1 | import * as AWS from 'aws-sdk';
|
2 | import {response, IResponse} from './tools';
|
3 |
|
4 | AWS.config.update({region: 'us-east-1'});
|
5 | const kms = new AWS.KMS({apiVersion: '2014-11-01'});
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 | function encrypt(data: string, kmsKeyId: string): Promise<any> {
|
16 | return new Promise((res, rej) => {
|
17 | try {
|
18 | if (!data || data === '') {
|
19 |
|
20 | return res(null);
|
21 | }
|
22 |
|
23 | kms.encrypt({KeyId: kmsKeyId, Plaintext: data}, function (err, _data) {
|
24 | if (err) {
|
25 | rej(err);
|
26 | } else {
|
27 | res(_data);
|
28 | }
|
29 | });
|
30 | } catch (error) {
|
31 | rej(error.message);
|
32 | }
|
33 | });
|
34 | }
|
35 |
|
36 |
|
37 |
|
38 |
|
39 |
|
40 |
|
41 |
|
42 | function decrypt(blob: any, kmsKeyId: string): Promise<any> {
|
43 | return new Promise((res, rej) => {
|
44 | try {
|
45 | if ((blob && !blob.CiphertextBlob) || !blob) {
|
46 |
|
47 | return res(blob);
|
48 | }
|
49 | kms.decrypt({CiphertextBlob: blob.CiphertextBlob}, function (err, _data) {
|
50 | if (err) {
|
51 | console.log(err);
|
52 | rej(err);
|
53 | } else {
|
54 | res(_data);
|
55 | }
|
56 | });
|
57 | } catch (error) {
|
58 | console.log(143, error.message);
|
59 | rej(error.message);
|
60 | }
|
61 | });
|
62 | }
|
63 |
|
64 | export interface IDynamoParams {
|
65 | TableName: string;
|
66 | IndexName?: string;
|
67 | Key?: any;
|
68 | Item?: any;
|
69 | KeyConditionExpression?: string;
|
70 | ConditionExpression?: string;
|
71 | ExpressionAttributeValues?: any;
|
72 | ExpressionAttributeNames?: any;
|
73 | UpdateExpression?: string;
|
74 | FilterExpression?: string;
|
75 | Limit?: number;
|
76 | LastEvaluatedKey?: any;
|
77 | ExclusiveStartKey?: any;
|
78 | ScanIndexForward?: boolean;
|
79 | ProjectionExpression?: string;
|
80 | force?: string;
|
81 | ScannedCount?: any;
|
82 | }
|
83 |
|
84 | export class DynamoDbApi {
|
85 | dynamoDb: any;
|
86 | kmsKeyId: string;
|
87 |
|
88 | constructor(dynamoDb: any, _kmsKeyId?: string) {
|
89 | this.dynamoDb = dynamoDb;
|
90 | this.kmsKeyId = _kmsKeyId;
|
91 | process.setMaxListeners(Infinity);
|
92 | }
|
93 |
|
94 | |
95 |
|
96 |
|
97 |
|
98 |
|
99 |
|
100 | async decryptItem(item: any, decryptFields: Array<string>): Promise<any> {
|
101 | try {
|
102 | const Keys = Object.keys(item);
|
103 | for (let i = 0; i < Keys.length; i++) {
|
104 |
|
105 | if (item[Keys[i]] && item[Keys[i]]['CiphertextBlob'] && decryptFields.indexOf(Keys[i]) > -1) {
|
106 | const decryptedTmp = await decrypt(item[Keys[i]], this.kmsKeyId);
|
107 |
|
108 | if (decryptedTmp && decryptedTmp.Plaintext) {
|
109 | const val = decryptedTmp.Plaintext.toString();
|
110 | item[Keys[i]] = val.indexOf('{') > -1 ? JSON.parse(val) : val;
|
111 | }
|
112 | }
|
113 | }
|
114 | } catch (error) {
|
115 | console.log('decryptItem():', error);
|
116 | }
|
117 | return item;
|
118 | }
|
119 |
|
120 | |
121 |
|
122 |
|
123 |
|
124 |
|
125 |
|
126 | async encryptItem(item: any, encryptFields: Array<string>): Promise<any> {
|
127 | try {
|
128 | const Keys = Object.keys(item);
|
129 | for (let i = 0; i < Keys.length; i++) {
|
130 |
|
131 | if (item[Keys[i]] && encryptFields.indexOf(Keys[i]) > -1) {
|
132 | const encryptedTmp = await encrypt(typeof item[Keys[i]] === 'object' ? JSON.stringify(item[Keys[i]]) : item[Keys[i]],
