@saltcorn/server 0.7.1 → 0.7.2-beta.3

package/routes/admin.js

@@ -787,7 +787,7 @@ router.get(
               ? div(
                   { class: "alert alert-success", role: "alert" },
                   i({ class: "fas fa-check-circle fa-lg me-2" }),
-                  h5({ class: "d-inline" }, "No errors detected")
+                  h5({ class: "d-inline" }, req.__("No errors detected during configuration check"))
                 )
               : errors.map(mkError)
           ),

package/routes/api.js

@@ -20,6 +20,7 @@ const { error_catcher } = require("./utils.js");
 //const { mkTable, renderForm, link, post_btn } = require("@saltcorn/markup");
 const { getState } = require("@saltcorn/data/db/state");
 const Table = require("@saltcorn/data/models/table");
+const View = require("@saltcorn/data/models/view");
 //const Field = require("@saltcorn/data/models/field");
 const Trigger = require("@saltcorn/data/models/trigger");
 //const load_plugins = require("../load_plugins");
@@ -111,6 +112,40 @@ function accessAllowed(req, user, trigger) {
   return role <= trigger.min_role;
 }
 
+router.post(
+  "/viewQuery/:viewName/:queryName",
+  error_catcher(async (req, res, next) => {
+    let { viewName, queryName } = req.params;
+    const view = await View.findOne({ name: viewName });
+    if (!view) {
+      res.status(404).json({ error: req.__("Not found") });
+      return;
+    }
+    await passport.authenticate(
+      "jwt",
+      { session: false },
+      async function (err, user, info) {
+        const role = user && user.id ? user.role_id : 10;
+        if (
+          role <= view.min_role ||
+          (await view.authorise_get({ req, ...view })) // TODO set query to state
+        ) {
+          const queries = view.queries(false, req);
+          if (queries[queryName]) {
+            const { args } = req.body;
+            const resp = await queries[queryName](...args, true);
+            res.json({ success: resp });
+          } else {
+            res.status(404).json({ error: req.__("Not found") });
+          }
+        } else {
+          res.status(401).json({ error: req.__("Not authorized") });
+        }
+      }
+    )(req, res, next);
+  })
+);
+
 router.get(
   "/:tableName/distinct/:fieldName",
   //passport.authenticate("api-bearer", { session: false }),
@@ -180,7 +215,7 @@ router.get(
     }
 
     await passport.authenticate(
-      "api-bearer",
+      ["api-bearer", "jwt"],
       { session: false },
       async function (err, user, info) {
         if (accessAllowedRead(req, user, table)) {

package/routes/edit.js

@@ -44,7 +44,8 @@ router.post(
         "error",
         req.__("Not allowed to write to table %s", table.name)
       );
-    if (req.get("referer")) res.redirect(req.get("referer"));
+    if (req.xhr) res.send("OK");
+    else if (req.get("referer")) res.redirect(req.get("referer"));
     else res.redirect(redirect || `/list/${table.name}`);
   })
 );

package/routes/fields.js

@@ -181,6 +181,7 @@ const fieldFlow = (req) =>
       var attributes = context.attributes || {};
       attributes.default = context.default;
       attributes.summary_field = context.summary_field;
+      attributes.include_fts = context.include_fts;
       attributes.on_delete_cascade = context.on_delete_cascade;
       const {
         table_id,
@@ -370,6 +371,11 @@ const fieldFlow = (req) =>
               value: f.name,
               label: f.label,
             }));
+          const textfields = orderedFields
+            .filter(
+              (f) => (!f.calculated || f.stored) && f.type?.sql_name === "text"
+            )
+            .map((f) => f.name);
           return new Form({
             fields: [
               new Field({
@@ -378,6 +384,12 @@ const fieldFlow = (req) =>
                 input_type: "select",
                 options: keyfields,
               }),
+              new Field({
+                name: "include_fts",
+                label: req.__("Include in full-text search"),
+                type: "Bool",
+                showIf: { summary_field: textfields },
+              }),
               new Field({
                 name: "on_delete_cascade",
                 label: req.__("On delete cascade"),

package/routes/files.js

@@ -9,6 +9,7 @@ const File = require("@saltcorn/data/models/file");
 const User = require("@saltcorn/data/models/user");
 const { getState } = require("@saltcorn/data/db/state");
 const s3storage = require("../s3storage");
+const sharp = require("sharp");
 
 const {
   mkTable,
@@ -43,6 +44,8 @@ const {
   config_fields_form,
   save_config_from_form,
 } = require("../markup/admin");
+const fsp = require("fs").promises;
+const fs = require("fs");
 
 /**
  * @type {object}
@@ -187,6 +190,54 @@ router.get(
   })
 );
 
