New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

fib-app

Package Overview
Dependencies
Maintainers
1
Versions
115
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

fib-app - npm Package Compare versions

Comparing version 1.10.0 to 1.11.0

.travis.yml
@types/acl.d.ts
@types/app.d.ts
@types/common.d.ts
@types/index.d.ts
@types/orm-patch.d.ts
@types/req.d.ts
build.js
src/app.ts
src/classes/base.ts
src/classes/extend.ts
src/classes/graphql.ts
src/classes/index.ts
src/db.ts
src/utils/check_acl.ts
src/utils/convert_where.ts
src/utils/diagram.ts
src/utils/err_info.ts
src/utils/filter.ts
src/utils/find.ts
src/utils/get.ts

22

lib/app.js

@@ -1,16 +0,16 @@

const mq = require('mq');
const classes = require('./classes');
const setupDb = require('./db');
const diagram = require('./utils/diagram');
/// <reference path="../@types/app.d.ts" />
const mq = require("mq");
const classes = require("./classes");
const db_1 = require("./db");
const diagram_1 = require("./utils/diagram");
class App extends mq.Routing {
constructor(url, opts) {
super();
this.db = setupDb(this, url, opts);
this.db = db_1.default(this, url, opts);
classes.bind(this);
this.diagram = diagram;
this.diagram = diagram_1.default;
}
};
module.exports = App;
}
;
module.exports = App;
module.exports = App;

70

lib/classes/base.js

@@ -1,22 +0,13 @@

const err_info = require('../utils/err_info');
const {
check_acl
} = require('../utils/check_acl');
const {
filter,
filter_ext
} = require('../utils/filter');
const _find = require('../utils/find');
const {
_get
} = require('../utils/get');
Object.defineProperty(exports, "__esModule", { value: true });
const err_info_1 = require("../utils/err_info");
const check_acl_1 = require("../utils/check_acl");
const filter_1 = require("../utils/filter");
const find_1 = require("../utils/find");
const get_1 = require("../utils/get");
exports.bind = (_, app) => {
var api = app.api;
api.post = (req, db, cls, data) => {
var acl = check_acl(req.session, "create", cls.ACL);
var acl = check_acl_1.check_acl(req.session, "create", cls.ACL);
if (!acl)
return err_info(4030001, {}, cls.cid);
return err_info_1.default(4030001, {}, cls.cid);
var _createBy = cls.extends['createdBy'];

@@ -26,10 +17,7 @@ var _opt;

var obj;
function _create(d) {
d = filter(d, acl);
d = filter_1.filter(d, acl);
var rd = {};
for (var k in cls.extends) {
var r = d[k];
if (r !== undefined) {

@@ -40,5 +28,3 @@ rd[k] = r;

}
rdata.push(rd);
var o = new cls(d);

@@ -50,6 +36,4 @@ if (_createBy !== undefined) {

o.saveSync();
return o;
}
if (Array.isArray(data))

@@ -59,3 +43,2 @@ obj = data.map(d => _create(d));

obj = [_create(data)];
rdata.forEach((rd, i) => {

@@ -68,3 +51,2 @@ for (var k in rd) {

});
if (Array.isArray(data))

@@ -89,25 +71,18 @@ return {

};
api.get = (req, db, cls, id) => {
var obj = _get(cls, id, req.session, "read");
var obj = get_1._get(cls, id, req.session, "read");
if (obj.error)
return obj;
return {
success: filter(filter_ext(req.session, obj.data), req.query.keys, obj.acl)
success: filter_1.filter(filter_1.filter_ext(req.session, obj.data), req.query.keys, obj.acl)
};
};
api.put = (req, db, cls, id, data) => {
var obj = _get(cls, id, req.session, "write");
var obj = get_1._get(cls, id, req.session, "write");
if (obj.error)
return obj;
data = filter(data, obj.acl);
data = filter_1.filter(data, obj.acl);
var rdata;
for (var k in cls.extends) {
var r = data[k];
if (r !== undefined) {

@@ -118,8 +93,5 @@ rdata[k] = r;

}
for (var k in data)
obj.data[k] = data[k];
obj.data.saveSync();
return {

@@ -132,10 +104,7 @@ success: {

};
api.del = (req, db, cls, id) => {
var obj = _get(cls, id, req.session, "delete");
var obj = get_1._get(cls, id, req.session, "delete");
if (obj.error)
return obj;
obj.data.removeSync();
return {

@@ -147,12 +116,9 @@ success: {

};
api.find = (req, db, cls) => {
if (!check_acl(req.session, "find", cls.ACL))
return err_info(4030001, {}, cls.cid);
if (!check_acl_1.check_acl(req.session, "find", cls.ACL))
return err_info_1.default(4030001, {}, cls.cid);
return {
success: _find(req, cls.find())
success: find_1.default(req, cls.find())
};
};
app.post('/:classname', (req, classname) => _(req, classname, api.post));

@@ -163,2 +129,2 @@ app.get('/:classname/:id', (req, classname, id) => _(req, classname, id, api.get));

app.get('/:classname', (req, classname) => _(req, classname, api.find));
};
};

