@intranefr/superbackend 1.4.3 → 1.5.0

package/src/services/uiComponentsAi.service.js

@@ -0,0 +1,312 @@
+const UiComponent = require('../models/UiComponent');
+const { getSettingValue } = require('./globalSettings.service');
+const llmService = require('./llm.service');
+const { createAuditEvent } = require('./audit.service');
+
+const ALLOWED_FIELDS = new Set(['html', 'css', 'js', 'usageMarkdown']);
+
+function normalizeTargets(targets) {
+  const t = targets && typeof targets === 'object' ? targets : {};
+  const out = {};
+  for (const f of ALLOWED_FIELDS) out[f] = Boolean(t[f]);
+  if (!Object.values(out).some(Boolean)) {
+    // default: all
+    for (const f of ALLOWED_FIELDS) out[f] = true;
+  }
+  return out;
+}
+
+function parseFieldPatches(raw) {
+  const text = String(raw || '');
+  const lines = text.split(/\r?\n/);
+  const result = [];
+
+  let current = null;
+  for (const line of lines) {
+    const m = line.match(/^FIELD:\s*(.+)$/);
+    if (m) {
+      if (current) result.push(current);
+      current = { field: String(m[1] || '').trim(), content: '' };
+      continue;
+    }
+    if (!current) continue;
+    current.content += (current.content ? '\n' : '') + line;
+  }
+  if (current) result.push(current);
+
+  return result;
+}
+
+function parseDiffBlocks(patchText) {
+  const raw = String(patchText || '');
+  const blocks = [];
+
+  const re = /<<<<<<< SEARCH\n([\s\S]*?)\n=======\n([\s\S]*?)\n>>>>>>> REPLACE/g;
+  let m;
+  while ((m = re.exec(raw)) !== null) {
+    blocks.push({ search: m[1], replace: m[2] });
+  }
+  return blocks;
+}
+
+function applyBlocks(currentValue, blocks) {
+  let next = String(currentValue || '');
+
+  for (const b of blocks) {
+    const search = String(b.search);
+    const replace = String(b.replace);
+
+    if (search === '__FULL__') {
+      next = replace;
+      continue;
+    }
+
+    const idx = next.indexOf(search);
+    if (idx === -1) {
+      const err = new Error('SEARCH block did not match current content');
+      err.code = 'AI_INVALID';
+      err.meta = { searchPreview: search.slice(0, 120) };
+      throw err;
+    }
+
+    next = next.replace(search, replace);
+  }
+
+  return next;
+}
+
+function computeWarnings(nextFields) {
+  const warnings = [];
+  const js = String(nextFields.js || '');
+
+  const checks = [
+    { token: 'eval(', msg: 'JS contains eval( which is unsafe.' },
+    { token: 'document.cookie', msg: 'JS references document.cookie.' },
+    { token: 'Function(', msg: 'JS contains Function( which may indicate dynamic code execution.' },
+    { token: 'fetch(', msg: 'JS uses fetch(. Consider origin allowlists and error handling.' },
+  ];
+
+  for (const c of checks) {
+    if (js.includes(c.token)) warnings.push(c.msg);
+  }
+
+  return warnings;
+}
+
+async function resolveLlmDefaults({ providerKey, model }) {
+  const uiProvider = String(providerKey || '').trim();
+  const uiModel = String(model || '').trim();
+
+  const settingProvider = String(await getSettingValue('uiComponents.ai.providerKey', '') || '').trim();
+  const settingModel = String(await getSettingValue('uiComponents.ai.model', '') || '').trim();
+
+  const envProvider = String(process.env.DEFAULT_LLM_PROVIDER_KEY || '').trim();
+  const envModel = String(process.env.DEFAULT_LLM_MODEL || '').trim();
+
+  const resolvedProviderKey = uiProvider || settingProvider || envProvider;
+  if (!resolvedProviderKey) {
+    const err = new Error('Missing LLM providerKey (configure uiComponents.ai.providerKey or DEFAULT_LLM_PROVIDER_KEY, or send from UI)');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+
+  const resolvedModel = uiModel || settingModel || envModel || 'x-ai/grok-code-fast-1';
+  return { providerKey: resolvedProviderKey, model: resolvedModel };
+}
+
+function buildSystemPrompt({ targets }) {
+  const allowed = Array.from(ALLOWED_FIELDS).filter((f) => targets[f]);
+
+  return [
+    'You are a code editor assistant modifying a UI component stored in a database.',
+    `You may edit ONLY these fields: ${allowed.join(', ')}.`,
+    'Return ONLY changes using FIELD-based SEARCH/REPLACE patches.',
+    '',
+    'Format:',
+    'FIELD: <fieldName>',
+    '<<<<<<< SEARCH',
+    '[exact text to find - must match character-by-character including whitespace]',
+    '=======',
+    '[replacement text]',
+    '>>>>>>> REPLACE',
+    '',
+    'Rules:',
+    '- You can include multiple FIELD sections.',
+    '- SEARCH must match exactly (whitespace matters).',
+    '- Include enough context (5-10 lines) for unique matching.',
+    '- Do not include any text outside FIELD sections and SEARCH/REPLACE blocks.',
