npm - @intranefr/superbackend - Versions diffs - 1.4.4 → 1.5.1 - Mend

@intranefr/superbackend 1.4.4 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (195) hide show

package/.env.example +5 -0
package/README.md +11 -0
package/index.js +39 -1
package/package.json +11 -3
package/public/sdk/ui-components.iife.js +191 -0
package/sdk/ui-components/browser/src/index.js +228 -0
package/src/admin/endpointRegistry.js +120 -0
package/src/controllers/admin.controller.js +111 -5
package/src/controllers/adminBlockDefinitions.controller.js +127 -0
package/src/controllers/adminBlockDefinitionsAi.controller.js +54 -0
package/src/controllers/adminCache.controller.js +342 -0
package/src/controllers/adminContextBlockDefinitions.controller.js +141 -0
package/src/controllers/adminCrons.controller.js +388 -0
package/src/controllers/adminDbBrowser.controller.js +124 -0
package/src/controllers/adminEjsVirtual.controller.js +13 -3
package/src/controllers/adminHeadless.controller.js +91 -2
package/src/controllers/adminHealthChecks.controller.js +570 -0
package/src/controllers/adminI18n.controller.js +51 -29
package/src/controllers/adminLlm.controller.js +126 -2
package/src/controllers/adminPages.controller.js +720 -0
package/src/controllers/adminPagesContextBlocksAi.controller.js +54 -0
package/src/controllers/adminProxy.controller.js +113 -0
package/src/controllers/adminRateLimits.controller.js +138 -0
package/src/controllers/adminRbac.controller.js +803 -0
package/src/controllers/adminScripts.controller.js +320 -0
package/src/controllers/adminSeoConfig.controller.js +71 -48
package/src/controllers/adminTerminals.controller.js +39 -0
package/src/controllers/adminUiComponents.controller.js +315 -0
package/src/controllers/adminUiComponentsAi.controller.js +34 -0
package/src/controllers/blogAdmin.controller.js +279 -0
package/src/controllers/blogAiAdmin.controller.js +224 -0
package/src/controllers/blogAutomationAdmin.controller.js +141 -0
package/src/controllers/blogInternal.controller.js +26 -0
package/src/controllers/blogPublic.controller.js +89 -0
package/src/controllers/fileManager.controller.js +190 -0
package/src/controllers/fileManagerStoragePolicy.controller.js +23 -0
package/src/controllers/healthChecksPublic.controller.js +196 -0
package/src/controllers/metrics.controller.js +64 -4
package/src/controllers/orgAdmin.controller.js +366 -0
package/src/controllers/uiComponentsPublic.controller.js +118 -0
package/src/middleware/auth.js +7 -0
package/src/middleware/internalCronAuth.js +29 -0
package/src/middleware/rbac.js +62 -0
package/src/middleware.js +879 -56
package/src/models/BlockDefinition.js +27 -0
package/src/models/BlogAutomationLock.js +14 -0
package/src/models/BlogAutomationRun.js +39 -0
package/src/models/BlogPost.js +42 -0
package/src/models/CacheEntry.js +26 -0
package/src/models/ConsoleEntry.js +32 -0
package/src/models/ConsoleLog.js +23 -0
package/src/models/ContextBlockDefinition.js +33 -0
package/src/models/CronExecution.js +47 -0
package/src/models/CronJob.js +70 -0
package/src/models/ExternalDbConnection.js +49 -0
package/src/models/FileEntry.js +22 -0
package/src/models/HeadlessModelDefinition.js +10 -0
package/src/models/HealthAutoHealAttempt.js +57 -0
package/src/models/HealthCheck.js +132 -0
package/src/models/HealthCheckRun.js +51 -0
package/src/models/HealthIncident.js +49 -0
package/src/models/Page.js +95 -0
package/src/models/PageCollection.js +42 -0
package/src/models/ProxyEntry.js +66 -0
package/src/models/RateLimitCounter.js +19 -0
package/src/models/RateLimitMetricBucket.js +20 -0
package/src/models/RbacGrant.js +25 -0
package/src/models/RbacGroup.js +16 -0
package/src/models/RbacGroupMember.js +13 -0
package/src/models/RbacGroupRole.js +13 -0
package/src/models/RbacRole.js +25 -0
package/src/models/RbacUserRole.js +13 -0
package/src/models/ScriptDefinition.js +42 -0
package/src/models/ScriptRun.js +22 -0
