@openinc/parse-server-opendash 2.3.2 → 2.3.5

package/dist/index.js

@@ -1,432 +1,463 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.initAutoload = exports.autoloadCloudCode = exports.afterDeleteHook = exports.beforeDeleteHook = exports.afterSaveHook = exports.beforeSaveHook = exports.defaultAclHandler = exports.defaultHandler = exports.immutableField = exports.ensureUserRole = exports.ensureRole = exports.getConfigBoolean = exports.getConfig = exports.requirePermission = exports.hasPermission = exports.sendSimpleEmail = exports.init = exports.PREFIX = exports.Config = void 0;
-const path_1 = require("path");
-const web_push_1 = __importDefault(require("web-push"));
-const parse_server_schema_1 = require("@openinc/parse-server-schema");
-const fast_equals_1 = require("fast-equals");
-const fs_1 = __importDefault(require("fs"));
-const nodemailer_1 = __importDefault(require("nodemailer"));
-const path_2 = require("path");
-const config_1 = require("./config");
-const featuremap_json_1 = __importDefault(require("./featuremap.json"));
-const _init_1 = require("./functions/_init");
-const _init_2 = require("./hooks/_init");
-const types_1 = require("./types");
-var Config_1 = require("./helper/Config");
-Object.defineProperty(exports, "Config", { enumerable: true, get: function () { return Config_1.Config; } });
-exports.PREFIX = "OD3_";
-let schema = {};
-let transport = undefined;
-async function init() {
-    try {
-        const pkg = require("../package.json");
-        console.log(`[${pkg.name}] init (v${pkg.version})`);
-    }
-    catch (error) { }
-    await config_1.config.init(true);
-    await initEmailTransport();
-    await initWebPush();
-    await initSchema();
-    await initDefaultRoles();
-    await initDefaultData();
-    await (0, _init_2.init)();
-    await (0, _init_1.init)();
-    await initAutoload();
-}
-exports.init = init;
-async function initEmailTransport() {
-    try {
-        if (config_1.config.getBoolean("SMTP_ENABLED")) {
-            transport = nodemailer_1.default.createTransport({
-                host: config_1.config.get("SMTP_HOST"),
-                port: config_1.config.getNumber("SMTP_PORT"),
-                secure: config_1.config.getBoolean("SMTP_SECURE"),
-                ignoreTLS: config_1.config.getBoolean("SMTP_IGNORE_TLS"),
-                auth: {
-                    user: config_1.config.get("SMTP_USER"),
-                    pass: config_1.config.get("SMTP_PASS"),
-                },
-            });
-            await transport.verify();
-        }
-    }
-    catch (error) {
-        console.error(`Parse SMTP Adapter: Error when trying to establish the SMTP connection:`);
-        console.error(error);
-        process.exit(1);
-    }
-}
-async function initWebPush() {
-    try {
-        if (config_1.config.getBoolean("WEB_PUSH_ENABLED")) {
-            web_push_1.default.setVapidDetails(config_1.config.get("WEB_PUSH_HOST"), config_1.config.get("WEB_PUSH_VAPID_PUBLIC_KEY"), config_1.config.get("WEB_PUSH_VAPID_PRIVATE_KEY"));
-            web_push_1.default.setGCMAPIKey(config_1.config.get("WEB_PUSH_FCM_KEY"));
-        }
-    }
-    catch (error) {
-        console.error(error);
-        process.exit(1);
-    }
-}
-async function initSchema() {
-    const schemaConfig = await (0, parse_server_schema_1.loadConfig)();
-    try {
-        await (0, parse_server_schema_1.up)(schemaConfig, (0, path_1.resolve)(__dirname, "../schema"), {
-            prefix: exports.PREFIX,
-            deleteClasses: config_1.config.getBoolean("FORCE_SCHEMA"),
-            deleteFields: config_1.config.getBoolean("FORCE_SCHEMA"),
-            filter: (className) => isClassEnabled(className),
-        });
-        schema = Object.fromEntries((await Parse.Schema.all()).map((schema) => [
-            schema.className,
-            schema,
-        ]));
-    }
-    catch (error) {
-        console.error("Error while updating schema");
-        console.error(error);
-        process.exit(1);
-    }
-}
-async function initDefaultRoles() {
-    try {
-        await ensureRole("od-user");
-        await ensureRole("od-admin");
-        await ensureRole("od-tenant-user");
-        await ensureRole("od-tenant-verified");
-        await ensureRole("od-tenant-admin");
-    }
