rxdb-server 15.4.3

package/dist/esm/plugins/server/endpoint-rest.js

@@ -0,0 +1,213 @@
+import { normalizeMangoQuery } from 'rxdb/plugins/core';
+import { filter, mergeMap } from 'rxjs';
+import { ensureNotFalsy, getFromMapOrThrow } from 'rxdb/plugins/utils';
+import { addAuthMiddleware, blockPreviousVersionPaths, closeConnection, docContainsServerOnlyFields, doesContainRegexQuerySelector, getDocAllowedMatcher, removeServerOnlyFieldsMonad, setCors, writeSSEHeaders } from "./helper.js";
+export var REST_PATHS = ['query', 'query/observe', 'get', 'set', 'delete'
+
+// TODO
+/*
+'attachments/add',
+'attachments/delete',
+'events'
+*/];
+export var RxServerRestEndpoint = function RxServerRestEndpoint(server, name, collection, queryModifier, changeValidator, serverOnlyFields, cors) {
+  var _this = this;
+  this.type = 'rest';
+  this.server = server;
+  this.name = name;
+  this.collection = collection;
+  this.serverOnlyFields = serverOnlyFields;
+  this.cors = cors;
+  setCors(this.server, [this.name].join('/'), cors);
+  blockPreviousVersionPaths(this.server, [this.name].join('/'), collection.schema.version);
+  this.urlPath = [this.name, collection.schema.version].join('/');
+  var primaryPath = this.collection.schema.primaryPath;
+  var authDataByRequest = addAuthMiddleware(this.server, this.urlPath);
+  this.queryModifier = (authData, query) => {
+    if (doesContainRegexQuerySelector(query.selector)) {
+      throw new Error('$regex queries not allowed because of DOS-attacks');
+    }
+    return queryModifier(authData, query);
+  };
+  this.changeValidator = (authData, change) => {
+    if (change.assumedMasterState && docContainsServerOnlyFields(serverOnlyFields, change.assumedMasterState) || docContainsServerOnlyFields(serverOnlyFields, change.newDocumentState)) {
+      return false;
+    }
+    return changeValidator(authData, change);
+  };
+  var removeServerOnlyFields = removeServerOnlyFieldsMonad(this.serverOnlyFields);
+  this.server.expressApp.post('/' + this.urlPath + '/query', async (req, res) => {
+    var authData = getFromMapOrThrow(authDataByRequest, req);
+    var useQuery;
+    try {
+      useQuery = this.queryModifier(ensureNotFalsy(authData), normalizeMangoQuery(this.collection.schema.jsonSchema, req.body));
+    } catch (err) {
+      closeConnection(res, 400, 'Bad Request');
+      return;
+    }
+    var rxQuery = this.collection.find(useQuery);
+    var result = await rxQuery.exec();
+    res.setHeader('Content-Type', 'application/json');
+    res.json({
+      documents: result.map(d => removeServerOnlyFields(d.toJSON()))
+    });
+  });
+
+  /**
+   * It is not possible to send data with server send events,
+   * so we send the query as query parameter in base64
+   * like ?query=e3NlbGVjdG9yOiB7fX0=
+   */
+  this.server.expressApp.get('/' + this.urlPath + '/query/observe', async (req, res) => {
+    var authData = getFromMapOrThrow(authDataByRequest, req);
+    writeSSEHeaders(res);
+    var useQuery = this.queryModifier(ensureNotFalsy(authData), normalizeMangoQuery(this.collection.schema.jsonSchema, JSON.parse(atob(req.query.query))));
+    var rxQuery = this.collection.find(useQuery);
+    var subscription = rxQuery.$.pipe(mergeMap(async result => {
+      var resultData = result.map(doc => removeServerOnlyFields(doc.toJSON()));
+
+      /**
+       * The auth-data might be expired
+       * so we re-run the auth parsing each time
+       * before emitting the new results.
+       */
+      try {
+        authData = await server.authHandler(req.headers);
+      } catch (err) {
+        closeConnection(res, 401, 'Unauthorized');
+        return null;
+      }
+      return resultData;
+    }), filter(f => f !== null)).subscribe(resultData => {
+      res.write('data: ' + JSON.stringify(resultData) + '\n\n');
+    });
+
+    /**
+     * @link https://youtu.be/0PcMuYGJPzM?si=AxkczxcMaUwhh8k9&t=363
+     */
+    req.on('close', () => {
+      subscription.unsubscribe();
+      res.end();
+    });
+  });
+  this.server.expressApp.post('/' + this.urlPath + '/get', async (req, res) => {
+    var authData = getFromMapOrThrow(authDataByRequest, req);
+    var ids = req.body;
+    var rxQuery = this.collection.findByIds(ids);
+    var resultMap = await rxQuery.exec();
+    var resultValues = Array.from(resultMap.values());
+    var docMatcher = getDocAllowedMatcher(this, ensureNotFalsy(authData));
+    var useDocs = resultValues.map(d => d.toJSON());
+    useDocs = useDocs.filter(d => docMatcher(d));
+    useDocs = useDocs.map(d => removeServerOnlyFields(d));
+    res.setHeader('Content-Type', 'application/json');
+    res.json({
+      documents: useDocs
+    });
+  });
+  this.server.expressApp.post('/' + this.urlPath + '/set', async (req, res) => {
+    var authData = getFromMapOrThrow(authDataByRequest, req);
+    var docDataMatcherWrite = getDocAllowedMatcher(this, ensureNotFalsy(authData));
+    var docsData = req.body;
+    for (var docData of docsData) {
+      var allowed = docDataMatcherWrite(docData);
+      if (!allowed) {
+        closeConnection(res, 403, 'Forbidden');
+        return;
+      }
+    }
+    function onWriteError(err, docData) {
+      if (err.rxdb && err.code === 'CONFLICT') {
+        // just retry on conflicts
+        docsData.push(docData);
+      } else {
+        closeConnection(res, 500, 'Internal Server Error');
+        throw err;
+      }
+    }
+    while (docsData.length > 0) {
+      var promises = [];
+      var docs = await collection.findByIds(docsData.map(d => d[primaryPath])).exec();
+      var useDocsData = docsData.slice();
+      docsData = [];
+      var _loop = async function (_docData) {
+          var id = _docData[primaryPath];
+          var doc = docs.get(id);
+          if (!doc) {
+            promises.push(_this.collection.insert(_docData).catch(err => onWriteError(err, _docData)));
+          } else {
+            var isAllowed = _this.changeValidator(authData, {
+              newDocumentState: removeServerOnlyFields(_docData),
+              assumedMasterState: removeServerOnlyFields(doc.toJSON(true))
+            });
+            if (!isAllowed) {
+              closeConnection(res, 403, 'Forbidden');
+              return {
+                v: void 0
+              };
+            }
+            promises.push(doc.patch(_docData).catch(err => onWriteError(err, _docData)));
+          }
+        },
+        _ret;
+      for (var _docData of useDocsData) {
+        _ret = await _loop(_docData);
+        if (_ret) return _ret.v;
+      }
+      await Promise.all(promises);
+    }
+    res.setHeader('Content-Type', 'application/json');
+    res.json({});
+  });
+  this.server.expressApp.post('/' + this.urlPath + '/delete', async (req, res) => {
+    var authData = getFromMapOrThrow(authDataByRequest, req);
+    var docDataMatcherWrite = getDocAllowedMatcher(this, ensureNotFalsy(authData));
+    var ids = req.body;
+    while (ids.length > 0) {
+      var useIds = ids.slice(0);
+      ids = [];
+      var promises = [];
+      var docsMap = await this.collection.findByIds(useIds).exec();
+      var _loop2 = async function (id) {
+          var doc = docsMap.get(id);
+          if (doc) {
+            var isAllowedDoc = docDataMatcherWrite(doc.toJSON(true));
+            if (!isAllowedDoc) {
+              closeConnection(res, 403, 'Forbidden');
+              return {
+                v: void 0
+              };
+            }
+            var isAllowedChange = _this.changeValidator(authData, {
+              newDocumentState: doc.toJSON(true),
+              assumedMasterState: doc.toJSON(true)
+            });
+            if (!isAllowedChange) {
+              closeConnection(res, 403, 'Forbidden');
+              return {
+                v: void 0
+              };
+            }
+            promises.push(doc.remove().catch(err => {
+              if (err.rxdb && err.code === 'CONFLICT') {
+                // just retry on conflicts
+                ids.push(id);
+              } else {
+                closeConnection(res, 500, 'Internal Server Error');
+                throw err;
+              }
+            }));
+          }
+        },
+        _ret2;
+      for (var id of useIds) {
+        _ret2 = await _loop2(id);
+        if (_ret2) return _ret2.v;
+      }
+      await Promise.all(promises);
+    }
+    res.setHeader('Content-Type', 'application/json');
+    res.json({});
+  });
+};
+//# sourceMappingURL=endpoint-rest.js.map

