npm - @intranefr/superbackend - Versions diffs - 1.5.3 → 1.6.3 - Mend

@intranefr/superbackend 1.5.3 → 1.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (106) hide show

package/cookies.txt +6 -0
package/cookies1.txt +6 -0
package/cookies2.txt +6 -0
package/cookies3.txt +6 -0
package/cookies4.txt +5 -0
package/cookies_old.txt +5 -0
package/cookies_old_test.txt +6 -0
package/cookies_super.txt +5 -0
package/cookies_super_test.txt +6 -0
package/cookies_test.txt +6 -0
package/index.js +7 -0
package/package.json +3 -1
package/plugins/core-waiting-list-migration/README.md +118 -0
package/plugins/core-waiting-list-migration/index.js +438 -0
package/plugins/global-settings-presets/index.js +20 -0
package/plugins/hello-cli/index.js +17 -0
package/plugins/ui-components-seeder/components/suiAlert.js +212 -0
package/plugins/ui-components-seeder/components/suiToast.js +186 -0
package/plugins/ui-components-seeder/index.js +31 -0
package/public/js/admin-ui-components-preview.js +281 -0
package/public/js/admin-ui-components.js +408 -0
package/public/js/llm-provider-model-picker.js +193 -0
package/public/test-iframe-fix.html +63 -0
package/public/test-iframe.html +14 -0
package/src/admin/endpointRegistry.js +68 -0
package/src/controllers/admin.controller.js +25 -5
package/src/controllers/adminDataCleanup.controller.js +45 -0
package/src/controllers/adminLlm.controller.js +0 -8
package/src/controllers/adminLogin.controller.js +269 -0
package/src/controllers/adminPlugins.controller.js +55 -0
package/src/controllers/adminRegistry.controller.js +106 -0
package/src/controllers/adminStats.controller.js +4 -4
package/src/controllers/registry.controller.js +32 -0
package/src/controllers/waitingList.controller.js +52 -74
package/src/middleware/auth.js +71 -1
package/src/middleware/rbac.js +62 -0
package/src/middleware.js +454 -153
package/src/models/GlobalSetting.js +11 -1
package/src/models/UiComponent.js +2 -0
package/src/models/User.js +1 -1
package/src/routes/admin.routes.js +3 -3
package/src/routes/adminAgents.routes.js +2 -2
package/src/routes/adminAssets.routes.js +11 -11
package/src/routes/adminBlog.routes.js +2 -2
package/src/routes/adminBlogAi.routes.js +2 -2
package/src/routes/adminBlogAutomation.routes.js +2 -2
package/src/routes/adminCache.routes.js +2 -2
package/src/routes/adminConsoleManager.routes.js +2 -2
package/src/routes/adminCrons.routes.js +2 -2
package/src/routes/adminDataCleanup.routes.js +26 -0
package/src/routes/adminDbBrowser.routes.js +2 -2
package/src/routes/adminEjsVirtual.routes.js +2 -2
package/src/routes/adminFeatureFlags.routes.js +6 -6
package/src/routes/adminHeadless.routes.js +2 -2
package/src/routes/adminHealthChecks.routes.js +2 -2
package/src/routes/adminI18n.routes.js +2 -2
package/src/routes/adminJsonConfigs.routes.js +8 -8
package/src/routes/adminLlm.routes.js +8 -8
package/src/routes/adminLogin.routes.js +23 -0
package/src/routes/adminMarkdowns.routes.js +3 -9
package/src/routes/adminMigration.routes.js +12 -12
package/src/routes/adminPages.routes.js +2 -2
package/src/routes/adminPlugins.routes.js +15 -0
package/src/routes/adminProxy.routes.js +2 -2
package/src/routes/adminRateLimits.routes.js +8 -8
package/src/routes/adminRbac.routes.js +2 -2
package/src/routes/adminRegistry.routes.js +24 -0
package/src/routes/adminScripts.routes.js +2 -2
package/src/routes/adminSeoConfig.routes.js +10 -10
package/src/routes/adminTelegram.routes.js +2 -2
package/src/routes/adminTerminals.routes.js +2 -2
package/src/routes/adminUiComponents.routes.js +2 -2
package/src/routes/adminUploadNamespaces.routes.js +7 -7
package/src/routes/blogInternal.routes.js +2 -2
package/src/routes/experiments.routes.js +2 -2
package/src/routes/formsAdmin.routes.js +6 -6
package/src/routes/globalSettings.routes.js +8 -8
package/src/routes/internalExperiments.routes.js +2 -2
package/src/routes/notificationAdmin.routes.js +7 -7
package/src/routes/orgAdmin.routes.js +16 -16
package/src/routes/pages.routes.js +3 -3
package/src/routes/registry.routes.js +11 -0
package/src/routes/stripeAdmin.routes.js +12 -12
package/src/routes/userAdmin.routes.js +7 -7
package/src/routes/waitingListAdmin.routes.js +2 -2
package/src/routes/workflows.routes.js +3 -3
package/src/services/dataCleanup.service.js +286 -0
package/src/services/jsonConfigs.service.js +262 -0
package/src/services/plugins.service.js +348 -0
package/src/services/registry.service.js +452 -0
package/src/services/uiComponents.service.js +180 -0
package/src/services/waitingListJson.service.js +401 -0
package/src/utils/rbac/rightsRegistry.js +118 -0
package/test-access.js +63 -0
package/test-iframe-fix.html +63 -0
package/test-iframe.html +14 -0
package/views/admin-403.ejs +92 -0
package/views/admin-dashboard-home.ejs +52 -2
package/views/admin-dashboard.ejs +143 -2
package/views/admin-data-cleanup.ejs +357 -0
package/views/admin-login.ejs +286 -0
package/views/admin-plugins-system.ejs +223 -0
package/views/admin-ui-components.ejs +82 -402
package/views/admin-users.ejs +207 -11
package/views/partials/dashboard/nav-items.ejs +2 -0
package/views/partials/llm-provider-model-picker.ejs +0 -161

