npm - wabe - Versions diffs - 0.6.12 → 0.6.14 - Mend

wabe 0.6.12 → 0.6.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (156) hide show

package/dist/database/DatabaseController.d.ts +2 -0
package/dist/file/FileDevAdapter.d.ts +1 -0
package/dist/graphql/pointerAndRelationFunction.d.ts +6 -0
package/dist/index.js +3827 -3541
package/dist/schema/Schema.d.ts +2 -2
package/dist/server/generateCodegen.d.ts +10 -0
package/dist/server/index.d.ts +2 -1
package/dist/utils/objectKeys.d.ts +1 -0
package/package.json +7 -4
package/dev/index.ts +0 -215
package/dist/schema/resolvers/sendEmail.d.ts +0 -1
package/generated/schema.graphql +0 -1945
package/generated/wabe.ts +0 -448
package/src/authentication/OTP.test.ts +0 -69
package/src/authentication/OTP.ts +0 -64
package/src/authentication/Session.test.ts +0 -629
package/src/authentication/Session.ts +0 -517
package/src/authentication/cookies.ts +0 -10
package/src/authentication/defaultAuthentication.ts +0 -209
package/src/authentication/index.ts +0 -4
package/src/authentication/interface.ts +0 -177
package/src/authentication/oauth/GitHub.test.ts +0 -91
package/src/authentication/oauth/GitHub.ts +0 -121
package/src/authentication/oauth/Google.test.ts +0 -91
package/src/authentication/oauth/Google.ts +0 -101
package/src/authentication/oauth/Oauth2Client.test.ts +0 -219
package/src/authentication/oauth/Oauth2Client.ts +0 -135
package/src/authentication/oauth/index.ts +0 -2
package/src/authentication/oauth/utils.test.ts +0 -33
package/src/authentication/oauth/utils.ts +0 -27
package/src/authentication/providers/EmailOTP.test.ts +0 -127
package/src/authentication/providers/EmailOTP.ts +0 -95
package/src/authentication/providers/EmailPassword.test.ts +0 -263
package/src/authentication/providers/EmailPassword.ts +0 -138
package/src/authentication/providers/EmailPasswordSRP.test.ts +0 -208
package/src/authentication/providers/EmailPasswordSRP.ts +0 -191
package/src/authentication/providers/GitHub.ts +0 -24
package/src/authentication/providers/Google.ts +0 -24
package/src/authentication/providers/OAuth.test.ts +0 -185
package/src/authentication/providers/OAuth.ts +0 -106
package/src/authentication/providers/PhonePassword.test.ts +0 -221
package/src/authentication/providers/PhonePassword.ts +0 -136
package/src/authentication/providers/QRCodeOTP.test.ts +0 -77
package/src/authentication/providers/QRCodeOTP.ts +0 -69
package/src/authentication/providers/index.ts +0 -6
package/src/authentication/resolvers/refreshResolver.test.ts +0 -30
package/src/authentication/resolvers/refreshResolver.ts +0 -19
package/src/authentication/resolvers/signInWithResolver.inte.test.ts +0 -59
package/src/authentication/resolvers/signInWithResolver.test.ts +0 -306
package/src/authentication/resolvers/signInWithResolver.ts +0 -106
package/src/authentication/resolvers/signOutResolver.test.ts +0 -38
package/src/authentication/resolvers/signOutResolver.ts +0 -18
package/src/authentication/resolvers/signUpWithResolver.test.ts +0 -180
package/src/authentication/resolvers/signUpWithResolver.ts +0 -68
package/src/authentication/resolvers/verifyChallenge.test.ts +0 -230
package/src/authentication/resolvers/verifyChallenge.ts +0 -78
package/src/authentication/roles.test.ts +0 -49
package/src/authentication/roles.ts +0 -40
package/src/authentication/security.ts +0 -278
package/src/authentication/utils.test.ts +0 -97
package/src/authentication/utils.ts +0 -39
package/src/cache/InMemoryCache.test.ts +0 -62
package/src/cache/InMemoryCache.ts +0 -45
package/src/cron/index.test.ts +0 -17
package/src/cron/index.ts +0 -43
package/src/database/DatabaseController.test.ts +0 -613
package/src/database/DatabaseController.ts +0 -1415
package/src/database/index.test.ts +0 -1551
package/src/database/index.ts +0 -9
package/src/database/interface.ts +0 -308
package/src/email/DevAdapter.ts +0 -7
package/src/email/EmailController.test.ts +0 -29
package/src/email/EmailController.ts +0 -13
package/src/email/index.ts +0 -2
package/src/email/interface.ts +0 -36
package/src/email/templates/sendOtpCode.ts +0 -120
package/src/file/FileController.ts +0 -28
package/src/file/FileDevAdapter.ts +0 -51
package/src/file/hookDeleteFile.ts +0 -25
package/src/file/hookReadFile.ts +0 -66
package/src/file/hookUploadFile.ts +0 -52
package/src/file/index.test.ts +0 -1031
package/src/file/index.ts +0 -2
package/src/file/interface.ts +0 -63
package/src/file/security.ts +0 -156
