npm - @opengis/fastify-table - Versions diffs - 1.0.17 → 1.0.19 - Mend

@opengis/fastify-table 1.0.17 → 1.0.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

package/.eslintrc.cjs +42 -42
package/Changelog.md +5 -0
package/README.md +26 -26
package/config.js +11 -11
package/crud/controllers/deleteCrud.js +14 -14
package/crud/controllers/insert.js +29 -29
package/crud/controllers/update.js +31 -31
package/crud/controllers/utils/checkXSS.js +45 -45
package/crud/controllers/utils/xssInjection.js +72 -72
package/crud/funcs/dataDelete.js +15 -15
package/crud/funcs/dataInsert.js +24 -24
package/crud/funcs/dataUpdate.js +20 -20
package/crud/funcs/getToken.js +27 -27
package/crud/funcs/isFileExists.js +13 -13
package/crud/funcs/setToken.js +53 -53
package/crud/index.js +29 -29
package/helper.js +28 -28
package/index.js +4 -0
package/notification/controllers/userNotifications.js +19 -0
package/notification/funcs/addNotification.js +8 -0
package/notification/index.js +19 -0
package/package.json +1 -1
package/pg/index.js +35 -35
package/server/migrations/crm.sql +55 -0
package/server/migrations/log.sql +40 -0
package/server/migrations/notifications.sql +14 -0
package/server/templates/select/test.storage.data.json +3 -0
package/server/templates/select/test.storage.data.sql +1 -0
package/server/templates/table/test.dataset.table.json +25 -0
package/server.js +14 -14
package/table/controllers/search.js +41 -0
package/table/index.js +13 -0
package/test/api/crud.test.js +50 -50
package/test/api/crud.xss.test.js +68 -68
package/test/api/notification.test.js +37 -0
package/test/api/table.test.js +12 -4
package/test/api/widget.test.js +39 -0
package/test/config.example +18 -18
package/test/funcs/crud.test.js +76 -76
package/test/funcs/notification.test.js +31 -0
package/test/funcs/pg.test.js +34 -34
package/test/funcs/redis.test.js +19 -19
package/test/templates/cls/test.json +9 -9
package/test/templates/form/cp_building.form.json +32 -32
package/test/templates/select/account_id.json +3 -3
package/test/templates/select/storage.data.json +2 -2
package/test/templates/table/gis.dataset.table.json +20 -20
package/test/widget.test.js +39 -0
package/widget/controllers/utils/obj2db.js +13 -0
package/widget/controllers/widget.del.js +42 -0
package/widget/controllers/widget.get.js +145 -0
package/widget/controllers/widget.set.js +49 -0
package/widget/index.js +29 -0

package/.eslintrc.cjs CHANGED Viewed

@@ -1,42 +1,42 @@
-/* eslint-env node */
-module.exports = {
-  env: {
-    node: true,
-  },
-  root: true,
-  extends: [
-    'eslint:recommended',
-    'airbnb-base',
-  ],
-  rules: {
-    'brace-style': [2, 'stroustrup', { allowSingleLine: true }],
-    'vue/max-attributes-per-line': 0,
-    'vue/valid-v-for': 0,
-    // allow async-await
-    'generator-star-spacing': 'off',
-    // allow paren-less arrow functions
-    'arrow-parens': 0,
-    'one-var': 0,
-    'max-len': 0,
-    'import/first': 0,
-    'import/named': 2,
-    'import/namespace': 2,
-    'import/default': 2,
-    'import/export': 2,
-    'import/extensions': 0,
-    'no-console': ['warn', { allow: ['warn', 'error'] }],
-    'import/no-unresolved': 0,
-    'import/no-extraneous-dependencies': 0,
-    'linebreak-style': ['error', 'unix'],
-    // allow debugger during development
-    'no-debugger': process.env.NODE_ENV === 'production' ? 2 : 0,
-  },
-  parserOptions: {
-    ecmaVersion: 'latest',
-  },
-};
+/* eslint-env node */
+module.exports = {
+  env: {
+    node: true,
+  },
+  root: true,
+  extends: [
+    'eslint:recommended',
+    'airbnb-base',
+  ],
+  rules: {
+    'brace-style': [2, 'stroustrup', { allowSingleLine: true }],
+    'vue/max-attributes-per-line': 0,
+    'vue/valid-v-for': 0,
+    // allow async-await
+    'generator-star-spacing': 'off',
+    // allow paren-less arrow functions
+    'arrow-parens': 0,
+    'one-var': 0,
+    'max-len': 0,
+    'import/first': 0,
+    'import/named': 2,
+    'import/namespace': 2,
+    'import/default': 2,
+    'import/export': 2,
+    'import/extensions': 0,
+    'no-console': ['warn', { allow: ['warn', 'error'] }],
+    'import/no-unresolved': 0,
+    'import/no-extraneous-dependencies': 0,
+    'linebreak-style': ['error', 'unix'],
+    // allow debugger during development
+    'no-debugger': process.env.NODE_ENV === 'production' ? 2 : 0,
+  },
+  parserOptions: {
+    ecmaVersion: 'latest',
+  },
+};

