npm - @actual-app/sync-server - Versions diffs - 25.4.0-alpha.0 - Mend

@actual-app/sync-server 25.4.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

package/.dockerignore +12 -0
package/README.md +19 -0
package/app.js +11 -0
package/babel.config.json +3 -0
package/bin/@actual-app/sync-server +55 -0
package/docker/alpine.Dockerfile +62 -0
package/docker/ubuntu.Dockerfile +63 -0
package/docker-compose.yml +29 -0
package/jest.config.json +19 -0
package/jest.global-setup.js +101 -0
package/jest.global-teardown.js +6 -0
package/migrations/1694360000000-create-folders.js +25 -0
package/migrations/1694360479680-create-account-db.js +30 -0
package/migrations/1694362247011-create-secret-table.js +16 -0
package/migrations/1702667624000-rename-nordigen-secrets.js +19 -0
package/migrations/1718889148000-openid.js +41 -0
package/migrations/1719409568000-multiuser.js +116 -0
package/package.json +64 -0
package/src/account-db.js +239 -0
package/src/accounts/openid.js +361 -0
package/src/accounts/password.js +149 -0
package/src/app-account.js +155 -0
package/src/app-admin.js +410 -0
package/src/app-admin.test.js +381 -0
package/src/app-gocardless/README.md +198 -0
package/src/app-gocardless/app-gocardless.js +274 -0
package/src/app-gocardless/bank-factory.js +91 -0
package/src/app-gocardless/banks/abanca_caglesmm.js +22 -0
package/src/app-gocardless/banks/abnamro_abnanl2a.js +57 -0
package/src/app-gocardless/banks/american_express_aesudef1.js +40 -0
package/src/app-gocardless/banks/bancsabadell_bsabesbbb.js +31 -0
package/src/app-gocardless/banks/bank.interface.ts +51 -0
package/src/app-gocardless/banks/bank_of_ireland_b365_bofiie2d.js +39 -0
package/src/app-gocardless/banks/bankinter_bkbkesmm.js +24 -0
package/src/app-gocardless/banks/belfius_gkccbebb.js +17 -0
package/src/app-gocardless/banks/berliner_sparkasse_beladebexxx.js +61 -0
package/src/app-gocardless/banks/bnp_be_gebabebb.js +73 -0
package/src/app-gocardless/banks/cbc_cregbebb.js +34 -0
package/src/app-gocardless/banks/commerzbank_cobadeff.js +51 -0
package/src/app-gocardless/banks/danskebank_dabno22.js +39 -0
package/src/app-gocardless/banks/direkt_heladef1822.js +18 -0
package/src/app-gocardless/banks/easybank_bawaatww.js +50 -0
package/src/app-gocardless/banks/entercard_swednokk.js +40 -0
package/src/app-gocardless/banks/fortuneo_ftnofrp1xxx.js +46 -0
package/src/app-gocardless/banks/hype_hyeeit22.js +74 -0
package/src/app-gocardless/banks/ing_ingbrobu.js +70 -0
package/src/app-gocardless/banks/ing_ingddeff.js +47 -0
package/src/app-gocardless/banks/ing_pl_ingbplpw.js +46 -0
package/src/app-gocardless/banks/integration-bank.js +115 -0
package/src/app-gocardless/banks/isybank_itbbitmm.js +18 -0
package/src/app-gocardless/banks/kbc_kredbebb.js +33 -0
package/src/app-gocardless/banks/lhv-lhvbee22.js +36 -0
package/src/app-gocardless/banks/mbank_retail_brexplpw.js +56 -0
package/src/app-gocardless/banks/nationwide_naiagb21.js +46 -0
package/src/app-gocardless/banks/nbg_ethngraaxxx.js +51 -0
package/src/app-gocardless/banks/norwegian_xx_norwnok1.js +74 -0
package/src/app-gocardless/banks/revolut_revolt21.js +37 -0
package/src/app-gocardless/banks/sandboxfinance_sfin0000.js +28 -0
package/src/app-gocardless/banks/seb_kort_bank_ab.js +58 -0
package/src/app-gocardless/banks/seb_privat.js +29 -0
package/src/app-gocardless/banks/sparnord_spnodk22.js +24 -0
package/src/app-gocardless/banks/spk_karlsruhe_karsde66.js +61 -0
package/src/app-gocardless/banks/spk_marburg_biedenkopf_heladef1mar.js +30 -0
package/src/app-gocardless/banks/spk_worms_alzey_ried_malade51wor.js +19 -0
package/src/app-gocardless/banks/ssk_dusseldorf_dussdeddxxx.js +50 -0
package/src/app-gocardless/banks/swedbank_habalv22.js +47 -0
package/src/app-gocardless/banks/tests/abanca_caglesmm.spec.js +21 -0