+    "- If you cannot reliably match the existing text, use SEARCH content '__FULL__' to replace the entire field.",
+    '',
+    'JS contract:',
+    "- The component JS is executed as new Function('api','templateRootEl','props', js).",
+    '- Your JS must return an object with methods.',
+    '- Use templateRootEl for DOM queries (do not use document.querySelector without scoping).',
+  ].join('\n');
+}
+
+async function proposeComponentEdit({
+  code,
+  prompt,
+  providerKey,
+  model,
+  targets,
+  mode,
+  actor,
+}) {
+  const componentCode = String(code || '').trim().toLowerCase();
+  if (!componentCode) {
+    const err = new Error('code is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+
+  const instruction = String(prompt || '').trim();
+  if (!instruction) {
+    const err = new Error('prompt is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+
+  const targetFlags = normalizeTargets(targets);
+  const allowedTargets = Object.entries(targetFlags)
+    .filter(([, v]) => v)
+    .map(([k]) => k);
+
+  const doc = await UiComponent.findOne({ code: componentCode });
+  if (!doc) {
+    const err = new Error('Component not found');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+
+  const current = doc.toObject();
+
+  const llmDefaults = await resolveLlmDefaults({ providerKey, model });
+
+  const systemPrompt = buildSystemPrompt({ targets: targetFlags });
+
+  const context = {
+    code: current.code,
+    name: current.name,
+    version: current.version,
+    html: String(current.html || ''),
+    css: String(current.css || ''),
+    js: String(current.js || ''),
+    usageMarkdown: String(current.usageMarkdown || ''),
+  };
+
+  const userContextLines = [
+    `Component code: ${context.code}`,
+    `Component name: ${context.name}`,
+    `Component version: ${context.version}`,
+    `Target fields: ${allowedTargets.join(', ')}`,
+    `Mode: ${String(mode || 'minimal')}`,
+    '',
+    'Current fields:',
+    '',
+    `FIELD: html\n${context.html}`,
+    '',
+    `FIELD: css\n${context.css}`,
+    '',
+    `FIELD: js\n${context.js}`,
+    '',
+    `FIELD: usageMarkdown\n${context.usageMarkdown}`,
+  ];
+
+  const result = await llmService.callAdhoc(
+    {
+      providerKey: llmDefaults.providerKey,
+      model: llmDefaults.model,
+      messages: [
+        { role: 'system', content: systemPrompt },
+        { role: 'user', content: `Instruction:\n${instruction}` },
+        { role: 'user', content: userContextLines.join('\n') },
+      ],
+      promptKeyForAudit: 'uiComponents.ai.propose',
+    },
+    {
+      temperature: String(mode || '').toLowerCase() === 'rewrite' ? 0.6 : 0.3,
+    },
+  );
+
+  const raw = String(result.content || '');
+  const fieldPatches = parseFieldPatches(raw);
+
+  const patchByField = new Map();
+  for (const fp of fieldPatches) {
+    patchByField.set(String(fp.field || '').trim(), fp.content);
+  }
+
+  const nextFields = {
+    html: context.html,
+    css: context.css,
+    js: context.js,
+    usageMarkdown: context.usageMarkdown,
+  };
+
+  const appliedFields = [];
+
+  for (const field of ALLOWED_FIELDS) {
+    if (!targetFlags[field]) continue;
+    const patchText = patchByField.get(field);
+    if (!patchText) continue;
+
+    const blocks = parseDiffBlocks(patchText);
+    if (!blocks.length) {
+      const err = new Error(`No diff blocks found for field ${field}`);
+      err.code = 'AI_INVALID';
+      throw err;
+    }
+
+    nextFields[field] = applyBlocks(nextFields[field], blocks);
+    appliedFields.push(field);
+  }
+
+  if (!appliedFields.length) {
+    const err = new Error('No applicable field patches returned');
+    err.code = 'AI_INVALID';
+    throw err;
+  }
+
+  const warnings = computeWarnings(nextFields);
+
+  await createAuditEvent({
+    ...(actor || { actorType: 'system', actorId: null }),
+    action: 'uiComponents.ai.propose',
+    entityType: 'UiComponent',
+    entityId: componentCode,
+    before: {
+      code: current.code,
+      version: current.version,
+    },
+    after: {
+      code: current.code,
+      version: current.version,
+      appliedFields,
+    },
+    meta: {
+      providerKey: llmDefaults.providerKey,
+      model: llmDefaults.model,
+      targets: targetFlags,
+      mode: String(mode || 'minimal'),
+      warnings,
+      patchPreview: raw.slice(0, 4000),
+    },
+  });
+
+  return {
+    component: { code: current.code, version: current.version },
+    proposal: {
+      patch: raw,
+      fields: nextFields,
+      appliedFields,
+      warnings,
+    },
+    providerKey: llmDefaults.providerKey,
+    model: llmDefaults.model,
+  };
+}
+
+module.exports = {
+  proposeComponentEdit,
+};

