npm - @a83/orbiter-admin - Versions diffs - 0.3.7 → 0.3.10 - Mend

@a83/orbiter-admin 0.3.7 → 0.3.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@a83/orbiter-admin",
-  "version": "0.3.7",
+  "version": "0.3.10",
   "description": "Standalone admin server for Orbiter CMS",
   "type": "module",
   "main": "./src/server.js",

package/public/editor.html CHANGED Viewed

@@ -101,15 +101,21 @@
     /* Status */
     .status-bar { display:flex; align-items:center; gap:8px; padding:8px 0; margin-bottom:10px; }
     .status-dot { width:7px; height:7px; border-radius:50%; flex-shrink:0; }
-    .status-dot.published { background:var(--jade); }
-    .status-dot.draft { background:var(--gold); }
+    .status-dot.published  { background:var(--jade); }
+    .status-dot.draft      { background:var(--gold); }
+    .status-dot.scheduled  { background:var(--accent); }
     .status-lbl { font-size:11px; }
-    .status-lbl.published { color:var(--jade); }
-    .status-lbl.draft { color:var(--gold); }
+    .status-lbl.published  { color:var(--jade); }
+    .status-lbl.draft      { color:var(--gold); }
+    .status-lbl.scheduled  { color:var(--accent); }
     .btn-publish { display:block; width:100%; padding:9px; background:var(--gold); border:none; color:var(--bg0); font-family:var(--mono); font-size:10px; letter-spacing:.12em; cursor:pointer; transition:background .15s; margin-bottom:5px; border-radius:var(--radius); }
     .btn-publish:hover { background:#7a5520; }
-    .btn-draft { display:block; width:100%; padding:8px; background:transparent; border:1px solid var(--line); color:var(--mid); font-family:var(--mono); font-size:10px; cursor:pointer; transition:all .12s; border-radius:var(--radius); }
+    .btn-draft { display:block; width:100%; padding:8px; background:transparent; border:1px solid var(--line); color:var(--mid); font-family:var(--mono); font-size:10px; cursor:pointer; transition:all .12s; border-radius:var(--radius); margin-bottom:5px; }
     .btn-draft:hover { border-color:var(--mid); color:var(--text); }
+    .btn-schedule { display:block; width:100%; padding:8px; background:transparent; border:1px solid var(--accent); color:var(--accent); font-family:var(--mono); font-size:10px; cursor:pointer; transition:all .12s; border-radius:var(--radius); margin-bottom:5px; }
+    .btn-schedule:hover { background:var(--accent-bg); }
+    .schedule-picker { display:none; gap:4px; margin-bottom:5px; }
+    .schedule-picker.open { display:flex; }
     /* Schema fields in sidebar */
     .field-input,.field-select { width:100%; background:var(--bg0); border:1px solid var(--line); padding:6px 8px; color:var(--heading); font-family:var(--mono); font-size:11px; outline:none; appearance:none; transition:border-color .15s; border-radius:var(--radius); box-sizing:border-box; }
@@ -480,10 +486,11 @@
     document.getElementById('collection-id-display').textContent = COLLECTION;
     // Load collection schema + entry
-    const [colData, entryData, versionsData, mediaData] = await Promise.all([
+    const [colData, entryData, versionsData, activityData, mediaData] = await Promise.all([
       fetch(`/api/collections/${COLLECTION}`,{credentials:'include'}).then(r=>r.ok?r.json():null),
       IS_NEW ? null : fetch(`/api/collections/${COLLECTION}/entries/${SLUG}`,{credentials:'include'}).then(r=>r.ok?r.json():null),
       IS_NEW ? [] : fetch(`/api/collections/${COLLECTION}/entries/${SLUG}/versions`,{credentials:'include'}).then(r=>r.ok?r.json():[]).catch(()=>[]),
+      IS_NEW ? [] : fetch(`/api/collections/${COLLECTION}/entries/${SLUG}/activity`,{credentials:'include'}).then(r=>r.ok?r.json():[]).catch(()=>[]),
       fetch('/api/media',{credentials:'include'}).then(r=>r.json()).catch(()=>[]),
     ]);
@@ -506,14 +513,20 @@
       }
     }
-    // Fetch preview URL for this collection
-    const previewMeta = await fetch(`/api/meta/preview_url~${COLLECTION}`,{credentials:'include'}).then(r=>r.json()).catch(()=>null);
+    // Fetch preview URL + token for this collection
+    const [previewMeta, previewTokenMeta] = await Promise.all([
+      fetch(`/api/meta/preview_url~${COLLECTION}`,{credentials:'include'}).then(r=>r.json()).catch(()=>null),
+      fetch('/api/meta/preview~token',{credentials:'include'}).then(r=>r.json()).catch(()=>null),
+    ]);
