@opengis/fastify-table 1.0.74 → 1.0.76

package/table/controllers/utils/getTemplate.js

@@ -1,28 +1,28 @@
-import { readFile } from 'fs/promises';
-import fs from 'fs';
-import path from 'path';
-import config from '../../../config.js';
-
-const loadTemplate = {};
-
-export default async function getTemplateDir(type, name) {
-  if (!type) return null;
-  if (!name) return null;
-
-  const cwd = process.cwd();
-  const typeDir = path.join(cwd, (config.templateDir || 'server/templates'), type);
-
-  if (!loadTemplate[type]) {
-    const typeList = fs.existsSync(typeDir) ? fs.readdirSync(typeDir) : [];
-    loadTemplate[type] = typeList;
-  }
-
-  const fullname = loadTemplate[type].find((el) => path.parse(el).name === name);
-  const ext = fullname ? path.extname(fullname)?.slice(1) : null;
-  if (!ext) return null;
-
-  const sql = loadTemplate[type].includes(`${name}.sql`) ? await readFile(path.join(typeDir, `${name}.sql`), 'utf-8') : null;
-  const data = loadTemplate[type].includes(`${name}.json`) ? JSON.parse(await readFile(path.join(typeDir, `${name}.json`), 'utf-8')) : await readFile(path.join(typeDir, `${name}.${ext}`), 'utf-8');
-  if (sql) return { ...data || {}, sql };
-  return data;
-}
+import { readFile } from 'fs/promises';
+import fs from 'fs';
+import path from 'path';
+import config from '../../../config.js';
+
+const loadTemplate = {};
+
+export default async function getTemplateDir(type, name) {
+  if (!type) return null;
+  if (!name) return null;
+
+  const cwd = process.cwd();
+  const typeDir = path.join(cwd, (config.templateDir || 'server/templates'), type);
+
+  if (!loadTemplate[type]) {
+    const typeList = fs.existsSync(typeDir) ? fs.readdirSync(typeDir) : [];
+    loadTemplate[type] = typeList;
+  }
+
+  const fullname = loadTemplate[type].find((el) => path.parse(el).name === name);
+  const ext = fullname ? path.extname(fullname)?.slice(1) : null;
+  if (!ext) return null;
+
+  const sql = loadTemplate[type].includes(`${name}.sql`) ? await readFile(path.join(typeDir, `${name}.sql`), 'utf-8') : null;
+  const data = loadTemplate[type].includes(`${name}.json`) ? JSON.parse(await readFile(path.join(typeDir, `${name}.json`), 'utf-8')) : await readFile(path.join(typeDir, `${name}.${ext}`), 'utf-8');
+  if (sql) return { ...data || {}, sql };
+  return data;
+}

package/table/controllers/utils/getTemplates.js

@@ -1,18 +1,18 @@
-import fs from 'fs';
-import path from 'path';
-import config from '../../../config.js';
-
-const loadTemplate = {};
-
-export default async function getTemplateDir(type) {
-    if (!type) return null;
-    
-    const cwd = process.cwd();
-    const typeDir = path.join(cwd, (config.templateDir || 'server/templates'), type);
-    
-    if (!loadTemplate[type]) {
-        const typeList = fs.existsSync(typeDir) ? fs.readdirSync(typeDir) : [];
-        loadTemplate[type] = typeList;
-    }
-    return loadTemplate[type];
-}
+import fs from 'fs';
+import path from 'path';
+import config from '../../../config.js';
+
+const loadTemplate = {};
+
+export default async function getTemplateDir(type) {
+    if (!type) return null;
+    
+    const cwd = process.cwd();
+    const typeDir = path.join(cwd, (config.templateDir || 'server/templates'), type);
+    
+    if (!loadTemplate[type]) {
+        const typeList = fs.existsSync(typeDir) ? fs.readdirSync(typeDir) : [];
+        loadTemplate[type] = typeList;
+    }
+    return loadTemplate[type];
+}

