@opengis/fastify-table 1.1.123 → 1.1.125

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opengis/fastify-table",
-  "version": "1.1.123",
+  "version": "1.1.125",
   "type": "module",
   "description": "core-plugins",
   "keywords": ["fastify", "table", "crud", "pg", "backend" ],

package/server/plugins/crud/funcs/dataUpdate.js

@@ -7,11 +7,11 @@ import logChanges from './utils/logChanges.js';
 const rclient = getRedis();
 const srids = {};
 
-function assignValue(key, i, srid = 4326) {
-  if (key === 'geom') {
+function assignValue(key, i, srid = 4326, columnType = 'text') {
+  if (key === 'geom' && columnType === 'geometry') {
     return `"${key}"=st_setsrid(st_geomfromgeojson($${i + 2}::json),4326)`;
   }
-  if (key?.includes('geom')) {
+  if (key?.includes('geom') && columnType === 'geometry') {
     return `"${key}"=st_setsrid(st_geomfromgeojson($${i + 2}::json),${srid})`;
   }
   return `"${key}"=$${i + 2}`;
@@ -51,7 +51,7 @@ export default async function dataUpdate({
   }
 
   const updateQuery = `UPDATE ${table} SET ${systemColumns ? `${systemColumns}${filterData?.length ? ',' : ''}` : ''}
-  ${filterData?.map((key, i) => assignValue(key, i, srids[table]?.[key] || 4326))?.join(',')} 
+  ${filterData?.map((key, i) => assignValue(key, i, srids[table]?.[key] || 4326, pg.pgType?.[columns.find(col => col.name === key)?.dataTypeID || '']))?.join(',')} 
   WHERE ${pk} = $1 returning *`;
   // console.log(updateQuery, filterValue);
   const res = await pg.query(updateQuery, [id, ...filterValue]).then(el => el?.rows?.[0]) || {};

package/server/plugins/pg/funcs/getMeta.js

@@ -9,7 +9,7 @@ export default async function getMeta(opt) {
 
   if (data[table]) return data[table];
 
-  if (!pg.tlist?.includes(table.replace(/"/g, ''))) {
+  if (!pg.tlist?.includes(table?.replace?.(/"/g, ''))) {
     return { error: `${table} - not found`, status: 400 };
   }
 

package/server/plugins/policy/funcs/checkPolicy.js

@@ -13,7 +13,7 @@ import block from '../sqlInjection.js';
 
 export default function checkPolicy(req) {
   const {
-    originalUrl: path, hostname, query, params, headers, method, session, routeOptions,
+    originalUrl: path, hostname, query, params, headers, method, session, routeOptions, unittest,
   } = req;
   const body = JSON.stringify(req?.body || {}).substring(30);
   const isAdmin = process.env.NODE_ENV === 'admin' || hostname.split(':').shift() === config.adminDomain || hostname.startsWith('admin');
@@ -84,8 +84,8 @@ export default function checkPolicy(req) {
   }
 
   /* === 5. policy: site auth === */
-  if (!policy.includes('site') && !isAdmin && !config.local && !config.debug
-  && !['/auth/redirect', `${config.prefix || '/api'}/login`].find(el => path.includes(el))) {
+  if (!policy.includes('site') && !isAdmin && !config.local && !config.debug && !unittest
+  && !['/auth/redirect', '/logout', `${config.prefix || '/api'}/login`].find(el => path.includes(el))) {
     logger.file('policy/site', {
       path, method, params, query, body, message: 'access restricted: 5', uid: user?.uid,
     });

package/server/routes/crud/controllers/update.js

@@ -6,7 +6,7 @@ import insert from './insert.js';
 
 export default async function update(req) {
   const {
-    pg = pgClients.client, user, params = {}, body = {},
+    pg = pgClients.client, user, params = {}, body = {}, unittest,
   } = req;
   if (!user) return { message: 'access restricted', status: 403 };
   const hookData = await applyHook('preUpdate', {
@@ -48,7 +48,9 @@ export default async function update(req) {
   const schema = formData?.schema || formData;
 
   // skip non-present fields in form schema
-  Object.keys(body).filter(key => !Object.keys(schema || {}).includes(key)).forEach(key => delete body[key]);
+  if (!unittest) {
+    Object.keys(body).filter(key => !Object.keys(schema || {}).includes(key)).forEach(key => delete body[key]);
+  }
 
   const xssCheck = checkXSS({ body, schema });