@saltcorn/data 0.8.7 → 0.8.8-beta.0

package/dist/models/table.js

@@ -233,6 +233,13 @@ class Table {
         }
         return [...dbs, ...externals];
     }
+    async get_models(opts) {
+        const Model = require("./model");
+        if (typeof opts === "string")
+            return await Model.find({ name: opts, table_id: this.id });
+        else
+            return await Model.find({ ...(opts || {}), table_id: this.id });
+    }
     /**
      * Get owner column name
      * @param fields - fields list
@@ -275,7 +282,7 @@ class Table {
         return typeof field_name === "string" && row[field_name] === user.id;
     }
     async ownership_options() {
-        const fields = await this.getFields();
+        const fields = this.fields;
         //start with userfields
         const opts = fields
             .filter((f) => f.reftable_name === "users")
@@ -491,7 +498,7 @@ class Table {
         return `${db_1.default.getTenantSchemaPrefix()}"${(0, internal_1.sqlsanitize)(this.name)}"`;
     }
     async resetSequence() {
-        const fields = await this.getFields();
+        const fields = this.fields;
         const pk = fields.find((f) => f.primary_key);
         if (!pk) {
             throw new Error("Unable to find a field with a primary key.");
@@ -526,7 +533,7 @@ class Table {
     async deleteRows(where, user) {
         // get triggers on delete
         const triggers = await trigger_1.default.getTableTriggers("Delete", this);
-        const fields = await this.getFields();
+        const fields = this.fields;
         if (this.updateWhereWithOwnership(where, fields, user)?.notAuthorized) {
             const state = require("../db/state").getState();
             state.log(4, `Not authorized to deleteRows in table ${this.name}.`);
@@ -595,7 +602,7 @@ class Table {
      * @returns {Promise<null|*>}
      */
     async getRow(where = {}, selopts = {}) {
-        const fields = await this.getFields();
+        const fields = this.fields;
         const { forUser, forPublic, ...selopts1 } = selopts;
         const role = forUser ? forUser.role_id : forPublic ? 100 : null;
         const row = await db_1.default.selectMaybeOne(this.name, where, selopts1);
@@ -628,7 +635,7 @@ class Table {
      * @returns {Promise<void>}
      */
     async getRows(where = {}, selopts = {}) {
-        const fields = await this.getFields();
+        const fields = this.fields;
         if (!this.fields)
             return [];
         const { forUser, forPublic, ...selopts1 } = selopts;
@@ -700,7 +707,7 @@ class Table {
     async updateRow(v_in, id, user, noTrigger, resultCollector, restore_of_version) {
         let existing;
         let v = { ...v_in };
-        const fields = await this.getFields();
+        const fields = this.fields;
         const pk_name = this.pk_name;
         const role = user?.role_id;
         const state = require("../db/state").getState();
@@ -710,9 +717,11 @@ class Table {
         }
         if (this.ownership_formula)
             add_free_variables_to_joinfields(freeVariables(this.ownership_formula), joinFields, fields);
-        if (user && role && role > this.min_role_write) {
-            if (role === 10)
-                return "Not authorized";
+        if (user &&
+            role &&
+            (role > this.min_role_write || role > this.min_role_read)) {
+            if (role === 100)
+                return "Not authorized"; //no possibility of ownership
             if (this.ownership_field_id) {
                 const owner_field = fields.find((f) => f.id === this.ownership_field_id);
                 if (!owner_field)
@@ -762,6 +771,11 @@ class Table {
             if (constraint_check)
                 return constraint_check;
         }
+        if (user) {
+            let field_write_check = this.check_field_write_role(v, user);
+            if (field_write_check)
+                return field_write_check;
+        }
         if (fields.some((f) => f.calculated && f.stored)) {
