rhases-nodejs-commons - npm Package Compare versions

Comparing version 0.2.10 to 0.2.11

CHANGELOG.md

@@ -5,2 +5,7 @@ # Change Log
 
+<a name="0.2.11"></a>
+## [0.2.11](https://github.com/rhases/rhases-nodejs-commons/compare/v0.2.10...v0.2.11) (2017-09-29)
+
+
+
 <a name="0.2.10"></a>
@@ -7,0 +12,0 @@ ## [0.2.10](https://github.com/rhases/rhases-nodejs-commons/compare/v0.2.9...v0.2.10) (2017-09-26)

dist/crud/access-control-base.controller.d.ts

@@ -0,15 +1,17 @@
+import { Promise } from 'q';
 import { CrudAccessControl } from './access-control.authorization';
-import { Request, Response } from 'express';
+import { Response } from 'express';
 import { Model, Document } from 'mongoose';
 export declare class AccessControlBaseController {
     private model;
-    ac: CrudAccessControl;
+    promisedAc: Promise<CrudAccessControl>;
     constructor(model: Model<Document>, grants: any);
-    create(req: Request, res: Response): void;
-    find(req: any, res: Response): void;
-    findById(req: Request, res: Response): void;
-    update(req: Request, res: Response): void;
-    patch(req: Request, res: Response): void;
-    remove(req: Request, res: Response, model: Model<Document>): void;
+    create(req: any, res: Response): void;
+    find(req: any, res: Response, exQueryBuilder?: any): void;
+    findById(req: any, res: Response): void;
+    update(req: any, res: Response): void;
+    patch(req: any, res: Response): void;
+    remove(req: any, res: Response): void;
+    private findBydId(id, user, permission);
     private entityFromBody(req);
 }

