@saltcorn/data 1.6.0-beta.1 → 1.6.0-beta.10

package/dist/models/table.js

@@ -47,7 +47,7 @@ const field_1 = __importDefault(require("./field"));
 const common_types_1 = require("@saltcorn/types/common_types");
 const trigger_1 = __importDefault(require("./trigger"));
 const expression_1 = __importDefault(require("./expression"));
-const { apply_calculated_fields, apply_calculated_fields_stored, recalculate_for_stored, get_expression_function, eval_expression, freeVariables, add_free_variables_to_joinfields, removeComments, jsexprToWhere, } = expression_1.default;
+const { apply_calculated_fields, apply_calculated_fields_stored, recalculate_for_stored, get_expression_function, get_async_expression_function, eval_expression, freeVariables, add_free_variables_to_joinfields, removeComments, jsexprToWhere, } = expression_1.default;
 const uuid_1 = require("uuid");
 const csvtojson_1 = __importDefault(require("csvtojson"));
 const moment_1 = __importDefault(require("moment"));
@@ -201,6 +201,9 @@ class Table {
         this.provider_cfg = stringToJSON(o.provider_cfg);
         this.provider_name = o.provider_name;
         this.fields = o.fields.map((f) => new field_1.default(f));
+        this.updated_at = ["string", "number"].includes(typeof o.updated_at)
+            ? new Date(o.updated_at)
+            : o.updated_at;
     }
     static subClass({ user, read_only, } = {}) {
         var _a;
@@ -242,6 +245,7 @@ class Table {
             const { fields, constraints, ...updDB } = upd_rec;
             if (updDB.ownership_field_id === "")
                 delete updDB.ownership_field_id;
+            updDB.updated_at = new Date();
             await db_1.default.update("_sc_tables", updDB, tbl.id);
             //limited refresh if we do not have a client
             if (!db_1.default.getRequestContext()?.client)
@@ -255,6 +259,7 @@ class Table {
             if (!db_1.default.getRequestContext()?.client)
                 await Table.state_refresh(true);
         };
+        //console.log({tbl});
         return t;
     }
     /**
@@ -324,7 +329,7 @@ class Table {
                 const { getState } = require("../db/state");
                 const provider = getState().table_providers[t.provider_name];
                 if (provider)
-                    t.fields = await applyAsync(provider.fields, t.provider_cfg);
+                    t.fields = await applyAsync(provider.fields, stringToJSON(t.provider_cfg));
                 else
                     t.fields = [];
             }
@@ -600,6 +605,7 @@ class Table {
             description: options.description || "",
             provider_name: options.provider_name,
             provider_cfg: options.provider_cfg,
+            updated_at: new Date(),
         };
         let pk_fld_id;
         if (!id) {
@@ -780,25 +786,50 @@ class Table {
             }
         }
     }
-    async addDeleteSyncInfo(ids, timestamp) {
+    async addDeleteSyncInfo(ids, timestamp, ownerFieldName, ownershipFormula) {
         if (this.constructor.read_only)
             throw new Error("Read-only access");
+        // Top-level keys referenced by the formula (strip join path suffixes,
+        // drop "user"). Stored in owner_fields so is_owner() can re-evaluate later.
