@raclettejs/core 0.1.35 → 0.1.36-canary.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. package/CHANGELOG.md +24 -1
  2. package/dist/cli.js +86 -82
  3. package/dist/cli.js.map +3 -3
  4. package/package.json +5 -5
  5. package/services/.dockerignore +2 -0
  6. package/services/backend/.dockerignore +3 -1
  7. package/services/backend/src/core/payload/payloadTypes.ts +1 -0
  8. package/services/backend/src/core/pluginSystem/configGenerator/index.ts +12 -11
  9. package/services/backend/src/core/pluginSystem/pluginFastifyInstance.ts +28 -3
  10. package/services/backend/src/core/pluginSystem/pluginLoader.ts +11 -2
  11. package/services/backend/src/core/pluginSystem/pluginTypes.ts +39 -1
  12. package/services/backend/src/core/sockets/createSystemEventHandlers.ts +4 -4
  13. package/services/backend/src/core/sockets/socketManager.ts +80 -32
  14. package/services/backend/src/core/sockets/socketTypes.ts +6 -0
  15. package/services/backend/src/core/validation/schemaGenerator.ts +10 -3
  16. package/services/backend/src/corePlugins/raclette__core/backend/datatypes/project/project.service.ts +1 -1
  17. package/services/backend/src/corePlugins/raclette__core/backend/index.ts +0 -2
  18. package/services/backend/src/modules/authentication/index.ts +15 -23
  19. package/services/backend/src/shared/helper/adminTag.ts +34 -0
  20. package/services/backend/src/shared/types/plugins/index.ts +1 -9
  21. package/services/backend/src/utils/request.utils.ts +1 -1
  22. package/services/frontend/.dockerignore +3 -1
  23. package/services/frontend/src/core/lib/data/dataApi.ts +27 -16
  24. package/services/frontend/src/core/lib/data/queryApi.ts +17 -8
  25. package/services/frontend/src/core/lib/data/responseTypeHandler.ts +17 -8
  26. package/services/frontend/src/core/lib/data/writeDataHandler.ts +3 -1
  27. package/services/frontend/src/core/lib/dataHelper.ts +51 -12
  28. package/services/frontend/src/core/lib/eventWhitelist.ts +2 -0
  29. package/services/frontend/src/core/lib/httpClient.ts +16 -2
  30. package/services/frontend/src/core/lib/userNotifier.ts +20 -0
  31. package/services/frontend/src/core/lib/workSessionUrl.ts +16 -0
  32. package/services/frontend/src/core/main.ts +82 -15
  33. package/services/frontend/src/core/setup/socketBootstrap.ts +83 -0
  34. package/services/frontend/src/core/setup/socketClient.ts +39 -39
  35. package/services/frontend/src/core/setup/socketEvents.ts +152 -158
  36. package/services/frontend/src/core/setup/socketRegistry.ts +19 -0
  37. package/services/frontend/src/core/types/DataApi.ts +10 -2
  38. package/services/frontend/src/core/types/PluginRegistrar.ts +1 -1
  39. package/services/frontend/src/orchestrator/ProductOrchestrator.vue +14 -0
  40. package/services/frontend/src/orchestrator/assets/styles/layers.css +4 -1
  41. package/services/frontend/src/orchestrator/components/dataTable/BaseDataTable.vue +267 -35
  42. package/services/frontend/src/orchestrator/components/menu/ServerStatus.vue +11 -2
  43. package/services/frontend/src/orchestrator/composables/useVueQueryObservableHelper.ts +12 -7
  44. package/services/frontend/src/orchestrator/composables/useVueWriteOperationHelper.ts +12 -6
  45. package/services/frontend/src/orchestrator/i18n/de-DE.json +1 -0
  46. package/services/frontend/src/orchestrator/i18n/en-EU.json +1 -0
  47. package/services/frontend/src/orchestrator/i18n/sk.json +1 -0
  48. package/services/frontend/src/orchestrator/i18n/tl-TL.json +1 -0
  49. package/services/frontend/src/orchestrator/index.ts +7 -24
  50. package/services/frontend/src/orchestrator/lib/queryParamsSource.ts +48 -0
  51. package/services/frontend/src/orchestrator/main.ts +2 -2
  52. package/services/frontend/src/orchestrator/router/index.ts +0 -19
  53. package/services/frontend/src/orchestrator/router/registerEventHandlers.ts +29 -0
  54. package/services/frontend/src/orchestrator/router/routeStore.ts +92 -17
  55. package/services/frontend/src/orchestrator/router/routes.ts +5 -0
  56. package/services/frontend/src/orchestrator/setup/application.ts +11 -2
  57. package/services/frontend/src/orchestrator/types/DataApi.ts +19 -0
  58. package/services/frontend/src/orchestrator/types/PluginApi.ts +4 -7
