feat(schema): Initial version of schema definitions and resolvers by daffl · Pull Request #2441 · feathersjs/feathers

daffl · 2021-08-30T23:59:39Z

This pull request implements the first version of @feathersjs/schema as discussed in #2312. It features schema definitions based on JSON schema with static TypeScript type inference as well as a dynamic resolver system. Specifically:

Schemas are used for data type definitions and simple (synchronous) validations
Resolvers are used for modifying data based on the context like
- Populating associations
- Securing queries and e.g. limiting requests to a user
- Removing protected properties for external requests or users without the right permissions
- Hashing passwords and validating dynamic password policies etc.

There may be further iterations necessary but I'm planning on including it in the next pre-release because it is required for further CLI work (done in #2425).

Here is an example for a user schema definition and resolvers with protected passwords and query limitations (non-admins can only see and change their own data):

import {
  schema, resolve, Infer, resolveResult,
  propertyQuery, validateQuery, resolveQuery
} from '@feathersjs/schema';

export const userSchema = schema({
  type: 'object',
  additionalProperties: false,
  required: ['email', 'password'],
  properties: {
    id: { type: 'number' },
    email: { type: 'string' },
    password: { type: 'string' }
  }
} as const);

export type User = Infer<typeof userSchema>;

export const userDataResolver = resolve<User, HookContext<Application>>({
  properties: {
    password: async (value) => {
      // Return a hashed version of the password before storing it in the database
      return bcrypt(value);
    }
  }
});

export const userResultResolver = resolve<User, HookContext<Application>>({
  properties: {
    password: async (value, _user, context) => {
      // Do not return the password for external requests
      return context.params.provider ? undefined : value;
    }
  }
});

export const userQuerySchema = schema({
  type: 'object',
  additionalProperties: false,
  properties: {
    $limit: {
      type: 'number',
      minimum: 0,
      maximum: 100
    },
    $skip: {
      type: 'number'
    },
    // This will allow all of the Feathers query syntax
    id: propertyQuery({
      type: 'number'
    })
  }
} as const);

export type UserQuery = Infer<typeof userQuerySchema>;

export const userQueryResolver = resolve<User, HookContext<Application>>({
  properties: {
    id: async (value, _user, context) => {
      // Non admins can only query and modify their own data
      if(context.params?.user && context.params.user.role !== 'admin') {
        return context.params.user.id;
      }

      return value;
    }
  }
});

app.service('users').hooks([
  validateQuery(userQuerySchema),
  resolveQuery(userQueryResolver),
  resolveResult(userResultResolver
]);

deskoh · 2021-09-21T00:40:13Z

@daffl Is it possible to allow a singleton ajv instance to be configured? Custom AJV instance would be useful for options like removeAdditional and can be used for data sanitization (e.g. const sanitizedData = myschema.validate(data)).

daffl · 2022-01-12T18:03:34Z

@deskoh Passing a custom AJV instance is not possible and documented in https://dove.docs.feathersjs.com/api/schema/schema.html#options

6880

daffl added 9 commits April 3, 2021 16:04

Initial setup for Feathers schema

07381ff

Some initial doodling

f05c15e

Merge with latest Dove

27e38ac

Fix prototype of @feathersjs/schema

15dc6a9

Merge with latest dove

ce34749

Finally a clean cut working

850107e

Further improvements on working schema system

5c81600

Finalizing first cut

04d1f57

Add missing query.ts

70777be

daffl marked this pull request as ready for review September 5, 2021 01:07

daffl added 2 commits September 4, 2021 18:58

Improve code coverage

c6d5313

Further code coverage improvement

9136e05

daffl merged commit c57a5cd into dove Sep 15, 2021

daffl deleted the schema branch September 15, 2021 04:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat(schema): Initial version of schema definitions and resolvers#2441

feat(schema): Initial version of schema definitions and resolvers#2441
daffl merged 11 commits intodovefrom
schema

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants