@saltcorn/server 0.7.1-beta.3 → 0.7.2-beta.2

package/public/saltcorn.js

@@ -70,10 +70,12 @@ function apply_showif() {
 
     var options = data[1][val];
     var current = e.attr("data-selected");
-    //console.log(val, options, current,data)
+    //console.log({ val, options, current, data });
     e.empty();
     (options || []).forEach((o) => {
-      if (!(o && o.label && o.value)) {
+      if (
+        !(o && typeof o.label !== "undefined" && typeof o.value !== "undefined")
+      ) {
         if (`${current}` === `${o}`)
           e.append($("<option selected>" + o + "</option>"));
         else e.append($("<option>" + o + "</option>"));
@@ -219,6 +221,9 @@ if (localStorage.getItem("reload_on_init")) {
   location.reload();
 }
 function initialize_page() {
+  $(".blur-on-enter-keypress").bind("keyup", function (e) {
+    if (e.keyCode === 13) e.target.blur();
+  });
   $("form").change(apply_showif);
   apply_showif();
   apply_showif();
@@ -310,6 +315,34 @@ function initialize_page() {
   });
   $('a[data-bs-toggle="tab"].deeplink').historyTabs();
   init_bs5_dropdowns();
+
+  // Initialize Sliders - https://stackoverflow.com/a/31083391
+  var sliderSections = document.getElementsByClassName("range-slider");
+  for (var x = 0; x < sliderSections.length; x++) {
+    var sliders = sliderSections[x].getElementsByTagName("input");
+    for (var y = 0; y < sliders.length; y++) {
+      if (sliders[y].type === "range") {
+        sliders[y].oninput = function () {
+          // Get slider values
+          var parent = this.parentNode;
+          var slides = parent.getElementsByTagName("input");
+          var slide1 = parseFloat(slides[0].value);
+          var slide2 = parseFloat(slides[1].value);
+          // Neither slider will clip the other, so make sure we determine which is larger
+          if (slide1 > slide2) {
+            var tmp = slide2;
+            slide2 = slide1;
+            slide1 = tmp;
+          }
+
+          var displayElement = parent.getElementsByClassName("rangeValues")[0];
+          displayElement.innerHTML = slide1 + " - " + slide2;
+        };
+        // Manually trigger event first time to display values
+        sliders[y].oninput();
+      }
+    }
+  }
 }
 
 $(initialize_page);
@@ -459,57 +492,8 @@ function tristateClick(nm) {
   }
 }
 
-function notifyAlert(note, spin) {
-  if (Array.isArray(note)) {
-    note.forEach(notifyAlert);
-    return;
-  }
-  var txt, type;
-  if (typeof note == "string") {
-    txt = note;
-    type = "info";
-  } else {
-    txt = note.text;
-    type = note.type;
-  }
-
-  $("#alerts-area")
-    .append(`<div class="alert alert-${type} alert-dismissible fade show ${
-    spin ? "d-flex align-items-center" : ""
-  }" role="alert">
-  ${txt}
-  ${
-    spin
-      ? `<div class="spinner-border ms-auto" role="status" aria-hidden="true"></div>`
-      : `<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close">
-  </button>`
-  }
-</div>`);
-}
-
 function ajax_done(res) {
-  if (res.notify) notifyAlert(res.notify);
-  if (res.error) notifyAlert({ type: "danger", text: res.error });
-  if (res.eval_js) eval(res.eval_js);
-  if (res.reload_page) location.reload(); //TODO notify to cookie if reload or goto
-  if (res.download) {
-    const dataurl = `data:${
-      res.download.mimetype || "application/octet-stream"
-    };base64,${res.download.blob}`;
-    fetch(dataurl)
-      .then((res) => res.blob())
-      .then((blob) => {
-        const link = document.createElement("a");
-        link.href = window.URL.createObjectURL(blob);
-        if (res.download.filename) link.download = res.download.filename;
-        else link.target = "_blank";
-        link.click();
-      });
-  }
-  if (res.goto) {
-    if (res.target === "_blank") window.open(res.goto, "_blank").focus();
-    else window.location.href = res.goto;
-  }
+  common_done(res);
 }
 
 function view_post(viewname, route, data, onDone) {
@@ -546,11 +530,6 @@ function globalErrorCatcher(message, source, lineno, colno, error) {
   });
 }
 
