@opengis/fastify-table 1.0.97 → 1.1.0

package/crud/controllers/utils/xssInjection.js

@@ -1,72 +1,72 @@
-const xssInjection = [
-  'onkeypress=',
-  'onkeyup=',
-  'ondblclick=',
-  'onerror=',
-  'onmouseover=',
-  '<meta',
-  '<script',
-  'vascript:',
-  'onkeydown=',
-  'onmousedown=',
-  'onmouseenter=',
-  'onmouseleave=',
-  'onmousemove=',
-  'onmouseout=',
-  'onmouseup=',
-  'onmousewheel=',
-  'onpaste=',
-  'onscroll=',
-  'onwheel=',
-  'javascript:',
-  '\\x',
-  'eval(',
-  'onmouseover=',
-  'action=',
-  'xlink:',
-  'allowscriptaccess',
-  'href=',
-  'behavior:',
-  'onreadystatechange=',
-  'onstart=',
-  'offline=',
-  'onabort=',
-  'onafterprint=',
-  'onbeforeonload=',
-  'onbeforeprint=',
-  'onblur=',
-  'oncanplay=',
-  'oncanplaythrough=',
-  'onchange=',
-  'onclick=',
-  'oncontextmenu=',
-  'ondblclick=',
-  'ondrag=',
-  'ondragend=',
-  'ondragenter=',
-  'ondragleave=',
-  'ondragover=',
-  'ondragstart=',
-  'ondrop=',
-  'ondurationchange=',
-  'onemptied=',
-  'onended=',
-  'onerror=',
-  'onfocus=',
-  'onformchange=',
-  'onforminput=',
-  'onhaschange=',
-  'oninput=',
-  'oninvalid=',
-  'onkeydown=',
-  'onkeypress=',
-  'onkeyup=',
-  'onload=',
-  'onloadeddata=',
-  'onloadedmetadata=',
-  'onloadstart=',
-  'alert(',
-  'script:',
-];
-
-export default xssInjection;
+const xssInjection = [
+  'onkeypress=',
+  'onkeyup=',
+  'ondblclick=',
+  'onerror=',
+  'onmouseover=',
+  '<meta',
+  '<script',
+  'vascript:',
+  'onkeydown=',
+  'onmousedown=',
+  'onmouseenter=',
+  'onmouseleave=',
+  'onmousemove=',
+  'onmouseout=',
+  'onmouseup=',
+  'onmousewheel=',
+  'onpaste=',
+  'onscroll=',
+  'onwheel=',
+  'javascript:',
+  '\\x',
+  'eval(',
+  'onmouseover=',
+  'action=',
+  'xlink:',
+  'allowscriptaccess',
+  'href=',
+  'behavior:',
+  'onreadystatechange=',
+  'onstart=',
+  'offline=',
+  'onabort=',
+  'onafterprint=',
+  'onbeforeonload=',
+  'onbeforeprint=',
+  'onblur=',
+  'oncanplay=',
+  'oncanplaythrough=',
+  'onchange=',
+  'onclick=',
+  'oncontextmenu=',
+  'ondblclick=',
+  'ondrag=',
+  'ondragend=',
+  'ondragenter=',
+  'ondragleave=',
+  'ondragover=',
+  'ondragstart=',
+  'ondrop=',
+  'ondurationchange=',
+  'onemptied=',
+  'onended=',
+  'onerror=',
+  'onfocus=',
+  'onformchange=',
+  'onforminput=',
+  'onhaschange=',
+  'oninput=',
+  'oninvalid=',
+  'onkeydown=',
+  'onkeypress=',
+  'onkeyup=',
+  'onload=',
+  'onloadeddata=',
+  'onloadedmetadata=',
+  'onloadstart=',
+  'alert(',
+  'script:',
+];
+
+export default xssInjection;

