npm - @intranefr/superbackend - Versions diffs - 1.5.2 → 1.6.3 - Mend

@intranefr/superbackend 1.5.2 → 1.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (134) hide show

package/cookies.txt +6 -0
package/cookies1.txt +6 -0
package/cookies2.txt +6 -0
package/cookies3.txt +6 -0
package/cookies4.txt +5 -0
package/cookies_old.txt +5 -0
package/cookies_old_test.txt +6 -0
package/cookies_super.txt +5 -0
package/cookies_super_test.txt +6 -0
package/cookies_test.txt +6 -0
package/index.js +9 -0
package/manage.js +745 -0
package/package.json +6 -2
package/plugins/core-waiting-list-migration/README.md +118 -0
package/plugins/core-waiting-list-migration/index.js +438 -0
package/plugins/global-settings-presets/index.js +20 -0
package/plugins/hello-cli/index.js +17 -0
package/plugins/ui-components-seeder/components/suiAlert.js +212 -0
package/plugins/ui-components-seeder/components/suiToast.js +186 -0
package/plugins/ui-components-seeder/index.js +31 -0
package/public/js/admin-ui-components-preview.js +281 -0
package/public/js/admin-ui-components.js +408 -0
package/public/js/llm-provider-model-picker.js +193 -0
package/public/test-iframe-fix.html +63 -0
package/public/test-iframe.html +14 -0
package/src/admin/endpointRegistry.js +68 -0
package/src/controllers/admin.controller.js +36 -10
package/src/controllers/adminAgents.controller.js +37 -0
package/src/controllers/adminDataCleanup.controller.js +45 -0
package/src/controllers/adminLlm.controller.js +19 -8
package/src/controllers/adminLogin.controller.js +269 -0
package/src/controllers/adminMarkdowns.controller.js +157 -0
package/src/controllers/adminPlugins.controller.js +55 -0
package/src/controllers/adminRegistry.controller.js +106 -0
package/src/controllers/adminScripts.controller.js +138 -0
package/src/controllers/adminStats.controller.js +4 -4
package/src/controllers/adminTelegram.controller.js +72 -0
package/src/controllers/markdowns.controller.js +42 -0
package/src/controllers/registry.controller.js +32 -0
package/src/controllers/waitingList.controller.js +52 -74
package/src/helpers/mongooseHelper.js +6 -6
package/src/helpers/scriptBase.js +2 -2
package/src/middleware/auth.js +71 -1
package/src/middleware/rbac.js +62 -0
package/src/middleware.js +584 -176
package/src/models/Agent.js +105 -0
package/src/models/AgentMessage.js +82 -0
package/src/models/GlobalSetting.js +11 -1
package/src/models/Markdown.js +75 -0
package/src/models/ScriptRun.js +8 -0
package/src/models/TelegramBot.js +42 -0
package/src/models/UiComponent.js +2 -0
package/src/models/User.js +1 -1
package/src/routes/admin.routes.js +3 -3
package/src/routes/adminAgents.routes.js +13 -0
package/src/routes/adminAssets.routes.js +11 -11
package/src/routes/adminBlog.routes.js +2 -2
package/src/routes/adminBlogAi.routes.js +2 -2
package/src/routes/adminBlogAutomation.routes.js +2 -2
package/src/routes/adminCache.routes.js +2 -2
package/src/routes/adminConsoleManager.routes.js +2 -2
package/src/routes/adminCrons.routes.js +2 -2
package/src/routes/adminDataCleanup.routes.js +26 -0
package/src/routes/adminDbBrowser.routes.js +2 -2
package/src/routes/adminEjsVirtual.routes.js +2 -2
package/src/routes/adminFeatureFlags.routes.js +6 -6