dist/crud/access-control-base.controller.js

@@ -5,6 +5,9 @@ "use strict";
 var Q = require('q');
-var access_control_authorization_1 = require("./access-control.authorization");
+var _ = require('lodash');
+var access_control_with_organizations_authorization_1 = require("./access-control-with-organizations.authorization");
 var controller_utils_1 = require("../utils/controller.utils");
 var entity_utils_1 = require("../utils/entity.utils");
 var base_query_builder_1 = require("../utils/base.query-builder");
+var promise_grants_utils_1 = require("../utils/promise-grants.utils");
+var functions_utils_1 = require("../utils/functions.utils");
 var AccessControlBaseController = /** @class */ (function () {
@@ -15,3 +18,3 @@ function AccessControlBaseController(model, grants) {
         grants.forEach(function (grant) { grant.resource = grant.resource || _resource; });
-        this.ac = new access_control_authorization_1.CrudAccessControl(_resource, grants);
+        this.promisedAc = access_control_with_organizations_authorization_1.crudAccessControlWithOrgRolesFactory(_resource, grants);
         logger_1.default.debug("inited access control for " + _resource);
@@ -21,74 +24,78 @@ }
         var self = this;
-        self.ac.checkCreate(req)
-            .then(function (check) {
-            return self.entityFromBody(req)
-                .then(check.setBeforeUpdate)
-                .then(entity_utils_1.createEntity(self.model))
-                .then(check.filterAfterQuery);
-        })
-            .then(controller_utils_1.respondWithResult(res))
-            .catch(controller_utils_1.handleError(res));
+        controller_utils_1.baseHandle(req, res, self.promisedAc, 'create', function (permission, user) {
+            return Q.when()
+                .then(self.entityFromBody(req))
+                .then(promise_grants_utils_1.ifGrantedForUser(permission, entity_utils_1.setUserOwner(user)))
+                .then(promise_grants_utils_1.ifGrantedForOrganization(permission, entity_utils_1.setOrganizationOwner(user)))
+                .then(entity_utils_1.createEntity(self.model));
+        });
     };
-    AccessControlBaseController.prototype.find = function (req, res) {
+    AccessControlBaseController.prototype.find = function (req, res, exQueryBuilder) {
         var self = this;
-        self.ac.checkRead(req)
-            .then(function (check) {
-            return base_query_builder_1.createQueryExecutor(self.model, check.applyQueryRestriction)
-                .then(base_query_builder_1.execFindAndCound(req.query, res))
-                .then(check.filterAfterQuery);
-        })
-            .then(controller_utils_1.respondWithResult(res))
-            .catch(controller_utils_1.handleError(res));
+        controller_utils_1.baseHandle(req, res, self.promisedAc, 'read', function (permission, user) {
+            return Q.when()
+                .then(function () {
+                return function (query) {
+                    return functions_utils_1.now(query)
+                        .then(promise_grants_utils_1.ifGrantedForUser(permission, base_query_builder_1.restrictByUserOwner(req.user)))
+                        .then(promise_grants_utils_1.ifGrantedForOrganization(permission, base_query_builder_1.restrictByOrganizationOwner(req.user)))
+                        .then(promise_grants_utils_1.ifDefined(exQueryBuilder))
+                        .then(function (param) {
+                        logger_1.default.trace("query: " + param);
+                        return param;
+                    })
+                        .value();
+                };
+            })
+                .then(base_query_builder_1.createQueryExecutor(self.model))
+                .then(base_query_builder_1.execFindAndCount(req.query, res));
+        });
     };
     AccessControlBaseController.prototype.findById = function (req, res) {
         var self = this;
-        self.ac.checkRead(req)
-            .then(function (check) {
-            return base_query_builder_1.execFindByIdWithQueryBuilder(self.model, req.params.id, check.applyQueryRestriction)
-                .then(controller_utils_1.handleEntityNotFound(res))
-                .then(check.filterAfterQuery);
-        })
-            .then(controller_utils_1.respondWithResult(res))
-            .catch(controller_utils_1.handleError(res));
+        controller_utils_1.baseHandle(req, res, self.promisedAc, 'create', function (permission, user) {
+            return Q.when()
+                .then(self.findBydId(req.params.id, req.user, permission))
+                .then(controller_utils_1.handleEntityNotFound(res));
+        });
     };
     AccessControlBaseController.prototype.update = function (req, res) {
         var self = this;
-        self.ac.checkUpdate(req)
-            .then(function (check) {
-            return base_query_builder_1.execFindByIdWithQueryBuilder(self.model, req.params.id, check.applyQueryRestriction)
+        controller_utils_1.baseHandle(req, res, self.promisedAc, 'update', function (permission, user) {
+            return Q.when()
+                .then(self.findBydId(req.params.id, req.user, permission))
                 .then(controller_utils_1.handleEntityNotFound(res))
-                .then(entity_utils_1.applyUpdate(req.body))
-                .then(check.filterAfterQuery);
-        })
-            .then(controller_utils_1.respondWithResult(res))
-            .catch(controller_utils_1.handleError(res));
+                .then(entity_utils_1.applyUpdate(req.body));
+        });
     };
     AccessControlBaseController.prototype.patch = function (req, res) {
         var self = this;
-        self.ac.checkUpdate(req)
-            .then(function (check) {
-            return base_query_builder_1.execFindByIdWithQueryBuilder(self.model, req.params.id, check.applyQueryRestriction)
+        controller_utils_1.baseHandle(req, res, self.promisedAc, 'update', function (permission, user) {
+            return Q.when()
+                .then(self.findBydId(req.params.id, req.user, permission))
                 .then(controller_utils_1.handleEntityNotFound(res))
-                .then(entity_utils_1.applyPatch(req.body))
-                .then(check.filterAfterQuery);
-        })
-            .then(controller_utils_1.respondWithResult(res))
-            .catch(controller_utils_1.handleError(res));
+                .then(entity_utils_1.applyPatch(req.body));
+        });
     };
-    AccessControlBaseController.prototype.remove = function (req, res, model) {
-        //contruct query
+    AccessControlBaseController.prototype.remove = function (req, res) {
         var self = this;
-        self.ac.checkUpdate(req)
-            .then(function (check) {
-            return base_query_builder_1.execFindByIdWithQueryBuilder(self.model, req.params.id, check.applyQueryRestriction)
+        controller_utils_1.baseHandle(req, res, self.promisedAc, 'delete', function (permission, user) {
+            return Q.when()
+                .then(self.findBydId(req.params.id, user, permission))
                 .then(controller_utils_1.handleEntityNotFound(res))
                 .then(entity_utils_1.removeEntity())
                 .then(controller_utils_1.successMessageResult());
-        })
-            .then(controller_utils_1.respondWithResult(res))
-            .catch(controller_utils_1.handleError(res));
+        });
     };
+    AccessControlBaseController.prototype.findBydId = function (id, user, permission) {
+        var self = this;
+        return function () {
+            return Q.when(self.model.findById(id));
+        };
+    };
     AccessControlBaseController.prototype.entityFromBody = function (req) {
-        var entity = req.body;
-        return Q.when(entity);
+        return function () {
+            var entity = req.body;
+            return entity;
+        };
     };
@@ -95,0 +102,0 @@ return AccessControlBaseController;

