Notes/src/etapi/etapi_utils.ts

import cls = require('../services/cls');
import sql = require('../services/sql');
import log = require('../services/log');
import becca = require('../becca/becca');
import etapiTokenService = require('../services/etapi_tokens');
import config = require('../services/config');
import { NextFunction, Request, RequestHandler, Response, Router } from 'express';
const GENERIC_CODE = "GENERIC";

type HttpMethod = "all" | "get" | "post" | "put" | "delete" | "patch" | "options" | "head";

const noAuthentication = config.General && config.General.noAuthentication === true;

class EtapiError extends Error {
    statusCode: number;
    code: string;

    constructor(statusCode: number, code: string, message: string) {
        super();

        this.statusCode = statusCode;
        this.code = code;
        this.message = message;
    }
}

function sendError(res: Response, statusCode: number, code: string, message: string) {
    return res
        .set('Content-Type', 'application/json')
        .status(statusCode)
        .send(JSON.stringify({
            "status": statusCode,
            "code": code,
            "message": message
        }));
}

function checkEtapiAuth(req: Request, res: Response, next: NextFunction) {
    if (noAuthentication || etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
        next();
    }
    else {
        sendError(res, 401, "NOT_AUTHENTICATED", "Not authenticated");
    }
}

function processRequest(req: Request, res: Response, routeHandler: RequestHandler, next: NextFunction, method: string, path: string) {
    try {
        cls.namespace.bindEmitter(req);
        cls.namespace.bindEmitter(res);

        cls.init(() => {
            cls.set('componentId', "etapi");
            cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);

            const cb = () => routeHandler(req, res, next);

            return sql.transactional(cb);
        });
    } catch (e: any) {
        log.error(`${method} ${path} threw exception ${e.message} with stacktrace: ${e.stack}`);

        if (e instanceof EtapiError) {
            sendError(res, e.statusCode, e.code, e.message);
        } else {
            sendError(res, 500, GENERIC_CODE, e.message);
        }
    }
}

function route(router: Router, method: HttpMethod, path: string, routeHandler: RequestHandler) {
    router[method](path, checkEtapiAuth, (req: Request, res: Response, next: NextFunction) => processRequest(req, res, routeHandler, next, method, path));
}

function NOT_AUTHENTICATED_ROUTE(router: Router, method: HttpMethod, path: string, middleware: RequestHandler[], routeHandler: RequestHandler) {
    router[method](path, ...middleware, (req: Request, res: Response, next: NextFunction) => processRequest(req, res, routeHandler, next, method, path));
}

function getAndCheckNote(noteId: string) {
    const note = becca.getNote(noteId);

    if (note) {
        return note;
    }
    else {
        throw new EtapiError(404, "NOTE_NOT_FOUND", `Note '${noteId}' not found.`);
    }
}

function getAndCheckAttachment(attachmentId: string) {
    const attachment = becca.getAttachment(attachmentId, {includeContentLength: true});

    if (attachment) {
        return attachment;
    }
    else {
        throw new EtapiError(404, "ATTACHMENT_NOT_FOUND", `Attachment '${attachmentId}' not found.`);
    }
}

function getAndCheckBranch(branchId: string) {
    const branch = becca.getBranch(branchId);

    if (branch) {
        return branch;
    }
    else {
        throw new EtapiError(404, "BRANCH_NOT_FOUND", `Branch '${branchId}' not found.`);
    }
}

function getAndCheckAttribute(attributeId: string) {
    const attribute = becca.getAttribute(attributeId);

    if (attribute) {
        return attribute;
    }
    else {
        throw new EtapiError(404, "ATTRIBUTE_NOT_FOUND", `Attribute '${attributeId}' not found.`);
    }
}

function validateAndPatch(target: any, source: any, allowedProperties: ValidatorMap) {
    for (const key of Object.keys(source)) {
        if (!(key in allowedProperties)) {
            throw new EtapiError(400, "PROPERTY_NOT_ALLOWED", `Property '${key}' is not allowed for this method.`);
        }
        else {
            for (const validator of allowedProperties[key]) {
                const validationResult = validator(source[key]);

                if (validationResult) {
                    throw new EtapiError(400, "PROPERTY_VALIDATION_ERROR", `Validation failed on property '${key}': ${validationResult}.`);
                }
            }
        }
    }

    // validation passed, let's patch
    for (const propName of Object.keys(source)) {
        target[propName] = source[propName];
    }
}

export = {
    EtapiError,
    sendError,
    route,
    NOT_AUTHENTICATED_ROUTE,
    GENERIC_CODE,
    validateAndPatch,
    getAndCheckNote,
    getAndCheckBranch,
    getAndCheckAttribute,
    getAndCheckAttachment
}
server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`import cls = require('../services/cls');`
			`import sql = require('../services/sql');`
			`import log = require('../services/log');`
			`import becca = require('../becca/becca');`
			`import etapiTokenService = require('../services/etapi_tokens');`
			`import config = require('../services/config');`
			`import { NextFunction, Request, RequestHandler, Response, Router } from 'express';`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`const GENERIC_CODE = "GENERIC";`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`type HttpMethod = "all" \| "get" \| "post" \| "put" \| "delete" \| "patch" \| "options" \| "head";`

ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`const noAuthentication = config.General && config.General.noAuthentication === true;`

ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`class EtapiError extends Error {`
server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`statusCode: number;`
			`code: string;`