     const previewUrlTemplate = previewMeta?.value || '';
+    const previewToken = previewTokenMeta?.value || '';
     function updatePreviewLink() {
       const btn = document.getElementById('btn-preview-link');
       if (!btn || !previewUrlTemplate) return;
       const slug = document.getElementById('slug-input')?.value || currentSlug || SLUG;
-      btn.href = previewUrlTemplate.replace('{slug}', slug);
+      const base = previewUrlTemplate.replace('{slug}', slug);
+      const sep  = base.includes('?') ? '&' : '?';
+      btn.href = previewToken ? base + sep + 'preview_token=' + previewToken : base;
       btn.style.display = '';
     }
@@ -532,8 +545,10 @@
     function renderMetaPanel() {
       const panel = document.getElementById('meta-panel');
-      const status = IS_NEW ? 'draft' : (entryData?.status ?? 'draft');
+      const status    = IS_NEW ? 'draft' : (entryData?.status ?? 'draft');
       const updatedAt = entryData?.updated_at;
+      const publishAt = entryData?.publish_at ?? null;
+      const publishAtInput = publishAt ? publishAt.replace(' ', 'T').slice(0, 16) : '';
       let fieldsHtml = '';
       const seoFields = {};
@@ -625,6 +640,15 @@
         </div>
       `).join('');
+      const actionLabel = { create:'Created', update:'Saved', publish:'Published', unpublish:'Unpublished', delete:'Moved to trash', restore:'Restored' };
+      const actHtml = activityData.slice(0,10).map(a=>`
+        <div style="display:flex;align-items:baseline;gap:8px;padding:4px 0;border-bottom:1px solid var(--line2);font-size:10px;">
+          <span style="color:var(--text);font-weight:500;flex-shrink:0">${actionLabel[a.action]??a.action}</span>
+          <span style="color:var(--muted);flex:1;text-align:right">${a.username}</span>
+          <span style="color:var(--muted);font-family:var(--mono);flex-shrink:0">${new Date(a.created_at).toLocaleDateString()}</span>
+        </div>
+      `).join('');
       const hasSeo = !!(seoFields.titleKey || seoFields.descKey);
       const serpHtml = hasSeo ? `<div class="serp-preview" id="serp-preview">
         <div class="serp-url" id="serp-url">${location.host}/${COLLECTION}/<span id="serp-slug-part">${escHtml(IS_NEW?'…':SLUG)}</span></div>
@@ -637,10 +661,16 @@
         <div class="meta-section">
           <div class="status-bar">
             <div class="status-dot ${status}" id="status-dot"></div>
-            <div class="status-lbl ${status}" id="status-lbl">${status==='published'?'Published':'Draft'}</div>
+            <div class="status-lbl ${status}" id="status-lbl">${status==='published'?'Published':status==='scheduled'?'Scheduled':'Draft'}</div>
+            ${status==='scheduled'&&publishAt?`<span style="font-size:10px;color:var(--muted);margin-left:auto">${new Date(publishAt.replace(' ','T')).toLocaleDateString()}</span>`:''}
+          </div>
+          <button type="button" class="btn-publish" id="btn-publish">${status==='published'?'Republish':'Publish now'}</button>
+          <button type="button" class="btn-draft"   id="btn-draft">${status==='scheduled'?'Cancel schedule':'Save as draft'}</button>
+          <div class="schedule-picker${status==='scheduled'?' open':''}" id="schedule-picker">
+            <input type="datetime-local" class="field-input" id="publish-at-input" value="${publishAtInput}" style="flex:1;font-size:10px;padding:5px 8px;" />
+            <button type="button" id="btn-schedule-confirm" style="padding:5px 10px;background:var(--accent);border:none;color:var(--bg0);font-family:var(--mono);font-size:10px;cursor:pointer;border-radius:var(--radius);white-space:nowrap;">Set</button>
           </div>
-          <button type="button" class="btn-publish" id="btn-publish">Publish</button>
-          <button type="button" class="btn-draft"   id="btn-draft">Save as draft</button>
+          <button type="button" class="btn-schedule" id="btn-schedule">${status==='scheduled'?'Reschedule':'Schedule'}</button>
         </div>
         <div class="meta-section">
           <div class="meta-label">Details</div>
@@ -653,11 +683,13 @@
             <select class="field-select" id="status-select">
               <option value="draft"     ${status==='draft'     ?'selected':''}>Draft</option>
               <option value="published" ${status==='published' ?'selected':''}>Published</option>