+        const formulaTopKeys = ownershipFormula
+            ? [
+                ...new Set([...freeVariables(ownershipFormula)]
+                    .map((v) => v.split(/[.Ⱶ]/)[0])
+                    .filter((v) => v !== "user")),
+            ]
+            : null;
         await db_1.default.tryCatchInTransaction(async () => {
             if (ids.length > 0) {
                 const schema = db_1.default.getTenantSchemaPrefix();
                 const pkName = this.pk_name || "id";
                 if (isNode()) {
-                    await db_1.default.query(`delete from ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info" where ref in (
-            ${ids.map((row) => row[pkName]).join(",")})`);
-                    await db_1.default.query(`insert into ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info" (ref, last_modified, deleted)
-              values ${ids
-                        .map((row) => `(${row[pkName]}, date_trunc('milliseconds', to_timestamp( ${timestamp.valueOf() / 1000.0} ) ), true)`)
-                        .join(",")}`);
+                    const pkVals = ids.map((row) => String(row[pkName]));
+                    await db_1.default.query(`delete from ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info" where ref = ANY($1::text[])`, [pkVals]);
+                    const tsParam = timestamp.valueOf() / 1000.0;
+                    const insertParams = [tsParam];
+                    const valueClauses = pkVals.map((pkVal, i) => {
+                        const ownerVal = ownerFieldName
+                            ? (ids[i][ownerFieldName] ?? null)
+                            : null;
+                        const ownerFieldsVal = formulaTopKeys && formulaTopKeys.length > 0
+                            ? JSON.stringify(Object.fromEntries(formulaTopKeys.map((k) => [k, ids[i][k] ?? null])))
+                            : null;
+                        insertParams.push(pkVal);
+                        insertParams.push(ownerVal);
+                        insertParams.push(ownerFieldsVal);
+                        return `($${insertParams.length - 2}::text, date_trunc('milliseconds', to_timestamp($1)), true, $${insertParams.length - 1}, $${insertParams.length})`;
+                    });
+                    await db_1.default.query(`insert into ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info" (ref, last_modified, deleted, owner_id, owner_fields)
+              values ${valueClauses.join(",")}`, insertParams);
                 }
                 else {
+                    const pkVals = ids.map((row) => String(row[pkName]));
+                    const placeholders = pkVals
+                        .map((_, i) => `$${i + 1}`)
+                        .join(",");
                     await db_1.default.query(`update "${db_1.default.sqlsanitize(this.name)}_sync_info"
            set deleted = true, modified_local = true
-           where ref in (${ids.map((row) => row[pkName]).join(",")})`);
+           where ref in (${placeholders})`, pkVals);
                 }
             }
         }, (e) => {
@@ -842,6 +873,12 @@ class Table {
         // get triggers on delete
         const triggers = await trigger_1.default.getTableTriggers("Delete", this);
         const fields = this.fields;
+        const ownerFieldName = (() => {
+            if (!this.has_sync_info || !this.ownership_field_id)
+                return null;
+            const f = fields?.find((f) => f.id === this.ownership_field_id);
+            return f?.name ?? null;
+        })();
         if (this.updateWhereWithOwnership(where, use_user)?.notAuthorized) {
             const state = require("../db/state").getState();
             state.log(4, `Not authorized to deleteRows in table ${this.name}.`);
@@ -854,6 +891,13 @@ class Table {
             expression: "__aggregation",
             attributes: { json: { table: this.name } },
         }, { cached: true });
+        // Join fields needed to snapshot ownership_formula values into sync_info.
+        // Computed once here; used either via the existing rows fetch (if it runs)
+        // or via a separate minimal fetch in the else branch below.
+        const ownershipJoinFields = {};
+        if (this.has_sync_info && this.ownership_formula) {
+            add_free_variables_to_joinfields(freeVariables(this.ownership_formula), ownershipJoinFields, fields);
+        }
         let rows;
         if (calc_agg_fields.length ||
             (use_user &&
@@ -863,6 +907,7 @@ class Table {
                 where,
                 forUser: use_user,
                 forPublic: use_user?.role_id === 100,
+                joinFields: ownershipJoinFields,
             });
         }
         const deleteFileFields = fields.filter((f) => f.type === "File" && f.attributes?.also_delete_file);
@@ -900,32 +945,47 @@ class Table {
         }
         await db_1.default.tryCatchInTransaction(async () => {
             if (rows) {
-                const delIds = rows.map((r) => r[this.pk_name]);
+                const pkIds = rows.map((r) => r[this.pk_name]);
                 if (!db_1.default.isSQLite) {
                     await db_1.default.deleteWhere(this.name, {
-                        [this.pk_name]: { in: delIds },
+                        [this.pk_name]: { in: pkIds },
                     });
                 }
                 else {
-                    await db_1.default.query(`delete from "${db_1.default.sqlsanitize(this.name)}" where "${db_1.default.sqlsanitize(this.pk_name)}" in (${delIds.join(",")})`);
+                    await db_1.default.query(`delete from "${db_1.default.sqlsanitize(this.name)}" where "${db_1.default.sqlsanitize(this.pk_name)}" in (${pkIds.join(",")})`);
                 }
                 for (const row of rows)
                     await this.auto_update_calc_aggregations(row);
                 if (this.has_sync_info) {
                     const dbTime = await db_1.default.time();
-                    await this.addDeleteSyncInfo(rows, dbTime);
+                    await this.addDeleteSyncInfo(rows, dbTime, ownerFieldName, this.ownership_formula);
                 }
             }
             else {
-                const delIds = this.has_sync_info
-                    ? await db_1.default.select(this.name, where, {
-                        fields: [this.pk_name],
-                    })
-                    : null;
-                await db_1.default.deleteWhere(this.name, where);
+                let preDeleteRows = null;
                 if (this.has_sync_info) {
+                    if (this.ownership_formula) {
+                        // ownership_formula: fetch all fields (including join fields) so
+                        // addDeleteSyncInfo can snapshot them into owner_fields.