dist/crud/access-control.authorization.d.ts

 import { AccessControl, Permission } from 'accesscontrol';
-import { DocumentQuery } from 'mongoose';
 export declare class CrudAccessControl {
@@ -8,17 +7,9 @@ private resource;
     constructor(resource: string, grants: any);
-    checkCreate(req: any): Promise<Check>;
-    checkRead(req: any): Promise<Check>;
-    checkUpdate(req: any): Promise<Check>;
-    checkDelete(req: any): Promise<Check>;
-    baseCheck(req: any, op: any, accessAnyCallback: (check: Check, access: any) => Check, accessOwnCallback: (check: Check, access: any) => Check): Promise<Check>;
-    setOwner(req: any): (any) => any;
-    filterAfterQuery(permission: Permission): (any) => any;
-    restrictByUserOrOrganizationOwner(req: any): (query: any) => DocumentQuery<any, any>;
+    check(user: any, op: string): ExPermission;
+    getOrgRoles(user: any): any[];
 }
-export declare class Check {
-    isGranted: boolean;
-    applyQueryRestriction: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>;
-    setBeforeUpdate: (any) => any;
-    filterAfterQuery: (any) => any;
-    constructor(isGranted?: boolean, applyQueryRestriction?: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>, setBeforeUpdate?: (any) => any, filterAfterQuery?: (any) => any);
+export interface ExPermission extends Permission {
+    type: string;
+    for: string;
+    allRoles: Array<string>;
 }

