adminmate-express-mongoose
Advanced tools
Comparing version 1.1.10 to 1.1.11
86
index.js
@@ -1,65 +0,33 @@ | ||
const router = require('express').Router(); | ||
const cookieParser = require('cookie-parser'); | ||
const { init, isAuthorized } = require(global.AM_DEV_MODE ? '../adminmate-express-core' : 'adminmate-express-core'); | ||
// Controllers | ||
const modelController = require('./src/controllers/model'); | ||
const authController = require('./src/controllers/auth'); | ||
const installController = require('./src/controllers/install'); | ||
const smartActionsController = require('./src/controllers/smartactions'); | ||
const segmentsController = require('./src/controllers/segments'); | ||
const { isAuthorized, isAuthorizedIP } = require('./src/middlewares/auth'); | ||
const accessControl = (req, res, next) => { | ||
const origin = global._amConfig.devMode ? 'http://localhost:3002' : 'https://my.adminmate.io'; | ||
res.header('Access-Control-Allow-Origin', origin); | ||
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, X-Access-Token, X-Perm-Token'); | ||
res.header('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE, OPTIONS'); | ||
// res.header('Access-Control-Allow-Credentials', true); | ||
next(); | ||
}; | ||
const Adminmate = ({ projectId, secretKey, authKey, masterPassword, models, authorizedIps }) => { | ||
const api = { | ||
getModels: modelController.getModels, | ||
getModelsProperties: modelController.getModelsProperties, | ||
getSmartActions: smartActionsController.getAll, | ||
getSmartAction: smartActionsController.get, | ||
getSegments: segmentsController.getAll, | ||
modelGet: modelController.get, | ||
modelGetAutocomplete: modelController.getAutocomplete, | ||
modelGetOne: modelController.getOne, | ||
modelPostOne: modelController.postOne, | ||
modelPutOne: modelController.putOne, | ||
modelDeleteSome: modelController.deleteSome, | ||
modelCustomQuery: modelController.customQuery | ||
}; | ||
const Adminmate = ({ projectId, secretKey, authKey, masterPassword, models, authorizedIps, devMode }) => { | ||
global._amConfig = {}; | ||
global._amConfig.projectId = projectId; | ||
global._amConfig.secretKey = secretKey; | ||
global._amConfig.authKey = authKey; | ||
global._amConfig.masterPassword = masterPassword; | ||
global._amConfig.models = models; | ||
global._amConfig.authorizedIps = authorizedIps || null; | ||
global._amConfig.devMode = devMode || false; | ||
router.use(cookieParser()); | ||
router.use(accessControl); | ||
// Installation checks | ||
router.post('/api/check_connection', installController.checkConnection); | ||
router.post('/api/check_models', installController.checkModels); | ||
// Login | ||
router.post('/api/login', isAuthorizedIP, authController.login); | ||
// Get models list | ||
router.get('/api/model', isAuthorizedIP, isAuthorized, modelController.getModels); | ||
router.get('/api/model/properties', isAuthorizedIP, isAuthorized, modelController.getModelsProperties); | ||
// Get model config | ||
// router.get('/api/model/:model/config', isAuthorized, modelController.getModelConfig); | ||
// Get available Smart Actions for the items list | ||
router.get('/api/model/smartactions', isAuthorizedIP, isAuthorized, smartActionsController.getAll); | ||
router.get('/api/model/:model/smartactions', isAuthorizedIP, isAuthorized, smartActionsController.get); | ||
// Segments | ||
router.get('/api/model/segments', isAuthorizedIP, isAuthorized, segmentsController.getAll); | ||
// CRUD endpoints | ||
router.post('/api/model/:model', isAuthorizedIP, isAuthorized, modelController.get); | ||
router.post('/api/model/:model/autocomplete', isAuthorizedIP, isAuthorized, modelController.getAutocomplete); | ||
router.post('/api/model/:model/create', isAuthorizedIP, isAuthorized, modelController.postOne); | ||
router.post('/api/model/:model/:id', isAuthorizedIP, isAuthorized, modelController.getOne); | ||
router.put('/api/model/:model/:id', isAuthorizedIP, isAuthorized, modelController.putOne); | ||
router.delete('/api/model/:model', isAuthorizedIP, isAuthorized, modelController.deleteSome); | ||
// Custom query | ||
router.post('/api/query', isAuthorizedIP, isAuthorized, modelController.customQuery); | ||
return router; | ||
return init({ | ||
projectId, | ||
secretKey, | ||
authKey, | ||
masterPassword, | ||
models, | ||
authorizedIps, | ||
api | ||
}); | ||
}; | ||
@@ -66,0 +34,0 @@ |
{ | ||
"name": "adminmate-express-mongoose", | ||
"version": "1.1.10", | ||
"version": "1.1.11", | ||
"description": "Adminmate Express/Mongoose connector", | ||
@@ -15,6 +15,3 @@ "author": "Marc Delalonde", | ||
"dependencies": { | ||
"axios": "^0.19.2", | ||
"cookie-parser": "^1.4.5", | ||
"express": "^4.16.4", | ||
"jwt-simple": "^0.5.6", | ||
"adminmate-express-core": "^1.0.1", | ||
"mongoose": "^5.9.7", | ||
@@ -21,0 +18,0 @@ "mongoose-legacy-pluralize": "^1.0.2", |
@@ -48,16 +48,2 @@ const mongoose = require('mongoose'); | ||
module.exports.getModelConfig = (req, res) => { | ||
const currentModel = global._amConfig.models.find(m => m.collection.name === req.params.model); | ||
if (!currentModel) { | ||
return res.status(403).json({ message: 'Invalid request' }); | ||
} | ||
const keys = fnHelper.getModelProperties(currentModel); | ||
res.json({ | ||
keys, | ||
name: currentModel.collection.name | ||
}); | ||
}; | ||
module.exports.getAutocomplete = async (req, res) => { | ||
@@ -64,0 +50,0 @@ const modelName = req.params.model; |
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
4
25440
6
714
1
+ Addedadminmate-express-core@1.2.3(transitive)
+ Addedcommander@6.2.1(transitive)
+ Addedcors@2.8.5(transitive)
+ Addedjson2csv@5.0.7(transitive)
+ Addedjsonparse@1.3.1(transitive)
+ Addedlodash.get@4.4.2(transitive)
+ Addedobject-assign@4.1.1(transitive)
- Removedaxios@^0.19.2
- Removedcookie-parser@^1.4.5
- Removedexpress@^4.16.4
- Removedjwt-simple@^0.5.6
- Removedaxios@0.19.2(transitive)
- Removedfollow-redirects@1.5.10(transitive)