@opengis/fastify-table 1.1.126 → 1.1.128

package/package.json

@@ -1,9 +1,15 @@
 {
   "name": "@opengis/fastify-table",
-  "version": "1.1.126",
+  "version": "1.1.128",
   "type": "module",
   "description": "core-plugins",
-  "keywords": ["fastify", "table", "crud", "pg", "backend" ],
+  "keywords": [
+    "fastify",
+    "table",
+    "crud",
+    "pg",
+    "backend"
+  ],
   "main": "index.js",
   "files": [
     "server/*",

package/server/migrations/roles.sql

@@ -1,188 +1,191 @@
-create schema if not exists admin;
-create schema if not exists public;
-CREATE EXTENSION if not exists pg_trgm SCHEMA public VERSION "1.5";
-
-
--- Admin Menu
--- DROP TABLE if exists admin.menu;
-CREATE TABLE if not exists admin.menu();
-alter table admin.menu DROP CONSTRAINT if exists admin_menu_id_pkey cascade;
-alter table admin.menu DROP CONSTRAINT if exists admin_menu_name_unique;
-
-alter table admin.menu add column if not exists menu_id text NOT NULL default next_id();
-alter table admin.menu add column if not exists name text;
-alter table admin.menu add column if not exists ord numeric;
-alter table admin.menu add column if not exists enabled boolean NOT NULL DEFAULT true;
-alter table admin.menu add column if not exists uid text;
-alter table admin.menu add column if not exists editor_id text;
-alter table admin.menu add column if not exists editor_date timestamp without time zone;
-alter table admin.menu add column if not exists cdate timestamp without time zone DEFAULT now();
-alter table admin.menu add CONSTRAINT admin_menu_id_pkey PRIMARY KEY (menu_id);
-alter table admin.menu add CONSTRAINT admin_menu_name_unique UNIQUE (name);
-
-COMMENT ON TABLE admin.menu IS 'Пункти меню';
-COMMENT ON COLUMN admin.menu.menu_id IS 'Ідентифікатор пункту меню';
-COMMENT ON COLUMN admin.menu.name IS 'Назва пункту меню';
-COMMENT ON COLUMN admin.menu.ord IS 'Порядковий номер';
-COMMENT ON COLUMN admin.menu.enabled IS 'On / Off';
-
-
-
-
--- Role (Group)
--- drop table if exists admin.roles;
-CREATE TABLE if not exists admin.roles();
-alter table admin.roles DROP CONSTRAINT if exists admin_roles_id_pkey cascade;
-
-ALTER TABLE admin.roles ADD COLUMN if not exists role_id text NOT NULL DEFAULT next_id();
-ALTER TABLE admin.roles ADD COLUMN if not exists name text;
-ALTER TABLE admin.roles ADD COLUMN if not exists enabled boolean;
-ALTER TABLE admin.roles ADD COLUMN if not exists info text;
-ALTER TABLE admin.roles ADD COLUMN if not exists cdate timestamp without time zone DEFAULT date_trunc('seconds'::text, now());
-ALTER TABLE admin.roles ADD COLUMN if not exists uid text;
-ALTER TABLE admin.roles ADD COLUMN if not exists editor_id text;
-ALTER TABLE admin.roles ADD COLUMN if not exists editor_date timestamp without time zone;
-
-ALTER TABLE admin.roles ADD CONSTRAINT admin_roles_id_pkey PRIMARY KEY(role_id);
-
-COMMENT ON TABLE admin.roles IS 'Групи';
-COMMENT ON COLUMN admin.roles.role_id IS 'ID';
-COMMENT ON COLUMN admin.roles.name IS 'Назва групи';
-COMMENT ON COLUMN admin.roles.enabled IS 'On / Off';
-COMMENT ON COLUMN admin.roles.info IS 'Опис групи';
-COMMENT ON COLUMN admin.roles.cdate IS 'Дата створення';
-COMMENT ON COLUMN admin.roles.uid IS 'Хто створив';
-COMMENT ON COLUMN admin.roles.editor_id IS 'Останній редагувач';
-COMMENT ON COLUMN admin.roles.editor_date IS 'Дата останнього редагування';
-
--- Routes (Interfaces)
--- DROP TABLE if exists admin.routes;
-CREATE TABLE if not exists admin.routes();
-alter table admin.routes DROP CONSTRAINT if exists admin_route_id_pkey cascade;
-alter table admin.routes DROP constraint if exists admin_route_menu_id_fkey cascade;
-alter table admin.routes DROP constraint if exists admin_route_alias_query_unique cascade;
-
-alter table admin.routes add column if not exists route_id text;
-alter table admin.routes alter column route_id set not null;
-alter table admin.routes alter column route_id set default next_id();
-alter table admin.routes add column if not exists alias text;
-alter table admin.routes alter column alias drop not null;
--- alter table admin.routes alter column alias set not null;
-alter table admin.routes add column if not exists table_name text;
-alter table admin.routes alter column table_name drop not null;
--- alter table admin.routes alter column table_name set not null;
-alter table admin.routes add column if not exists query text;
-alter table admin.routes add column if not exists actions text[];
-alter table admin.routes add column if not exists access text;
-alter table admin.routes add column if not exists title text;
-alter table admin.routes add column if not exists public boolean;
-alter table admin.routes add column if not exists menu_id text;
-alter table admin.routes add column if not exists uid text;
-alter table admin.routes add column if not exists editor_id text;
-alter table admin.routes add column if not exists editor_date timestamp without time zone;
-alter table admin.routes add column if not exists cdate timestamp without time zone DEFAULT now();
-alter table admin.routes alter column cdate set DEFAULT now();
-alter table admin.routes add column if not exists enabled boolean;
-alter table admin.routes alter column enabled set NOT NULL;
-alter table admin.routes alter column enabled set DEFAULT true;
-
-alter table admin.routes add CONSTRAINT admin_route_id_pkey PRIMARY KEY (route_id);
-alter table admin.routes add constraint admin_route_menu_id_fkey FOREIGN KEY (menu_id) REFERENCES admin.menu(menu_id);
-
--- alter table admin.routes add CONSTRAINT admin_route_alias_query_unique UNIQUE (alias, query);
-
-COMMENT ON TABLE admin.routes IS 'Список інтерфейсів';
-COMMENT ON COLUMN admin.routes.route_id IS 'Ідентифікатор інтерфейса';
-COMMENT ON COLUMN admin.routes.alias IS 'Назва файлу інтерфейса';
-
-COMMENT ON COLUMN admin.routes.table_name IS 'Таблиця в БД';
-comment on column admin.routes.query is 'Запит до таблиці';
