@huloglobal/vendure-plugin-geo-block 0.1.0 → 0.2.0

package/dist/geo-block-event.entity.d.ts

@@ -0,0 +1,22 @@
+import { DeepPartial, VendureEntity } from '@vendure/core';
+/**
+ * One row per block decision — written every time the
+ * `/geo-block/check` (or the storefront's call to `/site-config` followed
+ * by a server-side enforcement) decides to refuse a visitor.
+ *
+ * Cheap to keep around because the admin's stats endpoint aggregates on
+ * top of it; older rows can be pruned with `GeoBlockController.gc()`.
+ */
+export declare class GeoBlockEvent extends VendureEntity {
+    constructor(input?: DeepPartial<GeoBlockEvent>);
+    channelId: number;
+    country: string;
+    region: string;
+    ip: string;
+    userAgent: string;
+    url: string;
+    decision: 'block' | 'soft-block' | 'allow';
+    /** Which rule rejected (or allowed) the request. */
+    reason: 'denylist' | 'country-not-allowed' | 'uk-region-not-allowed' | 'ip-allowlist' | 'maintenance' | 'ok' | string;
+}
+//# sourceMappingURL=geo-block-event.entity.d.ts.map

package/dist/geo-block-event.entity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"geo-block-event.entity.d.ts","sourceRoot":"","sources":["../src/geo-block-event.entity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAG3D;;;;;;;GAOG;AACH,qBACa,aAAc,SAAQ,aAAa;gBAChC,KAAK,CAAC,EAAE,WAAW,CAAC,aAAa,CAAC;IAM9C,SAAS,EAAG,MAAM,CAAC;IAInB,OAAO,EAAG,MAAM,CAAC;IAGjB,MAAM,EAAG,MAAM,CAAC;IAGhB,EAAE,EAAG,MAAM,CAAC;IAGZ,SAAS,EAAG,MAAM,CAAC;IAGnB,GAAG,EAAG,MAAM,CAAC;IAIb,QAAQ,EAAG,OAAO,GAAG,YAAY,GAAG,OAAO,CAAC;IAE5C,oDAAoD;IAEpD,MAAM,EAAG,UAAU,GAAG,qBAAqB,GAAG,uBAAuB,GAAG,cAAc,GAAG,aAAa,GAAG,IAAI,GAAG,MAAM,CAAC;CAC1H"}

package/dist/geo-block-event.entity.js

@@ -0,0 +1,68 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GeoBlockEvent = void 0;
+const core_1 = require("@vendure/core");
+const typeorm_1 = require("typeorm");
+/**
+ * One row per block decision — written every time the
+ * `/geo-block/check` (or the storefront's call to `/site-config` followed
+ * by a server-side enforcement) decides to refuse a visitor.
+ *
+ * Cheap to keep around because the admin's stats endpoint aggregates on
+ * top of it; older rows can be pruned with `GeoBlockController.gc()`.
+ */
+let GeoBlockEvent = class GeoBlockEvent extends core_1.VendureEntity {
+    constructor(input) {
+        super(input);
+    }
+};
+exports.GeoBlockEvent = GeoBlockEvent;
+__decorate([
+    (0, typeorm_1.Index)(),
+    (0, typeorm_1.Column)({ type: 'int', default: 1 }),
+    __metadata("design:type", Number)
+], GeoBlockEvent.prototype, "channelId", void 0);
+__decorate([
+    (0, typeorm_1.Index)(),
+    (0, typeorm_1.Column)({ type: 'varchar', length: 8, nullable: true }),
+    __metadata("design:type", String)
+], GeoBlockEvent.prototype, "country", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', length: 8, nullable: true }),
+    __metadata("design:type", String)
+], GeoBlockEvent.prototype, "region", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', length: 64, nullable: true }),
+    __metadata("design:type", String)
+], GeoBlockEvent.prototype, "ip", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'text', nullable: true }),
+    __metadata("design:type", String)
+], GeoBlockEvent.prototype, "userAgent", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', length: 2048, nullable: true }),
+    __metadata("design:type", String)
+], GeoBlockEvent.prototype, "url", void 0);
+__decorate([
+    (0, typeorm_1.Index)(),
+    (0, typeorm_1.Column)({ type: 'varchar', length: 32 }),
+    __metadata("design:type", String)
+], GeoBlockEvent.prototype, "decision", void 0);
+__decorate([
+    (0, typeorm_1.Column)({ type: 'varchar', length: 64 }),
+    __metadata("design:type", String)
+], GeoBlockEvent.prototype, "reason", void 0);
+exports.GeoBlockEvent = GeoBlockEvent = __decorate([
+    (0, typeorm_1.Entity)(),
+    __metadata("design:paramtypes", [Object])
+], GeoBlockEvent);
+//# sourceMappingURL=geo-block-event.entity.js.map