package/dist/esm/plugins/server/endpoint-rest.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"endpoint-rest.js","names":["normalizeMangoQuery","filter","mergeMap","ensureNotFalsy","getFromMapOrThrow","addAuthMiddleware","blockPreviousVersionPaths","closeConnection","docContainsServerOnlyFields","doesContainRegexQuerySelector","getDocAllowedMatcher","removeServerOnlyFieldsMonad","setCors","writeSSEHeaders","REST_PATHS","RxServerRestEndpoint","server","name","collection","queryModifier","changeValidator","serverOnlyFields","cors","_this","type","join","schema","version","urlPath","primaryPath","authDataByRequest","authData","query","selector","Error","change","assumedMasterState","newDocumentState","removeServerOnlyFields","expressApp","post","req","res","useQuery","jsonSchema","body","err","rxQuery","find","result","exec","setHeader","json","documents","map","d","toJSON","get","JSON","parse","atob","subscription","$","pipe","resultData","doc","authHandler","headers","f","subscribe","write","stringify","on","unsubscribe","end","ids","findByIds","resultMap","resultValues","Array","from","values","docMatcher","useDocs","docDataMatcherWrite","docsData","docData","allowed","onWriteError","rxdb","code","push","length","promises","docs","useDocsData","slice","_loop","_docData","id","insert","catch","isAllowed","v","patch","_ret","Promise","all","useIds","docsMap","_loop2","isAllowedDoc","isAllowedChange","remove","_ret2"],"sources":["../../../../src/plugins/server/endpoint-rest.ts"],"sourcesContent":["import {\n    FilledMangoQuery,\n    RxCollection,\n    RxError,\n    normalizeMangoQuery\n} from 'rxdb/plugins/core';\nimport type { RxServer } from './rx-server.ts';\nimport type {\n    RxServerChangeValidator,\n    RxServerEndpoint,\n    RxServerQueryModifier\n} from './types.ts';\nimport { filter, mergeMap } from 'rxjs';\nimport {\n    ensureNotFalsy,\n    getFromMapOrThrow\n} from 'rxdb/plugins/utils';\n\nimport {\n    addAuthMiddleware,\n    blockPreviousVersionPaths,\n    closeConnection,\n    docContainsServerOnlyFields,\n    doesContainRegexQuerySelector,\n    getDocAllowedMatcher,\n    removeServerOnlyFieldsMonad,\n    setCors,\n    writeSSEHeaders\n} from './helper.ts';\n\n\nexport const REST_PATHS = [\n    'query',\n    'query/observe',\n    'get',\n    'set',\n    'delete',\n\n    // TODO\n    /*\n    'attachments/add',\n    'attachments/delete',\n    'events'\n    */\n] as const;\n\n\nexport class RxServerRestEndpoint<AuthType, RxDocType> implements RxServerEndpoint<AuthType, RxDocType> {\n    readonly type = 'rest';\n    readonly urlPath: string;\n    readonly changeValidator: RxServerChangeValidator<AuthType, RxDocType>;\n    readonly queryModifier: RxServerQueryModifier<AuthType, RxDocType>;\n    constructor(\n        public readonly server: RxServer<AuthType>,\n        public readonly name: string,\n        public readonly collection: RxCollection<RxDocType>,\n        queryModifier: RxServerQueryModifier<AuthType, RxDocType>,\n        changeValidator: RxServerChangeValidator<AuthType, RxDocType>,\n        public readonly serverOnlyFields: string[],\n        public readonly cors?: string\n    ) {\n        setCors(this.server, [this.name].join('/'), cors);\n        blockPreviousVersionPaths(this.server, [this.name].join('/'), collection.schema.version);\n\n        this.urlPath = [this.name, collection.schema.version].join('/');\n        const primaryPath = this.collection.schema.primaryPath;\n        const authDataByRequest = addAuthMiddleware(\n            this.server,\n            this.urlPath\n        );\n\n        this.queryModifier = (authData, query) => {\n            if (doesContainRegexQuerySelector(query.selector)) {\n                throw new Error('$regex queries not allowed because of DOS-attacks');\n            }\n            return queryModifier(authData, query);\n        }\n        this.changeValidator = (authData, change) => {\n            if (\n                (\n                    change.assumedMasterState &&\n                    docContainsServerOnlyFields(serverOnlyFields, change.assumedMasterState)\n                ) ||\n                docContainsServerOnlyFields(serverOnlyFields, change.newDocumentState)\n            ) {\n                return false;\n            }\n            return changeValidator(authData, change);\n        }\n        const removeServerOnlyFields = removeServerOnlyFieldsMonad(this.serverOnlyFields);\n\n        this.server.expressApp.post('/' + this.urlPath + '/query', async (req, res) => {\n            const authData = getFromMapOrThrow(authDataByRequest, req);\n            let useQuery: FilledMangoQuery<RxDocType>\n            try {\n                useQuery = this.queryModifier(\n                    ensureNotFalsy(authData),\n                    normalizeMangoQuery(\n                        this.collection.schema.jsonSchema,\n                        req.body\n                    )\n                );\n            } catch (err) {\n                closeConnection(res, 400, 'Bad Request');\n                return;\n            }\n            const rxQuery = this.collection.find(useQuery as any);\n            const result = await rxQuery.exec();\n            res.setHeader('Content-Type', 'application/json');\n            res.json({\n                documents: result.map(d => removeServerOnlyFields(d.toJSON()))\n            });\n        });\n\n        /**\n         * It is not possible to send data with server send events,\n         * so we send the query as query parameter in base64\n         * like ?query=e3NlbGVjdG9yOiB7fX0=\n         */\n        this.server.expressApp.get('/' + this.urlPath + '/query/observe', async (req, res) => {\n            let authData = getFromMapOrThrow(authDataByRequest, req);\n            writeSSEHeaders(res);\n\n            const useQuery: FilledMangoQuery<RxDocType> = this.queryModifier(\n                ensureNotFalsy(authData),\n                normalizeMangoQuery(\n                    this.collection.schema.jsonSchema,\n                    JSON.parse(atob(req.query.query as string))\n                )\n            );\n\n            const rxQuery = this.collection.find(useQuery as any);\n            const subscription = rxQuery.$.pipe(\n                mergeMap(async (result) => {\n                    const resultData = result.map(doc => removeServerOnlyFields(doc.toJSON()));\n\n                    /**\n                     * The auth-data might be expired\n                     * so we re-run the auth parsing each time\n                     * before emitting the new results.\n                     */\n                    try {\n                        authData = await server.authHandler(req.headers);\n                    } catch (err) {\n                        closeConnection(res, 401, 'Unauthorized');\n                        return null;\n                    }\n\n                    return resultData;\n                }),\n                filter(f => f !