ControllerConfig

Full reference for options accepted by importModel and importModels.

interface ControllerConfig {
  fastUpdate?: 'enabled' | 'disabled' | 'optional';
  disabledPluralize?: boolean;
  basePath?: string;
  disabledMethod?: string[];
  logger?: HirokiLogger;
  logLevel?: LogLevel;
  hooks?: ControllerHooks;
  middleware?: HirokiMiddleware[];
  adapter?: HirokiAdapter;
  allowedFields?: string[];
  disabledFields?: string[];
  queryLimits?: QueryLimits;
}

fastUpdate

Controls whether updates skip the find-then-save round-trip.

Value	Behavior
`'disabled'` (default)	Always fetch document first — runs Mongoose pre-save hooks
`'enabled'`	Always use `updateOne` — faster, no pre-save hooks
`'optional'`	Use `updateOne` only when `?fast=true` is in the query string

disabledPluralize

When true, disables pluralization so the route uses the model name as-is (e.g. User → /user). Default: false — routes are pluralized automatically (e.g. User → /users).

hiroki.importModel(User);                          // → /users  (default)
hiroki.importModel(User, { disabledPluralize: true });  // → /user

basePath

URL prefix prepended to the resource route. Default: inherits from global config ('/api').

disabledMethod

Array of HTTP methods to block. Accepts uppercase ('DELETE') or lowercase ('delete').

Blocked methods return 405 Method Not Allowed.

logger / logLevel

Custom logger instance or minimum log level for the default ConsoleLogger.

logger overrides logLevel when both are set.

hooks

Lifecycle hooks. See Hooks & Middleware.

middleware

Per-resource middleware chain. See Hooks & Middleware.

adapter

Inject a custom HirokiAdapter directly. Skips Mongoose validation and the adapter registry. See Adapters.

allowedFields

Whitelist of body field names allowed in create and update operations. Fields not in the list are stripped before hooks run. See Security.

disabledFields

Blacklist of field names excluded from all GET responses — list, findById, and populate sub-documents. Takes precedence over ?select= query params that attempt to request a disabled field. See Security.

hiroki.importModel(User, {
  disabledFields: ['password', 'ssn'],
});

queryLimits

Override default query safety limits.

interface QueryLimits {
  maxFilters?: number;      // default: 20
  maxInValues?: number;     // default: 100
  maxRegexLength?: number;  // default: 200
}

See Security.

ControllerConfig ​

fastUpdate ​

disabledPluralize ​

basePath ​

disabledMethod ​

logger / logLevel ​

hooks ​

middleware ​

adapter ​

allowedFields ​

disabledFields ​

queryLimits ​