package/src/app-gocardless/banks/tests/abnamro_abnanl2a.spec.js +61 -0
package/src/app-gocardless/banks/tests/bancsabadell_bsabesbbb.spec.js +53 -0
package/src/app-gocardless/banks/tests/belfius_gkccbebb.spec.js +22 -0
package/src/app-gocardless/banks/tests/cbc_cregbebb.spec.js +34 -0
package/src/app-gocardless/banks/tests/commerzbank_cobadeff.spec.js +110 -0
package/src/app-gocardless/banks/tests/easybank_bawaatww.spec.js +54 -0
package/src/app-gocardless/banks/tests/fortuneo_ftnofrp1xxx.spec.js +206 -0
package/src/app-gocardless/banks/tests/ing_ingddeff.spec.js +302 -0
package/src/app-gocardless/banks/tests/ing_pl_ingbplpw.spec.js +202 -0
package/src/app-gocardless/banks/tests/integration_bank.spec.js +158 -0
package/src/app-gocardless/banks/tests/kbc_kredbebb.spec.js +38 -0
package/src/app-gocardless/banks/tests/lhv-lhvbee22.spec.js +68 -0
package/src/app-gocardless/banks/tests/mbank_retail_brexplpw.spec.js +171 -0
package/src/app-gocardless/banks/tests/nationwide_naiagb21.spec.js +105 -0
package/src/app-gocardless/banks/tests/nbg_ethngraaxxx.spec.js +48 -0
package/src/app-gocardless/banks/tests/revolut_revolt21.spec.js +42 -0
package/src/app-gocardless/banks/tests/sandboxfinance_sfin0000.spec.js +133 -0
package/src/app-gocardless/banks/tests/spk_marburg_biedenkopf_heladef1mar.spec.js +256 -0
package/src/app-gocardless/banks/tests/ssk_dusseldorf_dussdeddxxx.spec.js +102 -0
package/src/app-gocardless/banks/tests/swedbank_habalv22.spec.js +57 -0
package/src/app-gocardless/banks/tests/virgin_nrnbgb22.spec.js +54 -0
package/src/app-gocardless/banks/util/extract-payeeName-from-remittanceInfo.js +36 -0
package/src/app-gocardless/banks/virgin_nrnbgb22.js +39 -0
package/src/app-gocardless/errors.js +84 -0
package/src/app-gocardless/gocardless-node.types.ts +497 -0
package/src/app-gocardless/gocardless.types.ts +93 -0
package/src/app-gocardless/link.html +18 -0
package/src/app-gocardless/services/gocardless-service.js +620 -0
package/src/app-gocardless/services/tests/fixtures.js +181 -0
package/src/app-gocardless/services/tests/gocardless-service.spec.js +537 -0
package/src/app-gocardless/tests/bank-factory.spec.js +20 -0
package/src/app-gocardless/tests/utils.spec.js +162 -0
package/src/app-gocardless/util/handle-error.js +16 -0
package/src/app-gocardless/utils.js +45 -0
package/src/app-openid.js +108 -0
package/src/app-pluggyai/app-pluggyai.js +215 -0
package/src/app-pluggyai/pluggyai-service.js +120 -0
package/src/app-secrets.js +61 -0
package/src/app-simplefin/app-simplefin.js +418 -0
package/src/app-sync/errors.js +13 -0
package/src/app-sync/services/files-service.js +243 -0
package/src/app-sync/tests/services/files-service.test.js +250 -0
package/src/app-sync/validation.js +77 -0
package/src/app-sync.js +391 -0
package/src/app-sync.test.js +877 -0
package/src/app.js +145 -0
package/src/config-types.ts +44 -0
package/src/db.js +58 -0
package/src/load-config.js +307 -0
package/src/migrations.js +36 -0
package/src/run-migrations.js +8 -0
package/src/scripts/disable-openid.js +44 -0
package/src/scripts/enable-openid.js +53 -0
package/src/scripts/health-check.js +23 -0
package/src/scripts/reset-password.js +51 -0
package/src/secrets.test.js +83 -0
package/src/services/secrets-service.js +94 -0
package/src/services/user-service.js +272 -0
package/src/sql/messages.sql +9 -0
package/src/sync-simple.js +95 -0
package/src/util/hash.js +5 -0
package/src/util/middlewares.js +62 -0
package/src/util/paths.js +13 -0
package/src/util/payee-name.js +45 -0
package/src/util/prompt.js +88 -0
package/src/util/title/index.js +59 -0
package/src/util/title/lower-case.js +93 -0
package/src/util/title/specials.js +21 -0
package/src/util/validate-user.js +68 -0
package/tsconfig.json +21 -0