             //if any freevars are join fields, update row in db first
             const freeVarFKFields = new Set(Object.values(joinFields).map((jf) => jf.ref));
@@ -837,7 +851,7 @@ class Table {
                 return { success: true };
         }
         catch (e) {
-            return { error: normalise_error_message(e.message) };
+            return { error: this.normalise_error_message(e.message) };
         }
     }
     /**
@@ -846,22 +860,10 @@ class Table {
      * @param field_name
      * @returns {Promise<void>}
      */
-    async toggleBool(id, field_name) {
-        const schema = db_1.default.getTenantSchemaPrefix();
-        await db_1.default.query(`update ${schema}"${(0, internal_1.sqlsanitize)(this.name)}" set "${(0, internal_1.sqlsanitize)(field_name)}"=NOT coalesce("${(0, internal_1.sqlsanitize)(field_name)}", false) where id=$1`, [id]);
-        const fields = await this.getFields();
-        if (fields.some((f) => f.calculated && f.stored)) {
-            await this.updateRow({}, id, undefined, false);
-        }
-        const triggers = await trigger_1.default.getTableTriggers("Update", this);
-        if (triggers.length > 0) {
-            const row = await this.getRow({ id });
-            if (!row)
-                throw new Error(`Unable to find row with id: ${id}`);
-            for (const trigger of triggers) {
-                trigger.run(row);
-            }
-        }
+    async toggleBool(id, field_name, user) {
+        const row = await this.getRow({ [this.pk_name]: id });
+        if (row)
+            await this.updateRow({ [field_name]: !row[field_name] }, id, user);
     }
     /**
      * Get primary key field
@@ -884,6 +886,15 @@ class Table {
         }
         return undefined;
     }
+    check_field_write_role(row, user) {
+        for (const field of this.fields) {
+            if (typeof row[field.name] !== "undefined" &&
+                field.attributes?.min_role_write &&
+                user.role_id > field.attributes?.min_role_write)
+                return "Not authorized";
+        }
+        return undefined;
+    }
     /**
      * Insert row
      * @param v_in
@@ -892,7 +903,7 @@ class Table {
      * @returns {Promise<*>}
      */
     async insertRow(v_in, user, resultCollector) {
-        const fields = await this.getFields();
+        const fields = this.fields;
         const pk_name = this.pk_name;
         const joinFields = this.storedExpressionJoinFields();
         if (this.ownership_formula)
@@ -917,6 +928,11 @@ class Table {
         let constraint_check = this.check_table_constraints(v_in);
         if (constraint_check)
             throw new Error(constraint_check);
+        if (user) {
+            let field_write_check = this.check_field_write_role(v_in, user);
+            if (field_write_check)
+                return field_write_check;
+        }
         if (Object.keys(joinFields).length > 0) {
             id = await db_1.default.insert(this.name, v_in, { pk_name });
             let existing = await this.getJoinedRows({
@@ -979,12 +995,58 @@ class Table {
     async tryInsertRow(v, user, resultCollector) {
         try {
             const id = await this.insertRow(v, user, resultCollector);
+            if (id?.includes?.("Not authorized"))
+                return { error: id };
+            if (id.error)
+                return id;
             return { success: id };
         }
         catch (e) {
-            return { error: normalise_error_message(e.message) };
+            return { error: this.normalise_error_message(e.message) };
         }
     }
+    normalise_error_message(msg) {
+        let fieldnm = "";
+        if (msg.toLowerCase().includes("unique constraint")) {
+            if (db_1.default.isSQLite) {
+                fieldnm = msg.replace(`SQLITE_CONSTRAINT: UNIQUE constraint failed: ${this.name}.`, "");
+            }
+            else {
+                const m = msg.match(/duplicate key value violates unique constraint "(.*?)_(.*?)_unique"/);
+                if (m)