package/Changelog.md CHANGED Viewed

@@ -1,5 +1,10 @@
 # fastify-table
+## 1.0.19 - 02.05.2024
+- widget plugin
+- notification plugin
 ## 1.0.9 - 29.04.2024
 - crud token support

package/README.md CHANGED Viewed

@@ -1,26 +1,26 @@
-# fastify-table
-[![NPM version](https://img.shields.io/npm/v/@opengis/fastify-table)](https://www.npmjs.com/package/@opengis/fastify-table)
-[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/)
-It standardizes the entire form building process, while taking care of everything from rendering to validation and processing:
-- pg
-- redis
-- crud
-## Install
-```bash
-npm i @opengis/fastify-table
-```
-## Usage
-```js
-fastify.register(import('@opengis/fastify-table'), config);
-```
-## Documenation
-For a detailed understanding fastify-table, its features, and how to use them, refer to our [Documentation](https://apidocs.softpro.ua/gis.storage/).
+# fastify-table
+[![NPM version](https://img.shields.io/npm/v/@opengis/fastify-table)](https://www.npmjs.com/package/@opengis/fastify-table)
+[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/)
+It standardizes the entire form building process, while taking care of everything from rendering to validation and processing:
+- pg
+- redis
+- crud
+## Install
+```bash
+npm i @opengis/fastify-table
+```
+## Usage
+```js
+fastify.register(import('@opengis/fastify-table'), config);
+```
+## Documenation
+For a detailed understanding fastify-table, its features, and how to use them, refer to our [Documentation](https://apidocs.softpro.ua/gis.storage/).

package/config.js CHANGED Viewed

@@ -1,11 +1,11 @@
-import fs from 'fs';
-const config = fs.existsSync('config.json')
-  ? JSON.parse(fs.readFileSync('config.json'))
-  : {};
-Object.assign(config, {
-  allTemplates: config?.allTemplates || {},
-});
-export default config;
+import fs from 'fs';
+const config = fs.existsSync('config.json')
+  ? JSON.parse(fs.readFileSync('config.json'))
+  : {};
+Object.assign(config, {
+  allTemplates: config?.allTemplates || {},
+});
+export default config;

package/crud/controllers/deleteCrud.js CHANGED Viewed

@@ -1,14 +1,14 @@
-import dataDelete from '../funcs/dataDelete.js';
-import getTemplate from '../../table/controllers/utils/getTemplate.js';
-export default async function deleteCrud(req) {
-  const loadTemplate = await getTemplate('table', req.params.table);
-  const { table } = loadTemplate || req.params || {};
-  const { id } = req.params || {};
-  if (!table) return { status: 404, message: 'table is required' };
-  const data = await dataDelete({ table, id });
-  return { rowCount: data.rowCount, msg: !data.rowCount ? data : null };
-}
+import dataDelete from '../funcs/dataDelete.js';
+import getTemplate from '../../table/controllers/utils/getTemplate.js';
+export default async function deleteCrud(req) {
+  const loadTemplate = await getTemplate('table', req.params.table);
+  const { table } = loadTemplate || req.params || {};
+  const { id } = req.params || {};
+  if (!table) return { status: 404, message: 'table is required' };
+  const data = await dataDelete({ table, id });
+  return { rowCount: data.rowCount, msg: !data.rowCount ? data : null };
+}

