@opengis/fastify-table 1.2.39 → 1.2.41

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opengis/fastify-table",
-  "version": "1.2.39",
+  "version": "1.2.41",
   "type": "module",
   "description": "core-plugins",
   "keywords": [

package/server/plugins/crud/funcs/dataUpdate.js

@@ -41,7 +41,7 @@ export default async function dataUpdate({
   }).map((el) => (typeof el[1] === 'object' && el[1] && (!Array.isArray(el[1]) || typeof el[1]?.[0] === 'object') ? JSON.stringify(el[1]) : el[1]));
 
   // update geometry with srid
-  if (!srids[table]) {
+  if (!srids[table] && pg.tlist?.includes('public.geometry_columns')) {
     const { srids1 } = await pg.query(`select json_object_agg(_table,rel) as srids1 from (
       select  f_table_schema||'.'||f_table_name as _table, 
         json_object_agg(f_geometry_column, case when srid = 0 then 4326 else srid end) as rel 

package/server/plugins/crud/funcs/getAccess.js

@@ -29,10 +29,10 @@ left join admin.user_roles d on
         end )
 where $1 in (a.route_id, a.alias, a.table_name) and $2 in (b.user_uid, d.user_uid)`;
 
-export default async function getAccess({ table, user = {} }) {
+export default async function getAccess({ table, user = {} }, pg = pgClients.client) {
   if (!table) return null;
 
-  const hookData = await applyHook('getAccess', { table, user });
+  const hookData = await applyHook('getAccess', { table, user, pg });
   if (hookData) return hookData;
 
   const { uid, user_type: userType = 'regular' } = user;
@@ -60,11 +60,11 @@ export default async function getAccess({ table, user = {} }) {
     return { actions: [], query: '1=1' };
   }
 
-  const userAccess = pgClients.client?.pk?.['admin.routes']
-    && pgClients.client?.pk?.['admin.role_access']
-    && pgClients.client?.pk?.['admin.roles']
-    && pgClients.client?.pk?.['admin.user_roles']
-    ? await pgClients.client.query(q, [table, uid])
+  const userAccess = pg?.pk?.['admin.routes']
+    && pg.pk?.['admin.role_access']
+    && pg.pk?.['admin.roles']
+    && pg.pk?.['admin.user_roles']
+    ? await pg.query(q, [table, uid])
       .then(el => ({
         ...el.rows[0] || {},
         roles: el.rows?.map?.(row => row.role_id) || [],

package/server/plugins/policy/funcs/checkPolicy.js

@@ -64,16 +64,21 @@ export default function checkPolicy(req, reply) {
     return null;
   }
 
+  const validToken = (req.ip === '193.239.152.181' || req.ip === '127.0.0.1' || req.ip.startsWith('192.168.') || config.debug)
+    && req.headers?.uid
+    && req.headers?.token
+    && config.auth?.tokens?.includes?.(headers.token);
+
+  if (validToken && !req?.user?.uid) {
+    req.user = { uid: req.headers?.uid };
+  }
+
   /* === policy: public === */
   if (policy.includes('public')) {
     return null;
   }
 
   /* === 0. policy: unauthorized access from admin URL === */
-  const validToken = (req.ip === '193.239.152.181' || req.ip === '127.0.0.1' || req.ip.startsWith('192.168.') || config.debug) && req.headers?.uid && req.headers?.token && config.auth?.tokens?.includes?.(headers.token);
-  if (validToken && !req?.user?.uid) {
-    req.user = { uid: req.headers?.uid };
-  }
   if (!validToken && !user?.uid && !config.auth?.disable && isAdmin && !policy.includes('public') && !skipCheckPolicyRoutes.filter((el) => el).find(el => req.url.includes(el))) {
     logger.file('policy/unauthorized', {
       path, method, params, query, body, token: headers?.token, userId: headers?.uid, ip: req.ip, headers, message: 'unauthorized',

package/server/routes/crud/controllers/deleteCrud.js

@@ -1,12 +1,12 @@
 import {
-  dataDelete, getTemplate, getAccess, applyHook, getToken, config,
+  dataDelete, getTemplate, getAccess, applyHook, getToken, config, pgClients,
 } from '../../../../utils.js';
 
 export default async function deleteCrud(req) {
-  const { user, params = {}, headers = {} } = req || {};
+  const { pg = pgClients.client, user, params = {}, headers = {} } = req || {};
 
