npm - @intranefr/superbackend - Versions diffs - 1.4.3 - Mend

@intranefr/superbackend 1.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (188) hide show

package/.commiat +4 -0
package/.env.example +47 -0
package/README.md +110 -0
package/index.js +94 -0
package/package.json +67 -0
package/public/css/styles.css +139 -0
package/public/js/animations.js +41 -0
package/sdk/error-tracking/browser/package.json +16 -0
package/sdk/error-tracking/browser/src/core.js +270 -0
package/sdk/error-tracking/browser/src/embed.js +18 -0
package/sdk/error-tracking/browser/src/index.js +1 -0
package/server.js +5 -0
package/src/admin/endpointRegistry.js +300 -0
package/src/controllers/admin.controller.js +321 -0
package/src/controllers/adminAssets.controller.js +530 -0
package/src/controllers/adminAssetsStorage.controller.js +260 -0
package/src/controllers/adminEjsVirtual.controller.js +354 -0
package/src/controllers/adminFeatureFlags.controller.js +155 -0
package/src/controllers/adminHeadless.controller.js +1071 -0
package/src/controllers/adminI18n.controller.js +604 -0
package/src/controllers/adminJsonConfigs.controller.js +97 -0
package/src/controllers/adminLlm.controller.js +273 -0
package/src/controllers/adminMigration.controller.js +257 -0
package/src/controllers/adminSeoConfig.controller.js +515 -0
package/src/controllers/adminStats.controller.js +121 -0
package/src/controllers/adminUploadNamespaces.controller.js +208 -0
package/src/controllers/assets.controller.js +248 -0
package/src/controllers/auth.controller.js +93 -0
package/src/controllers/billing.controller.js +223 -0
package/src/controllers/featureFlags.controller.js +35 -0
package/src/controllers/forms.controller.js +217 -0
package/src/controllers/globalSettings.controller.js +252 -0
package/src/controllers/headlessCrud.controller.js +126 -0
package/src/controllers/i18n.controller.js +12 -0
package/src/controllers/invite.controller.js +249 -0
package/src/controllers/jsonConfigs.controller.js +19 -0
package/src/controllers/metrics.controller.js +149 -0
package/src/controllers/notificationAdmin.controller.js +264 -0
package/src/controllers/notifications.controller.js +131 -0
package/src/controllers/org.controller.js +357 -0
package/src/controllers/orgAdmin.controller.js +491 -0
package/src/controllers/stripeAdmin.controller.js +410 -0
package/src/controllers/user.controller.js +361 -0
package/src/controllers/userAdmin.controller.js +277 -0
package/src/controllers/waitingList.controller.js +167 -0
package/src/controllers/webhook.controller.js +200 -0
package/src/middleware/auth.js +66 -0
package/src/middleware/errorCapture.js +170 -0
package/src/middleware/headlessApiTokenAuth.js +57 -0
package/src/middleware/org.js +108 -0
package/src/middleware.js +901 -0
package/src/models/ActionEvent.js +31 -0
package/src/models/ActivityLog.js +41 -0
package/src/models/Asset.js +84 -0
package/src/models/AuditEvent.js +93 -0
package/src/models/EmailLog.js +28 -0
package/src/models/ErrorAggregate.js +72 -0
package/src/models/FormSubmission.js +41 -0
package/src/models/GlobalSetting.js +38 -0
package/src/models/HeadlessApiToken.js +24 -0
package/src/models/HeadlessModelDefinition.js +41 -0
package/src/models/I18nEntry.js +77 -0
package/src/models/I18nLocale.js +33 -0
package/src/models/Invite.js +70 -0
package/src/models/JsonConfig.js +46 -0
package/src/models/Notification.js +60 -0
package/src/models/Organization.js +57 -0
package/src/models/OrganizationMember.js +43 -0
package/src/models/StripeCatalogItem.js +77 -0
package/src/models/StripeWebhookEvent.js +57 -0
package/src/models/User.js +89 -0
package/src/models/VirtualEjsFile.js +60 -0
package/src/models/VirtualEjsFileVersion.js +43 -0
package/src/models/VirtualEjsGroupChange.js +32 -0
package/src/models/WaitingList.js +41 -0
package/src/models/Webhook.js +63 -0
package/src/models/Workflow.js +29 -0
package/src/models/WorkflowExecution.js +12 -0