package/src/services/uiComponentsCrypto.service.js

@@ -0,0 +1,39 @@
+const crypto = require('crypto');
+
+function base64UrlEncode(buf) {
+  return buf
+    .toString('base64')
+    .replace(/\+/g, '-')
+    .replace(/\//g, '_')
+    .replace(/=+$/g, '');
+}
+
+function generateProjectApiKeyPlaintext() {
+  const raw = crypto.randomBytes(32);
+  return `uk_${base64UrlEncode(raw)}`;
+}
+
+function hashKey(plaintext) {
+  return crypto.createHash('sha256').update(String(plaintext)).digest('hex');
+}
+
+function timingSafeEqualHex(a, b) {
+  const aBuf = Buffer.from(String(a), 'hex');
+  const bBuf = Buffer.from(String(b), 'hex');
+  if (aBuf.length !== bBuf.length) return false;
+  return crypto.timingSafeEqual(aBuf, bBuf);
+}
+
+function verifyKey(plaintext, expectedHash) {
+  const provided = String(plaintext || '').trim();
+  if (!provided) return false;
+  const providedHash = hashKey(provided);
+  return timingSafeEqualHex(providedHash, expectedHash);
+}
+
+module.exports = {
+  generateProjectApiKeyPlaintext,
+  hashKey,
+  timingSafeEqualHex,
+  verifyKey,
+};

package/src/services/webhook.service.js

@@ -57,7 +57,7 @@ class WebhookService {
         headers: {
           'Content-Type': 'application/json',
           'X-SaaS-Signature': signature,
-          'User-Agent': 'SaaSBackend-Webhook/1.0'
+          'User-Agent': 'SuperBackend-Webhook/1.0'
         },
         timeout: timeout
       }).catch(err => {
@@ -87,7 +87,7 @@ class WebhookService {
         headers: {
           'Content-Type': 'application/json',
           'X-SaaS-Signature': signature,
-          'User-Agent': 'SaaSBackend-Webhook/1.0'
+          'User-Agent': 'SuperBackend-Webhook/1.0'
         },
         timeout: timeout
       });

package/src/services/workflow.service.js

@@ -5,7 +5,7 @@ const { NodeVM } = require('vm2');
 
 /**
  * Workflow Service
- * Handles execution of stacked workflow nodes within SaaSBackend.
+ * Handles execution of stacked workflow nodes within SuperBackend.
  */
 class WorkflowService {
   constructor(workflowId, initialContext = {}) {

package/src/utils/encryption.js

@@ -1,9 +1,11 @@
 const crypto = require('crypto');
 
 function getEncryptionKey() {
-  const raw = process.env.SAASBACKEND_ENCRYPTION_KEY;
+  // Try new name first, then fallback to old name for backward compatibility
+  const raw = process.env.SUPERBACKEND_ENCRYPTION_KEY || process.env.SAASBACKEND_ENCRYPTION_KEY;
+  
   if (!raw) {
-    throw new Error('SAASBACKEND_ENCRYPTION_KEY is required for encrypted settings');
+    throw new Error('SUPERBACKEND_ENCRYPTION_KEY (or SAASBACKEND_ENCRYPTION_KEY for compatibility) is required for encrypted settings');
   }
 
   let key;
@@ -23,7 +25,7 @@ function getEncryptionKey() {
 
   if (key.length !== 32) {
     throw new Error(
-      'SAASBACKEND_ENCRYPTION_KEY must be 32 bytes (base64-encoded 32 bytes, hex 64 chars, or 32-char utf8)',
+      'SUPERBACKEND_ENCRYPTION_KEY (or SAASBACKEND_ENCRYPTION_KEY) must be 32 bytes (base64-encoded 32 bytes, hex 64 chars, or 32-char utf8)',
     );
   }
 