package/src/models/UiComponent.js +29 -0
package/src/models/UiComponentProject.js +26 -0
package/src/models/UiComponentProjectComponent.js +18 -0
package/src/routes/admin.routes.js +1 -0
package/src/routes/adminBlog.routes.js +21 -0
package/src/routes/adminBlogAi.routes.js +16 -0
package/src/routes/adminBlogAutomation.routes.js +27 -0
package/src/routes/adminCache.routes.js +20 -0
package/src/routes/adminConsoleManager.routes.js +302 -0
package/src/routes/adminCrons.routes.js +25 -0
package/src/routes/adminDbBrowser.routes.js +65 -0
package/src/routes/adminEjsVirtual.routes.js +2 -1
package/src/routes/adminHeadless.routes.js +8 -1
package/src/routes/adminHealthChecks.routes.js +28 -0
package/src/routes/adminI18n.routes.js +4 -3
package/src/routes/adminLlm.routes.js +4 -2
package/src/routes/adminPages.routes.js +55 -0
package/src/routes/adminProxy.routes.js +15 -0
package/src/routes/adminRateLimits.routes.js +17 -0
package/src/routes/adminRbac.routes.js +38 -0
package/src/routes/adminScripts.routes.js +21 -0
package/src/routes/adminSeoConfig.routes.js +5 -4
package/src/routes/adminTerminals.routes.js +13 -0
package/src/routes/adminUiComponents.routes.js +30 -0
package/src/routes/blogInternal.routes.js +14 -0
package/src/routes/blogPublic.routes.js +9 -0
package/src/routes/fileManager.routes.js +62 -0
package/src/routes/fileManagerStoragePolicy.routes.js +9 -0
package/src/routes/healthChecksPublic.routes.js +9 -0
package/src/routes/log.routes.js +43 -60
package/src/routes/metrics.routes.js +4 -2
package/src/routes/orgAdmin.routes.js +6 -0
package/src/routes/pages.routes.js +123 -0
package/src/routes/proxy.routes.js +46 -0
package/src/routes/rbac.routes.js +47 -0
package/src/routes/uiComponentsPublic.routes.js +9 -0
package/src/routes/webhook.routes.js +2 -1
package/src/routes/workflows.routes.js +4 -0
package/src/services/blockDefinitionsAi.service.js +247 -0
package/src/services/blog.service.js +99 -0
package/src/services/blogAutomation.service.js +978 -0
package/src/services/blogCronsBootstrap.service.js +184 -0
package/src/services/blogPublishing.service.js +58 -0
package/src/services/cacheLayer.service.js +696 -0
package/src/services/consoleManager.service.js +700 -0
package/src/services/consoleOverride.service.js +6 -1
package/src/services/cronScheduler.service.js +350 -0
package/src/services/dbBrowser.service.js +536 -0
package/src/services/ejsVirtual.service.js +102 -32
package/src/services/fileManager.service.js +475 -0
package/src/services/fileManagerStoragePolicy.service.js +285 -0
package/src/services/headlessExternalModels.service.js +292 -0
package/src/services/headlessModels.service.js +26 -6
package/src/services/healthChecks.service.js +650 -0
package/src/services/healthChecksBootstrap.service.js +109 -0
package/src/services/healthChecksScheduler.service.js +106 -0
package/src/services/llmDefaults.service.js +190 -0
package/src/services/migrationAssets/s3.js +2 -2
package/src/services/pages.service.js +602 -0
package/src/services/pagesContext.service.js +331 -0
package/src/services/pagesContextBlocksAi.service.js +349 -0
package/src/services/proxy.service.js +535 -0
package/src/services/rateLimiter.service.js +623 -0
package/src/services/rbac.service.js +212 -0
package/src/services/scriptsRunner.service.js +259 -0
package/src/services/terminals.service.js +152 -0
package/src/services/terminalsWs.service.js +100 -0
package/src/services/uiComponentsAi.service.js +299 -0
package/src/services/uiComponentsCrypto.service.js +39 -0
package/src/services/workflow.service.js +23 -8
package/src/utils/orgRoles.js +14 -0
package/src/utils/rbac/engine.js +60 -0
package/src/utils/rbac/rightsRegistry.js +29 -0
package/views/admin-blog-automation.ejs +877 -0
package/views/admin-blog-edit.ejs +542 -0
package/views/admin-blog.ejs +399 -0
package/views/admin-cache.ejs +681 -0
package/views/admin-console-manager.ejs +680 -0
package/views/admin-crons.ejs +645 -0
