npm - @intranefr/superbackend - Versions diffs - 1.4.4 → 1.5.1 - Mend

@intranefr/superbackend 1.4.4 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (195) hide show

package/.env.example +5 -0
package/README.md +11 -0
package/index.js +39 -1
package/package.json +11 -3
package/public/sdk/ui-components.iife.js +191 -0
package/sdk/ui-components/browser/src/index.js +228 -0
package/src/admin/endpointRegistry.js +120 -0
package/src/controllers/admin.controller.js +111 -5
package/src/controllers/adminBlockDefinitions.controller.js +127 -0
package/src/controllers/adminBlockDefinitionsAi.controller.js +54 -0
package/src/controllers/adminCache.controller.js +342 -0
package/src/controllers/adminContextBlockDefinitions.controller.js +141 -0
package/src/controllers/adminCrons.controller.js +388 -0
package/src/controllers/adminDbBrowser.controller.js +124 -0
package/src/controllers/adminEjsVirtual.controller.js +13 -3
package/src/controllers/adminHeadless.controller.js +91 -2
package/src/controllers/adminHealthChecks.controller.js +570 -0
package/src/controllers/adminI18n.controller.js +51 -29
package/src/controllers/adminLlm.controller.js +126 -2
package/src/controllers/adminPages.controller.js +720 -0
package/src/controllers/adminPagesContextBlocksAi.controller.js +54 -0
package/src/controllers/adminProxy.controller.js +113 -0
package/src/controllers/adminRateLimits.controller.js +138 -0
package/src/controllers/adminRbac.controller.js +803 -0
package/src/controllers/adminScripts.controller.js +320 -0
package/src/controllers/adminSeoConfig.controller.js +71 -48
package/src/controllers/adminTerminals.controller.js +39 -0
package/src/controllers/adminUiComponents.controller.js +315 -0
package/src/controllers/adminUiComponentsAi.controller.js +34 -0
package/src/controllers/blogAdmin.controller.js +279 -0
package/src/controllers/blogAiAdmin.controller.js +224 -0
package/src/controllers/blogAutomationAdmin.controller.js +141 -0
package/src/controllers/blogInternal.controller.js +26 -0
package/src/controllers/blogPublic.controller.js +89 -0
package/src/controllers/fileManager.controller.js +190 -0
package/src/controllers/fileManagerStoragePolicy.controller.js +23 -0
package/src/controllers/healthChecksPublic.controller.js +196 -0
package/src/controllers/metrics.controller.js +64 -4
package/src/controllers/orgAdmin.controller.js +366 -0
package/src/controllers/uiComponentsPublic.controller.js +118 -0
package/src/middleware/auth.js +7 -0
package/src/middleware/internalCronAuth.js +29 -0
package/src/middleware/rbac.js +62 -0
package/src/middleware.js +879 -56
package/src/models/BlockDefinition.js +27 -0
package/src/models/BlogAutomationLock.js +14 -0
package/src/models/BlogAutomationRun.js +39 -0
package/src/models/BlogPost.js +42 -0
package/src/models/CacheEntry.js +26 -0
package/src/models/ConsoleEntry.js +32 -0
package/src/models/ConsoleLog.js +23 -0
package/src/models/ContextBlockDefinition.js +33 -0
package/src/models/CronExecution.js +47 -0
package/src/models/CronJob.js +70 -0
package/src/models/ExternalDbConnection.js +49 -0
package/src/models/FileEntry.js +22 -0
package/src/models/HeadlessModelDefinition.js +10 -0
package/src/models/HealthAutoHealAttempt.js +57 -0
package/src/models/HealthCheck.js +132 -0
package/src/models/HealthCheckRun.js +51 -0
package/src/models/HealthIncident.js +49 -0
package/src/models/Page.js +95 -0
package/src/models/PageCollection.js +42 -0
package/src/models/ProxyEntry.js +66 -0
package/src/models/RateLimitCounter.js +19 -0
package/src/models/RateLimitMetricBucket.js +20 -0
package/src/models/RbacGrant.js +25 -0
package/src/models/RbacGroup.js +16 -0
package/src/models/RbacGroupMember.js +13 -0
package/src/models/RbacGroupRole.js +13 -0
package/src/models/RbacRole.js +25 -0
package/src/models/RbacUserRole.js +13 -0
package/src/models/ScriptDefinition.js +42 -0
