@intranefr/superbackend 1.4.3 → 1.5.0

package/src/controllers/uiComponentsPublic.controller.js

@@ -0,0 +1,118 @@
+const UiComponent = require('../models/UiComponent');
+const UiComponentProject = require('../models/UiComponentProject');
+const UiComponentProjectComponent = require('../models/UiComponentProjectComponent');
+
+const { verifyKey } = require('../services/uiComponentsCrypto.service');
+
+function extractProjectKey(req) {
+  const headerToken = req.headers['x-project-key'] || req.headers['x-api-key'];
+  if (headerToken) return String(headerToken).trim();
+  return null;
+}
+
+async function loadAndAuthorizeProject(req, res, projectId) {
+  const project = await UiComponentProject.findOne({ projectId: String(projectId), isActive: true }).lean();
+  if (!project) {
+    res.status(404).json({ error: 'Project not found' });
+    return null;
+  }
+
+  if (!project.isPublic) {
+    const key = extractProjectKey(req);
+    const ok = project.apiKeyHash && verifyKey(key, project.apiKeyHash);
+    if (!ok) {
+      res.status(401).json({ error: 'Invalid project key' });
+      return null;
+    }
+  }
+
+  return project;
+}
+
+exports.getManifest = async (req, res) => {
+  try {
+    const { projectId } = req.params;
+    const project = await loadAndAuthorizeProject(req, res, projectId);
+    if (!project) return;
+
+    const assignments = await UiComponentProjectComponent.find({ projectId: project.projectId, enabled: true }).lean();
+    const codes = assignments.map((a) => a.componentCode);
+
+    const components = await UiComponent.find({
+      code: { $in: codes },
+      isActive: true,
+    })
+      .sort({ code: 1 })
+      .lean();
+
+    const docsOnly = String(req.query.docs || '').toLowerCase() === 'true';
+
+    const out = components.map((c) => {
+      const base = {
+        code: c.code,
+        name: c.name,
+        version: c.version,
+      };
+      if (docsOnly) {
+        base.usageMarkdown = c.usageMarkdown;
+      } else {
+        base.html = c.html;
+        base.js = c.js;
+        base.css = c.css;
+      }
+      return base;
+    });
+
+    return res.json({
+      project: {
+        projectId: project.projectId,
+        name: project.name,
+        isPublic: project.isPublic,
+        allowedOrigins: project.allowedOrigins || [],
+      },
+      components: out,
+    });
+  } catch (error) {
+    console.error('UI Components getManifest error:', error);
+    return res.status(500).json({ error: 'Failed to load manifest' });
+  }
+};
+
+exports.getComponent = async (req, res) => {
+  try {
+    const { projectId, code } = req.params;
+    const project = await loadAndAuthorizeProject(req, res, projectId);
+    if (!project) return;
+
+    const componentCode = String(code || '').trim().toLowerCase();
+
+    const assignment = await UiComponentProjectComponent.findOne({
+      projectId: project.projectId,
+      componentCode,
+      enabled: true,
+    }).lean();
+
+    if (!assignment) return res.status(404).json({ error: 'Component not enabled for this project' });
+
+    const component = await UiComponent.findOne({ code: componentCode, isActive: true }).lean();
+    if (!component) return res.status(404).json({ error: 'Component not found' });
+
+    return res.json({
+      project: {
+        projectId: project.projectId,
+        isPublic: project.isPublic,
+      },
+      component: {
+        code: component.code,
+        name: component.name,
+        version: component.version,
+        html: component.html,
+        js: component.js,
+        css: component.css,
+      },
+    });
+  } catch (error) {
+    console.error('UI Components getComponent error:', error);
+    return res.status(500).json({ error: 'Failed to load component' });
+  }
+};

