OpenServer/RealtimeDB-OLD
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Enabling rules
Some checks failed
continuous-integration/drone/tag Build is failing
Details

Browse Source
This commit is contained in:
Fabian Stamm 2020-03-24 15:16:21 +01:00
parent 88b0cb68d8
commit 1434036b42
6 changed files with 565 additions and 603 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.editorconfig
View File

@ -1,3 +1,5 @@
[*]
charset = utf-8 charset = utf-8
indent_size = 3 indent_size = 3
indent_style = space indent_style = space
insert_final_newline = true

720
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

30
package.json
View File

@ -17,31 +17,31 @@
"license": "ISC", "license": "ISC",
"devDependencies": { "devDependencies": {
"@types/dotenv": "^8.2.0", "@types/dotenv": "^8.2.0",
"@types/jsonwebtoken": "^8.3.5", "@types/jsonwebtoken": "^8.3.8",
"@types/koa": "^2.11.0", "@types/koa": "^2.11.2",
"@types/koa-router": "^7.0.42", "@types/koa-router": "^7.4.0",
"@types/leveldown": "^4.0.2", "@types/leveldown": "^4.0.2",
"@types/levelup": "^3.1.1", "@types/levelup": "^4.3.0",
"@types/nanoid": "^2.1.0", "@types/nanoid": "^2.1.0",
"@types/node": "^12.12.14", "@types/node": "^13.9.3",
"@types/ws": "^6.0.4", "@types/ws": "^7.2.3",
"concurrently": "^5.0.0", "concurrently": "^5.1.0",
"nodemon": "^2.0.1", "nodemon": "^2.0.2",
"typescript": "^3.7.2" "typescript": "^3.8.3"
}, },
"dependencies": { "dependencies": {
"@hibas123/nodelogging": "^2.1.2", "@hibas123/nodelogging": "^2.1.5",
"@hibas123/utils": "^2.2.3", "@hibas123/utils": "^2.2.3",
"dotenv": "^8.2.0", "dotenv": "^8.2.0",
"handlebars": "^4.5.3", "handlebars": "^4.7.3",
"jsonwebtoken": "^8.5.1", "jsonwebtoken": "^8.5.1",
"koa": "^2.11.0", "koa": "^2.11.0",
"koa-body": "^4.1.1", "koa-body": "^4.1.1",
"koa-router": "^7.4.0", "koa-router": "^8.0.8",
"leveldown": "^5.4.1", "leveldown": "^5.5.1",
"levelup": "^4.3.2", "levelup": "^4.3.2",
"nanoid": "^2.1.7", "nanoid": "^2.1.11",
"what-the-pack": "^2.0.3", "what-the-pack": "^2.0.3",
"ws": "^7.2.0" "ws": "^7.2.3"
} }
} }

334
src/database/query.ts
View File

@ -7,7 +7,12 @@ import Session from "./session";
import { LevelUpChain } from "levelup"; import { LevelUpChain } from "levelup";
export type IWriteQueries = "set" | "update" | "delete" | "add"; export type IWriteQueries = "set" | "update" | "delete" | "add";
export type ICollectionQueries = "get" | "add" | "keys" | "delete-collection" | "list"; export type ICollectionQueries =
| "get"
| "add"
| "keys"
| "delete-collection"
| "list";
export type IDocumentQueries = "get" | "set" | "update" | "delete"; export type IDocumentQueries = "get" | "set" | "update" | "delete";
export interface ITypedQuery<T> { export interface ITypedQuery<T> {
@ -17,21 +22,30 @@ export interface ITypedQuery<T> {
options?: any; options?: any;
} }
export type IQuery = ITypedQuery<ICollectionQueries | IDocumentQueries | "snapshot">; export type IQuery = ITypedQuery<
ICollectionQueries | IDocumentQueries | "snapshot"
>;
export const MP = MSGPack.initialize(2 ** 20); export const MP = MSGPack.initialize(2 ** 20);
const ALPHABET = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; const ALPHABET =
"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
const { encode, decode } = MP; const { encode, decode } = MP;
type Runner = (collection: string, document: string, batch: LevelUpChain, collectionKey: string) => any; type Runner = (
collection: string,
document: string,
batch: LevelUpChain,
collectionKey: string
) => any;
interface IPreparedQuery { interface IPreparedQuery {
createCollection: boolean; createCollection: boolean;
needDocument: boolean; needDocument: boolean;
batchCompatible: boolean; batchCompatible: boolean;
runner: Runner; runner: Runner;
permission: "write" | "read";
additionalLock?: string[]; additionalLock?: string[];
} }
@ -46,7 +60,9 @@ export abstract class Query {
* @param path Path to be checked * @param path Path to be checked
*/ */
private validatePath(path: string[]) { private validatePath(path: string[]) {
return path.every(e => (e.match(/[^a-zA-Z0-9_\-\<\>]/g) || []).length === 0); return path.every(
e => (e.match(/[^a-zA-Z0-9_\-\<\>]/g) || []).length === 0
);
} }
public changes: Change[] = []; public changes: Change[] = [];
@ -55,14 +71,24 @@ export abstract class Query {
public readonly needDocument: boolean; public readonly needDocument: boolean;