dist/crud/access-control.authorization.js

 'use strict';
 Object.defineProperty(exports, "__esModule", { value: true });
-var logger_1 = require("../logger");
 var accesscontrol_1 = require("accesscontrol");
-var createError = require('http-errors');
-var Q = require('q');
 var CrudAccessControl = /** @class */ (function () {
@@ -13,110 +10,45 @@ function CrudAccessControl(resource, grants) {
     }
-    CrudAccessControl.prototype.checkCreate = function (req) {
-        var self = this;
-        return this.baseCheck(req, 'create', function (check, access) {
-            return check;
-        }, function (check, access) {
-            logger_1.default.debug(req);
-            check.setBeforeUpdate = self.setOwner(req);
-            return check;
-        });
-    };
-    CrudAccessControl.prototype.checkRead = function (req) {
-        var self = this;
-        return this.baseCheck(req, 'read', function (check, access) {
-            return check;
-        }, function (check, access) {
-            check.applyQueryRestriction = self.restrictByUserOrOrganizationOwner(req);
-            return check;
-        });
-    };
-    CrudAccessControl.prototype.checkUpdate = function (req) {
-        var self = this;
-        return this.baseCheck(req, 'update', function (check, access) {
-            return check;
-        }, function (check, access) {
-            check.applyQueryRestriction = self.restrictByUserOrOrganizationOwner(req);
-            return check;
-        });
-    };
-    CrudAccessControl.prototype.checkDelete = function (req) {
-        return this.baseCheck(req, 'delete', function (check, access) {
-            return check;
-        }, function (check, access) {
-            check.applyQueryRestriction = this.restrictByUserOrOrganizationOwner(req);
-            return check;
-        });
-    };
-    CrudAccessControl.prototype.baseCheck = function (req, op, accessAnyCallback, accessOwnCallback) {
-        logger_1.default.debug(op + ":" + this.resource);
-        logger_1.default.debug(req);
-        logger_1.default.debug(req.user);
-        logger_1.default.debug(req.user.roles);
-        var defer = Q.defer();
-        var query = this.ac.can(req.user.roles);
-        var accessAny = query[op + 'Any'](this.resource);
-        var check = new Check();
-        if (accessAny.granted) {
-            //any permission
-            check.isGranted = true;
-            check.filterAfterQuery = this.filterAfterQuery(accessAny);
-            logger_1.default.trace('granted access any');
-            defer.resolve(accessAnyCallback(check, accessAny));
+    CrudAccessControl.prototype.check = function (user, op) {
+        var _ac = this.ac;
+        //check for user any
+        var anyPermission = _ac.can(user.roles)[op + 'Any'](this.resource);
+        if (anyPermission.granted) {
+            anyPermission.type = 'any';
+            anyPermission.for = 'user';
+            return anyPermission;
         }
         else {
-            //own permission
-            var accessOwn = query[op + 'Own'](this.resource);
-            if (accessOwn.granted) {
-                check.isGranted = true;
-                check.filterAfterQuery = this.filterAfterQuery(accessOwn);
-                logger_1.default.trace('granted access own');
-                defer.resolve(accessOwnCallback(check, accessOwn));
+            //check for user own
+            var ownPermission = _ac.can(user.roles)[op + 'Own'](this.resource);
+            if (ownPermission.granted) {
+                ownPermission.type = 'own';
+                ownPermission.for = 'user';
+                return ownPermission;
             }
+            else {
+                //check for organization own
+                var orgRoles = this.getOrgRoles(user);
+                var permission = _ac.can(orgRoles)[op + 'Own'](this.resource);
+                if (permission.granted) {
+                    permission.type = 'own';
+                    permission.for = 'organization';
+                }
+                permission.allRoles = [];
+                permission.allRoles.push(user.roles);
+                permission.allRoles.push(orgRoles);
+                return permission;
+            }
         }
-        if (!check.isGranted) {
-            logger_1.default.warn('access denied.');
-            //no permission at all
-            defer.reject(createError(403, "user has no permission to " + op + " " + this.resource));
+    };
+    CrudAccessControl.prototype.getOrgRoles = function (user) {
+        var roles = [];
+        if (user.organization && user.organization.ref
+            && user.organization.ref.code) {
+            var org = user.organization;
+            roles.push(org.ref.code + ":" + org.role);
         }
-        return defer.promise;
+        return roles;
     };
-    CrudAccessControl.prototype.setOwner = function (req) {
-        return function (entity) {
-            entity.owner = { userId: req.user._id };
-            return entity;
-        };
-    };
-    CrudAccessControl.prototype.filterAfterQuery = function (permission) {
-        //return (toFilter) => permission.filter(toFilter);
-        return function (toFilter) { return toFilter; };
-    };
-    CrudAccessControl.prototype.restrictByUserOrOrganizationOwner = function (req) {
-        return function (query) {
-            return query.where("owner.userId").eq(req.user._id);
-            // return query.or([
-            //   { "owner.userId" : req.user._id},
-            //   { "owner.organizationId": req.user.organization_id },
-            // ]);
-        };
-    };
     return CrudAccessControl;
 }());
 exports.CrudAccessControl = CrudAccessControl;
-var Check = /** @class */ (function () {
-    function Check(isGranted, applyQueryRestriction, setBeforeUpdate, filterAfterQuery) {
-        this.isGranted = isGranted;
-        this.applyQueryRestriction = applyQueryRestriction;
-        this.setBeforeUpdate = setBeforeUpdate;
-        this.filterAfterQuery = filterAfterQuery;
-        function nop(param) {
-            //l.debug(`nop: ${JSON.stringify(param)}`);
-            return param;
-        }
-        this.isGranted = isGranted || false;
-        this.applyQueryRestriction = nop;
-        this.setBeforeUpdate = nop;
-        this.filterAfterQuery = nop;
-    }
-    return Check;
-}());
-exports.Check = Check;