127

lib/classes/extend.js

@@ -0,38 +1,23 @@

Object.defineProperty(exports, "__esModule", { value: true });
const util = require('util');
const {
check_acl,
check_obj_acl
} = require('../utils/check_acl');
const {
filter,
filter_ext
} = require('../utils/filter');
const _find = require('../utils/find');
const err_info = require('../utils/err_info');
const {
_get,
_eget
} = require('../utils/get');
const check_acl_1 = require("../utils/check_acl");
const filter_1 = require("../utils/filter");
const find_1 = require("../utils/find");
const err_info_1 = require("../utils/err_info");
const get_1 = require("../utils/get");
exports.bind = (_, app) => {
var api = app.api;
api.eput = (req, db, cls, id, extend, rid, data) => {
var rel_model = cls.extends[extend];
if (rel_model === undefined)
return err_info(4040001, {
return err_info_1.default(4040001, {
classname: extend
});
var robj = _eget(cls, id, extend, rid, req.session, "write");
var robj = get_1._eget(cls, id, extend, rid, req.session, "write");
if (robj.error)
return robj;
data = filter(data, robj.acl);
data = filter_1.filter(data, robj.acl);
var rdata;
for (var k in rel_model.model.extends) {
var r = data[k];
if (r !== undefined) {

@@ -43,8 +28,5 @@ rdata[k] = r;

}
for (var k in data)
robj.data[k] = data[k];
robj.data.saveSync();
return {

@@ -57,28 +39,22 @@ success: {

};
api.elink = (req, db, cls, id, extend, data) => {
var rel_model = cls.extends[extend];
if (rel_model === undefined)
return err_info(4040001, {
return err_info_1.default(4040001, {
classname: extend
});
var obj = _get(cls, id, req.session, "write");
var obj = get_1._get(cls, id, req.session, "write");
if (obj.error)
return obj;
if (Array.isArray(obj.acl) && obj.acl.indexOf(extend) === -1)
return err_info(4030001, {}, cls.cid);
return err_info_1.default(4030001, {}, cls.cid);
var rid = data.id;
if (rid === undefined)
return err_info(4040002, {
return err_info_1.default(4040002, {
id: rid,
classname: extend
}, rel_model.model.cid);
var robj = _get(rel_model.model, rid, req.session, "read");
var robj = get_1._get(rel_model.model, rid, req.session, "read");
if (robj.error)
return robj;
var _opt;

@@ -89,5 +65,3 @@ if (rel_model.type === 'hasOne')

_opt = obj.data.__opts.many_associations.find(a => a.name === extend).addAccessor;
obj.data[_opt + 'Sync'].call(obj.data, robj.data);
return {

@@ -100,12 +74,9 @@ success: {

};
api.epost = (req, db, cls, id, extend, data) => {
var rel_model = cls.extends[extend];
if (rel_model === undefined)
return err_info(4040001, {
return err_info_1.default(4040001, {
classname: extend
});
var obj;
if (util.isObject(id)) {

@@ -116,12 +87,11 @@ obj = {

id = id.id;
} else {
obj = _get(cls, id, req.session);
}
else {
obj = get_1._get(cls, id, req.session);
if (obj.error)
return obj;
}
var acl = check_obj_acl(req.session, 'create', obj.data, extend);
var acl = check_acl_1.check_obj_acl(req.session, 'create', obj.data, extend);
if (!acl)
return err_info(4030001, {}, cls.cid);
return err_info_1.default(4030001, {}, cls.cid);
var _createBy = rel_model.model.extends['createdBy'];

@@ -131,10 +101,7 @@ var _opt;

var rdata = [];
function _create(d) {
d = filter(d, acl);
d = filter_1.filter(d, acl);
var rd = {};
for (var k in cls.extends) {
var r = d[k];
if (r !== undefined) {

@@ -146,5 +113,3 @@ rd[k] = r;

rdata.push(rd);
var ro = new rel_model.model(d);
if (_createBy !== undefined) {

@@ -154,12 +119,10 @@ _opt = Object.keys(ro.__opts.one_associations.find(a => a.name === 'createdBy').field)[0];

}
if (rel_model.reversed) {
obj.data[extend] = ro;
obj.data.saveSync();
} else
}
else
ro.saveSync();
return ro;
}
if (Array.isArray(data))

@@ -169,3 +132,2 @@ robj = data.map(d => _create(d));

robj = [_create(data)];
rdata.forEach((rd, i) => {

@@ -178,3 +140,2 @@ for (var k in rd) {

});
if (!rel_model.reversed) {

@@ -186,6 +147,4 @@ var _opt;

_opt = obj.data.__opts.many_associations.find(a => a.name === extend).addAccessor;
robj.forEach(ro => obj.data[_opt + 'Sync'].call(obj.data, ro));
}
if (Array.isArray(data)) {

@@ -201,3 +160,4 @@ return {

};
} else
}
else
return {

@@ -211,15 +171,11 @@ status: 201,

};
api.efind = (req, db, cls, id, extend) => {
var rel_model = cls.extends[extend];
if (rel_model === undefined)
return err_info(4040001, {
return err_info_1.default(4040001, {
classname: extend
});
if (rel_model.type === 'hasOne' && !rel_model.reversed)
return api.eget(req, db, cls, id, extend);
var obj;
if (util.isObject(id)) {