package/crud/controllers/insert.js CHANGED Viewed

@@ -1,29 +1,29 @@
-import dataInsert from '../funcs/dataInsert.js';
-import getToken from '../funcs/getToken.js';
-import checkXSS from './utils/checkXSS.js';
-import getTemplate from '../../table/controllers/utils/getTemplate.js';
-export default async function insert(req) {
-  const loadTemplate = await getTemplate('table', req.params.table);
-  const { table } = loadTemplate || req.params || {};
-  if (!table) return { status: 404, message: 'table is required' };
-  const { funcs, session, params } = req;
-  const tokenDataString = await getToken({
-    funcs, session, token: params.table, mode: 'a', json: 0,
-  });
-  const { form, add } = JSON.parse(tokenDataString || '{}');
-  const formData = form ? await getTemplate('form', form) : {};
-  const xssCheck = checkXSS({ body: req.body, schema: formData?.schema });
-  if (xssCheck.error && formData?.xssCheck !== false) {
-    req.log.warn({ name: 'injection/xss', msg: xssCheck.error, table }, req);
-    return { message: 'Дані містять заборонені символи. Приберіть їх та спробуйте ще раз', status: 409 };
-  }
-  const res = await dataInsert({ table: add || table, data: req.body });
-  return { rows: res.rows };
-}
+import dataInsert from '../funcs/dataInsert.js';
+import getToken from '../funcs/getToken.js';
+import checkXSS from './utils/checkXSS.js';
+import getTemplate from '../../table/controllers/utils/getTemplate.js';
+export default async function insert(req) {
+  const loadTemplate = await getTemplate('table', req.params.table);
+  const { table } = loadTemplate || req.params || {};
+  if (!table) return { status: 404, message: 'table is required' };
+  const { funcs, session, params } = req;
+  const tokenDataString = await getToken({
+    funcs, session, token: params.table, mode: 'a', json: 0,
+  });
+  const { form, add } = JSON.parse(tokenDataString || '{}');
+  const formData = form ? await getTemplate('form', form) : {};
+  const xssCheck = checkXSS({ body: req.body, schema: formData?.schema });
+  if (xssCheck.error && formData?.xssCheck !== false) {
+    req.log.warn({ name: 'injection/xss', msg: xssCheck.error, table }, req);
+    return { message: 'Дані містять заборонені символи. Приберіть їх та спробуйте ще раз', status: 409 };
+  }
+  const res = await dataInsert({ table: add || table, data: req.body });
+  return { rows: res.rows };
+}

package/crud/controllers/update.js CHANGED Viewed

@@ -1,31 +1,31 @@
-import dataUpdate from '../funcs/dataUpdate.js';
-import getToken from '../funcs/getToken.js';
-import checkXSS from './utils/checkXSS.js';
-import getTemplate from '../../table/controllers/utils/getTemplate.js';
-export default async function update(req) {
-  const loadTemplate = await getTemplate('table', req.params.table);
-  const { table } = loadTemplate || req.params || {};
-  const { id } = req.params || {};
-  if (!req.params?.table) return { message: 'table is required', status: 404 };
-  if (!id) return { message: 'id is required', status: 404 };
-  const { funcs, session, params } = req;
-  const tokenDataString = await getToken({
-    funcs, session, token: params.table, mode: 'w', json: 0,
-  });
-  const tokenData = JSON.parse(tokenDataString || '{}');
-  const formData = tokenData?.form ? await getTemplate('form', tokenData.form) : {};
-  const xssCheck = checkXSS({ body: req.body, schema: formData?.schema });
-  if (xssCheck.error && formData?.xssCheck !== false) {
-    req.log.warn({ name: 'injection/xss', msg: xssCheck.error, table }, req);
-    return { message: 'Дані містять заборонені символи. Приберіть їх та спробуйте ще раз', status: 409 };
-  }
-  const res = await dataUpdate({ table: tokenData?.table || table, id: tokenData?.id || id, data: req.body });
-  return res;
-}
+import dataUpdate from '../funcs/dataUpdate.js';
+import getToken from '../funcs/getToken.js';
+import checkXSS from './utils/checkXSS.js';
+import getTemplate from '../../table/controllers/utils/getTemplate.js';
+export default async function update(req) {
+  const loadTemplate = await getTemplate('table', req.params.table);
+  const { table } = loadTemplate || req.params || {};
+  const { id } = req.params || {};
+  if (!req.params?.table) return { message: 'table is required', status: 404 };
+  if (!id) return { message: 'id is required', status: 404 };
+  const { funcs, session, params } = req;
+  const tokenDataString = await getToken({
+    funcs, session, token: params.table, mode: 'w', json: 0,
+  });
+  const tokenData = JSON.parse(tokenDataString || '{}');
+  const formData = tokenData?.form ? await getTemplate('form', tokenData.form) : {};
+  const xssCheck = checkXSS({ body: req.body, schema: formData?.schema });
+  if (xssCheck.error && formData?.xssCheck !== false) {
+    req.log.warn({ name: 'injection/xss', msg: xssCheck.error, table }, req);
+    return { message: 'Дані містять заборонені символи. Приберіть їх та спробуйте ще раз', status: 409 };
+  }
+  const res = await dataUpdate({ table: tokenData?.table || table, id: tokenData?.id || id, data: req.body });
+  return res;
+}