package/src/routes/admin.routes.js +26 -0
package/src/routes/adminAssets.routes.js +28 -0
package/src/routes/adminAssetsStorage.routes.js +13 -0
package/src/routes/adminAudit.routes.js +196 -0
package/src/routes/adminEjsVirtual.routes.js +17 -0
package/src/routes/adminErrors.routes.js +164 -0
package/src/routes/adminFeatureFlags.routes.js +12 -0
package/src/routes/adminHeadless.routes.js +38 -0
package/src/routes/adminI18n.routes.js +22 -0
package/src/routes/adminJsonConfigs.routes.js +15 -0
package/src/routes/adminLlm.routes.js +12 -0
package/src/routes/adminMigration.routes.js +81 -0
package/src/routes/adminSeoConfig.routes.js +20 -0
package/src/routes/adminUploadNamespaces.routes.js +13 -0
package/src/routes/assets.routes.js +21 -0
package/src/routes/auth.routes.js +12 -0
package/src/routes/billing.routes.js +11 -0
package/src/routes/errorTracking.routes.js +31 -0
package/src/routes/featureFlags.routes.js +9 -0
package/src/routes/forms.routes.js +9 -0
package/src/routes/formsAdmin.routes.js +13 -0
package/src/routes/globalSettings.routes.js +18 -0
package/src/routes/headless.routes.js +15 -0
package/src/routes/i18n.routes.js +8 -0
package/src/routes/invite.routes.js +9 -0
package/src/routes/jsonConfigs.routes.js +8 -0
package/src/routes/log.routes.js +111 -0
package/src/routes/metrics.routes.js +9 -0
package/src/routes/notificationAdmin.routes.js +15 -0
package/src/routes/notifications.routes.js +12 -0
package/src/routes/org.routes.js +31 -0
package/src/routes/orgAdmin.routes.js +20 -0
package/src/routes/publicAssets.routes.js +7 -0
package/src/routes/stripeAdmin.routes.js +20 -0
package/src/routes/user.routes.js +22 -0
package/src/routes/userAdmin.routes.js +15 -0
package/src/routes/waitingList.routes.js +13 -0
package/src/routes/waitingListAdmin.routes.js +9 -0
package/src/routes/webhook.routes.js +32 -0
package/src/routes/workflowWebhook.routes.js +54 -0
package/src/routes/workflows.routes.js +110 -0
package/src/services/assets.service.js +110 -0
package/src/services/audit.service.js +62 -0
package/src/services/auditLogger.js +165 -0
package/src/services/ejsVirtual.service.js +614 -0
package/src/services/email.service.js +351 -0
package/src/services/errorLogger.js +221 -0
package/src/services/featureFlags.service.js +202 -0
package/src/services/forms.service.js +214 -0
package/src/services/globalSettings.service.js +49 -0
package/src/services/headlessApiTokens.service.js +158 -0
package/src/services/headlessCrypto.service.js +31 -0
package/src/services/headlessModels.service.js +356 -0
package/src/services/i18n.service.js +314 -0
package/src/services/i18nInferredKeys.service.js +337 -0
package/src/services/jsonConfigs.service.js +392 -0
package/src/services/llm.service.js +749 -0
package/src/services/migration.service.js +581 -0
package/src/services/migrationAssets/fsLocal.js +58 -0
package/src/services/migrationAssets/index.js +134 -0
package/src/services/migrationAssets/s3.js +75 -0
package/src/services/migrationAssets/sftp.js +92 -0
package/src/services/notification.service.js +212 -0
package/src/services/objectStorage.service.js +514 -0
package/src/services/seoConfig.service.js +402 -0
package/src/services/storage.js +150 -0
package/src/services/stripe.service.js +185 -0
package/src/services/stripeHelper.service.js +264 -0
package/src/services/uploadNamespaces.service.js +326 -0
package/src/services/webhook.service.js +157 -0
package/src/services/workflow.service.js +271 -0
package/src/utils/asyncHandler.js +5 -0
package/src/utils/encryption.js +80 -0
package/src/utils/jwt.js +40 -0
package/src/utils/orgRoles.js +156 -0
package/src/utils/validation.js +26 -0
package/src/utils/webhookRetry.js +93 -0
package/views/admin-assets.ejs +444 -0
package/views/admin-audit.ejs +283 -0
package/views/admin-coolify-deploy.ejs +207 -0
package/views/admin-dashboard-home.ejs +291 -0
package/views/admin-dashboard.ejs +397 -0