package/src/middleware/auth.js

@@ -19,6 +19,7 @@ const authenticate = async (req, res, next) => {
     req.user = user;
     next();
   } catch (error) {
+    console.error("api authenticate error:", error);
     return res
       .status(401)
       .json({ error: error.message || "Authentication failed" });
@@ -45,6 +46,12 @@ const basicAuth = (req, res, next) => {
   if (username === adminUsername && password === adminPassword) {
     next();
   } else {
+    console.error("api basicAuth error:", {
+      username,
+      password,
+      adminUsername,
+      adminPassword,
+    });
     res.setHeader("WWW-Authenticate", 'Basic realm="Admin Area"');
     return res.status(401).json({ error: "Invalid credentials" });
   }

package/src/middleware.js

@@ -7,6 +7,7 @@ const ejs = require("ejs");
 const { basicAuth } = require("./middleware/auth");
 const endpointRegistry = require("./admin/endpointRegistry");
 const { createFeatureFlagsEjsMiddleware } = require("./services/featureFlags.service");
+const consoleOverride = require("./services/consoleOverride.service");
 const {
   hookConsoleError,
   setupProcessHandlers,
@@ -30,6 +31,16 @@ function createMiddleware(options = {}) {
   const router = express.Router();
   const adminPath = options.adminPath || "/admin";
 
+  // Expose adminPath and WS attachment helper
+  router.adminPath = adminPath;
+  router.attachWs = (server) => {
+    const { attachTerminalWebsocketServer } = require('./services/terminalsWs.service');
+    attachTerminalWebsocketServer(server, { basePathPrefix: adminPath });
+  };
+
+  // Initialize console override service early to capture all logs
+  consoleOverride.init();
+
   if (!errorCaptureInitialized) {
     errorCaptureInitialized = true;
     hookConsoleError();
@@ -138,6 +149,12 @@ function createMiddleware(options = {}) {
   // Serve public static files (e.g. /og/og-default.png)
   router.use(express.static(path.join(__dirname, "..", "public")));
 
+  // Serve browser SDK bundles
+  router.use(
+    "/public/sdk",
+    express.static(path.join(__dirname, "..", "public", "sdk")),
+  );
+
   // Serve static files for admin views
   router.use(
     `${adminPath}/assets`,
@@ -184,6 +201,70 @@ function createMiddleware(options = {}) {
     });
   });
 
+  router.get(`${adminPath}/terminals`, basicAuth, (req, res) => {
+    const templatePath = path.join(
+      __dirname,
+      "..",
+      "views",
+      "admin-terminals.ejs",
+    );
+    fs.readFile(templatePath, "utf8", (err, template) => {
+      if (err) {
+        console.error("Error reading template:", err);
+        return res.status(500).send("Error loading page");
+      }
+      try {
+        const html = ejs.render(
+          template,
+          {
+            baseUrl: req.baseUrl,
+            adminPath,
+            endpointRegistry,
+          },
+          {
+            filename: templatePath,
+          },
+        );
+        res.send(html);
+      } catch (renderErr) {
+        console.error("Error rendering template:", renderErr);
+        res.status(500).send("Error rendering page");
+      }
+    });
+  });
+
+  router.get(`${adminPath}/scripts`, basicAuth, (req, res) => {
+    const templatePath = path.join(
+      __dirname,
+      "..",
+      "views",
+      "admin-scripts.ejs",
+    );
+    fs.readFile(templatePath, "utf8", (err, template) => {
+      if (err) {
+        console.error("Error reading template:", err);
+        return res.status(500).send("Error loading page");
+      }
+      try {
+        const html = ejs.render(
+          template,
+          {
+            baseUrl: req.baseUrl,
+            adminPath,
+            endpointRegistry,
+          },
+          {
+            filename: templatePath,
+          },
+        );
+        res.send(html);
+      } catch (renderErr) {
+        console.error("Error rendering template:", renderErr);
+        res.status(500).send("Error rendering page");
+      }
+    });
+  });
+
   router.use("/api/admin", require("./routes/admin.routes"));
   router.use("/api/admin/settings", require("./routes/globalSettings.routes"));
   router.use(
@@ -200,11 +281,14 @@ function createMiddleware(options = {}) {
   );
   router.use("/api/admin/i18n", require("./routes/adminI18n.routes"));
   router.use("/api/admin/headless", require("./routes/adminHeadless.routes"));
+  router.use("/api/admin/scripts", require("./routes/adminScripts.routes"));
+  router.use("/api/admin/terminals", require("./routes/adminTerminals.routes"));
   router.use("/api/admin/assets", require("./routes/adminAssets.routes"));
   router.use(
     "/api/admin/upload-namespaces",
     require("./routes/adminUploadNamespaces.routes"),
   );
+  router.use("/api/admin/ui-components", require("./routes/adminUiComponents.routes"));
   router.use("/api/admin/migration", require("./routes/adminMigration.routes"));
   router.use("/api/admin/errors", basicAuth, require("./routes/adminErrors.routes"));
   router.use("/api/admin/audit", basicAuth, require("./routes/adminAudit.routes"));
@@ -225,6 +309,8 @@ function createMiddleware(options = {}) {
   router.use("/api/invites", require("./routes/invite.routes"));
   router.use("/api/log", require("./routes/log.routes"));
   router.use("/api/error-tracking", require("./routes/errorTracking.routes"));
+  router.use("/api/ui-components", require("./routes/uiComponentsPublic.routes"));
+  router.use("/api/llm/ui", require("./routes/llmUi.routes"));
 
