@opengis/admin 0.3.23 → 0.3.25

package/server/routes/widget/controllers/widget.del.js

@@ -1,63 +1,63 @@
-import { isFileExists } from "@opengis/fastify-file/utils.js";
-
-async function checkAccess(pg, objectid, id) {
-  const { uid, filepath } = await pg.query(`select uid, file_path as filepath from crm.files where entity_id=$1 and file_id=$2`, [objectid, id])
-    .then(el => el.rows?.[0] || {});
-  return { uid, exists: filepath ? await isFileExists(filepath) : null };
-}
-
-/**
- * Дістає CRM дані для vue хешує ідентифікатори, підтягує селекти
- *
- * @method DELETE
- * @summary CRM дані для обраного віджета.
- * @priority 2
- * @tag table
- * @type api
- * @requires setTokenById
- * @requires getSelect
- * @param {String} id Ідентифікатор для хешування
- * @param {Any} sql Використовується для повернення sql запиту
- * @param {String} type Тип для хешування даних
- * @errors 400, 500
- * @returns {Number} status Номер помилки
- * @returns {String|Object} error Опис помилки
- * @returns {String|Object} message Повідомлення про успішне виконання або об'єкт з параметрами
- */
-
-import { pgClients, logChanges } from "@opengis/fastify-table/utils.js";
-
-export default async function widgetDel({
-  pg = pgClients.client, params = {}, session = {},
-}, reply) {
-  const { user = {} } = session.passport || {};
-  if (!user.uid) return { error: 'access restricted', status: 403 };
-  const { type, objectid, id } = params;
-
-  if (!objectid) return { error: 'id required', status: 400 };
-
-  // force delete db entry if file not exists
-  const { exists, uid } = ['file', 'gallery'].includes(type) ? await checkAccess(pg, objectid, id) : null;
-
-  if (exists && !user?.user_type?.includes?.('admin') && uid && user?.uid !== uid) {
-    return reply.status(403).send('access restricted: file exists, not an author');
-  }
-
-  const sqls = {
-    comment: 'delete from crm.communications where entity_id=$1 and uid=$2 and communication_id=$3',
-    checklist: 'delete from crm.checklists where entity_id=$1 and uid=$2 and checklist_id=$3',
-    file: `update crm.files set file_status=3 where entity_id=$1 and ${!exists || user?.user_type?.includes?.('admin') ? '$2=$2' : 'uid=$2'} and file_id=$3 returning uploaded_name`,
-    gallery: `update crm.files set file_status=3 where entity_id=$1 and ${!exists || user?.user_type?.includes?.('admin') ? '$2=$2' : 'uid=$2'} and file_id=$3 returning uploaded_name`,
-  };
-  const sql = sqls[type];
-  // console.log(sql);
-  if (!sql) return reply.status(400).send('type not valid');
-
-  const { rows = [] } = await pg.query(sql, [objectid, user.uid, id]);
-  const table = { comment: 'crm.communications', checklist: 'crm.checklists', file: 'crm.files', gallery: 'crm.files' }[type];
-  await logChanges({
-    pg, table, id, data: rows[0], uid: user?.uid, type: 'DELETE',
-  });
-  return { data: { id }, user: { uid: user.uid, name: user.user_name } };
-
-}
+import { isFileExists } from "@opengis/fastify-file/utils.js";
+
+async function checkAccess(pg, objectid, id) {
+  const { uid, filepath } = await pg.query(`select uid, file_path as filepath from crm.files where entity_id=$1 and file_id=$2`, [objectid, id])
+    .then(el => el.rows?.[0] || {});
+  return { uid, exists: filepath ? await isFileExists(filepath) : null };
+}
+
+/**
+ * Дістає CRM дані для vue хешує ідентифікатори, підтягує селекти
+ *
+ * @method DELETE
+ * @summary CRM дані для обраного віджета.
