UNPKG

arrest

Version:

OpenAPI v3 compliant REST framework for Node.js, with support for MongoDB and JSON-Schema

github.com/vivocha/arrest

vivocha/arrest

121 lines 4.98 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
import { API } from '../../api.js'; import { addConstraint, patchToMongo } from '../util.js'; import { MongoOperation } from './base.js'; export class PatchMongoOperation extends MongoOperation { constructor(resource, path, method, id = 'patch') { super(resource, path, method, id); } getCustomInfo() { return { summary: `Patch a ${this.resource.info.name}`, parameters: [ { $ref: '#/components/parameters/id', }, ], requestBody: { description: `The updated ${this.resource.info.name}, minus the unique identifier and the metatadata`, content: { 'application/json': { schema: { type: 'array', items: { oneOf: [ { type: 'object', required: ['op', 'path', 'value'], additionalProperties: false, properties: { op: { enum: ['add', 'replace', 'test'] }, path: { type: 'string', minLength: 1 }, value: {}, }, }, { type: 'object', required: ['op', 'from', 'path'], additionalProperties: false, properties: { op: { enum: ['move'] }, from: { type: 'string', minLength: 1 }, path: { type: 'string', minLength: 1 }, }, }, { type: 'object', required: ['op', 'path'], additionalProperties: false, properties: { op: { enum: ['remove'] }, path: { type: 'string', minLength: 1 }, }, }, ], }, }, }, }, required: true, }, responses: { '200': { description: `${this.resource.info.name} successfully updated`, content: { 'application/json': { schema: this.responseSchema, }, }, }, '404': { $ref: '#/components/responses/notFound', }, }, }; } async prepareQuery(job) { job = await super.prepareQuery(job); job.query = addConstraint(job.query, this.getItemQuery(job.req.params.id)); const patch = job.req.body; if (job.req.ability) { const dottedPath = (path) => path .split('/') .slice(1) .filter((i) => i !== '-' && isNaN(parseInt(i))) .join('.'); for (let p of patch) { if (!this.checkAbilityForPath(job.req.ability, dottedPath(p.path)) || (p['from'] && !this.checkAbilityForPath(job.req.ability, dottedPath(p['from'])))) { API.fireError(403, 'insufficient privileges', p); } } } const update = patchToMongo(patch, this.resource.info.escapeProperties); if (update.query) { job.query = addConstraint(job.query, update.query); } job.doc = update.doc; return job; } async prepareOpts(job) { job.opts = { returnDocument: 'after' }; return job; } async runOperation(job) { let result = await job.coll.findOneAndUpdate(job.query, job.doc, job.opts); if (!result.ok || !result.value) { job.req.logger.error('update failed', result); API.fireError(404, 'not_found'); } job.data = result.value; return job; } async redactResult(job) { job = await super.redactResult(job); if (this.resource.info.id !== '_id') { delete job.data['_id']; } delete job.data._metadata; return job; } } //# sourceMappingURL=patch.js.map