package/dist/geo-block-event.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"geo-block-event.entity.js","sourceRoot":"","sources":["../src/geo-block-event.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA2D;AAC3D,qCAAgD;AAEhD;;;;;;;GAOG;AAEI,IAAM,aAAa,GAAnB,MAAM,aAAc,SAAQ,oBAAa;IAC5C,YAAY,KAAkC;QAC1C,KAAK,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;CA6BJ,CAAA;AAhCY,sCAAa;AAOtB;IAFC,IAAA,eAAK,GAAE;IACP,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;;gDACjB;AAInB;IAFC,IAAA,eAAK,GAAE;IACP,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;8CACtC;AAGjB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;6CACvC;AAGhB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCAC5C;AAGZ;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDACtB;AAGnB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;0CAC7C;AAIb;IAFC,IAAA,eAAK,GAAE;IACP,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;;+CACI;AAI5C;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;;6CAC+E;wBA/B9G,aAAa;IADzB,IAAA,gBAAM,GAAE;;GACI,aAAa,CAgCzB"}

package/dist/geo-block.controller.d.ts

@@ -4,22 +4,14 @@ interface SiteConfig {
     channelToken: string;
     geoBlock: {
         enabled: boolean;
-        /** Resolved flat allow-list of ISO 3166-1 alpha-2 country codes
-         *  the storefront should let through, or `null` meaning "no
-         *  country restriction" (WORLDWIDE preset). */
+        mode: 'block' | 'soft';
         allowedCountries: string[] | null;
-        /** Countries the admin always blocks regardless of region. The
-         *  resolved `allowedCountries` already has these subtracted —
-         *  this field is exposed for diagnostics + so the storefront can
-         *  enforce it even when allowedCountries is `null`. */
         blockedCountries: string[];
-        /** UK subdivisions that must additionally match when the visitor
-         *  resolves to GB. Empty = "any UK region allowed". */
         allowedGbRegions: string[];
-        /** The raw region presets the admin selected — exposed for
-         *  diagnostics (and so the frontend can display the admin's
-         *  intent in any debug UI). */
         allowedRegions: string[];
+        blockMessage: string;
+        blockRedirectUrl: string | null;
+        blockLogoUrl: string | null;
     };
     companyData: {
         showCompanyNumber: boolean;
@@ -27,30 +19,55 @@ interface SiteConfig {
     };
 }
 /**
- * Public endpoint serving the storefront-facing site config for a given
- * channel. The storefront calls GET /ees/site-config and identifies the
- * channel via the standard `vendure-token` header (the same one shop-api
- * uses), or via ?token=<channelToken> as a fallback for static fetchers.
+ * Public + admin endpoints for the storefront geo-block.
  *
- * Returned shape is deliberately small + flat so the frontend can cache
- * it in module memory and re-fetch every 60s without much overhead.
+ *  Public:
+ *    GET  /geo-block/site-config       — channel-aware rules the storefront caches
+ *    GET  /geo-block/check             — per-request decision (with logging)
+ *    GET  /geo-block/presets           — preset catalogue for the storefront banner
+ *
+ *  Admin:
+ *    GET  /geo-block/admin/channels    — all channels + their rules
+ *    POST /geo-block/admin/save        — save one channel's rules
+ *    GET  /geo-block/admin/stats       — block totals + top blocked countries
+ *    POST /geo-block/admin/simulate    — "what would happen if a visitor from X visited?"
+ *    POST /geo-block/admin/gc          — prune old GeoBlockEvent rows
  */
 export declare class GeoBlockController {
     private connection;
     constructor(connection: TransactionalConnection);
     getConfig(req: Request): Promise<SiteConfig>;
     /**
-     * Admin: list every channel with its current geo-block settings.
-     * Used by the dedicated Vendure admin page so the admin can switch
-     * between Elite / LicenseDock / any future channel from a single
-     * screen.
+     * Per-request decision endpoint. The storefront calls this on entry
+     * (or middleware can call it) with optional `?country=` overrides.
+     * Logs the decision so the admin stats panel shows top blocked
+     * countries.
+     *
+     * Returns 200 with `{ allowed: boolean, reason, mode }` regardless —
+     * the storefront decides whether to redirect or render a banner.
      */
+    check(req: Request, res: Response): Promise<Response<any, Record<string, any>>>;
+    /** Catalogue of available region presets — fed to the admin picker
+     * and any storefront that wants to show "we serve <X>". */
+    presets(res: Response): Response<any, Record<string, any>>;
     listChannels(ctx: RequestContext, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    saveChannel(ctx: RequestContext, body: any, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
     /**
-     * Admin: save the geo-block settings for one channel. Body shape
-     * mirrors what `listChannels` returns (minus the resolved preview).
+     * Admin: top blocked countries + daily series + totals over the last
+     * N days (default 30). Fed straight into the admin Stats panel.
      */
-    saveChannel(ctx: RequestContext, body: any, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    stats(ctx: RequestContext, req: Request, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    /**
+     * Admin: dry-run check — "what would happen if a visitor from US
+     * with no UK region came in?". Lets the admin sanity-check their
+     * rules without standing up a proxy.
+     */
+    simulate(ctx: RequestContext, body: any, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    gc(ctx: RequestContext, body: any, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    private loadChannelRow;
+    private buildConfig;
+    private logEvent;
+    private defaultMessage;
 }
 export {};
 //# sourceMappingURL=geo-block.controller.d.ts.map

