@dataramen/cli 0.0.52-beta.2 → 0.0.52-beta.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/code/server.js
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
"use strict";var
|
|
1
|
+
"use strict";var jt=Object.create;var Ae=Object.defineProperty;var Gt=Object.getOwnPropertyDescriptor;var Kt=Object.getOwnPropertyNames;var Vt=Object.getPrototypeOf,zt=Object.prototype.hasOwnProperty;var Jt=(e,t,r,o)=>{if(t&&typeof t=="object"||typeof t=="function")for(let a of Kt(t))!zt.call(e,a)&&a!==r&&Ae(e,a,{get:()=>t[a],enumerable:!(o=Gt(t,a))||o.enumerable});return e};var P=(e,t,r)=>(r=e!=null?jt(Vt(e)):{},Jt(t||!e||!e.__esModule?Ae(r,"default",{value:e,enumerable:!0}):r,e));var J=require("dotenv"),X=require("node:path"),Oe=require("node:fs"),Xt=(()=>{try{let e=(0,Oe.readFileSync)((0,X.join)(__dirname,"..","package.json"),"utf8");return JSON.parse(e)}catch{return{version:"0.0.0"}}})(),Pe=[];process.argv[2]&&Pe.push((0,X.resolve)(process.argv[2]));(0,J.config)({path:Pe});(0,J.populate)(process.env,{SERVER_VERSION:Xt.version,APP_DB_TYPE:"sqlite",APP_DB_DATABASE:"<home>/.dataramen/.runtime/db.sqlite3",PROD:"true"},{override:!1});var Zt=["SYMM_ENCRYPTION_KEY","JWT_SECRET","JWT_REFRESH_SECRET"],_e=()=>{let e=[];for(let t of Zt)process.env[t]||e.push(t);if(e.length>0)throw new Error("Following env variables are required but not provided: "+e.join(", "))};function er(e,t=void 0){return process.env[e]||t}function tr(e,t=void 0){let r=process.env[e];if(!r)return t;let o=Number(r);return!isNaN(o)&&r.trim()!==""?o:t}function rr(e){return process.env[e]==="true"||process.env[e]==="TRUE"||process.env[e]==="1"}var p={str:er,num:tr,bool:rr};var Qs=require("reflect-metadata"),kt=P(require("fastify")),qt=P(require("@fastify/cors")),Qt=P(require("@fastify/static")),Bt=P(require("qs"));var s=class extends Error{constructor(r,o){super(o);this.status=r;this.message=o}};var Be=require("typeorm");var De=require("typeorm");var l=p.str("APP_DB_TYPE")==="sqlite"?"datetime":"timestamp";var ce=new De.EntitySchema({name:"DatabaseInspection",tableName:"db_inspection",columns:{id:{type:String,unique:!0,primary:!0,generated:"uuid"},tableName:{nullable:!0,type:String},columns:{type:"json",nullable:!0},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP"}},relations:{datasource:{target:()=>"DataSource",type:"many-to-one",joinTable:!1,cascade:!0}}});var Ue=require("typeorm");var me=new Ue.EntitySchema({name:"Team",tableName:"teams",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},name:{type:String},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP"}},relations:{users:{type:"one-to-many",target:()=>"UsersToTeams",inverseSide:"team"},queries:{type:"one-to-many",target:()=>"Query",inverseSide:"team"},datasources:{type:"one-to-many",target:()=>"DataSource",inverseSide:"team"}}});var ve=require("typeorm");var le=new ve.EntitySchema({name:"User",tableName:"users",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},username:{type:String,unique:!0},password:{type:String}},relations:{teams:{type:"one-to-many",target:()=>"UsersToTeams",inverseSide:"user"},settings:{type:"one-to-one",target:()=>"UserSettings",inverseSide:"user"},currentTeam:{type:"one-to-one",target:()=>"UsersToTeams",inverseSide:"user",joinColumn:!0},queries:{type:"one-to-many",target:()=>"Query",inverseSide:"user"}}});var xe=require("typeorm");var de=new xe.EntitySchema({name:"UserSettings",tableName:"user_settings",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP"}},relations:{user:{type:"one-to-one",target:()=>"User",inverseSide:"settings",joinColumn:!0}}});var Me=require("typeorm");var pe=new Me.EntitySchema({name:"DataSource",tableName:"data_sources",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},dbUrl:{type:String},dbPort:{type:Number,nullable:!0},dbUser:{type:String},dbPassword:{type:String,nullable:!0,select:!1},dbPasswordIv:{type:String,nullable:!0,select:!1},dbPasswordTag:{type:String,nullable:!0,select:!1},dbType:{type:String},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},name:{type:String},description:{type:String,nullable:!0},dbDatabase:{type:String},dbSchema:{type:String,nullable:!0},allowInsert:{type:Boolean,default:!1},allowUpdate:{type:Boolean,default:!1},lastInspected:{type:l,nullable:!0,default:null},status:{type:String,nullable:!0}},relations:{team:{type:"many-to-one",target:()=>"Team",inverseSide:"datasources",joinColumn:!0},inspections:{type:"one-to-many",target:()=>"DatabaseInspection",inverseSide:"datasource"},queries:{type:"one-to-many",target:()=>"Query",inverseSide:"dataSource"},owner:{type:"many-to-one",target:()=>"User",joinColumn:!0}}});var Fe=P(require("node:os")),$e=require("node:path");var Le=require("typeorm");var fe=new Le.EntitySchema({name:"Query",tableName:"query",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},name:{type:String},opts:{type:"json",default:"{}"},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP",onUpdate:"CURRENT_TIMESTAMP"}},relations:{team:{type:"many-to-one",target:()=>"Team",inverseSide:"queries",joinColumn:!0},dataSource:{type:"many-to-one",target:()=>"DataSource",inverseSide:"datasources",joinColumn:!0},user:{type:"many-to-one",target:()=>"User",inverseSide:"queries",joinColumn:!0,nullable:!0}}});var ke=require("typeorm"),ye=new ke.EntitySchema({name:"UsersToTeams",tableName:"users_to_teams",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},role:{type:"varchar",default:"admin",nullable:!1}},relations:{team:{type:"many-to-one",target:()=>"Team",inverseSide:"users"},user:{type:"many-to-one",target:()=>"User",inverseSide:"teams"}}});var qe=require("typeorm");var Te=new qe.EntitySchema({name:"SavedQuery",tableName:"saved_queries",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},isPersonal:{type:Boolean},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP",onUpdate:"CURRENT_TIMESTAMP"}},relations:{team:{type:"many-to-one",target:()=>"Team",inverseSide:"queries",joinColumn:!0},user:{type:"many-to-one",target:()=>"User",inverseSide:"queries",joinColumn:!0,nullable:!0},query:{type:"one-to-one",target:()=>"Query",joinColumn:!0,nullable:!1}}});var Qe=require("typeorm");var he=new Qe.EntitySchema({name:"WorkbenchTab",tableName:"workbench_tabs",columns:{id:{type:"uuid",primary:!0,generated:"uuid"},name:{type:String},createdAt:{type:l,default:()=>"CURRENT_TIMESTAMP"},updatedAt:{type:l,default:()=>"CURRENT_TIMESTAMP",onUpdate:"CURRENT_TIMESTAMP"},opts:{type:"json",default:"{}"},archived:{type:Boolean,default:!1}},relations:{team:{type:"many-to-one",target:()=>"Team",joinColumn:!0},user:{type:"many-to-one",target:()=>"User",joinColumn:!0}}});function or(){let e=p.str("APP_DB_DATABASE");if(!e)throw new Error("Bad value for TYPEORM_DATABASE. Please check your config!");return e.startsWith("<home>")&&(e=e.replace("<home>",Fe.default.homedir())),e}var b=new Be.DataSource({type:p.str("APP_DB_TYPE"),database:or(),host:p.str("APP_DB_HOST"),username:p.str("APP_DB_USERNAME"),password:p.str("APP_DB_PASSWORD"),port:p.num("APP_DB_PORT"),schema:p.str("APP_DB_SCHEMA"),logging:p.bool("APP_DB_LOGGING"),migrationsRun:!0,migrations:[$e.posix.join(__dirname,"migrations","*.js")],entities:[ce,pe,me,le,ye,de,fe,Te,he]}),He=async()=>{if(!b.isInitialized)return b.initialize();throw new Error("Already initialized")},D=b.getRepository(ce),S=b.getRepository(pe),x=b.getRepository(me),I=b.getRepository(le),N=b.getRepository(ye),B=b.getRepository(de),C=b.getRepository(fe),M=b.getRepository(Te),U=b.getRepository(he);var g=e=>(t,r,o)=>{e(t),o()};var W=require("jose");var We=new TextEncoder,Ye=We.encode(p.str("JWT_SECRET")),je=We.encode(p.str("JWT_REFRESH_SECRET")),ge=async({userId:e})=>new W.SignJWT({sub:e}).setProtectedHeader({alg:"HS256"}).setExpirationTime("1h").sign(Ye),we=async({userId:e})=>new W.SignJWT({sub:e}).setProtectedHeader({alg:"HS256"}).setExpirationTime("10d").sign(je),Ge=async(e,t)=>{try{let{payload:r}=await(0,W.jwtVerify)(e,t);if(!r.sub)throw new s(401,"Failed to verify access token");return{userId:r.sub}}catch(r){throw