npm - @saltcorn/data - Versions diffs - 0.8.2 → 0.8.3-alpha.1 - Mend

@saltcorn/data 0.8.2 → 0.8.3-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (112) hide show

package/dist/base-plugin/actions.d.ts.map +1 -1
package/dist/base-plugin/actions.js +5 -3
package/dist/base-plugin/actions.js.map +1 -1
package/dist/base-plugin/index.d.ts +115 -122
package/dist/base-plugin/index.d.ts.map +1 -1
package/dist/base-plugin/types.d.ts.map +1 -1
package/dist/base-plugin/types.js +11 -3
package/dist/base-plugin/types.js.map +1 -1
package/dist/base-plugin/viewtemplates/edit.d.ts.map +1 -1
package/dist/base-plugin/viewtemplates/edit.js +24 -7
package/dist/base-plugin/viewtemplates/edit.js.map +1 -1
package/dist/base-plugin/viewtemplates/feed.d.ts +1 -1
package/dist/base-plugin/viewtemplates/feed.d.ts.map +1 -1
package/dist/base-plugin/viewtemplates/feed.js +16 -1
package/dist/base-plugin/viewtemplates/feed.js.map +1 -1
package/dist/base-plugin/viewtemplates/list.d.ts.map +1 -1
package/dist/base-plugin/viewtemplates/list.js +5 -15
package/dist/base-plugin/viewtemplates/list.js.map +1 -1
package/dist/base-plugin/viewtemplates/listshowlist.d.ts.map +1 -1
package/dist/base-plugin/viewtemplates/listshowlist.js +5 -1
package/dist/base-plugin/viewtemplates/listshowlist.js.map +1 -1
package/dist/base-plugin/viewtemplates/room.d.ts +1 -1
package/dist/base-plugin/viewtemplates/room.js +2 -2
package/dist/base-plugin/viewtemplates/room.js.map +1 -1
package/dist/base-plugin/viewtemplates/show.d.ts +0 -7
package/dist/base-plugin/viewtemplates/show.d.ts.map +1 -1
package/dist/base-plugin/viewtemplates/show.js +35 -32
package/dist/base-plugin/viewtemplates/show.js.map +1 -1
package/dist/base-plugin/viewtemplates/viewable_fields.js +1 -1
package/dist/base-plugin/viewtemplates/viewable_fields.js.map +1 -1
package/dist/db/fixtures.d.ts.map +1 -1
package/dist/db/fixtures.js +167 -0
package/dist/db/fixtures.js.map +1 -1
package/dist/db/state.js +1 -1
package/dist/db/state.js.map +1 -1
package/dist/diagram/cy_generate_utils.d.ts.map +1 -1
package/dist/diagram/cy_generate_utils.js +6 -0
package/dist/diagram/cy_generate_utils.js.map +1 -1
package/dist/diagram/node_extract_utils.js +14 -5
package/dist/diagram/node_extract_utils.js.map +1 -1
package/dist/diagram/nodes/node.d.ts +2 -2
package/dist/diagram/nodes/node.d.ts.map +1 -1
package/dist/diagram/nodes/node.js +2 -2
package/dist/diagram/nodes/node.js.map +1 -1
package/dist/diagram/nodes/trigger_node.d.ts +1 -3
package/dist/diagram/nodes/trigger_node.d.ts.map +1 -1
package/dist/diagram/nodes/trigger_node.js +3 -3
package/dist/diagram/nodes/trigger_node.js.map +1 -1
package/dist/migrations/202301261705.d.ts +3 -0
package/dist/migrations/202301261705.d.ts.map +1 -0
package/dist/migrations/202301261705.js +5 -0
package/dist/migrations/202301261705.js.map +1 -0
package/dist/models/config.d.ts.map +1 -1
package/dist/models/config.js +1 -0
package/dist/models/config.js.map +1 -1
package/dist/models/email.d.ts +2 -0
package/dist/models/email.d.ts.map +1 -1
package/dist/models/eventlog.d.ts.map +1 -1
package/dist/models/eventlog.js +7 -2
package/dist/models/eventlog.js.map +1 -1
package/dist/models/expression.d.ts +2 -1
package/dist/models/expression.d.ts.map +1 -1
package/dist/models/expression.js +42 -0
package/dist/models/expression.js.map +1 -1
package/dist/models/field.d.ts.map +1 -1
package/dist/models/field.js +15 -3
package/dist/models/field.js.map +1 -1
package/dist/models/random.d.ts.map +1 -1
package/dist/models/random.js +5 -4
package/dist/models/random.js.map +1 -1
package/dist/models/table.d.ts +40 -8
package/dist/models/table.d.ts.map +1 -1
package/dist/models/table.js +351 -46
package/dist/models/table.js.map +1 -1
package/dist/models/user.d.ts.map +1 -1
package/dist/models/user.js +5 -0
package/dist/models/user.js.map +1 -1
package/dist/models/workflow.d.ts.map +1 -1
package/dist/models/workflow.js +31 -0
package/dist/models/workflow.js.map +1 -1
package/dist/plugin-helper.d.ts +12 -8
package/dist/plugin-helper.d.ts.map +1 -1
package/dist/plugin-helper.js +45 -47
package/dist/plugin-helper.js.map +1 -1
package/dist/tests/actions.test.js +2 -2
package/dist/tests/actions.test.js.map +1 -1
package/dist/tests/auth.test.js +193 -46
package/dist/tests/auth.test.js.map +1 -1
package/dist/tests/calc.test.js +2 -2
package/dist/tests/calc.test.js.map +1 -1
package/dist/tests/db.test.d.ts.map +1 -1
package/dist/tests/db.test.js.map +1 -1