+              <option value="scheduled" ${status==='scheduled' ?'selected':''}>Scheduled</option>
             </select>
           </div>
           ${updatedAt ? `<div class="meta-field"><div class="field-label">Modified</div><div class="field-readonly">${new Date(updatedAt).toLocaleDateString()}</div></div>` : ''}
         </div>
         ${versionsData.length ? `<div class="meta-section"><div class="meta-label">History</div>${versHtml}</div>` : ''}
+        ${activityData.length ? `<div class="meta-section"><div class="meta-label">Activity</div>${actHtml}</div>` : ''}
       `;
       // Wire up weekday toggles
@@ -712,9 +744,17 @@
         });
       });
-      // Publish / draft buttons
-      document.getElementById('btn-publish').addEventListener('click',()=>saveEntry('published'));
-      document.getElementById('btn-draft').addEventListener('click',()=>saveEntry('draft'));
+      // Publish / draft / schedule buttons
+      document.getElementById('btn-publish').addEventListener('click', () => saveEntry('published'));
+      document.getElementById('btn-draft').addEventListener('click',   () => saveEntry('draft'));
+      document.getElementById('btn-schedule').addEventListener('click', () => {
+        document.getElementById('schedule-picker').classList.toggle('open');
+      });
+      document.getElementById('btn-schedule-confirm').addEventListener('click', () => {
+        const val = document.getElementById('publish-at-input').value;
+        if (!val) { alert('Please select a date and time.'); return; }
+        saveEntry('scheduled');
+      });
       // Slug input → slug preview
       document.getElementById('slug-input').addEventListener('input', e=>{
@@ -785,8 +825,15 @@
     function updateStatusUI(status) {
       document.getElementById('status-dot').className = 'status-dot ' + status;
       document.getElementById('status-lbl').className = 'status-lbl ' + status;
-      document.getElementById('status-lbl').textContent = status==='published'?'Published':'Draft';
-      document.getElementById('status-select').value = status;
+      document.getElementById('status-lbl').textContent = status === 'published' ? 'Published' : status === 'scheduled' ? 'Scheduled' : 'Draft';
+      const sel = document.getElementById('status-select');
+      if (sel) sel.value = status;
+      const publishBtn = document.getElementById('btn-publish');
+      const draftBtn   = document.getElementById('btn-draft');
+      const schedBtn   = document.getElementById('btn-schedule');
+      if (publishBtn) publishBtn.textContent = status === 'published' ? 'Republish' : 'Publish now';
+      if (draftBtn)   draftBtn.textContent   = status === 'scheduled' ? 'Cancel schedule' : 'Save as draft';
+      if (schedBtn)   schedBtn.textContent   = status === 'scheduled' ? 'Reschedule' : 'Schedule';
     }
     function renderTags(key) {
@@ -863,6 +910,14 @@
     let currentPath = location.pathname + location.search;
     async function saveEntry(status, isAutosave=false) {
+      // Resolve publish_at for scheduled entries
+      let publish_at = null;
+      if (status === 'scheduled') {
+        const raw = document.getElementById('publish-at-input')?.value;
+        if (!raw) { if (!isAutosave) alert('Please select a date and time.'); return; }
+        publish_at = raw.replace('T', ' ') + ':00';
+      }
       const title = document.getElementById('title-input').value;
       syncToHidden();
       const body = document.getElementById('body-input').value;
@@ -890,7 +945,7 @@
         const res = await fetch(`/api/collections/${COLLECTION}/entries`,{
           method:'POST', credentials:'include',
           headers:{'Content-Type':'application/json'},
-          body: JSON.stringify({ slug, data, status }),
+          body: JSON.stringify({ slug, data, status, publish_at }),
         });
         const json = await res.json();
         if (json.slug || json.id) {
@@ -909,7 +964,7 @@
         const res = await fetch(`/api/collections/${COLLECTION}/entries/${targetSlug}`,{
           method:'PUT', credentials:'include',
           headers:{'Content-Type':'application/json'},
-          body: JSON.stringify({ slug, data, status }),
+          body: JSON.stringify({ slug, data, status, publish_at }),
         });
         if (res.ok) {
           const json = await res.json();