-    catch (error) {
-        console.error(error);
-    }
-}
-async function initDefaultData() {
-    try {
-        // TODO
-    }
-    catch (error) {
-        console.error(error);
-    }
-}
-async function sendSimpleEmail(to, subject, text) {
-    if (!transport) {
-        return void console.error("E-Mails are not enabled.");
-    }
-    transport.sendMail({
-        from: config_1.config.get("SMTP_FROM"),
-        to,
-        subject,
-        text,
-    });
-}
-exports.sendSimpleEmail = sendSimpleEmail;
-async function hasPermission(sessionToken, key) {
-    const result = await new Parse.Query(types_1.Permission)
-        .equalTo("key", key)
-        .first({ sessionToken });
-    return !!result;
-}
-exports.hasPermission = hasPermission;
-async function requirePermission(request, key, message) {
-    if (request.master) {
-        return;
-    }
-    if (!key) {
-        throw new Parse.Error(119, "Missing Permission (1): " + (message || key || "Master Key Only"));
-    }
-    if (!request.sessionToken) {
-        throw new Parse.Error(119, "Missing Permission (2): " + (message || key || "Master Key Only"));
-    }
-    const p = await hasPermission(request.sessionToken, key);
-    if (!p) {
-        throw new Parse.Error(119, "Missing Permission (3): " + (message || key || "Master Key Only"));
-    }
-}
-exports.requirePermission = requirePermission;
-async function getConfig(key) {
-    const result = await new Parse.Query(types_1.Config).equalTo("key", key).first({
-        useMasterKey: true,
-    });
-    const value = result?.get("value");
-    console.log("[@openinc/parse-server-opendash][Config]", key, value);
-    return value || "";
-}
-exports.getConfig = getConfig;
-async function getConfigBoolean(key) {
-    const value = await getConfig(key);
-    if (!value || value.toLowerCase() === "false" || value === "0") {
-        return false;
-    }
-    return true;
-}
-exports.getConfigBoolean = getConfigBoolean;
-async function ensureRole(name, options) {
-    const label = options?.label || undefined;
-    const acl = options?.acl || new Parse.ACL();
-    const childRoles = options?.childRoles || undefined;
-    console.log(`[@openinc/parse-server-opendash] ensureRole(${name})`
-    // JSON.stringify({ label, acl, childRoles }, null, 2)
-    );
-    let role = await new Parse.Query(Parse.Role)
-        .equalTo("name", name)
-        .first({ useMasterKey: true });
-    if (!role) {
-        role = new Parse.Role(name, acl);
-        role.set("label", label);
-        await role.save(null, {
-            useMasterKey: true,
-        });
-    }
-    let changed = false;
-    if (role.get("label") !== label) {
-        role.set("label", label);
-        changed = true;
-    }
-    if (!(0, fast_equals_1.deepEqual)(acl.toJSON(), role.getACL()?.toJSON())) {
-        role.setACL(acl);
-        changed = true;
-    }
-    if (Array.isArray(childRoles) && childRoles.length > 0) {
-        const relation = role.getRoles();
-        const currentChildRoles = await relation
-            .query()
-            .find({ useMasterKey: true });
-        const currentChildRoleNames = currentChildRoles.map((role) => role.get("name"));
-        for (const childRoleName of childRoles) {
-            if (currentChildRoleNames.includes(childRoleName)) {
-                continue;
-            }
-            const childRole = await new Parse.Query(Parse.Role)
-                .equalTo("name", childRoleName)
-                .find({ useMasterKey: true });
-            relation.add(childRole);
-            changed = true;
-        }
-    }
-    if (changed) {
-        await role.save(null, { useMasterKey: true });
-    }
-}
-exports.ensureRole = ensureRole;
-async function ensureUserRole(user, roleName, add = false) {
-    const role = await new Parse.Query(Parse.Role)
-        .equalTo("name", roleName)
-        .first({ useMasterKey: true });
-    if (role) {
-        const relation = role.relation("users");
-        if (add) {
-            relation.add(user);
-        }
-        else {
-            relation.remove(user);
-        }
-        await role.save(null, { useMasterKey: true });
-        console.log("userRole", user.get("username"), roleName, add);
-    }
-}
-exports.ensureUserRole = ensureUserRole;