   // Public assets proxy
   router.use("/public/assets", require("./routes/publicAssets.routes"));
@@ -537,6 +623,39 @@ function createMiddleware(options = {}) {
     });
   });
 
+  // Admin UI Components page (protected by basic auth)
+  router.get(`${adminPath}/ui-components`, basicAuth, (req, res) => {
+    const templatePath = path.join(
+      __dirname,
+      "..",
+      "views",
+      "admin-ui-components.ejs",
+    );
+    fs.readFile(templatePath, "utf8", (err, template) => {
+      if (err) {
+        console.error("Error reading template:", err);
+        return res.status(500).send("Error loading page");
+      }
+      try {
+        const html = ejs.render(
+          template,
+          {
+            baseUrl: req.baseUrl,
+            adminPath,
+            endpointRegistry,
+          },
+          {
+            filename: templatePath,
+          },
+        );
+        res.send(html);
+      } catch (renderErr) {
+        console.error("Error rendering template:", renderErr);
+        res.status(500).send("Error rendering page");
+      }
+    });
+  });
+
   // Admin JSON configs page (protected by basic auth)
   router.get(`${adminPath}/json-configs`, basicAuth, (req, res) => {
     const templatePath = path.join(

package/src/models/HeadlessModelDefinition.js

@@ -28,6 +28,16 @@ const headlessModelDefinitionSchema = new mongoose.Schema(
     description: { type: String, default: '' },
     fields: { type: [headlessFieldSchema], default: [] },
     indexes: { type: [headlessIndexSchema], default: [] },
+    sourceType: { type: String, enum: ['internal', 'external'], default: 'internal', index: true },
+    sourceCollectionName: { type: String, default: null, index: true },
+    isExternal: { type: Boolean, default: false, index: true },
+    inference: {
+      enabled: { type: Boolean, default: false },
+      lastInferredAt: { type: Date, default: null },
+      sampleSize: { type: Number, default: null },
+      warnings: { type: [String], default: [] },
+      stats: { type: mongoose.Schema.Types.Mixed, default: null },
+    },
     isActive: { type: Boolean, default: true, index: true },
     version: { type: Number, default: 1 },
     fieldsHash: { type: String, default: null },