r instanceof s?r:r instanceof Error?new s(401,r.message):new s(401,"Failed to verify refresh token")}},Ke=async e=>Ge(e,Ye),Ve=async e=>Ge(e,je);var m=(e,t)=>{let r=e.body;return t&&t(r),r},F=(e,t)=>{let r=e.query;return t&&t(r),r},f=(e,t)=>{let r=e.params;return t&&t(r),r};var Je=P(require("bcryptjs"));var ze=e=>{if(!e?.username)throw new s(400,"Username is required");if(!e?.password)throw new s(400,"Password is required")};var Z="DATARAMEN_refresh_token",Ee={httpOnly:!0,secure:p.bool("PROD"),sameSite:p.bool("PROD"),path:"/",maxAge:10*24*60*60},Xe=g(e=>{e.route({method:"post",url:"/login",config:{isPublic:!0},handler:async(t,r)=>{let{username:o,password:a}=m(t,ze),n=await I.findOne({where:{username:o}});if(!n||!Je.default.compareSync(a,n.password))throw new s(401,"Invalid credentials");let[i,u]=await Promise.all([ge({userId:n?.id}),we({userId:n?.id})]);return r.setCookie(Z,u,Ee),{data:{accessToken:i}}}}),e.route({method:"post",url:"/refresh",config:{isPublic:!0},handler:async(t,r)=>{let o=t.cookies[Z];if(!o)return r.code(401).send({message:"Missing refresh token"});let{userId:a}=await Ve(o),[n,i]=await Promise.all([ge({userId:a}),we({userId:a})]);return r.setCookie(Z,i,Ee),{data:{accessToken:n}}}}),e.route({method:"post",url:"/logout",config:{isPublic:!0},handler:async(t,r)=>(r.clearCookie(Z,Ee),{data:!0})})});var Ze=e=>{if(!e.dbUrl)throw new s(400,"url is required");if(!e.dbUser)throw new s(400,"user is required");if(!e.dbType)throw new s(400,"type is required");if(!e.name)throw new s(400,"name is required");if(!e.dbDatabase)throw new s(400,"database is required")};var tt=P(require("mysql2/promise"));var ar=({database:e,password:t,user:r,url:o})=>tt.default.createConnection({host:o,user:r,database:e,password:t}),nr=async e=>{let t=`
|
|
2
2
|
SELECT TABLE_NAME, COLUMN_NAME, ORDINAL_POSITION
|
|
3
3
|
FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
|
|
4
4
|
WHERE CONSTRAINT_NAME = 'PRIMARY'
|
|
5
5
|
ORDER BY TABLE_NAME, ORDINAL_POSITION;
|
|
6
|
-
`,[r]=await e.execute(t),o={};return r.forEach(a=>{let n=a.TABLE_NAME,
|
|
6
|
+
`,[r]=await e.execute(t),o={};return r.forEach(a=>{let n=a.TABLE_NAME,i=a.COLUMN_NAME;o[n]||(o[n]=[]),o[n].push(i)}),o},sr=async e=>{let t=`
|
|
7
7
|
SELECT
|
|
8
8
|
TABLE_NAME AS table_name,
|
|
9
9
|
COLUMN_NAME AS field,
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
WHERE
|
|
15
15
|
REFERENCED_TABLE_NAME IS NOT NULL
|
|
16
16
|
AND CONSTRAINT_SCHEMA = DATABASE();
|
|
17
|
-
`,[r]=await e.execute(t),o={};return Array.isArray(r)&&r.forEach(a=>{o[a.table_name]||(o[a.table_name]={}),o[a.table_name][a.field]={refTable:a.referenced_table,refField:a.referenced_field}}),o},
|
|
17
|
+
`,[r]=await e.execute(t),o={};return Array.isArray(r)&&r.forEach(a=>{o[a.table_name]||(o[a.table_name]={}),o[a.table_name][a.field]={refTable:a.referenced_table,refField:a.referenced_field}}),o},ir=async(e,t)=>{let o=(await t.query("SHOW TABLES"))[0],a=await sr(t),n=await nr(t),i=o.map(async u=>{let c=Object.values(u)[0],d=`select COLUMN_NAME, DATA_TYPE from information_schema.columns where table_schema = '${e.database}' and table_name = '${c}'`,[T]=await t.query(d),h=a[c];return{columns:T.map(y=>({name:y.COLUMN_NAME,type:y.DATA_TYPE,isPrimary:n[c]?.includes(y.COLUMN_NAME),ref:h?.[y.COLUMN_NAME]?{table:h[y.COLUMN_NAME].refTable,field:h[y.COLUMN_NAME].refField}:void 0})).sort((y,w)=>y.isPrimary&&w.isPrimary?y.name.localeCompare(w.name):y.isPrimary?-1:1),createdAt:new Date,tableName:c,updatedAt:new Date}});return Promise.all(i)},et=async(e,t,r)=>{try{console.log(`[MYSQL CONN] Query: ${e}`);let[o,a]=await t.query({sql:e,rowsAsArray:!0}),n=o?.constructor?.name;if(n==="ResultSetHeader"){let i=o;if(i.affectedRows>1&&r.allowBulkUpdate!==!0)throw new Error("[MYSQL CONN] Bulk update performed without permission.");return{columns:[{column:"affectedRows",alias:"Affected rows",full:"affectedRows"}],rows:[[i.affectedRows]],query:e}}else if(n==="Array"){let i=o;return{columns:a?.map(u=>({column:u.orgName||u.name,table:u.orgTable,alias:u.name,full:u.orgTable?u.orgTable+"."+u.orgName:u.name}))||[],rows:i,query:e}}throw new Error(`[MYSQL CONN] Unknown result type: ${n}`)}catch(o){throw console.error(o),o instanceof s?o:new s(400,o.message)}},ur=async(e,t)=>{await e.beginTransaction();try{let r=await t();return await e.commit(),console.log("[MYSQL CONN] Commit"),r}catch(r){throw await e.rollback(),console.warn(r.message),console.log("[MYSQL CONN] Rollback"),r}},cr=async(e,t)=>{await e.query("START TRANSACTION READ ONLY");try{let r=await t();return console.log("[MYSQL CONN] Read only rollback"),await e.query("ROLLBACK"),r}catch(r){throw console.warn(r.message),await e.query("ROLLBACK"),r}},rt=async e=>{let t=await ar(e),r=!1;return{dbType:"mysql",dataSource:e,inspectSchema:()=>ir(e,t),executeQuery:(o,a)=>a.type==="SELECT"?cr(t,()=>et(o,t,a)):ur(t,()=>et(o,t,a)),checkConnection:async()=>t.ping(),isClosed:()=>r,close:async()=>{if(!r)return r=!0,t.destroy()}}};var at=P(require("pg"));var mr=async({database:e,password:t,user:r,url:o,port:a})=>{let n=new at.default.Client({host:o,user:r,database:e,password:t,port:a,query_timeout:1e4});return await n.connect(),n},lr=async e=>{let r=await e.query(`
|
|
18
18
|
SELECT
|
|
19
19
|
kcu.table_name,
|
|
20
20
|
kcu.column_name,
|
|
@@ -28,7 +28,7 @@
|
|
|
28
28
|
tc.constraint_type = 'PRIMARY KEY'
|
|
29
29
|
ORDER BY
|
|
30
30
|
kcu.table_name, kcu.ordinal_position;
|
|
31
|
-
`),o={};return r.rows.forEach(a=>{let n=a.table_name,
|
|
31
|
+
`),o={};return r.rows.forEach(a=>{let n=a.table_name,i=a.column_name;o[n]||(o[n]=[]),o[n].push(i)}),o},dr=async e=>{let r=await e.query(`
|
|
32
32
|
SELECT
|
|
33
33
|
tc.table_name AS table_name,
|
|
34
34
|
kcu.column_name AS field,
|
|
@@ -43,15 +43,15 @@
|
|
|
43
43
|
ON ccu.constraint_name = tc.constraint_name
|
|
44
44
|
AND ccu.table_schema = tc.table_schema
|
|
45
45
|
WHERE tc.constraint_type = 'FOREIGN KEY';
|
|
46
|
-
`),o={};return r.rows.forEach(a=>{o[a.table_name]||(o[a.table_name]={}),o[a.table_name][a.field]={refTable:a.referenced_table,refField:a.referenced_field}}),o},
|
|
46
|
+
`),o={};return r.rows.forEach(a=>{o[a.table_name]||(o[a.table_name]={}),o[a.table_name][a.field]={refTable:a.referenced_table,refField:a.referenced_field}}),o},pr=async(e,t)=>{let r=`SELECT tablename FROM pg_catalog.pg_tables WHERE schemaname = '${e.schema}'`,a=(await t.query(r)).rows,n=await dr(t),i=await lr(t),u=a.map(async c=>{let d=Object.values(c)[0],T=`
|
|
47
47
|
SELECT column_name, data_type
|
|
48
48
|
FROM information_schema.columns
|
|
49
49
|
WHERE
|
|
50
|
-
table_name = '${
|
|
50
|
+
table_name = '${d}' and
|
|
51
51
|
table_schema = '${e.schema}'
|
|
52
|
-
`,{rows:
|
|
52
|
+
`,{rows:h}=await t.query(T),y=n[d];return{columns:h.map(w=>({name:w.column_name,type:w.data_type,isPrimary:i[d]?.includes(w.column_name),ref:y?.[w.column_name]?{table:y[w.column_name].refTable,field:y[w.column_name].refField}:void 0})).sort((w,Q)=>w.isPrimary&&Q.isPrimary?w.name.localeCompare(Q.name):w.isPrimary?-1:1),createdAt:new Date,tableName:d,updatedAt:new Date}});return Promise.all(u)},fr=async(e,t)=>{let r=`select relname, attname, concat(pg_class.oid, '-', attnum) as row_key
|
|
53
53
|
from pg_attribute
|
|
54
54
|
left join pg_class on pg_attribute.attrelid = pg_class.oid
|
|
55
55
|
where
|
|
56
56
|
concat(pg_class.oid, '-', attnum) IN (${e.join(", ")})
|
|
57
|
-
