npm - @intranefr/superbackend - Versions diffs - 1.4.3 - Mend

@intranefr/superbackend 1.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (188) hide show

package/.commiat +4 -0
package/.env.example +47 -0
package/README.md +110 -0
package/index.js +94 -0
package/package.json +67 -0
package/public/css/styles.css +139 -0
package/public/js/animations.js +41 -0
package/sdk/error-tracking/browser/package.json +16 -0
package/sdk/error-tracking/browser/src/core.js +270 -0
package/sdk/error-tracking/browser/src/embed.js +18 -0
package/sdk/error-tracking/browser/src/index.js +1 -0
package/server.js +5 -0
package/src/admin/endpointRegistry.js +300 -0
package/src/controllers/admin.controller.js +321 -0
package/src/controllers/adminAssets.controller.js +530 -0
package/src/controllers/adminAssetsStorage.controller.js +260 -0
package/src/controllers/adminEjsVirtual.controller.js +354 -0
package/src/controllers/adminFeatureFlags.controller.js +155 -0
package/src/controllers/adminHeadless.controller.js +1071 -0
package/src/controllers/adminI18n.controller.js +604 -0
package/src/controllers/adminJsonConfigs.controller.js +97 -0
package/src/controllers/adminLlm.controller.js +273 -0
package/src/controllers/adminMigration.controller.js +257 -0
package/src/controllers/adminSeoConfig.controller.js +515 -0
package/src/controllers/adminStats.controller.js +121 -0
package/src/controllers/adminUploadNamespaces.controller.js +208 -0
package/src/controllers/assets.controller.js +248 -0
package/src/controllers/auth.controller.js +93 -0
package/src/controllers/billing.controller.js +223 -0
package/src/controllers/featureFlags.controller.js +35 -0
package/src/controllers/forms.controller.js +217 -0
package/src/controllers/globalSettings.controller.js +252 -0
package/src/controllers/headlessCrud.controller.js +126 -0
package/src/controllers/i18n.controller.js +12 -0
package/src/controllers/invite.controller.js +249 -0
package/src/controllers/jsonConfigs.controller.js +19 -0
package/src/controllers/metrics.controller.js +149 -0
package/src/controllers/notificationAdmin.controller.js +264 -0
package/src/controllers/notifications.controller.js +131 -0
package/src/controllers/org.controller.js +357 -0
package/src/controllers/orgAdmin.controller.js +491 -0
package/src/controllers/stripeAdmin.controller.js +410 -0
package/src/controllers/user.controller.js +361 -0
package/src/controllers/userAdmin.controller.js +277 -0
package/src/controllers/waitingList.controller.js +167 -0
package/src/controllers/webhook.controller.js +200 -0
package/src/middleware/auth.js +66 -0
package/src/middleware/errorCapture.js +170 -0
package/src/middleware/headlessApiTokenAuth.js +57 -0
package/src/middleware/org.js +108 -0
package/src/middleware.js +901 -0
package/src/models/ActionEvent.js +31 -0
package/src/models/ActivityLog.js +41 -0
package/src/models/Asset.js +84 -0
package/src/models/AuditEvent.js +93 -0
package/src/models/EmailLog.js +28 -0
package/src/models/ErrorAggregate.js +72 -0
package/src/models/FormSubmission.js +41 -0
package/src/models/GlobalSetting.js +38 -0
package/src/models/HeadlessApiToken.js +24 -0
package/src/models/HeadlessModelDefinition.js +41 -0
package/src/models/I18nEntry.js +77 -0
package/src/models/I18nLocale.js +33 -0
package/src/models/Invite.js +70 -0
package/src/models/JsonConfig.js +46 -0
package/src/models/Notification.js +60 -0
package/src/models/Organization.js +57 -0
package/src/models/OrganizationMember.js +43 -0
package/src/models/StripeCatalogItem.js +77 -0
package/src/models/StripeWebhookEvent.js +57 -0
package/src/models/User.js +89 -0
package/src/models/VirtualEjsFile.js +60 -0
