marklogic-community / grove-node Goto Github PK

I think in search.js when trying to parse the response the middle tier crashes:
backend.call(req, reqOptions, function(backendResponse, data) { var json = JSON.parse(data.toString());

What's the best way to handle this?

Any reason to stick with chai/mocha?

• check and resolve pending PR's
• import from internal bitbucket to github
• add deprecation message to bitbucket
• migrate unresolved PR's
• prune unnecessary branches
• fix README, package*, NOTICE/LICENSE
• publish under @marklogic-community

https://stackoverflow.com/questions/31673587/error-unable-to-verify-the-first-certificate-in-nodejs

This needs attention..

options.js:

middleTierCA: {
variable: 'GROVE_MIDDLETIER_CA'
},

node-server.js:

  if (options.middleTierCA) {
    credentials.ca = fs.readFileSync(options.middleTierCA, 'utf8');
  }

Running npm run test results in failures, from the crud.test.js file.

e.g.:

1. defaultCrudRoute
   with CRUD server
   allows config of default view transform:
   Error: Timeout of 2000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/grove-node/test/grove-default-routes/crud.test.js)
   at listOnTimeout (internal/timers.js:537:17)
   at processTimers (internal/timers.js:481:7)

backend.js (around line 65):
// front-end may be using a hostname different from the ML host's hostname
// use options.mlHost because ML doesn't like it when the Host header is different from its domain (and rightfully so)
backendOptions.headers.host = options.mlHost;

preserve ml cookie (in session) if a set-cookie comes back from login call, and apply in backend with every subsequent call.

When setting up a grove server to use SSL we were only to find documentation detailing the GROVE_ENABLE_HTTPS_IN_MIDDLETIER, GROVE_MIDDLETIER_SSLCERT, and GROVE_MIDDLETIER_SSLKEY variables in an internal bitbucket repo. The documentation is out of date and suggests to point the SSLCERT variable at a .csr file, rather than the .crt file grove is actually expecting.

I've been trying to get a grove-based application to use SAML and have run into difficulties. The MarkLogic Node.js Client API can handle SAML, but Grove doesn't use that. auth-helper.js relies on www-authenticate, but it looks like that library doesn't support SAML.

Is there any documentation or an example somewhere that could help with this?

backend.js:

var params = ['database=' + options.mlTargetDbName];

Adding a check if that option exists might be wise..

For instance if you have an 'all.xml', but also more specific options, and you want to prevent accidental creation of content via /api/crud/all/..

Sorry if I have misused the issue tracker for such a question. But I am hoping I will get a more targeted answer here than Stack Overflow. Thanks!

I remember auth-helper unnecessarily trips in a silly way if server is in app-level mode. Verify and fix if possible.

We often recommend PM2. Installation on linux is fairly straight-forward:

https://github.com/marklogic-community/slush-marklogic-node/blob/master/app/templates/INSTALL.mdown

For windows it requires more work:

https://stackoverflow.com/questions/42758985/windows-auto-start-pm2-and-node-apps

Following on to #28, add the default view for search in a similar manner.

Default search route now relies on combined query to pick facets, results or both, but it is much easier to send an 'view' flag instead.

login consumes data and end events, but should check if req.body exists before doing so. Someone could have changed routing to add body-parsing at top-level..

JSON.parse failure causes the middle-tier to crash. Should never happen. search.js for instance

GitHub reported a possible security problem.

Any facet type starting with xs: should be interpreted as a range type, and as such allow an operator. Code currently doesn't recognize it properly, and defaults into EQ..