package/dist/tests/exact_views.test.js +1 -1
package/dist/tests/exact_views.test.js.map +1 -1
package/dist/tests/field.test.js +3 -1
package/dist/tests/field.test.js.map +1 -1
package/dist/tests/mocks.d.ts +6 -1
package/dist/tests/mocks.d.ts.map +1 -1
package/dist/tests/mocks.js +23 -4
package/dist/tests/mocks.js.map +1 -1
package/dist/tests/remote_query_helper.d.ts.map +1 -1
package/dist/tests/remote_query_helper.js +3 -0
package/dist/tests/remote_query_helper.js.map +1 -1
package/dist/tests/table.test.js +36 -9
package/dist/tests/table.test.js.map +1 -1
package/dist/tests/user.test.js +8 -0
package/dist/tests/user.test.js.map +1 -1
package/dist/tests/view.test.js +1 -1
package/dist/tests/view.test.js.map +1 -1
package/dist/utils.d.ts +1 -1
package/dist/utils.js.map +1 -1
package/package.json +10 -10

package/dist/models/table.js CHANGED Viewed

@@ -37,7 +37,7 @@ const field_1 = __importDefault(require("./field"));
 const common_types_1 = require("@saltcorn/types/common_types");
 const trigger_1 = __importDefault(require("./trigger"));
 const expression_1 = __importDefault(require("./expression"));
-const { apply_calculated_fields, apply_calculated_fields_stored, recalculate_for_stored, get_expression_function, freeVariables, } = expression_1.default;
+const { apply_calculated_fields, apply_calculated_fields_stored, recalculate_for_stored, get_expression_function, freeVariables, add_free_variables_to_joinfields, } = expression_1.default;
 const csvtojson_1 = __importDefault(require("csvtojson"));
 const moment_1 = __importDefault(require("moment"));
 const fs_1 = require("fs");
@@ -45,9 +45,7 @@ const promises_1 = require("fs/promises");
 const utils_1 = __importDefault(require("../utils"));
 //import { num_between } from "@saltcorn/types/generators";
 //import { devNull } from "os";
-const { prefixFieldsInWhere } = utils_1.default;
-const { InvalidConfiguration, InvalidAdminAction, satisfies, structuredClone, getLines, } = require("../utils");
-//import type Tag from "../models/tag";
+const { prefixFieldsInWhere, InvalidConfiguration, InvalidAdminAction, satisfies, structuredClone, getLines, mergeIntoWhere, } = utils_1.default;
 /**
  * Transponce Objects
  * TODO more detailed explanation
@@ -114,8 +112,11 @@ class Table {
         this.is_user_group = !!o.is_user_group;
         this.external = false;
         this.description = o.description;
-        if (o.fields)
-            this.fields = o.fields.map((f) => new field_1.default(f));
+        if (!o.fields) {
+            console.trace("missing fields", o);
+            throw new Error("missing fields");
+        }
+        this.fields = o.fields.map((f) => new field_1.default(f));
     }
     /**
      *
@@ -160,7 +161,13 @@ class Table {
             return getState().tables.map((t) => new Table(t));
         }
         const tbls = await db_1.default.select("_sc_tables", where, selectopts);
-        return tbls.map((t) => new Table(t));
+        const flds = await db_1.default.select("_sc_fields", db_1.default.isSQLite ? {} : { table_id: { in: tbls.map((t) => t.id) } }, selectopts);
+        return tbls.map((t) => {
+            t.fields = flds
+                .filter((f) => f.table_id === t.id)
+                .map((f) => new field_1.default(f));
+            return new Table(t);
+        });
     }
     /**
      * Find Tables including external tables
@@ -179,7 +186,15 @@ class Table {
         if (external !== true) {
             //do include db tables
             const tbls = await db_1.default.select("_sc_tables", where, selectopts);
-            dbs = tbls.map((t) => new Table(t));
+            const flds = await db_1.default.select("_sc_fields", db_1.default.isSQLite
+                ? {}
+                : { table_id: { in: tbls.map((t) => t.id) } }, selectopts);
+            dbs = tbls.map((t) => {
+                t.fields = flds
+                    .filter((f) => f.table_id === t.id)
+                    .map((f) => new field_1.default(f));
+                return new Table(t);
+            });
         }
         return [...dbs, ...externals];
     }
@@ -242,7 +257,7 @@ class Table {
                     if (ofield)
                         opts.push({
                             label: `Inherit ${field.label}`,
-                            value: `Fml:${field.name}.${ofield.name}===user.id`,
+                            value: `Fml:${field.name}?.${ofield.name}===user.id`,