package/src/routes/adminHeadless.routes.js +2 -2
package/src/routes/adminHealthChecks.routes.js +2 -2
package/src/routes/adminI18n.routes.js +2 -2
package/src/routes/adminJsonConfigs.routes.js +8 -8
package/src/routes/adminLlm.routes.js +8 -7
package/src/routes/adminLogin.routes.js +23 -0
package/src/routes/adminMarkdowns.routes.js +10 -0
package/src/routes/adminMigration.routes.js +12 -12
package/src/routes/adminPages.routes.js +2 -2
package/src/routes/adminPlugins.routes.js +15 -0
package/src/routes/adminProxy.routes.js +2 -2
package/src/routes/adminRateLimits.routes.js +8 -8
package/src/routes/adminRbac.routes.js +2 -2
package/src/routes/adminRegistry.routes.js +24 -0
package/src/routes/adminScripts.routes.js +6 -3
package/src/routes/adminSeoConfig.routes.js +10 -10
package/src/routes/adminTelegram.routes.js +14 -0
package/src/routes/adminTerminals.routes.js +2 -2
package/src/routes/adminUiComponents.routes.js +2 -2
package/src/routes/adminUploadNamespaces.routes.js +7 -7
package/src/routes/blogInternal.routes.js +2 -2
package/src/routes/experiments.routes.js +2 -2
package/src/routes/formsAdmin.routes.js +6 -6
package/src/routes/globalSettings.routes.js +8 -8
package/src/routes/internalExperiments.routes.js +2 -2
package/src/routes/markdowns.routes.js +16 -0
package/src/routes/notificationAdmin.routes.js +7 -7
package/src/routes/orgAdmin.routes.js +16 -16
package/src/routes/pages.routes.js +3 -3
package/src/routes/registry.routes.js +11 -0
package/src/routes/stripeAdmin.routes.js +12 -12
package/src/routes/userAdmin.routes.js +7 -7
package/src/routes/waitingListAdmin.routes.js +2 -2
package/src/routes/workflows.routes.js +3 -3
package/src/services/agent.service.js +546 -0
package/src/services/agentHistory.service.js +345 -0
package/src/services/agentTools.service.js +578 -0
package/src/services/dataCleanup.service.js +286 -0
package/src/services/jsonConfigs.service.js +284 -10
package/src/services/llm.service.js +219 -6
package/src/services/markdowns.service.js +522 -0
package/src/services/plugins.service.js +348 -0
package/src/services/registry.service.js +452 -0
package/src/services/scriptsRunner.service.js +328 -37
package/src/services/telegram.service.js +130 -0
package/src/services/uiComponents.service.js +180 -0
package/src/services/waitingListJson.service.js +401 -0
package/src/utils/rbac/rightsRegistry.js +118 -0
package/test-access.js +63 -0
package/test-iframe-fix.html +63 -0
package/test-iframe.html +14 -0
package/views/admin-403.ejs +92 -0
package/views/admin-agents.ejs +273 -0
package/views/admin-coolify-deploy.ejs +8 -8
package/views/admin-dashboard-home.ejs +52 -2
package/views/admin-dashboard.ejs +179 -7
package/views/admin-data-cleanup.ejs +357 -0
package/views/admin-experiments.ejs +1 -1
package/views/admin-login.ejs +286 -0
package/views/admin-markdowns.ejs +905 -0
package/views/admin-plugins-system.ejs +223 -0
package/views/admin-scripts.ejs +221 -4
package/views/admin-telegram.ejs +269 -0
package/views/admin-ui-components.ejs +82 -402
package/views/admin-users.ejs +207 -11
package/views/partials/dashboard/nav-items.ejs +5 -0
package/views/partials/llm-provider-model-picker.ejs +0 -161
package/analysis-only.skill +0 -0