limit 25;`;return(await t.query(r)).rows.reduce((a,n)=>(a[n.row_key]={table:n.relname,column:n.attname},a),{})},ot=async(e,t,r)=>{try{console.log(`[PG CONN] Query: ${e}`);let{rows:o,fields:a,command:n,rowCount:u}=await t.query({text:e,rowMode:"array"});if(n==="UPDATE"||n==="INSERT"||n==="DELETE"){if(u!=null&&u>1&&r.allowBulkUpdate!==!0)throw new Error("[PG CONN] Bulk update performed without permission.");return{columns:[{column:"affectedRows",alias:"Affected rows",full:"affectedRows"}],rows:[[u]],query:e}}if(n==="SELECT"){let i=a.map(l=>`'${l.tableID}-${l.columnID}'`),g=await pr(i,t);return{columns:a.map(l=>{let y=g[`${l.tableID}-${l.columnID}`];return{column:y?.column||l.name,alias:l.name,table:y?.table||"",full:y?y.table+"."+y.column:l.name}}),rows:o,query:e}}throw new Error(`[PG CONN] Unsupported command: ${n}`)}catch(o){throw o instanceof s?o:new s(400,o.message)}},fr=async(e,t)=>{await e.query("BEGIN");try{let r=await t();return await e.query("COMMIT"),console.log("[PG CONN] Commit"),r}catch(r){throw await e.query("ROLLBACK"),console.log("[PG CONN] Rollback"),r}},yr=async(e,t)=>{await e.query("BEGIN READ ONLY");try{let r=await t();return console.log("[PG CONN] Read only rollback"),await e.query("ROLLBACK"),r}catch(r){throw console.log("[PG CONN] Rollback"),await e.query("ROLLBACK"),r}},nt=async e=>{let t=await cr(e),r=!1,o=!1,a=async n=>(o||await t.query(`SET search_path TO ${e.schema}`),n());return{dbType:"postgres",dataSource:e,inspectSchema:()=>dr(e,t),executeQuery:(n,u)=>a(()=>u.type==="SELECT"?yr(t,()=>ot(n,t,u)):fr(t,()=>ot(n,t,u))),checkConnection:async()=>{},isClosed:()=>r,close:async()=>{if(!r)return r=!0,t.end()}}};var L=async(e,t,r)=>{try{let o;if(t==="mysql")o=await rt(e);else if(t==="postgres")o=await nt(e);else throw new s(500,`Connection manager for ${t} not found`);return r.__connections?r.__connections.push(o):r.__connections=[o],o}catch(o){throw console.error(o),o instanceof s?o:o?.code==="ECONNREFUSED"?new s(500,"Failed to connect to the database"):new s(500,o.message)}};var ee=P(require("node:crypto"));var st="aes-256-gcm",Tr=12,it=()=>{let e=d.str("SYMM_ENCRYPTION_KEY");if(!e)throw new Error("Missing ENCRYPTION_KEY in environment variables.");let t=Buffer.from(e,"hex");if(t.length!==32)throw new Error("ENCRYPTION_KEY must be a 64-character hex string (256 bits).");return t},hr=e=>{let t=ee.default.randomBytes(Tr),r=it(),o=ee.default.createCipheriv(st,r,t),a=o.update(e,"utf8","hex");a+=o.final("hex");let n=o.getAuthTag();return{encrypted:a,iv:t.toString("hex"),tag:n.toString("hex")}},gr=({encrypted:e,iv:t,tag:r})=>{let o=it(),a=ee.default.createDecipheriv(st,o,Buffer.from(t,"hex"));a.setAuthTag(Buffer.from(r,"hex"));let n=a.update(e,"hex","utf8");return n+=a.final("utf8"),n},te={encrypt:hr,decrypt:gr};var q=(e,t=!1)=>{if(t){let r=te.decrypt({encrypted:e.dbPassword,tag:e.dbPasswordTag,iv:e.dbPasswordIv});return{url:e.dbUrl,user:e.dbUser,database:e.dbDatabase,password:r,port:e.dbPort,schema:e.dbSchema}}return{url:e.dbUrl,user:e.dbUser,database:e.dbDatabase,password:e.dbPassword,port:e.dbPort,schema:e.dbSchema}};var ut=[{value:"=",label:"equals"},{value:"<>",label:"not equal"},{value:">",label:"greater than"},{value:">=",label:"greater than or equal"},{value:"<",label:"less than"},{value:"<=",label:"less than or equal"},{value:"LIKE",label:"contains"},{value:"NOT LIKE",label:"not contains"},{value:"IN",label:"in list"},{value:"NOT IN",label:"not in list"},{value:"IS NULL",label:"is null"},{value:"IS NOT NULL",label:"is not null"}],wr=ut.reduce((e,t)=>(e[t.value]=t.label,e),{}),ra=ut.reduce((e,t)=>(e[t.label]=t.value,e),{}),$=e=>e.map(t=>({label:wr[t],value:t})),oa=$(["=","<>",">",">=","<","<=","IN","NOT IN","IS NULL","IS NOT NULL"]),aa=$(["=","<>","LIKE","NOT LIKE","IN","NOT IN","IS NULL","IS NOT NULL"]),na=$(["=","<>","IS NULL","IS NOT NULL"]),sa=$(["=","<>",">",">=","<","<=","IS NULL","IS NOT NULL"]),ia=$(["IS NULL","IS NOT NULL"]),ua=$(["IN","NOT IN"]);var ct=["char","varchar","binary","varbinary","blob","text","enum","set","character","character varying","text","citext","uuid","xml","json","jsonb"];var ca=["date","datetime","timestamp","timestamptz"].reduce((e,t)=>(e[t]=!0,e),{});var Se=e=>e.fn?e.distinct===!0?`${e.fn} distinct ${e.value}`:`${e.fn} ${e.value}`:e.value;var Re={read_only:10,editor:20,admin:30,owner:40};var b=e=>{let t=Re[e];return r=>Re[r.currentTeamRole]>=t},mt=async e=>{let t=e.routeOptions.config.requireRole;if(t&&!t(e.user))throw new s(403,"You are not authorized to perform this action")};var lt=h(e=>{e.route({method:"get",url:"/:id",handler:async t=>{let{id:r}=p(t),o=await R.findOne({where:{id:r}});if(!o)throw new s(404,"Data source not found");return{data:o}}}),e.route({method:"get",url:"/",handler:async t=>{let{teamId:r}=B(t);return{data:await R.find({where:{team:{id:r}},order:{createdAt:"DESC"}})}}}),e.route({url:"/",method:"post",config:{requireRole:b("admin")},handler:async t=>{let{teamId:r,ownerId:o,...a}=c(t,Ze),n=R.create({...a,allowUpdate:!!a.allowUpdate,allowInsert:!!a.allowInsert,team:{id:r},owner:{id:o}}),u=await L(q(n),n.dbType,t);try{await u.checkConnection()}catch{throw new s(400,"Cannot connect to the database, please check datasource configuration")}let{tag:i,iv:g,encrypted:l}=te.encrypt(n.dbPassword);return n.dbPassword=l,n.dbPasswordIv=g,n.dbPasswordTag=i,{data:await R.save(n)}}}),e.route({method:"put",url:"/:id",config:{requireRole:b("admin")},handler:async t=>{let{id:r}=p(t),o=c(t),a=await R.findOneBy({id:r});if(!a)throw new s(404,"Data source not found");let n=R.merge(a,o);return await R.save(n),{data:n}}}),e.route({method:"delete",url:"/:id",config:{requireRole:b("admin")},handler:async(t,r)=>S.transaction(async()=>{let{id:o}=p(t);await Promise.all([D.delete({datasource:{id:o}}),C.delete({dataSource:{id:o}})]),await R.delete({id:o})})}),e.route({method:"post",url:"/:id/inspect",handler:async(t,r)=>{let{id:o}=p(t),a=await R.findOne({where:{id:o},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser"]});if(!a)throw new Error("Data source not found");a.status="INSPECTING",await R.save(a);let u=await(await L(q(a,!0),a.dbType,t)).inspectSchema();await D.delete({datasource:{id:o}}),await D.insert(u.sort().map(i=>D.create({tableName:i.tableName,columns:i.columns,datasource:{id:o}}))),a.status="READY",a.lastInspected=new Date,await R.save(a)}}),e.route({method:"get",url:"/:id/inspections",handler:async t=>{let{id:r}=p(t);return{data:await D.find({where:{datasource:{id:r}}})}}})});var H=require("typeorm"),dt=h(e=>{e.route({method:"get",url:"/team/:teamId/datasources",handler:async(t,r)=>{let{teamId:o}=p(t);return{data:await R.find({where:{team:{id:o}},order:{name:"ASC"},select:{id:!0,name:!0,updatedAt:!0,dbType:!0,description:!0,allowInsert:!0,allowUpdate:!0}})}}}),e.route({method:"get",url:"/team/:teamId/queries",handler:async(t,r)=>{let a=p(t).teamId||t.user.currentTeamId;return{data:(await M.find({where:[{isPersonal:!1,team:{id:a}},{isPersonal:!0,team:{id:a},user:{id:t.user.id}}],relations:{query:!0},select:{id:!0,query:{id:!0,name:!0,updatedAt:!0}}})).map(i=>({name:i.query.name,id:i.query.id,updatedAt:i.query.updatedAt,savedQueryId:i.id}))}}}),e.route({method:"get",url:"/team/:teamId/query",handler:async t=>{let{teamId:r}=p(t),{search:o,size:a,selectedDataSources:n}=B(t),u=(parseInt(a)||20)/2,i={};n?.length&&(i.id=(0,H.In)(n));let[g,l]=await Promise.all([D.find({where:{tableName:(0,H.Like)(`%${o}%`),datasource:i},relations:{datasource:!0},select:{id:!0,tableName:!0,datasource:{name:!0,id:!0}},order:{tableName:"ASC"},take:u}),M.find({where:[{query:{dataSource:i,name:(0,H.Like)(`%${o}%`)},team:{id:r},isPersonal:!1},{query:{dataSource:i,name:(0,H.Like)(`%${o}%`)},team:{id:r},isPersonal:!0,user:{id:t.user.id}}],relations:{query:{dataSource:!0}},select:{id:!0,query:{id:!0,name:!0,dataSource:{name:!0}}},order:{query:{name:"ASC"}},take:u})]),y=[];return g.forEach(T=>{y.push({name:T.tableName,id:T.id,dataSourceName:T.datasource?.name||"--",dataSourceId:T.datasource?.id||"--",type:"table"})}),l.forEach(T=>{y.push({name:T.query.name,id:T.id,dataSourceName:T.query.dataSource?.name||"--",dataSourceId:T.query.dataSource?.id||"--",type:"query"})}),{data:y}}})});var pt=h(e=>{e.route({method:"get",url:"/:id",handler:async t=>{let{id:r}=p(t),o=await C.findOne({where:{id:r},select:{dataSource:{id:!0}},relations:{dataSource:!0}});return o?{data:o}:{status:404,data:"Query not found"}}}),e.route({method:"post",url:"/",config:{requireRole:b("editor")},handler:async t=>{let r=c(t),o=await R.findOne({where:{id:r.dataSourceId},relations:{team:!0}});return{data:await C.save(C.create({name:r.name,opts:r.opts,team:{id:o?.team.id},dataSource:{id:r.dataSourceId},user:{id:t.user.id}}))}}}),e.route({method:"patch",url:"/:id",config:{requireRole:b("editor")},handler:async t=>{let{id:r}=p(t),o=c(t);if(!