public readonly batchCompatible: boolean; public readonly batchCompatible: boolean;
public readonly additionalLock?: string[]; public readonly additionalLock?: string[];
public readonly permission: string;
private readonly _runner: Runner; private readonly _runner: Runner;
constructor(protected database: Database, protected session: Session, protected query: IQuery, snapshot = false) { constructor(
protected database: Database,
protected session: Session,
protected query: IQuery,
snapshot = false
) {
if (query.path.length > 10) { if (query.path.length > 10) {
throw new QueryError("Path is to long. Path is only allowed to be 10 Layers deep!"); throw new QueryError(
"Path is to long. Path is only allowed to be 10 Layers deep!"
);
} }
if (!this.validatePath(query.path)) { if (!this.validatePath(query.path)) {
throw new QueryError("Path can only contain a-z A-Z 0-9 '-' '-' '<' and '>' "); throw new QueryError(
"Path can only contain a-z A-Z 0-9 '-' '-' '<' and '>' "
);
} }
if (!snapshot) { if (!snapshot) {
@ -80,75 +106,113 @@ export abstract class Query {
protected getDoc(collection: string, document: string) { protected getDoc(collection: string, document: string) {
return this.database.data return this.database.data
.get(Database.getKey(collection, document), { asBuffer: true }) .get(Database.getKey(collection, document), { asBuffer: true })
.then(res => decode<any>(res as Buffer)).catch(resNull); .then(res => decode<any>(res as Buffer))
.catch(resNull);
} }
protected sendChange(collection: string, document: string, type: ChangeTypes, data: any) { protected sendChange(
collection: string,
document: string,
type: ChangeTypes,
data: any
) {
let change: Change = { let change: Change = {
type, type,
document, document,
collection, collection,
data, data,
sender: this.session.id sender: this.session.id
} };
this.changes.push(change); this.changes.push(change);
} }
protected static getConstructorParams(query: Query): [Database, Session, IQuery] { protected static getConstructorParams(
query: Query
): [Database, Session, IQuery] {
return [query.database, query.session, query.query]; return [query.database, query.session, query.query];
} }
protected abstract checkChange(change: Change): boolean; protected abstract checkChange(change: Change): boolean;
protected abstract firstSend(collection: string, document: string): Promise<any>; protected abstract firstSend(
collection: string,
document: string
): Promise<any>;
public run(collection: string, document: string, batch: LevelUpChain, collectionKey: string) { public run(
return this._runner.call(this, collection, document, batch, collectionKey); collection: string,
document: string,
batch: LevelUpChain,
collectionKey: string
) {
let perm = this.database.rules.hasPermission(
this.query.path,
this.session
);
if (this.permission === "read" && !perm.read) {
throw new QueryError("No permission!");
} else if (this.permission === "write" && !perm.write) {
throw new QueryError("No permission!");
}
return this._runner.call(
this,
collection,
document,
batch,
collectionKey
);
}
public async snapshot(
onChange: (change: (DocRes & { type: ChangeTypes })[]) => void
) {
let perm = this.database.rules.hasPermission(
this.query.path,
this.session
);
if (this.permission === "read" && !perm.read) {
throw new QueryError("No permission!");
} }
public async snapshot(onChange: (change: (DocRes & { type: ChangeTypes })[]) => void) {
const receivedChanges = (changes: Change[]) => { const receivedChanges = (changes: Change[]) => {
let res = changes.filter(change => this.checkChange(change)).map(change => { let res = changes
.filter(change => this.checkChange(change))
.map(change => {
return { return {
id: change.document, id: change.document,
data: change.data, data: change.data,
type: change.type type: change.type
} };
}) });
if (res.length > 0) if (res.length > 0) onChange(res);
onChange(res);
}; };
const unsub = this.database.collectionChangeListener.subscribe(change => { const unsub = this.database.collectionChangeListener.subscribe(change => {
if (change.key === collectionKey) { if (change.key === collectionKey) {
if (change.type === "create") if (change.type === "create") addSubscriber(change.id);
addSubscriber(change.id); else removeSubscriber(); // Send delete for all elements (Don't know how to do this...)