== null)\n            ).subscribe(resultData => {\n                res.write('data: ' + JSON.stringify(resultData) + '\\n\\n');\n            });\n\n            /**\n             * @link https://youtu.be/0PcMuYGJPzM?si=AxkczxcMaUwhh8k9&t=363\n             */\n            req.on('close', () => {\n                subscription.unsubscribe();\n                res.end();\n            });\n        });\n\n\n        this.server.expressApp.post('/' + this.urlPath + '/get', async (req, res) => {\n            const authData = getFromMapOrThrow(authDataByRequest, req);\n            const ids: string[] = req.body;\n\n            const rxQuery = this.collection.findByIds(ids);\n            const resultMap = await rxQuery.exec();\n            const resultValues = Array.from(resultMap.values());\n            const docMatcher = getDocAllowedMatcher(this, ensureNotFalsy(authData));\n            let useDocs = resultValues.map(d => d.toJSON());\n            useDocs = useDocs.filter(d => docMatcher(d as any));\n            useDocs = useDocs.map(d => removeServerOnlyFields(d))\n\n            res.setHeader('Content-Type', 'application/json');\n            res.json({\n                documents: useDocs\n            });\n        });\n\n        this.server.expressApp.post('/' + this.urlPath + '/set', async (req, res) => {\n            const authData = getFromMapOrThrow(authDataByRequest, req);\n            const docDataMatcherWrite = getDocAllowedMatcher(this, ensureNotFalsy(authData));\n\n            let docsData: RxDocType[] = req.body;\n\n            for (const docData of docsData) {\n                const allowed = docDataMatcherWrite(docData as any);\n                if (!allowed) {\n                    closeConnection(res, 403, 'Forbidden');\n                    return;\n                }\n            }\n\n            function onWriteError(err: RxError, docData: RxDocType) {\n                if (err.rxdb && err.code === 'CONFLICT') {\n                    // just retry on conflicts\n                    docsData.push(docData);\n                } else {\n                    closeConnection(res, 500, 'Internal Server Error');\n                    throw err;\n                }\n            }\n\n            while (docsData.length > 0) {\n                const promises: Promise<any>[] = [];\n                const docs = await collection.findByIds(docsData.map(d => (d as any)[primaryPath])).exec();\n                let useDocsData = docsData.slice();\n                docsData = [];\n                for (const docData of useDocsData) {\n                    const id = (docData as any)[primaryPath];\n                    const doc = docs.get(id);\n                    if (!doc) {\n                        promises.push(this.collection.insert(docData).catch(err => onWriteError(err, docData)));\n                    } else {\n                        const isAllowed = this.changeValidator(authData, {\n                            newDocumentState: removeServerOnlyFields(docData as any),\n                            assumedMasterState: removeServerOnlyFields(doc.toJSON(true))\n                        });\n                        if (!isAllowed) {\n                            closeConnection(res, 403, 'Forbidden');\n                            return;\n                        }\n                        promises.push(doc.patch(docData).catch(err => onWriteError(err, docData)));\n                    }\n                }\n                await Promise.all(promises);\n            }\n\n            res.setHeader('Content-Type', 'application/json');\n            res.json({\n            });\n        });\n\n        this.server.expressApp.post('/' + this.urlPath + '/delete', async (req, res) => {\n            const authData = getFromMapOrThrow(authDataByRequest, req);\n            const docDataMatcherWrite = getDocAllowedMatcher(this, ensureNotFalsy(authData));\n\n            let ids: string[] = req.body;\n            while (ids.length > 0) {\n                const useIds = ids.slice(0);\n                ids = [];\n                const promises: Promise<any>[] = [];\n                const docsMap = await this.collection.findByIds(useIds).exec();\n                for (const id of useIds) {\n                    const doc = docsMap.get(id);\n                    if (doc) {\n                        const isAllowedDoc = docDataMatcherWrite(doc.toJSON(true) as any);\n                        if (!isAllowedDoc) {\n                            closeConnection(res, 403, 'Forbidden');\n                            return;\n                        }\n\n                        const isAllowedChange = this.changeValidator(authData, {\n                            newDocumentState: doc.toJSON(true) as any,\n                            assumedMasterState: doc.toJSON(true) as any\n                        });\n                        if (!isAllowedChange) {\n                            closeConnection(res, 403, 'Forbidden');\n                            return;\n                        }\n\n                        promises.push(doc.remove().catch((err: RxError) => {\n                            if (err.rxdb && err.code === 'CONFLICT') {\n                                // just retry on conflicts\n                                ids.push(id);\n                            } else {\n                                closeConnection(res, 500, 'Internal Server Error');\n                                throw err;\n                            }\n                        }));\n                    }\n                }\n                await Promise.all(promises);\n            }\n            res.setHeader('Content-Type', 'application/json');\n            res.json({});\n        });\n    }\n}\n"],"mappings":"AAAA,SAIIA,mBAAmB,QAChB,mBAAmB;AAO1B,SAASC,MAAM,EAAEC,QAAQ,QAAQ,MAAM;AACvC,SACIC,cAAc,EACdC,iBAAiB,QACd,oBAAoB;AAE3B,SACIC,iBAAiB,EACjBC,yBAAyB,EACzBC,eAAe,EACfC,2BAA2B,EAC3BC,6BAA6B,EAC7BC,oBAAoB,EACpBC,2BAA2B,EAC3BC,OAAO,EACPC,eAAe,QACZ,aAAa;AAGpB,OAAO,IAAMC,UAAU,GAAG,CACtB,OAAO,EACP,eAAe,EACf,KAAK,EACL,KAAK,EACL;;AAEA;AACA;AACJ;AACA;AACA;AACA,EAJI,CAKM;AAGV,WAAaC,oBAAoB,GAK7B,SAAAA,qBACoBC,MAA0B,EAC1BC,IAAY,EACZC,UAAmC,EACnDC,aAAyD,EACzDC,eAA6D,EAC7CC,gBAA0B,EAC1BC,IAAa,EAC/B;EAAA,IAAAC,KAAA;EAAA,KAZOC,IAAI,GAAG,MAAM;EAAA,KAKFR,MAA0B,GAA1BA,MAA0B;EAAA,KAC1BC,IAAY,GAAZA,IAAY;EAAA,KACZC,UAAmC,GAAnCA,UAAmC;EAAA,KAGnCG,gBAA0B,GAA1BA,gBAA0B;EAAA,KAC1BC,IAAa,GAAbA,IAAa;EAE7BV,OAAO,CAAC,IAAI,CAACI,MAAM,EAAE,CAAC,IAAI,CAACC,IAAI,CAAC,CAACQ,IAAI,CAAC,GAAG,CAAC,EAAEH,IAAI,CAAC;EACjDhB,yBAAyB,CAAC,IAAI,CAACU,MAAM,EAAE,CAAC,IAAI,CAACC,IAAI,CAAC,CAACQ,IAAI,CAAC,GAAG,CAAC,EAAEP,UAAU,CAACQ,MAAM,CAACC,OAAO,CAAC;EAExF,IAAI,CAACC,OAAO,GAAG,CAAC,IAAI,CAACX,IAAI,EAAEC,UAAU,CAACQ,MAAM,CAACC,OAAO,CAAC,CAACF,IAAI,CAAC,GAAG,CAAC;EAC/D,IAAMI,WAAW,GAAG,IAAI,CAACX,UAAU,CAACQ,MAAM,CAACG,WAAW;EACtD,IAAMC,iBAAiB,GAAGzB,iBAAiB,CACvC,IAAI,CAACW,MAAM,EACX,IAAI,CAACY,OACT,CAAC;EAED,IAAI,CAACT,aAAa,GAAG,CAACY,QAAQ,EAAEC,KAAK,KAAK;IACtC,IAAIvB,6BAA6B,CAACuB,KAAK,CAACC,QAAQ,CAAC,EAAE;MAC/C,MAAM,IAAIC,KAAK,CAAC,mDAAmD,CAAC;IACxE;IACA,OAAOf,aAAa,CAACY,QAAQ,EAAEC,KAAK,CAAC;EACzC,CAAC;EACD,IAAI,CAACZ,eAAe,GAAG,CAACW,QAAQ,EAAEI,MAAM,KAAK;IACzC,IAEQA,MAAM,CAACC,kBAAkB,IACzB5B,2BAA2B,CAACa,gBAAgB,EAAEc,MAAM,CAACC,kBAAkB,CAAC,IAE5E5B,2BAA2B,CAACa,gBAAgB,EAAEc,MAAM,CAACE,gBAAgB,CAAC,EACxE;MACE,OAAO,KAAK;IAChB;IACA,OAAOjB,eAAe,CAACW,QAAQ,EAAEI,MAAM,CAAC;EAC5C,CAAC;EACD,IAAMG,sBAAsB,GAAG3B,2BAA2B,CAAC,IAAI,CAACU,gBAAgB,CAAC;EAEjF,IAAI,CAACL,MAAM,CAACuB,UAAU,CAACC,IAAI,CAAC,GAAG,GAAG,IAAI,CAACZ,OAAO,GAAG,QAAQ,EAAE,OAAOa,GAAG,EAAEC,GAAG,KAAK;IAC3E,IAAMX,QAAQ,GAAG3B,iBAAiB,CAAC0B,iBAAiB,EAAEW,GAAG,CAAC;IAC1D,IAAIE,QAAqC;IACzC,IAAI;MACAA,QAAQ,GAAG,IAAI,CAACxB,aAAa,CACzBhB,cAAc,CAAC4B,QAAQ,CAAC,EACxB/B,mBAAmB,CACf,IAAI,CAACkB,UAAU,CAACQ,MAAM,CAACkB,UAAU,EACjCH,GAAG,CAACI,IACR,CACJ,CAAC;IACL,CAAC,CAAC,OAAOC,GAAG,EAAE;MACVvC,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,aAAa,CAAC;MACxC;IACJ;IACA,IAAMK,OAAO,GAAG,IAAI,CAAC7B,UAAU,CAAC8B,IAAI,CAACL,QAAe,CAAC;IACrD,IAAMM,MAAM,GAAG,MAAMF,OAAO,CAACG,IAAI,CAAC,CAAC;IACnCR,GAAG,CAACS,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;IACjDT,GAAG,CAACU,IAAI,CAAC;MACLC,SAAS,EAAEJ,MAAM,CAACK,GAAG,CAACC,CAAC,IAAIjB,sBAAsB,CAACiB,CAAC,CAACC,MAAM,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC;EACN,CAAC,CAAC;;EAEF;AACR;AACA;AACA;AACA;EACQ,IAAI,CAACxC,MAAM,CAACuB,UAAU,CAACkB,GAAG,CAAC,GAAG,GAAG,IAAI,CAAC7B,OAAO,GAAG,gBAAgB,EAAE,OAAOa,GAAG,EAAEC,GAAG,KAAK;IAClF,IAAIX,QAAQ,GAAG3B,iBAAiB,CAAC0B,iBAAiB,EAAEW,GAAG,CAAC;IACxD5B,eAAe,CAAC6B,GAAG,CAAC;IAEpB,IAAMC,QAAqC,GAAG,IAAI,CAACxB,aAAa,CAC5DhB,cAAc,CAAC4B,QAAQ,CAAC,EACxB/B,mBAAmB,CACf,IAAI,CAACkB,UAAU,CAACQ,MAAM,CAACkB,UAAU,EACjCc,IAAI,CAACC,KAAK,CAACC,IAAI,CAACnB,GAAG,CAACT,KAAK,CAACA,KAAe,CAAC,CAC9C,CACJ,CAAC;IAED,IAAMe,OAAO,GAAG,IAAI,CAAC7B,UAAU,CAAC8B,IAAI,CAACL,QAAe,CAAC;IACrD,IAAMkB,YAAY,GAAGd,OAAO,CAACe,CAAC,CAACC,IAAI,CAC/B7D,QAAQ,CAAC,MAAO+C,MAAM,IAAK;MACvB,IAAMe,UAAU,GAAGf,MAAM,CAACK,GAAG,CAACW,GAAG,IAAI3B,sBAAsB,CAAC2B,GAAG,CAACT,MAAM,CAAC,CAAC,CAAC,CAAC;;MAE1E;AACpB;AACA;AACA;AACA;MACoB,IAAI;QACAzB,QAAQ,GAAG,MAAMf,MAAM,CAACkD,WAAW,CAACzB,GAAG,CAAC0B,OAAO,CAAC;MACpD,CAAC,CAAC,OAAOrB,GAAG,EAAE;QACVvC,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,cAAc,CAAC;QACzC,OAAO,IAAI;MACf;MAEA,OAAOsB,UAAU;IACrB,CAAC,CAAC,EACF/D,MAAM,CAACmE,CAAC,IAAIA,CAAC,KAAK,IAAI,CAC1B,CAAC,CAACC,SAAS,CAACL,UAAU,IAAI;MACtBtB,GAAG,CAAC4B,KAAK,CAAC,QAAQ,GAAGZ,IAAI,CAACa,SAAS,CAACP,UAAU,CAAC,GAAG,MAAM,CAAC;IAC7D,CAAC,CAAC;;IAEF;AACZ;AACA;IACYvB,GAAG,CAAC+B,EAAE,CAAC,OAAO,EAAE,MAAM;MAClBX,YAAY,CAACY,WAAW,CAAC,CAAC;MAC1B/B,GAAG,CAACgC,GAAG,CAAC,CAAC;IACb,CAAC,CAAC;EACN,CAAC,CAAC;EAGF,IAAI,CAAC1D,MAAM,CAACuB,UAAU,CAACC,IAAI,CAAC,GAAG,GAAG,IAAI,CAACZ,OAAO,GAAG,MAAM,EAAE,OAAOa,GAAG,EAAEC,GAAG,KAAK;IACzE,IAAMX,QAAQ,GAAG3B,iBAAiB,CAAC0B,iBAAiB,EAAEW,GAAG,CAAC;IAC1D,IAAMkC,GAAa,GAAGlC,GAAG,CAACI,IAAI;IAE9B,IAAME,OAAO,GAAG,IAAI,CAAC7B,UAAU,CAAC0D,SAAS,CAACD,GAAG,CAAC;IAC9C,IAAME,SAAS,GAAG,MAAM9B,OAAO,CAACG,IAAI,CAAC,CAAC;IACtC,IAAM4B,YAAY,GAAGC,KAAK,CAACC,IAAI,CAACH,SAAS,CAACI,MAAM,CAAC,CAAC,CAAC;IACnD,IAAMC,UAAU,GAAGxE,oBAAoB,CAAC,IAAI,EAAEP,cAAc,CAAC4B,QAAQ,CAAC,CAAC;IACvE,IAAIoD,OAAO,GAAGL,YAAY,CAACxB,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,MAAM,CAAC,CAAC,CAAC;IAC/C2B,OAAO,GAAGA,OAAO,CAAClF,MAAM,CAACsD,CAAC,IAAI2B,UAAU,CAAC3B,CAAQ,CAAC,CAAC;IACnD4B,OAAO,GAAGA,OAAO,CAAC7B,GAAG,CAACC,CAAC,IAAIjB,sBAAsB,CAACiB,CAAC,CAAC,CAAC;IAErDb,GAAG,CAACS,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;IACjDT,GAAG,CAACU,IAAI,CAAC;MACLC,SAAS,EAAE8B;IACf,CAAC,CAAC;EACN,CAAC,CAAC;EAEF,IAAI,CAACnE,MAAM,CAACuB,UAAU,CAACC,IAAI,CAAC,GAAG,GAAG,IAAI,CAACZ,OAAO,GAAG,MAAM,EAAE,OAAOa,GAAG,EAAEC,GAAG,KAAK;IACzE,IAAMX,QAAQ,GAAG3B,iBAAiB,CAAC0B,iBAAiB,EAAEW,GAAG,CAAC;IAC1D,IAAM2C,mBAAmB,GAAG1E,oBAAoB,CAAC,IAAI,EAAEP,cAAc,CAAC4B,QAAQ,CAAC,CAAC;IAEhF,IAAIsD,QAAqB,GAAG5C,GAAG,CAACI,IAAI;IAEpC,KAAK,IAAMyC,OAAO,IAAID,QAAQ,EAAE;MAC5B,IAAME,OAAO,GAAGH,mBAAmB,CAACE,OAAc,CAAC;MACnD,IAAI,CAACC,OAAO,EAAE;QACVhF,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,WAAW,CAAC;QACtC;MACJ;IACJ;IAEA,SAAS8C,YAAYA,CAAC1C,GAAY,EAAEwC,OAAkB,EAAE;MACpD,IAAIxC,GAAG,CAAC2C,IAAI,IAAI3C,GAAG,CAAC4C,IAAI,KAAK,UAAU,EAAE;QACrC;QACAL,QAAQ,CAACM,IAAI,CAACL,OAAO,CAAC;MAC1B,CAAC,MAAM;QACH/E,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,uBAAuB,CAAC;QAClD,MAAMI,GAAG;MACb;IACJ;IAEA,OAAOuC,QAAQ,CAACO,MAAM,GAAG,CAAC,EAAE;MACxB,IAAMC,QAAwB,GAAG,EAAE;MACnC,IAAMC,IAAI,GAAG,MAAM5E,UAAU,CAAC0D,SAAS,CAACS,QAAQ,CAAC/B,GAAG,CAACC,CAAC,IAAKA,CAAC,CAAS1B,WAAW,CAAC,CAAC,CAAC,CAACqB,IAAI,CAAC,CAAC;MAC1F,IAAI6C,WAAW,GAAGV,QAAQ,CAACW,KAAK,CAAC,CAAC;MAClCX,QAAQ,GAAG,EAAE;MAAC,IAAAY,KAAA,kBAAAA,CAAAC,QAAA,EACqB;UAC/B,IAAMC,EAAE,GAAIb,QAAO,CAASzD,WAAW,CAAC;UACxC,IAAMoC,GAAG,GAAG6B,IAAI,CAACrC,GAAG,CAAC0C,EAAE,CAAC;UACxB,IAAI,CAAClC,GAAG,EAAE;YACN4B,QAAQ,CAACF,IAAI,CAACpE,KAAI,CAACL,UAAU,CAACkF,MAAM,CAACd,QAAO,CAAC,CAACe,KAAK,CAACvD,GAAG,IAAI0C,YAAY,CAAC1C,GAAG,EAAEwC,QAAO,CAAC,CAAC,CAAC;UAC3F,CAAC,MAAM;YACH,IAAMgB,SAAS,GAAG/E,KAAI,CAACH,eAAe,CAACW,QAAQ,EAAE;cAC7CM,gBAAgB,EAAEC,sBAAsB,CAACgD,QAAc,CAAC;cACxDlD,kBAAkB,EAAEE,sBAAsB,CAAC2B,GAAG,CAACT,MAAM,CAAC,IAAI,CAAC;YAC/D,CAAC,CAAC;YACF,IAAI,CAAC8C,SAAS,EAAE;cACZ/F,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,WAAW,CAAC;cAAC;gBAAA6D,CAAA;cAAA;YAE3C;YACAV,QAAQ,CAACF,IAAI,CAAC1B,GAAG,CAACuC,KAAK,CAAClB,QAAO,CAAC,CAACe,KAAK,CAACvD,GAAG,IAAI0C,YAAY,CAAC1C,GAAG,EAAEwC,QAAO,CAAC,CAAC,CAAC;UAC9E;QACJ,CAAC;QAAAmB,IAAA;MAhBD,KAAK,IAAMnB,QAAO,IAAIS,WAAW;QAAAU,IAAA,SAAAR,KAAA,CAAAC,QAAA;QAAA,IAAAO,IAAA,SAAAA,IAAA,CAAAF,CAAA;MAAA;MAiBjC,MAAMG,OAAO,CAACC,GAAG,CAACd,QAAQ,CAAC;IAC/B;IAEAnD,GAAG,CAACS,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;IACjDT,GAAG,CAACU,IAAI,CAAC,CACT,CAAC,CAAC;EACN,CAAC,CAAC;EAEF,IAAI,CAACpC,MAAM,CAACuB,UAAU,CAACC,IAAI,CAAC,GAAG,GAAG,IAAI,CAACZ,OAAO,GAAG,SAAS,EAAE,OAAOa,GAAG,EAAEC,GAAG,KAAK;IAC5E,IAAMX,QAAQ,GAAG3B,iBAAiB,CAAC0B,iBAAiB,EAAEW,GAAG,CAAC;IAC1D,IAAM2C,mBAAmB,GAAG1E,oBAAoB,CAAC,IAAI,EAAEP,cAAc,CAAC4B,QAAQ,CAAC,CAAC;IAEhF,IAAI4C,GAAa,GAAGlC,GAAG,CAACI,IAAI;IAC5B,OAAO8B,GAAG,CAACiB,MAAM,GAAG,CAAC,EAAE;MACnB,IAAMgB,MAAM,GAAGjC,GAAG,CAACqB,KAAK,CAAC,CAAC,CAAC;MAC3BrB,GAAG,GAAG,EAAE;MACR,IAAMkB,QAAwB,GAAG,EAAE;MACnC,IAAMgB,OAAO,GAAG,MAAM,IAAI,CAAC3F,UAAU,CAAC0D,SAAS,CAACgC,MAAM,CAAC,CAAC1D,IAAI,CAAC,CAAC;MAAC,IAAA4D,MAAA,kBAAAA,CAAAX,EAAA,EACtC;UACrB,IAAMlC,GAAG,GAAG4C,OAAO,CAACpD,GAAG,CAAC0C,EAAE,CAAC;UAC3B,IAAIlC,GAAG,EAAE;YACL,IAAM8C,YAAY,GAAG3B,mBAAmB,CAACnB,GAAG,CAACT,MAAM,CAAC,IAAI,CAAQ,CAAC;YACjE,IAAI,CAACuD,YAAY,EAAE;cACfxG,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,WAAW,CAAC;cAAC;gBAAA6D,CAAA;cAAA;YAE3C;YAEA,IAAMS,eAAe,GAAGzF,KAAI,CAACH,eAAe,CAACW,QAAQ,EAAE;cACnDM,gBAAgB,EAAE4B,GAAG,CAACT,MAAM,CAAC,IAAI,CAAQ;cACzCpB,kBAAkB,EAAE6B,GAAG,CAACT,MAAM,CAAC,IAAI;YACvC,CAAC,CAAC;YACF,IAAI,CAACwD,eAAe,EAAE;cAClBzG,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,WAAW,CAAC;cAAC;gBAAA6D,CAAA;cAAA;YAE3C;YAEAV,QAAQ,CAACF,IAAI,CAAC1B,GAAG,CAACgD,MAAM,CAAC,CAAC,CAACZ,KAAK,CAAEvD,GAAY,IAAK;cAC/C,IAAIA,GAAG,CAAC2C,IAAI,IAAI3C,GAAG,CAAC4C,IAAI,KAAK,UAAU,EAAE;gBACrC;gBACAf,GAAG,CAACgB,IAAI,CAACQ,EAAE,CAAC;cAChB,CAAC,MAAM;gBACH5F,eAAe,CAACmC,GAAG,EAAE,GAAG,EAAE,uBAAuB,CAAC;gBAClD,MAAMI,GAAG;cACb;YACJ,CAAC,CAAC,CAAC;UACP;QACJ,CAAC;QAAAoE,KAAA;MA5BD,KAAK,IAAMf,EAAE,IAAIS,MAAM;QAAAM,KAAA,SAAAJ,MAAA,CAAAX,EAAA;QAAA,IAAAe,KAAA,SAAAA,KAAA,CAAAX,CAAA;MAAA;MA6BvB,MAAMG,OAAO,CAACC,GAAG,CAACd,QAAQ,CAAC;IAC/B;IACAnD,GAAG,CAACS,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC;IACjDT,GAAG,CAACU,IAAI,CAAC,CAAC,CAAC,CAAC;EAChB,CAAC,CAAC;AACN,CAAC"}

