@opengis/fastify-table 1.1.116 → 1.1.118

package/README.md

@@ -1,26 +1,87 @@
-# fastify-table
-
-[![NPM version](https://img.shields.io/npm/v/@opengis/fastify-table)](https://www.npmjs.com/package/@opengis/fastify-table)
-[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/)
-
-It standardizes the entire form building process, while taking care of everything from rendering to validation and processing:
-
-- pg
-- redis
-- crud
-
-## Install
-
-```bash
-npm i @opengis/fastify-table
-```
-
-## Usage
-
-```js
-fastify.register(import('@opengis/fastify-table'), config);
-```
-
-## Documenation
-
-For a detailed understanding fastify-table, its features, and how to use them, refer to our [Documentation](https://apidocs.softpro.ua/gis.storage/).
+# fastify-table
+
+<!-- ![alt text](https://cdn.softpro.ua/data/npm/admin/opengis-admin.png) -->
+
+[![NPM version](https://img.shields.io/npm/v/@opengis/fastify-table?style=plain)](https://www.npmjs.com/package/@opengis/fastify-table)
+[![NPM last update](https://img.shields.io/npm/last-update/@opengis/fastify-table?style=plain)]()
+[![NPM downloads](https://img.shields.io/npm/dw/@opengis/fastify-table?style=plain)]()
+[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=plain)](http://standardjs.com/)
+
+This is a backend toolkit for database management and more.
+
+### Why fastify-table?
+
+- **Logger** - Monitoring user activity and system status.
+- **Redis cache** - Optimizes web page rendering for lightning-fast performance.
+- **Secure** - Ensures protection against XSS attacks in queries.
+- **SQL Migration** - Automatically adds all necessary tables to your project's database.
+
+
+### Features 
+
+- CRUD
+- cron
+- Logger
+- Redis
+- pg
+
+---
+
+### Install
+
+```bash
+npm i @opengis/fastify-table
+```
+
+### Usage
+
+```js
+fastify.register(import('@opengis/fastify-table'), config);
+```
+
+---
+
+### Documenation
+
+For a detailed understanding `fastify-table`, its features, and how to use them, refer to our [Documentation](https://apidocs.softpro.ua/fastify-table/).
+
+---
+
+### Technology stack
+
+<a href="https://fastify.dev/" target="_blank">
+<img src="https://img.shields.io/badge/Fastify-323330?style=for-the-badge&logo=fastify" /></a>
+
+<a href="https://www.postgresql.org/" target="_blank">
+<img src="https://img.shields.io/badge/PostgreSQL-323330?style=for-the-badge&logo=postgresql&logoColor=white" /></a>
+
+<a href="https://redis.io/" target="_blank">
+<img src="https://img.shields.io/badge/redis-323330.svg?&style=for-the-badge&logo=redis&logoColor=" /></a>
+
+<a href="https://www.npmjs.com/package/pino" target="_blank">
+<img src="https://img.shields.io/badge/pino-323330.svg?&style=for-the-badge&logo=pino&logoColor=" /></a>
+
+---
+
+### Contribute
+
+Feel free to contact us through our website [SOFTPRO.UA](https://softpro.ua) or email <info@softpro.ua>
+
+- Report bugs
+- Share your ideas
+- Ask questions
+
+### Follow Us
+
+[Official site](https://softpro.ua)
+
+<p>
+  <a href="https://www.instagram.com/gissoftpro/" target="_blank"><img src="https://cdn.softpro.ua/data/npm/instagram.png" alt="Softpro Instagram" title="oftpro Instagram"></a>&nbsp;&nbsp;
+  <a href="https://www.facebook.com/gissoftpro" target="_blank"><img src="https://cdn.softpro.ua/data/npm/facebook.png" alt="Softpro Facebook" title="Softpro Facebook"></a>&nbsp;&nbsp;
+  <a href="https://t.me/softprogis" target="_blank"><img src="https://cdn.softpro.ua/data/npm/telegram.png" alt="Softpro Telegram" title="Softpro Telegram"></a>&nbsp;&nbsp;
+  <a href="https://www.linkedin.com/in/softpro-ukraine-a8876b282/recent-activity/all/" target="_blank"><img src="https://cdn.softpro.ua/data/npm/social/linkedin.png" alt="Softpro Linkedin" title="Softpro LinkedIn"></a>&nbsp;&nbsp;
+</p>
+
+### License
+
+Copyright © SOFTPRO. All rights reserved.

package/package.json

@@ -1,8 +1,9 @@
 {
   "name": "@opengis/fastify-table",
-  "version": "1.1.116",
+  "version": "1.1.118",
   "type": "module",
   "description": "core-plugins",
+  "keywords": ["fastify", "table", "crud", "pg", "backend" ],
   "main": "index.js",
   "files": [
     "server/*",

package/server/plugins/pg/funcs/getMeta.js

@@ -14,10 +14,11 @@ export default async function getMeta(opt) {
   }
 
   const { fields } = await pg.query(`select * from ${table} where $1=$1 limit 0`, [1]);
-  const { pks1 } = await pg.query(`SELECT json_object_agg(c.conrelid::regclass, a.attname) as pks1 FROM pg_constraint c 
-    left join pg_attribute a on c.conrelid=a.attrelid and a.attnum = c.conkey[1] WHERE c.contype='p'::"char" and c.conrelid::regclass = $1::regclass`, [table]).then(el => el.rows[0]) || {};
+  const pks1 = await pg.query(`SELECT json_object_agg(c.conrelid::regclass, a.attname) as pks1 FROM pg_constraint c 
+  left join pg_attribute a on c.conrelid=a.attrelid and a.attnum = c.conkey[1] WHERE c.contype='p'::"char" and c.conrelid::regclass = $1::regclass`, [table])
+    .then(el => el.rows[0]?.pks1 || {});
 
