database-proxy
Version:
Through a set of access control rules configuration database access to realize the client directly access the database via HTTP.
55 lines • 1.67 kB
TypeScript
/**
* 安全工具
*/
export declare class SecurityUtil {
static checkField(name: string): boolean;
static checkProjection(name: string): boolean;
/**
* 递归收集 query 中的字段列表,去除操作符(逻辑、查询操作符)
* @param query 请求 query 对象
* @returns
*/
static resolveFieldFromQuery(query: object): string[];
/**
* 递归收集 data 中的字段列表,去除更新操作符
* @param data
*/
static resolveFieldFromData(data: object): string[];
/**
* 判断字段列是否都在白名单内
* @param input_fields [string] 输入字段列表
* @param allow_fields [string] 允许的字段列表
*/
static isAllowedFields(input_fields: string[], allow_fields: string[]): string | null;
/**
* 检查给定字符串中是否包含指定字符
* @param source 字符串
* @param str_list 字符白名单或黑名单
* @returns
*/
static containChars(source: string, str_list: string[]): boolean;
static isLogicOperator(key: string): boolean;
static isQueryOperator(key: string): boolean;
static isQueryOrLogicOperator(key: string): boolean;
static hasUpdateOperator(data: any): boolean;
static isUpdateOperator(key: string): boolean;
/**
* 将带操作符的 data 对象平铺
*
data: {
title: '',
$set: {
content: '',
author: 123
},
$inc: {
age: 1
},
$push: {
grades: 99,
},
}
*/
static flattenData(data?: any): object;
}
//# sourceMappingURL=security.d.ts.map