package/test-access.js ADDED Viewed

@@ -0,0 +1,63 @@
+require('dotenv').config();
+const mongoose = require('mongoose');
+async function testAccessControl() {
+  try {
+    await mongoose.connect(process.env.MONGODB_URI, { authSource: 'admin' });
+    console.log('✅ Connected to MongoDB');
+    // Check if roles and grants exist
+    const RbacRole = require('./src/models/RbacRole');
+    const RbacGrant = require('./src/models/RbacGrant');
+    const User = require('./src/models/User');
+    // Find the limited-admin user
+    const user = await User.findOne({ email: 'limitedadmin@example.com' });
+    if (!user) {
+      console.log('❌ User not found');
+      return;
+    }
+    console.log(`✅ Found user: ${user.email} (${user.role})`);
+    // Find the limited-admin role
+    const limitedAdminRole = await RbacRole.findOne({ key: 'limited-admin' });
+    if (!limitedAdminRole) {
+      console.log('❌ limited-admin role not found');
+      return;
+    }
+    console.log(`✅ Found role: ${limitedAdminRole.name}`);
+    // Check grants for the role
+    const grants = await RbacGrant.find({
+      subjectType: 'role',
+      subjectId: limitedAdminRole._id
+    });
+    console.log(`\n📋 Role grants (${grants.length}):`);
+    grants.forEach(grant => {
+      console.log(`  - ${grant.right}`);
+    });
+    // Check specific permissions
+    const auditGrant = grants.find(g => g.right === 'admin_panel__audit:read');
+    const usersGrant = grants.find(g => g.right === 'admin_panel__users:read');
+    const errorsGrant = grants.find(g => g.right === 'admin_panel__errors:read');
+    console.log('\n🔍 Permission Summary:');
+    console.log(`Audit access: ${auditGrant ? '✅ ALLOWED' : '❌ DENIED'}`);
+    console.log(`Users access: ${usersGrant ? '✅ ALLOWED' : '❌ DENIED'}`);
+    console.log(`Errors access: ${errorsGrant ? '✅ ALLOWED' : '❌ DENIED'}`);
+    console.log('\n🎉 Access control test completed!');
+  } catch (error) {
+    console.error('❌ Test failed:', error);
+  } finally {
+    await mongoose.disconnect();
+  }
+}
+testAccessControl();

package/test-iframe-fix.html ADDED Viewed

@@ -0,0 +1,63 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Iframe Fix Test</title>
+    <style>
+        body { font-family: Arial, sans-serif; padding: 20px; }
+        .test-container { margin: 20px 0; }
+        iframe { width: 100%; height: 400px; border: 2px solid #ccc; }
+        .success { color: green; font-weight: bold; }
+        .error { color: red; font-weight: bold; }
+    </style>
+</head>
+<body>
+    <h1>Iframe Authentication Fix Test</h1>
+    <div class="test-container">
+        <h2>Test 1: Iframe with Token (Should Work)</h2>
+        <iframe src="/admin/stats/dashboard-home?iframe_token=authenticated"></iframe>
+        <p id="test1-result">Loading...</p>
+    </div>
+    <div class="test-container">
+        <h2>Test 2: Iframe without Token (Should Redirect to Login)</h2>
+        <iframe src="/admin/stats/dashboard-home"></iframe>
+        <p id="test2-result">Loading...</p>
+    </div>
+    <script>
+        // Test if iframe loads correctly
+        setTimeout(() => {
+            const iframes = document.querySelectorAll('iframe');
+            // Test 1 - should show Command Center
+            iframes[0].contentDocument && iframes[0].contentDocument.body) {
+                const content = iframes[0].contentDocument.body.innerText;
+                if (content.includes('Command Center')) {
+                    document.getElementById('test1-result').innerHTML = '<span class="success">✅ SUCCESS: Iframe with token loads correctly</span>';
+                } else if (content.includes('login') || content.includes('Login')) {
+                    document.getElementById('test1-result').innerHTML = '<span class="error">❌ FAILED: Iframe with token redirected to login</span>';
+                } else {
+                    document.getElementById('test1-result').innerHTML = '<span class="error">❌ UNKNOWN: Could not determine iframe content</span>';
+                }
+            } else {
+                document.getElementById('test1-result').innerHTML = '<span class="error">❌ FAILED: Could not access iframe content (cross-origin)</span>';
+            }
+            // Test 2 - should redirect to login
+            if (iframes[1].contentDocument && iframes[1].contentDocument.body) {
+                const content = iframes[1].contentDocument.body.innerText;
+                if (content.includes('login') || content.includes('Login')) {
+                    document.getElementById('test2-result').innerHTML = '<span class="success">✅ SUCCESS: Iframe without token correctly redirects to login</span>';
+                } else if (content.includes('Command Center')) {
+                    document.getElementById('test2-result').innerHTML = '<span class="error">❌ FAILED: Iframe without token loaded content (security issue)</span>';
+                } else {
+                    document.getElementById('test2-result').innerHTML = '<span class="error">❌ UNKNOWN: Could not determine iframe content</span>';
+                }
+            } else {
+                document.getElementById('test2-result').innerHTML = '<span class="error">❌ FAILED: Could not access iframe content (cross-origin)</span>';
+            }
+        }, 3000);
+    </script>
+</body>
+</html>