+ * @priority 2
+ * @tag table
+ * @type api
+ * @requires setTokenById
+ * @requires getSelect
+ * @param {String} id Ідентифікатор для хешування
+ * @param {Any} sql Використовується для повернення sql запиту
+ * @param {String} type Тип для хешування даних
+ * @errors 400, 500
+ * @returns {Number} status Номер помилки
+ * @returns {String|Object} error Опис помилки
+ * @returns {String|Object} message Повідомлення про успішне виконання або об'єкт з параметрами
+ */
+
+import { pgClients, logChanges } from "@opengis/fastify-table/utils.js";
+
+export default async function widgetDel({
+  pg = pgClients.client, params = {}, session = {},
+}, reply) {
+  const { user = {} } = session.passport || {};
+  if (!user.uid) return { error: 'access restricted', status: 403 };
+  const { type, objectid, id } = params;
+
+  if (!objectid) return { error: 'id required', status: 400 };
+
+  // force delete db entry if file not exists
+  const { exists, uid } = ['file', 'gallery'].includes(type) ? await checkAccess(pg, objectid, id) : null;
+
+  if (exists && !user?.user_type?.includes?.('admin') && uid && user?.uid !== uid) {
+    return reply.status(403).send('access restricted: file exists, not an author');
+  }
+
+  const sqls = {
+    comment: 'delete from crm.communications where entity_id=$1 and uid=$2 and communication_id=$3',
+    checklist: 'delete from crm.checklists where entity_id=$1 and uid=$2 and checklist_id=$3',
+    file: `update crm.files set file_status=3 where entity_id=$1 and ${!exists || user?.user_type?.includes?.('admin') ? '$2=$2' : 'uid=$2'} and file_id=$3 returning uploaded_name`,
+    gallery: `update crm.files set file_status=3 where entity_id=$1 and ${!exists || user?.user_type?.includes?.('admin') ? '$2=$2' : 'uid=$2'} and file_id=$3 returning uploaded_name`,
+  };
+  const sql = sqls[type];
+  // console.log(sql);
+  if (!sql) return reply.status(400).send('type not valid');
+
+  const { rows = [] } = await pg.query(sql, [objectid, user.uid, id]);
+  const table = { comment: 'crm.communications', checklist: 'crm.checklists', file: 'crm.files', gallery: 'crm.files' }[type];
+  await logChanges({
+    pg, table, id, data: rows[0], uid: user?.uid, type: 'DELETE',
+  });
+  return { data: { id }, user: { uid: user.uid, name: user.user_name } };
+
+}

package/server/routes/widget/controllers/widget.get.js

@@ -1,125 +1,125 @@
-import { getMeta, getToken, pgClients } from '@opengis/fastify-table/utils.js';
-
-const galleryExtList = ['png', 'svg', 'jpg', 'jpeg', 'gif', 'mp4', 'mov', 'avi'];
-const username = `coalesce(u.sur_name,'')||coalesce(' '||u.user_name,'') ||coalesce(' '||u.father_name,'')`;
-
-/**
- * Дістає CRM для widget
- *
- */
-
-export default async function widgetGet({
-  pg = pgClients.client, user = {}, params = {}, query = {},
-}) {
-  const param = user?.uid ? await getToken({
-    token: params.objectid, mode: 'w', uid: user.uid,
-  }) : null;
-
-  const objectid = param ? JSON.parse(param)?.id : params.objectid;
-
-  if (!objectid) {
-    return { message: 'id required', status: 400 };
-  }
-
-  const sqls = {
-    comment: pg.pk['admin.users']
-      ? `select communication_id, entity_id, body, subject, c.cdate, c.uid, 
-    ${username} as username, u.login, u.avatar
-    from crm.communications c
-    left join admin.users u on u.uid=c.uid 
-    where entity_id=$1 order by cdate desc`
-      : 'select communication_id, entity_id, body, subject, cdate, uid from crm.communications where entity_id=$1 order by cdate desc',
-
-    history: `select * from (
-      SELECT change_id, entity_id, entity_type, change_type, change_date, a.change_user_id, a.uid, a.cdate, b.json_agg as changes,