else
removeSubscriber(); // Send delete for all elements (Don't know how to do this...)
} }
}) });
let { collection, document, collectionKey } = await this.database.resolve(
let { collection, document, collectionKey } = await this.database.resolve(this.query.path) this.query.path
);
let oldKey: string = undefined; let oldKey: string = undefined;
const removeSubscriber = () => { const removeSubscriber = () => {
if (!oldKey) if (!oldKey) return;
return;
let s = this.database.changeListener.get(oldKey); let s = this.database.changeListener.get(oldKey);
if (s) { if (s) {
s.delete(receivedChanges); s.delete(receivedChanges);
if (s.size <= 0) if (s.size <= 0) this.database.changeListener.delete(oldKey);
this.database.changeListener.delete(oldKey);
} }
oldKey = undefined; oldKey = undefined;
} };
const addSubscriber = (collection: string) => { const addSubscriber = () => {
let key = Database.getKey(collection, document); let key = Database.getKey(collection, document);
if (oldKey !== key) { if (oldKey !== key) {
if (oldKey !== undefined) if (oldKey !== undefined) removeSubscriber();
removeSubscriber();
let s = this.database.changeListener.get(key); let s = this.database.changeListener.get(key);
if (!s) { if (!s) {
@ -158,10 +222,10 @@ export abstract class Query {
s.add(receivedChanges); s.add(receivedChanges);
} }
} };
if (collection) { if (collection) {
addSubscriber(collection); addSubscriber();
} }
return { return {
@ -170,7 +234,7 @@ export abstract class Query {
removeSubscriber(); removeSubscriber();
}, },
value: await this.firstSend(collection, document) value: await this.firstSend(collection, document)
} };
} }
} }
@ -178,7 +242,7 @@ interface UpdateData {
[path: string]: { [path: string]: {
type: "value" | "timestamp" | "increment" | "push"; type: "value" | "timestamp" | "increment" | "push";
value: any; value: any;
} };
} }
export class DocumentQuery extends Query { export class DocumentQuery extends Query {
prepare(query: IQuery): IPreparedQuery { prepare(query: IQuery): IPreparedQuery {
@ -189,29 +253,33 @@ export class DocumentQuery extends Query {
batchCompatible: false, batchCompatible: false,
createCollection: false, createCollection: false,
needDocument: false, needDocument: false,
permission: "read",
runner: this.get runner: this.get
} };
case "set": case "set":
return { return {
batchCompatible: true, batchCompatible: true,
createCollection: true, createCollection: true,
needDocument: true, needDocument: true,
permission: "write",
runner: this.set runner: this.set
} };
case "update": case "update":
return { return {
batchCompatible: true, batchCompatible: true,
createCollection: true, createCollection: true,
needDocument: true, needDocument: true,
permission: "write",
runner: this.update runner: this.update
} };
case "delete": case "delete":
return { return {
batchCompatible: true, batchCompatible: true,
createCollection: false, createCollection: false,
needDocument: true, needDocument: true,
permission: "write",
runner: this.delete runner: this.delete
} };
default: default:
throw new Error("Invalid query type: " + type); throw new Error("Invalid query type: " + type);
} }
@ -225,22 +293,28 @@ export class DocumentQuery extends Query {
return this.getDoc(collection, document); return this.getDoc(collection, document);
} }
private async set(collection: string, document: string, batch?: LevelUpChain) { private async set(
collection: string,
document: string,
batch?: LevelUpChain
) {
const { data, options } = this.query; const { data, options } = this.query;
if (data === null) if (data === null) return this.delete(collection, document, batch);
return this.delete(collection, document, batch);
let isNew = !(await this.getDoc(collection, document));
let isNew = !(await this.getDoc(collection, document)) batch.put(Database.getKey(collection, document), encode(data));
batch.put(Database.getKey(collection, document), encode(data)) this.sendChange(collection, document, isNew ? "added" : "modified", data);