package/src/graphql/GraphQLSchema.test.ts +0 -5099
package/src/graphql/GraphQLSchema.ts +0 -886
package/src/graphql/index.ts +0 -2
package/src/graphql/parseGraphqlSchema.ts +0 -85
package/src/graphql/parser.test.ts +0 -203
package/src/graphql/parser.ts +0 -707
package/src/graphql/pointerAndRelationFunction.ts +0 -191
package/src/graphql/resolvers.ts +0 -464
package/src/graphql/tests/aggregation.test.ts +0 -1115
package/src/graphql/tests/e2e.test.ts +0 -590
package/src/graphql/tests/scalars.test.ts +0 -250
package/src/graphql/types.ts +0 -227
package/src/hooks/HookObject.test.ts +0 -122
package/src/hooks/HookObject.ts +0 -165
package/src/hooks/authentication.ts +0 -67
package/src/hooks/createUser.test.ts +0 -77
package/src/hooks/createUser.ts +0 -10
package/src/hooks/defaultFields.test.ts +0 -176
package/src/hooks/defaultFields.ts +0 -32
package/src/hooks/deleteSession.test.ts +0 -181
package/src/hooks/deleteSession.ts +0 -20
package/src/hooks/hashFieldHook.test.ts +0 -152
package/src/hooks/hashFieldHook.ts +0 -89
package/src/hooks/index.test.ts +0 -258
package/src/hooks/index.ts +0 -420
package/src/hooks/permissions.test.ts +0 -412
package/src/hooks/permissions.ts +0 -93
package/src/hooks/protected.test.ts +0 -551
package/src/hooks/protected.ts +0 -74
package/src/hooks/searchableFields.test.ts +0 -147
package/src/hooks/searchableFields.ts +0 -86
package/src/hooks/session.test.ts +0 -134
package/src/hooks/session.ts +0 -76
package/src/hooks/setEmail.test.ts +0 -216
package/src/hooks/setEmail.ts +0 -33
package/src/hooks/setupAcl.test.ts +0 -618
package/src/hooks/setupAcl.ts +0 -25
package/src/hooks/virtualFields.test.ts +0 -228
package/src/hooks/virtualFields.ts +0 -48
package/src/index.ts +0 -9
package/src/schema/Schema.test.ts +0 -482
package/src/schema/Schema.ts +0 -839
package/src/schema/defaultResolvers.ts +0 -93
package/src/schema/index.ts +0 -1
package/src/schema/resolvers/meResolver.test.ts +0 -62
package/src/schema/resolvers/meResolver.ts +0 -10
package/src/schema/resolvers/resetPassword.test.ts +0 -341
package/src/schema/resolvers/resetPassword.ts +0 -63
package/src/schema/resolvers/sendEmail.test.ts +0 -118
package/src/schema/resolvers/sendEmail.ts +0 -21
package/src/schema/resolvers/sendOtpCode.test.ts +0 -141
package/src/schema/resolvers/sendOtpCode.ts +0 -52
package/src/security.test.ts +0 -4136
package/src/server/defaultSessionHandler.test.ts +0 -62
package/src/server/defaultSessionHandler.ts +0 -104
package/src/server/generateCodegen.ts +0 -433
package/src/server/index.test.ts +0 -843
package/src/server/index.ts +0 -336
package/src/server/interface.ts +0 -11
package/src/server/routes/authHandler.ts +0 -171
package/src/server/routes/index.ts +0 -48
package/src/utils/crypto.test.ts +0 -41
package/src/utils/crypto.ts +0 -105
package/src/utils/database.ts +0 -8
package/src/utils/export.ts +0 -12
package/src/utils/helper.ts +0 -204
package/src/utils/index.test.ts +0 -11
package/src/utils/index.ts +0 -196
package/src/utils/preload.ts +0 -8
package/src/utils/testHelper.ts +0 -124
package/tsconfig.json +0 -32

package/src/hooks/protected.test.ts DELETED Viewed

@@ -1,551 +0,0 @@
-import { describe, expect, it, beforeAll, afterAll } from 'bun:test'
-import {
-	createUserAndUpdateRole,
-	type DevWabeTypes,
-	getAnonymousClient,
-	getGraphqlClient,
-} from '../utils/helper'
-import { setupTests, closeTests } from '../utils/testHelper'
-import type { Wabe } from '../server'
-import { RoleEnum } from '../../generated/wabe'
-import { gql, type GraphQLClient } from 'graphql-request'
-describe('Protected hook', () => {
-	let wabe: Wabe<DevWabeTypes>
-	let anonymousClient: GraphQLClient
-	let rootClient: GraphQLClient
-	beforeAll(async () => {
-		const setup = await setupTests([
-			{
-				name: 'Test',
-				fields: {
-					name: {
-						type: 'String',
-						protected: {
-							authorizedRoles: [RoleEnum.Client],
-							protectedOperations: ['update', 'read'],
-						},
-					},
-					noOne: {
-						type: 'String',
-						protected: {
-							authorizedRoles: [],
-							protectedOperations: ['update', 'read'],
-						},
-					},
-					rootOnly: {
-						type: 'String',
-						protected: {
-							authorizedRoles: ['rootOnly'],
-							protectedOperations: ['update', 'read'],
-						},
-					},
-					notOperation: {
-						type: 'String',
-						protected: {
-							authorizedRoles: [RoleEnum.Client],