-      ${username} as username, u.login, u.avatar
-      FROM log.table_changes a
-      left join admin.users u on a.change_user_id = u.uid
-      left join lateral(
-        select json_agg(row_to_json(q)) from (
-          select change_data_id, entity_key, value_new, value_old from log.table_changes_data
-          where change_id=a.change_id
-        )q
-      )b on 1=1
-      where b.json_agg is not null and (entity_id=$1 or entity_id in (
-        select communication_id as comments from crm.communications where entity_id=$1
-        union all select checklist_id from crm.checklists where entity_id=$1)
-      )
-
-    union all
-    select change_id, entity_id, entity_type, change_type, change_date, a.change_user_id, a.uid, a.cdate, b.json_agg as changes,
-        ${username} as username, u.login, u.avatar
-        FROM log.table_changes a
-        left join admin.users u on a.change_user_id = u.uid
-            left join lateral(
-          select json_agg(o) from (
-            select json_object_agg(entity_key, coalesce(value_new, value_old)) as o from log.table_changes_data
-            where change_id=a.change_id and entity_key not in ('uid', 'file_status', 'editor_id', 'cdate', 'editor_date', 'entity_id')
-          )q 
-        )b on 1=1
-        where a.change_type in ('INSERT', 'DELETE') and a.entity_id in (select file_id from crm.files where entity_id=$1)
-        limit 100
-
-    )q order by cdate desc limit 100`,
-
-    checklist: pg.pk['admin.users']
-      ? `SELECT checklist_id, entity_id, subject, is_done, done_date, c.uid, c.cdate, ${username} as username, u.login, u.avatar
-      FROM crm.checklists c
-      left join admin.users u on u.uid=c.uid
-      where entity_id=$1 order by cdate desc`
-      : 'SELECT checklist_id, entity_id, subject, is_done, done_date, uid, cdate FROM crm.checklists where entity_id=$1 order by cdate desc',
-
-    file: pg.pk['admin.users']
-      ? `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, c.uid, c.cdate, file_type, c.ismain, 
-    ${username} as username, u.login, isverified, u.avatar, u.uid as author, file_status 
-    FROM crm.files c 
-    left join admin.users u on u.uid=c.uid
-    where entity_id=$1 and file_status<>3 order by cdate desc`
-      : `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, uid, cdate, file_type, ismain,
-      isverified, uid as author, file_status FROM crm.files c where entity_id=$1 and file_status<>3 order by cdate desc`,
-    gallery: pg.pk['admin.users']
-      ? `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, c.uid, c.cdate, file_type, c.ismain,
-    ${username} as username, u.login, u.avatar, isverified, u.avatar, c.uid as author, file_status 
-    FROM crm.files c 
-    left join admin.users u on u.uid=c.uid
-    where entity_id=$1 and file_status<>3 and ext = any($2) order by cdate desc`
-      : `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, c.uid, c.cdate, file_type, ismain,
-      isverified, uid as author, file_status FROM crm.files c where entity_id=$1 and file_status<>3 and ext = any($2) order by cdate desc`,
-
-  };
-  const sql = sqls[params.type];
-
-  if (!sql) {
-    return { message: 'param type not valid', status: 400 };
-  }
-
-
-  /* data */
-  const time = [Date.now()];
-  const { rows = [] } = await pg.query(sql, [objectid, params.type === 'gallery' ? galleryExtList : null].filter((el) => el));
-  rows.forEach(row => Object.assign(row, { username: row.username?.trim?.() || row.login }));
-  time.push(Date.now());
-
-  /* Object info  */
-  const { tableName } = pg.pk['log.table_changes'] ? await pg.one('select entity_type as "tableName" from log.table_changes where entity_id=$1 limit 1', [objectid]) : {};