|
133 | this.kmsKeyId);
|
134 |
|
135 | if (encryptedTmp) {
|
136 | item[Keys[i]] = encryptedTmp;
|
137 | }
|
138 | }
|
139 | }
|
140 | } catch (error) {
|
141 | console.log('tools.encryptItem() error:', error.message);
|
142 | } finally {
|
143 | return item;
|
144 | }
|
145 | }
|
146 |
|
147 | |
148 |
|
149 |
|
150 |
|
151 |
|
152 |
|
153 |
|
154 | get(params: IDynamoParams, context: string, decryptFields?: Array<any>): Promise<IResponse> {
|
155 | const dynamoDb = this.dynamoDb;
|
156 |
|
157 | return new Promise<IResponse>((res, rej) => {
|
158 | if (!dynamoDb) {
|
159 | return rej(response(false, 'dynamoDbTable undefined'));
|
160 | }
|
161 |
|
162 | try {
|
163 | dynamoDb.get(params, async (error, result) => {
|
164 | if (error) {
|
165 | return rej(response(false, error, `Could not get '${context}' info`));
|
166 | }
|
167 | else if (result.Item) {
|
168 |
|
169 | if (decryptFields && decryptFields.length) {
|
170 | result.Item = await this.decryptItem(result.Item, decryptFields);
|
171 | }
|
172 |
|
173 | return res(response(true, null, result.Item));
|
174 | }
|
175 | else {
|
176 | return res(response(false, `'${context}' info not found`));
|
177 | }
|
178 | });
|
179 | } catch (error) {
|
180 | console.log(479, error.message);
|
181 | rej(response(false, error));
|
182 | }
|
183 | })
|
184 | }
|
185 |
|
186 | /**
|
187 | *
|
188 | * @param dynamoDb
|
189 | * @param {IDynamoParams} params
|
190 | * @param {string} context
|
191 | * @param {Array<any>} decryptFields
|
192 | * @returns {Promise<IResponse>}
|
193 | * @private
|
194 | */
|
195 | private async _scan(dynamoDb: any, params: IDynamoParams, context: string, decryptFields?: Array<any>): Promise<IResponse> {
|
196 | if (!dynamoDb) {
|
197 | return response(false, 'dynamoDbTable undefined');
|
198 | }
|
199 | try {
|
200 | let count = 0;
|
201 | const result = await dynamoDb.scan(params).promise();
|
202 | if (result.Items && result.Items.length) {
|
203 | if (decryptFields && decryptFields.length) {
|
204 | for (let i = 0; i < result.Items.length; i++) {
|
205 | result.Items[i] = await this.decryptItem(result.Items[i], decryptFields);
|
206 | }
|
207 | }
|
208 | return response(true, null, result);
|
209 | }
|
210 | else {
|
211 | return response(false, `${context} info not found`, result);
|
212 | }
|
213 |
|
214 | } catch (error) {
|
215 | console.log('263 Error tools.db._scan()', error.message, params);
|
216 | return response(false, error);
|
217 | }
|
218 | }
|
219 |
|
220 | /**
|
221 | *
|
222 | * @param {IDynamoParams} params
|
223 | * @param {string} context
|
224 | * @param {Array<any>} decryptFields
|
225 | * @returns {Promise<IResponse>}
|
226 | */
|
227 | async scan(params: IDynamoParams, context: string, decryptFields?: Array<any>): Promise<IResponse> {
|
228 | const dynamoDb = this.dynamoDb;
|
229 |
|
230 | try {
|
231 | let items = [], result, whileMax = 1000, i = 0, count = 0, done = false, LastEvaluatedKey = null;
|
232 |
|
233 | while (!done && (i < whileMax)) {
|
234 | result = await this._scan(dynamoDb, params, context, decryptFields);
|
235 |
|
236 | if (!result.success && !params.Limit) {
|
237 | done = true;
|
238 | return result;
|
239 | } else {
|
240 | if (params.Limit) {
|
241 | if (result.data) {
|
242 | count += result.data.Count;
|
243 | if (!result.data.LastEvaluatedKey) {