-function press_store_button(clicked) {
-  const width = $(clicked).width();
-  $(clicked).html('<i class="fas fa-spinner fa-spin"></i>').width(width);
-}
-
 function ajax_modal(url, opts = {}) {
   if ($("#scmodal").length === 0) {
     $("body").append(`<div id="scmodal", class="modal">
@@ -567,6 +546,10 @@ function ajax_modal(url, opts = {}) {
       </div>
     </div>
   </div>`);
+  } else if ($("#scmodal").hasClass("show")) {
+    var myModalEl = document.getElementById("scmodal");
+    var modal = bootstrap.Modal.getInstance(myModalEl);
+    modal.dispose();
   }
   if (opts.submitReload === false) $("#scmodal").addClass("no-submit-reload");
   else $("#scmodal").removeClass("no-submit-reload");
@@ -587,6 +570,7 @@ function ajax_modal(url, opts = {}) {
 
 function saveAndContinue(e, k) {
   var form = $(e).closest("form");
+  submitWithEmptyAction(form[0]);
   var url = form.attr("action");
   var form_data = form.serialize();
   $.ajax(url, {
@@ -614,6 +598,54 @@ function saveAndContinue(e, k) {
   return false;
 }
 
+function applyViewConfig(e, url) {
+  var form = $(e).closest("form");
+  var form_data = form.serializeArray();
+  const cfg = {};
+  form_data.forEach((item) => {
+    cfg[item.name] = item.value;
+  });
+  $.ajax(url, {
+    type: "POST",
+    dataType: "json",
+    contentType: "application/json",
+    headers: {
+      "CSRF-Token": _sc_globalCsrf,
+    },
+    data: JSON.stringify(cfg),
+    error: function (request) {},
+  });
+
+  return false;
+}
+
+const repeaterCopyValuesToForm = (form, editor) => {
+  const vs = JSON.parse(editor.getString());
+  const allNames = new Set([]);
+  const setVal = (k, ix, v) => {
+    const $e = form.find(`input[name="${k}_${ix}"]`);
+    if ($e.length) $e.val(v);
+    else
+      form.append(
+        `<input type="hidden" name="${k}_${ix}" value="${v}"></input>`
+      );
+  };
+  vs.forEach((v, ix) => {
+    Object.entries(v).forEach(([k, v]) => {
+      //console.log(ix, k, typeof v, v)
+      allNames.add(k);
+      if (typeof v === "boolean") setVal(k, ix, v ? "on" : "");
+      else setVal(k, ix, v);
+    });
+  });
+  //delete
+  [...allNames].forEach((k) => {
+    for (let ix = vs.length; ix < vs.length + 20; ix++) {
+      $(`input[name=${k}_${ix}]`).remove();
+    }
+  });
+};
+
 function ajaxSubmitForm(e) {
   var form = $(e).closest("form");
   var url = form.attr("action");
@@ -698,31 +730,16 @@ function make_unique_field(
       type: "GET",
       success: function (res) {
         if (res.success) {
-          const gen_char = (i) => {
-            switch (char_type) {
-              case "Lowercase Letters":
-                return String.fromCharCode("a".charCodeAt(0) + i);
-                break;
-              case "Uppercase Letters":
-                return String.fromCharCode("A".charCodeAt(0) + i);
-                break;
-              default:
-                return i;
-                break;
-            }
-          };
-          const vals = res.success
-            .map((o) => o[field_name])
-            .filter((s) => s.startsWith(value));
-          if (vals.includes(value) || always_append) {
-            for (let i = start || 0; i < vals.length + (start || 0) + 2; i++) {
-              const newname = `${value}${space ? " " : ""}${gen_char(i)}`;
-              if (!vals.includes(newname)) {
-                $("#" + id).val(newname);
-                return;
-              }
-            }
-          }
+          unique_field_from_rows(
+            res.success,
+            id,
+            field_name,
+            space,
+            start,
+            always_append,
+            char_type,
+            value
+          );
         }
       },
     }
@@ -830,13 +847,13 @@ const columnSummary = (col) => {
   if (!col) return "Unknown";
   switch (col.type) {
     case "Field":
-      return `Field ${col.field_name} ${col.fieldview}`;
+      return `Field ${col.field_name} ${col.fieldview || ""}`;
     case "Link":
       return `Link ${col.link_text}`;
     case "JoinField":
       return `Join ${col.join_field}`;
     case "ViewLink":
-      return `View ${col.view_label || col.view.split(":")[1] || ""}`;
+      return `View link ${col.view_label || col.view.split(":")[1] || ""}`;
     case "Action":
       return `Action ${col.action_label || col.action_name}`;
     case "Aggregation":