(await C.update(r,o)).affected)throw new s(404,"Query not found");return{data:await C.findOneBy({id:r})}}}),e.route({method:"delete",url:"/:id",config:{requireRole:b("editor")},handler:async t=>S.transaction(async()=>{let{id:r}=p(t);if(!(await C.delete({id:r})).affected)return{status:404,data:"Query not found"}})})});var re=e=>{let t=e.distinct===!0?"distinct ":"";return`${e.fn}(${t}${e.value})`},Y={YEAR:e=>`EXTRACT(YEAR FROM ${e.value})`,MONTH:e=>`EXTRACT(MONTH FROM ${e.value})`,DAY:e=>`EXTRACT(DAY FROM ${e.value})`,SUM:e=>`COALESCE(SUM(${e.distinct===!0?"distinct ":""}${e.value}), 0)`,AVG:re,MAX:re,MIN:re,COUNT:re};var oe=e=>{let t=e.distinct===!0?"distinct ":"";return`${e.fn}(${t}${e.value})`},j={YEAR:e=>`YEAR(${e.value})`,MONTH:e=>`MONTH(${e.value})`,DAY:e=>`DAY(${e.value})`,SUM:e=>{let t=e.distinct===!0?"distinct ":"";return`coalesce(${e.fn}(${t}${e.value}), 0)`},AVG:oe,MAX:oe,MIN:oe,COUNT:oe};var ft=["SUM","COUNT","AVG","MAX","MIN"],Er=["YEAR","MONTH","DAY",...ft],Sr=Er.reduce((e,t)=>(e[t]=!0,e),{}),Rr=ft.reduce((e,t)=>(e[t]=!0,e),{}),ae=e=>Sr[e],yt=e=>Rr[e],Tt=(e,t)=>e.fn&&ae(e.fn)?(t==="postgres"?Y:j)[e.fn](e):e.value;var ne=e=>typeof e=="string",ht=e=>{let t="SELECT ";if(e.columns&&e.columns.length>0?t+=e.columns.join(", "):t+="*",e.table&&(t+=` FROM ${e.table}`),e.joins&&e.joins.length>0&&e.joins.forEach(r=>{t+=` ${r.type} JOIN ${r.table} ON ${r.on}`}),e.where&&(t+=` WHERE ${e.where}`),e.groupBy&&e.groupBy.length>0&&(t+=` GROUP BY ${e.groupBy.join(", ")}`),e.having&&(t+=` HAVING ${e.having}`),e.orderBy&&e.orderBy.length>0){let r=e.orderBy.reduce((a,n)=>(a[n.column]=n.direction,a),{}),o=Object.entries(r).map(([a,n])=>`${a} ${n}`);t+=` ORDER BY ${o.join(", ")}`}return e.limit!==void 0&&(t+=` LIMIT ${e.limit}`),e.offset!==void 0&&(t+=` OFFSET ${e.offset}`),t},G=(e,t)=>{let{column:r,operator:o,value:a,fn:n}=e,u=Tt({value:r,fn:n},t);switch(o){case"IS NULL":case"IS NOT NULL":return`${u} ${o}`;case"IN":case"NOT IN":let i=a?.map(f=>ne(f.value)?`'${f.value}'`:f.value).join(", ");return`${u} ${o} (${i})`;case"LIKE":return`${u} ${t==="postgres"?"ILIKE":"LIKE"} '%${a?.[0].value}%'`;case"NOT LIKE":return`${u} ${t==="postgres"?"NOT ILIKE":"NOT LIKE"} '%${a?.[0].value}%'`;default:let y=a?.[0],T;return ne(y?.value)&&y?.isColumn!==!0?T=`'${y?.value}'`:T=y?.value,`${u} ${o} ${T}`}};var se=class{constructor(t="mysql"){this.dialect=t,this.skeleton={type:"SELECT"}}addWhere(t){let r=G(t,this.dialect);if(t.isEnabled!==!1)if(this.skeleton.where){let o=t.connector||"AND";this.skeleton.where+=` ${o} ${r}`}else this.skeleton.where=r;return this}addWhereRaw(t,r="AND"){return this.skeleton.where?this.skeleton.where+=` ${r} ${t}`:this.skeleton.where=t,this}clearWhere(){return this.skeleton.where=void 0,this}addHaving(t){let r=G(t,this.dialect);if(t.isEnabled!==!1)if(this.skeleton.having){let o=t.connector||"AND";this.skeleton.having+=` ${o} ${r}`}else this.skeleton.having=r;return this}clearHaving(){return this.skeleton.having=void 0,this}addOrderBy(...t){return this.skeleton.orderBy||(this.skeleton.orderBy=[]),this.skeleton.orderBy.push(...t),this}clearOrderBy(){return this.skeleton.orderBy=void 0,this}setLimit(t){return this.skeleton.limit=t,this}setOffset(t){return this.skeleton.offset=t,this}addGroupBy(t){this.skeleton.groupBy||(this.skeleton.groupBy=[]);let r=this.skeleton.groupBy.findIndex(o=>o===t);return r>-1?this.skeleton.groupBy[r]=t:this.skeleton.groupBy.push(t),this}setTable(t){return this.skeleton.table=t,this}addJoin(...t){return this.skeleton.joins||(this.skeleton.joins=[]),this.skeleton.joins.push(...t),this}selectColumns(t){if(this.skeleton.type!=="SELECT")throw new Error("Column selection is only supported for SELECT queries");return this.skeleton.columns=t,this}toSQL(){return ht(this.skeleton)}};var wt=require("typeorm");var ie=async(e,t)=>{let{datasourceId:r,size:o,page:a,name:n}=t,{table:u,filters:i,joins:g,groupBy:l,searchAll:y,orderBy:T}=t.opts,f=Ar(t.opts.columns,t.opts.groupBy,t.opts.aggregations),w=await R.findOne({where:{id:r},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser"]}),Q=[u],V=[];if(!w)throw new s(404,"Data source not found");let Ht=await C.save(C.create({user:{id:e.user.id},team:{id:e.user.currentTeamId},dataSource:{id:r},name:n,opts:t.opts})),O=new se(w.dbType);O.setTable(u),O.setLimit(o||20),O.setOffset(o*a),i?.forEach(E=>{E.fn&&yt(E.fn)?O.addHaving(E):O.addWhere(E)}),g&&(O.addJoin(...g),g.forEach(E=>{Q.push(E.table)}));let Ne=Nr(f,T,w.dbType);Ne.length>0&&O.addOrderBy(...Ne),l&&l.length>0&&l.forEach(E=>O.addGroupBy(Cr(E,w.dbType)));let Wt=await D.find({where:{tableName:(0,wt.In)(Q),datasource:{id:r}}});for(let E of Wt)if(E.columns)for(let x of E.columns)V.push({column:x.name,table:E.tableName||"",full:`${E.tableName}.${x.name}`,type:x.type});let z;if(f&&f.length>0?z=f.map(E=>Ir(E,w.dbType)):z=V.map(E=>`${E.full} as "${E.full}"`),O.selectColumns(z),y){let E=V.filter(x=>ct.includes(x.type)&&z.some(ue=>ue.startsWith(x.full)));if(E.length>0){let x=E.map(ue=>`LOWER(${ue.full}) LIKE '%${y.toLowerCase()}%'`);O.addWhereRaw(`(${x.join(" OR ")})`,"AND")}}return{...await(await L(q(w,!0),w.dbType,e)).executeQuery(O.toSQL(),{type:"SELECT",allowBulkUpdate:!1}),queryHistoryId:Ht.id,tables:Q,allColumns:V}},Et=async(e,t)=>{let r=await R.findOne({where:{id:t.datasourceId},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser","allowUpdate"]});if(!r)throw new s(404,"Data source not found");if(!r.allowUpdate)throw new s(403,"This datasource does not allow update operations");let o=t.values.map(({value:i,column:g})=>typeof i=="string"?i&&i.startsWith("=")?`${g}=${i.substring(1)}`:`${g}='${i}'`:`${g}='${i}'`).join(", "),a=t.filters.map(i=>G(i,r.dbType)).join(" AND "),n=`UPDATE ${t.table} SET ${o} WHERE ${a}`;return(await L(q(r,!0),r.dbType,e)).executeQuery(n,{type:"UPDATE",allowBulkUpdate:!1})},St=async(e,t)=>{let r=await R.findOne({where:{id:t.datasourceId},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser","allowInsert"]});if(!r)throw new s(404,"Data source not found");if(!r.allowInsert)throw new s(403,"This datasource does not allow insert operations");let{keys:o,values:a}=br(t.values),n=`INSERT INTO ${t.table} (${o}) VALUES (${a})`;return(await L(q(r,!0),r.dbType,e)).executeQuery(n,{type:"INSERT",allowBulkUpdate:!1})},br=e=>{let t=e.map(({column:o})=>o).join(", "),r=e.map(({value:o})=>typeof o=="string"?o&&o.startsWith("=")?o.substring(1):`'${o}'`:o).join(", ");return{keys:t,values:r}},Ir=(e,t)=>{if(e.fn){if(ae(e.fn))return`${(t==="postgres"?Y:j)[e.fn](e)} as "${Se(e)}"`;throw new Error("Function not allowed: "+e.fn)}return`${e.value} as "${e.value}"`},Cr=(e,t)=>{if(e.fn){if(ae(e.fn))return(t==="postgres"?Y:j)[e.fn]({...e,value:gt(e.value,t)});throw new Error("Function not allowed: "+e.fn)}return gt(e.value,t)},be=(e,t)=>t==="postgres"?`"${e}"`:t==="mysql"?`\`${e}\``:e,gt=(e,t)=>{let[r,o]=e.split(".");return be(r,t)+"."+be(o,t)},Nr=(e,t,r)=>{if(e&&e.length>0){let o=e.reduce((a,n)=>(a.set(Se(n),{isFn:!!(n.fn||n.distinct)}),a),new Map);t=t.filter(a=>o.has(a.column)).map(a=>o.get(a.column)?.isFn?