package/views/admin-ejs-virtual.ejs +280 -0
package/views/admin-errors.ejs +368 -0
package/views/admin-feature-flags.ejs +390 -0
package/views/admin-forms.ejs +526 -0
package/views/admin-global-settings.ejs +436 -0
package/views/admin-headless.ejs +2020 -0
package/views/admin-i18n-locales.ejs +221 -0
package/views/admin-i18n.ejs +728 -0
package/views/admin-json-configs.ejs +410 -0
package/views/admin-llm.ejs +884 -0
package/views/admin-metrics.ejs +274 -0
package/views/admin-migration.ejs +814 -0
package/views/admin-notifications.ejs +430 -0
package/views/admin-organizations.ejs +984 -0
package/views/admin-seo-config.ejs +673 -0
package/views/admin-stripe-pricing.ejs +558 -0
package/views/admin-test.ejs +342 -0
package/views/admin-users.ejs +452 -0
package/views/admin-waiting-list.ejs +547 -0
package/views/admin-webhooks.ejs +329 -0
package/views/admin-workflows.ejs +310 -0
package/views/partials/admin-assets-script.ejs +2022 -0
package/views/partials/admin-test-sidebar.ejs +14 -0
package/views/partials/dashboard/nav-items.ejs +66 -0
package/views/partials/dashboard/palette.ejs +63 -0
package/views/partials/dashboard/sidebar.ejs +21 -0
package/views/partials/dashboard/tab-bar.ejs +26 -0
package/views/partials/footer.ejs +3 -0

package/views/admin-global-settings.ejs ADDED Viewed

@@ -0,0 +1,436 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Global Settings - Admin</title>
+  <script src="https://cdn.tailwindcss.com"></script>
+  <style>
+    .toast {
+      animation: slideIn 0.3s ease-out;
+    }
+    @keyframes slideIn {
+      from { transform: translateX(100%); opacity: 0; }
+      to { transform: translateX(0); opacity: 1; }
+    }
+    .fade-out {
+      animation: fadeOut 0.3s ease-out forwards;
+    }
+    @keyframes fadeOut {
+      from { opacity: 1; }
+      to { opacity: 0; }
+    }
+  </style>
+</head>
+<body class="bg-gray-100">
+  <div class="min-h-screen">
+    <!-- Header -->
+    <div class="bg-white shadow">
+      <div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-4">
+        <div class="flex justify-between items-center">
+          <div>
+            <h1 class="text-2xl font-bold text-gray-900">Global Settings Manager</h1>
+            <p class="text-sm text-gray-600 mt-1">Configure system-wide settings for SaaSBackend</p>
+          </div>
+        </div>
+      </div>
+    </div>
+    <!-- Main Content -->
+    <div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8">
+      <!-- Actions Bar -->
+      <div class="mb-6 flex justify-between items-center">
+        <button onclick="loadSettings()" class="bg-blue-500 text-white px-4 py-2 rounded hover:bg-blue-600 flex items-center">
+          <svg class="w-4 h-4 mr-2" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 4v5h.582m15.356 2A8.001 8.001 0 004.582 9m0 0H9m11 11v-5h-.581m0 0a8.003 8.003 0 01-15.357-2m15.357 2H15"></path>
+          </svg>
+          Refresh
+        </button>
+        <button onclick="showCreateModal()" class="bg-green-500 text-white px-4 py-2 rounded hover:bg-green-600 flex items-center">
+          <svg class="w-4 h-4 mr-2" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 4v16m8-8H4"></path>
+          </svg>
+          New Setting
+        </button>
+      </div>
+      <!-- Settings Grid -->
+      <div id="settings-container" class="grid grid-cols-1 gap-6">
+        <div class="text-center py-12">
+          <p class="text-gray-600">Loading settings...</p>
+        </div>
+      </div>
+      <!-- Predefined Settings Info -->
+      <div class="mt-8 bg-blue-50 border-l-4 border-blue-500 p-4">
+        <h3 class="font-semibold text-blue-900 mb-2">📋 Available Setting Keys</h3>
+        <div class="text-sm text-blue-800 space-y-2">
+          <p><strong>RESEND_API_KEY</strong> (string) - API key for Resend email service</p>
+          <p><strong>EMAIL_FROM</strong> (string) - Default "From" address for emails (e.g., "SaaSBackend &lt;no-reply@yourdomain.com&gt;")</p>
