UNPKG

rxdb-server

Version:

RxDB Server Plugin

rxdb.info/rx-server.html

pubkey/rxdb-server

114 lines (112 loc) 3.35 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.docContainsServerOnlyFields = docContainsServerOnlyFields; exports.doesContainRegexQuerySelector = doesContainRegexQuerySelector; exports.getAuthDataByRequest = getAuthDataByRequest; exports.getDocAllowedMatcher = getDocAllowedMatcher; exports.mergeServerDocumentFieldsMonad = mergeServerDocumentFieldsMonad; exports.removeServerOnlyFieldsMonad = removeServerOnlyFieldsMonad; exports.setCors = setCors; var _core = require("rxdb/plugins/core"); function setCors(server, path, cors) { var useCors = cors; if (!useCors) { useCors = server.cors; } if (useCors) { server.adapter.setCors(server.serverApp, path, useCors); } } var AUTH_PER_REQUEST = new WeakMap(); async function getAuthDataByRequest(server, request, response) { return (0, _core.getFromMapOrCreate)(AUTH_PER_REQUEST, request, async () => { try { var headers = server.adapter.getRequestHeaders(request); var authData = await server.authHandler(headers); return authData; } catch (err) { server.adapter.closeConnection(response, 401, 'Unauthorized'); return false; } }); } ; var defaultMatchingQuery = { selector: {}, skip: 0, sort: [] }; function getDocAllowedMatcher(endpoint, authData) { var useQuery = endpoint.queryModifier ? endpoint.queryModifier(authData, (0, _core.normalizeMangoQuery)(endpoint.collection.schema.jsonSchema, {})) : defaultMatchingQuery; var docDataMatcher = (0, _core.getQueryMatcher)(endpoint.collection.schema.jsonSchema, useQuery); return docDataMatcher; } function docContainsServerOnlyFields(serverOnlyFields, doc) { var has = serverOnlyFields.find(field => { return typeof doc[field] !== 'undefined'; }); return has; } function removeServerOnlyFieldsMonad(serverOnlyFields) { var serverOnlyFieldsStencil = { _meta: undefined, _rev: undefined, _attachments: undefined }; serverOnlyFields.forEach(field => serverOnlyFieldsStencil[field] = undefined); return docData => { if (!docData) { return docData; } return Object.assign({}, docData, serverOnlyFieldsStencil); }; } function mergeServerDocumentFieldsMonad(serverOnlyFields) { var useFields = serverOnlyFields.slice(0); // useFields.push('_rev'); // useFields.push('_meta'); // useFields.push('_attachments'); useFields = (0, _core.uniqueArray)(useFields); return (clientDoc, serverDoc) => { if (!serverDoc) { return clientDoc; } var ret = (0, _core.flatClone)(clientDoc); useFields.forEach(field => { ret[field] = serverDoc[field]; }); return ret; }; } /** * $regex queries are dangerous because they can dos-attack the server. * * @param selector */ function doesContainRegexQuerySelector(selector) { if (!selector) { return false; } if (Array.isArray(selector)) { var found = !!selector.find(item => doesContainRegexQuerySelector(item)); return found; } if (typeof selector !== 'object') { return false; } var entries = Object.entries(selector); for (var [key, value] of entries) { if (key === '$regex') { return true; } else { var has = doesContainRegexQuerySelector(value); if (has) { return true; } } } return false; } //# sourceMappingURL=helper.js.map