|
244 | done = true;
|
245 | items.push(...result.data.Items);
|
246 | } else {
|
247 | if (count === params.Limit) {
|
248 | done = true;
|
249 | items.push(...result.data.Items);
|
250 | LastEvaluatedKey = result.data.LastEvaluatedKey;
|
251 | } else if (count > params.Limit) {
|
252 | done = true;
|
253 | const keys = Object.keys(result.data.LastEvaluatedKey);
|
254 | items.push(...result.data.Items.slice(0, (count - params.Limit)));
|
255 |
|
256 | for (let j = 0; j < keys.length; j++) {
|
257 | LastEvaluatedKey[keys[j]] = result.data.Items[count - params.Limit - 1][keys[j]];
|
258 | }
|
259 | } else {
|
260 | LastEvaluatedKey = result.data.LastEvaluatedKey;
|
261 | params['ExclusiveStartKey'] = LastEvaluatedKey;
|
262 | items.push(...result.data.Items);
|
263 | // let's go for a new loop then
|
264 | }
|
265 | }
|
266 | } else {
|
267 | // let's go for a new loop then
|
268 | LastEvaluatedKey = result.data.LastEvaluatedKey;
|
269 | params['ExclusiveStartKey'] = LastEvaluatedKey;
|
270 | }
|
271 | } else {
|
272 | done = true;
|
273 | LastEvaluatedKey = result.data.LastEvaluatedKey;
|
274 | items.push(...result.data.Items);
|
275 | }
|
276 | }
|
277 | i++;
|
278 | }
|
279 |
|
280 | return response(true, null, {
|
281 | Items: items,
|
282 | Count: items.length,
|
283 | CountV2: result.data.ScannedCount,
|
284 | LastEvaluatedKey: LastEvaluatedKey,
|
285 | Loops: i
|
286 | });
|
287 | } catch (error) {
|
288 | return response(false, error);
|
289 | }
|
290 | }
|
291 |
|
292 | /**
|
293 | *
|
294 | * @param {IDynamoParams} params
|
295 | * @param {string} context
|
296 | * @param {Array<any>} decryptFields
|
297 | * @returns {Promise<IResponse>}
|
298 | */
|
299 | async query(params: IDynamoParams, context: string, decryptFields?: Array<any>): Promise<IResponse> {
|
300 | const dynamoDb = this.dynamoDb;
|
301 |
|
302 | if (!dynamoDb) {
|
303 | return response(false, 'dynamoDbTable undefined');
|
304 | }
|
305 | try {
|
306 | const result = await dynamoDb.query(params).promise();
|
307 |
|
308 | if (result.Items && result.Items.length) {
|
309 | if (decryptFields && decryptFields.length) {
|
310 | for (let i = 0; i < result.Items.length; i++) {
|
311 | result.Items[i] = await this.decryptItem(result.Items[i], decryptFields);
|
312 | }
|
313 | }
|
314 |
|
315 | return response(true, null, result.Items.length > 1 ? result.Items : result.Items[0]);
|
316 | } else {
|
317 | return response(false, `'${context}' info not found`);
|
318 | }
|
319 | } catch (error) {
|
320 | console.log('263 Error tools.db.query()', error.message, params);
|
321 | return response(false, error.message, `Could not get '${context}' info`);
|
322 | }
|
323 | }
|
324 |
|
325 | /**
|
326 | * Return the raw result from dynamodb, instead only "Items"
|
327 | *
|
328 | * @param {IDynamoParams} params
|
329 | * @param {string} context
|
330 | * @param {Array<any>} decryptFields
|
331 | * @returns {Promise<IResponse>}
|
332 | */
|
333 | async queryRAW(params: IDynamoParams, context: string, decryptFields?: Array<any>): Promise<IResponse> {
|
334 | const dynamoDb = this.dynamoDb;
|
335 |
|
336 | if (!dynamoDb) {
|
337 | return response(false, 'dynamoDbTable undefined');
|
338 | }
|
339 | try {
|
340 | let result = await dynamoDb.query(params).promise();
|
341 |
|
342 | if(!result){
|