package/src/scripts/health-check.js ADDED Viewed

@@ -0,0 +1,23 @@
+import fetch from 'node-fetch';
+import { config } from '../load-config.js';
+const protocol =
+  config.get('https.key') && config.get('https.cert') ? 'https' : 'http';
+const hostname =
+  config.get('hostname') === '::' ? 'localhost' : config.get('hostname');
+fetch(`${protocol}://${hostname}:${config.get('port')}/health`)
+  .then(res => res.json())
+  .then(res => {
+    if (res.status !== 'UP') {
+      throw new Error(
+        'Health check failed: Server responded to health check with status ' +
+          res.status,
+      );
+    }
+  })
+  .catch(err => {
+    console.log('Health check failed:', err);
+    process.exit(1);
+  });

package/src/scripts/reset-password.js ADDED Viewed

@@ -0,0 +1,51 @@
+import { bootstrap, needsBootstrap } from '../account-db.js';
+import { changePassword } from '../accounts/password.js';
+import { promptPassword } from '../util/prompt.js';
+if (needsBootstrap()) {
+  console.log(
+    'It looks like you don’t have a password set yet. Let’s set one up now!',
+  );
+  try {
+    const password = await promptPassword();
+    const { error } = await bootstrap({ password });
+    if (error) {
+      console.log('Error setting password:', error);
+      console.log(
+        'Please report this as an issue: https://github.com/actualbudget/actual-server/issues',
+      );
+      process.exit(1);
+    }
+    console.log('Password set!');
+  } catch (err) {
+    console.log('Unexpected error:', err);
+    console.log(
+      'Please report this as an issue: https://github.com/actualbudget/actual-server/issues',
+    );
+    process.exit(1);
+  }
+} else {
+  console.log('It looks like you already have a password set. Let’s reset it!');
+  try {
+    const password = await promptPassword();
+    const { error } = await changePassword(password);
+    if (error) {
+      console.log('Error changing password:', error);
+      console.log(
+        'Please report this as an issue: https://github.com/actualbudget/actual-server/issues',
+      );
+      process.exit(1);
+    }
+    console.log('Password changed!');
+    console.log(
+      'Note: you will need to log in with the new password on any browsers or devices that are currently logged in.',
+    );
+  } catch (err) {
+    console.log('Unexpected error:', err);
+    console.log(
+      'Please report this as an issue: https://github.com/actualbudget/actual-server/issues',
+    );
+    process.exit(1);
+  }
+}

