@saltcorn/server 0.6.2-beta.1 → 0.6.2-beta.2

package/app.js

@@ -23,10 +23,10 @@ const {
   available_languages,
 } = require("@saltcorn/data/models/config");
 const {
-  setTenant,
   get_base_url,
   error_catcher,
   getSessionStore,
+  setTenant,
 } = require("./routes/utils.js");
 const path = require("path");
 const fileUpload = require("express-fileupload");
@@ -37,6 +37,7 @@ const { I18n } = require("i18n");
 const { h1 } = require("@saltcorn/markup/tags");
 const is = require("contractis/is");
 const Trigger = require("@saltcorn/data/models/trigger");
+const s3storage = require("./s3storage");
 
 const locales = Object.keys(available_languages);
 // i18n configuration
@@ -77,15 +78,6 @@ const getApp = async (opts = {}) => {
   // extenetede url encoding in use
   app.use(express.urlencoded({ limit: "5mb", extended: true }));
 
-  // add fileupload feature
-  // todo ability to configure filetmp dir - add new config / env parameter
-  app.use(
-    fileUpload({
-      useTempFiles: true,
-      createParentPath: true,
-      tempFileDir: "/tmp/",
-    })
-  );
   // cookies
   app.use(require("cookie-parser")());
   // i18n support
@@ -202,6 +194,12 @@ const getApp = async (opts = {}) => {
   passport.deserializeUser(function (user, done) {
     done(null, user);
   });
+  app.use(setTenant);
+
+  // Change into s3storage compatible selector
+  // existing fileupload middleware is moved into s3storage.js
+  app.use(s3storage.middlewareSelect);
+  app.use(s3storage.middlewareTransform);
 
   app.use(wrapper(version_tag));
   const csurf = csrf();
@@ -218,11 +216,10 @@ const getApp = async (opts = {}) => {
 
   mountRoutes(app);
   // set tenant homepage as / root
-  app.get("/", setTenant, error_catcher(homepage));
+  app.get("/", error_catcher(homepage));
   // /robots.txt
   app.get(
     "/robots.txt",
-    setTenant,
     error_catcher(async (req, res) => {
       const base = get_base_url(req);
       res.set("Content-Type", "text/plain");
@@ -235,7 +232,6 @@ Sitemap: ${base}sitemap.xml
   // /sitemap.xml
   app.get(
     "/sitemap.xml",
-    setTenant,
     error_catcher(async (req, res) => {
       const base = get_base_url(req);
       res.set("Content-Type", "text/xml");

package/auth/admin.js

@@ -50,8 +50,8 @@ const router = new Router();
 module.exports = router;
 
 /**
- * 
- * @param {object} req 
+ *
+ * @param {object} req
  * @returns {Promise<object>}
  */
 const getUserFields = async (req) => {
@@ -221,7 +221,6 @@ const user_dropdown = (user, req, can_reset) =>
  */
 router.get(
   "/",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const users = await User.find({}, { orderBy: "id" });
@@ -286,7 +285,6 @@ router.get(
  */
 router.get(
   "/new",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await userForm(req);
@@ -305,8 +303,8 @@ router.get(
 );
 
 /**
- * 
- * @param {object} req 
+ *
+ * @param {object} req
  * @returns {Form}
  */
 const user_settings_form = (req) =>
@@ -341,7 +339,6 @@ const user_settings_form = (req) =>
  */
 router.get(
   "/settings",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await user_settings_form(req);
@@ -365,7 +362,6 @@ router.get(
  */
 router.post(
   "/settings",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await user_settings_form(req);
@@ -396,7 +392,6 @@ router.post(
  */
 router.get(
   "/ssl",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const isRoot = db.getTenantSchema() === db.connectObj.default_schema;
@@ -511,7 +506,7 @@ router.get(
 );
 