-							protectedOperations: ['update'],
-						},
-					},
-					notOperationUpdate: {
-						type: 'String',
-						protected: {
-							authorizedRoles: [RoleEnum.Client],
-							protectedOperations: ['read'],
-						},
-					},
-				},
-				permissions: {
-					read: {
-						authorizedRoles: ['everyone'],
-						requireAuthentication: true,
-					},
-					create: {
-						authorizedRoles: ['everyone'],
-						requireAuthentication: true,
-					},
-					update: {
-						authorizedRoles: ['everyone'],
-						requireAuthentication: true,
-					},
-				},
-			},
-		])
-		wabe = setup.wabe
-		anonymousClient = getAnonymousClient(setup.port)
-		rootClient = getGraphqlClient(setup.port)
-	})
-	afterAll(async () => {
-		await closeTests(wabe)
-	})
-	it('should not throw an error if the operation in not in the list of protected operations (read)', async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		await userClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { name: "test" } }) {
-					test {
-						name
-					}
-				}
-			}
-		`)
-		expect(
-			userClient.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								notOperation
-							}
-						}
-					}
-				}
-			`),
-		).resolves.toEqual(expect.anything())
-		expect(
-			userClient2.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								notOperation
-							}
-						}
-					}
-				}
-			`),
-		).resolves.toEqual(expect.anything())
-	})
-	it('should not throw an error if the operation in not in the list of protected operations (update)', async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		const res = await userClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { name: "test" } }) {
-					test {
-						id
-						name
-					}
-				}
-			}
-		`)
-		expect(
-			userClient.request<any>(gql`
-          mutation updateTest {
-              updateTest(input: {id: "${res.createTest.test.id}", fields: {notOperationUpdate: "test2"}}) {
-                  ok
-             }
-          }
-     `),
-		).resolves.toEqual(expect.anything())
-		expect(
-			userClient2.request<any>(gql`
-          mutation updateTest {
-              updateTest(input: {id: "${res.createTest.test.id}", fields: {notOperationUpdate: "test2"}}) {
-                  ok
-             }
-          }
-     `),
-		).resolves.toEqual(expect.anything())
-	})
-	it("should throw an error if the user doesn't have the right role on read", async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		await userClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { name: "test" } }) {
-					test {
-						name
-					}
-				}
-			}
-		`)
-		expect(
-			userClient.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								name
-							}
-						}
-					}
-				}
-			`),
-		).resolves.toEqual(expect.anything())
-		expect(
-			userClient2.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								name
-							}
-						}
-					}
-				}
-			`),
-		).rejects.toThrowError('You are not authorized to read this field')
-	})
-	it("should throw an error if the user doesn't have the right role on update", async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		const res = await userClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { name: "test" } }) {
-					test {
-						id
-						name
-					}
-				}
-			}
-		`)
-		await userClient.request<any>(gql`
-     mutation updateTest {
-         updateTest(input: {id: "${res.createTest.test.id}", fields: {name: "test2"}}) {
-             test {
-                 id
-             }
-         }
-     }
-     `)
-		expect(
-			userClient2.request<any>(gql`
-          mutation updateTest {
-              updateTest(input: {id: "${res.createTest.test.id}", fields: {name: "test2"}}) {
-                  test {
-                      name
-                  }
-              }
-          }
-     `),
-		).rejects.toThrowError('You are not authorized to update this field')
-	})
-	it('should throw an error no one have the right role on read', async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		await userClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { noOne: "test" } }) {
-					test {
-						id
-						name
-					}
-				}
-			}
-		`)
-		expect(
-			rootClient.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								noOne
-							}
-						}
-					}
-				}
-			`),
-		).rejects.toThrowError('You are not authorized to read this field')
-		expect(
