@saltcorn/server 0.7.3-beta.3 → 0.7.3-beta.6

package/app.js

@@ -227,7 +227,11 @@ const getApp = async (opts = {}) => {
   passport.use(
     new JwtStrategy(jwtOpts, (jwt_payload, done) => {
       User.findOne({ email: jwt_payload.sub }).then((u) => {
-        if (u) {
+        if (
+          u &&
+          u.last_mobile_login &&
+          u.last_mobile_login <= jwt_payload.iat
+        ) {
           return done(null, {
             email: u.email,
             id: u.id,

package/auth/routes.js

@@ -203,6 +203,7 @@ const loginWithJwt = async (req, res) => {
   const { email, password } = req.query;
   const user = await User.findOne({ email });
   if (user && user.checkPassword(password)) {
+    const now = new Date().valueOf();
     const jwt_secret = db.connectObj.jwt_secret;
     const token = jwt.sign(
       {
@@ -210,9 +211,11 @@ const loginWithJwt = async (req, res) => {
         role_id: user.role_id,
         iss: "saltcorn@saltcorn",
         aud: "saltcorn-mobile-app",
+        iat: now,
       },
       jwt_secret
     );
+    if (!user.last_mobile_login) user.updateLastMobileLogin(now);
     res.json(token);
   }
 };
@@ -249,18 +252,24 @@ router.get(
  * @function
  * @memberof module:auth/routes~routesRouter
  */
-router.get("/logout", (req, res, next) => {
-  req.logout();
-  if (req.session.destroy)
-    req.session.destroy((err) => {
-      if (err) return next(err);
+router.get("/logout", async (req, res, next) => {
+  if (req.smr && req.user?.id) {
+    const user = await User.findOne({ id: req.user.id });
+    await user.updateLastMobileLogin(null);
+    res.json({ success: true });
+  } else if (req.logout) {
+    req.logout();
+    if (req.session.destroy)
+      req.session.destroy((err) => {
+        if (err) return next(err);
+        req.logout();
+        res.redirect("/auth/login");
+      });
+    else {
       req.logout();
+      req.session = null;
       res.redirect("/auth/login");
-    });
-  else {
-    req.logout();
-    req.session = null;
-    res.redirect("/auth/login");
+    }
   }
 });
 
@@ -978,6 +987,11 @@ router.post(
       }
     Trigger.emitEvent("Login", null, req.user);
     req.flash("success", req.__("Welcome, %s!", req.user.email));
+    if (req.smr) {
+      const dbUser = await User.findOne({ id: req.user.id });
+      if (!dbUser.last_mobile_login)
+        await dbUser.updateLastMobileLogin(new Date());
+    }
     if (getState().get2FApolicy(req.user) === "Mandatory") {
       res.redirect("/auth/twofa/setup/totp");
     } else res.redirect("/");
@@ -1010,6 +1024,17 @@ router.get(
   })
 );
 
+/*
+  returns if 'req.user' is an authenticated user
+ */
+router.get(
+  "/authenticated",
+  error_catcher((req, res, next) => {
+    const isAuth = req.user && req.user.id ? true : false;
+    res.json({ authenticated: isAuth });
+  })
+);
+
 /**
  * @name post/login-with/:method
  * @function
@@ -1195,6 +1220,7 @@ const userSettings = async ({ req, res, pwform, user }) => {
         ? [
             {
               type: "card",
+              class: "mt-0",
               title: userSetsName,
               contents: usersets,
             },
@@ -1203,6 +1229,7 @@ const userSettings = async ({ req, res, pwform, user }) => {
       {
         type: "card",
         title: req.__("User"),
+        class: !usersets && "mt-0",
         contents: table(
           tbody(
             tr(

package/locales/en.json

@@ -916,5 +916,8 @@
 	"Delete old backup files in this directory after the set number of days": "Delete old backup files in this directory after the set number of days",
 	"Mobile app": "Mobile app",
 	"Build mobile app": "Build mobile app",
-	"Build Result": "Build Result"
+	"Build Result": "Build Result",
+	"Download automated backup": "Download automated backup",
+	"Restoring automated backup": "Restoring automated backup",
+	"No errors detected during configuration check": "No errors detected during configuration check"
 }