@@ -230,11 +186,10 @@ obj = {

id = id.id;
} else {
obj = _get(cls, id, req.session);
}
else {
obj = get_1._get(cls, id, req.session);
if (obj.error)
return obj;
}
if (!check_obj_acl(req.session, 'find', obj.data, extend))
return err_info(4030001, {}, rel_model.model.cid);
if (!check_acl_1.check_obj_acl(req.session, 'find', obj.data, extend))
return err_info_1.default(4030001, {}, rel_model.model.cid);
var _association;

@@ -245,28 +200,21 @@ if (rel_model.type === 'hasOne')

_association = obj.data.__opts.many_associations.find(a => a.name === extend);
return {
success: _find(req, obj.data[_association.getAccessor].call(obj.data), obj.data, extend)
success: find_1.default(req, obj.data[_association.getAccessor].call(obj.data), obj.data, extend)
};
};
api.eget = (req, db, cls, id, extend, rid) => {
var robj = _eget(cls, id, extend, rid, req.session, "read");
var robj = get_1._eget(cls, id, extend, rid, req.session, "read");
if (robj.error)
return robj;
return {
success: filter(filter_ext(req.session, robj.data), req.query.keys, robj.acl)
success: filter_1.filter(filter_1.filter_ext(req.session, robj.data), req.query.keys, robj.acl)
};
};
api.edel = (req, db, cls, id, extend, rid) => {
var robj = _eget(cls, id, extend, rid, req.session, "delete");
var robj = get_1._eget(cls, id, extend, rid, req.session, "delete");
if (robj.error)
return robj;
var rel_model = cls.extends[extend];
if (rel_model.type === 'hasMany') {
robj.base[robj.base.__opts.many_associations.find(a => a.name === extend).delAccessor + 'Sync'].call(robj.base, robj.data);
return {

@@ -279,6 +227,4 @@ success: {

}
if (rel_model.type === 'hasOne') {
robj.base[robj.base.__opts.one_associations.find(a => a.name === extend).delAccessor + 'Sync'].call(robj.base);
return {

@@ -292,3 +238,2 @@ success: {

};
app.put('/:classname/:id/:extend', (req, classname, id, extend) => _(req, classname, id, extend, api.elink));

@@ -300,2 +245,2 @@ app.put('/:classname/:id/:extend/:rid', (req, classname, id, extend, rid) => _(req, classname, id, extend, rid, api.eput));

app.del('/:classname/:id/:extend/:rid', (req, classname, id, extend, rid) => _(req, classname, id, extend, rid, api.edel));
};
};

57

lib/classes/graphql.js

@@ -0,1 +1,2 @@

Object.defineProperty(exports, "__esModule", { value: true });
const graphql = require('fib-graphql');

@@ -5,10 +6,4 @@ const GraphQLJSON = require('graphql-type-json');

const convert_where = require('../utils/convert_where');
const {
check_acl,
check_obj_acl
} = require('../utils/check_acl');
const {
filter
} = require('../utils/filter');
const { check_acl, check_obj_acl } = require('../utils/check_acl');
const { filter } = require('../utils/filter');
const TypeMap = {

@@ -24,3 +19,2 @@ "serial": graphql.GraphQLInt,

};
const hasManyArgs = {

@@ -40,6 +34,4 @@ where: {

};
module.exports = (app, db) => {
exports.default = (app, db) => {
var types = {};
function get_resolve(m) {

@@ -51,3 +43,2 @@ return function (parent, args, req) {

}, db, m, args.id);
if (res.error) {

@@ -57,7 +48,5 @@ req.error = res.error;

}
return res.success;
};
}
function find_resolve(m) {

@@ -69,3 +58,2 @@ return function (parent, args, req) {

}, db, m);
if (res.error) {

@@ -75,11 +63,9 @@ req.error = res.error;

}
return res.success;
};
}
function count_resolve (m) {
function count_resolve(m) {
return function (parent, args, req) {
args.count = 1
args.limit = 0
args.count = 1;
args.limit = 0;
var res = app.api.find({

@@ -89,3 +75,2 @@ session: req.session,

}, db, m);
if (res.error) {

@@ -95,7 +80,5 @@ req.error = res.error;

}
return res.success.count;
};
}
function get_resolve_one(m, f) {

@@ -107,15 +90,11 @@ return function (parent, args, req) {

}, db, m, parent, f);
if (res.error) {
if(res.error.code === 4040002)
if (res.error.code === 4040002)
return null;
req.error = res.error;
throw res.error;
}
return res.success;
};
}
function get_resolve_many(m, f) {

@@ -127,3 +106,2 @@ return function (parent, args, req) {

}, db, m, parent, f);
if (res.error) {

@@ -133,11 +111,8 @@ req.error = res.error;

}
return res.success;
};
}
function get_fields(m) {
return function () {
var fields = {}
var fields = {};
var properties = m.properties;

@@ -148,6 +123,5 @@ for (var f in properties)

};
var _extends = m.extends;
for (var f in _extends) {
rel_model = _extends[f];
var rel_model = _extends[f];
if (rel_model.type === 'hasOne' && !rel_model.reversed)