+/**
+ * @name get/resize/:id
+ * @function
+ * @memberof module:routes/files~filesRouter
+ * @function
+ */
+router.get(
+  "/resize/:id/:width_str",
+  error_catcher(async (req, res) => {
+    const role = req.user && req.user.id ? req.user.role_id : 10;
+    const user_id = req.user && req.user.id;
+    const { id, width_str } = req.params;
+    let file;
+    if (typeof strictParseInt(id) !== "undefined")
+      file = await File.findOne({ id });
+    else file = await File.findOne({ filename: id });
+
+    if (!file) {
+      res
+        .status(404)
+        .sendWrap(req.__("Not found"), h1(req.__("File not found")));
+      return;
+    }
+    if (role <= file.min_role_read || (user_id && user_id === file.user_id)) {
+      res.type(file.mimetype);
+      const cacheability = file.min_role_read === 10 ? "public" : "private";
+      res.set("Cache-Control", `${cacheability}, max-age=86400`);
+      //TODO s3
+      if (file.s3_store) s3storage.serveObject(file, res, false);
+      else {
+        const width = strictParseInt(width_str);
+        if (!width) {
+          res.sendFile(file.location);
+          return;
+        }
+        const fnm = `${file.location}_w${width}`;
+        if (!fs.existsSync(fnm)) {
+          await sharp(file.location).resize({ width }).toFile(fnm);
+        }
+        res.sendFile(fnm);
+      }
+    } else {
+      req.flash("warning", req.__("Not authorized"));
+      res.redirect("/");
+    }
+  })
+);
+
 /**
  * @name post/setrole/:id
  * @function

package/routes/viewedit.js

@@ -582,8 +582,11 @@ router.get(
       return;
     }
     const configFlow = await view.get_config_flow(req);
+    const hasConfig =
+      view.configuration && Object.keys(view.configuration).length > 0;
     const wfres = await configFlow.run(
       {
+        id: hasConfig ? view.id : undefined,
         table_id: view.table_id,
         exttable_name: view.exttable_name,
         viewname: name,
@@ -704,6 +707,48 @@ router.post(
   })
 );
 
+/**
+ * @name post/saveconfig/:id
+ * @function
+ * @memberof module:routes/viewedit~vieweditRouter
+ * @function
+ */
+router.post(
+  "/saveconfig/:viewname",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    const { viewname } = req.params;
+
+    if (viewname && req.body) {
+      const view = await View.findOne({ name: viewname });
+      const configFlow = await view.get_config_flow(req);
+      const step = await configFlow.singleStepForm(req.body, req);
+      if (step?.renderForm) {
+        if (!step.renderForm.hasErrors) {
+          let newcfg;
+          if (step.contextField)
+            newcfg = {
+              ...view.configuration,
+              [step.contextField]: {
+                ...view.configuration?.[step.contextField],
+                ...step.renderForm.values,
+              },
+            };
+          else newcfg = { ...view.configuration, ...step.renderForm.values };
+          await View.update({ configuration: newcfg }, view.id);
+          res.json({ success: "ok" });
+        } else {
+          res.json({ error: step.renderForm.errorSummary });
+        }
+      } else {
+        res.json({ error: "no form" });
+      }
+    } else {
+      res.json({ error: "no view" });
+    }
+  })
+);
+
 /**
  * @name post/setrole/:id
  * @function
@@ -730,3 +775,12 @@ router.post(
     res.redirect("/viewedit");
   })
 );
+
+router.post(
+  "/test/inserter",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    const view = await View.create(req.body);
+    res.json({ view });
+  })
+);

package/tests/admin.test.js

@@ -12,6 +12,7 @@ const {
   respondJsonWith,
 } = require("../auth/testhelp");
 const db = require("@saltcorn/data/db");
+const { sleep } = require("@saltcorn/data/tests/mocks");
 const fs = require("fs").promises;
 const File = require("@saltcorn/data/models/file");
 const User = require("@saltcorn/data/models/user");
@@ -30,7 +31,12 @@ beforeAll(async () => {
     4
   );
 });
-afterAll(db.close);
+
+afterAll(async () => {
+  await sleep(200);
+  db.close();
+});
+
 const adminPageContains = (specs) =>
   it("adminPageContains " + specs.map((s) => s[1]).join(","), async () => {
     const app = await getApp({ disableCsrf: true });
@@ -456,6 +462,71 @@ describe("actions", () => {
       .expect(toRedirect("/actions/"));
   });
 });
+describe("localizer", () => {
+  itShouldRedirectUnauthToLogin("/site-structure/localizer");
+  itShouldRedirectUnauthToLogin("/site-structure/localizer/add-lang");
+  it("redirects site struct to menu", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure")
+      .set("Cookie", loginCookie)
+      .expect(toRedirect("/menu"));
+  });
+  it("shows languages", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("Languages"));
+  });
+  it("shows add language form", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer/add-lang")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("Locale identifier short code"));
+  });
+  it("add language", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .post("/site-structure/localizer/save-lang")
+      .set("Cookie", loginCookie)
+      .send("name=dansk")
+      .send("locale=da")
+      .expect(toRedirect("/site-structure/localizer/edit/da"));
+  });
+  it("shows new in languages", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("dansk"));
+  });
+
+  it("shows edit language form", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/site-structure/localizer/edit/da")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("Hello world"));
+  });
+  it("set string language", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .post("/site-structure/localizer/save-string/da/Hello%20world")
+      .set("Cookie", loginCookie)
+      .send("value=Hej+verden")
+      .expect(toRedirect("/site-structure/localizer/edit/da"));
+  });
+});
+
 /**
  * Pages tests
  */

