@opengis/fastify-table 1.4.12 → 1.4.14

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opengis/fastify-table",
-  "version": "1.4.12",
+  "version": "1.4.14",
   "type": "module",
   "description": "core-plugins",
   "keywords": [

package/server/plugins/pg/funcs/getPGAsync.js

@@ -13,7 +13,7 @@ import getDBParams from './getDBParams.js';
 async function getPGAsync(param) {
   if (!config.pg) return null;
   const dbListParams = dblist.find(el => el.key === param?.key)
-    || dblist.find(el => el.database === (param?.db || param?.database || param) && el.port === param?.port);
+    || dblist.find(el => el.database === (param?.db || param?.database || param));
   const {
     user, password, host, port, db, database, name: origin,
   } = dbListParams ?? (typeof param === 'string' ? getDBParams(param) : param || {});
@@ -30,6 +30,8 @@ async function getPGAsync(param) {
     statement_timeout: config.pg?.statement_timeout || 10000,
   };
 
+  if (!dbConfig.database) { return null; }
+
   pgClients[name] = new pg.Pool(dbConfig);
 
   await init(pgClients[name]);

package/server/plugins/policy/funcs/checkPolicy.js

@@ -29,7 +29,7 @@ export default function checkPolicy(req, reply) {
   const { policy = [] } = routeOptions?.config || {};
 
   /*= == 0.Check superadmin access  === */
-  if (policy.includes('admin') && user?.user_type !== 'admin') {
+  if (policy.includes('admin') && user?.user_type !== 'admin' && !config.auth?.disable) {
     logger.file('policy/access', {
       path, method, params, query, body, message: 'access restricted: not admin', uid: user?.uid,
     });

package/server/routes/crud/controllers/update.js

@@ -61,8 +61,8 @@ export default async function update(req, reply) {
   const schema = formData?.schema || formData;
 
   // skip non-present fields in form schema
-  if (!unittest && !tokenData?.ignoreCheck) {
-    Object.keys(body).filter(key => !Object.keys(schema || {}).includes(key)).forEach(key => delete body[key]);
+  if (!unittest && !tokenData?.ignoreCheck && headers['content-type'] === 'application/json') {
+    Object.keys(body || {}).filter(key => !Object.keys(schema || {}).includes(key)).forEach(key => delete body[key]);
   }
 
   const xssCheck = checkXSS({ body, schema });

package/server/routes/logger/controllers/utils/checkUserAccess.js

@@ -8,7 +8,7 @@ import config from '../../../../../config.js';
 
 export default function checkUserAccess({ user = {} }) {
   // console.log(user);
-  if (user.user_type !== 'admin' && !config?.local) {
+  if (user.user_type !== 'admin' && !config?.local && !config.auth?.disable) {
     return { message: 'access restricted', status: 403 };
   }
 

package/server/routes/table/functions/getData.js

@@ -323,12 +323,21 @@ export default async function dataAPI(req, reply, called) {
     }
 
     // html
-    await Promise.all(template.filter(el => el[0].includes('.hbs')).map(async (el) => {
-      const htmlContent = await handlebars.compile(el[1])({
-        ...rows[0], user, data, tokens,
-      });
-      const name = el[0].substring(0, el[0].lastIndexOf('.'));
-      html[name] = htmlContent;
+    await Promise.all(template.filter(el => typeof el[1] === 'string' && el[0].includes('.hbs')).map(async (el) => {
+      try {
+        const htmlContent = await handlebars.compile(el[1])({
+          ...rows[0], user, data, tokens,
+        });
+        const name = el[0].substring(0, el[0].lastIndexOf('.'));
+        html[name] = htmlContent;
+      }
+      catch (err) {
+        const name = el[0].substring(0, el[0].lastIndexOf('.'));
+        logger.file('handlebars/error', {
+          table, id: params.id, error: err.toString(), stack: err.stack,
+        });
+        html[name] = 'handlebars compile error';
+      }
     }));
   }