package/crud/funcs/dataUpdate.js

@@ -1,30 +1,30 @@
-import getPG from '../../pg/funcs/getPG.js';
-
-import getMeta from '../../pg/funcs/getMeta.js';
-import logChanges from './utils/logChanges.js';
-
-export default async function dataUpdate({
-  table, id, data, pg: pg1, uid,
-}) {
-  if (!data || !table || !id) return null;
-
-  const pg = pg1 || getPG({ name: 'client' });
-  const { columns, pk } = await getMeta(table);
-
-  const names = columns?.map((el) => el.name);
-  const filterData = Object.keys(data)
-    .filter((el) => (/* typeof data[el] === 'boolean' ? true : data[el] &&  */ names?.includes(el)));
-
-  const filterValue = filterData.map((el) => [el, data[el]]).map((el) => (typeof el[1] === 'object' && el[1] && (!Array.isArray(el[1]) || typeof el[1]?.[0] === 'object') ? JSON.stringify(el[1]) : el[1]));
-
-  const updateQuery = `UPDATE ${table} SET ${filterData?.map((key, i) => (key === 'geom' ? `"${key}"=st_setsrid(st_geomfromgeojson($${i + 2}::json),4326)` : `"${key}"=$${i + 2}`)).join(',')} 
-      WHERE ${pk} = $1 returning *`;
-  // console.log(updateQuery, filterValue);
-  const res = await pg.query(updateQuery, [id, ...filterValue]).then(el => el?.rows?.[0]) || {};
-  
-  await logChanges({
-    pg, table, data, id, uid, type: 'UPDATE',
-  });
-  
-  return res;
-}
+import getPG from '../../pg/funcs/getPG.js';
+
+import getMeta from '../../pg/funcs/getMeta.js';
+import logChanges from './utils/logChanges.js';
+
+export default async function dataUpdate({
+  table, id, data, pg: pg1, uid,
+}) {
+  if (!data || !table || !id) return null;
+
+  const pg = pg1 || getPG({ name: 'client' });
+  const { columns, pk } = await getMeta(table);
+
+  const names = columns?.map((el) => el.name);
+  const filterData = Object.keys(data)
+    .filter((el) => (/* typeof data[el] === 'boolean' ? true : data[el] &&  */ names?.includes(el)));
+
+  const filterValue = filterData.map((el) => [el, data[el]]).map((el) => (typeof el[1] === 'object' && el[1] && (!Array.isArray(el[1]) || typeof el[1]?.[0] === 'object') ? JSON.stringify(el[1]) : el[1]));
+
+  const updateQuery = `UPDATE ${table} SET ${filterData?.map((key, i) => (key === 'geom' ? `"${key}"=st_setsrid(st_geomfromgeojson($${i + 2}::json),4326)` : `"${key}"=$${i + 2}`)).join(',')} 
+      WHERE ${pk} = $1 returning *`;
+  // console.log(updateQuery, filterValue);
+  const res = await pg.query(updateQuery, [id, ...filterValue]).then(el => el?.rows?.[0]) || {};
+  
+  await logChanges({
+    pg, table, data, id, uid, type: 'UPDATE',
+  });
+  
+  return res;
+}

package/crud/funcs/getToken.js

@@ -1,27 +1,27 @@
-import getRedis from '../../redis/funcs/getRedis.js';
-import config from '../../config.js';
-
-function sprintf(str, ...args) {
-  return str.replace(/%s/g, () => args.shift());
-}
-
-const keys = {
-  r: '%s:token:view:%s',
-  a: '%s:token:add:%s',
-  w: '%s:token:edit:%s',
-  e: '%s:token:exec:%s',
-};
-
-async function getToken({
-  uid, token, mode = 'r', json,
-}) {
-  if (mode === 'r') return token;
-
-  const rclient = getRedis({ db: 0 });
-
-  const key = sprintf(keys[mode], config?.pg?.database, uid?.toString());
-  const id = await rclient.hget(key, token);
-  return json && id?.[0] === '{' ? JSON.parse(id) : id;
-}
-
-export default getToken;
+import getRedis from '../../redis/funcs/getRedis.js';
+import config from '../../config.js';
+
+function sprintf(str, ...args) {
+  return str.replace(/%s/g, () => args.shift());
+}
+
+const keys = {
+  r: '%s:token:view:%s',
+  a: '%s:token:add:%s',
+  w: '%s:token:edit:%s',
+  e: '%s:token:exec:%s',
+};
+
+async function getToken({
+  uid, token, mode = 'r', json,
+}) {
+  if (mode === 'r') return token;
+
+  const rclient = getRedis({ db: 0 });
+
+  const key = sprintf(keys[mode], config?.pg?.database, uid?.toString());
+  const id = await rclient.hget(key, token);
+  return json && id?.[0] === '{' ? JSON.parse(id) : id;
+}
+
+export default getToken;

