82 lines
2.2 KiB
JavaScript
82 lines
2.2 KiB
JavaScript
const Router = require("@koa/router")
|
|
const queryController = require("../controllers/query")
|
|
const authorized = require("../../middleware/authorized")
|
|
const { BUILDER } = require("../../utilities/security/permissions")
|
|
const Joi = require("joi")
|
|
const {
|
|
PermissionLevels,
|
|
PermissionTypes,
|
|
} = require("../../utilities/security/permissions")
|
|
const joiValidator = require("../../middleware/joi-validator")
|
|
const {
|
|
bodyResource,
|
|
bodySubResource,
|
|
paramResource,
|
|
} = require("../../middleware/resourceId")
|
|
|
|
const router = Router()
|
|
|
|
function generateQueryValidation() {
|
|
// prettier-ignore
|
|
return joiValidator.body(Joi.object({
|
|
_id: Joi.string(),
|
|
_rev: Joi.string(),
|
|
name: Joi.string().required(),
|
|
fields: Joi.object().required(),
|
|
datasourceId: Joi.string().required(),
|
|
readable: Joi.boolean(),
|
|
parameters: Joi.array().items(Joi.object({
|
|
name: Joi.string(),
|
|
default: Joi.string().allow(""),
|
|
})),
|
|
queryVerb: Joi.string().allow().required(),
|
|
schema: Joi.object({}).required().unknown(true)
|
|
}))
|
|
}
|
|
|
|
function generateQueryPreviewValidation() {
|
|
// prettier-ignore
|
|
return joiValidator.body(Joi.object({
|
|
fields: Joi.object().required(),
|
|
queryVerb: Joi.string().allow().required(),
|
|
datasourceId: Joi.string().required(),
|
|
parameters: Joi.object({}).required().unknown(true)
|
|
}))
|
|
}
|
|
|
|
router
|
|
.get("/api/queries", authorized(BUILDER), queryController.fetch)
|
|
.post(
|
|
"/api/queries",
|
|
bodySubResource("datasourceId", "_id"),
|
|
authorized(BUILDER),
|
|
generateQueryValidation(),
|
|
queryController.save
|
|
)
|
|
.post(
|
|
"/api/queries/preview",
|
|
bodyResource("datasourceId"),
|
|
authorized(BUILDER),
|
|
generateQueryPreviewValidation(),
|
|
queryController.preview
|
|
)
|
|
.get(
|
|
"/api/queries/:queryId",
|
|
authorized(PermissionTypes.QUERY, PermissionLevels.READ),
|
|
queryController.find
|
|
)
|
|
.post(
|
|
"/api/queries/:queryId",
|
|
paramResource("queryId"),
|
|
authorized(PermissionTypes.QUERY, PermissionLevels.WRITE),
|
|
queryController.execute
|
|
)
|
|
.delete(
|
|
"/api/queries/:queryId/:revId",
|
|
paramResource("queryId"),
|
|
authorized(BUILDER),
|
|
queryController.destroy
|
|
)
|
|
|
|
module.exports = router
|