npm - @cyberismo/backend - Versions diffs - 0.0.21 → 0.0.22 - Mend

@cyberismo/backend 0.0.21 → 0.0.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (126) hide show

package/dist/app.d.ts +5 -2
package/dist/app.js +22 -9
package/dist/app.js.map +1 -1
package/dist/auth/index.d.ts +16 -0
package/dist/auth/index.js +15 -0
package/dist/auth/index.js.map +1 -0
package/dist/auth/keycloak.d.ts +27 -0
package/dist/auth/keycloak.js +81 -0
package/dist/auth/keycloak.js.map +1 -0
package/dist/auth/mock.d.ts +23 -0
package/dist/auth/mock.js +28 -0
package/dist/auth/mock.js.map +1 -0
package/dist/auth/types.d.ts +16 -0
package/dist/auth/types.js +14 -0
package/dist/auth/types.js.map +1 -0
package/dist/domain/auth/index.d.ts +14 -0
package/dist/domain/auth/index.js +30 -0
package/dist/domain/auth/index.js.map +1 -0
package/dist/domain/calculations/index.js +3 -1
package/dist/domain/calculations/index.js.map +1 -1
package/dist/domain/calculations/service.js +13 -11
package/dist/domain/calculations/service.js.map +1 -1
package/dist/domain/cardTypes/index.js +5 -3
package/dist/domain/cardTypes/index.js.map +1 -1
package/dist/domain/cardTypes/service.js +24 -72
package/dist/domain/cardTypes/service.js.map +1 -1
package/dist/domain/cards/index.js +19 -15
package/dist/domain/cards/index.js.map +1 -1
package/dist/domain/cards/lib.js +95 -93
package/dist/domain/cards/lib.js.map +1 -1
package/dist/domain/cards/service.d.ts +2 -1
package/dist/domain/cards/service.js +60 -87
package/dist/domain/cards/service.js.map +1 -1
package/dist/domain/fieldTypes/index.js +4 -2
package/dist/domain/fieldTypes/index.js.map +1 -1
package/dist/domain/graphModels/index.js +3 -1
package/dist/domain/graphModels/index.js.map +1 -1
package/dist/domain/graphViews/index.js +3 -1
package/dist/domain/graphViews/index.js.map +1 -1
package/dist/domain/labels/index.js +4 -2
package/dist/domain/labels/index.js.map +1 -1
package/dist/domain/labels/service.d.ts +1 -1
package/dist/domain/labels/service.js +2 -2
package/dist/domain/labels/service.js.map +1 -1
package/dist/domain/linkTypes/index.js +4 -2
package/dist/domain/linkTypes/index.js.map +1 -1
package/dist/domain/logicPrograms/index.js +3 -1
package/dist/domain/logicPrograms/index.js.map +1 -1
package/dist/domain/mcp/index.d.ts +15 -0
package/dist/domain/mcp/index.js +127 -0
package/dist/domain/mcp/index.js.map +1 -0
package/dist/domain/project/index.js +7 -5
package/dist/domain/project/index.js.map +1 -1
package/dist/domain/project/service.js +18 -14
package/dist/domain/project/service.js.map +1 -1
package/dist/domain/reports/index.js +3 -1
package/dist/domain/reports/index.js.map +1 -1
package/dist/domain/resources/index.js +6 -4
package/dist/domain/resources/index.js.map +1 -1
package/dist/domain/resources/service.js +66 -64
package/dist/domain/resources/service.js.map +1 -1
package/dist/domain/templates/index.js +5 -3
package/dist/domain/templates/index.js.map +1 -1
package/dist/domain/tree/index.js +3 -1
package/dist/domain/tree/index.js.map +1 -1
package/dist/domain/workflows/index.js +3 -1
package/dist/domain/workflows/index.js.map +1 -1
package/dist/export.d.ts +6 -5
package/dist/export.js +15 -11
package/dist/export.js.map +1 -1
package/dist/index.d.ts +8 -2
package/dist/index.js +5 -3
package/dist/index.js.map +1 -1
package/dist/main.js +29 -2
package/dist/main.js.map +1 -1
package/dist/middleware/auth.d.ts +40 -0
package/dist/middleware/auth.js +68 -0
package/dist/middleware/auth.js.map +1 -0
package/dist/middleware/commandManager.d.ts +2 -2
package/dist/middleware/commandManager.js +9 -11
package/dist/middleware/commandManager.js.map +1 -1
package/dist/public/THIRD-PARTY.txt +37 -11
package/dist/public/assets/index-B_lh6qtv.css +1 -0
package/dist/public/assets/{index-Ca10XaMv.js → index-CEol8Bfi.js} +43823 -43030
package/dist/public/config.json +1 -0
package/dist/public/index.html +2 -2
package/dist/types.d.ts +25 -0
package/dist/types.js +13 -1
package/dist/types.js.map +1 -1
package/package.json +8 -5
package/src/app.ts +34 -14
package/src/auth/index.ts +17 -0
package/src/auth/keycloak.ts +109 -0
package/src/auth/mock.ts +38 -0
package/src/auth/types.ts +18 -0
package/src/domain/auth/index.ts +35 -0
package/src/domain/calculations/index.ts +13 -6
package/src/domain/calculations/service.ts +16 -14
package/src/domain/cardTypes/index.ts +24 -16
package/src/domain/cardTypes/service.ts +41 -95
package/src/domain/cards/index.ts +62 -44
package/src/domain/cards/lib.ts +105 -100
package/src/domain/cards/service.ts +73 -89
package/src/domain/fieldTypes/index.ts +23 -16
package/src/domain/graphModels/index.ts +13 -6
package/src/domain/graphViews/index.ts +13 -6
package/src/domain/labels/index.ts +5 -2
package/src/domain/labels/service.ts +2 -2
package/src/domain/linkTypes/index.ts +14 -7
package/src/domain/logicPrograms/index.ts +3 -0
package/src/domain/mcp/index.ts +159 -0
package/src/domain/project/index.ts +17 -8
package/src/domain/project/service.ts +20 -16
package/src/domain/reports/index.ts +13 -6
package/src/domain/resources/index.ts +6 -1
package/src/domain/resources/service.ts +102 -97
package/src/domain/templates/index.ts +31 -19
package/src/domain/tree/index.ts +3 -1
package/src/domain/workflows/index.ts +13 -6
package/src/export.ts +16 -13
package/src/index.ts +10 -3
package/src/main.ts +44 -2
package/src/middleware/auth.ts +90 -0
package/src/middleware/commandManager.ts +11 -14
package/src/types.ts +27 -0
package/dist/public/assets/index-CRSBseQM.css +0 -1

package/src/domain/cardTypes/service.ts CHANGED Viewed

@@ -54,126 +54,72 @@ export async function updateFieldVisibility(
 ): Promise<void> {
   const { fieldName, group: targetGroup, index: targetIndex } = body;
-  // Get current card type data
-  const cardType = await commands.showCmd.showResource(
-    cardTypeName,
-    'cardTypes',
-  );
-  if (!cardType) {
-    throw new Error(`Card type '${cardTypeName}' not found`);
-  }
+  await commands.atomic(async () => {
+    // Read is now inside the write lock
+    const cardType = await commands.showCmd.showResource(
+      cardTypeName,
+      'cardTypes',
+    );
+    if (!cardType) {
+      throw new Error(`Card type '${cardTypeName}' not found`);
+    }
-  const customFields = cardType.customFields || [];
-  const alwaysVisibleFields = cardType.alwaysVisibleFields || [];
-  const optionallyVisibleFields = cardType.optionallyVisibleFields || [];
+    const customFields = cardType.customFields || [];
+    const alwaysVisibleFields = cardType.alwaysVisibleFields || [];
+    const optionallyVisibleFields = cardType.optionallyVisibleFields || [];
-  // Validate that the field exists in customFields
-  const fieldExists = customFields.some(
-    (f: { name: string }) => f.name === fieldName,
-  );
-  if (!fieldExists) {
-    throw new Error(
-      `Field '${fieldName}' does not exist in card type '${cardTypeName}'. `,
+    // Validate that the field exists in customFields
+    const fieldExists = customFields.some(
+      (f: { name: string }) => f.name === fieldName,
     );
-  }
+    if (!fieldExists) {
+      throw new Error(
+        `Field '${fieldName}' does not exist in card type '${cardTypeName}'. `,
+      );
+    }
-  const currentGroup = getCurrentGroup(
-    alwaysVisibleFields,
-    optionallyVisibleFields,
-    fieldName,
-  );
+    const currentGroup = getCurrentGroup(
+      alwaysVisibleFields,
+      optionallyVisibleFields,
+      fieldName,
+    );
-  // If same group, just handle reordering
-  if (currentGroup === targetGroup) {
-    if (targetGroup === 'hidden') {
-      // Nothing to reorder in hidden group
+    // If same group, just handle reordering