package/test-iframe.html ADDED Viewed

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Iframe Test</title>
+</head>
+<body>
+    <h1>Iframe Test</h1>
+    <p>Testing iframe loading of admin dashboard content...</p>
+    <iframe src="/admin/stats/dashboard-home" width="100%" height="500" style="border: 1px solid #ccc;"></iframe>
+    <p>If you see the admin dashboard content above, iframes work. If you see a login page, there's a cookie/session issue.</p>
+</body>
+</html>

package/views/admin-403.ejs ADDED Viewed

@@ -0,0 +1,92 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Access Denied - SuperBackend Admin</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/dist/tabler-icons.min.css">
+</head>
+<body class="bg-gray-50 min-h-screen flex items-center justify-center">
+    <div class="max-w-md w-full bg-white rounded-lg shadow-lg p-8">
+        <div class="text-center">
+            <!-- Error Icon -->
+            <div class="mx-auto w-16 h-16 bg-red-100 rounded-full flex items-center justify-center mb-4">
+                <i class="ti ti-lock text-red-600 text-2xl"></i>
+            </div>
+            <!-- Error Title -->
+            <h1 class="text-2xl font-bold text-gray-900 mb-2">Access Denied</h1>
+            <!-- Error Message -->
+            <p class="text-gray-600 mb-6">
+                You don't have permission to access this module.
+            </p>
+            <!-- Permission Details -->
+            <div class="bg-gray-50 rounded-lg p-4 mb-6 text-left">
+                <h3 class="text-sm font-semibold text-gray-700 mb-2">Permission Details:</h3>
+                <div class="space-y-1 text-xs">
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Module:</span>
+                        <span class="font-mono text-gray-800"><%= moduleId %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Action:</span>
+                        <span class="font-mono text-gray-800"><%= action %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Required:</span>
+                        <span class="font-mono text-gray-800 break-all"><%= required %></span>
+                    </div>
+                    <% if (reason) { %>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">Reason:</span>
+                        <span class="font-mono text-gray-800"><%= reason %></span>
+                    </div>
+                    <% } %>
+                </div>
+            </div>
+            <!-- User Info -->
+            <% if (user) { %>
+            <div class="bg-blue-50 rounded-lg p-4 mb-6 text-left">
+                <h3 class="text-sm font-semibold text-blue-700 mb-2">Current User:</h3>
+                <div class="space-y-1 text-xs">
+                    <div class="flex justify-between">
+                        <span class="text-blue-600">Name:</span>
+                        <span class="font-mono text-blue-800"><%= user.name || 'N/A' %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-blue-600">Email:</span>
+                        <span class="font-mono text-blue-800 break-all"><%= user.email %></span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-blue-600">Role:</span>
+                        <span class="font-mono text-blue-800"><%= user.role || 'N/A' %></span>
+                    </div>
+                </div>
+            </div>
+            <% } %>
+            <!-- Action Buttons -->
+            <div class="space-y-3">
+                <a href="<%= adminPath %>" class="w-full bg-blue-600 text-white py-2 px-4 rounded-lg hover:bg-blue-700 transition-colors flex items-center justify-center">
+                    <i class="ti ti-layout-dashboard mr-2"></i>
+                    Return to Dashboard
+                </a>
+                <button onclick="history.back()" class="w-full bg-gray-200 text-gray-700 py-2 px-4 rounded-lg hover:bg-gray-300 transition-colors flex items-center justify-center">
+                    <i class="ti ti-arrow-left mr-2"></i>
+                    Go Back
+                </button>
+            </div>
+            <!-- Help Text -->
+            <p class="text-xs text-gray-500 mt-6">
+                If you believe this is an error, please contact your system administrator.
+            </p>
+        </div>
+    </div>
+</body>
+</html>

