Commit Graph

152 Commits

Author SHA1 Message Date
virkt25 5ee731eafd chore: update deps + fix linting + .npmrc 2018-08-08 13:31:30 -04:00
mcitdev f9e9aaa8ce
Make verifyUserRelations() more robust
The fix introduced in previous commit was relying on the default
merge algorighm applied when a child model inherits relation config
from the parent.

This commit changes the check to use a more reliable approach
based on the relation metadata configured by the child model.
2018-07-03 09:03:44 +02:00
ryanxwelch 9d77ba28d3
Fix crash in verifyUserRelations
In the present implementation `verifyUserRelations(Model)` assumes that
`Model.relations.accessTokens` is always set, and as a result may
crash when trying to access `polymorphic` property of that relation.

It seems the intention is to check whether the the following conditions
are met:
 1. a model has a hasMany accessTokens relation
 2. that relation is polymorphic

This commit fixes the problem by accounting for the case where the
accessTokens relation was not correctly set up.
2018-06-29 16:14:01 +02:00
Miroslav Bajtoš 0cd380c590
feat: remove all references to a Model
Add API allowing applications to hide a Model from the
REST API and remove all references to it, allowing Garbage Collector
to claim all memory used by the model.
2018-04-17 09:42:08 +02:00
Kevin Scroggins ab791fc258
fix: preserve datasource name
Modify the code creating juggler DataSource objects to correctly
forward the datasource name provided by the user.
2018-01-19 15:58:33 +01:00
Justin Ross 60750b4508
Update Copyright Years
Update copyright years to include 2018
2018-01-16 13:55:02 +01:00
Miroslav Bajtoš 73cc950b1b
Update eslint and eslint-config to latest 2017-12-12 09:33:15 +01:00
pierreclr e17132d061
Fix OWNER role to handle multiple relations
Fix the code resolving OWNER role to correctly handle the situation
where the target model has multiple "belongsTo" relations to the User
model.

Introduce a new model setting "ownerRelations" that enables the new
behavior. When "ownerRelations" is set to true, then all "belongsTo"
relations are considered as granting ownership. Alternatively,
"ownerRelations" can be set to an array of the relations which
are granting ownership.

For example, a document can "belongTo" an author and a reviewer,
but only the author is an owner, the reviewer is not. In this case,
"ownerRelations" should be set to "['author']".
2017-09-27 17:11:36 +02:00
Zak Barbuto d405432b2d Fix relation race condition in model glob
Globs working depended on the order that models were imported.
Remote sharing is now re-calculated whenever a new model is remoted.
2017-09-01 09:18:39 +09:30
Zak Barbuto 724a7d1928 Allow glob-style patterns for remote options 2017-08-14 12:23:26 +09:30
Daijiro Wachi 75b4a45968 Use `localhost` instead of `::` for local 2017-06-15 22:29:37 +02:00
Flavien DAVID 981bd309fc
Add new event "remoteMethodAdded"
Emit a new method "remoteMethodAdded" whenever a new method is added,
typically when `Model.remoteMethod` or `Model.nestRemoting` is called.

The method is emitted both by the Model affected and the application
object.
2017-03-31 15:32:19 +02:00
Miroslav Bajtoš 79f441b9c4
Verify User and AccessToken relations at startup
Modify `app.enableAuth()` to verify that (custom) User and AccessToken
models have correctly configured their hasMany/belongsTo relations
and print a warning otherwise.
2017-03-03 10:18:58 +01:00
ebarault 94c786f2f7 Fix connector naming in strict mode
In strict mode, creating properties on strings is not allowed.
As a result, creating a new datasource fails with the following
error:

    TypeError: Cannot create data source "db":
    Cannot create property 'name' on string 'mongodb'

In this commit, we fix the code to assign the connector name only
if the connector is an object (not a string).

Add "returnOnlyRoleNames" option to Role.getRoles

Currently the return type of Role.getRoles() method is inconsistent:
role names are returned for smart roles and role ids are returned for
static roles (configured through user-role mapping).