package/dist/esm/plugins/server/helper.js

@@ -0,0 +1,157 @@
+import expressCors from 'cors';
+import { flatClone, getQueryMatcher, normalizeMangoQuery, uniqueArray } from 'rxdb/plugins/core';
+export function setCors(server, path, cors) {
+  var useCors = cors;
+  if (!useCors) {
+    useCors = server.cors;
+  }
+  if (useCors) {
+    server.expressApp.options('/' + path + '/*', expressCors({
+      origin: useCors,
+      // some legacy browsers (IE11, various SmartTVs) choke on 204
+      optionsSuccessStatus: 200
+    }));
+  }
+}
+
+/**
+ * "block" the previous version urls and send a 426 on them so that
+ * the clients know they must update.
+ */
+export function blockPreviousVersionPaths(server, path, currentVersion) {
+  var v = 0;
+  var _loop = function () {
+    var version = v;
+    server.expressApp.all('/' + path + '/' + version + '/*', (req, res) => {
+      closeConnection(res, 426, 'Outdated version ' + version + ' (newest is ' + currentVersion + ')');
+    });
+    v++;
+  };
+  while (v < currentVersion) {
+    _loop();
+  }
+}
+export async function closeConnection(response, code, message) {
+  var responseWrite = {
+    code,
+    error: true,
+    message
+  };
+  response.statusCode = code;
+  response.set("Connection", "close");
+  await response.write(JSON.stringify(responseWrite));
+  response.end();
+}
+export function addAuthMiddleware(server, path) {
+  var authDataByRequest = new WeakMap();
+  async function auth(req, res, next) {
+    try {
+      var authData = await server.authHandler(req.headers);
+      authDataByRequest.set(req, authData);
+      next();
+    } catch (err) {
+      closeConnection(res, 401, 'Unauthorized');
+      return;
+    }
+  }
+  server.expressApp.all('/' + path + '/*', auth, function (req, res, next) {
+    next();
+  });
+  return authDataByRequest;
+}
+var defaultMatchingQuery = {
+  selector: {},
+  skip: 0,
+  sort: []
+};
+export function getDocAllowedMatcher(endpoint, authData) {
+  var useQuery = endpoint.queryModifier ? endpoint.queryModifier(authData, normalizeMangoQuery(endpoint.collection.schema.jsonSchema, {})) : defaultMatchingQuery;
+  var docDataMatcher = getQueryMatcher(endpoint.collection.schema.jsonSchema, useQuery);
+  return docDataMatcher;
+}
+export function writeSSEHeaders(res) {
+  res.writeHead(200, {
+    /**
+     * Use exact these headers to make is less likely
+     * for people to have problems.
+     * @link https://www.youtube.com/watch?v=0PcMuYGJPzM
+     */
+    'Content-Type': 'text/event-stream; charset=utf-8',
+    'Connection': 'keep-alive',
+    'Cache-Control': 'no-cache',
+    /**
+     * Required for nginx
+     * @link https://stackoverflow.com/q/61029079/3443137
+     */
+    'X-Accel-Buffering': 'no'
+  });
+  res.flushHeaders();
+}
+export function docContainsServerOnlyFields(serverOnlyFields, doc) {
+  var has = serverOnlyFields.find(field => {
+    return typeof doc[field] !== 'undefined';
+  });
+  return has;
+}
+export function removeServerOnlyFieldsMonad(serverOnlyFields) {
+  var serverOnlyFieldsStencil = {
+    _meta: undefined,
+    _rev: undefined,
+    _attachments: undefined
+  };
+  serverOnlyFields.forEach(field => serverOnlyFieldsStencil[field] = undefined);
+  return docData => {
+    if (!docData) {
+      return docData;
+    }
+    return Object.assign({}, docData, serverOnlyFieldsStencil);
+  };
+}
+export function mergeServerDocumentFieldsMonad(serverOnlyFields) {
+  var useFields = serverOnlyFields.slice(0);
+  // useFields.push('_rev');
+  // useFields.push('_meta');
+  // useFields.push('_attachments');
+  useFields = uniqueArray(useFields);
+  return (clientDoc, serverDoc) => {
+    if (!serverDoc) {
+      return clientDoc;
+    }
+    var ret = flatClone(clientDoc);
+    useFields.forEach(field => {
+      ret[field] = serverDoc[field];
+    });
+    return ret;
+  };
+}
+
+/**
+ * $regex queries are dangerous because they can dos-attach the 
+ * 
+ * @param selector 
+ */
+export function doesContainRegexQuerySelector(selector) {
+  if (!selector) {
+    return false;
+  }
+  if (Array.isArray(selector)) {
+    var found = !!selector.find(item => doesContainRegexQuerySelector(item));
+    return found;
+  }
+  if (typeof selector !== 'object') {
+    return false;
+  }
+  var entries = Object.entries(selector);
+  for (var [key, value] of entries) {
+    if (key === '$regex') {
+      return true;
+    } else {
+      var has = doesContainRegexQuerySelector(value);
+      if (has) {
+        return true;
+      }
+    }
+  }
+  return false;
+}
+//# sourceMappingURL=helper.js.map