package/views/admin-agents.ejs ADDED Viewed

@@ -0,0 +1,273 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>AI Agents - SuperBackend</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <script src="https://unpkg.com/vue@3/dist/vue.global.js"></script>
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@tabler/icons-webfont@latest/dist/tabler-icons.min.css">
+</head>
+<body class="bg-gray-50 min-h-screen">
+    <div id="app" class="p-6 max-w-6xl mx-auto" v-cloak>
+        <div class="flex justify-between items-center mb-8">
+            <div>
+                <h1 class="text-2xl font-bold text-gray-800">AI Agents</h1>
+                <p class="text-gray-500">Configure your intelligent agent gateway</p>
+            </div>
+            <button @click="openCreateModal" class="bg-indigo-600 text-white px-4 py-2 rounded-lg flex items-center gap-2 hover:bg-indigo-700 transition">
+                <i class="ti ti-plus"></i>
+                Create Agent
+            </button>
+        </div>
+        <!-- Agent List -->
+        <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-6">
+            <div v-for="agent in agents" :key="agent._id" class="bg-white rounded-xl shadow-sm border border-gray-200 overflow-hidden hover:shadow-md transition">
+                <div class="p-6">
+                    <div class="flex justify-between items-start mb-4">
+                        <div class="flex items-center gap-3">
+                            <div class="w-10 h-10 rounded-lg bg-indigo-100 text-indigo-600 flex items-center justify-center text-xl">
+                                <i class="ti ti-robot"></i>
+                            </div>
+                            <div>
+                                <h3 class="font-bold text-gray-800">{{ agent.name }}</h3>
+                                <p class="text-xs text-gray-400">{{ agent.model }}</p>
+                            </div>
+                        </div>
+                        <div class="flex gap-1">
+                            <button @click="editAgent(agent)" class="p-1.5 text-gray-400 hover:text-indigo-600 hover:bg-indigo-50 rounded-md transition">
+                                <i class="ti ti-edit"></i>
+                            </button>
+                            <button @click="confirmDelete(agent)" class="p-1.5 text-gray-400 hover:text-red-600 hover:bg-red-50 rounded-md transition">
+                                <i class="ti ti-trash"></i>
+                            </button>
+                        </div>
+                    </div>
+                    <div class="space-y-3 text-sm">
+                        <p class="text-gray-600 line-clamp-2 italic">"{{ agent.systemPrompt }}"</p>
+                        <div class="flex flex-wrap gap-1 mt-4">
+                            <span v-for="tool in agent.tools" :key="tool" class="px-2 py-0.5 bg-gray-100 text-gray-600 rounded text-xs border border-gray-200">
+                                {{ tool }}
+                            </span>
+                            <span v-if="!agent.tools?.length" class="text-xs text-gray-400">No tools enabled</span>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <!-- Empty State -->
+        <div v-if="agents.length === 0" class="bg-white rounded-xl border-2 border-dashed border-gray-200 p-12 text-center">
+            <i class="ti ti-robot text-6xl text-gray-200 mb-4 inline-block"></i>
+            <h3 class="text-lg font-medium text-gray-800">No agents found</h3>
+            <p class="text-gray-500 mb-6">Create your first AI agent to start automating</p>
+            <button @click="openCreateModal" class="bg-indigo-600 text-white px-6 py-2 rounded-lg hover:bg-indigo-700 transition">
+                Create Agent
+            </button>
+        </div>
+        <!-- Modal -->
+        <div v-if="showModal" class="fixed inset-0 bg-black/50 flex items-center justify-center z-50 p-4">
+            <div class="bg-white rounded-xl shadow-xl w-full max-w-2xl overflow-hidden max-h-[90vh] flex flex-col">
+                <div class="px-6 py-4 border-b border-gray-100 flex justify-between items-center shrink-0">
+                    <h3 class="font-bold text-gray-800">{{ editingAgent ? 'Edit Agent' : 'Create Agent' }}</h3>
+                    <button @click="showModal = false" class="text-gray-400 hover:text-gray-600">
+                        <i class="ti ti-x"></i>
+                    </button>
+                </div>
+                <form @submit.prevent="saveAgent" class="p-6 space-y-4 overflow-y-auto">
+                    <div class="grid grid-cols-2 gap-4">