package/public/entries.html CHANGED Viewed

@@ -100,15 +100,19 @@
           <button class="filter-tab active" data-status="">All</button>
           <button class="filter-tab" data-status="published">Published</button>
           <button class="filter-tab" data-status="draft">Drafts</button>
+          <button class="filter-tab" data-status="scheduled">Scheduled</button>
+          <button class="filter-tab" data-status="trash" style="margin-left:auto">🗑 Trash</button>
         </div>
         <!-- Bulk action bar -->
         <div class="bulk-bar" id="bulk-bar">
           <span><span class="bulk-bar-count" id="bulk-count">0</span> selected</span>
-          <button class="btn btn-ghost btn-sm" id="bulk-publish">Publish</button>
-          <button class="btn btn-ghost btn-sm" id="bulk-draft">Unpublish</button>
+          <button class="btn btn-ghost btn-sm bulk-normal" id="bulk-publish">Publish</button>
+          <button class="btn btn-ghost btn-sm bulk-normal" id="bulk-draft">Unpublish</button>
+          <button class="btn btn-ghost btn-sm bulk-trash" id="bulk-restore" style="display:none">Restore</button>
           <span class="bulk-bar-spacer"></span>
-          <button class="btn btn-danger btn-sm" id="bulk-delete">Delete selected</button>
+          <button class="btn btn-danger btn-sm bulk-normal" id="bulk-delete">Move to Trash</button>
+          <button class="btn btn-danger btn-sm bulk-trash" id="bulk-permanent" style="display:none">Delete forever</button>
         </div>
         <div class="table-wrap" id="entries-wrap">
@@ -140,7 +144,10 @@
     let selected    = new Set();
     function updateBulkBar() {
-      const bar = document.getElementById('bulk-bar');
+      const bar   = document.getElementById('bulk-bar');
+      const trash = activeFilter === 'trash';
+      document.querySelectorAll('.bulk-normal').forEach(el => el.style.display = trash ? 'none' : '');
+      document.querySelectorAll('.bulk-trash').forEach(el  => el.style.display = trash ? ''     : 'none');
       if (selected.size > 0) {
         bar.classList.add('visible');
         document.getElementById('bulk-count').textContent = selected.size;
@@ -165,6 +172,7 @@
         wrap.innerHTML = '<div class="empty"><div class="empty-icon">◈</div>No entries yet</div>';
         return;
       }
+      const isTrash = activeFilter === 'trash';
       const canSort = !activeFilter;
       wrap.innerHTML = `
         <table>
@@ -172,15 +180,17 @@
             <tr>
               ${canSort ? '<th class="drag-col"></th>' : ''}
               <th class="cb-col"><input type="checkbox" id="check-all" title="Select all" /></th>
-              <th>Title / Slug</th><th>Status</th><th>Updated</th><th></th>
+              <th>Title / Slug</th><th>${isTrash ? 'Deleted' : 'Status'}</th><th>${isTrash ? '' : 'Updated'}</th><th></th>
             </tr>
           </thead>
           <tbody>
             ${entries.map(e => {
               const title   = e.data?.title || e.slug;
               const updated = e.updated_at ? e.updated_at.split(' ')[0] : '—';
-              const nextStatus = e.status === 'published' ? 'draft' : 'published';
-              const toggleLabel = e.status === 'published' ? 'Unpublish' : 'Publish';
+              const deleted = e.deleted_at ? e.deleted_at.split(' ')[0] : '—';
+              const nextStatus  = e.status === 'published' ? 'draft' : 'published';
+              const toggleLabel = e.status === 'published' ? 'Unpublish' : e.status === 'scheduled' ? 'Publish now' : 'Publish';
+              const schedInfo   = e.status === 'scheduled' && e.publish_at ? ` · ${e.publish_at.split(' ')[0]}` : '';
               return `<tr data-slug="${e.slug}"${canSort ? ' draggable="true"' : ''}>
                 ${canSort ? `<td class="drag-col"><span class="drag-handle" title="Drag to reorder">⠿</span></td>` : ''}
                 <td class="cb-col"><input type="checkbox" class="row-cb" data-slug="${e.slug}" ${selected.has(e.slug) ? 'checked' : ''} /></td>
@@ -188,14 +198,18 @@
                   <div style="color:var(--heading);font-weight:500">${title}</div>
                   <div style="font-family:var(--mono);font-size:10px;color:var(--muted);margin-top:2px">${e.slug}</div>
                 </td>
-                <td><span class="badge badge-${e.status}">${e.status}</span></td>