                         });
                 }
                 if (refTable?.ownership_formula) {
@@ -256,7 +271,7 @@ class Table {
                         if (fldNms.has(path[0])) {
                             opts.push({
                                 label: `Inherit ${field.label}`,
-                                value: `Fml:${field.name}.${refFml}`,
+                                value: `Fml:${field.name}?.${refFml}`,
                             });
                         }
                     }
@@ -271,7 +286,7 @@ class Table {
                             });
                         }
                         else {
-                            const fml = refFml.replace(`.includes(${ref})`, `.includes(${field.name}.${ref})`);
+                            const fml = refFml.replace(`.includes(${ref})`, `.includes(${field.name}?.${ref})`);
                             opts.push({
                                 label: `Inherit ${field.label}`,
                                 value: `Fml:${fml}`,
@@ -333,15 +348,32 @@ class Table {
             ownership_formula: options.ownership_formula,
             description: options.description || "",
         };
+        let pk_fld_id;
         if (!id) {
             // insert table definition into _sc_tables
             id = await db_1.default.insert("_sc_tables", tblrow);
             // add primary key column ID
-            await db_1.default.query(`insert into ${schema}_sc_fields(table_id, name, label, type, attributes, required, is_unique,primary_key)
-            values($1,'id','ID','Integer', '{}', true, true, true)`, [id]);
+            const insfldres = await db_1.default.query(`insert into ${schema}_sc_fields(table_id, name, label, type, attributes, required, is_unique,primary_key)
+            values($1,'id','ID','Integer', '{}', true, true, true) returning id`, [id]);
+            pk_fld_id = insfldres.rows[0].id;
         }
         // create table
-        const table = new Table({ ...tblrow, id });
+        const table = new Table({
+            ...tblrow,
+            id,
+            fields: [
+                new field_1.default({
+                    type: "Integer",
+                    name: "id",
+                    label: "ID",
+                    primary_key: true,
+                    required: true,
+                    is_unique: true,
+                    table_id: id,
+                    id: pk_fld_id,
+                }),
+            ],
+        });
         // create table history
         if (table.versioned)
             await table.create_history_table();
@@ -398,20 +430,51 @@ class Table {
             pk.type.name === "Integer")
             await db_1.default.reset_sequence(this.name);
     }
+    updateWhereWithOwnership(where, fields, user) {
+        const role = user?.role_id;
+        if (role &&
+            role > this.min_role_write &&
+            ((!this.ownership_field_id && !this.ownership_formula) || role === 10))
+            return { notAuthorized: true };
+        if (user &&
+            role < 10 &&
+            role > this.min_role_write &&
+            this.ownership_field_id) {
+            const owner_field = fields.find((f) => f.id === this.ownership_field_id);
+            if (!owner_field)
+                throw new Error(`Owner field in table ${this.name} not found`);
+            mergeIntoWhere(where, {
+                [owner_field.name]: user.id,
+            });
+        }
+    }
     /**
      * Delete rows from table
      * @param where - condition
      * @returns {Promise<void>}
      */
-    async deleteRows(where) {
+    async deleteRows(where, user) {
         // get triggers on delete
         const triggers = await trigger_1.default.getTableTriggers("Delete", this);
         const fields = await this.getFields();
+        if (this.updateWhereWithOwnership(where, fields, user)?.notAuthorized) {
+            return;
+        }
+        let rows;
+        if (user && user.role_id > this.min_role_write && this.ownership_formula) {
+            rows = await this.getJoinedRows({
+                where,
+                forUser: user,
+            });
+        }
         const deleteFileFields = fields.filter((f) => f.type === "File" && f.attributes?.also_delete_file);
         const deleteFiles = [];
         if (triggers.length > 0 || deleteFileFields.length > 0) {
             const File = require("./file");