dist/crud/access-control.authorization.spec.js

@@ -5,6 +5,5 @@ "use strict";
 var access_control_authorization_1 = require("./access-control.authorization");
-var logger_1 = require("../logger");
 describe('[Access Control]', function () {
     var accessControll;
-    var newVideo, myVideo, videoFromThirdPary, adminUser, normalUser, guestUser;
+    var newVideo, myVideo, videoFromThirdPary, adminUser, normalUser, organizationManager, guestUser;
     var queryMock;
@@ -20,3 +19,7 @@ accessControll = new access_control_authorization_1.CrudAccessControl('video', [
         { role: 'user', resource: 'video', action: 'update:own', attributes: ['*'] },
-        { role: 'user', resource: 'video', action: 'delete:own', attributes: ['*'] }
+        { role: 'user', resource: 'video', action: 'delete:own', attributes: ['*'] },
+        { role: '$organization:manager', resource: 'video', action: 'create:own', attributes: ['*'] },
+        { role: '$organization:manager', resource: 'video', action: 'read:any', attributes: ['*'] },
+        { role: '$organization:manager', resource: 'video', action: 'update:own', attributes: ['*'] },
+        { role: '$organization:manager', resource: 'video', action: 'delete:own', attributes: ['*'] }
     ]);
@@ -27,2 +30,10 @@ adminUser = {
     };
+    organizationManager = {
+        _id: '001',
+        roles: ['user'],
+        organization: {
+            ref: { code: 'vert' },
+            role: 'manager'
+        }
+    };
     normalUser = {
@@ -50,54 +61,24 @@ _id: '100',
     };
-    it('admin should be allowed to create video', function () {
-        var req = {
-            user: adminUser
-        };
-        return accessControll.checkCreate(req)
-            .then(function (check) {
-            chai_1.expect(check.isGranted).to.equal(true);
-            //do not overwrite owner
-            chai_1.expect(check.setBeforeUpdate(videoFromThirdPary).owner.userId).to.equal('301');
-        });
+    it('admin should be allowed to create video for any', function () {
+        var permission = accessControll.check(adminUser, 'read');
+        chai_1.expect(permission.granted).to.equal(true);
+        chai_1.expect(permission.for).to.equal('user');
+        chai_1.expect(permission.type).to.equal('any');
     });
     it('user should be allowed to create video of its own', function () {
-        var req = {
-            user: normalUser
-        };
-        return accessControll.checkCreate(req)
-            .then(function (check) {
-            chai_1.expect(check.isGranted).to.equal(true);
-            logger_1.default.trace(check.setBeforeUpdate(newVideo));
-            chai_1.expect(check.setBeforeUpdate(newVideo).owner.userId).to.equal('100');
-        });
+        var permission = accessControll.check(normalUser, 'create');
+        chai_1.expect(permission.granted).to.equal(true);
+        chai_1.expect(permission.for).to.equal('user');
+        chai_1.expect(permission.type).to.equal('own');
     });
+    //
     it('guest should not be allowed to create video', function () {
-        var req = {
-            user: guestUser
-        };
-        return accessControll.checkCreate(req)
-            .then(function (check) {
-            throw new Error('test failure');
-        }).catch(function (err) {
-            chai_1.expect(err.message).to.equal("user has no permission to create video");
-        });
+        var permission = accessControll.check(guestUser, 'create');
+        chai_1.expect(permission.granted).to.equal(false);
     });
+    //
     it('admin should be allowed to update any video', function () {
-        var req = {
-            user: adminUser
-        };
-        return accessControll.checkUpdate(req)
-            .then(function (check) {
-            chai_1.expect(check.isGranted).to.equal(true);
-            //expect(check.applyQueryRestriction({})).to.be.empty;
-        });
+        var permission = accessControll.check(adminUser, 'update');
+        chai_1.expect(permission.granted).to.equal(true);
     });
-    it('user should be allowed to update its own video', function () {
-        var req = {
-            user: normalUser
-        };
-        return accessControll.checkUpdate(req)
-            .then(function (check) {
-            chai_1.expect(check.isGranted).to.equal(true);
-        });
-    });
 });

dist/crud/base.controller.js

@@ -24,4 +24,5 @@ "use strict";
 function baseCtrlFindWithQueryBuilder(req, res, model, queryBuilder) {
-    base_query_builder_1.createQueryExecutor(model, queryBuilder)
-        .then(base_query_builder_1.execFindAndCound(req.query, res))
+    Q.when()
+        .then(base_query_builder_1.createQueryExecutor(model, queryBuilder))
+        .then(base_query_builder_1.execFindAndCount(req.query, res))
         .then(controller_utils_1.respondWithResult(res))
@@ -28,0 +29,0 @@ .catch(controller_utils_1.handleError(res));

dist/mongoose/owner.schema.js

@@ -6,3 +6,3 @@ 'use strict';
     return new mongoose.Schema({
-        organizationId: String,
+        organizationCode: String,
         userId: String // email
@@ -9,0 +9,0 @@ }, { _id: false });