			`constructor(statusCode: number, code: string, message: string) {`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`super();`
generate anonymization script into a file 2022-01-17 23:47:26 +01:00
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`this.statusCode = statusCode;`
			`this.code = code;`
			`this.message = message;`
			`}`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function sendError(res: Response, statusCode: number, code: string, message: string) {`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`return res`
			`.set('Content-Type', 'application/json')`
			`.status(statusCode)`
			`.send(JSON.stringify({`
			`"status": statusCode,`
			`"code": code,`
			`"message": message`
			`}));`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function checkEtapiAuth(req: Request, res: Response, next: NextFunction) {`
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`if (noAuthentication \|\| etapiTokenService.isValidAuthHeader(req.headers.authorization)) {`
			`next();`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`else {`
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`sendError(res, 401, "NOT_AUTHENTICATED", "Not authenticated");`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function processRequest(req: Request, res: Response, routeHandler: RequestHandler, next: NextFunction, method: string, path: string) {`
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`try {`
			`cls.namespace.bindEmitter(req);`
			`cls.namespace.bindEmitter(res);`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`cls.init(() => {`
			`cls.set('componentId', "etapi");`
			`cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`const cb = () => routeHandler(req, res, next);`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`return sql.transactional(cb);`
			`});`
server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`} catch (e: any) {`
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			log.error(`${method} ${path} threw exception ${e.message} with stacktrace: ${e.stack}`);

			`if (e instanceof EtapiError) {`
			`sendError(res, e.statusCode, e.code, e.message);`
			`} else {`
			`sendError(res, 500, GENERIC_CODE, e.message);`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`}`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function route(router: Router, method: HttpMethod, path: string, routeHandler: RequestHandler) {`
			`router[method](path, checkEtapiAuth, (req: Request, res: Response, next: NextFunction) => processRequest(req, res, routeHandler, next, method, path));`
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function NOT_AUTHENTICATED_ROUTE(router: Router, method: HttpMethod, path: string, middleware: RequestHandler[], routeHandler: RequestHandler) {`
			`router[method](path, ...middleware, (req: Request, res: Response, next: NextFunction) => processRequest(req, res, routeHandler, next, method, path));`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function getAndCheckNote(noteId: string) {`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`const note = becca.getNote(noteId);`
generate anonymization script into a file 2022-01-17 23:47:26 +01:00
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`if (note) {`
			`return note;`
			`}`
			`else {`
attachment ETAPI support WIP 2023-06-05 09:23:42 +02:00			throw new EtapiError(404, "NOTE_NOT_FOUND", `Note '${noteId}' not found.`);
			`}`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function getAndCheckAttachment(attachmentId: string) {`
attachment ETAPI support WIP 2023-06-05 09:23:42 +02:00			`const attachment = becca.getAttachment(attachmentId, {includeContentLength: true});`

			`if (attachment) {`
			`return attachment;`
			`}`
			`else {`
			throw new EtapiError(404, "ATTACHMENT_NOT_FOUND", `Attachment '${attachmentId}' not found.`);
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function getAndCheckBranch(branchId: string) {`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`const branch = becca.getBranch(branchId);`

			`if (branch) {`
			`return branch;`
			`}`
			`else {`
attachment ETAPI support WIP 2023-06-05 09:23:42 +02:00			throw new EtapiError(404, "BRANCH_NOT_FOUND", `Branch '${branchId}' not found.`);
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`function getAndCheckAttribute(attributeId: string) {`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`const attribute = becca.getAttribute(attributeId);`

			`if (attribute) {`
			`return attribute;`
			`}`
			`else {`
attachment ETAPI support WIP 2023-06-05 09:23:42 +02:00			throw new EtapiError(404, "ATTRIBUTE_NOT_FOUND", `Attribute '${attributeId}' not found.`);
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`}`

server-ts: Convert etapi/attachments 2024-04-07 15:13:34 +03:00			`function validateAndPatch(target: any, source: any, allowedProperties: ValidatorMap) {`
etapi improvements and more tests 2022-01-12 19:32:23 +01:00			`for (const key of Object.keys(source)) {`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`if (!(key in allowedProperties)) {`
etapi fix misleading error message 2022-07-10 22:09:13 +02:00			throw new EtapiError(400, "PROPERTY_NOT_ALLOWED", `Property '${key}' is not allowed for this method.`);
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`else {`
etapi improvements and more tests 2022-01-12 19:32:23 +01:00			`for (const validator of allowedProperties[key]) {`
			`const validationResult = validator(source[key]);`

			`if (validationResult) {`
attachment ETAPI support WIP 2023-06-05 09:23:42 +02:00			throw new EtapiError(400, "PROPERTY_VALIDATION_ERROR", `Validation failed on property '${key}': ${validationResult}.`);
etapi improvements and more tests 2022-01-12 19:32:23 +01:00			`}`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`}`
			`}`
generate anonymization script into a file 2022-01-17 23:47:26 +01:00
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`// validation passed, let's patch`
etapi improvements and more tests 2022-01-12 19:32:23 +01:00			`for (const propName of Object.keys(source)) {`
			`target[propName] = source[propName];`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`}`
			`}`

server-ts: Convert etapi/etapi_utils 2024-04-07 14:54:01 +03:00			`export = {`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`EtapiError,`
			`sendError,`
			`route,`
ETAPI auth, spec improvements etc. 2022-01-10 17:09:20 +01:00			`NOT_AUTHENTICATED_ROUTE,`
ETAPI delete/patch, refactoring 2022-01-07 19:33:59 +01:00			`GENERIC_CODE,`
			`validateAndPatch,`
			`getAndCheckNote,`
			`getAndCheckBranch,`
attachment ETAPI support WIP 2023-06-05 09:23:42 +02:00			`getAndCheckAttribute,`
			`getAndCheckAttachment`
add memberId to entity_changes to avoid having to resend all changes second time 2022-01-09 20:16:39 +01:00			`}`