Overview | Chinchay Docs

# Overview

There are several more miscellaneous functions that can be used. So here we will look at them.

# columnsNames

What if you want to get all the column names? Maybe to check if a certain relation has a certain property?

  Coffee.columnsNames();

will return an array with the name of all the columns:

  [ 'id', 'name', 'price', 'created_at', 'updated_at' ]

# getFirstDate

This method will return the created_at of the first entry:

  Coffee.getFirstDate();

will return a Date Object:

  2019-07-13T21:18:08.748Z

This is very similar to the following query:

  Coffee.find({}, 'all', { rawSelect: 'min(created_at)', clearSelect: true });

However this will return an array with the result, whereas the first one will return the date straight away.

# extractOptions, extractColumns, extractSearch

The following methods are used in the controller, when running the new command. As you might have seen in the api client querying documentation, Chinchay provides a whole querying system. Where the parameters are passed by the Query String.

# extractOptions

So let's dive into extractOptions:

it receives a javascript object representing the query string (auto-generated by express). from it will create a new javascript object with all the elements corresponding to the option parameter and remove them from the query string. Let's look at an example:

Let's assume the following request:

 curl --request GET 'http://localhost:3000/api/coffee/find?orderBy=id&limit=2&price=100&columns=name'

If we look at the find function of the controller:

const find = (req, res) => {
  const options = Table.extractOptions(req.query);
  const columns = Table.extractColumns(req.query);
  const search = Table.extractSearch(req.query);
  coffee.find(search, columns, options).then((results) => {
    const json = httpResponse.success('Busqueda encontrada exitosamente', 'data', results);
    for (let i = 0; i < json.data.length; i++) {
      json.data[i].links = HATEOAS.get(json.data[i]);
    }
    return res.status(200).send(json);
  }).catch((error) => {
    const code = errorHandler.getHTTPCode(error);
    const message = errorHandler.getHTTPMessage(error);
    const json = httpResponse.error(message, error, code);
    return res.status(code).send(json);
  });
};

The req.query object at the beginning will be:

  { orderBy: 'id', limit: '2', price: '100', columns: 'name' }

after the line:

  const options = Table.extractOptions(req.query);

All the options properties have been removed from req.query. In this example only the price and the columns are left:

  { price: '100', columns: 'name' }

Whereas options:

{ orderBy: 'id', limit: '2' }

# SecurityMode

The extractOptions has an insecure mode, where it can be configured to extract also the rawSelect and the rawWhere. By default this mode is disabled, to enable it:

  req.query = { orderBy: 'id', limit: '2', price: '100', rawSelect: 'name as n' };
  const options = Table.extractOptions(req.query, { securityMode: false });

Options will include the rawSelect:

{ orderBy: 'id', limit: '2', rawSelect: 'name as n' }

On the other hand:

  req.query = { orderBy: 'id', limit: '2', price: '100', rawSelect: 'name as n' };
  const options = Table.extractOptions(req.query);

Options:

{ orderBy: 'id', limit: '2' }

WARNING

This is very dangerous. Why? Because through rawSelect and rawQuery sql commands can be injected to do harm, even delete the database! It is save to use if you are 100% sure that no malicious user will ever have access to it.

# extractColumns

This will remove from the req.query the columns property. It will return an array of all the columns, in the case there are no columns defined, it will return 'all'. So in the previous example, after the line:

  const columns = Table.extractColumns(req.query);

the req.query line will be:

  { price: '100' }

Whereas the columns:

[ 'name' ]

However, if we request was:

 curl --request GET 'http://localhost:3000/api/coffee/find?orderBy=id&limit=2&price=100'

the columns would have been:

  'all'

# extractSearch

It will return an object with the query in the correct format. It will parse all the arrays. If we request the following:

 curl --request GET "http://localhostfee/find?orderBy=id&limit=2&price=[\">\",100]" --globoff

info

The --globoff flag is to allow the brackets characters: []

The req.query object at the beginning will be:

  { orderBy: 'id', limit: '2', price: '[">",100]' }

Note how the price is a string representing an array and not an array as we would have wanted.

the following line fix that:

  const search = Table.extractSearch(req.query);

thereore the search will be:

{ price: [ '>', 100 ] }

← Sum, Min & Max Creating your own methods →