-            const rows = await this.getRows(where);
+            if (!rows)
+                rows = await this.getJoinedRows({
+                    where,
+                });
             for (const trigger of triggers) {
                 for (const row of rows) {
                     // run triggers on delete
@@ -427,7 +490,12 @@ class Table {
                 }
             }
         }
-        await db_1.default.deleteWhere(this.name, where);
+        if (rows)
+            await db_1.default.deleteWhere(this.name, {
+                [this.pk_name]: { in: rows.map((r) => r[this.pk_name]) },
+            });
+        else
+            await db_1.default.deleteWhere(this.name, where);
         await this.resetSequence();
         for (const file of deleteFiles) {
             await file.delete();
@@ -454,10 +522,30 @@ class Table {
      * @returns {Promise<null|*>}
      */
     async getRow(where = {}, selopts = {}) {
-        await this.getFields();
-        const row = await db_1.default.selectMaybeOne(this.name, where, selopts);
+        const fields = await this.getFields();
+        const { forUser, forPublic, ...selopts1 } = selopts;
+        const role = forUser ? forUser.role_id : forPublic ? 10 : null;
+        const row = await db_1.default.selectMaybeOne(this.name, where, selopts1);
         if (!row || !this.fields)
             return null;
+        if (role && role > this.min_role_read) {
+            //check ownership
+            if (forPublic)
+                return null;
+            else if (this.ownership_field_id) {
+                const owner_field = fields.find((f) => f.id === this.ownership_field_id);
+                if (!owner_field)
+                    throw new Error(`Owner field in table ${this.name} not found`);
+                if (row[owner_field.name] !== forUser.id)
+                    return null;
+            }
+            else if (this.ownership_formula) {
+                if (!this.is_owner(forUser, row))
+                    return null;
+            }
+            else
+                return null; //no ownership
+        }
         return apply_calculated_fields([this.readFromDB(row)], this.fields)[0];
     }
     /**
@@ -467,10 +555,30 @@ class Table {
      * @returns {Promise<void>}
      */
     async getRows(where = {}, selopts = {}) {
-        await this.getFields();
-        const rows = await db_1.default.select(this.name, where, selopts);
+        const fields = await this.getFields();
         if (!this.fields)
             return [];
+        const { forUser, forPublic, ...selopts1 } = selopts;
+        const role = forUser ? forUser.role_id : forPublic ? 10 : null;
+        if (role &&
+            this.updateWhereWithOwnership(where, fields, forUser || { role_id: 10 })
+                ?.notAuthorized) {
+            return [];
+        }
+        let rows = await db_1.default.select(this.name, where, selopts1);
+        if (role && role > this.min_role_read) {
+            //check ownership
+            if (forPublic)
+                return [];
+            else if (this.ownership_field_id) {
+                //already dealt with by changing where
+            }
+            else if (this.ownership_formula) {
+                rows = rows.filter((row) => this.is_owner(forUser, row));
+            }
+            else
+                return []; //no ownership
+        }
         return apply_calculated_fields(rows.map((r) => this.readFromDB(r)), this.fields);
     }
     /**
@@ -515,6 +623,7 @@ class Table {
         let v = { ...v_in };
         const fields = await this.getFields();
         const pk_name = this.pk_name;
+        const role = user?.role_id;
         if (fields.some((f) => f.calculated && f.stored)) {
             const joinFields = this.storedExpressionJoinFields();
             //if any freevars are join fields, update row in db first
@@ -523,10 +632,10 @@ class Table {
             if (need_to_update) {
                 await db_1.default.update(this.name, v, id, { pk_name });
             }
-            existing = (await this.getJoinedRows({
+            existing = await this.getJoinedRow({
                 where: { [pk_name]: id },
                 joinFields,
-            }))[0];
+            });
             let calced = await apply_calculated_fields_stored(need_to_update ? existing : { ...existing, ...v_in },
             // @ts-ignore TODO ch throw ?