   const hookData = await applyHook('preDelete', {
-    table: params?.table, id: params?.id, user,
+    pg, table: params?.table, id: params?.id, user,
   });
 
   if (hookData?.message && hookData?.status) {
@@ -19,7 +19,7 @@ export default async function deleteCrud(req) {
   });
 
   const { table: del, id } = hookData || tokenData || (config.auth?.disable ? req.params : {});
-  const { actions = [] } = await getAccess({ table: del, id, user }) || {};
+  const { actions = [] } = await getAccess({ table: del, id, user }, pg) || {};
 
   if (!actions.includes('del') && !config?.local && !tokenData) {
     return { message: 'access restricted', status: 403 };
@@ -32,7 +32,7 @@ export default async function deleteCrud(req) {
   if (!id) return { status: 404, message: 'id is required' };
 
   const data = await dataDelete({
-    table, id, uid: user?.uid, tokenData, referer,
+    pg, table, id, uid: user?.uid, tokenData, referer,
   });
 
   return { rowCount: data.rowCount, msg: !data.rowCount ? data : null };

package/server/routes/crud/controllers/insert.js

@@ -4,11 +4,11 @@ import {
 
 export default async function insert(req) {
   const {
-    user = {}, params = {}, body = {}, headers = {},
+    pg = pgClients.client, user = {}, params = {}, body = {}, headers = {},
   } = req || {};
   if (!user) return { message: 'access restricted', status: 403 };
 
-  const hookData = await applyHook('preInsert', { table: params?.table, user });
+  const hookData = await applyHook('preInsert', { pg, table: params?.table, user });
 
   if (hookData?.message && hookData?.status) {
     return { message: hookData?.message, status: hookData?.status };
@@ -21,7 +21,7 @@ export default async function insert(req) {
 
   const { form, table: add } = hookData || tokenData || (config.auth?.disable ? req.params : {});
 
-  const { actions = [] } = await getAccess({ table: add, user }) || {};
+  const { actions = [] } = await getAccess({ table: add, user }, pg) || {};
 
   if (!actions.includes('add') && !config?.local && !tokenData) {
     return { message: 'access restricted', status: 403 };
@@ -68,6 +68,7 @@ export default async function insert(req) {
   }
 
   const res = await dataInsert({
+    pg,
     id: params?.id,
     table: loadTemplate?.table || table,
     data: body,
@@ -79,19 +80,19 @@ export default async function insert(req) {
 
   // admin.custom_column
   await applyHook('afterInsert', {
-    table, token: params?.table, body, payload: res, user,
+    pg, table, token: params?.table, body, payload: res, user,
   });
   // form DataTable
   // to do: rewrite as single transaction
   const extraKeys = Object.keys(schema || {})?.filter((key) => schema?.[key]?.type === 'DataTable' && schema?.[key]?.table && schema?.[key]?.parent_id && body[key]?.length);
-  const pkey = res?.rows?.[0]?.[loadTemplate?.key || pgClients.client?.pk?.[loadTemplate?.table || table]];
+  const pkey = res?.rows?.[0]?.[loadTemplate?.key || pg.pk?.[loadTemplate?.table || table]];
   if (extraKeys?.length) {
     res.extra = {};
     await Promise.all(extraKeys?.map(async (key) => {
       const objId = body[schema[key].parent_id] || req.body?.id || res?.rows?.[0]?.[schema[key].parent_id] || pkey;
       const extraRows = await Promise.all(body[key].map(async (row) => {
         const extraRes = await dataInsert({
-          table: schema[key].table, data: { ...row, [schema[key].parent_id]: objId }, uid: user?.uid, tokenData, referer,
+          pg, table: schema[key].table, data: { ...row, [schema[key].parent_id]: objId }, uid: user?.uid, tokenData, referer,
         });
         return extraRes?.rows?.[0];
       }));
@@ -99,6 +100,6 @@ export default async function insert(req) {
     }));
   }
 