-COMMENT ON COLUMN admin.routes.actions IS 'Дії';
-COMMENT ON COLUMN admin.routes.access IS 'Рівень доступу';
-COMMENT ON COLUMN admin.routes.title IS 'Назва інтерфейсу українською';
-COMMENT ON COLUMN admin.routes.public IS 'Ознака чи для всіх показується';
-COMMENT ON COLUMN admin.routes.enabled IS 'On / Off';
-COMMENT ON COLUMN admin.routes.menu_id IS 'Пункт меню (для collapse)';
-
--- User <> Role (Group)
--- DROP TABLE if exists admin.user_roles;
-
-CREATE TABLE if not exists admin.user_roles();
-ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_role_id_pkey;
-ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_pkey;
-ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_role_id_fkey;
-ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_user_uid_fkey;
-ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_user_uid_role_id_key;
-
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS ugr_id text NOT NULL DEFAULT next_id();
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS user_uid text NOT NULL;
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS role_id text NOT NULL;
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS cdate timestamp without time zone DEFAULT date_trunc('seconds'::text, now());
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS uid text;
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS editor_id text;
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS editor_date timestamp without time zone;
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS expiration date;
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS access_granted text;
-ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS access_granted_time timestamp without time zone;
-
-ALTER TABLE admin.user_roles ADD CONSTRAINT admin_user_roles_pkey PRIMARY KEY (ugr_id);
-
-
-COMMENT ON TABLE admin.user_roles IS 'Відношення користувачів до груп';
-COMMENT ON COLUMN admin.user_roles.user_uid IS 'ID користувача';
-COMMENT ON COLUMN admin.user_roles.role_id IS 'ID групи';
-COMMENT ON COLUMN admin.user_roles.uid IS 'Користувач, який створив запис в БД';
-COMMENT ON COLUMN admin.user_roles.expiration IS 'закінчення терміну дії доступу до групи';
-COMMENT ON COLUMN admin.user_roles.access_granted IS 'Ідентифікатор користувача який надав доступ';
-COMMENT ON COLUMN admin.user_roles.access_granted_time IS 'Час коли надали доступ';
-
-CREATE INDEX IF NOT EXISTS admin_user_roles_access_user_uid_idx ON admin.user_roles USING btree (user_uid COLLATE pg_catalog."default");
-CREATE INDEX IF NOT EXISTS admin_user_roles_cdate_btree_idx ON admin.user_roles USING btree (cdate);
-CREATE INDEX IF NOT EXISTS admin_user_roles_editor_date_btree_idx ON admin.user_roles USING btree (editor_date);
-CREATE INDEX IF NOT EXISTS admin_user_roles_user_uid_gin_idx ON admin.user_roles USING gin (user_uid COLLATE pg_catalog."default" gin_trgm_ops);
-CREATE INDEX IF NOT EXISTS admin_user_roles_role_id_idx ON admin.user_roles USING btree (role_id COLLATE pg_catalog."default");
-
-
--- Route (Interface) <> User / Role (Group)
--- drop table if exists admin.role_access;
-drop table if exists admin.access;
-
-CREATE TABLE if not exists admin.role_access();
-alter table admin.role_access DROP CONSTRAINT if exists admin_access_id_pkey;
-alter table admin.role_access DROP CONSTRAINT if exists admin_role_access_id_pkey;
-alter table admin.role_access DROP CONSTRAINT if exists admin_access_role_id_fkey;
-alter table admin.role_access DROP CONSTRAINT if exists admin_access_route_id_uid_unique;
-alter table admin.role_access DROP CONSTRAINT if exists admin_access_route_id_fkey;
-
-alter table admin.role_access add column if not exists access_id text NOT NULL DEFAULT next_id();
-alter table admin.role_access add column if not exists route_id text NOT NULL;
-alter table admin.role_access add column if not exists role_id text;
-alter table admin.role_access add column if not exists user_uid text;
-alter table admin.role_access add column if not exists scope text;
-alter table admin.role_access add column if not exists actions text[];
-ALTER TABLE admin.role_access ADD COLUMN IF NOT EXISTS access_granted text;
-ALTER TABLE admin.role_access ADD COLUMN IF NOT EXISTS access_granted_time timestamp without time zone;
-alter table admin.role_access add column if not exists cdate timestamp without time zone NOT NULL DEFAULT date_trunc('seconds'::text, now());
-alter table admin.role_access add column if not exists uid text;
-alter table admin.role_access add column if not exists editor_id text;
-alter table admin.role_access add column if not exists editor_date timestamp without time zone;
-
-alter table admin.role_access add CONSTRAINT admin_role_access_id_pkey PRIMARY KEY (access_id);
-alter table admin.role_access add CONSTRAINT admin_access_role_id_fkey FOREIGN KEY (role_id) REFERENCES admin.roles (role_id);
-alter table admin.role_access add CONSTRAINT admin_access_route_id_uid_unique UNIQUE (route_id, user_uid, role_id);
-alter table admin.role_access add constraint admin_access_route_id_fkey FOREIGN KEY (route_id) REFERENCES admin.routes(route_id);
-
-
-COMMENT ON TABLE admin.role_access IS 'Налаштування прав. Відношення груп / окремих користувачів до шаблонів';
-COMMENT ON COLUMN admin.role_access.route_id IS 'ID шаблона';
-COMMENT ON COLUMN admin.role_access.role_id IS 'ID групи';
-COMMENT ON COLUMN admin.role_access.user_uid IS 'ID користувача';
-COMMENT ON COLUMN admin.role_access.scope IS 'Обмеження виведення (власні, відповідальний, всі)';
-COMMENT ON COLUMN admin.role_access.actions IS 'Доступні дії';
-COMMENT ON COLUMN admin.role_access.access_granted IS 'Ідентифікатор користувача який надав доступ';
-COMMENT ON COLUMN admin.role_access.access_granted_time IS 'Час коли надали доступ';
-
-CREATE INDEX if not exists admin_access_route_id_idx ON admin.role_access USING btree (route_id COLLATE pg_catalog."default");