package/views/admin-db-browser.ejs +445 -0
package/views/admin-ejs-virtual.ejs +16 -10
package/views/admin-file-manager.ejs +942 -0
package/views/admin-headless.ejs +294 -24
package/views/admin-health-checks.ejs +725 -0
package/views/admin-i18n.ejs +59 -5
package/views/admin-llm.ejs +99 -1
package/views/admin-organizations.ejs +528 -10
package/views/admin-pages.ejs +2424 -0
package/views/admin-proxy.ejs +491 -0
package/views/admin-rate-limiter.ejs +625 -0
package/views/admin-rbac.ejs +1331 -0
package/views/admin-scripts.ejs +497 -0
package/views/admin-seo-config.ejs +61 -7
package/views/admin-terminals.ejs +328 -0
package/views/admin-ui-components.ejs +741 -0
package/views/admin-users.ejs +261 -4
package/views/admin-workflows.ejs +7 -7
package/views/file-manager.ejs +866 -0
package/views/pages/blocks/contact.ejs +27 -0
package/views/pages/blocks/cta.ejs +18 -0
package/views/pages/blocks/faq.ejs +20 -0
package/views/pages/blocks/features.ejs +19 -0
package/views/pages/blocks/hero.ejs +13 -0
package/views/pages/blocks/html.ejs +5 -0
package/views/pages/blocks/image.ejs +14 -0
package/views/pages/blocks/testimonials.ejs +26 -0
package/views/pages/blocks/text.ejs +10 -0
package/views/pages/layouts/default.ejs +51 -0
package/views/pages/layouts/minimal.ejs +42 -0
package/views/pages/layouts/sidebar.ejs +54 -0
package/views/pages/partials/footer.ejs +13 -0
package/views/pages/partials/header.ejs +12 -0
package/views/pages/partials/sidebar.ejs +8 -0
package/views/pages/runtime/page.ejs +10 -0
package/views/pages/templates/article.ejs +20 -0
package/views/pages/templates/default.ejs +12 -0
package/views/pages/templates/landing.ejs +14 -0
package/views/pages/templates/listing.ejs +15 -0
package/views/partials/admin-image-upload-modal.ejs +221 -0
package/views/partials/dashboard/nav-items.ejs +14 -0
package/views/partials/llm-provider-model-picker.ejs +183 -0

package/src/services/blockDefinitionsAi.service.js ADDED Viewed

@@ -0,0 +1,247 @@
+const BlockDefinition = require('../models/BlockDefinition');
+const llmService = require('./llm.service');
+const { resolveLlmProviderModel } = require('./llmDefaults.service');
+const { createAuditEvent } = require('./audit.service');
+function normalizeCode(code) {
+  return String(code || '').trim().toLowerCase();
+}
+function parseJsonFromModelOutput(raw) {
+  const text = String(raw || '').trim();
+  // Try strict JSON first
+  try {
+    return JSON.parse(text);
+  } catch (_) {
+    // Try to extract a JSON object from a fenced block
+    const m = text.match(/```json\s*([\s\S]*?)\s*```/i) || text.match(/```\s*([\s\S]*?)\s*```/i);
+    if (m) {
+      return JSON.parse(String(m[1] || '').trim());
+    }
+    // Try first { ... } block
+    const idx = text.indexOf('{');
+    const last = text.lastIndexOf('}');
+    if (idx !== -1 && last !== -1 && last > idx) {
+      return JSON.parse(text.slice(idx, last + 1));
+    }
+    const err = new Error('AI response was not valid JSON');
+    err.code = 'AI_INVALID';
+    throw err;
+  }
+}
+function validateProposalShape(obj) {
+  if (!obj || typeof obj !== 'object' || Array.isArray(obj)) {
+    const err = new Error('AI proposal must be a JSON object');
+    err.code = 'AI_INVALID';
+    throw err;
+  }
+  const code = normalizeCode(obj.code);
+  const label = String(obj.label || '').trim();
+  if (!code) {
+    const err = new Error('AI proposal missing required field: code');
+    err.code = 'AI_INVALID';
+    throw err;
+  }
+  if (!label) {
+    const err = new Error('AI proposal missing required field: label');
+    err.code = 'AI_INVALID';
+    throw err;
+  }
+  const fields = obj.fields;
+  if (fields !== undefined && (fields === null || typeof fields !== 'object' || Array.isArray(fields))) {
+    const err = new Error('AI proposal fields must be an object');
+    err.code = 'AI_INVALID';
+    throw err;
+  }
+  return {
+    code,
+    label,