This commit adds a new option to Role.getRoles() allowing the caller
to request role names to be returned for all types of roles.
2016-11-30 14:08:28 -05:00
Loay 06cb481c3f Update eslint to loopback config v5
Notable side-effects:
 - loopback no longer exports "caller" and "arguments" properties
 - kv-memory connector is now properly added to the connector registry
 - the file "test/support.js" was finally removed
2016-11-22 14:08:02 +01:00
Candy 640f3a8ca7 Update globalization structure 2016-09-22 11:58:00 +02:00
Miroslav Bajtoš 6e1defcb18 Use strong-remoting's new TypeRegistry 2016-09-09 10:01:29 +02:00
Miroslav Bajtoš 32bdeccebf app.enableAuth: correctly detect attached models
Fix a typo in "app.enableAuth" that caused the method to not detect
the situation when e.g. the built-in User model is already attached
to a datasource.
2016-09-09 09:02:41 +02:00
gunjpan 832e2c391c Discard sugar method for model creation
Current implementation of `app.model(modelName, settings)`
works as a sugar for model creation. In 3.0, this is
not supported anymore. This implementation reports an
error when sugar is used for model creation.
Includes:
 - Updated app.model() method
 - Fixed test cases reflecting the change
2016-09-07 10:40:23 +02:00
Subramanian Krishnan 40f0690573 Make the app instance available to connectors 2016-08-29 15:15:53 +02:00
Candy 3239942ff1 Update globalization 2016-08-04 17:35:21 -04:00
Candy b52a7217a9 Add globalization 2016-08-04 15:08:16 -04:00
Ryan Graham 6964914bab
update copyright statements 2016-05-03 15:50:21 -07:00
Miroslav Bajtoš 4d7154a31a app: send port:0 instead of port:undefined
Node v6 no longer supports port:undefined, this commit is fixing
app.listen() to correctly send port:0 when no port is specified.
2016-05-03 16:20:07 +02:00
Simon Ho d16c789638 Fixes for emit `remoteMethodDisabled` PR
See https://github.com/strongloop/loopback/pull/2266#issuecomment-215689358
2016-04-29 16:42:13 -07:00
Supasate Choochaisri 0ca24389b2 Add new feature to emit a `remoteMethodDisabled` event when disabling a remote method.
Signed-off-by: Supasate Choochaisri <supasate.c@gmail.com>
2016-04-28 09:03:54 +07:00
Miroslav Bajtoš f9702b0ace Use eslint with loopback config
Drop jshint and jscs in favour of eslint.

Fix style violations.

While we are at this, reduce the max line length from 150 to 100.
2016-04-06 10:45:30 +02:00
Miroslav Bajtoš 93d487ffc0 Improve error message on connector init error 2016-02-26 14:46:26 +01:00
Sam Roberts b9acace932 application: correct spelling of "cannont" 2016-02-18 20:36:07 -08:00
Rand McKinney 32085475ed Fix typo in doc comment 2015-10-21 13:47:36 -07:00
Simon Ho 26af1472e7 Check configs for shared method settings 2015-09-28 16:27:48 -07:00
Miroslav Bajtoš 3115e5055f Auto-configure models required by `app.enableAuth`
Modify `app.enableAuth` to automaticaly setup all required models
that are not attached to the app nor a datasource.

Users wishing to use this option must provide the name of the
data-source to use for these models.

Example usage:

    var app = loopback();
    app.dataSource('db', { connector: 'memory' });
    app.enableAuth({ dataSource: 'db' });

    app.use(loopback.rest());
    app.listen(3000);
2015-06-01 12:19:28 +02:00
Ritchie Martori 805e0e0c1c Merge pull request #1370 from strongloop/fix/check-access-ordering
Use the new remoting.authorization hook for check access
2015-05-12 16:06:47 -07:00
Ritchie Martori 9cde2a45be Use the new remoting.authorization hook for check access 2015-05-12 15:33:05 -07:00
Miroslav Bajtoš f93b69ed0a Define remote methods via model settings/config
Process `settings.methods` and `config.methods` as a key-value map
where the key is the method name and the value is an object describing
the method in the format expected by strong-remoting.