 /**
- * @param {object} req 
+ * @param {object} req
  * @returns {Form}
  */
 const ssl_form = (req) =>
@@ -528,7 +523,6 @@ const ssl_form = (req) =>
  */
 router.get(
   "/ssl/custom",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await ssl_form(req);
@@ -553,7 +547,6 @@ router.get(
  */
 router.post(
   "/ssl/custom",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await ssl_form(req);
@@ -590,7 +583,6 @@ router.post(
  */
 router.get(
   "/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -659,7 +651,6 @@ router.get(
  */
 router.post(
   "/save",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     let form, sub2;
@@ -738,7 +729,6 @@ router.post(
  */
 router.post(
   "/reset-password/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -758,7 +748,6 @@ router.post(
  */
 router.post(
   "/send-verification/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -783,7 +772,6 @@ router.post(
  */
 router.post(
   "/gen-api-token/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -803,7 +791,6 @@ router.post(
  */
 router.post(
   "/remove-api-token/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -823,7 +810,6 @@ router.post(
  */
 router.post(
   "/set-random-password/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -847,7 +833,6 @@ router.post(
  */
 router.post(
   "/disable/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -866,7 +851,6 @@ router.post(
  */
 router.post(
   "/enable/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -884,7 +868,6 @@ router.post(
  */
 router.post(
   "/delete/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;

package/auth/roleadmin.js

@@ -20,12 +20,7 @@ const {
   post_dropdown_item,
   post_delete_btn,
 } = require("@saltcorn/markup");
-const {
-  isAdmin,
-  setTenant,
-  error_catcher,
-  csrfField,
-} = require("../routes/utils");
+const { isAdmin, error_catcher, csrfField } = require("../routes/utils");
 const { send_reset_email } = require("./resetpw");
 const { getState } = require("@saltcorn/data/db/state");
 const {
@@ -61,10 +56,10 @@ const router = new Router();
 module.exports = router;
 
 /**
- * @param {Role} role 
- * @param {Layout[]} layouts 
- * @param {*} layout_by_role 
- * @param {object} req 
+ * @param {Role} role
+ * @param {Layout[]} layouts
+ * @param {*} layout_by_role
+ * @param {object} req
  * @returns {Form}
  */
 const editRoleLayoutForm = (role, layouts, layout_by_role, req) =>
@@ -91,7 +86,7 @@ const editRoleLayoutForm = (role, layouts, layout_by_role, req) =>
   );
 
 /**
- * @param {object} req 
+ * @param {object} req
  * @returns {Form}
  */
 const roleForm = (req) =>
@@ -119,7 +114,6 @@ const roleForm = (req) =>
  */
 router.get(
   "/",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const roles = await User.get_roles();
@@ -172,7 +166,6 @@ router.get(
  */
 router.get(
   "/new",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await roleForm(req);
@@ -198,7 +191,6 @@ router.get(
  */
 router.post(
   "/edit",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await roleForm(req);
@@ -236,7 +228,6 @@ router.post(
  */
 router.post(
   "/setrolelayout/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;
@@ -257,7 +248,6 @@ const unDeletableRoles = [1, 8, 10];
  */
 router.post(
   "/delete/:id",
-  setTenant,
   isAdmin,
   error_catcher(async (req, res) => {
     const { id } = req.params;

package/auth/routes.js

@@ -12,12 +12,7 @@ const Form = require("@saltcorn/data/models/form");
 const File = require("@saltcorn/data/models/file");
 
 const { send_verification_email } = require("@saltcorn/data/models/email");
-const {
-  setTenant,
-  error_catcher,
-  loggedIn,
-  csrfField,
-} = require("../routes/utils.js");
+const { error_catcher, loggedIn, csrfField } = require("../routes/utils.js");
 const { getState } = require("@saltcorn/data/db/state");
 const { send_reset_email } = require("./resetpw");
 const { renderForm } = require("@saltcorn/markup");
@@ -62,8 +57,8 @@ const router = new Router();
 module.exports = router;
 
 /**
- * @param {object} req 
- * @param {boolean} isCreating 
+ * @param {object} req
+ * @param {boolean} isCreating
  * @returns {Form}
  */
 const loginForm = (req, isCreating) => {
@@ -104,7 +99,7 @@ const loginForm = (req, isCreating) => {
 };
 
 /**
- * @param {object} req 
+ * @param {object} req
  * @returns {Form}
  */
 const forgotForm = (req) =>
@@ -128,8 +123,8 @@ const forgotForm = (req) =>
   });
 