package/src/secrets.test.js ADDED Viewed

@@ -0,0 +1,83 @@
+import request from 'supertest';
+import { handlers as app } from './app-secrets.js';
+import { secretsService } from './services/secrets-service.js';
+describe('secretsService', () => {
+  const testSecretName = 'testSecret';
+  const testSecretValue = 'testValue';
+  it('should set a secret', () => {
+    const result = secretsService.set(testSecretName, testSecretValue);
+    expect(result).toBeDefined();
+    expect(result.changes).toBe(1);
+  });
+  it('should get a secret', () => {
+    const result = secretsService.get(testSecretName);
+    expect(result).toBeDefined();
+    expect(result).toBe(testSecretValue);
+  });
+  it('should check if a secret exists', () => {
+    const exists = secretsService.exists(testSecretName);
+    expect(exists).toBe(true);
+    const nonExistent = secretsService.exists('nonExistentSecret');
+    expect(nonExistent).toBe(false);
+  });
+  it('should update a secret', () => {
+    const newValue = 'newValue';
+    const setResult = secretsService.set(testSecretName, newValue);
+    expect(setResult).toBeDefined();
+    expect(setResult.changes).toBe(1);
+    const getResult = secretsService.get(testSecretName);
+    expect(getResult).toBeDefined();
+    expect(getResult).toBe(newValue);
+  });
+  describe('secrets api', () => {
+    it('returns 401 if the user is not authenticated', async () => {
+      secretsService.set(testSecretName, testSecretValue);
+      const res = await request(app).get(`/${testSecretName}`);
+      expect(res.statusCode).toEqual(401);
+      expect(res.body).toEqual({
+        details: 'token-not-found',
+        reason: 'unauthorized',
+        status: 'error',
+      });
+    });
+    it('returns 404 if secret does not exist', async () => {
+      const res = await request(app)
+        .get(`/thiskeydoesnotexist`)
+        .set('x-actual-token', 'valid-token');
+      expect(res.statusCode).toEqual(404);
+    });
+    it('returns 204 if secret exists', async () => {
+      secretsService.set(testSecretName, testSecretValue);
+      const res = await request(app)
+        .get(`/${testSecretName}`)
+        .set('x-actual-token', 'valid-token');
+      expect(res.statusCode).toEqual(204);
+    });
+    it('returns 200 if secret was set', async () => {
+      secretsService.set(testSecretName, testSecretValue);
+      const res = await request(app)
+        .post(`/`)
+        .set('x-actual-token', 'valid-token')
+        .send({ name: testSecretName, value: testSecretValue });
+      expect(res.statusCode).toEqual(200);
+      expect(res.body).toEqual({
+        status: 'ok',
+      });
+    });
+  });
+});