-async function immutableField(request, fieldName, permissionName = "parse:edit-immutable-fields") {
-    if (!request.original || request.master) {
-        return;
-    }
-    const previousValue = JSON.stringify(request.original.get(fieldName));
-    const nextValue = JSON.stringify(request.object.get(fieldName));
-    if ((0, fast_equals_1.deepEqual)(previousValue, nextValue)) {
-        return;
-    }
-    await requirePermission(request, permissionName, `You are not allowed to edit the '${fieldName}' field.`);
-}
-exports.immutableField = immutableField;
-async function defaultHandler(request) {
-    const className = request.object.className;
-    if (request.master) {
-        console.log(`[@openinc/parse-server-opendash] Skipping default beforeSave() handler of ${className} for masterkey`);
-        return;
-    }
-    if (!request.user) {
-        throw new Error();
-    }
-    const currentSchema = schema[className];
-    if (!currentSchema) {
-        console.warn(`[@openinc/parse-server-opendash] Skipping default beforeSave() handler, no schema found for ${className}`);
-        return;
-    }
-    const userField = !!currentSchema?.fields?.user;
-    const tenantField = !!currentSchema?.fields?.tenant;
-    if (userField) {
-        await immutableField(request, "user");
-    }
-    if (tenantField) {
-        await immutableField(request, "tenant");
-    }
-    if (!request.original) {
-        if (userField) {
-            request.object.set("user", request.user);
-        }
-        if (tenantField) {
-            const user = (await request.user?.fetch({
-                useMasterKey: true,
-            }));
-            request.object.set("tenant", user.get("tenant"));
-        }
-    }
-}
-exports.defaultHandler = defaultHandler;
-async function defaultAclHandler(request, options) {
-    const className = request.object.className;
-    const currentSchema = schema[className];
-    if (!currentSchema) {
-        console.warn(`[@openinc/parse-server-opendash] Skipping default beforeSave() ACL handler, no schema found for ${className}`);
-        return;
-    }
-    const userField = !!currentSchema?.fields?.user;
-    const tenantField = !!currentSchema?.fields?.tenant;
-    if (!options?.allowCustomACL || !request.object.getACL()) {
-        request.object.setACL(new Parse.ACL());
-    }
-    const acl = request.object.getACL();
-    acl.setRoleReadAccess("od-admin", true);
-    acl.setRoleWriteAccess("od-admin", true);
-    if (userField) {
-        const user = request.object.get("user");
-        if (user) {
-            acl.setReadAccess(user.id, true);
-            acl.setWriteAccess(user.id, true);
-        }
-    }
-    if (tenantField) {
-        const tenant = request.object.get("tenant");
-        if (tenant) {
-            if (!options?.denyTenantUserRead) {
-                acl.setRoleReadAccess(`od-tenant-user-${tenant.id}`, true);
-            }
-            if (options?.allowTenantUserWrite) {
-                acl.setRoleWriteAccess(`od-tenant-user-${tenant.id}`, true);
-            }
-            acl.setRoleReadAccess(`od-tenant-admin-${tenant.id}`, true);
-            acl.setRoleWriteAccess(`od-tenant-admin-${tenant.id}`, true);
-        }
-    }
-}
-exports.defaultAclHandler = defaultAclHandler;
-const beforeSaveHooks = {};
-function beforeSaveHook(target, callback) {
-    // @ts-ignore
-    const className = typeof target === "string" ? target : target.className;
-    if (!beforeSaveHooks[className]) {
-        beforeSaveHooks[className] = [];
-        Parse.Cloud.beforeSave(className, async function beforeSaveHookFunction(request) {
-            const sessionToken = request.user?.getSessionToken();
-            const newRequest = { ...request, sessionToken };
-            for (const fn of beforeSaveHooks[className]) {
-                await fn(newRequest);
-            }
-        });
-    }
-    beforeSaveHooks[className].push(callback);
-}
-exports.beforeSaveHook = beforeSaveHook;
-const afterSaveHooks = {};
-function afterSaveHook(target, callback) {
-    // @ts-ignore
-    const className = typeof target === "string" ? target : target.className;
-    if (!afterSaveHooks[className]) {
-        afterSaveHooks[className] = [];