+    if (currentGroup === targetGroup) {
+      if (targetGroup !== 'hidden' && targetIndex !== undefined) {
+        await commands.updateCmd.applyResourceOperation(
+          cardTypeName,
+          { key: groupToKey[targetGroup] },
+          { name: 'rank', target: fieldName, newIndex: targetIndex },
+        );
+      }
       return;
     }
-    if (targetIndex !== undefined) {
-      await commands.updateCmd.applyResourceOperation(
-        cardTypeName,
-        {
-          key: groupToKey[targetGroup],
-        },
-        {
-          name: 'rank',
-          target: fieldName,
-          newIndex: targetIndex,
-        },
-      );
-    }
-    return;
-  }
-  // Different group - need to remove from old and add to new
-  let removedFromOld = false;
-  try {
     // Remove from current group (if not hidden)
     if (currentGroup !== 'hidden') {
       await commands.updateCmd.applyResourceOperation(
         cardTypeName,
-        {
-          key: groupToKey[currentGroup],
-        },
-        {
-          name: 'remove',
-          target: fieldName,
-        },
+        { key: groupToKey[currentGroup] },
+        { name: 'remove', target: fieldName },
       );
-      removedFromOld = true;
     }
     // Add to new group (if not hidden)
     if (targetGroup !== 'hidden') {
       await commands.updateCmd.applyResourceOperation(
         cardTypeName,
-        {
-          key: groupToKey[targetGroup],
-        },
-        {
-          name: 'add',
-          target: fieldName,
-        },
+        { key: groupToKey[targetGroup] },
+        { name: 'add', target: fieldName },
       );
-      // Reorder if index specified
       if (targetIndex !== undefined) {
         await commands.updateCmd.applyResourceOperation(
           cardTypeName,
-          {
-            key: groupToKey[targetGroup],
-          },
-          {
-            name: 'rank',
-            target: fieldName,
-            newIndex: targetIndex,
-          },
-        );
-      }
-    }
-  } catch (error) {
-    // Attempt rollback if we removed from old group but failed to add to new
-    if (removedFromOld && currentGroup !== 'hidden') {
-      try {
-        await commands.updateCmd.applyResourceOperation(
-          cardTypeName,
-          {
-            key: groupToKey[currentGroup],
-          },
-          {
-            name: 'add',
-            target: fieldName,
-          },
-        );
-      } catch {
-        // Rollback failed - log but throw original error
-        console.error(
-          `Rollback failed for field '${fieldName}' in card type '${cardTypeName}'`,
+          { key: groupToKey[targetGroup] },
+          { name: 'rank', target: fieldName, newIndex: targetIndex },
         );
       }
     }
-    throw error;
-  }
+  }, `Update field visibility for ${cardTypeName}`);
 }

package/src/domain/cards/index.ts CHANGED Viewed

@@ -17,6 +17,8 @@ import { getCardDetails } from './lib.js';
 import * as cardService from './service.js';
 import { isSSGContext, ssgParams } from 'hono/ssg';
 import type { AppContext } from '../../types.js';
+import { UserRole } from '../../types.js';
+import { requireRole } from '../../middleware/auth.js';
 const router = new Hono();
@@ -34,7 +36,7 @@ const router = new Hono();
  *       500:
  *         description: project_path not set.
  */
-router.get('/', async (c) => {
+router.get('/', requireRole(UserRole.Reader), async (c) => {
   const commands = c.get('commands');
   try {
@@ -75,6 +77,7 @@ router.get('/', async (c) => {
  */
 router.get(
   '/:key',
+  requireRole(UserRole.Reader),
   ssgParams(async (c: AppContext) => {
     const commands = c.get('commands');
     const opts = c.get('tree');
@@ -144,7 +147,7 @@ router.get(
  *       500:
  *         description: project_path not set.