-                <td style="font-family:var(--mono);font-size:11px;color:var(--muted)">${updated}</td>
+                <td>${isTrash ? `<span style="font-family:var(--mono);font-size:11px;color:var(--muted)">${deleted}</span>` : `<span class="badge badge-${e.status}">${e.status}${schedInfo}</span>`}</td>
+                <td style="font-family:var(--mono);font-size:11px;color:var(--muted)">${isTrash ? '' : updated}</td>
                 <td style="width:1%;white-space:nowrap">
                   <div class="row-actions">
-                    <a class="btn-row" href="/editor.html?collection=${colId}&slug=${e.slug}">Edit</a>
-                    <button class="btn-row btn-row-toggle status-toggle" data-slug="${e.slug}" data-next="${nextStatus}">${toggleLabel}</button>
-                    <button class="btn-row btn-row-icon dup-btn" data-slug="${e.slug}" title="Duplicate">⧉</button>
-                    <button class="btn-row btn-row-danger delete-btn" data-slug="${e.slug}">Delete</button>
+                    ${isTrash
+                      ? `<button class="btn-row restore-btn" data-slug="${e.slug}">Restore</button>
+                         <button class="btn-row btn-row-danger perm-del-btn" data-slug="${e.slug}">Delete forever</button>`
+                      : `<a class="btn-row" href="/editor.html?collection=${colId}&slug=${e.slug}">Edit</a>
+                         <button class="btn-row btn-row-toggle status-toggle" data-slug="${e.slug}" data-next="${nextStatus}">${toggleLabel}</button>
+                         <button class="btn-row btn-row-icon dup-btn" data-slug="${e.slug}" title="Duplicate">⧉</button>
+                         <button class="btn-row btn-row-danger delete-btn" data-slug="${e.slug}">Trash</button>`
+                    }
                   </div>
                 </td>
               </tr>`;
@@ -288,16 +302,36 @@
         });
       });
-      // Delete
+      // Delete → Trash
       wrap.querySelectorAll('.delete-btn').forEach(btn => {
         btn.addEventListener('click', async () => {
-          if (!confirm(`Delete "${btn.dataset.slug}"?`)) return;
           await fetch(`/api/collections/${colId}/entries/${btn.dataset.slug}`, {
             method: 'DELETE', credentials: 'include',
           });
           loadEntries();
         });
       });
+      // Restore from Trash
+      wrap.querySelectorAll('.restore-btn').forEach(btn => {
+        btn.addEventListener('click', async () => {
+          await fetch(`/api/collections/${colId}/entries/${btn.dataset.slug}/restore`, {
+            method: 'POST', credentials: 'include',
+          });
+          loadEntries();
+        });
+      });
+      // Permanent delete
+      wrap.querySelectorAll('.perm-del-btn').forEach(btn => {
+        btn.addEventListener('click', async () => {
+          if (!confirm(`Permanently delete "${btn.dataset.slug}"? This cannot be undone.`)) return;
+          await fetch(`/api/collections/${colId}/entries/${btn.dataset.slug}/permanent`, {
+            method: 'DELETE', credentials: 'include',
+          });
+          loadEntries();
+        });
+      });
     }
     // Filter buttons
@@ -322,9 +356,15 @@
       });
       loadEntries();
     }
-    document.getElementById('bulk-publish').addEventListener('click', () => bulkAction('publish'));
-    document.getElementById('bulk-draft').addEventListener('click',   () => bulkAction('draft'));
-    document.getElementById('bulk-delete').addEventListener('click',  () => bulkAction('delete'));
+    document.getElementById('bulk-publish').addEventListener('click',   () => bulkAction('publish'));
+    document.getElementById('bulk-draft').addEventListener('click',     () => bulkAction('draft'));
+    document.getElementById('bulk-delete').addEventListener('click',    () => bulkAction('delete'));
+    document.getElementById('bulk-restore').addEventListener('click',   () => bulkAction('restore'));
+    document.getElementById('bulk-permanent').addEventListener('click', async () => {
+      const n = selected.size;
+      if (!confirm(`Permanently delete ${n} entr${n !== 1 ? 'ies' : 'y'}? This cannot be undone.`)) return;
+      await bulkAction('permanent');
+    });
     // New entry modal
     const overlay = document.getElementById('modal-overlay');