-  const pk = pgClients.client?.pk?.[loadTemplate?.table || table];
+  const pk = pg.pk?.[loadTemplate?.table || table];
   return { id: res?.rows?.[0]?.[pk], rows: res.rows, extra: res.extra };
 }

package/server/routes/crud/controllers/table.js

@@ -1,15 +1,15 @@
 import {
-  config, getAccess, getTemplate, getMeta, setToken, applyHook, getToken,
+  config, getAccess, getTemplate, getMeta, setToken, applyHook, getToken, pgClients,
 } from '../../../../utils.js';
 
 export default async function tableAPI(req) {
   const {
-    pg, params, user = {}, query = {},
+    pg = pgClients.client, params, user = {}, query = {},
   } = req;
   const tokenData = await getToken({ token: params?.table, uid: user.uid, json: 1 }) || {};
 
   const hookData = await applyHook('preTable', {
-    table: params?.table, id: params?.id, ...tokenData || {}, user,
+    pg, table: params?.table, id: params?.id, ...tokenData || {}, user,
   });
 
   if (hookData?.message && hookData?.status) {
@@ -24,7 +24,8 @@ export default async function tableAPI(req) {
 
   const { table, /* columns, */ form } = loadTable;
 
-  const tableName = table || hookData?.table || tokenData.table || params.table;
+  const templateName = hookData?.table || tokenData.table || params.table;
+  const tableName = table || templateName;
 
   const id = hookData?.id || tokenData.id || params.id;
 
@@ -33,17 +34,13 @@ export default async function tableAPI(req) {
     return { message: 'not enough params', status: 400 };
   }
 
-  const { actions = [], query: accessQuery } = await getAccess({
-    table: hookData?.table || tokenData.table || params.table,
-    id,
-    user,
-  }) || {};
+  const { actions = [], query: accessQuery } = await getAccess({ table: templateName, id, user }, pg) || {};
 
   if (!actions.includes('edit') && !config?.local && !tokenData) {
     return { message: 'access restricted', status: 403 };
   }
 
-  const { pk, columns: dbColumns = [] } = await getMeta(tableName);
+  const { pk, columns: dbColumns = [] } = await getMeta({ pg, table: tableName });
   if (!pk) return { message: `table not found: ${table}`, status: 404 };
 
   // const cols = columns.map((el) => el.name || el).join(',');
@@ -85,7 +82,7 @@ export default async function tableAPI(req) {
     })[0];
   }
   const res = await applyHook('afterTable', {
-    table: tableName, payload: [data], user,
+    pg, table: tableName, payload: [data], user,
   });
   return res || data || {};
 }

package/server/routes/crud/controllers/update.js

@@ -11,7 +11,7 @@ export default async function update(req) {
 
   if (!user) return { message: 'access restricted', status: 403 };
   const hookData = await applyHook('preUpdate', {
-    table: params?.table, id: params?.id, user,
+    pg, table: params?.table, id: params?.id, user,
   });
 
   if (hookData?.message && hookData?.status) {
@@ -25,7 +25,7 @@ export default async function update(req) {
 
   const { form, table: edit, id } = hookData || tokenData || (config.auth?.disable ? params : {});
 
-  const { actions = [] } = await getAccess({ table: edit, id, user }) || {};
+  const { actions = [] } = await getAccess({ table: edit, id, user }, pg) || {};
 
   if (!actions.includes('edit') && !config?.local && !tokenData) {
     return { message: 'access restricted', status: 403 };
@@ -75,6 +75,7 @@ export default async function update(req) {
   }
 
   const res = await dataUpdate({
+    pg,
     table: loadTemplate?.table || table,
     id,
     data: body,
@@ -85,7 +86,7 @@ export default async function update(req) {
 
   // admin.custom_column
   await applyHook('afterUpdate', {
-    table: params?.table, body, payload: res, user,
+    pg, table: params?.table, body, payload: res, user,
   });
 
   // form DataTable
@@ -95,11 +96,11 @@ export default async function update(req) {
     await Promise.all(extraKeys?.map(async (key) => {
       const objId = body[schema[key].parent_id] || body?.id || res?.[schema[key]?.parent_id] || res?.[pg.pk?.[loadTemplate?.table || table] || ''];
       // delete old extra data
-      await pgClients.client.query(`delete from ${schema[key].table} where ${schema[key].parent_id}=$1`, [objId]); // rewrite?
+      await pg.query(`delete from ${schema[key].table} where ${schema[key].parent_id}=$1`, [objId]); // rewrite?
       // insert new extra data
       if (Array.isArray(body[key]) && body[key]?.length) {
         const extraRows = await Promise.all(body[key]?.map?.(async (row) => {
-          const extraRes = await dataInsert({ table: schema[key].table, data: { ...row, [schema[key].parent_id]: objId }, uid, tokenData, referer });
+          const extraRes = await dataInsert({ pg, table: schema[key].table, data: { ...row, [schema[key].parent_id]: objId }, uid, tokenData, referer });
           return extraRes?.rows?.[0];
         }));
         Object.assign(res.extra, { [key]: extraRows.filter((el) => el) });