  */
-router.patch('/:key', async (c) => {
+router.patch('/:key', requireRole(UserRole.Editor), async (c) => {
   const commands = c.get('commands');
   const key = c.req.param('key');
   if (!key) {
@@ -201,7 +204,7 @@ router.patch('/:key', async (c) => {
  *       500:
  *         description: project_path not set.
  */
-router.delete('/:key', async (c) => {
+router.delete('/:key', requireRole(UserRole.Editor), async (c) => {
   const commands = c.get('commands');
   const key = c.req.param('key');
   if (!key) {
@@ -244,7 +247,7 @@ router.delete('/:key', async (c) => {
  *       500:
  *         description: project_path not set
  */
-router.post('/:key', async (c) => {
+router.post('/:key', requireRole(UserRole.Editor), async (c) => {
   const key = c.req.param('key');
   if (!key) {
     return c.text('No search key', 400);
@@ -300,7 +303,7 @@ router.post('/:key', async (c) => {
  *       500:
  *         description: Server error
  */
-router.post('/:key/attachments', async (c) => {
+router.post('/:key/attachments', requireRole(UserRole.Editor), async (c) => {
   const commands = c.get('commands');
   const key = c.req.param('key');
@@ -354,25 +357,33 @@ router.post('/:key/attachments', async (c) => {
  *       500:
  *         description: Server error
  */
-router.delete('/:key/attachments/:filename', async (c) => {
-  const commands = c.get('commands');
-  const { key, filename } = c.req.param();
+router.delete(
+  '/:key/attachments/:filename',
+  requireRole(UserRole.Editor),
+  async (c) => {
+    const commands = c.get('commands');
+    const { key, filename } = c.req.param();
-  try {
-    const result = await cardService.removeAttachment(commands, key, filename);
-    return c.json(result);
-  } catch (error) {
-    return c.json(
-      {
-        error:
-          error instanceof Error
-            ? error.message
-            : 'Failed to remove attachment',
-      },
-      500,
-    );
-  }
-});
+    try {
+      const result = await cardService.removeAttachment(
+        commands,
+        key,
+        filename,
+      );
+      return c.json(result);
+    } catch (error) {
+      return c.json(
+        {
+          error:
+            error instanceof Error
+              ? error.message
+              : 'Failed to remove attachment',
+        },
+        500,
+      );
+    }
+  },
+);
 /**
  * @swagger
@@ -398,23 +409,29 @@ router.delete('/:key/attachments/:filename', async (c) => {
  *       500:
  *         description: Server error
  */
-router.post('/:key/attachments/:filename/open', async (c) => {
-  const commands = c.get('commands');
-  const { key, filename } = c.req.param();
+router.post(
+  '/:key/attachments/:filename/open',
+  requireRole(UserRole.Reader),
+  async (c) => {
+    const commands = c.get('commands');
+    const { key, filename } = c.req.param();
-  try {
-    const result = await cardService.openAttachment(commands, key, filename);
-    return c.json(result);
-  } catch (error) {
-    return c.json(
-      {
-        error:
-          error instanceof Error ? error.message : 'Failed to open attachment',
-      },
-      500,
-    );
-  }
-});
+    try {
+      const result = await cardService.openAttachment(commands, key, filename);
+      return c.json(result);
+    } catch (error) {
+      return c.json(
+        {
+          error:
+            error instanceof Error
+              ? error.message
+              : 'Failed to open attachment',
+        },
+        500,
+      );
+    }
+  },
+);
 /**
  * @swagger
@@ -443,7 +460,7 @@ router.post('/:key/attachments/:filename/open', async (c) => {
  *       500:
  *         description: Server error
  */
-router.post('/:key/parse', async (c) => {
+router.post('/:key/parse', requireRole(UserRole.Reader), async (c) => {
   const commands = c.get('commands');
   const key = c.req.param('key');
   const { content } = await c.req.json();
@@ -497,7 +514,7 @@ router.post('/:key/parse', async (c) => {
  *       500:
  *         description: Server error
  */
-router.post('/:key/links', async (c) => {
+router.post('/:key/links', requireRole(UserRole.Editor), async (c) => {
   const commands = c.get('commands');
