From 767f35d2d9e270eca5edb5577d46b9ecca6c870b Mon Sep 17 00:00:00 2001 From: Marcos Spessatto Defendi Date: Wed, 6 Feb 2019 16:40:59 -0200 Subject: [PATCH] Remove dependency of RC namespace in rc-api/helpers and api.js (#13273) * Move RestAPI client to rc-api package * Remove dependency of RC namespace in rc-api/helpers and api.js --- packages/rocketchat-api/client/index.js | 1 + .../client/lib/RestApiClient.js | 112 ++++++++++++++++++ packages/rocketchat-api/package.js | 5 + packages/rocketchat-api/server/api.js | 57 +++++---- .../rocketchat-api/server/default/info.js | 16 +-- .../helpers/composeRoomWithLastMessage.js | 7 +- .../server/helpers/deprecationWarning.js | 4 +- .../server/helpers/getLoggedInUser.js | 7 +- .../server/helpers/getPaginationItems.js | 11 +- .../server/helpers/getUserFromParams.js | 11 +- .../server/helpers/getUserInfo.js | 10 +- .../server/helpers/insertUserObject.js | 7 +- .../server/helpers/isUserFromParams.js | 4 +- .../server/helpers/parseJsonQuery.js | 29 ++--- .../server/helpers/requestParams.js | 4 +- packages/rocketchat-api/server/settings.js | 4 +- .../client/lib/RestApiClient.js | 112 +----------------- 17 files changed, 214 insertions(+), 187 deletions(-) create mode 100644 packages/rocketchat-api/client/index.js create mode 100644 packages/rocketchat-api/client/lib/RestApiClient.js diff --git a/packages/rocketchat-api/client/index.js b/packages/rocketchat-api/client/index.js new file mode 100644 index 000000000000..7e1df916437f --- /dev/null +++ b/packages/rocketchat-api/client/index.js @@ -0,0 +1 @@ +export { API } from './lib/RestApiClient'; diff --git a/packages/rocketchat-api/client/lib/RestApiClient.js b/packages/rocketchat-api/client/lib/RestApiClient.js new file mode 100644 index 000000000000..107462f2057d --- /dev/null +++ b/packages/rocketchat-api/client/lib/RestApiClient.js @@ -0,0 +1,112 @@ +export const API = { + delete(endpoint, params) { + return API._jqueryCall('DELETE', endpoint, params); + }, + + get(endpoint, params) { + return API._jqueryCall('GET', endpoint, params); + }, + + post(endpoint, params, body) { + if (!body) { + body = params; + params = {}; + } + + return API._jqueryCall('POST', endpoint, params, body); + }, + + upload(endpoint, params, formData) { + if (!formData) { + formData = params; + params = {}; + } + + return API._jqueryFormDataCall(endpoint, params, formData); + }, + + _generateQueryFromParams(params) { + let query = ''; + if (params && typeof params === 'object') { + Object.keys(params).forEach((key) => { + query += query === '' ? '?' : '&'; + + query += `${ key }=${ params[key] }`; + }); + } + + return query; + }, + + _jqueryCall(method, endpoint, params, body) { + const query = API._generateQueryFromParams(params); + + return new Promise(function _rlRestApiGet(resolve, reject) { + jQuery.ajax({ + method, + url: `${ document.baseURI }api/${ endpoint }${ query }`, + headers: { + 'Content-Type': 'application/json', + 'X-User-Id': localStorage['Meteor.userId'], + 'X-Auth-Token': localStorage['Meteor.loginToken'], + }, + data: JSON.stringify(body), + success: function _rlGetSuccess(result) { + resolve(result); + }, + error: function _rlGetFailure(xhr, status, errorThrown) { + const error = new Error(errorThrown); + error.xhr = xhr; + reject(error); + }, + }); + }); + }, + + _jqueryFormDataCall(endpoint, params, formData) { + const query = API._generateQueryFromParams(params); + + if (!