@@ -165,10 +139,7 @@ fields[f] = {

}
return fields;
};
}
for (var k in db.models) {
var m = db.models[k];
types[k] = {

@@ -186,3 +157,2 @@ type: new graphql.GraphQLObjectType({

};
types['find_' + k] = {

@@ -193,3 +163,2 @@ type: new graphql.GraphQLList(types[k].type),

};
types['count_' + k] = {

@@ -201,3 +170,2 @@ type: graphql.GraphQLInt,

}
var Schema = new graphql.GraphQLSchema({

@@ -209,18 +177,13 @@ query: new graphql.GraphQLObjectType({

});
db.graphql = (query, req) => {
var res = graphql.graphqlSync(Schema, query, {}, req);
if (req.error) {
var code = req.error.code;
delete req.error;
req.response.statusCode = code / 10000;
res.errors[0].code = code;
}
return res;
};
return db;
};

113

lib/classes/index.js

@@ -1,21 +0,15 @@

const mq = require('mq');
const util = require('util');
const http = require('http');
const json = require('json');
const err_info = require('../utils/err_info');
const {
check_acl
} = require('../utils/check_acl');
const _extend = require('./extend');
const _base = require('./base');
Object.defineProperty(exports, "__esModule", { value: true });
const mq = require("mq");
const http = require("http");
const json = require("json");
const err_info_1 = require("../utils/err_info");
const check_acl_1 = require("../utils/check_acl");
const _extend = require("./extend");
const _base = require("./base");
const _slice = Array.prototype.slice;
exports.bind = (app) => {
var pool = app.db;
app.api = {};
function fill_error(req, e) {
var code = e.error.code;
req.response.statusCode = code / 10000;

@@ -27,18 +21,13 @@ req.response.json({

}
function _(req, classname, func) {
const _ = function (req, classname, ...args) {
var arglen = arguments.length;
var earg = _slice.call(arguments, 2, arglen - 1);
func = arguments[arglen - 1];
pool(db => {
var func = arguments[arglen - 1];
pool((db) => {
var data;
// check empty data
if (req.length == 0 && func.length === arglen + 1)
return fill_error(req,
err_info(4000001, {
method: req.method
}));
return fill_error(req, err_info_1.default(4000001, {
method: req.method
}));
// decode json data

@@ -48,14 +37,12 @@ if (req.length > 0)

data = req.json();
} catch (e) {
return fill_error(req, err_info(4000002));
}
catch (e) {
return fill_error(req, err_info_1.default(4000002));
}
// check classname
const cls = db.models[classname];
if (cls === undefined)
return fill_error(req,
err_info(4040001, {
classname: classname
}));
return fill_error(req, err_info_1.default(4040001, {
classname: classname
}));
var _req = {

@@ -66,3 +53,2 @@ session: req.session,

};
var where = _req.query.where;

@@ -72,14 +58,14 @@ if (where !== undefined)

_req.query.where = json.decode(where);
} catch (e) {
return fill_error(req, err_info(4000003));
}
catch (e) {
return fill_error(req, err_info_1.default(4000003));
}
var keys = _req.query.keys;
if (keys !== undefined)
if (keys !== undefined && typeof keys === 'string')
_req.query.keys = keys.split(',');
var result;
try {
result = func.apply(undefined, [_req, db, cls].concat(earg, [data]));
} catch (e) {
}
catch (e) {
console.error(e.stack);

@@ -93,4 +79,5 @@ if (e.type === 'validation') {

};
} else {
return fill_error(req, err_info(5000002, {
}
else {
return fill_error(req, err_info_1.default(5000002, {
function: "func",

@@ -106,27 +93,25 @@ classname: classname,

req.response.json(result.success);
} else
}
else
fill_error(req, result);
});
}
};
_base.bind(_, app);
_extend.bind(_, app);
app.post('/:classname/:func', (req, classname, func) => {
_(req, classname, (_req, db, cls, data) => {
if (!check_acl(_req.session, func, cls.ACL))
return err_info(4030001, {}, cls.cid);
if (!check_acl_1.check_acl(_req.session, func, cls.ACL))
return err_info_1.default(4030001, {}, cls.cid);
const f = cls.functions[func];
if (f === undefined)
return err_info(4040004, {
return err_info_1.default(4040004, {
function: func,
classname: classname
}, cls.cid);
try {
return f(_req, data);
} catch (e) {
}
catch (e) {
console.error(e.stack);
return err_info(5000002, {
return err_info_1.default(5000002, {
function: func,

@@ -139,31 +124,29 @@ classname: classname,

});
app.post('/', (req) => {
if (req.firstHeader('Content-Type').split(';')[0] === 'application/graphql') {
pool(db => {
pool((db) => {
var data = "";
try {
data = req.data.toString();
} catch (e) {}
}
catch (e) { }
req.response.json(db.graphql(data, req));
});
} else {
}
else {
var querys;
try {
querys = req.json().requests;
} catch (e) {
return fill_error(req, err_info(4000002));
}
catch (e) {
return fill_error(req, err_info_1.default(4000002));
}
if (!Array.isArray(querys))
return fill_error(req, err_info(4000004));
return fill_error(req, err_info_1.default(4000004));
var results = querys.map(q => {
var r = new http.Request();
r.method = q.method;
var a = q.path.split('?');
r.address = r.value = a[0];
r.queryString = a[1];
r.session = req.session;

