@intranefr/superbackend 1.6.6 → 1.7.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/.env.example +4 -0
  2. package/README.md +18 -0
  3. package/package.json +8 -2
  4. package/public/js/admin-superdemos.js +396 -0
  5. package/public/sdk/superdemos.iife.js +614 -0
  6. package/public/superdemos-qa.html +324 -0
  7. package/sdk/superdemos/browser/src/index.js +719 -0
  8. package/src/cli/agent-chat.js +369 -0
  9. package/src/cli/agent-list.js +42 -0
  10. package/src/controllers/adminAgentsChat.controller.js +172 -0
  11. package/src/controllers/adminSuperDemos.controller.js +382 -0
  12. package/src/controllers/superDemosPublic.controller.js +126 -0
  13. package/src/middleware.js +102 -19
  14. package/src/models/BlogAutomationLock.js +4 -4
  15. package/src/models/BlogPost.js +16 -16
  16. package/src/models/CacheEntry.js +17 -6
  17. package/src/models/JsonConfig.js +2 -4
  18. package/src/models/RateLimitMetricBucket.js +10 -5
  19. package/src/models/SuperDemo.js +38 -0
  20. package/src/models/SuperDemoProject.js +32 -0
  21. package/src/models/SuperDemoStep.js +27 -0
  22. package/src/routes/adminAgents.routes.js +10 -0
  23. package/src/routes/adminMarkdowns.routes.js +3 -0
  24. package/src/routes/adminSuperDemos.routes.js +31 -0
  25. package/src/routes/superDemos.routes.js +9 -0
  26. package/src/services/auditLogger.js +75 -37
  27. package/src/services/email.service.js +18 -3
  28. package/src/services/superDemosAuthoringSessions.service.js +132 -0
  29. package/src/services/superDemosWs.service.js +164 -0
  30. package/src/services/terminalsWs.service.js +35 -3
  31. package/src/utils/rbac/rightsRegistry.js +2 -0
  32. package/views/admin-agents.ejs +261 -11
  33. package/views/admin-dashboard.ejs +78 -8
  34. package/views/admin-superdemos.ejs +335 -0
  35. package/views/admin-terminals.ejs +462 -34
  36. package/views/partials/admin/agents-chat.ejs +80 -0
  37. package/views/partials/dashboard/nav-items.ejs +1 -0
  38. package/views/partials/dashboard/tab-bar.ejs +6 -0
  39. package/cookies.txt +0 -6
  40. package/cookies1.txt +0 -6
  41. package/cookies2.txt +0 -6
  42. package/cookies3.txt +0 -6
  43. package/cookies4.txt +0 -5
  44. package/cookies_old.txt +0 -5
  45. package/cookies_old_test.txt +0 -6
  46. package/cookies_super.txt +0 -5
  47. package/cookies_super_test.txt +0 -6
  48. package/cookies_test.txt +0 -6
  49. package/test-access.js +0 -63
  50. package/test-iframe-fix.html +0 -63
  51. package/test-iframe.html +0 -14
package/cookies.txt DELETED
@@ -1,6 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- #HttpOnly_localhost FALSE / FALSE 1771637659 superbackend.admin.session s%3AqRrB9xwjQm68DAgSOlyfgBfyq8BqnDCp.q1NiKyQlwZw2ZllDyHbP6v0%2F%2FMrE%2FU%2FlAa7K2vUleBE
6
- localhost FALSE / FALSE 1803087259 saas_anon_id b1095bdfcae46d10f0428aa70ee83de2
package/cookies1.txt DELETED
@@ -1,6 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- #HttpOnly_localhost FALSE / FALSE 1771629571 superbackend.admin.session s%3AsEcSn6xXkyeOqHm9mRm23J5Dc1nxuz1k.OqghsIsnLrw4SKxxIYx8lmmAjWt9IXCMxn%2FcYeAvUBc
6
- localhost FALSE / FALSE 1803079171 saas_anon_id 51dc6dfc39d5ea7a7012b848631cae6a
package/cookies2.txt DELETED
@@ -1,6 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- #HttpOnly_localhost FALSE / FALSE 1771637427 superbackend.admin.session s%3AvhBh0by7y7DrXprXCYSEi1UFlhT1fuR8.t1FufjMGUS%2F4PPxxQa%2B3En7QjEGB26clmZ3L6yf4%2F0o
6
- localhost FALSE / FALSE 1803087027 saas_anon_id 711a36c4d41763f6964ae744e69164c3
package/cookies3.txt DELETED
@@ -1,6 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- #HttpOnly_localhost FALSE / FALSE 1771629581 superbackend.admin.session s%3AiN0D-96QhVJhqcAUYtzx6qy01CgQ3Dgo.VyE%2F7D1wbr5FqK3UMQd1lda%2FC7Y8SQ9dRbwkxGMzuBM