package/public/settings.html CHANGED Viewed

@@ -362,6 +362,13 @@
             <div><div class="setting-label">API token</div><div class="setting-desc">Optional bearer token to restrict access</div></div>
             <input class="input" type="password" name="api.token" value="${get('api.token')}" autocomplete="off" placeholder="Leave blank for open access" />
           </div>
+          <div class="setting-row">
+            <div><div class="setting-label">Preview token</div><div class="setting-desc">Appended to Preview URLs — allows viewing draft entries on your site</div></div>
+            <div style="display:flex;gap:8px;align-items:center">
+              <input class="input" type="text" id="preview-token-display" value="${get('preview.token')??''}" readonly style="flex:1;font-family:var(--mono);font-size:11px;" placeholder="No token generated" />
+              <button type="button" class="btn btn-ghost btn-sm" id="btn-gen-preview-token">Generate</button>
+            </div>
+          </div>
         </div>
         <div class="settings-group">
@@ -651,10 +658,22 @@
         ['media.s3_public_url', fd.get('media.s3_public_url')],
         ['api.enabled',         fd.get('api.enabled') ? '1' : '0'],
         ['api.token',           fd.get('api.token')],
+        ['preview.token',       document.getElementById('preview-token-display').value || null],
       ]);
       showBanner('site-banner','banner-ok','Settings saved');
     });
+    // Preview token generator
+    document.getElementById('btn-gen-preview-token')?.addEventListener('click', async () => {
+      const token = Array.from(crypto.getRandomValues(new Uint8Array(24))).map(b=>b.toString(16).padStart(2,'0')).join('');
+      document.getElementById('preview-token-display').value = token;
+      await fetch('/api/meta/preview.token', {
+        method: 'PUT', credentials: 'include',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ value: token }),
+      });
+    });
     // GitHub push (conditional: only wired if section rendered)
     const ghPushBtn = document.getElementById('github-push-btn');
     if (ghPushBtn) ghPushBtn.addEventListener('click', async () => {

package/public/style.css CHANGED Viewed

@@ -936,8 +936,9 @@ td { padding: 10px 20px; font-size: 12px; color: var(--text); border-bottom: 1px
 tr:last-child td { border-bottom: none; }
 tr:hover td { background: var(--row-hover); }
 .badge { display: inline-block; font-size: 10px; font-family: var(--mono); padding: 2px 7px; border-radius: 2px; letter-spacing: 0.04em; }
-.badge-published { background: var(--jade-bg); color: var(--jade); }
-.badge-draft     { background: var(--gold-bg);  color: var(--gold); }
+.badge-published  { background: var(--jade-bg);   color: var(--jade); }
+.badge-draft      { background: var(--gold-bg);   color: var(--gold); }
+.badge-scheduled  { background: var(--accent-bg); color: var(--accent); }
 /* ── Buttons ─────────────────────────────────────── */
 .btn { display: inline-flex; align-items: center; gap: 6px; padding: 6px 14px; font-size: 12px; font-family: var(--sans); border-radius: var(--radius); cursor: pointer; transition: all 0.12s; border: 1px solid transparent; font-weight: 400; letter-spacing: 0.01em; }