package/tests/clientjs.test.js

@@ -14,6 +14,7 @@ const load_script = (fnm) => {
 };
 
 load_script("jquery-3.6.0.min.js");
+load_script("saltcorn-common.js");
 load_script("saltcorn.js");
 
 test("updateQueryStringParameter", () => {

package/tests/plugins.test.js

@@ -90,7 +90,7 @@ describe("Plugin Endpoints", () => {
       .expect(toInclude("testfilecontents"));
     await request(app)
       .get(
-        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.0/css/sb-admin-2.min.css"
+        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.4/css/sb-admin-2.min.css"
       )
       .expect(toInclude("Start Bootstrap"));
 
@@ -100,7 +100,7 @@ describe("Plugin Endpoints", () => {
       .expect(toRedirect("/plugins"));
     await request(app)
       .get(
-        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.0/css/sb-admin-2.min.css"
+        "/plugins/pubdeps/sbadmin2/startbootstrap-sb-admin-2-bs5/4.1.5-beta.4/css/sb-admin-2.min.css"
       )
       .expect(toInclude("Start Bootstrap"));
   });

package/tests/viewedit.test.js

@@ -8,6 +8,7 @@ const {
   toInclude,
   toNotInclude,
   resetToFixtures,
+  succeedJsonWith,
 } = require("../auth/testhelp");
 const db = require("@saltcorn/data/db");
 const View = require("@saltcorn/data/models/view");
@@ -371,3 +372,96 @@ describe("viewedit new Show", () => {
       .expect(toRedirect("/viewedit"));
   });
 });
+describe("Library", () => {
+  it("should save new from builder", async () => {
+    const loginCookie = await getAdminLoginCookie();
+    const app = await getApp({ disableCsrf: true });
+    await request(app)
+      .post("/library/savefrombuilder/")
+      .set("Cookie", loginCookie)
+      .send({
+        layout: {
+          columns: [],
+          layout: {
+            type: "card",
+            contents: {
+              above: [
+                null,
+                {
+                  besides: [
+                    {
+                      above: [
+                        null,
+                        {
+                          type: "blank",
+                          contents: "Hello world",
+                          block: false,
+                          inline: false,
+                          textStyle: "",
+                          isFormula: {},
+                          labelFor: "",
+                          style: {},
+                          font: "",
+                        },
+                      ],
+                    },
+                    {
+                      above: [
+                        null,
+                        {
+                          type: "blank",
+                          contents: "Bye bye",
+                          block: false,
+                          inline: false,
+                          textStyle: "",
+                          isFormula: {},
+                          labelFor: "",
+                          style: {},
+                          font: "",
+                        },
+                      ],
+                    },
+                  ],
+                  breakpoints: ["", ""],
+                  style: {},
+                  widths: [6, 6],
+                },
+              ],
+            },
+            title: "header",
+            style: {},
+          },
+        },
+        icon: "far fa-angry",
+        name: "ShinyCard",
+      })
+      .set("Content-Type", "application/json")
+      .set("Accept", "application/json")
+      .expect(succeedJsonWith(() => true));
+  });
+  it("shows library with item", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/library/list")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("ShinyCard"));
+  });
+  it("deletes in library", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .post("/library/delete/1")
+      .set("Cookie", loginCookie)
+      .expect(toRedirect("/library/list"));
+  });
+  it("shows empty library", async () => {
+    const app = await getApp({ disableCsrf: true });
+    const loginCookie = await getAdminLoginCookie();
+    await request(app)
+      .get("/library/list")
+      .set("Cookie", loginCookie)
+      .expect(toInclude("Library"))
+      .expect(toNotInclude("ShinyCard"))
+  });
+});

package/wrapper.js

@@ -167,6 +167,7 @@ const get_headers = (req, version_tag, description, extras = []) => {
       headerTag: `<script>var _sc_globalCsrf = "${req.csrfToken()}"; var _sc_version_tag = "${version_tag}";</script>`,
     },
     { css: `/static_assets/${version_tag}/saltcorn.css` },
+    { script: `/static_assets/${version_tag}/saltcorn-common.js` },
     { script: `/static_assets/${version_tag}/saltcorn.js` },
   ];
   let from_cfg = [];