(formData instanceof FormData)) { + throw new Error('The formData parameter MUST be an instance of the FormData class.'); + } + + return new Promise(function _jqueryFormDataPromise(resolve, reject) { + jQuery.ajax({ + url: `${ document.baseURI }api/${ endpoint }${ query }`, + headers: { + 'X-User-Id': localStorage['Meteor.userId'], + 'X-Auth-Token': localStorage['Meteor.loginToken'], + }, + data: formData, + processData: false, + contentType: false, + type: 'POST', + success: function _jqueryFormDataSuccess(result) { + resolve(result); + }, + error: function _jqueryFormDataError(xhr, status, errorThrown) { + reject(new Error(errorThrown)); + }, + }); + }); + }, + + v1: { + delete(endpoint, params) { + return API.delete(`v1/${ endpoint }`, params); + }, + + get(endpoint, params) { + return API.get(`v1/${ endpoint }`, params); + }, + + post(endpoint, params, body) { + return API.post(`v1/${ endpoint }`, params, body); + }, + + upload(endpoint, params, formData) { + return API.upload(`v1/${ endpoint }`, params, formData); + }, + }, +}; +RocketChat.API = API; diff --git a/packages/rocketchat-api/package.js b/packages/rocketchat-api/package.js index 1384ef6670d6..969cca9a542c 100644 --- a/packages/rocketchat-api/package.js +++ b/packages/rocketchat-api/package.js @@ -12,9 +12,14 @@ Package.onUse(function(api) { 'rate-limit', 'rocketchat:lib', 'rocketchat:models', + 'rocketchat:settings', + 'rocketchat:utils', + 'rocketchat:metrics', + 'rocketchat:authorization', 'rocketchat:integrations', 'rocketchat:file-upload', ]); + api.mainModule('client/index.js', 'client'); api.mainModule('server/index.js', 'server'); }); diff --git a/packages/rocketchat-api/server/api.js b/packages/rocketchat-api/server/api.js index e32407d689c3..a4ee71d3b9a6 100644 --- a/packages/rocketchat-api/server/api.js +++ b/packages/rocketchat-api/server/api.js @@ -5,17 +5,22 @@ import { Accounts } from 'meteor/accounts-base'; import { RocketChat } from 'meteor/rocketchat:lib'; import { Restivus } from 'meteor/nimble:restivus'; import { Logger } from 'meteor/rocketchat:logger'; +import { settings } from 'meteor/rocketchat:settings'; +import { metrics } from 'meteor/rocketchat:metrics'; +import { hasPermission } from 'meteor/rocketchat:authorization'; import { RateLimiter } from 'meteor/rate-limit'; import _ from 'underscore'; const logger = new Logger('API', {}); const rateLimiterDictionary = {}; const defaultRateLimiterOptions = { - numRequestsAllowed: RocketChat.settings.get('API_Enable_Rate_Limiter_Limit_Calls_Default'), - intervalTimeInMS: RocketChat.settings.get('API_Enable_Rate_Limiter_Limit_Time_Default'), + numRequestsAllowed: settings.get('API_Enable_Rate_Limiter_Limit_Calls_Default'), + intervalTimeInMS: settings.get('API_Enable_Rate_Limiter_Limit_Time_Default'), }; -class API extends Restivus { +export let API = {}; + +class APIClass extends Restivus { constructor(properties) { super(properties); this.authMethods = []; @@ -48,15 +53,15 @@ class API extends Restivus { } hasHelperMethods() { - return RocketChat.API.helperMethods.size !== 0; + return API.helperMethods.size !== 0; } getHelperMethods() { - return RocketChat.API.helperMethods; + return API.helperMethods; } getHelperMethod(name) { - return RocketChat.API.helperMethods.get(name); + return API.helperMethods.get(name); } addAuthMethod(method) { @@ -182,7 +187,7 @@ class API extends Restivus { // Add a try/catch for each endpoint const originalAction = endpoints[method].action; endpoints[method].action = function _internalRouteActionHandler() { - const rocketchatRestApiEnd = RocketChat.metrics.rocketchatRestApi.startTimer({ + const rocketchatRestApiEnd = metrics.rocketchatRestApi.startTimer({ method, version, user_agent: this.request.headers['user-agent'], @@ -198,8 +203,8 @@ class API extends Restivus { let result; try { const shouldVerifyRateLimit = rateLimiterDictionary.hasOwnProperty(objectForRateLimitMatch.route) - && (!this.userId || !RocketChat.authz.hasPermission(this.userId, 'api-bypass-rate-limit')) - && ((process.env.NODE_ENV === 'development' && RocketChat.settings.get('API_Enable_Rate_Limiter_Dev') === true) || process.env.NODE_ENV !