package/src/models/ScriptRun.js +22 -0
package/src/models/UiComponent.js +29 -0
package/src/models/UiComponentProject.js +26 -0
package/src/models/UiComponentProjectComponent.js +18 -0
package/src/routes/admin.routes.js +1 -0
package/src/routes/adminBlog.routes.js +21 -0
package/src/routes/adminBlogAi.routes.js +16 -0
package/src/routes/adminBlogAutomation.routes.js +27 -0
package/src/routes/adminCache.routes.js +20 -0
package/src/routes/adminConsoleManager.routes.js +302 -0
package/src/routes/adminCrons.routes.js +25 -0
package/src/routes/adminDbBrowser.routes.js +65 -0
package/src/routes/adminEjsVirtual.routes.js +2 -1
package/src/routes/adminHeadless.routes.js +8 -1
package/src/routes/adminHealthChecks.routes.js +28 -0
package/src/routes/adminI18n.routes.js +4 -3
package/src/routes/adminLlm.routes.js +4 -2
package/src/routes/adminPages.routes.js +55 -0
package/src/routes/adminProxy.routes.js +15 -0
package/src/routes/adminRateLimits.routes.js +17 -0
package/src/routes/adminRbac.routes.js +38 -0
package/src/routes/adminScripts.routes.js +21 -0
package/src/routes/adminSeoConfig.routes.js +5 -4
package/src/routes/adminTerminals.routes.js +13 -0
package/src/routes/adminUiComponents.routes.js +30 -0
package/src/routes/blogInternal.routes.js +14 -0
package/src/routes/blogPublic.routes.js +9 -0
package/src/routes/fileManager.routes.js +62 -0
package/src/routes/fileManagerStoragePolicy.routes.js +9 -0
package/src/routes/healthChecksPublic.routes.js +9 -0
package/src/routes/log.routes.js +43 -60
package/src/routes/metrics.routes.js +4 -2
package/src/routes/orgAdmin.routes.js +6 -0
package/src/routes/pages.routes.js +123 -0
package/src/routes/proxy.routes.js +46 -0
package/src/routes/rbac.routes.js +47 -0
package/src/routes/uiComponentsPublic.routes.js +9 -0
package/src/routes/webhook.routes.js +2 -1
package/src/routes/workflows.routes.js +4 -0
package/src/services/blockDefinitionsAi.service.js +247 -0
package/src/services/blog.service.js +99 -0
package/src/services/blogAutomation.service.js +978 -0
package/src/services/blogCronsBootstrap.service.js +184 -0
package/src/services/blogPublishing.service.js +58 -0
package/src/services/cacheLayer.service.js +696 -0
package/src/services/consoleManager.service.js +700 -0
package/src/services/consoleOverride.service.js +6 -1
package/src/services/cronScheduler.service.js +350 -0
package/src/services/dbBrowser.service.js +536 -0
package/src/services/ejsVirtual.service.js +102 -32
package/src/services/fileManager.service.js +475 -0
package/src/services/fileManagerStoragePolicy.service.js +285 -0
package/src/services/headlessExternalModels.service.js +292 -0
package/src/services/headlessModels.service.js +26 -6
package/src/services/healthChecks.service.js +650 -0
package/src/services/healthChecksBootstrap.service.js +109 -0
package/src/services/healthChecksScheduler.service.js +106 -0
package/src/services/llmDefaults.service.js +190 -0
package/src/services/migrationAssets/s3.js +2 -2
package/src/services/pages.service.js +602 -0
package/src/services/pagesContext.service.js +331 -0
package/src/services/pagesContextBlocksAi.service.js +349 -0
package/src/services/proxy.service.js +535 -0
package/src/services/rateLimiter.service.js +623 -0
package/src/services/rbac.service.js +212 -0
package/src/services/scriptsRunner.service.js +259 -0
package/src/services/terminals.service.js +152 -0
package/src/services/terminalsWs.service.js +100 -0
package/src/services/uiComponentsAi.service.js +299 -0
package/src/services/uiComponentsCrypto.service.js +39 -0
package/src/services/workflow.service.js +23 -8
package/src/utils/orgRoles.js +14 -0
package/src/utils/rbac/engine.js +60 -0
package/src/utils/rbac/rightsRegistry.js +29 -0
package/views/admin-blog-automation.ejs +877 -0
package/views/admin-blog-edit.ejs +542 -0
package/views/admin-blog.ejs +399 -0
package/views/admin-cache.ejs +681 -0