package/markup/admin.js

@@ -124,6 +124,7 @@ const send_settings_page = ({
     : [
         {
           type: "card",
+          class: "mt-0",
           contents: div(
             { class: "d-flex" },
             ul(

package/package.json

@@ -1,17 +1,17 @@
 {
   "name": "@saltcorn/server",
-  "version": "0.7.3-beta.3",
+  "version": "0.7.3-beta.6",
   "description": "Server app for Saltcorn, open-source no-code platform",
   "homepage": "https://saltcorn.com",
   "main": "index.js",
   "license": "MIT",
   "dependencies": {
-    "@saltcorn/base-plugin": "0.7.3-beta.3",
-    "@saltcorn/builder": "0.7.3-beta.3",
-    "@saltcorn/data": "0.7.3-beta.3",
-    "@saltcorn/admin-models": "0.7.3-beta.3",
-    "@saltcorn/markup": "0.7.3-beta.3",
-    "@saltcorn/sbadmin2": "0.7.3-beta.3",
+    "@saltcorn/base-plugin": "0.7.3-beta.6",
+    "@saltcorn/builder": "0.7.3-beta.6",
+    "@saltcorn/data": "0.7.3-beta.6",
+    "@saltcorn/admin-models": "0.7.3-beta.6",
+    "@saltcorn/markup": "0.7.3-beta.6",
+    "@saltcorn/sbadmin2": "0.7.3-beta.6",
     "@socket.io/cluster-adapter": "^0.1.0",
     "@socket.io/sticky": "^1.0.1",
     "aws-sdk": "^2.1037.0",
@@ -48,7 +48,7 @@
     "pg": "^8.2.1",
     "pluralize": "^8.0.0",
     "qrcode": "1.5.0",
-    "resize-with-sharp-or-jimp": "0.1.4",
+    "resize-with-sharp-or-jimp": "0.1.5",
     "socket.io": "4.2.0",
     "thirty-two": "1.0.2",
     "tmp-promise": "^3.0.2",

package/public/gridedit.js

@@ -76,6 +76,8 @@ function isoDateTimeFormatter(cell, formatterParams, onRendered) {
 function isoDateFormatter(cell, formatterParams, onRendered) {
   const val = cell.getValue();
   if (!val) return "";
+  if (formatterParams && formatterParams.format)
+    return moment(val).format(formatterParams.format);
 
   return new Date(val).toLocaleDateString(window.detected_locale || "en");
 }
@@ -144,6 +146,10 @@ function add_tabulator_row() {
 }
 
 function delete_tabulator_row(e, cell) {
+  const def = cell.getColumn().getDefinition();
+  if (def && def.formatterParams && def.formatterParams.confirm) {
+    if (!confirm("Are you sure you want to delete this row?")) return;
+  }
   const row = cell.getRow().getData();
   if (!row.id) {
     cell.getRow().delete();

package/public/jquery-menu-editor.min.js

@@ -117,7 +117,7 @@ function MenuEditor(e, t) {
             (n.prev("div").children(".sortableListsOpener").first().remove(),
             n.remove()),
           MenuEditor.updateButtons(s);
-          l.onUpdate();
+        l.onUpdate();
       }
     }),
     $(document).on("click", ".btnEdit", function (e) {
@@ -132,6 +132,9 @@ function MenuEditor(e, t) {
                 "checked",
                 true
               );
+            } else if (el.prop("tagName") == "SELECT") {
+              el.val(t);
+              el.attr("data-selected", t);
             } else el.val(t);
           }),
             i.find(".item-menu").first().focus(),
@@ -164,7 +167,7 @@ function MenuEditor(e, t) {
           t.remove()),
         MenuEditor.updateButtons(s),
         s.updateLevels();
-        l.onUpdate();
+      l.onUpdate();
     }),
     s.on("click", ".btnIn", function (e) {
       e.preventDefault();

package/public/saltcorn-common.js

@@ -63,8 +63,8 @@ function apply_showif() {
       .val();
 