+          <p><strong>FRONTEND_URL</strong> (string) - Frontend application URL (e.g., "https://app.saasbackend.com")</p>
+          <p><strong>EMAIL_PASSWORD_RESET_SUBJECT</strong> (string) - Subject line for password reset emails</p>
+          <p><strong>EMAIL_PASSWORD_RESET_HTML</strong> (html) - HTML template for password reset emails</p>
+          <p class="pl-4 text-blue-700">Available variables: <code class="bg-blue-100 px-1 rounded">{{resetUrl}}</code></p>
+        </div>
+      </div>
+    </div>
+  </div>
+  <!-- Toast Container -->
+  <div id="toast-container" class="fixed top-4 right-4 space-y-2 z-50"></div>
+  <!-- Edit Modal -->
+  <div id="edit-modal" class="hidden fixed inset-0 bg-gray-600 bg-opacity-50 overflow-y-auto h-full w-full z-50">
+    <div class="relative top-20 mx-auto p-5 border w-full max-w-2xl shadow-lg rounded-md bg-white">
+      <div class="flex justify-between items-center mb-4">
+        <h3 class="text-xl font-bold" id="modal-title">Edit Setting</h3>
+        <button onclick="closeModal()" class="text-gray-400 hover:text-gray-600">
+          <svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12"></path>
+          </svg>
+        </button>
+      </div>
+      <form id="edit-form" onsubmit="handleSubmit(event)">
+        <input type="hidden" id="edit-key">
+        <input type="hidden" id="edit-mode">
+        <div class="mb-4" id="key-input-container">
+          <label class="block text-sm font-medium mb-2">Key *</label>
+          <input type="text" id="new-key" class="w-full border rounded px-3 py-2" required>
+        </div>
+        <div class="mb-4">
+          <label class="block text-sm font-medium mb-2">Value *</label>
+          <textarea id="edit-value" class="w-full border rounded px-3 py-2" rows="6" required></textarea>
+        </div>
+        <div class="mb-4" id="type-input-container">
+          <label class="block text-sm font-medium mb-2">Type *</label>
+          <select id="edit-type" class="w-full border rounded px-3 py-2">
+            <option value="string">String</option>
+            <option value="html">HTML</option>
+            <option value="boolean">Boolean</option>
+            <option value="json">JSON</option>
+            <option value="number">Number</option>
+            <option value="encrypted">Encrypted</option>
+          </select>
+        </div>
+        <div class="mb-4" id="desc-input-container">
+          <label class="block text-sm font-medium mb-2">Description *</label>
+          <input type="text" id="edit-description" class="w-full border rounded px-3 py-2" required>
+        </div>
+        <div class="mb-4" id="vars-input-container">
+          <label class="block text-sm font-medium mb-2">Template Variables (comma-separated)</label>
+          <input type="text" id="edit-template-vars" class="w-full border rounded px-3 py-2" placeholder="e.g., resetUrl, username">
+          <p class="text-xs text-gray-500 mt-1">Variables that can be used in templates like {{resetUrl}}</p>
+        </div>
+        <div class="mb-4" id="public-input-container">
+          <label class="flex items-center">
+            <input type="checkbox" id="edit-public" class="mr-2">
+            <span class="text-sm font-medium">Public (accessible without authentication)</span>
+          </label>
+          <p class="text-xs text-gray-500 mt-1">Public settings can be accessed via GET /api/admin/settings/public</p>
+        </div>
+        <div class="flex justify-end space-x-2">
+          <button type="button" onclick="closeModal()" class="px-4 py-2 bg-gray-300 text-gray-700 rounded hover:bg-gray-400">
+            Cancel
+          </button>
+          <button type="submit" class="px-4 py-2 bg-blue-500 text-white rounded hover:bg-blue-600">
+            Save
+          </button>
+        </div>
+      </form>
+    </div>
+  </div>
+  <script>
+    const BASE_PATH = "<%= (typeof baseUrl !== 'undefined' && baseUrl) ? baseUrl : '' %>";
+    const API_BASE = window.location.origin + (BASE_PATH || '');
+    let allSettings = [];
+    function showToast(message, type = 'success') {
+      const container = document.getElementById('toast-container');
+      const toast = document.createElement('div');
+      toast.className = `toast px-6 py-4 rounded-lg shadow-lg text-white ${
+        type === 'success' ? 'bg-green-500' : 'bg-red-500'
+      }`;
+      toast.textContent = message;
+      container.appendChild(toast);
+      setTimeout(() => {
+        toast.classList.add('fade-out');
+        setTimeout(() => toast.remove(), 300);
+      }, 3000);
+    }
+    async function loadSettings() {
+      try {
+        const response = await fetch(`${API_BASE}/api/admin/settings`);
+        if (!response.ok) throw new Error('Failed to load settings');
+        allSettings = await response.json();
+        renderSettings();
+        showToast('Settings loaded successfully');
+      } catch (error) {
+        showToast(error.message, 'error');
+        document.getElementById('settings-container').innerHTML = `
+          <div class="text-center py-12 text-red-600">
+            <p>Error loading settings: ${error.message}</p>
+          </div>
+        `;
+      }
+    }
+    function renderSettings() {
+      const container = document.getElementById('settings-container');
+      if (allSettings.length === 0) {
+        container.innerHTML = `
+          <div class="text-center py-12">
+            <p class="text-gray-600">No settings found. Create your first setting!</p>
+          </div>
+        `;
+        return;
+      }
+      container.innerHTML = allSettings.map(setting => `
+        <div class="bg-white rounded-lg shadow p-6">
+          <div class="flex justify-between items-start mb-4">
+            <div class="flex-1">
+              <div class="flex items-center space-x-2 mb-2">
+                <h3 class="text-lg font-bold text-gray-900">${setting.key}</h3>
+                <span class="px-2 py-1 text-xs rounded bg-gray-200 text-gray-700">${setting.type}</span>
+                ${setting.public ? '<span class="px-2 py-1 text-xs rounded bg-green-100 text-green-700">🌍 Public</span>' : '<span class="px-2 py-1 text-xs rounded bg-gray-100 text-gray-600">🔒 Private</span>'}
+              </div>
+              <p class="text-sm text-gray-600 mb-3">${setting.description}</p>
+              ${setting.templateVariables && setting.templateVariables.length > 0 ? `
+                <p class="text-xs text-blue-600 mb-2">
+                  Available variables: ${setting.templateVariables.map(v => `<code class="bg-blue-50 px-1 rounded">{{${v}}}</code>`).join(', ')}
+                </p>
+              ` : ''}
+            </div>
+            <div class="flex space-x-2 ml-4">
+              <button onclick="editSetting('${setting.key}')" class="text-blue-600 hover:text-blue-800">
+                <svg class="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+                  <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M11 5H6a2 2 0 00-2 2v11a2 2 0 002 2h11a2 2 0 002-2v-5m-1.414-9.414a2 2 0 112.828 2.828L11.828 15H9v-2.828l8.586-8.586z"></path>
+                </svg>
+              </button>
+              ${setting.type === 'encrypted' ? `
+                <button onclick="revealSetting('${setting.key}')" class="text-gray-600 hover:text-gray-800" title="Reveal value">
+                  <svg class="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M15 12a3 3 0 11-6 0 3 3 0 016 0z" />
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M2.458 12C3.732 7.943 7.523 5 12 5c4.477 0 8.268 2.943 9.542 7-1.274 4.057-5.065 7-9.542 7-4.477 0-8.268-2.943-9.542-7z" />
+                  </svg>
+                </button>
+              ` : ''}