  59. package/services/frontend/src/orchestrator/types/Widgets.ts +2 -0
  60. package/services/frontend/src/orchestrator/types/index.ts +1 -0
  61. package/templates/fs.yml +1 -1
  62. package/package/dist/index.js +0 -452
  63. package/services/backend/.yarn/install-state.gz +0 -0
  64. package/services/backend/dist/core/eventBus/index.js +0 -7
  65. package/services/backend/dist/core/pluginSystem/configGenerator/index.js +0 -346
  66. package/services/backend/dist/core/sockets/index.js +0 -95
  67. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/account/events/index.js +0 -31
  68. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/account/index.js +0 -48
  69. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/account/routes/index.js +0 -15
  70. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/composition/events/index.js +0 -22
  71. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/composition/index.js +0 -51
  72. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/composition/routes/index.js +0 -19
  73. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/interactionLink/events/index.js +0 -22
  74. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/interactionLink/index.js +0 -48
  75. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/interactionLink/routes/index.js +0 -19
  76. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/project/events/index.js +0 -31
  77. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/project/index.js +0 -49
  78. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/project/routes/index.js +0 -16
  79. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/tag/events/index.js +0 -39
  80. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/tag/index.js +0 -50
  81. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/tag/routes/index.js +0 -19
  82. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/user/events/index.js +0 -31
  83. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/user/index.js +0 -51
  84. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/user/routes/index.js +0 -21
  85. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/workSession/events/index.js +0 -31
  86. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/workSession/index.js +0 -48
  87. package/services/backend/dist/corePlugins/raclette__core/backend/datatypes/workSession/routes/index.js +0 -15
  88. package/services/backend/dist/corePlugins/raclette__core/backend/index.js +0 -34
  89. package/services/backend/dist/domains/index.js +0 -11
  90. package/services/backend/dist/domains/system/index.js +0 -11
  91. package/services/backend/dist/domains/system/routes/index.js +0 -17
  92. package/services/backend/dist/helpers/index.js +0 -14
  93. package/services/backend/dist/index.js +0 -3
  94. package/services/backend/dist/modules/authentication/index.js +0 -253
  95. package/services/backend/dist/shared/types/core/index.js +0 -8
  96. package/services/backend/dist/shared/types/dataTypes/index.js +0 -6
  97. package/services/backend/dist/shared/types/index.js +0 -8
  98. package/services/backend/dist/shared/types/plugins/index.js +0 -8
  99. package/services/backend/dist/types/index.js +0 -12
  100. package/services/backend/dist/utils/index.js +0 -2
  101. package/services/frontend/.yarn/install-state.gz +0 -0
@@ -1,253 +0,0 @@
1
- import jwt from "@fastify/jwt";
2
- import fastifyPlugin from "fastify-plugin";
3
- import configService from "@c/config/configService";
4
- import { ForbiddenError } from "@/utils/errors";
5
- const WORK_SESSION_COLLECTION = "raclette__core-worksession";
6
- const WORK_SESSION_HEADER = "x-work-session-id";
7
- /**
8
- * Middleware: allow either authenticated user (JWT) or valid work session (X-Work-Session-Id).
9
- * When using this, the route states that it handles permission checks itself (e.g. compare req.workSession with query).
10
- * - If JWT present and valid: sets req.user (normal auth).
11
- * - If no/invalid JWT but X-Work-Session-Id present: loads work session, validates (active, not expired),
12
- * optionally checks that workSession.pluginData includes the given pluginKey, then sets req.workSession and req.isWorkSession.