package/views/admin-console-manager.ejs +680 -0
package/views/admin-crons.ejs +645 -0
package/views/admin-db-browser.ejs +445 -0
package/views/admin-ejs-virtual.ejs +16 -10
package/views/admin-file-manager.ejs +942 -0
package/views/admin-headless.ejs +294 -24
package/views/admin-health-checks.ejs +725 -0
package/views/admin-i18n.ejs +59 -5
package/views/admin-llm.ejs +99 -1
package/views/admin-organizations.ejs +528 -10
package/views/admin-pages.ejs +2424 -0
package/views/admin-proxy.ejs +491 -0
package/views/admin-rate-limiter.ejs +625 -0
package/views/admin-rbac.ejs +1331 -0
package/views/admin-scripts.ejs +497 -0
package/views/admin-seo-config.ejs +61 -7
package/views/admin-terminals.ejs +328 -0
package/views/admin-ui-components.ejs +741 -0
package/views/admin-users.ejs +261 -4
package/views/admin-workflows.ejs +7 -7
package/views/file-manager.ejs +866 -0
package/views/pages/blocks/contact.ejs +27 -0
package/views/pages/blocks/cta.ejs +18 -0
package/views/pages/blocks/faq.ejs +20 -0
package/views/pages/blocks/features.ejs +19 -0
package/views/pages/blocks/hero.ejs +13 -0
package/views/pages/blocks/html.ejs +5 -0
package/views/pages/blocks/image.ejs +14 -0
package/views/pages/blocks/testimonials.ejs +26 -0
package/views/pages/blocks/text.ejs +10 -0
package/views/pages/layouts/default.ejs +51 -0
package/views/pages/layouts/minimal.ejs +42 -0
package/views/pages/layouts/sidebar.ejs +54 -0
package/views/pages/partials/footer.ejs +13 -0
package/views/pages/partials/header.ejs +12 -0
package/views/pages/partials/sidebar.ejs +8 -0
package/views/pages/runtime/page.ejs +10 -0
package/views/pages/templates/article.ejs +20 -0
package/views/pages/templates/default.ejs +12 -0
package/views/pages/templates/landing.ejs +14 -0
package/views/pages/templates/listing.ejs +15 -0
package/views/partials/admin-image-upload-modal.ejs +221 -0
package/views/partials/dashboard/nav-items.ejs +14 -0
package/views/partials/llm-provider-model-picker.ejs +183 -0

package/src/services/fileManagerStoragePolicy.service.js ADDED Viewed

@@ -0,0 +1,285 @@
+const mongoose = require('mongoose');
+const Asset = require('../models/Asset');
+const FileEntry = require('../models/FileEntry');
+const RbacGroup = require('../models/RbacGroup');
+const RbacGroupMember = require('../models/RbacGroupMember');
+const globalSettingsService = require('./globalSettings.service');
+const SETTING_POLICY_JSON = 'FILE_MANAGER_STORAGE_POLICY_JSON';
+const SETTING_LEGACY_MAX_UPLOAD = 'FILE_MANAGER_MAX_UPLOAD_BYTES';
+const DEFAULT_MAX_UPLOAD_BYTES = 1073741824;
+const DEFAULT_MAX_STORAGE_BYTES = 104857600;
+function normalizeObjectId(id, name) {
+  const str = String(id || '');
+  if (!mongoose.Types.ObjectId.isValid(str)) {
+    const err = new Error(`${name} must be a valid ObjectId`);
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  return new mongoose.Types.ObjectId(str);
+}
+function normalizeDriveType(value) {
+  const t = String(value || '').trim();
+  if (t === 'user' || t === 'group' || t === 'org') return t;
+  const err = new Error('driveType must be one of: user, group, org');
+  err.code = 'VALIDATION';
+  throw err;
+}
+function toPositiveIntOrNull(value) {
+  const n = Number(value);
+  if (!Number.isFinite(n) || n <= 0) return null;
+  return Math.floor(n);
+}
+async function loadPolicy() {
+  const raw = await globalSettingsService.getSettingValue(SETTING_POLICY_JSON, null);
+  if (!raw) return { version: 1, global: {}, orgs: {} };
+  try {
+    const parsed = typeof raw === 'string' ? JSON.parse(raw) : raw;
+    if (!parsed || typeof parsed !== 'object') return { version: 1, global: {}, orgs: {} };
+    const version = toPositiveIntOrNull(parsed.version) || 1;
+    const global = parsed.global && typeof parsed.global === 'object' ? parsed.global : {};
+    const orgs = parsed.orgs && typeof parsed.orgs === 'object' ? parsed.orgs : {};