== 'development'); + && (!this.userId || !hasPermission(this.userId, 'api-bypass-rate-limit')) + && ((process.env.NODE_ENV === 'development' && settings.get('API_Enable_Rate_Limiter_Dev') === true) || process.env.NODE_ENV !== 'development'); if (shouldVerifyRateLimit) { rateLimiterDictionary[objectForRateLimitMatch.route].rateLimiter.increment(objectForRateLimitMatch); const attemptResult = rateLimiterDictionary[objectForRateLimitMatch.route].rateLimiter.check(objectForRateLimitMatch); @@ -217,9 +222,9 @@ class API extends Restivus { result = originalAction.apply(this); } catch (e) { logger.debug(`${ method } ${ route } threw an error:`, e.stack); - result = RocketChat.API.v1.failure(e.message, e.error); + result = API.v1.failure(e.message, e.error); } - result = result || RocketChat.API.v1.success(); + result = result || API.v1.success(); rocketchatRestApiEnd({ status: result.statusCode, @@ -413,8 +418,8 @@ const getUserAuth = function _getUserAuth(...args) { this.bodyParams = JSON.parse(this.bodyParams.payload); } - for (let i = 0; i < RocketChat.API.v1.authMethods.length; i++) { - const method = RocketChat.API.v1.authMethods[i]; + for (let i = 0; i < API.v1.authMethods.length; i++) { + const method = API.v1.authMethods[i]; if (typeof method === 'function') { const result = method.apply(this, args); @@ -437,17 +442,19 @@ const getUserAuth = function _getUserAuth(...args) { }; }; -RocketChat.API = { +API = { helperMethods: new Map(), getUserAuth, - ApiClass: API, + ApiClass: APIClass, }; +RocketChat.API = API; + const defaultOptionsEndpoint = function _defaultOptionsEndpoint() { if (this.request.method === 'OPTIONS' && this.request.headers['access-control-request-method']) { - if (RocketChat.settings.get('API_Enable_CORS') === true) { + if (settings.get('API_Enable_CORS') === true) { this.response.writeHead(200, { - 'Access-Control-Allow-Origin': RocketChat.settings.get('API_CORS_Origin'), + 'Access-Control-Allow-Origin': settings.get('API_CORS_Origin'), 'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, HEAD, PATCH', 'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept, X-User-Id, X-Auth-Token, x-visitor-token', }); @@ -462,8 +469,8 @@ const defaultOptionsEndpoint = function _defaultOptionsEndpoint() { }; const createApi = function _createApi(enableCors) { - if (!RocketChat.API.v1 || RocketChat.API.v1._config.enableCors !== enableCors) { - RocketChat.API.v1 = new API({ + if (!API.v1 || API.v1._config.enableCors !== enableCors) { + API.v1 = new APIClass({ version: 'v1', useDefaultAuth: true, prettyJson: process.env.NODE_ENV === 'development', @@ -473,8 +480,8 @@ const createApi = function _createApi(enableCors) { }); } - if (!RocketChat.API.default || RocketChat.API.default._config.enableCors !== enableCors) { - RocketChat.API.default = new API({ + if (!API.default || API.default._config.enableCors !== enableCors) { + API.default = new APIClass({ useDefaultAuth: true, prettyJson: process.env.NODE_ENV === 'development', enableCors, @@ -485,19 +492,19 @@ const createApi = function _createApi(enableCors) { }; // register the API to be re-created once the CORS-setting changes. -RocketChat.settings.get('API_Enable_CORS', (key, value) => { +settings.get('API_Enable_CORS', (key, value) => { createApi(value); }); -RocketChat.settings.get('API_Enable_Rate_Limiter_Limit_Time_Default', (key, value) => { +settings.get('API_Enable_Rate_Limiter_Limit_Time_Default', (key, value) => { defaultRateLimiterOptions.intervalTimeInMS = value; createApi(value); }); -RocketChat.settings.get('API_Enable_Rate_Limiter_Limit_Calls_Default', (key, value) => { +settings.get('API_Enable_Rate_Limiter_Limit_Calls_Default', (key, value) => { defaultRateLimiterOptions.numRequestsAllowed = value; createApi(value); }); // also create the API immediately -createApi(!!RocketChat.settings.get('API_Enable_CORS')); +createApi(!!settings.get('API_Enable_CORS')); diff --git a/packages/rocketchat-api/server/default/info.js b/packages/rocketchat-api/server/default/info.js index 97b372dd42ad..f4bbcad21ec8 100644 --- a/packages/rocketchat-api/server/default/info.js +++ b/packages/rocketchat-api/server/default/info.js @@ -1,17 +1,19 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { hasRole } from 'meteor/rocketchat:authorization'; +import { Info } from 'meteor/rocketchat:utils'; +import { API } from '../api'; -RocketChat.API.default.addRoute('info', { authRequired: false }, { +API.default.addRoute('info', { authRequired: false }, { get() { const user = this.getLoggedInUser(); - if (user && RocketChat.authz.hasRole(user._id, 'admin')) { - return RocketChat.API.v1.success({ - info: RocketChat.Info, + if (user && hasRole(user._id, 'admin')) { + return API.v1.success({ + info: Info, }); } - return RocketChat.API.v1.success({ - version: RocketChat.Info.version, + return API.v1.success({ + version: Info.version, }); }, }); diff --git a/packages/rocketchat-api/server/helpers/composeRoomWithLastMessage.js b/packages/rocketchat-api/server/helpers/composeRoomWithLastMessage.js index f9a8e3a702c8..4c833d898709 100644 --- a/packages/rocketchat-api/server/helpers/composeRoomWithLastMessage.js +++ b/packages/rocketchat-api/server/helpers/composeRoomWithLastMessage.js @@ -1,8 +1,9 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { composeMessageObjectWithUser } from 'meteor/rocketchat:utils'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('composeRoomWithLastMessage', function _composeRoomWithLastMessage(room, userId) { +API.helperMethods.set('composeRoomWithLastMessage', function _composeRoomWithLastMessage(room, userId) { if (room.lastMessage) { - room.lastMessage = RocketChat.composeMessageObjectWithUser(room.lastMessage, userId); + room.lastMessage = composeMessageObjectWithUser(room.lastMessage, userId); } return room; }); diff --git a/packages/rocketchat-api/server/helpers/deprecationWarning.js b/packages/rocketchat-api/server/helpers/deprecationWarning.js index ad2cb11a5131..06dc47c3f096 100644 --- a/packages/rocketchat-api/server/helpers/deprecationWarning.js +++ b/packages/rocketchat-api/server/helpers/deprecationWarning.js @@ -1,6 +1,6 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('deprecationWarning', function _deprecationWarning({ endpoint, versionWillBeRemove, response }) { +API.helperMethods.set('deprecationWarning', function _deprecationWarning({ endpoint, versionWillBeRemove, response }) { const warningMessage = `The endpoint "${ endpoint }" is deprecated and will be removed after version ${ versionWillBeRemove }`; console.warn(warningMessage); if (process.env.NODE_ENV === 'development') { diff --git a/packages/rocketchat-api/server/helpers/getLoggedInUser.js b/packages/rocketchat-api/server/helpers/getLoggedInUser.js index 1ff50826b928..9406ff576f1f 100644 --- a/packages/rocketchat-api/server/helpers/getLoggedInUser.js +++ b/packages/rocketchat-api/server/helpers/getLoggedInUser.js @@ -1,11 +1,12 @@ import { Accounts } from 'meteor/accounts-base'; -import { RocketChat } from 'meteor/rocketchat:lib'; +import { Users } from 'meteor/rocketchat:models'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('getLoggedInUser', function _getLoggedInUser() { +API.helperMethods.set('getLoggedInUser', function _getLoggedInUser() { let user; if (this.request.headers['x-auth-token'] && this.request.headers['x-user-id']) { - user = RocketChat.models.Users.findOne({ + user = Users.findOne({ _id: this.request.headers['x-user-id'], 'services.resume.loginTokens.hashedToken': Accounts._hashLoginToken(this.request.headers['x-auth-token']), }); diff --git a/packages/rocketchat-api/server/helpers/getPaginationItems.js b/packages/rocketchat-api/server/helpers/getPaginationItems.js index f7d3cff75d1e..0060155d0f0c 100644 --- a/packages/rocketchat-api/server/helpers/getPaginationItems.js +++ b/packages/rocketchat-api/server/helpers/getPaginationItems.js @@ -1,11 +1,12 @@ // If the count query param is higher than the "API_Upper_Count_Limit" setting, then we limit that // If the count query param isn't defined, then we set it to the "API_Default_Count" setting // If the count is zero, then that means unlimited and is only allowed if the setting "API_Allow_Infinite_Count" is true -import { RocketChat } from 'meteor/rocketchat:lib'; +import { settings } from 'meteor/rocketchat:settings'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('getPaginationItems', function _getPaginationItems() { - const hardUpperLimit = RocketChat.settings.get('API_Upper_Count_Limit') <= 0 ? 100 : RocketChat.settings.get('API_Upper_Count_Limit'); - const defaultCount = RocketChat.settings.get('API_Default_Count') <= 0 ? 50 : RocketChat.settings.get('API_Default_Count'); +API.helperMethods.set('getPaginationItems', function _getPaginationItems() { + const hardUpperLimit = settings.get('API_Upper_Count_Limit') <= 0 ? 100 : settings.get('API_Upper_Count_Limit'); + const defaultCount = settings.get('API_Default_Count') <= 0 ? 50 : settings.get('API_Default_Count'); const offset = this.queryParams.offset ? parseInt(this.queryParams.offset) : 0; let count = defaultCount; @@ -20,7 +21,7 @@ RocketChat.API.helperMethods.set('getPaginationItems', function _getPaginationIt count = hardUpperLimit; } - if (count === 0 && !RocketChat.settings.get('API_Allow_Infinite_Count')) { + if (count === 0 && !settings.get('API_Allow_Infinite_Count')) { count = defaultCount; } diff --git a/packages/rocketchat-api/server/helpers/getUserFromParams.js b/packages/rocketchat-api/server/helpers/getUserFromParams.js index 54b884de6059..e9f49ca7cc61 100644 --- a/packages/rocketchat-api/server/helpers/getUserFromParams.js +++ b/packages/rocketchat-api/server/helpers/getUserFromParams.js @@ -1,18 +1,19 @@ // Convenience method, almost need to turn it into a middleware of sorts import { Meteor } from 'meteor/meteor'; -import { RocketChat } from 'meteor/rocketchat:lib'; +import { Users } from 'meteor/rocketchat:models'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('getUserFromParams', function _getUserFromParams() { +API.helperMethods.set('getUserFromParams', function _getUserFromParams() { const doesntExist = { _doesntExist: true }; let user; const params = this.requestParams(); if (params.userId && params.userId.trim()) { - user = RocketChat.models.Users.findOneById(params.userId) || doesntExist; + user = Users.findOneById(params.userId) || doesntExist; } else if (params.username && params.username.trim()) { - user = RocketChat.models.Users.findOneByUsername(params.username) || doesntExist; + user = Users.findOneByUsername(params.username) || doesntExist; } else if (params.user && params.user.trim()) { - user = RocketChat.models.Users.findOneByUsername(params.user) || doesntExist; + user = Users.findOneByUsername(params.user) || doesntExist; } else { throw new Meteor.Error('error-user-param-not-provided', 'The required "userId" or "username" param was not provided'); } diff --git a/packages/rocketchat-api/server/helpers/getUserInfo.js b/packages/rocketchat-api/server/helpers/getUserInfo.js