-        Parse.Cloud.afterSave(className, async function afterSaveHookFunction(request) {
-            const sessionToken = request.user?.getSessionToken();
-            const newRequest = { ...request, sessionToken };
-            for (const fn of afterSaveHooks[className]) {
-                await fn(newRequest);
-            }
-        });
-    }
-    afterSaveHooks[className].push(callback);
-}
-exports.afterSaveHook = afterSaveHook;
-const beforeDeleteHooks = {};
-function beforeDeleteHook(target, callback) {
-    // @ts-ignore
-    const className = typeof target === "string" ? target : target.className;
-    if (!beforeDeleteHooks[className]) {
-        beforeDeleteHooks[className] = [];
-        Parse.Cloud.beforeDelete(className, async function beforeDeleteHookFunction(request) {
-            const sessionToken = request.user?.getSessionToken();
-            const newRequest = { ...request, sessionToken };
-            for (const fn of beforeDeleteHooks[className]) {
-                await fn(newRequest);
-            }
-        });
-    }
-    beforeDeleteHooks[className].push(callback);
-}
-exports.beforeDeleteHook = beforeDeleteHook;
-const afterDeleteHooks = {};
-function afterDeleteHook(target, callback) {
-    // @ts-ignore
-    const className = typeof target === "string" ? target : target.className;
-    if (!afterDeleteHooks[className]) {
-        afterDeleteHooks[className] = [];
-        Parse.Cloud.afterDelete(className, async function afterDeleteHookFunction(request) {
-            const sessionToken = request.user?.getSessionToken();
-            const newRequest = { ...request, sessionToken };
-            for (const fn of afterDeleteHooks[className]) {
-                await fn(newRequest);
-            }
-        });
-    }
-    afterDeleteHooks[className].push(callback);
-}
-exports.afterDeleteHook = afterDeleteHook;
-async function autoloadCloudCode(path, regex = /^[a-zA-Z0-9]+(?:-[a-zA-Z0-9]+)*$/) {
-    const fns = fs_1.default
-        .readdirSync(path)
-        .filter((filename) => filename.endsWith(".js"))
-        .map((filename) => filename.replace(".js", ""))
-        .filter((name) => regex.test(name));
-    for (const name of fns) {
-        const { init } = require((0, path_2.join)(path, name));
-        await init(name).catch((e) => console.error(e));
-    }
-}
-exports.autoloadCloudCode = autoloadCloudCode;
-async function initAutoload() {
-    const path = config_1.config.get("AUTOLOAD_DIR");
-    if (path) {
-        await autoloadCloudCode((0, path_1.resolve)(process.cwd(), path));
-    }
-}
-exports.initAutoload = initAutoload;
-function getFeatureForClassName(className) {
-    const map = featuremap_json_1.default;
-    return map[className] || "unknown";
-}
-function isFeatureEnabled(feature) {
-    switch (feature) {
-        case "CORE":
-            return config_1.config.getBoolean("FEATURE_CORE");
-        case "MONITORING":
-            return config_1.config.getBoolean("FEATURE_MONITORING");
-        case "BDE":
-            return config_1.config.getBoolean("FEATURE_BDE");
-        case "GTFS":
-            return config_1.config.getBoolean("FEATURE_GTFS");
-        case "KNOWLEDGE":
-            return config_1.config.getBoolean("FEATURE_KNOWLEDGE");
-        case "MAINTENANCE":
-            return config_1.config.getBoolean("FEATURE_MAINTENANCE");
-        case "MIAAS":
-            return config_1.config.getBoolean("FEATURE_MIAAS");
-        default:
-            return false;
-    }
-}
-function isClassEnabled(className) {
-    // if (!config.getBoolean("FEATURES_ENABLED")) return true;
-    const feature = getFeatureForClassName(className);
-    const enabled = isFeatureEnabled(feature);
-    return enabled;
-}
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initAutoload = exports.autoloadCloudCode = exports.afterDeleteHook = exports.beforeDeleteHook = exports.afterSaveHook = exports.beforeSaveHook = exports.defaultAclHandler = exports.defaultHandler = exports.immutableField = exports.ensureUserRole = exports.ensureRole = exports.getConfigBoolean = exports.getConfig = exports.requirePermission = exports.hasPermission = exports.sendTemplateEmail = exports.sendSimpleEmail = exports.init = exports.PREFIX = exports.Config = void 0;
+const parse_server_schema_1 = require("@openinc/parse-server-schema");