-			userClient.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								noOne
-							}
-						}
-					}
-				}
-			`),
-		).rejects.toThrowError('You are not authorized to read this field')
-		expect(
-			userClient2.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								noOne
-							}
-						}
-					}
-				}
-			`),
-		).rejects.toThrowError('You are not authorized to read this field')
-	})
-	it('should throw an error no one have the right role on update', async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		const res = await userClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { noOne: "test" } }) {
-					test {
-						id
-						name
-					}
-				}
-			}
-		`)
-		expect(
-			rootClient.request<any>(gql`
-     mutation updateTest {
-         updateTest(input: {id: "${res.createTest.test.id}", fields: {noOne: "test2"}}) {
-             test {
-                 id
-             }
-         }
-     }
-     `),
-		).rejects.toThrowError('You are not authorized to update this field')
-		expect(
-			userClient.request<any>(gql`
-     mutation updateTest {
-         updateTest(input: {id: "${res.createTest.test.id}", fields: {noOne: "test2"}}) {
-             test {
-                 id
-             }
-         }
-     }
-     `),
-		).rejects.toThrowError('You are not authorized to update this field')
-		expect(
-			userClient2.request<any>(gql`
-          mutation updateTest {
-              updateTest(input: {id: "${res.createTest.test.id}", fields: {name: "test2"}}) {
-                  test {
-                      name
-                  }
-              }
-          }
-     `),
-		).rejects.toThrowError('You are not authorized to update this field')
-	})
-	it('should allow only root to read a field protected by rootOnly', async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		await rootClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { name: "test" } }) {
-					test {
-						id
-					}
-				}
-			}
-		`)
-		expect(
-			rootClient.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								rootOnly
-							}
-						}
-					}
-				}
-			`),
-		).resolves.toEqual(expect.anything())
-		expect(
-			userClient.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								rootOnly
-							}
-						}
-					}
-				}
-			`),
-		).rejects.toThrow('You are not authorized to read this field')
-		expect(
-			userClient2.request<any>(gql`
-				query tests {
-					tests {
-						edges {
-							node {
-								rootOnly
-							}
-						}
-					}
-				}
-			`),
-		).rejects.toThrowError('You are not authorized to read this field')
-	})
-	it('should allow only root to update a field protected by rootOnly', async () => {
-		const { userClient } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Client,
-			port: wabe.config.port,
-		})
-		const { userClient: userClient2 } = await createUserAndUpdateRole({
-			anonymousClient,
-			rootClient,
-			roleName: RoleEnum.Admin,
-			port: wabe.config.port,
-		})
-		const res = await rootClient.request<any>(gql`
-			mutation createTest {
-				createTest(input: { fields: { name: "test" } }) {
-					test {
-						id
-					}
-				}
-			}
-		`)
-		// Root client should be able to update
-		expect(
-			rootClient.request<any>(gql`
-        mutation updateTest {
-            updateTest(input: {id: "${res.createTest.test.id}", fields: {rootOnly: "updatedTest"}}) {
-                test {
-                    rootOnly
-                }
-            }
-        }
-      `),
-		).resolves.toEqual(expect.anything())
-		// User clients should not be able to update
-		expect(
-			userClient.request<any>(gql`
-        mutation updateTest {
-            updateTest(input: {id: "${res.createTest.test.id}", fields: {rootOnly: "updatedTest"}}) {
-                test {
-                    rootOnly
-                }
-            }
-        }
-      `),
-		).rejects.toThrowError('You are not authorized to update this field')
-		expect(
-			userClient2.request<any>(gql`
-        mutation updateTest {
-            updateTest(input: {id: "${res.createTest.test.id}", fields: {rootOnly: "updatedTest"}}) {
-                test {
-                    rootOnly
-                }
-            }
-        }
-      `),
-		).rejects.toThrowError('You are not authorized to update this field')
-	})
-})

package/src/hooks/protected.ts DELETED Viewed

@@ -1,74 +0,0 @@
-import { OperationType } from '.'