+              <button onclick="deleteSetting('${setting.key}')" class="text-red-600 hover:text-red-800">
+                <svg class="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+                  <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M19 7l-.867 12.142A2 2 0 0116.138 21H7.862a2 2 0 01-1.995-1.858L5 7m5 4v6m4-6v6m1-10V4a1 1 0 00-1-1h-4a1 1 0 00-1 1v3M4 7h16"></path>
+                </svg>
+              </button>
+            </div>
+          </div>
+          <div class="bg-gray-50 rounded p-3">
+            <p class="text-xs text-gray-500 mb-1">Current Value:</p>
+            ${(() => {
+              const displayValue = setting.decryptedValue ?? setting.value;
+              const safeText = escapeHtml(displayValue);
+              const attrValue = escapeAttribute(displayValue);
+              return `
+                <pre class="text-sm text-gray-800 overflow-auto max-h-40">${safeText}</pre>
+                <button data-value="${attrValue}" onclick="copyToClipboard(this.dataset.value)" class="text-blue-600 hover:text-blue-800">
+              `;
+            })()}
+              <svg class="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M8 5H6a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2v-1M8 5a2 2 0 002 2h2a2 2 0 002-2M8 5a2 2 0 012-2h2a2 2 0 012 2m0 0h2a2 2 0 012 2v3m2 4H10m0 0l3-3m-3 3l3 3"></path>
+              </svg>
+            </button>
+          </div>
+        </div>
+      `).join('');
+    }
+    function escapeHtml(text) {
+      const div = document.createElement('div');
+      div.textContent = text;
+      return div.innerHTML;
+    }
+    function escapeAttribute(value) {
+      return String(value)
+        .replace(/&/g, '&amp;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#39;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;');
+    }
+    async function revealSetting(key) {
+      try {
+        const response = await fetch(`${API_BASE}/api/admin/settings/${key}/reveal`);
+        if (!response.ok) {
+          const data = await response.json();
+          throw new Error(data.error || 'Failed to reveal setting');
+        }
+        const data = await response.json();
+        const matching = allSettings.find(s => s.key === key);
+        if (matching) {
+          matching.decryptedValue = data.value;
+        }
+        renderSettings();
+        showToast(`Revealed value for ${key}`);
+      } catch (error) {
+        showToast(error.message, 'error');
+      }
+    }
+    function copyToClipboard(text) {
+      if (!navigator.clipboard) {
+        const textarea = document.createElement('textarea');
+        textarea.value = text;
+        textarea.style.position = 'fixed';
+        document.body.appendChild(textarea);
+        textarea.focus();
+        textarea.select();
+        try {
+          document.execCommand('copy');
+          showToast('Copied to clipboard');
+        } catch (e) {
+          showToast('Failed to copy', 'error');
+        } finally {
+          document.body.removeChild(textarea);
+        }
+        return;
+      }
+      navigator.clipboard.writeText(text)
+        .then(() => showToast('Copied to clipboard'))
+        .catch(() => showToast('Failed to copy', 'error'));
+    }
+    function showCreateModal() {
+      document.getElementById('modal-title').textContent = 'Create New Setting';
+      document.getElementById('edit-mode').value = 'create';
+      document.getElementById('new-key').value = '';
+      document.getElementById('edit-value').value = '';
+      document.getElementById('edit-type').value = 'string';
+      document.getElementById('edit-description').value = '';
+      document.getElementById('edit-template-vars').value = '';
+      document.getElementById('edit-public').checked = false;
+      document.getElementById('key-input-container').style.display = 'block';
+      document.getElementById('type-input-container').style.display = 'block';