package/table/funcs/getFilterSQL/util/getTableSql.js

@@ -1,34 +1,34 @@
-function getTable(table) {
-  const result = table?.toLowerCase()?.replace(/[\n\r]+/g, ' ')?.split(' from ')?.filter((el) => /^[a-z0-9_]+\.[a-z0-9_]+/.test(el))
-    ?.map((el) => el.split(/[ )]/)[0]);
-  return result;
-}
-
-/**
-* @param {Number} opt.json - (1|0) 1 - Результат - Object, 0 - String
-* @param {String} opt.query - запит до таблиці
-* @param {String} opt.hash - інформація з хешу по запиту
-*/
-const tableSql = {};
-async function getTableSql({
-  pg, body, table, fields,
-}) {
-  if (tableSql[table]) return tableSql[table];
-
-  const fieldList = fields.map((el) => el.name);
-
-  const tableList = body?.sql?.map((el) => getTable(el.sql)).reduce((acc, el) => acc.concat(el), []).filter((el) => fieldList.includes(pg.pk[el]));
-
-  if (!tableList) { tableSql[table] = []; return []; }
-
-  const data = await Promise.all(tableList?.map(async (tableEl) => {
-    const { fields: fieldsEl } = await pg.query(`select * from ${tableEl} limit 0`);
-    return fieldsEl.map((el) => ({ name: el.name, table: tableEl, pk: pg.pk[tableEl] }));
-  }));
-
-  tableSql[table] = data.reduce((acc, el) => acc.concat(el), []);
-
-  return tableSql[table];
-}
-
-export default getTableSql;
+function getTable(table) {
+  const result = table?.toLowerCase()?.replace(/[\n\r]+/g, ' ')?.split(' from ')?.filter((el) => /^[a-z0-9_]+\.[a-z0-9_]+/.test(el))
+    ?.map((el) => el.split(/[ )]/)[0]);
+  return result;
+}
+
+/**
+* @param {Number} opt.json - (1|0) 1 - Результат - Object, 0 - String
+* @param {String} opt.query - запит до таблиці
+* @param {String} opt.hash - інформація з хешу по запиту
+*/
+const tableSql = {};
+async function getTableSql({
+  pg, body, table, fields,
+}) {
+  if (tableSql[table]) return tableSql[table];
+
+  const fieldList = fields.map((el) => el.name);
+
+  const tableList = body?.sql?.map((el) => getTable(el.sql)).reduce((acc, el) => acc.concat(el), []).filter((el) => fieldList.includes(pg.pk[el]));
+
+  if (!tableList) { tableSql[table] = []; return []; }
+
+  const data = await Promise.all(tableList?.map(async (tableEl) => {
+    const { fields: fieldsEl } = await pg.query(`select * from ${tableEl} limit 0`);
+    return fieldsEl.map((el) => ({ name: el.name, table: tableEl, pk: pg.pk[tableEl] }));
+  }));
+
+  tableSql[table] = data.reduce((acc, el) => acc.concat(el), []);
+
+  return tableSql[table];
+}
+
+export default getTableSql;