+    return { version, global, orgs };
+  } catch {
+    return { version: 1, global: {}, orgs: {} };
+  }
+}
+function getEnvDefaultMaxUploadBytes() {
+  const fromEnv = toPositiveIntOrNull(process.env.FILE_MANAGER_DEFAULT_MAX_UPLOAD_BYTES);
+  return fromEnv || DEFAULT_MAX_UPLOAD_BYTES;
+}
+async function getDefaultMaxUploadBytes() {
+  const legacy = await globalSettingsService.getSettingValue(SETTING_LEGACY_MAX_UPLOAD, null);
+  const legacyParsed = toPositiveIntOrNull(legacy);
+  return legacyParsed || getEnvDefaultMaxUploadBytes();
+}
+function getDefaultMaxStorageBytes() {
+  const fromEnv = toPositiveIntOrNull(process.env.FILE_MANAGER_DEFAULT_MAX_STORAGE_BYTES);
+  return fromEnv || DEFAULT_MAX_STORAGE_BYTES;
+}
+async function getUserOrgGroupIds({ userId, orgId }) {
+  const uid = normalizeObjectId(userId, 'userId');
+  const oid = normalizeObjectId(orgId, 'orgId');
+  const links = await RbacGroupMember.find({ userId: uid }).select('groupId').lean();
+  const groupIds = links.map((l) => l.groupId).filter(Boolean);
+  if (!groupIds.length) return [];
+  const groups = await RbacGroup.find({ _id: { $in: groupIds }, orgId: oid, status: 'active', isGlobal: false })
+    .select('_id')
+    .lean();
+  return groups.map((g) => String(g._id));
+}
+function pickMax(values) {
+  let best = null;
+  for (const v of values) {
+    const n = toPositiveIntOrNull(v);
+    if (n === null) continue;
+    if (best === null || n > best) best = n;
+  }
+  return best;
+}
+function getOrgConfig(policy, orgId) {
+  const orgs = policy?.orgs || {};
+  const orgConfig = orgs[String(orgId)] || null;
+  return orgConfig && typeof orgConfig === 'object' ? orgConfig : null;
+}
+function getGroupConfig(orgConfig, groupId) {
+  const groups = orgConfig?.groups || {};
+  const g = groups[String(groupId)] || null;
+  return g && typeof g === 'object' ? g : null;
+}
+function getUserConfig(orgConfig, userId) {
+  const users = orgConfig?.users || {};
+  const u = users[String(userId)] || null;
+  return u && typeof u === 'object' ? u : null;
+}
+async function resolveEffectiveLimits({ userId, orgId, driveType, driveId }) {
+  const dt = normalizeDriveType(driveType);
+  const oid = normalizeObjectId(orgId, 'orgId');
+  const did = normalizeObjectId(driveId, 'driveId');
+  const policy = await loadPolicy();
+  const orgConfig = getOrgConfig(policy, String(oid));
+  const source = { maxUpload: 'default', maxStorage: 'default' };
+  const defaultMaxUpload = await getDefaultMaxUploadBytes();
+  const defaultMaxStorage = getDefaultMaxStorageBytes();
+  const globalMaxUpload = toPositiveIntOrNull(policy?.global?.maxUploadBytes);
+  const globalMaxStorage = toPositiveIntOrNull(policy?.global?.maxStorageBytes);
+  let maxUploadBytes = null;
+  let maxStorageBytes = null;
+  const orgMaxUpload = toPositiveIntOrNull(orgConfig?.maxUploadBytes);
+  const orgMaxStorage = toPositiveIntOrNull(orgConfig?.maxStorageBytes);
+  if (dt === 'org') {
+    maxUploadBytes = orgMaxUpload;
+    if (maxUploadBytes !== null) source.maxUpload = 'org';
+    maxStorageBytes = orgMaxStorage;
+    if (maxStorageBytes !== null) source.maxStorage = 'org';
+  }
+  if (dt === 'group') {
+    const groupConfig = getGroupConfig(orgConfig, String(did));
+    const groupMaxUpload = toPositiveIntOrNull(groupConfig?.maxUploadBytes);
+    const groupMaxStorage = toPositiveIntOrNull(groupConfig?.maxStorageBytes);
+    maxUploadBytes = groupMaxUpload;
+    if (maxUploadBytes !== null) source.maxUpload = 'group';
+    maxStorageBytes = groupMaxStorage;
+    if (maxStorageBytes !== null) source.maxStorage = 'group';
+    if (maxUploadBytes === null) {
+      maxUploadBytes = orgMaxUpload;
+      if (maxUploadBytes !== null) source.maxUpload = 'org';
+    }
+    if (maxStorageBytes === null) {
+      maxStorageBytes = orgMaxStorage;