package/crud/funcs/isFileExists.js

@@ -1,13 +1,13 @@
-import { access } from 'fs/promises';
-
-const isFileExists = async (filepath) => {
-  try {
-    await access(filepath);
-    return true;
-  }
-  catch (err) {
-    return false;
-  }
-};
-
-export default isFileExists;
+import { access } from 'fs/promises';
+
+const isFileExists = async (filepath) => {
+  try {
+    await access(filepath);
+    return true;
+  }
+  catch (err) {
+    return false;
+  }
+};
+
+export default isFileExists;

package/crud/funcs/setToken.js

@@ -1,53 +1,53 @@
-import { createHash, randomUUID } from 'crypto';
-
-import config from '../../config.js';
-import getRedis from '../../redis/funcs/getRedis.js';
-
-const generateCodes = (ids, userToken) => {
-  const token = userToken || randomUUID();
-  const notNullIds = ids.filter((el) => el);
-  const obj = {};
-  const codes = notNullIds.reduce((acc, id) => {
-    const newToken = createHash('sha1').update(token + id).digest('base64url').replace(/-/g, '');
-    acc[newToken] = id; obj[id] = newToken;
-    return acc;
-  }, {});
-  return { codes, obj };
-};
-
-function setToken({
-  ids: idsOrigin, mode = 'r', uid, referer, array,
-}) {
-  const rclient2 = getRedis({ db: 0 });
-  //  const rclient5 = getRedis({ db: 0, funcs });
-
-  if (!uid) return { user: 'empty' };
-  if (!Object.keys(idsOrigin).length) return { ids: 'empty' };
-
-  const ids = idsOrigin.map((el) => (typeof el === 'object' ? JSON.stringify(el) : el));
-  // update/delete
-
-  if (mode === 'r') return null;
-
-  // TODO generate salt
-  const { codes, obj } = generateCodes(ids, uid);
-
-  if (!Object.keys(codes).length) return { ids: 'empty' };
-
-  rclient2.hmset(`${config.pg.database}:token:${{
-    e: 'exec', r: 'view', w: 'edit', a: 'add',
-  }[mode]}:${uid}`, codes);
-
-  // log token for debug. add extra data - uid, mode, date
-  /* const dt = new Date().toISOString();
-   const codesLog = Object.keys(codes).reduce((acc, key) => {
-    acc[key] = `{"referer": "${referer}" ,"uid":"${uid}","mode":"${mode}","date":"${dt}",${codes[key].substr(1)}`;
-    return acc;
-  }, {});
-   rclient5.hmset(`${config.pg.database}:token:edit`, codesLog); // 'EX', 64800 */
-
-  // TODO дополнительно писать в hset token -> uid
-  return array ? Object.values(obj) : obj;
-}
-
-export default setToken;
+import { createHash, randomUUID } from 'crypto';
+
+import config from '../../config.js';
+import getRedis from '../../redis/funcs/getRedis.js';
+
+const generateCodes = (ids, userToken) => {
+  const token = userToken || randomUUID();
+  const notNullIds = ids.filter((el) => el);
+  const obj = {};
+  const codes = notNullIds.reduce((acc, id) => {
+    const newToken = createHash('sha1').update(token + id).digest('base64url').replace(/-/g, '');
+    acc[newToken] = id; obj[id] = newToken;
+    return acc;
+  }, {});
+  return { codes, obj };
+};
+
+function setToken({
+  ids: idsOrigin, mode = 'r', uid, referer, array,
+}) {
+  const rclient2 = getRedis({ db: 0 });
+  //  const rclient5 = getRedis({ db: 0, funcs });
+
+  if (!uid) return { user: 'empty' };
+  if (!Object.keys(idsOrigin).length) return { ids: 'empty' };
+
+  const ids = idsOrigin.map((el) => (typeof el === 'object' ? JSON.stringify(el) : el));
+  // update/delete
+
+  if (mode === 'r') return null;
+
+  // TODO generate salt
+  const { codes, obj } = generateCodes(ids, uid);
+
+  if (!Object.keys(codes).length) return { ids: 'empty' };
+
+  rclient2.hmset(`${config.pg.database}:token:${{
+    e: 'exec', r: 'view', w: 'edit', a: 'add',
+  }[mode]}:${uid}`, codes);
+
+  // log token for debug. add extra data - uid, mode, date
+  /* const dt = new Date().toISOString();
+   const codesLog = Object.keys(codes).reduce((acc, key) => {
+    acc[key] = `{"referer": "${referer}" ,"uid":"${uid}","mode":"${mode}","date":"${dt}",${codes[key].substr(1)}`;
+    return acc;
+  }, {});
+   rclient5.hmset(`${config.pg.database}:token:edit`, codesLog); // 'EX', 64800 */
+
+  // TODO дополнительно писать в hset token -> uid
+  return array ? Object.values(obj) : obj;
+}
+
+export default setToken;