     var options = data[1][val];
-    var current = e.attr("data-selected");
-    //console.log({ val, options, current, data });
+    var current = e.attr("data-selected") || e.val();
+    //console.log({ field: e.attr("name"), target: data[0], val, current });
     e.empty();
     (options || []).forEach((o) => {
       if (
@@ -87,6 +87,39 @@ function apply_showif() {
       e.attr("data-selected", ec.target.value);
     });
   });
+  $("[data-fetch-options]").each(function (ix, element) {
+    const e = $(element);
+    const rec = get_form_record(e);
+    const dynwhere = JSON.parse(
+      decodeURIComponent(e.attr("data-fetch-options"))
+    );
+    //console.log(dynwhere);
+    const qs = Object.entries(dynwhere.whereParsed)
+      .map(([k, v]) => `${k}=${v[0] === "$" ? rec[v.substring(1)] : v}`)
+      .join("&");
+    var current = e.attr("data-selected");
+    e.change(function (ec) {
+      e.attr("data-selected", ec.target.value);
+    });
+    $.ajax(`/api/${dynwhere.table}?${qs}`).then((resp) => {
+      if (resp.success) {
+        e.empty();
+        if (!dynwhere.required) e.append($(`<option></option>`));
+        resp.success.forEach((r) => {
+          e.append(
+            $(
+              `<option ${
+                `${current}` === `${r[dynwhere.refname]}` ? "selected" : ""
+              } value="${r[dynwhere.refname]}">${
+                r[dynwhere.summary_field]
+              }</option>`
+            )
+          );
+        });
+      }
+    });
+  });
+
   $("[data-source-url]").each(function (ix, element) {
     const e = $(element);
     const rec = get_form_record(e);
@@ -631,4 +664,3 @@ function cancel_form(form) {
   $(form).append(`<input type="hidden" name="_cancel" value="on">`);
   $(form).submit();
 }
-

package/public/saltcorn.js

@@ -169,7 +169,7 @@ function close_saltcorn_modal() {
   if (modal) modal.dispose();
 }
 
-function ajax_modal(url, opts = {}) {
+function ensure_modal_exists_and_closed() {
   if ($("#scmodal").length === 0) {
     $("body").append(`<div id="scmodal", class="modal">
     <div class="modal-dialog">
@@ -188,6 +188,19 @@ function ajax_modal(url, opts = {}) {
   } else if ($("#scmodal").hasClass("show")) {
     close_saltcorn_modal();
   }
+}
+
+function expand_thumbnail(img_id, filename) {
+  ensure_modal_exists_and_closed();
+  $("#scmodal .modal-body").html(
+    `<img src="/files/serve/${img_id}" style="width: 100%">`
+  );
+  $("#scmodal .modal-title").html(decodeURIComponent(filename));
+  new bootstrap.Modal($("#scmodal")).show();
+}
+
+function ajax_modal(url, opts = {}) {
+  ensure_modal_exists_and_closed();
   if (opts.submitReload === false) $("#scmodal").addClass("no-submit-reload");
   else $("#scmodal").removeClass("no-submit-reload");
   $.ajax(url, {
@@ -296,7 +309,11 @@ function ajax_post(url, args) {
       "CSRF-Token": _sc_globalCsrf,
     },
     ...(args || {}),
-  }).done(ajax_done);
+  })
+    .done(ajax_done)
+    .fail((e) =>
+      ajax_done(e.responseJSON || { error: "Unknown error: " + e.responseText })
+    );
 }
 function ajax_post_btn(e, reload_on_done, reload_delay) {
   var form = $(e).closest("form");

package/routes/admin.js

@@ -43,6 +43,9 @@ const {
   option,
   fieldset,
   legend,
+  ul,
+  li,
+  ol,
 } = require("@saltcorn/markup/tags");
 const db = require("@saltcorn/data/db");
 const {
@@ -370,7 +373,13 @@ router.get(
             ? {
                 type: "card",
                 title: req.__("Automated backup"),
-                contents: div(renderForm(backupForm, req.csrfToken())),
+                contents: div(
+                  renderForm(backupForm, req.csrfToken()),
+                  a(
+                    { href: "/admin/auto-backup-list" },
+                    "Restore/download automated backups »"
+                  )
+                ),
               }
             : { type: "blank", contents: "" },
         ],
@@ -379,6 +388,93 @@ router.get(
   })
 );
 