{...a,column:be(a.column,r)}:a)}return t},Ar=(e,t,r)=>{let o=[];return t.length>0||r.length>0?o.push(...t,...r):e.length>0&&o.push(...e),o};var Rt=e=>{},Or=["--",";","DROP","drop"],bt=e=>{if(ne(e.value)&&e.value.startsWith("=")){let t=e.value;Or.forEach(r=>{if(t.includes(r))throw new s(400,"Invalid input value for "+e.column)})}},It=e=>{if(!e.table)throw new s(400,"Table is required");e.values.forEach(bt)},Ct=e=>{if(!e.table)throw new s(400,"Table is required");e.values.forEach(bt)};var Nt=h(e=>{e.route({method:"post",url:"/select",handler:async t=>{let r=c(t,Rt);return{data:await ie(t,r)}}}),e.route({method:"post",url:"/insert",config:{requireRole:b("editor")},handler:async t=>{let r=c(t,It);return{data:await St(t,r)}}}),e.route({method:"post",url:"/update",config:{requireRole:b("editor")},handler:async t=>{let r=c(t,Ct);return{data:await Et(t,r)}}})});var At=h(e=>{e.get("/",{config:{isPublic:!0}},async()=>({data:{active:!0,version:d.str("SERVER_VERSION")}}))});var Ot=h(e=>{e.route({method:"get",url:"/:id/users",handler:async t=>{let{id:r}=p(t),o=await v.findOne({where:{id:r},relations:{users:{user:!0}}});if(!o)throw new s(404,"Team not found");return{data:o.users.map(a=>({role:a.role,id:a.user.id,name:a.user.username}))}}}),e.route({method:"post",url:"/",config:{requireRole:b("editor")},handler:async t=>S.transaction(async()=>{let r=t.user.id,o=c(t),a=I.create();a.id=r;let n=v.create(o);await v.save(n);let u=N.create({user:a,team:n});return await N.save(u),{data:n}})}),e.route({method:"patch",url:"/:id/user-role",config:{requireRole:b("admin")},handler:async t=>{let{id:r}=p(t),{role:o,userId:a}=c(t,({role:u})=>{if(u==="owner")throw new s(400,"Only one owner is allowed")});if((await N.findOneBy({user:{id:a},team:{id:r}}))?.role==="owner")throw new s(400,"Cannot change owner role");await N.update({user:{id:a},team:{id:r}},{role:o})}}),e.route({method:"delete",url:"/:id",config:{requireRole:b("admin")},handler:async t=>S.transaction(async()=>{let{id:r}=p(t),{userId:o}=B(t);if((await N.findOneBy({user:{id:o},team:{id:r}}))?.role==="owner")throw new s(400,"Cannot delete team owner");await I.update(o,{currentTeam:null}),await N.delete({user:{id:o},team:{id:r}}),await I.delete({id:o})})})});var Ie=P(require("bcryptjs")),K=async e=>{let t=await Ie.default.genSalt(10);return Ie.default.hash(e,t)};var Pt=h(e=>{e.route({method:"get",url:"/",handler:async t=>{let r=await I.findOne({where:{id:t.user.id},relations:{currentTeam:{team:!0}}});if(!r)throw new s(404,"User not found");return{data:{id:r.id,teamId:r.currentTeam?.team.id,teamName:r.currentTeam?.team.name,teamRole:r.currentTeam?.role,username:r.username}}}}),e.route({method:"patch",url:"/",handler:async t=>{let r=t.user.id,o=c(t);if(o.password&&(o.password=await K(o.password)),!(await I.update(r,o)).affected)throw new s(404,"User not found");let n=await I.findOne({where:{id:r},relations:{currentTeam:{team:!0}}});return{data:{id:n?.id,teamId:n?.currentTeam?.team.id,teamName:n?.currentTeam?.team.name,teamRole:n?.currentTeam?.role,username:n?.username}}}}),e.route({method:"post",url:"/",config:{requireRole:b("admin")},handler:async t=>S.transaction(async()=>{let r=c(t),o=await K(r.password),a=await I.save(I.create({username:r.username,password:o})),n=await N.save(N.create({role:"read_only",team:{id:r.teamId},user:{id:a.id}}));await I.update(a.id,{currentTeam:{id:n.id}})})})});var _t=h(e=>{e.route({method:"get",url:"/",handler:async t=>{let r=t.user.id,o=await F.findOneBy({user:{id:r}});return o||(o=await F.save(F.create({user:{id:r}}))),{data:o}}}),e.route({method:"patch",url:"/",handler:async t=>{let{settings:r}=c(t);if(!r.id)throw new s(400,"Settings id is required!");if(!(await F.update(r.id,r)).affected)throw new s(404,"You do not own these settings!");return{data:await F.findOneBy({id:r.id})}}})});var Dt=h(e=>{e.route({method:"post",url:"/",config:{requireRole:b("editor")},handler:async t=>{let r=c(t),o=await M.save(M.create({isPersonal:!0,team:{id:t.user.currentTeamId},user:{id:t.user.id},query:{id:r.queryId}}));return await C.update(r.queryId,{name:r.name}),{data:o}}}),e.route({method:"delete",url:"/:id",config:{requireRole:b("editor")},handler:async t=>{let{id:r}=p(t);if(!(await M.delete({id:r})).affected)return{status:404,data:"Query not found"}}})});var Ut=h(e=>{e.route({method:"get",url:"/",handler:async t=>{let{currentTeamId:r,id:o}=t.user;return{data:(await U.find({where:{team:{id:r},user:{id:o},archived:!1},select:["id","name"]})).map(n=>({name:n.name,id:n.id}))}}}),e.route({method:"get",url:"/:id",handler:async t=>{let{id:r}=p(t),{currentTeamId:o,id:a}=t.user,n=await U.findOne({where:{id:r,team:{id:o},user:{id:a}}});if(!n)throw new s(404,"Not Found");return{data:n}}}),e.route({method:"post",url:"/",handler:async t=>{let{opts:r,name:o,queryId:a}=c(t),n;if(r)n=r;else{let i=await C.findOne({where:{id:a},relations:{dataSource:!0}});if(!i)throw new s(404,"Query not Found");n={opts:i.opts,name:i.name,datasourceId:i.dataSource.id,page:0,size:50},o=i.name}return{data:await U.save(U.create({name:o,opts:n,user:{id:t.user.id},team:{id:t.user.currentTeamId}}))}}}),e.route({method:"post",url:"/:id/run",handler:async t=>{let{id:r}=p(t),o=c(t),a=await U.findOne({where:{id:r},relations:{user:!0}});if(!a)throw new s(404,"Not found");if(a.user?.id!==t.user.id)throw new s(404,"Not found");return o&&U.update(r,{opts:o}),{data:{result:await ie(t,o||a.opts)}}}}),e.route({method:"patch",url:"/:id",handler:async t=>{let{id:r}=p(t),o=c(t);if(!await U.findOne({where:{id:r,user:{id:t.user.id}}}))throw new s(404,"Not Found");return U.update(r,o)}})});var Ft=require("node:path");var Pr=e=>e.routeOptions.config.isPublic?!0:!e.url.startsWith("/api/"),xt=async e=>{if(Pr(e))return;let t=e.headers.authorization;if(!t)throw new s(401,"Missing auth token");let[r,o]=t.split(" ");try{let{userId:a}=await Ke(o),n=await I.findOne({where:{id:a},select:{id:!0,currentTeam:{role:!0,team:{id:!0}}},relations:{currentTeam:{team:!0}}});if(!n)throw new s(401,"User is not part of a team");e.user={id:a,currentTeamId:n.currentTeam.team.id,currentTeamRole:n.currentTeam.role}}catch{throw new s(401,"Unauthorized")}};var vt=(e,t)=>{e.__connections&&e.__connections.forEach(r=>{r.close()})};var Bt=P(require("@fastify/cookie"));var Ce={teamName:"Default Team",username:"admin",password:"admin"},_r=async()=>{let e=await v.findOneBy({});return e||v.save(v.create({name:Ce.teamName}))},Mt=async()=>{let e=await N.findOne({where:{role:"owner"},relations:{user:!0}});if(e)return e.user;let t=await _r(),r=await K(Ce.password),o=await I.save(I.create({username:Ce.username,password:r})),a=await N.save(N.create({user:o,team:t,role:"owner"}));return await I.update(o.id,{currentTeam:a}),o};var A=(0,Lt.default)({querystringParser:e=>Qt.default.parse(e)}),$t=d.num("PORT",4466),Dr=d.str("ALLOWED_ORIGINS","").split(",").map(e=>e.trim()),Ur="0.0.0.0",xr=[`http://localhost:${$t}`,...Dr];function _(e,t){A.register(e,{prefix:t}),console.log("Registered "+t)}(async function(){_e(),await A.register(Bt.default,{}),await A.register(qt.default,{origin:(t,r)=>{!t||xr.includes(t)?r(null,!0):r(new Error("Not allowed by CORS"),!1)},methods:["GET","POST","PUT","PATCH","DELETE","OPTIONS"],credentials:!0}),await A.register(kt.default,{root:(0,Ft.join)(__dirname,"web")}),A.get("/",(t,r)=>{r.sendFile("index.html")}),A.addHook("onRequest",xt),A.addHook("onRequest",mt),A.addHook("onResponse",vt),_(Xe,"/api/auth"),_(lt,"/api/data-sources"),_(dt,"/api/project"),_(pt,"/api/queries"),_(Nt,"/api/runner"),_(At,"/api/status"),_(Ot,"/api/teams"),_(Pt,"/api/users"),_(_t,"/api/user-settings"),_(Dt,"/api/saved-queries"),_(Ut,"/api/workbench-tabs"),A.setNotFoundHandler((t,r)=>{if(t.raw.url?.startsWith("/api/")){r.code(404).send({error:"API route not found"});return}r.sendFile("index.html")}),A.setErrorHandler((t,r,o)=>{if(console.error(t),t instanceof s){o.status(t.status).send({error:t.message});return}else o.status(500).send({error:"Internal Server Error"})}),await A.after(),await He(),await Mt(),A.listen({port:$t,host:Ur},(t,r)=>{t&&(console.error(t),process.exit(1)),console.log(`Server listening at ${r}`)})})();
|
|
57
|
+