package/src/models/VirtualEjsFileVersion.js +43 -0
package/src/models/VirtualEjsGroupChange.js +32 -0
package/src/models/WaitingList.js +41 -0
package/src/models/Webhook.js +63 -0
package/src/models/Workflow.js +29 -0
package/src/models/WorkflowExecution.js +12 -0
package/src/routes/admin.routes.js +26 -0
package/src/routes/adminAssets.routes.js +28 -0
package/src/routes/adminAssetsStorage.routes.js +13 -0
package/src/routes/adminAudit.routes.js +196 -0
package/src/routes/adminEjsVirtual.routes.js +17 -0
package/src/routes/adminErrors.routes.js +164 -0
package/src/routes/adminFeatureFlags.routes.js +12 -0
package/src/routes/adminHeadless.routes.js +38 -0
package/src/routes/adminI18n.routes.js +22 -0
package/src/routes/adminJsonConfigs.routes.js +15 -0
package/src/routes/adminLlm.routes.js +12 -0
package/src/routes/adminMigration.routes.js +81 -0
package/src/routes/adminSeoConfig.routes.js +20 -0
package/src/routes/adminUploadNamespaces.routes.js +13 -0
package/src/routes/assets.routes.js +21 -0
package/src/routes/auth.routes.js +12 -0
package/src/routes/billing.routes.js +11 -0
package/src/routes/errorTracking.routes.js +31 -0
package/src/routes/featureFlags.routes.js +9 -0
package/src/routes/forms.routes.js +9 -0
package/src/routes/formsAdmin.routes.js +13 -0
package/src/routes/globalSettings.routes.js +18 -0
package/src/routes/headless.routes.js +15 -0
package/src/routes/i18n.routes.js +8 -0
package/src/routes/invite.routes.js +9 -0
package/src/routes/jsonConfigs.routes.js +8 -0
package/src/routes/log.routes.js +111 -0
package/src/routes/metrics.routes.js +9 -0
package/src/routes/notificationAdmin.routes.js +15 -0
package/src/routes/notifications.routes.js +12 -0
package/src/routes/org.routes.js +31 -0
package/src/routes/orgAdmin.routes.js +20 -0
package/src/routes/publicAssets.routes.js +7 -0
package/src/routes/stripeAdmin.routes.js +20 -0
package/src/routes/user.routes.js +22 -0
package/src/routes/userAdmin.routes.js +15 -0
package/src/routes/waitingList.routes.js +13 -0
package/src/routes/waitingListAdmin.routes.js +9 -0
package/src/routes/webhook.routes.js +32 -0
package/src/routes/workflowWebhook.routes.js +54 -0
package/src/routes/workflows.routes.js +110 -0
package/src/services/assets.service.js +110 -0
package/src/services/audit.service.js +62 -0
package/src/services/auditLogger.js +165 -0
package/src/services/ejsVirtual.service.js +614 -0
package/src/services/email.service.js +351 -0
package/src/services/errorLogger.js +221 -0
package/src/services/featureFlags.service.js +202 -0
package/src/services/forms.service.js +214 -0
package/src/services/globalSettings.service.js +49 -0
package/src/services/headlessApiTokens.service.js +158 -0
package/src/services/headlessCrypto.service.js +31 -0
package/src/services/headlessModels.service.js +356 -0
package/src/services/i18n.service.js +314 -0
package/src/services/i18nInferredKeys.service.js +337 -0
package/src/services/jsonConfigs.service.js +392 -0
package/src/services/llm.service.js +749 -0
package/src/services/migration.service.js +581 -0
package/src/services/migrationAssets/fsLocal.js +58 -0
package/src/services/migrationAssets/index.js +134 -0
package/src/services/migrationAssets/s3.js +75 -0
package/src/services/migrationAssets/sftp.js +92 -0
package/src/services/notification.service.js +212 -0
package/src/services/objectStorage.service.js +514 -0
package/src/services/seoConfig.service.js +402 -0
package/src/services/storage.js +150 -0
package/src/services/stripe.service.js +185 -0
package/src/services/stripeHelper.service.js +264 -0
package/src/services/uploadNamespaces.service.js +326 -0
package/src/services/webhook.service.js +157 -0