package/table/funcs/metaFormat/index.js

@@ -1,27 +1,27 @@
-import getTemplate from '../../controllers/utils/getTemplate.js';
-import getSelectVal from './getSelectVal.js';
-
-export default async function metaFormat({ rows, table }) {
-  const loadTable = await getTemplate('table', table);
-  const selectCols = loadTable?.columns?.filter((e) => e.data);
-  if (!selectCols?.length) return rows;
-
-  // cls & select format
-
-  await Promise.all(selectCols?.map(async (attr) => {
-    const values = [...new Set(rows?.map((el) => el[attr.name]).flat())].filter((el) => el);
-    if (!values.length) return null;
-
-    const cls = await getSelectVal({ name: attr.data, values });
-    if (!cls) return null;
-    rows.forEach(el => {
-      const val = el[attr.name]?.map?.(c => cls[c] || c) || cls[el[attr.name]] || el[attr.name];
-      if (!val) return;
-      Object.assign(el, { [val?.color ? `${attr.name}_data` : `${attr.name}_text`]: (val.color ? val : val.text || val) });
-    });
-
-    return null;
-  }));
-
-  return rows;
-}
+import getTemplate from '../../controllers/utils/getTemplate.js';
+import getSelectVal from './getSelectVal.js';
+
+export default async function metaFormat({ rows, table }) {
+  const loadTable = await getTemplate('table', table);
+  const selectCols = loadTable?.columns?.filter((e) => e.data);
+  if (!selectCols?.length) return rows;
+
+  // cls & select format
+
+  await Promise.all(selectCols?.map(async (attr) => {
+    const values = [...new Set(rows?.map((el) => el[attr.name]).flat())].filter((el) => el);
+    if (!values.length) return null;
+
+    const cls = await getSelectVal({ name: attr.data, values });
+    if (!cls) return null;
+    rows.forEach(el => {
+      const val = el[attr.name]?.map?.(c => cls[c] || c) || cls[el[attr.name]] || el[attr.name];
+      if (!val) return;
+      Object.assign(el, { [val?.color ? `${attr.name}_data` : `${attr.name}_text`]: (val.color ? val : val.text || val) });
+    });
+
+    return null;
+  }));
+
+  return rows;
+}