@@ -173,3 +156,2 @@ if (q.body)

mq.invoke(app, r);
var p = r.response;

@@ -185,3 +167,2 @@ if (p.statusCode / 100 !== 2)

});
req.response.json(results);

@@ -188,0 +169,0 @@ }

82

lib/db.js

@@ -1,11 +0,9 @@

const Pool = require('fib-pool');
const orm = require('fib-orm');
const util = require('util');
const graphql = require('./classes/graphql');
const coroutine = require('coroutine');
const uuid = require('uuid');
var slice = Array.prototype.slice;
module.exports = (app, url, opts) => {
Object.defineProperty(exports, "__esModule", { value: true });
const orm = require("fib-orm");
const uuid = require("uuid");
const coroutine = require("coroutine");
const Pool = require("fib-pool");
const graphql_1 = require("./classes/graphql");
const slice = Array.prototype.slice;
exports.default = (app, url, opts) => {
var defs = [];

@@ -16,12 +14,9 @@ opts = opts || {};

var use_uuid = opts.uuid;
var db = Pool({
create: () => {
const db = orm.connectSync(url);
var _define = db.define;
create: function () {
var odb = orm.connectSync(url);
var _define = odb.define;
var cls_id = 1;
db.define = function (name, properties, orm_define_opts) {
odb.define = function (name, properties, orm_define_opts) {
var old_properties = properties;
if (use_uuid)

@@ -35,27 +30,18 @@ properties = {

};
for (var k in old_properties)
if (k !== 'id')
properties[k] = old_properties[k];
if (properties.createdAt === undefined)
properties.createdAt = {};
properties.createdAt.type = 'date';
properties.createdAt = { type: 'date' };
properties.createdAt.time = true; //change the field type to datetime in MySQL
if (properties.updatedAt === undefined)
properties.updatedAt = {};
properties.updatedAt.type = 'date';
properties.updatedAt = { type: 'date' };
properties.updatedAt.time = true; //change the field type to datetime in MySQL
var m = _define.call(this, name, properties, orm_define_opts);
m.cid = cls_id++;
Object.defineProperty(m, 'model_name', {
value: name
});
var _beforeCreate;
var _beforeSave;
if (orm_define_opts !== undefined) {

@@ -66,3 +52,2 @@ if (orm_define_opts.hooks !== undefined) {

}
m.functions = orm_define_opts.functions;

@@ -72,3 +57,2 @@ m.ACL = orm_define_opts.ACL;

}
if (m.ACL === undefined)

@@ -85,9 +69,6 @@ m.ACL = {

};
m.beforeCreate(function (next) {
this.updatedAt = this.createdAt = new Date();
if (use_uuid)
this.id = uuid.snowflake().hex();
if (_beforeCreate) {

@@ -98,6 +79,4 @@ if (_beforeCreate.length > 0)

}
next();
});
m.beforeSave(function (next) {

@@ -108,3 +87,2 @@ if (this.__opts.changes.length > 0) {

}
if (_beforeSave) {

@@ -115,8 +93,5 @@ if (_beforeSave.length > 0)

}
next();
});
m.extends = {};
var _hasOne = m.hasOne;

@@ -128,9 +103,6 @@ m.hasOne = function (name, model, orm_hasOne_opts) {

};
if (orm_hasOne_opts !== undefined && orm_hasOne_opts.reversed)
m.extends[name].reversed = true;
return _hasOne.apply(this, slice.call(arguments));
}
};
var _hasMany = m.hasMany;

@@ -142,22 +114,18 @@ m.hasMany = function (name, model) {

};
return _hasMany.apply(this, slice.call(arguments));
}
};
return m;
}
defs.forEach(def => def(db));
};
defs.forEach(def => def(odb));
sync_lock.acquire();
try {
if (!syned) {
db.syncSync();
odb.syncSync();
syned = true;
}
} finally {
}
finally {
sync_lock.release();
}
return graphql(app, db);
return graphql_1.default(app, odb);
},

@@ -168,6 +136,4 @@ maxsize: opts.maxsize,

});
db.use = def => defs = defs.concat(def);
db.use = (def) => defs = defs.concat(def);
return db;
};
};