package/views/admin-coolify-deploy.ejs

@@ -3,7 +3,7 @@
 <head>
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Coolify Headless Deploy - SaaSBackend</title>
+    <title>Coolify Headless Deploy - SuperBackend</title>
     <script src="https://cdn.tailwindcss.com"></script>
     <script src="https://unpkg.com/vue@3/dist/vue.global.js"></script>
     <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/dist/tabler-icons.min.css">

package/views/admin-dashboard-home.ejs

@@ -3,7 +3,7 @@
 <head>
   <meta charset="UTF-8">
   <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <title>SaaSBackend Command Center</title>
+  <title>SuperBackend Command Center</title>
   <script src="https://cdn.tailwindcss.com"></script>
   <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
   <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/dist/tabler-icons.min.css">

package/views/admin-dashboard.ejs

@@ -19,7 +19,7 @@
             <div class="flex items-center gap-4">
                 <i class="ti ti-layout-dashboard text-2xl text-blue-600"></i>
                 <h1 class="text-xl font-bold text-gray-800">
-                    Superbackend <span class="text-xs font-normal text-gray-500 ml-2 align-middle">(saasbackend)</span>
+                    SuperBackend <span class="text-xs font-normal text-gray-500 ml-2 align-middle">(@intranefr/superbackend)</span>
                 </h1>
             </div>
             <div class="flex items-center gap-6">

package/views/admin-errors.ejs

@@ -50,7 +50,7 @@
           <div>
             <div class="text-xs font-semibold text-gray-600 uppercase tracking-wide mb-2">Identify user (JWT header)</div>
             <div class="relative">
-              <pre class="p-3 bg-gray-50 rounded text-xs overflow-x-auto"><code id="snippet-jwt">saasbackend.errorTracking.config({
+              <pre class="p-3 bg-gray-50 rounded text-xs overflow-x-auto"><code id="snippet-jwt">superbackend.errorTracking.config({
   headers: { authorization: "Bearer XXX" }
 })</code></pre>
               <button type="button" class="absolute top-2 right-2 text-xs px-2 py-1 bg-white border border-gray-200 rounded hover:border-blue-500" onclick="copySnippet('snippet-jwt')">Copy</button>
@@ -60,7 +60,7 @@
           <div>
             <div class="text-xs font-semibold text-gray-600 uppercase tracking-wide mb-2">Future npm package (bundlers)</div>
             <div class="relative">
-              <pre class="p-3 bg-gray-50 rounded text-xs overflow-x-auto"><code id="snippet-npm">import { createErrorTrackingClient } from '@saasbackend/sdk/error-tracking/browser';
+              <pre class="p-3 bg-gray-50 rounded text-xs overflow-x-auto"><code id="snippet-npm">import { createErrorTrackingClient } from '@intranefr/superbackend-error-tracking-browser';
 
 const client = createErrorTrackingClient({
   endpoint: '/api/log/error',

package/views/admin-global-settings.ejs

@@ -30,7 +30,7 @@
         <div class="flex justify-between items-center">
           <div>
             <h1 class="text-2xl font-bold text-gray-900">Global Settings Manager</h1>
-            <p class="text-sm text-gray-600 mt-1">Configure system-wide settings for SaaSBackend</p>
+            <p class="text-sm text-gray-600 mt-1">Configure system-wide settings for SuperBackend</p>
           </div>
         </div>
       </div>
@@ -66,8 +66,8 @@
         <h3 class="font-semibold text-blue-900 mb-2">📋 Available Setting Keys</h3>
         <div class="text-sm text-blue-800 space-y-2">
           <p><strong>RESEND_API_KEY</strong> (string) - API key for Resend email service</p>
-          <p><strong>EMAIL_FROM</strong> (string) - Default "From" address for emails (e.g., "SaaSBackend &lt;no-reply@yourdomain.com&gt;")</p>
-          <p><strong>FRONTEND_URL</strong> (string) - Frontend application URL (e.g., "https://app.saasbackend.com")</p>
+          <p><strong>EMAIL_FROM</strong> (string) - Default "From" address for emails (e.g., "SuperBackend &lt;no-reply@yourdomain.com&gt;")</p>
+          <p><strong>FRONTEND_URL</strong> (string) - Frontend application URL (e.g., "https://app.superbackend.com")</p>
           <p><strong>EMAIL_PASSWORD_RESET_SUBJECT</strong> (string) - Subject line for password reset emails</p>
           <p><strong>EMAIL_PASSWORD_RESET_HTML</strong> (html) - HTML template for password reset emails</p>
           <p class="pl-4 text-blue-700">Available variables: <code class="bg-blue-100 px-1 rounded">{{resetUrl}}</code></p>