this.sendChange(collection, document, isNew ? "added" : "modified", data)
} }
private async update(collection: string, document: string, batch?: LevelUpChain) { private async update(
collection: string,
document: string,
batch?: LevelUpChain
) {
const updateData: UpdateData = this.query.data; const updateData: UpdateData = this.query.data;
let data = await this.getDoc(collection, document); let data = await this.getDoc(collection, document);
let isNew = false let isNew = false;
if (!data) { if (!data) {
isNew = true; isNew = true;
data = {}; data = {};
@ -252,8 +326,7 @@ export class DocumentQuery extends Query {
let parts = path.split("."); let parts = path.split(".");
while (parts.length > 1) { while (parts.length > 1) {
let seg = parts.shift(); let seg = parts.shift();
if (!data[seg]) if (!data[seg]) data[seg] = {};
data[seg] = {}
d = data[seg]; d = data[seg];
} }
@ -290,23 +363,29 @@ export class DocumentQuery extends Query {
} }
if (batch) { if (batch) {
batch.put(Database.getKey(collection, document), encode(data)) batch.put(Database.getKey(collection, document), encode(data));
} else { } else {
await this.database.data await this.database.data.put(
.put(Database.getKey(collection, document), encode(data)) Database.getKey(collection, document),
encode(data)
);
} }
this.sendChange(collection, document, isNew ? "added" : "modified", data) this.sendChange(collection, document, isNew ? "added" : "modified", data);
} }
private async delete(collection: string, document: string, batch?: LevelUpChain) { private async delete(
collection: string,
document: string,
batch?: LevelUpChain
) {
if (batch) { if (batch) {
batch.del(Database.getKey(collection, document)) batch.del(Database.getKey(collection, document));
} else { } else {
await this.database.data.del(Database.getKey(collection, document)); await this.database.data.del(Database.getKey(collection, document));
} }
this.sendChange(collection, document, "deleted", null) this.sendChange(collection, document, "deleted", null);
} }
checkChange(change: Change) { checkChange(change: Change) {
@ -324,19 +403,19 @@ export class DocumentQuery extends Query {
type FieldPath = string; type FieldPath = string;
type WhereFilterOp = type WhereFilterOp =
| '<' | "<"
| '<=' | "<="
| '==' | "=="
| '>=' | ">="
| '>' | ">"
| 'array-contains' | "array-contains"
| 'in' | "in"
| 'array-contains-any'; | "array-contains-any";
interface IQueryWhereVerbose { interface IQueryWhereVerbose {
fieldPath: FieldPath, fieldPath: FieldPath;
opStr: WhereFilterOp, opStr: WhereFilterOp;
value: any value: any;
} }
type IQueryWhereArray = [FieldPath, WhereFilterOp, any]; type IQueryWhereArray = [FieldPath, WhereFilterOp, any];
@ -346,53 +425,55 @@ type IQueryWhere = IQueryWhereArray | IQueryWhereVerbose;
export class CollectionQuery extends Query { export class CollectionQuery extends Query {
private _addId: string; private _addId: string;
prepare(query): IPreparedQuery { prepare(query): IPreparedQuery {
switch (query.type as ICollectionQueries) { switch (query.type as ICollectionQueries) {
case "add": case "add":
this._addId = nanoid(ALPHABET, 32) this._addId = nanoid(ALPHABET, 32);
return { return {
batchCompatible: true, batchCompatible: true,
createCollection: true, createCollection: true,
needDocument: false, needDocument: false,
runner: this.add, runner: this.add,
permission: "write",
additionalLock: [...query.path, this._addId] additionalLock: [...query.path, this._addId]
} };
case "get": case "get":
const limit = (query.options || {}).limit; const limit = (query.options || {}).limit;
if (limit) if (limit) this.limit = limit;
this.limit = limit;
const where = (query.options || {}).where; const where = (query.options || {}).where;
if (where) if (where) this.where = where;
this.where = where;
return { return {
batchCompatible: false, batchCompatible: false,
createCollection: false, createCollection: false,
needDocument: false, needDocument: false,