+                        <div class="col-span-2">
+                            <label class="block text-sm font-medium text-gray-700 mb-1">Agent Name</label>
+                            <input v-model="formData.name" type="text" required class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-indigo-500 outline-none" placeholder="Customer Support AI">
+                        </div>
+                        <div>
+                            <label class="block text-sm font-medium text-gray-700 mb-1">LLM Provider</label>
+                            <select v-model="formData.providerKey" required class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-indigo-500 outline-none">
+                                <option value="">Select Provider</option>
+                                <option v-for="(p, key) in providers" :key="key" :value="key">{{ p.label || key }}</option>
+                            </select>
+                        </div>
+                        <div>
+                            <label class="block text-sm font-medium text-gray-700 mb-1">Model</label>
+                            <input v-model="formData.model" type="text" required class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-indigo-500 outline-none" placeholder="gpt-4o, claude-3-5-sonnet...">
+                        </div>
+                    </div>
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">System Prompt / Instructions</label>
+                        <textarea v-model="formData.systemPrompt" rows="6" required class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-indigo-500 outline-none font-mono text-sm" placeholder="You are a helpful assistant that..."></textarea>
+                    </div>
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-2">Enabled Tools</label>
+                        <div class="grid grid-cols-2 gap-2">
+                            <label v-for="tool in availableTools" :key="tool" class="flex items-center gap-2 p-2 border border-gray-200 rounded-lg cursor-pointer hover:bg-gray-50">
+                                <input type="checkbox" :value="tool" v-model="formData.tools" class="w-4 h-4 text-indigo-600 rounded">
+                                <span class="text-sm font-medium text-gray-700">{{ tool }}</span>
+                            </label>
+                        </div>
+                    </div>
+                    <div class="grid grid-cols-2 gap-4">
+                        <div>
+                            <label class="block text-sm font-medium text-gray-700 mb-1">Temperature ({{ formData.temperature }})</label>
+                            <input v-model.number="formData.temperature" type="range" min="0" max="2" step="0.1" class="w-full h-2 bg-gray-200 rounded-lg appearance-none cursor-pointer accent-indigo-600">
+                        </div>
+                        <div>
+                            <label class="block text-sm font-medium text-gray-700 mb-1">Max Tool Iterations</label>
+                            <input v-model.number="formData.maxIterations" type="number" min="1" max="50" class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-indigo-500 outline-none" placeholder="10">
+                            <p class="text-[10px] text-gray-400 mt-1">Maximum number of tool call loops allowed per message. Default is 10.</p>
+                        </div>
+                    </div>
+                    <div class="flex gap-3 pt-4 shrink-0">
+                        <button type="button" @click="showModal = false" class="flex-1 px-4 py-2 border border-gray-300 text-gray-700 rounded-lg hover:bg-gray-50 transition">
+                            Cancel
+                        </button>
+                        <button type="submit" :disabled="saving" class="flex-1 px-4 py-2 bg-indigo-600 text-white rounded-lg hover:bg-indigo-700 transition disabled:opacity-50">
+                            {{ saving ? 'Saving...' : (editingAgent ? 'Update' : 'Create') }}
+                        </button>
+                    </div>
+                </form>
+            </div>
+        </div>
+    </div>
+    <script>
+        const { createApp, ref, onMounted } = Vue;
+        createApp({
+            setup() {
+                const agents = ref([]);
+                const providers = ref({});
+                const showModal = ref(false);
+                const editingAgent = ref(null);
+                const saving = ref(false);
+                const availableTools = ['query_database', 'get_system_stats', 'raw_db_query', 'exec'];
+                const formData = ref({