13
- */
14
- export const authenticatedOrWorksession = async (req, res, fastify, pluginKey) => {
15
- fastify.log.debug(`[Auth] authenticatedOrWorksession: ${pluginKey} ${req.method} ${req.url}`);
16
- const { requireAuthentication } = configService.getConfig()?.global ?? {
17
- requireAuthentication: true,
18
- };
19
- const isAdminTagRequired = configService.isAdminTagRequired();
20
- if (!requireAuthentication) {
21
- const mockUser = { _id: "SYSTEM" };
22
- req.user = mockUser;
23
- return;
24
- }
25
- // 1) Try JWT first
26
- try {
27
- await req.jwtVerify();
28
- const payload = req.user;
29
- fastify.log.debug(`[Auth] JWT verified, payload type: ${payload.type || "user"}, sessionId: ${payload.sessionId || "none"}, _id: ${payload._id || "none"}`);
30
- if (payload.type === "workSession" && payload.sessionId) {
31
- fastify.log.info(`[Auth] Work session JWT detected, sessionId: ${payload.sessionId}, pluginKey: ${pluginKey}`);
32
- // Work session JWT: load session and validate
33
- const workSession = await loadAndValidateWorkSession(fastify, payload.sessionId, pluginKey);
34
- if (!workSession) {
35
- fastify.log.warn(`[Auth] Work session validation failed for sessionId: ${payload.sessionId}`);
36
- return res
37
- .status(401)
38
- .send({ message: "Invalid or expired work session" });
39
- }
40
- fastify.log.info(`[Auth] Work session authenticated: sessionId=${payload.sessionId}, pluginKey=${pluginKey}`);
41
- req.workSession = workSession;
42
- req.isWorkSession = true;
43
- // Set projectId from workSession.project if available
44
- if (workSession.project) {
45
- req.projectId = workSession.project;
46
- fastify.log.debug(`[Auth] Work session projectId: ${req.projectId}`);
47
- }
48
- return;
49
- }
50
- // Normal user JWT: fetch user and set req.user
51
- fastify.log.debug(`[Auth] Normal user JWT, fetching user: ${req.user?._id}`);
52
- const { _id } = req.user;
53
- const adminTag = await fastify.database
54
- .collection("raclette__core-tag")
55
- .findOne({ title: "ADMIN", locked: true, type: "system" });
56
- let isAdmin = false;
57
- const user = await fastify.database
58
- .collection("raclette__core-user")
59
- .findOne({ _id }, { projection: { password: 0, resetKey: 0 } });
60
- if (user && user.tags && adminTag) {
61
- user.tags.forEach((tag) => {
62
- if (adminTag._id === tag)
63
- isAdmin = true;
64
- });
65
- }
66
- if (isAdminTagRequired && !isAdmin) {
67
- fastify.log.error("User not allowed in workbench");
68
- return res.status(403).send({ message: "User not allowed in workbench" });
69
- }
70
- if (isAdmin)
71
- user.isAdmin = true;
72
- if (!user) {
73
- fastify.log.error("User not found");
74
- return res.status(401).send({ message: "User not found" });
75
- }
76
- const account = await fastify.database
77
- .collection("raclette__core-account")
78
- .findOne({ _id: user.account });
79
- user.account = account;
80
- req.user = user;
81
- // Set projectId from user's lastProjectId (for requestData.project in payload wrappers)
82
- if (user.ux?.lastProjectId) {
83
- req.projectId = user.ux.lastProjectId;
84
- fastify.log.debug(`[Auth] User projectId: ${req.projectId}`);
85
- }
86
- return;
87
- }
88
- catch (error) {
89
- // JWT missing or invalid: try work session via header
90
- fastify.log.debug(`[Auth] JWT verification failed: ${error.message}, trying work session header`);
91
- }
92
- // 2) Try X-Work-Session-Id header
93
- const sessionId = req.headers[WORK_SESSION_HEADER];
94
- if (sessionId) {
95
- const workSession = await loadAndValidateWorkSession(fastify, sessionId, pluginKey);
96
- if (workSession) {
97
- req.workSession = workSession;
98
- req.isWorkSession = true;
99
- // Set projectId from workSession.project if available
100
- // workaround for how projects/spaces are currently handled - tbd
101
- if (workSession.project) {
