@opengis/fastify-table 1.1.30 → 1.1.32

package/crud/controllers/utils/xssInjection.js

@@ -1,72 +1,72 @@
-const xssInjection = [
-  'onkeypress=',
-  'onkeyup=',
-  'ondblclick=',
-  'onerror=',
-  'onmouseover=',
-  '<meta',
-  '<script',
-  'vascript:',
-  'onkeydown=',
-  'onmousedown=',
-  'onmouseenter=',
-  'onmouseleave=',
-  'onmousemove=',
-  'onmouseout=',
-  'onmouseup=',
-  'onmousewheel=',
-  'onpaste=',
-  'onscroll=',
-  'onwheel=',
-  'javascript:',
-  '\\x',
-  'eval(',
-  'onmouseover=',
-  'action=',
-  'xlink:',
-  'allowscriptaccess',
-  'href=',
-  'behavior:',
-  'onreadystatechange=',
-  'onstart=',
-  'offline=',
-  'onabort=',
-  'onafterprint=',
-  'onbeforeonload=',
-  'onbeforeprint=',
-  'onblur=',
-  'oncanplay=',
-  'oncanplaythrough=',
-  'onchange=',
-  'onclick=',
-  'oncontextmenu=',
-  'ondblclick=',
-  'ondrag=',
-  'ondragend=',
-  'ondragenter=',
-  'ondragleave=',
-  'ondragover=',
-  'ondragstart=',
-  'ondrop=',
-  'ondurationchange=',
-  'onemptied=',
-  'onended=',
-  'onerror=',
-  'onfocus=',
-  'onformchange=',
-  'onforminput=',
-  'onhaschange=',
-  'oninput=',
-  'oninvalid=',
-  'onkeydown=',
-  'onkeypress=',
-  'onkeyup=',
-  'onload=',
-  'onloadeddata=',
-  'onloadedmetadata=',
-  'onloadstart=',
-  'alert(',
-  'script:',
-];
-
-export default xssInjection;
+const xssInjection = [
+  'onkeypress=',
+  'onkeyup=',
+  'ondblclick=',
+  'onerror=',
+  'onmouseover=',
+  '<meta',
+  '<script',
+  'vascript:',
+  'onkeydown=',
+  'onmousedown=',
+  'onmouseenter=',
+  'onmouseleave=',
+  'onmousemove=',
+  'onmouseout=',
+  'onmouseup=',
+  'onmousewheel=',
+  'onpaste=',
+  'onscroll=',
+  'onwheel=',
+  'javascript:',
+  '\\x',
+  'eval(',
+  'onmouseover=',
+  'action=',
+  'xlink:',
+  'allowscriptaccess',
+  'href=',
+  'behavior:',
+  'onreadystatechange=',
+  'onstart=',
+  'offline=',
+  'onabort=',
+  'onafterprint=',
+  'onbeforeonload=',
+  'onbeforeprint=',
+  'onblur=',
+  'oncanplay=',
+  'oncanplaythrough=',
+  'onchange=',
+  'onclick=',
+  'oncontextmenu=',
+  'ondblclick=',
+  'ondrag=',
+  'ondragend=',
+  'ondragenter=',
+  'ondragleave=',
+  'ondragover=',
+  'ondragstart=',
+  'ondrop=',
+  'ondurationchange=',
+  'onemptied=',
+  'onended=',
+  'onerror=',
+  'onfocus=',
+  'onformchange=',
+  'onforminput=',
+  'onhaschange=',
+  'oninput=',
+  'oninvalid=',
+  'onkeydown=',
+  'onkeypress=',
+  'onkeyup=',
+  'onload=',
+  'onloadeddata=',
+  'onloadedmetadata=',
+  'onloadstart=',
+  'alert(',
+  'script:',
+];
+
+export default xssInjection;

package/crud/funcs/getToken.js

@@ -1,27 +1,27 @@
-import getRedis from '../../redis/funcs/getRedis.js';
-import config from '../../config.js';
-
-function sprintf(str, ...args) {
-  return str.replace(/%s/g, () => args.shift());
-}
-
-const keys = {
-  r: '%s:token:view:%s',
-  a: '%s:token:add:%s',
-  w: '%s:token:edit:%s',
-  e: '%s:token:exec:%s',
-};
-
-async function getToken({
-  uid, token, mode = 'r', json,
-}) {
-  if (mode === 'r') return token;
-
-  const rclient = getRedis({ db: 0 });
-
-  const key = sprintf(keys[mode], config?.pg?.database, uid?.toString());
-  const id = await rclient.hget(key, token);
-  return json && id?.[0] === '{' ? JSON.parse(id) : id;
-}
-
-export default getToken;
+import getRedis from '../../redis/funcs/getRedis.js';
+import config from '../../config.js';
+
+function sprintf(str, ...args) {
+  return str.replace(/%s/g, () => args.shift());
+}
+
+const keys = {
+  r: '%s:token:view:%s',
+  a: '%s:token:add:%s',
+  w: '%s:token:edit:%s',
+  e: '%s:token:exec:%s',
+};
+
+async function getToken({
+  uid, token, mode = 'r', json,
+}) {
+  if (mode === 'r') return token;
+
+  const rclient = getRedis({ db: 0 });
+
+  const key = sprintf(keys[mode], config?.pg?.database, uid?.toString());
+  const id = await rclient.hget(key, token);
+  return json && id?.[0] === '{' ? JSON.parse(id) : id;
+}
+
+export default getToken;

package/crud/funcs/isFileExists.js

@@ -1,13 +1,13 @@
-import { access } from 'fs/promises';
-
-const isFileExists = async (filepath) => {
-  try {
-    await access(filepath);
-    return true;
-  }
-  catch (err) {
-    return false;
-  }
-};
-
-export default isFileExists;
+import { access } from 'fs/promises';
+
+const isFileExists = async (filepath) => {
+  try {
+    await access(filepath);
+    return true;
+  }
+  catch (err) {
+    return false;
+  }
+};
+
+export default isFileExists;

package/crud/funcs/setToken.js

@@ -1,53 +1,53 @@
-import { createHash, randomUUID } from 'crypto';
-
-import config from '../../config.js';
-import getRedis from '../../redis/funcs/getRedis.js';
-
-const generateCodes = (ids, userToken) => {
-  const token = userToken || randomUUID();
-  const notNullIds = ids.filter((el) => el);
-  const obj = {};
-  const codes = notNullIds.reduce((acc, id) => {
-    const newToken = createHash('sha1').update(token + id).digest('base64url').replace(/-/g, '');
-    acc[newToken] = id; obj[id] = newToken;
-    return acc;
-  }, {});
-  return { codes, obj };
-};
-
-function setToken({
-  ids: idsOrigin, mode = 'r', uid, referer, array,
-}) {
-  const rclient2 = getRedis({ db: 0 });
-  //  const rclient5 = getRedis({ db: 0, funcs });
-
-  if (!uid) return { user: 'empty' };
-  if (!Object.keys(idsOrigin).length) return { ids: 'empty' };
-
-  const ids = idsOrigin.map((el) => (typeof el === 'object' ? JSON.stringify(el) : el));
-  // update/delete
-
-  if (mode === 'r') return null;
-
-  // TODO generate salt
-  const { codes, obj } = generateCodes(ids, uid);
-
-  if (!Object.keys(codes).length) return { ids: 'empty' };
-
-  rclient2.hmset(`${config.pg.database}:token:${{
-    e: 'exec', r: 'view', w: 'edit', a: 'add',
-  }[mode]}:${uid}`, codes);
-
-  // log token for debug. add extra data - uid, mode, date
-  /* const dt = new Date().toISOString();
-   const codesLog = Object.keys(codes).reduce((acc, key) => {
-    acc[key] = `{"referer": "${referer}" ,"uid":"${uid}","mode":"${mode}","date":"${dt}",${codes[key].substr(1)}`;
-    return acc;
-  }, {});
-   rclient5.hmset(`${config.pg.database}:token:edit`, codesLog); // 'EX', 64800 */
-
-  // TODO дополнительно писать в hset token -> uid
-  return array ? Object.values(obj) : obj;
-}
-
-export default setToken;
+import { createHash, randomUUID } from 'crypto';
+
+import config from '../../config.js';
+import getRedis from '../../redis/funcs/getRedis.js';
+
+const generateCodes = (ids, userToken) => {
+  const token = userToken || randomUUID();
+  const notNullIds = ids.filter((el) => el);
+  const obj = {};
+  const codes = notNullIds.reduce((acc, id) => {
+    const newToken = createHash('sha1').update(token + id).digest('base64url').replace(/-/g, '');
+    acc[newToken] = id; obj[id] = newToken;
+    return acc;
+  }, {});
+  return { codes, obj };
+};
+
+function setToken({
+  ids: idsOrigin, mode = 'r', uid, referer, array,
+}) {
+  const rclient2 = getRedis({ db: 0 });
+  //  const rclient5 = getRedis({ db: 0, funcs });
+
+  if (!uid) return { user: 'empty' };
+  if (!Object.keys(idsOrigin).length) return { ids: 'empty' };
+
+  const ids = idsOrigin.map((el) => (typeof el === 'object' ? JSON.stringify(el) : el));
+  // update/delete
+
+  if (mode === 'r') return null;
+
+  // TODO generate salt
+  const { codes, obj } = generateCodes(ids, uid);
+
+  if (!Object.keys(codes).length) return { ids: 'empty' };
+
+  rclient2.hmset(`${config.pg.database}:token:${{
+    e: 'exec', r: 'view', w: 'edit', a: 'add',
+  }[mode]}:${uid}`, codes);
+
+  // log token for debug. add extra data - uid, mode, date
+  /* const dt = new Date().toISOString();
+   const codesLog = Object.keys(codes).reduce((acc, key) => {
+    acc[key] = `{"referer": "${referer}" ,"uid":"${uid}","mode":"${mode}","date":"${dt}",${codes[key].substr(1)}`;
+    return acc;
+  }, {});
+   rclient5.hmset(`${config.pg.database}:token:edit`, codesLog); // 'EX', 64800 */
+
+  // TODO дополнительно писать в hset token -> uid
+  return array ? Object.values(obj) : obj;
+}
+
+export default setToken;

package/index.js

@@ -1,8 +1,9 @@
 import path from 'node:path';
-import { existsSync, readdirSync, readFileSync } from 'node:fs';
+// import { existsSync, readdirSync, readFileSync } from 'node:fs';
 import { fileURLToPath } from 'node:url';
 
 import fp from 'fastify-plugin';
+
 import config from './config.js';
 // import rclient from './redis/client.js';
 
@@ -17,7 +18,7 @@ import utilPlugin from './util/index.js';
 import cronPlugin from './cron/index.js';
 import userPlugin from './user/index.js';
 
-import pgClients from './pg/pgClients.js';
+// import pgClients from './pg/pgClients.js';
 
 import { addTemplateDir, execMigrations } from './utils.js';
 
@@ -49,6 +50,21 @@ async function plugin(fastify, opt) {
     return filepath;
   });
 
+  fastify.setErrorHandler((error, request, reply) => {
+    // console.log(error)
+    debugger;
+    if (error.validation) {
+      // request.log.warn(request, { code: error?.code, status: 422, error: error.toString() });
+      const { params, instancePath } = error.validation?.[0] || {};
+      return reply.status(422).send(`invalid params: ${instancePath?.substring(1)} (${params?.pattern})`);
+    }
+    if (error.stack?.startsWith('Error: unhandled exception')) {
+      return reply.status(500).send('ServerError');
+    }
+
+    return reply.status(error.statusCode || 500).send(error);
+  });
+
   // core migrations
   await execMigrations();
 

package/logger/createFileStream.js

@@ -0,0 +1,58 @@
+'use strict';
+const streams = {}
+
+import { createStream } from 'rotating-file-stream';
+import labels from './labels.js';
+
+import config from '../config.js';
+
+
+const generator = (opt) => () => {
+
+  const date = new Date();
+  const tzOffset = date.getTimezoneOffset();
+  const currentTimeWithTimezome = date - tzOffset * 60 * 1000;
+
+  if (opt.interval === '1h') {
+    return `${new Date(currentTimeWithTimezome).toISOString().substring(0, 13).replace(/:/g, '_')}.log`;
+  }
+  if (opt.interval === '1m') {
+    return `${new Date(currentTimeWithTimezome).toISOString().substring(0, 16).replace(/:/g, '_')}.log`;
+  }
+  if (!opt.interval || opt.interval === '1d') {
+    return `${new Date(currentTimeWithTimezome).toISOString().split('T')[0].replace(/:/g, '_')}.log`;
+  }
+};
+
+const { dir = 'log', interval = '1d', compress = 'gzip', maxFiles = 90, local: teeToStdout } = config?.log || {};
+function createFileStream({ level }) {
+  console.log(dir, level, generator({ interval })(), interval, compress);
+  const params = {
+    maxFiles, // logs to save limit
+    history: 'history', // history file name
+    interval, // rotate daily
+    compress, // compress rotated files
+    teeToStdout, // debug / logs to stdout
+    path: `${dir}/${level}`, // absolute path (root directory)
+    intervalBoundary: true, // true - log name with lower boundary of rotation interval
+    initialRotation: true, // true - log rotation check on init
+    // intervalUTC: true, // local tz -> utc
+  };
+  return createStream(generator({ interval }), params);
+}
+
+
+import build from 'pino-abstract-transport'
+
+export default function () {
+  return build(function (source) {
+    source.on('data', function (obj) {
+      // console.log(obj)
+      const lvl = obj.msg?.file || obj.file || labels[obj.level];
+      streams[lvl] = streams[lvl] || createFileStream({ level: lvl })
+      streams[lvl].write(JSON.stringify(obj) + '\n');
+    })
+  }, {
+    parseLine: (line) => JSON.parse(line)
+  })
+}

package/logger/getHooks.js

@@ -0,0 +1,15 @@
+function getHooks() {
+    return {
+        logMethod(inputArgs, method) {
+
+            // string name param to object
+
+            if (inputArgs?.length === 2 && inputArgs[1].originalUrl) {
+                return method.apply(this, [inputArgs[1], inputArgs[0]]);
+            }
+            return method.apply(this, inputArgs);
+        }
+    };
+}
+
+export default getHooks;

package/logger/getLogger.js

@@ -0,0 +1,29 @@
+import pino from 'pino';
+// import path from 'node:path';
+
+import config from '../config.js';
+
+if (!config.log) config.log = {};
+
+// utils
+import getHooks from './getHooks.js';
+import serializers from './serializers.js';
+
+const level = config.log?.level || process.env.PINO_LOG_LEVEL || 'info';
+
+const options = {
+  level, // minimal log level to write
+  timestamp: pino.stdTimeFunctions.isoTime, // timestamp as isostring
+  hooks: getHooks(),
+  serializers, // custom log params
+  transport: {
+    targets: [{
+      target: './createFileStream.js', // path.resolve('utils/createFileStream.js')
+    }],
+  },
+};
+const logger = pino(options);
+logger.file = function userFile(file, msg, req) {
+  logger.info({ file, ...(typeof msg === 'string' ? { msg } : msg) }, req);
+};
+export default logger;

package/logger/labels.js

@@ -0,0 +1,11 @@
+const labels = {
+    10: 'trace',
+    20: 'debug',
+    30: 'info',
+    40: 'warn',
+    50: "error",
+    60: "fatal",
+    'infinity': "silent",
+};
+
+export default labels;

package/logger/logger.test.api.js

@@ -0,0 +1,41 @@
+import { rename } from 'fs/promises';
+
+export default async function testLog(request) {
+  // error handler
+  if (request.query?.rejection) {
+    rename('/data/local/test', '/data/local/test.txt');
+  }
+  if (request.query?.awaitRejection) {
+    await rename('/data/local/test', '/data/local/test.txt');
+  }
+
+  // default pino log
+  // request.log.info({ name: 'custom', test: 'param name and object log - info', status: 200 });
+  /* request.log.info('string info log');
+     //request.log.warn({ name: 'custom', test: 'param name and object log - warn', status: 400 });
+     request.log.warn('string warn log');
+     //request.log.debug({ name: 'custom', test: 'param name and object log - debug', status: 200 });
+     request.log.debug('string debug log');
+     //request.log.error({ name: 'custom', test: 'param name and object log - error', status: 200 });
+     //request.log.error('string error log');
+     request.log.fatal({ name: 'custom', test: 'param name and object log - fatal', status: 200 });
+     //request.log.fatal('string fatal log'); */
+  // custom params
+
+  request.log.info(request, { file: 'test', msg: 'string debug log' });
+  request.log.info({ file: 'test', msg: 'string debug log1' }, request);
+
+  request.log.file('test1', 'my message', request);
+  /* request.log.error('policy and string log1');
+    request.log.error({ test: 'policy and string log1' });
+    request.log.error(request, { test: 'string name and object log', status: 502 });
+    request.log.error(request, 'policy and string log1'); */
+
+  // request.log.error(request, { test: 'policy and object error log', status: 500 });
+  // request.log.error(request, 'policy and string log2');
+
+  ///    throw new Error('222');
+  d / 0;
+  // throw new Error('unhandled exception');
+  return { root: true };
+}

package/logger/serializers.js

@@ -0,0 +1,24 @@
+const serializers = {
+    req(request) {
+
+        const { method, url, referer, params, query, body, session } = request;
+        const { uid = undefined, user_name = undefined } = session?.passport?.user || {};
+        return {
+            method,
+            url,
+            referer,
+            ip: request.headers?.['x-real-ip']
+                || request.headers?.['x-forwarded-for']
+                || request.ip
+                || request.connection?.remoteAddress,
+            uid,
+            dbName: request.pg?.options?.database,
+            user_name,
+            params,
+            query,
+            body,
+        };
+    }
+};
+
+export default serializers;

package/notification/controllers/testEmail.js

@@ -1,49 +1,49 @@
-import path from 'path';
-import { existsSync } from 'fs';
-import { fileURLToPath } from 'url';
-
-const fileName = fileURLToPath(import.meta.url);
-const dirName = path.dirname(fileName);
-
-import notification from '../funcs/sendNotification.js';
-
-export default async function testNotification({
-  pg, funcs = {}, log, query = {}, session = {},
-}) {
-  const { local } = funcs.config || {};
-  if (!session?.passport?.user?.user_type?.includes('admin') && !local) {
-    return { message: 'Forbidden', status: 403 };
-  }
-
-  const date = new Date().toISOString().split('T')[0];
-  if (!query.to) {
-    return { message: 'param to is required', status: 400 };
-  }
-
-  try {
-    const {
-      to, template, table, id, nocache,
-    } = query;
-    const file = [path.join(dirName, '../../', 'changelog.md'), path.join(dirName, 'utils', 'pin-m-ty-media-record-outline+303070.png')].filter((el) => existsSync(el));
-    const data = await notification({
-      pg,
-      funcs,
-      log,
-      to,
-      template,
-      title: `Test Softpro ${date}`,
-      table,
-      nocache,
-      file,
-      id,
-      message: `Test mail Softpro ${date} Lorem Ipsum Lorem Ipsum`,
-    });
-
-    return {
-      message: data || 'ok',
-    };
-  }
-  catch (err) {
-    return { error: err.toString(), status: 500 };
-  }
-}
+import path from 'path';
+import { existsSync } from 'fs';
+import { fileURLToPath } from 'url';
+
+const fileName = fileURLToPath(import.meta.url);
+const dirName = path.dirname(fileName);
+
+import notification from '../funcs/sendNotification.js';
+
+export default async function testNotification({
+  pg, funcs = {}, log, query = {}, session = {},
+}) {
+  const { local } = funcs.config || {};
+  if (!session?.passport?.user?.user_type?.includes('admin') && !local) {
+    return { message: 'Forbidden', status: 403 };
+  }
+
+  const date = new Date().toISOString().split('T')[0];
+  if (!query.to) {
+    return { message: 'param to is required', status: 400 };
+  }
+
+  try {
+    const {
+      to, template, table, id, nocache,
+    } = query;
+    const file = [path.join(dirName, '../../', 'changelog.md'), path.join(dirName, 'utils', 'pin-m-ty-media-record-outline+303070.png')].filter((el) => existsSync(el));
+    const data = await notification({
+      pg,
+      funcs,
+      log,
+      to,
+      template,
+      title: `Test Softpro ${date}`,
+      table,
+      nocache,
+      file,
+      id,
+      message: `Test mail Softpro ${date} Lorem Ipsum Lorem Ipsum`,
+    });
+
+    return {
+      message: data || 'ok',
+    };
+  }
+  catch (err) {
+    return { error: err.toString(), status: 500 };
+  }
+}