   const key = c.req.param('key');
   const { toCard, linkType, description } = await c.req.json();
@@ -556,7 +573,7 @@ router.post('/:key/links', async (c) => {
  *       500:
  *         description: Server error
  */
-router.delete('/:key/links', async (c) => {
+router.delete('/:key/links', requireRole(UserRole.Editor), async (c) => {
   const commands = c.get('commands');
   const key = c.req.param('key');
   const { toCard, linkType, description } = await c.req.json();
@@ -610,11 +627,12 @@ router.delete('/:key/links', async (c) => {
  */
 router.get(
   '/:key/a/:attachment',
+  requireRole(UserRole.Reader),
   ssgParams(async (c: Context) => {
     const commands = c.get('commands');
     return await cardService.findRelevantAttachments(commands, c.get('tree'));
   }),
-  (c) => {
+  async (c) => {
     const commands = c.get('commands');
     const { key, attachment } = c.req.param();
     const filename = decodeURI(attachment);
@@ -624,7 +642,7 @@ router.get(
     }
     try {
-      const attachmentResponse = cardService.getAttachment(
+      const attachmentResponse = await cardService.getAttachment(
         commands,
         key,
         filename,

package/src/domain/cards/lib.ts CHANGED Viewed

@@ -30,122 +30,127 @@ export async function getCardDetails(
   staticMode: boolean,
   raw: boolean,
 ): Promise<result> {
-  let cardDetailsResponse: Card;
-  try {
-    cardDetailsResponse = commands.showCmd.showCardDetails(key);
-  } catch {
-    return { status: 400, message: `Card ${key} not found from project` };
-  }
+  return commands.consistent(async () => {
+    let cardDetailsResponse: Card;
+    try {
+      cardDetailsResponse = await commands.showCmd.showCardDetails(key);
+    } catch {
+      return { status: 400, message: `Card ${key} not found from project` };
+    }
-  if (!cardDetailsResponse) {
-    return { status: 400, message: `Card ${key} not found from project` };
-  }
+    if (!cardDetailsResponse) {
+      return { status: 400, message: `Card ${key} not found from project` };
+    }
-  // always parse for now if not in export mode
-  if (!staticMode && !raw) {
-    await commands.calculateCmd.generate();
-  }
+    // always parse for now if not in export mode
+    if (!staticMode && !raw) {
+      await commands.calculateCmd.generate();
+    }
-  let asciidocContent = '';
-  try {
-    asciidocContent = await evaluateMacros(cardDetailsResponse.content || '', {
-      context: staticMode ? 'exportedSite' : 'localApp',
-      mode: staticMode ? 'staticSite' : 'inject',
-      project: commands.project,
-      cardKey: key,
-    });
-  } catch (error) {
-    asciidocContent = `Macro error: ${error instanceof Error ? error.message : 'Unknown error'}\n\n${asciidocContent}`;
-  }
+    let asciidocContent = '';
+    try {
+      asciidocContent = await evaluateMacros(
+        cardDetailsResponse.content || '',
+        {
+          context: staticMode ? 'exportedSite' : 'localApp',
+          mode: staticMode ? 'staticSite' : 'inject',
+          project: commands.project,
+          cardKey: key,
+        },
+      );
+    } catch (error) {
+      asciidocContent = `Macro error: ${error instanceof Error ? error.message : 'Unknown error'}\n\n${asciidocContent}`;
+    }
-  const htmlContent = Processor()
-    .convert(asciidocContent, {
-      safe: 'safe',
-      attributes: {
-        imagesdir: `/api/cards/${key}/a`,
-        icons: 'font',
-      },
-    })
-    .toString();
+    const htmlContent = Processor()
+      .convert(asciidocContent, {
+        safe: 'safe',
+        attributes: {
+          imagesdir: `/api/cards/${key}/a`,
+          icons: 'font',
+        },
+      })
+      .toString();
-  if (raw) {
-    if (!cardDetailsResponse.metadata) {
-      throw new Error('Card has no metadata');
+    if (raw) {
+      if (!cardDetailsResponse.metadata) {
+        throw new Error('Card has no metadata');
+      }
+      const cardType = await commands.showCmd.showResource(
+        cardDetailsResponse.metadata.cardType,
+        'cardTypes',
+      );
+      const fields = [];
+      let i = 0;
+      for (const customField of cardType.customFields) {
+        const fieldType = await commands.showCmd.showResource(