102
- req.projectId = workSession.project;
103
- }
104
- return;
105
- }
106
- else {
107
- fastify.log.warn(`[Auth] Work session validation failed for header sessionId: ${sessionId}`);
108
- }
109
- }
110
- return res.status(401).send({ message: "Authentication required" });
111
- };
112
- async function loadAndValidateWorkSession(fastify, sessionId, pluginKey) {
113
- fastify.log.debug(`[WorkSession Auth] Loading and validating work session: sessionId=${sessionId}, pluginKey=${pluginKey}`);
114
- if (!sessionId || typeof sessionId !== "string") {
115
- fastify.log.warn(`[WorkSession Auth] Invalid sessionId: ${sessionId}`);
116
- return null;
117
- }
118
- fastify.log.debug(`[WorkSession Auth] Querying database for work session`);
119
- const doc = await fastify.database
120
- .collection(WORK_SESSION_COLLECTION)
121
- .findOne({ _id: sessionId });
122
- if (!doc) {
123
- fastify.log.warn(`[WorkSession Auth] Work session not found: ${sessionId}`);
124
- return null;
125
- }
126
- if (!doc.isActive) {
127
- fastify.log.warn(`[WorkSession Auth] Work session is not active: ${sessionId}`);
128
- return null;
129
- }
130
- const expiry = doc.expiryDate ? new Date(doc.expiryDate) : null;
131
- if (expiry && expiry.getTime() < Date.now()) {
132
- fastify.log.warn(`[WorkSession Auth] Work session expired: ${sessionId}, expiryDate: ${expiry.toISOString()}`);
133
- return null;
134
- }
135
- // Check that this plugin is part of the work session (pluginData keys are "pluginKey:widgetName")
136
- const pluginData = doc.pluginData || {};
137
- const pluginKeys = Object.keys(pluginData);
138
- const hasPlugin = pluginKeys.some((k) => k.startsWith(pluginKey + ":")) ||
139
- Object.prototype.hasOwnProperty.call(pluginData, pluginKey);
140
- if (!hasPlugin) {
141
- fastify.log.warn(`[WorkSession Auth] Plugin ${pluginKey} not found in work session pluginData: ${pluginKeys.join(", ")}`);
142
- return null;
143
- }
144
- fastify.log.info(`[WorkSession Auth] Work session validated successfully: sessionId=${sessionId}, pluginKey=${pluginKey}`);
145
- return doc;
146
- }
147
- export const authenticate = async (req, res, fastify) => {
148
- {
149
- const { requireAuthentication } = configService.getConfig()?.global ?? {
150
- requireAuthentication: true,
151
- };
152
- const isAdminTagRequired = configService.isAdminTagRequired();
153
- // Skip JWT verification and database queries, if global.requireAuthentication is configured to false
154
- if (!requireAuthentication) {
155
- const mockUser = {
156
- _id: "SYSTEM",
157
- };
158
- req.user = mockUser;
159
- return;
160
- }
161
- try {
162
- await req.jwtVerify();
163
- const payload = req.user;
164
- if (payload.type === "workSession") {
165
- return res
166
- .status(401)
167
- .send({ message: "Work session token not allowed on this route" });
168
- }
169
- // fetch current user data from the db
170
- const { _id } = req.user;
171
- const adminTag = await fastify.database
172
- .collection("raclette__core-tag")
173
- .findOne({ title: "ADMIN", locked: true, type: "system" });
174
- // IMPORTANT
175
- // due to some very weird behaviour, mongoose always returns empty results
176
- // so we are using mongodb directly until we fix this
177
- let isAdmin = false;
178
- const user = await fastify.database
179
- .collection("raclette__core-user")
180
- .findOne({ _id }, { projection: { password: 0, resetKey: 0 } });
181
- if (user && user.tags && adminTag) {
182
- user.tags.forEach((tag) => {
183
- if (adminTag._id === tag) {
184
- isAdmin = true;
185
- }
186
- });
187
- }
188
- if (isAdminTagRequired && !isAdmin) {
189
- fastify.log.error("User not allowed in workbench");
190
- throw new Error("User not allowed in workbench");
191
- }
192
- if (isAdmin) {
193
- user.isAdmin = true;
194
- }
195
- if (!user) {
196
- fastify.log.error("User not found");