+                        preDeleteRows = await this.getJoinedRows({
+                            where,
+                            joinFields: ownershipJoinFields,
+                        });
+                    }
+                    else {
+                        // Simple case: fetch only the pk (and owner field if present).
+                        const selectFields = ownerFieldName
+                            ? [this.pk_name, ownerFieldName]
+                            : [this.pk_name];
+                        preDeleteRows = await db_1.default.select(this.name, where, {
+                            fields: selectFields,
+                        });
+                    }
+                }
+                await db_1.default.deleteWhere(this.name, where);
+                if (this.has_sync_info && preDeleteRows) {
                     const dbTime = await db_1.default.time();
-                    await this.addDeleteSyncInfo(delIds, dbTime);
+                    await this.addDeleteSyncInfo(preDeleteRows, dbTime, ownerFieldName, this.ownership_formula);
                 }
             }
             //if (fields.find((f) => f.primary_key)) await this.resetSequence();
@@ -961,7 +1021,7 @@ class Table {
         if (this.fields) {
             for (const f of this.fields) {
                 if (f.type && (0, common_types_1.instanceOfType)(f.type) && f.type.readFromDB)
-                    row[f.name] = f.type.readFromDB(row[f.name]);
+                    row[f.name] = f.type.readFromDB(row[f.name], f);
             }
         }
         return row;
@@ -1124,9 +1184,20 @@ class Table {
      * @param fieldnm
      * @returns {Promise<Object[]>}
      */
-    async distinctValues(fieldnm, whereObj) {
-        if (whereObj) {
-            const { where, values } = (0, internal_1.mkWhere)(whereObj, db_1.default.isSQLite);
+    async distinctValues(fieldnm, whereObj, user) {
+        const useWhere = { ...(whereObj || {}) };
+        if (user &&
+            user.role_id > this.min_role_read &&
+            !(this.ownership_field_id || this.ownership_formula)) {
+            return [];
+        }
+        if (user &&
+            user.role_id > this.min_role_read &&
+            (this.ownership_field_id || this.ownership_formula)) {
+            this.updateWhereWithOwnership(useWhere, user, true);
+        }
+        if (Object.keys(useWhere).length) {
+            const { where, values } = (0, internal_1.mkWhere)(useWhere, db_1.default.isSQLite);
             const res = await db_1.default.query(`select distinct "${db_1.default.sqlsanitize(fieldnm)}" from ${this.sql_name} ${where} order by "${db_1.default.sqlsanitize(fieldnm)}" limit 1000`, values);
             return res.rows.map((r) => r[fieldnm]);
         }
@@ -1338,7 +1409,7 @@ class Table {
                     joinFields,
                 });
             }
-            let calced = await apply_calculated_fields_stored(need_to_update ? updated || {} : { ...existing, ...v_in }, this.fields, this);
+            let calced = await apply_calculated_fields_stored(need_to_update ? updated || {} : { ...existing, ...v_in }, this.fields, this, use_user);
             for (const f of fields)
                 if (f.calculated && f.stored) {
                     if (typeof f.type !== "string" &&
@@ -1480,7 +1551,8 @@ class Table {
   SELECT MAX(last_modified) "last_modified", ref
   FROM ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info"
   GROUP BY ref HAVING ref = ($1)`;
-            const result = await db_1.default.query(sql, db_1.default.isSQLite ? ids : [ids]);
+            const strIds = ids.map((id) => String(id));