 /**
- * @param {object} body 
- * @param {object} req 
+ * @param {object} body
+ * @param {object} req
  * @returns {Form}
  */
 const resetForm = (body, req) => {
@@ -159,8 +154,8 @@ const resetForm = (body, req) => {
 };
 
 /**
- * @param {string} current 
- * @param {boolean} noMethods 
+ * @param {string} current
+ * @param {boolean} noMethods
  * @returns {object}
  */
 const getAuthLinks = (current, noMethods) => {
@@ -193,7 +188,6 @@ const getAuthLinks = (current, noMethods) => {
  */
 router.get(
   "/login",
-  setTenant,
   error_catcher(async (req, res) => {
     const login_form_name = getState().getConfig("login_form", "");
     if (login_form_name) {
@@ -219,7 +213,7 @@ router.get(
  * @function
  * @memberof module:auth/routes~routesRouter
  */
-router.get("/logout", setTenant, (req, res, next) => {
+router.get("/logout", (req, res, next) => {
   req.logout();
   if (req.session.destroy)
     req.session.destroy((err) => {
@@ -241,7 +235,6 @@ router.get("/logout", setTenant, (req, res, next) => {
  */
 router.get(
   "/forgot",
-  setTenant,
   error_catcher(async (req, res) => {
     if (getState().getConfig("allow_forgot", false)) {
       res.sendAuthWrap(
@@ -266,7 +259,6 @@ router.get(
  */
 router.get(
   "/reset",
-  setTenant,
   error_catcher(async (req, res) => {
     const form = resetForm(req.query, req);
     res.sendAuthWrap(req.__(`Reset password`), form, {});
@@ -280,7 +272,6 @@ router.get(
  */
 router.get(
   "/verify",
-  setTenant,
   error_catcher(async (req, res) => {
     const { token, email } = req.query;
     const result = await User.verifyWithToken({
@@ -304,7 +295,6 @@ router.get(
  */
 router.post(
   "/reset",
-  setTenant,
   error_catcher(async (req, res) => {
     const result = await User.resetPasswordWithToken({
       email: req.body.email,
@@ -330,7 +320,6 @@ router.post(
  */
 router.post(
   "/forgot",
-  setTenant,
   error_catcher(async (req, res) => {
     if (getState().getConfig("allow_forgot")) {
       const { email } = req.body;
@@ -364,7 +353,6 @@ router.post(
  */
 router.get(
   "/signup",
-  setTenant,
   error_catcher(async (req, res) => {
     if (!getState().getConfig("allow_signup")) {
       req.flash("danger", req.__("Signups not enabled"));
@@ -408,7 +396,6 @@ router.get(
  */
 router.get(
   "/create_first_user",
-  setTenant,
   error_catcher(async (req, res) => {
     const hasUsers = await User.nonEmpty();
     if (!hasUsers) {
@@ -438,7 +425,6 @@ router.get(
  */
 router.post(
   "/create_from_restore",
-  setTenant,
   error_catcher(async (req, res) => {
     const hasUsers = await User.nonEmpty();
     if (!hasUsers) {
@@ -467,7 +453,6 @@ router.post(
  */
 router.post(
   "/create_first_user",
-  setTenant,
   error_catcher(async (req, res) => {
     const hasUsers = await User.nonEmpty();
     if (!hasUsers) {
@@ -510,9 +495,9 @@ router.post(
 );
 
 /**
- * @param {string} new_user_view_name 
- * @param {object} req 
- * @param {boolean} askEmail 
+ * @param {string} new_user_view_name
+ * @param {object} req
+ * @param {boolean} askEmail
  * @returns {Promise<Form>}
  * @throws {InvalidConfiguration}
  */
@@ -588,9 +573,9 @@ const getNewUserForm = async (new_user_view_name, req, askEmail) => {
 };
 