package/src/services/workflow.service.js +271 -0
package/src/utils/asyncHandler.js +5 -0
package/src/utils/encryption.js +80 -0
package/src/utils/jwt.js +40 -0
package/src/utils/orgRoles.js +156 -0
package/src/utils/validation.js +26 -0
package/src/utils/webhookRetry.js +93 -0
package/views/admin-assets.ejs +444 -0
package/views/admin-audit.ejs +283 -0
package/views/admin-coolify-deploy.ejs +207 -0
package/views/admin-dashboard-home.ejs +291 -0
package/views/admin-dashboard.ejs +397 -0
package/views/admin-ejs-virtual.ejs +280 -0
package/views/admin-errors.ejs +368 -0
package/views/admin-feature-flags.ejs +390 -0
package/views/admin-forms.ejs +526 -0
package/views/admin-global-settings.ejs +436 -0
package/views/admin-headless.ejs +2020 -0
package/views/admin-i18n-locales.ejs +221 -0
package/views/admin-i18n.ejs +728 -0
package/views/admin-json-configs.ejs +410 -0
package/views/admin-llm.ejs +884 -0
package/views/admin-metrics.ejs +274 -0
package/views/admin-migration.ejs +814 -0
package/views/admin-notifications.ejs +430 -0
package/views/admin-organizations.ejs +984 -0
package/views/admin-seo-config.ejs +673 -0
package/views/admin-stripe-pricing.ejs +558 -0
package/views/admin-test.ejs +342 -0
package/views/admin-users.ejs +452 -0
package/views/admin-waiting-list.ejs +547 -0
package/views/admin-webhooks.ejs +329 -0
package/views/admin-workflows.ejs +310 -0
package/views/partials/admin-assets-script.ejs +2022 -0
package/views/partials/admin-test-sidebar.ejs +14 -0
package/views/partials/dashboard/nav-items.ejs +66 -0
package/views/partials/dashboard/palette.ejs +63 -0
package/views/partials/dashboard/sidebar.ejs +21 -0
package/views/partials/dashboard/tab-bar.ejs +26 -0
package/views/partials/footer.ejs +3 -0

package/src/routes/workflows.routes.js ADDED Viewed

@@ -0,0 +1,110 @@
+const express = require('express');
+const router = express.Router();
+const Workflow = require('../models/Workflow');
+const WorkflowExecution = require('../models/WorkflowExecution');
+const workflowService = require('../services/workflow.service');
+// List workflows
+router.get('/', async (req, res) => {
+  const query = req.currentOrganization ? { organizationId: req.currentOrganization.id } : {};
+  const workflows = await Workflow.find(query).sort('-createdAt');
+  res.json(workflows);
+});
+// Get single workflow
+router.get('/:id', async (req, res) => {
+  const workflow = await Workflow.findById(req.params.id);
+  if (!workflow) return res.status(404).json({ error: 'Workflow not found' });
+  res.json(workflow);
+});
+// Create workflow
+router.post('/', async (req, res) => {
+  const workflow = await Workflow.create({
+    ...req.body,
+    organizationId: req.currentOrganization?.id
+  });
+  res.status(201).json(workflow);
+});
+// Update workflow
+router.put('/:id', async (req, res) => {
+  const workflow = await Workflow.findByIdAndUpdate(req.params.id, req.body, { new: true });
+  if (!workflow) return res.status(404).json({ error: 'Workflow not found' });
+  res.json(workflow);
+});
+// Delete workflow
+router.delete('/:id', async (req, res) => {
+  await Workflow.findByIdAndDelete(req.params.id);
+  await WorkflowExecution.deleteMany({ workflowId: req.params.id });
+  res.json({ success: true });
+});
+// Get executions
+router.get('/:id/runs', async (req, res) => {
+  const executions = await WorkflowExecution.find({ workflowId: req.params.id }).sort('-executedAt').limit(50);
+  res.json(executions);
+});
+// Test execution
+router.post('/:id/test', async (req, res) => {
+  try {
+    const initialContext = {
+      body: req.body.body || {},
+      query: req.body.query || {},
+      headers: req.body.headers || {},