-  const { pk } = await getMeta({ table: tableName });
-
-  const q = tableName && pg.pk['admin.users'] ? `select ${username} as author, u.login, a.cdate, a.editor_date from ${tableName} a 
-  left join admin.users u on a.uid=u.uid where a.${pk}=$1 limit 1` : undefined;
-
-  const data = pk && q ? await pg.one(q, [objectid]) : {};
-
-  if (query.debug && user?.user_type === 'admin') {
-    return {
-      sql, type: params.type, q, id: objectid, data,
-    };
-  }
-
-  return {
-    time: { data: time[1] - time[0] },
-    rows,
-    user: { uid: user?.uid, name: user?.user_name },
-    data: { author: data?.author, cdate: data?.cdate, edate: data?.editor_date },
-    objectid: params.objectid,
-  };
-}
+import { getMeta, getToken, pgClients } from '@opengis/fastify-table/utils.js';
+
+const galleryExtList = ['png', 'svg', 'jpg', 'jpeg', 'gif', 'mp4', 'mov', 'avi'];
+const username = `coalesce(u.sur_name,'')||coalesce(' '||u.user_name,'') ||coalesce(' '||u.father_name,'')`;
+
+/**
+ * Дістає CRM для widget
+ *
+ */
+
+export default async function widgetGet({
+  pg = pgClients.client, user = {}, params = {}, query = {},
+}) {
+  const param = user?.uid ? await getToken({
+    token: params.objectid, mode: 'w', uid: user.uid,
+  }) : null;
+
+  const objectid = param ? JSON.parse(param)?.id : params.objectid;
+
+  if (!objectid) {
+    return { message: 'id required', status: 400 };
+  }
+
+  const sqls = {
+    comment: pg.pk['admin.users']
+      ? `select communication_id, entity_id, body, subject, c.cdate, c.uid, 
+    ${username} as username, u.login, u.avatar
+    from crm.communications c
+    left join admin.users u on u.uid=c.uid 
+    where entity_id=$1 order by cdate desc`
+      : 'select communication_id, entity_id, body, subject, cdate, uid from crm.communications where entity_id=$1 order by cdate desc',
+
+    history: `select * from (
+      SELECT change_id, entity_id, entity_type, change_type, change_date, a.change_user_id, a.uid, a.cdate, b.json_agg as changes,
+      ${username} as username, u.login, u.avatar
+      FROM log.table_changes a
+      left join admin.users u on a.change_user_id = u.uid
+      left join lateral(
+        select json_agg(row_to_json(q)) from (
+          select change_data_id, entity_key, value_new, value_old from log.table_changes_data
+          where change_id=a.change_id
+        )q
+      )b on 1=1
+      where b.json_agg is not null and (entity_id=$1 or entity_id in (
+        select communication_id as comments from crm.communications where entity_id=$1
+        union all select checklist_id from crm.checklists where entity_id=$1)
+      )
+
+    union all
+    select change_id, entity_id, entity_type, change_type, change_date, a.change_user_id, a.uid, a.cdate, b.json_agg as changes,
+        ${username} as username, u.login, u.avatar
+        FROM log.table_changes a
+        left join admin.users u on a.change_user_id = u.uid
+            left join lateral(
+          select json_agg(o) from (
+            select json_object_agg(entity_key, coalesce(value_new, value_old)) as o from log.table_changes_data
+            where change_id=a.change_id and entity_key not in ('uid', 'file_status', 'editor_id', 'cdate', 'editor_date', 'entity_id')
+          )q 
+        )b on 1=1
+        where a.change_type in ('INSERT', 'DELETE') and a.entity_id in (select file_id from crm.files where entity_id=$1)
+        limit 100
+
+    )q order by cdate desc limit 100`,
+
+    checklist: pg.pk['admin.users']
+      ? `SELECT checklist_id, entity_id, subject, is_done, done_date, c.uid, c.cdate, ${username} as username, u.login, u.avatar
