back/model-config.json

@@ -118,6 +118,9 @@
     "NotificationSubscription": {
         "dataSource": "vn"
     },
+    "OrmConfig": {
+        "dataSource": "vn"
+    },
     "Province": {
         "dataSource": "vn"
     },

back/models/ormConfig.json

@@ -0,0 +1,26 @@
+{
+    "name": "OrmConfig",
+    "base": "VnModel",
+    "options": {
+        "mysql": {
+            "table": "ormConfig"
+        }
+    },
+    "properties": {
+        "id": {
+            "type": "number",
+            "id": true
+        },
+        "selectLimit": {
+            "type": "number"
+        }
+    },
+    "acls": [
+        {
+            "accessType": "*",
+            "principalType": "ROLE",
+            "principalId": "$authenticated",
+            "permission": "ALLOW"
+        }
+    ]
+}

db/versions/11175-pinkChico/00-firstScript.sql

@@ -0,0 +1,8 @@
+USE vn;
+
+CREATE TABLE IF NOT EXISTS ormConfig (
+  id int(5) NOT NULL AUTO_INCREMENT primary key,
+  selectLimit int(5) NOT NULL
+);
+
+INSERT IGNORE INTO ormConfig SET selectLimit = 1000;

loopback/common/models/vn-model.js

@@ -13,7 +13,6 @@ module.exports = function(Self) {
     Object.assign(Self, {
         setup() {
             Self.super_.setup.call(this);
-
             /**
              * Setting a global transaction timeout to find out if the service
              * is blocked because the connection pool is empty.
@@ -28,6 +27,26 @@ module.exports = function(Self) {
                 };
             });
 
+            this.beforeRemote('**', async ctx => {
+                if (!this.hasFilter(ctx)) return;
+
+                const defaultLimit = this.app.orm.selectLimit;
+                const filter = ctx.args.filter || {limit: defaultLimit};
+
+                if (filter.limit > defaultLimit) {
+                    filter.limit = defaultLimit;
+                    ctx.args.filter = filter;
+                }
+            });
+
+            this.afterRemote('**', async ctx => {
+                if (!this.hasFilter(ctx)) return;
+
+                const {result} = ctx;
+                const length = Array.isArray(result) ? result.length : result ? 1 : 0;
+                if (length >= this.app.orm.selectLimit) throw new UserError('Too many records');
+            });
+
             // Register field ACL validation
             /*
             this.beforeRemote('prototype.patchAttributes', ctx => this.checkUpdateAcls(ctx));
@@ -327,6 +346,12 @@ module.exports = function(Self) {
 
         checkInsertAcls(ctx) {
             return this.checkAcls(ctx, 'insert');
+        },
+
+        hasFilter(ctx) {
+            return ctx.req.method.toUpperCase() === 'GET' &&
+            ctx.method.accepts.some(x => x.arg === 'filter' && x.type.toLowerCase() === 'object');
         }
+
     });
 };

loopback/locale/es.json

@@ -369,5 +369,6 @@
 	"Cannot send mail": "Não é possível enviar o email",
 	"CONSTRAINT `supplierAccountTooShort` failed for `vn`.`supplier`": "La cuenta debe tener exactamente 10 dígitos",
 	"The sale not exists in the item shelving": "La venta no existe en la estantería del artículo",
-	"The entry not have stickers": "La entrada no tiene etiquetas"
+	"The entry not have stickers": "La entrada no tiene etiquetas",
+	"Too many records": "Demasiados registros"
 }

loopback/server/boot/orm.js

@@ -0,0 +1,6 @@
+module.exports = async function(app) {
+    if (!app.orm) {
+        const ormConfig = await app.models.OrmConfig.findOne();
+        app.orm = ormConfig;
+    }
+};