6
- localhost FALSE / FALSE 1803079181 saas_anon_id c8eeb3f7879f705c085ca27b89f7ff42
package/cookies4.txt DELETED
@@ -1,5 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- localhost FALSE / FALSE 1803079186 saas_anon_id f679820563d5f343f793c6ed7d5b4f87
package/cookies_old.txt DELETED
@@ -1,5 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- localhost FALSE / FALSE 1803079090 saas_anon_id 0ad79ed83e8b6933dd2469b2af3065d8
package/cookies_old_test.txt DELETED
@@ -1,6 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- #HttpOnly_localhost FALSE / FALSE 1771629556 superbackend.admin.session s%3ABoRFJAcrePSTzSsN1EbrhiflhjfX1d69.H0fWiFrS1g9rqZARagoBd5csk387jkobU7e4KFIZd%2Fk
6
- localhost FALSE / FALSE 1803079156 saas_anon_id cdadcc15da1d363683ebf9267b79f8a8
package/cookies_super.txt DELETED
@@ -1,5 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- localhost FALSE / FALSE 1803079106 saas_anon_id 93e0f60b466aca5cd9974d947c6bf78f
package/cookies_super_test.txt DELETED
@@ -1,6 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- #HttpOnly_localhost FALSE / FALSE 1771629526 superbackend.admin.session s%3ATUoGC9bTPVpHPYS6GtIdeJNMcLfcD98e.utwPy950VenpwybMXuLeVNxi2XZEv%2FiCs2LN1FZumGs
6
- localhost FALSE / FALSE 1803079126 saas_anon_id 229f3817edba8d9274702f3b7fa6223c
package/cookies_test.txt DELETED
@@ -1,6 +0,0 @@
1
- # Netscape HTTP Cookie File
2
- # https://curl.se/docs/http-cookies.html
3
- # This file was generated by libcurl! Edit at your own risk.
4
-
5
- #HttpOnly_localhost FALSE / FALSE 1771629501 superbackend.admin.session s%3AgzJQktAUd-6uZRBWJl2TgZL_iEKx9FME.UwOmJJS6XL9wuK7nQtMpVs6qSktGrgdgGVMZWW0eTmE
6
- localhost FALSE / FALSE 1803079101 saas_anon_id 277a3d95195da9261595cb40995a4bf0
package/test-access.js DELETED
@@ -1,63 +0,0 @@
1
- require('dotenv').config();
2
- const mongoose = require('mongoose');
3
-
4
- async function testAccessControl() {
5
- try {
6
- await mongoose.connect(process.env.MONGODB_URI, { authSource: 'admin' });
7
- console.log('✅ Connected to MongoDB');
8
-
9
- // Check if roles and grants exist
10
- const RbacRole = require('./src/models/RbacRole');
11
- const RbacGrant = require('./src/models/RbacGrant');
12
- const User = require('./src/models/User');
13
-
14
- // Find the limited-admin user
15
- const user = await User.findOne({ email: 'limitedadmin@example.com' });
16
-
17
- if (!user) {
18
- console.log('❌ User not found');
19
- return;
20
- }
21
-
22
- console.log(`✅ Found user: ${user.email} (${user.role})`);
23
-
24
- // Find the limited-admin role
25
- const limitedAdminRole = await RbacRole.findOne({ key: 'limited-admin' });
26
- if (!limitedAdminRole) {
27
- console.log('❌ limited-admin role not found');
28
- return;
29
- }
30
-
31
- console.log(`✅ Found role: ${limitedAdminRole.name}`);
32
-
33
- // Check grants for the role
34
- const grants = await RbacGrant.find({
35
- subjectType: 'role',
36
- subjectId: limitedAdminRole._id
37
- });
38
-
39
- console.log(`\n📋 Role grants (${grants.length}):`);
40
- grants.forEach(grant => {
41
- console.log(` - ${grant.right}`);
42
- });
43
-
44
- // Check specific permissions
45
- const auditGrant = grants.find(g => g.right === 'admin_panel__audit:read');
46
- const usersGrant = grants.find(g => g.right === 'admin_panel__users:read');
47
- const errorsGrant = grants.find(g => g.right === 'admin_panel__errors:read');
48
-
49
- console.log('\n🔍 Permission Summary:');
50
- console.log(`Audit access: ${auditGrant ? '✅ ALLOWED' : '❌ DENIED'}`);
51
- console.log(`Users access: ${usersGrant ? '✅ ALLOWED' : '❌ DENIED'}`);
52
- console.log(`Errors access: ${errorsGrant ? '✅ ALLOWED' : '❌ DENIED'}`);