index c573a336ddd1..f7a76b35c14e 100644 --- a/packages/rocketchat-api/server/helpers/getUserInfo.js +++ b/packages/rocketchat-api/server/helpers/getUserInfo.js @@ -1,4 +1,6 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { settings } from 'meteor/rocketchat:settings'; +import { getUserPreference } from 'meteor/rocketchat:utils'; +import { API } from '../api'; const getInfoFromUserObject = (user) => { const { @@ -32,7 +34,7 @@ const getInfoFromUserObject = (user) => { }; -RocketChat.API.helperMethods.set('getUserInfo', function _getUserInfo(user) { +API.helperMethods.set('getUserInfo', function _getUserInfo(user) { const me = getInfoFromUserObject(user); const isVerifiedEmail = () => { if (me && me.emails && Array.isArray(me.emails)) { @@ -42,11 +44,11 @@ RocketChat.API.helperMethods.set('getUserInfo', function _getUserInfo(user) { }; const getUserPreferences = () => { const defaultUserSettingPrefix = 'Accounts_Default_User_Preferences_'; - const allDefaultUserSettings = RocketChat.settings.get(new RegExp(`^${ defaultUserSettingPrefix }.*$`)); + const allDefaultUserSettings = settings.get(new RegExp(`^${ defaultUserSettingPrefix }.*$`)); return allDefaultUserSettings.reduce((accumulator, setting) => { const settingWithoutPrefix = setting.key.replace(defaultUserSettingPrefix, ' ').trim(); - accumulator[settingWithoutPrefix] = RocketChat.getUserPreference(user, settingWithoutPrefix); + accumulator[settingWithoutPrefix] = getUserPreference(user, settingWithoutPrefix); return accumulator; }, {}); }; diff --git a/packages/rocketchat-api/server/helpers/insertUserObject.js b/packages/rocketchat-api/server/helpers/insertUserObject.js index dfa6322099b9..9883f8f830fa 100644 --- a/packages/rocketchat-api/server/helpers/insertUserObject.js +++ b/packages/rocketchat-api/server/helpers/insertUserObject.js @@ -1,7 +1,8 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { Users } from 'meteor/rocketchat:models'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('insertUserObject', function _addUserToObject({ object, userId }) { - const user = RocketChat.models.Users.findOneById(userId); +API.helperMethods.set('insertUserObject', function _addUserToObject({ object, userId }) { + const user = Users.findOneById(userId); object.user = { }; if (user) { object.user = { diff --git a/packages/rocketchat-api/server/helpers/isUserFromParams.js b/packages/rocketchat-api/server/helpers/isUserFromParams.js index 79f3b90f3aef..a96779c2eedc 100644 --- a/packages/rocketchat-api/server/helpers/isUserFromParams.js +++ b/packages/rocketchat-api/server/helpers/isUserFromParams.js @@ -1,6 +1,6 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('isUserFromParams', function _isUserFromParams() { +API.helperMethods.set('isUserFromParams', function _isUserFromParams() { const params = this.requestParams(); return (!params.userId && !params.username && !params.user) || diff --git a/packages/rocketchat-api/server/helpers/parseJsonQuery.js b/packages/rocketchat-api/server/helpers/parseJsonQuery.js index 6b9caf541987..60bf964c3e22 100644 --- a/packages/rocketchat-api/server/helpers/parseJsonQuery.js +++ b/packages/rocketchat-api/server/helpers/parseJsonQuery.js @@ -1,8 +1,9 @@ import { Meteor } from 'meteor/meteor'; -import { RocketChat } from 'meteor/rocketchat:lib'; +import { hasPermission } from 'meteor/rocketchat:authorization'; import { EJSON } from 'meteor/ejson'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('parseJsonQuery', function _parseJsonQuery() { +API.helperMethods.set('parseJsonQuery', function _parseJsonQuery() { let sort; if (this.queryParams.sort) { try { @@ -25,26 +26,26 @@ RocketChat.API.helperMethods.set('parseJsonQuery', function _parseJsonQuery() { // Verify