-CREATE INDEX if not exists admin_access_role_id_idx ON admin.role_access USING btree (role_id COLLATE pg_catalog."default");
-
-
+create schema if not exists admin;
+create schema if not exists public;
+CREATE EXTENSION if not exists pg_trgm SCHEMA public VERSION "1.5";
+
+
+-- Admin Menu
+-- DROP TABLE if exists admin.menu;
+CREATE TABLE if not exists admin.menu();
+alter table admin.menu DROP CONSTRAINT if exists admin_menu_id_pkey cascade;
+alter table admin.menu DROP CONSTRAINT if exists admin_menu_name_unique;
+
+alter table admin.menu add column if not exists menu_id text NOT NULL default next_id();
+alter table admin.menu add column if not exists name text;
+alter table admin.menu add column if not exists ord numeric;
+alter table admin.menu add column if not exists enabled boolean NOT NULL DEFAULT true;
+alter table admin.menu add column if not exists uid text;
+alter table admin.menu add column if not exists editor_id text;
+alter table admin.menu add column if not exists editor_date timestamp without time zone;
+alter table admin.menu add column if not exists cdate timestamp without time zone DEFAULT now();
+alter table admin.menu add CONSTRAINT admin_menu_id_pkey PRIMARY KEY (menu_id);
+alter table admin.menu add CONSTRAINT admin_menu_name_unique UNIQUE (name);
+
+COMMENT ON TABLE admin.menu IS 'Пункти меню';
+COMMENT ON COLUMN admin.menu.menu_id IS 'Ідентифікатор пункту меню';
+COMMENT ON COLUMN admin.menu.name IS 'Назва пункту меню';
+COMMENT ON COLUMN admin.menu.ord IS 'Порядковий номер';
+COMMENT ON COLUMN admin.menu.enabled IS 'On / Off';
+
+
+
+
+-- Role (Group)
+-- drop table if exists admin.roles;
+CREATE TABLE if not exists admin.roles();
+alter table admin.roles DROP CONSTRAINT if exists admin_roles_id_pkey cascade;
+
+ALTER TABLE admin.roles ADD COLUMN if not exists role_id text NOT NULL DEFAULT next_id();
+ALTER TABLE admin.roles ADD COLUMN if not exists name text;
+ALTER TABLE admin.roles ADD COLUMN if not exists enabled boolean;
+ALTER TABLE admin.roles ADD COLUMN if not exists info text;
+ALTER TABLE admin.roles ADD COLUMN if not exists cdate timestamp without time zone DEFAULT date_trunc('seconds'::text, now());
+ALTER TABLE admin.roles ADD COLUMN if not exists uid text;
+ALTER TABLE admin.roles ADD COLUMN if not exists editor_id text;
+ALTER TABLE admin.roles ADD COLUMN if not exists editor_date timestamp without time zone;
+
+ALTER TABLE admin.roles ADD CONSTRAINT admin_roles_id_pkey PRIMARY KEY(role_id);
+
+COMMENT ON TABLE admin.roles IS 'Групи';
+COMMENT ON COLUMN admin.roles.role_id IS 'ID';
+COMMENT ON COLUMN admin.roles.name IS 'Назва групи';
+COMMENT ON COLUMN admin.roles.enabled IS 'On / Off';
+COMMENT ON COLUMN admin.roles.info IS 'Опис групи';
+COMMENT ON COLUMN admin.roles.cdate IS 'Дата створення';
+COMMENT ON COLUMN admin.roles.uid IS 'Хто створив';
+COMMENT ON COLUMN admin.roles.editor_id IS 'Останній редагувач';
+COMMENT ON COLUMN admin.roles.editor_date IS 'Дата останнього редагування';
+
+-- Routes (Interfaces)
+-- DROP TABLE if exists admin.routes;
+CREATE TABLE if not exists admin.routes();
+alter table admin.routes DROP CONSTRAINT if exists admin_route_id_pkey cascade;
+alter table admin.routes DROP constraint if exists admin_route_menu_id_fkey cascade;
+alter table admin.routes DROP constraint if exists admin_route_alias_query_unique cascade;
+
+alter table admin.routes add column if not exists route_id text;
+alter table admin.routes alter column route_id set not null;
+alter table admin.routes alter column route_id set default next_id();
+alter table admin.routes add column if not exists alias text;
+alter table admin.routes alter column alias drop not null;
+-- alter table admin.routes alter column alias set not null;
+alter table admin.routes add column if not exists table_name text;
+alter table admin.routes alter column table_name drop not null;
+-- alter table admin.routes alter column table_name set not null;
+alter table admin.routes add column if not exists query text;
+alter table admin.routes add column if not exists actions text[];
+alter table admin.routes add column if not exists access text;
+alter table admin.routes add column if not exists title text;
+alter table admin.routes add column if not exists public boolean;
+alter table admin.routes add column if not exists menu_id text;
+alter table admin.routes add column if not exists uid text;
+alter table admin.routes add column if not exists editor_id text;
+alter table admin.routes add column if not exists editor_date timestamp without time zone;
+alter table admin.routes add column if not exists cdate timestamp without time zone DEFAULT now();
+alter table admin.routes alter column cdate set DEFAULT now();
+alter table admin.routes add column if not exists enabled boolean;
+alter table admin.routes alter column enabled set NOT NULL;
+alter table admin.routes alter column enabled set DEFAULT true;
+
+alter table admin.routes add CONSTRAINT admin_route_id_pkey PRIMARY KEY (route_id);
+alter table admin.routes add constraint admin_route_menu_id_fkey FOREIGN KEY (menu_id) REFERENCES admin.menu(menu_id);
+
+-- alter table admin.routes add CONSTRAINT admin_route_alias_query_unique UNIQUE (alias, query);
+
+COMMENT ON TABLE admin.routes IS 'Список інтерфейсів';
+COMMENT ON COLUMN admin.routes.route_id IS 'Ідентифікатор інтерфейса';
+COMMENT ON COLUMN admin.routes.alias IS 'Назва файлу інтерфейса';
+
+COMMENT ON COLUMN admin.routes.table_name IS 'Таблиця в БД';
+comment on column admin.routes.query is 'Запит до таблиці';
+COMMENT ON COLUMN admin.routes.actions IS 'Дії';
+COMMENT ON COLUMN admin.routes.access IS 'Рівень доступу';
+COMMENT ON COLUMN admin.routes.title IS 'Назва інтерфейсу українською';
+COMMENT ON COLUMN admin.routes.public IS 'Ознака чи для всіх показується';
+COMMENT ON COLUMN admin.routes.enabled IS 'On / Off';
+COMMENT ON COLUMN admin.routes.menu_id IS 'Пункт меню (для collapse)';
+