package/crud/funcs/utils/logChanges.js

@@ -12,13 +12,16 @@ function formatData(fieldType = 'text', value = null) {
     }
     return value ? `'${value}'::${fieldType}` : null;
   }
-  /* if (fieldType.includes('json') && Array.isArray(value)) {
-    return value;
-  } */
+  if (typeof value === 'object' || fieldType.includes('json')) {
+    if (Array.isArray(value)) {
+      return `'${JSON.stringify(value)}'`;
+    }
+    return `'${JSON.stringify(value)}'`;
+  }
   if (Array.isArray(value)) {
     return `'{ ${value.join(',')} }'::${fieldType}`;
   }
-  return typeof value === 'object' ? JSON.stringify(value) : `'${value || null}'`;
+  return `'${value || null}'`;
 }
 
 export default async function logChanges({

package/notification/controllers/testEmail.js

@@ -1,49 +1,49 @@
-import path from 'path';
-import { existsSync } from 'fs';
-import { fileURLToPath } from 'url';
-
-const fileName = fileURLToPath(import.meta.url);
-const dirName = path.dirname(fileName);
-
-import notification from '../funcs/sendNotification.js';
-
-export default async function testNotification({
-  pg, funcs = {}, log, query = {}, session = {},
-}) {
-  const { local } = funcs.config || {};
-  if (!session?.passport?.user?.user_type?.includes('admin') && !local) {
-    return { message: 'Forbidden', status: 403 };
-  }
-
-  const date = new Date().toISOString().split('T')[0];
-  if (!query.to) {
-    return { message: 'param to is required', status: 400 };
-  }
-
-  try {
-    const {
-      to, template, table, id, nocache,
-    } = query;
-    const file = [path.join(dirName, '../../', 'changelog.md'), path.join(dirName, 'utils', 'pin-m-ty-media-record-outline+303070.png')].filter((el) => existsSync(el));
-    const data = await notification({
-      pg,
-      funcs,
-      log,
-      to,
-      template,
-      title: `Test Softpro ${date}`,
-      table,
-      nocache,
-      file,
-      id,
-      message: `Test mail Softpro ${date} Lorem Ipsum Lorem Ipsum`,
-    });
-
-    return {
-      message: data || 'ok',
-    };
-  }
-  catch (err) {
-    return { error: err.toString(), status: 500 };
-  }
-}
+import path from 'path';
+import { existsSync } from 'fs';
+import { fileURLToPath } from 'url';
+
+const fileName = fileURLToPath(import.meta.url);
+const dirName = path.dirname(fileName);
+
+import notification from '../funcs/sendNotification.js';
+
+export default async function testNotification({
+  pg, funcs = {}, log, query = {}, session = {},
+}) {
+  const { local } = funcs.config || {};
+  if (!session?.passport?.user?.user_type?.includes('admin') && !local) {
+    return { message: 'Forbidden', status: 403 };
+  }
+
+  const date = new Date().toISOString().split('T')[0];
+  if (!query.to) {
+    return { message: 'param to is required', status: 400 };
+  }
+
+  try {
+    const {
+      to, template, table, id, nocache,
+    } = query;
+    const file = [path.join(dirName, '../../', 'changelog.md'), path.join(dirName, 'utils', 'pin-m-ty-media-record-outline+303070.png')].filter((el) => existsSync(el));
+    const data = await notification({
+      pg,
+      funcs,
+      log,
+      to,
+      template,
+      title: `Test Softpro ${date}`,
+      table,
+      nocache,
+      file,
+      id,
+      message: `Test mail Softpro ${date} Lorem Ipsum Lorem Ipsum`,
+    });
+
+    return {
+      message: data || 'ok',
+    };
+  }
+  catch (err) {
+    return { error: err.toString(), status: 500 };
+  }
+}