package/src/models/ScriptDefinition.js

@@ -0,0 +1,42 @@
+const mongoose = require('mongoose');
+
+const envVarSchema = new mongoose.Schema(
+  {
+    key: { type: String, required: true },
+    value: { type: String, required: true },
+  },
+  { _id: false },
+);
+
+const scriptDefinitionSchema = new mongoose.Schema(
+  {
+    name: { type: String, required: true },
+    codeIdentifier: { type: String, required: true, unique: true, index: true },
+    description: { type: String, default: '' },
+    type: { type: String, enum: ['bash', 'node', 'browser'], required: true },
+    runner: { type: String, enum: ['host', 'vm2', 'browser'], required: true },
+    script: { type: String, required: true },
+    defaultWorkingDirectory: { type: String, default: '' },
+    env: { type: [envVarSchema], default: [] },
+    timeoutMs: { type: Number, default: 5 * 60 * 1000 },
+    enabled: { type: Boolean, default: true, index: true },
+  },
+  { timestamps: true, collection: 'script_definitions' },
+);
+
+function normalizeCodeIdentifier(codeIdentifier) {
+  return String(codeIdentifier || '')
+    .trim()
+    .toLowerCase()
+    .replace(/\s+/g, '-')
+    .replace(/[^a-z0-9_-]/g, '');
+}
+
+scriptDefinitionSchema.pre('validate', function preValidate(next) {
+  this.codeIdentifier = normalizeCodeIdentifier(this.codeIdentifier);
+  next();
+});
+
+module.exports =
+  mongoose.models.ScriptDefinition ||
+  mongoose.model('ScriptDefinition', scriptDefinitionSchema);

package/src/models/ScriptRun.js

@@ -0,0 +1,22 @@
+const mongoose = require('mongoose');
+
+const scriptRunSchema = new mongoose.Schema(
+  {
+    scriptId: { type: mongoose.Schema.Types.ObjectId, ref: 'ScriptDefinition', required: true, index: true },
+    status: {
+      type: String,
+      enum: ['queued', 'running', 'succeeded', 'failed', 'canceled', 'timed_out'],
+      default: 'queued',
+      index: true,
+    },
+    trigger: { type: String, enum: ['manual', 'schedule', 'api'], default: 'manual', index: true },
+    startedAt: { type: Date, default: null },
+    finishedAt: { type: Date, default: null },
+    exitCode: { type: Number, default: null },
+    outputTail: { type: String, default: '' },
+    meta: { type: mongoose.Schema.Types.Mixed, default: null },
+  },
+  { timestamps: true, collection: 'script_runs' },
+);
+
+module.exports = mongoose.models.ScriptRun || mongoose.model('ScriptRun', scriptRunSchema);

package/src/models/UiComponent.js

@@ -0,0 +1,29 @@
+const mongoose = require('mongoose');
+
+const uiComponentSchema = new mongoose.Schema(
+  {
+    code: {
+      type: String,
+      required: true,
+      unique: true,
+      index: true,
+      trim: true,
+      lowercase: true,
+      match: [/^[a-z][a-z0-9_-]{1,63}$/, 'Invalid component code'],
+    },
+    name: { type: String, required: true, trim: true },
+
+    html: { type: String, default: '' },
+    js: { type: String, default: '' },
+    css: { type: String, default: '' },
+
+    api: { type: mongoose.Schema.Types.Mixed, default: null },
+    usageMarkdown: { type: String, default: '' },
+
+    version: { type: Number, default: 1 },
+    isActive: { type: Boolean, default: true, index: true },
+  },
+  { timestamps: true, collection: 'ui_components' },
+);
+
+module.exports = mongoose.models.UiComponent || mongoose.model('UiComponent', uiComponentSchema);

package/src/models/UiComponentProject.js

@@ -0,0 +1,26 @@
+const mongoose = require('mongoose');
+
+const uiComponentProjectSchema = new mongoose.Schema(
+  {
+    projectId: {
+      type: String,
+      required: true,
+      unique: true,
+      index: true,
+      trim: true,
+      match: [/^prj_[a-z0-9]{8,32}$/, 'Invalid projectId'],
+    },
+    name: { type: String, required: true, trim: true },
+
+    isPublic: { type: Boolean, default: true, index: true },
+    apiKeyHash: { type: String, default: null },
+
+    allowedOrigins: { type: [String], default: [] },
+
+    isActive: { type: Boolean, default: true, index: true },
+  },
+  { timestamps: true, collection: 'ui_component_projects' },
+);
+
+module.exports = mongoose.models.UiComponentProject ||
+  mongoose.model('UiComponentProject', uiComponentProjectSchema);