+const fast_equals_1 = require("fast-equals");
+const fs_1 = __importDefault(require("fs"));
+const nodemailer_1 = __importDefault(require("nodemailer"));
+const nunjucks_1 = __importDefault(require("nunjucks"));
+const path_1 = require("path");
+const web_push_1 = __importDefault(require("web-push"));
+const config_1 = require("./config");
+const featuremap_json_1 = __importDefault(require("./featuremap.json"));
+const _init_1 = require("./functions/_init");
+const _init_2 = require("./hooks/_init");
+const types_1 = require("./types");
+var Config_1 = require("./helper/Config");
+Object.defineProperty(exports, "Config", { enumerable: true, get: function () { return Config_1.Config; } });
+exports.PREFIX = "OD3_";
+let schema = {};
+let transport = undefined;
+const emailTemplateDir = (0, path_1.resolve)(process.cwd(), "views/emails");
+async function init() {
+    try {
+        const pkg = require("../package.json");
+        console.log(`[${pkg.name}] init (v${pkg.version})`);
+    }
+    catch (error) { }
+    await config_1.config.init(true);
+    await initEmailTransport();
+    await initWebPush();
+    await initSchema();
+    await initDefaultRoles();
+    await initDefaultData();
+    await (0, _init_2.init)();
+    await (0, _init_1.init)();
+    await initAutoload();
+}
+exports.init = init;
+async function initEmailTransport() {
+    try {
+        if (config_1.config.getBoolean("SMTP_ENABLED")) {
+            transport = nodemailer_1.default.createTransport({
+                host: config_1.config.get("SMTP_HOST"),
+                port: config_1.config.getNumber("SMTP_PORT"),
+                secure: config_1.config.getBoolean("SMTP_SECURE"),
+                ignoreTLS: config_1.config.getBoolean("SMTP_IGNORE_TLS"),
+                auth: {
+                    user: config_1.config.get("SMTP_USER"),
+                    pass: config_1.config.get("SMTP_PASS"),
+                },
+            });
+            await transport.verify();
+            nunjucks_1.default.configure(emailTemplateDir, { autoescape: true });
+        }
+    }
+    catch (error) {
+        console.error(`Parse SMTP Adapter: Error when trying to establish the SMTP connection:`);
+        console.error(error);
+        process.exit(1);
+    }
+}
+async function initWebPush() {
+    try {
+        if (config_1.config.getBoolean("WEB_PUSH_ENABLED")) {
+            web_push_1.default.setVapidDetails(config_1.config.get("WEB_PUSH_HOST"), config_1.config.get("WEB_PUSH_VAPID_PUBLIC_KEY"), config_1.config.get("WEB_PUSH_VAPID_PRIVATE_KEY"));
+            web_push_1.default.setGCMAPIKey(config_1.config.get("WEB_PUSH_FCM_KEY"));
+        }
+    }
+    catch (error) {
+        console.error(error);
+        process.exit(1);
+    }
+}
+async function initSchema() {
+    const schemaConfig = await (0, parse_server_schema_1.loadConfig)();
+    try {
+        await (0, parse_server_schema_1.up)(schemaConfig, (0, path_1.resolve)(__dirname, "../schema"), {
+            prefix: exports.PREFIX,
+            deleteClasses: config_1.config.getBoolean("FORCE_SCHEMA"),
+            deleteFields: config_1.config.getBoolean("FORCE_SCHEMA"),
+            filter: (className) => isClassEnabled(className),
+        });
+        schema = Object.fromEntries((await Parse.Schema.all()).map((schema) => [
+            schema.className,
+            schema,
+        ]));
+    }
+    catch (error) {
+        console.error("Error while updating schema");
+        console.error(error);
+        process.exit(1);
+    }
+}
+async function initDefaultRoles() {
+    try {
+        await ensureRole("od-user");
+        await ensureRole("od-admin");
+        await ensureRole("od-tenant-user");
+        await ensureRole("od-tenant-verified");
+        await ensureRole("od-tenant-admin");
+    }
+    catch (error) {
+        console.error(error);
+    }
+}
+async function initDefaultData() {
+    try {
+        // TODO
+    }
+    catch (error) {
+        console.error(error);
+    }
+}
+async function sendSimpleEmail(to, subject, text) {
+    if (!transport) {
+        return void console.error("E-Mails are not enabled.");
+    }
+    transport.sendMail({
+        from: config_1.config.get("SMTP_FROM"),
+        to,
+        subject,
+        text,