+                    fieldnm = m[2];
+            }
+            if (fieldnm) {
+                const field = this.fields.find((f) => f.name === fieldnm);
+                if (field?.attributes?.unique_error_msg)
+                    return field?.attributes?.unique_error_msg;
+                else {
+                    const tc_unique = this.constraints.find((c) => {
+                        if (c.type !== "Unique")
+                            return false;
+                        let conNm = "";
+                        if (db_1.default.isSQLite) {
+                            // SQLITE_CONSTRAINT: UNIQUE constraint failed: books.author, books.pages
+                            // first table name stripped by replace
+                            let [field1, ...rest_fields] = c.configuration.fields;
+                            conNm = [
+                                field1,
+                                ...rest_fields.map((fnm) => `${this.name}.${fnm}`),
+                            ].join(", ");
+                        }
+                        else {
+                            conNm = c.configuration.fields.join("_");
+                        }
+                        return c.configuration.errormsg && conNm === fieldnm;
+                    });
+                    if (tc_unique)
+                        return tc_unique.configuration.errormsg;
+                    return `Duplicate value for unique field: ${field?.label || fieldnm}`;
+                }
+            }
+        }
+        return msg;
+    }
     /**
      * Get Fields list for table
      * @returns {Promise<Field[]>}
@@ -1040,7 +1102,7 @@ class Table {
     // todo create function that returns history table name for table
     async create_history_table() {
         const schemaPrefix = db_1.default.getTenantSchemaPrefix();
-        const fields = await this.getFields();
+        const fields = this.fields;
         const flds = fields.map((f) => `,"${(0, internal_1.sqlsanitize)(f.name)}" ${f.sql_bare_type}`);
         const pk = fields.find((f) => f.primary_key)?.name;
         if (!pk) {
@@ -1182,7 +1244,7 @@ class Table {
      * @returns {Promise<void>}
      */
     async enable_fkey_constraints() {
-        const fields = await this.getFields();
+        const fields = this.fields;
         for (const f of fields)
             await f.enable_fkey_constraint(this);
     }
@@ -1570,7 +1632,7 @@ class Table {
     async import_json_file(filePath, skip_first_data_row) {
         // todo argument type buffer is not assignable for type String...
         const file_rows = JSON.parse((await (0, promises_1.readFile)(filePath)).toString());
-        const fields = await this.getFields();
+        const fields = this.fields;
         const pk_name = this.pk_name;
         const { readState } = require("../plugin-helper");
         let i = 1;
@@ -1615,7 +1677,7 @@ class Table {
      * @returns
      */
     async get_join_field_options(allow_double, allow_triple) {
-        const fields = await this.getFields();
+        const fields = this.fields;
         const result = [];
         for (const f of fields) {
             if (f.is_fkey && f.type !== "File") {
@@ -1715,7 +1777,7 @@ class Table {
      * @returns {Promise<{parent_relations: object[], parent_field_list: object[]}>}
      */
     async get_parent_relations(allow_double, allow_triple) {
-        const fields = await this.getFields();
+        const fields = this.fields;
         let parent_relations = [];
         let parent_field_list = [];
         for (const f of fields) {
@@ -1776,7 +1838,7 @@ class Table {
         return { parent_relations, parent_field_list };
     }
     async field_options(nrecurse = 0, fieldWhere = () => true, prefix = "") {
-        const fields = await this.getFields();
+        const fields = this.fields;
         const these = fields.filter(fieldWhere).map((f) => prefix + f.name);
         const those = [];
         if (nrecurse > 0)
@@ -1810,7 +1872,7 @@ class Table {
