saintedlama / restify-mongoose Goto Github PK

My suggestion is to remove the parseCommaParam function because the benefit is greater to use the population function like populate({ path: 'author', select: 'name' })...

Band.
  find({}).
  populate({ path: 'members', select: 'name' }).
  exec(function(error, bands) {
    // Won't work, foreign field `band` is not selected in the projection
  });

Source https://mongoosejs.com/docs/populate.html

@saintedlama Can you please do NPM release of v0.2.6. I have done all preparation in GitHub, but I dont have access to the NPM package to do the release in NPM.

The test for 'should create note' test for 'serve' is using the wrong URL:

It is posting to /notes when it should be posting to /servenotes

In many APIs in the wild there are some common requirements which are not mentioned in the README:

• Authentication: The ability for a user to prove who they are to the server. (Can be stateless, e.g. with JWT.)

• Access control: The ability for the system to restrict access of some data and operations to certain users.

I do not expect restify-mongoose to provide implementations of these features, but if restify-mongoose can support these behaviours, it would be helpful to see them documented in the README.

For example, something like this could be reassuring, and could increase adoption:

// If you want auth:
// server.use(restify.plugins.authorizationParser());

// If you want access control:
// server.get('/notes', notes.queryVisibleToUser());
// server.get('/notes/:id', checkUserCanView, notes.detail());
// server.post('/notes', checkUserCanAdd, notes.insert());
// server.patch('/notes/:id', checkUserCanModify, notes.insert());
// server.del('/notes/:id', checkUserIsOwner, notes.remove());

I am not sure if the code above would be the most appropriate solution. That's why I'm asking here!

is there any reason why sort and select are only available as part of a request get parameters and cannot be instantiated on the options object initialising the query method?
Could behave just as populate does

Trying to use it with Ember, didnt work because the standard.. just sent a pull request

This is a question for discussion and not an issue.

How can we provide developers better ability to add hypermedia links/controls and thus also achieve greater level of RESTfulness in the Richardson Maturity Model?

https://github.com/saintedlama/restify-mongoose/blob/master/test/restify-mongoose.js#L47

The same tests seems to run twice, it it normal?

Right now options is only available for the details and query functions. The filter function, however, seems to be applied to all of the functions except insert.

For consistency, it seems that options should be available on update and delete as well.

If you agree, I can submit a pull request. Just didn't want to do the work if there was a good reason not too.

wow, I use this package every day, however recently i got a request that i need to grab more than 100, ex. 1000 or even 5000 records. Is there a way that i can change this behavior quickly without changing source code.

Thank you.

line 286: find[self.options.queryString] = req.params.id;
show be
find[options.queryString] = req.params.id;

So json-api outputFormat is not recognized in remove() output.

Hi !

Could I pass multiple select params?

example:

?select=title,author

It would be pretty cool to make restifyMongoose resource support custom model methods and improove restifyMongoose::serve function to automatically generate api endpoint for those methods.
For example:
When we have model...

const mongoose = require('mongoose');
const Schema = mongoose.Schema;

const _schema = new Schema({
  title:  String,
  toggle: { type: Boolean, default: false }
});

_schema.methods.switch = function () {
  this.toggle = !this.toggle;
  this.save();
};

var Toggler = mongoose.model('Toggler', _schema);

... it would be great to generate endpoint /Toggler/:id/switch wich will call appropriate method.

Like Express, Restify allows chaining on path definitions. It would be great if I could pass a chain of callback functions to the quick mapping.

The use case I have in mind is checking authorization on requests.

I use a plugin handler to do the initial authentication handling. Since not all APIs need to be protected, I have a callback function that I use to "protect" a particular path. The path ends up looking like this.

  var opts = {
    filter: function userFilter(req, res) {
      return {user: req.user.userId};
    }
  }

  var notes = restifyMongoose(Rule, opts);
  server.get('/notes/:id', authenticate, notes.detail());
  server.get('/rules', authenticate, rules.query());

I would prefer to do something like this:

restifyMongoose(models.Note, opts, authenticate, f1, f2, f3).serve('/notes', server);

Just like Restify allows, the constructor would allow you to pass or "chain" as many functions as you need.

Thoughts?

Shouldn't this be set to Content-Type: application/vnd.api+json as you can read at http://jsonapi.org?

The beforeSave method is mentioned in changelog but there is no documentation for it.

We need consistent way of releasing new versions in github and npm.

I would do this myself but I'm not sure what the use case is so I don't have a good example.

I don't have the data for the filter in request or response.
There is needed a mongoose query to get this data.
These queries are always async. So I get the result only in a callback or via promise.

No way to return a complete object by the called function:
https://github.com/saintedlama/restify-mongoose/blob/master/index.js#L267
query.where(self.options.filter(req, res));

I've to write a lot of code to get this to work...

This is TypeScript:

function createBookController(req: restify.Request): Promise<restifyMongoose> {
  return controlHelper.dependRequestUser(req)
    .then((user) => {
      const filterobj = { _creator: user._id };
      return createDynfilterFn(filterobj);
    })
    .then((dynfilter) => {
      const bookController = restifyMongoose(Book, {
        filter: dynfilter,
        listProjection: listProjection,
        detailProjection: detailProjection
      });
      log.debug('Created bookController with filter ' + JSON.stringify(dynfilter(undefined, undefined)));
      return bookController;
    });
}

export function query(req: restify.Request, res: restify.Response, next: restify.Next) {
  createBookController(req).then((bookController: restifyMongoose) => {
    bookController.query()(req, res, next);
  });
}

function createDynfilterFn(filterobj: Object): Function {
  const obj = filterobj;
  return (request: restify.Request, response: restify.Response) => {
    return obj;
  };
}

So it would be quite handy if I could give a promise to the filter option.
Or is there another solution?

This is what I'm working on now. Actually, it's done, I just need to write the tests.

Resource.prototype.insert = function (transform) {
  var self = this;
  var emitInsert = emitEvent(self, 'insert');

  return function(req, res, next) {
    if (transform && typeof transform === 'function') {
      transform(req, res);  
    }
    self.Model.create(req.body, function (err, model) {
      if (err) {
        return onError(err, next);
      }

      res.header('Location', req.url + '/' + model._id);
      res.send(200, model);

      emitInsert(model, next);
    });
  };
};

The idea is that sometimes on an insert or update, you need to modify the data that will be saved. Specifically, an authenticated user POSTing a new note shouldn't have to pass in their own id if we already have it on every request. Thus the transform function.

I wanted to run this by you before I finished the tests and submitted a pull request.

Whenever occurs the "self.options.filter" it should be changed to "options.filter". If a pull request is needed I'd be glad to suggest it. Please, let me know and thanks for your appreciated work.