dist/internals/index-OwgXw07h.d.ts.map +1 -0
package/dist/internals/{validator-Bc1jRJfA.js → validator-CFlx3oyq.js} +33 -1
package/dist/internals/validator-CFlx3oyq.js.map +1 -0
package/dist/internals/{validator-Boj1PUjM.mjs → validator-DubDY921.mjs} +32 -2
package/dist/internals/validator-DubDY921.mjs.map +1 -0
package/package.json +7 -19
package/dist/internals/index-BWZIV3_T.mjs.map +0 -1
package/dist/internals/index-h4KGKuhq.d.ts.map +0 -1
package/dist/internals/index-vOFh8pVc.js.map +0 -1
package/dist/internals/validator-Bc1jRJfA.js.map +0 -1
package/dist/internals/validator-Boj1PUjM.mjs.map +0 -1

package/dist/index.mjs CHANGED Viewed

@@ -1,10 +1,10 @@
 import _ from 'lodash';
 import { Server } from '@o2ter/server-js';
-import { Q as QueryValidator, a as QueryExpression, r as resolveColumn, b as resolveDataType, c as QuerySelector } from './internals/validator-Boj1PUjM.mjs';
+import { Q as QueryValidator, a as QueryExpression, b as QueryAccumulator, r as resolveColumn, c as resolveDataType, d as QuerySelector } from './internals/validator-DubDY921.mjs';
 import { P as PVK } from './internals/private-CNw40LZ7.mjs';
 import { prototypes, asyncStream, isBinaryData, base64ToBuffer } from '@o2ter/utils-js';
-import { L as LiveQuerySubscription, T as TQuery, d as deserialize, s as serialize, a as TUser, P as ProtoType, _ as _logLevels } from './internals/index-BWZIV3_T.mjs';
-export { b as ProtoClient, c as classExtends } from './internals/index-BWZIV3_T.mjs';
+import { L as LiveQuerySubscription, T as TQuery, d as deserialize, s as serialize, a as TUser, P as ProtoType, _ as _logLevels } from './internals/index-DG2-4tQ1.mjs';
+export { b as ProtoClient, c as classExtends } from './internals/index-DG2-4tQ1.mjs';
 import { i as isPointer, a as isRelation, T as TObject, d as defaultObjectKeyTypes, b as isShape, c as isPrimitive } from './internals/index-CSOoWRr1.mjs';
 import jwt from 'jsonwebtoken';
 import { Blob } from 'node:buffer';
@@ -113,6 +113,16 @@ const dispatcher = (proto, options) => {
                 throw Error('No permission');
             return proto.storage.find(decoded);
         },
+        async groupFind(query, accumulators) {
+            QueryValidator.recursiveCheck(query);
+            const _validator = await validator();
+            const decoded = _validator.decodeQuery(normalize(query), 'read');
+            const isGet = _validator.isGetMethod(decoded.filter);
+            if (!_validator.validateCLPs(query.className, isGet ? 'get' : 'find'))
+                throw Error('No permission');
+            const acc = _.mapValues(accumulators, x => QueryAccumulator.decode(x).simplify());
+            return proto.storage.groupFind(decoded, acc);
+        },
         async nonrefs(query) {
             QueryValidator.recursiveCheck(query);
             const _validator = await validator();
@@ -309,6 +319,9 @@ class _ProtoQuery extends TQuery {
                 yield self._objectMethods(object);
         });
     }
+    groupFind(accumulators, options) {
+        return this._dispatcher(options).groupFind(this._queryOptions, accumulators);
+    }
     nonrefs(options) {
         const self = this;
         return asyncStream(async function* () {
@@ -523,6 +536,8 @@ const defaultSchema = {
     'User': {
         fields: {
             password: 'object',
+            password_history: 'array',
+            password_changed_at: 'date',
         },
         classLevelPermissions: {
             find: [],
@@ -532,7 +547,7 @@ const defaultSchema = {
         fieldLevelPermissions: {
             _expired_at: { create: [], update: [] },
         },
-        secureFields: ['password'],
+        secureFields: ['password', 'password_history', 'password_changed_at'],
     },
     'Role': {
         fields: {
@@ -913,13 +928,39 @@ class ProtoInternal {
             throw Error('Invalid user object');
         if (_.isEmpty(password))
             throw Error('Invalid password');
+        const { maxPasswordHistory, validatorCallback, } = this.options.passwordPolicy || {};
+        if (validatorCallback) {
+            const isValid = await validatorCallback(password, user);
+            if (!isValid)
+                throw Error('Password does not meet the policy requirements');
+        }
         const { alg, ...opts } = this.options.passwordHashOptions;
         const hashed = await passwordHash(alg, password, opts);
+        let history = [];
+        if (maxPasswordHistory && maxPasswordHistory > 0) {
+            const _user = await proto.InsecureQuery('User')
+                .equalTo('_id', user.id)
+                .includes('_id', 'password_history')
+                .first(options);
+            history = _.slice(_user?.get('password_history') ?? [], 0, maxPasswordHistory);
+            for (const entry of history) {
+                const { alg, ...opts } = entry;
+                if (await verifyPassword(alg, password, opts)) {
+                    throw Error('Cannot reuse previous passwords');
+                }
+            }
+        }
         await proto.InsecureQuery('User')
             .equalTo('_id', user.id)
             .includes('_id')
             .updateOne({
             password: { $set: hashed },
+            password_history: {
+                $set: maxPasswordHistory && maxPasswordHistory > 0
+                    ? _.slice([{ ...hashed, password }, ...history], 0, maxPasswordHistory)
+                    : [],
+            },
+            password_changed_at: { $set: new Date() },
         }, options);
     }
     async unsetPassword(proto, user, options) {
@@ -930,6 +971,7 @@ class ProtoInternal {
             .includes('_id')
             .updateOne({
             password: { $set: {} },
+            password_changed_at: { $set: new Date() },
         }, options);
     }
     async updateFile(proto, object, options) {
@@ -1974,7 +2016,7 @@ const verifyRelatedBy = (relatedBy) => {
 var classesRoute = (router, proto) => {
     const defaultHandler = async (req) => {
         const { name } = req.params;
-        const { operation, random, attributes, update, setOnInsert, relatedBy, silent, ...options } = deserialize(req.body);
+        const { operation, accumulators, random, attributes, update, setOnInsert, relatedBy, silent, ...options } = deserialize(req.body);
         verifyRelatedBy(relatedBy);
         const payload = proto.connect(req);
         const query = relatedBy ? payload.Relation(payload.Object(relatedBy.className, relatedBy.id), relatedBy.key) : payload.Query(name);
@@ -1995,15 +2037,16 @@ var classesRoute = (router, proto) => {
                     query[PVK].options.limit = query[PVK].options.limit ?? maxFetchLimit;
                     if (query[PVK].options.limit > maxFetchLimit)
                         throw Error('Query over limit');
-                    return await query.find(opts);
+                    return query.find(opts);
                 }
+            case 'groupFind': return query.groupFind(accumulators, opts);
             case 'random':
                 {
                     const maxFetchLimit = payload[PVK].options.maxFetchLimit;
                     query[PVK].options.limit = query[PVK].options.limit ?? maxFetchLimit;
                     if (query[PVK].options.limit > maxFetchLimit)
                         throw Error('Query over limit');
-                    return await query.random(random, opts);
+                    return query.random(random, opts);
                 }
             case 'nonrefs':
                 {
@@ -2011,7 +2054,7 @@ var classesRoute = (router, proto) => {
                     query[PVK].options.limit = query[PVK].options.limit ?? maxFetchLimit;
                     if (query[PVK].options.limit > maxFetchLimit)
                         throw Error('Query over limit');
-                    return await query.nonrefs(opts);
+                    return query.nonrefs(opts);
                 }
             case 'insert': return query.insert(attributes, opts);
             case 'insertMany': return query.insertMany(attributes, opts);