package/src/middleware/auth.js CHANGED Viewed

@@ -70,4 +70,74 @@ const requireAdmin = (req, res, next) => {
   next();
 };
-module.exports = { authenticate, basicAuth, requireAdmin };
+// Admin session authentication middleware - checks session for authenticated admin user
+const adminSessionAuth = (req, res, next) => {
+  // Check if session exists and user is authenticated
+  if (!req.session || !req.session.authenticated) {
+    // Store the originally requested URL for redirect after login
+    req.session = req.session || {};
+    req.session.returnTo = req.originalUrl;
+    // For API routes, return JSON error
+    if (req.xhr || req.headers.accept?.includes('application/json')) {
+      return res.status(401).json({
+        error: "Authentication required",
+        redirectTo: `${req.adminPath || '/admin'}/login`
+      });
+    }
+    // For web routes, redirect to login page
+    return res.redirect(`${req.adminPath || '/admin'}/login`);
+  }
+  // Verify session is still valid (check login time)
+  const loginTime = new Date(req.session.loginTime);
+  const now = new Date();
+  const sessionAge = (now - loginTime) / (1000 * 60 * 60); // hours
+  // Session expires after 24 hours
+  if (sessionAge > 24) {
+    req.session.destroy((err) => {
+      if (err) console.error('Error destroying expired session:', err);
+    });
+    if (req.xhr || req.headers.accept?.includes('application/json')) {
+      return res.status(401).json({
+        error: "Session expired",
+        redirectTo: `${req.adminPath || '/admin'}/login`
+      });
+    }
+    return res.redirect(`${req.adminPath || '/admin'}/login?error=Session expired`);
+  }
+  // Attach user info to request for consistency with other auth middleware
+  req.user = {
+    authenticated: true,
+    authType: req.session.authType,
+    role: req.session.role
+  };
+  if (req.session.authType === 'iam') {
+    req.user.id = req.session.userId;
+    req.user.email = req.session.email;
+    req.user.name = req.session.name;
+  } else {
+    req.user.username = req.session.username;
+  }
+  next();
+};
+// Admin authentication middleware that supports both session and basic auth
+const adminAuth = (req, res, next) => {
+  // First try session authentication
+  if (req.session && req.session.authenticated) {
+    return adminSessionAuth(req, res, next);
+  }
+  // Fallback to basic auth for backward compatibility
+  return basicAuth(req, res, next);
+};
+module.exports = { authenticate, basicAuth, requireAdmin, adminSessionAuth, adminAuth };

package/src/middleware/rbac.js CHANGED Viewed

@@ -56,7 +56,69 @@ function requireRight(requiredRight, options = {}) {
   };
 }
+/**
+ * Middleware for module-level access control in admin panel
+ * Checks specific permissions for admin modules like audit, users, etc.
+ */
+function requireModuleAccess(moduleId, action = 'read') {
+  return async (req, res, next) => {
+    try {
+      // Check for basic auth superadmin bypass
+      if (isBasicAuthSuperAdmin(req)) {
+        return next();
+      }
+      // Get user ID from session
+      const userId = req.session?.authData?.userId;
+      if (!userId) {
+        return res.redirect(`${req.adminPath || '/admin'}/login`);
+      }
+      // Check RBAC permission for specific module
+      const hasAccess = await rbacService.checkRight({
+        userId,
+        orgId: null, // Global admin permissions
+        right: `admin_panel__${moduleId}:${action}`
+      });
+      if (!hasAccess.allowed) {
+        // For API routes, return JSON error
+        if (req.path.startsWith('/api/')) {
+          return res.status(403).json({
+            error: 'Access denied',
+            reason: hasAccess.reason,
+            required: `admin_panel__${moduleId}:${action}`,
+            moduleId,
+            action
+          });
+        }
+        // For page routes, render 403 page
+        return res.status(403).render('admin-403', {
+          moduleId,
+          action,
+          required: `admin_panel__${moduleId}:${action}`,
+          reason: hasAccess.reason,
+          user: req.session.authData,
+          adminPath: req.adminPath || '/admin'
+        });
+      }
+      next();
+    } catch (error) {
+      console.error('Module access check error:', error);
+      if (req.path.startsWith('/api/')) {
+        return res.status(500).json({ error: 'Access check failed' });
+      } else {
+        return res.status(500).send('Access check failed');
+      }
+    }
+  };
+}
 module.exports = {
   requireRight,
+  requireModuleAccess,
   isBasicAuthSuperAdmin,
 };