limit 25;`;return(await t.query(r)).rows.reduce((a,n)=>(a[n.row_key]={table:n.relname,column:n.attname},a),{})},ot=async(e,t,r)=>{try{console.log(`[PG CONN] Query: ${e}`);let{rows:o,fields:a,command:n,rowCount:i}=await t.query({text:e,rowMode:"array"});if(n==="UPDATE"||n==="INSERT"||n==="DELETE"){if(i!=null&&i>1&&r.allowBulkUpdate!==!0)throw new Error("[PG CONN] Bulk update performed without permission.");return{columns:[{column:"affectedRows",alias:"Affected rows",full:"affectedRows"}],rows:[[i]],query:e}}if(n==="SELECT"){let u=a.map(d=>`'${d.tableID}-${d.columnID}'`),c=await fr(u,t);return{columns:a.map(d=>{let T=c[`${d.tableID}-${d.columnID}`];return{column:T?.column||d.name,alias:d.name,table:T?.table||"",full:T?T.table+"."+T.column:d.name}}),rows:o,query:e}}throw new Error(`[PG CONN] Unsupported command: ${n}`)}catch(o){throw o instanceof s?o:new s(400,o.message)}},yr=async(e,t)=>{await e.query("BEGIN");try{let r=await t();return await e.query("COMMIT"),console.log("[PG CONN] Commit"),r}catch(r){throw await e.query("ROLLBACK"),console.log("[PG CONN] Rollback"),r}},Tr=async(e,t)=>{await e.query("BEGIN READ ONLY");try{let r=await t();return console.log("[PG CONN] Read only rollback"),await e.query("ROLLBACK"),r}catch(r){throw console.log("[PG CONN] Rollback"),await e.query("ROLLBACK"),r}},nt=async e=>{let t=await mr(e),r=!1,o=!1,a=async n=>(o||await t.query(`SET search_path TO ${e.schema}`),n());return{dbType:"postgres",dataSource:e,inspectSchema:()=>pr(e,t),executeQuery:(n,i)=>a(()=>i.type==="SELECT"?Tr(t,()=>ot(n,t,i)):yr(t,()=>ot(n,t,i))),checkConnection:async()=>{},isClosed:()=>r,close:async()=>{if(!r)return r=!0,t.end()}}};var L=async(e,t,r)=>{try{let o;if(t==="mysql")o=await rt(e);else if(t==="postgres")o=await nt(e);else throw new s(500,`Connection manager for ${t} not found`);return r.__connections?r.__connections.push(o):r.__connections=[o],o}catch(o){throw console.error(o),o instanceof s?o:o?.code==="ECONNREFUSED"?new s(500,"Failed to connect to the database"):new s(500,o.message)}};var ee=P(require("node:crypto"));var st="aes-256-gcm",hr=12,it=()=>{let e=p.str("SYMM_ENCRYPTION_KEY");if(!e)throw new Error("Missing ENCRYPTION_KEY in environment variables.");let t=Buffer.from(e,"hex");if(t.length!==32)throw new Error("ENCRYPTION_KEY must be a 64-character hex string (256 bits).");return t},gr=e=>{let t=ee.default.randomBytes(hr),r=it(),o=ee.default.createCipheriv(st,r,t),a=o.update(e,"utf8","hex");a+=o.final("hex");let n=o.getAuthTag();return{encrypted:a,iv:t.toString("hex"),tag:n.toString("hex")}},wr=({encrypted:e,iv:t,tag:r})=>{let o=it(),a=ee.default.createDecipheriv(st,o,Buffer.from(t,"hex"));a.setAuthTag(Buffer.from(r,"hex"));let n=a.update(e,"hex","utf8");return n+=a.final("utf8"),n},te={encrypt:gr,decrypt:wr};var k=(e,t=!1)=>{if(t){let r=te.decrypt({encrypted:e.dbPassword,tag:e.dbPasswordTag,iv:e.dbPasswordIv});return{url:e.dbUrl,user:e.dbUser,database:e.dbDatabase,password:r,port:e.dbPort,schema:e.dbSchema}}return{url:e.dbUrl,user:e.dbUser,database:e.dbDatabase,password:e.dbPassword,port:e.dbPort,schema:e.dbSchema}};var ut=[{value:"=",label:"equals"},{value:"<>",label:"not equal"},{value:">",label:"greater than"},{value:">=",label:"greater than or equal"},{value:"<",label:"less than"},{value:"<=",label:"less than or equal"},{value:"LIKE",label:"contains"},{value:"NOT LIKE",label:"not contains"},{value:"IN",label:"in list"},{value:"NOT IN",label:"not in list"},{value:"IS NULL",label:"is null"},{value:"IS NOT NULL",label:"is not null"}],Er=ut.reduce((e,t)=>(e[t.value]=t.label,e),{}),oa=ut.reduce((e,t)=>(e[t.label]=t.value,e),{}),$=e=>e.map(t=>({label:Er[t],value:t})),aa=$(["=","<>",">",">=","<","<=","IN","NOT IN","IS NULL","IS NOT NULL"]),na=$(["=","<>","LIKE","NOT LIKE","IN","NOT IN","IS NULL","IS NOT NULL"]),sa=$(["=","<>","IS NULL","IS NOT NULL"]),ia=$(["=","<>",">",">=","<","<=","IS NULL","IS NOT NULL"]),ua=$(["IS NULL","IS NOT NULL"]),ca=$(["IN","NOT IN"]);var ct=["char","varchar","binary","varbinary","blob","text","enum","set","character","character varying","text","citext","uuid","xml","json","jsonb"];var ma=["date","datetime","timestamp","timestamptz"].reduce((e,t)=>(e[t]=!0,e),{});var be=e=>e.fn?e.distinct===!0?`${e.fn} distinct ${e.value}`:`${e.fn} ${e.value}`:e.value;var Se={read_only:10,editor:20,admin:30,owner:40};var R=e=>{let t=Se[e];return r=>Se[r.currentTeamRole]>=t},mt=async e=>{let t=e.routeOptions.config.requireRole;if(t&&!t(e.user))throw new s(403,"You are not authorized to perform this action")};var lt=g(e=>{e.route({method:"get",url:"/:id",handler:async t=>{let{id:r}=f(t),o=await S.findOne({where:{id:r}});if(!o)throw new s(404,"Data source not found");return{data:o}}}),e.route({method:"get",url:"/",handler:async t=>{let{teamId:r}=F(t);return{data:await S.find({where:{team:{id:r}},order:{createdAt:"DESC"}})}}}),e.route({url:"/",method:"post",config:{requireRole:R("admin")},handler:async t=>{let{teamId:r,ownerId:o,...a}=m(t,Ze),n=S.create({...a,allowUpdate:!!a.allowUpdate,allowInsert:!!a.allowInsert,team:{id:r},owner:{id:o}}),i=await L(k(n),n.dbType,t);try{await i.checkConnection()}catch{throw new s(400,"Cannot connect to the database, please check datasource configuration")}let{tag:u,iv:c,encrypted:d}=te.encrypt(n.dbPassword);return n.dbPassword=d,n.dbPasswordIv=c,n.dbPasswordTag=u,{data:await S.save(n)}}}),e.route({method:"put",url:"/:id",config:{requireRole:R("admin")},handler:async t=>{let{id:r}=f(t),o=m(t),a=await S.findOneBy({id:r});if(!a)throw new s(404,"Data source not found");let n=S.merge(a,o);return await S.save(n),{data:n}}}),e.route({method:"delete",url:"/:id",config:{requireRole:R("admin")},handler:async(t,r)=>b.transaction(async()=>{let{id:o}=f(t);await Promise.all([D.delete({datasource:{id:o}}),C.delete({dataSource:{id:o}})]),await S.delete({id:o})})}),e.route({method:"post",url:"/:id/inspect",handler:async(t,r)=>{let{id:o}=f(t),a=await S.findOne({where:{id:o},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser"]});if(!a)throw new Error("Data source not found");a.status="INSPECTING",await S.save(a);let i=await(await L(k(a,!0),a.dbType,t)).inspectSchema();await D.delete({datasource:{id:o}}),await D.insert(i.sort().map(u=>D.create({tableName:u.tableName,columns:u.columns,datasource:{id:o}}))),a.status="READY",a.lastInspected=new Date,await S.save(a)}}),e.route({method:"get",url:"/:id/inspections",handler:async t=>{let{id:r}=f(t);return{data:await D.find({where:{datasource:{id:r}}})}}})});var H=require("typeorm"),dt=g(e=>{e.route({method:"get",url:"/team/:teamId/datasources",handler:async(t,r)=>{let{teamId:o}=f(t);return{data:await S.find({where:{team:{id:o}},order:{name:"ASC"},select:{id:!0,name:!0,updatedAt:!0,dbType:!0,description:!0,allowInsert:!0,allowUpdate:!0}})}}}),e.route({method:"get",url:"/team/:teamId/queries",handler:async(t,r)=>{let a=f(t).teamId||t.user.currentTeamId;return{data:(await M.find({where:[{isPersonal:!1,team:{id:a}},{isPersonal:!0,team:{id:a},user:{id:t.user.id}}],relations:{query:!0},select:{id:!0,query:{id:!0,name:!0,updatedAt:!0}}})).map(u=>({name:u.query.name,id:u.query.id,updatedAt:u.query.updatedAt,savedQueryId:u.id}))}}}),e.route({method:"get",url:"/team/:teamId/query",handler:async t=>{let{teamId:r}=f(t),{search:o,size:a,selectedDataSources:n}=F(t),i=(parseInt(a)||20)/2,u={};n?.length&&(u.id=(0,H.In)(n));let[c,d]=await Promise.all([D.find({where:{tableName:(0,H.Like)(`%${o}%`),datasource:u},relations:{datasource:!0},select:{id:!0,tableName:!0,datasource:{name:!0,id:!0}},order:{tableName:"ASC"},take:i}),M.find({where:[{query:{dataSource:u,name:(0,H.Like)(`%${o}%`)},team:{id:r},isPersonal:!1},{query:{dataSource:u,name:(0,H.Like)(`%${o}%`)},team:{id:r},isPersonal:!0,user:{id:t.user.id}}],relations:{query:{dataSource:!0}},select:{id:!0,query:{id:!0,name:!0,dataSource:{name:!0}}},order:{query:{name:"ASC"}},take:i})]),T=[];return c.forEach(h=>{T.push({name:h.tableName,id:h.id,dataSourceName:h.datasource?.name||"--",dataSourceId:h.datasource?.id||"--",type:"table"})}),d.forEach(h=>{T.push({name:h.query.name,id:h.id,dataSourceName:h.query.dataSource?.name||"--",dataSourceId:h.query.dataSource?.id||"--",type:"query"})}),{data:T}}})});var pt=g(e=>{e.route({method:"get",url:"/:id",handler:async t=>{let{id:r}=f(t),o=await C.findOne({where:{id:r},select:{dataSource:{id:!0}},relations:{dataSource:!0}});return o?{data:o}:{status:404,data:"Query not found"}}}),e.route({method:"post",url:"/",config:{requireRole:R("editor")},handler:async t=>{let r=m(t),o=await S.findOne({where:{id:r.dataSourceId},relations:{team:!0}});return{data:await C.save(C.create({name:r.name,opts:r.opts,team:{id:o?.team.id},dataSource:{id:r.dataSourceId},user:{id:t.user.id}}))}}}),e.route({method:"patch",url:"/:id",config:{requireRole:R("editor")},handler:async t=>{let{id:r}=f(t),o=m(t);if(!