package/src/services/secrets-service.js ADDED Viewed

@@ -0,0 +1,94 @@
+import createDebug from 'debug';
+import { getAccountDb } from '../account-db.js';
+/**
+ * An enum of valid secret names.
+ * @readonly
+ * @enum {string}
+ */
+export const SecretName = {
+  gocardless_secretId: 'gocardless_secretId',
+  gocardless_secretKey: 'gocardless_secretKey',
+  simplefin_token: 'simplefin_token',
+  simplefin_accessKey: 'simplefin_accessKey',
+  pluggyai_clientId: 'pluggyai_clientId',
+  pluggyai_clientSecret: 'pluggyai_clientSecret',
+  pluggyai_itemIds: 'pluggyai_itemIds',
+};
+class SecretsDb {
+  constructor() {
+    this.debug = createDebug('actual:secrets-db');
+    this.db = null;
+  }
+  open() {
+    return getAccountDb();
+  }
+  set(name, value) {
+    if (!this.db) {
+      this.db = this.open();
+    }
+    this.debug(`setting secret '${name}' to '${value}'`);
+    const result = this.db.mutate(
+      `INSERT OR REPLACE INTO secrets (name, value) VALUES (?,?)`,
+      [name, value],
+    );
+    return result;
+  }
+  get(name) {
+    if (!this.db) {
+      this.db = this.open();
+    }
+    this.debug(`getting secret '${name}'`);
+    const result = this.db.first(`SELECT value FROM secrets WHERE name =?`, [
+      name,
+    ]);
+    return result;
+  }
+}
+const secretsDb = new SecretsDb();
+const _cachedSecrets = new Map();
+/**
+ * A service for managing secrets stored in `secretsDb`.
+ */
+export const secretsService = {
+  /**
+   * Retrieves the value of a secret by name.
+   * @param {SecretName} name - The name of the secret to retrieve.
+   * @returns {string|null} The value of the secret, or null if the secret does not exist.
+   */
+  get: name => {
+    return _cachedSecrets.get(name) ?? secretsDb.get(name)?.value ?? null;
+  },
+  /**
+   * Sets the value of a secret by name.
+   * @param {SecretName} name - The name of the secret to set.
+   * @param {string} value - The value to set for the secret.
+   * @returns {Object}
+   */
+  set: (name, value) => {
+    const result = secretsDb.set(name, value);
+    if (result.changes === 1) {
+      _cachedSecrets.set(name, value);
+    }
+    return result;
+  },
+  /**
+   * Determines whether a secret with the given name exists.
+   * @param {SecretName} name - The name of the secret to check for existence.
+   * @returns {boolean} True if a secret with the given name exists, false otherwise.
+   */
+  exists: name => {
+    return Boolean(secretsService.get(name));
+  },
+};