+      if (maxStorageBytes !== null) source.maxStorage = 'org';
+    }
+  }
+  if (dt === 'user') {
+    const userConfig = getUserConfig(orgConfig, String(did));
+    const userMaxUpload = toPositiveIntOrNull(userConfig?.maxUploadBytes);
+    const userMaxStorage = toPositiveIntOrNull(userConfig?.maxStorageBytes);
+    maxUploadBytes = userMaxUpload;
+    if (maxUploadBytes !== null) source.maxUpload = 'user';
+    maxStorageBytes = userMaxStorage;
+    if (maxStorageBytes !== null) source.maxStorage = 'user';
+    const groupIds = await getUserOrgGroupIds({ userId, orgId: oid });
+    if (groupIds.length) {
+      const groupUploads = groupIds.map((gid) => getGroupConfig(orgConfig, gid)?.maxUploadBytes);
+      const groupStorages = groupIds.map((gid) => getGroupConfig(orgConfig, gid)?.maxStorageBytes);
+      if (maxUploadBytes === null) {
+        maxUploadBytes = pickMax(groupUploads);
+        if (maxUploadBytes !== null) source.maxUpload = 'group';
+      }
+      if (maxStorageBytes === null) {
+        maxStorageBytes = pickMax(groupStorages);
+        if (maxStorageBytes !== null) source.maxStorage = 'group';
+      }
+    }
+    if (maxUploadBytes === null) {
+      maxUploadBytes = orgMaxUpload;
+      if (maxUploadBytes !== null) source.maxUpload = 'org';
+    }
+    if (maxStorageBytes === null) {
+      maxStorageBytes = orgMaxStorage;
+      if (maxStorageBytes !== null) source.maxStorage = 'org';
+    }
+  }
+  if (maxUploadBytes === null && globalMaxUpload !== null) {
+    maxUploadBytes = globalMaxUpload;
+    source.maxUpload = 'global';
+  }
+  if (maxStorageBytes === null && globalMaxStorage !== null) {
+    maxStorageBytes = globalMaxStorage;
+    source.maxStorage = 'global';
+  }
+  if (maxUploadBytes === null) {
+    maxUploadBytes = defaultMaxUpload;
+  }
+  if (maxStorageBytes === null) {
+    maxStorageBytes = defaultMaxStorage;
+  }
+  return {
+    maxUploadBytes,
+    maxStorageBytes,
+    source,
+  };
+}
+async function computeDriveUsedBytes({ orgId, driveType, driveId }) {
+  const oid = normalizeObjectId(orgId, 'orgId');
+  const dt = normalizeDriveType(driveType);
+  const did = normalizeObjectId(driveId, 'driveId');
+  const rows = await FileEntry.aggregate([
+    {
+      $match: {
+        orgId: oid,
+        driveType: dt,
+        driveId: did,
+        deletedAt: null,
+      },
+    },
+    {
+      $lookup: {
+        from: 'assets',
+        localField: 'assetId',
+        foreignField: '_id',
+        as: 'asset',
+      },
+    },
+    { $unwind: { path: '$asset', preserveNullAndEmptyArrays: false } },
+    { $match: { 'asset.status': 'uploaded' } },
+    {
+      $group: {
+        _id: null,
+        usedBytes: { $sum: '$asset.sizeBytes' },
+      },
+    },
+  ]);
+  const usedBytes = rows?.[0]?.usedBytes;
+  return Number.isFinite(usedBytes) ? usedBytes : 0;
+}
+async function getEffectivePolicy({ userId, orgId, driveType, driveId }) {
+  const effective = await resolveEffectiveLimits({ userId, orgId, driveType, driveId });
+  const usedBytes = await computeDriveUsedBytes({ orgId, driveType, driveId });
+  const overageBytes = Math.max(0, usedBytes - effective.maxStorageBytes);
+  return {
+    effective,
+    usage: { usedBytes, overageBytes },
+  };
+}
+module.exports = {
+  loadPolicy,
+  resolveEffectiveLimits,
+  computeDriveUsedBytes,
+  getEffectivePolicy,
+  getUserOrgGroupIds,
+};

package/src/services/headlessExternalModels.service.js ADDED Viewed

@@ -0,0 +1,292 @@
+const mongoose = require('mongoose');
+const HeadlessModelDefinition = require('../models/HeadlessModelDefinition');
+const { normalizeCodeIdentifier, computeSchemaHash } = require('./headlessModels.service');
+function isObjectId(value) {
+  if (!value) return false;
+  if (value instanceof mongoose.Types.ObjectId) return true;
+  if (value && typeof value === 'object' && value._bsontype === 'ObjectID') return true;