package/crud/controllers/utils/checkXSS.js CHANGED Viewed

@@ -1,45 +1,45 @@
-/* import sqlInjection from '../../../policy/funcs/sqlInjection.js'; */
-import xssInjection from './xssInjection.js';
-/* const checkList = xssInjection.concat(sqlInjection); */
-// RTE - rich text editor
-function checkXSS({ body, schema = {} }) {
-  const data = typeof body === 'string' ? body : JSON.stringify(body);
-  const stopWords = xssInjection.filter((el) => data.toLowerCase().includes(el));
-  // check sql injection
-  const stopSpecialSymbols = data.match(/\p{S}OR\p{S}|\p{P}OR\p{P}| OR |\+OR\+/gi);
-  if (stopSpecialSymbols?.length) stopSpecialSymbols?.forEach((el) => stopWords.push(el));
-  // escape arrows on non-RTE
-  Object.keys(body)
-    .filter((key) => ['<', '>'].find((el) => body[key]?.includes?.(el))
-  && !['Summernote', 'Tiny', 'Ace'].includes(schema[key]?.type))
-    ?.forEach((key) => {
-      Object.assign(body, { [key]: body[key].replace(/</g, '&lt;').replace(/>/g, '&gt;') });
-    });
-  // try { } catch (err) { return { error: err.toString() }; }
-  if (!stopWords.length) return { body };
-  const disabledCheckFields = Object.keys(schema)?.filter((el) => schema[el]?.xssCheck === false); // exclude specific columns
-  // check RTE
-  /* const richTextFields = Object.keys(schema).filter((el) => ['Summernote', 'Tiny', 'Ace'].includes(schema[el]?.type));
-  richTextFields.filter((key) => !checkList.find((el) => body[key].includes(el)))?.forEach((key) => {
-    disabledCheckFields.push(key);
-  }); */
-  const field = Object.keys(body)
-    ?.find((key) => body[key]
-        && !disabledCheckFields.includes(key)
-        && body[key].toLowerCase().includes(stopWords[0]));
-  if (field) {
-    return { error: `rule: ${stopWords[0]} | attr: ${field} | val: ${body[field]}`, body };
-  }
-  return { body };
-}
-export default checkXSS;
+/* import sqlInjection from '../../../policy/funcs/sqlInjection.js'; */
+import xssInjection from './xssInjection.js';
+/* const checkList = xssInjection.concat(sqlInjection); */
+// RTE - rich text editor
+function checkXSS({ body, schema = {} }) {
+  const data = typeof body === 'string' ? body : JSON.stringify(body);
+  const stopWords = xssInjection.filter((el) => data.toLowerCase().includes(el));
+  // check sql injection
+  const stopSpecialSymbols = data.match(/\p{S}OR\p{S}|\p{P}OR\p{P}| OR |\+OR\+/gi);
+  if (stopSpecialSymbols?.length) stopSpecialSymbols?.forEach((el) => stopWords.push(el));
+  // escape arrows on non-RTE
+  Object.keys(body)
+    .filter((key) => ['<', '>'].find((el) => body[key]?.includes?.(el))
+  && !['Summernote', 'Tiny', 'Ace'].includes(schema[key]?.type))
+    ?.forEach((key) => {
+      Object.assign(body, { [key]: body[key].replace(/</g, '&lt;').replace(/>/g, '&gt;') });
+    });
+  // try { } catch (err) { return { error: err.toString() }; }
+  if (!stopWords.length) return { body };
+  const disabledCheckFields = Object.keys(schema)?.filter((el) => schema[el]?.xssCheck === false); // exclude specific columns
+  // check RTE
+  /* const richTextFields = Object.keys(schema).filter((el) => ['Summernote', 'Tiny', 'Ace'].includes(schema[el]?.type));
+  richTextFields.filter((key) => !checkList.find((el) => body[key].includes(el)))?.forEach((key) => {
+    disabledCheckFields.push(key);
+  }); */
+  const field = Object.keys(body)
+    ?.find((key) => body[key]
+        && !disabledCheckFields.includes(key)
+        && body[key].toLowerCase().includes(stopWords[0]));
+  if (field) {
+    return { error: `rule: ${stopWords[0]} | attr: ${field} | val: ${body[field]}`, body };
+  }
+  return { body };
+}
+export default checkXSS;