+    description: String(obj.description || ''),
+    fields: fields && typeof fields === 'object' ? fields : {},
+  };
+}
+async function resolveLlmDefaults({ systemKey, providerKey, model }) {
+  return resolveLlmProviderModel({ systemKey, providerKey, model });
+}
+function buildSystemPrompt() {
+  return [
+    'You are an assistant that outputs a single JSON object describing a Page Builder block definition.',
+    'Return ONLY JSON. No markdown, no extra keys, no explanation.',
+    '',
+    'The JSON must have shape:',
+    '{',
+    '  "code": "string",',
+    '  "label": "string",',
+    '  "description": "string",',
+    '  "fields": {',
+    '    "fieldName": {',
+    '      "type": "string|html|boolean|number|select|json",',
+    '      "label": "string",',
+    '      "options": ["..."] (only for select),',
+    '      "example": <any JSON value> (only for json)',
+    '    }',
+    '  }',
+    '}',
+  ].join('\n');
+}
+async function generateBlockDefinition({ prompt, providerKey, model, actor }) {
+  const instruction = String(prompt || '').trim();
+  if (!instruction) {
+    const err = new Error('prompt is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const llmDefaults = await resolveLlmDefaults({
+    systemKey: 'pageBuilder.blocks.generate',
+    providerKey,
+    model,
+  });
+  const result = await llmService.callAdhoc(
+    {
+      providerKey: llmDefaults.providerKey,
+      model: llmDefaults.model,
+      messages: [
+        { role: 'system', content: buildSystemPrompt() },
+        { role: 'user', content: instruction },
+      ],
+      promptKeyForAudit: 'pageBuilder.blocks.ai.generate',
+    },
+    { temperature: 0.3 },
+  );
+  const raw = String(result.content || '');
+  const json = parseJsonFromModelOutput(raw);
+  const proposal = validateProposalShape(json);
+  await createAuditEvent({
+    ...(actor || { actorType: 'system', actorId: null }),
+    action: 'pageBuilder.blocks.ai.generate',
+    entityType: 'BlockDefinition',
+    entityId: proposal.code,
+    before: null,
+    after: { code: proposal.code },
+    meta: {
+      providerKey: llmDefaults.providerKey,
+      model: llmDefaults.model,
+      responsePreview: raw.slice(0, 4000),
+    },
+  });
+  return {
+    proposal,
+    providerKey: llmDefaults.providerKey,
+    model: llmDefaults.model,
+  };
+}
+async function proposeBlockDefinitionEdit({ code, prompt, providerKey, model, actor }) {
+  const blockCode = normalizeCode(code);
+  if (!blockCode) {
+    const err = new Error('code is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const instruction = String(prompt || '').trim();
+  if (!instruction) {
+    const err = new Error('prompt is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const doc = await BlockDefinition.findOne({ code: blockCode });
+  if (!doc) {
+    const err = new Error('Block not found');
+    err.code = 'NOT_FOUND';
+    throw err;
+  }
+  const current = doc.toObject();
+  const llmDefaults = await resolveLlmDefaults({
+    systemKey: 'pageBuilder.blocks.propose',
+    providerKey,
+    model,
+  });
+  const messages = [
+    { role: 'system', content: buildSystemPrompt() },
+    { role: 'user', content: `Instruction:\n${instruction}` },
+    {
+      role: 'user',
+      content: [
+        'Current block definition:',
+        JSON.stringify(
+          {
+            code: current.code,
+            label: current.label,
+            description: current.description,
+            fields: current.fields || {},
+          },
+          null,
+          2,
+        ),
+      ].join('\n'),
+    },
+  ];
+  const result = await llmService.callAdhoc(
+    {
+      providerKey: llmDefaults.providerKey,
+      model: llmDefaults.model,
+      messages,
+      promptKeyForAudit: 'pageBuilder.blocks.ai.propose',
+    },
+    { temperature: 0.3 },
+  );
+  const raw = String(result.content || '');