package/dist/esm/plugins/server/helper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"helper.js","names":["expressCors","flatClone","getQueryMatcher","normalizeMangoQuery","uniqueArray","setCors","server","path","cors","useCors","expressApp","options","origin","optionsSuccessStatus","blockPreviousVersionPaths","currentVersion","v","_loop","version","all","req","res","closeConnection","response","code","message","responseWrite","error","statusCode","set","write","JSON","stringify","end","addAuthMiddleware","authDataByRequest","WeakMap","auth","next","authData","authHandler","headers","err","defaultMatchingQuery","selector","skip","sort","getDocAllowedMatcher","endpoint","useQuery","queryModifier","collection","schema","jsonSchema","docDataMatcher","writeSSEHeaders","writeHead","flushHeaders","docContainsServerOnlyFields","serverOnlyFields","doc","has","find","field","removeServerOnlyFieldsMonad","serverOnlyFieldsStencil","_meta","undefined","_rev","_attachments","forEach","docData","Object","assign","mergeServerDocumentFieldsMonad","useFields","slice","clientDoc","serverDoc","ret","doesContainRegexQuerySelector","Array","isArray","found","item","entries","key","value"],"sources":["../../../../src/plugins/server/helper.ts"],"sourcesContent":["import { RxServer } from './rx-server';\nimport expressCors from 'cors';\nimport type {\n    Request,\n    Response,\n    NextFunction\n} from 'express';\nimport { RxServerAuthData, RxServerEndpoint } from './types';\nimport {\n    FilledMangoQuery,\n    MangoQuerySelector,\n    RxDocumentData,\n    RxReplicationWriteToMasterRow,\n    flatClone,\n    getQueryMatcher,\n    normalizeMangoQuery,\n    uniqueArray\n} from 'rxdb/plugins/core';\n\nexport function setCors(\n    server: RxServer<any>,\n    path: string,\n    cors?: string\n) {\n    let useCors = cors;\n    if (!useCors) {\n        useCors = server.cors;\n    }\n    if (useCors) {\n        server.expressApp.options('/' + path + '/*', expressCors({\n            origin: useCors,\n            // some legacy browsers (IE11, various SmartTVs) choke on 204\n            optionsSuccessStatus: 200\n        }));\n    }\n}\n\n/**\n * \"block\" the previous version urls and send a 426 on them so that\n * the clients know they must update.\n */\nexport function blockPreviousVersionPaths(\n    server: RxServer<any>,\n    path: string,\n    currentVersion: number\n\n) {\n    let v = 0;\n    while (v < currentVersion) {\n        const version = v;\n        server.expressApp.all('/' + path + '/' + version + '/*', (req, res) => {\n            closeConnection(res, 426, 'Outdated version ' + version + ' (newest is ' + currentVersion + ')');\n        });\n        v++;\n    }\n}\n\n\nexport async function closeConnection(response: Response, code: number, message: string) {\n    const responseWrite = {\n        code,\n        error: true,\n        message\n    };\n    response.statusCode = code;\n    response.set(\"Connection\", \"close\");\n    await response.write(JSON.stringify(responseWrite));\n    response.end();\n}\n\n\nexport function addAuthMiddleware<AuthType>(\n    server: RxServer<AuthType>,\n    path: string,\n): WeakMap<Request, RxServerAuthData<AuthType>> {\n    const authDataByRequest = new WeakMap<Request, RxServerAuthData<AuthType>>();\n    async function auth(req: Request, res: Response, next: NextFunction) {\n        try {\n            const authData = await server.authHandler(req.headers);\n            authDataByRequest.set(req, authData);\n            next();\n        } catch (err) {\n            closeConnection(res, 401, 'Unauthorized');\n            return;\n        }\n    }\n    server.expressApp.all('/' + path + '/*', auth, function (req, res, next) {\n        next();\n    });\n    return authDataByRequest;\n}\n\nconst defaultMatchingQuery: FilledMangoQuery<any> = {\n    selector: {},\n    skip: 0,\n    sort: []\n} as const;\n\nexport function getDocAllowedMatcher<RxDocType, AuthType>(\n    endpoint: RxServerEndpoint<AuthType, RxDocType>,\n    authData: RxServerAuthData<AuthType>\n) {\n    const useQuery: FilledMangoQuery<RxDocType> = endpoint.queryModifier ? endpoint.queryModifier(\n        authData,\n        normalizeMangoQuery(\n            endpoint.collection.schema.jsonSchema,\n            {}\n        )\n    ) : defaultMatchingQuery;\n    const docDataMatcher = getQueryMatcher(endpoint.collection.schema.jsonSchema, useQuery);\n    return docDataMatcher;\n}\n\nexport function writeSSEHeaders(res: Response) {\n    res.writeHead(200, {\n        /**\n         * Use exact these headers to make is less likely\n         * for people to have problems.\n         * @link https://www.youtube.com/watch?v=0PcMuYGJPzM\n         */\n        'Content-Type': 'text/event-stream; charset=utf-8',\n        'Connection': 'keep-alive',\n        'Cache-Control': 'no-cache',\n        /**\n         * Required for nginx\n         * @link https://stackoverflow.com/q/61029079/3443137\n         */\n        'X-Accel-Buffering': 'no'\n    });\n    res.flushHeaders();\n}\n\nexport function docContainsServerOnlyFields(\n    serverOnlyFields: string[],\n    doc: any\n) {\n    const has = serverOnlyFields.find(field => {\n        return typeof doc[field] !== 'undefined'\n    });\n    return has;\n}\n\nexport function removeServerOnlyFieldsMonad<RxDocType>(serverOnlyFields: string[]) {\n    const serverOnlyFieldsStencil: any = {\n        _meta: undefined,\n        _rev: undefined,\n        _attachments: undefined\n    };\n    serverOnlyFields.forEach(field => serverOnlyFieldsStencil[field] = undefined);\n    return (\n        docData?: RxDocType | RxDocumentData<RxDocType>\n    ) => {\n        if (!docData) {\n            return docData;\n        }\n        return Object.assign({}, docData, serverOnlyFieldsStencil);\n    }\n}\n\nexport function mergeServerDocumentFieldsMonad<RxDocType>(serverOnlyFields: string[]) {\n    let useFields = serverOnlyFields.slice(0);\n    // useFields.push('_rev');\n    // useFields.push('_meta');\n    // useFields.push('_attachments');\n    useFields = uniqueArray(useFields);\n\n    return (\n        clientDoc: RxDocType | RxDocumentData<RxDocType>,\n        serverDoc?: RxDocType | RxDocumentData<RxDocType>\n    ) => {\n        if (!serverDoc) {\n            return clientDoc;\n        }\n        const ret = flatClone(clientDoc);\n        useFields.forEach(field => {\n            (ret as any)[field] = (serverDoc as any)[field];\n        });\n        return ret;\n    }\n}\n\n\n/**\n * $regex queries are dangerous because they can dos-attach the \n * \n * @param selector \n */\nexport function doesContainRegexQuerySelector(selector: MangoQuerySelector<any> | any): boolean {\n    if (!selector) {\n        return false;\n    }\n    if (Array.isArray(selector)) {\n        const found = !!selector.find(item => doesContainRegexQuerySelector(item));\n        return found;\n    }\n\n    if (typeof selector !== 'object') {\n        return false;\n    }\n\n    const entries = Object.entries(selector);\n    for (const [key, value] of entries) {\n        if (key === '$regex') {\n            return true;\n        } else {\n            const has = doesContainRegexQuerySelector(value);\n            if (has) {\n                return true;\n            }\n        }\n    }\n\n    return false;\n}\n"],"mappings":"AACA,OAAOA,WAAW,MAAM,MAAM;AAO9B,SAKIC,SAAS,EACTC,eAAe,EACfC,mBAAmB,EACnBC,WAAW,QACR,mBAAmB;AAE1B,OAAO,SAASC,OAAOA,CACnBC,MAAqB,EACrBC,IAAY,EACZC,IAAa,EACf;EACE,IAAIC,OAAO,GAAGD,IAAI;EAClB,IAAI,CAACC,OAAO,EAAE;IACVA,OAAO,GAAGH,MAAM,CAACE,IAAI;EACzB;EACA,IAAIC,OAAO,EAAE;IACTH,MAAM,CAACI,UAAU,CAACC,OAAO,CAAC,GAAG,GAAGJ,IAAI,GAAG,IAAI,EAAEP,WAAW,CAAC;MACrDY,MAAM,EAAEH,OAAO;MACf;MACAI,oBAAoB,EAAE;IAC1B,CAAC,CAAC,CAAC;EACP;AACJ;;AAEA;AACA;AACA;AACA;AACA,OAAO,SAASC,yBAAyBA,CACrCR,MAAqB,EACrBC,IAAY,EACZQ,cAAsB,EAExB;EACE,IAAIC,CAAC,GAAG,CAAC;EAAC,IAAAC,KAAA,YAAAA,CAAA,EACiB;IACvB,IAAMC,OAAO,GAAGF,CAAC;IACjBV,MAAM,CAACI,UAAU,CAACS,GAAG,CAAC,GAAG,GAAGZ,IAAI,GAAG,GAAG,GAAGW,OAAO,GAAG,IAAI,EAAE,CAACE,GAAG,EAAEC,GAAG,KAAK;MACnEC,eAAe,CAACD,GAAG,EAAE,GAAG,EAAE,mBAAmB,GAAGH,OAAO,GAAG,cAAc,GAAGH,cAAc,GAAG,GAAG,CAAC;IACpG,CAAC,CAAC;IACFC,CAAC,EAAE;EACP,CAAC;EAND,OAAOA,CAAC,GAAGD,cAAc;IAAAE,KAAA;EAAA;AAO7B;AAGA,OAAO,eAAeK,eAAeA,CAACC,QAAkB,EAAEC,IAAY,EAAEC,OAAe,EAAE;EACrF,IAAMC,aAAa,GAAG;IAClBF,IAAI;IACJG,KAAK,EAAE,IAAI;IACXF;EACJ,CAAC;EACDF,QAAQ,CAACK,UAAU,GAAGJ,IAAI;EAC1BD,QAAQ,CAACM,GAAG,CAAC,YAAY,EAAE,OAAO,CAAC;EACnC,MAAMN,QAAQ,CAACO,KAAK,CAACC,IAAI,CAACC,SAAS,CAACN,aAAa,CAAC,CAAC;EACnDH,QAAQ,CAACU,GAAG,CAAC,CAAC;AAClB;AAGA,OAAO,SAASC,iBAAiBA,CAC7B5B,MAA0B,EAC1BC,IAAY,EACgC;EAC5C,IAAM4B,iBAAiB,GAAG,IAAIC,OAAO,CAAsC,CAAC;EAC5E,eAAeC,IAAIA,CAACjB,GAAY,EAAEC,GAAa,EAAEiB,IAAkB,EAAE;IACjE,IAAI;MACA,IAAMC,QAAQ,GAAG,MAAMjC,MAAM,CAACkC,WAAW,CAACpB,GAAG,CAACqB,OAAO,CAAC;MACtDN,iBAAiB,CAACN,GAAG,CAACT,GAAG,EAAEmB,QAAQ,CAAC;MACpCD,IAAI,CAAC,CAAC;IACV,CAAC,CAAC,OAAOI,GAAG,EAAE;MACVpB,eAAe,CAACD,GAAG,EAAE,GAAG,EAAE,cAAc,CAAC;MACzC;IACJ;EACJ;EACAf,MAAM,CAACI,UAAU,CAACS,GAAG,CAAC,GAAG,GAAGZ,IAAI,GAAG,IAAI,EAAE8B,IAAI,EAAE,UAAUjB,GAAG,EAAEC,GAAG,EAAEiB,IAAI,EAAE;IACrEA,IAAI,CAAC,CAAC;EACV,CAAC,CAAC;EACF,OAAOH,iBAAiB;AAC5B;AAEA,IAAMQ,oBAA2C,GAAG;EAChDC,QAAQ,EAAE,CAAC,CAAC;EACZC,IAAI,EAAE,CAAC;EACPC,IAAI,EAAE;AACV,CAAU;AAEV,OAAO,SAASC,oBAAoBA,CAChCC,QAA+C,EAC/CT,QAAoC,EACtC;EACE,IAAMU,QAAqC,GAAGD,QAAQ,CAACE,aAAa,GAAGF,QAAQ,CAACE,aAAa,CACzFX,QAAQ,EACRpC,mBAAmB,CACf6C,QAAQ,CAACG,UAAU,CAACC,MAAM,CAACC,UAAU,EACrC,CAAC,CACL,CACJ,CAAC,GAAGV,oBAAoB;EACxB,IAAMW,cAAc,GAAGpD,eAAe,CAAC8C,QAAQ,CAACG,UAAU,CAACC,MAAM,CAACC,UAAU,EAAEJ,QAAQ,CAAC;EACvF,OAAOK,cAAc;AACzB;AAEA,OAAO,SAASC,eAAeA,CAAClC,GAAa,EAAE;EAC3CA,GAAG,CAACmC,SAAS,CAAC,GAAG,EAAE;IACf;AACR;AACA;AACA;AACA;IACQ,cAAc,EAAE,kCAAkC;IAClD,YAAY,EAAE,YAAY;IAC1B,eAAe,EAAE,UAAU;IAC3B;AACR;AACA;AACA;IACQ,mBAAmB,EAAE;EACzB,CAAC,CAAC;EACFnC,GAAG,CAACoC,YAAY,CAAC,CAAC;AACtB;AAEA,OAAO,SAASC,2BAA2BA,CACvCC,gBAA0B,EAC1BC,GAAQ,EACV;EACE,IAAMC,GAAG,GAAGF,gBAAgB,CAACG,IAAI,CAACC,KAAK,IAAI;IACvC,OAAO,OAAOH,GAAG,CAACG,KAAK,CAAC,KAAK,WAAW;EAC5C,CAAC,CAAC;EACF,OAAOF,GAAG;AACd;AAEA,OAAO,SAASG,2BAA2BA,CAAYL,gBAA0B,EAAE;EAC/E,IAAMM,uBAA4B,GAAG;IACjCC,KAAK,EAAEC,SAAS;IAChBC,IAAI,EAAED,SAAS;IACfE,YAAY,EAAEF;EAClB,CAAC;EACDR,gBAAgB,CAACW,OAAO,CAACP,KAAK,IAAIE,uBAAuB,CAACF,KAAK,CAAC,GAAGI,SAAS,CAAC;EAC7E,OACII,OAA+C,IAC9C;IACD,IAAI,CAACA,OAAO,EAAE;MACV,OAAOA,OAAO;IAClB;IACA,OAAOC,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEF,OAAO,EAAEN,uBAAuB,CAAC;EAC9D,CAAC;AACL;AAEA,OAAO,SAASS,8BAA8BA,CAAYf,gBAA0B,EAAE;EAClF,IAAIgB,SAAS,GAAGhB,gBAAgB,CAACiB,KAAK,CAAC,CAAC,CAAC;EACzC;EACA;EACA;EACAD,SAAS,GAAGvE,WAAW,CAACuE,SAAS,CAAC;EAElC,OAAO,CACHE,SAAgD,EAChDC,SAAiD,KAChD;IACD,IAAI,CAACA,SAAS,EAAE;MACZ,OAAOD,SAAS;IACpB;IACA,IAAME,GAAG,GAAG9E,SAAS,CAAC4E,SAAS,CAAC;IAChCF,SAAS,CAACL,OAAO,CAACP,KAAK,IAAI;MACtBgB,GAAG,CAAShB,KAAK,CAAC,GAAIe,SAAS,CAASf,KAAK,CAAC;IACnD,CAAC,CAAC;IACF,OAAOgB,GAAG;EACd,CAAC;AACL;;AAGA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,6BAA6BA,CAACpC,QAAuC,EAAW;EAC5F,IAAI,CAACA,QAAQ,EAAE;IACX,OAAO,KAAK;EAChB;EACA,IAAIqC,KAAK,CAACC,OAAO,CAACtC,QAAQ,CAAC,EAAE;IACzB,IAAMuC,KAAK,GAAG,CAAC,CAACvC,QAAQ,CAACkB,IAAI,CAACsB,IAAI,IAAIJ,6BAA6B,CAACI,IAAI,CAAC,CAAC;IAC1E,OAAOD,KAAK;EAChB;EAEA,IAAI,OAAOvC,QAAQ,KAAK,QAAQ,EAAE;IAC9B,OAAO,KAAK;EAChB;EAEA,IAAMyC,OAAO,GAAGb,MAAM,CAACa,OAAO,CAACzC,QAAQ,CAAC;EACxC,KAAK,IAAM,CAAC0C,GAAG,EAAEC,KAAK,CAAC,IAAIF,OAAO,EAAE;IAChC,IAAIC,GAAG,KAAK,QAAQ,EAAE;MAClB,OAAO,IAAI;IACf,CAAC,MAAM;MACH,IAAMzB,GAAG,GAAGmB,6BAA6B,CAACO,KAAK,CAAC;MAChD,IAAI1B,GAAG,EAAE;QACL,OAAO,IAAI;MACf;IACJ;EACJ;EAEA,OAAO,KAAK;AAChB"}

package/dist/esm/plugins/server/index.js

@@ -0,0 +1,30 @@
+import { ensureNotFalsy, flatClone } from 'rxdb/plugins/utils';
+import { RxServer } from "./rx-server.js";
+import express from 'express';
+export * from "./types.js";
+export * from "./endpoint-replication.js";
+export * from "./endpoint-rest.js";
+export * from "./helper.js";
+export async function startRxServer(options) {
+  options = flatClone(options);
+  if (!options.serverApp) {
+    var app = express();
+    options.serverApp = app;
+  }
+  options.serverApp.use(express.json());
+  var httpServer = await new Promise((res, rej) => {
+    var hostname = options.hostname ? options.hostname : 'localhost';
+    var ret = ensureNotFalsy(options.serverApp).listen(options.port, hostname, () => {
+      res(ret);
+    });
+  });
+  var authHandler = options.authHandler ? options.authHandler : () => {
+    return {
+      data: {},
+      validUntil: Date.now() * 2
+    };
+  };
+  var server = new RxServer(options.database, authHandler, httpServer, ensureNotFalsy(options.serverApp), options.cors);
+  return server;
+}
+//# sourceMappingURL=index.js.map