+      method: req.body.method || 'POST'
+    };
+    const service = await workflowService.execute(req.params.id, initialContext);
+    res.json({
+      status: service.status,
+      log: service.executionLog,
+      context: service.context
+    });
+  } catch (err) {
+    res.status(500).json({ error: err.message });
+  }
+});
+// Isolated node test
+router.post('/:id/nodes/:nodeId/test', async (req, res) => {
+  try {
+    const { WorkflowService } = require('../services/workflow.service');
+    const Workflow = require('../models/Workflow');
+    const workflow = await Workflow.findById(req.params.id);
+    if (!workflow) return res.status(404).json({ error: 'Workflow not found' });
+    // Use dirty node data from request body if provided, otherwise fallback to DB
+    const node = req.body.node || workflow.nodes.find(n => n.id === req.params.nodeId);
+    if (!node) return res.status(404).json({ error: 'Node not found' });
+    const service = new WorkflowService(req.params.id);
+    // Standard runNode logic but with the provided node object
+    service.context = {
+      ...req.body.context,
+      entrypoint: req.body.context?.entrypoint || workflow.testDataset || {},
+      payload: req.body.context?.payload || workflow.testDataset || {},
+      nodes: req.body.context?.nodes || {},
+      lastNode: req.body.context?.lastNode || workflow.testDataset || {},
+      env: process.env
+    };
+    const result = await service.executeNode(node);
+    // Persist result in the node's testResult field in DB
+    const nodeIndex = workflow.nodes.findIndex(n => n.id === req.params.nodeId);
+    if (nodeIndex !== -1) {
+      workflow.nodes[nodeIndex].testResult = result;
+      workflow.markModified('nodes');
+      await workflow.save();
+    }
+    res.json({ result, context: service.context });
+  } catch (err) {
+    res.status(500).json({ error: err.message });
+  }
+});
+module.exports = router;

package/src/services/assets.service.js ADDED Viewed

@@ -0,0 +1,110 @@
+const Asset = require('../models/Asset');
+const objectStorage = require('./objectStorage.service');
+async function getAssetById(id, { status = 'uploaded' } = {}) {
+  const asset = await Asset.findById(id);
+  if (!asset) {
+    const err = new Error('Asset not found');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+  if (status && asset.status !== status) {
+    const err = new Error('Asset not found');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+  return asset.toObject();
+}
+async function getAssetByKey(key, { status = 'uploaded' } = {}) {
+  const asset = await Asset.findOne({ key: String(key || '').trim() });
+  if (!asset) {
+    const err = new Error('Asset not found');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+  if (status && asset.status !== status) {
+    const err = new Error('Asset not found');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+  return asset.toObject();
+}
+async function listAssets({
+  namespace,
+  tag,
+  visibility,
+  status = 'uploaded',
+  page = 1,
+  limit = 50,
+} = {}) {
+  const normalizedLimit = Math.min(100, Math.max(1, Number(limit) || 50));
+  const normalizedPage = Math.max(1, Number(page) || 1);
+  const skip = (normalizedPage - 1) * normalizedLimit;
+  const filter = {};
+  if (status) filter.status = status;
+  if (namespace) filter.namespace = String(namespace);
+  if (visibility) filter.visibility = String(visibility);
+  if (tag) filter.tags = String(tag).trim().toLowerCase();
+  const [assets, total] = await Promise.all([
+    Asset.find(filter).sort({ createdAt: -1 }).skip(skip).limit(normalizedLimit).lean(),
+    Asset.countDocuments(filter),