+  return false;
+}
+function detectFieldType(value) {
+  if (value === null || value === undefined) return null;
+  if (isObjectId(value)) return 'objectid';
+  if (value instanceof Date) return 'date';
+  if (Array.isArray(value)) return 'array';
+  const t = typeof value;
+  if (t === 'string') return 'string';
+  if (t === 'number') return 'number';
+  if (t === 'boolean') return 'boolean';
+  if (t === 'object') return 'object';
+  return null;
+}
+function pickBestType(seenTypes) {
+  const types = new Set(Array.from(seenTypes || []).filter(Boolean));
+  if (types.size === 0) return { type: 'object', warning: 'No non-null sample values' };
+  if (types.size === 1) return { type: Array.from(types)[0], warning: null };
+  if (types.has('array')) return { type: 'array', warning: `Mixed types: ${Array.from(types).join('|')}` };
+  if (types.has('object')) return { type: 'object', warning: `Mixed types: ${Array.from(types).join('|')}` };
+  return { type: 'string', warning: `Mixed types: ${Array.from(types).join('|')}` };
+}
+function tryInferRefFromFieldName(fieldName, externalModelsByCollection) {
+  const name = String(fieldName || '').trim();
+  if (!name) return null;
+  const lower = name.toLowerCase();
+  if (!lower.endsWith('id') || lower === 'id') return null;
+  const stem = name.slice(0, -2);
+  const candidates = [stem, `${stem}s`, `${stem}es`];
+  for (const c of candidates) {
+    const match = externalModelsByCollection.get(String(c).toLowerCase());
+    if (match) return match;
+  }
+  return null;
+}
+function normalizeIndexFromMongo(idx) {
+  if (!idx || typeof idx !== 'object') return null;
+  const fields = idx.key;
+  if (!fields || typeof fields !== 'object') return null;
+  const options = { ...idx };
+  delete options.key;
+  delete options.v;
+  delete options.ns;
+  return { fields, options };
+}
+async function listExternalCollections({ q, includeSystem } = {}) {
+  if (!mongoose.connection || !mongoose.connection.db) {
+    const err = new Error('Mongo connection not ready');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const filter = {};
+  if (q) filter.name = { $regex: String(q), $options: 'i' };
+  const cursor = await mongoose.connection.db.listCollections(filter, { nameOnly: true });
+  const items = await cursor.toArray();
+  const out = [];
+  for (const c of items) {
+    const name = String(c && c.name ? c.name : '').trim();
+    if (!name) continue;
+    if (!includeSystem && name.startsWith('system.')) continue;
+    out.push({ name, type: 'collection' });
+  }
+  out.sort((a, b) => a.name.localeCompare(b.name));
+  return out;
+}
+async function inferExternalModelFromCollection({ collectionName, sampleSize = 200 } = {}) {
+  if (!mongoose.connection || !mongoose.connection.db) {
+    const err = new Error('Mongo connection not ready');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const collName = String(collectionName || '').trim();
+  if (!collName) {
+    const err = new Error('collectionName is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const N = Math.max(1, Math.min(Number(sampleSize) || 200, 1000));
+  const coll = mongoose.connection.db.collection(collName);
+  let docs;
+  try {
+    docs = await coll.aggregate([{ $sample: { size: N } }]).toArray();
+  } catch {
+    docs = await coll.find({}).limit(N).toArray();
+  }
+  const externalModels = await HeadlessModelDefinition.find({ isActive: true, sourceType: 'external' })
+    .select({ codeIdentifier: 1, sourceCollectionName: 1 })
+    .lean();
+  const externalModelsByCollection = new Map();
+  for (const m of externalModels || []) {
+    const cn = String(m?.sourceCollectionName || '').trim();
+    const code = String(m?.codeIdentifier || '').trim();
+    if (cn && code) externalModelsByCollection.set(cn.toLowerCase(), code);
+  }
+  const perField = new Map();