 /**
- * @param {object} u 
- * @param {object} req 
- * @param {object} res 
+ * @param {object} u
+ * @param {object} req
+ * @param {object} res
  * @returns {void}
  */
 const signup_login_with_user = (u, req, res) =>
@@ -620,7 +605,6 @@ const signup_login_with_user = (u, req, res) =>
  */
 router.get(
   "/signup_final_ext",
-  setTenant,
   error_catcher(async (req, res) => {
     const new_user_form = getState().getConfig("new_user_form");
     if (!req.user || req.user.id || !new_user_form) {
@@ -642,7 +626,6 @@ router.get(
  */
 router.post(
   "/signup_final_ext",
-  setTenant,
   error_catcher(async (req, res) => {
     const new_user_form = getState().getConfig("new_user_form");
     if (!req.user || req.user.id || !new_user_form) {
@@ -695,7 +678,6 @@ router.post(
  */
 router.post(
   "/signup_final",
-  setTenant,
   error_catcher(async (req, res) => {
     if (getState().getConfig("allow_signup")) {
       const new_user_form = getState().getConfig("new_user_form");
@@ -757,7 +739,6 @@ router.post(
  */
 router.post(
   "/signup",
-  setTenant,
   error_catcher(async (req, res) => {
     if (!getState().getConfig("allow_signup")) {
       req.flash("danger", req.__("Signups not enabled"));
@@ -868,8 +849,8 @@ router.post(
 );
 
 /**
- * @param {object} req 
- * @param {object} res 
+ * @param {object} req
+ * @param {object} res
  * @returns {void}
  */
 function handler(req, res) {
@@ -888,7 +869,7 @@ function handler(req, res) {
 
 /**
  * try to find a unique user id in login submit
- * @param {object} body 
+ * @param {object} body
  * @returns {string}
  */
 const userIdKey = (body) => {
@@ -920,7 +901,6 @@ const userLimiter = rateLimit({
  */
 router.post(
   "/login",
-  setTenant,
   ipLimiter,
   userLimiter,
   passport.authenticate("local", {
@@ -954,7 +934,6 @@ router.post(
  */
 router.get(
   "/login-with/:method",
-  setTenant,
   error_catcher(async (req, res, next) => {
     const { method } = req.params;
     const auth = getState().auth_methods[method];
@@ -977,7 +956,6 @@ router.get(
  */
 router.post(
   "/login-with/:method",
-  setTenant,
   error_catcher(async (req, res, next) => {
     const { method } = req.params;
     const auth = getState().auth_methods[method];
@@ -999,8 +977,8 @@ router.post(
 );
 
 /**
- * @param {object}} req 
- * @param {object} res 
+ * @param {object}} req
+ * @param {object} res
  * @returns {void}
  */
 const loginCallback = (req, res) => () => {
@@ -1024,7 +1002,6 @@ const loginCallback = (req, res) => () => {
  */
 router.get(
   "/callback/:method",
-  setTenant,
   error_catcher(async (req, res, next) => {
     const { method } = req.params;
     const auth = getState().auth_methods[method];
@@ -1039,7 +1016,7 @@ router.get(
 );
 
 /**
- * @param {object} req 
+ * @param {object} req
  * @returns {Form}
  */
 const changPwForm = (req) =>
@@ -1064,8 +1041,8 @@ const changPwForm = (req) =>
   });
 
 /**
- * @param {object} req 
- * @param {object} user 
+ * @param {object} req
+ * @param {object} user
  * @returns {Form}
  */
 const setLanguageForm = (req, user) =>
@@ -1152,7 +1129,6 @@ const userSettings = async ({ req, res, pwform, user }) => {
  */
 router.post(
   "/setlanguage",
-  setTenant,
   loggedIn,
   error_catcher(async (req, res) => {
     const u = await User.findOne({ id: req.user.id });
@@ -1191,7 +1167,6 @@ router.post(
  */
 router.get(
   "/settings",
-  setTenant,
   loggedIn,
   error_catcher(async (req, res) => {
     const user = await User.findOne({ id: req.user.id });
@@ -1232,7 +1207,6 @@ const setEmailForm = (req) =>
  */
 router.get(
   "/set-email",
-  setTenant,
   error_catcher(async (req, res) => {
     res.sendWrap(
       req.__("Set Email"),
@@ -1249,7 +1223,6 @@ router.get(
  */
 router.post(
   "/set-email",
-  setTenant,
   error_catcher(async (req, res) => {
     const form = setEmailForm(req);
     form.validate(req.body);
@@ -1299,7 +1272,6 @@ router.post(
  */
 router.post(
   "/settings",
-  setTenant,
   loggedIn,
   error_catcher(async (req, res) => {
     const user = await User.findOne({ id: req.user.id });
@@ -1350,7 +1322,6 @@ router.post(
  */
 router.all(
   "/verification-flow",
-  setTenant,
   loggedIn,
   error_catcher(async (req, res) => {
     const verifier = await (getState().verifier || (() => null))(req.user);