             this.fields);
@@ -534,11 +643,42 @@ class Table {
                 if (f.calculated && f.stored)
                     v[f.name] = calced[f.name];
         }
+        if (user && role && role > this.min_role_write) {
+            if (role === 10)
+                return;
+            if (this.ownership_field_id) {
+                const owner_field = fields.find((f) => f.id === this.ownership_field_id);
+                if (!owner_field)
+                    throw new Error(`Owner field in table ${this.name} not found`);
+                if (v[owner_field.name] && v[owner_field.name] !== user.id)
+                    return;
+                //need to check existing
+                if (!existing)
+                    existing = await this.getJoinedRow({
+                        where: { [pk_name]: id },
+                        forUser: user,
+                    });
+                if (!existing || existing?.[owner_field.name] !== user.id)
+                    return;
+            }
+            if (this.ownership_formula) {
+                if (!existing)
+                    existing = await this.getJoinedRow({
+                        where: { [pk_name]: id },
+                        forUser: user,
+                    });
+                if (!existing || !this.is_owner(user, existing))
+                    return;
+            }
+            if (!this.ownership_field_id && !this.ownership_formula)
+                return;
+        }
         if (this.versioned) {
+            const existing1 = await db_1.default.selectOne(this.name, { [pk_name]: id });
             if (!existing)
-                existing = await db_1.default.selectOne(this.name, { [pk_name]: id });
+                existing = existing1;
             await db_1.default.insert(this.name + "__history", {
-                ...existing,
+                ...existing1,
                 ...v,
                 [pk_name]: id,
                 _version: {
@@ -556,7 +696,7 @@ class Table {
         }
         const newRow = { ...existing, ...v, [pk_name]: id };
         if (!noTrigger) {
-            const trigPromise = trigger_1.default.runTableTriggers("Update", this, newRow, resultCollector, user);
+            const trigPromise = trigger_1.default.runTableTriggers("Update", this, newRow, resultCollector, role === 10 ? undefined : user);
             if (resultCollector)
                 await trigPromise;
         }
@@ -623,13 +763,24 @@ class Table {
         const fields = await this.getFields();
         const pk_name = this.pk_name;
         const joinFields = this.storedExpressionJoinFields();
-        let v;
-        let id;
+        let v, id;
+        if (user && user.role_id > this.min_role_write) {
+            if (this.ownership_field_id) {
+                const owner_field = fields.find((f) => f.id === this.ownership_field_id);
+                if (!owner_field)
+                    throw new Error(`Owner field in table ${this.name} not found`);
+                if (v_in[owner_field.name] !== user.id)
+                    return;
+            }
+            if (!this.ownership_field_id && !this.ownership_formula)
+                return;
+        }
         if (Object.keys(joinFields).length > 0) {
             id = await db_1.default.insert(this.name, v_in, { pk_name });
             let existing = await this.getJoinedRows({
                 where: { [pk_name]: id },
                 joinFields,
+                forUser: user,
             });
             let calced = await apply_calculated_fields_stored(existing[0], fields);
             v = { ...v_in };
@@ -642,6 +793,16 @@ class Table {
             v = await apply_calculated_fields_stored(v_in, fields);
             id = await db_1.default.insert(this.name, v, { pk_name });
         }
+        if (user && user.role_id > this.min_role_write && this.ownership_formula) {
+            let existing = await this.getJoinedRow({
+                where: { [pk_name]: id },
+                forUser: user,
+            });
+            if (!existing || !this.is_owner(user, existing)) {
+                await this.deleteRows({ [pk_name]: id });
+                return;
+            }
+        }
         if (this.versioned)
             await db_1.default.insert(this.name + "__history", {
                 ...v,
@@ -677,13 +838,7 @@ class Table {
      * Get Fields list for table
      * @returns {Promise<Field[]>}
      */
-    async getFields() {
-        if (!this.fields) {
-            this.fields = await field_1.default.find({ table_id: this.id }, { orderBy: "id" });
-            for (let field of this.fields) {
-                field.table = this;
-            }
-        }
+    getFields() {
         return this.fields;
     }
     /**
@@ -692,7 +847,17 @@ class Table {
      */
     async getField(path) {