+-- User <> Role (Group)
+-- DROP TABLE if exists admin.user_roles;
+
+CREATE TABLE if not exists admin.user_roles();
+ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_role_id_pkey;
+ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_pkey;
+ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_role_id_fkey;
+ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_user_uid_fkey;
+ALTER TABLE admin.user_roles DROP CONSTRAINT IF EXISTS admin_user_roles_user_uid_role_id_key;
+
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS ugr_id text NOT NULL DEFAULT next_id();
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS user_uid text NOT NULL;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS role_id text NOT NULL;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS cdate timestamp without time zone DEFAULT date_trunc('seconds'::text, now());
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS uid text;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS editor_id text;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS editor_date timestamp without time zone;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS expiration date;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS access_granted text;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS access_granted_time timestamp without time zone;
+ALTER TABLE admin.user_roles ADD COLUMN IF NOT EXISTS actions text [];
+
+ALTER TABLE admin.user_roles ADD CONSTRAINT admin_user_roles_pkey PRIMARY KEY (ugr_id);
+ALTER TABLE admin.user_roles ADD CONSTRAINT admin_user_roles_user_uid_role_id_key UNIQUE (user_uid, role_id);
+
+
+COMMENT ON TABLE admin.user_roles IS 'Відношення користувачів до груп';
+COMMENT ON COLUMN admin.user_roles.user_uid IS 'ID користувача';
+COMMENT ON COLUMN admin.user_roles.role_id IS 'ID групи';
+COMMENT ON COLUMN admin.user_roles.uid IS 'Користувач, який створив запис в БД';
+COMMENT ON COLUMN admin.user_roles.expiration IS 'закінчення терміну дії доступу до групи';
+COMMENT ON COLUMN admin.user_roles.access_granted IS 'Ідентифікатор користувача який надав доступ';
+COMMENT ON COLUMN admin.user_roles.access_granted_time IS 'Час коли надали доступ';
+COMMENT ON COLUMN admin.user_roles.actions IS 'Рівень доступу користувача в межах групи';
+
+CREATE INDEX IF NOT EXISTS admin_user_roles_access_user_uid_idx ON admin.user_roles USING btree (user_uid COLLATE pg_catalog."default");
+CREATE INDEX IF NOT EXISTS admin_user_roles_cdate_btree_idx ON admin.user_roles USING btree (cdate);
+CREATE INDEX IF NOT EXISTS admin_user_roles_editor_date_btree_idx ON admin.user_roles USING btree (editor_date);
+CREATE INDEX IF NOT EXISTS admin_user_roles_user_uid_gin_idx ON admin.user_roles USING gin (user_uid COLLATE pg_catalog."default" gin_trgm_ops);
+CREATE INDEX IF NOT EXISTS admin_user_roles_role_id_idx ON admin.user_roles USING btree (role_id COLLATE pg_catalog."default");
+
+
+-- Route (Interface) <> User / Role (Group)
+-- drop table if exists admin.role_access;
+drop table if exists admin.access;
+
+CREATE TABLE if not exists admin.role_access();
+alter table admin.role_access DROP CONSTRAINT if exists admin_access_id_pkey;
+alter table admin.role_access DROP CONSTRAINT if exists admin_role_access_id_pkey;
+alter table admin.role_access DROP CONSTRAINT if exists admin_access_role_id_fkey;
+alter table admin.role_access DROP CONSTRAINT if exists admin_access_route_id_uid_unique;
+alter table admin.role_access DROP CONSTRAINT if exists admin_access_route_id_fkey;
+
+alter table admin.role_access add column if not exists access_id text NOT NULL DEFAULT next_id();
+alter table admin.role_access add column if not exists route_id text NOT NULL;
+alter table admin.role_access add column if not exists role_id text;
+alter table admin.role_access add column if not exists user_uid text;
+alter table admin.role_access add column if not exists scope text;
+alter table admin.role_access add column if not exists actions text[];
+ALTER TABLE admin.role_access ADD COLUMN IF NOT EXISTS access_granted text;
+ALTER TABLE admin.role_access ADD COLUMN IF NOT EXISTS access_granted_time timestamp without time zone;
+alter table admin.role_access add column if not exists cdate timestamp without time zone NOT NULL DEFAULT date_trunc('seconds'::text, now());
+alter table admin.role_access add column if not exists uid text;
+alter table admin.role_access add column if not exists editor_id text;
+alter table admin.role_access add column if not exists editor_date timestamp without time zone;
+
+alter table admin.role_access add CONSTRAINT admin_role_access_id_pkey PRIMARY KEY (access_id);
+alter table admin.role_access add CONSTRAINT admin_access_role_id_fkey FOREIGN KEY (role_id) REFERENCES admin.roles (role_id);
+alter table admin.role_access add CONSTRAINT admin_access_route_id_uid_unique UNIQUE (route_id, user_uid, role_id);
+alter table admin.role_access add constraint admin_access_route_id_fkey FOREIGN KEY (route_id) REFERENCES admin.routes(route_id);
+
+
+COMMENT ON TABLE admin.role_access IS 'Налаштування прав. Відношення груп / окремих користувачів до шаблонів';
+COMMENT ON COLUMN admin.role_access.route_id IS 'ID шаблона';
+COMMENT ON COLUMN admin.role_access.role_id IS 'ID групи';
+COMMENT ON COLUMN admin.role_access.user_uid IS 'ID користувача';
+COMMENT ON COLUMN admin.role_access.scope IS 'Обмеження виведення (власні, відповідальний, всі)';
+COMMENT ON COLUMN admin.role_access.actions IS 'Доступні дії';
+COMMENT ON COLUMN admin.role_access.access_granted IS 'Ідентифікатор користувача який надав доступ';
+COMMENT ON COLUMN admin.role_access.access_granted_time IS 'Час коли надали доступ';
+
+CREATE INDEX if not exists admin_access_route_id_idx ON admin.role_access USING btree (route_id COLLATE pg_catalog."default");
+CREATE INDEX if not exists admin_access_role_id_idx ON admin.role_access USING btree (role_id COLLATE pg_catalog."default");
+
+

package/server/plugins/crud/funcs/getAccess.js

@@ -1,52 +1,74 @@
-import pgClients from '../../pg/pgClients.js';
-import getTemplate from '../../table/funcs/getTemplate.js';
-import applyHook from '../../hook/funcs/applyHook.js';
-
-const q = `select a.route_id as id, coalesce(b.actions,array['view']) as "userActions", b.scope as "userScope"
-from admin.routes a 
-left join admin.role_access b on 
-  a.route_id=b.route_id
-left join admin.roles c on 
-  b.role_id=c.role_id 
-  and c.enabled
-left join admin.user_roles d on 
-  c.role_id=d.role_id 
-  and ( case when 
-            d.expiration is not null 
-            then d.expiration > CURRENT_DATE 
-            else 1=1 
-        end )
-where $1 in (a.route_id, a.alias, a.table_name) and $2 in (b.user_uid, d.user_uid)`;
-
-export default async function getAccess({ table, user = {} }) {
-  if (!table) return null;
-
-  const hookData = await applyHook('getAccess', { table, user });
-  if (hookData) return hookData;
-
-  const { uid, user_type: userType = 'regular' } = user;
-
-  if (userType.includes('admin')) {
-    return { actions: ['view', 'edit', 'add', 'del'], query: '1=1' };
-  }
-
-  const body = await getTemplate('table', table);
-  const tableActions = ['view'].concat(body?.actions || body?.action_default || []);
-
-  if (body?.public || body?.access === 'public') {
-    return { actions: tableActions, query: '1=1' };
-  }
-
-  if (body?.access === 'user' && uid) {
-    return { actions: tableActions, query: '1=1' };
-  }
-
-  const { userScope, userActions = [] } = uid
-    ? await pgClients.client.query(q, [table, uid]).then(el => el.rows?.[0] || {})
-    : {};
-
-  const query = uid && userScope === 'my' ? `uid='${uid}'` : '1=1';
-  const actions = userActions.filter((el => tableActions.includes(el)));
-
-  return { scope: userScope, actions, query };
-}
+import pgClients from '../../pg/pgClients.js';
+import getTemplate from '../../table/funcs/getTemplate.js';
+import applyHook from '../../hook/funcs/applyHook.js';
+
+/**
+ * @param {Array} user_roles.actions Actions - user actions <> group actions
+ * @param {Array} role_access.actions Actions - user actions = group actions
+ * @param {String} body.actions Actions from table template
+ * @param {String} table Table name / Interface alias
+ * @param {Object} user User object
+ * @param {String} user.uid User ID
+ * @param {String} user.user_type User type
+ * @returns { scope: String, actions: String[], query: String }
+ */
+
+const q = `select a.route_id as id, coalesce(d.actions, b.actions, array['view']) as actions, b.scope, c.role_id
+from admin.routes a 
+left join admin.role_access b on 
+  a.route_id=b.route_id
+left join admin.roles c on 
+  b.role_id=c.role_id 
+  and c.enabled
+left join admin.user_roles d on 
+  c.role_id=d.role_id 
+  and ( case when 
+            d.expiration is not null 
+            then d.expiration > CURRENT_DATE 
+            else 1=1 
+        end )
+where $1 in (a.route_id, a.alias, a.table_name) and $2 in (b.user_uid, d.user_uid)`;
+
+export default async function getAccess({ table, user = {} }) {
+  if (!table) return null;
+
+  const hookData = await applyHook('getAccess', { table, user });
+  if (hookData) return hookData;
+
+  const { uid, user_type: userType = 'regular' } = user;
+
+  if (userType.includes('admin')) {
+    return { actions: ['view', 'edit', 'add', 'del'], query: '1=1' };
+  }
+
+  const body = await getTemplate('table', table);
+  const tableActions = ['view'].concat(body?.actions || body?.action_default || []);
+
+  if (body?.public || body?.access === 'public') {
+    return { actions: tableActions, query: '1=1' };
+  }
+
+  if (body?.access === 'user' && uid) {
+    return { actions: tableActions, query: '1=1' };
+  }
+
+  if (!uid) {
+    return { actions: [], query: '1=1' };
+  }
+
+  const userAccess = await pgClients.client.query(q, [table, uid])
+    .then(el => ({
+      ...el.rows[0] || {},
+      roles: el.rows?.map?.(row => row.role_id) || [],
+      actions: el.rows?.map?.(row => row.actions).flat() || [],
+    }));
+
+  const query = userAccess?.scope === 'my' ? `uid='${uid}'` : '1=1';
+  const actions = userAccess?.actions?.filter?.((el, idx, arr) => arr.indexOf(el) === idx && tableActions.includes(el));
+  return {
+    scope: userAccess?.scope,
+    roles: userAccess?.roles,
+    actions,
+    query,
+  };
+}

package/server/plugins/policy/funcs/checkPolicy.js

@@ -1,105 +1,106 @@
-import { config, logger } from '@opengis/fastify-table/utils.js';
-import block from '../sqlInjection.js';
-
-/**
- * Middleware func
- *
- * @type function
- * @alias checkPolicy
- * @summary Функція дозволяє налаштувати доступ до сайту або API для адмін. та публічної частини веб-ресурсу
- * @param {String} path - назва апі
- * @returns {object|null} Returns object
- */
-
-export default function checkPolicy(req) {
-  const {
-    originalUrl: path, hostname, query, params, headers, method, session, routeOptions, unittest,
-  } = req;
-  const body = JSON.stringify(req?.body || {}).substring(30);
-  const isAdmin = process.env.NODE_ENV === 'admin' || hostname.split(':').shift() === config.adminDomain || hostname.startsWith('admin');
-  const user = req.user || session?.passport?.user;
-
-  const isUser = config?.debug || !!user;
-
-  const isServer = process.argv[2];
-  const { policy = [] } = routeOptions?.config || {};
-
-  /*= == 0.Check superadmin access  === */
-  if (policy.includes('superadmin') && user?.user_type !== 'superadmin') {
-    logger.file('access', {
-      path, method, params, query, body, message: 'access restricted: not superadmin', uid: user?.uid,
-    });
-    return { message: 'access restricted: 0', status: 403 };
-  }
-
-  /*= == 1.File injection  === */
-  if (JSON.stringify(params || {})?.includes('../') || JSON.stringify(query || {})?.includes('../') || path?.includes('../')) {
-    logger.file('injection/file', {
-      path, method, params, query, body, message: 'access restricted: 1', uid: user?.uid,
-    });
-    return { message: 'access restricted: 1', status: 403 };
-  }
-
-  /* === 1.1 File  === */
-  const allowExtPublic = ['.png', '.jpg', '.svg'];
-  const ext = path.toLowerCase().substr(-4);
-  if (path.includes('files/') && allowExtPublic.includes(ext)) return null;
-
-  /* === 2.SQL Injection policy: no-sql === */
-  if (!policy.includes('no-sql')) {
-    // skip polyline param - data filter (geometry bounds)
-    const stopWords = block.filter((el) => path.replace(query.polyline, '').includes(el));
-    if (stopWords?.length) {
-      logger.file('injection/sql', {
-        path, method, params, query, body, stopWords, message: 'access restricted: 2', uid: user?.uid,
-      });
-      return { message: 'access restricted: 2', status: 403 };
-    }
-  }
-  /* policy: skip if not API */
-  const isApi = ['/files/', '/api/format/', '/api', '/api-user/', '/logger', '/file/'].filter((el) => path.includes(el)).length;
-  if (!isApi) {
-    return null;
-  }
-
-  /* === policy: public === */
-  if (policy.includes('public')) {
-    return null;
-  }
-
-  /* === 3. policy: user === */
-  if (!user && policy.includes('user') && false) {
-    logger.file('policy/user', {
-      path, method, params, query, body, message: 'access restricted: 3',
-    });
-    return { message: 'access restricted: 3', status: 403 };
-  }
-
-  /* === 4. policy: referer === */
-  if (!headers?.referer?.includes?.(hostname) && policy.includes('referer') && !config.local && !config.debug) {
-    logger.file('policy/referer', {
-      path, method, params, query, body, message: 'access restricted: 4', uid: user?.uid,
-    });
-    return { message: 'access restricted: 4', status: 403 };
-  }
-
-  /* === 5. policy: site auth === */
-  if (!policy.includes('site') && !isAdmin && !config.local && !config.debug && !unittest
-  && !['/auth/redirect', '/logout', `${config.prefix || '/api'}/login`].find(el => path.includes(el))) {
-    logger.file('policy/site', {
-      path, method, params, query, body, message: 'access restricted: 5', uid: user?.uid,
-    });
-    return { message: 'access restricted: 5', status: 403 };
-  }
-
-  /* === 6. base policy: block api, except login  === */
-  if (isAdmin && !isUser && isServer && !config.local && !config.debug
-    && !path.startsWith(`${config.prefix || '/api'}/login`)) {
-    logger.file('policy/api', {
-      path, method, params, query, body, message: 'access restricted: 6', uid: user?.uid,
-    });
-    return { message: 'access restricted: 6', status: 403 };
-  }
-
-  return null;
-}
+import { config, logger } from '../../../../utils.js';
+import block from '../sqlInjection.js';
+
+/**
+ * Middleware func
+ *
+ * @type function
+ * @alias checkPolicy
+ * @summary Функція дозволяє налаштувати доступ до сайту або API для адмін. та публічної частини веб-ресурсу
+ * @param {String} path - назва апі
+ * @returns {object|null} Returns object
+ */
+
+export default function checkPolicy(req) {
+  const {
+    originalUrl: path, hostname, query, params, headers, method, session, routeOptions, unittest,
+  } = req;
+  const body = JSON.stringify(req?.body || {}).substring(30);
+
+  const isAdmin = process.env.NODE_ENV === 'admin' || hostname.split(':').shift() === config.adminDomain || config.admin || hostname.startsWith('admin');
+  const user = req.user || session?.passport?.user;
+
+  const isUser = config?.debug || !!user;
+
+  const isServer = process.argv[2];
+  const { policy = [] } = routeOptions?.config || {};
+
+  /*= == 0.Check superadmin access  === */
+  if (policy.includes('superadmin') && user?.user_type !== 'superadmin') {
+    logger.file('access', {
+      path, method, params, query, body, message: 'access restricted: not superadmin', uid: user?.uid,
+    });
+    return { message: 'access restricted: 0', status: 403 };
+  }
+
+  /*= == 1.File injection  === */
+  if (JSON.stringify(params || {})?.includes('../') || JSON.stringify(query || {})?.includes('../') || path?.includes('../')) {
+    logger.file('injection/file', {
+      path, method, params, query, body, message: 'access restricted: 1', uid: user?.uid,
+    });
+    return { message: 'access restricted: 1', status: 403 };
+  }
+
+  /* === 1.1 File  === */
+  const allowExtPublic = ['.png', '.jpg', '.svg'];
+  const ext = path.toLowerCase().substr(-4);
+  if (path.includes('files/') && allowExtPublic.includes(ext)) return null;
+
+  /* === 2.SQL Injection policy: no-sql === */
+  if (!policy.includes('no-sql')) {
+    // skip polyline param - data filter (geometry bounds)
+    const stopWords = block.filter((el) => path.replace(query.polyline, '').includes(el));
+    if (stopWords?.length) {
+      logger.file('injection/sql', {
+        path, method, params, query, body, stopWords, message: 'access restricted: 2', uid: user?.uid,
+      });
+      return { message: 'access restricted: 2', status: 403 };
+    }
+  }
+  /* policy: skip if not API */
+  const isApi = ['/files/', '/api/format/', '/api', '/api-user/', '/logger', '/file/'].filter((el) => path.includes(el)).length;
+  if (!isApi) {
+    return null;
+  }
+
+  /* === policy: public === */
+  if (policy.includes('public')) {
+    return null;
+  }
+
+  /* === 3. policy: user === */
+  if (!user && policy.includes('user') && false) {
+    logger.file('policy/user', {
+      path, method, params, query, body, message: 'access restricted: 3',
+    });
+    return { message: 'access restricted: 3', status: 403 };
+  }
+
+  /* === 4. policy: referer === */
+  if (!headers?.referer?.includes?.(hostname) && policy.includes('referer') && !config.local && !config.debug) {
+    logger.file('policy/referer', {
+      path, method, params, query, body, message: 'access restricted: 4', uid: user?.uid,
+    });
+    return { message: 'access restricted: 4', status: 403 };
+  }
+
+  /* === 5. policy: site auth === */
+  if (!policy.includes('site') && !isAdmin && !config.local && !config.debug && !unittest
+    && !['/auth/redirect', '/logout', `${config.prefix || '/api'}/login`].find(el => path.includes(el))) {
+    logger.file('policy/site', {
+      path, method, params, query, body, message: 'access restricted: 5', uid: user?.uid,
+    });
+    return { message: 'access restricted: 5', status: 403 };
+  }
+
+  /* === 6. base policy: block api, except login  === */
+  if (isAdmin && !isUser && isServer && !config.local && !config.debug
+    && !path.startsWith(`${config.prefix || '/api'}/login`)) {
+    logger.file('policy/api', {
+      path, method, params, query, body, message: 'access restricted: 6', uid: user?.uid,
+    });
+    return { message: 'access restricted: 6', status: 403 };
+  }
+
+  return null;
+}

package/server/plugins/policy/funcs/checkXSS.js

@@ -1,8 +1,6 @@
 import config from '../../../../config.js';
 import xssInjection from '../xssInjection.js';
 
-// RTE - rich text editor
-
 function checkXSS({ body, schema = {} }) {
   const data = typeof body === 'string' ? body : JSON.stringify(body);
   const stopWords = xssInjection.filter((el) => data.toLowerCase().includes(el));
@@ -11,7 +9,7 @@ function checkXSS({ body, schema = {} }) {
   const stopSpecialSymbols = data.match(/\p{S}OR\p{S}|\p{P}OR\p{P}| OR |\+OR\+/gi);
   if (stopSpecialSymbols?.length) stopSpecialSymbols?.forEach((el) => stopWords.push(el));
 
-  // escape arrows on non-RTE
+  // escape arrows on non-rich text editor inputs
   const skipScreening = config.skipScreening || ['Summernote', 'Tiny', 'Ace', 'Texteditor'];
   Object.keys(body)
     .filter((key) => ['<', '>'].find((el) => body[key]?.includes?.(el))
@@ -20,23 +18,17 @@ function checkXSS({ body, schema = {} }) {
       Object.assign(body, { [key]: body[key].replace(/</g, '&lt;').replace(/>/g, '&gt;') });
     });
 
-  // try { } catch (err) { return { error: err.toString() }; }
-
   if (!stopWords.length) return { body };
 
   const disabledCheckFields = Object.keys(schema || {})?.filter((el) => schema?.[el]?.xssCheck === false); // exclude specific columns
 
-  // check RTE
-  /* const richTextFields = Object.keys(schema).filter((el) => skipScreening.includes(schema[el]?.type));
-  richTextFields.filter((key) => !checkList.find((el) => body[key].includes(el)))?.forEach((key) => {
-    disabledCheckFields.push(key);
-  }); */
-
   const field = Object.keys(body)
     ?.find((key) => body[key]?.toLowerCase
         && !disabledCheckFields.includes(key)
+        && (skipScreening.includes(schema?.[key]?.type) ? stopWords.find(el => !['href=', 'src='].includes(el)) : true)
         && body[key].toLowerCase().includes(stopWords[0]));
   if (field) {
+    console.error(stopWords[0], field, body[field]);
     return { error: `rule: ${stopWords[0]} | attr: ${field} | val: ${body[field]}`, body };
   }
   return { body };

package/server/plugins/table/funcs/getSelectMeta.js

@@ -1,70 +1,70 @@
-import { getPG } from '@opengis/fastify-table/utils.js';
-import logger from '../../logger/getLogger.js';
-import autoIndex from '../../pg/funcs/autoIndex.js';
-import pgClients from '../../pg/pgClients.js';
-
-import getSelect from './getSelect.js';
-
-const limit = 50;
-const selectMeta = {};
-
-export default async function getSelectMeta({ name, pg = pgClients.client, nocache }) {
-  if (selectMeta[name] && !nocache) return selectMeta[name];
-
-  const cls = await getSelect(name, pg);
-  const pg1 = cls?.db ? getPG(cls.db) : pg;
-  if (!pg1?.pk) await pg1.init();
-
-  if (!cls) return null;
-  if (cls.arr) return cls;
-  if (!cls.sql) return null;
-
-  const { sql: original } = cls;
-  if (!original.toLowerCase) { console.log(`sql select null: ${name}`); return null; }
-
-  const sql = `with c(id,text) as (select * from (${original})q limit ${limit}) select * from c`;
-
-  /*= == meta table === */
-
-  const tableNew = original.toLowerCase().replace(/\n/g, ' ').split(' from ').filter((el) => /^[a-z0-9_]+\.[a-z0-9_]+/.test(el))
-    .map((el) => el.split(/[ )]/)[0].replace(/[\r\n]+/g, ''));
-
-  const dataOrigin = await pg1.query(sql?.replace(`limit ${limit}`, 'limit 0'));
-
-  const dataOrigin1 = await pg1.query(`${original} limit 0`);
-
-  // const table = getTable(original);
-  const count = cls?.count ?? await pg1.query(`select count(*) from (${original})q`).then((el) => el?.rows?.[0].count);
-
-  // column name
-  const cols = dataOrigin.fields.map((el) => el.name);
-  const originalCols = dataOrigin1.fields.map((el) => el.name);
-  const type = dataOrigin.fields.map((el) => pg1.pgType?.[el.dataTypeID] || 'text');
-
-  autoIndex({ table: tableNew[0], columns: [originalCols[1]].concat(cls?.searchColumn?.split(',')), gin: 1 }).catch(err => logger.error(err));
-
-  const searchColumn = cls?.searchColumn || (
-    dataOrigin.fields.find((el) => el.name === 'search') ? 'search' : dataOrigin1.fields[1].name);
-
-  const searchQuery = `(${searchColumn.split(',').map((el) => `lower("${el}") ~ $1 `).join(' or ')})`;
-  // console.log(dataOrigin1.fields.map((el) => el.name).join(','));
-  const data = {
-    minLength: cls.minLength,
-    limit: cls.limit,
-    type: type.join(','),
-    cols: cols.join(','),
-    originalCols: originalCols.join(','),
-    pk: originalCols[0],
-    db: cls.db,
-    original: `select * from (${original})q`,
-    sql,
-    count,
-    searchQuery,
-    table: tableNew.join(','),
-    time: new Date().toISOString(),
-
-  };
-
-  selectMeta[name] = data;
-  return data;
-}
+import logger from '../../logger/getLogger.js';
+import autoIndex from '../../pg/funcs/autoIndex.js';
+import getPG from '../../pg/funcs/getPG.js';
+import pgClients from '../../pg/pgClients.js';
+
+import getSelect from './getSelect.js';
+
+const limit = 50;
+const selectMeta = {};
+
+export default async function getSelectMeta({ name, pg = pgClients.client, nocache }) {
+  if (selectMeta[name] && !nocache) return selectMeta[name];
+
+  const cls = await getSelect(name, pg);
+  const pg1 = cls?.db ? getPG(cls.db) : pg;
+  if (!pg1?.pk) await pg1.init();
+
+  if (!cls) return null;
+  if (cls.arr) return cls;
+  if (!cls.sql) return null;
+
+  const { sql: original } = cls;
+  if (!original.toLowerCase) { console.log(`sql select null: ${name}`); return null; }
+
+  const sql = `with c(id,text) as (select * from (${original})q limit ${limit}) select * from c`;
+
+  /*= == meta table === */
+
+  const tableNew = original.toLowerCase().replace(/\n/g, ' ').split(' from ').filter((el) => /^[a-z0-9_]+\.[a-z0-9_]+/.test(el))
+    .map((el) => el.split(/[ )]/)[0].replace(/[\r\n]+/g, ''));
+
+  const dataOrigin = await pg1.query(sql?.replace(`limit ${limit}`, 'limit 0'));
+
+  const dataOrigin1 = await pg1.query(`${original} limit 0`);
+
+  // const table = getTable(original);
+  const count = cls?.count ?? await pg1.query(`select count(*) from (${original})q`).then((el) => el?.rows?.[0].count);
+
+  // column name
+  const cols = dataOrigin.fields.map((el) => el.name);
+  const originalCols = dataOrigin1.fields.map((el) => el.name);
+  const type = dataOrigin.fields.map((el) => pg1.pgType?.[el.dataTypeID] || 'text');
+
+  autoIndex({ table: tableNew[0], columns: [originalCols[1]].concat(cls?.searchColumn?.split(',')), gin: 1 }).catch(err => logger.error(err));
+
+  const searchColumn = cls?.searchColumn || (
+    dataOrigin.fields.find((el) => el.name === 'search') ? 'search' : dataOrigin1.fields[1].name);
+
+  const searchQuery = `(${searchColumn.split(',').map((el) => `lower("${el}") ~ $1 `).join(' or ')})`;
+  // console.log(dataOrigin1.fields.map((el) => el.name).join(','));
+  const data = {
+    minLength: cls.minLength,
+    limit: cls.limit,
+    type: type.join(','),
+    cols: cols.join(','),
+    originalCols: originalCols.join(','),
+    pk: originalCols[0],
+    db: cls.db,
+    original: `select * from (${original})q`,
+    sql,
+    count,
+    searchQuery,
+    table: tableNew.join(','),
+    time: new Date().toISOString(),
+
+  };
+
+  selectMeta[name] = data;
+  return data;
+}

package/server/routes/crud/index.js

@@ -1,22 +1,22 @@
-import update from './controllers/update.js';
-import insert from './controllers/insert.js';
-import deleteCrud from './controllers/deleteCrud.js';
-import table from './controllers/table.js';
-
-const tableSchema = {
-  params: {
-    id: { type: 'string', pattern: '^([\\d\\w]+)$' },
-    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
-  },
-};
-
-async function plugin(fastify, config = {}) {
-  const prefix = config.prefix || '/api';
-  const policy = ['public'];
-  fastify.put(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, update);
-  fastify.delete(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, deleteCrud);
-  fastify.post(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, insert);
-  fastify.get(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, table);
-}
-
-export default plugin;
+import update from './controllers/update.js';
+import insert from './controllers/insert.js';
+import deleteCrud from './controllers/deleteCrud.js';
+import table from './controllers/table.js';
+
+const tableSchema = {
+  params: {
+    id: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
+    table: { type: 'string', pattern: '^([\\w\\d_.]+)$' },
+  },
+};
+
+async function plugin(fastify, config = {}) {
+  const prefix = config.prefix || '/api';
+  const policy = ['public'];
+  fastify.put(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, update);
+  fastify.delete(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, deleteCrud);
+  fastify.post(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, insert);
+  fastify.get(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, table);
+}
+
+export default plugin;