package/server/routes/table/controllers/data.js

@@ -1,5 +1,5 @@
 import {
-  config, getTemplate, getFilterSQL, getMeta, metaFormat, getAccess, setToken, gisIRColumn, applyHook, handlebars, handlebarsSync, getSelect, setOpt, getOpt,
+  config, getTemplate, getFilterSQL, getMeta, metaFormat, getAccess, setToken, gisIRColumn, applyHook, handlebars, handlebarsSync, getSelect, setOpt, getOpt, pgClients,
 } from '../../../../utils.js';
 
 import conditions from './utils/conditions.js';
@@ -12,7 +12,7 @@ const components = {
 const maxLimit = 100;
 export default async function dataAPI(req, reply, called) {
   const {
-    pg, params, query = {}, user = {},
+    pg = pgClients.client, params, query = {}, user = {},
   } = req;
 
   const time = Date.now();
@@ -20,7 +20,7 @@ export default async function dataAPI(req, reply, called) {
   const { uid } = user;
 
   const hookData = await applyHook('preData', {
-    table: params?.table, id: params?.id, user,
+    pg, table: params?.table, id: params?.id, user,
   });
   if (hookData?.message && hookData?.status) {
     return { message: hookData?.message, status: hookData?.status };
@@ -32,7 +32,7 @@ export default async function dataAPI(req, reply, called) {
   if (!loadTable && !(tokenData?.table && pg.pk?.[tokenData?.table])) { return { message: 'template not found', status: 404 }; }
 
   const id = tokenData?.id || hookData?.id || params?.id;
-  const { actions = [], query: accessQuery } = await getAccess({ table: tokenData?.table || hookData?.table || params.table, id, user }) || {};
+  const { actions = [], query: accessQuery } = await getAccess({ table: tokenData?.table || hookData?.table || params.table, id, user }, pg) || {};
 
   if (!actions.includes('view') && !config?.local && !called) {
     return { message: 'access restricted', status: 403 };
@@ -42,11 +42,13 @@ export default async function dataAPI(req, reply, called) {
     table, columns = [], sql, cardSql, filters, form, meta, sqlColumns, public: ispublic,
   } = loadTable || tokenData;
 
-  const tableMeta = await getMeta(table);
+  const tableMeta = await getMeta({ pg, table });
+
   if (tableMeta?.view) {
     if (!loadTable?.key && !tokenData?.key) return { message: `key not found: ${table}`, status: 404 };
     Object.assign(tableMeta, { pk: loadTable?.key || tokenData?.key });
   }
+
   const { pk, columns: dbColumns = [] } = tableMeta || {};
 
   if (!pk) return { message: `table not found: ${table}`, status: 404 };
@@ -56,7 +58,7 @@ export default async function dataAPI(req, reply, called) {
   const cardSqlFiltered = hookData?.id || params.id ? (cardSql?.filter?.((el) => !el?.disabled && el?.name && el?.sql?.replace) || []) : [];
   const cardSqlTable = cardSqlFiltered.length ? cardSqlFiltered.map((el, i) => ` left join lateral (${el.sql.replace('{{uid}}', uid)}) ct${i}  on 1=1 `).join('\n') || '' : '';
 
-  const { fields } = await pg.queryCache(`select * from ${table} t ${sqlTable}  ${cardSqlTable} limit 0`);
+  const { fields = [] } = pg.queryCache ? await pg.queryCache(`select * from ${table} t ${sqlTable}  ${cardSqlTable} limit 0`) : {};
   const dbColumnsTable = fields.map(el => el.name);
   const cols = columns.filter((el) => el.name !== 'geom' && dbColumnsTable.includes(el.name)).map((el) => el.name || el).join(',');
   const metaCols = Object.keys(loadTable?.meta?.cls || {}).filter((el) => !cols.includes(el)).length
@@ -78,6 +80,7 @@ export default async function dataAPI(req, reply, called) {
 
   const checkFilter = [query.filter, query.search, query.state, query.custom].filter((el) => el).length;
   const fData = checkFilter ? await getFilterSQL({
+    pg,
     table: params.table,
     filter: query.filter,
     search: query.search,
@@ -112,7 +115,7 @@ export default async function dataAPI(req, reply, called) {
                      ${params.id || query.key ? '*' : sqlColumns || cols || '*'} 
                      ${metaCols} 
                      
