npm - sumba - Versions diffs - 2.23.0 → 2.25.0 - Mend

sumba 2.23.0 → 2.25.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

package/extend/bajo/hook/bajo.extend@after-read-config.js ADDED Viewed

@@ -0,0 +1,13 @@
+import path from 'path'
+async function afterReadConfig (file, result, options) {
+  const base = path.basename(file, path.extname(file))
+  // rewrite fixtures
+  if (!(base === 'route-guard' && Array.isArray(result) && file.includes('/fixture/'))) return
+  for (const res of result) {
+    if (res.path.slice(0, 2) === ':/') res.path = options.sourceNs + res.path
+    res.path = res.path.replaceAll('{ns}', options.sourceNs)
+  }
+}
+export default afterReadConfig

package/extend/bajo/hook/dobo.sumba-attrib-guard$dobo.sumba-x-attrib-guard@after-transaction.js ADDED Viewed

@@ -0,0 +1,6 @@
+async function afterTransaction (action, ...args) {
+  if (!['createRecord', 'updateRecord', 'removeRecord'].includes(action)) return
+  await this.getAttribGuards(true)
+}
+export default afterTransaction

package/extend/bajo/hook/dobo.sumba-model-guard$dobo.sumba-x-model-guard@after-transaction.js ADDED Viewed

@@ -0,0 +1,6 @@
+async function afterTransaction (action, ...args) {
+  if (!['createRecord', 'updateRecord', 'removeRecord'].includes(action)) return
+  await this.getModelGuards(true)
+}
+export default afterTransaction

package/extend/bajo/hook/dobo.sumba-route-guard$dobo.sumba-x-route-guard@after-transaction.js ADDED Viewed

@@ -0,0 +1,6 @@
+async function afterTransaction (action, ...args) {
+  if (!['createRecord', 'updateRecord', 'removeRecord'].includes(action)) return
+  await this.getRouteGuards(true)
+}
+export default afterTransaction

package/extend/bajo/hook/dobo.sumba-team$dobo.sumba-site@after-transaction.js ADDED Viewed

@@ -0,0 +1,8 @@
+async function afterTransaction (action, ...args) {
+  if (!['createRecord', 'updateRecord', 'removeRecord'].includes(action)) return
+  await this.getRouteGuards(true)
+  await this.getModelGuards(true)
+  await this.getAttribGuards(true)
+}
+export default afterTransaction

package/extend/bajo/hook/dobo@before-count-record.js CHANGED Viewed

@@ -1,8 +1,8 @@
-import { handler } from './dobo@before-find-record.js'
+import { handler } from './dobo@before-driver-find-record.js'
-const doboBeforeCountRecord = {
+const doboBeforeDriverCountRecord = {
   level: 1000,
   handler
 }
-export default doboBeforeCountRecord
+export default doboBeforeDriverCountRecord

package/extend/bajo/hook/{dobo@before-create-record.js → dobo@before-driver-create-record.js} RENAMED Viewed

@@ -1,17 +1,17 @@
-const doboBeforeCreateRecord = {
+const doboBeforeDriverCreateRecord = {
   level: 1000,
-  handler: async function (modelName, body, options = {}) {
+  handler: async function (model, body, options = {}) {
     const { get } = this.app.lib._
+    const { isSet } = this.app.lib.aneka
     const { req } = options
-    if (options.noAutoFilter || !req || get(req, 'routeOptions.config.interSite')) return
+    if (options.noAutoFilter || !req || get(req, 'routeOptions.config.xSite')) return
     const item = { siteId: 'site.id', userId: 'user.id' }
-    const model = this.app.dobo.getModel(modelName)
     for (const i in item) {
       const rec = get(req, item[i])
       const field = model.getProperty(i)
-      if (rec && field) body[i] = field.type === 'string' ? (rec + '') : rec
+      if (rec && field && !isSet(body[i])) body[i] = field.type === 'string' ? (rec + '') : rec
     }
   }
 }
-export default doboBeforeCreateRecord
+export default doboBeforeDriverCreateRecord