(await C.update(r,o)).affected)throw new s(404,"Query not found");return{data:await C.findOneBy({id:r})}}}),e.route({method:"delete",url:"/:id",config:{requireRole:R("editor")},handler:async t=>b.transaction(async()=>{let{id:r}=f(t);if(!(await C.delete({id:r})).affected)return{status:404,data:"Query not found"}})})});var re=e=>{let t=e.distinct===!0?"distinct ":"";return`${e.fn}(${t}${e.value})`},Y={YEAR:e=>`EXTRACT(YEAR FROM ${e.value})`,MONTH:e=>`EXTRACT(MONTH FROM ${e.value})`,DAY:e=>`EXTRACT(DAY FROM ${e.value})`,SUM:e=>`COALESCE(SUM(${e.distinct===!0?"distinct ":""}${e.value}), 0)`,AVG:re,MAX:re,MIN:re,COUNT:re};var oe=e=>{let t=e.distinct===!0?"distinct ":"";return`${e.fn}(${t}${e.value})`},j={YEAR:e=>`YEAR(${e.value})`,MONTH:e=>`MONTH(${e.value})`,DAY:e=>`DAY(${e.value})`,SUM:e=>{let t=e.distinct===!0?"distinct ":"";return`coalesce(${e.fn}(${t}${e.value}), 0)`},AVG:oe,MAX:oe,MIN:oe,COUNT:oe};var ft=["SUM","COUNT","AVG","MAX","MIN"],br=["YEAR","MONTH","DAY",...ft],Sr=br.reduce((e,t)=>(e[t]=!0,e),{}),Rr=ft.reduce((e,t)=>(e[t]=!0,e),{}),ae=e=>Sr[e],yt=e=>Rr[e],Tt=(e,t)=>e.fn&&ae(e.fn)?(t==="postgres"?Y:j)[e.fn](e):e.value;var ne=e=>typeof e=="string",ht=e=>{let t="SELECT ";if(e.columns&&e.columns.length>0?t+=e.columns.join(", "):t+="*",e.table&&(t+=` FROM ${e.table}`),e.joins&&e.joins.length>0&&e.joins.forEach(r=>{t+=` ${r.type} JOIN ${r.table} ON ${r.on}`}),e.where&&(t+=` WHERE ${e.where}`),e.groupBy&&e.groupBy.length>0&&(t+=` GROUP BY ${e.groupBy.join(", ")}`),e.having&&(t+=` HAVING ${e.having}`),e.orderBy&&e.orderBy.length>0){let r=e.orderBy.reduce((a,n)=>(a[n.column]=n.direction,a),{}),o=Object.entries(r).map(([a,n])=>`${a} ${n}`);t+=` ORDER BY ${o.join(", ")}`}return e.limit!==void 0&&(t+=` LIMIT ${e.limit}`),e.offset!==void 0&&(t+=` OFFSET ${e.offset}`),t},G=(e,t)=>{let{column:r,operator:o,value:a,fn:n}=e,i=Tt({value:r,fn:n},t);switch(o){case"IS NULL":case"IS NOT NULL":return`${i} ${o}`;case"IN":case"NOT IN":let u=a?.map(y=>ne(y.value)?`'${y.value}'`:y.value).join(", ");return`${i} ${o} (${u})`;case"LIKE":return`${i} ${t==="postgres"?"ILIKE":"LIKE"} '%${a?.[0].value}%'`;case"NOT LIKE":return`${i} ${t==="postgres"?"NOT ILIKE":"NOT LIKE"} '%${a?.[0].value}%'`;default:let T=a?.[0],h;return ne(T?.value)&&T?.isColumn!==!0?h=`'${T?.value}'`:h=T?.value,`${i} ${o} ${h}`}};var se=class{constructor(t="mysql"){this.dialect=t,this.skeleton={type:"SELECT"}}addWhere(t){let r=G(t,this.dialect);if(t.isEnabled!==!1)if(this.skeleton.where){let o=t.connector||"AND";this.skeleton.where+=` ${o} ${r}`}else this.skeleton.where=r;return this}addWhereRaw(t,r="AND"){return this.skeleton.where?this.skeleton.where+=` ${r} ${t}`:this.skeleton.where=t,this}clearWhere(){return this.skeleton.where=void 0,this}addHaving(t){let r=G(t,this.dialect);if(t.isEnabled!==!1)if(this.skeleton.having){let o=t.connector||"AND";this.skeleton.having+=` ${o} ${r}`}else this.skeleton.having=r;return this}clearHaving(){return this.skeleton.having=void 0,this}addOrderBy(...t){return this.skeleton.orderBy||(this.skeleton.orderBy=[]),this.skeleton.orderBy.push(...t),this}clearOrderBy(){return this.skeleton.orderBy=void 0,this}setLimit(t){return this.skeleton.limit=t,this}setOffset(t){return this.skeleton.offset=t,this}addGroupBy(t){this.skeleton.groupBy||(this.skeleton.groupBy=[]);let r=this.skeleton.groupBy.findIndex(o=>o===t);return r>-1?this.skeleton.groupBy[r]=t:this.skeleton.groupBy.push(t),this}setTable(t){return this.skeleton.table=t,this}addJoin(...t){return this.skeleton.joins||(this.skeleton.joins=[]),this.skeleton.joins.push(...t),this}selectColumns(t){if(this.skeleton.type!=="SELECT")throw new Error("Column selection is only supported for SELECT queries");return this.skeleton.columns=t,this}toSQL(){return ht(this.skeleton)}};var wt=require("typeorm");var ie=async(e,t)=>{let{datasourceId:r,size:o,page:a,name:n}=t,{table:i,filters:u,joins:c,groupBy:d,searchAll:T,orderBy:h}=t.opts,y=Or(t.opts.columns,t.opts.groupBy,t.opts.aggregations),w=await S.findOne({where:{id:r},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser"]}),Q=[i],V=[];if(!w)throw new s(404,"Data source not found");let Wt=await C.save(C.create({user:{id:e.user.id},team:{id:e.user.currentTeamId},dataSource:{id:r},name:n,opts:t.opts})),O=new se(w.dbType);O.setTable(i),O.setLimit(o||20),O.setOffset(o*a),u?.forEach(E=>{E.fn&&yt(E.fn)?O.addHaving(E):O.addWhere(E)}),c&&(O.addJoin(...c),c.forEach(E=>{Q.push(E.table)}));let Ne=Ar(y,h,w.dbType);Ne.length>0&&O.addOrderBy(...Ne),d&&d.length>0&&d.forEach(E=>O.addGroupBy(Nr(E,w.dbType)));let Yt=await D.find({where:{tableName:(0,wt.In)(Q),datasource:{id:r}}});for(let E of Yt)if(E.columns)for(let v of E.columns)V.push({column:v.name,table:E.tableName||"",full:`${E.tableName}.${v.name}`,type:v.type});let z;if(y&&y.length>0?z=y.map(E=>Cr(E,w.dbType)):z=V.map(E=>`${E.full} as "${E.full}"`),O.selectColumns(z),T){let E=V.filter(v=>ct.includes(v.type)&&z.some(ue=>ue.startsWith(v.full)));if(E.length>0){let v=E.map(ue=>`LOWER(${ue.full}) LIKE '%${T.toLowerCase()}%'`);O.addWhereRaw(`(${v.join(" OR ")})`,"AND")}}return{...await(await L(k(w,!0),w.dbType,e)).executeQuery(O.toSQL(),{type:"SELECT",allowBulkUpdate:!1}),queryHistoryId:Wt.id,tables:Q,allColumns:V}},Et=async(e,t)=>{let r=await S.findOne({where:{id:t.datasourceId},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser","allowUpdate"]});if(!r)throw new s(404,"Data source not found");if(!r.allowUpdate)throw new s(403,"This datasource does not allow update operations");let o=t.values.map(({value:u,column:c})=>typeof u=="string"?u&&u.startsWith("=")?`${c}=${u.substring(1)}`:`${c}='${u}'`:`${c}='${u}'`).join(", "),a=t.filters.map(u=>G(u,r.dbType)).join(" AND "),n=`UPDATE ${t.table} SET ${o} WHERE ${a}`;return(await L(k(r,!0),r.dbType,e)).executeQuery(n,{type:"UPDATE",allowBulkUpdate:!1})},bt=async(e,t)=>{let r=await S.findOne({where:{id:t.datasourceId},select:["id","dbType","dbDatabase","dbPassword","dbPasswordTag","dbPasswordIv","dbPort","dbUrl","dbSchema","dbUser","allowInsert"]});if(!r)throw new s(404,"Data source not found");if(!r.allowInsert)throw new s(403,"This datasource does not allow insert operations");let{keys:o,values:a}=Ir(t.values),n=`INSERT INTO ${t.table} (${o}) VALUES (${a})`;return(await L(k(r,!0),r.dbType,e)).executeQuery(n,{type:"INSERT",allowBulkUpdate:!1})},Ir=e=>{let t=e.map(({column:o})=>o).join(", "),r=e.map(({value:o})=>typeof o=="string"?o&&o.startsWith("=")?o.substring(1):`'${o}'`:o).join(", ");return{keys:t,values:r}},Cr=(e,t)=>{if(e.fn){if(ae(e.fn))return`${(t==="postgres"?Y:j)[e.fn](e)} as "${be(e)}"`;throw new Error("Function not allowed: "+e.fn)}return`${e.value} as "${e.value}"`},Nr=(e,t)=>{if(e.fn){if(ae(e.fn))return(t==="postgres"?Y:j)[e.fn]({...e,value:gt(e.value,t)});throw new Error("Function not allowed: "+e.fn)}return gt(e.value,t)},Re=(e,t)=>t==="postgres"?`"${e}"`:t==="mysql"?`\`${e}\``:e,gt=(e,t)=>{let[r,o]=e.split(".");return Re(r,t)+"."+Re(o,t)},Ar=(e,t,r)=>{if(e&&e.length>0){let o=e.reduce((a,n)=>(a.set(be(n),{isFn:!!(n.fn||n.distinct)}),a),new Map);t=t.filter(a=>o.has(a.column)).map(a=>o.get(a.column)?.isFn?