+                    name: '',
+                    systemPrompt: 'You are a helpful assistant.',
+                    providerKey: '',
+                    model: '',
+                    tools: [],
+                    temperature: 0.7,
+                    maxIterations: 10
+                });
+                const baseUrl = '<%= baseUrl %>';
+                const fetchAgents = async () => {
+                    const res = await fetch(`${baseUrl}/api/admin/agents`);
+                    const data = await res.json();
+                    agents.value = data.items;
+                };
+                const fetchLLMConfig = async () => {
+                    // We need an endpoint to get LLM providers.
+                    // For now, let's try to get it from the LLM admin API if it exists
+                    try {
+                        const res = await fetch(`${baseUrl}/api/admin/llm/providers`);
+                        if (res.ok) {
+                            const data = await res.json();
+                            providers.value = data.providers || {};
+                        }
+                    } catch (e) {
+                        console.warn('Failed to fetch LLM providers');
+                    }
+                };
+                const openCreateModal = () => {
+                    editingAgent.value = null;
+                    formData.value = {
+                        name: '',
+                        systemPrompt: 'You are a helpful assistant.',
+                        providerKey: Object.keys(providers.value)[0] || '',
+                        model: '',
+                        tools: [],
+                        temperature: 0.7,
+                        maxIterations: 10
+                    };
+                    showModal.value = true;
+                };
+                const editAgent = (agent) => {
+                    editingAgent.value = agent;
+                    formData.value = {
+                        name: agent.name,
+                        systemPrompt: agent.systemPrompt,
+                        providerKey: agent.providerKey,
+                        model: agent.model,
+                        tools: agent.tools || [],
+                        temperature: agent.temperature || 0.7,
+                        maxIterations: agent.maxIterations || 10
+                    };
+                    showModal.value = true;
+                };
+                const confirmDelete = async (agent) => {
+                    if (confirm(`Are you sure you want to delete agent ${agent.name}?`)) {
+                        await fetch(`${baseUrl}/api/admin/agents/${agent._id}`, { method: 'DELETE' });
+                        fetchAgents();
+                    }
+                };
+                const saveAgent = async () => {
+                    saving.value = true;
+                    try {
+                        const url = editingAgent.value
+                            ? `${baseUrl}/api/admin/agents/${editingAgent.value._id}`
+                            : `${baseUrl}/api/admin/agents`;
+                        const method = editingAgent.value ? 'PUT' : 'POST';
+                        const res = await fetch(url, {
+                            method,
+                            headers: { 'Content-Type': 'application/json' },
+                            body: JSON.stringify(formData.value)
+                        });
+                        if (res.ok) {
+                            showModal.value = false;
+                            fetchAgents();
+                        } else {
+                            const data = await res.json();
+                            alert(data.error || 'Failed to save agent');
+                        }
+                    } catch (err) {
+                        alert(err.message);
+                    } finally {
+                        saving.value = false;
+                    }
+                };
+                onMounted(() => {
+                    fetchAgents();
+                    fetchLLMConfig();
+                });
+                return {
+                    agents,
+                    providers,
+                    showModal,
+                    editingAgent,
+                    formData,
+                    saving,
+                    availableTools,
+                    openCreateModal,
+                    editAgent,
+                    confirmDelete,
+                    saveAgent
+                };
+            }
+        }).mount('#app');
+    </script>
+</body>
+</html>