package/table/index.js

@@ -1,78 +1,78 @@
-import suggest from './controllers/suggest.js';
-import data from './controllers/data.js';
-import table from './controllers/table.js';
-import card from './controllers/card.js';
-import search from './controllers/search.js';
-import filter from './controllers/filter.js';
-import form from './controllers/form.js';
-import metaFormat from './funcs/metaFormat/index.js';
-import getFilterSQL from './funcs/getFilterSQL/index.js';
-import getTemplate from './controllers/utils/getTemplate.js';
-
-const tableSchema = {
-  querystring: {
-    page: { type: 'string', pattern: '^(\\d+)$' },
-    order: { type: 'string', pattern: '^(\\d+)$' },
-    filter: { type: 'string', pattern: '^([\\w\\d_-]+)=([\\w\\d_-]+)$' },
-  },
-  params: {
-    id: { type: 'string', pattern: '^([\\d\\w]+)$' },
-    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
-  },
-};
-
-const searchSchema = {
-  querystring: {
-    page: { type: 'string', pattern: '^(\\d+)$' },
-    limit: { type: 'string', pattern: '^(\\d+)$' },
-    order: { type: 'string', pattern: '^([\\w_.]+)$' },
-    desc: { type: 'string', pattern: '^(desc)|(asc)$' },
-    key: { type: 'string', pattern: '^([\\w\\d_]+)$' },
-    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
-    sql: { type: 'string', pattern: '^(\\d)$' },
-  },
-};
-
-const suggestSchema = {
-  querystring: {
-    lang: { type: 'string', pattern: '^([\\w.]+)$' },
-    // parent: { type: 'string', pattern: '^([\\w,./]+)$' },
-    sel: { type: 'string', pattern: '^([\\w,./]+)$' },
-    name: { type: 'string', pattern: '^([\\w,./]+)$' },
-    // key: { type: 'string', pattern: '^([\\w\\d_]+)$' },
-    // val: { type: 'string', pattern: '^([\\w.,]+)$' },
-    sql: { type: 'string', pattern: '^(\\d)$' },
-  },
-  params: {
-    id: { type: 'string', pattern: '^([\\d\\w]+)$' },
-  },
-};
-
-const formSchema = {
-  params: {
-    form: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
-  },
-};
-
-const filterSchema = {
-  params: {
-    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
-  },
-};
-
-async function plugin(fastify, config = {}) {
-  const prefix = config.prefix || '/api';
-  fastify.decorate('metaFormat', metaFormat);
-  fastify.decorate('getFilterSQL', getFilterSQL);
-  fastify.decorate('getTemplate', getTemplate);
-
-  fastify.get(`${prefix}/suggest/:data`, { schema: suggestSchema }, suggest);
-  fastify.get(`${prefix}/data/:table/:id?`, { schema: tableSchema }, data); // vs.crm.data.api с node
-  fastify.get(`${prefix}/table/:table/:id`, { schema: tableSchema }, table);
-  fastify.get(`${prefix}/card/:table/:id`, { schema: tableSchema }, card);
-  fastify.get(`${prefix}/search`, { schema: searchSchema }, search);
-  fastify.get(`${prefix}/filter/:table`, { schema: filterSchema }, filter);
-  fastify.get(`${prefix}/form/:form`, { schema: formSchema }, form);
-}
-
-export default plugin;
+import suggest from './controllers/suggest.js';
+import data from './controllers/data.js';
+import table from './controllers/table.js';
+import card from './controllers/card.js';
+import search from './controllers/search.js';
+import filter from './controllers/filter.js';
+import form from './controllers/form.js';
+import metaFormat from './funcs/metaFormat/index.js';
+import getFilterSQL from './funcs/getFilterSQL/index.js';
+import getTemplate from './controllers/utils/getTemplate.js';
+
+const tableSchema = {
+  querystring: {
+    page: { type: 'string', pattern: '^(\\d+)$' },
+    order: { type: 'string', pattern: '^(\\d+)$' },
+    filter: { type: 'string', pattern: '^([\\w\\d_-]+)=([\\w\\d_-]+)$' },
+  },
+  params: {
+    id: { type: 'string', pattern: '^([\\d\\w]+)$' },
+    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
+  },
+};
+
+const searchSchema = {
+  querystring: {
+    page: { type: 'string', pattern: '^(\\d+)$' },
+    limit: { type: 'string', pattern: '^(\\d+)$' },
+    order: { type: 'string', pattern: '^([\\w_.]+)$' },
+    desc: { type: 'string', pattern: '^(desc)|(asc)$' },
+    key: { type: 'string', pattern: '^([\\w\\d_]+)$' },
+    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
+    sql: { type: 'string', pattern: '^(\\d)$' },
+  },
+};
+
+const suggestSchema = {
+  querystring: {
+    lang: { type: 'string', pattern: '^([\\w.]+)$' },
+    // parent: { type: 'string', pattern: '^([\\w,./]+)$' },
+    sel: { type: 'string', pattern: '^([\\w,./]+)$' },
+    name: { type: 'string', pattern: '^([\\w,./]+)$' },
+    // key: { type: 'string', pattern: '^([\\w\\d_]+)$' },
+    // val: { type: 'string', pattern: '^([\\w.,]+)$' },
+    sql: { type: 'string', pattern: '^(\\d)$' },
+  },
+  params: {
+    id: { type: 'string', pattern: '^([\\d\\w]+)$' },
+  },
+};
+
+const formSchema = {
+  params: {
+    form: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
+  },
+};
+
+const filterSchema = {
+  params: {
+    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
+  },
+};
+
+async function plugin(fastify, config = {}) {
+  const prefix = config.prefix || '/api';
+  fastify.decorate('metaFormat', metaFormat);
+  fastify.decorate('getFilterSQL', getFilterSQL);
+  fastify.decorate('getTemplate', getTemplate);
+
+  fastify.get(`${prefix}/suggest/:data`, { schema: suggestSchema }, suggest);
+  fastify.get(`${prefix}/data/:table/:id?`, { schema: tableSchema }, data); // vs.crm.data.api с node
+  fastify.get(`${prefix}/table/:table/:id`, { schema: tableSchema }, table);
+  fastify.get(`${prefix}/card/:table/:id`, { schema: tableSchema }, card);
+  fastify.get(`${prefix}/search`, { schema: searchSchema }, search);
+  fastify.get(`${prefix}/filter/:table`, { schema: filterSchema }, filter);
+  fastify.get(`${prefix}/form/:form`, { schema: formSchema }, form);
+}
+
+export default plugin;

package/test/api/crud.test.js

@@ -4,11 +4,18 @@ import assert from 'node:assert';
 import build from '../../helper.js';
 
 import config from '../config.js';
+import pgClients from '../../pg/pgClients.js';
+
+const mapId = '5400000';
 
 test('api crud', async (t) => {
   const app = await build(t);
   const prefix = config.prefix || '/api';
 