+  const json = parseJsonFromModelOutput(raw);
+  const proposal = validateProposalShape(json);
+  if (proposal.code !== current.code) {
+    const err = new Error('AI proposal code must match the requested block code');
+    err.code = 'AI_INVALID';
+    throw err;
+  }
+  await createAuditEvent({
+    ...(actor || { actorType: 'system', actorId: null }),
+    action: 'pageBuilder.blocks.ai.propose',
+    entityType: 'BlockDefinition',
+    entityId: current.code,
+    before: { code: current.code, version: current.version },
+    after: { code: current.code, version: current.version },
+    meta: {
+      providerKey: llmDefaults.providerKey,
+      model: llmDefaults.model,
+      responsePreview: raw.slice(0, 4000),
+    },
+  });
+  return {
+    block: { code: current.code, version: current.version },
+    proposal,
+    providerKey: llmDefaults.providerKey,
+    model: llmDefaults.model,
+  };
+}
+module.exports = {
+  generateBlockDefinition,
+  proposeBlockDefinitionEdit,
+};

package/src/services/blog.service.js ADDED Viewed

@@ -0,0 +1,99 @@
+const BlogPost = require('../models/BlogPost');
+function slugify(input) {
+  const s = String(input || '')
+    .trim()
+    .toLowerCase();
+  return s
+    .normalize('NFKD')
+    .replace(/[\u0300-\u036f]/g, '')
+    .replace(/[^a-z0-9]+/g, '-')
+    .replace(/^-+|-+$/g, '')
+    .replace(/-{2,}/g, '-');
+}
+function extractExcerptFromMarkdown(markdown) {
+  const text = String(markdown || '')
+    .replace(/```[\s\S]*?```/g, ' ')
+    .replace(/`[^`]*`/g, ' ')
+    .replace(/!\[[^\]]*\]\([^\)]*\)/g, ' ')
+    .replace(/\[[^\]]*\]\([^\)]*\)/g, ' ')
+    .replace(/[#>*_\-]+/g, ' ')
+    .replace(/\s+/g, ' ')
+    .trim();
+  return text.length > 180 ? `${text.slice(0, 177)}...` : text;
+}
+async function generateUniqueBlogSlug(title, { excludeId } = {}) {
+  const base = slugify(title);
+  let candidate = base || 'post';
+  let n = 2;
+  // Slug uniqueness is only enforced among non-archived posts via partial unique index.
+  // We still do a pre-check to avoid duplicate key errors.
+  while (true) {
+    const query = {
+      slug: candidate,
+      status: { $in: ['draft', 'scheduled', 'published'] },
+    };
+    if (excludeId) query._id = { $ne: excludeId };
+    const existing = await BlogPost.findOne(query).select('_id').lean();
+    if (!existing) return candidate;
+    candidate = `${base || 'post'}-${n}`;
+    n += 1;
+  }
+}
+function normalizeStringArray(value, { maxItems = 25, maxItemLength = 50 } = {}) {
+  const arr = Array.isArray(value)
+    ? value
+    : value === undefined || value === null
+      ? []
+      : [value];
+  const cleaned = [];
+  const seen = new Set();
+  for (const item of arr) {
+    const s = String(item || '').trim();
+    if (!s) continue;
+    const capped = s.length > maxItemLength ? s.slice(0, maxItemLength) : s;
+    const key = capped.toLowerCase();
+    if (seen.has(key)) continue;
+    seen.add(key);
+    cleaned.push(capped);
+    if (cleaned.length >= maxItems) break;
+  }
+  return cleaned;
+}
+function normalizeTags(value) {
+  if (value === undefined || value === null) return [];
+  if (Array.isArray(value)) {
+    return normalizeStringArray(value, { maxItems: 25, maxItemLength: 40 });
+  }
+  // accept comma-separated string
+  const s = String(value || '');
+  const parts = s
+    .split(',')
+    .map((t) => String(t || '').trim())
+    .filter(Boolean);
+  return normalizeStringArray(parts, { maxItems: 25, maxItemLength: 40 });
+}
+function parsePagination({ page, limit, maxLimit = 100, defaultLimit = 20 } = {}) {
+  const p = Math.max(1, Number(page || 1) || 1);
+  const l = Math.min(maxLimit, Math.max(1, Number(limit || defaultLimit) || defaultLimit));
+  const skip = (p - 1) * l;
+  return { page: p, limit: l, skip };
+}
+module.exports = {
+  slugify,
+  extractExcerptFromMarkdown,
+  generateUniqueBlogSlug,
+  normalizeTags,
+  parsePagination,
+};