+  ]);
+  return {
+    assets,
+    pagination: {
+      page: normalizedPage,
+      limit: normalizedLimit,
+      total,
+      pages: Math.ceil(total / normalizedLimit),
+    },
+  };
+}
+async function getAssetBytesById(id, { status = 'uploaded' } = {}) {
+  const asset = await getAssetById(id, { status });
+  const result = await objectStorage.getObject({ key: asset.key });
+  if (!result || !result.body) {
+    const err = new Error('File not found in storage');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+  return {
+    asset,
+    contentType: result.contentType || asset.contentType,
+    body: result.body,
+  };
+}
+async function getAssetBytesByKey(key, { status = 'uploaded' } = {}) {
+  const asset = await getAssetByKey(key, { status });
+  const result = await objectStorage.getObject({ key: asset.key });
+  if (!result || !result.body) {
+    const err = new Error('File not found in storage');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+  return {
+    asset,
+    contentType: result.contentType || asset.contentType,
+    body: result.body,
+  };
+}
+module.exports = {
+  getAssetById,
+  getAssetByKey,
+  listAssets,
+  getAssetBytesById,
+  getAssetBytesByKey,
+};

package/src/services/audit.service.js ADDED Viewed

@@ -0,0 +1,62 @@
+const AuditEvent = require('../models/AuditEvent');
+const webhookService = require('./webhook.service');
+async function createAuditEvent({
+  actorType,
+  actorId,
+  action,
+  entityType,
+  entityId,
+  before,
+  after,
+  meta,
+}) {
+  try {
+    await AuditEvent.create({
+      actorType,
+      actorId,
+      action,
+      entityType,
+      entityId,
+      before,
+      after,
+      meta,
+    });
+    // Trigger Webhooks for critical events or all audit events
+    // Assuming organizationId is available in meta or can be inferred
+    const organizationId = meta?.organizationId || meta?.orgId;
+    if (organizationId) {
+      webhookService.emit('audit.event', {
+        action,
+        entityType,
+        entityId,
+        actorType,
+        actorId,
+        timestamp: new Date().toISOString()
+      }, organizationId);
+    }
+  } catch (error) {
+    console.error('Error creating audit event:', error);
+  }
+}
+function getBasicAuthActor(req) {
+  const authHeader = req.headers.authorization;
+  if (!authHeader || !authHeader.startsWith('Basic ')) {
+    return { actorType: 'admin', actorId: null };
+  }
+  try {
+    const credentials = Buffer.from(authHeader.substring(6), 'base64').toString('utf-8');
+    const [username] = credentials.split(':');
+    return { actorType: 'admin', actorId: username || null };
+  } catch (e) {
+    return { actorType: 'admin', actorId: null };
+  }
+}
+module.exports = {
+  createAuditEvent,
+  getBasicAuthActor,
+};

package/src/services/auditLogger.js ADDED Viewed

@@ -0,0 +1,165 @@
+const AuditEvent = require('../models/AuditEvent');
+const SENSITIVE_KEYS = [
+  'password',
+  'token',
+  'secret',
+  'authorization',
+  'cookie',
+  'apikey',
+  'api_key',
+  'accesstoken',
+  'refreshtoken',
+  'passwordhash',
+];
+async function getConfig() {
+  return {
+    auditTrackingEnabled: process.env.AUDIT_TRACKING_ENABLED !== 'false',
+    auditLogFailedAttempts: process.env.AUDIT_LOG_FAILED_ATTEMPTS !== 'false',
+    auditRetentionDays: parseInt(process.env.AUDIT_RETENTION_DAYS, 10) || 90,
+  };
+}
+function scrubValue(key, value) {
+  const lowerKey = String(key).toLowerCase();
+  for (const sensitive of SENSITIVE_KEYS) {
+    if (lowerKey.includes(sensitive)) {
+      return '[REDACTED]';
+    }
+  }
+  return value;
+}
+function scrubObject(obj, depth = 0) {
