Moduletrace/datasquirel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cfcd08680f
datasquirel/dist/package-shared/api-paths/utils/checks.js
Benjamin Toby cfcd08680f Updates
2025-12-22 07:18:57 +01:00

122 lines
6.4 KiB
JavaScript
Raw Blame History

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.default = checks;
const lodash_1 = __importDefault(require("lodash"));
function checks(_a) {
return __awaiter(this, arguments, void 0, function* ({ table, allowedTables, query, body, method, getMiddleware, postMiddleware, putMiddleware, deleteMiddleware, crudMiddleware, }) {
var _b, _c, _d, _e;
const allowedTable = allowedTables.find((tbl) => tbl.table == table);
if (!allowedTable) {
throw new Error(`Can't Access this table: \`${table}\``);
}
let newQuery = lodash_1.default.cloneDeep(query);
let newBody = lodash_1.default.cloneDeep(body);
const searchFields = Object.keys(((_b = newQuery === null || newQuery === void 0 ? void 0 : newQuery.searchQuery) === null || _b === void 0 ? void 0 : _b.query) || {});
const selectFields = (_d = (((_c = newQuery === null || newQuery === void 0 ? void 0 : newQuery.searchQuery) === null || _c === void 0 ? void 0 : _c.selectFields)
? newQuery.searchQuery.selectFields.map((f) => typeof f == "string"
? f
: typeof f == "object"
? f.fieldName
: undefined)
: undefined)) === null || _d === void 0 ? void 0 : _d.filter((f) => typeof f == "string");
const targetFields = [...(searchFields || []), ...(selectFields || [])];
if (method == "GET" && allowedTable.allowedFields) {
for (let i = 0; i < targetFields.length; i++) {
const fld = targetFields[i];
const allowedFld = allowedTable.allowedFields.find((f) => typeof f == "string" ? f == fld : fld.match(f));
if (!allowedFld) {
throw new Error(`\`${allowedFld}\` field not allowed`);
}
}
}
if (method == "GET" && allowedTable.disallowedFields) {
for (let i = 0; i < targetFields.length; i++) {
const fld = targetFields[i];
const disallowedFld = allowedTable.disallowedFields.find((f) => typeof f == "string" ? f == fld : fld.match(f));
if (disallowedFld) {
throw new Error(`\`${disallowedFld}\` field not allowed`);
}
}
}
if (method == "GET" && getMiddleware) {
newQuery = yield getMiddleware({ query: newQuery || {} });
}
if (method !== "GET" && crudMiddleware) {
const middRes = yield crudMiddleware({
body: newBody || {},
query: newQuery || {},
});
newBody = lodash_1.default.merge(newBody, middRes);
}
if (method == "POST" && postMiddleware) {
const middRes = yield postMiddleware({
body: newBody || {},
query: newQuery || {},
});
newBody = lodash_1.default.merge(newBody, middRes);
}
if (method == "PUT" && putMiddleware) {
const middRes = yield putMiddleware({
body: newBody || {},
query: newQuery || {},
});
newBody = lodash_1.default.merge(newBody, middRes);
}
if (method == "DELETE" && deleteMiddleware) {
const middRes = yield deleteMiddleware({
body: newBody || {},
query: newQuery || {},
});
newBody = lodash_1.default.merge(newBody, middRes);
}
if ((_e = newQuery === null || newQuery === void 0 ? void 0 : newQuery.searchQuery) === null || _e === void 0 ? void 0 : _e.join) {
for (let i = 0; i < newQuery.searchQuery.join.length; i++) {
const join = newQuery.searchQuery.join[i];
const joinTableName = join.tableName;
const selectFields = join.selectFields;
if (allowedTables === null || allowedTables === void 0 ? void 0 : allowedTables[0]) {
const allowedJoinTable = allowedTables.find((t) => t.table == joinTableName);
if (!(allowedJoinTable === null || allowedJoinTable === void 0 ? void 0 : allowedJoinTable.table)) {
throw new Error(`Can't joint \`${joinTableName}\` table`);
}
const allowedFields = allowedJoinTable.allowedFields;
const disallowedFields = allowedJoinTable.disallowedFields;
if (selectFields === null || selectFields === void 0 ? void 0 : selectFields[0]) {
for (let j = 0; j < selectFields.length; j++) {
const selectField = selectFields[j];
const selectFieldName = typeof selectField == "object"
? selectField.field
: String(selectField);
if ((allowedFields === null || allowedFields === void 0 ? void 0 : allowedFields[0]) &&
!allowedFields.find((f) => String(f) == selectFieldName)) {
throw new Error(`Can't Select this Field!`);
}
if ((disallowedFields === null || disallowedFields === void 0 ? void 0 : disallowedFields[0]) &&
disallowedFields.find((f) => String(f) == selectFieldName)) {
throw new Error(`Disallowed Field Selected!`);
}
}
}
}
}
}
return {
query: newQuery,
body: newBody,
allowedTable,
};
});
}
Reference in New Issue View Git Blame Copy Permalink