package/extend/bajo/hook/dobo@before-driver-find-all-record.js ADDED Viewed

@@ -0,0 +1,13 @@
+import { rebuildFilter } from './dobo@before-driver-find-record.js'
+const doboBeforeDriverFindAllRecord = {
+  level: 1000,
+  handler: async function (model, filter, options) {
+    const { req } = options
+    const { isEmpty } = this.app.lib._
+    if (options.noAutoFilter || !req || isEmpty(req.site)) return
+    await rebuildFilter.call(this, model, filter, options)
+  }
+}
+export default doboBeforeDriverFindAllRecord

package/extend/bajo/hook/dobo@before-driver-find-record.js ADDED Viewed

@@ -0,0 +1,114 @@
+async function applyModelGuard ({ model, q, teamIds, options }) {
+  const { get, set, orderBy, intersection, without } = this.app.lib._
+  const { include } = this.app.lib.aneka
+  const { req } = options
+  const results = []
+  const guards = await this.getModelGuards()
+  const columns = model.getNonVirtualProperties().map(prop => prop.name)
+  const filterFn = item => {
+    const bySiteId = item.siteIds.includes(req.site.id + '')
+    const byModel = item.models.includes(model.name)
+    const byTeamId = item.teamIds.length === 0 || include(item.teamIds, teamIds)
+    const byColumn = columns.includes(item.column)
+    return bySiteId && byModel && byTeamId && byColumn
+  }
+  guards.global = orderBy(guards.global.filter(filterFn), ['column'])
+  guards.local = orderBy(guards.local.filter(filterFn), ['column'])
+  for (const col of columns) {
+    let values = []
+    let items = guards.global.filter(item => item.column === col && !item.negation)
+    for (const item of items) {
+      values.push(...item.value)
+    }
+    items = guards.global.filter(item => item.column === col && item.negation)
+    for (const item of items) {
+      values = without(values, ...item.value)
+    }
+    items = guards.local.filter(item => item.column === col && !item.negation)
+    const newValues = []
+    for (const item of items) {
+      newValues.push(...item.value)
+    }
+    if (newValues.length > 0) values = intersection(values, newValues)
+    items = guards.local.filter(item => item.column === col && item.negation)
+    for (const item of items) {
+      values = without(values, ...item.value)
+    }
+    if (values.length) results.push(set({}, col, { $in: values }))
+  }
+  const allowEmpty = get(this, `config.dobo.model.${model.name}.allowEmptyQuery`, true)
+  if (results.length === 0 && !allowEmpty) throw this.error('_emptyColumnQuery') // signal driver to about with no result immediately
+  q.$and.push(...results)
+}
+export async function applyAttribGuard ({ model, teamIds, options }) {
+  const { uniq } = this.app.lib._
+  const { include } = this.app.lib.aneka
+  const { req } = options
+  const results = []
+  const guards = await this.getAttribGuards()
+  const filterFn = item => {
+    const bySiteId = item.siteIds.includes(req.site.id + '')
+    const byModel = item.models.includes(model.name)
+    const byTeamId = item.teamIds.length === 0 || include(item.teamIds, teamIds)
+    return bySiteId && byModel && byTeamId
+  }
+  let item = guards.global.filter(filterFn)[0]
+  if (item) results.push(...item.hiddenCols)
+  item = guards.local.filter(filterFn)[0]
+  if (item) results.push(...item.hiddenCols)
+  options.hidden = options.hidden ?? []
+  if (results.length > 0) options.hidden.push(...results)
+  options.hidden = uniq(options.hidden)
+}
+export async function rebuildFilter (model, filter = {}, options = {}) {
+  const { isEmpty, get } = this.app.lib._
+  const { req } = options
+  const hasSiteId = model.hasProperty('siteId')
+  const hasUserId = model.hasProperty('userId')
+  const hasTeamId = model.hasProperty('teamId')
+  const teams = get(req, 'user.teams', [])
+  const teamIds = teams.map(team => team.id + '')
+  const aliases = teams.map(team => team.alias)
+  const q = { $and: [] }
+  filter.query = filter.query ?? {}
+  if (!isEmpty(filter.query)) {
+    if (filter.query.$and) q.$and.push(...filter.query.$and)
+    else q.$and.push(filter.query)
+  }
+  if (req.routeOptions.config.xSite) return
+  if (hasSiteId) q.$and.push({ siteId: req.site.id + '' })
+  if (aliases.includes('administrator')) {
+    filter.query = q
+    return
+  }
+  if (hasTeamId) {
+    if (hasUserId) q.$and.push({ $or: [{ teamId: { $in: teamIds } }, { userId: req.user.id + '' }] })
+    else q.$and.push({ teamId: { $in: teamIds } })
+  } else if (hasUserId) q.$and.push({ userId: req.user.id + '' })
+  await applyModelGuard.call(this, { model, q, teamIds, options })
+  await applyAttribGuard.call(this, { model, teamIds, options })
+  filter.query = q
+}
+export async function handler (model, filter, options = {}) {
+  const { isEmpty } = this.app.lib._
+  if (options.noAutoFilter || !options.req || isEmpty((options.req ?? {}).site)) return
+  await rebuildFilter.call(this, model, filter, options)
+}
+const doboBeforeDriverFindRecord = {
+  level: 1000,
+  handler
+}
+export default doboBeforeDriverFindRecord