-  const pk = table.startsWith('public.') ? pks1?.[table.replace('public.', '')] : pks1?.[table];
+  const pk = table.startsWith('public.') ? pks1[table.replace('public.', '')] : pks1[table];
 
   const geomAttr = fields.find((el) => pg.pgType[el.dataTypeID] === 'geometry')?.name; // change geometry text to geometry code
 

package/server/plugins/policy/funcs/checkXSS.js

@@ -1,3 +1,4 @@
+import config from '../../../../config.js';
 import xssInjection from '../xssInjection.js';
 
 // RTE - rich text editor
@@ -11,9 +12,10 @@ function checkXSS({ body, schema = {} }) {
   if (stopSpecialSymbols?.length) stopSpecialSymbols?.forEach((el) => stopWords.push(el));
 
   // escape arrows on non-RTE
+  const skipScreening = config.skipScreening || ['Summernote', 'Tiny', 'Ace', 'Texteditor'];
   Object.keys(body)
     .filter((key) => ['<', '>'].find((el) => body[key]?.includes?.(el))
-  && !['Summernote', 'Tiny', 'Ace', 'Texteditor'].includes(schema?.[key]?.type))
+  && !skipScreening.includes(schema?.[key]?.type))
     ?.forEach((key) => {
       Object.assign(body, { [key]: body[key].replace(/</g, '&lt;').replace(/>/g, '&gt;') });
     });
@@ -25,7 +27,7 @@ function checkXSS({ body, schema = {} }) {
   const disabledCheckFields = Object.keys(schema || {})?.filter((el) => schema?.[el]?.xssCheck === false); // exclude specific columns
 
   // check RTE
-  /* const richTextFields = Object.keys(schema).filter((el) => ['Summernote', 'Tiny', 'Ace'].includes(schema[el]?.type));
+  /* const richTextFields = Object.keys(schema).filter((el) => skipScreening.includes(schema[el]?.type));
   richTextFields.filter((key) => !checkList.find((el) => body[key].includes(el)))?.forEach((key) => {
     disabledCheckFields.push(key);
   }); */

package/server/routes/table/controllers/suggest.js

@@ -1,5 +1,5 @@
 import {
-  config, getPG, getTemplate, getSelectMeta,
+  config, getPG, getTemplate, getSelectMeta, getMeta,
 } from '../../../../utils.js';
 
 const limit = 50;
@@ -20,13 +20,16 @@ export default async function suggest(req) {
 
   const [table, column] = params.data?.includes(':') ? params.data.split(':') : [];
   const selectName = query.sel || query.name || params.data;
+
   if (!selectName) return { headers, status: 400, message: 'name is required' };
 
   const body = await getTemplate('table', table);
+
   if (table && !pg1.pk[body?.table || table]) {
     return { headers, status: 400, message: 'param name is invalid: 1' };
   }
   const columnExists = body?.columns?.find((col) => col?.name === column);
+
   if (table && (!column || !columnExists)) {
     return { headers, status: 400, message: 'param name is invalid: 2' };
   }
@@ -37,12 +40,20 @@ export default async function suggest(req) {
       searchQuery: '(lower("text") ~ $1 )',
     }
     : await getSelectMeta({ name: selectName, nocache: query?.nocache });
+
   if (meta?.minLength && query.key && query.key.length < meta?.minLength) {
     return { message: `min length: ${meta.minLength}` };
   }
+
   const pg = meta?.db ? getPG(meta.db) : pg1;
-  if (!meta) return { headers, status: 404, message: 'Not found query select ' };
-  if (query.meta) return meta;
+
+  if (!meta) {
+    return { headers, status: 404, message: 'Not found query select ' };
+  }
+
+  if (query.meta) {
+    return meta;
+  }
 
   const { arr, searchQuery } = meta;
 
@@ -65,8 +76,20 @@ export default async function suggest(req) {
 
   const val = query.val ? ` ${meta.pk}=any('{${query.val.replace(/'/g, "''")}}')` : '';
   const where = [search, val, `${meta.pk} is not null`].filter((el) => el).join(' and ') || 'true';
-  const sqlSuggest = `with c(id,text) as ( ${meta.original.replace(/{{parent}}/gi, parent)} where ${where} order by 2) select * from c limit ${meta.limit || limit}`.replace(/{{uid}}/g, user?.uid || '0');
-  if (query.sql && config.local) return sqlSuggest;
+
+  const loadTable = await getTemplate('table', query.token);
+  const { columns = [] } = await getMeta({ table: loadTable?.table || query.token });
+
+  const filterColumn = query.column ? columns.find(el => el.name === query.column)?.name : null;
+  const filter = query.token && pg.pk?.[loadTable?.table || query.token] && filterColumn
+    ? `id in (select ${filterColumn} from ${(loadTable?.table || query.token).replace(/'/g, "''")})`
+    : 'true';
+
+  const sqlSuggest = `with c(id,text) as ( ${meta.original.replace(/{{parent}}/gi, parent)} where ${where} order by 2) select * from c where ${filter} limit ${meta.limit || limit}`.replace(/{{uid}}/g, user?.uid || '0');
+
+  if (query.sql && config.local) {
+    return sqlSuggest;
+  }
 
   // query
   const { rows: dataNew } = await pg.query(sqlSuggest, query.key ? [`${query.key.toLowerCase()}`] : []);