Nominating Presidential Muppets

    allowed-fields
    TypeScript icon, indicating that this package has built-in type declarations

    0.3.8 • Public • Published

    allowed-fields

    Description

    This module lets developer define white listed and black listed database fields and provides a function to check whether given field is allowed.

    Synopsis

    TypeScript

    import AllowedFields, { Fields } from "allowed-fields";

    JavaScript

    const AllowedFields = require("allowed-fields");
    const fields = new AllowedFields({
      whiteList: { "": "color", member: "*", company: "*", manager: ["name"] },
      blackList: { member: ["salary"] },
    });
     
    // Field may be provided with single string as ('table.field').
    fields.isAllowed("color"); // true  (color is allowed without relation name)
    fields.isAllowed("member.name"); // true  (All fields (*) of member except 'salary' is allowed)
    fields.isAllowed("manager.name"); // true  (It is in white list)
    fields.isAllowed("member.salary"); // false (It is in black list)
    fields.isAllowed("zoo.name"); // false (It is not in white list)
    fields.isAllowed("member.*"); // false (Member salary is black listed. All fields (*) except salary are allowed)
    fields.isAllowed("company.*"); // true  (All fields (*) of company is in white list)
     
    // Field may be provided with two parameters as ('field', 'table')
    fields.isAllowed("name", "member"); // true;
    fields.isAllowed("salary", "member"); // false;

    Details

    This module is a utility for checking whether given fields are allowed according to simple blacklist and whitelist rules.

    Blacklist and whitelist are provided using object. Keys are relation (table) names, values are field names. To allow every field in a table *

    API

    Classes

    AllowedFields

    Class which validates database fields using white list and black list.

    Typedefs

    Fields : Object.<string, (string|Array.<string>)>

    Relation fields. Keys are relation (table) names, values are fields. Fields can be provided as string or array of strings. ie. field, entity.field or entity.. entity. covers all fields in that relation.

    Interfaces

    AllowedFieldsConfig

    Aloowed fields sonfiguration.

    AllowedFieldsConfig

    Aloowed fields sonfiguration.

    Kind: global interface
    Properties

    Name Type Description
    [whiteList] Fields

    List of allowed identifiers (entities and fields) to be used in query.

    [blackList] Fields

    List of identifiers which are prohibited to use in query.

    AllowedFields

    Class which validates database fields using white list and black list.

    Kind: global class

    new AllowedFields([config])

    Creates object.

    Param Type Description
    [config] Object

    Configuration

    [config.whiteList] Fields

    List of allowed identifiers (entities and fields) to be used in query.

    [config.blackList] Fields

    List of identifiers which are prohibited to use in query.

    allowedFields.isAllowed(fieldName, [relationName]) ⇒ boolean

    Returns whether given field/relation combination is an allowed field according to given rules. Field name can be provided in single parameter or two parameters: i.e ('name', 'member') or ('member.name').

    Kind: instance method of AllowedFields
    Returns: boolean -

    • Whether field is valid.
    • Param Type Default Description
      fieldName string

      Field name to test. i.e 'name'. Also it may contain field name such as 'member.name'

      [relationName] string "''"

      Relation name which field belongs to.

      Example

      allowedFields.isAllowed("member.name"); // Table and field as a single string.
      allowedFields.isAllowed("name", "member"); // Field, Table.

      Fields : Object.<string, (string|Array.<string>)>

      Relation fields. Keys are relation (table) names, values are fields. Fields can be provided as string or array of strings. ie. field, entity.field or entity.*. entity.* covers all fields in that relation.

      Kind: global typedef
      Example

      const fields = {
        "": "name", // Field name without table.
        person: "name", // Single field from `person` table.
        cart: ["name", "color"], // Some fields from `cart` table.
        report: "*", // All fields from `report` table.
      };

      Install

      npm i allowed-fields

      DownloadsWeekly Downloads

      19

      Version

      0.3.8

      License

      MIT

      Unpacked Size

      29.5 kB

      Total Files

      20

      Last publish

      Collaborators

      • ozum