+/**
+ * @name get/backup
+ * @function
+ * @memberof module:routes/admin~routes/adminRouter
+ */
+router.get(
+  "/auto-backup-list",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    const isRoot = db.getTenantSchema() === db.connectObj.default_schema;
+    if (!isRoot) {
+      res.redirect("/admin/backup");
+      return;
+    }
+    const auto_backup_directory = getState().getConfig("auto_backup_directory");
+    const fileNms = await fs.promises.readdir(auto_backup_directory);
+    const backupFiles = fileNms.filter(
+      (fnm) => fnm.startsWith("sc-backup") && fnm.endsWith(".zip")
+    );
+    send_admin_page({
+      res,
+      req,
+      active_sub: "Backup",
+      contents: {
+        above: [
+          {
+            type: "card",
+            title: req.__("Download automated backup"),
+            contents: div(
+              ul(
+                backupFiles.map((fnm) =>
+                  li(
+                    a(
+                      {
+                        href: `/admin/auto-backup-download/${encodeURIComponent(
+                          fnm
+                        )}`,
+                      },
+                      fnm
+                    )
+                  )
+                )
+              )
+            ),
+          },
+          {
+            type: "card",
+            title: req.__("Restoring automated backup"),
+            contents: div(
+              ol(
+                li("Download one of the backups above"),
+                li(
+                  a({ href: "/admin/clear-all" }, "Clear this application"),
+                  " ",
+                  "(tick all boxes)"
+                ),
+                li(
+                  "When prompted to create the first user, click the link to restore a backup"
+                ),
+                li("Select the downloaded backup file")
+              )
+            ),
+          },
+        ],
+      },
+    });
+  })
+);
+
+router.get(
+  "/auto-backup-download/:filename",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    const { filename } = req.params;
+    const isRoot = db.getTenantSchema() === db.connectObj.default_schema;
+    if (
+      !isRoot ||
+      !(filename.startsWith("sc-backup") && filename.endsWith(".zip"))
+    ) {
+      res.redirect("/admin/backup");
+      return;
+    }
+    const auto_backup_directory = getState().getConfig("auto_backup_directory");
+    res.download(path.join(auto_backup_directory, filename), filename);
+  })
+);
+
 /**
  * Auto backup Form
  * @param {object} req
@@ -1141,15 +1237,23 @@ router.post(
         "error",
         req.__("Please select at least one platform (android or iOS).")
       );
-      return res.redirect("/admin/system");
+      return res.redirect("/admin/build-mobile-app");
     }
     if (!androidPlatform && useDocker) {
       req.flash("error", req.__("Only the android build supports docker."));
-      return res.redirect("/admin/system");
+      return res.redirect("/admin/build-mobile-app");
     }
     if (appFile && !appFile.endsWith(".apk")) appFile = `${appFile}.apk`;
     const appOut = path.join(__dirname, "..", "mobile-app-out");
-    const spawnParams = ["build-app", "-v", entryView, "-c", appOut];
+    const spawnParams = [
+      "build-app",
+      "-v",
+      entryView,
+      "-c",
+      appOut,
+      "-b",
+      "/tmp/mobile_app_build",
+    ];
     if (useDocker) spawnParams.push("-d");
     if (androidPlatform) spawnParams.push("-p", "android");
     if (iOSPlatform) spawnParams.push("-p", "ios");
@@ -1164,8 +1268,8 @@ router.post(
       // console.log(data.toString());
       childOutputs.push(data.toString());
     });
-    child.on("exit", async function (code, signal) {
-      if (code === 0) {
+    child.on("exit", async function (exitCode, signal) {
+      if (exitCode === 0) {
         const file = await File.from_existing_file(
           appOut,
           appFile ? appFile : "app-debug.apk",
@@ -1187,9 +1291,11 @@ router.post(
             {
               type: "card",
               title: req.__("Build Result"),
-              contents: div("Unable to build the app"),
+              contents: div(
+                "Unable to build the app:",
+                pre(code(childOutputs.join("<br/>")))
+              ),
             },
-            childOutputs.join("<br/>"),
           ],
         });
     });
@@ -1201,9 +1307,12 @@ router.post(
           {
             type: "card",
             title: req.__("Build Result"),
-            contents: div("Unable to build the app"),
+            contents: div(
+              p("Unable to build the app:"),
+              pre(code(message)),
+              pre(code(stack))
+            ),
           },
-          `${message} <br/> ${stack}`,
         ],
       });
     });