+  // delete old test data before test
+  const { rowCount } = await pgClients.client.query('delete from gis.map where map_id=$1', [mapId]);
+  console.log(rowCount);
+
   app.addHook('onRequest', async (req) => {
     req.session = { passport: { user: { uid: '1' } } };
     req.user = req.session.passport.user;
@@ -21,61 +28,61 @@ test('api crud', async (t) => {
       url: `${prefix}/table/test.gis.map.table`,
       body: {
         alias: 'testMap',
-        map_id: '5400000',
+        map_id: mapId,
         ord: 1,
         enabled: false,
         tags: ['unit', 'test'],
       },
     });
     // console.log(res);
-    // assert.ok(res.json().rows ? res.json().rows[0]?.map_id : res.json().map_id, res.json().status);
+    assert.ok(res.json().rows ? res.json().rows[0]?.map_id : res.json().map_id, res.json().status);
     assert.ok(111);
   });
 
   await t.test('POST /properties/:id', async () => {
     const res = await app.inject({
       method: 'POST',
-      url: `${prefix}/properties/5400000`,
+      url: `${prefix}/properties/${mapId}`,
       body: {
         custom_alias: 'testMap',
         custom_ord: 5,
       },
     });
-    assert.ok(res.json().message.rows.length, res.json().status);
+    assert.ok(res.json().message?.rows?.length, res.json().status);
   });
 
   await t.test('GET /properties/:id', async () => {
     const res = await app.inject({
       method: 'GET',
-      url: `${prefix}/properties/5400000`,
+      url: `${prefix}/properties/${mapId}`,
     });
-    assert.ok(res.json().message.custom_alias, res.json().status);
+    assert.ok(res.json().message?.custom_alias, res.json().status);
   });
 
   await t.test('PUT /update', async () => {
     const res = await app.inject({
       method: 'PUT',
-      url: `${prefix}/table/test.gis.map.table/5400000`,
+      url: `${prefix}/table/test.gis.map.table/${mapId}`,
       body: {
         editor_id: '11',
         alias: 'testMapEdit',
-        map_id: '5400000',
+        map_id: mapId,
         ord: 2,
         enabled: true,
         tags: ['unittest'],
       },
     });
     // console.log(res);
-    // assert.ok((res.json().rows ? res.json().rows[0]?.editor_id : res.json().editor_id) === '11', res.json().status);
+    assert.ok((res.json().rows ? res.json().rows[0]?.editor_id : res.json().editor_id) === '11', res.json().status);
     assert.ok(11);
   });
 
   await t.test('DELETE /delete', async () => {
     const res = await app.inject({
       method: 'DELETE',
-      url: `${prefix}/table/test.gis.map.table/5400000`,
+      url: `${prefix}/table/test.gis.map.table/${mapId}`,
     });
 
-    assert.ok(res.json(), res.json().status);
+    assert.ok(res.json().msg?.map_id === mapId, res.json().status);
   });
 });