dist/utils/base.query-builder.d.ts

 import { Model, Document, DocumentQuery } from 'mongoose';
 import { Response } from 'express';
 export declare function setBasicQueries(schema: any): any;
-export declare function createQueryExecutor(model: Model<Document>, queryBuilder: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>): any;
-export declare function execFindAndCound(query: any, res: Response): (queryExecutor: any) => any;
+export declare function createQueryExecutor(model: Model<Document>, _queryBuilder?: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>): (__queryBuilder?: any) => any;
+export declare function execFindAndCount(query: any, res: Response): (queryExecutor: any) => any;
 export declare function execCount(model: Model<Document>, queryBuilder: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>): Promise<any>;
 export declare function execFind(model: Model<Document>, queryBuilder: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>, sortBy: string, currentPage: number, perPage: number): Promise<any>;
-export declare function execFindByIdWithQueryBuilder(model: Model<Document>, id: any, queryBuilder: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>): Promise<any>;
+export declare function execQuery(dQuery: DocumentQuery<any, any>): Promise<any>;
+export declare function createFindByIdQuery(model: Model<Document>, id: any): () => DocumentQuery<Document, Document>;
+export declare function execFindByIdWithQueryBuilder(model: Model<Document>, id: any): (queryBuilder: (query: DocumentQuery<any, any>) => DocumentQuery<any, any>) => Promise<any>;
+export declare function restrictByUserOwner(user: any): (query: DocumentQuery<any, any>) => DocumentQuery<any, any>;
+export declare function restrictByOrganizationOwner(user: any): (query: DocumentQuery<any, any>) => DocumentQuery<any, any>;

dist/utils/base.query-builder.js

@@ -5,2 +5,3 @@ 'use strict';
 var Q = require('q');
+var functions_utils_1 = require("./functions.utils");
 function setBasicQueries(schema) {
@@ -16,16 +17,22 @@ schema.query.byUser = function (user) {
 //export var TicketSchema;
-function createQueryExecutor(model, queryBuilder) {
+function createQueryExecutor(model, _queryBuilder) {
     var self = this;
-    var executor = {};
-    executor.execCount = function () {
-        return self.execCount(model, queryBuilder);
+    return function (__queryBuilder) {
+        //query builder func could be setted as param internal, external or both.
+        var queryBuilder = functions_utils_1.concatFunctions(_queryBuilder, __queryBuilder);
+        var executor = {};
+        executor.execCount = function () {
+            return self.execCount(model, queryBuilder);
+        };
+        executor.execFind = function (sortBy, currentPage, perPage) {
+            return self.execFind(model, queryBuilder, sortBy, currentPage, perPage);
+        };
+        logger_1.default.trace('query executor created');
+        return executor;
     };
-    executor.execFind = function (sortBy, currentPage, perPage) {
-        return self.execFind(model, queryBuilder, sortBy, currentPage, perPage);
-    };
-    return Q.when(executor);
 }
 exports.createQueryExecutor = createQueryExecutor;
-function execFindAndCound(query, res) {
+function execFindAndCount(query, res) {
     return function (queryExecutor) {
+        logger_1.default.trace("executing find and count " + queryExecutor);
         var sortBy = query.sort;
@@ -42,6 +49,7 @@ var currentPage = query.page || 1;
 }
-exports.execFindAndCound = execFindAndCound;
+exports.execFindAndCount = execFindAndCount;
 //Query utils
 function execCount(model, queryBuilder) {
     logger_1.default.info(queryBuilder, model.collection.collectionName + ".execCount()");
+    logger_1.default.trace(typeof queryBuilder);
     return queryBuilder(model.count(null)).exec();
@@ -62,7 +70,30 @@ }
 exports.execFind = execFind;
-function execFindByIdWithQueryBuilder(model, id, queryBuilder) {
-    var self = this;
-    return queryBuilder(model.findById(id))
-        .exec();
+function execQuery(dQuery) {
+    return dQuery.exec();
 }
+exports.execQuery = execQuery;
+function createFindByIdQuery(model, id) {
+    return function () {
+        return model.findById(id);
+    };
+}
+exports.createFindByIdQuery = createFindByIdQuery;
+function execFindByIdWithQueryBuilder(model, id) {
+    return function (queryBuilder) {
+        return queryBuilder(model.findById(id))
+            .exec();
+    };
+}
 exports.execFindByIdWithQueryBuilder = execFindByIdWithQueryBuilder;
+function restrictByUserOwner(user) {
+    return function (query) {
+        return query.where("owner.userId").equals(user._id);
+    };
+}
+exports.restrictByUserOwner = restrictByUserOwner;
+function restrictByOrganizationOwner(user) {
+    return function (query) {
+        return query.where("owner.organizationId").equals(user.owner.organization.ref.code);
+    };
+}
+exports.restrictByOrganizationOwner = restrictByOrganizationOwner;