{...a,column:Re(a.column,r)}:a)}return t},Or=(e,t,r)=>{let o=[];return t.length>0||r.length>0?o.push(...t,...r):e.length>0&&o.push(...e),o};var St=e=>{},Pr=["--",";","DROP","drop"],Rt=e=>{if(ne(e.value)&&e.value.startsWith("=")){let t=e.value;Pr.forEach(r=>{if(t.includes(r))throw new s(400,"Invalid input value for "+e.column)})}},It=e=>{if(!e.table)throw new s(400,"Table is required");e.values.forEach(Rt)},Ct=e=>{if(!e.table)throw new s(400,"Table is required");e.values.forEach(Rt)};var Nt=g(e=>{e.route({method:"post",url:"/select",handler:async t=>{let r=m(t,St);return{data:await ie(t,r)}}}),e.route({method:"post",url:"/insert",config:{requireRole:R("editor")},handler:async t=>{let r=m(t,It);return{data:await bt(t,r)}}}),e.route({method:"post",url:"/update",config:{requireRole:R("editor")},handler:async t=>{let r=m(t,Ct);return{data:await Et(t,r)}}})});var At=g(e=>{e.get("/",{config:{isPublic:!0}},async()=>({data:{active:!0,version:p.str("SERVER_VERSION")}}))});var Ot=g(e=>{e.route({method:"get",url:"/:id/users",handler:async t=>{let{id:r}=f(t),o=await x.findOne({where:{id:r},relations:{users:{user:!0}}});if(!o)throw new s(404,"Team not found");return{data:o.users.map(a=>({role:a.role,id:a.user.id,name:a.user.username}))}}}),e.route({method:"post",url:"/",config:{requireRole:R("editor")},handler:async t=>b.transaction(async()=>{let r=t.user.id,o=m(t),a=I.create();a.id=r;let n=x.create(o);await x.save(n);let i=N.create({user:a,team:n});return await N.save(i),{data:n}})}),e.route({method:"patch",url:"/:id/user-role",config:{requireRole:R("admin")},handler:async t=>{let{id:r}=f(t),{role:o,userId:a}=m(t,({role:i})=>{if(i==="owner")throw new s(400,"Only one owner is allowed")});if((await N.findOneBy({user:{id:a},team:{id:r}}))?.role==="owner")throw new s(400,"Cannot change owner role");await N.update({user:{id:a},team:{id:r}},{role:o})}}),e.route({method:"delete",url:"/:id",config:{requireRole:R("admin")},handler:async t=>b.transaction(async()=>{let{id:r}=f(t),{userId:o}=F(t);if((await N.findOneBy({user:{id:o},team:{id:r}}))?.role==="owner")throw new s(400,"Cannot delete team owner");await I.update(o,{currentTeam:null}),await N.delete({user:{id:o},team:{id:r}}),await I.delete({id:o})})})});var Ie=P(require("bcryptjs")),K=async e=>{let t=await Ie.default.genSalt(10);return Ie.default.hash(e,t)};var Pt=g(e=>{e.route({method:"get",url:"/",handler:async t=>{let r=await I.findOne({where:{id:t.user.id},relations:{currentTeam:{team:!0}}});if(!r)throw new s(404,"User not found");return{data:{id:r.id,teamId:r.currentTeam?.team.id,teamName:r.currentTeam?.team.name,teamRole:r.currentTeam?.role,username:r.username}}}}),e.route({method:"patch",url:"/",handler:async t=>{let r=t.user.id,o=m(t);if(o.password&&(o.password=await K(o.password)),!(await I.update(r,o)).affected)throw new s(404,"User not found");let n=await I.findOne({where:{id:r},relations:{currentTeam:{team:!0}}});return{data:{id:n?.id,teamId:n?.currentTeam?.team.id,teamName:n?.currentTeam?.team.name,teamRole:n?.currentTeam?.role,username:n?.username}}}}),e.route({method:"post",url:"/",config:{requireRole:R("admin")},handler:async t=>b.transaction(async()=>{let r=m(t),o=await K(r.password),a=await I.save(I.create({username:r.username,password:o})),n=await N.save(N.create({role:"read_only",team:{id:r.teamId},user:{id:a.id}}));await I.update(a.id,{currentTeam:{id:n.id}})})})});var _t=g(e=>{e.route({method:"get",url:"/",handler:async t=>{let r=t.user.id,o=await B.findOneBy({user:{id:r}});return o||(o=await B.save(B.create({user:{id:r}}))),{data:o}}}),e.route({method:"patch",url:"/",handler:async t=>{let{settings:r}=m(t);if(!r.id)throw new s(400,"Settings id is required!");if(!(await B.update(r.id,r)).affected)throw new s(404,"You do not own these settings!");return{data:await B.findOneBy({id:r.id})}}})});var Dt=g(e=>{e.route({method:"post",url:"/",config:{requireRole:R("editor")},handler:async t=>{let r=m(t),o=await M.save(M.create({isPersonal:!0,team:{id:t.user.currentTeamId},user:{id:t.user.id},query:{id:r.queryId}}));return await C.update(r.queryId,{name:r.name}),{data:o}}}),e.route({method:"delete",url:"/:id",config:{requireRole:R("editor")},handler:async t=>{let{id:r}=f(t);if(!(await M.delete({id:r})).affected)return{status:404,data:"Query not found"}}})});var Ut=e=>{if(!e.queryId&&!(e.opts&&e.name))throw new s(400,"Either queryId or name and opts are required")};var vt=g(e=>{e.route({method:"get",url:"/",handler:async t=>{let{currentTeamId:r,id:o}=t.user;return{data:(await U.find({where:{team:{id:r},user:{id:o},archived:!1},select:["id","name"]})).map(n=>({name:n.name,id:n.id}))}}}),e.route({method:"get",url:"/:id",handler:async t=>{let{id:r}=f(t),{currentTeamId:o,id:a}=t.user,n=await U.findOne({where:{id:r,team:{id:o},user:{id:a}}});if(!n)throw new s(404,"Not Found");return{data:n}}}),e.route({method:"post",url:"/",handler:async t=>{let{opts:r,name:o,queryId:a}=m(t),n,i=o;if(r)n=r;else{let c=await C.findOne({where:{id:a},relations:{dataSource:!0}});if(!c)throw new s(404,"Query not Found");n={table:c.opts.table,filters:c.opts.filters,joins:c.opts.joins,orderBy:c.opts.orderBy,columns:c.opts.columns,groupBy:c.opts.groupBy,searchAll:c.opts.searchAll,aggregations:c.opts.aggregations,dataSourceId:c.dataSource.id,page:0,size:50},o||(i=c.name)}return{data:await U.save(U.create({name:i||new Date().toISOString(),opts:n,user:{id:t.user.id},team:{id:t.user.currentTeamId}}))}}}),e.route({method:"post",url:"/:id/run",handler:async t=>{let{id:r}=f(t),o=m(t),a=await U.findOne({where:{id:r},relations:{user:!0}});if(!a)throw new s(404,"Not found");if(a.user?.id!==t.user.id)throw new s(404,"Not found");return o&&U.update(r,{opts:o}),{data:{result:await ie(t,{datasourceId:o.dataSourceId,size:o.size,name:a.name,page:o.page,opts:{table:o.table,filters:o.filters,joins:o.joins,orderBy:o.orderBy,columns:o.columns,groupBy:o.groupBy,searchAll:o.searchAll,aggregations:o.aggregations}})}}}}),e.route({method:"patch",url:"/:id",handler:async t=>{let{id:r}=f(t),o=m(t,Ut);if(!await U.findOne({where:{id:r,user:{id:t.user.id}}}))throw new s(404,"Not Found");return U.update(r,o)}})});var Ft=require("node:path");var _r=e=>e.routeOptions.config.isPublic?!0:!e.url.startsWith("/api/"),xt=async e=>{if(_r(e))return;let t=e.headers.authorization;if(!t)throw new s(401,"Missing auth token");let[r,o]=t.split(" ");try{let{userId:a}=await Ke(o),n=await I.findOne({where:{id:a},select:{id:!0,currentTeam:{role:!0,team:{id:!0}}},relations:{currentTeam:{team:!0}}});if(!n)throw new s(401,"User is not part of a team");e.user={id:a,currentTeamId:n.currentTeam.team.id,currentTeamRole:n.currentTeam.role}}catch{throw new s(401,"Unauthorized")}};var Mt=(e,t)=>{e.__connections&&e.__connections.forEach(r=>{r.close()})};var $t=P(require("@fastify/cookie"));var Ce={teamName:"Default Team",username:"admin",password:"admin"},Dr=async()=>{let e=await x.findOneBy({});return e||x.save(x.create({name:Ce.teamName}))},Lt=async()=>{let e=await N.findOne({where:{role:"owner"},relations:{user:!0}});if(e)return e.user;let t=await Dr(),r=await K(Ce.password),o=await I.save(I.create({username:Ce.username,password:r})),a=await N.save(N.create({user:o,team:t,role:"owner"}));return await I.update(o.id,{currentTeam:a}),o};var A=(0,kt.default)({querystringParser:e=>Bt.default.parse(e)}),Ht=p.num("PORT",4466),Ur=p.str("ALLOWED_ORIGINS","").split(",").map(e=>e.trim()),vr="0.0.0.0",xr=[`http://localhost:${Ht}`,...Ur];function _(e,t){A.register(e,{prefix:t}),console.log("Registered "+t)}(async function(){_e(),await A.register($t.default,{}),await A.register(qt.default,{origin:(t,r)=>{!t||xr.includes(t)?r(null,!0):r(new Error("Not allowed by CORS"),!1)},methods:["GET","POST","PUT","PATCH","DELETE","OPTIONS"],credentials:!0}),await A.register(Qt.default,{root:(0,Ft.join)(__dirname,"web")}),A.get("/",(t,r)=>{r.sendFile("index.html")}),A.addHook("onRequest",xt),A.addHook("onRequest",mt),A.addHook("onResponse",Mt),_(Xe,"/api/auth"),_(lt,"/api/data-sources"),_(dt,"/api/project"),_(pt,"/api/queries"),_(Nt,"/api/runner"),_(At,"/api/status"),_(Ot,"/api/teams"),_(Pt,"/api/users"),_(_t,"/api/user-settings"),_(Dt,"/api/saved-queries"),_(vt,"/api/workbench-tabs"),A.setNotFoundHandler((t,r)=>{if(t.raw.url?.startsWith("/api/")){r.code(404).send({error:"API route not found"});return}r.sendFile("index.html")}),A.setErrorHandler((t,r,o)=>{if(console.error(t),t instanceof s){o.status(t.status).send({error:t.message});return}else o.status(500).send({error:"Internal Server Error"})}),await A.after(),await He(),await Lt(),A.listen({port:Ht,host:vr},(t,r)=>{t&&(console.error(t),process.exit(1)),console.log(`Server listening at ${r}`)})})();
|