package/extend/bajo/hook/dobo@before-driver-get-record.js ADDED Viewed

@@ -0,0 +1,22 @@
+import { rebuildFilter } from './dobo@before-driver-find-record.js'
+export async function checker (model, id, options = {}) {
+  const { req } = options
+  if (options.noAutoFilter || !req) return
+  const filter = {}
+  await rebuildFilter.call(this, model, filter, options)
+  if (filter.query.$and) filter.query.$and.push({ id })
+  else filter.query.id = id
+  const row = await model.findOneRecord(filter, { count: false })
+  if (!row) throw this.app.dobo.error('recordNotFound%s%s', id, this.name, { statusCode: 404 })
+}
+const doboBeforeDriverGetRecord = {
+  level: 1000,
+  handler: async function (model, id, options) {
+    await checker.call(this, model, id, options)
+  }
+}
+export default doboBeforeDriverGetRecord

package/extend/bajo/hook/dobo@before-driver-remove-record.js ADDED Viewed

@@ -0,0 +1,10 @@
+import { checker } from './dobo@before-driver-get-record.js'
+const doboBeforeDriverRemoveRecord = {
+  level: 1000,
+  handler: async function (model, id, options = {}) {
+    await checker.call(this, model, id, options.req)
+  }
+}
+export default doboBeforeDriverRemoveRecord

package/extend/bajo/hook/dobo@before-driver-update-record.js ADDED Viewed

@@ -0,0 +1,10 @@
+import { checker } from './dobo@before-driver-get-record.js'
+const doboBeforeDriverUpdateRecord = {
+  level: 1000,
+  handler: async function (model, id, body, options = {}) {
+    await checker.call(this, model, id, options)
+  }
+}
+export default doboBeforeDriverUpdateRecord

package/extend/bajo/hook/waibu-mpa@pre-parsing.js CHANGED Viewed

@@ -1,13 +1,14 @@
-import { checkUserId, checkTeam, checkTheme, checkIconset, checkInterSite } from '../../../lib/util.js'
+import { checkUserId, checkTeam, checkTheme, checkIconset, checkXSite } from '../../../lib/util.js'
 const preParsing = {
   level: 10,
   handler: async function (req, reply) {
     await checkTheme.call(this, req, reply)
     await checkIconset.call(this, req, reply)
-    if (!await checkUserId.call(this, req, reply, 'waibuMpa')) return
-    if (!await checkTeam.call(this, req, reply, 'waibuMpa')) return
-    await checkInterSite.call(this, req, reply)
+    const secure = await checkUserId.call(this, req, reply, 'waibuMpa')
+    if (!secure) return
+    await checkTeam.call(this, req, reply, secure)
+    await checkXSite.call(this, req, reply)
   }
 }