package/routes/admin.js

@@ -787,7 +787,7 @@ router.get(
               ? div(
                   { class: "alert alert-success", role: "alert" },
                   i({ class: "fas fa-check-circle fa-lg me-2" }),
-                  h5({ class: "d-inline" }, "No errors detected")
+                  h5({ class: "d-inline" }, req.__("No errors detected during configuration check"))
                 )
               : errors.map(mkError)
           ),

package/routes/api.js

@@ -20,6 +20,7 @@ const { error_catcher } = require("./utils.js");
 //const { mkTable, renderForm, link, post_btn } = require("@saltcorn/markup");
 const { getState } = require("@saltcorn/data/db/state");
 const Table = require("@saltcorn/data/models/table");
+const View = require("@saltcorn/data/models/view");
 //const Field = require("@saltcorn/data/models/field");
 const Trigger = require("@saltcorn/data/models/trigger");
 //const load_plugins = require("../load_plugins");
@@ -111,6 +112,40 @@ function accessAllowed(req, user, trigger) {
   return role <= trigger.min_role;
 }
 
+router.post(
+  "/viewQuery/:viewName/:queryName",
+  error_catcher(async (req, res, next) => {
+    let { viewName, queryName } = req.params;
+    const view = await View.findOne({ name: viewName });
+    if (!view) {
+      res.status(404).json({ error: req.__("Not found") });
+      return;
+    }
+    await passport.authenticate(
+      "jwt",
+      { session: false },
+      async function (err, user, info) {
+        const role = user && user.id ? user.role_id : 10;
+        if (
+          role <= view.min_role ||
+          (await view.authorise_get({ req, ...view })) // TODO set query to state
+        ) {
+          const queries = view.queries(false, req);
+          if (queries[queryName]) {
+            const { args } = req.body;
+            const resp = await queries[queryName](...args, true);
+            res.json({ success: resp });
+          } else {
+            res.status(404).json({ error: req.__("Not found") });
+          }
+        } else {
+          res.status(401).json({ error: req.__("Not authorized") });
+        }
+      }
+    )(req, res, next);
+  })
+);
+
 router.get(
   "/:tableName/distinct/:fieldName",
   //passport.authenticate("api-bearer", { session: false }),
@@ -180,7 +215,7 @@ router.get(
     }
 
     await passport.authenticate(
-      "api-bearer",
+      ["api-bearer", "jwt"],
       { session: false },
       async function (err, user, info) {
         if (accessAllowedRead(req, user, table)) {

package/routes/edit.js

@@ -44,7 +44,8 @@ router.post(
         "error",
         req.__("Not allowed to write to table %s", table.name)
       );
-    if (req.get("referer")) res.redirect(req.get("referer"));
+    if (req.xhr) res.send("OK");
+    else if (req.get("referer")) res.redirect(req.get("referer"));
     else res.redirect(redirect || `/list/${table.name}`);
   })
 );

package/routes/fields.js

@@ -181,6 +181,7 @@ const fieldFlow = (req) =>
       var attributes = context.attributes || {};
       attributes.default = context.default;
       attributes.summary_field = context.summary_field;
+      attributes.include_fts = context.include_fts;
       attributes.on_delete_cascade = context.on_delete_cascade;
       const {
         table_id,
@@ -370,6 +371,11 @@ const fieldFlow = (req) =>
               value: f.name,
               label: f.label,
             }));
+          const textfields = orderedFields
+            .filter(
+              (f) => (!f.calculated || f.stored) && f.type?.sql_name === "text"
+            )
+            .map((f) => f.name);
           return new Form({
             fields: [
               new Field({
@@ -378,6 +384,12 @@ const fieldFlow = (req) =>
                 input_type: "select",
                 options: keyfields,
               }),
+              new Field({
+                name: "include_fts",
+                label: req.__("Include in full-text search"),
+                type: "Bool",
+                showIf: { summary_field: textfields },
+              }),
               new Field({
                 name: "on_delete_cascade",
                 label: req.__("On delete cascade"),

package/routes/files.js

@@ -9,6 +9,7 @@ const File = require("@saltcorn/data/models/file");
 const User = require("@saltcorn/data/models/user");
 const { getState } = require("@saltcorn/data/db/state");
 const s3storage = require("../s3storage");
+const sharp = require("sharp");
 
 const {
   mkTable,
@@ -43,6 +44,8 @@ const {
   config_fields_form,
   save_config_from_form,
 } = require("../markup/admin");
+const fsp = require("fs").promises;
+const fs = require("fs");
 