the user's selected fields only contains ones which their role allows if (typeof fields === 'object') { - let nonSelectableFields = Object.keys(RocketChat.API.v1.defaultFieldsToExclude); + let nonSelectableFields = Object.keys(API.v1.defaultFieldsToExclude); if (this.request.route.includes('/v1/users.')) { - const getFields = () => Object.keys(RocketChat.authz.hasPermission(this.userId, 'view-full-other-user-info') ? RocketChat.API.v1.limitedUserFieldsToExcludeIfIsPrivilegedUser : RocketChat.API.v1.limitedUserFieldsToExclude); + const getFields = () => Object.keys(hasPermission(this.userId, 'view-full-other-user-info') ? API.v1.limitedUserFieldsToExcludeIfIsPrivilegedUser : API.v1.limitedUserFieldsToExclude); nonSelectableFields = nonSelectableFields.concat(getFields()); } Object.keys(fields).forEach((k) => { - if (nonSelectableFields.includes(k) || nonSelectableFields.includes(k.split(RocketChat.API.v1.fieldSeparator)[0])) { + if (nonSelectableFields.includes(k) || nonSelectableFields.includes(k.split(API.v1.fieldSeparator)[0])) { delete fields[k]; } }); } // Limit the fields by default - fields = Object.assign({}, fields, RocketChat.API.v1.defaultFieldsToExclude); + fields = Object.assign({}, fields, API.v1.defaultFieldsToExclude); if (this.request.route.includes('/v1/users.')) { - if (RocketChat.authz.hasPermission(this.userId, 'view-full-other-user-info')) { - fields = Object.assign(fields, RocketChat.API.v1.limitedUserFieldsToExcludeIfIsPrivilegedUser); + if (hasPermission(this.userId, 'view-full-other-user-info')) { + fields = Object.assign(fields, API.v1.limitedUserFieldsToExcludeIfIsPrivilegedUser); } else { - fields = Object.assign(fields, RocketChat.API.v1.limitedUserFieldsToExclude); + fields = Object.assign(fields, API.v1.limitedUserFieldsToExclude); } } @@ -60,17 +61,17 @@ RocketChat.API.helperMethods.set('parseJsonQuery', function _parseJsonQuery() { // Verify the user has permission to query the fields they are if (typeof query === 'object') { - let nonQueryableFields = Object.keys(RocketChat.API.v1.defaultFieldsToExclude); + let nonQueryableFields = Object.keys(API.v1.defaultFieldsToExclude); if (this.request.route.includes('/v1/users.')) { - if (RocketChat.authz.hasPermission(this.userId, 'view-full-other-user-info')) { - nonQueryableFields = nonQueryableFields.concat(Object.keys(RocketChat.API.v1.limitedUserFieldsToExcludeIfIsPrivilegedUser)); + if (hasPermission(this.userId, 'view-full-other-user-info')) { + nonQueryableFields = nonQueryableFields.concat(Object.keys(API.v1.limitedUserFieldsToExcludeIfIsPrivilegedUser)); } else { - nonQueryableFields = nonQueryableFields.concat(Object.keys(RocketChat.API.v1.limitedUserFieldsToExclude)); + nonQueryableFields = nonQueryableFields.concat(Object.keys(API.v1.limitedUserFieldsToExclude)); } } Object.keys(query).forEach((k) => { - if (nonQueryableFields.includes(k) || nonQueryableFields.includes(k.split(RocketChat.API.v1.fieldSeparator)[0])) { + if (nonQueryableFields.includes(k) || nonQueryableFields.includes(k.split(API.v1.fieldSeparator)[0])) { delete query[k]; } }); diff --git a/packages/rocketchat-api/server/helpers/requestParams.js b/packages/rocketchat-api/server/helpers/requestParams.js index fe70278dd463..2883c94a727e 100644 --- a/packages/rocketchat-api/server/helpers/requestParams.js +++ b/packages/rocketchat-api/server/helpers/requestParams.js @@ -1,5 +1,5 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { API } from '../api'; -RocketChat.API.helperMethods.set('requestParams', function _requestParams() { +API.helperMethods.set('requestParams', function _requestParams() { return ['POST', 'PUT'].includes(this.request.method) ? this.bodyParams : this.queryParams; }); diff --git a/packages/rocketchat-api/server/settings.js b/packages/rocketchat-api/server/settings.js index 6b4c06e7a83a..f1ce328769cb 100644 --- a/packages/rocketchat-api/server/settings.js +++ b/packages/rocketchat-api/server/settings.js @@ -1,6 +1,6 @@ -import { RocketChat } from 'meteor/rocketchat:lib'; +import { settings } from 'meteor/rocketchat:settings'; -RocketChat.settings.addGroup('General', function() { +settings.addGroup('General', function() { this.section('REST API', function() { this.add('API_Upper_Count_Limit', 100, { type: 'int', public: false }); this.add('API_Default_Count', 50, { type: 'int', public: false }); diff --git a/packages/rocketchat-lib/client/lib/RestApiClient.js b/packages/rocketchat-lib/client/lib/RestApiClient.js index 7226be0360d1..9c2d7a9b86e9 100644 --- a/packages/rocketchat-lib/client/lib/RestApiClient.js +++ b/packages/rocketchat-lib/client/lib/RestApiClient.js @@ -1,111 +1,3 @@ -RocketChat.API = { - delete(endpoint, params) { - return RocketChat.API._jqueryCall('DELETE', endpoint, params); - }, +// import { API } from 'meteor/rocketchat:api'; - get(endpoint, params) { - return RocketChat.API._jqueryCall('GET', endpoint, params); - }, - - post(endpoint, params, body) { - if (!body) { - body = params; - params = {}; - } - - return RocketChat.API._jqueryCall('POST', endpoint, params, body); - }, - - upload(endpoint, params, formData) { - if (!formData) { - formData = params; - params = {}; - } - - return RocketChat.API._jqueryFormDataCall(endpoint, params, formData); - }, - - _generateQueryFromParams(params) { - let query = ''; - if (params && typeof params === 'object') { - Object.keys(params).forEach((key) => { - query += query === '' ? '?' : '&'; - - query += `${ key }=${ params[key] }`; - }); - } - - return query; - }, - - _jqueryCall(method, endpoint, params, body) { - const query = RocketChat.API._generateQueryFromParams(params); - - return new Promise(function _rlRestApiGet(resolve, reject) { - jQuery.ajax({ - method, - url: `${ document.baseURI }api/${ endpoint }${ query }`, - headers: { - 'Content-Type': 'application/json', - 'X-User-Id': localStorage['Meteor.userId'], - 'X-Auth-Token': localStorage['Meteor.loginToken'], - }, - data: JSON.stringify(body), - success: function _rlGetSuccess(result) { - resolve(result); - }, - error: function _rlGetFailure(xhr, status, errorThrown) { - const error = new Error(errorThrown); - error.xhr = xhr; - reject(error); - }, - }); - }); - }, - - _jqueryFormDataCall(endpoint, params, formData) { - const query = RocketChat.API._generateQueryFromParams(params); - - if (!(formData instanceof FormData)) { - throw new Error('The formData parameter MUST be an instance of the FormData class.'); - } - - return new Promise(function _jqueryFormDataPromise(resolve, reject) { - jQuery.ajax({ - url: `${ document.baseURI }api/${ endpoint }${ query }`, - headers: { - 'X-User-Id': localStorage['Meteor.userId'], - 'X-Auth-Token': localStorage['Meteor.loginToken'], - }, - data: formData, - processData: false, - contentType: false, - type: 'POST', - success: function _jqueryFormDataSuccess(result) { - resolve(result); - }, - error: function _jqueryFormDataError(xhr, status, errorThrown) { - reject(new Error(errorThrown)); - }, - }); - }); - }, - - v1: { - delete(endpoint, params) { - return RocketChat.API.delete(`v1/${ endpoint }`, params); - }, - - get(endpoint, params) { - return RocketChat.API.get(`v1/${ endpoint }`, params); - }, - - post(endpoint, params, body) { - return RocketChat.API.post(`v1/${ endpoint }`, params, body); - }, - - upload(endpoint, params, formData) { - return RocketChat.API.upload(`v1/${ endpoint }`, params, formData); - }, - }, -}; +// RocketChat.API = API;