package/notification/funcs/utils/sendEmail.js

@@ -1,39 +1,39 @@
-import nodemailer from 'nodemailer';
-
-/**
- * Надсилає поваідомлення на пошту
- *
- * @type function
- * @alias sendEmail
- * @summary Функція здійснює розсилку по email
- */
-
-export default async function sendEmail({
-  funcs, to, from, subject, html, attachments,
-}) {
-  const { config = {} } = funcs;
-
-  if (!to?.length) {
-    throw new Error('empty to list');
-  }
-
-  const { mailSetting = {} } = config;
-
-  /*= == check service and setting === */
-  if (!mailSetting.service) {
-    throw new Error('service is not defined in config');
-  }
-
-  Object.assign(mailSetting, { rejectUnauthorized: false });
-
-  if (mailSetting.port === 465) {
-    Object.assign(mailSetting, { secure: true });
-  }
-
-  const transport = nodemailer.createTransport(mailSetting);
-
-  const result = await transport.sendMail({
-    from: from || mailSetting.from, to, subject, html, attachments,
-  });
-  return result;
-}
+import nodemailer from 'nodemailer';
+
+/**
+ * Надсилає поваідомлення на пошту
+ *
+ * @type function
+ * @alias sendEmail
+ * @summary Функція здійснює розсилку по email
+ */
+
+export default async function sendEmail({
+  funcs, to, from, subject, html, attachments,
+}) {
+  const { config = {} } = funcs;
+
+  if (!to?.length) {
+    throw new Error('empty to list');
+  }
+
+  const { mailSetting = {} } = config;
+
+  /*= == check service and setting === */
+  if (!mailSetting.service) {
+    throw new Error('service is not defined in config');
+  }
+
+  Object.assign(mailSetting, { rejectUnauthorized: false });
+
+  if (mailSetting.port === 465) {
+    Object.assign(mailSetting, { secure: true });
+  }
+
+  const transport = nodemailer.createTransport(mailSetting);
+
+  const result = await transport.sendMail({
+    from: from || mailSetting.from, to, subject, html, attachments,
+  });
+  return result;
+}

package/notification/index.js

@@ -1,38 +1,38 @@
-// api
-import userNotifications from './controllers/userNotifications.js';
-import testEmail from './controllers/testEmail.js';
-// funcs
-import addNotification from './funcs/addNotification.js'; // add to db
-import notification from './funcs/sendNotification.js'; // send
-
-const tableSchema = {
-  querystring: {
-    nocache: { type: 'string', pattern: '^(\\d+)$' },
-  },
-};
-
-async function plugin(fastify, config = {}) {
-  const prefix = config.prefix || '/api';
-  fastify.route({
-    method: 'GET',
-    url: `${prefix}/notification`,
-    config: {
-      policy: ['user'], // implement user auth check policy??
-    },
-    schema: tableSchema,
-    handler: userNotifications,
-  });
-  fastify.route({
-    method: 'GET',
-    url: `${prefix}/test-email`,
-    config: {
-      policy: ['user'],
-    },
-    handler: testEmail,
-  });
-
-  fastify.decorate('addNotification', addNotification);
-  fastify.decorate('notification', notification);
-}
-
-export default plugin;
+// api
+import userNotifications from './controllers/userNotifications.js';
+import testEmail from './controllers/testEmail.js';
+// funcs
+import addNotification from './funcs/addNotification.js'; // add to db
+import notification from './funcs/sendNotification.js'; // send
+
+const tableSchema = {
+  querystring: {
+    nocache: { type: 'string', pattern: '^(\\d+)$' },
+  },
+};
+
+async function plugin(fastify, config = {}) {
+  const prefix = config.prefix || '/api';
+  fastify.route({
+    method: 'GET',
+    url: `${prefix}/notification`,
+    config: {
+      policy: ['user'], // implement user auth check policy??
+    },
+    schema: tableSchema,
+    handler: userNotifications,
+  });
+  fastify.route({
+    method: 'GET',
+    url: `${prefix}/test-email`,
+    config: {
+      policy: ['user'],
+    },
+    handler: testEmail,
+  });
+
+  fastify.decorate('addNotification', addNotification);
+  fastify.decorate('notification', notification);
+}
+
+export default plugin;