permission: "read",
runner: this.get runner: this.get
} };
case "keys": case "keys":
return { return {
batchCompatible: false, batchCompatible: false,
createCollection: false, createCollection: false,
needDocument: false, needDocument: false,
permission: "read",
runner: this.keys runner: this.keys
} };
case "list": case "list":
return { return {
batchCompatible: false, batchCompatible: false,
createCollection: false, createCollection: false,
needDocument: false, needDocument: false,
permission: "read",
runner: this.keys runner: this.keys
} };
case "delete-collection": case "delete-collection":
return { return {
batchCompatible: false, batchCompatible: false,
createCollection: false, createCollection: false,
needDocument: false, needDocument: false,
permission: "write",
runner: this.deleteCollection runner: this.deleteCollection
} };
// run = () => q.deleteCollection(); // run = () => q.deleteCollection();
// break; // break;
default: default:
@ -400,32 +481,40 @@ export class CollectionQuery extends Query {
} }
} }
private _where: IQueryWhereArray[] = []; private _where: IQueryWhereArray[] = [];
public set where(value: IQueryWhere[]) { public set where(value: IQueryWhere[]) {
const invalidWhere = new QueryError("Invalid Where"); const invalidWhere = new QueryError("Invalid Where");
if (!Array.isArray(value)) if (!Array.isArray(value)) throw invalidWhere;
throw invalidWhere;
let c = []; let c = [];
this._where = value.map(cond => { this._where = value.map(cond => {
Logging.debug("Query Condition", cond); Logging.debug("Query Condition", cond);
if (Array.isArray(cond)) { if (Array.isArray(cond)) {
if (cond.length !== 3) if (cond.length !== 3) throw invalidWhere;
throw invalidWhere;
return cond; return cond;
} else { } else {
if (cond && typeof cond === "object" && "fieldPath" in cond && "opStr" in cond && "value" in cond) { if (
cond &&
typeof cond === "object" &&
"fieldPath" in cond &&
"opStr" in cond &&
"value" in cond
) {
return [cond.fieldPath, cond.opStr, cond.value]; return [cond.fieldPath, cond.opStr, cond.value];
} else { } else {
throw invalidWhere; throw invalidWhere;
} }
} }
}) });
} }
public limit: number = -1; public limit: number = -1;
public async add(collection: string, document: string, batch: LevelUpChain, collectionKey: string) { public async add(
collection: string,
document: string,
batch: LevelUpChain,
collectionKey: string
) {
let q = new DocumentQuery(this.database, this.session, { let q = new DocumentQuery(this.database, this.session, {
type: "set", type: "set",
path: this.additionalLock, path: this.additionalLock,
@ -442,28 +531,26 @@ export class CollectionQuery extends Query {
let lt = Buffer.alloc(gt.length); let lt = Buffer.alloc(gt.length);
lt.set(gt); lt.set(gt);
lt[gt.length - 1] = 0xFF; lt[gt.length - 1] = 0xff;
return { return {
gt, gt,
lt lt
} };
} }
public async keys(collection: string) { public async keys(collection: string) {
if (!collection) if (!collection) return [];
return []
return new Promise<string[]>((yes, no) => { return new Promise<string[]>((yes, no) => {
let keys = []; let keys = [];
const stream = this.database.data.createKeyStream({ const stream = this.database.data.createKeyStream({
...this.getStreamOptions(collection), ...this.getStreamOptions(collection),
keyAsBuffer: false keyAsBuffer: false
}) });
stream.on("data", (key: string) => { stream.on("data", (key: string) => {
let s = key.split("/", 2); let s = key.split("/", 2);
if (s.length > 1) if (s.length > 1) keys.push(s[1]);
keys.push(s[1]);
}); });
stream.on("end", () => yes(keys)); stream.on("end", () => yes(keys));
stream.on("error", no); stream.on("error", no);
@ -477,8 +564,7 @@ export class CollectionQuery extends Query {
let seg = parts.shift(); let seg = parts.shift();
d = data[seg]; d = data[seg];
if (d === undefined || d === null) if (d === undefined || d === null) break; // Undefined/Null has no other fields!
break; // Undefined/Null has no other fields!