+      document.getElementById('desc-input-container').style.display = 'block';
+      document.getElementById('vars-input-container').style.display = 'block';
+      document.getElementById('public-input-container').style.display = 'block';
+      document.getElementById('edit-modal').classList.remove('hidden');
+    }
+    function editSetting(key) {
+      const setting = allSettings.find(s => s.key === key);
+      if (!setting) return;
+      document.getElementById('modal-title').textContent = 'Edit Setting';
+      document.getElementById('edit-mode').value = 'edit';
+      document.getElementById('edit-key').value = key;
+      document.getElementById('edit-value').value = setting.value;
+      document.getElementById('key-input-container').style.display = 'none';
+      document.getElementById('type-input-container').style.display = 'none';
+      document.getElementById('desc-input-container').style.display = 'none';
+      document.getElementById('vars-input-container').style.display = 'none';
+      document.getElementById('public-input-container').style.display = 'none';
+      document.getElementById('edit-modal').classList.remove('hidden');
+    }
+    function closeModal() {
+      document.getElementById('edit-modal').classList.add('hidden');
+    }
+    async function handleSubmit(event) {
+      event.preventDefault();
+      const mode = document.getElementById('edit-mode').value;
+      const value = document.getElementById('edit-value').value;
+      try {
+        let response;
+        if (mode === 'create') {
+          const key = document.getElementById('new-key').value;
+          const type = document.getElementById('edit-type').value;
+          const description = document.getElementById('edit-description').value;
+          const isPublic = document.getElementById('edit-public').checked;
+          const templateVars = document.getElementById('edit-template-vars').value
+            .split(',')
+            .map(v => v.trim())
+            .filter(v => v);
+          response = await fetch(`${API_BASE}/api/admin/settings`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ key, value, type, description, templateVariables: templateVars, public: isPublic })
+          });
+        } else {
+          const key = document.getElementById('edit-key').value;
+          response = await fetch(`${API_BASE}/api/admin/settings/${key}`, {
+            method: 'PUT',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ value })
+          });
+        }
+        if (!response.ok) {
+          const data = await response.json();
+          throw new Error(data.error || 'Operation failed');
+        }
+        showToast(mode === 'create' ? 'Setting created successfully' : 'Setting updated successfully');
+        closeModal();
+        await loadSettings();
+      } catch (error) {
+        showToast(error.message, 'error');
+      }
+    }
+    async function deleteSetting(key) {
+      if (!confirm(`Are you sure you want to delete the setting "${key}"? This action cannot be undone.`)) {
+        return;
+      }
+      try {
+        const response = await fetch(`${API_BASE}/api/admin/settings/${key}`, {
+          method: 'DELETE'
+        });
+        if (!response.ok) {
+          const data = await response.json();
+          throw new Error(data.error || 'Failed to delete setting');
+        }
+        showToast('Setting deleted successfully');
+        await loadSettings();
+      } catch (error) {
+        showToast(error.message, 'error');
+      }
+    }
+    // Load settings on page load
+    loadSettings();
+  </script>
+<script>
+  window.addEventListener("keydown", (e) => {
+    if ((e.ctrlKey || e.metaKey) && e.key === "k") {
+      e.preventDefault();
+      window.parent.postMessage({ type: "keydown", ctrlK: true }, "*");
+    }
+  });
+</script>
+</body>
+</html>