197
- throw new Error("User not found");
198
- }
199
- const account = await fastify.database
200
- .collection("raclette__core-account")
201
- .findOne({ _id: user.account });
202
- user.account = account;
203
- req.user = user;
204
- }
205
- catch (error) {
206
- return res.send(error);
207
- }
208
- }
209
- };
210
- export const checkPermissions = async (req, res, fastify, permissions) => {
211
- {
212
- try {
213
- if (!permissions.length) {
214
- fastify.log.error("No permissions given for permission check");
215
- throw new Error("No Permissions");
216
- }
217
- // TODO implement proper Permission lookup here
218
- permissions.forEach((permissionStr) => {
219
- if (permissionStr === "user.isAdmin") {
220
- if (!req.user.isAdmin) {
221
- throw new ForbiddenError("User not permitted to action");
222
- }
223
- }
224
- });
225
- }
226
- catch (error) {
227
- fastify.log.error(error.message);
228
- return res.send(error.message);
229
- }
230
- }
231
- };
232
- export default fastifyPlugin(async (fastify, opts = {}) => {
233
- // provide some sensible options
234
- const defaults = {
235
- secret: false,
236
- decode: { complete: true },
237
- sign: {
238
- iss: "api.raclettejs.info",
239
- expiresIn: "30d",
240
- },
241
- verify: { allowedIss: "api.raclettejs.info" },
242
- };
243
- // merge proved opts with defaults
244
- const mergedOptions = { ...defaults, ...opts };
245
- /* register the plugin */
246
- fastify.register(jwt, mergedOptions);
247
- // decorate the fastify instance, so we can call it anywhere
248
- fastify.decorate("authenticate", (req, res) => {
249
- return authenticate(req, res, fastify);
250
- });
251
- fastify.decorate("authenticatedOrWorksession", (pluginKey) => (req, res) => authenticatedOrWorksession(req, res, fastify, pluginKey));
252
- fastify.decorate("checkPermissions", (permissionsArr) => (req, res) => checkPermissions(req, res, fastify, permissionsArr));
253
- });
@@ -1,8 +0,0 @@
1
- /**
2
- * ⚠️ WARNING: THIS FILE IS AUTO-GENERATED ⚠️
3
- *
4
- * This file is generated by the type generation system.
5
- * Any manual changes will be overwritten on next server start and should always be committed.
6
- *
7
- */
8
- export {};
@@ -1,6 +0,0 @@
1
- export * from "./tags";
2
- // TODO make the mongoDataTypes dynamic
3
- export const systemDataTypes = ["account", "projectConfig", "userConfig"];
4
- export const userContents = ["tag", "user", "project"];
5
- export const mongoDataTypes = systemDataTypes.concat(userContents);
6
- export const syncableDatatypes = ["tag", "user", "searchResult"];
@@ -1,8 +0,0 @@
1
- /**
2
- * ⚠️ WARNING: THIS FILE IS AUTO-GENERATED ⚠️
3
- *
4
- * This file is generated by the type generation system.
5
- * Any manual changes will be overwritten on next server start and should always be committed.
6
- *
7
- */
8
- export {};
@@ -1,8 +0,0 @@
1
- /**
2
- * ⚠️ WARNING: THIS FILE IS AUTO-GENERATED ⚠️
3
- *
4
- * This file is generated by the type generation system.
5
- * Any manual changes will be overwritten on next server start and should always be committed.
6
- *
7
- */
8
- export {};
@@ -1,12 +0,0 @@
1
- export * from "../core/backgroundTasks/taskManagerTypes";
2
- export * from "../core/config/configTypes";
3
- export * from "../core/crud/crudTypes";
4
- export * from "../core/http/httpTypes";
5
- export * from "../core/http/httpTypes";
6
- export * from "../core/payload/payloadTypes";
7
- export * from "../core/pluginSystem/pluginTypes";
8
- export * from "../core/sockets/socketTypes";
9
- export * from "../core/validation/schemaTypes";
10
- export * from "../modules/cache/cacheTypes";
11
- export * from "../core/validation/schemaTypes";
12
- export * from "../core/pluginSystem/configGenerator/generatorTypes";
@@ -1,2 +0,0 @@
1
- export * from "./errors";
2
- export * from "./request.utils";