package/extend/bajo/hook/waibu-rest-api@pre-parsing.js CHANGED Viewed

@@ -1,11 +1,12 @@
-import { checkUserId, checkTeam, checkInterSite } from '../../../lib/util.js'
+import { checkUserId, checkTeam, checkXSite } from '../../../lib/util.js'
 const preParsing = {
   level: 10,
   handler: async function (req, reply) {
-    if (!await checkUserId.call(this, req, reply, 'waibuRestApi')) return
-    if (!await checkTeam.call(this, req, reply, 'waibuRestApi')) return
-    await checkInterSite.call(this, req, reply)
+    const secure = await checkUserId.call(this, req, reply, 'waibuRestApi')
+    if (!secure) return
+    await checkTeam.call(this, req, reply, secure)
+    await checkXSite.call(this, req, reply)
   }
 }

package/extend/bajo/hook/waibu-static@pre-parsing.js CHANGED Viewed

@@ -1,11 +1,12 @@
-import { checkUserId, checkTeam, checkInterSite } from '../../../lib/util.js'
+import { checkUserId, checkTeam, checkXSite } from '../../../lib/util.js'
 const preParsing = {
   level: 10,
   handler: async function (req, reply) {
-    if (!await checkUserId.call(this, req, reply, 'waibuStatic')) return
-    if (!await checkTeam.call(this, req, reply, 'waibuStatic')) return
-    await checkInterSite.call(this, req, reply)
+    const secure = await checkUserId.call(this, req, reply, 'waibuStatic')
+    if (!secure) return
+    await checkTeam.call(this, req, reply, secure)
+    await checkXSite.call(this, req, reply)
   }
 }

package/extend/bajo/hook/waibu@after-app-boot.js CHANGED Viewed

@@ -1,5 +1,7 @@
 async function afterAppBoot () {
   await this.getRouteGuards(true)
+  await this.getModelGuards(true)
+  await this.getAttribGuards(true)
 }
 export default afterAppBoot

package/extend/bajo/intl/en-US.json CHANGED Viewed

@@ -133,6 +133,13 @@
   "allSites": "All Sites",
   "permission": "Permission",
   "routeGuard": "Route Guard",
+  "modelGuard": "Model Guard",
+  "attribGuard": "Attribute Guard",
+  "xRouteGuard": "Route Guard",
+  "xModelGuard": "Model Guard",
+  "xAttribGuard": "Attribute Guard",
+  "xSite": "Cross-Site",
+  "xSiteAdminArea": "Cross-Site Admin Area",
   "field": {
     "currentPassword": "Current Password",
     "newPassword": "New Password",
@@ -158,10 +165,14 @@
     "value": "Value",
     "notes": "Notes",
     "path": "Path",
-    "inverse": "Inverse?",
+    "negation": "Negation?",
     "anonymous": "Anonymous?",
     "methods": "Methods",
-    "teams": "Teams"
+    "teamIds": "Teams",
+    "column": "Column",
+    "hiddenCols": "Hidden Columns",
+    "models": "Models",
+    "siteIds": "Sites"
   },
   "validation": {
     "password": {

package/extend/bajo/intl/id.json CHANGED Viewed

@@ -137,6 +137,15 @@
   "statusOpen": "Terbuka",
   "statusClosed": "Tertutup",
   "allSites": "Semua Situs",
+  "permission": "Permisi",
+  "routeGuard": "Pelindung Rute",
+  "modelGuard": "Pelindung Model",
+  "attribGuard": "Pelindung Atribut",
+  "xRouteGuard": "Pelindung Rute",
+  "xModelGuard": "Pelindung Model",
+  "xAttribGuard": "Pelindung Atribut",
+  "xSite": "Antar Situs",
+  "xSiteAdminArea": "Area Admin Antar Situs",
   "field": {
     "currentPassword": "Kata Sandi Saat Ini",
     "newPassword": "Kata Sandi Baru",
@@ -159,8 +168,17 @@
     "user": "Pengguna",
     "team": "Tim",
     "ns": "Ruang Nama Modul",
-    "value": "Value",
-    "notes": "Catatan"
+    "value": "Nilai",
+    "notes": "Catatan",
+    "path": "Jejak",
+    "negation": "Negation?",
+    "anonymous": "Anonim?",
+    "methods": "Metode",
+    "teamIds": "Tim",
+    "column": "Kolom",
+    "hiddenCols": "Kolom Tersembunyi",
+    "models": "Model",
+    "siteIds": "Situs"
   },
   "validation": {
     "password": {