+      FROM crm.checklists c
+      left join admin.users u on u.uid=c.uid
+      where entity_id=$1 order by cdate desc`
+      : 'SELECT checklist_id, entity_id, subject, is_done, done_date, uid, cdate FROM crm.checklists where entity_id=$1 order by cdate desc',
+
+    file: pg.pk['admin.users']
+      ? `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, c.uid, c.cdate, file_type, c.ismain, 
+    ${username} as username, u.login, isverified, u.avatar, u.uid as author, file_status 
+    FROM crm.files c 
+    left join admin.users u on u.uid=c.uid
+    where entity_id=$1 and file_status<>3 order by cdate desc`
+      : `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, uid, cdate, file_type, ismain,
+      isverified, uid as author, file_status FROM crm.files c where entity_id=$1 and file_status<>3 order by cdate desc`,
+    gallery: pg.pk['admin.users']
+      ? `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, c.uid, c.cdate, file_type, c.ismain,
+    ${username} as username, u.login, u.avatar, isverified, u.avatar, c.uid as author, file_status 
+    FROM crm.files c 
+    left join admin.users u on u.uid=c.uid
+    where entity_id=$1 and file_status<>3 and ext = any($2) order by cdate desc`
+      : `SELECT file_id, entity_id, entity_type, file_path, uploaded_name, ext, size, c.uid, c.cdate, file_type, ismain,
+      isverified, uid as author, file_status FROM crm.files c where entity_id=$1 and file_status<>3 and ext = any($2) order by cdate desc`,
+
+  };
+  const sql = sqls[params.type];
+
+  if (!sql) {
+    return { message: 'param type not valid', status: 400 };
+  }
+
+
+  /* data */
+  const time = [Date.now()];
+  const { rows = [] } = await pg.query(sql, [objectid, params.type === 'gallery' ? galleryExtList : null].filter((el) => el));
+  rows.forEach(row => Object.assign(row, { username: row.username?.trim?.() || row.login }));
+  time.push(Date.now());
+
+  /* Object info  */
+  const { tableName } = pg.pk['log.table_changes'] ? await pg.one('select entity_type as "tableName" from log.table_changes where entity_id=$1 limit 1', [objectid]) : {};
+  const { pk } = await getMeta({ table: tableName });
+
+  const q = tableName && pg.pk['admin.users'] ? `select ${username} as author, u.login, a.cdate, a.editor_date from ${tableName} a 
+  left join admin.users u on a.uid=u.uid where a.${pk}=$1 limit 1` : undefined;
+
+  const data = pk && q ? await pg.one(q, [objectid]) : {};
+
+  if (query.debug && user?.user_type === 'admin') {
+    return {
+      sql, type: params.type, q, id: objectid, data,
+    };
+  }
+
+  return {
+    time: { data: time[1] - time[0] },
+    rows,
+    user: { uid: user?.uid, name: user?.user_name },
+    data: { author: data?.author, cdate: data?.cdate, edate: data?.editor_date },
+    objectid: params.objectid,
+  };
+}

package/server/routes/widget/controllers/widget.set.js

@@ -1,84 +1,84 @@
-import path from 'path';
-
-import {
-  getMeta, dataInsert, dataUpdate, applyHook,
-} from '@opengis/fastify-table/utils.js';
-
-import { uploadMultiPart } from '@opengis/fastify-file/utils.js';
-
-const tableList = {
-  comment: 'crm.communications',
-  gallery: 'crm.files',
-  checklist: 'crm.checklists',
-};
-const pkList = {
-  comment: 'communication_id',
-  checklist: 'checklist_id',
-  gallery: 'file_id',
-};
-
-const galleryExtList = ['png', 'svg', 'jpg', 'jpeg', 'gif', 'mp4', 'mov', 'avi'];
-
-export default async function widgetSet(req) {
-  const {
-    pg, params = {}, session = {}, body = {},
-  } = req;
-  const { user = {} } = session.passport || {};
-  const { type, id, objectid } = params;
-  if (!['comment', 'checklist', 'file', 'gallery'].includes(type)) return { message: 'param type not valid', status: 400 };