+            const result = await db_1.default.query(sql, db_1.default.isSQLite ? strIds : [strIds]);
             return result.rows;
         }, (e) => {
             require("../db/state")
@@ -1502,15 +1574,15 @@ class Table {
                 }
                 await db_1.default.query(`insert into ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info" (ref, last_modified, updated_fields)
             values(
-              $1,
+              $1::text,
               date_trunc('milliseconds', to_timestamp($2)),
               $3::jsonb
             )`, [id, timestamp.valueOf() / 1000.0, JSON.stringify(fieldTimestamps)]);
             }
             else {
                 await db_1.default.query(`insert into "${db_1.default.sqlsanitize(this.name)}_sync_info"
-         (ref, modified_local, deleted) 
-         values('${id}', true, false)`);
+         (ref, modified_local, deleted)
+         values(CAST($1 AS TEXT), true, false)`, [id]);
             }
         }, (e) => {
             require("../db/state")
@@ -1531,13 +1603,13 @@ class Table {
                 for (const k of Object.keys(v).filter((key) => key !== this.pk_name)) {
                     fieldTimestamps[k] = timestamp;
                 }
-                await db_1.default.query(`update ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info" 
-            set 
+                await db_1.default.query(`update ${schema}"${db_1.default.sqlsanitize(this.name)}_sync_info"
+            set
               last_modified=date_trunc('milliseconds', to_timestamp($1)),
               updated_fields =
                 coalesce(updated_fields, '{}'::jsonb) || $4::jsonb
-            where 
-              ref=$2 and last_modified = to_timestamp($3)`, [
+            where
+              ref=$2::text and last_modified = to_timestamp($3)`, [
                     timestamp.valueOf() / 1000.0,
                     id,
                     oldLastModified.valueOf() / 1000.0,
@@ -1545,8 +1617,8 @@ class Table {
                 ]);
             }
             else {
-                await db_1.default.query(`update "${db_1.default.sqlsanitize(this.name)}_sync_info" set modified_local = true 
-         where ref = ${id} and last_modified = ${oldLastModified ? oldLastModified.valueOf() : "null"}`);
+                await db_1.default.query(`update "${db_1.default.sqlsanitize(this.name)}_sync_info" set modified_local = true
+         where ref = CAST($1 AS TEXT) and last_modified = $2`, [id, oldLastModified ? oldLastModified.valueOf() : null]);
             }
         }, (e) => {
             require("../db/state")
@@ -1758,11 +1830,37 @@ class Table {
             return valResCollector; //???
         if ("set_fields" in valResCollector)
             Object.assign(v_in, valResCollector.set_fields);
+        // Apply expression defaults for fields not provided or left null by the caller
+        for (const field of fields) {
+            if (!field.primary_key &&
+                field.attributes?.default_expression &&
+                (!(field.name in v_in) || v_in[field.name] == null)) {
+                try {
+                    const exprFn = get_async_expression_function(field.attributes.default_expression, fields, {});
+                    v_in[field.name] = await exprFn(v_in, use_user);
+                }
+                catch (_e) {
+                    state.log(4, `Error applying default_expression for field ${field.name}: ${_e.message}`);
+                }
+            }
+        }
+        // On mobile (SQLite), PKs with a client-side default (e.g. UUID via the
+        // uuid-type plugin's default_js) must be generated before the insert.