package/extend/dobo/feature/site-ids.js ADDED Viewed

@@ -0,0 +1,19 @@
+async function siteIds (opts = {}) {
+  return {
+    properties: [{
+      name: 'siteIds',
+      type: 'array',
+      default: [],
+      ref: {
+        siteIds: {
+          model: 'SumbaSite',
+          field: 'id',
+          searchField: 'hostname',
+          fields: ['id', 'hostname']
+        }
+      }
+    }]
+  }
+}
+export default siteIds

package/extend/dobo/feature/team-ids.js ADDED Viewed

@@ -0,0 +1,19 @@
+async function teamIds (opts = {}) {
+  return {
+    properties: [{
+      name: 'teamIds',
+      type: 'array',
+      default: [],
+      ref: {
+        teamIds: {
+          model: 'SumbaTeam',
+          field: 'id',
+          searchField: 'name',
+          fields: ['id', 'alias', 'name']
+        }
+      }
+    }]
+  }
+}
+export default teamIds

package/extend/dobo/fixture/{route-guard.js → x-route-guard.js} RENAMED Viewed

@@ -10,17 +10,15 @@ const routes = [
   '~sumba.restapi:/user/access-token/**/*'
 ]
-async function userGuard () {
+async function routeGuard () {
   return routes.map(r => {
     const anonymous = r[0] === '~'
     return {
       path: anonymous ? r.slice(1) : r,
       anonymous,
-      _immutable: true,
-      siteId: '?:SumbaSite::alias:default',
       status: 'ACTIVE'
     }
   })
 }
-export default userGuard
+export default routeGuard

package/extend/dobo/model/attrib-guard.js ADDED Viewed

@@ -0,0 +1,32 @@
+import { buildEnd, options } from './model-guard.js'
+export const properties = [
+  {
+    name: 'models',
+    type: 'array',
+    required: true
+  },
+  'hiddenCols,array',
+  'siteId,sumba:siteId',
+  'teamIds,sumba:teamIds'
+]
+export const features = [
+  {
+    name: 'sumba:status',
+    values: ['ACTIVE', 'INACTIVE'],
+    default: 'ACTIVE'
+  },
+  'dobo:updatedAt'
+]
+async function routeGuard () {
+  return {
+    properties,
+    features,
+    options,
+    buildEnd
+  }
+}
+export default routeGuard

package/extend/dobo/model/model-guard.js ADDED Viewed

@@ -0,0 +1,48 @@
+export async function buildEnd (model) {
+  const prop = model.properties.find(prop => prop.name === 'models')
+  if (prop) prop.values = this.app.sumba.getModelNames(true)
+}
+export const properties = [
+  {
+    name: 'models',
+    type: 'array',
+    required: true
+  },
+  'column,,50,true,true',
+  {
+    name: 'negation',
+    type: 'boolean',
+    required: true,
+    default: false
+  },
+  {
+    name: 'status',
+    type: 'sumba:status',
+    values: ['ACTIVE', 'INACTIVE'],
+    default: 'ACTIVE'
+  },
+  'value,array,,,true',
+  'siteId,sumba:siteId',
+  'teamIds,sumba:teamIds'
+]
+export const options = {
+  attachment: false,
+  cache: { ttlDur: 0 }
+}
+export const features = [
+  'dobo:updatedAt'
+]
+async function routeGuard () {
+  return {
+    properties,
+    features,
+    options,
+    buildEnd
+  }
+}
+export default routeGuard