package/routes/fields.js

@@ -488,6 +488,7 @@ router.get(
         },
         {
           type: "card",
+          class: "mt-0",
           title: wizardCardTitle(field.label, wf, wfres),
           contents: renderForm(wfres.renderForm, req.csrfToken()),
         },
@@ -524,6 +525,7 @@ router.get(
         },
         {
           type: "card",
+          class: "mt-0",
           title: wizardCardTitle(req.__(`New field`), wf, wfres),
           contents: renderForm(wfres.renderForm, req.csrfToken()),
         },
@@ -589,6 +591,7 @@ router.post(
           },
           {
             type: "card",
+            class: "mt-0",
             title: wizardCardTitle(
               wfres.context.label || req.__("New field"),
               wf,

package/routes/files.js

@@ -184,11 +184,11 @@ router.get(
  * @function
  */
 router.get(
-  "/resize/:id/:width_str",
+  "/resize/:id/:width_str/:height_str?",
   error_catcher(async (req, res) => {
     const role = req.user && req.user.id ? req.user.role_id : 10;
     const user_id = req.user && req.user.id;
-    const { id, width_str } = req.params;
+    const { id, width_str, height_str } = req.params;
     let file;
     if (typeof strictParseInt(id) !== "undefined")
       file = await File.findOne({ id });
@@ -208,15 +208,17 @@ router.get(
       if (file.s3_store) s3storage.serveObject(file, res, false);
       else {
         const width = strictParseInt(width_str);
+        const height = height_str ? strictParseInt(height_str) : null;
         if (!width) {
           res.sendFile(file.location);
           return;
         }
-        const fnm = `${file.location}_w${width}`;
+        const fnm = `${file.location}_w${width}${height ? `_h${height}` : ""}`;
         if (!fs.existsSync(fnm)) {
           await resizer({
             fromFileName: file.location,
             width,
+            height,
             toFileName: fnm,
           });
         }

package/routes/homepage.js

@@ -49,7 +49,7 @@ const tableTable = (tables, req) =>
  */
 const tableCard = (tables, req) => ({
   type: "card",
-  class: "welcome-page-entity-list",
+  class: "welcome-page-entity-list mt-1",
   title: link("/table", req.__("Tables")),
   contents:
     (tables.length <= 1
@@ -102,7 +102,7 @@ const viewTable = (views, req) =>
 const viewCard = (views, req) => ({
   type: "card",
   title: link("/viewedit", req.__("Views")),
-  class: "welcome-page-entity-list",
+  class: "welcome-page-entity-list mt-1",
   bodyClass: "py-0  pe-0",
   contents:
     (views.length <= 1
@@ -156,7 +156,7 @@ const pageTable = (pages, req) =>
 const pageCard = (pages, req) => ({
   type: "card",
   title: link("/pageedit", req.__("Pages")),
-  class: "welcome-page-entity-list",
+  class: "welcome-page-entity-list mt-1",
   contents:
     (pages.length <= 1
       ? p(
@@ -369,9 +369,9 @@ const welcome_page = async (req) => {
     above: [
       {
         besides: [
-          pageCard(pages, req),
-          viewCard(views, req),
           tableCard(tables, req),
+          viewCard(views, req),
+          pageCard(pages, req),
         ],
       },
       {
@@ -380,7 +380,7 @@ const welcome_page = async (req) => {
             type: "card",
             //title: req.__("Install pack"),
             bodyClass: "py-0 pe-0",
-            class: "welcome-page-entity-list",
+            class: "welcome-page-entity-list mt-2",
 
             tabContents:
               triggers.length > 0
@@ -399,7 +399,7 @@ const welcome_page = async (req) => {
             type: "card",
             //title: req.__("Learn"),
             bodyClass: "py-0 pe-0",
-            class: "welcome-page-entity-list",
+            class: "welcome-page-entity-list mt-2",
             tabContents:
               users.length > 4
                 ? {