+          customField.name,
+          'fieldTypes',
+        );
+        fields.push({
+          key: customField.name,
+          visibility: 'always',
+          index: i++,
+          fieldDisplayName: fieldType.displayName,
+          fieldDescription: fieldType.description,
+          dataType: fieldType.dataType,
+          isCalculated: customField.isCalculated,
+          value: cardDetailsResponse.metadata[customField.name],
+          enumValues: fieldType.enumValues ?? [],
+        });
+      }
+      return {
+        status: 200,
+        data: {
+          key: cardDetailsResponse.key,
+          rank: cardDetailsResponse.metadata?.rank,
+          title: cardDetailsResponse.metadata?.title || '',
+          cardType: cardDetailsResponse.metadata?.cardType || '',
+          cardTypeDisplayName: cardDetailsResponse.metadata.cardType,
+          workflowState: '',
+          lastUpdated: cardDetailsResponse.metadata.lastUpdated,
+          fields,
+          labels: cardDetailsResponse.metadata?.labels || [],
+          links: [],
+          notifications: [],
+          policyChecks: {
+            successes: [],
+            failures: [],
+          },
+          deniedOperations: {
+            transition: [],
+            move: [],
+            delete: [],
+            editField: [],
+            editContent: [],
+          },
+          rawContent: cardDetailsResponse.content || '',
+          parsedContent: htmlContent,
+          attachments: cardDetailsResponse.attachments,
+        },
+      };
     }
-    const cardType = await commands.showCmd.showResource(
-      cardDetailsResponse.metadata.cardType,
-      'cardTypes',
-    );
-    const fields = [];
-    let i = 0;
-    for (const customField of cardType.customFields) {
-      const fieldType = await commands.showCmd.showResource(
-        customField.name,
-        'fieldTypes',
-      );
-      fields.push({
-        key: customField.name,
-        visibility: 'always',
-        index: i++,
-        fieldDisplayName: fieldType.displayName,
-        fieldDescription: fieldType.description,
-        dataType: fieldType.dataType,
-        isCalculated: customField.isCalculated,
-        value: cardDetailsResponse.metadata[customField.name],
-        enumValues: fieldType.enumValues ?? [],
-      });
+    const card = staticMode
+      ? await getCardQueryResult(commands, key)
+      : await commands.calculateCmd.runQuery('card', 'localApp', {
+          cardKey: key,
+        });
+    if (card.length !== 1) {
+      throw new Error('Query failed. Check card-query syntax');
     }
     return {
       status: 200,
       data: {
-        key: cardDetailsResponse.key,
-        rank: cardDetailsResponse.metadata?.rank,
-        title: cardDetailsResponse.metadata?.title || '',
-        cardType: cardDetailsResponse.metadata?.cardType || '',
-        cardTypeDisplayName: cardDetailsResponse.metadata.cardType,
-        workflowState: '',
-        lastUpdated: cardDetailsResponse.metadata.lastUpdated,
-        fields,
-        labels: cardDetailsResponse.metadata?.labels || [],
-        links: [],
-        notifications: [],
-        policyChecks: {
-          successes: [],
-          failures: [],
-        },
-        deniedOperations: {
-          transition: [],
-          move: [],
-          delete: [],
-          editField: [],
-          editContent: [],
-        },
+        ...card[0],
         rawContent: cardDetailsResponse.content || '',
         parsedContent: htmlContent,
         attachments: cardDetailsResponse.attachments,
       },
     };
-  }
-  const card = staticMode
-    ? await getCardQueryResult(commands.project.basePath, key)
-    : await commands.calculateCmd.runQuery('card', 'localApp', {
-        cardKey: key,
-      });
-  if (card.length !== 1) {
-    throw new Error('Query failed. Check card-query syntax');
-  }
-  return {
-    status: 200,
-    data: {
-      ...card[0],
-      rawContent: cardDetailsResponse.content || '',
-      parsedContent: htmlContent,
-      attachments: cardDetailsResponse.attachments,
-    },
-  };
+  });
 }
 /**
  * Returns all cards from a tree query, flattened.