+        if (!isNode() && v_in[pk_name] == null) {
+            const pkField = fields?.find((f) => f.primary_key && !f.is_fkey);
+            const defaultJs = pkField?.type?.primaryKey?.default_js;
+            if (typeof defaultJs === "function") {
+                v_in[pk_name] = defaultJs();
+            }
+        }
         if (Object.keys(joinFields).length > 0 ||
             fields.some((f) => f.expression === "__aggregation")) {
             state.log(6, `Inserting ${this.name} because join fields: ${JSON.stringify(v_in)}`);
             this.prepare_row_for_writing(v_in);
             id = await db_1.default.insert(this.name, v_in, { pk_name, ...sqliteJsonCols });
+            // db.insert returns SQLite rowid, not the PK for non-integer PK types
+            if (!isNode() && v_in[pk_name] != null)
+                id = v_in[pk_name];
             let existing = await this.getJoinedRows({
                 where: { [pk_name]: id },
                 joinFields,
@@ -1775,7 +1873,7 @@ class Table {
                 state.log(4, `Not authorized to insertRow in table ${this.name}. Inserted row not retrieved.`);
                 return;
             }
-            let calced = await apply_calculated_fields_stored(existing[0], fields, this);
+            let calced = await apply_calculated_fields_stored(existing[0], fields, this, use_user);
             v = { ...v_in };
             for (const f of fields)
                 if (f.calculated && f.stored)
@@ -1784,13 +1882,16 @@ class Table {
             await db_1.default.update(this.name, v, id, { pk_name, ...sqliteJsonCols });
         }
         else {
-            v = await apply_calculated_fields_stored(v_in, fields, this);
+            v = await apply_calculated_fields_stored(v_in, fields, this, use_user);
             this.prepare_row_for_writing(v);
             state.log(6, `Inserting ${this.name} row: ${JSON.stringify(v)}`);
             id = await db_1.default.insert(this.name, v, {
                 pk_name,
                 ...sqliteJsonCols,
             });
+            // db.insert returns SQLite rowid, not the PK for non-integer PK types
+            if (!isNode() && v[pk_name] != null)
+                id = v[pk_name];
         }
         if (use_user &&
             use_user.role_id > this.min_role_write &&
@@ -1822,15 +1923,15 @@ class Table {
                 if (isNode()) {
                     // sync_info for insert
                     const schemaPrefix = db_1.default.getTenantSchemaPrefix();
+                    const tsParam = (syncTimestamp ? syncTimestamp : await db_1.default.time()).valueOf() /
+                        1000.0;
                     await db_1.default.query(`insert into ${schemaPrefix}"${db_1.default.sqlsanitize(this.name)}_sync_info"
-              (ref, last_modified) values(
-              ${id}, date_trunc('milliseconds', to_timestamp(${(syncTimestamp ? syncTimestamp : await db_1.default.time()).valueOf() /
-                        1000.0})))`);
+              (ref, last_modified) values($1::text, date_trunc('milliseconds', to_timestamp($2)))`, [id, tsParam]);
                 }
                 else {
                     await db_1.default.query(`insert into "${db_1.default.sqlsanitize(this.name)}_sync_info"
            (last_modified, ref, modified_local, deleted)
-           values(NULL, ${id}, true, false)`);
+           values(NULL, CAST($1 AS TEXT), true, false)`, [id]);
                 }
             }, (e) => {
                 state.log(2, `Error inserting sync info for table ${this.name}: ${e.message}`);
@@ -2142,10 +2243,12 @@ class Table {
                 throw new Error("Unable to find a field with a primary key.");
             }
             await db_1.default.query(`create table ${schemaPrefix}"${(0, internal_1.sqlsanitize)(this.name)}_sync_info" (
-            ref integer,
+            ref text not null,
             last_modified timestamp,
             deleted boolean default false,
-            updated_fields jsonb)`);
+            updated_fields jsonb,
+            owner_id integer,
+            owner_fields jsonb)`);
             await db_1.default.query(`create index "${(0, internal_1.sqlsanitize)(this.name)}_sync_info_ref_index" on ${schemaPrefix}"${(0, internal_1.sqlsanitize)(this.name)}_sync_info"(ref)`);
             await db_1.default.query(`create index "${(0, internal_1.sqlsanitize)(this.name)}_sync_info_lm_index" on ${schemaPrefix}"${(0, internal_1.sqlsanitize)(this.name)}_sync_info"(last_modified)`);
             await db_1.default.query(`create index "${(0, internal_1.sqlsanitize)(this.name)}_sync_info_deleted_index" on ${schemaPrefix}"${(0, internal_1.sqlsanitize)(this.name)}_sync_info"(deleted)`);
@@ -2334,6 +2437,7 @@ class Table {
             throw new Error(`Unable to find table with id: ${this.id}`);
         }
         const { external, fields, constraints, ...upd_rec } = new_table_rec;
+        upd_rec.updated_at = new Date();
         await db_1.default.update("_sc_tables", upd_rec, this.id);
         //limited refresh if we do not have a client
         if (!db_1.default.getRequestContext()?.client)