package/src/services/user-service.js ADDED Viewed

@@ -0,0 +1,272 @@
+import { getAccountDb } from '../account-db.js';
+export function getUserByUsername(userName) {
+  if (!userName || typeof userName !== 'string') {
+    return null;
+  }
+  const { id } =
+    getAccountDb().first('SELECT id FROM users WHERE user_name = ?', [
+      userName,
+    ]) || {};
+  return id || null;
+}
+export function getUserById(userId) {
+  if (!userId) {
+    return null;
+  }
+  const { id } =
+    getAccountDb().first('SELECT * FROM users WHERE id = ?', [userId]) || {};
+  return id || null;
+}
+export function getFileById(fileId) {
+  if (!fileId) {
+    return null;
+  }
+  const { id } =
+    getAccountDb().first('SELECT * FROM files WHERE files.id = ?', [fileId]) ||
+    {};
+  return id || null;
+}
+export function validateRole(roleId) {
+  const possibleRoles = ['BASIC', 'ADMIN'];
+  return possibleRoles.some(a => a === roleId);
+}
+export function getOwnerCount() {
+  const { ownerCount } = getAccountDb().first(
+    `SELECT count(*) as ownerCount FROM users WHERE users.user_name <> '' and users.owner = 1`,
+  ) || { ownerCount: 0 };
+  return ownerCount;
+}
+export function getOwnerId() {
+  const { id } =
+    getAccountDb().first(
+      `SELECT users.id FROM users WHERE users.user_name <> '' and users.owner = 1`,
+    ) || {};
+  return id;
+}
+export function getFileOwnerId(fileId) {
+  const { owner } =
+    getAccountDb().first(`SELECT files.owner FROM files WHERE files.id = ?`, [
+      fileId,
+    ]) || {};
+  return owner;
+}
+export function getAllUsers() {
+  return getAccountDb().all(
+    `SELECT users.id, user_name as userName, display_name as displayName, enabled, ifnull(owner,0) as owner, role
+     FROM users
+     WHERE users.user_name <> ''`,
+  );
+}
+export function insertUser(userId, userName, displayName, enabled, role) {
+  getAccountDb().mutate(
+    'INSERT INTO users (id, user_name, display_name, enabled, owner, role) VALUES (?, ?, ?, ?, 0, ?)',
+    [userId, userName, displayName, enabled, role],
+  );
+}
+export function updateUser(userId, userName, displayName, enabled) {
+  if (!userId || !userName) {
+    throw new Error('Invalid user parameters');
+  }
+  try {
+    getAccountDb().mutate(
+      'UPDATE users SET user_name = ?, display_name = ?, enabled = ? WHERE id = ?',
+      [userName, displayName, enabled, userId],
+    );
+  } catch (error) {
+    throw new Error(`Failed to update user: ${error.message}`);
+  }
+}
+export function updateUserWithRole(
+  userId,
+  userName,
+  displayName,
+  enabled,
+  roleId,
+) {
+  getAccountDb().transaction(() => {
+    getAccountDb().mutate(
+      'UPDATE users SET user_name = ?, display_name = ?, enabled = ?, role = ? WHERE id = ?',
+      [userName, displayName, enabled, roleId, userId],
+    );
+  });
+}
+export function deleteUser(userId) {
+  return getAccountDb().mutate('DELETE FROM users WHERE id = ? and owner = 0', [
+    userId,
+  ]).changes;
+}
+export function deleteUserAccess(userId) {
+  try {
+    return getAccountDb().mutate('DELETE FROM user_access WHERE user_id = ?', [
+      userId,
+    ]).changes;
+  } catch (error) {
+    throw new Error(`Failed to delete user access: ${error.message}`);
+  }
+}
+export function transferAllFilesFromUser(ownerId, oldUserId) {
+  if (!ownerId || !oldUserId) {
+    throw new Error('Invalid user IDs');
+  }
+  try {
+    getAccountDb().transaction(() => {
+      const ownerExists = getUserById(ownerId);
+      if (!ownerExists) {
+        throw new Error('New owner not found');
+      }
+      getAccountDb().mutate('UPDATE files set owner = ? WHERE owner = ?', [
+        ownerId,
+        oldUserId,
+      ]);
+    });
+  } catch (error) {
+    throw new Error(`Failed to transfer files: ${error.message}`);
+  }
+}
+export function updateFileOwner(ownerId, fileId) {
+  if (!ownerId || !fileId) {
+    throw new Error('Invalid parameters');