-                     ${dbColumns.find((el) => el.name === 'geom' && pg.pgType[el.dataTypeID] === 'geometry') ? ',st_asgeojson(geom)::json as geom' : ''} 
+                     ${dbColumns.find((el) => el.name === 'geom' && pg.pgType?.[el.dataTypeID] === 'geometry') ? ',st_asgeojson(geom)::json as geom' : ''} 
                      from (select * from ${table} where ${sqlTable ? 'true' : (where.join(' and ') || 'true')}  ${order}) t 
                      ${sqlTable} 
                      ${params.id ? cardSqlTable : ''} 
@@ -129,7 +132,7 @@ export default async function dataAPI(req, reply, called) {
   const filterWhere = [fData.q, search, bbox, queryPolyline, interfaceQuery, loadTable?.query, tokenData?.query].filter((el) => el);
 
   const aggColumns = columns.filter((el) => el.agg).reduce((acc, curr) => Object.assign(acc, { [curr.name]: curr.agg }), {});
-  const aggregates = dbColumns.map((el) => ({ name: el.name, type: pg.pgType[el.dataTypeID] })).filter((el) => ['numeric', 'double precision'].includes(el.type) && aggColumns[el.name]);
+  const aggregates = dbColumns.map((el) => ({ name: el.name, type: pg.pgType?.[el.dataTypeID] })).filter((el) => ['numeric', 'double precision'].includes(el.type) && aggColumns[el.name]);
   const qCount = `select 
             count(*)::int as total,  
             count(*) FILTER(WHERE ${filterWhere.join(' and ') || 'true'})::int as filtered
@@ -142,9 +145,9 @@ export default async function dataAPI(req, reply, called) {
 
   const counts = keyQuery || tokenData?.id || hookData?.id || params.id
     ? { total: rows.length, filtered: rows.length }
-    : await pg.queryCache(qCount, { table: loadTable?.table || tokenData?.table, time: 5 }).then(el => el?.rows[0] || {});
+    : await pg.queryCache?.(qCount, { table: loadTable?.table || tokenData?.table, time: 5 }).then(el => el?.rows[0] || {});
 
-  const { total, filtered } = counts;
+  const { total, filtered } = counts || {};
   const agg = Object.keys(counts).filter(el => !['total', 'filtered'].includes(el)).reduce((acc, el) => ({ ...acc, [el]: counts[el] }), {});
 
   await metaFormat({ rows, table: tokenData?.table || hookData?.table || params.table });
@@ -215,8 +218,8 @@ export default async function dataAPI(req, reply, called) {
 
     // data result
     const data = {};
-    const route = await pg.query(`select route_id as path, title from admin.routes where enabled and alias=$1 limit 1`, [table])
-      .then(el => el.rows?.[0] || {});
+    const route = pg.pk?.['admin.routes'] ? await pg.query(`select route_id as path, title from admin.routes where enabled and alias=$1 limit 1`, [table])
+      .then(el => el.rows?.[0] || {}) : {};
     Object.assign(route, { tableTitle: loadTable?.title });
     if (index?.data && index?.data?.[0]?.name) {
       await Promise.all(index.data.filter((el) => el?.name && el?.sql).map(async (el) => {
@@ -266,7 +269,7 @@ export default async function dataAPI(req, reply, called) {
   }
 
   const result = await applyHook('afterData', {
-    table: loadTable?.table || tokenData?.table, payload: res, user,
+    pg, table: loadTable?.table || tokenData?.table, payload: res, user,
   });
 
   return result || res;

package/server/routes/table/controllers/suggest.js

@@ -47,7 +47,7 @@ export default async function suggest(req) {
       original: `with c(id,text) as (select ${column || 'row_number() over()'}, ${column}, count(*) from ${tableName} group by ${column} limit ${limit}) select * from c`,
       searchQuery: '(lower("text") ~ $1 )',
     }
-    : await getSelectMeta({ name: selectName, nocache: query?.nocache });
+    : await getSelectMeta({ pg: pg1, name: selectName, nocache: query?.nocache });
 
   if (meta?.minLength && query.key && query.key.length < meta?.minLength) {
     return { message: `min length: ${meta.minLength}` };