package/crud/controllers/utils/xssInjection.js CHANGED Viewed

@@ -1,72 +1,72 @@
-const xssInjection = [
-  'onkeypress=',
-  'onkeyup=',
-  'ondblclick=',
-  'onerror=',
-  'onmouseover=',
-  '<meta',
-  '<script',
-  'vascript:',
-  'onkeydown=',
-  'onmousedown=',
-  'onmouseenter=',
-  'onmouseleave=',
-  'onmousemove=',
-  'onmouseout=',
-  'onmouseup=',
-  'onmousewheel=',
-  'onpaste=',
-  'onscroll=',
-  'onwheel=',
-  'javascript:',
-  '\\x',
-  'eval(',
-  'onmouseover=',
-  'action=',
-  'xlink:',
-  'allowscriptaccess',
-  'href=',
-  'behavior:',
-  'onreadystatechange=',
-  'onstart=',
-  'offline=',
-  'onabort=',
-  'onafterprint=',
-  'onbeforeonload=',
-  'onbeforeprint=',
-  'onblur=',
-  'oncanplay=',
-  'oncanplaythrough=',
-  'onchange=',
-  'onclick=',
-  'oncontextmenu=',
-  'ondblclick=',
-  'ondrag=',
-  'ondragend=',
-  'ondragenter=',
-  'ondragleave=',
-  'ondragover=',
-  'ondragstart=',
-  'ondrop=',
-  'ondurationchange=',
-  'onemptied=',
-  'onended=',
-  'onerror=',
-  'onfocus=',
-  'onformchange=',
-  'onforminput=',
-  'onhaschange=',
-  'oninput=',
-  'oninvalid=',
-  'onkeydown=',
-  'onkeypress=',
-  'onkeyup=',
-  'onload=',
-  'onloadeddata=',
-  'onloadedmetadata=',
-  'onloadstart=',
-  'alert(',
-  'script:',
-];
-export default xssInjection;
+const xssInjection = [
+  'onkeypress=',
+  'onkeyup=',
+  'ondblclick=',
+  'onerror=',
+  'onmouseover=',
+  '<meta',
+  '<script',
+  'vascript:',
+  'onkeydown=',
+  'onmousedown=',
+  'onmouseenter=',
+  'onmouseleave=',
+  'onmousemove=',
+  'onmouseout=',
+  'onmouseup=',
+  'onmousewheel=',
+  'onpaste=',
+  'onscroll=',
+  'onwheel=',
+  'javascript:',
+  '\\x',
+  'eval(',
+  'onmouseover=',
+  'action=',
+  'xlink:',
+  'allowscriptaccess',
+  'href=',
+  'behavior:',
+  'onreadystatechange=',
+  'onstart=',
+  'offline=',
+  'onabort=',
+  'onafterprint=',
+  'onbeforeonload=',
+  'onbeforeprint=',
+  'onblur=',
+  'oncanplay=',
+  'oncanplaythrough=',
+  'onchange=',
+  'onclick=',
+  'oncontextmenu=',
+  'ondblclick=',
+  'ondrag=',
+  'ondragend=',
+  'ondragenter=',
+  'ondragleave=',
+  'ondragover=',
+  'ondragstart=',
+  'ondrop=',
+  'ondurationchange=',
+  'onemptied=',
+  'onended=',
+  'onerror=',
+  'onfocus=',
+  'onformchange=',
+  'onforminput=',
+  'onhaschange=',
+  'oninput=',
+  'oninvalid=',
+  'onkeydown=',
+  'onkeypress=',
+  'onkeyup=',
+  'onload=',
+  'onloadeddata=',
+  'onloadedmetadata=',
+  'onloadstart=',
+  'alert(',
+  'script:',
+];
+export default xssInjection;