+  }
+  try {
+    const result = getAccountDb().mutate(
+      'UPDATE files set owner = ? WHERE id = ?',
+      [ownerId, fileId],
+    );
+    if (result.changes === 0) {
+      throw new Error('File not found');
+    }
+  } catch (error) {
+    throw new Error(`Failed to update file owner: ${error.message}`);
+  }
+}
+export function getUserAccess(fileId, userId, isAdmin) {
+  return getAccountDb().all(
+    `SELECT users.id as userId, user_name as userName, files.owner, display_name as displayName
+     FROM users
+     JOIN user_access ON user_access.user_id = users.id
+     JOIN files ON files.id = user_access.file_id
+     WHERE files.id = ? and (files.owner = ? OR 1 = ?)`,
+    [fileId, userId, isAdmin ? 1 : 0],
+  );
+}
+export function countUserAccess(fileId, userId) {
+  const { accessCount } =
+    getAccountDb().first(
+      `SELECT COUNT(*) as accessCount
+       FROM files
+       WHERE files.id = ? AND (files.owner = ? OR EXISTS (
+         SELECT 1 FROM user_access
+         WHERE user_access.user_id = ? AND user_access.file_id = ?)
+       )`,
+      [fileId, userId, userId, fileId],
+    ) || {};
+  return accessCount || 0;
+}
+export function checkFilePermission(fileId, userId) {
+  return (
+    getAccountDb().first(
+      `SELECT 1 as granted
+       FROM files
+       WHERE files.id = ? and (files.owner = ?)`,
+      [fileId, userId],
+    ) || { granted: 0 }
+  );
+}
+export function addUserAccess(userId, fileId) {
+  if (!userId || !fileId) {
+    throw new Error('Invalid parameters');
+  }
+  try {
+    const userExists = getUserById(userId);
+    const fileExists = getFileById(fileId);
+    if (!userExists || !fileExists) {
+      throw new Error('User or file not found');
+    }
+    getAccountDb().mutate(
+      'INSERT INTO user_access (user_id, file_id) VALUES (?, ?)',
+      [userId, fileId],
+    );
+  } catch (error) {
+    if (error.message.includes('UNIQUE constraint')) {
+      throw new Error('Access already exists');
+    }
+    throw new Error(`Failed to add user access: ${error.message}`);
+  }
+}
+export function deleteUserAccessByFileId(userIds, fileId) {
+  if (!Array.isArray(userIds) || userIds.length === 0) {
+    throw new Error('The provided userIds must be a non-empty array.');
+  }
+  const CHUNK_SIZE = 999;
+  let totalChanges = 0;
+  try {
+    getAccountDb().transaction(() => {
+      for (let i = 0; i < userIds.length; i += CHUNK_SIZE) {
+        const chunk = userIds.slice(i, i + CHUNK_SIZE);
+        const placeholders = chunk.map(() => '?').join(',');
+        const sql = `DELETE FROM user_access WHERE user_id IN (${placeholders}) AND file_id = ?`;
+        const result = getAccountDb().mutate(sql, [...chunk, fileId]);
+        totalChanges += result.changes;
+      }
+    });
+  } catch (error) {
+    throw new Error(`Failed to delete user access: ${error.message}`);
+  }
+  return totalChanges;
+}
+export function getAllUserAccess(fileId) {
+  //This can't be used here until we can create user invite links:
+  //const isLoginMode = config.get('userCreationMode') === 'login';
+  const isLoginMode = false;
+  const joinType = isLoginMode ? 'JOIN' : 'LEFT JOIN';
+  return getAccountDb().all(
+    `
+      SELECT
+        users.id as userId,
+        user_name     as userName,
+        display_name  as displayName,
+        CASE WHEN user_access.file_id IS NULL THEN 0 ELSE 1 END as haveAccess,
+        CASE WHEN files.id IS NULL THEN 0 ELSE 1 END as owner
+      FROM users
+      ${joinType} user_access ON user_access.file_id = ? AND user_access.user_id = users.id
+      ${joinType} files       ON files.id = ? AND files.owner = users.id
+      WHERE users.enabled = 1
+        AND users.user_name <> ''
+    `,
+    [fileId, fileId],
+  );
+}
+export function getOpenIDConfig() {
+  return (
+    getAccountDb().first(`SELECT * FROM auth WHERE method = ?`, ['openid']) ||
+    null
+  );
+}