53
-
54
- console.log('\n🎉 Access control test completed!');
55
-
56
- } catch (error) {
57
- console.error('❌ Test failed:', error);
58
- } finally {
59
- await mongoose.disconnect();
60
- }
61
- }
62
-
63
- testAccessControl();
package/test-iframe-fix.html DELETED
@@ -1,63 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>Iframe Fix Test</title>
5
- <style>
6
- body { font-family: Arial, sans-serif; padding: 20px; }
7
- .test-container { margin: 20px 0; }
8
- iframe { width: 100%; height: 400px; border: 2px solid #ccc; }
9
- .success { color: green; font-weight: bold; }
10
- .error { color: red; font-weight: bold; }
11
- </style>
12
- </head>
13
- <body>
14
- <h1>Iframe Authentication Fix Test</h1>
15
-
16
- <div class="test-container">
17
- <h2>Test 1: Iframe with Token (Should Work)</h2>
18
- <iframe src="/admin/stats/dashboard-home?iframe_token=authenticated"></iframe>
19
- <p id="test1-result">Loading...</p>
20
- </div>
21
-
22
- <div class="test-container">
23
- <h2>Test 2: Iframe without Token (Should Redirect to Login)</h2>
24
- <iframe src="/admin/stats/dashboard-home"></iframe>
25
- <p id="test2-result">Loading...</p>
26
- </div>
27
-
28
- <script>
29
- // Test if iframe loads correctly
30
- setTimeout(() => {
31
- const iframes = document.querySelectorAll('iframe');
32
-
33
- // Test 1 - should show Command Center
34
- iframes[0].contentDocument && iframes[0].contentDocument.body) {
35
- const content = iframes[0].contentDocument.body.innerText;
36
- if (content.includes('Command Center')) {
37
- document.getElementById('test1-result').innerHTML = '<span class="success">✅ SUCCESS: Iframe with token loads correctly</span>';
38
- } else if (content.includes('login') || content.includes('Login')) {
39
- document.getElementById('test1-result').innerHTML = '<span class="error">❌ FAILED: Iframe with token redirected to login</span>';
40
- } else {
41
- document.getElementById('test1-result').innerHTML = '<span class="error">❌ UNKNOWN: Could not determine iframe content</span>';
42
- }
43
- } else {
44
- document.getElementById('test1-result').innerHTML = '<span class="error">❌ FAILED: Could not access iframe content (cross-origin)</span>';
45
- }
46
-
47
- // Test 2 - should redirect to login
48
- if (iframes[1].contentDocument && iframes[1].contentDocument.body) {
49
- const content = iframes[1].contentDocument.body.innerText;
50
- if (content.includes('login') || content.includes('Login')) {
51
- document.getElementById('test2-result').innerHTML = '<span class="success">✅ SUCCESS: Iframe without token correctly redirects to login</span>';
52
- } else if (content.includes('Command Center')) {
53
- document.getElementById('test2-result').innerHTML = '<span class="error">❌ FAILED: Iframe without token loaded content (security issue)</span>';
54
- } else {
55
- document.getElementById('test2-result').innerHTML = '<span class="error">❌ UNKNOWN: Could not determine iframe content</span>';
56
- }
57
- } else {
58
- document.getElementById('test2-result').innerHTML = '<span class="error">❌ FAILED: Could not access iframe content (cross-origin)</span>';
59
- }
60
- }, 3000);
61
- </script>
62
- </body>
63
- </html>
package/test-iframe.html DELETED
@@ -1,14 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>Iframe Test</title>
5
- </head>
6
- <body>
7
- <h1>Iframe Test</h1>
8
- <p>Testing iframe loading of admin dashboard content...</p>
9
-
10
- <iframe src="/admin/stats/dashboard-home" width="100%" height="500" style="border: 1px solid #ccc;"></iframe>
11
-
12
- <p>If you see the admin dashboard content above, iframes work. If you see a login page, there's a cookie/session issue.</p>
13
- </body>
14
- </html>