343 | return response(false, `'${context}' - Error on dynamoDb.query(params).promise().`);
|
344 | }
|
345 |
|
346 | let promises = [];
|
347 |
|
348 | if (result.Items && result.Items.length) {
|
349 | if (decryptFields && decryptFields.length) {
|
350 | for (let i = 0; i < result.Items.length; i++) {
|
351 | promises.push(this.decryptItem(result.Items[i], decryptFields))
|
352 | }
|
353 | result = await Promise.all(promises).then(results => {
|
354 | delete result.Items;
|
355 | result['Items'] = results;
|
356 | return result;
|
357 | });
|
358 | }
|
359 |
|
360 | return response(true, null, result);
|
361 |
|
362 | } else {
|
363 | return response(false, `'${context}' info not found`, result);
|
364 | }
|
365 | } catch (error) {
|
366 | console.log('263 Error tools.db.query()', error.message, params);
|
367 | return response(false, error.message, `Could not get '${context}' info`);
|
368 | }
|
369 | }
|
370 |
|
371 | /**
|
372 | *
|
373 | * @param {IDynamoParams} params
|
374 | * @param {string} context
|
375 | * @param {Array<any>} decryptFields
|
376 | * @returns {Promise<IResponse>}
|
377 | */
|
378 | delete(params: IDynamoParams, context: string, decryptFields?: Array<any>): Promise<IResponse> {
|
379 | const dynamoDb = this.dynamoDb;
|
380 |
|
381 | return new Promise<IResponse>((res, rej) => {
|
382 | if (!dynamoDb) {
|
383 | return rej(response(false, 'dynamoDbTable undefined'));
|
384 | }
|
385 |
|
386 | try {
|
387 | if (params.force) {
|
388 | dynamoDb.delete(params, async (error, result) => {
|
389 | if (error) {
|
390 | return rej(response(false, error, `Could not delete '${context}' info`));
|
391 | }
|
392 | return res(response(true, null, result));
|
393 | });
|
394 | } else {
|
395 |
|
396 | if (!params.Key) {
|
397 | return response(false, 'Key is required. Cannot delete item');
|
398 | }
|
399 |
|
400 |
|
401 | const _params = {
|
402 | TableName: params.TableName,
|
403 | Key: params.Key,
|
404 | UpdateExpression: "set deleted =:d",
|
405 | ExpressionAttributeValues: {
|
406 | ":d": true
|
407 | }
|
408 | };
|
409 |
|
410 | dynamoDb.update(_params, (error, result) => {
|
411 | if (error) {
|
412 | console.log(params, error);
|
413 | return rej(response(false, error, `Could not update '${context}' item to 'deleted' state`));
|
414 | }
|
415 | else {
|
416 | return res(response(true, null, result));
|
417 | }
|
418 | });
|
419 | }
|
420 | } catch (error) {
|
421 | console.log(479, error.message);
|
422 | rej(response(false, error));
|
423 | }
|
424 | })
|
425 | }
|
426 |
|
427 | /**
|
428 | *
|
429 | * @param {IDynamoParams} params
|
430 | * @param {string} context
|
431 | * @param {Array<any>} encryptFields
|
432 | * @returns {Promise<IResponse>}
|
433 | */
|
434 | put(params: IDynamoParams, context: string, encryptFields?: Array<any>): Promise<IResponse> {
|
435 | return new Promise<IResponse>(async (res, rej) => {
|
436 | const dynamoDb = this.dynamoDb;
|
437 |
|
438 | try {
|
439 | if (!dynamoDb) {
|
440 | return rej(response(false, 'dynamoDbTable undefined'));
|
441 | }
|
442 |
|
443 | if (encryptFields && encryptFields.length) {
|
444 | params.Item = await this.encryptItem(params.Item, encryptFields);
|
445 | }
|
446 |
|
447 |
|
448 | params.Item.updatedAt = new Date().toISOString();
|
449 | params.Item.createdAt = new Date().toISOString();
|
450 |
|
451 | dynamoDb.put(params, (error, result) => {
|
452 | if (error) {
|
453 | console.log(params, error);
|
454 | return rej(response(false, error, `Could not insert '${context}' item`));
|
455 | }
|
456 | else {
|
457 | return res(response(true, null, result));
|
458 | }
|
459 | });
|
460 | } catch (error) {
|
461 | console.log('295 tools.db.put()', error);
|
462 | rej(response(false, error.message));
|
463 | }
|
464 | });
|
465 | }
|
466 |
|
467 | /**
|
468 | *
|
469 | * @param item
|
470 | * @param {Array<any>} encryptFields
|
471 | * @returns {Promise<{expressions: any; updates: any}>}
|
472 | */
|
473 | async getUpdateExpression(item: any, encryptFields?: Array<any>): Promise<{ expressions: any, updates: any }> {
|
474 | let expressions = {}, updates = '';
|
475 | if (encryptFields) {
|
476 | item = await this.encryptItem(item, encryptFields);
|
477 | }
|
478 |
|
479 | const Keys = Object.keys(item);
|
480 | for (let i = 0; i < Keys.length; i++) {
|
481 | // if (Keys[i] === 'id')
|
482 | expressions[`:v${i}`] = item[Keys[i]];
|
483 | updates += `${Keys[i]} =:v${i},`;
|
484 | }
|
485 |
|
486 | updates = updates.replace(/(^,)|(,$)/g, "");
|
487 |
|
488 | return {
|
489 | expressions: expressions,
|
490 | updates: updates
|
491 | };
|
492 | }
|
493 |
|
494 | /**
|
495 | *
|
496 | *
|
497 | *
|
498 | * @param item
|
499 | * @param {Array<any>} encryptFields
|
500 | * @returns {Promise<{expressions: any; updates: any}>}
|
501 | */
|
502 | async getUpdateExpressionV2(item: any, encryptFields?: Array<any>): Promise<{ attributesValue: any, updates: any, attributesName: any }> {
|
503 | let attributesValue = {}, attributesName = {}, updates = '';
|
504 | if (encryptFields) {
|
505 | item = await this.encryptItem(item, encryptFields);
|
506 | }
|
507 |
|
508 | const Keys = Object.keys(item);
|
509 | for (let i = 0; i < Keys.length; i++) {
|
510 | // if (Keys[i] === 'id')
|
511 | attributesValue[`:v${i}`] = item[Keys[i]];
|
512 | attributesName[`#a${i}`] = Keys[i];
|
513 | updates += `#a${i} =:v${i},`;
|
514 | }
|
515 |
|
516 | updates = updates.replace(/(^,)|(,$)/g, "");
|
517 |
|
518 | return {
|
519 | attributesValue: attributesValue,
|
520 | updates: updates,
|
521 | attributesName: attributesName
|
522 |
|
523 | };
|
524 | }
|
525 |
|
526 | /**
|
527 | *
|
528 | * @param {IDynamoParams} params
|
529 | * @param {string} context
|
530 | * @param {Array<any>} encryptFields
|
531 | * @returns {Promise<IResponse>}
|
532 | */
|
533 | update(params: IDynamoParams, context: string, encryptFields?: Array<any>): Promise<IResponse> {
|
534 | const dynamoDb = this.dynamoDb;
|
535 |
|
536 | return new Promise<IResponse>((res, rej) => {
|
537 | if (!dynamoDb) {
|
538 | return rej(response(false, 'dynamoDbTable undefined'));
|
539 | }
|
540 | try {
|
541 |
|
542 | params.ExpressionAttributeValues[':upd'] = new Date().toISOString();
|
543 | params.UpdateExpression += ', updatedAt =:upd';
|
544 |
|
545 | dynamoDb.update(params, (error, result) => {
|
546 | if (error) {
|
547 | console.log(params, error);
|
548 | return rej(response(false, error));
|
549 | }
|
550 | else {
|
551 | return res(response(true, null, result));
|
552 | }
|
553 | });
|
554 | } catch (error) {
|
555 | console.log(error)
|
556 | rej(response(false, error));
|
557 | }
|
558 | });
|
559 | }
|
560 | }
|
561 |
|
\ | No newline at end of file |