148

lib/utils/check_acl.js

@@ -1,72 +0,98 @@

var util = require('util');
/// <reference path="../../@types/acl.d.ts" />
/// <reference path="../../@types/req.d.ts" />
/// <reference path="../../@types/common.d.ts" />
Object.defineProperty(exports, "__esModule", { value: true });
const util = require("util");
const orm = require("orm");
/**
* funnel style functions
*/
exports.check_acl = function (session, act, acl, extend) {
var aa = undefined;
var aclAct = undefined;
/**
*
* @param _acl_role type of _acl_role is one description item in RoleActDescriptionHash's ACLPermissionBooleanOrArrayType
*
* @returns undefined | boolean
*/
function _check_acl_act(_acl_role) {
if (_acl_role === undefined)
return;
/*
{
'1234': true
}
first, check whether _acl_role is ACLPermissionBooleanOrArrayType
{
'read': true,
'create': ['field1', 'field2', 'field3', ...]
}
*/
if (_acl_role === false || _acl_role === true || Array.isArray(_acl_role)) {
aa = _acl_role;
aclAct = _acl_role;
return true;
}
/*
{
'1234': {
'read': true
now,
- _acl_role is (should be) RoleActDescriptionHash
- act made sense, (expected to be) RoleKeyInRoleActDescriptionHash
check whether AClPermissionDescriptorKey `act` exists.
{
'role1234': {
'read': true
}
}
}
*/
aa = _acl_role[act];
if (aa !== undefined)
aclAct = _acl_role[act];
if (aclAct !== undefined)
return true;
/*
{
'1234': {
'*': true
check whether AClPermissionDescriptorKey '*' exists.
{
'role1234': {
'*': true
}
}
}
*/
aa = _acl_role['*'];
if (aa !== undefined)
aclAct = _acl_role['*'];
if (aclAct !== undefined)
return true;
}
/**
* in `_check_acl_role`, no matter how arg `_act_role` is,
* it finally led to one explicit **arg** with type 'ArgAclRoleValueTypeWhenCheck(ACLPermissionBooleanOrArrayType)',
*
* then, return the the **result** `_check_acl_act(arg)`
*
* @param _acl_role
*
* @returns ArgAclRoleValueTypeWhenCheck
*/
function _check_acl_role(_acl_role) {
if (_acl_role === undefined)
return;
/* now, _acl_role is(should be) ArgAclRoleValueTypeWhenCheck */
if (extend === undefined)
return _check_acl_act(_acl_role);
/* now, _acl_role is(should be) ACLRoleVarHostType */
var exts = _acl_role.extends;
if (exts !== undefined) {
/*
{
'1234': {
'extends': {
'ext': {}
check whether AClPermissionDescriptorKey `extend` exists in parent-AClPermissionDescriptor's 'extends' hash.
{
'1234': {
'extends': {
'ext': {}
}
}
}
}
*/
if (_check_acl_act(exts[extend]))
return true;
/*
{
'1234': {
'extends': {
'*': {}
check whether AClPermissionDescriptorKey `*` exists in parent-AClPermissionDescriptor's 'extends' hash.
{
'1234': {
'extends': {
'*': {}
}
}
}
}
*/

@@ -76,23 +102,20 @@ return _check_acl_act(exts['*']);

}
if (util.isFunction(acl))
if (util.isFunction(acl)) {
acl = acl(session);
}
if (acl === null || acl === undefined)
return;
/*
{
'1234': {}
}
{
'1234': {}
}
*/
if (_check_acl_role(acl[session.id]))
return aa;
return aclAct;
/*
{
'roles': {
'r1': {}
{
'roles': {
'r1': {}
}
}
}
*/

@@ -102,10 +125,8 @@ var roles = session.roles;

var role_acls = acl.roles;
if (role_acls !== undefined) {
for (var i = roles.length - 1; i >= 0; i--)
if (_check_acl_role(role_acls[roles[i]]))
return aa;
return aclAct;
}
}
/*

@@ -117,36 +138,25 @@ {

if (_check_acl_role(acl['*']))
return aa;
return aclAct;
return;
}
};
exports.check_obj_acl = function (session, act, obj, extend) {
var cls = obj.model();
var acl;
var _oacl = cls.OACL;
if (util.isFunction(_oacl))
_oacl = _oacl.call(obj, session);
acl = exports.check_acl(session, act, _oacl, extend);
if (acl === undefined)
acl = exports.check_acl(session, act, cls.ACL, extend);
if (act === 'read' && Array.isArray(acl))
acl = acl.concat(Object.keys(cls.extends));
return acl;
}
};
exports.check_robj_acl = function (session, act, obj, robj, extend) {
var cls = obj.model();
var rcls = robj.model();
var acl;
var _oacl = rcls.OACL;
if (util.isFunction(_oacl))
_oacl = _oacl.call(robj, session);
acl = exports.check_acl(session, act, _oacl);

@@ -157,7 +167,5 @@ if (acl === undefined)

acl = exports.check_acl(session, act, rcls.ACL);
if (act === 'read' && Array.isArray(acl))
acl = acl.concat(Object.keys(rcls.extends));
return acl;
}
};

22

lib/utils/convert_where.js

@@ -0,4 +1,4 @@

Object.defineProperty(exports, "__esModule", { value: true });
const orm = require('fib-orm');
const util = require('util');
const ops = {

@@ -15,7 +15,5 @@ "like": orm.like,

};
var convert_where = module.exports = function (where) {
var convert_where = function (where) {
var where1 = {};
var or = where["or"];
if (util.isArray(or)) {

@@ -25,6 +23,4 @@ where1["or"] = or.map(o => convert_where(o));

}
for (var k in where) {
var v = where[k];
if (util.isArray(v))