} }
return d; return d;
} }
@ -513,21 +599,20 @@ export class CollectionQuery extends Query {
default: default:
throw new QueryError("Invalid where operation " + opStr); throw new QueryError("Invalid where operation " + opStr);
} }
}) });
} }
return true; return true;
} }
async get(collection: string) { async get(collection: string) {
if (!collection) if (!collection) return [];
return [];
return new Promise<DocRes[]>((yes, no) => { return new Promise<DocRes[]>((yes, no) => {
const stream = this.database.data.iterator({ const stream = this.database.data.iterator({
...this.getStreamOptions(collection), ...this.getStreamOptions(collection),
keyAsBuffer: false, keyAsBuffer: false,
valueAsBuffer: true valueAsBuffer: true
}) });
let values: DocRes[] = []; let values: DocRes[] = [];
@ -535,16 +620,14 @@ export class CollectionQuery extends Query {
if (err) { if (err) {
no(err); no(err);
stream.end(err => Logging.error(err)); stream.end(err => Logging.error(err));
} } else {
else {
if (!key && !value) { if (!key && !value) {
// END // END
Logging.debug("Checked all!") Logging.debug("Checked all!");
yes(values); yes(values);
} else { } else {
let s = key.split("/", 2); let s = key.split("/", 2);
if (s.length <= 1) if (s.length <= 1) return;
return;
const id = s[1]; const id = s[1];
@ -555,9 +638,8 @@ export class CollectionQuery extends Query {
id, id,
data data
}); });
} } else {
else { stream.end(err => (err ? no(err) : yes(values)));
stream.end((err) => err ? no(err) : yes(values))
return; return;
} }
} }
@ -565,10 +647,10 @@ export class CollectionQuery extends Query {
stream.next(onValue); stream.next(onValue);
} }
} }
} };
stream.next(onValue); stream.next(onValue);
}) });
} }
checkChange(change: Change) { checkChange(change: Change) {
@ -576,25 +658,30 @@ export class CollectionQuery extends Query {
} }
firstSend(collection: string) { firstSend(collection: string) {
return this.get(collection) return this.get(collection);
} }
public async collections() { public async collections() {
if (!this.session.root) if (!this.session.root) throw new QueryError("No Permission!");
throw new QueryError("No Permission!");
return new Promise<string[]>((yes, no) => { return new Promise<string[]>((yes, no) => {
let keys = []; let keys = [];
const stream = this.database.data.createKeyStream({ keyAsBuffer: false }) const stream = this.database.data.createKeyStream({
keyAsBuffer: false
});
stream.on("data", (key: string) => keys.push(key.split("/"))); stream.on("data", (key: string) => keys.push(key.split("/")));
stream.on("end", () => yes(keys)); stream.on("end", () => yes(keys));
stream.on("error", no); stream.on("error", no);
}); });
} }
public async deleteCollection(collection: string, document: string, _b: LevelUpChain, collectionKey: string) { public async deleteCollection(
if (!this.session.root) collection: string,
throw new QueryError("No Permission!"); document: string,
_b: LevelUpChain,
collectionKey: string
) {
if (!this.session.root) throw new QueryError("No Permission!");
//TODO: Lock whole collection! //TODO: Lock whole collection!