             }
         }
         if (allow_join_aggregations) {
-            const fields = await this.getFields();
+            const fields = this.fields;
             for (const f of fields) {
                 if (f.is_fkey && f.type !== "File") {
                     const refTable = Table.findOne({ name: f.reftable_name });
@@ -1832,7 +1894,7 @@ class Table {
      * @returns {Promise<{values, sql: string}>}
      */
     async getJoinedQuery(opts = {}) {
-        const fields = await this.getFields();
+        const fields = this.fields;
         let fldNms = [];
         let joinq = "";
         let joinTables = [];
@@ -1937,6 +1999,9 @@ class Table {
             const aggTable = Table.findOne({ name: table });
             const aggField = aggTable?.fields?.find((f) => f.name === field);
             const ownField = through ? (0, internal_1.sqlsanitize)(through) : this.pk_name;
+            const agg_and_field = aggregate.toLowerCase() === "countunique"
+                ? `count(distinct ${field ? `"${(0, internal_1.sqlsanitize)(field)}"` : "*"})`
+                : `${(0, internal_1.sqlsanitize)(aggregate)}(${field ? `"${(0, internal_1.sqlsanitize)(field)}"` : "*"})`;
             if (aggField?.is_fkey &&
                 aggField.attributes.summary_field &&
                 aggregate.toLowerCase() === "array_agg") {
@@ -1950,9 +2015,9 @@ class Table {
                 fldNms.push(`(select "${(0, internal_1.sqlsanitize)(field)}" from ${schema}"${(0, internal_1.sqlsanitize)(table)}" where "${dateField}"=(select ${isLatest ? `max` : `min`}("${dateField}") from ${schema}"${(0, internal_1.sqlsanitize)(table)}" where "${(0, internal_1.sqlsanitize)(ref)}"=a."${ownField}"${whereStr ? ` and ${whereStr}` : ""}) and "${(0, internal_1.sqlsanitize)(ref)}"=a."${ownField}" limit 1) ${(0, internal_1.sqlsanitize)(fldnm)}`);
             }
             else if (subselect)
-                fldNms.push(`(select ${(0, internal_1.sqlsanitize)(aggregate)}(${field ? `"${(0, internal_1.sqlsanitize)(field)}"` : "*"}) from ${schema}"${(0, internal_1.sqlsanitize)(table)}" where "${(0, internal_1.sqlsanitize)(ref)}" in (select "${subselect.field}" from ${schema}"${subselect.table.name}" where "${subselect.whereField}"=a."${ownField}")) ${(0, internal_1.sqlsanitize)(fldnm)}`);
+                fldNms.push(`(select ${agg_and_field} from ${schema}"${(0, internal_1.sqlsanitize)(table)}" where "${(0, internal_1.sqlsanitize)(ref)}" in (select "${subselect.field}" from ${schema}"${subselect.table.name}" where "${subselect.whereField}"=a."${ownField}")) ${(0, internal_1.sqlsanitize)(fldnm)}`);
             else
-                fldNms.push(`(select ${(0, internal_1.sqlsanitize)(aggregate)}(${field ? `"${(0, internal_1.sqlsanitize)(field)}"` : "*"}) from ${schema}"${(0, internal_1.sqlsanitize)(table)}" where "${(0, internal_1.sqlsanitize)(ref)}"=a."${ownField}"${whereStr ? ` and ${whereStr}` : ""}) ${(0, internal_1.sqlsanitize)(fldnm)}`);
+                fldNms.push(`(select ${agg_and_field} from ${schema}"${(0, internal_1.sqlsanitize)(table)}" where "${(0, internal_1.sqlsanitize)(ref)}"=a."${ownField}"${whereStr ? ` and ${whereStr}` : ""}) ${(0, internal_1.sqlsanitize)(fldnm)}`);
         });
         const selectopts = {
             limit: opts.limit,
@@ -1983,7 +2048,7 @@ class Table {
      * @returns {Promise<object[]>}
      */
     async getJoinedRows(opts = {}) {
-        const fields = await this.getFields();
+        const fields = this.fields;
         const { forUser, forPublic, ...selopts1 } = opts;
         const role = forUser ? forUser.role_id : forPublic ? 100 : null;
         const { sql, values, notAuthorized, joinFields } = await this.getJoinedQuery(opts);
@@ -2063,7 +2128,7 @@ class Table {
         return calcRow;
     }
     async slug_options() {
-        const fields = await this.getFields();
+        const fields = this.fields;
         const unique_fields = fields.filter((f) => f.is_unique);
         const opts = [];
         unique_fields.forEach((f) => {