@optimiser/common 1.0.408 → 1.0.410

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/lib/utility.js +5 -1
  2. package/dist/utility/errorHandler.d.ts +1 -14
  3. package/dist/utility/errorHandler.js +53 -3
  4. package/package.json +1 -1
package/dist/lib/utility.js CHANGED
@@ -4417,7 +4417,7 @@ function GetUserProfile(msp_d, db, mdb, next) {
4417
4417
  let: { permissions: "$Permissions.ModuleID" },
4418
4418
  pipeline: [
4419
4419
  { $match: { "$expr": { "$in": ["$_id", "$$permissions"] } } },
4420
- { $project: { "_id": 1, "Objects": 1, "Pages": 1, "IsBeta": 1 } }
4420
+ { $project: { "_id": 1, "Objects": 1, "Pages": 1, "IsBeta": 1, "CheckOnlyControlPanel": 1 } }
4421
4421
  ],
4422
4422
  as: "ModuleList"
4423
4423
  }
@@ -5817,6 +5817,10 @@ function CheckAccessPermissions(permissionType, objectName, msp_d, db, mdb, next
5817
5817
  isAllowed = true;
5818
5818
  break;
5819
5819
  }
5820
+ else if (item.CheckOnlyControlPanel && item.Operations.includes('Control Panel')) {
5821
+ isAllowed = true;
5822
+ break;
5823
+ }
5820
5824
  else if (item.ModuleID == "report" && item.Operations.includes('Create-Edit')) {
5821
5825
  isAllowed = true;
5822
5826
  break;
package/dist/utility/errorHandler.d.ts CHANGED
@@ -1,5 +1,3 @@
1
- /// <reference types="qs" />
2
- /// <reference types="node" />
3
1
  import { OPT_Request } from "../modals/connection.modal";
4
2
  declare function ErrorFormatter(err: Error, req: OPT_Request, config: {
5
3
  ErrorReportFrom: string;
@@ -14,17 +12,6 @@ declare function ErrorFormatter(err: Error, req: OPT_Request, config: {
14
12
  subject: string;
15
13
  html: string;
16
14
  };
17
- errorObj: {
18
- ErrorName: string;
19
- ErrorMessage: string;
20
- ErrorStack: string | undefined;
21
- ErrorTime: Date;
22
- ReqCookies: any;
23
- ReqBody: string;
24
- ReqParams: import("express-serve-static-core").ParamsDictionary;
25
- ReqQuery: import("qs").ParsedQs;
26
- ReqHeaders: import("http").IncomingHttpHeaders;
27
- ReqUrl: string;
28
- };
15
+ errorObj: Record<string, any>;
29
16
  };
30
17
  export default ErrorFormatter;
package/dist/utility/errorHandler.js CHANGED
@@ -1,23 +1,73 @@
1
1
  "use strict";
2
+ var __assign = (this && this.__assign) || function () {
3
+ __assign = Object.assign || function(t) {
4
+ for (var s, i = 1, n = arguments.length; i < n; i++) {
5
+ s = arguments[i];
6
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
7
+ t[p] = s[p];
8
+ }
9
+ return t;
10
+ };
11
+ return __assign.apply(this, arguments);
12
+ };
2
13
  Object.defineProperty(exports, "__esModule", { value: true });
14
+ // QPC-9867: Function to sanitize and Mask sensitive cookies & Headers
15
+ function SanitizeCookies(cookies) {
16
+ var sensitiveKeys = ['token', 'dbaddress'];
17
+ var sanitizedCookies = {};
18
+ for (var key in cookies) {
19
+ if (key === 'msp_d' && typeof cookies[key] === 'object' && cookies[key] !== null) {
20
+ sanitizedCookies[key] = __assign({}, cookies[key]);
21
+ for (var innerKey in sanitizedCookies[key]) {
22
+ if (sensitiveKeys.includes(innerKey.toLowerCase())) {
23
+ sanitizedCookies[key][innerKey] = '***REDACTED***';
24
+ }
25
+ }
26
+ }
27
+ else if (sensitiveKeys.includes(key.toLowerCase())) {
28
+ // Redact sensitive outer cookies
29
+ sanitizedCookies[key] = '***REDACTED***';
30
+ }
31
+ else {
32
+ sanitizedCookies[key] = cookies[key];
33
+ }
34
+ }
35
+ return sanitizedCookies;
36
+ }
37
+ // QPC-9867
38
+ function SanitizeHeaders(headers) {
39
+ var sensitiveKeys = ['cookie'];
40
+ var sanitizedHeaders = {};
41
+ for (var key in headers) {
42
+ if (sensitiveKeys.includes(key.toLowerCase())) {
43
+ sanitizedHeaders[key] = '***REDACTED***';
44
+ }
45
+ else {
46
+ sanitizedHeaders[key] = headers[key];
47
+ }
48
+ }
49
+ return sanitizedHeaders;
50
+ }
3
51
  function ErrorFormatter(err, req, config) {
52
+ var sanitizedCookies = SanitizeCookies(req.cookies);
53
+ var sanitizedHeaders = SanitizeHeaders(req.headers);