dist/utils/controller.utils.d.ts

@@ -6,1 +6,2 @@ import { Response } from 'express';
 export declare function successMessageResult(): () => string;
+export declare function baseHandle(req: any, res: Response, promisedAc: any, op: string, handleFnc: any): void;

dist/utils/controller.utils.js

@@ -5,2 +5,3 @@ "use strict";
 var createError = require('http-errors');
+var promise_grants_utils_1 = require("../utils/promise-grants.utils");
 function respondWithResult(res, statusCode) {
@@ -45,1 +46,15 @@ statusCode = statusCode || 200;
 exports.successMessageResult = successMessageResult;
+function baseHandle(req, res, promisedAc, op, handleFnc) {
+    var self = this;
+    promisedAc
+        .then(function (accessControl) {
+        var permission = accessControl.check(req.user, op);
+        return promise_grants_utils_1.assertGranted(permission);
+    })
+        .then(function (permission) {
+        return handleFnc(permission, req.user);
+    })
+        .then(self.respondWithResult(res))
+        .catch(self.handleError(res));
+}
+exports.baseHandle = baseHandle;

dist/utils/entity.utils.d.ts

 import { Model, Document } from 'mongoose';
+export declare function findEntityById(model: Model<Document>, id: any): Promise<Document>;
 export declare function applyUpdate(updates: any): (entity: any) => any;
@@ -6,2 +7,4 @@ export declare function applyPatch(patches: any): (entity: any) => any;
 export declare function createEntity(model: Model<Document>): (entity: any) => Promise<Document[]>;
-export declare function findEntityById(model: Model<Document>, id: any): Promise<Document>;
+export declare function setUserOwner(user: any): (any) => any;
+export declare function setOrganizationOwner(user: any): (any) => any;
+export declare function attributesFilter(filterHolder: any): (entity: any) => any;

dist/utils/entity.utils.js

@@ -6,2 +6,8 @@ 'use strict';
 var _ = require("lodash");
+var createError = require('http-errors');
+function findEntityById(model, id) {
+    return model.findById(id)
+        .exec();
+}
+exports.findEntityById = findEntityById;
 function applyUpdate(updates) {
@@ -36,8 +42,10 @@ return function (entity) {
     entity.patch(patches, function callback(err, result, number) {
-        if (err) {
+        if (!err) {
+            logger_1.default.trace("patched documents " + number);
+            def.resolve(result.toObject());
+        }
+        else {
             logger_1.default.trace("patch rejected " + err);
-            def.reject(err);
+            def.reject(createError(400, err));
         }
-        logger_1.default.trace("patched documents " + number);
-        def.resolve(result.toObject());
     });
@@ -59,2 +67,4 @@ return def.promise;
     return function (entity) {
+        logger_1.default.debug('creating entity...');
+        logger_1.default.debug(entity);
         return model.create(entity);
@@ -64,6 +74,22 @@ };
 exports.createEntity = createEntity;
-function findEntityById(model, id) {
-    return model.findById(id)
-        .exec();
+function setUserOwner(user) {
+    return function (entity) {
+        logger_1.default.trace('setting user as owner');
+        entity.owner = { userId: user._id };
+        return entity;
+    };
 }
-exports.findEntityById = findEntityById;
+exports.setUserOwner = setUserOwner;
+function setOrganizationOwner(user) {
+    return function (entity) {
+        entity.owner = { organizationId: user.organization.ref };
+        return entity;
+    };
+}
+exports.setOrganizationOwner = setOrganizationOwner;
+function attributesFilter(filterHolder) {
+    return function (entity) {
+        return filterHolder.filter(entity);
+    };
+}
+exports.attributesFilter = attributesFilter;

package.json

 {
   "name": "rhases-nodejs-commons",
-  "version": "0.2.10",
+  "version": "0.2.11",
   "description": "Node.js utilities",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

55699

increased by29%

Number of package files

44

increased by37.5%

Lines of code

1302

increased by31.52%

Worsened metrics

Number of medium supply chain risk alerts

5

increased by25%

No dependency changes