From debb2747a7840a985355f685723a46dd8876546b Mon Sep 17 00:00:00 2001 From: Andrew Plummer Date: Tue, 10 Dec 2024 16:08:32 -0500 Subject: [PATCH] removed "sanitize" flag --- .../api/scripts/database/prepare-export.js | 52 +------------------ .../application-credentials.json | 8 +++ .../scripts/database/sanitizations/users.js | 7 --- .../definitions/application-credential.json | 1 - 4 files changed, 10 insertions(+), 58 deletions(-) create mode 100644 services/api/scripts/database/sanitizations/application-credentials.json diff --git a/services/api/scripts/database/prepare-export.js b/services/api/scripts/database/prepare-export.js index f0f03e5b..784cdcd4 100644 --- a/services/api/scripts/database/prepare-export.js +++ b/services/api/scripts/database/prepare-export.js @@ -13,6 +13,8 @@ const logger = require('@bedrockio/logger'); const { User } = require('../../src/models'); const { initialize } = require('../../src/utils/database'); +const MONGO_URI = config.get('MONGO_URI'); + program .description( ` @@ -34,8 +36,6 @@ program program.parse(process.argv); const options = program.opts(); -const MONGO_URI = config.get('MONGO_URI'); - async function run() { const db = await initialize(); @@ -120,12 +120,7 @@ async function getSanitizations(options) { if (options.raw) { return []; } - const manual = await getManualSanitizations(); - const auto = await getAutoSanitizations(); - return [...manual, ...auto]; -} -async function getManualSanitizations() { const gl = path.resolve(__dirname, 'sanitizations/*.{json,js}'); const files = await glob(gl); const result = []; @@ -152,49 +147,6 @@ async function getManualSanitizations() { return result; } -async function getAutoSanitizations() { - const result = []; - - for (let model of Object.values(mongoose.models)) { - const collection = model.collection.name; - - if (isPluginCollection(collection)) { - continue; - } - - const fields = {}; - - for (let [name, path] of Object.entries(model.schema.paths)) { - const sanitize = path.options?.sanitize; - const remove = sanitize === true; - if (sanitize) { - fields[name] = { - $cond: { - if: { - $ne: [`$${name}`, null], - }, - then: remove ? '$$REMOVE' : sanitize, - // Effectively doesn't set the field if it does not exist. - else: '$$REMOVE', - }, - }; - } - } - if (Object.keys(fields).length > 0) { - result.push({ - name: getSanitizedName(collection), - collection, - pipeline: [ - { - $set: fields, - }, - ], - }); - } - } - return result; -} - async function runSanitizations(db, sanitizations) { for (let sanitization of sanitizations) { const { collection, pipeline } = sanitization; diff --git a/services/api/scripts/database/sanitizations/application-credentials.json b/services/api/scripts/database/sanitizations/application-credentials.json new file mode 100644 index 00000000..b350649c --- /dev/null +++ b/services/api/scripts/database/sanitizations/application-credentials.json @@ -0,0 +1,8 @@ +{ + "collection": "applicationcredentials", + "pipeline": [ + { + "$unset": "apiSecret" + } + ] +} diff --git a/services/api/scripts/database/sanitizations/users.js b/services/api/scripts/database/sanitizations/users.js index dfd91318..1a0a8a12 100644 --- a/services/api/scripts/database/sanitizations/users.js +++ b/services/api/scripts/database/sanitizations/users.js @@ -1,10 +1,3 @@ -// Note that this is an example of a complex sanitization pipeline. -// For a simple case the "sanitize" key can be set on individual fields -// in a model definition: - -// - When `true` the value will be stripped from all documents. -// - When a string the value will be set to a literal for all documents. - const bcrypt = require('bcrypt'); // Development password. Note this is hard diff --git a/services/api/src/models/definitions/application-credential.json b/services/api/src/models/definitions/application-credential.json index fd55ce19..f5188299 100644 --- a/services/api/src/models/definitions/application-credential.json +++ b/services/api/src/models/definitions/application-credential.json @@ -4,7 +4,6 @@ "type": "String", "trim": true, "required": true, - "sanitize": true, "unique": true, "writeAccess": "none" },