package/dist/esm/plugins/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":["ensureNotFalsy","flatClone","RxServer","express","startRxServer","options","serverApp","app","use","json","httpServer","Promise","res","rej","hostname","ret","listen","port","authHandler","data","validUntil","Date","now","server","database","cors"],"sources":["../../../../src/plugins/server/index.ts"],"sourcesContent":["import { ensureNotFalsy, flatClone } from 'rxdb/plugins/utils';\nimport { RxServer } from './rx-server.ts';\nimport { RxServerAuthHandler, RxServerOptions } from './types.ts';\nimport express from 'express';\nimport {\n    Server as HttpServer\n} from 'http';\n\nexport * from './types.ts';\nexport * from './endpoint-replication.ts';\nexport * from './endpoint-rest.ts';\nexport * from './helper.ts';\n\nexport async function startRxServer<AuthType>(options: RxServerOptions<AuthType>): Promise<RxServer<AuthType>> {\n    options = flatClone(options);\n    if (!options.serverApp) {\n        const app = express();\n        options.serverApp = app;\n    }\n\n    options.serverApp.use(express.json());\n\n\n    const httpServer: HttpServer = await new Promise((res, rej) => {\n        const hostname = options.hostname ? options.hostname : 'localhost';\n        const ret = ensureNotFalsy(options.serverApp).listen(options.port, hostname, () => {\n            res(ret);\n        });\n    });\n\n    const authHandler: RxServerAuthHandler<AuthType> = options.authHandler ? options.authHandler : () => {\n        return {\n            data: {} as any,\n            validUntil: Date.now() * 2\n        };\n    };\n\n    const server = new RxServer<AuthType>(\n        options.database,\n        authHandler,\n        httpServer,\n        ensureNotFalsy(options.serverApp),\n        options.cors\n    );\n\n    return server;\n}\n"],"mappings":"AAAA,SAASA,cAAc,EAAEC,SAAS,QAAQ,oBAAoB;AAC9D,SAASC,QAAQ,QAAQ,gBAAgB;AAEzC,OAAOC,OAAO,MAAM,SAAS;AAK7B,cAAc,YAAY;AAC1B,cAAc,2BAA2B;AACzC,cAAc,oBAAoB;AAClC,cAAc,aAAa;AAE3B,OAAO,eAAeC,aAAaA,CAAWC,OAAkC,EAA+B;EAC3GA,OAAO,GAAGJ,SAAS,CAACI,OAAO,CAAC;EAC5B,IAAI,CAACA,OAAO,CAACC,SAAS,EAAE;IACpB,IAAMC,GAAG,GAAGJ,OAAO,CAAC,CAAC;IACrBE,OAAO,CAACC,SAAS,GAAGC,GAAG;EAC3B;EAEAF,OAAO,CAACC,SAAS,CAACE,GAAG,CAACL,OAAO,CAACM,IAAI,CAAC,CAAC,CAAC;EAGrC,IAAMC,UAAsB,GAAG,MAAM,IAAIC,OAAO,CAAC,CAACC,GAAG,EAAEC,GAAG,KAAK;IAC3D,IAAMC,QAAQ,GAAGT,OAAO,CAACS,QAAQ,GAAGT,OAAO,CAACS,QAAQ,GAAG,WAAW;IAClE,IAAMC,GAAG,GAAGf,cAAc,CAACK,OAAO,CAACC,SAAS,CAAC,CAACU,MAAM,CAACX,OAAO,CAACY,IAAI,EAAEH,QAAQ,EAAE,MAAM;MAC/EF,GAAG,CAACG,GAAG,CAAC;IACZ,CAAC,CAAC;EACN,CAAC,CAAC;EAEF,IAAMG,WAA0C,GAAGb,OAAO,CAACa,WAAW,GAAGb,OAAO,CAACa,WAAW,GAAG,MAAM;IACjG,OAAO;MACHC,IAAI,EAAE,CAAC,CAAQ;MACfC,UAAU,EAAEC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG;IAC7B,CAAC;EACL,CAAC;EAED,IAAMC,MAAM,GAAG,IAAIrB,QAAQ,CACvBG,OAAO,CAACmB,QAAQ,EAChBN,WAAW,EACXR,UAAU,EACVV,cAAc,CAACK,OAAO,CAACC,SAAS,CAAC,EACjCD,OAAO,CAACoB,IACZ,CAAC;EAED,OAAOF,MAAM;AACjB"}

package/dist/esm/plugins/server/rx-server.js

@@ -0,0 +1,45 @@
+import { RxServerReplicationEndpoint } from "./endpoint-replication.js";
+import { RxServerRestEndpoint } from "./endpoint-rest.js";
+export var RxServer = /*#__PURE__*/function () {
+  function RxServer(database, authHandler, httpServer, expressApp, cors = '*') {
+    this.endpoints = [];
+    this.closeFn = (() => this.close()).bind(this);
+    this.database = database;
+    this.authHandler = authHandler;
+    this.httpServer = httpServer;
+    this.expressApp = expressApp;
+    this.cors = cors;
+    database.onDestroy.push(this.closeFn);
+  }
+  var _proto = RxServer.prototype;
+  _proto.addReplicationEndpoint = async function addReplicationEndpoint(opts) {
+    var endpoint = new RxServerReplicationEndpoint(this, opts.name, opts.collection, opts.queryModifier ? opts.queryModifier : (_a, q) => q, opts.changeValidator ? opts.changeValidator : () => true, opts.serverOnlyFields ? opts.serverOnlyFields : [], opts.cors);
+    this.endpoints.push(endpoint);
+    return endpoint;
+  };
+  _proto.addRestEndpoint = async function addRestEndpoint(opts) {
+    var endpoint = new RxServerRestEndpoint(this, opts.name, opts.collection, opts.queryModifier ? opts.queryModifier : (_a, q) => q, opts.changeValidator ? opts.changeValidator : () => true, opts.serverOnlyFields ? opts.serverOnlyFields : [], opts.cors);
+    this.endpoints.push(endpoint);
+    return endpoint;
+  };
+  _proto.close = async function close() {
+    this.database.onDestroy = this.database.onDestroy.filter(fn => fn !== this.closeFn);
+    await new Promise((res, rej) => {
+      this.httpServer.close(err => {
+        if (err) {
+          rej(err);
+        } else {
+          res();
+        }
+      });
+      /**
+       * By default it will await all ongoing connections
+       * before it closes. So we have to close it directly.
+       * @link https://stackoverflow.com/a/36830072/3443137
+       */
+      setImmediate(() => this.httpServer.emit('close'));
+    });
+  };
+  return RxServer;
+}();
+//# sourceMappingURL=rx-server.js.map