 /**
  * @type {object}
@@ -187,6 +190,54 @@ router.get(
   })
 );
 
+/**
+ * @name get/resize/:id
+ * @function
+ * @memberof module:routes/files~filesRouter
+ * @function
+ */
+router.get(
+  "/resize/:id/:width_str",
+  error_catcher(async (req, res) => {
+    const role = req.user && req.user.id ? req.user.role_id : 10;
+    const user_id = req.user && req.user.id;
+    const { id, width_str } = req.params;
+    let file;
+    if (typeof strictParseInt(id) !== "undefined")
+      file = await File.findOne({ id });
+    else file = await File.findOne({ filename: id });
+
+    if (!file) {
+      res
+        .status(404)
+        .sendWrap(req.__("Not found"), h1(req.__("File not found")));
+      return;
+    }
+    if (role <= file.min_role_read || (user_id && user_id === file.user_id)) {
+      res.type(file.mimetype);
+      const cacheability = file.min_role_read === 10 ? "public" : "private";
+      res.set("Cache-Control", `${cacheability}, max-age=86400`);
+      //TODO s3
+      if (file.s3_store) s3storage.serveObject(file, res, false);
+      else {
+        const width = strictParseInt(width_str);
+        if (!width) {
+          res.sendFile(file.location);
+          return;
+        }
+        const fnm = `${file.location}_w${width}`;
+        if (!fs.existsSync(fnm)) {
+          await sharp(file.location).resize({ width }).toFile(fnm);
+        }
+        res.sendFile(fnm);
+      }
+    } else {
+      req.flash("warning", req.__("Not authorized"));
+      res.redirect("/");
+    }
+  })
+);
+
 /**
  * @name post/setrole/:id
  * @function

package/routes/plugins.js

@@ -652,16 +652,16 @@ router.get(
   error_catcher(async (req, res) => {
     const { plugin } = req.params;
     const filepath = req.params[0];
+    const hasVersion = plugin.includes("@");
     const location =
-      getState().plugin_locations[
-        plugin.includes("@") ? plugin.split("@")[0] : plugin
-      ];
+      getState().plugin_locations[hasVersion ? plugin.split("@")[0] : plugin];
     if (location) {
       const safeFile = path
         .normalize(filepath)
         .replace(/^(\.\.(\/|\\|$))+/, "");
       const fullpath = path.join(location, "public", safeFile);
-      if (fs.existsSync(fullpath)) res.sendFile(fullpath, { maxAge: "1d" });
+      if (fs.existsSync(fullpath))
+        res.sendFile(fullpath, { maxAge: hasVersion ? "100d" : "1d" });
       else res.status(404).send(req.__("Not found"));
     } else {
       res.status(404).send(req.__("Not found"));

package/routes/viewedit.js

@@ -582,8 +582,11 @@ router.get(
       return;
     }
     const configFlow = await view.get_config_flow(req);
+    const hasConfig =
+      view.configuration && Object.keys(view.configuration).length > 0;
     const wfres = await configFlow.run(
       {
+        id: hasConfig ? view.id : undefined,
         table_id: view.table_id,
         exttable_name: view.exttable_name,
         viewname: name,
@@ -704,6 +707,48 @@ router.post(
   })
 );
 
