@becomes/cms
Version:
Simple CMS for building APIs.
258 lines • 14.9 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __generator = (this && this.__generator) || function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) {
case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop();
_.trys.pop(); continue;
}
op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
}
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.KeyHandler = void 0;
var purple_cheetah_1 = require("purple-cheetah");
var key_model_1 = require("./models/key.model");
var key_cash_service_1 = require("./key-cash.service");
var key_factory_1 = require("./factories/key.factory");
var api_security_1 = require("./api-security");
var KeyHandler = (function () {
function KeyHandler() {
}
KeyHandler.getAccessList = function (method, url, body, signature) {
var error = purple_cheetah_1.HttpErrorFactory.simple('getAccessList', this.logger);
try {
api_security_1.APISecurity.verify(signature, body, method.toUpperCase(), url, true);
}
catch (e) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, e.message);
}
var key = key_cash_service_1.KeyCashService.findById(signature.key);
return {
access: key.access,
};
};
KeyHandler.getAll = function (authorization) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid;
return __generator(this, function (_a) {
error = purple_cheetah_1.HttpErrorFactory.simple('getAll', this.logger);
jwt = purple_cheetah_1.JWTEncoding.decode(authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.READ, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
return [2, {
keys: key_cash_service_1.KeyCashService.findAll(),
}];
});
});
};
KeyHandler.getById = function (authorization, id) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, key;
return __generator(this, function (_a) {
error = purple_cheetah_1.HttpErrorFactory.simple('getById', this.logger);
if (purple_cheetah_1.StringUtility.isIdValid(id) === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid ID '" + id + "' was provided.");
}
jwt = purple_cheetah_1.JWTEncoding.decode(authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.READ, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
key = key_cash_service_1.KeyCashService.findById(id);
if (key === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.NOT_FOUNT, "Key with ID '" + id + "' does not exist.");
}
return [2, {
key: key,
}];
});
});
};
KeyHandler.add = function (authorization, body) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, key, addKeyResult;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('add', this.logger);
try {
purple_cheetah_1.ObjectUtility.compareWithSchema(body, key_model_1.Key.objectSchema, 'body');
}
catch (e) {
throw error.occurred(purple_cheetah_1.HttpStatus.BAD_REQUEST, e.message);
}
jwt = purple_cheetah_1.JWTEncoding.decode(authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.WRITE, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
key = key_factory_1.KeyFactory.instance({
userId: jwt.payload.userId,
name: body.name,
desc: body.desc,
blocked: body.blocked,
access: body.access,
});
return [4, key_cash_service_1.KeyCashService.add(key)];
case 1:
addKeyResult = _a.sent();
if (addKeyResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to add Key to database.');
}
return [2, {
key: key,
}];
}
});
});
};
KeyHandler.update = function (authorization, body) {
return __awaiter(this, void 0, void 0, function () {
var error, requestSchema, jwt, jwtValid, key, updateKeyResult;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('update', this.logger);
try {
requestSchema = key_model_1.Key.objectSchema;
requestSchema._id = {
__type: 'string',
__required: true,
};
purple_cheetah_1.ObjectUtility.compareWithSchema(body, requestSchema, 'body');
}
catch (e) {
throw error.occurred(purple_cheetah_1.HttpStatus.BAD_REQUEST, e.message);
}
if (purple_cheetah_1.StringUtility.isIdValid(body._id) === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid ID '" + body._id + "' was provided.");
}
jwt = purple_cheetah_1.JWTEncoding.decode(authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.WRITE, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
key = key_cash_service_1.KeyCashService.findById(body._id);
if (key === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.NOT_FOUNT, "Key with ID '" + body._id + "' does not exist.");
}
key.name = body.name;
key.desc = body.desc;
key.blocked = body.blocked;
key.access = body.access;
return [4, key_cash_service_1.KeyCashService.update(key)];
case 1:
updateKeyResult = _a.sent();
if (updateKeyResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to update Key in database.');
}
return [2, {
key: key,
}];
}
});
});
};
KeyHandler.deleteById = function (authorization, id) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, key, deleteKeyResult;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('deleteById', this.logger);
if (purple_cheetah_1.StringUtility.isIdValid(id) === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid ID '" + id + "' was provided.");
}
jwt = purple_cheetah_1.JWTEncoding.decode(authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.DELETE, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
key = key_cash_service_1.KeyCashService.findById(id);
if (key === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.NOT_FOUNT, "Key with ID '" + id + "' does not exist.");
}
return [4, key_cash_service_1.KeyCashService.deleteById(id)];
case 1:
deleteKeyResult = _a.sent();
if (deleteKeyResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, "Failed to delete Key from database.");
}
return [2, {
message: 'Success.',
}];
}
});
});
};
__decorate([
purple_cheetah_1.AppLogger(KeyHandler),
__metadata("design:type", purple_cheetah_1.Logger)
], KeyHandler, "logger", void 0);
return KeyHandler;
}());
exports.KeyHandler = KeyHandler;
//# sourceMappingURL=key.handler.js.map