+  const warnings = [];
+  for (const doc of docs || []) {
+    if (!doc || typeof doc !== 'object') continue;
+    for (const [k, v] of Object.entries(doc)) {
+      if (!k || k === '_id') continue;
+      const type = detectFieldType(v);
+      let stats = perField.get(k);
+      if (!stats) {
+        stats = { seenTypes: new Set(), objectIdCount: 0, nonNullCount: 0 };
+        perField.set(k, stats);
+      }
+      if (type) stats.seenTypes.add(type);
+      if (type === 'objectid') stats.objectIdCount += 1;
+      if (v !== null && v !== undefined) stats.nonNullCount += 1;
+    }
+  }
+  const fields = [];
+  for (const [name, stats] of perField.entries()) {
+    const { type, warning } = pickBestType(stats.seenTypes);
+    if (warning) warnings.push(`Field ${name}: ${warning}`);
+    if (type === 'objectid') {
+      const refModelCode = tryInferRefFromFieldName(name, externalModelsByCollection);
+      if (refModelCode) {
+        fields.push({ name, type: 'ref', required: false, unique: false, refModelCode });
+      } else {
+        fields.push({ name, type: 'string', required: false, unique: false });
+      }
+      continue;
+    }
+    if (type === 'date') {
+      fields.push({ name, type: 'date', required: false, unique: false });
+      continue;
+    }
+    if (type === 'array') {
+      fields.push({ name, type: 'array', required: false, unique: false });
+      continue;
+    }
+    if (type === 'object') {
+      fields.push({ name, type: 'object', required: false, unique: false });
+      continue;
+    }
+    if (type === 'number' || type === 'boolean' || type === 'string') {
+      fields.push({ name, type, required: false, unique: false });
+      continue;
+    }
+    fields.push({ name, type: 'object', required: false, unique: false });
+  }
+  fields.sort((a, b) => a.name.localeCompare(b.name));
+  let indexes = [];
+  try {
+    const idx = await coll.indexes();
+    indexes = (idx || []).map(normalizeIndexFromMongo).filter(Boolean);
+  } catch {
+    indexes = [];
+  }
+  const fieldsHash = computeSchemaHash({ fields, indexes });
+  return {
+    collectionName: collName,
+    fields,
+    indexes,
+    warnings,
+    stats: {
+      sampled: (docs || []).length,
+      maxSampleSize: N,
+      fields: fields.length,
+    },
+    fieldsHash,
+  };
+}
+async function createOrUpdateExternalModel({ collectionName, codeIdentifier, displayName, sampleSize } = {}) {
+  const cn = String(collectionName || '').trim();
+  if (!cn) {
+    const err = new Error('collectionName is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const code = normalizeCodeIdentifier(codeIdentifier);
+  if (!code.startsWith('ext_')) {
+    const err = new Error('External model codeIdentifier must start with ext_');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const name = String(displayName || code).trim();
+  if (!name) {
+    const err = new Error('displayName is required');
+    err.code = 'VALIDATION';
+    throw err;
+  }
+  const inferred = await inferExternalModelFromCollection({ collectionName: cn, sampleSize });
+  const existing = await HeadlessModelDefinition.findOne({ codeIdentifier: code, isActive: true });
+  if (!existing) {
+    const doc = await HeadlessModelDefinition.create({
+      codeIdentifier: code,
+      displayName: name,
+      description: '',
+      fields: inferred.fields,
+      indexes: inferred.indexes,
+      fieldsHash: inferred.fieldsHash,
+      version: 1,
+      previousFields: [],
+      previousIndexes: [],
+      sourceType: 'external',
+      sourceCollectionName: cn,
+      isExternal: true,
+      inference: {
+        enabled: true,
+        lastInferredAt: new Date(),
+        sampleSize: Number(sampleSize) || null,
+        warnings: inferred.warnings || [],
+        stats: inferred.stats || null,
+      },
+      isActive: true,