         const fields = await this.getFields();
-        if (path.includes(".")) {
+        if (path.includes("->")) {
+            const joinPath = path.split(".");
+            const tableName = joinPath[0];
+            const joinTable = await Table.findOne({ name: tableName });
+            if (!joinTable)
+                throw new Error(`The table '${tableName}' does not exist.`);
+            const joinedField = joinPath[1].split("->")[1];
+            const fields = await joinTable.getFields();
+            return fields.find((f) => f.name === joinedField);
+        }
+        else if (path.includes(".")) {
             const keypath = path.split(".");
             let field, theFields = fields;
             for (let i = 0; i < keypath.length; i++) {
@@ -1119,6 +1284,106 @@ class Table {
             success: `Imported ${file_rows.length} rows into table ${this.name}`,
         };
     }
+    /**
+     * get join-field-options joined from a field in this table
+     * @param allow_double
+     * @param allow_triple
+     * @returns
+     */
+    async get_join_field_options(allow_double, allow_triple) {
+        const fields = await this.getFields();
+        const result = [];
+        for (const f of fields) {
+            if (f.is_fkey && f.type !== "File") {
+                const table = await Table.findOne({ name: f.reftable_name });
+                if (!table)
+                    throw new Error(`Unable to find table '${f.reftable_name}`);
+                await table.getFields();
+                if (!table.fields)
+                    throw new Error(`The table '${f.reftable_name} has no fields.`);
+                const subOne = {
+                    name: f.name,
+                    table: table.name,
+                    subFields: new Array(),
+                    fieldPath: f.name,
+                };
+                for (const pf of table.fields.filter((f) => !f.calculated || f.stored)) {
+                    const subTwo = {
+                        name: pf.name,
+                        subFields: new Array(),
+                        fieldPath: `${f.name}.${pf.name}`,
+                    };
+                    if (pf.is_fkey && pf.type !== "File" && allow_double) {
+                        const table1 = await Table.findOne({ name: pf.reftable_name });
+                        if (!table1)
+                            throw new Error(`Unable to find table '${pf.reftable_name}`);
+                        await table1.getFields();
+                        subTwo.table = table1.name;
+                        if (!table1.fields)
+                            throw new Error(`The table '${pf.reftable_name} has no fields.`);
+                        if (table1.fields)
+                            for (const gpf of table1.fields.filter((f) => !f.calculated || f.stored)) {
+                                const subThree = {
+                                    name: gpf.name,
+                                    subFields: new Array(),
+                                    fieldPath: `${f.name}.${pf.name}.${gpf.name}`,
+                                };
+                                if (allow_triple && gpf.is_fkey && gpf.type !== "File") {
+                                    const gpfTbl = Table.findOne({
+                                        name: gpf.reftable_name,
+                                    });
+                                    if (gpfTbl) {
+                                        subThree.table = gpfTbl.name;
+                                        const gpfFields = await gpfTbl.getFields();
+                                        for (const ggpf of gpfFields.filter((f) => !f.calculated || f.stored)) {
+                                            subThree.subFields.push({
+                                                name: ggpf.name,
+                                                fieldPath: `${f.name}.${pf.name}.${gpf.name}.${ggpf.name}`,
+                                            });
+                                        }
+                                    }
+                                }
+                                subTwo.subFields.push(subThree);
+                            }
+                    }
+                    subOne.subFields.push(subTwo);
+                }
+                result.push(subOne);
+            }
+        }
+        return result;
+    }
+    /**
+     * get relation-options joined from a field of another table
+     * @returns
+     */
+    async get_relation_options() {
+        return await Promise.all((await this.get_relation_data()).map(async ({ relationTable, relationField }) => {
+            const path = `${relationTable.name}.${relationField.name}`;
+            const relFields = await relationTable.getFields();