-  if (!objectid) return { message: 'id required', status: 400 };
-
-  const table = tableList[type];
-
-  // dsadasdad
-  if (['gallery', 'file'].includes(type) && req.headers['content-type'].split(';').shift() === "multipart/form-data") {
-    const file = await uploadMultiPart(req);
-    const extName = path.extname(file.filepath).slice(1).toLowerCase();
-
-    const data = {
-      uploaded_name: file?.originalFilename?.toLocaleLowerCase()?.replace(/'/g, '\'\''),
-      file_path: file?.relativeFilepath?.replace(/\\/g, '/'),
-      ext: extName,
-      size: file?.size,
-      file_status: 1,
-      uid: user?.uid || 1,
-      entity_id: objectid,
-    };
-
-    if (type === 'gallery' && !galleryExtList.includes(extName.toLowerCase())) {
-      return { message: 'invalid file extension', status: 400 };
-    }
-
-    const { rows = [] } = await dataInsert({
-      table: 'crm.files', data, uid: user?.uid,
-    });
-    return {
-      rowCount: 1, data: 'ok', command: 'UPLOAD', id: rows[0]?.file_id, entity_id: rows[0]?.entity_id,
-    };
-  }
-  const { pk } = await getMeta({ pg, table });
-  if (!pk) return { message: 'table not found', status: 404 };
-
-  const data = { ...body, uid: user?.uid, entity_id: objectid };
-
-  await applyHook('onWidgetSet', {
-    link: req.path,
-    id,
-    objectid,
-    session,
-    type,
-    payload: data,
-  });
-
-  const result = id
-    ? await dataUpdate({
-      table, data, id, uid: user?.uid,
-    })
-    : await dataInsert({
-      table, data, uid: user?.uid,
-    });
-
-  return {
-    rowCount: result.rowCount, data: 'ok', command: result.command, id: result.rows?.[0]?.[pkList[type]] || result?.[pkList[type]],
-  };
-}
+import path from 'path';
+
+import {
+  getMeta, dataInsert, dataUpdate, applyHook,
+} from '@opengis/fastify-table/utils.js';
+
+import { uploadMultiPart } from '@opengis/fastify-file/utils.js';
+
+const tableList = {
+  comment: 'crm.communications',
+  gallery: 'crm.files',
+  checklist: 'crm.checklists',
+};
+const pkList = {
+  comment: 'communication_id',
+  checklist: 'checklist_id',
+  gallery: 'file_id',
+};
+
+const galleryExtList = ['png', 'svg', 'jpg', 'jpeg', 'gif', 'mp4', 'mov', 'avi'];
+
+export default async function widgetSet(req) {
+  const {
+    pg, params = {}, session = {}, body = {},
+  } = req;
+  const { user = {} } = session.passport || {};
+  const { type, id, objectid } = params;
+  if (!['comment', 'checklist', 'file', 'gallery'].includes(type)) return { message: 'param type not valid', status: 400 };
+  if (!objectid) return { message: 'id required', status: 400 };
+
+  const table = tableList[type];
+
+  // dsadasdad
+  if (['gallery', 'file'].includes(type) && req.headers['content-type'].split(';').shift() === "multipart/form-data") {
+    const file = await uploadMultiPart(req);
+    const extName = path.extname(file.filepath).slice(1).toLowerCase();
+
+    const data = {
+      uploaded_name: file?.originalFilename?.toLocaleLowerCase()?.replace(/'/g, '\'\''),
+      file_path: file?.relativeFilepath?.replace(/\\/g, '/'),
+      ext: extName,
+      size: file?.size,
+      file_status: 1,
+      uid: user?.uid || 1,
+      entity_id: objectid,
+    };
+
+    if (type === 'gallery' && !galleryExtList.includes(extName.toLowerCase())) {
+      return { message: 'invalid file extension', status: 400 };
+    }
+
+    const { rows = [] } = await dataInsert({
+      table: 'crm.files', data, uid: user?.uid,
+    });
+    return {
+      rowCount: 1, data: 'ok', command: 'UPLOAD', id: rows[0]?.file_id, entity_id: rows[0]?.entity_id,
+    };
+  }