package/src/sql/messages.sql ADDED Viewed

@@ -0,0 +1,9 @@
+CREATE TABLE messages_binary
+  (timestamp TEXT PRIMARY KEY,
+   is_encrypted BOOLEAN,
+   content bytea);
+CREATE TABLE messages_merkles
+  (id INTEGER PRIMARY KEY,
+   merkle TEXT);

package/src/sync-simple.js ADDED Viewed

@@ -0,0 +1,95 @@
+import { existsSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { merkle, SyncProtoBuf, Timestamp } from '@actual-app/crdt';
+import { openDatabase } from './db.js';
+import { sqlDir } from './load-config.js';
+import { getPathForGroupFile } from './util/paths.js';
+function getGroupDb(groupId) {
+  const path = getPathForGroupFile(groupId);
+  const needsInit = !existsSync(path);
+  const db = openDatabase(path);
+  if (needsInit) {
+    const sql = readFileSync(join(sqlDir, 'messages.sql'), 'utf8');
+    db.exec(sql);
+  }
+  return db;
+}
+function addMessages(db, messages) {
+  let returnValue;
+  db.transaction(() => {
+    let trie = getMerkle(db);
+    if (messages.length > 0) {
+      for (const msg of messages) {
+        const info = db.mutate(
+          `INSERT OR IGNORE INTO messages_binary (timestamp, is_encrypted, content)
+             VALUES (?, ?, ?)`,
+          [
+            msg.getTimestamp(),
+            msg.getIsencrypted() ? 1 : 0,
+            Buffer.from(msg.getContent()),
+          ],
+        );
+        if (info.changes > 0) {
+          trie = merkle.insert(trie, Timestamp.parse(msg.getTimestamp()));
+        }
+      }
+    }
+    trie = merkle.prune(trie);
+    db.mutate(
+      'INSERT INTO messages_merkles (id, merkle) VALUES (1, ?) ON CONFLICT (id) DO UPDATE SET merkle = ?',
+      [JSON.stringify(trie), JSON.stringify(trie)],
+    );
+    returnValue = trie;
+  });
+  return returnValue;
+}
+function getMerkle(db) {
+  const rows = db.all('SELECT * FROM messages_merkles');
+  if (rows.length > 0) {
+    return JSON.parse(rows[0].merkle);
+  } else {
+    // No merkle trie exists yet (first sync of the app), so create a
+    // default one.
+    return {};
+  }
+}
+export function sync(messages, since, groupId) {
+  const db = getGroupDb(groupId);
+  const newMessages = db.all(
+    `SELECT * FROM messages_binary
+         WHERE timestamp > ?
+         ORDER BY timestamp`,
+    [since],
+  );
+  const trie = addMessages(db, messages);
+  db.close();
+  return {
+    trie,
+    newMessages: newMessages.map(msg => {
+      const envelopePb = new SyncProtoBuf.MessageEnvelope();
+      envelopePb.setTimestamp(msg.timestamp);
+      envelopePb.setIsencrypted(msg.is_encrypted);
+      envelopePb.setContent(msg.content);
+      return envelopePb;
+    }),
+  };
+}

package/src/util/hash.js ADDED Viewed

@@ -0,0 +1,5 @@
+import crypto from 'crypto';
+export async function sha256String(str) {
+  return crypto.createHash('sha256').update(str).digest('base64');
+}

package/src/util/middlewares.js ADDED Viewed

@@ -0,0 +1,62 @@
+import * as expressWinston from 'express-winston';
+import * as winston from 'winston';
+import { validateSession } from './validate-user.js';
+/**
+ * @param {Error} err
+ * @param {import('express').Request} req
+ * @param {import('express').Response} res
+ * @param {import('express').NextFunction} next
+ */
+async function errorMiddleware(err, req, res, next) {
+  if (res.headersSent) {
+    // If you call next() with an error after you have started writing the response
+    // (for example, if you encounter an error while streaming the response
+    // to the client), the Express default error handler closes
+    // the connection and fails the request.
+    // So when you add a custom error handler, you must delegate
+    // to the default Express error handler, when the headers
+    // have already been sent to the client
+    // Source: https://expressjs.com/en/guide/error-handling.html
+    return next(err);
+  }
+  console.log(`Error on endpoint %s`, {
+    requestUrl: req.url,
+    stacktrace: err.stack,
+  });
+  res.status(500).send({ status: 'error', reason: 'internal-error' });
+}
+/**
+ * @param {import('express').Request} req
+ * @param {import('express').Response} res
+ * @param {import('express').NextFunction} next
+ */
+const validateSessionMiddleware = async (req, res, next) => {
+  const session = await validateSession(req, res);
+  if (!session) {
+    return;
+  }
+  res.locals = session;
+  next();
+};
+const requestLoggerMiddleware = expressWinston.logger({
+  transports: [new winston.transports.Console()],
+  format: winston.format.combine(
+    winston.format.colorize(),
+    winston.format.timestamp(),
+    winston.format.printf(args => {
+      const { timestamp, level, meta } = args;
+      const { res, req } = meta;
+      return `${timestamp} ${level}: ${req.method} ${res.statusCode} ${req.url}`;
+    }),
+  ),
+});
+export { validateSessionMiddleware, errorMiddleware, requestLoggerMiddleware };