+    });
+}
+exports.sendSimpleEmail = sendSimpleEmail;
+async function sendTemplateEmail({ to, subject, fallback, template, data, }) {
+    if (!transport) {
+        return void console.error("E-Mails are not enabled.");
+    }
+    transport.sendMail({
+        from: config_1.config.get("SMTP_FROM"),
+        to,
+        subject,
+        text: renderEmailTemplate("txt", template, data, fallback),
+        html: renderEmailTemplate("html", template, data, undefined),
+    });
+}
+exports.sendTemplateEmail = sendTemplateEmail;
+async function hasPermission(sessionToken, key) {
+    const result = await new Parse.Query(types_1.Permission)
+        .equalTo("key", key)
+        .first({ sessionToken });
+    return !!result;
+}
+exports.hasPermission = hasPermission;
+async function requirePermission(request, key, message) {
+    if (request.master) {
+        return;
+    }
+    if (!key) {
+        throw new Parse.Error(119, "Missing Permission (1): " + (message || key || "Master Key Only"));
+    }
+    if (!request.sessionToken) {
+        throw new Parse.Error(119, "Missing Permission (2): " + (message || key || "Master Key Only"));
+    }
+    const p = await hasPermission(request.sessionToken, key);
+    if (!p) {
+        throw new Parse.Error(119, "Missing Permission (3): " + (message || key || "Master Key Only"));
+    }
+}
+exports.requirePermission = requirePermission;
+async function getConfig(key) {
+    const result = await new Parse.Query(types_1.Config).equalTo("key", key).first({
+        useMasterKey: true,
+    });
+    const value = result?.get("value");
+    console.log("[@openinc/parse-server-opendash][Config]", key, value);
+    return value || "";
+}
+exports.getConfig = getConfig;
+async function getConfigBoolean(key) {
+    const value = await getConfig(key);
+    if (!value || value.toLowerCase() === "false" || value === "0") {
+        return false;
+    }
+    return true;
+}
+exports.getConfigBoolean = getConfigBoolean;
+async function ensureRole(name, options) {
+    const label = options?.label || undefined;
+    const acl = options?.acl || new Parse.ACL();
+    const childRoles = options?.childRoles || undefined;
+    console.log(`[@openinc/parse-server-opendash] ensureRole(${name})`
+    // JSON.stringify({ label, acl, childRoles }, null, 2)
+    );
+    let role = await new Parse.Query(Parse.Role)
+        .equalTo("name", name)
+        .first({ useMasterKey: true });
+    if (!role) {
+        role = new Parse.Role(name, acl);
+        role.set("label", label);
+        await role.save(null, {
+            useMasterKey: true,
+        });
+    }
+    let changed = false;
+    if (role.get("label") !== label) {
+        role.set("label", label);
+        changed = true;
+    }
+    if (!(0, fast_equals_1.deepEqual)(acl.toJSON(), role.getACL()?.toJSON())) {
+        role.setACL(acl);
+        changed = true;
+    }
+    if (Array.isArray(childRoles) && childRoles.length > 0) {
+        const relation = role.getRoles();
+        const currentChildRoles = await relation
+            .query()
+            .find({ useMasterKey: true });
+        const currentChildRoleNames = currentChildRoles.map((role) => role.get("name"));
+        for (const childRoleName of childRoles) {
+            if (currentChildRoleNames.includes(childRoleName)) {
+                continue;
+            }
+            const childRole = await new Parse.Query(Parse.Role)
+                .equalTo("name", childRoleName)
+                .find({ useMasterKey: true });
+            relation.add(childRole);
+            changed = true;
+        }
+    }
+    if (changed) {
+        await role.save(null, { useMasterKey: true });
+    }
+}
+exports.ensureRole = ensureRole;
+async function ensureUserRole(user, roleName, add = false) {
+    const role = await new Parse.Query(Parse.Role)
+        .equalTo("name", roleName)
+        .first({ useMasterKey: true });
+    if (role) {
+        const relation = role.relation("users");
+        if (add) {
+            relation.add(user);
+        }
+        else {
+            relation.remove(user);
+        }
+        await role.save(null, { useMasterKey: true });
+        console.log("userRole", user.get("username"), roleName, add);
+    }
+}