+  if (depth > 5 || !obj || typeof obj !== 'object') return obj;
+  if (Array.isArray(obj)) {
+    return obj.slice(0, 10).map((item) => scrubObject(item, depth + 1));
+  }
+  const result = {};
+  for (const [key, value] of Object.entries(obj)) {
+    if (typeof value === 'object' && value !== null) {
+      result[key] = scrubObject(value, depth + 1);
+    } else {
+      result[key] = scrubValue(key, value);
+    }
+  }
+  return result;
+}
+function extractContext(req) {
+  if (!req) return {};
+  return {
+    ip: req.ip || req.headers?.['x-forwarded-for']?.split(',')[0]?.trim() || req.connection?.remoteAddress,
+    userAgent: req.headers?.['user-agent']?.slice(0, 500),
+    requestId: req.headers?.['x-request-id'] || req.requestId,
+    path: req.path || req.url,
+    method: req.method,
+  };
+}
+function extractActor(req) {
+  if (!req) {
+    return { actorType: 'system', actorId: null };
+  }
+  if (req.user) {
+    return {
+      actorType: 'user',
+      actorId: String(req.user._id || req.user.id),
+    };
+  }
+  const authHeader = req.headers?.authorization || '';
+  if (authHeader.startsWith('Basic ')) {
+    try {
+      const credentials = Buffer.from(authHeader.substring(6), 'base64').toString('utf-8');
+      const [username] = credentials.split(':');
+      return { actorType: 'admin', actorId: username || null };
+    } catch (e) {
+      return { actorType: 'admin', actorId: null };
+    }
+  }
+  return { actorType: 'system', actorId: null };
+}
+async function logAudit(event) {
+  try {
+    const config = await getConfig();
+    if (!config.auditTrackingEnabled) {
+      return null;
+    }
+    if (event.outcome === 'failure' && !config.auditLogFailedAttempts) {
+      return null;
+    }
+    const actor = event.actor || extractActor(event.req);
+    const context = event.context || extractContext(event.req);
+    const auditEvent = await AuditEvent.create({
+      actorType: actor.actorType || 'system',
+      actorId: actor.actorId || null,
+      action: event.action,
+      entityType: event.entityType || event.targetType || 'unknown',
+      entityId: event.entityId || event.targetId || null,
+      before: event.before || null,
+      after: event.after || null,
+      meta: scrubObject({
+        ...(event.meta || {}),
+        outcome: event.outcome || 'success',
+        context,
+        details: scrubObject(event.details || {}),
+      }),
+      outcome: event.outcome || 'success',
+      context,
+      targetType: event.targetType || event.entityType,
+      targetId: event.targetId || event.entityId,
+    });
+    return auditEvent;
+  } catch (err) {
+    try {
+      console.log('[AuditLogger] Failed to log audit:', err.message);
+    } catch (e) {
+      // ignore
+    }
+    return null;
+  }
+}
+function logAuditSync(event) {
+  setImmediate(() => {
+    logAudit(event).catch(() => {});
+  });
+}
+function auditMiddleware(action, options = {}) {
+  return (req, res, next) => {
+    const originalEnd = res.end;
+    res.end = function (...args) {
+      const outcome = res.statusCode >= 400 ? 'failure' : 'success';
+      logAuditSync({
+        req,
+        action,
+        outcome,
+        entityType: options.entityType || options.targetType,
+        entityId: options.getEntityId ? options.getEntityId(req) : (req.params?.id || req.params?.key),
+        details: options.getDetails ? options.getDetails(req, res) : undefined,
+      });
+      return originalEnd.apply(this, args);
+    };
+    next();
+  };
+}
+module.exports = {
+  logAudit,
+  logAuditSync,
+  auditMiddleware,
+  getConfig,
+  extractActor,
+  extractContext,
+  scrubObject,
+};