package/routes/pageedit.js

@@ -326,6 +326,7 @@ router.get(
         {
           type: "card",
           title: req.__("Your pages"),
+          class: "mt-0",
           contents: getPageList(pages, roles, req),
         },
         {

package/routes/plugins.js

@@ -506,6 +506,7 @@ const plugin_store_html = (items, req) => {
       },
       {
         type: "card",
+        class: "mt-0",
         contents: div(
           { class: "d-flex justify-content-between" },
           storeNavPills(req),

package/routes/tables.js

@@ -448,6 +448,7 @@ router.get(
           },
           {
             type: "card",
+            class: "mt-0",
             title: cardHeaderTabs([
               { label: req.__("Your tables"), href: "/table" },
               {
@@ -636,7 +637,9 @@ router.get(
     }
     var viewCard;
     if (fields.length > 0) {
-      const views = await View.find({ table_id: table.id });
+      const views = await View.find(
+        table.external ? { exttable_name: table.name } : { table_id: table.id }
+      );
       var viewCardContents;
       if (views.length > 0) {
         viewCardContents = mkTable(
@@ -801,15 +804,12 @@ router.get(
           type: "breadcrumbs",
           crumbs: [
             { text: req.__("Tables"), href: "/table" },
-            { text: table.name },
+            { text: span({ class: "fw-bold text-body" }, table.name) },
           ],
         },
-        {
-          type: "pageHeader",
-          title: req.__(`%s table`, table.name),
-        },
         {
           type: "card",
+          class: "mt-0",
           title: req.__("Fields"),
           contents: fieldCard,
         },
@@ -1076,6 +1076,7 @@ router.get(
         },
         {
           type: "card",
+          class: "mt-0",
           title: cardHeaderTabs([
             { label: req.__("Your tables"), href: "/table", active: true },
             {

package/routes/viewedit.js

@@ -197,6 +197,7 @@ router.get(
         },
         {
           type: "card",
+          class: "mt-0",
           title: req.__("Your views"),
           contents: [
             viewMarkup,
@@ -378,6 +379,7 @@ router.get(
         },
         {
           type: "card",
+          class: "mt-0",
           title: req.__(`Edit %s view`, viewname),
           contents: renderForm(form, req.csrfToken()),
         },
@@ -415,6 +417,7 @@ router.get(
         },
         {
           type: "card",
+          class: "mt-0",
           title: req.__(`Create view`),
           contents: renderForm(form, req.csrfToken()),
         },
@@ -452,6 +455,7 @@ router.post(
           },
           {
             type: "card",
+            class: "mt-0",
             title: req.__(`Edit view`),
             contents: renderForm(form, req.csrfToken()),
           },
@@ -527,6 +531,7 @@ const respondWorkflow = (view, wf, wfres, req, res) => {
       },
       {
         type: noCard ? "container" : "card",
+        class: !noCard && "mt-0",
         title: wfres.title,
         contents,
       },

package/tests/tenant.test.js

@@ -10,6 +10,7 @@ const {
   toInclude,
   toNotInclude,
 } = require("../auth/testhelp");
+const { getState } = require("@saltcorn/data/db/state");
 
 afterAll(db.close);
 
@@ -24,6 +25,8 @@ describe("tenant routes", () => {
   if (!db.isSQLite) {
     it("shows create form", async () => {
       db.enable_multi_tenant();
+      await getState().setConfig("role_to_create_tenant", "10");
+
       const app = await getApp({ disableCsrf: true });
       await request(app).get("/tenant/create").expect(toInclude("subdomain"));
     });
@@ -37,6 +40,8 @@ describe("tenant routes", () => {
     });
     it("creates tenant with capital letter", async () => {
       db.enable_multi_tenant();
+      await getState().setConfig("role_to_create_tenant", "10");
+
       const app = await getApp({ disableCsrf: true });
       await request(app)
         .post("/tenant/create")
@@ -46,6 +51,7 @@ describe("tenant routes", () => {
     });
     it("rejects existing tenant", async () => {
       db.enable_multi_tenant();
+      await getState().setConfig("role_to_create_tenant", "10");
       const app = await getApp({ disableCsrf: true });
       await request(app)
         .post("/tenant/create")