let batch = this.database.data.batch(); let batch = this.database.data.batch();
@ -615,8 +702,7 @@ export class CollectionQuery extends Query {
}); });
} }
} finally { } finally {
if (batch) if (batch) batch.clear();
batch.clear();
} }
} }

47
src/database/rules.ts
View File

@ -2,13 +2,15 @@ import Session from "./session";
import Logging from "@hibas123/nodelogging"; import Logging from "@hibas123/nodelogging";
interface IRule<T> { interface IRule<T> {
".write"?: T ".write"?: T;
".read"?: T ".read"?: T;
} }
type IRuleConfig<T> = { type IRuleConfig<T> =
| IRule<T>
| {
[segment: string]: IRuleConfig<T>; [segment: string]: IRuleConfig<T>;
} | IRule<T>; };
type IRuleRaw = IRuleConfig<string>; type IRuleRaw = IRuleConfig<string>;
type IRuleParsed = IRuleConfig<boolean>; type IRuleParsed = IRuleConfig<boolean>;
@ -17,17 +19,16 @@ const resolve = (value: any) => {
if (value === true) { if (value === true) {
return true; return true;
} else if (typeof value === "string") { } else if (typeof value === "string") {
} }
return undefined; return undefined;
} };
export class Rules { export class Rules {
rules: IRuleParsed; rules: IRuleParsed;
constructor(private config: string) { constructor(private config: string) {
let parsed: IRuleRaw = JSON.parse(config); let parsed: IRuleRaw = JSON.parse(config);
const analyze = (raw: IRuleRaw) => { const analyse = (raw: IRuleRaw) => {
let r: IRuleParsed = {}; let r: IRuleParsed = {};
if (raw[".read"]) { if (raw[".read"]) {
@ -47,18 +48,25 @@ export class Rules {
} }
for (let segment in raw) { for (let segment in raw) {
if (segment.startsWith(".")) if (segment.startsWith(".")) continue;
continue;
r[segment] = analyze(raw[segment]); r[segment] = analyse(raw[segment]);
} }
return r; return r;
};
this.rules = analyse(parsed);
} }
this.rules = analyze(parsed); hasPermission(
} path: string[],
session: Session
hasPermission(path: string[], session: Session): { read: boolean, write: boolean } { ): { read: boolean; write: boolean } {
if (session.root)
return {
read: true,
write: true
};
let read = this.rules[".read"] || false; let read = this.rules[".read"] || false;
let write = this.rules[".write"] || false; let write = this.rules[".write"] || false;
@ -77,22 +85,21 @@ export class Rules {
.find(e => { .find(e => {
switch (e) { switch (e) {
case "$uid": case "$uid":
if (segment === session.uid) if (segment === session.uid) return true;
return true;
break; break;
} }
return false; return false;
}) });
rules = (k ? rules[k] : undefined) || rules[segment] || rules["*"]; rules = (k ? rules[k] : undefined) || rules[segment] || rules["*"];
if (rules) { if (rules) {
if (rules[".read"]) { if (rules[".read"]) {
read = rules[".read"] read = rules[".read"];
} }
if (rules[".write"]) { if (rules[".write"]) {
read = rules[".write"] read = rules[".write"];
} }
} else { } else {
break; break;
@ -102,7 +109,7 @@ export class Rules {
return { return {
read: read as boolean, read: read as boolean,
write: write as boolean write: write as boolean
} };
} }
toJSON() { toJSON() {

13
src/web/v1/index.ts
View File

@ -1,7 +1,11 @@
import * as Router from "koa-router"; import * as Router from "koa-router";
import AdminRoute from "./admin"; import AdminRoute from "./admin";
import { DatabaseManager } from "../../database/database"; import { DatabaseManager } from "../../database/database";
import { NotFoundError, NoPermissionError, BadRequestError } from "../helper/errors"; import {
NotFoundError,
NoPermissionError,
BadRequestError
} from "../helper/errors";
import Logging from "@hibas123/nodelogging"; import Logging from "@hibas123/nodelogging";
import Session from "../../database/session"; import Session from "../../database/session";
import nanoid = require("nanoid"); import nanoid = require("nanoid");
@ -28,7 +32,7 @@ V1.post("/db/:database/query", async ctx => {
if (db.accesskey) { if (db.accesskey) {
if (!accesskey || accesskey !== db.accesskey) { if (!accesskey || accesskey !== db.accesskey) {
throw new NoPermissionError(""); throw new NoPermissionError("Invalid Access Key");
} }
} }
@ -36,7 +40,6 @@ V1.post("/db/:database/query", async ctx => {
let res = await verifyJWT(authkey, db.publickey); let res = await verifyJWT(authkey, db.publickey);
if (!res || !res.uid) { if (!res || !res.uid) {
throw new BadRequestError("Invalid JWT"); throw new BadRequestError("Invalid JWT");
return;
} else { } else {
session.uid = res.uid; session.uid = res.uid;
} }
@ -54,6 +57,6 @@ V1.post("/db/:database/query", async ctx => {
throw new BadRequestError(err.message); throw new BadRequestError(err.message);
} }
throw err; throw err;
}) });
}) });
export default V1; export default V1;