@@ -36,3 +32,2 @@ where1[k] = v;

var op = keys[0];
if (op === "between") {

@@ -42,7 +37,9 @@ var as = v[op];

where1[k] = orm.between(as[0], as[1]);
} else if (op === "not_between") {
}
else if (op === "not_between") {
var as = v[op];
if (util.isArray(as))
where1[k] = orm.not_between(as[0], as[1]);
} else if (op === "in")
}
else if (op === "in")
where1[k] = v[op];

@@ -52,7 +49,8 @@ else if (ops[op])

}
} else
}
else
where1[k] = v;
}
return where1;
};
};
exports.default = convert_where;

16

lib/utils/diagram.js

@@ -0,11 +1,9 @@

Object.defineProperty(exports, "__esModule", { value: true });
var Viz = require('viz.js');
module.exports = function () {
function default_1() {
var models = [];
var exts = [];
this.db(db => {
var m, m1;
var ks;
for (var name in db.models) {

@@ -17,12 +15,10 @@ m = db.models[name];

}
models.push(`${m.model_name} [tooltip="${m.model_name}", label="{${m.model_name}|${ks.join('\\l')}\\l}"];`);
for (var e in m.extends) {
m1 = m.extends[e];
one = m1.type === "hasOne" && !m1.reversed;
exts.push(`${m.model_name} -> ${m1.model.model_name} [label=${e} ${one?"arrowhead=empty":""}];`);
var one = m1.type === "hasOne" && !m1.reversed;
exts.push(`${m.model_name} -> ${m1.model.model_name} [label=${e} ${one ? "arrowhead=empty" : ""}];`);
}
}
});
var dot = `

@@ -37,6 +33,6 @@ digraph

}`;
return Viz(dot, {
"engine": "dot"
});
}
}
exports.default = default_1;

31

lib/utils/err_info.js

@@ -0,1 +1,2 @@

Object.defineProperty(exports, "__esModule", { value: true });
var infos = {

@@ -13,12 +14,17 @@ "4000001": "${method} request don't send any data.",

};
function APPError(code, message, cls) {
Error.call(this);
Error.captureStackTrace(this, this.constructor);
this.message = message;
this.code = code;
this.cls = cls;
class APPError extends Error {
constructor(code, message, cls) {
super();
this.name = 'APPError';
Error.call(this);
Error.captureStackTrace(this, this.constructor);
this.message = message;
this.code = code;
this.cls = cls;
}
toString() {
return this.code + ': ' + this.message;
}
}
exports.APPError = APPError;
APPError.prototype = Object.create(Error.prototype);

@@ -29,6 +35,5 @@ APPError.prototype.constructor = APPError;

return this.code + ': ' + this.message;
}
module.exports = (code, data, cls) => ({
};
exports.default = (code, data, cls) => ({
error: new APPError(code, infos[code].replace(/\${(.+?)}/g, (s1, s2) => data[s2]), cls)
});
});

51

lib/utils/filter.js

@@ -1,20 +0,17 @@

const util = require('util');
const {
check_obj_acl,
check_robj_acl
} = require('./check_acl');
Object.defineProperty(exports, "__esModule", { value: true });
const util = require("util");
const check_acl_1 = require("./check_acl");
exports.filter = function (obj, keys, keys1) {
if (Array.isArray(keys)) {
if (Array.isArray(keys1))
keys = util.intersection(keys, keys1)
} else if (Array.isArray(keys1))
keys = keys1
if (!Array.isArray(keys))
if (Array.isArray(keys1)) {
keys = util.intersection(keys, keys1);
}
}
else if (Array.isArray(keys1)) {
keys = keys1;
}
if (!Array.isArray(keys)) {
return obj;
}
var ekeys = util.difference(Object.keys(obj), keys);
ekeys.forEach(k => {

@@ -26,28 +23,28 @@ obj[k] = undefined;

};
exports.filter_ext = function (session, obj) {
var cls = obj.model();
function _do_ext(robj, extend) {
var acl = check_robj_acl(session, 'read', obj, robj, extend);
if (!acl)
var acl = check_acl_1.check_robj_acl(session, 'read', obj, robj, extend);
if (!acl) {
return undefined;
}
return exports.filter(exports.filter_ext(session, robj), acl);
}
for (var k in cls.extends) {
var robj = obj[k];
if (robj !== undefined) {
if (Array.isArray(robj)) {
if (check_obj_acl(session, 'find', obj, k))
if (check_acl_1.check_obj_acl(session, 'find', obj, k)) {
obj[k] = robj.map(r => _do_ext(r, k));
else obj[k] = undefined;
} else
}
else {
obj[k] = undefined;
}
}
else {
obj[k] = _do_ext(robj, k);
}
}
}
return obj;
}
};

44

lib/utils/find.js

@@ -1,26 +0,16 @@

const json = require('json');
const convert_where = require('./convert_where');
const {
check_obj_acl,
check_robj_acl
} = require('./check_acl');
const {
filter,
filter_ext
} = require('./filter');
module.exports = function (req, exec, bobj, extend) {
Object.defineProperty(exports, "__esModule", { value: true });
const convert_where_1 = require("./convert_where");
const check_acl_1 = require("./check_acl");
const filter_1 = require("./filter");
function default_1(req, exec, bobj, extend) {
var query = req.query;
var keys = query.keys;
if (keys !== undefined)
exec = exec.only(keys);
var where = query.where;
if (where !== undefined)
where = convert_where(where);
else where = {};
where = convert_where_1.default(where);
else
where = {};
var exec = exec.where(where);
var skip = +query.skip;