package/src/routes/entries.js CHANGED Viewed

@@ -16,11 +16,12 @@ entryRoutes.post('/:collectionId/entries/bulk', async (c) => {
   const { collectionId } = c.req.param();
   const { action, slugs } = await c.req.json();
   if (!Array.isArray(slugs) || !slugs.length) return c.json({ error: 'slugs required' }, 400);
-  if (!['publish', 'draft', 'delete'].includes(action))  return c.json({ error: 'Invalid action' }, 400);
+  if (!['publish', 'draft', 'delete', 'restore', 'permanent'].includes(action)) return c.json({ error: 'Invalid action' }, 400);
   const db = openPod(c.get('podPath'));
-  if (action === 'delete') {
-    slugs.forEach(slug => db.deleteEntry(collectionId, slug));
-  } else {
+  if (action === 'delete')    { slugs.forEach(slug => db.deleteEntry(collectionId, slug)); }
+  else if (action === 'restore')   { slugs.forEach(slug => db.restoreEntry(collectionId, slug)); }
+  else if (action === 'permanent') { slugs.forEach(slug => db.permanentDeleteEntry(collectionId, slug)); }
+  else {
     const status = action === 'publish' ? 'published' : 'draft';
     slugs.forEach(slug => {
       const entry = db.getEntry(collectionId, slug);
@@ -78,6 +79,7 @@ entryRoutes.post('/:collectionId/entries', async (c) => {
   const id    = db.createEntry(collectionId, slug, data, status);
   const entry = db.getEntry(collectionId, slug);
+  db.logAudit(id, c.get('user')?.username ?? 'unknown', 'create');
   db.close();
   return c.json({ ...entry, id }, 201);
 });
@@ -91,7 +93,17 @@ entryRoutes.put('/:collectionId/entries/:slug', async (c) => {
   const before = db.getEntry(collectionId, slug);
   const ok     = db.updateEntry(collectionId, slug, body);
   if (!ok) { db.close(); return c.json({ error: 'Not found' }, 404); }
-  const updated = db.getEntry(collectionId, body.slug ?? slug);
+  const updated  = db.getEntry(collectionId, body.slug ?? slug);
+  const username = c.get('user')?.username ?? 'unknown';
+  if (body.status === 'published' && before?.status !== 'published') {
+    db.logAudit(updated.id, username, 'publish');
+  } else if (body.status === 'draft' && before?.status === 'published') {
+    db.logAudit(updated.id, username, 'unpublish');
+  } else if (body.status === 'scheduled' && before?.status !== 'scheduled') {
+    db.logAudit(updated.id, username, 'schedule');
+  } else {
+    db.logAudit(updated.id, username, 'update');
+  }
   db.close();
   if (body.status === 'published' && before?.status !== 'published') {
@@ -100,16 +112,51 @@ entryRoutes.put('/:collectionId/entries/:slug', async (c) => {
   return c.json(updated);
 });
-// DELETE /api/collections/:id/entries/:slug
+// DELETE /api/collections/:id/entries/:slug → soft delete (trash)
 entryRoutes.delete('/:collectionId/entries/:slug', (c) => {
+  const { collectionId, slug } = c.req.param();
+  const db    = openPod(c.get('podPath'));
+  const entry = db.getEntry(collectionId, slug);
+  if (!entry) { db.close(); return c.json({ error: 'Not found' }, 404); }
+  db.deleteEntry(collectionId, slug);
+  db.logAudit(entry.id, c.get('user')?.username ?? 'unknown', 'delete');
+  db.close();
+  return c.json({ ok: true });
+});
+// POST /api/collections/:id/entries/:slug/restore — move from trash back to draft
+entryRoutes.post('/:collectionId/entries/:slug/restore', (c) => {
+  const { collectionId, slug } = c.req.param();
+  const db    = openPod(c.get('podPath'));
+  const row   = db.db.prepare('SELECT * FROM _entries WHERE collection_id = ? AND slug = ? AND deleted_at IS NOT NULL').get(collectionId, slug);
+  const ok    = db.restoreEntry(collectionId, slug);
+  if (row) db.logAudit(row.id, c.get('user')?.username ?? 'unknown', 'restore');
+  db.close();
+  if (!ok) return c.json({ error: 'Not found in trash' }, 404);
+  return c.json({ ok: true });
+});
+// DELETE /api/collections/:id/entries/:slug/permanent — hard delete from trash
+entryRoutes.delete('/:collectionId/entries/:slug/permanent', (c) => {
   const { collectionId, slug } = c.req.param();
   const db = openPod(c.get('podPath'));
-  const ok = db.deleteEntry(collectionId, slug);
+  const ok = db.permanentDeleteEntry(collectionId, slug);
   db.close();
   if (!ok) return c.json({ error: 'Not found' }, 404);
   return c.json({ ok: true });
 });
+// GET /api/collections/:id/entries/:slug/activity
+entryRoutes.get('/:collectionId/entries/:slug/activity', (c) => {
+  const { collectionId, slug } = c.req.param();
+  const db    = openPod(c.get('podPath'));
+  const entry = db.db.prepare('SELECT * FROM _entries WHERE collection_id = ? AND slug = ?').get(collectionId, slug);
+  if (!entry) { db.close(); return c.json({ error: 'Not found' }, 404); }
+  const log = db.getAuditLog(entry.id);
+  db.close();
+  return c.json(log);
+});
 // GET /api/collections/:id/entries/:slug/versions
 entryRoutes.get('/:collectionId/entries/:slug/versions', (c) => {
   const { collectionId, slug } = c.req.param();
@@ -141,12 +188,16 @@ entryRoutes.post('/:collectionId/entries/:slug/duplicate', (c) => {
 // PATCH /api/collections/:id/entries/:slug/status
 entryRoutes.patch('/:collectionId/entries/:slug/status', async (c) => {
   const { collectionId, slug } = c.req.param();
-  const { status } = await c.req.json();
-  if (!['draft', 'published'].includes(status)) return c.json({ error: 'Invalid status' }, 400);
+  const { status, publish_at } = await c.req.json();
+  if (!['draft', 'published', 'scheduled'].includes(status)) return c.json({ error: 'Invalid status' }, 400);
+  if (status === 'scheduled' && !publish_at) return c.json({ error: 'publish_at required for scheduled status' }, 400);
   const db    = openPod(c.get('podPath'));
   const entry = db.getEntry(collectionId, slug);
   if (!entry) { db.close(); return c.json({ error: 'Not found' }, 404); }
-  db.updateEntry(collectionId, slug, { slug, data: entry.data, status });
+  const pa = status === 'scheduled' ? publish_at : null;
+  db.updateEntry(collectionId, slug, { slug, data: entry.data, status, publish_at: pa });
+  const username = c.get('user')?.username ?? 'unknown';
+  if (status === 'scheduled') db.logAudit(entry.id, username, 'schedule');
   db.close();
   if (status === 'published') fireWebhook(c.get('podPath'));
   return c.json({ ok: true });