package/dist/esm/plugins/server/rx-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rx-server.js","names":["RxServerReplicationEndpoint","RxServerRestEndpoint","RxServer","database","authHandler","httpServer","expressApp","cors","endpoints","closeFn","close","bind","onDestroy","push","_proto","prototype","addReplicationEndpoint","opts","endpoint","name","collection","queryModifier","_a","q","changeValidator","serverOnlyFields","addRestEndpoint","filter","fn","Promise","res","rej","err","setImmediate","emit"],"sources":["../../../../src/plugins/server/rx-server.ts"],"sourcesContent":["import type {\n    RxCollection,\n    RxDatabase\n} from 'rxdb/plugins/core';\nimport { RxServerReplicationEndpoint } from './endpoint-replication.ts';\nimport type {\n    RxServerAuthHandler,\n    RxServerChangeValidator,\n    RxServerEndpoint,\n    RxServerQueryModifier\n} from './types.ts';\nimport {\n    Server as HttpServer\n} from 'http';\nimport { Express } from 'express';\nimport { RxServerRestEndpoint } from './endpoint-rest.ts';\n\nexport class RxServer<AuthType> {\n    public readonly endpoints: RxServerEndpoint<AuthType, any>[] = [];\n\n    private closeFn = (() => this.close()).bind(this);\n\n    constructor(\n        public readonly database: RxDatabase,\n        public readonly authHandler: RxServerAuthHandler<AuthType>,\n        public readonly httpServer: HttpServer,\n        public readonly expressApp: Express,\n        public readonly cors: string = '*'\n    ) {\n        database.onDestroy.push(this.closeFn);\n    }\n\n    public async addReplicationEndpoint<RxDocType>(opts: {\n        name: string,\n        collection: RxCollection<RxDocType>,\n        queryModifier?: RxServerQueryModifier<AuthType, RxDocType>,\n        changeValidator?: RxServerChangeValidator<AuthType, RxDocType>,\n        /**\n         * Set a origin for allowed CORS requests.\n         * Overwrites the cors option of the server.\n         * [default='*']\n         */\n        cors?: '*' | string,\n        serverOnlyFields?: string[]\n    }) {\n        const endpoint = new RxServerReplicationEndpoint(\n            this,\n            opts.name,\n            opts.collection,\n            opts.queryModifier ? opts.queryModifier : (_a, q) => q,\n            opts.changeValidator ? opts.changeValidator : () => true,\n            opts.serverOnlyFields ? opts.serverOnlyFields : [],\n            opts.cors\n        );\n        this.endpoints.push(endpoint);\n        return endpoint;\n    }\n\n    public async addRestEndpoint<RxDocType>(opts: {\n        name: string,\n        collection: RxCollection<RxDocType>,\n        queryModifier?: RxServerQueryModifier<AuthType, RxDocType>,\n        changeValidator?: RxServerChangeValidator<AuthType, RxDocType>,\n        /**\n         * Set a origin for allowed CORS requests.\n         * Overwrites the cors option of the server.\n         * [default='*']\n         */\n        cors?: '*' | string,\n        serverOnlyFields?: string[]\n    }) {\n        const endpoint = new RxServerRestEndpoint(\n            this,\n            opts.name,\n            opts.collection,\n            opts.queryModifier ? opts.queryModifier : (_a, q) => q,\n            opts.changeValidator ? opts.changeValidator : () => true,\n            opts.serverOnlyFields ? opts.serverOnlyFields : [],\n            opts.cors\n        );\n        this.endpoints.push(endpoint);\n        return endpoint;\n    }\n\n    async close() {\n        this.database.onDestroy = this.database.onDestroy.filter(fn => fn !== this.closeFn);\n        await new Promise<void>((res, rej) => {\n            this.httpServer.close((err) => {\n                if (err) { rej(err); } else { res(); }\n            });\n            /**\n             * By default it will await all ongoing connections\n             * before it closes. So we have to close it directly.\n             * @link https://stackoverflow.com/a/36830072/3443137\n             */\n            setImmediate(() => this.httpServer.emit('close'));\n        });\n\n    }\n}\n"],"mappings":"AAIA,SAASA,2BAA2B,QAAQ,2BAA2B;AAWvE,SAASC,oBAAoB,QAAQ,oBAAoB;AAEzD,WAAaC,QAAQ;EAKjB,SAAAA,SACoBC,QAAoB,EACpBC,WAA0C,EAC1CC,UAAsB,EACtBC,UAAmB,EACnBC,IAAY,GAAG,GAAG,EACpC;IAAA,KAVcC,SAAS,GAAsC,EAAE;IAAA,KAEzDC,OAAO,GAAG,CAAC,MAAM,IAAI,CAACC,KAAK,CAAC,CAAC,EAAEC,IAAI,CAAC,IAAI,CAAC;IAAA,KAG7BR,QAAoB,GAApBA,QAAoB;IAAA,KACpBC,WAA0C,GAA1CA,WAA0C;IAAA,KAC1CC,UAAsB,GAAtBA,UAAsB;IAAA,KACtBC,UAAmB,GAAnBA,UAAmB;IAAA,KACnBC,IAAY,GAAZA,IAAY;IAE5BJ,QAAQ,CAACS,SAAS,CAACC,IAAI,CAAC,IAAI,CAACJ,OAAO,CAAC;EACzC;EAAC,IAAAK,MAAA,GAAAZ,QAAA,CAAAa,SAAA;EAAAD,MAAA,CAEYE,sBAAsB,GAAnC,eAAAA,uBAA+CC,IAY9C,EAAE;IACC,IAAMC,QAAQ,GAAG,IAAIlB,2BAA2B,CAC5C,IAAI,EACJiB,IAAI,CAACE,IAAI,EACTF,IAAI,CAACG,UAAU,EACfH,IAAI,CAACI,aAAa,GAAGJ,IAAI,CAACI,aAAa,GAAG,CAACC,EAAE,EAAEC,CAAC,KAAKA,CAAC,EACtDN,IAAI,CAACO,eAAe,GAAGP,IAAI,CAACO,eAAe,GAAG,MAAM,IAAI,EACxDP,IAAI,CAACQ,gBAAgB,GAAGR,IAAI,CAACQ,gBAAgB,GAAG,EAAE,EAClDR,IAAI,CAACV,IACT,CAAC;IACD,IAAI,CAACC,SAAS,CAACK,IAAI,CAACK,QAAQ,CAAC;IAC7B,OAAOA,QAAQ;EACnB,CAAC;EAAAJ,MAAA,CAEYY,eAAe,GAA5B,eAAAA,gBAAwCT,IAYvC,EAAE;IACC,IAAMC,QAAQ,GAAG,IAAIjB,oBAAoB,CACrC,IAAI,EACJgB,IAAI,CAACE,IAAI,EACTF,IAAI,CAACG,UAAU,EACfH,IAAI,CAACI,aAAa,GAAGJ,IAAI,CAACI,aAAa,GAAG,CAACC,EAAE,EAAEC,CAAC,KAAKA,CAAC,EACtDN,IAAI,CAACO,eAAe,GAAGP,IAAI,CAACO,eAAe,GAAG,MAAM,IAAI,EACxDP,IAAI,CAACQ,gBAAgB,GAAGR,IAAI,CAACQ,gBAAgB,GAAG,EAAE,EAClDR,IAAI,CAACV,IACT,CAAC;IACD,IAAI,CAACC,SAAS,CAACK,IAAI,CAACK,QAAQ,CAAC;IAC7B,OAAOA,QAAQ;EACnB,CAAC;EAAAJ,MAAA,CAEKJ,KAAK,GAAX,eAAAA,MAAA,EAAc;IACV,IAAI,CAACP,QAAQ,CAACS,SAAS,GAAG,IAAI,CAACT,QAAQ,CAACS,SAAS,CAACe,MAAM,CAACC,EAAE,IAAIA,EAAE,KAAK,IAAI,CAACnB,OAAO,CAAC;IACnF,MAAM,IAAIoB,OAAO,CAAO,CAACC,GAAG,EAAEC,GAAG,KAAK;MAClC,IAAI,CAAC1B,UAAU,CAACK,KAAK,CAAEsB,GAAG,IAAK;QAC3B,IAAIA,GAAG,EAAE;UAAED,GAAG,CAACC,GAAG,CAAC;QAAE,CAAC,MAAM;UAAEF,GAAG,CAAC,CAAC;QAAE;MACzC,CAAC,CAAC;MACF;AACZ;AACA;AACA;AACA;MACYG,YAAY,CAAC,MAAM,IAAI,CAAC5B,UAAU,CAAC6B,IAAI,CAAC,OAAO,CAAC,CAAC;IACrD,CAAC,CAAC;EAEN,CAAC;EAAA,OAAAhC,QAAA;AAAA"}

package/dist/esm/plugins/server/types.js

@@ -0,0 +1,37 @@
+/**
+ * Returns the auth state by the given request headers.
+ * Throws if auth not valid.
+ */
+
+/**
+ * Modifies a given query in a way to limit the results
+ * to what the authenticated user is allowed to see.
+ * For example the query selector
+ * input: {
+ *   selector: {
+ *     myField: { $gt: 100 }
+ *   }
+ * }
+ * could be modified to restrict the results to only return
+ * documents that are "owned" by the user
+ * return: {
+ *   selector: {
+ *     myField: { $gt: 100 },
+ *     userId: { $eq: authData.userId }
+ *   }
+ * }
+ * 
+ * 
+ */
+
+/**
+ * Validates if a given change is allowed to be performed on the server.
+ * Returns true if allowed, false if not.
+ * If a client tries to make a non-allowed change,
+ * the client will be disconnected.
+ */
+
+;
+export {};
+export {};
+//# sourceMappingURL=types.js.map

package/dist/esm/plugins/server/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","names":[],"sources":["../../../../src/plugins/server/types.ts"],"sourcesContent":["import type {\n    FilledMangoQuery,\n    RxDatabase,\n    RxReplicationWriteToMasterRow,\n    MaybePromise,\n    RxCollection,\n    WithDeleted\n} from 'rxdb/plugins/core';\nimport { IncomingHttpHeaders } from 'http';\nimport { Express } from 'express';\n\nexport type RxServerOptions<AuthType> = {\n    database: RxDatabase;\n    authHandler?: RxServerAuthHandler<AuthType>;\n    serverApp?: Express;\n    appOptions?: any;\n    /**\n     * [default=localhost]\n     */\n    hostname?: 'localhost' | '0.0.0.0' | string;\n    port: number;\n    /**\n     * Set a origin for allowed CORS requests.\n     * Can be overwritten by the cors option of the endpoints.\n     * [default='*']\n     */\n    cors?: '*' | string;\n};\n\nexport type RxServerAuthData<AuthType> = {\n    data: AuthType;\n    validUntil: number;\n};\n\n/**\n * Returns the auth state by the given request headers.\n * Throws if auth not valid.\n */\nexport type RxServerAuthHandler<AuthType> =\n    (headers: IncomingHttpHeaders) => MaybePromise<RxServerAuthData<AuthType>>;\n\n/**\n * Modifies a given query in a way to limit the results\n * to what the authenticated user is allowed to see.\n * For example the query selector\n * input: {\n *   selector: {\n *     myField: { $gt: 100 }\n *   }\n * }\n * could be modified to restrict the results to only return\n * documents that are \"owned\" by the user\n * return: {\n *   selector: {\n *     myField: { $gt: 100 },\n *     userId: { $eq: authData.userId }\n *   }\n * }\n * \n * \n */\nexport type RxServerQueryModifier<AuthType, RxDocType> = (\n    authData: RxServerAuthData<AuthType>,\n    query: FilledMangoQuery<RxDocType>\n) => FilledMangoQuery<RxDocType>;\n\n/**\n * Validates if a given change is allowed to be performed on the server.\n * Returns true if allowed, false if not.\n * If a client tries to make a non-allowed change,\n * the client will be disconnected.\n */\nexport type RxServerChangeValidator<AuthType, RxDocType> = (\n    authData: RxServerAuthData<AuthType>,\n    change: RxReplicationWriteToMasterRow<RxDocType>\n) => boolean;\n\n\nexport interface RxServerEndpoint<AuthType, RxDocType> {\n    collection: RxCollection<RxDocType>;\n    name: string;\n    type: 'replication' | 'rest' | string;\n    urlPath: string;\n    queryModifier?: RxServerQueryModifier<AuthType, RxDocType>;\n    changeValidator?: RxServerChangeValidator<AuthType, RxDocType>;\n};\n"],"mappings":"AAkCA;AACA;AACA;AACA;;AAIA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;;AAcC;AAAC;AAAA"}

package/dist/types/index.d.ts

@@ -0,0 +1 @@
+export declare function wrongImport(): void;

package/dist/types/plugins/client-rest/index.d.ts

@@ -0,0 +1,22 @@
+import { ById, MangoQuery } from 'rxdb/plugins/core';
+import { Observable } from 'rxjs';
+import EventSource from 'eventsource';
+export declare class RxRestClient<RxDocType> {
+    readonly endpointUrl: string;
+    headers: ById<string>;
+    readonly eventSource: typeof EventSource | any;
+    constructor(endpointUrl: string, headers?: ById<string>, eventSource?: typeof EventSource | any);
+    setHeaders(headers: ById<string>): void;
+    handleError(response: any): void;
+    query(query: MangoQuery<RxDocType>): Promise<{
+        documents: RxDocType[];
+    }>;
+    observeQuery(query: MangoQuery<RxDocType>): Observable<RxDocType[]>;
+    get(ids: string[]): Promise<{
+        documents: RxDocType[];
+    }>;
+    set(docs: RxDocType[]): Promise<any>;
+    delete(ids: string[]): Promise<any>;
+}
+export declare function createRestClient<RxDocType>(endpointUrl: string, headers: ById<string>, eventSource?: typeof EventSource | any): RxRestClient<RxDocType>;
+export * from './utils.ts';

package/dist/types/plugins/client-rest/utils.d.ts

@@ -0,0 +1,2 @@
+import { ById } from 'rxdb/plugins/core';
+export declare function postRequest(url: string, body: any, headers?: ById<string>): Promise<any>;

package/dist/types/plugins/replication-server/helpers.d.ts

@@ -0,0 +1,2 @@
+import type { RxServerReplicationState } from './index.ts';
+export declare function parseResponse(replicationState: RxServerReplicationState<any>, fetchResponse: Response): Promise<any>;