package/extend/dobo/model/route-guard.js CHANGED Viewed

@@ -1,59 +1,47 @@
+import { options } from './model-guard.js'
+export const properties = [
+  'path,,255,true,true',
+  {
+    name: 'methods',
+    type: 'array',
+    required: true,
+    default: ['GET', 'POST', 'UPDATE', 'DELETE'],
+    values: ['GET', 'POST', 'UPDATE', 'DELETE']
+  },
+  {
+    name: 'weight',
+    type: 'smallint',
+    default: 0
+  }, {
+    name: 'negation',
+    type: 'boolean',
+    required: true,
+    default: false
+  }, {
+    name: 'anonymous',
+    type: 'boolean',
+    required: true,
+    default: false
+  },
+  'siteId,sumba:siteId',
+  'teamIds,sumba:teamIds'
+]
+export const features = [
+  {
+    name: 'sumba:status',
+    values: ['ACTIVE', 'INACTIVE'],
+    default: 'ACTIVE'
+  },
+  'dobo:updatedAt'
+]
 async function routeGuard () {
   return {
-    connection: 'memory',
-    properties: [
-      'path,,255,true,true',
-      {
-        name: 'inverse',
-        type: 'boolean',
-        required: true,
-        default: false
-      }, {
-        name: 'anonymous',
-        type: 'boolean',
-        required: true,
-        default: false
-      }, {
-        name: 'methods',
-        type: 'array',
-        required: true,
-        default: ['GET', 'POST', 'UPDATE', 'DELETE'],
-        values: ['GET', 'POST', 'UPDATE', 'DELETE']
-      }, {
-        name: 'teams',
-        type: 'array',
-        default: [],
-        ref: {
-          teams: {
-            model: 'SumbaTeam',
-            field: 'alias',
-            searchField: 'name',
-            fields: ['alias', 'name']
-          }
-        }
-      }, {
-        name: 'weight',
-        type: 'smallint',
-        default: 0
-      }
-    ],
-    features: [
-      {
-        name: 'sumba:status',
-        values: ['ACTIVE', 'INACTIVE'],
-        default: 'ACTIVE'
-      },
-      {
-        name: 'dobo:unique',
-        fields: ['path', 'anonymous', 'methods', 'teams', 'inverse', 'weight', 'status', 'siteId']
-      },
-      'dobo:immutable',
-      'dobo:updatedAt',
-      'sumba:siteId'
-    ],
-    options: {
-      persistence: false
-    }
+    properties,
+    features,
+    options
   }
 }

package/extend/dobo/model/x-attrib-guard.js ADDED Viewed

@@ -0,0 +1,14 @@
+import { properties, features } from './attrib-guard.js'
+import { options, buildEnd } from './model-guard.js'
+async function routeGuard () {
+  const { isString } = this.app.lib._
+  return {
+    properties: properties.filter(prop => !isString(prop) || (isString(prop) && !prop.startsWith('teamIds'))),
+    features: features.filter(feat => !isString(feat) || (isString(feat) && !['sumba:siteId', 'dobo:updatedAt'].includes(feat))).concat('sumba:siteIds', 'dobo:updatedAt'),
+    options,
+    buildEnd
+  }
+}
+export default routeGuard

package/extend/dobo/model/x-model-guard.js ADDED Viewed

@@ -0,0 +1,13 @@
+import { buildEnd, properties, features, options } from './model-guard.js'
+async function xModelGuard () {
+  const { isString } = this.app.lib._
+  return {
+    properties: properties.filter(prop => !isString(prop) || (isString(prop) && !prop.startsWith('teamIds'))),
+    features: features.filter(feat => !isString(feat) || (isString(feat) && !['sumba:siteId', 'dobo:updatedAt'].includes(feat))).concat('sumba:siteIds', 'dobo:updatedAt'),
+    options,
+    buildEnd
+  }
+}
+export default xModelGuard