diff --git a/back/model-config.json b/back/model-config.json index 13c06ef54d..cb9ee4fdb8 100644 --- a/back/model-config.json +++ b/back/model-config.json @@ -118,6 +118,9 @@ "NotificationSubscription": { "dataSource": "vn" }, + "OrmConfig": { + "dataSource": "vn" + }, "Province": { "dataSource": "vn" }, diff --git a/back/models/ormConfig.json b/back/models/ormConfig.json new file mode 100644 index 0000000000..ef4c2b181f --- /dev/null +++ b/back/models/ormConfig.json @@ -0,0 +1,26 @@ +{ + "name": "OrmConfig", + "base": "VnModel", + "options": { + "mysql": { + "table": "ormConfig" + } + }, + "properties": { + "id": { + "type": "number", + "id": true + }, + "selectLimit": { + "type": "number" + } + }, + "acls": [ + { + "accessType": "*", + "principalType": "ROLE", + "principalId": "$authenticated", + "permission": "ALLOW" + } + ] +} \ No newline at end of file diff --git a/db/versions/11175-pinkChico/00-firstScript.sql b/db/versions/11175-pinkChico/00-firstScript.sql new file mode 100644 index 0000000000..349f4c7f73 --- /dev/null +++ b/db/versions/11175-pinkChico/00-firstScript.sql @@ -0,0 +1,8 @@ +USE vn; + +CREATE TABLE IF NOT EXISTS ormConfig ( + id int(5) NOT NULL AUTO_INCREMENT primary key, + selectLimit int(5) NOT NULL +); + +INSERT IGNORE INTO ormConfig SET selectLimit = 1000; \ No newline at end of file diff --git a/loopback/common/models/vn-model.js b/loopback/common/models/vn-model.js index 22b535f629..a11bed11de 100644 --- a/loopback/common/models/vn-model.js +++ b/loopback/common/models/vn-model.js @@ -13,7 +13,6 @@ module.exports = function(Self) { Object.assign(Self, { setup() { Self.super_.setup.call(this); - /** * Setting a global transaction timeout to find out if the service * is blocked because the connection pool is empty. @@ -28,6 +27,26 @@ module.exports = function(Self) { }; }); + this.beforeRemote('**', async ctx => { + if (!this.hasFilter(ctx)) return; + + const defaultLimit = this.app.orm.selectLimit; + const filter = ctx.args.filter || {limit: defaultLimit}; + + if (filter.limit > defaultLimit) { + filter.limit = defaultLimit; + ctx.args.filter = filter; + } + }); + + this.afterRemote('**', async ctx => { + if (!this.hasFilter(ctx)) return; + + const {result} = ctx; + const length = Array.isArray(result) ? result.length : result ? 1 : 0; + if (length >= this.app.orm.selectLimit) throw new UserError('Too many records'); + }); + // Register field ACL validation /* this.beforeRemote('prototype.patchAttributes', ctx => this.checkUpdateAcls(ctx)); @@ -327,6 +346,12 @@ module.exports = function(Self) { checkInsertAcls(ctx) { return this.checkAcls(ctx, 'insert'); + }, + + hasFilter(ctx) { + return ctx.req.method.toUpperCase() === 'GET' && + ctx.method.accepts.some(x => x.arg === 'filter' && x.type.toLowerCase() === 'object'); } + }); }; diff --git a/loopback/locale/es.json b/loopback/locale/es.json index e1f7fd6557..377691ae61 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -369,5 +369,6 @@ "Cannot send mail": "Não é possível enviar o email", "CONSTRAINT `supplierAccountTooShort` failed for `vn`.`supplier`": "La cuenta debe tener exactamente 10 dígitos", "The sale not exists in the item shelving": "La venta no existe en la estantería del artículo", - "The entry not have stickers": "La entrada no tiene etiquetas" + "The entry not have stickers": "La entrada no tiene etiquetas", + "Too many records": "Demasiados registros" } \ No newline at end of file diff --git a/loopback/server/boot/orm.js b/loopback/server/boot/orm.js new file mode 100644 index 0000000000..8bbd969e1f --- /dev/null +++ b/loopback/server/boot/orm.js @@ -0,0 +1,6 @@ +module.exports = async function(app) { + if (!app.orm) { + const ormConfig = await app.models.OrmConfig.findOne(); + app.orm = ormConfig; + } +};