-import type { DevWabeTypes } from '../utils/helper'
-import type { HookObject } from './HookObject'
-import type { SchemaClassWithProtectedFields } from '../schema/Schema'
-import type { WabeContext } from '../server/interface'
-const _checkProtected = (
-	hookObject: HookObject<DevWabeTypes, any>,
-	operationType: OperationType,
-) => {
-	const schemaClass = hookObject.context.wabe.config.schema?.classes?.find(
-		(currentClass) => currentClass.name === hookObject.className,
-	)
-	if (!schemaClass) return
-	const userRole = hookObject.getUser()?.role?.name || ''
-	const isRoot = hookObject.context.isRoot
-	if (operationType === OperationType.BeforeRead) {
-		Object.keys(hookObject.select).forEach((fieldName) => {
-			const protectedForCurrentField = schemaClass.fields[fieldName]?.protected
-			if (!protectedForCurrentField) return
-			if (protectedForCurrentField?.protectedOperations.includes('read')) {
-				if (isRoot && protectedForCurrentField.authorizedRoles.includes('rootOnly')) return
-				// @ts-expect-error
-				if (!protectedForCurrentField.authorizedRoles.includes(userRole))
-					throw new Error('You are not authorized to read this field')
-			}
-		})
-		return
-	}
-	const fieldsUpdated = hookObject.getNewData()
-	const operation = operationType === OperationType.BeforeUpdate ? 'update' : 'create'
-	Object.keys(fieldsUpdated).forEach((fieldName) => {
-		const protectedForCurrentField = schemaClass.fields[fieldName]?.protected
-		if (protectedForCurrentField?.protectedOperations.includes(operation)) {
-			if (isRoot && protectedForCurrentField.authorizedRoles.includes('rootOnly')) return
-			// @ts-expect-error
-			if (!protectedForCurrentField.authorizedRoles.includes(userRole))
-				throw new Error(`You are not authorized to ${operation} this field`)
-		}
-	})
-}
-export const canUserReadField = (
-	schemaClass: SchemaClassWithProtectedFields,
-	fieldName: string,
-	context: Pick<WabeContext<any>, 'isRoot' | 'user'>,
-): boolean => {
-	const protectedForField = schemaClass.fields[fieldName]?.protected
-	if (!protectedForField || !protectedForField.protectedOperations.includes('read')) return true
-	if (context.isRoot && protectedForField.authorizedRoles.includes('rootOnly')) return true
-	const userRole = context.user?.role?.name || ''
-	return protectedForField.authorizedRoles.includes(userRole)
-}
-export const defaultCheckProtectedOnBeforeRead = (object: HookObject<DevWabeTypes, any>) =>
-	_checkProtected(object, OperationType.BeforeRead)
-export const defaultCheckProtectedOnBeforeUpdate = (object: HookObject<DevWabeTypes, any>) =>
-	_checkProtected(object, OperationType.BeforeUpdate)
-export const defaultCheckProtectedOnBeforeCreate = (object: HookObject<DevWabeTypes, any>) =>
-	_checkProtected(object, OperationType.BeforeCreate)