package/views/admin-coolify-deploy.ejs CHANGED Viewed

@@ -30,7 +30,7 @@
                 >
                     <i v-if="loading.provisioning" class="ti ti-loader-2 animate-spin"></i>
                     <i v-else class="ti ti-file-code"></i>
-                    Provision manage.sh
+                    Provision manage.js
                 </button>
             </div>
@@ -81,24 +81,24 @@ REMOTE_DOMAIN_CONFIG_FILENAME=superlandings.yml</pre>
                         <div>
                             <p class="text-sm font-semibold text-gray-700 mb-2">1. Deploy Application</p>
                             <div class="bg-gray-100 p-2 rounded font-mono text-xs flex justify-between items-center">
-                                <code>./manage.sh deploy</code>
-                                <button @click="copyToClipboard('./manage.sh deploy')" class="p-1 hover:text-blue-600"><i class="ti ti-copy"></i></button>
+                                <code>node manage.js deploy</code>
+                                <button @click="copyToClipboard('node manage.js deploy')" class="p-1 hover:text-blue-600"><i class="ti ti-copy"></i></button>
                             </div>
                             <p class="text-xs text-gray-500 mt-1">Syncs files via rsync and runs docker compose remotely.</p>
                         </div>
                         <div>
                             <p class="text-sm font-semibold text-gray-700 mb-2">2. Setup Traefik Proxy</p>
                             <div class="bg-gray-100 p-2 rounded font-mono text-xs flex justify-between items-center">
-                                <code>./manage.sh proxy</code>
-                                <button @click="copyToClipboard('./manage.sh proxy')" class="p-1 hover:text-blue-600"><i class="ti ti-copy"></i></button>
+                                <code>node manage.js proxy</code>
+                                <button @click="copyToClipboard('node manage.js proxy')" class="p-1 hover:text-blue-600"><i class="ti ti-copy"></i></button>
                             </div>
                             <p class="text-xs text-gray-500 mt-1">Generates the Traefik YAML configuration file locally.</p>
                         </div>
                         <div>
                             <p class="text-sm font-semibold text-gray-700 mb-2">3. Deploy Domain</p>
                             <div class="bg-gray-100 p-2 rounded font-mono text-xs flex justify-between items-center">
-                                <code>./manage.sh domain</code>
-                                <button @click="copyToClipboard('./manage.sh domain')" class="p-1 hover:text-blue-600"><i class="ti ti-copy"></i></button>
+                                <code>node manage.js domain</code>
+                                <button @click="copyToClipboard('node manage.js domain')" class="p-1 hover:text-blue-600"><i class="ti ti-copy"></i></button>
                             </div>
                             <p class="text-xs text-gray-500 mt-1">Uploads the Traefik YAML to the gateway server.</p>
                         </div>
@@ -145,7 +145,7 @@ REMOTE_DOMAIN_CONFIG_FILENAME=superlandings.yml`;
                 const provisionScript = async (overwrite = false) => {
                     if (overwrite) {
-                        if (!confirm('Are you sure you want to overwrite the existing manage.sh?')) {
+                        if (!confirm('Are you sure you want to overwrite the existing manage.js?')) {
                             return;
                         }
                     }

package/views/admin-dashboard-home.ejs CHANGED Viewed

@@ -149,14 +149,64 @@
   <script>
     let growthChart, emailChart;
+    const isIframe = <%= typeof isIframe !== 'undefined' && isIframe %>;
     async function fetchStats() {
       try {
-        const res = await fetch('<%= baseUrl %>/api/admin/stats/overview');
-        const data = await res.json();
+        let data;
+        if (isIframe) {
+          // In iframe mode, request data from parent window
+          data = await new Promise((resolve, reject) => {
+            const messageId = 'stats-request-' + Date.now();
+            const handleMessage = (event) => {
+              if (event.data.type === 'stats-response' && event.data.messageId === messageId) {
+                window.removeEventListener('message', handleMessage);
+                if (event.data.error) {
+                  reject(new Error(event.data.error));
+                } else {
+                  resolve(event.data.data);
+                }
+              }
+            };
+            window.addEventListener('message', handleMessage);
+            // Request data from parent
+            window.parent.postMessage({
+              type: 'stats-request',
+              messageId: messageId,
+              endpoint: '<%= baseUrl %>/api/admin/stats/overview'
+            }, '*');
+            // Timeout after 5 seconds
+            setTimeout(() => {
+              window.removeEventListener('message', handleMessage);
+              reject(new Error('Timeout waiting for parent response'));
+            }, 5000);
+          });
+        } else {
+          // Normal mode - direct fetch
+          const res = await fetch('<%= baseUrl %>/api/admin/stats/overview');
+          data = await res.json();
+        }
         updateUI(data);
       } catch (err) {
         console.error('Failed to load stats:', err);
+        // Show error state
+        const app = document.getElementById('app');
+        if (app) {
+          app.innerHTML = `
+            <div class="text-center py-12">
+              <i class="ti ti-alert-triangle text-4xl text-yellow-500 mb-4"></i>
+              <h3 class="text-lg font-semibold text-gray-900 mb-2">Unable to load stats</h3>
+              <p class="text-gray-500">${err.message}</p>
+              ${isIframe ? '<p class="text-sm text-gray-400 mt-2">Iframe mode: Parent window communication failed</p>' : ''}
+            </div>
+          `;
+        }
       }
     }