package/test/api/crud.xss.test.js

@@ -1,72 +1,72 @@
-import { test } from 'node:test';
-import assert from 'node:assert';
-
-import build from '../../helper.js';
-
-import setToken from '../../crud/funcs/setToken.js';
-import config from '../config.js';
-
-test('api crud xss', async (t) => {
-  const app = await build(t);
-  const session = { passport: { user: { uid: '1' } } };
-  app.addHook('onRequest', async (req) => {
-    req.session = session;
-  });
-  // app.decorateRequest('session', session);
-
-  const prefix = config.prefix || '/api';
-
-  let addTokens;
-  let editTokens;
-
-  // before
-  t.test('setToken', async () => {
-    addTokens = setToken({
-      ids: [JSON.stringify({ add: 'gis.dataset', form: 'test.dataset.form' })],
-      mode: 'a',
-      uid: 1,
-      array: 1,
-    });
-    editTokens = setToken({
-      ids: [JSON.stringify({ id: '5400000', table: 'gis.dataset', form: 'test.dataset.form' })],
-      mode: 'w',
-      uid: 1,
-      array: 1,
-    });
-    assert.ok(addTokens.length === 1 && editTokens.length === 1, 'invalid token');
-  });
-
-  await t.test('POST /insert', async () => {
-    const res = await app.inject({
-      method: 'POST',
-      url: `${prefix}/table/${addTokens[0]}`,
-      body: { dataset_name: '<a onClick="alert("XSS Injection")">xss injection</a>', dataset_id: '5400000' },
-    });
-
-    const rep = JSON.parse(res?.body);
-    console.log(rep)
-    assert.ok(rep.status, 409);
-  });
-
-  await t.test('PUT /update', async () => {
-    const res = await app.inject({
-      method: 'PUT',
-      url: `${prefix}/table/${editTokens[0]}/${editTokens[0]}`,
-      body: { editor_id: '11', dataset_name: '<a onClick="alert("XSS Injection")">xss injection</a>' },
-    });
-
-    const rep = JSON.parse(res?.body);
-    console.log(rep)
-    assert.equal(rep.status, 409);
-  });
-  await t.test('DELETE /delete', async () => {
-    const res = await app.inject({
-      method: 'DELETE',
-      url: `${prefix}/table/gis.dataset/5400000`,
-    });
-
-    const rep = JSON.parse(res?.body);
-    console.log(rep)
-    assert.ok(rep);
-  });
-});
+import { test } from 'node:test';
+import assert from 'node:assert';
+
+import build from '../../helper.js';
+
+import setToken from '../../crud/funcs/setToken.js';
+import config from '../config.js';
+
+test('api crud xss', async (t) => {
+  const app = await build(t);
+  const session = { passport: { user: { uid: '1' } } };
+  app.addHook('onRequest', async (req) => {
+    req.session = session;
+  });
+  // app.decorateRequest('session', session);
+
+  const prefix = config.prefix || '/api';
+
+  let addTokens;
+  let editTokens;
+
+  // before
+  t.test('setToken', async () => {
+    addTokens = setToken({
+      ids: [JSON.stringify({ add: 'gis.dataset', form: 'test.dataset.form' })],
+      mode: 'a',
+      uid: 1,
+      array: 1,
+    });
+    editTokens = setToken({
+      ids: [JSON.stringify({ id: '5400000', table: 'gis.dataset', form: 'test.dataset.form' })],
+      mode: 'w',
+      uid: 1,
+      array: 1,
+    });
+    assert.ok(addTokens.length === 1 && editTokens.length === 1, 'invalid token');
+  });
+
+  await t.test('POST /insert', async () => {
+    const res = await app.inject({
+      method: 'POST',
+      url: `${prefix}/table/${addTokens[0]}`,
+      body: { dataset_name: '<a onClick="alert("XSS Injection")">xss injection</a>', dataset_id: '5400000' },
+    });
+
+    const rep = JSON.parse(res?.body);
+    console.log(rep)
+    assert.ok(rep.status, 409);
+  });
+
+  await t.test('PUT /update', async () => {
+    const res = await app.inject({
+      method: 'PUT',
+      url: `${prefix}/table/${editTokens[0]}/${editTokens[0]}`,
+      body: { editor_id: '11', dataset_name: '<a onClick="alert("XSS Injection")">xss injection</a>' },
+    });
+
+    const rep = JSON.parse(res?.body);
+    console.log(rep)
+    assert.equal(rep.status, 409);
+  });
+  await t.test('DELETE /delete', async () => {
+    const res = await app.inject({
+      method: 'DELETE',
+      url: `${prefix}/table/gis.dataset/5400000`,
+    });
+
+    const rep = JSON.parse(res?.body);
+    console.log(rep)
+    assert.ok(rep);
+  });
+});