+            const names = relFields
+                .filter((f) => f.type !== "Key")
+                .map((f) => f.name);
+            return { relationPath: path, relationFields: names };
+        }));
+    }
+    /**
+     * get relation-data joined from a field of another table
+     * @returns
+     */
+    async get_relation_data() {
+        const result = new Array();
+        const o2o_rels = await field_1.default.find({
+            reftable_name: this.name,
+            is_unique: true,
+        });
+        for (const field of o2o_rels) {
+            const relTbl = Table.findOne({ id: field.table_id });
+            if (relTbl)
+                result.push({ relationTable: relTbl, relationField: field });
+        }
+        return result;
+    }
     /**
      * Get parent relations for table
      * @param allow_double
@@ -1250,6 +1515,24 @@ class Table {
         let joinFields = opts.joinFields || {};
         let aggregations = opts.aggregations || {};
         const schema = db_1.default.getTenantSchemaPrefix();
+        const { forUser, forPublic } = opts;
+        const role = forUser ? forUser.role_id : forPublic ? 10 : null;
+        if (role && role > this.min_role_read && this.ownership_formula) {
+            const freeVars = freeVariables(this.ownership_formula);
+            add_free_variables_to_joinfields(freeVars, joinFields, fields);
+        }
+        if (role && role > this.min_role_read && this.ownership_field_id) {
+            if (forPublic)
+                return { notAuthorized: true };
+            const owner_field = fields.find((f) => f.id === this.ownership_field_id);
+            if (!owner_field)
+                throw new Error(`Owner field in table ${this.name} not found`);
+            if (!opts.where)
+                opts.where = {};
+            mergeIntoWhere(opts.where, {
+                [owner_field.name]: forUser.id,
+            });
+        }
         for (const [fldnm, { ref, target, through, ontable }] of Object.entries(joinFields)) {
             let reffield;
             if (ontable) {
@@ -1361,7 +1644,15 @@ class Table {
             offset: opts.offset,
         };
         const sql = `SELECT ${fldNms.join()} FROM ${schema}"${(0, internal_1.sqlsanitize)(this.name)}" a ${joinq} ${where}  ${(0, internal_1.mkSelectOptions)(selectopts)}`;
-        return { sql, values };
+        return { sql, values, joinFields };
+    }
+    /**
+     * @param {object} [opts = {}]
+     * @returns {Promise<object[]>}
+     */
+    async getJoinedRow(opts = {}) {
+        const rows = await this.getJoinedRows(opts);
+        return rows.length > 0 ? rows[0] : null;
     }
     /**
      * @param {object} [opts = {}]
@@ -1369,17 +1660,19 @@ class Table {
      */
     async getJoinedRows(opts = {}) {
         const fields = await this.getFields();
-        const { sql, values } = await this.getJoinedQuery(opts);
+        const { forUser, forPublic, ...selopts1 } = opts;
+        const role = forUser ? forUser.role_id : forPublic ? 10 : null;
+        const { sql, values, notAuthorized, joinFields } = await this.getJoinedQuery(opts);
+        if (notAuthorized)
+            return [];
         const res = await db_1.default.query(sql, values);
         if (res.length === 0)
             return res; // check
-        //console.log(sql);
-        //console.log(res.rows);
-        const calcRow = apply_calculated_fields(res.rows, fields);
+        let calcRow = apply_calculated_fields(res.rows, fields);
         //rename joinfields
-        if (Object.values(opts.joinFields || {}).some((jf) => jf.rename_object)) {
+        if (Object.values(joinFields || {}).some((jf) => jf.rename_object)) {
             let f = (x) => x;
-            Object.entries(opts.joinFields || {}).forEach(([k, v]) => {
+            Object.entries(joinFields || {}).forEach(([k, v]) => {
                 if (v.rename_object) {
                     if (v.rename_object.length === 2) {
                         const oldf = f;
@@ -1428,10 +1721,22 @@ class Table {
                     }
                 }
             });
-            return calcRow.map(f);
+            calcRow = calcRow.map(f);
         }
-        else
-            return calcRow;
+        if (role && role > this.min_role_read) {
+            //check ownership
+            if (forPublic)
+                return [];
+            else if (this.ownership_field_id) {
+                //already dealt with by changing where
+            }
+            else if (this.ownership_formula) {
+                calcRow = calcRow.filter((row) => this.is_owner(forUser, row));
+            }
+            else
+                return []; //no ownership
+        }
+        return calcRow;
     }
     async slug_options() {
         const fields = await this.getFields();