+  const { pk } = await getMeta({ pg, table });
+  if (!pk) return { message: 'table not found', status: 404 };
+
+  const data = { ...body, uid: user?.uid, entity_id: objectid };
+
+  await applyHook('onWidgetSet', {
+    link: req.path,
+    id,
+    objectid,
+    session,
+    type,
+    payload: data,
+  });
+
+  const result = id
+    ? await dataUpdate({
+      table, data, id, uid: user?.uid,
+    })
+    : await dataInsert({
+      table, data, uid: user?.uid,
+    });
+
+  return {
+    rowCount: result.rowCount, data: 'ok', command: result.command, id: result.rows?.[0]?.[pkList[type]] || result?.[pkList[type]],
+  };
+}

package/server/routes/widget/hook/onWidgetSet.js

@@ -1,12 +1,12 @@
-import { pgClients } from '@opengis/fastify-table/utils.js';
-
-export default async function onWidgetSet({
-  pg = pgClients.client, id, objectid, type, payload = {},
-}) {
-  if (!id || !objectid || type !== 'gallery') {
-    return null;
-  }
-  if (payload?.ismain) {
-    await pg.query('update crm.files set ismain=false where entity_id=$1 and file_id<>$2', [objectid, id]);
-  }
-}
+import { pgClients } from '@opengis/fastify-table/utils.js';
+
+export default async function onWidgetSet({
+  pg = pgClients.client, id, objectid, type, payload = {},
+}) {
+  if (!id || !objectid || type !== 'gallery') {
+    return null;
+  }
+  if (payload?.ismain) {
+    await pg.query('update crm.files set ismain=false where entity_id=$1 and file_id<>$2', [objectid, id]);
+  }
+}

package/server/routes/widget/index.mjs

@@ -1,16 +1,16 @@
-import { addHook } from '@opengis/fastify-table/utils.js';
-
-import widgetDel from './controllers/widget.del.js';
-import widgetSet from './controllers/widget.set.js';
-import widgetGet from './controllers/widget.get.js';
-
-import onWidgetSet from './hook/onWidgetSet.js';
-
-import { tableSchema } from './schema.js';
-
-export default async function route(fastify) {
-  fastify.delete(`/widget/:type/:objectid/:id`, { scheme: tableSchema }, widgetDel);
-  fastify.post(`/widget/:type/:objectid/:id?`, { scheme: tableSchema }, widgetSet);
-  fastify.get(`/widget/:type/:objectid`, { config: { policy: ['public'] }, scheme: tableSchema }, widgetGet);
-  addHook('onWidgetSet', onWidgetSet);
-}
+import { addHook } from '@opengis/fastify-table/utils.js';
+
+import widgetDel from './controllers/widget.del.js';
+import widgetSet from './controllers/widget.set.js';
+import widgetGet from './controllers/widget.get.js';
+
+import onWidgetSet from './hook/onWidgetSet.js';
+
+import { tableSchema } from './schema.js';
+
+export default async function route(fastify) {
+  fastify.delete(`/widget/:type/:objectid/:id`, { scheme: tableSchema }, widgetDel);
+  fastify.post(`/widget/:type/:objectid/:id?`, { scheme: tableSchema }, widgetSet);
+  fastify.get(`/widget/:type/:objectid`, { config: { policy: ['public'] }, scheme: tableSchema }, widgetGet);
+  addHook('onWidgetSet', onWidgetSet);
+}

package/server/routes/widget/schema.js

@@ -1,13 +1,13 @@
-const tableSchema = {
-    params: {
-      // type: { type: 'string', pattern: '^([\\d\\w]+)$' },
-      objectid: { type: 'string', pattern: '^([\\d\\w]+)$' },
-      id: { type: 'string', pattern: '^([\\d\\w]+)$' },
-    },
-    querystring: {
-      debug: { type: 'string', pattern: '^(\\d+)$' },
-    },
-  };
-
-export default null;
+const tableSchema = {
+    params: {
+      // type: { type: 'string', pattern: '^([\\d\\w]+)$' },
+      objectid: { type: 'string', pattern: '^([\\d\\w]+)$' },
+      id: { type: 'string', pattern: '^([\\d\\w]+)$' },
+    },
+    querystring: {
+      debug: { type: 'string', pattern: '^(\\d+)$' },
+    },
+  };
+
+export default null;
 export { tableSchema }