+    });
+    return { created: true, item: doc.toObject(), inference: inferred };
+  }
+  existing.displayName = name;
+  existing.sourceType = 'external';
+  existing.sourceCollectionName = cn;
+  existing.isExternal = true;
+  const newHash = inferred.fieldsHash;
+  if (newHash !== existing.fieldsHash) {
+    existing.previousFields = existing.fields;
+    existing.previousIndexes = existing.indexes;
+    existing.fields = inferred.fields;
+    existing.indexes = inferred.indexes;
+    existing.fieldsHash = newHash;
+    existing.version = Number(existing.version || 1) + 1;
+  }
+  existing.inference = {
+    enabled: true,
+    lastInferredAt: new Date(),
+    sampleSize: Number(sampleSize) || null,
+    warnings: inferred.warnings || [],
+    stats: inferred.stats || null,
+  };
+  await existing.save();
+  return { created: false, item: existing.toObject(), inference: inferred };
+}
+module.exports = {
+  listExternalCollections,
+  inferExternalModelFromCollection,
+  createOrUpdateExternalModel,
+};

package/src/services/headlessModels.service.js CHANGED Viewed

@@ -89,6 +89,18 @@ function getMongoCollectionName(codeIdentifier) {
   return `${MODEL_COLLECTION_PREFIX}${code}`;
 }
+function isExternalDefinition(def) {
+  return def && (def.sourceType === 'external' || def.isExternal === true);
+}
+function getCollectionNameForDefinition(def) {
+  if (isExternalDefinition(def)) {
+    const cn = String(def.sourceCollectionName || '').trim();
+    return cn || getMongoCollectionName(def.codeIdentifier);
+  }
+  return getMongoCollectionName(def.codeIdentifier);
+}
 function buildSchemaFromDefinition(def) {
   const schemaShape = {};
   for (const field of def.fields || []) {
@@ -99,12 +111,14 @@ function buildSchemaFromDefinition(def) {
     schemaShape[fieldName] = toMongooseField(field);
   }
-  schemaShape._headlessModelCode = { type: String, default: def.codeIdentifier, index: true };
-  schemaShape._headlessSchemaVersion = { type: Number, default: def.version, index: true };
+  if (!isExternalDefinition(def)) {
+    schemaShape._headlessModelCode = { type: String, default: def.codeIdentifier, index: true };
+    schemaShape._headlessSchemaVersion = { type: Number, default: def.version, index: true };
+  }
   const schema = new mongoose.Schema(schemaShape, {
     timestamps: true,
-    collection: getMongoCollectionName(def.codeIdentifier),
+    collection: getCollectionNameForDefinition(def),
     strict: false,
   });
@@ -254,6 +268,8 @@ async function disableModelDefinition(codeIdentifier) {
 const modelCache = new Map();
 async function ensureAutoMigration(modelDef) {
+  if (isExternalDefinition(modelDef)) return;
   const collectionName = getMongoCollectionName(modelDef.codeIdentifier);
   const coll = mongoose.connection.collection(collectionName);
@@ -318,7 +334,8 @@ async function getDynamicModel(codeIdentifier) {
     throw err;
   }
-  const cacheKey = `${def.codeIdentifier}:${def.version}:${def.fieldsHash}`;
+  const collectionName = getCollectionNameForDefinition(def);
+  const cacheKey = `${def.codeIdentifier}:${def.version}:${def.fieldsHash}:${collectionName}`;
   const cached = modelCache.get(cacheKey);
   if (cached) return cached;
@@ -334,8 +351,10 @@ async function getDynamicModel(codeIdentifier) {
   const schema = buildSchemaFromDefinition(def);
   const Model = mongoose.model(modelName, schema);
-  await ensureAutoMigration(def);
-  await ensureIndexesBestEffort(Model);
+  if (!isExternalDefinition(def)) {
+    await ensureAutoMigration(def);
+    await ensureIndexesBestEffort(Model);
+  }
   modelCache.set(cacheKey, Model);
   return Model;
@@ -346,6 +365,7 @@ module.exports = {
   normalizeCodeIdentifier,
   getMongooseModelName,
   getMongoCollectionName,
+  getCollectionNameForDefinition,
   computeSchemaHash,
   listModelDefinitions,
   getModelDefinitionByCode,