4
54
  var errorObj = {
5
55
  'ErrorName': err.name,
6
56
  'ErrorMessage': err.message,
7
57
  'ErrorStack': err.stack,
8
58
  'ErrorTime': new Date(),
9
- 'ReqCookies': req.cookies,
59
+ 'ReqCookies': sanitizedCookies,
10
60
  'ReqBody': JSON.stringify(req.body),
11
61
  'ReqParams': req.params,
12
62
  'ReqQuery': req.query,
13
- 'ReqHeaders': req.headers,
63
+ 'ReqHeaders': sanitizedHeaders,
14
64
  'ReqUrl': req.protocol + '://' + req.get('host') + req.originalUrl
15
65
  };
16
66
  var mailObj = {
17
67
  from: { name: 'optimiser', address: config.ErrorReportFrom },
18
68
  to: config.ErrorReportTo,
19
69
  subject: 'Error Reporting',
20
- html: "\n <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n <html xmlns=\"http://www.w3.org/1999/xhtml\">\n <head>\n <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n <title>Error</title>\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"/>\n </head>\n <body style=\"margin: 0; padding: 0;\">\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\t\n <tr>\n <td style=\"padding: 10px 0 30px 0;\">\n <table align=\"center\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"600\" style=\"border: 1px solid #cccccc; border-collapse: collapse;\">\n <tr>\n <td align=\"center\" bgcolor=\"#70bbd9\" style=\"padding: 40px 0 30px 0; color: #153643; font-size: 18px; font-weight: bold; font-family: Arial, sans-serif;\">\n There is an error in OPTIMISER. Please inform the developers \n </td>\n </tr>\n <tr>\n <td bgcolor=\"#ffffff\" style=\"padding: 40px 30px 40px 30px;\">\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n \n <tr>\n <td style=\"padding: 20px 0 30px 0; color: #153643; font-family: Arial, sans-serif; font-size: 16px; line-height: 20px;\">\n <pre> ".concat(JSON.stringify(errorObj, null, 2), " </pre>\n </td>\n </tr>\n \n </table>\n </td>\n </tr>\n <tr>\n <td bgcolor=\"#007EE3\" style=\"padding: 30px 30px 30px 30px;\">\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n <tr>\n \n <td align=\"right\" width=\"25%\">\n <strong>TEAM OPTIMISER</string>\n </td>\n </tr>\n </table>\n </td>\n </tr>\n </table>\n </td>\n </tr>\n </table>\n </body>\n </html>\n ")
70
+ html: "\n <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n <html xmlns=\"http://www.w3.org/1999/xhtml\">\n <head>\n <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n <title>Error</title>\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"/>\n </head>\n <body style=\"margin: 0; padding: 0;\">\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\t\n <tr>\n <td style=\"padding: 10px 0 30px 0;\">\n <table align=\"center\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"600\" style=\"border: 1px solid #cccccc; border-collapse: collapse;\">\n <tr>\n <td align=\"center\" bgcolor=\"#70bbd9\" style=\"padding: 40px 0 30px 0; color: #153643; font-size: 18px; font-weight: bold; font-family: Arial, sans-serif;\">\n There is an error in OPTIMISER. Please inform the developers \n </td>\n </tr>\n <tr>\n <td bgcolor=\"#ffffff\" style=\"padding: 40px 30px 40px 30px;\">\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n \n <tr>\n <td style=\"padding: 20px 0 30px 0; color: #153643; font-family: Arial, sans-serif; font-size: 16px; line-height: 20px;\">\n <pre> ".concat(JSON.stringify(errorObj, null, 2), " </pre>\n </td>\n </tr>\n \n </table>\n </td>\n </tr>\n <tr>\n <td bgcolor=\"#007EE3\" style=\"padding: 30px 30px 30px 30px;\">\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n <tr>\n \n <td align=\"right\" width=\"25%\">\n <strong>TEAM OPTIMISER</strong>\n </td>\n </tr>\n </table>\n </td>\n </tr>\n </table>\n </td>\n </tr>\n </table>\n </body>\n </html>\n ")
21
71
  };
22
72
  return { mailObj: mailObj, errorObj: errorObj };
23
73
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@optimiser/common",
3
- "version": "1.0.408",
3
+ "version": "1.0.410",
4
4
  "description": "",
5
5
  "main": "dist/index.js",
6
6
  "scripts": {