+exports.ensureUserRole = ensureUserRole;
+async function immutableField(request, fieldName, permissionName = "parse:edit-immutable-fields") {
+    if (!request.original || request.master) {
+        return;
+    }
+    const previousValue = JSON.stringify(request.original.get(fieldName));
+    const nextValue = JSON.stringify(request.object.get(fieldName));
+    if ((0, fast_equals_1.deepEqual)(previousValue, nextValue)) {
+        return;
+    }
+    await requirePermission(request, permissionName, `You are not allowed to edit the '${fieldName}' field.`);
+}
+exports.immutableField = immutableField;
+async function defaultHandler(request) {
+    const className = request.object.className;
+    if (request.master) {
+        console.log(`[@openinc/parse-server-opendash] Skipping default beforeSave() handler of ${className} for masterkey`);
+        return;
+    }
+    if (!request.user) {
+        throw new Error();
+    }
+    const currentSchema = schema[className];
+    if (!currentSchema) {
+        console.warn(`[@openinc/parse-server-opendash] Skipping default beforeSave() handler, no schema found for ${className}`);
+        return;
+    }
+    const userField = !!currentSchema?.fields?.user;
+    const tenantField = !!currentSchema?.fields?.tenant;
+    if (userField) {
+        await immutableField(request, "user");
+    }
+    if (tenantField) {
+        await immutableField(request, "tenant");
+    }
+    if (!request.original) {
+        if (userField) {
+            request.object.set("user", request.user);
+        }
+        if (tenantField) {
+            const user = (await request.user?.fetch({
+                useMasterKey: true,
+            }));
+            request.object.set("tenant", user.get("tenant"));
+        }
+    }
+}
+exports.defaultHandler = defaultHandler;
+async function defaultAclHandler(request, options) {
+    const className = request.object.className;
+    const currentSchema = schema[className];
+    if (!currentSchema) {
+        console.warn(`[@openinc/parse-server-opendash] Skipping default beforeSave() ACL handler, no schema found for ${className}`);
+        return;
+    }
+    const userField = !!currentSchema?.fields?.user;
+    const tenantField = !!currentSchema?.fields?.tenant;
+    if (!options?.allowCustomACL || !request.object.getACL()) {
+        request.object.setACL(new Parse.ACL());
+    }
+    const acl = request.object.getACL();
+    acl.setRoleReadAccess("od-admin", true);
+    acl.setRoleWriteAccess("od-admin", true);
+    if (userField) {
+        const user = request.object.get("user");
+        if (user) {
+            acl.setReadAccess(user.id, true);
+            acl.setWriteAccess(user.id, true);
+        }
+    }
+    if (tenantField) {
+        const tenant = request.object.get("tenant");
+        if (tenant) {
+            if (!options?.denyTenantUserRead) {
+                acl.setRoleReadAccess(`od-tenant-user-${tenant.id}`, true);
+            }
+            if (options?.allowTenantUserWrite) {
+                acl.setRoleWriteAccess(`od-tenant-user-${tenant.id}`, true);
+            }
+            acl.setRoleReadAccess(`od-tenant-admin-${tenant.id}`, true);
+            acl.setRoleWriteAccess(`od-tenant-admin-${tenant.id}`, true);
+        }
+    }
+}
+exports.defaultAclHandler = defaultAclHandler;
+const beforeSaveHooks = {};
+function beforeSaveHook(target, callback) {
+    // @ts-ignore
+    const className = typeof target === "string" ? target : target.className;
+    if (!beforeSaveHooks[className]) {
+        beforeSaveHooks[className] = [];
+        Parse.Cloud.beforeSave(className, async function beforeSaveHookFunction(request) {
+            const sessionToken = request.user?.getSessionToken();
+            const newRequest = { ...request, sessionToken };
+            for (const fn of beforeSaveHooks[className]) {
+                await fn(newRequest);
+            }
+        });
+    }
+    beforeSaveHooks[className].push(callback);
+}
+exports.beforeSaveHook = beforeSaveHook;
+const afterSaveHooks = {};
+function afterSaveHook(target, callback) {
+    // @ts-ignore
+    const className = typeof target === "string" ? target : target.className;
+    if (!afterSaveHooks[className]) {
+        afterSaveHooks[className] = [];