package/locales/en.json

@@ -814,5 +814,24 @@
 	"Number of columns (1-12) allocated to the list view": "Number of columns (1-12) allocated to the list view",
 	"New tenant template": "New tenant template",
 	"Copy site structure for new tenants from this tenant": "Copy site structure for new tenants from this tenant",
-	"Use this link: <a href=\"%s\">%s</a> to revisit your application at any time.": "Use this link: <a href=\"%s\">%s</a> to revisit your application at any time."
+	"Use this link: <a href=\"%s\">%s</a> to revisit your application at any time.": "Use this link: <a href=\"%s\">%s</a> to revisit your application at any time.",
+	"Use Amazon S3": "Use Amazon S3",
+	"Use Amazon S3 (or compatible) service to store files. If disabled, Saltcorn uses local disk. WARNING: Changing this may break your uploaded files!": "Use Amazon S3 (or compatible) service to store files. If disabled, Saltcorn uses local disk. WARNING: Changing this may break your uploaded files!",
+	"Amazon S3 Bucket": "Amazon S3 Bucket",
+	"Name you selected for your S3 bucket in AWS.": "Name you selected for your S3 bucket in AWS.",
+	"Amazon S3 Path Prefix": "Amazon S3 Path Prefix",
+	"Prefix you selected for your S3 bucket in AWS.": "Prefix you selected for your S3 bucket in AWS.",
+	"Amazon S3 Endpoint": "Amazon S3 Endpoint",
+	"Hostname of your S3 Compatible Storage provider. Defaults to 's3.amazonaws.com'.": "Hostname of your S3 Compatible Storage provider. Defaults to 's3.amazonaws.com'.",
+	"Amazon S3 Region": "Amazon S3 Region",
+	"AWS region you selected when creating your S3 bucket. Default ti 'us-east-1'.": "AWS region you selected when creating your S3 bucket. Default ti 'us-east-1'.",
+	"Amazon S3 Access Key ID": "Amazon S3 Access Key ID",
+	"Only required if you do not want to authenticate to S3 using an IAM role. Enter the Access Key ID provided by your Amazon EC2 administrator.": "Only required if you do not want to authenticate to S3 using an IAM role. Enter the Access Key ID provided by your Amazon EC2 administrator.",
+	"Amazon S3 Secret Access Key": "Amazon S3 Secret Access Key",
+	"The secret access key associated with your Amazon S3 Access Key ID.": "The secret access key associated with your Amazon S3 Access Key ID.",
+	"Use Amazon S3 Secure Connection.": "Use Amazon S3 Secure Connection.",
+	"Connect to Amazon S3 (or compatible) securely.": "Connect to Amazon S3 (or compatible) securely.",
+	"Storage settings": "Storage settings",
+	"Storage": "Storage",
+	"Storage settings updated": "Storage settings updated"
 }

package/markup/admin.js

@@ -213,6 +213,22 @@ const send_users_page = (args) => {
   });
 };
 
+/**
+ * @param {object} args
+ * @returns {void}
+ */
+const send_files_page = (args) => {
+  return send_settings_page({
+    main_section: "Files",
+    main_section_href: "/files",
+    sub_sections: [
+      { text: "Files", href: "/files" },
+      { text: "Storage", href: "/files/storage" },
+    ],
+    ...args,
+  });
+};
+
 /**
  * @param {object} args
  * @returns {void}
@@ -464,6 +480,7 @@ module.exports = {
   send_users_page,
   send_events_page,
   send_admin_page,
+  send_files_page,
   save_config_from_form,
   flash_restart_if_required,
   flash_restart,