package/dist/geo-block.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"geo-block.controller.d.ts","sourceRoot":"","sources":["../src/geo-block.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAmB,cAAc,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AACzF,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAgB5C,UAAU,UAAU;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE;QACN,OAAO,EAAE,OAAO,CAAC;QACjB;;uDAE+C;QAC/C,gBAAgB,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAClC;;;+DAGuD;QACvD,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B;+DACuD;QACvD,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B;;uCAE+B;QAC/B,cAAc,EAAE,MAAM,EAAE,CAAC;KAC5B,CAAC;IACF,WAAW,EAAE;QACT,iBAAiB,EAAE,OAAO,CAAC;QAC3B,aAAa,EAAE,MAAM,CAAC;KACzB,CAAC;CACL;AAcD;;;;;;;;GAQG;AACH,qBACa,kBAAkB;IACf,OAAO,CAAC,UAAU;gBAAV,UAAU,EAAE,uBAAuB;IAGjD,SAAS,CAAQ,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC;IAqEzD;;;;;OAKG;IAEG,YAAY,CAAQ,GAAG,EAAE,cAAc,EAAS,GAAG,EAAE,QAAQ;IA6CnE;;;OAGG;IAEG,WAAW,CAAQ,GAAG,EAAE,cAAc,EAAU,IAAI,EAAE,GAAG,EAAS,GAAG,EAAE,QAAQ;CA8BxF"}
+{"version":3,"file":"geo-block.controller.d.ts","sourceRoot":"","sources":["../src/geo-block.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAA2B,cAAc,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AACjG,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AA0B5C,UAAU,UAAU;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE;QACN,OAAO,EAAE,OAAO,CAAC;QACjB,IAAI,EAAE,OAAO,GAAG,MAAM,CAAC;QACvB,gBAAgB,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAClC,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,cAAc,EAAE,MAAM,EAAE,CAAC;QACzB,YAAY,EAAE,MAAM,CAAC;QACrB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;QAChC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;KAC/B,CAAC;IACF,WAAW,EAAE;QACT,iBAAiB,EAAE,OAAO,CAAC;QAC3B,aAAa,EAAE,MAAM,CAAC;KACzB,CAAC;CACL;AA4BD;;;;;;;;;;;;;;GAcG;AACH,qBACa,kBAAkB;IACf,OAAO,CAAC,UAAU;gBAAV,UAAU,EAAE,uBAAuB;IAGjD,SAAS,CAAQ,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC;IAazD;;;;;;;;OAQG;IAEG,KAAK,CAAQ,GAAG,EAAE,OAAO,EAAS,GAAG,EAAE,QAAQ;IAyErD;+DAC2D;IAE3D,OAAO,CAAQ,GAAG,EAAE,QAAQ;IAKtB,YAAY,CAAQ,GAAG,EAAE,cAAc,EAAS,GAAG,EAAE,QAAQ;IA+C7D,WAAW,CAAQ,GAAG,EAAE,cAAc,EAAU,IAAI,EAAE,GAAG,EAAS,GAAG,EAAE,QAAQ;IA+CrF;;;OAGG;IAEG,KAAK,CAAQ,GAAG,EAAE,cAAc,EAAS,GAAG,EAAE,OAAO,EAAS,GAAG,EAAE,QAAQ;IA+CjF;;;;OAIG;IAEG,QAAQ,CAAQ,GAAG,EAAE,cAAc,EAAU,IAAI,EAAE,GAAG,EAAS,GAAG,EAAE,QAAQ;IAyB5E,EAAE,CAAQ,GAAG,EAAE,cAAc,EAAU,IAAI,EAAE,GAAG,EAAS,GAAG,EAAE,QAAQ;YAY9D,cAAc;IAqB5B,OAAO,CAAC,WAAW;YA6BL,QAAQ;IA4BtB,OAAO,CAAC,cAAc;CAczB"}