package/crud/funcs/dataDelete.js CHANGED Viewed

@@ -1,15 +1,15 @@
-import getPG from '../../pg/funcs/getPG.js';
-import getMeta from '../../pg/funcs/getMeta.js';
-export default async function dataDelete({
-  table, id,
-}) {
-  const pg = getPG({ name: 'client' });
-  const { pk } = await getMeta(table);
-  if (!pg.tlist?.includes(table)) return 'table not exist';
-  const delQuery = `delete from ${table} WHERE ${pk} = $1 returning *`;
-  //  console.log(updateDataset);
-  const res = await pg.one(delQuery, [id]) || {};
-  return res;
-}
+import getPG from '../../pg/funcs/getPG.js';
+import getMeta from '../../pg/funcs/getMeta.js';
+export default async function dataDelete({
+  table, id,
+}) {
+  const pg = getPG({ name: 'client' });
+  const { pk } = await getMeta(table);
+  if (!pg.tlist?.includes(table)) return 'table not exist';
+  const delQuery = `delete from ${table} WHERE ${pk} = $1 returning *`;
+  //  console.log(updateDataset);
+  const res = await pg.one(delQuery, [id]) || {};
+  return res;
+}

package/crud/funcs/dataInsert.js CHANGED Viewed

@@ -1,24 +1,24 @@
-import getPG from '../../pg/funcs/getPG.js';
-import getMeta from '../../pg/funcs/getMeta.js';
-export default async function dataInsert({ table, data }) {
-  const pg = getPG({ name: 'client' });
-  if (!data) return null;
-  const { columns } = await getMeta(table);
-  if (!columns) return null;
-  const names = columns.map((el) => el.name);
-  const filterData = Object.keys(data)
-    .filter((el) => data[el] && names.includes(el)).map((el) => [el, data[el]]);
-  const insertQuery = `insert into ${table}
-    ( ${filterData?.map((key) => `"${key[0]}"`).join(',')})
-    values  (${filterData?.map((key, i) => `$${i + 1}`).join(',')})
-    returning *`;
-  const res = await pg.query(insertQuery, [...filterData.map((el) => (typeof el[1] === 'object' ? JSON.stringify(el[1]) : el[1]))]) || {};
-  return res;
-}
+import getPG from '../../pg/funcs/getPG.js';
+import getMeta from '../../pg/funcs/getMeta.js';
+export default async function dataInsert({ table, data }) {
+  const pg = getPG({ name: 'client' });
+  if (!data) return null;
+  const { columns } = await getMeta(table);
+  if (!columns) return null;
+  const names = columns.map((el) => el.name);
+  const filterData = Object.keys(data)
+    .filter((el) => data[el] && names.includes(el)).map((el) => [el, data[el]]);
+  const insertQuery = `insert into ${table}
+    ( ${filterData?.map((key) => `"${key[0]}"`).join(',')})
+    values  (${filterData?.map((key, i) => `$${i + 1}`).join(',')})
+    returning *`;
+  const res = await pg.query(insertQuery, [...filterData.map((el) => (typeof el[1] === 'object' ? JSON.stringify(el[1]) : el[1]))]) || {};
+  return res;
+}