@@ -30,3 +20,2 @@ if (isNaN(skip) || skip < 0)

exec = exec.offset(skip);
var limit = +query.limit;

@@ -36,7 +25,5 @@ if (isNaN(limit) || limit < 0 || limit > 1000)

exec = exec.limit(limit);
var order = query.order;
if (order !== undefined)
exec = exec.order(order);
// avoid extra find action such as `exec.allSync()`

@@ -48,13 +35,11 @@ var objs = [];

objs = objs.map(obj => {
var a
var a;
if (extend !== undefined)
a = check_robj_acl(req.session, 'read', bobj, obj, extend);
a = check_acl_1.check_robj_acl(req.session, 'read', bobj, obj, extend);
else
a = check_obj_acl(req.session, 'read', obj);
a = check_acl_1.check_obj_acl(req.session, 'read', obj);
if (!a)
return null;
return filter(filter_ext(req.session, obj), keys, a);
return filter_1.filter(filter_1.filter_ext(req.session, obj), keys, a);
});
if (query.count == 1)

@@ -65,4 +50,5 @@ return {

};
return objs;
};
}
exports.default = default_1;
;

45

lib/utils/get.js

@@ -0,8 +1,6 @@

/// <reference path="../../@types/index.d.ts" />
Object.defineProperty(exports, "__esModule", { value: true });
const util = require('util');
const err_info = require('../utils/err_info');
const {
check_obj_acl,
check_robj_acl
} = require('./check_acl');
const err_info_1 = require("../utils/err_info");
const { check_obj_acl, check_robj_acl } = require('./check_acl');
exports._get = function (cls, id, session, act) {

@@ -14,28 +12,22 @@ var obj = {

};
if (obj.data === null)
return err_info(4040002, {
return err_info_1.default(4040002, {
id: id,
classname: cls.model_name
}, cls.cid);
if (act) {
var acl = check_obj_acl(session, act, obj.data);
if (!acl)
return err_info(4030001, {}, cls.cid);
return err_info_1.default(4030001, {}, cls.cid);
obj.acl = acl;
}
return obj;
};
exports._eget = function (cls, id, extend, rid, session, act) {
var rel_model = cls.extends[extend];
if (rel_model === undefined)
return err_info(4040001, {
return err_info_1.default(4040001, {
classname: extend
}, cls.cid);
var obj;
if (util.isObject(id)) {

@@ -46,3 +38,4 @@ obj = {

id = id.id;
} else {
}
else {
obj = {

@@ -53,5 +46,4 @@ data: cls.find().where({

};
if (obj.data === null)
return err_info(4040002, {
return err_info_1.default(4040002, {
id: id,

@@ -61,5 +53,3 @@ classname: cls.model_name

}
var __opt;
if (rel_model.type === 'hasOne') {

@@ -73,3 +63,3 @@ if (rel_model.reversed)

else if (rid != rid1)
return err_info(4040002, {
return err_info_1.default(4040002, {
id: rid,

@@ -80,5 +70,5 @@ classname: `${cls.model_name}.${extend}`

}
} else
}
else
__opt = obj.data[obj.data.__opts.many_associations.find(a => a.name === extend).getAccessor].call(obj.data);
var robj = {

@@ -90,17 +80,14 @@ base: obj.data,

};
if (robj.data === null)
return err_info(4040002, {
return err_info_1.default(4040002, {
id: rid,
classname: `${cls.model_name}.${extend}`
}, rel_model.model.cid);
if (act) {
var acl = check_robj_acl(session, act, obj.data, robj.data, extend);
if (!acl)
return err_info(4030001, {}, rel_model.model.cid);
return err_info_1.default(4030001, {}, rel_model.model.cid);
robj.acl = acl;
}
return robj;
};
};

24

package.json
{
"name": "fib-app",
"version": "1.10.0",
"version": "1.11.0",
"description": "",
"main": "lib/app",
"types": "@types/index.d.ts",
"scripts": {
"test": "fibjs ./demo/test/index.js"
"build": "fibjs ./build.js",
"test": "fibjs ./demo/test/index.js",
"ci": "fibjs ./demo/test/index.js"
},

@@ -13,4 +16,4 @@ "author": "",

"fib-graphql": "^1.0.0",
"fib-orm": "^1.2.0",
"fib-pool": "^1.3.0",
"fib-types": "^1.0.1",
"graphql-iso-date": "^3.4.0",

@@ -20,6 +23,19 @@ "graphql-type-json": "^0.1.4"

"devDependencies": {
"@fibjs/ci": "^2.0.0",
"@types/fibjs": "github:fibjs/fib-types#v1.0.4",
"fib-orm": "^1.4.2",
"fib-push": "^1.0.0",
"fib-session": "^0.1.1",
"fib-typify": "^0.1.2",
"viz.js": "1.8.0"
},
"ci": {
"type": "travis",
"version": [
"0.21.0",
"0.22.0",
"0.23.0",
"0.24.0"
]
}
}
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc