@opengis/fastify-table 1.1.40 → 1.1.42

package/Changelog.md

@@ -1,6 +1,6 @@
 # fastify-table
 
-## 1.1.38 - 16.10.2024
+## 1.1.40 - 18.10.2024
 
 - fix migrations
 

package/README.md

@@ -1,26 +1,26 @@
-# fastify-table
-
-[![NPM version](https://img.shields.io/npm/v/@opengis/fastify-table)](https://www.npmjs.com/package/@opengis/fastify-table)
-[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/)
-
-It standardizes the entire form building process, while taking care of everything from rendering to validation and processing:
-
-- pg
-- redis
-- crud
-
-## Install
-
-```bash
-npm i @opengis/fastify-table
-```
-
-## Usage
-
-```js
-fastify.register(import('@opengis/fastify-table'), config);
-```
-
-## Documenation
-
-For a detailed understanding fastify-table, its features, and how to use them, refer to our [Documentation](https://apidocs.softpro.ua/gis.storage/).
+# fastify-table
+
+[![NPM version](https://img.shields.io/npm/v/@opengis/fastify-table)](https://www.npmjs.com/package/@opengis/fastify-table)
+[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/)
+
+It standardizes the entire form building process, while taking care of everything from rendering to validation and processing:
+
+- pg
+- redis
+- crud
+
+## Install
+
+```bash
+npm i @opengis/fastify-table
+```
+
+## Usage
+
+```js
+fastify.register(import('@opengis/fastify-table'), config);
+```
+
+## Documenation
+
+For a detailed understanding fastify-table, its features, and how to use them, refer to our [Documentation](https://apidocs.softpro.ua/gis.storage/).

package/config.js

@@ -1,10 +1,10 @@
-import fs from 'fs';
-
-const fileName = ['config.json', '/data/local/config.json'].find(el => (fs.existsSync(el) ? el : null));
-const config = fileName ? JSON.parse(fs.readFileSync(fileName)) : {};
-
-Object.assign(config, {
-  allTemplates: config?.allTemplates || {},
-});
-
-export default config;
+import fs from 'fs';
+
+const fileName = ['config.json', '/data/local/config.json'].find(el => (fs.existsSync(el) ? el : null));
+const config = fileName ? JSON.parse(fs.readFileSync(fileName)) : {};
+
+Object.assign(config, {
+  allTemplates: config?.allTemplates || {},
+});
+
+export default config;

package/cron/controllers/cronApi.js

@@ -1,22 +1,22 @@
-import cronList from './utils/cronList.js';
-
-export default async function cronApi(req) {
-  const {
-    params = {}, user = {}, hostname,
-  } = req;
-
-  if ((!user.uid || !user.user_type?.includes('admin')) && !hostname?.includes('localhost')) {
-    return { message: 'access restricted', status: 403 };
-  }
-
-  if (params.name === 'list') {
-    return { data: Object.keys(cronList || {}) };
-  }
-
-  if (!cronList[params.name]) {
-    return { message: `cron not found: ${params.name}`, status: 404 };
-  }
-
-  const result = await cronList[params.name](req);
-  return result;
-}
+import cronList from './utils/cronList.js';
+
+export default async function cronApi(req) {
+  const {
+    params = {}, user = {}, hostname,
+  } = req;
+
+  if ((!user.uid || !user.user_type?.includes('admin')) && !hostname?.includes('localhost')) {
+    return { message: 'access restricted', status: 403 };
+  }
+
+  if (params.name === 'list') {
+    return { data: Object.keys(cronList || {}) };
+  }
+
+  if (!cronList[params.name]) {
+    return { message: `cron not found: ${params.name}`, status: 404 };
+  }
+
+  const result = await cronList[params.name](req);
+  return result;
+}

package/cron/controllers/utils/cronList.js

@@ -1 +1 @@
-export default {};
+export default {};

package/cron/funcs/addCron.js

@@ -1,131 +1,131 @@
-import { createHash } from 'crypto';
-
-import cronList from '../controllers/utils/cronList.js';
-import getRedis from '../../redis/funcs/getRedis.js';
-import getPG from '../../pg/funcs/getPG.js';
-
-const md5 = (string) => createHash('md5').update(string).digest('hex');
-
-async function verifyUnique(name, config, rclient) {
-  const cronId = config.port || 3000 + md5(name);
-  // one per node check
-  const key = `cron:unique:${cronId}`;
-  const unique = await rclient.setnx(key, 1);
-  const ttl = await rclient.ttl(key);
-  if (!unique && ttl !== -1) {
-    return false;
-  }
-  await rclient.expire(key, 20);
-  return true;
-}
-
-const intervalStringMs = {
-  everyMin: 1000 * 60,
-  tenMin: 1000 * 60 * 10,
-  everyHour: 1000 * 60 * 60,
-  isHalfday: 1000 * 60 * 60 * 12,
-  dailyHour: 1000 * 60 * 60 * 24,
-};
-
-const interval2ms = {
-  string: (interval) => {
-    const date = new Date();
-    const intervarSplit = interval.match(/^(\*{2}|(\*)?(\d{1,2})):(\*(\d)|(\d{2}))/);
-    if (!intervarSplit) {
-      throw new Error(`interval ${interval} not suported`);
-    }
-    const [, , isHalfday, dailyHour, , tenMin, HourlyMin] = intervarSplit;
-    const intervalMs = (isHalfday && intervalStringMs.isHalfday)
-      || (dailyHour && intervalStringMs.dailyHour)
-      || (tenMin && intervalStringMs.tenMin)
-      || intervalStringMs.everyHour;
-    const offsetDay = ((+dailyHour || 0) * 60 + (+tenMin || +HourlyMin)) * 60 * 1000;
-    const offsetCur = (date - date.getTimezoneOffset() * 1000 * 60) % intervalMs;
-    const waitMs = (offsetDay - offsetCur + intervalMs) % intervalMs;
-    return [waitMs, intervalMs];
-  },
-  number: (interval) => {
-    const date = new Date();
-    const intervalMs = interval * 1000;
-    const dateWithTZ = date - date.getTimezoneOffset() * 1000 * 60;
-    const offsetCur = dateWithTZ % intervalMs;
-    // start every cron within 1 hour
-    const sixtyMinutesStartMs = 3600000;
-    const waitMs = (intervalMs - offsetCur) % sixtyMinutesStartMs;
-    return [waitMs, intervalMs];
-  },
-};
-
-async function runCron({
-  pg, funcs, func, name, rclient, log,
-}) {
-  const unique = await verifyUnique(name, funcs.config, rclient);
-
-  if (!unique) return;
-  const db = pg.options.database;
-  log.debug(`cron.${name}`, 1, db);
-  try {
-    const data = await func({ pg, funcs, log });
-    log.debug('cron', { db, name, result: data });
-    log.info('cron', { db, name, result: data });
-  }
-  catch (err) {
-    log.debug('cron', { db, name, error: err.toString() });
-    log.error('cron', { db, name, error: err.toString() });
-  }
-}
-
-/**
- * interval:
- * -   02:54 - every day
- * -    2:03 - every day
- * -   *1:43 - 2 times a day
- * -  *12:03 - 2 times a day
- * -   **:54 - every hour
- * -   **:*3 - every 10 minutes
- * -      60 - every minute
- * - 10 * 60 - every 10 minutes
- */
-
-export default async function addCron(func, interval, fastify) {
-  if (!fastify) {
-    throw new Error('not enough params: fastify');
-  }
-
-  const { config = {}, log } = fastify;
-  const { time = {}, disabled = [] } = config.cron || {};
-  const pg = getPG();
-  const rclient = getRedis();
-
-  const name = func.name || func.toString().split('/').at(-1).split('\'')[0];
-
-  // if (!config.isServer) return;
-
-  if (disabled.includes(name)) {
-    log.debug('cron', { name, message: 'cron disabled' });
-    return;
-  }
-
-  cronList[name] = func;
-
-  const userInterval = time[name] || interval;
-  const [waitMs, intervalMs] = interval2ms[typeof interval](userInterval);
-
-  if (intervalMs < 1000) {
-    log.warn('cron', { name, error: `interval ${interval} to small` });
-    return;
-  }
-
-  // setTimeout to w8 for the time to start
-  setTimeout(() => {
-    runCron({
-      pg, funcs: fastify, func, name, rclient, log,
-    });
-    // interval
-    setInterval(() => {
-      runCron({
-        pg, funcs: fastify, func, name, rclient, log,
-      });
-    }, intervalMs);
-  }, waitMs);
-}
+import { createHash } from 'crypto';
+
+import cronList from '../controllers/utils/cronList.js';
+import getRedis from '../../redis/funcs/getRedis.js';
+import getPG from '../../pg/funcs/getPG.js';
+
+const md5 = (string) => createHash('md5').update(string).digest('hex');
+
+async function verifyUnique(name, config, rclient) {
+  const cronId = config.port || 3000 + md5(name);
+  // one per node check
+  const key = `cron:unique:${cronId}`;
+  const unique = await rclient.setnx(key, 1);
+  const ttl = await rclient.ttl(key);
+  if (!unique && ttl !== -1) {
+    return false;
+  }
+  await rclient.expire(key, 20);
+  return true;
+}
+
+const intervalStringMs = {
+  everyMin: 1000 * 60,
+  tenMin: 1000 * 60 * 10,
+  everyHour: 1000 * 60 * 60,
+  isHalfday: 1000 * 60 * 60 * 12,
+  dailyHour: 1000 * 60 * 60 * 24,
+};
+
+const interval2ms = {
+  string: (interval) => {
+    const date = new Date();
+    const intervarSplit = interval.match(/^(\*{2}|(\*)?(\d{1,2})):(\*(\d)|(\d{2}))/);
+    if (!intervarSplit) {
+      throw new Error(`interval ${interval} not suported`);
+    }
+    const [, , isHalfday, dailyHour, , tenMin, HourlyMin] = intervarSplit;
+    const intervalMs = (isHalfday && intervalStringMs.isHalfday)
+      || (dailyHour && intervalStringMs.dailyHour)
+      || (tenMin && intervalStringMs.tenMin)
+      || intervalStringMs.everyHour;
+    const offsetDay = ((+dailyHour || 0) * 60 + (+tenMin || +HourlyMin)) * 60 * 1000;
+    const offsetCur = (date - date.getTimezoneOffset() * 1000 * 60) % intervalMs;
+    const waitMs = (offsetDay - offsetCur + intervalMs) % intervalMs;
+    return [waitMs, intervalMs];
+  },
+  number: (interval) => {
+    const date = new Date();
+    const intervalMs = interval * 1000;
+    const dateWithTZ = date - date.getTimezoneOffset() * 1000 * 60;
+    const offsetCur = dateWithTZ % intervalMs;
+    // start every cron within 1 hour
+    const sixtyMinutesStartMs = 3600000;
+    const waitMs = (intervalMs - offsetCur) % sixtyMinutesStartMs;
+    return [waitMs, intervalMs];
+  },
+};
+
+async function runCron({
+  pg, funcs, func, name, rclient, log,
+}) {
+  const unique = await verifyUnique(name, funcs.config, rclient);
+
+  if (!unique) return;
+  const db = pg.options.database;
+  log.debug(`cron.${name}`, 1, db);
+  try {
+    const data = await func({ pg, funcs, log });
+    log.debug('cron', { db, name, result: data });
+    log.info('cron', { db, name, result: data });
+  }
+  catch (err) {
+    log.debug('cron', { db, name, error: err.toString() });
+    log.error('cron', { db, name, error: err.toString() });
+  }
+}
+
+/**
+ * interval:
+ * -   02:54 - every day
+ * -    2:03 - every day
+ * -   *1:43 - 2 times a day
+ * -  *12:03 - 2 times a day
+ * -   **:54 - every hour
+ * -   **:*3 - every 10 minutes
+ * -      60 - every minute
+ * - 10 * 60 - every 10 minutes
+ */
+
+export default async function addCron(func, interval, fastify) {
+  if (!fastify) {
+    throw new Error('not enough params: fastify');
+  }
+
+  const { config = {}, log } = fastify;
+  const { time = {}, disabled = [] } = config.cron || {};
+  const pg = getPG();
+  const rclient = getRedis();
+
+  const name = func.name || func.toString().split('/').at(-1).split('\'')[0];
+
+  // if (!config.isServer) return;
+
+  if (disabled.includes(name)) {
+    log.debug('cron', { name, message: 'cron disabled' });
+    return;
+  }
+
+  cronList[name] = func;
+
+  const userInterval = time[name] || interval;
+  const [waitMs, intervalMs] = interval2ms[typeof interval](userInterval);
+
+  if (intervalMs < 1000) {
+    log.warn('cron', { name, error: `interval ${interval} to small` });
+    return;
+  }
+
+  // setTimeout to w8 for the time to start
+  setTimeout(() => {
+    runCron({
+      pg, funcs: fastify, func, name, rclient, log,
+    });
+    // interval
+    setInterval(() => {
+      runCron({
+        pg, funcs: fastify, func, name, rclient, log,
+      });
+    }, intervalMs);
+  }, waitMs);
+}

package/cron/index.js

@@ -1,10 +1,10 @@
-import cronApi from './controllers/cronApi.js';
-import addCron from './funcs/addCron.js';
-
-async function plugin(fastify, config = {}) {
-  const prefix = config.prefix || '/api';
-  fastify.decorate('addCron', addCron);
-  fastify.get(`${prefix}/cron/:name`, {}, cronApi);
-}
-
-export default plugin;
+import cronApi from './controllers/cronApi.js';
+import addCron from './funcs/addCron.js';
+
+async function plugin(fastify, config = {}) {
+  const prefix = config.prefix || '/api';
+  fastify.decorate('addCron', addCron);
+  fastify.get(`${prefix}/cron/:name`, {}, cronApi);
+}
+
+export default plugin;

package/crud/controllers/utils/checkXSS.js

@@ -1,45 +1,45 @@
-/* import sqlInjection from '../../../policy/funcs/sqlInjection.js'; */
-import xssInjection from './xssInjection.js';
-
-/* const checkList = xssInjection.concat(sqlInjection); */
-
-// RTE - rich text editor
-
-function checkXSS({ body, schema = {} }) {
-  const data = typeof body === 'string' ? body : JSON.stringify(body);
-  const stopWords = xssInjection.filter((el) => data.toLowerCase().includes(el));
-
-  // check sql injection
-  const stopSpecialSymbols = data.match(/\p{S}OR\p{S}|\p{P}OR\p{P}| OR |\+OR\+/gi);
-  if (stopSpecialSymbols?.length) stopSpecialSymbols?.forEach((el) => stopWords.push(el));
-
-  // escape arrows on non-RTE
-  Object.keys(body)
-    .filter((key) => ['<', '>'].find((el) => body[key]?.includes?.(el))
-  && !['Summernote', 'Tiny', 'Ace'].includes(schema[key]?.type))
-    ?.forEach((key) => {
-      Object.assign(body, { [key]: body[key].replace(/</g, '&lt;').replace(/>/g, '&gt;') });
-    });
-  // try { } catch (err) { return { error: err.toString() }; }
-
-  if (!stopWords.length) return { body };
-
-  const disabledCheckFields = Object.keys(schema)?.filter((el) => schema[el]?.xssCheck === false); // exclude specific columns
-
-  // check RTE
-  /* const richTextFields = Object.keys(schema).filter((el) => ['Summernote', 'Tiny', 'Ace'].includes(schema[el]?.type));
-  richTextFields.filter((key) => !checkList.find((el) => body[key].includes(el)))?.forEach((key) => {
-    disabledCheckFields.push(key);
-  }); */
-
-  const field = Object.keys(body)
-    ?.find((key) => body[key]
-        && !disabledCheckFields.includes(key)
-        && body[key].toLowerCase().includes(stopWords[0]));
-  if (field) {
-    return { error: `rule: ${stopWords[0]} | attr: ${field} | val: ${body[field]}`, body };
-  }
-  return { body };
-}
-
-export default checkXSS;
+/* import sqlInjection from '../../../policy/funcs/sqlInjection.js'; */
+import xssInjection from './xssInjection.js';
+
+/* const checkList = xssInjection.concat(sqlInjection); */
+
+// RTE - rich text editor
+
+function checkXSS({ body, schema = {} }) {
+  const data = typeof body === 'string' ? body : JSON.stringify(body);
+  const stopWords = xssInjection.filter((el) => data.toLowerCase().includes(el));
+
+  // check sql injection
+  const stopSpecialSymbols = data.match(/\p{S}OR\p{S}|\p{P}OR\p{P}| OR |\+OR\+/gi);
+  if (stopSpecialSymbols?.length) stopSpecialSymbols?.forEach((el) => stopWords.push(el));
+
+  // escape arrows on non-RTE
+  Object.keys(body)
+    .filter((key) => ['<', '>'].find((el) => body[key]?.includes?.(el))
+  && !['Summernote', 'Tiny', 'Ace'].includes(schema[key]?.type))
+    ?.forEach((key) => {
+      Object.assign(body, { [key]: body[key].replace(/</g, '&lt;').replace(/>/g, '&gt;') });
+    });
+  // try { } catch (err) { return { error: err.toString() }; }
+
+  if (!stopWords.length) return { body };
+
+  const disabledCheckFields = Object.keys(schema)?.filter((el) => schema[el]?.xssCheck === false); // exclude specific columns
+
+  // check RTE
+  /* const richTextFields = Object.keys(schema).filter((el) => ['Summernote', 'Tiny', 'Ace'].includes(schema[el]?.type));
+  richTextFields.filter((key) => !checkList.find((el) => body[key].includes(el)))?.forEach((key) => {
+    disabledCheckFields.push(key);
+  }); */
+
+  const field = Object.keys(body)
+    ?.find((key) => body[key]
+        && !disabledCheckFields.includes(key)
+        && body[key].toLowerCase().includes(stopWords[0]));
+  if (field) {
+    return { error: `rule: ${stopWords[0]} | attr: ${field} | val: ${body[field]}`, body };
+  }
+  return { body };
+}
+
+export default checkXSS;

package/crud/controllers/utils/xssInjection.js

@@ -1,72 +1,72 @@
-const xssInjection = [
-  'onkeypress=',
-  'onkeyup=',
-  'ondblclick=',
-  'onerror=',
-  'onmouseover=',
-  '<meta',
-  '<script',
-  'vascript:',
-  'onkeydown=',
-  'onmousedown=',
-  'onmouseenter=',
-  'onmouseleave=',
-  'onmousemove=',
-  'onmouseout=',
-  'onmouseup=',
-  'onmousewheel=',
-  'onpaste=',
-  'onscroll=',
-  'onwheel=',
-  'javascript:',
-  '\\x',
-  'eval(',
-  'onmouseover=',
-  'action=',
-  'xlink:',
-  'allowscriptaccess',
-  'href=',
-  'behavior:',
-  'onreadystatechange=',
-  'onstart=',
-  'offline=',
-  'onabort=',
-  'onafterprint=',
-  'onbeforeonload=',
-  'onbeforeprint=',
-  'onblur=',
-  'oncanplay=',
-  'oncanplaythrough=',
-  'onchange=',
-  'onclick=',
-  'oncontextmenu=',
-  'ondblclick=',
-  'ondrag=',
-  'ondragend=',
-  'ondragenter=',
-  'ondragleave=',
-  'ondragover=',
-  'ondragstart=',
-  'ondrop=',
-  'ondurationchange=',
-  'onemptied=',
-  'onended=',
-  'onerror=',
-  'onfocus=',
-  'onformchange=',
-  'onforminput=',
-  'onhaschange=',
-  'oninput=',
-  'oninvalid=',
-  'onkeydown=',
-  'onkeypress=',
-  'onkeyup=',
-  'onload=',
-  'onloadeddata=',
-  'onloadedmetadata=',
-  'onloadstart=',
-  'alert(',
-  'script:',
-];
-
-export default xssInjection;
+const xssInjection = [
+  'onkeypress=',
+  'onkeyup=',
+  'ondblclick=',
+  'onerror=',
+  'onmouseover=',
+  '<meta',
+  '<script',
+  'vascript:',
+  'onkeydown=',
+  'onmousedown=',
+  'onmouseenter=',
+  'onmouseleave=',
+  'onmousemove=',
+  'onmouseout=',
+  'onmouseup=',
+  'onmousewheel=',
+  'onpaste=',
+  'onscroll=',
+  'onwheel=',
+  'javascript:',
+  '\\x',
+  'eval(',
+  'onmouseover=',
+  'action=',
+  'xlink:',
+  'allowscriptaccess',
+  'href=',
+  'behavior:',
+  'onreadystatechange=',
+  'onstart=',
+  'offline=',
+  'onabort=',
+  'onafterprint=',
+  'onbeforeonload=',
+  'onbeforeprint=',
+  'onblur=',
+  'oncanplay=',
+  'oncanplaythrough=',
+  'onchange=',
+  'onclick=',
+  'oncontextmenu=',
+  'ondblclick=',
+  'ondrag=',
+  'ondragend=',
+  'ondragenter=',
+  'ondragleave=',
+  'ondragover=',
+  'ondragstart=',
+  'ondrop=',
+  'ondurationchange=',
+  'onemptied=',
+  'onended=',
+  'onerror=',
+  'onfocus=',
+  'onformchange=',
+  'onforminput=',
+  'onhaschange=',
+  'oninput=',
+  'oninvalid=',
+  'onkeydown=',
+  'onkeypress=',
+  'onkeyup=',
+  'onload=',
+  'onloadeddata=',
+  'onloadedmetadata=',
+  'onloadstart=',
+  'alert(',
+  'script:',
+];
+
+export default xssInjection;