Example: a static method `Model.create`

    "methods": {
      "create": {
        "isStatic": true,
        "accepts": {
           "arg": "data", "type": "Car",
           "http": { "source": "body" }
        },
        "returns": { "arg": "data", "type": "Car", "root": true }
      }
    }

This patch is based on the code proposed by @mrfelton in #1163.
2015-05-07 07:42:08 +02:00
Ritchie Martori b9170751bc Add support for app level Model isolation
- `loopback.registry` is now a true global registry
 - `app.registry` is unique per app object
 - `Model.registry` is set when a Model is created using any registry method
 - `loopback.localRegistry` and `loopback({localRegistry: true})` when set to `true` this will create a `Registry` per `Application`. It defaults to `false`.
2015-04-03 11:48:45 -07:00
Miroslav Bajtoš 7528cbb712 Import subset of underscore.string scripts only
Require individual methods like `classify` instead of the whole module.
This reduces the size of the browser bundle from ~27kb down to ~2kb.
2015-03-25 14:02:16 +01:00
Miroslav Bajtoš a77b3bbac7 Remove usages of deprecated `req.param()`
Express has recently deprecated `req.param()` to force developers
to be explicit about the source of the value. To avoid deprecation
warnings, this commit replaces all calls of `req.param()` with a
simplified inline version.
2015-01-21 19:27:53 +01:00
Ron Edgecomb a028d9d198 Add error code property to known error responses.
Enhance the error objects with a `code` property containing
a machine-readable string code describing the error, for example
INVALID_TOKEN or USER_NOT_FOUND.

Also improve 404 error messages to include the model name.
2015-01-21 19:04:47 +01:00
Ryan Graham 7c0b2e83eb Remove unused underscore dependency 2014-12-02 21:53:30 -08:00
Miroslav Bajtoš 48d4ed28d3 Coding style cleanup (Gruntfile, lib)
- Gruntfile: add `jshint` and `jscs` as deps of `grunt test`
 - Gruntfile: temporarily disable checks of `test` scripts
 - .jscsrc: relax jsdoc validation
 - .jshintrc: relax the rule for property access via dot notation
 - lib: fix remaining style issues
2014-11-04 08:25:35 +01:00
Rob Halff 33096dafa7 Enable jscs for `lib`, fix style violations 2014-11-04 08:25:33 +01:00
Rob Halff b54c70c348 Use === to compare with 0 2014-10-22 18:47:53 +02:00
Rob Halff 4ebf10ae0d add missing semicolons 2014-10-22 18:47:52 +02:00
Fabien Franzen 568c8662b4 Support per-model and per-handler remoting options
Allow the developer to pass custom `remoting` options via Model
settings, e.g.

    PersistedModel.extend(
      'MyModel',
      { name: String },
      {
        remoting: { normalizeHttpPath: true }
      });

Also add `options` arg to `app.handler`, this object is passed directly
to strong-remoting handler.
2014-10-22 09:54:15 +02:00
Miroslav Bajtoš 80020eb273 lib/application: improve URL building algo
When running on Unix and no hostname is specified, use `0.0.0.0`
as the hostname instead of `localhost`.

When running on Windows and the hostname is either not specified or
it is `0.0.0.0` or `::`, use `localhost` in the URL. The reason is
that Windows cannot open URLs using `0.0.0.0` as a hostname.
2014-10-20 13:47:24 +02:00
crandmck 2f4a54d93c Clean up jsdoc comments
Add class properties, expose some methods that should have
been documented, etc.
2014-10-15 09:42:24 +02:00
Ritchie Martori 7dde6466e5 Only validate dataSource when defined (Fixes #482) 2014-08-26 17:49:15 +02:00
Miroslav Bajtoš d93b6127c4 Remove `req.resume` from `app.enableAuth`
Remove `req.pause` and `req.resume` from `app.enableAuth`
 - they are no longer needed, the request starts paused and there is
   no other middleware that would resume it before us.
 - when we resume the request after authentication, we force all
   other async operations (like sharedCtor) to call pause & resume too,
   otherwise data are lost
2014-08-12 13:57:45 +02:00
Raymond Feng 9fb0977433 Pass in remotingContext for ACL
See https://github.com/strongloop/loopback/issues/451
2014-08-07 22:19:27 -07:00