package/src/models/UiComponentProjectComponent.js

@@ -0,0 +1,18 @@
+const mongoose = require('mongoose');
+
+const uiComponentProjectComponentSchema = new mongoose.Schema(
+  {
+    projectId: { type: String, required: true, index: true },
+    componentCode: { type: String, required: true, index: true },
+    enabled: { type: Boolean, default: true, index: true },
+  },
+  { timestamps: true, collection: 'ui_component_project_components' },
+);
+
+uiComponentProjectComponentSchema.index(
+  { projectId: 1, componentCode: 1 },
+  { unique: true },
+);
+
+module.exports = mongoose.models.UiComponentProjectComponent ||
+  mongoose.model('UiComponentProjectComponent', uiComponentProjectComponentSchema);

package/src/routes/admin.routes.js

@@ -7,9 +7,11 @@ const { basicAuth } = require('../middleware/auth');
 router.use(basicAuth);
 
 router.get('/users', adminController.getUsers);
+router.post('/users/register', adminController.registerUser);
 router.get('/users/:id', adminController.getUser);
 router.put('/users/:id/subscription', adminController.updateUserSubscription);
 router.patch('/users/:id', adminController.updateUserPassword);
+router.delete('/users/:id', adminController.deleteUser);
 router.post('/users/:id/reconcile', adminController.reconcileUser);
 router.post('/generate-token', adminController.generateToken);
 

package/src/routes/adminHeadless.routes.js

@@ -13,6 +13,12 @@ router.post('/models', adminHeadlessController.createModel);
 router.put('/models/:codeIdentifier', adminHeadlessController.updateModel);
 router.delete('/models/:codeIdentifier', adminHeadlessController.deleteModel);
 
+// External models (Mongo collections)
+router.get('/external/collections', adminHeadlessController.listExternalCollections);
+router.post('/external/infer', adminHeadlessController.inferExternalCollection);
+router.post('/external/import', adminHeadlessController.importExternalModel);
+router.post('/models/:codeIdentifier/sync', adminHeadlessController.syncExternalModel);
+
 // Advanced JSON / bulk helpers
 router.post('/models/validate', adminHeadlessController.validateModelDefinition);
 router.post('/models/apply', adminHeadlessController.applyModelProposal);

package/src/routes/adminScripts.routes.js

@@ -0,0 +1,21 @@
+const express = require('express');
+const router = express.Router();
+
+const { basicAuth } = require('../middleware/auth');
+const controller = require('../controllers/adminScripts.controller');
+
+router.use(basicAuth);
+
+router.get('/', controller.listScripts);
+router.post('/', controller.createScript);
+router.get('/runs', controller.listRuns);
+router.get('/runs/:runId', controller.getRun);
+router.get('/runs/:runId/stream', controller.streamRun);
+
+router.get('/:id', controller.getScript);
+router.put('/:id', controller.updateScript);
+router.delete('/:id', controller.deleteScript);
+
+router.post('/:id/run', controller.runScript);
+
+module.exports = router;

package/src/routes/adminTerminals.routes.js

@@ -0,0 +1,13 @@
+const express = require('express');
+const router = express.Router();
+
+const { basicAuth } = require('../middleware/auth');
+const controller = require('../controllers/adminTerminals.controller');
+
+router.use(basicAuth);
+
+router.post('/sessions', controller.createSession);
+router.get('/sessions', controller.listSessions);
+router.delete('/sessions/:sessionId', controller.killSession);
+
+module.exports = router;