package/src/routes/meta.js CHANGED Viewed

@@ -10,7 +10,7 @@ const ALLOWED_KEYS = [
   'media.backend', 'media.local_path',
   'media.github_token', 'media.github_repo', 'media.github_branch', 'media.github_dir',
   'media.s3_bucket', 'media.s3_region', 'media.s3_endpoint', 'media.s3_access_key', 'media.s3_secret_key', 'media.s3_public_url',
-  'api.enabled', 'api.token',
+  'api.enabled', 'api.token', 'preview.token',
   'dashboard.notes', 'dashboard.todos',
   'ui.theme',
   'format_version',

package/src/server.js CHANGED Viewed

@@ -93,3 +93,24 @@ serve({ fetch: createApp(POD_PATH).fetch, port: PORT }, () => {
   console.log(`Orbiter Admin API  →  http://localhost:${PORT}`);
   console.log(`Pod: ${POD_PATH}`);
 });
+// Scheduled publishing — check every 60 s
+setInterval(() => {
+  try {
+    const db  = openPod(POD_PATH);
+    const due = db.getScheduledDue();
+    if (!due.length) { db.close(); return; }
+    const now = new Date().toISOString().replace('T', ' ').replace(/\.\d{3}Z$/, '');
+    for (const entry of due) {
+      db.db.prepare("UPDATE _entries SET status = 'published', publish_at = NULL, updated_at = ? WHERE id = ?").run(now, entry.id);
+      db.logAudit(entry.id, 'scheduler', 'publish');
+    }
+    const webhookUrl = db.getMeta('build.webhook_url') ?? '';
+    if (webhookUrl) db.setMeta('build.last_triggered', new Date().toISOString());
+    db.close();
+    console.log(`[scheduler] Published ${due.length} scheduled entr${due.length === 1 ? 'y' : 'ies'}`);
+    if (webhookUrl) fetch(webhookUrl, { method: 'POST' }).catch(() => {});
+  } catch (e) {
+    console.warn('[scheduler]', e.message);
+  }
+}, 60_000);