+        Parse.Cloud.afterSave(className, async function afterSaveHookFunction(request) {
+            const sessionToken = request.user?.getSessionToken();
+            const newRequest = { ...request, sessionToken };
+            for (const fn of afterSaveHooks[className]) {
+                await fn(newRequest);
+            }
+        });
+    }
+    afterSaveHooks[className].push(callback);
+}
+exports.afterSaveHook = afterSaveHook;
+const beforeDeleteHooks = {};
+function beforeDeleteHook(target, callback) {
+    // @ts-ignore
+    const className = typeof target === "string" ? target : target.className;
+    if (!beforeDeleteHooks[className]) {
+        beforeDeleteHooks[className] = [];
+        Parse.Cloud.beforeDelete(className, async function beforeDeleteHookFunction(request) {
+            const sessionToken = request.user?.getSessionToken();
+            const newRequest = { ...request, sessionToken };
+            for (const fn of beforeDeleteHooks[className]) {
+                await fn(newRequest);
+            }
+        });
+    }
+    beforeDeleteHooks[className].push(callback);
+}
+exports.beforeDeleteHook = beforeDeleteHook;
+const afterDeleteHooks = {};
+function afterDeleteHook(target, callback) {
+    // @ts-ignore
+    const className = typeof target === "string" ? target : target.className;
+    if (!afterDeleteHooks[className]) {
+        afterDeleteHooks[className] = [];
+        Parse.Cloud.afterDelete(className, async function afterDeleteHookFunction(request) {
+            const sessionToken = request.user?.getSessionToken();
+            const newRequest = { ...request, sessionToken };
+            for (const fn of afterDeleteHooks[className]) {
+                await fn(newRequest);
+            }
+        });
+    }
+    afterDeleteHooks[className].push(callback);
+}
+exports.afterDeleteHook = afterDeleteHook;
+async function autoloadCloudCode(path, regex = /^[a-zA-Z0-9]+(?:-[a-zA-Z0-9]+)*$/) {
+    const fns = fs_1.default
+        .readdirSync(path)
+        .filter((filename) => filename.endsWith(".js"))
+        .map((filename) => filename.replace(".js", ""))
+        .filter((name) => regex.test(name));
+    for (const name of fns) {
+        const { init } = require((0, path_1.join)(path, name));
+        await init(name).catch((e) => console.error(e));
+    }
+}
+exports.autoloadCloudCode = autoloadCloudCode;
+async function initAutoload() {
+    const path = config_1.config.get("AUTOLOAD_DIR");
+    if (path) {
+        await autoloadCloudCode((0, path_1.resolve)(process.cwd(), path));
+    }
+}
+exports.initAutoload = initAutoload;
+function getFeatureForClassName(className) {
+    const map = featuremap_json_1.default;
+    return map[className] || "unknown";
+}
+function isFeatureEnabled(feature) {
+    switch (feature) {
+        case "CORE":
+            return config_1.config.getBoolean("FEATURE_CORE");
+        case "MONITORING":
+            return config_1.config.getBoolean("FEATURE_MONITORING");
+        case "BDE":
+            return config_1.config.getBoolean("FEATURE_BDE");
+        case "GTFS":
+            return config_1.config.getBoolean("FEATURE_GTFS");
+        case "KNOWLEDGE":
+            return config_1.config.getBoolean("FEATURE_KNOWLEDGE");
+        case "MAINTENANCE":
+            return config_1.config.getBoolean("FEATURE_MAINTENANCE");
+        case "MIAAS":
+            return config_1.config.getBoolean("FEATURE_MIAAS");
+        default:
+            return false;
+    }
+}
+function isClassEnabled(className) {
+    // if (!config.getBoolean("FEATURES_ENABLED")) return true;
+    const feature = getFeatureForClassName(className);
+    const enabled = isFeatureEnabled(feature);
+    return enabled;
+}
+function validateEmailTemplate(templateDir, template) {
+    const templatePath = (0, path_1.join)(templateDir, template);
+    if (!fs_1.default.existsSync(templateDir)) {
+        return false;
+    }
+    if (!fs_1.default.existsSync(templatePath)) {
+        return false;
+    }
+    return true;
+}
+function renderEmailTemplate(type, template, data, fallback) {
+    const fullTemplate = template + "." + type;
+    return validateEmailTemplate(emailTemplateDir, fullTemplate)
+        ? nunjucks_1.default.render(fullTemplate, data)
+        : fallback;
+}