package/src/routes/adminUiComponents.routes.js

@@ -0,0 +1,29 @@
+const express = require('express');
+const router = express.Router();
+
+const { basicAuth } = require('../middleware/auth');
+const adminUiComponentsController = require('../controllers/adminUiComponents.controller');
+const adminUiComponentsAiController = require('../controllers/adminUiComponentsAi.controller');
+
+router.use(basicAuth);
+
+router.get('/projects', adminUiComponentsController.listProjects);
+router.post('/projects', adminUiComponentsController.createProject);
+router.get('/projects/:projectId', adminUiComponentsController.getProject);
+router.put('/projects/:projectId', adminUiComponentsController.updateProject);
+router.delete('/projects/:projectId', adminUiComponentsController.deleteProject);
+router.post('/projects/:projectId/rotate-key', adminUiComponentsController.rotateProjectKey);
+
+router.get('/components', adminUiComponentsController.listComponents);
+router.post('/components', adminUiComponentsController.createComponent);
+router.get('/components/:code', adminUiComponentsController.getComponent);
+router.put('/components/:code', adminUiComponentsController.updateComponent);
+router.delete('/components/:code', adminUiComponentsController.deleteComponent);
+
+router.get('/projects/:projectId/components', adminUiComponentsController.listProjectAssignments);
+router.post('/projects/:projectId/components/:code', adminUiComponentsController.setAssignment);
+router.delete('/projects/:projectId/components/:code', adminUiComponentsController.deleteAssignment);
+
+router.post('/ai/components/:code/propose', adminUiComponentsAiController.propose);
+
+module.exports = router;

package/src/routes/llmUi.routes.js

@@ -0,0 +1,26 @@
+const express = require('express');
+const router = express.Router();
+
+const { basicAuth } = require('../middleware/auth');
+const adminUiComponentsController = require('../controllers/adminUiComponents.controller');
+
+router.use(basicAuth);
+
+router.get('/projects', adminUiComponentsController.listProjects);
+router.post('/projects', adminUiComponentsController.createProject);
+router.get('/projects/:projectId', adminUiComponentsController.getProject);
+router.put('/projects/:projectId', adminUiComponentsController.updateProject);
+router.delete('/projects/:projectId', adminUiComponentsController.deleteProject);
+router.post('/projects/:projectId/rotate-key', adminUiComponentsController.rotateProjectKey);
+
+router.get('/components', adminUiComponentsController.listComponents);
+router.post('/components', adminUiComponentsController.createComponent);
+router.get('/components/:code', adminUiComponentsController.getComponent);
+router.put('/components/:code', adminUiComponentsController.updateComponent);
+router.delete('/components/:code', adminUiComponentsController.deleteComponent);
+
+router.get('/projects/:projectId/components', adminUiComponentsController.listProjectAssignments);
+router.post('/projects/:projectId/components/:code', adminUiComponentsController.setAssignment);
+router.delete('/projects/:projectId/components/:code', adminUiComponentsController.deleteAssignment);
+
+module.exports = router;

package/src/routes/orgAdmin.routes.js

@@ -6,7 +6,12 @@ const orgAdminController = require('../controllers/orgAdmin.controller');
 const asyncHandler = require('../utils/asyncHandler');
 
 router.get('/', basicAuth, asyncHandler(orgAdminController.listOrgs));
+router.post('/', basicAuth, asyncHandler(orgAdminController.createOrganization));
 router.get('/:orgId', basicAuth, asyncHandler(orgAdminController.getOrg));
+router.put('/:orgId', basicAuth, asyncHandler(orgAdminController.updateOrganization));
+router.patch('/:orgId/disable', basicAuth, asyncHandler(orgAdminController.disableOrganization));
+router.patch('/:orgId/enable', basicAuth, asyncHandler(orgAdminController.enableOrganization));
+router.delete('/:orgId', basicAuth, asyncHandler(orgAdminController.deleteOrganization));
 
 router.get('/:orgId/members', basicAuth, asyncHandler(orgAdminController.listMembers));
 router.patch('/:orgId/members/:memberId', basicAuth, asyncHandler(orgAdminController.updateMember));

package/src/routes/uiComponentsPublic.routes.js

@@ -0,0 +1,9 @@
+const express = require('express');
+const router = express.Router();
+
+const uiComponentsPublicController = require('../controllers/uiComponentsPublic.controller');
+
+router.get('/projects/:projectId/manifest', uiComponentsPublicController.getManifest);
+router.get('/projects/:projectId/components/:code', uiComponentsPublicController.getComponent);
+
+module.exports = router;