+/**
+ * @name post/saveconfig/:id
+ * @function
+ * @memberof module:routes/viewedit~vieweditRouter
+ * @function
+ */
+router.post(
+  "/saveconfig/:viewname",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    const { viewname } = req.params;
+
+    if (viewname && req.body) {
+      const view = await View.findOne({ name: viewname });
+      const configFlow = await view.get_config_flow(req);
+      const step = await configFlow.singleStepForm(req.body, req);
+      if (step?.renderForm) {
+        if (!step.renderForm.hasErrors) {
+          let newcfg;
+          if (step.contextField)
+            newcfg = {
+              ...view.configuration,
+              [step.contextField]: {
+                ...view.configuration?.[step.contextField],
+                ...step.renderForm.values,
+              },
+            };
+          else newcfg = { ...view.configuration, ...step.renderForm.values };
+          await View.update({ configuration: newcfg }, view.id);
+          res.json({ success: "ok" });
+        } else {
+          res.json({ error: step.renderForm.errorSummary });
+        }
+      } else {
+        res.json({ error: "no form" });
+      }
+    } else {
+      res.json({ error: "no view" });
+    }
+  })
+);
+
 /**
  * @name post/setrole/:id
  * @function
@@ -730,3 +775,12 @@ router.post(
     res.redirect("/viewedit");
   })
 );
+
+router.post(
+  "/test/inserter",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    const view = await View.create(req.body);
+    res.json({ view });
+  })
+);

package/tests/admin.test.js

@@ -12,6 +12,7 @@ const {
   respondJsonWith,
 } = require("../auth/testhelp");
 const db = require("@saltcorn/data/db");
+const { sleep } = require("@saltcorn/data/tests/mocks");
 const fs = require("fs").promises;
 const File = require("@saltcorn/data/models/file");
 const User = require("@saltcorn/data/models/user");
@@ -30,7 +31,12 @@ beforeAll(async () => {
     4
   );
 });
-afterAll(db.close);
+
+afterAll(async () => {
+  await sleep(200);
+  db.close();
+});
+
 const adminPageContains = (specs) =>
   it("adminPageContains " + specs.map((s) => s[1]).join(","), async () => {
     const app = await getApp({ disableCsrf: true });
@@ -456,6 +462,71 @@ describe("actions", () => {
       .expect(toRedirect("/actions/"));
   });
 });
+describe("localizer", () => {
+  itShouldRedirectUnauthToLogin("/site-structure/localizer");
+  itShouldRedirectUnauthToLogin("/site-structure/localizer/add-lang");
+  it("redirects site struct to menu", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure")
+      .set("Cookie", loginCookie)
+      .expect(toRedirect("/menu"));
+  });
+  it("shows languages", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("Languages"));
+  });
+  it("shows add language form", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer/add-lang")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("Locale identifier short code"));
+  });
+  it("add language", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .post("/site-structure/localizer/save-lang")
+      .set("Cookie", loginCookie)
+      .send("name=dansk")
+      .send("locale=da")
+      .expect(toRedirect("/site-structure/localizer/edit/da"));
+  });
+  it("shows new in languages", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("dansk"));
+  });
+
+  it("shows edit language form", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer/edit/da")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("Hello world"));
+  });
+  it("set string language", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .post("/site-structure/localizer/save-string/da/Hello%20world")
+      .set("Cookie", loginCookie)
+      .send("value=Hej+verden")
+      .expect(toRedirect("/site-structure/localizer/edit/da"));
+  });
+});
+
 /**
  * Pages tests
  */

package/tests/clientjs.test.js

@@ -14,6 +14,7 @@ const load_script = (fnm) => {
 };
 
 load_script("jquery-3.6.0.min.js");
+load_script("saltcorn-common.js");
 load_script("saltcorn.js");
 
 test("updateQueryStringParameter", () => {

package/tests/plugins.test.js

@@ -90,7 +90,7 @@ describe("Plugin Endpoints", () => {
       .expect(toInclude("testfilecontents"));
     await request(app)
       .get(
-        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.0/css/sb-admin-2.min.css"
+        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.4/css/sb-admin-2.min.css"
       )
       .expect(toInclude("Start Bootstrap"));
 
@@ -100,7 +100,7 @@ describe("Plugin Endpoints", () => {
       .expect(toRedirect("/plugins"));
     await request(app)
       .get(
-        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.0/css/sb-admin-2.min.css"
+        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.4/css/sb-admin-2.min.css"
       )
       .expect(toInclude("Start Bootstrap"));
   });

package/tests/view.test.js

@@ -82,7 +82,7 @@ describe("edit view", () => {
       .post("/view/authoredit")
       .send("author=Chekov")
 
-      .expect(toRedirect("/"));
+      .expect(toRedirect("/view/authorlist"));
   });
 });